/**
     * This is the main function which stores the order information in the database
     * 
     * @author Ashish Solanki!
     * @return boolean
     */
    function updateRecords($order_number, $order_total, &$d)
    {
        require_once CLASSPATH . 'ps_checkout.php';
        $ps_chkout = new ps_checkout();
        global $order_tax_details, $afid, $VM_LANG, $auth, $my, $mosConfig_offset, $vmLogger, $vmInputFilter, $discount_factor;
        $ps_vendor_id = $_SESSION["ps_vendor_id"];
        $cart = $_SESSION['cart'];
        require_once CLASSPATH . 'ps_payment_method.php';
        $ps_payment_method = new ps_payment_method();
        require_once CLASSPATH . 'ps_product.php';
        $ps_product = new ps_product();
        require_once CLASSPATH . 'ps_cart.php';
        $ps_cart = new ps_cart();
        $db = new ps_DB();
        $totals = $ps_chkout->calc_order_totals($d);
        extract($totals);
        $timestamp = time();
        //Custom
        $vmLogger->debug('-- Checkout Debug--
							Subtotal: ' . $order_subtotal . '
							Taxable: ' . $order_taxable . '
							Payment Discount: ' . $payment_discount . '
							Coupon Discount: ' . $coupon_discount . '
							Shipping: ' . $order_shipping . '
							Shipping Tax : ' . $order_shipping_tax . '
							Tax : ' . $order_tax . '
							------------------------
							Order Total: ' . $order_total . '
							----------------------------');
        // Check to see if Payment Class File exists
        $payment_class = $ps_payment_method->get_field($d["payment_method_id"], "payment_class");
        $d['new_order_status'] = 'P';
        // This is meant to be updated by a payment modules' process_payment method
        if (!class_exists($payment_class)) {
            include CLASSPATH . "payment/{$payment_class}.php";
        }
        $_PAYMENT = new $payment_class();
        // Remove the Coupon, because it is a Gift Coupon and now is used!!
        if (@$_SESSION['coupon_type'] == "gift") {
            $d['coupon_id'] = $_SESSION['coupon_id'];
            include_once CLASSPATH . 'ps_coupon.php';
            ps_coupon::remove_coupon_code($d);
        }
        // Get the IP Address
        if (!empty($_SERVER['REMOTE_ADDR'])) {
            $ip = $_SERVER['REMOTE_ADDR'];
        } else {
            $ip = 'unknown';
        }
        // Collect all fields and values to store them!
        $fields = array('user_id' => $auth["user_id"], 'vendor_id' => $ps_vendor_id, 'order_number' => $order_number, 'user_info_id' => $d["ship_to_info_id"], 'ship_method_id' => @urldecode($d["shipping_rate_id"]), 'order_total' => $order_total, 'order_subtotal' => $order_subtotal, 'order_tax' => $order_tax, 'order_tax_details' => serialize($order_tax_details), 'order_shipping' => $order_shipping, 'order_shipping_tax' => $order_shipping_tax, 'order_discount' => $payment_discount, 'coupon_discount' => $coupon_discount, 'coupon_code' => @$_SESSION['coupon_code'], 'order_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'cdate' => $timestamp, 'mdate' => $timestamp, 'customer_note' => htmlspecialchars(vmRequest::getString('customer_note', '', 'POST', 'none'), ENT_QUOTES), 'ip_address' => $ip);
        // Insert the main order information
        $db->buildQuery('INSERT', '#__{vm}_orders', $fields);
        $result = $db->query();
        $d["order_id"] = $order_id = $db->last_insert_id();
        if ($result === false || empty($order_id)) {
            $vmLogger->crit('Adding the Order into the Database failed! User ID: ' . $auth["user_id"]);
            return false;
        }
        // Insert the initial Order History.
        $mysqlDatetime = date("Y-m-d G:i:s", $timestamp);
        $fields = array('order_id' => $order_id, 'order_status_code' => 'P', 'date_added' => $mysqlDatetime, 'customer_notified' => 1, 'comments' => '');
        $db->buildQuery('INSERT', '#__{vm}_order_history', $fields);
        $db->query();
        /**
         * Insert the Order payment info 
         */
        $payment_number = str_replace(array(' ', '|', '-'), '', @$_SESSION['ccdata']['order_payment_number']);
        $d["order_payment_code"] = @$_SESSION['ccdata']['credit_card_code'];
        // Payment number is encrypted using mySQL encryption functions.
        $fields = array('order_id' => $order_id, 'payment_method_id' => $d["payment_method_id"], 'order_payment_log' => @$d["order_payment_log"], 'order_payment_trans_id' => $vmInputFilter->safeSQL(@$d["order_payment_trans_id"]));
        if (!empty($payment_number) && VM_STORE_CREDITCARD_DATA == '1') {
            // Store Credit Card Information only if the Store Owner has decided to do so
            $fields['order_payment_code'] = $d["order_payment_code"];
            $fields['order_payment_expire'] = @$_SESSION["ccdata"]["order_payment_expire"];
            $fields['order_payment_name'] = @$_SESSION["ccdata"]["order_payment_name"];
            $fields['order_payment_number'] = VM_ENCRYPT_FUNCTION . "( '{$payment_number}','" . ENCODE_KEY . "')";
            $specialfield = array('order_payment_number');
        } else {
            $specialfield = array();
        }
        $db->buildQuery('INSERT', '#__{vm}_order_payment', $fields, '', $specialfield);
        $db->query();
        /**
         * Insert the User Billto & Shipto Info
         */
        // First: get all the fields from the user field list to copy them from user_info into the order_user_info
        $fields = array();
        require_once CLASSPATH . 'ps_userfield.php';
        $userfields = ps_userfield::getUserFields('', false, '', true, true);
        foreach ($userfields as $field) {
            if ($field->name == 'email') {
                $fields[] = 'user_email';
            } else {
                $fields[] = $field->name;
            }
        }
        $fieldstr = implode(',', $fields);
        // Save current Bill To Address
        $q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") ";
        $q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND address_type='BT'";
        $db->query($q);
        // Save current Ship to Address if applicable
        $q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") ";
        $q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND user_info_id='" . $d['ship_to_info_id'] . "' AND address_type='ST'";
        $db->query($q);
        /**
         * Insert all Products from the Cart into order line items; 
         * one row per product in the cart 
         */
        $dboi = new ps_DB();
        for ($i = 0; $i < $cart["idx"]; $i++) {
            $r = "SELECT product_id,product_in_stock,product_sales,product_parent_id,product_sku,product_name ";
            $r .= "FROM #__{vm}_product WHERE product_id='" . $cart[$i]["product_id"] . "'";
            $dboi->query($r);
            $dboi->next_record();
            $product_price_arr = $ps_product->get_adjusted_attribute_price($cart[$i]["product_id"], $cart[$i]["description"]);
            $product_price = $GLOBALS['CURRENCY']->convert($product_price_arr["product_price"], $product_price_arr["product_currency"]);
            if (empty($_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate'])) {
                $my_taxrate = $ps_product->get_product_taxrate($cart[$i]["product_id"]);
            } else {
                $my_taxrate = $_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate'];
            }
            // Attribute handling
            $product_parent_id = $dboi->f('product_parent_id');
            $description = '';
            if ($product_parent_id > 0) {
                $db_atts = $ps_product->attribute_sql($dboi->f('product_id'), $product_parent_id);
                while ($db_atts->next_record()) {
                    $description .= $db_atts->f('attribute_name') . ': ' . $db_atts->f('attribute_value') . '; ';
                }
            }
            $description .= $ps_product->getDescriptionWithTax($_SESSION['cart'][$i]["description"], $dboi->f('product_id'));
            $product_final_price = round($product_price * ($my_taxrate + 1), 2);
            $vendor_id = $ps_vendor_id;
            $fields = array('order_id' => $order_id, 'user_info_id' => $d["ship_to_info_id"], 'vendor_id' => $vendor_id, 'product_id' => $cart[$i]["product_id"], 'order_item_sku' => $dboi->f("product_sku"), 'order_item_name' => $dboi->f("product_name"), 'product_quantity' => $cart[$i]["quantity"], 'product_item_price' => $product_price, 'product_final_price' => $product_final_price, 'order_item_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'product_attribute' => $description, 'cdate' => $timestamp, 'mdate' => $timestamp);
            $db->buildQuery('INSERT', '#__{vm}_order_item', $fields);
            $db->query();
            // Update Stock Level and Product Sales, decrease - no matter if in stock or not!
            $q = "UPDATE #__{vm}_product ";
            $q .= "SET product_in_stock = product_in_stock - " . (int) $cart[$i]["quantity"];
            $q .= " WHERE product_id = '" . $cart[$i]["product_id"] . "'";
            $db->query($q);
            $q = "UPDATE #__{vm}_product ";
            $q .= "SET product_sales= product_sales + " . (int) $cart[$i]["quantity"];
            $q .= " WHERE product_id='" . $cart[$i]["product_id"] . "'";
            $db->query($q);
            // Update stock of parent product, if all child products are sold, thanks Ragnar Brynjulfsson
            if ($dboi->f("product_parent_id") != 0) {
                $q = "SELECT COUNT(product_id) ";
                $q .= "FROM #__{vm}_product ";
                $q .= "WHERE product_parent_id = " . $dboi->f("product_parent_id");
                $q .= " AND product_in_stock > 0";
                $db->query($q);
                $db->next_record();
                if (!$db->f("COUNT(product_id)")) {
                    $q = "UPDATE #__{vm}_product ";
                    $q .= "SET product_in_stock = 0 ";
                    $q .= "WHERE product_id = " . $dboi->f("product_parent_id") . " LIMIT 1";
                    $db->query($q);
                }
            }
        }
        ######## BEGIN DOWNLOAD MOD ###############
        if (ENABLE_DOWNLOADS == "1") {
            require_once CLASSPATH . 'ps_order.php';
            for ($i = 0; $i < $cart["idx"]; $i++) {
                // only handle downloadable products here
                if (ps_product::is_downloadable($cart[$i]["product_id"])) {
                    $params = array('product_id' => $cart[$i]["product_id"], 'order_id' => $order_id, 'user_id' => $auth["user_id"]);
                    ps_order::insert_downloads_for_product($params);
                    if (@VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
                        // Update the product stock level back to where it was.
                        $q = "UPDATE #__{vm}_product ";
                        $q .= "SET product_in_stock = product_in_stock + " . (int) $cart[$i]["quantity"];
                        $q .= " WHERE product_id = '" . (int) $cart[$i]["product_id"] . "'";
                        $db->query($q);
                    }
                }
            }
        }
        ################## END DOWNLOAD MOD ###########
        // Export the order_id so the checkout complete page can get it
        $d["order_id"] = $order_id;
        /*
         * Let the shipping module know which shipping method
         * was selected.  This way it can save any information
         * it might need later to print a shipping label.
         */
        if (is_callable(array($this->_SHIPPING, 'save_rate_info'))) {
            $this->_SHIPPING->save_rate_info($d);
        }
        // Now as everything else has been done, we can update the Order Status
        $update_order = false;
        if ($order_total == 0.0) {
            // code moved out of $_PAYMENT check as no payment will be needed when $order_total=0.0
            // If the Order Total is zero, we can confirm the order to automatically enable the download
            $d['order_status'] = ENABLE_DOWNLOAD_STATUS;
            $update_order = true;
        } elseif (isset($_PAYMENT)) {
            if ($d['new_order_status'] != 'P') {
                $d['order_status'] = $d['new_order_status'];
                $update_order = true;
            }
        }
        if ($update_order) {
            require_once CLASSPATH . "ps_order.php";
            $ps_order = new ps_order();
            $ps_order->order_status_update($d);
        }
        // Send the e-mail confirmation messages
        $ps_chkout->email_receipt($order_id);
        // Reset the cart (=empty it)
        $ps_cart->reset();
        $_SESSION['savedcart']['idx'] = 0;
        $ps_cart->saveCart();
        // Unset the payment_method variables
        $d["payment_method_id"] = "";
        $d["order_payment_number"] = "";
        $d["order_payment_expire"] = "";
        $d["order_payment_name"] = "";
        $d["credit_card_code"] = "";
        // Clear the sensitive Session data
        $_SESSION['ccdata']['order_payment_name'] = "";
        $_SESSION['ccdata']['order_payment_number'] = "";
        $_SESSION['ccdata']['order_payment_expire_month'] = "";
        $_SESSION['ccdata']['order_payment_expire_year'] = "";
        $_SESSION['ccdata']['credit_card_code'] = "";
        $_SESSION['coupon_discount'] = "";
        $_SESSION['coupon_id'] = "";
        $_SESSION['coupon_redeemed'] = false;
        $_POST["payment_method_id"] = "";
        $_POST["order_payment_number"] = "";
        $_POST["order_payment_expire"] = "";
        $_POST["order_payment_name"] = "";
        $_SESSION['order_id'] = $order_id;
    }
示例#2
0
 function get_payment_discount($payment_method_id, $subtotal = '')
 {
     if (empty($payment_method_id)) {
         return 0;
     }
     $db = new ps_DB();
     //MOD ei
     // There is a special payment method, which fee is depend on subtotal
     // it is a type of cash on delivery
     // comment soeren: Payment methods can implement their own method
     // how to calculate the discount: the function "get_payment_rate"
     // should return a float value from the payment class
     require_once CLASSPATH . 'ps_payment_method.php';
     $ps_payment_method = new ps_payment_method();
     $payment_class = $ps_payment_method->get_field($payment_method_id, "payment_class");
     // Check to see if Payment Class File exists
     if (file_exists(CLASSPATH . "payment/{$payment_class}.php")) {
         require_once CLASSPATH . "payment/{$payment_class}.php";
         eval("\$_PAYMENT = new {$payment_class}();");
         if (is_callable(array($payment_class, 'get_payment_rate'))) {
             return $_PAYMENT->get_payment_rate($subtotal);
         }
     }
     //End of MOD ei
     // If a payment method has no special way of calculating a discount,
     // let's do this on our own from the payment_method_discount settings
     $q = 'SELECT `payment_method_discount`,`payment_method_discount_is_percent`,`payment_method_discount_max_amount`, `payment_method_discount_min_amount`
                             FROM `#__{vm}_payment_method` WHERE payment_method_id=' . $payment_method_id;
     $db->query($q);
     $db->next_record();
     $discount = $db->f('payment_method_discount');
     $is_percent = $db->f('payment_method_discount_is_percent');
     if (!$is_percent) {
         // Standard method: absolute amount
         if (!empty($discount)) {
             return floatval($GLOBALS['CURRENCY']->convert($discount));
         } else {
             return 0;
         }
     } else {
         if ($subtotal === '') {
             $subtotal = $this->get_order_subtotal($vars);
         }
         // New: percentage of the subtotal, limited by minimum and maximum
         $max = $db->f('payment_method_discount_max_amount');
         $min = $db->f('payment_method_discount_min_amount');
         $value = (double) ($discount / 100) * $subtotal;
         if (abs($value) > $max && $max > 0) {
             $value = -$max;
         } elseif (abs($value) < $min && $min > 0) {
             $value = -$min;
         }
         return $value;
     }
 }
:</td>
      <td width="69%" >
        <input type="text" class="inputbox" name="payment_method_code" value="<?php 
$db->sp("payment_method_code");
?>
" size="4" maxlength="8" />
      </td>
    </tr>
    <tr class="row1">
      <td class="labelcell"><?php 
echo $VM_LANG->_('VM_PAYMENT_CLASS_NAME');
?>
      </td>
      <td width="69%">
      	<?php 
echo ps_payment_method::list_available_classes('payment_class', $db->sf("payment_class") ? $db->sf("payment_class") : 'ps_payment');
echo mm_ToolTip($VM_LANG->_('VM_PAYMENT_CLASS_NAME_TIP'));
?>
      </td>
    </tr>
    <tr class="row0">
      <td class="labelcell"><?php 
echo $VM_LANG->_('PHPSHOP_PAYMENT_METHOD_FORM_ENABLE_PROCESSOR');
?>
:</td>
      <td width="69%" >
      <?php 
$payment_process = $db->f("enable_processor");
$payment_types = array("" => $VM_LANG->_('PHPSHOP_PAYMENT_FORM_CC'), "Y" => $VM_LANG->_('PHPSHOP_PAYMENT_FORM_USE_PP'), "B" => $VM_LANG->_('PHPSHOP_PAYMENT_FORM_BANK_DEBIT'), "N" => $VM_LANG->_('PHPSHOP_PAYMENT_FORM_AO'), "P" => $VM_LANG->_('VM_PAYMENT_FORM_FORMBASED'));
$i = 0;
foreach ($payment_types as $value => $description) {
    ?>
</th>
	      </tr>
	      <tr> 
	        <td width="20%"><?php 
    echo $VM_LANG->_('PHPSHOP_ORDER_PRINT_PAYMENT_LBL');
    ?>
 :</td>
	        <td><?php 
    $dbpm->p("payment_method_name");
    ?>
 </td>
	      </tr>
		  <?php 
    require_once CLASSPATH . 'ps_payment_method.php';
    $ps_payment_method = new ps_payment_method();
    $payment = $dbpm->f("payment_method_id");
    if ($ps_payment_method->is_creditcard($payment)) {
        // DECODE Account Number
        $dbaccount = new ps_DB();
        $q = 'SELECT ' . VM_DECRYPT_FUNCTION . '(order_payment_number,\'' . ENCODE_KEY . '\') as account_number 
		  				FROM #__{vm}_order_payment WHERE order_id=\'' . $order_id . '\'';
        $dbaccount->query($q);
        $dbaccount->next_record();
        if ($dbaccount->f("order_payment_name")) {
            ?>
	        
		      <tr> 
		        <td width="10%"><?php 
            echo $VM_LANG->_('PHPSHOP_ORDER_PRINT_ACCOUNT_NAME');
            ?>
* @version $Id: checkout.confirm.php 1122 2008-01-07 14:52:31Z thepisu $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2004-2007 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
require_once CLASSPATH . 'ps_payment_method.php';
$ps_payment_method = new ps_payment_method();
?>

<h3><?php 
echo $VM_LANG->_('PHPSHOP_ORDER_CONFIRM_MNU');
?>
</h3>

<?php 
include PAGEPATH . "ro_basket.php";
?>

<BR>
<?php 
if ($checkout) {
    ?>