/** * Purchase product function * this function is POST */ function purchaseProduct() { $productIns = new BuckysShopProduct(); $orderIns = new BuckysShopOrder(); $buyerID = get_secure_integer($_REQUEST['buyerID']); $productID = get_secure_integer($_REQUEST['productID']); $userID = buckys_is_logged_in(); //Can you purchase this item? if ($buyerID != $userID) { buckys_redirect('/shop/view.php?id=' . $productID, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } //Product is active? $prodData = $productIns->getProductById($productID, false); if (!$prodData || $prodData['status'] == BuckysShopProduct::STATUS_INACTIVE) { echo "here"; exit; buckys_redirect('/shop/index.php' . $productID, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Is this your product? if ($prodData['userID'] == $buyerID) { buckys_redirect('/shop/view.php?id=' . $productID, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } //Shipping price is set? if (!$prodData['isDownloadable']) { $shippingPrice = fn_buckys_get_available_shipping_price($buyerID, $productID); if ($shippingPrice === null) { buckys_redirect('/shop/view.php?id=' . $productID, 'This item can not be shipped to your address. Check your shipping address or contact the owner.', MSG_TYPE_ERROR); } } else { $shippingPrice = 0; } //Do you have money? $balance = BuckysBitcoin::getUserWalletBalance($buyerID); $balance = 100; $total = $prodData['price'] + $shippingPrice; if ($total > $balance) { buckys_redirect('/shop/view.php?id=' . $productID, 'You do not have bitcoin enough to purchase this item.', MSG_TYPE_ERROR); } //Purchase product $flag = $orderIns->makePayment($buyerID, $prodData['userID'], $total); if ($flag) { if (!$prodData['isDownloadable']) { $buyerShippingInfoID = $orderIns->createShippingInfo($buyerID); } else { $buyerShippingInfoID = 0; } $param = ['sellerID' => $prodData['userID'], 'buyerID' => $buyerID, 'productID' => $productID, 'unitPrice' => $prodData['price'], 'shippingPrice' => $shippingPrice, 'totalPrice' => $total, 'buyerShippingID' => $buyerShippingInfoID, 'trackingNo' => '', 'createdDate' => date('Y-m-d H:i:s'), 'status' => BuckysShopOrder::STATUS_SOLD]; if ($orderIns->createOrder($param)) { buckys_redirect('/shop/purchase.php', 'You have purchased an item successfully!', MSG_TYPE_SUCCESS); } else { buckys_redirect('/shop/view.php?id=' . $productID, 'Something goes wrong with your purchase. Please contact customer support!', MSG_TYPE_ERROR); } } else { buckys_redirect('/shop/view.php?id=' . $productID, 'Payment problem. Please contact customer support!', MSG_TYPE_ERROR); } }