/** * Place order * @param $order_number * @param $cc_params */ public static function PlaceOrder($order_number, $cc_params = array()) { global $objLogin; if (SITE_MODE == 'demo') { self::$message = draw_important_message(_OPERATION_BLOCKED, false); return false; } $sql = 'SELECT id, order_number FROM ' . TABLE_ORDERS . ' WHERE order_number = \'' . $order_number . '\' AND customer_id = ' . (int) $objLogin->GetLoggedID() . ' AND status = 0 ORDER BY id DESC'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { $sql = 'UPDATE ' . TABLE_ORDERS . ' SET created_date = \'' . date('Y-m-d H:i:s') . '\', status_changed = \'' . date('Y-m-d H:i:s') . '\', cc_type = \'' . $cc_params['cc_type'] . '\', cc_holder_name = \'' . $cc_params['cc_holder_name'] . '\', cc_number = AES_ENCRYPT(\'' . $cc_params['cc_number'] . '\', \'' . PASSWORDS_ENCRYPT_KEY . '\'), cc_expires_month = \'' . $cc_params['cc_expires_month'] . '\', cc_expires_year = \'' . $cc_params['cc_expires_year'] . '\', cc_cvv_code = \'' . $cc_params['cc_cvv_code'] . '\', status = \'1\' WHERE order_number = \'' . $order_number . '\''; database_void_query($sql); if (Orders::SendOrderEmail($order_number, 'accepted', $objLogin->GetLoggedID())) { // OK } else { //$this->message = draw_success_message(_ORDER_SEND_MAIL_ERROR, false); } return true; } else { self::$message = _ORDER_ERROR; return false; } }
break; } $sql = 'UPDATE ' . TABLE_ORDERS . ' SET status = 2, transaction_number = \'' . $transaction_number . '\', payment_date = \'' . date('Y-m-d H:i:s') . '\', status_changed = \'' . date('Y-m-d H:i:s') . '\', payment_type = 1, payment_method = ' . $payment_method . ' WHERE order_number = \'' . $order_number . '\''; if (database_void_query($sql)) { // update customer orders/listings amount Customers::SetOrdersForCustomer($result[0]['customer_id'], '+'); Customers::SetListingsForCustomer($result[0]['customer_id'], $result[0]['advertise_plan_id'], $result[0]['listings_amount'], '+'); // send email to customer if (Orders::SendOrderEmail($order_number, 'completed', $result[0]['customer_id'])) { write_log($sql, _ORDER_PLACED_MSG); } else { write_log($sql, _ORDER_ERROR); } } else { write_log($sql, mysql_error()); } } else { write_log($sql, 'Error: no records found. ' . mysql_error()); } break; case 'Updated': // 3 updated already $msg = 'Thank you for your order!<br><br>'; break;
$mode = 'view'; } else { $msg = draw_important_message($objOrders->error, false); $mode = 'add'; } } else { if ($action == 'edit') { $mode = 'edit'; } else { if ($action == 'update') { if ($objOrders->UpdateRecord($rid)) { if ($order_status == '2' || $order_status == '3') { // update payment date $objOrders->UpdatePaymentDate($rid); // send email to customer Orders::SendOrderEmail($order_number, 'completed', $customer_id); } else { if ($order_status == '4') { // remove listings from customer } } $msg = draw_success_message(_UPDATING_OPERATION_COMPLETED, false); $mode = 'view'; } else { $msg = draw_important_message($objOrders->error, false); $mode = 'edit'; } } else { if ($action == 'delete') { if ($objOrders->DeleteRecord($rid)) { $msg = draw_success_message(_DELETING_OPERATION_COMPLETED, false);