public function checkOrder()
{
//If this function returns true, it means that the payment was successful and we should make a new order for the user. If it returns false, that is a false IPN request and it should be stored in a log file for security purposes
$IPNRequestVerification = false;
$IPNRequestValidation = false;
//Store all the requests coming from paypal.
$IPNRequest = "";
foreach ($_POST as $key => $value) {
$IPNRequest .= "&{$key}={$value}";
}
$paypaLog = new PaypaLog();
$paypaLog->setIPN($IPNRequest);
$IPNRequestVerification = $this->verifyIPNRequest();
//Make sure that the request actually came from Paypal, not from a hacker
if ($IPNRequestVerification) {
$paypaLog->setVerified("yes");
$this->log("The request is verified");
$IPNRequestValidation = $this->validateOrder();
//Make sure that the client actually paid the right price for their order
if ($IPNRequestValidation) {
$paypaLog->setValidated("yes");
} else {
$paypaLog->setValidated("no");
}
} else {
$paypaLog->setVerified("no");
}
$paypaLog->save();
if ($IPNRequestVerification && $IPNRequestValidation) {
$canCheckout = Module_Cart::canUserCheckout();
if (count($canCheckout) == 0) {
$this->log("the request is verified and validated");
return true;
} else {
$msg = "";
foreach ($canCheckout as $key => $value) {
$msg .= "{$key}= {$value}\n";
}
$this->log("the request is verified and validated BUT the user cannot buy the product because they didn't meet the minimum requirements\n{$msg}");
$_SESSION['cart_checkout']['orderFailureReason'] = "The client cannot proceed with the payment because they didn't meet the minimum payment requirements";
return false;
}
} else {
$this->log("the request is either not verified or not validated");
return false;
}
}
public function getUserInterface($params)
{
//$this->setPageTitle('Feed Store');//Foreign Affair
$this->addCSS('/modules/Cart/css/cart.css');
$this->addJS('/modules/Cart/js/cart.js');
switch (@$params['action']) {
case 'add':
require_once 'include/CartBasket.php';
require_once 'include/CartProduct.php';
$item = new CartBasket();
$product = new CartProduct($params['productId']);
$price = 0;
if (isset($_REQUEST['att'])) {
$uniqid = uniqid(rand(), true);
$item->setProduct($params['productId'] . ':' . $uniqid);
$price = $item->getPrice();
foreach ($_REQUEST['att'] as $key => $newatt) {
$attribute = new CartProductAttribute($newatt);
$att = new CartBasketAttribute();
$att->setProduct($params['productId'] . ':' . $uniqid);
$att->setOptionsId($attribute->getOptionsId()->getId());
$att->setValueId($attribute->getValue()->getId());
$att->setValueText($attribute->getOptionsId()->getName() . ': ' . $attribute->getValue()->getName());
$price = $price + $attribute->getValuesPrice();
if (isset($_SESSION['authenticated_user'])) {
$att->setUser($_SESSION['authenticated_user']->getId());
$att->save();
}
}
} else {
$item->setProduct($params['productId']);
}
if ($product->getSpecials()) {
$price += $product->getSpecials()->getNew_products_price();
} else {
$price += $product->getPrice();
}
$item->setPrice($price);
if (isset($params['productQuantity'])) {
$item->setQuantity($params['productQuantity']);
} else {
$item->setQuantity(1);
}
if (isset($_SESSION['authenticated_user'])) {
$item->setUser($_SESSION['authenticated_user']->getId());
$item->save();
} else {
$_SESSION['cart_basket'][] = $item;
}
break;
case 'remove':
$item = @new CartBasket(@$_REQUEST['cartbasket_id']);
if (is_null($item->delete())) {
$tmp = array();
foreach ($_SESSION['cart_basket'] as &$item) {
if ($item->getProduct()->getId() != $_REQUEST['product_id']) {
$tmp[] = $item;
}
}
$_SESSION['cart_basket'] = $tmp;
}
break;
}
//var_dump($_REQUEST);
//echo $params['section'];exit;
switch ($params['section']) {
case 'search':
$items = CartProduct::searchProducts(@$_REQUEST["selSupplier"], @$_REQUEST["selCategory"], @$_REQUEST["selProductType"]);
$this->smarty->assign('products', $items);
return $this->smarty->fetch('store.tpl');
break;
case 'canCheckout':
/*Check to see if the user is ready to go to Paypal
* We should check the following:
* - The user is actually logged in
* - The price of the order is at least $250
* - The shipping address is present
* - The billing address is present
* - The shipping information is there (Canada Post or FedEx)
*/
$canCheckout = Module_Cart::canUserCheckout();
foreach ($canCheckout as $key => $value) {
$this->smarty->assign($key, $value);
}
$_SESSION['cart_checkout']['delivery_direction'] = @$_REQUEST["delivery_direction"];
return $this->smarty->fetch("canDoCheckOut.tpl");
break;
case 'cartdetail':
if (isset($_REQUEST['ship_type'])) {
$_SESSION['cart_checkout']['shipping'] = Shipping::factory($_REQUEST['ship_type']);
}
$this->setUpCartDetail();
return $this->smarty->fetch('cart_detail.tpl');
break;
case 'cart':
if (!isset($_SESSION['authenticated_user'])) {
//Reset all the shipping variables and addresses
$_SESSION['cart_checkout']['shipping'] = null;
$_SESSION['cart_checkout']['address']['billing_address'] = null;
$_SESSION['cart_checkout']['address']['shipping_address'] = null;
}
$this->setUpCartDetail();
$user = new User();
$form = $user->getUserAddEditForm('/store/checkout');
$form->removeElement('section');
$form->setConstants(array('account' => 'create'));
$form->addElement('hidden', 'account');
$this->smarty->assign('user_form', $form);
$this->smarty->assign('usernameexists', @$_REQUEST["usernameexists"]);
return $this->smarty->fetch('cart.tpl');
break;
case 'buyOrder':
//DO NOT UNCOMMENT THE FOLLOWING LINE UNLESS YOU WANT TO TEST THE PURCHASE OPERATION
//The following line buys the products that are in session. In other words, it bypasses Paypal.
$_SESSION['cart_checkout']['payment']->process();
case 'deliverydirections':
$_SESSION['cart_checkout']['delivery_direction'] = @$_REQUEST["delivery_direction"];
return $_SESSION['cart_checkout']['delivery_direction'];
break;
case 'checkout':
$_SESSION['cart_checkout']['order'] = null;
//Make sure to remove the old order (if any) from the session
$_SESSION['cart_checkout']['orderFailureReason'] = null;
//AND delete the previous failure reason
Module_Cart::initSessionVariables();
switch (@$_REQUEST['account']) {
case 'create':
$user = new User();
$form = $user->getUserAddEditForm();
if (@$_REQUEST["user_created"] == 1) {
$_POST["username"] = $_REQUEST["a_username"];
$_POST["password"] = $_REQUEST["a_password"];
$_POST["doLogin"] = "******";
$auth_container = new CMSAuthContainer();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
}
if (@$_REQUEST["username_already_exists"]) {
header('Location: /store/cart&usernameexists=1');
exit;
}
$_SESSION['authenticated_user'] = $user;
break;
}
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /store/cart');
exit;
}
//echo $_SESSION['authenticated_user']->getAddress()->getId() . "))))";exit;
$_SESSION['cart_checkout']['shipping'] = Shipping::factory('EAndA');
//Always set the shipping to EAndA
//The billing address of the order will be the addres of the user
$_SESSION['cart_checkout']['address']['billing_address'] = @$_SESSION['authenticated_user']->getAddress();
$_SESSION['cart_checkout']['address']['shipping_address'] = @$_SESSION['authenticated_user']->getShippingAddress();
$this->setUpCartDetail();
$this->addJS('/modules/Cart/js/cart.js');
$shipping = Shipping::getAllShippings();
if (isset($_SESSION['cart_checkout']['payment'])) {
$this->smarty->assign('payment_types', $_SESSION['cart_checkout']['payment']->getForm(Payment::getForm()));
} else {
$this->smarty->assign('payment_types', Payment::getForm());
}
if (isset($_SESSION['cart_checkout']['shipping'])) {
$this->smarty->assign('ship_types', $_SESSION['cart_checkout']['shipping']->getForm());
} else {
$this->smarty->assign('ship_types', Shipping::getForm());
}
if (!isset($_SESSION['cart_checkout']['address']['shipping_address'])) {
$_SESSION['cart_checkout']['address']['shipping_address'] = new Address();
}
$this->smarty->assign('ship_address', $_SESSION['cart_checkout']['address']['shipping_address']);
if (!isset($_SESSION['cart_checkout']['address']['billing_address'])) {
$_SESSION['cart_checkout']['address']['billing_address'] = new Address();
}
$this->smarty->assign('bill_address', $_SESSION['cart_checkout']['address']['billing_address']);
$this->smarty->assign('shipping_types', $shipping);
$delivery_direction = @$_SESSION['cart_checkout']['delivery_direction'];
$this->smarty->assign('delivery_direction', $delivery_direction);
return $this->smarty->fetch('cart_checkout_address.tpl');
break;
case 'payment':
//$this->addJS('/modules/Cart/js/cart.js');
$payment = $_SESSION['cart_checkout']['payment'];
$form = $payment->getForm(Payment::getForm());
if ($form->validate() && $form->isSubmitted() && isset($_REQUEST['cart_submit'])) {
return $payment->complete($this->smarty);
} else {
return '<div id="pay_form">' . $form->display() . '</div>';
}
break;
case 'payform':
if (!isset($_REQUEST['pay_type'])) {
$_REQUEST['pay_type'] = "Paypal";
}
if (isset($_REQUEST['pay_type'])) {
$_SESSION['cart_checkout']['payment'] = Payment::factory($_REQUEST['pay_type']);
}
$form = Payment::getForm();
return $_SESSION['cart_checkout']['payment']->getForm($form)->display();
//return Payment::getForm($form)->display();
break;
case 'address':
//No need to set the ID of the address to null.
//$_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]->setId(null);
if (@$_REQUEST["sameAsBilling"]) {
//The user has clicked on the link: "The shipping address is the same as the billing address"
//Copy the billing address object to the shipping address object
//Make sure we're not assigning pointers
$_SESSION['cart_checkout']['address']["shipping_address"]->copy($_SESSION['cart_checkout']['address']["billing_address"]);
}
if ($_REQUEST['adr_type'] == "shipping_address") {
$this->smarty->assign('sameAsBilling', "1");
}
$form = $_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]->getAddEditForm($_REQUEST['adr_type']);
$form->addElement('submit', 'submit', 'Submit');
$form->updateAttributes(array('action' => '/store/address'));
$form->setConstants(array('adr_type' => $_REQUEST['adr_type']));
$form->addElement('hidden', 'adr_type');
if (isset($_REQUEST['submit'])) {
$this->smarty->assign('address', $_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]);
$this->smarty->assign('adr_type', $_REQUEST['adr_type']);
/***************************************
* The following lines are important.
* Even though the billing address ID is stored in the user's object and there is no need to re-assign it
* The old users have that ID set to zero. So, we need to change that to the ID of the billing address
*/
if ($_REQUEST['adr_type'] == "billing_address") {
$_SESSION['authenticated_user']->setAddress($_SESSION['cart_checkout']['address']["billing_address"]);
$_SESSION['authenticated_user']->save();
}
if ($_REQUEST['adr_type'] == "shipping_address") {
$_SESSION['authenticated_user']->setShippingAddress($_SESSION['cart_checkout']['address']["shipping_address"]);
$_SESSION['authenticated_user']->save();
}
return $this->smarty->fetch('cart_address_format.tpl');
} else {
return $form->display();
}
break;
case 'product':
$this->addJS('/modules/Cart/js/cart.js');
$this->addCSS('/modules/Cart/css/product.css');
$product = new CartProduct($params['page']);
/*
switch (@$_REQUEST['subsection']) {
case 'accessories':
$this->smarty->assign('products', $product->getAccessories());
$this->smarty->assign('section', 'accessories');
break;
default:
}
*/
$this->smarty->assign('product', $product);
return $this->smarty->fetch('cart_product.tpl');
break;
case 'productform':
$product = new CartProduct($params['productId']);
$form = $product->getAddToCartForm();
return $form->display();
break;
case 'manufacturer':
$this->addJS('/modules/Cart/js/cart.js');
$this->smarty->assign('threecol', true);
//$products = CartManufacturer::getProductsByManufacturer($params['page']);
require_once 'Pager.php';
$pagerOptions = array('mode' => 'Sliding', 'delta' => 3, 'perPage' => 8, 'append' => false, 'path' => '/store/manufacturer', 'fileName' => $params['page'] . "/%d", 'totalItems' => CartManufacturer::getCountCartManufacturer($params['page']));
$pager =& Pager::factory($pagerOptions);
list($from, $to) = $pager->getOffsetByPageId();
//$items = CartManufacturer::getCategoriesByManufacturer($params['page']);
$items = CartManufacturer::getProductsByManufacturer($params['page'], $from, $to);
$this->smarty->assign('pager_links', $pager->links);
$this->smarty->assign('page_numbers', array('current' => $pager->getCurrentPageID(), 'total' => $pager->numPages()));
$this->smarty->assign('products', $items);
$this->smarty->assign('manufacturer', new CartManufacturer($params['page']));
//$this->smarty->assign('products', $products);
return $this->smarty->fetch('store.tpl');
break;
case 'IPN':
Module_Cart::initSessionVariables();
require_once 'include/PaypalIPN.php';
require_once 'include/PaypalLog.php';
$pp = new PaypalIPN();
$process = $pp->checkOrder();
//This method returns either true in case the client actually paid for the products they asked for, or false in case the request didn't come from paypal OR the client didn't pay the right amount of money
if ($process) {
//Store the order
$_SESSION['cart_checkout']['payment']->process();
$this->sendEmail(true);
} else {
$this->sendEmail(false);
//Log a false IPN for security purposes
}
exit;
break;
case 'orderComplete':
if (@$_SESSION['cart_checkout']['order']->getId()) {
$this->smarty->assign('order', $_SESSION['cart_checkout']['order']);
$this->smarty->assign('address', $_SESSION['cart_checkout']['address']['shipping_address']);
$this->smarty->assign('shippingCost', $this->getShipping());
return $this->smarty->fetch('orderComplete.tpl');
} else {
$this->smarty->assign('reason', @$_SESSION['cart_checkout']['orderFailureReason']);
return $this->smarty->fetch('orderNotComplete.tpl');
}
break;
case 'suppliers':
$items = CartManufacturer::getAllCartManufacturers();
$this->smarty->assign('suppliers', $items);
return $this->smarty->fetch('store.tpl');
break;
case 'myorders':
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /user/');
exit;
}
$this->addCSS('/modules/Cart/css/cart.css');
$this->addCSS('/css/facebox.css');
$this->addJS('/modules/Cart/js/cart.js');
$this->addJS('/js/facebox.js');
$myOrders = CartOrder::getAllCartOrders($_SESSION['authenticated_user']->getId());
$this->smarty->assign('orders', $myOrders);
return $this->smarty->fetch('my_orders.tpl');
break;
case 'orderDetails':
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /user/');
exit;
}
$order = new CartOrder(@$_REQUEST['cartorder_orders_id']);
if ($order->getCustomer()->getId() == $_SESSION['authenticated_user']->getId()) {
$this->smarty->assign('order', $order);
return $this->smarty->fetch('admin/order_details.tpl');
}
return "You have to login to see this order";
break;
case 'category':
default:
$this->addJS('/modules/Cart/js/cart.js');
$this->smarty->assign('threecol', true);
if (!isset($params['page'])) {
$cat_id = 0;
} else {
$cat_id = $params['page'];
}
$cats = CartCategory::getCartCategorys(array('parent_id' => $cat_id));
if (!isset($_REQUEST['subsection'])) {
// require_once 'Pager.php';
//
// $pagerOptions = array(
// 'mode' => 'Sliding',
// 'delta' => 3,
// 'perPage' => 10,
// 'append' => false,
// 'path' => '/store/category/',
// 'fileName' => $cat_id . "/%d",
// 'totalItems' => CartProduct::getCountCartProductsByCat($cat_id)
// );
// $pager =& Pager::factory($pagerOptions);
// list($from, $to) = $pager->getOffsetByPageId();
$items = CartProduct::getCategoryProducts($cat_id);
// $this->smarty->assign('pager_links', $pager->links);
// $this->smarty->assign(
// 'page_numbers', array(
// 'current' => $pager->getCurrentPageID(),
// 'total' => $pager->numPages()
// )
// );
} else {
if ($_REQUEST['subsection'] == 'manufacturer') {
$items = CartProduct::getCategoryProducts($cat_id);
$arr = array();
foreach ($items as $item) {
if ($item->getManufacturer()->getId() == $_REQUEST['subpage']) {
$arr[] = $item;
}
}
$items = $arr;
}
$this->smarty->assign('manufacturer', new CartManufacturer($_REQUEST['subpage']));
}
$arr = array();
//foreach ($items as $itm) {
// if (count($itm->getAccessoryOf()) == 0) {
// $arr[] = $itm;
// }
//}
//$items = $arr;
$this->smarty->assign('products', $items);
// stuff
//$products = CartProduct::getCategoryProducts($cat_id);
$this->smarty->assign('categories', $cats);
$this->smarty->assign('cur_cat', new CartCategory($cat_id));
//$this->smarty->assign('products', $products);
return $this->smarty->fetch('store.tpl');
}
}
