cSQL($cc_number)."', ". "'".xToText($cc_holdername)."', ". "'".xEscSQL($cc_expires)."', ". "'".xEscSQL($cc_cvv)."', ". "'".(isset($_SESSION['refid'])?$_SESSION['refid']:regGetIdByLogin($customer_affiliationLogin))."',". "'{$shServiceInfo}', ". "'".xEscSQL($order_active_link)."', ". "'".(int)$currency_round."', ". "'".(int)$paymentMethodID."'". " ) "; db_query($sql); $orderID = db_insert_id( ORDERS_TABLE ); if (!CONF_ACTIVE_ORDER) stChangeOrderStatus($orderID, $statusID); $paymentMethod = payGetPaymentMethodById( $paymentMethodID ); if ( $paymentMethod ){ $currentPaymentModule = modGetModuleObj( $paymentMethod["module_id"], PAYMENT_MODULE ); // $currentPaymentModule = payGetPaymentModuleById( $paymentMethod["module_id"], $paymentModulesFiles ); }else{ $currentPaymentModule = null; } //save shopping cart content to database and update in-stock information if ( $log != null ) { cartMoveContentFromShoppingCartsToOrderedCarts( $orderID, $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $smarty_mail ); } else //quick checkout { _moveSessionCartContentToOrderedCart( $orderID ); //update in-stock information if ( $statusID != ostGetCanceledStatusId() && CONF_CHECKSTOCK ) { $q1 = db_query("select itemID, Quantity FROM ".ORDERED_CARTS_TABLE." WHERE orderID=".(int)$orderID); while ($item = db_fetch_row($q1)) { $q2 = db_query("select productID FROM ".SHOPPING_CART_ITEMS_TABLE." WHERE itemID=".(int)$item["itemID"]); $pr = db_fetch_row($q2); if ($pr) { db_query( "update ".PRODUCTS_TABLE." set in_stock = in_stock - ".(int)$item["Quantity"]. " where productID=".(int)$pr[0]); $q = db_query("select name, in_stock FROM ".PRODUCTS_TABLE." WHERE productID=".(int)$pr[0]); $productsta = db_fetch_row($q); if ( $productsta[1] == 0){ if (CONF_AUTOOFF_STOCKADMIN) db_query( "update ".PRODUCTS_TABLE." set enabled=0 where productID=".(int)$pr[0]); if (CONF_NOTIFY_STOCKADMIN){ $smarty_mail->assign( "productstaname", $productsta[0] ); $smarty_mail->assign( "productstid", $pr[0] ); $stockadmin = $smarty_mail->fetch( "notify_stockadmin.tpl.html" ); $ressta = xMailHtml(CONF_ORDERS_EMAIL,CUSTOMER_ACTIVATE_99." - ".CONF_SHOP_NAME, $stockadmin); } } } } } //now save registration form aux fields into CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG //for quick checkout orders these fields are stored separately than for registered customer (SS_customers) db_query("delete from ".CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG." where orderID=".(int)$orderID); foreach($_SESSION as $key => $val) { if (strstr($key,"additional_field_") && strlen(trim($val)) > 0) //save information into sessions { $id = (int) str_replace("additional_field_","",$key); if ($id > 0) { db_query("insert into ".CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG." (orderID, reg_field_ID, reg_field_value) values (".(int)$orderID.", ".(int)$id.", '".xToText(trim($val))."');"); } } } } if ( $currentPaymentModule != null ) $currentPaymentModule->after_processing_php( $orderID ); _sendOrderNotifycationToAdmin( $orderID, $smarty_mail, $tax ); _sendOrderNotifycationToCustomer( $orderID, $smarty_mail, $customerInfo["Email"], $log, $payment_email_comments_text, $shipping_email_comments_text, $tax, $order_active_link ); if ( $log == null ) _quickOrderUnsetSession(); unset($_SESSION["order4confirmation_post"]); return $orderID; } function _setHyphen( & $str ) { if ( trim($str) == "" || $str == null ) $str = "-"; } // ***************************************************************************** // Purpose get order by id // Inputs // Remarks // Returns function ordGetOrder( $orderID ) { $q = db_query( "select orderID, customerID, order_time, customer_ip, ". " shipping_type, payment_type, customers_comment, ". " statusID, shipping_cost, order_discount, order_amount, ". " currency_code, currency_value, customer_firstname, customer_lastname, ". " customer_email, shipping_firstname, shipping_lastname, ". " shipping_country, shipping_state, shipping_city, ". " shipping_address, billing_firstname, billing_lastname, billing_country, ". " billing_state, billing_city, billing_address, ". " cc_number, cc_holdername, cc_expires, cc_cvv, affiliateID, shippingServiceInfo, currency_round from ".ORDERS_TABLE." where orderID=".(int)$orderID); $order = db_fetch_row($q); if ( $order ) { /*_setHyphen( $order["shipping_firstname"] ); _setHyphen( $order["customer_lastname"] ); _setHyphen( $order["customer_email"] ); _setHyphen( $order["shipping_firstname"] ); _setHyphen( $order["shipping_lastname"] ); _setHyphen( $order["shipping_country"] ); _setHyphen( $order["shipping_state"] ); _setHyphen( $order["shipping_city"] ); _setHyphen( $order["shipping_address"] ); _setHyphen( $order["billing_firstname"] ); _setHyphen( $order["billing_lastname"] ); _setHyphen( $order["billing_country"] ); _setHyphen( $order["billing_state"] ); _setHyphen( $order["billing_city"] ); _setHyphen( $order["billing_address"] );*/ $order["shipping_address"] = chop($order["shipping_address"]); $order["billing_address"] = chop($order["billing_address"]); //CC data if (CONF_BACKEND_SAFEMODE) { $order["cc_number"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_holdername"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_expires"] = ADMIN_SAFEMODE_BLOCKED; $order["cc_cvv"] = ADMIN_SAFEMODE_BLOCKED; } else { if (strlen($order["cc_number"])>0) $order["cc_number"] = cryptCCNumberDeCrypt($order["cc_number"],null); if (strlen($order["cc_holdername"])>0) $order["cc_holdername"] = cryptCCHoldernameDeCrypt($order["cc_holdername"],null); if (strlen($order["cc_expires"])>0) $order["cc_expires"] = cryptCCExpiresDeCrypt($order["cc_expires"],null); if (strlen($order["cc_cvv"])>0) $order["cc_cvv"] = cryptCCNumberDeCrypt($order["cc_cvv"],null); } //additional reg fields $addregfields = GetRegFieldsValuesByOrderID( $orderID ); $order["reg_fields_values"] = $addregfields; $q_status_name = db_query( "select status_name from ".ORDER_STATUES_TABLE." where statusID=".(int)$order["statusID"] ); $status_name = db_fetch_row( $q_status_name ); $status_name = $status_name[0]; if ( $order["statusID"] == ostGetCanceledStatusId() ) $status_name = STRING_CANCELED_ORDER_STATUS; // clear cost ( without shipping, discount, tax ) $q1 = db_query( "select Price, Quantity from ".ORDERED_CARTS_TABLE." where orderID=".(int)$orderID); $clear_total_price = 0; while( $row=db_fetch_row($q1) ) $clear_total_price += $row["Price"]*$row["Quantity"]; $currency_round = $order["currency_round"]; $order["clear_total_priceToShow"] = _formatPrice(roundf($order["currency_value"]*$clear_total_price),$currency_round)." ".$order["currency_code"]; $order["order_discount_ToShow"] = _formatPrice(roundf($order["currency_value"]*$clear_total_price*((100-$order["order_discount"])/100)),$currency_round)." ".$order["currency_code"]; $order["shipping_costToShow"] = _formatPrice(roundf($order["currency_value"]*$order["shipping_cost"]),$currency_round)." ".$order["currency_code"]; $order["order_amountToShow"] = _formatPrice(roundf($order["currency_value"]*$order["order_amount"]),$currency_round)." ".$order["currency_code"]; $order["order_time_mysql"] = $order["order_time"]; $order["order_time"] = format_datetime( $order["order_time"] ); $order["status_name"] = $status_name; } return $order; } function ordGetOrderContent( $orderID ) { $q = db_query( "select name, Price, Quantity, tax, load_counter, itemID from ".ORDERED_CARTS_TABLE." where orderID=".(int)$orderID ); $q_order = db_query( "select currency_code, currency_value, customerID, order_time, currency_round from ".ORDERS_TABLE." where orderID=".(int)$orderID); $order = db_fetch_row($q_order); $currency_code = $order["currency_code"]; $currency_value = $order["currency_value"]; $currency_round = $order["currency_round"]; $data = array(); while( $row=db_fetch_row($q) ) { $productID = GetProductIdByItemId( $row["itemID"] ); $row["pr_item"] = $productID; $product = GetProduct( $productID ); if ( $product["eproduct_filename"] != null && $product["eproduct_filename"] != "" ) { if ( file_exists("core/files/".$product["eproduct_filename"]) ) { $row["eproduct_filename"] = $product["eproduct_filename"]; $row["file_size"] = (string) round(filesize("core/files/".$product["eproduct_filename"]) / 1048576, 3); if ( $order["customerID"] != null ) { $custID = $order["customerID"]; } else { $custID = -1; } $row["getFileParam"] = "orderID=".$orderID."&". "productID=".$productID."&". "customerID=".$custID; //additional security for non authorized customers if ($custID == -1) { $row["getFileParam"] .= "&order_time=".base64_encode($order["order_time"]); } $row["getFileParam"] = cryptFileParamCrypt( $row["getFileParam"], null ); $row["load_counter_remainder"] = $product["eproduct_download_times"] - $row["load_counter"]; $currentDate = dtGetParsedDateTime( get_current_time() ); $betweenDay = _getDayBetweenDate( dtGetParsedDateTime( $order["order_time"] ), $currentDate ); $row["day_count_remainder"] = $product["eproduct_available_days"] - $betweenDay; } } $row["PriceToShow"] = _formatPrice(roundf($currency_value*$row["Price"]*$row["Quantity"]),$currency_round)." ".$currency_code; $row["PriceOne"] = _formatPrice(roundf($currency_value*$row["Price"]),$currency_round)." ".$currency_code; $data[] = $row; } return $data; } // ***************************************************************************** // Purpose deletes order // Inputs // Remarks this function deletes canceled orders only // Returns function ordDeleteOrder( $orderID ) { $q = db_query( "select statusID from ".ORDERS_TABLE." where orderID=".(int)$orderID ); $row = db_fetch_row( $q ); if ( $row["statusID"] != ostGetCanceledStatusId() ) return; db_query( "delete from ".ORDERED_CARTS_TABLE." where orderID=".(int)$orderID); db_query( "delete from ".ORDERS_TABLE." where orderID=".(int)$orderID); db_query( "delete from ".ORDER_STATUS_CHANGE_LOG_TABLE." where orderID=".(int)$orderID); } function DelOrdersBySDL( $statusdel ) { $q = db_query( "select orderID from ".ORDERS_TABLE." where statusID=".(int)$statusdel ); while( $row = db_fetch_row( $q ) ) { db_query( "delete from ".ORDERED_CARTS_TABLE." where orderID=".(int)$row["orderID"] ); db_query( "delete from ".ORDERS_TABLE." where orderID=".(int)$row["orderID"] ); db_query( "delete from ".ORDER_STATUS_CHANGE_LOG_TABLE." where orderID=".(int)$row["orderID"] ); } } // ***************************************************************************** // Purpose gets summarize order info to // Inputs // Remarks // Returns function getOrderSummarize( $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $shServiceID = 0 ) { // result this function $sumOrderContent = array(); $q = db_query( "select email_comments_text from ".PAYMENT_TYPES_TABLE." where PID=".(int)$paymentMethodID ); $payment_email_comments_text = db_fetch_row( $q ); $payment_email_comments_text = $payment_email_comments_text[0]; $q = db_query( "select email_comments_text from ".SHIPPING_METHODS_TABLE." where SID=".(int)$shippingMethodID ); $shipping_email_comments_text = db_fetch_row( $q ); $shipping_email_comments_text = $shipping_email_comments_text[0]; $cartContent = cartGetCartContent(); $pred_total = oaGetClearPrice( $cartContent ); if ( isset($_SESSION["log"]) ) $log = $_SESSION["log"]; else $log = null; $d = oaGetDiscountPercent( $cartContent, $log ); $discount = $pred_total/100*$d; // ordering with registration if ( $shippingAddressID != 0 || isset($log) ) { $addresses = array($shippingAddressID, $billingAddressID); $shipping_address = regGetAddressStr($shippingAddressID); $billing_address = regGetAddressStr($billingAddressID); $shaddr = regGetAddress($shippingAddressID); $sh_firstname = $shaddr["first_name"]; $sh_lastname = $shaddr["last_name"]; } else //quick checkout { if (!isset($_SESSION["receiver_countryID"]) || !isset($_SESSION["receiver_zoneID"])) return NULL; $shippingAddress = array( "countryID" => $_SESSION["receiver_countryID"], "zoneID" => $_SESSION["receiver_zoneID"]); $billingAddress = array( "countryID" => $_SESSION["billing_countryID"], "zoneID" => $_SESSION["billing_zoneID"]); $addresses = array( $shippingAddress, $billingAddress ); $shipping_address = quickOrderGetReceiverAddressStr(); $billing_address = quickOrderGetBillingAddressStr(); $sh_firstname = $_SESSION["receiver_first_name"]; $sh_lastname = $_SESSION["receiver_last_name"]; } foreach( $cartContent["cart_content"] as $cartItem ) { // if conventional ordering if ( $shippingAddressID != 0 ) { $productID = GetProductIdByItemId( $cartItem["id"] ); $cartItem["tax"] = taxCalculateTax( $productID, $addresses[0], $addresses[1] ); } else // if quick ordering { $productID = $cartItem["id"]; $cartItem["tax"] = taxCalculateTax2( $productID, $addresses[0], $addresses[1] ); } $sumOrderContent[] = $cartItem; } $shipping_method = shGetShippingMethodById( $shippingMethodID ); if ( !$shipping_method ) $shipping_name = "-"; else $shipping_name = $shipping_method["Name"]; $payment_method = payGetPaymentMethodById($paymentMethodID); if ( !$payment_method ) $payment_name = "-"; else $payment_name = $payment_method["Name"]; //do not calculate tax for this payment type! if (isset($payment_method["calculate_tax"]) && (int)$payment_method["calculate_tax"]==0) { foreach( $sumOrderContent as $key => $val ) { $sumOrderContent[ $key ] ["tax"] = 0; } $orderDetails = array ( "first_name" => $sh_firstname, "last_name" => $sh_lastname, "email" => "", "order_amount" => oaGetOrderAmountExShippingRate( $cartContent, $addresses, $log, FALSE, $shServiceID ) ); $tax = 0; $total = oaGetOrderAmount( $cartContent, $addresses, $shippingMethodID, $log, $orderDetails, FALSE, $shServiceID ); $shipping_cost = oaGetShippingCostTakingIntoTax( $cartContent, $shippingMethodID, $addresses, $orderDetails, FALSE, $shServiceID ); } else { $orderDetails = array ( "first_name" => $sh_firstname, "last_name" => $sh_lastname, "email" => "", "order_amount" => oaGetOrderAmountExShippingRate( $cartContent, $addresses, $log, FALSE ) ); $tax = oaGetProductTax( $cartContent, $d, $addresses ); $total = oaGetOrderAmount( $cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID ); $shipping_cost = oaGetShippingCostTakingIntoTax( $cartContent, $shippingMethodID, $addresses, $orderDetails, TRUE, $shServiceID ); } $tServiceInfo = null; if(is_array($shipping_cost)){ $_T = array_shift($shipping_cost); $tServiceInfo = $_T['name']; $shipping_cost = $_T['rate']; } $payment_form_html = ""; $paymentModule = modGetModuleObj($payment_method["module_id"], PAYMENT_MODULE); if($paymentModule){ $order = array(); $address = array(); if ( $shippingAddressID != 0 ){ $payment_form_html = $paymentModule->payment_form_html(array('BillingAddressID'=>$billingAddressID)); }else{ $payment_form_html = $paymentModule->payment_form_html(array( 'countryID' => $_SESSION['billing_countryID'], 'zoneID' => $_SESSION['billing_zoneID'], 'first_name' => $_SESSION["billing_first_name"], 'last_name' => $_SESSION["billing_last_name"], 'city' => $_SESSION["billing_city"], 'address' => $_SESSION["billing_address"], )); } } return array( "sumOrderContent" => $sumOrderContent, "discount" => $discount, "discount_percent" => $d, "discount_show" => show_price($discount), "pred_total_disc" => show_price(($pred_total*((100-$d)/100))), "pred_total" => show_price($pred_total), "totalTax" => show_price($tax), "totalTaxUC" => $tax, "shipping_address" => $shipping_address, "billing_address" => $billing_address, "shipping_name" => $shipping_name, "payment_name" => $payment_name, "shipping_cost" => show_price($shipping_cost), "shipping_costUC" => $shipping_cost, "payment_form_html" => $payment_form_html, "total" => show_price($total), "totalUC" => $total, "payment_email_comments_text" => $payment_email_comments_text, "shipping_email_comments_text" => $shipping_email_comments_text, "orderContentCartProductsCount" => count($sumOrderContent), "shippingServiceInfo" => $tServiceInfo); } function mycal_days_in_month( $calendar, $month, $year ) { $month = (int)$month; $year = (int)$year; if ( 1 > $month || $month > 12 ) return 0; if ( $month==1 || $month==3 || $month==5 || $month==7 || $month==8 || $month==10 || $month==12 ) return 31; else { if ( $month==2 && $year % 4 == 0 ) return 29; else if ( $month==2 && $year % 4 != 0 ) return 28; else return 30; } } function _getCountDay( $date ) { $countDay = 0; for( $year=1900; $year<$date["year"]; $year++ ) { for( $month=1; $month <= 12; $month++ ) $countDay += mycal_days_in_month(CAL_GREGORIAN, $month, $year); } for( $month=1; $month < $date["month"]; $month++ ) $countDay += mycal_days_in_month(CAL_GREGORIAN, $month, $date["year"]); $countDay += $date["day"]; return $countDay; } // ***************************************************************************** // Purpose gets address string // Inputs $date array of item // "day" // "month" // "year" // $date2 must be more later $date1 // Remarks // Returns function _getDayBetweenDate( $date1, $date2 ) { if ( $date1["year"] > $date2["year"] ) return -1; if ( $date1["year"]==$date2["year"] && $date1["month"]>$date2["month"] ) return -1; if ( $date1["year"]==$date2["year"] && $date1["month"]==$date2["month"] && $date1["day"] > $date2["day"] ) return -1; return _getCountDay( $date2 ) - _getCountDay( $date1 ); } // ***************************************************************************** // Purpose // Inputs // Remarks // Returns // -1 access denied // 0 success, access granted and load_counter has been incremented // 1 access granted but count downloading is exceeded eproduct_download_times in PRODUCTS_TABLE // 2 access granted but available days are exhausted to download product // 3 it is not downloadable product // 4 order is not ready function ordAccessToLoadFile( $orderID, $productID, & $pathToProductFile, & $productFileShortName ) { $order = ordGetOrder($orderID); $product = GetProduct( $productID ); if ( strlen($product["eproduct_filename"]) == 0 || !file_exists("core/files/".$product["eproduct_filename"]) || $product["eproduct_filename"] == null ) { return 4; } if ( (int)$order["statusID"] != (int)ostGetCompletedOrderStatus() ) return 3; $orderContent = ordGetOrderContent( $orderID ); foreach( $orderContent as $item ) { if ( GetProductIdByItemId($item["itemID"]) == $productID ) { if ( $item["load_counter"] < $product["eproduct_download_times"] || $product["eproduct_download_times"] == 0 ) { $date1 = dtGetParsedDateTime( $order["order_time_mysql"] ); //$order["order_time"] $date2 = dtGetParsedDateTime( get_current_time() ); $countDay = _getDayBetweenDate( $date1, $date2 ); if ( $countDay>=$product["eproduct_available_days"] ) return 2; if ( $product["eproduct_download_times"] != 0 ) { db_query( "update ".ORDERED_CARTS_TABLE. " set load_counter=load_counter+1 ". " where itemID=".(int)$item["itemID"]." AND orderID=".(int)$orderID ); } $pathToProductFile = "core/files/".$product["eproduct_filename"]; $productFileShortName = $product["eproduct_filename"]; return 0; } else return 1; } } return -1; } ?>