public static function logHttpReferer() { global $cookie; if (!isset($cookie->id_connections) or !Validate::isUnsignedId($cookie->id_connections)) { return false; } if (!isset($_SERVER['HTTP_REFERER']) and !Configuration::get('TRACKING_DIRECT_TRAFFIC')) { return false; } $source = new ConnectionsSource(); if (isset($_SERVER['HTTP_REFERER']) and Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) { if (preg_replace('/^www./', '', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST)) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) and !strncmp(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH), parse_url('http://' . Tools::getHttpHost(false, false) . __PS_BASE_URI__, PHP_URL_PATH), strlen(__PS_BASE_URI__))) { return false; } if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) { $source->http_referer = strval($_SERVER['HTTP_REFERER']); $source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER']))); if (!Validate::isMessage($source->keywords)) { return false; } } } $source->id_connections = intval($cookie->id_connections); $source->request_uri = Tools::getHttpHost(false, false); if (isset($_SERVER['REDIRECT_URL'])) { $source->request_uri .= strval($_SERVER['REDIRECT_URL']); } elseif (isset($_SERVER['REQUEST_URI'])) { $source->request_uri .= strval($_SERVER['REQUEST_URI']); } if (!Validate::isUrl($source->request_uri)) { unset($source->request_uri); } return $source->add(); }
function processOrderStep($params) { global $cart, $smarty, $errors; if (!isset($_POST['id_address_delivery']) or !Address::isCountryActiveById(intval($_POST['id_address_delivery']))) { $errors[] = 'this address is not in a valid area'; } else { $cart->id_address_delivery = intval($_POST['id_address_delivery']); $cart->id_address_invoice = isset($_POST['same']) ? intval($_POST['id_address_delivery']) : intval($_POST['id_address_invoice']); if (!$cart->update()) { $errors[] = Tools::displayError('an error occured while updating your cart'); } Module::hookExec('orderAddressVerification', array()); if (isset($_POST['message']) and !empty($_POST['message'])) { if (!Validate::isMessage($_POST['message'])) { $errors[] = Tools::displayError('invalid message'); } elseif ($oldMessage = Message::getMessageByCartId(intval($cart->id))) { $message = new Message(intval($oldMessage['id_message'])); $message->message = htmlentities($_POST['message'], ENT_COMPAT, 'UTF-8'); $message->update(); } else { $message = new Message(); $message->message = htmlentities($_POST['message'], ENT_COMPAT, 'UTF-8'); $message->id_cart = intval($cart->id); $message->id_customer = intval($cart->id_customer); $message->add(); } } } }
/** * Start forms process * @see FrontController::postProcess() */ public function postProcess() { if (Tools::isSubmit('submitMessage')) { $idOrder = (int) Tools::getValue('id_order'); $msgText = Tools::getValue('msgText'); if (!$idOrder || !Validate::isUnsignedId($idOrder)) { $this->errors[] = Tools::displayError('The order is no longer valid.'); } elseif (empty($msgText)) { $this->errors[] = Tools::displayError('The message cannot be blank.'); } elseif (!Validate::isMessage($msgText)) { $this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).'); } if (!count($this->errors)) { $order = new Order($idOrder); if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) { //check if a thread already exist $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id); $cm = new CustomerMessage(); if (!$id_customer_thread) { $ct = new CustomerThread(); $ct->id_contact = 0; $ct->id_customer = (int) $order->id_customer; $ct->id_shop = (int) $this->context->shop->id; if (($id_product = (int) Tools::getValue('id_product')) && $order->orderContainProduct((int) $id_product)) { $ct->id_product = $id_product; } $ct->id_order = (int) $order->id; $ct->id_lang = (int) $this->context->language->id; $ct->email = $this->context->customer->email; $ct->status = 'open'; $ct->token = Tools::passwdGen(12); $ct->add(); } else { $ct = new CustomerThread((int) $id_customer_thread); } $cm->id_customer_thread = $ct->id; $cm->message = $msgText; $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']); $cm->add(); if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) { $to = strval(Configuration::get('PS_SHOP_EMAIL')); } else { $to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE')); $to = strval($to->email); } $toName = strval(Configuration::get('PS_SHOP_NAME')); $customer = $this->context->customer; if (Validate::isLoadedObject($customer)) { Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText)), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname); } if (Tools::getValue('ajax') != 'true') { Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder); } $this->context->smarty->assign('message_confirmation', true); } else { $this->errors[] = Tools::displayError('Order not found'); } } } }
function processOrderStep($params) { global $cart, $smarty, $errors, $isVirtualCart, $orderTotal; $cart->recyclable = (isset($_POST['recyclable']) and !empty($_POST['recyclable'])) ? 1 : 0; if (isset($_POST['gift']) and !empty($_POST['gift'])) { if (!Validate::isMessage($_POST['gift_message'])) { $errors[] = Tools::displayError('invalid gift message'); } else { $cart->gift = 1; $cart->gift_message = strip_tags($_POST['gift_message']); } } else { $cart->gift = 0; } $address = new Address(intval($cart->id_address_delivery)); if (!Validate::isLoadedObject($address)) { die(Tools::displayError()); } if (!($id_zone = Address::getZoneById($address->id))) { $errors[] = Tools::displayError('no zone match with your address'); } if (isset($_POST['id_carrier']) and Validate::isInt($_POST['id_carrier']) and sizeof(Carrier::checkCarrierZone(intval($_POST['id_carrier']), intval($id_zone)))) { $cart->id_carrier = intval($_POST['id_carrier']); } elseif (!$isVirtualCart) { $errors[] = Tools::displayError('invalid carrier or no carrier selected'); } Module::hookExec('extraCarrierDetailsProcess', array('carrier' => new Carrier($cart->id_carrier))); $cart->update(); }
function textRecord(Product $product, Cart $cart) { global $errors; if (!($fieldIds = $product->getCustomizationFieldIds())) { return false; } $authorizedTextFields = array(); foreach ($fieldIds as $fieldId) { if ($fieldId['type'] == _CUSTOMIZE_TEXTFIELD_) { $authorizedTextFields[intval($fieldId['id_customization_field'])] = 'textField' . intval($fieldId['id_customization_field']); } } $indexes = array_flip($authorizedTextFields); foreach ($_POST as $fieldName => $value) { if (in_array($fieldName, $authorizedTextFields) and !empty($value)) { if (!Validate::isMessage($value)) { $errors[] = Tools::displayError('Invalid message'); } else { $cart->addTextFieldToProduct(intval($product->id), $indexes[$fieldName], $value); } } elseif (in_array($fieldName, $authorizedTextFields) and empty($value)) { $cart->deleteTextFieldFromProduct(intval($product->id), $indexes[$fieldName]); } } }
public static function getKeywords($url) { $parsed_url = @parse_url($url); if (!isset($parsed_url['host']) || !isset($parsed_url['query'])) { return false; } $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS('SELECT `server`, `getvar` FROM `' . _DB_PREFIX_ . 'search_engine`'); foreach ($result as $row) { $host =& $row['server']; $varname =& $row['getvar']; if (strstr($parsed_url['host'], $host)) { $array = array(); preg_match('/[^a-z]' . $varname . '=.+\\&/U', $parsed_url['query'], $array); if (empty($array[0])) { preg_match('/[^a-z]' . $varname . '=.+$/', $parsed_url['query'], $array); } if (empty($array[0])) { return false; } $str = urldecode(str_replace('+', ' ', ltrim(substr(rtrim($array[0], '&'), strlen($varname) + 1), '='))); if (!Validate::isMessage($str)) { return false; } return $str; } } }
/** * Update criterion * * @return boolean succeed */ public static function update($id_product_comment_criterion, $id_lang, $name) { if (!Validate::isUnsignedId($id_product_comment_criterion) || !Validate::isUnsignedId($id_lang) || !Validate::isMessage($name)) { die(Tools::displayError()); } return Db::getInstance()->Execute(' UPDATE `' . _DB_PREFIX_ . 'product_comment_criterion` SET `name` = \'' . pSQL($name) . '\' WHERE `id_product_comment_criterion` = ' . intval($id_product_comment_criterion) . ' AND `id_lang` = ' . intval($id_lang)); }
public static function logHttpReferer(Cookie $cookie = null) { if (!$cookie) { $cookie = Context::getContext()->cookie; } if (!isset($cookie->id_connections) || !Validate::isUnsignedId($cookie->id_connections)) { return false; } if (!isset($_SERVER['HTTP_REFERER']) && !Configuration::get('TRACKING_DIRECT_TRAFFIC')) { return false; } $source = new ConnectionsSource(); if (isset($_SERVER['HTTP_REFERER']) && Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) { $parsed = parse_url($_SERVER['HTTP_REFERER']); $parsed_host = parse_url(Tools::getProtocol() . Tools::getHttpHost(false, false) . __PS_BASE_URI__); if (preg_replace('/^www./', '', $parsed['host']) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) && !strncmp($parsed['path'], $parsed_host['path'], strlen(__PS_BASE_URI__))) { return false; } if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) { $source->http_referer = substr(strval($_SERVER['HTTP_REFERER']), 0, ConnectionsSource::$uri_max_size); $source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER']))); if (!Validate::isMessage($source->keywords)) { return false; } } } $source->id_connections = (int) $cookie->id_connections; $source->request_uri = Tools::getHttpHost(false, false); if (isset($_SERVER['REDIRECT_URL'])) { $source->request_uri .= strval($_SERVER['REDIRECT_URL']); } elseif (isset($_SERVER['REQUEST_URI'])) { $source->request_uri .= strval($_SERVER['REQUEST_URI']); } if (!Validate::isUrl($source->request_uri)) { $source->request_uri = ''; } $source->request_uri = substr($source->request_uri, 0, ConnectionsSource::$uri_max_size); return $source->add(); }
protected function _processCarrier() { self::$cart->recyclable = (int) Tools::getValue('recyclable'); self::$cart->gift = (int) Tools::getValue('gift'); if ((int) Tools::getValue('gift')) { if (!Validate::isMessage($_POST['gift_message'])) { $this->errors[] = Tools::displayError('Invalid gift message'); } else { self::$cart->gift_message = strip_tags($_POST['gift_message']); } } if (isset(self::$cookie->id_customer) and self::$cookie->id_customer) { $address = new Address((int) self::$cart->id_address_delivery); if (!($id_zone = Address::getZoneById($address->id))) { $this->errors[] = Tools::displayError('No zone match with your address'); } } else { $id_zone = Country::getIdZone((int) Configuration::get('PS_COUNTRY_DEFAULT')); } if (Validate::isInt(Tools::getValue('id_carrier')) and sizeof(Carrier::checkCarrierZone((int) Tools::getValue('id_carrier'), (int) $id_zone))) { self::$cart->id_carrier = (int) Tools::getValue('id_carrier'); } elseif (!self::$cart->isVirtualCart() and (int) Tools::getValue('id_carrier') != 0) { $this->errors[] = Tools::displayError('Invalid carrier or no carrier selected'); } Module::hookExec('processCarrier', array('cart' => self::$cart)); return self::$cart->update(); }
$return[strtoupper($key)] = utf8_encode(urldecode(stripslashes($val))); } } if (isset($return['SIGNATURE']) and isset($return['CENAME']) and isset($return['DYPREPARATIONTIME']) and isset($return['DYFORWARDINGCHARGES']) and isset($return['TRCLIENTNUMBER']) and isset($return['ORDERID']) and isset($return['TRCLIENTNUMBER'])) { if (!isset($return['ERRORCODE']) or $return['ERRORCODE'] == NULL or in_array($return['ERRORCODE'], $nonBlockingError)) { if ($return['SIGNATURE'] === socolissimo::make_key($return['CENAME'], (double) $return['DYPREPARATIONTIME'], $return['DYFORWARDINGCHARGES'], $return['TRCLIENTNUMBER'], $return['ORDERID'])) { global $cookie; if (isset($cookie) or is_object($cookie)) { if (saveOrderShippingDetails((int) $cookie->id_cart, (int) $return['TRCLIENTNUMBER'], $return)) { global $cookie; $cart = new Cart((int) $cookie->id_cart); $TRPARAMPLUS = explode('|', Tools::getValue('TRPARAMPLUS')); $cart->id_carrier = $TRPARAMPLUS[0]; $cart->gift = (int) $TRPARAMPLUS[1]; if ((int) $cart->gift) { if (Validate::isMessage($TRPARAMPLUS[2])) { $cart->gift_message = strip_tags($TRPARAMPLUS[2]); } } if (!$cart->update()) { Tools::redirect(); } else { Tools::redirect('order.php?step=3&cgv=1'); } } else { echo '<div class="alert error"><img src="' . _PS_IMG_ . 'admin/forbbiden.gif" alt="nok" /> ' . $so->displaySoError('999') . ' <p><br/><a href="' . Tools::getProtocol(true) . htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8') . __PS_BASE_URI__ . 'order.php" class="button_small" title="Retour">« Retour</a></p></div>'; } } else { echo '<div class="alert error"><img src="' . _PS_IMG_ . 'admin/forbbiden.gif" alt="nok" /> ' . $so->displaySoError('999') . ' <p><br/><a href="' . Tools::getProtocol(true) . htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8') . __PS_BASE_URI__ . 'order.php" class="button_small" title="Retour">« Retour</a></p></div>';
protected function _processCarrier() { $this->context->cart->recyclable = (int) Tools::getValue('recyclable'); $this->context->cart->gift = (int) Tools::getValue('gift'); if ((int) Tools::getValue('gift')) { if (!Validate::isMessage($_POST['gift_message'])) { $this->errors[] = Tools::displayError('Invalid gift message.'); } else { $this->context->cart->gift_message = strip_tags($_POST['gift_message']); } } if (isset($this->context->customer->id) && $this->context->customer->id) { $address = new Address((int) $this->context->cart->id_address_delivery); if (!($id_zone = Address::getZoneById($address->id))) { $this->errors[] = Tools::displayError('No zone matches your address.'); } } else { $id_zone = Country::getIdZone((int) Configuration::get('PS_COUNTRY_DEFAULT')); } if (Tools::getIsset('delivery_option')) { if ($this->validateDeliveryOption(Tools::getValue('delivery_option'))) { $this->context->cart->setDeliveryOption(Tools::getValue('delivery_option')); } } elseif (Tools::getIsset('id_carrier')) { // For retrocompatibility reason, try to transform carrier to an delivery option list $delivery_option_list = $this->context->cart->getDeliveryOptionList(); if (count($delivery_option_list) == 1) { $delivery_option = reset($delivery_option_list); $key = Cart::desintifier(Tools::getValue('id_carrier')); foreach ($delivery_option_list as $id_address => $options) { if (isset($options[$key])) { $this->context->cart->id_carrier = (int) Tools::getValue('id_carrier'); $this->context->cart->setDeliveryOption(array($id_address => $key)); if (isset($this->context->cookie->id_country)) { unset($this->context->cookie->id_country); } if (isset($this->context->cookie->id_state)) { unset($this->context->cookie->id_state); } } } } } Hook::exec('actionCarrierProcess', array('cart' => $this->context->cart)); if (!$this->context->cart->update()) { return false; } // Carrier has changed, so we check if the cart rules still apply CartRule::autoRemoveFromCart($this->context); CartRule::autoAddToCart($this->context); return true; }
public function postProcess() { ${${"GLOBALS"}["thtbvco"]} = new Order((int) Tools::getValue("id_order")); $difdqhzqxl = "id_order_seller"; if (!Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) { $this->errors[] = Tools::displayError("Order not found or you do not have permission to view this order."); return; } ${"GLOBALS"}["fqitvbmdfl"] = "order"; ${${"GLOBALS"}["gfrblyem"]} = AgileSellerManager::getObjectOwnerID("order", $order->id); ${"GLOBALS"}["bsmpehdujqe"] = "id_customer_seller"; ${${"GLOBALS"}["taultlaseq"]} = AgileSellerManager::getLinkedSellerID($this->context->customer->id); $qjwuyezbnwd = "order"; if (${$difdqhzqxl} != ${${"GLOBALS"}["taultlaseq"]} || ${${"GLOBALS"}["gfrblyem"]} <= 0 || ${${"GLOBALS"}["bsmpehdujqe"]} <= 0) { $this->errors[] = Tools::displayError("You do not have permission to view this order."); return; } if (Tools::isSubmit("submitShippingNumber") && isset(${${"GLOBALS"}["fqitvbmdfl"]})) { ${"GLOBALS"}["mllzihk"] = "order_carrier"; $fdknpwcl = "order_carrier"; ${$fdknpwcl} = new OrderCarrier(Tools::getValue("id_order_carrier")); if (!Validate::isLoadedObject(${${"GLOBALS"}["mllzihk"]})) { $this->errors[] = Tools::displayError("The order carrier ID is invalid."); } elseif (!Validate::isTrackingNumber(Tools::getValue("tracking_number"))) { $this->errors[] = Tools::displayError("The tracking number is incorrect."); } else { $order->shipping_number = Tools::getValue("tracking_number"); $order->update(); $order_carrier->tracking_number = pSQL(Tools::getValue("tracking_number")); if ($order_carrier->update()) { $qvvnrvmsp = "templateVars"; ${${"GLOBALS"}["cdmray"]} = new Customer((int) $order->id_customer); $ijyvqhqokid = "carrier"; ${"GLOBALS"}["mhbtmrqg"] = "templateVars"; ${$ijyvqhqokid} = new Carrier((int) $order_carrier->id_carrier, $order->id_lang); if (!Validate::isLoadedObject(${${"GLOBALS"}["cdmray"]})) { throw new PrestaShopException("Can't load Customer object"); } if (!Validate::isLoadedObject(${${"GLOBALS"}["tvqrewgc"]})) { throw new PrestaShopException("Can't load Carrier object"); } ${${"GLOBALS"}["mhbtmrqg"]} = array("{followup}" => str_replace("@", $order_carrier->tracking_number, $carrier->url), "{firstname}" => $customer->firstname, "{lastname}" => $customer->lastname, "{id_order}" => $order->id, "{shipping_number}" => $order_carrier->tracking_number, "{order_name}" => $order->getUniqReference()); if (@Mail::Send((int) $order->id_lang, "in_transit", Mail::l('Package in transit', (int) $order->id_lang), ${$qvvnrvmsp}, $customer->email, $customer->firstname . " " . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) { ${"GLOBALS"}["rwzquyb"] = "order"; Hook::exec("actionAdminOrdersTrackingNumberUpdate", array("order" => ${${"GLOBALS"}["rwzquyb"]}, "customer" => ${${"GLOBALS"}["cdmray"]}, "carrier" => ${${"GLOBALS"}["tvqrewgc"]}), null, false, true, false, $order->id_shop); } else { $this->errors[] = Tools::displayError("An error occurred while sending an email to the customer."); } } else { $this->errors[] = Tools::displayError("The order carrier cannot be updated."); } } } elseif (Tools::isSubmit("submitState") && isset(${$qjwuyezbnwd})) { ${${"GLOBALS"}["bfrxhizen"]} = new OrderState(Tools::getValue("id_order_state")); if (!Validate::isLoadedObject(${${"GLOBALS"}["bfrxhizen"]})) { $this->errors[] = Tools::displayError("Invalid new order status"); } else { ${${"GLOBALS"}["rxsllerec"]} = $order->getCurrentOrderState(); if ($current_order_state->id != $order_state->id) { $heccerkhiwt = "history"; ${$heccerkhiwt} = new OrderHistory(); ${"GLOBALS"}["uynetoegv"] = "templateVars"; $vriwvgqg = "templateVars"; $history->id_order = $order->id; $history->id_employee = 1; $history->changeIdOrderState($order_state->id, $order->id); ${${"GLOBALS"}["tvqrewgc"]} = new Carrier($order->id_carrier, $order->id_lang); ${$vriwvgqg} = array(); if ($history->id_order_state == Configuration::get("PS_OS_SHIPPING") && $order->shipping_number) { ${${"GLOBALS"}["nkwobosfw"]} = array("{followup}" => str_replace("@", $order->shipping_number, $carrier->url)); } elseif ($history->id_order_state == Configuration::get("PS_OS_CHEQUE")) { ${${"GLOBALS"}["nkwobosfw"]} = array("{cheque_name}" => Configuration::get("CHEQUE_NAME") ? Configuration::get("CHEQUE_NAME") : "", "{cheque_address_html}" => Configuration::get("CHEQUE_ADDRESS") ? nl2br(Configuration::get("CHEQUE_ADDRESS")) : ""); } elseif ($history->id_order_state == Configuration::get("PS_OS_BANKWIRE")) { ${${"GLOBALS"}["nkwobosfw"]} = array("{bankwire_owner}" => Configuration::get("BANK_WIRE_OWNER") ? Configuration::get("BANK_WIRE_OWNER") : "", "{bankwire_details}" => Configuration::get("BANK_WIRE_DETAILS") ? nl2br(Configuration::get("BANK_WIRE_DETAILS")) : "", "{bankwire_address}" => Configuration::get("BANK_WIRE_ADDRESS") ? nl2br(Configuration::get("BANK_WIRE_ADDRESS")) : ""); } if (!$history->addWithemail(true, ${${"GLOBALS"}["uynetoegv"]})) { $this->errors[] = Tools::displayError("An error occurred while changing the status or was unable to send e-mail to the customer."); } } else { $this->errors[] = Tools::displayError("This order is already assigned this status"); } } if (empty($this->errors)) { self::$smarty->assign("cfmmsg_flag", 1); } } if (Tools::isSubmit("submitMessage")) { $ipovlstkh = "idOrder"; ${${"GLOBALS"}["pfwbejwlah"]} = (int) Tools::getValue("id_order"); ${${"GLOBALS"}["nioumgdgj"]} = Tools::getValue("msgText"); ${"GLOBALS"}["tumvnnp"] = "msgText"; if (!${${"GLOBALS"}["pfwbejwlah"]} || !Validate::isUnsignedId(${$ipovlstkh})) { $this->errors[] = Tools::displayError("Order is no longer valid"); } else { if (empty(${${"GLOBALS"}["nioumgdgj"]})) { $this->errors[] = Tools::displayError("Message cannot be blank"); } else { if (!Validate::isMessage(${${"GLOBALS"}["tumvnnp"]})) { $this->errors[] = Tools::displayError("Message is invalid (HTML is not allowed)"); } } } if (!count($this->errors)) { $svycwjflohh = "idOrder"; ${${"GLOBALS"}["thtbvco"]} = new Order(${$svycwjflohh}); if (Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) { ${"GLOBALS"}["pcdbkuo"] = "cm"; ${"GLOBALS"}["qejrcjwlidu"] = "to"; ${${"GLOBALS"}["nbpumdloal"]} = new Employee(); $iilmenu = "seller"; ${$iilmenu} = $emp->getbyEmail($this->context->customer->email); $ucwaikq = "customer"; ${$ucwaikq} = new Customer($order->id_customer); ${${"GLOBALS"}["ryhapbx"]} = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id); ${"GLOBALS"}["pnxcso"] = "id_customer_thread"; ${${"GLOBALS"}["pcdbkuo"]} = new CustomerMessage(); ${"GLOBALS"}["csptele"] = "ct"; $pykymotfmtq = "fromName"; if (!${${"GLOBALS"}["pnxcso"]}) { ${"GLOBALS"}["azdvluwhw"] = "id_product"; ${"GLOBALS"}["fpmtmpmcoy"] = "id_product"; $vckfnym = "id_product"; ${${"GLOBALS"}["docrub"]} = new CustomerThread(); $ct->id_contact = 2; $ct->id_customer = (int) $order->id_customer; $ct->id_shop = (int) $this->context->shop->id; ${$vckfnym} = (int) Tools::getValue("id_product"); if (${${"GLOBALS"}["fxogbxc"]} && $order->orderContainProduct(${${"GLOBALS"}["azdvluwhw"]})) { $ct->id_product = ${${"GLOBALS"}["fpmtmpmcoy"]}; } $ct->id_order = (int) $order->id; $ct->id_lang = (int) $this->context->language->id; $ct->email = $customer->email; $ct->status = "open"; $ct->token = Tools::passwdGen(12); $ct->add(); } else { ${${"GLOBALS"}["csptele"]} = new CustomerThread((int) ${${"GLOBALS"}["ryhapbx"]}); } $qlkkcochivs = "msgText"; $cm->id_customer_thread = $ct->id; $cm->message = ${${"GLOBALS"}["nioumgdgj"]}; $cm->ip_address = ip2long($_SERVER["REMOTE_ADDR"]); $cm->id_employee = $seller->id; $cm->add(); $mwsicth = "fromName"; ${"GLOBALS"}["lhbflpuhi"] = "customer"; ${${"GLOBALS"}["oatuem"]} = $customer->email; ${${"GLOBALS"}["xtxkthxeqll"]} = $customer->firstname . " " . $customer->lastname; ${${"GLOBALS"}["sormbzxw"]} = $seller->email; ${$mwsicth} = $seller->firstname . " " . $seller->lastname; if (Validate::isLoadedObject(${${"GLOBALS"}["lhbflpuhi"]})) { Mail::Send($this->context->language->id, "order_merchant_comment", Mail::l('Message from a seller'), array("{lastname}" => $customer->lastname, "{firstname}" => $customer->firstname, "{email}" => $customer->email, "{id_order}" => (int) $order->id, "{order_name}" => $order->getUniqReference(), "{message}" => Tools::nl2br(${$qlkkcochivs})), ${${"GLOBALS"}["qejrcjwlidu"]}, ${${"GLOBALS"}["xtxkthxeqll"]}, ${${"GLOBALS"}["sormbzxw"]}, ${$pykymotfmtq}); } } else { $this->errors[] = Tools::displayError("Order not found"); } } } }
function processCarrier() { global $cart, $smarty, $isVirtualCart, $orderTotal; $errors = array(); $cart->recyclable = (isset($_POST['recyclable']) and !empty($_POST['recyclable'])) ? 1 : 0; if (isset($_POST['gift']) and !empty($_POST['gift'])) { if (!Validate::isMessage($_POST['gift_message'])) { $errors[] = Tools::displayError('invalid gift message'); } else { $cart->gift = 1; $cart->gift_message = strip_tags($_POST['gift_message']); } } else { $cart->gift = 0; } $address = new Address(intval($cart->id_address_delivery)); if (!Validate::isLoadedObject($address)) { die(Tools::displayError()); } if (!($id_zone = Address::getZoneById($address->id))) { $errors[] = Tools::displayError('no zone match with your address'); } if (isset($_POST['id_carrier']) and Validate::isInt($_POST['id_carrier']) and sizeof(Carrier::checkCarrierZone(intval($_POST['id_carrier']), intval($id_zone)))) { $cart->id_carrier = intval($_POST['id_carrier']); } elseif (!$isVirtualCart) { $errors[] = Tools::displayError('invalid carrier or no carrier selected'); } $cart->update(); if (sizeof($errors)) { $smarty->assign('errors', $errors); displayCarrier(); include dirname(__FILE__) . '/footer.php'; exit; } $orderTotal = $cart->getOrderTotal(); }
public function postProcess() { if (Tools::isSubmit('submitCloseClaim')) { $id_mf_claim = (int) Tools::getValue('id_mf_claim'); if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) { $this->errors[] = $this->l('The claim is no longer valid.'); } else { $claim = new MediafinanzClaim($id_mf_claim); if (!Validate::isLoadedObject($claim)) { $this->errors[] = $this->l('The Claim cannot be found'); } else { try { $res = $this->module->closeClaim($claim->file_number); if ($res) { $this->confirmations[] = $this->l('The Claim has been closed'); } else { $this->errors[] = $this->l('The Claim has not been closed'); } } catch (Exception $e) { $this->errors[] = $this->l('The Claim has not been closed'); $this->errors[] = $e->getMessage(); Mediafinanz::logToFile($e->getMessage(), 'general'); } } } } if (Tools::isSubmit('submitBookDirectPayment')) { $id_mf_claim = (int) Tools::getValue('id_mf_claim'); $amount = str_replace(',', '.', Tools::getValue('paidAmount')); if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) { $this->errors[] = $this->l('The Claim is no longer valid.'); } else { $claim = new MediafinanzClaim($id_mf_claim); if (!Validate::isLoadedObject($claim)) { $this->errors[] = $this->l('The Claim cannot be found'); } elseif (!Validate::isDate(Tools::getValue('dateOfPayment'))) { $this->errors[] = $this->l('The date of payment is invalid'); } elseif (!Validate::isPrice($amount)) { $this->errors[] = $this->l('The paid amount is invalid.'); } else { try { $direct_payment = array('dateOfPayment' => Tools::getValue('dateOfPayment'), 'paidAmount' => $amount); $res = $this->module->bookDirectPayment($claim->file_number, $direct_payment); if ($res) { $this->confirmations[] = $this->l('Direct payment has been booked'); } else { $this->errors[] = $this->l('Direct payment has not been booked'); } } catch (Exception $e) { $this->errors[] = $this->l('Direct payment has not been booked'); $this->errors[] = $e->getMessage(); Mediafinanz::logToFile($e->getMessage(), 'general'); } } } } if (Tools::isSubmit('submitMessage')) { $id_mf_claim = (int) Tools::getValue('id_mf_claim'); $msg_text = Tools::getValue('message'); if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) { $this->errors[] = $this->l('The claim is no longer valid.'); } elseif (empty($msg_text)) { $this->errors[] = $this->l('The message cannot be blank.'); } elseif (!Validate::isMessage($msg_text)) { $this->errors[] = $this->l('This message is invalid (HTML is not allowed).'); } if (!count($this->errors)) { $claim = new MediafinanzClaim($id_mf_claim); if (Validate::isLoadedObject($claim)) { try { $res = $this->module->sendMessage($claim->file_number, $msg_text); if (!$res) { $this->errors[] = $this->l('The Message has not been sent'); } else { $this->confirmations[] = $this->l('The Message has been sent'); } } catch (Exception $e) { $this->errors[] = $this->l('The Message has not been sent'); $this->errors[] = $e->getMessage(); Mediafinanz::logToFile($e->getMessage(), 'general'); } } else { $this->errors[] = $this->l('The Claim not found'); } } } /*if (Tools::isSubmit('update_claims_statuses')) {*/ if ($this->display == '') { try { $this->module->updateClaimsStatuses(); } catch (Exception $e) { $this->_errors[] = $e->getMessage(); Mediafinanz::logToFile($e->getMessage(), 'general'); } } //} if (Tools::isSubmit('submitCreateClaims')) { $order_ids = Tools::getValue('order_list'); $claim = Tools::getValue('claim'); $debtor = Tools::getValue('debtor'); $list = Db::getInstance()->executeS('SELECT a.`id_order`, a.`id_shop` FROM `' . _DB_PREFIX_ . 'orders` a LEFT JOIN `' . _DB_PREFIX_ . 'orders` o ON (o.`id_order` = a.`id_order` AND o.`id_shop` = a.`id_shop`) LEFT JOIN ' . _DB_PREFIX_ . 'mf_claims c ON a.`id_order`=c.`id_order` AND c.`sandbox`=' . (int) Configuration::get('MEDIAFINANZ_SANDBOX') . ' WHERE c.`id_order` IS NULL AND a.`id_order` IN (' . implode(', ', array_map('intval', $order_ids)) . ')' . Shop::addSqlRestriction(Shop::SHARE_ORDER, 'a', 'shop')); foreach ($list as $row) { $id = $row['id_order']; $debtor_to = array('id' => $debtor[$id]['id'], 'address' => $debtor[$id]['address'], 'firstname' => $debtor[$id]['firstname'], 'lastname' => $debtor[$id]['lastname'], 'company' => $debtor[$id]['company'], 'co' => '', 'street' => $debtor[$id]['street'], 'postcode' => $debtor[$id]['postcode'], 'city' => $debtor[$id]['city'], 'country' => $debtor[$id]['country'], 'telephone1' => $debtor[$id]['telephone1'], 'telephone2' => $debtor[$id]['telephone2'], 'email' => $debtor[$id]['email']); $claim_to = array('invoice' => $claim[$id]['invoice'], 'type' => $claim[$id]['type'], 'reason' => $claim[$id]['reason'], 'originalValue' => $claim[$id]['originalvalue'], 'overdueFees' => $claim[$id]['overduefees'], 'dateOfOrigin' => $claim[$id]['dateoforigin'], 'dateOfLastReminder' => $claim[$id]['dateoflastreminder'], 'note' => $claim[$id]['note']); try { $result = $this->module->newClaim($claim_to, $debtor_to); if (!empty($result->fileNumber)) { $mf = new MediafinanzClaim(); $mf->id_order = $claim[$id]['invoice']; $mf->file_number = $result->fileNumber; $mf->firstname = $debtor[$id]['firstname']; $mf->lastname = $debtor[$id]['lastname']; $mf->id_shop = $row['id_shop']; $mf->sandbox = (int) Configuration::get('MEDIAFINANZ_SANDBOX'); $mf->add(); $claim_status = $this->module->getClaimStatus($result->fileNumber, $row['id_shop']); if ($mf->status_code != $claim_status->statusCode) { $mf->status_code = $claim_status->statusCode; $mf->status_text = $claim_status->statusText; if (isset($claim_status->statusDetails)) { $mf->status_details = $claim_status->statusDetails; } else { $mf->status_details = ''; } $mf->date_change = date('Y-m-d H:i:s'); $mf->save(); } //change state $this->module->changeOrderState($claim[$id]['invoice'], Configuration::get('PS_OS_MF_INKASSO')); } else { foreach ($result->errorList as $error_msg) { $this->errors[] = $this->l('Order') . ' - ' . $row['id_order'] . ': ' . $error_msg; } } } catch (Exception $e) { $this->errors[] = $this->l('Order') . ' - ' . $row['id_order'] . ': ' . $e->getMessage(); Mediafinanz::logToFile($this->l('Order') . ' - ' . $row['id_order'] . ': ' . $e->getMessage(), 'general'); } } } parent::postProcess(); }
public function displayFrontForm() { global $smarty, $cookie, $link; session_start(); $errors = array(); $product = new Product((int) Tools::getValue('id_product'), false, (int) $cookie->id_lang); $productlink = $link->getProductLink($product); include_once dirname(__FILE__) . '/securimage/securimage.php'; $securimage = new Securimage(); $valid = $securimage->check($code = Tools::getValue('captcha_code')); if (Tools::isSubmit('submitAskMoreInfoFront')) { $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); if (!($name = Tools::getValue('name')) && !$cookie->isLogged()) { $errors[] = $this->l('Enter your name.'); } elseif (!Validate::isName($name) && !$cookie->isLogged()) { $errors[] = $this->l('Sorry, but the name is invalid.'); } elseif (!($email = Tools::getValue('email')) && !$cookie->isLogged()) { $errors[] = $this->l('Enter your e-mail address.'); } elseif (!Validate::isEmail($email) && !$cookie->isLogged()) { $errors[] = $this->l('Sorry, but the e-mail address is invalid.'); } elseif (!($message = nl2br2($message))) { $errors[] = $this->l('Enter a message.'); } elseif (!Validate::isMessage($message)) { $errors[] = $this->l('Sorry, but the message is invalid'); } elseif (!$code && (int) Configuration::get('ASK_CAPTCHA')) { $errors[] = $this->l('Enter the security code.'); } elseif (!$valid && (int) Configuration::get('ASK_CAPTCHA')) { $errors[] = $this->l('Sorry, but the security code is not right.'); } elseif (!isset($_GET['id_product']) or !is_numeric($_GET['id_product'])) { $errors[] = $this->l('An error occurred during the process.'); } else { $subject = ($cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : $this->l('A visitor')) . ' ' . $this->l('requires more information about') . ' ' . $product->name; $templateVars = array('{product}' => $product->name, '{product_link}' => $productlink, '{customer}' => $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : $this->l('A visitor'), '{name}' => $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : Tools::safeOutput($name), '{email}' => $cookie->email ? $cookie->email : Tools::safeOutput($email), '{message}' => stripslashes($message)); if (Mail::Send((int) $cookie->id_lang, 'askmoreinfo', Mail::l($subject), $templateVars, Configuration::get('PS_SHOP_EMAIL'), NULL, $cookie->email ? $cookie->email : NULL, $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : NULL, NULL, NULL, dirname(__FILE__) . '/mails/')) { $smarty->assign('confirmation', 1); } else { $errors[] = $this->l('Sorry, an error occurred while sending message'); } } } $images = $product->getImages((int) $cookie->id_lang); foreach ($images as $image) { if ($image['cover']) { $cover['id_image'] = (int) $product->id . '-' . (int) $image['id_image']; $cover['legend'] = $image['legend']; } } if (!isset($cover)) { $cover = array('id_image' => Language::getIsoById((int) $cookie->id_lang) . '-default', 'legend' => 'No picture'); } $smarty->assign(array('customer_logged' => $cookie->customer_firstname, 'captcha' => (int) Configuration::get('ASK_CAPTCHA') == 1 ? true : false, 'askmoreinfo_imagesize' => Image::getSize('home'), 'cover' => $cover, 'errors' => $errors, 'product' => $product, 'productlink' => $productlink)); return $this->display(__FILE__, 'maofree_askmoreinfo.tpl'); }
public function ajaxProcessAddProductOnOrder() { // Load object $order = new Order((int) Tools::getValue('id_order')); if (!Validate::isLoadedObject($order)) { die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The order object cannot be loaded.')))); } if ($order->hasBeenShipped()) { die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('You cannot add products to delivered orders. ')))); } $product_informations = $_POST['add_product']; if (isset($_POST['add_invoice'])) { $invoice_informations = $_POST['add_invoice']; } else { $invoice_informations = array(); } $product = new Product($product_informations['product_id'], false, $order->id_lang); if (!Validate::isLoadedObject($product)) { die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The product object cannot be loaded.')))); } if (isset($product_informations['product_attribute_id']) && $product_informations['product_attribute_id']) { $combination = new Combination($product_informations['product_attribute_id']); if (!Validate::isLoadedObject($combination)) { die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The combination object cannot be loaded.')))); } } // Total method $total_method = Cart::BOTH_WITHOUT_SHIPPING; // Create new cart $cart = new Cart(); $cart->id_shop_group = $order->id_shop_group; $cart->id_shop = $order->id_shop; $cart->id_customer = $order->id_customer; $cart->id_carrier = $order->id_carrier; $cart->id_address_delivery = $order->id_address_delivery; $cart->id_address_invoice = $order->id_address_invoice; $cart->id_currency = $order->id_currency; $cart->id_lang = $order->id_lang; $cart->secure_key = $order->secure_key; // Save new cart $cart->add(); if (!($field_ids = $product->getCustomizationFieldIds())) { return false; } $authorized_text_fields = array(); $authorized_text_fields_2 = array(); $i = 0; foreach ($field_ids as $field_id) { if ($field_id['type'] == Product::CUSTOMIZE_TEXTFIELD) { $authorized_text_fields[(int) $field_id['id_customization_field']] = 'textField' . (int) $field_id['id_customization_field']; $authorized_text_fields_2[(int) $field_id['id_customization_field']] = 'textField' . $i; $i++; } } $indexes = array_flip($authorized_text_fields); foreach ($_POST as $field_name => $value) { if (in_array($field_name, $authorized_text_fields_2) && $value != '') { if (!Validate::isMessage($value)) { $this->errors[] = Tools::displayError('Invalid message'); } else { $key = array_search($field_name, $authorized_text_fields_2); $r1 = $cart->_addCustomizationAdminOrder($product->id, $product_informations['product_attribute_id'], $indexes['textField' . $key], Product::CUSTOMIZE_TEXTFIELD, $value, $product_informations['product_quantity'], $order->id_cart, $cart->id_address_delivery); } } else { if (in_array($field_name, $authorized_text_fields) && $value == '') { $key = array_search($field_name, $authorized_text_fields_2); $r1 = $cart->deleteCustomizationToProduct((int) $product->id, $indexes['textField' . $key]); } } } $cart->_updateCustomizationAdminOrder($product->id, $product_informations['product_attribute_id'], Product::CUSTOMIZE_TEXTFIELD, $product_informations['product_quantity'], $order->id_cart, $cart->id_address_delivery); // Save context (in order to apply cart rule) $this->context->cart = $cart; $this->context->customer = new Customer($order->id_customer); // always add taxes even if there are not displayed to the customer $use_taxes = true; $initial_product_price_tax_incl = Product::getPriceStatic($product->id, $use_taxes, isset($combination) ? $combination->id : null, 2, null, false, true, 1, false, $order->id_customer, $cart->id, $order->{Configuration::get('PS_TAX_ADDRESS_TYPE', null, null, $order->id_shop)}); // Creating specific price if needed if ($product_informations['product_price_tax_incl'] != $initial_product_price_tax_incl) { $specific_price = new SpecificPrice(); $specific_price->id_shop = 0; $specific_price->id_shop_group = 0; $specific_price->id_currency = 0; $specific_price->id_country = 0; $specific_price->id_group = 0; $specific_price->id_customer = $order->id_customer; $specific_price->id_product = $product->id; if (isset($combination)) { $specific_price->id_product_attribute = $combination->id; } else { $specific_price->id_product_attribute = 0; } $specific_price->price = $product_informations['product_price_tax_excl']; $specific_price->from_quantity = 1; $specific_price->reduction = 0; $specific_price->reduction_type = 'amount'; $specific_price->from = '0000-00-00 00:00:00'; $specific_price->to = '0000-00-00 00:00:00'; $specific_price->add(); } // Add product to cart $update_quantity = $cart->updateQty($product_informations['product_quantity'], $product->id, isset($product_informations['product_attribute_id']) ? $product_informations['product_attribute_id'] : null, isset($combination) ? $combination->id : null, 'up', 0, new Shop($cart->id_shop)); var_dump($cart->getProducts()); if ($update_quantity < 0) { // If product has attribute, minimal quantity is set with minimal quantity of attribute $minimal_quantity = $product_informations['product_attribute_id'] ? Attribute::getAttributeMinimalQty($product_informations['product_attribute_id']) : $product->minimal_quantity; die(Tools::jsonEncode(array('error' => sprintf(Tools::displayError('You must add %d minimum quantity', false), $minimal_quantity)))); } elseif (!$update_quantity) { die(Tools::jsonEncode(array('error' => Tools::displayError('You already have the maximum quantity available for this product.', false)))); } // If order is valid, we can create a new invoice or edit an existing invoice if ($order->hasInvoice()) { $order_invoice = new OrderInvoice($product_informations['invoice']); // Create new invoice if ($order_invoice->id == 0) { // If we create a new invoice, we calculate shipping cost $total_method = Cart::BOTH; // Create Cart rule in order to make free shipping if (isset($invoice_informations['free_shipping']) && $invoice_informations['free_shipping']) { $cart_rule = new CartRule(); $cart_rule->id_customer = $order->id_customer; $cart_rule->name = array(Configuration::get('PS_LANG_DEFAULT') => $this->l('[Generated] CartRule for Free Shipping')); $cart_rule->date_from = date('Y-m-d H:i:s', time()); $cart_rule->date_to = date('Y-m-d H:i:s', time() + 24 * 3600); $cart_rule->quantity = 1; $cart_rule->quantity_per_user = 1; $cart_rule->minimum_amount_currency = $order->id_currency; $cart_rule->reduction_currency = $order->id_currency; $cart_rule->free_shipping = true; $cart_rule->active = 1; $cart_rule->add(); // Add cart rule to cart and in order $cart->addCartRule($cart_rule->id); $values = array('tax_incl' => $cart_rule->getContextualValue(true), 'tax_excl' => $cart_rule->getContextualValue(false)); $order->addCartRule($cart_rule->id, $cart_rule->name[Configuration::get('PS_LANG_DEFAULT')], $values); } $order_invoice->id_order = $order->id; if ($order_invoice->number) { Configuration::updateValue('PS_INVOICE_START_NUMBER', false, false, null, $order->id_shop); } else { $order_invoice->number = Order::getLastInvoiceNumber() + 1; } $invoice_address = new Address((int) $order->{Configuration::get('PS_TAX_ADDRESS_TYPE', null, null, $order->id_shop)}); $carrier = new Carrier((int) $order->id_carrier); $tax_calculator = $carrier->getTaxCalculator($invoice_address); $order_invoice->total_paid_tax_excl = Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2); $order_invoice->total_paid_tax_incl = Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2); $order_invoice->total_products = (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS); $order_invoice->total_products_wt = (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS); $order_invoice->total_shipping_tax_excl = (double) $cart->getTotalShippingCost(null, false); $order_invoice->total_shipping_tax_incl = (double) $cart->getTotalShippingCost(); $order_invoice->total_wrapping_tax_excl = abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_WRAPPING)); $order_invoice->total_wrapping_tax_incl = abs($cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_WRAPPING)); $order_invoice->shipping_tax_computation_method = (int) $tax_calculator->computation_method; // Update current order field, only shipping because other field is updated later $order->total_shipping += $order_invoice->total_shipping_tax_incl; $order->total_shipping_tax_excl += $order_invoice->total_shipping_tax_excl; $order->total_shipping_tax_incl += $use_taxes ? $order_invoice->total_shipping_tax_incl : $order_invoice->total_shipping_tax_excl; $order->total_wrapping += abs($cart->getOrderTotal($use_taxes, Cart::ONLY_WRAPPING)); $order->total_wrapping_tax_excl += abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_WRAPPING)); $order->total_wrapping_tax_incl += abs($cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_WRAPPING)); $order_invoice->add(); $order_invoice->saveCarrierTaxCalculator($tax_calculator->getTaxesAmount($order_invoice->total_shipping_tax_excl)); $order_carrier = new OrderCarrier(); $order_carrier->id_order = (int) $order->id; $order_carrier->id_carrier = (int) $order->id_carrier; $order_carrier->id_order_invoice = (int) $order_invoice->id; $order_carrier->weight = (double) $cart->getTotalWeight(); $order_carrier->shipping_cost_tax_excl = (double) $order_invoice->total_shipping_tax_excl; $order_carrier->shipping_cost_tax_incl = $use_taxes ? (double) $order_invoice->total_shipping_tax_incl : (double) $order_invoice->total_shipping_tax_excl; $order_carrier->add(); } else { $order_invoice->total_paid_tax_excl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2); $order_invoice->total_paid_tax_incl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2); $order_invoice->total_products += (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS); $order_invoice->total_products_wt += (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS); $order_invoice->update(); } } // Create Order detail information $order_detail = new OrderDetail(); $order_detail->createList($order, $cart, $order->getCurrentOrderState(), $cart->getProducts(), isset($order_invoice) ? $order_invoice->id : 0, $use_taxes, (int) Tools::getValue('add_product_warehouse')); // update totals amount of order $order->total_products += (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS); $order->total_products_wt += (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS); $order->total_paid += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, true, $total_method), 2); $order->total_paid_tax_excl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2); $order->total_paid_tax_incl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2); if (isset($order_invoice) && Validate::isLoadedObject($order_invoice)) { $order->total_shipping = $order_invoice->total_shipping_tax_incl; $order->total_shipping_tax_incl = $order_invoice->total_shipping_tax_incl; $order->total_shipping_tax_excl = $order_invoice->total_shipping_tax_excl; } // discount $order->total_discounts += (double) abs($cart->getAdminOrderTotal($order->id_cart, true, Cart::ONLY_DISCOUNTS)); $order->total_discounts_tax_excl += (double) abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_DISCOUNTS)); $order->total_discounts_tax_incl += (double) abs($cart->getAdminOrderTotal($order->id_cart, true, Cart::ONLY_DISCOUNTS)); // Save changes of order $order->update(); // Update weight SUM $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier()); if (Validate::isLoadedObject($order_carrier)) { $order_carrier->weight = (double) $order->getTotalWeight(); if ($order_carrier->update()) { $order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight); } } // Update Tax lines $order_detail->updateTaxAmount($order); // Delete specific price if exists if (isset($specific_price)) { $specific_price->delete(); } $products = $this->getProducts($order); // Get the last product $product = end($products); $resume = OrderSlip::getProductSlipResume((int) $product['id_order_detail']); $product['quantity_refundable'] = $product['product_quantity'] - $resume['product_quantity']; $product['amount_refundable'] = $product['total_price_tax_incl'] - $resume['amount_tax_incl']; $product['amount_refund'] = Tools::displayPrice($resume['amount_tax_incl']); $product['return_history'] = OrderReturn::getProductReturnDetail((int) $product['id_order_detail']); $product['refund_history'] = OrderSlip::getProductSlipDetail((int) $product['id_order_detail']); if ($product['id_warehouse'] != 0) { $warehouse = new Warehouse((int) $product['id_warehouse']); $product['warehouse_name'] = $warehouse->name; } else { $product['warehouse_name'] = '--'; } // Get invoices collection $invoice_collection = $order->getInvoicesCollection(); $invoice_array = array(); foreach ($invoice_collection as $invoice) { $invoice->name = $invoice->getInvoiceNumberFormatted(Context::getContext()->language->id, (int) $order->id_shop); $invoice_array[] = $invoice; } // Assign to smarty informations in order to show the new product line $this->context->smarty->assign(array('product' => $product, 'order' => $order, 'currency' => new Currency($order->id_currency), 'can_edit' => $this->tabAccess['edit'], 'invoices_collection' => $invoice_collection, 'current_id_lang' => Context::getContext()->language->id, 'link' => Context::getContext()->link, 'current_index' => self::$currentIndex, 'display_warehouse' => (int) Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT'))); $this->sendChangedNotification($order); die(Tools::jsonEncode(array('result' => true, 'view' => $this->createTemplate('_product_line.tpl')->fetch(), 'can_edit' => $this->tabAccess['add'], 'product' => $product, 'order' => $order, 'invoices' => $invoice_array, 'documents_html' => $this->createTemplate('_documents.tpl')->fetch(), 'shipping_html' => $this->createTemplate('_shipping.tpl')->fetch(), 'discount_form_html' => $this->createTemplate('_discount_form.tpl')->fetch()))); }
} } else { foreach ($errors_codes as $code) { $errors_list[] = $so->l('Error code:') . ' ' . $so->getError($code); } } if (empty($errors_list)) { if ($so->isCorrectSignKey(Tools::getValue('SIGNATURE'), $return) && $so->context->cart->id && saveOrderShippingDetails($so->context->cart->id, (int) $return['TRCLIENTNUMBER'], $return, $so)) { $TRPARAMPLUS = explode('|', Tools::getValue('TRPARAMPLUS')); if (count($TRPARAMPLUS) > 1) { $so->context->cart->id_carrier = (int) $TRPARAMPLUS[0]; $so->context->cart->gift = (int) $TRPARAMPLUS[1]; } elseif (count($TRPARAMPLUS) == 1) { $so->context->cart->id_carrier = (int) $TRPARAMPLUS[0]; } if ((int) $so->context->cart->gift && Validate::isMessage($TRPARAMPLUS[2])) { $so->context->cart->gift_message = strip_tags($TRPARAMPLUS[2]); } if (!$so->context->cart->update()) { $errors_list[] = $so->l('Cart can\'t be updated. Please try again your selection'); } else { Tools::redirect($redirect . 'step=3&cgv=1&id_carrier=' . $so->context->cart->id_carrier); } } else { $errors_list[] = $so->getError('999'); } } $so->context->smarty->assign('error_list', $errors_list); $display->run(); function saveOrderShippingDetails($idCart, $idCustomer, $soParams, $so_object) {
public function postProcess() { if (Tools::isSubmit('submitMessage')) { $idOrder = (int) Tools::getValue('id_order'); $msgText = Tools::getValue('msgText'); if (!$idOrder || !Validate::isUnsignedId($idOrder)) { $this->errors[] = Tools::displayError('The order is no longer valid.'); } elseif (empty($msgText)) { $this->errors[] = Tools::displayError('The message cannot be blank.'); } elseif (!Validate::isMessage($msgText)) { $this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).'); } if (!count($this->errors)) { $order = new Order($idOrder); if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) { //check if a thread already exist $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id); $id_product = (int) Tools::getValue('id_product'); $cm = new CustomerMessage(); if (!$id_customer_thread) { $ct = new CustomerThread(); $ct->id_contact = 0; $ct->id_customer = (int) $order->id_customer; $ct->id_shop = (int) $this->context->shop->id; if ($id_product && $order->orderContainProduct((int) $id_product)) { $ct->id_product = $id_product; } $ct->id_order = (int) $order->id; $ct->id_lang = (int) $this->context->language->id; $ct->email = $this->context->customer->email; $ct->status = 'open'; $ct->token = Tools::passwdGen(12); $ct->add(); } else { $ct = new CustomerThread((int) $id_customer_thread); } $cm->id_customer_thread = $ct->id; if ($id_product && $order->orderContainProduct((int) $id_product)) { $cm->id_product = $id_product; } $cm->message = $msgText; $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']); $cm->add(); if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) { $to = strval(Configuration::get('PS_SHOP_EMAIL')); } else { $to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE')); $to = strval($to->email); } $toName = strval(Configuration::get('PS_SHOP_NAME')); $customer = $this->context->customer; $product = new Product($id_product); $product_name = ''; if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) { $product_name = $product->name[(int) $this->context->language->id]; } if (Validate::isLoadedObject($customer)) { Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText), '{product_name}' => $product_name), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname); } if (Tools::getValue('ajax') != 'true') { Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder); } $this->context->smarty->assign('message_confirmation', true); } else { $this->errors[] = Tools::displayError('Order not found'); } } } if (Tools::isSubmit('markAsReceived')) { $idOrder = (int) Tools::getValue('id_order'); $order = new Order($idOrder); if (Validate::isLoadedObject($order)) { if ($order->getCurrentState() == 15) { $new_history = new OrderHistory(); $new_history->id_order = (int) $order->id; $new_history->changeIdOrderState(3, $order); // 16: Ready for Production //var_dump($order,$new_history); $myfile = fopen(PS_PRODUCT_IMG_PATH . "/orders/" . $order->reference . ".txt", "w") or die("Unable to open file!"); $txt = "Order Confirmed\n Order Reference: " . $order->reference; fwrite($myfile, $txt); fclose($myfile); $new_history->addWithemail(true); } $this->context->smarty->assign('receipt_confirmation', true); } else { $this->_errors[] = Tools::displayError('Error: Invalid order number'); } } }
<?php $useSSL = true; include dirname(__FILE__) . '/config/config.inc.php'; include dirname(__FILE__) . '/header.php'; $errors = array(); $smarty->assign('contacts', Contact::getContacts(intval($cookie->id_lang))); if (Tools::isSubmit('submitMessage')) { $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); if (!($from = Tools::getValue('from')) or !Validate::isEmail($from)) { $errors[] = Tools::displayError('invalid e-mail address'); } elseif (!($message = nl2br2($message))) { $errors[] = Tools::displayError('message cannot be blank'); } elseif (!Validate::isMessage($message)) { $errors[] = Tools::displayError('invalid message'); } elseif (!($id_contact = intval(Tools::getValue('id_contact'))) or !Validate::isLoadedObject($contact = new Contact(intval($id_contact), intval($cookie->id_lang)))) { $errors[] = Tools::displayError('please select a contact in the list'); } else { if (intval($cookie->id_customer)) { $customer = new Customer(intval($cookie->id_customer)); } if (Mail::Send(intval($cookie->id_lang), 'contact', 'Message from contact form', array('{email}' => $from, '{message}' => stripslashes($message)), $contact->email, $contact->name, $from, intval($cookie->id_customer) ? $customer->firstname . ' ' . $customer->lastname : $from)) { $smarty->assign('confirmation', 1); } else { $errors[] = Tools::displayError('an error occurred while sending message'); } } } $email = Tools::safeOutput(Tools::getValue('from', (isset($cookie) and isset($cookie->email) and Validate::isEmail($cookie->email)) ? $cookie->email : '')); $smarty->assign(array('errors' => $errors, 'email' => $email)); $smarty->display(_PS_THEME_DIR_ . 'contact-form.tpl');
public function preProcess() { parent::preProcess(); if (Tools::isSubmit('submitMessage')) { $idOrder = (int) Tools::getValue('id_order'); $msgText = htmlentities(Tools::getValue('msgText'), ENT_COMPAT, 'UTF-8'); if (!$idOrder or !Validate::isUnsignedId($idOrder)) { $this->errors[] = Tools::displayError('Order is no longer valid'); } elseif (empty($msgText)) { $this->errors[] = Tools::displayError('Message cannot be blank'); } elseif (!Validate::isMessage($msgText)) { $this->errors[] = Tools::displayError('Message is invalid (HTML is not allowed)'); } if (!sizeof($this->errors)) { $order = new Order((int) $idOrder); if (Validate::isLoadedObject($order) and $order->id_customer == self::$cookie->id_customer) { $message = new Message(); $message->id_customer = (int) self::$cookie->id_customer; $message->message = $msgText; $message->id_order = (int) $idOrder; $message->private = false; $message->add(); if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) { $to = strval(Configuration::get('PS_SHOP_EMAIL')); } else { $to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE')); $to = strval($to->email); } $toName = strval(Configuration::get('PS_SHOP_NAME')); $customer = new Customer((int) self::$cookie->id_customer); if (Validate::isLoadedObject($customer)) { Mail::Send((int) self::$cookie->id_lang, 'order_customer_comment', Mail::l('Message from a customer', (int) self::$cookie->id_lang), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $message->id_order, '{order_name}' => sprintf("#%06d", (int) $message->id_order), '{message}' => $message->message), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname); } if (Tools::getValue('ajax') != 'true') { Tools::redirect('order-detail.php?id_order=' . (int) $idOrder); } } else { $this->errors[] = Tools::displayError('Order not found'); } } } if (!($id_order = (int) Tools::getValue('id_order')) or !Validate::isUnsignedId($id_order)) { $this->errors[] = Tools::displayError('Order ID required'); } else { $order = new Order($id_order); if (Validate::isLoadedObject($order) and $order->id_customer == self::$cookie->id_customer) { $id_order_state = (int) $order->getCurrentState(); $carrier = new Carrier((int) $order->id_carrier, (int) $order->id_lang); $addressInvoice = new Address((int) $order->id_address_invoice); $addressDelivery = new Address((int) $order->id_address_delivery); // $stateInvoiceAddress = new State((int)$addressInvoice->id_state); $inv_adr_fields = AddressFormat::getOrderedAddressFields($addressInvoice->id_country); $dlv_adr_fields = AddressFormat::getOrderedAddressFields($addressDelivery->id_country); $invoiceAddressFormatedValues = AddressFormat::getFormattedAddressFieldsValues($addressInvoice, $inv_adr_fields); $deliveryAddressFormatedValues = AddressFormat::getFormattedAddressFieldsValues($addressDelivery, $dlv_adr_fields); if ($order->total_discounts > 0) { self::$smarty->assign('total_old', (double) ($order->total_paid - $order->total_discounts)); } $products = $order->getProducts(); $customizedDatas = Product::getAllCustomizedDatas((int) $order->id_cart); Product::addCustomizationPrice($products, $customizedDatas); $customer = new Customer($order->id_customer); self::$smarty->assign(array('shop_name' => strval(Configuration::get('PS_SHOP_NAME')), 'order' => $order, 'return_allowed' => (int) $order->isReturnable(), 'currency' => new Currency($order->id_currency), 'order_state' => (int) $id_order_state, 'invoiceAllowed' => (int) Configuration::get('PS_INVOICE'), 'invoice' => OrderState::invoiceAvailable((int) $id_order_state) and $order->invoice_number, 'order_history' => $order->getHistory((int) self::$cookie->id_lang, false, true), 'products' => $products, 'discounts' => $order->getDiscounts(), 'carrier' => $carrier, 'address_invoice' => $addressInvoice, 'invoiceState' => (Validate::isLoadedObject($addressInvoice) and $addressInvoice->id_state) ? new State((int) $addressInvoice->id_state) : false, 'address_delivery' => $addressDelivery, 'inv_adr_fields' => $inv_adr_fields, 'dlv_adr_fields' => $dlv_adr_fields, 'invoiceAddressFormatedValues' => $invoiceAddressFormatedValues, 'deliveryAddressFormatedValues' => $deliveryAddressFormatedValues, 'deliveryState' => (Validate::isLoadedObject($addressDelivery) and $addressDelivery->id_state) ? new State((int) $addressDelivery->id_state) : false, 'is_guest' => false, 'messages' => Message::getMessagesByOrderId((int) $order->id), 'CUSTOMIZE_FILE' => _CUSTOMIZE_FILE_, 'CUSTOMIZE_TEXTFIELD' => _CUSTOMIZE_TEXTFIELD_, 'isRecyclable' => Configuration::get('PS_RECYCLABLE_PACK'), 'use_tax' => Configuration::get('PS_TAX'), 'group_use_tax' => Group::getPriceDisplayMethod($customer->id_default_group) == PS_TAX_INC, 'customizedDatas' => $customizedDatas)); if ($carrier->url and $order->shipping_number) { self::$smarty->assign('followup', str_replace('@', $order->shipping_number, $carrier->url)); } self::$smarty->assign('HOOK_ORDERDETAILDISPLAYED', Module::hookExec('orderDetailDisplayed', array('order' => $order))); Module::hookExec('OrderDetail', array('carrier' => $carrier, 'order' => $order)); unset($carrier); unset($addressInvoice); unset($addressDelivery); } else { $this->errors[] = Tools::displayError('Cannot find this order'); } unset($order); } }
$useSSL = true; include dirname(__FILE__) . '/config/config.inc.php'; require_once dirname(__FILE__) . '/init.php'; include_once dirname(__FILE__) . '/classes/Product.php'; if (!$cookie->isLogged()) { Tools::redirect('authentication.php?back=history.php'); } $errors = array(); if (Tools::isSubmit('submitMessage')) { $idOrder = intval(Tools::getValue('id_order')); $msgText = htmlentities(Tools::getValue('msgText'), ENT_COMPAT, 'UTF-8'); if (!$idOrder or !Validate::isUnsignedId($idOrder)) { $errors[] = Tools::displayError('order is no longer valid'); } elseif (empty($msgText)) { $errors[] = Tools::displayError('message cannot be blank'); } elseif (!Validate::isMessage($msgText)) { $errors[] = Tools::displayError('message is not valid (HTML is not allowed)'); } if (!sizeof($errors)) { $order = new Order(intval($idOrder)); if (Validate::isLoadedObject($order) and $order->id_customer == $cookie->id_customer) { $message = new Message(); $message->id_customer = intval($cookie->id_customer); $message->message = $msgText; $message->id_order = intval($idOrder); $message->private = false; $message->add(); if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) { $to = strval(Configuration::get('PS_SHOP_EMAIL')); } else { $to = new Contact(intval(Configuration::get('PS_MAIL_EMAIL_MESSAGE')));
protected function ajaxProcessAddComment() { $module_instance = new ProductComments(); $result = true; $id_guest = 0; $id_customer = $this->context->customer->id; if (!$id_customer) { $id_guest = $this->context->cookie->id_guest; } $errors = array(); // Validation if (!Validate::isInt(Tools::getValue('id_product'))) { $errors[] = $module_instance->l('ID product is incorrect', 'default'); } if (!Tools::getValue('title') || !Validate::isGenericName(Tools::getValue('title'))) { $errors[] = $module_instance->l('Title is incorrect', 'default'); } if (!Tools::getValue('content') || !Validate::isMessage(Tools::getValue('content'))) { $errors[] = $module_instance->l('Comment is incorrect', 'default'); } if (!$id_customer && (!Tools::isSubmit('customer_name') || !Tools::getValue('customer_name') || !Validate::isGenericName(Tools::getValue('customer_name')))) { $errors[] = $module_instance->l('Customer name is incorrect', 'default'); } if (!$this->context->customer->id && !Configuration::get('PRODUCT_COMMENTS_ALLOW_GUESTS')) { $errors[] = $module_instance->l('You must be logged in order to send a comment', 'default'); } if (!count(Tools::getValue('criterion'))) { $errors[] = $module_instance->l('You must give a rating', 'default'); } $product = new Product(Tools::getValue('id_product')); if (!$product->id) { $errors[] = $module_instance->l('Product not found', 'default'); } if (!count($errors)) { $customer_comment = ProductComment::getByCustomer(Tools::getValue('id_product'), $id_customer, true, $id_guest); if (!$customer_comment || $customer_comment && strtotime($customer_comment['date_add']) + (int) Configuration::get('PRODUCT_COMMENTS_MINIMAL_TIME') < time()) { $comment = new ProductComment(); $comment->content = strip_tags(Tools::getValue('content')); $comment->id_product = (int) Tools::getValue('id_product'); $comment->id_customer = (int) $id_customer; $comment->id_guest = $id_guest; $comment->customer_name = Tools::getValue('customer_name'); if (!$comment->customer_name) { $comment->customer_name = pSQL($this->context->customer->firstname . ' ' . $this->context->customer->lastname); } $comment->title = Tools::getValue('title'); $comment->grade = 0; $comment->validate = 0; $comment->save(); $grade_sum = 0; foreach (Tools::getValue('criterion') as $id_product_comment_criterion => $grade) { $grade_sum += $grade; $product_comment_criterion = new ProductCommentCriterion($id_product_comment_criterion); if ($product_comment_criterion->id) { $product_comment_criterion->addGrade($comment->id, $grade); } } if (count(Tools::getValue('criterion')) >= 1) { $comment->grade = $grade_sum / count(Tools::getValue('criterion')); // Update Grade average of comment $comment->save(); } $result = true; } else { $result = false; $errors[] = $module_instance->l('You should wait') . ' ' . Configuration::get('PRODUCT_COMMENTS_MINIMAL_TIME') . ' ' . $module_instance->l('seconds before posting a new comment'); } } else { $result = false; } die(Tools::jsonEncode(array('result' => $result, 'errors' => $errors))); }
protected function textRecord() { if (!($field_ids = $this->product->getCustomizationFieldIds())) { return false; } $authorized_text_fields = array(); foreach ($field_ids as $field_id) { if ($field_id['type'] == Product::CUSTOMIZE_TEXTFIELD) { $authorized_text_fields[(int) $field_id['id_customization_field']] = 'textField' . (int) $field_id['id_customization_field']; } } $indexes = array_flip($authorized_text_fields); foreach ($_POST as $field_name => $value) { if (in_array($field_name, $authorized_text_fields) && !empty($value)) { if (!Validate::isMessage($value)) { $this->errors[] = Tools::displayError('Invalid message'); } else { $this->context->cart->addTextFieldToProduct($this->product->id, $indexes[$field_name], Product::CUSTOMIZE_TEXTFIELD, $value); } } else { if (in_array($field_name, $authorized_text_fields) && empty($value)) { $this->context->cart->deleteCustomizationToProduct((int) $this->product->id, $indexes[$field_name]); } } } }
} if (empty($errors_list)) { if ($so->isCorrectSignKey($return['SIGNATURE'], $return) && $so->context->cart->id && saveOrderShippingDetails($so->context->cart->id, (int) $return['TRCLIENTNUMBER'], $return, $so)) { $trparamplus = explode('|', $return['TRPARAMPLUS']); if (count($trparamplus) > 1) { $so->context->cart->id_carrier = (int) $trparamplus[0]; if ($trparamplus[1] == 'checked' || $trparamplus[1] == 1) { /* value can be "undefined" or "not checked" */ $so->context->cart->gift = 1; } else { $so->context->cart->gift = 0; } } elseif (count($trparamplus) == 1) { $so->context->cart->id_carrier = (int) $trparamplus[0]; } if ((int) $so->context->cart->gift && Validate::isMessage($trparamplus[2])) { $so->context->cart->gift_message = strip_tags($trparamplus[2]); } if (!$so->context->cart->update()) { $errors_list[] = $so->l('Cart cannot be updated. Please try again your selection'); } else { Tools::redirect($redirect . 'step=3&cgv=1&id_carrier=' . $so->context->cart->id_carrier); } } else { $errors_list[] = $so->getError('999'); } } $so->context->smarty->assign('error_list', $errors_list); $display->run(); function saveOrderShippingDetails($id_cart, $id_customer, $so_params, $so_object) {
public function displayPost() { $id_lang = $this->context->language->id; $id_shop = $this->context->shop->id; if (is_null($this->id_post) || !is_numeric($this->id_post)) { return $this->displayList(); } $post = new BlogPost($this->id_post); if ($post->status == 'published' && $post->isAssociatedToShop($id_shop)) { //comment submit if (Tools::isSubmit('submitMessage') && $this->conf['comment_active'] && $post->allow_comments) { $comment = new BlogComment(); try { $message = trim(strip_tags(Tools::getValue('blog_comment'))); $comment->id_blog_post = $this->id_post; $comment->customer_name = pSQL(Tools::getValue('customer_name')); if ($message == '' || strlen($comment->customer_name) < (int) $this->conf['comment_name_min_length']) { throw new Exception('error_input'); } if (!Validate::isMessage($message) || !Validate::isGenericName($comment->customer_name)) { throw new Exception('error_input_invalid'); } $comment->content = $message; $id_customer = (int) $this->context->customer->id; $id_guest = (int) $this->context->cookie->id_guest; if (!$this->conf['comment_guest'] && empty($id_customer)) { throw new Exception('error_guest'); } //get last comment from customer $customerComment = BlogComment::getByCustomer($this->id_post, $id_customer, true, $id_guest); $comment->id_customer = $id_customer; $comment->id_guest = $id_guest; $comment->id_lang = $id_lang; $comment->id_shop = $id_shop; if ($customerComment['content'] == $comment->content) { throw new Exception('error_already'); } if ($customerComment && strtotime($customerComment['date_add']) + (int) $this->conf['comment_min_time'] > time()) { throw new Exception('error_delay'); } $comment->active = $this->conf['comment_moderate'] ? 0 : 1; $comment->save(); $this->context->smarty->assign('psblog_confirmation', true); } catch (Exception $e) { $comment->content = Tools::getValue('blog_comment'); $comment->customer_name = Tools::getValue('customer_name'); $this->context->smarty->assign('psblog_error', $e->getMessage()); $this->context->smarty->assign('comment', $comment); } } /* * * view article ** */ $images = $post->getImages(false); $categories = $post->listCategories(true); $products = $post->getProducts(true); $related = $post->listRelated(true, true); if (is_array($related) && count($related) > 0) { $i = 0; foreach ($related as $val) { $related[$i]['link'] = BlogPost::linkPost($val['id_blog_post'], $val['link_rewrite'], $val['id_lang']); $i++; } } if (is_array($products) && count($products) > 0) { $i = 0; foreach ($products as $p) { $product = new Product($p['id_product'], false, $id_lang); $products[$i]['link'] = $this->context->link->getProductLink($product); $products[$i]['imageLink'] = $this->context->link->getImageLink($p['link_rewrite'], $p['id_product'] . '-' . $p['id_image'], $this->conf['product_img_format']); $i++; } } /* SEO metas */ $curr_meta_title = $this->context->smarty->getTemplateVars('meta_title'); $this->context->smarty->assign(array('meta_title' => $curr_meta_title . ' - ' . $post->title, 'meta_description' => $post->meta_description, 'meta_keywords' => $post->meta_keywords)); if ($this->conf['view_display_popin'] == 1) { $this->addjqueryPlugin('fancybox'); $this->addJS($this->module->getPathUri() . 'js/popin.js'); } if ($categories) { $i = 0; foreach ($categories as $cat) { $categories[$i]['link'] = BlogCategory::linkCategory($cat['id_blog_category'], $cat['link_rewrite'], $cat['id_lang']); $i++; } } $comments = $post->getComments(); $this->context->smarty->assign(array('post_images' => $images, 'post_products' => $products, 'post_related' => $related, 'post_categories' => $categories, 'post_comments' => $comments)); } else { $post->status = 'suspended'; } $this->context->smarty->assign('post', $post); $this->setTemplate('view.tpl'); }
public function ajaxProcessUpdateOrderMessage() { if ($this->tabAccess['edit'] === '1') { $id_message = false; if ($old_message = Message::getMessageByCartId((int) $this->context->cart->id)) { $id_message = $old_message['id_message']; } $message = new Message((int) $id_message); if ($message_content = Tools::getValue('message')) { if (Validate::isMessage($message_content)) { $message->message = $message_content; $message->id_cart = (int) $this->context->cart->id; $message->id_customer = (int) $this->context->cart->id_customer; $message->save(); } } else { if (Validate::isLoadedObject($message)) { $message->delete(); } } echo Tools::jsonEncode($this->ajaxReturnVars()); } }
protected function _updateMessage($message_content) { if ($message_content) { if (!Validate::isMessage($message_content)) { $this->errors[] = Tools::displayError('Invalid message'); } else { if ($old_message = Message::getMessageByCartId((int) $this->context->cart->id)) { $message = new Message((int) $old_message['id_message']); $message->message = $message_content; $message->update(); } else { $message = new Message(); $message->message = $message_content; $message->id_cart = (int) $this->context->cart->id; $message->id_customer = (int) $this->context->cart->id_customer; $message->add(); } } } else { if ($old_message = Message::getMessageByCartId($this->context->cart->id)) { $message = new Message($old_message['id_message']); $message->delete(); } } return true; }
/** * Get ID wishlist by Token * * @return array Results */ public static function getByToken($token) { if (!Validate::isMessage($token)) { die(Tools::displayError()); } return Db::getInstance(_PS_USE_SQL_SLAVE_)->getRow(' SELECT w.`id_wishlist`, w.`name`, w.`id_customer`, c.`firstname`, c.`lastname` FROM `' . _DB_PREFIX_ . 'wishlist` w INNER JOIN `' . _DB_PREFIX_ . 'customer` c ON c.`id_customer` = w.`id_customer` WHERE `token` = \'' . pSQL($token) . '\''); }
public function preProcess() { parent::preProcess(); if (self::$cookie->isLogged()) { self::$smarty->assign('isLogged', 1); $customer = new Customer((int) self::$cookie->id_customer); if (!Validate::isLoadedObject($customer)) { die(Tools::displayError('Customer not found')); } $products = array(); $orders = array(); $getOrders = Db::getInstance()->ExecuteS(' SELECT id_order FROM ' . _DB_PREFIX_ . 'orders WHERE id_customer = ' . (int) $customer->id . ' ORDER BY date_add'); foreach ($getOrders as $row) { $order = new Order($row['id_order']); $date = explode(' ', $order->date_add); $orders[$row['id_order']] = Tools::displayDate($date[0], self::$cookie->id_lang); $tmp = $order->getProducts(); foreach ($tmp as $key => $val) { $products[$val['product_id']] = $val['product_name']; } } $orderList = ''; foreach ($orders as $key => $val) { $orderList .= '<option value="' . $key . '" ' . ((int) Tools::getValue('id_order') == $key ? 'selected' : '') . ' >' . $key . ' -- ' . $val . '</option>'; } $orderedProductList = ''; foreach ($products as $key => $val) { $orderedProductList .= '<option value="' . $key . '" ' . ((int) Tools::getValue('id_product') == $key ? 'selected' : '') . ' >' . $val . '</option>'; } self::$smarty->assign('orderList', $orderList); self::$smarty->assign('orderedProductList', $orderedProductList); } if (Tools::isSubmit('submitMessage')) { $fileAttachment = NULL; if (isset($_FILES['fileUpload']['name']) and !empty($_FILES['fileUpload']['name']) and !empty($_FILES['fileUpload']['tmp_name'])) { $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg'); $filename = uniqid() . substr($_FILES['fileUpload']['name'], -5); $fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']); $fileAttachment['name'] = $_FILES['fileUpload']['name']; $fileAttachment['mime'] = $_FILES['fileUpload']['type']; } $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); if (!($from = trim(Tools::getValue('from'))) or !Validate::isEmail($from)) { $this->errors[] = Tools::displayError('Invalid e-mail address'); } elseif (!($message = nl2br2($message))) { $this->errors[] = Tools::displayError('Message cannot be blank'); } elseif (!Validate::isMessage($message)) { $this->errors[] = Tools::displayError('Invalid message'); } elseif (!($id_contact = (int) Tools::getValue('id_contact')) or !Validate::isLoadedObject($contact = new Contact((int) $id_contact, (int) self::$cookie->id_lang))) { $this->errors[] = Tools::displayError('Please select a subject on the list.'); } elseif (!empty($_FILES['fileUpload']['name']) and $_FILES['fileUpload']['error'] != 0) { $this->errors[] = Tools::displayError('An error occurred during the file upload'); } elseif (!empty($_FILES['fileUpload']['name']) and !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) and !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) { $this->errors[] = Tools::displayError('Bad file extension'); } else { if ((int) self::$cookie->id_customer) { $customer = new Customer((int) self::$cookie->id_customer); } else { $customer = new Customer(); $customer->getByEmail($from); } $contact = new Contact($id_contact, self::$cookie->id_lang); if (!($id_customer_thread = (int) Tools::getValue('id_customer_thread') and (int) Db::getInstance()->getValue(' SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') or $id_customer_thread = (int) Db::getInstance()->getValue(' SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm WHERE cm.email = \'' . pSQL($from) . '\' AND cm.id_order = ' . (int) Tools::getValue('id_order') . ''))) { $fields = Db::getInstance()->ExecuteS(' SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email FROM ' . _DB_PREFIX_ . 'customer_thread cm WHERE email = \'' . pSQL($from) . '\' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . ' id_order = ' . (int) Tools::getValue('id_order') . ')'); $score = 0; foreach ($fields as $key => $row) { $tmp = 0; if ((int) $row['id_customer'] and $row['id_customer'] != $customer->id and $row['email'] != $from) { continue; } if ($row['id_order'] != 0 and Tools::getValue('id_order') != $row['id_order']) { continue; } if ($row['email'] == $from) { $tmp += 4; } if ($row['id_contact'] == $id_contact) { $tmp++; } if (Tools::getValue('id_product') != 0 and $row['id_product'] == Tools::getValue('id_product')) { $tmp += 2; } if ($tmp >= 5 and $tmp >= $score) { $score = $tmp; $id_customer_thread = $row['id_customer_thread']; } } } $old_message = Db::getInstance()->getValue(' SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' ORDER BY date_add DESC'); if ($old_message == htmlentities($message, ENT_COMPAT, 'UTF-8')) { self::$smarty->assign('alreadySent', 1); $contact->email = ''; $contact->customer_service = 0; } if (!empty($contact->email)) { if (Mail::Send((int) self::$cookie->id_lang, 'contact', Mail::l('Message from contact form'), array('{email}' => $from, '{message}' => stripslashes($message)), $contact->email, $contact->name, $from, (int) self::$cookie->id_customer ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) and Mail::Send((int) self::$cookie->id_lang, 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from)) { self::$smarty->assign('confirmation', 1); } else { $this->errors[] = Tools::displayError('An error occurred while sending message.'); } } if ($contact->customer_service) { if ((int) $id_customer_thread) { $ct = new CustomerThread($id_customer_thread); $ct->status = 'open'; $ct->id_lang = (int) self::$cookie->id_lang; $ct->id_contact = (int) $id_contact; if ($id_order = (int) Tools::getValue('id_order')) { $ct->id_order = $id_order; } if ($id_product = (int) Tools::getValue('id_product')) { $ct->id_product = $id_product; } $ct->update(); } else { $ct = new CustomerThread(); if (isset($customer->id)) { $ct->id_customer = (int) $customer->id; } if ($id_order = (int) Tools::getValue('id_order')) { $ct->id_order = $id_order; } if ($id_product = (int) Tools::getValue('id_product')) { $ct->id_product = $id_product; } $ct->id_contact = (int) $id_contact; $ct->id_lang = (int) self::$cookie->id_lang; $ct->email = $from; $ct->status = 'open'; $ct->token = Tools::passwdGen(12); $ct->add(); } if ($ct->id) { $cm = new CustomerMessage(); $cm->id_customer_thread = $ct->id; $cm->message = htmlentities($message, ENT_COMPAT, 'UTF-8'); if (isset($filename) and rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_ . '../upload/' . $filename)) { $cm->file_name = $filename; } $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']); $cm->user_agent = $_SERVER['HTTP_USER_AGENT']; if ($cm->add()) { if (empty($contact->email)) { Mail::Send((int) self::$cookie->id_lang, 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from); } self::$smarty->assign('confirmation', 1); } else { $this->errors[] = Tools::displayError('An error occurred while sending message.'); } } else { $this->errors[] = Tools::displayError('An error occurred while sending message.'); } } if (count($this->errors) > 1) { array_unique($this->errors); } } } }