0 if ( $iAantal < 1 ) { $oError->addError( ERR_INVALID_NUMBER , $aLang['cart_invalid_number'] , __FILE__ , __LINE__ , FALSE ); header( 'Location: ' . SITE_URL . $_SESSION['continue_shopping'] ); exit; } else { // Otherwise check if the article exists in the database $sQuery = "SELECT a.artikel_naam, a.artikel_max_perorder FROM artikelen a, categorieen c, evenementen e WHERE a.artikel_id = " . intval( $iArtikel ) . " AND c.cat_id = a.artikel_cat AND e.ev_id = c.cat_ev AND a.artikel_vvk_isopen = 1 AND a.artikel_ispublished = 1 AND c.cat_ispublished = 1 AND e.ev_vvk_isopen = 1 AND e.ev_ispublished = 1 "; $rQuery = @mysql_query( $sQuery ); $bAdded = FALSE; if ( $rQuery == FALSE ) { $oError->addDbError( $sQuery , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { if ( ( $iArtNum = @mysql_num_rows( $rQuery ) ) != 1 ) { $oError->addError( ERR_ADDED_UNKNOWN_ARTICLE , $aLang['cart_unknown_product_added'] , __FILE__ , __LINE__ , FALSE ); } // If it does exist, add it to the current cart else { $aArtikel = mysql_fetch_assoc( $rQuery ); $bAdded = FALSE; // Let's check if the given article is already in the cart if ( isset( $_SESSION['cart'][ $iArtikel ] ) and $_SESSION['cart'][ $iArtikel ] > 0 ) { // If the maximum number of this product per order is not threatened... if ( ( $_SESSION['cart'][ $iArtikel ] + $iAantal ) <= $aArtikel['artikel_max_perorder'] ) { // And if so, add the new number to the existing number of article X in the cart $_SESSION['cart'][ $iArtikel ] += $iAantal; $bAdded = TRUE; } else { $_SESSION['msg_prev_page'][] = sprintf( $aLang['maximum_number_of_products'] , $aArtikel['artikel_max_perorder'] , $aArtikel['artikel_naam'] ); $bMsgNextPage = TRUE; } } else { if ( $iAantal <= $aArtikel['artikel_max_perorder'] ) { $_SESSION['cart'][ $iArtikel ] = $iAantal; $bAdded = TRUE; } else { $_SESSION['msg_prev_page'][] = sprintf( $aLang['maximum_number_of_products'] , $aArtikel['artikel_max_perorder'] , $aArtikel['artikel_naam'] ); $bMsgNextPage = TRUE; } } } } if ( $bAdded == TRUE ) { $sGet = "SELECT artikel_stukprijs * " . intval( $iAantal ) . " AS amountAdded, artikel_naam FROM artikelen WHERE artikel_id = " . intval( $iArtikel ) . " LIMIT 0,1 "; $rGet = @mysql_query( $sGet ); if ( $rGet == FALSE ) { $oError->addWarning( WARN_CART_AMOUNT_UPDATE_FAILED , $aLang['cart_amount_update_failed'] , __FILE__ , __LINE__ , FALSE ); } else { $aTmp = @mysql_fetch_assoc( $rGet ); if ( isset( $aTmp['amountAdded'] ) ) { $_SESSION['cart_amount'] += (double) $aTmp['amountAdded']; $_SESSION['msg_prev_page'][] = sprintf( $aLang['added_to_cart'] , $aTmp['artikel_naam'] , $iAantal ); } } } // If the client wants to directly order their cart, redirect us to the page that does it if ( isset( $bImmediateOrder ) and $bImmediateOrder == TRUE ) { header( "Location: " . SITE_URL . "cart/order/0/" ); exit(); } // If there is a return path (from some 'add to cart'-form) and it's valid, redirect to it after adding if ( isset( $_POST['return_url'] ) ) { if ( preg_match( "#^([A-Za-z0-9/_]*)$#is" , $_POST['return_url'] ) ) { $_SESSION['continue_shopping'] = $_POST['return_url']; header( 'Location: ' . SITE_URL . $_POST['return_url'] ); exit; } // If the return thing does not match, there's something wrong (someone's giving fake urls or a scripting error). Log it, but don't interrupt the script! else { $oError->addWarning( WARN_INVALID_RETURN_URL , "Invalid 'return-to'-string. Added article " . $iArtikel . " times " . $iAantal . " to cart. Not returned to page (" . $_POST['return_to'] . ".", __FILE__ , __LINE__ , FALSE ); } } } header( "Location: " . SITE_URL . "show/cart/" ); exit(); break; // Delete one or all articles (with number X) from the cart/session case 'delete'; if ( $iDelete == 'all' ) { $_SESSION['cart'] = array(); } else { if ( isset( $_SESSION['cart'][ $iDelete ] ) ) { unset( $_SESSION['cart'][ $iDelete ] ); } else { $_SESSION['msg_prev_page'][] = $aLang['deleted_not_in_cart']; } } header( "Location: " . SITE_URL . 'show/cart/0/' ); exit(); break; // If there was a problem with stocks and the client confirmed the changes proposed, // update the session and directly order it. This case will not be broken (for we want to proceed to the next case). case 'update_order': // Are we posted? if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { // Do we have an order waiting for updating if ( $_SESSION['order_stage'] == ORDER_PENDING and isset( $_SESSION['order_hash'] ) ) { // Is there a valid form (i.e. is update_order an array with some elements) if ( isset( $_POST['update_order'] ) and is_array( $_POST['update_order'] ) and count( $_POST['update_order'] ) > 0 ) { // Loop through changing stuff foreach ( $_POST['update_order'] as $iArt => $iNum ) { // If this is not an article know to be changed or it is not in the cart at all, do nothing. if ( isset( $_SESSION['tmp_maxes'][ $iArt ] ) and intval( $_SESSION['tmp_maxes'][ $iArt ] ) == $_SESSION['tmp_maxes'][ $iArt ] and isset( $_SESSION['cart'][ $iArt ] ) ) { // If the number is valid and less than or equal to the maximum recorded earlier, overwrite the number in the session with the new number. if ( intval( $iNum ) == $iNum and intval( $iNum ) <= intval( $_SESSION['tmp_maxes'][ $iArt ] ) ) { $_SESSION['cart'][ $iArt ] = intval( $iNum ); } } } } } } //No break;, because we want to order directly. case 'order': if ( isset( $_SESSION['cart'] ) and is_array( $_SESSION['cart'] ) and count( $_SESSION['cart'] ) > 0 ) { $aProblem = array(); $aNormal = array(); $aArticles = array(); foreach ( $_SESSION['cart'] as $iArt => $iNumber ) { // If there is an invalid article ID, number or the number is not positive, discard the item (i.e. not handle them) if ( intval( $iArt ) == $iArt and intval( $iNumber ) == $iNumber and $iNumber > 0 ) { // Otherwise check if the article exists in the database $sQuery = "SELECT a.artikel_id, a.artikel_naam, a.artikel_stukprijs, a.artikel_btw, ( a.artikel_stukprijs * ( 1 + ( a.artikel_btw / 100 ) ) ) as artikel_prijs_incl, a.artikel_voorraad, a.artikel_voorraad_ishard, a.artikel_max_perorder, e.ev_naam FROM artikelen a, categorieen c, evenementen e WHERE a.artikel_id = " . intval( $iArt ) . " AND a.artikel_ispublished = 1 AND a.artikel_vvk_isopen = 1 AND c.cat_id = a.artikel_cat AND c.cat_ispublished = 1 AND e.ev_id = c.cat_ev AND e.ev_ispublished = 1 AND e.ev_vvk_isopen = 1 LIMIT 0,1 "; $rQuery = @mysql_query( $sQuery ); if ( $rQuery == FALSE ) { $oError->addDbError( $sQuery , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { // If there's no article like this, discard it from/do not add it to order if ( @mysql_num_rows( $rQuery ) != 1 ) { $oError->addWarning( WARN_ORDER_UNKNOWN_ARTICLE , $aLang['order_unknown_article'] , __FILE__ , __LINE__ , FALSE ); } // If it does exist, add it to the new order else { $aArtikel = mysql_fetch_assoc( $rQuery ); $sIntNormal = ''; $aIntProblem = array(); // If there is no stock, there's no point in checking maxings: we won't sell it anyway if ( $aArtikel['artikel_voorraad'] < 1 ) { $sIntNormal = sprintf( $aLang['sold_out'] , $aArtikel['ev_naam'] . ': ' . $aArtikel['artikel_naam'] ); } else { $aIntProblem['text'] = ''; $aIntProblem['max'] = $aArtikel['artikel_max_perorder']; // Check stock if ( $aArtikel['artikel_voorraad'] < $iNumber ) { $aIntProblem['text'] .= sprintf( $aLang['not_enough_in_stock'] , $aArtikel['ev_naam'] . ': ' . $aArtikel['artikel_naam'] ); $aIntProblem['max'] = $aArtikel['artikel_voorraad']; } // Check max per order if ( $iNumber > $aArtikel['artikel_max_perorder'] ) { // If there's not enough in stock, too if ( $aIntProblem['text'] != '' ) { // Combine both errors $aIntProblem['text'] = sprintf( $aLang['not_enough_and_too_many'] , $aArtikel['ev_naam'] . ': ' . $aArtikel['artikel_naam'] ); } else { $aIntProblem['text'] = sprintf( $aLang['too_many_products_of_a_kind'] , $aArtikel['ev_naam'] . ': ' . $aArtikel['artikel_naam'] ); } if ( $aIntProblem['max'] > $aArtikel['artikel_max_perorder'] ) { $aIntProblem['max'] = $aArtikel['artikel_max_perorder']; } } } // Check if we have problems or normals for this article and if we have, put them in the general problems/normals arrays if ( count( $aIntProblem ) > 0 or $sIntNormal != '' ) { if ( $sIntNormal != '' ) { $aNormal[ $iArt ] = $sIntNormal; } if( count( $aIntProblem ) > 0 and isset( $aIntProblem['text'] ) and $aIntProblem['text'] != '' and isset( $aIntProblem['max'] ) ) { $aProblem[ $iArt ] = $aIntProblem; } } // If not and we're sure all is well, make array with things we want to put in database for this order, so we can loop trough it later if ( !isset( $aProblem[ $iArt ] ) and !isset( $aNormal[ $iArt ] ) ) { $aArticles[] = array( 'artikel_id' => $aArtikel['artikel_id'] , 'artikel_number' => $iNumber , 'artikel_stukprijs' => $aArtikel['artikel_stukprijs'] , 'artikel_btw' => $aArtikel['artikel_btw'] ); } } } } } // Set order stuff into session $_SESSION['order_hash'] = sha1( rand(1, 1234567890) ); $_SESSION['order_stage'] = 0; // When finished looping through cart contents, check if any problems or normals raised. if ( count( $aNormal ) > 0 or count( $aProblem ) > 0 ) { // Get the template object to let the user confirm the changes due to stock problems $oTpl = new TemplatePower( TPL_PATH . 'confirm_order_change.' . TPL_EXT , T_BYFILE ); $oTpl->assignInclude( 'header' , TPL_PATH . 'header.' . TPL_EXT ); $oTpl->assignInclude( 'footer' , TPL_PATH . 'footer.' . TPL_EXT ); $oTpl->prepare(); $oTpl->newBlock( 'problems' ); $oTpl->assign( array( 'LANG_CONTINUE' => $aLang['order_accept_continue'] , 'LANG_DONT_ACCEPT' => $aLang['order_dont_accept'] ) ); $oTpl->assignGlobal( 'LANG_MAXIMUM' , $aLang['maximum'] ); $_SESSION['order_stage'] = ORDER_PENDING; $bDontRedirect = TRUE; // If there are normals, show them. if ( count( $aNormal ) > 0 ) { $oTpl->newBlock( 'normals' ); foreach( $aNormal as $iArt => $sMsg ) { $oTpl->newBlock( 'normal' ); $oTpl->assign( 'PROBLEM_MSG' , $sMsg ); } } // And if there are problems, show them. if ( count( $aProblem ) > 0 ) { $oTpl->newBlock( 'stock_problems' ); $oTpl->assign( 'LANG_STOCK_PROBLEMS' , $aLang['order_stock_problems'] ); $oTpl->assignGlobal( 'LANG_DO_ORDER_INSTEAD' , $aLang['order_instead_number'] ); foreach( $aProblem as $iArt => $aData ) { $oTpl->newBlock( 'stock_problem' ); $oTpl->assign( array( 'LANG_STOCK_PROBLEM' => $aData['text'], 'ARTICLE_MAX_NUMBER' => $aData['max'], 'ARTICLE_ID' => $iArt ) ); $_SESSION['tmp_maxes'][ $iArt ] = $aData['max']; } } } // If there are no normals and problems, loop through $aArticles to put everything in the database. else { // Put everything in database. if ( count( $aArticles ) > 0 ) { // INSERT new order and get order_id, to put in orders_artikelen $sQuery = "INSERT INTO orders ( order_hash, order_stage, order_session, order_datetime_first, order_client_ip ) VALUES ( '" . $_SESSION['order_hash'] . "', " . $_SESSION['order_stage'] . ", '" . session_id() . "', NOW(), '" . $_SERVER['REMOTE_ADDR'] . "' ) "; $rQuery = @mysql_query( $sQuery ); if ( $rQuery == FALSE or ( $iOrder = @mysql_insert_id() ) < 1 ) { $oError->addDbError( ERR_INSERT_ORDER . " : " . $sQuery , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { foreach ( $aArticles as $aArt ) { // Do queries $sInsert = "INSERT INTO orders_artikelen ( order_id, artikel_id, artikel_aantal, artikel_stukprijs, artikel_btw ) VALUES ( " . $iOrder . ", " . $aArt['artikel_id'] . ", " . $aArt['artikel_number'] . ", " . $aArt['artikel_stukprijs'] . ", " . $aArt['artikel_btw'] . " ) "; $rInsert = @mysql_query( $sInsert ); if ( $rInsert == FALSE ) { $oError->addDbError( ERR_INSERT_ORDERART . " : " . $sInsert , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } } $_SESSION['order_stage'] = ORDER_STAGE1; $_SESSION['payment_choice'] = null; // Update order info in database: stage1 // Kosten PayPal: ( ( ( totaal + verzend ) * 1.034 ) + 0.35 ) $sUpdate = "UPDATE orders SET order_totaalprijs = ( SELECT SUM( artikel_stukprijs * artikel_aantal ) FROM orders_artikelen WHERE order_id = " . $iOrder . " GROUP BY order_id ), order_verzendkosten = ( SELECT LEAST(18, ( SELECT SUM(oa.artikel_aantal * a.verzendkosten) FROM orders_artikelen oa INNER JOIN artikelen a ON oa.artikel_id = a.artikel_id WHERE oa.order_id = " . $iOrder . " GROUP BY oa.order_id )) FROM orders_artikelen oa WHERE order_id = " . $iOrder . " ), order_paypal_fee = (0.35 + (0.034 * ( ( SELECT SUM( artikel_stukprijs * artikel_aantal ) FROM orders_artikelen WHERE order_id = " . $iOrder . " GROUP BY order_id ) + ( SELECT ( CAST( config_value AS SIGNED ) / 100 ) FROM config WHERE config_name = 'verzendkosten' )))), order_paypal_total = (0.35 + (1.034 * ( ( SELECT SUM( artikel_stukprijs * artikel_aantal ) FROM orders_artikelen WHERE order_id = " . $iOrder . " GROUP BY order_id ) + ( SELECT ( CAST( config_value AS SIGNED ) / 100 ) FROM config WHERE config_name = 'verzendkosten' )))), order_stage = '" . ORDER_STAGE1 . "', order_datetime_last = NOW() WHERE order_id = " . $iOrder ; $rUpdate = @mysql_query( $sUpdate ); if ( $rQuery == FALSE ) { $oError->addDbError( ERR_ORDER_UPDATE_STAGE1 . " : " . $sInsert , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { /*if ($_SERVER['REMOTE_ADDR'] == '145.53.6.243') { header( "Location: " . SITE_URL . "order/payment_method/0/" ); } else {*/ header( "Location: " . SITE_URL . "order/delivery/0/" ); //} exit(); } } } } } if ( !isset( $bDontRedirect ) or $bDontRedirect == FALSE ) { header( "Location: " . SITE_URL . "show/cart/0/" ); exit(); } break; case 'payment_method'; $oTpl = new TemplatePower( TPL_PATH . 'payment_method.' . TPL_EXT , T_BYFILE ); $oTpl->assignInclude( 'header' , TPL_PATH . 'header.' . TPL_EXT ); $oTpl->assignInclude( 'footer' , TPL_PATH . 'footer.' . TPL_EXT ); $oTpl->assignInclude( 'payment_method' , LANG_PATH . $sLangName . '_payment.' . TPL_EXT ); $oTpl->prepare(); break; // Changes in the cart viewing form? Update them into the session case 'update_contents': if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { if ( isset( $_POST['number_update'] ) and is_array( $_POST['number_update'] ) ) { // If we have a form and it is an acceptable form, loop through the contents of the number_update-array foreach ( $_POST['number_update'] as $iArtikel => $iAantal ) { $bMsgNextPage = FALSE; $bInvalidNumber = FALSE; // Check 'number' for >0 if ( $iAantal < 1 ) { $oError->addError( ERR_INVALID_NUMBER , $aLang['cart_invalid_number'] , __FILE__ , __LINE__ , FALSE ); $bInvalidNumber = TRUE; } else { // Otherwise check if the article exists in the database $sQuery = "SELECT artikel_naam, artikel_max_perorder FROM artikelen WHERE artikel_id = " . intval( $iArtikel ) ; $rQuery = @mysql_query( $sQuery ); if ( $rQuery == FALSE ) { $oError->addDbError( $sQuery , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { if ( ( $iArtNum = @mysql_num_rows( $rQuery ) ) != 1 ) { $oError->addError( ERR_ADDED_UNKNOWN_ARTICLE , $aLang['cart_unknown_product_added'] , __FILE__ , __LINE__ , FALSE ); } // If it does exist, add it to the current cart else { $aArtikel = mysql_fetch_assoc( $rQuery ); // If the maximum number of this product per order is not threatened... if ( $iAantal <= $aArtikel['artikel_max_perorder'] ) { // And if so, add the new number to the existing number of article X in the cart $_SESSION['cart'][ $iArtikel ] = $iAantal; } else { $_SESSION['msg_prev_page'][] = sprintf( $aLang['maximum_number_of_products'] , $aArtikel['artikel_max_perorder'] , $aArtikel['artikel_naam'] ); } } } } } if ( $bInvalidNumber == TRUE ) { $_SESSION['msg_prev_page'][] = $aLang['cart_invalid_number']; } } } // Don't break, we want to get the cart view default: $oTpl = new TemplatePower( TPL_PATH . 'view_cart.' . TPL_EXT , T_BYFILE ); $oTpl->assignInclude( 'header' , TPL_PATH . 'header.' . TPL_EXT ); $oTpl->assignInclude( 'footer' , TPL_PATH . 'footer.' . TPL_EXT ); $oTpl->prepare(); $oTpl->newBlock( 'cart' ); $oTpl->assign( array ( 'LANG_CART' => ucfirst( $aLang['cart'] ) , 'LANG_TOTAL' => ucfirst( $aLang['total'] ) , 'LANG_UPDATE_CART' => $aLang['update_cart'] ) ); $iArtCount = 0; $dAmountForSession = (double) 0; $aToDel = array(); if ( isset( $_SESSION['cart'] ) and is_array( $_SESSION['cart'] ) and count( $_SESSION['cart'] ) > 0 ) { ksort( $_SESSION['cart'] ); foreach ( $_SESSION['cart'] as $iArt => $iNumber ) { $bValid = FALSE; if ( intval( $iArt ) == $iArt and intval( $iNumber ) == $iNumber and $iNumber > 0 ) { $sCheck = "SELECT a.artikel_id, a.artikel_naam, a.artikel_stukprijs, c.cat_id, c.cat_naam, e.ev_id, e.ev_naam FROM artikelen a, categorieen c, evenementen e WHERE a.artikel_id = " . intval( $iArt ) . " AND a.artikel_ispublished = 1 AND a.artikel_vvk_isopen = 1 AND c.cat_id = a.artikel_cat AND c.cat_ispublished = 1 AND e.ev_id = c.cat_ev AND e.ev_ispublished = 1 AND e.ev_vvk_isopen = 1 LIMIT 0,1 "; $rCheck = @mysql_query( $sCheck ); if ( $rCheck == FALSE ) { $oError->addWarning( ERR_CHECKING_ARTICLES . " : " . $sCheck , mysql_error() , mysql_errno() , __FILE__ , __LINE__ ); } else { if ( @mysql_num_rows( $rCheck ) != 1 ) { $oError->addWarning( WARN_INVALID_ARTICLE , sprintf( $aLang['cart_invalid_article'] , $iArt ) , __FILE__ , __LINE__ , FALSE ); } else { $aArtikel = @mysql_fetch_assoc( $rCheck ); $dAmount = (double) ( intval( $iNumber ) * $aArtikel['artikel_stukprijs'] ); $oTpl->newBlock( 'cart_row' ); $oTpl->assign( array( 'PRODUCT_ID' => $aArtikel['artikel_id'] , 'PRODUCT_NAME' => $aArtikel['artikel_naam'] , 'PRODUCT_EVENT_NAME' => $aArtikel['ev_naam'] , 'PRODUCT_PRICE' => sprintf( "%01.2f" , $aArtikel['artikel_stukprijs'] ) , 'PRODUCT_NUMBER' => intval( $iNumber ) , 'PRODUCT_TOTAL' => sprintf( "%01.2f" , $dAmount ) , 'URL_PRODUCT' => SITE_URL . 'show/product/' . $aArtikel['artikel_id'] , 'URL_PRODUCT_CAT' => SITE_URL . 'show/products/for/category/' . $aArtikel['cat_id'] , 'URL_PRODUCT_EVENT' => SITE_URL . 'show/products/' . $aArtikel['ev_id'] ) ); $iArtCount++; $bValid = TRUE; $dAmountForSession += $dAmount; } } } if ( $bValid == FALSE ) { $aToDel[] = $iArt; } } foreach ( $aToDel as $iDel ) { if ( isset( $_SESSION['cart'][ $iDel ] ) ) { unset( $_SESSION['cart'][ $iDel ] ); } } } if ( $iArtCount < 1 ) { $oTpl->newBlock( 'cart_none_found' ); $oTpl->assign( 'LANG_NO_CONTENTS_FOUND' , $aLang['cart_empty'] ); } else { $oTpl->assignGlobal( 'LANG_DEL_FROM_CART' , $aLang['cart_delete_article'] ); } $oTpl->gotoBlock( 'cart' ); $oTpl->assign( 'CART_TOTAL_AMOUNT' , sprintf( "%01.2f" , $dAmountForSession ) ); $_SESSION['cart_amount'] = $dAmountForSession; if ( isset( $_SESSION['continue_shopping'] ) ) { $oTpl->newBlock( 'continue_shopping' ); $oTpl->assign( array( 'LANG_CONTINUE_SHOPPING' => $aLang['continue_shopping'] , 'URL_CONTINUE_SHOPPING' => $_SESSION['continue_shopping'] , ) ); } break; } $aToTpl = array( "PAGE_TITLE" => $sPageTitle = "Pygmalion - Webshop", "css" => array( 'cart' ) ); require_once( INC_PATH . 'tpl_ending.' . PHP_EXT ); ?>