function order()
{
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
$order_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
if ($order_id > 0) {
$r_data = get_order_detail($order_id, $user_id);
} else {
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$limit = isset($_REQUEST['limit']) ? intval($_REQUEST['limit']) : 1;
$r_data = get_user_orders($user_id, $limit, $page);
}
// $record_count = $db->getOne("SELECT COUNT(*) FROM " .$ecs->table('order_info'). " WHERE user_id = '$user_id'");
return $r_data;
break;
case 'DELETE':
$order_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
$user_id = $_SESSION['user_id'];
if (cancel_order($order_id, $user_id)) {
$r_data = 'Cancle Order Success!';
} else {
$r_data = 'Cancle Order Failed!';
}
return $r_data;
break;
default:
return 'This API can not support ' . $_SERVER['REQUEST_METHOD'] . ' method';
break;
}
}
/**
* 订单过期
*/
function make_order_expire($cron)
{
global $db, $ecs;
$sql = "UPDATE " . $ecs->table('order_info') . " SET `order_status` = " . OS_EXPIRED . " WHERE `order_status` = " . OS_CONFIRMED . " AND shipping_status = " . SS_SHIPPED . " AND receive_deadline < " . time();
$db->query($sql);
//24小时未支付则过期
$expire_time = time() - intval($cron['unpay_order_expire']) * 3600;
$sql = "SELECT * FROM " . $ecs->table('order_info') . " WHERE order_status = " . OS_UNCONFIRMED . " AND pay_status = " . PS_UNPAYED . " AND add_time < {$expire_time}";
$query = $db->query($sql);
while ($rs = $db->fetch_array($query)) {
cancel_order($rs['order_id'], $rs['user_id'], OS_EXPIRED);
}
}
}
}
$smarty->assign('payment_list', $payment_list);
}
/* 订单 支付 配送 状态语言项 */
$order['order_status'] = $_LANG['os'][$order['order_status']];
$order['pay_status'] = $_LANG['ps'][$order['pay_status']];
$order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
$smarty->assign('order', $order);
$smarty->assign('goods_list', $goods_list);
$smarty->display('user_transaction.dwt');
} elseif ($action == 'cancel_order') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'includes/lib_order.php';
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
if (cancel_order($order_id, $user_id)) {
ecs_header("Location: user.php?act=order_list\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
} elseif ($action == 'address_list') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php';
$smarty->assign('lang', $_LANG);
/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
$smarty->assign('country_list', get_regions());
$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
/* 获得用户所有的收货人信息 */
$consignee_list = get_consignee_list($_SESSION['user_id']);
if (count($consignee_list) < 5 && $_SESSION['user_id'] > 0) {
function action_cancel_order()
{
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'includes/lib_order.php';
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
if (cancel_order($order_id, $user_id)) {
ecs_header("Location: user.php?act=order_list\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
}
if ($BID == 'all' || $BID == '') {
$BID = '';
$bid_sql = " ";
}
if ($_REQUEST['action'] == 'refund') {
$t_id = $_REQUEST['transaction_id'];
$sql = "SELECT * from transactions, orders, users where transactions.order_id=orders.order_id AND orders.user_id=users.ID and transactions.transaction_id={$t_id}";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result);
if ($row[status] != 'completed') {
// check that there's no other refund...
$sql = "SELECT * FROM transactions where txn_id='" . $row['txn_id'] . "' AND type='CREDIT' ";
$r = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($r) == 0) {
// do the refund
cancel_order($row[order_id]);
credit_transaction($row[order_id], $row[price], $row[currency], $row[txn_id], 'Refund', 'Admin');
} else {
echo "<b>Error: A refund was already found on this system for this order..</b><br>";
}
} else {
echo $row[status];
echo "<b>Error: The system can only refund orders that are completed, please cancel the order first</b><br>";
}
// can only refund completed orders..
}
?>
<script language="JavaScript" type="text/javascript">
function confirmLink(theLink, theConfirmMsg) {
if (!empty($orders)) {
foreach ($orders as $key => $val) {
$orders[$key]['total_fee'] = encode_output($val['total_fee']);
}
}
//$merge = get_user_merge($_SESSION['user_id']);
$smarty->assign('orders', $orders);
}
$smarty->assign('footer', get_footer());
$smarty->display('order_list.html');
exit;
} elseif ($act == 'cancel_order') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'includes/lib_order.php';
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
if (cancel_order($order_id, $_SESSION['user_id'])) {
ecs_header("Location: user.php?act=order_list\n");
exit;
}
} elseif ($act == 'affirm_received') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
$_LANG['buyer'] = '买家';
if (affirm_received($order_id, $_SESSION['user_id'])) {
ecs_header("Location: user.php?act=order_list\n");
exit;
}
} elseif ($act == 'logout') {
if (!isset($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER'])) {
$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
}
debit_transaction($_REQUEST[order_id], $order_row[price], $order_row[currency], $order_row[order_id], $reason_code, 'Admin');
echo "Order completed.";
}
if ($_REQUEST['action'] == 'cancel') {
/*
$sql = "UPDATE orders set status='cancelled' WHERE order_id=".$_REQUEST[order_id];
mysql_query ($sql) or die (mysql_error());
*/
cancel_order($_REQUEST[order_id]);
echo "Order cancelled.";
}
if ($_REQUEST['mass_cancel'] != '') {
echo "cancelling...";
foreach ($_REQUEST[orders] as $oid) {
//echo "$order_id ";
cancel_order($oid);
}
}
if ($_REQUEST['action'] == 'delete') {
delete_order($_REQUEST[order_id]);
echo "Order deleted.";
}
if ($_REQUEST['mass_delete'] != '') {
foreach ($_REQUEST[orders] as $oid) {
delete_order($oid);
}
}
$q_aday = $_REQUEST['q_aday'];
$q_amon = $_REQUEST['q_amon'];
$q_ayear = $_REQUEST['q_ayear'];
$q_name = $_REQUEST['q_name'];
function expire_orders()
{
$now = gmdate("Y-m-d H:i:s");
$unix_time = time();
// get the time of last run
$sql = "SELECT * FROM `config` where `key` = 'LAST_EXPIRE_RUN' ";
$result = @mysql_query($sql) or $DB_ERROR = mysql_error();
$t_row = @mysql_fetch_array($result);
if ($DB_ERROR != '') {
return $DB_ERROR;
}
// Poor man's lock
$sql = "UPDATE `config` SET `val`='YES' WHERE `key`='EXPIRE_RUNNING' AND `val`='NO' ";
$result = @mysql_query($sql) or $DB_ERROR = mysql_error();
if (@mysql_affected_rows() == 0) {
// make sure it cannot be locked for more than 30 secs
// This is in case the proccess fails inside the lock
// and does not release it.
if ($unix_time > $t_row['val'] + 30) {
// release the lock
$sql = "UPDATE `config` SET `val`='NO' WHERE `key`='EXPIRE_RUNNING' ";
$result = @mysql_query($sql) or $DB_ERROR = mysql_error();
// update timestamp
$sql = "REPLACE INTO config (`key`, `val`) VALUES ('LAST_EXPIRE_RUN', '{$unix_time}') ";
$result = @mysql_query($sql) or $DB_ERROR = mysql_error();
}
return;
// this function is already executing in another process.
}
if ($unix_time > $t_row['val'] + 60) {
// did 1 minute elapse since last run?
// Delete Temp Orders
$session_duration = ini_get("session.gc_maxlifetime");
$sql = "SELECT session_id, order_date FROM `temp_orders` WHERE DATE_SUB('{$now}', INTERVAL {$session_duration} SECOND) >= temp_orders.order_date AND session_id <> '" . addslashes(session_id()) . "' ";
$result = mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
delete_temp_order($row['session_id']);
}
// COMPLTED Orders
$sql = "SELECT *, banners.banner_id as BID from orders, banners where status='completed' and orders.banner_id=banners.banner_id AND orders.days_expire <> 0 AND DATE_SUB('{$now}', INTERVAL orders.days_expire DAY) >= orders.date_published AND orders.date_published IS NOT NULL ";
//echo $sql;
$result = mysql_query($sql);
$affected_BIDs = array();
while ($row = @mysql_fetch_array($result)) {
$affected_BIDs[] = $row['BID'];
expire_order($row['order_id']);
}
if (sizeof($affected_BIDs) > 0) {
foreach ($affected_BIDs as $myBID) {
$b_row = load_banner_row($myBID);
if ($b_row['auto_publish'] == 'Y') {
process_image($myBID);
publish_image($myBID);
process_map($myBID);
}
}
}
process_paid_renew_orders();
unset($affected_BIDs);
// unconfirmed Orders
if (HOURS_UNCONFIRMED != 0) {
$sql = "SELECT * from orders where (status='new') AND DATE_SUB('{$now}',INTERVAL " . HOURS_UNCONFIRMED . " HOUR) >= date_stamp AND date_stamp IS NOT NULL ";
$result = @mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
delete_order($row['order_id']);
// Now really delete the order.
$sql = "delete from orders where order_id='" . $row['order_id'] . "'";
@mysql_query($sql);
mds_log("Deleted unconfirmed order - " . $sql);
}
}
// unpaid Orders
if (DAYS_CONFIRMED != 0) {
$sql = "SELECT * from orders where (status='new' OR status='confirmed') AND DATE_SUB('{$now}',INTERVAL " . DAYS_CONFIRMED . " DAY) >= date_stamp AND date_stamp IS NOT NULL ";
$result = @mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
expire_order($row['order_id']);
}
}
// EXPIRED Orders -> Cancel
if (DAYS_RENEW != 0) {
$sql = "SELECT * from orders where status='expired' AND DATE_SUB('{$now}',INTERVAL " . DAYS_RENEW . " DAY) >= date_stamp AND date_stamp IS NOT NULL ";
$result = @mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
cancel_order($row['order_id']);
}
}
// Cancelled Orders -> Delete
if (DAYS_CANCEL != 0) {
$sql = "SELECT * from orders where status='cancelled' AND DATE_SUB('{$now}',INTERVAL " . DAYS_CANCEL . " DAY) >= date_stamp AND date_stamp IS NOT NULL ";
$result = @mysql_query($sql);
while ($row = @mysql_fetch_array($result)) {
delete_order($row['order_id']);
}
}
// update last run time stamp
// update timestamp
$sql = "REPLACE INTO config (`key`, `val`) VALUES ('LAST_EXPIRE_RUN', '{$unix_time}') ";
$result = @mysql_query($sql) or die(mysql_error());
}
// release the poor man's lock
$sql = "UPDATE `config` SET `val`='NO' WHERE `key`='EXPIRE_RUNNING' ";
@mysql_query($sql) or die(mysql_error());
}
break;
case "Pending":
$sql = "select user_id FROM orders where order_id='" . $invoice_id . "'";
$result = mysql_query($sql) or pp_mail_error(mysql_error() . $sql);
$row = mysql_fetch_array($result);
pend_order($row['user_id'], $invoice_id);
// pending_reason : 'address', 'echeck', 'intl', 'multi_currency', 'unilateral', 'upgrade', 'verify', 'other'
break;
case "Refunded":
// reason_code : 'buyer_complaint', 'chargeback', 'guarantee', 'refund', 'other'
cancel_order($invoice_id);
credit_transaction($invoice_id, $mc_gross, $mc_currency, $txn_id, $reason_code, 'PayPal');
break;
case "Reversed":
// reason_code : 'buyer_complaint', 'chargeback', 'guarantee', 'refund', 'other'
cancel_order($invoice_id);
credit_transaction($invoice_id, $mc_gross, $mc_currency, $txn_id, $reason_code, 'PayPal');
break;
default:
break;
}
// end switch
}
// end web payment
}
// end if VERIFIED == true
}
// end if !$fp
}
// end IPN routine
###########################################################################
Copyright (c) 2008 Metathinking Ltd. This file is part of Affiliates For All. Affiliates For All is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. Affiliates For All is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Affiliates For All. If not, see <http://www.gnu.org/licenses/>. */ require_once 'dummycart.inc'; cancel_order(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"; "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Test Shopping Cart</title> </head> <body> <h1>Order Cancelled</h1> <p>Order <?php echo $_GET['orderno']; ?> has been marked as cancelled.</p> </body>
}
if (!isset($_GET['orderid'])) {
throw new Problem(_('No order selected'), _('Hit back and select an order.'));
}
$orderid = get('orderid');
$uid = user_id();
$info = fetch_order_info($orderid);
if ($is_admin) {
$uid = $info->uid;
} else {
if ($info->uid != $uid) {
throw new Problem('Not for your eyes', "This isn't your order.");
}
}
if (isset($_POST['cancel_order'])) {
cancel_order($orderid, $uid);
?>
<div class='content_box'>
<h3>Cancelled!</h3>
<p>Order <?php
echo $orderid;
?>
is no more.</p>
<p>Back to <a href="?page=orderbook">the orderbook</a>.</p>
</div><?php
} else {
$initial_amount = internal_to_numstr($info->initial_amount);
$amount = internal_to_numstr($info->amount);
$type = $info->type;
$initial_want_amount = internal_to_numstr($info->initial_want_amount);
$want_amount = internal_to_numstr($info->want_amount);
function cancelOrder()
{
global $is_logged_in;
$reqid = cancel_order(post('orderid'), $is_logged_in);
return array("status" => "OK");
}
$ptime = get_order_pickup_time(NULL, $order['confirm_time'], $shop['open_time'], $shop['close_time']);
$order['pickup_time_start'] = date('m/d H:i', $ptime['start']);
$order['pickup_time_end'] = date('m/d H:i', $ptime['end']);
$order['pickup_code'] = $pcode['code'];
}
}
$smarty->assign('order', $order);
$smarty->assign('shop', $shop);
$smarty->assign('goods_list', $goods_list);
$smarty->display('user_transaction.dwt');
} elseif ($action == 'cancel_order') {
include_once ROOT_PATH . 'include/lib_transaction.php';
include_once ROOT_PATH . 'include/lib_order.php';
include_once ROOT_PATH . 'include/lib_clips.php';
$order_id = isset($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
if (cancel_order($order_id, $user_id) && !$err->has_error()) {
//ecs_header("Location: user.php?act=order_list\n");
show_message('订单取消成功', $_LANG['order_list_lnk'], 'user.php?act=order_list');
} else {
$err->show('查看订单状态', 'user.php?act=order_detail&order_id=' . $order_id);
}
} elseif ($action == 'address_list') {
include_once ROOT_PATH . 'include/lib_transaction.php';
include_once ROOT_PATH . 'lang/' . $_CFG['lang'] . '/shopping_flow.php';
$smarty->assign('lang', $_LANG);
/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
$smarty->assign('country_list', get_regions());
$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
/* 获得用户所有的收货人信息 */
$consignee_list = get_consignee_list($_SESSION['user_id']);
if (count($consignee_list) < 5 && $_SESSION['user_id'] > 0) {
