public function postProcess() { ${"GLOBALS"}["blpimnned"] = "id_order_seller"; $dbodbxes = "id_order"; ${${"GLOBALS"}["qusrvgm"]} = (int) Tools::getValue("id_order"); if (!$this->context->customer->isLogged() && !Tools::getValue("secure_key")) { Tools::redirect("index.php?controller=authentication&back=my-account"); } ${"GLOBALS"}["tvasln"] = "id_order"; $jpdhpfqcj = "id_order"; if (!(int) Configuration::get("PS_INVOICE")) { die(Tools::displayError("Invoices are disabled in this shop.")); } if (isset(${${"GLOBALS"}["qusrvgm"]}) && Validate::isUnsignedId(${$dbodbxes})) { ${${"GLOBALS"}["ymjzko"]} = new Order(${$jpdhpfqcj}); } if (!isset(${${"GLOBALS"}["ymjzko"]}) || !Validate::isLoadedObject(${${"GLOBALS"}["ymjzko"]})) { die(Tools::displayError("Invoice not found")); } ${${"GLOBALS"}["vewtbt"]} = AgileSellerManager::getObjectOwnerID("order", ${${"GLOBALS"}["tvasln"]}); ${${"GLOBALS"}["sokafjqdei"]} = AgileSellerManager::getLinkedSellerID($this->context->customer->id); if (${${"GLOBALS"}["blpimnned"]} != ${${"GLOBALS"}["sokafjqdei"]}) { die(Tools::displayError("You do not have permission to see this invoice")); } if (Tools::isSubmit("secure_key") && $order->secure_key != Tools::getValue("secure_key")) { die(Tools::displayError("You do not have permission to see this invoice")); } if (!OrderState::invoiceAvailable($order->getCurrentState()) && !$order->invoice_number) { die(Tools::displayError("No invoice available")); } $this->order = ${${"GLOBALS"}["ymjzko"]}; }
/** * Add several tags in database and link it to a product * * @param integer $id_lang Language id * @param integer $id_product Product id to link tags with * @param string $string Tags separated by commas * * @return boolean Operation success */ public static function addTags($id_lang, $id_product, $string) { if (!Validate::isUnsignedId($id_lang) or Validate::isTagsList($string)) { Tools::displayError(); } $tmpTab = array_unique(array_map('trim', explode(',', $string))); $list = array(); foreach ($tmpTab as $tag) { if (!Validate::isGenericName($tag)) { return false; } $tagObj = new Tag(NULL, trim($tag), intval($id_lang)); /* Tag does not exist in database */ if (!Validate::isLoadedObject($tagObj)) { $tagObj->name = trim($tag); $tagObj->id_lang = intval($id_lang); $tagObj->add(); } if (!in_array($tagObj->id, $list)) { $list[] = $tagObj->id; } } $data = ''; foreach ($list as $tag) { $data .= '(' . intval($tag) . ',' . intval($id_product) . '),'; } $data = rtrim($data, ','); if (!Validate::isValuesList($list)) { Tools::displayError(); } return Db::getInstance()->Execute(' INSERT INTO `' . _DB_PREFIX_ . 'product_tag` (`id_tag`, `id_product`) VALUES ' . $data); }
/** * Initialize category controller * @see FrontController::init() */ public function init() { // Get category ID $id_category = (int) Tools::getValue('id_category'); if (!$id_category || !Validate::isUnsignedId($id_category)) { $this->errors[] = Tools::displayError('Missing category ID'); } // Instantiate category $this->category = new Category($id_category, $this->context->language->id); parent::init(); if (!$this->ajax) { //check if the category is active and return 404 error if is disable. if (!$this->category->active) { header('HTTP/1.1 404 Not Found'); header('Status: 404 Not Found'); } //check if category can be accessible by current customer and return 403 if not if (!$this->category->checkAccess($this->context->customer->id)) { header('HTTP/1.1 403 Forbidden'); header('Status: 403 Forbidden'); $this->errors[] = Tools::displayError('You do not have access to this category.'); $this->customer_access = false; } } }
public static function logHttpReferer() { global $cookie; if (!isset($cookie->id_connections) or !Validate::isUnsignedId($cookie->id_connections)) { return false; } if (!isset($_SERVER['HTTP_REFERER']) and !Configuration::get('TRACKING_DIRECT_TRAFFIC')) { return false; } $source = new ConnectionsSource(); if (isset($_SERVER['HTTP_REFERER']) and Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) { if (preg_replace('/^www./', '', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST)) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) and !strncmp(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH), parse_url('http://' . Tools::getHttpHost(false, false) . __PS_BASE_URI__, PHP_URL_PATH), strlen(__PS_BASE_URI__))) { return false; } if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) { $source->http_referer = strval($_SERVER['HTTP_REFERER']); $source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER']))); if (!Validate::isMessage($source->keywords)) { return false; } } } $source->id_connections = intval($cookie->id_connections); $source->request_uri = Tools::getHttpHost(false, false); if (isset($_SERVER['REDIRECT_URL'])) { $source->request_uri .= strval($_SERVER['REDIRECT_URL']); } elseif (isset($_SERVER['REQUEST_URI'])) { $source->request_uri .= strval($_SERVER['REQUEST_URI']); } if (!Validate::isUrl($source->request_uri)) { unset($source->request_uri); } return $source->add(); }
/** * Add several tags in database and link it to a product * * @param integer $id_lang Language id * @param integer $id_product Product id to link tags with * @param string|array $tag_list List of tags, as array or as a string with comas * @return boolean Operation success */ public static function addTags($id_lang, $id_product, $tag_list, $separator = ',') { if (!Validate::isUnsignedId($id_lang)) { return false; } if (!is_array($tag_list)) { $tag_list = array_filter(array_unique(array_map('trim', preg_split('#\\' . $separator . '#', $tag_list, null, PREG_SPLIT_NO_EMPTY)))); } $list = array(); foreach ($tag_list as $tag) { if (!Validate::isGenericName($tag)) { return false; } $tag_obj = new Tag(null, trim($tag), (int) $id_lang); /* Tag does not exist in database */ if (!Validate::isLoadedObject($tag_obj)) { $tag_obj->name = trim($tag); $tag_obj->id_lang = (int) $id_lang; $tag_obj->add(); } if (!in_array($tag_obj->id, $list)) { $list[] = $tag_obj->id; } } $data = ''; foreach ($list as $tag) { $data .= '(' . (int) $tag . ',' . (int) $id_product . '),'; } $data = rtrim($data, ','); return Db::getInstance()->execute(' INSERT INTO `' . _DB_PREFIX_ . 'product_tag` (`id_tag`, `id_product`) VALUES ' . $data); }
function processOrderStep($params) { global $errors, $cart, $smarty, $order_pages_hook_stay; /* Manage discounts */ if (intval(Tools::getValue('addDiscount')) == 1) { $discountName = Tools::getValue('discount_name'); if (!Validate::isDiscountName($discountName)) { $errors[] = Tools::displayError('voucher name not valid'); } else { $discount = new Discount(intval(Discount::getIdByName($discountName))); if (is_object($discount) and $discount->id) { if ($tmpError = $cart->checkDiscountValidity($discount, $cart->getDiscounts(), $cart->getOrderTotalLC(), $cart->getProducts(), true)) { $errors[] = $tmpError; } } else { $errors[] = Tools::displayError('voucher name not valid'); } if (!sizeof($errors)) { $cart->addDiscount(intval($discount->id)); } } // Why do we need a redirect here? Copied from // original order.php source. Seems like // otherwize the cart display doesn't get // updated properly Tools::redirect('order.php?step=' . $params['step']); } elseif (intval(Tools::getValue('deleteDiscount')) == 1) { if (Validate::isUnsignedId($_GET['deleteDiscount'])) { $cart->deleteDiscount(intval($_GET['deleteDiscount'])); } Tools::redirect('order.php?step=' . $params['step']); } }
/** * Add several tags in database and link it to a product * * @param integer $id_lang Language id * @param integer $id_product Product id to link tags with * @param string $string Tags separated by commas * * @return boolean Operation success */ public static function addTags($id_lang, $id_product, $string) { if (!Validate::isUnsignedId($id_lang) or !Validate::isTagsList($string)) { return false; } $tmpTab = array_unique(array_map('trim', preg_split('/,/', $string, NULL, PREG_SPLIT_NO_EMPTY))); $list = array(); foreach ($tmpTab as $tag) { if (empty($tag)) { continue; } if (!Validate::isGenericName($tag)) { return false; } $tagObj = new Tag(NULL, trim($tag), (int) $id_lang); /* Tag does not exist in database */ if (!Validate::isLoadedObject($tagObj)) { $tagObj->name = trim($tag); $tagObj->id_lang = (int) $id_lang; $tagObj->add(); } if (!in_array($tagObj->id, $list)) { $list[] = $tagObj->id; } } $data = ''; foreach ($list as $tag) { $data .= '(' . (int) $tag . ',' . (int) $id_product . '),'; } $data = rtrim($data, ','); return Db::getInstance()->Execute(' INSERT INTO `' . _DB_PREFIX_ . 'product_tag` (`id_tag`, `id_product`) VALUES ' . $data); }
public function delete() { if (!Validate::isUnsignedId($this->id)) { return false; } Db::getInstance()->Execute('DELETE FROM `' . _DB_PREFIX_ . 'customer_message` WHERE `id_customer_thread` = ' . (int) $this->id); return parent::delete(); }
public static function getMailAlerts($id_customer, $id_lang, Shop $shop = null) { if (!Validate::isUnsignedId($id_customer) || !Validate::isUnsignedId($id_lang)) { die(Tools::displayError()); } if (!$shop) { $shop = Context::getContext()->shop; } $customer = new Customer($id_customer); $products = MailAlert::getProducts($customer, $id_lang); $products_number = count($products); if (empty($products) === true || !$products_number) { return array(); } for ($i = 0; $i < $products_number; ++$i) { $obj = new Product((int) $products[$i]['id_product'], false, (int) $id_lang); if (!Validate::isLoadedObject($obj)) { continue; } if (isset($products[$i]['id_product_attribute']) && Validate::isUnsignedInt($products[$i]['id_product_attribute'])) { $attributes = self::getProductAttributeCombination($products[$i]['id_product_attribute'], $id_lang); $products[$i]['attributes_small'] = ''; if ($attributes) { foreach ($attributes as $k => $row) { $products[$i]['attributes_small'] .= $row['attribute_name'] . ', '; } } $products[$i]['attributes_small'] = rtrim($products[$i]['attributes_small'], ', '); $products[$i]['id_shop'] = $shop->id; /* Get cover */ $attrgrps = $obj->getAttributesGroups((int) $id_lang); foreach ($attrgrps as $attrgrp) { if ($attrgrp['id_product_attribute'] == (int) $products[$i]['id_product_attribute'] && ($images = Product::_getAttributeImageAssociations((int) $attrgrp['id_product_attribute']))) { $products[$i]['cover'] = $obj->id . '-' . array_pop($images); break; } } } if (!isset($products[$i]['cover']) || !$products[$i]['cover']) { $images = $obj->getImages((int) $id_lang); foreach ($images as $k => $image) { if ($image['cover']) { $products[$i]['cover'] = $obj->id . '-' . $image['id_image']; break; } } } if (!isset($products[$i]['cover'])) { $products[$i]['cover'] = Language::getIsoById($id_lang) . '-default'; } $products[$i]['link'] = $obj->getLink(); $products[$i]['link_rewrite'] = $obj->link_rewrite; } return $products; }
public static function getByOrderId($id_order) { if (!Validate::isUnsignedId($id_order)) { return false; } $result = Db::getInstance()->getRow(' SELECT f.id_loyalty FROM `' . _DB_PREFIX_ . 'loyalty` f WHERE f.id_order = ' . (int) $id_order); return isset($result['id_loyalty']) ? $result['id_loyalty'] : false; }
public static function getAllByOrderId($id_order) { if (!Validate::isUnsignedId($id_order)) { return false; } $result = Db::getInstance()->executeS(' SELECT f.id_loyalty FROM `' . _DB_PREFIX_ . 'loyalty` f WHERE f.id_order = ' . (int) $id_order); return $result; }
public static function getFromCustomer($id_customer) { if (!Validate::isUnsignedId($id_customer)) { return false; } $result = Db::getInstance()->getRow(' SELECT `id_guest` FROM `' . _DB_PREFIX_ . 'guest` WHERE `id_customer` = ' . (int) $id_customer); return $result['id_guest']; }
public function postProcess() { global $currentIndex, $cookie; if (Tools::isSubmit('deleteorder_return_detail')) { if ($this->tabAccess['delete'] === '1') { if ($id_order_detail = (int) Tools::getValue('id_order_detail') and Validate::isUnsignedId($id_order_detail)) { if ($id_order_return = (int) Tools::getValue('id_order_return') and Validate::isUnsignedId($id_order_return)) { $orderReturn = new OrderReturn($id_order_return); if (!Validate::isLoadedObject($orderReturn)) { die(Tools::displayError()); } if ((int) $orderReturn->countProduct() > 1) { if (OrderReturn::deleteOrderReturnDetail($id_order_return, $id_order_detail, (int) Tools::getValue('id_customization', 0))) { Tools::redirectAdmin($currentIndex . '&conf=4token=' . $this->token); } else { $this->_errors[] = Tools::displayError('An error occurred while deleting an order return detail.'); } } else { $this->_errors[] = Tools::displayError('You need at least one product.'); } } else { $this->_errors[] = Tools::displayError('The order return is invalid.'); } } else { $this->_errors[] = Tools::displayError('The order return detail is invalid.'); } } else { $this->_errors[] = Tools::displayError('You do not have permission to delete here.'); } } elseif (Tools::isSubmit('submitAddorder_return')) { if ($this->tabAccess['edit'] === '1') { if ($id_order_return = (int) Tools::getValue('id_order_return') and Validate::isUnsignedId($id_order_return)) { $orderReturn = new OrderReturn($id_order_return); $order = new Order($orderReturn->id_order); $customer = new Customer($orderReturn->id_customer); $orderReturn->state = (int) Tools::getValue('state'); if ($orderReturn->save()) { $orderReturnState = new OrderReturnState($orderReturn->state); $vars = array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{id_order_return}' => $id_order_return, '{order_name}' => sprintf("#%06d", (int) $order->id), '{state_order_return}' => isset($orderReturnState->name[(int) $order->id_lang]) ? $orderReturnState->name[(int) $order->id_lang] : $orderReturnState->name[(int) _PS_LANG_DEFAULT_]); Mail::Send((int) $order->id_lang, 'order_return_state', Mail::l('Your order return state has changed', (int) $order->id_lang), $vars, $customer->email, $customer->firstname . ' ' . $customer->lastname, NULL, NULL, NULL, NULL, _PS_MAIL_DIR_, true); Tools::redirectAdmin($currentIndex . '&conf=4&token=' . $this->token); } } else { $this->_errors[] = Tools::displayError('No order return ID.'); } } else { $this->_errors[] = Tools::displayError('You do not have permission to edit here.'); } } parent::postProcess(); }
public function postProcess() { global $currentIndex, $cookie; if (Tools::isSubmit('deleteorder_return_detail')) { if ($this->tabAccess['delete'] === '1') { if ($id_order_detail = intval(Tools::getValue('id_order_detail')) and Validate::isUnsignedId($id_order_detail)) { if ($id_order_return = intval(Tools::getValue('id_order_return')) and Validate::isUnsignedId($id_order_return)) { $orderReturn = new OrderReturn($id_order_return); if (!Validate::isLoadedObject($orderReturn)) { die(Tools::displayError()); } if (intval($orderReturn->countProduct()) > 1) { if (OrderReturn::deleteOrderReturnDetail($id_order_return, $id_order_detail, intval(Tools::getValue('id_customization', 0)))) { Tools::redirectAdmin($currentIndex . '&conf=4token=' . $this->token); } else { $this->_errors[] = Tools::displayError('an error occured while deleting an order return detail'); } } else { $this->_errors[] = Tools::displayError('you need at least one product'); } } else { $this->_errors[] = Tools::displayError('the order return is invalid'); } } else { $this->_errors[] = Tools::displayError('the order return detail is invalid'); } } else { $this->_errors[] = Tools::displayError('You do not have permission to delete here.'); } } elseif (Tools::isSubmit('submitAddorder_return')) { if ($this->tabAccess['edit'] === '1') { if ($id_order_return = intval(Tools::getValue('id_order_return')) and Validate::isUnsignedId($id_order_return)) { $orderReturn = new OrderReturn($id_order_return); $customer = new Customer($orderReturn->id_customer); $orderReturn->state = intval(Tools::getValue('state')); if ($orderReturn->save()) { $orderReturnState = new OrderReturnState($orderReturn->state); $vars = array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{id_order_return}' => $id_order_return, '{state_order_return}' => $orderReturnState->name[intval(Configuration::get('PS_LANG_DEFAULT'))]); Mail::Send(intval($cookie->id_lang), 'order_return_state', html_entity_decode($this->l('Your order return state has changed'), ENT_NOQUOTES, 'UTF-8'), $vars, $customer->email, $customer->firstname . ' ' . $customer->lastname); Tools::redirectAdmin($currentIndex . '&conf=4&token=' . $this->token); } } else { $this->_errors[] = Tools::displayError('no order return ID.'); } } else { $this->_errors[] = Tools::displayError('You do not have permission to edit here.'); } } parent::postProcess(); }
/** * Initialize category controller * @see FrontController::init() */ public function init() { // Get category ID $id_category = (int) Tools::getValue('id_category'); if (!$id_category || !Validate::isUnsignedId($id_category)) { $this->errors[] = Tools::displayError('Missing category ID'); } // Instantiate category $this->category = new Category($id_category, $this->context->language->id); parent::init(); if (!$this->category->checkAccess($this->context->customer->id)) { $this->errors[] = Tools::displayError('You do not have access to this category.'); } }
public function postProcess() { if (!$this->context->customer->isLogged()) { Tools::redirect('index.php?controller=authentication&back=order-follow'); } if (isset($_GET['id_order_slip']) && Validate::isUnsignedId($_GET['id_order_slip'])) { $this->order_slip = new OrderSlip($_GET['id_order_slip']); } if (!isset($this->order_slip) || !Validate::isLoadedObject($this->order_slip)) { die(Tools::displayError('Order return not found.')); } elseif ($this->order_slip->id_customer != $this->context->customer->id) { die(Tools::displayError('Order return not found.')); } }
private function displayHook() { if (Validate::isUnsignedId($this->id_order) && Validate::isUnsignedId($this->id_module)) { $order = new Order((int) $this->id_order); $currency = new Currency((int) $order->id_currency); if (Validate::isLoadedObject($order)) { $params['objOrder'] = $order; $params['currencyObj'] = $currency; $params['currency'] = $currency->sign; $params['total_to_pay'] = $order->getOrdersTotalPaid(); return $params; } } return false; }
public function ajaxProcessEditProductAttribute() { if ($this->tabAccess['edit'] === '1') { $id_product = (int) Tools::getValue('id_product'); $id_product_attribute = (int) Tools::getValue('id_product_attribute'); if ($id_product && Validate::isUnsignedId($id_product) && Validate::isLoadedObject($product = new Product((int) $id_product))) { $combinations = $product->getAttributeCombinationsById($id_product_attribute, $this->context->language->id); foreach ($combinations as $key => $combination) { $combinations[$key]['minimal_quantity'] = $product->resolveBoMinQty($combination['minimal_quantity'], $combination['minimal_quantity_fractional']); $combinations[$key]['attributes'][] = array($combination['group_name'], $combination['attribute_name'], $combination['id_attribute']); } die(Tools::jsonEncode($combinations)); } } }
public function process() { parent::process(); if (!($id_category = (int) Tools::getValue('id_category')) or !Validate::isUnsignedId($id_category)) { $this->errors[] = Tools::displayError('Missing category ID'); } else { if (!Validate::isLoadedObject($this->category)) { $this->errors[] = Tools::displayError('Category does not exist'); } elseif (!$this->category->checkAccess((int) self::$cookie->id_customer)) { $this->errors[] = Tools::displayError('You do not have access to this category.'); } elseif (!$this->category->active) { self::$smarty->assign('category', $this->category); } else { $rewrited_url = self::$link->getCategoryLink((int) $this->category->id, $this->category->link_rewrite); /* Scenes (could be externalised to another controler if you need them */ self::$smarty->assign('scenes', Scene::getScenes((int) $this->category->id, (int) self::$cookie->id_lang, true, false)); /* Scenes images formats */ if ($sceneImageTypes = ImageType::getImagesTypes('scenes')) { foreach ($sceneImageTypes as $sceneImageType) { if ($sceneImageType['name'] == 'thumb_scene') { $thumbSceneImageType = $sceneImageType; } elseif ($sceneImageType['name'] == 'large_scene') { $largeSceneImageType = $sceneImageType; } } self::$smarty->assign('thumbSceneImageType', isset($thumbSceneImageType) ? $thumbSceneImageType : NULL); self::$smarty->assign('largeSceneImageType', isset($largeSceneImageType) ? $largeSceneImageType : NULL); } $this->category->description = nl2br2($this->category->description); $subCategories = $this->category->getSubCategories((int) self::$cookie->id_lang); self::$smarty->assign('category', $this->category); if (isset($subCategories) and !empty($subCategories) and $subCategories) { self::$smarty->assign('subcategories', $subCategories); self::$smarty->assign(array('subcategories_nb_total' => sizeof($subCategories), 'subcategories_nb_half' => ceil(sizeof($subCategories) / 2))); } if ($this->category->id != 1) { $this->productListAssign(); } self::$smarty->assign(array('products' => (isset($this->cat_products) and $this->cat_products) ? $this->cat_products : NULL, 'id_category' => (int) $this->category->id, 'id_category_parent' => (int) $this->category->id_parent, 'return_category_name' => Tools::safeOutput($this->category->name), 'path' => Tools::getPath((int) $this->category->id), 'add_prod_display' => Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'), 'categorySize' => Image::getSize('category'), 'mediumSize' => Image::getSize('medium'), 'thumbSceneSize' => Image::getSize('thumb_scene'), 'homeSize' => Image::getSize('home'))); if (isset(self::$cookie->id_customer)) { self::$smarty->assign('compareProducts', CompareProduct::getCustomerCompareProducts((int) self::$cookie->id_customer)); } elseif (isset(self::$cookie->id_guest)) { self::$smarty->assign('compareProducts', CompareProduct::getGuestCompareProducts((int) self::$cookie->id_guest)); } } } self::$smarty->assign(array('allow_oosp' => (int) Configuration::get('PS_ORDER_OUT_OF_STOCK'), 'comparator_max_item' => (int) Configuration::get('PS_COMPARATOR_MAX_ITEM'), 'suppliers' => Supplier::getSuppliers())); }
/** * Returns module content * * @param array $params Parameters * @return string Content */ function hookRightColumn($params) { global $smarty, $cookie; if (!isset($_GET['id_category']) or !Validate::isUnsignedId($_GET['id_category'])) { $id_category = 0; } else { $category = new Category(intval(Tools::getValue('id_category')), intval($cookie->id_lang)); if (!Validate::isLoadedObject($category)) { $id_category = 0; } else { $id_category = $category->id_category; } } $smarty->assign(array('id_category' => $id_category, 'SHOPNAME' => Configuration::get('SHOP_NAME'))); return $this->display(__FILE__, 'blockrss2.tpl'); }
public function displayOrderConfirmation() { if (Validate::isUnsignedId($this->id_order)) { $params = array(); $order = new Order($this->id_order); $currency = new Currency($order->id_currency); if (Validate::isLoadedObject($order)) { $params['total_to_pay'] = $order->getOrdersTotalPaid(); $params['currency'] = $currency->sign; $params['objOrder'] = $order; $params['currencyObj'] = $currency; return Hook::exec('displayOrderConfirmation', $params); } } return false; }
public function postProcess() { if (!$this->context->customer->isLogged()) { Tools::redirect('index.php?controller=authentication&back=order-follow'); } if (Tools::getValue('id_order_return') && Validate::isUnsignedId(Tools::getValue('id_order_return'))) { $this->orderReturn = new OrderReturn(Tools::getValue('id_order_return')); } if (!isset($this->orderReturn) || !Validate::isLoadedObject($this->orderReturn)) { die(Tools::displayError('Order return not found.')); } elseif ($this->orderReturn->id_customer != $this->context->customer->id) { die(Tools::displayError('Order return not found.')); } elseif ($this->orderReturn->state < 2) { die(Tools::displayError('Order return not confirmed.')); } }
public function postProcess() { $from_admin = Tools::getValue('adtoken') == Tools::getAdminToken('AdminReturn' . (int) Tab::getIdFromClassName('AdminReturn') . (int) Tools::getValue('id_employee')); if (!$from_admin && !$this->context->customer->isLogged()) { Tools::redirect('index.php?controller=authentication&back=order-follow'); } if (Tools::getValue('id_order_return') && Validate::isUnsignedId(Tools::getValue('id_order_return'))) { $this->orderReturn = new OrderReturn(Tools::getValue('id_order_return')); } if (!isset($this->orderReturn) || !Validate::isLoadedObject($this->orderReturn)) { die(Tools::displayError('Order return not found.')); } elseif (!$from_admin && $this->orderReturn->id_customer != $this->context->customer->id) { die(Tools::displayError('Order return not found.')); } elseif ($this->orderReturn->state < 2) { die(Tools::displayError('Order return not confirmed.')); } }
public static function logHttpReferer(Cookie $cookie = null) { if (!$cookie) { $cookie = Context::getContext()->cookie; } if (!isset($cookie->id_connections) || !Validate::isUnsignedId($cookie->id_connections)) { return false; } // If the referrer is not correct, we drop the connection if (isset($_SERVER['HTTP_REFERER']) && !Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) { return false; } // If there is no referrer and we do not want to save direct traffic (as opposed to referral traffic), we drop the connection if (!isset($_SERVER['HTTP_REFERER']) && !Configuration::get('TRACKING_DIRECT_TRAFFIC')) { return false; } $source = new ConnectionsSource(); // There are a few more operations if there is a referrer if (isset($_SERVER['HTTP_REFERER'])) { // If the referrer is internal (i.e. from your own website), then we drop the connection $parsed = parse_url($_SERVER['HTTP_REFERER']); $parsed_host = parse_url(Tools::getProtocol() . Tools::getHttpHost(false, false) . __PS_BASE_URI__); if (!isset($parsed['host']) || (!isset($parsed['path']) || !isset($parsed_host['path']))) { return false; } if (preg_replace('/^www./', '', $parsed['host']) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) && !strncmp($parsed['path'], $parsed_host['path'], strlen(__PS_BASE_URI__))) { return false; } $source->http_referer = substr($_SERVER['HTTP_REFERER'], 0, ConnectionsSource::$uri_max_size); $source->keywords = substr(trim(SearchEngine::getKeywords($_SERVER['HTTP_REFERER'])), 0, ConnectionsSource::$uri_max_size); } $source->id_connections = (int) $cookie->id_connections; $source->request_uri = Tools::getHttpHost(false, false); if (isset($_SERVER['REQUEST_URI'])) { $source->request_uri .= $_SERVER['REQUEST_URI']; } elseif (isset($_SERVER['REDIRECT_URL'])) { $source->request_uri .= $_SERVER['REDIRECT_URL']; } if (!Validate::isUrl($source->request_uri)) { $source->request_uri = ''; } $source->request_uri = substr($source->request_uri, 0, ConnectionsSource::$uri_max_size); return $source->add(); }
public function preProcess() { parent::preProcess(); if (!isset($_GET['id_order_return']) or !Validate::isUnsignedId($_GET['id_order_return'])) { $this->errors[] = Tools::displayError('Order ID required'); } else { $orderRet = new OrderReturn((int) $_GET['id_order_return']); if (Validate::isLoadedObject($orderRet) and $orderRet->id_customer == self::$cookie->id_customer) { $order = new Order((int) $orderRet->id_order); if (Validate::isLoadedObject($order)) { $state = new OrderReturnState((int) $orderRet->state); self::$smarty->assign(array('orderRet' => $orderRet, 'order' => $order, 'state_name' => $state->name[(int) self::$cookie->id_lang], 'return_allowed' => false, 'products' => OrderReturn::getOrdersReturnProducts((int) $orderRet->id, $order), 'returnedCustomizations' => OrderReturn::getReturnedCustomizedProducts((int) $orderRet->id_order), 'customizedDatas' => Product::getAllCustomizedDatas((int) $order->id_cart))); } else { $this->errors[] = Tools::displayError('Cannot find this order return'); } } else { $this->errors[] = Tools::displayError('Cannot find this order return'); } } self::$smarty->assign(array('errors' => $this->errors, 'nbdaysreturn' => (int) Configuration::get('PS_ORDER_RETURN_NB_DAYS'))); }
/** * Add several tags in database and link it to a product * * @param int $id_lang Language id * @param int $id_product Product id to link tags with * @param string|array $tag_list List of tags, as array or as a string with comas * @return bool Operation success */ public static function addTags($id_lang, $id_product, $tag_list, $separator = ',') { if (!Validate::isUnsignedId($id_lang)) { return false; } if (!is_array($tag_list)) { $tag_list = array_filter(array_unique(array_map('trim', preg_split('#\\' . $separator . '#', $tag_list, null, PREG_SPLIT_NO_EMPTY)))); } $list = array(); if (is_array($tag_list)) { foreach ($tag_list as $tag) { if (!Validate::isGenericName($tag)) { return false; } $tag = trim(Tools::substr($tag, 0, self::$definition['fields']['name']['size'])); $tag_obj = new Tag(null, $tag, (int) $id_lang); /* Tag does not exist in database */ if (!Validate::isLoadedObject($tag_obj)) { $tag_obj->name = $tag; $tag_obj->id_lang = (int) $id_lang; $tag_obj->add(); } if (!in_array($tag_obj->id, $list)) { $list[] = $tag_obj->id; } } } $data = ''; foreach ($list as $tag) { $data .= '(' . (int) $tag . ',' . (int) $id_product . ',' . (int) $id_lang . '),'; } $data = rtrim($data, ','); $result = Db::getInstance()->execute(' INSERT INTO `' . _DB_PREFIX_ . 'product_tag` (`id_tag`, `id_product`, `id_lang`) VALUES ' . $data); if ($list != array()) { self::updateTagCount($list); } return $result; }
/** * Initialize order return controller * @see FrontController::init() */ public function init() { parent::init(); header('Cache-Control: no-cache, must-revalidate'); header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); if (!isset($_GET['id_order_return']) || !Validate::isUnsignedId($_GET['id_order_return'])) { $this->errors[] = Tools::displayError('Order ID required'); } else { $orderRet = new OrderReturn((int) $_GET['id_order_return']); if (Validate::isLoadedObject($orderRet) && $orderRet->id_customer == $this->context->cookie->id_customer) { $order = new Order((int) $orderRet->id_order); if (Validate::isLoadedObject($order)) { $state = new OrderReturnState((int) $orderRet->state); $this->context->smarty->assign(array('orderRet' => $orderRet, 'order' => $order, 'state_name' => $state->name[(int) $this->context->language->id], 'return_allowed' => false, 'products' => OrderReturn::getOrdersReturnProducts((int) $orderRet->id, $order), 'returnedCustomizations' => OrderReturn::getReturnedCustomizedProducts((int) $orderRet->id_order), 'customizedDatas' => Product::getAllCustomizedDatas((int) $order->id_cart))); } else { $this->errors[] = Tools::displayError('Cannot find the order return.'); } } else { $this->errors[] = Tools::displayError('Cannot find the order return.'); } } }
public function delete() { if (!Validate::isUnsignedId($this->id)) { return false; } $return = true; $result = Db::getInstance()->executeS(' SELECT `id_customer_message` FROM `' . _DB_PREFIX_ . 'customer_message` WHERE `id_customer_thread` = ' . (int) $this->id); if (count($result)) { foreach ($result as $res) { $message = new CustomerMessage((int) $res['id_customer_message']); if (!Validate::isLoadedObject($message)) { $return = false; } else { $return &= $message->delete(); } } } $return &= parent::delete(); return $return; }
public static function logHttpReferer(Cookie $cookie = null) { if (!$cookie) { $cookie = Context::getContext()->cookie; } if (!isset($cookie->id_connections) || !Validate::isUnsignedId($cookie->id_connections)) { return false; } if (!isset($_SERVER['HTTP_REFERER']) && !Configuration::get('TRACKING_DIRECT_TRAFFIC')) { return false; } $source = new ConnectionsSource(); if (isset($_SERVER['HTTP_REFERER']) && Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) { $parsed = parse_url($_SERVER['HTTP_REFERER']); $parsed_host = parse_url(Tools::getProtocol() . Tools::getHttpHost(false, false) . __PS_BASE_URI__); if (preg_replace('/^www./', '', $parsed['host']) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) && !strncmp($parsed['path'], $parsed_host['path'], strlen(__PS_BASE_URI__))) { return false; } if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) { $source->http_referer = substr(strval($_SERVER['HTTP_REFERER']), 0, ConnectionsSource::$uri_max_size); $source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER']))); if (!Validate::isMessage($source->keywords)) { return false; } } } $source->id_connections = (int) $cookie->id_connections; $source->request_uri = Tools::getHttpHost(false, false); if (isset($_SERVER['REDIRECT_URL'])) { $source->request_uri .= strval($_SERVER['REDIRECT_URL']); } elseif (isset($_SERVER['REQUEST_URI'])) { $source->request_uri .= strval($_SERVER['REQUEST_URI']); } if (!Validate::isUrl($source->request_uri)) { $source->request_uri = ''; } $source->request_uri = substr($source->request_uri, 0, ConnectionsSource::$uri_max_size); return $source->add(); }
public function postProcess() { if (!$this->context->customer->isLogged() && !Tools::getValue('secure_key')) { Tools::redirect('index.php?controller=authentication&back=pdf-invoice'); } if (!(int) Configuration::get('PS_INVOICE')) { die(Tools::displayError('Invoices are disabled in this shop.')); } $id_order = (int) Tools::getValue('id_order'); if (Validate::isUnsignedId($id_order)) { $order = new Order((int) $id_order); } if (!isset($order) || !Validate::isLoadedObject($order)) { die(Tools::displayError('The invoice was not found.')); } if (isset($this->context->customer->id) && $order->id_customer != $this->context->customer->id || Tools::isSubmit('secure_key') && $order->secure_key != Tools::getValue('secure_key')) { die(Tools::displayError('The invoice was not found.')); } if (!OrderState::invoiceAvailable($order->getCurrentState()) && !$order->invoice_number) { die(Tools::displayError('No invoice is available.')); } $this->order = $order; }