очистка кэша не помогла, вот файл
<?php
/*****************************************************************************
* *
* Lego SP - lego.shop-script.org *
* Copyright (c) 2012 Sergey Piekhota. All rights reserved. *
* *
****************************************************************************/
if( isset( $_POST["complete_order"] ) || ( isset($_GET["order_placement_result"] ) && isset($_SESSION['order_reg'] ) ) ) //place order
{
if( !trim( $_POST["first_name"] ) || !preg_match( '/[.+a-zA-Z0-9_-]+@[a-zA-Z0-9-]+.[a-zA-Z]+/', $_POST["email"] ) || !preg_match( '/^[\s0-9-()+]+$/', $_POST["phone"] ) ){
$smarty->assign( "error", 1 );
$smarty->assign( "main_content_template", "order_place.tpl.html" );
}
//shopping cart items count
$c = 0;
//not empty?
if( $cart_module->total_items() ){
//insert order into database
if( preg_match( '/^[\s0-9-()+]+$/', $_POST["phone"] ) )
$post_phone = $_POST["phone"]; else $post_phone = validate_search_string( $_POST["phone"] );
if( isset($_POST["email"]) && filter_input(INPUT_POST,'email', FILTER_VALIDATE_EMAIL))
$post_email = $_POST["email"];
//select manager
$q_m = db_query( "SELECT ID, access, online_name, email FROM " . MANAGER_TABLE ) or die ( db_error() );
while( $row = db_fetch_row( $q_m ) )
if( $row[1] == 1 ){
$man_arr[] = $row[0];
$man_name[$row[0]] = $row[2];
$man_email[$row[0]] = $row[3];
}
if( $man_arr ){
shuffle( $man_arr );
$smarty_mail->assign( "manager", $man_name[$man_arr[0]] );
}
$order_info = array();
$order_info['order_time'] = get_current_time();
$order_info['cust_firstname'] = $_POST["first_name"];
$order_info['cust_lastname'] = $_POST["last_name"];
if (isset($post_email)) {
$order_info['cust_email'] = $post_email;
}
if (isset($post_tipdost)) {
$order_info['cust_tipdost'] = $post_tipdost;
}
$order_info['cust_country'] = $_POST["country"];
$order_info['cust_zip'] = $_POST["zip"];
$order_info['cust_state'] = $_POST["state"];
$order_info['cust_city'] = $_POST["city"];
$order_info['cust_address'] = $_POST["address"];
$order_info['cust_phone'] = $post_phone;
$order_info['comment'] = $_POST["comment"];
$order_info['manager'] = $man_arr[0];
if( isset( $_SESSION['cust_id'] ) )
$order_info['custID'] = $_SESSION['cust_id'];
add_field( ORDERS_TABLE, $order_info ) or die(db_error());
$oid = db_insert_id(); //order ID
$history = array();
$history['orderID'] = $oid;
if (isset($_SESSION["log_name"])) {
$history['menager_name'] = $_SESSION["log_name"];
}
$history['action'] = ORDER_HISTORY_ADD;
add_field(ORDERS_HISTORY_TABLE, $history);
unset($history);
//now move shopping cart content to the database
$k = 0; //total cart value
$products = array();
$adm = ""; //order notification for administrator
foreach ($cart_module->contents() as $cart_product){
$manager = db_assoc( "SELECT email manager_email as mail, online_name as name FROM " . PRODUCTS_TABLE . ' as P LEFT JOIN ' . MANAGER_TABLE . " as M on (M.ID=P.managerID) WHERE productID=".$cart_product['productID']);
if ($manager && filter_var( $manager['mail'], FILTER_VALIDATE_EMAIL)){
$managers_mail[]= $manager;
unset($manager);
}
$order_insert = array();
$order_insert['orderID'] = $oid;
$order_insert['productID'] = $cart_product['productID'];
$order_insert['name'] = $cart_product['name'];
$order_insert['Price'] = $cart_product['Price'];
$order_insert['Quantity'] = $cart_product['quantity'];
add_field( ORDERED_CARTS_TABLE, $order_insert );
unset($order_insert);
if( $cart_module->has_options( $cart_product['id'] ) ){
db_query( 'UPDATE `' . PRODUCT_OPTIONS_V_TABLE . '` SET `count` = `count`-' . $cart_product['quantity'] . ' WHERE `productID` = ' . $cart_product['productID'] . ' and variantID in (' . add_in( $cart_module->product_options( $cart_product['id'] ) ) . ')' );
}
//update item sold and in_stock
update_field( PRODUCTS_TABLE,array("items_sold"=> array("fun" =>'items_sold+1'),"in_stock"=>array("fun"=>'in_stock - '.$cart_product['quantity'])),'productID='. $cart_product['productID']);
$products[]= $cart_product;
//Формирует текст письма администратору и менеджерам
$adm .= $cart_product['name'] . "; " . TABLE_PRODUCT_COST . " - " . $cart_product['Price_letters'] . "; " . TABLE_PRODUCT_QUANTITY . " - " . $cart_product['quantity'] . "; " . TABLE_PRODUCT_SUMM . " - " . $cart_product['cost'] . "\n";
$adm .= "\n";
}
if( isset( $_SESSION["get_fast_order"] ) ){
$q1 = db_query( "insert into " . ORDERED_CARTS_TABLE . " (orderID, productID, name, Price, Quantity) values ('$oid', '$oid', '" . ADMIN_FAST_ORDER . "', '" . $_SESSION["get_fast_order"] . "', '1');" ) or die ( db_error() );
$k += $_SESSION["get_fast_order"];
}
if ($cart_module->get_present()) {
$tmp = array();
$tmp['orderID'] = $oid;
$tmp['productID'] = -5;
$tmp['Quantity'] = 1;
$tmp['Price'] = 0;
$tmp['name'] = $cart_module->get_present_name();
add_field(ORDERED_CARTS_TABLE, $tmp);
$adm .= $tmp['name'].' - '. STRING_PRESENT."\n\n";
$smarty_mail->assign("present", $tmp['name']);
unset($tmp);
}
$sql = 'SELECT payvalue as name,type FROM ' . PAYMENT_TABLE . ' as T1 JOIN ' . PAYOPTION_TABLE . ' as T2 ON(T1.enabled = 1 AND T1.payID = T2.payID AND T2.payoption = "name")';
$payment_type = db_arAll( $sql );
$smarty_mail->assign( "payment_type", $payment_type );
$mail_to = validate_search_string( $_POST["email"] );
$smarty_mail->assign( "mail_to", $mail_to );
//assign order content to smarty
$smarty_mail->assign( "order_content", $products );
$smarty_mail->assign( "order_total", $cart_module->full_total() );
$smarty_mail->assign( "order_id", $oid );
$smarty_mail->assign( "order_custname", $_POST["first_name"] . " " . $_POST["last_name"] );
$smarty_mail->assign( "order_shipping_address", "" . $_POST["city"] . "\n" . $_POST["address"] ); //."\n?.".." ".$_POST["state"]." ".$_POST["zip"]."\n".$_POST["country"]
if( isset( $_SESSION["get_fast_order"] ) ){
$smarty_mail->assign( "get_fast_order", $_SESSION["get_fast_order"] );
}
$_SESSION["order_id"] = $oid;
//$_SESSION["order_amount"] = $k;
//send message to customer
$file_name = "./css/css_" . CONF_COLOR_SCHEME . "/image/mail_logo.jpg";
$SHOP_NAME = CONF_SHOP_NAME;
$NOTIFICATION_SUBJECT = EMAIL_CUSTOMER_ORDER_NOTIFICATION_SUBJECT;
$last_name = $_POST["last_name"];
$first_name = $_POST["first_name"];
if( isset( $managers_mail ) && count( $managers_mail ) > 0 ){
$managers_mail = array_unique( $managers_mail );
foreach( $managers_mail as $key => $manager_mail )
$manager .= $manager_mail['name'] . ", ";
$manager = substr( $manager, 0, strlen( $manager ) - 2 );
$smarty_mail->assign( "manager", $manager );
$adm .= "\n" . ADMIN_MANAGER_MAIL . ": " . $manager . "\n";
} elseif( $man_arr ){
$adm .= "\n" . ADMIN_MANAGER_MAIL . ": " . $man_name[$man_arr[0]] . "\n";
}
//Доставка
if( !$cart_module->is_delivery_free() && $deliveryID = $cart_module->get_delivery() ){
$ar_ship = db_assoc( 'select ' . $oid . ' as orderID,-3 as productID,code as name,' . $cart_module->delivery_price() . ' as Price,1 as Quantity from ' . SHARE_TABLE . ' where id=' . $deliveryID );
$ar_ship['name'] = ADMIN_SHIPPING . ' ' . $ar_ship['name'];
add_field( ORDERED_CARTS_TABLE, $ar_ship );
$shipping = array();
$shipping['name'] = $ar_ship['name'];
$shipping['Price'] = show_price( $ar_ship['Price'] );
$smarty_mail->assign( "shipping", $shipping );
$adm .= $shipping['name'] . " " . $shipping['Price'] . "\n\n";
unset( $deliveryID, $ar_ship, $shipping );
}
//Если есть скидка
if( $cart_module->get_discont() ){
$discount = array( $cart_module->get_discont( 'val' ), $cart_module->get_discont());
$q1 = db_query( "insert into " . ORDERED_CARTS_TABLE . " (orderID, productID, name, Price, Quantity) values ('$oid', -1, " . int_text( ADMIN_DISCOUNT_STRING . " " . $discount[0].'%' ) . ", '" . $discount[1] . "', '1');" ) or die ( db_error() );
$smarty_mail->assign( "discount", $discount );
$adm .= ADMIN_DISCOUNT_STRING . " " . $discount[0] . "% - " . show_price($discount[1]) . "\n\n";
unset( $discount );
}
$from['mail'] = CONF_GENERAL_EMAIL;
$from['name'] = $SHOP_NAME;
if (isset($post_email)) {
$html_body = $smarty_mail->fetch("order_notification.tpl.html");
$to['mail'] = $_POST["email"];
$to['name'] = $_POST["first_name"]." ".$_POST["last_name"];
$file_img['file'] = $file_name;
$file_img['cid'] = 'mail_img_1';
phpmailer($to, $from, EMAIL_CUSTOMER_ORDER_NOTIFICATION_SUBJECT, '', $html_body, $file_img);
}
$NOTIFICATION_SUBJECT = EMAIL_ADMIN_ORDER_NOTIFICATION_SUBJECT.' - '. $oid;
$last_name = $_POST["last_name"];
$first_name = $_POST["first_name"];
//notification for administrator
$od = STRING_ORDER_ID . ": $oid\n\n";
if( isset( $_SESSION["get_fast_order"] ) ){
$adm .= ADMIN_FAST_ORDER . " " . $_SESSION["get_fast_order"] . CONF_CURRENCY_ID_RIGHT . "\n\n";
}
if( isset( $_SESSION["present"] ) && $_SESSION["present"][1] ){
$adm .= $_SESSION["present"][2] . " - " . STRING_PRESENT . "\n\n";
}
$adm .= EMAIL_CUSTOMER_COMMENT . "\n" . $_POST["comment"] . "\n";
/*$adm .= "\n" . CUSTOMER_FIRST_NAME . " " . $_POST["first_name"] . "\n" . CUSTOMER_LAST_NAME . " " . $_POST["last_name"] . "\n" . CUSTOMER_ADDRESS . ": " . $_POST["country"] . ", " . $_POST["zip"] . ", " . $_POST["state"] . ", " . $_POST["city"] . ", " . $_POST["address"] . "\n" . CUSTOMER_PHONE_NUMBER . ": " . $_POST["phone"] . "\n" . CUSTOMER_EMAIL . ": " . $_POST["email"];*/
/*скорректировал отправку переменных в письме, выше полная строка с данными*/
$adm .= "\n" . CUSTOMER_FIRST_NAME . " " . $_POST["first_name"] . "\n" . CUSTOMER_ADDRESS . " " . $_POST["address"] . "\n" . CUSTOMER_PHONE_NUMBER . " " . $_POST["phone"] . "\n" . "Способ доставки: " . $_POST["tipdost"] . "\n";
phpmailer( CONF_ORDERS_EMAIL, $from, $NOTIFICATION_SUBJECT, $od . $adm );
if( isset( $managers_mail ) && count( $managers_mail ) > 0 ){
foreach( $managers_mail as $key => $manager_mail ){
phpmailer( $manager_mail, $from, $NOTIFICATION_SUBJECT, $od . $adm );
}
}
$cart_module->destroy();
$url= $unit->set_hurl(array('hurl' => false, 'id' => 1), 'cart/order_placed', 'order_placement_result');
header( "Location: http://" . CONF_SHOP_URL . "/".$url );
exit;
} else //empty shopping cart
{
$url = $unit->set_hurl(array('hurl' => false, 'id' => 1), 'cart', 'shopping_cart');
header("Location: http://".CONF_SHOP_URL."/".$url);
exit;
}
}
elseif (isset( $_GET["order_placement_result"] ) ) //show 'order successful' page
{
$order_info = db_assoc( "SELECT orderID, cust_firstname, cust_lastname, cust_email, cust_city, cust_address, cust_phone, comment, M.online_name manager FROM " . ORDERS_TABLE . ' as O LEFT JOIN ' . MANAGER_TABLE . ' as M on O.manager=M.ID WHERE orderID=' . (int)$_SESSION["order_id"] ) or die ( db_error() );
$q = db_query( "SELECT name, Price, Quantity,productID FROM " . ORDERED_CARTS_TABLE . " WHERE orderID='" . $order_info['orderID'] . "' ORDER BY id ASC" ) or die( db_error() );
while( $row = db_fetch_row( $q ) ){
if( substr_count( $row[0], ADMIN_DISCOUNT_STRING ) > 0 ){
$total -= $row[1] * $row[2];
$tmp = explode( " ", $row[0] );
$row[4] = "<br /><b>" . show_price( $row[1] * $row[2] ) . "</b>";
$row[0] = "<br /><b>" . $tmp[0] . "</b>";
$row[1] = "";
$row[2] = "<br /><b>" . $tmp[1] . "</b>";
$res[] = Array();
$res[] = $row;
} else{
#$row[1] = $row[1] / CURRENCY_val;
$total += $row[1] * $row[2];
$row[4] = show_price( $row[1] * $row[2] );
$row[1] = show_price( $row[1] );
$res[] = $row;
}
}
$order_info['total'] = show_price( $total );
$smarty->assign( "orderer", $order_info );
$smarty->assign( "order", $res );
unset( $order_info, $res, $row );
//select all payments
$q = db_query( "SELECT type, payvalue FROM " . PAYMENT_TABLE . " LEFT JOIN " . PAYOPTION_TABLE . " USING (payID) WHERE enabled='1' AND payoption = 'name'" ) or die ( db_error() );
while( $row = db_fetch_row( $q ) ){
$payment_list['values'][] = $row[0];
$payment_list['names'][] = $row[1];
}
$smarty->assign( "payment_list", $payment_list );
$smarty->assign( "main_content_template", "order_place.tpl.html" );
}
?>
19 Ответов
500 Просмотров