function dash_box_SERP_saturation()
{
$moduleset = tep_module('searchengine');
$this->mods = $moduleset->getModules();
$this->se = 'overall';
if (isset($_SESSION['SERP_se'])) {
$this->se = $_SESSION['SERP_se'];
}
if (isset($_GET['SERP_se'])) {
$this->se = $_GET['SERP_se'];
}
$this->se_values .= "<option value='overall'" . ($this->se == 'overall' ? ' selected' : '') . ">Overall</option>";
foreach ($this->mods as $mod) {
$selected = '';
if ($this->se == get_class($mod)) {
$this->se_mod = $mod;
$selected = " selected";
}
$this->se_values .= "<option value='" . get_class($mod) . "'{$selected}>" . $mod->getName() . "</option>";
}
if (!isset($_SESSION['SERP_compare_date'])) {
$this->compare_date = date("m-d-Y", mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')));
} else {
$this->compare_date = $_SESSION['SERP_compare_date'];
}
if (isset($_GET['SERP_compare_date'])) {
$this->compare_date = $_GET['SERP_compare_date'];
}
list($month, $day, $year) = explode('-', $this->compare_date);
$this->compare_time = mktime(0, 0, 0, $month, $day, $year);
tep_session_register('SERP_compare_date');
tep_session_register('SERP_se');
$_SESSION['SERP_compare_date'] = $this->compare_date;
$_SESSION['SERP_se'] = $this->se;
}
function amSessionRegister($strSessionVar, $value = '')
{
if (!amSessionIsRegistered($strSessionVar)) {
tep_session_register($strSessionVar);
$GLOBALS[$strSessionVar] = $value;
}
}
function getSiteLanguage($get = null)
{
$default = array('dir' => 'dutch', 'id' => '1', 'code' => 'nl');
if (!tep_session_is_registered('language') || isset($_GET['language'])) {
if (!tep_session_is_registered('language')) {
tep_session_register('language');
tep_session_register('languages_id');
tep_session_register('languages_code');
}
include DIR_WS_CLASSES . 'language.php';
$lng = new language();
if (isset($_GET['language']) && tep_not_null($_GET['language'])) {
$lng->set_language($_GET['language']);
} else {
$lng->get_browser_language();
if (empty($lng)) {
$lng->set_language(DEFAULT_LANGUAGE);
}
}
$default = array('dir' => $lng->language['directory'], 'id' => $lng->language['id'], 'code' => $lng->language['code']);
}
if ($get && isset($default[$get])) {
return $default[$get];
}
return $default;
}
function add_session($class, $message, $type = 'error')
{
global $messageToStack;
if (!tep_session_is_registered('messageToStack')) {
tep_session_register('messageToStack');
$messageToStack = array();
}
$messageToStack[] = array('class' => $class, 'text' => $message, 'type' => $type);
}
function pre_confirmation_check()
{
global $cartID, $cart;
if (empty($cart->cartID)) {
$cartID = $cart->cartID = $cart->generate_cart_id();
}
if (!tep_session_is_registered('cartID')) {
tep_session_register('cartID');
}
}
function tep_doautologin()
{
global $HTTP_COOKIE_VARS, $cart, $cart_cs, $cart_fv, $cart_pr, $customer_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id;
global $navigation;
if (isset($HTTP_COOKIE_VARS['osC_AutoCookieLogin'])) {
$ip_address = tep_get_ip_address();
$check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where md5(CONCAT(customers_id,customers_email_address,customers_password,'" . $ip_address . "'))= '" . $HTTP_COOKIE_VARS['osC_AutoCookieLogin'] . "'");
if (tep_db_num_rows($check_customer_query)) {
$check_customer = tep_db_fetch_array($check_customer_query);
if (SESSION_RECREATE == 'True') {
tep_session_recreate();
}
$check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = tep_db_fetch_array($check_country_query);
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
if (!tep_session_is_registered('customer_id')) {
tep_session_register('customer_id');
}
if (!tep_session_is_registered('customer_default_address_id')) {
tep_session_register('customer_default_address_id');
}
if (!tep_session_is_registered('customer_first_name')) {
tep_session_register('customer_first_name');
}
if (!tep_session_is_registered('customer_country_id')) {
tep_session_register('customer_country_id');
}
if (!tep_session_is_registered('customer_zone_id')) {
tep_session_register('customer_zone_id');
}
tep_autologincookie(true);
// Save cookie
tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'");
$cart->restore_contents();
// restore cart contents
$cart_cs->restore_contents();
$cart_fv->restore_contents();
$cart_pr->restore_contents();
if (sizeof($navigation->snapshot) > 0) {
$origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
$navigation->clear_snapshot();
tep_redirect($origin_href);
} else {
// tep_redirect(tep_href_link(FILENAME_DEFAULT));
tep_redirect(substr(tep_href_link(getenv('REQUEST_URI')), strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)));
}
}
}
}
function after_process()
{
global $customer_id, $insert_id, $zp_code, $order;
if (tep_session_is_registered('zp_code')) {
tep_session_unregister('zp_code');
}
tep_session_register('zp_code');
$code = md5(md5(microtime()) . md5(rand(0, 100000)));
$zp_code = base64_encode($code . '-' . $customer_id . '-' . $insert_id . '-' . $order->info['total']);
// echo $zp_code;
// die();
return false;
}
function after_process()
{
global $customer_id, $insert_id, $order_totals, $rx_code, $currency, $currencies;
if (tep_session_is_registered('op_code')) {
tep_session_unregister('op_code');
}
tep_session_register('op_code');
$ot_total_value = 0;
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
if ($order_totals[$i]['code'] == 'ot_total') {
$ot_total_value = str_replace(',', '.', round($order_totals[$i]['value'], $currencies->get_decimal_places($currency)));
break;
}
}
$code = md5(md5(microtime()) . md5(rand(0, 100000)));
$op_code = base64_encode($code . '-' . $customer_id . '-' . $insert_id . '-' . $ot_total_value);
return false;
}
function add_cart($products_id, $qty = '')
{
global $new_products_id_in_cart, $customer_id;
if ($this->in_cart($products_id)) {
$this->update_quantity($products_id, $qty);
} else {
if ($qty == '') {
$qty = '1';
}
// if no quantity is supplied, then add '1' to the customers basket
$this->contents[] = array($products_id);
$this->contents[$products_id] = array('qty' => $qty);
// insert into database
if ($customer_id) {
tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id) . "', '" . tep_db_input($qty) . "', '" . date('Ymd') . "')");
}
$new_products_id_in_cart = $products_id;
tep_session_register('new_products_id_in_cart');
}
$this->cleanup();
}
function add_cart($products_id, $qty = '1', $notify = true)
{
global $new_products_id_in_cart, $customer_id;
if ($notify == true) {
$new_products_id_in_cart = $products_id;
tep_session_register('new_products_id_in_cart');
}
if ($this->in_cart($products_id)) {
$this->update_quantity($products_id, $qty);
} else {
// $this->contents[] = array($products_id);
$this->contents[$products_id] = array('qty' => $qty);
// insert into database
if (tep_session_is_registered('customer_id')) {
tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added, customers_basket_type, shops_id) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "', '" . tep_db_input($this->basket_type) . "', '" . (int) SHOP_ID . "')");
}
}
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
Released under the GNU General Public License
*/
require 'includes/application_top.php';
require 'includes/functions/password_funcs.php';
$action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '';
if (tep_not_null($action)) {
switch ($action) {
case 'process':
$username = tep_db_prepare_input($HTTP_POST_VARS['username']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
$check_query = tep_db_query("select id, user_name, user_password from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($username) . "'");
if (tep_db_num_rows($check_query) == 1) {
$check = tep_db_fetch_array($check_query);
if (tep_validate_password($password, $check['user_password'])) {
tep_session_register('admin');
$admin = array('id' => $check['id'], 'username' => $check['user_name']);
if (tep_session_is_registered('redirect_origin')) {
$page = $redirect_origin['page'];
$get_string = '';
if (function_exists('http_build_query')) {
$get_string = http_build_query($redirect_origin['get']);
}
tep_session_unregister('redirect_origin');
tep_redirect(tep_href_link($page, $get_string));
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT));
}
}
}
$messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error');
function _prepareOrder()
{
global $cartID, $customer_id, $order, $order_total_modules;
$insert_order = false;
if (isset($_SESSION[$this->_mbcartID])) {
$order_id = substr($GLOBALS[$this->_mbcartID], strpos($GLOBALS[$this->_mbcartID], '-') + 1);
$curr_check = tep_db_query("select currency from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
$curr = tep_db_fetch_array($curr_check);
if ($curr['currency'] != $order->info['currency'] || $cartID != substr($GLOBALS[$this->_mbcartID], 0, strlen($cartID))) {
$check_query = tep_db_query('select orders_id from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '" limit 1');
if (tep_db_num_rows($check_query) < 1) {
tep_db_query('delete from ' . TABLE_ORDERS . ' where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from ' . TABLE_ORDERS_TOTAL . ' where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . ' where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int) $order_id . '"');
}
$insert_order = true;
}
} else {
$insert_order = true;
}
if ($insert_order == true) {
$order_totals = array();
if (is_array($order_total_modules->modules)) {
reset($order_total_modules->modules);
while (list(, $value) = each($order_total_modules->modules)) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) {
if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {
$order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order);
}
}
}
}
}
$sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']);
tep_db_perform(TABLE_ORDERS, $sql_data_array);
$insert_id = tep_db_insert_id();
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']);
tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
}
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']);
tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
$order_products_id = tep_db_insert_id();
$attributes_exist = '0';
if (isset($order->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'";
$attributes = tep_db_query($attributes_query);
} else {
$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'");
}
$attributes_values = tep_db_fetch_array($attributes);
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']);
tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
}
}
}
}
$GLOBALS[$this->_mbcartID] = $cartID . '-' . $insert_id;
tep_session_register($this->_mbcartID);
}
}
echo tep_show_products_carousel($carousel_products, $carousel_id, '', 'html');
}
}
tep_exit();
break;
case 'load_captcha':
header('Content-type: image/gif');
$image_width = 95;
$image_height = 18;
$font_size = 5;
$rand_number1 = rand(6, 20);
$rand_number2 = rand(1, 15);
$string = $rand_number1 . ($rand_number1 > $rand_number2 ? ' - ' : ' + ') . $rand_number2 . ' = ';
$captcha_value = $rand_number1 > $rand_number2 ? $rand_number1 - $rand_number2 : $rand_number1 + $rand_number2;
if (!tep_session_is_registered('captcha_value')) {
tep_session_register('captcha_value');
}
$string_width = imagefontwidth($font_size) * strlen($string);
$string_height = imagefontheight($font_size);
$image = imagecreate($image_width, $image_height);
$rand1 = rand(0, 255);
$rand2 = rand(0, 255);
$rand3 = rand(0, 255);
$color = imagecolorallocate($image, $rand1, $rand2, $rand3);
$diff = 55;
$rand_new1 = $rand1 > $diff ? $rand1 - $diff : $rand1 + $diff;
$rand_new2 = $rand2 > $diff ? $rand2 - $diff : $rand2 + $diff;
$rand_new3 = $rand3 > $diff ? $rand3 - $diff : $rand3 + $diff;
if ($rand1 + $rand2 + $rand3 > 380) {
$color1 = imagecolorallocate($image, $rand_new1, $rand_new2, $rand_new3);
} else {
$empty_country_file = $empty_country_dir . date('Y-m-d');
$unknown_country_visitors_count = 1;
if (file_exists($empty_country_file)) {
if ($fp = fopen($empty_country_file, 'r')) {
stream_set_timeout($fp, 1);
$content = fread($fp, filesize($empty_country_file));
fclose($fp);
$unknown_country_visitors_count = (int) trim($content) + 1;
}
}
if ($fp = fopen($empty_country_file, 'w')) {
fwrite($fp, $unknown_country_visitors_count);
fclose($fp);
}
$session_country_shop = ':' . SHOP_ID;
tep_session_register('session_country_shop');
}
}
// }
/*
$country_code = $_SERVER['GEOIP_COUNTRY_CODE'];
$all_countries = tep_get_shops_countries(0, 1);
$available_domains = array();
$available_country_name = '';
reset($all_countries);
while (list(, $country_info) = each($all_countries)) {
if ($country_code==$country_info['country_code']) {
$available_domains[] = $country_info['shop_url'];
$available_country_name = $country_info['country_ru_name'];
}
}
// verify the selected billing address
if (is_array($billto) && empty($billto) || is_numeric($billto)) {
$check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $billto . "'");
$check_address = tep_db_fetch_array($check_address_query);
if ($check_address['total'] != '1') {
$billto = $customer_default_address_id;
if (tep_session_is_registered('payment')) {
tep_session_unregister('payment');
}
}
}
}
require DIR_WS_CLASSES . 'order.php';
$order = new order();
if (!tep_session_is_registered('comments')) {
tep_session_register('comments');
}
if (isset($HTTP_POST_VARS['comments']) && tep_not_null($HTTP_POST_VARS['comments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
}
$total_weight = $cart->show_weight();
$total_count = $cart->count_contents();
// load all enabled payment modules
require DIR_WS_CLASSES . 'payment.php';
$payment_modules = new payment();
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PAYMENT;
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
require DIR_WS_INCLUDES . 'template_top.php';
?>
tep_mail($user_info['firstname'] . ' ' . $user_info['lastname'], $user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL);
}
if (sizeof($navigation->snapshot) > 0) {
$origin_href = get_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
$navigation->clear_snapshot();
tep_redirect($origin_href, '', 'SSL');
} else {
tep_redirect(get_href_link(PAGE_LOGIN_CONFIRM, '', 'SSL'));
}
}
} else {
$validator->addError(ERROR_FIELD_LOGIN, ERROR_INVALID_ACCOUNT);
}
if (count($validator->errors) == 0) {
// create new user
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
if (empty($error_log_login)) {
$error_log_login = 1;
tep_session_register('error_log_login');
} else {
$error_log_login++;
tep_session_register('error_log_login');
}
}
}
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/login.html');
function confirmUser($login_email, $login_password)
{
global $login_userid, $login_username;
$user_query = db_query("SELECT user_id, user_username, user_password FROM " . _TABLE_USERS . " WHERE member_email='" . $login_email . "'");
if (db_num_rows($user_query) > 0) {
// email passed
// check password
$user_info = db_fetch_array($user_query);
if (!validate_password($login_password, $user_info['user_password'])) {
// wrong password
return false;
} else {
// password passed ==> correct account
$login_userid = $member_info['user_id'];
$login_username = $member_info['user_username'];
tep_session_register('login_userid');
tep_session_register('login_username');
return true;
}
} else {
return false;
}
}
// include the language translations
require DIR_WS_LANGUAGES . $language . '.php';
// currency
if (!tep_session_is_registered('currency') || isset($HTTP_GET_VARS['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $currency) {
if (!tep_session_is_registered('currency')) {
tep_session_register('currency');
}
if (isset($HTTP_GET_VARS['currency']) && $currencies->is_set($HTTP_GET_VARS['currency'])) {
$currency = $HTTP_GET_VARS['currency'];
} else {
$currency = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && $currencies->is_set(LANGUAGE_CURRENCY) ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
}
}
// navigation history
if (!tep_session_is_registered('navigation') || !is_object($navigation)) {
tep_session_register('navigation');
$navigation = new navigationHistory();
}
$navigation->add_current_page();
// action recorder
include 'includes/classes/action_recorder.php';
// Shopping cart actions
if (isset($HTTP_GET_VARS['action'])) {
// redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled
if ($session_started == false) {
tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));
}
if (DISPLAY_CART == 'true') {
$goto = FILENAME_SHOPPING_CART;
$parameters = array('action', 'cPath', 'products_id', 'pid');
} else {
}
$billto = $HTTP_POST_VARS['address'];
$check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $billto . "'");
$check_address = tep_db_fetch_array($check_address_query);
if ($check_address['total'] == '1') {
if ($reset_payment == true) {
tep_session_unregister('payment');
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
} else {
tep_session_unregister('billto');
}
// no addresses to select from - customer decided to keep the current assigned address
} else {
if (!tep_session_is_registered('billto')) {
tep_session_register('billto');
}
$billto = $customer_default_address_id;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
}
}
// if no billing destination address was selected, use their own address as default
if (!tep_session_is_registered('billto')) {
$billto = $customer_default_address_id;
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL'));
$addresses_count = tep_count_customer_address_book_entries();
require DIR_WS_INCLUDES . 'template_top.php';
?>
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT));
}
}
}
$messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error');
} else {
$messageStack->add(sprintf(ERROR_ACTION_RECORDER, defined('MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES') ? (int) MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES : 5));
}
$actionRecorder->record(false);
break;
case 'logoff':
tep_session_unregister('selected_box');
tep_session_unregister('admin');
if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
tep_session_register('auth_ignore');
$auth_ignore = true;
}
tep_redirect(tep_href_link(FILENAME_DEFAULT));
break;
case 'create':
$check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1");
if (tep_db_num_rows($check_query) == 0) {
$username = tep_db_prepare_input($HTTP_POST_VARS['username']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
tep_db_query("insert into " . TABLE_ADMINISTRATORS . " (user_name, user_password) values ('" . tep_db_input($username) . "', '" . tep_db_input(tep_encrypt_password($password)) . "')");
}
tep_redirect(tep_href_link(FILENAME_LOGIN));
break;
}
}
$free_shipping = true;
include DIR_WS_LANGUAGES . $language . '/modules/order_total/ot_shipping.php';
}
} else {
$free_shipping = false;
}
// process the selected shipping method
if (isset($HTTP_POST_VARS['action']) && $HTTP_POST_VARS['action'] == 'process' && isset($HTTP_POST_VARS['formid']) && $HTTP_POST_VARS['formid'] == $sessiontoken) {
if (!tep_session_is_registered('comments')) {
tep_session_register('comments');
}
if (tep_not_null($HTTP_POST_VARS['comments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
}
if (!tep_session_is_registered('shipping')) {
tep_session_register('shipping');
}
if (tep_count_shipping_modules() > 0 || $free_shipping == true) {
if (isset($HTTP_POST_VARS['shipping']) && strpos($HTTP_POST_VARS['shipping'], '_')) {
$shipping = $HTTP_POST_VARS['shipping'];
list($module, $method) = explode('_', $shipping);
if (is_object(${$module}) || $shipping == 'free_free') {
if ($shipping == 'free_free') {
$quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE;
$quote[0]['methods'][0]['cost'] = '0';
} else {
$quote = $shipping_modules->quote($method, $module);
}
if (isset($quote['error'])) {
tep_session_unregister('shipping');
} else {
function add_cart($products_id, $qty = '1', $attributes = '', $notify = true)
{
global $new_products_id_in_cart, $customer_id;
$products_id_string = tep_get_uprid($products_id, $attributes);
$products_id = tep_get_prid($products_id_string);
if (defined('MAX_QTY_IN_CART') && MAX_QTY_IN_CART > 0 && (int) $qty > MAX_QTY_IN_CART) {
$qty = MAX_QTY_IN_CART;
}
$attributes_pass_check = true;
if (is_array($attributes) && !empty($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
if (!is_numeric($option) || !is_numeric($value)) {
$attributes_pass_check = false;
break;
} else {
$check_query = tep_db_query("select products_attributes_id from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_id = '" . (int) $products_id . "' and options_id = '" . (int) $option . "' and options_values_id = '" . (int) $value . "' limit 1");
if (tep_db_num_rows($check_query) < 1) {
$attributes_pass_check = false;
break;
}
}
}
} elseif (tep_has_product_attributes($products_id)) {
$attributes_pass_check = false;
}
if (is_numeric($products_id) && is_numeric($qty) && $attributes_pass_check == true) {
$check_product_query = tep_db_query("select products_status from " . TABLE_PRODUCTS . " where products_id = '" . (int) $products_id . "'");
$check_product = tep_db_fetch_array($check_product_query);
if ($check_product !== false && $check_product['products_status'] == '1') {
if ($notify == true) {
$new_products_id_in_cart = $products_id;
tep_session_register('new_products_id_in_cart');
}
if ($this->in_cart($products_id_string)) {
$this->update_quantity($products_id_string, $qty, $attributes);
} else {
$this->contents[$products_id_string] = array('qty' => (int) $qty);
// insert into database
if (tep_session_is_registered('customer_id')) {
tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id_string) . "', '" . (int) $qty . "', '" . date('Ymd') . "')");
}
if (is_array($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
$this->contents[$products_id_string]['attributes'][$option] = $value;
// insert into database
if (tep_session_is_registered('customer_id')) {
tep_db_query("insert into " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " (customers_id, products_id, products_options_id, products_options_value_id) values ('" . (int) $customer_id . "', '" . tep_db_input($products_id_string) . "', '" . (int) $option . "', '" . (int) $value . "')");
}
}
}
}
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
}
}
tep_session_register('sendto');
}
$sendto = $HTTP_POST_VARS['address'];
$check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $sendto . "'");
$check_address = tep_db_fetch_array($check_address_query);
if ($check_address['total'] == '1') {
if ($reset_shipping == true) {
tep_session_unregister('shipping');
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
} else {
tep_session_unregister('sendto');
}
} else {
if (!tep_session_is_registered('sendto')) {
tep_session_register('sendto');
}
$sendto = $customer_default_address_id;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
}
}
// if no shipping destination address was selected, use their own address as default
if (!tep_session_is_registered('sendto')) {
$sendto = $customer_default_address_id;
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL'));
$addresses_count = tep_count_customer_address_book_entries();
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
function log_customer_in($email_address = '', $password = '')
{
global $cart;
$error = false;
$check_customer_query = tep_db_query("select customers_id, abo_id, customers_firstname, customers_password, customers_email_address, customers_username, customers_default_address_id, status, customers_group from customers where customers_email_address = '" . tep_db_input($email_address) . "' OR customers_username = '******'");
if (!tep_db_num_rows($check_customer_query)) {
$error = true;
} else {
$check_customer = tep_db_fetch_array($check_customer_query);
if (!tep_validate_password($password, $check_customer['customers_password'])) {
$error = true;
} else {
if ($check_customer['status'] == '0') {
$active_error = true;
} else {
if (SESSION_RECREATE == 'True') {
tep_session_recreate();
}
$check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = tep_db_fetch_array($check_country_query);
global $customer_id, $abo_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id, $customer_group, $customers_email_address, $customers_username;
$customer_id = $check_customer['customers_id'];
$abo_id = $check_customer['abo_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
$customer_group = $check_customer['customers_group'];
$customers_email_address = $check_customer['customers_email_address'];
$customers_username = $check_customer['customers_username'];
tep_session_register('customer_id');
tep_session_register('abo_id');
tep_session_register('customer_default_address_id');
tep_session_register('customer_first_name');
tep_session_register('customer_country_id');
tep_session_register('customer_zone_id');
tep_session_register('customer_group');
tep_session_register('customers_email_address');
tep_session_register('customers_username');
/*autologin*/
$cookie_url_array = parse_url((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . substr(DIR_WS_CATALOG, 0, -1));
$cookie_path = $cookie_url_array['path'];
if (ALLOW_AUTOLOGON == 'false' || $_POST['remember_me'] == '') {
setcookie("email_address", "", time() - 3600, $cookie_path);
// Delete email_address cookie
setcookie("password", "", time() - 3600, $cookie_path);
// Delete password cookie
} else {
setcookie('email_address', $email_address, time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
setcookie('password', $check_customer['customers_password'], time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
}
/*autologin*/
tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'");
$cart->restore_contents();
/*FORUM*/
if (FORUM_ACTIVE == 'true' && FORUM_CROSS_LOGIN == 'true') {
$user->session_begin();
$auth->acl($user->data);
$get_forum_username_query = tep_db_query("SELECT username_clean FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . $_POST['email_address'] . "'");
$get_forum_username = tep_db_fetch_array($get_forum_username_query);
if ($_POST['remember_me'] == 'on') {
$remember = 'true';
} else {
$remember = 'false';
}
$auth->login($get_forum_username['username_clean'], $_POST['password'], $remember, 1, 0);
}
/*FORUM*/
}
}
}
if ($error == true) {
return Translate('Fout: er kon niet ingelogd worden met het ingegeven e-mailadres en wachtwoord. Gelieve opnieuw te proberen');
}
if ($active_error == true) {
return Translate('Uw account werd nog niet geactiveerd.');
}
return true;
}
tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
$address_id = tep_db_insert_id();
tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
if (SESSION_RECREATE == 'True') {
tep_session_recreate();
}
$customer_first_name = $firstname;
$customer_default_address_id = $address_id;
$customer_country_id = $country;
$customer_zone_id = $zone_id;
tep_session_register('customer_id');
tep_session_register('customer_first_name');
tep_session_register('customer_default_address_id');
tep_session_register('customer_country_id');
tep_session_register('customer_zone_id');
// restore cart contents
$cart->restore_contents();
// build the message content
$name = $firstname . ' ' . $lastname;
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_text = sprintf(EMAIL_GREET_MR, $lastname);
} else {
$email_text = sprintf(EMAIL_GREET_MS, $lastname);
}
} else {
$email_text = sprintf(EMAIL_GREET_NONE, $firstname);
}
$email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
require_once 'includes/application_top.php';
if (!tep_session_is_registered('customer_id')) {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}
if (isset($_GET['gift'])) {
$error = true;
$voucher_number = tep_db_prepare_input($_GET['gift']);
$gv_query = tep_db_query("select c.coupon_id, c.coupon_amount from " . TABLE_COUPONS . " c, " . TABLE_COUPON_EMAIL_TRACK . " et where coupon_code = '" . addslashes($voucher_number) . "' and c.coupon_id = et.coupon_id");
if (tep_db_num_rows($gv_query) > 0) {
$coupon = tep_db_fetch_array($gv_query);
$redeem_query = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon['coupon_id'] . "'");
if (tep_db_num_rows($redeem_query) == 0) {
if (!tep_session_is_registered('gv_id')) {
tep_session_register('gv_id');
}
$gv_id = $coupon['coupon_id'];
$error = false;
} else {
$error = true;
}
}
} else {
tep_redirect(FILENAME_DEFAULT);
}
if (!$error && tep_session_is_registered('customer_id')) {
$gv_query = tep_db_query("insert into " . TABLE_COUPON_REDEEM_TRACK . " (coupon_id, customer_id, redeem_date, redeem_ip) values ('" . $coupon['coupon_id'] . "', '" . $customer_id . "', now(),'" . $_SERVER['REMOTE_ADDR'] . "')");
$gv_update = tep_db_query("update " . TABLE_COUPONS . " set coupon_active = 'N' where coupon_id = '" . $coupon['coupon_id'] . "'");
tep_gv_account_update($customer_id, $gv_id);
tep_session_unregister('gv_id');
$validator->addError('Email', 'This e-mail already exists in our database. Please use a different e-mail address or login if you already have an OOKCASH account. ');
}
}
}
if ($security_question == -1) {
$validator->validateGeneral('Custom Question', $custom_question, _ERROR_FIELD_EMPTY);
}
$validator->validateGeneral('Security Answer', $security_answer, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Welcome Mesasge', $welcome_message, _ERROR_FIELD_EMPTY);
} else {
$validator->addError('Turing Number', ERROR_SECURE_CODE_WRONG);
}
if (count($validator->errors) == 0) {
// create new user
if (!tep_session_is_registered('signup_info')) {
tep_session_register('signup_info');
}
$signup_info = array('firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'welcome_message' => $welcome_message, 'security_question' => $security_question == -1 ? $custom_question : $security_question, 'security_answer' => $security_answer);
tep_redirect(get_href_link(PAGE_SIGNUP_PERSONAL, '', 'SSL'));
} else {
postAssign($smarty);
}
}
// get security questions
$security_questions_array = array();
$security_questions_query = db_query('SELECT s.security_questions_id, sd.question FROM ' . _TABLE_SECURITY_QUESTIONS . " s, " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " sd WHERE s.security_questions_id =sd.security_questions_id AND sd.language_id='" . $languages_id . "' ORDER BY s.sort_order, sd.question ");
while ($security_question = db_fetch_array($security_questions_query)) {
$security_questions_array[$security_question['question']] = $security_question['question'];
}
// Customer Question
$security_questions_array[-1] = TEXT_CUSTOM_QUESTION;
if (is_dir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/')) {
$dirHandle = opendir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/');
while (false !== ($module = readdir($dirHandle))) {
if (is_dir(DIR_FS_CATALOG . 'includes/modules/checkout/modules/' . $module) && $module != '.' && $module != '..') {
$object = glob(DIR_FS_CATALOG . 'includes/modules/checkout/modules/' . $module . '/*_module.php');
require_once $object[0];
}
}
}
// @TODO End Of Delete
require_once 'includes/application_top.php';
if ($cart->count_contents() < 1) {
tep_redirect(tep_href_link('shopping_cart.php'));
}
if (!tep_session_is_registered('temp_orders_id')) {
tep_session_register($temp_orders_id);
}
//start logging class
$Analytics = new Analytics();
if (!is_object($Modules)) {
//start modules class
$Modules = new Modules();
}
$last_modified_time = filemtime(__FILE__);
header("Last-Modified: " . date("D, d M Y H:i:s", $last_modified_time) . " GMT");
header("Content-Language: " . $languages_code);
header("content-type: text/html; charset: utf-8");
?>
<!DOCTYPE html>
<html lang="<?php
echo $languages_code;
function before_process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $customer_id, $order, $currency, $order_totals, $cartID;
$error = null;
if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == '3D' && isset($HTTP_POST_VARS['MD']) && tep_not_null($HTTP_POST_VARS['MD']) && isset($HTTP_POST_VARS['PaRes']) && tep_not_null($HTTP_POST_VARS['PaRes'])) {
switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://live.sagepay.com/gateway/service/direct3dcallback.vsp';
break;
case 'Test':
$gateway_url = 'https://test.sagepay.com/gateway/service/direct3dcallback.vsp';
break;
default:
$gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectCallback.asp';
break;
}
$post_string = 'MD=' . $HTTP_POST_VARS['MD'] . '&PARes=' . $HTTP_POST_VARS['PaRes'];
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
} else {
$cc_type = substr($HTTP_POST_VARS['cc_type'], 0, 15);
$cc_owner = substr($HTTP_POST_VARS['cc_owner'], 0, 50);
$cc_number = substr(preg_replace('/[^0-9]/', '', $HTTP_POST_VARS['cc_number_nh-dns']), 0, 20);
$cc_start = null;
$cc_expires = null;
$cc_issue = null;
$cc_cvc = null;
$today = getdate();
$months_array = array();
for ($i = 1; $i < 13; $i++) {
$months_array[] = sprintf('%02d', $i);
}
$year_valid_to_array = array();
for ($i = $today['year']; $i < $today['year'] + 10; $i++) {
$year_valid_to_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i));
}
$year_valid_from_array = array();
for ($i = $today['year'] - 4; $i < $today['year'] + 1; $i++) {
$year_valid_from_array[] = strftime('%Y', mktime(0, 0, 0, 1, 1, $i));
}
if (isset($HTTP_POST_VARS['cc_type']) == false || $this->isCard($cc_type) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardtype', 'SSL'));
}
if (isset($HTTP_POST_VARS['cc_owner']) == false || empty($cc_owner)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardowner', 'SSL'));
}
if (isset($HTTP_POST_VARS['cc_number_nh-dns']) == false || is_numeric($cc_number) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardnumber', 'SSL'));
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
if (in_array($HTTP_POST_VARS['cc_starts_month'], $months_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
if (in_array($HTTP_POST_VARS['cc_starts_year'], $year_valid_from_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
$cc_start = substr($HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 0, 4);
}
if (in_array($HTTP_POST_VARS['cc_expires_month'], $months_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if (in_array($HTTP_POST_VARS['cc_expires_year'], $year_valid_to_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if ($HTTP_POST_VARS['cc_expires_year'] == date('y') && $HTTP_POST_VARS['cc_expires_month'] < date('m')) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
$cc_expires = substr($HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 0, 4);
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') {
$cc_issue = substr($HTTP_POST_VARS['cc_issue_nh-dns'], 0, 2);
if (isset($HTTP_POST_VARS['cc_issue_nh-dns']) == false || empty($cc_issue)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardissue', 'SSL'));
}
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$cc_cvc = substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4);
if (isset($HTTP_POST_VARS['cc_cvc_nh-dns']) == false || empty($cc_cvc)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardcvc', 'SSL'));
}
}
$params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'CardHolder' => $cc_owner, 'CardNumber' => $cc_number, 'ExpiryDate' => $cc_expires, 'CardType' => $cc_type, 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100), 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0');
$ip_address = tep_get_ip_address();
if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
$params['StartDate'] = $cc_start;
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') {
$params['IssueNumber'] = $cc_issue;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$params['CV2'] = $cc_cvc;
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp';
break;
case 'Test':
$gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp';
break;
default:
$gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectGateway.asp';
break;
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
}
$string_array = explode(chr(10), $transaction_response);
$return = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$return[trim($parts[0])] = trim($parts[1]);
}
}
if ($return['Status'] == '3DAUTH') {
global $sage_pay_direct_acsurl, $sage_pay_direct_pareq, $sage_pay_direct_md;
tep_session_register('sage_pay_direct_acsurl');
$sage_pay_direct_acsurl = $return['ACSURL'];
tep_session_register('sage_pay_direct_pareq');
$sage_pay_direct_pareq = $return['PAReq'];
tep_session_register('sage_pay_direct_md');
$sage_pay_direct_md = $return['MD'];
tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL'));
}
if ($return['Status'] != 'OK' && $return['Status'] != 'AUTHENTICATED' && $return['Status'] != 'REGISTERED') {
$error = $this->getErrorMessageNumber($return['StatusDetail']);
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
}
if (isset($return['VPSTxId'])) {
$order->info['comments'] = 'Sage Pay Reference ID: ' . $return['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : '');
}
}
function collect_posts()
{
// All tep_redirect URL parameters modified for this function in v5.13 by Rigadin
global $_POST, $customer_id, $currencies, $cc_id;
if ($_POST['gv_redeem_code']) {
// get some info from the coupon table
$coupon_query = tep_db_query("select coupon_id, coupon_amount, coupon_type, coupon_minimum_order,uses_per_coupon, uses_per_user, restrict_to_products,restrict_to_categories from " . TABLE_COUPONS . " where coupon_code='" . $_POST['gv_redeem_code'] . "' and coupon_active='Y'");
$coupon_result = tep_db_fetch_array($coupon_query);
if ($coupon_result['coupon_type'] != 'G') {
if (tep_db_num_rows($coupon_query) == 0) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_NO_INVALID_REDEEM_COUPON), 'SSL'));
}
$date_query = tep_db_query("select coupon_start_date from " . TABLE_COUPONS . " where coupon_start_date <= now() and coupon_code='" . $_POST['gv_redeem_code'] . "'");
if (tep_db_num_rows($date_query) == 0) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_STARTDATE_COUPON), 'SSL'));
}
$date_query = tep_db_query("select coupon_expire_date from " . TABLE_COUPONS . " where coupon_expire_date >= now() and coupon_code='" . $_POST['gv_redeem_code'] . "'");
if (tep_db_num_rows($date_query) == 0) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_FINISDATE_COUPON), 'SSL'));
}
$coupon_count = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon_result['coupon_id'] . "'");
$coupon_count_customer = tep_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon_result['coupon_id'] . "' and customer_id = '" . $customer_id . "'");
if (tep_db_num_rows($coupon_count) >= $coupon_result['uses_per_coupon'] && $coupon_result['uses_per_coupon'] > 0) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_USES_COUPON . $coupon_result['uses_per_coupon'] . TIMES), 'SSL'));
}
if (tep_db_num_rows($coupon_count_customer) >= $coupon_result['uses_per_user'] && $coupon_result['uses_per_user'] > 0) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_INVALID_USES_USER_COUPON . $coupon_result['uses_per_user'] . TIMES), 'SSL'));
}
//**si** 09-11-05
/*
if ($coupon_result['coupon_type']=='S') {
$coupon_amount = $order->info['shipping_cost'];
} else {
$coupon_amount = $currencies->format($coupon_result['coupon_amount']) . ' ';
}
if ($coupon_result['coupon_type']=='P') $coupon_amount = $coupon_result['coupon_amount'] . '% ';
if ($coupon_result['coupon_minimum_order']>0) $coupon_amount .= 'on orders greater than ' . $coupon_result['coupon_minimum_order'];
if (!tep_session_is_registered('cc_id')) tep_session_register('cc_id'); //Fred - this was commented out before
$cc_id = $coupon_result['coupon_id']; //Fred ADDED, set the global and session variable
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error='.$this->code.'&error=' . urlencode(ERROR_REDEEMED_AMOUNT), 'SSL')); // Added in v5.13a by Rigadin
*/
global $order, $ot_coupon, $currency;
// BEGIN >>> CCVG 5.15 - Custom Modification - fix Coupon code redemption error
// Moved code up a few lines
if (!tep_session_is_registered('cc_id')) {
tep_session_register('cc_id');
}
$cc_id = $coupon_result['coupon_id'];
// END <<< CCVG 5.15 - Custom Modification - fix Coupon code redemption error
$coupon_amount = tep_round($ot_coupon->pre_confirmation_check($order->info['subtotal']), $currencies->currencies[$currency]['decimal_places']);
// $cc_id
/* you will need to uncomment this if your tax order total module is AFTER shipping eg you have all of your tax, including tax from shipping module, in your tax total.
if ($coupon_result['coupon_type']=='S') {
//if not zero rated add vat to shipping
$coupon_amount = tep_add_tax($coupon_amount, '17.5');
}
*/
$coupon_amount_out = $currencies->format($coupon_amount) . ' ';
if ($coupon_result['coupon_minimum_order'] > 0) {
$coupon_amount_out .= 'on orders greater than ' . $currencies->format($coupon_result['coupon_minimum_order']);
}
if (!tep_session_is_registered('cc_id')) {
tep_session_register('cc_id');
}
$cc_id = $coupon_result['coupon_id'];
if (strlen($cc_id) > 0 && $coupon_amount == 0) {
$err_msg = ERROR_REDEEMED_AMOUNT . ERROR_REDEEMED_AMOUNT_ZERO;
} else {
$err_msg = ERROR_REDEEMED_AMOUNT . $coupon_amount_out;
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode($err_msg), 'SSL'));
//**si** 09-11-05 end
// $_SESSION['cc_id'] = $coupon_result['coupon_id']; //Fred commented out, do not use $_SESSION[] due to backward comp. Reference the global var instead.
}
// ENDIF valid coupon code
}
// ENDIF code entered
// v5.13a If no code entered and coupon redeem button pressed, give an alarm
if ($_POST['submit_redeem_coupon_x']) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . urlencode(ERROR_NO_REDEEM_CODE), 'SSL'));
}
}
