//_TODO add admin account id to status history record //_TODO form verifications on edit & payment popup forms //_TODO payment_types table interface //_TODO popup class to build/display help or additional data in new window //_TODO make following replacements in all SO files... // <br> --> <br /> // <b> --> <strong> // zen_db_output --> zen_db_scrub_out($x) // zen_db_input --> zen_db_scrub_in($x, true/false) // zen_db_prepare_input --> zen_db_scrub_in($x, true/false) require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; $oID = isset($_GET['oID']) ? (int) $_GET['oID'] : false; if ($oID) { require_once DIR_WS_CLASSES . 'super_order.php'; $so = new super_order($oID); } if (zen_not_null($action)) { switch ($action) { case 'mark_completed': $so->mark_completed(); $messageStack->add_session(sprintf(SUCCESS_MARK_COMPLETED, $oID), 'success'); zen_redirect(zen_href_link(FILENAME_SUPER_ORDERS, 'action=edit&oID=' . $oID, $request_type)); break; case 'mark_cancelled': $so->mark_cancelled(); $messageStack->add_session(sprintf(WARNING_MARK_CANCELLED, $oID), 'warning'); zen_redirect(zen_href_link(FILENAME_SUPER_ORDERS, 'action=edit&oID=' . $oID, $request_type)); break; case 'reopen': $so->reopen();
function create($zf_ot_modules, $zf_mode = 2) { global $db; $this->notify('NOTIFY_ORDER_CART_EXTERNAL_TAX_DURING_ORDER_CREATE', array(), $zf_ot_modules); if ($this->info['total'] == 0) { if (DEFAULT_ZERO_BALANCE_ORDERS_STATUS_ID == 0) { $this->info['order_status'] = (int) DEFAULT_ORDERS_STATUS_ID; } else { if ($_SESSION['payment'] != 'freecharger') { $this->info['order_status'] = (int) DEFAULT_ZERO_BALANCE_ORDERS_STATUS_ID; } } } $this->notify('NOTIFY_ORDER_CART_ORDERSTATUS'); if ($_SESSION['shipping']['id'] == 'free_free') { $this->info['shipping_module_code'] = $_SESSION['shipping']['id']; } // Sanitize cc-num if present, using maximum 10 chars, with middle chars stripped out with XX if (strlen($this->info['cc_number']) > 10) { $cEnd = substr($this->info['cc_number'], -4); $cOffset = strlen($this->info['cc_number']) - 4; $cStart = substr($this->info['cc_number'], 0, $cOffset > 4 ? 4 : (int) $cOffset); $this->info['cc_number'] = str_pad($cStart, 6, 'X') . $cEnd; } $sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'customers_name' => $this->customer['firstname'] . ' ' . $this->customer['lastname'], 'customers_company' => $this->customer['company'], 'customers_street_address' => $this->customer['street_address'], 'customers_suburb' => $this->customer['suburb'], 'customers_city' => $this->customer['city'], 'customers_postcode' => $this->customer['postcode'], 'customers_state' => $this->customer['state'], 'customers_country' => $this->customer['country']['title'], 'customers_telephone' => $this->customer['telephone'], 'customers_email_address' => $this->customer['email_address'], 'customers_address_format_id' => $this->customer['format_id'], 'delivery_name' => $this->delivery['firstname'] . ' ' . $this->delivery['lastname'], 'delivery_company' => $this->delivery['company'], 'delivery_street_address' => $this->delivery['street_address'], 'delivery_suburb' => $this->delivery['suburb'], 'delivery_city' => $this->delivery['city'], 'delivery_postcode' => $this->delivery['postcode'], 'delivery_state' => $this->delivery['state'], 'delivery_country' => $this->delivery['country']['title'], 'delivery_address_format_id' => $this->delivery['format_id'], 'billing_name' => $this->billing['firstname'] . ' ' . $this->billing['lastname'], 'billing_company' => $this->billing['company'], 'billing_street_address' => $this->billing['street_address'], 'billing_suburb' => $this->billing['suburb'], 'billing_city' => $this->billing['city'], 'billing_postcode' => $this->billing['postcode'], 'billing_state' => $this->billing['state'], 'billing_country' => $this->billing['country']['title'], 'billing_address_format_id' => $this->billing['format_id'], 'payment_method' => ($this->info['payment_module_code'] == '' and $this->info['payment_method'] == '') ? PAYMENT_METHOD_GV : $this->info['payment_method'], 'payment_module_code' => ($this->info['payment_module_code'] == '' and $this->info['payment_method'] == '') ? PAYMENT_MODULE_GV : $this->info['payment_module_code'], 'shipping_method' => $this->info['shipping_method'], 'shipping_module_code' => strpos($this->info['shipping_module_code'], '_') > 0 ? substr($this->info['shipping_module_code'], 0, strpos($this->info['shipping_module_code'], '_')) : $this->info['shipping_module_code'], 'coupon_code' => $this->info['coupon_code'], 'cc_type' => $this->info['cc_type'], 'cc_owner' => $this->info['cc_owner'], 'cc_number' => $this->info['cc_number'], 'cc_expires' => $this->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $this->info['order_status'], 'order_total' => $this->info['total'], 'order_tax' => $this->info['tax'], 'currency' => $this->info['currency'], 'currency_value' => $this->info['currency_value'], 'ip_address' => $_SESSION['customers_ip_address'] . ' - ' . $_SERVER['REMOTE_ADDR']); // BEGIN COWOA edit if ($_SESSION['COWOA']) { $sql_data_array[COWOA_order] = 1; } // END COWOA edit zen_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = $db->Insert_ID(); // BEGIN Super Orders edit // add CC data as a line item to SO payment system if (zen_not_null($this->info['cc_type']) || zen_not_null($this->info['cc_owner']) || zen_not_null($this->info['cc_number'])) { require DIR_WS_CLASSES . 'super_order.php'; $so = new super_order($insert_id); $so->cc_line_item(); } // END Super Orders edit $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ORDER_HEADER', array_merge(array('orders_id' => $insert_id, 'shipping_weight' => $_SESSION['cart']->weight), $sql_data_array)); for ($i = 0, $n = sizeof($zf_ot_modules); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $zf_ot_modules[$i]['title'], 'text' => $zf_ot_modules[$i]['text'], 'value' => is_numeric($zf_ot_modules[$i]['value']) ? $zf_ot_modules[$i]['value'] : '0', 'class' => $zf_ot_modules[$i]['code'], 'sort_order' => $zf_ot_modules[$i]['sort_order']); zen_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ORDERTOTAL_LINE_ITEM', $sql_data_array); } $customer_notification = SEND_EMAILS == 'true' ? '1' : '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $this->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $this->info['comments']); zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ORDER_COMMENT', $sql_data_array); return $insert_id; }
// ctp: begin dummy this up to create so classes for all orders in range. This will ensure all paypal // transactions are captured in the so_payments and so_refunds for the order range selected. $payment_query = "SELECT orders_id FROM " . TABLE_ORDERS . " o\n WHERE date_purchased BETWEEN '" . $sd . "' AND DATE_ADD('" . $ed . "', INTERVAL 1 DAY)"; $order_list = $db->Execute($payment_query); while (!$order_list->EOF) { $so = new super_order($order_list->fields['orders_id']); // instantiated once simply for the full_type() function $so = NULL; $order_list->MoveNext(); } // ctp: end dummy this up to create so classes for all orders in range. This will ensure all paypal if ($target == 'payments' || $target == 'both') { $payment_query = "SELECT * FROM " . TABLE_SO_PAYMENTS . " p\n LEFT JOIN " . TABLE_ORDERS . " o\n ON p.orders_id = o.orders_id\n WHERE date_posted BETWEEN '" . $sd . "' AND DATE_ADD('" . $ed . "', INTERVAL 1 DAY)\n ORDER BY payment_type asc"; $payment = $db->Execute($payment_query); if (zen_not_null($payment->fields['orders_id'])) { $so = new super_order($payment->fields['orders_id']); // instantiated once simply for the full_type() function $current_type = strtoupper($payment->fields['payment_type']); $num_of_types++; $sub_total = 0; $sub_count = 0; ?> <tr> <td colspan="7" class="dataTableContent" align="center"><strong><?php echo zen_draw_separator() . $so->full_type($current_type) . zen_draw_separator(); ?> </strong></td> </tr> <?php //_TODO make this into a do/while loop so that the final sub_total values can be displayed while (!$payment->EOF) {
$oID = zen_db_prepare_input(trim($_GET['oID'])); } if ($oID) { $orders = $db->Execute("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'"); $order_exists = true; if ($orders->RecordCount() <= 0) { $order_exists = false; if ($action != '') $messageStack->add_session(ERROR_ORDER_DOES_NOT_EXIST . ' ' . $oID, 'error'); zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL')); } } if ($oID) { require_once(DIR_WS_CLASSES . 'super_order.php'); $so = new super_order($oID); } if (zen_not_null($action) && $order_exists == true) { switch ($action) { case 'mark_completed': $so->mark_completed(); $messageStack->add_session(sprintf(SUCCESS_MARK_COMPLETED, $oID), 'success'); zen_redirect(zen_href_link(FILENAME_ORDERS, 'action=edit&oID=' . $oID, 'NONSSL')); break; case 'mark_cancelled': $so->mark_cancelled(); $messageStack->add_session(sprintf(WARNING_MARK_CANCELLED, $oID), 'warning'); zen_redirect(zen_href_link(FILENAME_ORDERS, 'action=edit&oID=' . $oID, 'NONSSL')); break; case 'reopen':
// Released under the GNU General Public License // // available at www.zen-cart.com/license/2_0.txt // // or see "license.txt" in the downloaded zip // ////////////////////////////////////////////////////////////////////////// // DESCRIPTION: This file generates a pop-up window that is used to // // enter and edit payment information for a given order. // ////////////////////////////////////////////////////////////////////////// // $Id: super_batch_forms.php v 2010-10-24 $ */ require 'includes/application_top.php'; require_once DIR_WS_CLASSES . 'super_order.php'; global $db; $oID = $_GET['oID']; $payment_mode = $_GET['payment_mode']; $action = isset($_GET['action']) ? $_GET['action'] : ''; $so = new super_order($oID); // the following "if" clause actually inputs data into the DB if ($_GET['process'] == '1') { switch ($action) { // add a new payment entry case 'add': $update_status = isset($_GET['update_status']) ? $_GET['update_status'] : false; $notify_customer = isset($_GET['notify_customer']) ? $_GET['notify_customer'] : false; //update_status($oID, $new_status, $notified = 0, $comments = '') switch ($payment_mode) { case 'payment': // input new data $new_index = $so->add_payment($_GET['payment_number'], $_GET['payment_name'], $_GET['payment_amount'], $_GET['payment_type'], $_GET['purchase_order_id']); // update order status if ($update_status) { if ($_GET['purchase_order_id']) {
// FILENAME: super_data_sheet.php // // // // DESCRIPTION: Takes all the order data found on // // the details screen and formats it for printing on // // standard 8.5" x 11" paper. // ////////////////////////////////////////////////////////// // $Id: super_data_sheet.php 27 2006-02-03 20:06:12Z BlindSide $ */ require 'includes/application_top.php'; require DIR_WS_CLASSES . 'order.php'; require DIR_WS_CLASSES . 'super_order.php'; require DIR_WS_CLASSES . 'currencies.php'; $currencies = new currencies(); $oID = (int) $_GET['oID']; $order = new order($oID); $so = new super_order($oID); $orders_status_array = array(); $orders_status = $db->Execute("select orders_status_id, orders_status_name\r\n from " . TABLE_ORDERS_STATUS . "\r\n where language_id = '" . (int) $_SESSION['languages_id'] . "'"); while (!$orders_status->EOF) { $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name']; $orders_status->MoveNext(); } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> > <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET;
$notify_split = isset($_POST['notify_split']) ? 1 : 0; // entry for original order $db->Execute("INSERT INTO " . TABLE_ORDERS_STATUS_HISTORY . "\n (orders_id, orders_status_id, date_added, customer_notified, comments)\n VALUES ('" . $oID . "',\n '" . $new_order['orders_status'] . "',\n now(),\n '" . $notify_split . "',\n '" . COMMENTS_SPLIT_OLD . $new_order_id . "')"); // entry for new order $db->Execute("INSERT INTO " . TABLE_ORDERS_STATUS_HISTORY . "\n (orders_id, orders_status_id, date_added, customer_notified, comments)\n VALUES ('" . $new_order_id . "',\n '" . $new_order['orders_status'] . "',\n now(),\n '" . $notify_split . "',\n '" . COMMENTS_SPLIT_NEW . $oID . "')"); // duplicate an existing Super Order payment data (if requested) //if (isset($_POST['copy_payments'])) { $old_new_order_total = $db->Execute("SELECT * FROM " . TABLE_ORDERS_TOTAL . " WHERE orders_id = '" . $oID . "'"); while (!$old_new_order_total->EOF) { if ($old_new_order_total->fields['title'] == 'Total:') { $old_order_total_value = $old_new_order_total->fields['value']; } $old_new_order_total->MoveNext(); } // die('<br>'.$old_order_total_value); $so = new super_order($oID); $reach_old_payment = 0; if ($so->payment) { for ($i = 0; $i < sizeof($so->payment); $i++) { unset($old_payment, $new_payment, $old_new_payment); $old_payment = $so->payment[$i]; $new_payment = array(); $old_new_payment['orders_id'] = $oID; $old_new_payment['payment_number'] = $old_payment['number']; $old_new_payment['payment_name'] = $old_payment['name']; $old_new_payment['payment_type'] = $old_payment['type']; $old_new_payment['date_posted'] = $old_payment['posted']; $old_new_payment['last_modified'] = $old_payment['modified']; if ($old_payment['amount'] > $old_order_total_value - $reach_old_payment) { $old_new_payment['payment_amount'] = $old_order_total_value - $reach_old_payment; $old_payment['amount'] = $reach_old_payment + $old_payment['amount'] - $old_order_total_value;
////////////////////////////////////////////////////////////////////////// // DESCRIPTION: Takes all the order data found on the details screen // // and formats it for printing on standard 8.5" x 11" paper. // ////////////////////////////////////////////////////////////////////////// // $Id: super_data_sheet.php v 2010-10-24 $ */ require('includes/application_top.php'); require(DIR_WS_CLASSES . 'order.php'); require(DIR_WS_CLASSES . 'super_order.php'); require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); $oID = (int)$_GET['oID']; $order = new order($oID); $so = new super_order($oID); $orders_status_array = array(); $orders_status = $db->Execute("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$_SESSION['languages_id'] . "'"); while (!$orders_status->EOF) { $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name']; $orders_status->MoveNext(); } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">