protected function PurgeOrders () { // final permission checks $canManage = $this->auth->HasPermission(AUTH_Manage_Orders); $canPurge = $this->auth->HasPermission(AUTH_Purge_Orders); if (!$canPurge) { if ($canManage) { $this->ManageOrders(GetLang('Unauthorized'), MSG_ERROR); return; } $this->engine->DoHomePage(GetLang('Unauthorized'), MSG_ERROR); return; } // input validation $orderIds = array(); if (isset($_POST['orders']) && is_array($_POST['orders']) && !empty($_POST['orders'])) { $orderIds = array_map('intval', $_POST['orders']); } if (empty($orderIds)) { if ($canManage) { $this->ManageOrders(); return; } $this->engine->DoHomePage(); return; } // do the order delete $GLOBALS['ISC_CLASS_LOG']->LogAdminAction(count($orderIds)); $entity = new ISC_ENTITY_ORDER; foreach ($orderIds as $orderId) { if (!$entity->purge($orderId)) { if ($canManage) { $this->ManageOrders($entity->getError(), MSG_ERROR); return; } $this->engine->DoHomePage($entity->getError(), MSG_ERROR); return; } } if ($canManage) { $this->ManageOrders(GetLang('OrdersPurgedSuccessfully'), MSG_SUCCESS); return; } $this->engine->DoHomePage(GetLang('OrdersPurgedSuccessfully'), MSG_SUCCESS); }