order.php

1. <?php
2. class ModelCheckoutOrder extends Model {
3.     public function addOrder($data) {
4.         $this->event->trigger('pre.order.add', $data);
5.  
6.         $this->db->query("INSERT INTO `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? serialize($data['custom_field']) : '') . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_custom_field = '" . $this->db->escape(isset($data['payment_custom_field']) ? serialize($data['payment_custom_field']) : '') . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_custom_field = '" . $this->db->escape(isset($data['shipping_custom_field']) ? serialize($data['shipping_custom_field']) : '') . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', marketing_id = '" . (int)$data['marketing_id'] . "', tracking = '" . $this->db->escape($data['tracking']) . "', language_id = '" . (int)$data['language_id'] . "', currency_id = '" . (int)$data['currency_id'] . "', currency_code = '" . $this->db->escape($data['currency_code']) . "', currency_value = '" . (float)$data['currency_value'] . "', ip = '" . $this->db->escape($data['ip']) . "', forwarded_ip = '" .  $this->db->escape($data['forwarded_ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', accept_language = '" . $this->db->escape($data['accept_language']) . "', date_added = NOW(), date_modified = NOW()");
7.  
8.         $order_id = $this->db->getLastId();
9.  
10.         // Products
11.         if (isset($data['products'])) {
12.             foreach ($data['products'] as $product) {
13.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
14.  
15.                 $order_product_id = $this->db->getLastId();
16.  
17.                 foreach ($product['option'] as $option) {
18.                     $this->db->query("INSERT INTO " . DB_PREFIX . "order_option SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', product_option_id = '" . (int)$option['product_option_id'] . "', product_option_value_id = '" . (int)$option['product_option_value_id'] . "', name = '" . $this->db->escape($option['name']) . "', `value` = '" . $this->db->escape($option['value']) . "', `type` = '" . $this->db->escape($option['type']) . "'");
19.                 }
20.             }
21.         }
22.  
23.         // Gift Voucher
24.         $this->load->model('checkout/voucher');
25.  
26.         // Vouchers
27.         if (isset($data['vouchers'])) {
28.             foreach ($data['vouchers'] as $voucher) {
29.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
30.  
31.                 $order_voucher_id = $this->db->getLastId();
32.  
33.                 $voucher_id = $this->model_checkout_voucher->addVoucher($order_id, $voucher);
34.  
35.                 $this->db->query("UPDATE " . DB_PREFIX . "order_voucher SET voucher_id = '" . (int)$voucher_id . "' WHERE order_voucher_id = '" . (int)$order_voucher_id . "'");
36.             }
37.         }
38.  
39.         // Totals
40.         if (isset($data['totals'])) {
41.             foreach ($data['totals'] as $total) {
42.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
43.             }
44.         }
45.  
46.         $this->event->trigger('post.order.add', $order_id);
47.  
48.         return $order_id;
49.     }
50.  
51.     public function editOrder($order_id, $data) {
52.         $this->event->trigger('pre.order.edit', $data);
53.  
54.         // Void the order first
55.         $this->addOrderHistory($order_id, 0);
56.  
57.         $this->db->query("UPDATE `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(serialize($data['custom_field'])) . "', payment_firstname = '" . $this->db->escape($data['payment_firstname']) . "', payment_lastname = '" . $this->db->escape($data['payment_lastname']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_custom_field = '" . $this->db->escape(serialize($data['payment_custom_field'])) . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_firstname = '" . $this->db->escape($data['shipping_firstname']) . "', shipping_lastname = '" . $this->db->escape($data['shipping_lastname']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_custom_field = '" . $this->db->escape(serialize($data['shipping_custom_field'])) . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
58.  
59.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
60.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "'");
61.  
62.         // Products
63.         if (isset($data['products'])) {
64.             foreach ($data['products'] as $product) {
65.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_product SET order_id = '" . (int)$order_id . "', product_id = '" . (int)$product['product_id'] . "', name = '" . $this->db->escape($product['name']) . "', model = '" . $this->db->escape($product['model']) . "', quantity = '" . (int)$product['quantity'] . "', price = '" . (float)$product['price'] . "', total = '" . (float)$product['total'] . "', tax = '" . (float)$product['tax'] . "', reward = '" . (int)$product['reward'] . "'");
66.  
67.                 $order_product_id = $this->db->getLastId();
68.  
69.                 foreach ($product['option'] as $option) {
70.                     $this->db->query("INSERT INTO " . DB_PREFIX . "order_option SET order_id = '" . (int)$order_id . "', order_product_id = '" . (int)$order_product_id . "', product_option_id = '" . (int)$option['product_option_id'] . "', product_option_value_id = '" . (int)$option['product_option_value_id'] . "', name = '" . $this->db->escape($option['name']) . "', `value` = '" . $this->db->escape($option['value']) . "', `type` = '" . $this->db->escape($option['type']) . "'");
71.                 }
72.             }
73.         }
74.  
75.         // Gift Voucher
76.         $this->load->model('checkout/voucher');
77.  
78.         $this->model_checkout_voucher->disableVoucher($order_id);
79.  
80.         // Vouchers
81.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_voucher WHERE order_id = '" . (int)$order_id . "'");
82.  
83.         if (isset($data['vouchers'])) {
84.             foreach ($data['vouchers'] as $voucher) {
85.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_voucher SET order_id = '" . (int)$order_id . "', description = '" . $this->db->escape($voucher['description']) . "', code = '" . $this->db->escape($voucher['code']) . "', from_name = '" . $this->db->escape($voucher['from_name']) . "', from_email = '" . $this->db->escape($voucher['from_email']) . "', to_name = '" . $this->db->escape($voucher['to_name']) . "', to_email = '" . $this->db->escape($voucher['to_email']) . "', voucher_theme_id = '" . (int)$voucher['voucher_theme_id'] . "', message = '" . $this->db->escape($voucher['message']) . "', amount = '" . (float)$voucher['amount'] . "'");
86.  
87.                 $order_voucher_id = $this->db->getLastId();
88.  
89.                 $voucher_id = $this->model_checkout_voucher->addVoucher($order_id, $voucher);
90.  
91.                 $this->db->query("UPDATE " . DB_PREFIX . "order_voucher SET voucher_id = '" . (int)$voucher_id . "' WHERE order_voucher_id = '" . (int)$order_voucher_id . "'");
92.             }
93.         }
94.  
95.         // Totals
96.         $this->db->query("DELETE FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order_id . "'");
97.  
98.         if (isset($data['totals'])) {
99.             foreach ($data['totals'] as $total) {
100.                 $this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
101.             }
102.         }
103.  
104.         $this->event->trigger('post.order.edit', $order_id);
105.     }
106.  
107.     public function deleteOrder($order_id) {
108.         $this->event->trigger('pre.order.delete', $order_id);
109.  
110.         // Void the order first
111.         $this->addOrderHistory($order_id, 0);
112.  
113.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order` WHERE order_id = '" . (int)$order_id . "'");
114.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_product` WHERE order_id = '" . (int)$order_id . "'");
115.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_option` WHERE order_id = '" . (int)$order_id . "'");
116.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_voucher` WHERE order_id = '" . (int)$order_id . "'");
117.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "'");
118.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_history` WHERE order_id = '" . (int)$order_id . "'");
119.         $this->db->query("DELETE FROM `" . DB_PREFIX . "order_fraud` WHERE order_id = '" . (int)$order_id . "'");
120.         $this->db->query("DELETE `or`, ort FROM `" . DB_PREFIX . "order_recurring` `or`, `" . DB_PREFIX . "order_recurring_transaction` `ort` WHERE order_id = '" . (int)$order_id . "' AND ort.order_recurring_id = `or`.order_recurring_id");
121.  
122.         $this->db->query("DELETE FROM `" . DB_PREFIX . "affiliate_transaction` WHERE order_id = '" . (int)$order_id . "'");
123.  
124.         // Gift Voucher
125.         $this->load->model('checkout/voucher');
126.  
127.         $this->model_checkout_voucher->disableVoucher($order_id);
128.  
129.         $this->event->trigger('post.order.delete', $order_id);
130.     }
131.  
132.     public function getOrder($order_id) {
133.         $order_query = $this->db->query("SELECT *, (SELECT os.name FROM `" . DB_PREFIX . "order_status` os WHERE os.order_status_id = o.order_status_id AND os.language_id = o.language_id) AS order_status FROM `" . DB_PREFIX . "order` o WHERE o.order_id = '" . (int)$order_id . "'");
134.  
135.         if ($order_query->num_rows) {
136.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['payment_country_id'] . "'");
137.  
138.             if ($country_query->num_rows) {
139.                 $payment_iso_code_2 = $country_query->row['iso_code_2'];
140.                 $payment_iso_code_3 = $country_query->row['iso_code_3'];
141.             } else {
142.                 $payment_iso_code_2 = '';
143.                 $payment_iso_code_3 = '';
144.             }
145.  
146.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['payment_zone_id'] . "'");
147.  
148.             if ($zone_query->num_rows) {
149.                 $payment_zone_code = $zone_query->row['code'];
150.             } else {
151.                 $payment_zone_code = '';
152.             }
153.  
154.             $country_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "country` WHERE country_id = '" . (int)$order_query->row['shipping_country_id'] . "'");
155.  
156.             if ($country_query->num_rows) {
157.                 $shipping_iso_code_2 = $country_query->row['iso_code_2'];
158.                 $shipping_iso_code_3 = $country_query->row['iso_code_3'];
159.             } else {
160.                 $shipping_iso_code_2 = '';
161.                 $shipping_iso_code_3 = '';
162.             }
163.  
164.             $zone_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE zone_id = '" . (int)$order_query->row['shipping_zone_id'] . "'");
165.  
166.             if ($zone_query->num_rows) {
167.                 $shipping_zone_code = $zone_query->row['code'];
168.             } else {
169.                 $shipping_zone_code = '';
170.             }
171.  
172.             $this->load->model('localisation/language');
173.  
174.             $language_info = $this->model_localisation_language->getLanguage($order_query->row['language_id']);
175.  
176.             if ($language_info) {
177.                 $language_code = $language_info['code'];
178.                 $language_directory = $language_info['directory'];
179.             } else {
180.                 $language_code = '';
181.                 $language_directory = '';
182.             }
183.  
184.             return array(
185.                 'order_id'                => $order_query->row['order_id'],
186.                 'invoice_no'              => $order_query->row['invoice_no'],
187.                 'invoice_prefix'          => $order_query->row['invoice_prefix'],
188.                 'store_id'                => $order_query->row['store_id'],
189.                 'store_name'              => $order_query->row['store_name'],
190.                 'store_url'               => $order_query->row['store_url'],
191.                 'customer_id'             => $order_query->row['customer_id'],
192.                 'firstname'               => $order_query->row['firstname'],
193.                 'lastname'                => $order_query->row['lastname'],
194.                 'email'                   => $order_query->row['email'],
195.                 'telephone'               => $order_query->row['telephone'],
196.                 'fax'                     => $order_query->row['fax'],
197.                 'custom_field'            => unserialize($order_query->row['custom_field']),
198.                 'payment_firstname'       => $order_query->row['payment_firstname'],
199.                 'payment_lastname'        => $order_query->row['payment_lastname'],
200.                 'payment_company'         => $order_query->row['payment_company'],
201.                 'payment_address_1'       => $order_query->row['payment_address_1'],
202.                 'payment_address_2'       => $order_query->row['payment_address_2'],
203.                 'payment_postcode'        => $order_query->row['payment_postcode'],
204.                 'payment_city'            => $order_query->row['payment_city'],
205.                 'payment_zone_id'         => $order_query->row['payment_zone_id'],
206.                 'payment_zone'            => $order_query->row['payment_zone'],
207.                 'payment_zone_code'       => $payment_zone_code,
208.                 'payment_country_id'      => $order_query->row['payment_country_id'],
209.                 'payment_country'         => $order_query->row['payment_country'],
210.                 'payment_iso_code_2'      => $payment_iso_code_2,
211.                 'payment_iso_code_3'      => $payment_iso_code_3,
212.                 'payment_address_format'  => $order_query->row['payment_address_format'],
213.                 'payment_custom_field'    => unserialize($order_query->row['payment_custom_field']),
214.                 'payment_method'          => $order_query->row['payment_method'],
215.                 'payment_code'            => $order_query->row['payment_code'],
216.                 'shipping_firstname'      => $order_query->row['shipping_firstname'],
217.                 'shipping_lastname'       => $order_query->row['shipping_lastname'],
218.                 'shipping_company'        => $order_query->row['shipping_company'],
219.                 'shipping_address_1'      => $order_query->row['shipping_address_1'],
220.                 'shipping_address_2'      => $order_query->row['shipping_address_2'],
221.                 'shipping_postcode'       => $order_query->row['shipping_postcode'],
222.                 'shipping_city'           => $order_query->row['shipping_city'],
223.                 'shipping_zone_id'        => $order_query->row['shipping_zone_id'],
224.                 'shipping_zone'           => $order_query->row['shipping_zone'],
225.                 'shipping_zone_code'      => $shipping_zone_code,
226.                 'shipping_country_id'     => $order_query->row['shipping_country_id'],
227.                 'shipping_country'        => $order_query->row['shipping_country'],
228.                 'shipping_iso_code_2'     => $shipping_iso_code_2,
229.                 'shipping_iso_code_3'     => $shipping_iso_code_3,
230.                 'shipping_address_format' => $order_query->row['shipping_address_format'],
231.                 'shipping_custom_field'   => unserialize($order_query->row['shipping_custom_field']),
232.                 'shipping_method'         => $order_query->row['shipping_method'],
233.                 'shipping_code'           => $order_query->row['shipping_code'],
234.                 'comment'                 => $order_query->row['comment'],
235.                 'total'                   => $order_query->row['total'],
236.                 'order_status_id'         => $order_query->row['order_status_id'],
237.                 'order_status'            => $order_query->row['order_status'],
238.                 'affiliate_id'            => $order_query->row['affiliate_id'],
239.                 'commission'              => $order_query->row['commission'],
240.                 'language_id'             => $order_query->row['language_id'],
241.                 'language_code'           => $language_code,
242.                 'language_directory'      => $language_directory,
243.                 'currency_id'             => $order_query->row['currency_id'],
244.                 'currency_code'           => $order_query->row['currency_code'],
245.                 'currency_value'          => $order_query->row['currency_value'],
246.                 'ip'                      => $order_query->row['ip'],
247.                 'forwarded_ip'            => $order_query->row['forwarded_ip'],
248.                 'user_agent'              => $order_query->row['user_agent'],
249.                 'accept_language'         => $order_query->row['accept_language'],
250.                 'date_modified'           => $order_query->row['date_modified'],
251.                 'date_added'              => $order_query->row['date_added']
252.             );
253.         } else {
254.             return false;
255.         }
256.     }
257.  
258.     public function addOrderHistory($order_id, $order_status_id, $comment = '', $notify = false) {
259.         $this->event->trigger('pre.order.history.add', $order_id);
260.  
261.         $order_info = $this->getOrder($order_id);
262.  
263.         if ($order_info) {
264.             // Fraud Detection
265.             $this->load->model('account/customer');
266.  
267.             $customer_info = $this->model_account_customer->getCustomer($order_info['customer_id']);
268.  
269.             if ($customer_info && $customer_info['safe']) {
270.                 $safe = true;
271.             } else {
272.                 $safe = false;
273.             }
274.  
275.             if ($this->config->get('config_fraud_detection')) {
276.                 $this->load->model('checkout/fraud');
277.  
278.                 $risk_score = $this->model_checkout_fraud->getFraudScore($order_info);
279.  
280.                 if (!$safe && $risk_score > $this->config->get('config_fraud_score')) {
281.                     $order_status_id = $this->config->get('config_fraud_status_id');
282.                 }
283.             }
284.  
285.             // Ban IP
286.             if (!$safe) {
287.                 $status = false;
288.  
289.                 if ($order_info['customer_id']) {
290.                     $results = $this->model_account_customer->getIps($order_info['customer_id']);
291.  
292.                     foreach ($results as $result) {
293.                         if ($this->model_account_customer->isBanIp($result['ip'])) {
294.                             $status = true;
295.  
296.                             break;
297.                         }
298.                     }
299.                 } else {
300.                     $status = $this->model_account_customer->isBanIp($order_info['ip']);
301.                 }
302.  
303.                 if ($status) {
304.                     $order_status_id = $this->config->get('config_order_status_id');
305.                 }
306.             }
307.  
308.             $this->db->query("UPDATE `" . DB_PREFIX . "order` SET order_status_id = '" . (int)$order_status_id . "', date_modified = NOW() WHERE order_id = '" . (int)$order_id . "'");
309.  
310.             $this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '" . (int)$notify . "', comment = '" . $this->db->escape($comment) . "', date_added = NOW()");
311.  
312.             // If current order status is not processing or complete but new status is processing or complete then commence completing the order
313.             if (!in_array($order_info['order_status_id'], array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status'))) && in_array($order_status_id, array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status')))) {
314.                 // Stock subtraction
315.                 $order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
316.  
317.                 foreach ($order_product_query->rows as $order_product) {
318.                     $this->db->query("UPDATE " . DB_PREFIX . "product SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_id = '" . (int)$order_product['product_id'] . "' AND subtract = '1'");
319.  
320.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$order_product['order_product_id'] . "'");
321.  
322.                     foreach ($order_option_query->rows as $option) {
323.                         $this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
324.                     }
325.                 }
326.  
327.                 // Redeem coupon, vouchers and reward points
328.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
329.  
330.                 foreach ($order_total_query->rows as $order_total) {
331.                     $this->load->model('total/' . $order_total['code']);
332.  
333.                     if (method_exists($this->{'model_total_' . $order_total['code']}, 'confirm')) {
334.                         $this->{'model_total_' . $order_total['code']}->confirm($order_info, $order_total);
335.                     }
336.                 }
337.  
338.                 // Add commission if sale is linked to affiliate referral.
339.                 if ($order_info['affiliate_id'] && $this->config->get('config_affiliate_auto')) {
340.                     $this->load->model('affiliate/affiliate');
341.  
342.                     $this->model_affiliate_affiliate->addTransaction($order_info['affiliate_id'], $order_info['commission'], $order_id);
343.                 }
344.             }
345.  
346.             // If old order status is the processing or complete status but new status is not then commence restock, and remove coupon, voucher and reward history
347.             if (in_array($order_info['order_status_id'], array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status'))) && !in_array($order_status_id, array_merge($this->config->get('config_processing_status'), $this->config->get('config_complete_status')))) {
348.                 // Restock
349.                 $product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
350.  
351.                 foreach($product_query->rows as $product) {
352.                     $this->db->query("UPDATE `" . DB_PREFIX . "product` SET quantity = (quantity + " . (int)$product['quantity'] . ") WHERE product_id = '" . (int)$product['product_id'] . "' AND subtract = '1'");
353.  
354.                     $option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$product['order_product_id'] . "'");
355.  
356.                     foreach ($option_query->rows as $option) {
357.                         $this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity + " . (int)$product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
358.                     }
359.                 }
360.  
361.                 // Remove coupon, vouchers and reward points history
362.                 $this->load->model('account/order');
363.  
364.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
365.  
366.                 foreach ($order_total_query->rows as $order_total) {
367.                     $this->load->model('total/' . $order_total['code']);
368.  
369.                     if (method_exists($this->{'model_total_' . $order_total['code']}, 'unconfirm')) {
370.                         $this->{'model_total_' . $order_total['code']}->unconfirm($order_id);
371.                     }
372.                 }
373.  
374.                 // Remove commission if sale is linked to affiliate referral.
375.                 if ($order_info['affiliate_id']) {
376.                     $this->load->model('affiliate/affiliate');
377.  
378.                     $this->model_affiliate_affiliate->deleteTransaction($order_id);
379.                 }
380.             }
381.  
382.             $this->cache->delete('product');
383.  
384.             // If order status is 0 then becomes greater than 0 send main html email
385.             if (!$order_info['order_status_id'] && $order_status_id) {
386.                 // Check for any downloadable products
387.                 $download_status = false;
388.  
389.                 $order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
390.  
391.                 foreach ($order_product_query->rows as $order_product) {
392.                     // Check if there are any linked downloads
393.                     $product_download_query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "product_to_download` WHERE product_id = '" . (int)$order_product['product_id'] . "'");
394.  
395.                     if ($product_download_query->row['total']) {
396.                         $download_status = true;
397.                     }
398.                 }
399.  
400.                 // Load the language for any mails that might be required to be sent out
401.                 $language = new Language($order_info['language_directory']);
402.                 $language->load('default');
403.                 $language->load('mail/order');
404.  
405.                 $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
406.  
407.                 if ($order_status_query->num_rows) {
408.                     $order_status = $order_status_query->row['name'];
409.                 } else {
410.                     $order_status = '';
411.                 }
412.  
413.                 $subject = sprintf($language->get('text_new_subject'), $order_info['store_name'], $order_id);
414.  
415.                 // HTML Mail
416.                 $data = array();
417.  
418.                 $data['title'] = sprintf($language->get('text_new_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
419.  
420.                 $data['text_greeting'] = sprintf($language->get('text_new_greeting'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'));
421.                 $data['text_link'] = $language->get('text_new_link');
422.                 $data['text_download'] = $language->get('text_new_download');
423.                 $data['text_order_detail'] = $language->get('text_new_order_detail');
424.                 $data['text_instruction'] = $language->get('text_new_instruction');
425.                 $data['text_order_id'] = $language->get('text_new_order_id');
426.                 $data['text_date_added'] = $language->get('text_new_date_added');
427.                 $data['text_payment_method'] = $language->get('text_new_payment_method');
428.                 $data['text_shipping_method'] = $language->get('text_new_shipping_method');
429.                 $data['text_email'] = $language->get('text_new_email');
430.                 $data['text_telephone'] = $language->get('text_new_telephone');
431.                 $data['text_ip'] = $language->get('text_new_ip');
432.                 $data['text_order_status'] = $language->get('text_new_order_status');
433.                 $data['text_payment_address'] = $language->get('text_new_payment_address');
434.                 $data['text_shipping_address'] = $language->get('text_new_shipping_address');
435.                 $data['text_product'] = $language->get('text_new_product');
436.                 $data['text_model'] = $language->get('text_new_model');
437.                 $data['text_quantity'] = $language->get('text_new_quantity');
438.                 $data['text_price'] = $language->get('text_new_price');
439.                 $data['text_total'] = $language->get('text_new_total');
440.                 $data['text_footer'] = $language->get('text_new_footer');
441.  
442.                 $data['logo'] = $this->config->get('config_url') . 'image/' . $this->config->get('config_logo');
443.                 $data['store_name'] = $order_info['store_name'];
444.                 $data['store_url'] = $order_info['store_url'];
445.                 $data['customer_id'] = $order_info['customer_id'];
446.                 $data['link'] = $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id;
447.  
448.                 if ($download_status) {
449.                     $data['download'] = $order_info['store_url'] . 'index.php?route=account/download';
450.                 } else {
451.                     $data['download'] = '';
452.                 }
453.  
454.                 $data['order_id'] = $order_id;
455.                 $data['date_added'] = date($language->get('date_format_short'), strtotime($order_info['date_added']));
456.                 $data['payment_method'] = $order_info['payment_method'];
457.                 $data['shipping_method'] = $order_info['shipping_method'];
458.                 $data['email'] = $order_info['email'];
459.                 $data['telephone'] = $order_info['telephone'];
460.                 $data['ip'] = $order_info['ip'];
461.                 $data['order_status'] = $order_status;
462.  
463.                 if ($comment && $notify) {
464.                     $data['comment'] = nl2br($comment);
465.                 } else {
466.                     $data['comment'] = '';
467.                 }
468.  
469.                 if ($order_info['payment_address_format']) {
470.                     $format = $order_info['payment_address_format'];
471.                 } else {
472.                     $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
473.                 }
474.  
475.                 $find = array(
476.                     '{firstname}',
477.                     '{lastname}',
478.                     '{company}',
479.                     '{address_1}',
480.                     '{address_2}',
481.                     '{city}',
482.                     '{postcode}',
483.                     '{zone}',
484.                     '{zone_code}',
485.                     '{country}'
486.                 );
487.  
488.                 $replace = array(
489.                     'firstname' => $order_info['payment_firstname'],
490.                     'lastname'  => $order_info['payment_lastname'],
491.                     'company'   => $order_info['payment_company'],
492.                     'address_1' => $order_info['payment_address_1'],
493.                     'address_2' => $order_info['payment_address_2'],
494.                     'city'      => $order_info['payment_city'],
495.                     'postcode'  => $order_info['payment_postcode'],
496.                     'zone'      => $order_info['payment_zone'],
497.                     'zone_code' => $order_info['payment_zone_code'],
498.                     'country'   => $order_info['payment_country']
499.                 );
500.  
501.                 $data['payment_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));
502.  
503.                 if ($order_info['shipping_address_format']) {
504.                     $format = $order_info['shipping_address_format'];
505.                 } else {
506.                     $format = '{firstname} {lastname}' . "\n" . '{company}' . "\n" . '{address_1}' . "\n" . '{address_2}' . "\n" . '{city} {postcode}' . "\n" . '{zone}' . "\n" . '{country}';
507.                 }
508.  
509.                 $find = array(
510.                     '{firstname}',
511.                     '{lastname}',
512.                     '{company}',
513.                     '{address_1}',
514.                     '{address_2}',
515.                     '{city}',
516.                     '{postcode}',
517.                     '{zone}',
518.                     '{zone_code}',
519.                     '{country}'
520.                 );
521.  
522.                 $replace = array(
523.                     'firstname' => $order_info['shipping_firstname'],
524.                     'lastname'  => $order_info['shipping_lastname'],
525.                     'company'   => $order_info['shipping_company'],
526.                     'address_1' => $order_info['shipping_address_1'],
527.                     'address_2' => $order_info['shipping_address_2'],
528.                     'city'      => $order_info['shipping_city'],
529.                     'postcode'  => $order_info['shipping_postcode'],
530.                     'zone'      => $order_info['shipping_zone'],
531.                     'zone_code' => $order_info['shipping_zone_code'],
532.                     'country'   => $order_info['shipping_country']
533.                 );
534.  
535.                 $data['shipping_address'] = str_replace(array("\r\n", "\r", "\n"), '<br />', preg_replace(array("/\s\s+/", "/\r\r+/", "/\n\n+/"), '<br />', trim(str_replace($find, $replace, $format))));
536.  
537.                 $this->load->model('tool/upload');
538.                 $this->load->model('tool/image'); // edits
539.                
540.                
541.                
542.                 // edits 1 start
543.                     public function getProductImage($product_id){
544.     $query = $this->db->query("SELECT `image` FROM `".DB_PREFIX."product` WHERE product_id = '".(int)$product_id."'");
545.  
546.     if ($query->row) {
547.         return $query->row['image'];
548.     } else {
549.         return false;  
550.     }
551. }
552.                     // edits 1 end
553.  
554.                 // Products
555.                 $data['products'] = array();
556.  
557.                 foreach ($order_product_query->rows as $product) {
558.                     $option_data = array();
559.                    
560.                    
561.                     // edits 2 start                   
562.                         $product_image = $this->getProductImage($product['product_id']);
563.                         if ($product_image) {
564.    $product_image = $this->model_tool_resize($product_image, 60, 60);
565. }
566. // edits 2 end
567.  
568.                     $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$product['order_product_id'] . "'");
569.  
570.                     foreach ($order_option_query->rows as $option) {
571.                         if ($option['type'] != 'file') {
572.                             $value = $option['value'];
573.                         } else {
574.                             $upload_info = $this->model_tool_upload->getUploadByCode($option['value']);
575.  
576.                             if ($upload_info) {
577.                                 $value = $upload_info['name'];
578.                             } else {
579.                                 $value = '';
580.                             }
581.                         }
582.  
583.                         $option_data[] = array(
584.                             'name'  => $option['name'],
585.                             'value' => (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value)
586.                         );
587.                     }
588.                    
589.                    
590.  
591.                     $data['products'][] = array(
592.                         'image' => $product_image,                     
593.                         'name'     => $product['name'],
594.                         'model'    => $product['model'],
595.                         'option'   => $option_data,
596.                         'quantity' => $product['quantity'],
597.                         'price'    => $this->currency->format($product['price'] + ($this->config->get('config_tax') ? $product['tax'] : 0), $order_info['currency_code'], $order_info['currency_value']),
598.                         'total'    => $this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value'])
599.                     );
600.                 }
601.  
602.                 // Vouchers
603.                 $data['vouchers'] = array();
604.  
605.                 $order_voucher_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_voucher WHERE order_id = '" . (int)$order_id . "'");
606.  
607.                 foreach ($order_voucher_query->rows as $voucher) {
608.                     $data['vouchers'][] = array(
609.                         'description' => $voucher['description'],
610.                         'amount'      => $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']),
611.                     );
612.                 }
613.  
614.                 // Order Totals
615.                 $order_total_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_total` WHERE order_id = '" . (int)$order_id . "' ORDER BY sort_order ASC");
616.  
617.                 foreach ($order_total_query->rows as $total) {
618.                     $data['totals'][] = array(
619.                         'title' => $total['title'],
620.                         'text'  => $this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']),
621.                     );
622.                 }
623.  
624.                 if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/mail/order.tpl')) {
625.                     $html = $this->load->view($this->config->get('config_template') . '/template/mail/order.tpl', $data);
626.                 } else {
627.                     $html = $this->load->view('default/template/mail/order.tpl', $data);
628.                 }
629.  
630.                 // Can not send confirmation emails for CBA orders as email is unknown
631.                 $this->load->model('payment/amazon_checkout');
632.  
633.                 if (!$this->model_payment_amazon_checkout->isAmazonOrder($order_info['order_id'])) {
634.                     // Text Mail
635.                     $text  = sprintf($language->get('text_new_greeting'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8')) . "\n\n";
636.                     $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
637.                     $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
638.                     $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
639.  
640.                     if ($comment && $notify) {
641.                         $text .= $language->get('text_new_instruction') . "\n\n";
642.                         $text .= $comment . "\n\n";
643.                     }
644.  
645.                     // Products
646.                     $text .= $language->get('text_new_products') . "\n";
647.                    
648.                    
649.                     foreach ($order_product_query->rows as $product) {
650.    
651.                        
652.                         $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
653.  
654.                         $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
655.  
656.                         foreach ($order_option_query->rows as $option) {
657.                             if ($option['type'] != 'file') {
658.                                 $value = $option['value'];
659.                             } else {
660.                                 $upload_info = $this->model_tool_upload->getUploadByCode($option['value']);
661.  
662.                                 if ($upload_info) {
663.                                     $value = $upload_info['name'];
664.                                 } else {
665.                                     $value = '';
666.                                 }
667.                             }
668.  
669.                             $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value) . "\n";
670.                         }
671.                     }
672.  
673.                     foreach ($order_voucher_query->rows as $voucher) {
674.                         $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
675.                     }
676.  
677.                     $text .= "\n";
678.  
679.                     $text .= $language->get('text_new_order_total') . "\n";
680.  
681.                     foreach ($order_total_query->rows as $total) {
682.                         $text .= $total['title'] . ': ' . html_entity_decode($this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
683.                     }
684.  
685.                     $text .= "\n";
686.  
687.                     if ($order_info['customer_id']) {
688.                         $text .= $language->get('text_new_link') . "\n";
689.                         $text .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
690.                     }
691.  
692.                     if ($download_status) {
693.                         $text .= $language->get('text_new_download') . "\n";
694.                         $text .= $order_info['store_url'] . 'index.php?route=account/download' . "\n\n";
695.                     }
696.  
697.                     // Comment
698.                     if ($order_info['comment']) {
699.                         $text .= $language->get('text_new_comment') . "\n\n";
700.                         $text .= $order_info['comment'] . "\n\n";
701.                     }
702.  
703.                     $text .= $language->get('text_new_footer') . "\n\n";
704.  
705.                     $mail = new Mail();
706.                     $mail->protocol = $this->config->get('config_mail_protocol');
707.                     $mail->parameter = $this->config->get('config_mail_parameter');
708.                     $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
709.                     $mail->smtp_username = $this->config->get('config_mail_smtp_username');
710.                     $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
711.                     $mail->smtp_port = $this->config->get('config_mail_smtp_port');
712.                     $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
713.            
714.                     $mail->setTo($order_info['email']);
715.                     $mail->setFrom($this->config->get('config_email'));
716.                     $mail->setSender($order_info['store_name']);
717.                     $mail->setSubject($subject);
718.                     $mail->setHtml($html);
719.                     $mail->setText($text);
720.                     $mail->send();
721.                 }
722.  
723.                 // Admin Alert Mail
724.                 if ($this->config->get('config_order_mail')) {
725.                     $subject = sprintf($language->get('text_new_subject'), html_entity_decode($this->config->get('config_name'), ENT_QUOTES, 'UTF-8'), $order_id);
726.  
727.                     // HTML Mail
728.                     $data['text_greeting'] = $language->get('text_new_received');
729.  
730.                     if ($comment) {
731.                         if ($order_info['comment']) {
732.                             $data['comment'] = nl2br($comment) . '<br/><br/>' . $order_info['comment'];
733.                         } else {
734.                             $data['comment'] = nl2br($comment);
735.                         }
736.                     } else {
737.                         if ($order_info['comment']) {
738.                             $data['comment'] = $order_info['comment'];
739.                         } else {
740.                             $data['comment'] = '';
741.                         }
742.                     }
743.                     $data['text_download'] = '';
744.  
745.                     $data['text_footer'] = '';
746.  
747.                     $data['text_link'] = '';
748.                     $data['link'] = '';
749.                     $data['download'] = '';
750.  
751.                     if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/mail/order.tpl')) {
752.                         $html = $this->load->view($this->config->get('config_template') . '/template/mail/order.tpl', $data);
753.                     } else {
754.                         $html = $this->load->view('default/template/mail/order.tpl', $data);
755.                     }
756.  
757.                     // Text
758.                     $text  = $language->get('text_new_received') . "\n\n";
759.                     $text .= $language->get('text_new_order_id') . ' ' . $order_id . "\n";
760.                     $text .= $language->get('text_new_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n";
761.                     $text .= $language->get('text_new_order_status') . ' ' . $order_status . "\n\n";
762.                     $text .= $language->get('text_new_products') . "\n";
763.  
764.                     foreach ($order_product_query->rows as $product) {
765.                         $text .= $product['quantity'] . 'x ' . $product['name'] . ' (' . $product['model'] . ') ' . html_entity_decode($this->currency->format($product['total'] + ($this->config->get('config_tax') ? ($product['tax'] * $product['quantity']) : 0), $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
766.  
767.                         $order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . $product['order_product_id'] . "'");
768.  
769.                         foreach ($order_option_query->rows as $option) {
770.                             if ($option['type'] != 'file') {
771.                                 $value = $option['value'];
772.                             } else {
773.                                 $value = utf8_substr($option['value'], 0, utf8_strrpos($option['value'], '.'));
774.                             }
775.  
776.                             $text .= chr(9) . '-' . $option['name'] . ' ' . (utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value) . "\n";
777.                         }
778.                     }
779.  
780.                     foreach ($order_voucher_query->rows as $voucher) {
781.                         $text .= '1x ' . $voucher['description'] . ' ' . $this->currency->format($voucher['amount'], $order_info['currency_code'], $order_info['currency_value']);
782.                     }
783.  
784.                     $text .= "\n";
785.  
786.                     $text .= $language->get('text_new_order_total') . "\n";
787.  
788.                     foreach ($order_total_query->rows as $total) {
789.                         $text .= $total['title'] . ': ' . html_entity_decode($this->currency->format($total['value'], $order_info['currency_code'], $order_info['currency_value']), ENT_NOQUOTES, 'UTF-8') . "\n";
790.                     }
791.  
792.                     $text .= "\n";
793.  
794.                     if ($order_info['comment']) {
795.                         $text .= $language->get('text_new_comment') . "\n\n";
796.                         $text .= $order_info['comment'] . "\n\n";
797.                     }
798.  
799.                     $mail = new Mail();
800.                     $mail->protocol = $this->config->get('config_mail_protocol');
801.                     $mail->parameter = $this->config->get('config_mail_parameter');
802.                     $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
803.                     $mail->smtp_username = $this->config->get('config_mail_smtp_username');
804.                     $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
805.                     $mail->smtp_port = $this->config->get('config_mail_smtp_port');
806.                     $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
807.            
808.                     $mail->setTo($this->config->get('config_email'));
809.                     $mail->setFrom($this->config->get('config_email'));
810.                     $mail->setReplyTo($order_info['email']);
811.                     $mail->setSender($order_info['store_name']);
812.                     $mail->setSubject($subject);
813.                     $mail->setHtml($html);
814.                     $mail->setText($text);
815.                     $mail->send();
816.  
817.                     // Send to additional alert emails
818.                     $emails = explode(',', $this->config->get('config_mail_alert'));
819.  
820.                     foreach ($emails as $email) {
821.                         if ($email && preg_match('/^[^\@]+@.*.[a-z]{2,15}$/i', $email)) {
822.                             $mail->setTo($email);
823.                             $mail->send();
824.                         }
825.                     }
826.                 }
827.             }
828.  
829.             // If order status is not 0 then send update text email
830.             if ($order_info['order_status_id'] && $order_status_id && $notify) {
831.                 $language = new Language($order_info['language_directory']);
832.                 $language->load('default');
833.                 $language->load('mail/order');
834.  
835.                 $subject = sprintf($language->get('text_update_subject'), html_entity_decode($order_info['store_name'], ENT_QUOTES, 'UTF-8'), $order_id);
836.  
837.                 $message  = $language->get('text_update_order') . ' ' . $order_id . "\n";
838.                 $message .= $language->get('text_update_date_added') . ' ' . date($language->get('date_format_short'), strtotime($order_info['date_added'])) . "\n\n";
839.  
840.                 $order_status_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_status WHERE order_status_id = '" . (int)$order_status_id . "' AND language_id = '" . (int)$order_info['language_id'] . "'");
841.  
842.                 if ($order_status_query->num_rows) {
843.                     $message .= $language->get('text_update_order_status') . "\n\n";
844.                     $message .= $order_status_query->row['name'] . "\n\n";
845.                 }
846.  
847.                 if ($order_info['customer_id']) {
848.                     $message .= $language->get('text_update_link') . "\n";
849.                     $message .= $order_info['store_url'] . 'index.php?route=account/order/info&order_id=' . $order_id . "\n\n";
850.                 }
851.  
852.                 if ($comment) {
853.                     $message .= $language->get('text_update_comment') . "\n\n";
854.                     $message .= strip_tags($comment) . "\n\n";
855.                 }
856.  
857.                 $message .= $language->get('text_update_footer');
858.  
859.                 $mail = new Mail();
860.                 $mail->protocol = $this->config->get('config_mail_protocol');
861.                 $mail->parameter = $this->config->get('config_mail_parameter');
862.                 $mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
863.                 $mail->smtp_username = $this->config->get('config_mail_smtp_username');
864.                 $mail->smtp_password = html_entity_decode($this->config->get('config_mail_smtp_password'), ENT_QUOTES, 'UTF-8');
865.                 $mail->smtp_port = $this->config->get('config_mail_smtp_port');
866.                 $mail->smtp_timeout = $this->config->get('config_mail_smtp_timeout');
867.            
868.                 $mail->setTo($order_info['email']);
869.                 $mail->setFrom($this->config->get('config_email'));
870.                 $mail->setSender($order_info['store_name']);
871.                 $mail->setSubject($subject);
872.                 $mail->setText($message);
873.                 $mail->send();
874.             }
875.  
876.             // If order status in the complete range create any vouchers that where in the order need to be made available.
877.             if (in_array($order_info['order_status_id'], $this->config->get('config_complete_status'))) {
878.                 // Send out any gift voucher mails
879.                 $this->load->model('checkout/voucher');
880.  
881.                 $this->model_checkout_voucher->confirm($order_id);
882.             }
883.         }
884.  
885.         $this->event->trigger('post.order.history.add', $order_id);
886.     }
887. }