Esempio n. 1
0
 function _process()
 {
     global $osC_MessageStack, $osC_Database, $osC_Language;
     $Qcheck = $osC_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1');
     $Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
     $Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
     $Qcheck->execute();
     if ($Qcheck->numberOfRows() === 1) {
         $password = osc_create_random_string(ACCOUNT_PASSWORD);
         if (osC_Account::savePassword($password, $Qcheck->valueInt('customers_id'))) {
             if (ACCOUNT_GENDER > -1) {
                 if ($data['gender'] == 'm') {
                     $email_text = sprintf($osC_Language->get('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 } else {
                     $email_text = sprintf($osC_Language->get('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 }
             } else {
                 $email_text = sprintf($osC_Language->get('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n";
             }
             $email_text .= sprintf($osC_Language->get('email_password_reminder_body'), getenv('REMOTE_ADDR'), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS);
             osc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf($osC_Language->get('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             $osC_MessageStack->add('login', $osC_Language->get('success_password_forgotten_sent'), 'success');
         }
         osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
     } else {
         $osC_MessageStack->add('password_forgotten', $osC_Language->get('error_password_forgotten_no_email_address_found'));
     }
 }
Esempio n. 2
0
 function _process()
 {
     global $osC_Language, $osC_MessageStack, $osC_Product;
     if (empty($_POST['from_name'])) {
         $osC_MessageStack->add('tell_a_friend', $osC_Language->get('error_tell_a_friend_customers_name_empty'));
     }
     if (!osc_validate_email_address($_POST['from_email_address'])) {
         $osC_MessageStack->add('tell_a_friend', $osC_Language->get('error_tell_a_friend_invalid_customers_email_address'));
     }
     if (empty($_POST['to_name'])) {
         $osC_MessageStack->add('tell_a_friend', $osC_Language->get('error_tell_a_friend_friends_name_empty'));
     }
     if (!osc_validate_email_address($_POST['to_email_address'])) {
         $osC_MessageStack->add('tell_a_friend', $osC_Language->get('error_tell_a_friend_invalid_friends_email_address'));
     }
     if ($osC_MessageStack->size('tell_a_friend') < 1) {
         $email_subject = sprintf($osC_Language->get('email_tell_a_friend_subject'), osc_sanitize_string($_POST['from_name']), STORE_NAME);
         $email_body = sprintf($osC_Language->get('email_tell_a_friend_intro'), osc_sanitize_string($_POST['to_name']), osc_sanitize_string($_POST['from_name']), $osC_Product->getTitle(), STORE_NAME) . "\n\n";
         if (!empty($_POST['message'])) {
             $email_body .= osc_sanitize_string($_POST['message']) . "\n\n";
         }
         $email_body .= sprintf($osC_Language->get('email_tell_a_friend_link'), osc_href_link(FILENAME_PRODUCTS, $osC_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf($osC_Language->get('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
         osc_email(osc_sanitize_string($_POST['to_name']), osc_sanitize_string($_POST['to_email_address']), $email_subject, $email_body, osc_sanitize_string($_POST['from_name']), osc_sanitize_string($_POST['from_email_address']));
         $osC_MessageStack->add('header', sprintf($osC_Language->get('success_tell_a_friend_email_sent'), $osC_Product->getTitle(), osc_output_string_protected($_POST['to_name'])), 'success');
         osc_redirect(osc_href_link(FILENAME_PRODUCTS, $osC_Product->getID()));
     }
 }
Esempio n. 3
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_Database = Registry::get('Database');
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $Qcheck = $OSCOM_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1');
     $Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
     $Qcheck->execute();
     if ($Qcheck->numberOfRows() === 1) {
         $password = osc_create_random_string(ACCOUNT_PASSWORD);
         if (Account::savePassword($password, $Qcheck->valueInt('customers_id'))) {
             if (ACCOUNT_GENDER > -1) {
                 if ($Qcheck->value('customers_gender') == 'm') {
                     $email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 } else {
                     $email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 }
             } else {
                 $email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n";
             }
             $email_text .= sprintf(OSCOM::getDef('email_password_reminder_body'), osc_get_ip_address(), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS);
             osc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf(OSCOM::getDef('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             $OSCOM_MessageStack->add('LogIn', OSCOM::getDef('success_password_forgotten_sent'), 'success');
         }
         osc_redirect(OSCOM::getLink(null, null, 'LogIn', 'SSL'));
     } else {
         $OSCOM_MessageStack->add('PasswordForgotten', OSCOM::getDef('error_password_forgotten_no_email_address_found'));
     }
 }
Esempio n. 4
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_Customer = Registry::get('Customer');
     $OSCOM_NavigationHistory = Registry::get('NavigationHistory');
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $OSCOM_Service = Registry::get('Service');
     $OSCOM_Breadcrumb = Registry::get('Breadcrumb');
     if (ALLOW_GUEST_TO_TELL_A_FRIEND == '-1' && $OSCOM_Customer->isLoggedOn() === false) {
         $OSCOM_NavigationHistory->setSnapshot();
         osc_redirect(OSCOM::getLink(null, 'Account', 'LogIn', 'SSL'));
     }
     $requested_product = null;
     $product_check = false;
     if (count($_GET) > 3) {
         $requested_product = basename(key(array_slice($_GET, 3, 1, true)));
         if ($requested_product == 'Write') {
             unset($requested_product);
             if (count($_GET) > 4) {
                 $requested_product = basename(key(array_slice($_GET, 4, 1, true)));
             }
         }
     }
     if (isset($requested_product)) {
         if (Product::checkEntry($requested_product)) {
             $product_check = true;
         }
     }
     if ($product_check === false) {
         $application->setPageContent('not_found.php');
         return false;
     }
     Registry::set('Product', new Product($requested_product));
     $OSCOM_Product = Registry::get('Product');
     if (empty($_POST['from_name'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_customers_name_empty'));
     }
     if (!osc_validate_email_address($_POST['from_email_address'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_customers_email_address'));
     }
     if (empty($_POST['to_name'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_friends_name_empty'));
     }
     if (!osc_validate_email_address($_POST['to_email_address'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_friends_email_address'));
     }
     if ($OSCOM_MessageStack->size('TellAFriend') < 1) {
         $email_subject = sprintf(OSCOM::getDef('email_tell_a_friend_subject'), osc_sanitize_string($_POST['from_name']), STORE_NAME);
         $email_body = sprintf(OSCOM::getDef('email_tell_a_friend_intro'), osc_sanitize_string($_POST['to_name']), osc_sanitize_string($_POST['from_name']), $OSCOM_Product->getTitle(), STORE_NAME) . "\n\n";
         if (!empty($_POST['message'])) {
             $email_body .= osc_sanitize_string($_POST['message']) . "\n\n";
         }
         $email_body .= sprintf(OSCOM::getDef('email_tell_a_friend_link'), OSCOM::getLink(null, null, $OSCOM_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf(OSCOM::getDef('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
         osc_email(osc_sanitize_string($_POST['to_name']), osc_sanitize_string($_POST['to_email_address']), $email_subject, $email_body, osc_sanitize_string($_POST['from_name']), osc_sanitize_string($_POST['from_email_address']));
         $OSCOM_MessageStack->add('header', sprintf(OSCOM::getDef('success_tell_a_friend_email_sent'), $OSCOM_Product->getTitle(), osc_output_string_protected($_POST['to_name'])), 'success');
         osc_redirect(OSCOM::getLink(null, null, $OSCOM_Product->getKeyword()));
     }
     $application->setPageTitle($OSCOM_Product->getTitle());
     $application->setPageContent('tell_a_friend.php');
 }
Esempio n. 5
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $name = osc_sanitize_string($_POST['name']);
     $email_address = osc_sanitize_string($_POST['email']);
     $enquiry = osc_sanitize_string($_POST['enquiry']);
     if (osc_validate_email_address($email_address)) {
         osc_email(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, OSCOM::getDef('contact_email_subject'), $enquiry, $name, $email_address);
         osc_redirect(OSCOM::getLink(null, null, 'Contact&Success'));
     } else {
         $OSCOM_MessageStack->add('Contact', OSCOM::getDef('field_customer_email_address_check_error'));
     }
 }
Esempio n. 6
0
 function _process()
 {
     global $osC_Language, $osC_MessageStack;
     $name = osc_sanitize_string($_POST['name']);
     $email_address = osc_sanitize_string($_POST['email']);
     $enquiry = osc_sanitize_string($_POST['enquiry']);
     if (osc_validate_email_address($email_address)) {
         osc_email(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $osC_Language->get('contact_email_subject'), $enquiry, $name, $email_address);
         osc_redirect(osc_href_link(FILENAME_INFO, 'contact=success', 'AUTO'));
     } else {
         $osC_MessageStack->add('contact', $osC_Language->get('field_customer_email_address_check_error'));
     }
 }
Esempio n. 7
0
 function _process()
 {
     global $osC_Language, $messageStack;
     if (isset($_POST['department_email']) && !empty($_POST['department_email'])) {
         $department_email = osc_sanitize_string($_POST['department_email']);
         if (!osc_validate_email_address($department_email)) {
             $messageStack->add('contact', $osC_Language->get('field_departments_email_error'));
         }
     } else {
         $department_email = STORE_OWNER_EMAIL_ADDRESS;
     }
     if (isset($_POST['name']) && !empty($_POST['name'])) {
         $name = osc_sanitize_string($_POST['name']);
     } else {
         $messageStack->add('contact', $osC_Language->get('field_customer_name_error'));
     }
     if (isset($_POST['email']) && !empty($_POST['email'])) {
         $email_address = osc_sanitize_string($_POST['email']);
         if (!osc_validate_email_address($email_address)) {
             $messageStack->add('contact', $osC_Language->get('field_customer_concat_email_error'));
         }
     } else {
         $messageStack->add('contact', $osC_Language->get('field_customer_concat_email_error'));
     }
     if (isset($_POST['telephone']) && !empty($_POST['telephone'])) {
         $telephone = osc_sanitize_string($_POST['telephone']);
     }
     if (isset($_POST['enquiry']) && !empty($_POST['enquiry'])) {
         $enquiry = osc_sanitize_string($_POST['enquiry']);
     } else {
         $messageStack->add('contact', $osC_Language->get('field_enquiry_error'));
     }
     if (ACTIVATE_CAPTCHA == '1') {
         if (isset($_POST['captcha_code']) && !empty($_POST['captcha_code'])) {
             $securimage = new Securimage();
             if ($securimage->check($_POST['captcha_code']) == false) {
                 $messageStack->add('contact', $osC_Language->get('field_concat_captcha_check_error'));
             }
         } else {
             $messageStack->add('contact', $osC_Language->get('field_concat_captcha_check_error'));
         }
     }
     if ($messageStack->size('contact') === 0) {
         osc_email(STORE_OWNER, $department_email, $osC_Language->get('contact_email_subject'), $enquiry . '<br /><br /><br />' . $osC_Language->get('contact_telephone_title') . $telephone, $name, $email_address);
         osc_redirect(osc_href_link(FILENAME_INFO, 'contact=success', 'AUTO', true, false));
     }
 }
Esempio n. 8
0
 function callback()
 {
     global $osC_Database, $osC_Currencies;
     $post_string = 'cmd=_notify-validate&';
     foreach ($_POST as $key => $value) {
         $post_string .= $key . '=' . urlencode($value) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     $this->_transaction_response = $this->sendTransactionToGateway($this->form_action_url, $post_string);
     if (strtoupper(trim($this->_transaction_response)) == 'VERIFIED') {
         if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
             $Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id and customers_id = :customers_id');
             $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
             $Qcheck->bindInt(':orders_id', $_POST['invoice']);
             $Qcheck->bindInt(':customers_id', $_POST['custom']);
             $Qcheck->execute();
             if ($Qcheck->numberOfRows() > 0) {
                 $order = $Qcheck->toArray();
                 $Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
                 $Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
                 $Qtotal->bindInt(':orders_id', $_POST['invoice']);
                 $Qtotal->execute();
                 $total = $Qtotal->toArray();
                 $comment = $_POST['payment_status'] . ' (' . ucfirst($_POST['payer_status']) . '; ' . $osC_Currencies->format($_POST['mc_gross'], false, $_POST['mc_currency']) . ')';
                 if ($_POST['payment_status'] == 'Pending') {
                     $comment .= '; ' . $_POST['pending_reason'];
                 } elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
                     $comment .= '; ' . $_POST['reason_code'];
                 }
                 if ($_POST['mc_gross'] != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
                     $comment .= '; PayPal transaction value (' . osc_output_string_protected($_POST['mc_gross']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency'])) . ')';
                 }
                 $comments = 'PayPal IPN Verified [' . $comment . ']';
                 osC_Order::process($_POST['invoice'], $this->order_status, $comments);
             }
         }
     } else {
         if (defined('MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL')) {
             $email_body = 'PAYPAL_STANDARD_DEBUG_POST_DATA:' . "\n\n";
             reset($_POST);
             foreach ($_POST as $key => $value) {
                 $email_body .= $key . '=' . $value . "\n";
             }
             $email_body .= "\n" . 'PAYPAL_STANDARD_DEBUG_GET_DATA:' . "\n\n";
             reset($_GET);
             foreach ($_GET as $key => $value) {
                 $email_body .= $key . '=' . $value . "\n";
             }
             osc_email('', MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL, 'PayPal IPN Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         }
         if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
             $Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id and customers_id=:customers_id');
             $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
             $Qcheck->bindInt('orders_id', $_POST['invoice']);
             $Qcheck->bindInt('customers_id', $_POST['custom']);
             $Qcheck->execute();
             if ($Qcheck->numberOfRows() > 0) {
                 $comment = $_POST['payment_status'];
                 if ($_POST['payment_status'] == 'Pending') {
                     $comment .= '; ' . $_POST['pending_reason'];
                 } elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
                     $comment .= '; ' . $_POST['reason_code'];
                 }
                 $comments = 'PayPal IPN Invalid [' . $comment . ']';
                 osC_Order::insertOrderStatusHistory($_POST['invoice'], $this->order_status, $comments);
             }
         }
     }
 }
Esempio n. 9
0
 function process()
 {
     global $osC_Database, $osC_MessageStack, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_CreditCard;
     $this->_verifyData();
     $this->_order_id = osC_Order::insert();
     osC_Order::process($this->_order_id, $this->order_status);
     $data = array('cc_owner' => $_POST['cc_owner'], 'cc_number' => $_POST['cc_number'], 'cc_expires_month' => $_POST['cc_expires_month'], 'cc_expires_year' => $_POST['cc_expires_year']);
     if (!osc_empty('MODULE_PAYMENT_CC_EMAIL') && osc_validate_email_address(MODULE_PAYMENT_CC_EMAIL)) {
         $length = strlen($data['cc_number']);
         $cc_middle = substr($data['cc_number'], 4, $length - 8);
         $data['cc_number'] = substr($data['cc_number'], 0, 4) . str_repeat('X', strlen($data['cc_number']) - 8) . substr($data['cc_number'], -4);
         $message = 'Order #' . $this->_order_id . "\n\n" . 'Middle: ' . $cc_middle . "\n\n";
         osc_email('', MODULE_PAYMENT_CC_EMAIL, 'Extra Order Info: #' . $this->_order_id, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
     }
     $osC_XML = new osC_XML($data);
     $result = $osC_XML->toXML();
     $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
     $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
     $Qtransaction->bindInt(':orders_id', $this->_order_id);
     $Qtransaction->bindInt(':transaction_code', 1);
     $Qtransaction->bindValue(':transaction_return_value', $result);
     $Qtransaction->bindInt(':transaction_return_status', 1);
     $Qtransaction->execute();
 }
Esempio n. 10
0
 function _process()
 {
     global $osC_Language, $messageStack;
     if (isset($_POST['name']) && !empty($_POST['name'])) {
         $name = osc_sanitize_string($_POST['name']);
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_customer_name_error'));
     }
     if (isset($_POST['email']) && !empty($_POST['email'])) {
         $email_address = osc_sanitize_string($_POST['email']);
         if (!osc_validate_email_address($email_address)) {
             $messageStack->add('bank_receipt', $osC_Language->get('field_customer_bank_receipt_email_error'));
         }
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_customer_bank_receipt_email_error'));
     }
     if (isset($_POST['telephone']) && !empty($_POST['telephone'])) {
         $telephone = osc_sanitize_string($_POST['telephone']);
     }
     if (isset($_POST['amount']) && !empty($_POST['amount'])) {
         $amount = osc_sanitize_string($_POST['amount']);
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_amount_error'));
     }
     if (isset($_POST['bankname']) && !empty($_POST['bankname'])) {
         $bankname = osc_sanitize_string($_POST['bankname']);
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_bankname_error'));
     }
     if (isset($_POST['receiptnumber']) && !empty($_POST['receiptnumber'])) {
         $receiptnumber = osc_sanitize_string($_POST['receiptnumber']);
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_receiptnumber_error'));
     }
     if (isset($_POST['receiptdate_days']) && isset($_POST['receiptdate_months']) && isset($_POST['receiptdate_years'])) {
         $receiptdate = $_POST['receiptdate_years'] . '/' . $_POST['receiptdate_months'] . '/' . $_POST['receiptdate_days'];
     }
     if (isset($_POST['ordernumber']) && !empty($_POST['ordernumber'])) {
         $ordernumber = osc_sanitize_string($_POST['ordernumber']);
     } else {
         $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_ordernumber_error'));
     }
     if (isset($_POST['description']) && !empty($_POST['description'])) {
         $description = osc_sanitize_string($_POST['description']);
     }
     if (ACTIVATE_CAPTCHA == '1') {
         if (isset($_POST['captcha_code']) && !empty($_POST['captcha_code'])) {
             $securimage = new Securimage();
             if ($securimage->check($_POST['captcha_code']) == false) {
                 $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_captcha_check_error'));
             }
         } else {
             $messageStack->add('bank_receipt', $osC_Language->get('field_bank_receipt_captcha_check_error'));
         }
     }
     if ($messageStack->size('bank_receipt') === 0) {
         $email_content = "\n\t<center>\n\t<table dir=rtl width=100% height=100% cellpadding=2 cellspacing=1><tr><td style='font-family:tahoma; font-size:12px; ' align=right >\n" . $osC_Language->get('bank_receipt_name_title') . $name . "<br><br>\n" . $osC_Language->get('bank_receipt_telephone_title') . $telephone . "<br><br>\n" . $osC_Language->get('bank_receipt_email_address_title') . $email_address . "<br><br>\n" . $osC_Language->get('bank_receipt_amount_title') . $amount . "<br><br>\n" . $osC_Language->get('bank_receipt_bank_name_title') . $bankname . "<br><br>\n" . $osC_Language->get('bank_receipt_receipt_number_title') . $receiptnumber . "<br><br>\n" . $osC_Language->get('bank_receipt_receipt_date_title') . $receiptdate . "<br><br>\n" . $osC_Language->get('bank_receipt_order_number_title') . $ordernumber . "<br><br>\n" . $osC_Language->get('bank_receipt_description_title') . $description . "<br><br>\n\t</td></tr></table>\n\t</center>\n";
         osc_email(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $osC_Language->get('bank_receipt_email_subject'), $email_content, $name, $email_address);
         osc_redirect(osc_href_link(FILENAME_INFO, 'bank_receipt=success', 'AUTO', true, false));
         $email_content = '';
     }
 }
Esempio n. 11
0
 public static function save($id = null, $data, $send_email = true)
 {
     global $osC_Database, $osC_Language;
     $error = false;
     $osC_Database->startTransaction();
     if (is_numeric($id)) {
         $Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id');
         $Qcustomer->bindRaw(':date_account_last_modified', 'now()');
         $Qcustomer->bindInt(':customers_id', $id);
     } else {
         $Qcustomer = $osC_Database->query('insert into :table_customers (customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, number_of_logons, date_account_created) values (:customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :number_of_logons, :date_account_created)');
         $Qcustomer->bindInt(':number_of_logons', 0);
         $Qcustomer->bindRaw(':date_account_created', 'now()');
     }
     $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
     $Qcustomer->bindValue(':customers_gender', $data['gender']);
     $Qcustomer->bindValue(':customers_firstname', $data['firstname']);
     $Qcustomer->bindValue(':customers_lastname', $data['lastname']);
     $Qcustomer->bindValue(':customers_email_address', $data['email_address']);
     $Qcustomer->bindValue(':customers_dob', $data['dob_year'] . '-' . $data['dob_month'] . '-' . $data['dob_day'] . ' 00:00:00');
     $Qcustomer->bindInt(':customers_newsletter', $data['newsletter']);
     $Qcustomer->bindInt(':customers_status', $data['status']);
     $Qcustomer->setLogging($_SESSION['module'], $id);
     $Qcustomer->execute();
     if (!$osC_Database->isError()) {
         if (!empty($data['password'])) {
             $customer_id = !empty($id) ? $id : $osC_Database->nextID();
             $Qpassword = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
             $Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS);
             $Qpassword->bindValue(':customers_password', osc_encrypt_string(trim($data['password'])));
             $Qpassword->bindInt(':customers_id', $customer_id);
             $Qpassword->setLogging($_SESSION['module'], $customer_id);
             $Qpassword->execute();
             if ($osC_Database->isError()) {
                 $error = true;
             }
         }
     }
     if ($error === false) {
         $osC_Database->commitTransaction();
         if ($send_email === true) {
             if (empty($id)) {
                 $full_name = trim($data['firstname'] . ' ' . $data['lastname']);
                 $email_text = '';
                 if (ACCOUNT_GENDER > -1) {
                     if ($data['gender'] == 'm') {
                         $email_text .= sprintf($osC_Language->get('email_greet_mr'), trim($data['lastname'])) . "\n\n";
                     } else {
                         $email_text .= sprintf($osC_Language->get('email_greet_ms'), trim($data['lastname'])) . "\n\n";
                     }
                 } else {
                     $email_text .= sprintf($osC_Language->get('email_greet_general'), $full_name) . "\n\n";
                 }
                 $email_text .= sprintf($osC_Language->get('email_text'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, trim($data['password']));
                 osc_email($full_name, $data['email_address'], $osC_Language->get('email_subject'), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             }
         }
         return true;
     }
     $osC_Database->rollbackTransaction();
     return false;
 }
Esempio n. 12
0
 /**
  * Stores a new customer account entry in the database
  *
  * @param array $data An array containing the customers information
  * @access public
  * @return boolean
  */
 public static function createEntry($data)
 {
     global $osC_Database, $osC_Session, $osC_Language, $osC_ShoppingCart, $osC_Customer, $osC_NavigationHistory;
     $Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
     $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
     $Qcustomer->bindValue(':customers_firstname', $data['firstname']);
     $Qcustomer->bindValue(':customers_lastname', $data['lastname']);
     $Qcustomer->bindValue(':customers_email_address', $data['email_address']);
     $Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : '');
     $Qcustomer->bindValue(':customers_status', '1');
     $Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address());
     $Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password']));
     $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
     $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : '');
     $Qcustomer->bindInt(':number_of_logons', 0);
     $Qcustomer->bindRaw(':date_account_created', 'now()');
     $Qcustomer->execute();
     if ($Qcustomer->affectedRows() === 1) {
         $customer_id = $osC_Database->nextID();
         if (SERVICE_SESSION_REGENERATE_ID == '1') {
             $osC_Session->recreate();
         }
         $osC_Customer->setCustomerData($customer_id);
         // restore cart contents
         $osC_ShoppingCart->synchronizeWithDatabase();
         $osC_NavigationHistory->removeCurrentPage();
         // build the welcome email content
         if (ACCOUNT_GENDER > -1 && isset($data['gender'])) {
             if ($data['gender'] == 'm') {
                 $email_text = sprintf($osC_Language->get('email_addressing_gender_male'), $osC_Customer->getLastName()) . "\n\n";
             } else {
                 $email_text = sprintf($osC_Language->get('email_addressing_gender_female'), $osC_Customer->getLastName()) . "\n\n";
             }
         } else {
             $email_text = sprintf($osC_Language->get('email_addressing_gender_unknown'), $osC_Customer->getName()) . "\n\n";
         }
         $email_text .= sprintf($osC_Language->get('email_create_account_body'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS);
         osc_email($osC_Customer->getName(), $osC_Customer->getEmailAddress(), sprintf($osC_Language->get('email_create_account_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         return true;
     }
     return false;
 }
Esempio n. 13
0
 function sendEmail($id)
 {
     global $osC_Database, $osC_Language, $osC_Currencies;
     $Qorder = $osC_Database->query('select * from :table_orders where orders_id = :orders_id limit 1');
     $Qorder->bindTable(':table_orders', TABLE_ORDERS);
     $Qorder->bindInt(':orders_id', $id);
     $Qorder->execute();
     if ($Qorder->numberOfRows() === 1) {
         $email_order = STORE_NAME . "\n" . $osC_Language->get('email_order_separator') . "\n" . sprintf($osC_Language->get('email_order_order_number'), $id) . "\n" . sprintf($osC_Language->get('email_order_invoice_url'), osc_href_link(FILENAME_ACCOUNT, 'orders=' . $id, 'SSL', false, true, true)) . "\n" . sprintf($osC_Language->get('email_order_date_ordered'), osC_DateTime::getLong()) . "\n\n" . $osC_Language->get('email_order_products') . "\n" . $osC_Language->get('email_order_separator') . "\n";
         $Qproducts = $osC_Database->query('select orders_products_id, products_model, products_name, products_price, products_tax, products_quantity from :table_orders_products where orders_id = :orders_id order by orders_products_id');
         $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
         $Qproducts->bindInt(':orders_id', $id);
         $Qproducts->execute();
         while ($Qproducts->next()) {
             $email_order .= $Qproducts->valueInt('products_quantity') . ' x ' . $Qproducts->value('products_name') . ' (' . $Qproducts->value('products_model') . ') = ' . $osC_Currencies->displayPriceWithTaxRate($Qproducts->value('products_price'), $Qproducts->value('products_tax'), $Qproducts->valueInt('products_quantity'), false, $Qorder->value('currency'), $Qorder->value('currency_value')) . "\n";
             $Qvariants = $osC_Database->query('select group_title, value_title from :table_orders_products_variants where orders_id = :orders_id and orders_products_id = :orders_products_id order by id');
             $Qvariants->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
             $Qvariants->bindInt(':orders_id', $id);
             $Qvariants->bindInt(':orders_products_id', $Qproducts->valueInt('orders_products_id'));
             $Qvariants->execute();
             while ($Qvariants->next()) {
                 $email_order .= "\t" . $Qvariants->value('group_title') . ': ' . $Qvariants->value('value_title') . "\n";
             }
         }
         unset($Qproducts);
         unset($Qvariants);
         $email_order .= $osC_Language->get('email_order_separator') . "\n";
         $Qtotals = $osC_Database->query('select title, text from :table_orders_total where orders_id = :orders_id order by sort_order');
         $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
         $Qtotals->bindInt(':orders_id', $id);
         $Qtotals->execute();
         while ($Qtotals->next()) {
             $email_order .= strip_tags($Qtotals->value('title') . ' ' . $Qtotals->value('text')) . "\n";
         }
         unset($Qtotals);
         if (osc_empty($Qorder->value('delivery_name')) === false && osc_empty($Qorder->value('delivery_street_address')) === false) {
             $address = array('name' => $Qorder->value('delivery_name'), 'company' => $Qorder->value('delivery_company'), 'street_address' => $Qorder->value('delivery_street_address'), 'suburb' => $Qorder->value('delivery_suburb'), 'city' => $Qorder->value('delivery_city'), 'state' => $Qorder->value('delivery_state'), 'zone_code' => $Qorder->value('delivery_state_code'), 'country_title' => $Qorder->value('delivery_country'), 'country_iso2' => $Qorder->value('delivery_country_iso2'), 'country_iso3' => $Qorder->value('delivery_country_iso3'), 'postcode' => $Qorder->value('delivery_postcode'), 'format' => $Qorder->value('delivery_address_format'));
             $email_order .= "\n" . $osC_Language->get('email_order_delivery_address') . "\n" . $osC_Language->get('email_order_separator') . "\n" . osC_Address::format($address) . "\n";
             unset($address);
         }
         $address = array('name' => $Qorder->value('billing_name'), 'company' => $Qorder->value('billing_company'), 'street_address' => $Qorder->value('billing_street_address'), 'suburb' => $Qorder->value('billing_suburb'), 'city' => $Qorder->value('billing_city'), 'state' => $Qorder->value('billing_state'), 'zone_code' => $Qorder->value('billing_state_code'), 'country_title' => $Qorder->value('billing_country'), 'country_iso2' => $Qorder->value('billing_country_iso2'), 'country_iso3' => $Qorder->value('billing_country_iso3'), 'postcode' => $Qorder->value('billing_postcode'), 'format' => $Qorder->value('billing_address_format'));
         $email_order .= "\n" . $osC_Language->get('email_order_billing_address') . "\n" . $osC_Language->get('email_order_separator') . "\n" . osC_Address::format($address) . "\n\n";
         unset($address);
         $Qstatus = $osC_Database->query('select orders_status_name from :table_orders_status where orders_status_id = :orders_status_id and language_id = :language_id');
         $Qstatus->bindTable(':table_orders_status', TABLE_ORDERS_STATUS);
         $Qstatus->bindInt(':orders_status_id', $Qorder->valueInt('orders_status'));
         $Qstatus->bindInt(':language_id', $osC_Language->getID());
         $Qstatus->execute();
         $email_order .= sprintf($osC_Language->get('email_order_status'), $Qstatus->value('orders_status_name')) . "\n" . $osC_Language->get('email_order_separator') . "\n";
         unset($Qstatus);
         $Qstatuses = $osC_Database->query('select date_added, comments from :table_orders_status_history where orders_id = :orders_id and comments != "" order by orders_status_history_id');
         $Qstatuses->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
         $Qstatuses->bindInt(':orders_id', $id);
         $Qstatuses->execute();
         while ($Qstatuses->next()) {
             $email_order .= osC_DateTime::getLong($Qstatuses->value('date_added')) . "\n\t" . wordwrap(str_replace("\n", "\n\t", $Qstatuses->value('comments')), 60, "\n\t", 1) . "\n\n";
         }
         unset($Qstatuses);
         //        if (is_object($GLOBALS[$payment])) {
         //          $email_order .= $osC_Language->get('email_order_payment_method') . "\n" .
         //                          $osC_Language->get('email_order_separator') . "\n";
         //          $email_order .= $osC_ShoppingCart->getBillingMethod('title') . "\n\n";
         //          if (isset($GLOBALS[$payment]->email_footer)) {
         //            $email_order .= $GLOBALS[$payment]->email_footer . "\n\n";
         //          }
         //        }
         osc_email($Qorder->value('customers_name'), $Qorder->value('customers_email_address'), $osC_Language->get('email_order_subject'), $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         // send emails to other people
         if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
             osc_email('', SEND_EXTRA_ORDER_EMAILS_TO, $osC_Language->get('email_order_subject'), $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         }
     }
     unset($Qorder);
 }
Esempio n. 14
0
 protected function sendDebugEmail()
 {
     if (strlen(MODULE_PAYMENT_PAYPAL_EXPRESS_CHECKOUT_DEBUG_EMAIL) > 0) {
         $email_body = '$_POST:' . "\n\n";
         foreach ($_POST as $key => $value) {
             $email_body .= $key . '=' . $value . "\n";
         }
         $email_body .= "\n" . '$_GET:' . "\n\n";
         foreach ($_GET as $key => $value) {
             $email_body .= $key . '=' . $value . "\n";
         }
         osc_email('', MODULE_PAYMENT_PAYPAL_EXPRESS_CHECKOUT_DEBUG_EMAIL, 'PayPal Express Debug E-Mail', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
     }
 }
Esempio n. 15
0
 function _updateStatus($id, $data)
 {
     global $osC_Database, $osC_Language, $orders_status_array;
     $error = false;
     $osC_Database->startTransaction();
     $Qorder = $osC_Database->query('select customers_name, customers_email_address, orders_status, date_purchased from :table_orders where orders_id = :orders_id');
     $Qorder->bindTable(':table_orders', TABLE_ORDERS);
     $Qorder->bindInt(':orders_id', $id);
     $Qorder->execute();
     $Qupdate = $osC_Database->query('update :table_orders set orders_status = :orders_status, last_modified = now() where orders_id = :orders_id');
     $Qupdate->bindTable(':table_orders', TABLE_ORDERS);
     $Qupdate->bindInt(':orders_status', $data['status_id']);
     $Qupdate->bindInt(':orders_id', $id);
     $Qupdate->setLogging($_SESSION['module'], $id);
     $Qupdate->execute();
     if (!$osC_Database->isError()) {
         if ($data['notify_customer'] === true) {
             $email_body = sprintf($osC_Language->get('email_body'), STORE_NAME, $id, osc_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $id, 'SSL', false, false, true), osC_DateTime::getLong($Qorder->value('date_purchased'))) . "\n\n";
             if ($data['append_comment'] === true) {
                 $email_body .= sprintf($osC_Language->get('email_body_comment'), $data['comment']) . "\n\n";
             }
             $email_body .= sprintf($osC_Language->get('email_body_status'), $orders_status_array[$data['status_id']]) . "\n\n" . $osC_Language->get('email_body_contact');
             osc_email($Qorder->value('customers_name'), $Qorder->value('customers_email_address'), sprintf($osC_Language->get('email_subject'), STORE_NAME), $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         }
         $Qupdate = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
         $Qupdate->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
         $Qupdate->bindInt(':orders_id', $id);
         $Qupdate->bindInt(':orders_status_id', $data['status_id']);
         $Qupdate->bindInt(':customer_notified', $data['notify_customer'] === true ? '1' : '0');
         $Qupdate->bindValue(':comments', $data['comment']);
         $Qupdate->setLogging($_SESSION['module'], $id);
         $Qupdate->execute();
         if ($osC_Database->isError()) {
             $error = true;
         }
     } else {
         $error = true;
     }
     if ($error === false) {
         $osC_Database->commitTransaction();
         return true;
     }
     $osC_Database->rollbackTransaction();
     return false;
 }
 function callback()
 {
     global $osC_Database, $osC_Currencies, $osC_Language;
     $post_string = 'cmd=_notify-validate&';
     foreach ($_POST as $key => $value) {
         $post_string .= $key . '=' . urlencode($value) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     $this->_transaction_response = $this->sendTransactionToGateway($this->form_action_url, $post_string);
     if (strtoupper(trim($this->_transaction_response)) == 'VERIFIED') {
         if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
             $Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id and customers_id = :customers_id');
             $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
             $Qcheck->bindInt(':orders_id', $_POST['invoice']);
             $Qcheck->bindInt(':customers_id', $_POST['custom']);
             $Qcheck->execute();
             if ($Qcheck->numberOfRows() > 0) {
                 $order = $Qcheck->toArray();
                 $Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
                 $Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
                 $Qtotal->bindInt(':orders_id', $_POST['invoice']);
                 $Qtotal->execute();
                 $total = $Qtotal->toArray();
                 $comment_status = $_POST['payment_status'] . ' (' . ucfirst($_POST['payer_status']) . '; ' . $osC_Currencies->format($_POST['mc_gross'], false, $_POST['mc_currency']) . ')';
                 if ($_POST['payment_status'] == 'Pending') {
                     $comment_status .= '; ' . $_POST['pending_reason'];
                 } elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
                     $comment_status .= '; ' . $_POST['reason_code'];
                 }
                 if ($_POST['mc_gross'] != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
                     $comment_status .= '; PayPal transaction value (' . osc_output_string_protected($_POST['mc_gross']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency'])) . ')';
                 }
                 $comments = 'PayPal IPN Verified [' . $comment_status . ']';
                 osC_Order::process($_POST['invoice'], $this->order_status, $comments);
                 $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
                 $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
                 $Qtransaction->bindInt(':orders_id', $_POST['invoice']);
                 $Qtransaction->bindInt(':transaction_code', 1);
                 $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
                 $Qtransaction->bindInt(':transaction_return_status', 1);
                 $Qtransaction->execute();
                 $Qtransaction->freeResult();
             }
         }
     } else {
         if (defined('MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL')) {
             $email_body = 'PAYPAL_STANDARD_DEBUG_POST_DATA:' . "\n\n";
             reset($_POST);
             foreach ($_POST as $key => $value) {
                 $email_body .= $key . '=' . $value . "\n";
             }
             $email_body .= "\n" . 'PAYPAL_STANDARD_DEBUG_GET_DATA:' . "\n\n";
             reset($_GET);
             foreach ($_GET as $key => $value) {
                 $email_body .= $key . '=' . $value . "\n";
             }
             osc_email('', MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL, 'PayPal IPN Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         }
         if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
             $Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id and customers_id=:customers_id');
             $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
             $Qcheck->bindInt('orders_id', $_POST['invoice']);
             $Qcheck->bindInt('customers_id', $_POST['custom']);
             $Qcheck->execute();
             if ($Qcheck->numberOfRows() > 0) {
                 $comment_status = $_POST['payment_status'];
                 if ($_POST['payment_status'] == 'Pending') {
                     $comment_status .= '; ' . $_POST['pending_reason'];
                 } elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
                     $comment_status .= '; ' . $_POST['reason_code'];
                 }
                 $comments = 'PayPal IPN Invalid [' . $comment_status . ']';
                 osC_Order::insertOrderStatusHistory($_POST['invoice'], $this->order_status, $comments);
             }
         }
         //process the transaction history
         $Qtransaction_status = $osC_Database->query('select count(*) as total from :table_orders_transactions_status where status_name = :status_name');
         $Qtransaction_status->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
         $Qtransaction_status->bindValue(':status_name', $_POST['payment_status']);
         $Qtransaction_status->execute();
         $transaction_status = $Qtransaction_status->toArray();
         $Qtransaction_status->freeResult();
         //verify whether there is already the specific transactions status
         if ($transaction_status['total'] == 0) {
             //get the max status id
             $Qtransaction_status_max = $osC_Database->query('select max(id) as max_id from :table_orders_transactions_status');
             $Qtransaction_status_max->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
             $Qtransaction_status_max->execute();
             $transaction_status_max = $Qtransaction_status_max->toArray();
             $Qtransaction_status_max->freeResult();
             //insert the specific transaction status for this module
             foreach ($osC_Language->getAll() as $l) {
                 $Qinsert_transaction_status = $osC_Database->query('insert into :table_orders_transactions_status values (:id, :language_id, :status_name)');
                 $Qinsert_transaction_status->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
                 $Qinsert_transaction_status->bindInt(':id', $transaction_status_max['max_id'] + 1);
                 $Qinsert_transaction_status->bindInt(':language_id', $l['id']);
                 $Qinsert_transaction_status->bindValue(':status_name', $_POST['payment_status']);
                 $Qinsert_transaction_status->execute();
             }
         }
         //get the transaction status id
         $Qtransaction_satus_id = $osC_Database->query('select id from :table_orders_transactions_status where language_id = :language_id and status_name = :status_name limit 1');
         $Qtransaction_satus_id->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
         $Qtransaction_satus_id->bindInt(':language_id', $osC_Language->getID());
         $Qtransaction_satus_id->bindValue(':status_name', $_POST['payment_status']);
         $Qtransaction_satus_id->execute();
         $transaction_satus_id = $Qtransaction_satus_id->toArray();
         $Qtransaction_satus_id->freeResult();
         //insert the order transactions history
         $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
         $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
         $Qtransaction->bindInt(':orders_id', $_POST['invoice']);
         $Qtransaction->bindInt(':transaction_code', $transaction_satus_id['id']);
         $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
         $Qtransaction->bindInt(':transaction_return_status', 1);
         $Qtransaction->execute();
         $Qtransaction->freeResult();
     }
 }
Esempio n. 17
0
 function callback()
 {
     global $osC_Database, $osC_Currencies;
     $result = "VERIFIED";
     $check = true;
     // Validate request
     if (!isset($_POST['order_id']) || !is_numeric($_POST['order_id']) || $_POST['order_id'] <= 0) {
         $check = false;
         $result = 'bad order id';
     }
     if ($check) {
         if (!isset($_POST['invoice_amount'])) {
             $check = false;
             $result = 'bad amount';
         }
     }
     if ($check) {
         if (!isset($_POST['invoice_currency'])) {
             $check = false;
             $result = 'bad currency';
         }
     }
     if ($check) {
         if (!isset($_POST['checksum']) || !isset($_POST['invoice_reference']) || !isset($_POST['invoice_created_at']) || !isset($_POST['invoice_status'])) {
             $check = false;
             $result = 'missing vatiables';
         }
     }
     if ($check) {
         //calc checksum
         $sum = http_build_query(array('order_id' => $_POST['order_id'], 'invoice_reference' => $_POST['invoice_reference'], 'invoice_amount' => $_POST['invoice_amount'], 'invoice_currency' => $_POST['invoice_currency'], 'invoice_created_at' => $_POST['invoice_created_at'], 'invoice_status' => $_POST['invoice_status'], 'secret_key' => MODULE_PAYMENT_INPAY_SECRET_KEY), '', "&");
         $md5v = md5($sum);
         if ($md5v != $_POST['checksum']) {
             $check = false;
             $result = 'bad checksum';
         }
     }
     if ($check) {
         if (!osC_Order::exists($_POST['order_id'])) {
             $check = false;
             $result = 'order not found';
         }
     }
     if ($check) {
         $Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id');
         $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
         $Qcheck->bindInt(':orders_id', $_POST['invoice']);
         $Qcheck->bindInt(':customers_id', $_POST['custom']);
         $Qcheck->execute();
         if ($Qcheck->numberOfRows() > 0) {
             $order = $Qcheck->toArray();
             $Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
             $Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
             $Qtotal->bindInt(':orders_id', $_POST['invoice']);
             $Qtotal->execute();
             $total = $Qtotal->toArray();
             if (number_format($_POST['invoice_amount'], $osC_Currencies->getDecimalPlaces($order['currency'])) != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
                 $check = false;
                 $result = 'Inpay transaction value (' . osc_output_string_protected($_POST['invoice_amount']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->get_decimal_places($order['currency'])) . ')';
             }
         }
     }
     if ($check) {
         // check status
         $delivered_status = 7;
         if ($order['orders_status'] == MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID || $order['orders_status'] == $delivered_status) {
             $check = false;
             $result = 'Status already in level' . $order['orders_status'];
         }
     }
     if ($check) {
         $invoice_status = $this->get_invoice_status($_POST);
         $check = false;
         if (($invoice_status == "pending" || $invoice_status == "created") && ($_POST["invoice_status"] == "pending" || $POST["invoice_status"] == "created")) {
             $check = true;
         } else {
             if ($invoice_status == "approved" && $_POST["invoice_status"] == "approved") {
                 $check = true;
             } else {
                 if ($invoice_status == "sum_too_low" && $_POST["invoice_status"] == "sum_too_low") {
                     $check = true;
                 }
             }
         }
         if (!$check) {
             $result = 'Bad invoice status:' . $invoice_status;
         }
     }
     // Validate request end
     if ($result == 'VERIFIED') {
         $invoice_approved = false;
         $invoice_created = false;
         $invoice_partial = false;
         switch ($_POST['invoice_status']) {
             case 'created':
             case 'pending':
                 $msg = "customer has been asked to pay " . $_POST['invoice_amount'] . ' ' . $_POST['invoice_currency'] . ' with reference: ' . $_POST['invoice_reference'] . ' via his online bank';
                 $order_status_id = MODULE_PAYMENT_INPAY_CREATE_ORDER_STATUS_ID;
                 $invoice_created = true;
                 break;
             case "approved":
                 $msg = "Inpay has confirmed that the payment of " . $_POST['invoice_amount'] . " " . $_POST['invoice_currency'] . " has been received";
                 $order_status_id = MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID;
                 $invoice_approved = true;
                 break;
             case "sum_too_low":
                 $msg = "Partial payment received by inpay. Reference: " . $_POST['invoice_reference'];
                 $order_status_id = MODULE_PAYMENT_INPAY_SUM_TOO_LOW_ORDER_STATUS_ID;
                 $invoice_partial = true;
                 break;
         }
         $comments = 'Inpay ' . ucfirst($_POST['invoice_status']) . '[' . $msg . ']';
         if ($invoice_approved || $invoice_created || $invoice_partial) {
             osC_Order::process($_POST['order_id'], $order_status_id, $comments);
             osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
         } else {
             if (defined('MODULE_PAYMENT_INPAY_DEBUG_EMAIL')) {
                 $email_body = 'INPAY_DEBUG_POST_DATA:' . "\n\n";
                 reset($_POST);
                 foreach ($_POST as $key => $value) {
                     $email_body .= $key . '=' . $value . "\n";
                 }
                 $email_body .= "\n" . 'INPAY_DEBUG_GET_DATA:' . "\n\n";
                 reset($_GET);
                 foreach ($_GET as $key => $value) {
                     $email_body .= $key . '=' . $value . "\n";
                 }
                 osc_email('', MODULE_PAYMENT_INPAY_DEBUG_EMAIL, 'Inpay Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             }
             if (isset($_POST['order_id']) && is_numeric($_POST['order_id']) && $_POST['order_id'] > 0) {
                 $Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id');
                 $Qcheck->bindTable(':table_orders', TABLE_ORDERS);
                 $Qcheck->bindInt('orders_id', $_POST['order_id']);
                 $Qcheck->execute();
                 if ($Qcheck->numberOfRows() > 0) {
                     $comments = 'Inpay Invalid [' . $result . ']';
                     osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
                 }
             }
         }
     }
 }