cSQL($cc_number)."', ". "'".xToText($cc_holdername)."', ". "'".xEscSQL($cc_expires)."', ". "'".xEscSQL($cc_cvv)."', ". "'".(isset($_SESSION['refid'])?$_SESSION['refid']:regGetIdByLogin($customer_affiliationLogin))."',". "'{$shServiceInfo}', ". "'".xEscSQL($order_active_link)."', ". "'".(int)$currency_round."', ". "'".(int)$paymentMethodID."'". " ) "; db_query($sql); $orderID = db_insert_id( ORDERS_TABLE ); if (!CONF_ACTIVE_ORDER) stChangeOrderStatus($orderID, $statusID); $paymentMethod = payGetPaymentMethodById( $paymentMethodID ); if ( $paymentMethod ){ $currentPaymentModule = modGetModuleObj( $paymentMethod["module_id"], PAYMENT_MODULE ); // $currentPaymentModule = payGetPaymentModuleById( $paymentMethod["module_id"], $paymentModulesFiles ); }else{ $currentPaymentModule = null; } //save shopping cart content to database and update in-stock information if ( $log != null ) { cartMoveContentFromShoppingCartsToOrderedCarts( $orderID, $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $smarty_mail ); } else //quick checkout { _moveSessionCartContentToOrderedCart( $orderID ); //update in-stock information if ( $statusID != ostGetCanceledStatusId() && CONF_CHECKSTOCK ) { $q1 = db_query("select itemID, Quantity FROM ".ORDERED_CARTS_TABLE." WHERE orderID=".(int)$orderID); while ($item = db_fetch_row($q1)) { $q2 = db_query("select productID FROM ".SHOPPING_CART_ITEMS_TABLE." WHERE itemID=".(int)$item["itemID"]); $pr = db_fetch_row($q2); if ($pr) { db_query( "update ".PRODUCTS_TABLE." set in_stock = in_stock - ".(int)$item["Quantity"]. " where productID=".(int)$pr[0]); $q = db_query("select name, in_stock FROM ".PRODUCTS_TABLE." WHERE productID=".(int)$pr[0]); $productsta = db_fetch_row($q); if ( $productsta[1] == 0){ if (CONF_AUTOOFF_STOCKADMIN) db_query( "update ".PRODUCTS_TABLE." set enabled=0 where productID=".(int)$pr[0]); if (CONF_NOTIFY_STOCKADMIN){ $smarty_mail->assign( "productstaname", $productsta[0] ); $smarty_mail->assign( "productstid", $pr[0] ); $stockadmin = $smarty_mail->fetch( "notify_stockadmin.tpl.html" ); $ressta = xMailHtml(CONF_ORDERS_EMAIL,CUSTOMER_ACTIVATE_99." - ".CONF_SHOP_NAME, $stockadmin); } } } } } //now save registration form aux fields into CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG //for quick checkout orders these fields are stored separately than for registered customer (SS_customers) db_query("delete from ".CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG." where orderID=".(int)$orderID); foreach($_SESSION as $key => $val) { if (strstr($key,"additional_field_") && strlen(trim($val)) > 0) //save information into sessions { $id = (int) str_replace("additional_field_","",$key); if ($id > 0) { db_query("insert into ".CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG." (orderID, reg_field_ID, reg_field_value) values (".(int)$orderID.", ".(int)$id.", '".xToText(trim($val))."');"); } } } } if ( $currentPaymentModule != null ) $currentPaymentModule->after_processing_php( $orderID ); _sendOrderNotifycationToAdmin( $orderID, $smarty_mail, $tax ); _sendOrderNotifycationToCustomer( $orderID, $smarty_mail, $customerInfo["Email"], $log, $payment_email_comments_text, $shipping_email_comments_text, $tax, $order_active_link ); if ( $log == null ) _quickOrderUnsetSession(); unset($_SESSION["order4confirmation_post"]); return $orderID; } function _setHyphen( & $str ) { if ( trim($str) == "" || $str == null ) $str = "-"; } // ***************************************************************************** // Purpose get order by id // Inputs // Remarks // Returns function ordGetOrder( $orderID ) { $q = db_query( "select orderID, customerID, order_time, customer_ip, ". " shipping_type, payment_type, customers_comment, ". " statusID, shipping_cost, order_discount, order_amount, ". " currency_code, currency_value, customer_firstname, customer_lastname, ". " customer_email, shipping_firstname, shipping_lastname, ". " shipping_country, shipping_state, shipping_city, ". " shipping_address, billing_firstname, billing_lastname, billing_country, ". " billing_state, billing_city, billing_address, ". " cc_number, cc_holdername, cc_expires, cc_cvv, affiliateID, shippingServiceInfo, currency_round from ".ORDERS_TABLE." where orderID=".(int)$orderID); $order = db_fetch_row($q); if ( $order ) { /*_setHyphen( $order["shipping_firstname"] ); _setHyphen( $order["customer_lastname"] ); _setHyphen( $order["customer_email"] ); _setHyphen( $order["shipping_firstname"] ); _setHyphen( $order["shipping_lastname"] ); _setHyphen( $order["shipping_country"] ); _setHyphen( $order["shipping_state"] ); _setHyphen( $order["shipping_city"] ); _setHyphen( $order["shipping_address"] ); _setHyphen( $order["billing_firstname"] ); _setHyphen( $order["billing_lastname"] ); _setHyphen( $order["billing_country"] ); _setHyphen( $order["billing_state"] ); _setHyphen( $order["billing_city"] ); _setHyphen( $order["billing_address"] );*/ $order["shipping_address"] = chop($order["shipping_address"]); $order["billing_address"] = chop($order["billing_address"]); //CC data if (CONF_BACKEND_SAFEMODE) { $order["cc_number"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_holdername"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_expires"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_cvv"] = ADMIN_SAFEMODE_BLOCKED; } else { if (strlen($order["cc_number"])>0) $order["cc_number"] = cryptCCNumberDeCrypt($order["cc_number"],null); if (strlen($order["cc_holdername"])>0) $order["cc_holdername"] = cryptCCHoldernameDeCrypt($order["cc_holdername"],null); if (strlen($order["cc_expires"])>0) $order["cc_expires"] = cryp