예제 #1
0
 /**
  * Start forms process
  * @see FrontController::postProcess()
  */
 public function postProcess()
 {
     if (Tools::isSubmit('submitMessage')) {
         $idOrder = (int) Tools::getValue('id_order');
         $msgText = Tools::getValue('msgText');
         if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
             $this->errors[] = Tools::displayError('The order is no longer valid.');
         } elseif (empty($msgText)) {
             $this->errors[] = Tools::displayError('The message cannot be blank.');
         } elseif (!Validate::isMessage($msgText)) {
             $this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
         }
         if (!count($this->errors)) {
             $order = new Order($idOrder);
             if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
                 //check if a thread already exist
                 $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
                 $cm = new CustomerMessage();
                 if (!$id_customer_thread) {
                     $ct = new CustomerThread();
                     $ct->id_contact = 0;
                     $ct->id_customer = (int) $order->id_customer;
                     $ct->id_shop = (int) $this->context->shop->id;
                     if (($id_product = (int) Tools::getValue('id_product')) && $order->orderContainProduct((int) $id_product)) {
                         $ct->id_product = $id_product;
                     }
                     $ct->id_order = (int) $order->id;
                     $ct->id_lang = (int) $this->context->language->id;
                     $ct->email = $this->context->customer->email;
                     $ct->status = 'open';
                     $ct->token = Tools::passwdGen(12);
                     $ct->add();
                 } else {
                     $ct = new CustomerThread((int) $id_customer_thread);
                 }
                 $cm->id_customer_thread = $ct->id;
                 $cm->message = $msgText;
                 $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
                 $cm->add();
                 if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
                     $to = strval(Configuration::get('PS_SHOP_EMAIL'));
                 } else {
                     $to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
                     $to = strval($to->email);
                 }
                 $toName = strval(Configuration::get('PS_SHOP_NAME'));
                 $customer = $this->context->customer;
                 if (Validate::isLoadedObject($customer)) {
                     Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText)), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
                 }
                 if (Tools::getValue('ajax') != 'true') {
                     Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
                 }
                 $this->context->smarty->assign('message_confirmation', true);
             } else {
                 $this->errors[] = Tools::displayError('Order not found');
             }
         }
     }
 }
예제 #2
0
 public function postProcess()
 {
     // If id_order is sent, we instanciate a new Order object
     if (Tools::isSubmit('id_order') && Tools::getValue('id_order') > 0) {
         $order = new Order(Tools::getValue('id_order'));
         if (!Validate::isLoadedObject($order)) {
             $this->errors[] = Tools::displayError('The order cannot be found within your database.');
         }
         ShopUrl::cacheMainDomainForShop((int) $order->id_shop);
     }
     /* Update shipping number */
     if (Tools::isSubmit('submitShippingNumber') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $order_carrier = new OrderCarrier(Tools::getValue('id_order_carrier'));
             if (!Validate::isLoadedObject($order_carrier)) {
                 $this->errors[] = Tools::displayError('The order carrier ID is invalid.');
             } elseif (!Validate::isTrackingNumber(Tools::getValue('tracking_number'))) {
                 $this->errors[] = Tools::displayError('The tracking number is incorrect.');
             } else {
                 // update shipping number
                 // Keep these two following lines for backward compatibility, remove on 1.6 version
                 $order->shipping_number = Tools::getValue('tracking_number');
                 $order->update();
                 // Update order_carrier
                 $order_carrier->tracking_number = pSQL(Tools::getValue('tracking_number'));
                 if ($order_carrier->update()) {
                     // Send mail to customer
                     $customer = new Customer((int) $order->id_customer);
                     $carrier = new Carrier((int) $order->id_carrier, $order->id_lang);
                     if (!Validate::isLoadedObject($customer)) {
                         throw new PrestaShopException('Can\'t load Customer object');
                     }
                     if (!Validate::isLoadedObject($carrier)) {
                         throw new PrestaShopException('Can\'t load Carrier object');
                     }
                     $templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url), '{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{id_order}' => $order->id, '{shipping_number}' => $order->shipping_number, '{order_name}' => $order->getUniqReference());
                     if (@Mail::Send((int) $order->id_lang, 'in_transit', Mail::l('Package in transit', (int) $order->id_lang), $templateVars, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
                         Hook::exec('actionAdminOrdersTrackingNumberUpdate', array('order' => $order, 'customer' => $customer, 'carrier' => $carrier), null, false, true, false, $order->id_shop);
                         Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
                     } else {
                         $this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
                     }
                 } else {
                     $this->errors[] = Tools::displayError('The order carrier cannot be updated.');
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitState') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $order_state = new OrderState(Tools::getValue('id_order_state'));
             if (!Validate::isLoadedObject($order_state)) {
                 $this->errors[] = Tools::displayError('The new order status is invalid.');
             } else {
                 $current_order_state = $order->getCurrentOrderState();
                 if ($current_order_state->id != $order_state->id) {
                     // Create new OrderHistory
                     $history = new OrderHistory();
                     $history->id_order = $order->id;
                     $history->id_employee = (int) $this->context->employee->id;
                     $use_existings_payment = false;
                     if (!$order->hasInvoice()) {
                         $use_existings_payment = true;
                     }
                     $history->changeIdOrderState((int) $order_state->id, $order, $use_existings_payment);
                     $carrier = new Carrier($order->id_carrier, $order->id_lang);
                     $templateVars = array();
                     if ($history->id_order_state == Configuration::get('PS_OS_SHIPPING') && $order->shipping_number) {
                         $templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url));
                     }
                     // Save all changes
                     if ($history->addWithemail(true, $templateVars)) {
                         // synchronizes quantities if needed..
                         if (Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT')) {
                             foreach ($order->getProducts() as $product) {
                                 if (StockAvailable::dependsOnStock($product['product_id'])) {
                                     StockAvailable::synchronize($product['product_id'], (int) $product['id_shop']);
                                 }
                             }
                         }
                         Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&token=' . $this->token);
                     }
                     $this->errors[] = Tools::displayError('An error occurred while changing order status, or we were unable to send an email to the customer.');
                 } else {
                     $this->errors[] = Tools::displayError('The order has already been assigned this status.');
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitMessage') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $customer = new Customer(Tools::getValue('id_customer'));
             if (!Validate::isLoadedObject($customer)) {
                 $this->errors[] = Tools::displayError('The customer is invalid.');
             } elseif (!Tools::getValue('message')) {
                 $this->errors[] = Tools::displayError('The message cannot be blank.');
             } else {
                 /* Get message rules and and check fields validity */
                 $rules = call_user_func(array('Message', 'getValidationRules'), 'Message');
                 foreach ($rules['required'] as $field) {
                     if (($value = Tools::getValue($field)) == false && (string) $value != '0') {
                         if (!Tools::getValue('id_' . $this->table) || $field != 'passwd') {
                             $this->errors[] = sprintf(Tools::displayError('field %s is required.'), $field);
                         }
                     }
                 }
                 foreach ($rules['size'] as $field => $maxLength) {
                     if (Tools::getValue($field) && Tools::strlen(Tools::getValue($field)) > $maxLength) {
                         $this->errors[] = sprintf(Tools::displayError('field %1$s is too long (%2$d chars max).'), $field, $maxLength);
                     }
                 }
                 foreach ($rules['validate'] as $field => $function) {
                     if (Tools::getValue($field)) {
                         if (!Validate::$function(htmlentities(Tools::getValue($field), ENT_COMPAT, 'UTF-8'))) {
                             $this->errors[] = sprintf(Tools::displayError('field %s is invalid.'), $field);
                         }
                     }
                 }
                 if (!count($this->errors)) {
                     //check if a thread already exist
                     $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
                     if (!$id_customer_thread) {
                         $customer_thread = new CustomerThread();
                         $customer_thread->id_contact = 0;
                         $customer_thread->id_customer = (int) $order->id_customer;
                         $customer_thread->id_shop = (int) $this->context->shop->id;
                         $customer_thread->id_order = (int) $order->id;
                         $customer_thread->id_lang = (int) $this->context->language->id;
                         $customer_thread->email = $customer->email;
                         $customer_thread->status = 'open';
                         $customer_thread->token = Tools::passwdGen(12);
                         $customer_thread->add();
                     } else {
                         $customer_thread = new CustomerThread((int) $id_customer_thread);
                     }
                     $customer_message = new CustomerMessage();
                     $customer_message->id_customer_thread = $customer_thread->id;
                     $customer_message->id_employee = (int) $this->context->employee->id;
                     $customer_message->message = Tools::getValue('message');
                     $customer_message->private = Tools::getValue('visibility');
                     if (!$customer_message->add()) {
                         $this->errors[] = Tools::displayError('An error occurred while saving the message.');
                     } elseif ($customer_message->private) {
                         Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&conf=11&token=' . $this->token);
                     } else {
                         $message = $customer_message->message;
                         if (Configuration::get('PS_MAIL_TYPE', null, null, $order->id_shop) != Mail::TYPE_TEXT) {
                             $message = Tools::nl2br($customer_message->message);
                         }
                         $varsTpl = array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{id_order}' => $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => $message);
                         if (@Mail::Send((int) $order->id_lang, 'order_merchant_comment', Mail::l('New message regarding your order', (int) $order->id_lang), $varsTpl, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
                             Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=11' . '&token=' . $this->token);
                         }
                     }
                     $this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to delete this.');
         }
     } elseif (Tools::isSubmit('partialRefund') && isset($order)) {
         if ($this->tabAccess['edit'] == '1') {
             if (is_array($_POST['partialRefundProduct'])) {
                 $amount = 0;
                 $order_detail_list = array();
                 foreach ($_POST['partialRefundProduct'] as $id_order_detail => $amount_detail) {
                     $order_detail_list[$id_order_detail]['quantity'] = (int) $_POST['partialRefundProductQuantity'][$id_order_detail];
                     if (empty($amount_detail)) {
                         $order_detail = new OrderDetail((int) $id_order_detail);
                         $order_detail_list[$id_order_detail]['amount'] = $order_detail->unit_price_tax_incl * $order_detail_list[$id_order_detail]['quantity'];
                     } else {
                         $order_detail_list[$id_order_detail]['amount'] = (double) str_replace(',', '.', $amount_detail);
                     }
                     $amount += $order_detail_list[$id_order_detail]['amount'];
                     $order_detail = new OrderDetail((int) $id_order_detail);
                     if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $order_detail_list[$id_order_detail]['quantity'] > 0) {
                         $this->reinjectQuantity($order_detail, $order_detail_list[$id_order_detail]['quantity']);
                     }
                 }
                 $shipping_cost_amount = (double) str_replace(',', '.', Tools::getValue('partialRefundShippingCost'));
                 if ($shipping_cost_amount > 0) {
                     $amount += $shipping_cost_amount;
                 }
                 $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
                 if (Validate::isLoadedObject($order_carrier)) {
                     $order_carrier->weight = (double) $order->getTotalWeight();
                     if ($order_carrier->update()) {
                         $order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
                     }
                 }
                 if ($amount > 0) {
                     if (!OrderSlip::createPartialOrderSlip($order, $amount, $shipping_cost_amount, $order_detail_list)) {
                         $this->errors[] = Tools::displayError('You cannot generate a partial credit slip.');
                     }
                     // Generate voucher
                     if (Tools::isSubmit('generateDiscountRefund') && !count($this->errors)) {
                         $cart_rule = new CartRule();
                         $cart_rule->description = sprintf($this->l('Credit slip for order #%d'), $order->id);
                         $languages = Language::getLanguages(false);
                         foreach ($languages as $language) {
                             // Define a temporary name
                             $cart_rule->name[$language['id_lang']] = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
                         }
                         // Define a temporary code
                         $cart_rule->code = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
                         $cart_rule->quantity = 1;
                         $cart_rule->quantity_per_user = 1;
                         // Specific to the customer
                         $cart_rule->id_customer = $order->id_customer;
                         $now = time();
                         $cart_rule->date_from = date('Y-m-d H:i:s', $now);
                         $cart_rule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
                         /* 1 year */
                         $cart_rule->partial_use = 1;
                         $cart_rule->active = 1;
                         $cart_rule->reduction_amount = $amount;
                         $cart_rule->reduction_tax = true;
                         $cart_rule->minimum_amount_currency = $order->id_currency;
                         $cart_rule->reduction_currency = $order->id_currency;
                         if (!$cart_rule->add()) {
                             $this->errors[] = Tools::displayError('You cannot generate a voucher.');
                         } else {
                             // Update the voucher code and name
                             foreach ($languages as $language) {
                                 $cart_rule->name[$language['id_lang']] = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
                             }
                             $cart_rule->code = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
                             if (!$cart_rule->update()) {
                                 $this->errors[] = Tools::displayError('You cannot generate a voucher.');
                             } else {
                                 $currency = $this->context->currency;
                                 $customer = new Customer((int) $order->id_customer);
                                 $params['{lastname}'] = $customer->lastname;
                                 $params['{firstname}'] = $customer->firstname;
                                 $params['{id_order}'] = $order->id;
                                 $params['{order_name}'] = $order->getUniqReference();
                                 $params['{voucher_amount}'] = Tools::displayPrice($cart_rule->reduction_amount, $currency, false);
                                 $params['{voucher_num}'] = $cart_rule->code;
                                 $customer = new Customer((int) $order->id_customer);
                                 @Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
                             }
                         }
                     }
                 } else {
                     $this->errors[] = Tools::displayError('You have to enter an amount if you want to create a partial credit slip.');
                 }
                 // Redirect if no errors
                 if (!count($this->errors)) {
                     Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=30&token=' . $this->token);
                 }
             } else {
                 $this->errors[] = Tools::displayError('The partial refund data is incorrect.');
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to delete this.');
         }
     } elseif (Tools::isSubmit('cancelProduct') && isset($order)) {
         if ($this->tabAccess['delete'] === '1') {
             if (!Tools::isSubmit('id_order_detail') && !Tools::isSubmit('id_customization')) {
                 $this->errors[] = Tools::displayError('You must select a product.');
             } elseif (!Tools::isSubmit('cancelQuantity') && !Tools::isSubmit('cancelCustomizationQuantity')) {
                 $this->errors[] = Tools::displayError('You must enter a quantity.');
             } else {
                 $productList = Tools::getValue('id_order_detail');
                 if ($productList) {
                     $productList = array_map('intval', $productList);
                 }
                 $customizationList = Tools::getValue('id_customization');
                 if ($customizationList) {
                     $customizationList = array_map('intval', $customizationList);
                 }
                 $qtyList = Tools::getValue('cancelQuantity');
                 if ($qtyList) {
                     $qtyList = array_map('intval', $qtyList);
                 }
                 $customizationQtyList = Tools::getValue('cancelCustomizationQuantity');
                 if ($customizationQtyList) {
                     $customizationQtyList = array_map('intval', $customizationQtyList);
                 }
                 $full_product_list = $productList;
                 $full_quantity_list = $qtyList;
                 if ($customizationList) {
                     foreach ($customizationList as $key => $id_order_detail) {
                         $full_product_list[(int) $id_order_detail] = $id_order_detail;
                         if (isset($customizationQtyList[$key])) {
                             $full_quantity_list[(int) $id_order_detail] += $customizationQtyList[$key];
                         }
                     }
                 }
                 if ($productList || $customizationList) {
                     if ($productList) {
                         $id_cart = Cart::getCartIdByOrderId($order->id);
                         $customization_quantities = Customization::countQuantityByCart($id_cart);
                         foreach ($productList as $key => $id_order_detail) {
                             $qtyCancelProduct = abs($qtyList[$key]);
                             if (!$qtyCancelProduct) {
                                 $this->errors[] = Tools::displayError('No quantity has been selected for this product.');
                             }
                             $order_detail = new OrderDetail($id_order_detail);
                             $customization_quantity = 0;
                             if (array_key_exists($order_detail->product_id, $customization_quantities) && array_key_exists($order_detail->product_attribute_id, $customization_quantities[$order_detail->product_id])) {
                                 $customization_quantity = (int) $customization_quantities[$order_detail->product_id][$order_detail->product_attribute_id];
                             }
                             if ($order_detail->product_quantity - $customization_quantity - $order_detail->product_quantity_refunded - $order_detail->product_quantity_return < $qtyCancelProduct) {
                                 $this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
                             }
                         }
                     }
                     if ($customizationList) {
                         $customization_quantities = Customization::retrieveQuantitiesFromIds(array_keys($customizationList));
                         foreach ($customizationList as $id_customization => $id_order_detail) {
                             $qtyCancelProduct = abs($customizationQtyList[$id_customization]);
                             $customization_quantity = $customization_quantities[$id_customization];
                             if (!$qtyCancelProduct) {
                                 $this->errors[] = Tools::displayError('No quantity has been selected for this product.');
                             }
                             if ($qtyCancelProduct > $customization_quantity['quantity'] - ($customization_quantity['quantity_refunded'] + $customization_quantity['quantity_returned'])) {
                                 $this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
                             }
                         }
                     }
                     if (!count($this->errors) && $productList) {
                         foreach ($productList as $key => $id_order_detail) {
                             $qty_cancel_product = abs($qtyList[$key]);
                             $order_detail = new OrderDetail((int) $id_order_detail);
                             if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $qty_cancel_product > 0) {
                                 $this->reinjectQuantity($order_detail, $qty_cancel_product);
                             }
                             // Delete product
                             $order_detail = new OrderDetail((int) $id_order_detail);
                             if (!$order->deleteProduct($order, $order_detail, $qty_cancel_product)) {
                                 $this->errors[] = Tools::displayError('An error occurred while attempting to delete the product.') . ' <span class="bold">' . $order_detail->product_name . '</span>';
                             }
                             // Update weight SUM
                             $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
                             if (Validate::isLoadedObject($order_carrier)) {
                                 $order_carrier->weight = (double) $order->getTotalWeight();
                                 if ($order_carrier->update()) {
                                     $order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
                                 }
                             }
                             Hook::exec('actionProductCancel', array('order' => $order, 'id_order_detail' => (int) $id_order_detail), null, false, true, false, $order->id_shop);
                         }
                     }
                     if (!count($this->errors) && $customizationList) {
                         foreach ($customizationList as $id_customization => $id_order_detail) {
                             $order_detail = new OrderDetail((int) $id_order_detail);
                             $qtyCancelProduct = abs($customizationQtyList[$id_customization]);
                             if (!$order->deleteCustomization($id_customization, $qtyCancelProduct, $order_detail)) {
                                 $this->errors[] = Tools::displayError('An error occurred while attempting to delete product customization.') . ' ' . $id_customization;
                             }
                         }
                     }
                     // E-mail params
                     if ((Tools::isSubmit('generateCreditSlip') || Tools::isSubmit('generateDiscount')) && !count($this->errors)) {
                         $customer = new Customer((int) $order->id_customer);
                         $params['{lastname}'] = $customer->lastname;
                         $params['{firstname}'] = $customer->firstname;
                         $params['{id_order}'] = $order->id;
                         $params['{order_name}'] = $order->getUniqReference();
                     }
                     // Generate credit slip
                     if (Tools::isSubmit('generateCreditSlip') && !count($this->errors)) {
                         if (!OrderSlip::createOrderSlip($order, $full_product_list, $full_quantity_list, Tools::isSubmit('shippingBack'))) {
                             $this->errors[] = Tools::displayError('A credit slip cannot be generated. ');
                         } else {
                             Hook::exec('actionOrderSlipAdd', array('order' => $order, 'productList' => $full_product_list, 'qtyList' => $full_quantity_list), null, false, true, false, $order->id_shop);
                             @Mail::Send((int) $order->id_lang, 'credit_slip', Mail::l('New credit slip regarding your order', (int) $order->id_lang), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
                         }
                     }
                     // Generate voucher
                     if (Tools::isSubmit('generateDiscount') && !count($this->errors)) {
                         $cartrule = new CartRule();
                         $languages = Language::getLanguages($order);
                         $cartrule->description = sprintf($this->l('Credit card slip for order #%d'), $order->id);
                         foreach ($languages as $language) {
                             // Define a temporary name
                             $cartrule->name[$language['id_lang']] = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
                         }
                         // Define a temporary code
                         $cartrule->code = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
                         $cartrule->quantity = 1;
                         $cartrule->quantity_per_user = 1;
                         // Specific to the customer
                         $cartrule->id_customer = $order->id_customer;
                         $now = time();
                         $cartrule->date_from = date('Y-m-d H:i:s', $now);
                         $cartrule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
                         /* 1 year */
                         $cartrule->active = 1;
                         $products = $order->getProducts(false, $full_product_list, $full_quantity_list);
                         $total = 0;
                         foreach ($products as $product) {
                             $total += $product['unit_price_tax_incl'] * $product['product_quantity'];
                         }
                         if (Tools::isSubmit('shippingBack')) {
                             $total += $order->total_shipping;
                         }
                         $cartrule->reduction_amount = $total;
                         $cartrule->reduction_tax = true;
                         $cartrule->minimum_amount_currency = $order->id_currency;
                         $cartrule->reduction_currency = $order->id_currency;
                         if (!$cartrule->add()) {
                             $this->errors[] = Tools::displayError('You cannot generate a voucher.');
                         } else {
                             // Update the voucher code and name
                             foreach ($languages as $language) {
                                 $cartrule->name[$language['id_lang']] = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
                             }
                             $cartrule->code = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
                             if (!$cartrule->update()) {
                                 $this->errors[] = Tools::displayError('You cannot generate a voucher.');
                             } else {
                                 $currency = $this->context->currency;
                                 $params['{voucher_amount}'] = Tools::displayPrice($cartrule->reduction_amount, $currency, false);
                                 $params['{voucher_num}'] = $cartrule->code;
                                 @Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
                             }
                         }
                     }
                 } else {
                     $this->errors[] = Tools::displayError('No product or quantity has been selected.');
                 }
                 // Redirect if no errors
                 if (!count($this->errors)) {
                     Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=31&token=' . $this->token);
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to delete this.');
         }
     } elseif (Tools::isSubmit('messageReaded')) {
         Message::markAsReaded(Tools::getValue('messageReaded'), $this->context->employee->id);
     } elseif (Tools::isSubmit('submitAddPayment') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $amount = str_replace(',', '.', Tools::getValue('payment_amount'));
             $currency = new Currency(Tools::getValue('payment_currency'));
             $order_has_invoice = $order->hasInvoice();
             if ($order_has_invoice) {
                 $order_invoice = new OrderInvoice(Tools::getValue('payment_invoice'));
             } else {
                 $order_invoice = null;
             }
             if (!Validate::isLoadedObject($order)) {
                 $this->errors[] = Tools::displayError('The order cannot be found');
             } elseif (!Validate::isNegativePrice($amount) || !(double) $amount) {
                 $this->errors[] = Tools::displayError('The amount is invalid.');
             } elseif (!Validate::isGenericName(Tools::getValue('payment_method'))) {
                 $this->errors[] = Tools::displayError('The selected payment method is invalid.');
             } elseif (!Validate::isString(Tools::getValue('payment_transaction_id'))) {
                 $this->errors[] = Tools::displayError('The transaction ID is invalid.');
             } elseif (!Validate::isLoadedObject($currency)) {
                 $this->errors[] = Tools::displayError('The selected currency is invalid.');
             } elseif ($order_has_invoice && !Validate::isLoadedObject($order_invoice)) {
                 $this->errors[] = Tools::displayError('The invoice is invalid.');
             } elseif (!Validate::isDate(Tools::getValue('payment_date'))) {
                 $this->errors[] = Tools::displayError('The date is invalid');
             } else {
                 if (!$order->addOrderPayment($amount, Tools::getValue('payment_method'), Tools::getValue('payment_transaction_id'), $currency, Tools::getValue('payment_date'), $order_invoice)) {
                     $this->errors[] = Tools::displayError('An error occurred during payment.');
                 } else {
                     Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitEditNote')) {
         $note = Tools::getValue('note');
         $order_invoice = new OrderInvoice((int) Tools::getValue('id_order_invoice'));
         if (Validate::isLoadedObject($order_invoice) && Validate::isCleanHtml($note)) {
             if ($this->tabAccess['edit'] === '1') {
                 $order_invoice->note = $note;
                 if ($order_invoice->save()) {
                     Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order_invoice->id_order . '&vieworder&conf=4&token=' . $this->token);
                 } else {
                     $this->errors[] = Tools::displayError('The invoice note was not saved.');
                 }
             } else {
                 $this->errors[] = Tools::displayError('You do not have permission to edit this.');
             }
         } else {
             $this->errors[] = Tools::displayError('The invoice for edit note was unable to load. ');
         }
     } elseif (Tools::isSubmit('submitAddOrder') && ($id_cart = Tools::getValue('id_cart')) && ($module_name = Tools::getValue('payment_module_name')) && ($id_order_state = Tools::getValue('id_order_state')) && Validate::isModuleName($module_name)) {
         if ($this->tabAccess['edit'] === '1') {
             $payment_module = Module::getInstanceByName($module_name);
             $cart = new Cart((int) $id_cart);
             Context::getContext()->currency = new Currency((int) $cart->id_currency);
             Context::getContext()->customer = new Customer((int) $cart->id_customer);
             $employee = new Employee((int) Context::getContext()->cookie->id_employee);
             $payment_module->validateOrder((int) $cart->id, (int) $id_order_state, $cart->getOrderTotal(true, Cart::BOTH), $payment_module->displayName, $this->l('Manual order -- Employee:') . ' ' . substr($employee->firstname, 0, 1) . '. ' . $employee->lastname, array(), null, false, $cart->secure_key);
             if ($payment_module->currentOrder) {
                 Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $payment_module->currentOrder . '&vieworder' . '&token=' . $this->token);
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to add this.');
         }
     } elseif ((Tools::isSubmit('submitAddressShipping') || Tools::isSubmit('submitAddressInvoice')) && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $address = new Address(Tools::getValue('id_address'));
             if (Validate::isLoadedObject($address)) {
                 // Update the address on order
                 if (Tools::isSubmit('submitAddressShipping')) {
                     $order->id_address_delivery = $address->id;
                 } elseif (Tools::isSubmit('submitAddressInvoice')) {
                     $order->id_address_invoice = $address->id;
                 }
                 $order->update();
                 Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
             } else {
                 $this->errors[] = Tools::displayError('This address can\'t be loaded');
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitChangeCurrency') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             if (Tools::getValue('new_currency') != $order->id_currency && !$order->valid) {
                 $old_currency = new Currency($order->id_currency);
                 $currency = new Currency(Tools::getValue('new_currency'));
                 if (!Validate::isLoadedObject($currency)) {
                     throw new PrestaShopException('Can\'t load Currency object');
                 }
                 // Update order detail amount
                 foreach ($order->getOrderDetailList() as $row) {
                     $order_detail = new OrderDetail($row['id_order_detail']);
                     $fields = array('ecotax', 'product_price', 'reduction_amount', 'total_shipping_price_tax_excl', 'total_shipping_price_tax_incl', 'total_price_tax_incl', 'total_price_tax_excl', 'product_quantity_discount', 'purchase_supplier_price', 'reduction_amount', 'reduction_amount_tax_incl', 'reduction_amount_tax_excl', 'unit_price_tax_incl', 'unit_price_tax_excl', 'original_product_price');
                     foreach ($fields as $field) {
                         $order_detail->{$field} = Tools::convertPriceFull($order_detail->{$field}, $old_currency, $currency);
                     }
                     $order_detail->update();
                     $order_detail->updateTaxAmount($order);
                 }
                 $id_order_carrier = (int) $order->getIdOrderCarrier();
                 if ($id_order_carrier) {
                     $order_carrier = $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
                     $order_carrier->shipping_cost_tax_excl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_excl, $old_currency, $currency);
                     $order_carrier->shipping_cost_tax_incl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_incl, $old_currency, $currency);
                     $order_carrier->update();
                 }
                 // Update order && order_invoice amount
                 $fields = array('total_discounts', 'total_discounts_tax_incl', 'total_discounts_tax_excl', 'total_discount_tax_excl', 'total_discount_tax_incl', 'total_paid', 'total_paid_tax_incl', 'total_paid_tax_excl', 'total_paid_real', 'total_products', 'total_products_wt', 'total_shipping', 'total_shipping_tax_incl', 'total_shipping_tax_excl', 'total_wrapping', 'total_wrapping_tax_incl', 'total_wrapping_tax_excl');
                 $invoices = $order->getInvoicesCollection();
                 if ($invoices) {
                     foreach ($invoices as $invoice) {
                         foreach ($fields as $field) {
                             if (isset($invoice->{$field})) {
                                 $invoice->{$field} = Tools::convertPriceFull($invoice->{$field}, $old_currency, $currency);
                             }
                         }
                         $invoice->save();
                     }
                 }
                 foreach ($fields as $field) {
                     if (isset($order->{$field})) {
                         $order->{$field} = Tools::convertPriceFull($order->{$field}, $old_currency, $currency);
                     }
                 }
                 // Update currency in order
                 $order->id_currency = $currency->id;
                 // Update exchange rate
                 $order->conversion_rate = (double) $currency->conversion_rate;
                 $order->update();
             } else {
                 $this->errors[] = Tools::displayError('You cannot change the currency.');
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitGenerateInvoice') && isset($order)) {
         if (!Configuration::get('PS_INVOICE', null, null, $order->id_shop)) {
             $this->errors[] = Tools::displayError('Invoice management has been disabled.');
         } elseif ($order->hasInvoice()) {
             $this->errors[] = Tools::displayError('This order already has an invoice.');
         } else {
             $order->setInvoice(true);
             Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
         }
     } elseif (Tools::isSubmit('submitDeleteVoucher') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             $order_cart_rule = new OrderCartRule(Tools::getValue('id_order_cart_rule'));
             if (Validate::isLoadedObject($order_cart_rule) && $order_cart_rule->id_order == $order->id) {
                 if ($order_cart_rule->id_order_invoice) {
                     $order_invoice = new OrderInvoice($order_cart_rule->id_order_invoice);
                     if (!Validate::isLoadedObject($order_invoice)) {
                         throw new PrestaShopException('Can\'t load Order Invoice object');
                     }
                     // Update amounts of Order Invoice
                     $order_invoice->total_discount_tax_excl -= $order_cart_rule->value_tax_excl;
                     $order_invoice->total_discount_tax_incl -= $order_cart_rule->value;
                     $order_invoice->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
                     $order_invoice->total_paid_tax_incl += $order_cart_rule->value;
                     // Update Order Invoice
                     $order_invoice->update();
                 }
                 // Update amounts of order
                 $order->total_discounts -= $order_cart_rule->value;
                 $order->total_discounts_tax_incl -= $order_cart_rule->value;
                 $order->total_discounts_tax_excl -= $order_cart_rule->value_tax_excl;
                 $order->total_paid += $order_cart_rule->value;
                 $order->total_paid_tax_incl += $order_cart_rule->value;
                 $order->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
                 // Delete Order Cart Rule and update Order
                 $order_cart_rule->delete();
                 $order->update();
                 Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
             } else {
                 $this->errors[] = Tools::displayError('You cannot edit this cart rule.');
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     } elseif (Tools::isSubmit('submitNewVoucher') && isset($order)) {
         if ($this->tabAccess['edit'] === '1') {
             if (!Tools::getValue('discount_name')) {
                 $this->errors[] = Tools::displayError('You must specify a name in order to create a new discount.');
             } else {
                 if ($order->hasInvoice()) {
                     // If the discount is for only one invoice
                     if (!Tools::isSubmit('discount_all_invoices')) {
                         $order_invoice = new OrderInvoice(Tools::getValue('discount_invoice'));
                         if (!Validate::isLoadedObject($order_invoice)) {
                             throw new PrestaShopException('Can\'t load Order Invoice object');
                         }
                     }
                 }
                 $cart_rules = array();
                 $discount_value = (double) str_replace(',', '.', Tools::getValue('discount_value'));
                 switch (Tools::getValue('discount_type')) {
                     // Percent type
                     case 1:
                         if ($discount_value < 100) {
                             if (isset($order_invoice)) {
                                 $cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
                                 $cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
                                 // Update OrderInvoice
                                 $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                             } elseif ($order->hasInvoice()) {
                                 $order_invoices_collection = $order->getInvoicesCollection();
                                 foreach ($order_invoices_collection as $order_invoice) {
                                     $cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
                                     $cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
                                     // Update OrderInvoice
                                     $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                                 }
                             } else {
                                 $cart_rules[0]['value_tax_incl'] = Tools::ps_round($order->total_paid_tax_incl * $discount_value / 100, 2);
                                 $cart_rules[0]['value_tax_excl'] = Tools::ps_round($order->total_paid_tax_excl * $discount_value / 100, 2);
                             }
                         } else {
                             $this->errors[] = Tools::displayError('The discount value is invalid.');
                         }
                         break;
                         // Amount type
                     // Amount type
                     case 2:
                         if (isset($order_invoice)) {
                             if ($discount_value > $order_invoice->total_paid_tax_incl) {
                                 $this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.');
                             } else {
                                 $cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
                                 $cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
                                 // Update OrderInvoice
                                 $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                             }
                         } elseif ($order->hasInvoice()) {
                             $order_invoices_collection = $order->getInvoicesCollection();
                             foreach ($order_invoices_collection as $order_invoice) {
                                 if ($discount_value > $order_invoice->total_paid_tax_incl) {
                                     $this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.') . $order_invoice->getInvoiceNumberFormatted(Context::getContext()->language->id, (int) $order->id_shop) . ')';
                                 } else {
                                     $cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
                                     $cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
                                     // Update OrderInvoice
                                     $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                                 }
                             }
                         } else {
                             if ($discount_value > $order->total_paid_tax_incl) {
                                 $this->errors[] = Tools::displayError('The discount value is greater than the order total.');
                             } else {
                                 $cart_rules[0]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
                                 $cart_rules[0]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
                             }
                         }
                         break;
                         // Free shipping type
                     // Free shipping type
                     case 3:
                         if (isset($order_invoice)) {
                             if ($order_invoice->total_shipping_tax_incl > 0) {
                                 $cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
                                 $cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
                                 // Update OrderInvoice
                                 $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                             }
                         } elseif ($order->hasInvoice()) {
                             $order_invoices_collection = $order->getInvoicesCollection();
                             foreach ($order_invoices_collection as $order_invoice) {
                                 if ($order_invoice->total_shipping_tax_incl <= 0) {
                                     continue;
                                 }
                                 $cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
                                 $cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
                                 // Update OrderInvoice
                                 $this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
                             }
                         } else {
                             $cart_rules[0]['value_tax_incl'] = $order->total_shipping_tax_incl;
                             $cart_rules[0]['value_tax_excl'] = $order->total_shipping_tax_excl;
                         }
                         break;
                     default:
                         $this->errors[] = Tools::displayError('The discount type is invalid.');
                 }
                 $res = true;
                 foreach ($cart_rules as &$cart_rule) {
                     $cartRuleObj = new CartRule();
                     $cartRuleObj->date_from = date('Y-m-d H:i:s', strtotime('-1 hour', strtotime($order->date_add)));
                     $cartRuleObj->date_to = date('Y-m-d H:i:s', strtotime('+1 hour'));
                     $cartRuleObj->name[Configuration::get('PS_LANG_DEFAULT')] = Tools::getValue('discount_name');
                     $cartRuleObj->quantity = 0;
                     $cartRuleObj->quantity_per_user = 1;
                     if (Tools::getValue('discount_type') == 1) {
                         $cartRuleObj->reduction_percent = $discount_value;
                     } elseif (Tools::getValue('discount_type') == 2) {
                         $cartRuleObj->reduction_amount = $cart_rule['value_tax_excl'];
                     } elseif (Tools::getValue('discount_type') == 3) {
                         $cartRuleObj->free_shipping = 1;
                     }
                     $cartRuleObj->active = 0;
                     if ($res = $cartRuleObj->add()) {
                         $cart_rule['id'] = $cartRuleObj->id;
                     } else {
                         break;
                     }
                 }
                 if ($res) {
                     foreach ($cart_rules as $id_order_invoice => $cart_rule) {
                         // Create OrderCartRule
                         $order_cart_rule = new OrderCartRule();
                         $order_cart_rule->id_order = $order->id;
                         $order_cart_rule->id_cart_rule = $cart_rule['id'];
                         $order_cart_rule->id_order_invoice = $id_order_invoice;
                         $order_cart_rule->name = Tools::getValue('discount_name');
                         $order_cart_rule->value = $cart_rule['value_tax_incl'];
                         $order_cart_rule->value_tax_excl = $cart_rule['value_tax_excl'];
                         $res &= $order_cart_rule->add();
                         $order->total_discounts += $order_cart_rule->value;
                         $order->total_discounts_tax_incl += $order_cart_rule->value;
                         $order->total_discounts_tax_excl += $order_cart_rule->value_tax_excl;
                         $order->total_paid -= $order_cart_rule->value;
                         $order->total_paid_tax_incl -= $order_cart_rule->value;
                         $order->total_paid_tax_excl -= $order_cart_rule->value_tax_excl;
                     }
                     // Update Order
                     $res &= $order->update();
                 }
                 if ($res) {
                     Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
                 } else {
                     $this->errors[] = Tools::displayError('An error occurred during the OrderCartRule creation');
                 }
             }
         } else {
             $this->errors[] = Tools::displayError('You do not have permission to edit this.');
         }
     }
     parent::postProcess();
 }
예제 #3
0
    /**
     * Start forms process
     * @see FrontController::postProcess()
     */
    public function postProcess()
    {
        if (Tools::isSubmit('submitMessage')) {
            $fileAttachment = null;
            if (isset($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['tmp_name'])) {
                $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
                $filename = uniqid() . substr($_FILES['fileUpload']['name'], -5);
                $fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
                $fileAttachment['name'] = $_FILES['fileUpload']['name'];
                $fileAttachment['mime'] = $_FILES['fileUpload']['type'];
            }
            $message = Tools::getValue('message');
            // Html entities is not usefull, iscleanHtml check there is no bad html tags.
            if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
                $this->errors[] = Tools::displayError('Invalid e-mail address');
            } else {
                if (!$message) {
                    $this->errors[] = Tools::displayError('Message cannot be blank');
                } else {
                    if (!Validate::isCleanHtml($message)) {
                        $this->errors[] = Tools::displayError('Invalid message');
                    } else {
                        if (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
                            $this->errors[] = Tools::displayError('Please select a subject from the list.');
                        } else {
                            if (!empty($_FILES['fileUpload']['name']) && $_FILES['fileUpload']['error'] != 0) {
                                $this->errors[] = Tools::displayError('An error occurred during the file upload');
                            } else {
                                if (!empty($_FILES['fileUpload']['name']) && !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) && !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
                                    $this->errors[] = Tools::displayError('Bad file extension');
                                } else {
                                    $customer = $this->context->customer;
                                    if (!$customer->id) {
                                        $customer->getByEmail($from);
                                    }
                                    $contact = new Contact($id_contact, $this->context->language->id);
                                    if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
						SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
						WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, (int) Tools::getValue('id_order'))))) {
                                        $fields = Db::getInstance()->executeS('
					SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
					FROM ' . _DB_PREFIX_ . 'customer_thread cm
					WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
						id_order = ' . (int) Tools::getValue('id_order') . ')');
                                        $score = 0;
                                        foreach ($fields as $key => $row) {
                                            $tmp = 0;
                                            if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
                                                continue;
                                            }
                                            if ($row['id_order'] != 0 && Tools::getValue('id_order') != $row['id_order']) {
                                                continue;
                                            }
                                            if ($row['email'] == $from) {
                                                $tmp += 4;
                                            }
                                            if ($row['id_contact'] == $id_contact) {
                                                $tmp++;
                                            }
                                            if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
                                                $tmp += 2;
                                            }
                                            if ($tmp >= 5 && $tmp >= $score) {
                                                $score = $tmp;
                                                $id_customer_thread = $row['id_customer_thread'];
                                            }
                                        }
                                    }
                                    $old_message = Db::getInstance()->getValue('
					SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
					LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
					WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
					ORDER BY cm.date_add DESC');
                                    if ($old_message == $message) {
                                        $this->context->smarty->assign('alreadySent', 1);
                                        $contact->email = '';
                                        $contact->customer_service = 0;
                                    }
                                    if (!empty($contact->email)) {
                                        $id_order = (int) Tools::getValue('id_order', 0);
                                        $order = new Order($id_order);
                                        $mail_var_list = array('{email}' => $from, '{message}' => Tools::nl2br(stripslashes($message)), '{id_order}' => $id_order, '{order_name}' => $order->getUniqReference(), '{attached_file}' => isset($_FILES['fileUpload'], $_FILES['fileUpload']['name']) ? $_FILES['fileUpload']['name'] : '');
                                        if (Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form'), $mail_var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) && Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $mail_var_list, $from)) {
                                            $this->context->smarty->assign('confirmation', 1);
                                        } else {
                                            $this->errors[] = Tools::displayError('An error occurred while sending message.');
                                        }
                                    }
                                    if ($contact->customer_service) {
                                        if ((int) $id_customer_thread) {
                                            $ct = new CustomerThread($id_customer_thread);
                                            $ct->status = 'open';
                                            $ct->id_lang = (int) $this->context->language->id;
                                            $ct->id_contact = (int) $id_contact;
                                            if ($id_order = (int) Tools::getValue('id_order')) {
                                                $ct->id_order = $id_order;
                                            }
                                            if ($id_product = (int) Tools::getValue('id_product')) {
                                                $ct->id_product = $id_product;
                                            }
                                            $ct->update();
                                        } else {
                                            $ct = new CustomerThread();
                                            if (isset($customer->id)) {
                                                $ct->id_customer = (int) $customer->id;
                                            }
                                            $ct->id_shop = (int) $this->context->shop->id;
                                            if ($id_order = (int) Tools::getValue('id_order')) {
                                                $ct->id_order = $id_order;
                                            }
                                            if ($id_product = (int) Tools::getValue('id_product')) {
                                                $ct->id_product = $id_product;
                                            }
                                            $ct->id_contact = (int) $id_contact;
                                            $ct->id_lang = (int) $this->context->language->id;
                                            $ct->email = $from;
                                            $ct->status = 'open';
                                            $ct->token = Tools::passwdGen(12);
                                            $ct->add();
                                        }
                                        if ($ct->id) {
                                            $cm = new CustomerMessage();
                                            $cm->id_customer_thread = $ct->id;
                                            $cm->message = Tools::htmlentitiesUTF8($message);
                                            if (isset($filename) && rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_ . '../upload/' . $filename)) {
                                                $cm->file_name = $filename;
                                            }
                                            $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
                                            $cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
                                            if ($cm->add()) {
                                                if (empty($contact->email)) {
                                                    $var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => stripslashes($message));
                                                    if ($ct->id_order) {
                                                        $order = new Order($ct->id_order);
                                                        $var_list['{order_name}'] = $order->reference;
                                                    }
                                                    if (isset($filename)) {
                                                        $var_list['{attached_file}'] = $_FILES['fileUpload']['name'];
                                                    }
                                                    Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $var_list, $from);
                                                }
                                                $this->context->smarty->assign('confirmation', 1);
                                            } else {
                                                $this->errors[] = Tools::displayError('An error occurred while sending message.');
                                            }
                                        } else {
                                            $this->errors[] = Tools::displayError('An error occurred while sending message.');
                                        }
                                    }
                                    if (count($this->errors) > 1) {
                                        array_unique($this->errors);
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
예제 #4
0
    /**
     * Start forms process
     * @see FrontController::postProcess()
     */
    public function postProcess()
    {
        if (Tools::isSubmit('submitMessage')) {
            $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
            $file_attachment = Tools::fileAttachment('fileUpload');
            $message = Tools::getValue('message');
            // Html entities is not usefull, iscleanHtml check there is no bad html tags.
            if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
                $this->errors[] = Tools::displayError('Invalid email address.');
            } elseif (!$message) {
                $this->errors[] = Tools::displayError('The message cannot be blank.');
            } elseif (!Validate::isCleanHtml($message)) {
                $this->errors[] = Tools::displayError('Invalid message');
            } elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
                $this->errors[] = Tools::displayError('Please select a subject from the list provided. ');
            } elseif (!empty($file_attachment['name']) && $file_attachment['error'] != 0) {
                $this->errors[] = Tools::displayError('An error occurred during the file-upload process.');
            } elseif (!empty($file_attachment['name']) && !in_array(Tools::strtolower(substr($file_attachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($file_attachment['name'], -5)), $extension)) {
                $this->errors[] = Tools::displayError('Bad file extension');
            } else {
                $customer = $this->context->customer;
                if (!$customer->id) {
                    $customer->getByEmail($from);
                }
                $id_order = (int) $this->getOrder();
                if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
						SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
						WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order)))) {
                    $fields = Db::getInstance()->executeS('
					SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
					FROM ' . _DB_PREFIX_ . 'customer_thread cm
					WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
						id_order = ' . (int) $id_order . ')');
                    $score = 0;
                    foreach ($fields as $key => $row) {
                        $tmp = 0;
                        if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
                            continue;
                        }
                        if ($row['id_order'] != 0 && $id_order != $row['id_order']) {
                            continue;
                        }
                        if ($row['email'] == $from) {
                            $tmp += 4;
                        }
                        if ($row['id_contact'] == $id_contact) {
                            $tmp++;
                        }
                        if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
                            $tmp += 2;
                        }
                        if ($tmp >= 5 && $tmp >= $score) {
                            $score = $tmp;
                            $id_customer_thread = $row['id_customer_thread'];
                        }
                    }
                }
                $old_message = Db::getInstance()->getValue('
					SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
					LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
					WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
					ORDER BY cm.date_add DESC');
                if ($old_message == $message) {
                    $this->context->smarty->assign('alreadySent', 1);
                    $contact->email = '';
                    $contact->customer_service = 0;
                }
                if ($contact->customer_service) {
                    if ((int) $id_customer_thread) {
                        $ct = new CustomerThread($id_customer_thread);
                        $ct->status = 'open';
                        $ct->id_lang = (int) $this->context->language->id;
                        $ct->id_contact = (int) $id_contact;
                        $ct->id_order = (int) $id_order;
                        if ($id_product = (int) Tools::getValue('id_product')) {
                            $ct->id_product = $id_product;
                        }
                        $ct->update();
                    } else {
                        $ct = new CustomerThread();
                        if (isset($customer->id)) {
                            $ct->id_customer = (int) $customer->id;
                        }
                        $ct->id_shop = (int) $this->context->shop->id;
                        $ct->id_order = (int) $id_order;
                        if ($id_product = (int) Tools::getValue('id_product')) {
                            $ct->id_product = $id_product;
                        }
                        $ct->id_contact = (int) $id_contact;
                        $ct->id_lang = (int) $this->context->language->id;
                        $ct->email = $from;
                        $ct->status = 'open';
                        $ct->token = Tools::passwdGen(12);
                        $ct->add();
                    }
                    if ($ct->id) {
                        $cm = new CustomerMessage();
                        $cm->id_customer_thread = $ct->id;
                        $cm->message = $message;
                        if (isset($file_attachment['rename']) && !empty($file_attachment['rename']) && rename($file_attachment['tmp_name'], _PS_UPLOAD_DIR_ . basename($file_attachment['rename']))) {
                            $cm->file_name = $file_attachment['rename'];
                            @chmod(_PS_UPLOAD_DIR_ . basename($file_attachment['rename']), 0664);
                        }
                        $cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
                        $cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
                        if (!$cm->add()) {
                            $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                        }
                    } else {
                        $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                    }
                }
                if (!count($this->errors)) {
                    $var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '');
                    if (isset($file_attachment['name'])) {
                        $var_list['{attached_file}'] = $file_attachment['name'];
                    }
                    $id_product = (int) Tools::getValue('id_product');
                    if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
                        $order = new Order((int) $ct->id_order);
                        $var_list['{order_name}'] = $order->getUniqReference();
                        $var_list['{id_order}'] = (int) $order->id;
                    }
                    if ($id_product) {
                        $product = new Product((int) $id_product);
                        if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
                            $var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
                        }
                    }
                    if (empty($contact->email)) {
                        Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null, $file_attachment);
                    } else {
                        if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form') . ' [no_sync]', $var_list, $contact->email, $contact->name, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $from) || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $contact->email)) {
                            $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                        }
                    }
                }
                if (count($this->errors) > 1) {
                    array_unique($this->errors);
                } elseif (!count($this->errors)) {
                    $this->context->smarty->assign('confirmation', 1);
                }
            }
        }
    }
예제 #5
0
 public function postProcess()
 {
     if (Tools::isSubmit('submitMessage')) {
         $idOrder = (int) Tools::getValue('id_order');
         $msgText = Tools::getValue('msgText');
         if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
             $this->errors[] = Tools::displayError('The order is no longer valid.');
         } elseif (empty($msgText)) {
             $this->errors[] = Tools::displayError('The message cannot be blank.');
         } elseif (!Validate::isMessage($msgText)) {
             $this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
         }
         if (!count($this->errors)) {
             $order = new Order($idOrder);
             if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
                 //check if a thread already exist
                 $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
                 $id_product = (int) Tools::getValue('id_product');
                 $cm = new CustomerMessage();
                 if (!$id_customer_thread) {
                     $ct = new CustomerThread();
                     $ct->id_contact = 0;
                     $ct->id_customer = (int) $order->id_customer;
                     $ct->id_shop = (int) $this->context->shop->id;
                     if ($id_product && $order->orderContainProduct((int) $id_product)) {
                         $ct->id_product = $id_product;
                     }
                     $ct->id_order = (int) $order->id;
                     $ct->id_lang = (int) $this->context->language->id;
                     $ct->email = $this->context->customer->email;
                     $ct->status = 'open';
                     $ct->token = Tools::passwdGen(12);
                     $ct->add();
                 } else {
                     $ct = new CustomerThread((int) $id_customer_thread);
                 }
                 $cm->id_customer_thread = $ct->id;
                 if ($id_product && $order->orderContainProduct((int) $id_product)) {
                     $cm->id_product = $id_product;
                 }
                 $cm->message = $msgText;
                 $cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
                 $cm->add();
                 if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
                     $to = strval(Configuration::get('PS_SHOP_EMAIL'));
                 } else {
                     $to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
                     $to = strval($to->email);
                 }
                 $toName = strval(Configuration::get('PS_SHOP_NAME'));
                 $customer = $this->context->customer;
                 $product = new Product($id_product);
                 $product_name = '';
                 if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) {
                     $product_name = $product->name[(int) $this->context->language->id];
                 }
                 if (Validate::isLoadedObject($customer)) {
                     Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText), '{product_name}' => $product_name), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
                 }
                 if (Tools::getValue('ajax') != 'true') {
                     Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
                 }
                 $this->context->smarty->assign('message_confirmation', true);
             } else {
                 $this->errors[] = Tools::displayError('Order not found');
             }
         }
     }
     if (Tools::isSubmit('markAsReceived')) {
         $idOrder = (int) Tools::getValue('id_order');
         $order = new Order($idOrder);
         if (Validate::isLoadedObject($order)) {
             if ($order->getCurrentState() == 15) {
                 $new_history = new OrderHistory();
                 $new_history->id_order = (int) $order->id;
                 $new_history->changeIdOrderState(3, $order);
                 // 16: Ready for Production
                 //var_dump($order,$new_history);
                 $myfile = fopen(PS_PRODUCT_IMG_PATH . "/orders/" . $order->reference . ".txt", "w") or die("Unable to open file!");
                 $txt = "Order Confirmed\n Order Reference: " . $order->reference;
                 fwrite($myfile, $txt);
                 fclose($myfile);
                 $new_history->addWithemail(true);
             }
             $this->context->smarty->assign('receipt_confirmation', true);
         } else {
             $this->_errors[] = Tools::displayError('Error: Invalid order number');
         }
     }
 }
예제 #6
0
 public function postProcess()
 {
     ${${"GLOBALS"}["thtbvco"]} = new Order((int) Tools::getValue("id_order"));
     $difdqhzqxl = "id_order_seller";
     if (!Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
         $this->errors[] = Tools::displayError("Order not found or you do not have permission to view this order.");
         return;
     }
     ${"GLOBALS"}["fqitvbmdfl"] = "order";
     ${${"GLOBALS"}["gfrblyem"]} = AgileSellerManager::getObjectOwnerID("order", $order->id);
     ${"GLOBALS"}["bsmpehdujqe"] = "id_customer_seller";
     ${${"GLOBALS"}["taultlaseq"]} = AgileSellerManager::getLinkedSellerID($this->context->customer->id);
     $qjwuyezbnwd = "order";
     if (${$difdqhzqxl} != ${${"GLOBALS"}["taultlaseq"]} || ${${"GLOBALS"}["gfrblyem"]} <= 0 || ${${"GLOBALS"}["bsmpehdujqe"]} <= 0) {
         $this->errors[] = Tools::displayError("You do not have permission to view this order.");
         return;
     }
     if (Tools::isSubmit("submitShippingNumber") && isset(${${"GLOBALS"}["fqitvbmdfl"]})) {
         ${"GLOBALS"}["mllzihk"] = "order_carrier";
         $fdknpwcl = "order_carrier";
         ${$fdknpwcl} = new OrderCarrier(Tools::getValue("id_order_carrier"));
         if (!Validate::isLoadedObject(${${"GLOBALS"}["mllzihk"]})) {
             $this->errors[] = Tools::displayError("The order carrier ID is invalid.");
         } elseif (!Validate::isTrackingNumber(Tools::getValue("tracking_number"))) {
             $this->errors[] = Tools::displayError("The tracking number is incorrect.");
         } else {
             $order->shipping_number = Tools::getValue("tracking_number");
             $order->update();
             $order_carrier->tracking_number = pSQL(Tools::getValue("tracking_number"));
             if ($order_carrier->update()) {
                 $qvvnrvmsp = "templateVars";
                 ${${"GLOBALS"}["cdmray"]} = new Customer((int) $order->id_customer);
                 $ijyvqhqokid = "carrier";
                 ${"GLOBALS"}["mhbtmrqg"] = "templateVars";
                 ${$ijyvqhqokid} = new Carrier((int) $order_carrier->id_carrier, $order->id_lang);
                 if (!Validate::isLoadedObject(${${"GLOBALS"}["cdmray"]})) {
                     throw new PrestaShopException("Can't load Customer object");
                 }
                 if (!Validate::isLoadedObject(${${"GLOBALS"}["tvqrewgc"]})) {
                     throw new PrestaShopException("Can't load Carrier object");
                 }
                 ${${"GLOBALS"}["mhbtmrqg"]} = array("{followup}" => str_replace("@", $order_carrier->tracking_number, $carrier->url), "{firstname}" => $customer->firstname, "{lastname}" => $customer->lastname, "{id_order}" => $order->id, "{shipping_number}" => $order_carrier->tracking_number, "{order_name}" => $order->getUniqReference());
                 if (@Mail::Send((int) $order->id_lang, "in_transit", Mail::l('Package in transit', (int) $order->id_lang), ${$qvvnrvmsp}, $customer->email, $customer->firstname . " " . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
                     ${"GLOBALS"}["rwzquyb"] = "order";
                     Hook::exec("actionAdminOrdersTrackingNumberUpdate", array("order" => ${${"GLOBALS"}["rwzquyb"]}, "customer" => ${${"GLOBALS"}["cdmray"]}, "carrier" => ${${"GLOBALS"}["tvqrewgc"]}), null, false, true, false, $order->id_shop);
                 } else {
                     $this->errors[] = Tools::displayError("An error occurred while sending an email to the customer.");
                 }
             } else {
                 $this->errors[] = Tools::displayError("The order carrier cannot be updated.");
             }
         }
     } elseif (Tools::isSubmit("submitState") && isset(${$qjwuyezbnwd})) {
         ${${"GLOBALS"}["bfrxhizen"]} = new OrderState(Tools::getValue("id_order_state"));
         if (!Validate::isLoadedObject(${${"GLOBALS"}["bfrxhizen"]})) {
             $this->errors[] = Tools::displayError("Invalid new order status");
         } else {
             ${${"GLOBALS"}["rxsllerec"]} = $order->getCurrentOrderState();
             if ($current_order_state->id != $order_state->id) {
                 $heccerkhiwt = "history";
                 ${$heccerkhiwt} = new OrderHistory();
                 ${"GLOBALS"}["uynetoegv"] = "templateVars";
                 $vriwvgqg = "templateVars";
                 $history->id_order = $order->id;
                 $history->id_employee = 1;
                 $history->changeIdOrderState($order_state->id, $order->id);
                 ${${"GLOBALS"}["tvqrewgc"]} = new Carrier($order->id_carrier, $order->id_lang);
                 ${$vriwvgqg} = array();
                 if ($history->id_order_state == Configuration::get("PS_OS_SHIPPING") && $order->shipping_number) {
                     ${${"GLOBALS"}["nkwobosfw"]} = array("{followup}" => str_replace("@", $order->shipping_number, $carrier->url));
                 } elseif ($history->id_order_state == Configuration::get("PS_OS_CHEQUE")) {
                     ${${"GLOBALS"}["nkwobosfw"]} = array("{cheque_name}" => Configuration::get("CHEQUE_NAME") ? Configuration::get("CHEQUE_NAME") : "", "{cheque_address_html}" => Configuration::get("CHEQUE_ADDRESS") ? nl2br(Configuration::get("CHEQUE_ADDRESS")) : "");
                 } elseif ($history->id_order_state == Configuration::get("PS_OS_BANKWIRE")) {
                     ${${"GLOBALS"}["nkwobosfw"]} = array("{bankwire_owner}" => Configuration::get("BANK_WIRE_OWNER") ? Configuration::get("BANK_WIRE_OWNER") : "", "{bankwire_details}" => Configuration::get("BANK_WIRE_DETAILS") ? nl2br(Configuration::get("BANK_WIRE_DETAILS")) : "", "{bankwire_address}" => Configuration::get("BANK_WIRE_ADDRESS") ? nl2br(Configuration::get("BANK_WIRE_ADDRESS")) : "");
                 }
                 if (!$history->addWithemail(true, ${${"GLOBALS"}["uynetoegv"]})) {
                     $this->errors[] = Tools::displayError("An error occurred while changing the status or was unable to send e-mail to the customer.");
                 }
             } else {
                 $this->errors[] = Tools::displayError("This order is already assigned this status");
             }
         }
         if (empty($this->errors)) {
             self::$smarty->assign("cfmmsg_flag", 1);
         }
     }
     if (Tools::isSubmit("submitMessage")) {
         $ipovlstkh = "idOrder";
         ${${"GLOBALS"}["pfwbejwlah"]} = (int) Tools::getValue("id_order");
         ${${"GLOBALS"}["nioumgdgj"]} = Tools::getValue("msgText");
         ${"GLOBALS"}["tumvnnp"] = "msgText";
         if (!${${"GLOBALS"}["pfwbejwlah"]} || !Validate::isUnsignedId(${$ipovlstkh})) {
             $this->errors[] = Tools::displayError("Order is no longer valid");
         } else {
             if (empty(${${"GLOBALS"}["nioumgdgj"]})) {
                 $this->errors[] = Tools::displayError("Message cannot be blank");
             } else {
                 if (!Validate::isMessage(${${"GLOBALS"}["tumvnnp"]})) {
                     $this->errors[] = Tools::displayError("Message is invalid (HTML is not allowed)");
                 }
             }
         }
         if (!count($this->errors)) {
             $svycwjflohh = "idOrder";
             ${${"GLOBALS"}["thtbvco"]} = new Order(${$svycwjflohh});
             if (Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
                 ${"GLOBALS"}["pcdbkuo"] = "cm";
                 ${"GLOBALS"}["qejrcjwlidu"] = "to";
                 ${${"GLOBALS"}["nbpumdloal"]} = new Employee();
                 $iilmenu = "seller";
                 ${$iilmenu} = $emp->getbyEmail($this->context->customer->email);
                 $ucwaikq = "customer";
                 ${$ucwaikq} = new Customer($order->id_customer);
                 ${${"GLOBALS"}["ryhapbx"]} = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
                 ${"GLOBALS"}["pnxcso"] = "id_customer_thread";
                 ${${"GLOBALS"}["pcdbkuo"]} = new CustomerMessage();
                 ${"GLOBALS"}["csptele"] = "ct";
                 $pykymotfmtq = "fromName";
                 if (!${${"GLOBALS"}["pnxcso"]}) {
                     ${"GLOBALS"}["azdvluwhw"] = "id_product";
                     ${"GLOBALS"}["fpmtmpmcoy"] = "id_product";
                     $vckfnym = "id_product";
                     ${${"GLOBALS"}["docrub"]} = new CustomerThread();
                     $ct->id_contact = 2;
                     $ct->id_customer = (int) $order->id_customer;
                     $ct->id_shop = (int) $this->context->shop->id;
                     ${$vckfnym} = (int) Tools::getValue("id_product");
                     if (${${"GLOBALS"}["fxogbxc"]} && $order->orderContainProduct(${${"GLOBALS"}["azdvluwhw"]})) {
                         $ct->id_product = ${${"GLOBALS"}["fpmtmpmcoy"]};
                     }
                     $ct->id_order = (int) $order->id;
                     $ct->id_lang = (int) $this->context->language->id;
                     $ct->email = $customer->email;
                     $ct->status = "open";
                     $ct->token = Tools::passwdGen(12);
                     $ct->add();
                 } else {
                     ${${"GLOBALS"}["csptele"]} = new CustomerThread((int) ${${"GLOBALS"}["ryhapbx"]});
                 }
                 $qlkkcochivs = "msgText";
                 $cm->id_customer_thread = $ct->id;
                 $cm->message = ${${"GLOBALS"}["nioumgdgj"]};
                 $cm->ip_address = ip2long($_SERVER["REMOTE_ADDR"]);
                 $cm->id_employee = $seller->id;
                 $cm->add();
                 $mwsicth = "fromName";
                 ${"GLOBALS"}["lhbflpuhi"] = "customer";
                 ${${"GLOBALS"}["oatuem"]} = $customer->email;
                 ${${"GLOBALS"}["xtxkthxeqll"]} = $customer->firstname . " " . $customer->lastname;
                 ${${"GLOBALS"}["sormbzxw"]} = $seller->email;
                 ${$mwsicth} = $seller->firstname . " " . $seller->lastname;
                 if (Validate::isLoadedObject(${${"GLOBALS"}["lhbflpuhi"]})) {
                     Mail::Send($this->context->language->id, "order_merchant_comment", Mail::l('Message from a seller'), array("{lastname}" => $customer->lastname, "{firstname}" => $customer->firstname, "{email}" => $customer->email, "{id_order}" => (int) $order->id, "{order_name}" => $order->getUniqReference(), "{message}" => Tools::nl2br(${$qlkkcochivs})), ${${"GLOBALS"}["qejrcjwlidu"]}, ${${"GLOBALS"}["xtxkthxeqll"]}, ${${"GLOBALS"}["sormbzxw"]}, ${$pykymotfmtq});
                 }
             } else {
                 $this->errors[] = Tools::displayError("Order not found");
             }
         }
     }
 }
예제 #7
0
    public function saveContact()
    {
        $message = Tools::getValue('message');
        // Html entities is not usefull, iscleanHtml check there is no bad html tags.
        if (!($from = trim(Tools::getValue('email'))) || !Validate::isEmail($from)) {
            $this->errors[] = Tools::displayError('Invalid email address.');
        } elseif (!$message) {
            $this->errors[] = Tools::displayError('The message cannot be blank.');
        } elseif (!Validate::isCleanHtml($message)) {
            $this->errors[] = Tools::displayError('Invalid message');
        } elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
            $this->errors[] = Tools::displayError('Please select a subject from the list provided. ');
        } else {
            $customer = $this->context->customer;
            if (!$customer->id) {
                $customer->getByEmail($from);
            }
            $id_order = (int) $this->getOrder();
            if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
						SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
						WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order)))) {
                $fields = Db::getInstance()->executeS('
					SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
					FROM ' . _DB_PREFIX_ . 'customer_thread cm
					WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
						id_order = ' . (int) $id_order . ')');
                $score = 0;
                foreach ($fields as $key => $row) {
                    $tmp = 0;
                    if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
                        continue;
                    }
                    if ($row['id_order'] != 0 && $id_order != $row['id_order']) {
                        continue;
                    }
                    if ($row['email'] == $from) {
                        $tmp += 4;
                    }
                    if ($row['id_contact'] == $id_contact) {
                        $tmp++;
                    }
                    if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
                        $tmp += 2;
                    }
                    if ($tmp >= 5 && $tmp >= $score) {
                        $score = $tmp;
                        $id_customer_thread = $row['id_customer_thread'];
                    }
                }
            }
            $old_message = Db::getInstance()->getValue('
					SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
					LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
					WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
					ORDER BY cm.date_add DESC');
            if ($old_message == $message) {
                $this->context->smarty->assign('alreadySent', 1);
                $contact->email = '';
                $contact->customer_service = 0;
            }
            if ($contact->customer_service) {
                if ((int) $id_customer_thread) {
                    $ct = new CustomerThread($id_customer_thread);
                    $ct->status = 'open';
                    $ct->id_lang = (int) $this->context->language->id;
                    $ct->id_contact = (int) $id_contact;
                    $ct->id_order = (int) $id_order;
                    if ($id_product = (int) Tools::getValue('id_product')) {
                        $ct->id_product = $id_product;
                    }
                    $ct->update();
                } else {
                    $ct = new CustomerThread();
                    if (isset($customer->id)) {
                        $ct->id_customer = (int) $customer->id;
                    }
                    $ct->id_shop = (int) $this->context->shop->id;
                    $ct->id_order = (int) $id_order;
                    if ($id_product = (int) Tools::getValue('id_product')) {
                        $ct->id_product = $id_product;
                    }
                    $ct->id_contact = (int) $id_contact;
                    $ct->id_lang = (int) $this->context->language->id;
                    $ct->email = $from;
                    $ct->status = 'open';
                    $ct->token = Tools::passwdGen(12);
                    $ct->add();
                }
                if ($ct->id) {
                    $cm = new CustomerMessage();
                    $cm->id_customer_thread = $ct->id;
                    $cm->message = $message;
                    $cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
                    $cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
                    if (!$cm->add()) {
                        $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                    }
                } else {
                    $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                }
            }
            if (!count($this->errors)) {
                $var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '');
                if (isset($file_attachment['name'])) {
                    $var_list['{attached_file}'] = $file_attachment['name'];
                }
                $id_product = (int) Tools::getValue('id_product');
                if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
                    $order = new Order((int) $ct->id_order);
                    $var_list['{order_name}'] = $order->getUniqReference();
                    $var_list['{id_order}'] = (int) $order->id;
                }
                if ($id_product) {
                    $product = new Product((int) $id_product);
                    if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
                        $var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
                    }
                }
                if (empty($contact->email)) {
                    Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, null, null);
                } else {
                    if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form') . ' [no_sync]', $var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '') || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent'), $var_list, $from, null, $contact->email, $contact->name)) {
                        $this->errors[] = Tools::displayError('An error occurred while sending the message.');
                    }
                }
            }
            $response = new stdClass();
            if ($this->errors) {
                $response->status = '0';
                $response->msg = implode('<br />', $this->errors);
            } else {
                $response->status = 1;
                $response->msg = "Send message success!";
            }
            die(Tools::jsonEncode($response));
            /*
            if (count($this->errors) > 1)
            	array_unique($this->errors);
            elseif (!count($this->errors))
            	$this->context->smarty->assign('confirmation', 1);
            * 
            */
        }
    }
예제 #8
0
 public function sendMessage()
 {
     $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
     $file_attachment = Tools::fileAttachment('fileUpload');
     $message = Tools::getValue('message');
     if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
         $this->context->controller->errors[] = $this->l('Invalid email address.');
     } elseif (!$message) {
         $this->context->controller->errors[] = $this->l('The message cannot be blank.');
     } elseif (!Validate::isCleanHtml($message)) {
         $this->context->controller->errors[] = $this->l('Invalid message');
     } elseif (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
         $this->context->controller->errors[] = $this->l('Please select a subject from the list provided. ');
     } elseif (!empty($file_attachment['name']) && $file_attachment['error'] != 0) {
         $this->context->controller->errors[] = $this->l('An error occurred during the file-upload process.');
     } elseif (!empty($file_attachment['name']) && !in_array(Tools::strtolower(substr($file_attachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($file_attachment['name'], -5)), $extension)) {
         $this->context->controller->errors[] = $this->l('Bad file extension');
     } else {
         $customer = $this->context->customer;
         if (!$customer->id) {
             $customer->getByEmail($from);
         }
         $id_order = (int) Tools::getValue('id_order');
         $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order);
         if ($contact->customer_service) {
             if ((int) $id_customer_thread) {
                 $ct = new CustomerThread($id_customer_thread);
                 $ct->status = 'open';
                 $ct->id_lang = (int) $this->context->language->id;
                 $ct->id_contact = (int) $id_contact;
                 $ct->id_order = (int) $id_order;
                 if ($id_product = (int) Tools::getValue('id_product')) {
                     $ct->id_product = $id_product;
                 }
                 $ct->update();
             } else {
                 $ct = new CustomerThread();
                 if (isset($customer->id)) {
                     $ct->id_customer = (int) $customer->id;
                 }
                 $ct->id_shop = (int) $this->context->shop->id;
                 $ct->id_order = (int) $id_order;
                 if ($id_product = (int) Tools::getValue('id_product')) {
                     $ct->id_product = $id_product;
                 }
                 $ct->id_contact = (int) $id_contact;
                 $ct->id_lang = (int) $this->context->language->id;
                 $ct->email = $from;
                 $ct->status = 'open';
                 $ct->token = Tools::passwdGen(12);
                 $ct->add();
             }
             if ($ct->id) {
                 $lastMessage = CustomerMessage::getLastMessageForCustomerThread($ct->id);
                 $testFileUpload = isset($file_attachment['rename']) && !empty($file_attachment['rename']);
                 // if last message is the same as new message (and no file upload), do not consider this contact
                 if ($lastMessage != $message || $testFileUpload) {
                     $cm = new CustomerMessage();
                     $cm->id_customer_thread = $ct->id;
                     $cm->message = $message;
                     if ($testFileUpload && rename($file_attachment['tmp_name'], _PS_UPLOAD_DIR_ . basename($file_attachment['rename']))) {
                         $cm->file_name = $file_attachment['rename'];
                         @chmod(_PS_UPLOAD_DIR_ . basename($file_attachment['rename']), 0664);
                     }
                     $cm->ip_address = (int) ip2long(Tools::getRemoteAddr());
                     $cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
                     if (!$cm->add()) {
                         $this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
                     }
                 } else {
                     $mailAlreadySend = true;
                 }
             } else {
                 $this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
             }
         }
         if (!count($this->context->controller->errors) && empty($mailAlreadySend)) {
             $var_list = ['{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => ''];
             if (isset($file_attachment['name'])) {
                 $var_list['{attached_file}'] = $file_attachment['name'];
             }
             $id_product = (int) Tools::getValue('id_product');
             if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) {
                 $order = new Order((int) $ct->id_order);
                 $var_list['{order_name}'] = $order->getUniqReference();
                 $var_list['{id_order}'] = (int) $order->id;
             }
             if ($id_product) {
                 $product = new Product((int) $id_product);
                 if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) {
                     $var_list['{product_name}'] = $product->name[Context::getContext()->language->id];
                 }
             }
             if (empty($contact->email)) {
                 Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? $this->trans('Your message has been correctly sent #ct%thread_id% #tc%thread_token%', array('%thread_id%' => $ct->id, '%thread_token%' => $ct->token), 'Emails.Subject') : $this->trans('Your message has been correctly sent', array(), 'Emails.Subject'), $var_list, $from, null, null, null, $file_attachment);
             } else {
                 if (!Mail::Send($this->context->language->id, 'contact', $this->trans('Message from contact form', array(), 'Emails.Subject') . ' [no_sync]', $var_list, $contact->email, $contact->name, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $from) || !Mail::Send($this->context->language->id, 'contact_form', isset($ct) && Validate::isLoadedObject($ct) ? $this->trans('Your message has been correctly sent #ct%thread_id% #tc%thread_token%', array('%thread_id%' => $ct->id, '%thread_token%' => $ct->token), 'Emails.Subject') : $this->trans('Your message has been correctly sent', array(), 'Emails.Subject'), $var_list, $from, null, null, null, $file_attachment, null, _PS_MAIL_DIR_, false, null, null, $contact->email)) {
                     $this->context->controller->errors[] = $this->l('An error occurred while sending the message.');
                 }
             }
         }
         if (!count($this->context->controller->errors)) {
             $this->context->controller->success[] = $this->l('Your message has been successfully sent to our team.');
         }
     }
 }