/**
* Place order
* @param $order_number
* @param $cc_params
*/
public static function PlaceOrder($order_number, $cc_params = array())
{
global $objLogin;
if (SITE_MODE == 'demo') {
self::$message = draw_important_message(_OPERATION_BLOCKED, false);
return false;
}
$sql = 'SELECT id, order_number
FROM ' . TABLE_ORDERS . '
WHERE
order_number = \'' . $order_number . '\' AND
customer_id = ' . (int) $objLogin->GetLoggedID() . ' AND
status = 0
ORDER BY id DESC';
$result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY);
if ($result[1] > 0) {
$sql = 'UPDATE ' . TABLE_ORDERS . '
SET
created_date = \'' . date('Y-m-d H:i:s') . '\',
status_changed = \'' . date('Y-m-d H:i:s') . '\',
cc_type = \'' . $cc_params['cc_type'] . '\',
cc_holder_name = \'' . $cc_params['cc_holder_name'] . '\',
cc_number = AES_ENCRYPT(\'' . $cc_params['cc_number'] . '\', \'' . PASSWORDS_ENCRYPT_KEY . '\'),
cc_expires_month = \'' . $cc_params['cc_expires_month'] . '\',
cc_expires_year = \'' . $cc_params['cc_expires_year'] . '\',
cc_cvv_code = \'' . $cc_params['cc_cvv_code'] . '\',
status = \'1\'
WHERE order_number = \'' . $order_number . '\'';
database_void_query($sql);
if (Orders::SendOrderEmail($order_number, 'accepted', $objLogin->GetLoggedID())) {
// OK
} else {
//$this->message = draw_success_message(_ORDER_SEND_MAIL_ERROR, false);
}
return true;
} else {
self::$message = _ORDER_ERROR;
return false;
}
}
break;
}
$sql = 'UPDATE ' . TABLE_ORDERS . ' SET
status = 2,
transaction_number = \'' . $transaction_number . '\',
payment_date = \'' . date('Y-m-d H:i:s') . '\',
status_changed = \'' . date('Y-m-d H:i:s') . '\',
payment_type = 1,
payment_method = ' . $payment_method . '
WHERE order_number = \'' . $order_number . '\'';
if (database_void_query($sql)) {
// update customer orders/listings amount
Customers::SetOrdersForCustomer($result[0]['customer_id'], '+');
Customers::SetListingsForCustomer($result[0]['customer_id'], $result[0]['advertise_plan_id'], $result[0]['listings_amount'], '+');
// send email to customer
if (Orders::SendOrderEmail($order_number, 'completed', $result[0]['customer_id'])) {
write_log($sql, _ORDER_PLACED_MSG);
} else {
write_log($sql, _ORDER_ERROR);
}
} else {
write_log($sql, mysql_error());
}
} else {
write_log($sql, 'Error: no records found. ' . mysql_error());
}
break;
case 'Updated':
// 3 updated already
$msg = 'Thank you for your order!<br><br>';
break;
$mode = 'view';
} else {
$msg = draw_important_message($objOrders->error, false);
$mode = 'add';
}
} else {
if ($action == 'edit') {
$mode = 'edit';
} else {
if ($action == 'update') {
if ($objOrders->UpdateRecord($rid)) {
if ($order_status == '2' || $order_status == '3') {
// update payment date
$objOrders->UpdatePaymentDate($rid);
// send email to customer
Orders::SendOrderEmail($order_number, 'completed', $customer_id);
} else {
if ($order_status == '4') {
// remove listings from customer
}
}
$msg = draw_success_message(_UPDATING_OPERATION_COMPLETED, false);
$mode = 'view';
} else {
$msg = draw_important_message($objOrders->error, false);
$mode = 'edit';
}
} else {
if ($action == 'delete') {
if ($objOrders->DeleteRecord($rid)) {
$msg = draw_success_message(_DELETING_OPERATION_COMPLETED, false);
