/** * Saves changes to an order * * @return void */ public function saveTask() { // Check for request forgeries Request::checkToken(); $statusmsg = ''; $data = array_map('trim', $_POST); $action = isset($data['action']) ? $data['action'] : ''; $id = $data['id'] ? $data['id'] : 0; $cost = intval($data['total']); if ($id) { // initiate extended database class $row = new Order($this->database); $row->load($id); $row->notes = \Hubzero\Utility\Sanitize::clean($data['notes']); $hold = $row->total; $row->total = $cost; // get user bank account $xprofile = User::getInstance($row->uid); $BTL_Q = new Teller($this->database, $xprofile->get('id')); switch ($action) { case 'complete_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // debit account if ($cost > 0) { $BTL_Q->withdraw($cost, Lang::txt('COM_STORE_BANKING_PURCHASE') . ' #' . $id, 'store', $id); } // update order information $row->status_changed = Date::toSql(); $row->status = 1; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_COMPLETED')) . '.'; break; case 'cancel_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // update order information $row->status_changed = Date::toSql(); $row->status = 2; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_CANCELLED')) . '.'; break; case 'message': $statusmsg = Lang::txt('COM_STORE_MSG_SENT') . '.'; break; default: $statusmsg = Lang::txt('COM_STORE_ORDER_DETAILS_UPDATED') . '.'; break; } // check content if (!$row->check()) { throw new Exception($row->getError(), 500); return; } // store new content if (!$row->store()) { throw new Exception($row->getError(), 500); } // send email if ($action || $data['message']) { if (\Hubzero\Utility\Validate::email($row->email)) { $message = new \Hubzero\Mail\Message(); $message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_UPDATE_SHORT', $id)); $message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt('COM_STORE_STORE')); // Plain text email $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => '_plain')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->orderid = $id; $eview->cost = $cost; $eview->row = $row; $eview->action = $action; $eview->message = \Hubzero\Utility\Sanitize::stripAll($data['message']); $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $message->addPart($plain, 'text/plain'); // HTML email $eview->setLayout('_html'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); $message->addPart($html, 'text/html'); // Send e-mail $message->setTo(array($row->email)); $message->send(); } } } App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $statusmsg); }
/** * Finalize the purchase process * * @return void */ public function finalizeTask() { // Check for request forgeries Request::checkToken(); // Set page title $this->_buildTitle(); // Set the pathway $this->_buildPathway(); // Check authorization if (User::isGuest()) { $this->loginTask(); return; } $now = \Date::toSql(); // Get cart object $item = new Cart($this->database); // Calculate total $cost = $item->getCartItems(User::get('id'), 'cost'); // Check available user funds $BTL = new Teller(User::get('id')); $balance = $BTL->summary(); $credit = $BTL->credit_summary(); $funds = $balance - $credit; $funds = $funds > 0 ? $funds : '0'; // Get cart items $items = $item->getCartItems(User::get('id')); if (!$items or $cost > $funds) { $this->cartTask(); return; } // Get shipping info $shipping = array_map('trim', $_POST); // make sure email address is valid $email = \Hubzero\Utility\Validate::email($shipping['email']) ? $shipping['email'] : User::get('email'); // Format posted info $details = Lang::txt('COM_STORE_SHIP_TO') . ':' . "\r\n"; $details .= $shipping['name'] . "\r\n"; $details .= Sanitize::stripAll($shipping['address']) . "\r\n"; $details .= Lang::txt('COM_STORE_COUNTRY') . ': ' . $shipping['country'] . "\r\n"; $details .= '----------------------------------------------------------' . "\r\n"; $details .= Lang::txt('COM_STORE_CONTACT') . ': ' . "\r\n"; if ($shipping['phone']) { $details .= $shipping['phone'] . "\r\n"; } $details .= $email . "\r\n"; $details .= '----------------------------------------------------------' . "\r\n"; $details .= Lang::txt('COM_STORE_DETAILS') . ': '; $details .= $shipping['comments'] ? "\r\n" . Sanitize::stripAll($shipping['comments']) : 'N/A'; // Register a new order $order = new Order($this->database); $order->uid = User::get('id'); $order->total = $cost; $order->status = '0'; // order placed $order->ordered = $now; $order->email = $email; $order->details = $details; // Store new content if (!$order->store()) { throw new Exception($order->getError(), 500); } // Get order ID $objO = new Order($this->database); $orderid = $objO->getOrderID(User::get('id'), $now); if ($orderid) { // Transfer cart items to order foreach ($items as $itm) { $orderitem = new OrderItem($this->database); $orderitem->uid = User::get('id'); $orderitem->oid = $orderid; $orderitem->itemid = $itm->itemid; $orderitem->price = $itm->price; $orderitem->quantity = $itm->quantity; $orderitem->selections = $itm->selections; // Save order item if (!$orderitem->store()) { throw new Exception($orderitem->getError(), 500); } } // Put the purchase amount on hold $BTL = new Teller(User::get('id')); $BTL->hold($order->total, Lang::txt('COM_STORE_BANKING_HOLD'), 'store', $orderid); $message = new \Hubzero\Mail\Message(); $message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_SUBJECT_NEW_ORDER', $orderid)); $message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_option))); // Plain text email $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'confirmation_plain')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->orderid = $orderid; $eview->cost = $cost; $eview->shipping = $shipping; $eview->details = $details; $eview->items = $items; $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $message->addPart($plain, 'text/plain'); // HTML email $eview->setLayout('confirmation_html'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); $message->addPart($html, 'text/html'); // Send e-mail $message->setTo(array(User::get('email'))); $message->send(); } // Empty cart $item->deleteCartItem('', User::get('id'), 'all'); if ($this->getError()) { \Notify::message($this->getError(), 'error'); } else { \Notify::message(Lang::txt('COM_STORE_SUCCESS_MESSAGE', $orderid), 'success'); } App::redirect(Route::url('index.php?option=' . $this->_option)); return; }