Exemple #1
	 * Interface processor for the promotion editor
	 * @return void
	function editor () {
		global $Ecart;

		if ( !(is_ecart_userlevel() || current_user_can('ecart_promotions')) )
			wp_die(__('You do not have sufficient permissions to access this page.'));


		if ($_GET['id'] != "new") {
			$Promotion = new Promotion($_GET['id']);
		} else $Promotion = new Promotion();

Exemple #2
	 * Interface processor for the product list manager
	 * @return void
	function products ($workflow=false) {
		global $Ecart;
		$db = DB::get();

		if ( !(is_ecart_userlevel() || current_user_can('ecart_categories')) )
			wp_die(__('You do not have sufficient permissions to access this page.'));

		$defaults = array(
			'pagenum' => 1,
			'per_page' => 500,
			'id' => 0,
			's' => ''
		$args = array_merge($defaults,$_GET);

		$pagenum = absint( $pagenum );
		if ( empty($pagenum) )
			$pagenum = 1;
		if( !$per_page || $per_page < 0 )
			$per_page = 20;
		$start = ($per_page * ($pagenum-1));

		$filters = array();
		// $filters['limit'] = "$start,$per_page";
		if (!empty($s))
			$filters['where'] = "cat.name LIKE '%$s%'";
		else $filters['where'] = "true";

		$Category = new Category($id);

		$catalog_table = DatabaseObject::tablename(Catalog::$table);
		$product_table = DatabaseObject::tablename(Product::$table);
		$columns = "c.id AS cid,p.id,c.priority,p.name";
		$where = "c.parent=$id AND type='category'";
		$query = "SELECT $columns FROM $catalog_table AS c LEFT JOIN $product_table AS p ON c.product=p.id WHERE $where ORDER BY c.priority ASC,p.name ASC LIMIT $start,$per_page";
		$products = $db->query($query);

		$count = $db->query("SELECT count(*) AS total FROM $table");
		$num_pages = ceil($count->total / $per_page);
		$page_links = paginate_links( array(
			'base' => add_query_arg( array('edit'=>null,'pagenum' => '%#%' )),
			'format' => '',
			'total' => $num_pages,
			'current' => $pagenum

		$action = esc_url(

Exemple #3
	 * Interface processor for the customer editor
	 * Handles rendering the interface, processing updated customer details
	 * and handing saving them back to the database
	 * @return void
	function editor () {
		global $Ecart,$Customer;
		$db =& DB::get();

		if ( !(is_ecart_userlevel() || current_user_can('ecart_customers')) )
			wp_die(__('You do not have sufficient permissions to access this page.'));

		if ($_GET['id'] != "new") {
			$Customer = new Customer($_GET['id']);
			$Customer->Billing = new Billing($Customer->id,'customer');
			$Customer->Shipping = new Shipping($Customer->id,'customer');
			if (empty($Customer->id))
				wp_die(__('The requested customer record does not exist.','Ecart'));
		} else $Customer = new Customer();

		if (empty($Customer->info->meta)) remove_meta_box('customer-info','ecart_page_ecart-customers','normal');

		$purchase_table = DatabaseObject::tablename(Purchase::$table);
		$r = $db->query("SELECT count(id) AS purchases,SUM(total) AS total FROM $purchase_table WHERE customer='$Customer->id' LIMIT 1");

		$Customer->orders = $r->purchases;
		$Customer->total = $r->total;

		$countries = array(''=>'&nbsp;');
		$countrydata = Lookup::countries();
		foreach ($countrydata as $iso => $c) {
			if (isset($_POST['settings']) && $_POST['settings']['base_operations']['country'] == $iso)
				$base_region = $c['region'];
			$countries[$iso] = $c['name'];
		$Customer->countries = $countries;

		$regions = Lookup::country_zones();
		$Customer->billing_states = array_merge(array(''=>'&nbsp;'),(array)$regions[$Customer->Billing->country]);
		$Customer->shipping_states = array_merge(array(''=>'&nbsp;'),(array)$regions[$Customer->Shipping->country]);

Exemple #4
	 * Handles saving updates from the product editor
	 * Saves all product related information which includes core product data
	 * and supporting elements such as images, digital downloads, tags,
	 * assigned categories, specs and pricing variations.
	 * @return void
	function save_product ($Product) {
		$db = DB::get();
		$Settings = &EcartSettings();

		if ( !(is_ecart_userlevel() || current_user_can('ecart_products')) )
			wp_die(__('You do not have sufficient permissions to access this page.'));

		$Settings->saveform(); // Save workflow setting

		$base = $Settings->get('base_operations');
		$taxrate = 0;
		if ($base['vat']) $taxrate = ecart_taxrate(null,true,$Product);

		if (empty($_POST['options'])) $Product->options = array();
		else $_POST['options'] = stripslashes_deep($_POST['options']);

		if (empty($Product->slug)) $Product->slug = sanitize_title_with_dashes($_POST['name']);

		// Check for an existing product slug
		$exclude_product = !empty($Product->id)?"AND id != $Product->id":"";
		$existing = $db->query("SELECT slug FROM $Product->_table WHERE slug='$Product->slug' $exclude_product LIMIT 1");
		if ($existing) {
			$suffix = 2;
			while($existing) {
				$altslug = substr($Product->slug, 0, 200-(strlen($suffix)+1)). "-".$suffix++;
				$existing = $db->query("SELECT slug FROM $Product->_table WHERE slug='$altslug' $exclude_product LIMIT 1");
			$Product->slug = $altslug;

		if ($_POST['status'] == "publish") {
			$publishfields = array('month' => '','date' => '','year' => '','hour'=>'','minute'=>'','meridiem'=>'');
			$publishdate = join('',array_merge($publishfields,$_POST['publish']));
			if (!empty($publishdate)) {
				if ($_POST['publish']['meridiem'] == "PM" && $_POST['publish']['hour'] < 12)
					$_POST['publish']['hour'] += 12;
				$_POST['publish'] = mktime($_POST['publish']['hour'],$_POST['publish']['minute'],0,$_POST['publish']['month'],$_POST['publish']['date'],$_POST['publish']['year']);
			} else {
				// Auto set the publish date if not set (or more accurately, if set to an irrelevant timestamp)
				if ($Product->publish <= 86400) $Product->publish = time();
		} else {
			$Product->publish = 0;

		if (isset($_POST['content'])) $_POST['description'] = $_POST['content'];



		if (!empty($_POST['price']) && is_array($_POST['price'])) {

			// Delete prices that were marked for removal
			if (!empty($_POST['deletePrices'])) {
				$deletes = array();
				if (strpos($_POST['deletePrices'],","))	$deletes = explode(',',$_POST['deletePrices']);
				else $deletes = array($_POST['deletePrices']);

				foreach($deletes as $option) {
					$Price = new Price($option);

			// Save prices that there are updates for
			foreach($_POST['price'] as $i => $option) {
				if (empty($option['id'])) {
					$Price = new Price();
					$option['product'] = $Product->id;
				} else $Price = new Price($option['id']);
				$option['sortorder'] = array_search($i,$_POST['sortorder'])+1;

				// Remove VAT amount to save in DB
				if ($base['vat'] && isset($option['tax']) && $option['tax'] == "on") {
					$option['price'] = (floatvalue($option['price'])/(1+$taxrate));
					$option['saleprice'] = (floatvalue($option['saleprice'])/(1+$taxrate));
				$option['shipfee'] = floatvalue($option['shipfee']);

				$option['weight'] = floatvalue($option['weight']);
				if (isset($options['dimensions']) && is_array($options['dimensions']))
					foreach ($option['dimensions'] as &$dimension)
						$dimension = floatvalue($dimension);


				if (!empty($option['download'])) $Price->attach_download($option['download']);

				if (!empty($option['downloadpath'])) { // Attach file specified by URI/path
					if (!empty($Price->download->id) || (empty($Price->download) && $Price->load_download())) {
						$File = $Price->download;
					} else $File = new ProductDownload();

					$stored = false;
					$tmpfile = sanitize_path($option['downloadpath']);

					$File->storage = false;
					$Engine = $File->_engine(); // Set engine from storage settings

					$File->parent = $Price->id;
					$File->context = "price";
					$File->type = "download";
					$File->name = !empty($option['downloadfile'])?$option['downloadfile']:basename($tmpfile);
					$File->filename = $File->name;

					if ($File->found($tmpfile)) {
						$File->uri = $tmpfile;
						$stored = true;
					} else $stored = $File->store($tmpfile,'file');

					if ($stored) {

				} // END attach file by path/uri

		// No variation options at all, delete all variation-pricelines
		if (!empty($Product->prices) && is_array($Product->prices)
				&& (empty($_POST['options']['v']) || empty($_POST['options']['a']))) {
			foreach ($Product->prices as $priceline) {
				// Skip if not tied to variation options
				if ($priceline->optionkey == 0) continue;
				if ((empty($_POST['options']['v']) && $priceline->context == "variation")
					|| (empty($_POST['options']['a']) && $priceline->context == "addon")) {
						$Price = new Price($priceline->id);

		if (!empty($_POST['details']) || !empty($_POST['deletedSpecs'])) {
			$deletes = array();
			if (!empty($_POST['deletedSpecs'])) {
				if (strpos($_POST['deletedSpecs'],","))	$deletes = explode(',',$_POST['deletedSpecs']);
				else $deletes = array($_POST['deletedSpecs']);
				foreach($deletes as $option) {
					$Spec = new Spec($option);

			if (is_array($_POST['details'])) {
				foreach ($_POST['details'] as $i => $spec) {
					if (in_array($spec['id'],$deletes)) continue;
					if (isset($spec['new'])) {
						$Spec = new Spec();
						$spec['id'] = '';
						$spec['parent'] = $Product->id;
					} else $Spec = new Spec($spec['id']);
					$spec['sortorder'] = array_search($i,$_POST['details-sortorder'])+1;


		if (!empty($_POST['deleteImages'])) {
			$deletes = array();
			if (strpos($_POST['deleteImages'],","))	$deletes = explode(',',$_POST['deleteImages']);
			else $deletes = array($_POST['deleteImages']);

		if (!empty($_POST['images']) && is_array($_POST['images'])) {
			if (!empty($_POST['imagedetails']))


		return true;
Exemple #5
	 * Interface processor for the order manager
	 * @return void
	function manager () {
		global $Ecart,$UI,$Notes;
		global $is_IIS;

		if ( !(is_ecart_userlevel() || current_user_can('ecart_orders')) )
			wp_die(__('You do not have sufficient permissions to access this page.','Ecart'));

		$Purchase = $Ecart->Purchase;
		$Purchase->Customer = new Customer($Purchase->customer);

		// Handle Order note processing
		if (!empty($_POST['note'])) {
			$user = wp_get_current_user();
			$Note = new MetaObject();
			$Note->parent = $Purchase->id;
			$Note->context = 'purchase';
			$Note->type = 'order_note';
			$Note->name = 'note';
			$Note->value = new stdClass();
			$Note->value->author = $user->ID;
			$Note->value->message = $_POST['note'];
		if (!empty($_POST['delete-note'])) {
			$noteid = key($_POST['delete-note']);
			$Note = new MetaObject($noteid);
		if (!empty($_POST['edit-note'])) {
			$noteid = key($_POST['note-editor']);
			$Note = new MetaObject($noteid);
			$Note->value->message = $_POST['note-editor'][$noteid];
		$Notes = new ObjectMeta($Purchase->id,'purchase','order_note');

		if (!empty($_POST['update'])) {

			if ($_POST['txnstatus'] != $Purchase->txnstatus)


			$mailstatus = false;
			if ($_POST['notify'] == "yes") {
				$labels = $this->Settings->get('order_status');
				// Save a reference to this purchase in Ecart
				// so the Template API works when generating the receipt
				$Ecart->Purchase =& $Purchase;

				// Send the e-mail notification
				$addressee = "$Purchase->firstname $Purchase->lastname";
				$address = "$Purchase->email";

				$email = array();
				$email['from'] = '"'.get_bloginfo("name").'"';
				if ($Ecart->Settings->get('merchant_email'))
					$email['from'] .= ' <'.$Ecart->Settings->get('merchant_email').'>';
				if($is_IIS) $email['to'] = $address;
				else $email['to'] = '"'.html_entity_decode($addressee,ENT_QUOTES).'" <'.$address.'>';
				$email['subject'] = __('Order Updated','Ecart');
				$email['url'] = get_bloginfo('siteurl');
				$email['sitename'] = get_bloginfo('name');

				if ($_POST['receipt'] == "yes")
					$email['receipt'] = $Purchase->receipt();

				$email['status'] = strtoupper($labels[$Purchase->status]);
				$email['message'] = wpautop(stripslashes($_POST['message']));

				if (file_exists(ECART_TEMPLATES."/notification.html")) $template = ECART_TEMPLATES."/notification.html";
				if (file_exists(ECART_TEMPLATES."/notify.php")) $template = ECART_TEMPLATES."/notify.php";

				if (ecart_email($template,$email)) $mailsent = true;


			if ($mailsent) $updated = __('Order status updated & notification email sent.','Ecart');
			else $updated = __('Order status updated.','Ecart');

		$targets = $this->Settings->get('target_markets');
		$UI->txnStatusLabels = Lookup::payment_status_labels();
		$UI->statusLabels = $this->Settings->get('order_status');
		if (empty($statusLabels)) $statusLabels = array('');

Exemple #6
	 * Initializes the Ecart dashboard widgets
	 * @since 1.0
	 * @return void
	function dashboard () {
		$dashboard = $this->Settings->get('dashboard');
		if (!((is_ecart_userlevel() || current_user_can('ecart_financials')) && $dashboard == "on")) return false;

		wp_add_dashboard_widget('dashboard_ecart_orders', __('Shopping Cart Orders','Ecart'), array(&$this,'orders_widget'),
			array('all_link' => 'admin.php?page='.$this->pagename('orders'),'feed_link' => '','width' => 'half','height' => 'single')
