/trunk/controllers/checkout/controller.php
PHP | 514 lines | 417 code | 54 blank | 43 comment | 54 complexity | 5b79f891df678609958755588b24757e MD5 | raw file
Possible License(s): LGPL-2.1
- <?php
-
- class Checkoutcontroller {
-
- private $required = array('address_name', 'address_lineone', 'address_city' );
- public function __construct( PeacockCarterFrameworkRegistry $registry, $directCall )
- {
- $this->registry = $registry;
- if( $directCall == true )
- {
- // temp
- $sql = "SELECT c.ID FROM content c, content_types t, content_versions v, content_versions_pages p WHERE c.type=t.ID AND t.reference='page' AND p.version_id=v.ID AND v.ID=c.current_revision AND c.`order` >= 0 ORDER BY c.`order` ASC LIMIT 1";
- $this->registry->getObject('db')->executeQuery( $sql );
- $p = $this->registry->getObject('db')->getRows();
- $this->registry->getObject('menubuilder')->buildMenu( $p['ID'] );
- require_once FRAMEWORK_PATH . 'models/store/basket.php';
- $this->basket = new Basket( $this->registry );
- if( $this->basket->isChecked() == false ) { $this->basket->checkBasket(); }
- $urlBits = $this->registry->getURLBits();
- if( !isset( $urlBits[1] ) )
- {
- $this->setDelivery();
- }
- else
- {
- switch( $urlBits[1] )
- {
- case 'select-payment':
- $this->setPayment();
- break;
- case 'review':
- $this->orderDetails();
- break;
- case 'confirm':
- $this->confirmOrder();
- break;
- case 'delivery':
- $this->setDelivery();
- break;
- default:
- $this->setDelivery();
- }
- }
-
- }
- }
-
- private function setDelivery()
- {
- if( $this->basket->isEmpty() )
- {
- // basket is empty fool!
- $this->registry->errorPage('Basket is empty', 'Sorry, you cannot checkout as you have no products in your basket');
- }
- else
- {
- if( isset( $_POST['set_delivery'] ) )
- {
- // set delivery address. Header redirect to next step.
- $n = ( $_POST['address_name'] );
- $a = ( $_POST['address_lineone'] );
- $al2 = ( $_POST['address_linetwo'] );
- $c = ( $_POST['address_city'] );
- $p = ( $_POST['address_postcode'] );
- $country = ( $_POST['address_country'] );
- $notes = ( $_POST['delivery_notes'] );
- $this->basket->setDeliveryAddress( $n, $a, $al2, $c, $p, $country, $notes );
- $notall = false;
-
- foreach( $this->required as $field )
- {
- if( ! isset( $_POST[ $field ] ) || $_POST[ $field ] == '' )
- {
- $notall = true;
- }
- }
- $inner = "";
- if( ! $this->registry->getObject('authenticate')->isLoggedIn() && $this->basket->getEmailAddress() == '' )
- {
- if( isset( $_POST['email_address'] ) )
- {
- if( ! preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST[ 'email_address' ] ) )
- {
- $notall = true;
- $inner = " We also require a valid email address to email dispatch and payment confirmation.";
- }
- else
- {
- $this->basket->setEmailAddress( $_POST['email_address'] );
- }
- }
- else
- {
- $notall = true;
- $inner = " We also require a valid email address to email dispatch and payment confirmation.";
- }
-
- }
- if( $notall == true )
- {
- // shown the delivery method page
- $this->registry->getObject('template')->buildFromTemplates( 'header.tpl.php', 'store/checkout/delivery.tpl.php', 'footer.tpl.php' );
- // if delviery details is set
- $da = $this->basket->getDeliveryAddress();
- if( ! empty( $da ) )
- {
- $address = $da;
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_name', $address['address_name'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_lineone', $address['address_lineone'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_linetwo', $address['address_linetwo'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_city', $address['address_city'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_postcode', $address['address_postcode'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_country', $address['address_country'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_delivery_notes', $address['delivery_notes'] );
-
- }
- $msg = "<p>You must at least supply your name, first line of your address, and your city." . $inner . "</p>";
- $this->registry->getObject('template')->getPage()->addTag( 'address_message', $msg );
- $this->requestEmail();
- }
- else
- {
- // bounce them
- header('Location: ' . $this->registry->buildURL(array('checkout', 'review'), '', false ) );
- exit();
- }
-
-
- }
- else
- {
- // shown the delivery method page
- $this->registry->getObject('template')->buildFromTemplates( 'header.tpl.php', 'store/checkout/delivery.tpl.php', 'footer.tpl.php' );
- $this->registry->getObject('template')->getPage()->addTag( 'address_message', '' );
- // if delviery details is set
- $da = $this->basket->getDeliveryAddress();
- if( ! empty( $da ) )
- {
- $address = $da;
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_name', $address['address_name'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_lineone', $address['address_lineone'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_linetwo', $address['address_linetwo'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_city', $address['address_city'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_postcode', $address['address_postcode'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_address_country', $address['address_country'] );
- $this->registry->getObject('template')->getPage()->addTag( 'form_delivery_notes', $address['delivery_notes'] );
-
- }
- $this->requestEmail();
- }
- }
- }
-
- private function requestEmail()
- {
- if( ! $this->registry->getObject('authenticate')->isLoggedIn() )
- {
- $this->registry->getObject('template')->getPage()->addTag( 'email_address', $this->basket->getEmailAddress() );
- $this->registry->getObject('template')->addTemplateBit( 'email_request', 'store/checkout/email_request.tpl.php' );
-
- }
- else
- {
- $this->registry->getObject('template')->getPage()->addTag( 'email_request', '' );
- }
-
- }
-
-
- private function orderDetails()
- {
- $dd = $this->basket->getDeliveryAddress();
- $notall = false;
- foreach( $this->required as $field )
- {
- if( ! isset( $dd[ $field ] ) || $dd[ $field ] == '' )
- {
- $notall = true;
- }
- }
- if( $notall == true )
- {
- $this->registry->redirectUser( array( 'checkout'), 'Delivery Details', 'Your delivery address details were not complete. Please complete them in order to proceed with your order', false );
- }
- else
- {
- if( $this->basket->isEmpty() )
- {
- $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'store/checkout/empty.tpl.php','footer.tpl.php');
-
- }
- else
- {
- $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'store/checkout/review.tpl.php','footer.tpl.php');
-
- $contents = $this->basket->getContents();
-
- $products = array();
- //echo '<pre>' . print_r( $contents, true ) . '</pre>';
- foreach( $contents as $reference => $data )
- {
- $products[] = $data;
- }
-
- $basketCache = $this->registry->getObject('db')->cacheData( $products );
- $this->registry->getObject('template')->getPage()->addTag( 'voucher_code', $this->basket->getVoucherCode() );
-
- $this->registry->getObject('template')->getPage()->addTag( 'basket_items', array( 'DATA', $basketCache ) );
- $this->registry->getObject('template')->getPage()->addTag( 'basket_subtotal', $this->basket->getCost() );
- $this->registry->getObject('template')->getPage()->addTag( 'shipping_costs', $this->basket->getShippingCost() );
- $this->registry->getObject('template')->getPage()->addTag( 'basket_total', $this->basket->getTotal() );
-
-
- // delivery address
- $address = "";
- $note = "";
- foreach( $dd as $field => $data )
- {
- if( $field != 'delivery_notes' )
- {
- if( $data != '' )
- {
- $address .= $data . ",";
- }
-
- }
- else
- {
- $note = $data;
- }
- }
- $note = ( $note == "" ) ? "No instructions supplied" : $note;
- $address = substr_replace($address,"",-1);
- $this->registry->getObject('template')->getPage()->addTag( 'delivery_address', $address );
- $this->registry->getObject('template')->getPage()->addTag( 'delivery_instructions', $note );
- $vc = $this->basket->getVoucherCode();
- $vc = ( $vc == '' ) ? 'No voucher code supplied' : $vc;
- $this->registry->getObject('template')->getPage()->addTag( 'voucher_code', $vc );
-
- $payment_id = intval( $this->basket->getPaymentMethod() );
- $shipping_id = intval( $this->basket->getShippingMethod() );
- $sql = "SELECT name FROM store_shipping_methods WHERE ID={$shipping_id} AND active=1";
- $this->registry->getObject('db')->executeQuery( $sql );
- if( $this->registry->getObject('db')->numRows() == 1 )
- {
- $data = $this->registry->getObject('db')->getRows();
- $sm = $data['name'];
- }
- else
- {
- $sm = "Error - invalid or inactive shipping method";
- }
- $sql = "SELECT name FROM store_payment_methods WHERE ID={$payment_id} AND active=1";
- $this->registry->getObject('db')->executeQuery( $sql );
- if( $this->registry->getObject('db')->numRows() == 1 )
- {
- $data = $this->registry->getObject('db')->getRows();
- $pm = $data['name'];
- }
- else
- {
- $pm = "Error - invalid or inactive payment method";
- }
-
- $this->registry->getObject('template')->getPage()->addTag( 'delivery_method', $sm );
-
- $this->registry->getObject('template')->getPage()->addTag( 'payment_method', $pm );
-
-
- }
-
- }
- }
-
- private function confirmOrder()
- {
- // basket empty
- if( $this->basket->isEmpty() )
- {
- $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'store/checkout/empty.tpl.php','footer.tpl.php');
- }
- else
- {
- $dd = $this->basket->getDeliveryAddress();
- if( empty( $dd ) )
- {
- // delivery details empty
- $this->registry->redirectUser( array('checkout'), 'Delivery address missing', 'Please supply us with a delivery address', false );
- }
- else
- {
-
- $notall = false;
- foreach( $this->required as $field )
- {
- if( ! isset( $dd[ $field ] ) || $dd[ $field ] == '' )
- {
- $notall = true;
- }
- }
- if( $notall == true )
- {
- // delivery address not complete
- $this->registry->redirectUser( array('checkout'), 'Delivery address incomplete', 'Please supply us with a complete delivery address', false );
- }
- else
- {
- // shipping and payment details valid
- $sql = "SELECT * FROM store_shipping_methods WHERE active=1 AND ID=" . $this->basket->getShippingMethod();
- $this->registry->getObject('db')->executeQuery( $sql );
- if( $this->registry->getObject('db')->numRows() == 0 )
- {
- $this->registry->redirectUser( array('basket'), 'Invalid shipping method', 'You have selected an invalid shipping method', false );
- }
- else
- {
- $sql = "SELECT * FROM store_payment_methods WHERE active=1 AND ID=" . $this->basket->getPaymentMethod();
- $this->registry->getObject('db')->executeQuery( $sql );
- if( $this->registry->getObject('db')->numRows() == 0 )
- {
- $this->registry->redirectUser( array('basket'), 'Invalid payment method', 'You have selected an invalid payment method', false );
- }
- else
- {
- // voucher code
- // done in checkBasket()
- // user account
- if( $this->registry->getObject('authenticate')->isLoggedIn() == true )
- {
- // loggedin: transfer
- $this->basket->transferToUser( $this->registry->getObject('authenticate')->getUserID() );
- }
- else
- {
- // not logged in: create
- $insert = array();
- $username = "guest_" . str_replace( ' ', '', $dd['address_name'] ) . $this->randomString(5);
- $password = $this->randomString(5);
- $insert['username'] = $this->registry->getObject('db')->sanitizeData( $username );
- $insert['password_hash'] = md5( $password );
- $insert['email'] = $this->registry->getObject('db')->sanitizeData( $this->basket->getEmailAddress() );
- $insert['admin'] = 0;
- $insert['active'] = 1;
- $insert['banned'] = 0;
- $insert['name'] = $this->registry->getObject('db')->sanitizeData( $dd['address_name'] );
- $this->registry->getObject('db')->insertRecords( 'users', $insert );
- $uid = $this->registry->getObject('db')->lastInsertID();
- /*$insert = array();
- $insert['user_id'] = $uid;
- $insert['default_delivery_name'] = $this->registry->getObject('db')->sanitizeData( $dd['address_name'] );
- $insert['default_delivery_address'] = $this->registry->getObject('db')->sanitizeData( $dd['address_lineone'] );
- $insert['default_delivery_address2'] = $this->registry->getObject('db')->sanitizeData( $dd['address_linetwo'] );
- $insert['default_delivery_city'] = $this->registry->getObject('db')->sanitizeData( $dd['address_city'] );
- $insert['default_delivery_postcode'] = $this->registry->getObject('db')->sanitizeData( $dd['address_postcode'] );
- $insert['default_delivery_country'] = $this->registry->getObject('db')->sanitizeData( $dd['address_country'] );
- $this->registry->getObject('db')->insertRecords( 'users_extra', $insert );*/
- // not logged in: email
- $this->emailLoginDetails( $username, $password, $this->basket->getEmailAddress());
- // not logged in: login
- $u = $this->registry->getObject('db')->sanitizeData( $username );
- $p = md5( $password );
- $this->registry->getObject('authenticate')->forceLogin( $u, $p );
- // now logged in: transfer
- $this->basket->transferToUser( $this->registry->getObject('authenticate')->getUserID() );
-
- }
-
- // create order
- $order = array();
- $order['user_id'] = $uid;
- $order['ip'] = $_SERVER['REMOTE_ADDR'];
- $order['status'] = 1;
- $order['delivery_comment'] = $this->registry->getObject('db')->sanitizeData( $dd['delivery_notes'] );
- $order['shipping_method'] = $this->basket->getShippingMethod();
- $order['payment_method'] = $this->basket->getPaymentMethod();
- $order['shipping_name'] = $this->registry->getObject('db')->sanitizeData( $dd['address_name'] );
- $order['shipping_address'] = $this->registry->getObject('db')->sanitizeData( $dd['address_lineone'] );
- $order['shipping_address2'] = $this->registry->getObject('db')->sanitizeData( $dd['address_linetwo'] );
- $order['shipping_city'] = $this->registry->getObject('db')->sanitizeData( $dd['address_city'] );
- $order['shipping_postcode'] = $this->registry->getObject('db')->sanitizeData( $dd['address_postcode'] );
- $order['shipping_country'] = $this->registry->getObject('db')->sanitizeData( $dd['address_country'] );
- $order['products_cost'] = $this->basket->getCost();
- $order['shipping_cost'] = $this->basket->getShippingCost();
- $order['voucher_code'] = $this->basket->getVoucherCode();
- $order['voucher_code_text'] = $this->basket->getVoucherCodeText();
- $this->registry->getObject('db')->insertRecords( 'store_orders', $order );
- $order_id = $this->registry->getObject('db')->lastInsertID();
- // order items
- $order_items_sql = "";
- $variations = array();
- $someVariations = false;
- foreach( $this->basket->getContents() as $reference => $data )
- {
- $order_item = array();
- $order_item['order_id'] = $order_id;
- $order_item['product_id'] = $data['product'];
- $order_item['qty'] = $data['quantity'];
- $order_item['uploaded_file'] = $data['file'];
- $order_item['custom_text_values'] = $data['custom_text_values'];
- $order_item['standard'] = $data['standard'];
- $this->registry->getObject('db')->insertRecords( 'store_orders_items', $order_item );
-
- $order_item_id = $this->registry->getObject('db')->lastInsertID();
- if( $data['variation_ids'] != '' )
- {
- $variations[ $order_item_id ] = explode( ',', $data['variation_ids'] );
- $someVariations = true;
- }
- }
- if( $someVariations == true )
- {
- $order_variations_sql = "INSERT INTO store_orders_items_variation_value_association (order_item_id, variation_id) VALUES ";
- // variations
- foreach( $variations as $oiid => $vars )
- {
- foreach( $vars as $var )
- {
- $order_variations_sql .= "( " . $oiid . ", " . $var . "), ";
- }
-
- }
- $order_variations_sql = substr_replace( $order_variations_sql, '', -2 );
- $this->registry->getObject('db')->executeQuery( $order_variations_sql );
- }
-
-
- // email user
- $this->emailOrderDetails( $order_id );
- $u = $this->registry->getObject('authenticate')->getUserID();
- // empty the basket!
- $s = session_id();
- $i = $_SERVER ['REMOTE_ADDR'];
- /*$sql = "DELETE FROM store_basket_variant_value_association WHERE basket_id IN (SELECT ID FROM store_basket_contents WHERE ( user_id={$u} AND {$u} > 0 ) OR ( session_id='{$s}' AND ip_address='{$i}' ))";
- $this->registry->getObject('db')->executeQuery( $sql );*/
- /*$sql = "DELETE FROM store_basket_contents WHERE ( user_id={$u} AND {$u} > 0 ) OR (session_id='{$s}' AND ip_address='{$i}')";
- print_r($sql);
- print_r($u);
- $this->registry->getObject('db')->executeQuery( $sql );*/
-
- // payment page bounce.
- header('Location: ' . $this->registry->buildURL(array('orders', 'payment', $order_id), '', false ) );
- exit();
- }
- }
-
- }
- }
-
-
-
-
- }
-
-
- }
-
- private function randomString( $length=8 )
- {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyz';
- $string = "";
- for ($i = 0; $i < $length; $i++ )
- {
- $string .= $characters[mt_rand(0, strlen($characters)-1)];
- }
- return $string;
- }
-
- private function emailLoginDetails( $username, $password, $email )
- {
- $this->registry->getObject('mailout')->startFresh();
- $this->registry->getObject('mailout')->setTo( $email );
- $this->registry->getObject('mailout')->setSender( $this->registry->getSetting('adminEmailAddress') );
- $this->registry->getObject('mailout')->setFromName( $this->registry->getSetting('cms_name') );
- $this->registry->getObject('mailout')->setSubject( 'Login details for ' .$this->registry->getSetting('sitename') );
- $this->registry->getObject('mailout')->buildFromTemplates('store/login.tpl.php');
- $tags = $this->values;
- $tags[ 'sitename' ] = $this->registry->getSetting('sitename');
- $tags['username'] = $username;
- $tags['password'] = $password;
- $tags['siteurl'] = $this->registry->getSetting('site_url');
- $this->registry->getObject('mailout')->replaceTags( $tags );
- $this->registry->getObject('mailout')->setMethod('sendmail');
- $this->registry->getObject('mailout')->send();
- }
-
- private function emailOrderDetails( $order )
- {
- $sql = "SELECT u.email FROM users u, store_orders o WHERE u.ID=o.user_id AND o.ID=" . $order;
- $this->registry->getObject('db')->executeQuery( $sql );
- $data = $this->registry->getObject('db')->getRows();
- $this->registry->getObject('mailout')->startFresh();
- $this->registry->getObject('mailout')->setTo( $data['email'], 'info@equalitysouthwest.org.uk', 'bookings@equalitysouthwest.org.uk' );
- $this->registry->getObject('mailout')->setSender( $this->registry->getSetting('adminEmailAddress') );
- $this->registry->getObject('mailout')->setFromName( $this->registry->getSetting('cms_name') );
- $this->registry->getObject('mailout')->appendHeader('Cc: ' . $this->registry->getSetting('adminEmailAddress') );
- $this->registry->getObject('mailout')->setSubject( 'Order placed on ' . $this->registry->getSetting('sitename') . ' - ref: #' . $order);
- $this->registry->getObject('mailout')->buildFromTemplates('store/order.tpl.php');
- $tags = $this->values;
- $tags[ 'order' ] = $order;
- $tags[ 'sitename' ] = $this->registry->getSetting('sitename');
- $tags['siteurl'] = $this->registry->getSetting('site_url');
- $tags[ 'link' ] = $this->registry->buildURL( array('orders', 'payment', $order), '', false );
- $this->registry->getObject('mailout')->replaceTags( $tags );
- $this->registry->getObject('mailout')->setMethod('sendmail');
- $this->registry->getObject('mailout')->send();
- }
-
-
-
- }
-
-
-
- ?>