/administrator/components/com_virtuemart/classes/ps_order.php
PHP | 917 lines | 618 code | 130 blank | 169 comment | 112 complexity | ee588f254b70c27d0ec1db9509cfdebe MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1
- <?php
- if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );
- /**
- *
- * @version $Id: ps_order.php 1475 2008-07-16 17:35:35Z soeren_nb $
- * @package VirtueMart
- * @subpackage classes
- * @copyright Copyright (C) 2004-2008 soeren - All rights reserved.
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
- * VirtueMart is free software. This version may have been modified pursuant
- * to the GNU General Public License, and as distributed it includes or
- * is derivative of works licensed under the GNU General Public License or
- * other free or open source software licenses.
- * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
- *
- * http://virtuemart.net
- */
- require_once(CLASSPATH.'ps_user.php');
- require_once(CLASSPATH.'ps_userfield.php');
- require_once(CLASSPATH.'ps_checkout.php');
- require_once(CLASSPATH.'ps_order_status.php');
- require_once(CLASSPATH.'ps_order_booking.php');
- /**
- * The class handles orders from an adminstrative perspective. Order
- * processing is handled in the ps_checkout class.
- */
- class ps_order {
- /**
- * Changes the status of an order
- * @author pablo
- * @author soeren
- * @author Uli
- *
- *
- * @param array $d
- * @return boolean
- */
- function order_status_update(&$d) {
- global $mosConfig_offset, $ps_booking;
-
- $db = new ps_DB;
- $timestamp = time() + ($mosConfig_offset*60*60);
- $mysqlDatetime = date("Y-m-d G:i:s",$timestamp);
-
- if( empty($_REQUEST['include_comment'])) {
- $include_comment="N";
- }
- // get the current order status
- $curr_order_status = @$d["current_order_status"];
- $notify_customer = empty($d['notify_customer']) ? "N" : $d['notify_customer'];
- if( $notify_customer=="Y" ) {
- $notify_customer=1;
- }
- else {
- $notify_customer=0;
- }
- $d['order_comment'] = empty($d['order_comment']) ? "" : $d['order_comment'];
- if( empty($d['order_item_id']) ) {
- // When the order is set to "confirmed", we can capture
- // the Payment with authorize.net
- if( $curr_order_status=="P" && $d["order_status"]=="C") {
- $q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
- $q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
- $db->query( $q );
- $db->next_record();
- $payment_class = $db->f("payment_class");
- if( $payment_class=="ps_authorize" ) {
- require_once( CLASSPATH."payment/ps_authorize.cfg.php");
- if( AN_TYPE == 'AUTH_ONLY' ) {
- require_once( CLASSPATH."payment/ps_authorize.php");
- $authorize = new ps_authorize();
- $d["order_number"] = $db->f("order_number");
- if( !$authorize->capture_payment( $d )) {
- return false;
- }
- }
- }
- }
- /*
- * This is like the test above for delayed capture only
- * we (well, I - durian) don't think the credit card
- * should be captured until the item(s) are shipped.
- * In fact, VeriSign says not to capture the cards until
- * the item ships. Maybe this behavior should be a
- * configurable item?
- *
- * When the order changes from Confirmed or Pending to
- * Shipped, perform the delayed capture.
- *
- * Restricted to PayFlow Pro for now.
- */
- if( ($curr_order_status=="P" || $curr_order_status=="C") && $d["order_status"]=="S") {
- $q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
- $q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
- $db->query( $q );
- $db->next_record();
- $payment_class = $db->f("payment_class");
- if( $payment_class=="ps_pfp" ) {
- require_once( CLASSPATH."payment/ps_pfp.cfg.php");
- if( PFP_TYPE == 'A' ) {
- require_once( CLASSPATH."payment/ps_pfp.php");
- $pfp = new ps_pfp();
- $d["order_number"] = $db->f("order_number");
- if( !$pfp->capture_payment( $d )) {
- return false;
- }
- }
- }
- }
-
- /*
- * If a pending order gets cancelled, void the authorization.
- *
- * It might work on captured cards too, if we want to
- * void shipped orders.
- *
- * Restricted to PayFlow Pro for now.
- */
- if( $curr_order_status=="P" && $d["order_status"]=="X") {
- $q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
- $q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
- $q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
- $db->query( $q );
- $db->next_record();
- $payment_class = $db->f("payment_class");
- if( $payment_class=="ps_pfp" ) {
- require_once( CLASSPATH."payment/ps_pfp.cfg.php");
- if( PFP_TYPE == 'A' ) {
- require_once( CLASSPATH."payment/ps_pfp.php");
- $pfp = new ps_pfp();
- $d["order_number"] = $db->f("order_number");
- if( !$pfp->void_authorization( $d )) {
- return false;
- }
- }
- }
- }
-
- $fields =array( 'order_status'=> $d["order_status"], 'mdate'=> $timestamp );
-
- $db->buildQuery('UPDATE', '#__{vm}_orders', $fields, "WHERE order_id='" . $db->getEscaped($d["order_id"]) . "'");
- $db->query();
-
- if($my->id == 62) echo $db->_database->_sql;
-
- /**
- * VirtueBook: Load the booking data so that we can serialize it with the history
- */
- $ps_booking->loadBookingData($d["order_id"]);
-
- // Update the Order History.
- $fields = array( 'order_id' => $d["order_id"],
- 'order_status_code' => $d["order_status"],
- 'date_added' => $mysqlDatetime,
- 'customer_notified' => $notify_customer,
- 'comments' => $d['order_comment'],
- 'booking_serialized' => serialize($ps_booking)
- );
- $db->buildQuery('INSERT', '#__{vm}_order_history', $fields );
- $db->query();
-
- // Do we need to re-update the Stock Level?
- if( (strtoupper($d["order_status"]) == "X" || strtoupper($d["order_status"])=="R")
- // && CHECK_STOCK == '1'
- && $curr_order_status != $d["order_status"]
- ) {
- // Get the order items and update the stock level
- // to the number before the order was placed
- $q = "SELECT product_id, product_quantity FROM #__{vm}_order_item WHERE order_id='".$db->getEscaped($d["order_id"])."'";
- $db->query( $q );
- $dbu = new ps_DB;
- // Now update each ordered product
- while( $db->next_record() ) {
- $q = "UPDATE #__{vm}_product
- SET product_in_stock=product_in_stock+".$db->f("product_quantity").",
- product_sales=product_sales-".$db->f("product_quantity")."
- WHERE product_id='".$db->f("product_id")."'";
- $dbu->query( $q );
- }
- }
- // Update the Order Items' status
- $q = "SELECT order_item_id FROM #__{vm}_order_item WHERE order_id=".$db->getEscaped($d['order_id']);
- $db->query($q);
- $dbu = new ps_DB;
- while ($db->next_record()) {
- $item_id = $db->f("order_item_id");
- $fields =array( 'order_status'=> $d["order_status"],
- 'mdate'=> $timestamp );
- $dbu->buildQuery('UPDATE', '#__{vm}_order_item', $fields, "WHERE order_item_id='" .(int)$item_id . "'");
- $dbu->query();
- }
-
- if (ENABLE_DOWNLOADS == '1') {
- ##################
- ## DOWNLOAD MOD
- $this->mail_download_id( $d );
- }
-
- if( !empty($notify_customer) ) {
- $this->notify_customer( $d );
- }
- } elseif( !empty($d['order_item_id'])) {
- $fields =array( 'order_status'=> $d["order_status"],
- 'mdate'=> $timestamp );
- $db->buildQuery('UPDATE', '#__{vm}_order_item', $fields, 'WHERE order_item_id='.intval( $d['order_item_id'] ));
- return $db->query() !== false;
- }
- return true;
- }
- /**
- * mails the Download-ID to the customer
- * or deletes the Download-ID from the product_downloads table
- *
- * @param array $d
- * @return boolean
- */
- function mail_download_id( &$d ){
- global $sess, $VM_LANG, $vmLogger;
- $url = URL."index.php?option=com_virtuemart&page=shop.downloads&Itemid=".$sess->getShopItemid();
-
- $db = new ps_DB();
- $db->query( 'SELECT order_status FROM #__{vm}_orders WHERE order_id='.(int)$d['order_id'] );
- $db->next_record();
-
- if ($db->f("order_status")==ENABLE_DOWNLOAD_STATUS) {
- $dbw = new ps_DB;
-
- $q = "SELECT order_id,user_id,download_id,file_name FROM #__{vm}_product_download WHERE";
- $q .= " order_id = '" . (int)$d["order_id"] . "'";
- $dbw->query($q);
- $dbw->next_record();
- $userid = $dbw->f("user_id");
- $download_id = $dbw->f("download_id");
- $datei=$dbw->f("file_name");
- $dbw->reset();
- if ($download_id) {
- $dbv = new ps_DB;
- $q = "SELECT * FROM #__{vm}_vendor WHERE vendor_id='1'";
- $dbv->query($q);
- $dbv->next_record();
- $db = new ps_DB;
- $q="SELECT first_name,last_name, user_email FROM #__{vm}_user_info WHERE user_id = '$userid' AND address_type='BT'";
- $db->query($q);
- $db->next_record();
- $message = $VM_LANG->_('HI',false) .' '. $db->f("first_name") .($db->f("middle_name")?' '.$db->f("middle_name") : '' ). ' ' . $db->f("last_name") . ",\n\n";
- $message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_1',false).".\n";
- $message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_2',false)."\n\n";
- while($dbw->next_record()) {
- $message .= $dbw->f("file_name").": ".$dbw->f("download_id")
- . "\n$url&download_id=".$dbw->f("download_id")."\n\n";
- }
- $message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_3',false) . DOWNLOAD_MAX."\n";
- $expire = ((DOWNLOAD_EXPIRE / 60) / 60) / 24;
- $message .= str_replace("{expire}", $expire, $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_4',false));
- $message .= "\n\n____________________________________________________________\n";
- $message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_5',false)."\n";
- $message .= $dbv->f("vendor_name") . " \n" . URL."\n\n".$dbv->f("contact_email") . "\n";
- $message .= "____________________________________________________________\n";
- $message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_6',false) . $dbv->f("vendor_name");
- $mail_Body = $message;
- $mail_Subject = $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_SUBJ',false);
- $result = vmMail( $dbv->f("contact_email"), $dbv->f("vendor_name"),
- $db->f("user_email"), $mail_Subject, $mail_Body, '' );
- if ($result) {
- $vmLogger->info( $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG',false). " ". $db->f("first_name") . " " . $db->f("last_name") . " ".$db->f("user_email") );
- }
- else {
- $vmLogger->warning( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_SEND',false)." ". $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email") );
- }
- }
- }
- elseif ($d["order_status"]==DISABLE_DOWNLOAD_STATUS) {
- $q = "DELETE FROM #__{vm}_product_download WHERE order_id=" . (int)$d["order_id"];
- $db->query($q);
- $db->next_record();
- }
- return true;
- }
- /**
- * notifies the customer that the Order Status has been changed
- *
- * @param array $d
- */
- function notify_customer( &$d ){
- global $sess, $VM_LANG, $vmLogger;
- $url = SECUREURL."index.php?option=com_virtuemart&page=account.order_details&order_id=".urlencode($d["order_id"]).'&Itemid='.$sess->getShopItemid();
- $db = new ps_DB;
- $dbv = new ps_DB;
- $q = "SELECT vendor_name,contact_email FROM #__{vm}_vendor ";
- $q .= "WHERE vendor_id='".$_SESSION['ps_vendor_id']."'";
- $dbv->query($q);
- $dbv->next_record();
- $q = "SELECT first_name,last_name,user_email,order_status_name FROM #__{vm}_order_user_info,#__{vm}_orders,#__{vm}_order_status ";
- $q .= "WHERE #__{vm}_orders.order_id = '".$db->getEscaped($d["order_id"])."' ";
- $q .= "AND #__{vm}_orders.user_id = #__{vm}_order_user_info.user_id ";
- $q .= "AND #__{vm}_orders.order_id = #__{vm}_order_user_info.order_id ";
- $q .= "AND order_status = order_status_code ";
- $db->query($q);
- $db->next_record();
- // MAIL BODY
- $message = $VM_LANG->_('HI',false) .' '. $db->f("first_name") . ($db->f("middle_name")?' '.$db->f("middle_name") : '' ). ' ' . $db->f("last_name") . ",\n\n";
- $message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_1',false)."\n\n";
- if( !empty($d['include_comment']) && !empty($d['order_comment']) ) {
- $message .= $VM_LANG->_('PHPSHOP_ORDER_HISTORY_COMMENT_EMAIL',false).":\n";
- $message .= $d['order_comment'];
- $message .= "\n____________________________________________________________\n\n";
- }
- $message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_2',false)."\n";
- $message .= "____________________________________________________________\n\n";
- $message .= $db->f("order_status_name");
- if( VM_REGISTRATION_TYPE != 'NO_REGISTRATION' ) {
- $message .= "\n____________________________________________________________\n\n";
- $message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_3',false)."\n";
- $message .= $url;
- }
- $message .= "\n\n____________________________________________________________\n";
- $message .= $dbv->f("vendor_name") . " \n";
- $message .= URL."\n";
- $message .= $dbv->f("contact_email");
- $message = str_replace( "{order_id}", $d["order_id"], $message );
- $mail_Body = html_entity_decode($message);
- $mail_Subject = str_replace( "{order_id}", $d["order_id"], $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_SUBJ',false));
-
-
- $result = vmMail( $dbv->f("contact_email"), $dbv->f("vendor_name"),
- $db->f("user_email"), $mail_Subject, $mail_Body, '' );
-
- /* Send the email */
- if ($result) {
- $vmLogger->info( $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG',false). " ". $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email") );
- }
- else {
- $vmLogger->warning( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_SEND',false).' '. $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email")." (". $result->ErrorInfo.")" );
- }
- }
- /**
- * This function inserts the DOWNLOAD IDs for all files associated with this product
- * so the customer can later download the purchased files
- * @static
- * @since 1.1.0
- * @param int $product_id
- * @param int $order_id
- * @param int $user_id
- */
- function insert_downloads_for_product( &$d ) {
- $db = new ps_DB();
- $dbd = new ps_DB();
- if( empty( $d['product_id'] ) || empty( $d['order_id'] )) {
- return false;
- }
-
- $dl = "SELECT attribute_name,attribute_value ";
- $dl .= "FROM #__{vm}_product_attribute WHERE product_id='".$d['product_id']."'";
- $dl .= " AND attribute_name='download'";
- $db->query($dl);
- $dlnum = 0;
- while($db->next_record()) {
- $str = (int)$d['order_id'];
- $str .= $d['product_id'];
- $str .= uniqid('download_');
- $str .= $dlnum++;
- $str .= time();
- $download_id = md5($str);
- $fields = array('product_id' => $d['product_id'],
- 'user_id' => (int)$d['user_id'],
- 'order_id' => (int)$d['order_id'],
- 'end_date' => '0',
- 'download_max' => DOWNLOAD_MAX,
- 'download_id' => $download_id,
- 'file_name' => $db->f("attribute_value")
- );
- $dbd->buildQuery('INSERT', '#__{vm}_product_download', $fields );
- $dbd->query();
- }
- }
- /**
- * Handles a download Request
- *
- * @param array $d
- * @return boolean
- */
- function download_request(&$d) {
- global $download_id, $VM_LANG, $vmLogger;
- $db = new ps_DB;
- $download_id = $db->getEscaped( vmGet( $d, "download_id" ) );
- $q = "SELECT * FROM #__{vm}_product_download WHERE";
- $q .= " download_id = '$download_id'";
- $db->query($q);
- $db->next_record();
- $download_id = $db->f("download_id");
- $file_name = $db->f("file_name");
- if( strncmp($file_name, 'http', 4 ) !== 0) {
- $datei = DOWNLOADROOT . $file_name;
- } else {
- $datei = $file_name;
- }
- $download_max = $db->f("download_max");
- $end_date = $db->f("end_date");
- $zeit=time();
- if (!$download_id) {
- $vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_INV',false) );
- return false;
- //vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
- }
- elseif ($download_max=="0") {
- $q ="DELETE FROM #__{vm}_product_download";
- $q .=" WHERE download_id = '" . $download_id . "'";
- $db->query($q);
- $db->next_record();
- $vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_MAX',false) );
- return false;
- //vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
- }
- elseif ($end_date!="0" && $zeit > $end_date) {
- $q ="DELETE FROM #__{vm}_product_download";
- $q .=" WHERE download_id = '" . $download_id . "'";
- $db->query($q);
- $db->next_record();
- $vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_EXP',false) );
- return false;
- //vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
- }
- require_once(CLASSPATH.'connectionTools.class.php');
-
- $download_count = true;
-
- if ( @file_exists( $datei ) ){
- // Check if this is a request for a special range of the file (=Resume Download)
- $range_request = vmConnector::http_rangeRequest( filesize($datei), false );
- if( $range_request[0] == 0 ) {
- // this is not a request to resume a download,
- $download_count = true;
- } else {
- $download_count = false;
- }
- } else {
- $download_count = false;
- }
- // Parameter to check if the file should be removed after download, which is only true,
- // if we have a remote file, which was transferred to this server into a temporary file
- $unlink = false;
-
- if( strncmp($datei, 'http', 4 ) === 0) {
- require_once( CLASSPATH.'ps_product_files.php');
- $datei_local = ps_product_files::getRemoteFile($datei);
- if( $datei_local !== false ) {
- $datei = $datei_local;
- $unlink = true;
- } else {
- $vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND',false) );
- return false;
- }
- }
- else {
- // Check, if file path is correct
- // and file is
- if ( !@file_exists( $datei ) ){
- $vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND',false) );
- return false;
- //vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
- }
- if ( !@is_readable( $datei ) ) {
- $vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTREADABLE',false) );
- return false;
- //vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
- }
- }
- if( $download_count ) {
- // decrement the download_max to limit the number of downloads
- $q ="UPDATE `#__{vm}_product_download` SET";
- $q .=" `download_max`=`download_max` - 1";
- $q .=" WHERE download_id = '" .$download_id. "'";
- $db->query($q);
- $db->next_record();
- }
- if ($end_date=="0") {
- // Set the Download Expiry Date, so the download can expire after DOWNLOAD_EXPIRE seconds
- $end_date=time('u') + DOWNLOAD_EXPIRE;
- $q ="UPDATE #__{vm}_product_download SET";
- $q .=" end_date=$end_date";
- $q .=" WHERE download_id = '" . $download_id . "'";
- $db->query($q);
- $db->next_record();
- }
-
- if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
- $UserBrowser = "Opera";
- }
- elseif (ereg('MSIE ([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
- $UserBrowser = "IE";
- } else {
- $UserBrowser = '';
- }
- $mime_type = ($UserBrowser == 'IE' || $UserBrowser == 'Opera') ? 'application/octetstream' : 'application/octet-stream';
- // dump anything in the buffer
- while( @ob_end_clean() );
- vmConnector::sendFile( $datei, $mime_type, basename($file_name) );
-
- if( $unlink ) {
- // remove the temporarily downloaded remote file
- @unlink( $datei );
- }
- $GLOBALS['vm_mainframe']->close(true);
-
- }
- /**
- * Shows the list of the orders of a user in the account mainenance section
- *
- * @param string $order_status Filter by order status (A=all, C=confirmed, P=pending,...)
- * @param int $secure Restrict the order list to a specific user id (=1) or not (=0)?
- */
- function list_order($order_status='A', $secure=0 ) {
- global $VM_LANG, $CURRENCY_DISPLAY, $sess, $limit, $limitstart, $keyword, $mm_action_url;
- $ps_vendor_id = $_SESSION["ps_vendor_id"];
- $auth = $_SESSION['auth'];
- require_once( CLASSPATH .'ps_order_status.php');
- require_once( CLASSPATH .'htmlTools.class.php');
- require_once( CLASSPATH .'pageNavigation.class.php');
- $db = new ps_DB;
- $dbs = new ps_DB;
-
- $listfields = 'cdate,order_total,order_status,order_id,order_currency';
- $countfields = 'count(*) as num_rows';
- $count = "SELECT $countfields FROM #__{vm}_orders ";
- $list = "SELECT $listfields FROM #__{vm}_orders ";
- $q = "WHERE vendor_id='$ps_vendor_id' ";
- if ($order_status != "A") {
- $q .= "AND order_status='$order_status' ";
- }
- if ($secure) {
- $q .= "AND user_id='" . $auth["user_id"] . "' ";
- }
- if( !empty( $keyword )) {
- $q .= "AND (order_id LIKE '%".$keyword."%' ";
- $q .= "OR order_number LIKE '%".$keyword."%' ";
- $q .= "OR order_total LIKE '%".$keyword."%') ";
- }
- $q .= "ORDER BY cdate DESC";
- $count .= $q;
- $db->query($count);
- $db->next_record();
- $num_rows = $db->f('num_rows');
- if( $num_rows == 0 ) {
- echo "<span style=\"font-style:italic;\">".$VM_LANG->_('PHPSHOP_ACC_NO_ORDERS')."</span>\n";
- return;
- }
- $pageNav = new vmPageNav( $num_rows, $limitstart, $limit );
- $list .= $q .= " LIMIT ".$pageNav->limitstart.", $limit ";
- $db->query( $list );
- $listObj = new listFactory( $pageNav );
- if( $num_rows > 0 ) {
- // print out the search field and a list heading
- $listObj->writeSearchHeader( '', '', 'account', 'index');
- }
- // start the list table
- $listObj->startTable();
- $listObj->writeTableHeader( 3 );
- while ($db->next_record()) {
- $order_status = ps_order_status::getOrderStatusName($db->f("order_status"));
- $listObj->newRow();
- $tmp_cell = "<a href=\"". $sess->url( $mm_action_url."index.php?page=account.order_details&order_id=".$db->f("order_id") )."\">\n";
- $tmp_cell .= "<img src=\"".IMAGEURL."ps_image/goto.png\" height=\"32\" width=\"32\" align=\"middle\" border=\"0\" alt=\"".$VM_LANG->_('PHPSHOP_ORDER_LINK')."\" /> ".$VM_LANG->_('PHPSHOP_VIEW')."</a><br />";
- $listObj->addCell( $tmp_cell );
- $tmp_cell = "<strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_DATE').":</strong> " . strftime("%d. %B %Y", $db->f("cdate"));
- $tmp_cell .= "<br /><strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_TOTAL').":</strong> " . $CURRENCY_DISPLAY->getFullValue($db->f("order_total"), '', $db->f('order_currency'));
- $listObj->addCell( $tmp_cell );
- $tmp_cell = "<strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_STATUS').":</strong> ".$order_status;
- $tmp_cell .= "<br /><strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').":</strong> " . sprintf("%08d", $db->f("order_id"));
- $listObj->addCell( $tmp_cell );
- }
- $listObj->writeTable();
- $listObj->endTable();
- if( $num_rows > 0 ) {
- $listObj->writeFooter( $keyword, '&Itemid='.$sess->getShopItemid() );
- }
- }
- /**
- * Validate form values prior to delete
- *
- * @param int $order_id
- * @return boolean
- */
- function validate_delete($order_id) {
- global $VM_LANG;
-
- $db = new ps_DB;
- if(empty( $order_id )) {
- $GLOBALS['vmLogger']->err($VM_LANG->_('VM_ORDER_DELETE_ERR_ID'));
- return False;
- }
-
- // Get the order items and update the stock level
- // to the number before the order was placed
- $q = "SELECT product_id, product_quantity FROM #__{vm}_order_item WHERE order_id='".$db->getEscaped($order_id)."'";
- $db->query( $q );
- $dbu = new ps_DB;
- // Now update each ordered product
- while( $db->next_record() ) {
- $q = "UPDATE #__{vm}_product SET product_in_stock=product_in_stock+".$db->f("product_quantity")
- .",product_sales=product_sales-".$db->f("product_quantity")." WHERE product_id='".$db->f("product_id")."'";
- $dbu->query( $q );
- }
- return True;
- }
- /**
- * Controller for Deleting Records.
- */
- function delete(&$d) {
- $record_id = $d["order_id"];
- if( is_array( $record_id)) {
- foreach( $record_id as $record) {
- if( !$this->delete_record( $record, $d ))
- return false;
- }
- return true;
- }
- else {
- return $this->delete_record( $record_id, $d );
- }
- }
- /**
- * Deletes one Record.
- */
- function delete_record( $record_id, &$d ) {
- global $db;
- $record_id = intval( $record_id );
- if ($this->validate_delete($record_id)) {
- $q = "DELETE from #__{vm}_orders where order_id='$record_id'";
- $db->query($q);
- $q = "DELETE from #__{vm}_order_item where order_id='$record_id'";
- $db->query($q);
- $q = "DELETE from #__{vm}_order_payment where order_id='$record_id'";
- $db->query($q);
- $q = "DELETE from #__{vm}_product_download where order_id='$record_id'";
- $db->query($q);
-
- $q = "DELETE from #__{vm}_order_history where order_id='$record_id'";
- $db->query($q);
-
- $q = "DELETE from #__{vm}_order_user_info where order_id='$record_id'";
- $db->query($q);
-
- $q = "DELETE FROM #__{vm}_shipping_label where order_id=$record_id";
- $db->query($q);
- return True;
- }
- else {
- return False;
- }
- }
- /**
- * Creates the order navigation on the order print page
- *
- * @param int $order_id
- * @return boolean
- */
- function order_print_navigation( $order_id=1 ) {
- global $sess, $modulename, $VM_LANG, $my;
-
- $navi_db =& new ps_DB;
- return;
- $navigation = "<div align=\"center\">\n<strong>\n";
- $q = "SELECT order_id FROM #__{vm}_orders WHERE ";
- $q .= "order_id < '$order_id' ORDER BY order_id DESC";
- $navi_db->query($q);
- $navi_db->next_record();
- if ($navi_db->f("order_id")) {
- $url = $_SERVER['PHP_SELF'] . "?page=$modulename.booking_form&order_id=";
- $url .= $navi_db->f("order_id");
- $navigation .= "<a class=\"pagenav\" href=\"" . $sess->url($url) . "\">< " .$VM_LANG->_('ITEM_PREVIOUS')."</a> | ";
- } else
- $navigation .= "<span class=\"pagenav\">< " .$VM_LANG->_('ITEM_PREVIOUS')." | </span>";
- $q = "SELECT order_id FROM #__{vm}_orders WHERE ";
- $q .= "order_id > '$order_id' ORDER BY order_id";
- $navi_db->query($q);
- $navi_db->next_record();
- if ($navi_db->f("order_id")) {
- $url = $_SERVER['PHP_SELF'] . "?page=$modulename.booking_form&order_id=";
- $url .= $navi_db->f("order_id");
- $navigation .= "<a class=\"pagenav\" href=\"" . $sess->url($url) ."\">". $VM_LANG->_('ITEM_NEXT')." ></a>";
- } else {
- $navigation .= "<span class=\"pagenav\">".$VM_LANG->_('ITEM_NEXT')." ></span>";
- }
- $navigation .= "\n<strong>\n</div>\n";
- return $navigation;
- }
-
- function add(&$d) {
- global $ps_booking, $VM_LANG, $mosConfig_offset, $sess, $page;
-
- /**
- * Add the user
- */
- if(!vmGet($d,'user_id')){
- $_POST['name'] = vmGet($d,'first_name').' '.vmGet($d,'last_name');
- $_POST['gid'] = $d['gid'] = '18';
- $_POST['usertype'] = $d['usertype'] = 'Registered';
- $d['perms'] = 'shopper';
- $d['customer_number'] = 'shopper';
- $ps_user = new ps_user();
- if (!$ps_user->add($d)) {
- $GLOBALS['vmLogger']->err('Unable to add the user account');
- return false;
- }
- $d['user_id'] = $_REQUEST['user_id'];
- }
-
-
- /**
- * Process the booking information, this sets the price etc
- */
- $ps_booking->process(1,1);
- if(!$ps_booking->status){
- return false;
- }
-
-
- /**
- * Add the order / booking
- **/
- $ps_order_booking = new ps_order_booking();
- if ($ps_order_booking->add($d)) {
-
- $_REQUEST['order_id'] = $d['order_id'] = $ps_order_booking->order_id;
-
- /**
- * Get all fields which where shown to the user
- * and save the order user info table
- */
- $userFields = ps_userfield::getUserFields('registration', false, '', true);
- $skip_fields = ps_userfield::getSkipFields();
- $fields = array();
- foreach( $userFields as $userField ) {
- if( !in_array($userField->name,$skip_fields)) {
- $name = $userField->name == 'email' ? 'user_email' : $userField->name;
- $fields[$name] = vmGet($d,$userField->name);
- }
- }
- $fields['user_id'] = $d['user_id'];
- $fields['order_id'] = $d['order_id'];
- $fields['address_type'] = 'BT';
- $fields['address_type_name'] = '-default-';
- $db = new ps_DB();
- $db->buildQuery('INSERT','#__{vm}_order_user_info',$fields);
-
- if(!$db->query()){
- $GLOBALS['vmLogger']->err('Unable to add the user information associated with this booking');
- return false;
- }
-
- if (vmGet($d,'notify_customer','N')=='HTML') {
-
- $ps_checkout = new ps_checkout();
- $ps_checkout->email_receipt($ps_order_booking->order_id,'Booking Added', 0, @VB_NOTIFY_ADD_BACK_CUST, @VB_NOTIFY_ADD_BACK_OWNER, @VB_NOTIFY_ADD_BACK_ADMIN);
- }
-
- $GLOBALS['vmLogger']->info('The booking has been sucessfully saved.');
- }
-
- return true;
- }
-
- function update(&$d) {
- global $ps_booking, $VM_LANG, $mosConfig_offset, $sess;
-
- /**
- * Process the booking information, this sets the price etc
- */
- $ps_booking->process(1,1);
- $ps_booking->booking_id = $d['order_id'];
- //Check that the booking is ok
- if (!$ps_booking->status){
- return false;
- }
-
-
- /**
- * Get the suer ID from the booking info
- */
-
- $db = new ps_DB();
- $db->query("SELECT user_id FROM #__{vm}_order_user_info WHERE order_id = ".vmGet($d,'order_id'));
- $db->next_record();
- $d['user_id'] = $_REQUEST['user_id'] = $db->f('user_id');
-
- /**
- * Update the order booking
- **/
-
- $ps_order_booking = new ps_order_booking();
- if (($_SERVER['REMOTE_ADDR'] == '86.147.72.108') || $ps_order_booking->update($d)) {
-
- /**
- * Get all fields which where shown to the user
- * and save the order user info table
- */
- $userFields = ps_userfield::getUserFields('registration', false, '', true);
- $skip_fields = ps_userfield::getSkipFields();
- $fields = array();
- foreach( $userFields as $userField ) {
- if( !in_array($userField->name,$skip_fields)) {
- $name = $userField->name == 'email' ? 'user_email' : $userField->name;
- $fields[$name] = vmGet($d,$userField->name);
- }
- }
- $db = new ps_DB();
- $db->buildQuery('UPDATE','#__{vm}_order_user_info',$fields,'WHERE user_id = '.vmGet($d,'user_id').' AND order_id = '.vmGet($d,'order_id'));
-
- if(!$db->query()){
- $GLOBALS['vmLogger']->err('Unable to update the user information associated with this booking');
- return false;
- }
-
- /**
- * Notify the customer if theres an order status update
- */
- if($d['order_status'] != $d['current_order_status'] && vmGet($_REQUEST,'notify_customer','N')=='Y'){
-
- if(!$this->order_status_update($d)) return false;
- }
-
- if (vmGet($_REQUEST,'notify_customer','N')=='HTML') {
-
- $ps_checkout = new ps_checkout();
-
- // Organic mod: allow separate email for cancellations
- if ( vmGet($_REQUEST,'order_status','X') == 'X' ) {
- $ps_checkout->email_receipt($d['order_id'],'Booking Cancelled', 0, @VB_NOTIFY_AMEND_CUST, @VB_NOTIFY_AMEND_OWNER, @VB_NOTIFY_AMEND_ADMIN);
- }
- else {
- $ps_checkout->email_receipt($d['order_id'],'Booking Updated / Amended', 0, @VB_NOTIFY_AMEND_CUST, @VB_NOTIFY_AMEND_OWNER, @VB_NOTIFY_AMEND_ADMIN);
- }
- }
- $GLOBALS['vmLogger']->info('The booking details have been sucessfully updated.');
- }
- return true;
- }
- }
- $ps_order = new ps_order;
- ?>