function xtc_hide_session_id() { global $session_started; if ($session_started == true && defined('SID') && xtc_not_null(SID)) { return xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); } }
function payment_action() { global $order, $insert_id; if (!isset($insert_id) || $insert_id == '') { $insert_id = $_SESSION['tmp_oID']; } $this->payone->log("(pre-)authorizing {$this->code} payment"); $standard_parameters = parent::_standard_parameters(); $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData(); parent::_set_customers_standard_params(); $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData(); parent::_set_customers_shipping_params(); $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Wallet(); $this->payment_method->setWallettype('PPE'); $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code); // set order_id for deleting canceld order $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID']; $request_parameters = parent::_request_parameters('wlt'); $this->params = array_merge($standard_parameters, $request_parameters); $this->builder = new Payone_Builder($this->payone->getPayoneConfig()); parent::_build_service_authentification('wlt'); parent::_parse_response_payone_api(); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL')); }
function xtc_get_all_get_params($exclude_array = '') { global $InputFilter; if (!is_array($exclude_array)) { $exclude_array = array(); } $get_url = ''; if (is_array($_GET) && sizeof($_GET) > 0) { reset($_GET); while (list($key, $value) = each($_GET)) { //-- SHOPSTAT --// // if ( (strlen($value) > 0) && ($key != xtc_session_name()) && ($key != 'error') && ($key != 'cPath') && (!in_array($key, $exclude_array)) && ($key != 'x') && ($key != 'y') ) { //-- SHOPSTAT --// if (strlen($value) > 0 && $key != xtc_session_name() && $key != 'error' && !in_array($key, $exclude_array) && $key != 'x' && $key != 'y') { $get_url .= rawurlencode(stripslashes($key)) . '=' . rawurlencode(stripslashes($value)) . '&'; } } } return $get_url; }
public function payment_action() { global $insert_id; $order = new order($insert_id); $params = array('project' => MODULE_PAYMENT_MCP_SERVICE_PROJECT_CODE, 'amount' => $order->info['pp_total'] * 100, 'orderid' => $insert_id, 'title' => MODULE_PAYMENT_MCP_SERVICE_PAYTEXT, 'theme' => MODULE_PAYMENT_MCP_SERVICE_THEME, 'currency' => $order->info['currency'], xtc_session_name() => xtc_session_id(), 'mp_user_email' => $order->customer['email_address'], 'mp_user_firstname' => $order->customer['firstname'], 'mp_user_surname' => $order->customer['lastname'], 'mp_user_address' => $order->customer['street_address'], 'mp_user_zip' => $order->customer['postcode'], 'mp_user_city' => $order->customer['city'], 'mp_user_country' => $order->customer['country']['iso_code_2']); if (defined('MODULE_PAYMENT_MCP_SERVICE_GFX') && MODULE_PAYMENT_MCP_SERVICE_GFX != null) { $params['gfx'] = MODULE_PAYMENT_MCP_SERVICE_GFX; } if (defined('MODULE_PAYMENT_MCP_SERVICE_BGGFX') && MODULE_PAYMENT_MCP_SERVICE_BGGFX != null) { $params['bggfx'] = MODULE_PAYMENT_MCP_SERVICE_BGGFX; } if (defined('MODULE_PAYMENT_MCP_SERVICE_BGCOLOR') && MODULE_PAYMENT_MCP_SERVICE_BGCOLOR) { $params['bgcolor'] = MODULE_PAYMENT_MCP_SERVICE_BGCOLOR; } $urlParams = http_build_query($params, null, '&'); $seal = md5($urlParams . MODULE_PAYMENT_MCP_SERVICE_ACCESS_KEY); $urlParams .= '&seal=' . $seal; $url = $this->form_action_url . '?' . $urlParams; xtc_redirect($url); }
function payment_action() { global $order, $insert_id; if (!isset($insert_id) || $insert_id == '') { $insert_id = $_SESSION['tmp_oID']; } $this->payone->log("(pre-)authorizing {$this->code} payment"); $standard_parameters = parent::_standard_parameters(); $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData(); parent::_set_customers_standard_params(); $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData(); parent::_set_customers_shipping_params(); $bankgroup = ''; if ($_SESSION[$this->code]['otrans_type'] == 'eps' || $_SESSION[$this->code]['otrans_type'] == 'ideal') { $bankgroup = $_SESSION[$this->code]['otrans_bankgrouptype']; } $_SESSION[$this->code]['otrans_bankcountry'] = isset($_SESSION[$this->code]['otrans_bankcountry']) ? $_SESSION[$this->code]['otrans_bankcountry'] : $order->billing['country']['iso_code_2']; $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_OnlineBankTransfer(); $this->payment_method->setOnlinebanktransfertype($this->banktransfertypes[$_SESSION[$this->code]['otrans_type']]); $this->payment_method->setBankcountry($_SESSION[$this->code]['otrans_bankcountry']); if ($_SESSION[$this->code]['otrans_type'] == 'sofortueberweisung' && $_SESSION[$this->code]['otrans_country'] == 'CH') { $this->payment_method->setBankaccount($_SESSION[$this->code]['otrans_bankaccount']); $this->payment_method->setBankcode($_SESSION[$this->code]['otrans_bankcode']); } else { $this->payment_method->setIban($_SESSION[$this->code]['otrans_iban']); $this->payment_method->setBic($_SESSION[$this->code]['otrans_bic']); } $this->payment_method->setBankgrouptype($bankgroup); $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code); // set order_id for deleting canceld order $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID']; $request_parameters = parent::_request_parameters('sb'); $this->params = array_merge($standard_parameters, $request_parameters); $this->builder = new Payone_Builder($this->payone->getPayoneConfig()); parent::_build_service_authentification('sb'); parent::_parse_response_payone_api(); }
?> </p></div> <div class="col-xs-12"> <form name="search" action="<?php echo FILENAME_PRODUCTS_ATTRIBUTES; ?> " method="GET"> <span class="main"><b><?php echo TEXT_SEARCH; ?> </b></span> <input type="text" name="search_optionsname" size="20" value="<?php echo $_GET['search_optionsname']; ?> "> <input name="<?php echo xtc_session_name(); ?> " type="hidden" value="<?php echo xtc_session_id(); ?> " /> </form> </div> <div class="col-xs-12"> <div class="smallText"><?php echo $value_pages; ?> </div> </div> <div class="col-xs-12"> <?php
?> <?php echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> </div> <div class='col-xs-12'> <?php echo xtc_draw_form('payment_method_status', FILENAME_ORDERS, '', 'get'); ?> <?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), isset($_GET['status']) && xtc_not_null($_GET['status']) ? (int) $_GET['status'] : '', 'onchange="this.form.submit();"'); ?> <br /> <?php echo HEADING_CHOOSE_PAYMENT . ' ' . xtc_draw_pull_down_menu('payment_method', array_merge(array(array('id' => '', 'text' => TEXT_ALL_PAYMENT_METHODS)), $payment_methods), isset($_GET['payment_method']) && xtc_not_null($_GET['payment_method']) ? $_GET['payment_method'] : '', 'onchange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> </div> </div> </div> <div class='col-xs-12'><br></div> <div class='col-xs-12'> <div id='responsive_table' class='table-responsive pull-left col-sm-12'> <table class="table table-bordered table-striped"> <tr class="dataTableHeadingRow"> <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?> </td> <td class="dataTableHeadingContent" align="right"><?php
function process_button() { global $order, $xtPrice; $worldpay_url = xtc_session_name() . '=' . xtc_session_id(); $total = number_format($xtPrice->xtcCalculateCurr($order->info['total']), $xtPrice->get_decimal_places($_SESSION['currency']), '.', ''); $process_button_string = xtc_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . xtc_draw_hidden_field('currency', $_SESSION['currency']) . xtc_draw_hidden_field('desc', 'Purchase from ' . STORE_NAME) . xtc_draw_hidden_field('cartId', $worldpay_url) . xtc_draw_hidden_field('amount', $total); // Pre Auth Mod 3/1/2002 - Graeme Conkie if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == 'true') { $process_button_string .= xtc_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH); } // Ian-san: Create callback and language links here 6/4/2003: $language_code_raw = xtc_db_query("select code from " . TABLE_LANGUAGES . " where languages_id ='" . $_SESSION['languages_id'] . "'"); $language_code_array = xtc_db_fetch_array($language_code_raw); $language_code = $language_code_array['code']; $address = encode_htmlspecialchars($order->customer['street_address'] . "\n" . $order->customer['suburb'] . "\n" . $order->customer['city'] . "\n" . $order->customer['state'], ENT_QUOTES); $process_button_string .= xtc_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . xtc_draw_hidden_field('name', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . xtc_draw_hidden_field('address', $address) . xtc_draw_hidden_field('postcode', $order->customer['postcode']) . xtc_draw_hidden_field('country', $order->customer['country']['iso_code_2']) . xtc_draw_hidden_field('tel', $order->customer['telephone']) . xtc_draw_hidden_field('myvar', 'Y') . xtc_draw_hidden_field('fax', $order->customer['fax']) . xtc_draw_hidden_field('email', $order->customer['email_address']) . xtc_draw_hidden_field('lang', $language_code) . xtc_draw_hidden_field('MC_callback', xtc_href_link(wpcallback) . '.php') . xtc_draw_hidden_field('MC_XTCsid', $XTCsid); // Ian-san: Added MD5 here 6/4/2003: if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') { $md5_signature_fields = 'amount:language:email'; $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . number_format($order->info['total'] * $currencies->get_value($currency), $currencies->get_decimal_places($currency), '.', '') . ':' . $language_code . ':' . $order->customer['email_address']; $md5_signature_md5 = md5($md5_signature); $process_button_string .= xtc_draw_hidden_field('signatureFields', $md5_signature_fields) . xtc_draw_hidden_field('signature', $md5_signature_md5); } return $process_button_string; }
function debug() { for ($i = 0, $n = sizeof($this->path); $i < $n; $i++) { echo $this->path[$i]['page'] . '?'; while (list($key, $value) = each($this->path[$i]['get'])) { echo $key . '=' . $value . '&'; } if (sizeof($this->path[$i]['post']) > 0) { echo '<br />'; while (list($key, $value) = each($this->path[$i]['post'])) { echo ' <strong>' . $key . '=' . $value . '</strong><br />'; } } echo '<br />'; } if (sizeof($this->snapshot) > 0) { echo '<br /><br />'; echo $this->snapshot['mode'] . ' ' . $this->snapshot['page'] . '?' . xtc_array_to_string($this->snapshot['get'], array(xtc_session_name())) . '<br />'; } }
/** * Creates a SEO safe error link. * * @param string $page page * @param string $parameters parameters * @param string $connection connection * @param bool $add_session_id add session id * @param bool $search_engine_safe SEO friendly * * @return string */ public function errorLink($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true) { global $request_type, $session_started, $SID; if (!xtc_not_null($page)) { die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine the page link!<br><br>'); } if ($connection == 'NONSSL') { $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG; } else { if ($connection == 'SSL') { if (ENABLE_SSL == true) { $link = HTTPS_SERVER . DIR_WS_CATALOG; } else { $link = HTTP_SERVER . DIR_WS_CATALOG; } } else { die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine connection method on a link!<br><br>' . 'Known methods: NONSSL SSL</b><br><br>'); } } if (xtc_not_null($parameters)) { $link .= $page . '?' . $this->klarnaOutputString($parameters); $separator = '&'; } else { $link .= $page; $separator = '?'; } while (substr($link, -1) == '&' || substr($link, -1) == '?') { $link = substr($link, 0, -1); } // Add the session ID when moving from different HTTP and HTTPS servers, // or when SID is defined if ($add_session_id == true && $session_started == true && SESSION_FORCE_COOKIE_USE == 'false') { if (xtc_not_null($SID)) { $_sid = $SID; } else { if ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == true || $request_type == 'SSL' && $connection == 'NONSSL') { if (HTTP_COOKIE_DOMAIN != HTTPS_COOKIE_DOMAIN) { $_sid = xtc_session_name() . '=' . xtc_session_id(); } } } } if (SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) { while (strstr($link, '&&')) { $link = str_replace('&&', '&', $link); } $link = str_replace('?', '/', $link); $link = str_replace('&', '/', $link); $link = str_replace('=', '/', $link); $separator = '?'; } if (isset($_sid)) { $link .= $separator . $_sid; } return $link; }
function xtc_session_recreate() { $session_backup = $_SESSION; unset($_COOKIE[xtc_session_name()]); xtc_session_destroy(); if (STORE_SESSIONS == 'mysql') { session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc'); register_shutdown_function('session_write_close'); } xtc_session_start(); $_SESSION = $session_backup; unset($session_backup); }
function get_redirect_url($inline = false) { /** * Create Rakuten Checkout Insert Cart XML request */ $xml = new SimpleXMLElement("<?xml version='1.0' encoding='UTF-8' ?><tradoria_insert_cart />"); $merchantAuth = $xml->addChild('merchant_authentication'); $merchantAuth->addChild('project_id', MODULE_PAYMENT_RAKUTEN_PROJECT_ID); $merchantAuth->addChild('api_key', MODULE_PAYMENT_RAKUTEN_API_KEY); $xml->addChild('language', 'DE'); $xml->addChild('currency', $_SESSION['currency']); $merchantCart = $xml->addChild('merchant_carts')->addChild('merchant_cart'); $merchantCart->addChild('custom_1', xtc_session_name()); $merchantCart->addChild('custom_2', xtc_session_id()); $merchantCart->addChild('custom_3', $_SESSION['customer_id']); $merchantCart->addChild('custom_4'); $merchantCartItems = $merchantCart->addChild('items'); if ($_SESSION['cart']->count_contents() > 0) { $products = $_SESSION['cart']->get_products(); for ($i = 0, $n = sizeof($products); $i < $n; $i++) { $t_image = ''; if ($products[$i]['image'] != '') { $t_image = HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_THUMBNAIL_IMAGES . $products[$i]['image']; } $merchantCartItemsItem = $merchantCartItems->addChild('item'); $merchantCartItemsItemName = $merchantCartItemsItem->addChild('name'); $this->_add_CDATA($merchantCartItemsItemName, $products[$i]['name']); $merchantCartItemsItem->addChild('sku', $this->_escape_str($products[$i]['model'])); // THIS ONE IS SHOWN $merchantCartItemsItem->addChild('external_product_id', $this->_escape_str($products[$i]['id'])); // this one is not shown (optional) $merchantCartItemsItem->addChild('qty', $products[$i]['quantity']); // positive integers // TODO: check for decimal qty $merchantCartItemsItem->addChild('unit_price', $products[$i]['price']); $merchantCartItemsItem->addChild('tax_class', $this->get_rakuten_tax_class($products[$i]['tax_class_id'])); $merchantCartItemsItem->addChild('image_url', $this->_escape_str($t_image)); $product_url = xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($products[$i]['id'], $products[$i]['name'])); $merchantCartItemsItem->addChild('product_url', $this->_escape_str($product_url)); $comment = array(); if (isset($products[$i]['attributes'])) { while (list($option, $value) = each($products[$i]['attributes'])) { $attributes = xtc_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix,pa.attributes_stock,pa.products_attributes_id,pa.attributes_model,pa.weight_prefix,pa.options_values_weight\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n where pa.products_id = '" . (int) $products[$i]['id'] . "'\n and pa.options_id = '" . (int) $option . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . (int) $value . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . (int) $_SESSION['languages_id'] . "'\n and poval.language_id = '" . (int) $_SESSION['languages_id'] . "'"); $attributes_values = xtc_db_fetch_array($attributes); $comment[] = $attributes_values['products_options_name'] . ': ' . $attributes_values['products_options_values_name']; } } $comment = implode('; ', $comment); $merchantCartItemsItemComment = $merchantCartItemsItem->addChild('comment'); $this->_add_CDATA($merchantCartItemsItemComment, $comment); $merchantCartItemsItemCustom = $merchantCartItemsItem->addChild('custom'); $this->_add_CDATA($merchantCartItemsItemCustom, $products[$i]['id']); } } $merchantCartShippingRates = $merchantCart->addChild('shipping_rates'); $shippingRates = $this->_str_get_csv(MODULE_PAYMENT_RAKUTEN_SHIPPING_RATES); foreach ($shippingRates as $shippingRate) { if (isset($shippingRate[0]) && isset($shippingRate[1]) && is_numeric($shippingRate[1])) { $merchantCartShippingRate = $merchantCartShippingRates->addChild('shipping_rate'); $merchantCartShippingRate->addChild('country', (string) $shippingRate[0]); $merchantCartShippingRate->addChild('price', (double) $shippingRate[1]); if (isset($shippingRate[2]) && (int) $shippingRate[2] > 0) { $merchantCartShippingRate->addChild('delivery_date', date('Y-m-d', strtotime('+' . (int) $shippingRate[2] . ' days'))); } } } $billingAddressRestrictions = $xml->addChild('billing_address_restrictions'); /** * Restrict invoice address to require private / commercial and by country */ switch (MODULE_PAYMENT_RAKUTEN_BILLING_ADDR_TYPE) { /** * 1: all * 2: business * 3: private */ case 'All Addresses': $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 1); break; case 'Business Addresses Only': $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 2); break; case 'Private Addresses Only': $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 3); break; } $xml->addChild('callback_url', $this->ROCKBACK_URL); $xml->addChild('pipe_url', $this->PIPE_URL); $request = $xml->asXML(); $response = $this->send_request($request); $redirectUrl = false; $inlineUrl = false; $inlineCode = false; try { $response = new SimpleXMLElement($response); if ($response->success != 'true') { throw new Exception((string) $response->message, (int) $response->code); } else { $redirectUrl = $response->redirect_url; $inlineUrl = $response->inline_url; $inlineCode = $response->inline_code; } } catch (Exception $e) { xtc_redirect(sprintf($this->ERROR_URL, urlencode($e->getCode()), urlencode($e->getMessage()))); } if ($inline) { return $inlineCode; } else { return $redirectUrl; } }
function process_rope_request($request) { try { $this->_request = new SimpleXMLElement(urldecode($request), LIBXML_NOCDATA); if (!$this->_auth()) { throw new Exception('Authentication failed'); } $init_session = true; /** * Check type of request and call proper handler */ switch ($this->_request->getName()) { case 'tradoria_check_order': $this->_order_node = 'order'; $this->_process_function = '_check_order'; $response_tag = 'tradoria_check_order_response'; break; case 'tradoria_order_process': $this->_order_node = 'cart'; $this->_process_function = '_process_order'; $response_tag = 'tradoria_order_process_response'; break; case 'tradoria_order_status': $init_session = false; $this->_process_function = '_status_update'; $response_tag = 'tradoria_order_status_response'; break; default: /** * Unrecognised request error */ $response_tag = 'unknown_error'; return $this->prepare_response(false, $response_tag); } if ($init_session) { /** * Instantiate Session */ $session_name = (string) $this->_request->{$this->_order_node}->custom_1; $session_id = (string) $this->_request->{$this->_order_node}->custom_2; $customer_id = (string) $this->_request->{$this->_order_node}->custom_3; xtc_session_name($session_name); if (STORE_SESSIONS != 'mysql') { session_save_path(SESSION_WRITE_DIRECTORY); } xtc_session_id($session_id); xtc_session_start(); /** * Load the correct language file */ require_once DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/rakuten.php'; require_once DIR_WS_CLASSES . 'xtcPrice.php'; global $xtPrice; $xtPrice = new xtcPrice($_SESSION['currency'], $_SESSION['customers_status']['customers_status_id']); require_once DIR_WS_CLASSES . 'main.php'; global $main; $main = new main(); } $response = $this->{$this->_process_function}(); } catch (Exception $e) { return $this->prepare_response(false); } return $this->prepare_response($response, $response_tag); }
} elseif ($whos_online['session_id'] == '' || substr($whos_online['session_id'], 0, 1) == '[') { echo ' <tr class="dataTableRow">' . "\n"; //EOF - DokuMan - 2011-02-07 - don't show a link for users/bots without a session id } else { echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'pointer\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . xtc_href_link(FILENAME_WHOS_ONLINE, xtc_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online['session_id'], 'NONSSL') . '\'">' . "\n"; } //BOF - DokuMan - 2011-03-16 - added GEOIP-function (show customers country) $geoip_data = array(); //$geoip_response = xtc_get_geoip_data($whos_online['ip_address']); //$geoip_data = @unserialize($geoip_response); //BOF - DokuMan - 2011-03-16 - added GEOIP-function (show customers country) //BOF web28 2010-12-03 added Hostname to whois online //$whos_online_hostname = '<div style="font-weight: normal; font-style: italic;"> ('.@gethostbyaddr($whos_online['ip_address']).')</div>'; //EOF web28 2010-12-03 added Hostname to whois online // last_page_url if (preg_match('/^(.*)' . xtc_session_name() . '=[a-z,0-9]+[&]*(.*)/i', $whos_online['last_page_url'], $array)) { // Hetfield - 2009-08-19 - replaced deprecated function eregi with preg_match to be ready for PHP >= 5.3 $last_page_url = $array[1] . $array[2]; } else { $last_page_url = $whos_online['last_page_url']; } // BOF - Fishnet Services - Nicolas Gemsjäger // Bei Produkten - Link zum Produkt anzeigen if (preg_match('/::([0-9]+)|--([0-9]+)|\\?products_id=([0-9]+)/i', $last_page_url) == 1) { $last_page_url = '<a href="' . $last_page_url . '" target="_blank">' . $last_page_url . '</a>'; } // EOF - Fishnet Services - Nicolas Gemsjäger ?> <td class="dataTableContent" align="center"><?php echo gmdate('H:i:s', $time_online); ?>
if ($messageStack->size('addressbook') > 0) { $smarty->assign('error', $messageStack->output('addressbook')); } if (isset($_GET['delete'])) { $smarty->assign('delete', '1'); $smarty->assign('ADDRESS', xtc_address_label($_SESSION['customer_id'], $_GET['delete'], true, ' ', '<br />')); $smarty->assign('BUTTON_BACK', '<a href="' . xtc_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . xtc_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'); $smarty->assign('BUTTON_DELETE', '<a href="' . xtc_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $_GET['delete'] . '&action=deleteconfirm', 'SSL') . '">' . xtc_image_button('button_delete.gif', IMAGE_BUTTON_DELETE) . '</a>'); } else { include DIR_WS_MODULES . 'address_book_details.php'; if (isset($_GET['edit']) && is_numeric($_GET['edit'])) { $smarty->assign('BUTTON_BACK', '<a href="' . xtc_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . xtc_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'); $smarty->assign('BUTTON_UPDATE', xtc_draw_hidden_field('action', 'update') . xtc_draw_hidden_field('edit', $_GET['edit']) . xtc_image_submit('button_update.gif', IMAGE_BUTTON_UPDATE)); } else { if (sizeof($_SESSION['navigation']->snapshot) > 0) { $back_link = xtc_href_link($_SESSION['navigation']->snapshot['page'], xtc_array_to_string($_SESSION['navigation']->snapshot['get'], array(xtc_session_name())), $_SESSION['navigation']->snapshot['mode']); } else { $back_link = xtc_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'); } $smarty->assign('BUTTON_BACK', '<a href="' . $back_link . '">' . xtc_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'); $smarty->assign('BUTTON_UPDATE', xtc_draw_hidden_field('action', 'process') . xtc_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE)); } $smarty->assign('FORM_END', '</form>'); } $smarty->assign('language', $_SESSION['language']); $smarty->caching = 0; $main_content = $smarty->fetch(CURRENT_TEMPLATE . '/module/address_book_process.html'); $smarty->assign('language', $_SESSION['language']); $smarty->assign('main_content', $main_content); $smarty->caching = 0; if (!defined('RM')) {
Released under the GNU General Public License ---------------------------------------------------------------------------------------*/ // include functions require_once DIR_FS_INC . 'xtc_hide_session_id.inc.php'; if (isset($xtPrice) && is_object($xtPrice)) { $count_cur = ''; reset($xtPrice->currencies); $currencies_array = array(); while (list($key, $value) = each($xtPrice->currencies)) { $count_cur++; $currencies_array[] = array('id' => $key, 'text' => $value['title']); } $hidden_get_variables = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if ($key != 'currency' && $key != xtc_session_name() && $key != 'x' && $key != 'y') { $hidden_get_variables .= xtc_draw_hidden_field($key, $value); } } } // dont show box if there's only 1 currency if ($count_cur > 1) { // reset var $box_smarty = new smarty(); $box_smarty->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/'); $box_content = ''; $box_content = xtc_draw_form('currencies', xtc_href_link(basename($PHP_SELF), '', $request_type, false), 'get') . xtc_draw_pull_down_menu('currency', $currencies_array, $_SESSION['currency'], 'onChange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . xtc_hide_session_id() . '</form>'; $box_smarty->assign('BOX_CONTENT', $box_content); $box_smarty->assign('language', $_SESSION['language']); $box_smarty->caching = 0; $box_currencies = $box_smarty->fetch(CURRENT_TEMPLATE . '/boxes/box_currencies.html');
} } // verify the IP address if the feature is enabled if (SESSION_CHECK_IP_ADDRESS == 'True') { $ip_address = xtc_get_ip_address(); if (!isset($_SESSION['SESSION_IP_ADDRESS'])) { $_SESSION['SESSION_IP_ADDRESS'] = $ip_address; } elseif ($_SESSION['SESSION_IP_ADDRESS'] != $ip_address) { session_destroy(); xtc_redirect(xtc_href_link(FILENAME_LOGIN)); } } // Redirect search engines with session id to the same url without session id to prevent indexing session id urls if ($truncate_session_id == true) { if (preg_match('/' . xtc_session_name() . '/i', $_SERVER['REQUEST_URI'])) { $location = xtc_href_link(basename($_SERVER['SCRIPT_NAME']), xtc_get_all_get_params(array(xtc_session_name())), 'NONSSL', false); header("HTTP/1.0 301 Moved Permanently"); header("Location: {$location}"); } } if (!(preg_match('/^[a-z0-9]{26}$/i', session_id()) || preg_match('/^[a-z0-9]{32}$/i', session_id()))) { session_regenerate_id(true); // Thanks to HHGAG ;-) } // set the language include DIR_WS_MODULES . 'set_language_sessions.php'; // language translations require DIR_WS_LANGUAGES . $_SESSION['language'] . '/' . $_SESSION['language'] . '.php'; // currency if (!isset($_SESSION['currency']) || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) { if (isset($_GET['currency'])) {
/** * Outputs the html form hidden elements sent as POST data to the payment * gateway. * * @return string */ public function processButton() { global $order; $shipping = $_SESSION['shipping']; $invoiceType = $_POST["klarna_{$this->_option}_invoice_type"]; $reference = $_POST["klarna_{$this->_option}_reference"]; $process_button_string = $this->_utils->hiddenFieldString($this->_addrs, $invoiceType, $this->_paymentPlan, $order->customer['email_address'], $reference); if ($this->_addrs->isCompany) { $process_button_string .= xtc_draw_hidden_field('klarna_fname', $order->delivery['firstname']) . xtc_draw_hidden_field('klarna_lname', $order->delivery['lastname']); } else { $process_button_string .= xtc_draw_hidden_field('klarna_fname', $this->_addrs->getFirstName()) . xtc_draw_hidden_field('klarna_lname', $this->_addrs->getLastName()); } $_SESSION['klarna_ot'] = $this->_utils->getOrderTotal(); $process_button_string .= xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); return $process_button_string; }
</tr> <tr> <td class="main"> <?php foreach ($messages as $msg) { ?> <p class="message"><?php echo $msg; ?> </p> <?php } ?> <?php echo xtc_draw_form('log', basename($PHP_SELF), '', 'get') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> <table style="border: 1px solid #cccccc; width:100%; padding:5px; background:#f1f1f1;"> <tr> <td class="menuBoxHeading"> <?php echo START_DATE; ?> <select name="startD" size="1"> <?php if ($startDate) { $j = date("j", $startDate); } else { $j = 1; } for ($i = 1; $i < 32; $i++) {
function payment_action() { global $order, $insert_id; if (!isset($insert_id) || $insert_id == '') { $insert_id = $_SESSION['tmp_oID']; } $this->payone->log("(pre-)authorizing {$this->code} payment"); $standard_parameters = parent::_standard_parameters('preauthorization'); $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData(); parent::_set_customers_standard_params(); // set manually for klarna if ($_SESSION[$this->code]['installment_type'] == 'klarna') { $this->personal_data->setBirthday(xtc_date_raw($_SESSION[$this->code]['installment_customers_dob'])); $this->personal_data->setTelephonenumber($_SESSION[$this->code]['installment_customers_telephone']); } $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData(); parent::_set_customers_shipping_params(); $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Financing(); $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id()); $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code); // set order_id for deleting canceld order $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID']; $financingtype = $this->installmenttypes[$_SESSION[$this->code]['installment_type']]; $this->payment_method->setFinancingtype($financingtype); $request_parameters = parent::_request_parameters('fnc'); if (!isset($request_parameters['invoicing'])) { $request_parameters['invoicing'] = $this->_getInvoicingTransaction($insert_id); } $this->params = array_merge($standard_parameters, $request_parameters); $this->builder = new Payone_Builder($this->payone->getPayoneConfig()); parent::_build_service_authentification('fnc'); parent::_parse_response_payone_api(); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL')); }
<?php echo xtc_draw_form('orders', FILENAME_ORDERS, '', 'get'); ?> <?php echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> </td> </tr> <tr> <td class="main" valign="top">Customers</td> <td class="main" valign="top" align="right"><?php echo xtc_draw_form('status', FILENAME_ORDERS, '', 'get'); ?> <?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), '', 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form></td> </tr> </table> </td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr class="dataTableHeadingRow">
echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']); //BOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n) echo xtc_draw_hidden_field('del_qty', $order->products[$i]['qty']); echo xtc_draw_hidden_field('del_pID', $order->products[$i]['id']); //EOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n) echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_DELETE . '"/>'; ?> </form> <?php echo xtc_draw_form('select_options', FILENAME_ORDERS_EDIT, '', 'GET'); echo xtc_draw_hidden_field('edit_action', 'options'); echo xtc_draw_hidden_field('pID', $order->products[$i]['id']); echo xtc_draw_hidden_field('oID', $_GET['oID']); echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']); //BOF - web28 - 2011-01-16 - FIX missing sessions id echo xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); //EOF - web28 - 2011-01-16 - FIX missing sessions id echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_PRODUCT_OPTIONS . '"/>'; ?> </form> </td> </td> </tr> <?php } ?> </table> <br /><br /> <!-- Artikelbearbeitung Ende //--> <!-- Artikel Einfügen Anfang //-->
function paypal_checkout() { // Stand: 27.03.2010 if (PAYPAL_MODE == 'sandbox') { $this->API_UserName = PAYPAL_API_SANDBOX_USER; $this->API_Password = PAYPAL_API_SANDBOX_PWD; $this->API_Signature = PAYPAL_API_SANDBOX_SIGNATURE; $this->API_Endpoint = 'https://api-3t.sandbox.paypal.com/nvp'; $this->EXPRESS_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token='; $this->GIROPAY_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_complete-express-checkout&token='; $this->IPN_URL = 'https://www.sandbox.paypal.com/cgi-bin/webscr'; } elseif (PAYPAL_MODE == 'live') { $this->API_UserName = PAYPAL_API_USER; $this->API_Password = PAYPAL_API_PWD; $this->API_Signature = PAYPAL_API_SIGNATURE; $this->API_Endpoint = 'https://api-3t.paypal.com/nvp'; $this->EXPRESS_URL = 'https://www.paypal.com/webscr?cmd=_express-checkout&token='; $this->GIROPAY_URL = 'https://www.paypal.com/webscr?cmd=_complete-express-checkout&token='; $this->IPN_URL = 'https://www.paypal.com/cgi-bin/webscr'; } if (ENABLE_SSL == true) { $this->NOTIFY_URL = HTTPS_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php'; $this->EXPRESS_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->EXPRESS_RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->PRE_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR; $this->RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->GIROPAY_SUCCESS_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->GIROPAY_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->BANKTXN_PENDING_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); } else { $this->NOTIFY_URL = HTTP_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php'; $this->EXPRESS_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->EXPRESS_RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->PRE_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR; $this->RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->GIROPAY_SUCCESS_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->GIROPAY_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id(); $this->BANKTXN_PENDING_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id(); } $this->version = VERSION; $this->USE_PROXY = FALSE; $this->payPalURL = ''; $this->ppAPIec = $this->buildAPIKey(PAYPAL_API_KEY); if (ENABLE_SSL == true) { $hdrImg = 'templates/' . CURRENT_TEMPLATE . '/img/' . PAYPAL_API_IMAGE; if (file_exists(DIR_FS_CATALOG . $hdrImg) && PAYPAL_API_IMAGE != '') { $hdrSize = getimagesize(DIR_FS_CATALOG . $hdrImg); if ($hdrSize[0] <= 750 && $hdrSize[1] <= 90) { $this->Image = urlencode(HTTPS_SERVER . DIR_WS_CATALOG . $hdrImg); } } } if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BACK)) { $this->BackColor = PAYPAL_API_CO_BACK; } if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BORD)) { $this->BorderColor = PAYPAL_API_CO_BORD; } }
?> </p> </div> <div class='col-xs-6 text-right'> <?php echo xtc_draw_form('search', FILENAME_CATEGORIES, '', 'get'); echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('search', $search) . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> <?php if (CAT_VIEW_DROPDOWN) { ?> <?php echo xtc_draw_form('goto', FILENAME_CATEGORIES, '', 'get'); echo HEADING_TITLE_GOTO . ' ' . xtc_draw_pull_down_menu('cPath', xtc_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> <?php } ?> </div> <div class='col-xs-12'> <br> </div> <!-- search and quickjump --> <div class='col-xs-12'> <div id='responsive_table' class='table-responsive pull-left col-sm-12'> <!-- categories and products table --> <table class='table table-bordered'> <tr class="dataTableHeadingRow"> <td class="dataTableHeadingContent hidden-xs" width="4%" align="center"> <?php
?> </div> </form> </div> <div class="col-xs-12 smallText text-center"> <?php echo xtc_draw_form('status', FILENAME_CUSTOMERS, '', 'get'); $select_data = array(); //BOF - GTB - 2011-02-03 - show selected customer group //$select_data = array (array ('id' => '99', 'text' => TEXT_SELECT), array ('id' => '100', 'text' => TEXT_ALL_CUSTOMERS)); $select_data = array(array('id' => '', 'text' => TEXT_SELECT), array('id' => '100', 'text' => TEXT_ALL_CUSTOMERS)); //<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status',xtc_array_merge($select_data, $customers_statuses_array), '99', 'onChange="this.form.submit();"').xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); </td> //EOF - GTB - 2011-02-03 - show selected customer group ?> <?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', xtc_array_merge($select_data, $customers_statuses_array), isset($_GET['status']) ? $_GET['status'] : '', 'onChange="this.form.submit();" style="max-width: 200px;"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); ?> </form> </div> <div class='col-xs-12'> <div id='responsive_table' class='table-responsive pull-left col-sm-12'> <table class="table table-bordered"> <tr class="dataTableHeadingRow"> <td class="dataTableHeadingContent hidden-xs hidden-sm" width="40"><?php echo TABLE_HEADING_ACCOUNT_TYPE; ?> </td> <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERSCID . xtc_sorting(FILENAME_CUSTOMERS, 'customers_cid'); ?> </td>
if (sizeof($order->products[$i]['properties']) > 0) { for ($j = 0, $k = sizeof($order->products[$i]['properties']); $j < $k; $j++) { if (!empty($order->products[$i]['properties'][$j]['properties_name']) || !empty($order->products[$i]['properties'][$j]['values_name'])) { $contents[] = array('text' => '<small> <i> - ' . $order->products[$i]['properties'][$j]['properties_name'] . ': ' . $order->products[$i]['properties'][$j]['values_name'] . '</i></small></nobr>'); } } } # properties EOF } // elari End add display products $contents[] = array('text' => '<br />'); // BOF GM_MOD EOF } // bof gm $gm_heading_multi_status[] = array('text' => '<b>' . HEADING_GM_STATUS . '</b>'); $content_multi_order_status[] = array('text' => xtc_draw_hidden_field(xtc_session_name(), xtc_session_id())); $content_multi_order_status[] = array('text' => xtc_draw_hidden_field('action', 'gm_multi_status') . xtc_draw_hidden_field('page', $_GET['page'])); $content_multi_order_status[] = array('text' => xtc_draw_pull_down_menu('gm_status', array_merge(array(array('id' => '', 'text' => TEXT_GM_STATUS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses))); /* magnalister v2.0.0 */ if (function_exists('magnaExecute')) { magnaExecute('magnaRenderOrderStatusSync', array('multi' => true), array('order_details.php')); } /* END magnalister */ $content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify', 'on') . ENTRY_NOTIFY_CUSTOMER); $content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify_comments', 'on') . ENTRY_NOTIFY_COMMENTS); $content_multi_order_status[] = array('text' => TABLE_HEADING_COMMENTS . '<br>' . xtc_draw_textarea_field('gm_comments', '', 24, 5, $_GET['comments'], '', false) . '<br>'); $content_multi_order_status[] = array('align' => 'left', 'text' => '<div align="center"><input type="submit" class="button" value="' . BUTTON_CONFIRM . '"></form></div>'); $content_multi_order_status[] = array('align' => 'left', 'text' => '<br />'); // eof gm break; }