示例#1
0
/**
 * View the cart
 */
function shop_user_viewcart()
{
    // If the user returns to the cart after taking other steps, unset any errors from earlier in the session.
    xarSession::delVar('errors');
    sys::import('modules.dynamicdata.class.objects.master');
    $subtotals = array();
    $products = array();
    $total = 0;
    // May want to display cust info with the cart...
    $cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
    $data['cust'] = $cust;
    $shop = xarSession::getVar('shop');
    foreach ($shop as $pid => $val) {
        // If this post variable is set, we must need to update the quantity
        if (isset($_POST['qty' . $pid])) {
            unset($qty_new);
            // Have to unset this since we're in a foreach
            if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
                return;
            }
            if ($qty_new == 0) {
                unset($shop[$pid]);
            } else {
                $shop[$pid]['qty'] = $qty_new;
            }
        }
        // If the quantity hasn't been set to zero, add it to the $products array...
        if (isset($shop[$pid])) {
            // Commas in the quantity seem to mess up our math
            $products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']);
            // Get the product info
            $object = DataObjectMaster::getObject(array('name' => 'shop_products'));
            $some_id = $object->getItem(array('itemid' => $pid));
            $values = $object->getFieldValues();
            $products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
            $products[$pid]['price'] = $values['price'];
            $subtotal = $values['price'] * $products[$pid]['qty'];
            $subtotals[] = $subtotal;
            // so we can use array_sum() to add it all up
            if (substr($subtotal, 0, 1) == '.') {
                $subtotal = '0' . $subtotal;
            }
            $products[$pid]['subtotal'] = number_format($subtotal, 2);
        }
    }
    xarSession::setVar('shop', $shop);
    $total = array_sum($subtotals);
    // Add a zero to the front of the number if it starts with a decimal...
    if (substr($total, 0, 1) == '.') {
        $total = '0' . $total;
    }
    $total = number_format($total, 2);
    xarSession::setVar('products', $products);
    // update the session variable
    $data['products'] = $products;
    // don't want too much session stuff in the templates
    xarSession::setVar('total', $total);
    $data['total'] = $total;
    return $data;
}
示例#2
0
/**
 *  Create a new customer
 */
function shop_user_newcustomer()
{
    if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
        return;
    }
    if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    sys::import('modules.dynamicdata.class.objects.master');
    $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
    $data['properties'] = $rolesobject->properties;
    // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
    // Here we are testing for a button clicked, so we test for a string
    if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
        return;
    }
    // Check if we are submitting the form
    // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
    if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
        return;
    }
    if ($data['confirm']) {
        // Check for a valid confirmation key. The value is automatically gotten from the template
        if (!xarSecConfirmAuthKey()) {
            return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
        }
        // Get the data from the form and see if it is all valid
        // Either way the values are now stored in the object
        $isvalid = $rolesobject->properties['email']->checkInput();
        $isvalid2 = $rolesobject->properties['password']->checkInput();
        if (!$isvalid || !$isvalid2) {
            // Bad data: redisplay the form with the data we picked up and with error messages
            return xarTplModule('shop', 'user', 'newcustomer', $data);
        } else {
            $email = $rolesobject->properties['email']->getValue();
            $password = $rolesobject->properties['password']->getValue();
            $rolesobject->properties['name']->setValue($email);
            $rolesobject->properties['email']->setValue($email);
            $rolesobject->properties['uname']->setValue($email);
            $rolesobject->properties['password']->setValue($password);
            $rolesobject->properties['state']->setValue(3);
            $authmodule = (int) xarMod::getID('shop');
            $rolesobject->properties['authmodule']->setValue($authmodule);
            $uid = $rolesobject->createItem();
            $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
            $custobject->createItem(array('id' => $uid));
            if (isset($returnurl)) {
                xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password));
                xarResponse::redirect($returnurl);
            } else {
                xarResponse::redirect(xarModURL('shop'));
            }
            // Always add the next line even if processing never reaches it
            return true;
        }
    }
    // Return the template variables defined in this function
    return $data;
}
示例#3
0
function shop_adminapi_handlepgresponse($args)
{
    extract($args);
    $pg = xarModVars::get('shop', 'payment_gateway');
    $trans_id = false;
    $pg_response = xarSession::getVar('pg_response');
    switch ($pg) {
        case 1:
            // demo mode
            $trans_id = rand(1000, 99999999);
            // fake trans id
            break;
        case 2:
            // authorize.net
            $response = xarMod::APIFunc('shop', 'admin', 'authorizenet', $transfields);
            if ($response[1] == 1) {
                $trans_id = $response[7];
            } else {
                $num = $response[1];
                $authorizenet_codes = array(1 => 'Approved', 2 => 'Declined', 3 => 'Error', 4 => 'Held for Review');
                $msg = $response[4];
                $msg .= ' Response code: ' . $authorizenet_codes[$num];
                $pg_response['msg'] = $msg;
            }
            break;
        case 3:
            // paypal web payments pro
            $args['transfields'] = $transfields;
            $args['methodName_'] = 'DoDirectPayment';
            $response = xarMod::APIFunc('shop', 'admin', 'paypal', $args);
            if ($response['ACK'] == 'Success') {
                $trans_id = $response['TRANSACTIONID'];
            } else {
                $msg = $response['ACK'];
                $msg .= '. Response: ' . urldecode($response['L_LONGMESSAGE0']);
                $pg_response['msg'] = $msg;
            }
            break;
        case 4:
            // something else
            // your code
            break;
    }
    if (isset($pg_response)) {
        xarSession::setVar('pg_response', $pg_response);
    }
    $response['trans_id'] = $trans_id;
    return $response;
}
示例#4
0
/**
 *  List shipping addresses
 */
function shop_admin_shippingaddresses()
{
    if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) {
        return;
    }
    if (!xarVarFetch('uid', 'isset', $data['uid'], NULL, XARVAR_DONT_SET)) {
        return;
    }
    $objectname = 'shop_shippingaddresses';
    $data['objectname'] = $objectname;
    // Security check - important to do this as early as possible to avoid
    // potential security holes or just too much wasted processing
    if (!xarSecurityCheck('AdminShop')) {
        return;
    }
    $data['items_per_page'] = xarModVars::get('shop', 'items_per_page');
    // Load the DD master object class. This line will likely disappear in future versions
    sys::import('modules.dynamicdata.class.objects.master');
    // Get the object label for the template
    $object = DataObjectMaster::getObject(array('name' => $objectname));
    $data['label'] = $object->label;
    // Get the fields to display in the admin interface
    $config = $object->configuration;
    if (!empty($config['adminfields'])) {
        $data['adminfields'] = $config['adminfields'];
    } else {
        $data['adminfields'] = array_keys($object->getProperties());
    }
    // Get the object we'll be working with. Note this is a so called object list
    $mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
    // Load the DD master property class. This line will likely disappear in future versions
    sys::import('modules.dynamicdata.class.properties.master');
    $data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'customer', 'ascdesc_fallback' => 'DESC'));
    // We have some filters for the items
    $filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']);
    if (isset($data['uid'])) {
        $filters['where'] = 'customer eq ' . $data['uid'];
        $data['cust'] = xarMod::APIFunc('shop', 'user', 'customerinfo', array('id' => $data['uid']));
    }
    // Get the items
    $items = $mylist->getItems($filters);
    $data['none'] = false;
    if (count($items) == 0) {
        $data['none'] = true;
    }
    $data['mylist'] = $mylist;
    // Return the template variables defined in this function
    return $data;
}
示例#5
0
文件: start.php 项目: godboko/modules
/**
 *  Start the checkout process -- user can create account or log into existing account
 */
function shop_user_start()
{
    // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
    if (xarUserIsLoggedIn()) {
        xarResponse::redirect(xarModURL('shop', 'user', 'viewcart'));
        return true;
    }
    $shop = xarSession::getVar('shop');
    if (empty($shop)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'main'));
        return true;
    }
    sys::import('modules.dynamicdata.class.objects.master');
    sys::import('modules.dynamicdata.class.properties.master');
    $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
    $properties = $rolesobject->properties;
    $data['properties'] = $properties;
    $isvalid = $rolesobject->properties['email']->checkInput();
    $isvalid2 = $rolesobject->properties['password']->checkInput();
    if ($isvalid && $isvalid2) {
        if (!xarSecConfirmAuthKey()) {
            // right time to do this??
            return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
        }
        // Create the role and the customer object and then log in
        $email = $rolesobject->properties['email']->getValue();
        $password = $rolesobject->properties['password']->getValue();
        $values['name'] = $email;
        $values['email'] = $email;
        $values['uname'] = $email;
        $values['password'] = $password;
        $values['state'] = 3;
        $rolesobject->setFieldValues($values, 1);
        $uid = $rolesobject->createItem();
        $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
        $custobject->createItem(array('id' => $uid));
        $name = 'dd_' . $properties['password']->id;
        $vals = $properties['password']->fetchValue($name);
        $pass = $vals[1][0];
        $res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass));
        xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
        return true;
    } else {
        // We don't yet have a valid email or password for registration...
        return xarTplModule('shop', 'user', 'start', $data);
    }
}
示例#6
0
/**
 *  Select existing payment method or create new one to use for this transaction
 */
function shop_user_paymentmethod()
{
    // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
    $shippingaddress = xarSession::getVar('shippingaddress');
    if (empty($shippingaddress)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
        return true;
    }
    $shop = xarSession::getVar('shop');
    if (!xarUserIsLoggedIn() || empty($shop)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'main'));
        return true;
    }
    if (!xarVarFetch('proceedsaved', 'str', $proceedsaved, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    if (!xarVarFetch('proceednew', 'str', $proceednew, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    if (!xarVarFetch('paymentmethod', 'str', $paymentmethod, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    if (!xarVarFetch('remove', 'str', $remove, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    $cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
    $data['cust'] = $cust;
    sys::import('modules.dynamicdata.class.objects.master');
    sys::import('modules.dynamicdata.class.properties.master');
    $shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses'));
    $shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress')));
    $shippingvals = $shippingobject->getFieldValues();
    $data['shippingvals'] = $shippingvals;
    // Get the saved payment methods, if any exist
    $mylist = DataObjectMaster::getObjectList(array('name' => 'shop_paymentmethods'));
    $filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'where' => 'customer eq ' . xarUserGetVar('id'));
    $paymentmethods = $mylist->getItems($filters);
    $data['paymentmethods'] = $paymentmethods;
    $data['paymentobject'] = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods'));
    $data['paymentobject']->properties['name']->display_show_salutation = false;
    $data['paymentobject']->properties['name']->display_show_middlename = false;
    $data['paymentobject']->properties['address']->display_rows = 1;
    $data['paymentobject']->properties['address']->display_show_country = false;
    $data['properties'] = $data['paymentobject']->getProperties();
    if ($remove) {
        if ($remove == xarSession::getVar('paymentmethod')) {
            xarSession::delVar('paymentmethod');
        }
        $data['paymentobject']->getItem(array('itemid' => $remove));
        $data['paymentobject']->deleteItem();
        xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod'));
        return true;
    }
    $selectedpaymentmethod = xarSession::getVar('paymentmethod');
    if (!empty($selectedpaymentmethod)) {
        $data['paymentmethod'] = $selectedpaymentmethod;
    }
    // If we're using a saved payment method...
    if ($proceedsaved) {
        xarSession::setVar('paymentmethod', $paymentmethod);
        xarResponse::redirect(xarModURL('shop', 'user', 'order'));
        return true;
    } elseif ($proceednew) {
        // We're not using a saved payment method...
        $isvalid = $data['paymentobject']->checkInput();
        if (isset($exp_date)) {
            $exp_month = substr($exp_date, 0, 2);
            $exp_year = substr($exp_date, 2, 4);
            $reverse_date = $exp_year . $exp_month;
            $minimum_date = date('ym', time());
            if ($minimum_date > $reverse_date) {
                $errors['exp_date'] = true;
            }
        }
        if (isset($errors)) {
            xarSession::setVar('errors', $errors);
        }
        if (!$isvalid) {
            return xarTplModule('shop', 'user', 'paymentmethod', $data);
        } else {
            xarSession::setVar('paymentmethod', $data['paymentobject']->createItem());
            xarResponse::redirect(xarModURL('shop', 'user', 'order'));
            return true;
        }
    }
    return $data;
}
示例#7
0
文件: order.php 项目: godboko/modules
/**
 * Review and submit order
 */
function shop_user_order()
{
    // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
    $shippingaddress = xarSession::getVar('shippingaddress');
    if (empty($shippingaddress)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
        return true;
    }
    $paymentmethod = xarSession::getVar('paymentmethod');
    if (empty($paymentmethod)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod'));
        return true;
    }
    $shop = xarSession::getVar('shop');
    if (!xarUserIsLoggedIn() || empty($shop)) {
        xarResponse::redirect(xarModURL('shop', 'user', 'main'));
        return;
    }
    if (!xarVarFetch('placeorder', 'str', $placeorder, NULL, XARVAR_NOT_REQUIRED)) {
        return;
    }
    sys::import('modules.dynamicdata.class.objects.master');
    $shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses'));
    $shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress')));
    $shippingvals = $shippingobject->getFieldValues();
    $data['shippingvals'] = $shippingvals;
    $data['products'] = xarSession::getVar('products');
    $data['total'] = xarSession::getVar('total');
    $time = time();
    xarSession::setVar('time', $time);
    $paymentobject = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods'));
    $paymentmethod = xarSession::getVar('paymentmethod');
    $paymentobject->getItem(array('itemid' => $paymentmethod));
    $values = $paymentobject->getFieldValues();
    $data['payvalues'] = $values;
    if ($placeorder) {
        /*if (isset($exp_date)) {
              $exp_month = substr($exp_date,0,2);
              $exp_year = substr($exp_date,2,4);
              $reverse_date = $exp_year . $exp_month;
              $minimum_date = date('ym',time());
              if ($minimum_date > $reverse_date) {
                  $errors = xarSession::getVar('errors');
                  $errors['exp_date'] = true;
                  xarSession::setVar('errors',$errors);
              }
          }*/
        // A few more things
        $values['date'] = $time;
        $values['products'] = serialize($data['products']);
        $values['total'] = xarSession::getVar('total');
        /*****************************/
        /***** PAYMENT PROCESSING ****/
        /*****************************/
        $response = xarMod::APIFunc('shop', 'admin', 'handlepgresponse', array('transfields' => $values));
        if (isset($response['trans_id']) && !empty($response['trans_id'])) {
            // We have a successful transaction...
            $data['response'] = $response;
            $values['pg_transaction_id'] = $response['trans_id'];
            $transobject = DataObjectMaster::getObject(array('name' => 'shop_transactions'));
            $tid = $transobject->createItem($values);
            $order = xarSession::getVar('order');
            $order['products'] = xarSession::getVar('products');
            $order['tid'] = $tid;
            $order['date'] = date('F j, Y g:i a', xarSession::getVar('time'));
            xarSession::setVar('order', $order);
            xarSession::delVar('pg_response');
            // This is set in shop_adminapi_handlepgresponse()
            //Need to clear all this now that the purchase went through.  Doing so ensures we don't re-submit the order
            xarSession::delVar('errors');
            xarSession::delVar('shop');
            xarSession::delVar('products');
            xarResponse::redirect(xarModURL('shop', 'user', 'complete'));
            return true;
        } else {
            // There must be a problem...
            $pg_key = xarModVars::get('shop', 'pg_key');
            // Assuming we're using the key field for all payment gateways for keys, passwords and the like...
            if (empty($pg_key)) {
                $errors = xarSession::getVar('pg_response');
                $pg_response['msg'] .= "<p style='color:red'><strong>Looks like you haven't entered a payment gateway key.  <a href='" . xarModURL('shop', 'admin', 'overview') . "'>Read me</a>.</strong></p>";
                xarSession::setVar('pg_response', $pg_response);
            }
            xarResponse::redirect(xarModURL('shop', 'user', 'order'));
            return true;
        }
    }
    return $data;
}