function pre_confirmation_check()
{
global $HTTP_POST_VARS;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($HTTP_POST_VARS['cc_number'], $HTTP_POST_VARS['cc_expires_month'], $HTTP_POST_VARS['cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year'];
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
}
function _process()
{
global $messageStack, $osC_Database, $osC_Customer;
if (!isset($_POST['password_current']) || strlen(trim($_POST['password_current'])) < ACCOUNT_PASSWORD) {
$messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
} elseif (!isset($_POST['password_new']) || strlen(trim($_POST['password_new'])) < ACCOUNT_PASSWORD) {
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
} elseif (!isset($_POST['password_confirmation']) || trim($_POST['password_new']) != trim($_POST['password_confirmation'])) {
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
}
if ($messageStack->size('account_password') === 0) {
$Qcheck = $osC_Database->query('select customers_password from :table_customers where customers_id = :customers_id');
$Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcheck->bindInt(':customers_id', $osC_Customer->id);
$Qcheck->execute();
if (tep_validate_password(trim($_POST['password_current']), $Qcheck->value('customers_password'))) {
$Qupdate = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
$Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qupdate->bindValue(':customers_password', tep_encrypt_password(trim($_POST['password_new'])));
$Qupdate->bindInt(':customers_id', $osC_Customer->id);
$Qupdate->execute();
$Qupdate = $osC_Database->query('update :table_customers_info set customers_info_date_account_last_modified = now() where customers_info_id = :customers_info_id');
$Qupdate->bindTable(':table_customers_info', TABLE_CUSTOMERS_INFO);
$Qupdate->bindInt(':customers_info_id', $osC_Customer->id);
$Qupdate->execute();
$messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
} else {
$messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
}
}
}
function execute()
{
if (isset($_GET['tabaction'])) {
$ppstatus_query = tep_db_query("select comments from orders_status_history where orders_id = '" . (int) $_GET['oID'] . "' and orders_status_id = '" . (int) OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID . "' and comments like '%Transaction ID:%' order by date_added limit 1");
if (tep_db_num_rows($ppstatus_query)) {
$ppstatus = tep_db_fetch_array($ppstatus_query);
$pp = array();
foreach (explode("\n", $ppstatus['comments']) as $s) {
if (!empty($s) && strpos($s, ':') !== false) {
$entry = explode(':', $s, 2);
$pp[trim($entry[0])] = trim($entry[1]);
}
}
if (isset($pp['Transaction ID'])) {
$o_query = tep_db_query("select o.orders_id, o.payment_method, o.currency, o.currency_value, ot.value as total from orders o, orders_total ot where o.orders_id = '" . (int) $_GET['oID'] . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total'");
$o = tep_db_fetch_array($o_query);
switch ($_GET['tabaction']) {
case 'getTransactionDetails':
$this->getTransactionDetails($pp, $o);
break;
case 'doCapture':
$this->doCapture($pp, $o);
break;
case 'doVoid':
$this->doVoid($pp, $o);
break;
case 'refundTransaction':
$this->refundTransaction($pp, $o);
break;
}
tep_redirect(tep_href_link('orders.php', 'page=' . $_GET['page'] . '&oID=' . $_GET['oID'] . '&action=edit#section_status_history_content'));
}
}
}
}
function tep_session_start()
{
$sane_session_id = true;
if (isset($_GET[tep_session_name()])) {
if (SESSION_FORCE_COOKIE_USE == 'True' || preg_match('/^[a-zA-Z0-9,-]+$/', $_GET[tep_session_name()]) == false) {
unset($_GET[tep_session_name()]);
$sane_session_id = false;
}
}
if (isset($_POST[tep_session_name()])) {
if (SESSION_FORCE_COOKIE_USE == 'True' || preg_match('/^[a-zA-Z0-9,-]+$/', $_POST[tep_session_name()]) == false) {
unset($_POST[tep_session_name()]);
$sane_session_id = false;
}
}
if (isset($_COOKIE[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9,-]+$/', $_COOKIE[tep_session_name()]) == false) {
$session_data = session_get_cookie_params();
setcookie(tep_session_name(), '', time() - 42000, $session_data['path'], $session_data['domain']);
unset($_COOKIE[tep_session_name()]);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL', false));
}
register_shutdown_function('session_write_close');
return session_start();
}
function start()
{
$sane_session_id = true;
if (isset($_GET[$this->name])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $_GET[$this->name]) == false) {
unset($_GET[$this->name]);
$sane_session_id = false;
}
} elseif (isset($_POST[$this->name])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $_POST[$this->name]) == false) {
unset($_POST[$this->name]);
$sane_session_id = false;
}
} elseif (isset($_COOKIE[$this->name])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $_COOKIE[$this->name]) == false) {
unset($_COOKIE[$this->name]);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
} elseif (session_start()) {
$this->setStarted(true);
$this->setID();
return true;
}
return false;
}
function tep_session_start() {
global $_GET, $_POST, $HTTP_COOKIE_VARS;
$sane_session_id = true;
if (isset($_GET[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $_GET[tep_session_name()]) == false) {
unset($_GET[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($_POST[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $_POST[tep_session_name()]) == false) {
unset($_POST[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {
$session_data = session_get_cookie_params();
setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
return session_start();
}
function tep_session_start()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;
$sane_session_id = true;
ini_set('session.save_path', _INCLUDES_DIR . '/session_store');
if (isset($HTTP_GET_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) {
unset($HTTP_GET_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_POST_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) {
unset($HTTP_POST_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {
$session_data = session_get_cookie_params();
setcookie(tep_session_name(), '', time() - 42000, $session_data['path'], $session_data['domain']);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(get_href_link(PAGE_DEFAULT, '', 'NONSSL', false));
}
return session_start();
}
function start($check_post = true)
{
extract(tep_load('defs', 'http_validator', 'database'));
if (isset($cDefs->external) && !empty($cDefs->external)) {
$check_post = false;
}
$this->id = $this->get_cookie($this->name);
if (empty($this->id) && SESSION_FORCE_COOKIE_USE != 'true' && isset($_GET[$this->name])) {
$this->id = $_GET[$this->name];
}
$result = false;
if (empty($this->id)) {
$result = $this->generate();
} else {
$result = $this->validate($this->id);
}
if ($check_post && count($_POST) && ($this->new_id || !$result)) {
tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE, '', 'NONSSL', false));
}
if ($result) {
$this->life = MAX_CATALOG_SESSION_TIME;
$this->started = true;
} else {
$this->reset();
}
}
function install()
{
if (!defined('MODULE_PAYMENT_MONEYBOOKERS_STATUS')) {
tep_redirect(tep_href_link('ext/modules/payment/moneybookers/activation.php', 'action=coreRequired'));
}
$zone_id = 0;
$zone_query = tep_db_query("select geo_zone_id from " . TABLE_GEO_ZONES . " where geo_zone_name = 'Moneybookers iDeal'");
if (tep_db_num_rows($zone_query)) {
$zone = tep_db_fetch_array($zone_query);
$zone_id = $zone['geo_zone_id'];
} else {
tep_db_query("insert into " . TABLE_GEO_ZONES . " values (null, 'Moneybookers iDeal', 'The zone for the Moneybookers iDeal payment module', null, now())");
$zone_id = tep_db_insert_id();
$country_query = tep_db_query("select countries_id from " . TABLE_COUNTRIES . " where countries_iso_code_2 = 'NL'");
if (tep_db_num_rows($country_query)) {
$country = tep_db_fetch_array($country_query);
tep_db_query("insert into " . TABLE_ZONES_TO_GEO_ZONES . " values (null, '" . (int) $country['countries_id'] . "', 0, '" . (int) $zone_id . "', null, now())");
}
}
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Moneybookers iDeal', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_STATUS', 'False', 'Do you want to accept Moneybookers iDeal payments?', '6', '3', 'tep_cfg_select_option(array(\\'True\\', \\'False\\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_ZONE', '" . (int) $zone_id . "', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Preparing Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_PREPARE_ORDER_STATUS_ID', '" . MODULE_PAYMENT_MONEYBOOKERS_PREPARE_ORDER_STATUS_ID . "', 'Set the status of prepared orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Transactions Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_TRANSACTIONS_ORDER_STATUS_ID', '" . MODULE_PAYMENT_MONEYBOOKERS_TRANSACTIONS_ORDER_STATUS_ID . "', 'Set the status of callback transactions to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_IDL_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
}
function userLoginCheck()
{
global $navigation, $login_account_number;
if (!tep_session_is_registered('login_account_number') || !tep_not_null($login_account_number)) {
$navigation->set_snapshot();
tep_redirect(get_href_link(PAGE_LOGIN, '', 'SSL'));
}
}
function validate_array_selection($entity, $action = 'list')
{
extract(tep_load('defs', 'message_stack'));
if (!isset($_POST[$entity]) || !is_array($_POST[$entity]) || !count($_POST[$entity])) {
$msg->add_session(WARNING_NOTHING_SELECTED, 'warning');
tep_redirect(tep_href_link($cDefs->script, tep_get_all_get_params('action') . 'action=' . $action));
}
}
function osC_Checkout_Payment()
{
global $osC_Database, $osC_Session, $osC_Customer, $osC_Services, $breadcrumb, $cart, $total_weight, $total_count, $payment_modules;
if ($cart->count_contents() < 1) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT, '', 'SSL'));
}
if ($osC_Services->isStarted('breadcrumb')) {
$breadcrumb->add(NAVBAR_TITLE_CHECKOUT_PAYMENT, tep_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL'));
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if ($osC_Session->exists('shipping') == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL'));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($cart->cartID) && $osC_Session->exists('cartID')) {
if ($cart->cartID != $osC_Session->value('cartID')) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL'));
}
}
// Stock Check
if (STOCK_CHECK == 'true' && STOCK_ALLOW_CHECKOUT != 'true') {
$products = $cart->get_products();
for ($i = 0, $n = sizeof($products); $i < $n; $i++) {
if (tep_check_stock($products[$i]['id'], $products[$i]['quantity'])) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'SSL'));
break;
}
}
}
// redirect to the billing address page when no default address exists
if ($osC_Customer->hasDefaultAddress() === false) {
$this->page_contents = 'checkout_payment_address.php';
}
// if no billing destination address was selected, use the customers own address as default
if ($osC_Session->exists('billto') == false) {
$osC_Session->set('billto', $osC_Customer->default_address_id);
} else {
// verify the selected billing address
$Qcheck = $osC_Database->query('select count(*) as total from :table_address_book where customers_id = :customers_id and address_book_id = :address_book_id');
$Qcheck->bindTable(':table_address_book', TABLE_ADDRESS_BOOK);
$Qcheck->bindInt(':customers_id', $osC_Customer->id);
$Qcheck->bindInt(':address_book_id', $osC_Session->value('billto'));
$Qcheck->execute();
if ($Qcheck->valueInt('total') != 1) {
$osC_Session->set('billto', $osC_Customer->default_address_id);
$osC_Session->remove('payment');
}
}
$total_weight = $cart->show_weight();
$total_count = $cart->count_contents();
// load all enabled payment modules
require DIR_WS_CLASSES . 'payment.php';
$payment_modules = new payment();
if (isset($_GET['payment_error']) && is_object(${$_GET['payment_error']}) && ($error = ${$_GET['payment_error']}->get_error())) {
$messageStack->add('checkout_payment', $error['error'], 'error');
}
}
function execute()
{
global $order_id;
if ((int) MODULE_CONTENT_CHECKOUT_SUCCESS_REDIRECT_OLD_ORDER_MINUTES > 0) {
$check_query = tep_db_query("select 1 from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "' and date_purchased < date_sub(now(), interval '" . (int) MODULE_CONTENT_CHECKOUT_SUCCESS_REDIRECT_OLD_ORDER_MINUTES . "' minute)");
if (tep_db_num_rows($check_query)) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
}
}
}
function process_options()
{
global $g_script, $messageStack;
$cStrings =& $this->strings;
// Prepare the options array for storage
$options_array = array('text_pages' => isset($_POST['text_pages']) ? 1 : 0, 'text_collections' => isset($_POST['text_collections']) ? 1 : 0, 'image_collections' => isset($_POST['image_collections']) ? 1 : 0);
// Store user options
$this->save_options($options_array);
$messageStack->add_session(sprintf($cStrings->SUCCESS_PLUGIN_RECONFIGURED, $this->title), 'success');
tep_redirect(tep_href_link($g_script, tep_get_all_get_params(array('action')) . 'action=set_options'));
}
function process_options()
{
extract(tep_load('defs', 'message_stack'));
$cStrings =& $this->strings;
// Prepare the options array for storage
$options_array = array('max_cols' => isset($_POST['max_cols']) && $_POST['max_cols'] > 0 ? (int) $_POST['max_cols'] : $options_array['max_cols'], 'max_drop' => isset($_POST['max_drop']) && $_POST['max_drop'] > 0 ? (int) $_POST['max_drop'] : $options_array['max_drop'], 'max_width' => isset($_POST['max_width']) && $_POST['max_width'] > 0 ? (int) $_POST['max_width'] : $options_array['max_width'], 'border_width' => isset($_POST['border_width']) ? (int) $_POST['border_width'] : $options_array['border_width'], 'font_size' => isset($_POST['font_size']) && $_POST['font_size'] > 0 ? (int) $_POST['font_size'] : $options_array['font_size'], 'font_pad' => isset($_POST['font_pad']) ? (int) $_POST['font_pad'] : $options_array['font_pad']);
// Store user options
$this->save_options($options_array);
$msg->add_session(sprintf($cStrings->SUCCESS_PLUGIN_RECONFIGURED, $this->title), 'success');
tep_redirect(tep_href_link($cDefs->script, tep_get_all_get_params('action') . 'action=set_options'));
}
function install()
{
if (!defined('MODULE_PAYMENT_MONEYBOOKERS_STATUS')) {
tep_redirect(tep_href_link('ext/modules/payment/moneybookers/activation.php', 'action=coreRequired'));
}
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Moneybookers Bank Transfer', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_STATUS', 'False', 'Do you want to accept Moneybookers Bank Transfer payments?', '6', '3', 'tep_cfg_select_option(array(\\'True\\', \\'False\\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_ZONE', '0', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Preparing Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_PREPARE_ORDER_STATUS_ID', '" . MODULE_PAYMENT_MONEYBOOKERS_PREPARE_ORDER_STATUS_ID . "', 'Set the status of prepared orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Transactions Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_TRANSACTIONS_ORDER_STATUS_ID', '" . MODULE_PAYMENT_MONEYBOOKERS_TRANSACTIONS_ORDER_STATUS_ID . "', 'Set the status of callback transactions to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_MONEYBOOKERS_BWI_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
}
function tep_doautologin()
{
global $HTTP_COOKIE_VARS, $cart, $cart_cs, $cart_fv, $cart_pr, $customer_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id;
global $navigation;
if (isset($HTTP_COOKIE_VARS['osC_AutoCookieLogin'])) {
$ip_address = tep_get_ip_address();
$check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where md5(CONCAT(customers_id,customers_email_address,customers_password,'" . $ip_address . "'))= '" . $HTTP_COOKIE_VARS['osC_AutoCookieLogin'] . "'");
if (tep_db_num_rows($check_customer_query)) {
$check_customer = tep_db_fetch_array($check_customer_query);
if (SESSION_RECREATE == 'True') {
tep_session_recreate();
}
$check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = tep_db_fetch_array($check_country_query);
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
if (!tep_session_is_registered('customer_id')) {
tep_session_register('customer_id');
}
if (!tep_session_is_registered('customer_default_address_id')) {
tep_session_register('customer_default_address_id');
}
if (!tep_session_is_registered('customer_first_name')) {
tep_session_register('customer_first_name');
}
if (!tep_session_is_registered('customer_country_id')) {
tep_session_register('customer_country_id');
}
if (!tep_session_is_registered('customer_zone_id')) {
tep_session_register('customer_zone_id');
}
tep_autologincookie(true);
// Save cookie
tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'");
$cart->restore_contents();
// restore cart contents
$cart_cs->restore_contents();
$cart_fv->restore_contents();
$cart_pr->restore_contents();
if (sizeof($navigation->snapshot) > 0) {
$origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
$navigation->clear_snapshot();
tep_redirect($origin_href);
} else {
// tep_redirect(tep_href_link(FILENAME_DEFAULT));
tep_redirect(substr(tep_href_link(getenv('REQUEST_URI')), strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)));
}
}
}
}
function process_options()
{
extract(tep_load('defs', 'message_stack'));
$cStrings =& $this->strings;
// Prepare the options array for storage
$options_array = $this->load_options();
$options_array['text_pages'] = isset($_POST['text_pages']) ? 1 : 0;
$options_array['text_collections'] = isset($_POST['text_collections']) ? 1 : 0;
$options_array['image_collections'] = isset($_POST['image_collections']) ? 1 : 0;
// Store user options
$this->save_options($options_array);
$msg->add_session(sprintf($cStrings->SUCCESS_PLUGIN_RECONFIGURED, $this->title), 'success');
tep_redirect(tep_href_link($cDefs->script, tep_get_all_get_params('action') . 'action=set_options'));
}
function _process()
{
$notify_string = 'action=notify&';
$notify = isset($_POST['notify']) ? $_POST['notify'] : array();
if (!is_array($notify)) {
$notify = array($notify);
}
for ($i = 0, $n = sizeof($notify); $i < $n; $i++) {
$notify_string .= 'notify[]=' . $notify[$i] . '&';
}
if (strlen($notify_string) > 0) {
$notify_string = substr($notify_string, 0, -1);
}
tep_redirect(tep_href_link(FILENAME_DEFAULT, $notify_string));
}
function init_sessions()
{
extract(tep_load('defs', 'database', 'sessions', 'http_headers'));
if ($cDefs->action != 'direct_management') {
return false;
}
if (!isset($_POST['dm_select']) || $_POST['dm_select'] != 'confirm') {
return false;
}
$db->query("delete from " . TABLE_SESSIONS . " where sesskey = '" . $db->filter($cSessions->id) . "'");
$sql_data_array = array('sesskey' => $cSessions->id, 'ip_long' => $http->ip_string, 'value' => base64_encode(serialize(array())), 'expiry' => $cSessions->get_life());
$db->perform(TABLE_SESSIONS, $sql_data_array);
tep_redirect(tep_catalog_href_link('', $this->options['admin_key'] . '=' . $cSessions->id, 'SSL'));
return true;
}
function tep_redirect($url)
{
global $logger;
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
header('Location: ' . $url);
if (STORE_PAGE_PARSE_TIME == 'true') {
if (!is_object($logger)) {
$logger = new logger();
}
$logger->timer_stop();
}
exit;
}
function tep_redirect($url) {
if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page
if (HTTP_SERVER != "" && substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
}
}
header('Location: ' . $url);
tep_exit();
}
function preRender()
{
if (isset($_POST['edit'])) {
if ($this->itemSave($_POST['edit'], $this->getItem($_POST['edit']))) {
tep_redirect($this->makeLink());
return false;
}
} else {
if (isset($_GET['delete'])) {
$this->itemDelete($_GET['delete'], $this->getItem($_GET['delete']));
tep_redirect($this->makeLink());
return false;
}
}
return true;
}
protected function index()
{
$this->data['button_confirm'] = $this->language->get('button_confirm');
$this->data['button_back'] = $this->language->get('button_back');
if (!$this->config->get('paypal_express_test')) {
$this->data['action'] = 'https://www.paypal_express.com/cgi-bin/webscr';
} else {
$this->data['action'] = 'https://www.sandbox.paypal_express.com/cgi-bin/webscr';
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
if (MODULE_PAYMENT_PAYPAL_EXPRESS_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://api-3t.paypal.com/nvp';
} else {
$api_url = 'https://api-3t.sandbox.paypal.com/nvp';
}
$params = array('USER' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_SIGNATURE, 'METHOD' => 'DoExpressCheckoutPayment', 'TOKEN' => $ppe_token, 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_EXPRESS_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'PAYERID' => $ppe_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_EC');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
$this->data['back'] = $this->url->https('checkout/payment');
$this->id = 'payment';
$this->template = $this->config->get('config_template') . 'payment/paypal_express.tpl';
$this->render();
}
protected function index()
{
$this->data['button_confirm'] = $this->language->get('button_confirm');
$this->data['button_back'] = $this->language->get('button_back');
if (!$this->config->get('pp_express_test')) {
$this->data['action'] = 'https://www.pp_express.com/cgi-bin/webscr';
} else {
$this->data['action'] = 'https://www.sandbox.pp_express.com/cgi-bin/webscr';
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
if (!$this->config->get('pp_direct_test')) {
$api_endpoint = 'https://api-3t.pp.com/nvp';
} else {
$api_endpoint = 'https://api-3t.sandbox.pp.com/nvp';
}
$payment_data = array('USER' => $this->config->get('pp_direct_username'), 'PWD' => $this->config->get('pp_direct_password'), 'VERSION' => '3.2', 'SIGNATURE' => $this->config->get('pp_direct_signature'), 'METHOD' => 'DoExpressCheckoutPayment', 'TOKEN' => $ppe_token, 'PAYMENTACTION' => MODULE_PAYMENT_pp_EXPRESS_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'PAYERID' => $ppe_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_EC');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
$this->data['back'] = HTTPS_SERVER . 'index.php?route=checkout/payment';
$this->id = 'payment';
if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/payment/pp_express.tpl')) {
$this->template = $this->config->get('config_template') . '/template/payment/pp_express.tpl';
} else {
$this->template = 'default/template/payment/pp_express.tpl';
}
$this->response->setOutput($this->render(TRUE), $this->config->get('config_compression'));
}
function tep_redirect($url)
{
global $logger;
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
tep_redirect(tep_href_link('index.php', '', 'SSL', false));
}
if (strpos($url, '&') !== false) {
$url = str_replace('&', '&', $url);
}
header('Location: ' . $url);
if (STORE_PAGE_PARSE_TIME == 'true') {
if (!is_object($logger)) {
$logger = new logger();
}
$logger->timer_stop();
}
exit;
}
function tep_redirect($url)
{
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
tep_redirect(tep_href_link('index.php', '', 'NONSSL', false));
}
if (ENABLE_SSL == true && getenv('HTTPS') == 'on') {
// We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)) == HTTP_SERVER . DIR_WS_HTTP_CATALOG) {
// NONSSL url
$url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG));
// Change it to SSL
}
}
if (strpos($url, '&') !== false) {
$url = str_replace('&', '&', $url);
}
header('Location: ' . $url);
tep_exit();
}
function tep_redirect($url)
{
global $request_type;
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
if (ENABLE_SSL == true && $request_type == 'SSL') {
// We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)) == HTTP_SERVER . DIR_WS_HTTP_CATALOG) {
// NONSSL url
$url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG));
// Change it to SSL
}
}
if (strpos($url, '&') !== false) {
$url = str_replace('&', '&', $url);
}
header('Location: ' . $url);
tep_exit();
}
/**
* ULTIMATE Seo Urls 5 PRO by FWR Media
* Redirect to another page or site
*/
function tep_redirect($url)
{
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
if (ENABLE_SSL == true && getenv('HTTPS') == 'on') {
// We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) {
// NONSSL url
$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER));
// Change it to SSL
}
}
if (false !== strpos($url, '&')) {
$url = str_replace('&', '&', $url);
}
session_write_close();
header('Location: ' . $url);
exit;
}
function tep_redirect_to_shop($shop_id = '', $country_code = '')
{
global $request_type, $_SERVER;
$shop_url = '';
if ($shop_id > 0) {
$shop_info_query = tep_db_query("select shops_url, shops_ssl from " . TABLE_SHOPS . " where shops_id = '" . (int) $shop_id . "'");
$shop_info = tep_db_fetch_array($shop_info_query);
if ($shop_id != SHOP_ID) {
$shop_url = $request_type == 'SSL' && tep_not_null($shop_info['shops_ssl']) ? $shop_info['shops_ssl'] : $shop_info['shops_url'];
}
} elseif (tep_not_null($country_code)) {
$all_countries = tep_get_shops_countries(0, 1);
if ($all_countries[$country_code]['shop_id'] != SHOP_ID) {
$shop_url = $request_type == 'SSL' && tep_not_null($all_countries[$country_code]['shop_ssl']) ? $all_countries[$country_code]['shop_ssl'] : $all_countries[$country_code]['shop_url'];
}
}
if (tep_not_null($shop_url)) {
tep_redirect($shop_url . $_SERVER['REQUEST_URI'], '301');
}
}
