pcwvanbeers/Commerce
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
580f835fffa26f645a006b25277c9dad3192cfbf
Commerce/checkout.php
“VeLiTi” 580f835fff 2nd update
2025-05-26 15:07:22 +02:00

560 lines
26 KiB
PHP
Raw Blame History

<?php
// Prevent direct access to file
defined(security_key) or exit;
// ---------------------------------------
// Defaults
// ---------------------------------------
$account = [
'account_id' => $_SESSION['account_id'] ?? '',
'email' => $_POST['email'] ?? '',
'first_name' => $_POST['first_name'] ?? '',
'last_name' => $_POST['last_name'] ?? '',
'address_street' => $_POST['address_street'] ?? '',
'address_city' => $_POST['address_city'] ?? '',
'address_state' => $_POST['address_state'] ?? '',
'address_zip' => $_POST['address_zip'] ?? '',
'address_country' => $_POST['address_country'] ?? '',
'address_phone' => $_POST['address_phone'] ?? ''
];
$products_in_cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : [];
$subtotal = 0.00;
$total = 0.00;
$shippingtotal = 0.00;
$discounttotal = 0.00;
$taxtotal = 0.00;
$tax_rate = '';
$weighttotal = 0;
$shipping_methods = [];
$checkout_input = [
"selected_country" => isset($_POST['address_country']) ? $_POST['address_country'] : $account['address_country'],
"selected_shipment_method" => isset($_POST['shipping_method']) ? $_POST['shipping_method'] : '',
"business_type" => 'b2c',
"discount_code" => isset($_SESSION['discount']) ? $_SESSION['discount'] : ''
];
// Error array, output errors on the form
$errors = [];
// ---------------------------------------------
// End defaults --------------------------------
// ---------------------------------------------
// Redirect the user if the shopping cart is empty
if (empty($_SESSION['cart'])) {
header('Location: ' . url('index.php?page=cart'));
exit;
}
// Check if user is logged in
if (isset($_SESSION['account_loggedin'])) {
$api_url = '/v2/identity/userkey='.$_SESSION['account_id'];
$account = ioAPIv2($api_url,'',$clientsecret);
if (!empty($account)){$account = json_decode($account,true);}
$account = $account[0];
//RESET ACCOUNT_ID
$account['account_id'] = $account['userkey'];
}
// Update discount code
if (isset($_POST['discount_code']) && !empty($_POST['discount_code'])) {
$_SESSION['discount'] = $_POST['discount_code'];
} else if (isset($_POST['discount_code']) && empty($_POST['discount_code']) && isset($_SESSION['discount'])) {
unset($_SESSION['discount']);
}
if (isset($_POST['address_country'])){
// Retrieve shipping methods
$shipping_methods = ioAPIv2('/v2/shipping/list=methods&country='.$checkout_input['selected_country'].'&price_total='.$subtotal.'&weight_total='.$weighttotal,'',$clientsecret);
$shipping_methods = json_decode($shipping_methods,true);
}
//-------------------------------
// If there are products in cart handle the checkout
//-------------------------------
if ($products_in_cart) {
//Calculate shopping_cart
$payload = json_encode(array("cart" => $products_in_cart, "checkout_input" => $checkout_input), JSON_UNESCAPED_UNICODE);
$products_in_cart = ioAPIv2('/v2/checkout/',$payload,$clientsecret);
$products_in_cart = json_decode($products_in_cart,true);
//GET SPECIFIC TOTALS FROM API RESULTS
$subtotal = $products_in_cart['totals']['subtotal'];
$shippingtotal = $products_in_cart['totals']['shippingtotal'];
$discounttotal = $products_in_cart['totals']['discounttotal'];
$taxtotal = $products_in_cart['totals']['taxtotal'];
$tax_rate = $products_in_cart['totals']['tax_rate'];
$weighttotal = $products_in_cart['totals']['weighttotal'];
$total = $products_in_cart['totals']['total'];
// Retrieve shipping methods
$shipping_methods = ioAPIv2('/v2/shipping/list=methods&country='.$checkout_input['selected_country'].'&price_total='.$subtotal.'&weight_total='.$weighttotal,'',$clientsecret);
$shipping_methods = json_decode($shipping_methods,true);
// Redirect the user if the shopping cart is empty
if (empty($products_in_cart)) {
header('Location: ' . url('index.php?page=cart'));
exit;
}
//-------------------------------
// END Checkout handler
//-------------------------------
}
//-------------------------------
//Place order
//-------------------------------
// Make sure when the user submits the form all data was submitted and shopping cart is not empty
if (isset($_POST['method'], $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], $_POST['address_phone'], $_SESSION['cart']) && !isset($_POST['update'])) {
$account_id = null;
// If the user is already logged in
if (isset($_SESSION['account_loggedin'])) {
// Account logged-in, update the user's details
$payload = json_encode(
array(
"language" => $_SESSION['country_code'],
"first_name" => $_POST['first_name'],
"last_name" => $_POST['last_name'],
"address_street" => $_POST['address_street'],
"address_city" => $_POST['address_city'],
"address_state" => $_POST['address_state'],
"address_zip" => $_POST['address_zip'],
"address_country" => $_POST['address_country'],
"address_phone" => $_POST['address_phone'],
"userkey" => $_SESSION['account_id']), JSON_UNESCAPED_UNICODE);
$account_update = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$account_update = json_decode($account_update,true);
$account_id = $account['account_id'] = $_SESSION['account_id'];
} else if (isset($_POST['email'], $_POST['password'], $_POST['cpassword']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && !empty($_POST['password']) && !empty($_POST['cpassword'])) {
// User is not logged in, check if the account already exists with the email they submitted
// Check if the account exists
$account = ioAPIv2('/v2/identity/email='.$_POST['email'],'',$clientsecret);
$account = json_decode($account,true);
if ($account) {
// Email exists, user should login instead...
$errors[] = $error_account_name;
}
if (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 5) {
// Password must be between 5 and 20 characters long.
$errors[] = $error_account_password_rules;
}
if ($_POST['password'] != $_POST['cpassword']) {
// Password and confirm password fields do not match...
$errors[] = $error_account_password_match;
}
if (!$errors) {
// Account doesnt exist, create new account
$payload = json_encode(
array(
"email" => $_POST['email'],
"password" => $_POST['password'],
"language" => $_SESSION['country_code'],
"first_name" => $_POST['first_name'],
"last_name" => $_POST['last_name'],
"address_street" => $_POST['address_street'],
"address_city" => $_POST['address_city'],
"address_state" => $_POST['address_state'],
"address_zip" => $_POST['address_zip'],
"address_country" => $_POST['address_country'],
"address_phone" => $_POST['address_phone']), JSON_UNESCAPED_UNICODE);
$account = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$account= json_decode($account,true);
$account_id = $account['account_id'] = $account['accountID'];
if ($account && isset($account['accountID'])) {
//SEND VERIFICATION EMAIL
include dirname(__FILE__).'/custom/email/email_template_register.php';
$register_mail = $message;
send_mail_by_PHPMailer($account['identity'], $subject, $register_mail,'', '');
$register_error = 'Email send to verify your account';
}
}
} else if (account_required) {
$errors[] = $error_account;
}
if (!$errors && $products_in_cart) {
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//Process checkout => add payment_method to checkout_input array
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
$checkout_input['payment_method'] = $_POST['method'];
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// Calculate shopping_cart based on session
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
$payload = json_encode(array("cart" => $_SESSION['cart'], "checkout_input" => $checkout_input, "customer_details" => $account), JSON_UNESCAPED_UNICODE);
$place_order = ioAPIv2('/v2/placeorder/',$payload,$clientsecret);
$place_order = json_decode($place_order,true);
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//Check if transaction is succesfull and send order confirmation to customer
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if ($place_order['error'] == '' && $place_order['id'] != ''){
//SEND CONFIRMATION TO CUSTOMER
send_order_details_email(
$account['email'],
$place_order['products_checked-out'],
$account['first_name'],
$account['last_name'],
$account['address_street'],
$account['address_city'],
$account['address_state'],
$account['address_zip'],
$account['address_country'],
$place_order['subtotal'],
$place_order['discounttotal'],
$place_order['shippingtotal'],
$place_order['taxtotal'],
$place_order['payment_amount'],
$place_order['transaction_id']
);
//Disable giftcard
if (isset($_SESSION['discount'])){
if (preg_match("/[#][0-9]/", $_SESSION['discount']) == 1){
useGiftCart($pdo, $_SESSION['discount']);
}
}
// Authenticate the user
if ($account_id != null) {
// Log the user in with the details provided
session_regenerate_id();
$_SESSION['account_loggedin'] = TRUE;
$_SESSION['account_id'] = $account_id;
$_SESSION['account_role'] = $account ? $account['profile'] : 0;
}
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//Pay on delivery = 2
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if (pay_on_delivery_enabled && $place_order['payment_method'] == 2){
header('Location: ' . url('index.php?page=placeorder'));
exit;
}
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// Mollie = 3 ++++++++++++++++++++++++++++++++++++++++++++++++++
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if (mollie_enabled && $_POST['method'] == 3) {
try {
/*
* Initialize the Mollie API library with your API key.
*
* See: https://www.mollie.com/dashboard/developers/api-keys
*/
require "initialize.php";
/*
* Generate a unique order id for this example. It is important to include this unique attribute
* in the redirectUrl (below) so a proper return page can be shown to the customer.
*/
$orderId = $place_order['transaction_id'];
$value = number_format($place_order['payment_amount'],2,'.','');
/*
* Determine the url parts to these example files.
*/
$protocol = isset($_SERVER['HTTPS']) && strcasecmp('off', $_SERVER['HTTPS']) !== 0 ? "https" : "http";
$hostname = $_SERVER['HTTP_HOST'];
$path = dirname($_SERVER['REQUEST_URI'] ?? $_SERVER['PHP_SELF']);
/*
* Payment parameters:
* amount Amount in EUROs.
* description Description of the payment.
* redirectUrl Redirect location. The customer will be redirected there after the payment.
* webhookUrl Webhook location, used to report when the payment changes state.
* metadata Custom metadata that is stored with the payment.
*/
if (rewrite_url){
$redirectURL = $protocol.'://'.$hostname.$path.'placeorder/'.$orderId;
}else{
$redirectURL = $protocol.'://'.$hostname.$path.'index.php?page=placeorder&order_id='.$orderId;
}
$payment = $mollie->payments->create([
"amount" => [
"currency" => "EUR",
"value" => "{$value}", // You must send the correct number of decimals, thus we enforce the use of strings
],
"description" => "Order #{$orderId}",
"redirectUrl" => "$redirectURL",
"webhookUrl" => "{$protocol}://{$hostname}{$path}webhook.php",
"metadata" => [
"order_id" => $orderId,
],
]);
/*
* Send the customer off to complete the payment.
* This request should always be a GET, thus we enforce 303 http response code
*/
// Send customer to checkout
header("Location: " . $payment->getCheckoutUrl(), true, 303);
} catch (\Mollie\Api\Exceptions\ApiException $e) {
echo "API call failed: " . htmlspecialchars($e->getMessage());
}
exit;
}
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// PayPal Payment = 1 +++++++++++++++++++++++++++++++++++++++++
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if (paypal_enabled && $_POST['method'] == 1) {
//Process Payment
require_once __DIR__."/lib/paypal/paypal.php";
$base = PAYPAL_URL;
$id = PAYPAL_CLIENT_ID;
$secret = PAYPAL_CLIENT_SECRET;
//init input
$order = $place_order['transaction_id'];
$price = number_format($place_order['payment_amount'],2,'.','');
$currency = "EUR";
//make payment
$paypal = new paypalCurl();
$paypal->init($id,$secret,$base);
$result = $paypal->makePaymentURL($order,$price,$currency);
if ($result->status === true) {
header("location:". $result->url);
die;
}
else { //raise error
echo $result->msg;
die;
}
}
} else {
foreach ($place_order['error'] as $error){
$errors[] = $error;
}
}
}
}
//-------------------------------
// END PLACE ORDER
//-------------------------------
$terms_link = url('index.php?page=termsandconditions');
$view = template_header(($checkout_header ?? 'Checkout'),'');
$view .= '
<div class="checkout content-wrapper">
<h1>'.$h1_checkout.'</h1>';
if (!empty($errors) || count($errors) > 0){
$view .= '<p class="error">'.implode('<br>', $errors).'</p>';
}
if (!isset($_SESSION['account_loggedin'])){
$view .= '<p>'.$account_available.' <a href="'.url('index.php?page=myaccount').'">'.$account_log_in.'</a></p>';
}
$view .= '
<form action="" method="post">
<div class="container">
<div class="shipping-details">
<div id="dropin-container"></div>
<h2>'.$payment_method.'</h2>
<div class="payment-methods">';
if (mollie_enabled){
$view .= ' <input id="mollie" type="radio" name="method" value="3" '. ((mollie_default)? 'checked':'') .'>
<label for="mollie">
<img src="./custom/assets/iDEAL.png" style="width: 50px;" alt="'.$payment_method_1.'">
<img src="./custom/assets/bancontact.png" style="width: 50px;" alt="'.$payment_method_1.'">
</label>';
}
if (paypal_enabled){
$view .= ' <input id="paypal" type="radio" name="method" value="1" '. ((paypal_default)? 'checked':'') .'>
<label for="paypal"><img src="https://www.paypalobjects.com/webstatic/mktg/Logo/pp-logo-100px.png" alt="PayPal Logo"></label>';
}
if (pay_on_delivery_enabled){
$view .= ' <input id="payondelivery" type="radio" name="method" value="2" '. ((pay_on_delivery_default)? 'checked':'') .' >
<label for="payondelivery">'.$payment_method_2.'</label>';
}
$view .= ' </div>';
if (!isset($_SESSION['account_loggedin'])){
$view .= '
<h2>'.$account_create_email.'</h2>
<label for="email"></label>
<input type="email" name="email" id="email" placeholder="'.$account_create_email.'" class="form-field" required>
<h2>'.$account_create.((!account_required) ? $account_create_optional : '').'</h2>
<label for="password">'.$account_create_password.'</label>
<input type="password" name="password" id="password" placeholder="'.$account_create_password.'" class="form-field" autocomplete="new-password">
<label for="cpassword">'.$account_create_password_confirm.'</label>
<input type="password" name="cpassword" id="cpassword" placeholder="'.$account_create_password_confirm.'" class="form-field" autocomplete="new-password">';
}
$view .= '
<h2>'.$h2_Shipping_details.'</h2>
<div class="row1">
<label for="first_name">'.$shipping_first_name.'</label>
<input type="text" value="'.htmlspecialchars($account['first_name'], ENT_QUOTES).'" name="first_name" id="first_name" placeholder="'.$shipping_first_name.'" class="form-field" required>
</div>
<div class="row2">
<label for="last_name">'.$shipping_last_name.'</label>
<input type="text" value="'.htmlspecialchars($account['last_name'], ENT_QUOTES).'" name="last_name" id="last_name" placeholder="'.$shipping_last_name.'" class="form-field" required>
</div>
<label for="address_street">'.$shipping_address.'</label>
<input type="text" value="'.htmlspecialchars($account['address_street'], ENT_QUOTES).'" name="address_street" id="address_street" placeholder="'.$shipping_address.'" class="form-field" required>
<label for="address_city">'.$shipping_city.'</label>
<input type="text" value="'.htmlspecialchars($account['address_city'], ENT_QUOTES).'" name="address_city" id="address_city" placeholder="'.$shipping_city.'" class="form-field" required>
<div class="row1">
<label for="address_state">'.$shipping_state.'</label>
<input type="text" value="'.htmlspecialchars($account['address_state'], ENT_QUOTES).'" name="address_state" id="address_state" placeholder="'.$shipping_state.'" class="form-field">
</div>
<div class="row2">
<label for="address_zip">'.$shipping_zip.'</label>
<input type="text" value="'.htmlspecialchars($account['address_zip'], ENT_QUOTES).'" name="address_zip" id="address_zip" placeholder="'.$shipping_zip.'" class="form-field" required>
</div>
<label for="address_phone">'.$shipping_phone.'</label>
<input type="text" value="'.htmlspecialchars(($account['address_phone'] ?? ''), ENT_QUOTES).'" name="address_phone" id="address_phone" placeholder="'.$shipping_phone.'" class="form-field" required>
<label for="address_country">'.$shipping_country.'</label>
<select name="address_country" class="ajax-update form-field" required>';
foreach($countries_in_scope as $key => $value){
$view .= ' <option value="'.$key.'" '.($key==$account['address_country'] ? ' selected' : '').'>'.(${$value} ?? $value).'</option>';
}
$view .= ' </select>
</div>
<div class="cart-details">
<h2>'.$h2_shoppingcart.'</h2>
<table>';
foreach($products_in_cart['cart_details']['products'] as $product){
$view .= ' <tr>
<td><img src="'.img_url.$product['meta']['img'].'" width="35" height="35" alt="'.$product['meta']['name'].'"></td>
<td>'.$product['quantity'].' x '.$product['meta']['name'].'</td>
<td class="price">'.currency_code.''.number_format($product['options_price'] * $product['quantity'],2).'</td>
</tr>';
}
$view .= ' </table>
<div class="discount-code">
<input type="text" class="ajax-update form-field" name="discount_code" placeholder="'.$discount_label.'" value="'.(isset($_SESSION['discount']) ? $_SESSION['discount'] : '').'">
<span class="result">';
if (isset($_SESSION['discount'], $products_in_cart['totals']['discounttotal'])){
$view .= $products_in_cart['totals']['discount_message'];
}
$view .= ' </span>
</div>
<div class="shipping-methods-container">';
if (isset($shipping_methods) && count($shipping_methods) > 0){
$view .= ' <div class="shipping-methods">
<h3>'.$h3_shipping_method.'</h3>';
foreach($shipping_methods as $method){
$view .= ' <div class="shipping-method">
<input type="radio" class="ajax-update" id="sm'.$method['id'].'" name="shipping_method" value="'.$method['id'].'" required'.(($checkout_input['selected_shipment_method']==$method['id'] || count($shipping_methods) == 1) ? ' checked':'').'>
<label for="sm'.$method['id'].'">'.$method['name'].' ('.currency_code.''.number_format($method['price'], 2).')</label>
</div>';
}
$view .= '</div>';
}
$view .= ' </div>
<div class="summary">
<div class="subtotal">
<span>'.$total_subtotal.'</span>
<span>'.currency_code.''.number_format($subtotal,2).'</span>
</div>
<div class="shipping">
<span>'.$total_shipping.'</span>
<span>'.currency_code.''.number_format($shippingtotal,2).'</span>
</div>';
if ($discounttotal > 0){
$view .= '<div class="discount">
<span>'.$total_discount.'</span>
<span>-'.currency_code.''.number_format(round($discounttotal, 1),2).'</span>
</div>';
}
if ($taxtotal > 0){
$view .= '<div class="vat">
<span>'.($tax_text ?? 'VAT').' <span class="alt">('.$tax_rate.')</span></span>
<span>'.currency_code.''.number_format($taxtotal,2).'</span>
</div>';
}
$view .= ' </div>
<div class="total">
<span>'.$total_total.' <span class="alt">'.$total_total_note.'</span></span><span>'.currency_code.''.number_format($total,2).'</span>
</div>
<div class="summary">
<div class="subtotal">
<span>
<input type="checkbox" id="consent" name="consent_comms" value="1">'.$order_consent_1.'</a>
</span>
</div>
<div class="subtotal">
<span>
<input type="checkbox" id="consent" name="consent" value="1" required>'.$order_consent_2.' <a href="'.$terms_link.'" target="_blank">'.$order_consent_3.'</a>
</span>
</div>
</div>
<div class="buttons">
<button type="submit" name="checkout" class="checkout_btn">'.$btn_place_order.'</button>
</div>
</div>
</div>
</form>
</div>';
$view .= template_footer();
//OUTPUT
echo $view;
?>
Reference in New Issue View Git Blame Copy Permalink