$_SESSION["gids"][$i] = 0; } } } } if ($rediractflag) { Redirect("index.php?product_removed=yes"); } } $orderID = ordOrderProcessing($_GET["shippingMethodID"], $_GET["paymentMethodID"], $_GET["shippingAddressID"], $_GET["billingAddressID"], $shippingModuleFiles, $paymentModuleFiles, $_POST["order_comment"], $cc_number, $cc_holdername, $cc_expires, $cc_cvv, $_SESSION["log"], $smarty_mail, $shServiceID); $_SESSION["newoid"] = $orderID; cartClearCartContet(); if (is_bool($orderID)) { RedirectProtected("index.php?order4_confirmation=yes" . "&shippingAddressID=" . $_GET["shippingAddressID"] . "&shippingMethodID=" . $_GET["shippingMethodID"] . "&billingAddressID=" . $_GET["billingAddressID"] . "&paymentMethodID=" . $_GET["paymentMethodID"] . "&payment_error=1"); } else { RedirectProtected("index.php?order4_confirmation=yes" . "&order_success=yes&paymentMethodID=" . $_GET["paymentMethodID"] . "&orderID=" . $orderID); } } if (isset($_GET["order_success"])) { if (isset($_GET["orderID"]) && isset($_SESSION["newoid"]) && (int) $_SESSION["newoid"] == (int) $_GET["orderID"]) { $paymentMethod = payGetPaymentMethodById($_GET["paymentMethodID"]); $currentPaymentModule = modGetModuleObj($paymentMethod["module_id"], PAYMENT_MODULE); if ($currentPaymentModule != null) { $after_processing_html = $currentPaymentModule->after_processing_html($_GET["orderID"]); } else { $after_processing_html = ""; } $smarty->assign("after_processing_html", $after_processing_html); } $smarty->assign("order_success", 1); } else {
include $fileName; } $payment_methods = payGetAllPaymentMethods(true); $payment_methodsToShow = array(); foreach ($payment_methods as $payment_method) { if ($_GET["shippingMethodID"] == 0) { $shippingMethodsToAllow = true; } else { $shippingMethodsToAllow = false; foreach ($payment_method["ShippingMethodsToAllow"] as $ShippingMethod) { if ((int) $_GET["shippingMethodID"] == (int) $ShippingMethod["SID"] && $ShippingMethod["allow"]) { $shippingMethodsToAllow = true; break; } } } if ($shippingMethodsToAllow) { $payment_methodsToShow[] = $payment_method; } } if (count($payment_methodsToShow) == 0) { RedirectProtected("index.php?order4_confirmation=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&" . "paymentMethodID=0" . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : '')); } $smarty->assign("shippingAddressID", $_GET["shippingAddressID"]); $smarty->assign("billingAddressID", $_GET["billingAddressID"]); $smarty->assign("shippingMethodID", $_GET["shippingMethodID"]); $smarty->assign("strAddress", regGetAddressStr($_GET["billingAddressID"])); $smarty->assign("payment_methods", $payment_methodsToShow); $smarty->assign("payment_methods_count", count($payment_methodsToShow)); $smarty->assign("main_content_template", "order3_billing.tpl"); }
function ordOrderProcessing($shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $customers_comment, $cc_number, $cc_holdername, $cc_expires, $cc_cvv, $log, $smarty_mail, $shServiceID = 0) { $customerID = $log != null ? regGetIdByLogin($log) : NULL; if ($log != null) { $customerInfo = regGetCustomerInfo2($log); } else { $customerInfo['first_name'] = $_SESSION['first_name']; $customerInfo['last_name'] = $_SESSION['last_name']; $customerInfo['Email'] = $_SESSION['email']; $customerInfo['affiliationLogin'] = $_SESSION['affiliationLogin']; } $order_time = get_current_time(); $frandl = mt_rand(3, 999); $order_active_link = md5($order_time) . $frandl; $customer_ip = stGetCustomerIP_Address(); $statusID = CONF_ACTIVE_ORDER == 1 ? 0 : ostGetNewOrderStatus(); $customer_affiliationLogin = isset($customerInfo['affiliationLogin']) ? $customerInfo['affiliationLogin'] : ''; $customer_email = $customerInfo['Email']; $currencyID = currGetCurrentCurrencyUnitID(); if ($currencyID != 0) { $currentCurrency = currGetCurrencyByID($currencyID); $currency_code = $currentCurrency['currency_iso_3']; $currency_value = $currentCurrency['currency_value']; $currency_round = $currentCurrency['roundval']; } else { $currency_code = ''; $currency_value = 1; $currency_round = 2; } // get shipping address if ($shippingAddressID != 0) { $shippingAddress = regGetAddress($shippingAddressID); $shippingAddressCountry = cnGetCountryById($shippingAddress['countryID']); $shippingAddress['country_name'] = $shippingAddressCountry['country_name']; } else { $shippingCountryName = cnGetCountryById($_SESSION['receiver_countryID']); $shippingCountryName = $shippingCountryName['country_name']; $shippingAddress['first_name'] = $_SESSION['receiver_first_name']; $shippingAddress['last_name'] = $_SESSION['receiver_last_name']; $shippingAddress['country_name'] = $shippingCountryName; $shippingAddress['state'] = $_SESSION['receiver_state']; $shippingAddress['city'] = $_SESSION['receiver_city']; $shippingAddress['address'] = $_SESSION['receiver_address']; $shippingAddress['zoneID'] = $_SESSION['receiver_zoneID']; } if (is_null($shippingAddress['state']) || trim($shippingAddress['state']) == '') { $zone = znGetSingleZoneById($shippingAddress['zoneID']); $shippingAddress['state'] = $zone['zone_name']; } // get billing address if ($billingAddressID != 0) { $billingAddress = regGetAddress($billingAddressID); $billingAddressCountry = cnGetCountryById($billingAddress['countryID']); $billingAddress['country_name'] = $billingAddressCountry['country_name']; } else { $billingCountryName = cnGetCountryById($_SESSION['billing_countryID']); $billingCountryName = $billingCountryName['country_name']; $billingAddress['first_name'] = $_SESSION['billing_first_name']; $billingAddress['last_name'] = $_SESSION['billing_last_name']; $billingAddress['country_name'] = $billingCountryName; $billingAddress['state'] = $_SESSION['billing_state']; $billingAddress['city'] = $_SESSION['billing_city']; $billingAddress['address'] = $_SESSION['billing_address']; $billingAddress['zoneID'] = $_SESSION['billing_zoneID']; } if (is_null($billingAddress['state']) || trim($billingAddress['state']) == '') { $zone = znGetSingleZoneById($billingAddress['zoneID']); $billingAddress['state'] = $zone['zone_name']; } $cartContent = cartGetCartContent(); foreach ($cartContent['cart_content'] as $key => $cartItem) { if (!empty($cartItem['opt_margin']) && $paymentMethodID == 2) { $cost = $cartItem['costUC']; $margin = $cost / 100 * CONF_PERCENT_MARGIN; $cost += $margin; $costShow = show_price($cost * $cartItem['quantity']); $cartContent['cart_content'][$key]['costUC'] = $cost; $cartContent['cart_content'][$key]['cost'] = $costShow; } } if ($log != null) { $addresses = array($shippingAddressID, $billingAddressID); } else { $addresses = array(array('countryID' => $_SESSION['receiver_countryID'], 'zoneID' => $_SESSION['receiver_zoneID']), array('countryID' => $_SESSION['billing_countryID'], 'zoneID' => $_SESSION['billing_zoneID'])); } $orderDetails = array('first_name' => $shippingAddress['first_name'], 'last_name' => $shippingAddress['last_name'], 'email' => $customerInfo['Email'], 'order_amount' => oaGetOrderAmountExShippingRate($cartContent, $addresses, $log, FALSE)); $shippingMethod = shGetShippingMethodById($shippingMethodID); $shipping_email_comments_text = $shippingMethod['email_comments_text']; $shippingName = $shippingMethod['Name']; $paymentMethod = payGetPaymentMethodById($paymentMethodID); $paymentName = $paymentMethod['Name']; $payment_email_comments_text = $paymentMethod['email_comments_text']; if (isset($paymentMethod['calculate_tax']) && (int) $paymentMethod['calculate_tax'] == 0) { $order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID); $d = oaGetDiscountPercent($cartContent, $log); $tax = 0; $shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, FALSE, $shServiceID, TRUE); $discount_percent = oaGetDiscountPercent($cartContent, $log); } else { $order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID); $d = oaGetDiscountPercent($cartContent, $log); $tax = oaGetProductTax($cartContent, $d, $addresses); $shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, TRUE, $shServiceID, TRUE); $discount_percent = oaGetDiscountPercent($cartContent, $log); } $shServiceInfo = ''; if (is_array($shipping_costUC)) { list($shipping_costUC) = $shipping_costUC; $shServiceInfo = $shipping_costUC['name']; $shipping_costUC = $shipping_costUC['rate']; } $paymentMethod = payGetPaymentMethodById($paymentMethodID); if ($paymentMethod) { $currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE); } else { $currentPaymentModule = null; } if ($currentPaymentModule != null) { //define order details for payment module $order_payment_details = array('customer_email' => $customer_email, 'customer_ip' => $customer_ip, 'order_amount' => $order_amount, 'currency_code' => $currency_code, 'currency_value' => $currency_value, 'shipping_cost' => $shipping_costUC, 'order_tax' => $tax, 'shipping_info' => $shippingAddress, 'billing_info' => $billingAddress); $process_payment_result = $currentPaymentModule->payment_process($order_payment_details); //gets payment processing result if (!($process_payment_result == 1)) { //die ($process_payment_result); if (isset($_POST)) { $_SESSION['order4confirmation_post'] = $_POST; } xSaveData('PaymentError', $process_payment_result); if (!$customerID) { RedirectProtected('index.php?order4_confirmation_quick=yes' . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID); } else { RedirectProtected('index.php?order4_confirmation=yes' . '&shippingAddressID=' . $_GET['shippingAddressID'] . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&billingAddressID=' . $_GET['billingAddressID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID); } return false; } } $customerID = (int) $customerID; // debug($cartContent['cart_content']); // // exit; $sql = 'INSERT INTO ' . ORDERS_TABLE . ' SET customerID = ' . (int) $customerID . ', order_time = "' . xEscSQL($order_time) . '", customer_ip = "' . xToText($customer_ip) . '", shipping_type = "' . xToText($shippingName) . '", payment_type = "' . xToText($paymentName) . '", customers_comment = "' . xToText($customers_comment) . '", statusID = ' . (int) $statusID . ', shipping_cost = "' . (double) $shipping_costUC . '", order_discount = "' . (double) $discount_percent . '", order_amount= "' . (double) $order_amount . '", currency_code = "' . xEscSQL($currency_code) . '", currency_value = "' . (double) $currency_value . '", customer_firstname = "' . xToText($customerInfo['first_name']) . '", customer_lastname = "' . xToText($customerInfo['last_name']) . '", customer_email = "' . xToText($customer_email) . '", shipping_firstname = "' . xToText($shippingAddress['first_name']) . '", shipping_lastname = "' . xToText($shippingAddress['last_name']) . '", shipping_country= "' . xToText($shippingAddress['country_name']) . '", shipping_state= "' . xToText($shippingAddress['state']) . '", shipping_city= "' . xToText($shippingAddress['city']) . '", shipping_address= "' . xToText($shippingAddress['address']) . '", billing_firstname= "' . xToText($billingAddress['first_name']) . '", billing_lastname= "' . xToText($billingAddress['last_name']) . '", billing_country= "' . xToText($billingAddress['country_name']) . '", billing_state= "' . xToText($billingAddress['state']) . '", billing_city= "' . xToText($billingAddress['city']) . '", billing_address= "' . xToText($billingAddress['address']) . '", cc_number= "' . xEscSQL($cc_number) . '", cc_holdername= "' . xToText($cc_holdername) . '", cc_expires= "' . xEscSQL($cc_expires) . '", cc_cvv= "' . xEscSQL($cc_cvv) . '", affiliateID= "' . (isset($_SESSION['refid']) ? $_SESSION['refid'] : regGetIdByLogin($customer_affiliationLogin)) . '", shippingServiceInfo= "' . $shServiceInfo . '", custlink= "' . xEscSQL($order_active_link) . '", currency_round= "' . (int) $currency_round . '", paymethod= ' . (int) $paymentMethodID; db_query($sql); $orderID = db_insert_id(ORDERS_TABLE); if (!CONF_ACTIVE_ORDER) { stChangeOrderStatus($orderID, $statusID); } $paymentMethod = payGetPaymentMethodById($paymentMethodID); if ($paymentMethod) { $currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE); // $currentPaymentModule = payGetPaymentModuleById( $paymentMethod['module_id'], $paymentModulesFiles ); } else { $currentPaymentModule = null; } //save shopping cart content to database and update in-stock information if ($log != null) { cartMoveContentFromShoppingCartsToOrderedCarts($orderID, $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $smarty_mail); } else { _moveSessionCartContentToOrderedCart($orderID, $paymentMethodID); //update in-stock information if ($statusID != ostGetCanceledStatusId() && CONF_CHECKSTOCK) { $q1 = db_query('select itemID, Quantity FROM ' . ORDERED_CARTS_TABLE . ' WHERE orderID=' . (int) $orderID); while ($item = db_fetch_row($q1)) { $q2 = db_query('select productID FROM ' . SHOPPING_CART_ITEMS_TABLE . ' WHERE itemID=' . (int) $item['itemID']); $pr = db_fetch_row($q2); if ($pr) { db_query('update ' . PRODUCTS_TABLE . ' set in_stock = in_stock - ' . (int) $item['Quantity'] . ' where productID=' . (int) $pr[0]); $q = db_query('select name, in_stock FROM ' . PRODUCTS_TABLE . ' WHERE productID=' . (int) $pr[0]); $productsta = db_fetch_row($q); if ($productsta[1] == 0) { if (CONF_AUTOOFF_STOCKADMIN) { db_query('update ' . PRODUCTS_TABLE . ' set enabled=0 where productID=' . (int) $pr[0]); } if (CONF_NOTIFY_STOCKADMIN) { $smarty_mail->assign('productstaname', $productsta[0]); $smarty_mail->assign('productstid', $pr[0]); $stockadmin = $smarty_mail->fetch('notify_stockadmin.tpl'); $ressta = xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, CUSTOMER_ACTIVATE_99 . ' - ' . CONF_SHOP_NAME, $stockadmin); } } } } } //now save registration form aux fields into CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG //for quick checkout orders these fields are stored separately than for registered customer (SS_customers) db_query('delete from ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' where orderID=' . (int) $orderID); foreach ($_SESSION as $key => $val) { if (strstr($key, 'additional_field_') && strlen(trim($val)) > 0) { $id = (int) str_replace('additional_field_', '', $key); if ($id > 0) { db_query('insert into ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' (orderID, reg_field_ID, reg_field_value) values (' . (int) $orderID . ', ' . (int) $id . ', "' . xToText(trim($val)) . '");'); } } } } if ($currentPaymentModule != null) { $currentPaymentModule->after_processing_php($orderID); } _sendOrderNotifycationToAdmin($orderID, $smarty_mail, $tax); _sendOrderNotifycationToCustomer($orderID, $smarty_mail, $customerInfo['Email'], $log, $payment_email_comments_text, $shipping_email_comments_text, $tax, $order_active_link); if ($log == null) { _quickOrderUnsetSession(); } unset($_SESSION['order4confirmation_post']); return $orderID; }
$result_methods = array(); $result_costs = array(); foreach ($shipping_methods as $key => $shipping_method) { if ($shipping_costs[$key] != 'n/a') { $result_methods[] = $shipping_method; $result_costs[] = $shipping_costs[$key]; } } $shipping_methods = $result_methods; $shipping_costs = $result_costs; if (isset($_POST["continue_button"])) { $_POST['shServiceID'] = isset($_POST['shServiceID'][$_POST['select_shipping_method']]) ? $_POST['shServiceID'][$_POST['select_shipping_method']] : 0; if (!isset($_GET["defaultBillingAddressID"])) { RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_POST["select_shipping_method"] . "&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&shServiceID=" . $_POST['shServiceID']); } else { RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_POST["select_shipping_method"] . "&" . "billingAddressID=" . $_GET["defaultBillingAddressID"] . "&shServiceID=" . $_POST['shServiceID']); } } if (count($shipping_methods) == 0) { RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&" . "shippingMethodID=0&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"])); } if (isset($_GET["defaultBillingAddressID"])) { $smarty->assign("defaultBillingAddressID", $_GET["defaultBillingAddressID"]); } $smarty->assign("shippingAddressID", $_GET["shippingAddressID"]); $smarty->assign("strAddress", $strAddress); $smarty->assign("shipping_costs", $shipping_costs); $smarty->assign("shipping_methods", $shipping_methods); $smarty->assign("shipping_methods_count", count($shipping_methods)); $smarty->assign("main_content_template", "order2_shipping.tpl"); }
function regAuthenticate($login, $password, $Redirect = true) { $sql = ' SELECT DISTINCT cust_password, CID, ActivationCode FROM ' . CUSTOMERS_TABLE . ' WHERE Login="******"'; $q = db_query($sql); $row = db_fetch_row($q); if (CONF_ENABLE_REGCONFIRMATION && $row['ActivationCode']) { if ($Redirect) { RedirectProtected(set_query('&act_customer=1¬act=1')); } else { return false; } } if ($row && strlen(trim($login)) > 0) { if ($row["cust_password"] == cryptPasswordCrypt($password, null)) { // set session variables $_SESSION["log"] = $login; $_SESSION["pass"] = cryptPasswordCrypt($password, null); $_SESSION["current_currency"] = $row["CID"]; // update statistic stAddCustomerLog($login); // move cart content into DB moveCartFromSession2DB(); return true; } } return false; }
$shippingMethodsToAllow = true; } else { $shippingMethodsToAllow = false; foreach ($payment_method["ShippingMethodsToAllow"] as $ShippingMethod) { if ((int) $_GET["shippingMethodID"] == (int) $ShippingMethod["SID"] && $ShippingMethod["allow"]) { $shippingMethodsToAllow = true; break; } } } if ($shippingMethodsToAllow) { $payment_methodsToShow[] = $payment_method; } } return $payment_methodsToShow; } if (isset($_POST["continue_button"])) { RedirectProtected("index.php?order4_confirmation_quick=yes&shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "paymentMethodID=" . $_POST["select_payment_method"] . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : '')); } $payment_methods = payGetAllPaymentMethods(true); $payment_methodsToShow = _getPaymentMethodsToShow($payment_methods); if (count($payment_methodsToShow) == 0) { RedirectProtected("index.php?order4_confirmation_quick=yes&shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "paymentMethodID=0" . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : '')); } $strAddress = quickOrderGetBillingAddressStr(); //TransformDataBaseStringToText( quickOrderGetBillingAddressStr() ); $smarty->assign("strAddress", $strAddress); $smarty->assign("payment_methods", $payment_methodsToShow); $smarty->assign("payment_methods_count", count($payment_methodsToShow)); $smarty->assign("main_content_template", "order3_billing_quick.tpl"); }
$shipping_costs[$_i][$_t]['rate'] = ''; } } } } return $shipping_costs; } $order = _getOrder(); $strAddress = quickOrderGetReceiverAddressStr(); $shipping_methods = shGetAllShippingMethods(true); if (isset($_POST["continue_button"])) { $_POST['shServiceID'] = isset($_POST['shServiceID'][$_POST['select_shipping_method']]) ? $_POST['shServiceID'][$_POST['select_shipping_method']] : 0; RedirectProtected("index.php?order3_billing_quick=yes&shippingMethodID=" . $_POST["select_shipping_method"] . "&shServiceID=" . $_POST['shServiceID']); } if (count($shipping_methods) == 0) { RedirectProtected("index.php?order3_billing_quick=yes&shippingMethodID=0"); } $shipping_costs = _getShippingCosts($shipping_methods, $order, $moduleFiles); $result_methods = array(); $result_costs = array(); foreach ($shipping_methods as $key => $shipping_method) { if ($shipping_costs[$key] != 'n/a') { $result_methods[] = $shipping_method; $result_costs[] = $shipping_costs[$key]; } } $shipping_methods = $result_methods; $shipping_costs = $result_costs; $smarty->assign("strAddress", $strAddress); $smarty->assign("shipping_costs", $shipping_costs); $smarty->assign("shipping_methods", $shipping_methods);