protected function editOrderSaveAction() { if (empty($_POST['quoteSession'])) { exit; } $quoteSession = $_POST['quoteSession']; /** @var ISC_QUOTE */ $quote = getClass('ISC_ADMIN_ORDERS')->getQuoteSession($quoteSession); if(!$quote) { $this->sendEditOrderNoQuoteResponse('saveError'); } try { $quote->setCustomerMessage(Interspire_Request::post('customerMessage')); $quote->setStaffNotes(Interspire_Request::post('staffNotes')); $entity = new ISC_ENTITY_ORDER; $currency = GetDefaultCurrency(); $order = array( 'ordcurrencyid' => $currency['currencyid'], 'ordcurrencyexchangerate' => $currency['currencyexchangerate'], 'ordipaddress' => getIp(), 'extraInfo' => array(), 'quote' => $quote, ); $createAccount = false; // process customer details to see if an account should be made if (Interspire_Request::post('orderFor') == 'new') { // this really needs to be split off into another method because it's done both at the front end checkout, in save billing, and in here! -ge $password = ''; $confirmedPassword = ''; $email = ''; $accountFormFields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_ACCOUNT, true); $accountCustomFields = array(); foreach($accountFormFields as $formFieldId => $formField) { $formFieldPrivateId = $formField->record['formfieldprivateid']; if (!$formFieldPrivateId) { $accountCustomFields[$formFieldId] = $formField->getValue(); } else if($formFieldPrivateId == 'EmailAddress') { $email = $formField->getValue(); } else if($formFieldPrivateId == 'Password') { $password = $formField->getValue(); } else if($formFieldPrivateId == 'ConfirmPassword') { $confirmedPassword = $formField->getValue(); } } // shouldn't reach this point with a valid email without all the details already being validated after step 1 > next, so go ahead and assign it to the order if ($email) { $createAccount = array( 'addresses' => array(), 'password' => $password, 'customFormFields' => $accountCustomFields, ); foreach ($quote->getAllAddresses() as /** @var ISC_QUOTE_ADDRESS */$address) { if (!$address->getSaveAddress()) { continue; } $customerAddress = $address->getAsArray(); $customFields = $address->getCustomFields(); if (!empty($customFields)) { $customerAddress['customFormFields'] = $customFields; // Shipping fields need to be mapped back to billing so they can be stored if ($address->getType() == ISC_QUOTE_ADDRESS::TYPE_SHIPPING) { $newCustomFields = array(); $map = $GLOBALS['ISC_CLASS_FORM']->mapAddressFieldList(FORMFIELDS_FORM_SHIPPING, array_keys($customFields)); foreach($map as $oldId => $newId) { $newCustomFields[$newId] = $customFields[$oldId]; } $customerAddress['customFormFields'] = $newCustomFields; } } $createAccount['addresses'][] = $customerAddress; } } } if ($quote->getOrderId()) { $editing = true; $adding = false; $orderId = $quote->getOrderId(); $existingOrder = $entity->get($orderId); if ($existingOrder['deleted']) { // don't allow saving changes for a deleted order $errors[] = GetLang('EditDeletedOrderError'); } else { $order['orderid'] = $orderId; if (!$entity->edit($order)) { $errors[] = $entity->getError(); } } } else { $editing = false; $adding = true; $order['orderpaymentmodule'] = ''; $orderId = $entity->add($order); if ($orderId) { $quote->setOrderId($orderId); } else { $errors[] = $entity->getError(); } } if (!empty($errors)) { $this->sendEditOrderResponse(array( 'errors' => $errors, 'stateTransition' => 'saveError', )); } // retrieve the created/edited order record $order = GetOrder($orderId); if ($createAccount) { // this function doesn't return anything for error testing createOrderCustomerAccount($order, $createAccount); } // Process a payment $paymentMethod = Interspire_Request::post('paymentMethod'); $providerSuccess = false; // Retrieve the payment method details $paymentFields = Interspire_Request::post('paymentField'); if (!empty($paymentFields[$paymentMethod])) { $paymentFields = $paymentFields[$paymentMethod]; } else { $paymentFields = array(); } if ($quote->getGrandTotalWithStoreCredit() > 0 && ($adding || empty($order['ordpaymentstatus']) || empty($order['orderpaymentmodule'])) && !empty($paymentMethod)) { $gatewayAmount = $quote->getGrandTotalWithStoreCredit(); $provider = null; // was a custom payment specified? if ($paymentMethod == 'custom') { $paymentMethodName = $paymentFields['custom_name']; $providerSuccess = true; } // actual payment module else { GetModuleById('checkout', $provider, $paymentMethod); if(is_object($provider)) { $paymentMethodName = $provider->GetDisplayName(); if (method_exists($provider, 'ProcessManualPayment')) { // set the order token as required by various payment methods ISC_SetCookie('SHOP_ORDER_TOKEN', $order['ordtoken'], time() + (3600*24), true); // make the token immediately available $_COOKIE['SHOP_ORDER_TOKEN'] = $order['ordtoken']; // process the payment $result = $provider->ProcessManualPayment($order, $paymentFields); if ($result['result']) { $providerSuccess = true; $gatewayAmount = $result['amount']; FlashMessage(GetLang('OrderPaymentSuccess', array('amount' => FormatPrice($gatewayAmount), 'orderId' => $orderId, 'provider' => $paymentMethodName)), MSG_SUCCESS); } else { $errors[] = GetLang('OrderPaymentFail', array('orderId' => $orderId, 'provider' => $paymentMethodName, 'reason' => $result['message'])); } } else { // all manual/offline methods will always be successfull $providerSuccess = true; } } else { // failed to get a payment module } } // if the grand total after minus the coupon,etc is 0 and it's adding order also the payment method is custom. } else if ($quote->getGrandTotalWithStoreCredit() == 0 && ($adding || empty($order['ordpaymentstatus']) || empty($order['orderpaymentmodule'])) && $paymentMethod == 'custom') { $paymentMethodName = $paymentFields['custom_name']; $providerSuccess = true; } // was payment successfull? if ($providerSuccess) { // record payment info for the order $updatedOrder = array( 'orderpaymentmethod' => $paymentMethodName, 'orderpaymentmodule' => $paymentMethod, ); $this->db->UpdateQuery("orders", $updatedOrder, "orderid = " . $orderId); // set appropriate status for the order if ($quote->isDigital()) { $newStatus = ORDER_STATUS_COMPLETED; } else { $newStatus = ORDER_STATUS_AWAITING_FULFILLMENT; } UpdateOrderStatus($orderId, $newStatus, false); // email invoice if (Interspire_Request::post('emailInvoiceToCustomer')) { EmailInvoiceToCustomer($orderId); } } if (!empty($errors)) { $response = array( 'errors' => $errors, 'stateTransition' => 'saveError', ); } else { if ($editing) { FlashMessage(GetLang('OrderUpdated', array('orderId' => $orderId)), MSG_SUCCESS); } else { FlashMessage(GetLang('OrderCreated', array('orderId' => $orderId)), MSG_SUCCESS); } $response = array( 'stateTransition' => 'saveOk', ); // remove quote object from session after successful save and successful payment getClass('ISC_ADMIN_ORDERS')->deleteQuoteSession($quoteSession); } if ($adding) { $response['updateOrderId'] = $orderId; } $this->sendEditOrderResponse($response); } catch (ISC_QUOTE_EXCEPTION $exception) { $this->sendEditOrderResponse(array( 'stateTransition' => 'saveError', 'errors' => array( $exception->getMessage(), ), )); } }
/** * Completes a pending order and marks it's status as whatever it should be next. * This function will process any payments, capture amounts from gateways, increase * # sold for each product in the order, etc. * * @param string The pending order token. * @param int The status to set the completed order to. * @return boolean True if successful, false on failure. */ function CompletePendingOrder($pendingOrderToken, $status, $sendInvoice=true) { $orderData = LoadPendingOrdersByToken($pendingOrderToken, true); if($orderData === false) { return false; } $processedStoreCredit = false; $processedGiftCertificates = false; $orderStoreCredit = 0; $orderTotalAmount = 0; // Flag used to create the customer record but only if atleast one order was successful $createCustomer = false; // Sum up our total amount and store credit foreach ($orderData['orders'] as $order) { if ($order['ordstatus'] != 0) { continue; } $orderStoreCredit += $order['ordstorecreditamount']; $orderTotalAmount += $order['total_inc_tax']; } // flag to indicate if we should send notifications? only if the order was previously incomplete and the new status isn't declined/cancelled/refunded $sendNotifications = false; foreach($orderData['orders'] as $order) { $newStatus = $status; // Wait, was the order already complete? Then we don't do anything if($order['ordstatus'] != ORDER_STATUS_INCOMPLETE) { continue; } // If this order is digital, and the status is awaiting fulfillment, there's nothing // to actually fulfill, so set it to completed. if($order['ordisdigital'] && $newStatus == ORDER_STATUS_AWAITING_FULFILLMENT) { $newStatus = ORDER_STATUS_COMPLETED; } $extraInfo = @unserialize($order['extrainfo']); if(!is_array($extraInfo)) { $extraInfo = array(); } // only email and update order data (coupons, certificates, store credit etc) if it's not a declined, cancelled or refunded order if($newStatus != ORDER_STATUS_DECLINED && $newStatus != ORDER_STATUS_CANCELLED && $newStatus != ORDER_STATUS_REFUNDED) { $createCustomer = true; $sendNotifications = true; if($sendInvoice && !EmailInvoiceToCustomer($order['orderid'], $newStatus)) { $GLOBALS['HideError'] = ""; $GLOBALS['ErrorMessage'] = GetLang('ErroSendingInvoiceEmail'); $GLOBALS['HideSuccess'] = "none"; } // Are we updating the inventory levels when an order has been placed? if(GetConfig('UpdateInventoryLevels') == 1) { DecreaseInventoryFromOrder($order['orderid']); } // If this order now complete, we need to activate any gift certificates if(OrderIsComplete($newStatus)) { $GLOBALS['ISC_CLASS_GIFTCERTIFICATES'] = GetClass('ISC_GIFTCERTIFICATES'); $GLOBALS['ISC_CLASS_GIFTCERTIFICATES']->ActivateGiftCertificates($order['orderid']); } // If we've had one or more coupons been applied to this order, we now need to increment the number of uses $couponIds = array(); $query = " SELECT * FROM [|PREFIX|]order_coupons WHERE ordcouporderid='".(int)$order['orderid']."' "; $result = $GLOBALS['ISC_CLASS_DB']->Query($query); while($coupon = $GLOBALS['ISC_CLASS_DB']->Fetch($result)) { $couponIds[] = $coupon['ordcouponid']; } if(!empty($couponIds)) { $couponsUsed = array_unique($couponIds); $couponList = implode(",", array_map("intval", $couponsUsed)); $query = " UPDATE [|PREFIX|]coupons SET couponnumuses=couponnumuses+1 WHERE couponid IN (".$couponList.") "; $GLOBALS['ISC_CLASS_DB']->Query($query); foreach ($couponIds as $cid) { getclass('ISC_COUPON')->updatePerCustomerUsage($cid); } } // If we used store credit on this order, we now need to subtract it from the users account. if($order['ordstorecreditamount'] > 0 && $processedStoreCredit == false) { $GLOBALS['ISC_CLASS_CUSTOMER'] = GetClass('ISC_CUSTOMER'); $currentCredit = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerStoreCredit($order['ordcustid']); $newCredit = $currentCredit - $orderStoreCredit; if($newCredit < 0) { $newCredit = 0; } $updatedCustomer = array( 'custstorecredit' => $newCredit, ); $GLOBALS['ISC_CLASS_DB']->UpdateQuery('customers', $updatedCustomer, "customerid='".(int)$order['ordcustid']."'"); $processedStoreCredit = true; } // If one or more gift certificates were used we need to apply them to this order and subtract the total if($order['ordgiftcertificateamount'] > 0 && isset($extraInfo['giftcertificates']) && !empty($extraInfo['giftcertificates']) && $processedGiftCertificates == false) { $usedCertificates = array(); $GLOBALS['ISC_CLASS_GIFT_CERTIFICATES'] = GetClass('ISC_GIFTCERTIFICATES'); $GLOBALS['ISC_CLASS_GIFT_CERTIFICATES']->ApplyGiftCertificatesToOrder($order['orderid'], $orderTotalAmount + $order['ordgiftcertificateamount'], $extraInfo['giftcertificates'], $usedCertificates); unset($extraInfo['giftcertificates']); $processedGiftCertificates = true; } // If there are one or more digital products in this order then we need to create a record in the order_downloads table // for each of them and set the expiry dates $query = " SELECT ordprodid, ordprodqty FROM [|PREFIX|]order_products WHERE orderorderid='".$order['orderid']."' AND ordprodtype='digital' "; $result = $GLOBALS['ISC_CLASS_DB']->Query($query); $digitalProductIds = array(); while($digitalProduct = $GLOBALS['ISC_CLASS_DB']->Fetch($result)) { $digitalProductIds[$digitalProduct['ordprodid']] = $digitalProduct; } if(!empty($digitalProductIds)) { $query = " SELECT downloadid, productid, downexpiresafter, downmaxdownloads FROM [|PREFIX|]product_downloads WHERE productid IN (".implode(',', array_keys($digitalProductIds)).") "; $result = $GLOBALS['ISC_CLASS_DB']->Query($query); while($digitalDownload = $GLOBALS['ISC_CLASS_DB']->Fetch($result)) { $expiryDate = 0; // If this download has an expiry date, set it to now + expiry time if($digitalDownload['downexpiresafter'] > 0) { $expiryDate = time() + $digitalDownload['downexpiresafter']; } // If they've purchased more than one, we need to give them max downloads X quantity downloads $quantity = $digitalProductIds[$digitalDownload['productid']]['ordprodqty']; $newDownload = array( 'orderid' => $order['orderid'], 'downloadid' => $digitalDownload['downloadid'], 'numdownloads' => 0, 'downloadexpires' => $expiryDate, 'maxdownloads' => $digitalDownload['downmaxdownloads'] * $quantity ); $GLOBALS['ISC_CLASS_DB']->InsertQuery('order_downloads', $newDownload); } } } // Does a customer account need to be created? if(!empty($extraInfo['createAccount'])) { createOrderCustomerAccount($order, $extraInfo['createAccount']); unset($extraInfo['createAccount']); } // Now update the order and set the status $updatedOrder = array( "ordstatus" => $newStatus, "extrainfo" => serialize($extraInfo) ); $GLOBALS['ISC_CLASS_DB']->UpdateQuery("orders", $updatedOrder, "orderid='".$order['orderid']."'"); } if($sendNotifications) { // Trigger all active new order notification methods SendOrderNotifications($pendingOrderToken); // Do we need to add them to a Interspire Email Marketer mailing list? SubscribeCustomerToLists($pendingOrderToken); // Update the current uses of each rule $quote = getCustomerQuote(); $appliedRules = array_keys(getCustomerQuote()->getAppliedDiscountRules()); if(!empty($appliedRules)) { require_once ISC_BASE_PATH.'/lib/rule.php'; updateRuleUses($appliedRules); } } // Empty the users cart and kill the checkout process EmptyCartAndKillCheckout(); return true; }