$goto = basename($PHP_SELF);
if ($HTTP_GET_VARS['action'] == 'buy_now') {
$parameters = array('action', 'pid', 'products_id');
} else {
$parameters = array('action', 'pid');
}
}
switch ($HTTP_GET_VARS['action']) {
// customer wants to update the product quantity in their shopping cart
case 'update_product':
for ($i = 0, $n = sizeof($HTTP_POST_VARS['products_id']); $i < $n; $i++) {
if (in_array($HTTP_POST_VARS['products_id'][$i], is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array())) {
$cart->remove($HTTP_POST_VARS['products_id'][$i]);
} else {
$attributes = $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : '';
$cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer adds a product from the products page
// Additional code to allow sample quantity - BBG Design 2011
// customer adds a product from the products page
// Additional code to allow sample quantity - BBG Design 2011
case 'add_product':
if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id']) && $HTTP_POST_VARS['cart_quantity'] != '0') {
$attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : '';
$cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $HTTP_POST_VARS['id'])) + $HTTP_POST_VARS['cart_quantity'], $HTTP_POST_VARS['id']);
} elseif (isset($HTTP_POST_VARS['products_sample_code']) && is_numeric($HTTP_POST_VARS['products_sample_code']) && $HTTP_POST_VARS['cart_quantity2'] != '0') {
$attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : '';
$cart->add_cart($HTTP_POST_VARS['products_sample_code'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_sample_code'], $HTTP_POST_VARS['id'])) + $HTTP_POST_VARS['cart_quantity2'], $HTTP_POST_VARS['id']);
$Qproducts = $OSCOM_Db->get(['customers_basket cb', 'products_description pd'], ['cb.customers_basket_quantity', 'cb.products_id', 'pd.products_name'], ['cb.customers_id' => (int) $info->customer_id, 'cb.products_id' => ['rel' => 'pd.products_id'], 'pd.language_id' => $OSCOM_Language->getId()]);
if ($Qproducts->fetch() !== false) {
$shoppingCart = new shoppingCart();
do {
$contents[] = ['text' => $Qproducts->valueInt('customers_basket_quantity') . ' x ' . $Qproducts->value('products_name')];
$attributes = [];
if (strpos($Qproducts->value('products_id'), '{') !== false) {
$combos = [];
preg_match_all('/(\\{[0-9]+\\}[0-9]+){1}/', $Qproducts->value('products_id'), $combos);
foreach ($combos[0] as $combo) {
$att = [];
preg_match('/\\{([0-9]+)\\}([0-9]+)/', $combo, $att);
$attributes[$att[1]] = $att[2];
}
}
$shoppingCart->add_cart(tep_get_prid($Qproducts->value('products_id')), $Qproducts->valueInt('customers_basket_quantity'), $attributes);
} while ($Qproducts->fetch());
$contents[] = array('align' => 'right', 'text' => OSCOM::getDef('text_shopping_cart_subtotal') . ' ' . $currencies->format($shoppingCart->show_total()));
} else {
$contents[] = array('text' => ' ');
}
} else {
$contents[] = array('text' => 'N/A');
}
}
if (tep_not_null($heading) && tep_not_null($contents)) {
echo ' <td width="25%" valign="top">' . "\n";
$box = new box();
echo $box->infoBox($heading, $contents);
echo ' </td>' . "\n";
}
// customer adds a product from the products page
// customer adds a product from the products page
case 'add_product':
if (ALLOW_GUEST_TO_ADD_CART == 'true' || tep_session_is_registered('customer_id') || $HTTP_GET_VARS['link'] == 'mail') {
if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id']) || isset($HTTP_GET_VARS['products_id']) && is_numeric($HTTP_GET_VARS['products_id'])) {
$quantity = (int) $HTTP_POST_VARS['quantity'];
if (isset($HTTP_GET_VARS['products_id'])) {
$products_id = $HTTP_GET_VARS['products_id'];
} else {
$products_id = $HTTP_POST_VARS['products_id'];
}
if ($quantity < 1) {
$quantity = 1;
}
if ($HTTP_GET_VARS['to'] == 'foreign') {
$foreign_cart->add_cart($products_id, 1);
} elseif ($HTTP_GET_VARS['to'] == 'postpone') {
$postpone_cart->add_cart($products_id, 1);
$cart->remove($products_id);
} else {
$quantity = $cart->get_quantity($products_id) + $quantity;
$cart->add_cart($products_id, $quantity);
$postpone_cart->remove($products_id);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters), $ssl_params) . '#' . $HTTP_GET_VARS['to']);
} else {
$messageStack->add_session('header', ENTRY_GUEST_ADD_TO_CART_ERROR);
tep_redirect($_SERVER['HTTP_REFERER']);
}
break;
$products_query = tep_db_query("select cb.customers_basket_quantity, cb.products_id, pd.products_name from " . TABLE_CUSTOMERS_BASKET . " cb, " . TABLE_PRODUCTS_DESCRIPTION . " pd where cb.customers_id = '" . (int) $info->customer_id . "' and cb.products_id = pd.products_id and pd.language_id = '" . (int) $languages_id . "'");
if (tep_db_num_rows($products_query)) {
$shoppingCart = new shoppingCart();
while ($products = tep_db_fetch_array($products_query)) {
$contents[] = array('text' => $products['customers_basket_quantity'] . ' x ' . $products['products_name']);
$attributes = array();
if (strpos($products['products_id'], '{') !== false) {
$combos = array();
preg_match_all('/(\\{[0-9]+\\}[0-9]+){1}/', $products['products_id'], $combos);
foreach ($combos[0] as $combo) {
$att = array();
preg_match('/\\{([0-9]+)\\}([0-9]+)/', $combo, $att);
$attributes[$att[1]] = $att[2];
}
}
$shoppingCart->add_cart(tep_get_prid($products['products_id']), $products['customers_basket_quantity'], $attributes);
}
$contents[] = array('text' => tep_draw_separator('pixel_black.gif', '100%', '1'));
$contents[] = array('align' => 'right', 'text' => TEXT_SHOPPING_CART_SUBTOTAL . ' ' . $currencies->format($shoppingCart->show_total()));
} else {
$contents[] = array('text' => ' ');
}
} else {
$contents[] = array('text' => 'N/A');
}
}
if (tep_not_null($heading) && tep_not_null($contents)) {
echo ' <td width="25%" valign="top">' . "\n";
$box = new box();
echo $box->infoBox($heading, $contents);
echo ' </td>' . "\n";
/**
* Process a <new-order-notification>.
*
* If the email user does not exist, create the user and log in.
*
* If the user does not exist as a Google Checkout user, add them
* to the google_checkout table to match the buyer_id and customer_id.
*
* Add the order to the logged-in user.
*
* TODO(eddavisson): This function is way too long. Split into pieces.
*/
function process_new_order_notification($google_response, $google_checkout)
{
global $order, $currencies, $languages_id;
list($root, $gc_data) = $google_response->GetParsedXML();
// Check if the order was already processed.
$google_order = tep_db_fetch_array(tep_db_query("select orders_id " . " from " . $google_checkout->table_order . " " . " where google_order_number = " . $gc_data[$root]['google-order-number']['VALUE']));
// Check if order was alread processed.
if ($google_order['orders_id'] != '') {
//Send ACK http 200 to avoid notification resend.
$google_response->log->logError(sprintf(GOOGLECHECKOUT_ERR_DUPLICATED_ORDER, $gc_data[$root]['google-order-number']['VALUE'], $google_order['orders_id']));
$google_response->SendAck();
}
// Check if the email exists.
$customer_exists = tep_db_fetch_array(tep_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . gc_make_sql_string($gc_data[$root]['buyer-billing-address']['email']['VALUE']) . "'"));
// Check if the GC buyer id exists
$customer_info = tep_db_fetch_array(tep_db_query("select gct.customers_id from " . $google_checkout->table_name . " gct " . " inner join " . TABLE_CUSTOMERS . " tc on gct.customers_id = tc.customers_id " . " where gct.buyer_id = " . gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE'])));
$new_user = false;
// Ignore session to avoid mix of Cart-GC sessions/emails
// GC email is the most important one
if ($customer_exists['customers_id'] != '') {
$customer_id = $customer_exists['customers_id'];
tep_session_register('customer_id');
} else {
if ($customer_info['customers_id'] != '') {
$customer_id = $customer_info['customers_id'];
tep_session_register('customer_id');
} else {
list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-billing-address']['contact-name']['VALUE']), 2);
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $gc_data[$root]['buyer-billing-address']['email']['VALUE'], 'customers_telephone' => $gc_data[$root]['buyer-billing-address']['phone']['VALUE'], 'customers_fax' => $gc_data[$root]['buyer-billing-address']['fax']['VALUE'], 'customers_default_address_id' => 0, 'customers_password' => tep_encrypt_password(gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE'])), 'customers_newsletter' => $gc_data[$root]['buyer-marketing-preferences']['email-allowed']['VALUE'] == 'true' ? 1 : 0);
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = 'now()';
}
tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
$customer_id = tep_db_insert_id();
tep_session_register('customer_id');
tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . "\n (customers_info_id, customers_info_number_of_logons,\n customers_info_date_account_created)\n values ('" . (int) $customer_id . "', '0', now())");
tep_db_query("insert into " . $google_checkout->table_name . " " . " values ( " . $customer_id . ", " . $gc_data[$root]['buyer-id']['VALUE'] . ")");
$new_user = true;
}
}
// The user exists and is logged in.
// Check database to see if the address exist.
$address_book = tep_db_query("select address_book_id, entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . "\n where customers_id = '" . $customer_id . "'\n and entry_street_address = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address1']['VALUE']) . "'\n and entry_suburb = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address2']['VALUE']) . "'\n and entry_postcode = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE']) . "'\n and entry_city = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['city']['VALUE']) . "'");
// If not, add the address as the default.
if (!tep_db_num_rows($address_book)) {
$buyer_state = $gc_data[$root]['buyer-shipping-address']['region']['VALUE'];
$zone_answer = tep_db_fetch_array(tep_db_query("select zone_id, zone_country_id from " . TABLE_ZONES . " where zone_code = '" . $buyer_state . "'"));
list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE']), 2);
$sql_data_array = array('customers_id' => $customer_id, 'entry_gender' => '', 'entry_company' => $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE'], 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $gc_data[$root]['buyer-shipping-address']['address1']['VALUE'], 'entry_suburb' => $gc_data[$root]['buyer-shipping-address']['address2']['VALUE'], 'entry_postcode' => $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE'], 'entry_city' => $gc_data[$root]['buyer-shipping-address']['city']['VALUE'], 'entry_state' => $buyer_state, 'entry_country_id' => $zone_answer['zone_country_id'], 'entry_zone_id' => $zone_answer['zone_id']);
tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
$address_id = tep_db_insert_id();
tep_db_query("update " . TABLE_CUSTOMERS . "\n set customers_default_address_id = '" . (int) $address_id . "'\n where customers_id = '" . (int) $customer_id . "'");
$customer_default_address_id = $address_id;
$customer_country_id = $zone_answer['zone_country_id'];
$customer_zone_id = $zone_answer['zone_id'];
} else {
$customer_default_address_id = $address_book['address_book_id'];
$customer_country_id = $address_book['entry_country_id'];
$customer_zone_id = $address_book['entry_zone_id'];
}
$customer_first_name = $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'];
tep_session_register('customer_default_address_id');
tep_session_register('customer_country_id');
tep_session_register('customer_zone_id');
tep_session_register('customer_first_name');
// Customer exists, is logged and address book is up to date.
list($shipping, $shipping_cost, $shipping_method_name, $shipping_method_code) = get_shipping_info($google_checkout, $gc_data[$root]);
$tax_amt = $gc_data[$root]['order-adjustment']['total-tax']['VALUE'];
//$order_total = $gc_data[$root]['order-total']['VALUE'];
require DIR_WS_CLASSES . 'order.php';
$order = new order();
// Load the selected shipping module.
$payment_method = $google_checkout->title;
if (MODULE_PAYMENT_GOOGLECHECKOUT_MODE == 'https://sandbox.google.com/checkout/') {
$payment_method .= " - SANDBOX";
}
//$method_name = '';
//if (!empty($shipping)) {
// require (DIR_WS_CLASSES . 'shipping.php');
// $shipping_modules = new shipping($shipping);
// list ($a, $method_name) = explode(': ', $shipping, 2);
//}
// Set up order info.
list($order->customer['firstname'], $order->customer['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2);
$order->customer['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE'];
$order->customer['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE'];
$order->customer['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE'];
$order->customer['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE'];
$order->customer['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE'];
$order->customer['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE'];
$order->customer['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE'];
$order->customer['telephone'] = $gc_data[$root]['buyer-billing-address']['phone']['VALUE'];
$order->customer['email_address'] = $gc_data[$root]['buyer-billing-address']['email']['VALUE'];
$order->customer['format_id'] = 2;
list($order->delivery['firstname'], $order->delivery['lastname']) = explode(' ', $gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE'], 2);
$order->delivery['company'] = $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE'];
$order->delivery['street_address'] = $gc_data[$root]['buyer-shipping-address']['address1']['VALUE'];
$order->delivery['suburb'] = $gc_data[$root]['buyer-shipping-address']['address2']['VALUE'];
$order->delivery['city'] = $gc_data[$root]['buyer-shipping-address']['city']['VALUE'];
$order->delivery['postcode'] = $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE'];
$order->delivery['state'] = $gc_data[$root]['buyer-shipping-address']['region']['VALUE'];
$order->delivery['country']['title'] = $gc_data[$root]['buyer-shipping-address']['country-code']['VALUE'];
$order->delivery['format_id'] = 2;
list($order->billing['firstname'], $order->billing['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2);
$order->billing['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE'];
$order->billing['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE'];
$order->billing['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE'];
$order->billing['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE'];
$order->billing['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE'];
$order->billing['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE'];
$order->billing['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE'];
$order->billing['format_id'] = 2;
$order->info['payment_method'] = $payment_method;
$order->info['payment_module_code'] = $google_checkout->code;
$order->info['shipping_method'] = $shipping_method_name;
$order->info['shipping_module_code'] = $shipping_method_code;
$order->info['cc_type'] = '';
$order->info['cc_owner'] = '';
$order->info['cc_number'] = '';
$order->info['cc_expires'] = '';
$order->info['order_status'] = GC_STATE_NEW;
$order->info['tax'] = $tax_amt;
$order->info['currency'] = $gc_data[$root]['order-total']['currency'];
$order->info['currency_value'] = 1;
//$customers_ip_address'] = $gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE'];
$order->info['comments'] = GOOGLECHECKOUT_STATE_NEW_ORDER_NUM . $gc_data[$root]['google-order-number']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_MC_USED . (@$gc_data[$root]['order-adjustment']['merchant-calculation-successful']['VALUE'] == 'true' ? 'True' : 'False') . ($new_user ? "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_USER . $gc_data[$root]['buyer-billing-address']['email']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_PASS . $gc_data[$root]['buyer-id']['VALUE'] : '');
$coupons = gc_get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment']);
//$gift_cert = get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['gift-certificate-adjustment']);
$items = gc_get_arr_result($gc_data[$root]['shopping-cart']['items']['item']);
// Get Coustoms OT
$custom_order_totals_total = 0;
$custom_order_totals = array();
$order->products = array();
foreach ($items as $item) {
if (isset($item['merchant-private-item-data']['item']['VALUE'])) {
$order->products[] = unserialize(base64_decode($item['merchant-private-item-data']['item']['VALUE']));
} else {
if ($item['merchant-private-item-data']['order_total']['VALUE']) {
$order_total = unserialize(base64_decode($item['merchant-private-item-data']['order_total']['VALUE']));
$custom_order_totals[] = $order_total;
$order_total_value = $order_total['value'] * (strrpos($order_total['text'], '-') === false ? 1 : -1);
$custom_order_totals_total += $currencies->get_value($gc_data[$root]['order-total']['currency']) * $order_total_value;
} else {
// For invoices.
$order->products[] = array('qty' => $item['quantity']['VALUE'], 'name' => $item['item-name']['VALUE'], 'model' => $item['item-description']['VALUE'], 'tax' => 0, 'tax_description' => @$item['tax-table-selector']['VALUE'], 'price' => $item['unit-price']['VALUE'], 'final_price' => $item['unit-price']['VALUE'], 'onetime_charges' => 0, 'weight' => 0, 'products_priced_by_attribute' => 0, 'product_is_free' => 0, 'products_discount_type' => 0, 'products_discount_type_from' => 0, 'id' => @$item['merchant-item-id']['VALUE']);
}
}
}
$cart = new shoppingCart();
$prod_attr = gc_get_prattr($order->products);
foreach ($prod_attr as $product_id => $item_data) {
//$products_id, $qty = '1', $attributes = '
$cart->add_cart($product_id, $item_data['qty'], $item_data['attr']);
}
// Update values so that order_total modules get the correct values.
$order->info['total'] = $gc_data[$root]['order-total']['VALUE'];
$order->info['subtotal'] = $gc_data[$root]['order-total']['VALUE'] - ($shipping_cost + $tax_amt) + @$coupons[0]['applied-amount']['VALUE'] - $custom_order_totals_total;
$order->info['coupon_code'] = @$coupons[0]['code']['VALUE'];
$order->info['shipping_method'] = $shipping;
$order->info['shipping_cost'] = $shipping_cost;
$order->info['tax_groups']['tax'] = $tax_amt;
$order->info['currency'] = $gc_data[$root]['order-total']['currency'];
$order->info['currency_value'] = 1;
require DIR_WS_CLASSES . 'order_total.php';
$order_total_modules = new order_total();
// Disable OT sent as items in the GC cart
foreach ($order_total_modules->modules as $order_total_code => $order_total) {
if (!in_array(substr($order_total, 0, strrpos($order_total, '.')), $google_checkout->ignore_order_total)) {
unset($order_total_modules->modules[$order_total_code]);
}
}
$order_totals = $order_total_modules->process();
// Not necessary, since order totals are already disabled.
//foreach($order_totals as $order_total_code => $order_total){
// if(!in_array($order_total['code'], $google_checkout->ignore_order_total)){
// unset($order_totals[$order_total_code]);
// }
//}
// Merge all order totals.
$order_totals = array_merge($order_totals, $custom_order_totals);
if (isset($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) {
$order_totals[] = array('code' => 'ot_coupon', 'title' => "<b>" . MODULE_ORDER_TOTAL_COUPON_TITLE . " " . @$coupons[0]['code']['VALUE'] . ":</b>", 'text' => $currencies->format(@$coupons[0]['applied-amount']['VALUE'] * -1, false, @$coupons[0]['applied-amount']['currency']), 'value' => @$coupons[0]['applied-amount']['VALUE'], 'sort_order' => 280);
}
function order_total_compare($a, $b)
{
if ($a['sort_order'] == $b['sort_order']) {
return 0;
} else {
return $a['sort_order'] < $b['sort_order'] ? -1 : 1;
}
}
usort($order_totals, "order_total_compare");
$sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']);
tep_db_perform(TABLE_ORDERS, $sql_data_array);
$insert_id = tep_db_insert_id();
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']);
tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
}
$customer_notification = SEND_EMAILS == 'true' ? '1' : '0';
$sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']);
tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
// Initialized for the email confirmation.
$products_ordered = '';
$subtotal = 0;
$total_tax = 0;
$total_weight = 0;
$total_products_price = 0;
$products_tax = 0;
$total_cost = 0;
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
// Stock Update - Joao Correia.
if (STOCK_LIMITED == 'true') {
if (DOWNLOAD_ENABLED == 'true') {
$stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename\n FROM " . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n ON p.products_id=pa.products_id\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n ON pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = @$order->products[$i]['attributes'];
if (is_array($products_attributes)) {
$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
}
$stock_query = tep_db_query($stock_query_raw);
} else {
$stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
}
if (tep_db_num_rows($stock_query) > 0) {
$stock_values = tep_db_fetch_array($stock_query);
// Do not decrement quantities if products_attributes_filename exists
if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) {
$stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
} else {
$stock_left = $stock_values['products_quantity'];
}
tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') {
tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
}
}
}
// Update products_ordered (for bestsellers list)
tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
$sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']);
tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
$order_products_id = tep_db_insert_id();
// Insert customer-chosen options into order.
$attributes_exist = '0';
$products_ordered_attributes = '';
if (isset($order->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'";
$attributes = tep_db_query($attributes_query);
} else {
$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
}
$attributes_values = tep_db_fetch_array($attributes);
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']);
tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
}
$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
}
}
$total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight'];
$total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];
$total_cost += $total_products_price;
$products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
}
// FOR COUPON SUPPORT
/*
$insert_id = $order->create($order_totals, 2);
//$order_total_modules = new order_total();
// Store the product info to the order.
$order->create_add_products($insert_id);
//$order_number_created'] = $insert_id;
// Add coupon to redeem track.
if (isset ($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) {
$sql = "select coupon_id
from " . TABLE_COUPONS . "
where coupon_code= :couponCodeEntered
and coupon_active='Y'";
$sql = $db->bindVars($sql, ':couponCodeEntered', $coupons[0]['code']['VALUE'], 'string');
$coupon_result = tep_db_query($sql);
$cc_id = $coupon_result['coupon_id'];
tep_db_query("insert into " . TABLE_COUPON_REDEEM_TRACK . "
(coupon_id, redeem_date, redeem_ip, customer_id, order_id)
values ('" . (int) $cc_id . "', now(), '" .
$gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE'] .
"', '" . (int) $customer_id . "', '" . (int) $insert_id . "')");
$cc_id = "";
}
*/
// Add the order details to the table.
// This table could be modified to hold the merchant id and key if required
// so that different mids and mkeys can be used for different orders.
tep_db_query("insert into " . $google_checkout->table_order . " values (" . $insert_id . ", " . gc_make_sql_string($gc_data[$root]['google-order-number']['VALUE']) . ", " . gc_make_sql_float($gc_data[$root]['order-total']['VALUE']) . ")");
$cart->reset(TRUE);
tep_session_unregister('sendto');
tep_session_unregister('billto');
tep_session_unregister('shipping');
tep_session_unregister('payment');
tep_session_unregister('comments');
$google_response->SendAck();
}
$parameters = array('action', 'pid', 'products_id');
} else {
$parameters = array('action', 'pid');
}
}
switch ($_GET['action']) {
// customer wants to update the product quantity in their shopping cart
case 'update_product':
$n = sizeof($_POST['products_id']);
for ($i = 0; $i < $n; $i++) {
if (in_array($_POST['products_id'][$i], is_array($_POST['cart_delete']) ? $_POST['cart_delete'] : array())) {
$cart->remove($_POST['products_id'][$i]);
$messageStack->add_session('product_action', sprintf(PRODUCT_REMOVED, tep_get_products_name($_POST['products_id'][$i])), 'warning');
} else {
$attributes = $_POST['id'][$_POST['products_id'][$i]] ? $_POST['id'][$_POST['products_id'][$i]] : '';
$cart->add_cart($_POST['products_id'][$i], $_POST['cart_quantity'][$i], $attributes, false);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer adds a product from the products page
// customer adds a product from the products page
case 'add_product':
if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
$attributes = isset($_POST['id']) ? $_POST['id'] : '';
$cart->add_cart($_POST['products_id'], $cart->get_quantity(tep_get_uprid($_POST['products_id'], $attributes)) + 1, $attributes);
}
$messageStack->add_session('product_action', sprintf(PRODUCT_ADDED, tep_get_products_name((int) $_POST['products_id'])), 'success');
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer removes a product from their shopping cart
$goto = $PHP_SELF;
if ($HTTP_GET_VARS['action'] == 'buy_now') {
$parameters = array('action', 'pid', 'products_id');
} else {
$parameters = array('action', 'pid');
}
}
switch ($HTTP_GET_VARS['action']) {
// customer wants to update the product quantity in their shopping cart
case 'update_product':
for ($i = 0, $n = sizeof($HTTP_POST_VARS['products_id']); $i < $n; $i++) {
if (in_array($HTTP_POST_VARS['products_id'][$i], is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array())) {
$cart->remove($HTTP_POST_VARS['products_id'][$i]);
} else {
$attributes = $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : '';
$cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer adds a product from the products page
// customer adds a product from the products page
case 'add_product':
if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id'])) {
$attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : '';
$cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $attributes)) + 1, $attributes);
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer removes a product from their shopping cart
// customer removes a product from their shopping cart
// if PHP3, make correction for lack of multidimensional array.
reset($_POST);
while (list($key, $value) = each($_POST)) {
if (is_array($value)) {
while (list($key2, $value2) = each($value)) {
if (ereg("(.*)\\]\\[(.*)", $key2, $var)) {
$id2[$var[1]][$var[2]] = $value2;
}
}
}
}
$attributes = $id2[$_POST['products_id'][$i]] ? $id2[$_POST['products_id'][$i]] : '';
} else {
$attributes = $_POST['id'][$_POST['products_id'][$i]] ? $_POST['id'][$_POST['products_id'][$i]] : '';
}
$cart->add_cart($_POST['products_id'][$i], $_POST['cart_quantity'][$i], $attributes, false);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
// customer adds a product from the products page
// customer adds a product from the products page
case 'add_product':
if (isset($_POST['products_id']) && is_numeric($_POST['products_id']) && $_POST['products_id'] == (int) $_POST['products_id']) {
//++++ QT Pro: Begin Changed code
$attributes = array();
if (isset($_POST['attrcomb']) && preg_match("/^\\d{1,10}-\\d{1,10}(,\\d{1,10}-\\d{1,10})*\$/", $_POST['attrcomb'])) {
$attrlist = explode(',', $_POST['attrcomb']);
foreach ($attrlist as $attr) {
list($oid, $oval) = explode('-', $attr);
if (is_numeric($oid) && $oid == (int) $oid && is_numeric($oval) && $oval == (int) $oval) {
