$_SESSION[PP_CART_VAR]['prevpage'] = $view;
$content .= $ppGCart->View(true);
$page_title = $LANG_PP['view_order'];
break;
case 'detail':
// deprecated, should be displayed via detail.php
USES_paypal_class_product();
$P = new Product($id);
$content .= $P->Detail();
$menu_opt = $LANG_PP['product_list'];
$page_title = $LANG_PP['product_detail'];
break;
case 'cart':
case 'viewcart':
$menu_opt = $LANG_PP['viewcart'];
if ($ppGCart->hasItems()) {
$content .= $ppGCart->View();
} else {
LGLIB_storeMessage($LANG_PP['cart_empty']);
COM_refresh(PAYPAL_URL . '/index.php');
exit;
}
break;
case 'checkoutcart':
// Need to create an order or save the cart, so IPN class
// can access the data. For now, use the cart.
/*USES_paypal_class_order();
if (empty($_SESSION[PP_CART_VAR]['invoice'])) {
$Ord = new ppOrder();
$Ord->CreateFromCart($ppGCart);
} else {
/**
* Processes the purchase, for purchases made without an IPN message.
*
* @param array $vals Submitted values, e.g. $_POST
*/
public function handlePurchase($vals = array())
{
global $_TABLES, $_CONF, $_PP_CONF;
USES_paypal_functions();
USES_paypal_class_cart();
USES_paypal_class_order();
USES_paypal_class_product();
if (!empty($vals['cart_id'])) {
$cart = new ppCart($vals['cart_id']);
if (!$cart->hasItems()) {
return;
}
// shouldn't be empty
$items = $cart->Cart();
} else {
$cart = new ppCart();
}
// Create an order record to get the order ID
$Order = $this->CreateOrder($vals, $cart);
$db_order_id = DB_escapeString($Order->order_id);
$prod_types = 0;
// For each item purchased, record purchase in purchase table
foreach ($items as $id => $item) {
//COM_errorLog("Processing item: $id");
list($item_number, $item_opts) = PAYPAL_explode_opts($id, true);
// If the item number is numeric, assume it's an
// inventory item. Otherwise, it should be a plugin-supplied
// item with the item number like pi_name:item_number:options
if (PAYPAL_is_plugin_item($item_number)) {
PAYPAL_debug("handlePurchase for Plugin item " . $item_number);
// Initialize item info array to be used later
$A = array();
// Split the item number into component parts. It could
// be just a single string, depending on the plugin's needs.
$pi_info = explode(':', $item['item_number']);
PAYPAL_debug('Paymentgw::handlePurchase() pi_info: ' . print_r($pi_info, true));
$status = LGLIB_invokeService($pi_info[0], 'productinfo', array($item_number, $item_opts), $product_info, $svc_msg);
if ($status != PLG_RET_OK) {
$product_info = array();
}
if (!empty($product_info)) {
$items[$id]['name'] = $product_info['name'];
}
PAYPAL_debug("Paymentgw::handlePurchase() Got name " . $items[$id]['name']);
$vars = array('item' => $item, 'ipn_data' => array());
$status = LGLIB_invokeService($pi_info[0], 'handlePurchase', $vars, $A, $svc_msg);
if ($status != PLG_RET_OK) {
$A = array();
}
// Mark what type of product this is
$prod_types |= PP_PROD_VIRTUAL;
} else {
PAYPAL_debug("Paypal item " . $item_number);
$P = new Product($item_number);
$A = array('name' => $P->name, 'short_description' => $P->short_description, 'expiration' => $P->expiration, 'prod_type' => $P->prod_type, 'file' => $P->file, 'price' => $item['price']);
if (!empty($item_opts)) {
$opts = explode(',', $itemopts);
$opt_str = $P->getOptionDesc($opts);
if (!empty($opt_str)) {
$A['short_description'] .= " ({$opt_str})";
}
$item_number .= '|' . $item_opts;
}
// Mark what type of product this is
$prod_types |= $P->prod_type;
}
// An invalid item number, or nothing returned for a plugin
if (empty($A)) {
//$this->Error("Item {$item['item_number']} not found");
continue;
}
// If it's a downloadable item, then get the full path to the file.
// TODO: pp_data isn't available here, should be from $vals?
if (!empty($A['file'])) {
$this->items[$id]['file'] = $_PP_CONF['download_path'] . $A['file'];
$token_base = $this->pp_data['txn_id'] . time() . rand(0, 99);
$token = md5($token_base);
$this->items[$id]['token'] = $token;
} else {
$token = '';
}
$items[$id]['prod_type'] = $A['prod_type'];
// If a custom name was supplied by the gateway's IPN processor,
// then use that. Otherwise, plug in the name from inventory or
// the plugin, for the notification email.
if (empty($item['name'])) {
$items[$id]['name'] = $A['short_description'];
}
// Add the purchase to the paypal purchase table
$uid = isset($vals['uid']) ? (int) $vals['uid'] : $_USER['uid'];
$sql = "INSERT INTO {$_TABLES['paypal.purchases']} SET \n order_id = '{$db_order_id}',\n product_id = '{$item_number}',\n description = '{$items[$id]['name']}',\n quantity = '{$item['quantity']}', \n user_id = '{$uid}', \n txn_type = '{$this->gw_id}',\n txn_id = '', \n purchase_date = '{$_PP_CONF['now']->toMySQL()}', \n status = 'complete',\n token = '{$token}',\n price = " . (double) $item['price'] . ",\n options = '" . DB_escapeString($item_opts) . "'";
// add an expiration date if appropriate
if (is_numeric($A['expiration']) && $A['expiration'] > 0) {
$sql .= ", expiration = DATE_ADD('{$_PP_CONF['now']->toMySQL()}', INTERVAL {$A['expiration']} DAY)";
}
//echo $sql;die;
PAYPAL_debug($sql);
DB_query($sql);
}
// foreach item
// If this was a user's cart, then clear that also
if (isset($vals['cart_id']) && !empty($vals['cart_id'])) {
DB_delete($_TABLES['paypal.cart'], 'cart_id', $vals['cart_id']);
}
}
/**
* Create and populate an Order record for this purchase.
* Gets the billto and shipto addresses from the cart, if any.
* Items are saved in the purchases table by handlePurchase().
*
* This function is called only by our own handlePurchase() function,
* but is made "protected" so a derived class can use it if necessary.
*
* @return string Order ID, to link to the purchases table
*/
protected function CreateOrder()
{
global $_TABLES, $_PP_CONF;
// See if an order already exists for this transaction.
// If so, load it and update the status. If not, continue on
// and create a new order
$order_id = DB_getItem($_TABLES['paypal.orders'], 'order_id', "pmt_txn_id='" . DB_escapeString($this->pp_data['txn_id']) . "'");
if (!empty($order_id)) {
$this->Order = new ppOrder($order_id);
if ($this->Order->order_id != '') {
$this->Order->log_user = $this->gw->Description();
$this->Order->UpdateStatus($this->pp_data['status']);
}
return 2;
}
$this->Order = new ppOrder();
USES_paypal_class_cart();
if (isset($this->pp_data['custom']['cart_id'])) {
$cart = new ppCart($this->pp_data['custom']['cart_id']);
if (!$_PP_CONF['sys_test_ipn'] && !$cart->hasItems()) {
return 1;
// shouldn't normally be empty except during testing
}
} else {
$cart = NULL;
}
$uid = (int) $this->pp_data['custom']['uid'];
$this->Order->uid = $uid;
$this->Order->status = !empty($this->pp_data['status']) ? $this->pp_data['status'] : 'pending';
if ($uid > 1) {
USES_paypal_class_userinfo();
$U = new ppUserInfo($uid);
}
// Get the billing and shipping addresses from the cart record,
// if any. There may not be a cart in the database if it was
// removed by a previous IPN, e.g. this is the 'completed' message
// and we already processed a 'pending' message
if ($cart) {
$BillTo = $cart->getAddress('billto');
}
if (empty($BillTo) && $uid > 1) {
$BillTo = $U->getDefaultAddress('billto');
}
if (is_array($BillTo)) {
$this->Order->setBilling($BillTo);
}
$ShipTo = $this->pp_data['shipto'];
if (empty($ShipTo)) {
if ($cart) {
$ShipTo = $cart->getAddress('shipto');
}
if (empty($ShipTo) && $uid > 1) {
$ShipTo = $U->getDefaultAddress('shipto');
}
}
if (is_array($ShipTo)) {
$this->Order->setShipping($ShipTo);
}
if (isset($this->pp_data['shipto']['phone'])) {
$this->Order->phone = $this->pp_data['shipto']['phone'];
}
$this->Order->pmt_method = $this->gw_id;
$this->Order->pmt_txn_id = $this->pp_data['txn_id'];
$this->Order->tax = $this->pp_data['pmt_tax'];
$this->Order->shipping = $this->pp_data['pmt_shipping'];
$this->Order->handling = $this->pp_data['pmt_handling'];
$this->Order->buyer_email = $this->pp_data['payer_email'];
$this->Order->log_user = $this->gw->Description();
$order_id = $this->Order->Save();
$db_order_id = DB_escapeString($order_id);
$this->Order->items = array();
foreach ($this->items as $id => $item) {
$options = DB_escapeString($item['options']);
list($item_number, $options) = explode('|', $item['item_number']);
//if (is_numeric($item['item_number'])) {
if (is_numeric($item_number)) {
// For Paypal catalog options, check for options and append
// to the description. Update quantity on hand if tracking
// is enabled. These actions don't apply to items from
// other plugins.
if (!empty($options)) {
// options is expected as CSV
$sql = "SELECT attr_value\n FROM {$_TABLES['paypal.prod_attr']}\n WHERE attr_id IN ({$options})";
$optres = DB_query($sql);
$opt_str = '';
while ($O = DB_fetchArray($optres, false)) {
$opt_str .= ', ' . $O['attr_value'];
}
$item['name'] .= $opt_str;
}
/*$sql = "UPDATE {$_TABLES['paypal.products']} SET
onhand = GREATEST(0, onhand - " .
(int)$item['quantity'] . ")
WHERE id = '" . (int)$item['item_number'] .
"' AND track_onhand > 0";*/
//COM_errorLog($sql);
DB_query($sql, 1);
}
$sql = "INSERT INTO {$_TABLES['paypal.purchases']} SET \n order_id = '{$db_order_id}',\n product_id = '{$item['item_number']}',\n description = '" . DB_escapeString($item['name']) . "',\n quantity = '{$item['quantity']}', \n user_id = '{$this->pp_data['custom']['uid']}', \n txn_type = '{$this->pp_data['custom']['transtype']}',\n txn_id = '{$this->pp_data['txn_id']}', \n purchase_date = '{$this->sql_date}', \n status = 'pending',\n token = '" . md5(time()) . "',\n price = " . (double) $item['price'] . ",\n options = '{$options}'";
// add an expiration date if appropriate
if (is_numeric($item['expiration']) && $item['expiration'] > 0) {
$sql .= ", expiration = DATE_ADD('{$_PP_CONF['now']}', INTERVAL {$item['expiration']} DAY)";
}
PAYPAL_debug($sql);
DB_query($sql);
}
// foreach item
// Reload the order to get the items
$this->Order->Load();
// If this was a user's cart, then clear that also
if (isset($this->pp_data['custom']['cart_id']) && !empty($this->pp_data['custom']['cart_id'])) {
if (!$_PP_CONF['sys_test_ipn']) {
DB_delete($_TABLES['paypal.cart'], 'cart_id', $this->pp_data['custom']['cart_id']);
PAYPAL_debug('Cart ' . $this->pp_data['custom']['cart_id'] . ' deleted');
}
} else {
PAYPAL_debug('no cart to delete');
}
return 0;
}
