<?phpclass ModelCheckoutOrder extends Model { public function addOrder($data

1. <?php
2. class ModelCheckoutOrder extends Model {
3.     public function addOrder($data) {
4.         $this->db->query("INSERT INTO `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_custom_field = '" . $this->db->escape(isset($data['payment_custom_field']) ? json_encode($data['payment_custom_field']) : '') . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_custom_field = '" . $this->db->escape(isset($data['shipping_custom_field']) ? json_encode($data['shipping_custom_field']) : '') . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', marketing_id = '" . (int)$data['marketing_id'] . "', tracking = '" . $this->db->escape($data['tracking']) . "', language_id = '" . (int)$data['language_id'] . "', currency_id = '" . (int)$data['currency_id'] . "', currency_code = '" . $this->db->escape($data['currency_code']) . "', currency_value = '" . (float)$data['currency_value'] . "', ip = '" . $this->db->escape($data['ip']) . "', forwarded_ip = '" .  $this->db->escape($data['forwarded_ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', accept_language = '" . $this->db->escape($data['accept_language']) . "', date_added = NOW(), date_modified = NOW()");
5.  
6.         $order_id = $this->db->getLastId();
7.  
8.         // Products
9.         if (isset($data['products'])) {
10.             foreach ($data['products'] as $product) {
11.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
12.  
13.                 $order_product_id = $this->db->getLastId();
14.  
15.                 foreach ($product['option'] as $option) {
16.                     $this->db->query("INSERT INTO " . DB_PREFIX . "order_option SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', product_option_id = '" . (int)$option['product_option_id'] . "', product_option_value_id = '" . (int)$option['product_option_value_id'] . "', name = '" . $this->db->escape($option['name']) . "', `value` = '" . $this->db->escape($option['value']) . "', `type` = '" . $this->db->escape($option['type']) . "'");
17.                 }
18.             }
19.         }
20.  
21.         // Gift Voucher
22.         $this->load->model('extension/total/voucher');
23.  
24.         // Vouchers
25.         if (isset($data['vouchers'])) {
26.             foreach ($data['vouchers'] as $voucher) {
27.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
28.  
29.                 $order_voucher_id = $this->db->getLastId();
30.  
31.                 $voucher_id = $this->model_extension_total_voucher->addVoucher($order_id, $voucher);
32.  
33.                 $this->db->query("UPDATE " . DB_PREFIX . "order_voucher SET voucher_id = '" . (int)$voucher_id . "' WHERE order_voucher_id = '" . (int)$order_voucher_id . "'");
34.             }
35.         }
36.  
37.         // Totals
38.         if (isset($data['totals'])) {
39.             foreach ($data['totals'] as $total) {
40.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
41.             }
42.         }
43.  
44.         return $order_id;
45.     }
46.  
47.     public function editOrder($order_id, $data) {
48.         // Void the order first
49.         $this->addOrderHistory($order_id, 0);
50.  
51.         $this->db->query("UPDATE `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(json_encode($data['custom_field'])) . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_custom_field = '" . $this->db->escape(json_encode($data['payment_custom_field'])) . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_custom_field = '" . $this->db->escape(json_encode($data['shipping_custom_field'])) . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
52.  
53.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
54.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "'");
55.  
56.         // Products
57.         if (isset($data['products'])) {
58.             foreach ($data['products'] as $product) {
59.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
60.  
61.                 $order_product_id = $this->db->getLastId();
62.  
63.                 foreach ($product['option'] as $option) {
64.                     $this->db->query("INSERT INTO " . DB_PREFIX . "order_option SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', product_option_id = '" . (int)$option['product_option_id'] . "', product_option_value_id = '" . (int)$option['product_option_value_id'] . "', name = '" . $this->db->escape($option['name']) . "', `value` = '" . $this->db->escape($option['value']) . "', `type` = '" . $this->db->escape($option['type']) . "'");
65.                 }
66.             }
67.         }
68.  
69.         // Gift Voucher
70.         $this->load->model('extension/total/voucher');
71.  
72.         $this->model_extension_total_voucher->disableVoucher($order_id);
73.  
74.         // Vouchers
75.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_voucher WHERE order_id = '" . (int)$order_id . "'");
76.  
77.         if (isset($data['vouchers'])) {
78.             foreach ($data['vouchers'] as $voucher) {
79.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
80.  
81.                 $order_voucher_id = $this->db->getLastId();
82.  
83.                 $voucher_id = $this->model_extension_total_voucher->addVoucher($order_id, $voucher);
84.  
85.                 $this->db->query("UPDATE " . DB_PREFIX . "order_voucher SET voucher_id = '" . (int)$voucher_id . "' WHERE order_voucher_id = '" . (int)$order_voucher_id . "'");
86.             }
87.         }
88.  
89.         // Totals
90.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order_id . "'");
91.  
92.         if (isset($data['totals'])) {
93.             foreach ($data['totals'] as $total) {
94.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
95.             }
96.         }
97.     }
98.  
99.     public function deleteOrder($order_id) {
100.         // Void the order first
101.         $this->addOrderHistory($order_id, 0);
102.  
103.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order` WHERE order_id = '" . (int)$order_id . "'");
104.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_product` WHERE order_id = '" . (int)$order_id . "'");
105.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_option` WHERE order_id = '" . (int)$order_id . "'");
106.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_voucher` WHERE order_id = '" . (int)$order_id . "'");
107.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "'");
108.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_history` WHERE order_id = '" . (int)$order_id . "'");
109.         $this->db->query("DELETE `or`, ort FROM `" . DB_PREFIX . "order_recurring` `or`, `" . DB_PREFIX . "order_recurring_transaction` `ort` WHERE order_id = '" . (int)$order_id . "' AND ort.order_recurring_id = `or`.order_recurring_id");
110.         $this->db->query("DELETE FROM `" . DB_PREFIX . "affiliate_transaction` WHERE order_id = '" . (int)$order_id . "'");
111.  
112.         // Gift Voucher
113.         $this->load->model('extension/total/voucher');
114.  
115.         $this->model_extension_total_voucher->disableVoucher($order_id);
116.     }
117.  
118.     public function getOrder($order_id) {
119.         $order_query = $this->db->query("SELECT *, (SELECT os.name FROM `" . DB_PREFIX . "order_status` os WHERE os.order_status_id = o.order_status_id AND os.language_id = o.language_id) AS order_status FROM `" . DB_PREFIX . "order` o WHERE o.order_id = '" . (int)$order_id . "'");
120.  
121.         if ($order_query->num_rows) {
122.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['payment_country_id'] . "'");
123.  
124.             if ($country_query->num_rows) {
125.                 $payment_iso_code_2 = $country_query->row['iso_code_2'];
126.                 $payment_iso_code_3 = $country_query->row['iso_code_3'];
127.             } else {
128.                 $payment_iso_code_2 = '';
129.                 $payment_iso_code_3 = '';
130.             }
131.  
132.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['payment_zone_id'] . "'");
133.  
134.             if ($zone_query->num_rows) {
135.                 $payment_zone_code = $zone_query->row['code'];
136.             } else {
137.                 $payment_zone_code = '';
138.             }
139.  
140.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['shipping_country_id'] . "'");
141.  
142.             if ($country_query->num_rows) {
143.                 $shipping_iso_code_2 = $country_query->row['iso_code_2'];
144.                 $shipping_iso_code_3 = $country_query->row['iso_code_3'];
145.             } else {
146.                 $shipping_iso_code_2 = '';
147.                 $shipping_iso_code_3 = '';
148.             }
149.  
150.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['shipping_zone_id'] . "'");
151.  
152.             if ($zone_query->num_rows) {
153.                 $shipping_zone_code = $zone_query->row['code'];
154.             } else {
155.                 $shipping_zone_code = '';
156.             }
157.  
158.             $this->load->model('localisation/language');
159.  
160.             $language_info = $this->model_localisation_language->getLanguage($order_query->row['language_id']);
161.  
162.             if ($language_info) {
163.                 $language_code = $language_info['code'];
164.             } else {
165.                 $language_code = $this->config->get('config_language');
166.             }
167.  
168.             return array(
169.                 'order_id'                => $order_query->row['order_id'],
170.                 'invoice_no'              => $order_query->row['invoice_no'],
171.                 'invoice_prefix'          => $order_query->row['invoice_prefix'],
172.                 'store_id'                => $order_query->row['store_id'],
173.                 'store_name'              => $order_query->row['store_name'],
174.                 'store_url'               => $order_query->row['store_url'],
175.                 'customer_id'             => $order_query->row['customer_id'],
176.                 'firstname'               => $order_query->row['firstname'],
177.                 'lastname'                => $order_query->row['lastname'],
178.                 'email'                   => $order_query->row['email'],
179.                 'telephone'               => $order_query->row['telephone'],
180.                 'fax'                     => $order_query->row['fax'],
181.                 'custom_field'            => json_decode($order_query->row['custom_field'], true),
182.                 'payment_firstname'       => $order_query->row['payment_firstname'],
183.                 'payment_lastname'        => $order_query->row['payment_lastname'],
184.                 'payment_company'         => $order_query->row['payment_company'],
185.                 'payment_address_1'       => $order_query->row['payment_address_1'],
186.                 'payment_address_2'       => $order_query->row['payment_address_2'],
187.                 'payment_postcode'        => $order_query->row['payment_postcode'],
188.                 'payment_city'            => $order_query->row['payment_city'],
189.                 'payment_zone_id'         => $order_query->row['payment_zone_id'],
190.                 'payment_zone'            => $order_query->row['payment_zone'],
191.                 'payment_zone_code'       => $payment_zone_code,
192.                 'payment_country_id'      => $order_query->row['payment_country_id'],
193.                 'payment_country'         => $order_query->row['payment_country'],
194.                 'payment_iso_code_2'      => $payment_iso_code_2,
195.                 'payment_iso_code_3'      => $payment_iso_code_3,
196.                 'payment_address_format'  => $order_query->row['payment_address_format'],
197.                 'payment_custom_field'    => json_decode($order_query->row['payment_custom_field'], true),
198.                 'payment_method'          => $order_query->row['payment_method'],
199.                 'payment_code'            => $order_query->row['payment_code'],
200.                 'shipping_firstname'      => $order_query->row['shipping_firstname'],
201.                 'shipping_lastname'       => $order_query->row['shipping_lastname'],
202.                 'shipping_company'        => $order_query->row['shipping_company'],
203.                 'shipping_address_1'      => $order_query->row['shipping_address_1'],
204.                 'shipping_address_2'      => $order_query->row['shipping_address_2'],
205.                 'shipping_postcode'       => $order_query->row['shipping_postcode'],
206.                 'shipping_city'           => $order_query->row['shipping_city'],
207.                 'shipping_zone_id'        => $order_query->row['shipping_zone_id'],
208.                 'shipping_zone'           => $order_query->row['shipping_zone'],
209.                 'shipping_zone_code'      => $shipping_zone_code,
210.                 'shipping_country_id'     => $order_query->row['shipping_country_id'],
211.                 'shipping_country'        => $order_query->row['shipping_country'],
212.                 'shipping_iso_code_2'     => $shipping_iso_code_2,
213.                 'shipping_iso_code_3'     => $shipping_iso_code_3,
214.                 'shipping_address_format' => $order_query->row['shipping_address_format'],
215.                 'shipping_custom_field'   => json_decode($order_query->row['shipping_custom_field'], true),
216.                 'shipping_method'         => $order_query->row['shipping_method'],
217.                 'shipping_code'           => $order_query->row['shipping_code'],
218.                 'comment'                 => $order_query->row['comment'],
219.                 'total'                   => $order_query->row['total'],
220.                 'order_status_id'         => $order_query->row['order_status_id'],
221.                 'order_status'            => $order_query->row['order_status'],
222.                 'affiliate_id'            => $order_query->row['affiliate_id'],
223.                 'commission'              => $order_query->row['commission'],
224.                 'language_id'             => $order_query->row['language_id'],
225.                 'language_code'           => $language_code,
226.                 'currency_id'             => $order_query->row['currency_id'],
227.                 'currency_code'           => $order_query->row['currency_code'],
228.                 'currency_value'          => $order_query->row['currency_value'],
229.                 'ip'                      => $order_query->row['ip'],
230.                 'forwarded_ip'            => $order_query->row['forwarded_ip'],
231.                 'user_agent'              => $order_query->row['user_agent'],
232.                 'accept_language'         => $order_query->row['accept_language'],
233.                 'date_added'              => $order_query->row['date_added'],
234.                 'date_modified'           => $order_query->row['date_modified']
235.             );
236.         } else {
237.             return false;
238.         }
239.     }
240.  
241.     public function addOrderHistory($order_id, $order_status_id, $comment = '', $notify = false, $override = false) {
242.         $order_info = $this->getOrder($order_id);
243.  
244.         if ($order_info) {
245.             // Fraud Detection
246.             $this->load->model('account/customer');
247.  
248.             $customer_info = $this->model_account_customer->getCustomer($order_info['customer_id']);
249.  
250.             if ($customer_info && $customer_info['safe']) {
251.                 $safe = true;
252.             } else {
253.                 $safe = false;
254.             }
255.  
256.             // Only do the fraud check if the customer is not on the safe list and the order status is changing into the complete or process order status
257.             if (!$safe && !$override && in_array($order_status_id, array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status')))) {
258.                 // Anti-Fraud
259.                 $this->load->model('extension/extension');
260.  
261.                 $extensions = $this->model_extension_extension->getExtensions('fraud');
262.  
263.                 foreach ($extensions as $extension) {
264.                     if ($this->config->get($extension['code'] . '_status')) {
265.                         $this->load->model('extension/fraud/' . $extension['code']);
266.  
267.                         $fraud_status_id = $this->{'model_extension_fraud_' . $extension['code']}->check($order_info);
268.  
269.                         if ($fraud_status_id) {
270.                             $order_status_id = $fraud_status_id;
271.                         }
272.                     }
273.                 }
274.             }
275.  
276.             // If current order status is not processing or complete but new status is processing or complete then commence completing the order
277.             if (!in_array($order_info['order_status_id'], array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status'))) && in_array($order_status_id, array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status')))) {
278.                 // Redeem coupon, vouchers and reward points
279.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
280.  
281.                 foreach ($order_total_query->rows as $order_total) {
282.                     $this->load->model('extension/total/' . $order_total['code']);
283.  
284.                     if (property_exists($this->{'model_extension_total_' . $order_total['code']}, 'confirm')) {
285.                         // Confirm coupon, vouchers and reward points
286.                         $fraud_status_id = $this->{'model_extension_total_' . $order_total['code']}->confirm($order_info, $order_total);
287.  
288.                         // If the balance on the coupon, vouchers and reward points is not enough to cover the transaction or has already been used then the fraud order status is returned.
289.                         if ($fraud_status_id) {
290.                             $order_status_id = $fraud_status_id;
291.                         }
292.                     }
293.                 }
294.  
295.                 // Add commission if sale is linked to affiliate referral.
296.                 if ($order_info['affiliate_id'] && $this->config->get('config_affiliate_auto')) {
297.                     $this->load->model('affiliate/affiliate');
298.  
299.                     $this->model_affiliate_affiliate->addTransaction($order_info['affiliate_id'], $order_info['commission'], $order_id);
300.                 }
301.  
302.                 // Stock subtraction
303.                 $order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
304.  
305.                 foreach ($order_product_query->rows as $order_product) {
306.                     $this->db->query("UPDATE " . DB_PREFIX . "product SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_id = '" . (int)$order_product['product_id'] . "' AND subtract = '1'");
307.  
308.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$order_product['order_product_id'] . "'");
309.  
310.                     foreach ($order_option_query->rows as $option) {
311.                         $this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
312.                     }
313.                 }
314.             }
315.  
316.             // Update the DB with the new statuses
317.             $this->db->query("UPDATE `" . DB_PREFIX . "order` SET order_status_id = '" . (int)$order_status_id . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
318.  
319.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '" . (int)$notify . "', comment = '" . $this->db->escape($comment) . "', date_added = NOW()");
320.  
321.             // If old order status is the processing or complete status but new status is not then commence restock, and remove coupon, voucher and reward history
322.             if (in_array($order_info['order_status_id'], array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status'))) && !in_array($order_status_id, array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status')))) {
323.                 // Restock
324.                 $product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
325.  
326.                 foreach($product_query->rows as $product) {
327.                     $this->db->query("UPDATE `" . DB_PREFIX . "product` SET quantity = (quantity + " . (int)$product['quantity'] . ") WHERE product_id = '" . (int)$product['product_id'] . "' AND subtract = '1'");
328.  
329.                     $option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$product['order_product_id'] . "'");
330.  
331.                     foreach ($option_query->rows as $option) {
332.                         $this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity + " . (int)$product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
333.                     }
334.                 }
335.  
336.                 // Remove coupon, vouchers and reward points history
337.                 $this->load->model('account/order');
338.  
339.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
340.  
341.                 foreach ($order_total_query->rows as $order_total) {
342.                     $this->load->model('extension/total/' . $order_total['code']);
343.  
344.                     if (property_exists($this->{'model_extension_total_' . $order_total['code']}, 'unconfirm')) {
345.                         $this->{'model_extension_total_' . $order_total['code']}->unconfirm($order_id);
346.                     }
347.                 }
348.  
349.                 // Remove commission if sale is linked to affiliate referral.
350.                 if ($order_info['affiliate_id']) {
351.                     $this->load->model('affiliate/affiliate');
352.  
353.                     $this->model_affiliate_affiliate->deleteTransaction($order_id);
354.                 }
355.             }
356.  
357.             $this->cache->delete('product');
358.  
359.             // If order status is 0 then becomes greater than 0 send main html email
360.             if (!$order_info['order_status_id'] && $order_status_id) {
361.                 // Check for any downloadable products
362.                 $download_status = false;
363.  
364.                 $order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
365.  
366.                 foreach ($order_product_query->rows as $order_product) {
367.                     // Check if there are any linked downloads
368.                     $product_download_query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "product_to_download` WHERE product_id = '" . (int)$order_product['product_id'] . "'");
369.  
370.                     if ($product_download_query->row['total']) {
371.                         $download_status = true;
372.                     }
373.                 }
374.  
375.                 // Load the language for any mails that might be required to be sent out
376.                 $language = new Language($order_info['language_code']);
377.                 $language->load($order_info['language_code']);
378.                 $language->load('mail/order');
379.  
380.                 $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
381.  
382.                 if ($order_status_query->num_rows) {
383.                     $order_status = $order_status_query->row['name'];
384.                 } else {
385.                     $order_status = '';
386.                 }
387.  
388.                 $subject = sprintf($language->get('text_new_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
389.  
390.                 // HTML Mail
391.                 $data = array();
392.  
393.                 $data['title'] = sprintf($language->get('text_new_subject'), $order_info['store_name'], $order_id);
394.  
395.                 $data['text_greeting'] = sprintf($language->get('text_new_greeting'), $order_info['store_name']);
396.                 $data['text_link'] = $language->get('text_new_link');
397.                 $data['text_download'] = $language->get('text_new_download');
398.                 $data['text_order_detail'] = $language->get('text_new_order_detail');
399.                 $data['text_instruction'] = $language->get('text_new_instruction');
400.                 $data['text_order_id'] = $language->get('text_new_order_id');
401.                 $data['text_date_added'] = $language->get('text_new_date_added');
402.                 $data['text_payment_method'] = $language->get('text_new_payment_method');
403.                 $data['text_shipping_method'] = $language->get('text_new_shipping_method');
404.                 $data['text_email'] = $language->get('text_new_email');
405.                 $data['text_telephone'] = $language->get('text_new_telephone');
406.                 $data['text_ip'] = $language->get('text_new_ip');
407.                 $data['text_order_status'] = $language->get('text_new_order_status');
408.                 $data['text_payment_address'] = $language->get('text_new_payment_address');
409.                 $data['text_shipping_address'] = $language->get('text_new_shipping_address');
410.                 $data['text_product'] = $language->get('text_new_product');
411.                 $data['text_model'] = $language->get('text_new_model');
412.                 $data['text_quantity'] = $language->get('text_new_quantity');
413.                 $data['text_price'] = $language->get('text_new_price');
414.                 $data['text_total'] = $language->get('text_new_total');
415.                 $data['text_footer'] = $language->get('text_new_footer');
416.  
417.                 $data['logo'] = $this->config->get('config_url') . 'image/' . $this->config->get('config_logo');
418.                 $data['store_name'] = $order_info['store_name'];
419.                 $data['store_url'] = $order_info['store_url'];
420.                 $data['customer_id'] = $order_info['customer_id'];
421.                 $data['link'] = $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id;
422.  
423.                 if ($download_status) {
424.                     $data['download'] = $order_info['store_url'] . 'index.php?route=account/download';
425.                 } else {
426.                     $data['download'] = '';
427.                 }
428.  
429.                 $data['order_id'] = $order_id;
430.                 $data['date_added'] = date($language->get('date_format_short'), strtotime($order_info['date_added']));
431.                 $data['payment_method'] = $order_info['payment_method'];
432.                 $data['shipping_method'] = $order_info['shipping_method'];
433.                 $data['email'] = $order_info['email'];
434.                 $data['telephone'] = $order_info['telephone'];
435.                 $data['ip'] = $order_info['ip'];
436.                 $data['order_status'] = $order_status;
437.  
438.                 if ($comment && $notify) {
439.                     $data['comment'] = nl2br($comment);
440.                 } else {
441.                     $data['comment'] = '';
442.                 }
443.  
444.                 if ($order_info['payment_address_format']) {
445.                     $format = $order_info['payment_address_format'];
446.                 } else {
447.                     $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
448.                 }
449.  
450.                 $find = array(
451.                     '{firstname}',
452.                     '{lastname}',
453.                     '{company}',
454.                     '{address_1}',
455.                     '{address_2}',
456.                     '{city}',
457.                     '{postcode}',
458.                     '{zone}',
459.                     '{zone_code}',
460.                     '{country}'
461.                 );
462.  
463.                 $replace = array(
464.                     'firstname' => $order_info['payment_firstname'],
465.                     'lastname'  => $order_info['payment_lastname'],
466.                     'company'   => $order_info['payment_company'],
467.                     'address_1' => $order_info['payment_address_1'],
468.                     'address_2' => $order_info['payment_address_2'],
469.                     'city'      => $order_info['payment_city'],
470.                     'postcode'  => $order_info['payment_postcode'],
471.                     'zone'      => $order_info['payment_zone'],
472.                     'zone_code' => $order_info['payment_zone_code'],
473.                     'country'   => $order_info['payment_country']
474.                 );
475.  
476.                 $data['payment_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));
477.  
478.                 if ($order_info['shipping_address_format']) {
479.                     $format = $order_info['shipping_address_format'];
480.                 } else {
481.                     $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
482.                 }
483.  
484.                 $find = array(
485.                     '{firstname}',
486.                     '{lastname}',
487.                     '{company}',
488.                     '{address_1}',
489.                     '{address_2}',
490.                     '{city}',
491.                     '{postcode}',
492.                     '{zone}',
493.                     '{zone_code}',
494.                     '{country}'
495.                 );
496.  
497.                 $replace = array(
498.                     'firstname' => $order_info['shipping_firstname'],
499.                     'lastname'  => $order_info['shipping_lastname'],
500.                     'company'   => $order_info['shipping_company'],
501.                     'address_1' => $order_info['shipping_address_1'],
502.                     'address_2' => $order_info['shipping_address_2'],
503.                     'city'      => $order_info['shipping_city'],
504.                     'postcode'  => $order_info['shipping_postcode'],
505.                     'zone'      => $order_info['shipping_zone'],
506.                     'zone_code' => $order_info['shipping_zone_code'],
507.                     'country'   => $order_info['shipping_country']
508.                 );
509.  
510.                 $data['shipping_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));
511.  
512.                 $this->load->model('tool/upload');
513.  
514.                 // Products
515.                 $data['products'] = array();
516.  
517.                 foreach ($order_product_query->rows as $product) {
518.                     $option_data = array();
519.  
520.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$product['order_product_id'] . "'");
521.  
522.                     foreach ($order_option_query->rows as $option) {
523.                         if ($option['type'] != 'file') {
524.                             $value = $option['value'];
525.                         } else {
526.                             $upload_info = $this->model_tool_upload->getUploadByCode($option['value']);
527.  
528.                             if ($upload_info) {
529.                                 $value = $upload_info['name'];
530.                             } else {
531.                                 $value = '';
532.                             }
533.                         }
534.  
535.                         $option_data[] = array(
536.                             'name'  => $option['name'],
537.                             'value' => (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value)
538.                         );
539.                     }
540.  
541.                     $data['products'][] = array(
542.                         'name'     => $product['name'],
543.                         'model'    => $product['model'],
544.                         'option'   => $option_data,
545.                         'quantity' => $product['quantity'],
546.                         'price'    => $this->currency->format($product['price'] + ($this->config->get('config_tax') ? $product['tax'] : 0), $order_info['currency_code'], $order_info['currency_value']),
547.                         'total'    => $this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value'])
548.                     );
549.                 }
550.  
551.                 // Vouchers
552.                 $data['vouchers'] = array();
553.  
554.                 $order_voucher_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_voucher WHERE order_id = '" . (int)$order_id . "'");
555.  
556.                 foreach ($order_voucher_query->rows as $voucher) {
557.                     $data['vouchers'][] = array(
558.                         'description' => $voucher['description'],
559.                         'amount'      => $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']),
560.                     );
561.                 }
562.  
563.                 // Order Totals
564.                 $data['totals'] = array();
565.  
566.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
567.  
568.                 foreach ($order_total_query->rows as $total) {
569.                     $data['totals'][] = array(
570.                         'title' => $total['title'],
571.                         'text'  => $this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']),
572.                     );
573.                 }
574.  
575.                 // Text Mail
576.                 $text  = sprintf($language->get('text_new_greeting'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8')) . "\n\n";
577.                 $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
578.                 $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
579.                 $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
580.  
581.                 if ($comment && $notify) {
582.                     $text .= $language->get('text_new_instruction') . "\n\n";
583.                     $text .= $comment . "\n\n";
584.                 }
585.  
586.                 // Products
587.                 $text .= $language->get('text_new_products') . "\n";
588.  
589.                 foreach ($order_product_query->rows as $product) {
590.                     $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
591.  
592.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
593.  
594.                     foreach ($order_option_query->rows as $option) {
595.                         if ($option['type'] != 'file') {
596.                             $value = $option['value'];
597.                         } else {
598.                             $upload_info = $this->model_tool_upload->getUploadByCode($option['value']);
599.  
600.                             if ($upload_info) {
601.                                 $value = $upload_info['name'];
602.                             } else {
603.                                 $value = '';
604.                             }
605.                         }
606.  
607.                         $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value) . "\n";
608.                     }
609.                 }
610.  
611.                 foreach ($order_voucher_query->rows as $voucher) {
612.                     $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
613.                 }
614.  
615.                 $text .= "\n";
616.  
617.                 $text .= $language->get('text_new_order_total') . "\n";
618.  
619.                 foreach ($order_total_query->rows as $total) {
620.                     $text .= $total['title'] . ': ' . html_entity_decode($this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
621.                 }
622.  
623.                 $text .= "\n";
624.  
625.                 if ($order_info['customer_id']) {
626.                     $text .= $language->get('text_new_link') . "\n";
627.                     $text .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
628.                 }
629.  
630.                 if ($download_status) {
631.                     $text .= $language->get('text_new_download') . "\n";
632.                     $text .= $order_info['store_url'] . 'index.php?route=account/download' . "\n\n";
633.                 }
634.  
635.                 // Comment
636.                 if ($order_info['comment']) {
637.                     $text .= $language->get('text_new_comment') . "\n\n";
638.                     $text .= $order_info['comment'] . "\n\n";
639.                 }
640.  
641.                 $text .= $language->get('text_new_footer') . "\n\n";
642.  
643.                 $mail = new Mail();
644.                 $mail->protocol = $this->config->get('config_mail_protocol');
645.                 $mail->parameter = $this->config->get('config_mail_parameter');
646.                 $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
647.                 $mail->smtp_username = $this->config->get('config_mail_smtp_username');
648.                 $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
649.                 $mail->smtp_port = $this->config->get('config_mail_smtp_port');
650.                 $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
651.  
652.                 $mail->setTo($order_info['email']);
653.                 $mail->setFrom($this->config->get('config_email'));
654.                 $mail->setSender(html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'));
655.                 $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
656.                 $mail->setHtml($this->load->view('mail/order', $data));
657.                 $mail->setText($text);
658.                 $mail->send();
659.  
660.                 // Admin Alert Mail
661.                 if (in_array('order', (array)$this->config->get('config_mail_alert'))) {
662.                     $subject = sprintf($language->get('text_new_subject'), html_entity_decode($this->config->get('config_name'), ENT_QUOTES, 'UTF-8'), $order_id);
663.  
664.                     // HTML Mail
665.                     $data['text_greeting'] = $language->get('text_new_received');
666.  
667.                     if ($comment) {
668.                         if ($order_info['comment']) {
669.                             $data['comment'] = nl2br($comment) . '<br/><br/>' . $order_info['comment'];
670.                         } else {
671.                             $data['comment'] = nl2br($comment);
672.                         }
673.                     } else {
674.                         if ($order_info['comment']) {
675.                             $data['comment'] = $order_info['comment'];
676.                         } else {
677.                             $data['comment'] = '';
678.                         }
679.                     }
680.  
681.                     $data['text_download'] = '';
682.  
683.                     $data['text_footer'] = '';
684.  
685.                     $data['text_link'] = '';
686.                     $data['link'] = '';
687.                     $data['download'] = '';
688.  
689.                     // Text
690.                     $text  = $language->get('text_new_received') . "\n\n";
691.                     $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
692.                     $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
693.                     $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
694.                     $text .= $language->get('text_new_products') . "\n";
695.  
696.                     foreach ($order_product_query->rows as $product) {
697.                         $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
698.  
699.                         $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
700.  
701.                         foreach ($order_option_query->rows as $option) {
702.                             if ($option['type'] != 'file') {
703.                                 $value = $option['value'];
704.                             } else {
705.                                 $value = utf8_substr($option['value'], 0, utf8_strrpos($option['value'], '.'));
706.                             }
707.  
708.                             $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value) . "\n";
709.                         }
710.                     }
711.  
712.                     foreach ($order_voucher_query->rows as $voucher) {
713.                         $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
714.                     }
715.  
716.                     $text .= "\n";
717.  
718.                     $text .= $language->get('text_new_order_total') . "\n";
719.  
720.                     foreach ($order_total_query->rows as $total) {
721.                         $text .= $total['title'] . ': ' . html_entity_decode($this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
722.                     }
723.  
724.                     $text .= "\n";
725.  
726.                     if ($order_info['comment']) {
727.                         $text .= $language->get('text_new_comment') . "\n\n";
728.                         $text .= $order_info['comment'] . "\n\n";
729.                     }
730.  
731.                     $mail = new Mail();
732.                     $mail->protocol = $this->config->get('config_mail_protocol');
733.                     $mail->parameter = $this->config->get('config_mail_parameter');
734.                     $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
735.                     $mail->smtp_username = $this->config->get('config_mail_smtp_username');
736.                     $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
737.                     $mail->smtp_port = $this->config->get('config_mail_smtp_port');
738.                     $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
739.  
740.                     $mail->setTo($this->config->get('config_email'));
741.                     $mail->setFrom($this->config->get('config_email'));
742.                     $mail->setSender(html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'));
743.                     $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
744.                     $mail->setHtml($this->load->view('mail/order', $data));
745.                     $mail->setText($text);
746.                     $mail->send();
747.  
748.                     // Send to additional alert emails
749.                     $emails = explode(',', $this->config->get('config_alert_email'));
750.  
751.                     foreach ($emails as $email) {
752.                         if ($email && preg_match($this->config->get('config_mail_regexp'), $email)) {
753.                             $mail->setTo($email);
754.                             $mail->send();
755.                         }
756.                     }
757.                 }
758.  
759.                 // Send Admins SMS if configure
760.                 if ($this->config->get('config_sms_alert')) {
761.                     $options = array(
762.                         'to'       => $this->config->get('config_sms_to'),
763.                         'copy'     => $this->config->get('config_sms_copy'),
764.                         'from'     => $this->config->get('config_sms_from'),
765.                         'username' => $this->config->get('config_sms_gate_username'),
766.                         'password' => $this->config->get('config_sms_gate_password'),
767.                         'message'  => str_replace(array('{ID}', '{DATE}', '{TIME}', '{SUM}', '{PHONE}'),
768.                             array($order_id, date('d.m.Y'), date('H:i'), floatval($order_info['total']), $order_info['telephone']),
769.                             $this->config->get('config_sms_message'))
770.                     );
771.  
772.                     $sms = new Sms($this->config->get('config_sms_gatename'), $options);
773.                     $sms->send();
774.                 }
775.             }
776.  
777.             // If order status is not 0 then send update text email
778.             if ($order_info['order_status_id'] && $order_status_id && $notify) {
779.                 $language = new Language($order_info['language_code']);
780.                 $language->load($order_info['language_code']);
781.                 $language->load('mail/order');
782.  
783.                 $subject = sprintf($language->get('text_update_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
784.  
785.                 $message  = $language->get('text_update_order') . ' ' . $order_id . "\n";
786.                 $message .= $language->get('text_update_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n\n";
787.  
788.                 $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
789.  
790.                 if ($order_status_query->num_rows) {
791.                     $message .= $language->get('text_update_order_status') . "\n\n";
792.                     $message .= $order_status_query->row['name'] . "\n\n";
793.                 }
794.  
795.                 if ($order_info['customer_id']) {
796.                     $message .= $language->get('text_update_link') . "\n";
797.                     $message .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
798.                 }
799.  
800.                 if ($comment) {
801.                     $message .= $language->get('text_update_comment') . "\n\n";
802.                     $message .= strip_tags($comment) . "\n\n";
803.                 }
804.  
805.                 $message .= $language->get('text_update_footer');
806.                 if ($notify) {
807.                     $mail = new Mail();
808.                     $mail->protocol = $this->config->get('config_mail_protocol');
809.                     $mail->parameter = $this->config->get('config_mail_parameter');
810.                     $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
811.                     $mail->smtp_username = $this->config->get('config_mail_smtp_username');
812.                     $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
813.                     $mail->smtp_port = $this->config->get('config_mail_smtp_port');
814.                     $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
815.  
816.                     $mail->setTo($order_info['email']);
817.                     $mail->setFrom($this->config->get('config_email'));
818.                     $mail->setSender(html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'));
819.                     $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
820.                     $mail->setText($message);
821.                     $mail->send();
822.                 }
823.             }
824.         }
825.     }
826. }