<?php
######################################################################
# Emporium 2.3.5
######################################################################
# Copyright (c) 2004 by Michael Squires
# http://www.burnwave.com/
######################################################################

/************************************************************************/
/* PHP-Nuke Platinum: Expect to be impressed                  COPYRIGHT */
/*                                                                      */
/* Copyright (c) 2004 - 2006 by http://www.techgfx.com                  */
/*     Techgfx - Graeme Allan                       (goose@techgfx.com) */
/*                                                                      */
/* Copyright (c) 2004 - 2006 by http://www.conrads-berlin.de            */
/*     MrFluffy - Axel Conrads                 (axel@conrads-berlin.de) */
/*                                                                      */
/* Refer to TechGFX.com for detailed information on PHP-Nuke Platinum   */
/*                                                                      */
/* TechGFX: Your dreams, our imagination                                */
/************************************************************************/

class emporium_checkout {

	function emporium_checkout(){
		global $prefix, $db;
		$this->load_values();
	}
	
	function load_values(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$checkout_sql = $db->sql_query("SELECT * FROM ".$prefix."_cart_preorders WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$checkout_data = $db->sql_fetchrow($checkout_sql);
		$this->shipFirstName = $checkout_data['shipFirstName'];
		$this->shipLastName = $checkout_data['shipLastName'];
		$this->shipAddress1 = $checkout_data['shipAddress1'];
		$this->shipAddress2 = $checkout_data['shipAddress2'];
		$this->shipCity = $checkout_data['shipCity'];
		$this->shipState = $checkout_data['shipState'];
		$this->shipZip = $checkout_data['shipZip'];
		$this->shipCountry = $checkout_data['shipCountry'];
		$this->shipMethod = $checkout_data['shipMethod'];
		$this->shipMethodName = $checkout_data['shipMethodName'];
		$this->shipMethodData = $checkout_data['shipMethodData'];
		$this->billEmail = $checkout_data['billEmail'];
		$this->billFirstName = $checkout_data['billFirstName'];
		$this->billLastName = $checkout_data['billLastName'];
		$this->billAddress1 = $checkout_data['billAddress1'];
		$this->billAddress2 = $checkout_data['billAddress2'];
		$this->billCity = $checkout_data['billCity'];
		$this->billState = $checkout_data['billState'];
		$this->billZip = $checkout_data['billZip'];
		$this->billCountry = $checkout_data['billCountry'];
		$this->billDayPhone = $checkout_data['billDayPhone'];
		$this->billEvePhone = $checkout_data['billEvePhone'];
		$this->payMethod = $checkout_data['payMethod'];
		$this->payMethodName = $checkout_data['payMethodName'];
		$this->payMethodData = $checkout_data['payMethodData'];
		$this->productTotal = $checkout_data['productTotal'];
		$this->shipTotal = $checkout_data['shipTotal'];
		$this->handlingTotal = $checkout_data['handlingTotal'];
		$this->taxTotal = $checkout_data['taxTotal'];
		$this->step = $checkout_data['step'];
		$this->expires = $checkout_data['expires'];
		
		$sstateinfo = cartstateinfo($this->shipState);
		$this->shipStateName = $sstateinfo['stateName'];
		$scountryinfo = cartcountryinfo($this->shipCountry);
		$this->shipCountryName = $scountryinfo['countryName'];
		
		$bstateinfo = cartstateinfo($this->billState);
		$this->billStateName = $bstateinfo['stateName'];
		$bcountryinfo = cartcountryinfo($this->billCountry);
		$this->billCountryName = $bcountryinfo['countryName'];
		
	}

	function exists(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$checkout_sql = $db->sql_query("SELECT * FROM ".$prefix."_cart_preorders WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$checkout_rows = $db->sql_numrows($checkout_sql);
		if($checkout_rows == 1){ 
			$checkout_exists = 1; 
		} else { 
			$checkout_exists = 0;
		}
		return $checkout_exists;
	}
	
	function authorize(){
		global $prefix, $db, $cartconfig;
		$userinfo = cartuserinfo();
		if($this->exists() == 0){
			header("Location: modules.php?name=Shopping_Cart&file=cart");
			return 0;
		} else if($this->exists() == 1 && ($userinfo['type'] == "guest" && $cartconfig->value("guestCheckout") != 1)){
			header("Location: modules.php?name=Shopping_Cart&file=account&c_op=guestLogin");
			return 0;
		} else if($userinfo['type'] != "user" && $userinfo['type'] != "guest"){
			header("Location: modules.php?name=Shopping_Cart");
			return 0;
		} else if($this->value('shipMethod') == 0){
			die(""._EMPORIUM_MODULE_CHECKOUT_NODEFAULTSHIPPINGMETHOD."");
			return 0;
		} else {
			return 1;
		}
	}
	
	function value($column){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$checkout_sql = $db->sql_query("SELECT ".$column." FROM ".$prefix."_cart_preorders WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		list($data) = $db->sql_fetchrow($checkout_sql);
		return $data;
	}
	
	function update($column, $value){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$db->sql_query("UPDATE ".$prefix."_cart_preorders SET ".$column." = '".$value."' WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$this->load_values();
	}
	
	function create_preorder(){
		global $prefix, $db, $config;
		$userinfo = cartuserinfo();
		$this->delete_checkout();
		$item_sql = $db->sql_query("select * from ".$prefix."_cart_cartitems where userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$item_rows = $db->sql_numrows($item_sql);
		if($item_rows > 0){
			$shipping_sql = $db->sql_query("SELECT shipping_id, shipping_label FROM ".$prefix."_cart_shipping WHERE shipping_default='1'");
			list($shipping_id, $shipping_label) = $db->sql_fetchrow($shipping_sql);
			$payment_sql = $db->sql_query("SELECT payment_id, payment_label FROM ".$prefix."_cart_payments WHERE payment_default='1'");
			list($payment_id, $payment_label) = $db->sql_fetchrow($payment_sql);
			$expiry = time() + 3600;
			$db->sql_query("INSERT INTO ".$prefix."_cart_preorders VALUES ('$userinfo[user_id]', '".addslashes($userinfo['type'])."', '', '', '', '', '', '', '', '', '".addslashes($shipping_id)."', '".addslashes($shipping_label)."', '', '', '', '', '', '', '', '', '', '', '', '', '".addslashes($payment_id)."', '".addslashes($payment_label)."', '', '0', '0', '0', '0', '0', '$expiry')");
			$result = $db->sql_query("SELECT itemID, prodID, qty, optID FROM ".$prefix."_cart_cartitems WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
			while (list($item_id, $product_id, $qty, $optID) = $db->sql_fetchrow($result)) {
				$product = cartproductinfo($product_id);
				$brand = new emporium_brand($product['brand_id']);
				$item = cartiteminfo($item_id);
				$productTotal = $productTotal + ($item['itemcost'] * $qty);
				$db->sql_query("INSERT INTO ".$prefix."_cart_preorders_cartitems VALUES ('".$userinfo['user_id']."', '".addslashes($userinfo['type'])."', '$item_id', '$product_id', '".addslashes(cartStringFormat($product['prodCode']))."', '".addslashes(cartStringFormat($product['prodName']))."', '".addslashes(cartStringFormat($brand->brand_name))."', '".addslashes(cartStringFormat($product['prodModel']))."', '".addslashes($item['itemcost'])."', '$qty')");
				if ($optID != ''){
					$optIDarray = explode(";", $optID);
					for($i = 0; $i < count($optIDarray); $i++){
						$optIDvar = explode(":", $optIDarray[$i]);
						$optionInfo = cartselectioninfo($optIDvar[0]);
						if($optIDvar[1] == '' && ($optionInfo['optionType'] != 'textarea' && $optionInfo['optionType'] != 'textfield')){
							$db->sql_query("INSERT INTO ".$prefix."_cart_preorders_cartitems_options VALUES ('".$userinfo['user_id']."', '".addslashes($userinfo['type'])."', '$item_id', '".$optionInfo['optionID']."', '".addslashes(cartStringFormat($optionInfo['optionName']))."', '".$optionInfo['selectionID']."', '".addslashes(cartStringFormat($optionInfo['selectionName']))."', '".addslashes($optionInfo['selectionAction'])."', '".addslashes($optionInfo['selectionValue'])."')");
						} else {
							$optIDvar[1] = cartreformatArray($optIDvar[1]);
							$db->sql_query("INSERT INTO ".$prefix."_cart_preorders_cartitems_options VALUES ('".$userinfo['user_id']."', '".addslashes($userinfo['type'])."', '$item_id', '".$optionInfo['optionID']."', '".addslashes(cartStringFormat($optionInfo['selectionName']))."', '".$optionInfo['selectionID']."', '".addslashes(cartStringFormat($optIDvar[1]))."', '".addslashes($optionInfo['selectionAction'])."', '".addslashes($optionInfo['selectionValue'])."')");
						}
					}
				}
			}
			$db->sql_query("UPDATE ".$prefix."_cart_preorders SET productTotal='$productTotal' WHERE userID='$userinfo[user_id]' AND userType='$userinfo[type]'");
		}
	}
	
	function order_weight(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$order_weight = 0;
		$result = $db->sql_query("SELECT prodID, qty FROM ".$prefix."_cart_preorders_cartitems WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		while (list($prodID, $qty) = $db->sql_fetchrow($result)) {
			$result2 = $db->sql_query("SELECT shipweight FROM ".$prefix."_cart_products WHERE prodID='".$prodID."'");
			list($shipweight) = $db->sql_fetchrow($result2);
			$order_weight = $order_weight + ($shipweight * $qty);
		}
		return $order_weight;
	}
	
	function number_of_items(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$item_sql = $db->sql_query("SELECT * FROM ".$prefix."_cart_preorders_cartitems where userID='$userinfo[user_id]' AND userType='$userinfo[type]'");
    	$items = $db->sql_numrows($item_sql);
    	return $items;
	}
	
	function valid_shipping($shipping_id){
		global $prefix, $db;
		$shipping_sql = $db->sql_query("SELECT * FROM ".$prefix."_cart_shipping where shipping_id='$shipping_id' AND shipping_active='1'");
    	$shipping_rows = $db->sql_numrows($shipping_sql);
		if($shipping_rows == 1){
			return 1;
		} else {
			return 0;
		}
	}
	
	function update_shipping_data($shipping_id){
		global $prefix, $db;
		$result = $db->sql_query("select shipping_id, shipping_label from ".$prefix."_cart_shipping where shipping_id='$shipping_id' and shipping_active='1'");
    	list($shipping_id, $shipping_label) = $db->sql_fetchrow($result);
		$this->update('shipMethod', $shipping_id);
		$this->update('shipMethodName', $shipping_label);
		$this->update('shipMethodData', '');
		$this->load_values();
	}
	
	function valid_payment($payment_id){
		global $prefix, $db;
		$payment_sql = $db->sql_query("select * from ".$prefix."_cart_payments where payment_id='$payment_id' AND payment_active='1'");
    	$payment_rows = $db->sql_numrows($payment_sql);
		if($payment_rows == 1){
			return 1;
		} else {
			return 0;
		}
	}
	
	function update_payment_data($payment_id){
		global $prefix, $db;
		$result = $db->sql_query("select payment_id, payment_label from ".$prefix."_cart_payments where payment_id='$payment_id' and payment_active='1'");
    	list($payment_id, $payment_label) = $db->sql_fetchrow($result);
		$this->update('payMethod', $payment_id);
		$this->update('payMethodName', $payment_label);
		$this->update('payMethodData', '');
		$this->load_values();
	}
	
	function update_shipping_cost(){
		global $prefix, $db;
		$shipping = init_class_shipping($this->value('shipMethod'));
		if ($shipping->exists()){
			$shipping_method = $shipping->load_module();
			$shipping_quote = $shipping_method->quote();
			$this->update('shipTotal', $shipping_quote);
		}
		$this->load_values();
	}
	
	function update_handling_cost(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$handlingTotal = 0;
		$shipping_method = new emporium_shipping($this->value('shipMethod'));
		if($shipping_method->include_handling == 1){
			$checkout_items = $db->sql_query("SELECT itemID, prodID, qty FROM ".$prefix."_cart_preorders_cartitems WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
			while (list($item_id, $product_id, $qty) = $db->sql_fetchrow($checkout_items)) {
				$product = cartproductinfo($product_id);
				$handlingTotal = $handlingTotal + ($product['handlingcost'] * $qty);
			}
		}
		$this->update('handlingTotal', $handlingTotal);
		$this->load_values();
	}
	
	function update_tax_cost(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		//compute taxes
		$taxTotal = 0.00;
		$result = $db->sql_query("SELECT itemID, prodID, itemCost, qty FROM ".$prefix."_cart_preorders_cartitems WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."' order by itemID asc");
		while (list($iid, $sid, $itemCost, $qty) = $db->sql_fetchrow($result)) { 
			$productInfo = cartproductinfo($sid);
			$statetaxpercent = 0.00;
			$statetaxflat = 0.00; 
			$statetaxresult = $db->sql_query("select tax_value_percent, tax_value_flat from ".$prefix."_cart_taxes_classes_locations where tax_class_id='$productInfo[tax_class_id]' AND location_id='".$this->value('shipState')."' AND location_type='STATE'");
			$numrows = $db->sql_numrows($statetaxresult);	
			if ($numrows > 0){
				while(list($tax_value_percent, $tax_value_flat) = $db->sql_fetchrow($statetaxresult)){
					$statetaxpercent = $tax_value_percent;
					$statetaxflat = $tax_value_flat; 
				}
			}
			$countrytaxpercent = 0.00; 
			$countrytaxflat = 0.00;
			$countrytaxresult = $db->sql_query("select tax_value_percent, tax_value_flat from ".$prefix."_cart_taxes_classes_locations where tax_class_id='$productInfo[tax_class_id]' AND location_id='".$this->value('shipCountry')."' AND location_type='COUNTRY'");
			$numrows = $db->sql_numrows($countrytaxresult);	
			if ($numrows > 0){
				while(list($tax_value_percent, $tax_value_flat) = $db->sql_fetchrow($countrytaxresult)){
					$countrytaxpercent = $tax_value_percent; 
					$countrytaxflat = $tax_value_flat;
				}
			}
			$taxpercent = ($statetaxpercent + $countrytaxpercent) / 100;
			$taxflat = $countrytaxflat + $statetaxflat;
			$productTax = ((($itemCost * $taxpercent) + $taxflat) * $qty);
			$taxTotal = $taxTotal + $productTax;
		}
		//compute shipping tax
		$shipping_info = new emporium_shipping($this->value('shipMethod'));
		$statetaxpercent = 0.00;
		$statetaxflat = 0.00; 
		$statetaxresult = $db->sql_query("select tax_value_percent, tax_value_flat from ".$prefix."_cart_taxes_classes_locations where tax_class_id='".$shipping_info->tax_class_id."' AND location_id='".$this->value('shipState')."' AND location_type='STATE'");
		$numrows = $db->sql_numrows($statetaxresult);	
		if ($numrows > 0){
			while(list($tax_value_percent, $tax_value_flat) = $db->sql_fetchrow($statetaxresult)){
				$statetaxpercent = $tax_value_percent;
				$statetaxflat = $tax_value_flat; 
			}
		}
		$countrytaxpercent = 0.00; 
		$countrytaxflat = 0.00;
		$countrytaxresult = $db->sql_query("select tax_value_percent, tax_value_flat from ".$prefix."_cart_taxes_classes_locations where tax_class_id='".$shipping_info->tax_class_id."' AND location_id='".$this->value('shipCountry')."' AND location_type='COUNTRY'");
		$numrows = $db->sql_numrows($countrytaxresult);	
		if ($numrows > 0){
			while(list($tax_value_percent, $tax_value_flat) = $db->sql_fetchrow($countrytaxresult)){
				$countrytaxpercent = $tax_value_percent; 
				$countrytaxflat = $tax_value_flat;
			}
		}
		$taxpercent = ($statetaxpercent + $countrytaxpercent) / 100;
		$taxflat = $countrytaxflat + $statetaxflat;
		$shipTax = ((($this->value('shipTotal') + $this->value('handlingTotal')) * $taxpercent) + $taxflat);
		$taxTotal = $taxTotal + $shipTax;
		//save
		$this->update('taxTotal', $taxTotal);
		$this->load_values();
	}	
	
	
	function delete_checkout(){
		global $prefix, $db;
		$userinfo = cartuserinfo();
		$db->sql_query("DELETE FROM ".$prefix."_cart_preorders WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$db->sql_query("DELETE FROM ".$prefix."_cart_preorders_cartitems WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
		$db->sql_query("DELETE FROM ".$prefix."_cart_preorders_cartitems_options WHERE userID='".$userinfo['user_id']."' AND userType='".$userinfo['type']."'");
	}
	
	
	function create_order(){
		global $prefix, $db, $cartconfig;
		$userinfo = cartuserinfo();
		$this->load_values();
		//Preorder to order
		$date = date("Y-m-d H:i:s");
		$code = md5(uniqid(rand(),1));
		
		//Set Default Status 1
		$status1results = $db->sql_query("select statusID from ".$prefix."_cart_orders_status where statusType=1 and status_default = 1");
		$numrows = $db->sql_numrows($status1results);
		if($numrows == 1){
			while (list($status_id) = $db->sql_fetchrow($status1results)) {
				$default_order_status_1 = $status_id;
			}
		} else {
			$default_order_status_1 = 0;
		}
		
		//Set Default Status 2
		$status2results = $db->sql_query("select statusID from ".$prefix."_cart_orders_status where statusType=2 and status_default=1");
		$numrows = $db->sql_numrows($status2results);
		if($numrows == 1){
			while (list($status_id) = $db->sql_fetchrow($status2results)) {
				$default_order_status_2 = $status_id;
			}
		} else {
			$default_order_status_2 = 0;
		}
			 
		//Insert Order Data
		$db->sql_query("INSERT INTO ".$prefix."_cart_orders VALUES (
			'NULL', 
			'$userinfo[user_id]', 
			'$userinfo[type]', 
			'$this->shipFirstName', 
			'$this->shipLastName', 
			'$this->shipAddress1', 
			'$this->shipAddress2', 
			'$this->shipCity', 
			'$this->shipStateName', 
			'$this->shipZip', 
			'$this->shipCountryName', 
			'$this->shipMethod', 
			'$this->shipMethodName', 
			'$this->shipMethodData', 
			'$this->billEmail', 
			'$this->billFirstName', 
			'$this->billLastName', 
			'$this->billAddress1', 
			'$this->billAddress2', 
			'$this->billCity', 
			'$this->billStateName', 
			'$this->billZip', 
			'$this->billCountryName', 
			'$this->billDayPhone', 
			'$this->billEvePhone', 
			'$this->payMethod', 
			'$this->payMethodName', 
			'$this->payMethodData', 
			'$this->productTotal', 
			'$this->shipTotal',	
			'$this->handlingTotal', 
			'$this->taxTotal', 
			'$date', 
			'', 
			'$date', 
			'$default_order_status_1', 
			'$default_order_status_2', 
			'', 
			'0', 
			'0', 
			'$code'
			)"
		);
		
		//Find Order ID
		$orderresult = $db->sql_query("SELECT orderID FROM ".$prefix."_cart_orders WHERE orderDate='$date' AND code='$code' AND userID='$userinfo[user_id]' AND userType='$userinfo[type]'");
    	list($orderID) = $db->sql_fetchrow($orderresult);
    	
    	//Move products/options
		$result = $db->sql_query("SELECT itemID, prodID, prodCode, prodName, prodBrand, prodModel, itemCost, qty FROM ".$prefix."_cart_preorders_cartitems WHERE userID='$userinfo[user_id]' AND userType='$userinfo[type]' order by itemID asc");
		while (list($iid, $sid, $prodCode, $prodName, $prodBrand, $prodModel, $itemCost, $qty) = $db->sql_fetchrow($result)) {
			$product = cartproductinfo($sid);
			
			//Remove stock
			if($cartconfig->value("autoStockRemove") == 1){
				if($product['stockActive'] == 1){
					$db->sql_query("UPDATE ".$prefix."_cart_products SET stockQuantity=stockQuantity-$qty WHERE prodID='$sid'");
				}
				$qtyremain = 0;
			} else {
				$qtyremain = $qty;
			}
			
			$db->sql_query("INSERT INTO ".$prefix."_cart_orders_cartitems VALUES ('$orderID', '$userinfo[user_id]', '$userinfo[type]', '$iid', '$sid', '".cartStringFormat($prodCode)."', '".cartStringFormat($prodName)."', '".cartStringFormat($prodBrand)."', '".cartStringFormat($prodModel)."', '$itemCost', '$qty', '$qtyremain')");
			$result2 = $db->sql_query("select * from ".$prefix."_cart_preorders_cartitems where itemID='$iid'");
    		$numrows = $db->sql_numrows($result2);	
        	if ($numrows > 0){
				$optionresult = $db->sql_query("select optionID, optionName, selectionID, selectionName, selectionAction, selectionValue from ".$prefix."_cart_preorders_cartitems_options where itemID='$iid'");
				while(list($optionID, $optionName, $selectionID, $selectionName, $selectionAction, $selectionValue) = $db->sql_fetchrow($optionresult)){
					$db->sql_query("INSERT INTO ".$prefix."_cart_orders_cartitems_options VALUES ('$orderID', '$userinfo[user_id]', '$userinfo[type]', '$iid', '$optionID', '".cartStringFormat($optionName)."', '$selectionID', '".cartStringFormat($selectionName)."', '$selectionAction', '$selectionValue')");
				}
			}
		}
			
			
		//Delete Checkout
		$db->sql_query("DELETE FROM ".$prefix."_cart_cartitems WHERE userID='$userinfo[user_id]' AND userType='$userinfo[type]'");
		$this->delete_checkout();
			
		//Email Receipts
		include("modules/Shopping_Cart/mail/receipts.php");
		if($cartconfig->value("userereceipt") == 1){ cartUserReceipt($orderID); }
		if($cartconfig->value("adminereceipt") == 1){ cartAdminReceipt($orderID); }
			
		//Order complete
		return $orderID;
	}

}

?>