function smn_address_format($address_format_id, $address, $html, $boln, $eoln)
{
$address_format_query = smn_db_query("select address_format as format from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . (int) $address_format_id . "'");
$address_format = smn_db_fetch_array($address_format_query);
$company = smn_output_string_protected($address['company']);
if (isset($address['firstname']) && smn_not_null($address['firstname'])) {
$firstname = smn_output_string_protected($address['firstname']);
$lastname = smn_output_string_protected($address['lastname']);
} elseif (isset($address['name']) && smn_not_null($address['name'])) {
$firstname = smn_output_string_protected($address['name']);
$lastname = '';
} else {
$firstname = '';
$lastname = '';
}
$street = smn_output_string_protected($address['street_address']);
$suburb = smn_output_string_protected($address['suburb']);
$city = smn_output_string_protected($address['city']);
$state = smn_output_string_protected($address['state']);
if (isset($address['country_id']) && smn_not_null($address['country_id'])) {
$country = smn_get_country_name($address['country_id']);
if (isset($address['zone_id']) && smn_not_null($address['zone_id'])) {
$state = smn_get_zone_code($address['country_id'], $address['zone_id'], $state);
}
} elseif (isset($address['country']) && smn_not_null($address['country'])) {
$country = smn_output_string_protected($address['country']['title']);
} else {
$country = '';
}
$postcode = smn_output_string_protected($address['postcode']);
$zip = $postcode;
if ($html) {
// HTML Mode
$HR = '<hr>';
$hr = '<hr>';
if ($boln == '' && $eoln == "\n") {
// Values not specified, use rational defaults
$CR = '<br>';
$cr = '<br>';
$eoln = $cr;
} else {
// Use values supplied
$CR = $eoln . $boln;
$cr = $CR;
}
} else {
// Text Mode
$CR = $eoln;
$cr = $CR;
$HR = '----------------------------------------';
$hr = '----------------------------------------';
}
$statecomma = '';
$streets = $street;
if ($suburb != '') {
$streets = $street . $cr . $suburb;
}
if ($country == '') {
$country = smn_output_string_protected($address['country']);
}
if ($state != '') {
$statecomma = $state . ', ';
}
$fmt = $address_format['format'];
eval("\$address = \"{$fmt}\";");
if (ACCOUNT_COMPANY == 'true' && smn_not_null($company)) {
$address = $company . $cr . $address;
}
return $address;
}
smn_db_query($sql);
// Get Sum of payment (Could have changed since last selects);
$sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n ";
$affiliate_billing_query = smn_db_query($sql);
$affiliate_billing = smn_db_fetch_array($affiliate_billing_query);
// Get affiliate Informations
$sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n ";
$affiliate_query = smn_db_query($sql);
$affiliate = smn_db_fetch_array($affiliate_query);
// Get need tax informations for the affiliate
$affiliate_tax_rate = smn_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']);
$affiliate_tax = smn_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2);
// Netto-Provision
$affiliate_payment_total = $affiliate_billing['affiliate_payment'] + $affiliate_tax;
// Bill the order
$affiliate['affiliate_state'] = smn_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']);
$sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'], 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']);
smn_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array);
$insert_id = smn_db_insert_id();
// Set the Sales to Final State
smn_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99");
// Notify Affiliate
if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') {
$check_status_query = smn_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id ");
$check_status = smn_db_fetch_array($check_status_query);
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'NONSSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . smn_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT;
smn_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
}
}
$messageStack->add_session(SUCCESS_BILLING, 'success');
smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit'));
function process_button()
{
global $customer_id, $order, $languages_id, $currencies, $currency, $cart_PayPal_IPN_ID, $shipping, $store;
if (MODULE_PAYMENT_PAYPAL_IPN_CURRENCY == 'Selected Currency') {
$my_currency = $currency;
} else {
$my_currency = substr(MODULE_PAYMENT_PAYPAL_IPN_CURRENCY, 5);
}
if (!in_array($my_currency, array('AUD', 'CAD', 'CHF', 'CZK', 'DKK', 'EUR', 'GBP', 'HKD', 'HUF', 'JPY', 'NOK', 'NZD', 'PLN', 'SEK', 'SGD', 'USD'))) {
$my_currency = 'USD';
}
$parameters = array();
if (MODULE_PAYMENT_PAYPAL_IPN_TRANSACTION_TYPE == 'Per Item' && MODULE_PAYMENT_PAYPAL_IPN_EWP_STATUS == 'False') {
$parameters['cmd'] = '_cart';
$parameters['upload'] = '1';
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$item = $i + 1;
$tax_value = $order->products[$i]['tax'] / 100 * $order->products[$i]['final_price'];
$parameters['item_name_' . $item] = $order->products[$i]['name'];
$parameters['amount_' . $item] = number_format($order->products[$i]['final_price'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$parameters['tax_' . $item] = number_format($tax_value * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$parameters['quantity_' . $item] = $order->products[$i]['qty'];
if ($i == 0) {
if (DISPLAY_PRICE_WITH_TAX == 'true') {
$shipping_cost = $order->info['shipping_cost'];
} else {
$module = substr($shipping['id'], 0, strpos($shipping['id'], '_'));
$shipping_tax = smn_get_tax_rate($GLOBALS[$module]->tax_class, $order->delivery['country']['id'], $order->delivery['zone_id']);
$shipping_cost = $order->info['shipping_cost'] + smn_calculate_tax($order->info['shipping_cost'], $shipping_tax);
}
$parameters['shipping_' . $item] = number_format($shipping_cost * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
if (isset($order->products[$i]['attributes'])) {
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'";
$attributes = smn_db_query($attributes_query);
} else {
$attributes = smn_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
}
$attributes_values = smn_db_fetch_array($attributes);
// Unfortunately PayPal only accepts two attributes per product, so the
// third attribute onwards will not be shown at PayPal
$parameters['on' . $j . '_' . $item] = $attributes_values['products_options_name'];
$parameters['os' . $j . '_' . $item] = $attributes_values['products_options_values_name'];
}
}
}
$parameters['num_cart_items'] = $item;
if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') {
// PandA.nl move tax to total amount
$parameters['amount'] = number_format(($order->info['total'] - $order->info['shipping_cost']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
} else {
// default
$parameters['amount'] = number_format(($order->info['total'] - $order->info['shipping_cost'] - $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
} else {
$parameters['cmd'] = '_ext-enter';
$parameters['redirect_cmd'] = '_xclick';
$parameters['item_name'] = STORE_NAME;
$parameters['shipping'] = '0';
if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') {
// PandA.nl move tax to total amount
$parameters['amount'] = number_format($order->info['total'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
} else {
// default
$parameters['amount'] = number_format(($order->info['total'] - $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
}
// billing information fix by gravyface
// for pre-populating the fiels if customer has no PayPal account
// only works if force shipping address is set to FALSE
$state_abbr = smn_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$name = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$parameters['business'] = MODULE_PAYMENT_PAYPAL_IPN_ID;
// let's check what has been defined in the shop admin for the shipping address
if (MODULE_PAYMENT_PAYPAL_IPN_SHIPPING == 'True') {
// all that matters is that we send the variables
// what they contain is irrelevant as PayPal overwrites it with the customer's confirmed PayPal address
// so what we send is probably not what we'll get back
$parameters['no_shipping'] = '2';
$parameters['address_name'] = $name;
$parameters['address_street'] = $order->delivery['street_address'];
$parameters['address_city'] = $order->delivery['city'];
$parameters['address_zip'] = $order->delivery['postcode'];
$parameters['address_state'] = $state_abbr;
$parameters['address_country_code'] = $order->delivery['country']['iso_code_2'];
$parameters['address_country'] = $order->delivery['country']['title'];
$parameters['payer_email'] = $order->customer['email_address'];
} else {
$parameters['no_shipping'] = '1';
$parameters['H_PhoneNumber'] = $order->customer['telephone'];
$parameters['first_name'] = $order->delivery['firstname'];
$parameters['last_name'] = $order->delivery['lastname'];
$parameters['address1'] = $order->delivery['street_address'];
$parameters['address2'] = $order->delivery['suburb'];
$parameters['city'] = $order->delivery['city'];
$parameters['zip'] = $order->delivery['postcode'];
$parameters['state'] = $state_abbr;
$parameters['country'] = $order->delivery['country']['iso_code_2'];
$parameters['email'] = $order->customer['email_address'];
}
$parameters['currency_code'] = $my_currency;
$parameters['invoice'] = substr($cart_PayPal_IPN_ID, strpos($cart_PayPal_IPN_ID, '-') + 1);
$parameters['custom'] = $customer_id;
$parameters['no_note'] = '1';
$parameters['notify_url'] = smn_href_link('ext/modules/payment/paypal_ipn/ipn.php', '', 'NONSSL', false, false);
$parameters['cbt'] = CONFIRMATION_BUTTON_TEXT;
$parameters['return'] = smn_href_link(FILENAME_CHECKOUT_PROCESS, 'ID=' . $store->get_store_id(), 'NONSSL');
$parameters['cancel_return'] = smn_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'NONSSL');
$parameters['bn'] = $this->identifier;
$parameters['lc'] = $order->customer['country']['iso_code_2'];
if (smn_not_null(MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE)) {
$parameters['page_style'] = MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE;
}
if (MODULE_PAYMENT_PAYPAL_IPN_EWP_STATUS == 'True') {
$parameters['cert_id'] = MODULE_PAYMENT_PAYPAL_IPN_EWP_CERT_ID;
$random_string = rand(100000, 999999) . '-' . $customer_id . '-';
$data = '';
while (list($key, $value) = each($parameters)) {
$data .= $key . '=' . $value . "\n";
}
$fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', 'w');
fwrite($fp, $data);
fclose($fp);
unset($data);
if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) {
openssl_pkcs7_sign(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY), file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
// remove headers from the signature
$signed = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$signed = explode("\n\n", $signed);
$signed = base64_decode($signed[1]);
$fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', 'w');
fwrite($fp, $signed);
fclose($fp);
unset($signed);
openssl_pkcs7_encrypt(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
// remove headers from the encrypted result
$data = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
$data = explode("\n\n", $data);
$data = '-----BEGIN PKCS7-----' . "\n" . $data[1] . "\n" . '-----END PKCS7-----';
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
} else {
exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -sign -in ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt -signer ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY . ' -inkey ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY . ' -outform der -nodetach -binary > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -encrypt -des3 -binary -outform pem ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY . ' < ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$fh = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', 'rb');
$data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'));
fclose($fh);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
}
$process_button_string = smn_draw_hidden_field('cmd', '_s-xclick') . smn_draw_hidden_field('encrypted', $data);
unset($data);
} else {
while (list($key, $value) = each($parameters)) {
echo smn_draw_hidden_field($key, $value);
}
}
return $process_button_string;
}