function validate_add($d)
{
global $VM_LANG;
$db = new ps_DB();
if (!$d["currency_name"]) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_CURRENCY_ERR_NAME'));
return False;
}
if (!$d["currency_code"]) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_CURRENCY_ERR_CODE'));
return False;
}
if ($d["currency_name"]) {
$q = "SELECT count(*) as rowcnt from #__{vm}_currency where";
$q .= " currency_name='" . $d["currency_name"] . "'";
$db->setQuery($q);
$db->query();
$db->next_record();
if ($db->f("rowcnt") > 0) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_CURRENCY_ERR_EXISTS'));
return False;
}
}
return True;
}
/**
* Function to calculate the price, apply discounts from the discount table
* and reformat the price
*
* @param int $product_id
* @param boolean $hide_tax Wether to show the text "(including X.X% tax)" or not
* @return string The formatted price
*/
function show_price($product_id, $hide_tax = false)
{
global $VM_LANG, $CURRENCY_DISPLAY, $vendor_mail;
$auth = $_SESSION['auth'];
$tpl = new $GLOBALS['VM_THEMECLASS']();
$product_name = htmlentities($this->get_field($product_id, 'product_name'), ENT_QUOTES);
$tpl->set('product_id', $product_id);
$tpl->set('product_name', $product_name);
$tpl->set('vendor_mail', $vendor_mail);
$discount_info = $base_price = array();
$text_including_tax = '';
if ($auth['show_prices']) {
// Get the DISCOUNT AMOUNT
$discount_info = $this->get_discount($product_id);
if (!$discount_info["is_percent"] && $discount_info["amount"] != 0) {
$discount_info["amount"] = $GLOBALS['CURRENCY']->convert($discount_info["amount"]);
}
// Get the Price according to the quantity in the Cart
$price_info = $this->get_price($product_id);
$tpl->set('price_info', $price_info);
// Get the Base Price of the Product
$base_price_info = $this->get_price($product_id, true);
$tpl->set('base_price_info', $base_price_info);
if ($price_info === false) {
$price_info = $base_price_info;
}
$html = "";
$undiscounted_price = 0;
if (isset($price_info["product_price_id"])) {
if ($base_price_info["product_price"] == $price_info["product_price"]) {
$price = $base_price = $GLOBALS['CURRENCY']->convert($base_price_info["product_price"], $price_info['product_currency']);
} else {
$base_price = $GLOBALS['CURRENCY']->convert($base_price_info["product_price"], $price_info['product_currency']);
$price = $GLOBALS['CURRENCY']->convert($price_info["product_price"], $price_info['product_currency']);
}
if ($auth["show_price_including_tax"] == 1) {
$my_taxrate = $this->get_product_taxrate($product_id);
$base_price += $my_taxrate * $base_price;
} else {
$my_taxrate = 0;
}
// Calculate discount
if (!empty($discount_info["amount"])) {
$undiscounted_price = $base_price;
switch ($discount_info["is_percent"]) {
case 0:
// If we subtract discounts BEFORE tax
if (PAYMENT_DISCOUNT_BEFORE == '1') {
// and if our prices are shown with tax
if ($auth["show_price_including_tax"] == 1) {
// then we add tax to the (untaxed) discount
$discount_info['amount'] += $my_taxrate * $discount_info['amount'];
}
// but if our prices are shown without tax
// we just leave the (untaxed) discount amount as it is
}
// But, if we subtract discounts AFTER tax
// and if our prices are shown with tax
// we just leave the (untaxed) discount amount as it is
// but if prices are shown without tax
// we just leave the (untaxed) discount amount as it is
// even though this is not really a good combination of settings
$base_price -= $discount_info["amount"];
break;
case 1:
$base_price *= (100 - $discount_info["amount"]) / 100;
break;
}
}
$text_including_tax = "";
if (!empty($my_taxrate)) {
$tax = $my_taxrate * 100;
// only show "including x % tax" when it shall
// not be hidden
if (!$hide_tax && $auth["show_price_including_tax"] == 1 && VM_PRICE_SHOW_INCLUDINGTAX) {
$text_including_tax = $VM_LANG->_('PHPSHOP_INCLUDING_TAX');
eval("\$text_including_tax = \"{$text_including_tax}\";");
}
}
// Check if we need to display a Table with all Quantity <=> Price Relationships
if ($base_price_info["product_has_multiple_prices"] && !$hide_tax) {
$db = new ps_DB();
// Quantity Discount Table
$q = "SELECT product_price, product_currency, price_quantity_start, price_quantity_end \n\t\t\t\t\t\t\tFROM #__{vm}_product_price\n\t\t\t\t \t\t\tWHERE product_id='{$product_id}' \n\t\t\t\t \t\t\tAND shopper_group_id='" . $auth["shopper_group_id"] . "' \n\t\t\t\t \t\t\tORDER BY price_quantity_start";
$db->query($q);
// $prices_table = "<table align=\"right\">
$prices_table = "<table width=\"100%\">\n\t\t\t\t\t <thead><tr class=\"sectiontableheader\">\n\t\t\t\t\t <th>" . $VM_LANG->_('PHPSHOP_CART_QUANTITY') . "</th>\n\t\t\t\t\t <th>" . $VM_LANG->_('PHPSHOP_CART_PRICE') . "</th>\n\t\t\t\t\t </tr></thead>\n\t\t\t\t\t <tbody>";
$i = 1;
if ($db->num_rows() == 0) {
// get the vendor ID
$q = "SELECT vendor_id FROM #__{vm}_product WHERE product_id='{$product_id}'";
$db->setQuery($q);
$db->query();
$db->next_record();
$vendor_id = $db->f("vendor_id");
// get the default shopper group ID
$q = "SELECT shopper_group_id FROM #__{vm}_shopper_group WHERE `vendor_id`='{$vendor_id}' AND `default`='1'";
$db->setQuery($q);
$db->query();
$db->next_record();
$default_shopper_group_id = $db->f("shopper_group_id");
// get the current shopper group discount
$q = "SELECT * FROM #__{vm}_shopper_group WHERE shopper_group_id=" . $auth["shopper_group_id"];
$db->setQuery($q);
$db->query();
$db->next_record();
$shopper_group_discount = $db->f("shopper_group_discount");
// check for prices in default shopper group
$q = "SELECT product_price, price_quantity_start, price_quantity_end, product_currency FROM #__{vm}_product_price\n\t\t\t\t\t\t\tWHERE product_id='{$product_id}' AND shopper_group_id='" . $default_shopper_group_id . "' ORDER BY price_quantity_start";
$db->query($q);
while ($db->next_record()) {
$prices_table .= "<tr class=\"sectiontableentry{$i}\"><td>" . $db->f("price_quantity_start") . " - " . $db->f("price_quantity_end") . "</td>";
$prices_table .= "<td>";
if (!empty($my_taxrate)) {
$prices_table .= $CURRENCY_DISPLAY->getFullValue(($my_taxrate + 1) * $db->f("product_price") * ((100 - $shopper_group_discount) / 100));
} else {
$prices_table .= $CURRENCY_DISPLAY->getFullValue($db->f("product_price") * ((100 - $shopper_group_discount) / 100));
}
$prices_table .= "</td></tr>";
$i == 1 ? $i++ : $i--;
}
} else {
// get the current shopper group discount
$dbsg = new ps_DB();
$q = "SELECT * FROM #__{vm}_shopper_group WHERE shopper_group_id=" . $auth["shopper_group_id"];
$dbsg->setQuery($q);
$dbsg->query();
$dbsg->next_record();
$shopper_group_discount = $dbsg->f("shopper_group_discount");
while ($db->next_record()) {
$price = $GLOBALS['CURRENCY']->convert($db->f("product_price"), $db->f("product_currency"));
$prices_table .= "<tr class=\"sectiontableentry{$i}\"><td>" . $db->f("price_quantity_start") . " - " . $db->f("price_quantity_end") . "</td>";
$prices_table .= "<td>";
if (!empty($my_taxrate)) {
$prices_table .= $CURRENCY_DISPLAY->getFullValue(($my_taxrate + 1) * $price * ((100 - $shopper_group_discount) / 100));
} else {
$prices_table .= $CURRENCY_DISPLAY->getFullValue($price * ((100 - $shopper_group_discount) / 100));
}
$prices_table .= "</td></tr>";
$i == 1 ? $i++ : $i--;
}
}
$prices_table .= "</tbody></table>";
if (@$_REQUEST['page'] != "shop.product_details") {
$html .= vmToolTip($prices_table);
} else {
$html .= $prices_table;
}
}
}
}
$tpl->set('discount_info', $discount_info);
$tpl->set('text_including_tax', $text_including_tax);
$tpl->set('undiscounted_price', @$undiscounted_price);
$tpl->set('base_price', $base_price);
$tpl->set('price_table', $html);
$tpl->set('parent_has_children', $this->parent_has_children($product_id));
return $tpl->fetch('common/price.tpl.php');
}
/**
* Lists all child/sister products of the given product
*
* @param int $product_id
* @return string HTML code with Items, attributes & price
*/
function list_attribute_list($product_id, $display_use_parent, $child_link, $display_type, $cls_sfuffix, $child_ids, $dw, $aw, $display_header, $product_list_type, $product_list)
{
global $CURRENCY_DISPLAY, $mm_action_url;
require_once CLASSPATH . 'ps_product.php';
$ps_product = new ps_product();
require_once CLASSPATH . 'ps_product_type.php';
$ps_product_type = new ps_product_type();
$Itemid = vmGet($_REQUEST, 'Itemid', "");
$category_id = vmGet($_REQUEST, 'category_id', "");
$curr_product = vmGet($_REQUEST, 'product_id', "");
$db = new ps_DB();
$db_sku = new ps_DB();
$db_item = new ps_DB();
$tpl = vmTemplate::getInstance();
$price = $ps_product->get_adjusted_attribute_price($product_id);
$tpl->set("cls_suffix", $cls_sfuffix);
$tpl->set("product_id", $product_id);
$tpl->set("display_header", $display_header);
$tpl->set("display_product_type", $product_list_type);
$tpl->set("product_price", $price['product_price']);
$html = '';
// Get list of children
$pp = $ps_product->parent_has_children($product_id);
if ($pp) {
$q = "SELECT product_id,product_name,product_parent_id,product_sku,product_in_stock,product_full_image,product_thumb_image FROM #__{vm}_product WHERE product_publish='Y' AND product_parent_id='{$product_id}' ";
} else {
$q = "SELECT product_id,product_name,product_parent_id,product_sku,product_in_stock,product_full_image,product_thumb_image FROM #__{vm}_product WHERE product_publish='Y' AND product_id='{$product_id}' ";
}
if ($child_ids) {
$ids = explode(",", $child_ids);
$child_array = array();
$parent_array = array();
foreach ($ids as $extra_id) {
if ($ps_product->parent_has_children($extra_id)) {
$parent_array[] = $extra_id;
} else {
$child_array[] = $extra_id;
}
}
$parent_ids = implode(',', $parent_array);
$child_ids = implode(',', $child_array);
if ($child_ids) {
$q .= "UNION ALL SELECT product_id,product_name,product_parent_id,product_sku,product_in_stock,product_full_image,product_thumb_image FROM #__{vm}_product WHERE product_publish='Y' AND product_id IN ({$child_ids}) ";
}
if ($parent_ids) {
$q .= "UNION ALL SELECT product_id,product_name,product_parent_id,product_sku,product_in_stock,product_full_image,product_thumb_image FROM #__{vm}_product WHERE product_publish='Y' AND product_parent_id IN ({$parent_ids})";
}
}
$db->query($q);
if ($pp) {
$master_id = $product_id;
} else {
$master_id = $db->f("product_id");
}
$main_master = $master_id;
$master_child_count = 0;
if ($db->num_rows() < 1) {
// Try to Get list of sisters & brothers
$q = "SELECT product_parent_id FROM #__{vm}_product WHERE product_id='{$product_id}'";
$db->setQuery($q);
$db->query();
$child_id = $product_id;
$product_id = $db->f("product_parent_id") ? $db->f("product_parent_id") : $product_id;
$parent_id = $db->f("product_parent_id");
$q = "SELECT product_id,product_name,product_parent_id,product_sku,product_in_stock FROM #__{vm}_product WHERE product_parent_id='" . $db->f("product_parent_id") . "' AND product_parent_id<>0 AND product_publish='Y'";
$db->query($q);
}
if ($db->num_rows() > 0) {
$products = array();
$headings = array();
$i = 0;
$attrib_heading = array();
$ci = 0;
while ($db->next_record()) {
$parent_id = $db->f("product_parent_id");
if ($db->f("product_id") != $curr_product && @$child_id) {
continue;
}
// Start row for this child
$q = "SELECT product_id, attribute_name FROM #__{vm}_product_attribute_sku ";
$q .= "WHERE product_id='" . $db->f("product_parent_id") . "' ORDER BY attribute_list ASC";
$db_sku->query($q);
$attrib_value = array();
while ($db_sku->next_record()) {
$q = "SELECT attribute_name,attribute_value ";
$q .= "FROM #__{vm}_product_attribute WHERE ";
$q .= "product_id='" . $db->f("product_id") . "' AND ";
$q .= "attribute_name='" . $db_sku->f("attribute_name") . "'";
$db_item->setQuery($q);
$db_item->query();
while ($db_item->next_record()) {
if ($ci == 0) {
$attrib_heading[] = $db_item->f("attribute_name");
$tpl->set('headings', $attrib_heading);
}
$attrib_value[] = $db_item->f("attribute_value");
}
}
if ($main_master == $parent_id) {
$master_child_count++;
}
$tpl->set('desc_width', $dw);
$tpl->set('attrib_width', $aw);
// End show Header Row
if ($ci % 2) {
$bgcolor = "vmRowOne";
} else {
$bgcolor = "vmRowTwo";
}
$products[$ci]['bgcolor'] = $bgcolor;
$products[$ci]['product_id'] = $db->f("product_id");
$products[$ci]["category_id"] = $category_id;
$products[$ci]["Itemid"] = $Itemid;
// If this is a child of a parent set the correct product_id for page return
if (@$child_id && $pp) {
$products[$ci]['parent_id'] = $db->f("product_id");
} else {
$master_id = $parent_id;
$products[$ci]['parent_id'] = $parent_id;
}
$flypage = $ps_product->get_flypage($products[$ci]['parent_id']);
$products[$ci]["flypage"] = $flypage;
// Images
// If it is item get parent:
$product_parent_id = $db->f("product_parent_id");
if ($product_parent_id != 0) {
$dbp = new PS_db();
$dbp->query("SELECT product_full_image,product_thumb_image,product_name,product_s_desc FROM #__{vm}_product WHERE product_id='{$product_parent_id}'");
$dbp->next_record();
}
$product_full_image = $parent_id != 0 && !$db->f("product_full_image") ? $dbp->f("product_full_image") : $db->f("product_full_image");
// Change
$product_thumb_image = $parent_id != 0 && !$db->f("product_thumb_image") ? $dbp->f("product_thumb_image") : $db->f("product_thumb_image");
// Change
$productData = $db->get_row();
$productArray = get_object_vars($productData);
$productArray["product_id"] = $db->f("product_id");
$productArray["product_full_image"] = $product_full_image;
// to display the full image on flypage
$productArray["product_thumb_image"] = $product_thumb_image;
$tpl->set('productArray', $productArray);
foreach ($productArray as $property => $value) {
$tpl->set($property, $value);
}
// Assemble the thumbnail image as a link to the full image
// This function is defined in the theme (theme.php)
$product_image = $tpl->vmBuildFullImageLink($productArray);
$products[$ci]['product_image'] = $product_image;
//Product Description
$link = "";
if ($child_link == "Y" && !@$child_id) {
$link = "<input type=\"hidden\" id=\"index_id" . $db->f("product_id") . "\" value=\"" . $db->f("product_id") . "\" />\n";
// If content plugins are enabled, reload the whole page; otherwise, use ajax
if (VM_CONTENT_PLUGINS_ENABLE == '1') {
$link .= "<a name=\"" . $db->f("product_name") . $db->f("product_id") . "\" onclick=\"var id = \$('index_id" . $db->f("product_id") . "').value; if(id != '') { document.location = '" . $mm_action_url . "index.php?option=com_virtuemart&page=shop.product_details&flypage={$flypage}&Itemid={$Itemid}&category_id={$category_id}&product_id=' + id; }\" >";
} else {
$link .= "<a name=\"" . $db->f("product_name") . $db->f("product_id") . "\" onclick=\"var id = \$('index_id" . $db->f("product_id") . "').value; if(id != '') { loadNewPage( 'vmMainPage', '" . $mm_action_url . "index2.php?option=com_virtuemart&page=shop.product_details&flypage={$flypage}&Itemid={$Itemid}&category_id={$category_id}&product_id=' + id ); }\" >";
}
$tpl->set('child_link', true);
} else {
$tpl->set('child_link', false);
}
$html1 = $db->f("product_name");
if ($child_link == "Y" && !@$child_id) {
$html1 .= "</a>";
}
$products[$ci]['product_title'] = $link . $html1;
// For each child get attribute values by looping through attribute list
foreach ($attrib_value as $attribute) {
$products[$ci]['attrib_value'][] = $attribute;
}
//Show the quantity Box
$products[$ci]['quantity_box'] = $this->show_quantity_box($master_id, $db->f("product_id"), $product_list, $display_use_parent);
// Attributes for this item are done.
// Now get item price
$price = $ps_product->get_price($db->f("product_id"));
$price["product_price"] = $GLOBALS['CURRENCY']->convert($price["product_price"], $price["product_currency"]);
$actual_price = $ps_product->get_adjusted_attribute_price($db->f("product_id"));
$actual_price["product_price"] = $GLOBALS['CURRENCY']->convert($actual_price["product_price"], $actual_price["product_currency"]);
if ($_SESSION["auth"]["show_price_including_tax"] == 1) {
$tax_rate = 1 + $ps_product->get_product_taxrate($db->f("product_id"));
$price['product_price'] *= $tax_rate;
$actual_price['product_price'] *= $tax_rate;
}
$products[$ci]['price'] = $CURRENCY_DISPLAY->getFullValue($price["product_price"]);
$products[$ci]['actual_price'] = $CURRENCY_DISPLAY->getFullValue($actual_price["product_price"]);
// Ouput Product Type
if ($db->f("product_parent_id") != $product_id) {
$product_id = $db->f("product_parent_id");
}
$product_type = "";
if ($product_id != 0 && !$ps_product_type->product_in_product_type($db->f("product_id"))) {
$product_type = $ps_product_type->list_product_type($product_id);
} else {
$product_type = $ps_product_type->list_product_type($db->f("product_id"));
}
$products[$ci]['product_type'] = $product_type;
// Child stock
if ($display_use_parent == 'Y' && !empty($master_id)) {
$id = $master_id;
} else {
$id = $db->f("product_id");
}
$products[$ci]['product_in_stock'] = ps_product::get_field($id, 'product_in_stock');
// Output Advanced Attributes
$products[$ci]['advanced_attribute'] = $this->list_advanced_attribute($db->f("product_id"));
$products[$ci]['custom_attribute'] = $this->list_custom_attribute($db->f("product_id"));
$ci++;
}
if ($display_type == "radio") {
$list_type = "radio";
} else {
$list_type = "list";
}
// Get template and fill
$tpl->set('products', $products);
$master_child_count = $master_child_count == 0 ? 1 : $master_child_count;
$tpl->set('child_count', $master_child_count);
if ($product_list == "Y") {
$html = $tpl->fetch('product_details/includes/addtocart_list_single.tpl.php');
} else {
$list_type = "multi";
$html = $tpl->fetch('product_details/includes/addtocart_list_multi.tpl.php');
}
} else {
$html = "<input type=\"hidden\" name=\"product_id\" value=\"{$product_id}\" />\n";
$html .= "<input type=\"hidden\" name=\"prod_id[]\" value=\"{$product_id}\" />\n";
// This function lists the "advanced" simple attributes
$html .= $this->list_advanced_attribute($product_id);
// This function lists the "custom" simple attributes
$html .= $this->list_custom_attribute($product_id);
$html .= '<br />';
$list_type = "drop";
}
return array($html, $list_type);
}
function list_attribute($product_id, $fils = true)
{
global $VM_LANG, $CURRENCY_DISPLAY;
$ps_product = new ps_product();
$db = new ps_DB();
$db_sku = new ps_DB();
$db_item = new ps_DB();
// Get list of children
if ($fils) {
$q = "SELECT product_id,product_name FROM #__{vm}_product WHERE product_parent_id='{$product_id}' AND product_publish='Y'";
} else {
$q = "SELECT product_parent_id FROM #__{vm}_product WHERE product_id='{$product_id}'";
$db->setQuery($q);
$db->query();
$db->next_record();
$product_parent_id = $db->f("product_parent_id");
$q = "SELECT product_id,product_name FROM #__{vm}_product WHERE product_parent_id='{$product_parent_id}' AND product_publish='Y'";
}
$db->setQuery($q);
$db->query();
if ($db->num_rows() > 0) {
$display = '<select name="product_id" onChange="this.form.add_product_validate.value=0;this.form.submit();">';
$display .= '<option value="-1">Choisissez un produit item</option>';
while ($db->next_record()) {
$display .= '<option value="' . $db->f("product_id") . '"';
if ($product_id == $db->f("product_id")) {
$display .= ' selected="yes"';
}
$display .= '>' . $db->f("product_name");
// For each child get attribute values by looping through attribute list
$q = "SELECT product_id, attribute_name FROM #__{vm}_product_attribute_sku ";
$q .= "WHERE product_id='{$product_id}' ORDER BY attribute_list ASC";
$db_sku->setQuery($q);
$db_sku->query();
while ($db_sku->next_record()) {
$q = "SELECT attribute_name, attribute_value, product_id ";
$q .= "FROM #__{vm}_product_attribute WHERE ";
$q .= "product_id='" . $db->f("product_id") . "' AND ";
$q .= "attribute_name='" . $db_sku->f("attribute_name") . "'";
$db_item->setQuery($q);
$db_item->query();
while ($db_item->next_record()) {
$display .= ' - ' . $db_item->f("attribute_name") . " ";
$display .= "(" . $db_item->f("attribute_value") . ")";
if (!$db_sku->is_last_record()) {
$display .= '; ';
}
}
}
// Attributes for this item are done.
// Now get item price
$price = $ps_product->get_price($db->f("product_id"));
if ($_SESSION["auth"]["show_price_including_tax"] == 1) {
$tax_rate = 1 + $ps_product->get_product_taxrate($db->f("product_id"));
$price['product_price'] *= $tax_rate;
}
$display .= ' - ' . $CURRENCY_DISPLAY->getFullValue($price["product_price"]);
$display .= '</option>';
}
$display .= '</select>';
} else {
$display = "<input type=\"hidden\" name=\"product_id\" value=\"{$product_id}\" />\n";
}
return $display;
}
function NVP_DoDirectPaymentRequest(&$d, $dbbt, $dbst, $order_total, $payment_action, $ordernum, $requireCVV)
{
global $vendor_mail, $vendor_currency, $VM_LANG;
if (isset($_SESSION['ccdata']['order_payment_number'])) {
$cc_first_digit = substr($_SESSION['ccdata']['order_payment_number'], 0, 1);
$cc_first_2_digits = substr($_SESSION['ccdata']['order_payment_number'], 0, 2);
// Figure out the card type.
switch ($cc_first_digit) {
case "4":
$cc_type = urlencode("Visa");
break;
case "5":
$cc_type = urlencode("MasterCard");
break;
case "3":
switch ($cc_first_2_digits) {
case "34":
$cc_type = urlencode("Amex");
break;
case "37":
$cc_type = urlencode("Amex");
break;
case "30":
$cc_type = urlencode("Discover");
break;
case "36":
$cc_type = urlencode("Discover");
break;
case "38":
$cc_type = urlencode("Discover");
break;
default:
return false;
break;
}
break;
case "6":
$cc_type = urlencode("Discover");
break;
default:
return false;
break;
}
//Gather all required data
//Remove any dashes or spaces in the credit card number
$tmp_number = str_replace('-', '', $_SESSION['ccdata']['order_payment_number']);
$tmp_number = str_replace(' ', '', $tmp_number);
$cc_number = urlencode($tmp_number);
if (isset($_SESSION['ccdata']['credit_card_code'])) {
$cc_cvv2 = urlencode($_SESSION['ccdata']['credit_card_code']);
} else {
if ($requireCVV == 'YES') {
return false;
}
}
$cc_expires_month = $_SESSION['ccdata']['order_payment_expire_month'];
$cc_expires_year = $_SESSION['ccdata']['order_payment_expire_year'];
//$cc_owner = ($_SESSION['ccdata']['order_payment_name']);
//$cc_first = urlencode(substr($cc_owner, 0,(strrpos($cc_owner, " "))));
//$cc_last = urlencode(substr($cc_owner,(strrpos($cc_owner, ' ') + 1),strlen($cc_owner)));
$cc_expDate = urlencode($cc_expires_month . $cc_expires_year);
$subject = urlencode('');
$payer = urlencode($dbbt->f("user_email"));
$first_name = urlencode(substr($dbbt->f("first_name"), 0, 50));
$last_name = urlencode(substr($dbbt->f("last_name"), 0, 50));
$currency_type = $GLOBALS['product_currency'];
$ps_checkout = new ps_checkout();
$order_totals = $ps_checkout->calc_order_totals($d);
$tax_total = round($d['order_tax'], 2);
$ship_total = isset($d['shipping_total']) ? round($d['shipping_total'], 2) : 0;
$useshipping = PAYPAL_API_USE_SHIPPING;
$db_new = new ps_DB();
$query_str = "SELECT * FROM #__{vm}_country WHERE country_3_code='" . substr($dbbt->f("country"), 0, 60) . "'";
$db_new->setQuery($query_str);
$db_new->query();
$db_new->next_record();
$address_street1 = urlencode(substr($dbbt->f("address_1"), 0, 60));
$address_city = urlencode(substr($dbbt->f("city"), 0, 40));
$address_state = urlencode(substr($dbbt->f("state"), 0, 40));
$address_country = urlencode($db_new->f("country_2_code"));
$address_zip = urlencode(substr($dbbt->f("zip"), 0, 20));
$query_str = "SELECT * FROM #__{vm}_country WHERE country_3_code='" . substr($dbst->f("country"), 0, 60) . "'";
$db_new->setQuery($query_str);
$db_new->query();
$db_new->next_record();
$ship_name = urlencode(trim(substr($dbst->f("first_name"), 0, 50) . ' ' . substr($dbst->f("last_name"), 0, 50)));
$ship_street1 = urlencode(substr($dbst->f("address_1"), 0, 60));
$ship_street2 = urlencode(substr($dbst->f("address_2"), 0, 60));
$ship_city = urlencode(substr($dbst->f("city"), 0, 40));
$ship_state = urlencode(substr($dbst->f("state"), 0, 40));
$ship_country = urlencode($db_new->f("country_2_code"));
$ship_zip = urlencode(substr($dbst->f("zip"), 0, 20));
//Begin putting together our NVP Request
$nvpreq = "&PAYMENTACTION={$payment_action}" . "&IPADDRESS=" . $_SERVER['REMOTE_ADDR'] . "&CREDITCARDTYPE={$cc_type}" . "&ACCT={$cc_number}" . "&EXPDATE={$cc_expDate}" . "&EMAIL={$payer}" . "&FIRSTNAME={$first_name}" . "&LASTNAME={$last_name}";
if ($requireCVV == 'YES') {
if (isset($cc_cvv2)) {
$nvpreq .= "&CVV2={$cc_cvv2}";
} else {
return false;
}
}
$nvpreq .= "&STREET={$address_street1}" . "&CITY={$address_city}" . "&STATE={$address_state}" . "&COUNTRYCODE={$address_country}" . "&ZIP={$address_zip}" . "&SHIPPINGAMT={$ship_total}";
$nvpreq .= "&CURRENCYCODE={$currency_type}&TAXAMT={$tax_total}&DESC={$subject}&INVNUM={$ordernum}&BUTTONSOURCE=Virtuemart_Cart_DP";
$nvpreq .= ps_paypal_api::getCartnvpstr($order_totals);
//Put together Shipping NVP request
$nvpreq .= "&AMT={$order_total}";
if ($useshipping == '1') {
$nvpreq .= "&SHIPTONAME={$ship_name}" . "&SHIPTOSTREET={$ship_street1}" . "&SHIPTOSTREET2={$ship_street2}" . "&SHIPTOCITY={$ship_city}" . "&SHIPTOSTATE={$ship_state}" . "&SHIPTOZIP={$ship_zip}" . "&SHIPTOCOUNTRYCODE={$ship_country}";
}
//return response to ps_paypal_wpp.php
return $nvpreq;
} else {
return false;
}
}
/**
* creates a new Product Type record
* @author Zdenek Dvorak
*
* @param array $d
* @return boolean
*/
function add(&$d)
{
global $VM_LANG;
$db = new ps_DB();
if ($this->validate_add($d)) {
// find product_type_id
$q = "SELECT MAX(product_type_id) AS product_type_id FROM #__{vm}_product_type";
$db->query($q);
$db->next_record();
$product_type_id = intval($db->f("product_type_id")) + 1;
// Let's find out the last Product Type
$q = "SELECT MAX(product_type_list_order) AS list_order FROM #__{vm}_product_type";
$db->query($q);
$db->next_record();
$list_order = intval($db->f("list_order")) + 1;
if ($d["product_type_publish"] != "Y") {
$d["product_type_publish"] = "N";
}
$fields = array('product_type_id' => $product_type_id, 'product_type_name' => vmGet($d, 'product_type_name'), 'product_type_description' => vmGet($d, 'product_type_description'), 'product_type_publish' => vmGet($d, 'product_type_publish'), 'product_type_browsepage' => vmGet($d, 'product_type_browsepage'), 'product_type_flypage' => vmGet($d, 'product_type_flypage'), 'product_type_list_order' => $list_order);
$db->buildQuery('INSERT', '#__{vm}_product_type', $fields);
$db->query();
$_REQUEST['product_type_id'] = $product_type_id;
// Make new table product_type_<id>
$q = "CREATE TABLE `#__{vm}_product_type_";
$q .= $product_type_id . "` (";
$q .= "`product_id` int(11) NOT NULL,";
$q .= "PRIMARY KEY (`product_id`)";
$q .= ") TYPE=MyISAM;";
$db->setQuery($q);
if ($db->query() === false) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_PRODUCT_TYPE_ADD_FAILED'));
return false;
} else {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_PRODUCT_TYPE_ADDED'));
return true;
}
} else {
return False;
}
}
function get_price($product_id, $quantity = 0, $check_multiple_prices = false, $result_attributes = '')
{
if ($check_multiple_prices) {
$db = new ps_DB();
// Get the vendor id for this product.
$q = "SELECT vendor_id FROM #__{vm}_product WHERE product_id='{$product_id}'";
$db->setQuery($q);
$db->query();
$db->next_record();
$vendor_id = $db->f("vendor_id");
$q = "SELECT svx.shopper_group_id, sg.shopper_group_discount FROM #__{vm}_shopper_vendor_xref svx, #__{vm}_orders o, #__{vm}_shopper_group sg";
$q .= " WHERE svx.user_id=o.user_id AND sg.shopper_group_id=svx.shopper_group_id AND o.order_id=" . $this->order_id;
$db->query($q);
$db->next_record();
$shopper_group_id = $db->f("shopper_group_id");
$shopper_group_discount = $db->f("shopper_group_discount");
// Get the default shopper group id for this vendor
$q = "SELECT shopper_group_id,shopper_group_discount FROM #__{vm}_shopper_group WHERE ";
$q .= "vendor_id='{$vendor_id}' AND `default`='1'";
$db->setQuery($q);
$db->query();
$db->next_record();
$default_shopper_group_id = $db->f("shopper_group_id");
$default_shopper_group_discount = $db->f("shopper_group_discount");
// Get the product_parent_id for this product/item
$q = "SELECT product_parent_id FROM #__{vm}_product WHERE product_id='{$product_id}'";
$db->setQuery($q);
$db->query();
$db->next_record();
$product_parent_id = $db->f("product_parent_id");
$price_info = array();
if (!$check_multiple_prices) {
/* Added for Volume based prices */
// This is an important decision: we add up all product quantities with the same product_id,
// regardless to attributes. This gives "real" volume based discount, because our simple attributes
// depend on one and the same product_id
$volume_quantity_sql = " AND (('{$quantity}' >= price_quantity_start AND '{$quantity}' <= price_quantity_end)\n OR (price_quantity_end='0') OR ('{$quantity}' > price_quantity_end)) ORDER BY price_quantity_end DESC";
/* End Addition */
} else {
$volume_quantity_sql = " ORDER BY price_quantity_start";
}
// Getting prices
//
// If the shopper group has a price then show it, otherwise
// show the default price.
if (!empty($shopper_group_id)) {
$q = "SELECT product_price, product_price_id, product_currency FROM #__{vm}_product_price WHERE product_id='{$product_id}' AND ";
$q .= "shopper_group_id='{$shopper_group_id}' {$volume_quantity_sql}";
$db->setQuery($q);
$db->query();
if ($db->next_record()) {
$price_info["product_price"] = $db->f("product_price");
if ($check_multiple_prices) {
$price_info["product_base_price"] = $db->f("product_price");
$price_info["product_has_multiple_prices"] = $db->num_rows() > 1;
}
$price_info["product_price_id"] = $db->f("product_price_id");
$price_info["product_currency"] = $db->f("product_currency");
$price_info["item"] = true;
$GLOBALS['product_info'][$product_id]['price'] = $price_info;
return $GLOBALS['product_info'][$product_id]['price'];
}
}
// Get default price
$q = "SELECT product_price, product_price_id, product_currency FROM #__{vm}_product_price WHERE product_id='{$product_id}' AND ";
$q .= "shopper_group_id='{$default_shopper_group_id}' {$volume_quantity_sql}";
$db->setQuery($q);
$db->query();
if ($db->next_record()) {
$price_info["product_price"] = $db->f("product_price") * ((100 - $shopper_group_discount) / 100);
if ($check_multiple_prices) {
$price_info["product_base_price"] = $price_info["product_price"];
$price_info["product_has_multiple_prices"] = $db->num_rows() > 1;
}
$price_info["product_price_id"] = $db->f("product_price_id");
$price_info["product_currency"] = $db->f("product_currency");
$price_info["item"] = true;
$GLOBALS['product_info'][$product_id]['price'] = $price_info;
return $GLOBALS['product_info'][$product_id]['price'];
}
// Maybe its an item with no price, check again with product_parent_id
if (!empty($shopper_group_id)) {
$q = "SELECT product_price, product_price_id, product_currency FROM #__{vm}_product_price WHERE product_id='{$product_parent_id}' AND ";
$q .= "shopper_group_id='{$shopper_group_id}' {$volume_quantity_sql}";
$db->setQuery($q);
$db->query();
if ($db->next_record()) {
$price_info["product_price"] = $db->f("product_price");
if ($check_multiple_prices) {
$price_info["product_base_price"] = $db->f("product_price");
$price_info["product_has_multiple_prices"] = $db->num_rows() > 1;
}
$price_info["product_price_id"] = $db->f("product_price_id");
$price_info["product_currency"] = $db->f("product_currency");
$GLOBALS['product_info'][$product_id]['price'] = $price_info;
return $GLOBALS['product_info'][$product_id]['price'];
}
}
$q = "SELECT product_price, product_price_id, product_currency FROM #__{vm}_product_price WHERE product_id='{$product_parent_id}' AND ";
$q .= "shopper_group_id='{$default_shopper_group_id}' {$volume_quantity_sql}";
$db->setQuery($q);
$db->query();
if ($db->next_record()) {
$price_info["product_price"] = $db->f("product_price") * ((100 - $shopper_group_discount) / 100);
if ($check_multiple_prices) {
$price_info["product_base_price"] = $price_info["product_price"];
$price_info["product_has_multiple_prices"] = $db->num_rows() > 1;
}
$price_info["product_price_id"] = $db->f("product_price_id");
$price_info["product_currency"] = $db->f("product_currency");
$GLOBALS['product_info'][$product_id]['price'] = $price_info;
return $GLOBALS['product_info'][$product_id]['price'];
}
// No price found
$GLOBALS['product_info'][$product_id]['price'] = false;
return $GLOBALS['product_info'][$product_id]['price'];
} else {
return $GLOBALS['product_info'][$product_id]['price'];
}
}
/**
* Changes the status of an order
* @author pablo
* @author soeren
* @author Uli
*
*
* @param array $d
* @return boolean
*/
function order_status_update(&$d) {
global $mosConfig_offset;
global $sess, $VM_LANG, $vmLogger;
$db = new ps_DB;
//$timestamp = time() + ($mosConfig_offset*60*60); //Original
$timestamp = time(); //Custom
//$mysqlDatetime = date("Y-m-d G:i:s",$timestamp); //Original
$mysqlDatetime = date("Y-m-d G:i:s", $timestamp + ($mosConfig_offset*60*60)); //Custom
if( empty($_REQUEST['include_comment'])) {
$include_comment="N";
}
// get the current order status
$curr_order_status = @$d["current_order_status"];
$notify_customer = empty($d['notify_customer']) ? "N" : $d['notify_customer'];
if( $notify_customer=="Y" ) {
$notify_customer=1;
}
else {
$notify_customer=0;
}
$d['order_comment'] = empty($d['order_comment']) ? "" : $d['order_comment'];
if( empty($d['order_item_id']) ) {
// When the order is set to "confirmed", we can capture
// the Payment with authorize.net
if( $curr_order_status=="P" && $d["order_status"]=="C") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = $db->f("payment_class");
$d["order_number"] = $db->f("order_number");
switch( $payment_class ) {
case "ps_authorize":
require_once( CLASSPATH."payment/ps_authorize.cfg.php");
if( AN_TYPE == 'AUTH_ONLY' ) {
require_once( CLASSPATH."payment/ps_authorize.php");
$authorize = new ps_authorize();
if( !$authorize->capture_payment( $d )) {
return false;
}
}
break;
default:
// default case for payment methods that allow to "capture" the payment
if( is_file( CLASSPATH.'payment/'.basename($payment_class).'.php' ) ) {
require_once( CLASSPATH.'payment/'.basename($payment_class).'.php' );
if( !class_exists($payment_class)) break;
$paymentObj = new $payment_class();
if( !method_exists($paymentObj,'capture_payment')) break;
if( !$paymentObj->capture_payment( $d )) {
return false;
}
}
break;
}
}
/*
* This is like the test above for delayed capture only
* we (well, I - durian) don't think the credit card
* should be captured until the item(s) are shipped.
* In fact, VeriSign says not to capture the cards until
* the item ships. Maybe this behavior should be a
* configurable item?
*
* When the order changes from Confirmed or Pending to
* Shipped, perform the delayed capture.
*
* Restricted to PayFlow Pro for now.
*/
if( ($curr_order_status=="P" || $curr_order_status=="C") && $d["order_status"]=="S") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = $db->f("payment_class");
if( $payment_class=="payflow_pro" ) {
require_once( CLASSPATH."payment/payflow_pro.cfg.php");
if( PFP_TYPE == 'A' ) {
require_once( CLASSPATH."payment/payflow_pro.php");
$pfp = new ps_pfp();
$d["order_number"] = $db->f("order_number");
if( !$pfp->capture_payment( $d )) {
return false;
}
}
}
}
/**
* Do capture when product is shipped
*/
/*
if(($curr_order_status == "P" || $curr_order_status == "C") && $d["order_status"]=="S")
{
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'capture_payment' ))) {
if( !$payment->capture_payment( $d )) {
return false;
}
}
}
}*/
/*
* If a pending order gets cancelled, void the authorization.
*
* It might work on captured cards too, if we want to
* void shipped orders.
*
*/
if( $curr_order_status=="P" && $d["order_status"]=="X") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'void_authorization' ))) {
if( !$payment->void_authorization( $d )) {
return false;
}
}
}
}
// Do a Refund
if( $d['order_status']=='R' && $curr_order_status != 'R') {
$vmLogger->debug("Initiating Refund");
$q = 'SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ';
$q .= '#__{vm}_orders.order_id=\''.$db->getEscaped($d['order_id']).'\' ';
$q .= 'AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id ';
$q .= 'AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id';
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
$vmLogger->debug('Payment Class: '.$payment_class);
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
$vmLogger->debug('Found Payment Module');
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'do_refund' )))
{
$vmLogger->debug('Can call do_refund');
if( !$payment->do_refund( $d )) {
$vmLogger->debug('failed to do refund');
return false;
}
}
}
}
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$db->buildQuery('UPDATE', '#__{vm}_orders', $fields, "WHERE order_id='" . $db->getEscaped($d["order_id"]) . "'");
$db->query();
// Update the Order History.
$fields = array( 'order_id' => $d["order_id"],
'order_status_code' => $d["order_status"],
'date_added' => $mysqlDatetime,
'customer_notified' => $notify_customer,
'comments' => $d['order_comment']
);
$db->buildQuery('INSERT', '#__{vm}_order_history', $fields );
$db->query();
// Do we need to re-update the Stock Level?
if( (strtoupper($d["order_status"]) == "X" || strtoupper($d["order_status"])=="R")
// && CHECK_STOCK == '1'
&& $curr_order_status != $d["order_status"]
) {
// Get the order items and update the stock level
// to the number before the order was placed
$q = "SELECT product_id, product_quantity FROM #__{vm}_order_item WHERE order_id='".$db->getEscaped($d["order_id"])."'";
$db->query( $q );
$dbu = new ps_DB;
require_once( CLASSPATH.'ps_product.php');
// Now update each ordered product
while( $db->next_record() ) {
if( ENABLE_DOWNLOADS == '1' && ps_product::is_downloadable($db->f("product_id")) && VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
$q = "UPDATE #__{vm}_product
SET product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
else {
$q = "UPDATE #__{vm}_product
SET product_in_stock=product_in_stock+".$db->f("product_quantity").",
product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
}
}
// Update the Order Items' status
$q = "SELECT order_item_id FROM #__{vm}_order_item WHERE order_id=".$db->getEscaped($d['order_id']);
$db->query($q);
$dbu = new ps_DB;
while ($db->next_record()) {
$item_id = $db->f("order_item_id");
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$dbu->buildQuery('UPDATE', '#__{vm}_order_item', $fields, "WHERE order_item_id='" .(int)$item_id . "'");
$dbu->query();
}
if ($d["order_status"] == "C" || $d["order_status"] == "P")
{
//////////////////////////////////////////////////////////////////////////
// OSE added
//////////////////////////////////////////////////////////////////////////
//////////////Joomla Database Class//////////////
require_once(JPATH_SITE.DS.'components'.DS.'com_osemsc'.DS.'init.php');
require_once(JPATH_SITE.DS.'components'.DS.'com_osemsc'.DS.'helpers'.DS.'oseMscPublic.php');
$jdb = &JFactory::getDBO();
$jquery = "SELECT user_id FROM `#__vm_orders` WHERE `order_id` = '" . $db->getEscaped($d['order_id']) . "'";
$jdb->setQuery($jquery);
$user_id = $jdb->loadResult();
$jquery = "SELECT a.product_id, b.category_id FROM `#__vm_order_item` as a, `#__vm_product_category_xref` as b WHERE a.`order_id` = '" . $db->getEscaped($d['order_id']) . "' AND a.`product_id` = b.`product_id`";
$jdb->setQuery($jquery);
$results = $jdb->loadObjectList();
$cart = oseMscPublic::getCart();
if (empty($results))
{
$jquery = "SELECT a.product_id, b.category_id, c.product_parent_id FROM `#__vm_order_item` as a, `#__vm_product_category_xref` as b, `#__vm_product` as c WHERE a.`order_id` = '" . $db->getEscaped($d['order_id']) . "' AND a.`product_id` = c.`product_id` AND b.`product_id` = c.`product_parent_id`";
$jdb->setQuery($jquery);
$results = $jdb->loadObjectList();
}
foreach ($results as $result)
{
//////////////////////////////////////////////////
$product_id = $result->product_id;
$jquery = "SELECT * FROM `#__osemsc_ext` WHERE `type` = 'vm'";
$jdb->setQuery($jquery);
$jdb->query();
$rows = $jdb->loadObjectList();
foreach ($rows as $row)
{
$msc_data = oseJson::decode($row->params);
$left_var = "";
$right_var = "";
if ($msc_data->category_id > 0)
{
$left_var = $result->category_id;
$right_var = $msc_data->category_id;
}
else
{
$left_var = $result->product_id;
$right_var = $msc_data->product_id;
}
if ($left_var == $right_var)
{
$msc_id = $row->id;
$query = "SELECT order_currency FROM `#__vm_orders` WHERE `order_id` = ".(int)$d["order_id"];
$db->setQuery($query);
$currency = $db->loadResult();
if ($d["order_status"] == "C")
{
$member= oseRegistry :: call('member');
$member->instance($user_id, 'member_id');
// get current item
$cart->updateParams('payment_mode','m');
$paymentInfo = oseRegistry::call('msc')->getPaymentMscInfo($msc_id,$currency,0);
$nItem = array('entry_id'=>$msc_id,'entry_type'=>'msc','msc_option'=>oseObject::getValue($paymentInfo,'msc_option'));
$cart->addItem($nItem['entry_id'],$nItem['entry_type'],$nItem);
$cart->update();
// join msc
oseRegistry::call('msc')->runAddonAction('register.payment.save',array('member_id'=>$user_id,'payment_method'=>'none'), true, false);
$order_id = JRequest::getInt('order_id',0);
oseRegistry::call('payment')->getInstance('Order')->confirmOrder($order_id, array());
}
else
{
$msc_id= $row->id;
$member= oseRegistry :: call('member');
$member->instance($user_id, 'member_id');
$params = $member->getAddonParams($msc_id,$user_id,0,$params = array());
$updated= $msc->runAddonAction('member.msc.cancelMsc', $params);
}
}
}
}
//////////////////////////////////////////////////////////////////////////
}
if (ENABLE_DOWNLOADS == '1') {
##################
## DOWNLOAD MOD
$this->mail_download_id( $d );
}
if( !empty($notify_customer) ) {
$this->notify_customer( $d );
}
} elseif( !empty($d['order_item_id'])) {
// Update the Order Items' status
$q = "SELECT order_item_id, product_id, product_quantity FROM #__{vm}_order_item
WHERE order_id=".$db->getEscaped($d['order_id'])
. ' AND order_item_id='.intval( $d['order_item_id'] );
$db->query($q);
$item_product_id = $db->f('product_id');
$item_product_quantity = $db->f('product_quantity');
require_once( CLASSPATH. 'ps_product.php' );
if( ENABLE_DOWNLOADS == '1' && ps_product::is_downloadable($item_product_id) && VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
$q = "UPDATE #__{vm}_product
SET product_sales=product_sales-".$item_product_quantity."
WHERE product_id=".$item_product_id;
$db->query( $q );
}
else {
$q = "UPDATE #__{vm}_product
SET product_in_stock=product_in_stock+".$item_product_quantity.",
product_sales=product_sales-".$item_product_quantity."
WHERE product_id=".$item_product_id;
$db->query( $q );
}
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$db->buildQuery('UPDATE', '#__{vm}_order_item', $fields, 'WHERE order_item_id='.intval( $d['order_item_id'] ));
return $db->query() !== false;
}
return true;
}
/**
* Should delete a Parameter form Product Type
* and drop column from table product_type_<id>
*/
function delete_record($record_id, &$d)
{
$db = new ps_DB();
/** Find parameter_type of deleted parameter */
$q = "SELECT parameter_type FROM #__{vm}_product_type_parameter";
$q2 = " WHERE product_type_id='" . $d["product_type_id"] . "' AND parameter_name='" . $db->getEscaped($record_id) . "'";
$db->query($q . $q2);
if ($db->next_record()) {
$parameter_type = $db->f("parameter_type");
} else {
$parameter_type = "B";
}
// Error - dont delete (maybe nonexisted) column from #__{vm}_product_type_XX
$q = "DELETE FROM #__{vm}_product_type_parameter";
$db->setQuery($q . $q2);
$db->query();
// Delete index - deleted automaticaly
/* $q = "ALTER TABLE `#__{vm}_product_type_";
$q .= $d["product_type_id"]."` DROP INDEX `idx_product_type_".$d["product_type_id"]."_";
$q .= $d["parameter_name"]."`;";
$db->setQuery($q); $db->query();*/
if ($parameter_type != "B") {
// != Break Line
// Delete column
$q = "ALTER TABLE #__{vm}_product_type_" . $d["product_type_id"] . " DROP `" . $db->getEscaped($record_id) . "`";
$db->setQuery($q);
$db->query();
}
return True;
}
/**
* This function allows you to get an object list of user fields
*
* @param string $section The section the fields belong to (e.g. 'registration' or 'account')
* @param boolean $required_only
* @param mixed $sys When left empty, doesn't filter by sys
* @return array
*/
function getUserFields($section = 'registration', $required_only = false, $sys = '', $exclude_delimiters = false, $exclude_skipfields = false)
{
$db = new ps_DB();
$q = "SELECT f.* FROM `#__{vm}_userfield` f" . "\n WHERE f.published=1";
if ($section != 'bank' && $section != '') {
$q .= "\n AND f.`{$section}`=1";
} elseif ($section == 'bank') {
$q .= "\n AND f.name LIKE '%bank%'";
}
if ($exclude_delimiters) {
$q .= "\n AND f.type != 'delimiter' ";
}
if ($required_only) {
$q .= "\n AND f.required=1";
}
if ($sys !== '') {
if ($sys == '1') {
$q .= "\n AND f.sys=1";
} elseif ($sys == '0') {
$q .= "\n AND f.sys=0";
}
}
if ($exclude_skipfields) {
$q .= "\n AND FIND_IN_SET( f.name, '" . implode(',', ps_userfield::getSkipFields()) . "') = 0 ";
}
$q .= "\n ORDER BY f.ordering";
$db->setQuery($q);
$userFields = $db->loadObjectList();
return $userFields;
}
function getOrderInfo($order_id)
{
$qv = "SELECT *\n\t\t FROM `#__{vm}_orders` as o\n\t\t left join `#__{vm}_order_user_info` as oi on o.order_id = oi.order_id \n\t\t WHERE o.order_id='" . $order_id . "'";
$db_ap = new ps_DB();
$db_ap->setQuery($qv);
$result = $db_ap->loadObjectList();
return $result[0];
}
/**
* Sends the requested file to the browser
* and assures that the requested file is no payable product download file
* @author soeren
* @param int $file_id
* @param int $product_id
* @return mixed
*/
function send_file($file_id, $product_id)
{
global $VM_LANG, $vmLogger, $mosConfig_absolute_path;
$dbf = new ps_DB();
$html = "";
$sql = 'SELECT attribute_value FROM #__{vm}_product_attribute WHERE `product_id` = ' . intval($product_id) . ' AND attribute_name=\'download\'';
$dbf->query($sql);
$dbf->next_record();
$exclude_filename = $GLOBALS['vmInputFilter']->safeSQL($dbf->f("attribute_value"));
$sql = 'SELECT file_mimetype, file_name' . ' FROM `#__{vm}_product_files` WHERE ';
if ($exclude_filename) {
$sql .= ' file_title != \'' . $exclude_filename . '\' AND ';
}
$sql .= ' file_product_id = \'' . $product_id . '\' AND file_published = \'1\' AND file_id = \'' . $file_id . '\' AND file_is_image = \'0\'';
$dbf->setQuery($sql);
$dbf->query();
if (!$dbf->next_record()) {
$vmLogger->err($VM_LANG->_('PHPSHOP_FILES_NOT_FOUND', false));
return false;
}
$filename = $mosConfig_absolute_path . str_replace($mosConfig_absolute_path, '', $dbf->f("file_name"));
// dump anything in the buffer
while (@ob_end_clean()) {
}
if (strtolower(substr($filename, 0, 4)) == 'http') {
vmRedirect($filename);
}
if ($filename) {
require_once CLASSPATH . 'connectionTools.class.php';
vmConnector::sendFile($filename, $dbf->f("file_mimetype"));
$GLOBALS['vm_mainframe']->close(true);
} else {
$vmLogger->err($VM_LANG->_('PHPSHOP_FILES_NOT_FOUND', false));
}
return true;
}
function checkMenuItems($parameter, $value)
{
global $mainframe;
$db = new ps_DB();
if (!isset($mainframe->vm_menuitems)) {
$db->setQuery("SELECT id, params FROM #__menu WHERE link='index.php?option=com_virtuemart' AND published=1");
$mainframe->vm_menuitems = $db->loadAssocList();
if (!is_array($mainframe->vm_menuitems)) {
$mainframe->vm_menuitems = array();
// Query failed, empty result
}
}
foreach ($mainframe->vm_menuitems as $chkmenu) {
if (strpos($chkmenu['params'], $parameter . "=" . $value . "\n") !== false) {
return $chkmenu['id'];
}
}
return false;
}
/**
* Lists Shipping Methods of all published Shipping Modules
*
* @param string $ship_to_info_id
* @param string $shipping_method_id
*/
function list_shipping_methods($ship_to_info_id = null, $shipping_method_id = null)
{
global $PSHOP_SHIPPING_MODULES, $vmLogger, $auth, $weight_total;
if (empty($ship_to_info_id)) {
// Get the Bill to user_info_id
$database = new ps_DB();
$database->setQuery("SELECT user_info_id FROM #__{vm}_user_info WHERE user_id=" . $auth['user_id'] . " AND address_type='BT'");
$vars["ship_to_info_id"] = $_REQUEST['ship_to_info_id'] = $database->loadResult();
} else {
$vars['ship_to_info_id'] = $ship_to_info_id;
}
$vars['shipping_rate_id'] = $shipping_method_id;
$vars["weight"] = $weight_total;
$vars['zone_qty'] = vmRequest::getInt('zone_qty', 0);
$i = 0;
$theme = new $GLOBALS['VM_THEMECLASS']();
$theme->set_vars(array('vars' => $vars, 'PSHOP_SHIPPING_MODULES' => $PSHOP_SHIPPING_MODULES));
echo $theme->fetch('checkout/list_shipping_methods.tpl.php');
}
/**
* Creates navigation list of categories
* @author pablo
* @author soeren
* @param int $category_id
*/
function get_navigation_list($category_id)
{
global $sess, $mosConfig_live_site;
$db = new ps_DB();
static $i = 0;
static $category_list = array();
$q = "SELECT category_id, category_name,category_parent_id, category_child_id FROM #__{vm}_category, #__{vm}_category_xref WHERE ";
$q .= "#__{vm}_category_xref.category_child_id='{$category_id}' ";
$q .= "AND #__{vm}_category.category_id='{$category_id}'";
$db->setQuery($q);
$db->query();
$db->next_record();
$category_list[$i]['category_id'] = $db->f("category_id");
$category_list[$i]['category_name'] = $db->f("category_name");
if ($db->f("category_parent_id")) {
$i++;
array_merge($category_list, $this->get_navigation_list($db->f("category_parent_id")));
}
return $category_list;
}
function getProductSKU( $limit=0, $how=null, $category_ids=array(), $featuredProducts='no' , $specific_product_ids='', $source='filter', $catfilter='') {
global $my, $mosConfig_offset;
$database = new ps_DB();
$where = $this->buildConditionSql($source, $catfilter, $category_ids, $specific_product_ids);
if($limit>0) {
$limit = "LIMIT $limit";
} else {
$limit = "";
}
$query = "SELECT distinct(p.product_sku) FROM #__{vm}_product AS p";
$query .= "\nJOIN #__{vm}_product_category_xref as pc ON p.product_id=pc.product_id";
$query .= "\nJOIN #__{vm}_category as c ON pc.category_id=c.category_id";
$query .= "\n WHERE p.product_publish = 'Y' AND c.category_publish = 'Y' AND product_parent_id=0 ";
if( CHECK_STOCK && PSHOP_SHOW_OUT_OF_STOCK_PRODUCTS != "1") {
$query .= " AND product_in_stock > 0 ";
}
if( $featuredProducts=='yes' ) {
$query .= "\n AND product_special = 'Y' ";
}
$query .= $where;
switch( $how ) {
case 'random':
$query .= "\n ORDER BY RAND() $limit";
break;
case 'newest':
$query .= "\n ORDER BY p.cdate DESC $limit";
break;
case 'oldest':
$query .= "\n ORDER BY p.cdate ASC $limit";
break;
default:
$query .= "\n ORDER BY p.cdate DESC $limit";
break;
}
$database->setQuery( $query );
$rows = $database->loadResultArray();//var_dump($rows);die;
return $rows;
}
case "DKK":
$currency_iso_4217 = 208;
break;
case "EUR":
$currency_iso_4217 = 978;
break;
case "USD":
$currency_iso_4217 = 840;
break;
default:
// assume that a danish gateway is used with Danish Krona
$currency_iso_4217 = 208;
}
$q = "SELECT * FROM #__users WHERE id='" . $my->id . "'";
$dbbt = new ps_DB();
$dbbt->setQuery($q);
$dbbt->query();
$dbbt->next_record();
?>
<div id="overDiv" style="position:absolute; visibility:hidden; z-index:10000;"></div>
<script type="text/javascript" src="<?php
echo $mosConfig_live_site;
?>
/includes/js/overlib_mini.js"></script>
<script type="text/javascript">
function check_pbscc_form() {
// Remove all non-digits from CardNumber
document.checkout_pbscc_payment.cardnum.value = document.checkout_pbscc_payment.cardnum.value.replace(/(\D)+/g,"");
// Remove all non-digits from Control-digits
