Advertisement
Boelle

Untitled

Aug 30th, 2015
162
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.81 KB | None | 0 0
  1. <?php
  2. /*
  3. $Id$
  4.  
  5. osCommerce, Open Source E-Commerce Solutions
  6. http://www.oscommerce.com
  7.  
  8. Copyright (c) 2012 osCommerce
  9.  
  10. Released under the GNU General Public License
  11. */
  12.  
  13. include('includes/application_top.php');
  14.  
  15. // if the customer is not logged on, redirect them to the login page
  16. if (!tep_session_is_registered('customer_id')) {
  17. $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
  18. tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  19. }
  20.  
  21. // if there is nothing in the customers cart, redirect them to the shopping cart page
  22. if ($cart->count_contents() < 1) {
  23. tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  24. }
  25.  
  26. // if no shipping method has been selected, redirect the customer to the shipping method selection page
  27. if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {
  28. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  29. }
  30.  
  31. if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
  32. tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
  33. }
  34.  
  35. // avoid hack attempts during the checkout procedure by checking the internal cartID
  36. if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
  37. if ($cart->cartID != $cartID) {
  38. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  39. }
  40. }
  41.  
  42. include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);
  43.  
  44. // load selected payment module
  45. require(DIR_WS_CLASSES . 'payment.php');
  46. $payment_modules = new payment($payment);
  47.  
  48. // load the selected shipping module
  49. require(DIR_WS_CLASSES . 'shipping.php');
  50. $shipping_modules = new shipping($shipping);
  51.  
  52. require(DIR_WS_CLASSES . 'order.php');
  53. $order = new order;
  54.  
  55. // Stock Check
  56. $any_out_of_stock = false;
  57. if (STOCK_CHECK == 'true') {
  58. for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  59. if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
  60. $any_out_of_stock = true;
  61. }
  62. }
  63. // Out of Stock
  64. if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
  65. tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  66. }
  67. }
  68.  
  69. $payment_modules->update_status();
  70.  
  71. /*######## Points/Rewards Module V3.0 BOF #################*/
  72. if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) && (!$customer_shopping_points_spending) || (is_object($$payment) && ($$payment->enabled == false)) ) {
  73. /*######## Points/Rewards Module V3.0 EOF #################*/
  74. tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
  75. }
  76.  
  77. require(DIR_WS_CLASSES . 'order_total.php');
  78. $order_total_modules = new order_total;
  79.  
  80. $order_totals = $order_total_modules->process();
  81.  
  82. // load the before_process function from the payment modules
  83. $payment_modules->before_process();
  84.  
  85. $sql_data_array = array('customers_id' => $customer_id,
  86. 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],
  87. 'customers_company' => $order->customer['company'],
  88. 'customers_street_address' => $order->customer['street_address'],
  89. 'customers_suburb' => $order->customer['suburb'],
  90. 'customers_city' => $order->customer['city'],
  91. 'customers_postcode' => $order->customer['postcode'],
  92. 'customers_state' => $order->customer['state'],
  93. 'customers_country' => $order->customer['country']['title'],
  94. 'customers_telephone' => $order->customer['telephone'],
  95. 'customers_email_address' => $order->customer['email_address'],
  96. 'customers_address_format_id' => $order->customer['format_id'],
  97. 'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),
  98. 'delivery_company' => $order->delivery['company'],
  99. 'delivery_street_address' => $order->delivery['street_address'],
  100. 'delivery_suburb' => $order->delivery['suburb'],
  101. 'delivery_city' => $order->delivery['city'],
  102. 'delivery_postcode' => $order->delivery['postcode'],
  103. 'delivery_state' => $order->delivery['state'],
  104. 'delivery_country' => $order->delivery['country']['title'],
  105. 'delivery_address_format_id' => $order->delivery['format_id'],
  106. 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],
  107. 'billing_company' => $order->billing['company'],
  108. 'billing_street_address' => $order->billing['street_address'],
  109. 'billing_suburb' => $order->billing['suburb'],
  110. 'billing_city' => $order->billing['city'],
  111. 'billing_postcode' => $order->billing['postcode'],
  112. 'billing_state' => $order->billing['state'],
  113. 'billing_country' => $order->billing['country']['title'],
  114. 'billing_address_format_id' => $order->billing['format_id'],
  115. 'payment_method' => $order->info['payment_method'],
  116. 'cc_type' => $order->info['cc_type'],
  117. 'cc_owner' => $order->info['cc_owner'],
  118. 'cc_number' => $order->info['cc_number'],
  119. 'cc_expires' => $order->info['cc_expires'],
  120. 'date_purchased' => 'now()',
  121. 'orders_status' => $order->info['order_status'],
  122. 'currency' => $order->info['currency'],
  123. 'currency_value' => $order->info['currency_value']);
  124.  
  125. $date_purchased2 = date("d-m-Y H:i:s");
  126.  
  127.  
  128. // QuickPay changed start
  129. // quickpay_advanced
  130. $order_write = true; // by default write order
  131. $order_totals_write = true; // by default write order totals
  132. $order_products_write = true; // by default write product information
  133.  
  134. if (strncmp($payment, 'quickpay', 8) == 0) {
  135. if ($payment == 'quickpay_advanced') {
  136. // the complete order is already written
  137. // and approved through callback
  138. // we checked this with before_process();
  139. $insert_id = $order_id;
  140. $order_write = false;
  141. $order_totals_write = false;
  142. $order_products_write = false;
  143. } else {
  144. // the standard module did write only an empty order
  145. // for getting the order id before payment
  146. tep_db_perform(TABLE_ORDERS, $sql_data_array, 'update', 'orders_id = ' . $order_id);
  147. $insert_id = $order_id;
  148. $order_write = false;
  149. $order_totals_write = true;
  150. $order_products_write = true;
  151. }
  152. // Update transaction_id from db
  153. $transaction_query = tep_db_query("SELECT cc_transactionid FROM " . TABLE_ORDERS . " WHERE orders_id = '" . tep_db_input($order_id) . "'");
  154. $transaction = tep_db_fetch_array($transaction_query);
  155. $order->info['cc_transactionid'] = $transaction['cc_transactionid'];
  156. }
  157.  
  158. // firebug / firePHP debugging
  159. if (isset($firephp)) {
  160. $firephp->log($payment, '$payment');
  161. $firephp->log($order_id, 'order_id');
  162. $firephp->log($insert_id, 'insert_id');
  163. $firephp->log($sql_data_array, 'order obj');
  164. //exit();
  165. }
  166.  
  167.  
  168.  
  169. if ($order_write) {
  170. // else do as usual
  171. tep_db_perform(TABLE_ORDERS, $sql_data_array);
  172. $insert_id = tep_db_insert_id();
  173. }
  174.  
  175. // QuickPay changed end
  176. // QuickPay changed start
  177. if ($order_totals_write) {
  178. // write order totals unless they already are written (quickpay_advanced)
  179. // the order() constructor does not fill all information
  180. // when the order is recreated from an order id
  181. // so these fields are only filled when the order is taken from the cart
  182. for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  183. $sql_data_array = array('orders_id' => $insert_id,
  184. 'title' => $order_totals[$i]['title'],
  185. 'text' => $order_totals[$i]['text'],
  186. 'value' => $order_totals[$i]['value'],
  187. 'class' => $order_totals[$i]['code'],
  188. 'sort_order' => $order_totals[$i]['sort_order']);
  189. tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
  190. }
  191.  
  192. #### Points/Rewards Module V3.0 balance customer points BOF ####
  193. if ((USE_POINTS_SYSTEM == 'true') && (USE_REDEEM_SYSTEM == 'true')) {
  194. // customer pending points added
  195. if ($order->info['total'] > 0) {
  196. $points_toadd = get_points_toadd($order);
  197. $points_comment = 'TEXT_DEFAULT_COMMENT';
  198. $points_type = 'SP';
  199. if ((get_redemption_awards($customer_shopping_points_spending) == true) && ($points_toadd >0)) {
  200. tep_add_pending_points($customer_id, $insert_id, $points_toadd, $points_comment, $points_type);
  201. }
  202. }
  203. // customer referral points added
  204. if ((tep_session_is_registered('customer_referral')) && (tep_not_null(USE_REFERRAL_SYSTEM))) {
  205. $referral_twice_query = tep_db_query("select unique_id from " . TABLE_CUSTOMERS_POINTS_PENDING . " where orders_id = '". (int)$insert_id ."' and points_type = 'RF' limit 1");
  206. if (!tep_db_num_rows($referral_twice_query)) {
  207. $points_toadd = USE_REFERRAL_SYSTEM;
  208. $points_comment = 'TEXT_DEFAULT_REFERRAL';
  209. $points_type = 'RF';
  210. tep_add_pending_points($customer_referral, $insert_id, $points_toadd, $points_comment, $points_type);
  211. }
  212. }
  213. // customer shoppping points account balanced
  214. if ($customer_shopping_points_spending) {
  215. tep_redeemed_points($customer_id, $insert_id, $customer_shopping_points_spending);
  216. }
  217. }
  218. // QuickPay changed end
  219. #### Points/Rewards Module V3.0 balance customer points EOF ####*/
  220.  
  221.  
  222.  
  223. $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';
  224. $sql_data_array = array('orders_id' => $insert_id,
  225. 'orders_status_id' => $order->info['order_status'],
  226. 'date_added' => 'now()',
  227. 'customer_notified' => $customer_notification,
  228. 'comments' => $order->info['comments']);
  229. tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  230.  
  231. // initialized for the email confirmation
  232. $products_ordered = '';
  233.  
  234. for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  235. // Stock Update - Joao Correia
  236. if (STOCK_LIMITED == 'true') {
  237. if (DOWNLOAD_ENABLED == 'true') {
  238. $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  239. FROM " . TABLE_PRODUCTS . " p
  240. LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  241. ON p.products_id=pa.products_id
  242. LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  243. ON pa.products_attributes_id=pad.products_attributes_id
  244. WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
  245. // Will work with only one option for downloadable products
  246. // otherwise, we have to build the query dynamically with a loop
  247. $products_attributes = (isset($order->products[$i]['attributes'])) ? $order->products[$i]['attributes'] : '';
  248. if (is_array($products_attributes)) {
  249. $stock_query_raw .= " AND pa.options_id = '" . (int)$products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . (int)$products_attributes[0]['value_id'] . "'";
  250. }
  251. $stock_query = tep_db_query($stock_query_raw);
  252. } else {
  253. $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  254. }
  255. if (tep_db_num_rows($stock_query) > 0) {
  256. $stock_values = tep_db_fetch_array($stock_query);
  257. // do not decrement quantities if products_attributes_filename exists
  258. if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
  259. $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
  260. } else {
  261. $stock_left = $stock_values['products_quantity'];
  262. }
  263. tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int)$stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  264. if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
  265. tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  266. }
  267. }
  268. }
  269.  
  270. // Update products_ordered (for bestsellers list)
  271. tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  272.  
  273. // QuickPay changed start
  274. if ($order_products_write == true) {
  275. // QuickPay changed end
  276. $sql_data_array = array('orders_id' => $insert_id,
  277. 'products_id' => tep_get_prid($order->products[$i]['id']),
  278. 'products_model' => $order->products[$i]['model'],
  279. 'products_name' => $order->products[$i]['name'],
  280. 'products_price' => $order->products[$i]['price'],
  281. 'final_price' => $order->products[$i]['final_price'],
  282. 'products_tax' => $order->products[$i]['tax'],
  283. 'products_quantity' => $order->products[$i]['qty']);
  284. tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
  285. $order_products_id = tep_db_insert_id();
  286. // QuickPay changed start
  287. }
  288. // QuickPay changed end
  289.  
  290.  
  291. //------insert customer choosen option to order--------
  292. $attributes_exist = '0';
  293. $products_ordered_attributes = '';
  294. if (isset($order->products[$i]['attributes'])) {
  295. $attributes_exist = '1';
  296. for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
  297. if (DOWNLOAD_ENABLED == 'true') {
  298. $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  299. from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  300. left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  301. on pa.products_attributes_id=pad.products_attributes_id
  302. where pa.products_id = '" . (int)$order->products[$i]['id'] . "'
  303. and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "'
  304. and pa.options_id = popt.products_options_id
  305. and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "'
  306. and pa.options_values_id = poval.products_options_values_id
  307. and popt.language_id = '" . (int)$languages_id . "'
  308. and poval.language_id = '" . (int)$languages_id . "'";
  309. $attributes = tep_db_query($attributes_query);
  310. } else {
  311. $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . (int)$order->products[$i]['id'] . "' and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . (int)$languages_id . "' and poval.language_id = '" . (int)$languages_id . "'");
  312. }
  313. $attributes_values = tep_db_fetch_array($attributes);
  314.  
  315. // QuickPay changed start
  316. if ($order_products_write == true) {
  317. // QuickPay changed end
  318.  
  319. $sql_data_array = array('orders_id' => $insert_id,
  320. 'orders_products_id' => $order_products_id,
  321. 'products_options' => $attributes_values['products_options_name'],
  322. 'products_options_values' => $attributes_values['products_options_values_name'],
  323. 'options_values_price' => $attributes_values['options_values_price'],
  324. 'price_prefix' => $attributes_values['price_prefix']);
  325. tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
  326.  
  327. if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
  328. $sql_data_array = array('orders_id' => $insert_id,
  329. 'orders_products_id' => $order_products_id,
  330. 'orders_products_filename' => $attributes_values['products_attributes_filename'],
  331. 'download_maxdays' => $attributes_values['products_attributes_maxdays'],
  332. 'download_count' => $attributes_values['products_attributes_maxcount']);
  333. tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
  334. }
  335.  
  336. // QuickPay changed start
  337. }
  338. // QuickPay changed end
  339.  
  340. $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
  341. }
  342. }
  343. //------insert customer choosen option eof ----
  344. $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
  345. }
  346.  
  347. // lets start with the email confirmation
  348. $email_order = STORE_NAME . "\n" .
  349. EMAIL_SEPARATOR . "\n" .
  350. EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .
  351. EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .
  352. EMAIL_TEXT_DATE_ORDERED . ' ' . $date_purchased2 . "\n\n";
  353.  
  354. $email_order .= EMAIL_TEXT_PRODUCTS . "\n" .
  355. EMAIL_SEPARATOR . "\n" .
  356. $products_ordered .
  357. EMAIL_SEPARATOR . "\n";
  358.  
  359. for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  360. $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
  361. }
  362.  
  363. if ($order->content_type != 'virtual') {
  364. $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .
  365. EMAIL_SEPARATOR . "\n" .
  366. tep_address_label($customer_id, $sendto, 0, '', "\n") .
  367. "\n". "Tlf: " . $order->customer['telephone']. "\n";
  368.  
  369.  
  370. "\n";
  371. }
  372.  
  373.  
  374.  
  375. if ($order->info['comments']) {
  376. $email_order .= "\nKommentar:" . "\n" . EMAIL_SEPARATOR . "\n" . tep_db_output($order->info['comments']) . "\n\n";
  377. }
  378.  
  379.  
  380. if (is_object($$payment)) {
  381. $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
  382. EMAIL_SEPARATOR . "\n";
  383. $payment_class = $$payment;
  384. $email_order .= $order->info['payment_method'] . "\n\n";
  385. if (isset($payment_class->email_footer)) {
  386. // QuickPay changed start
  387. if (strncmp($payment, 'quickpay', 8) == 0 && $order->info['cc_transactionid']) {
  388. $email_order .= sprintf($payment_class->email_footer, $order->info['cc_transactionid']) . "\n\n";
  389. } else {
  390. $email_order .= $payment_class->email_footer . "\n\n";
  391. }
  392. // QuickPay changed end
  393. }
  394. }
  395. tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  396.  
  397. // send emails to other people
  398. if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
  399. tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  400. }
  401.  
  402. // load the after_process function from the payment modules
  403. $payment_modules->after_process();
  404.  
  405. $cart->reset(true);
  406.  
  407. // unregister session variables used during checkout
  408. tep_session_unregister('sendto');
  409. tep_session_unregister('billto');
  410. tep_session_unregister('shipping');
  411. tep_session_unregister('payment');
  412. tep_session_unregister('comments');
  413.  
  414. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  415. if (tep_session_is_registered('customer_shopping_points')) tep_session_unregister('customer_shopping_points');
  416. if (tep_session_is_registered('customer_shopping_points_spending')) tep_session_unregister('customer_shopping_points_spending');
  417. if (tep_session_is_registered('customer_referral')) tep_session_unregister('customer_referral');
  418. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  419.  
  420. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
  421.  
  422. require(DIR_WS_INCLUDES . 'application_bottom.php');
  423. ?><?php
  424. /*
  425. $Id$
  426.  
  427. osCommerce, Open Source E-Commerce Solutions
  428. http://www.oscommerce.com
  429.  
  430. Copyright (c) 2012 osCommerce
  431.  
  432. Released under the GNU General Public License
  433. */
  434.  
  435. include('includes/application_top.php');
  436.  
  437. // if the customer is not logged on, redirect them to the login page
  438. if (!tep_session_is_registered('customer_id')) {
  439. $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
  440. tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  441. }
  442.  
  443. // if there is nothing in the customers cart, redirect them to the shopping cart page
  444. if ($cart->count_contents() < 1) {
  445. tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  446. }
  447.  
  448. // if no shipping method has been selected, redirect the customer to the shipping method selection page
  449. if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {
  450. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  451. }
  452.  
  453. if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
  454. tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
  455. }
  456.  
  457. // avoid hack attempts during the checkout procedure by checking the internal cartID
  458. if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
  459. if ($cart->cartID != $cartID) {
  460. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  461. }
  462. }
  463.  
  464. include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);
  465.  
  466. // load selected payment module
  467. require(DIR_WS_CLASSES . 'payment.php');
  468. $payment_modules = new payment($payment);
  469.  
  470. // load the selected shipping module
  471. require(DIR_WS_CLASSES . 'shipping.php');
  472. $shipping_modules = new shipping($shipping);
  473.  
  474. require(DIR_WS_CLASSES . 'order.php');
  475. $order = new order;
  476.  
  477. // Stock Check
  478. $any_out_of_stock = false;
  479. if (STOCK_CHECK == 'true') {
  480. for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  481. if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
  482. $any_out_of_stock = true;
  483. }
  484. }
  485. // Out of Stock
  486. if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
  487. tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  488. }
  489. }
  490.  
  491. $payment_modules->update_status();
  492.  
  493. /*######## Points/Rewards Module V3.0 BOF #################*/
  494. if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) && (!$customer_shopping_points_spending) || (is_object($$payment) && ($$payment->enabled == false)) ) {
  495. /*######## Points/Rewards Module V3.0 EOF #################*/
  496. tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
  497. }
  498.  
  499. require(DIR_WS_CLASSES . 'order_total.php');
  500. $order_total_modules = new order_total;
  501.  
  502. $order_totals = $order_total_modules->process();
  503.  
  504. // load the before_process function from the payment modules
  505. $payment_modules->before_process();
  506.  
  507. $sql_data_array = array('customers_id' => $customer_id,
  508. 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],
  509. 'customers_company' => $order->customer['company'],
  510. 'customers_street_address' => $order->customer['street_address'],
  511. 'customers_suburb' => $order->customer['suburb'],
  512. 'customers_city' => $order->customer['city'],
  513. 'customers_postcode' => $order->customer['postcode'],
  514. 'customers_state' => $order->customer['state'],
  515. 'customers_country' => $order->customer['country']['title'],
  516. 'customers_telephone' => $order->customer['telephone'],
  517. 'customers_email_address' => $order->customer['email_address'],
  518. 'customers_address_format_id' => $order->customer['format_id'],
  519. 'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),
  520. 'delivery_company' => $order->delivery['company'],
  521. 'delivery_street_address' => $order->delivery['street_address'],
  522. 'delivery_suburb' => $order->delivery['suburb'],
  523. 'delivery_city' => $order->delivery['city'],
  524. 'delivery_postcode' => $order->delivery['postcode'],
  525. 'delivery_state' => $order->delivery['state'],
  526. 'delivery_country' => $order->delivery['country']['title'],
  527. 'delivery_address_format_id' => $order->delivery['format_id'],
  528. 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],
  529. 'billing_company' => $order->billing['company'],
  530. 'billing_street_address' => $order->billing['street_address'],
  531. 'billing_suburb' => $order->billing['suburb'],
  532. 'billing_city' => $order->billing['city'],
  533. 'billing_postcode' => $order->billing['postcode'],
  534. 'billing_state' => $order->billing['state'],
  535. 'billing_country' => $order->billing['country']['title'],
  536. 'billing_address_format_id' => $order->billing['format_id'],
  537. 'payment_method' => $order->info['payment_method'],
  538. 'cc_type' => $order->info['cc_type'],
  539. 'cc_owner' => $order->info['cc_owner'],
  540. 'cc_number' => $order->info['cc_number'],
  541. 'cc_expires' => $order->info['cc_expires'],
  542. 'date_purchased' => 'now()',
  543. 'orders_status' => $order->info['order_status'],
  544. 'currency' => $order->info['currency'],
  545. 'currency_value' => $order->info['currency_value']);
  546.  
  547. $date_purchased2 = date("d-m-Y H:i:s");
  548.  
  549.  
  550. // QuickPay changed start
  551. // quickpay_advanced
  552. $order_write = true; // by default write order
  553. $order_totals_write = true; // by default write order totals
  554. $order_products_write = true; // by default write product information
  555.  
  556. if (strncmp($payment, 'quickpay', 8) == 0) {
  557. if ($payment == 'quickpay_advanced') {
  558. // the complete order is already written
  559. // and approved through callback
  560. // we checked this with before_process();
  561. $insert_id = $order_id;
  562. $order_write = false;
  563. $order_totals_write = false;
  564. $order_products_write = false;
  565. } else {
  566. // the standard module did write only an empty order
  567. // for getting the order id before payment
  568. tep_db_perform(TABLE_ORDERS, $sql_data_array, 'update', 'orders_id = ' . $order_id);
  569. $insert_id = $order_id;
  570. $order_write = false;
  571. $order_totals_write = true;
  572. $order_products_write = true;
  573. }
  574. // Update transaction_id from db
  575. $transaction_query = tep_db_query("SELECT cc_transactionid FROM " . TABLE_ORDERS . " WHERE orders_id = '" . tep_db_input($order_id) . "'");
  576. $transaction = tep_db_fetch_array($transaction_query);
  577. $order->info['cc_transactionid'] = $transaction['cc_transactionid'];
  578. }
  579.  
  580. // firebug / firePHP debugging
  581. if (isset($firephp)) {
  582. $firephp->log($payment, '$payment');
  583. $firephp->log($order_id, 'order_id');
  584. $firephp->log($insert_id, 'insert_id');
  585. $firephp->log($sql_data_array, 'order obj');
  586. //exit();
  587. }
  588.  
  589.  
  590.  
  591. if ($order_write) {
  592. // else do as usual
  593. tep_db_perform(TABLE_ORDERS, $sql_data_array);
  594. $insert_id = tep_db_insert_id();
  595. }
  596.  
  597. // QuickPay changed end
  598. // QuickPay changed start
  599. if ($order_totals_write) {
  600. // write order totals unless they already are written (quickpay_advanced)
  601. // the order() constructor does not fill all information
  602. // when the order is recreated from an order id
  603. // so these fields are only filled when the order is taken from the cart
  604. for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  605. $sql_data_array = array('orders_id' => $insert_id,
  606. 'title' => $order_totals[$i]['title'],
  607. 'text' => $order_totals[$i]['text'],
  608. 'value' => $order_totals[$i]['value'],
  609. 'class' => $order_totals[$i]['code'],
  610. 'sort_order' => $order_totals[$i]['sort_order']);
  611. tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
  612. }
  613.  
  614. #### Points/Rewards Module V3.0 balance customer points BOF ####
  615. if ((USE_POINTS_SYSTEM == 'true') && (USE_REDEEM_SYSTEM == 'true')) {
  616. // customer pending points added
  617. if ($order->info['total'] > 0) {
  618. $points_toadd = get_points_toadd($order);
  619. $points_comment = 'TEXT_DEFAULT_COMMENT';
  620. $points_type = 'SP';
  621. if ((get_redemption_awards($customer_shopping_points_spending) == true) && ($points_toadd >0)) {
  622. tep_add_pending_points($customer_id, $insert_id, $points_toadd, $points_comment, $points_type);
  623. }
  624. }
  625. // customer referral points added
  626. if ((tep_session_is_registered('customer_referral')) && (tep_not_null(USE_REFERRAL_SYSTEM))) {
  627. $referral_twice_query = tep_db_query("select unique_id from " . TABLE_CUSTOMERS_POINTS_PENDING . " where orders_id = '". (int)$insert_id ."' and points_type = 'RF' limit 1");
  628. if (!tep_db_num_rows($referral_twice_query)) {
  629. $points_toadd = USE_REFERRAL_SYSTEM;
  630. $points_comment = 'TEXT_DEFAULT_REFERRAL';
  631. $points_type = 'RF';
  632. tep_add_pending_points($customer_referral, $insert_id, $points_toadd, $points_comment, $points_type);
  633. }
  634. }
  635. // customer shoppping points account balanced
  636. if ($customer_shopping_points_spending) {
  637. tep_redeemed_points($customer_id, $insert_id, $customer_shopping_points_spending);
  638. }
  639. }
  640. // QuickPay changed end
  641. #### Points/Rewards Module V3.0 balance customer points EOF ####*/
  642.  
  643.  
  644.  
  645. $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';
  646. $sql_data_array = array('orders_id' => $insert_id,
  647. 'orders_status_id' => $order->info['order_status'],
  648. 'date_added' => 'now()',
  649. 'customer_notified' => $customer_notification,
  650. 'comments' => $order->info['comments']);
  651. tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  652.  
  653. // initialized for the email confirmation
  654. $products_ordered = '';
  655.  
  656. for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  657. // Stock Update - Joao Correia
  658. if (STOCK_LIMITED == 'true') {
  659. if (DOWNLOAD_ENABLED == 'true') {
  660. $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  661. FROM " . TABLE_PRODUCTS . " p
  662. LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  663. ON p.products_id=pa.products_id
  664. LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  665. ON pa.products_attributes_id=pad.products_attributes_id
  666. WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
  667. // Will work with only one option for downloadable products
  668. // otherwise, we have to build the query dynamically with a loop
  669. $products_attributes = (isset($order->products[$i]['attributes'])) ? $order->products[$i]['attributes'] : '';
  670. if (is_array($products_attributes)) {
  671. $stock_query_raw .= " AND pa.options_id = '" . (int)$products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . (int)$products_attributes[0]['value_id'] . "'";
  672. }
  673. $stock_query = tep_db_query($stock_query_raw);
  674. } else {
  675. $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  676. }
  677. if (tep_db_num_rows($stock_query) > 0) {
  678. $stock_values = tep_db_fetch_array($stock_query);
  679. // do not decrement quantities if products_attributes_filename exists
  680. if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
  681. $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
  682. } else {
  683. $stock_left = $stock_values['products_quantity'];
  684. }
  685. tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int)$stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  686. if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
  687. tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  688. }
  689. }
  690. }
  691.  
  692. // Update products_ordered (for bestsellers list)
  693. tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  694.  
  695. // QuickPay changed start
  696. if ($order_products_write == true) {
  697. // QuickPay changed end
  698. $sql_data_array = array('orders_id' => $insert_id,
  699. 'products_id' => tep_get_prid($order->products[$i]['id']),
  700. 'products_model' => $order->products[$i]['model'],
  701. 'products_name' => $order->products[$i]['name'],
  702. 'products_price' => $order->products[$i]['price'],
  703. 'final_price' => $order->products[$i]['final_price'],
  704. 'products_tax' => $order->products[$i]['tax'],
  705. 'products_quantity' => $order->products[$i]['qty']);
  706. tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
  707. $order_products_id = tep_db_insert_id();
  708. // QuickPay changed start
  709. }
  710. // QuickPay changed end
  711.  
  712.  
  713. //------insert customer choosen option to order--------
  714. $attributes_exist = '0';
  715. $products_ordered_attributes = '';
  716. if (isset($order->products[$i]['attributes'])) {
  717. $attributes_exist = '1';
  718. for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
  719. if (DOWNLOAD_ENABLED == 'true') {
  720. $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  721. from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  722. left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  723. on pa.products_attributes_id=pad.products_attributes_id
  724. where pa.products_id = '" . (int)$order->products[$i]['id'] . "'
  725. and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "'
  726. and pa.options_id = popt.products_options_id
  727. and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "'
  728. and pa.options_values_id = poval.products_options_values_id
  729. and popt.language_id = '" . (int)$languages_id . "'
  730. and poval.language_id = '" . (int)$languages_id . "'";
  731. $attributes = tep_db_query($attributes_query);
  732. } else {
  733. $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . (int)$order->products[$i]['id'] . "' and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . (int)$languages_id . "' and poval.language_id = '" . (int)$languages_id . "'");
  734. }
  735. $attributes_values = tep_db_fetch_array($attributes);
  736.  
  737. // QuickPay changed start
  738. if ($order_products_write == true) {
  739. // QuickPay changed end
  740.  
  741. $sql_data_array = array('orders_id' => $insert_id,
  742. 'orders_products_id' => $order_products_id,
  743. 'products_options' => $attributes_values['products_options_name'],
  744. 'products_options_values' => $attributes_values['products_options_values_name'],
  745. 'options_values_price' => $attributes_values['options_values_price'],
  746. 'price_prefix' => $attributes_values['price_prefix']);
  747. tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
  748.  
  749. if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
  750. $sql_data_array = array('orders_id' => $insert_id,
  751. 'orders_products_id' => $order_products_id,
  752. 'orders_products_filename' => $attributes_values['products_attributes_filename'],
  753. 'download_maxdays' => $attributes_values['products_attributes_maxdays'],
  754. 'download_count' => $attributes_values['products_attributes_maxcount']);
  755. tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
  756. }
  757.  
  758. // QuickPay changed start
  759. }
  760. // QuickPay changed end
  761.  
  762. $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
  763. }
  764. }
  765. //------insert customer choosen option eof ----
  766. $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
  767. }
  768.  
  769. // lets start with the email confirmation
  770. $email_order = STORE_NAME . "\n" .
  771. EMAIL_SEPARATOR . "\n" .
  772. EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .
  773. EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .
  774. EMAIL_TEXT_DATE_ORDERED . ' ' . $date_purchased2 . "\n\n";
  775.  
  776. $email_order .= EMAIL_TEXT_PRODUCTS . "\n" .
  777. EMAIL_SEPARATOR . "\n" .
  778. $products_ordered .
  779. EMAIL_SEPARATOR . "\n";
  780.  
  781. for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  782. $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
  783. }
  784.  
  785. if ($order->content_type != 'virtual') {
  786. $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .
  787. EMAIL_SEPARATOR . "\n" .
  788. tep_address_label($customer_id, $sendto, 0, '', "\n") .
  789. "\n". "Tlf: " . $order->customer['telephone']. "\n";
  790.  
  791.  
  792. "\n";
  793. }
  794.  
  795.  
  796.  
  797. if ($order->info['comments']) {
  798. $email_order .= "\nKommentar:" . "\n" . EMAIL_SEPARATOR . "\n" . tep_db_output($order->info['comments']) . "\n\n";
  799. }
  800.  
  801.  
  802. if (is_object($$payment)) {
  803. $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
  804. EMAIL_SEPARATOR . "\n";
  805. $payment_class = $$payment;
  806. $email_order .= $order->info['payment_method'] . "\n\n";
  807. if (isset($payment_class->email_footer)) {
  808. // QuickPay changed start
  809. if (strncmp($payment, 'quickpay', 8) == 0 && $order->info['cc_transactionid']) {
  810. $email_order .= sprintf($payment_class->email_footer, $order->info['cc_transactionid']) . "\n\n";
  811. } else {
  812. $email_order .= $payment_class->email_footer . "\n\n";
  813. }
  814. // QuickPay changed end
  815. }
  816. }
  817. tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  818.  
  819. // send emails to other people
  820. if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
  821. tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  822. }
  823.  
  824. // load the after_process function from the payment modules
  825. $payment_modules->after_process();
  826.  
  827. $cart->reset(true);
  828.  
  829. // unregister session variables used during checkout
  830. tep_session_unregister('sendto');
  831. tep_session_unregister('billto');
  832. tep_session_unregister('shipping');
  833. tep_session_unregister('payment');
  834. tep_session_unregister('comments');
  835.  
  836. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  837. if (tep_session_is_registered('customer_shopping_points')) tep_session_unregister('customer_shopping_points');
  838. if (tep_session_is_registered('customer_shopping_points_spending')) tep_session_unregister('customer_shopping_points_spending');
  839. if (tep_session_is_registered('customer_referral')) tep_session_unregister('customer_referral');
  840. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  841.  
  842. tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
  843.  
  844. require(DIR_WS_INCLUDES . 'application_bottom.php');
  845. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement