protected function PurgeOrders ()
{
// final permission checks
$canManage = $this->auth->HasPermission(AUTH_Manage_Orders);
$canPurge = $this->auth->HasPermission(AUTH_Purge_Orders);
if (!$canPurge) {
if ($canManage) {
$this->ManageOrders(GetLang('Unauthorized'), MSG_ERROR);
return;
}
$this->engine->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
return;
}
// input validation
$orderIds = array();
if (isset($_POST['orders']) && is_array($_POST['orders']) && !empty($_POST['orders'])) {
$orderIds = array_map('intval', $_POST['orders']);
}
if (empty($orderIds)) {
if ($canManage) {
$this->ManageOrders();
return;
}
$this->engine->DoHomePage();
return;
}
// do the order delete
$GLOBALS['ISC_CLASS_LOG']->LogAdminAction(count($orderIds));
$entity = new ISC_ENTITY_ORDER;
foreach ($orderIds as $orderId) {
if (!$entity->purge($orderId)) {
if ($canManage) {
$this->ManageOrders($entity->getError(), MSG_ERROR);
return;
}
$this->engine->DoHomePage($entity->getError(), MSG_ERROR);
return;
}
}
if ($canManage) {
$this->ManageOrders(GetLang('OrdersPurgedSuccessfully'), MSG_SUCCESS);
return;
}
$this->engine->DoHomePage(GetLang('OrdersPurgedSuccessfully'), MSG_SUCCESS);
}
