public function actionReturn()
{
$alipay = Yii::app()->alipay;
if ($alipay->verifyReturn()) {
$order_id = $_GET['out_trade_no'];
$total_fee = $_GET['total_fee'];
if ($_GET['trade_status'] == 'TRADE_FINISHED' || $_GET['trade_status'] == 'TRADE_SUCCESS') {
update_order_status($order_id, $total_fee, $_POST['trade_status']);
$this->render('order_paid');
} else {
echo "trade_status=" . $_GET['trade_status'];
}
} else {
echo "fail";
exit;
}
}
set_session("session_cc_number_first", $cc_number_first);
set_session("session_cc_number_last", $cc_number_last);
if ($cc_number_security == 0) {
$r->set_value("cc_number", "");
} elseif ($cc_number_security > 0) {
$r->set_value("cc_number", va_encrypt($r->get_value("cc_number")));
}
if ($cc_code_security == 0) {
$r->set_value("cc_security_code", "");
} elseif ($cc_code_security > 0) {
$r->set_value("cc_security_code", va_encrypt($cc_security_code));
}
if ($r->update_record()) {
// update order status
$cc_order_status = 2;
update_order_status($order_id, $cc_order_status, true, "", $status_error);
$op = new VA_Record($table_prefix . "orders_properties");
$op->add_textbox("order_id", INTEGER);
$op->set_value("order_id", $order_id);
$op->add_textbox("property_id", INTEGER);
$op->add_textbox("property_order", INTEGER);
$op->add_textbox("property_type", INTEGER);
$op->add_textbox("property_name", TEXT);
$op->add_textbox("property_value_id", INTEGER);
$op->add_textbox("property_value", TEXT);
$op->add_textbox("property_price", FLOAT);
$op->add_textbox("property_weight", FLOAT);
$op->add_textbox("tax_free", INTEGER);
foreach ($custom_options as $property_id => $property_values) {
// delete first all saved values
$sql = " DELETE FROM " . $table_prefix . "orders_properties ";
$t->set_var("parameter_value", $settings["site_url"] . "order_final.php");
}
$t->parse("parameters", true);
$t->set_var("parameter_name", "MD");
$t->set_var("parameter_value", htmlspecialchars($secure_3d_md));
$t->parse("parameters", true);
$goto_payment_message = str_replace("{payment_system}", "your bank", GOTO_PAYMENT_MSG);
$goto_payment_message = str_replace("{button_name}", CONTINUE_BUTTON, $goto_payment_message);
$t->set_var("GOTO_PAYMENT_MSG", $goto_payment_message);
$t->parse("submit_payment", false);
$t->pparse("3d_payment", false);
return;
}
} else {
// set default order status
update_order_status($order_id, $confirmed_order_status, true, "", $status_error);
}
if (strlen($error_message) && $failure_action == 1) {
header("Location: credit_card_info.php?payment_error=1");
exit;
} else {
header("Location: " . $return_page);
exit;
}
}
}
$payment_properties = 0;
if (!$order_errors) {
$items_text = show_order_items($order_id, true, "order_confirmation");
}
$t->set_var("order_confirmation", "order_confirmation.php");
$recurring_success = "";
if ($operation == "recurring") {
include_once "./admin_orders_recurring.php";
if ($recurring_errors) {
$orders_errors = $recurring_errors;
}
}
$t = new VA_Template($settings["admin_templates_dir"]);
$t->set_file("main", "admin_orders.html");
$t->set_var("date_edit_format", join("", $date_edit_format));
if ($operation == "update_status") {
if (isset($permissions["update_orders"]) && $permissions["update_orders"] == 1) {
if (strlen($orders_ids) && strlen($status_id)) {
$ids = explode(",", $orders_ids);
for ($i = 0; $i < sizeof($ids); $i++) {
update_order_status($ids[$i], $status_id, true, "", $status_error);
if ($status_error) {
$orders_errors .= $status_error . "<br>";
}
}
}
} else {
$orders_errors .= NOT_ALLOWED_UPDATE_ORDERS_MSG;
}
} elseif ($operation == "remove_orders") {
if (isset($permissions["remove_orders"]) && $permissions["remove_orders"] == 1) {
remove_orders($orders_ids);
} else {
$orders_errors .= NOT_ALLOWED_REMOVE_ORDERS_MSG;
}
}
function update_order()
{
$id = $_REQUEST['pk'];
update_order_status($id);
echo "Order Updated Succesfully";
}
}
delete_config("transactions_tmp", "table_id = '{$table_id}'");
// hapus widget_tmp_details
$q_widget_detail = mysql_query("select * from widget_tmp where table_id = '{$table_id}' and user_id = '" . $_SESSION['user_id'] . "'");
while ($r_widget_detail = mysql_fetch_array($q_widget_detail)) {
delete_config("widget_tmp_details", "wt_id = '" . $r_widget_detail['wt_id'] . "'");
}
delete_config("widget_tmp", "table_id = '{$table_id}'");
mysql_query("update tables set table_status_id = '1' where table_id = '{$table_id}'");
//cancel_order($table_id);
header("location: order.php?building_id={$building_id}");
break;
case 'order_status':
$id = $_GET['id'];
$building_id = $_GET['building_id'];
update_order_status($id);
header("location: order.php?building_id={$building_id}");
break;
case 'cancel_reserved':
$table_id = $_GET['table_id'];
$building_id = $_GET['building_id'];
//echo $table_id;
cancel_reserved($table_id);
header("location: order.php?building_id={$building_id}");
break;
case 'merger_table':
$table_id = get_isset($_GET['table_id']);
$building_id = isset($_GET['building_id']) ? $_GET['building_id'] : 0;
$building_name = get_building_name($building_id);
$query_table_merger = select_table_merger($building_id, $table_id);
$query_exist = mysql_query("select count(table_id) as jumlah from table_mergers where table_parent_id = '" . $table_id . "'");
