hasStarted() === FALSE ) $session->start(); // if the customer is not logged on, redirect them to the login page if (!isset($_SESSION['customer_id'])) { // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new navigationHistory(); } $_SESSION['navigation']->set_snapshot(array('content' =>$aContents['checkout_payment'])); oos_redirect(oos_href_link($aContents['login'])); } if (!isset($_SESSION['shipping']) || !isset($_SESSION['sendto'])) { oos_redirect(oos_href_link($aContents['checkout_shipping'])); } if ( (oos_is_not_null(MODULE_PAYMENT_INSTALLED)) && (!isset($_SESSION['payment'])) ) { oos_redirect(oos_href_link($aContents['checkout_payment'])); } // avoid hack attempts during the checkout procedure by checking the internal cartID if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) { if ($_SESSION['cart']->cartID != $_SESSION['cartID']) { oos_redirect(oos_href_link($aContents['checkout_shipping'])); } } // load selected payment module require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php'; $payment_modules = new payment($_SESSION['payment']); // load the selected shipping module require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php'; $shipping_modules = new shipping($_SESSION['shipping']); require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php'; $oOrder = new order; if ( (isset($_SESSION['shipping'])) && ($_SESSION['shipping']['id'] == 'free_free')) { if ( ($oOrder->info['total'] - $oOrder->info['shipping_cost']) < MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER ) { oos_redirect(oos_href_link($aContents['checkout_shipping'])); } } // load the before_process function from the payment modules $payment_modules->before_process(); require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php'; $order_total_modules = new order_total; $order_totals = $order_total_modules->process(); $sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'customers_name' => $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], 'customers_company' => $oOrder->customer['company'], 'customers_street_address' => $oOrder->customer['street_address'], 'customers_city' => $oOrder->customer['city'], 'customers_postcode' => $oOrder->customer['postcode'], 'customers_state' => $oOrder->customer['state'], 'customers_country' => $oOrder->customer['country']['title'], 'customers_telephone' => $oOrder->customer['telephone'], 'customers_email_address' => $oOrder->customer['email_address'], 'customers_address_format_id' => $oOrder->customer['format_id'], 'delivery_name' => $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname'], 'delivery_company' => $oOrder->delivery['company'], 'delivery_street_address' => $oOrder->delivery['street_address'], 'delivery_city' => $oOrder->delivery['city'], 'delivery_postcode' => $oOrder->delivery['postcode'], 'delivery_state' => $oOrder->delivery['state'], 'delivery_country' => $oOrder->delivery['country']['title'], 'delivery_address_format_id' => $oOrder->delivery['format_id'], 'billing_name' => $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname'], 'billing_company' => $oOrder->billing['company'], 'billing_street_address' => $oOrder->billing['street_address'], 'billing_city' => $oOrder->billing['city'], 'billing_postcode' => $oOrder->billing['postcode'], 'billing_state' => $oOrder->billing['state'], 'billing_country' => $oOrder->billing['country']['title'], 'billing_address_format_id' => $oOrder->billing['format_id'], 'payment_method' => $oOrder->info['payment_method'], 'date_purchased' => 'now()', 'last_modified' => 'now()', 'orders_status' => $oOrder->info['order_status'], 'currency' => $oOrder->info['currency'], 'currency_value' => $oOrder->info['currency_value'], 'orders_language' => $_SESSION['language']); oos_db_perform($oostable['orders'], $sql_data_array); $insert_id = $dbconn->Insert_ID(); for ($i=0, $n=count($order_totals); $i<$n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']); oos_db_perform($oostable['orders_total'], $sql_data_array); } $customer_notification = ($oEvent->installed_plugin('mail')) ? '1' : '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $oOrder->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $oOrder->info['comments']); oos_db_perform($oostable['orders_status_history'], $sql_data_array); // initialized for the email confirmation $products_ordered = ''; $subtotal = 0; $total_tax = 0; for ($i=0, $n=count($oOrder->products); $i<$n; $i++) { // Stock Update - Joao Correia if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $productstable = $oostable['products']; $products_attributestable = $oostable['products_attributes']; $products_attributes_downloadtable = $oostable['products_attributes_download']; $stock_result_raw = "SELECT products_quantity, pad.products_attributes_filename FROM $productstable p LEFT JOIN $products_attributestable pa ON p.products_id = pa.products_id LEFT JOIN $products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id WHERE p.products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'"; // Will work with only one option for downloadable products // otherwise, we have to build the query dynamically with a loop $products_attributes = $oOrder->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_result_raw .= " AND pa.options_id = '" . intval($products_attributes[0]['option_id']) . "' AND pa.options_values_id = '" . intval($products_attributes[0]['value_id']) . "'"; } $stock_result = $dbconn->Execute($stock_result_raw); } else { $productstable = $oostable['products']; $sql = "SELECT products_quantity FROM $productstable WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'"; $stock_result = $dbconn->Execute($sql); } if ($stock_result->RecordCount() > 0) { $stock_values = $stock_result->fields; // do not decrement quantities if products_attributes_filename exists if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) { $stock_left = $stock_values['products_quantity'] - $oOrder->products[$i]['qty']; } else { $stock_left = $stock_values['products_quantity']; } $productstable = $oostable['products']; $dbconn->Execute("UPDATE $productstable SET products_quantity = '" . oos_db_input($stock_left) . "' WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'"); if ($stock_left < 1) { $productstable = $oostable['products']; $dbconn->Execute("UPDATE $productstable SET products_status = '0' WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'"); } } } // Update products_ordered (for bestsellers list) $productstable = $oostable['products']; $dbconn->Execute("UPDATE $productstable SET products_ordered = products_ordered + " . sprintf('%d', intval($oOrder->products[$i]['qty'])) . " WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'"); $sql_data_array = array('orders_id' => $insert_id, 'products_id' => oos_get_product_id($oOrder->products[$i]['id']), 'products_model' => $oOrder->products[$i]['model'], 'products_ean' => $oOrder->products[$i]['ean'], 'products_name' => $oOrder->products[$i]['name'], 'products_price' => $oOrder->products[$i]['price'], 'final_price' => $oOrder->products[$i]['final_price'], 'products_tax' => $oOrder->products[$i]['tax'], 'products_quantity' => $oOrder->products[$i]['qty']); oos_db_perform($oostable['orders_products'], $sql_data_array); $order_products_id = $dbconn->Insert_ID(); //ICW ADDED FOR CREDIT CLASS SYSTEM $order_total_modules->update_credit_account($i); //------insert customer choosen option to order-------- $attributes_exist = '0'; $products_ordered_attributes = ''; if (isset($oOrder->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j=0, $n2=count($oOrder->products[$i]['attributes']); $j<$n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $products_optionstable = $oostable['products_options']; $products_options_valuestable = $oostable['products_options_values']; $products_attributestable = $oostable['products_attributes']; $products_attributes_downloadtable = $oostable['products_attributes_download']; if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) { $attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename FROM $products_optionstable popt, $products_options_valuestable poval, $products_attributestable pa LEFT JOIN $products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "' AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "' AND pa.options_id = popt.products_options_id AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'"; } else { $attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename FROM $products_optionstable popt, $products_options_valuestable poval, $products_attributestable pa LEFT JOIN $products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "' AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "' AND pa.options_id = popt.products_options_id AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "' AND pa.options_values_id = poval.products_options_values_id AND popt.products_options_languages_id = '" . intval($nLanguageID) . "' AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'"; } $attributes = $dbconn->Execute($attributes_result); } else { $products_optionstable = $oostable['products_options']; $products_options_valuestable = $oostable['products_options_values']; $products_attributestable = $oostable['products_attributes']; if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) { $sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix FROM $products_optionstable popt, $products_options_valuestable poval, $products_attributestable pa WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "' AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "' AND pa.options_id = popt.products_options_id AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'"; } else { $sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix FROM $products_optionstable popt, $products_options_valuestable poval, $products_attributestable pa WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "' AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "' AND pa.options_id = popt.products_options_id AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "' AND pa.options_values_id = poval.products_options_values_id AND popt.products_options_languages_id = '" . intval($nLanguageID) . "' AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'"; } $attributes = $dbconn->Execute($sql); } $attributes_values = $attributes->fields; $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $oOrder->products[$i]['attributes'][$j]['value'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); // insert oos_db_perform($oostable['orders_products_attributes'], $sql_data_array); if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && oos_is_not_null($attributes_values['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']); // insert oos_db_perform($oostable['orders_products_download'], $sql_data_array); } $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . oos_decode_special_chars($oOrder->products[$i]['attributes'][$j]['value']); } } //------insert customer choosen option eof ---- $total_weight += ($oOrder->products[$i]['qty'] * $oOrder->products[$i]['weight']); $total_tax += oos_calculate_tax($total_products_price, $products_tax) * $oOrder->products[$i]['qty']; $total_cost += $total_products_price; $products_ordered .= $oOrder->products[$i]['qty'] . ' x ' . $oOrder->products[$i]['name'] . ' (' . $oOrder->products[$i]['model'] . ') = ' . $oCurrencies->display_price($oOrder->products[$i]['final_price'], $oOrder->products[$i]['tax'], $oOrder->products[$i]['qty']) . $products_ordered_attributes . "\n"; } $order_total_modules->apply_credit(); // lets start with the email confirmation $email_order = STORE_NAME . "\n" . $aLang['email_separator'] . "\n" . $aLang['email_text_order_number'] . ' ' . $insert_id . "\n" . $aLang['email_text_invoice_url'] . ' ' . oos_href_link($aContents['account_history_info'], 'order_id=' . $insert_id, FALSE) . "\n" . $aLang['email_text_date_ordered'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n"; if ($oOrder->info['comments']) { $email_order .= oosDBOutput($oOrder->info['comments']) . "\n\n"; } $email_order .= $aLang['email_text_products'] . "\n" . $aLang['email_separator'] . "\n" . $products_ordered . $aLang['email_separator'] . "\n"; for ($i=0, $n=count($order_totals); $i<$n; $i++) { $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n"; } if ($oOrder->content_type != 'virtual') { $email_order .= "\n" . $aLang['email_text_delivery_address'] . "\n" . $aLang['email_separator'] . "\n" . oos_address_label($_SESSION['customer_id'], $_SESSION['sendto'], 0, '', "\n") . "\n"; } $email_order .= "\n" . $aLang['email_text_billing_address'] . "\n" . $aLang['email_separator'] . "\n" . oos_address_label($_SESSION['customer_id'], $_SESSION['billto'], 0, '', "\n") . "\n\n"; if (is_object(${$_SESSION['payment']})) { $email_order .= $aLang['email_text_payment_method'] . "\n" . $aLang['email_separator'] . "\n"; $payment_class = ${$_SESSION['payment']}; $email_order .= $payment_class->title . "\n\n"; if ($payment_class->email_footer) { $email_order .= $payment_class->email_footer . "\n\n"; } } if (!isset($_SESSION['man_key'])) { oos_mail($oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], $aLang['email_text_subject'], nl2br($email_order), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } // send emails to other people if ( (defined (SEND_EXTRA_ORDER_EMAILS_TO)) && (SEND_EXTRA_ORDER_EMAILS_TO != '')) { oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $aLang['email_text_subject'], nl2br($email_order), $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], true); } // load the after_process function from the payment modules $payment_modules->after_process(); $_SESSION['cart']->reset(true); // unregister session variables used during checkout unset($_SESSION['sendto']); unset($_SESSION['billto']); unset($_SESSION['shipping']); unset($_SESSION['payment']); unset($_SESSION['comments']); $order_total_modules->clear_posts(); oos_redirect(oos_href_link($aContents['checkout_success']));