<?php
if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );
/**
*
* @version $Id: ps_order.php 2437 2010-06-18 08:41:39Z soeren $
* @package VirtueMart
* @subpackage classes
* @copyright Copyright (C) 2004-2009 soeren - All rights reserved.
* @license
www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
*
virtuemart.net
*/
/**
* The class handles orders from an adminstrative perspective. Order
* processing is handled in the ps_checkout class.
*/
class vm_ps_order {
/**
* Changes the status of an order
* @author pablo
* @author soeren
* @author Uli
*
*
* @param array $d
* @return boolean
*/
function order_status_update(&$d) {
global $mosConfig_offset;
global $sess, $VM_LANG, $vmLogger;
$db = new ps_DB;
//$timestamp = time() + ($mosConfig_offset*60*60); //Original
$timestamp = time(); //Custom
//$mysqlDatetime = date("Y-m-d G:i:s",$timestamp); //Original
$mysqlDatetime = date("Y-m-d G:i:s", $timestamp + ($mosConfig_offset*60*60)); //Custom
if( empty($_REQUEST['include_comment'])) {
$include_comment="N";
}
// get the current order status
$curr_order_status = @$d["current_order_status"];
$notify_customer = empty($d['notify_customer']) ? "N" : $d['notify_customer'];
if( $notify_customer=="Y" ) {
$notify_customer=1;
}
else {
$notify_customer=0;
}
$d['order_comment'] = empty($d['order_comment']) ? "" : $d['order_comment'];
if( empty($d['order_item_id']) ) {
// When the order is set to "confirmed", we can capture
// the Payment with authorize.net
if( $curr_order_status=="P" && $d["order_status"]=="C") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = $db->f("payment_class");
$d["order_number"] = $db->f("order_number");
switch( $payment_class ) {
case "ps_authorize":
require_once( CLASSPATH."payment/ps_authorize.cfg.php");
if( AN_TYPE == 'AUTH_ONLY' ) {
require_once( CLASSPATH."payment/ps_authorize.php");
$authorize = new ps_authorize();
if( !$authorize->capture_payment( $d )) {
return false;
}
}
break;
default:
// default case for payment methods that allow to "capture" the payment
if( is_file( CLASSPATH.'payment/'.basename($payment_class).'.php' ) ) {
require_once( CLASSPATH.'payment/'.basename($payment_class).'.php' );
if( !class_exists($payment_class)) break;
$paymentObj = new $payment_class();
if( !method_exists($paymentObj,'capture_payment')) break;
if( !$paymentObj->capture_payment( $d )) {
return false;
}
}
break;
}
}
/*
* This is like the test above for delayed capture only
* we (well, I - durian) don't think the credit card
* should be captured until the item(s) are shipped.
* In fact, VeriSign says not to capture the cards until
* the item ships. Maybe this behavior should be a
* configurable item?
*
* When the order changes from Confirmed or Pending to
* Shipped, perform the delayed capture.
*
* Restricted to PayFlow Pro for now.
*/
if( ($curr_order_status=="P" || $curr_order_status=="C") && $d["order_status"]=="S") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = $db->f("payment_class");
if( $payment_class=="payflow_pro" ) {
require_once( CLASSPATH."payment/payflow_pro.cfg.php");
if( PFP_TYPE == 'A' ) {
require_once( CLASSPATH."payment/payflow_pro.php");
$pfp = new ps_pfp();
$d["order_number"] = $db->f("order_number");
if( !$pfp->capture_payment( $d )) {
return false;
}
}
}
}
/**
* Do capture when product is shipped
*/
/*
if(($curr_order_status == "P" || $curr_order_status == "C") && $d["order_status"]=="S")
{
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'capture_payment' ))) {
if( !$payment->capture_payment( $d )) {
return false;
}
}
}
}*/
/*
* If a pending order gets cancelled, void the authorization.
*
* It might work on captured cards too, if we want to
* void shipped orders.
*
*/
if( $curr_order_status=="P" && $d["order_status"]=="X") {
$q = "SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ";
$q .= "#__{vm}_order_payment.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_orders.order_id='".$db->getEscaped($d['order_id'])."' ";
$q .= "AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id";
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'void_authorization' ))) {
if( !$payment->void_authorization( $d )) {
return false;
}
}
}
}
// Do a Refund
if( $d['order_status']=='R' && $curr_order_status != 'R') {
$vmLogger->debug("Initiating Refund");
$q = 'SELECT order_number,payment_class,order_payment_trans_id FROM #__{vm}_payment_method,#__{vm}_order_payment,#__{vm}_orders WHERE ';
$q .= '#__{vm}_orders.order_id=\''.$db->getEscaped($d['order_id']).'\' ';
$q .= 'AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id ';
$q .= 'AND #__{vm}_order_payment.payment_method_id=#__{vm}_payment_method.payment_method_id';
$db->query( $q );
$db->next_record();
$payment_class = strtolower(basename($db->f("payment_class")));
$vmLogger->debug('Payment Class: '.$payment_class);
if( file_exists( CLASSPATH.'payment/'.$payment_class.'.php' )) {
$vmLogger->debug('Found Payment Module');
require_once( CLASSPATH."payment/$payment_class.php");
$payment = new $payment_class();
$d["order_number"] = $db->f("order_number");
if( is_callable( array( $payment, 'do_refund' )))
{
$vmLogger->debug('Can call do_refund');
if( !$payment->do_refund( $d )) {
$vmLogger->debug('failed to do refund');
return false;
}
}
}
}
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$db->buildQuery('UPDATE', '#__{vm}_orders', $fields, "WHERE order_id='" . $db->getEscaped($d["order_id"]) . "'");
$db->query();
// Update the Order History.
$fields = array( 'order_id' => $d["order_id"],
'order_status_code' => $d["order_status"],
'date_added' => $mysqlDatetime,
'customer_notified' => $notify_customer,
'comments' => $d['order_comment']
);
$db->buildQuery('INSERT', '#__{vm}_order_history', $fields );
$db->query();
// Do we need to re-update the Stock Level?
if( (strtoupper($d["order_status"]) == "X" || strtoupper($d["order_status"])=="R")
// && CHECK_STOCK == '1'
&& $curr_order_status != $d["order_status"]
) {
// Get the order items and update the stock level
// to the number before the order was placed
$q = "SELECT product_id, product_quantity FROM #__{vm}_order_item WHERE order_id='".$db->getEscaped($d["order_id"])."'";
$db->query( $q );
$dbu = new ps_DB;
require_once( CLASSPATH.'ps_product.php');
// Now update each ordered product
while( $db->next_record() ) {
if( ENABLE_DOWNLOADS == '1' && ps_product::is_downloadable($db->f("product_id")) && VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
$q = "UPDATE #__{vm}_product
SET product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
else {
$q = "UPDATE #__{vm}_product
SET product_in_stock=product_in_stock+".$db->f("product_quantity").",
product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
}
}
// Update the Order Items' status
$q = "SELECT order_item_id FROM #__{vm}_order_item WHERE order_id=".$db->getEscaped($d['order_id']);
$db->query($q);
$dbu = new ps_DB;
while ($db->next_record()) {
$item_id = $db->f("order_item_id");
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$dbu->buildQuery('UPDATE', '#__{vm}_order_item', $fields, "WHERE order_item_id='" .(int)$item_id . "'");
$dbu->query();
}
if (ENABLE_DOWNLOADS == '1') {
##################
## DOWNLOAD MOD
$this->mail_download_id( $d );
}
if( !empty($notify_customer) ) {
$this->notify_customer( $d );
}
} elseif( !empty($d['order_item_id'])) {
// Update the Order Items' status
$q = "SELECT order_item_id, product_id, product_quantity FROM #__{vm}_order_item
WHERE order_id=".$db->getEscaped($d['order_id'])
. ' AND order_item_id='.intval( $d['order_item_id'] );
$db->query($q);
$item_product_id = $db->f('product_id');
$item_product_quantity = $db->f('product_quantity');
require_once( CLASSPATH. 'ps_product.php' );
if( ENABLE_DOWNLOADS == '1' && ps_product::is_downloadable($item_product_id) && VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
$q = "UPDATE #__{vm}_product
SET product_sales=product_sales-".$item_product_quantity."
WHERE product_id=".$item_product_id;
$db->query( $q );
}
else {
$q = "UPDATE #__{vm}_product
SET product_in_stock=product_in_stock+".$item_product_quantity.",
product_sales=product_sales-".$item_product_quantity."
WHERE product_id=".$item_product_id;
$db->query( $q );
}
$fields =array( 'order_status'=> $d["order_status"],
'mdate'=> $timestamp );
$db->buildQuery('UPDATE', '#__{vm}_order_item', $fields, 'WHERE order_item_id='.intval( $d['order_item_id'] ));
return $db->query() !== false;
}
// dispatch event for virtuemart alpha rewards points -----------------------------------------------------
$dispatcher =& JDispatcher::getInstance();
$returnValues = $dispatcher->trigger('plgVmOnUpdateOrderPayment', array($d, $d['current_order_status']));
// -------------------------------------------------------------------------------------------------
return true;
}
/**
* mails the Download-ID to the customer
* or deletes the Download-ID from the product_downloads table
*
* @param array $d
* @return boolean
*/
function mail_download_id( &$d ){
global $sess, $VM_LANG, $vmLogger;
$url = URL."index.php?option=com_virtuemart&page=shop.downloads&Itemid=".$sess->getShopItemid();
$db = new ps_DB();
$db->query( 'SELECT order_status FROM #__{vm}_orders WHERE order_id='.(int)$d['order_id'] );
$db->next_record();
if (in_array($db->f("order_status"), array(ENABLE_DOWNLOAD_STATUS,'S'))) {
$dbw = new ps_DB;
$q = "SELECT order_id,user_id,download_id,file_name FROM #__{vm}_product_download WHERE";
$q .= " order_id = '" . (int)$d["order_id"] . "'";
$dbw->query($q);
$dbw->next_record();
$userid = $dbw->f("user_id");
$download_id = $dbw->f("download_id");
$datei=$dbw->f("file_name");
$dbw->reset();
if ($download_id) {
$dbv = new ps_DB;
$q = "SELECT * FROM #__{vm}_vendor WHERE vendor_id='1'";
$dbv->query($q);
$dbv->next_record();
$db = new ps_DB;
$q="SELECT first_name,last_name, user_email FROM #__{vm}_user_info WHERE user_id = '$userid' AND address_type='BT'";
$db->query($q);
$db->next_record();
$message = $VM_LANG->_('HI',false) .' '. $db->f("first_name") .($db->f("middle_name")?' '.$db->f("middle_name") : '' ). ' ' . $db->f("last_name") . ",\n\n";
$message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_1',false).".\n";
$message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_2',false)."\n\n";
while($dbw->next_record()) {
$message .= basename($dbw->f("file_name")).": ".$dbw->f("download_id")
. "\n$url&download_id=".$dbw->f("download_id")."\n\n";
}
$message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_3',false) . DOWNLOAD_MAX."\n";
$expire = ((DOWNLOAD_EXPIRE / 60) / 60) / 24;
$message .= str_replace("{expire}", $expire, $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_4',false));
$message .= "\n\n____________________________________________________________\n";
$message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_5',false)."\n";
$message .= $dbv->f("vendor_name") . " \n" . URL."\n\n".$dbv->f("contact_email") . "\n";
$message .= "____________________________________________________________\n";
$message .= $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG_6',false) . $dbv->f("vendor_name");
$mail_Body = $message;
$mail_Subject = $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_SUBJ',false);
$from = $dbv->f("contact_email") ? $dbv->f("contact_email") : $GLOBALS['mosConfig_mailfrom'];
$result = vmMail( $from, $dbv->f("vendor_name"),
$db->f("user_email"), $mail_Subject, $mail_Body, '' );
if ($result) {
$vmLogger->info( $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG',false). " ". $db->f("first_name") . " " . $db->f("last_name") . " ".$db->f("user_email") );
}
else {
$vmLogger->warning( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_SEND',false)." ". $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email") );
}
}
}
elseif ( in_array(vmGet($d,'order_status'), array(DISABLE_DOWNLOAD_STATUS,'X','R'))) {
$q = "DELETE FROM #__{vm}_product_download WHERE order_id=" . (int)$d["order_id"];
$db->query($q);
$db->next_record();
}
return true;
}
/**
* notifies the customer that the Order Status has been changed
*
* @param array $d
*/
function notify_customer( &$d ){
global $sess, $VM_LANG, $vmLogger;
$url = SECUREURL."index.php?option=com_virtuemart&page=account.order_details&order_id=".urlencode($d["order_id"]).'&Itemid='.$sess->getShopItemid();
$db = new ps_DB;
$dbv = new ps_DB;
$q = "SELECT vendor_name,contact_email FROM #__{vm}_vendor ";
$q .= "WHERE vendor_id='".$_SESSION['ps_vendor_id']."'";
$dbv->query($q);
$dbv->next_record();
$q = "SELECT first_name,last_name,user_email,order_status_name FROM #__{vm}_order_user_info,#__{vm}_orders,#__{vm}_order_status ";
$q .= "WHERE #__{vm}_orders.order_id = '".$db->getEscaped($d["order_id"])."' ";
$q .= "AND #__{vm}_orders.user_id = #__{vm}_order_user_info.user_id ";
$q .= "AND #__{vm}_orders.order_id = #__{vm}_order_user_info.order_id ";
$q .= "AND order_status = order_status_code ";
$db->query($q);
$db->next_record();
// MAIL BODY
$message = $VM_LANG->_('HI',false) .' '. $db->f("first_name") . ($db->f("middle_name")?' '.$db->f("middle_name") : '' ). ' ' . $db->f("last_name") . ",\n\n";
$message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_1',false)."\n\n";
if( !empty($d['include_comment']) && !empty($d['order_comment']) ) {
$message .= $VM_LANG->_('PHPSHOP_ORDER_HISTORY_COMMENT_EMAIL',false).":\n";
$message .= $d['order_comment'];
$message .= "\n____________________________________________________________\n\n";
}
$message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_2',false)."\n";
$message .= "____________________________________________________________\n\n";
$message .= $db->f("order_status_name");
if( VM_REGISTRATION_TYPE != 'NO_REGISTRATION' ) {
$message .= "\n____________________________________________________________\n\n";
$message .= $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_MSG_3',false)."\n";
$message .= $url;
}
$message .= "\n\n____________________________________________________________\n";
$message .= $dbv->f("vendor_name") . " \n";
$message .= URL."\n";
$message .= $dbv->f("contact_email");
$message = str_replace( "{order_id}", $d["order_id"], $message );
$mail_Body = html_entity_decode($message);
$mail_Subject = str_replace( "{order_id}", $d["order_id"], $VM_LANG->_('PHPSHOP_ORDER_STATUS_CHANGE_SEND_SUBJ',false));
$result = vmMail( $dbv->f("contact_email"), $dbv->f("vendor_name"),
$db->f("user_email"), $mail_Subject, $mail_Body, '' );
/* Send the email */
if ($result) {
$vmLogger->info( $VM_LANG->_('PHPSHOP_DOWNLOADS_SEND_MSG',false). " ". $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email") );
}
else {
$vmLogger->warning( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_SEND',false).' '. $db->f("first_name") . " " . $db->f("last_name") . ", ".$db->f("user_email")." (". $result->ErrorInfo.")" );
}
}
/**
* This function inserts the DOWNLOAD IDs for all files associated with this product
* so the customer can later download the purchased files
* @static
* @since 1.1.0
* @param int $product_id
* @param int $order_id
* @param int $user_id
*/
function insert_downloads_for_product( &$d ) {
$db = new ps_DB();
$dbd = new ps_DB();
if( empty( $d['product_id'] ) || empty( $d['order_id'] )) {
return false;
}
$dl = "SELECT attribute_name,attribute_value ";
$dl .= "FROM #__{vm}_product_attribute WHERE product_id='".$d['product_id']."'";
$dl .= " AND attribute_name='download'";
$db->query($dl);
$dlnum = 0;
while($db->next_record()) {
$str = (int)$d['order_id'];
$str .= $d['product_id'];
$str .= uniqid('download_');
$str .= $dlnum++;
$str .= time();
$download_id = md5($str);
$fields = array('product_id' => $d['product_id'],
'user_id' => (int)$d['user_id'],
'order_id' => (int)$d['order_id'],
'end_date' => '0',
'download_max' => DOWNLOAD_MAX,
'download_id' => $download_id,
'file_name' => $db->f("attribute_value")
);
$dbd->buildQuery('INSERT', '#__{vm}_product_download', $fields );
$dbd->query();
}
}
/**
* Handles a download Request
*
* @param array $d
* @return boolean
*/
function download_request(&$d) {
global $download_id, $VM_LANG, $vmLogger;
$db = new ps_DB;
$download_id = $db->getEscaped( vmGet( $d, "download_id" ) );
$q = "SELECT * FROM #__{vm}_product_download WHERE";
$q .= " download_id = '$download_id'";
$db->query($q);
$db->next_record();
$download_id = $db->f("download_id");
$file_name = $db->f("file_name");
if( strncmp($file_name, 'http', 4 ) !== 0) {
$datei = DOWNLOADROOT . $file_name;
} else {
$datei = $file_name;
}
$download_max = $db->f("download_max");
$end_date = $db->f("end_date");
$zeit=time();
if (!$download_id) {
$vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_INV',false) );
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
elseif ($download_max=="0") {
$q ="DELETE FROM #__{vm}_product_download";
$q .=" WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
$vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_MAX',false) );
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
elseif ($end_date!="0" && $zeit > $end_date) {
$q ="DELETE FROM #__{vm}_product_download";
$q .=" WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
$vmLogger->err( $VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_EXP',false) );
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
require_once(CLASSPATH.'connectionTools.class.php');
$download_count = true;
if ( @file_exists( $datei ) ){
// Check if this is a request for a special range of the file (=Resume Download)
$range_request = vmConnector::http_rangeRequest( filesize($datei), false );
if( $range_request[0] == 0 ) {
// this is not a request to resume a download,
$download_count = true;
} else {
$download_count = false;
}
} else {
$download_count = false;
}
// Parameter to check if the file should be removed after download, which is only true,
// if we have a remote file, which was transferred to this server into a temporary file
$unlink = false;
if( strncmp($datei, 'http', 4 ) === 0) {
require_once( CLASSPATH.'ps_product_files.php');
$datei_local = ps_product_files::getRemoteFile($datei);
if( $datei_local !== false ) {
$datei = $datei_local;
$unlink = true;
} else {
$vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND',false) );
return false;
}
}
else {
// Check, if file path is correct
// and file is
if ( !@file_exists( $datei ) ){
$vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND',false) );
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
if ( !@is_readable( $datei ) ) {
$vmLogger->err( $VM_LANG->_('VM_DOWNLOAD_FILE_NOTREADABLE',false) );
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
}
if( $download_count ) {
// decrement the download_max to limit the number of downloads
$q ="UPDATE `#__{vm}_product_download` SET";
$q .=" `download_max`=`download_max` - 1";
$q .=" WHERE download_id = '" .$download_id. "'";
$db->query($q);
$db->next_record();
}
if ($end_date=="0") {
// Set the Download Expiry Date, so the download can expire after DOWNLOAD_EXPIRE seconds
$end_date=time('u') + DOWNLOAD_EXPIRE;
$q ="UPDATE #__{vm}_product_download SET";
$q .=" end_date=$end_date";
$q .=" WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
$UserBrowser = "Opera";
}
elseif (ereg('MSIE ([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
$UserBrowser = "IE";
} else {
$UserBrowser = '';
}
$mime_type = ($UserBrowser == 'IE' || $UserBrowser == 'Opera') ? 'application/octetstream' : 'application/octet-stream';
// dump anything in the buffer
while( @ob_end_clean() );
vmConnector::sendFile( $datei, $mime_type, basename($file_name) );
if( $unlink ) {
// remove the temporarily downloaded remote file
@unlink( $datei );
}
$GLOBALS['vm_mainframe']->close(true);
}
/**
* Shows the list of the orders of a user in the account mainenance section
*
* @param string $order_status Filter by order status (A=all, C=confirmed, P=pending,...)
* @param int $secure Restrict the order list to a specific user id (=1) or not (=0)?
*/
function list_order($order_status='A', $secure=0 ) {
global $VM_LANG, $CURRENCY_DISPLAY, $sess, $limit, $limitstart, $keyword, $mm_action_url;
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$auth = $_SESSION['auth'];
require_once( CLASSPATH .'ps_order_status.php');
require_once( CLASSPATH .'htmlTools.class.php');
require_once( CLASSPATH .'pageNavigation.class.php');
$db = new ps_DB;
$dbs = new ps_DB;
$listfields = 'o.order_id,o.cdate,order_total,o.order_status,order_currency';
$countfields = 'count(*) as num_rows';
$count = "SELECT $countfields FROM #__{vm}_orders o ";
$list = "SELECT DISTINCT $listfields FROM #__{vm}_orders o ";
$q = "WHERE o.vendor_id='$ps_vendor_id' ";
if ($order_status != "A") {
$q .= "AND order_status='$order_status' ";
}
if ($secure) {
$q .= "AND user_id='" . $auth["user_id"] . "' ";
}
if( !empty( $keyword )) {
$count .= ', #__{vm}_order_item oi ';
$list .= ', #__{vm}_order_item oi ';
$q .= "AND (order_item_sku LIKE '%".$keyword."%' ";
$q .= "OR order_number LIKE '%".$keyword."%' ";
$q .= "OR o.order_id=".(int)$keyword.' ';
$q .= "OR order_item_name LIKE '%".$keyword."%') ";
$q .= "AND oi.order_id=o.order_id ";
}
$q .= "ORDER BY o.cdate DESC";
$count .= $q;
$db->query($count);
$db->next_record();
$num_rows = $db->f('num_rows');
if( $num_rows == 0 ) {
echo "<span style=\"font-style:italic;\">".$VM_LANG->_('PHPSHOP_ACC_NO_ORDERS')."</span>\n";
return;
}
$pageNav = new vmPageNav( $num_rows, $limitstart, $limit );
$list .= $q .= " LIMIT ".$pageNav->limitstart.", $limit ";
$db->query( $list );
$listObj = new listFactory( $pageNav );
if( $num_rows > 0 ) {
// print out the search field and a list heading
$listObj->writeSearchHeader( '', '', 'account', 'index');
}
// start the list table
$listObj->startTable();
$listObj->writeTableHeader( 4 );
while ($db->next_record()) {
$order_status = ps_order_status::getOrderStatusName($db->f("order_status"));
$listObj->newRow();
$tmp_cell = "<a href=\"". $sess->url( $mm_action_url."index.php?page=account.order_details&order_id=".$db->f("order_id") )."\">\n";
$tmp_cell .= "<img src=\"".IMAGEURL."ps_image/goto.png\" height=\"32\" width=\"32\" align=\"middle\" border=\"0\" alt=\"".$VM_LANG->_('PHPSHOP_ORDER_LINK')."\" /> ".$VM_LANG->_('PHPSHOP_VIEW')."</a><br />";
$listObj->addCell( $tmp_cell );
$tmp_cell = "<strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_DATE').":</strong> " . vmFormatDate($db->f("cdate"), "%d. %B %Y");
$tmp_cell .= "<br /><strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_TOTAL').":</strong> " . $CURRENCY_DISPLAY->getFullValue($db->f("order_total"), '', $db->f('order_currency'));
$listObj->addCell( $tmp_cell );
$tmp_cell = "<strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_STATUS').":</strong> ".$order_status;
$tmp_cell .= "<br /><strong>".$VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').":</strong> " . sprintf("%08d", $db->f("order_id"));
$listObj->addCell( $tmp_cell );
$pdf_url = "index.php?option=com_vminvoice&controller=invoices".
"&task=pdf&cid=".$db->f("order_id");
$tmp_cell = ($db->f("order_status") == 'C OR $db->f("order_status") == 'C') ? '<a href="'.
JRoute::_($pdf_url).'"><img src="'.JURI::base().
'plugins/editors/jce/tiny_mce/plugins/filemanager/img/ext/pdf_small.gif" '.
'/> '.JText::_('Invoice') .' </a>' : '';
$listObj->addCell( $tmp_cell );
}
$listObj->writeTable();
$listObj->endTable();
if( $num_rows > 0 ) {
$listObj->writeFooter( $keyword, '&Itemid='.$sess->getShopItemid() );
}
}
/**
* Validate form values prior to delete
*
* @param int $order_id
* @return boolean
*/
function validate_delete($order_id) {
global $VM_LANG;
$db = new ps_DB;
if(empty( $order_id )) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_ORDER_DELETE_ERR_ID'));
return False;
}
return True;
}
/**
* Controller for Deleting Records.
*/
function delete(&$d) {
$record_id = $d["order_id"];
if( is_array( $record_id)) {
foreach( $record_id as $record) {
if( !$this->delete_record( $record, $d ))
return false;
}
return true;
}
else {
return $this->delete_record( $record_id, $d );
}
}
/**
* Deletes one Record.
*/
function delete_record( $record_id, &$d ) {
global $db;
$record_id = intval( $record_id );
if ($this->validate_delete($record_id)) {
$dbu = new ps_db();
// Get the order items and update the stock level
// to the number before the order was placed
$q = "SELECT order_status, product_id, product_quantity FROM #__{vm}_order_item WHERE order_id=$record_id";
$db->query( $q );
require_once( CLASSPATH .'ps_product.php' );
// Now update each ordered product
while( $db->next_record() ) {
if( in_array( $db->f('order_status'), array('P', 'X', 'R') )) continue;
if( ENABLE_DOWNLOADS == '1' && ps_product::is_downloadable($db->f("product_id")) && VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
$q = "UPDATE #__{vm}_product
SET product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
else {
$q = "UPDATE #__{vm}_product
SET product_in_stock=product_in_stock+".$db->f("product_quantity").",
product_sales=product_sales-".$db->f("product_quantity")."
WHERE product_id=".$db->f("product_id");
$dbu->query( $q );
}
}
$q = "DELETE from #__{vm}_orders where order_id='$record_id'";
$db->query($q);
$q = "DELETE from #__{vm}_order_item where order_id='$record_id'";
$db->query($q);
$q = "DELETE from #__{vm}_order_payment where order_id='$record_id'";
$db->query($q);
$q = "DELETE from #__{vm}_product_download where order_id='$record_id'";
$db->query($q);
$q = "DELETE from #__{vm}_order_history where order_id='$record_id'";
$db->query($q);
$q = "DELETE from #__{vm}_order_user_info where order_id='$record_id'";
$db->query($q);
$q = "DELETE FROM #__{vm}_shipping_label where order_id=$record_id";
$db->query($q);
return True;
}
else {
return False;
}
}
/**
* Creates the order navigation on the order print page
*
* @param int $order_id
* @return boolean
*/
function order_print_navigation( $order_id=1 ) {
global $sess, $modulename, $VM_LANG;
$navi_db = new ps_DB;
$navigation = "<div align=\"center\">\n<strong>\n";
$q = "SELECT order_id FROM #__{vm}_orders WHERE ";
$q .= "order_id < '$order_id' ORDER BY order_id DESC";
$navi_db->query($q);
$navi_db->next_record();
if ($navi_db->f("order_id")) {
$url = $_SERVER['PHP_SELF'] . "?page=$modulename.order_print&order_id=";
$url .= $navi_db->f("order_id");
$navigation .= "<a class=\"pagenav\" href=\"" . $sess->url($url) . "\">< " .$VM_LANG->_('ITEM_PREVIOUS')."</a> | ";
} else
$navigation .= "<span class=\"pagenav\">< " .$VM_LANG->_('ITEM_PREVIOUS')." | </span>";
$q = "SELECT order_id FROM #__{vm}_orders WHERE ";
$q .= "order_id > '$order_id' ORDER BY order_id";
$navi_db->query($q);
$navi_db->next_record();
if ($navi_db->f("order_id")) {
$url = $_SERVER['PHP_SELF'] . "?page=$modulename.order_print&order_id=";
$url .= $navi_db->f("order_id");
$navigation .= "<a class=\"pagenav\" href=\"" . $sess->url($url) ."\">". $VM_LANG->_('ITEM_NEXT')." ></a>";
} else {
$navigation .= "<span class=\"pagenav\">".$VM_LANG->_('ITEM_NEXT')." ></span>";
}
$navigation .= "\n<strong>\n</div>\n";
return $navigation;
}
}
// Check if there is an extended class in the Themes and if it is allowed to use them
// If the class is called outside Virtuemart, we have to make sure to load the settings
// Thomas Kahl - Feb. 2009
if (!defined('VM_ALLOW_EXTENDED_CLASSES') && file_exists(dirname(__FILE__).'/../virtuemart.cfg.php')) {
include_once(dirname(__FILE__).'/../virtuemart.cfg.php');
}
// If settings are loaded, extended Classes are allowed and the class exisits...
if (defined('VM_ALLOW_EXTENDED_CLASSES') && defined('VM_THEMEPATH') && VM_ALLOW_EXTENDED_CLASSES && file_exists(VM_THEMEPATH.'user_class/'.basename(__FILE__))) {
// Load the theme-user_class as extended
include_once(VM_THEMEPATH.'user_class/'.basename(__FILE__));
} else {
// Otherwise we have to use the original classname to extend the core-class
class ps_order extends vm_ps_order {}
}
$ps_order = new ps_order;
?>
