function smn_address_format($address_format_id, $address, $html, $boln, $eoln) { $address_format_query = smn_db_query("select address_format as format from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . (int) $address_format_id . "'"); $address_format = smn_db_fetch_array($address_format_query); $company = smn_output_string_protected($address['company']); if (isset($address['firstname']) && smn_not_null($address['firstname'])) { $firstname = smn_output_string_protected($address['firstname']); $lastname = smn_output_string_protected($address['lastname']); } elseif (isset($address['name']) && smn_not_null($address['name'])) { $firstname = smn_output_string_protected($address['name']); $lastname = ''; } else { $firstname = ''; $lastname = ''; } $street = smn_output_string_protected($address['street_address']); $suburb = smn_output_string_protected($address['suburb']); $city = smn_output_string_protected($address['city']); $state = smn_output_string_protected($address['state']); if (isset($address['country_id']) && smn_not_null($address['country_id'])) { $country = smn_get_country_name($address['country_id']); if (isset($address['zone_id']) && smn_not_null($address['zone_id'])) { $state = smn_get_zone_code($address['country_id'], $address['zone_id'], $state); } } elseif (isset($address['country']) && smn_not_null($address['country'])) { $country = smn_output_string_protected($address['country']['title']); } else { $country = ''; } $postcode = smn_output_string_protected($address['postcode']); $zip = $postcode; if ($html) { // HTML Mode $HR = '<hr>'; $hr = '<hr>'; if ($boln == '' && $eoln == "\n") { // Values not specified, use rational defaults $CR = '<br>'; $cr = '<br>'; $eoln = $cr; } else { // Use values supplied $CR = $eoln . $boln; $cr = $CR; } } else { // Text Mode $CR = $eoln; $cr = $CR; $HR = '----------------------------------------'; $hr = '----------------------------------------'; } $statecomma = ''; $streets = $street; if ($suburb != '') { $streets = $street . $cr . $suburb; } if ($country == '') { $country = smn_output_string_protected($address['country']); } if ($state != '') { $statecomma = $state . ', '; } $fmt = $address_format['format']; eval("\$address = \"{$fmt}\";"); if (ACCOUNT_COMPANY == 'true' && smn_not_null($company)) { $address = $company . $cr . $address; } return $address; }
smn_db_query($sql); // Get Sum of payment (Could have changed since last selects); $sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n "; $affiliate_billing_query = smn_db_query($sql); $affiliate_billing = smn_db_fetch_array($affiliate_billing_query); // Get affiliate Informations $sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n "; $affiliate_query = smn_db_query($sql); $affiliate = smn_db_fetch_array($affiliate_query); // Get need tax informations for the affiliate $affiliate_tax_rate = smn_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']); $affiliate_tax = smn_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2); // Netto-Provision $affiliate_payment_total = $affiliate_billing['affiliate_payment'] + $affiliate_tax; // Bill the order $affiliate['affiliate_state'] = smn_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']); $sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'], 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']); smn_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array); $insert_id = smn_db_insert_id(); // Set the Sales to Final State smn_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99"); // Notify Affiliate if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') { $check_status_query = smn_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id "); $check_status = smn_db_fetch_array($check_status_query); $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'NONSSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . smn_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT; smn_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS); } } $messageStack->add_session(SUCCESS_BILLING, 'success'); smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit'));
function process_button() { global $customer_id, $order, $languages_id, $currencies, $currency, $cart_PayPal_IPN_ID, $shipping, $store; if (MODULE_PAYMENT_PAYPAL_IPN_CURRENCY == 'Selected Currency') { $my_currency = $currency; } else { $my_currency = substr(MODULE_PAYMENT_PAYPAL_IPN_CURRENCY, 5); } if (!in_array($my_currency, array('AUD', 'CAD', 'CHF', 'CZK', 'DKK', 'EUR', 'GBP', 'HKD', 'HUF', 'JPY', 'NOK', 'NZD', 'PLN', 'SEK', 'SGD', 'USD'))) { $my_currency = 'USD'; } $parameters = array(); if (MODULE_PAYMENT_PAYPAL_IPN_TRANSACTION_TYPE == 'Per Item' && MODULE_PAYMENT_PAYPAL_IPN_EWP_STATUS == 'False') { $parameters['cmd'] = '_cart'; $parameters['upload'] = '1'; for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $item = $i + 1; $tax_value = $order->products[$i]['tax'] / 100 * $order->products[$i]['final_price']; $parameters['item_name_' . $item] = $order->products[$i]['name']; $parameters['amount_' . $item] = number_format($order->products[$i]['final_price'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); $parameters['tax_' . $item] = number_format($tax_value * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); $parameters['quantity_' . $item] = $order->products[$i]['qty']; if ($i == 0) { if (DISPLAY_PRICE_WITH_TAX == 'true') { $shipping_cost = $order->info['shipping_cost']; } else { $module = substr($shipping['id'], 0, strpos($shipping['id'], '_')); $shipping_tax = smn_get_tax_rate($GLOBALS[$module]->tax_class, $order->delivery['country']['id'], $order->delivery['zone_id']); $shipping_cost = $order->info['shipping_cost'] + smn_calculate_tax($order->info['shipping_cost'], $shipping_tax); } $parameters['shipping_' . $item] = number_format($shipping_cost * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); } if (isset($order->products[$i]['attributes'])) { for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'"; $attributes = smn_db_query($attributes_query); } else { $attributes = smn_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'"); } $attributes_values = smn_db_fetch_array($attributes); // Unfortunately PayPal only accepts two attributes per product, so the // third attribute onwards will not be shown at PayPal $parameters['on' . $j . '_' . $item] = $attributes_values['products_options_name']; $parameters['os' . $j . '_' . $item] = $attributes_values['products_options_values_name']; } } } $parameters['num_cart_items'] = $item; if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') { // PandA.nl move tax to total amount $parameters['amount'] = number_format(($order->info['total'] - $order->info['shipping_cost']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); } else { // default $parameters['amount'] = number_format(($order->info['total'] - $order->info['shipping_cost'] - $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); } } else { $parameters['cmd'] = '_ext-enter'; $parameters['redirect_cmd'] = '_xclick'; $parameters['item_name'] = STORE_NAME; $parameters['shipping'] = '0'; if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') { // PandA.nl move tax to total amount $parameters['amount'] = number_format($order->info['total'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); } else { // default $parameters['amount'] = number_format(($order->info['total'] - $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); } } // billing information fix by gravyface // for pre-populating the fiels if customer has no PayPal account // only works if force shipping address is set to FALSE $state_abbr = smn_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); $name = $order->delivery['firstname'] . ' ' . $order->delivery['lastname']; $parameters['business'] = MODULE_PAYMENT_PAYPAL_IPN_ID; // let's check what has been defined in the shop admin for the shipping address if (MODULE_PAYMENT_PAYPAL_IPN_SHIPPING == 'True') { // all that matters is that we send the variables // what they contain is irrelevant as PayPal overwrites it with the customer's confirmed PayPal address // so what we send is probably not what we'll get back $parameters['no_shipping'] = '2'; $parameters['address_name'] = $name; $parameters['address_street'] = $order->delivery['street_address']; $parameters['address_city'] = $order->delivery['city']; $parameters['address_zip'] = $order->delivery['postcode']; $parameters['address_state'] = $state_abbr; $parameters['address_country_code'] = $order->delivery['country']['iso_code_2']; $parameters['address_country'] = $order->delivery['country']['title']; $parameters['payer_email'] = $order->customer['email_address']; } else { $parameters['no_shipping'] = '1'; $parameters['H_PhoneNumber'] = $order->customer['telephone']; $parameters['first_name'] = $order->delivery['firstname']; $parameters['last_name'] = $order->delivery['lastname']; $parameters['address1'] = $order->delivery['street_address']; $parameters['address2'] = $order->delivery['suburb']; $parameters['city'] = $order->delivery['city']; $parameters['zip'] = $order->delivery['postcode']; $parameters['state'] = $state_abbr; $parameters['country'] = $order->delivery['country']['iso_code_2']; $parameters['email'] = $order->customer['email_address']; } $parameters['currency_code'] = $my_currency; $parameters['invoice'] = substr($cart_PayPal_IPN_ID, strpos($cart_PayPal_IPN_ID, '-') + 1); $parameters['custom'] = $customer_id; $parameters['no_note'] = '1'; $parameters['notify_url'] = smn_href_link('ext/modules/payment/paypal_ipn/ipn.php', '', 'NONSSL', false, false); $parameters['cbt'] = CONFIRMATION_BUTTON_TEXT; $parameters['return'] = smn_href_link(FILENAME_CHECKOUT_PROCESS, 'ID=' . $store->get_store_id(), 'NONSSL'); $parameters['cancel_return'] = smn_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'NONSSL'); $parameters['bn'] = $this->identifier; $parameters['lc'] = $order->customer['country']['iso_code_2']; if (smn_not_null(MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE)) { $parameters['page_style'] = MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE; } if (MODULE_PAYMENT_PAYPAL_IPN_EWP_STATUS == 'True') { $parameters['cert_id'] = MODULE_PAYMENT_PAYPAL_IPN_EWP_CERT_ID; $random_string = rand(100000, 999999) . '-' . $customer_id . '-'; $data = ''; while (list($key, $value) = each($parameters)) { $data .= $key . '=' . $value . "\n"; } $fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', 'w'); fwrite($fp, $data); fclose($fp); unset($data); if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) { openssl_pkcs7_sign(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY), file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY); unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt'); // remove headers from the signature $signed = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt'); $signed = explode("\n\n", $signed); $signed = base64_decode($signed[1]); $fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', 'w'); fwrite($fp, $signed); fclose($fp); unset($signed); openssl_pkcs7_encrypt(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY); unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt'); // remove headers from the encrypted result $data = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'); $data = explode("\n\n", $data); $data = '-----BEGIN PKCS7-----' . "\n" . $data[1] . "\n" . '-----END PKCS7-----'; unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'); } else { exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -sign -in ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt -signer ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY . ' -inkey ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY . ' -outform der -nodetach -binary > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt'); unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt'); exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -encrypt -des3 -binary -outform pem ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY . ' < ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'); unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt'); $fh = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', 'rb'); $data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt')); fclose($fh); unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'); } $process_button_string = smn_draw_hidden_field('cmd', '_s-xclick') . smn_draw_hidden_field('encrypted', $data); unset($data); } else { while (list($key, $value) = each($parameters)) { echo smn_draw_hidden_field($key, $value); } } return $process_button_string; }