/** * Displays a given invoice number $invoiceNo of $user * * @param int $invoiceNo * @param UserTable $user * @return string */ protected function showInvoice( $invoiceNo, $user ) { global $_CB_database, $_CB_framework; $return = ''; $params = $this->params; $showInvoices = $params->get( 'show_invoices', 1 ); if ( $showInvoices ) { $invoiceNo = (int) $invoiceNo; if ( $invoiceNo ) { $basket = new cbpaidPaymentBasket( $_CB_database ); if ( ( $basket->load( (int) $invoiceNo ) ) && ( $user->id == $basket->user_id ) ) { $ok = false; $myId = $_CB_framework->myId(); if ( $myId == 0 ) { $ck = $this->base->_getReqParam( 'invoicecheck' ); if ( $ck && ( $ck == $basket->checkHashInvoice( $ck ) ) ) { $ok = true; } } elseif ( $user->id == $myId ) { $ok = true; } elseif ( cbpaidApp::authoriseAction( 'cbsubs.sales' ) || cbpaidApp::authoriseAction( 'cbsubs.financial' ) ) { $ok = true; } if ( $ok ) { $itsmyself = ( $_CB_framework->myId() == $user->id ); $return .= $basket->displayInvoice( $user, $itsmyself ); } else { $return .= '<div class="error">' . CBPTXT::Th("You need to be logged in to view your private information.") . '</div>' ; } } else { $this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") ); } } else { $this->base->_setErrorMSG( CBPTXT::T("Not authorized action") ); } } else { $this->base->_setErrorMSG( CBPTXT::T("Not authorized action") ); } return $return; }
/** * Returns a protected user-specific invoice display address URL * * @param cbpaidPaymentBasket $paymentBasket * @param string $task 'invoice' or 'recordpayment' * @param string $format 'html', 'component' * @return string */ protected function getSecuredBasketShowUrl( $paymentBasket, $task, $format ) { global $_CB_framework; $basegetarray = array( 'user' => $paymentBasket->user_id, 'Itemid' => 0, 'act' => 'show' . $task, $task => $paymentBasket->id ); if ( ! $_CB_framework->MyId() ) { $basegetarray['invoicecheck'] = $paymentBasket->checkHashInvoice(); } return $this->getHttpsAbsURLwithParam( $basegetarray, 'pluginclass', true, null, $format ); }