if (!$cart_itemcount or PEAR::isError($cart_itemcount)) { header("Location: cart.php"); trigger_error("Attempt to checkout with an empty cart.", E_USER_ERROR); exit; } $fex = new formex(); /* enter user shipping addr, and possibly new Anonymous user account */ if ($ACTION == OP_ADD_SHIP) { $pdb->autoCommit(false); // begin trans, because we have potential two stages here that each can fail validation /* they would like to proceed without choosing a password and such. Create an "anonymous" user object stub and log them in automatically */ if (CSHOP_ALLOW_ANON_ACCOUNT and $auth->has_bypass_flag()) { $user = cmClassFactory::getInstanceOf(CSHOP_CLASSES_USER, $pdb); $fex_anon_user = new formex(); $fex_anon_user->add_element($user->get_anon_colmap()); if (!($errs = $fex_anon_user->validate($_POST))) { $vals = $fex_anon_user->get_submitted_vals($_POST); $res = $user->create_anon_user('', $vals); if (PEAR::isError($res)) { trigger_error($res->getCode(), E_USER_ERROR); } $auth->force_preauth($user->get_id()); // magically logs them in with the new uid } } // save the comments on billing/shipping eitheway, its shared if (!empty($_POST['f_user_comments'])) { $cart->set_user_comment($_POST['f_user_comments']); } if (empty($errs) && !$cart->requires_shipping()) { $pdb->commit();
// profile update only $colmap = $user->get_colmap(); if (isset($colmap['username'])) { unset($colmap['username']); } //cant change it } elseif ($ACTION == OP_EDIT_ADDR) { // change an address $req_id = $_POST['f_addr_id']; $colmap = $user->addr->get_colmap(); } else { $colmap = $user->get_colmap(); } if (!empty($colmap)) { $fex->add_element($colmap); $errs = $fex->validate($_POST); // handled below } /* checking the password validity */ if ($ACTION == OP_NEW_USER or !empty($_POST['f_password'])) { if ($_POST['f_password'] != $_POST['f_password2']) { $errs[] = 'The two passwords you entered did not match. Please make sure there is the same value in both password fields'; } elseif (strlen($_POST['f_password']) < 6) { $errs[] = 'Your password must be 6 or more characters long'; } elseif (isset($_POST['f_username']) && $_POST['f_password'] == $_POST['f_username']) { $errs[] = 'Your password cannot be the same as your username'; } } if (!count($errs)) { $pdb->autoCommit(false);
} $order->store_history("{$msg} \"{$item['product_descrip']}\" activated, amount {$item['price']}. {$card_list}", false); $already_activated_cards = empty($item['item_options']['gc_activated']) ? 0 : $item['item_options']['gc_activated']['value']; $order->store_item_options($oi, array("gc_activated" => array('descr' => '', 'value' => $success_count + $already_activated_cards))); } } } $ACTION = OP_VIEW; } elseif ($ACTION == OP_UPDATE) { $msg = ''; $order->set_id_by_token($itemid); $vals = array(); $fex = new formex(); $fex->field_prefix = ''; $fex->add_element($order->colmap); if (!($errs = $fex->validate($_POST))) { // handled below $vals = $fex->get_submitted_vals($_POST); $status = null; if (isset($vals['orders_status'])) { $status = $vals['orders_status']; unset($vals['orders_status']); } if ($vals) { $res = $order->store($vals); if (PEAR::isError($res) and $res->getCode() != DBCON_ZERO_EFFECT) { $errs[] = $res->getMessage(); } } if (empty($errs)) { if ($status) {