/**
* Start forms process
* @see FrontController::postProcess()
*/
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$idOrder = (int) Tools::getValue('id_order');
$msgText = Tools::getValue('msgText');
if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
$this->errors[] = Tools::displayError('The order is no longer valid.');
} elseif (empty($msgText)) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isMessage($msgText)) {
$this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
}
if (!count($this->errors)) {
$order = new Order($idOrder);
if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
$cm = new CustomerMessage();
if (!$id_customer_thread) {
$ct = new CustomerThread();
$ct->id_contact = 0;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
if (($id_product = (int) Tools::getValue('id_product')) && $order->orderContainProduct((int) $id_product)) {
$ct->id_product = $id_product;
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $this->context->customer->email;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
$ct = new CustomerThread((int) $id_customer_thread);
}
$cm->id_customer_thread = $ct->id;
$cm->message = $msgText;
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
$to = strval($to->email);
}
$toName = strval(Configuration::get('PS_SHOP_NAME'));
$customer = $this->context->customer;
if (Validate::isLoadedObject($customer)) {
Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText)), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
}
if (Tools::getValue('ajax') != 'true') {
Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
}
$this->context->smarty->assign('message_confirmation', true);
} else {
$this->errors[] = Tools::displayError('Order not found');
}
}
}
}
public function postProcess()
{
// If id_order is sent, we instanciate a new Order object
if (Tools::isSubmit('id_order') && Tools::getValue('id_order') > 0) {
$order = new Order(Tools::getValue('id_order'));
if (!Validate::isLoadedObject($order)) {
$this->errors[] = Tools::displayError('The order cannot be found within your database.');
}
ShopUrl::cacheMainDomainForShop((int) $order->id_shop);
}
/* Update shipping number */
if (Tools::isSubmit('submitShippingNumber') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_carrier = new OrderCarrier(Tools::getValue('id_order_carrier'));
if (!Validate::isLoadedObject($order_carrier)) {
$this->errors[] = Tools::displayError('The order carrier ID is invalid.');
} elseif (!Validate::isTrackingNumber(Tools::getValue('tracking_number'))) {
$this->errors[] = Tools::displayError('The tracking number is incorrect.');
} else {
// update shipping number
// Keep these two following lines for backward compatibility, remove on 1.6 version
$order->shipping_number = Tools::getValue('tracking_number');
$order->update();
// Update order_carrier
$order_carrier->tracking_number = pSQL(Tools::getValue('tracking_number'));
if ($order_carrier->update()) {
// Send mail to customer
$customer = new Customer((int) $order->id_customer);
$carrier = new Carrier((int) $order->id_carrier, $order->id_lang);
if (!Validate::isLoadedObject($customer)) {
throw new PrestaShopException('Can\'t load Customer object');
}
if (!Validate::isLoadedObject($carrier)) {
throw new PrestaShopException('Can\'t load Carrier object');
}
$templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url), '{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{id_order}' => $order->id, '{shipping_number}' => $order->shipping_number, '{order_name}' => $order->getUniqReference());
if (@Mail::Send((int) $order->id_lang, 'in_transit', Mail::l('Package in transit', (int) $order->id_lang), $templateVars, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
Hook::exec('actionAdminOrdersTrackingNumberUpdate', array('order' => $order, 'customer' => $customer, 'carrier' => $carrier), null, false, true, false, $order->id_shop);
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
}
} else {
$this->errors[] = Tools::displayError('The order carrier cannot be updated.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitState') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_state = new OrderState(Tools::getValue('id_order_state'));
if (!Validate::isLoadedObject($order_state)) {
$this->errors[] = Tools::displayError('The new order status is invalid.');
} else {
$current_order_state = $order->getCurrentOrderState();
if ($current_order_state->id != $order_state->id) {
// Create new OrderHistory
$history = new OrderHistory();
$history->id_order = $order->id;
$history->id_employee = (int) $this->context->employee->id;
$use_existings_payment = false;
if (!$order->hasInvoice()) {
$use_existings_payment = true;
}
$history->changeIdOrderState((int) $order_state->id, $order, $use_existings_payment);
$carrier = new Carrier($order->id_carrier, $order->id_lang);
$templateVars = array();
if ($history->id_order_state == Configuration::get('PS_OS_SHIPPING') && $order->shipping_number) {
$templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url));
}
// Save all changes
if ($history->addWithemail(true, $templateVars)) {
// synchronizes quantities if needed..
if (Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT')) {
foreach ($order->getProducts() as $product) {
if (StockAvailable::dependsOnStock($product['product_id'])) {
StockAvailable::synchronize($product['product_id'], (int) $product['id_shop']);
}
}
}
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&token=' . $this->token);
}
$this->errors[] = Tools::displayError('An error occurred while changing order status, or we were unable to send an email to the customer.');
} else {
$this->errors[] = Tools::displayError('The order has already been assigned this status.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitMessage') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$customer = new Customer(Tools::getValue('id_customer'));
if (!Validate::isLoadedObject($customer)) {
$this->errors[] = Tools::displayError('The customer is invalid.');
} elseif (!Tools::getValue('message')) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} else {
/* Get message rules and and check fields validity */
$rules = call_user_func(array('Message', 'getValidationRules'), 'Message');
foreach ($rules['required'] as $field) {
if (($value = Tools::getValue($field)) == false && (string) $value != '0') {
if (!Tools::getValue('id_' . $this->table) || $field != 'passwd') {
$this->errors[] = sprintf(Tools::displayError('field %s is required.'), $field);
}
}
}
foreach ($rules['size'] as $field => $maxLength) {
if (Tools::getValue($field) && Tools::strlen(Tools::getValue($field)) > $maxLength) {
$this->errors[] = sprintf(Tools::displayError('field %1$s is too long (%2$d chars max).'), $field, $maxLength);
}
}
foreach ($rules['validate'] as $field => $function) {
if (Tools::getValue($field)) {
if (!Validate::$function(htmlentities(Tools::getValue($field), ENT_COMPAT, 'UTF-8'))) {
$this->errors[] = sprintf(Tools::displayError('field %s is invalid.'), $field);
}
}
}
if (!count($this->errors)) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
if (!$id_customer_thread) {
$customer_thread = new CustomerThread();
$customer_thread->id_contact = 0;
$customer_thread->id_customer = (int) $order->id_customer;
$customer_thread->id_shop = (int) $this->context->shop->id;
$customer_thread->id_order = (int) $order->id;
$customer_thread->id_lang = (int) $this->context->language->id;
$customer_thread->email = $customer->email;
$customer_thread->status = 'open';
$customer_thread->token = Tools::passwdGen(12);
$customer_thread->add();
} else {
$customer_thread = new CustomerThread((int) $id_customer_thread);
}
$customer_message = new CustomerMessage();
$customer_message->id_customer_thread = $customer_thread->id;
$customer_message->id_employee = (int) $this->context->employee->id;
$customer_message->message = Tools::getValue('message');
$customer_message->private = Tools::getValue('visibility');
if (!$customer_message->add()) {
$this->errors[] = Tools::displayError('An error occurred while saving the message.');
} elseif ($customer_message->private) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&conf=11&token=' . $this->token);
} else {
$message = $customer_message->message;
if (Configuration::get('PS_MAIL_TYPE', null, null, $order->id_shop) != Mail::TYPE_TEXT) {
$message = Tools::nl2br($customer_message->message);
}
$varsTpl = array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{id_order}' => $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => $message);
if (@Mail::Send((int) $order->id_lang, 'order_merchant_comment', Mail::l('New message regarding your order', (int) $order->id_lang), $varsTpl, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=11' . '&token=' . $this->token);
}
}
$this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('partialRefund') && isset($order)) {
if ($this->tabAccess['edit'] == '1') {
if (is_array($_POST['partialRefundProduct'])) {
$amount = 0;
$order_detail_list = array();
foreach ($_POST['partialRefundProduct'] as $id_order_detail => $amount_detail) {
$order_detail_list[$id_order_detail]['quantity'] = (int) $_POST['partialRefundProductQuantity'][$id_order_detail];
if (empty($amount_detail)) {
$order_detail = new OrderDetail((int) $id_order_detail);
$order_detail_list[$id_order_detail]['amount'] = $order_detail->unit_price_tax_incl * $order_detail_list[$id_order_detail]['quantity'];
} else {
$order_detail_list[$id_order_detail]['amount'] = (double) str_replace(',', '.', $amount_detail);
}
$amount += $order_detail_list[$id_order_detail]['amount'];
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $order_detail_list[$id_order_detail]['quantity'] > 0) {
$this->reinjectQuantity($order_detail, $order_detail_list[$id_order_detail]['quantity']);
}
}
$shipping_cost_amount = (double) str_replace(',', '.', Tools::getValue('partialRefundShippingCost'));
if ($shipping_cost_amount > 0) {
$amount += $shipping_cost_amount;
}
$order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
if (Validate::isLoadedObject($order_carrier)) {
$order_carrier->weight = (double) $order->getTotalWeight();
if ($order_carrier->update()) {
$order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
}
}
if ($amount > 0) {
if (!OrderSlip::createPartialOrderSlip($order, $amount, $shipping_cost_amount, $order_detail_list)) {
$this->errors[] = Tools::displayError('You cannot generate a partial credit slip.');
}
// Generate voucher
if (Tools::isSubmit('generateDiscountRefund') && !count($this->errors)) {
$cart_rule = new CartRule();
$cart_rule->description = sprintf($this->l('Credit slip for order #%d'), $order->id);
$languages = Language::getLanguages(false);
foreach ($languages as $language) {
// Define a temporary name
$cart_rule->name[$language['id_lang']] = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
}
// Define a temporary code
$cart_rule->code = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
$cart_rule->quantity = 1;
$cart_rule->quantity_per_user = 1;
// Specific to the customer
$cart_rule->id_customer = $order->id_customer;
$now = time();
$cart_rule->date_from = date('Y-m-d H:i:s', $now);
$cart_rule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
/* 1 year */
$cart_rule->partial_use = 1;
$cart_rule->active = 1;
$cart_rule->reduction_amount = $amount;
$cart_rule->reduction_tax = true;
$cart_rule->minimum_amount_currency = $order->id_currency;
$cart_rule->reduction_currency = $order->id_currency;
if (!$cart_rule->add()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
// Update the voucher code and name
foreach ($languages as $language) {
$cart_rule->name[$language['id_lang']] = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
}
$cart_rule->code = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
if (!$cart_rule->update()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
$currency = $this->context->currency;
$customer = new Customer((int) $order->id_customer);
$params['{lastname}'] = $customer->lastname;
$params['{firstname}'] = $customer->firstname;
$params['{id_order}'] = $order->id;
$params['{order_name}'] = $order->getUniqReference();
$params['{voucher_amount}'] = Tools::displayPrice($cart_rule->reduction_amount, $currency, false);
$params['{voucher_num}'] = $cart_rule->code;
$customer = new Customer((int) $order->id_customer);
@Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
}
} else {
$this->errors[] = Tools::displayError('You have to enter an amount if you want to create a partial credit slip.');
}
// Redirect if no errors
if (!count($this->errors)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=30&token=' . $this->token);
}
} else {
$this->errors[] = Tools::displayError('The partial refund data is incorrect.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('cancelProduct') && isset($order)) {
if ($this->tabAccess['delete'] === '1') {
if (!Tools::isSubmit('id_order_detail') && !Tools::isSubmit('id_customization')) {
$this->errors[] = Tools::displayError('You must select a product.');
} elseif (!Tools::isSubmit('cancelQuantity') && !Tools::isSubmit('cancelCustomizationQuantity')) {
$this->errors[] = Tools::displayError('You must enter a quantity.');
} else {
$productList = Tools::getValue('id_order_detail');
if ($productList) {
$productList = array_map('intval', $productList);
}
$customizationList = Tools::getValue('id_customization');
if ($customizationList) {
$customizationList = array_map('intval', $customizationList);
}
$qtyList = Tools::getValue('cancelQuantity');
if ($qtyList) {
$qtyList = array_map('intval', $qtyList);
}
$customizationQtyList = Tools::getValue('cancelCustomizationQuantity');
if ($customizationQtyList) {
$customizationQtyList = array_map('intval', $customizationQtyList);
}
$full_product_list = $productList;
$full_quantity_list = $qtyList;
if ($customizationList) {
foreach ($customizationList as $key => $id_order_detail) {
$full_product_list[(int) $id_order_detail] = $id_order_detail;
if (isset($customizationQtyList[$key])) {
$full_quantity_list[(int) $id_order_detail] += $customizationQtyList[$key];
}
}
}
if ($productList || $customizationList) {
if ($productList) {
$id_cart = Cart::getCartIdByOrderId($order->id);
$customization_quantities = Customization::countQuantityByCart($id_cart);
foreach ($productList as $key => $id_order_detail) {
$qtyCancelProduct = abs($qtyList[$key]);
if (!$qtyCancelProduct) {
$this->errors[] = Tools::displayError('No quantity has been selected for this product.');
}
$order_detail = new OrderDetail($id_order_detail);
$customization_quantity = 0;
if (array_key_exists($order_detail->product_id, $customization_quantities) && array_key_exists($order_detail->product_attribute_id, $customization_quantities[$order_detail->product_id])) {
$customization_quantity = (int) $customization_quantities[$order_detail->product_id][$order_detail->product_attribute_id];
}
if ($order_detail->product_quantity - $customization_quantity - $order_detail->product_quantity_refunded - $order_detail->product_quantity_return < $qtyCancelProduct) {
$this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
}
}
}
if ($customizationList) {
$customization_quantities = Customization::retrieveQuantitiesFromIds(array_keys($customizationList));
foreach ($customizationList as $id_customization => $id_order_detail) {
$qtyCancelProduct = abs($customizationQtyList[$id_customization]);
$customization_quantity = $customization_quantities[$id_customization];
if (!$qtyCancelProduct) {
$this->errors[] = Tools::displayError('No quantity has been selected for this product.');
}
if ($qtyCancelProduct > $customization_quantity['quantity'] - ($customization_quantity['quantity_refunded'] + $customization_quantity['quantity_returned'])) {
$this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
}
}
}
if (!count($this->errors) && $productList) {
foreach ($productList as $key => $id_order_detail) {
$qty_cancel_product = abs($qtyList[$key]);
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $qty_cancel_product > 0) {
$this->reinjectQuantity($order_detail, $qty_cancel_product);
}
// Delete product
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->deleteProduct($order, $order_detail, $qty_cancel_product)) {
$this->errors[] = Tools::displayError('An error occurred while attempting to delete the product.') . ' <span class="bold">' . $order_detail->product_name . '</span>';
}
// Update weight SUM
$order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
if (Validate::isLoadedObject($order_carrier)) {
$order_carrier->weight = (double) $order->getTotalWeight();
if ($order_carrier->update()) {
$order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
}
}
Hook::exec('actionProductCancel', array('order' => $order, 'id_order_detail' => (int) $id_order_detail), null, false, true, false, $order->id_shop);
}
}
if (!count($this->errors) && $customizationList) {
foreach ($customizationList as $id_customization => $id_order_detail) {
$order_detail = new OrderDetail((int) $id_order_detail);
$qtyCancelProduct = abs($customizationQtyList[$id_customization]);
if (!$order->deleteCustomization($id_customization, $qtyCancelProduct, $order_detail)) {
$this->errors[] = Tools::displayError('An error occurred while attempting to delete product customization.') . ' ' . $id_customization;
}
}
}
// E-mail params
if ((Tools::isSubmit('generateCreditSlip') || Tools::isSubmit('generateDiscount')) && !count($this->errors)) {
$customer = new Customer((int) $order->id_customer);
$params['{lastname}'] = $customer->lastname;
$params['{firstname}'] = $customer->firstname;
$params['{id_order}'] = $order->id;
$params['{order_name}'] = $order->getUniqReference();
}
// Generate credit slip
if (Tools::isSubmit('generateCreditSlip') && !count($this->errors)) {
if (!OrderSlip::createOrderSlip($order, $full_product_list, $full_quantity_list, Tools::isSubmit('shippingBack'))) {
$this->errors[] = Tools::displayError('A credit slip cannot be generated. ');
} else {
Hook::exec('actionOrderSlipAdd', array('order' => $order, 'productList' => $full_product_list, 'qtyList' => $full_quantity_list), null, false, true, false, $order->id_shop);
@Mail::Send((int) $order->id_lang, 'credit_slip', Mail::l('New credit slip regarding your order', (int) $order->id_lang), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
// Generate voucher
if (Tools::isSubmit('generateDiscount') && !count($this->errors)) {
$cartrule = new CartRule();
$languages = Language::getLanguages($order);
$cartrule->description = sprintf($this->l('Credit card slip for order #%d'), $order->id);
foreach ($languages as $language) {
// Define a temporary name
$cartrule->name[$language['id_lang']] = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
}
// Define a temporary code
$cartrule->code = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
$cartrule->quantity = 1;
$cartrule->quantity_per_user = 1;
// Specific to the customer
$cartrule->id_customer = $order->id_customer;
$now = time();
$cartrule->date_from = date('Y-m-d H:i:s', $now);
$cartrule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
/* 1 year */
$cartrule->active = 1;
$products = $order->getProducts(false, $full_product_list, $full_quantity_list);
$total = 0;
foreach ($products as $product) {
$total += $product['unit_price_tax_incl'] * $product['product_quantity'];
}
if (Tools::isSubmit('shippingBack')) {
$total += $order->total_shipping;
}
$cartrule->reduction_amount = $total;
$cartrule->reduction_tax = true;
$cartrule->minimum_amount_currency = $order->id_currency;
$cartrule->reduction_currency = $order->id_currency;
if (!$cartrule->add()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
// Update the voucher code and name
foreach ($languages as $language) {
$cartrule->name[$language['id_lang']] = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
}
$cartrule->code = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
if (!$cartrule->update()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
$currency = $this->context->currency;
$params['{voucher_amount}'] = Tools::displayPrice($cartrule->reduction_amount, $currency, false);
$params['{voucher_num}'] = $cartrule->code;
@Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
}
} else {
$this->errors[] = Tools::displayError('No product or quantity has been selected.');
}
// Redirect if no errors
if (!count($this->errors)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=31&token=' . $this->token);
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('messageReaded')) {
Message::markAsReaded(Tools::getValue('messageReaded'), $this->context->employee->id);
} elseif (Tools::isSubmit('submitAddPayment') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$amount = str_replace(',', '.', Tools::getValue('payment_amount'));
$currency = new Currency(Tools::getValue('payment_currency'));
$order_has_invoice = $order->hasInvoice();
if ($order_has_invoice) {
$order_invoice = new OrderInvoice(Tools::getValue('payment_invoice'));
} else {
$order_invoice = null;
}
if (!Validate::isLoadedObject($order)) {
$this->errors[] = Tools::displayError('The order cannot be found');
} elseif (!Validate::isNegativePrice($amount) || !(double) $amount) {
$this->errors[] = Tools::displayError('The amount is invalid.');
} elseif (!Validate::isGenericName(Tools::getValue('payment_method'))) {
$this->errors[] = Tools::displayError('The selected payment method is invalid.');
} elseif (!Validate::isString(Tools::getValue('payment_transaction_id'))) {
$this->errors[] = Tools::displayError('The transaction ID is invalid.');
} elseif (!Validate::isLoadedObject($currency)) {
$this->errors[] = Tools::displayError('The selected currency is invalid.');
} elseif ($order_has_invoice && !Validate::isLoadedObject($order_invoice)) {
$this->errors[] = Tools::displayError('The invoice is invalid.');
} elseif (!Validate::isDate(Tools::getValue('payment_date'))) {
$this->errors[] = Tools::displayError('The date is invalid');
} else {
if (!$order->addOrderPayment($amount, Tools::getValue('payment_method'), Tools::getValue('payment_transaction_id'), $currency, Tools::getValue('payment_date'), $order_invoice)) {
$this->errors[] = Tools::displayError('An error occurred during payment.');
} else {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitEditNote')) {
$note = Tools::getValue('note');
$order_invoice = new OrderInvoice((int) Tools::getValue('id_order_invoice'));
if (Validate::isLoadedObject($order_invoice) && Validate::isCleanHtml($note)) {
if ($this->tabAccess['edit'] === '1') {
$order_invoice->note = $note;
if ($order_invoice->save()) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order_invoice->id_order . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('The invoice note was not saved.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} else {
$this->errors[] = Tools::displayError('The invoice for edit note was unable to load. ');
}
} elseif (Tools::isSubmit('submitAddOrder') && ($id_cart = Tools::getValue('id_cart')) && ($module_name = Tools::getValue('payment_module_name')) && ($id_order_state = Tools::getValue('id_order_state')) && Validate::isModuleName($module_name)) {
if ($this->tabAccess['edit'] === '1') {
$payment_module = Module::getInstanceByName($module_name);
$cart = new Cart((int) $id_cart);
Context::getContext()->currency = new Currency((int) $cart->id_currency);
Context::getContext()->customer = new Customer((int) $cart->id_customer);
$employee = new Employee((int) Context::getContext()->cookie->id_employee);
$payment_module->validateOrder((int) $cart->id, (int) $id_order_state, $cart->getOrderTotal(true, Cart::BOTH), $payment_module->displayName, $this->l('Manual order -- Employee:') . ' ' . substr($employee->firstname, 0, 1) . '. ' . $employee->lastname, array(), null, false, $cart->secure_key);
if ($payment_module->currentOrder) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $payment_module->currentOrder . '&vieworder' . '&token=' . $this->token);
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to add this.');
}
} elseif ((Tools::isSubmit('submitAddressShipping') || Tools::isSubmit('submitAddressInvoice')) && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$address = new Address(Tools::getValue('id_address'));
if (Validate::isLoadedObject($address)) {
// Update the address on order
if (Tools::isSubmit('submitAddressShipping')) {
$order->id_address_delivery = $address->id;
} elseif (Tools::isSubmit('submitAddressInvoice')) {
$order->id_address_invoice = $address->id;
}
$order->update();
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('This address can\'t be loaded');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitChangeCurrency') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
if (Tools::getValue('new_currency') != $order->id_currency && !$order->valid) {
$old_currency = new Currency($order->id_currency);
$currency = new Currency(Tools::getValue('new_currency'));
if (!Validate::isLoadedObject($currency)) {
throw new PrestaShopException('Can\'t load Currency object');
}
// Update order detail amount
foreach ($order->getOrderDetailList() as $row) {
$order_detail = new OrderDetail($row['id_order_detail']);
$fields = array('ecotax', 'product_price', 'reduction_amount', 'total_shipping_price_tax_excl', 'total_shipping_price_tax_incl', 'total_price_tax_incl', 'total_price_tax_excl', 'product_quantity_discount', 'purchase_supplier_price', 'reduction_amount', 'reduction_amount_tax_incl', 'reduction_amount_tax_excl', 'unit_price_tax_incl', 'unit_price_tax_excl', 'original_product_price');
foreach ($fields as $field) {
$order_detail->{$field} = Tools::convertPriceFull($order_detail->{$field}, $old_currency, $currency);
}
$order_detail->update();
$order_detail->updateTaxAmount($order);
}
$id_order_carrier = (int) $order->getIdOrderCarrier();
if ($id_order_carrier) {
$order_carrier = $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
$order_carrier->shipping_cost_tax_excl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_excl, $old_currency, $currency);
$order_carrier->shipping_cost_tax_incl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_incl, $old_currency, $currency);
$order_carrier->update();
}
// Update order && order_invoice amount
$fields = array('total_discounts', 'total_discounts_tax_incl', 'total_discounts_tax_excl', 'total_discount_tax_excl', 'total_discount_tax_incl', 'total_paid', 'total_paid_tax_incl', 'total_paid_tax_excl', 'total_paid_real', 'total_products', 'total_products_wt', 'total_shipping', 'total_shipping_tax_incl', 'total_shipping_tax_excl', 'total_wrapping', 'total_wrapping_tax_incl', 'total_wrapping_tax_excl');
$invoices = $order->getInvoicesCollection();
if ($invoices) {
foreach ($invoices as $invoice) {
foreach ($fields as $field) {
if (isset($invoice->{$field})) {
$invoice->{$field} = Tools::convertPriceFull($invoice->{$field}, $old_currency, $currency);
}
}
$invoice->save();
}
}
foreach ($fields as $field) {
if (isset($order->{$field})) {
$order->{$field} = Tools::convertPriceFull($order->{$field}, $old_currency, $currency);
}
}
// Update currency in order
$order->id_currency = $currency->id;
// Update exchange rate
$order->conversion_rate = (double) $currency->conversion_rate;
$order->update();
} else {
$this->errors[] = Tools::displayError('You cannot change the currency.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitGenerateInvoice') && isset($order)) {
if (!Configuration::get('PS_INVOICE', null, null, $order->id_shop)) {
$this->errors[] = Tools::displayError('Invoice management has been disabled.');
} elseif ($order->hasInvoice()) {
$this->errors[] = Tools::displayError('This order already has an invoice.');
} else {
$order->setInvoice(true);
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
}
} elseif (Tools::isSubmit('submitDeleteVoucher') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_cart_rule = new OrderCartRule(Tools::getValue('id_order_cart_rule'));
if (Validate::isLoadedObject($order_cart_rule) && $order_cart_rule->id_order == $order->id) {
if ($order_cart_rule->id_order_invoice) {
$order_invoice = new OrderInvoice($order_cart_rule->id_order_invoice);
if (!Validate::isLoadedObject($order_invoice)) {
throw new PrestaShopException('Can\'t load Order Invoice object');
}
// Update amounts of Order Invoice
$order_invoice->total_discount_tax_excl -= $order_cart_rule->value_tax_excl;
$order_invoice->total_discount_tax_incl -= $order_cart_rule->value;
$order_invoice->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
$order_invoice->total_paid_tax_incl += $order_cart_rule->value;
// Update Order Invoice
$order_invoice->update();
}
// Update amounts of order
$order->total_discounts -= $order_cart_rule->value;
$order->total_discounts_tax_incl -= $order_cart_rule->value;
$order->total_discounts_tax_excl -= $order_cart_rule->value_tax_excl;
$order->total_paid += $order_cart_rule->value;
$order->total_paid_tax_incl += $order_cart_rule->value;
$order->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
// Delete Order Cart Rule and update Order
$order_cart_rule->delete();
$order->update();
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('You cannot edit this cart rule.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitNewVoucher') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
if (!Tools::getValue('discount_name')) {
$this->errors[] = Tools::displayError('You must specify a name in order to create a new discount.');
} else {
if ($order->hasInvoice()) {
// If the discount is for only one invoice
if (!Tools::isSubmit('discount_all_invoices')) {
$order_invoice = new OrderInvoice(Tools::getValue('discount_invoice'));
if (!Validate::isLoadedObject($order_invoice)) {
throw new PrestaShopException('Can\'t load Order Invoice object');
}
}
}
$cart_rules = array();
$discount_value = (double) str_replace(',', '.', Tools::getValue('discount_value'));
switch (Tools::getValue('discount_type')) {
// Percent type
case 1:
if ($discount_value < 100) {
if (isset($order_invoice)) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} else {
$cart_rules[0]['value_tax_incl'] = Tools::ps_round($order->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[0]['value_tax_excl'] = Tools::ps_round($order->total_paid_tax_excl * $discount_value / 100, 2);
}
} else {
$this->errors[] = Tools::displayError('The discount value is invalid.');
}
break;
// Amount type
// Amount type
case 2:
if (isset($order_invoice)) {
if ($discount_value > $order_invoice->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.');
} else {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
if ($discount_value > $order_invoice->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.') . $order_invoice->getInvoiceNumberFormatted(Context::getContext()->language->id, (int) $order->id_shop) . ')';
} else {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
}
} else {
if ($discount_value > $order->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order total.');
} else {
$cart_rules[0]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[0]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
}
}
break;
// Free shipping type
// Free shipping type
case 3:
if (isset($order_invoice)) {
if ($order_invoice->total_shipping_tax_incl > 0) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
$cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
if ($order_invoice->total_shipping_tax_incl <= 0) {
continue;
}
$cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
$cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} else {
$cart_rules[0]['value_tax_incl'] = $order->total_shipping_tax_incl;
$cart_rules[0]['value_tax_excl'] = $order->total_shipping_tax_excl;
}
break;
default:
$this->errors[] = Tools::displayError('The discount type is invalid.');
}
$res = true;
foreach ($cart_rules as &$cart_rule) {
$cartRuleObj = new CartRule();
$cartRuleObj->date_from = date('Y-m-d H:i:s', strtotime('-1 hour', strtotime($order->date_add)));
$cartRuleObj->date_to = date('Y-m-d H:i:s', strtotime('+1 hour'));
$cartRuleObj->name[Configuration::get('PS_LANG_DEFAULT')] = Tools::getValue('discount_name');
$cartRuleObj->quantity = 0;
$cartRuleObj->quantity_per_user = 1;
if (Tools::getValue('discount_type') == 1) {
$cartRuleObj->reduction_percent = $discount_value;
} elseif (Tools::getValue('discount_type') == 2) {
$cartRuleObj->reduction_amount = $cart_rule['value_tax_excl'];
} elseif (Tools::getValue('discount_type') == 3) {
$cartRuleObj->free_shipping = 1;
}
$cartRuleObj->active = 0;
if ($res = $cartRuleObj->add()) {
$cart_rule['id'] = $cartRuleObj->id;
} else {
break;
}
}
if ($res) {
foreach ($cart_rules as $id_order_invoice => $cart_rule) {
// Create OrderCartRule
$order_cart_rule = new OrderCartRule();
$order_cart_rule->id_order = $order->id;
$order_cart_rule->id_cart_rule = $cart_rule['id'];
$order_cart_rule->id_order_invoice = $id_order_invoice;
$order_cart_rule->name = Tools::getValue('discount_name');
$order_cart_rule->value = $cart_rule['value_tax_incl'];
$order_cart_rule->value_tax_excl = $cart_rule['value_tax_excl'];
$res &= $order_cart_rule->add();
$order->total_discounts += $order_cart_rule->value;
$order->total_discounts_tax_incl += $order_cart_rule->value;
$order->total_discounts_tax_excl += $order_cart_rule->value_tax_excl;
$order->total_paid -= $order_cart_rule->value;
$order->total_paid_tax_incl -= $order_cart_rule->value;
$order->total_paid_tax_excl -= $order_cart_rule->value_tax_excl;
}
// Update Order
$res &= $order->update();
}
if ($res) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('An error occurred during the OrderCartRule creation');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
}
parent::postProcess();
}
/**
* Start forms process
* @see FrontController::postProcess()
*/
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$fileAttachment = null;
if (isset($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['tmp_name'])) {
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$filename = uniqid() . substr($_FILES['fileUpload']['name'], -5);
$fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::getValue('message');
// Html entities is not usefull, iscleanHtml check there is no bad html tags.
if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
} else {
if (!$message) {
$this->errors[] = Tools::displayError('Message cannot be blank');
} else {
if (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
if (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
$this->errors[] = Tools::displayError('Please select a subject from the list.');
} else {
if (!empty($_FILES['fileUpload']['name']) && $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload');
} else {
if (!empty($_FILES['fileUpload']['name']) && !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) && !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
} else {
$customer = $this->context->customer;
if (!$customer->id) {
$customer->getByEmail($from);
}
$contact = new Contact($id_contact, $this->context->language->id);
if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, (int) Tools::getValue('id_order'))))) {
$fields = Db::getInstance()->executeS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
id_order = ' . (int) Tools::getValue('id_order') . ')');
$score = 0;
foreach ($fields as $key => $row) {
$tmp = 0;
if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
continue;
}
if ($row['id_order'] != 0 && Tools::getValue('id_order') != $row['id_order']) {
continue;
}
if ($row['email'] == $from) {
$tmp += 4;
}
if ($row['id_contact'] == $id_contact) {
$tmp++;
}
if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
$tmp += 2;
}
if ($tmp >= 5 && $tmp >= $score) {
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
ORDER BY cm.date_add DESC');
if ($old_message == $message) {
$this->context->smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if (!empty($contact->email)) {
$id_order = (int) Tools::getValue('id_order', 0);
$order = new Order($id_order);
$mail_var_list = array('{email}' => $from, '{message}' => Tools::nl2br(stripslashes($message)), '{id_order}' => $id_order, '{order_name}' => $order->getUniqReference(), '{attached_file}' => isset($_FILES['fileUpload'], $_FILES['fileUpload']['name']) ? $_FILES['fileUpload']['name'] : '');
if (Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form'), $mail_var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) && Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $mail_var_list, $from)) {
$this->context->smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) $this->context->language->id;
$ct->id_contact = (int) $id_contact;
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
$ct->id_shop = (int) $this->context->shop->id;
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = Tools::htmlentitiesUTF8($message);
if (isset($filename) && rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_ . '../upload/' . $filename)) {
$cm->file_name = $filename;
}
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if ($cm->add()) {
if (empty($contact->email)) {
$var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => stripslashes($message));
if ($ct->id_order) {
$order = new Order($ct->id_order);
$var_list['{order_name}'] = $order->reference;
}
if (isset($filename)) {
$var_list['{attached_file}'] = $_FILES['fileUpload']['name'];
}
Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $var_list, $from);
}
$this->context->smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if (count($this->errors) > 1) {
array_unique($this->errors);
}
}
}
}
}
}
}
}
}
/**
* Start forms process
* @see FrontController::postProcess()
*/
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$file_attachment = Tools::fileAttachment('fileUpload');
$message = Tools::getValue('message');
// Html entities is not usefull, iscleanHtml check there is no bad html tags.
if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid email address.');
} elseif (!$message) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
$this->errors[] = Tools::displayError('Please select a subject from the list provided. ');
} elseif (!empty($file_attachment['name']) && $file_attachment['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file-upload process.');
} elseif (!empty($file_attachment['name']) && !in_array(Tools::strtolower(substr($file_attachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($file_attachment['name'], -5)), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
} else {
$customer = $this->context->customer;
if (!$customer->id) {
$customer->getByEmail($from);
}
$id_order = (int) $this->getOrder();
if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order)))) {
$fields = Db::getInstance()->executeS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
id_order = ' . (int) $id_order . ')');
$score = 0;
foreach ($fields as $key => $row) {
$tmp = 0;
if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
continue;
}
if ($row['id_order'] != 0 && $id_order != $row['id_order']) {
continue;
}
if ($row['email'] == $from) {
$tmp += 4;
}
if ($row['id_contact'] == $id_contact) {
$tmp++;
}
if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
$tmp += 2;
}
if ($tmp >= 5 && $tmp >= $score) {
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
ORDER BY cm.date_add DESC');
if ($old_message == $message) {
$this->context->smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) $this->context->language->id;
$ct->id_contact = (int) $id_contact;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
$ct->id_shop = (int) $this->context->shop->id;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = $message;
if (isset($file_attachment['rename']) && !empty($file_attachment['rename']) && rename($file_attachment['tmp_name'], _PS_UPLOAD_DIR_ . basename($file_attachment['rename']))) {
$cm->file_name = $file_attachment['rename'];
@chmod(_PS_UPLOAD_DIR_ . basename($file_attachment['rename']), 0664);
}
$cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if (!$cm->add()) {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
} else {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
}
if (!count($this->errors)) {
$var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '');
if (isset($file_attachment['name'])) {
$var_list['{attached_file}'] = $file_attachment['name'];
}
$id_product = (int) Tools::getValue('id_product');
if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
$order = new Order((int) $ct->id_order);
$var_list['{order_name}'] = $order->getUniqReference();
$var_list['{id_order}'] = (int) $order->id;
}
if ($id_product) {
$product = new Product((int) $id_product);
if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
$var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
}
}
if (empty($contact->email)) {
Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null, $file_attachment);
} else {
if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form') . ' [no_sync]', $var_list, $contact->email, $contact->name, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $from) || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $contact->email)) {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
}
}
if (count($this->errors) > 1) {
array_unique($this->errors);
} elseif (!count($this->errors)) {
$this->context->smarty->assign('confirmation', 1);
}
}
}
}
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$idOrder = (int) Tools::getValue('id_order');
$msgText = Tools::getValue('msgText');
if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
$this->errors[] = Tools::displayError('The order is no longer valid.');
} elseif (empty($msgText)) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isMessage($msgText)) {
$this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
}
if (!count($this->errors)) {
$order = new Order($idOrder);
if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
$id_product = (int) Tools::getValue('id_product');
$cm = new CustomerMessage();
if (!$id_customer_thread) {
$ct = new CustomerThread();
$ct->id_contact = 0;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
if ($id_product && $order->orderContainProduct((int) $id_product)) {
$ct->id_product = $id_product;
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $this->context->customer->email;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
$ct = new CustomerThread((int) $id_customer_thread);
}
$cm->id_customer_thread = $ct->id;
if ($id_product && $order->orderContainProduct((int) $id_product)) {
$cm->id_product = $id_product;
}
$cm->message = $msgText;
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
$to = strval($to->email);
}
$toName = strval(Configuration::get('PS_SHOP_NAME'));
$customer = $this->context->customer;
$product = new Product($id_product);
$product_name = '';
if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) {
$product_name = $product->name[(int) $this->context->language->id];
}
if (Validate::isLoadedObject($customer)) {
Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText), '{product_name}' => $product_name), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
}
if (Tools::getValue('ajax') != 'true') {
Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
}
$this->context->smarty->assign('message_confirmation', true);
} else {
$this->errors[] = Tools::displayError('Order not found');
}
}
}
if (Tools::isSubmit('markAsReceived')) {
$idOrder = (int) Tools::getValue('id_order');
$order = new Order($idOrder);
if (Validate::isLoadedObject($order)) {
if ($order->getCurrentState() == 15) {
$new_history = new OrderHistory();
$new_history->id_order = (int) $order->id;
$new_history->changeIdOrderState(3, $order);
// 16: Ready for Production
//var_dump($order,$new_history);
$myfile = fopen(PS_PRODUCT_IMG_PATH . "/orders/" . $order->reference . ".txt", "w") or die("Unable to open file!");
$txt = "Order Confirmed\n Order Reference: " . $order->reference;
fwrite($myfile, $txt);
fclose($myfile);
$new_history->addWithemail(true);
}
$this->context->smarty->assign('receipt_confirmation', true);
} else {
$this->_errors[] = Tools::displayError('Error: Invalid order number');
}
}
}
public function postProcess()
{
${${"GLOBALS"}["thtbvco"]} = new Order((int) Tools::getValue("id_order"));
$difdqhzqxl = "id_order_seller";
if (!Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
$this->errors[] = Tools::displayError("Order not found or you do not have permission to view this order.");
return;
}
${"GLOBALS"}["fqitvbmdfl"] = "order";
${${"GLOBALS"}["gfrblyem"]} = AgileSellerManager::getObjectOwnerID("order", $order->id);
${"GLOBALS"}["bsmpehdujqe"] = "id_customer_seller";
${${"GLOBALS"}["taultlaseq"]} = AgileSellerManager::getLinkedSellerID($this->context->customer->id);
$qjwuyezbnwd = "order";
if (${$difdqhzqxl} != ${${"GLOBALS"}["taultlaseq"]} || ${${"GLOBALS"}["gfrblyem"]} <= 0 || ${${"GLOBALS"}["bsmpehdujqe"]} <= 0) {
$this->errors[] = Tools::displayError("You do not have permission to view this order.");
return;
}
if (Tools::isSubmit("submitShippingNumber") && isset(${${"GLOBALS"}["fqitvbmdfl"]})) {
${"GLOBALS"}["mllzihk"] = "order_carrier";
$fdknpwcl = "order_carrier";
${$fdknpwcl} = new OrderCarrier(Tools::getValue("id_order_carrier"));
if (!Validate::isLoadedObject(${${"GLOBALS"}["mllzihk"]})) {
$this->errors[] = Tools::displayError("The order carrier ID is invalid.");
} elseif (!Validate::isTrackingNumber(Tools::getValue("tracking_number"))) {
$this->errors[] = Tools::displayError("The tracking number is incorrect.");
} else {
$order->shipping_number = Tools::getValue("tracking_number");
$order->update();
$order_carrier->tracking_number = pSQL(Tools::getValue("tracking_number"));
if ($order_carrier->update()) {
$qvvnrvmsp = "templateVars";
${${"GLOBALS"}["cdmray"]} = new Customer((int) $order->id_customer);
$ijyvqhqokid = "carrier";
${"GLOBALS"}["mhbtmrqg"] = "templateVars";
${$ijyvqhqokid} = new Carrier((int) $order_carrier->id_carrier, $order->id_lang);
if (!Validate::isLoadedObject(${${"GLOBALS"}["cdmray"]})) {
throw new PrestaShopException("Can't load Customer object");
}
if (!Validate::isLoadedObject(${${"GLOBALS"}["tvqrewgc"]})) {
throw new PrestaShopException("Can't load Carrier object");
}
${${"GLOBALS"}["mhbtmrqg"]} = array("{followup}" => str_replace("@", $order_carrier->tracking_number, $carrier->url), "{firstname}" => $customer->firstname, "{lastname}" => $customer->lastname, "{id_order}" => $order->id, "{shipping_number}" => $order_carrier->tracking_number, "{order_name}" => $order->getUniqReference());
if (@Mail::Send((int) $order->id_lang, "in_transit", Mail::l('Package in transit', (int) $order->id_lang), ${$qvvnrvmsp}, $customer->email, $customer->firstname . " " . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
${"GLOBALS"}["rwzquyb"] = "order";
Hook::exec("actionAdminOrdersTrackingNumberUpdate", array("order" => ${${"GLOBALS"}["rwzquyb"]}, "customer" => ${${"GLOBALS"}["cdmray"]}, "carrier" => ${${"GLOBALS"}["tvqrewgc"]}), null, false, true, false, $order->id_shop);
} else {
$this->errors[] = Tools::displayError("An error occurred while sending an email to the customer.");
}
} else {
$this->errors[] = Tools::displayError("The order carrier cannot be updated.");
}
}
} elseif (Tools::isSubmit("submitState") && isset(${$qjwuyezbnwd})) {
${${"GLOBALS"}["bfrxhizen"]} = new OrderState(Tools::getValue("id_order_state"));
if (!Validate::isLoadedObject(${${"GLOBALS"}["bfrxhizen"]})) {
$this->errors[] = Tools::displayError("Invalid new order status");
} else {
${${"GLOBALS"}["rxsllerec"]} = $order->getCurrentOrderState();
if ($current_order_state->id != $order_state->id) {
$heccerkhiwt = "history";
${$heccerkhiwt} = new OrderHistory();
${"GLOBALS"}["uynetoegv"] = "templateVars";
$vriwvgqg = "templateVars";
$history->id_order = $order->id;
$history->id_employee = 1;
$history->changeIdOrderState($order_state->id, $order->id);
${${"GLOBALS"}["tvqrewgc"]} = new Carrier($order->id_carrier, $order->id_lang);
${$vriwvgqg} = array();
if ($history->id_order_state == Configuration::get("PS_OS_SHIPPING") && $order->shipping_number) {
${${"GLOBALS"}["nkwobosfw"]} = array("{followup}" => str_replace("@", $order->shipping_number, $carrier->url));
} elseif ($history->id_order_state == Configuration::get("PS_OS_CHEQUE")) {
${${"GLOBALS"}["nkwobosfw"]} = array("{cheque_name}" => Configuration::get("CHEQUE_NAME") ? Configuration::get("CHEQUE_NAME") : "", "{cheque_address_html}" => Configuration::get("CHEQUE_ADDRESS") ? nl2br(Configuration::get("CHEQUE_ADDRESS")) : "");
} elseif ($history->id_order_state == Configuration::get("PS_OS_BANKWIRE")) {
${${"GLOBALS"}["nkwobosfw"]} = array("{bankwire_owner}" => Configuration::get("BANK_WIRE_OWNER") ? Configuration::get("BANK_WIRE_OWNER") : "", "{bankwire_details}" => Configuration::get("BANK_WIRE_DETAILS") ? nl2br(Configuration::get("BANK_WIRE_DETAILS")) : "", "{bankwire_address}" => Configuration::get("BANK_WIRE_ADDRESS") ? nl2br(Configuration::get("BANK_WIRE_ADDRESS")) : "");
}
if (!$history->addWithemail(true, ${${"GLOBALS"}["uynetoegv"]})) {
$this->errors[] = Tools::displayError("An error occurred while changing the status or was unable to send e-mail to the customer.");
}
} else {
$this->errors[] = Tools::displayError("This order is already assigned this status");
}
}
if (empty($this->errors)) {
self::$smarty->assign("cfmmsg_flag", 1);
}
}
if (Tools::isSubmit("submitMessage")) {
$ipovlstkh = "idOrder";
${${"GLOBALS"}["pfwbejwlah"]} = (int) Tools::getValue("id_order");
${${"GLOBALS"}["nioumgdgj"]} = Tools::getValue("msgText");
${"GLOBALS"}["tumvnnp"] = "msgText";
if (!${${"GLOBALS"}["pfwbejwlah"]} || !Validate::isUnsignedId(${$ipovlstkh})) {
$this->errors[] = Tools::displayError("Order is no longer valid");
} else {
if (empty(${${"GLOBALS"}["nioumgdgj"]})) {
$this->errors[] = Tools::displayError("Message cannot be blank");
} else {
if (!Validate::isMessage(${${"GLOBALS"}["tumvnnp"]})) {
$this->errors[] = Tools::displayError("Message is invalid (HTML is not allowed)");
}
}
}
if (!count($this->errors)) {
$svycwjflohh = "idOrder";
${${"GLOBALS"}["thtbvco"]} = new Order(${$svycwjflohh});
if (Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
${"GLOBALS"}["pcdbkuo"] = "cm";
${"GLOBALS"}["qejrcjwlidu"] = "to";
${${"GLOBALS"}["nbpumdloal"]} = new Employee();
$iilmenu = "seller";
${$iilmenu} = $emp->getbyEmail($this->context->customer->email);
$ucwaikq = "customer";
${$ucwaikq} = new Customer($order->id_customer);
${${"GLOBALS"}["ryhapbx"]} = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
${"GLOBALS"}["pnxcso"] = "id_customer_thread";
${${"GLOBALS"}["pcdbkuo"]} = new CustomerMessage();
${"GLOBALS"}["csptele"] = "ct";
$pykymotfmtq = "fromName";
if (!${${"GLOBALS"}["pnxcso"]}) {
${"GLOBALS"}["azdvluwhw"] = "id_product";
${"GLOBALS"}["fpmtmpmcoy"] = "id_product";
$vckfnym = "id_product";
${${"GLOBALS"}["docrub"]} = new CustomerThread();
$ct->id_contact = 2;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
${$vckfnym} = (int) Tools::getValue("id_product");
if (${${"GLOBALS"}["fxogbxc"]} && $order->orderContainProduct(${${"GLOBALS"}["azdvluwhw"]})) {
$ct->id_product = ${${"GLOBALS"}["fpmtmpmcoy"]};
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $customer->email;
$ct->status = "open";
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
${${"GLOBALS"}["csptele"]} = new CustomerThread((int) ${${"GLOBALS"}["ryhapbx"]});
}
$qlkkcochivs = "msgText";
$cm->id_customer_thread = $ct->id;
$cm->message = ${${"GLOBALS"}["nioumgdgj"]};
$cm->ip_address = ip2long($_SERVER["REMOTE_ADDR"]);
$cm->id_employee = $seller->id;
$cm->add();
$mwsicth = "fromName";
${"GLOBALS"}["lhbflpuhi"] = "customer";
${${"GLOBALS"}["oatuem"]} = $customer->email;
${${"GLOBALS"}["xtxkthxeqll"]} = $customer->firstname . " " . $customer->lastname;
${${"GLOBALS"}["sormbzxw"]} = $seller->email;
${$mwsicth} = $seller->firstname . " " . $seller->lastname;
if (Validate::isLoadedObject(${${"GLOBALS"}["lhbflpuhi"]})) {
Mail::Send($this->context->language->id, "order_merchant_comment", Mail::l('Message from a seller'), array("{lastname}" => $customer->lastname, "{firstname}" => $customer->firstname, "{email}" => $customer->email, "{id_order}" => (int) $order->id, "{order_name}" => $order->getUniqReference(), "{message}" => Tools::nl2br(${$qlkkcochivs})), ${${"GLOBALS"}["qejrcjwlidu"]}, ${${"GLOBALS"}["xtxkthxeqll"]}, ${${"GLOBALS"}["sormbzxw"]}, ${$pykymotfmtq});
}
} else {
$this->errors[] = Tools::displayError("Order not found");
}
}
}
}
public function saveContact()
{
$message = Tools::getValue('message');
// Html entities is not usefull, iscleanHtml check there is no bad html tags.
if (!($from = trim(Tools::getValue('email'))) || !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid email address.');
} elseif (!$message) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
$this->errors[] = Tools::displayError('Please select a subject from the list provided. ');
} else {
$customer = $this->context->customer;
if (!$customer->id) {
$customer->getByEmail($from);
}
$id_order = (int) $this->getOrder();
if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order)))) {
$fields = Db::getInstance()->executeS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
id_order = ' . (int) $id_order . ')');
$score = 0;
foreach ($fields as $key => $row) {
$tmp = 0;
if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
continue;
}
if ($row['id_order'] != 0 && $id_order != $row['id_order']) {
continue;
}
if ($row['email'] == $from) {
$tmp += 4;
}
if ($row['id_contact'] == $id_contact) {
$tmp++;
}
if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
$tmp += 2;
}
if ($tmp >= 5 && $tmp >= $score) {
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
ORDER BY cm.date_add DESC');
if ($old_message == $message) {
$this->context->smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) $this->context->language->id;
$ct->id_contact = (int) $id_contact;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
$ct->id_shop = (int) $this->context->shop->id;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = $message;
$cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if (!$cm->add()) {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
} else {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
}
if (!count($this->errors)) {
$var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '');
if (isset($file_attachment['name'])) {
$var_list['{attached_file}'] = $file_attachment['name'];
}
$id_product = (int) Tools::getValue('id_product');
if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
$order = new Order((int) $ct->id_order);
$var_list['{order_name}'] = $order->getUniqReference();
$var_list['{id_order}'] = (int) $order->id;
}
if ($id_product) {
$product = new Product((int) $id_product);
if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
$var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
}
}
if (empty($contact->email)) {
Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null);
} else {
if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form') . ' [no_sync]', $var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '') || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, $contact->email, $contact->name)) {
$this->errors[] = Tools::displayError('An error occurred while sending the message.');
}
}
}
$response = new stdClass();
if ($this->errors) {
$response->status = '0';
$response->msg = implode('<br />', $this->errors);
} else {
$response->status = 1;
$response->msg = "Send message success!";
}
die(Tools::jsonEncode($response));
/*
if (count($this->errors) > 1)
array_unique($this->errors);
elseif (!count($this->errors))
$this->context->smarty->assign('confirmation', 1);
*
*/
}
}
public function sendMessage()
{
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$file_attachment = Tools::fileAttachment('fileUpload');
$message = Tools::getValue('message');
if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
$this->context->controller->errors[] = $this->l('Invalid email address.');
} elseif (!$message) {
$this->context->controller->errors[] = $this->l('The message cannot be blank.');
} elseif (!Validate::isCleanHtml($message)) {
$this->context->controller->errors[] = $this->l('Invalid message');
} elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
$this->context->controller->errors[] = $this->l('Please select a subject from the list provided. ');
} elseif (!empty($file_attachment['name']) && $file_attachment['error'] != 0) {
$this->context->controller->errors[] = $this->l('An error occurred during the file-upload process.');
} elseif (!empty($file_attachment['name']) && !in_array(Tools::strtolower(substr($file_attachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($file_attachment['name'], -5)), $extension)) {
$this->context->controller->errors[] = $this->l('Bad file extension');
} else {
$customer = $this->context->customer;
if (!$customer->id) {
$customer->getByEmail($from);
}
$id_order = (int) Tools::getValue('id_order');
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order);
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) $this->context->language->id;
$ct->id_contact = (int) $id_contact;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
$ct->id_shop = (int) $this->context->shop->id;
$ct->id_order = (int) $id_order;
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$lastMessage = CustomerMessage::getLastMessageForCustomerThread($ct->id);
$testFileUpload = isset($file_attachment['rename']) && !empty($file_attachment['rename']);
// if last message is the same as new message (and no file upload), do not consider this contact
if ($lastMessage != $message || $testFileUpload) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = $message;
if ($testFileUpload && rename($file_attachment['tmp_name'], _PS_UPLOAD_DIR_ . basename($file_attachment['rename']))) {
$cm->file_name = $file_attachment['rename'];
@chmod(_PS_UPLOAD_DIR_ . basename($file_attachment['rename']), 0664);
}
$cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if (!$cm->add()) {
$this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
}
} else {
$mailAlreadySend = true;
}
} else {
$this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
}
}
if (!count($this->context->controller->errors) && empty($mailAlreadySend)) {
$var_list = ['{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => ''];
if (isset($file_attachment['name'])) {
$var_list['{attached_file}'] = $file_attachment['name'];
}
$id_product = (int) Tools::getValue('id_product');
if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
$order = new Order((int) $ct->id_order);
$var_list['{order_name}'] = $order->getUniqReference();
$var_list['{id_order}'] = (int) $order->id;
}
if ($id_product) {
$product = new Product((int) $id_product);
if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
$var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
}
}
if (empty($contact->email)) {
Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? $this->trans('Your message has been correctly sent #ct%thread_id% #tc%thread_token%', array('%thread_id%' => $ct->id, '%thread_token%' => $ct->token), 'Emails.Subject') : $this->trans('Your message has been correctly sent', array(), 'Emails.Subject'), $var_list, $from, null, null, null, $file_attachment);
} else {
if (!Mail::Send($this->context->language->id, 'contact', $this->trans('Message from contact form', array(), 'Emails.Subject') . ' [no_sync]', $var_list, $contact->email, $contact->name, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $from) || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? $this->trans('Your message has been correctly sent #ct%thread_id% #tc%thread_token%', array('%thread_id%' => $ct->id, '%thread_token%' => $ct->token), 'Emails.Subject') : $this->trans('Your message has been correctly sent', array(), 'Emails.Subject'), $var_list, $from, null, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $contact->email)) {
$this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
}
}
}
if (!count($this->context->controller->errors)) {
$this->context->controller->success[] = $this->l('Your message has been successfully sent to our team.');
}
}
}
