$goto = basename($PHP_SELF); if ($HTTP_GET_VARS['action'] == 'buy_now') { $parameters = array('action', 'pid', 'products_id'); } else { $parameters = array('action', 'pid'); } } switch ($HTTP_GET_VARS['action']) { // customer wants to update the product quantity in their shopping cart case 'update_product': for ($i = 0, $n = sizeof($HTTP_POST_VARS['products_id']); $i < $n; $i++) { if (in_array($HTTP_POST_VARS['products_id'][$i], is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array())) { $cart->remove($HTTP_POST_VARS['products_id'][$i]); } else { $attributes = $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : ''; $cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false); } } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer adds a product from the products page // Additional code to allow sample quantity - BBG Design 2011 // customer adds a product from the products page // Additional code to allow sample quantity - BBG Design 2011 case 'add_product': if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id']) && $HTTP_POST_VARS['cart_quantity'] != '0') { $attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : ''; $cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $HTTP_POST_VARS['id'])) + $HTTP_POST_VARS['cart_quantity'], $HTTP_POST_VARS['id']); } elseif (isset($HTTP_POST_VARS['products_sample_code']) && is_numeric($HTTP_POST_VARS['products_sample_code']) && $HTTP_POST_VARS['cart_quantity2'] != '0') { $attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : ''; $cart->add_cart($HTTP_POST_VARS['products_sample_code'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_sample_code'], $HTTP_POST_VARS['id'])) + $HTTP_POST_VARS['cart_quantity2'], $HTTP_POST_VARS['id']);
$Qproducts = $OSCOM_Db->get(['customers_basket cb', 'products_description pd'], ['cb.customers_basket_quantity', 'cb.products_id', 'pd.products_name'], ['cb.customers_id' => (int) $info->customer_id, 'cb.products_id' => ['rel' => 'pd.products_id'], 'pd.language_id' => $OSCOM_Language->getId()]); if ($Qproducts->fetch() !== false) { $shoppingCart = new shoppingCart(); do { $contents[] = ['text' => $Qproducts->valueInt('customers_basket_quantity') . ' x ' . $Qproducts->value('products_name')]; $attributes = []; if (strpos($Qproducts->value('products_id'), '{') !== false) { $combos = []; preg_match_all('/(\\{[0-9]+\\}[0-9]+){1}/', $Qproducts->value('products_id'), $combos); foreach ($combos[0] as $combo) { $att = []; preg_match('/\\{([0-9]+)\\}([0-9]+)/', $combo, $att); $attributes[$att[1]] = $att[2]; } } $shoppingCart->add_cart(tep_get_prid($Qproducts->value('products_id')), $Qproducts->valueInt('customers_basket_quantity'), $attributes); } while ($Qproducts->fetch()); $contents[] = array('align' => 'right', 'text' => OSCOM::getDef('text_shopping_cart_subtotal') . ' ' . $currencies->format($shoppingCart->show_total())); } else { $contents[] = array('text' => ' '); } } else { $contents[] = array('text' => 'N/A'); } } if (tep_not_null($heading) && tep_not_null($contents)) { echo ' <td width="25%" valign="top">' . "\n"; $box = new box(); echo $box->infoBox($heading, $contents); echo ' </td>' . "\n"; }
// customer adds a product from the products page // customer adds a product from the products page case 'add_product': if (ALLOW_GUEST_TO_ADD_CART == 'true' || tep_session_is_registered('customer_id') || $HTTP_GET_VARS['link'] == 'mail') { if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id']) || isset($HTTP_GET_VARS['products_id']) && is_numeric($HTTP_GET_VARS['products_id'])) { $quantity = (int) $HTTP_POST_VARS['quantity']; if (isset($HTTP_GET_VARS['products_id'])) { $products_id = $HTTP_GET_VARS['products_id']; } else { $products_id = $HTTP_POST_VARS['products_id']; } if ($quantity < 1) { $quantity = 1; } if ($HTTP_GET_VARS['to'] == 'foreign') { $foreign_cart->add_cart($products_id, 1); } elseif ($HTTP_GET_VARS['to'] == 'postpone') { $postpone_cart->add_cart($products_id, 1); $cart->remove($products_id); } else { $quantity = $cart->get_quantity($products_id) + $quantity; $cart->add_cart($products_id, $quantity); $postpone_cart->remove($products_id); } } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters), $ssl_params) . '#' . $HTTP_GET_VARS['to']); } else { $messageStack->add_session('header', ENTRY_GUEST_ADD_TO_CART_ERROR); tep_redirect($_SERVER['HTTP_REFERER']); } break;
$products_query = tep_db_query("select cb.customers_basket_quantity, cb.products_id, pd.products_name from " . TABLE_CUSTOMERS_BASKET . " cb, " . TABLE_PRODUCTS_DESCRIPTION . " pd where cb.customers_id = '" . (int) $info->customer_id . "' and cb.products_id = pd.products_id and pd.language_id = '" . (int) $languages_id . "'"); if (tep_db_num_rows($products_query)) { $shoppingCart = new shoppingCart(); while ($products = tep_db_fetch_array($products_query)) { $contents[] = array('text' => $products['customers_basket_quantity'] . ' x ' . $products['products_name']); $attributes = array(); if (strpos($products['products_id'], '{') !== false) { $combos = array(); preg_match_all('/(\\{[0-9]+\\}[0-9]+){1}/', $products['products_id'], $combos); foreach ($combos[0] as $combo) { $att = array(); preg_match('/\\{([0-9]+)\\}([0-9]+)/', $combo, $att); $attributes[$att[1]] = $att[2]; } } $shoppingCart->add_cart(tep_get_prid($products['products_id']), $products['customers_basket_quantity'], $attributes); } $contents[] = array('text' => tep_draw_separator('pixel_black.gif', '100%', '1')); $contents[] = array('align' => 'right', 'text' => TEXT_SHOPPING_CART_SUBTOTAL . ' ' . $currencies->format($shoppingCart->show_total())); } else { $contents[] = array('text' => ' '); } } else { $contents[] = array('text' => 'N/A'); } } if (tep_not_null($heading) && tep_not_null($contents)) { echo ' <td width="25%" valign="top">' . "\n"; $box = new box(); echo $box->infoBox($heading, $contents); echo ' </td>' . "\n";
/** * Process a <new-order-notification>. * * If the email user does not exist, create the user and log in. * * If the user does not exist as a Google Checkout user, add them * to the google_checkout table to match the buyer_id and customer_id. * * Add the order to the logged-in user. * * TODO(eddavisson): This function is way too long. Split into pieces. */ function process_new_order_notification($google_response, $google_checkout) { global $order, $currencies, $languages_id; list($root, $gc_data) = $google_response->GetParsedXML(); // Check if the order was already processed. $google_order = tep_db_fetch_array(tep_db_query("select orders_id " . " from " . $google_checkout->table_order . " " . " where google_order_number = " . $gc_data[$root]['google-order-number']['VALUE'])); // Check if order was alread processed. if ($google_order['orders_id'] != '') { //Send ACK http 200 to avoid notification resend. $google_response->log->logError(sprintf(GOOGLECHECKOUT_ERR_DUPLICATED_ORDER, $gc_data[$root]['google-order-number']['VALUE'], $google_order['orders_id'])); $google_response->SendAck(); } // Check if the email exists. $customer_exists = tep_db_fetch_array(tep_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . gc_make_sql_string($gc_data[$root]['buyer-billing-address']['email']['VALUE']) . "'")); // Check if the GC buyer id exists $customer_info = tep_db_fetch_array(tep_db_query("select gct.customers_id from " . $google_checkout->table_name . " gct " . " inner join " . TABLE_CUSTOMERS . " tc on gct.customers_id = tc.customers_id " . " where gct.buyer_id = " . gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE']))); $new_user = false; // Ignore session to avoid mix of Cart-GC sessions/emails // GC email is the most important one if ($customer_exists['customers_id'] != '') { $customer_id = $customer_exists['customers_id']; tep_session_register('customer_id'); } else { if ($customer_info['customers_id'] != '') { $customer_id = $customer_info['customers_id']; tep_session_register('customer_id'); } else { list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-billing-address']['contact-name']['VALUE']), 2); $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $gc_data[$root]['buyer-billing-address']['email']['VALUE'], 'customers_telephone' => $gc_data[$root]['buyer-billing-address']['phone']['VALUE'], 'customers_fax' => $gc_data[$root]['buyer-billing-address']['fax']['VALUE'], 'customers_default_address_id' => 0, 'customers_password' => tep_encrypt_password(gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE'])), 'customers_newsletter' => $gc_data[$root]['buyer-marketing-preferences']['email-allowed']['VALUE'] == 'true' ? 1 : 0); if (ACCOUNT_DOB == 'true') { $sql_data_array['customers_dob'] = 'now()'; } tep_db_perform(TABLE_CUSTOMERS, $sql_data_array); $customer_id = tep_db_insert_id(); tep_session_register('customer_id'); tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . "\n (customers_info_id, customers_info_number_of_logons,\n customers_info_date_account_created)\n values ('" . (int) $customer_id . "', '0', now())"); tep_db_query("insert into " . $google_checkout->table_name . " " . " values ( " . $customer_id . ", " . $gc_data[$root]['buyer-id']['VALUE'] . ")"); $new_user = true; } } // The user exists and is logged in. // Check database to see if the address exist. $address_book = tep_db_query("select address_book_id, entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . "\n where customers_id = '" . $customer_id . "'\n and entry_street_address = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address1']['VALUE']) . "'\n and entry_suburb = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address2']['VALUE']) . "'\n and entry_postcode = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE']) . "'\n and entry_city = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['city']['VALUE']) . "'"); // If not, add the address as the default. if (!tep_db_num_rows($address_book)) { $buyer_state = $gc_data[$root]['buyer-shipping-address']['region']['VALUE']; $zone_answer = tep_db_fetch_array(tep_db_query("select zone_id, zone_country_id from " . TABLE_ZONES . " where zone_code = '" . $buyer_state . "'")); list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE']), 2); $sql_data_array = array('customers_id' => $customer_id, 'entry_gender' => '', 'entry_company' => $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE'], 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $gc_data[$root]['buyer-shipping-address']['address1']['VALUE'], 'entry_suburb' => $gc_data[$root]['buyer-shipping-address']['address2']['VALUE'], 'entry_postcode' => $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE'], 'entry_city' => $gc_data[$root]['buyer-shipping-address']['city']['VALUE'], 'entry_state' => $buyer_state, 'entry_country_id' => $zone_answer['zone_country_id'], 'entry_zone_id' => $zone_answer['zone_id']); tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); $address_id = tep_db_insert_id(); tep_db_query("update " . TABLE_CUSTOMERS . "\n set customers_default_address_id = '" . (int) $address_id . "'\n where customers_id = '" . (int) $customer_id . "'"); $customer_default_address_id = $address_id; $customer_country_id = $zone_answer['zone_country_id']; $customer_zone_id = $zone_answer['zone_id']; } else { $customer_default_address_id = $address_book['address_book_id']; $customer_country_id = $address_book['entry_country_id']; $customer_zone_id = $address_book['entry_zone_id']; } $customer_first_name = $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE']; tep_session_register('customer_default_address_id'); tep_session_register('customer_country_id'); tep_session_register('customer_zone_id'); tep_session_register('customer_first_name'); // Customer exists, is logged and address book is up to date. list($shipping, $shipping_cost, $shipping_method_name, $shipping_method_code) = get_shipping_info($google_checkout, $gc_data[$root]); $tax_amt = $gc_data[$root]['order-adjustment']['total-tax']['VALUE']; //$order_total = $gc_data[$root]['order-total']['VALUE']; require DIR_WS_CLASSES . 'order.php'; $order = new order(); // Load the selected shipping module. $payment_method = $google_checkout->title; if (MODULE_PAYMENT_GOOGLECHECKOUT_MODE == 'https://sandbox.google.com/checkout/') { $payment_method .= " - SANDBOX"; } //$method_name = ''; //if (!empty($shipping)) { // require (DIR_WS_CLASSES . 'shipping.php'); // $shipping_modules = new shipping($shipping); // list ($a, $method_name) = explode(': ', $shipping, 2); //} // Set up order info. list($order->customer['firstname'], $order->customer['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2); $order->customer['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE']; $order->customer['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE']; $order->customer['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE']; $order->customer['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE']; $order->customer['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE']; $order->customer['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE']; $order->customer['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE']; $order->customer['telephone'] = $gc_data[$root]['buyer-billing-address']['phone']['VALUE']; $order->customer['email_address'] = $gc_data[$root]['buyer-billing-address']['email']['VALUE']; $order->customer['format_id'] = 2; list($order->delivery['firstname'], $order->delivery['lastname']) = explode(' ', $gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE'], 2); $order->delivery['company'] = $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE']; $order->delivery['street_address'] = $gc_data[$root]['buyer-shipping-address']['address1']['VALUE']; $order->delivery['suburb'] = $gc_data[$root]['buyer-shipping-address']['address2']['VALUE']; $order->delivery['city'] = $gc_data[$root]['buyer-shipping-address']['city']['VALUE']; $order->delivery['postcode'] = $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE']; $order->delivery['state'] = $gc_data[$root]['buyer-shipping-address']['region']['VALUE']; $order->delivery['country']['title'] = $gc_data[$root]['buyer-shipping-address']['country-code']['VALUE']; $order->delivery['format_id'] = 2; list($order->billing['firstname'], $order->billing['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2); $order->billing['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE']; $order->billing['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE']; $order->billing['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE']; $order->billing['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE']; $order->billing['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE']; $order->billing['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE']; $order->billing['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE']; $order->billing['format_id'] = 2; $order->info['payment_method'] = $payment_method; $order->info['payment_module_code'] = $google_checkout->code; $order->info['shipping_method'] = $shipping_method_name; $order->info['shipping_module_code'] = $shipping_method_code; $order->info['cc_type'] = ''; $order->info['cc_owner'] = ''; $order->info['cc_number'] = ''; $order->info['cc_expires'] = ''; $order->info['order_status'] = GC_STATE_NEW; $order->info['tax'] = $tax_amt; $order->info['currency'] = $gc_data[$root]['order-total']['currency']; $order->info['currency_value'] = 1; //$customers_ip_address'] = $gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE']; $order->info['comments'] = GOOGLECHECKOUT_STATE_NEW_ORDER_NUM . $gc_data[$root]['google-order-number']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_MC_USED . (@$gc_data[$root]['order-adjustment']['merchant-calculation-successful']['VALUE'] == 'true' ? 'True' : 'False') . ($new_user ? "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_USER . $gc_data[$root]['buyer-billing-address']['email']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_PASS . $gc_data[$root]['buyer-id']['VALUE'] : ''); $coupons = gc_get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment']); //$gift_cert = get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['gift-certificate-adjustment']); $items = gc_get_arr_result($gc_data[$root]['shopping-cart']['items']['item']); // Get Coustoms OT $custom_order_totals_total = 0; $custom_order_totals = array(); $order->products = array(); foreach ($items as $item) { if (isset($item['merchant-private-item-data']['item']['VALUE'])) { $order->products[] = unserialize(base64_decode($item['merchant-private-item-data']['item']['VALUE'])); } else { if ($item['merchant-private-item-data']['order_total']['VALUE']) { $order_total = unserialize(base64_decode($item['merchant-private-item-data']['order_total']['VALUE'])); $custom_order_totals[] = $order_total; $order_total_value = $order_total['value'] * (strrpos($order_total['text'], '-') === false ? 1 : -1); $custom_order_totals_total += $currencies->get_value($gc_data[$root]['order-total']['currency']) * $order_total_value; } else { // For invoices. $order->products[] = array('qty' => $item['quantity']['VALUE'], 'name' => $item['item-name']['VALUE'], 'model' => $item['item-description']['VALUE'], 'tax' => 0, 'tax_description' => @$item['tax-table-selector']['VALUE'], 'price' => $item['unit-price']['VALUE'], 'final_price' => $item['unit-price']['VALUE'], 'onetime_charges' => 0, 'weight' => 0, 'products_priced_by_attribute' => 0, 'product_is_free' => 0, 'products_discount_type' => 0, 'products_discount_type_from' => 0, 'id' => @$item['merchant-item-id']['VALUE']); } } } $cart = new shoppingCart(); $prod_attr = gc_get_prattr($order->products); foreach ($prod_attr as $product_id => $item_data) { //$products_id, $qty = '1', $attributes = ' $cart->add_cart($product_id, $item_data['qty'], $item_data['attr']); } // Update values so that order_total modules get the correct values. $order->info['total'] = $gc_data[$root]['order-total']['VALUE']; $order->info['subtotal'] = $gc_data[$root]['order-total']['VALUE'] - ($shipping_cost + $tax_amt) + @$coupons[0]['applied-amount']['VALUE'] - $custom_order_totals_total; $order->info['coupon_code'] = @$coupons[0]['code']['VALUE']; $order->info['shipping_method'] = $shipping; $order->info['shipping_cost'] = $shipping_cost; $order->info['tax_groups']['tax'] = $tax_amt; $order->info['currency'] = $gc_data[$root]['order-total']['currency']; $order->info['currency_value'] = 1; require DIR_WS_CLASSES . 'order_total.php'; $order_total_modules = new order_total(); // Disable OT sent as items in the GC cart foreach ($order_total_modules->modules as $order_total_code => $order_total) { if (!in_array(substr($order_total, 0, strrpos($order_total, '.')), $google_checkout->ignore_order_total)) { unset($order_total_modules->modules[$order_total_code]); } } $order_totals = $order_total_modules->process(); // Not necessary, since order totals are already disabled. //foreach($order_totals as $order_total_code => $order_total){ // if(!in_array($order_total['code'], $google_checkout->ignore_order_total)){ // unset($order_totals[$order_total_code]); // } //} // Merge all order totals. $order_totals = array_merge($order_totals, $custom_order_totals); if (isset($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) { $order_totals[] = array('code' => 'ot_coupon', 'title' => "<b>" . MODULE_ORDER_TOTAL_COUPON_TITLE . " " . @$coupons[0]['code']['VALUE'] . ":</b>", 'text' => $currencies->format(@$coupons[0]['applied-amount']['VALUE'] * -1, false, @$coupons[0]['applied-amount']['currency']), 'value' => @$coupons[0]['applied-amount']['VALUE'], 'sort_order' => 280); } function order_total_compare($a, $b) { if ($a['sort_order'] == $b['sort_order']) { return 0; } else { return $a['sort_order'] < $b['sort_order'] ? -1 : 1; } } usort($order_totals, "order_total_compare"); $sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']); tep_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = tep_db_insert_id(); for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']); tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } $customer_notification = SEND_EMAILS == 'true' ? '1' : '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']); tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); // Initialized for the email confirmation. $products_ordered = ''; $subtotal = 0; $total_tax = 0; $total_weight = 0; $total_products_price = 0; $products_tax = 0; $total_cost = 0; for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { // Stock Update - Joao Correia. if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename\n FROM " . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n ON p.products_id=pa.products_id\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n ON pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"; // Will work with only one option for downloadable products // otherwise, we have to build the query dynamically with a loop $products_attributes = @$order->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'"; } $stock_query = tep_db_query($stock_query_raw); } else { $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); } if (tep_db_num_rows($stock_query) > 0) { $stock_values = tep_db_fetch_array($stock_query); // Do not decrement quantities if products_attributes_filename exists if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) { $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty']; } else { $stock_left = $stock_values['products_quantity']; } tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') { tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); } } } // Update products_ordered (for bestsellers list) tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); $sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']); tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = tep_db_insert_id(); // Insert customer-chosen options into order. $attributes_exist = '0'; $products_ordered_attributes = ''; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'"; $attributes = tep_db_query($attributes_query); } else { $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'"); } $attributes_values = tep_db_fetch_array($attributes); $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']); tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name']; } } $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight']; $total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty']; $total_cost += $total_products_price; $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n"; } // FOR COUPON SUPPORT /* $insert_id = $order->create($order_totals, 2); //$order_total_modules = new order_total(); // Store the product info to the order. $order->create_add_products($insert_id); //$order_number_created'] = $insert_id; // Add coupon to redeem track. if (isset ($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) { $sql = "select coupon_id from " . TABLE_COUPONS . " where coupon_code= :couponCodeEntered and coupon_active='Y'"; $sql = $db->bindVars($sql, ':couponCodeEntered', $coupons[0]['code']['VALUE'], 'string'); $coupon_result = tep_db_query($sql); $cc_id = $coupon_result['coupon_id']; tep_db_query("insert into " . TABLE_COUPON_REDEEM_TRACK . " (coupon_id, redeem_date, redeem_ip, customer_id, order_id) values ('" . (int) $cc_id . "', now(), '" . $gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE'] . "', '" . (int) $customer_id . "', '" . (int) $insert_id . "')"); $cc_id = ""; } */ // Add the order details to the table. // This table could be modified to hold the merchant id and key if required // so that different mids and mkeys can be used for different orders. tep_db_query("insert into " . $google_checkout->table_order . " values (" . $insert_id . ", " . gc_make_sql_string($gc_data[$root]['google-order-number']['VALUE']) . ", " . gc_make_sql_float($gc_data[$root]['order-total']['VALUE']) . ")"); $cart->reset(TRUE); tep_session_unregister('sendto'); tep_session_unregister('billto'); tep_session_unregister('shipping'); tep_session_unregister('payment'); tep_session_unregister('comments'); $google_response->SendAck(); }
$parameters = array('action', 'pid', 'products_id'); } else { $parameters = array('action', 'pid'); } } switch ($_GET['action']) { // customer wants to update the product quantity in their shopping cart case 'update_product': $n = sizeof($_POST['products_id']); for ($i = 0; $i < $n; $i++) { if (in_array($_POST['products_id'][$i], is_array($_POST['cart_delete']) ? $_POST['cart_delete'] : array())) { $cart->remove($_POST['products_id'][$i]); $messageStack->add_session('product_action', sprintf(PRODUCT_REMOVED, tep_get_products_name($_POST['products_id'][$i])), 'warning'); } else { $attributes = $_POST['id'][$_POST['products_id'][$i]] ? $_POST['id'][$_POST['products_id'][$i]] : ''; $cart->add_cart($_POST['products_id'][$i], $_POST['cart_quantity'][$i], $attributes, false); } } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer adds a product from the products page // customer adds a product from the products page case 'add_product': if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { $attributes = isset($_POST['id']) ? $_POST['id'] : ''; $cart->add_cart($_POST['products_id'], $cart->get_quantity(tep_get_uprid($_POST['products_id'], $attributes)) + 1, $attributes); } $messageStack->add_session('product_action', sprintf(PRODUCT_ADDED, tep_get_products_name((int) $_POST['products_id'])), 'success'); tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer removes a product from their shopping cart
$goto = $PHP_SELF; if ($HTTP_GET_VARS['action'] == 'buy_now') { $parameters = array('action', 'pid', 'products_id'); } else { $parameters = array('action', 'pid'); } } switch ($HTTP_GET_VARS['action']) { // customer wants to update the product quantity in their shopping cart case 'update_product': for ($i = 0, $n = sizeof($HTTP_POST_VARS['products_id']); $i < $n; $i++) { if (in_array($HTTP_POST_VARS['products_id'][$i], is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array())) { $cart->remove($HTTP_POST_VARS['products_id'][$i]); } else { $attributes = $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : ''; $cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false); } } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer adds a product from the products page // customer adds a product from the products page case 'add_product': if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id'])) { $attributes = isset($HTTP_POST_VARS['id']) ? $HTTP_POST_VARS['id'] : ''; $cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $attributes)) + 1, $attributes); } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer removes a product from their shopping cart // customer removes a product from their shopping cart
// if PHP3, make correction for lack of multidimensional array. reset($_POST); while (list($key, $value) = each($_POST)) { if (is_array($value)) { while (list($key2, $value2) = each($value)) { if (ereg("(.*)\\]\\[(.*)", $key2, $var)) { $id2[$var[1]][$var[2]] = $value2; } } } } $attributes = $id2[$_POST['products_id'][$i]] ? $id2[$_POST['products_id'][$i]] : ''; } else { $attributes = $_POST['id'][$_POST['products_id'][$i]] ? $_POST['id'][$_POST['products_id'][$i]] : ''; } $cart->add_cart($_POST['products_id'][$i], $_POST['cart_quantity'][$i], $attributes, false); } } tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); break; // customer adds a product from the products page // customer adds a product from the products page case 'add_product': if (isset($_POST['products_id']) && is_numeric($_POST['products_id']) && $_POST['products_id'] == (int) $_POST['products_id']) { //++++ QT Pro: Begin Changed code $attributes = array(); if (isset($_POST['attrcomb']) && preg_match("/^\\d{1,10}-\\d{1,10}(,\\d{1,10}-\\d{1,10})*\$/", $_POST['attrcomb'])) { $attrlist = explode(',', $_POST['attrcomb']); foreach ($attrlist as $attr) { list($oid, $oval) = explode('-', $attr); if (is_numeric($oid) && $oid == (int) $oid && is_numeric($oval) && $oval == (int) $oval) {