/** * Empty and destroy the cart * * @param boolean $del_order True to delete any related order * @return array Empty cart array */ public function Clear($del_order = true) { global $_TABLES; $sql = "DELETE FROM {$_TABLES['paypal.cart']} WHERE\r\n cart_id = '" . DB_escapeString($this->cartID()) . "'"; if (!COM_isAnonUser()) { $sql .= " OR cart_uid = " . (int) $_USER['uid']; } DB_query($sql); if ($del_order && isset($_SESSION[PP_CART_VAR]['order_id']) && !empty($_SESSION[PP_CART_VAR]['order_id'])) { USES_paypal_class_order(); ppOrder::Delete($_SESSION[PP_CART_VAR]['order_id']); } $this->m_cart = array(); unset($_SESSION[PP_CART_VAR]); return $this->m_cart; }
$i = 0; foreach ($_POST['upd_orders'] as $order_id) { if (!isset($_POST['newstatus'][$order_id]) || !isset($_POST['oldstatus'][$order_id]) || $_POST['newstatus'][$order_id] == $_POST['oldstatus'][$order_id]) { continue; } $ord = new ppOrder($order_id); $ord->UpdateStatus($_POST['newstatus'][$order_id], $order_id); $i++; } $msg[] = sprintf($LANG_PP['updated_x_orders'], $i); } $content .= PAYPAL_orders(true); break; case 'order': USES_paypal_class_order(); $order = new ppOrder($actionval); $content .= $order->View(true); break; case 'ipnlog': $op = isset($_REQUEST['op']) ? $_REQUEST['op'] : 'all'; $log_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0; $txn_id = isset($_REQUEST['txn_id']) ? COM_applyFilter($_REQUEST['txn_id']) : ''; switch ($op) { case 'single': $content .= PAYPAL_ipnlogSingle($log_id, $txn_id); break; default: $content .= PAYPAL_adminlist_IPNLog(); break; } break;
/** * Empty and destroy the cart * * @param boolean $del_order True to delete any related order * @return array Empty cart array */ public function Clear($del_order = true) { global $_TABLES; DB_delete($_TABLES['paypal.cart'], 'cart_id', $this->cartID()); if ($del_order && isset($_SESSION[PP_CART_VAR]['order_id']) && !empty($_SESSION[PP_CART_VAR]['order_id'])) { USES_paypal_class_order(); ppOrder::Delete($_SESSION[PP_CART_VAR]['order_id']); } $this->m_cart = array(); unset($_SESSION[PP_CART_VAR]); return $this->m_cart; }
/** * Perform the upgrade starting at the current version. * * @since version 0.4.0 * @return integer Error code, 0 for success */ function PAYPAL_do_upgrade() { global $_TABLES, $_CONF, $_PP_CONF, $_PP_DEFAULTS, $PP_UPGRADE, $_PLUGIN_INFO; if (isset($_PLUGIN_INFO[$_PP_CONF['pi_name']])) { $current_ver = $_PLUGIN_INFO[$_PP_CONF['pi_name']]; } else { return false; } // Get the config instance, several upgrades might need it $c = config::get_instance(); if (!COM_checkVersion($current_ver, '0.2')) { // upgrade to 0.2.2 $current_ver = '0.2.2'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.0')) { // upgrade to 0.4.0 $current_ver = '0.4.0'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!plugin_initconfig_paypal()) { return false; } // Migrate existing categories to the new category table $r = DB_query("SELECT DISTINCT category\n FROM {$_TABLES['paypal.products']}\n WHERE category <> '' and category IS NOT NULL"); if (DB_error()) { COM_errorLog("Could not retrieve old categories", 1); return false; } if (DB_numRows($r) > 0) { while ($A = DB_fetchArray($r, false)) { DB_query("INSERT INTO {$_TABLES['paypal.categories']}\n (cat_name)\n VALUES ('{$A['category']}')"); if (DB_error()) { COM_errorLog("Could not add new category {$A['category']}", 1); return false; } $cats[$A['category']] = DB_insertID(); } // Now populate the cross-reference table $r = DB_query("SELECT id, category\n FROM {$_TABLES['paypal.products']}"); if (DB_error()) { COM_errorLog("Error retrieving category data from products", 1); return false; } if (DB_numRows($r) > 0) { while ($A = DB_fetchArray($r, false)) { DB_query("UPDATE {$_TABLES['paypal.products']}\n SET cat_id = '{$cats[$A['category']]}'\n WHERE id = '{$A['id']}'"); if (DB_error()) { COM_errorLog("Error updating prodXcat table", 1); return false; } } } DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n DROP category"); } // Add buttons to the product records or they won't be shown. // Old paypal version always has buy_now and add_cart buttons. $buttons = serialize(array('buy_now' => '', 'add_cart' => '')); DB_query("UPDATE {$_TABLES['paypal.products']} \n SET buttons='{$buttons}',\n dt_add = UNIX_TIMESTAMP()"); // Finally, rename any existing config.php file since we now use // the online configuration. $pi_path = $_CONF['path'] . '/plugins/' . $_PP_CONF['pi_name']; if (is_file($pi_path . '/config.php')) { COM_errorLog("Renaming old config.php file to {$pi_path}/config.old.php", 1); if (!rename($pi_path . '/config.php', $pi_path . '/config.old.php')) { COM_errorLog("Failed to rename old config.php file. Manual intervention needed", 1); } } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.1')) { // upgrade to 0.4.1 $current_ver = '0.4.1'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if ($c->group_exists($_PP_CONF['pi_name'])) { $c->add('blk_random_limit', $_PP_DEFAULTS['blk_random_limit'], 'text', 0, 30, 2, 40, true, $_PP_CONF['pi_name']); $c->add('blk_featured_limit', $_PP_DEFAULTS['blk_featured_limit'], 'text', 0, 30, 2, 50, true, $_PP_CONF['pi_name']); $c->add('blk_popular_limit', $_PP_DEFAULTS['blk_popular_limit'], 'text', 0, 30, 2, 60, true, $_PP_CONF['pi_name']); $c->add('fs_debug', NULL, 'fieldset', 0, 50, NULL, 0, true, $_PP_CONF['pi_name']); $c->add('debug', $_PP_DEFAULTS['debug'], 'select', 0, 50, 2, 10, true, $_PP_CONF['pi_name']); } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.2')) { // upgrade to 0.4.2 $current_ver = '0.4.2'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.3')) { // upgrade to 0.4.3 // this adds a field that was possibly missing in the initial // installation, but could have been added in the 0.4.1 update. So, // an error is to be expected and ignored $current_ver = '0.4.3'; if (!PAYPAL_do_upgrade_sql($current_ver, true)) { return false; } if ($c->group_exists($_PP_CONF['pi_name'])) { $c->add('def_expiration', $_PP_DEFAULTS['def_expiration'], 'text', 0, 30, 0, 40, true, $_PP_CONF['pi_name']); } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.4')) { $current_ver = '0.4.4'; // Remove individual block selections and combine into one $displayblocks = 0; if ($_PP_CONF['leftblocks'] == 1) { $displayblocks += 1; } if ($_PP_CONF['rightblocks'] == 1) { $displayblocks += 2; } $c->del('leftblocks', 'paypal'); $c->del('rightblocks', 'paypal'); $c->add('displayblocks', $displayblocks, 'select', 0, 0, 13, 210, true, $_PP_CONF['pi_name']); $c->add('debug_ipn', $_PP_DEFAULTS['debug_ipn'], 'select', 0, 50, 2, 20, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.5')) { $current_ver = '0.4.5'; // Add notification email override $c->add('admin_email_addr', $_PP_DEFAULTS['admin_email_addr'], 'text', 0, 0, 0, 40, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.5')) { $current_ver = '0.4.5'; // Move the buy_now buttons into a separate table $sql = "SELECT id, buttons FROM {$_TABLES['paypal.products']}"; $res = DB_query($sql, 1); while ($A = DB_fetchArray($res, false)) { $id = $A['id']; $btns = @unserialize($A['buttons']); if ($btns && isset($btns['buy_now'])) { $button = DB_escapeString($btns['buy_now']); } else { $button = ''; } DB_query("INSERT INTO {$_TABLES['paypal.buttons']} VALUES\n ('{$id}', 'paypal', '{$button}')", 1); } if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.0')) { $current_ver = '0.5.0'; // Perform the main database upgrades // The first few lines get the schema updated for elements that // may have been missed (0.4.4 wasn't updated properly). // Errors need to be ignored for these. DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n ADD options text after show_popular", 1); DB_query("ALTER TABLE {$_TABLES['paypal.purchases']}\n ADD token varchar(40) after price", 1); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } // Move the global PayPal-specific configurations into the config table $receiver_email = DB_escapeString($_PP_CONF['receiver_email'][0]); $gwconfig = array('bus_prod_email' => $receiver_email, 'bus_test_email' => $receiver_email, 'micro_prod_email' => $receiver_email, 'micro_test_email' => $receiver_email, 'micro_threshold' => 10, 'prod_url' => 'https://www.paypal.com', 'sandbox_url' => 'https://www.sandbox.paypal.com', 'test_mode' => (int) $_PP_CONF['testing'], 'prv_key' => DB_escapeString($_PP_CONF['prv_key']), 'pub_key' => DB_escapeString($_PP_CONF['pub_key']), 'pp_cert' => DB_escapeString($_PP_CONF['pp_cert']), 'pp_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'micro_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'encrypt' => (int) $_PP_CONF['encrypt_buttons']); $db_config = DB_escapeString(@serialize($gwconfig)); $services = array('buy_now' => 1, 'pay_now' => 1, 'checkout' => 1, 'donation' => 1, 'subscribe' => 1, 'external' => 1); $db_services = DB_escapeString(@serialize($services)); $sql = "INSERT INTO {$_TABLES['paypal.gateways']}\n (id, orderby, enabled, description, config, services)\n VALUES\n ('paypal', 10, 1, 'Paypal Website Payments Standard',\n '{$db_config}', '{$db_services}'),\n ('amazon', 20, 0, 'Amazon SimplePay', '', '{$db_services}')"; //echo $sql;die; // ... and remove Paypal-specific configs from the main config system $c->del('receiver_email', 'paypal'); $c->del('testing', 'paypal'); $c->del('paypal_url', 'paypal'); $c->del('prod_url', 'paypal'); $c->del('use_css_menus', 'paypal'); // Just not used any more $c->del('encrypt_buttons', 'paypal'); $c->del('prv_key', 'paypal'); $c->del('pub_key', 'paypal'); $c->del('pp_cert', 'paypal'); $c->del('pp_cert_id', 'paypal'); // Add new plugin config items $c->add('fs_addresses', NULL, 'fieldset', 0, 60, NULL, 0, true, $_PP_CONF['pi_name']); $c->add('get_street', $_PP_DEFAULTS['get_street'], 'select', 0, 60, 14, 10, true, $_PP_CONF['pi_name']); $c->add('get_city', $_PP_DEFAULTS['get_city'], 'select', 0, 60, 14, 20, true, $_PP_CONF['pi_name']); $c->add('get_state', $_PP_DEFAULTS['get_state'], 'select', 0, 60, 14, 30, true, $_PP_CONF['pi_name']); $c->add('get_country', $_PP_DEFAULTS['get_country'], 'select', 0, 60, 14, 40, true, $_PP_CONF['pi_name']); $c->add('get_postal', $_PP_DEFAULTS['get_postal'], 'select', 0, 60, 14, 50, true, $_PP_CONF['pi_name']); $c->add('weight_unit', $_PP_DEFAULTS['weight_unit'], 'select', 0, 0, 15, 230, true, $_PP_CONF['pi_name']); $c->add('ena_cart', $PP_DEFAULTS['ena_cart'], 'select', 0, 0, 2, 220, true, $_PP_CONF['pi_name']); DB_query("UPDATE {$_TABLES['conf_values']}\n SET sort_order=80\n WHERE name='tmpdir'\n AND group_name='paypal'"); DB_query($sql, 1); if (DB_error()) { COM_errorLog("Error Executing SQL: {$sql}", 1); } // Convert saved buttons in the product records to simple text strings // indicating the type of button to use. Don't save the button in the // new cache table; that will be done when the button is needed. DB_query("UPDATE {$_TABLES['paypal.products']} SET buttons='buy_now'"); // Create order records and associate with the existing purchase table. // We create our own sid to try and use the original purchase date. // Since this function runs so fast, there could still be duplicate // sid's so we check for an existing sid before trying to use it. // If that happens, the order_id will just be a current sid. $sql = "SELECT * FROM {$_TABLES['paypal.purchases']}"; $res = DB_query($sql); if ($res && DB_numRows($res) > 0) { USES_paypal_class_order(); while ($A = DB_fetchArray($res, false)) { $dt_tm = explode(' ', $A['purchase_date']); list($y, $m, $d) = explode('-', $dt_tm[0]); list($h, $i, $s) = explode(':', $dt_tm[1]); $sid = $y . $m . $d . $h . $i . $s; $order_id = $sid . mt_rand(0, 999); while (DB_count($_TABLES['paypal.orders'], 'order_id', $order_id) > 0) { $order_id = COM_makeSid(); } // Discovered that the "price" field isn't filled in for the // purchase table. Read the IPN data and use mc_gross. $IPN = DB_getItem($_TABLES['paypal.ipnlog'], 'ipn_data', "txn_id = '" . DB_escapeString($A['txn_id']) . "'"); $price = 0; if (!empty($IPN)) { $data = @unserialize($IPN); if ($data && isset($data['mc_gross'])) { $price = (double) $data['mc_gross']; if (isset($data['tax'])) { $tax = (double) $data['tax']; $price -= $tax; } else { $tax = 0; } if (isset($data['shipping'])) { $shipping = (double) $data['shipping']; $price -= $shipping; } else { $shipping = 0; } if (isset($data['handling'])) { $handling = (double) $data['handling']; $price -= $handling; } else { $handling = 0; } } } $ord = new ppOrder($order_id); $ord->uid = $A['user_id']; $ord->order_date = DB_escapeString($A['purchase_date']); $ord->status = PP_STATUS_PAID; $ord->pmt_method = 'paypal'; $ord->pmt_txn_id = $A['txn_id']; $ord->tax = $tax; $ord->shipping = $shipping; $ord->handling = $handling; $order_id = $ord->Save(); // Also, split out the item number from any attributes. // Starting with 0.5.0 we store the actual item number // and options separately. // * PAYPAL_explode_opts() not available in this version * list($item_num, $options) = explode('|', $A['product_id']); if (!$options) { $options = ''; } DB_query("UPDATE {$_TABLES['paypal.purchases']} SET\n order_id = '" . DB_escapeString($order_id) . "',\n price = '{$price}',\n product_id = '" . DB_escapeString($item_num) . "',\n options = '" . DB_escapeString($options) . "'\n WHERE txn_id = '{$A['txn_id']}'"); } } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.2')) { $current_ver = '0.5.2'; $error = PAYPAL_do_upgrade_sql($current_ver); if ($error) { return $error; } $c->add('centerblock', $_PP_DEFAULTS['centerblock'], 'select', 0, 0, 2, 215, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.4')) { $current_ver = '0.5.4'; // Addes the currency table and formatting functions if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.6')) { $current_ver = '0.5.6'; // SQL updates in 0.5.4 weren't included in new installation, so check // if they're done and add them to the upgrade process if not. $res = DB_query("SHOW TABLES LIKE '{$_TABLES['paypal.currency']}'", 1); if (!$res || DB_numRows($res) < 1) { // Add the table $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][0]; // Populate with data $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][1]; } $res = DB_query("SHOW COLUMNS FROM {$_TABLES['paypal.products']}\n LIKE 'sale_price'", 1); if (!$res || DB_numRows($res) < 1) { // Add the field to the products table $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][2]; } if (!PAYPAL_do_upgrade_sql('0.5.6')) { return false; } // Add new product defaults for onhand tracking $c->add('def_track_onhand', $_PP_DEFAULTS['def_track_onhand'], 'select', 0, 30, 2, 50, true, $_PP_CONF['pi_name']); $c->add('def_oversell', $_PP_DEFAULTS['def_oversell'], 'select', 0, 30, 16, 60, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.7')) { $current_ver = '0.5.7'; $gid = (int) DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='{$_PP_CONF['pi_name']} Admin'"); if ($gid < 1) { $gid = 1; } // default to Root if paypal group not found DB_query("INSERT INTO {$_TABLES['vars']}\n SET name='paypal_gid', value={$gid}"); $c->add('product_tpl_ver', $_PP_DEFAULTS['product_tpl_ver'], 'select', 0, 30, 2, 70, true, $_PP_CONF['pi_name']); $c->add('list_tpl_ver', $_PP_DEFAULTS['list_tpl_ver'], 'select', 0, 30, 0, 80, true, $_PP_CONF['pi_name']); $c->add('cache_max_age', $_PP_DEFAULTS['cache_max_age'], 'text', 0, 40, 2, 40, true, $_PP_CONF['pi_name']); // Create cache directory if (!is_dir($_PP_DEFAULTS['tmpdir'] . 'cache')) { @mkdir($_PP_DEFAULTS['tmpdir'] . 'cache', '0755', true); } if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.8')) { $current_ver = '0.5.8'; // Add terms and conditions link $c->add('tc_link', $_PP_DEFAULTS['tc_link'], 'text', 0, 40, 2, 50, true, $_PP_CONF['pi_name']); // Upgrade sql changes from owner/group/member/anon perms to group id // First update the group_id based on the perms. $sql = "SELECT cat_id,group_id,perm_group,perm_members,perm_anon\n FROM {$_TABLES['paypal.categories']}"; $res = DB_query($sql, 1); while ($A = DB_fetchArray($res, false)) { if ($A['perm_anon'] >= 2) { $grp_id = 2; } elseif ($A['perm_members'] >= 2) { $grp_id = 13; } else { $grp_id = $A['group_id']; } if ($A['group_id'] != $grp_id) { $grp_id = (int) $grp_id; DB_query("UPDATE {$_TABLES['paypal.categories']}\n SET group_id = {$grp_id}\n WHERE cat_id = {$A['cat_id']}"); } } // Remove Amazon Simplepay gateway file to prevent re-enabling @unlink(PAYPAL_PI_PATH . '/classes/gateways/amazon.class.php'); if (!PAYPAL_do_upgrade_sql($current_ver, true)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.9')) { $current_ver = '0.5.9'; // Add shop phone and email conf values, fix subgroup ID for shop info $c->add('shop_phone', '', 'text', 10, 100, 0, 30, true, $_PP_CONF['pi_name']); $c->add('shop_email', $_PP_DEFAULTS['shop_email'], 'text', 10, 100, 0, 40, true, $_PP_CONF['pi_name']); // Create default path for downloads (even if not used) @mkdir($_CONF['path'] . 'data/' . $_PP_CONF['pi_name'] . '/files', true); // Remove stray .htaccess file that interferes with plugin removal @unlink(PAYPAL_PI_PATH . '/files/.htaccess'); if (!PAYPAL_do_upgrade_sql('0.5.9')) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } CTL_clearCache($_PP_CONF['pi_name']); COM_errorLog("Successfully updated the {$_PP_CONF['pi_display_name']} Plugin", 1); return true; }
if (!SEC_hasRights('paypal.admin')) { COM_accessLog("User {$_USER['username']} tried to illegally access the classifieds admin ajax function."); exit; } switch ($_GET['action']) { case 'updatestatus': if (!empty($_GET['order_id']) && !empty($_GET['newstatus'])) { $showlog = $_GET['showlog'] == 1 ? 1 : 0; USES_paypal_class_order(); $log_ts = ''; $log_user = ''; $log_msg = ''; $newstatus = $_GET['newstatus']; $order_id = $_GET['order_id']; $retstatus = $_GET['oldstatus']; $ord = new ppOrder($_GET['order_id']); if ($ord->isNew) { break; } // non-existant order if ($ord->UpdateStatus($newstatus)) { //if (ppOrder::UpdateStatus($newstatus, $order_id)) { $sql = "SELECT * FROM {$_TABLES['paypal.order_log']}\n WHERE order_id = '" . DB_escapeString($order_id) . "'\n ORDER BY ts DESC\n LIMIT 1"; //echo $sql;die; $L = DB_fetchArray(DB_query($sql, 1), false); if (!empty($L)) { $log_ts = $L['ts']; $log_user = $L['username']; $log_msg = $L['message']; $retstatus = $_GET['newstatus']; }
/** * Create an order record. * This is virtually identical to the function in BaseIPN.class.php * and is used here to create an order record when the purchase is * being handled by the payment gateway, without an IPN. * * @param array $A Array of order info, at least a user ID * @param array $cart The shopping cart, to get addresses, etc. * @return string Order ID just created */ protected function CreateOrder($A, $cart) { global $_TABLES, $_USER; $ord = new ppOrder(); $uid = isset($A['uid']) ? (int) $A['uid'] : $_USER['uid']; $ord->uid = $uid; $ord->status = 'pending'; // so there's something in the status field if ($uid > 1) { $U = self::UserInfo($uid); } $BillTo = $cart->getAddress('billto'); if (empty($BillTo) && $uid > 1) { $BillTo = $U->getDefaultAddress('billto'); } if (is_array($BillTo)) { $ord->setBilling($BillTo); } $ShipTo = $cart->getAddress('shipto'); if (empty($ShipTo) && $uid > 1) { $ShipTo = $U->getDefaultAddress('shipto'); } if (is_array($ShipTo)) { $ord->setShipping($ShipTo); } $ord->pmt_method = $this->gw_name; $ord->pmt_txn_id = ''; /*$ord->tax = $this->pp_data['pmt_tax']; $ord->shipping = $this->pp_data['pmt_shipping']; $ord->handling = $this->pp_data['pmt_handling'];*/ $ord->buyer_email = DB_getItem($_TABLES['users'], 'email', "uid={$uid}"); $ord->log_user = COM_getDisplayName($uid) . " ({$uid})"; //$order_id = $ord->Save(); //return $order_id; return $ord; }
break; case 'order': if (COM_isAnonUser()) { COM_404(); } USES_paypal_class_order(); $order = new ppOrder($actionval); if ($order->canView()) { $content .= $order->View(true); } else { $content .= $LANG_PP['access_denied_msg']; } break; case 'printorder': USES_paypal_class_order(); $order = new ppOrder($actionval); if ($order->canView()) { echo $order->View(true, 'print'); exit; } else { COM_404(); } break; case 'vieworder': if (COM_isAnonUser()) { COM_404(); } $_SESSION[PP_CART_VAR]['prevpage'] = $view; $content .= $ppGCart->View(true); $page_title = $LANG_PP['view_order']; break;
/** * Process a refund. * If a purchase is completely refunded, then call the plugins to * handle the refund. Otherwise, do nothing; partial refunds need to * be handled manually. * * @todo: handle partial refunds */ protected function handleRefund() { global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP; // Try to get original order information. Use the "parent transaction" // or invoice number, if available from the IPN message if (isset($this->pp_data['invoice'])) { $order_id = $this->pp_data['invoice']; } else { $order_id = DB_getItem($_TABLES['paypal.orders'], 'order_id', "pmt_txn_id = '" . DB_escapeString($this->pp_data['parent_txn_id']) . "'"); } $Order = new ppOrder($order_id); if ($Order->order_id == '') { return false; } // Figure out if the entire order was refunded $refund_amt = abs((double) $this->pp_data['pmt_gross']); $item_total = 0; foreach ($Order->items as $key => $data) { $item_total += $data['quantity'] * $data['price']; } $item_total += $Order->miscCharges(); if ($item_total == $refund_amt) { // Completely refunded, let the items handle any refund // actions. None for catalog items (since there's no inventory, // but plugin items may need to do something. foreach ($Order->items as $key => $data) { if (PAYPAL_is_plugin_item($data['product_id'])) { // Split the item number into component parts. It could // be just a single string, depending on the plugin's needs. if (strstr($data['product_id'], ':')) { $pi_info = split(':', $data['product_id']); } else { $pi_info = array($data['product_id']); } $vars = array('item' => $pi_info, 'ipn_data' => $this->pp_data); $status = LGLIB_invokeService($pi_info[0], 'handleRefund', $vars, $output, $svc_msg); // Don't care about the status, really. May not even be // a plugin function to handle refunds } } // Update the order status to Refunded $Order->UpdateStatus($LANG_PP['orderstatus']['refunded']); } }