function validate () {
if (apply_filters('ecart_valid_order',$this->isvalid())) return true;
ecart_redirect( ecarturl(false,'checkout',$this->security()) );
}
/**
* Handles loading, saving and deleting categories in a workflow context
*
* @since 1.0
* @return void
**/
function workflow () {
global $Ecart;
$db =& DB::get();
$defaults = array(
'page' => false,
'deleting' => false,
'delete' => false,
'id' => false,
'save' => false,
'duplicate' => false,
'next' => false
);
$args = array_merge($defaults,$_REQUEST);
extract($args,EXTR_SKIP);
if (!defined('WP_ADMIN') || !isset($page)
|| $page != $this->Admin->pagename('categories'))
return false;
$adminurl = admin_url('admin.php');
if ($page == $this->Admin->pagename('categories')
&& !empty($deleting)
&& !empty($delete)
&& is_array($delete)) {
foreach($delete as $deletion) {
$Category = new Category($deletion);
if (empty($Category->id)) continue;
$db->query("UPDATE $Category->_table SET parent=0 WHERE parent=$Category->id");
$Category->delete();
}
$redirect = (add_query_arg(array_merge($_GET,array('delete'=>null,'deleting'=>null)),$adminurl));
ecart_redirect($redirect);
}
if ($id && $id != "new")
$Ecart->Category = new Category($id);
else $Ecart->Category = new Category();
if ($save) {
$this->save($Ecart->Category);
$this->Notice = '<strong>'.stripslashes($Ecart->Category->name).'</strong> '.__('has been saved.','Ecart');
if ($next) {
if ($next != "new")
$Ecart->Category = new Category($next);
else $Ecart->Category = new Category();
} else {
if (empty($id)) $id = $Ecart->Category->id;
$Ecart->Category = new Category($id);
}
}
}
/**
* Processes cart requests and updates the cart data
*
* @since 1.0
*
* @return void
**/
function request () {
global $Ecart;
if (isset($_REQUEST['checkout'])) ecart_redirect(ecarturl(false,'checkout',$Ecart->Order->security()));
if (isset($_REQUEST['shopping'])) ecart_redirect(ecarturl());
if (isset($_REQUEST['shipping'])) {
if (!empty($_REQUEST['shipping']['postcode'])) // Protect input field from XSS
$_REQUEST['shipping']['postcode'] = esc_attr($_REQUEST['shipping']['postcode']);
do_action_ref_array('ecart_update_destination',array($_REQUEST['shipping']));
if (!empty($_REQUEST['shipping']['country']) || !empty($_REQUEST['shipping']['postcode']))
$this->changed(true);
}
if (!empty($_REQUEST['promocode'])) {
$this->promocode = esc_attr($_REQUEST['promocode']);
$this->changed(true);
}
if (!isset($_REQUEST['cart'])) $_REQUEST['cart'] = false;
if (isset($_REQUEST['remove'])) $_REQUEST['cart'] = "remove";
if (isset($_REQUEST['update'])) $_REQUEST['cart'] = "update";
if (isset($_REQUEST['empty'])) $_REQUEST['cart'] = "empty";
if (!isset($_REQUEST['quantity'])) $_REQUEST['quantity'] = 1;
switch($_REQUEST['cart']) {
case "add":
$products = array(); // List of products to add
if (isset($_REQUEST['product'])) $products[] = $_REQUEST['product'];
if (!empty($_REQUEST['products']) && is_array($_REQUEST['products']))
$products = array_merge($products,$_REQUEST['products']);
if (empty($products)) break;
foreach ($products as $id => $product) {
if (isset($product['quantity']) && $product['quantity'] == '0') continue;
$quantity = (empty($product['quantity']) &&
$product['quantity'] !== 0)?1:$product['quantity']; // Add 1 by default
$Product = new Product($product['product']);
$pricing = false;
if (!empty($product['options'][0])) $pricing = $product['options'];
elseif (isset($product['price'])) $pricing = $product['price'];
$category = false;
if (!empty($product['category'])) $category = $product['category'];
$data = array();
if (!empty($product['data'])) $data = $product['data'];
$addons = array();
if (isset($product['addons'])) $addons = $product['addons'];
if (!empty($Product->id)) {
if (isset($product['item'])) $result = $this->change($product['item'],$Product,$pricing);
else $result = $this->add($quantity,$Product,$pricing,$category,$data,$addons);
}
}
break;
case "remove":
if (!empty($this->contents)) $this->remove(current($_REQUEST['remove']));
break;
case "empty":
$this->clear();
break;
default:
if (isset($_REQUEST['item']) && isset($_REQUEST['quantity'])) {
$this->update($_REQUEST['item'],$_REQUEST['quantity']);
} elseif (!empty($_REQUEST['items'])) {
foreach ($_REQUEST['items'] as $id => $item) {
if (isset($item['quantity'])) {
$item['quantity'] = ceil(preg_replace('/[^\d\.]+/','',$item['quantity']));
if (!empty($item['quantity'])) $this->update($id,$item['quantity']);
if (isset($_REQUEST['remove'][$id])) $this->remove($_REQUEST['remove'][$id]);
}
if (isset($item['product']) && isset($item['price']) &&
$item['product'] == $this->contents[$id]->product &&
$item['price'] != $this->contents[$id]->priceline) {
$Product = new Product($item['product']);
$this->change($id,$Product,$item['price']);
}
}
}
}
do_action('ecart_cart_updated',$this);
}
function process () {
global $Ecart;
if ($this->settings['verify'] == "on" && !$this->verify($_POST['key'])) {
new EcartError(__('The order submitted to 2Checkout could not be verified.','Ecart'),'2co_validation_error',ECART_TRXN_ERR);
ecart_redirect(ecarturl(false,'checkout'));
}
if (empty($_POST['order_number'])) {
new EcartError(__('The order submitted by 2Checkout did not specify a transaction ID.','Ecart'),'2co_validation_error',ECART_TRXN_ERR);
ecart_redirect(ecarturl(false,'checkout'));
}
$txnid = $_POST['order_number'];
$txnstatus = $_POST['credit_card_processed'] == "Y"?'CHARGED':'PENDING';
$Ecart->Order->transaction($txnid,$txnstatus);
}
/**
* Gets data from the session data table and loads Member
* objects into the User from the loaded data.
*
* @since 1.1
*
* @return boolean
**/
function load ($id) {
$db = &DB::get();
if (is_robot() || empty($this->session)) return true;
$loaded = false;
$query = "SELECT * FROM $this->_table WHERE session='$this->session'";
if ($result = $db->query($query)) {
if (substr($result->data,0,1) == "!") {
$key = $_COOKIE[ECART_SECURE_KEY];
if (empty($key) && !is_ecart_secure())
ecart_redirect(force_ssl(raw_request_url(),true));
$readable = $db->query("SELECT AES_DECRYPT('".
mysql_real_escape_string(
base64_decode(
substr($result->data,1)
)
)."','$key') AS data");
$result->data = $readable->data;
}
$this->ip = $result->ip;
$this->data = unserialize($result->data);
$this->created = mktimestamp($result->created);
$this->modified = mktimestamp($result->modified);
$loaded = true;
do_action('ecart_session_loaded');
} else {
if (!empty($this->session))
$db->query("INSERT INTO $this->_table (session, ip, data, created, modified)
VALUES ('$this->session','$this->ip','',now(),now())");
}
do_action('ecart_session_load');
// Read standard session data
if (@file_exists("$this->path/sess_$id"))
return (string) @file_get_contents("$this->path/sess_$id");
return $loaded;
}
/**
* Handles loading, saving and deleting products in the context of workflows
*
* @return void
**/
function workflow () {
global $Ecart;
$db =& DB::get();
$defaults = array(
'page' => false,
'deleting' => false,
'delete' => false,
'id' => false,
'save' => false,
'duplicate' => false,
'next' => false
);
$args = array_merge($defaults,$_REQUEST);
extract($args,EXTR_SKIP);
if (!defined('WP_ADMIN') || !isset($page)
|| $page != $this->Admin->pagename('products'))
return false;
$adminurl = admin_url('admin.php');
if ($page == $this->Admin->pagename('products')
&& !empty($deleting)
&& !empty($delete)
&& is_array($delete)) {
foreach($delete as $deletion) {
$Product = new Product($deletion);
$Product->delete();
}
$redirect = esc_url(add_query_arg(array_merge($_GET,array('delete'=>null,'deleting'=>null)),$adminurl));
ecart_redirect($redirect);
}
if ($duplicate) {
$Product = new Product($duplicate);
$Product->duplicate();
ecart_redirect(add_query_arg('page',$this->Admin->pagename('products'),$adminurl));
}
if (isset($id) && $id != "new") {
$Ecart->Product = new Product($id);
$Ecart->Product->load_data(array('prices','specs','categories','tags'));
} else {
$Ecart->Product = new Product();
$Ecart->Product->status = "publish";
}
if ($save) {
$this->save_product($Ecart->Product);
$this->Notice = '<strong>'.stripslashes($Ecart->Product->name).'</strong> '.__('has been saved.','Ecart');
if ($next) {
if ($next == "new") {
$Ecart->Product = new Product();
$Ecart->Product->status = "publish";
} else {
$Ecart->Product = new Product($next);
$Ecart->Product->load_data(array('prices','specs','categories','tags'));
}
} else {
if (empty($id)) $id = $Ecart->Product->id;
$Ecart->Product = new Product($id);
$Ecart->Product->load_data(array('prices','specs','categories','tags'));
}
}
}
/**
* Handles product file download requests
*
* @since 1.1
*
* @return void
**/
function download () {
global $Ecart;
$download = $this->request['ecart_download'];
$Purchase = false;
$Purchased = false;
if (defined('WP_ADMIN')) {
$forbidden = false;
$Download = new ProductDownload($download);
} else {
$Order = &EcartOrder();
$Download = new ProductDownload();
$Download->loadby_dkey($download);
$Purchased = $Download->purchased();
$Purchase = new Purchase($Purchased->purchase);
$name = $Purchased->name.(!empty($Purchased->optionlabel)?' ('.$Purchased->optionlabel.')':'');
$forbidden = false;
// Purchase Completion check
if ($Purchase->txnstatus != "CHARGED"
&& !ECART_PREPAYMENT_DOWNLOADS) {
new EcartError(sprintf(__('"%s" cannot be downloaded because payment has not been received yet.','Ecart'),$name),'ecart_download_limit');
$forbidden = true;
}
// Account restriction checks
if ($this->Settings->get('account_system') != "none"
&& (!$Order->Customer->login
|| $Order->Customer->id != $Purchase->customer)) {
new EcartError(__('You must login to download purchases.','Ecart'),'ecart_download_limit');
ecart_redirect(ecarturl(false,'account'));
}
// Download limit checking
if ($this->Settings->get('download_limit') // Has download credits available
&& $Purchased->downloads+1 > $this->Settings->get('download_limit')) {
new EcartError(sprintf(__('"%s" is no longer available for download because the download limit has been reached.','Ecart'),$name),'ecart_download_limit');
$forbidden = true;
}
// Download expiration checking
if ($this->Settings->get('download_timelimit') // Within the timelimit
&& $Purchased->created+$this->Settings->get('download_timelimit') < mktime() ) {
new EcartError(sprintf(__('"%s" is no longer available for download because it has expired.','Ecart'),$name),'ecart_download_limit');
$forbidden = true;
}
// IP restriction checks
if ($this->Settings->get('download_restriction') == "ip"
&& !empty($Purchase->ip)
&& $Purchase->ip != $_SERVER['REMOTE_ADDR']) {
new EcartError(sprintf(__('"%s" cannot be downloaded because your computer could not be verified as the system the file was purchased from.','Ecart'),$name),'ecart_download_limit');
$forbidden = true;
}
do_action_ref_array('ecart_download_request',array(&$Purchased));
}
if ($forbidden) {
ecart_redirect(ecarturl(false,'account'));
}
if ($Download->download()) {
if ($Purchased !== false) {
$Purchased->downloads++;
$Purchased->save();
do_action_ref_array('ecart_download_success',array(&$Purchased));
}
exit();
}
}
/**
* Handles shopping cart requests
*
* @since 1.1
*
* @return void Description...
**/
function cart () {
global $Ecart;
$Cart = $Ecart->Order->Cart;
if (isset($_REQUEST['shopping']) && strtolower($_REQUEST['shopping']) == "reset") {
$Ecart->Shopping->reset();
ecart_redirect(ecarturl());
}
if (empty($_REQUEST['cart'])) return true;
do_action('ecart_cart_request');
if (isset($_REQUEST['ajax'])) {
$Cart->totals();
$Cart->ajax();
}
$redirect = false;
if (isset($_REQUEST['redirect'])) $redirect = $_REQUEST['redirect'];
switch ($redirect) {
case "checkout": ecart_redirect(ecarturl(false,$redirect,$Ecart->Order->security())); break;
default:
if (!empty($_REQUEST['redirect']))
ecart_safe_redirect($_REQUEST['redirect']);
else ecart_redirect(ecarturl(false,'cart'));
}
}
function reset_password ($activation) {
if ($this->accounts == "none") return;
$user_data = false;
$activation = preg_replace('/[^a-z0-9]/i', '', $activation);
$errors = array();
if (empty($activation) || !is_string($activation))
$errors[] = new EcartError(__('Invalid key','Ecart'));
$RecoveryCustomer = new Customer($activation,'activation');
if (empty($RecoveryCustomer->id))
$errors[] = new EcartError(__('Invalid key','Ecart'));
if (!empty($errors)) return false;
// Generate a new random password
$password = wp_generate_password();
do_action_ref_array('password_reset', array(&$RecoveryCustomer,$password));
$RecoveryCustomer->password = wp_hash_password($password);
if ($this->accounts == "wordpress") {
$user_data = get_userdata($RecoveryCustomer->wpuser);
wp_set_password($password, $user_data->ID);
}
$RecoveryCustomer->activation = '';
$RecoveryCustomer->save();
$subject = apply_filters('ecart_reset_password_subject', sprintf(__('[%s] New Password','Ecart'),get_option('blogname')));
$Settings =& EcartSettings();
$_ = array();
$_[] = 'From: "'.get_option('blogname').'" <'.$Settings->get('merchant_email').'>';
$_[] = 'To: '.$RecoveryCustomer->email;
$_[] = 'Subject: '.$subject;
$_[] = '';
$_[] = sprintf(__('Your new password for %s:','Ecart'),get_option('siteurl'));
$_[] = '';
if ($user_data)
$_[] = sprintf(__('Login name: %s','Ecart'), $user_data->user_login);
$_[] = sprintf(__('Password: %s'), $password) . "\r\n";
$_[] = '';
$_[] = __('Click here to login:'******' '.ecarturl(false,'account');
$message = apply_filters('ecart_reset_password_message',$_);
if (!ecart_email(join("\r\n",$message))) {
new EcartError(__('The e-mail could not be sent.'),'password_reset_email',ECART_ERR);
ecart_redirect(add_query_arg('acct','recover',ecarturl(false,'account')));
} else new EcartError(__('Check your email address for your new password.','Ecart'),'password_reset_email',ECART_ERR);
unset($_GET['acct']);
}
function redirect () {
global $Ecart;
if (!empty($_POST['redirect'])) {
if ($_POST['redirect'] == "checkout") ecart_redirect(ecarturl(false,'checkout',$Ecart->Gateways->secure));
else ecart_safe_redirect($_POST['redirect']);
exit();
}
ecart_safe_redirect(ecarturl(false,'account',$Ecart->Gateways->secure));
exit();
}
function process () {
global $Ecart;
$txnid = false;
$txnstatus = false;
if (isset($_POST['txn_id'])) { // IPN order processing
if (ECART_DEBUG) new EcartError('Processing transaction from an IPN message.',false,ECART_DEBUG_ERR);
$txnid = $_POST['txn_id'];
$txnstatus = $this->status[$_POST['payment_status']];
} elseif (isset($_REQUEST['tx'])) { // PDT order processing
if (ECART_DEBUG) new EcartError('Processing PDT packet: '._object_r($_GET),false,ECART_DEBUG_ERR);
$txnid = $_GET['tx'];
$txnstatus = $this->status[$_GET['st']];
if ($this->settings['pdtverify'] == "on") {
$pdtstatus = $this->verifypdt();
if (!$pdtstatus) {
new EcartError(__('The transaction was not verified by PayPal.','Ecart'),false,ECART_DEBUG_ERR);
ecart_redirect(ecarturl(false,'checkout',false));
}
}
$Purchase = new Purchase($txnid,'txnid');
if (!empty($Purchase->id)) {
if (ECART_DEBUG) new EcartError('Order located, already created from an IPN message.',false,ECART_DEBUG_ERR);
$Ecart->resession();
$Ecart->Purchase = $Purchase;
$Ecart->Order->purchase = $Purchase->id;
ecart_redirect(ecarturl(false,'thanks',false));
}
}
if (!$txnid) return new EcartError('No transaction ID was found from either a PDT or IPN message. Transaction cannot be processed.',false,ECART_DEBUG_ERR);
$Ecart->Order->transaction($txnid,$txnstatus);
}
function process () {
if (!isset($this->Order->token) ||
!isset($this->Order->payerid)) return false;
$_ = $this->headers();
$_['METHOD'] = "DoExpressCheckoutPayment";
$_['PAYMENTACTION'] = "Sale";
$_['TOKEN'] = $this->Order->token;
$_['PAYERID'] = $this->Order->payerid;
$_['BUTTONSOURCE'] = 'ecartlugin.net[PPE]';
// Transaction
$_ = array_merge($_,$this->purchase());
$message = $this->encode($_);
$response = $this->send($message);
if (!$response) {
new EcartError(__('No response was received from PayPal. The order cannot be processed.','Ecart'),'paypalexpress_noresults',ECART_COMM_ERR);
ecart_redirect(ecarturl(false,'checkout'));
}
if (strtolower($response->ack) != "success") {
$message = join("; ",$response->longmessage);
if (empty($message)) $message = __('The transaction failed for an unknown reason. PayPal did not provide any indication of why it failed.','Ecart');
new EcartError($message,'paypal_express_transacton_error',ECART_TRXN_ERR,array('codes'=>join('; ',$response->errorcode)));
ecart_redirect(ecarturl(false,'checkout'));
}
$txnid = $response->transactionid;
$txnstatus = $this->status[$response->paymentstatus];
$this->Order->transaction($txnid,$txnstatus);
}
function process () {
global $Ecart;
$stock = true;
foreach( $this->Order->Cart->contents as $item ) { //check stock before redirecting to Google
if (!$item->instock()){
new EcartError(sprintf(__("There is not sufficient stock on %s to process order."),$item->name),'invalid_order',ECART_TRXN_ERR);
$stock = false;
}
}
if (!$stock) ecart_redirect(ecarturl(false,'cart',false));
$message = $this->buildCheckoutRequest();
$Response = $this->send($message,$this->urls['checkout']);
if (!empty($Response)) {
if ($Response->tag('error')) {
new EcartError($Response->content('error-message'),'google_checkout_error',ECART_TRXN_ERR);
ecart_redirect(ecarturl(false,'checkout'));
}
$redirect = false;
$redirect = $Response->content('redirect-url');
if ($redirect) {
$Ecart->resession();
ecart_redirect($redirect);
}
}
return false;
}
