function eshop_checkout($espost) { $espost = stripslashes_deep($espost); global $blog_id, $eshopoptions, $wpdb; $contineproceed = '1'; //cache eshop_cache(); $echoit = ''; include_once ABSPATH . 'wp-includes/wp-db.php'; include_once WP_PLUGIN_DIR . "/eshop/cart-functions.php"; if (isset($espost['eshop_payment'])) { $_SESSION['eshop_payment' . $blog_id] = preg_replace('/[^a-zA-Z0-9\\-_]/', '', $espost['eshop_payment']); } if (!isset($_SESSION['eshop_payment' . $blog_id])) { $paymentmethod = 'paypal'; } else { $paymentmethod = $_SESSION['eshop_payment' . $blog_id]; } //left over from previous script, leaving in just in case another payment method is used. $chkerror = 0; $numberofproducts = 0; //filter for plugin merchant gateways $eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod); // if everything went ok do the following, hopefully the rest won't happen! if (isset($_GET['eshopaction'])) { if ($_GET['eshopaction'] == 'success') { include_once $eshopmgincpath; } } //filter for plugin merchant gateways $eshopmgincidxpath = apply_filters('eshop_mg_inc_idx_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '/index.php', $paymentmethod); if (file_exists($eshopmgincidxpath)) { include_once $eshopmgincidxpath; } if (isset($_SESSION['eshopcart' . $blog_id])) { $shopcart = $_SESSION['eshopcart' . $blog_id]; $numberofproducts = sizeof($_SESSION['eshopcart' . $blog_id]); /* unused code? $productsandqty=''; while (list ($product, $amount) = each ($_SESSION['eshopcart'.$blog_id])){ $productsandqty.=" $product-$amount"; $productsandqty=trim($productsandqty); } */ $keys = array_keys($_SESSION['eshopcart' . $blog_id]); $productidkeys = implode(",", $keys); $productidkeys = trim($productidkeys); //reqd for shipping - finds the correct state for working out shipping, and set things up for later usage. if (isset($espost['ship_name'])) { if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '' || $espost['ship_company'] != '' || $espost['ship_phone'] != '' || $espost['ship_country'] != '' || $espost['ship_state'] != '') { if ($espost['ship_name'] == '') { $espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name']; } if ($espost['ship_company'] == '') { $espost['ship_company'] = $espost['company']; } if ($espost['ship_phone'] == '') { $espost['ship_phone'] = $espost['phone']; } if ($espost['ship_address'] == '') { $espost['ship_address'] = $espost['address1']; if ($espost['address2'] != '') { $espost['ship_address'] .= ", " . $espost['address2']; } } if ($espost['ship_city'] == '') { $espost['ship_city'] = $espost['city']; } if ($espost['ship_postcode'] == '') { $espost['ship_postcode'] = $espost['zip']; } if ($espost['ship_country'] == '') { $espost['ship_country'] = $espost['country']; } if ($espost['ship_state'] == '') { $espost['ship_state'] = $espost['state']; } if ($espost['ship_altstate'] == '') { $espost['ship_altstate'] = $espost['altstate']; } } else { $espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name']; $espost['ship_company'] = $espost['company']; $espost['ship_phone'] = $espost['phone']; if ($espost['ship_address'] == '') { $espost['ship_address'] = $espost['address1']; if ($espost['address2'] != '') { $espost['ship_address'] .= ", " . $espost['address2']; } } $espost['ship_city'] = $espost['city']; $espost['ship_postcode'] = $espost['zip']; $espost['ship_country'] = $espost['country']; $espost['ship_state'] = $espost['state']; $espost['ship_altstate'] = $espost['altstate']; } $tablecountries = $wpdb->prefix . 'eshop_countries'; $tablestates = $wpdb->prefix . 'eshop_states'; $shippingzone = $eshopoptions['shipping_zone']; if (isset($espost['eshop_shiptype']) && $espost['eshop_shiptype'] != '0') { $sztype = $espost['eshop_shiptype']; $shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1"); } $pzoneid = ''; //$eshopoptions['unknown_state']; if ($shippingzone == 'country') { if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $pzoneid = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $pzoneid = $espost['country']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1"); } else { if (isset($espost['state']) && $espost['state'] != '') { $pzoneid = $espost['state']; } if (isset($espost['ship_state']) && $espost['ship_state'] != '') { $pzoneid = $espost['ship_state']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1"); if (isset($espost['altstate']) && $espost['altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } } $_SESSION['shiptocountry' . $blog_id] = $eshopoptions['location']; if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $_SESSION['shiptocountry' . $blog_id] = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $_SESSION['shiptocountry' . $blog_id] = $espost['country']; } } else { $pzoneid = ''; //$eshopoptions['unknown_state']; $tablecountries = $wpdb->prefix . 'eshop_countries'; $tablestates = $wpdb->prefix . 'eshop_states'; $shippingzone = $eshopoptions['shipping_zone']; if (isset($espost['eshop_shiptype'])) { $sztype = $espost['eshop_shiptype']; $shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1"); } if ($shippingzone == 'country') { if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $pzoneid = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $pzoneid = $espost['country']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1"); } else { if (isset($espost['ship_state']) && $espost['ship_state'] != '') { $pzoneid = $espost['ship_state']; } if (isset($espost['state']) && $espost['state'] != '') { $pzoneid = $espost['state']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1"); if (isset($espost['altstate']) && $espost['altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } } } // $shiparray = array(); $eshopcartarray = $_SESSION['eshopcart' . $blog_id]; foreach ($eshopcartarray as $productid => $opt) { if (is_array($opt)) { switch ($eshopoptions['shipping']) { case '1': //( per quantity of 1, prices reduced for additional items ) for ($i = 1; $i <= $opt['qty']; $i++) { array_push($shiparray, $opt["pclas"]); } break; case '2': //( once per shipping class no matter what quantity is ordered ) if (!in_array($opt["pclas"], $shiparray)) { array_push($shiparray, $opt["pclas"]); } break; case '3': //( one overall charge no matter how many are ordered ) if (!in_array($opt["pclas"], $shiparray)) { if ($opt["pclas"] != 'F') { array_push($shiparray, 'A'); } } break; case '4': //( weight ) if (isset($espost['eshop_shiptype'])) { unset($shiparray); $shiparray = $espost['eshop_shiptype']; } break; } } } //need an extra check if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && isset($espost['submit']) && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) { $pzone = ''; } //need to check the discount codes here as well: if (eshop_discount_codes_check()) { $_SESSION['eshop_discount' . $blog_id] = ''; unset($_SESSION['eshop_discount' . $blog_id]); if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') { $chkcode = valid_eshop_discount_code($espost['eshop_discount']); if ($chkcode) { $_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount']; } } } //show the cart if (isset($_GET['eshopaction']) && $_GET['eshopaction'] != 'redirect' || !isset($_GET['eshopaction'])) { $echoit .= display_cart($_SESSION['eshopcart' . $blog_id], false, $eshopoptions['checkout'], $pzone, $shiparray); } } $error = ''; if (isset($espost['submit'])) { //form handling foreach ($espost as $key => $value) { $key = $value; } //setupshipping arrays $reqdvalues = array('shipping', 'first_name', 'last_name', 'email', 'phone', 'address', 'city', 'zip', 'pay'); if ($eshopoptions['shipping'] != '4') { if ($eshopoptions['shipping_zone'] == 'country') { $reqdvalues[] = 'country'; } else { $reqdvalues[] = 'state'; } } else { $creqd = ''; $dtable = $wpdb->prefix . 'eshop_rates'; $query = $wpdb->get_results("SELECT DISTINCT(area) from {$dtable} where rate_type='ship_weight'"); foreach ($query as $k) { $reqdvalues[] = $k->area; } } $linkattr = apply_filters('eShopCheckoutLinksAttr', ''); $reqdarray = apply_filters('eshopCheckoutReqd', $reqdvalues); if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) { $error .= '<li>' . __('<strong>Shipping</strong> - not selected.', 'eshop') . '</li>'; } if (isset($espost['first_name'])) { $valid = checkAlpha($espost['first_name']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'first_name')) { $error .= '<li>' . __('<strong>First name</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['last_name'])) { $valid = checkAlpha($espost['last_name']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'last_name')) { $error .= '<li>' . __('<strong>Last name</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['email'])) { $valid = checkEmail($espost['email']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'email')) { $error .= '<li>' . __('<strong>Email address</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['phone'])) { $valid = checkPhone($espost['phone']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'phone')) { $error .= '<li>' . __('<strong>Phone Number</strong> - missing or incorrect', 'eshop') . '.</li>'; } } if (isset($espost['address1'])) { $valid = checkAlpha($espost['address1']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'address')) { $error .= '<li>' . __('<strong>Address</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['city'])) { $valid = checkAlpha($espost['city']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'city')) { $error .= '<li>' . __('<strong>City or town</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (eshop_checkreqd($reqdarray, 'state')) { if (isset($espost['state']) && $espost['state'] == '' && $espost['altstate'] == '') { $error .= '<li>' . __('<strong>State/County/Province</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (eshop_checkreqd($reqdarray, 'country')) { if (isset($espost['country'])) { $valid = checkAlpha($espost['country']); if ($valid == FALSE) { $error .= '<li>' . __('<strong>Country</strong> - missing or incorrect.', 'eshop') . '</li>'; } } } if (isset($espost['country']) && $espost['country'] == 'US' && $espost['state'] == '' && $espost['altstate'] == '') { //must pick a state for US deliveries $error .= '<li>' . __('<strong><abbr title="United States">US</abbr> State</strong> - missing or incorrect.', 'eshop') . '</li>'; } if (isset($espost['zip'])) { $valid = checkAlphaNum($espost['zip']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'zip')) { $error .= '<li>' . __('<strong>Zip/Post code</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['reference'])) { if ($espost['reference'] == '' && eshop_checkreqd($reqdarray, 'ref')) { $error .= '<li>' . __('<strong>Reference</strong> - missing.', 'eshop') . '</li>'; } } if (isset($espost['comments'])) { if ($espost['comments'] == '' && eshop_checkreqd($reqdarray, 'comments')) { $error .= '<li>' . __('<strong>Comments</strong> - missing.', 'eshop') . '</li>'; } } if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && !is_user_logged_in()) { if (!isset($espost['eshop_users']) && eshop_checkreqd($reqdarray, 'signup')) { $error .= '<li>' . __('<strong>Sign Up</strong> - not checked.', 'eshop') . '</li>'; } } //add in error checking for any new values here $temperror = apply_filters('eshoperrorcheckout', $espost); if (!is_array($temperror)) { $error .= $temperror; } //////////////////////////////////////////////// if ('yes' == $eshopoptions['tandc_use']) { if (!isset($espost['eshop_tandc'])) { $error .= '<li><strong>' . $eshopoptions['tandc'] . '</strong>' . __(' - not checked.', 'eshop') . '</li>'; } } if (!isset($espost['eshop_payment'])) { $error .= '<li>' . __('You have not chosen a <strong>payment option</strong>.', 'eshop') . '</li>'; } if (eshop_discount_codes_check()) { $_SESSION['eshop_discount' . $blog_id] = ''; unset($_SESSION['eshop_discount' . $blog_id]); if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') { $chkcode = valid_eshop_discount_code($espost['eshop_discount']); if (!$chkcode) { $error .= '<li>' . __('<strong>Discount Code</strong> - is not valid.', 'eshop') . '</li>'; } else { $_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount']; } } } if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && isset($espost['eshop_users']) && !is_user_logged_in()) { $_SESSION['eshop_user' . $blog_id] = '1'; } if ($error != '') { $echoit .= "<p><strong class=\"eshoperror error\">" . __('There were some errors in the details you entered…', 'eshop') . "</strong></p><ul class=\"eshoperrors errors\">" . $error . '</ul>'; $first_name = $last_name = $company = $phone = $reference = ''; $email = $address1 = $address2 = $city = $country = ''; $state = $altstate = $zip = $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; if (isset($espost['first_name'])) { $first_name = $espost['first_name']; } if (isset($espost['last_name'])) { $last_name = $espost['last_name']; } if (isset($espost['phone'])) { $phone = $espost['phone']; } if (isset($espost['reference'])) { $reference = $espost['reference']; } if (isset($espost['email'])) { $email = $espost['email']; } if (isset($espost['address1'])) { $address1 = $espost['address1']; } if (isset($espost['address2'])) { $address2 = $espost['address2']; } if (isset($espost['city'])) { $city = $espost['city']; } if (isset($espost['country'])) { $country = $espost['country']; } if (isset($espost['state'])) { $state = $espost['state']; } if (isset($espost['altstate'])) { $altstate = $espost['altstate']; } if (isset($espost['zip'])) { $zip = $espost['zip']; } if (isset($espost['ship_name'])) { $ship_name = $espost['ship_name']; } if (isset($espost['ship_company'])) { $ship_company = $espost['ship_company']; } if (isset($espost['ship_phone'])) { $ship_phone = $espost['ship_phone']; } if (isset($espost['ship_address'])) { $ship_address = $espost['ship_address']; } if (isset($espost['ship_city'])) { $ship_city = $espost['ship_city']; } if (isset($espost['ship_country'])) { $ship_country = $espost['ship_country']; } if (isset($espost['ship_state'])) { $ship_state = $espost['ship_state']; } if (isset($espost['ship_altstate'])) { $ship_altstate = $espost['ship_altstate']; } if (isset($espost['ship_postcode'])) { $ship_postcode = $espost['ship_postcode']; } if (isset($espost['comments'])) { $comments = $espost['comments']; } $chkerror = '1'; } else { if (!isset($_GET['eshopaction'])) { $shipping = 0; $echoit .= "<div class=\"hr\"></div><div class=\"eshopcheckoutconf\"><h3>" . __('<span class="noprint">Please Confirm </span>Your Details', 'eshop') . '</h3>'; // create a custom id, and shove details in database $date = date('YmdHis'); $_SESSION['date' . $blog_id] = $date; $fprice = number_format($_SESSION['final_price' . $blog_id], 2, '.', ''); $espost['amount'] = $fprice; $espost['custom'] = $date; $espost['numberofproducts'] = sizeof($_SESSION['eshopcart' . $blog_id]); //shipping if (isset($_SESSION['shipping' . $blog_id])) { $shipping = eshopShipTaxAmt(); } //discount shipping if (is_shipfree(calculate_total())) { $shipping = 0; } //shipping $espost['shipping_1'] = $shipping; $ctable = $wpdb->prefix . 'eshop_countries'; $stable = $wpdb->prefix . 'eshop_states'; if ('no' == $eshopoptions['downloads_only']) { $echoit .= '<h4>' . __('Mailing Address', 'eshop') . '</h4><ul class="eshop confirm">'; } else { $echoit .= '<h4>' . __('Contact Details', 'eshop') . '</h4><ul class="eshop confirm">'; } $echoit .= "<li><span class=\"items fullname\">" . __('Full name:', 'eshop') . "</span> " . $espost['first_name'] . " " . $espost['last_name'] . "</li>\n"; if ('no' == $eshopoptions['downloads_only']) { $echoit .= "<li class=\"company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['company'] . "</li>\n"; } $echoit .= "<li class=\"email\"><span class=\"items\">" . __('Email:', 'eshop') . "</span> " . $espost['email'] . "</li>\n"; if ('no' == $eshopoptions['downloads_only']) { $echoit .= "<li class=\"phone\"><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['phone'] . "</li>\n"; $echoit .= "<li class=\"address\"><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['address1'] . " " . $espost['address2'] . "</li>\n"; $echoit .= "<li class=\"city\"><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['city'] . "</li>\n"; $qcode = $wpdb->escape($espost['state']); $qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1"); if ($espost['altstate'] != '') { $echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['altstate'] . "</li>\n"; } elseif ($qstate != '') { $echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n"; } $echoit .= "<li class=\"zip\"><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['zip'] . "</li>\n"; $qccode = $wpdb->escape($espost['country']); $qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1"); $echoit .= "<li class=\"country\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n"; } $echoit .= "</ul>\n"; // $temp = apply_filters('eshopconfcheckout', $espost); if (!is_array($temp)) { $echoit .= $temp; } // if (!isset($espost['reference'])) { $espost['reference'] = ''; } if (!isset($espost['comments'])) { $espost['comments'] = ''; } if (trim($espost['reference']) != '' && trim($espost['comments']) == '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Reference or <abbr title="Purchase Order number">PO</abbr>', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if (trim($espost['reference']) == '' && trim($espost['comments']) != '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if (trim($espost['reference']) != '' && trim($espost['comments']) != '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Reference or PO:', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n"; $echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if ('no' == $eshopoptions['downloads_only']) { if ('yes' != $eshopoptions['hide_shipping']) { if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '') { $echoit .= "<div class=\"eshop fld4\"><h4>" . __('Shipping Address', 'eshop') . "</h4>\n<ul class=\"eshop confirmship\">\n"; $echoit .= "<li><span class=\"items\">" . __('Full name:', 'eshop') . "</span> " . $espost['ship_name'] . "</li>\n"; $echoit .= "<li class=\"ship_company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['ship_company'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['ship_phone'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['ship_address'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['ship_city'] . "</li>\n"; $qcode = $wpdb->escape($espost['ship_state']); $qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1"); if ($espost['ship_altstate'] != '') { $echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['ship_altstate'] . "</li>\n"; } elseif ($qstate != '') { $echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n"; } $echoit .= "<li><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['ship_postcode'] . "</li>\n"; $qccode = $wpdb->escape($espost['ship_country']); $qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1"); $echoit .= "<li class=\"shipcountry\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n"; $echoit .= "</ul></div>\n"; } } } $echoit .= "\n"; $echoit .= "</div>\n"; } //add to a session to store address: $_SESSION['addy' . $blog_id]['first_name'] = $espost['first_name']; $_SESSION['addy' . $blog_id]['last_name'] = $espost['last_name']; $_SESSION['addy' . $blog_id]['email'] = $espost['email']; if (isset($espost['company'])) { $_SESSION['addy' . $blog_id]['company'] = $espost['company']; } else { $_SESSION['addy' . $blog_id]['company'] = ''; } if (isset($espost['phone'])) { $_SESSION['addy' . $blog_id]['phone'] = $espost['phone']; } else { $_SESSION['addy' . $blog_id]['phone'] = ''; } if (isset($espost['reference'])) { $_SESSION['addy' . $blog_id]['reference'] = $espost['reference']; } else { $_SESSION['addy' . $blog_id]['reference'] = ''; } if (isset($espost['address1'])) { $_SESSION['addy' . $blog_id]['address1'] = $espost['address1']; } else { $_SESSION['addy' . $blog_id]['address1'] = ''; } if (isset($espost['address2'])) { $_SESSION['addy' . $blog_id]['address2'] = $espost['address2']; } else { $_SESSION['addy' . $blog_id]['address2'] = ''; } if (isset($espost['city'])) { $_SESSION['addy' . $blog_id]['city'] = $espost['city']; } if (isset($espost['country'])) { $_SESSION['addy' . $blog_id]['country'] = $espost['country']; } else { $_SESSION['addy' . $blog_id]['country'] = ''; } if (isset($espost['state'])) { $_SESSION['addy' . $blog_id]['state'] = $espost['state']; } else { $_SESSION['addy' . $blog_id]['state'] = ''; } if (isset($espost['altstate']) && $espost['altstate'] != '') { $_SESSION['addy' . $blog_id]['state'] = $espost['altstate']; } if (isset($espost['zip'])) { $_SESSION['addy' . $blog_id]['zip'] = $espost['zip']; } else { $_SESSION['addy' . $blog_id]['zip'] = ''; } if (isset($espost['ship_name'])) { $_SESSION['addy' . $blog_id]['ship_name'] = $espost['ship_name']; $_SESSION['addy' . $blog_id]['ship_company'] = $espost['ship_company']; $_SESSION['addy' . $blog_id]['ship_phone'] = $espost['ship_phone']; $_SESSION['addy' . $blog_id]['ship_address'] = $espost['ship_address']; $_SESSION['addy' . $blog_id]['ship_city'] = $espost['ship_city']; $_SESSION['addy' . $blog_id]['ship_country'] = $espost['ship_country']; $_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_state']; if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_altstate']; } $_SESSION['addy' . $blog_id]['ship_postcode'] = $espost['ship_postcode']; } if (isset($espost['comments'])) { $_SESSION['addy' . $blog_id]['comments'] = $espost['comments']; } else { $_SESSION['addy' . $blog_id]['comments'] = ''; } if (!isset($_SESSION['shipping' . $blog_id])) { $_SESSION['shipping' . $blog_id]['cost'] = $shipping; } //grab all the POST variables and store in cookie $array = $espost; //but first make a few extra equal nothing //add others in here if needed $array['comments'] = $array['reference'] = ''; $eshopsetcookie = apply_filters('eshop_use_cookie', true); if ($eshopsetcookie == true) { $biscuits = eshop_build_cookie($array); setcookie("eshopcart", $biscuits, time() + 60 * 60 * 24 * 365); } $eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod); include_once $eshopmgincpath; $contineproceed = '3'; } } else { //for first time form usage. if (isset($_SESSION['addy' . $blog_id])) { $first_name = $_SESSION['addy' . $blog_id]['first_name']; $last_name = $_SESSION['addy' . $blog_id]['last_name']; $company = $_SESSION['addy' . $blog_id]['company']; $phone = $_SESSION['addy' . $blog_id]['phone']; $reference = $_SESSION['addy' . $blog_id]['reference']; $email = $_SESSION['addy' . $blog_id]['email']; $address1 = $_SESSION['addy' . $blog_id]['address1']; $address2 = $_SESSION['addy' . $blog_id]['address2']; $city = ''; if (isset($_SESSION['addy' . $blog_id]['city'])) { $city = $_SESSION['addy' . $blog_id]['city']; } $country = $_SESSION['addy' . $blog_id]['country']; $state = $_SESSION['addy' . $blog_id]['state']; if (!is_numeric($state)) { $li = $wpdb->escape($state); $table = $wpdb->prefix . 'eshop_states'; $stateList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1"); $state = $stateList; } if (isset($_SESSION['addy' . $blog_id]['altstate'])) { $altstate = $_SESSION['addy' . $blog_id]['altstate']; } else { $altstate = ''; } $zip = $_SESSION['addy' . $blog_id]['zip']; /* defaults */ $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; if (isset($_SESSION['addy' . $blog_id]['ship_name'])) { $ship_name = $_SESSION['addy' . $blog_id]['ship_name']; } if (isset($_SESSION['addy' . $blog_id]['ship_company'])) { $ship_company = $_SESSION['addy' . $blog_id]['ship_company']; } if (isset($_SESSION['addy' . $blog_id]['ship_phone'])) { $ship_phone = $_SESSION['addy' . $blog_id]['ship_phone']; } if (isset($_SESSION['addy' . $blog_id]['ship_address'])) { $ship_address = $_SESSION['addy' . $blog_id]['ship_address']; } if (isset($_SESSION['addy' . $blog_id]['ship_city'])) { $ship_city = $_SESSION['addy' . $blog_id]['ship_city']; } if (isset($_SESSION['addy' . $blog_id]['ship_country'])) { $ship_country = $_SESSION['addy' . $blog_id]['ship_country']; } if (isset($_SESSION['addy' . $blog_id]['ship_state'])) { $ship_state = $_SESSION['addy' . $blog_id]['ship_state']; if (!is_numeric($ship_state)) { $li = $wpdb->escape($ship_state); $table = $wpdb->prefix . 'eshop_states'; $stateSList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1"); $ship_state = $stateSList; } } if (isset($_SESSION['addy' . $blog_id]['ship_altstate'])) { $ship_altstate = $_SESSION['addy' . $blog_id]['ship_altstate']; } else { $ship_altstate = ''; } if (isset($_SESSION['addy' . $blog_id]['ship_postcode'])) { $ship_postcode = $_SESSION['addy' . $blog_id]['ship_postcode']; } if (isset($_SESSION['addy' . $blog_id]['comments'])) { $comments = $_SESSION['addy' . $blog_id]['comments']; } } else { $first_name = $last_name = $company = $phone = $reference = ''; $email = $address1 = $address2 = $city = $country = ''; $state = $altstate = $zip = $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; $eshopsetcookie = apply_filters('eshop_use_cookie', true); if (isset($_COOKIE["eshopcart"]) && calculate_items() != 0 && $eshopsetcookie == true) { $crumbs = eshop_break_cookie($_COOKIE["eshopcart"]); foreach ($crumbs as $k => $v) { ${$k} = $v; } } if (is_user_logged_in() && isset($eshopoptions['users']) && 'yes' == $eshopoptions['users']) { global $current_user; get_currentuserinfo(); $crumbs = stripslashes_deep(get_the_author_meta('eshop', $current_user->ID)); if (is_array($crumbs)) { foreach ($crumbs as $k => $v) { ${$k} = esc_attr($v); } $first_name = esc_attr($current_user->user_firstname); $last_name = esc_attr($current_user->user_lastname); $email = esc_attr($current_user->user_email); } } } } if ($chkerror != 0 || !isset($espost['submit']) && $numberofproducts >= 1) { // only show form if not filled in. $echoit .= eshopShowform($first_name, $last_name, $company, $phone, $email, $address1, $address2, $city, $state, $altstate, $zip, $country, $reference, $comments, $ship_name, $ship_company, $ship_phone, $ship_address, $ship_city, $ship_postcode, $ship_state, $ship_altstate, $ship_country); } if (isset($_SESSION['eshopcart' . $blog_id])) { switch ($contineproceed) { case '1': $echoit .= '<ul class="continue-proceed eshopcp1"><li class="editcart"><a href="' . get_permalink($eshopoptions['cart']) . '">' . __('« Edit Cart or Continue Shopping', 'eshop') . '</a></li></ul>'; break; case '2': $echoit .= '<ul class="continue-proceed redirect eshopcp2"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>'; break; case '3': $echoit .= '<ul class="continue-proceed redirect eshopcp3"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>'; break; } } else { $echoit .= "<p><strong class=\"eshoperror error\">" . __('Your shopping cart is currently empty.', 'eshop') . "</strong></p>"; } return $echoit; }
$p->add_field('shipping_1', eshopShipTaxAmt()); $sttable = $wpdb->prefix . 'eshop_states'; $getstate = $eshopoptions['shipping_state']; if ($eshopoptions['show_allstates'] != '1') { $stateList = $wpdb->get_results("SELECT id,code,stateName FROM {$sttable} WHERE list='{$getstate}' ORDER BY stateName", ARRAY_A); } else { $stateList = $wpdb->get_results("SELECT id,code,stateName,list FROM {$sttable} ORDER BY list,stateName", ARRAY_A); } foreach ($stateList as $code => $value) { $eshopstatelist[$value['id']] = $value['code']; } foreach ($_POST as $name => $value) { //have to do a discount code check here - otherwise things just don't work - but fine for free shipping codes if (strstr($name, 'amount_')) { if (isset($_SESSION['eshop_discount' . $blog_id]) && eshop_discount_codes_check()) { $chkcode = valid_eshop_discount_code($_SESSION['eshop_discount' . $blog_id]); if ($chkcode && apply_eshop_discount_code('discount') > 0) { $discount = apply_eshop_discount_code('discount') / 100; $value = number_format(round($value - $value * $discount, 2), 2); $vset = 'yes'; } } if (is_discountable(calculate_total()) != 0 && !isset($vset)) { $discount = is_discountable(calculate_total()) / 100; $value = number_format(round($value - $value * $discount, 2), 2); } } if (sizeof($stateList) > 0 && ($name == 'state' || $name == 'ship_state')) { if ($value != '') { $value = $eshopstatelist[$value]; }
function orderhandle($_POST, $checkid) { //This function puts the order into the db. global $wpdb, $blog_id, $eshopoptions; if (!is_user_logged_in() && isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && isset($_SESSION['eshop_user' . $blog_id])) { //set up blank user if in case anything goes phooey $user_id = 0; if (get_bloginfo('version') < '3.1') { require_once ABSPATH . WPINC . '/registration.php'; } //auto create a new user if they don't exist - only works if not logged in ;) $user_email = $_POST['email']; $utable = $wpdb->prefix . "users"; $filtnames = apply_filters('eshop_add_username', $_POST['first_name'], $_POST['last_name']); $names = str_replace(" ", "", $filtnames); $username = strtolower($names); $eshopch = $wpdb->get_results("SHOW TABLE STATUS LIKE '{$utable}'"); //a unique'ish number $altusername = strtolower($names . $eshopch[0]->Auto_increment); if (!email_exists($user_email)) { if (username_exists($username)) { $username = $altusername; } if (!username_exists($username)) { $random_password = wp_generate_password(12, false); $user_id = wp_create_user($username, $random_password, $user_email); $eshopuser['company'] = $_POST['company']; $eshopuser['phone'] = $_POST['phone']; $eshopuser['address1'] = $_POST['address1']; $eshopuser['address2'] = $_POST['address2']; $eshopuser['city'] = $_POST['city']; $eshopuser['country'] = $_POST['country']; $eshopuser['state'] = $_POST['state']; $eshopuser['zip'] = $_POST['zip']; if (isset($_POST['altstate']) && $_POST['altstate'] != '') { $eshopuser['altstate'] = $_POST['altstate']; } if (!is_numeric($_POST['state'])) { $statechk = $wpdb->escape($_POST['state']); $sttable = $wpdb->prefix . 'eshop_states'; $eshopuser['state'] = $wpdb->get_var("SELECT id FROM {$sttable} where code='{$statechk}' limit 1"); } else { $eshopuser['state'] = $_POST['state']; } update_user_meta($user_id, 'eshop', $eshopuser); update_user_meta($user_id, 'first_name', $_POST['first_name']); update_user_meta($user_id, 'last_name', $_POST['last_name']); update_user_option($user_id, 'default_password_nag', true, true); //Set up the Password change nag. wp_new_user_notification($user_id, $random_password); } } } else { global $current_user; get_currentuserinfo(); $user_id = $current_user->ID; } if (!isset($eshopoptions['users'])) { $user_id = '0'; } //$wpdb->show_errors(); if (get_magic_quotes_gpc()) { $_POST = stripslashes_array($_POST); } $custom_field = $wpdb->escape($_POST['custom']); $first_name = $wpdb->escape($_POST['first_name']); $last_name = $wpdb->escape($_POST['last_name']); $email = $wpdb->escape($_POST['email']); //set up some defaults $phone = $company = $address1 = $address2 = $city = $zip = $state = $country = $paidvia = ''; if (isset($_POST['phone'])) { $phone = $wpdb->escape($_POST['phone']); } if (isset($_POST['company'])) { $company = $wpdb->escape($_POST['company']); } if (isset($_POST['address1'])) { $address1 = $wpdb->escape($_POST['address1']); } if (isset($_POST['address2'])) { $address2 = $wpdb->escape($_POST['address2']); } if (isset($_POST['city'])) { $city = $wpdb->escape($_POST['city']); } if (isset($_POST['zip'])) { $zip = $wpdb->escape($_POST['zip']); } if (isset($_POST['state'])) { $state = $wpdb->escape($_POST['state']); } if (isset($_POST['country'])) { $country = $wpdb->escape($_POST['country']); } $paidvia = $wpdb->escape($_SESSION['eshop_payment' . $blog_id]); if (strtolower($paidvia) == __('cash', 'eshop')) { $eshopcash = $eshopoptions['cash']; if ($eshopcash['rename'] != '') { $paidvia = $eshopcash['rename']; } } if (strtolower($paidvia) == __('bank', 'eshop')) { $eshopbank = $eshopoptions['bank']; if ($eshopbank['rename'] != '') { $paidvia = $eshopbank['rename']; } } if (isset($_POST['state']) && $_POST['state'] == '' && isset($_POST['altstate']) && $_POST['altstate'] != '') { $state = $wpdb->escape($_POST['altstate']); } if (isset($_POST['ship_name'])) { $ship_name = $wpdb->escape($_POST['ship_name']); } else { $ship_name = $first_name . ' ' . $last_name; } if (isset($_POST['ship_phone'])) { $ship_phone = $wpdb->escape($_POST['ship_phone']); } else { $ship_phone = $phone; } if (isset($_POST['ship_company'])) { $ship_company = $wpdb->escape($_POST['ship_company']); } else { $ship_company = $company; } if (isset($_POST['ship_address'])) { $ship_address = $wpdb->escape($_POST['ship_address']); } else { $ship_address = $address1 . ' ' . $address2; } if (isset($_POST['ship_city'])) { $ship_city = $wpdb->escape($_POST['ship_city']); } else { $ship_city = $city; } if (isset($_POST['ship_postcode'])) { $ship_postcode = $wpdb->escape($_POST['ship_postcode']); } else { $ship_postcode = $zip; } if (isset($_POST['ship_country'])) { $ship_country = $wpdb->escape($_POST['ship_country']); } else { $ship_country = $country; } if (isset($_POST['ship_state'])) { $ship_state = $wpdb->escape($_POST['ship_state']); } else { $ship_state = $state; } if (empty($_POST['ship_state']) && !empty($_POST['ship_altstate'])) { $ship_state = $wpdb->escape($_POST['ship_altstate']); } if (isset($_POST['reference'])) { $reference = $wpdb->escape($_POST['reference']); } else { $reference = ''; } if (isset($_POST['comments'])) { $comments = $wpdb->escape($_POST['comments']); } else { $comments = ''; } if (isset($_POST['affiliate'])) { $affiliate = $wpdb->escape($_POST['affiliate']); } else { $affiliate = ''; } $detailstable = $wpdb->prefix . 'eshop_orders'; $itemstable = $wpdb->prefix . 'eshop_order_items'; $processing = __('Processing…', 'eshop'); //readjust state if needed $sttable = $wpdb->prefix . 'eshop_states'; $getstate = $eshopoptions['shipping_state']; if ($eshopoptions['show_allstates'] != '1') { $stateList = $wpdb->get_results("SELECT id,code,stateName FROM {$sttable} WHERE list='{$getstate}' ORDER BY stateName", ARRAY_A); } else { $stateList = $wpdb->get_results("SELECT id,code,stateName,list FROM {$sttable} ORDER BY list,stateName", ARRAY_A); } foreach ($stateList as $code => $value) { $eshopstatelist[$value['code']] = $value['id']; } if (isset($eshopstatelist[$state])) { $state = $eshopstatelist[$state]; } if (isset($eshopstatelist[$ship_state])) { $ship_state = $eshopstatelist[$ship_state]; } //if (!is_user_logged_in()) { $eshopching = $wpdb->get_var("SELECT checkid from {$detailstable} where checkid='{$checkid}' limit 1"); if ($eshopching != $checkid) { $query1 = $wpdb->query("INSERT INTO {$detailstable}\n\t\t\t\t(checkid, first_name, last_name,company,email,phone, address1, address2, city,\n\t\t\t\tstate, zip, country, reference, ship_name,ship_company,ship_phone, \n\t\t\t\tship_address, ship_city, ship_postcode,\tship_state, ship_country, \n\t\t\t\tcustom_field,transid,edited,comments,thememo,paidvia,affiliate,user_id,admin_note,user_notes)VALUES(\n\t\t\t\t'{$checkid}',\n\t\t\t\t'{$first_name}',\n\t\t\t\t'{$last_name}',\n\t\t\t\t'{$company}',\n\t\t\t\t'{$email}',\n\t\t\t\t'{$phone}',\n\t\t\t\t'{$address1}',\n\t\t\t\t'{$address2}',\n\t\t\t\t'{$city}',\n\t\t\t\t'{$state}',\n\t\t\t\t'{$zip}',\n\t\t\t\t'{$country}',\n\t\t\t\t'{$reference}',\n\t\t\t\t'{$ship_name}',\n\t\t\t\t'{$ship_company}',\n\t\t\t\t'{$ship_phone}',\n\t\t\t\t'{$ship_address}',\n\t\t\t\t'{$ship_city}',\n\t\t\t\t'{$ship_postcode}',\n\t\t\t\t'{$ship_state}',\n\t\t\t\t'{$ship_country}',\n\t\t\t\t'{$custom_field}',\n\t\t\t\t'{$processing}',\n\t\t\t\tNOW(),\n\t\t\t\t'{$comments}',\n\t\t\t\t'',\n\t\t\t\t'{$paidvia}',\n\t\t\t\t'{$affiliate}',\n\t\t\t\t'{$user_id}',\n\t\t\t\t'',''\n\t\t\t\t\t);"); $i = 1; //this is here to generate just one code per order $code = eshop_random_code(); while ($i <= $_POST['numberofproducts']) { //test $addoprice = 0; $chk_id = 'item_number_' . $i; $chk_qty = 'quantity_' . $i; $chk_amt = 'amount_' . $i; //$chk_opt=$itemoption.$i; $chk_opt = 'item_name_' . $i; $chk_postid = 'postid_' . $i; $chk_weight = 'weight_' . $i; //tax $tax_amt = $tax_rate = ''; if (isset($eshopoptions['tax']) && $eshopoptions['tax'] == '1') { $chk_tax = 'tax_' . $i; $chk_tax_rate = 'tax_rate_' . $i; if (isset($_POST[$chk_tax])) { $tax_amt = $wpdb->escape($_POST[$chk_tax]); $tax_rate = $wpdb->escape($_POST[$chk_tax_rate]); } } $item_id = $wpdb->escape($_POST[$chk_id]); $item_qty = $wpdb->escape($_POST[$chk_qty]); $item_amt = $wpdb->escape(str_replace(',', "", $_POST[$chk_amt])); $optname = $wpdb->escape($_POST[$chk_opt]); $post_id = $wpdb->escape($_POST[$chk_postid]); $weight = $wpdb->escape($_POST[$chk_weight]); $dlchking = $_POST['eshopident_' . $i]; //add opt sets if (isset($_SESSION['eshopcart' . $blog_id][$dlchking]['optset'])) { $data['optset'] = $_SESSION['eshopcart' . $blog_id][$dlchking]['optset']; $data['addoprice'] = $addoprice; $data = eshop_parse_optsets($data); $optset = $data['optset']; $addoprice = $data['addoprice']; } else { $optset = ''; } $optset = $wpdb->escape($optset); //end $thechk = $_SESSION['eshopcart' . $blog_id][$dlchking]['option']; $option_id = $wpdb->escape($thechk); if (strpos($thechk, ' ') === true) { $edown = explode(' ', $thechk); $edl = $edown[1]; } else { $edl = $thechk; } $eshop_product = maybe_unserialize(get_post_meta($post_id, '_eshop_product', true)); $dlchk = ''; if (isset($eshop_product['products'][$edl]['download'])) { $dlchk = $eshop_product['products'][$edl]['download']; } if ($dlchk != '') { //there are downloads. $queryitem = $wpdb->query("INSERT INTO {$itemstable}\n\t\t\t\t\t(checkid, item_id,item_qty,item_amt,tax_rate,tax_amt,optname,post_id,option_id,down_id,optsets,weight)values(\n\t\t\t\t\t'{$checkid}','{$item_id}','{$item_qty}','{$item_amt}', '{$tax_rate}', '{$tax_amt}', \n\t\t\t\t\t'{$optname}','{$post_id}','{$option_id}',\n\t\t\t\t\t'{$dlchk}','{$optset}','{$weight}');"); $wpdb->query("UPDATE {$detailstable} set downloads='yes' where checkid='{$checkid}'"); //add to download orders table $dloadtable = $wpdb->prefix . 'eshop_download_orders'; //$email,$checkid already set $producttable = $wpdb->prefix . 'eshop_downloads'; $grabit = $wpdb->get_row("SELECT id,title, files FROM {$producttable} where id='{$dlchk}'"); $downloads = $eshopoptions['downloads_num']; $wpdb->query("INSERT INTO {$dloadtable}\n\t\t\t\t\t(checkid, title,purchased,files,downloads,code,email)values(\n\t\t\t\t\t'{$checkid}',\n\t\t\t\t\t'{$grabit->title}',\n\t\t\t\t\tNOW(),\n\t\t\t\t\t'{$grabit->files}',\n\t\t\t\t\t'{$downloads}',\n\t\t\t\t\t'{$code}',\n\t\t\t\t\t'{$email}');"); } else { $queryitem = $wpdb->query("INSERT INTO {$itemstable}\n\t\t\t\t\t(checkid, item_id,item_qty,item_amt,tax_rate,tax_amt,optname,post_id,option_id,optsets,weight)values(\n\t\t\t\t\t'{$checkid}','{$item_id}','{$item_qty}','{$item_amt}','{$tax_rate}', '{$tax_amt}', \n\t\t\t\t\t'{$optname}','{$post_id}','{$option_id}','{$optset}','{$weight}');"); } $i++; } $postage = $wpdb->escape(str_replace(',', "", $_POST['shipping_1'])); $shiptaxamt = $shiptaxrate = ''; if (isset($eshopoptions['tax']) && $eshopoptions['tax'] == '1') { if (isset($_SESSION['shipping' . $blog_id]['cost'])) { $postage = $wpdb->escape(str_replace(',', "", $_SESSION['shipping' . $blog_id]['cost'])); } if (isset($_SESSION['shipping' . $blog_id]['tax'])) { $shiptaxamt = $wpdb->escape(str_replace(',', "", $_SESSION['shipping' . $blog_id]['tax'])); } if (isset($_SESSION['shipping' . $blog_id]['taxrate'])) { $shiptaxrate = $wpdb->escape(str_replace(',', "", $_SESSION['shipping' . $blog_id]['taxrate'])); } } $postage_name = ''; if (isset($_SESSION['eshopshiptype' . $blog_id]) && !eshop_only_downloads() && $_SESSION['eshopshiptype' . $blog_id] != '0') { $st = $_SESSION['eshopshiptype' . $blog_id] - 1; $typearr = explode("\n", $eshopoptions['ship_types']); $postage_name = stripslashes(esc_attr($typearr[$st])) . ' '; } $postage_name .= __('Shipping', 'eshop'); $querypostage = $wpdb->query("INSERT INTO {$itemstable} \n\t\t\t\t\t(checkid, item_id,item_qty,item_amt,tax_rate,tax_amt,optsets)values(\n\t\t\t\t\t'{$checkid}',\n\t\t\t\t\t'{$postage_name}',\n\t\t\t\t\t'1',\n\t\t\t\t\t'{$postage}',\n\t\t\t\t\t'{$shiptaxrate}',\n\t\t\t\t\t'{$shiptaxamt}',\n\t\t\t\t\t'');"); //update the discount codes used, and remove from remaining $disctable = $wpdb->prefix . 'eshop_discount_codes'; if (eshop_discount_codes_check()) { if (isset($_SESSION['eshop_discount' . $blog_id]) && valid_eshop_discount_code($_SESSION['eshop_discount' . $blog_id])) { $discvalid = $wpdb->escape($_SESSION['eshop_discount' . $blog_id]); do_action('eshop_discount_code_used', $checkid, $discvalid); $wpdb->query("UPDATE {$disctable} SET used=used+1 where disccode='{$discvalid}' limit 1"); $remaining = $wpdb->get_var("SELECT remain FROM {$disctable} where disccode='{$discvalid}' && dtype!='2' && dtype!='5' limit 1"); //reduce remaining if (is_numeric($remaining) && $remaining != '') { $wpdb->query("UPDATE {$disctable} SET remain=remain-1 where disccode='{$discvalid}' limit 1"); } } } do_action('eshoporderhandle', $_POST, $checkid); if ($eshopoptions['status'] != 'live') { echo "<p class=\"testing\"><strong>" . __('Test Mode — No money will be collected. This page will not auto redirect in test mode.', 'eshop') . "</strong></p>\n"; } } }