public function Render() { $extPath = SMExtensionManager::GetExtensionPath($this->context->GetExtensionName()); SMEnvironment::GetMasterTemplate()->RegisterResource(SMTemplateResource::$StyleSheet, $extPath . "/JSShop/Views/Basket.css", true); $output = "\n\t\t<div id=\"" . $this->context->GetExtensionName() . "BasketContainer\"></div>\n\t\t<br>\n\t\t<div id=\"" . $this->context->GetExtensionName() . "OrderFormContainer\"></div>\n\n\t\t<script type=\"text/javascript\">\n\n\t\tJSShop.Initialize(function()\n\t\t{\n\t\t\tvar b = new JSShop.Presenters.Basket();\n\t\t\tb.Render(document.getElementById(\"" . $this->context->GetExtensionName() . "BasketContainer\"));\n\n\t\t\tvar o = new JSShop.Presenters.OrderForm();\n\t\t\to.Render(document.getElementById(\"" . $this->context->GetExtensionName() . "OrderFormContainer\"));\n\t\t});\n\n\t\t</script>\n\t\t"; return $output; }
public function Render() { // Get Category ID $catId = SMEnvironment::GetQueryValue("SMShopCategory"); // Load products $ds = new SMDataSource("SMShopProducts"); $where = $catId !== null && $catId !== "Overview" ? "CategoryId = '" . $ds->Escape($catId) . "'" : ""; $products = $ds->Select("*", $where); if ($catId !== "Overview" && count($products) > 0 && $products[0]["CategoryId"] !== $catId) { // SEO: Make CategoryId case sensitive $products = array(); } // Add additional data foreach ($products as $prod) { // Notice: Data in DataSource uses lowercase keys. // Therefore place holders in template, to which data is mapped, // will be transformed to lowercase keys (see lowerCasePlaceHolders(..)). // Entries added below therefore also have to use lowercase keys. if ($prod["Vat"] === "" || (double) $prod["Vat"] === 0.0) { $prod["fullprice"] = $prod["Price"]; } else { $prod["fullprice"] = (string) round((double) $prod["Price"] + (double) $prod["Price"] * ((double) $prod["Vat"] / 100), 2); } $prod["buy"] = $this->lang->GetTranslation("Buy"); $prod["readmore"] = $this->lang->GetTranslation("ReadMore"); } // Set page title $title = $catId === "Overview" ? $this->lang->GetTranslation("Overview") : (count($products) > 0 ? $products[0]["Category"] : $this->lang->GetTranslation("NoProducts")); $this->context->GetTemplate()->ReplaceTag(new SMKeyValue("Title", $title)); $output = "<h1>" . $title . "</h1>"; // Load view and populate data $extPath = SMExtensionManager::GetExtensionPath($this->context->GetExtensionName()); SMEnvironment::GetMasterTemplate()->RegisterResource(SMTemplateResource::$StyleSheet, $extPath . "/JSShop/Views/ProductList.css", true); $view = new SMTemplate($extPath . "/JSShop/Views/ProductList.html"); $this->lowerCasePlaceHolders($view); // Data in DataSource uses lowercase keys, so place holders must use the same casing $view->ReplaceTagsRepeated("Products", $products); // Insert images $images = array(); foreach ($products as $prod) { if ($prod["Images"] === "") { continue; } $images = array(); foreach (explode(";", $prod["Images"]) as $src) { $images[] = new SMKeyValueCollection(); $images[count($images) - 1]["image"] = $src; } $view->ReplaceTagsRepeated("Images" . $prod["Id"], $images); } // Add JSShop init script $output .= "\n\t\t<script type=\"text/javascript\">\n\n\t\tJSShop.Initialize(function()\n\t\t{\n\t\t\tJSShop.Presenters.ProductList.Initialize(document.getElementById('JSShopProductList'));\n\t\t});\n\n\t\t</script>\n\t\t"; // Return result return $output . $view->GetContent(); }
<?php // Security if ($SMCallback !== true) { echo "Unauthorized!"; // Not executed in the context of Sitemagic exit; } $ip = SMEnvironment::GetEnvironmentValue("REMOTE_ADDR"); $ip = $ip !== null ? $ip : ""; // DataSource definitions. // NOTICE: Some fields have MaxLength multiplied by 8 to support the length of encoded Unicode characters. $dataSourcesAllowed = array("SMShopProducts" => array("AuthRequired" => array("Create", "Update", "Delete"), "XmlLockRequired" => array(), "XmlTimeOut" => -1, "XmlMemoryRequired" => -1, "OrderBy" => "Category ASC, Title ASC", "Fields" => array("Id" => array("DataType" => "string", "MaxLength" => 30 * 8), "Category" => array("DataType" => "string", "MaxLength" => 50 * 8), "CategoryId" => array("DataType" => "string", "MaxLength" => 50 + 20), "Title" => array("DataType" => "string", "MaxLength" => 250 * 8), "Description" => array("DataType" => "string", "MaxLength" => 1000 * 8), "Images" => array("DataType" => "string", "MaxLength" => 1000), "Price" => array("DataType" => "number", "MaxLength" => 100), "Vat" => array("DataType" => "number", "MaxLength" => 100), "Currency" => array("DataType" => "string", "MaxLength" => 3), "Weight" => array("DataType" => "number", "MaxLength" => 100), "WeightUnit" => array("DataType" => "string", "MaxLength" => 3), "DeliveryTime" => array("DataType" => "string", "MaxLength" => 50 * 8), "DiscountExpression" => array("DataType" => "string", "MaxLength" => 250), "DiscountMessage" => array("DataType" => "string", "MaxLength" => 250 * 8))), "SMShopOrders" => array("AuthRequired" => array("Retrieve", "Update", "Delete", "RetrieveAll"), "XmlLockRequired" => array("Create", "Update", "Delete"), "XmlTimeOut" => 180, "XmlMemoryRequired" => 512, "OrderBy" => "", "Fields" => array("Id" => array("DataType" => "string", "MaxLength" => 50), "Time" => array("DataType" => "number", "MaxLength" => 15, "ForceInitialValue" => (string) (time() * 1000)), "ClientIp" => array("DataType" => "string", "MaxLength" => 45, "ForceInitialValue" => $ip), "Company" => array("DataType" => "string", "MaxLength" => 50 * 8), "FirstName" => array("DataType" => "string", "MaxLength" => 50 * 8), "LastName" => array("DataType" => "string", "MaxLength" => 50 * 8), "Address" => array("DataType" => "string", "MaxLength" => 50 * 8), "ZipCode" => array("DataType" => "string", "MaxLength" => 20), "City" => array("DataType" => "string", "MaxLength" => 50 * 8), "Email" => array("DataType" => "string", "MaxLength" => 50 * 8), "Phone" => array("DataType" => "string", "MaxLength" => 20), "Message" => array("DataType" => "string", "MaxLength" => 250 * 8), "AltCompany" => array("DataType" => "string", "MaxLength" => 50 * 8), "AltFirstName" => array("DataType" => "string", "MaxLength" => 50 * 8), "AltLastName" => array("DataType" => "string", "MaxLength" => 50 * 8), "AltAddress" => array("DataType" => "string", "MaxLength" => 50 * 8), "AltZipCode" => array("DataType" => "string", "MaxLength" => 20), "AltCity" => array("DataType" => "string", "MaxLength" => 50 * 8), "Price" => array("DataType" => "number", "MaxLength" => 100), "Vat" => array("DataType" => "number", "MaxLength" => 100), "Currency" => array("DataType" => "string", "MaxLength" => 3), "Weight" => array("DataType" => "number", "MaxLength" => 100), "WeightUnit" => array("DataType" => "string", "MaxLength" => 3), "ShippingExpense" => array("DataType" => "number", "MaxLength" => 100), "ShippingVat" => array("DataType" => "number", "MaxLength" => 100), "ShippingMessage" => array("DataType" => "string", "MaxLength" => 250 * 8), "PaymentMethod" => array("DataType" => "string", "MaxLength" => 50), "TransactionId" => array("DataType" => "string", "MaxLength" => 100), "State" => array("DataType" => "string", "MaxLength" => 20)), "Callbacks" => array("File" => dirname(__FILE__) . "/DSCallbacks/Order.php", "Functions" => array("Create" => "SMShopProcessNewOrder", "CreateCompleted" => "SMShopFinalizeNewOrder", "Retrieve" => null, "RetrieveAll" => null, "Update" => null, "Delete" => "SMShopDeleteOrderEntries"))), "SMShopOrderEntries" => array("AuthRequired" => array("Retrieve", "Update", "Delete", "RetrieveAll"), "XmlLockRequired" => array("Create", "Update", "Delete"), "XmlTimeOut" => 180, "XmlMemoryRequired" => 512, "OrderBy" => "", "Fields" => array("Id" => array("DataType" => "string", "MaxLength" => 50), "OrderId" => array("DataType" => "string", "MaxLength" => 50), "ProductId" => array("DataType" => "string", "MaxLength" => 30 * 8), "UnitPrice" => array("DataType" => "number", "MaxLength" => 100), "Vat" => array("DataType" => "number", "MaxLength" => 100), "Currency" => array("DataType" => "string", "MaxLength" => 3), "Units" => array("DataType" => "number", "MaxLength" => 100), "Discount" => array("DataType" => "number", "MaxLength" => 100), "DiscountMessage" => array("DataType" => "string", "MaxLength" => 250 * 8)))); // Functions // Important: // XMLHttpRequest communicates in UTF-8, always! // UTF-8 comes in, UTF-8 must come out. // Whenever data is passed to parts of Sitemagic, // make sure data is transformed to ISO-8859-1! function SMShopGetJsonData() { $data = file_get_contents("php://input"); // Read JSON data sent to server without a POST key $json = json_decode($data, true); // XMLHttpRequest always sends UTF-8 which is also what json_decode(..) expects $json = SMShopDecodeArrayFromUtf8ToLatin1($json); // Convert data to ISO-8859-1 return $json; } function SMShopDecodeArrayFromUtf8ToLatin1($arr) {
// Step 2: PSP invokes callback to let us know payment was received. $operation = SMEnvironment::GetQueryValue("PaymentOperation"); if ($operation === null) { $orderId = SMEnvironment::GetQueryValue("OrderId"); $order = getOrder($orderId); if ($order["State"] !== "Initial") { header("HTTP/1.1 500 Internal Server Error"); echo "Order with ID '" . $orderId . "' has already been processed"; exit; } $amount = (int) round(((double) $order["Price"] + (double) $order["Vat"]) * 100); // Amount in smallest possible unit (e.g. USD 10095 = USD 100.95) $currency = $order["Currency"]; $continueUrl = SMEnvironment::GetExternalUrl(); $continueUrl .= SMAttributes::GetAttribute("SMShopReceiptPage") !== null && SMAttributes::GetAttribute("SMShopReceiptPage") !== "" ? "/" . SMAttributes::GetAttribute("SMShopReceiptPage") : ""; $callbackUrl = SMEnvironment::GetExternalUrl() . "/" . SMExtensionManager::GetCallbackUrl(SMExtensionManager::GetExecutingExtension(), "Callbacks/Payment") . "&PaymentOperation=Auth"; $p = PSP::GetPaymentProvider($order["PaymentMethod"]); $p->RedirectToPaymentForm($orderId, $amount, $currency, $continueUrl, $callbackUrl); } else { if ($operation === "Auth") { $data = PSP::GetCallbackData(); // Securely obtain data passed to callback $transactionId = $data["TransactionId"]; // String $orderId = $data["OrderId"]; // String //$amount = $data["Amount"]; // Integer //$currency = $data["Currency"]; // String $order = getOrder($orderId); $order["TransactionId"] = $transactionId; $order["State"] = "Authorized";
// Should never be true - Guids ought to be unique $newFilename = SMRandom::CreateGuid() . $extension; } // Move file if (move_uploaded_file($_FILES["SelectedFile"]["tmp_name"], $dir . "/" . $newFilename) === false) { header("HTTP/1.1 500 Internal Server Error"); echo "Error moving temporary file"; exit; } echo $dir . "/" . $newFilename; // Write new filename back to client on success } else { if ($command === "Remove") { $paths = null; $file = SMEnvironment::GetPostValue("File"); $files = SMEnvironment::GetPostValue("Files"); if ($file !== null) { $paths = array($file); } else { if ($files !== null) { $paths = explode(";", $files); } } if ($paths === null) { header("HTTP/1.1 500 Internal Server Error"); echo "Error - unable to remove files - no path(s) given"; exit; } foreach ($paths as $path) { // Make sure $path is a safe path (e.g. does not contain ../../), and make sure the file referenced is found in $imagesFolder if (SMStringUtilities::Validate($path, SMValueRestriction::$SafePath) === false || strpos($path, $imagesFolder) !== 0) {
public function Render() { if (SMEnvironment::GetQueryValue("SMShopEditProducts") !== null) { if (SMAuthentication::Authorized() === false) { SMExtensionManager::ExecuteExtension(SMExtensionManager::GetDefaultExtension()); } $frm = new SMShopFrmShop($this->context); return $frm->Render(); } if (SMEnvironment::GetQueryValue("SMShopBasket") !== null) { $frm = new SMShopFrmBasket($this->context); return $frm->Render(); } else { $frm = new SMShopFrmProducts($this->context); return $frm->Render(); } }