function eshop_checkout($espost)
{
$espost = stripslashes_deep($espost);
global $blog_id, $eshopoptions, $wpdb;
$contineproceed = '1';
//cache
eshop_cache();
$echoit = '';
include_once ABSPATH . 'wp-includes/wp-db.php';
include_once WP_PLUGIN_DIR . "/eshop/cart-functions.php";
if (isset($espost['eshop_payment'])) {
$_SESSION['eshop_payment' . $blog_id] = preg_replace('/[^a-zA-Z0-9\\-_]/', '', $espost['eshop_payment']);
}
if (!isset($_SESSION['eshop_payment' . $blog_id])) {
$paymentmethod = 'paypal';
} else {
$paymentmethod = $_SESSION['eshop_payment' . $blog_id];
}
//left over from previous script, leaving in just in case another payment method is used.
$chkerror = 0;
$numberofproducts = 0;
//filter for plugin merchant gateways
$eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod);
// if everything went ok do the following, hopefully the rest won't happen!
if (isset($_GET['eshopaction'])) {
if ($_GET['eshopaction'] == 'success') {
include_once $eshopmgincpath;
}
}
//filter for plugin merchant gateways
$eshopmgincidxpath = apply_filters('eshop_mg_inc_idx_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '/index.php', $paymentmethod);
if (file_exists($eshopmgincidxpath)) {
include_once $eshopmgincidxpath;
}
if (isset($_SESSION['eshopcart' . $blog_id])) {
$shopcart = $_SESSION['eshopcart' . $blog_id];
$numberofproducts = sizeof($_SESSION['eshopcart' . $blog_id]);
/* unused code?
$productsandqty='';
while (list ($product, $amount) = each ($_SESSION['eshopcart'.$blog_id])){
$productsandqty.=" $product-$amount";
$productsandqty=trim($productsandqty);
}
*/
$keys = array_keys($_SESSION['eshopcart' . $blog_id]);
$productidkeys = implode(",", $keys);
$productidkeys = trim($productidkeys);
//reqd for shipping - finds the correct state for working out shipping, and set things up for later usage.
if (isset($espost['ship_name'])) {
if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '' || $espost['ship_company'] != '' || $espost['ship_phone'] != '' || $espost['ship_country'] != '' || $espost['ship_state'] != '') {
if ($espost['ship_name'] == '') {
$espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name'];
}
if ($espost['ship_company'] == '') {
$espost['ship_company'] = $espost['company'];
}
if ($espost['ship_phone'] == '') {
$espost['ship_phone'] = $espost['phone'];
}
if ($espost['ship_address'] == '') {
$espost['ship_address'] = $espost['address1'];
if ($espost['address2'] != '') {
$espost['ship_address'] .= ", " . $espost['address2'];
}
}
if ($espost['ship_city'] == '') {
$espost['ship_city'] = $espost['city'];
}
if ($espost['ship_postcode'] == '') {
$espost['ship_postcode'] = $espost['zip'];
}
if ($espost['ship_country'] == '') {
$espost['ship_country'] = $espost['country'];
}
if ($espost['ship_state'] == '') {
$espost['ship_state'] = $espost['state'];
}
if ($espost['ship_altstate'] == '') {
$espost['ship_altstate'] = $espost['altstate'];
}
} else {
$espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name'];
$espost['ship_company'] = $espost['company'];
$espost['ship_phone'] = $espost['phone'];
if ($espost['ship_address'] == '') {
$espost['ship_address'] = $espost['address1'];
if ($espost['address2'] != '') {
$espost['ship_address'] .= ", " . $espost['address2'];
}
}
$espost['ship_city'] = $espost['city'];
$espost['ship_postcode'] = $espost['zip'];
$espost['ship_country'] = $espost['country'];
$espost['ship_state'] = $espost['state'];
$espost['ship_altstate'] = $espost['altstate'];
}
$tablecountries = $wpdb->prefix . 'eshop_countries';
$tablestates = $wpdb->prefix . 'eshop_states';
$shippingzone = $eshopoptions['shipping_zone'];
if (isset($espost['eshop_shiptype']) && $espost['eshop_shiptype'] != '0') {
$sztype = $espost['eshop_shiptype'];
$shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1");
}
$pzoneid = '';
//$eshopoptions['unknown_state'];
if ($shippingzone == 'country') {
if (isset($espost['ship_country']) && $espost['ship_country'] != '') {
$pzoneid = $espost['ship_country'];
} elseif (isset($espost['country']) && $espost['country'] != '') {
$pzoneid = $espost['country'];
}
$pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1");
} else {
if (isset($espost['state']) && $espost['state'] != '') {
$pzoneid = $espost['state'];
}
if (isset($espost['ship_state']) && $espost['ship_state'] != '') {
$pzoneid = $espost['ship_state'];
}
$pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1");
if (isset($espost['altstate']) && $espost['altstate'] != '') {
$pzone = $eshopoptions['unknown_state'];
}
if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') {
$pzone = $eshopoptions['unknown_state'];
}
}
$_SESSION['shiptocountry' . $blog_id] = $eshopoptions['location'];
if (isset($espost['ship_country']) && $espost['ship_country'] != '') {
$_SESSION['shiptocountry' . $blog_id] = $espost['ship_country'];
} elseif (isset($espost['country']) && $espost['country'] != '') {
$_SESSION['shiptocountry' . $blog_id] = $espost['country'];
}
} else {
$pzoneid = '';
//$eshopoptions['unknown_state'];
$tablecountries = $wpdb->prefix . 'eshop_countries';
$tablestates = $wpdb->prefix . 'eshop_states';
$shippingzone = $eshopoptions['shipping_zone'];
if (isset($espost['eshop_shiptype'])) {
$sztype = $espost['eshop_shiptype'];
$shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1");
}
if ($shippingzone == 'country') {
if (isset($espost['ship_country']) && $espost['ship_country'] != '') {
$pzoneid = $espost['ship_country'];
} elseif (isset($espost['country']) && $espost['country'] != '') {
$pzoneid = $espost['country'];
}
$pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1");
} else {
if (isset($espost['ship_state']) && $espost['ship_state'] != '') {
$pzoneid = $espost['ship_state'];
}
if (isset($espost['state']) && $espost['state'] != '') {
$pzoneid = $espost['state'];
}
$pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1");
if (isset($espost['altstate']) && $espost['altstate'] != '') {
$pzone = $eshopoptions['unknown_state'];
}
if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') {
$pzone = $eshopoptions['unknown_state'];
}
}
}
//
$shiparray = array();
$eshopcartarray = $_SESSION['eshopcart' . $blog_id];
foreach ($eshopcartarray as $productid => $opt) {
if (is_array($opt)) {
switch ($eshopoptions['shipping']) {
case '1':
//( per quantity of 1, prices reduced for additional items )
for ($i = 1; $i <= $opt['qty']; $i++) {
array_push($shiparray, $opt["pclas"]);
}
break;
case '2':
//( once per shipping class no matter what quantity is ordered )
if (!in_array($opt["pclas"], $shiparray)) {
array_push($shiparray, $opt["pclas"]);
}
break;
case '3':
//( one overall charge no matter how many are ordered )
if (!in_array($opt["pclas"], $shiparray)) {
if ($opt["pclas"] != 'F') {
array_push($shiparray, 'A');
}
}
break;
case '4':
//( weight )
if (isset($espost['eshop_shiptype'])) {
unset($shiparray);
$shiparray = $espost['eshop_shiptype'];
}
break;
}
}
}
//need an extra check
if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && isset($espost['submit']) && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) {
$pzone = '';
}
//need to check the discount codes here as well:
if (eshop_discount_codes_check()) {
$_SESSION['eshop_discount' . $blog_id] = '';
unset($_SESSION['eshop_discount' . $blog_id]);
if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') {
$chkcode = valid_eshop_discount_code($espost['eshop_discount']);
if ($chkcode) {
$_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount'];
}
}
}
//show the cart
if (isset($_GET['eshopaction']) && $_GET['eshopaction'] != 'redirect' || !isset($_GET['eshopaction'])) {
$echoit .= display_cart($_SESSION['eshopcart' . $blog_id], false, $eshopoptions['checkout'], $pzone, $shiparray);
}
}
$error = '';
if (isset($espost['submit'])) {
//form handling
foreach ($espost as $key => $value) {
$key = $value;
}
//setupshipping arrays
$reqdvalues = array('shipping', 'first_name', 'last_name', 'email', 'phone', 'address', 'city', 'zip', 'pay');
if ($eshopoptions['shipping'] != '4') {
if ($eshopoptions['shipping_zone'] == 'country') {
$reqdvalues[] = 'country';
} else {
$reqdvalues[] = 'state';
}
} else {
$creqd = '';
$dtable = $wpdb->prefix . 'eshop_rates';
$query = $wpdb->get_results("SELECT DISTINCT(area) from {$dtable} where rate_type='ship_weight'");
foreach ($query as $k) {
$reqdvalues[] = $k->area;
}
}
$linkattr = apply_filters('eShopCheckoutLinksAttr', '');
$reqdarray = apply_filters('eshopCheckoutReqd', $reqdvalues);
if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) {
$error .= '<li>' . __('<strong>Shipping</strong> - not selected.', 'eshop') . '</li>';
}
if (isset($espost['first_name'])) {
$valid = checkAlpha($espost['first_name']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'first_name')) {
$error .= '<li>' . __('<strong>First name</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (isset($espost['last_name'])) {
$valid = checkAlpha($espost['last_name']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'last_name')) {
$error .= '<li>' . __('<strong>Last name</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (isset($espost['email'])) {
$valid = checkEmail($espost['email']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'email')) {
$error .= '<li>' . __('<strong>Email address</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (isset($espost['phone'])) {
$valid = checkPhone($espost['phone']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'phone')) {
$error .= '<li>' . __('<strong>Phone Number</strong> - missing or incorrect', 'eshop') . '.</li>';
}
}
if (isset($espost['address1'])) {
$valid = checkAlpha($espost['address1']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'address')) {
$error .= '<li>' . __('<strong>Address</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (isset($espost['city'])) {
$valid = checkAlpha($espost['city']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'city')) {
$error .= '<li>' . __('<strong>City or town</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (eshop_checkreqd($reqdarray, 'state')) {
if (isset($espost['state']) && $espost['state'] == '' && $espost['altstate'] == '') {
$error .= '<li>' . __('<strong>State/County/Province</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (eshop_checkreqd($reqdarray, 'country')) {
if (isset($espost['country'])) {
$valid = checkAlpha($espost['country']);
if ($valid == FALSE) {
$error .= '<li>' . __('<strong>Country</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
}
if (isset($espost['country']) && $espost['country'] == 'US' && $espost['state'] == '' && $espost['altstate'] == '') {
//must pick a state for US deliveries
$error .= '<li>' . __('<strong><abbr title="United States">US</abbr> State</strong> - missing or incorrect.', 'eshop') . '</li>';
}
if (isset($espost['zip'])) {
$valid = checkAlphaNum($espost['zip']);
if ($valid == FALSE && eshop_checkreqd($reqdarray, 'zip')) {
$error .= '<li>' . __('<strong>Zip/Post code</strong> - missing or incorrect.', 'eshop') . '</li>';
}
}
if (isset($espost['reference'])) {
if ($espost['reference'] == '' && eshop_checkreqd($reqdarray, 'ref')) {
$error .= '<li>' . __('<strong>Reference</strong> - missing.', 'eshop') . '</li>';
}
}
if (isset($espost['comments'])) {
if ($espost['comments'] == '' && eshop_checkreqd($reqdarray, 'comments')) {
$error .= '<li>' . __('<strong>Comments</strong> - missing.', 'eshop') . '</li>';
}
}
if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && !is_user_logged_in()) {
if (!isset($espost['eshop_users']) && eshop_checkreqd($reqdarray, 'signup')) {
$error .= '<li>' . __('<strong>Sign Up</strong> - not checked.', 'eshop') . '</li>';
}
}
//add in error checking for any new values here
$temperror = apply_filters('eshoperrorcheckout', $espost);
if (!is_array($temperror)) {
$error .= $temperror;
}
////////////////////////////////////////////////
if ('yes' == $eshopoptions['tandc_use']) {
if (!isset($espost['eshop_tandc'])) {
$error .= '<li><strong>' . $eshopoptions['tandc'] . '</strong>' . __(' - not checked.', 'eshop') . '</li>';
}
}
if (!isset($espost['eshop_payment'])) {
$error .= '<li>' . __('You have not chosen a <strong>payment option</strong>.', 'eshop') . '</li>';
}
if (eshop_discount_codes_check()) {
$_SESSION['eshop_discount' . $blog_id] = '';
unset($_SESSION['eshop_discount' . $blog_id]);
if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') {
$chkcode = valid_eshop_discount_code($espost['eshop_discount']);
if (!$chkcode) {
$error .= '<li>' . __('<strong>Discount Code</strong> - is not valid.', 'eshop') . '</li>';
} else {
$_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount'];
}
}
}
if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && isset($espost['eshop_users']) && !is_user_logged_in()) {
$_SESSION['eshop_user' . $blog_id] = '1';
}
if ($error != '') {
$echoit .= "<p><strong class=\"eshoperror error\">" . __('There were some errors in the details you entered…', 'eshop') . "</strong></p><ul class=\"eshoperrors errors\">" . $error . '</ul>';
$first_name = $last_name = $company = $phone = $reference = '';
$email = $address1 = $address2 = $city = $country = '';
$state = $altstate = $zip = $ship_name = $ship_company = '';
$ship_phone = $ship_address = $ship_city = $ship_postcode = '';
$ship_country = $ship_state = $ship_altstate = $comments = '';
if (isset($espost['first_name'])) {
$first_name = $espost['first_name'];
}
if (isset($espost['last_name'])) {
$last_name = $espost['last_name'];
}
if (isset($espost['phone'])) {
$phone = $espost['phone'];
}
if (isset($espost['reference'])) {
$reference = $espost['reference'];
}
if (isset($espost['email'])) {
$email = $espost['email'];
}
if (isset($espost['address1'])) {
$address1 = $espost['address1'];
}
if (isset($espost['address2'])) {
$address2 = $espost['address2'];
}
if (isset($espost['city'])) {
$city = $espost['city'];
}
if (isset($espost['country'])) {
$country = $espost['country'];
}
if (isset($espost['state'])) {
$state = $espost['state'];
}
if (isset($espost['altstate'])) {
$altstate = $espost['altstate'];
}
if (isset($espost['zip'])) {
$zip = $espost['zip'];
}
if (isset($espost['ship_name'])) {
$ship_name = $espost['ship_name'];
}
if (isset($espost['ship_company'])) {
$ship_company = $espost['ship_company'];
}
if (isset($espost['ship_phone'])) {
$ship_phone = $espost['ship_phone'];
}
if (isset($espost['ship_address'])) {
$ship_address = $espost['ship_address'];
}
if (isset($espost['ship_city'])) {
$ship_city = $espost['ship_city'];
}
if (isset($espost['ship_country'])) {
$ship_country = $espost['ship_country'];
}
if (isset($espost['ship_state'])) {
$ship_state = $espost['ship_state'];
}
if (isset($espost['ship_altstate'])) {
$ship_altstate = $espost['ship_altstate'];
}
if (isset($espost['ship_postcode'])) {
$ship_postcode = $espost['ship_postcode'];
}
if (isset($espost['comments'])) {
$comments = $espost['comments'];
}
$chkerror = '1';
} else {
if (!isset($_GET['eshopaction'])) {
$shipping = 0;
$echoit .= "<div class=\"hr\"></div><div class=\"eshopcheckoutconf\"><h3>" . __('<span class="noprint">Please Confirm </span>Your Details', 'eshop') . '</h3>';
// create a custom id, and shove details in database
$date = date('YmdHis');
$_SESSION['date' . $blog_id] = $date;
$fprice = number_format($_SESSION['final_price' . $blog_id], 2, '.', '');
$espost['amount'] = $fprice;
$espost['custom'] = $date;
$espost['numberofproducts'] = sizeof($_SESSION['eshopcart' . $blog_id]);
//shipping
if (isset($_SESSION['shipping' . $blog_id])) {
$shipping = eshopShipTaxAmt();
}
//discount shipping
if (is_shipfree(calculate_total())) {
$shipping = 0;
}
//shipping
$espost['shipping_1'] = $shipping;
$ctable = $wpdb->prefix . 'eshop_countries';
$stable = $wpdb->prefix . 'eshop_states';
if ('no' == $eshopoptions['downloads_only']) {
$echoit .= '<h4>' . __('Mailing Address', 'eshop') . '</h4><ul class="eshop confirm">';
} else {
$echoit .= '<h4>' . __('Contact Details', 'eshop') . '</h4><ul class="eshop confirm">';
}
$echoit .= "<li><span class=\"items fullname\">" . __('Full name:', 'eshop') . "</span> " . $espost['first_name'] . " " . $espost['last_name'] . "</li>\n";
if ('no' == $eshopoptions['downloads_only']) {
$echoit .= "<li class=\"company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['company'] . "</li>\n";
}
$echoit .= "<li class=\"email\"><span class=\"items\">" . __('Email:', 'eshop') . "</span> " . $espost['email'] . "</li>\n";
if ('no' == $eshopoptions['downloads_only']) {
$echoit .= "<li class=\"phone\"><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['phone'] . "</li>\n";
$echoit .= "<li class=\"address\"><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['address1'] . " " . $espost['address2'] . "</li>\n";
$echoit .= "<li class=\"city\"><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['city'] . "</li>\n";
$qcode = $wpdb->escape($espost['state']);
$qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1");
if ($espost['altstate'] != '') {
$echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['altstate'] . "</li>\n";
} elseif ($qstate != '') {
$echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n";
}
$echoit .= "<li class=\"zip\"><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['zip'] . "</li>\n";
$qccode = $wpdb->escape($espost['country']);
$qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1");
$echoit .= "<li class=\"country\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n";
}
$echoit .= "</ul>\n";
//
$temp = apply_filters('eshopconfcheckout', $espost);
if (!is_array($temp)) {
$echoit .= $temp;
}
//
if (!isset($espost['reference'])) {
$espost['reference'] = '';
}
if (!isset($espost['comments'])) {
$espost['comments'] = '';
}
if (trim($espost['reference']) != '' && trim($espost['comments']) == '') {
$echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n";
$echoit .= '<li><span class="items">' . __('Reference or <abbr title="Purchase Order number">PO</abbr>', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n";
$echoit .= '</ul></div>' . "\n";
}
if (trim($espost['reference']) == '' && trim($espost['comments']) != '') {
$echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n";
$echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n";
$echoit .= '</ul></div>' . "\n";
}
if (trim($espost['reference']) != '' && trim($espost['comments']) != '') {
$echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n";
$echoit .= '<li><span class="items">' . __('Reference or PO:', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n";
$echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n";
$echoit .= '</ul></div>' . "\n";
}
if ('no' == $eshopoptions['downloads_only']) {
if ('yes' != $eshopoptions['hide_shipping']) {
if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '') {
$echoit .= "<div class=\"eshop fld4\"><h4>" . __('Shipping Address', 'eshop') . "</h4>\n<ul class=\"eshop confirmship\">\n";
$echoit .= "<li><span class=\"items\">" . __('Full name:', 'eshop') . "</span> " . $espost['ship_name'] . "</li>\n";
$echoit .= "<li class=\"ship_company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['ship_company'] . "</li>\n";
$echoit .= "<li><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['ship_phone'] . "</li>\n";
$echoit .= "<li><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['ship_address'] . "</li>\n";
$echoit .= "<li><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['ship_city'] . "</li>\n";
$qcode = $wpdb->escape($espost['ship_state']);
$qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1");
if ($espost['ship_altstate'] != '') {
$echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['ship_altstate'] . "</li>\n";
} elseif ($qstate != '') {
$echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n";
}
$echoit .= "<li><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['ship_postcode'] . "</li>\n";
$qccode = $wpdb->escape($espost['ship_country']);
$qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1");
$echoit .= "<li class=\"shipcountry\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n";
$echoit .= "</ul></div>\n";
}
}
}
$echoit .= "\n";
$echoit .= "</div>\n";
}
//add to a session to store address:
$_SESSION['addy' . $blog_id]['first_name'] = $espost['first_name'];
$_SESSION['addy' . $blog_id]['last_name'] = $espost['last_name'];
$_SESSION['addy' . $blog_id]['email'] = $espost['email'];
if (isset($espost['company'])) {
$_SESSION['addy' . $blog_id]['company'] = $espost['company'];
} else {
$_SESSION['addy' . $blog_id]['company'] = '';
}
if (isset($espost['phone'])) {
$_SESSION['addy' . $blog_id]['phone'] = $espost['phone'];
} else {
$_SESSION['addy' . $blog_id]['phone'] = '';
}
if (isset($espost['reference'])) {
$_SESSION['addy' . $blog_id]['reference'] = $espost['reference'];
} else {
$_SESSION['addy' . $blog_id]['reference'] = '';
}
if (isset($espost['address1'])) {
$_SESSION['addy' . $blog_id]['address1'] = $espost['address1'];
} else {
$_SESSION['addy' . $blog_id]['address1'] = '';
}
if (isset($espost['address2'])) {
$_SESSION['addy' . $blog_id]['address2'] = $espost['address2'];
} else {
$_SESSION['addy' . $blog_id]['address2'] = '';
}
if (isset($espost['city'])) {
$_SESSION['addy' . $blog_id]['city'] = $espost['city'];
}
if (isset($espost['country'])) {
$_SESSION['addy' . $blog_id]['country'] = $espost['country'];
} else {
$_SESSION['addy' . $blog_id]['country'] = '';
}
if (isset($espost['state'])) {
$_SESSION['addy' . $blog_id]['state'] = $espost['state'];
} else {
$_SESSION['addy' . $blog_id]['state'] = '';
}
if (isset($espost['altstate']) && $espost['altstate'] != '') {
$_SESSION['addy' . $blog_id]['state'] = $espost['altstate'];
}
if (isset($espost['zip'])) {
$_SESSION['addy' . $blog_id]['zip'] = $espost['zip'];
} else {
$_SESSION['addy' . $blog_id]['zip'] = '';
}
if (isset($espost['ship_name'])) {
$_SESSION['addy' . $blog_id]['ship_name'] = $espost['ship_name'];
$_SESSION['addy' . $blog_id]['ship_company'] = $espost['ship_company'];
$_SESSION['addy' . $blog_id]['ship_phone'] = $espost['ship_phone'];
$_SESSION['addy' . $blog_id]['ship_address'] = $espost['ship_address'];
$_SESSION['addy' . $blog_id]['ship_city'] = $espost['ship_city'];
$_SESSION['addy' . $blog_id]['ship_country'] = $espost['ship_country'];
$_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_state'];
if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') {
$_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_altstate'];
}
$_SESSION['addy' . $blog_id]['ship_postcode'] = $espost['ship_postcode'];
}
if (isset($espost['comments'])) {
$_SESSION['addy' . $blog_id]['comments'] = $espost['comments'];
} else {
$_SESSION['addy' . $blog_id]['comments'] = '';
}
if (!isset($_SESSION['shipping' . $blog_id])) {
$_SESSION['shipping' . $blog_id]['cost'] = $shipping;
}
//grab all the POST variables and store in cookie
$array = $espost;
//but first make a few extra equal nothing
//add others in here if needed
$array['comments'] = $array['reference'] = '';
$eshopsetcookie = apply_filters('eshop_use_cookie', true);
if ($eshopsetcookie == true) {
$biscuits = eshop_build_cookie($array);
setcookie("eshopcart", $biscuits, time() + 60 * 60 * 24 * 365);
}
$eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod);
include_once $eshopmgincpath;
$contineproceed = '3';
}
} else {
//for first time form usage.
if (isset($_SESSION['addy' . $blog_id])) {
$first_name = $_SESSION['addy' . $blog_id]['first_name'];
$last_name = $_SESSION['addy' . $blog_id]['last_name'];
$company = $_SESSION['addy' . $blog_id]['company'];
$phone = $_SESSION['addy' . $blog_id]['phone'];
$reference = $_SESSION['addy' . $blog_id]['reference'];
$email = $_SESSION['addy' . $blog_id]['email'];
$address1 = $_SESSION['addy' . $blog_id]['address1'];
$address2 = $_SESSION['addy' . $blog_id]['address2'];
$city = '';
if (isset($_SESSION['addy' . $blog_id]['city'])) {
$city = $_SESSION['addy' . $blog_id]['city'];
}
$country = $_SESSION['addy' . $blog_id]['country'];
$state = $_SESSION['addy' . $blog_id]['state'];
if (!is_numeric($state)) {
$li = $wpdb->escape($state);
$table = $wpdb->prefix . 'eshop_states';
$stateList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1");
$state = $stateList;
}
if (isset($_SESSION['addy' . $blog_id]['altstate'])) {
$altstate = $_SESSION['addy' . $blog_id]['altstate'];
} else {
$altstate = '';
}
$zip = $_SESSION['addy' . $blog_id]['zip'];
/* defaults */
$ship_name = $ship_company = '';
$ship_phone = $ship_address = $ship_city = $ship_postcode = '';
$ship_country = $ship_state = $ship_altstate = $comments = '';
if (isset($_SESSION['addy' . $blog_id]['ship_name'])) {
$ship_name = $_SESSION['addy' . $blog_id]['ship_name'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_company'])) {
$ship_company = $_SESSION['addy' . $blog_id]['ship_company'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_phone'])) {
$ship_phone = $_SESSION['addy' . $blog_id]['ship_phone'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_address'])) {
$ship_address = $_SESSION['addy' . $blog_id]['ship_address'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_city'])) {
$ship_city = $_SESSION['addy' . $blog_id]['ship_city'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_country'])) {
$ship_country = $_SESSION['addy' . $blog_id]['ship_country'];
}
if (isset($_SESSION['addy' . $blog_id]['ship_state'])) {
$ship_state = $_SESSION['addy' . $blog_id]['ship_state'];
if (!is_numeric($ship_state)) {
$li = $wpdb->escape($ship_state);
$table = $wpdb->prefix . 'eshop_states';
$stateSList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1");
$ship_state = $stateSList;
}
}
if (isset($_SESSION['addy' . $blog_id]['ship_altstate'])) {
$ship_altstate = $_SESSION['addy' . $blog_id]['ship_altstate'];
} else {
$ship_altstate = '';
}
if (isset($_SESSION['addy' . $blog_id]['ship_postcode'])) {
$ship_postcode = $_SESSION['addy' . $blog_id]['ship_postcode'];
}
if (isset($_SESSION['addy' . $blog_id]['comments'])) {
$comments = $_SESSION['addy' . $blog_id]['comments'];
}
} else {
$first_name = $last_name = $company = $phone = $reference = '';
$email = $address1 = $address2 = $city = $country = '';
$state = $altstate = $zip = $ship_name = $ship_company = '';
$ship_phone = $ship_address = $ship_city = $ship_postcode = '';
$ship_country = $ship_state = $ship_altstate = $comments = '';
$eshopsetcookie = apply_filters('eshop_use_cookie', true);
if (isset($_COOKIE["eshopcart"]) && calculate_items() != 0 && $eshopsetcookie == true) {
$crumbs = eshop_break_cookie($_COOKIE["eshopcart"]);
foreach ($crumbs as $k => $v) {
${$k} = $v;
}
}
if (is_user_logged_in() && isset($eshopoptions['users']) && 'yes' == $eshopoptions['users']) {
global $current_user;
get_currentuserinfo();
$crumbs = stripslashes_deep(get_the_author_meta('eshop', $current_user->ID));
if (is_array($crumbs)) {
foreach ($crumbs as $k => $v) {
${$k} = esc_attr($v);
}
$first_name = esc_attr($current_user->user_firstname);
$last_name = esc_attr($current_user->user_lastname);
$email = esc_attr($current_user->user_email);
}
}
}
}
if ($chkerror != 0 || !isset($espost['submit']) && $numberofproducts >= 1) {
// only show form if not filled in.
$echoit .= eshopShowform($first_name, $last_name, $company, $phone, $email, $address1, $address2, $city, $state, $altstate, $zip, $country, $reference, $comments, $ship_name, $ship_company, $ship_phone, $ship_address, $ship_city, $ship_postcode, $ship_state, $ship_altstate, $ship_country);
}
if (isset($_SESSION['eshopcart' . $blog_id])) {
switch ($contineproceed) {
case '1':
$echoit .= '<ul class="continue-proceed eshopcp1"><li class="editcart"><a href="' . get_permalink($eshopoptions['cart']) . '">' . __('« Edit Cart or Continue Shopping', 'eshop') . '</a></li></ul>';
break;
case '2':
$echoit .= '<ul class="continue-proceed redirect eshopcp2"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>';
break;
case '3':
$echoit .= '<ul class="continue-proceed redirect eshopcp3"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>';
break;
}
} else {
$echoit .= "<p><strong class=\"eshoperror error\">" . __('Your shopping cart is currently empty.', 'eshop') . "</strong></p>";
}
return $echoit;
}
function eshop_cart_process($data = '')
{
global $wpdb, $blog_id, $wp_query, $eshopoptions, $_POST;
if ($data != '') {
$_POST = $data;
}
if (!isset($_POST['eshopnon'])) {
return;
}
wp_verify_nonce('eshop_add_product_cart');
unset($_POST['eshopnon']);
//setup variables:
$option = $qty = $pclas = $productid = $pid = $pname = $iprice = '';
$echo = '';
//cache
eshop_cache();
//delete the session, empties the cart
if (isset($_POST['unset']) || calculate_items() == 0 && isset($_SESSION['eshopcart' . $blog_id]) && sizeof($_SESSION['eshopcart' . $blog_id]) > 0) {
unset($_SESSION['eshopcart' . $blog_id]);
unset($_SESSION['final_price' . $blog_id]);
unset($_SESSION['items' . $blog_id]);
$_POST['save'] = 'false';
}
if (isset($eshopoptions['min_qty']) && $eshopoptions['min_qty'] != '') {
$min = $eshopoptions['min_qty'];
}
if (isset($eshopoptions['max_qty']) && $eshopoptions['max_qty'] != '') {
$max = $eshopoptions['max_qty'];
}
if (!isset($_POST['save'])) {
//on windows this check isn't working correctly, so I've added ==0
if (get_magic_quotes_gpc()) {
$_COOKIE = stripslashes_array($_COOKIE);
$_FILES = stripslashes_array($_FILES);
$_GET = stripslashes_array($_GET);
$_POST = stripslashes_array($_POST);
$_REQUEST = stripslashes_array($_REQUEST);
}
$_POST = sanitise_array($_POST);
//if adding a product to the cart
if (isset($_POST['qty']) && !isset($_POST['save']) && (!is_numeric(trim($_POST['qty'])) || strlen($_POST['qty']) > 3)) {
$qty = $_POST['qty'] = 1;
$v = '999';
if (isset($max)) {
$v = $max;
}
$error = '<p><strong class="eshoperror error">' . sprintf(__('Error: The quantity must contain numbers only, with a maximum of %s.', 'eshop'), $v) . '</strong></p>';
}
if (isset($min) && isset($_POST['qty']) && $_POST['qty'] < $min) {
$qty = $_POST['qty'] = $min;
$v = '999';
if (isset($max)) {
$v = $max;
}
$k = $min;
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
if (isset($max) && isset($_POST['qty']) && $_POST['qty'] > $max) {
$qty = $_POST['qty'] = $max;
$v = $max;
$k = 1;
if (isset($min)) {
$k = $min;
}
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
if (isset($_POST['postid'])) {
$stkav = get_post_meta($_POST['postid'], '_eshop_stock', true);
$eshop_product = maybe_unserialize(get_post_meta($_POST['postid'], '_eshop_product', true));
}
if (isset($_POST['option']) && !isset($_POST['save'])) {
$edown = $getprice = $option = $_POST['option'];
if (!isset($_POST['qty'])) {
$enote = '<p><strong class="eshoperror error">' . __('Warning: you must supply a quantity.', 'eshop') . '</strong></p>';
}
$qty = $_POST['qty'];
$plcas = '';
if (isset($_POST['pclas'])) {
$pclas = $_POST['pclas'];
}
$productid = $pid = $_POST['pid'];
$pname = $_POST['pname'];
/* if download option then it must be free shipping */
$postid = $wpdb->escape($_POST['postid']);
$eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true));
$dlchk = '';
if (isset($eshop_product['products'][$option]['download'])) {
$dlchk = $eshop_product['products'][$option]['download'];
}
if ($dlchk != '') {
$pclas = 'F';
}
$iprice = $eshop_product['products'][$option]['price'];
if (isset($eshopoptions['sale_prices']) && $eshopoptions['sale_prices'] == 1 && isset($eshopoptions['sale']) && 'yes' == $eshopoptions['sale'] && isset($eshop_product['products'][$option]['saleprice']) && $eshop_product['products'][$option]['saleprice'] != '' && isset($eshop_product['sale']) && $eshop_product['sale'] == 'yes') {
$iprice = $eshop_product['products'][$option]['saleprice'];
}
if ($iprice == '') {
$error = '<p><strong class="eshoperror error">' . __('Error: That product is currently not available.', 'eshop') . '</strong></p>';
$option = $_POST['option'] = '';
$qty = $_POST['qty'] = '';
$pclas = $_POST['pclas'] = '';
$productid = $pid = $_POST['pid'] = '';
$pname = $_POST['pname'] = '';
$iprice = '';
}
}
//unique identifier
$optset = '';
if (isset($_POST['optset'])) {
$xx = 0;
foreach ($_POST['optset'] as $opts) {
$optset .= 'os' . $xx . implode('os' . $xx, $opts);
$xx++;
}
}
if (!isset($pid)) {
$pid = '';
}
if (!isset($option)) {
$option = '';
}
if (!isset($postid)) {
$postid = '';
}
$identifier = $pid . $option . $postid . $optset;
//$needle=array(" ","-","$","\r","\r\n","\n","\\","&","#",";");
$identifier = md5($identifier);
//str_replace($needle,"",$identifier);
$stocktable = $wpdb->prefix . "eshop_stock";
if (isset($_SESSION['eshopcart' . $blog_id][$identifier])) {
$testqty = $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] + $qty;
$eshopid = $_SESSION['eshopcart' . $blog_id][$identifier]['postid'];
$eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true));
$optnum = $_SESSION['eshopcart' . $blog_id][$identifier]['option'];
$item = $eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$identifier]['option']]['option'];
if (isset($min) && $testqty < $min) {
$qty = 0;
$v = '999';
if (isset($max)) {
$v = $max;
}
$k = $min;
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
if (isset($max) && $testqty > $max) {
$qty = 0;
$v = $max;
$k = 1;
if (isset($min)) {
$k = $min;
}
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
if ('yes' == $eshopoptions['stock_control']) {
$stkqty = $eshop_product['products'][$optnum]['stkqty'];
//recheck stkqty
$stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$eshopid} && option_id={$optnum}");
if (isset($stktableqty) && is_numeric($stktableqty)) {
$stkqty = $stktableqty;
}
if (!ctype_digit(trim($testqty)) || strlen($testqty) > 3) {
$error = '<p><strong class="eshoperror error">' . __('Error: The quantity must contain numbers only, with a 999 maximum.', 'eshop') . '</strong></p>';
} elseif ('yes' == $eshopoptions['stock_control'] && ($stkav != '1' || $stkqty < $testqty)) {
$error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>';
} else {
$_SESSION['eshopcart' . $blog_id][$identifier]['qty'] += $qty;
}
} else {
$_SESSION['eshopcart' . $blog_id][$identifier]['qty'] += $qty;
}
$_SESSION['lastproduct' . $blog_id] = $postid;
do_action('eshop_product_updated_cart', $_SESSION['eshopcart' . $blog_id][$identifier]);
} elseif ($identifier != '') {
$weight = 0;
if (isset($_POST['save']) && $_POST['save'] == 'true') {
$postid = $_SESSION['eshopcart' . $blog_id][$identifier]['postid'];
$optid = $_SESSION['eshopcart' . $blog_id][$identifier]['option'];
$optnum = $optid;
$testqty = $qty;
} else {
$postid = $wpdb->escape($_POST['postid']);
$optid = $wpdb->escape($_POST['option']);
$optnum = $optid;
$_SESSION['eshopcart' . $blog_id][$identifier]['postid'] = $postid;
$testqty = $qty;
}
$eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true));
$item = $eshop_product['products'][$optnum]['option'];
if ('yes' == $eshopoptions['stock_control']) {
$stkqty = $eshop_product['products'][$optnum]['stkqty'];
//recheck stkqty
$stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$postid} && option_id={$optid}");
if (isset($stktableqty) && is_numeric($stktableqty)) {
$stkqty = $stktableqty;
}
if (!ctype_digit(trim($testqty)) || strlen($testqty) > 3) {
$error = '<p><strong class="eshoperror error">' . __('Error: The quantity must contain numbers only, with a 999 maximum.', 'eshop') . '</strong></p>';
} elseif ('yes' == $eshopoptions['stock_control'] && ($stkav != '1' || $stkqty < $testqty)) {
$error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>';
//$_SESSION['eshopcart'.$blog_id][$identifier]['qty']=$stkqty;
} else {
$_SESSION['eshopcart' . $blog_id][$identifier]['qty'] = $qty;
}
} else {
$_SESSION['eshopcart' . $blog_id][$identifier]['qty'] = $qty;
}
$_SESSION['lastproduct' . $blog_id] = $postid;
$_SESSION['eshopcart' . $blog_id][$identifier]['item'] = $item;
$_SESSION['eshopcart' . $blog_id][$identifier]['option'] = stripslashes($option);
$_SESSION['eshopcart' . $blog_id][$identifier]['pclas'] = stripslashes($pclas);
$_SESSION['eshopcart' . $blog_id][$identifier]['pid'] = $pid;
$_SESSION['eshopcart' . $blog_id][$identifier]['pname'] = stripslashes($pname);
$_SESSION['eshopcart' . $blog_id][$identifier]['price'] = $iprice;
if (isset($_POST['optset'])) {
foreach ($_POST['optset'] as $k => $v) {
$newoptset[] = $v;
}
$_SESSION['eshopcart' . $blog_id][$identifier]['optset'] = serialize($newoptset);
$oset = $qb = array();
$optings = $newoptset;
//$opttable=$wpdb->prefix.'eshop_option_sets';
foreach ($optings as $foo => $opst) {
$qb[] = "id={$opst['id']}";
}
$qbs = implode(" OR ", $qb);
$otable = $wpdb->prefix . 'eshop_option_sets';
$orowres = $wpdb->get_results("select weight from {$otable} where {$qbs} ORDER BY id ASC");
$x = 0;
foreach ($orowres as $orow) {
$weight += $orow->weight;
$x++;
}
}
//weights?
if (isset($eshop_product['products'][$option]['weight'])) {
$weight += $eshop_product['products'][$option]['weight'];
}
$_SESSION['eshopcart' . $blog_id][$identifier]['weight'] = $weight;
if (isset($error)) {
unset($_SESSION['eshopcart' . $blog_id][$identifier]);
}
do_action('eshop_product_added_to_cart', $_SESSION['eshopcart' . $blog_id][$identifier]);
}
}
if (!isset($error)) {
//save? not sure why I used that, but its working so why make trouble for myself.
if (isset($_POST['save'])) {
$save = $_POST['save'];
}
//this bit is possibly not required
if (isset($productid)) {
//new item selected ******* may need checking
$_SESSION['final_price' . $blog_id] = calculate_price();
$_SESSION['items' . $blog_id] = calculate_items();
}
if (isset($_POST['eshopdeleteitem'])) {
foreach ($_POST['eshopdeleteitem'] as $chkey => $chkval) {
$tochkkey = $chkey;
$tochkqty = $_SESSION['eshopcart' . $blog_id][$chkey]['qty'];
}
}
if (isset($eshopoptions['min_qty']) && $eshopoptions['min_qty'] != '') {
$min = $eshopoptions['min_qty'];
}
if (isset($eshopoptions['max_qty']) && $eshopoptions['max_qty'] != '') {
$max = $eshopoptions['max_qty'];
}
if (isset($min) && isset($_POST['qty']) && $_POST['qty'] < $min) {
$qty = $_POST['qty'] = $min;
$v = '999';
if (isset($max)) {
$v = $max;
}
$k = $min;
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
if (isset($max) && isset($_POST['qty']) && $_POST['qty'] > $max) {
$qty = $_POST['qty'] = $max;
$v = $max;
$k = 1;
if (isset($min)) {
$k = $min;
}
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
}
//update products in the cart
if (isset($_POST['save']) && $_POST['save'] == 'true' && isset($_SESSION['eshopcart' . $blog_id])) {
$eshopcartarray = $_SESSION['eshopcart' . $blog_id];
foreach ($eshopcartarray as $productid => $opt) {
$needle = array(" ", ".");
$sessproductid = str_replace($needle, "_", $productid);
foreach ($_POST as $key => $value) {
if ($key == $sessproductid) {
foreach ($value as $notused => $qty) {
if (isset($tochkkey) && $tochkkey == $key && $tochkqty == $qty) {
$qty = 0;
}
if ($qty == "0") {
unset($_SESSION['eshopcart' . $blog_id][$productid]);
} else {
$postid = $eshopid = $_SESSION['eshopcart' . $blog_id][$productid]['postid'];
$eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true));
$optnum = $_SESSION['eshopcart' . $blog_id][$productid]['option'];
if (isset($eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$productid]['option']]['stkqty'])) {
$stkqty = $eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$productid]['option']]['stkqty'];
}
//recheck stkqty
$stocktable = $wpdb->prefix . "eshop_stock";
$stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$eshopid} AND option_id={$optnum}");
if (isset($stktableqty) && is_numeric($stktableqty)) {
$stkqty = $stktableqty;
}
if (!ctype_digit(trim($qty)) || strlen($qty) > 3) {
$v = '999';
if (isset($max)) {
$v = $max;
}
$error = '<p><strong class="eshoperror error">' . sprintf(__('Error: The quantity must contain numbers only, with a maximum of %s.', 'eshop'), $v) . '</strong></p>';
} elseif ('yes' == $eshopoptions['stock_control'] && $stkqty < $qty) {
$error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>';
} elseif (isset($min) && isset($qty) && $qty < $min) {
$qty = $min;
$v = '999';
if (isset($max)) {
$v = $max;
}
$k = $min;
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
} elseif (isset($max) && isset($qty) && $qty > $max) {
$qty = $max;
$v = $max;
$k = 1;
if (isset($min)) {
$k = $min;
}
$enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>';
} else {
$_SESSION['eshopcart' . $blog_id][$productid]['qty'] = $qty;
}
}
}
}
}
}
$_SESSION['final_price' . $blog_id] = calculate_price();
//$_SESSION['items'.$blog_id] = calculate_items();
}
}
//any errors will print here.
if (isset($error)) {
$_SESSION['eshopcart' . $blog_id]['error'] = $error;
}
if (isset($enote)) {
$_SESSION['eshopcart' . $blog_id]['enote'] = $enote;
}
if (isset($_SESSION['eshopcart' . $blog_id]) && sizeof($_SESSION['eshopcart' . $blog_id]) == '0') {
unset($_SESSION['eshopcart' . $blog_id]);
unset($_SESSION['final_price' . $blog_id]);
unset($_SESSION['items' . $blog_id]);
}
}
function eshop_downloads($_POST, $images, $content)
{
global $wpdb, $eshopoptions;
//cache
eshop_cache();
$table = $wpdb->prefix . "eshop_downloads";
$ordertable = $wpdb->prefix . "eshop_download_orders";
$dir_upload = eshop_download_directory();
$echo = '';
//download is handled via cart functions as it needs to
//be accessible before anything is printed on the page
if (isset($_POST['code']) && isset($_POST['email'])) {
/*
Need to add in check about number of downloads here, including unlimited!
*/
$code = $wpdb->escape($_POST['code']);
$email = $wpdb->escape($_POST['email']);
$dlcount = $wpdb->get_var("SELECT COUNT(id) FROM {$ordertable} where email='{$email}' && code='{$code}' && downloads!='0'");
if ($dlcount > 0) {
$echo .= $content;
$tsize = 0;
$x = 0;
if ($dlcount > 1 && $eshopoptions['downloads_hideall'] != 'yes') {
$echo .= '<p class="jdl"><a href="#dlall">' . __('Download all files', 'eshop') . '</a></p>';
}
$dlresult = $wpdb->get_results("Select * from {$ordertable} where email='{$email}' && code='{$code}' && downloads!='0'");
foreach ($dlresult as $dlrow) {
//download single items.
$filepath = $dir_upload . $dlrow->files;
$dlfilesize = eshop_filesize($dlrow->files);
$tsize = $tsize + $dlfilesize;
if ($dlrow->downloads == 1) {
$dlword = __('download', 'eshop');
} else {
$dlword = __('downloads', 'eshop');
}
$imagetoadd = '';
if ($images == 'add') {
$checkit = wp_check_filetype($filepath);
$eshopext = wp_ext2type($checkit['ext']);
$eshopfiletypeimgurl = wp_mime_type_icon($eshopext);
$eshophead = wp_remote_head($eshopfiletypeimgurl);
$eshophresult = wp_remote_retrieve_response_code($eshophead);
if ($eshophresult == '200' || $eshophresult == '302') {
$dims = getimagesize($eshopfiletypeimgurl);
}
if (is_array($dims)) {
$dimensions = $dims[3];
} else {
$dimensions = '';
}
$imagetoadd = apply_filters('eshop_download_imgs', '<img class="eshop-download-icon" src="' . $eshopfiletypeimgurl . '" ' . $dimensions . ' alt="" />', $checkit['ext']);
}
$dltitle = strlen($dlrow->title) >= 20 ? substr($dlrow->title, 0, 20) . "…" : $dlrow->title;
$echo .= '
<form method="post" action="" class="eshop dlproduct"><fieldset>
<legend>' . $dltitle . ' (' . check_filesize($dlfilesize) . ')</legend>
' . $imagetoadd . '
<input name="email" type="hidden" value="' . $_POST['email'] . '" />
<input name="code" type="hidden" value="' . $_POST['code'] . '" />
<input name="id" type="hidden" value="' . $dlrow->id . '" />
<input name="eshoplongdownloadname" type="hidden" value="yes" />
<label for="ro' . $x . '">' . __('Number of downloads remaining', 'eshop') . '</label>
<input type="text" readonly="readonly" name="ro" class="ro" id="ro' . $x . '" value="' . $dlrow->downloads . '" />
<span class="buttonwrap"><input type="submit" class="button" id="submit' . $x . '" name="Submit" value="' . __('Download', 'eshop') . ' ' . $dltitle . '" /></span>
</fieldset></form>';
$x++;
$size = 0;
}
if ($dlcount > 1 && $eshopoptions['downloads_hideall'] != 'yes') {
//download all form.
$echo .= '
<form method="post" action="" id="dlall" class="eshop"><fieldset>
<legend>' . __('Download all files', 'eshop') . ' (' . check_filesize($tsize) . ') ' . __('in one zip file.', 'eshop') . '</legend>
<input name="email" type="hidden" value="' . $_POST['email'] . '" />
<input name="code" type="hidden" value="' . $_POST['code'] . '" />
<input name="id" type="hidden" value="all" />
<input name="eshoplongdownloadname" type="hidden" value="yes" />
<p><span class="buttonwrap"><input class="button" type="submit" id="submit" name="Submit" value="' . __('Download All Files', 'eshop') . '" /></span></p>
</fieldset></form>
';
}
//allow plugin to change output, validated email/passcode already
$echo = apply_filters('eshop_download_page', $echo, $code, $email);
} else {
$prevdlcount = $wpdb->get_var("SELECT COUNT(id) FROM {$ordertable} where email='{$email}' && code='{$code}'");
if ($dlcount == $prevdlcount) {
$error = '<p class="eshoperror error">' . __('Either your email address or code is incorrect, please try again.', 'eshop') . '</p>';
} else {
$error = '<p class="eshoperror error">' . __('Your email address and code are correct, however you have no downloads remaining.', 'eshop') . '</p>';
}
$echo .= eshop_dloadform($email, $code, $error);
}
} else {
$echo .= eshop_dloadform('', '');
}
return $echo;
}
function eshop_show_cart()
{
global $wpdb, $blog_id, $wp_query, $eshopoptions;
$echo = '';
include "cart-functions.php";
//cache
eshop_cache();
if (isset($_SESSION['eshopcart' . $blog_id]['error'])) {
$echo .= $_SESSION['eshopcart' . $blog_id]['error'];
unset($_SESSION['eshopcart' . $blog_id]['error']);
}
if (isset($_SESSION['eshopcart' . $blog_id]['enote'])) {
$echo .= $_SESSION['eshopcart' . $blog_id]['enote'];
unset($_SESSION['eshopcart' . $blog_id]['enote']);
}
if (isset($_SESSION['eshopcart' . $blog_id])) {
if (isset($wp_query->query_vars['eshopaction']) && urldecode($wp_query->query_vars['eshopaction']) == 'cancel' && !isset($_POST['save'])) {
$echo .= "<h3>" . __('The order was cancelled.', 'eshop') . "</h3>";
$echo .= '<p>' . __('We have not deleted the contents of your shopping cart in case you may want to edit its content.', 'eshop') . '</p>';
}
if ($eshopoptions['shop_page'] != '') {
$return = get_permalink($eshopoptions['shop_page']);
} elseif (isset($_SESSION['lastproduct' . $blog_id])) {
$return = get_permalink($_SESSION['lastproduct' . $blog_id]);
} else {
$return = get_permalink($eshopoptions['cart']);
}
$echo .= display_cart($_SESSION['eshopcart' . $blog_id], 'true', $eshopoptions['checkout']);
$echo .= '<ul class="continue-proceed eshopcp0"><li class="rtnshopping"><a href="' . $return . '">' . __('« Continue Shopping', 'eshop') . '</a></li>
<li class="gotocheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('Proceed to Checkout »', 'eshop') . '</a></li></ul>';
} else {
//can be altered as desired.
$echo .= '<p><strong class="eshoperror error">' . __('Your shopping cart is currently empty.', 'eshop') . '</strong></p>';
}
return $echo;
}