id)
* change $check_orders_query from .... AND (o.orders_status = '1' " .... to .... AND (o.orders_status > '0' "
* do status update without statusmessage must exist
*
* 28.1.2014 by Chris
* change tablename with constants which are defined in database_tables.php
* change rawurlencode to str_replace for replace space in image names
* fix countries query .TABLE_COUNTRIES. " countries ON ..."
*
* 10.11.2014 by NoBBi
* fix: $file = getcwd().'/tmp/gets.txt';
* please create a tmp-dir with read-create in active path before!
*
*/
define ('FAKTURAMA_CONNECTOR_VERSION', '1.6.3_20140201');
define ('FAKTURAMA_WEBSHOP', 'ZENCART-PRO');
// Character Set of the web shop. This is used to send notification comments.
define ('FAKTURAMA_WEBSHOP_CHARSET', 'UTF-8');
define ('IS_ADMIN_FLAG', true);
// Only for debugging. All the data is encrypted.
//define ('ENCRYPT_DATA',true);
// Set header to UTF-8
header ("Content-Type: text/html; charset=utf-8");
// Set the level of error reporting
error_reporting (E_ALL & ~E_NOTICE);
// Use $HTTP_POST_VARS instead of $_POST in older environments
if (PHP_VERSION < 5.0) {
exit ('PHP Version must be >= 5.0');
}
// Include application configuration parameters
require('includes/configure.php');
// init and database stuff
require(DIR_WS_FUNCTIONS . 'html_output.php');
require(DIR_FS_CATALOG . DIR_WS_FUNCTIONS . 'functions_email.php');
require(DIR_FS_CATALOG . DIR_WS_FUNCTIONS . 'sessions.php');
require(DIR_FS_CATALOG . DIR_WS_FUNCTIONS . 'password_funcs.php');
require(DIR_FS_CATALOG . DIR_WS_INCLUDES . 'filenames.php');
require(DIR_FS_CATALOG . DIR_WS_INCLUDES . 'database_tables.php');
require(DIR_FS_CATALOG . DIR_WS_INCLUDES . 'version.php');
require(DIR_FS_CATALOG . DIR_WS_CLASSES . 'class.base.php');
require(DIR_FS_CATALOG . DIR_WS_CLASSES . 'db/' . DB_TYPE . '/query_factory.php');
$db = new queryFactory();
$db->connect (DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD, DB_DATABASE);
require(DIR_WS_FUNCTIONS . 'general.php');
// set php_self in the local scope
$PHP_SELF = $_SERVER['PHP_SELF'];
// include the database functions
require(DIR_WS_FUNCTIONS . 'database.php');
// set application wide parameters
$configuration_query = "SELECT configuration_key AS cfgKey, configuration_value AS cfgValue FROM " .TABLE_CONFIGURATION;
$configuration = $db->Execute ($configuration_query);
while (!$configuration->EOF) {
define ($configuration->fields['cfgKey'], $configuration->fields['cfgValue']);
$configuration_array[$configuration->fields['cfgKey']] = $configuration->fields['cfgValue'];
$configuration->MoveNext ();
}
// Encrypt the data
function my_encrypt ($s)
{
// Replace all characters
if (defined ('ENCRYPT_DATA')) {
$s = preg_replace ("/[a-z]/", "x", $s);
$s = preg_replace ("/[A-Z]/", "X", $s);
$s = preg_replace ("/[0-9]/", "0", $s);
}
return $s;
}
// Remove invalid XML Characters
function stripInvalidXml ($value)
{
$ret = "";
$current = "";
if (empty ($value))
return $ret;
$length = strlen ($value);
for ($i = 0; $i < $length; $i++) {
$current = ord ($value{$i});
if (($current == 0x9) ||
($current == 0xA) ||
($current == 0xD) ||
(($current >= 0x20) && ($current <= 0xD7FF)) ||
(($current >= 0xE000) && ($current <= 0xFFFD)) ||
(($current >= 0x10000) && ($current <= 0x10FFFF))) {
$ret .= chr ($current);
} else {
$ret .= " ";
}
}
return $ret;
}
// Convert a string to proper UTF-8
function convertToUTF8 ($s)
{
if (!mb_check_encoding ($s, 'UTF-8') OR !($s === mb_convert_encoding (mb_convert_encoding ($s, 'UTF-32', 'UTF-8'), 'UTF-8', 'UTF-32'))) {
$s = mb_convert_encoding ($s, 'UTF-8');
}
return $s;
}
// Convert a string to UTF-8 and encode the special characters
function my_encode ($s)
{
// Convert to UTF-8
$s = convertToUTF8 ($s);
// Strip all HTML Tags
$s = strip_tags ($s);
// Encrypt the data
$s = my_encrypt ($s);
// Convert entities like ü to ΓΌ
$s = html_entity_decode ($s, ENT_COMPAT, 'UTF-8');
// Replace special characters
$s = htmlspecialchars ($s, ENT_COMPAT, 'UTF-8');
// Remove invalid characters
$s = stripInvalidXml ($s);
return $s;
}
// Exit with error message
function exit_with_error ($err)
{
echo (" " . $err . "\n");
echo ("\n");
exit ();
}
// Keep the BR-tags
function my_clean_nl ($s)
{
// Keep the BR-tags
//$s = str_replace("\n", "
", $s);
// remove the carriage return
$s = str_replace ("\r", "", $s);
// remove non breakable spaces return
$s = str_replace ("\xC2\xA0", " ", $s);
$s = trim ($s);
return $s;
}
class order
{
var $info, $totals, $products, $customer, $delivery, $billing;
function __construct ($order_id)
{
$this->info = array ();
$this->totals = array ();
$this->products = array ();
$this->customer = array ();
$this->delivery = array ();
$this->billing = array ();
$this->query ($order_id);
}
function query ($order_id)
{
global $db;
$order_query = "SELECT
customers_id, customers_name, customers_company, customers_street_address,
customers_suburb, customers_city, customers_postcode, customers_state,
customers_country, customers_telephone, customers_email_address, customers_address_format_id,
delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city,
delivery_postcode, delivery_state, delivery_country, delivery_address_format_id,
billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode,
billing_state, billing_country, billing_address_format_id, payment_method,
cc_type, cc_owner, cc_number, cc_expires, currency, currency_value, date_purchased,
orders_status, last_modified
FROM "
.TABLE_ORDERS.
" WHERE
orders_id = '" . (int) $order_id . "'";
$order = $db->Execute ($order_query);
$totals_query = "SELECT
title, text
FROM "
.TABLE_ORDERS_TOTAL.
" WHERE
orders_id = '" . (int) $order_id . "'
ORDER BY
sort_order";
$totals = $db->Execute ($totals_query);
while (!$totals->EOF) {
$this->totals[] = array ('title' => $totals->fields['title'], 'text' => $totals->fields['text']);
$totals->MoveNext ();
}
$this->info = array ('currency' => $order->fields['currency'],
'currency_value' => $order->fields['currency_value'],
'payment_method' => $order->fields['payment_method'],
'payment_class' => $order->fields['payment_class'],
'cc_type' => $order->fields['cc_type'],
'cc_owner' => $order->fields['cc_owner'],
'cc_number' => $order->fields['cc_number'],
'cc_expires' => $order->fields['cc_expires'],
'date_purchased' => $order->fields['date_purchased'],
'orders_status' => $order->fields['orders_status'],
'language' => $order->fields['language'],
'last_modified' => $order->fields['last_modified']);
$this->info['language'] = FAKTURAMA_LANGUAGE;
$this->customer = array (
'id' => $order->fields['customers_id'],
'firstname' => "",
'lastname' => $order->fields['customers_name'],
'name' => $order->fields['customers_name'],
'company' => $order->fields['customers_company'],
'street_address' => $order->fields['customers_street_address'],
'suburb' => $order->fields['customers_suburb'],
'city' => $order->fields['customers_city'],
'postcode' => $order->fields['customers_postcode'],
'state' => $order->fields['customers_state'],
'country' => $order->fields['customers_country'],
'format_id' => $order->fields['customers_address_format_id'],
'telephone' => $order->fields['customers_telephone'],
'email_address' => $order->fields['customers_email_address']);
$this->delivery = array ('name' => $order->fields['delivery_name'],
'firstname' => "",
'lastname' => $order->fields['delivery_name'],
'gender' => "",
'company' => $order->fields['delivery_company'],
'street_address' => $order->fields['delivery_street_address'],
'suburb' => $order->fields['delivery_suburb'],
'city' => $order->fields['delivery_city'],
'postcode' => $order->fields['delivery_postcode'],
'state' => $order->fields['delivery_state'],
'country' => $order->fields['delivery_country'],
'format_id' => $order->fields['delivery_address_format_id']);
$this->billing = array ('name' => $order->fields['billing_name'],
'firstname' => "",
'lastname' => $order->fields['billing_name'],
'gender' => "",
'company' => $order->fields['billing_company'],
'street_address' => $order->fields['billing_street_address'],
'suburb' => $order->fields['billing_suburb'],
'city' => $order->fields['billing_city'],
'postcode' => $order->fields['billing_postcode'],
'state' => $order->fields['billing_state'],
'country' => $order->fields['billing_country'],
'format_id' => $order->fields['billing_address_format_id']);
$customers_id = $this->customer['id'];
$firstandlastname = $this->customer['firstname'] . " " . $this->customer['lastname'] . "-";
if ($this->delivery['name'] == " ") {
$this->delivery = $this->customer;
}
$orders_address_query = "SELECT
customers_id, entry_gender, entry_firstname, entry_lastname, entry_country_id, entry_zone_id
FROM "
.TABLE_ADDRESS_BOOK.
" WHERE
customers_id = '" . (int) $customers_id . "'";
$orders_address = $db->Execute ($orders_address_query);
while (!$orders_address->EOF) {
$firstandlastname = $orders_address->fields['entry_firstname'] . " " . $orders_address->fields['entry_lastname'];
$customer_entry_country_id = $orders_address->fields['entry_country_id'];
$customer_entry_zone_id = $orders_address->fields['entry_zone_id'];
if ($firstandlastname == $this->billing['name']) {
$this->billing['firstname'] = $orders_address->fields['entry_firstname'];
$this->billing['lastname'] = $orders_address->fields['entry_lastname'];
$this->billing['gender'] = $orders_address->fields['entry_gender'];
}
if ($firstandlastname == $this->delivery['name']) {
$this->delivery['firstname'] = $orders_address->fields['entry_firstname'];
$this->delivery['lastname'] = $orders_address->fields['entry_lastname'];
$this->delivery['gender'] = $orders_address->fields['entry_gender'];
}
$orders_address->MoveNext ();
}
//start with a default value
$customer_geo_zone = 1;
// Get the geozone if only the country matches
$geo_zone_query = "SELECT
geo_zone_id, zone_country_id, zone_id
FROM "
.TABLE_ZONES_TO_GEO_ZONES.
" WHERE
zone_country_id = '" . (int) $customer_entry_country_id . "'";
$geo_zone_line = $db->Execute ($geo_zone_query);
while (!$geo_zone_line->EOF) {
if ($geo_zone_line->fields['geo_zone_id'] > 0)
$customer_geo_zone = $geo_zone_line->fields['geo_zone_id'];
$geo_zone_line->MoveNext ();
}
// Get the geozone if only the country and the zone matches
$geo_zone_query = "SELECT
geo_zone_id, zone_country_id, zone_id
FROM "
.TABLE_ZONES_TO_GEO_ZONES.
" WHERE
((zone_country_id = '" . (int) $customer_entry_country_id . "') AND (zone_id = '" . (int) $customer_entry_zone_id . "'))";
$geo_zone_line = $db->Execute ($geo_zone_query);
while (!$geo_zone_line->EOF) {
if ($geo_zone_line->fields['geo_zone_id'] > 0)
$customer_geo_zone = $geo_zone_line->fields['geo_zone_id'];
$geo_zone_line->MoveNext ();
}
$index = 0;
$orders_products_query = "SELECT
tax.tax_description, ordprod.orders_products_id, ordprod.products_name,ordprod.products_id,
ordprod.products_model, ordprod.products_price, ordprod.products_tax,
ordprod.products_quantity, ordprod.final_price
FROM "
.TABLE_ORDERS_PRODUCTS. " ordprod
LEFT JOIN "
.TABLE_PRODUCTS. " prod ON (prod.products_id = ordprod.products_id)
LEFT JOIN "
.TABLE_TAX_RATES. " tax ON ((prod.products_tax_class_id = tax.tax_class_id) AND (tax.tax_zone_id = '" . (int) $customer_geo_zone . "'))
LEFT JOIN "
.TABLE_LANGUAGES. " langu ON (langu.code = '" . DEFAULT_LANGUAGE . "')
WHERE
ordprod.orders_id = '" . (int) $order_id . "'";
$orders_products = $db->Execute ($orders_products_query);
while (!$orders_products->EOF) {
$this->products[$index] = array (
'id' => $orders_products->fields['orders_products_id'],
'qty' => $orders_products->fields['products_quantity'],
'name' => $orders_products->fields['products_name'],
'products_id' => $orders_products->fields['products_id'],
'ean' => $orders_products->fields['products_ean'],
'model' => $orders_products->fields['products_model'],
'tax' => $orders_products->fields['products_tax'],
'tax_description' => $orders_products->fields['tax_description'],
'price' => $orders_products->fields['products_price'],
'products_vpe_name' => $orders_products->fields['products_vpe_name'],
'final_price' => $orders_products->fields['final_price']);
$category_query = "SELECT
cat_desc.categories_name, langu.code , cat_desc.categories_id , prod_cat.products_id
FROM "
.TABLE_CATEGORIES_DESCRIPTION. " cat_desc
LEFT JOIN "
.TABLE_PRODUCTS_TO_CATEGORIES. " prod_cat ON (prod_cat.categories_id = cat_desc.categories_id)
LEFT JOIN "
.TABLE_LANGUAGES. " langu ON (langu.languages_id = cat_desc.language_id)
WHERE
prod_cat.products_id = '" . (int) $orders_products->fields['products_id'] . "'
AND langu.code ='" . DEFAULT_LANGUAGE . "'";
$category = "";
$orders_category = $db->Execute ($category_query);
if (!$orders_category->EOF) {
$category = $orders_category->fields['categories_name'];
}
$this->products[$index]['category'] = $category;
$subindex = 0;
$attributes_query = "SELECT
products_options, products_options_values, options_values_price, price_prefix
FROM "
.TABLE_ORDERS_PRODUCTS_ATTRIBUTES.
" WHERE
orders_id = '" . (int) $order_id . "'
AND orders_products_id = '" . (int) $orders_products->fields['orders_products_id'] . "'";
$attributes = $db->Execute ($attributes_query);
if ($attributes->RecordCount ()) {
while (!$attributes->EOF) {
$this->products[$index]['attributes'][$subindex] = array ('option' => $attributes->fields['products_options'],
'value' => $attributes->fields['products_options_values'],
'prefix' => $attributes->fields['price_prefix'],
'price' => $attributes->fields['options_values_price']);
$subindex++;
$attributes->MoveNext ();
}
}
$index++;
$orders_products->MoveNext ();
}
}
}
// load the installed payment module
if (defined ('MODULE_PAYMENT_INSTALLED') && zen_not_null (MODULE_PAYMENT_INSTALLED)) {
$modules_payment = explode (';', MODULE_PAYMENT_INSTALLED);
$include_modules_payment = array ();
if ((zen_not_null ($module)) && (in_array ($module . '.' . substr ($PHP_SELF, (strrpos ($PHP_SELF, '.') + 1)), $modules_payment))) {
$selected_module = $module;
$include_modules_payment[] = array ('class' => $module, 'file' => $module . '.php');
} else {
reset ($modules_payment);
while (list(, $value) = each ($modules_payment)) {
$class = substr ($value, 0, strrpos ($value, '.'));
$include_modules_payment[] = array ('class' => $class, 'file' => $value);
}
}
}
// load the installed shipping module
if (defined ('MODULE_SHIPPING_INSTALLED') && zen_not_null (MODULE_SHIPPING_INSTALLED)) {
$modules_shipping = explode (';', MODULE_SHIPPING_INSTALLED);
$include_modules_shipping = array ();
if ((zen_not_null ($module)) && (in_array ($module . '.' . substr ($PHP_SELF, (strrpos ($PHP_SELF, '.') + 1)), $modules_shipping))) {
$selected_module = $module;
$include_modules_shipping[] = array ('class' => $module, 'file' => $module . '.php');
} else {
reset ($modules_shipping);
while (list(, $value) = each ($modules_shipping)) {
$class = substr ($value, 0, strrpos ($value, '.'));
$include_modules_shipping[] = array ('class' => $class, 'file' => $value);
}
}
}
// search all languages for the payment method
$languages_query = "SELECT
directory
FROM " .TABLE_LANGUAGES;
$languages = $db->Execute ($languages_query);
while (!$languages->EOF) {
for ($i = 0, $n = sizeof ($include_modules_payment); $i < $n; $i++) {
$filename = DIR_FS_CATALOG . DIR_WS_LANGUAGES . $languages->fields['directory'] . '/modules/payment/' . $include_modules_payment[$i]['file'];
if (file_exists ($filename)) {
$paymentfile = fopen ($filename, 'r');
while (!feof ($paymentfile)) {
$zeile = fgets ($paymentfile, 1024);
$pos1 = strpos ($zeile, "('MODULE_PAYMENT_");
$pos2 = strpos ($zeile, "_TEXT_TITLE'");
if (($pos1 > 0) && ($pos2 > 0)) {
$paymenttext = substr ($zeile, $pos2 + 13);
$paymenttext = substr ($paymenttext, strpos ($paymenttext, "'") + 1);
$paymenttext = substr ($paymenttext, 0, strrpos ($paymenttext, "'"));
$paymenttext = trim ($paymenttext);
if ($paymenttext) {
$paymentsynonym[$paymenttext] = $include_modules_payment[$i]['class'];
}
}
}
fclose ($paymentfile);
}
}
$languages->MoveNext ();
}
$languages->Move (0);
while (!$languages->EOF) {
for ($i = 0, $n = sizeof ($include_modules_shipping); $i < $n; $i++) {
$filename = DIR_FS_CATALOG . DIR_WS_LANGUAGES . $languages->fields['directory'] . '/modules/shipping/' . $include_modules_shipping[$i]['file'];
if (file_exists ($filename)) {
$shippingfile = fopen ($filename, 'r');
while (!feof ($shippingfile)) {
$zeile = fgets ($shippingfile, 1024);
$pos1 = strpos ($zeile, "('MODULE_SHIPPING_");
$pos2 = strpos ($zeile, "_TEXT_TITLE'");
if (($pos1 > 0) && ($pos2 > 0)) {
$shippingtext = substr ($zeile, $pos2 + 13);
$shippingtext = substr ($shippingtext, strpos ($shippingtext, "'") + 1);
$shippingtext = substr ($shippingtext, 0, strrpos ($shippingtext, "'"));
$shippingtext = trim ($shippingtext);
if ($shippingtext)
$shippingssynonym[$shippingtext] = $include_modules_shipping[$i]['class'];
}
}
fclose ($shippingfile);
}
}
$languages->MoveNext ();
}
// parse POST parameters
$getshipped = (isset ($_POST['getshipped']) ? $_POST['getshipped'] : '');
$action = (isset ($_POST['action']) ? $_POST['action'] : '');
$orderstosync = (isset ($_POST['setstate']) ? $_POST['setstate'] : '{}');
$maxproducts = (isset ($_POST['maxproducts']) ? $_POST['maxproducts'] : '');
$lasttime = (isset ($_POST['lasttime']) ? $_POST['lasttime'] : '');
// $orderstosync = '{4=3*Alles OK}';
writeLog($orderstosync);
$orderstosync = substr ($orderstosync, 0, -1);
$orderstosync = substr ($orderstosync, 1);
$orderstosync = explode (",", $orderstosync);
$username = zen_db_prepare_input ($_POST['username']);
$password = zen_db_prepare_input ($_POST['password']);
function writeLog ($txt)
{
// set file to write
$file = getcwd().'/tmp/gets.txt';
if (is_array($txt))
$txt = implode($txt);
if (strlen($txt) == 0 ) return;
file_put_contents($file, $txt ."\n", FILE_APPEND);
}
// generate header of response
echo ("\n");
echo ("\n");
echo ("");
echo (phpversion ());
echo ("\n");
echo ("\n");
// does action start with "get" ?
if (strncmp ($action, "get", 3) == 0) {
// does the action contains one of the following keys:
$action_getproducts = strpos ($action, "products");
$action_getorders = strpos ($action, "orders");
$action_getcontacts = strpos ($action, "contacts");
}
// parse the GETSHIPPED parameter for the time interval
$getshipped = strtolower ($getshipped);
if (preg_match ('/\d+/', $getshipped, $matches)) {
$getshipped_number = $matches[0];
}
if (preg_match ('/month|day|week|year|ever/', $getshipped, $matches)) {
$getshipped_datetype = $matches[0];
}
if (($getshipped_number > 0) && ($getshipped_datetype))
$getshipped_condition = " or ( DATE_SUB(CURDATE(),INTERVAL " . $getshipped_number . " " . $getshipped_datetype . " ) <= o.date_purchased) ";
if ($getshipped_datetype == 'ever')
$getshipped_condition = " or TRUE";
if (!defined ('DEFAULT_LANGUAGE')) {
$lng = $db->Execute ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = '" . DEFAULT_LANGUAGE . "'");
if ($lng) {
$lng = $lng->fields['configuration_value'];
define ('DEFAULT_LANGUAGE', $lng);
} else {
exit_with_error ('DEFAULT_LANGUAGE not defined');
}
}
$language_query = 'SELECT
code, directory
FROM '
.TABLE_LANGUAGES.
' WHERE
code = "' . DEFAULT_LANGUAGE . '"';
$languages = $db->Execute ($language_query);
if ($languages->RecordCount () != 1)
exit_with_error ('Language ' . DEFAULT_LANGUAGE . ' not found');
$_SESSION['language'] = $languages->fields['directory'];
// include the language translations
require_once(DIR_WS_LANGUAGES . $languages->fields['directory'] . '.php');
require_once(DIR_WS_LANGUAGES . $languages->fields['directory'] . '/orders.php');
$admin_valid = 0;
// Get the admins from the database
// require('../includes/functions/password_funcs.php');
$admin_query = '
SELECT admin_id,admin_name, admin_pass
FROM ' .TABLE_ADMIN. '
WHERE
admin_name = "' . $username . '"';
// Verify password
$admin = $db->Execute ($admin_query);
if ($admin->RecordCount () == 1)
if (zen_validate_password ($password, $admin->fields['admin_pass']))
$admin_valid = 1;
// No admin with valid password found
if ($admin_valid != 1)
exit_with_error ('Invalid username or password');
// update the shop values
foreach ($orderstosync as $ordertosync) {
list($orders_id_tosync, $orders_status_tosync) = explode ("=", trim ($ordertosync));
if ($orders_status_tosync == 'pending')
$orders_status_tosync = 1;
if ($orders_status_tosync == 'processing')
$orders_status_tosync = 2;
if ($orders_status_tosync == 'shipped')
$orders_status_tosync = 3;
$customer_notified = 0;
// Notify the customer
$notify_comments = '';
// Is there a comment ?
if (strlen ($orders_status_tosync) > 1) {
$notify_comments = substr ($orders_status_tosync, 1);
}
if (substr ($notify_comments, 0, 1) == "*") {
// First character is the new status
$orders_status_tosync = substr ($orders_status_tosync, 0, 1);
// Remove the "*"
$notify_comments = substr ($notify_comments, 1);
// Replace the ,
$notify_comments = str_replace (',', ",", $notify_comments);
// Replace the &equal;
$notify_comments = str_replace ('&equal;', "=", $notify_comments);
// Convert it into the correct character encoding
if (function_exists ('iconv'))
$notify_comments = iconv ("UTF-8", FAKTURAMA_WEBSHOP_CHARSET . "//TRANSLIT", $notify_comments);
$notify_comments_mail = $notify_comments;
//exit_with_error($notify_comments_mail);
$order = new order ($orders_id_tosync);
$lang_query = "select languages_id from " .TABLE_LANGUAGES. " where directory = '" . $order->info['language'] . "'";
$lang = $db->Execute ($lang_query);
$lang = $lang->fields['languages_id'];
if (!isset ($lang))
$lang = 1;
$orders_statuses = array ();
$orders_status_array = array ();
$orders_status_query = "select orders_status_id, orders_status_name from " .TABLE_ORDERS_STATUS. " where language_id = '" . $lang . "'";
$orders_status = $db->Execute ($orders_status_query);
while (!$orders_status->EOF) {
$orders_statuses[] = array ('id' => $orders_status->fields['orders_status_id'], 'text' => $orders_status->fields['orders_status_name']);
$orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
$orders_status->MoveNext ();
}
$email_valid = 1;
if (empty ($order->customer['email_address']))
$email_valid = 0;
if (!empty ($notify_comments_mail))
$notify_comments_mail .= "\n\n";
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $orders_id_tosync . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link (FILENAME_CATALOG_ACCOUNT_HISTORY_INFO . ".php", 'order_id=' . $orders_id_tosync, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long ($order->info['date_purchased']) . "\n\n" . $notify_comments_mail . sprintf (EMAIL_TEXT_STATUS_UPDATED, $orders_status_array[$orders_status_tosync]);
if ($email_valid) {
require(DIR_FS_CATALOG . DIR_WS_CLASSES . 'class.phpmailer.php');
require(DIR_FS_CATALOG . DIR_WS_CLASSES . 'class.notifier.php');
$zco_notifier = new notifier();
zen_mail ($order->customer['name'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$customer_notified = 1;
} else {
echo (" " . 'No valid email' . "\n");
}
}
if (($orders_id_tosync > 0) && ($orders_status_tosync >=1) && ($orders_status_tosync <=3)) {
$db->Execute ("UPDATE
" . TABLE_ORDERS . "
SET
orders_status = '" . $orders_status_tosync . "'
WHERE
orders_id = '" . (int) $orders_id_tosync . "'
");
$db->Execute ("INSERT INTO
" . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments)
VALUES ('" . (int) $orders_id_tosync . "', '" . $orders_status_tosync . "',
now(), '" . $customer_notified . "', '" . $notify_comments . "')");
}
}
// generate list of all products
if ($action_getproducts) {
$imagepath = DIR_WS_CATALOG . DIR_WS_IMAGES;
$fs_imagepath = DIR_FS_CATALOG_IMAGES;
echo (" \n");
$products_short_description_query = '';
// Limit the query to maxproducts
$productslimit_query = "";
if ($maxproducts > 0) {
$productslimit_query = " LIMIT " . $maxproducts;
}
// Limit the query to maxproducts
$lasttime_query = "";
if ($lasttime > 0) {
$lasttime_query = " AND ( prod.products_last_modified > '" . $lasttime . "') ";
}
$products_query = "SELECT
prod_desc.products_name, prod_desc.products_description " . $products_short_description_query . ",
prod.products_model, prod.products_image, products_quantity, prod.products_id, prod.products_price,
prod.products_price,
cat_desc.categories_name,
countries.countries_id,
tax.tax_rate, tax.tax_description
FROM "
.TABLE_PRODUCTS_DESCRIPTION. " prod_desc
LEFT JOIN "
.TABLE_PRODUCTS. " prod ON (prod.products_id = prod_desc.products_id)
LEFT JOIN "
.TABLE_LANGUAGES. " langu ON (langu.languages_id = prod_desc.language_id)
LEFT JOIN "
.TABLE_PRODUCTS_TO_CATEGORIES. " prod_cat ON (prod_cat.products_id = prod.products_id)
LEFT JOIN "
.TABLE_CATEGORIES_DESCRIPTION. " cat_desc ON (prod_cat.categories_id = cat_desc.categories_id) AND (cat_desc.language_id = langu.languages_id )
LEFT JOIN "
.TABLE_COUNTRIES. " countries ON (countries.countries_id = '" . STORE_COUNTRY . "')
LEFT JOIN "
.TABLE_ZONES_TO_GEO_ZONES. " z2geozones ON (countries.countries_id = z2geozones.zone_country_id)
LEFT JOIN "
.TABLE_TAX_RATES. " tax ON (prod.products_tax_class_id = tax.tax_class_id) AND (z2geozones.geo_zone_id = tax.tax_zone_id)
WHERE
(langu.code = '" . DEFAULT_LANGUAGE . "') AND (prod.products_status = '1')
" . $lasttime_query . "
" . $productslimit_query . "";
$last_products_model_name = "";
$products = $db->Execute ($products_query);
while (!$products->EOF) {
$products_model_name = $products->fields['products_model'] . $products->fields['products_name'];
if ($last_products_model_name != $products_model_name) {
$products->fields['products_short_description'] = $products->fields['products_description'];
echo (" fields['products_price'] * (1 + $products->fields['tax_rate'] / 100), 2)) . "\" " );
echo ("vatpercent=\"" . my_encrypt (number_format ($products->fields['tax_rate'], 2)) . "\" " );
echo ("quantity=\"" . my_encrypt ($products->fields['products_quantity']) . "\" " );
echo ("id=\"" . my_encrypt ($products->fields['products_id']) . "\" " );
echo (">\n");
echo (" " . my_encode ($products->fields['products_model']) . "\n");
echo (" \n");
echo (" " . my_encode ($products->fields['products_name']) . "\n");
echo (" " . my_encode ($products->fields['categories_name']) . "\n");
echo (" " . my_encode ($products->fields['products_vpe_name']) . "\n");
echo (" " . my_encode ($products->fields['tax_description']) . "\n");
echo (" " . my_clean_nl (my_encode ($products->fields['products_short_description'])) . "\n");
// Use the image only, if it exists
if (file_exists ($fs_imagepath . $products->fields['products_image']))
echo (" " . str_replace (" ", "%20", my_encrypt ($products->fields['products_image'])) . "\n");
echo (" \n\n");
}
$last_products_model_name = $products_model_name;
$products->MoveNext ();
}
echo (" \n\n\n\n");
}
// generate list of all orders
if ($action_getorders) {
$check_orders_query = "SELECT
o.orders_id, o.orders_status, ot.text AS order_total
FROM "
.TABLE_ORDERS. " o
LEFT JOIN "
.TABLE_ORDERS_TOTAL. " ot ON (o.orders_id = ot.orders_id)
WHERE
ot.class = 'ot_total'
AND (o.orders_status > '0' " . $getshipped_condition . " )
ORDER BY
o.orders_id DESC";
echo (" \n");
$check_orders = $db->Execute ($check_orders_query);
while (!$check_orders->EOF) {
$oID = $check_orders->fields['orders_id'];
$order = new order ($oID);
$payment_class = $paymentsynonym[$order->info['payment_method']];
$payment_text = $payment_class;
if ($payment_class == 'cod')
$payment_text = 'cod';
if ($payment_class == 'moneyorder')
$payment_text = 'prepayment';
if ($payment_class == 'cc')
$payment_text = 'creditcard';
if ($payment_class == 'authorizenet_cc_aim')
$payment_text = 'creditcard';
if ($payment_class == 'authorizenet_cc_sim')
$payment_text = 'creditcard';
if ($payment_class == 'chronopay')
$payment_text = 'chronopay.com';
if ($payment_class == 'ipayment_cc')
$payment_text = 'ipayment.de';
if ($payment_class == 'nochex')
$payment_text = 'nochex.com';
if ($payment_class == 'paypal_direct')
$payment_text = 'paypal.com';
if ($payment_class == 'paypal_express')
$payment_text = 'paypal.com';
if ($payment_class == 'paypal_standard')
$payment_text = 'paypal.com';
if ($payment_class == 'paypal_uk_direct')
$payment_text = 'paypal.com';
if ($payment_class == 'paypal_uk_express')
$payment_text = 'paypal.com';
if ($payment_class == 'pm2checkout')
$payment_text = '2checkout.com';
if ($payment_class == 'psigate')
$payment_text = 'psigate.com';
if ($payment_class == 'secpay')
$payment_text = 'secpay.com';
if ($payment_class == 'sofortueberweisung_direct')
$payment_text = 'payment-networt.com';
if ($payment_class == 'worldpay_junior')
$payment_text = 'bsworldpay.com';
$orders_history_query = "SELECT
orders_status_id, date_added, comments
FROM "
.TABLE_ORDERS_STATUS_HISTORY.
" WHERE
orders_id = '" . zen_db_input ($oID) . "'
ORDER BY
date_added";
// if entry is empty, use entry from customers data or from delivery data
if (empty ($order->billing['telephone']) && !empty ($order->customer['telephone']))
$order->billing['telephone'] = $order->customer['telephone'];
if (empty ($order->billing['telephone']) && !empty ($order->delivery['telephone']))
$order->billing['telephone'] = $order->delivery['telephone'];
// if entry is empty, use entry from customers data or from delivery data
if (empty ($order->billing['email_address']) && !empty ($order->customer['email_address']))
$order->billing['email_address'] = $order->customer['email_address'];
if (empty ($order->billing['email_address']) && !empty ($order->delivery['email_address']))
$order->billing['email_address'] = $order->delivery['email_address'];
echo (" info['date_purchased']) . "\" ");
if ($order->info['orders_status'] == 1)
$order_status_text = "pending";
if ($order->info['orders_status'] == 2)
$order_status_text = "processing";
if ($order->info['orders_status'] == 3)
$order_status_text = "shipped";
$total = 0.0;
if (preg_match ("/[0-9]+\.[0-9]+/", str_replace (",", ".", strip_tags ($check_orders->fields['order_total'])), $matches))
$total = $matches[0];
echo ("currency=\"" . $order->info['currency'] . "\" ");
echo ("currency_value=\"" . $order->info['currency_value'] . "\" ");
echo ("status=\"" . my_encode ($order_status_text) . "\" ");
echo (">\n");
//echo (' '.$order->info['cc_type'].''."\n");
//echo (' '.$order->info['cc_owner'].''."\n");
//echo (' '.$order->info['cc_number'].''."\n");
//echo (' '.$order->info['cc_expires'].''."\n");
//echo (' '.$order->info['last_modified'].''."\n");
echo (" customer['id']) . "\">\n");
echo (" " . my_encode ($order->billing['gender']) . "\n");
echo (" " . my_encode ($order->billing['firstname']) . "\n");
echo (" " . my_encode ($order->billing['lastname']) . "\n");
echo (" " . my_encode ($order->billing['company']) . "\n");
echo (" " . my_encode ($order->billing['street_address']) . "\n");
echo (" " . my_encode ($order->billing['postcode']) . "\n");
echo (" " . my_encode ($order->billing['city']) . "\n");
echo (" " . my_encode ($order->billing['country']) . "\n");
echo (" " . my_encode ($order->delivery['gender']) . "\n");
echo (" " . my_encode ($order->delivery['firstname']) . "\n");
echo (" " . my_encode ($order->delivery['lastname']) . "\n");
echo (" " . my_encode ($order->delivery['company']) . "\n");
echo (" " . my_encode ($order->delivery['street_address']) . "\n");
echo (" " . my_encode ($order->delivery['postcode']) . "\n");
echo (" " . my_encode ($order->delivery['city']) . "\n");
echo (" " . my_encode ($order->delivery['country']) . "\n");
echo (" " . my_encode ($order->billing['telephone']) . "\n");
echo (" " . my_encode ($order->billing['email_address']) . "\n");
echo (" \n");
$orders_history = $db->Execute ($orders_history_query);
while (!$orders_history->EOF) {
if (strlen (trim ($orders_history->fields['comments']))) {
echo (" fields['date_added'] . "\">");
echo ( my_encode (nl2br (zen_db_output ($orders_history->fields['comments']))));
echo ("\n");
}
$orders_history->MoveNext ();
}
foreach ($order->products as $product) {
$orders_tax_query = "SELECT
tax_rate, tax_description
FROM "
.TABLE_TAX_RATES.
" WHERE
tax_class_id = '" . $tax_class . "'";
$taxs = $db->Execute ($orders_tax_query);
if (!$taxs->EOF) {
$shipping_tax = $taxs->fields['tax_rate'];
$shipping_tax_name = $taxs->fields['tax_description'];
}
echo (" - \n");
echo (" ");
if (!empty ($product['model']))
echo (my_encode ($product['model']));
else
echo (my_encode ($product['name']));
echo ("\n");
echo (" \n");
echo (" " . my_encode ($product['name'])) . "\n";
echo (" " . my_encode ($product['category']) . "\n");
echo (" " . my_encode ($product['products_vpe_name']) . "\n");
echo (" " . my_encode ($product['tax_description']) . "\n");
// Export the product attributes
if ($product['attributes']) {
$subindex = 0;
foreach ($product['attributes'] as $attribute) {
echo (" \n");
echo (" \n");
echo (" " . my_encode ($product['attributes'][$subindex]['value']) . "\n");
echo (" \n");
$subindex++;
}
}
echo ("
\n");
}
// Get the shipping
$totals_query = "SELECT
title, text, class
FROM "
.TABLE_ORDERS_TOTAL.
" WHERE
orders_id = '" . (int) $oID . "'
AND class = 'ot_shipping'
ORDER BY
sort_order";
$shipping_title = "";
$shipping_text = "";
$totals = $db->Execute ($totals_query);
if (!$totals->EOF) {
$shipping_title = $totals->fields['title'];
$shipping_text = $totals->fields['text'];
}
// delete last character, if it is a ":"
if (substr ($shipping_title, -1, 1) == ':')
$shipping_title = substr ($shipping_title, 0, -1);
if (strrpos ($shipping_title, '('))
$shipping_title = trim (substr ($shipping_title, 0, strrpos ($shipping_title, '(')));
$shipping_tax = 0.0;
$shipping_tax_name = "";
$shipping_class = $shippingssynonym[$shipping_title];
if (!empty ($shipping_class)) {
$configkey = 'MODULE_SHIPPING_' . strtoupper ($shipping_class) . '_TAX_CLASS';
$tax_class = $configuration_array[$configkey];
$orders_tax_query = "SELECT
tax_rate, tax_description
FROM "
.TABLE_TAX_RATES.
" WHERE
tax_class_id = '" . $tax_class . "'";
$taxs = $db->Execute ($orders_tax_query);
if (!$taxs->EOF) {
$shipping_tax = $taxs->fields['tax_rate'];
$shipping_tax_name = $taxs->fields['tax_description'];
}
}
$shipping_value = 0.0;
if (preg_match ("/[0-9]+\.[0-9]+/", str_replace (",", ".", $shipping_text), $matches))
$shipping_value = $matches[0];
// Get the COD fee
$totals_query = "SELECT
title, text, class
FROM "
.TABLE_ORDERS_TOTAL.
" WHERE
orders_id = '" . (int) $oID . "'
AND class = 'ot_cod_fee'
ORDER BY
sort_order";
$cod_fee_text = "";
$totals = $db->Execute ($totals_query);
if (!$totals->EOF) {
$cod_fee_text = $totals->fields['text'];
}
$cod_fee_value = 0.0;
if (preg_match ("/[0-9]+\.[0-9]+/", str_replace (",", ".", $cod_fee_text), $matches))
$cod_fee_value = $matches[0];
// Workaround: add the COD fee to the shipping value
$shipping_value += $cod_fee_value;
echo (" \n");
echo (" " . my_encode ($shipping_title) . "\n");
echo (" " . my_encode ($shipping_tax_name) . "\n");
echo (" \n");
echo (" \n");
echo (" " . my_encode ($order->info['payment_method']) . "\n");
echo (" \n");
echo (" \n\n");
$check_orders->MoveNext ();
}
echo (" \n");
}
if ($action_getcontacts) {
writeLog ("Request for Contacts found. But not implemented.");
}
echo ("\n");
?>