function eshop_checkout($espost) { $espost = stripslashes_deep($espost); global $blog_id, $eshopoptions, $wpdb; $contineproceed = '1'; //cache eshop_cache(); $echoit = ''; include_once ABSPATH . 'wp-includes/wp-db.php'; include_once WP_PLUGIN_DIR . "/eshop/cart-functions.php"; if (isset($espost['eshop_payment'])) { $_SESSION['eshop_payment' . $blog_id] = preg_replace('/[^a-zA-Z0-9\\-_]/', '', $espost['eshop_payment']); } if (!isset($_SESSION['eshop_payment' . $blog_id])) { $paymentmethod = 'paypal'; } else { $paymentmethod = $_SESSION['eshop_payment' . $blog_id]; } //left over from previous script, leaving in just in case another payment method is used. $chkerror = 0; $numberofproducts = 0; //filter for plugin merchant gateways $eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod); // if everything went ok do the following, hopefully the rest won't happen! if (isset($_GET['eshopaction'])) { if ($_GET['eshopaction'] == 'success') { include_once $eshopmgincpath; } } //filter for plugin merchant gateways $eshopmgincidxpath = apply_filters('eshop_mg_inc_idx_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '/index.php', $paymentmethod); if (file_exists($eshopmgincidxpath)) { include_once $eshopmgincidxpath; } if (isset($_SESSION['eshopcart' . $blog_id])) { $shopcart = $_SESSION['eshopcart' . $blog_id]; $numberofproducts = sizeof($_SESSION['eshopcart' . $blog_id]); /* unused code? $productsandqty=''; while (list ($product, $amount) = each ($_SESSION['eshopcart'.$blog_id])){ $productsandqty.=" $product-$amount"; $productsandqty=trim($productsandqty); } */ $keys = array_keys($_SESSION['eshopcart' . $blog_id]); $productidkeys = implode(",", $keys); $productidkeys = trim($productidkeys); //reqd for shipping - finds the correct state for working out shipping, and set things up for later usage. if (isset($espost['ship_name'])) { if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '' || $espost['ship_company'] != '' || $espost['ship_phone'] != '' || $espost['ship_country'] != '' || $espost['ship_state'] != '') { if ($espost['ship_name'] == '') { $espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name']; } if ($espost['ship_company'] == '') { $espost['ship_company'] = $espost['company']; } if ($espost['ship_phone'] == '') { $espost['ship_phone'] = $espost['phone']; } if ($espost['ship_address'] == '') { $espost['ship_address'] = $espost['address1']; if ($espost['address2'] != '') { $espost['ship_address'] .= ", " . $espost['address2']; } } if ($espost['ship_city'] == '') { $espost['ship_city'] = $espost['city']; } if ($espost['ship_postcode'] == '') { $espost['ship_postcode'] = $espost['zip']; } if ($espost['ship_country'] == '') { $espost['ship_country'] = $espost['country']; } if ($espost['ship_state'] == '') { $espost['ship_state'] = $espost['state']; } if ($espost['ship_altstate'] == '') { $espost['ship_altstate'] = $espost['altstate']; } } else { $espost['ship_name'] = $espost['first_name'] . " " . $espost['last_name']; $espost['ship_company'] = $espost['company']; $espost['ship_phone'] = $espost['phone']; if ($espost['ship_address'] == '') { $espost['ship_address'] = $espost['address1']; if ($espost['address2'] != '') { $espost['ship_address'] .= ", " . $espost['address2']; } } $espost['ship_city'] = $espost['city']; $espost['ship_postcode'] = $espost['zip']; $espost['ship_country'] = $espost['country']; $espost['ship_state'] = $espost['state']; $espost['ship_altstate'] = $espost['altstate']; } $tablecountries = $wpdb->prefix . 'eshop_countries'; $tablestates = $wpdb->prefix . 'eshop_states'; $shippingzone = $eshopoptions['shipping_zone']; if (isset($espost['eshop_shiptype']) && $espost['eshop_shiptype'] != '0') { $sztype = $espost['eshop_shiptype']; $shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1"); } $pzoneid = ''; //$eshopoptions['unknown_state']; if ($shippingzone == 'country') { if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $pzoneid = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $pzoneid = $espost['country']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1"); } else { if (isset($espost['state']) && $espost['state'] != '') { $pzoneid = $espost['state']; } if (isset($espost['ship_state']) && $espost['ship_state'] != '') { $pzoneid = $espost['ship_state']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1"); if (isset($espost['altstate']) && $espost['altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } } $_SESSION['shiptocountry' . $blog_id] = $eshopoptions['location']; if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $_SESSION['shiptocountry' . $blog_id] = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $_SESSION['shiptocountry' . $blog_id] = $espost['country']; } } else { $pzoneid = ''; //$eshopoptions['unknown_state']; $tablecountries = $wpdb->prefix . 'eshop_countries'; $tablestates = $wpdb->prefix . 'eshop_states'; $shippingzone = $eshopoptions['shipping_zone']; if (isset($espost['eshop_shiptype'])) { $sztype = $espost['eshop_shiptype']; $shippingzone = $wpdb->get_var("SELECT area FROM " . $wpdb->prefix . "eshop_rates WHERE rate_type='ship_weight' && class='{$sztype}' LIMIT 1"); } if ($shippingzone == 'country') { if (isset($espost['ship_country']) && $espost['ship_country'] != '') { $pzoneid = $espost['ship_country']; } elseif (isset($espost['country']) && $espost['country'] != '') { $pzoneid = $espost['country']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablecountries} WHERE code='{$pzoneid}' LIMIT 1"); } else { if (isset($espost['ship_state']) && $espost['ship_state'] != '') { $pzoneid = $espost['ship_state']; } if (isset($espost['state']) && $espost['state'] != '') { $pzoneid = $espost['state']; } $pzone = $wpdb->get_var("SELECT zone FROM {$tablestates} WHERE id='{$pzoneid}' LIMIT 1"); if (isset($espost['altstate']) && $espost['altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $pzone = $eshopoptions['unknown_state']; } } } // $shiparray = array(); $eshopcartarray = $_SESSION['eshopcart' . $blog_id]; foreach ($eshopcartarray as $productid => $opt) { if (is_array($opt)) { switch ($eshopoptions['shipping']) { case '1': //( per quantity of 1, prices reduced for additional items ) for ($i = 1; $i <= $opt['qty']; $i++) { array_push($shiparray, $opt["pclas"]); } break; case '2': //( once per shipping class no matter what quantity is ordered ) if (!in_array($opt["pclas"], $shiparray)) { array_push($shiparray, $opt["pclas"]); } break; case '3': //( one overall charge no matter how many are ordered ) if (!in_array($opt["pclas"], $shiparray)) { if ($opt["pclas"] != 'F') { array_push($shiparray, 'A'); } } break; case '4': //( weight ) if (isset($espost['eshop_shiptype'])) { unset($shiparray); $shiparray = $espost['eshop_shiptype']; } break; } } } //need an extra check if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && isset($espost['submit']) && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) { $pzone = ''; } //need to check the discount codes here as well: if (eshop_discount_codes_check()) { $_SESSION['eshop_discount' . $blog_id] = ''; unset($_SESSION['eshop_discount' . $blog_id]); if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') { $chkcode = valid_eshop_discount_code($espost['eshop_discount']); if ($chkcode) { $_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount']; } } } //show the cart if (isset($_GET['eshopaction']) && $_GET['eshopaction'] != 'redirect' || !isset($_GET['eshopaction'])) { $echoit .= display_cart($_SESSION['eshopcart' . $blog_id], false, $eshopoptions['checkout'], $pzone, $shiparray); } } $error = ''; if (isset($espost['submit'])) { //form handling foreach ($espost as $key => $value) { $key = $value; } //setupshipping arrays $reqdvalues = array('shipping', 'first_name', 'last_name', 'email', 'phone', 'address', 'city', 'zip', 'pay'); if ($eshopoptions['shipping'] != '4') { if ($eshopoptions['shipping_zone'] == 'country') { $reqdvalues[] = 'country'; } else { $reqdvalues[] = 'state'; } } else { $creqd = ''; $dtable = $wpdb->prefix . 'eshop_rates'; $query = $wpdb->get_results("SELECT DISTINCT(area) from {$dtable} where rate_type='ship_weight'"); foreach ($query as $k) { $reqdvalues[] = $k->area; } } $linkattr = apply_filters('eShopCheckoutLinksAttr', ''); $reqdarray = apply_filters('eshopCheckoutReqd', $reqdvalues); if ($eshopoptions['shipping'] == '4' && 'no' == $eshopoptions['downloads_only'] && !isset($espost['eshop_shiptype']) && !eshop_only_downloads()) { $error .= '<li>' . __('<strong>Shipping</strong> - not selected.', 'eshop') . '</li>'; } if (isset($espost['first_name'])) { $valid = checkAlpha($espost['first_name']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'first_name')) { $error .= '<li>' . __('<strong>First name</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['last_name'])) { $valid = checkAlpha($espost['last_name']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'last_name')) { $error .= '<li>' . __('<strong>Last name</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['email'])) { $valid = checkEmail($espost['email']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'email')) { $error .= '<li>' . __('<strong>Email address</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['phone'])) { $valid = checkPhone($espost['phone']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'phone')) { $error .= '<li>' . __('<strong>Phone Number</strong> - missing or incorrect', 'eshop') . '.</li>'; } } if (isset($espost['address1'])) { $valid = checkAlpha($espost['address1']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'address')) { $error .= '<li>' . __('<strong>Address</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['city'])) { $valid = checkAlpha($espost['city']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'city')) { $error .= '<li>' . __('<strong>City or town</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (eshop_checkreqd($reqdarray, 'state')) { if (isset($espost['state']) && $espost['state'] == '' && $espost['altstate'] == '') { $error .= '<li>' . __('<strong>State/County/Province</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (eshop_checkreqd($reqdarray, 'country')) { if (isset($espost['country'])) { $valid = checkAlpha($espost['country']); if ($valid == FALSE) { $error .= '<li>' . __('<strong>Country</strong> - missing or incorrect.', 'eshop') . '</li>'; } } } if (isset($espost['country']) && $espost['country'] == 'US' && $espost['state'] == '' && $espost['altstate'] == '') { //must pick a state for US deliveries $error .= '<li>' . __('<strong><abbr title="United States">US</abbr> State</strong> - missing or incorrect.', 'eshop') . '</li>'; } if (isset($espost['zip'])) { $valid = checkAlphaNum($espost['zip']); if ($valid == FALSE && eshop_checkreqd($reqdarray, 'zip')) { $error .= '<li>' . __('<strong>Zip/Post code</strong> - missing or incorrect.', 'eshop') . '</li>'; } } if (isset($espost['reference'])) { if ($espost['reference'] == '' && eshop_checkreqd($reqdarray, 'ref')) { $error .= '<li>' . __('<strong>Reference</strong> - missing.', 'eshop') . '</li>'; } } if (isset($espost['comments'])) { if ($espost['comments'] == '' && eshop_checkreqd($reqdarray, 'comments')) { $error .= '<li>' . __('<strong>Comments</strong> - missing.', 'eshop') . '</li>'; } } if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && !is_user_logged_in()) { if (!isset($espost['eshop_users']) && eshop_checkreqd($reqdarray, 'signup')) { $error .= '<li>' . __('<strong>Sign Up</strong> - not checked.', 'eshop') . '</li>'; } } //add in error checking for any new values here $temperror = apply_filters('eshoperrorcheckout', $espost); if (!is_array($temperror)) { $error .= $temperror; } //////////////////////////////////////////////// if ('yes' == $eshopoptions['tandc_use']) { if (!isset($espost['eshop_tandc'])) { $error .= '<li><strong>' . $eshopoptions['tandc'] . '</strong>' . __(' - not checked.', 'eshop') . '</li>'; } } if (!isset($espost['eshop_payment'])) { $error .= '<li>' . __('You have not chosen a <strong>payment option</strong>.', 'eshop') . '</li>'; } if (eshop_discount_codes_check()) { $_SESSION['eshop_discount' . $blog_id] = ''; unset($_SESSION['eshop_discount' . $blog_id]); if (isset($espost['eshop_discount']) && $espost['eshop_discount'] != '') { $chkcode = valid_eshop_discount_code($espost['eshop_discount']); if (!$chkcode) { $error .= '<li>' . __('<strong>Discount Code</strong> - is not valid.', 'eshop') . '</li>'; } else { $_SESSION['eshop_discount' . $blog_id] = $espost['eshop_discount']; } } } if (isset($eshopoptions['users']) && $eshopoptions['users'] == 'yes' && isset($espost['eshop_users']) && !is_user_logged_in()) { $_SESSION['eshop_user' . $blog_id] = '1'; } if ($error != '') { $echoit .= "<p><strong class=\"eshoperror error\">" . __('There were some errors in the details you entered…', 'eshop') . "</strong></p><ul class=\"eshoperrors errors\">" . $error . '</ul>'; $first_name = $last_name = $company = $phone = $reference = ''; $email = $address1 = $address2 = $city = $country = ''; $state = $altstate = $zip = $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; if (isset($espost['first_name'])) { $first_name = $espost['first_name']; } if (isset($espost['last_name'])) { $last_name = $espost['last_name']; } if (isset($espost['phone'])) { $phone = $espost['phone']; } if (isset($espost['reference'])) { $reference = $espost['reference']; } if (isset($espost['email'])) { $email = $espost['email']; } if (isset($espost['address1'])) { $address1 = $espost['address1']; } if (isset($espost['address2'])) { $address2 = $espost['address2']; } if (isset($espost['city'])) { $city = $espost['city']; } if (isset($espost['country'])) { $country = $espost['country']; } if (isset($espost['state'])) { $state = $espost['state']; } if (isset($espost['altstate'])) { $altstate = $espost['altstate']; } if (isset($espost['zip'])) { $zip = $espost['zip']; } if (isset($espost['ship_name'])) { $ship_name = $espost['ship_name']; } if (isset($espost['ship_company'])) { $ship_company = $espost['ship_company']; } if (isset($espost['ship_phone'])) { $ship_phone = $espost['ship_phone']; } if (isset($espost['ship_address'])) { $ship_address = $espost['ship_address']; } if (isset($espost['ship_city'])) { $ship_city = $espost['ship_city']; } if (isset($espost['ship_country'])) { $ship_country = $espost['ship_country']; } if (isset($espost['ship_state'])) { $ship_state = $espost['ship_state']; } if (isset($espost['ship_altstate'])) { $ship_altstate = $espost['ship_altstate']; } if (isset($espost['ship_postcode'])) { $ship_postcode = $espost['ship_postcode']; } if (isset($espost['comments'])) { $comments = $espost['comments']; } $chkerror = '1'; } else { if (!isset($_GET['eshopaction'])) { $shipping = 0; $echoit .= "<div class=\"hr\"></div><div class=\"eshopcheckoutconf\"><h3>" . __('<span class="noprint">Please Confirm </span>Your Details', 'eshop') . '</h3>'; // create a custom id, and shove details in database $date = date('YmdHis'); $_SESSION['date' . $blog_id] = $date; $fprice = number_format($_SESSION['final_price' . $blog_id], 2, '.', ''); $espost['amount'] = $fprice; $espost['custom'] = $date; $espost['numberofproducts'] = sizeof($_SESSION['eshopcart' . $blog_id]); //shipping if (isset($_SESSION['shipping' . $blog_id])) { $shipping = eshopShipTaxAmt(); } //discount shipping if (is_shipfree(calculate_total())) { $shipping = 0; } //shipping $espost['shipping_1'] = $shipping; $ctable = $wpdb->prefix . 'eshop_countries'; $stable = $wpdb->prefix . 'eshop_states'; if ('no' == $eshopoptions['downloads_only']) { $echoit .= '<h4>' . __('Mailing Address', 'eshop') . '</h4><ul class="eshop confirm">'; } else { $echoit .= '<h4>' . __('Contact Details', 'eshop') . '</h4><ul class="eshop confirm">'; } $echoit .= "<li><span class=\"items fullname\">" . __('Full name:', 'eshop') . "</span> " . $espost['first_name'] . " " . $espost['last_name'] . "</li>\n"; if ('no' == $eshopoptions['downloads_only']) { $echoit .= "<li class=\"company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['company'] . "</li>\n"; } $echoit .= "<li class=\"email\"><span class=\"items\">" . __('Email:', 'eshop') . "</span> " . $espost['email'] . "</li>\n"; if ('no' == $eshopoptions['downloads_only']) { $echoit .= "<li class=\"phone\"><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['phone'] . "</li>\n"; $echoit .= "<li class=\"address\"><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['address1'] . " " . $espost['address2'] . "</li>\n"; $echoit .= "<li class=\"city\"><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['city'] . "</li>\n"; $qcode = $wpdb->escape($espost['state']); $qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1"); if ($espost['altstate'] != '') { $echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['altstate'] . "</li>\n"; } elseif ($qstate != '') { $echoit .= "<li class=\"state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n"; } $echoit .= "<li class=\"zip\"><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['zip'] . "</li>\n"; $qccode = $wpdb->escape($espost['country']); $qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1"); $echoit .= "<li class=\"country\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n"; } $echoit .= "</ul>\n"; // $temp = apply_filters('eshopconfcheckout', $espost); if (!is_array($temp)) { $echoit .= $temp; } // if (!isset($espost['reference'])) { $espost['reference'] = ''; } if (!isset($espost['comments'])) { $espost['comments'] = ''; } if (trim($espost['reference']) != '' && trim($espost['comments']) == '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Reference or <abbr title="Purchase Order number">PO</abbr>', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if (trim($espost['reference']) == '' && trim($espost['comments']) != '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if (trim($espost['reference']) != '' && trim($espost['comments']) != '') { $echoit .= "<div class=\"eshop fld3\"><h4>" . __('Additional information', 'eshop') . "</h4>\n<ul class=\"eshop confirmref\">\n"; $echoit .= '<li><span class="items">' . __('Reference or PO:', 'eshop') . '</span> ' . $espost['reference'] . '</li>' . "\n"; $echoit .= '<li><span class="items">' . __('Comments or instructions:', 'eshop') . '</span> ' . $espost['comments'] . '</li>' . "\n"; $echoit .= '</ul></div>' . "\n"; } if ('no' == $eshopoptions['downloads_only']) { if ('yes' != $eshopoptions['hide_shipping']) { if ($espost['ship_name'] != '' || $espost['ship_address'] != '' || $espost['ship_city'] != '' || $espost['ship_postcode'] != '') { $echoit .= "<div class=\"eshop fld4\"><h4>" . __('Shipping Address', 'eshop') . "</h4>\n<ul class=\"eshop confirmship\">\n"; $echoit .= "<li><span class=\"items\">" . __('Full name:', 'eshop') . "</span> " . $espost['ship_name'] . "</li>\n"; $echoit .= "<li class=\"ship_company\"><span class=\"items\">" . __('Company:', 'eshop') . "</span> " . $espost['ship_company'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('Phone:', 'eshop') . "</span> " . $espost['ship_phone'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('Address:', 'eshop') . "</span> " . $espost['ship_address'] . "</li>\n"; $echoit .= "<li><span class=\"items\">" . __('City or town:', 'eshop') . "</span> " . $espost['ship_city'] . "</li>\n"; $qcode = $wpdb->escape($espost['ship_state']); $qstate = $wpdb->get_var("SELECT stateName FROM {$stable} WHERE id='{$qcode}' limit 1"); if ($espost['ship_altstate'] != '') { $echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $espost['ship_altstate'] . "</li>\n"; } elseif ($qstate != '') { $echoit .= "<li class=\"ship_state\"><span class=\"items\">" . __('State/County/Province:', 'eshop') . "</span> " . $qstate . "</li>\n"; } $echoit .= "<li><span class=\"items\">" . __('Zip/Post code:', 'eshop') . "</span> " . $espost['ship_postcode'] . "</li>\n"; $qccode = $wpdb->escape($espost['ship_country']); $qcountry = $wpdb->get_var("SELECT country FROM {$ctable} WHERE code='{$qccode}' limit 1"); $echoit .= "<li class=\"shipcountry\"><span class=\"items\">" . __('Country:', 'eshop') . "</span> " . $qcountry . "</li>\n"; $echoit .= "</ul></div>\n"; } } } $echoit .= "\n"; $echoit .= "</div>\n"; } //add to a session to store address: $_SESSION['addy' . $blog_id]['first_name'] = $espost['first_name']; $_SESSION['addy' . $blog_id]['last_name'] = $espost['last_name']; $_SESSION['addy' . $blog_id]['email'] = $espost['email']; if (isset($espost['company'])) { $_SESSION['addy' . $blog_id]['company'] = $espost['company']; } else { $_SESSION['addy' . $blog_id]['company'] = ''; } if (isset($espost['phone'])) { $_SESSION['addy' . $blog_id]['phone'] = $espost['phone']; } else { $_SESSION['addy' . $blog_id]['phone'] = ''; } if (isset($espost['reference'])) { $_SESSION['addy' . $blog_id]['reference'] = $espost['reference']; } else { $_SESSION['addy' . $blog_id]['reference'] = ''; } if (isset($espost['address1'])) { $_SESSION['addy' . $blog_id]['address1'] = $espost['address1']; } else { $_SESSION['addy' . $blog_id]['address1'] = ''; } if (isset($espost['address2'])) { $_SESSION['addy' . $blog_id]['address2'] = $espost['address2']; } else { $_SESSION['addy' . $blog_id]['address2'] = ''; } if (isset($espost['city'])) { $_SESSION['addy' . $blog_id]['city'] = $espost['city']; } if (isset($espost['country'])) { $_SESSION['addy' . $blog_id]['country'] = $espost['country']; } else { $_SESSION['addy' . $blog_id]['country'] = ''; } if (isset($espost['state'])) { $_SESSION['addy' . $blog_id]['state'] = $espost['state']; } else { $_SESSION['addy' . $blog_id]['state'] = ''; } if (isset($espost['altstate']) && $espost['altstate'] != '') { $_SESSION['addy' . $blog_id]['state'] = $espost['altstate']; } if (isset($espost['zip'])) { $_SESSION['addy' . $blog_id]['zip'] = $espost['zip']; } else { $_SESSION['addy' . $blog_id]['zip'] = ''; } if (isset($espost['ship_name'])) { $_SESSION['addy' . $blog_id]['ship_name'] = $espost['ship_name']; $_SESSION['addy' . $blog_id]['ship_company'] = $espost['ship_company']; $_SESSION['addy' . $blog_id]['ship_phone'] = $espost['ship_phone']; $_SESSION['addy' . $blog_id]['ship_address'] = $espost['ship_address']; $_SESSION['addy' . $blog_id]['ship_city'] = $espost['ship_city']; $_SESSION['addy' . $blog_id]['ship_country'] = $espost['ship_country']; $_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_state']; if (isset($espost['ship_altstate']) && $espost['ship_altstate'] != '') { $_SESSION['addy' . $blog_id]['ship_state'] = $espost['ship_altstate']; } $_SESSION['addy' . $blog_id]['ship_postcode'] = $espost['ship_postcode']; } if (isset($espost['comments'])) { $_SESSION['addy' . $blog_id]['comments'] = $espost['comments']; } else { $_SESSION['addy' . $blog_id]['comments'] = ''; } if (!isset($_SESSION['shipping' . $blog_id])) { $_SESSION['shipping' . $blog_id]['cost'] = $shipping; } //grab all the POST variables and store in cookie $array = $espost; //but first make a few extra equal nothing //add others in here if needed $array['comments'] = $array['reference'] = ''; $eshopsetcookie = apply_filters('eshop_use_cookie', true); if ($eshopsetcookie == true) { $biscuits = eshop_build_cookie($array); setcookie("eshopcart", $biscuits, time() + 60 * 60 * 24 * 365); } $eshopmgincpath = apply_filters('eshop_mg_inc_path', WP_PLUGIN_DIR . '/eshop/' . $paymentmethod . '.php', $paymentmethod); include_once $eshopmgincpath; $contineproceed = '3'; } } else { //for first time form usage. if (isset($_SESSION['addy' . $blog_id])) { $first_name = $_SESSION['addy' . $blog_id]['first_name']; $last_name = $_SESSION['addy' . $blog_id]['last_name']; $company = $_SESSION['addy' . $blog_id]['company']; $phone = $_SESSION['addy' . $blog_id]['phone']; $reference = $_SESSION['addy' . $blog_id]['reference']; $email = $_SESSION['addy' . $blog_id]['email']; $address1 = $_SESSION['addy' . $blog_id]['address1']; $address2 = $_SESSION['addy' . $blog_id]['address2']; $city = ''; if (isset($_SESSION['addy' . $blog_id]['city'])) { $city = $_SESSION['addy' . $blog_id]['city']; } $country = $_SESSION['addy' . $blog_id]['country']; $state = $_SESSION['addy' . $blog_id]['state']; if (!is_numeric($state)) { $li = $wpdb->escape($state); $table = $wpdb->prefix . 'eshop_states'; $stateList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1"); $state = $stateList; } if (isset($_SESSION['addy' . $blog_id]['altstate'])) { $altstate = $_SESSION['addy' . $blog_id]['altstate']; } else { $altstate = ''; } $zip = $_SESSION['addy' . $blog_id]['zip']; /* defaults */ $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; if (isset($_SESSION['addy' . $blog_id]['ship_name'])) { $ship_name = $_SESSION['addy' . $blog_id]['ship_name']; } if (isset($_SESSION['addy' . $blog_id]['ship_company'])) { $ship_company = $_SESSION['addy' . $blog_id]['ship_company']; } if (isset($_SESSION['addy' . $blog_id]['ship_phone'])) { $ship_phone = $_SESSION['addy' . $blog_id]['ship_phone']; } if (isset($_SESSION['addy' . $blog_id]['ship_address'])) { $ship_address = $_SESSION['addy' . $blog_id]['ship_address']; } if (isset($_SESSION['addy' . $blog_id]['ship_city'])) { $ship_city = $_SESSION['addy' . $blog_id]['ship_city']; } if (isset($_SESSION['addy' . $blog_id]['ship_country'])) { $ship_country = $_SESSION['addy' . $blog_id]['ship_country']; } if (isset($_SESSION['addy' . $blog_id]['ship_state'])) { $ship_state = $_SESSION['addy' . $blog_id]['ship_state']; if (!is_numeric($ship_state)) { $li = $wpdb->escape($ship_state); $table = $wpdb->prefix . 'eshop_states'; $stateSList = $wpdb->get_var("SELECT id FROM {$table} WHERE code='{$li}' limit 1"); $ship_state = $stateSList; } } if (isset($_SESSION['addy' . $blog_id]['ship_altstate'])) { $ship_altstate = $_SESSION['addy' . $blog_id]['ship_altstate']; } else { $ship_altstate = ''; } if (isset($_SESSION['addy' . $blog_id]['ship_postcode'])) { $ship_postcode = $_SESSION['addy' . $blog_id]['ship_postcode']; } if (isset($_SESSION['addy' . $blog_id]['comments'])) { $comments = $_SESSION['addy' . $blog_id]['comments']; } } else { $first_name = $last_name = $company = $phone = $reference = ''; $email = $address1 = $address2 = $city = $country = ''; $state = $altstate = $zip = $ship_name = $ship_company = ''; $ship_phone = $ship_address = $ship_city = $ship_postcode = ''; $ship_country = $ship_state = $ship_altstate = $comments = ''; $eshopsetcookie = apply_filters('eshop_use_cookie', true); if (isset($_COOKIE["eshopcart"]) && calculate_items() != 0 && $eshopsetcookie == true) { $crumbs = eshop_break_cookie($_COOKIE["eshopcart"]); foreach ($crumbs as $k => $v) { ${$k} = $v; } } if (is_user_logged_in() && isset($eshopoptions['users']) && 'yes' == $eshopoptions['users']) { global $current_user; get_currentuserinfo(); $crumbs = stripslashes_deep(get_the_author_meta('eshop', $current_user->ID)); if (is_array($crumbs)) { foreach ($crumbs as $k => $v) { ${$k} = esc_attr($v); } $first_name = esc_attr($current_user->user_firstname); $last_name = esc_attr($current_user->user_lastname); $email = esc_attr($current_user->user_email); } } } } if ($chkerror != 0 || !isset($espost['submit']) && $numberofproducts >= 1) { // only show form if not filled in. $echoit .= eshopShowform($first_name, $last_name, $company, $phone, $email, $address1, $address2, $city, $state, $altstate, $zip, $country, $reference, $comments, $ship_name, $ship_company, $ship_phone, $ship_address, $ship_city, $ship_postcode, $ship_state, $ship_altstate, $ship_country); } if (isset($_SESSION['eshopcart' . $blog_id])) { switch ($contineproceed) { case '1': $echoit .= '<ul class="continue-proceed eshopcp1"><li class="editcart"><a href="' . get_permalink($eshopoptions['cart']) . '">' . __('« Edit Cart or Continue Shopping', 'eshop') . '</a></li></ul>'; break; case '2': $echoit .= '<ul class="continue-proceed redirect eshopcp2"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>'; break; case '3': $echoit .= '<ul class="continue-proceed redirect eshopcp3"><li class="editcheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('« Edit Details or Continue Shopping', 'eshop') . '</a></li></ul>'; break; } } else { $echoit .= "<p><strong class=\"eshoperror error\">" . __('Your shopping cart is currently empty.', 'eshop') . "</strong></p>"; } return $echoit; }
function eshop_cart_process($data = '') { global $wpdb, $blog_id, $wp_query, $eshopoptions, $_POST; if ($data != '') { $_POST = $data; } if (!isset($_POST['eshopnon'])) { return; } wp_verify_nonce('eshop_add_product_cart'); unset($_POST['eshopnon']); //setup variables: $option = $qty = $pclas = $productid = $pid = $pname = $iprice = ''; $echo = ''; //cache eshop_cache(); //delete the session, empties the cart if (isset($_POST['unset']) || calculate_items() == 0 && isset($_SESSION['eshopcart' . $blog_id]) && sizeof($_SESSION['eshopcart' . $blog_id]) > 0) { unset($_SESSION['eshopcart' . $blog_id]); unset($_SESSION['final_price' . $blog_id]); unset($_SESSION['items' . $blog_id]); $_POST['save'] = 'false'; } if (isset($eshopoptions['min_qty']) && $eshopoptions['min_qty'] != '') { $min = $eshopoptions['min_qty']; } if (isset($eshopoptions['max_qty']) && $eshopoptions['max_qty'] != '') { $max = $eshopoptions['max_qty']; } if (!isset($_POST['save'])) { //on windows this check isn't working correctly, so I've added ==0 if (get_magic_quotes_gpc()) { $_COOKIE = stripslashes_array($_COOKIE); $_FILES = stripslashes_array($_FILES); $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); $_REQUEST = stripslashes_array($_REQUEST); } $_POST = sanitise_array($_POST); //if adding a product to the cart if (isset($_POST['qty']) && !isset($_POST['save']) && (!is_numeric(trim($_POST['qty'])) || strlen($_POST['qty']) > 3)) { $qty = $_POST['qty'] = 1; $v = '999'; if (isset($max)) { $v = $max; } $error = '<p><strong class="eshoperror error">' . sprintf(__('Error: The quantity must contain numbers only, with a maximum of %s.', 'eshop'), $v) . '</strong></p>'; } if (isset($min) && isset($_POST['qty']) && $_POST['qty'] < $min) { $qty = $_POST['qty'] = $min; $v = '999'; if (isset($max)) { $v = $max; } $k = $min; $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } if (isset($max) && isset($_POST['qty']) && $_POST['qty'] > $max) { $qty = $_POST['qty'] = $max; $v = $max; $k = 1; if (isset($min)) { $k = $min; } $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } if (isset($_POST['postid'])) { $stkav = get_post_meta($_POST['postid'], '_eshop_stock', true); $eshop_product = maybe_unserialize(get_post_meta($_POST['postid'], '_eshop_product', true)); } if (isset($_POST['option']) && !isset($_POST['save'])) { $edown = $getprice = $option = $_POST['option']; if (!isset($_POST['qty'])) { $enote = '<p><strong class="eshoperror error">' . __('Warning: you must supply a quantity.', 'eshop') . '</strong></p>'; } $qty = $_POST['qty']; $plcas = ''; if (isset($_POST['pclas'])) { $pclas = $_POST['pclas']; } $productid = $pid = $_POST['pid']; $pname = $_POST['pname']; /* if download option then it must be free shipping */ $postid = $wpdb->escape($_POST['postid']); $eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true)); $dlchk = ''; if (isset($eshop_product['products'][$option]['download'])) { $dlchk = $eshop_product['products'][$option]['download']; } if ($dlchk != '') { $pclas = 'F'; } $iprice = $eshop_product['products'][$option]['price']; if (isset($eshopoptions['sale_prices']) && $eshopoptions['sale_prices'] == 1 && isset($eshopoptions['sale']) && 'yes' == $eshopoptions['sale'] && isset($eshop_product['products'][$option]['saleprice']) && $eshop_product['products'][$option]['saleprice'] != '' && isset($eshop_product['sale']) && $eshop_product['sale'] == 'yes') { $iprice = $eshop_product['products'][$option]['saleprice']; } if ($iprice == '') { $error = '<p><strong class="eshoperror error">' . __('Error: That product is currently not available.', 'eshop') . '</strong></p>'; $option = $_POST['option'] = ''; $qty = $_POST['qty'] = ''; $pclas = $_POST['pclas'] = ''; $productid = $pid = $_POST['pid'] = ''; $pname = $_POST['pname'] = ''; $iprice = ''; } } //unique identifier $optset = ''; if (isset($_POST['optset'])) { $xx = 0; foreach ($_POST['optset'] as $opts) { $optset .= 'os' . $xx . implode('os' . $xx, $opts); $xx++; } } if (!isset($pid)) { $pid = ''; } if (!isset($option)) { $option = ''; } if (!isset($postid)) { $postid = ''; } $identifier = $pid . $option . $postid . $optset; //$needle=array(" ","-","$","\r","\r\n","\n","\\","&","#",";"); $identifier = md5($identifier); //str_replace($needle,"",$identifier); $stocktable = $wpdb->prefix . "eshop_stock"; if (isset($_SESSION['eshopcart' . $blog_id][$identifier])) { $testqty = $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] + $qty; $eshopid = $_SESSION['eshopcart' . $blog_id][$identifier]['postid']; $eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true)); $optnum = $_SESSION['eshopcart' . $blog_id][$identifier]['option']; $item = $eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$identifier]['option']]['option']; if (isset($min) && $testqty < $min) { $qty = 0; $v = '999'; if (isset($max)) { $v = $max; } $k = $min; $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } if (isset($max) && $testqty > $max) { $qty = 0; $v = $max; $k = 1; if (isset($min)) { $k = $min; } $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } if ('yes' == $eshopoptions['stock_control']) { $stkqty = $eshop_product['products'][$optnum]['stkqty']; //recheck stkqty $stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$eshopid} && option_id={$optnum}"); if (isset($stktableqty) && is_numeric($stktableqty)) { $stkqty = $stktableqty; } if (!ctype_digit(trim($testqty)) || strlen($testqty) > 3) { $error = '<p><strong class="eshoperror error">' . __('Error: The quantity must contain numbers only, with a 999 maximum.', 'eshop') . '</strong></p>'; } elseif ('yes' == $eshopoptions['stock_control'] && ($stkav != '1' || $stkqty < $testqty)) { $error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>'; } else { $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] += $qty; } } else { $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] += $qty; } $_SESSION['lastproduct' . $blog_id] = $postid; do_action('eshop_product_updated_cart', $_SESSION['eshopcart' . $blog_id][$identifier]); } elseif ($identifier != '') { $weight = 0; if (isset($_POST['save']) && $_POST['save'] == 'true') { $postid = $_SESSION['eshopcart' . $blog_id][$identifier]['postid']; $optid = $_SESSION['eshopcart' . $blog_id][$identifier]['option']; $optnum = $optid; $testqty = $qty; } else { $postid = $wpdb->escape($_POST['postid']); $optid = $wpdb->escape($_POST['option']); $optnum = $optid; $_SESSION['eshopcart' . $blog_id][$identifier]['postid'] = $postid; $testqty = $qty; } $eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true)); $item = $eshop_product['products'][$optnum]['option']; if ('yes' == $eshopoptions['stock_control']) { $stkqty = $eshop_product['products'][$optnum]['stkqty']; //recheck stkqty $stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$postid} && option_id={$optid}"); if (isset($stktableqty) && is_numeric($stktableqty)) { $stkqty = $stktableqty; } if (!ctype_digit(trim($testqty)) || strlen($testqty) > 3) { $error = '<p><strong class="eshoperror error">' . __('Error: The quantity must contain numbers only, with a 999 maximum.', 'eshop') . '</strong></p>'; } elseif ('yes' == $eshopoptions['stock_control'] && ($stkav != '1' || $stkqty < $testqty)) { $error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>'; //$_SESSION['eshopcart'.$blog_id][$identifier]['qty']=$stkqty; } else { $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] = $qty; } } else { $_SESSION['eshopcart' . $blog_id][$identifier]['qty'] = $qty; } $_SESSION['lastproduct' . $blog_id] = $postid; $_SESSION['eshopcart' . $blog_id][$identifier]['item'] = $item; $_SESSION['eshopcart' . $blog_id][$identifier]['option'] = stripslashes($option); $_SESSION['eshopcart' . $blog_id][$identifier]['pclas'] = stripslashes($pclas); $_SESSION['eshopcart' . $blog_id][$identifier]['pid'] = $pid; $_SESSION['eshopcart' . $blog_id][$identifier]['pname'] = stripslashes($pname); $_SESSION['eshopcart' . $blog_id][$identifier]['price'] = $iprice; if (isset($_POST['optset'])) { foreach ($_POST['optset'] as $k => $v) { $newoptset[] = $v; } $_SESSION['eshopcart' . $blog_id][$identifier]['optset'] = serialize($newoptset); $oset = $qb = array(); $optings = $newoptset; //$opttable=$wpdb->prefix.'eshop_option_sets'; foreach ($optings as $foo => $opst) { $qb[] = "id={$opst['id']}"; } $qbs = implode(" OR ", $qb); $otable = $wpdb->prefix . 'eshop_option_sets'; $orowres = $wpdb->get_results("select weight from {$otable} where {$qbs} ORDER BY id ASC"); $x = 0; foreach ($orowres as $orow) { $weight += $orow->weight; $x++; } } //weights? if (isset($eshop_product['products'][$option]['weight'])) { $weight += $eshop_product['products'][$option]['weight']; } $_SESSION['eshopcart' . $blog_id][$identifier]['weight'] = $weight; if (isset($error)) { unset($_SESSION['eshopcart' . $blog_id][$identifier]); } do_action('eshop_product_added_to_cart', $_SESSION['eshopcart' . $blog_id][$identifier]); } } if (!isset($error)) { //save? not sure why I used that, but its working so why make trouble for myself. if (isset($_POST['save'])) { $save = $_POST['save']; } //this bit is possibly not required if (isset($productid)) { //new item selected ******* may need checking $_SESSION['final_price' . $blog_id] = calculate_price(); $_SESSION['items' . $blog_id] = calculate_items(); } if (isset($_POST['eshopdeleteitem'])) { foreach ($_POST['eshopdeleteitem'] as $chkey => $chkval) { $tochkkey = $chkey; $tochkqty = $_SESSION['eshopcart' . $blog_id][$chkey]['qty']; } } if (isset($eshopoptions['min_qty']) && $eshopoptions['min_qty'] != '') { $min = $eshopoptions['min_qty']; } if (isset($eshopoptions['max_qty']) && $eshopoptions['max_qty'] != '') { $max = $eshopoptions['max_qty']; } if (isset($min) && isset($_POST['qty']) && $_POST['qty'] < $min) { $qty = $_POST['qty'] = $min; $v = '999'; if (isset($max)) { $v = $max; } $k = $min; $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } if (isset($max) && isset($_POST['qty']) && $_POST['qty'] > $max) { $qty = $_POST['qty'] = $max; $v = $max; $k = 1; if (isset($min)) { $k = $min; } $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } //update products in the cart if (isset($_POST['save']) && $_POST['save'] == 'true' && isset($_SESSION['eshopcart' . $blog_id])) { $eshopcartarray = $_SESSION['eshopcart' . $blog_id]; foreach ($eshopcartarray as $productid => $opt) { $needle = array(" ", "."); $sessproductid = str_replace($needle, "_", $productid); foreach ($_POST as $key => $value) { if ($key == $sessproductid) { foreach ($value as $notused => $qty) { if (isset($tochkkey) && $tochkkey == $key && $tochkqty == $qty) { $qty = 0; } if ($qty == "0") { unset($_SESSION['eshopcart' . $blog_id][$productid]); } else { $postid = $eshopid = $_SESSION['eshopcart' . $blog_id][$productid]['postid']; $eshop_product = maybe_unserialize(get_post_meta($postid, '_eshop_product', true)); $optnum = $_SESSION['eshopcart' . $blog_id][$productid]['option']; if (isset($eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$productid]['option']]['stkqty'])) { $stkqty = $eshop_product['products'][$_SESSION['eshopcart' . $blog_id][$productid]['option']]['stkqty']; } //recheck stkqty $stocktable = $wpdb->prefix . "eshop_stock"; $stktableqty = $wpdb->get_var("SELECT available FROM {$stocktable} where post_id={$eshopid} AND option_id={$optnum}"); if (isset($stktableqty) && is_numeric($stktableqty)) { $stkqty = $stktableqty; } if (!ctype_digit(trim($qty)) || strlen($qty) > 3) { $v = '999'; if (isset($max)) { $v = $max; } $error = '<p><strong class="eshoperror error">' . sprintf(__('Error: The quantity must contain numbers only, with a maximum of %s.', 'eshop'), $v) . '</strong></p>'; } elseif ('yes' == $eshopoptions['stock_control'] && $stkqty < $qty) { $error = '<p><strong class="eshoperror error">' . __('Error: That quantity is not available for that product.', 'eshop') . '</strong></p>'; } elseif (isset($min) && isset($qty) && $qty < $min) { $qty = $min; $v = '999'; if (isset($max)) { $v = $max; } $k = $min; $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } elseif (isset($max) && isset($qty) && $qty > $max) { $qty = $max; $v = $max; $k = 1; if (isset($min)) { $k = $min; } $enote = '<p><strong class="eshoperror error">' . sprintf(__('Warning: The quantity must equal or be greater than %s, with a maximum of %s.', 'eshop'), $k, $v) . '</strong></p>'; } else { $_SESSION['eshopcart' . $blog_id][$productid]['qty'] = $qty; } } } } } } $_SESSION['final_price' . $blog_id] = calculate_price(); //$_SESSION['items'.$blog_id] = calculate_items(); } } //any errors will print here. if (isset($error)) { $_SESSION['eshopcart' . $blog_id]['error'] = $error; } if (isset($enote)) { $_SESSION['eshopcart' . $blog_id]['enote'] = $enote; } if (isset($_SESSION['eshopcart' . $blog_id]) && sizeof($_SESSION['eshopcart' . $blog_id]) == '0') { unset($_SESSION['eshopcart' . $blog_id]); unset($_SESSION['final_price' . $blog_id]); unset($_SESSION['items' . $blog_id]); } }
function eshop_downloads($_POST, $images, $content) { global $wpdb, $eshopoptions; //cache eshop_cache(); $table = $wpdb->prefix . "eshop_downloads"; $ordertable = $wpdb->prefix . "eshop_download_orders"; $dir_upload = eshop_download_directory(); $echo = ''; //download is handled via cart functions as it needs to //be accessible before anything is printed on the page if (isset($_POST['code']) && isset($_POST['email'])) { /* Need to add in check about number of downloads here, including unlimited! */ $code = $wpdb->escape($_POST['code']); $email = $wpdb->escape($_POST['email']); $dlcount = $wpdb->get_var("SELECT COUNT(id) FROM {$ordertable} where email='{$email}' && code='{$code}' && downloads!='0'"); if ($dlcount > 0) { $echo .= $content; $tsize = 0; $x = 0; if ($dlcount > 1 && $eshopoptions['downloads_hideall'] != 'yes') { $echo .= '<p class="jdl"><a href="#dlall">' . __('Download all files', 'eshop') . '</a></p>'; } $dlresult = $wpdb->get_results("Select * from {$ordertable} where email='{$email}' && code='{$code}' && downloads!='0'"); foreach ($dlresult as $dlrow) { //download single items. $filepath = $dir_upload . $dlrow->files; $dlfilesize = eshop_filesize($dlrow->files); $tsize = $tsize + $dlfilesize; if ($dlrow->downloads == 1) { $dlword = __('download', 'eshop'); } else { $dlword = __('downloads', 'eshop'); } $imagetoadd = ''; if ($images == 'add') { $checkit = wp_check_filetype($filepath); $eshopext = wp_ext2type($checkit['ext']); $eshopfiletypeimgurl = wp_mime_type_icon($eshopext); $eshophead = wp_remote_head($eshopfiletypeimgurl); $eshophresult = wp_remote_retrieve_response_code($eshophead); if ($eshophresult == '200' || $eshophresult == '302') { $dims = getimagesize($eshopfiletypeimgurl); } if (is_array($dims)) { $dimensions = $dims[3]; } else { $dimensions = ''; } $imagetoadd = apply_filters('eshop_download_imgs', '<img class="eshop-download-icon" src="' . $eshopfiletypeimgurl . '" ' . $dimensions . ' alt="" />', $checkit['ext']); } $dltitle = strlen($dlrow->title) >= 20 ? substr($dlrow->title, 0, 20) . "…" : $dlrow->title; $echo .= ' <form method="post" action="" class="eshop dlproduct"><fieldset> <legend>' . $dltitle . ' (' . check_filesize($dlfilesize) . ')</legend> ' . $imagetoadd . ' <input name="email" type="hidden" value="' . $_POST['email'] . '" /> <input name="code" type="hidden" value="' . $_POST['code'] . '" /> <input name="id" type="hidden" value="' . $dlrow->id . '" /> <input name="eshoplongdownloadname" type="hidden" value="yes" /> <label for="ro' . $x . '">' . __('Number of downloads remaining', 'eshop') . '</label> <input type="text" readonly="readonly" name="ro" class="ro" id="ro' . $x . '" value="' . $dlrow->downloads . '" /> <span class="buttonwrap"><input type="submit" class="button" id="submit' . $x . '" name="Submit" value="' . __('Download', 'eshop') . ' ' . $dltitle . '" /></span> </fieldset></form>'; $x++; $size = 0; } if ($dlcount > 1 && $eshopoptions['downloads_hideall'] != 'yes') { //download all form. $echo .= ' <form method="post" action="" id="dlall" class="eshop"><fieldset> <legend>' . __('Download all files', 'eshop') . ' (' . check_filesize($tsize) . ') ' . __('in one zip file.', 'eshop') . '</legend> <input name="email" type="hidden" value="' . $_POST['email'] . '" /> <input name="code" type="hidden" value="' . $_POST['code'] . '" /> <input name="id" type="hidden" value="all" /> <input name="eshoplongdownloadname" type="hidden" value="yes" /> <p><span class="buttonwrap"><input class="button" type="submit" id="submit" name="Submit" value="' . __('Download All Files', 'eshop') . '" /></span></p> </fieldset></form> '; } //allow plugin to change output, validated email/passcode already $echo = apply_filters('eshop_download_page', $echo, $code, $email); } else { $prevdlcount = $wpdb->get_var("SELECT COUNT(id) FROM {$ordertable} where email='{$email}' && code='{$code}'"); if ($dlcount == $prevdlcount) { $error = '<p class="eshoperror error">' . __('Either your email address or code is incorrect, please try again.', 'eshop') . '</p>'; } else { $error = '<p class="eshoperror error">' . __('Your email address and code are correct, however you have no downloads remaining.', 'eshop') . '</p>'; } $echo .= eshop_dloadform($email, $code, $error); } } else { $echo .= eshop_dloadform('', ''); } return $echo; }
function eshop_show_cart() { global $wpdb, $blog_id, $wp_query, $eshopoptions; $echo = ''; include "cart-functions.php"; //cache eshop_cache(); if (isset($_SESSION['eshopcart' . $blog_id]['error'])) { $echo .= $_SESSION['eshopcart' . $blog_id]['error']; unset($_SESSION['eshopcart' . $blog_id]['error']); } if (isset($_SESSION['eshopcart' . $blog_id]['enote'])) { $echo .= $_SESSION['eshopcart' . $blog_id]['enote']; unset($_SESSION['eshopcart' . $blog_id]['enote']); } if (isset($_SESSION['eshopcart' . $blog_id])) { if (isset($wp_query->query_vars['eshopaction']) && urldecode($wp_query->query_vars['eshopaction']) == 'cancel' && !isset($_POST['save'])) { $echo .= "<h3>" . __('The order was cancelled.', 'eshop') . "</h3>"; $echo .= '<p>' . __('We have not deleted the contents of your shopping cart in case you may want to edit its content.', 'eshop') . '</p>'; } if ($eshopoptions['shop_page'] != '') { $return = get_permalink($eshopoptions['shop_page']); } elseif (isset($_SESSION['lastproduct' . $blog_id])) { $return = get_permalink($_SESSION['lastproduct' . $blog_id]); } else { $return = get_permalink($eshopoptions['cart']); } $echo .= display_cart($_SESSION['eshopcart' . $blog_id], 'true', $eshopoptions['checkout']); $echo .= '<ul class="continue-proceed eshopcp0"><li class="rtnshopping"><a href="' . $return . '">' . __('« Continue Shopping', 'eshop') . '</a></li> <li class="gotocheckout"><a href="' . get_permalink($eshopoptions['checkout']) . '">' . __('Proceed to Checkout »', 'eshop') . '</a></li></ul>'; } else { //can be altered as desired. $echo .= '<p><strong class="eshoperror error">' . __('Your shopping cart is currently empty.', 'eshop') . '</strong></p>'; } return $echo; }