checkout_confirmation.php Points and Rewards BS

1. <?php
2. /*
3.   $Id$
4.  
5.   osCommerce, Open Source E-Commerce Solutions
6.   http://www.oscommerce.com
7.  
8.   Copyright (c) 2010 osCommerce
9.  
10.   Released under the GNU General Public License
11. */
12.  
13.   require('includes/application_top.php');
14.  
15. // if the customer is not logged on, redirect them to the login page
16.   if (!tep_session_is_registered('customer_id')) {
17.     $navigation->set_snapshot(array('mode' => 'SSL', 'page' => 'checkout_payment.php'));
18.     tep_redirect(tep_href_link('login.php', '', 'SSL'));
19.   }
20.  
21. // if there is nothing in the customers cart, redirect them to the shopping cart page
22.   if ($cart->count_contents() < 1) {
23.     tep_redirect(tep_href_link('shopping_cart.php'));
24.   }
25.  
26. // avoid hack attempts during the checkout procedure by checking the internal cartID
27.   if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
28.     if ($cart->cartID != $cartID) {
29.       tep_redirect(tep_href_link('checkout_shipping.php', '', 'SSL'));
30.     }
31.   }
32.  
33. // if no shipping method has been selected, redirect the customer to the shipping method selection page
34.   if (!tep_session_is_registered('shipping')) {
35.     tep_redirect(tep_href_link('checkout_shipping.php', '', 'SSL'));
36.   }
37.  
38.   if (!tep_session_is_registered('payment')) tep_session_register('payment');
39.   if (isset($_POST['payment'])) $payment = $_POST['payment'];
40.  
41.   if (!tep_session_is_registered('comments')) tep_session_register('comments');
42.   if (isset($_POST['comments']) && tep_not_null($_POST['comments'])) {
43.     $comments = tep_db_prepare_input($_POST['comments']);
44.   }
45.  
46. // load the selected payment module
47.   require('includes/classes/payment.php');
48.   $payment_modules = new payment($payment);
49.  
50.   require('includes/classes/order.php');
51.   $order = new order;
52.  
53.   $payment_modules->update_status();
54. /*
55.   if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) {
56.     tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
57.   }
58. */
59.  
60. // BOF POINTS REWARDS BS //-->
61.     if ((USE_POINTS_SYSTEM == 'true') && (USE_REDEEM_SYSTEM == 'true')) {
62.       if (isset($_POST['customer_shopping_points_spending']) && is_numeric($_POST['customer_shopping_points_spending']) && ($_POST['customer_shopping_points_spending'] > 0)) {
63.           $customer_shopping_points_spending = false;
64.           // This if sentence should include check for amount of points on account compared to the transferred point from checkout_payment.php
65.           // Possible Hack Fix included
66.           if (tep_calc_shopping_pvalue($_POST['customer_shopping_points_spending']) < $order->info['total'] && !is_object($$payment) || (tep_get_shopping_points($customer_id) < $_POST['customer_shopping_points_spending'])) {
67.               $customer_shopping_points_spending = false;
68.               tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(REDEEM_SYSTEM_ERROR_POINTS_NOT), 'SSL'));
69.           } else {
70.               $customer_shopping_points_spending = $_POST['customer_shopping_points_spending'];
71.               if (!tep_session_is_registered('customer_shopping_points_spending')) tep_session_register('customer_shopping_points_spending');
72.           }
73.       }
74.      
75.       //To ensure only the first order of a new customer is entitled to grant point to his/her referrer. Otherwise, a hacker might hard-code the email address of  a referrer and cheat for point on every single order the new customer made.
76.       if (tep_not_null(USE_REFERRAL_SYSTEM) && (tep_count_customer_orders() == 0)) {
77.           if (isset($_POST['customer_referred']) && tep_not_null($_POST['customer_referred'])) {
78.               $customer_referral = false;
79.               $check_mail = trim($_POST['customer_referred']);
80.               if (tep_validate_email($check_mail) == false) {
81.                   tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(REFERRAL_ERROR_NOT_VALID), 'SSL'));
82.               } else {
83.                   $valid_referral_query = tep_db_query("select customers_id from customers where customers_email_address = '" . $check_mail . "' limit 1");
84.                   $valid_referral = tep_db_fetch_array($valid_referral_query);
85.                   if (!tep_db_num_rows($valid_referral_query)) {
86.                       tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(REFERRAL_ERROR_NOT_FOUND), 'SSL'));
87.                   }
88.                  
89.                   if ($check_mail == $order->customer['email_address']) {
90.                       tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(REFERRAL_ERROR_SELF), 'SSL'));
91.                   } else {
92.                       $customer_referral = $valid_referral['customers_id'];
93.                       if (!tep_session_is_registered('customer_referral')) tep_session_register('customer_referral');
94.                   }
95.               }
96.           }
97.       }
98.   }
99.   if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) && (!$customer_shopping_points_spending) || (is_object($$payment) && ($$payment->enabled == false)) ) {
100.     tep_redirect(tep_href_link('checkout_payment.php', 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
101.   }
102.  
103. // EOF POINTS REWARDS BS //-->
104.  
105.   if (is_array($payment_modules->modules)) {
106.     $payment_modules->pre_confirmation_check();
107.   }
108.  
109. // load the selected shipping module
110.   require('includes/classes/shipping.php');
111.   $shipping_modules = new shipping($shipping);
112.  
113.   require('includes/classes/order_total.php');
114.   $order_total_modules = new order_total;
115.   $order_total_modules->process();
116.  
117. // Stock Check
118.   $any_out_of_stock = false;
119.   if (STOCK_CHECK == 'true') {
120.     for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
121.       if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
122.         $any_out_of_stock = true;
123.       }
124.     }
125.     // Out of Stock
126.     if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
127.       tep_redirect(tep_href_link('shopping_cart.php'));
128.     }
129.   }
130.  
131.   require('includes/languages/' . $language . '/checkout_confirmation.php');
132.  
133.   $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link('checkout_shipping.php', '', 'SSL'));
134.   $breadcrumb->add(NAVBAR_TITLE_2);
135.  
136.   require('includes/template_top.php');
137. ?>
138.  
139. <div class="page-header">
140.   <h1><?php echo HEADING_TITLE; ?></h1>
141. </div>
142.  
143. <?php
144.   if ($messageStack->size('checkout_confirmation') > 0) {
145.     echo $messageStack->output('checkout_confirmation');
146.   }
147.  
148.   if (isset($$payment->form_action_url)) {
149.     $form_action_url = $$payment->form_action_url;
150.   } else {
151.     $form_action_url = tep_href_link('checkout_process.php', '', 'SSL');
152.   }
153.  
154.   echo tep_draw_form('checkout_confirmation', $form_action_url, 'post');
155. ?>
156.  
157. <div class="contentContainer">
158.   <div class="contentText">
159.  
160.     <div class="panel panel-default">
161.       <div class="panel-heading"><?php echo '<strong>' . HEADING_PRODUCTS . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('shopping_cart.php'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></div>
162.       <div class="panel-body">
163.     <table width="100%" class="table-hover order_confirmation">
164.      <tbody>
165.  
166. <?php
167.   for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
168.     echo '          <tr>' . "\n" .
169.          '            <td align="right" valign="top" width="30">' . $order->products[$i]['qty'] . '&nbsp;x&nbsp;</td>' . "\n" .
170.          '            <td valign="top">' . $order->products[$i]['name'];
171.  
172.     if (STOCK_CHECK == 'true') {
173.       echo tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty']);
174.     }
175.  
176.     if ( (isset($order->products[$i]['attributes'])) && (sizeof($order->products[$i]['attributes']) > 0) ) {
177.       for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
178.         echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'] . '</i></small></nobr>';
179.       }
180.     }
181.  
182.     echo '</td>' . "\n";
183.  
184.     if (sizeof($order->info['tax_groups']) > 1) echo '            <td valign="top" align="right">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n";
185.  
186.     echo '            <td align="right" valign="top">' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . '</td>' . "\n" .
187.          '          </tr>' . "\n";
188.   }
189. ?>
190.  
191.  
192.         </tbody>
193.       </table>
194.       <hr>
195.       <table width="100%" class="pull-right">
196.  
197. <?php
198.   if (MODULE_ORDER_TOTAL_INSTALLED) {
199.     echo $order_total_modules->output();
200.   }
201. ?>
202.  
203.         </table>
204.             </div>
205.     </div>
206.  
207.  
208.  
209.   </div>
210.  
211.   <div class="clearfix"></div>
212.  
213.   <div class="row">
214.     <?php
215.     if ($sendto != false) {
216.       ?>
217.       <div class="col-sm-4">
218.         <div class="panel panel-info">
219.           <div class="panel-heading"><?php echo '<strong>' . HEADING_DELIVERY_ADDRESS . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('checkout_shipping_address.php', '', 'SSL'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></div>
220.           <div class="panel-body">
221.             <?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, ' ', '<br />'); ?>
222.           </div>
223.         </div>
224.       </div>
225.       <?php
226.     }
227.     ?>
228.     <div class="col-sm-4">
229.       <div class="panel panel-warning">
230.         <div class="panel-heading"><?php echo '<strong>' . HEADING_BILLING_ADDRESS . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('checkout_payment_address.php', '', 'SSL'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></div>
231.         <div class="panel-body">
232.           <?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, ' ', '<br />'); ?>
233.         </div>
234.       </div>
235.     </div>
236.     <div class="col-sm-4">
237.       <?php
238.       if ($order->info['shipping_method']) {
239.         ?>
240.         <div class="panel panel-info">
241.           <div class="panel-heading"><?php echo '<strong>' . HEADING_SHIPPING_METHOD . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('checkout_shipping.php', '', 'SSL'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></div>
242.           <div class="panel-body">
243.             <?php echo $order->info['shipping_method']; ?>
244.           </div>
245.         </div>
246.         <?php
247.       }
248.       ?>
249.       <div class="panel panel-warning">
250.         <div class="panel-heading"><?php echo '<strong>' . HEADING_PAYMENT_METHOD . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('checkout_payment.php', '', 'SSL'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></div>
251.         <div class="panel-body">
252.           <?php echo $order->info['payment_method']; ?>
253.         </div>
254.       </div>
255.     </div>
256.  
257.  
258.   </div>
259.  
260.  
261. <?php
262.   if (is_array($payment_modules->modules)) {
263.     if ($confirmation = $payment_modules->confirmation()) {
264. ?>
265.   <hr>
266.  
267.   <h2><?php echo HEADING_PAYMENT_INFORMATION; ?></h2>
268.  
269.   <div class="contentText row">
270. <?php
271.     if (tep_not_null($confirmation['title'])) {
272.       echo '<div class="col-sm-6">';
273.       echo '  <div class="alert alert-danger">';
274.       echo $confirmation['title'];
275.       echo '  </div>';
276.       echo '</div>';
277.     }
278. ?>
279. <?php
280.       if (isset($confirmation['fields'])) {
281.         echo '<div class="col-sm-6">';
282.         echo '  <div class="alert alert-info">';
283.         $fields = '';
284.         for ($i=0, $n=sizeof($confirmation['fields']); $i<$n; $i++) {
285.           $fields .= $confirmation['fields'][$i]['title'] . ' ' . $confirmation['fields'][$i]['field'] . '<br>';
286.         }
287.         if (strlen($fields) > 4) echo substr($fields,0,-4);
288.         echo '  </div>';
289.         echo '</div>';
290.       }
291. ?>
292.   </div>
293.   <div class="clearfix"></div>
294.  
295. <?php
296.     }
297.   }
298.  
299.   if (tep_not_null($order->info['comments'])) {
300. ?>
301.   <hr>
302.  
303.   <h2><?php echo '<strong>' . HEADING_ORDER_COMMENTS . '</strong>' . tep_draw_button(TEXT_EDIT, 'fa fa-edit', tep_href_link('checkout_payment.php', '', 'SSL'), NULL, NULL, 'pull-right btn-info btn-xs' ); ?></h2>
304.  
305.   <blockquote>
306.     <?php echo nl2br(tep_output_string_protected($order->info['comments'])) . tep_draw_hidden_field('comments', $order->info['comments']); ?>
307.   </blockquote>
308.  
309. <?php
310.   }
311. ?>
312.  
313.   <div class="buttonSet">
314.     <div class="text-right">
315.       <?php
316.       if (is_array($payment_modules->modules)) {
317.         echo $payment_modules->process_button();
318.       }
319.       echo tep_draw_button(IMAGE_BUTTON_CONFIRM_ORDER, 'fa fa-ok', null, 'primary', null, 'btn-success');
320.       ?>
321.     </div>
322.   </div>
323.  
324.   <div class="clearfix"></div>
325.  
326.   <div class="contentText">
327.     <div class="stepwizard">
328.       <div class="stepwizard-row">
329.         <div class="stepwizard-step">
330.           <a href="<?php echo tep_href_link('checkout_shipping.php', '', 'SSL'); ?>"><button type="button" class="btn btn-default btn-circle">1</button></a>
331.           <p><a href="<?php echo tep_href_link('checkout_shipping.php', '', 'SSL'); ?>"><?php echo CHECKOUT_BAR_DELIVERY; ?></a></p>
332.         </div>
333.         <div class="stepwizard-step">
334.           <a href="<?php echo tep_href_link('checkout_payment.php', '', 'SSL'); ?>"><button type="button" class="btn btn-default btn-circle">2</button></a>
335.           <p><a href="<?php echo tep_href_link('checkout_payment.php', '', 'SSL'); ?>"><?php echo CHECKOUT_BAR_PAYMENT; ?></a></p>
336.         </div>
337.         <div class="stepwizard-step">
338.           <button type="button" class="btn btn-primary btn-circle">3</button>
339.           <p><?php echo CHECKOUT_BAR_CONFIRMATION; ?></p>
340.         </div>
341.       </div>
342.     </div>
343.   </div>
344.  
345. </div>
346.  
347. </form>
348.  
349. <?php
350.   require('includes/template_bottom.php');
351.   require('includes/application_bottom.php');
352. ?>