function yay_parse(string $source, Directives $directives = null, BlueContext $blueContext = null) : string
{
if ($gc = gc_enabled()) {
gc_disable();
}
// important optimization!
static $globalDirectives = null;
if (null === $globalDirectives) {
$globalDirectives = new ArrayObject();
}
$directives = $directives ?: new Directives();
$blueContext = $blueContext ?: new BlueContext();
$cg = (object) ['ts' => TokenStream::fromSource($source), 'directives' => $directives, 'cycle' => new Cycle($source), 'globalDirectives' => $globalDirectives, 'blueContext' => $blueContext];
foreach ($cg->globalDirectives as $d) {
$cg->directives->add($d);
}
traverse(midrule(function (TokenStream $ts) use($directives, $blueContext) {
$token = $ts->current();
tail_call:
if (null === $token) {
return;
}
// skip when something looks like a new macro to be parsed
if ('macro' === (string) $token) {
return;
}
// here we do the 'magic' to match and expand userland macros
$directives->apply($ts, $token, $blueContext);
$token = $ts->next();
goto tail_call;
}), consume(chain(token(T_STRING, 'macro')->as('declaration'), optional(repeat(rtoken('/^·\\w+$/')))->as('tags'), lookahead(token('{')), commit(chain(braces()->as('pattern'), operator('>>'), braces()->as('expansion')))->as('body'), optional(token(';'))), CONSUME_DO_TRIM)->onCommit(function (Ast $macroAst) use($cg) {
$scope = Map::fromEmpty();
$tags = Map::fromValues(array_map('strval', $macroAst->{'tags'}));
$pattern = new Pattern($macroAst->{'declaration'}->line(), $macroAst->{'body pattern'}, $tags, $scope);
$expansion = new Expansion($macroAst->{'body expansion'}, $tags, $scope);
$macro = new Macro($tags, $pattern, $expansion, $cg->cycle);
$cg->directives->add($macro);
// allocate the userland macro
// allocate the userland macro globally if it's declared as global
if ($macro->tags()->contains('·global')) {
$cg->globalDirectives[] = $macro;
}
}))->parse($cg->ts);
$expansion = (string) $cg->ts;
if ($gc) {
gc_enable();
}
return $expansion;
}
public function editCustomer($customer_id, $data)
{
if (!isset($data['custom_field'])) {
$data['custom_field'] = array();
}
$this->db->query("UPDATE " . DB_PREFIX . "customer SET customer_group_id = '" . (int) $data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "', newsletter = '" . (int) $data['newsletter'] . "', status = '" . (int) $data['status'] . "', approved = '" . (int) $data['approved'] . "', safe = '" . (int) $data['safe'] . "' WHERE customer_id = '" . (int) $customer_id . "'");
//+mod by yp start
if (isset($data['affiliate_id']) && mta_check_int($data['affiliate_id'])) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET affiliate_id='" . (int) $data['affiliate_id'] . "' where customer_id='" . (int) $customer_id . "'");
}
//+mod by yp end
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password'])))) . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
$this->db->query("DELETE FROM " . DB_PREFIX . "address WHERE customer_id = '" . (int) $customer_id . "'");
if (isset($data['address'])) {
foreach ($data['address'] as $address) {
if (!isset($address['custom_field'])) {
$address['custom_field'] = array();
}
$this->db->query("INSERT INTO " . DB_PREFIX . "address SET address_id = '" . (int) $address['address_id'] . "', customer_id = '" . (int) $customer_id . "', firstname = '" . $this->db->escape($address['firstname']) . "', lastname = '" . $this->db->escape($address['lastname']) . "', company = '" . $this->db->escape($address['company']) . "', address_1 = '" . $this->db->escape($address['address_1']) . "', address_2 = '" . $this->db->escape($address['address_2']) . "', city = '" . $this->db->escape($address['city']) . "', postcode = '" . $this->db->escape($address['postcode']) . "', country_id = '" . (int) $address['country_id'] . "', zone_id = '" . (int) $address['zone_id'] . "', custom_field = '" . $this->db->escape(isset($address['custom_field']) ? json_encode($address['custom_field']) : '') . "'");
if (isset($address['default'])) {
$address_id = $this->db->getLastId();
$this->db->query("UPDATE " . DB_PREFIX . "customer SET address_id = '" . (int) $address_id . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
}
}
}
public function editAffiliate($affiliate_id, $data)
{
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', company = '" . $this->db->escape($data['company']) . "', website = '" . $this->db->escape($data['website']) . "', address_1 = '" . $this->db->escape($data['address_1']) . "', address_2 = '" . $this->db->escape($data['address_2']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int) $data['country_id'] . "', zone_id = '" . (int) $data['zone_id'] . "', code = '" . $this->db->escape($data['code']) . "', commission = '" . (double) $data['commission'] . "', tax = '" . $this->db->escape($data['tax']) . "', payment = '" . $this->db->escape($data['payment']) . "', cheque = '" . $this->db->escape($data['cheque']) . "', paypal = '" . $this->db->escape($data['paypal']) . "', bank_name = '" . $this->db->escape($data['bank_name']) . "', bank_branch_number = '" . $this->db->escape($data['bank_branch_number']) . "', bank_swift_code = '" . $this->db->escape($data['bank_swift_code']) . "', bank_account_name = '" . $this->db->escape($data['bank_account_name']) . "', bank_account_number = '" . $this->db->escape($data['bank_account_number']) . "', status = '" . (int) $data['status'] . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password'])))) . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
}
}
public function editCustomer($customer_id, $data)
{
if (!isset($data['custom_field'])) {
$data['custom_field'] = array();
}
//RIP modifications: make the editCustomer flexible in order to use in dashboard.php
if (isset($data['firstname'])) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET customer_group_id = '" . (int) $data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "', status = '" . (int) $data['status'] . "', approved = '" . (int) $data['approved'] . "', folder_name = '" . $data['folder_name'] . "' WHERE customer_id = '" . (int) $customer_id . "'");
} elseif (isset($data['status'])) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET status = '" . (int) $data['status'] . "'");
}
//RIP modifications:End.
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password'])))) . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
$this->db->query("DELETE FROM " . DB_PREFIX . "address WHERE customer_id = '" . (int) $customer_id . "'");
if (isset($data['address'])) {
foreach ($data['address'] as $address) {
if (!isset($address['custom_field'])) {
$address['custom_field'] = array();
}
$this->db->query("INSERT INTO " . DB_PREFIX . "address SET address_id = '" . (int) $address['address_id'] . "', customer_id = '" . (int) $customer_id . "', firstname = '" . $this->db->escape($address['firstname']) . "', lastname = '" . $this->db->escape($address['lastname']) . "', company = '" . $this->db->escape($address['company']) . "', address_1 = '" . $this->db->escape($address['address_1']) . "', address_2 = '" . $this->db->escape($address['address_2']) . "', city = '" . $this->db->escape($address['city']) . "', postcode = '" . $this->db->escape($address['postcode']) . "', country_id = '" . (int) $address['country_id'] . "', zone_id = '" . (int) $address['zone_id'] . "', custom_field = '" . $this->db->escape(isset($address['custom_field']) ? json_encode($address['custom_field']) : '') . "'");
if (isset($address['default'])) {
$address_id = $this->db->getLastId();
$this->db->query("UPDATE " . DB_PREFIX . "customer SET address_id = '" . (int) $address_id . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
}
}
}
public function editPassword($email, $password)
{
$affiliate_id = $this->affiliate->getId();
$this->event->trigger('pre.affiliate.edit.password', $affiliate_id);
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '******' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
$this->event->trigger('post.affiliate.edit.password', $affiliate_id);
}
/**
* 生成和更新token 并保持到数据库
* @method update_token
*
* @author 云小印[xxx@yunyin.org]
*
* @param mixed $info 用户id或者token值
* @param int $type 用户类型,读取配置
* @return mixed 操作成功返回token值
*/
function update_token($info, $type = null)
{
$Token = M('token');
switch ($type) {
case C('ADMIN'):
case C('STUDENT'):
case C('PRINTER'):
case C('PRINTER_WEB'):
case C('STUDENT_API'):
$data['to_id'] = $info;
$data['type'] = $type;
$Token->where($data)->delete();
//删除之前的token;再更新token
$token = token($info);
$data['token'] = md5($token);
if (!$Token->add($data)) {
return false;
}
break;
default:
if (!preg_match('/^\\d+/', $info, $result)) {
return false;
}
$id = $result[0];
$data['to_id'] = $id;
$data['token'] = md5($info);
$token = token($id);
if (!$Token->where($data)->save(array('token' => md5($token)))) {
return false;
}
break;
}
return $token;
}
/**
* index()
* 登录和注册验证处理
* @param post.number 学号
* @param post.password 密码
*/
public function index()
{
$this->_checkHttps();
$number = I('post.number', null, C('REGEX_NUMBER'));
$password = I('post.password');
if (!$number || !$password) {
$this->error(L('WRONG_FORMAT'), C('BASE_URL'));
}
$User = M('User');
$user = $User->where('student_number="%s"', $number)->field('id,password,status')->find();
if ($user) {
$login_id = $this->_login($number, $password, $user);
if (!$login_id) {
$this->error(L('LOGIN_FAIL'), C('BASE_URL'));
} else {
/*登录成功开始跳转*/
S($key, null);
$token = md5(token($login_id));
S('AUTH_' . $token, $login_id, 300);
redirect(C('BASE_URL') . '/Auth/token?type=login&key=' . $token);
}
} else {
/*未注册尝试验证*/
$data = $this->_verify($number, $password);
if (!$data) {
$this->error($this->err, C('BASE_URL'));
} else {
/*验证成功缓存验证信息并跳转*/
S($key, null);
$token = md5($number . token($number));
S('REG_' . $token, $data, 300);
redirect(C('BASE_URL') . '/Auth/token?type=register&key=' . $token);
}
}
}
function converteComandosTxt($txt, $campanha, $dtvalidade)
{
//altera variaveis
$conn = new conn();
$codigo = token();
$conn->insert(array('dtCad' => date("Y-m-d"), 'campanha' => $campanha, 'codigo_cupom' => $codigo, 'dtvalidade' => $dtvalidade, 'usuario_acao' => $_SESSION["login"]["usuario"], 'status' => 0), "", "cupom");
$txt = str_replace("&CODE&", $codigo, $txt);
return $txt;
}
public function editAffiliate($affiliate_id, $data)
{
$this->event->trigger('pre.admin.affiliate.edit', $data);
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET fullname = '" . $this->db->escape($data['fullname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', company = '" . $this->db->escape($data['company']) . "', website = '" . $this->db->escape($data['website']) . "', address = '" . $this->db->escape($data['address']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int) $data['country_id'] . "', zone_id = '" . (int) $data['zone_id'] . "', code = '" . $this->db->escape($data['code']) . "', commission = '" . (double) $data['commission'] . "', tax = '" . $this->db->escape($data['tax']) . "', payment = '" . $this->db->escape($data['payment']) . "', cheque = '" . $this->db->escape($data['cheque']) . "', paypal = '" . $this->db->escape($data['paypal']) . "', bank_name = '" . $this->db->escape($data['bank_name']) . "', bank_account_name = '" . $this->db->escape($data['bank_account_name']) . "', bank_account_number = '" . $this->db->escape($data['bank_account_number']) . "', alipay_account_name = '" . $this->db->escape($data['alipay_account_name']) . "', alipay = '" . $this->db->escape($data['alipay']) . "', status = '" . (int) $data['status'] . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password'])))) . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
}
$this->event->trigger('post.admin.affiliate.edit', $affiliate_id);
}
public function index()
{
$this->language->load('tool/upload');
$json = array();
if (!empty($this->request->files['file']['name']) && is_file($this->request->files['file']['tmp_name'])) {
// Sanitize the filename
$filename = basename(preg_replace('/[^a-zA-Z0-9\\.\\-\\s+]/', '', html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8')));
// Validate the filename length
if (utf8_strlen($filename) < 3 || utf8_strlen($filename) > 64) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$extension_allowed = preg_replace('~\\r?\\n~', "\n", $this->config->get('config_file_ext_allowed'));
$filetypes = explode("\n", $extension_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$mime_allowed = preg_replace('~\\r?\\n~', "\n", $this->config->get('config_file_mime_allowed'));
$filetypes = explode("\n", $mime_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Check to see if any PHP files are trying to be uploaded
$content = file_get_contents($this->request->files['file']['tmp_name']);
if (preg_match('/\\<\\?php/i', $content)) {
$json['error'] = $this->language->get('error_filetype');
}
// Return any upload error
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
if (!$json) {
$file = $filename . '.' . token(32);
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
// Hide the uploaded file name so people can not link to it directly.
$this->load->model('tool/upload');
$json['code'] = $this->model_tool_upload->addUpload($filename, $file);
$json['success'] = $this->language->get('text_upload');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function testCreatingAndLoggingInACustomer()
{
$this->db->query("INSERT INTO " . DB_PREFIX . "customer SET customer_group_id = '1', store_id = '" . (int) $this->config->get('config_store_id') . "', firstname = 'Test', lastname = 'Customer', email = '*****@*****.**', telephone = '123456789', fax = '123456789', custom_field = '', salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password')))) . "', newsletter = '0', ip = '127.0.0.1', status = '1', approved = '1', date_added = NOW()");
$customer_id = $this->db->getLastId();
$this->assertTrue($this->login('*****@*****.**', 'password'));
$this->assertTrue(!!$this->customer->isLogged());
$response = $this->dispatchAction('account/edit');
$this->assertRegExp('/Your Personal Details/', $response->getOutput());
$this->logout();
$this->assertFalse(!!$this->customer->isLogged());
}
public function testHelloCustomerGreeting()
{
// add examplary customer
$this->db->query("INSERT INTO " . DB_PREFIX . "customer SET customer_group_id = '1', store_id = '" . (int) $this->config->get('config_store_id') . "', firstname = 'Test', lastname = 'Customer', email = '*****@*****.**', telephone = '123456789', fax = '123456789', custom_field = '', salt = '" . $this->db->escape($salt = token(9)) . "', password = '******'password')))) . "', newsletter = '0', ip = '127.0.0.1', status = '1', approved = '1', date_added = NOW()");
$this->login('*****@*****.**', 'password');
$response = $this->dispatchAction('hello/world');
$output = json_decode($response->getOutput(), true);
$this->assertEquals('Hello Test Customer', $output['greeting']);
$this->logout();
// delete customers
$this->db->query("DELETE FROM " . DB_PREFIX . "customer");
}
function hygienize(TokenStream $ts, string $scope) : TokenStream
{
$ts->reset();
traverse(either(chain(token(T_STRING, '·unsafe'), parentheses()), either(token(T_VARIABLE)->as('target'), chain(identifier()->as('target'), token(':')), chain(token(T_GOTO), identifier()->as('target')))->onCommit(function (Ast $result) use($scope) {
(function () use($scope) {
if ((string) $this !== '$this') {
$this->value = (string) $this . '·' . $scope;
}
})->call($result->target);
}), any()))->parse($ts);
$ts->reset();
return $ts;
}
/**
* Move the tmp file to desired location
* @param $file
* @param string $path
* @return string|void
*/
public function moveFile($file, $path = '')
{
$name = token();
$extension = $file->guessClientExtension();
$filename = $name . '.' . $extension;
$imageTmp = Image::make($file->getRealPath());
if (!$imageTmp) {
return notify()->error('Oops', 'Something went wrong', 'warning shake animated');
}
$path = upload_path_images($path);
$image = $imageTmp->save($path . $filename);
return $filename;
}
/**
* Create new session token or validate the token passed
*
* @param string $token value to validate
* @return string|boolean
*/
public static function token($token = NULL)
{
if (!isset($_SESSION)) {
return FALSE;
}
// If a token is given, then lets match it
if ($token !== NULL) {
if (!empty($_SESSION['token']) && $token === $_SESSION['token']) {
return TRUE;
}
return FALSE;
}
return $_SESSION['token'] = token();
}
function data()
{
$params = array();
$params['max_id'] = intval(v('max_id'));
if ($content = send_request('notice_list', $params, token())) {
//echo $content;
$data = json_decode($content, 1);
if (intval($data['err_code']) != 0) {
return false;
}
return render($data, 'ajax', 'raw');
}
return null;
}
public function createSubscription($subscription_for)
{
if (!$this->isUserSubscribed()) {
$user = R::dispense('subscriptions');
$user->email = $this->_email;
$user->category_id = $this->_category_id;
$user->city_id = $this->_city_id;
$user->token = token();
$user->is_confirmed = 0;
$user->created = R::isoDateTime();
$id = R::store($user);
$notif = new Notifications();
$notif->createSubscriptionMail($id, $user->token, $user->email, $subscription_for);
return $id;
}
return false;
}
function hygienize(TokenStream $ts, array $context) : TokenStream
{
$ts->reset();
$cg = (object) ['node' => null, 'context' => $context, 'ts' => $ts];
$saveNode = function (Parser $parser) use($cg) {
return midrule(function ($ts) use($cg, $parser) {
$cg->node = $ts->index();
return $parser->parse($ts);
});
};
traverse(chain(token(T_STRING, '··unsafe'), either(parentheses(), braces())), either($saveNode(token(T_VARIABLE)), chain($saveNode(identifier()), token(':')), chain(token(T_GOTO), $saveNode(identifier())))->onCommit(function (Ast $result) use($cg) {
if (($t = $cg->node->token) && ($value = (string) $t) !== '$this') {
$cg->node->token = new Token($t->type(), "{$value}·{$cg->context['scope']}", $t->line());
}
}))->parse($ts);
$ts->reset();
return $ts;
}
public function signup()
{
$data = (array) json_decode(file_get_contents("php://input"));
if ($data['password'] !== $data['repassword']) {
$this->jsonify(array('success' => false, 'message' => 'Password mismatch!'));
exit;
}
$this->load->helper('misc_helper');
$user = array('username' => $data['username'], 'email' => $data['email'], 'activated' => false, 'activation_code' => token(), 'password' => do_hash($data['password']));
$this->load->model('User');
if ($this->User->add_user($user) === true) {
$this->jsonify(array('success' => true, 'message' => 'User created successfully!', 'url' => 'login'));
exit;
} else {
$this->jsonify(array('success' => false, 'message' => 'User create failed!'));
exit;
}
}
/**
* method for user login
* @param string $username [description]
* @param string $password [description]
*/
public function loginUser($username, $password)
{
$password = hash('sha256', $password);
$username = trim($username);
$query = "select * from registrants where username = '******' and password = '******'";
$result = $this->db->fetchOne($query);
if ($result) {
//method for token in functions
$token = token(8);
$query = "update registrants set token = '{$token}' where username = '******'";
$this->db->execute($query);
//method for pass asterisk in functions ********
$asterisk = passAsterisk();
//success Login message from functions
successLogin($username, $token, $asterisk);
} else {
returnError('Password or username doesn`t exist.');
}
}
function note_page()
{
//初始化数据库
if (!get_data("SHOW TABLES LIKE 'note'")) {
run_sql('CREATE TABLE IF NOT EXISTS `note` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`uid` int(11) unsigned NOT NULL,
`content` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `uid` (`uid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;');
}
//读取列表数据
$note_list = send_request('note_list', array(), token());
$ret = json_decode($note_list, true);
//显示界面
$data = array('top_title' => '工作笔记', 'token' => token(), 'data' => $ret['data']);
$GLOBALS['c'] = 'dashboard';
//让TUDO菜单为选中状态
render($data, 'web', 'plugin', 'note');
}
public function database($data)
{
$db = new DB($data['db_driver'], $data['db_hostname'], $data['db_username'], $data['db_password'], $data['db_database'], $data['db_port']);
$file = DIR_APPLICATION . 'opencart.sql';
if (!file_exists($file)) {
exit('Could not load sql file: ' . $file);
}
$lines = file($file);
if ($lines) {
$sql = '';
foreach ($lines as $line) {
if ($line && substr($line, 0, 2) != '--' && substr($line, 0, 1) != '#') {
$sql .= $line;
if (preg_match('/;\\s*$/', $line)) {
$sql = str_replace("DROP TABLE IF EXISTS `oc_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $sql);
$sql = str_replace("CREATE TABLE `oc_", "CREATE TABLE `" . $data['db_prefix'], $sql);
$sql = str_replace("INSERT INTO `oc_", "INSERT INTO `" . $data['db_prefix'], $sql);
$db->query($sql);
$sql = '';
}
}
}
$db->query("SET CHARACTER SET utf8");
$db->query("SET @@session.sql_mode = 'MYSQL40'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "user` WHERE user_id = '1'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "user` SET user_id = '1', user_group_id = '1', username = '******'username']) . "', salt = '" . $db->escape($salt = token(9)) . "', password = '******'password'])))) . "', firstname = 'John', lastname = 'Doe', email = '" . $db->escape($data['email']) . "', status = '1', date_added = NOW()");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_email'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `code` = 'config', `key` = 'config_email', value = '" . $db->escape($data['email']) . "'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_url'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `code` = 'config', `key` = 'config_url', value = '" . $db->escape(HTTP_OPENCART) . "'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_encryption'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `code` = 'config', `key` = 'config_encryption', value = '" . $db->escape(token(1024)) . "'");
$db->query("UPDATE `" . $data['db_prefix'] . "product` SET `viewed` = '0'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "api` SET name = 'Default', `key` = '" . $db->escape(token(256)) . "', status = 1, date_added = NOW(), date_modified = NOW()");
$api_id = $db->getLastId();
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_api_id'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `code` = 'config', `key` = 'config_api_id', value = '" . (int) $api_id . "'");
$db->query("UPDATE `" . $data['db_prefix'] . "order` SET `store_url` = '" . HTTP_OPENCART . "'");
}
}
public function login($username, $password)
{
$this->errors["status"] = "failure";
$this->errors["message"] = array();
try {
// query the database
$sql = "SELECT user_id, username, firstname, salt, pwd, user_role FROM Users WHERE username = :username";
$pdo = $this->db->getConnection();
$query = $pdo->prepare($sql);
$query->bindValue(':username', $username, PDO::PARAM_STR);
$query->execute();
$result = $query->fetch(PDO::FETCH_OBJ);
// we have user. I saw that it might not be a good practice to do this check.
if (count($result) > 0) {
// let's verify the credentials.
$storedPassword = $result->pwd;
if (password_verify($password, $storedPassword)) {
// we have an user, let's create the TOKEN
$secretKey = base64_decode(SECRET_KEY);
// encode the array
$jwt = JWT::encode(token($result->user_id, $result->username, $result->user_role), $secretKey, 'HS256');
$this->token = array('jwt' => $jwt);
return TRUE;
} else {
//header("HTTP/1.0 401 Not Authorized No Match");
$this->errors["message"][] = "Please make sure password or username match.";
return FALSE;
}
} else {
//header("HTTP/1.0 401 Not Authorized");
$this->errors["message"][] = "Please make sure password or username match.";
return FALSE;
}
} catch (Exception $ex) {
//header("HTTP/1.0 500 Not Authorized");
$this->errors["message"][] = "Sorry, could not log you in. Please try later.";
return FALSE;
}
}
public function index()
{
$data = str_enhtml($this->input->post(NULL, TRUE));
if (is_array($data) && count($data) > 0) {
!token(1) && die('token验证失败');
!isset($data['username']) || strlen($data['username']) < 1 && die('用户名不能为空');
!isset($data['userpwd']) || strlen($data['userpwd']) < 1 && die('密码不能为空');
$sql = $this->login_model->login($data['username'], $data['userpwd']);
if ($sql) {
if (isset($data['ispwd']) && $data['ispwd'] == 1) {
$this->input->set_cookie('username', $data['username'], 3600000);
$this->input->set_cookie('userpwd', $data['userpwd'], 3600000);
}
$this->input->set_cookie('ispwd', $data['ispwd'], 3600000);
$this->data_model->logs('登陆成功 用户名:' . $data['username']);
die('1');
}
die('账号或密码错误');
} else {
$this->load->view('login', $data);
}
}
function todo_flow_item()
{
$uid = intval(z(v(t('uid'))));
if ($uid < 0) {
return ajax_echo('BAD UID');
}
$params = array();
$params['uid'] = $uid;
$params['ord'] = 'desc';
$params['by'] = 'last_action_at';
$params['count'] = '20';
if ($content = send_request('todo_list', $params, token())) {
$data = json_decode($content, 1);
$data['user'] = get_user_info_by_id($uid);
if (isset($data['data'])) {
foreach ($data['data'] as $k => $v) {
if ($v['is_follow'] == 1) {
unset($data['data'][$k]);
}
}
}
return render($data, 'ajax', 'plugin', 'todo_flow');
}
}
public function render(Document $doc)
{
//$this->config = config('front'); TODO uncomment
$this->prepare($doc);
$this->theme = $theme = app('config')['site']['theme'];
$layout = ifsetor($doc->data['layout'], 'page');
app('translator')->setLocale(app('contentLang'))->loadFrom('theme', $theme);
$doc->addScript('sydes-front', '/system/assets/js/front.js');
$doc->addStyle('sydes-front', '/system/assets/css/front.css');
$template = $this->getTemplate($theme, $layout);
$template = str_replace('{content}', ifsetor($doc->data['content']), $template);
$template = $this->compile($template);
unset($doc->data['content']);
$doc->findMetaTags();
$doc->meta['generator'] = 'SyDES';
foreach ($doc->meta as $name => $content) {
$whatName = in_array(substr($name, 0, 3), ['og:', 'fb:', 'al:']) ? 'property' : 'name';
$this->head[] = '<meta ' . $whatName . '="' . $name . '" content="' . $content . '">';
}
$this->fillHead();
foreach ($doc->links as $link) {
$this->head[] = '<link' . HTML::attr($link) . '>';
}
$this->fillFooter();
if (app('user')->isEditor()) {
$this->footer[] = $this->getToolbar();
}
$toReplace = array_merge($doc->data, ['language' => app('contentLang'), 'head' => implode("\n ", $this->head), 'footer' => implode("\n ", $this->footer), 'year' => date('Y'), 'theme' => 'themes/' . $theme, 'csrf_token' => token(32)]);
$find = $replace = [];
foreach ($toReplace as $key => $val) {
$find[] = '{' . $key . '}';
$replace[] = $val;
}
$template = str_replace($find, $replace, $template);
return preg_replace('!{\\w+}!', '', $template);
}
public function login_in($username, $password, $type)
{
if ($type == 1) {
$user = M('edit_user');
$return = $user->field('username')->where("username = {$username}")->find();
if (empty($return)) {
return $arr = array('id' => 1);
} else {
$return_a = $user->field('username,password,uuid,is_login')->where("username={$username} and password='******'")->find();
if (!empty($return_a)) {
$token = token();
session($token, $return_a['uuid']);
return $arr = array('id' => 0, 'token' => $token, 'is_login' => $return_a['is_login']);
} else {
return $arr = array('id' => 2);
}
}
} else {
if ($type == 2) {
$user = M('author_user');
$return = $user->field('username,uuid')->where("username = {$username}")->find();
if (!empty($return)) {
$return_a = $user->field('username,password,uuid,is_login')->where("username={$username},password={$password}")->find();
if (!empty($return_a)) {
$token = token();
session($token, $return_a['uuid']);
return $arr = array('id' => 0, 'token' => $token, 'is_login' => $return_a['is_login']);
} else {
return 2;
}
} else {
return 1;
}
}
}
}
public function upload()
{
$this->load->language('extension/installer');
$json = array();
// Check user has permission
if (!$this->user->hasPermission('modify', 'extension/installer')) {
$json['error'] = $this->language->get('error_permission');
}
if (!$json) {
if (!empty($this->request->files['file']['name'])) {
if (substr($this->request->files['file']['name'], -10) != '.ocmod.zip' && substr($this->request->files['file']['name'], -10) != '.ocmod.xml') {
$json['error'] = $this->language->get('error_filetype');
}
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
}
if (!$json) {
// If no temp directory exists create it
$path = 'temp-' . token(32);
if (!is_dir(DIR_UPLOAD . $path)) {
mkdir(DIR_UPLOAD . $path, 0777);
}
// Set the steps required for installation
$json['step'] = array();
$json['overwrite'] = array();
if (strrchr($this->request->files['file']['name'], '.') == '.xml') {
$file = DIR_UPLOAD . $path . '/install.xml';
// If xml file copy it to the temporary directory
move_uploaded_file($this->request->files['file']['tmp_name'], $file);
if (file_exists($file)) {
$json['step'][] = array('text' => $this->language->get('text_xml'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/xml', 'token=' . $this->session->data['token'], true)), 'path' => $path);
// Clear temporary files
$json['step'][] = array('text' => $this->language->get('text_remove'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/remove', 'token=' . $this->session->data['token'], true)), 'path' => $path);
} else {
$json['error'] = $this->language->get('error_file');
}
}
// If zip file copy it to the temp directory
if (strrchr($this->request->files['file']['name'], '.') == '.zip') {
$file = DIR_UPLOAD . $path . '/upload.zip';
move_uploaded_file($this->request->files['file']['tmp_name'], $file);
if (file_exists($file)) {
$zip = zip_open($file);
if ($zip) {
// Zip
$json['step'][] = array('text' => $this->language->get('text_unzip'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/unzip', 'token=' . $this->session->data['token'], true)), 'path' => $path);
// FTP
$json['step'][] = array('text' => $this->language->get('text_ftp'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/ftp', 'token=' . $this->session->data['token'], true)), 'path' => $path);
// Send make and array of actions to carry out
while ($entry = zip_read($zip)) {
$zip_name = zip_entry_name($entry);
// SQL
if (substr($zip_name, 0, 11) == 'install.sql') {
$json['step'][] = array('text' => $this->language->get('text_sql'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/sql', 'token=' . $this->session->data['token'], true)), 'path' => $path);
}
// XML
if (substr($zip_name, 0, 11) == 'install.xml') {
$json['step'][] = array('text' => $this->language->get('text_xml'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/xml', 'token=' . $this->session->data['token'], true)), 'path' => $path);
}
// PHP
if (substr($zip_name, 0, 11) == 'install.php') {
$json['step'][] = array('text' => $this->language->get('text_php'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/php', 'token=' . $this->session->data['token'], true)), 'path' => $path);
}
// Compare admin files
$file = DIR_APPLICATION . substr($zip_name, 13);
if (is_file($file) && substr($zip_name, 0, 13) == 'upload/admin/') {
$json['overwrite'][] = substr($zip_name, 7);
}
// Compare catalog files
$file = DIR_CATALOG . substr($zip_name, 15);
if (is_file($file) && substr($zip_name, 0, 15) == 'upload/catalog/') {
$json['overwrite'][] = substr($zip_name, 7);
}
// Compare image files
$file = DIR_IMAGE . substr($zip_name, 13);
if (is_file($file) && substr($zip_name, 0, 13) == 'upload/image/') {
$json['overwrite'][] = substr($zip_name, 7);
}
// Compare system files
$file = DIR_SYSTEM . substr($zip_name, 14);
if (is_file($file) && substr($zip_name, 0, 14) == 'upload/system/') {
$json['overwrite'][] = substr($zip_name, 7);
}
}
// Clear temporary files
$json['step'][] = array('text' => $this->language->get('text_remove'), 'url' => str_replace('&', '&', $this->url->link('extension/installer/remove', 'token=' . $this->session->data['token'], true)), 'path' => $path);
zip_close($zip);
} else {
$json['error'] = $this->language->get('error_unzip');
}
} else {
$json['error'] = $this->language->get('error_file');
}
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function index()
{
$redirect = '';
if ($this->cart->hasShipping()) {
// Validate if shipping address has been set.
if (!isset($this->session->data['shipping_address'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
// Validate if shipping method has been set.
if (!isset($this->session->data['shipping_method'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
} else {
unset($this->session->data['shipping_address']);
unset($this->session->data['shipping_method']);
unset($this->session->data['shipping_methods']);
}
// Validate if payment address has been set.
if (!isset($this->session->data['payment_address'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
// Validate if payment method has been set.
if (!isset($this->session->data['payment_method'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
// Validate cart has products and has stock.
if (!$this->cart->hasProducts() && empty($this->session->data['vouchers']) || !$this->cart->hasStock() && !$this->config->get('config_stock_checkout')) {
$redirect = $this->url->link('checkout/cart');
}
// Validate minimum quantity requirements.
$products = $this->cart->getProducts();
foreach ($products as $product) {
$product_total = 0;
foreach ($products as $product_2) {
if ($product_2['product_id'] == $product['product_id']) {
$product_total += $product_2['quantity'];
}
}
if ($product['minimum'] > $product_total) {
$redirect = $this->url->link('checkout/cart');
break;
}
}
if (!$redirect) {
$order_data = array();
$order_data['totals'] = array();
$total = 0;
$taxes = $this->cart->getTaxes();
$this->load->model('extension/extension');
$sort_order = array();
$results = $this->model_extension_extension->getExtensions('total');
foreach ($results as $key => $value) {
$sort_order[$key] = $this->config->get($value['code'] . '_sort_order');
}
array_multisort($sort_order, SORT_ASC, $results);
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('total/' . $result['code']);
$this->{'model_total_' . $result['code']}->getTotal($order_data['totals'], $total, $taxes);
}
}
$sort_order = array();
foreach ($order_data['totals'] as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $order_data['totals']);
$this->load->language('checkout/checkout');
$order_data['invoice_prefix'] = $this->config->get('config_invoice_prefix');
$order_data['store_id'] = $this->config->get('config_store_id');
$order_data['store_name'] = $this->config->get('config_name');
if ($order_data['store_id']) {
$order_data['store_url'] = $this->config->get('config_url');
} else {
$order_data['store_url'] = HTTP_SERVER;
}
if ($this->customer->isLogged()) {
$this->load->model('account/customer');
$customer_info = $this->model_account_customer->getCustomer($this->customer->getId());
$order_data['customer_id'] = $this->customer->getId();
$order_data['customer_group_id'] = $customer_info['customer_group_id'];
$order_data['firstname'] = $customer_info['firstname'];
$order_data['lastname'] = $customer_info['lastname'];
$order_data['email'] = $customer_info['email'];
$order_data['telephone'] = $customer_info['telephone'];
$order_data['fax'] = $customer_info['fax'];
$order_data['custom_field'] = json_decode($customer_info['custom_field'], true);
} elseif (isset($this->session->data['guest'])) {
$order_data['customer_id'] = 0;
$order_data['customer_group_id'] = $this->session->data['guest']['customer_group_id'];
$order_data['firstname'] = $this->session->data['guest']['firstname'];
$order_data['lastname'] = $this->session->data['guest']['lastname'];
$order_data['email'] = $this->session->data['guest']['email'];
$order_data['telephone'] = $this->session->data['guest']['telephone'];
$order_data['fax'] = $this->session->data['guest']['fax'];
$order_data['custom_field'] = $this->session->data['guest']['custom_field'];
}
$order_data['payment_firstname'] = $this->session->data['payment_address']['firstname'];
$order_data['payment_lastname'] = $this->session->data['payment_address']['lastname'];
$order_data['payment_company'] = $this->session->data['payment_address']['company'];
$order_data['payment_address_1'] = $this->session->data['payment_address']['address_1'];
$order_data['payment_address_2'] = $this->session->data['payment_address']['address_2'];
$order_data['payment_city'] = $this->session->data['payment_address']['city'];
$order_data['payment_postcode'] = $this->session->data['payment_address']['postcode'];
$order_data['payment_zone'] = $this->session->data['payment_address']['zone'];
$order_data['payment_zone_id'] = $this->session->data['payment_address']['zone_id'];
$order_data['payment_country'] = $this->session->data['payment_address']['country'];
$order_data['payment_country_id'] = $this->session->data['payment_address']['country_id'];
$order_data['payment_address_format'] = $this->session->data['payment_address']['address_format'];
$order_data['payment_custom_field'] = isset($this->session->data['payment_address']['custom_field']) ? $this->session->data['payment_address']['custom_field'] : array();
if (isset($this->session->data['payment_method']['title'])) {
$order_data['payment_method'] = $this->session->data['payment_method']['title'];
} else {
$order_data['payment_method'] = '';
}
if (isset($this->session->data['payment_method']['code'])) {
$order_data['payment_code'] = $this->session->data['payment_method']['code'];
} else {
$order_data['payment_code'] = '';
}
if ($this->cart->hasShipping()) {
$order_data['shipping_firstname'] = $this->session->data['shipping_address']['firstname'];
$order_data['shipping_lastname'] = $this->session->data['shipping_address']['lastname'];
$order_data['shipping_company'] = $this->session->data['shipping_address']['company'];
$order_data['shipping_address_1'] = $this->session->data['shipping_address']['address_1'];
$order_data['shipping_address_2'] = $this->session->data['shipping_address']['address_2'];
$order_data['shipping_city'] = $this->session->data['shipping_address']['city'];
$order_data['shipping_postcode'] = $this->session->data['shipping_address']['postcode'];
$order_data['shipping_zone'] = $this->session->data['shipping_address']['zone'];
$order_data['shipping_zone_id'] = $this->session->data['shipping_address']['zone_id'];
$order_data['shipping_country'] = $this->session->data['shipping_address']['country'];
$order_data['shipping_country_id'] = $this->session->data['shipping_address']['country_id'];
$order_data['shipping_address_format'] = $this->session->data['shipping_address']['address_format'];
$order_data['shipping_custom_field'] = isset($this->session->data['shipping_address']['custom_field']) ? $this->session->data['shipping_address']['custom_field'] : array();
if (isset($this->session->data['shipping_method']['title'])) {
$order_data['shipping_method'] = $this->session->data['shipping_method']['title'];
} else {
$order_data['shipping_method'] = '';
}
if (isset($this->session->data['shipping_method']['code'])) {
$order_data['shipping_code'] = $this->session->data['shipping_method']['code'];
} else {
$order_data['shipping_code'] = '';
}
} else {
$order_data['shipping_firstname'] = '';
$order_data['shipping_lastname'] = '';
$order_data['shipping_company'] = '';
$order_data['shipping_address_1'] = '';
$order_data['shipping_address_2'] = '';
$order_data['shipping_city'] = '';
$order_data['shipping_postcode'] = '';
$order_data['shipping_zone'] = '';
$order_data['shipping_zone_id'] = '';
$order_data['shipping_country'] = '';
$order_data['shipping_country_id'] = '';
$order_data['shipping_address_format'] = '';
$order_data['shipping_custom_field'] = array();
$order_data['shipping_method'] = '';
$order_data['shipping_code'] = '';
}
$order_data['products'] = array();
foreach ($this->cart->getProducts() as $product) {
$option_data = array();
foreach ($product['option'] as $option) {
$option_data[] = array('product_option_id' => $option['product_option_id'], 'product_option_value_id' => $option['product_option_value_id'], 'option_id' => $option['option_id'], 'option_value_id' => $option['option_value_id'], 'name' => $option['name'], 'value' => $option['value'], 'type' => $option['type']);
}
$order_data['products'][] = array('product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'download' => $product['download'], 'quantity' => $product['quantity'], 'subtract' => $product['subtract'], 'price' => $product['price'], 'total' => $product['total'], 'tax' => $this->tax->getTax($product['price'], $product['tax_class_id']), 'reward' => $product['reward']);
}
// Gift Voucher
$order_data['vouchers'] = array();
if (!empty($this->session->data['vouchers'])) {
foreach ($this->session->data['vouchers'] as $voucher) {
$order_data['vouchers'][] = array('description' => $voucher['description'], 'code' => token(10), 'to_name' => $voucher['to_name'], 'to_email' => $voucher['to_email'], 'from_name' => $voucher['from_name'], 'from_email' => $voucher['from_email'], 'voucher_theme_id' => $voucher['voucher_theme_id'], 'message' => $voucher['message'], 'amount' => $voucher['amount']);
}
}
$order_data['comment'] = $this->session->data['comment'];
$order_data['total'] = $total;
if (isset($this->request->cookie['tracking'])) {
$order_data['tracking'] = $this->request->cookie['tracking'];
$subtotal = $this->cart->getSubTotal();
// Affiliate
$this->load->model('affiliate/affiliate');
$affiliate_info = $this->model_affiliate_affiliate->getAffiliateByCode($this->request->cookie['tracking']);
if ($affiliate_info) {
$order_data['affiliate_id'] = $affiliate_info['affiliate_id'];
$order_data['commission'] = $subtotal / 100 * $affiliate_info['commission'];
} else {
$order_data['affiliate_id'] = 0;
$order_data['commission'] = 0;
}
// Marketing
$this->load->model('checkout/marketing');
$marketing_info = $this->model_checkout_marketing->getMarketingByCode($this->request->cookie['tracking']);
if ($marketing_info) {
$order_data['marketing_id'] = $marketing_info['marketing_id'];
} else {
$order_data['marketing_id'] = 0;
}
} else {
$order_data['affiliate_id'] = 0;
$order_data['commission'] = 0;
$order_data['marketing_id'] = 0;
$order_data['tracking'] = '';
}
$order_data['language_id'] = $this->config->get('config_language_id');
$order_data['currency_id'] = $this->currency->getId();
$order_data['currency_code'] = $this->currency->getCode();
$order_data['currency_value'] = $this->currency->getValue($this->currency->getCode());
$order_data['ip'] = $this->request->server['REMOTE_ADDR'];
if (!empty($this->request->server['HTTP_X_FORWARDED_FOR'])) {
$order_data['forwarded_ip'] = $this->request->server['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($this->request->server['HTTP_CLIENT_IP'])) {
$order_data['forwarded_ip'] = $this->request->server['HTTP_CLIENT_IP'];
} else {
$order_data['forwarded_ip'] = '';
}
if (isset($this->request->server['HTTP_USER_AGENT'])) {
$order_data['user_agent'] = $this->request->server['HTTP_USER_AGENT'];
} else {
$order_data['user_agent'] = '';
}
if (isset($this->request->server['HTTP_ACCEPT_LANGUAGE'])) {
$order_data['accept_language'] = $this->request->server['HTTP_ACCEPT_LANGUAGE'];
} else {
$order_data['accept_language'] = '';
}
$this->load->model('checkout/order');
$this->session->data['order_id'] = $this->model_checkout_order->addOrder($order_data);
$data['text_recurring_item'] = $this->language->get('text_recurring_item');
$data['text_payment_recurring'] = $this->language->get('text_payment_recurring');
$data['column_name'] = $this->language->get('column_name');
$data['column_model'] = $this->language->get('column_model');
$data['column_quantity'] = $this->language->get('column_quantity');
$data['column_price'] = $this->language->get('column_price');
$data['column_total'] = $this->language->get('column_total');
$this->load->model('tool/upload');
$data['products'] = array();
foreach ($this->cart->getProducts() as $product) {
$option_data = array();
foreach ($product['option'] as $option) {
if ($option['type'] != 'file') {
$value = $option['value'];
} else {
$upload_info = $this->model_tool_upload->getUploadByCode($option['value']);
if ($upload_info) {
$value = $upload_info['name'];
} else {
$value = '';
}
}
$option_data[] = array('name' => $option['name'], 'value' => utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value);
}
$recurring = '';
if ($product['recurring']) {
$frequencies = array('day' => $this->language->get('text_day'), 'week' => $this->language->get('text_week'), 'semi_month' => $this->language->get('text_semi_month'), 'month' => $this->language->get('text_month'), 'year' => $this->language->get('text_year'));
if ($product['recurring']['trial']) {
$recurring = sprintf($this->language->get('text_trial_description'), $this->currency->format($this->tax->calculate($product['recurring']['trial_price'] * $product['quantity'], $product['tax_class_id'], $this->config->get('config_tax'))), $product['recurring']['trial_cycle'], $frequencies[$product['recurring']['trial_frequency']], $product['recurring']['trial_duration']) . ' ';
}
if ($product['recurring']['duration']) {
$recurring .= sprintf($this->language->get('text_payment_description'), $this->currency->format($this->tax->calculate($product['recurring']['price'] * $product['quantity'], $product['tax_class_id'], $this->config->get('config_tax'))), $product['recurring']['cycle'], $frequencies[$product['recurring']['frequency']], $product['recurring']['duration']);
} else {
$recurring .= sprintf($this->language->get('text_payment_cancel'), $this->currency->format($this->tax->calculate($product['recurring']['price'] * $product['quantity'], $product['tax_class_id'], $this->config->get('config_tax'))), $product['recurring']['cycle'], $frequencies[$product['recurring']['frequency']], $product['recurring']['duration']);
}
}
$data['products'][] = array('cart_id' => $product['cart_id'], 'product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'recurring' => $recurring, 'quantity' => $product['quantity'], 'subtract' => $product['subtract'], 'price' => $this->currency->format($this->tax->calculate($product['price'], $product['tax_class_id'], $this->config->get('config_tax'))), 'total' => $this->currency->format($this->tax->calculate($product['price'], $product['tax_class_id'], $this->config->get('config_tax')) * $product['quantity']), 'href' => $this->url->link('product/product', 'product_id=' . $product['product_id']));
}
// Gift Voucher
$data['vouchers'] = array();
if (!empty($this->session->data['vouchers'])) {
foreach ($this->session->data['vouchers'] as $voucher) {
$data['vouchers'][] = array('description' => $voucher['description'], 'amount' => $this->currency->format($voucher['amount']));
}
}
$data['totals'] = array();
foreach ($order_data['totals'] as $total) {
$data['totals'][] = array('title' => $total['title'], 'text' => $this->currency->format($total['value']));
}
$data['payment'] = $this->load->controller('payment/' . $this->session->data['payment_method']['code']);
} else {
$data['redirect'] = $redirect;
}
$this->response->setOutput($this->load->view('checkout/confirm', $data));
}
public function expressComplete()
{
$this->load->language('payment/pp_express');
$redirect = '';
if ($this->cart->hasShipping()) {
// Validate if shipping address has been set.
$this->load->model('account/address');
if ($this->customer->isLogged() && isset($this->session->data['shipping_address_id'])) {
$shipping_address = $this->model_account_address->getAddress($this->session->data['shipping_address_id']);
} elseif (isset($this->session->data['guest'])) {
$shipping_address = $this->session->data['guest']['shipping'];
}
if (empty($shipping_address)) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
// Validate if shipping method has been set.
if (!isset($this->session->data['shipping_method'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
} else {
unset($this->session->data['shipping_method']);
unset($this->session->data['shipping_methods']);
}
// Validate if payment address has been set.
$this->load->model('account/address');
if ($this->customer->isLogged() && isset($this->session->data['payment_address_id'])) {
$payment_address = $this->model_account_address->getAddress($this->session->data['payment_address_id']);
} elseif (isset($this->session->data['guest'])) {
$payment_address = $this->session->data['guest']['payment'];
}
// Validate if payment method has been set.
if (!isset($this->session->data['payment_method'])) {
$redirect = $this->url->link('checkout/checkout', '', true);
}
// Validate cart has products and has stock.
if (!$this->cart->hasProducts() && empty($this->session->data['vouchers']) || !$this->cart->hasStock() && !$this->config->get('config_stock_checkout')) {
$redirect = $this->url->link('checkout/cart');
}
// Validate minimum quantity requirements.
$products = $this->cart->getProducts();
foreach ($products as $product) {
$product_total = 0;
foreach ($products as $product_2) {
if ($product_2['product_id'] == $product['product_id']) {
$product_total += $product_2['quantity'];
}
}
if ($product['minimum'] > $product_total) {
$redirect = $this->url->link('checkout/cart');
break;
}
}
if ($redirect == '') {
$totals = array();
$taxes = $this->cart->getTaxes();
$total = 0;
// Because __call can not keep var references so we put them into an array.
$total_data = array('totals' => &$totals, 'taxes' => &$taxes, 'total' => &$total);
$this->load->model('extension/extension');
$sort_order = array();
$results = $this->model_extension_extension->getExtensions('total');
foreach ($results as $key => $value) {
$sort_order[$key] = $this->config->get($value['code'] . '_sort_order');
}
array_multisort($sort_order, SORT_ASC, $results);
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('total/' . $result['code']);
// We have to put the totals in an array so that they pass by reference.
$this->{'model_total_' . $result['code']}->getTotal($total_data);
}
}
$sort_order = array();
foreach ($totals as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $totals);
$this->load->language('checkout/checkout');
$data = array();
$data['invoice_prefix'] = $this->config->get('config_invoice_prefix');
$data['store_id'] = $this->config->get('config_store_id');
$data['store_name'] = $this->config->get('config_name');
if ($data['store_id']) {
$data['store_url'] = $this->config->get('config_url');
} else {
$data['store_url'] = HTTP_SERVER;
}
if ($this->customer->isLogged() && isset($this->session->data['payment_address_id'])) {
$data['customer_id'] = $this->customer->getId();
$data['customer_group_id'] = $this->config->get('config_customer_group_id');
$data['firstname'] = $this->customer->getFirstName();
$data['lastname'] = $this->customer->getLastName();
$data['email'] = $this->customer->getEmail();
$data['telephone'] = $this->customer->getTelephone();
$data['fax'] = $this->customer->getFax();
$this->load->model('account/address');
$payment_address = $this->model_account_address->getAddress($this->session->data['payment_address_id']);
} elseif (isset($this->session->data['guest'])) {
$data['customer_id'] = 0;
$data['customer_group_id'] = $this->session->data['guest']['customer_group_id'];
$data['firstname'] = $this->session->data['guest']['firstname'];
$data['lastname'] = $this->session->data['guest']['lastname'];
$data['email'] = $this->session->data['guest']['email'];
$data['telephone'] = $this->session->data['guest']['telephone'];
$data['fax'] = $this->session->data['guest']['fax'];
$payment_address = $this->session->data['guest']['payment'];
}
$data['payment_firstname'] = isset($payment_address['firstname']) ? $payment_address['firstname'] : '';
$data['payment_lastname'] = isset($payment_address['lastname']) ? $payment_address['lastname'] : '';
$data['payment_company'] = isset($payment_address['company']) ? $payment_address['company'] : '';
$data['payment_company_id'] = isset($payment_address['company_id']) ? $payment_address['company_id'] : '';
$data['payment_tax_id'] = isset($payment_address['tax_id']) ? $payment_address['tax_id'] : '';
$data['payment_address_1'] = isset($payment_address['address_1']) ? $payment_address['address_1'] : '';
$data['payment_address_2'] = isset($payment_address['address_2']) ? $payment_address['address_2'] : '';
$data['payment_city'] = isset($payment_address['city']) ? $payment_address['city'] : '';
$data['payment_postcode'] = isset($payment_address['postcode']) ? $payment_address['postcode'] : '';
$data['payment_zone'] = isset($payment_address['zone']) ? $payment_address['zone'] : '';
$data['payment_zone_id'] = isset($payment_address['zone_id']) ? $payment_address['zone_id'] : '';
$data['payment_country'] = isset($payment_address['country']) ? $payment_address['country'] : '';
$data['payment_country_id'] = isset($payment_address['country_id']) ? $payment_address['country_id'] : '';
$data['payment_address_format'] = isset($payment_address['address_format']) ? $payment_address['address_format'] : '';
$data['payment_method'] = '';
if (isset($this->session->data['payment_method']['title'])) {
$data['payment_method'] = $this->session->data['payment_method']['title'];
}
$data['payment_code'] = '';
if (isset($this->session->data['payment_method']['code'])) {
$data['payment_code'] = $this->session->data['payment_method']['code'];
}
if ($this->cart->hasShipping()) {
if ($this->customer->isLogged()) {
$this->load->model('account/address');
$shipping_address = $this->model_account_address->getAddress($this->session->data['shipping_address_id']);
} elseif (isset($this->session->data['guest'])) {
$shipping_address = $this->session->data['guest']['shipping'];
}
$data['shipping_firstname'] = $shipping_address['firstname'];
$data['shipping_lastname'] = $shipping_address['lastname'];
$data['shipping_company'] = $shipping_address['company'];
$data['shipping_address_1'] = $shipping_address['address_1'];
$data['shipping_address_2'] = $shipping_address['address_2'];
$data['shipping_city'] = $shipping_address['city'];
$data['shipping_postcode'] = $shipping_address['postcode'];
$data['shipping_zone'] = $shipping_address['zone'];
$data['shipping_zone_id'] = $shipping_address['zone_id'];
$data['shipping_country'] = $shipping_address['country'];
$data['shipping_country_id'] = $shipping_address['country_id'];
$data['shipping_address_format'] = $shipping_address['address_format'];
$data['shipping_method'] = '';
if (isset($this->session->data['shipping_method']['title'])) {
$data['shipping_method'] = $this->session->data['shipping_method']['title'];
}
$data['shipping_code'] = '';
if (isset($this->session->data['shipping_method']['code'])) {
$data['shipping_code'] = $this->session->data['shipping_method']['code'];
}
} else {
$data['shipping_firstname'] = '';
$data['shipping_lastname'] = '';
$data['shipping_company'] = '';
$data['shipping_address_1'] = '';
$data['shipping_address_2'] = '';
$data['shipping_city'] = '';
$data['shipping_postcode'] = '';
$data['shipping_zone'] = '';
$data['shipping_zone_id'] = '';
$data['shipping_country'] = '';
$data['shipping_country_id'] = '';
$data['shipping_address_format'] = '';
$data['shipping_method'] = '';
$data['shipping_code'] = '';
}
$product_data = array();
foreach ($this->cart->getProducts() as $product) {
$option_data = array();
foreach ($product['option'] as $option) {
$option_data[] = array('product_option_id' => $option['product_option_id'], 'product_option_value_id' => $option['product_option_value_id'], 'option_id' => $option['option_id'], 'option_value_id' => $option['option_value_id'], 'name' => $option['name'], 'value' => $option['value'], 'type' => $option['type']);
}
$product_data[] = array('product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'download' => $product['download'], 'quantity' => $product['quantity'], 'subtract' => $product['subtract'], 'price' => $product['price'], 'total' => $product['total'], 'tax' => $this->tax->getTax($product['price'], $product['tax_class_id']), 'reward' => $product['reward']);
}
// Gift Voucher
$voucher_data = array();
if (!empty($this->session->data['vouchers'])) {
foreach ($this->session->data['vouchers'] as $voucher) {
$voucher_data[] = array('description' => $voucher['description'], 'code' => token(10), 'to_name' => $voucher['to_name'], 'to_email' => $voucher['to_email'], 'from_name' => $voucher['from_name'], 'from_email' => $voucher['from_email'], 'voucher_theme_id' => $voucher['voucher_theme_id'], 'message' => $voucher['message'], 'amount' => $voucher['amount']);
}
}
$data['products'] = $product_data;
$data['vouchers'] = $voucher_data;
$data['totals'] = $totals;
$data['comment'] = $this->session->data['comment'];
$data['total'] = $total;
if (isset($this->request->cookie['tracking'])) {
$data['tracking'] = $this->request->cookie['tracking'];
$subtotal = $this->cart->getSubTotal();
// Affiliate
$this->load->model('affiliate/affiliate');
$affiliate_info = $this->model_affiliate_affiliate->getAffiliateByCode($this->request->cookie['tracking']);
if ($affiliate_info) {
$data['affiliate_id'] = $affiliate_info['affiliate_id'];
$data['commission'] = $subtotal / 100 * $affiliate_info['commission'];
} else {
$data['affiliate_id'] = 0;
$data['commission'] = 0;
}
// Marketing
$this->load->model('checkout/marketing');
$marketing_info = $this->model_checkout_marketing->getMarketingByCode($this->request->cookie['tracking']);
if ($marketing_info) {
$data['marketing_id'] = $marketing_info['marketing_id'];
} else {
$data['marketing_id'] = 0;
}
} else {
$data['affiliate_id'] = 0;
$data['commission'] = 0;
$data['marketing_id'] = 0;
$data['tracking'] = '';
}
$data['language_id'] = $this->config->get('config_language_id');
$data['currency_id'] = $this->currency->getId($this->session->data['currency']);
$data['currency_code'] = $this->session->data['currency'];
$data['currency_value'] = $this->currency->getValue($this->session->data['currency']);
$data['ip'] = $this->request->server['REMOTE_ADDR'];
if (!empty($this->request->server['HTTP_X_FORWARDED_FOR'])) {
$data['forwarded_ip'] = $this->request->server['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($this->request->server['HTTP_CLIENT_IP'])) {
$data['forwarded_ip'] = $this->request->server['HTTP_CLIENT_IP'];
} else {
$data['forwarded_ip'] = '';
}
if (isset($this->request->server['HTTP_USER_AGENT'])) {
$data['user_agent'] = $this->request->server['HTTP_USER_AGENT'];
} else {
$data['user_agent'] = '';
}
if (isset($this->request->server['HTTP_ACCEPT_LANGUAGE'])) {
$data['accept_language'] = $this->request->server['HTTP_ACCEPT_LANGUAGE'];
} else {
$data['accept_language'] = '';
}
$this->load->model('account/custom_field');
$this->load->model('checkout/order');
$order_id = $this->model_checkout_order->addOrder($data);
$this->session->data['order_id'] = $order_id;
$this->load->model('payment/pp_express');
$paypal_data = array('TOKEN' => $this->session->data['paypal']['token'], 'PAYERID' => $this->session->data['paypal']['payerid'], 'METHOD' => 'DoExpressCheckoutPayment', 'PAYMENTREQUEST_0_NOTIFYURL' => $this->url->link('payment/pp_express/ipn', '', true), 'RETURNFMFDETAILS' => 1);
$paypal_data = array_merge($paypal_data, $this->model_payment_pp_express->paymentRequestInfo());
$result = $this->model_payment_pp_express->call($paypal_data);
if ($result['ACK'] == 'Success') {
//handle order status
switch ($result['PAYMENTINFO_0_PAYMENTSTATUS']) {
case 'Canceled_Reversal':
$order_status_id = $this->config->get('pp_express_canceled_reversal_status_id');
break;
case 'Completed':
$order_status_id = $this->config->get('pp_express_completed_status_id');
break;
case 'Denied':
$order_status_id = $this->config->get('pp_express_denied_status_id');
break;
case 'Expired':
$order_status_id = $this->config->get('pp_express_expired_status_id');
break;
case 'Failed':
$order_status_id = $this->config->get('pp_express_failed_status_id');
break;
case 'Pending':
$order_status_id = $this->config->get('pp_express_pending_status_id');
break;
case 'Processed':
$order_status_id = $this->config->get('pp_express_processed_status_id');
break;
case 'Refunded':
$order_status_id = $this->config->get('pp_express_refunded_status_id');
break;
case 'Reversed':
$order_status_id = $this->config->get('pp_express_reversed_status_id');
break;
case 'Voided':
$order_status_id = $this->config->get('pp_express_voided_status_id');
break;
}
$this->model_checkout_order->addOrderHistory($order_id, $order_status_id);
//add order to paypal table
$paypal_order_data = array('order_id' => $order_id, 'capture_status' => $this->config->get('pp_express_transaction') == 'Sale' ? 'Complete' : 'NotComplete', 'currency_code' => $result['PAYMENTINFO_0_CURRENCYCODE'], 'authorization_id' => $result['PAYMENTINFO_0_TRANSACTIONID'], 'total' => $result['PAYMENTINFO_0_AMT']);
$paypal_order_id = $this->model_payment_pp_express->addOrder($paypal_order_data);
//add transaction to paypal transaction table
$paypal_transaction_data = array('paypal_order_id' => $paypal_order_id, 'transaction_id' => $result['PAYMENTINFO_0_TRANSACTIONID'], 'parent_id' => '', 'note' => '', 'msgsubid' => '', 'receipt_id' => isset($result['PAYMENTINFO_0_RECEIPTID']) ? $result['PAYMENTINFO_0_RECEIPTID'] : '', 'payment_type' => $result['PAYMENTINFO_0_PAYMENTTYPE'], 'payment_status' => $result['PAYMENTINFO_0_PAYMENTSTATUS'], 'pending_reason' => $result['PAYMENTINFO_0_PENDINGREASON'], 'transaction_entity' => $this->config->get('pp_express_transaction') == 'Sale' ? 'payment' : 'auth', 'amount' => $result['PAYMENTINFO_0_AMT'], 'debug_data' => json_encode($result));
$this->model_payment_pp_express->addTransaction($paypal_transaction_data);
$recurring_products = $this->cart->getRecurringProducts();
//loop through any products that are recurring items
if ($recurring_products) {
$this->load->language('payment/pp_express');
$this->load->model('checkout/recurring');
$billing_period = array('day' => 'Day', 'week' => 'Week', 'semi_month' => 'SemiMonth', 'month' => 'Month', 'year' => 'Year');
foreach ($recurring_products as $item) {
$data = array('METHOD' => 'CreateRecurringPaymentsProfile', 'TOKEN' => $this->session->data['paypal']['token'], 'PROFILESTARTDATE' => gmdate("Y-m-d\\TH:i:s\\Z", gmmktime(gmdate("H"), gmdate("i") + 5, gmdate("s"), gmdate("m"), gmdate("d"), gmdate("y"))), 'BILLINGPERIOD' => $billing_period[$item['recurring']['frequency']], 'BILLINGFREQUENCY' => $item['recurring']['cycle'], 'TOTALBILLINGCYCLES' => $item['recurring']['duration'], 'AMT' => $this->currency->format($this->tax->calculate($item['recurring']['price'], $item['tax_class_id'], $this->config->get('config_tax')), $this->session->data['currency'], false, false) * $item['quantity'], 'CURRENCYCODE' => $this->session->data['currency']);
//trial information
if ($item['recurring']['trial']) {
$data_trial = array('TRIALBILLINGPERIOD' => $billing_period[$item['recurring']['trial_frequency']], 'TRIALBILLINGFREQUENCY' => $item['recurring']['trial_cycle'], 'TRIALTOTALBILLINGCYCLES' => $item['recurring']['trial_duration'], 'TRIALAMT' => $this->currency->format($this->tax->calculate($item['recurring']['trial_price'], $item['tax_class_id'], $this->config->get('config_tax')), $this->session->data['currency'], false, false) * $item['quantity']);
$trial_amt = $this->currency->format($this->tax->calculate($item['recurring']['trial_price'], $item['tax_class_id'], $this->config->get('config_tax')), $this->session->data['currency'], false, false) * $item['quantity'] . ' ' . $this->session->data['currency'];
$trial_text = sprintf($this->language->get('text_trial'), $trial_amt, $item['recurring']['trial_cycle'], $item['recurring']['trial_frequency'], $item['recurring']['trial_duration']);
$data = array_merge($data, $data_trial);
} else {
$trial_text = '';
}
$recurring_amt = $this->currency->format($this->tax->calculate($item['recurring']['price'], $item['tax_class_id'], $this->config->get('config_tax')), $this->session->data['currency'], false, false) * $item['quantity'] . ' ' . $this->session->data['currency'];
$recurring_description = $trial_text . sprintf($this->language->get('text_recurring'), $recurring_amt, $item['recurring']['cycle'], $item['recurring']['frequency']);
if ($item['recurring']['duration'] > 0) {
$recurring_description .= sprintf($this->language->get('text_length'), $item['recurring']['duration']);
}
//create new recurring and set to pending status as no payment has been made yet.
$recurring_id = $this->model_checkout_recurring->create($item, $order_id, $recurring_description);
$data['PROFILEREFERENCE'] = $recurring_id;
$data['DESC'] = $recurring_description;
$result = $this->model_payment_pp_express->call($data);
if (isset($result['PROFILEID'])) {
$this->model_checkout_recurring->addReference($recurring_id, $result['PROFILEID']);
} else {
// there was an error creating the recurring, need to log and also alert admin / user
}
}
}
$this->response->redirect($this->url->link('checkout/success'));
if (isset($result['REDIRECTREQUIRED']) && $result['REDIRECTREQUIRED'] == true) {
//- handle german redirect here
$this->response->redirect('https://www.paypal.com/cgi-bin/webscr?cmd=_complete-express-checkout&token=' . $this->session->data['paypal']['token']);
}
} else {
if ($result['L_ERRORCODE0'] == '10486') {
if (isset($this->session->data['paypal_redirect_count'])) {
if ($this->session->data['paypal_redirect_count'] == 2) {
$this->session->data['paypal_redirect_count'] = 0;
$this->session->data['error'] = $this->language->get('error_too_many_failures');
$this->response->redirect($this->url->link('checkout/checkout', '', true));
} else {
$this->session->data['paypal_redirect_count']++;
}
} else {
$this->session->data['paypal_redirect_count'] = 1;
}
if ($this->config->get('pp_express_test') == 1) {
$this->response->redirect('https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $this->session->data['paypal']['token']);
} else {
$this->response->redirect('https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $this->session->data['paypal']['token']);
}
}
$this->session->data['error_warning'] = $result['L_LONGMESSAGE0'];
$this->response->redirect($this->url->link('payment/pp_express/expressConfirm', '', true));
}
} else {
$this->response->redirect($redirect);
}
}