function getCurrentStatus() { global $toC_Json, $osC_Database, $osC_Language; $osC_Order = new osC_Order($_REQUEST['orders_id']); $status_id = intval($osC_Order->getStatusID()); $response = array(); $response = array('status_id' => $status_id); echo $toC_Json->encode($response); }
function insert($order_status = DEFAULT_ORDERS_STATUS_ID) { global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $toC_Wishlist; if (isset($_SESSION['prepOrderID'])) { $_prep = explode('-', $_SESSION['prepOrderID']); if ($_prep[0] == $osC_ShoppingCart->getCartID()) { return $_prep[1]; // order_id } else { if (osC_Order::getStatusID($_prep[1]) === ORDERS_STATUS_PREPARING) { osC_Order::remove($_prep[1]); } } } if (!class_exists(osC_Account)) { require_once 'includes/classes/account.php'; } if (!$osC_Customer->isLoggedOn()) { osC_Order::createCustomer(); } else { //insert billing address $billing_address = $osC_ShoppingCart->getBillingAddress(); if (isset($billing_address['id']) && $billing_address['id'] == '-1') { osC_Account::createNewAddress($osC_Customer->getID(), $billing_address); } //insert shipping address if (!isset($billing_address['ship_to_this_address']) || isset($billing_address['ship_to_this_address']) && empty($billing_address['ship_to_this_address'])) { $shipping_address = $osC_ShoppingCart->getShippingAddress(); if (isset($shipping_address['id']) && $shipping_address['id'] == '-1') { osC_Account::createNewAddress($osC_Customer->getID(), $shipping_address); } } } $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_comment, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_zone_id, delivery_state_code, delivery_country_id, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, delivery_telephone, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_zone_id, billing_state_code, billing_country_id, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, billing_telephone, payment_method, payment_module, uses_store_credit, store_credit_amount, date_purchased, orders_status, currency, currency_value, gift_wrapping, wrapping_message) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_comment, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_zone_id, :delivery_state_code, :delivery_country_id, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :delivery_telephone, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_zone_id, :billing_state_code, :billing_country_id, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :billing_telephone, :payment_method, :payment_module, :uses_store_credit, :store_credit_amount, now(), :orders_status, :currency, :currency_value, :gift_wrapping, :wrapping_message)'); $Qorder->bindTable(':table_orders', TABLE_ORDERS); $Qorder->bindInt(':customers_id', $osC_Customer->getID()); $Qorder->bindValue(':customers_name', $osC_Customer->getName()); $Qorder->bindValue(':customers_company', ''); $Qorder->bindValue(':customers_street_address', ''); $Qorder->bindValue(':customers_suburb', ''); $Qorder->bindValue(':customers_city', ''); $Qorder->bindValue(':customers_postcode', ''); $Qorder->bindValue(':customers_state', ''); $Qorder->bindValue(':customers_state_code', ''); $Qorder->bindValue(':customers_country', ''); $Qorder->bindValue(':customers_country_iso2', ''); $Qorder->bindValue(':customers_country_iso3', ''); $Qorder->bindValue(':customers_telephone', ''); $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress()); $Qorder->bindValue(':customers_comment', $_SESSION['comments']); $Qorder->bindValue(':customers_address_format', ''); $Qorder->bindValue(':customers_ip_address', osc_get_ip_address()); $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname')); $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company')); $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address')); $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb')); $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city')); $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode')); $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state')); $Qorder->bindValue(':delivery_zone_id', $osC_ShoppingCart->getShippingAddress('zone_id')); $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code')); $Qorder->bindValue(':delivery_country_id', $osC_ShoppingCart->getShippingAddress('country_id')); $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title')); $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2')); $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3')); $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format')); $Qorder->bindValue(':delivery_telephone', $osC_ShoppingCart->getShippingAddress('telephone_number')); $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname')); $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company')); $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address')); $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb')); $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city')); $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode')); $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state')); $Qorder->bindValue(':billing_zone_id', $osC_ShoppingCart->getBillingAddress('zone_id')); $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code')); $Qorder->bindValue(':billing_country_id', $osC_ShoppingCart->getBillingAddress('country_id')); $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title')); $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2')); $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3')); $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format')); $Qorder->bindValue(':billing_telephone', $osC_ShoppingCart->getBillingAddress('telephone_number')); $Qorder->bindValue(':payment_method', implode(',', $osC_ShoppingCart->getCartBillingMethods())); $Qorder->bindValue(':payment_module', implode(',', $osC_ShoppingCart->getCartBillingModules())); $Qorder->bindInt(':uses_store_credit', $osC_ShoppingCart->isUseStoreCredit()); $Qorder->bindValue(':store_credit_amount', $osC_ShoppingCart->isUseStoreCredit() ? $osC_ShoppingCart->getStoreCredit() : '0'); $Qorder->bindInt(':orders_status', $order_status); $Qorder->bindValue(':currency', $osC_Currencies->getCode()); $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode())); $Qorder->bindInt(':gift_wrapping', $osC_ShoppingCart->isGiftWrapping() ? '1' : '0'); $Qorder->bindValue(':wrapping_message', isset($_SESSION['gift_wrapping_comments']) ? $_SESSION['gift_wrapping_comments'] : ''); $Qorder->execute(); $insert_id = $osC_Database->nextID(); foreach ($osC_ShoppingCart->getOrderTotals() as $module) { $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)'); $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL); $Qtotals->bindInt(':orders_id', $insert_id); $Qtotals->bindValue(':title', $module['title']); $Qtotals->bindValue(':text', $module['text']); $Qtotals->bindValue(':value', $module['value']); $Qtotals->bindValue(':class', $module['code']); $Qtotals->bindInt(':sort_order', $module['sort_order']); $Qtotals->execute(); } $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)'); $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY); $Qstatus->bindInt(':orders_id', $insert_id); $Qstatus->bindInt(':orders_status_id', $order_status); $Qstatus->bindInt(':customer_notified', '0'); $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : ''); $Qstatus->execute(); foreach ($osC_ShoppingCart->getProducts() as $products) { $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_type, products_sku, products_name, products_price, final_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_type, :products_sku, :products_name, :products_price, :final_price, :products_tax, :products_quantity)'); $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS); $Qproducts->bindInt(':orders_id', $insert_id); $Qproducts->bindInt(':products_id', osc_get_product_id($products['id'])); $Qproducts->bindValue(':products_type', $products['type']); $Qproducts->bindValue(':products_sku', $products['sku']); $Qproducts->bindValue(':products_name', $products['name']); $Qproducts->bindValue(':products_price', $products['price']); $Qproducts->bindValue(':final_price', $products['final_price']); $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'], $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id'))); $Qproducts->bindInt(':products_quantity', $products['quantity']); $Qproducts->execute(); $order_products_id = $osC_Database->nextID(); if (!empty($products['customizations'])) { foreach ($products['customizations'] as $customization) { $Qcustomization = $osC_Database->query('insert into :table_orders_products_customizations (orders_id, orders_products_id, quantity) values (:orders_id, :orders_products_id, :quantity)'); $Qcustomization->bindTable(':table_orders_products_customizations', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS); $Qcustomization->bindInt(':orders_id', $insert_id); $Qcustomization->bindInt(':orders_products_id', $order_products_id); $Qcustomization->bindInt(':quantity', $customization['qty']); $Qcustomization->execute(); $orders_products_customizations_id = $osC_Database->nextID(); foreach ($customization['fields'] as $field) { $Qfield = $osC_Database->query('insert into :table_orders_products_customizations_values (orders_products_customizations_id , customization_fields_id, customization_fields_name, customization_fields_type, customization_fields_value, cache_file_name) values (:orders_products_customizations_id, :customization_fields_id, :customization_fields_name, :customization_fields_type, :customization_fields_value, :cache_file_name)'); $Qfield->bindTable(':table_orders_products_customizations_values', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS_VALUES); $Qfield->bindInt(':orders_products_customizations_id', $orders_products_customizations_id); $Qfield->bindInt(':customization_fields_id', $field['customization_fields_id']); $Qfield->bindValue(':customization_fields_name', $field['customization_fields_name']); $Qfield->bindInt(':customization_fields_type', $field['customization_type']); $Qfield->bindValue(':customization_fields_value', $field['customization_value']); $Qfield->bindValue(':cache_file_name', $field['cache_filename']); $Qfield->execute(); if ($osC_Database->isError() === false) { @copy(DIR_FS_CACHE . 'products_customizations/' . $field['cache_filename'], DIR_FS_CACHE . 'orders_customizations/' . $field['cache_filename']); } } } } if ($osC_ShoppingCart->hasVariants($products['id'])) { foreach ($osC_ShoppingCart->getVariants($products['id']) as $variants_id => $variants) { $Qvariants = $osC_Database->query('select pvg.products_variants_groups_name, pvv.products_variants_values_name from :table_products_variants pv, :table_products_variants_entries pve, :table_products_variants_groups pvg, :table_products_variants_values pvv where pv.products_id = :products_id and pv.products_variants_id = pve.products_variants_id and pve.products_variants_groups_id = :groups_id and pve.products_variants_values_id = :variants_values_id and pve.products_variants_groups_id = pvg.products_variants_groups_id and pve.products_variants_values_id = pvv.products_variants_values_id and pvg.language_id = :pvg_language_id and pvv.language_id = :pvv_language_id'); $Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvariants->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qvariants->bindTable(':table_products_variants_groups', TABLE_PRODUCTS_VARIANTS_GROUPS); $Qvariants->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES); $Qvariants->bindInt(':products_id', $products['id']); $Qvariants->bindInt(':groups_id', $variants['groups_id']); $Qvariants->bindInt(':variants_values_id', $variants['variants_values_id']); $Qvariants->bindInt(':pvg_language_id', $osC_Language->getID()); $Qvariants->bindInt(':pvv_language_id', $osC_Language->getID()); $Qvariants->execute(); $Qopv = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, products_variants_groups_id, products_variants_groups, products_variants_values_id, products_variants_values) values (:orders_id, :orders_products_id, :products_variants_groups_id, :products_variants_groups, :products_variants_values_id, :products_variants_values)'); $Qopv->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS); $Qopv->bindInt(':orders_id', $insert_id); $Qopv->bindInt(':orders_products_id', $order_products_id); $Qopv->bindInt(':products_variants_groups_id', $variants['groups_id']); $Qopv->bindValue(':products_variants_groups', $Qvariants->value('products_variants_groups_name')); $Qopv->bindInt(':products_variants_values_id', $variants['variants_values_id']); $Qopv->bindValue(':products_variants_values', $Qvariants->value('products_variants_values_name')); $Qopv->execute(); } } if ($products['type'] == PRODUCT_TYPE_DOWNLOADABLE) { $Qdownloadable = $osC_Database->query('select * from :table_products_downloadables where products_id = :products_id'); $Qdownloadable->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qdownloadable->bindInt(':products_id', osc_get_product_id($products['id'])); $Qdownloadable->execute(); if ($osC_ShoppingCart->hasVariants($products['id'])) { $variants_filename = $products['variant_filename']; $variants_cache_filename = $products['variant_cache_filename']; } else { $variants_filename = $Qdownloadable->value('filename'); $variants_cache_filename = $Qdownloadable->value('cache_filename'); } $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, orders_products_cache_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :orders_products_cache_filename, :download_maxdays, :download_count)'); $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qopd->bindInt(':orders_id', $insert_id); $Qopd->bindInt(':orders_products_id', $order_products_id); $Qopd->bindValue(':orders_products_filename', $variants_filename); $Qopd->bindValue(':orders_products_cache_filename', $variants_cache_filename); $Qopd->bindValue(':download_maxdays', $Qdownloadable->valueInt('number_of_accessible_days')); $Qopd->bindValue(':download_count', $Qdownloadable->valueInt('number_of_downloads') * $products['quantity']); $Qopd->execute(); } if ($products['type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) { require_once 'gift_certificates.php'; $Qgc = $osC_Database->query('insert into :table_gift_certificates (orders_id, orders_products_id, gift_certificates_type, amount, gift_certificates_code, recipients_name, recipients_email, senders_name, senders_email, messages) values (:orders_id, :orders_products_id, :gift_certificates_type, :amount, :gift_certificates_code, :recipients_name, :recipients_email, :senders_name, :senders_email, :messages)'); $Qgc->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES); $Qgc->bindInt(':orders_id', $insert_id); $Qgc->bindInt(':gift_certificates_type', $products['gc_data']['type']); $Qgc->bindInt(':orders_products_id', $order_products_id); $Qgc->bindValue(':amount', $products['price']); $Qgc->bindValue(':gift_certificates_code', toC_Gift_Certificates::createGiftCertificateCode()); $Qgc->bindValue(':recipients_name', $products['gc_data']['recipients_name']); $Qgc->bindValue(':recipients_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['recipients_email'] : ''); $Qgc->bindValue(':senders_name', $products['gc_data']['senders_name']); $Qgc->bindValue(':senders_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['senders_email'] : ''); $Qgc->bindValue(':messages', $products['gc_data']['message']); $Qgc->execute(); } } if ($osC_ShoppingCart->isUseStoreCredit()) { $Qhistory = $osC_Database->query('insert into :table_customers_credits_history (customers_id, action_type, date_added, amount, comments) values (:customers_id, :action_type, now(), :amount, :comments)'); $Qhistory->bindTable(':table_customers_credits_history', TABLE_CUSTOMERS_CREDITS_HISTORY); $Qhistory->bindInt(':customers_id', $osC_Customer->getID()); $Qhistory->bindInt(':action_type', STORE_CREDIT_ACTION_TYPE_ORDER_PURCHASE); $Qhistory->bindValue(':amount', $osC_ShoppingCart->getStoreCredit() * -1); $Qhistory->bindValue(':comments', sprintf($osC_Language->get('store_credit_order_number'), $insert_id)); $Qhistory->execute(); $Qcustomer = $osC_Database->query('update :table_customers set customers_credits = (customers_credits + :customers_credits) where customers_id = :customers_id'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindRaw(':customers_credits', $osC_ShoppingCart->getStoreCredit() * -1); $Qcustomer->bindInt(':customers_id', $osC_Customer->getID()); $Qcustomer->execute(); $Qcredit = $osC_Database->query('select customers_credits from :table_customers where customers_id = :customers_id'); $Qcredit->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcredit->bindInt(':customers_id', $osC_Customer->getID()); $Qcredit->execute(); $osC_Customer->setStoreCredit($Qcredit->value('customers_credits')); } if ($osC_ShoppingCart->hasCoupon()) { include_once 'includes/classes/coupon.php'; $toC_Coupon = new toC_Coupon($osC_ShoppingCart->getCouponCode()); $Qcoupon = $osC_Database->query('insert into :table_coupons_redeem_history (coupons_id, customers_id, orders_id, redeem_amount, redeem_date, redeem_ip_address) values (:coupons_id, :customers_id, :orders_id, :redeem_amount, now(), :redeem_ip_address)'); $Qcoupon->bindTable(':table_coupons_redeem_history', TABLE_COUPONS_REDEEM_HISTORY); $Qcoupon->bindInt(':coupons_id', $toC_Coupon->getID()); $Qcoupon->bindInt(':customers_id', $osC_Customer->getID()); $Qcoupon->bindInt(':orders_id', $insert_id); $Qcoupon->bindValue(':redeem_amount', $osC_ShoppingCart->getCouponAmount()); $Qcoupon->bindValue(':redeem_ip_address', osc_get_ip_address()); $Qcoupon->execute(); } if ($osC_ShoppingCart->hasGiftCertificate()) { $gift_certificate_codes = $osC_ShoppingCart->getGiftCertificateRedeemAmount(); foreach ($gift_certificate_codes as $gift_certificate_code => $amount) { $Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code'); $Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES); $Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code); $Qcertificate->execute(); $Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)'); $Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY); $Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt(gift_certificates_id)); $Qinsert->bindInt(':customers_id', $osC_Customer->getID()); $Qinsert->bindInt(':orders_id', $insert_id); $Qinsert->bindValue(':redeem_amount', $amount); $Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address()); $Qinsert->execute(); } } $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id; return $insert_id; }
function callback() { global $osC_Database; if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && isset($_POST['receiver_email']) && $_POST['receiver_email'] == MODULE_PAYMENT_PAYPAL_IPN_ID && isset($_POST['verify_sign']) && empty($_POST['verify_sign']) === false && isset($_POST['txn_id']) && empty($_POST['txn_id']) === false) { if (!osc_empty(MODULE_PAYMENT_PAYPAL_IPN_SECRET_KEY)) { if (isset($_GET['secret']) && $_GET['secret'] == MODULE_PAYMENT_PAYPAL_IPN_SECRET_KEY) { $pass = true; } else { $pass = false; } } else { $pass = true; } if ($pass === true && osC_Order::getStatusID($_POST['invoice']) === ORDERS_STATUS_PREPARING) { $post_string = 'cmd=_notify-validate&'; foreach ($_POST as $key => $value) { $post_string .= $key . '=' . urlencode($value) . '&'; } $post_string = substr($post_string, 0, -1); $this->_transaction_response = $this->sendTransactionToGateway($this->form_action_url, $post_string); $post_array = array('root' => $_POST); $post_array['root']['transaction_response'] = trim($this->_transaction_response); $osC_XML = new osC_XML($post_array); if (strtoupper(trim($this->_transaction_response)) == 'VERIFIED') { osC_Order::process($_POST['invoice'], $this->order_status); } $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $_POST['invoice']); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML()); $Qtransaction->bindInt(':transaction_return_status', strtoupper(trim($this->_transaction_response)) == 'VERIFIED' ? 1 : 0); $Qtransaction->execute(); } } }
</table> <br> <?php echo tep_draw_form('status', FILENAME_ORDERS, (isset($_GET['search']) ? 'search=' . $_GET['search'] . '&' : '') . (isset($_GET['status']) ? 'status=' . $_GET['status'] . '&' : '') . (isset($_GET['cID']) ? 'cID=' . $_GET['cID'] . '&' : '') . 'page=' . $_GET['page'] . '&oID=' . $_GET['oID'] . '&action=update_order'); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo ENTRY_STATUS; ?> </td> <td class="main"><?php echo osc_draw_pull_down_menu('status', $orders_statuses, $osC_Order->getStatusID()); ?> </td> </tr> <tr> <td class="main" valign="top"><?php echo ENTRY_NEW_COMMENT; ?> </td> <td class="main"><?php echo tep_draw_textarea_field('comment', 'soft', '60', '5', '', 'style="width: 100%"'); ?> </td> </tr> <tr> <td class="main"><?php
function insert() { global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax; if (isset($_SESSION['prepOrderID'])) { $_prep = explode('-', $_SESSION['prepOrderID']); if ($_prep[0] == $osC_ShoppingCart->getCartID()) { return $_prep[1]; // order_id } else { if (osC_Order::getStatusID($_prep[1]) === 4) { osC_Order::remove($_prep[1]); } } } $customer_address = osC_AddressBook::getEntry($osC_Customer->getDefaultAddressID())->toArray(); $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_state_code, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_state_code, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, payment_method, payment_module, date_purchased, orders_status, currency, currency_value) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_state_code, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_state_code, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :payment_method, :payment_module, now(), :orders_status, :currency, :currency_value)'); $Qorder->bindTable(':table_orders', TABLE_ORDERS); $Qorder->bindInt(':customers_id', $osC_Customer->getID()); $Qorder->bindValue(':customers_name', $osC_Customer->getName()); $Qorder->bindValue(':customers_company', $customer_address['entry_company']); $Qorder->bindValue(':customers_street_address', $customer_address['entry_street_address']); $Qorder->bindValue(':customers_suburb', $customer_address['entry_suburb']); $Qorder->bindValue(':customers_city', $customer_address['entry_city']); $Qorder->bindValue(':customers_postcode', $customer_address['entry_postcode']); $Qorder->bindValue(':customers_state', $customer_address['entry_state']); $Qorder->bindValue(':customers_state_code', osC_Address::getZoneCode($customer_address['entry_zone_id'])); $Qorder->bindValue(':customers_country', osC_Address::getCountryName($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_country_iso2', osC_Address::getCountryIsoCode2($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_country_iso3', osC_Address::getCountryIsoCode3($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_telephone', $customer_address['entry_telephone']); $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress()); $Qorder->bindValue(':customers_address_format', osC_Address::getFormat($customer_address['entry_country_id'])); $Qorder->bindValue(':customers_ip_address', osc_get_ip_address()); $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname')); $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company')); $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address')); $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb')); $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city')); $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode')); $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state')); $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code')); $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title')); $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2')); $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3')); $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format')); $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname')); $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company')); $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address')); $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb')); $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city')); $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode')); $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state')); $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code')); $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title')); $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2')); $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3')); $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format')); $Qorder->bindValue(':payment_method', $osC_ShoppingCart->getBillingMethod('title')); $Qorder->bindValue(':payment_module', $GLOBALS['osC_Payment_' . $osC_ShoppingCart->getBillingMethod('id')]->getCode()); $Qorder->bindInt(':orders_status', 4); $Qorder->bindValue(':currency', $osC_Currencies->getCode()); $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode())); $Qorder->execute(); $insert_id = $osC_Database->nextID(); foreach ($osC_ShoppingCart->getOrderTotals() as $module) { $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)'); $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL); $Qtotals->bindInt(':orders_id', $insert_id); $Qtotals->bindValue(':title', $module['title']); $Qtotals->bindValue(':text', $module['text']); $Qtotals->bindValue(':value', $module['value']); $Qtotals->bindValue(':class', $module['code']); $Qtotals->bindInt(':sort_order', $module['sort_order']); $Qtotals->execute(); } $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)'); $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY); $Qstatus->bindInt(':orders_id', $insert_id); $Qstatus->bindInt(':orders_status_id', 4); $Qstatus->bindInt(':customer_notified', '0'); $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : ''); $Qstatus->execute(); foreach ($osC_ShoppingCart->getProducts() as $products) { $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_name, products_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_model, :products_name, :products_price, :products_tax, :products_quantity)'); $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS); $Qproducts->bindInt(':orders_id', $insert_id); $Qproducts->bindInt(':products_id', osc_get_product_id($products['id'])); $Qproducts->bindValue(':products_model', $products['model']); $Qproducts->bindValue(':products_name', $products['name']); $Qproducts->bindValue(':products_price', $products['price']); $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'])); $Qproducts->bindInt(':products_quantity', $products['quantity']); $Qproducts->execute(); $order_products_id = $osC_Database->nextID(); if ($osC_ShoppingCart->isVariant($products['item_id'])) { foreach ($osC_ShoppingCart->getVariant($products['item_id']) as $variant) { /* HPDL if (DOWNLOAD_ENABLED == '1') { $Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id'); $Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS); $Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES); $Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qattributes->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD); $Qattributes->bindInt(':products_id', $products['id']); $Qattributes->bindInt(':options_id', $attributes['options_id']); $Qattributes->bindInt(':options_values_id', $attributes['options_values_id']); $Qattributes->bindInt(':popt_language_id', $osC_Language->getID()); $Qattributes->bindInt(':poval_language_id', $osC_Language->getID()); $Qattributes->execute(); } */ $Qvariant = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, group_title, value_title) values (:orders_id, :orders_products_id, :group_title, :value_title)'); $Qvariant->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS); $Qvariant->bindInt(':orders_id', $insert_id); $Qvariant->bindInt(':orders_products_id', $order_products_id); $Qvariant->bindValue(':group_title', $variant['group_title']); $Qvariant->bindValue(':value_title', $variant['value_title']); $Qvariant->execute(); /*HPDL if ((DOWNLOAD_ENABLED == '1') && (strlen($Qattributes->value('products_attributes_filename')) > 0)) { $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :download_maxdays, :download_count)'); $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qopd->bindInt(':orders_id', $insert_id); $Qopd->bindInt(':orders_products_id', $order_products_id); $Qopd->bindValue(':orders_products_filename', $Qattributes->value('products_attributes_filename')); $Qopd->bindValue(':download_maxdays', $Qattributes->value('products_attributes_maxdays')); $Qopd->bindValue(':download_count', $Qattributes->value('products_attributes_maxcount')); $Qopd->execute(); } */ } } } $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id; return $insert_id; }
function callback() { global $osC_Database; $ip_address = osc_get_ip_address(); if ($ip_address == '69.20.58.35' || $ip_address == '207.97.201.192') { if (isset($_POST['cs1']) && is_numeric($_POST['cs1']) && isset($_POST['cs2']) && is_numeric($_POST['cs2']) && isset($_POST['cs3']) && empty($_POST['cs3']) === false && isset($_POST['product_id']) && $_POST['product_id'] == MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID && isset($_POST['total']) && empty($_POST['total']) === false && isset($_POST['transaction_type']) && empty($_POST['transaction_type']) === false) { if (osC_Order::exists($_POST['cs2'], $_POST['cs1'])) { $pass = false; $post_array = array('root' => $_POST); $osC_XML = new osC_XML($post_array); if ($_POST['cs3'] == md5(MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID . $_POST['cs2'] . $_POST['cs1'] . $_POST['total'] . MODULE_PAYMENT_CHRONOPAY_MD5_HASH)) { if (osC_Order::getStatusID($_POST['cs2']) === 4) { $pass = true; osC_Order::process($_POST['cs2'], $this->order_status); } } $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())'); $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY); $Qtransaction->bindInt(':orders_id', $_POST['cs2']); $Qtransaction->bindInt(':transaction_code', 1); $Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML()); $Qtransaction->bindInt(':transaction_return_status', $pass === true ? 1 : 0); $Qtransaction->execute(); } } } }