function saasta_confirm_order($ext_id)
{
global $saasta_products, $wpdb;
$tbl_orders = $wpdb->prefix . "orders";
$i = $wpdb->escape($ext_id);
$q = $wpdb->get_row("SELECT email,id,order_state,address,price FROM {$tbl_orders} WHERE order_ext_uid='" . $i . "'");
if ($q) {
// Mark new orders as 'confirmed':
if ($q->order_state == 'inbox') {
$wpdb->query("UPDATE {$tbl_orders} SET order_state = 'confirmed' WHERE id = {$q->id}");
}
// Let the user know about his confirmation:
if ($q->order_state == 'inbox' || $q->order_state == 'confirmed') {
echo "<h2>Order #{$q->id} confirmed and waiting for payment</h2>";
$price = $q->price;
$return_url = saasta_get_shop_base_url() . "&thanks=true";
print "<p>Please click the below PayPal button to pay for your purchase:</p>";
print "<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">\n";
print "<input type=\"hidden\" name=\"cmd\" value=\"_xclick\">\n";
print "<input type=\"hidden\" name=\"business\" value=\"jjhellst@gmail.com\">\n";
print "<input type=\"hidden\" name=\"item_name\" value=\"Saasta Merchandise\">\n";
print "<input type=\"hidden\" name=\"item_number\" value=\"{$q->id}\">\n";
print "<input type=\"hidden\" name=\"amount\" value=\"{$price}\">\n";
print "<input type=\"hidden\" name=\"no_shipping\" value=\"0\">\n";
print "<input type=\"hidden\" name=\"no_note\" value=\"1\">\n";
print "<input type=\"hidden\" name=\"page_style\" value=\"Saasta\">\n";
print "<input type=\"hidden\" name=\"currency_code\" value=\"EUR\">\n";
print "<input type=\"hidden\" name=\"return\" value=\"{$return_url}\">\n";
print "<input type=\"hidden\" name=\"lc\" value=\"FI\">\n";
print "<input type=\"hidden\" name=\"bn\" value=\"PP-BuyNowBF\">\n";
print "<input type=\"image\" src=\"https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif\" border=\"0\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online!\">\n";
print "<img alt=\"\" border=\"0\" src=\"https://www.paypal.com/en_US/i/scr/pixel.gif\" width=\"1\" height=\"1\">\n";
print "</form>\n";
print "<p>Once we have received your payment, we will process your order and deliver your products to the following address:</p>\n";
print "<pre style=\"font-size:1.2em\">{$q->address}</pre>\n";
print "<p>Thank you!</p\n";
} else {
if ($q->order_state == 'paid') {
echo "<h2>Order #{$q->id} paid and waiting to be delivered</h2>";
}
}
} else {
echo '<h2>Unknown order!</h2>';
}
}
function saasta_send_confirmation_email($order_id)
{
global $wpdb;
global $saasta_products;
$tbl_orders = $wpdb->prefix . "orders";
$tbl_orders_products = $wpdb->prefix . "orders_products";
$q = $wpdb->get_row("SELECT email,order_ext_uid,address,price FROM {$tbl_orders} WHERE id = {$order_id}");
// TODO hardcoded URL :( -- how can we get the page id without hardcoding it?
$page_url = saasta_get_shop_base_url();
$confirm_url = $page_url . "&confirm_id=" . $q->order_ext_uid;
$order_text = "";
$ordered_prods = $wpdb->get_results("SELECT product_id,qty FROM saasta_orders_products WHERE order_id = {$order_id}");
foreach ($ordered_prods as $p) {
$prod_name = $saasta_products[$p->product_id]['name'];
$order_text = $order_text . "{$prod_name} (quantity: {$p->qty})\n";
}
if ($q) {
$text = "\nThank you for ordering our products!\n\nIn order to complete your order, we request you to confirm your order by clicking the following link:\n\n{$confirm_url}\n\nThis will let us know that your purchase was genuine and not initiated by a nasty spammer.\n\nHere's a summary of your order:\n\n{$order_text}\n\nPrice: {$q->price} EUR\n\nOnce confirmed and paid, the products you ordered will be sent to the following address:\n\n{$q->address}\n\nThank you!\n";
wp_mail($q->email, "saasta.fi // Purchase Confirmation", $text);
} else {
die("Couldn't find purchase order!");
}
}
