SHARE
TWEET

Untitled

Boelle Aug 30th, 2015 73 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3.   $Id$
  4.  
  5.   osCommerce, Open Source E-Commerce Solutions
  6.   http://www.oscommerce.com
  7.  
  8.   Copyright (c) 2012 osCommerce
  9.  
  10.   Released under the GNU General Public License
  11. */
  12.  
  13.   include('includes/application_top.php');
  14.  
  15. // if the customer is not logged on, redirect them to the login page
  16.   if (!tep_session_is_registered('customer_id')) {
  17.     $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
  18.     tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  19.   }
  20.  
  21. // if there is nothing in the customers cart, redirect them to the shopping cart page
  22.   if ($cart->count_contents() < 1) {
  23.     tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  24.   }
  25.  
  26. // if no shipping method has been selected, redirect the customer to the shipping method selection page
  27.   if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {
  28.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  29.   }
  30.  
  31.   if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
  32.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
  33.  }
  34.  
  35. // avoid hack attempts during the checkout procedure by checking the internal cartID
  36.   if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
  37.     if ($cart->cartID != $cartID) {
  38.       tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  39.     }
  40.   }
  41.  
  42.   include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);
  43.  
  44. // load selected payment module
  45.   require(DIR_WS_CLASSES . 'payment.php');
  46.   $payment_modules = new payment($payment);
  47.  
  48. // load the selected shipping module
  49.   require(DIR_WS_CLASSES . 'shipping.php');
  50.   $shipping_modules = new shipping($shipping);
  51.  
  52.   require(DIR_WS_CLASSES . 'order.php');
  53.   $order = new order;
  54.  
  55. // Stock Check
  56.   $any_out_of_stock = false;
  57.   if (STOCK_CHECK == 'true') {
  58.     for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  59.       if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
  60.         $any_out_of_stock = true;
  61.       }
  62.     }
  63.     // Out of Stock
  64.     if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
  65.       tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  66.     }
  67.   }
  68.  
  69.   $payment_modules->update_status();
  70.  
  71. /*########  Points/Rewards Module V3.0 BOF #################*/
  72.   if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) && (!$customer_shopping_points_spending) || (is_object($$payment) && ($$payment->enabled == false)) ) {
  73. /*########  Points/Rewards Module V3.0 EOF #################*/
  74.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
  75.   }
  76.  
  77.   require(DIR_WS_CLASSES . 'order_total.php');
  78.   $order_total_modules = new order_total;
  79.  
  80.   $order_totals = $order_total_modules->process();
  81.  
  82. // load the before_process function from the payment modules
  83.   $payment_modules->before_process();
  84.  
  85.   $sql_data_array = array('customers_id' => $customer_id,
  86.                           'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],
  87.                           'customers_company' => $order->customer['company'],
  88.                           'customers_street_address' => $order->customer['street_address'],
  89.                           'customers_suburb' => $order->customer['suburb'],
  90.                           'customers_city' => $order->customer['city'],
  91.                           'customers_postcode' => $order->customer['postcode'],
  92.                           'customers_state' => $order->customer['state'],
  93.                           'customers_country' => $order->customer['country']['title'],
  94.                           'customers_telephone' => $order->customer['telephone'],
  95.                           'customers_email_address' => $order->customer['email_address'],
  96.                           'customers_address_format_id' => $order->customer['format_id'],
  97.                           'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),
  98.                           'delivery_company' => $order->delivery['company'],
  99.                           'delivery_street_address' => $order->delivery['street_address'],
  100.                           'delivery_suburb' => $order->delivery['suburb'],
  101.                           'delivery_city' => $order->delivery['city'],
  102.                           'delivery_postcode' => $order->delivery['postcode'],
  103.                           'delivery_state' => $order->delivery['state'],
  104.                           'delivery_country' => $order->delivery['country']['title'],
  105.                           'delivery_address_format_id' => $order->delivery['format_id'],
  106.                           'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],
  107.                           'billing_company' => $order->billing['company'],
  108.                           'billing_street_address' => $order->billing['street_address'],
  109.                           'billing_suburb' => $order->billing['suburb'],
  110.                           'billing_city' => $order->billing['city'],
  111.                           'billing_postcode' => $order->billing['postcode'],
  112.                           'billing_state' => $order->billing['state'],
  113.                           'billing_country' => $order->billing['country']['title'],
  114.                           'billing_address_format_id' => $order->billing['format_id'],
  115.                           'payment_method' => $order->info['payment_method'],
  116.                           'cc_type' => $order->info['cc_type'],
  117.                           'cc_owner' => $order->info['cc_owner'],
  118.                           'cc_number' => $order->info['cc_number'],
  119.                           'cc_expires' => $order->info['cc_expires'],
  120.                           'date_purchased' => 'now()',
  121.                           'orders_status' => $order->info['order_status'],
  122.                           'currency' => $order->info['currency'],
  123.                           'currency_value' => $order->info['currency_value']);
  124.  
  125. $date_purchased2 = date("d-m-Y H:i:s");
  126.  
  127.  
  128. // QuickPay changed start
  129. // quickpay_advanced
  130. $order_write = true; // by default write order
  131. $order_totals_write = true; // by default write order totals
  132. $order_products_write = true; // by default write product information
  133.  
  134. if (strncmp($payment, 'quickpay', 8) == 0) {
  135.     if ($payment == 'quickpay_advanced') {
  136.         // the complete order is already written
  137.         // and approved through callback
  138.         // we checked this with before_process();
  139.         $insert_id = $order_id;
  140.         $order_write = false;
  141.         $order_totals_write = false;
  142.         $order_products_write = false;
  143.     } else {
  144.         // the standard module did write only an empty order
  145.         // for getting the order id before payment
  146.         tep_db_perform(TABLE_ORDERS, $sql_data_array, 'update', 'orders_id = ' . $order_id);
  147.         $insert_id = $order_id;
  148.         $order_write = false;
  149.         $order_totals_write = true;
  150.         $order_products_write = true;
  151.     }
  152.     // Update transaction_id from db
  153.     $transaction_query = tep_db_query("SELECT cc_transactionid FROM " . TABLE_ORDERS . " WHERE orders_id = '" . tep_db_input($order_id) . "'");
  154.     $transaction = tep_db_fetch_array($transaction_query);
  155.     $order->info['cc_transactionid'] = $transaction['cc_transactionid'];
  156. }
  157.  
  158. // firebug / firePHP debugging
  159. if (isset($firephp)) {
  160.     $firephp->log($payment, '$payment');
  161.     $firephp->log($order_id, 'order_id');
  162.     $firephp->log($insert_id, 'insert_id');
  163.     $firephp->log($sql_data_array, 'order obj');
  164. //exit();
  165. }
  166.  
  167.  
  168.  
  169. if ($order_write) {
  170.     // else do as usual
  171.   tep_db_perform(TABLE_ORDERS, $sql_data_array);
  172.   $insert_id = tep_db_insert_id();
  173. }
  174.  
  175. // QuickPay changed end
  176. // QuickPay changed start
  177. if ($order_totals_write) {
  178.     // write order totals unless they already are written (quickpay_advanced)
  179.     // the order() constructor does not fill all information
  180.     // when the order is recreated from an order id
  181.     // so these fields are only filled when the order is taken from the cart
  182.   for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  183.     $sql_data_array = array('orders_id' => $insert_id,
  184.                             'title' => $order_totals[$i]['title'],
  185.                             'text' => $order_totals[$i]['text'],
  186.                             'value' => $order_totals[$i]['value'],
  187.                             'class' => $order_totals[$i]['code'],
  188.                             'sort_order' => $order_totals[$i]['sort_order']);
  189.     tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
  190.   }
  191.  
  192. #### Points/Rewards Module V3.0 balance customer points BOF ####
  193.   if ((USE_POINTS_SYSTEM == 'true') && (USE_REDEEM_SYSTEM == 'true')) {
  194. // customer pending points added
  195.       if ($order->info['total'] > 0) {
  196.               $points_toadd = get_points_toadd($order);
  197.               $points_comment = 'TEXT_DEFAULT_COMMENT';
  198.               $points_type = 'SP';
  199.               if ((get_redemption_awards($customer_shopping_points_spending) == true) && ($points_toadd >0)) {
  200.                       tep_add_pending_points($customer_id, $insert_id, $points_toadd, $points_comment, $points_type);
  201.               }
  202.       }
  203. // customer referral points added
  204.       if ((tep_session_is_registered('customer_referral')) && (tep_not_null(USE_REFERRAL_SYSTEM))) {
  205.               $referral_twice_query = tep_db_query("select unique_id from " . TABLE_CUSTOMERS_POINTS_PENDING . " where orders_id = '". (int)$insert_id ."' and points_type = 'RF' limit 1");
  206.               if (!tep_db_num_rows($referral_twice_query)) {
  207.                       $points_toadd = USE_REFERRAL_SYSTEM;
  208.                       $points_comment = 'TEXT_DEFAULT_REFERRAL';
  209.                       $points_type = 'RF';
  210.                       tep_add_pending_points($customer_referral, $insert_id, $points_toadd, $points_comment, $points_type);
  211.               }
  212.       }
  213. // customer shoppping points account balanced
  214.       if ($customer_shopping_points_spending) {
  215.               tep_redeemed_points($customer_id, $insert_id, $customer_shopping_points_spending);
  216.       }
  217.   }
  218. // QuickPay changed end
  219. #### Points/Rewards Module V3.0 balance customer points EOF ####*/
  220.  
  221.  
  222.  
  223.   $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';
  224.   $sql_data_array = array('orders_id' => $insert_id,
  225.                           'orders_status_id' => $order->info['order_status'],
  226.                           'date_added' => 'now()',
  227.                           'customer_notified' => $customer_notification,
  228.                           'comments' => $order->info['comments']);
  229.   tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  230.  
  231. // initialized for the email confirmation
  232.   $products_ordered = '';
  233.  
  234.   for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  235. // Stock Update - Joao Correia
  236.     if (STOCK_LIMITED == 'true') {
  237.       if (DOWNLOAD_ENABLED == 'true') {
  238.         $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  239.                             FROM " . TABLE_PRODUCTS . " p
  240.                             LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  241.                              ON p.products_id=pa.products_id
  242.                             LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  243.                              ON pa.products_attributes_id=pad.products_attributes_id
  244.                             WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
  245. // Will work with only one option for downloadable products
  246. // otherwise, we have to build the query dynamically with a loop
  247.         $products_attributes = (isset($order->products[$i]['attributes'])) ? $order->products[$i]['attributes'] : '';
  248.         if (is_array($products_attributes)) {
  249.           $stock_query_raw .= " AND pa.options_id = '" . (int)$products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . (int)$products_attributes[0]['value_id'] . "'";
  250.         }
  251.         $stock_query = tep_db_query($stock_query_raw);
  252.       } else {
  253.         $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  254.       }
  255.       if (tep_db_num_rows($stock_query) > 0) {
  256.         $stock_values = tep_db_fetch_array($stock_query);
  257. // do not decrement quantities if products_attributes_filename exists
  258.         if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
  259.           $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
  260.         } else {
  261.           $stock_left = $stock_values['products_quantity'];
  262.         }
  263.         tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int)$stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  264.         if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
  265.           tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  266.         }
  267.       }
  268.     }
  269.  
  270. // Update products_ordered (for bestsellers list)
  271.     tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  272.  
  273. // QuickPay changed start
  274.     if ($order_products_write == true) {
  275. // QuickPay changed end
  276.     $sql_data_array = array('orders_id' => $insert_id,
  277.                             'products_id' => tep_get_prid($order->products[$i]['id']),
  278.                             'products_model' => $order->products[$i]['model'],
  279.                             'products_name' => $order->products[$i]['name'],
  280.                             'products_price' => $order->products[$i]['price'],
  281.                             'final_price' => $order->products[$i]['final_price'],
  282.                             'products_tax' => $order->products[$i]['tax'],
  283.                             'products_quantity' => $order->products[$i]['qty']);
  284.     tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
  285.     $order_products_id = tep_db_insert_id();
  286. // QuickPay changed start
  287.     }
  288. // QuickPay changed end
  289.  
  290.  
  291. //------insert customer choosen option to order--------
  292.     $attributes_exist = '0';
  293.     $products_ordered_attributes = '';
  294.     if (isset($order->products[$i]['attributes'])) {
  295.       $attributes_exist = '1';
  296.       for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
  297.         if (DOWNLOAD_ENABLED == 'true') {
  298.           $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  299.                                from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  300.                                left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  301.                                 on pa.products_attributes_id=pad.products_attributes_id
  302.                                where pa.products_id = '" . (int)$order->products[$i]['id'] . "'
  303.                                 and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "'
  304.                                 and pa.options_id = popt.products_options_id
  305.                                 and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "'
  306.                                 and pa.options_values_id = poval.products_options_values_id
  307.                                 and popt.language_id = '" . (int)$languages_id . "'
  308.                                 and poval.language_id = '" . (int)$languages_id . "'";
  309.           $attributes = tep_db_query($attributes_query);
  310.         } else {
  311.           $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . (int)$order->products[$i]['id'] . "' and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . (int)$languages_id . "' and poval.language_id = '" . (int)$languages_id . "'");
  312.         }
  313.         $attributes_values = tep_db_fetch_array($attributes);
  314.  
  315. // QuickPay changed start
  316.             if ($order_products_write == true) {
  317. // QuickPay changed end
  318.  
  319.         $sql_data_array = array('orders_id' => $insert_id,
  320.                                 'orders_products_id' => $order_products_id,
  321.                                 'products_options' => $attributes_values['products_options_name'],
  322.                                 'products_options_values' => $attributes_values['products_options_values_name'],
  323.                                 'options_values_price' => $attributes_values['options_values_price'],
  324.                                 'price_prefix' => $attributes_values['price_prefix']);
  325.         tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
  326.  
  327.         if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
  328.           $sql_data_array = array('orders_id' => $insert_id,
  329.                                   'orders_products_id' => $order_products_id,
  330.                                   'orders_products_filename' => $attributes_values['products_attributes_filename'],
  331.                                   'download_maxdays' => $attributes_values['products_attributes_maxdays'],
  332.                                   'download_count' => $attributes_values['products_attributes_maxcount']);
  333.           tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
  334.         }
  335.  
  336. // QuickPay changed start
  337.             }
  338. // QuickPay changed end
  339.  
  340.         $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
  341.       }
  342.     }
  343. //------insert customer choosen option eof ----
  344.     $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
  345.   }
  346.  
  347. // lets start with the email confirmation
  348.   $email_order = STORE_NAME . "\n" .
  349.                  EMAIL_SEPARATOR . "\n" .
  350.                  EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .
  351.                  EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .
  352.                  EMAIL_TEXT_DATE_ORDERED . ' ' . $date_purchased2 . "\n\n";
  353.  
  354.   $email_order .= EMAIL_TEXT_PRODUCTS . "\n" .
  355.                   EMAIL_SEPARATOR . "\n" .
  356.                   $products_ordered .
  357.                   EMAIL_SEPARATOR . "\n";
  358.  
  359.   for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  360.     $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
  361.   }
  362.  
  363.   if ($order->content_type != 'virtual') {
  364.     $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .
  365.                     EMAIL_SEPARATOR . "\n" .
  366.                     tep_address_label($customer_id, $sendto, 0, '', "\n") .
  367. "\n". "Tlf: " . $order->customer['telephone']. "\n";
  368.  
  369.  
  370. "\n";
  371.   }
  372.  
  373.  
  374.  
  375. if ($order->info['comments']) {
  376.     $email_order .= "\nKommentar:" . "\n" . EMAIL_SEPARATOR . "\n" . tep_db_output($order->info['comments']) . "\n\n";
  377.   }  
  378.  
  379.  
  380. if (is_object($$payment)) {
  381.     $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
  382.                     EMAIL_SEPARATOR . "\n";
  383.     $payment_class = $$payment;
  384.     $email_order .= $order->info['payment_method'] . "\n\n";
  385.     if (isset($payment_class->email_footer)) {
  386. // QuickPay changed start
  387.         if (strncmp($payment, 'quickpay', 8) == 0 && $order->info['cc_transactionid']) {
  388.             $email_order .= sprintf($payment_class->email_footer, $order->info['cc_transactionid']) . "\n\n";
  389.         } else {
  390.       $email_order .= $payment_class->email_footer . "\n\n";
  391.     }
  392. // QuickPay changed end
  393.     }
  394.   }
  395.   tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  396.  
  397. // send emails to other people
  398.   if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
  399.     tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  400.   }
  401.  
  402. // load the after_process function from the payment modules
  403.   $payment_modules->after_process();
  404.  
  405.   $cart->reset(true);
  406.  
  407. // unregister session variables used during checkout
  408.   tep_session_unregister('sendto');
  409.   tep_session_unregister('billto');
  410.   tep_session_unregister('shipping');
  411.   tep_session_unregister('payment');
  412.   tep_session_unregister('comments');
  413.  
  414. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  415.   if (tep_session_is_registered('customer_shopping_points')) tep_session_unregister('customer_shopping_points');
  416.   if (tep_session_is_registered('customer_shopping_points_spending')) tep_session_unregister('customer_shopping_points_spending');
  417.   if (tep_session_is_registered('customer_referral')) tep_session_unregister('customer_referral');
  418. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  419.  
  420.   tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
  421.  
  422.   require(DIR_WS_INCLUDES . 'application_bottom.php');
  423. ?><?php
  424. /*
  425.   $Id$
  426.  
  427.   osCommerce, Open Source E-Commerce Solutions
  428.   http://www.oscommerce.com
  429.  
  430.   Copyright (c) 2012 osCommerce
  431.  
  432.   Released under the GNU General Public License
  433. */
  434.  
  435.   include('includes/application_top.php');
  436.  
  437. // if the customer is not logged on, redirect them to the login page
  438.   if (!tep_session_is_registered('customer_id')) {
  439.     $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
  440.     tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
  441.   }
  442.  
  443. // if there is nothing in the customers cart, redirect them to the shopping cart page
  444.   if ($cart->count_contents() < 1) {
  445.     tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  446.   }
  447.  
  448. // if no shipping method has been selected, redirect the customer to the shipping method selection page
  449.   if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {
  450.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  451.   }
  452.  
  453.   if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
  454.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
  455.  }
  456.  
  457. // avoid hack attempts during the checkout procedure by checking the internal cartID
  458.   if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
  459.     if ($cart->cartID != $cartID) {
  460.       tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
  461.     }
  462.   }
  463.  
  464.   include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);
  465.  
  466. // load selected payment module
  467.   require(DIR_WS_CLASSES . 'payment.php');
  468.   $payment_modules = new payment($payment);
  469.  
  470. // load the selected shipping module
  471.   require(DIR_WS_CLASSES . 'shipping.php');
  472.   $shipping_modules = new shipping($shipping);
  473.  
  474.   require(DIR_WS_CLASSES . 'order.php');
  475.   $order = new order;
  476.  
  477. // Stock Check
  478.   $any_out_of_stock = false;
  479.   if (STOCK_CHECK == 'true') {
  480.     for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  481.       if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
  482.         $any_out_of_stock = true;
  483.       }
  484.     }
  485.     // Out of Stock
  486.     if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
  487.       tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
  488.     }
  489.   }
  490.  
  491.   $payment_modules->update_status();
  492.  
  493. /*########  Points/Rewards Module V3.0 BOF #################*/
  494.   if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) && (!$customer_shopping_points_spending) || (is_object($$payment) && ($$payment->enabled == false)) ) {
  495. /*########  Points/Rewards Module V3.0 EOF #################*/
  496.     tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
  497.   }
  498.  
  499.   require(DIR_WS_CLASSES . 'order_total.php');
  500.   $order_total_modules = new order_total;
  501.  
  502.   $order_totals = $order_total_modules->process();
  503.  
  504. // load the before_process function from the payment modules
  505.   $payment_modules->before_process();
  506.  
  507.   $sql_data_array = array('customers_id' => $customer_id,
  508.                           'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],
  509.                           'customers_company' => $order->customer['company'],
  510.                           'customers_street_address' => $order->customer['street_address'],
  511.                           'customers_suburb' => $order->customer['suburb'],
  512.                           'customers_city' => $order->customer['city'],
  513.                           'customers_postcode' => $order->customer['postcode'],
  514.                           'customers_state' => $order->customer['state'],
  515.                           'customers_country' => $order->customer['country']['title'],
  516.                           'customers_telephone' => $order->customer['telephone'],
  517.                           'customers_email_address' => $order->customer['email_address'],
  518.                           'customers_address_format_id' => $order->customer['format_id'],
  519.                           'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),
  520.                           'delivery_company' => $order->delivery['company'],
  521.                           'delivery_street_address' => $order->delivery['street_address'],
  522.                           'delivery_suburb' => $order->delivery['suburb'],
  523.                           'delivery_city' => $order->delivery['city'],
  524.                           'delivery_postcode' => $order->delivery['postcode'],
  525.                           'delivery_state' => $order->delivery['state'],
  526.                           'delivery_country' => $order->delivery['country']['title'],
  527.                           'delivery_address_format_id' => $order->delivery['format_id'],
  528.                           'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],
  529.                           'billing_company' => $order->billing['company'],
  530.                           'billing_street_address' => $order->billing['street_address'],
  531.                           'billing_suburb' => $order->billing['suburb'],
  532.                           'billing_city' => $order->billing['city'],
  533.                           'billing_postcode' => $order->billing['postcode'],
  534.                           'billing_state' => $order->billing['state'],
  535.                           'billing_country' => $order->billing['country']['title'],
  536.                           'billing_address_format_id' => $order->billing['format_id'],
  537.                           'payment_method' => $order->info['payment_method'],
  538.                           'cc_type' => $order->info['cc_type'],
  539.                           'cc_owner' => $order->info['cc_owner'],
  540.                           'cc_number' => $order->info['cc_number'],
  541.                           'cc_expires' => $order->info['cc_expires'],
  542.                           'date_purchased' => 'now()',
  543.                           'orders_status' => $order->info['order_status'],
  544.                           'currency' => $order->info['currency'],
  545.                           'currency_value' => $order->info['currency_value']);
  546.  
  547. $date_purchased2 = date("d-m-Y H:i:s");
  548.  
  549.  
  550. // QuickPay changed start
  551. // quickpay_advanced
  552. $order_write = true; // by default write order
  553. $order_totals_write = true; // by default write order totals
  554. $order_products_write = true; // by default write product information
  555.  
  556. if (strncmp($payment, 'quickpay', 8) == 0) {
  557.     if ($payment == 'quickpay_advanced') {
  558.         // the complete order is already written
  559.         // and approved through callback
  560.         // we checked this with before_process();
  561.         $insert_id = $order_id;
  562.         $order_write = false;
  563.         $order_totals_write = false;
  564.         $order_products_write = false;
  565.     } else {
  566.         // the standard module did write only an empty order
  567.         // for getting the order id before payment
  568.         tep_db_perform(TABLE_ORDERS, $sql_data_array, 'update', 'orders_id = ' . $order_id);
  569.         $insert_id = $order_id;
  570.         $order_write = false;
  571.         $order_totals_write = true;
  572.         $order_products_write = true;
  573.     }
  574.     // Update transaction_id from db
  575.     $transaction_query = tep_db_query("SELECT cc_transactionid FROM " . TABLE_ORDERS . " WHERE orders_id = '" . tep_db_input($order_id) . "'");
  576.     $transaction = tep_db_fetch_array($transaction_query);
  577.     $order->info['cc_transactionid'] = $transaction['cc_transactionid'];
  578. }
  579.  
  580. // firebug / firePHP debugging
  581. if (isset($firephp)) {
  582.     $firephp->log($payment, '$payment');
  583.     $firephp->log($order_id, 'order_id');
  584.     $firephp->log($insert_id, 'insert_id');
  585.     $firephp->log($sql_data_array, 'order obj');
  586. //exit();
  587. }
  588.  
  589.  
  590.  
  591. if ($order_write) {
  592.     // else do as usual
  593.   tep_db_perform(TABLE_ORDERS, $sql_data_array);
  594.   $insert_id = tep_db_insert_id();
  595. }
  596.  
  597. // QuickPay changed end
  598. // QuickPay changed start
  599. if ($order_totals_write) {
  600.     // write order totals unless they already are written (quickpay_advanced)
  601.     // the order() constructor does not fill all information
  602.     // when the order is recreated from an order id
  603.     // so these fields are only filled when the order is taken from the cart
  604.   for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  605.     $sql_data_array = array('orders_id' => $insert_id,
  606.                             'title' => $order_totals[$i]['title'],
  607.                             'text' => $order_totals[$i]['text'],
  608.                             'value' => $order_totals[$i]['value'],
  609.                             'class' => $order_totals[$i]['code'],
  610.                             'sort_order' => $order_totals[$i]['sort_order']);
  611.     tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
  612.   }
  613.  
  614. #### Points/Rewards Module V3.0 balance customer points BOF ####
  615.   if ((USE_POINTS_SYSTEM == 'true') && (USE_REDEEM_SYSTEM == 'true')) {
  616. // customer pending points added
  617.       if ($order->info['total'] > 0) {
  618.               $points_toadd = get_points_toadd($order);
  619.               $points_comment = 'TEXT_DEFAULT_COMMENT';
  620.               $points_type = 'SP';
  621.               if ((get_redemption_awards($customer_shopping_points_spending) == true) && ($points_toadd >0)) {
  622.                       tep_add_pending_points($customer_id, $insert_id, $points_toadd, $points_comment, $points_type);
  623.               }
  624.       }
  625. // customer referral points added
  626.       if ((tep_session_is_registered('customer_referral')) && (tep_not_null(USE_REFERRAL_SYSTEM))) {
  627.               $referral_twice_query = tep_db_query("select unique_id from " . TABLE_CUSTOMERS_POINTS_PENDING . " where orders_id = '". (int)$insert_id ."' and points_type = 'RF' limit 1");
  628.               if (!tep_db_num_rows($referral_twice_query)) {
  629.                       $points_toadd = USE_REFERRAL_SYSTEM;
  630.                       $points_comment = 'TEXT_DEFAULT_REFERRAL';
  631.                       $points_type = 'RF';
  632.                       tep_add_pending_points($customer_referral, $insert_id, $points_toadd, $points_comment, $points_type);
  633.               }
  634.       }
  635. // customer shoppping points account balanced
  636.       if ($customer_shopping_points_spending) {
  637.               tep_redeemed_points($customer_id, $insert_id, $customer_shopping_points_spending);
  638.       }
  639.   }
  640. // QuickPay changed end
  641. #### Points/Rewards Module V3.0 balance customer points EOF ####*/
  642.  
  643.  
  644.  
  645.   $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';
  646.   $sql_data_array = array('orders_id' => $insert_id,
  647.                           'orders_status_id' => $order->info['order_status'],
  648.                           'date_added' => 'now()',
  649.                           'customer_notified' => $customer_notification,
  650.                           'comments' => $order->info['comments']);
  651.   tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  652.  
  653. // initialized for the email confirmation
  654.   $products_ordered = '';
  655.  
  656.   for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  657. // Stock Update - Joao Correia
  658.     if (STOCK_LIMITED == 'true') {
  659.       if (DOWNLOAD_ENABLED == 'true') {
  660.         $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  661.                             FROM " . TABLE_PRODUCTS . " p
  662.                             LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  663.                              ON p.products_id=pa.products_id
  664.                             LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  665.                              ON pa.products_attributes_id=pad.products_attributes_id
  666.                             WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
  667. // Will work with only one option for downloadable products
  668. // otherwise, we have to build the query dynamically with a loop
  669.         $products_attributes = (isset($order->products[$i]['attributes'])) ? $order->products[$i]['attributes'] : '';
  670.         if (is_array($products_attributes)) {
  671.           $stock_query_raw .= " AND pa.options_id = '" . (int)$products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . (int)$products_attributes[0]['value_id'] . "'";
  672.         }
  673.         $stock_query = tep_db_query($stock_query_raw);
  674.       } else {
  675.         $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  676.       }
  677.       if (tep_db_num_rows($stock_query) > 0) {
  678.         $stock_values = tep_db_fetch_array($stock_query);
  679. // do not decrement quantities if products_attributes_filename exists
  680.         if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
  681.           $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
  682.         } else {
  683.           $stock_left = $stock_values['products_quantity'];
  684.         }
  685.         tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int)$stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  686.         if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
  687.           tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  688.         }
  689.       }
  690.     }
  691.  
  692. // Update products_ordered (for bestsellers list)
  693.     tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
  694.  
  695. // QuickPay changed start
  696.     if ($order_products_write == true) {
  697. // QuickPay changed end
  698.     $sql_data_array = array('orders_id' => $insert_id,
  699.                             'products_id' => tep_get_prid($order->products[$i]['id']),
  700.                             'products_model' => $order->products[$i]['model'],
  701.                             'products_name' => $order->products[$i]['name'],
  702.                             'products_price' => $order->products[$i]['price'],
  703.                             'final_price' => $order->products[$i]['final_price'],
  704.                             'products_tax' => $order->products[$i]['tax'],
  705.                             'products_quantity' => $order->products[$i]['qty']);
  706.     tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
  707.     $order_products_id = tep_db_insert_id();
  708. // QuickPay changed start
  709.     }
  710. // QuickPay changed end
  711.  
  712.  
  713. //------insert customer choosen option to order--------
  714.     $attributes_exist = '0';
  715.     $products_ordered_attributes = '';
  716.     if (isset($order->products[$i]['attributes'])) {
  717.       $attributes_exist = '1';
  718.       for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
  719.         if (DOWNLOAD_ENABLED == 'true') {
  720.           $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  721.                                from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
  722.                                left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  723.                                 on pa.products_attributes_id=pad.products_attributes_id
  724.                                where pa.products_id = '" . (int)$order->products[$i]['id'] . "'
  725.                                 and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "'
  726.                                 and pa.options_id = popt.products_options_id
  727.                                 and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "'
  728.                                 and pa.options_values_id = poval.products_options_values_id
  729.                                 and popt.language_id = '" . (int)$languages_id . "'
  730.                                 and poval.language_id = '" . (int)$languages_id . "'";
  731.           $attributes = tep_db_query($attributes_query);
  732.         } else {
  733.           $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . (int)$order->products[$i]['id'] . "' and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . (int)$languages_id . "' and poval.language_id = '" . (int)$languages_id . "'");
  734.         }
  735.         $attributes_values = tep_db_fetch_array($attributes);
  736.  
  737. // QuickPay changed start
  738.             if ($order_products_write == true) {
  739. // QuickPay changed end
  740.  
  741.         $sql_data_array = array('orders_id' => $insert_id,
  742.                                 'orders_products_id' => $order_products_id,
  743.                                 'products_options' => $attributes_values['products_options_name'],
  744.                                 'products_options_values' => $attributes_values['products_options_values_name'],
  745.                                 'options_values_price' => $attributes_values['options_values_price'],
  746.                                 'price_prefix' => $attributes_values['price_prefix']);
  747.         tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
  748.  
  749.         if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
  750.           $sql_data_array = array('orders_id' => $insert_id,
  751.                                   'orders_products_id' => $order_products_id,
  752.                                   'orders_products_filename' => $attributes_values['products_attributes_filename'],
  753.                                   'download_maxdays' => $attributes_values['products_attributes_maxdays'],
  754.                                   'download_count' => $attributes_values['products_attributes_maxcount']);
  755.           tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
  756.         }
  757.  
  758. // QuickPay changed start
  759.             }
  760. // QuickPay changed end
  761.  
  762.         $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
  763.       }
  764.     }
  765. //------insert customer choosen option eof ----
  766.     $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
  767.   }
  768.  
  769. // lets start with the email confirmation
  770.   $email_order = STORE_NAME . "\n" .
  771.                  EMAIL_SEPARATOR . "\n" .
  772.                  EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .
  773.                  EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .
  774.                  EMAIL_TEXT_DATE_ORDERED . ' ' . $date_purchased2 . "\n\n";
  775.  
  776.   $email_order .= EMAIL_TEXT_PRODUCTS . "\n" .
  777.                   EMAIL_SEPARATOR . "\n" .
  778.                   $products_ordered .
  779.                   EMAIL_SEPARATOR . "\n";
  780.  
  781.   for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
  782.     $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
  783.   }
  784.  
  785.   if ($order->content_type != 'virtual') {
  786.     $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .
  787.                     EMAIL_SEPARATOR . "\n" .
  788.                     tep_address_label($customer_id, $sendto, 0, '', "\n") .
  789. "\n". "Tlf: " . $order->customer['telephone']. "\n";
  790.  
  791.  
  792. "\n";
  793.   }
  794.  
  795.  
  796.  
  797. if ($order->info['comments']) {
  798.     $email_order .= "\nKommentar:" . "\n" . EMAIL_SEPARATOR . "\n" . tep_db_output($order->info['comments']) . "\n\n";
  799.   }  
  800.  
  801.  
  802. if (is_object($$payment)) {
  803.     $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
  804.                     EMAIL_SEPARATOR . "\n";
  805.     $payment_class = $$payment;
  806.     $email_order .= $order->info['payment_method'] . "\n\n";
  807.     if (isset($payment_class->email_footer)) {
  808. // QuickPay changed start
  809.         if (strncmp($payment, 'quickpay', 8) == 0 && $order->info['cc_transactionid']) {
  810.             $email_order .= sprintf($payment_class->email_footer, $order->info['cc_transactionid']) . "\n\n";
  811.         } else {
  812.       $email_order .= $payment_class->email_footer . "\n\n";
  813.     }
  814. // QuickPay changed end
  815.     }
  816.   }
  817.   tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  818.  
  819. // send emails to other people
  820.   if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
  821.     tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  822.   }
  823.  
  824. // load the after_process function from the payment modules
  825.   $payment_modules->after_process();
  826.  
  827.   $cart->reset(true);
  828.  
  829. // unregister session variables used during checkout
  830.   tep_session_unregister('sendto');
  831.   tep_session_unregister('billto');
  832.   tep_session_unregister('shipping');
  833.   tep_session_unregister('payment');
  834.   tep_session_unregister('comments');
  835.  
  836. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  837.   if (tep_session_is_registered('customer_shopping_points')) tep_session_unregister('customer_shopping_points');
  838.   if (tep_session_is_registered('customer_shopping_points_spending')) tep_session_unregister('customer_shopping_points_spending');
  839.   if (tep_session_is_registered('customer_referral')) tep_session_unregister('customer_referral');
  840. /*#### Points/Rewards Module V3.0 balance customer points EOF ####*/
  841.  
  842.   tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
  843.  
  844.   require(DIR_WS_INCLUDES . 'application_bottom.php');
  845. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top