cart_count==0) { redirect("http://".$siteset[domain]."/cart.php","Your Cart is empty now!
..."); exit; } //order item info : Item Name & Subtotal & Item_Total $items=$cart->Get_Cart_Count()>0?$cart->cart_item:0; $subtotal=array(); //Per Item's sub-total value $itemname=array(); $item_total=0; //All Items' Total(except tax&shipping) if($items) { foreach($items as $key=>$item) { if($item) { $sub=number_format(($item[3]*$item[4]), 2, '.', ''); array_push($subtotal,$sub); array_push($itemname,$item[1]); } } foreach($subtotal as $stotal) $item_total=number_format(($item_total+$stotal),2,'.',''); } $tpl->assign("subtotal",$subtotal); $tpl->assign("item_total",$item_total); $tpl->assign("itemname",$itemname); unset($subtotal,$itemname); ######################POST Confirmation if($_POST[step]=="confirm") { //if have not post payment form: if($_SESSION[post_payment][step]!="payment") { redirect("checkout.php","You don't seem to have posted your payment info..."); exit; } //the same order form is not allowed to post>1times if (!session_is_registered("confirmtimes")) { $confirmtimes=0; session_register("confirmtimes"); } $confirmtimes++; if($confirmtimes==1) { //Insert DB(orderinfo,order_form) info: //$spid=substr(uniqid(""),5); $ordertime=time(); $totalvalue=$_SESSION[total]; $tax=$_SESSION[tax]; $shippingcost=$_SESSION[shippingcost]; foreach($_SESSION[post_shipping] as $key=>$shippingval) $$key=$shippingval; foreach($_SESSION[post_payment] as $key=>$paymentval) $$key=$paymentval; $card_expire=$Date_Day."/".$Date_Month."/".$Date_Year; $insert_ids=array(); if(is_array($items)) foreach($items as $item) { if($item) { $db->query("INSERT INTO orderinfo (product_id,product_name,price,quantity) VALUES ('".addslashes($item[0])."','".addslashes($item[1])."','".addslashes($item[3])."','".addslashes($item[4])."')"); array_push($insert_ids,$db->insert_id()); } } $insert_ids=implode(",",$insert_ids); $qry="INSERT INTO order_form (orderinfo,totalvalue,tax,firstname,lastname,companyname,email,phone,address1,address2,country,city,state,zip,message,ordertime,shipping_id,shipping_fee,payment_id,account_number,account_holder,card_expire,firstname2,lastname2,companyname2,email2,phone2,address12,address22,country2,city2,state2,zip2) VALUES ('".addslashes($insert_ids)."','".addslashes($totalvalue)."','".addslashes($tax)."','".addslashes($firstname)."','".addslashes($lastname)."','".addslashes($companyname)."', '".addslashes($email)."','".addslashes($phone)."','".addslashes($address1)."','".addslashes($address2)."','".addslashes($country)."','".addslashes($city)."', '".addslashes($state)."','".addslashes($zip)."','".addslashes($message)."','".intval($ordertime)."','".intval($shipping_id)."','".addslashes($shippingcost)."','".intval($payment_id)."','".addslashes($account_number)."','".addslashes($account_holder)."','".addslashes($card_expire)."','".addslashes($firstname2)."','".addslashes($lastname2)."','".addslashes($companyname2)."', '".addslashes($email2)."','".addslashes($phone2)."','".addslashes($address12)."','".addslashes($address22)."','".addslashes($country2)."','".addslashes($city2)."', '".addslashes($state2)."','".addslashes($zip2)."')"; $db->query($qry); //Create orderid $formid=$db->insert_id(); $orderid=create_orderid($formid); $db->query("UPDATE orderinfo SET formid='".addslashes($orderid)."' WHERE id in($insert_ids) "); $db->query("UPDATE order_form SET spid='".addslashes($orderid)."' WHERE id='$formid'"); session_unregister("confirmtimes"); session_unregister("cart"); session_destroy(); $tpl->assign("spid",$orderid); $done=1; } $success_info=$db->get_col("SELECT success_info FROM siteinfo"); $success_info=$success_info[0]; $tpl->assign("success_info",$success_info); unset($success_info); $output=$tpl->fetch("checkout_success_done.htm"); echo str_replace($tpl_imgdir_name, $tpl->template_dir.$tpl_imgdir_name,$output); exit; } ###################### //payment method $qry="SELECT * FROM payment"; $payment_id=$db->get_col($qry,0); $payment_name=$db->get_col(NULL,1); $tpl->assign("payment_id",$payment_id); $tpl->assign("payment_name",$payment_name); unset($payment_id,$payment_name); ######################POST Payment info. if($_POST[step]=="payment") { //if have not post shipping info. if($_SESSION[post_shipping][step]!="shipping") { redirect("checkout.php","You don't seem to have entered your billing/shipping info..."); exit; } $account_number=trim($_POST[account_number]); $message=trim($_POST[message]); //Check payment input if(empty($account_number)) $tpl->assign("accountnum_0","Your Card/Account Number is required."); if(empty($_POST[payment_id])) $tpl->assign("payid_0","You don't seem to have chose a Credit Card."); $tpl_vars = $tpl->get_template_vars(); $invalid=($tpl_vars[accountnum_0] || $tpl_vars[payid_0]); unset($tpl_vars); //post payment form is invalid if($invalid) { $output=$tpl->fetch("checkout_payment.htm"); echo str_replace($tpl_imgdir_name, $tpl->template_dir.$tpl_imgdir_name,$output); exit; } //payment form is valid $paymentname=$db->get_col("SELECT name,description FROM payment WHERE id=$_POST[payment_id]",0); $paymentinfo=$db->get_col(NULL,1); $paymentname=$paymentname[0]; $paymentinfo=$paymentinfo[0]; $tpl->assign("paymentname",$paymentname); $tpl->assign("paymentinfo",$paymentinfo); unset($paymentname,$paymentinfo); $post_payment=$_POST; session_register("post_payment"); //print_rr($_SESSION); //Show Confirmation page $output=$tpl->fetch("checkout_confirm.htm"); echo str_replace($tpl_imgdir_name, $tpl->template_dir.$tpl_imgdir_name,$output); exit; } ###################### //shipping method $qry="SELECT * FROM shipping"; $shipping_id=$db->get_col($qry,0); $shipping_name=$db->get_col(NULL,1); $shipping_price=$db->get_col(NULL,2); $tpl->assign("shipping_id",$shipping_id); $tpl->assign("shipping_name",$shipping_name); $tpl->assign("shipping_price",$shipping_price); unset($shipping_id,$shipping_name,$shipping_price); ######################POST Shipping info. if($_POST[step]=="shipping") { //firstname:Shipping | firstname2:Billing $firstname=trim($_POST[firstname]); $firstname2=trim($_POST[firstname2]); $lastname=trim($_POST[lastname]); $lastname2=trim($_POST[lastname2]); $email=trim($_POST[email]); $email2=trim($_POST[email2]); $phone=trim($_POST[phone]); $phone2=trim($_POST[phone2]); $address1=trim($_POST[address1]); $address12=trim($_POST[address12]); $city=trim($_POST[city]); $city2=trim($_POST[city2]); $zip=trim($_POST[zip]); $zip2=trim($_POST[zip2]); //Check the post form if(empty($firstname)) $tpl->assign("firstname_0","err"); if(empty($firstname2)) $tpl->assign("firstname2_0","err"); if(empty($lastname)) $tpl->assign("lastname_0","err"); if(empty($lastname2)) $tpl->assign("lastname2_0","err"); if(empty($email)) $tpl->assign("email_0","err"); if(empty($email2)) $tpl->assign("email2_0","err"); if(empty($phone)) $tpl->assign("phone_0","err"); if(empty($phone2)) $tpl->assign("phone2_0","err"); if(empty($address1)) $tpl->assign("address1_0","err"); if(empty($address12)) $tpl->assign("address12_0","err"); if(empty($city)) $tpl->assign("city_0","err"); if(empty($city2)) $tpl->assign("city2_0","err"); if(empty($state)) $tpl->assign("state_0","err"); if(empty($state2)) $tpl->assign("state2_0","err"); if(empty($country)) $tpl->assign("country_0","err"); if(empty($country2)) $tpl->assign("country2_0","err"); if(empty($zip)) $tpl->assign("zip_0","err"); if(empty($zip2)) $tpl->assign("zip2_0","err"); if(empty($_POST[shipping_id])) $tpl->assign("shipping_id_0","err"); if($country != $country2) $tpl->assign("country_err","err"); if (!eregi("^([a-z.0-9_-])+@([a-zZ0-9_-])+(\.[a-z0-9_-])+[a-z]{2,3}$",$email)) $tpl->assign("email_err","err"); if (!eregi("^([a-z.0-9_-])+@([a-zZ0-9_-])+(\.[a-z0-9_-])+[a-z]{2,3}$",$email2)) $tpl->assign("email_err2","err"); $tpl_vars = $tpl->get_template_vars(); $valid=1; foreach($tpl_vars as $var) { if($var=="err") $valid=0; } //$valid=!($tpl_vars[firstname_0] || $tpl_vars[lastname_0] || $tpl_vars[email_0] || $tpl_vars[phone_0] || $tpl_vars[address1_0] || $tpl_vars[city_0] || $tpl_vars[state_0] || $tpl_vars[zip_0] || $tpl_vars[shipping_id_0] || $tpl_vars[email_err1] || $tpl_vars[email_err2]); unset($tpl_vars); if($valid) //shipping Form is valid { ###====Recalculate Order Total Value====### require "tax_shipping_config.php"; //calculate Tax: $tax= calculate_tax($item_total,$state); $total=number_format(($item_total+$tax),2,'.',''); //calulate Shipping: $shippingcost=calculate_shipping($_POST[shipping_id],$total); $total=number_format(($total+$shippingcost),2,'.',''); $tpl->assign("shippingcost",$shippingcost); $tpl->assign("tax",$tax); $tpl->assign("total",$total); $post_shipping=$_POST; session_register("post_shipping"); session_register("item_total"); session_register("shippingcost"); session_register("tax"); session_register("total"); $taxrate=$taxrate_in_the_zone; session_register("taxrate"); $shippingname=$db->get_var("SELECT name FROM shipping WHERE id=$_POST[shipping_id]"); session_register("shippingname"); //print_rr($_SESSION); //Show Payment page $output=$tpl->fetch("checkout_payment.htm"); echo str_replace($tpl_imgdir_name, $tpl->template_dir.$tpl_imgdir_name,$output); exit; } //Form is invalid } ###################### /* $tpl_vars = $tpl->get_template_vars(); print_rr($tpl_vars); */ $output=$tpl->fetch("checkout_,ahp2004.htm"); echo str_replace($tpl_imgdir_name, $tpl->template_dir.$tpl_imgdir_name,$output); ?>