public static function execute(ApplicationAbstract $application) { $OSCOM_Database = Registry::get('Database'); $OSCOM_MessageStack = Registry::get('MessageStack'); $Qcheck = $OSCOM_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1'); $Qcheck->bindValue(':customers_email_address', $_POST['email_address']); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $password = osc_create_random_string(ACCOUNT_PASSWORD); if (Account::savePassword($password, $Qcheck->valueInt('customers_id'))) { if (ACCOUNT_GENDER > -1) { if ($Qcheck->value('customers_gender') == 'm') { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } else { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } } else { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } $email_text .= sprintf(OSCOM::getDef('email_password_reminder_body'), osc_get_ip_address(), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS); osc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf(OSCOM::getDef('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $OSCOM_MessageStack->add('LogIn', OSCOM::getDef('success_password_forgotten_sent'), 'success'); } osc_redirect(OSCOM::getLink(null, null, 'LogIn', 'SSL')); } else { $OSCOM_MessageStack->add('PasswordForgotten', OSCOM::getDef('error_password_forgotten_no_email_address_found')); } }
public static function execute() { // List of safe IP-Addresses found here: // https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_golivechecklist $firewall = array('64.4.241.16', '64.4.241.32', '64.4.241.33', '64.4.241.34', '64.4.241.35', '64.4.241.36', '64.4.241.37', '64.4.241.38', '64.4.241.39', '216.113.188.32', '216.113.188.33', '216.113.188.34', '216.113.188.35', '216.113.188.64', '216.113.188.65', '216.113.188.66', '216.113.188.67', '66.211.169.2', '66.211.169.65', '216.113.188.39', '216.113.188.71', '66.211.168.91', '66.211.168.123', '216.113.188.52', '216.113.188.84', '66.211.168.92', '66.211.168.124', '216.113.188.10', '66.211.168.126', '216.113.188.11', '66.211.168.125', '216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66', '66.135.197.163', '216.113.169.205', '66.135.197.160', '66.135.197.162', '66.135.197.141', '66.135.197.164'); if (!in_array(osc_get_ip_address(), $firewall)) { exit; } }
function createEntry($data, $restore_cart_contents = true, $send_email = true) { global $osC_Database, $osC_Session, $osC_Language, $osC_ShoppingCart, $osC_Customer, $osC_NavigationHistory, $toC_Wishlist; $Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_firstname', $data['firstname']); $Qcustomer->bindValue(':customers_lastname', $data['lastname']); $Qcustomer->bindValue(':customers_email_address', $data['email_address']); $Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : ''); $Qcustomer->bindValue(':customers_status', '1'); $Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address()); $Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password'])); $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : ''); $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : ''); $Qcustomer->bindInt(':number_of_logons', 0); $Qcustomer->bindRaw(':date_account_created', 'now()'); $Qcustomer->execute(); if ($Qcustomer->affectedRows() === 1) { $customer_id = $osC_Database->nextID(); $QcustomerGroup = $osC_Database->query('select customers_groups_id from :table_customers_groups where is_default = 1'); $QcustomerGroup->bindTable(':table_customers_groups', TABLE_CUSTOMERS_GROUPS); $QcustomerGroup->execute(); if ($QcustomerGroup->numberOfRows() == 1) { $osC_Database->simpleQuery('update ' . TABLE_CUSTOMERS . ' set customers_groups_id = ' . $QcustomerGroup->valueInt('customers_groups_id') . ' where customers_id = ' . $customer_id); } if (SERVICE_SESSION_REGENERATE_ID == '1') { $osC_Session->recreate(); } $osC_Customer->setCustomerData($customer_id); //restore cart contents if ($restore_cart_contents === true) { $osC_ShoppingCart->synchronizeWithDatabase(); } //restore wishlist contents $toC_Wishlist->synchronizeWithDatabase(); $osC_NavigationHistory->removeCurrentPage(); include 'email_template.php'; $email = toC_Email_Template::getEmailTemplate('create_account_email'); $email->setData($osC_Customer, $data['password']); $email->buildMessage(); $email->sendEmail(); return true; } return false; }
/** * Stores a new customer account entry in the database * * @param array $data An array containing the customers information * @access public * @return boolean */ public static function createEntry($data) { $OSCOM_Database = Registry::get('Database'); $OSCOM_Session = Registry::get('Session'); $OSCOM_Customer = Registry::get('Customer'); $OSCOM_ShoppingCart = Registry::get('ShoppingCart'); $OSCOM_NavigationHistory = Registry::get('NavigationHistory'); $Qcustomer = $OSCOM_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)'); $Qcustomer->bindValue(':customers_firstname', $data['firstname']); $Qcustomer->bindValue(':customers_lastname', $data['lastname']); $Qcustomer->bindValue(':customers_email_address', $data['email_address']); $Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : ''); $Qcustomer->bindValue(':customers_status', '1'); $Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address()); $Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password'])); $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : ''); $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : ''); $Qcustomer->bindInt(':number_of_logons', 0); $Qcustomer->bindRaw(':date_account_created', 'now()'); $Qcustomer->execute(); if ($Qcustomer->affectedRows() === 1) { $customer_id = $OSCOM_Database->nextID(); if (SERVICE_SESSION_REGENERATE_ID == '1') { $OSCOM_Session->recreate(); } $OSCOM_Customer->setCustomerData($customer_id); // restore cart contents $OSCOM_ShoppingCart->synchronizeWithDatabase(); $OSCOM_NavigationHistory->removeCurrentPage(); // build the welcome email content if (ACCOUNT_GENDER > -1 && isset($data['gender'])) { if ($data['gender'] == 'm') { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $OSCOM_Customer->getLastName()) . "\n\n"; } else { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $OSCOM_Customer->getLastName()) . "\n\n"; } } else { $email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $OSCOM_Customer->getName()) . "\n\n"; } $email_text .= sprintf(OSCOM::getDef('email_create_account_body'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS); osc_email($OSCOM_Customer->getName(), $OSCOM_Customer->getEmailAddress(), sprintf(OSCOM::getDef('email_create_account_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); return true; } return false; }
function process_button() { global $osC_Database, $order, $osC_Currencies; switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_MODE) { case 'Always Good': $transaction_mode = '1'; break; case 'Always Duplicate': $transaction_mode = '2'; break; case 'Always Decline': $transaction_mode = '3'; break; case 'Production': default: $transaction_mode = '0'; break; } switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_TYPE) { case 'Sale': $transaction_type = '0'; break; case 'PostAuth': $transaction_type = '2'; break; case 'PreAuth': default: $transaction_type = '1'; break; } if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') { $payment_error_return = '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . urlencode($_POST['psigate_cc_expires_month']) . '&psigate_cc_expires_year=' . urlencode($_POST['psigate_cc_expires_year']); } else { $payment_error_return = ''; } $process_button_string = osc_draw_hidden_field('MerchantID', MODULE_PAYMENT_PSIGATE_MERCHANT_ID) . osc_draw_hidden_field('FullTotal', number_format($order->info['total'] * $osC_Currencies->value(MODULE_PAYMENT_PSIGATE_CURRENCY), $osC_Currencies->currencies[MODULE_PAYMENT_PSIGATE_CURRENCY]['decimal_places'])) . osc_draw_hidden_field('ThanksURL', osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL')) . osc_draw_hidden_field('NoThanksURL', osc_href_link(FILENAME_CHECKOUT, 'payment&payment_error=' . $this->_code . $payment_error_return, 'SSL')) . osc_draw_hidden_field('Bname', MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local' ? $_POST['psigate_cc_owner'] : $order->billing['firstname'] . ' ' . $order->billing['lastname']) . osc_draw_hidden_field('Baddr1', $order->billing['street_address']) . osc_draw_hidden_field('Bcity', $order->billing['city']); if ($order->billing['country']['iso_code_2'] == 'US') { $Qstate = $osC_Database->query('select zone_code from :table_zones where zone_id = :zone_id'); $Qstate->bindTable(':table_zones', TABLE_ZONES); $Qstate->bindInt(':zone_id', $order->billing['zone_id']); $Qstate->execute(); $process_button_string .= osc_draw_hidden_field('Bstate', $Qstate->value('zone_code')); } else { $process_button_string .= osc_draw_hidden_field('Bstate', $order->billing['state']); } $process_button_string .= osc_draw_hidden_field('Bzip', $order->billing['postcode']) . osc_draw_hidden_field('Bcountry', $order->billing['country']['iso_code_2']) . osc_draw_hidden_field('Phone', $order->customer['telephone']) . osc_draw_hidden_field('Email', $order->customer['email_address']) . osc_draw_hidden_field('Sname', $order->delivery['firstname'] . ' ' . $order->delivery['lastname']) . osc_draw_hidden_field('Saddr1', $order->delivery['street_address']) . osc_draw_hidden_field('Scity', $order->delivery['city']) . osc_draw_hidden_field('Sstate', $order->delivery['state']) . osc_draw_hidden_field('Szip', $order->delivery['postcode']) . osc_draw_hidden_field('Scountry', $order->delivery['country']['iso_code_2']) . osc_draw_hidden_field('ChargeType', $transaction_type) . osc_draw_hidden_field('Result', $transaction_mode) . osc_draw_hidden_field('IP', osc_get_ip_address()); if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') { $process_button_string .= osc_draw_hidden_field('CardNumber', $this->cc_card_number) . osc_draw_hidden_field('ExpMonth', $this->cc_expiry_month) . osc_draw_hidden_field('ExpYear', substr($this->cc_expiry_year, -2)); } return $process_button_string; }
function process() { global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard; $this->_verifyData(); $this->_order_id = osC_Order::insert(); $post_string = '<?xml version="1.0" encoding="UTF-8"?>' . "\n" . '<WIRECARD_BXML xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance" xsi:noNamespaceSchemaLocation="wirecard.xsd">' . "\n" . ' <W_REQUEST>' . "\n" . ' <W_JOB>' . "\n" . ' <JobID>Job 1</JobID>' . "\n" . ' <BusinessCaseSignature>' . MODULE_PAYMENT_WIRECARD_CC_BUSINESS_SIGNATURE . '</BusinessCaseSignature>' . "\n" . ' <FNC_CC_PREAUTHORIZATION>' . "\n" . ' <FunctionID>Preauthorization 1</FunctionID>' . "\n" . ' <CC_TRANSACTION mode="' . MODULE_PAYMENT_WIRECARD_CC_TRANSACTION_MODE . '">' . "\n" . ' <TransactionID>' . $this->_order_id . '</TransactionID>' . "\n" . ' <CommerceType>eCommerce</CommerceType>' . "\n" . ' <Amount>' . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . '</Amount>' . "\n" . ' <Currency>' . $osC_Currencies->getCode() . '</Currency>' . "\n" . ' <CountryCode>' . osC_Address::getCountryIsoCode2(STORE_COUNTRY) . '</CountryCode>' . "\n" . ' <Usage>' . STORE_NAME . '</Usage>' . "\n" . ' <RECURRING_TRANSACTION>' . "\n" . ' <Type>Single</Type>' . "\n" . ' </RECURRING_TRANSACTION>' . "\n" . ' <CREDIT_CARD_DATA>' . "\n" . ' <CreditCardNumber>' . $osC_CreditCard->getNumber() . '</CreditCardNumber>' . "\n"; if (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1') { $post_string .= ' <CVC2>' . $osC_CreditCard->getCVC() . '</CVC2>' . "\n"; } $post_string .= ' <ExpirationYear>' . $osC_CreditCard->getExpiryYear() . '</ExpirationYear>' . "\n" . ' <ExpirationMonth>' . $osC_CreditCard->getExpiryMonth() . '</ExpirationMonth>' . "\n" . ' <CardHolderName>' . $osC_CreditCard->getOwner() . '</CardHolderName>' . "\n" . ' </CREDIT_CARD_DATA>' . "\n" . ' <CONTACT_DATA>' . "\n" . ' <IPAddress>' . osc_get_ip_address() . '</IPAddress>' . "\n" . ' </CONTACT_DATA>' . "\n" . ' <CORPTRUSTCENTER_DATA>' . "\n" . ' <ADDRESS>' . "\n" . ' <FirstName>' . $osC_ShoppingCart->getBillingAddress('firstname') . '</FirstName>' . "\n" . ' <LastName>' . $osC_ShoppingCart->getBillingAddress('lastname') . '</LastName>' . "\n" . ' <Address1>' . $osC_ShoppingCart->getBillingAddress('street_address') . '</Address1>' . "\n" . ' <City>' . $osC_ShoppingCart->getBillingAddress('city') . '</City>' . "\n" . ' <ZipCode>' . $osC_ShoppingCart->getBillingAddress('postcode') . '</ZipCode>' . "\n"; if (osc_empty($osC_ShoppingCart->getBillingAddress('zone_code')) === false) { $post_string .= ' <State>' . $osC_ShoppingCart->getBillingAddress('zone_code') . '</State>' . "\n"; } $post_string .= ' <Country>' . $osC_ShoppingCart->getBillingAddress('country_iso_code_2') . '</Country>' . "\n" . ' <Phone>' . $osC_ShoppingCart->getBillingAddress('telephone_number') . '</Phone>' . "\n" . ' <Email>' . $osC_Customer->getEmailAddress() . '</Email>' . "\n" . ' </ADDRESS>' . "\n" . ' </CORPTRUSTCENTER_DATA>' . "\n" . ' </CC_TRANSACTION>' . "\n" . ' </FNC_CC_PREAUTHORIZATION>' . "\n" . ' </W_JOB>' . "\n" . ' </W_REQUEST>' . "\n" . '</WIRECARD_BXML>'; $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string, array('Content-type: text/xml')); if (empty($this->_transaction_response) === false) { $osC_XML = new osC_XML($this->_transaction_response); $result = $osC_XML->toArray(); } else { $result = array(); } $error = false; if (isset($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'])) { if ($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'] != 'ACK') { $errno = $result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['ERROR']['Number']; switch ($errno) { case '14': case '20109': $error = $osC_Language->get('payment_wirecard_cc_error_unkown_card'); break; case '33': case '20071': $error = $osC_Language->get('payment_wirecard_cc_error_' . (int) $errno); break; default: $error = $osC_Language->get('payment_wirecard_cc_error_general'); break; } } } else { $error = $osC_Language->get('payment_wirecard_cc_error_general'); } if ($error === false) { osC_Order::process($this->_order_id, $this->order_status); $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $this->_order_id); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response); $Qtransaction->bindInt(':transaction_return_status', 1); $Qtransaction->execute(); } else { osC_Order::remove($this->_order_id); $messageStack->add_session('checkout_payment', $error, 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&wirecard_cc_owner=' . $osC_CreditCard->getOwner() . '&wirecard_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&wirecard_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1' ? '&wirecard_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL')); } }
die($osC_Language->get('error_download_max_num_of_times')); } // Die if file is not there if (!file_exists(DIR_FS_DOWNLOAD . $Qdownload->value('orders_products_cache_filename'))) { die($osC_Language->get('error_download_file_not_exist')); } // Now decrement counter $Qupdate = $osC_Database->query('update :table_orders_products_download set download_count = download_count-1 where orders_products_download_id = :orders_products_download_id'); $Qupdate->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qupdate->bindInt(':orders_products_download_id', $_GET['id']); $Qupdate->execute(); // Now insert history $Qinsert = $osC_Database->query('insert into :table_products_download_history (orders_products_download_id, download_date, download_ip_address) values (:orders_products_download_id, now(), :download_ip_address)'); $Qinsert->bindTable(':table_products_download_history', TABLE_PRODUCTS_DOWNLOAD_HISTORY); $Qinsert->bindInt(':orders_products_download_id', $_GET['id']); $Qinsert->bindValue(':download_ip_address', osc_get_ip_address()); $Qinsert->execute(); } } } // Returns a random name, 16 to 20 characters long // There are more than 10^28 combinations // The directory is "hidden", i.e. starts with '.' function osc_random_name() { $letters = 'abcdefghijklmnopqrstuvwxyz'; $dirname = '.'; $length = floor(osc_rand(16, 20)); for ($i = 1; $i <= $length; $i++) { $q = floor(osc_rand(1, 26)); $dirname .= $letters[$q];
function process() { global $osC_Currencies, $osC_ShoppingCart, $osC_Customer, $osC_Language, $messageStack; $currency = $osC_Currencies->getCode(); if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) { $params = array('USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => osc_get_ip_address(), 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CREDITCARDTYPE' => $_POST['cc_type'], 'ACCT' => $_POST['cc_number_nh-dns'], 'STARTDATE' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'LASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ') + 1), 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRYCODE' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'EMAIL' => $osC_Customer->getEmailAddress(), 'PHONENUM' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'CURRENCYCODE' => $currency, 'BUTTONSOURCE' => 'tomatcart'); if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') { $params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns']; } if ($osC_ShoppingCart->hasShippingAddress()) { $params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'); $params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address'); $params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city'); $params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code'); $params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2'); $params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode'); } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($this->api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') { $messageStack->add_session('checkout', stripslashes($response_array['L_LONGMESSAGE0']), 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL')); } else { $orders_id = osC_Order::insert(); $comments = 'PayPal Website Payments Pro (US) Direct Payments [' . 'ACK: ' . $response_array['ACK'] . '; TransactionID: ' . $response_array['TRANSACTIONID'] . ';' . ']'; osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments); } } else { $messageStack->add_session('checkout', $osC_Language->get('payment_paypal_direct_error_all_fields_required'), 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL')); } }
function process() { global $osC_Currencies, $osC_ShoppingCart, $messageStack, $osC_Customer, $osC_Tax, $osC_CreditCard; $this->_verifyData(); $orders_id = osC_Order::insert(); $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID, 0, 20), 'x_tran_key' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_TRANSACTION_KEY, 0, 16), 'x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $order_id, 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => substr($osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 0, 15), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY', 'x_card_num' => $osC_CreditCard->getNumber(), 'x_exp_date' => $osC_CreditCard->getExpiryMonth() . $osC_CreditCard->getExpiryYear()); if (ACCOUNT_TELEPHONE > -1) { $params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number'); } if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_VERIFY_WITH_CVC == '1') { $params['x_card_code'] = $osC_CreditCard->getCVC(); } if ($osC_ShoppingCart->hasShippingAddress()) { $params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50); $params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50); $params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50); $params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60); $params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40); $params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40); $params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20); $params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60); } if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_MODE == 'Test') { $params['x_test_request'] = 'TRUE'; } $shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100); $total_tax = $osC_ShoppingCart->getTax() - $shipping_tax; if ($total_tax > 0) { $params['x_tax'] = $osC_Currencies->formatRaw($total_tax); } $params['x_freight'] = $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost')); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); if ($osC_ShoppingCart->hasContents()) { $i = 1; foreach ($osC_ShoppingCart->getProducts() as $product) { $post_string .= '&x_line_item=' . urlencode($i) . '<|>' . urlencode(substr($product['name'], 0, 31)) . '<|>' . urlencode(substr($product['name'], 0, 255)) . '<|>' . urlencode($product['quantity']) . '<|>' . urlencode($osC_Currencies->formatRaw($product['final_price'])) . '<|>' . urlencode($product['tax_class_id'] > 0 ? 'YES' : 'NO'); $i++; } } switch (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; break; default: $gateway_url = 'https://test.authorize.net/gateway/transact.dll'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); if (!empty($transaction_response)) { $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response); foreach ($regs as $key => $value) { $regs[$key] = substr($value, 1, -1); // remove double quotes } } else { $regs = array('-1', '-1', '-1'); } $error = false; if ($regs[0] == '1') { if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH)) { if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal())))) { $error = 'general'; } } } else { switch ($regs[2]) { case '7': $error = 'invalid_expiration_date'; break; case '8': $error = 'expired'; break; case '6': case '17': case '28': $error = 'declined'; break; case '78': $error = 'cvc'; break; default: $error = 'general'; break; } } if ($error != false) { osC_Order::remove($orders_id); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&error=' . $error, 'SSL')); } else { osC_Order::process($orders_id, $this->_order_status, $transaction_response); } }
function insert($order_status = DEFAULT_ORDERS_STATUS_ID) { global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $toC_Wishlist; if (isset($_SESSION['prepOrderID'])) { $_prep = explode('-', $_SESSION['prepOrderID']); if ($_prep[0] == $osC_ShoppingCart->getCartID()) { return $_prep[1]; // order_id } else { if (osC_Order::getStatusID($_prep[1]) === ORDERS_STATUS_PREPARING) { osC_Order::remove($_prep[1]); } } } if (!class_exists(osC_Account)) { require_once 'includes/classes/account.php'; } if (!$osC_Customer->isLoggedOn()) { osC_Order::createCustomer(); } else { //insert billing address $billing_address = $osC_ShoppingCart->getBillingAddress(); if (isset($billing_address['id']) && $billing_address['id'] == '-1') { osC_Account::createNewAddress($osC_Customer->getID(), $billing_address); } //insert shipping address if (!isset($billing_address['ship_to_this_address']) || isset($billing_address['ship_to_this_address']) && empty($billing_address['ship_to_this_address'])) { $shipping_address = $osC_ShoppingCart->getShippingAddress(); if (isset($shipping_address['id']) && $shipping_address['id'] == '-1') { osC_Account::createNewAddress($osC_Customer->getID(), $shipping_address); } } } $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_comment, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_zone_id, delivery_state_code, delivery_country_id, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, delivery_telephone, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_zone_id, billing_state_code, billing_country_id, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, billing_telephone, payment_method, payment_module, uses_store_credit, store_credit_amount, date_purchased, orders_status, currency, currency_value, gift_wrapping, wrapping_message) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_comment, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_zone_id, :delivery_state_code, :delivery_country_id, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :delivery_telephone, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_zone_id, :billing_state_code, :billing_country_id, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :billing_telephone, :payment_method, :payment_module, :uses_store_credit, :store_credit_amount, now(), :orders_status, :currency, :currency_value, :gift_wrapping, :wrapping_message)'); $Qorder->bindTable(':table_orders', TABLE_ORDERS); $Qorder->bindInt(':customers_id', $osC_Customer->getID()); $Qorder->bindValue(':customers_name', $osC_Customer->getName()); $Qorder->bindValue(':customers_company', ''); $Qorder->bindValue(':customers_street_address', ''); $Qorder->bindValue(':customers_suburb', ''); $Qorder->bindValue(':customers_city', ''); $Qorder->bindValue(':customers_postcode', ''); $Qorder->bindValue(':customers_state', ''); $Qorder->bindValue(':customers_state_code', ''); $Qorder->bindValue(':customers_country', ''); $Qorder->bindValue(':customers_country_iso2', ''); $Qorder->bindValue(':customers_country_iso3', ''); $Qorder->bindValue(':customers_telephone', ''); $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress()); $Qorder->bindValue(':customers_comment', $_SESSION['comments']); $Qorder->bindValue(':customers_address_format', ''); $Qorder->bindValue(':customers_ip_address', osc_get_ip_address()); $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname')); $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company')); $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address')); $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb')); $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city')); $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode')); $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state')); $Qorder->bindValue(':delivery_zone_id', $osC_ShoppingCart->getShippingAddress('zone_id')); $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code')); $Qorder->bindValue(':delivery_country_id', $osC_ShoppingCart->getShippingAddress('country_id')); $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title')); $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2')); $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3')); $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format')); $Qorder->bindValue(':delivery_telephone', $osC_ShoppingCart->getShippingAddress('telephone_number')); $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname')); $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company')); $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address')); $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb')); $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city')); $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode')); $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state')); $Qorder->bindValue(':billing_zone_id', $osC_ShoppingCart->getBillingAddress('zone_id')); $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code')); $Qorder->bindValue(':billing_country_id', $osC_ShoppingCart->getBillingAddress('country_id')); $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title')); $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2')); $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3')); $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format')); $Qorder->bindValue(':billing_telephone', $osC_ShoppingCart->getBillingAddress('telephone_number')); $Qorder->bindValue(':payment_method', implode(',', $osC_ShoppingCart->getCartBillingMethods())); $Qorder->bindValue(':payment_module', implode(',', $osC_ShoppingCart->getCartBillingModules())); $Qorder->bindInt(':uses_store_credit', $osC_ShoppingCart->isUseStoreCredit()); $Qorder->bindValue(':store_credit_amount', $osC_ShoppingCart->isUseStoreCredit() ? $osC_ShoppingCart->getStoreCredit() : '0'); $Qorder->bindInt(':orders_status', $order_status); $Qorder->bindValue(':currency', $osC_Currencies->getCode()); $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode())); $Qorder->bindInt(':gift_wrapping', $osC_ShoppingCart->isGiftWrapping() ? '1' : '0'); $Qorder->bindValue(':wrapping_message', isset($_SESSION['gift_wrapping_comments']) ? $_SESSION['gift_wrapping_comments'] : ''); $Qorder->execute(); $insert_id = $osC_Database->nextID(); foreach ($osC_ShoppingCart->getOrderTotals() as $module) { $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)'); $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL); $Qtotals->bindInt(':orders_id', $insert_id); $Qtotals->bindValue(':title', $module['title']); $Qtotals->bindValue(':text', $module['text']); $Qtotals->bindValue(':value', $module['value']); $Qtotals->bindValue(':class', $module['code']); $Qtotals->bindInt(':sort_order', $module['sort_order']); $Qtotals->execute(); } $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)'); $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY); $Qstatus->bindInt(':orders_id', $insert_id); $Qstatus->bindInt(':orders_status_id', $order_status); $Qstatus->bindInt(':customer_notified', '0'); $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : ''); $Qstatus->execute(); foreach ($osC_ShoppingCart->getProducts() as $products) { $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_type, products_sku, products_name, products_price, final_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_type, :products_sku, :products_name, :products_price, :final_price, :products_tax, :products_quantity)'); $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS); $Qproducts->bindInt(':orders_id', $insert_id); $Qproducts->bindInt(':products_id', osc_get_product_id($products['id'])); $Qproducts->bindValue(':products_type', $products['type']); $Qproducts->bindValue(':products_sku', $products['sku']); $Qproducts->bindValue(':products_name', $products['name']); $Qproducts->bindValue(':products_price', $products['price']); $Qproducts->bindValue(':final_price', $products['final_price']); $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'], $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id'))); $Qproducts->bindInt(':products_quantity', $products['quantity']); $Qproducts->execute(); $order_products_id = $osC_Database->nextID(); if (!empty($products['customizations'])) { foreach ($products['customizations'] as $customization) { $Qcustomization = $osC_Database->query('insert into :table_orders_products_customizations (orders_id, orders_products_id, quantity) values (:orders_id, :orders_products_id, :quantity)'); $Qcustomization->bindTable(':table_orders_products_customizations', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS); $Qcustomization->bindInt(':orders_id', $insert_id); $Qcustomization->bindInt(':orders_products_id', $order_products_id); $Qcustomization->bindInt(':quantity', $customization['qty']); $Qcustomization->execute(); $orders_products_customizations_id = $osC_Database->nextID(); foreach ($customization['fields'] as $field) { $Qfield = $osC_Database->query('insert into :table_orders_products_customizations_values (orders_products_customizations_id , customization_fields_id, customization_fields_name, customization_fields_type, customization_fields_value, cache_file_name) values (:orders_products_customizations_id, :customization_fields_id, :customization_fields_name, :customization_fields_type, :customization_fields_value, :cache_file_name)'); $Qfield->bindTable(':table_orders_products_customizations_values', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS_VALUES); $Qfield->bindInt(':orders_products_customizations_id', $orders_products_customizations_id); $Qfield->bindInt(':customization_fields_id', $field['customization_fields_id']); $Qfield->bindValue(':customization_fields_name', $field['customization_fields_name']); $Qfield->bindInt(':customization_fields_type', $field['customization_type']); $Qfield->bindValue(':customization_fields_value', $field['customization_value']); $Qfield->bindValue(':cache_file_name', $field['cache_filename']); $Qfield->execute(); if ($osC_Database->isError() === false) { @copy(DIR_FS_CACHE . 'products_customizations/' . $field['cache_filename'], DIR_FS_CACHE . 'orders_customizations/' . $field['cache_filename']); } } } } if ($osC_ShoppingCart->hasVariants($products['id'])) { foreach ($osC_ShoppingCart->getVariants($products['id']) as $variants_id => $variants) { $Qvariants = $osC_Database->query('select pvg.products_variants_groups_name, pvv.products_variants_values_name from :table_products_variants pv, :table_products_variants_entries pve, :table_products_variants_groups pvg, :table_products_variants_values pvv where pv.products_id = :products_id and pv.products_variants_id = pve.products_variants_id and pve.products_variants_groups_id = :groups_id and pve.products_variants_values_id = :variants_values_id and pve.products_variants_groups_id = pvg.products_variants_groups_id and pve.products_variants_values_id = pvv.products_variants_values_id and pvg.language_id = :pvg_language_id and pvv.language_id = :pvv_language_id'); $Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvariants->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qvariants->bindTable(':table_products_variants_groups', TABLE_PRODUCTS_VARIANTS_GROUPS); $Qvariants->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES); $Qvariants->bindInt(':products_id', $products['id']); $Qvariants->bindInt(':groups_id', $variants['groups_id']); $Qvariants->bindInt(':variants_values_id', $variants['variants_values_id']); $Qvariants->bindInt(':pvg_language_id', $osC_Language->getID()); $Qvariants->bindInt(':pvv_language_id', $osC_Language->getID()); $Qvariants->execute(); $Qopv = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, products_variants_groups_id, products_variants_groups, products_variants_values_id, products_variants_values) values (:orders_id, :orders_products_id, :products_variants_groups_id, :products_variants_groups, :products_variants_values_id, :products_variants_values)'); $Qopv->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS); $Qopv->bindInt(':orders_id', $insert_id); $Qopv->bindInt(':orders_products_id', $order_products_id); $Qopv->bindInt(':products_variants_groups_id', $variants['groups_id']); $Qopv->bindValue(':products_variants_groups', $Qvariants->value('products_variants_groups_name')); $Qopv->bindInt(':products_variants_values_id', $variants['variants_values_id']); $Qopv->bindValue(':products_variants_values', $Qvariants->value('products_variants_values_name')); $Qopv->execute(); } } if ($products['type'] == PRODUCT_TYPE_DOWNLOADABLE) { $Qdownloadable = $osC_Database->query('select * from :table_products_downloadables where products_id = :products_id'); $Qdownloadable->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qdownloadable->bindInt(':products_id', osc_get_product_id($products['id'])); $Qdownloadable->execute(); if ($osC_ShoppingCart->hasVariants($products['id'])) { $variants_filename = $products['variant_filename']; $variants_cache_filename = $products['variant_cache_filename']; } else { $variants_filename = $Qdownloadable->value('filename'); $variants_cache_filename = $Qdownloadable->value('cache_filename'); } $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, orders_products_cache_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :orders_products_cache_filename, :download_maxdays, :download_count)'); $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qopd->bindInt(':orders_id', $insert_id); $Qopd->bindInt(':orders_products_id', $order_products_id); $Qopd->bindValue(':orders_products_filename', $variants_filename); $Qopd->bindValue(':orders_products_cache_filename', $variants_cache_filename); $Qopd->bindValue(':download_maxdays', $Qdownloadable->valueInt('number_of_accessible_days')); $Qopd->bindValue(':download_count', $Qdownloadable->valueInt('number_of_downloads') * $products['quantity']); $Qopd->execute(); } if ($products['type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) { require_once 'gift_certificates.php'; $Qgc = $osC_Database->query('insert into :table_gift_certificates (orders_id, orders_products_id, gift_certificates_type, amount, gift_certificates_code, recipients_name, recipients_email, senders_name, senders_email, messages) values (:orders_id, :orders_products_id, :gift_certificates_type, :amount, :gift_certificates_code, :recipients_name, :recipients_email, :senders_name, :senders_email, :messages)'); $Qgc->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES); $Qgc->bindInt(':orders_id', $insert_id); $Qgc->bindInt(':gift_certificates_type', $products['gc_data']['type']); $Qgc->bindInt(':orders_products_id', $order_products_id); $Qgc->bindValue(':amount', $products['price']); $Qgc->bindValue(':gift_certificates_code', toC_Gift_Certificates::createGiftCertificateCode()); $Qgc->bindValue(':recipients_name', $products['gc_data']['recipients_name']); $Qgc->bindValue(':recipients_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['recipients_email'] : ''); $Qgc->bindValue(':senders_name', $products['gc_data']['senders_name']); $Qgc->bindValue(':senders_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['senders_email'] : ''); $Qgc->bindValue(':messages', $products['gc_data']['message']); $Qgc->execute(); } } if ($osC_ShoppingCart->isUseStoreCredit()) { $Qhistory = $osC_Database->query('insert into :table_customers_credits_history (customers_id, action_type, date_added, amount, comments) values (:customers_id, :action_type, now(), :amount, :comments)'); $Qhistory->bindTable(':table_customers_credits_history', TABLE_CUSTOMERS_CREDITS_HISTORY); $Qhistory->bindInt(':customers_id', $osC_Customer->getID()); $Qhistory->bindInt(':action_type', STORE_CREDIT_ACTION_TYPE_ORDER_PURCHASE); $Qhistory->bindValue(':amount', $osC_ShoppingCart->getStoreCredit() * -1); $Qhistory->bindValue(':comments', sprintf($osC_Language->get('store_credit_order_number'), $insert_id)); $Qhistory->execute(); $Qcustomer = $osC_Database->query('update :table_customers set customers_credits = (customers_credits + :customers_credits) where customers_id = :customers_id'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindRaw(':customers_credits', $osC_ShoppingCart->getStoreCredit() * -1); $Qcustomer->bindInt(':customers_id', $osC_Customer->getID()); $Qcustomer->execute(); $Qcredit = $osC_Database->query('select customers_credits from :table_customers where customers_id = :customers_id'); $Qcredit->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcredit->bindInt(':customers_id', $osC_Customer->getID()); $Qcredit->execute(); $osC_Customer->setStoreCredit($Qcredit->value('customers_credits')); } if ($osC_ShoppingCart->hasCoupon()) { include_once 'includes/classes/coupon.php'; $toC_Coupon = new toC_Coupon($osC_ShoppingCart->getCouponCode()); $Qcoupon = $osC_Database->query('insert into :table_coupons_redeem_history (coupons_id, customers_id, orders_id, redeem_amount, redeem_date, redeem_ip_address) values (:coupons_id, :customers_id, :orders_id, :redeem_amount, now(), :redeem_ip_address)'); $Qcoupon->bindTable(':table_coupons_redeem_history', TABLE_COUPONS_REDEEM_HISTORY); $Qcoupon->bindInt(':coupons_id', $toC_Coupon->getID()); $Qcoupon->bindInt(':customers_id', $osC_Customer->getID()); $Qcoupon->bindInt(':orders_id', $insert_id); $Qcoupon->bindValue(':redeem_amount', $osC_ShoppingCart->getCouponAmount()); $Qcoupon->bindValue(':redeem_ip_address', osc_get_ip_address()); $Qcoupon->execute(); } if ($osC_ShoppingCart->hasGiftCertificate()) { $gift_certificate_codes = $osC_ShoppingCart->getGiftCertificateRedeemAmount(); foreach ($gift_certificate_codes as $gift_certificate_code => $amount) { $Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code'); $Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES); $Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code); $Qcertificate->execute(); $Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)'); $Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY); $Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt(gift_certificates_id)); $Qinsert->bindInt(':customers_id', $osC_Customer->getID()); $Qinsert->bindInt(':orders_id', $insert_id); $Qinsert->bindValue(':redeem_amount', $amount); $Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address()); $Qinsert->execute(); } } $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id; return $insert_id; }
function process() { global $osC_Database, $osC_MessageStack, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart; $this->_verifyData(); $this->_order_id = osC_Order::insert(); $params = array('x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_login' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID, 'x_tran_key' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_KEY, 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()), 'x_currency_code' => $osC_Currencies->getCode(), 'x_method' => 'ECHECK', 'x_bank_aba_code' => $_POST['authorizenet_echeck_routing_code'], 'x_bank_acct_num' => $_POST['authorizenet_echeck_account_number'], 'x_bank_acct_type' => $_POST['authorizenet_echeck_account_type'], 'x_bank_name' => $_POST['authorizenet_echeck_bank_name'], 'x_bank_acct_name' => $_POST['authorizenet_echeck_owner'], 'x_echeck_type' => 'WEB', 'x_type' => 'AUTH_ONLY', 'x_first_name' => $osC_ShoppingCart->getBillingAddress('firstname'), 'x_last_name' => $osC_ShoppingCart->getBillingAddress('lastname'), 'x_company' => $osC_ShoppingCart->getBillingAddress('company'), 'x_address' => $osC_ShoppingCart->getBillingAddress('street_address'), 'x_city' => $osC_ShoppingCart->getBillingAddress('city'), 'x_state' => $osC_ShoppingCart->getBillingAddress('state'), 'x_zip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'x_country' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'x_cust_id' => $osC_Customer->getID(), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $this->_order_id, 'x_email' => $osC_Customer->getEmailAddress(), 'x_email_customer' => 'FALSE', 'x_ship_to_first_name' => $osC_ShoppingCart->getShippingAddress('firstname'), 'x_ship_to_last_name' => $osC_ShoppingCart->getShippingAddress('lastname'), 'x_ship_to_company' => $osC_ShoppingCart->getShippingAddress('company'), 'x_ship_to_address' => $osC_ShoppingCart->getShippingAddress('street_address'), 'x_ship_to_city' => $osC_ShoppingCart->getShippingAddress('city'), 'x_ship_to_state' => $osC_ShoppingCart->getShippingAddress('state'), 'x_ship_to_zip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'x_ship_to_country' => $osC_ShoppingCart->getShippingAddress('country_iso_code_2')); if (ACCOUNT_TELEPHONE > -1) { $params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number'); } if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_TEST_MODE == '1') { $params['x_test_request'] = 'TRUE'; } if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_VERIFY_WITH_WF_SS == '1') { $params['x_customer_organization_type'] = $_POST['authorizenet_echeck_org_type']; $params['x_customer_tax_id'] = $_POST['authorizenet_echeck_tax_id']; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string); if (empty($this->_transaction_response) === false) { $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $this->_transaction_response); foreach ($regs as $key => $value) { $regs[$key] = substr($value, 1, -1); // remove double quotes } } else { $regs = array('-1', '-1', '-1'); } $error = false; if ($regs[0] == '1') { if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH)) { if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode())))) { $error = $osC_Language->get('payment_authorizenet_echeck_error_general'); } } } else { switch ($regs[2]) { case '9': $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_routing_code'); break; case '10': $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_account'); break; case '77': $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_tax_id'); break; default: $error = $osC_Language->get('payment_authorizenet_echeck_error_general'); break; } } if ($error === false) { osC_Order::process($this->_order_id, $this->order_status); $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $this->_order_id); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response); $Qtransaction->bindInt(':transaction_return_status', 1); $Qtransaction->execute(); } else { osC_Order::remove($this->_order_id); $osC_MessageStack->add('checkout_payment', $error, 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&authorizenet_echeck_owner=' . $_POST['authorizenet_echeck_owner'] . '&authorizenet_echeck_account_type=' . $_POST['authorizenet_echeck_account_type'] . '&authorizenet_echeck_bank_name=' . $_POST['authorizenet_echeck_bank_name'] . '&authorizenet_echeck_routing_code=' . $_POST['authorizenet_echeck_routing_code'], 'SSL')); } }
function process() { global $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack; $currency = $osC_Currencies->getCode(); if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) { $params = array('USER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_USERNAME || MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CURRENCY' => $currency, 'NAME' => $_POST['cc_owner'], 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRY' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'CLIENTIP' => osc_get_ip_address(), 'EMAIL' => $osC_ShoppingCart->getBillingAddress('email_address'), 'ACCT' => $_POST['cc_number_nh-dns'], 'ACCTTYPE' => $_POST['cc_type'], 'CARDSTART' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'tomatcart'); if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') { $params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns']; } if ($osC_ShoppingCart->hasShippingAddress()) { $params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'); $params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address'); $params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city'); $params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code'); $params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2'); $params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode'); } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($this->api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if ($response_array['RESULT'] != '0') { switch ($response_array['RESULT']) { case '1': case '26': $error_message = $osC_Language->get('payment_paypal_uk_direct_error_cfg_error'); break; case '7': $error_message = $osC_Language->get('payment_paypal_uk_direct_error_address'); break; case '12': $error_message = $osC_Language->get('payment_paypal_uk_direct_error_declined'); break; case '23': case '24': $error_message = $osC_Language->get('payment_paypal_uk_direct_error_invalid_credit_card'); break; default: $error_message = $osC_Language->get('payment_paypal_uk_direct_error_general'); break; } $messageStack->add_session('checkout', $error_message, 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL')); } else { $comments = 'PayPal Website Payments Pro (US) Direct Payments perform successfully.'; $orders_id = osC_Order::insert(); osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments); } } else { $messageStack->add_session('checkout', $error_message, 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL')); } }
public static function start() { Registry::set('Session', SessionClass::load()); $OSCOM_Session = Registry::get('Session'); $OSCOM_Session->setLifeTime(SERVICE_SESSION_EXPIRATION_TIME * 60); if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1' || (bool) ini_get('session.use_only_cookies') === true) { osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90); if (isset($_COOKIE['cookie_test'])) { $OSCOM_Session->start(); } } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; if (!empty($user_agent)) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (!empty($spider)) { if (strpos($user_agent, trim($spider)) !== false) { $spider_flag = true; break; } } } } if ($spider_flag === false) { $OSCOM_Session->start(); } } else { $OSCOM_Session->start(); } // verify the ssl_session_id if (OSCOM::getRequestType() == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) { if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) { if (!isset($_SESSION['SESSION_SSL_ID'])) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { $OSCOM_Session->destroy(); osc_redirect(OSCOM::getLink(null, 'Info', 'SSLcheck', 'AUTO')); } } } // verify the browser user agent if (SERVICE_SESSION_CHECK_USER_AGENT == '1') { $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['SESSION_USER_AGENT'])) { $_SESSION['SESSION_USER_AGENT'] = $http_user_agent; } if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) { $OSCOM_Session->destroy(); osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // verify the IP address if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') { if (!isset($_SESSION['SESSION_IP_ADDRESS'])) { $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) { $OSCOM_Session->destroy(); osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } Registry::get('MessageStack')->loadFromSession(); return true; }
public static function start() { $OSCOM_Customer = Registry::get('Customer'); $OSCOM_Database = Registry::get('Database'); if ($OSCOM_Customer->isLoggedOn()) { $wo_customer_id = $OSCOM_Customer->getID(); $wo_full_name = $OSCOM_Customer->getName(); } else { $wo_customer_id = null; $wo_full_name = 'Guest'; if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); if (!empty($user_agent)) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (!empty($spider)) { if (strpos($user_agent, trim($spider)) !== false) { $wo_full_name = $spider; break; } } } } } } $wo_session_id = session_id(); $wo_ip_address = osc_get_ip_address(); $wo_last_page_url = osc_output_string_protected(substr($_SERVER['REQUEST_URI'], 0, 255)); $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $Qwhosonline = $OSCOM_Database->query('delete from :table_whos_online where time_last_click < :time_last_click'); $Qwhosonline->bindValue(':time_last_click', $xx_mins_ago); $Qwhosonline->execute(); $Qwhosonline = $OSCOM_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id'); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->execute(); if ($Qwhosonline->valueInt('count') > 0) { $Qwhosonline = $OSCOM_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id'); if ($wo_customer_id > 0) { $Qwhosonline->bindInt(':customer_id', $wo_customer_id); } else { $Qwhosonline->bindRaw(':customer_id', 'null'); } $Qwhosonline->bindValue(':full_name', $wo_full_name); $Qwhosonline->bindValue(':ip_address', $wo_ip_address); $Qwhosonline->bindValue(':time_last_click', $current_time); $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->execute(); } else { $Qwhosonline = $OSCOM_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url)'); if ($wo_customer_id > 0) { $Qwhosonline->bindInt(':customer_id', $wo_customer_id); } else { $Qwhosonline->bindRaw(':customer_id', 'null'); } $Qwhosonline->bindValue(':full_name', $wo_full_name); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->bindValue(':ip_address', $wo_ip_address); $Qwhosonline->bindValue(':time_entry', $current_time); $Qwhosonline->bindValue(':time_last_click', $current_time); $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url); $Qwhosonline->execute(); } return true; }
function generatePassword($email) { global $osC_Database; $password = osc_create_random_string(8); $Qpassword = $osC_Database->query('update :table_administrators set user_password = :user_password where email_address = :email_address'); $Qpassword->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qpassword->bindValue(':user_password', osc_encrypt_string($password)); $Qpassword->bindValue(':email_address', $email); $Qpassword->execute(); if (!$osC_Database->isError()) { $Qadmin = $osC_Database->query('select id, user_name, email_address from :table_administrators where email_address = :email_address'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':email_address', $email); $Qadmin->execute(); include '../includes/classes/email_template.php'; $email_template = toC_Email_Template::getEmailTemplate('admin_password_forgotten'); $email_template->setData($Qadmin->value('user_name'), osc_get_ip_address(), $password, $email); $email_template->buildMessage(); $email_template->sendEmail(); return true; } return false; }
function start() { global $osC_Customer, $osC_Database; if ($osC_Customer->isLoggedOn()) { $wo_customer_id = $osC_Customer->getID(); $wo_full_name = $osC_Customer->getName(); } else { $wo_customer_id = '0'; $wo_full_name = 'Guest'; if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); if (!empty($user_agent)) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (!empty($spider)) { if (strpos($user_agent, trim($spider)) !== false) { $wo_customer_id = '-1'; $wo_full_name = $spider; break; } } } } } } $wo_session_id = session_id(); $wo_ip_address = osc_get_ip_address(); $wo_last_page_url = $_SERVER['REQUEST_URI']; if (!empty($_SERVER['HTTP_REFERER'])) { $referrer_url = parse_url($_SERVER['HTTP_REFERER']); $referrer_url = strtolower($referrer_url['host']); } else { $referrer_url = null; } // A Bot doesn't have a session (normally shouldn't), therefore the IP Address is used as unique identifier if (empty($wo_session_id)) { $wo_session_id = $wo_ip_address; } $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $Qwhosonline = $osC_Database->query('delete from :table_whos_online where time_last_click < :time_last_click'); $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE); $Qwhosonline->bindValue(':time_last_click', $xx_mins_ago); $Qwhosonline->execute(); $Qwhosonline = $osC_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id'); $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->execute(); if ($Qwhosonline->valueInt('count') > 0) { $Qwhosonline = $osC_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id'); $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE); $Qwhosonline->bindInt(':customer_id', $wo_customer_id); $Qwhosonline->bindValue(':full_name', $wo_full_name); $Qwhosonline->bindValue(':ip_address', $wo_ip_address); $Qwhosonline->bindValue(':time_last_click', $current_time); $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->execute(); } else { $Qwhosonline = $osC_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url, referrer_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url, :referrer_url)'); $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE); $Qwhosonline->bindInt(':customer_id', $wo_customer_id); $Qwhosonline->bindValue(':full_name', $wo_full_name); $Qwhosonline->bindValue(':session_id', $wo_session_id); $Qwhosonline->bindValue(':ip_address', $wo_ip_address); $Qwhosonline->bindValue(':time_entry', $current_time); $Qwhosonline->bindValue(':time_last_click', $current_time); $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url); $Qwhosonline->bindValue(':referrer_url', $referrer_url); $Qwhosonline->execute(); } $Qwhosonline->freeResult(); return true; }
function process() { global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard; $this->_verifyData(); $this->_order_id = osC_Order::insert(); $params = array('orderID' => $this->_order_id, 'PSPID' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID, 'PSWD' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_PASSWORD, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100, 'currency' => $osC_Currencies->getCode(), 'CARDNO' => $osC_CreditCard->getNumber(), 'ED' => $osC_CreditCard->getExpiryMonth() . '/' . substr($osC_CreditCard->getExpiryYear(), -2), 'CVC' => $osC_CreditCard->getCVC(), 'CN' => $osC_CreditCard->getOwner(), 'EMAIL' => $osC_Customer->getEmailAddress(), 'Owneraddress' => $osC_ShoppingCart->getBillingAddress('street_address'), 'OwnerZip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'Ecom_Payment_Card_Verification' => $osC_CreditCard->getCVC(), 'Operation' => 'RES', 'REMOTE_ADDR' => osc_get_ip_address(), 'COM' => 'Customer ID: ' . $osC_Customer->getID()); if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID) === false) { $params['USERID'] = MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID; } if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE) === false) { $params['SHASign'] = sha1($this->_order_id . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . $osC_Currencies->getCode() . $osC_CreditCard->getNumber() . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID . 'RES' . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE); } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string); if (empty($this->_transaction_response) === false) { $osC_XML = new osC_XML($this->_transaction_response); $result = $osC_XML->toArray(); } else { $result = array('ncresponse attr' => array('STATUS' => '')); } switch ($result['ncresponse attr']['STATUS']) { case '': case '0': case '2': osC_Order::remove($this->_order_id); $messageStack->add_session('checkout_payment', $osC_Language->get('payment_ogone_directlink_cc_error_general'), 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&ogone_directlink_cc_owner=' . $osC_CreditCard->getOwner() . '&ogone_directlink_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&ogone_directlink_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_OGONE_DIRECTLINK_CC_VERIFY_WITH_CVC == '1' ? '&ogone_directlink_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL')); break; } osC_Order::process($this->_order_id, $this->order_status); $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $this->_order_id); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response); $Qtransaction->bindInt(':transaction_return_status', 1); $Qtransaction->execute(); }
function _insertGiftCertificateRedeemHistory($gift_certificate_code) { global $osC_Database; //get gift certificate id $Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code'); $Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES); $Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code); $Qcertificate->execute(); $Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)'); $Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY); $Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt('gift_certificates_id')); $Qinsert->bindInt(':customers_id', $this->_customer['customers_id']); $Qinsert->bindInt(':orders_id', $this->getOrderID()); $Qinsert->bindValue(':redeem_amount', $this->_gift_certificate_redeem_amount[$gift_certificate_code]); $Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address()); $Qinsert->setLogging($_SESSION['module'], $this->getOrderID()); $Qinsert->execute(); if (!$osC_Database->isError()) { return true; } return false; }
function callback() { global $osC_Database; $ip_address = osc_get_ip_address(); if ($ip_address == '69.20.58.35' || $ip_address == '207.97.201.192') { if (isset($_POST['cs1']) && is_numeric($_POST['cs1']) && isset($_POST['cs2']) && is_numeric($_POST['cs2']) && isset($_POST['cs3']) && empty($_POST['cs3']) === false && isset($_POST['product_id']) && $_POST['product_id'] == MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID && isset($_POST['total']) && empty($_POST['total']) === false && isset($_POST['transaction_type']) && empty($_POST['transaction_type']) === false) { if (osC_Order::exists($_POST['cs2'], $_POST['cs1'])) { $pass = false; $post_array = array('root' => $_POST); $osC_XML = new osC_XML($post_array); if ($_POST['cs3'] == md5(MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID . $_POST['cs2'] . $_POST['cs1'] . $_POST['total'] . MODULE_PAYMENT_CHRONOPAY_MD5_HASH)) { if (osC_Order::getStatusID($_POST['cs2']) === 4) { $pass = true; osC_Order::process($_POST['cs2'], $this->order_status); } } $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $_POST['cs2']); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML()); $Qtransaction->bindInt(':transaction_return_status', $pass === true ? 1 : 0); $Qtransaction->execute(); } } } }
function process_button() { global $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $osC_Session; $process_button_string = ''; $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, 0, 20), 'x_version' => '3.1', 'x_show_form' => 'PAYMENT_FORM', 'x_receipt_link_met' => 'POST', 'x_receipt_link_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_relay_response' => 'TRUE', 'x_relay_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_phone' => substr($osC_ShoppingCart->getBillingAddress('telephone_number'), 0, 25), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_cus_ip' => osc_get_ip_address(), 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY'); if ($osC_ShoppingCart->hasShippingAddress()) { $params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50); $params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50); $params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50); $params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60); $params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40); $params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40); $params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20); $params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60); } $hash_params = $this->_InsertFP(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_TRANSACTION_KEY, $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), rand(1, 1000), $osC_Currencies->getCode()); $params = array_merge($params, $hash_params); if (MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_MODE == 'Test') { $params['x_test_request'] = 'TRUE'; } foreach ($params as $key => $value) { $process_button_string .= osc_draw_hidden_field($key, $value); } if ($osC_ShoppingCart->hasContents()) { foreach ($osC_ShoppingCart->getProducts() as $key => $product) { $process_button_string .= osc_draw_hidden_field('x_line_item', $key + 1 . '<|>' . substr($product['name'], 0, 31) . '<|>' . substr($product['name'], 0, 255) . '<|>' . $product['quantity'] . '<|>' . $osC_Currencies->formatRaw($product['final_price']) . '<|>' . ($product['tax_class_id'] > 0 ? 'YES' : 'NO')); } } $shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100); $total_tax = $osC_ShoppingCart->getTax() - $shipping_tax; if ($total_tax > 0) { $process_button_string .= osc_draw_hidden_field('x_tax', $osC_Currencies->formatRaw($total_tax)); } $process_button_string .= osc_draw_hidden_field('x_freight', $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost'))) . osc_draw_hidden_field($osC_Session->getName(), $osC_Session->getID()); return $process_button_string; }
function start() { global $request_type, $osC_Session, $messageStack; if (ini_get('session.use_cookies') == '0') { ini_set('session.use_cookies', '1'); } if (ini_get('session.use_trans_sid') == '1') { ini_set('session.use_trans_sid', '0'); } include 'includes/classes/session.php'; $osC_Session = new osC_Session(); if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') { osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90); if (isset($_COOKIE['cookie_test'])) { $osC_Session->start(); } } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; if (empty($user_agent) === false) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_flag = true; break; } } } } if ($spider_flag === false) { $osC_Session->start(); } } else { $osC_Session->start(); } // verify the ssl_session_id if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) { if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) { if (isset($_SESSION['SESSION_SSL_ID']) === false) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { $osC_Session->destroy(); osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO')); } } } // verify the browser user agent if (SERVICE_SESSION_CHECK_USER_AGENT == '1') { $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (isset($_SESSION['SESSION_USER_AGENT']) === false) { $_SESSION['SESSION_USER_AGENT'] = $http_user_agent; } if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) { $osC_Session->destroy(); osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // verify the IP address if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') { if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) { $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) { $osC_Session->destroy(); osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // add messages in the session to the message stack $messageStack->loadFromSession(); return true; }
function process() { global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard; $this->_verifyData(); $this->_order_id = osC_Order::insert(); $params = array('action' => 'ns_quicksale_cc', 'acctid' => MODULE_PAYMENT_PAYQUAKE_CC_ACCOUNT_ID, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), 'USD'), 'ccname' => $osC_CreditCard->getOwner(), 'expmon' => $osC_CreditCard->getExpiryMonth(), 'expyear' => $osC_CreditCard->getExpiryYear(), 'authonly' => '1', 'ci_companyname' => $osC_ShoppingCart->getBillingAddress('company'), 'ci_billaddr1' => $osC_ShoppingCart->getBillingAddress('street_address'), 'ci_billcity' => $osC_ShoppingCart->getBillingAddress('city'), 'ci_billstate' => $osC_ShoppingCart->getBillingAddress('zone_code'), 'ci_billzip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'ci_billcountry' => $osC_ShoppingCart->getBillingAddress('country_title'), 'ci_shipaddr1' => $osC_ShoppingCart->getShippingAddress('street_address'), 'ci_shipcity' => $osC_ShoppingCart->getShippingAddress('city'), 'ci_shipstate' => $osC_ShoppingCart->getShippingAddress('zone_code'), 'ci_shipzip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'ci_shipcountry' => $osC_ShoppingCart->getShippingAddress('country_title'), 'ci_phone' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'ci_email' => $osC_Customer->getEmailAddress(), 'email_from' => STORE_OWNER_EMAIL_ADDRESS, 'ci_ipaddress' => osc_get_ip_address(), 'merchantordernumber' => $osC_Customer->getID(), 'pocustomerrefid' => $this->_order_id); if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_3DES)) { $key = pack('H48', MODULE_PAYMENT_PAYQUAKE_CC_3DES); $data = bin2hex(mcrypt_encrypt(MCRYPT_3DES, $key, $osC_CreditCard->getNumber(), MCRYPT_MODE_ECB)); $params['ccnum'] = $data; unset($key); unset($data); } else { $params['ccnum'] = $osC_CreditCard->getNumber(); } if (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1') { $params['cvv2'] = $osC_CreditCard->getCVC(); } if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN)) { $params['merchantPIN'] = MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $this->_transaction_response = $this->sendTransactionToGateway('https://trans.merchantpartners.com/cgi-bin/process.cgi', $post_string); $error = false; if (!empty($this->_transaction_response)) { $regs = explode("\n", trim($this->_transaction_response)); array_shift($regs); $result = array(); foreach ($regs as $response) { $res = explode('=', $response, 2); $result[strtolower(trim($res[0]))] = trim($res[1]); } if ($result['status'] != 'Accepted') { $error = explode(':', $result['reason'], 3); $error = $error[2]; if (empty($error)) { $error = $osC_Language->get('payment_payquake_cc_error_general'); } } } else { $error = $osC_Language->get('payment_payquake_cc_error_general'); } if ($error === false) { osC_Order::process($this->_order_id, $this->order_status); $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $this->_order_id); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response); $Qtransaction->bindInt(':transaction_return_status', 1); $Qtransaction->execute(); } else { osC_Order::remove($this->_order_id); $messageStack->add_session('checkout_payment', $error, 'error'); osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&payquake_cc_owner=' . $osC_CreditCard->getOwner() . '&payquake_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&payquake_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1' ? '&payquake_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL')); } }
function insert() { global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax; if (isset($_SESSION['prepOrderID'])) { $_prep = explode('-', $_SESSION['prepOrderID']); if ($_prep[0] == $osC_ShoppingCart->getCartID()) { return $_prep[1]; // order_id } else { if (osC_Order::getStatusID($_prep[1]) === 4) { osC_Order::remove($_prep[1]); } } } $customer_address = osC_AddressBook::getEntry($osC_Customer->getDefaultAddressID())->toArray(); $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_state_code, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_state_code, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, payment_method, payment_module, date_purchased, orders_status, currency, currency_value) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_state_code, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_state_code, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :payment_method, :payment_module, now(), :orders_status, :currency, :currency_value)'); $Qorder->bindTable(':table_orders', TABLE_ORDERS); $Qorder->bindInt(':customers_id', $osC_Customer->getID()); $Qorder->bindValue(':customers_name', $osC_Customer->getName()); $Qorder->bindValue(':customers_company', $customer_address['entry_company']); $Qorder->bindValue(':customers_street_address', $customer_address['entry_street_address']); $Qorder->bindValue(':customers_suburb', $customer_address['entry_suburb']); $Qorder->bindValue(':customers_city', $customer_address['entry_city']); $Qorder->bindValue(':customers_postcode', $customer_address['entry_postcode']); $Qorder->bindValue(':customers_state', $customer_address['entry_state']); $Qorder->bindValue(':customers_state_code', osC_Address::getZoneCode($customer_address['entry_zone_id'])); $Qorder->bindValue(':customers_country', osC_Address::getCountryName($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_country_iso2', osC_Address::getCountryIsoCode2($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_country_iso3', osC_Address::getCountryIsoCode3($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_telephone', $customer_address['entry_telephone']); $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress()); $Qorder->bindValue(':customers_address_format', osC_Address::getFormat($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_ip_address', osc_get_ip_address()); $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname')); $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company')); $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address')); $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb')); $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city')); $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode')); $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state')); $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code')); $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title')); $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2')); $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3')); $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format')); $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname')); $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company')); $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address')); $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb')); $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city')); $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode')); $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state')); $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code')); $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title')); $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2')); $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3')); $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format')); $Qorder->bindValue(':payment_method', $osC_ShoppingCart->getBillingMethod('title')); $Qorder->bindValue(':payment_module', $GLOBALS['osC_Payment_' . $osC_ShoppingCart->getBillingMethod('id')]->getCode()); $Qorder->bindInt(':orders_status', 4); $Qorder->bindValue(':currency', $osC_Currencies->getCode()); $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode())); $Qorder->execute(); $insert_id = $osC_Database->nextID(); foreach ($osC_ShoppingCart->getOrderTotals() as $module) { $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)'); $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL); $Qtotals->bindInt(':orders_id', $insert_id); $Qtotals->bindValue(':title', $module['title']); $Qtotals->bindValue(':text', $module['text']); $Qtotals->bindValue(':value', $module['value']); $Qtotals->bindValue(':class', $module['code']); $Qtotals->bindInt(':sort_order', $module['sort_order']); $Qtotals->execute(); } $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)'); $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY); $Qstatus->bindInt(':orders_id', $insert_id); $Qstatus->bindInt(':orders_status_id', 4); $Qstatus->bindInt(':customer_notified', '0'); $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : ''); $Qstatus->execute(); foreach ($osC_ShoppingCart->getProducts() as $products) { $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_name, products_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_model, :products_name, :products_price, :products_tax, :products_quantity)'); $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS); $Qproducts->bindInt(':orders_id', $insert_id); $Qproducts->bindInt(':products_id', osc_get_product_id($products['id'])); $Qproducts->bindValue(':products_model', $products['model']); $Qproducts->bindValue(':products_name', $products['name']); $Qproducts->bindValue(':products_price', $products['price']); $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'])); $Qproducts->bindInt(':products_quantity', $products['quantity']); $Qproducts->execute(); $order_products_id = $osC_Database->nextID(); if ($osC_ShoppingCart->isVariant($products['item_id'])) { foreach ($osC_ShoppingCart->getVariant($products['item_id']) as $variant) { /* HPDL if (DOWNLOAD_ENABLED == '1') { $Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id'); $Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS); $Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES); $Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qattributes->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD); $Qattributes->bindInt(':products_id', $products['id']); $Qattributes->bindInt(':options_id', $attributes['options_id']); $Qattributes->bindInt(':options_values_id', $attributes['options_values_id']); $Qattributes->bindInt(':popt_language_id', $osC_Language->getID()); $Qattributes->bindInt(':poval_language_id', $osC_Language->getID()); $Qattributes->execute(); } */ $Qvariant = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, group_title, value_title) values (:orders_id, :orders_products_id, :group_title, :value_title)'); $Qvariant->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS); $Qvariant->bindInt(':orders_id', $insert_id); $Qvariant->bindInt(':orders_products_id', $order_products_id); $Qvariant->bindValue(':group_title', $variant['group_title']); $Qvariant->bindValue(':value_title', $variant['value_title']); $Qvariant->execute(); /*HPDL if ((DOWNLOAD_ENABLED == '1') && (strlen($Qattributes->value('products_attributes_filename')) > 0)) { $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :download_maxdays, :download_count)'); $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qopd->bindInt(':orders_id', $insert_id); $Qopd->bindInt(':orders_products_id', $order_products_id); $Qopd->bindValue(':orders_products_filename', $Qattributes->value('products_attributes_filename')); $Qopd->bindValue(':download_maxdays', $Qattributes->value('products_attributes_maxdays')); $Qopd->bindValue(':download_count', $Qattributes->value('products_attributes_maxcount')); $Qopd->execute(); } */ } } } $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id; return $insert_id; }