function dash_box_SERP_saturation() { $moduleset = tep_module('searchengine'); $this->mods = $moduleset->getModules(); $this->se = 'overall'; if (isset($_SESSION['SERP_se'])) { $this->se = $_SESSION['SERP_se']; } if (isset($_GET['SERP_se'])) { $this->se = $_GET['SERP_se']; } $this->se_values .= "<option value='overall'" . ($this->se == 'overall' ? ' selected' : '') . ">Overall</option>"; foreach ($this->mods as $mod) { $selected = ''; if ($this->se == get_class($mod)) { $this->se_mod = $mod; $selected = " selected"; } $this->se_values .= "<option value='" . get_class($mod) . "'{$selected}>" . $mod->getName() . "</option>"; } if (!isset($_SESSION['SERP_compare_date'])) { $this->compare_date = date("m-d-Y", mktime(0, 0, 0, date('m') - 1, date('d'), date('Y'))); } else { $this->compare_date = $_SESSION['SERP_compare_date']; } if (isset($_GET['SERP_compare_date'])) { $this->compare_date = $_GET['SERP_compare_date']; } list($month, $day, $year) = explode('-', $this->compare_date); $this->compare_time = mktime(0, 0, 0, $month, $day, $year); tep_session_register('SERP_compare_date'); tep_session_register('SERP_se'); $_SESSION['SERP_compare_date'] = $this->compare_date; $_SESSION['SERP_se'] = $this->se; }
function amSessionRegister($strSessionVar, $value = '') { if (!amSessionIsRegistered($strSessionVar)) { tep_session_register($strSessionVar); $GLOBALS[$strSessionVar] = $value; } }
function getSiteLanguage($get = null) { $default = array('dir' => 'dutch', 'id' => '1', 'code' => 'nl'); if (!tep_session_is_registered('language') || isset($_GET['language'])) { if (!tep_session_is_registered('language')) { tep_session_register('language'); tep_session_register('languages_id'); tep_session_register('languages_code'); } include DIR_WS_CLASSES . 'language.php'; $lng = new language(); if (isset($_GET['language']) && tep_not_null($_GET['language'])) { $lng->set_language($_GET['language']); } else { $lng->get_browser_language(); if (empty($lng)) { $lng->set_language(DEFAULT_LANGUAGE); } } $default = array('dir' => $lng->language['directory'], 'id' => $lng->language['id'], 'code' => $lng->language['code']); } if ($get && isset($default[$get])) { return $default[$get]; } return $default; }
function add_session($class, $message, $type = 'error') { global $messageToStack; if (!tep_session_is_registered('messageToStack')) { tep_session_register('messageToStack'); $messageToStack = array(); } $messageToStack[] = array('class' => $class, 'text' => $message, 'type' => $type); }
function pre_confirmation_check() { global $cartID, $cart; if (empty($cart->cartID)) { $cartID = $cart->cartID = $cart->generate_cart_id(); } if (!tep_session_is_registered('cartID')) { tep_session_register('cartID'); } }
function tep_doautologin() { global $HTTP_COOKIE_VARS, $cart, $cart_cs, $cart_fv, $cart_pr, $customer_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id; global $navigation; if (isset($HTTP_COOKIE_VARS['osC_AutoCookieLogin'])) { $ip_address = tep_get_ip_address(); $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where md5(CONCAT(customers_id,customers_email_address,customers_password,'" . $ip_address . "'))= '" . $HTTP_COOKIE_VARS['osC_AutoCookieLogin'] . "'"); if (tep_db_num_rows($check_customer_query)) { $check_customer = tep_db_fetch_array($check_customer_query); if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'"); $check_country = tep_db_fetch_array($check_country_query); $customer_id = $check_customer['customers_id']; $customer_default_address_id = $check_customer['customers_default_address_id']; $customer_first_name = $check_customer['customers_firstname']; $customer_country_id = $check_country['entry_country_id']; $customer_zone_id = $check_country['entry_zone_id']; if (!tep_session_is_registered('customer_id')) { tep_session_register('customer_id'); } if (!tep_session_is_registered('customer_default_address_id')) { tep_session_register('customer_default_address_id'); } if (!tep_session_is_registered('customer_first_name')) { tep_session_register('customer_first_name'); } if (!tep_session_is_registered('customer_country_id')) { tep_session_register('customer_country_id'); } if (!tep_session_is_registered('customer_zone_id')) { tep_session_register('customer_zone_id'); } tep_autologincookie(true); // Save cookie tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'"); $cart->restore_contents(); // restore cart contents $cart_cs->restore_contents(); $cart_fv->restore_contents(); $cart_pr->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } else { // tep_redirect(tep_href_link(FILENAME_DEFAULT)); tep_redirect(substr(tep_href_link(getenv('REQUEST_URI')), strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG))); } } } }
function after_process() { global $customer_id, $insert_id, $zp_code, $order; if (tep_session_is_registered('zp_code')) { tep_session_unregister('zp_code'); } tep_session_register('zp_code'); $code = md5(md5(microtime()) . md5(rand(0, 100000))); $zp_code = base64_encode($code . '-' . $customer_id . '-' . $insert_id . '-' . $order->info['total']); // echo $zp_code; // die(); return false; }
function after_process() { global $customer_id, $insert_id, $order_totals, $rx_code, $currency, $currencies; if (tep_session_is_registered('op_code')) { tep_session_unregister('op_code'); } tep_session_register('op_code'); $ot_total_value = 0; for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { if ($order_totals[$i]['code'] == 'ot_total') { $ot_total_value = str_replace(',', '.', round($order_totals[$i]['value'], $currencies->get_decimal_places($currency))); break; } } $code = md5(md5(microtime()) . md5(rand(0, 100000))); $op_code = base64_encode($code . '-' . $customer_id . '-' . $insert_id . '-' . $ot_total_value); return false; }
function add_cart($products_id, $qty = '') { global $new_products_id_in_cart, $customer_id; if ($this->in_cart($products_id)) { $this->update_quantity($products_id, $qty); } else { if ($qty == '') { $qty = '1'; } // if no quantity is supplied, then add '1' to the customers basket $this->contents[] = array($products_id); $this->contents[$products_id] = array('qty' => $qty); // insert into database if ($customer_id) { tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id) . "', '" . tep_db_input($qty) . "', '" . date('Ymd') . "')"); } $new_products_id_in_cart = $products_id; tep_session_register('new_products_id_in_cart'); } $this->cleanup(); }
function add_cart($products_id, $qty = '1', $notify = true) { global $new_products_id_in_cart, $customer_id; if ($notify == true) { $new_products_id_in_cart = $products_id; tep_session_register('new_products_id_in_cart'); } if ($this->in_cart($products_id)) { $this->update_quantity($products_id, $qty); } else { // $this->contents[] = array($products_id); $this->contents[$products_id] = array('qty' => $qty); // insert into database if (tep_session_is_registered('customer_id')) { tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added, customers_basket_type, shops_id) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "', '" . tep_db_input($this->basket_type) . "', '" . (int) SHOP_ID . "')"); } } $this->cleanup(); // assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure $this->cartID = $this->generate_cart_id(); }
Released under the GNU General Public License */ require 'includes/application_top.php'; require 'includes/functions/password_funcs.php'; $action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'process': $username = tep_db_prepare_input($HTTP_POST_VARS['username']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); $check_query = tep_db_query("select id, user_name, user_password from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($username) . "'"); if (tep_db_num_rows($check_query) == 1) { $check = tep_db_fetch_array($check_query); if (tep_validate_password($password, $check['user_password'])) { tep_session_register('admin'); $admin = array('id' => $check['id'], 'username' => $check['user_name']); if (tep_session_is_registered('redirect_origin')) { $page = $redirect_origin['page']; $get_string = ''; if (function_exists('http_build_query')) { $get_string = http_build_query($redirect_origin['get']); } tep_session_unregister('redirect_origin'); tep_redirect(tep_href_link($page, $get_string)); } else { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } } } $messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error');
function _prepareOrder() { global $cartID, $customer_id, $order, $order_total_modules; $insert_order = false; if (isset($_SESSION[$this->_mbcartID])) { $order_id = substr($GLOBALS[$this->_mbcartID], strpos($GLOBALS[$this->_mbcartID], '-') + 1); $curr_check = tep_db_query("select currency from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'"); $curr = tep_db_fetch_array($curr_check); if ($curr['currency'] != $order->info['currency'] || $cartID != substr($GLOBALS[$this->_mbcartID], 0, strlen($cartID))) { $check_query = tep_db_query('select orders_id from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '" limit 1'); if (tep_db_num_rows($check_query) < 1) { tep_db_query('delete from ' . TABLE_ORDERS . ' where orders_id = "' . (int) $order_id . '"'); tep_db_query('delete from ' . TABLE_ORDERS_TOTAL . ' where orders_id = "' . (int) $order_id . '"'); tep_db_query('delete from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '"'); tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = "' . (int) $order_id . '"'); tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . ' where orders_id = "' . (int) $order_id . '"'); tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int) $order_id . '"'); } $insert_order = true; } } else { $insert_order = true; } if ($insert_order == true) { $order_totals = array(); if (is_array($order_total_modules->modules)) { reset($order_total_modules->modules); while (list(, $value) = each($order_total_modules->modules)) { $class = substr($value, 0, strrpos($value, '.')); if ($GLOBALS[$class]->enabled) { for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) { if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) { $order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order); } } } } } $sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']); tep_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = tep_db_insert_id(); for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']); tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']); tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = tep_db_insert_id(); $attributes_exist = '0'; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"; $attributes = tep_db_query($attributes_query); } else { $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'"); } $attributes_values = tep_db_fetch_array($attributes); $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']); tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } } } } $GLOBALS[$this->_mbcartID] = $cartID . '-' . $insert_id; tep_session_register($this->_mbcartID); } }
echo tep_show_products_carousel($carousel_products, $carousel_id, '', 'html'); } } tep_exit(); break; case 'load_captcha': header('Content-type: image/gif'); $image_width = 95; $image_height = 18; $font_size = 5; $rand_number1 = rand(6, 20); $rand_number2 = rand(1, 15); $string = $rand_number1 . ($rand_number1 > $rand_number2 ? ' - ' : ' + ') . $rand_number2 . ' = '; $captcha_value = $rand_number1 > $rand_number2 ? $rand_number1 - $rand_number2 : $rand_number1 + $rand_number2; if (!tep_session_is_registered('captcha_value')) { tep_session_register('captcha_value'); } $string_width = imagefontwidth($font_size) * strlen($string); $string_height = imagefontheight($font_size); $image = imagecreate($image_width, $image_height); $rand1 = rand(0, 255); $rand2 = rand(0, 255); $rand3 = rand(0, 255); $color = imagecolorallocate($image, $rand1, $rand2, $rand3); $diff = 55; $rand_new1 = $rand1 > $diff ? $rand1 - $diff : $rand1 + $diff; $rand_new2 = $rand2 > $diff ? $rand2 - $diff : $rand2 + $diff; $rand_new3 = $rand3 > $diff ? $rand3 - $diff : $rand3 + $diff; if ($rand1 + $rand2 + $rand3 > 380) { $color1 = imagecolorallocate($image, $rand_new1, $rand_new2, $rand_new3); } else {
$empty_country_file = $empty_country_dir . date('Y-m-d'); $unknown_country_visitors_count = 1; if (file_exists($empty_country_file)) { if ($fp = fopen($empty_country_file, 'r')) { stream_set_timeout($fp, 1); $content = fread($fp, filesize($empty_country_file)); fclose($fp); $unknown_country_visitors_count = (int) trim($content) + 1; } } if ($fp = fopen($empty_country_file, 'w')) { fwrite($fp, $unknown_country_visitors_count); fclose($fp); } $session_country_shop = ':' . SHOP_ID; tep_session_register('session_country_shop'); } } // } /* $country_code = $_SERVER['GEOIP_COUNTRY_CODE']; $all_countries = tep_get_shops_countries(0, 1); $available_domains = array(); $available_country_name = ''; reset($all_countries); while (list(, $country_info) = each($all_countries)) { if ($country_code==$country_info['country_code']) { $available_domains[] = $country_info['shop_url']; $available_country_name = $country_info['country_ru_name']; } }
// verify the selected billing address if (is_array($billto) && empty($billto) || is_numeric($billto)) { $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $billto . "'"); $check_address = tep_db_fetch_array($check_address_query); if ($check_address['total'] != '1') { $billto = $customer_default_address_id; if (tep_session_is_registered('payment')) { tep_session_unregister('payment'); } } } } require DIR_WS_CLASSES . 'order.php'; $order = new order(); if (!tep_session_is_registered('comments')) { tep_session_register('comments'); } if (isset($HTTP_POST_VARS['comments']) && tep_not_null($HTTP_POST_VARS['comments'])) { $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); } $total_weight = $cart->show_weight(); $total_count = $cart->count_contents(); // load all enabled payment modules require DIR_WS_CLASSES . 'payment.php'; $payment_modules = new payment(); require DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PAYMENT; $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); require DIR_WS_INCLUDES . 'template_top.php'; ?>
tep_mail($user_info['firstname'] . ' ' . $user_info['lastname'], $user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL); } if (sizeof($navigation->snapshot) > 0) { $origin_href = get_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href, '', 'SSL'); } else { tep_redirect(get_href_link(PAGE_LOGIN_CONFIRM, '', 'SSL')); } } } else { $validator->addError(ERROR_FIELD_LOGIN, ERROR_INVALID_ACCOUNT); } if (count($validator->errors) == 0) { // create new user } else { postAssign($smarty); $smarty->assign('validerrors', $validator->errors); } } else { if (empty($error_log_login)) { $error_log_login = 1; tep_session_register('error_log_login'); } else { $error_log_login++; tep_session_register('error_log_login'); } } } $smarty->assign('validerrors', $validator->errors); $_html_main_content = $smarty->fetch('home/login.html');
function confirmUser($login_email, $login_password) { global $login_userid, $login_username; $user_query = db_query("SELECT user_id, user_username, user_password FROM " . _TABLE_USERS . " WHERE member_email='" . $login_email . "'"); if (db_num_rows($user_query) > 0) { // email passed // check password $user_info = db_fetch_array($user_query); if (!validate_password($login_password, $user_info['user_password'])) { // wrong password return false; } else { // password passed ==> correct account $login_userid = $member_info['user_id']; $login_username = $member_info['user_username']; tep_session_register('login_userid'); tep_session_register('login_username'); return true; } } else { return false; } }
// include the language translations require DIR_WS_LANGUAGES . $language . '.php'; // currency if (!tep_session_is_registered('currency') || isset($HTTP_GET_VARS['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $currency) { if (!tep_session_is_registered('currency')) { tep_session_register('currency'); } if (isset($HTTP_GET_VARS['currency']) && $currencies->is_set($HTTP_GET_VARS['currency'])) { $currency = $HTTP_GET_VARS['currency']; } else { $currency = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && $currencies->is_set(LANGUAGE_CURRENCY) ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } } // navigation history if (!tep_session_is_registered('navigation') || !is_object($navigation)) { tep_session_register('navigation'); $navigation = new navigationHistory(); } $navigation->add_current_page(); // action recorder include 'includes/classes/action_recorder.php'; // Shopping cart actions if (isset($HTTP_GET_VARS['action'])) { // redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled if ($session_started == false) { tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE)); } if (DISPLAY_CART == 'true') { $goto = FILENAME_SHOPPING_CART; $parameters = array('action', 'cPath', 'products_id', 'pid'); } else {
} $billto = $HTTP_POST_VARS['address']; $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $billto . "'"); $check_address = tep_db_fetch_array($check_address_query); if ($check_address['total'] == '1') { if ($reset_payment == true) { tep_session_unregister('payment'); } tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } else { tep_session_unregister('billto'); } // no addresses to select from - customer decided to keep the current assigned address } else { if (!tep_session_is_registered('billto')) { tep_session_register('billto'); } $billto = $customer_default_address_id; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } } // if no billing destination address was selected, use their own address as default if (!tep_session_is_registered('billto')) { $billto = $customer_default_address_id; } $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL')); $addresses_count = tep_count_customer_address_book_entries(); require DIR_WS_INCLUDES . 'template_top.php'; ?>
} else { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } } } $messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error'); } else { $messageStack->add(sprintf(ERROR_ACTION_RECORDER, defined('MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES') ? (int) MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES : 5)); } $actionRecorder->record(false); break; case 'logoff': tep_session_unregister('selected_box'); tep_session_unregister('admin'); if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_PW'])) { tep_session_register('auth_ignore'); $auth_ignore = true; } tep_redirect(tep_href_link(FILENAME_DEFAULT)); break; case 'create': $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1"); if (tep_db_num_rows($check_query) == 0) { $username = tep_db_prepare_input($HTTP_POST_VARS['username']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); tep_db_query("insert into " . TABLE_ADMINISTRATORS . " (user_name, user_password) values ('" . tep_db_input($username) . "', '" . tep_db_input(tep_encrypt_password($password)) . "')"); } tep_redirect(tep_href_link(FILENAME_LOGIN)); break; } }
$free_shipping = true; include DIR_WS_LANGUAGES . $language . '/modules/order_total/ot_shipping.php'; } } else { $free_shipping = false; } // process the selected shipping method if (isset($HTTP_POST_VARS['action']) && $HTTP_POST_VARS['action'] == 'process' && isset($HTTP_POST_VARS['formid']) && $HTTP_POST_VARS['formid'] == $sessiontoken) { if (!tep_session_is_registered('comments')) { tep_session_register('comments'); } if (tep_not_null($HTTP_POST_VARS['comments'])) { $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); } if (!tep_session_is_registered('shipping')) { tep_session_register('shipping'); } if (tep_count_shipping_modules() > 0 || $free_shipping == true) { if (isset($HTTP_POST_VARS['shipping']) && strpos($HTTP_POST_VARS['shipping'], '_')) { $shipping = $HTTP_POST_VARS['shipping']; list($module, $method) = explode('_', $shipping); if (is_object(${$module}) || $shipping == 'free_free') { if ($shipping == 'free_free') { $quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE; $quote[0]['methods'][0]['cost'] = '0'; } else { $quote = $shipping_modules->quote($method, $module); } if (isset($quote['error'])) { tep_session_unregister('shipping'); } else {
function add_cart($products_id, $qty = '1', $attributes = '', $notify = true) { global $new_products_id_in_cart, $customer_id; $products_id_string = tep_get_uprid($products_id, $attributes); $products_id = tep_get_prid($products_id_string); if (defined('MAX_QTY_IN_CART') && MAX_QTY_IN_CART > 0 && (int) $qty > MAX_QTY_IN_CART) { $qty = MAX_QTY_IN_CART; } $attributes_pass_check = true; if (is_array($attributes) && !empty($attributes)) { reset($attributes); while (list($option, $value) = each($attributes)) { if (!is_numeric($option) || !is_numeric($value)) { $attributes_pass_check = false; break; } else { $check_query = tep_db_query("select products_attributes_id from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_id = '" . (int) $products_id . "' and options_id = '" . (int) $option . "' and options_values_id = '" . (int) $value . "' limit 1"); if (tep_db_num_rows($check_query) < 1) { $attributes_pass_check = false; break; } } } } elseif (tep_has_product_attributes($products_id)) { $attributes_pass_check = false; } if (is_numeric($products_id) && is_numeric($qty) && $attributes_pass_check == true) { $check_product_query = tep_db_query("select products_status from " . TABLE_PRODUCTS . " where products_id = '" . (int) $products_id . "'"); $check_product = tep_db_fetch_array($check_product_query); if ($check_product !== false && $check_product['products_status'] == '1') { if ($notify == true) { $new_products_id_in_cart = $products_id; tep_session_register('new_products_id_in_cart'); } if ($this->in_cart($products_id_string)) { $this->update_quantity($products_id_string, $qty, $attributes); } else { $this->contents[$products_id_string] = array('qty' => (int) $qty); // insert into database if (tep_session_is_registered('customer_id')) { tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id_string) . "', '" . (int) $qty . "', '" . date('Ymd') . "')"); } if (is_array($attributes)) { reset($attributes); while (list($option, $value) = each($attributes)) { $this->contents[$products_id_string]['attributes'][$option] = $value; // insert into database if (tep_session_is_registered('customer_id')) { tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " (customers_id, products_id, products_options_id, products_options_value_id) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id_string) . "', '" . (int) $option . "', '" . (int) $value . "')"); } } } } $this->cleanup(); // assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure $this->cartID = $this->generate_cart_id(); } } }
tep_session_register('sendto'); } $sendto = $HTTP_POST_VARS['address']; $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $sendto . "'"); $check_address = tep_db_fetch_array($check_address_query); if ($check_address['total'] == '1') { if ($reset_shipping == true) { tep_session_unregister('shipping'); } tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } else { tep_session_unregister('sendto'); } } else { if (!tep_session_is_registered('sendto')) { tep_session_register('sendto'); } $sendto = $customer_default_address_id; tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } } // if no shipping destination address was selected, use their own address as default if (!tep_session_is_registered('sendto')) { $sendto = $customer_default_address_id; } $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL')); $addresses_count = tep_count_customer_address_book_entries(); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php
function log_customer_in($email_address = '', $password = '') { global $cart; $error = false; $check_customer_query = tep_db_query("select customers_id, abo_id, customers_firstname, customers_password, customers_email_address, customers_username, customers_default_address_id, status, customers_group from customers where customers_email_address = '" . tep_db_input($email_address) . "' OR customers_username = '******'"); if (!tep_db_num_rows($check_customer_query)) { $error = true; } else { $check_customer = tep_db_fetch_array($check_customer_query); if (!tep_validate_password($password, $check_customer['customers_password'])) { $error = true; } else { if ($check_customer['status'] == '0') { $active_error = true; } else { if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'"); $check_country = tep_db_fetch_array($check_country_query); global $customer_id, $abo_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id, $customer_group, $customers_email_address, $customers_username; $customer_id = $check_customer['customers_id']; $abo_id = $check_customer['abo_id']; $customer_default_address_id = $check_customer['customers_default_address_id']; $customer_first_name = $check_customer['customers_firstname']; $customer_country_id = $check_country['entry_country_id']; $customer_zone_id = $check_country['entry_zone_id']; $customer_group = $check_customer['customers_group']; $customers_email_address = $check_customer['customers_email_address']; $customers_username = $check_customer['customers_username']; tep_session_register('customer_id'); tep_session_register('abo_id'); tep_session_register('customer_default_address_id'); tep_session_register('customer_first_name'); tep_session_register('customer_country_id'); tep_session_register('customer_zone_id'); tep_session_register('customer_group'); tep_session_register('customers_email_address'); tep_session_register('customers_username'); /*autologin*/ $cookie_url_array = parse_url((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . substr(DIR_WS_CATALOG, 0, -1)); $cookie_path = $cookie_url_array['path']; if (ALLOW_AUTOLOGON == 'false' || $_POST['remember_me'] == '') { setcookie("email_address", "", time() - 3600, $cookie_path); // Delete email_address cookie setcookie("password", "", time() - 3600, $cookie_path); // Delete password cookie } else { setcookie('email_address', $email_address, time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0); setcookie('password', $check_customer['customers_password'], time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0); } /*autologin*/ tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'"); $cart->restore_contents(); /*FORUM*/ if (FORUM_ACTIVE == 'true' && FORUM_CROSS_LOGIN == 'true') { $user->session_begin(); $auth->acl($user->data); $get_forum_username_query = tep_db_query("SELECT username_clean FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . $_POST['email_address'] . "'"); $get_forum_username = tep_db_fetch_array($get_forum_username_query); if ($_POST['remember_me'] == 'on') { $remember = 'true'; } else { $remember = 'false'; } $auth->login($get_forum_username['username_clean'], $_POST['password'], $remember, 1, 0); } /*FORUM*/ } } } if ($error == true) { return Translate('Fout: er kon niet ingelogd worden met het ingegeven e-mailadres en wachtwoord. Gelieve opnieuw te proberen'); } if ($active_error == true) { return Translate('Uw account werd nog niet geactiveerd.'); } return true; }
tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); $address_id = tep_db_insert_id(); tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'"); tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())"); if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $customer_first_name = $firstname; $customer_default_address_id = $address_id; $customer_country_id = $country; $customer_zone_id = $zone_id; tep_session_register('customer_id'); tep_session_register('customer_first_name'); tep_session_register('customer_default_address_id'); tep_session_register('customer_country_id'); tep_session_register('customer_zone_id'); // restore cart contents $cart->restore_contents(); // build the message content $name = $firstname . ' ' . $lastname; if (ACCOUNT_GENDER == 'true') { if ($gender == 'm') { $email_text = sprintf(EMAIL_GREET_MR, $lastname); } else { $email_text = sprintf(EMAIL_GREET_MS, $lastname); } } else { $email_text = sprintf(EMAIL_GREET_NONE, $firstname); } $email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING; tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
require_once 'includes/application_top.php'; if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } if (isset($_GET['gift'])) { $error = true; $voucher_number = tep_db_prepare_input($_GET['gift']); $gv_query = tep_db_query("select c.coupon_id, c.coupon_amount from " . TABLE_COUPONS . " c, " . TABLE_COUPON_EMAIL_TRACK . " et where coupon_code = '" . addslashes($voucher_number) . "' and c.coupon_id = et.coupon_id"); if (tep_db_num_rows($gv_query) > 0) { $coupon = tep_db_fetch_array($gv_query); $redeem_query = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon['coupon_id'] . "'"); if (tep_db_num_rows($redeem_query) == 0) { if (!tep_session_is_registered('gv_id')) { tep_session_register('gv_id'); } $gv_id = $coupon['coupon_id']; $error = false; } else { $error = true; } } } else { tep_redirect(FILENAME_DEFAULT); } if (!$error && tep_session_is_registered('customer_id')) { $gv_query = tep_db_query("insert into " . TABLE_COUPON_REDEEM_TRACK . " (coupon_id, customer_id, redeem_date, redeem_ip) values ('" . $coupon['coupon_id'] . "', '" . $customer_id . "', now(),'" . $_SERVER['REMOTE_ADDR'] . "')"); $gv_update = tep_db_query("update " . TABLE_COUPONS . " set coupon_active = 'N' where coupon_id = '" . $coupon['coupon_id'] . "'"); tep_gv_account_update($customer_id, $gv_id); tep_session_unregister('gv_id');
$validator->addError('Email', 'This e-mail already exists in our database. Please use a different e-mail address or login if you already have an OOKCASH account. '); } } } if ($security_question == -1) { $validator->validateGeneral('Custom Question', $custom_question, _ERROR_FIELD_EMPTY); } $validator->validateGeneral('Security Answer', $security_answer, _ERROR_FIELD_EMPTY); $validator->validateGeneral('Welcome Mesasge', $welcome_message, _ERROR_FIELD_EMPTY); } else { $validator->addError('Turing Number', ERROR_SECURE_CODE_WRONG); } if (count($validator->errors) == 0) { // create new user if (!tep_session_is_registered('signup_info')) { tep_session_register('signup_info'); } $signup_info = array('firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'welcome_message' => $welcome_message, 'security_question' => $security_question == -1 ? $custom_question : $security_question, 'security_answer' => $security_answer); tep_redirect(get_href_link(PAGE_SIGNUP_PERSONAL, '', 'SSL')); } else { postAssign($smarty); } } // get security questions $security_questions_array = array(); $security_questions_query = db_query('SELECT s.security_questions_id, sd.question FROM ' . _TABLE_SECURITY_QUESTIONS . " s, " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " sd WHERE s.security_questions_id =sd.security_questions_id AND sd.language_id='" . $languages_id . "' ORDER BY s.sort_order, sd.question "); while ($security_question = db_fetch_array($security_questions_query)) { $security_questions_array[$security_question['question']] = $security_question['question']; } // Customer Question $security_questions_array[-1] = TEXT_CUSTOM_QUESTION;
if (is_dir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/')) { $dirHandle = opendir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/'); while (false !== ($module = readdir($dirHandle))) { if (is_dir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/' . $module) && $module != '.' && $module != '..') { $object = glob(DIR_FS_CATALOG . 'includes/modules/checkout/modules/' . $module . '/*_module.php'); require_once $object[0]; } } } // @TODO End Of Delete require_once 'includes/application_top.php'; if ($cart->count_contents() < 1) { tep_redirect(tep_href_link('shopping_cart.php')); } if (!tep_session_is_registered('temp_orders_id')) { tep_session_register($temp_orders_id); } //start logging class $Analytics = new Analytics(); if (!is_object($Modules)) { //start modules class $Modules = new Modules(); } $last_modified_time = filemtime(__FILE__); header("Last-Modified: " . date("D, d M Y H:i:s", $last_modified_time) . " GMT"); header("Content-Language: " . $languages_code); header("content-type: text/html; charset: utf-8"); ?> <!DOCTYPE html> <html lang="<?php echo $languages_code;
function before_process() { global $HTTP_GET_VARS, $HTTP_POST_VARS, $customer_id, $order, $currency, $order_totals, $cartID; $error = null; if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == '3D' && isset($HTTP_POST_VARS['MD']) && tep_not_null($HTTP_POST_VARS['MD']) && isset($HTTP_POST_VARS['PaRes']) && tep_not_null($HTTP_POST_VARS['PaRes'])) { switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://live.sagepay.com/gateway/service/direct3dcallback.vsp'; break; case 'Test': $gateway_url = 'https://test.sagepay.com/gateway/service/direct3dcallback.vsp'; break; default: $gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectCallback.asp'; break; } $post_string = 'MD=' . $HTTP_POST_VARS['MD'] . '&PARes=' . $HTTP_POST_VARS['PaRes']; $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); } else { $cc_type = substr($HTTP_POST_VARS['cc_type'], 0, 15); $cc_owner = substr($HTTP_POST_VARS['cc_owner'], 0, 50); $cc_number = substr(preg_replace('/[^0-9]/', '', $HTTP_POST_VARS['cc_number_nh-dns']), 0, 20); $cc_start = null; $cc_expires = null; $cc_issue = null; $cc_cvc = null; $today = getdate(); $months_array = array(); for ($i = 1; $i < 13; $i++) { $months_array[] = sprintf('%02d', $i); } $year_valid_to_array = array(); for ($i = $today['year']; $i < $today['year'] + 10; $i++) { $year_valid_to_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i)); } $year_valid_from_array = array(); for ($i = $today['year'] - 4; $i < $today['year'] + 1; $i++) { $year_valid_from_array[] = strftime('%Y', mktime(0, 0, 0, 1, 1, $i)); } if (isset($HTTP_POST_VARS['cc_type']) == false || $this->isCard($cc_type) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardtype', 'SSL')); } if (isset($HTTP_POST_VARS['cc_owner']) == false || empty($cc_owner)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardowner', 'SSL')); } if (isset($HTTP_POST_VARS['cc_number_nh-dns']) == false || is_numeric($cc_number) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardnumber', 'SSL')); } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') { if (in_array($HTTP_POST_VARS['cc_starts_month'], $months_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL')); } if (in_array($HTTP_POST_VARS['cc_starts_year'], $year_valid_from_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL')); } $cc_start = substr($HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 0, 4); } if (in_array($HTTP_POST_VARS['cc_expires_month'], $months_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } if (in_array($HTTP_POST_VARS['cc_expires_year'], $year_valid_to_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } if ($HTTP_POST_VARS['cc_expires_year'] == date('y') && $HTTP_POST_VARS['cc_expires_month'] < date('m')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } $cc_expires = substr($HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 0, 4); if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') { $cc_issue = substr($HTTP_POST_VARS['cc_issue_nh-dns'], 0, 2); if (isset($HTTP_POST_VARS['cc_issue_nh-dns']) == false || empty($cc_issue)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardissue', 'SSL')); } } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') { $cc_cvc = substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4); if (isset($HTTP_POST_VARS['cc_cvc_nh-dns']) == false || empty($cc_cvc)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardcvc', 'SSL')); } } $params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'CardHolder' => $cc_owner, 'CardNumber' => $cc_number, 'ExpiryDate' => $cc_expires, 'CardType' => $cc_type, 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100), 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0'); $ip_address = tep_get_ip_address(); if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) { $params['ClientIPAddress'] = $ip_address; } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Payment') { $params['TxType'] = 'PAYMENT'; } elseif (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Deferred') { $params['TxType'] = 'DEFERRED'; } else { $params['TxType'] = 'AUTHENTICATE'; } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') { $params['StartDate'] = $cc_start; } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') { $params['IssueNumber'] = $cc_issue; } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') { $params['CV2'] = $cc_cvc; } if ($params['BillingCountry'] == 'US') { $params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], ''); } if ($params['DeliveryCountry'] == 'US') { $params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], ''); } $contents = array(); foreach ($order->products as $product) { $product_name = $product['name']; if (isset($product['attributes'])) { foreach ($product['attributes'] as $att) { $product_name .= '; ' . $att['option'] . '=' . $att['value']; } } $contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']); } foreach ($order_totals as $ot) { $contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']); } $params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp'; break; case 'Test': $gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp'; break; default: $gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectGateway.asp'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); } $string_array = explode(chr(10), $transaction_response); $return = array(); foreach ($string_array as $string) { if (strpos($string, '=') != false) { $parts = explode('=', $string, 2); $return[trim($parts[0])] = trim($parts[1]); } } if ($return['Status'] == '3DAUTH') { global $sage_pay_direct_acsurl, $sage_pay_direct_pareq, $sage_pay_direct_md; tep_session_register('sage_pay_direct_acsurl'); $sage_pay_direct_acsurl = $return['ACSURL']; tep_session_register('sage_pay_direct_pareq'); $sage_pay_direct_pareq = $return['PAReq']; tep_session_register('sage_pay_direct_md'); $sage_pay_direct_md = $return['MD']; tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL')); } if ($return['Status'] != 'OK' && $return['Status'] != 'AUTHENTICATED' && $return['Status'] != 'REGISTERED') { $error = $this->getErrorMessageNumber($return['StatusDetail']); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL')); } if (isset($return['VPSTxId'])) { $order->info['comments'] = 'Sage Pay Reference ID: ' . $return['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : ''); } }
function collect_posts() { // All tep_redirect URL parameters modified for this function in v5.13 by Rigadin global $_POST, $customer_id, $currencies, $cc_id; if ($_POST['gv_redeem_code']) { // get some info from the coupon table $coupon_query = tep_db_query("select coupon_id, coupon_amount, coupon_type, coupon_minimum_order,uses_per_coupon, uses_per_user, restrict_to_products,restrict_to_categories from " . TABLE_COUPONS . " where coupon_code='" . $_POST['gv_redeem_code'] . "' and coupon_active='Y'"); $coupon_result = tep_db_fetch_array($coupon_query); if ($coupon_result['coupon_type'] != 'G') { if (tep_db_num_rows($coupon_query) == 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_NO_INVALID_REDEEM_COUPON), 'SSL')); } $date_query = tep_db_query("select coupon_start_date from " . TABLE_COUPONS . " where coupon_start_date <= now() and coupon_code='" . $_POST['gv_redeem_code'] . "'"); if (tep_db_num_rows($date_query) == 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_STARTDATE_COUPON), 'SSL')); } $date_query = tep_db_query("select coupon_expire_date from " . TABLE_COUPONS . " where coupon_expire_date >= now() and coupon_code='" . $_POST['gv_redeem_code'] . "'"); if (tep_db_num_rows($date_query) == 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_FINISDATE_COUPON), 'SSL')); } $coupon_count = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon_result['coupon_id'] . "'"); $coupon_count_customer = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon_result['coupon_id'] . "' and customer_id = '" . $customer_id . "'"); if (tep_db_num_rows($coupon_count) >= $coupon_result['uses_per_coupon'] && $coupon_result['uses_per_coupon'] > 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_USES_COUPON . $coupon_result['uses_per_coupon'] . TIMES), 'SSL')); } if (tep_db_num_rows($coupon_count_customer) >= $coupon_result['uses_per_user'] && $coupon_result['uses_per_user'] > 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_USES_USER_COUPON . $coupon_result['uses_per_user'] . TIMES), 'SSL')); } //**si** 09-11-05 /* if ($coupon_result['coupon_type']=='S') { $coupon_amount = $order->info['shipping_cost']; } else { $coupon_amount = $currencies->format($coupon_result['coupon_amount']) . ' '; } if ($coupon_result['coupon_type']=='P') $coupon_amount = $coupon_result['coupon_amount'] . '% '; if ($coupon_result['coupon_minimum_order']>0) $coupon_amount .= 'on orders greater than ' . $coupon_result['coupon_minimum_order']; if (!tep_session_is_registered('cc_id')) tep_session_register('cc_id'); //Fred - this was commented out before $cc_id = $coupon_result['coupon_id']; //Fred ADDED, set the global and session variable tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error='.$this->code.'&error=' . urlencode(ERROR_REDEEMED_AMOUNT), 'SSL')); // Added in v5.13a by Rigadin */ global $order, $ot_coupon, $currency; // BEGIN >>> CCVG 5.15 - Custom Modification - fix Coupon code redemption error // Moved code up a few lines if (!tep_session_is_registered('cc_id')) { tep_session_register('cc_id'); } $cc_id = $coupon_result['coupon_id']; // END <<< CCVG 5.15 - Custom Modification - fix Coupon code redemption error $coupon_amount = tep_round($ot_coupon->pre_confirmation_check($order->info['subtotal']), $currencies->currencies[$currency]['decimal_places']); // $cc_id /* you will need to uncomment this if your tax order total module is AFTER shipping eg you have all of your tax, including tax from shipping module, in your tax total. if ($coupon_result['coupon_type']=='S') { //if not zero rated add vat to shipping $coupon_amount = tep_add_tax($coupon_amount, '17.5'); } */ $coupon_amount_out = $currencies->format($coupon_amount) . ' '; if ($coupon_result['coupon_minimum_order'] > 0) { $coupon_amount_out .= 'on orders greater than ' . $currencies->format($coupon_result['coupon_minimum_order']); } if (!tep_session_is_registered('cc_id')) { tep_session_register('cc_id'); } $cc_id = $coupon_result['coupon_id']; if (strlen($cc_id) > 0 && $coupon_amount == 0) { $err_msg = ERROR_REDEEMED_AMOUNT . ERROR_REDEEMED_AMOUNT_ZERO; } else { $err_msg = ERROR_REDEEMED_AMOUNT . $coupon_amount_out; } tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode($err_msg), 'SSL')); //**si** 09-11-05 end // $_SESSION['cc_id'] = $coupon_result['coupon_id']; //Fred commented out, do not use $_SESSION[] due to backward comp. Reference the global var instead. } // ENDIF valid coupon code } // ENDIF code entered // v5.13a If no code entered and coupon redeem button pressed, give an alarm if ($_POST['submit_redeem_coupon_x']) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_NO_REDEEM_CODE), 'SSL')); } }