unset($_SESSION['promotion_notices']); $cart['pending_coupon'] = strtolower(trim($_REQUEST['coupon_code'])); $cart['recalculate'] = true; if (!empty($cart['chosen_shipping'])) { $cart['calculate_shipping'] = true; } return array(CONTROLLER_STATUS_OK); } if ($mode == 'add_profile') { if (fn_image_verification('register', $_REQUEST) == false) { fn_save_post_data('user_data'); return array(CONTROLLER_STATUS_REDIRECT, 'checkout.checkout?login_type=register'); } if (list($user_id, $profile_id) = fn_update_user(0, $_REQUEST['user_data'], $auth, false, true)) { $profile_fields = fn_get_profile_fields('O'); db_query("DELETE FROM ?:user_session_products WHERE session_id = ?s AND type = ?s AND user_type = ?s", Session::getId(), 'C', 'U'); fn_save_cart_content($cart, $user_id); fn_login_user($user_id); $step = 'step_two'; if (empty($profile_fields['B']) && empty($profile_fields['S'])) { $step = 'step_three'; } $suffix = '?edit_step=' . $step; } else { fn_save_post_data('user_data'); $suffix = '?login_type=register'; } return array(CONTROLLER_STATUS_OK, 'checkout.checkout' . $suffix); } if ($mode == 'customer_info') { $redirect_params = array();
/** * Make cmpi_lookup request to 3-D Secure sevice provider * * @param array $processor_data Payment processor data * @param array $order_info Order information * @return boolean true */ function fn_cmpi_lookup($processor_data, $order_info, $mode = '') { unset($_SESSION['cmpi']); $amount = preg_replace('/\\D/', '', $order_info['total']); // array with ISO codes of currencies. //TODO: move to database. $iso4217 = array('USD' => 840, 'GBP' => 826, 'EUR' => 978, 'AUD' => 036, 'CAD' => 124, 'JPY' => 392); $settings = array('processor_id', 'merchant_id', 'transaction_password', 'transaction_url'); foreach ($settings as $setting) { $_SESSION['cmpi'][$setting] = $processor_data['processor_params'][$setting]; } $cardinal_request = <<<EOT <CardinalMPI> <MsgType>cmpi_lookup</MsgType> <Version>1.7</Version> <ProcessorId>{$_SESSION['cmpi']['processor_id']}</ProcessorId> <MerchantId>{$_SESSION['cmpi']['merchant_id']}</MerchantId> <TransactionPwd>{$_SESSION['cmpi']['transaction_password']}</TransactionPwd> <TransactionType>C</TransactionType> <Amount>{$amount}</Amount> <CurrencyCode>{$iso4217[$processor_data['processor_params']['currency']]}</CurrencyCode> <CardNumber>{$order_info['payment_info']['card_number']}</CardNumber> <CardExpMonth>{$order_info['payment_info']['expiry_month']}</CardExpMonth> <CardExpYear>20{$order_info['payment_info']['expiry_year']}</CardExpYear> <OrderNumber>{$order_info['order_id']}</OrderNumber> <OrderDesc>Order #{$order_info['order_id']}; customer: {$order_info['b_firstname']} {$order_info['b_lastname']};</OrderDesc> <BrowserHeader>*/*</BrowserHeader> <EMail>{$order_info['email']}</EMail> <IPAddress>{$_SERVER['REMOTE_ADDR']}</IPAddress> <BillingFirstName>{$order_info['b_firstname']}</BillingFirstName> <BillingLastName>{$order_info['b_lastname']}</BillingLastName> <BillingAddress1>{$order_info['b_address']}</BillingAddress1> <BillingAddress2>{$order_info['b_address_2']}</BillingAddress2> <BillingCity>{$order_info['b_city']}</BillingCity> <BillingState>{$order_info['b_state']}</BillingState> <BillingPostalCode>{$order_info['b_zipcode']}</BillingPostalCode> <BillingCountryCode>{$order_info['b_country']}</BillingCountryCode> <ShippingFirstName>{$order_info['s_firstname']}</ShippingFirstName> <ShippingLastName>{$order_info['s_lastname']}</ShippingLastName> <ShippingAddress1>{$order_info['s_address']}</ShippingAddress1> <ShippingAddress2>{$order_info['s_address_2']}</ShippingAddress2> <ShippingCity>{$order_info['s_city']}</ShippingCity> <ShippingState>{$order_info['s_state']}</ShippingState> <ShippingPostalCode>{$order_info['s_zipcode']}</ShippingPostalCode> <ShippingCountryCode>{$order_info['s_country']}</ShippingCountryCode> </CardinalMPI> EOT; Registry::set('log_cut_data', array('CardNumber', 'CardExpMonth', 'CardExpYear')); $response_data = Http::post($_SESSION['cmpi']['transaction_url'], array('cmpi_msg' => $cardinal_request)); $cmpi = @simplexml_load_string($response_data); $err_no = 0; $_SESSION['cmpi']['enrolled'] = 'U'; $acs_url = ''; if (empty($response_data) || $cmpi === false) { $_SESSION['cmpi']['eci_flag'] = fn_get_payment_card($order_info['payment_info']['card_number'], array('mastercard' => 1, 'visa' => 7, 'jcb' => 7)); $err_desc = 'Connection problem'; } else { $err_no = intval((string) $cmpi->ErrorNo); $err_desc = (string) $cmpi->ErrorDesc; $acs_url = (string) $cmpi->ACSUrl; $_SESSION['cmpi']['enrolled'] = (string) $cmpi->Enrolled; $_SESSION['cmpi']['transaction_id'] = (string) $cmpi->TransactionId; $_SESSION['cmpi']['eci_flag'] = (string) $cmpi->EciFlag; } if ($err_no == 0 && $_SESSION['cmpi']['enrolled'] == 'Y' && !empty($acs_url)) { $sess = Session::getName() . '=' . Session::getId(); $payment_name = str_replace('.php', '', $processor_data['processor_script']); $_SESSION['cmpi']['acs_url'] = $acs_url; $_SESSION['cmpi']['order_id'] = $order_info['order_id']; $_SESSION['cmpi']['frame_data'] = array('PaReq' => (string) $cmpi->Payload, 'TermUrl' => fn_url("payment_notification.bank?payment={$payment_name}&{$sess}", AREA, 'current'), 'MD' => ''); $frame_src = fn_url("payment_notification.frame?payment={$payment_name}&{$sess}", AREA, 'current'); $msg = __('text_cmpi_frame_message'); $back_link_msg = __('text_cmpi_go_back'); $dispatch = $mode == 'repay' ? 'orders.details?order_id=' . $order_info['order_id'] . '&' : 'checkout.checkout?'; $back_link = fn_url($dispatch . $sess, AREA, 'current'); echo <<<EOT <table width="100%" cellspacing="0" cellpadding="0"> <tr> <td valign="top" align="center"> <div style="width:500px;"> {$msg} <br /><br /> </div> </td> </tr> <tr> <td valign="top" align="center"> <iframe width="420" height="420" marginwidth="0" marginheight="0" src="{$frame_src}"></iframe><br /> <br /> <div> <a href="{$back_link}>{$back_link_msg}</a> </div> </td> </tr> </table> EOT; exit; } else { $_SESSION['cmpi']['err_no'][0] = $err_no; $_SESSION['cmpi']['err_desc'][0] = $err_desc; define('DO_DIRECT_PAYMENT', true); } return true; }
} elseif ($mode == 'finish') { $order_info = fn_get_order_info($order_id); if ($order_info['status'] == 'O') { $pp_response = array(); $pp_response['order_status'] = 'F'; $pp_response['reason_text'] = __('merchant_response_was_not_received'); $pp_response['transaction_id'] = ''; fn_finish_payment($order_id, $pp_response); } fn_order_placement_routines('route', $order_id, false); } } } else { $current_location = Registry::get('config.current_location'); $lang_code = CART_LANGUAGE == 'th' ? 'TH' : 'EN'; $sess = '&' . Session::getName() . '=' . Session::getId(); $_SESSION['thaiepay_refno'] = $order_id; $return_url = fn_url("payment_notification.finish?payment=thaiepay&refno={$order_id}{$sess}", AREA, 'current'); echo <<<EOT <form method="post" action="https://www.thaiepay.com/epaylink/payment.aspx" name="process"> <input type="hidden" name="refno" value="{$order_id}"> <input type="hidden" name="merchantid" value="{$processor_data['processor_params']['merchantid']}"> <input type="hidden" name="customeremail" value="{$order_info['email']}"> <input type="hidden" name="productdetail" value="{$processor_data['processor_params']['details']}"> <input type="hidden" name="total" value="{$order_info['total']}"> <input type="hidden" name="cc" value="{$processor_data['processor_params']['currency']}"> <input type="hidden" name="lang" value="{$lang_code}"> <input type="hidden" name="returnurl" value="{$return_url}"> EOT; $msg = __('text_cc_processor_connection', array('[processor]' => 'thaiepay.com server')); echo <<<EOT
} elseif ($_REQUEST['amount'] != $adjusted_order_total) { $pp_response['reason_text'] .= __('mb_amounts_not_match'); } if ($_REQUEST['currency'] != $processor_data['processor_params']['currency']) { $pp_response['reason_text'] .= __('mb_currencies_not_match'); } } if (fn_check_payment_script('skrill_qc.php', $_REQUEST['order_id'])) { fn_finish_payment($_REQUEST['order_id'], $pp_response); } exit; } } else { $url = 'https://www.moneybookers.com/app/payment.pl'; $suffix = AREA != 'A' && empty($order_info['repaid']) && defined('IFRAME_MODE') ? '&iframe_mode=true' : ''; $post_data = array('pay_to_email' => $processor_data['processor_params']['pay_to_email'], 'recipient_description' => $processor_data['processor_params']['recipient_description'], 'transaction_id' => $processor_data['processor_params']['order_prefix'] . (!empty($order_info['repaid']) ? $order_id . '_' . $order_info['repaid'] : $order_id), 'return_url' => fn_url("payment_notification.return?payment=skrill_qc&order_id={$order_id}{$suffix}", AREA, 'current'), 'return_url_text' => '', 'cancel_url' => fn_url("payment_notification.cancel?payment=skrill_qc&order_id={$order_id}{$suffix}", AREA, 'current'), 'status_url' => fn_url("payment_notification.status?payment=skrill_qc&order_id={$order_id}{$suffix}", AREA, 'current'), 'language' => $processor_data['processor_params']['language'], 'amount' => $order_info['total'], 'currency' => $processor_data['processor_params']['currency'], 'return_url_target' => '_parent', 'cancel_url_target' => '_parent', 'merchant_fields' => 'platform,mb_sess_id,inner_order_id', 'mb_sess_id' => base64_encode(Session::getId()), 'inner_order_id' => $order_id, 'platform' => '21477207'); $post_data['amount'] = fn_mb_adjust_amount($post_data['amount'], $post_data['currency']); if (!$post_data['amount']) { if (!empty($suffix)) { echo __('text_unsupported_currency'); } else { fn_set_notification('E', __('error'), __('text_unsupported_currency')); $url = fn_url("payment_notification.unsupported_currency?payment=skrill_qc&order_id={$order_id}", AREA, 'current'); echo <<<EOT <form action="{$url}" method="POST" name="process"> </form> <script type="text/javascript"> window.onload = function(){ document.process.submit(); }; </script>
if (Registry::get('runtime.action') == 'from_status') { fn_calculate_cart_content($cart, $auth, 'S', true, 'F', true); } } return array(CONTROLLER_STATUS_REDIRECT, "checkout." . $_REQUEST['redirect_mode']); //Clear cart } elseif ($mode == 'clear') { fn_clear_cart($cart); //fn_save_cart_content($cart, $auth['user_id']); $cart_user_id = $_SESSION['auth']['user_id']; if (!$cart_user_id) { $cart_user_id = fn_get_session_data('cu_id'); } db_query("DELETE FROM ?:user_session_products WHERE session_id = ?s AND type = ?s AND user_id = ?s", Session::getId(), 'C', $cart_user_id); if ($auth['user_id']) { db_query("UPDATE ?:user_session_products SET user_id = ?s WHERE session_id = ?s AND type = ?s AND user_type = ?s", $auth['user_id'], Session::getId(), 'C', 'U'); } return array(CONTROLLER_STATUS_REDIRECT, "checkout.cart"); //Purge undeliverable products } elseif ($mode == 'purge_undeliverable') { fn_purge_undeliverable_products($cart); fn_set_notification('N', __('notice'), __('notice_undeliverable_products_removed')); return array(CONTROLLER_STATUS_REDIRECT, "checkout.checkout"); } elseif ($mode == 'complete') { if (!empty($_REQUEST['order_id'])) { if (empty($auth['user_id'])) { if (empty($auth['order_ids'])) { return array(CONTROLLER_STATUS_REDIRECT, "auth.login_form?return_url=" . urlencode(Registry::get('config.current_url'))); } else { $allowed_id = in_array($_REQUEST['order_id'], $auth['order_ids']); }
function fn_get_ebay_orders() { $success_orders = $failed_orders = array(); setlocale(LC_TIME, 'en_US'); $params = array('OrderStatus' => 'Completed'); $last_transaction = db_get_field('SELECT timestamp FROM ?:ebay_cached_transactions WHERE type = ?s AND status = ?s ORDER BY timestamp DESC', 'orders', 'C'); // Need user_id if (!empty($last_transaction)) { $params['CreateTimeFrom'] = gmstrftime("%Y-%m-%dT%H:%M:%S", $last_transaction); $params['CreateTimeTo'] = gmstrftime("%Y-%m-%dT%H:%M:%S", TIME); } $data = array('timestamp' => TIME, 'user_id' => $_SESSION['auth']['user_id'], 'session_id' => Session::getId(), 'status' => 'A', 'type' => 'orders', 'result' => '', 'site_id' => 0); $transaction_id = db_query('INSERT INTO ?:ebay_cached_transactions ?e', $data); list(, $ebay_orders) = Ebay::instance()->GetOrders($params); $data = array('status' => 'C', 'result' => count($ebay_orders)); db_query('UPDATE ?:ebay_cached_transactions SET ?u WHERE transaction_id = ?i', $data, $transaction_id); if (!empty($ebay_orders)) { foreach ($ebay_orders as $k => $v) { $item_transactions = $v['TransactionArray']; $cart = $products = array(); if (!is_array($item_transactions)) { $item_transactions = array($item_transactions->Transaction); } $i = 1; foreach ($item_transactions as $item) { $email = (string) $item->Buyer->Email; break; } $shipping_address = $v['ShippingAddress']; $customer_name = explode(' ', (string) $shipping_address->Name); $firstname = array_shift($customer_name); $lastname = implode(' ', $customer_name); $cart = array('user_id' => 0, 'company_id' => Registry::get('runtime.company_id'), 'email' => $email, 'ebay_order_id' => $v['OrderID'], 'status' => 'P', 'timestamp' => strtotime($v['CreatedTime']), 'payment_id' => 0, 'user_data' => array('firstname' => $firstname, 'lastname' => $lastname, 'phone' => (string) $shipping_address->Phone, 's_firstname' => $firstname, 's_lastname' => $lastname, 's_address' => (string) $shipping_address->Street1, 's_city' => (string) $shipping_address->CityName, 's_state' => (string) $shipping_address->StateOrProvince, 's_country' => (string) $shipping_address->Country, 's_phone' => (string) $shipping_address->Phone, 's_zipcode' => (string) $shipping_address->PostalCode, 'b_firstname' => $firstname, 'b_lastname' => $lastname, 'b_address' => (string) $shipping_address->Street1, 'b_city' => (string) $shipping_address->CityName, 'b_state' => (string) $shipping_address->StateOrProvince, 'b_country' => (string) $shipping_address->Country, 'b_phone' => (string) $shipping_address->Phone, 'b_zipcode' => (string) $shipping_address->PostalCode), 'total' => $v['Total'], 'subtotal' => $v['Subtotal'], 'shipping_cost' => (double) $v['ShippingServiceSelected']->ShippingServiceCost); foreach ($item_transactions as $item) { $_item = (array) $item->Item; $product_id = db_get_field('SELECT product_id FROM ?:ebay_template_products WHERE ebay_item_id = ?i', $_item['ItemID']); // Need check company_id if (!$product_id) { continue; } $product = fn_get_product_data($product_id, $cart['user_data']); $extra = array("product_options" => array()); $options = db_get_array('SELECT ?:product_options.option_id, ?:product_options_descriptions.option_name, ?:product_option_variants_descriptions.variant_id, ?:product_option_variants_descriptions.variant_name FROM ?:product_options JOIN ?:product_option_variants ON ?:product_option_variants.option_id = ?:product_options.option_id JOIN ?:product_options_descriptions ON ?:product_options_descriptions.option_id = ?:product_options.option_id JOIN ?:product_option_variants_descriptions ON ?:product_option_variants_descriptions.variant_id = ?:product_option_variants.variant_id WHERE product_id =?i', $product_id); if (isset($item->Variation)) { $variations_xml = (array) $item->Variation->VariationSpecifics; if (isset($variations_xml['NameValueList']->Name)) { $variations = (array) $variations_xml['NameValueList']; } else { foreach ($variations_xml['NameValueList'] as $variation) { $variations[] = (array) $variation; } } if (isset($variations)) { if (isset($variations['Name'])) { foreach ($options as $option) { if ($variations['Name'] == $option['option_name'] && $variations['Value'] == $option['variant_name']) { $extra['product_options'][$option['option_id']] = $option['variant_id']; } } } else { foreach ($variations as $variation) { foreach ($options as $option) { if ($variation['Name'] == $option['option_name'] && $variation['Value'] == $option['variant_name']) { $extra['product_options'][$option['option_id']] = $option['variant_id']; } } } } $variations = array(); } } $products[$i] = array('product_id' => $product_id, 'amount' => (int) $item->QuantityPurchased, 'price' => (double) $item->TransactionPrice, 'base_price' => (double) $item->TransactionPrice, 'is_edp' => $product['is_edp'], 'edp_shipping' => $product['edp_shipping'], 'free_shipping' => $product['free_shipping'], 'stored_price' => 'Y', 'company_id' => Registry::get('runtime.company_id'), 'extra' => $extra); unset($product); $i += 1; } if (empty($products)) { continue; } $cart['products'] = $products; unset($products); $location = fn_get_customer_location($cart['user_data'], $cart); $cart['product_groups'] = Shippings::groupProductsList($cart['products'], $location); list($order_id, $status) = fn_update_order($cart); if (!empty($order_id)) { fn_change_order_status($order_id, 'P', $status, fn_get_notification_rules(array(), false)); $success_orders[] = $order_id; } else { $failed_orders[] = $cart['ebay_order_id']; } } } return array($success_orders, $failed_orders); }
/** * Generate security hash to protect forms from CRSF attacks * * @return string salted hash */ function fn_generate_security_hash() { if (empty($_SESSION['security_hash'])) { $_SESSION['security_hash'] = md5(Registry::get('config.crypt_key') . Session::getId()); } return $_SESSION['security_hash']; }
public static function display() { if (!self::isActive()) { return false; } $data_time = time(); $debugger_id = !empty(self::$debugger_cookie) ? self::$debugger_cookie : substr(Session::getId(), 0, 8); $ch_p = array_values(self::$checkpoints); $included_templates = array(); $depth = array(); $d = 0; foreach (Registry::get('view')->template_objects as $k => $v) { if (count(explode('#', $k)) == 1) { continue; } list(, $tpl) = explode('#', $k); if (!empty($v->parent)) { if (property_exists($v->parent, 'template_resource')) { if (empty($depth[$v->parent->template_resource])) { $depth[$v->parent->template_resource] = ++$d; } $included_templates[] = array('filename' => $tpl, 'depth' => $depth[$v->parent->template_resource]); } } } $assigned_vars = Registry::get('view')->tpl_vars; ksort($assigned_vars); $exclude_vars = array('_REQUEST', 'config', 'settings', 'runtime', 'demo_password', 'demo_username', 'empty', 'ldelim', 'rdelim'); foreach ($assigned_vars as $name => $value_obj) { if (in_array($name, $exclude_vars)) { unset($assigned_vars[$name]); } else { $assigned_vars[$name] = $value_obj->value; } } self::$totals['time_page'] = $ch_p[count($ch_p) - 1]['time'] - $ch_p[0]['time']; self::$totals['memory_page'] = ($ch_p[count($ch_p) - 1]['memory'] - $ch_p[0]['memory']) / 1024; self::$totals['count_queries'] = count(self::$queries); self::$totals['count_tpls'] = count($included_templates); $runtime = fn_foreach_recursive(Registry::get('runtime'), '.'); foreach ($runtime as $key => $value) { if (in_array(gettype($value), array('object', 'resource'))) { $runtime[$key] = gettype($value); } } $data = array('request' => array('request' => $_REQUEST, 'server' => $_SERVER, 'cookie' => $_COOKIE), 'config' => array('runtime' => $runtime), 'sql' => array('totals' => array('count' => self::$totals['count_queries'], 'rcount' => 0, 'time' => self::$totals['time_queries']), 'queries' => self::$queries), 'backtraces' => self::$backtraces, 'logging' => self::$checkpoints, 'templates' => array('tpls' => $included_templates, 'vars' => $assigned_vars), 'totals' => self::$totals); $datas = Registry::get('debugger.data'); $datas = is_array($datas) ? $datas : array(); foreach (array_keys($datas) as $id) { foreach (array_keys($datas[$id]) as $time) { if ($time < time() - self::EXPIRE_DEBUGGER) { unset($datas[$id][$time]); } } if (empty($datas[$id])) { unset($datas[$id]); } } $datas[$debugger_id][$data_time] = $data; Registry::set('debugger.data', $datas); Registry::get('view')->assign('debugger_id', $debugger_id); Registry::get('view')->assign('debugger_hash', $data_time); Registry::get('view')->assign('totals', self::$totals); Registry::get('view')->display('views/debugger/debugger.tpl'); return true; }
function fn_order_placement_routines($action = '', $order_id = 0, $force_notification = array(), $clear_cart = true, $area = AREA) { if (Embedded::isLeft() && !Embedded::isEnabled()) { Embedded::enable(); } if ($action == 'checkout_redirect') { if ($area == 'A') { fn_redirect("order_management.edit?order_id=" . reset($_SESSION['cart']['processed_order_id'])); } else { fn_redirect('checkout.checkout'); } } elseif (in_array($action, array('save', 'repay', 'route')) && !empty($order_id)) { $order_info = fn_get_order_info($order_id, true); $display_notification = true; fn_set_hook('placement_routines', $order_id, $order_info, $force_notification, $clear_cart, $action, $display_notification); if (!empty($_SESSION['cart']['placement_action'])) { if (empty($action)) { $action = $_SESSION['cart']['placement_action']; } unset($_SESSION['cart']['placement_action']); } if ($area == 'C' && !empty($order_info['user_id'])) { $__fake = ''; fn_save_cart_content($__fake, $order_info['user_id']); } $edp_data = fn_generate_ekeys_for_edp(array(), $order_info); fn_order_notification($order_info, $edp_data, $force_notification); $_error = false; if ($action == 'save') { if ($display_notification) { fn_set_notification('N', __('congratulations'), __('text_order_saved_successfully')); } } else { if ($order_info['status'] == STATUS_PARENT_ORDER) { $child_orders = db_get_hash_single_array("SELECT order_id, status FROM ?:orders WHERE parent_order_id = ?i", array('order_id', 'status'), $order_id); $status = reset($child_orders); $child_orders = array_keys($child_orders); } else { $status = $order_info['status']; } if (in_array($status, fn_get_order_paid_statuses())) { if ($action == 'repay') { fn_set_notification('N', __('congratulations'), __('text_order_repayed_successfully')); } else { fn_set_notification('N', __('order_placed'), __('text_order_placed_successfully')); } } elseif ($status == STATUS_BACKORDERED_ORDER) { fn_set_notification('W', __('important'), __('text_order_backordered')); } else { if ($area == 'A' || $action == 'repay') { if ($status != STATUS_CANCELED_ORDER) { $_payment_info = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'P'", $order_id); if (!empty($_payment_info)) { $_payment_info = unserialize(fn_decrypt_text($_payment_info)); $_msg = !empty($_payment_info['reason_text']) ? $_payment_info['reason_text'] : ''; $_msg .= empty($_msg) ? __('text_order_placed_error') : ''; fn_set_notification('E', '', $_msg); } } } else { $_error = true; if (!empty($child_orders)) { array_unshift($child_orders, $order_id); } else { $child_orders = array(); $child_orders[] = $order_id; } $_SESSION['cart'][$status == STATUS_INCOMPLETED_ORDER ? 'processed_order_id' : 'failed_order_id'] = $child_orders; } if ($status == STATUS_INCOMPLETED_ORDER || $action == 'repay' && $status == STATUS_CANCELED_ORDER) { fn_set_notification('W', __('important'), __('text_transaction_cancelled')); } } } // Empty cart if ($clear_cart == true && $_error == false) { $_SESSION['cart'] = array('user_data' => !empty($_SESSION['cart']['user_data']) ? $_SESSION['cart']['user_data'] : array(), 'profile_id' => !empty($_SESSION['cart']['profile_id']) ? $_SESSION['cart']['profile_id'] : 0, 'user_id' => !empty($_SESSION['cart']['user_id']) ? $_SESSION['cart']['user_id'] : 0); $_SESSION['shipping_rates'] = array(); unset($_SESSION['shipping_hash']); db_query('DELETE FROM ?:user_session_products WHERE session_id = ?s AND type = ?s', Session::getId(), 'C'); } fn_set_hook('order_placement_routines', $order_id, $force_notification, $order_info, $_error); if ($area == 'A') { fn_redirect("orders.details?order_id={$order_id}"); } else { fn_redirect('checkout.' . ($_error ? 'checkout' : "complete?order_id={$order_id}")); } } elseif ($action == 'index_redirect') { fn_redirect(fn_url('', 'C', 'http')); } else { fn_redirect(fn_url($action, 'C', 'http')); } }
function fn_pay4later_order_placement_routines() { $_SESSION['cart'] = array('user_data' => !empty($_SESSION['cart']['user_data']) ? $_SESSION['cart']['user_data'] : array(), 'profile_id' => !empty($_SESSION['cart']['profile_id']) ? $_SESSION['cart']['profile_id'] : 0, 'user_id' => !empty($_SESSION['cart']['user_id']) ? $_SESSION['cart']['user_id'] : 0); $_SESSION['shipping_rates'] = array(); unset($_SESSION['shipping_hash']); db_query('DELETE FROM ?:user_session_products WHERE session_id = ?s AND type = ?s', Session::getId(), 'C'); }
$area = $_REQUEST['area']; } else { $area = fn_check_user_type_admin_area($user_data) ? 'A' : 'C'; } if (fn_allowed_for('MULTIVENDOR')) { if ($user_data['user_type'] == 'V') { $area = $area == 'A' ? 'V' : $area; } } $sess_data = array('auth' => fn_fill_auth($user_data, array(), true, $area), 'last_status' => empty($_SESSION['last_status']) ? '' : $_SESSION['last_status']); if (Registry::get('settings.General.store_mode') == 'Y') { $sess_data['store_access_key'] = Registry::get('settings.General.store_access_key'); } $areas = array('A' => 'admin', 'V' => 'vendor', 'C' => 'customer'); fn_init_user_session_data($sess_data, $_REQUEST['user_id'], true); $old_sess_id = Session::getId(); $redirect_url = !empty($_REQUEST['redirect_url']) ? $_REQUEST['redirect_url'] : ''; if ($area != 'C') { Session::setName($areas[$area]); $sess_id = Session::regenerateId(); Session::save($sess_id, $sess_data, $area); Session::setName(ACCOUNT_TYPE); Session::setId($old_sess_id, false); } else { // Save unique key for session $key = fn_crc32(microtime()) . fn_crc32(microtime() + 1); fn_set_storage_data('session_' . $key . '_data', serialize($sess_data)); if (fn_allowed_for('ULTIMATE')) { $company_id_in_url = fn_get_company_id_from_uri($redirect_url); if (Registry::get('runtime.company_id') || !empty($user_data['company_id']) || Registry::get('runtime.simple_ultimate') || !empty($company_id_in_url)) { // Redirect to the personal frontend
$pp_response['order_status'] = $_REQUEST['transStatus'] == 'Y' && (!empty($processor_data['processor_params']['callback_password']) ? !empty($_REQUEST['callbackPW']) && $_REQUEST['callbackPW'] == $processor_data['processor_params']['callback_password'] : true) ? 'P' : 'F'; if ($_REQUEST['transStatus'] == 'Y') { $pp_response['reason_text'] = $_REQUEST['rawAuthMessage']; $pp_response['transaction_id'] = $_REQUEST['transId']; $pp_response['descr_avs'] = 'CVV (Security Code): ' . $avs_res[substr($_REQUEST['AVS'], 0, 1)] . '; Postcode: ' . $avs_res[substr($_REQUEST['AVS'], 1, 1)] . '; Address: ' . $avs_res[substr($_REQUEST['AVS'], 2, 1)] . '; Country: ' . $avs_res[substr($_REQUEST['AVS'], 3)]; } if (!empty($_REQUEST['testMode'])) { $pp_response['reason_text'] .= '; This a TEST Transaction'; } $area = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'E'", $order_id); $override = $area == 'A' ? true : false; fn_finish_payment($order_id, $pp_response, false); echo "<head><meta http-equiv='refresh' content='0; url=" . fn_url("payment_notification.notify?payment=worldpay&order_id={$order_id}", $area, 'current', CART_LANGUAGE, $override) . "'></head><body><wpdisplay item=banner></body>"; exit; } else { if (!defined('BOOTSTRAP')) { die('Access denied'); } $_order_id = $order_info['repaid'] ? $order_id . '_' . $order_info['repaid'] : $order_id; $s_id = Session::getId(); $sess_name = Session::getName(); $card_holder = $processor_data['processor_params']['test'] == $mode_test_declined ? $card_holder_for_declined_test : $order_info['b_firstname'] . ' ' . $order_info['b_lastname']; $test_mode_id = $processor_data['processor_params']['test'] == $mode_test_declined ? $mode_test : $processor_data['processor_params']['test']; $signature = md5($processor_data['processor_params']['md5_secret'] . ':' . $processor_data['processor_params']['account_id'] . ':' . $order_info['total'] . ':' . $processor_data['processor_params']['currency'] . ':' . $_order_id); $data = array('signatureFields' => 'instId:amount:currency:cartId', 'signature' => $signature, 'instId' => $processor_data['processor_params']['account_id'], 'cartId' => $_order_id, 'amount' => $order_info['total'], 'currency' => $processor_data['processor_params']['currency'], 'testMode' => $test_mode_id, 'authMode' => $processor_data['processor_params']['authmode'], 'name' => $card_holder, 'tel' => $order_info['phone'], 'email' => $order_info['email'], 'address' => $order_info['b_address'] . ' ' . $order_info['b_city'] . ' ' . $order_info['b_state'] . ' ' . $order_info['b_country'], 'postcode' => $order_info['b_zipcode'], 'country' => $order_info['b_country'], "MC_{$sess_name}" => $s_id); $order_data = array('order_id' => $order_id, 'type' => 'E', 'data' => AREA); db_query("REPLACE INTO ?:order_data ?e", $order_data); $submit_url = $processor_data['processor_params']['test'] == $mode_test_declined || $processor_data['processor_params']['test'] == $mode_test ? 'https://secure-test.worldpay.com/wcc/purchase' : 'https://secure.worldpay.com/wcc/purchase'; fn_create_payment_form($submit_url, $data, 'World Pay server', false); exit; }
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. * ****************************************************************************/ use Tygh\Development; use Tygh\Registry; use Tygh\Session; use Tygh\BlockManager\Location; use Tygh\BlockManager\Layout; if (!defined('BOOTSTRAP')) { die('Access denied'); } if (!empty($_REQUEST['skey'])) { $session_data = fn_get_storage_data('session_' . $_REQUEST['skey'] . '_data'); fn_set_storage_data('session_' . $_REQUEST['skey'] . '_data', ''); if (!empty($session_data)) { $_SESSION = unserialize($session_data); Session::save(Session::getId(), $_SESSION); fn_calculate_cart_content($_SESSION['cart'], $_SESSION['auth'], 'S', true, 'F', true); fn_save_cart_content($_SESSION['cart'], $_SESSION['auth']['user_id']); } return array(CONTROLLER_STATUS_REDIRECT, fn_query_remove(REAL_URL, 'skey')); } // UK Cookies Law if (Registry::get('settings.Security.uk_cookies_law') == 'Y') { if (!empty($_REQUEST['cookies_accepted']) && $_REQUEST['cookies_accepted'] == 'Y') { $_SESSION['cookies_accepted'] = true; } if (!defined('AJAX_REQUEST') && empty($_SESSION['cookies_accepted'])) { $url = fn_link_attach(Registry::get('config.current_url'), 'cookies_accepted=Y'); $text = __('uk_cookies_law', array('[url]' => $url)); fn_delete_notification('uk_cookies_law'); fn_set_notification('W', __('warning'), $text, 'K', 'uk_cookies_law');
$pp_response['order_status'] = 'P'; $pp_response['reason_text'] = $_REQUEST['msg']; $pp_response['transaction_id'] = $_REQUEST['TxnGUID']; $pp_response['card_number'] = $_REQUEST['mPAN']; $pp_response['card'] = $_REQUEST['type']; $pp_response['cardholder_name'] = $_REQUEST['name']; $pp_response['expiry_month'] = substr($_REQUEST['exp'], 0, 2); $pp_response['expiry_year'] = substr($_REQUEST['exp'], -2); } elseif (!empty($_REQUEST['error'])) { $pp_response['order_status'] = 'F'; $pp_response['reason_text'] = !empty($_REQUEST['msg']) ? $_REQUEST['msg'] : __('error'); } else { $pp_response['order_status'] = 'N'; $pp_response['reason_text'] = __('transaction_cancelled'); } if (fn_check_payment_script('cresecure.php', $order_id)) { fn_finish_payment($order_id, $pp_response); fn_order_placement_routines('route', $order_id); } } } else { if ($processor_data['processor_params']['test'] == 'live') { $post_address = "https://safe.cresecure.net/securepayments/a1/cc_collection.php"; } else { $post_address = "https://sandbox-cresecure.net/securepayments/a1/cc_collection.php"; } $post_data = array('CRESecureID' => $processor_data['processor_params']['cresecureid'], 'total_amt' => sprintf('%.2f', $order_info['total']), 'return_url' => fn_url("payment_notification.return?payment=cresecure&order_id={$order_id}", AREA, 'https'), 'content_template_url' => fn_payment_url('https', "cresecure.php?order_id={$order_id}&display_full_path=Y"), 'b_country' => db_get_field('SELECT a.code_A3 FROM ?:countries as a WHERE a.code = ?s', $order_info['b_country']), 's_country' => db_get_field('SELECT a.code_A3 FROM ?:countries as a WHERE a.code = ?s', $order_info['s_country']), 'customer_address' => $order_info['b_address'] . (!empty($order_info['b_address_2']) ? ' ' . $order_info['b_address_2'] : ''), 'delivery_address' => $order_info['s_address'] . (!empty($order_info['s_address_2']) ? ' ' . $order_info['s_address_2'] : ''), 'customer_phone' => !empty($order_info['b_phone']) ? $order_info['b_phone'] : '', 'delivery_phone' => !empty($order_info['s_phone']) ? $order_info['s_phone'] : '', 'allowed_types' => !empty($processor_data['processor_params']['allowed_types']) ? join('|', $processor_data['processor_params']['allowed_types']) : 'Visa|MasterCard', 'sess_id' => Session::getId(), 'sess_name' => Session::getName(), 'order_id' => $order_info['order_id'], 'currency' => $processor_data['processor_params']['currency'], 'CRESecureAPIToken' => $processor_data['processor_params']['cresecureapitoken'], 'customer_id' => $order_info['user_id'], 'customer_company' => $order_info['company'], 'customer_firstname' => $order_info['b_firstname'], 'customer_lastname' => $order_info['b_lastname'], 'customer_email' => $order_info['email'], 'customer_city' => $order_info['b_city'], 'customer_state' => $order_info['b_state'], 'customer_postal_code' => $order_info['b_zipcode'], 'customer_country' => $order_info['b_country'], 'delivery_firstname' => $order_info['s_firstname'], 'delivery_lastname' => $order_info['s_lastname'], 'delivery_city' => $order_info['s_city'], 'delivery_state' => $order_info['s_state'], 'delivery_postal_code' => $order_info['s_zipcode'], 'ip_address' => $_SERVER['REMOTE_ADDR']); fn_create_payment_form($post_address, $post_data, 'CRE secure', false); } exit; }
/** * Processes payment form to make payment submit via non-embedded mode * @param string $submit_url payment submit URL * @param array $data payment data * @param array $payment_name payment name * @param boolean $exclude_empty_values flag to exclude empty values * @param string $method submit method * @return array data to submit form to host server */ public static function processPaymentForm($submit_url, $data, $payment_name, $exclude_empty_values, $method) { $data = array(Session::getName() => Session::getId(), 'data' => json_encode(array('submit_url' => $submit_url, 'data' => $data, 'payment_name' => $payment_name, 'method' => $method, 'exclude_empty_values' => $exclude_empty_values))); $submit_url = fn_url('payment_notification.process_embedded'); $method = 'post'; $payment_name = ''; return array($submit_url, $data, $method, $payment_name); }
fn_set_hook('amazon_products', $amazon_products, $cart); // Get cart items $amazon_order = array(); foreach ($amazon_products as $key => $product) { // Get product options $item_options = ' '; if (!empty($product['product_options'])) { $_options = fn_get_selected_product_options_info($cart['products'][$key]['product_options']); foreach ($_options as $opt) { $item_options .= $opt['option_name'] . ': ' . $opt['variant_name'] . '; '; } $item_options = ' [' . trim($item_options, '; ') . ']'; } $amazon_order['Cart']['Items']['Item'][] = array('SKU' => empty($product['product_code']) ? 'pid_' . $product['product_id'] : substr(strip_tags($product['product_code']), 0, 250), 'MerchantId' => $processor_data['processor_params']['merchant_id'], 'Title' => substr(strip_tags($product['product']), 0, 250) . $item_options, 'Price' => array('Amount' => fn_format_price($product['price']), 'CurrencyCode' => $_currency), 'Quantity' => $product['amount'], 'ItemCustomData' => array('CartID' => $key)); } $amazon_order['Cart']['CartCustomData'] = array('ClientRequestId' => base64_encode(Session::getId() . ';' . $_payment_id)); // Activate the Amazon callbacks functionality $amazon_order['ReturnUrl'] = Registry::get('config.http_location') . '/' . Registry::get('config.customer_index') . '?dispatch=payment_notification.placement&payment=amazon_checkout'; $amazon_order['CancelUrl'] = fn_url('checkout.cart'); $amazon_order['OrderCalculationCallbacks'] = array('CalculateTaxRates' => 'true', 'CalculatePromotions' => 'true', 'CalculateShippingRates' => 'true', 'OrderCallbackEndpoint' => Registry::get('config.origin_http_location') . '/app/payments/amazon_checkout.php', 'ProcessOrderOnCallbackFailure' => $processor_data['processor_params']['process_on_failure'] == 'Y' ? 'true' : 'false'); $amazon_order['DisablePromotionCode'] = 'true'; $amazon_cart = '<?xml version="1.0" encoding="UTF-8"?>' . '<Order xmlns="http://payments.amazon.com/checkout/2009-05-15/">' . fn_array_to_xml($amazon_order) . '</Order>'; // Calculate cart signature if (!empty($processor_data['processor_params']['aws_access_public_key'])) { $sign = fn_amazon_calculate_signature($amazon_cart, $processor_data['processor_params']['aws_secret_access_key']); $sign = ';signature:' . $sign . ';aws-access-key-id:' . $processor_data['processor_params']['aws_access_public_key']; $order_type = 'merchant-signed-order/aws-accesskey/1'; } else { $sign = ''; $order_type = 'unsigned-order'; }
public static function orderPlacementRoutines($order_id, $force_notification = array(), $clear_cart = true, $action = '') { // don't show notifications // only clear cart $order_info = fn_get_order_info($order_id, true); $display_notification = true; fn_set_hook('placement_routines', $order_id, $order_info, $force_notification, $clear_cart, $action, $display_notification); if (!empty($_SESSION['cart']['placement_action'])) { if (empty($action)) { $action = $_SESSION['cart']['placement_action']; } unset($_SESSION['cart']['placement_action']); } if (AREA == 'C' && !empty($order_info['user_id'])) { $__fake = ''; fn_save_cart_content($__fake, $order_info['user_id']); } $edp_data = fn_generate_ekeys_for_edp(array(), $order_info); fn_order_notification($order_info, $edp_data, $force_notification); // Empty cart if ($clear_cart == true && substr_count('OPT', $order_info['status']) > 0) { $_SESSION['cart'] = array('user_data' => !empty($_SESSION['cart']['user_data']) ? $_SESSION['cart']['user_data'] : array(), 'profile_id' => !empty($_SESSION['cart']['profile_id']) ? $_SESSION['cart']['profile_id'] : 0, 'user_id' => !empty($_SESSION['cart']['user_id']) ? $_SESSION['cart']['user_id'] : 0); db_query('DELETE FROM ?:user_session_products WHERE session_id = ?s AND type = ?s', Session::getId(), 'C'); } $is_twg_hook = true; $_error = false; fn_set_hook('order_placement_routines', $order_id, $force_notification, $order_info, $_error, $is_twg_hook); }
function fn_register_ebay_shippings($site_id = 0) { $data = array('timestamp' => TIME, 'user_id' => $_SESSION['auth']['user_id'], 'session_id' => Session::getId(), 'status' => 'A', 'type' => 'shippings', 'result' => '', 'site_id' => $site_id); $transaction_id = db_query('INSERT INTO ?:ebay_cached_transactions ?e', $data); list(, $shippings) = Ebay::instance()->GetEbayDetails('ShippingServiceDetails'); if (!empty($shippings)) { db_query('DELETE FROM ?:ebay_shippings WHERE site_id = ?i', $site_id); $data = array(); foreach ($shippings as $shipping) { if (isset($shipping['ValidForSellingFlow']) && $shipping['ValidForSellingFlow'] == 'true') { $data[] = array('service_id' => isset($shipping['ShippingServiceID']) ? $shipping['ShippingServiceID'] : '', 'name' => isset($shipping['ShippingService']) ? $shipping['ShippingService'] : '', 'description' => isset($shipping['Description']) ? $shipping['Description'] : '', 'service_type' => isset($shipping['ServiceType']) ? is_array($shipping['ServiceType']) ? implode(',', $shipping['ServiceType']) : $shipping['ServiceType'] : '', 'is_international' => isset($shipping['InternationalService']) && $shipping['InternationalService'] == 'true' ? 'Y' : 'N', 'category' => isset($shipping['ShippingCategory']) ? $shipping['ShippingCategory'] : '', 'ship_days_max' => isset($shipping['ShippingTimeMax']) ? $shipping['ShippingTimeMax'] : '', 'ship_days_min' => isset($shipping['ShippingTimeMin']) ? $shipping['ShippingTimeMin'] : '', 'package' => isset($shipping['ShippingPackage']) ? is_array($shipping['ShippingPackage']) ? implode(',', $shipping['ShippingPackage']) : $shipping['ShippingPackage'] : '', 'carrier' => isset($shipping['ShippingCarrier']) ? $shipping['ShippingCarrier'] : '', 'weight_required' => isset($shipping['WeightRequired']) && $shipping['WeightRequired'] == 'true' ? 'Y' : 'N', 'selling_flow' => 'Y', 'dimensions_required' => isset($shipping['DimensionsRequired']) && $shipping['DimensionsRequired'] == 'true' ? 'Y' : 'N', 'surcharge_applicable' => isset($shipping['SurchargeApplicable']) && $shipping['SurchargeApplicable'] == 'true' ? 'Y' : 'N', 'expedited_service' => isset($shipping['ExpeditedService']) && $shipping['ExpeditedService'] == 'true' ? 'Y' : 'N', 'detail_version' => isset($shipping['DetailVersion']) ? $shipping['DetailVersion'] : '', 'update_timestamp' => isset($shipping['UpdateTime']) ? strtotime($shipping['UpdateTime']) : '', 'site_id' => $site_id); } } if (!empty($data)) { db_query('INSERT INTO ?:ebay_shippings ?m', $data); } $_data = array('status' => 'C', 'result' => count($data)); db_query('UPDATE ?:ebay_cached_transactions SET ?u WHERE transaction_id = ?i', $_data, $transaction_id); } return true; }