Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add certified InPay payment module

  • Loading branch information...
commit f7f7cce7767a330728d42a48b26e531d3c4b4c8b 1 parent 540cc7d
Harald Ponce de Leon haraldpdl authored
93 catalog/ext/modules/payment/inpay/inpay_functions.php
... ... @@ -0,0 +1,93 @@
  1 +<?php
  2 +
  3 +/*
  4 + $Id: inpay_functions.php VER: 1.0.3443 $
  5 + osCommerce, Open Source E-Commerce Solutions
  6 + http://www.oscommerce.com
  7 + Copyright (c) 2008 osCommerce
  8 + Released under the GNU General Public License
  9 + */
  10 +
  11 +
  12 +/* Ensure the http_build_query is defined */
  13 +
  14 +if (!function_exists('http_build_query')) {
  15 + function http_build_query($data, $prefix='', $sep='', $key='') {
  16 + $ret = array();
  17 + foreach ((array)$data as $k => $v) {
  18 + if (is_int($k) && $prefix != null) {
  19 + $k = urlencode($prefix . $k);
  20 + }
  21 + if ((!empty($key)) || ($key === 0)) $k = $key.'['.urlencode($k).']';
  22 + if (is_array($v) || is_object($v)) {
  23 + array_push($ret, http_build_query($v, '', $sep, $k));
  24 + } else {
  25 + array_push($ret, $k.'='.urlencode($v));
  26 + }
  27 + }
  28 + if (empty($sep)) $sep = ini_get('arg_separator.output');
  29 + return implode($sep, $ret);
  30 + }// http_build_query
  31 +}//if
  32 +
  33 +function get_invoice_status($pars) {
  34 + //
  35 + // prepare parameters
  36 + //
  37 + $calc_md5 = calc_inpay_invoice_status_md5key($pars);
  38 + $q = http_build_query(array("merchant_id"=>MODULE_PAYMENT_INPAY_MERCHANT_ID, "invoice_ref"=>$pars['invoice_reference'], "checksum"=>$calc_md5), "", "&");
  39 + //
  40 + // communicate to inpay server
  41 + //
  42 + $fsocket = false;
  43 + $curl = false;
  44 + $result = false;
  45 + $fp = false;
  46 + $server = 'secure.inpay.com';
  47 + if (MODULE_PAYMENT_INPAY_GATEWAY_SERVER != 'Production') {
  48 + $server = 'test-secure.inpay.com';
  49 + }
  50 +
  51 + if ((PHP_VERSION >= 4.3) && ($fp = @fsockopen('ssl://'.$server, 443, $errno, $errstr, 30))) {
  52 + $fsocket = true;
  53 + } elseif (function_exists('curl_exec')) {
  54 + $curl = true;
  55 + }
  56 + if ($fsocket == true) {
  57 + $header = 'POST /api/get_invoice_status HTTP/1.1'."\r\n".
  58 + 'Host: '.$server."\r\n".
  59 + 'Content-Type: application/x-www-form-urlencoded'."\r\n".
  60 + 'Content-Length: '.strlen($q)."\r\n".
  61 + 'Connection: close'."\r\n\r\n";
  62 + @fputs($fp, $header.$q);
  63 + $str = '';
  64 + while (!@feof($fp)) {
  65 + $res = @fgets($fp, 1024);
  66 + $str .= (string)$res;
  67 + }
  68 + @fclose($fp);
  69 + $result=$str;
  70 + $result = preg_split('/^\r?$/m', $result, 2);
  71 + $result = trim($result[1]);
  72 + } elseif ($curl == true) {
  73 + $ch = curl_init();
  74 + curl_setopt($ch, CURLOPT_URL, 'https://'.$server.'/api/get_invoice_status');
  75 + curl_setopt($ch, CURLOPT_POST, true);
  76 + curl_setopt($ch, CURLOPT_POSTFIELDS, $q);
  77 + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  78 + curl_setopt($ch, CURLOPT_HEADER, false);
  79 + curl_setopt($ch, CURLOPT_TIMEOUT, 30);
  80 + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  81 + $result = curl_exec($ch);
  82 + curl_close($ch);
  83 + }
  84 + return (string)$result;
  85 +}
  86 +
  87 +function calc_inpay_invoice_status_md5key($pars) {
  88 + $q = http_build_query(array("invoice_ref"=>$pars['invoice_reference'], "merchant_id"=>MODULE_PAYMENT_INPAY_MERCHANT_ID,
  89 + "secret_key"=>MODULE_PAYMENT_INPAY_SECRET_KEY), "", "&");
  90 + $md5v = md5($q);
  91 + return $md5v;
  92 +}
  93 +?>
387 catalog/ext/modules/payment/inpay/pb_handler.php
... ... @@ -0,0 +1,387 @@
  1 +<?php
  2 +/*
  3 + $Id: pb_handler.php VER: 1.0.3414 $
  4 + osCommerce, Open Source E-Commerce Solutions
  5 + http://www.oscommerce.com
  6 + Copyright (c) 2008 osCommerce
  7 + Released under the GNU General Public License
  8 + */
  9 +
  10 +chdir('../../../../');
  11 +require ('includes/application_top.php');
  12 +reset($HTTP_POST_VARS);
  13 +$result = "VERIFIED";
  14 +$ok = true;
  15 +$my_order = null;
  16 +$my_order_query = null;
  17 +//*************************************
  18 +// Validate request
  19 +//
  20 +if (! isset ($HTTP_POST_VARS['order_id']) || !is_numeric($HTTP_POST_VARS['order_id']) || ($HTTP_POST_VARS['order_id'] <= 0))
  21 +{
  22 + $ok = false;
  23 + $result = "bad order id";
  24 +}
  25 +if ($ok)
  26 +{
  27 + if (! isset ($HTTP_POST_VARS["invoice_amount"]))
  28 + {
  29 + $ok = false;
  30 + $result = "bad amount";
  31 + }
  32 +}
  33 +if ($ok)
  34 +{
  35 + if (! isset ($HTTP_POST_VARS["invoice_currency"]))
  36 + {
  37 + $ok = false;
  38 + $result = "bad currency";
  39 + }
  40 +}
  41 +if ($ok)
  42 +{
  43 + if (! isset ($HTTP_POST_VARS["checksum"]) || ! isset ($HTTP_POST_VARS["invoice_reference"]) || ! isset ($HTTP_POST_VARS["invoice_created_at"]) || ! isset ($HTTP_POST_VARS["invoice_status"]))
  44 + {
  45 + $ok = false;
  46 + $result = "missing vatiables";
  47 + }
  48 +}
  49 +if ($ok)
  50 +{
  51 + //
  52 + // calc checksum
  53 + //
  54 + $sk = MODULE_PAYMENT_INPAY_SECRET_KEY;
  55 + $q = http_build_query( array (
  56 + "order_id"=>$HTTP_POST_VARS['order_id'],
  57 + "invoice_reference"=>$HTTP_POST_VARS['invoice_reference'],
  58 + "invoice_amount"=>$HTTP_POST_VARS['invoice_amount'],
  59 + "invoice_currency"=>$HTTP_POST_VARS['invoice_currency'],
  60 + "invoice_created_at"=>$HTTP_POST_VARS['invoice_created_at'],
  61 + "invoice_status"=>$HTTP_POST_VARS['invoice_status'],
  62 + "secret_key"=>$sk), "", "&");
  63 + $md5v = md5($q);
  64 + if ($md5v != $HTTP_POST_VARS["checksum"])
  65 + {
  66 + $ok = false;
  67 + $result = "bad checksum";
  68 + }
  69 +}
  70 +if ($ok)
  71 +{
  72 + $my_order_query = tep_db_query("select orders_status, currency, currency_value from ".TABLE_ORDERS." where orders_id = '".$HTTP_POST_VARS['order_id']."'"); // TODO: fix PB to add all params"' and customers_id = '" . (int)$HTTP_POST_VARS['custom'] . "'");
  73 + if (tep_db_num_rows($my_order_query) <= 0)
  74 + {
  75 + $ok = false;
  76 + $result = "order not found";
  77 + }
  78 +}
  79 +if ($ok)
  80 +{
  81 + $my_order = tep_db_fetch_array($my_order_query);
  82 + $order = $my_order;
  83 + $total_query = tep_db_query("select value from ".TABLE_ORDERS_TOTAL." where orders_id = '".$HTTP_POST_VARS['order_id']."' and class = 'ot_total' limit 1");
  84 + $total = tep_db_fetch_array($total_query);
  85 + if (number_format($HTTP_POST_VARS['invoice_amount'], $currencies->get_decimal_places($order['currency'])) != number_format($total['value']*$order['currency_value'], $currencies->get_decimal_places($order['currency'])))
  86 + {
  87 + $ok = false;
  88 + $result = 'Inpay transaction value ('.tep_output_string_protected($HTTP_POST_VARS['invoice_amount']).') does not match order value ('.number_format($total['value']*$order['currency_value'], $currencies->get_decimal_places($order['currency'])).')';
  89 + }
  90 +}
  91 +if ($ok)
  92 +{
  93 + //
  94 + // check status
  95 + //
  96 + $order = $my_order;
  97 + $delivered_status = 3;
  98 + if (($order['orders_status'] == MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID) || ($order['orders_status'] == $delivered_status))
  99 + {
  100 + $ok = false;
  101 + $result = 'Status already in level'.$order['orders_status'];
  102 + }
  103 +}
  104 +if ($ok) {
  105 + require_once ('inpay_functions.php');
  106 + $invoice_status = get_invoice_status($HTTP_POST_VARS);
  107 + $ok = false;
  108 + if ((($invoice_status == "pending")||($invoice_status == "created"))&&(($HTTP_POST_VARS["invoice_status"] == "pending")||($HTTP_POST_VARS["invoice_status"] == "created"))) {
  109 + $ok = true;
  110 + } else if (($invoice_status == "approved") && ($HTTP_POST_VARS["invoice_status"] == "approved")) {
  111 + $ok = true;
  112 + } else if (($invoice_status == "sum_too_low") && ($HTTP_POST_VARS["invoice_status"] == "sum_too_low")) {
  113 + $ok = true;
  114 + }
  115 + if (!$ok)
  116 + {
  117 + $result = "Bad invoice status:".$invoice_status;
  118 + }
  119 +}
  120 +
  121 +//
  122 +// Validate request end
  123 +//************************************
  124 +if ($result == 'VERIFIED')
  125 +{
  126 + $order = $my_order;
  127 + $order_status_id = DEFAULT_ORDERS_STATUS_ID;
  128 + $invoice_approved = false;
  129 + switch($HTTP_POST_VARS["invoice_status"])
  130 + {
  131 + case "created":
  132 + case "pending":
  133 + $msg = "customer has been asked to pay ".$HTTP_POST_VARS['invoice_amount']." ".$HTTP_POST_VARS['invoice_currency']." with reference: ".$HTTP_POST_VARS["invoice_reference"]. " via his online bank";
  134 + $order_status_id = MODULE_PAYMENT_INPAY_CREATE_ORDER_STATUS_ID;
  135 + break;
  136 + case "approved":
  137 + $msg = "Inpay has confimed that the payment of ".$HTTP_POST_VARS['invoice_amount']." ".$HTTP_POST_VARS['invoice_currency']." has been received";
  138 + $order_status_id = MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID;
  139 + $invoice_approved = true;
  140 + break;
  141 + case "sum_too_low":
  142 + $msg = "Partial payment received by inpay. Reference: ".$HTTP_POST_VARS["invoice_reference"];
  143 + $order_status_id = MODULE_PAYMENT_INPAY_SUM_TOO_LOW_ORDER_STATUS_ID;
  144 + break;
  145 + }
  146 + $comment_status .= $msg." ;";
  147 + $customer_notified = '0';
  148 + //
  149 + // update order status
  150 + //
  151 + $sql_data_array = array ('orders_id'=>$HTTP_POST_VARS['order_id'],
  152 + 'orders_status_id'=>$order_status_id,
  153 + 'date_added'=>'now()',
  154 + 'customer_notified'=>$customer_notified,
  155 + 'comments'=>'Inpay '.ucfirst($HTTP_POST_VARS['invoice_status']).'['.$comment_status.']');
  156 + tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  157 + tep_db_query("update ".TABLE_ORDERS." set orders_status = '".$order_status_id."', last_modified = now() where orders_id = '".(int)$HTTP_POST_VARS['order_id']."'");
  158 + if ($invoice_approved)
  159 + {
  160 + // for email
  161 + include(DIR_WS_LANGUAGES . $language . '/modules/payment/inpay.php');
  162 + // let's re-create the required arrays
  163 + require (DIR_WS_CLASSES.'order.php');
  164 + $order = new order($HTTP_POST_VARS['order_id']);
  165 + // START STATUS == COMPLETED LOOP
  166 + // initialized for the email confirmation
  167 + $products_ordered = '';
  168 + $total_tax = 0;
  169 +
  170 + // let's update the stock
  171 + // #######################################################
  172 + for ($i = 0, $n = sizeof($order->products); $i < $n; $i++)
  173 + { // PRODUCT LOOP STARTS HERE
  174 + // Stock Update - Joao Correia
  175 + if ((MODULE_PAYMENT_INPAY_DECREASE_STOCK_ON_CREATION=='False') && (STOCK_LIMITED == 'true'))
  176 + {
  177 + if (DOWNLOAD_ENABLED == 'true')
  178 + {
  179 + $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  180 + FROM ".TABLE_PRODUCTS." p
  181 + LEFT JOIN ".TABLE_PRODUCTS_ATTRIBUTES." pa
  182 + ON p.products_id=pa.products_id
  183 + LEFT JOIN ".TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD." pad
  184 + ON pa.products_attributes_id=pad.products_attributes_id
  185 + WHERE p.products_id = '".tep_get_prid($order->products[$i]['id'])."'";
  186 + // Will work with only one option for downloadable products
  187 + // otherwise, we have to build the query dynamically with a loop
  188 + $products_attributes = $order->products[$i]['attributes'];
  189 + if (is_array($products_attributes))
  190 + {
  191 + $stock_query_raw .= " AND pa.options_id = '".$products_attributes[0]['option_id']."' AND pa.options_values_id = '".$products_attributes[0]['value_id']."'";
  192 + }
  193 + $stock_query = tep_db_query($stock_query_raw);
  194 + } else
  195 + {
  196 + $stock_query = tep_db_query("select products_quantity from ".TABLE_PRODUCTS." where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  197 + }
  198 + if (tep_db_num_rows($stock_query) > 0)
  199 + {
  200 + $stock_values = tep_db_fetch_array($stock_query);
  201 + // do not decrement quantities if products_attributes_filename exists
  202 + if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename']))
  203 + {
  204 + $stock_left = $stock_values['products_quantity']-$order->products[$i]['qty'];
  205 + } else
  206 + {
  207 + $stock_left = $stock_values['products_quantity'];
  208 + }
  209 + tep_db_query("update ".TABLE_PRODUCTS." set products_quantity = '".$stock_left."' where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  210 + if (($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false'))
  211 + {
  212 + tep_db_query("update ".TABLE_PRODUCTS." set products_status = '0' where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  213 + }
  214 + }
  215 + } // decrease stock end
  216 +
  217 + // Update products_ordered (for bestsellers list)
  218 + tep_db_query("update ".TABLE_PRODUCTS." set products_ordered = products_ordered + ".sprintf('%d', $order->products[$i]['qty'])." where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  219 +
  220 + // Let's get all the info together for the email
  221 + $total_weight += ($order->products[$i]['qty']*$order->products[$i]['weight']);
  222 + $total_tax += tep_calculate_tax($total_products_price, $products_tax)*$order->products[$i]['qty'];
  223 + $total_cost += $total_products_price;
  224 +
  225 + // Let's get the attributes
  226 + $products_ordered_attributes = '';
  227 + if (( isset ($order->products[$i]['attributes'])) && (sizeof($order->products[$i]['attributes']) > 0))
  228 + {
  229 + for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++)
  230 + {
  231 + $products_ordered_attributes .= "\n\t".$order->products[$i]['attributes'][$j]['option'].' '.$order->products[$i]['attributes'][$j]['value'];
  232 + }
  233 + }
  234 +
  235 + // Let's format the products model
  236 + $products_model = '';
  237 + if (! empty($order->products[$i]['model']))
  238 + {
  239 + $products_model = ' ('.$order->products[$i]['model'].')';
  240 + }
  241 +
  242 + // Let's put all the product info together into a string
  243 + $products_ordered .= $order->products[$i]['qty'].' x '.$order->products[$i]['name'].$products_model.' = '.$currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']).$products_ordered_attributes."\n";
  244 + } // PRODUCT LOOP ENDS HERE
  245 + #######################################################
  246 +
  247 + // lets start with the email confirmation
  248 + // BOF content type fix by AlexStudio
  249 + $content_type = '';
  250 + $content_count = 0;
  251 + // BOF order comment fix
  252 + $comment_query = tep_db_query("select comments from ".TABLE_ORDERS_STATUS_HISTORY." where orders_id = '".$HTTP_POST_VARS['order_id']."'");
  253 + $comment_array = tep_db_fetch_array($comment_query);
  254 + $comments = $comment_array['comments'];
  255 + // EOF order comment fix
  256 +
  257 + if (DOWNLOAD_ENABLED == 'true')
  258 + {
  259 + $content_query = tep_db_query("select * from ".TABLE_ORDERS_PRODUCTS_DOWNLOAD." where orders_id = '".(int)$HTTP_POST_VARS['order_id']."'");
  260 + $content_count = tep_db_num_rows($content_query);
  261 + if ($content_count > 0)
  262 + {
  263 + $content_type = 'virtual';
  264 + }
  265 + }
  266 + switch($content_type)
  267 + {
  268 + case 'virtual':
  269 + if ($content_count != sizeof($order->products))$content_type = 'mixed';
  270 + break;
  271 + default:
  272 + $content_type = 'physical';
  273 + break;
  274 + }
  275 + // EOF content type fix by AlexStudio
  276 + // $order variables have been changed from checkout_process to work with the variables from the function query () instead of cart () in the order class
  277 + $email_order = STORE_NAME."\n".
  278 + EMAIL_SEPARATOR."\n".
  279 + EMAIL_TEXT_ORDER_NUMBER.' '.$HTTP_POST_VARS['order_id']."\n".
  280 + EMAIL_TEXT_INVOICE_URL.' '.tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id='.$HTTP_POST_VARS['order_id'], 'SSL', false)."\n".
  281 + EMAIL_TEXT_DATE_ORDERED.' '.strftime(DATE_FORMAT_LONG)."\n\n";
  282 + // BOF order comment fix by AlexStudio
  283 + if ($comments)
  284 + {
  285 + // do not add comments
  286 + // $email_order .= $comments."\n\n";
  287 + }
  288 + // EOF order comment fix by AlexStudio
  289 +
  290 + $email_order .= EMAIL_TEXT_PRODUCTS."\n".
  291 + EMAIL_SEPARATOR."\n".
  292 + $products_ordered.
  293 + EMAIL_SEPARATOR."\n";
  294 +
  295 + for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++)
  296 + {
  297 + $email_order .= strip_tags($order->totals[$i]['title']).' '.strip_tags($order->totals[$i]['text'])."\n";
  298 + }
  299 + // BOF content type fix by AlexStudio
  300 + if ($content_type != 'virtual')
  301 + {
  302 + // EOF content type fix by AlexStudio
  303 + $email_order .= "\n".EMAIL_TEXT_DELIVERY_ADDRESS."\n".
  304 + EMAIL_SEPARATOR."\n".
  305 + tep_address_format($order->delivery['format_id'], $order->delivery, 0, '', "\n")."\n";
  306 + }
  307 +
  308 + $email_order .= "\n".EMAIL_TEXT_BILLING_ADDRESS."\n".
  309 + EMAIL_SEPARATOR."\n".
  310 + tep_address_format($order->billing['format_id'], $order->billing, 0, '', "\n")."\n\n";
  311 + if (is_object($$payment))
  312 + {
  313 + $email_order .= EMAIL_TEXT_PAYMENT_METHOD."\n".
  314 + EMAIL_SEPARATOR."\n";
  315 + $payment_class = $$payment;
  316 + $email_order .= $payment_class->title."\n\n";
  317 + if ($payment_class->email_footer)
  318 + {
  319 + $email_order .= $payment_class->email_footer."\n\n";
  320 + }
  321 + }
  322 + tep_mail($order->customer['name'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, nl2br($email_order), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  323 +
  324 + // send emails to other people
  325 + if (SEND_EXTRA_ORDER_EMAILS_TO != '')
  326 + {
  327 + tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, nl2br($email_order), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  328 + }
  329 + } // END oreder approved LOOP
  330 +
  331 +
  332 +
  333 +} else
  334 +{
  335 + //
  336 + // Invalid result
  337 + //
  338 + //
  339 + // send warning email
  340 + //
  341 + if (tep_not_null(MODULE_PAYMENT_INPAY_DEBUG_EMAIL))
  342 + {
  343 + $email_body = '$HTTP_POST_VARS:'."\n\n";
  344 +
  345 + reset($HTTP_POST_VARS);
  346 + while ( list ($key, $value) = each($HTTP_POST_VARS))
  347 + {
  348 + $email_body .= $key.'='.$value."\n";
  349 + }
  350 +
  351 + $email_body .= "\n".'$HTTP_GET_VARS:'."\n\n";
  352 +
  353 + reset($HTTP_GET_VARS);
  354 + while ( list ($key, $value) = each($HTTP_GET_VARS))
  355 + {
  356 + $email_body .= $key.'='.$value."\n";
  357 + }
  358 +
  359 + tep_mail('', MODULE_PAYMENT_INPAY_DEBUG_EMAIL, 'Inpay Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  360 + }
  361 + //
  362 + // add error message to history if order can be found
  363 + //
  364 + if ( isset ($HTTP_POST_VARS['order_id']) && is_numeric($HTTP_POST_VARS['order_id']) && ($HTTP_POST_VARS['order_id'] > 0))
  365 + {
  366 + $check_query = tep_db_query("select orders_id from ".TABLE_ORDERS." where orders_id = '".$HTTP_POST_VARS['order_id']."'"); //TODO: fix custom "' and customers_id = '" . (int)$HTTP_POST_VARS['custom'] . "'");
  367 + $order_status_id = $order['orders_status'];
  368 + if (($order_status_id==null)||($order['orders_status']=='')){
  369 + $order_status_id = DEFAULT_ORDERS_STATUS_ID;
  370 + }
  371 + if (tep_db_num_rows($check_query) > 0)
  372 + {
  373 + $comment_status = $result;
  374 + //tep_db_query("update ".TABLE_ORDERS." set orders_status = '".((MODULE_PAYMENT_INPAY_ORDER_STATUS_ID > 0)?MODULE_PAYMENT_INPAY_ORDER_STATUS_ID:DEFAULT_ORDERS_STATUS_ID)."', last_modified = now() where orders_id = '".$HTTP_POST_VARS['order_id']."'");
  375 + $sql_data_array = array ('orders_id'=>$HTTP_POST_VARS['order_id'],
  376 + 'orders_status_id'=>$order_status_id,
  377 + 'date_added'=>'now()',
  378 + 'customer_notified'=>'0',
  379 + 'comments'=>'Inpay Invalid ['.$comment_status.']');
  380 + tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  381 + }
  382 + }
  383 +}
  384 +
  385 +require ('includes/application_bottom.php');
  386 +
  387 +?>
46 catalog/includes/languages/english/modules/payment/inpay.php
... ... @@ -0,0 +1,46 @@
  1 +<?php
  2 +/*
  3 + $Id: inpay.php VER: 1.0.3443 $
  4 + osCommerce, Open Source E-Commerce Solutions
  5 + http://www.oscommerce.com
  6 + Copyright (c) 2008 osCommerce
  7 + Released under the GNU General Public License
  8 + */
  9 +
  10 + define('MODULE_PAYMENT_INPAY_TEXT_TITLE', 'Inpay - instant online bank transfers');
  11 + define('MODULE_PAYMENT_INPAY_TEXT_PUBLIC_TITLE', 'Pay with your online bank - instant and 100% secure');
  12 + define('MODULE_PAYMENT_INPAY_TEXT_PUBLIC_HTML', '<img src="https://resources.inpay.com/images/oscommerce/inpay_checkout.png" alt="Secure checkouts using inpay" /><br /><br />
  13 + <table cellspacing="5">
  14 + <tr><td><img src="https://resources.inpay.com/images/oscommerce/inpay_check.png" alt="100% Secure payments using inpay" /></td><td class="main">100% Secure payments using inpay <span style="color: #666;">- our security level matches the security of your online bank.</span></td></tr>
  15 + <tr><td><img src="https://resources.inpay.com/images/oscommerce/inpay_check.png" alt="Instant payments using inpay" /></td><td class="main">Instant payments using inpay <span style="color: #666;">- our system ensures you will receive your order as soon as possible.</span></td></tr>
  16 + <tr><td><img src="https://resources.inpay.com/images/oscommerce/inpay_check.png" alt="Anonymous payment using inpay" /></td><td class="main">Anonymous payment using inpay <span style="color: #666;">- no need to share your credit card number or any other personal information.</span></td></tr>
  17 + </table><a href="http://inpay.com/shoppers" style="text-decoration: underline;" target="_blank" class="main">Click here to read more about inpay</a><br />');
  18 + define('MODULE_PAYMENT_INPAY_TEXT_DESCRIPTION', '<strong>What is inpay?</strong><br />
  19 + inpay is an extra payment option for webshops, that allows customers to pay using their online bank - instantly and worldwide.<br />
  20 + <br />
  21 + <strong>Increase profits</strong><br />
  22 + By allowing shoppers to pay using their online bank, you can now sell to customers that are otherwise unable or unwilling to pay today.<br />
  23 +<br />
  24 +<strong>Increase market size</strong><br />
  25 +By offering your customers the inpay payment option you increase your market share to not only credit and debit card owners, but also online bank users from all over the world.<br />
  26 +<br />
  27 +<strong>No risk</strong><br />
  28 +With inpay there is no risk of credit card fraud or any kind of chargebacks. This means that when you get paid you stay paid! With inpay you can even sell to customers from \'high risk\' regions including all parts of Asia and Eastern Europe.<br /><br />
  29 + <a href="http://inpay.com/" style="text-decoration: underline;" target="_blank">Read more or signup at inpay.com</a><br />');
  30 + // ------------- e-mail settings ---------------------------------
  31 + define('EMAIL_TEXT_SUBJECT', 'Payment confirmed by inpay');
  32 + define('EMAIL_TEXT_ORDER_NUMBER', 'Order Number:');
  33 + define('EMAIL_TEXT_INVOICE_URL', 'Detailed Invoice:');
  34 + define('EMAIL_TEXT_DATE_ORDERED', 'Date Ordered:');
  35 + define('EMAIL_TEXT_PRODUCTS', 'Products');
  36 + define('EMAIL_TEXT_SUBTOTAL', 'Sub-Total:');
  37 + define('EMAIL_TEXT_TAX', 'Tax: ');
  38 + define('EMAIL_TEXT_SHIPPING', 'Shipping: ');
  39 + define('EMAIL_TEXT_TOTAL', 'Total: ');
  40 + define('EMAIL_TEXT_DELIVERY_ADDRESS', 'Delivery Address');
  41 + define('EMAIL_TEXT_BILLING_ADDRESS', 'Billing Address');
  42 + define('EMAIL_TEXT_PAYMENT_METHOD', 'Payment Method');
  43 + define('EMAIL_SEPARATOR', '------------------------------------------------------');
  44 + define('TEXT_EMAIL_VIA', 'via');
  45 +
  46 +?>
701 catalog/includes/modules/payment/inpay.php
... ... @@ -0,0 +1,701 @@
  1 +<?php
  2 +/*
  3 + $Id: inpay.php VER: 1.0.3443 $
  4 + osCommerce, Open Source E-Commerce Solutions
  5 + http://www.oscommerce.com
  6 + Copyright (c) 2008 osCommerce
  7 + Released under the GNU General Public License
  8 + */
  9 +
  10 +require_once(DIR_FS_CATALOG.'ext/modules/payment/inpay/inpay_functions.php');
  11 +
  12 +class inpay
  13 +{
  14 + var $code, $title, $description, $enabled;
  15 +
  16 + // class constructor
  17 + function inpay()
  18 + {
  19 + global $order;
  20 + $this->signature = 'inpay|inpay|1.0|2.2';
  21 + $this->code = 'inpay';
  22 + $this->title = MODULE_PAYMENT_INPAY_TEXT_TITLE;
  23 + $this->public_title = MODULE_PAYMENT_INPAY_TEXT_PUBLIC_TITLE;
  24 + $this->description = MODULE_PAYMENT_INPAY_TEXT_DESCRIPTION;
  25 + $this->sort_order = MODULE_PAYMENT_INPAY_SORT_ORDER;
  26 + $this->enabled = ((MODULE_PAYMENT_INPAY_STATUS == 'True')?true:false);
  27 +
  28 + // if ((int)MODULE_PAYMENT_INPAY_PREPARE_ORDER_STATUS_ID > 0)
  29 + // {
  30 + // $this->order_status = MODULE_PAYMENT_INPAY_PREPARE_ORDER_STATUS_ID;
  31 + // }
  32 +
  33 + if (is_object($order))$this->update_status();
  34 +
  35 + if (MODULE_PAYMENT_INPAY_GATEWAY_SERVER == 'Production')
  36 + {
  37 + $this->form_action_url = 'https://secure.inpay.com';
  38 + } else
  39 + {
  40 + $this->form_action_url = 'https://test-secure.inpay.com';
  41 + }
  42 + }
  43 +
  44 + // class methods
  45 + function update_status()
  46 + {
  47 + global $order;
  48 +
  49 + if (($this->enabled == true) && ((int)MODULE_PAYMENT_INPAY_ZONE > 0))
  50 + {
  51 + $check_flag = false;
  52 + $check_query = tep_db_query("select zone_id from ".TABLE_ZONES_TO_GEO_ZONES." where geo_zone_id = '".MODULE_PAYMENT_INPAY_ZONE."' and zone_country_id = '".$order->billing['country']['id']."' order by zone_id");
  53 + while ($check = tep_db_fetch_array($check_query))
  54 + {
  55 + if ($check['zone_id'] < 1)
  56 + {
  57 + $check_flag = true;
  58 + break;
  59 + } elseif ($check['zone_id'] == $order->billing['zone_id'])
  60 + {
  61 + $check_flag = true;
  62 + break;
  63 + }
  64 + }
  65 +
  66 + if ($check_flag == false)
  67 + {
  68 + $this->enabled = false;
  69 + }
  70 + }
  71 + }
  72 +
  73 + function javascript_validation()
  74 + {
  75 + return false;
  76 + }
  77 +
  78 + function selection()
  79 + {
  80 + global $cart_inpay_Standard_ID;
  81 +
  82 + if (tep_session_is_registered('cart_inpay_Standard_ID'))
  83 + {
  84 + $order_id = substr($cart_inpay_Standard_ID, strpos($cart_inpay_Standard_ID, '-')+1);
  85 +
  86 + $check_query = tep_db_query('select orders_id from '.TABLE_ORDERS_STATUS_HISTORY.' where orders_id = "'.(int)$order_id.'" limit 1');
  87 +
  88 + if (tep_db_num_rows($check_query) < 1)
  89 + {
  90 + tep_db_query('delete from '.TABLE_ORDERS.' where orders_id = "'.(int)$order_id.'"');
  91 + tep_db_query('delete from '.TABLE_ORDERS_TOTAL.' where orders_id = "'.(int)$order_id.'"');
  92 + tep_db_query('delete from '.TABLE_ORDERS_STATUS_HISTORY.' where orders_id = "'.(int)$order_id.'"');
  93 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS.' where orders_id = "'.(int)$order_id.'"');
  94 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS_ATTRIBUTES.' where orders_id = "'.(int)$order_id.'"');
  95 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS_DOWNLOAD.' where orders_id = "'.(int)$order_id.'"');
  96 +
  97 + tep_session_unregister('cart_inpay_Standard_ID');
  98 + }
  99 + }
  100 +
  101 + return array ('id'=>$this->code,
  102 + 'module'=>$this->public_title, 'fields' => array(array('title' => '', 'field' => MODULE_PAYMENT_INPAY_TEXT_PUBLIC_HTML)));
  103 + }
  104 +
  105 + function pre_confirmation_check()
  106 + {
  107 + global $cartID, $cart;
  108 +
  109 + if ( empty($cart->cartID))
  110 + {
  111 + $cartID = $cart->cartID = $cart->generate_cart_id();
  112 + }
  113 +
  114 + if (!tep_session_is_registered('cartID'))
  115 + {
  116 + tep_session_register('cartID');
  117 + }
  118 + }
  119 +
  120 + function confirmation()
  121 + {
  122 + global $cartID, $cart_inpay_Standard_ID, $customer_id, $languages_id, $order, $order_total_modules;
  123 +
  124 + if (tep_session_is_registered('cartID'))
  125 + {
  126 + $insert_order = false;
  127 +
  128 + if (tep_session_is_registered('cart_inpay_Standard_ID'))
  129 + {
  130 + $order_id = substr($cart_inpay_Standard_ID, strpos($cart_inpay_Standard_ID, '-')+1);
  131 +
  132 + $curr_check = tep_db_query("select currency from ".TABLE_ORDERS." where orders_id = '".(int)$order_id."'");
  133 + $curr = tep_db_fetch_array($curr_check);
  134 +
  135 + if (($curr['currency'] != $order->info['currency']) || ($cartID != substr($cart_inpay_Standard_ID, 0, strlen($cartID))))
  136 + {
  137 + $check_query = tep_db_query('select orders_id from '.TABLE_ORDERS_STATUS_HISTORY.' where orders_id = "'.(int)$order_id.'" limit 1');
  138 +
  139 + if (tep_db_num_rows($check_query) < 1)
  140 + {
  141 + tep_db_query('delete from '.TABLE_ORDERS.' where orders_id = "'.(int)$order_id.'"');
  142 + tep_db_query('delete from '.TABLE_ORDERS_TOTAL.' where orders_id = "'.(int)$order_id.'"');
  143 + tep_db_query('delete from '.TABLE_ORDERS_STATUS_HISTORY.' where orders_id = "'.(int)$order_id.'"');
  144 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS.' where orders_id = "'.(int)$order_id.'"');
  145 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS_ATTRIBUTES.' where orders_id = "'.(int)$order_id.'"');
  146 + tep_db_query('delete from '.TABLE_ORDERS_PRODUCTS_DOWNLOAD.' where orders_id = "'.(int)$order_id.'"');
  147 + }
  148 +
  149 + $insert_order = true;
  150 + }
  151 + } else
  152 + {
  153 + $insert_order = true;
  154 + }
  155 +
  156 + if ($insert_order == true)
  157 + {
  158 + $order_totals = array ();
  159 + if (is_array($order_total_modules->modules))
  160 + {
  161 + reset($order_total_modules->modules);
  162 + while ( list (, $value) = each($order_total_modules->modules))
  163 + {
  164 + $class = substr($value, 0, strrpos($value, '.'));
  165 + if ($GLOBALS[$class]->enabled)
  166 + {
  167 + for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++)
  168 + {
  169 + if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text']))
  170 + {
  171 + $order_totals[] = array ('code'=>$GLOBALS[$class]->code,
  172 + 'title'=>$GLOBALS[$class]->output[$i]['title'],
  173 + 'text'=>$GLOBALS[$class]->output[$i]['text'],
  174 + 'value'=>$GLOBALS[$class]->output[$i]['value'],
  175 + 'sort_order'=>$GLOBALS[$class]->sort_order);
  176 + }
  177 + }
  178 + }
  179 + }
  180 + }
  181 +
  182 + $sql_data_array = array ('customers_id'=>$customer_id,
  183 + 'customers_name'=>$order->customer['firstname'].' '.$order->customer['lastname'],
  184 + 'customers_company'=>$order->customer['company'],
  185 + 'customers_street_address'=>$order->customer['street_address'],
  186 + 'customers_suburb'=>$order->customer['suburb'],
  187 + 'customers_city'=>$order->customer['city'],
  188 + 'customers_postcode'=>$order->customer['postcode'],
  189 + 'customers_state'=>$order->customer['state'],
  190 + 'customers_country'=>$order->customer['country']['title'],
  191 + 'customers_telephone'=>$order->customer['telephone'],
  192 + 'customers_email_address'=>$order->customer['email_address'],
  193 + 'customers_address_format_id'=>$order->customer['format_id'],
  194 + 'delivery_name'=>$order->delivery['firstname'].' '.$order->delivery['lastname'],
  195 + 'delivery_company'=>$order->delivery['company'],
  196 + 'delivery_street_address'=>$order->delivery['street_address'],
  197 + 'delivery_suburb'=>$order->delivery['suburb'],
  198 + 'delivery_city'=>$order->delivery['city'],
  199 + 'delivery_postcode'=>$order->delivery['postcode'],
  200 + 'delivery_state'=>$order->delivery['state'],
  201 + 'delivery_country'=>$order->delivery['country']['title'],
  202 + 'delivery_address_format_id'=>$order->delivery['format_id'],
  203 + 'billing_name'=>$order->billing['firstname'].' '.$order->billing['lastname'],
  204 + 'billing_company'=>$order->billing['company'],
  205 + 'billing_street_address'=>$order->billing['street_address'],
  206 + 'billing_suburb'=>$order->billing['suburb'],
  207 + 'billing_city'=>$order->billing['city'],
  208 + 'billing_postcode'=>$order->billing['postcode'],
  209 + 'billing_state'=>$order->billing['state'],
  210 + 'billing_country'=>$order->billing['country']['title'],
  211 + 'billing_address_format_id'=>$order->billing['format_id'],
  212 + 'payment_method'=>$order->info['payment_method'],
  213 + 'cc_type'=>$order->info['cc_type'],
  214 + 'cc_owner'=>$order->info['cc_owner'],
  215 + 'cc_number'=>$order->info['cc_number'],
  216 + 'cc_expires'=>$order->info['cc_expires'],
  217 + 'date_purchased'=>'now()',
  218 + 'orders_status'=>$order->info['order_status'],
  219 + 'currency'=>$order->info['currency'],
  220 + 'currency_value'=>$order->info['currency_value']);
  221 +
  222 + tep_db_perform(TABLE_ORDERS, $sql_data_array);
  223 +
  224 + $insert_id = tep_db_insert_id();
  225 +
  226 + for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++)
  227 + {
  228 + $sql_data_array = array ('orders_id'=>$insert_id,
  229 + 'title'=>$order_totals[$i]['title'],
  230 + 'text'=>$order_totals[$i]['text'],
  231 + 'value'=>$order_totals[$i]['value'],
  232 + 'class'=>$order_totals[$i]['code'],
  233 + 'sort_order'=>$order_totals[$i]['sort_order']);
  234 +
  235 + tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
  236 + }
  237 +
  238 + for ($i = 0, $n = sizeof($order->products); $i < $n; $i++)
  239 + {
  240 + $sql_data_array = array ('orders_id'=>$insert_id,
  241 + 'products_id'=>tep_get_prid($order->products[$i]['id']),
  242 + 'products_model'=>$order->products[$i]['model'],
  243 + 'products_name'=>$order->products[$i]['name'],
  244 + 'products_price'=>$order->products[$i]['price'],
  245 + 'final_price'=>$order->products[$i]['final_price'],
  246 + 'products_tax'=>$order->products[$i]['tax'],
  247 + 'products_quantity'=>$order->products[$i]['qty']);
  248 +
  249 + tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
  250 +
  251 + $order_products_id = tep_db_insert_id();
  252 +
  253 + $attributes_exist = '0';
  254 + if ( isset ($order->products[$i]['attributes']))
  255 + {
  256 + $attributes_exist = '1';
  257 + for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++)
  258 + {
  259 + if (DOWNLOAD_ENABLED == 'true')
  260 + {
  261 + $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  262 + from ".TABLE_PRODUCTS_OPTIONS." popt, ".TABLE_PRODUCTS_OPTIONS_VALUES." poval, ".TABLE_PRODUCTS_ATTRIBUTES." pa
  263 + left join ".TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD." pad
  264 + on pa.products_attributes_id=pad.products_attributes_id
  265 + where pa.products_id = '".$order->products[$i]['id']."'
  266 + and pa.options_id = '".$order->products[$i]['attributes'][$j]['option_id']."'
  267 + and pa.options_id = popt.products_options_id
  268 + and pa.options_values_id = '".$order->products[$i]['attributes'][$j]['value_id']."'
  269 + and pa.options_values_id = poval.products_options_values_id
  270 + and popt.language_id = '".$languages_id."'
  271 + and poval.language_id = '".$languages_id."'";
  272 + $attributes = tep_db_query($attributes_query);
  273 + } else
  274 + {
  275 + $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from ".TABLE_PRODUCTS_OPTIONS." popt, ".TABLE_PRODUCTS_OPTIONS_VALUES." poval, ".TABLE_PRODUCTS_ATTRIBUTES." pa where pa.products_id = '".$order->products[$i]['id']."' and pa.options_id = '".$order->products[$i]['attributes'][$j]['option_id']."' and pa.options_id = popt.products_options_id and pa.options_values_id = '".$order->products[$i]['attributes'][$j]['value_id']."' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '".$languages_id."' and poval.language_id = '".$languages_id."'");
  276 + }
  277 + $attributes_values = tep_db_fetch_array($attributes);
  278 +
  279 + $sql_data_array = array ('orders_id'=>$insert_id,
  280 + 'orders_products_id'=>$order_products_id,
  281 + 'products_options'=>$attributes_values['products_options_name'],
  282 + 'products_options_values'=>$attributes_values['products_options_values_name'],
  283 + 'options_values_price'=>$attributes_values['options_values_price'],
  284 + 'price_prefix'=>$attributes_values['price_prefix']);
  285 +
  286 + tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
  287 +
  288 + if ((DOWNLOAD_ENABLED == 'true') && isset ($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename']))
  289 + {
  290 + $sql_data_array = array ('orders_id'=>$insert_id,
  291 + 'orders_products_id'=>$order_products_id,
  292 + 'orders_products_filename'=>$attributes_values['products_attributes_filename'],
  293 + 'download_maxdays'=>$attributes_values['products_attributes_maxdays'],
  294 + 'download_count'=>$attributes_values['products_attributes_maxcount']);
  295 +
  296 + tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
  297 + }
  298 + }
  299 + }
  300 + }
  301 +
  302 + $cart_inpay_Standard_ID = $cartID.'-'.$insert_id;
  303 + tep_session_register('cart_inpay_Standard_ID');
  304 + }
  305 + }
  306 +
  307 + return false;
  308 + }
  309 +
  310 + function process_button()
  311 + {
  312 + global $customer_id, $order, $sendto, $currency, $cart_inpay_Standard_ID, $shipping;
  313 +
  314 + $process_button_string = '';
  315 + $parameters = array ('cmd'=>'_xclick',
  316 + 'item_name'=>STORE_NAME,
  317 + 'shipping'=>$this->format_raw($order->info['shipping_cost']),
  318 + 'tax'=>$this->format_raw($order->info['tax']),
  319 + //'business'=>MODULE_PAYMENT_INPAY_ID,
  320 + 'amount'=>$this->format_raw($order->info['total']), //TODO: we do not calculate tax+shipping only gross total -$order->info['shipping_cost']-$order->info['tax']),
  321 + 'currency'=>$currency,
  322 + 'order_id'=>substr($cart_inpay_Standard_ID, strpos($cart_inpay_Standard_ID, '-')+1),
  323 + 'custom'=>$customer_id,
  324 + 'no_note'=>'1',
  325 + 'notify_url'=>tep_href_link('ext/modules/payment/inpay/pb_handler.php', '', 'SSL', false, false),
  326 + 'return_url'=>tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'),
  327 + 'cancel_url'=>tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'),
  328 + 'bn'=>'osCommerce22_Default_ST',
  329 + 'buyer_email'=>$order->customer['email_address'],
  330 + 'merchant_id'=>MODULE_PAYMENT_INPAY_MERCHANT_ID,
  331 + 'flow_layout'=>MODULE_PAYMENT_INPAY_FLOW_LAYOUT,
  332 + 'paymentaction'=>'Sale');
  333 +
  334 + if (is_numeric($sendto) && ($sendto > 0))
  335 + {
  336 + $address = '';
  337 + $address = $order->delivery['street_address'].' '.$order->delivery['city'].' '.
  338 + tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']).
  339 + ' '.$order->delivery['postcode'].' '.$order->delivery['country']['iso_code_2'];
  340 +
  341 + $parameters['address_override'] = '1';
  342 + $parameters['buyer_name'] = utf8_encode($order->delivery['firstname']." ".$order->delivery['lastname']);
  343 + $parameters['buyer_address'] = utf8_encode($address);
  344 + $parameters['country'] = $order->delivery['country']['iso_code_2'];
  345 + } else
  346 + {
  347 + $address = '';
  348 + $address = $order->billing['street_address'].' '.$order->billing['city'].' '.
  349 + tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']).
  350 + ' '.$order->billing['postcode'].' '.$order->billing['country']['iso_code_2'];
  351 + $parameters['buyer_name'] = utf8_encode($order->billing['firstname']." ".$order->billing['lastname']);
  352 + $parameters['buyer_address'] = utf8_encode($address);
  353 + $parameters['country'] = $order->billing['country']['iso_code_2'];
  354 + }
  355 + //
  356 + // pruduct(s) info
  357 + //
  358 + $products_info = '';
  359 + for ($i = 0, $n = sizeof($order->products); $i < $n; $i++)
  360 + {
  361 + $products_info = $products_info.$order->products[$i]['qty']."x".
  362 + $order->products[$i]['model'].' '.$order->products[$i]['name'].";";
  363 + }
  364 + $parameters['order_text'] = utf8_encode($products_info);
  365 + //
  366 + // calc Md5 sum
  367 + //
  368 + $parameters['checksum'] = $this->calcInpayMd5Key($parameters);
  369 + reset($parameters);
  370 + while ( list ($key, $value) = each($parameters))
  371 + {
  372 + $process_button_string .= tep_draw_hidden_field($key, $value);
  373 + }
  374 + return $process_button_string;
  375 + }
  376 +
  377 + function before_process()
  378 + {
  379 + global $customer_id, $order, $order_totals, $sendto, $billto, $languages_id, $payment, $currencies, $cart, $cart_inpay_Standard_ID;
  380 + global $$payment;
  381 + $order_id = substr($cart_inpay_Standard_ID, strpos($cart_inpay_Standard_ID, '-')+1);
  382 + $my_status_query = tep_db_query("select orders_status from ".TABLE_ORDERS." where orders_id = '".$order_id."'"); // TODO: fix PB to add all params"' and customers_id = '" . (int)$HTTP_POST_VARS['custom'] . "'");
  383 + $current_status_id = 0;
  384 + $delivered_status = 3;
  385 + $update_status = true;
  386 + if (tep_db_num_rows($my_status_query) > 0)
  387 + {
  388 + $o_stat = tep_db_fetch_array($my_status_query);
  389 + $current_status_id = (int)$o_stat['orders_status'];
  390 + }
  391 + if (($current_status_id == MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID) || ($current_status_id == $delivered_status))
  392 + {
  393 + $update_status = false;
  394 + }
  395 + if ($update_status)
  396 + {
  397 + $order_status_id = (int)DEFAULT_ORDERS_STATUS_ID;
  398 + tep_db_query("update ".TABLE_ORDERS." set orders_status = '".$order_status_id."', last_modified = now() where orders_id = '".(int)$order_id."'");
  399 +
  400 + $sql_data_array = array ('orders_id'=>$order_id,
  401 + 'orders_status_id'=>$order_status_id,
  402 + 'date_added'=>'now()',
  403 + 'customer_notified'=>(SEND_EMAILS == 'true')?'1':'0',
  404 + 'comments'=>$order->info['comments']);
  405 +
  406 + tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
  407 + }
  408 + // initialized for the email confirmation
  409 + $products_ordered = '';
  410 + $subtotal = 0;
  411 + $total_tax = 0;
  412 +
  413 + for ($i = 0, $n = sizeof($order->products); $i < $n; $i++)
  414 + {
  415 + // Stock Update - Joao Correia
  416 + if ((MODULE_PAYMENT_INPAY_DECREASE_STOCK_ON_CREATION == 'True') && (STOCK_LIMITED == 'true'))
  417 + {
  418 + if (DOWNLOAD_ENABLED == 'true')
  419 + {
  420 + $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename
  421 + FROM ".TABLE_PRODUCTS." p
  422 + LEFT JOIN ".TABLE_PRODUCTS_ATTRIBUTES." pa
  423 + ON p.products_id=pa.products_id
  424 + LEFT JOIN ".TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD." pad
  425 + ON pa.products_attributes_id=pad.products_attributes_id
  426 + WHERE p.products_id = '".tep_get_prid($order->products[$i]['id'])."'";
  427 + // Will work with only one option for downloadable products
  428 + // otherwise, we have to build the query dynamically with a loop
  429 + $products_attributes = $order->products[$i]['attributes'];
  430 + if (is_array($products_attributes))
  431 + {
  432 + $stock_query_raw .= " AND pa.options_id = '".$products_attributes[0]['option_id']."' AND pa.options_values_id = '".$products_attributes[0]['value_id']."'";
  433 + }
  434 + $stock_query = tep_db_query($stock_query_raw);
  435 + } else
  436 + {
  437 + $stock_query = tep_db_query("select products_quantity from ".TABLE_PRODUCTS." where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  438 + }
  439 + if (tep_db_num_rows($stock_query) > 0)
  440 + {
  441 + $stock_values = tep_db_fetch_array($stock_query);
  442 + // do not decrement quantities if products_attributes_filename exists
  443 + if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename']))
  444 + {
  445 + $stock_left = $stock_values['products_quantity']-$order->products[$i]['qty'];
  446 + } else
  447 + {
  448 + $stock_left = $stock_values['products_quantity'];
  449 + }
  450 + tep_db_query("update ".TABLE_PRODUCTS." set products_quantity = '".$stock_left."' where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  451 + if (($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false'))
  452 + {
  453 + tep_db_query("update ".TABLE_PRODUCTS." set products_status = '0' where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  454 + }
  455 + }
  456 + } // Decrease stock ended
  457 +
  458 + // Update products_ordered (for bestsellers list)
  459 + tep_db_query("update ".TABLE_PRODUCTS." set products_ordered = products_ordered + ".sprintf('%d', $order->products[$i]['qty'])." where products_id = '".tep_get_prid($order->products[$i]['id'])."'");
  460 +
  461 + //------insert customer choosen option to order--------
  462 + $attributes_exist = '0';
  463 + $products_ordered_attributes = '';
  464 + if ( isset ($order->products[$i]['attributes']))
  465 + {
  466 + $attributes_exist = '1';
  467 + for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++)
  468 + {
  469 + if (DOWNLOAD_ENABLED == 'true')
  470 + {
  471 + $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
  472 + from ".TABLE_PRODUCTS_OPTIONS." popt, ".TABLE_PRODUCTS_OPTIONS_VALUES." poval, ".TABLE_PRODUCTS_ATTRIBUTES." pa
  473 + left join ".TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD." pad
  474 + on pa.products_attributes_id=pad.products_attributes_id
  475 + where pa.products_id = '".$order->products[$i]['id']."'
  476 + and pa.options_id = '".$order->products[$i]['attributes'][$j]['option_id']."'
  477 + and pa.options_id = popt.products_options_id
  478 + and pa.options_values_id = '".$order->products[$i]['attributes'][$j]['value_id']."'
  479 + and pa.options_values_id = poval.products_options_values_id
  480 + and popt.language_id = '".$languages_id."'
  481 + and poval.language_id = '".$languages_id."'";
  482 + $attributes = tep_db_query($attributes_query);
  483 + } else
  484 + {
  485 + $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from ".TABLE_PRODUCTS_OPTIONS." popt, ".TABLE_PRODUCTS_OPTIONS_VALUES." poval, ".TABLE_PRODUCTS_ATTRIBUTES." pa where pa.products_id = '".$order->products[$i]['id']."' and pa.options_id = '".$order->products[$i]['attributes'][$j]['option_id']."' and pa.options_id = popt.products_options_id and pa.options_values_id = '".$order->products[$i]['attributes'][$j]['value_id']."' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '".$languages_id."' and poval.language_id = '".$languages_id."'");
  486 + }
  487 + $attributes_values = tep_db_fetch_array($attributes);
  488 +
  489 + $products_ordered_attributes .= "\n\t".$attributes_values['products_options_name'].' '.$attributes_values['products_options_values_name'];
  490 + }
  491 + }
  492 + //------insert customer choosen option eof ----
  493 + $total_weight += ($order->products[$i]['qty']*$order->products[$i]['weight']);
  494 + $total_tax += tep_calculate_tax($total_products_price, $products_tax)*$order->products[$i]['qty'];
  495 + $total_cost += $total_products_price;
  496 +
  497 + $products_ordered .= $order->products[$i]['qty'].' x '.$order->products[$i]['name'].' ('.$order->products[$i]['model'].') = '.$currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']).$products_ordered_attributes."\n";
  498 + }
  499 +
  500 + // lets start with the email confirmation
  501 + $email_order = STORE_NAME."\n".
  502 + EMAIL_SEPARATOR."\n".
  503 + EMAIL_TEXT_ORDER_NUMBER.' '.$order_id."\n".
  504 + EMAIL_TEXT_INVOICE_URL.' '.tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id='.$order_id, 'SSL', false)."\n".
  505 + EMAIL_TEXT_DATE_ORDERED.' '.strftime(DATE_FORMAT_LONG)."\n\n";
  506 + if ($order->info['comments'])
  507 + {
  508 + $email_order .= tep_db_output($order->info['comments'])."\n\n";
  509 + }
  510 + $email_order .= EMAIL_TEXT_PRODUCTS."\n".
  511 + EMAIL_SEPARATOR."\n".
  512 + $products_ordered.
  513 + EMAIL_SEPARATOR."\n";
  514 +
  515 + for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++)
  516 + {
  517 + $email_order .= strip_tags($order_totals[$i]['title']).' '.strip_tags($order_totals[$i]['text'])."\n";
  518 + }
  519 +
  520 + if ($order->content_type != 'virtual')
  521 + {
  522 + $email_order .= "\n".EMAIL_TEXT_DELIVERY_ADDRESS."\n".
  523 + EMAIL_SEPARATOR."\n".
  524 + tep_address_label($customer_id, $sendto, 0, '', "\n")."\n";
  525 + }
  526 +
  527 + $email_order .= "\n".EMAIL_TEXT_BILLING_ADDRESS."\n".
  528 + EMAIL_SEPARATOR."\n".
  529 + tep_address_label($customer_id, $billto, 0, '', "\n")."\n\n";
  530 +
  531 + if (is_object($$payment))
  532 + {
  533 + $email_order .= EMAIL_TEXT_PAYMENT_METHOD."\n".
  534 + EMAIL_SEPARATOR."\n";
  535 + $payment_class = $$payment;
  536 + $email_order .= $payment_class->title."\n\n";
  537 + if ($payment_class->email_footer)
  538 + {
  539 + $email_order .= $payment_class->email_footer."\n\n";
  540 + }
  541 + }
  542 + //
  543 + // sent email only if post back not did not respond - we send it from post back handler
  544 + //
  545 + if ($update_status)
  546 + {
  547 + tep_mail($order->customer['firstname'].' '.$order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  548 + // send emails to other people
  549 + if (SEND_EXTRA_ORDER_EMAILS_TO != '')
  550 + {
  551 + tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  552 + }
  553 + }
  554 + // load the after_process function from the payment modules