/**
* Empty and destroy the cart
*
* @param boolean $del_order True to delete any related order
* @return array Empty cart array
*/
public function Clear($del_order = true)
{
global $_TABLES;
$sql = "DELETE FROM {$_TABLES['paypal.cart']} WHERE\r\n cart_id = '" . DB_escapeString($this->cartID()) . "'";
if (!COM_isAnonUser()) {
$sql .= " OR cart_uid = " . (int) $_USER['uid'];
}
DB_query($sql);
if ($del_order && isset($_SESSION[PP_CART_VAR]['order_id']) && !empty($_SESSION[PP_CART_VAR]['order_id'])) {
USES_paypal_class_order();
ppOrder::Delete($_SESSION[PP_CART_VAR]['order_id']);
}
$this->m_cart = array();
unset($_SESSION[PP_CART_VAR]);
return $this->m_cart;
}
$i = 0;
foreach ($_POST['upd_orders'] as $order_id) {
if (!isset($_POST['newstatus'][$order_id]) || !isset($_POST['oldstatus'][$order_id]) || $_POST['newstatus'][$order_id] == $_POST['oldstatus'][$order_id]) {
continue;
}
$ord = new ppOrder($order_id);
$ord->UpdateStatus($_POST['newstatus'][$order_id], $order_id);
$i++;
}
$msg[] = sprintf($LANG_PP['updated_x_orders'], $i);
}
$content .= PAYPAL_orders(true);
break;
case 'order':
USES_paypal_class_order();
$order = new ppOrder($actionval);
$content .= $order->View(true);
break;
case 'ipnlog':
$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : 'all';
$log_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
$txn_id = isset($_REQUEST['txn_id']) ? COM_applyFilter($_REQUEST['txn_id']) : '';
switch ($op) {
case 'single':
$content .= PAYPAL_ipnlogSingle($log_id, $txn_id);
break;
default:
$content .= PAYPAL_adminlist_IPNLog();
break;
}
break;
/**
* Empty and destroy the cart
*
* @param boolean $del_order True to delete any related order
* @return array Empty cart array
*/
public function Clear($del_order = true)
{
global $_TABLES;
DB_delete($_TABLES['paypal.cart'], 'cart_id', $this->cartID());
if ($del_order && isset($_SESSION[PP_CART_VAR]['order_id']) && !empty($_SESSION[PP_CART_VAR]['order_id'])) {
USES_paypal_class_order();
ppOrder::Delete($_SESSION[PP_CART_VAR]['order_id']);
}
$this->m_cart = array();
unset($_SESSION[PP_CART_VAR]);
return $this->m_cart;
}
/**
* Perform the upgrade starting at the current version.
*
* @since version 0.4.0
* @return integer Error code, 0 for success
*/
function PAYPAL_do_upgrade()
{
global $_TABLES, $_CONF, $_PP_CONF, $_PP_DEFAULTS, $PP_UPGRADE, $_PLUGIN_INFO;
if (isset($_PLUGIN_INFO[$_PP_CONF['pi_name']])) {
$current_ver = $_PLUGIN_INFO[$_PP_CONF['pi_name']];
} else {
return false;
}
// Get the config instance, several upgrades might need it
$c = config::get_instance();
if (!COM_checkVersion($current_ver, '0.2')) {
// upgrade to 0.2.2
$current_ver = '0.2.2';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.0')) {
// upgrade to 0.4.0
$current_ver = '0.4.0';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!plugin_initconfig_paypal()) {
return false;
}
// Migrate existing categories to the new category table
$r = DB_query("SELECT DISTINCT category\n FROM {$_TABLES['paypal.products']}\n WHERE category <> '' and category IS NOT NULL");
if (DB_error()) {
COM_errorLog("Could not retrieve old categories", 1);
return false;
}
if (DB_numRows($r) > 0) {
while ($A = DB_fetchArray($r, false)) {
DB_query("INSERT INTO {$_TABLES['paypal.categories']}\n (cat_name)\n VALUES ('{$A['category']}')");
if (DB_error()) {
COM_errorLog("Could not add new category {$A['category']}", 1);
return false;
}
$cats[$A['category']] = DB_insertID();
}
// Now populate the cross-reference table
$r = DB_query("SELECT id, category\n FROM {$_TABLES['paypal.products']}");
if (DB_error()) {
COM_errorLog("Error retrieving category data from products", 1);
return false;
}
if (DB_numRows($r) > 0) {
while ($A = DB_fetchArray($r, false)) {
DB_query("UPDATE {$_TABLES['paypal.products']}\n SET cat_id = '{$cats[$A['category']]}'\n WHERE id = '{$A['id']}'");
if (DB_error()) {
COM_errorLog("Error updating prodXcat table", 1);
return false;
}
}
}
DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n DROP category");
}
// Add buttons to the product records or they won't be shown.
// Old paypal version always has buy_now and add_cart buttons.
$buttons = serialize(array('buy_now' => '', 'add_cart' => ''));
DB_query("UPDATE {$_TABLES['paypal.products']} \n SET buttons='{$buttons}',\n dt_add = UNIX_TIMESTAMP()");
// Finally, rename any existing config.php file since we now use
// the online configuration.
$pi_path = $_CONF['path'] . '/plugins/' . $_PP_CONF['pi_name'];
if (is_file($pi_path . '/config.php')) {
COM_errorLog("Renaming old config.php file to {$pi_path}/config.old.php", 1);
if (!rename($pi_path . '/config.php', $pi_path . '/config.old.php')) {
COM_errorLog("Failed to rename old config.php file. Manual intervention needed", 1);
}
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.1')) {
// upgrade to 0.4.1
$current_ver = '0.4.1';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if ($c->group_exists($_PP_CONF['pi_name'])) {
$c->add('blk_random_limit', $_PP_DEFAULTS['blk_random_limit'], 'text', 0, 30, 2, 40, true, $_PP_CONF['pi_name']);
$c->add('blk_featured_limit', $_PP_DEFAULTS['blk_featured_limit'], 'text', 0, 30, 2, 50, true, $_PP_CONF['pi_name']);
$c->add('blk_popular_limit', $_PP_DEFAULTS['blk_popular_limit'], 'text', 0, 30, 2, 60, true, $_PP_CONF['pi_name']);
$c->add('fs_debug', NULL, 'fieldset', 0, 50, NULL, 0, true, $_PP_CONF['pi_name']);
$c->add('debug', $_PP_DEFAULTS['debug'], 'select', 0, 50, 2, 10, true, $_PP_CONF['pi_name']);
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.2')) {
// upgrade to 0.4.2
$current_ver = '0.4.2';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.3')) {
// upgrade to 0.4.3
// this adds a field that was possibly missing in the initial
// installation, but could have been added in the 0.4.1 update. So,
// an error is to be expected and ignored
$current_ver = '0.4.3';
if (!PAYPAL_do_upgrade_sql($current_ver, true)) {
return false;
}
if ($c->group_exists($_PP_CONF['pi_name'])) {
$c->add('def_expiration', $_PP_DEFAULTS['def_expiration'], 'text', 0, 30, 0, 40, true, $_PP_CONF['pi_name']);
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.4')) {
$current_ver = '0.4.4';
// Remove individual block selections and combine into one
$displayblocks = 0;
if ($_PP_CONF['leftblocks'] == 1) {
$displayblocks += 1;
}
if ($_PP_CONF['rightblocks'] == 1) {
$displayblocks += 2;
}
$c->del('leftblocks', 'paypal');
$c->del('rightblocks', 'paypal');
$c->add('displayblocks', $displayblocks, 'select', 0, 0, 13, 210, true, $_PP_CONF['pi_name']);
$c->add('debug_ipn', $_PP_DEFAULTS['debug_ipn'], 'select', 0, 50, 2, 20, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.5')) {
$current_ver = '0.4.5';
// Add notification email override
$c->add('admin_email_addr', $_PP_DEFAULTS['admin_email_addr'], 'text', 0, 0, 0, 40, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.5')) {
$current_ver = '0.4.5';
// Move the buy_now buttons into a separate table
$sql = "SELECT id, buttons FROM {$_TABLES['paypal.products']}";
$res = DB_query($sql, 1);
while ($A = DB_fetchArray($res, false)) {
$id = $A['id'];
$btns = @unserialize($A['buttons']);
if ($btns && isset($btns['buy_now'])) {
$button = DB_escapeString($btns['buy_now']);
} else {
$button = '';
}
DB_query("INSERT INTO {$_TABLES['paypal.buttons']} VALUES\n ('{$id}', 'paypal', '{$button}')", 1);
}
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.0')) {
$current_ver = '0.5.0';
// Perform the main database upgrades
// The first few lines get the schema updated for elements that
// may have been missed (0.4.4 wasn't updated properly).
// Errors need to be ignored for these.
DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n ADD options text after show_popular", 1);
DB_query("ALTER TABLE {$_TABLES['paypal.purchases']}\n ADD token varchar(40) after price", 1);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
// Move the global PayPal-specific configurations into the config table
$receiver_email = DB_escapeString($_PP_CONF['receiver_email'][0]);
$gwconfig = array('bus_prod_email' => $receiver_email, 'bus_test_email' => $receiver_email, 'micro_prod_email' => $receiver_email, 'micro_test_email' => $receiver_email, 'micro_threshold' => 10, 'prod_url' => 'https://www.paypal.com', 'sandbox_url' => 'https://www.sandbox.paypal.com', 'test_mode' => (int) $_PP_CONF['testing'], 'prv_key' => DB_escapeString($_PP_CONF['prv_key']), 'pub_key' => DB_escapeString($_PP_CONF['pub_key']), 'pp_cert' => DB_escapeString($_PP_CONF['pp_cert']), 'pp_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'micro_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'encrypt' => (int) $_PP_CONF['encrypt_buttons']);
$db_config = DB_escapeString(@serialize($gwconfig));
$services = array('buy_now' => 1, 'pay_now' => 1, 'checkout' => 1, 'donation' => 1, 'subscribe' => 1, 'external' => 1);
$db_services = DB_escapeString(@serialize($services));
$sql = "INSERT INTO {$_TABLES['paypal.gateways']}\n (id, orderby, enabled, description, config, services)\n VALUES\n ('paypal', 10, 1, 'Paypal Website Payments Standard',\n '{$db_config}', '{$db_services}'),\n ('amazon', 20, 0, 'Amazon SimplePay', '', '{$db_services}')";
//echo $sql;die;
// ... and remove Paypal-specific configs from the main config system
$c->del('receiver_email', 'paypal');
$c->del('testing', 'paypal');
$c->del('paypal_url', 'paypal');
$c->del('prod_url', 'paypal');
$c->del('use_css_menus', 'paypal');
// Just not used any more
$c->del('encrypt_buttons', 'paypal');
$c->del('prv_key', 'paypal');
$c->del('pub_key', 'paypal');
$c->del('pp_cert', 'paypal');
$c->del('pp_cert_id', 'paypal');
// Add new plugin config items
$c->add('fs_addresses', NULL, 'fieldset', 0, 60, NULL, 0, true, $_PP_CONF['pi_name']);
$c->add('get_street', $_PP_DEFAULTS['get_street'], 'select', 0, 60, 14, 10, true, $_PP_CONF['pi_name']);
$c->add('get_city', $_PP_DEFAULTS['get_city'], 'select', 0, 60, 14, 20, true, $_PP_CONF['pi_name']);
$c->add('get_state', $_PP_DEFAULTS['get_state'], 'select', 0, 60, 14, 30, true, $_PP_CONF['pi_name']);
$c->add('get_country', $_PP_DEFAULTS['get_country'], 'select', 0, 60, 14, 40, true, $_PP_CONF['pi_name']);
$c->add('get_postal', $_PP_DEFAULTS['get_postal'], 'select', 0, 60, 14, 50, true, $_PP_CONF['pi_name']);
$c->add('weight_unit', $_PP_DEFAULTS['weight_unit'], 'select', 0, 0, 15, 230, true, $_PP_CONF['pi_name']);
$c->add('ena_cart', $PP_DEFAULTS['ena_cart'], 'select', 0, 0, 2, 220, true, $_PP_CONF['pi_name']);
DB_query("UPDATE {$_TABLES['conf_values']}\n SET sort_order=80\n WHERE name='tmpdir'\n AND group_name='paypal'");
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("Error Executing SQL: {$sql}", 1);
}
// Convert saved buttons in the product records to simple text strings
// indicating the type of button to use. Don't save the button in the
// new cache table; that will be done when the button is needed.
DB_query("UPDATE {$_TABLES['paypal.products']} SET buttons='buy_now'");
// Create order records and associate with the existing purchase table.
// We create our own sid to try and use the original purchase date.
// Since this function runs so fast, there could still be duplicate
// sid's so we check for an existing sid before trying to use it.
// If that happens, the order_id will just be a current sid.
$sql = "SELECT * FROM {$_TABLES['paypal.purchases']}";
$res = DB_query($sql);
if ($res && DB_numRows($res) > 0) {
USES_paypal_class_order();
while ($A = DB_fetchArray($res, false)) {
$dt_tm = explode(' ', $A['purchase_date']);
list($y, $m, $d) = explode('-', $dt_tm[0]);
list($h, $i, $s) = explode(':', $dt_tm[1]);
$sid = $y . $m . $d . $h . $i . $s;
$order_id = $sid . mt_rand(0, 999);
while (DB_count($_TABLES['paypal.orders'], 'order_id', $order_id) > 0) {
$order_id = COM_makeSid();
}
// Discovered that the "price" field isn't filled in for the
// purchase table. Read the IPN data and use mc_gross.
$IPN = DB_getItem($_TABLES['paypal.ipnlog'], 'ipn_data', "txn_id = '" . DB_escapeString($A['txn_id']) . "'");
$price = 0;
if (!empty($IPN)) {
$data = @unserialize($IPN);
if ($data && isset($data['mc_gross'])) {
$price = (double) $data['mc_gross'];
if (isset($data['tax'])) {
$tax = (double) $data['tax'];
$price -= $tax;
} else {
$tax = 0;
}
if (isset($data['shipping'])) {
$shipping = (double) $data['shipping'];
$price -= $shipping;
} else {
$shipping = 0;
}
if (isset($data['handling'])) {
$handling = (double) $data['handling'];
$price -= $handling;
} else {
$handling = 0;
}
}
}
$ord = new ppOrder($order_id);
$ord->uid = $A['user_id'];
$ord->order_date = DB_escapeString($A['purchase_date']);
$ord->status = PP_STATUS_PAID;
$ord->pmt_method = 'paypal';
$ord->pmt_txn_id = $A['txn_id'];
$ord->tax = $tax;
$ord->shipping = $shipping;
$ord->handling = $handling;
$order_id = $ord->Save();
// Also, split out the item number from any attributes.
// Starting with 0.5.0 we store the actual item number
// and options separately.
// * PAYPAL_explode_opts() not available in this version *
list($item_num, $options) = explode('|', $A['product_id']);
if (!$options) {
$options = '';
}
DB_query("UPDATE {$_TABLES['paypal.purchases']} SET\n order_id = '" . DB_escapeString($order_id) . "',\n price = '{$price}',\n product_id = '" . DB_escapeString($item_num) . "',\n options = '" . DB_escapeString($options) . "'\n WHERE txn_id = '{$A['txn_id']}'");
}
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.2')) {
$current_ver = '0.5.2';
$error = PAYPAL_do_upgrade_sql($current_ver);
if ($error) {
return $error;
}
$c->add('centerblock', $_PP_DEFAULTS['centerblock'], 'select', 0, 0, 2, 215, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.4')) {
$current_ver = '0.5.4';
// Addes the currency table and formatting functions
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.6')) {
$current_ver = '0.5.6';
// SQL updates in 0.5.4 weren't included in new installation, so check
// if they're done and add them to the upgrade process if not.
$res = DB_query("SHOW TABLES LIKE '{$_TABLES['paypal.currency']}'", 1);
if (!$res || DB_numRows($res) < 1) {
// Add the table
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][0];
// Populate with data
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][1];
}
$res = DB_query("SHOW COLUMNS FROM {$_TABLES['paypal.products']}\n LIKE 'sale_price'", 1);
if (!$res || DB_numRows($res) < 1) {
// Add the field to the products table
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][2];
}
if (!PAYPAL_do_upgrade_sql('0.5.6')) {
return false;
}
// Add new product defaults for onhand tracking
$c->add('def_track_onhand', $_PP_DEFAULTS['def_track_onhand'], 'select', 0, 30, 2, 50, true, $_PP_CONF['pi_name']);
$c->add('def_oversell', $_PP_DEFAULTS['def_oversell'], 'select', 0, 30, 16, 60, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.7')) {
$current_ver = '0.5.7';
$gid = (int) DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='{$_PP_CONF['pi_name']} Admin'");
if ($gid < 1) {
$gid = 1;
}
// default to Root if paypal group not found
DB_query("INSERT INTO {$_TABLES['vars']}\n SET name='paypal_gid', value={$gid}");
$c->add('product_tpl_ver', $_PP_DEFAULTS['product_tpl_ver'], 'select', 0, 30, 2, 70, true, $_PP_CONF['pi_name']);
$c->add('list_tpl_ver', $_PP_DEFAULTS['list_tpl_ver'], 'select', 0, 30, 0, 80, true, $_PP_CONF['pi_name']);
$c->add('cache_max_age', $_PP_DEFAULTS['cache_max_age'], 'text', 0, 40, 2, 40, true, $_PP_CONF['pi_name']);
// Create cache directory
if (!is_dir($_PP_DEFAULTS['tmpdir'] . 'cache')) {
@mkdir($_PP_DEFAULTS['tmpdir'] . 'cache', '0755', true);
}
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.8')) {
$current_ver = '0.5.8';
// Add terms and conditions link
$c->add('tc_link', $_PP_DEFAULTS['tc_link'], 'text', 0, 40, 2, 50, true, $_PP_CONF['pi_name']);
// Upgrade sql changes from owner/group/member/anon perms to group id
// First update the group_id based on the perms.
$sql = "SELECT cat_id,group_id,perm_group,perm_members,perm_anon\n FROM {$_TABLES['paypal.categories']}";
$res = DB_query($sql, 1);
while ($A = DB_fetchArray($res, false)) {
if ($A['perm_anon'] >= 2) {
$grp_id = 2;
} elseif ($A['perm_members'] >= 2) {
$grp_id = 13;
} else {
$grp_id = $A['group_id'];
}
if ($A['group_id'] != $grp_id) {
$grp_id = (int) $grp_id;
DB_query("UPDATE {$_TABLES['paypal.categories']}\n SET group_id = {$grp_id}\n WHERE cat_id = {$A['cat_id']}");
}
}
// Remove Amazon Simplepay gateway file to prevent re-enabling
@unlink(PAYPAL_PI_PATH . '/classes/gateways/amazon.class.php');
if (!PAYPAL_do_upgrade_sql($current_ver, true)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.9')) {
$current_ver = '0.5.9';
// Add shop phone and email conf values, fix subgroup ID for shop info
$c->add('shop_phone', '', 'text', 10, 100, 0, 30, true, $_PP_CONF['pi_name']);
$c->add('shop_email', $_PP_DEFAULTS['shop_email'], 'text', 10, 100, 0, 40, true, $_PP_CONF['pi_name']);
// Create default path for downloads (even if not used)
@mkdir($_CONF['path'] . 'data/' . $_PP_CONF['pi_name'] . '/files', true);
// Remove stray .htaccess file that interferes with plugin removal
@unlink(PAYPAL_PI_PATH . '/files/.htaccess');
if (!PAYPAL_do_upgrade_sql('0.5.9')) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
CTL_clearCache($_PP_CONF['pi_name']);
COM_errorLog("Successfully updated the {$_PP_CONF['pi_display_name']} Plugin", 1);
return true;
}
if (!SEC_hasRights('paypal.admin')) {
COM_accessLog("User {$_USER['username']} tried to illegally access the classifieds admin ajax function.");
exit;
}
switch ($_GET['action']) {
case 'updatestatus':
if (!empty($_GET['order_id']) && !empty($_GET['newstatus'])) {
$showlog = $_GET['showlog'] == 1 ? 1 : 0;
USES_paypal_class_order();
$log_ts = '';
$log_user = '';
$log_msg = '';
$newstatus = $_GET['newstatus'];
$order_id = $_GET['order_id'];
$retstatus = $_GET['oldstatus'];
$ord = new ppOrder($_GET['order_id']);
if ($ord->isNew) {
break;
}
// non-existant order
if ($ord->UpdateStatus($newstatus)) {
//if (ppOrder::UpdateStatus($newstatus, $order_id)) {
$sql = "SELECT * FROM {$_TABLES['paypal.order_log']}\n WHERE order_id = '" . DB_escapeString($order_id) . "'\n ORDER BY ts DESC\n LIMIT 1";
//echo $sql;die;
$L = DB_fetchArray(DB_query($sql, 1), false);
if (!empty($L)) {
$log_ts = $L['ts'];
$log_user = $L['username'];
$log_msg = $L['message'];
$retstatus = $_GET['newstatus'];
}
/**
* Create an order record.
* This is virtually identical to the function in BaseIPN.class.php
* and is used here to create an order record when the purchase is
* being handled by the payment gateway, without an IPN.
*
* @param array $A Array of order info, at least a user ID
* @param array $cart The shopping cart, to get addresses, etc.
* @return string Order ID just created
*/
protected function CreateOrder($A, $cart)
{
global $_TABLES, $_USER;
$ord = new ppOrder();
$uid = isset($A['uid']) ? (int) $A['uid'] : $_USER['uid'];
$ord->uid = $uid;
$ord->status = 'pending';
// so there's something in the status field
if ($uid > 1) {
$U = self::UserInfo($uid);
}
$BillTo = $cart->getAddress('billto');
if (empty($BillTo) && $uid > 1) {
$BillTo = $U->getDefaultAddress('billto');
}
if (is_array($BillTo)) {
$ord->setBilling($BillTo);
}
$ShipTo = $cart->getAddress('shipto');
if (empty($ShipTo) && $uid > 1) {
$ShipTo = $U->getDefaultAddress('shipto');
}
if (is_array($ShipTo)) {
$ord->setShipping($ShipTo);
}
$ord->pmt_method = $this->gw_name;
$ord->pmt_txn_id = '';
/*$ord->tax = $this->pp_data['pmt_tax'];
$ord->shipping = $this->pp_data['pmt_shipping'];
$ord->handling = $this->pp_data['pmt_handling'];*/
$ord->buyer_email = DB_getItem($_TABLES['users'], 'email', "uid={$uid}");
$ord->log_user = COM_getDisplayName($uid) . " ({$uid})";
//$order_id = $ord->Save();
//return $order_id;
return $ord;
}
break;
case 'order':
if (COM_isAnonUser()) {
COM_404();
}
USES_paypal_class_order();
$order = new ppOrder($actionval);
if ($order->canView()) {
$content .= $order->View(true);
} else {
$content .= $LANG_PP['access_denied_msg'];
}
break;
case 'printorder':
USES_paypal_class_order();
$order = new ppOrder($actionval);
if ($order->canView()) {
echo $order->View(true, 'print');
exit;
} else {
COM_404();
}
break;
case 'vieworder':
if (COM_isAnonUser()) {
COM_404();
}
$_SESSION[PP_CART_VAR]['prevpage'] = $view;
$content .= $ppGCart->View(true);
$page_title = $LANG_PP['view_order'];
break;
/**
* Process a refund.
* If a purchase is completely refunded, then call the plugins to
* handle the refund. Otherwise, do nothing; partial refunds need to
* be handled manually.
*
* @todo: handle partial refunds
*/
protected function handleRefund()
{
global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP;
// Try to get original order information. Use the "parent transaction"
// or invoice number, if available from the IPN message
if (isset($this->pp_data['invoice'])) {
$order_id = $this->pp_data['invoice'];
} else {
$order_id = DB_getItem($_TABLES['paypal.orders'], 'order_id', "pmt_txn_id = '" . DB_escapeString($this->pp_data['parent_txn_id']) . "'");
}
$Order = new ppOrder($order_id);
if ($Order->order_id == '') {
return false;
}
// Figure out if the entire order was refunded
$refund_amt = abs((double) $this->pp_data['pmt_gross']);
$item_total = 0;
foreach ($Order->items as $key => $data) {
$item_total += $data['quantity'] * $data['price'];
}
$item_total += $Order->miscCharges();
if ($item_total == $refund_amt) {
// Completely refunded, let the items handle any refund
// actions. None for catalog items (since there's no inventory,
// but plugin items may need to do something.
foreach ($Order->items as $key => $data) {
if (PAYPAL_is_plugin_item($data['product_id'])) {
// Split the item number into component parts. It could
// be just a single string, depending on the plugin's needs.
if (strstr($data['product_id'], ':')) {
$pi_info = split(':', $data['product_id']);
} else {
$pi_info = array($data['product_id']);
}
$vars = array('item' => $pi_info, 'ipn_data' => $this->pp_data);
$status = LGLIB_invokeService($pi_info[0], 'handleRefund', $vars, $output, $svc_msg);
// Don't care about the status, really. May not even be
// a plugin function to handle refunds
}
}
// Update the order status to Refunded
$Order->UpdateStatus($LANG_PP['orderstatus']['refunded']);
}
}
