Commit 0a1cbbb7 authored by Malcolm Blaney's avatar Malcolm Blaney

Cart module overhaul, including support for credit card processing.

Purchase module bug fix, checking for next pre-order-final now also
depends on pre-order-final-time. Login bug fix if user adds a space
to their username.
parent 768d372d
This diff is collapsed.
......@@ -1193,9 +1193,13 @@ class Purchase extends Base {
$wait = (int)$this->Substitute("pre-order-wait") * 3600;
if ($wait !== 0) {
$pre_order_final = $this->Substitute("pre-order-final");
$pre_order_final_time = $this->Substitute("pre-order-final-time");
if ($pre_order_final_time !== "") {
$pre_order_final .= ", ".$pre_order_final_time;
}
$next_pre_order_final = strtotime($pre_order_final);
// Compare the current pre-order-final to the start of today.
if ($next_pre_order_final < strtotime(date("F j Y 00:00:00"))) {
// Compare the current pre-order-final to the current time.
if ($next_pre_order_final < time()) {
$next_pre_order_final = strtotime("next ".$pre_order_final);
}
// If pre_order_final is not a weekday strtotime will return false when
......@@ -1211,28 +1215,26 @@ class Purchase extends Base {
$user_query = "";
if ($this->GroupMember("purchase-other-order")) {
$object["data"] = $this->AllData($next_co_op, 0, true);
// Skip these users in the quota query below.
// Skip these users in the quota query below as we already have enough
// information for them to display in quotas.
foreach ($object["data"] as $user => $data) {
if ($user_query != "") {
$user_query .= ' AND ';
}
$user_query .= 'purchase.user != "'.$user.'"';
$user_query .= ' AND purchase.user != "'.$user.'"';
}
}
else {
$object["data"] = array($this->user->name => $this->Data($next_co_op));
$user_query = 'purchase.user != "'.$this->user->name.'"';
$user_query = ' AND purchase.user != "'.$this->user->name.'"';
}
// Also look up quantities for other users so quotas can be calculated.
// Note that quotas are only available in order mode, though they are
// also shown in the "all users" dialog to help purchasing. In that case
// though, the quotas are for the group only, not a whole organisation
// (which is what is queried here...)
// though, the quotas are for the group only, not a whole organisation,
// which is what is queried here.
$organiser = new Organiser($this->user, $this->owner);
$mysqli = connect_db();
$query = 'SELECT purchase.user, name, quantity FROM purchase LEFT JOIN '.
'users ON purchase.user = users.user WHERE '.
'('.$organiser->GroupQuery().') AND timestamp >= '.$next_co_op.' AND '.
'('.$organiser->GroupQuery().') AND timestamp >= '.$next_co_op.
$user_query.' AND name != "surcharge"';
if ($result = $mysqli->query($query)) {
while ($purchase = $result->fetch_assoc()) {
......
......@@ -3,7 +3,7 @@
// @licstart The following is the entire license notice
// for the JavaScript code in this page.
//
// Copyright (C) 2013 Malcolm Blaney
// Copyright (C) 2014 Malcolm Blaney
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
......@@ -59,7 +59,7 @@ return table;}
function cartItem(){$.post("/php/request.php",{request:"cart",action:"item",name:$(this).html(),url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart item")){return;}
var item=JSON.parse(response);$("#cart-item-dialog").html(item.content);$("#cart-item-dialog").dialog("open");});}
function checkout(){$("#cart-checkout-dialog").dialog("open");$("#cart-summary").html("You have selected the following items:<br>"+
cartTotal());$("#cart-checkout-message").html("Please enter your contact details to "+"post your items and to calculate "+"shipping costs.");$("#cart-customer-details-form").show();}
cartTotal());$("#cart-checkout-message").html("Please enter your contact details:");$("#cart-customer-details-form").show();}
function customerDetail(){if($("#customer-detail-first").val()===""){$("#cart-checkout-info").html("Please enter your first name.");return false;}
if($("#customer-detail-last").val()===""){$("#cart-checkout-info").html("Please enter your last name.");return false;}
if($("#customer-detail-email").val()===""){$("#cart-checkout-info").html("Please enter your email.");return false;}
......@@ -68,7 +68,7 @@ if($("#customer-detail-postcode").val()===""){$("#cart-checkout-info").html("Ple
if($("#customer-detail-city").val()===""){$("#cart-checkout-info").html("Please enter your city.");return false;}
if($("#customer-detail-state").val()===""){$("#cart-checkout-info").html("Please enter your state.");return false;}
if($("#customer-detail-country").val()===""){$("#cart-checkout-info").html("Please enter your country.");return false;}
$("#cart-checkout-info").html("");$.post("/php/request.php",{request:"cart",action:"shipping",cart:JSON.stringify(cart),first:$("#customer-detail-first").val(),last:$("#customer-detail-last").val(),email:$("#customer-detail-email").val(),address:$("#customer-detail-address").val(),city:$("#customer-detail-city").val(),state:$("#customer-detail-state").val(),country:$("#customer-detail-country").val(),postcode:$("#customer-detail-postcode").val(),url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart shipping")){return;}
$("#cart-checkout-info").html("");$.post("/php/request.php",{request:"cart",action:"checkout",cart:JSON.stringify(cart),first:$("#customer-detail-first").val(),last:$("#customer-detail-last").val(),email:$("#customer-detail-email").val(),address:$("#customer-detail-address").val(),city:$("#customer-detail-city").val(),state:$("#customer-detail-state").val(),country:$("#customer-detail-country").val(),postcode:$("#customer-detail-postcode").val(),method:$("#customer-detail-method").val(),url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart shipping")){return;}
var shipping=JSON.parse(response);$("#cart-customer-details-form").hide();$("#cart-summary").html("You have selected the following items:<br>"+
cartTotal(shipping.cost));$("#cart-checkout-message").html(shipping.content);$("#cart-payment").button();});return false;}
function close(){if(editor){editor.destroy();}}
......@@ -77,12 +77,14 @@ settings=JSON.parse(response);$("#cart-editor").html(settings.content);$("#cart-
else{settings.items=[];}
updateItems();if(settings.shipping.length!==0){showShipping(settings.shipping[0]);}
else{settings.shipping=[];newShipping();}
if(settings.checkout){showCheckout(settings.checkout);}});}
if(settings.checkout){$("#cart-checkout-email").val(checkout.email);$("#cart-checkout-currency").val(checkout.currency);}
if(settings.method){$.each(settings.method,function(i,method){var checked=method.available==="1";$("#cart-checkout-method-"+method.name).prop("checked",checked);if(method.name==="credit"){$("#cart-checkout-gateway-api-key").val(method.gateway_api_key);}});}});}
function updateItems(){var items=[];$.each(settings.items,function(i,item){items.push(item.name);});$("#cart-item-name").autocomplete({source:items,select:autoCompleteItem});}
function autoCompleteItem(event,ui){$.each(settings.items,function(i,item){if(ui.item.value===item.name){showItem(item);return false;}});}
function showItem(item){$("#cart-item-name").val(item.name);$("#cart-item-image").val(item.image);$("#cart-item-short").val(item.short);editor.setData(item.full);$("#cart-item-weight").val(item.weight);$("#cart-item-price").val(item.price);if(item.variable===1){$("#cart-item-variable").prop("checked",true);$(".show-item-minimum").show();}
function showItem(item){if(!item){return;}
$("#cart-item-name").val(item.name);$("#cart-item-image").val(item.image);$("#cart-item-short").val(item.short);editor.setData(item.full);$("#cart-item-weight").val(item.weight);$("#cart-item-price").val(item.price);if(item.variable==="1"){$("#cart-item-variable").prop("checked",true);$(".show-item-minimum").show();}
else{$("#cart-item-variable").prop("checked",false);$(".show-item-minimum").hide();}
$("#cart-item-minimum").val(item.minimum);$("#cart-item-download").val(item.download);$("#cart-item-order").val(item.item_order);if(item.available===1){$("#cart-item-available").prop("checked",true);}
$("#cart-item-minimum").val(item.minimum);$("#cart-item-download").val(item.download);$("#cart-item-order").val(item.item_order);if(item.available==="1"){$("#cart-item-available").prop("checked",true);}
else{$("#cart-item-available").prop("checked",false);}
if(settings.items.length===0||itemIndex===0){$("#cart-item-previous").button("disable");}
else{$("#cart-item-previous").button("enable");}
......@@ -108,8 +110,7 @@ function newShipping(){if(settings.shipping.length===0||settings.shipping[settin
shippingIndex=settings.shipping.length-1;showShipping(settings.shipping[shippingIndex]);}
function previousShipping(){showShipping(settings.shipping[--shippingIndex]);}
function nextShipping(){showShipping(settings.shipping[++shippingIndex]);}
function saveCheckout(){dobrado.log("saving checkout...","info");var email=$("#cart-checkout-email").val();var currency=$("#cart-checkout-currency").val();$.post("/php/request.php",{request:"cart",action:"save-checkout",email:email,currency:currency,url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart save checkout")){return;}});return false;}
function showCheckout(checkout){$("#cart-checkout-email").val(checkout.email);$("#cart-checkout-currency").val(checkout.currency);}
function saveCheckout(){dobrado.log("saving checkout...","info");var email=$("#cart-checkout-email").val();var currency=$("#cart-checkout-currency").val();var credit=$("#cart-checkout-method-credit:checked").length;var paypal=$("#cart-checkout-method-paypal:checked").length;var gatewayApiKey=$("#cart-checkout-gateway-api-key").val();var gatewayPassword=$("#cart-checkout-gateway-password").val();$.post("/php/request.php",{request:"cart",action:"save-checkout",email:email,currency:currency,credit:credit,paypal:paypal,gatewayApiKey:gatewayApiKey,gatewayPassword:gatewayPassword,url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart save checkout")){return;}});return false;}
function imageBrowser(){browserTarget="#cart-item-image";dobrado.createModule("browser","browser","cart");return false;}
function downloadBrowser(){browserTarget="#cart-item-download";dobrado.createModule("browser","browser","cart");return false;}
dobrado.cart.select=function(filename){$(browserTarget).val(filename);};})();
\ No newline at end of file
......@@ -2,7 +2,7 @@
// @licstart The following is the entire license notice
// for the JavaScript code in this page.
//
// Copyright (C) 2013 Malcolm Blaney
// Copyright (C) 2014 Malcolm Blaney
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
......@@ -269,9 +269,7 @@ if (!this.dobrado.cart) {
$("#cart-checkout-dialog").dialog("open");
$("#cart-summary").html("You have selected the following items:<br>" +
cartTotal());
$("#cart-checkout-message").html("Please enter your contact details to " +
"post your items and to calculate " +
"shipping costs.");
$("#cart-checkout-message").html("Please enter your contact details:");
$("#cart-customer-details-form").show();
}
......@@ -312,7 +310,7 @@ if (!this.dobrado.cart) {
$.post("/php/request.php",
{ request: "cart",
action: "shipping",
action: "checkout",
cart: JSON.stringify(cart),
first: $("#customer-detail-first").val(),
last: $("#customer-detail-last").val(),
......@@ -322,6 +320,7 @@ if (!this.dobrado.cart) {
state: $("#customer-detail-state").val(),
country: $("#customer-detail-country").val(),
postcode: $("#customer-detail-postcode").val(),
method: $("#customer-detail-method").val(),
url: location.href,
token: dobrado.token },
function(response) {
......@@ -415,7 +414,17 @@ if (!this.dobrado.cart) {
newShipping();
}
if (settings.checkout) {
showCheckout(settings.checkout);
$("#cart-checkout-email").val(checkout.email);
$("#cart-checkout-currency").val(checkout.currency);
}
if (settings.method) {
$.each(settings.method, function(i, method) {
var checked = method.available === "1";
$("#cart-checkout-method-" + method.name).prop("checked", checked);
if (method.name === "credit") {
$("#cart-checkout-gateway-api-key").val(method.gateway_api_key);
}
});
}
});
}
......@@ -439,13 +448,17 @@ if (!this.dobrado.cart) {
}
function showItem(item) {
if (!item) {
return;
}
$("#cart-item-name").val(item.name);
$("#cart-item-image").val(item.image);
$("#cart-item-short").val(item.short);
editor.setData(item.full);
$("#cart-item-weight").val(item.weight);
$("#cart-item-price").val(item.price);
if (item.variable === 1) {
if (item.variable === "1") {
$("#cart-item-variable").prop("checked", true);
$(".show-item-minimum").show();
}
......@@ -456,7 +469,7 @@ if (!this.dobrado.cart) {
$("#cart-item-minimum").val(item.minimum);
$("#cart-item-download").val(item.download);
$("#cart-item-order").val(item.item_order);
if (item.available === 1) {
if (item.available === "1") {
$("#cart-item-available").prop("checked", true);
}
else {
......@@ -700,12 +713,20 @@ if (!this.dobrado.cart) {
dobrado.log("saving checkout...", "info");
var email = $("#cart-checkout-email").val();
var currency = $("#cart-checkout-currency").val();
var credit = $("#cart-checkout-method-credit:checked").length;
var paypal = $("#cart-checkout-method-paypal:checked").length;
var gatewayApiKey = $("#cart-checkout-gateway-api-key").val();
var gatewayPassword = $("#cart-checkout-gateway-password").val();
$.post("/php/request.php",
{ request: "cart",
action: "save-checkout",
email: email,
currency: currency,
credit: credit,
paypal: paypal,
gatewayApiKey: gatewayApiKey,
gatewayPassword: gatewayPassword,
url: location.href,
token: dobrado.token },
function(response) {
......@@ -716,11 +737,6 @@ if (!this.dobrado.cart) {
return false;
}
function showCheckout(checkout) {
$("#cart-checkout-email").val(checkout.email);
$("#cart-checkout-currency").val(checkout.currency);
}
function imageBrowser() {
browserTarget = "#cart-item-image";
dobrado.createModule("browser", "browser", "cart");
......
......@@ -176,10 +176,10 @@ class Notification extends Base {
$template = array('"notification-system","","System message from '.
'<b>!author</b>:<br>!description<br>At !timestamp"',
'"notification-feed","","<b>!author</b> added a new '.
'post to <a href="!permalink">!description</a><br>'.
'post to <a href=\"!permalink\">!description</a><br>'.
'At !timestamp"',
'"notification-comment","","<b>!author</b> commented '.
'on <a href="!permalink">!description</a><br>'.
'on <a href=\"!permalink\">!description</a><br>'.
'At !timestamp"');
$this->AddTemplate($template);
......
......@@ -218,13 +218,9 @@ class Page {
$scheme = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] !== "" ?
"https://" : "http://";
$page = $this->user->config->FancyUrl() ? "/" : "/index.php?page=";
if ($name === "") {
$page .= $this->user->config->LoginPage();
}
else {
$page .= $name;
}
$page .= $name === "" ? $this->user->config->LoginPage() : $name;
// If not logged in user->name will be an empty string.
// Not using config ServerName here in case CNAME is being used.
if ($this->user->name == "admin" || $this->user->name === "") {
header("Location: ".$scheme.$_SERVER["SERVER_NAME"].$page);
}
......
......@@ -50,7 +50,7 @@ class User {
// Check if a (possibly different) user is trying to log in.
if (isset($_POST["user"])) {
$mysqli = connect_db();
$this->name = strtolower($mysqli->escape_string($_POST["user"]));
$this->name = strtolower(trim($mysqli->escape_string($_POST["user"])));
if ($this->name == "guest" && $this->config->GuestAllowed()) {
$this->Guest();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment