public function paypal_notify() { $crypt = Loader::helper('encryption'); $paypal = new \Concrete\Package\PaypalExpressVividStore\Src\VividStore\Payment\Methods\PaypalExpress\Helpers\PaypalExpressHelper(); if (Config::get('vividstore.paypalExpressMode') == 'test') { $type = 'sandbox'; } else { $type = 'live'; } $conf = ['type' => $type]; $paypal->setConfig($conf); if ($paypal->validateIPN()) { if (Config::get('vividstore.paypalExpressTransactionType') == "Authorization") { $status_message = strtolower($_REQUEST['auth_status']); } else { $status_message = strtolower($_REQUEST['payment_status']); } if ($status_message == 'completed') { $status = OrderStatus::getByHandle('complete'); } elseif ($status_message == 'denied' || $status_message == 'reversed') { $status = OrderStatus::getByHandle('complete'); } $crypt = Loader::helper('encryption'); $invoice = $crypt->decrypt($_REQUEST['invoice']); $oID = Invoice::getOrderID($invoice); $order = Order::getById($oID); if ($order) { $order->updateStatus($status); } } }
public function renderOrderPrintSlip() { $o = Order::getByID($this->post('oID')); if (Filesystem::exists(DIR_BASE . "/application/elements/order_slip.php")) { View::element("order_slip", array('order' => $o)); } else { View::element("order_slip", array('order' => $o), "vivid_store"); } }
public function view() { $customer = new Customer(); $order = VividOrder::getByID($customer->getLastOrderID()); if (is_object($order)) { $this->set("order", $order); } else { $this->redirect("/cart"); } $this->addFooterItem(Core::make('helper/html')->javascript('vivid-store.js', 'vivid_store')); $this->addHeaderItem(Core::make('helper/html')->css('vivid-store.css', 'vivid_store')); }
public function view() { $customer = new Customer(); $order = VividOrder::getByID($customer->getLastOrderID()); if (is_object($order)) { $this->set("order", $order); } else { $this->redirect("/cart"); } $this->requireAsset('javascript', 'vivid-store'); $this->requireAsset('css', 'vivid-store'); }
public function remove($oID) { VividOrder::getByID($oID)->remove(); $this->redirect('/dashboard/store/orders/removed'); }
public static function validateCompletion() { // Read POST data // reading posted data directly from $_POST causes serialization // issues with array data in POST. Reading raw POST data from input stream instead. $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode('=', $keyval); if (count($keyval) == 2) { $myPost[$keyval[0]] = urldecode($keyval[1]); } } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if (function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exists = true; } foreach ($myPost as $key => $value) { if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&{$key}={$value}"; } // Post IPN data back to PayPal to validate the IPN data is genuine // Without this step anyone can fake IPN data if (Config::get('vividstore.paypalTestMode') == true) { $paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; } else { $paypal_url = "https://www.paypal.com/cgi-bin/webscr"; } $ch = curl_init($paypal_url); if ($ch == FALSE) { return FALSE; } curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); if (DEBUG == true) { curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLINFO_HEADER_OUT, 1); } // CONFIG: Optional proxy configuration //curl_setopt($ch, CURLOPT_PROXY, $proxy); //curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); // Set TCP timeout to 30 seconds curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); // CONFIG: Please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path // of the certificate as shown below. Ensure the file is readable by the webserver. // This is mandatory for some environments. //$cert = __DIR__ . "./cacert.pem"; //curl_setopt($ch, CURLOPT_CAINFO, $cert); $res = curl_exec($ch); if (curl_errno($ch) != 0) { Log::addEntry("Can't connect to PayPal to validate IPN message: " . curl_error($ch)); curl_close($ch); exit; } else { //if we want to log more stuff //Log::addEntry("HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req"); //Log::addEntry("HTTP response of validation request: $res"); curl_close($ch); } // Inspect IPN validation result and act accordingly // Split response headers and payload, a better way for strcmp $tokens = explode("\r\n\r\n", trim($res)); $res = trim(end($tokens)); if (strcmp($res, "VERIFIED") == 0) { $order = VividOrder::getByID($_POST['invoice']); $order->completeOrder(); $order->updateStatus(OrderStatus::getStartingStatus()->getHandle()); } elseif (strcmp($res, "INVALID") == 0) { // log for manual investigation // Add business logic here which deals with invalid IPN messages Log::addEntry("Invalid IPN: {$req}"); } }
public function submit() { $data = $this->post(); //process payment $pmHandle = $data['payment-method']; $pm = PaymentMethod::getByHandle($pmHandle); if (!$pm instanceof PaymentMethod) { //There was no payment method enabled somehow. //so we'll force invoice. $pm = PaymentMethod::getByHandle('invoice'); } else { if ($pm->getMethodController()->external == true) { $pmsess = Session::get('paymentMethod'); $pmsess[$pm->getPaymentMethodID()] = $data['payment-method']; Session::set('paymentMethod', $pmsess); $order = VividOrder::add($data, $pm, 'incomplete'); Session::set('orderID', $order->getOrderID()); $this->redirect('/checkout/external'); } else { $payment = $pm->submitPayment(); if ($payment['error'] == 1) { $pmsess = Session::get('paymentMethod'); $pmsess[$pm->getPaymentMethodID()] = $data['payment-method']; Session::set('paymentMethod', $pmsess); $pesess = Session::get('paymentErrors'); $pesess = $payment['errorMessage']; Session::set('paymentErrors', $pesess); $this->redirect("/checkout/failed#payment"); } else { VividOrder::add($data, $pm); $this->redirect('/checkout/complete'); } } } }
public function add($data, $pm, $status = null) { $taxBased = Config::get('vividstore.taxBased'); $taxlabel = Config::get('vividstore.taxName'); $this->set('taxlabel', $taxlabel); $taxCalc = Config::get('vividstore.calculation'); $db = Database::get(); //get who ordered it $customer = new Customer(); //what time is it? $dt = Core::make('helper/date'); $now = $dt->getLocalDateTime(); //get the price details $shipping = VividCart::getShippingTotal(); $shipping = Price::formatFloat($shipping); $taxvalue = VividCart::getTaxTotal(); $taxName = Config::get('vividstore.taxName'); $total = VividCart::getTotal(); $total = Price::formatFloat($total); $tax = 0; $taxIncluded = 0; if ($taxCalc == 'extract') { $taxIncluded = $taxvalue; } else { $tax = $taxvalue; } $tax = Price::formatFloat($tax); //get payment method $pmID = $pm->getPaymentMethodID(); //add the order $vals = array($customer->getUserID(), $now, $pmID, $shipping, $tax, $taxIncluded, $taxName, $total); $db->Execute("INSERT INTO VividStoreOrders(cID,oDate,pmID,oShippingTotal,oTax,oTaxIncluded,oTaxName,oTotal) VALUES (?,?,?,?,?,?,?,?)", $vals); $oID = $db->lastInsertId(); $order = Order::getByID($oID); if ($status) { $order->updateStatus($status); } else { $order->updateStatus(OrderStatus::getStartingStatus()->getHandle()); } $order->setAttribute("email", $customer->getEmail()); $order->setAttribute("billing_first_name", $customer->getValue("billing_first_name")); $order->setAttribute("billing_last_name", $customer->getValue("billing_last_name")); $order->setAttribute("billing_address", $customer->getValueArray("billing_address")); $order->setAttribute("billing_phone", $customer->getValue("billing_phone")); $order->setAttribute("shipping_first_name", $customer->getValue("shipping_first_name")); $order->setAttribute("shipping_last_name", $customer->getValue("shipping_last_name")); $order->setAttribute("shipping_address", $customer->getValueArray("shipping_address")); $customer->setLastOrderID($oID); //add the order items $cart = VividCart::getCart(); foreach ($cart as $cartItem) { $taxvalue = VividCart::getTaxProduct($cartItem['product']['pID']); $tax = 0; $taxIncluded = 0; if ($taxCalc == 'extract') { $taxIncluded = $taxvalue; } else { $tax = $taxvalue; } $productTaxName = $taxName; if ($taxvalue == 0) { $productTaxName = ''; } OrderItem::add($cartItem, $oID, $tax, $taxIncluded, $productTaxName); $product = VividProduct::getByID($cartItem['product']['pID']); if ($product && $product->hasUserGroups()) { $usergroupstoadd = $product->getProductUserGroups(); foreach ($usergroupstoadd as $id) { $g = Group::getByID($id); if ($g) { $customer->getUserInfo()->enterGroup($g); } } } } if (!$customer->isGuest()) { //add user to Store Customers group $group = \Group::getByName('Store Customer'); if (is_object($group) || $group->getGroupID() < 1) { $customer->getUserInfo()->enterGroup($group); } } // create order event and dispatch $event = new OrderEvent($order); Events::dispatch('on_vividstore_order', $event); //send out the alerts $mh = new MailService(); $pkg = Package::getByHandle('vivid_store'); $fromEmail = Config::get('vividstore.emailalerts'); if (!$fromEmail) { $fromEmail = "store@" . $_SERVER['SERVER_NAME']; } $alertEmails = explode(",", Config::get('vividstore.notificationemails')); $alertEmails = array_map('trim', $alertEmails); //receipt $mh->from($fromEmail); $mh->to($customer->getEmail()); $mh->addParameter("order", $order); $mh->addParameter("taxbased", $taxBased); $mh->addParameter("taxlabel", $taxlabel); $mh->load("order_receipt", "vivid_store"); $mh->sendMail(); //order notification $mh->from($fromEmail); foreach ($alertEmails as $alertEmail) { $mh->to($alertEmail); } $mh->addParameter("order", $order); $mh->addParameter("taxbased", $taxBased); $mh->addParameter("taxlabel", $taxlabel); $mh->load("new_order_notification", "vivid_store"); $mh->sendMail(); VividCart::clear(); return $order; }
private static function recordStatusChange(Order $order, $statusHandle) { $db = Database::get(); $newOrderStatus = OrderStatus::getByHandle($statusHandle); $user = new user(); $statusHistorySql = "INSERT INTO " . self::$table . " SET oID=?, oshStatus=?, uID=?"; $statusHistoryValues = array($order->getOrderID(), $newOrderStatus->getHandle(), $user->uID); $db->Execute($statusHistorySql, $statusHistoryValues); $updateOrderSql = "UPDATE VividStoreOrders SET oStatus = ? WHERE oID = ?"; $updateOrderValues = array($newOrderStatus->getHandle(), $order->getOrderID()); $db->Execute($updateOrderSql, $updateOrderValues); return $newOrderStatus->getHandle(); }
public function getResult($queryRow) { return VividOrder::getByID($queryRow['oID']); }
public function add($data, $pm, $status = null) { $db = Database::get(); //get who ordered it $customer = new Customer(); //what time is it? $dt = Core::make('helper/date'); $now = $dt->getLocalDateTime(); //get the price details $smID = \Session::get('smID'); if ($smID > 0) { $sm = ShippingMethod::getByID($smID); $shippingMethodTypeName = $sm->getShippingMethodType()->getShippingMethodTypeName(); $shippingMethodName = $sm->getName(); $smName = $shippingMethodTypeName . ": " . $shippingMethodName; } else { $smName = "No Shipping Method"; } $shipping = VividCart::getShippingTotal(); $taxes = Tax::getTaxes(); $totals = VividCart::getTotals(); $total = $totals['total']; $taxCalc = Config::get('vividstore.calculation'); $taxTotal = array(); $taxIncludedTotal = array(); $taxLabels = array(); foreach ($taxes as $tax) { if ($taxCalc == 'extract') { $taxIncludedTotal[] = $tax['taxamount']; } else { $taxTotal[] = $tax['taxamount']; } $taxLabels[] = $tax['name']; } $taxTotal = implode(',', $taxTotal); $taxIncludedTotal = implode(',', $taxIncludedTotal); $taxLabels = implode(',', $taxLabels); //get payment method $pmName = $pm->getPaymentMethodName(); //add the order $vals = array($customer->getUserID(), $now, $pmName, $smName, $shipping, $taxTotal, $taxIncludedTotal, $taxLabels, $total); $db->Execute("INSERT INTO VividStoreOrders(cID,oDate,pmName,smName,oShippingTotal,oTax,oTaxIncluded,oTaxName,oTotal) VALUES (?,?,?,?,?,?,?,?,?)", $vals); $oID = $db->lastInsertId(); $order = Order::getByID($oID); if ($status) { $order->updateStatus($status); } else { $order->updateStatus(OrderStatus::getStartingStatus()->getHandle()); } $email = $customer->getEmail(); $billing_first_name = $customer->getValue("billing_first_name"); $billing_last_name = $customer->getValue("billing_last_name"); $billing_address = $customer->getValueArray("billing_address"); $billing_phone = $customer->getValue("billing_phone"); $shipping_first_name = $customer->getValue("shipping_first_name"); $shipping_last_name = $customer->getValue("shipping_last_name"); $shipping_address = $customer->getValueArray("shipping_address"); $order->setAttribute("email", $email); $order->setAttribute("billing_first_name", $billing_first_name); $order->setAttribute("billing_last_name", $billing_last_name); $order->setAttribute("billing_address", $billing_address); $order->setAttribute("billing_phone", $billing_phone); if ($smID) { $order->setAttribute("shipping_first_name", $shipping_first_name); $order->setAttribute("shipping_last_name", $shipping_last_name); $order->setAttribute("shipping_address", $shipping_address); } $customer->setLastOrderID($oID); //add the order items $cart = VividCart::getCart(); foreach ($cart as $cartItem) { $taxes = Tax::getTaxForProduct($cartItem); $taxProductTotal = array(); $taxProductIncludedTotal = array(); $taxProductLabels = array(); foreach ($taxes as $tax) { if ($taxCalc == 'extract') { $taxProductIncludedTotal[] = $tax['taxamount']; } else { $taxProductTotal[] = $tax['taxamount']; } $taxProductLabels[] = $tax['name']; } $taxProductTotal = implode(',', $taxProductTotal); $taxProductIncludedTotal = implode(',', $taxProductIncludedTotal); $taxProductLabels = implode(',', $taxProductLabels); OrderItem::add($cartItem, $oID, $taxProductTotal, $taxProductIncludedTotal, $taxProductLabels); } $discounts = VividCart::getDiscounts(); if ($discounts) { foreach ($discounts as $discount) { $order->addDiscount($discount, VividCart::getCode()); } } //if the payment method is not external, go ahead and complete the order. if (!$pm->external) { $order->completeOrder(); } return $order; }