/**
* the first thing after checkout.
*
*/
public function preprocess()
{
//eDebug($this->params,true);
global $order, $user, $db;
//eDebug($_POST, true);
// get the shippnig and billing objects, these objects handle the setting up the billing/shipping methods
// and their calculators
$shipping = new shipping();
$billing = new billing();
// since we're skipping the billing method selection, do it here
$billing->billingmethod->update($this->params);
//this is just dumb. it doesn't update the object, refresh doesn't work, and I'm tired
$billing = new billing();
if (!$user->isLoggedIn()) {
flash('message', gt("It appears that your session has expired. Please log in to continue the checkout process."));
expHistory::redirecto_login(makeLink(array('module' => 'cart', 'action' => 'checkout'), 'secure'));
}
// Make sure all the pertanent data is there...otherwise flash an error and redirect to the checkout form.
if (empty($order->orderitem)) {
flash('error', gt('There are no items in your cart.'));
}
if (empty($shipping->calculator->id) && !$shipping->splitshipping) {
flash('error', gt('You must pick a shipping method'));
}
if (empty($shipping->address->id) && !$shipping->splitshipping) {
flash('error', gt('You must pick a shipping address'));
}
if (empty($billing->calculator->id)) {
flash('error', gt('You must pick a billing method'));
}
if (empty($billing->address->id)) {
flash('error', gt('You must select a billing address'));
}
// make sure all the methods picked for shipping meet the requirements
foreach ($order->getShippingMethods() as $smid) {
$sm = new shippingmethod($smid);
$calcname = $db->selectValue('shippingcalculator', 'calculator_name', 'id=' . $sm->shippingcalculator_id);
$calc = new $calcname($sm->shippingcalculator_id);
$ret = $calc->meetsCriteria($sm);
if (is_string($ret)) {
flash('error', $ret);
}
}
// if we encounterd any errors we will return to the checkout page and show the errors
if (!expQueue::isQueueEmpty('error')) {
redirect_to(array('controller' => 'cart', 'action' => 'checkout'));
}
// get the billing options..this is usually the credit card info entered by the user
$opts = $billing->calculator->userFormUpdate($this->params);
//$billing->calculator->preprocess($this->params);
//eDebug($opts);
expSession::set('billing_options', $opts);
//$o = expSession::get('billing_options');
//eDebug($o,true);
//eDebug($this->params,true);
//this should probably be genericized a bit more - currently assuming order_type parameter is present, or defaults
//eDebug($order->getDefaultOrderType(),true);
$order->setOrderType($this->params);
$order->setOrderStatus($this->params);
//eDebug($order,true);
// final the cart totals
$order->calculateGrandTotal();
//eDebug($order,true);
// call the billing mehod's preprocess in case it needs to prepare things.
// eDebug($billing);
$result = $billing->calculator->preprocess($billing->billingmethod, $opts, $this->params, $order);
// once in a while it appears the payment processor will return a nullo value in the errorCode field
// which the previous check takes as a TRUE, as 0, null, and empty will all equate out the same using the ==
// adding the === will specifically test for a 0 and only a 0, which is what we want
if (empty($result->errorCode)) {
redirect_to(array('controller' => 'cart', 'action' => 'confirm'));
} else {
flash('error', gt('An error was encountered while processing your transaction.') . '<br /><br />' . $result->message);
expHistory::back();
}
}
function renderAction(array $parms = array())
{
global $user;
//Get some info about the controller
$baseControllerName = expModules::getControllerName($parms['controller']);
$fullControllerName = expModules::getControllerClassName($parms['controller']);
$controllerClass = new ReflectionClass($fullControllerName);
// Figure out the action to use...if the specified action doesn't exist then
// we look for the index action.
if ($controllerClass->hasMethod($parms['action'])) {
$action = $parms['action'];
/* TODO: Not sure if this needs to be here. FJD
$meth = $controllerClass->getMethod($action);
if ($meth->isPrivate()) expQueue::flashAndFlow('error', 'The requested action could not be performed: Action not found');*/
} elseif ($controllerClass->hasMethod('index')) {
$action = 'index';
} elseif ($controllerClass->hasMethod('showall')) {
$action = 'showall';
} else {
expQueue::flashAndFlow('error', gt('The requested action could not be performed: Action not found'));
}
// initialize the controller.
$src = isset($parms['src']) ? $parms['src'] : null;
$controller = new $fullControllerName($src, $parms);
//Set up the template to use for this action
global $template;
$view = !empty($parms['view']) ? $parms['view'] : $action;
$template = get_template_for_action($controller, $view, $controller->loc);
// have the controller assign knowledge about itself to the template.
// this has to be done after the controller get the template for its actions
$controller->moduleSelfAwareness();
//if this controller is being called by a container then we should have a module title.
if (isset($parms['moduletitle'])) {
$template->assign('moduletitle', $parms['moduletitle']);
}
//setup some default models for this controller's actions to use
foreach ($controller->getModels() as $model) {
$controller->{$model} = new $model(null, false, false);
//added null,false,false to reduce unnecessary queries. FJD
}
// add the $_REQUEST values to the controller <- pb: took this out and passed in the params to the controller constructor above
//$controller->params = $parms;
//check the perms for this action
$perms = $controller->permissions();
//we have to treat the update permission a little different..it's tied to the create/edit
//permissions. Really the only way this will fail will be if someone bypasses the perm check
//on the edit form somehow..like a hacker trying to bypass the form and just submit straight to
//the action. To safeguard, we'll catch if the action is update and change it either to create or
//edit depending on whether an id param is passed to. that should be sufficient.
$common_action = null;
if ($parms['action'] == 'update') {
$perm_action = !isset($parms['id']) || $parms['id'] == 0 ? 'create' : 'edit';
} elseif ($parms['action'] == 'saveconfig') {
$perm_action = 'configure';
} else {
// action convention for controllers that manage more than one model (datatype).
// if you preface the name action name with a common crud action name we can check perms on
// it with the developer needing to specify any...better safe than sorry.
// i.e if the action is edit_mymodel it will be checked against the edit permission
if (stristr($parms['action'], '_')) {
$parts = explode("_", $parms['action']);
}
$common_action = isset($parts[0]) ? $parts[0] : null;
$perm_action = $parms['action'];
}
if (array_key_exists($perm_action, $perms)) {
if (!expPermissions::check($perm_action, $controller->loc)) {
if (expTheme::inAction()) {
flash('error', gt("You don't have permission to") . " " . $perms[$perm_action]);
expHistory::returnTo('viewable');
} else {
return false;
}
}
} elseif (array_key_exists($common_action, $perms)) {
if (!expPermissions::check($common_action, $controller->loc)) {
if (expTheme::inAction()) {
flash('error', gt("You don't have permission to") . " " . $perms[$common_action]);
expHistory::returnTo('viewable');
} else {
return false;
}
}
} elseif (array_key_exists($perm_action, $controller->requires_login)) {
// check if the action requires the user to be logged in
if (!$user->isLoggedIn()) {
$msg = empty($controller->requires_login[$perm_action]) ? gt("You must be logged in to perform this action") : $controller->requires_login[$perm_action];
flash('error', $msg);
expHistory::redirecto_login();
}
} elseif (array_key_exists($common_action, $controller->requires_login)) {
// check if the action requires the user to be logged in
if (!$user->isLoggedIn()) {
$msg = empty($controller->requires_login[$common_action]) ? gt("You must be logged in to perform this action") : $controller->requires_login[$common_action];
flash('error', $msg);
expHistory::redirecto_login();
}
}
// run the action
$controller->{$action}();
//register this controllers permissions to the view for in view perm checks
$template->register_permissions(array_keys($perms), $controller->loc);
// pass this controllers config off to the view
$template->assign('config', $controller->config);
// globalizing $user inside all templates
$template->assign('user', $user);
//assign the controllers basemodel to the view
$template->assign('modelname', $controller->basemodel_name);
if (empty($parms['no_output'])) {
$template->output();
} else {
$html = $template->render();
return $html;
}
//$html = $template->output();
//return $html;
}
