function controlToHTML($name, $label) { $opts_template = get_template_for_action('common', 'configopts', null); $opts_template->assign('opts', $this->opts); $html = ' <div class="yui-skin-sam"> <div id="demo"> <div id="leftopts">'; $html .= $opts_template->render(); $html .= '</div> </div> </div> '; $script = "\n\t\t\tvar cp = new configPanel(" . $this->title . ", 'leftopts', '" . $this->welcome . "', 750, 450);\n\t\t cp.fire();\n\t\t"; expJavascript::pushToFoot(array("unique" => 'cfgmgr', "yui2mods" => 'dragdrop,element,animation,resize,layout', "yui3mods" => null, "content" => '//comment', "src" => PATH_RELATIVE . 'framework/core/assets/js/exp-layout.js')); return $html; }
function processQuickPay() { global $order, $template; // reuse the confirm action's template $template = get_template_for_action($this, 'confirm', $this->loc); if (!empty($this->params['billing'])) { $billing = new billing(); $billing->billingmethod->setAddress($this->params['billing']); } if (!empty($this->params['shipping'])) { die('NEED TO IMPLEMENT THE SHIPPING PIECE!!'); //TODO $shipping = new shipping(); $shipping->shippingingmethod->setAddress($this->params['shipping']); assign_to_template(array('shipping' => $shipping)); } $opts = $billing->calculator->userFormUpdate($this->params); $order->calculateGrandTotal(); expSession::set('billing_options', $opts); assign_to_template(array('billing' => $billing, 'order' => $order, 'total' => $order->total, 'billinginfo' => $billing->calculator->userView($opts), 'nologin' => 1)); }
function process_orders() { /* Testing */ /*echo "Here?"; $inv = 30234; $req = 'a29f9shsgh32hsf80s7'; $amt = 101.00; for($count=1;$count<=25;$count+=2) { $data[2] = $inv + $count; $amt += $count*$count; $successSet[$count]['message'] = "Sucessfully imported row " . $count . ", order: " . $data[2] . "<br/>"; $successSet[$count]['order_id'] = $data[2]; $successSet[$count]['amount'] = $amt; $successSet[$count]['request_id'] = $req; $successSet[$count]['reference_id'] = $req; $successSet[$count]['authorization_code'] = $req; $successSet[$count]['shipping_tracking_number'] = '1ZNF453937547'; $successSet[$count]['carrier'] = 'UPS'; } for($count=2;$count<=25;$count+=2) { $data[2] = $inv + $count; $amt += $count*$count; $errorSet[$count]['error_code'] = '42'; $errorSet[$count]['message'] = "No go for some odd reason. Try again."; $errorSet[$count]['order_id'] = $data[2]; $errorSet[$count]['amount'] = $amt; } assign_to_template(array('errorSet'=>$errorSet, 'successSet'=>$successSet)); return;*/ ########### global $db; $template = get_template_for_action(new orderController(), 'setStatus', $this->loc); //eDebug($_FILES); //eDebug($this->params,true); set_time_limit(0); //$file = new expFile($this->params['expFile']['batch_process_upload'][0]); if (!empty($_FILES['batch_upload_file']['error'])) { flash('error', gt('There was an error uploading your file. Please try again.')); redirect_to(array('controller' => 'store', 'action' => 'batch_process')); } $file->path = $_FILES['batch_upload_file']['tmp_name']; echo "Validating file...<br/>"; $checkhandle = fopen($file->path, "r"); $checkdata = fgetcsv($checkhandle, 10000, ","); $fieldCount = count($checkdata); $count = 1; while (($checkdata = fgetcsv($checkhandle, 10000, ",")) !== FALSE) { $count++; if (count($checkdata) != $fieldCount) { echo "Line " . $count . " of your CSV import file does not contain the correct number of columns.<br/>"; echo "Found " . $fieldCount . " header fields, but only " . count($checkdata) . " field in row " . $count . " Please check your file and try again."; exit; } } fclose($checkhandle); echo "<br/>CSV File passed validation...<br/><br/>Detecting carrier type....<br/>"; //exit(); $handle = fopen($file->path, "r"); $data = fgetcsv($handle, 10000, ","); //eDebug($data); $dataset = array(); $carrier = ''; if (trim($data[0]) == 'ShipmentInformationShipmentID') { echo "Detected UPS file...<br/>"; $carrier = "UPS"; $carrierTrackingLink = "http://wwwapps.ups.com/etracking/tracking.cgi?TypeOfInquiryNumber=T&InquiryNumber1="; } elseif (trim($data[0]) == 'PIC') { echo "Detected United States Post Service file...<br/>"; $carrier = "USPS"; $carrierTrackingLink = "http://trkcnfrm1.smi.usps.com/PTSInternetWeb/InterLabelInquiry.do?origTrackNum="; } //eDebug($carrier); $count = 1; $errorSet = array(); $successSet = array(); $oo = new order(); while (($data = fgetcsv($handle, 10000, ",")) !== FALSE) { $count++; $originalOrderId = $data[2]; $data[2] = intval($data[2]); $order = null; $bm = null; $transactionState = null; //check for valid order number - if not present or not order, fail and continue with next record if (isset($data[2]) && !empty($data[2])) { $order = $oo->findBy('invoice_id', $data[2]); if (empty($order->id)) { $errorSet[$count]['message'] = $originalOrderId . " is not a valid order in this system."; $errorSet[$count]['order_id'] = $originalOrderId; continue; } } else { $errorSet[$count]['message'] = "Row " . $count . " has no order number."; $errorSet[$count]['order_id'] = "N/A"; continue; } /*we have a valid order, so let's see what we can do: */ //set status of order to var $currentStat = $order->order_status; //eDebug($currentStat,true); //-- check the order for a closed status - if so, do NOT process or set shipping if ($currentStat->treat_as_closed == true) { $errorSet[$count]['message'] = "This is currently a closed order. Not processing."; $errorSet[$count]['order_id'] = $data[2]; continue; } //ok, if we made it here we have a valid order that is "open" //we'll try to capture the transaction if it's in an authorized state, but set shipping regardless if (isset($order->billingmethod[0])) { $bm = $order->billingmethod[0]; $transactionState = $bm->transaction_state; } else { $bm = null; $transactionState = ''; } if ($transactionState == 'authorized') { //eDebug($order,true); $calc = $bm->billingcalculator->calculator; $calc->config = $bm->billingcalculator->config; if (method_exists($calc, 'delayed_capture')) { //$result = $calc->delayed_capture($bm,$bm->billing_cost); $result = $calc->delayed_capture($bm, $order->grand_total); if ($result->errorCode == 0) { //we've succeeded. transaction already created and billing info updated. //just need to set the order shipping info, check and see if we send user an email, and set statuses. //shipping info: $successSet[$count]['order_id'] = $data[2]; $successSet[$count]['message'] = "Sucessfully captured order " . $data[2] . " and set shipping information."; $successSet[$count]['amount'] = $order->grand_total; $successSet[$count]['request_id'] = $result->request_id; $successSet[$count]['reference_id'] = $result->PNREF; $successSet[$count]['authorization_code'] = $result->AUTHCODE; $successSet[$count]['shipping_tracking_number'] = $data[0]; $successSet[$count]['carrier'] = $carrier; } else { //failed capture, so we report the error but still set the shipping information //because it's already out the door //$failMessage = "Attempted to delay capture order " . $data[2] . " and it failed with the following error: " . $result->errorCode . " - " .$result->message; //if the user seelected to set a different status for failed orders, set it here. /*if(isset($this->params['order_status_fail'][0]) && $this->params['order_status_fail'][0] > -1) { $change = new order_status_changes(); // save the changes $change->from_status_id = $order->order_status_id; //$change->comment = $this->params['comment']; $change->to_status_id = $this->params['order_status_fail'][0]; $change->orders_id = $order->id; $change->save(); // update the status of the order $order->order_status_id = $this->params['order_status_fail'][0]; $order->save(); }*/ $errorSet[$count]['error_code'] = $result->errorCode; $errorSet[$count]['message'] = "Capture failed: " . $result->message . "<br/>Setting shipping information."; $errorSet[$count]['order_id'] = $data[2]; $errorSet[$count]['amount'] = $order->grand_total; $errorSet[$count]['shipping_tracking_number'] = $data[0]; $errorSet[$count]['carrier'] = $carrier; //continue; } } else { //dont suppose we do anything here, as it may be set to approved manually //$errorSet[$count] = "Order " . $data[2] . " does not use a billing method with delayed capture ability."; $successSet[$count]['message'] = 'No capture processing available for order:' . $data[2] . '. Setting shipping information.'; $successSet[$count]['order_id'] = $data[2]; $successSet[$count]['amount'] = $order->grand_total; $successSet[$count]['shipping_tracking_number'] = $data[0]; $successSet[$count]['carrier'] = $carrier; } } else { $successSet[$count]['message'] = 'No processing necessary for order:' . $data[2] . '. Setting shipping information.'; $successSet[$count]['order_id'] = $data[2]; $successSet[$count]['amount'] = $order->grand_total; $successSet[$count]['shipping_tracking_number'] = $data[0]; $successSet[$count]['carrier'] = $carrier; } $order->shipped = time(); $order->shipping_tracking_number = $data[0]; $order->save(); $s = array_pop($order->shippingmethods); $sm = new shippingmethod($s->id); $sm->carrier = $carrier; $sm->save(); //statuses and email if (isset($this->params['order_status_success'][0]) && $this->params['order_status_success'][0] > -1) { $change = new order_status_changes(); // save the changes $change->from_status_id = $order->order_status_id; //$change->comment = $this->params['comment']; $change->to_status_id = $this->params['order_status_success'][0]; $change->orders_id = $order->id; $change->save(); // update the status of the order $order->order_status_id = $this->params['order_status_success'][0]; $order->save(); // email the user if we need to if (!empty($this->params['email_customer'])) { $email_addy = $order->billingmethod[0]->email; if (!empty($email_addy)) { $from_status = $db->selectValue('order_status', 'title', 'id=' . $change->from_status_id); $to_status = $db->selectValue('order_status', 'title', 'id=' . $change->to_status_id); $template->assign(array('comment' => $change->comment, 'to_status' => $to_status, 'from_status' => $from_status, 'order' => $order, 'date' => date("F j, Y, g:i a"), 'storename' => ecomconfig::getConfig('storename'), 'include_shipping' => true, 'tracking_link' => $carrierTrackingLink . $order->shipping_tracking_number, 'carrier' => $carrier)); $html = $template->render(); $html .= ecomconfig::getConfig('footer'); try { $mail = new expMail(); $mail->quickSend(array('html_message' => $html, 'text_message' => str_replace("<br>", "\r\n", $template->render()), 'to' => $email_addy, 'from' => ecomconfig::getConfig('from_address'), 'subject' => 'Your Order Has Been Shipped (#' . $order->invoice_id . ') - ' . ecomconfig::getConfig('storename'))); } catch (Exception $e) { //do nothing for now eDebug("Email error:"); eDebug($e); } } //else { // $errorSet[$count]['message'] .= "<br/>Order " . $data[2] . " was captured successfully, however the email notification was not successful."; //} } } //eDebug($product); } assign_to_template(array('errorSet' => $errorSet, 'successSet' => $successSet)); }
public function confirm_password_reset() { global $db; $db->delete('passreset_token', 'expires < ' . time()); $tok = $db->selectObject('passreset_token', 'uid=' . trim($_GET['uid']) . " AND token='" . preg_replace('/[^A-Za-z0-9]/', '', $_GET['token']) . "'"); if ($tok == null) { flash('error', gt('Your password reset has expired. Please try again.')); expHistory::back(); } // create the password $newpass = ''; for ($i = 0; $i < rand(12, 20); $i++) { $num = rand(48, 122); if ($num > 97 && $num < 122 || $num > 65 && $num < 90 || $num > 48 && $num < 57) { $newpass .= chr($num); } else { $i--; } } // look up the user $u = new user($tok->uid); // get the email message body and render it $email = $template = get_template_for_action($this, 'confirm_password_email', $this->loc); $email->assign('newpass', $newpass); $msg = $email->render(); // send the new password to the user $mail = new expMail(); $mail->quickSend(array('html_message' => $msg, 'to' => trim($u->email), 'from' => SMTP_FROMADDRESS, 'subject' => 'Your new password for ' . HOSTNAME)); // Save new password $u->update(array('password' => md5($newpass))); // cleanup the reset token $db->delete('passreset_token', 'uid=' . $tok->uid); flash('message', gt('Your new password has been emailed to your email account.')); // send the user the login page. redirect_to(array('controller' => 'login', 'action' => 'loginredirect')); }
function email() { global $template, $user; // setup a template suitable for emailing $template = get_template_for_action($this, 'email_invoice', $this->loc); $order = new order($this->params['id']); $billing = new billing($this->params['id']); //$css = file_get_contents(BASE.'framework/modules/ecommerce/assets/css/print-invoice.css'); assign_to_template(array('order' => $order, 'shipping' => $order->orderitem[0], 'billing' => $billing)); // build the html and text versions of the message $html = $template->render(); $txt = strip_tags($html); // send email invoices to the admins if needed if (ecomconfig::getConfig('email_invoice') == true) { $addresses = explode(',', ecomconfig::getConfig('email_invoice_addresses')); foreach ($addresses as $address) { $mail = new expMail(); $mail->quickSend(array('html_message' => $html, 'text_message' => $txt, 'to' => trim($address), 'from' => array(ecomconfig::getConfig('from_address') => ecomconfig::getConfig('from_name')), 'subject' => 'An order was placed on the ' . ecomconfig::getConfig('storename'))); } } // email the invoice to the user if we need to if (ecomconfig::getConfig('email_invoice_to_user') == true && !empty($user->email)) { $usermsg = "<p>" . ecomconfig::getConfig('invoice_msg') . "<p>"; $usermsg .= $html; $usermsg .= ecomconfig::getConfig('footer'); $mail = new expMail(); $mail->quickSend(array('html_message' => $usermsg, 'text_message' => $txt, 'to' => $user->email, 'from' => array(ecomconfig::getConfig('from_address') => ecomconfig::getConfig('from_name')), 'subject' => ecomconfig::getConfig('invoice_subject'))); } }
public function signup() { global $db; // check the anti-spam control expValidator::check_antispam($this->params, gt("Anti-spam verification failed. Please try again.")); // make sure we have what we need. if (empty($this->params['email'])) { expQueue::flashAndFlow('error', 'You must supply an email address to sign up for email alerts.'); } if (empty($this->params['ealerts'])) { expQueue::flashAndFlow('error', 'You did not select any E-Alert topics to subscribe to.'); } // find or create the subscriber $id = $db->selectValue('subscribers', 'id', 'email="' . $this->params['email'] . '"'); $subscriber = new subscribers($id); if (empty($subscriber->id)) { $subscriber->email = trim($this->params['email']); $subscriber->hash = md5($subscriber->email . time()); $subscriber->save(); } // delete any old subscriptions and add the user to new subscriptions $db->delete('expeAlerts_subscribers', 'subscribers_id=' . $subscriber->id); foreach ($this->params['ealerts'] as $ea_id) { $obj = null; $obj->subscribers_id = $subscriber->id; $obj->expeAlerts_id = $ea_id; $db->insertObject($obj, 'expeAlerts_subscribers'); } // send a confirmation email to the user. $ealerts = $db->selectObjects('expeAlerts', 'id IN (' . implode(',', $this->params['ealerts']) . ')'); $body = get_template_for_action($this, 'confirmation_email', $this->loc); $body->assign('ealerts', $ealerts); $body->assign('subscriber', $subscriber); $mail = new expMail(); $mail->quickSend(array('html_message' => $body->render(), 'to' => $subscriber->email, 'from' => SMTP_FROMADDRESS, 'subject' => 'Please confirm your E-Alert subscriptions')); redirect_to(array('controller' => 'ealert', 'action' => 'pending', 'id' => $subscriber->id)); }
function renderAction(array $parms = array()) { global $user; //Get some info about the controller $baseControllerName = expModules::getControllerName($parms['controller']); $fullControllerName = expModules::getControllerClassName($parms['controller']); $controllerClass = new ReflectionClass($fullControllerName); // Figure out the action to use...if the specified action doesn't exist then // we look for the index action. if ($controllerClass->hasMethod($parms['action'])) { $action = $parms['action']; /* TODO: Not sure if this needs to be here. FJD $meth = $controllerClass->getMethod($action); if ($meth->isPrivate()) expQueue::flashAndFlow('error', 'The requested action could not be performed: Action not found');*/ } elseif ($controllerClass->hasMethod('index')) { $action = 'index'; } elseif ($controllerClass->hasMethod('showall')) { $action = 'showall'; } else { expQueue::flashAndFlow('error', gt('The requested action could not be performed: Action not found')); } // initialize the controller. $src = isset($parms['src']) ? $parms['src'] : null; $controller = new $fullControllerName($src, $parms); //Set up the template to use for this action global $template; $view = !empty($parms['view']) ? $parms['view'] : $action; $template = get_template_for_action($controller, $view, $controller->loc); // have the controller assign knowledge about itself to the template. // this has to be done after the controller get the template for its actions $controller->moduleSelfAwareness(); //if this controller is being called by a container then we should have a module title. if (isset($parms['moduletitle'])) { $template->assign('moduletitle', $parms['moduletitle']); } //setup some default models for this controller's actions to use foreach ($controller->getModels() as $model) { $controller->{$model} = new $model(null, false, false); //added null,false,false to reduce unnecessary queries. FJD } // add the $_REQUEST values to the controller <- pb: took this out and passed in the params to the controller constructor above //$controller->params = $parms; //check the perms for this action $perms = $controller->permissions(); //we have to treat the update permission a little different..it's tied to the create/edit //permissions. Really the only way this will fail will be if someone bypasses the perm check //on the edit form somehow..like a hacker trying to bypass the form and just submit straight to //the action. To safeguard, we'll catch if the action is update and change it either to create or //edit depending on whether an id param is passed to. that should be sufficient. $common_action = null; if ($parms['action'] == 'update') { $perm_action = !isset($parms['id']) || $parms['id'] == 0 ? 'create' : 'edit'; } elseif ($parms['action'] == 'saveconfig') { $perm_action = 'configure'; } else { // action convention for controllers that manage more than one model (datatype). // if you preface the name action name with a common crud action name we can check perms on // it with the developer needing to specify any...better safe than sorry. // i.e if the action is edit_mymodel it will be checked against the edit permission if (stristr($parms['action'], '_')) { $parts = explode("_", $parms['action']); } $common_action = isset($parts[0]) ? $parts[0] : null; $perm_action = $parms['action']; } if (array_key_exists($perm_action, $perms)) { if (!expPermissions::check($perm_action, $controller->loc)) { if (expTheme::inAction()) { flash('error', gt("You don't have permission to") . " " . $perms[$perm_action]); expHistory::returnTo('viewable'); } else { return false; } } } elseif (array_key_exists($common_action, $perms)) { if (!expPermissions::check($common_action, $controller->loc)) { if (expTheme::inAction()) { flash('error', gt("You don't have permission to") . " " . $perms[$common_action]); expHistory::returnTo('viewable'); } else { return false; } } } elseif (array_key_exists($perm_action, $controller->requires_login)) { // check if the action requires the user to be logged in if (!$user->isLoggedIn()) { $msg = empty($controller->requires_login[$perm_action]) ? gt("You must be logged in to perform this action") : $controller->requires_login[$perm_action]; flash('error', $msg); expHistory::redirecto_login(); } } elseif (array_key_exists($common_action, $controller->requires_login)) { // check if the action requires the user to be logged in if (!$user->isLoggedIn()) { $msg = empty($controller->requires_login[$common_action]) ? gt("You must be logged in to perform this action") : $controller->requires_login[$common_action]; flash('error', $msg); expHistory::redirecto_login(); } } // run the action $controller->{$action}(); //register this controllers permissions to the view for in view perm checks $template->register_permissions(array_keys($perms), $controller->loc); // pass this controllers config off to the view $template->assign('config', $controller->config); // globalizing $user inside all templates $template->assign('user', $user); //assign the controllers basemodel to the view $template->assign('modelname', $controller->basemodel_name); if (empty($parms['no_output'])) { $template->output(); } else { $html = $template->render(); return $html; } //$html = $template->output(); //return $html; }