API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 14th, 2018
238
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 41.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class ModelCheckoutOrder extends Model {
  3.     public function addOrder($data) {
  4.         $this->db->query("INSERT INTO `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_company_id = '" . $this->db->escape($data['payment_company_id']) . "', payment_tax_id = '" . $this->db->escape($data['payment_tax_id']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', language_id = '" . (int)$data['language_id'] . "', currency_id = '" . (int)$data['currency_id'] . "', currency_code = '" . $this->db->escape($data['currency_code']) . "', currency_value = '" . (float)$data['currency_value'] . "', ip = '" . $this->db->escape($data['ip']) . "', forwarded_ip = '" .  $this->db->escape($data['forwarded_ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', accept_language = '" . $this->db->escape($data['accept_language']) . "', date_added = NOW(), date_modified = NOW()");
  5.  
  6.         $order_id = $this->db->getLastId();
  7.  
  8.         foreach ($data['products'] as $product) {
  9.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
  10.  
  11.             $order_product_id = $this->db->getLastId();
  12.  
  13.             foreach ($product['option'] as $option) {
  14.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_option SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', product_option_id = '" . (int)$option['product_option_id'] . "', product_option_value_id = '" . (int)$option['product_option_value_id'] . "', name = '" . $this->db->escape($option['name']) . "', `value` = '" . $this->db->escape($option['value']) . "', `type` = '" . $this->db->escape($option['type']) . "'");
  15.             }
  16.  
  17.             foreach ($product['download'] as $download) {
  18.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_download SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', name = '" . $this->db->escape($download['name']) . "', filename = '" . $this->db->escape($download['filename']) . "', mask = '" . $this->db->escape($download['mask']) . "', remaining = '" . (int)($download['remaining'] * $product['quantity']) . "'");
  19.             }  
  20.         }
  21.  
  22.         foreach ($data['vouchers'] as $voucher) {
  23.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
  24.         }
  25.  
  26.         foreach ($data['totals'] as $total) {
  27.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
  28.         }  
  29.  
  30.         return $order_id;
  31.     }
  32.  
  33.     public function getOrder($order_id) {
  34.         $order_query = $this->db->query("SELECT *, (SELECT os.name FROM `" . DB_PREFIX . "order_status` os WHERE os.order_status_id = o.order_status_id AND os.language_id = o.language_id) AS order_status FROM `" . DB_PREFIX . "order` o WHERE o.order_id = '" . (int)$order_id . "'");
  35.  
  36.         if ($order_query->num_rows) {
  37.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['payment_country_id'] . "'");
  38.  
  39.             if ($country_query->num_rows) {
  40.                 $payment_iso_code_2 = $country_query->row['iso_code_2'];
  41.                 $payment_iso_code_3 = $country_query->row['iso_code_3'];
  42.             } else {
  43.                 $payment_iso_code_2 = '';
  44.                 $payment_iso_code_3 = '';              
  45.             }
  46.  
  47.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['payment_zone_id'] . "'");
  48.  
  49.             if ($zone_query->num_rows) {
  50.                 $payment_zone_code = $zone_query->row['code'];
  51.             } else {
  52.                 $payment_zone_code = '';
  53.             }          
  54.  
  55.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['shipping_country_id'] . "'");
  56.  
  57.             if ($country_query->num_rows) {
  58.                 $shipping_iso_code_2 = $country_query->row['iso_code_2'];
  59.                 $shipping_iso_code_3 = $country_query->row['iso_code_3'];
  60.             } else {
  61.                 $shipping_iso_code_2 = '';
  62.                 $shipping_iso_code_3 = '';             
  63.             }
  64.  
  65.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['shipping_zone_id'] . "'");
  66.  
  67.             if ($zone_query->num_rows) {
  68.                 $shipping_zone_code = $zone_query->row['code'];
  69.             } else {
  70.                 $shipping_zone_code = '';
  71.             }
  72.  
  73.             $this->load->model('localisation/language');
  74.  
  75.             $language_info = $this->model_localisation_language->getLanguage($order_query->row['language_id']);
  76.  
  77.             if ($language_info) {
  78.                 $language_code = $language_info['code'];
  79.                 $language_filename = $language_info['filename'];
  80.                 $language_directory = $language_info['directory'];
  81.             } else {
  82.                 $language_code = '';
  83.                 $language_filename = '';
  84.                 $language_directory = '';
  85.             }
  86.  
  87.             return array(
  88.                 'order_id'                => $order_query->row['order_id'],
  89.                 'invoice_no'              => $order_query->row['invoice_no'],
  90.                 'invoice_prefix'          => $order_query->row['invoice_prefix'],
  91.                 'store_id'                => $order_query->row['store_id'],
  92.                 'store_name'              => $order_query->row['store_name'],
  93.                 'store_url'               => $order_query->row['store_url'],               
  94.                 'customer_id'             => $order_query->row['customer_id'],
  95.                 'firstname'               => $order_query->row['firstname'],
  96.                 'lastname'                => $order_query->row['lastname'],
  97.                 'telephone'               => $order_query->row['telephone'],
  98.                 'fax'                     => $order_query->row['fax'],
  99.                 'email'                   => $order_query->row['email'],
  100.                 'payment_firstname'       => $order_query->row['payment_firstname'],
  101.                 'payment_lastname'        => $order_query->row['payment_lastname'],            
  102.                 'payment_company'         => $order_query->row['payment_company'],
  103.                 'payment_company_id'      => $order_query->row['payment_company_id'],
  104.                 'payment_tax_id'          => $order_query->row['payment_tax_id'],
  105.                 'payment_address_1'       => $order_query->row['payment_address_1'],
  106.                 'payment_address_2'       => $order_query->row['payment_address_2'],
  107.                 'payment_postcode'        => $order_query->row['payment_postcode'],
  108.                 'payment_city'            => $order_query->row['payment_city'],
  109.                 'payment_zone_id'         => $order_query->row['payment_zone_id'],
  110.                 'payment_zone'            => $order_query->row['payment_zone'],
  111.                 'payment_zone_code'       => $payment_zone_code,
  112.                 'payment_country_id'      => $order_query->row['payment_country_id'],
  113.                 'payment_country'         => $order_query->row['payment_country'], 
  114.                 'payment_iso_code_2'      => $payment_iso_code_2,
  115.                 'payment_iso_code_3'      => $payment_iso_code_3,
  116.                 'payment_address_format'  => $order_query->row['payment_address_format'],
  117.                 'payment_method'          => $order_query->row['payment_method'],
  118.                 'payment_code'            => $order_query->row['payment_code'],
  119.                 'shipping_firstname'      => $order_query->row['shipping_firstname'],
  120.                 'shipping_lastname'       => $order_query->row['shipping_lastname'],               
  121.                 'shipping_company'        => $order_query->row['shipping_company'],
  122.                 'shipping_address_1'      => $order_query->row['shipping_address_1'],
  123.                 'shipping_address_2'      => $order_query->row['shipping_address_2'],
  124.                 'shipping_postcode'       => $order_query->row['shipping_postcode'],
  125.                 'shipping_city'           => $order_query->row['shipping_city'],
  126.                 'shipping_zone_id'        => $order_query->row['shipping_zone_id'],
  127.                 'shipping_zone'           => $order_query->row['shipping_zone'],
  128.                 'shipping_zone_code'      => $shipping_zone_code,
  129.                 'shipping_country_id'     => $order_query->row['shipping_country_id'],
  130.                 'shipping_country'        => $order_query->row['shipping_country'],
  131.                 'shipping_iso_code_2'     => $shipping_iso_code_2,
  132.                 'shipping_iso_code_3'     => $shipping_iso_code_3,
  133.                 'shipping_address_format' => $order_query->row['shipping_address_format'],
  134.                 'shipping_method'         => $order_query->row['shipping_method'],
  135.                 'shipping_code'           => $order_query->row['shipping_code'],
  136.                 'comment'                 => $order_query->row['comment'],
  137.                 'total'                   => $order_query->row['total'],
  138.                 'order_status_id'         => $order_query->row['order_status_id'],
  139.                 'order_status'            => $order_query->row['order_status'],
  140.                 'language_id'             => $order_query->row['language_id'],
  141.                 'language_code'           => $language_code,
  142.                 'language_filename'       => $language_filename,
  143.                 'language_directory'      => $language_directory,
  144.                 'currency_id'             => $order_query->row['currency_id'],
  145.                 'currency_code'           => $order_query->row['currency_code'],
  146.                 'currency_value'          => $order_query->row['currency_value'],
  147.                 'ip'                      => $order_query->row['ip'],
  148.                 'forwarded_ip'            => $order_query->row['forwarded_ip'],
  149.                 'user_agent'              => $order_query->row['user_agent'],  
  150.                 'accept_language'         => $order_query->row['accept_language'],             
  151.                 'date_modified'           => $order_query->row['date_modified'],
  152.                 'date_added'              => $order_query->row['date_added']
  153.             );
  154.         } else {
  155.             return false;  
  156.         }
  157.     }
  158.  
  159.     public function confirm($order_id, $order_status_id, $comment = '', $notify = false) {
  160.         $order_info = $this->getOrder($order_id);
  161.  
  162.         if ($order_info && !$order_info['order_status_id']) {
  163.             // Fraud Detection
  164.             if ($this->config->get('config_fraud_detection')) {
  165.                 $this->load->model('checkout/fraud');
  166.  
  167.                 $risk_score = $this->model_checkout_fraud->getFraudScore($order_info);
  168.  
  169.                 if ($risk_score > $this->config->get('config_fraud_score')) {
  170.                     $order_status_id = $this->config->get('config_fraud_status_id');
  171.                 }
  172.             }
  173.  
  174.             // Ban IP
  175.             $status = false;
  176.  
  177.             $this->load->model('account/customer');
  178.  
  179.             if ($order_info['customer_id']) {
  180.                 $results = $this->model_account_customer->getIps($order_info['customer_id']);
  181.  
  182.                 foreach ($results as $result) {
  183.                     if ($this->model_account_customer->isBanIp($result['ip'])) {
  184.                         $status = true;
  185.  
  186.                         break;
  187.                     }
  188.                 }
  189.             } else {
  190.                 $status = $this->model_account_customer->isBanIp($order_info['ip']);
  191.             }
  192.  
  193.             if ($status) {
  194.                 $order_status_id = $this->config->get('config_order_status_id');
  195.             }      
  196.  
  197.             $this->db->query("UPDATE `" . DB_PREFIX . "order` SET order_status_id = '" . (int)$order_status_id . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
  198.  
  199.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '1', comment = '" . $this->db->escape(($comment && $notify) ? $comment : '') . "', date_added = NOW()");
  200.  
  201.             $order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
  202.  
  203.             foreach ($order_product_query->rows as $order_product) {
  204.                 $this->db->query("UPDATE " . DB_PREFIX . "product SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_id = '" . (int)$order_product['product_id'] . "' AND subtract = '1'");
  205.  
  206.                 $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$order_product['order_product_id'] . "'");
  207.  
  208.                 foreach ($order_option_query->rows as $option) {
  209.                     $this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
  210.                 }
  211.             }
  212.  
  213.             if(!isset($passArray) || empty($passArray)){ $passArray = null; }
  214.             $this->openbay->orderNew((int)$order_id);
  215.  
  216.             $this->cache->delete('product');
  217.  
  218.             // Downloads
  219.             $order_download_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_download WHERE order_id = '" . (int)$order_id . "'");
  220.  
  221.             // Gift Voucher
  222.             $this->load->model('checkout/voucher');
  223.  
  224.             $order_voucher_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_voucher WHERE order_id = '" . (int)$order_id . "'");
  225.  
  226.             foreach ($order_voucher_query->rows as $order_voucher) {
  227.                 $voucher_id = $this->model_checkout_voucher->addVoucher($order_id, $order_voucher);
  228.  
  229.                 $this->db->query("UPDATE " . DB_PREFIX . "order_voucher SET voucher_id = '" . (int)$voucher_id . "' WHERE order_voucher_id = '" . (int)$order_voucher['order_voucher_id'] . "'");
  230.             }          
  231.  
  232.             // Send out any gift voucher mails
  233.             if ($this->config->get('config_complete_status_id') == $order_status_id) {
  234.                 $this->model_checkout_voucher->confirm($order_id);
  235.             }
  236.  
  237.             // Order Totals        
  238.             $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
  239.  
  240.             foreach ($order_total_query->rows as $order_total) {
  241.                 $this->load->model('total/' . $order_total['code']);
  242.  
  243.                 if (method_exists($this->{'model_total_' . $order_total['code']}, 'confirm')) {
  244.                     $this->{'model_total_' . $order_total['code']}->confirm($order_info, $order_total);
  245.                 }
  246.             }
  247.  
  248.             // Send out order confirmation mail
  249.             $language = new Language($order_info['language_directory']);
  250.             $language->load($order_info['language_filename']);
  251.             $language->load('mail/order');
  252.  
  253.             $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
  254.  
  255.             if ($order_status_query->num_rows) {
  256.                 $order_status = $order_status_query->row['name'];  
  257.             } else {
  258.                 $order_status = '';
  259.             }
  260.  
  261.             $subject = sprintf($language->get('text_new_subject'), $order_info['store_name'], $order_id);
  262.  
  263.             // HTML Mail
  264.             $template = new Template();
  265.  
  266.             $template->data['title'] = sprintf($language->get('text_new_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
  267.  
  268.             $template->data['text_greeting'] = sprintf($language->get('text_new_greeting'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'));
  269.             $template->data['text_link'] = $language->get('text_new_link');
  270.             $template->data['text_download'] = $language->get('text_new_download');
  271.             $template->data['text_order_detail'] = $language->get('text_new_order_detail');
  272.             $template->data['text_instruction'] = $language->get('text_new_instruction');
  273.             $template->data['text_order_id'] = $language->get('text_new_order_id');
  274.             $template->data['text_date_added'] = $language->get('text_new_date_added');
  275.             $template->data['text_payment_method'] = $language->get('text_new_payment_method');
  276.             $template->data['text_shipping_method'] = $language->get('text_new_shipping_method');
  277.             $template->data['text_email'] = $language->get('text_new_email');
  278.             $template->data['text_telephone'] = $language->get('text_new_telephone');
  279.             $template->data['text_ip'] = $language->get('text_new_ip');
  280.             $template->data['text_payment_address'] = $language->get('text_new_payment_address');
  281.             $template->data['text_shipping_address'] = $language->get('text_new_shipping_address');
  282.             $template->data['text_product'] = $language->get('text_new_product');
  283.             $template->data['text_model'] = $language->get('text_new_model');
  284.             $template->data['text_quantity'] = $language->get('text_new_quantity');
  285.             $template->data['text_price'] = $language->get('text_new_price');
  286.             $template->data['text_total'] = $language->get('text_new_total');
  287.             $template->data['text_footer'] = $language->get('text_new_footer');
  288.             $template->data['text_powered'] = $language->get('text_new_powered');
  289.  
  290.             $template->data['logo'] = $this->config->get('config_url') . 'image/' . $this->config->get('config_logo');
  291.             $template->data['store_name'] = $order_info['store_name'];
  292.             $template->data['store_url'] = $order_info['store_url'];
  293.             $template->data['customer_id'] = $order_info['customer_id'];
  294.             $template->data['link'] = $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id;
  295.  
  296.             if ($order_download_query->num_rows) {
  297.                 $template->data['download'] = $order_info['store_url'] . 'index.php?route=account/download';
  298.             } else {
  299.                 $template->data['download'] = '';
  300.             }
  301.  
  302.             $template->data['order_id'] = $order_id;
  303.             $template->data['date_added'] = date($language->get('date_format_short'), strtotime($order_info['date_added']));       
  304.             $template->data['payment_method'] = $order_info['payment_method'];
  305.             $template->data['shipping_method'] = $order_info['shipping_method'];
  306.             $template->data['email'] = $order_info['email'];
  307.             $template->data['telephone'] = $order_info['telephone'];
  308.             $template->data['ip'] = $order_info['ip'];
  309.  
  310.             if ($comment && $notify) {
  311.                 $template->data['comment'] = nl2br($comment);
  312.             } else {
  313.                 $template->data['comment'] = '';
  314.             }
  315.  
  316.             if ($order_info['payment_address_format']) {
  317.                 $format = $order_info['payment_address_format'];
  318.             } else {
  319.                 $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
  320.             }
  321.  
  322.             $find = array(
  323.                 '{firstname}',
  324.                 '{lastname}',
  325.                 '{company}',
  326.                 '{address_1}',
  327.                 '{address_2}',
  328.                 '{city}',
  329.                 '{postcode}',
  330.                 '{zone}',
  331.                 '{zone_code}',
  332.                 '{country}'
  333.             );
  334.  
  335.             $replace = array(
  336.                 'firstname' => $order_info['payment_firstname'],
  337.                 'lastname'  => $order_info['payment_lastname'],
  338.                 'company'   => $order_info['payment_company'],
  339.                 'address_1' => $order_info['payment_address_1'],
  340.                 'address_2' => $order_info['payment_address_2'],
  341.                 'city'      => $order_info['payment_city'],
  342.                 'postcode'  => $order_info['payment_postcode'],
  343.                 'zone'      => $order_info['payment_zone'],
  344.                 'zone_code' => $order_info['payment_zone_code'],
  345.                 'country'   => $order_info['payment_country']  
  346.             );
  347.  
  348.             $template->data['payment_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));                    
  349.  
  350.             if ($order_info['shipping_address_format']) {
  351.                 $format = $order_info['shipping_address_format'];
  352.             } else {
  353.                 $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
  354.             }
  355.  
  356.             $find = array(
  357.                 '{firstname}',
  358.                 '{lastname}',
  359.                 '{company}',
  360.                 '{address_1}',
  361.                 '{address_2}',
  362.                 '{city}',
  363.                 '{postcode}',
  364.                 '{zone}',
  365.                 '{zone_code}',
  366.                 '{country}'
  367.             );
  368.  
  369.             $replace = array(
  370.                 'firstname' => $order_info['shipping_firstname'],
  371.                 'lastname'  => $order_info['shipping_lastname'],
  372.                 'company'   => $order_info['shipping_company'],
  373.                 'address_1' => $order_info['shipping_address_1'],
  374.                 'address_2' => $order_info['shipping_address_2'],
  375.                 'city'      => $order_info['shipping_city'],
  376.                 'postcode'  => $order_info['shipping_postcode'],
  377.                 'zone'      => $order_info['shipping_zone'],
  378.                 'zone_code' => $order_info['shipping_zone_code'],
  379.                 'country'   => $order_info['shipping_country']  
  380.             );
  381.  
  382.             $template->data['shipping_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));
  383.  
  384.             // Products
  385.             $template->data['products'] = array();
  386.  
  387.             foreach ($order_product_query->rows as $product) {
  388.                 $option_data = array();
  389.  
  390.                 $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$product['order_product_id'] . "'");
  391.  
  392.                 foreach ($order_option_query->rows as $option) {
  393.                     if ($option['type'] != 'file') {
  394.                         $value = $option['value'];
  395.                     } else {
  396.                         $value = utf8_substr($option['value'], 0, utf8_strrpos($option['value'], '.'));
  397.                     }
  398.  
  399.                     $option_data[] = array(
  400.                         'name'  => $option['name'],
  401.                         'value' => (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value)
  402.                     );                 
  403.                 }
  404.  
  405.                 $template->data['products'][] = array(
  406.                     'name'     => $product['name'],
  407.                     'model'    => $product['model'],
  408.                     'option'   => $option_data,
  409.                     'quantity' => $product['quantity'],
  410.                     'price'    => $this->currency->format($product['price'] + ($this->config->get('config_tax') ? $product['tax'] : 0), $order_info['currency_code'], $order_info['currency_value']),
  411.                     'total'    => $this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value'])
  412.                 );
  413.             }
  414.  
  415.             // Vouchers
  416.             $template->data['vouchers'] = array();
  417.  
  418.             foreach ($order_voucher_query->rows as $voucher) {
  419.                 $template->data['vouchers'][] = array(
  420.                     'description' => $voucher['description'],
  421.                     'amount'      => $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']),
  422.                 );
  423.             }
  424.  
  425.             $template->data['totals'] = $order_total_query->rows;
  426.  
  427.             if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/mail/order.tpl')) {
  428.                 $html = $template->fetch($this->config->get('config_template') . '/template/mail/order.tpl');
  429.             } else {
  430.                 $html = $template->fetch('default/template/mail/order.tpl');
  431.             }
  432.  
  433.             // Can not send confirmation emails for CBA orders as email is unknown
  434.             $this->load->model('payment/amazon_checkout');
  435.             if (!$this->model_payment_amazon_checkout->isAmazonOrder($order_info['order_id'])) {
  436.                 // Text Mail
  437.                 $text = sprintf($language->get('text_new_greeting'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8')) . "\n\n";
  438.                 $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
  439.                 $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
  440.                 $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
  441.  
  442.                 if ($comment && $notify) {
  443.                     $text .= $language->get('text_new_instruction') . "\n\n";
  444.                     $text .= $comment . "\n\n";
  445.                 }
  446.  
  447.                 // Products
  448.                 $text .= $language->get('text_new_products') . "\n";
  449.  
  450.                 foreach ($order_product_query->rows as $product) {
  451.                     $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
  452.  
  453.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
  454.  
  455.                     foreach ($order_option_query->rows as $option) {
  456.                         $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($option['value']) > 20 ? utf8_substr($option['value'], 0, 20) . '..' : $option['value']) . "\n";
  457.                     }
  458.                 }
  459.  
  460.                 foreach ($order_voucher_query->rows as $voucher) {
  461.                     $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
  462.                 }
  463.  
  464.                 $text .= "\n";
  465.  
  466.                 $text .= $language->get('text_new_order_total') . "\n";
  467.  
  468.                 foreach ($order_total_query->rows as $total) {
  469.                     $text .= $total['title'] . ': ' . html_entity_decode($total['text'], ENT_NOQUOTES, 'UTF-8') . "\n";
  470.                 }
  471.  
  472.                 $text .= "\n";
  473.  
  474.                 if ($order_info['customer_id']) {
  475.                     $text .= $language->get('text_new_link') . "\n";
  476.                     $text .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
  477.                 }
  478.  
  479.                 if ($order_download_query->num_rows) {
  480.                     $text .= $language->get('text_new_download') . "\n";
  481.                     $text .= $order_info['store_url'] . 'index.php?route=account/download' . "\n\n";
  482.                 }
  483.  
  484.                 // Comment
  485.                 if ($order_info['comment']) {
  486.                     $text .= $language->get('text_new_comment') . "\n\n";
  487.                     $text .= $order_info['comment'] . "\n\n";
  488.                 }
  489.  
  490.                 $text .= $language->get('text_new_footer') . "\n\n";
  491.  
  492.                 $mail = new Mail();
  493.                 $mail->protocol = $this->config->get('config_mail_protocol');
  494.                 $mail->parameter = $this->config->get('config_mail_parameter');
  495.                 $mail->hostname = $this->config->get('config_smtp_host');
  496.                 $mail->username = $this->config->get('config_smtp_username');
  497.                 $mail->password = $this->config->get('config_smtp_password');
  498.                 $mail->port = $this->config->get('config_smtp_port');
  499.                 $mail->timeout = $this->config->get('config_smtp_timeout');
  500.                 $mail->setTo($order_info['email']);
  501.                 $mail->setFrom($this->config->get('config_email'));
  502.                 $mail->setSender($order_info['store_name']);
  503.                 $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
  504.                 $mail->setHtml($html);
  505.                 $mail->setText(html_entity_decode($text, ENT_QUOTES, 'UTF-8'));
  506.                 $mail->send();
  507.             }
  508.  
  509.             // Admin Alert Mail
  510.             if ($this->config->get('config_alert_mail')) {
  511.                 $subject = sprintf($language->get('text_new_subject'), html_entity_decode($this->config->get('config_name'), ENT_QUOTES, 'UTF-8'), $order_id);
  512.  
  513.                 // Text
  514.                 $text  = $language->get('text_new_received') . "\n\n";
  515.                 $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
  516.                 $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
  517.                 $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
  518.                 $text .= $language->get('text_new_products') . "\n";
  519.  
  520.                 foreach ($order_product_query->rows as $product) {
  521.                     $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
  522.  
  523.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
  524.  
  525.                     foreach ($order_option_query->rows as $option) {
  526.                         if ($option['type'] != 'file') {
  527.                             $value = $option['value'];
  528.                         } else {
  529.                             $value = utf8_substr($option['value'], 0, utf8_strrpos($option['value'], '.'));
  530.                         }
  531.  
  532.                         $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value) . "\n";
  533.                     }
  534.                 }
  535.  
  536.                 foreach ($order_voucher_query->rows as $voucher) {
  537.                     $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
  538.                 }
  539.  
  540.                 $text .= "\n";
  541.  
  542.                 $text .= $language->get('text_new_order_total') . "\n";
  543.  
  544.                 foreach ($order_total_query->rows as $total) {
  545.                     $text .= $total['title'] . ': ' . html_entity_decode($total['text'], ENT_NOQUOTES, 'UTF-8') . "\n";
  546.                 }          
  547.  
  548.                 $text .= "\n";
  549.  
  550.                 if ($order_info['comment']) {
  551.                     $text .= $language->get('text_new_comment') . "\n\n";
  552.                     $text .= $order_info['comment'] . "\n\n";
  553.                 }
  554.  
  555.                 $mail = new Mail();
  556.                 $mail->protocol = $this->config->get('config_mail_protocol');
  557.                 $mail->parameter = $this->config->get('config_mail_parameter');
  558.                 $mail->hostname = $this->config->get('config_smtp_host');
  559.                 $mail->username = $this->config->get('config_smtp_username');
  560.                 $mail->password = $this->config->get('config_smtp_password');
  561.                 $mail->port = $this->config->get('config_smtp_port');
  562.                 $mail->timeout = $this->config->get('config_smtp_timeout');
  563.                 $mail->setTo('info@apteka-farma.ru');
  564.                 $mail->setFrom('no-reply@apteka-farma.ru');
  565.                 $mail->setSender($order_info['store_name']);
  566.                 $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
  567.                 $mail->setText(html_entity_decode($text, ENT_QUOTES, 'UTF-8'));
  568.                 $mail->send();
  569.  
  570.                 // Send to additional alert emails
  571.                 // $emails = explode(',', $this->config->get('config_alert_emails'));
  572.  
  573.                 // foreach ($emails as $email) {
  574.                 //  if ($email && preg_match('/^[^\@]+@.*\.[a-z]{2,6}$/i', $email)) {
  575.                 //      $mail->setTo($email);
  576.                 //      $mail->send();
  577.                 //  }
  578.                 // }
  579.             }      
  580.         }
  581.     }
  582.  
  583.     public function update($order_id, $order_status_id, $comment = '', $notify = false) {
  584.         $order_info = $this->getOrder($order_id);
  585.  
  586.         if ($order_info && $order_info['order_status_id']) {
  587.             // Fraud Detection
  588.             if ($this->config->get('config_fraud_detection')) {
  589.                 $this->load->model('checkout/fraud');
  590.  
  591.                 $risk_score = $this->model_checkout_fraud->getFraudScore($order_info);
  592.  
  593.                 if ($risk_score > $this->config->get('config_fraud_score')) {
  594.                     $order_status_id = $this->config->get('config_fraud_status_id');
  595.                 }
  596.             }          
  597.  
  598.             // Ban IP
  599.             $status = false;
  600.  
  601.             $this->load->model('account/customer');
  602.  
  603.             if ($order_info['customer_id']) {
  604.  
  605.                 $results = $this->model_account_customer->getIps($order_info['customer_id']);
  606.  
  607.                 foreach ($results as $result) {
  608.                     if ($this->model_account_customer->isBanIp($result['ip'])) {
  609.                         $status = true;
  610.  
  611.                         break;
  612.                     }
  613.                 }
  614.             } else {
  615.                 $status = $this->model_account_customer->isBanIp($order_info['ip']);
  616.             }
  617.  
  618.             if ($status) {
  619.                 $order_status_id = $this->config->get('config_order_status_id');
  620.             }      
  621.  
  622.             $this->db->query("UPDATE `" . DB_PREFIX . "order` SET order_status_id = '" . (int)$order_status_id . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
  623.  
  624.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '" . (int)$notify . "', comment = '" . $this->db->escape($comment) . "', date_added = NOW()");
  625.  
  626.             // Send out any gift voucher mails
  627.             if ($this->config->get('config_complete_status_id') == $order_status_id) {
  628.                 $this->load->model('checkout/voucher');
  629.  
  630.                 $this->model_checkout_voucher->confirm($order_id);
  631.             }  
  632.  
  633.             if ($notify) {
  634.                 $language = new Language($order_info['language_directory']);
  635.                 $language->load($order_info['language_filename']);
  636.                 $language->load('mail/order');
  637.  
  638.                 $subject = sprintf($language->get('text_update_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
  639.  
  640.                 $message  = $language->get('text_update_order') . ' ' . $order_id . "\n";
  641.                 $message .= $language->get('text_update_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n\n";
  642.  
  643.                 $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
  644.  
  645.                 if ($order_status_query->num_rows) {
  646.                     $message .= $language->get('text_update_order_status') . "\n\n";
  647.                     $message .= $order_status_query->row['name'] . "\n\n";                 
  648.                 }
  649.  
  650.                 if ($order_info['customer_id']) {
  651.                     $message .= $language->get('text_update_link') . "\n";
  652.                     $message .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
  653.                 }
  654.  
  655.                 if ($comment) {
  656.                     $message .= $language->get('text_update_comment') . "\n\n";
  657.                     $message .= $comment . "\n\n";
  658.                 }
  659.  
  660.                 $message .= $language->get('text_update_footer');
  661.  
  662.                 $mail = new Mail();
  663.                 $mail->protocol = $this->config->get('config_mail_protocol');
  664.                 $mail->parameter = $this->config->get('config_mail_parameter');
  665.                 $mail->hostname = $this->config->get('config_smtp_host');
  666.                 $mail->username = $this->config->get('config_smtp_username');
  667.                 $mail->password = $this->config->get('config_smtp_password');
  668.                 $mail->port = $this->config->get('config_smtp_port');
  669.                 $mail->timeout = $this->config->get('config_smtp_timeout');            
  670.                 $mail->setTo($order_info['email']);
  671.                 $mail->setFrom($this->config->get('config_email'));
  672.                 $mail->setSender($order_info['store_name']);
  673.                 $mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
  674.                 $mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
  675.                 $mail->send();
  676.             }
  677.         }
  678.     }
  679.  
  680.     public function addOrderBuy1Click($data) {
  681.         $order_status_id = $this->config->get('config_order_status_id');
  682.        
  683.         $this->db->query("INSERT INTO `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_company_id = '" . $this->db->escape($data['payment_company_id']) . "', payment_tax_id = '" . $this->db->escape($data['payment_tax_id']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', order_status_id = '" . (float)$order_status_id . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', language_id = '" . (int)$data['language_id'] . "', currency_id = '" . (int)$data['currency_id'] . "', currency_code = '" . $this->db->escape($data['currency_code']) . "', currency_value = '" . (float)$data['currency_value'] . "', ip = '" . $this->db->escape($data['ip']) . "', forwarded_ip = '" .  $this->db->escape($data['forwarded_ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', accept_language = '" . $this->db->escape($data['accept_language']) . "', date_added = NOW(), date_modified = NOW()");
  684.  
  685.         $order_id = $this->db->getLastId();
  686.  
  687.         foreach ($data['products'] as $product) {
  688.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
  689.  
  690.             $order_product_id = $this->db->getLastId();
  691.         }
  692.  
  693.         foreach ($data['vouchers'] as $voucher) {
  694.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
  695.         }
  696.  
  697.         foreach ($data['totals'] as $total) {
  698.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
  699.         }
  700.  
  701.         return $order_id;
  702.     }
  703.  
  704.  
  705. }
  706. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!