From e470aa7d5c85a044f3a99a26184d23c4b4bb3219 Mon Sep 17 00:00:00 2001 From: Chuck Scott Date: Fri, 10 Nov 2017 15:57:05 -0500 Subject: [PATCH] Completed processing at checkout - A few minor things to complete related to checkout. Cleaned up some issues with password and login and fixed duplicating accounts and requests. Built checkout summary and summary page. Updated database to store more infomration at checkout. --- classes/data/dataRegRequest.php | 42 ++- config/plugin.ini | 55 +-- defines.php | 5 +- index.php | 4 +- models/admin/ajax/account.php | 58 ++-- models/admin/ajax/regFront/account.php | 2 - models/admin/ajax/summaryContent.php | 100 ++++++ models/admin/registrations/accounts.php | 9 +- models/front/registrations/checkout.php | 20 +- .../front/registrations/checkoutProcess.php | 314 ++++++++++++++++-- models/front/registrations/login.php | 94 +++--- models/front/registrations/register.php | 2 +- models/front/registrations/summary.php | 22 +- ...0.0.17.sql => create_database_V0.0.18.sql} | 11 +- setup/databaseScripts/dbVersions.php | 3 +- ..._V0.0.17.sql => drop_database_V0.0.18.sql} | 0 .../update_database_V0.0.18.sql | 37 +++ setup/validActions.php | 3 +- views/front/registrations/checkout.html | 25 +- views/front/registrations/list.html | 2 +- views/front/registrations/summary.html | 17 + views/front/registrations/summaryStore.html | 193 +++++++++++ 22 files changed, 880 insertions(+), 138 deletions(-) create mode 100644 models/admin/ajax/summaryContent.php rename setup/databaseScripts/{create_database_V0.0.17.sql => create_database_V0.0.18.sql} (98%) rename setup/databaseScripts/{drop_database_V0.0.17.sql => drop_database_V0.0.18.sql} (100%) create mode 100644 setup/databaseScripts/update_database_V0.0.18.sql create mode 100644 views/front/registrations/summaryStore.html diff --git a/classes/data/dataRegRequest.php b/classes/data/dataRegRequest.php index fe1eec1..b7a508b 100644 --- a/classes/data/dataRegRequest.php +++ b/classes/data/dataRegRequest.php @@ -239,6 +239,20 @@ class GlmDataRegistrationsRegRequest extends GlmDataAbstract 'use' => 'a' ), + // + 'bill_phone' => array ( + 'field' => 'bill_phone', + 'type' => 'text', + 'use' => 'a' + ), + + // + 'bill_email' => array ( + 'field' => 'bill_email', + 'type' => 'text', + 'use' => 'a' + ), + // 'date_submitted' => array ( 'field' => 'date_submitted', @@ -255,13 +269,6 @@ class GlmDataRegistrationsRegRequest extends GlmDataAbstract 'use' => 'a' ), - // Pointer to user account (table: account) who submitted the registrations - 'payment_code' => array ( - 'field' => 'payment_code', - 'type' => 'text', - 'use' => 'lgneud' - ), - // See submission_status in plugin.ini 'status' => array ( 'field' => 'status', @@ -278,6 +285,20 @@ class GlmDataRegistrationsRegRequest extends GlmDataAbstract 'use' => 'a' ), + // Total discounts + 'total_discounts' => array ( + 'field' => 'total_discounts', + 'type' => 'money', + 'use' => 'a' + ), + + // Total registrants + 'registrants' => array ( + 'field' => 'registrants', + 'type' => 'integer', + 'use' => 'a' + ), + // Credit Card type (if used) - See credit_card in plugin.ini 'cc_type' => array ( 'field' => 'cc_type', @@ -322,6 +343,13 @@ class GlmDataRegistrationsRegRequest extends GlmDataAbstract 'use' => 'a' ), + // Message received from payment processor + 'cc_proc_mesg' => array ( + 'field' => 'cc_proc_mesg', + 'type' => 'text', + 'use' => 'a' + ), + // HTML summary of cart contents, costs and payment - Use same HTML displayed to user 'summary' => array ( 'field' => 'summary', diff --git a/config/plugin.ini b/config/plugin.ini index a39400d..49019dd 100644 --- a/config/plugin.ini +++ b/config/plugin.ini @@ -147,6 +147,25 @@ proc_test_mode_numb['Local Decline Test'] = 2 proc_test_mode_numb['On-Line Test'] = 3 proc_test_mode_numb['Production Mode'] = 0 +; +; Card processor result codes +; +proc_result[1] = 'Card approved' +proc_result[2] = 'Bad data supplied to credit card processor' +proc_result[3] = 'Communications failure with credit card processor' +proc_result[4] = 'Bad response from the credit card processor' +proc_result[5] = 'Credit card processor says transaction is not valid' +proc_result[6] = 'Merchant account is not recognized by the credit card processor' +proc_result[7] = 'Credit card has been declined' + +proc_result_numb['Approved'] = 1 +proc_result_numb['BadData'] = 2 +proc_result_numb['CommFailure'] = 3 +proc_result_numb['BadResponse'] = 4 +proc_result_numb['NotValid'] = 5 +proc_result_numb['BadAccount'] = 6 +proc_result_numb['Declined'] = 7 + ; ; Billing Field - Use as Bitmap Index only ; @@ -180,34 +199,26 @@ billing_field_numb['FAX'] = 12 ; Submission Status - Use as list only ; submission_status[0] = 'CART' -submission_status[10] = 'UNPAID' -submission_status[20] = 'CC_PEND' -submission_status[30] = 'CC_PAID' +submission_status[10] = 'COMPLETE' +submission_status[20] = 'UNPAID' +submission_status[30] = 'CC_PEND' submission_status[40] = 'CC_DECL' submission_status[50] = 'CHECK_PEND' -submission_status[60] = 'CHECK_PAID' -submission_status[70] = 'COMP' -submission_status[80] = 'AT_EVENT' -submission_status[90] = 'CASH_PAID' -submission_status[100] = 'NO_CHARGE' -submission_status[110] = 'OTHER_ADMIN' -submission_status[120] = 'FAILED' -submission_status[130] = 'CANCELED' +submission_status[60] = 'AT_EVENT' +submission_status[70] = 'ADMIN HOLD' +submission_status[80] = 'FAILED' +submission_status[99] = 'CANCELED' submission_status_numb['CART'] = 0 -submission_status_numb['UNPAID'] = 10 -submission_status_numb['CC_PEND'] = 20 -submission_status_numb['CC_PAID'] = 30 +submission_status_numb['COMPLETE'] = 10 +submission_status_numb['UNPAID'] = 20 +submission_status_numb['CC_PEND'] = 30 submission_status_numb['CC_DECL'] = 40 submission_status_numb['CHECK_PEND'] = 50 -submission_status_numb['CHECK_PAID'] = 60 -submission_status_numb['COMP'] = 70 -submission_status_numb['AT_EVENT'] = 80 -submission_status_numb['CASH_PAID'] = 90 -submission_status_numb['NO_CHARGE'] = 100 -submission_status_numb['OTHER_ADMIN'] = 110 -submission_status_numb['FAILED'] = 120 -submission_status_numb['CANCELED'] = 130 +submission_status_numb['AT_EVENT'] = 60 +submission_status_numb['ADMIN_HOLD'] = 70 +submission_status_numb['FAILED'] = 80 +submission_status_numb['CANCELED'] = 99 ; ; Additional Information Field Types diff --git a/defines.php b/defines.php index 29b717b..abd0fa5 100644 --- a/defines.php +++ b/defines.php @@ -72,4 +72,7 @@ define('GLM_MEMBERS_REGISTRATIONS_MAIN_PLUGIN_LIB_PATH', GLM_MEMBERS_REGISTRATIO define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_LIB_PATH', GLM_MEMBERS_REGISTRATIONS_PLUGIN_PATH.'/lib'); // Update Server -define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_UPDATE_SERVER', 'http://www.gaslightmedia.com/update_server'); \ No newline at end of file +define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_UPDATE_SERVER', 'http://www.gaslightmedia.com/update_server'); + +// Security Secret +define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_SECRET', 'reGS3creTt!4THis'); \ No newline at end of file diff --git a/index.php b/index.php index 01c8305..ff1b589 100644 --- a/index.php +++ b/index.php @@ -44,10 +44,10 @@ if (!defined('ABSPATH')) { * version from this plugin. */ define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_VERSION', '0.0.1'); -define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_VERSION', '0.0.17'); +define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_VERSION', '0.0.18'); // This is the minimum version of the GLM Members DB plugin require for this plugin. -define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION', '2.10.10'); +define('GLM_MEMBERS_REGISTRATIONS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION', '2.10.17'); // Check if plugin version is not current in WordPress option and if needed updated it if (GLM_MEMBERS_REGISTRATIONS_PLUGIN_VERSION != get_option('glmMembersRegistrationsPluginVersion')) { diff --git a/models/admin/ajax/account.php b/models/admin/ajax/account.php index f5e6482..962cff2 100644 --- a/models/admin/ajax/account.php +++ b/models/admin/ajax/account.php @@ -122,7 +122,7 @@ class GlmMembersAdmin_ajax_account extends GlmDataRegistrationsAccount 'date_created' => date('Y-m-d'), 'active' => 1, 'email' => $email, - 'password' => crypt( $password ), + 'password' => password_hash($password, PASSWORD_DEFAULT), 'fname' => $fname, 'lname' => $lname, 'addr1' => $addr1, @@ -176,9 +176,12 @@ class GlmMembersAdmin_ajax_account extends GlmDataRegistrationsAccount break; case 'login': + + // Get clean username (E-Mail address) and password $username = filter_var( $_REQUEST['username'], FILTER_SANITIZE_STRING ); $password = filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ); - // Check accounts for ones that match + + // Get the password from the matching user account (same E-Mail address) $returnData = $this->wpdb->get_row( $this->wpdb->prepare( "SELECT id,password,fname,lname @@ -189,26 +192,41 @@ class GlmMembersAdmin_ajax_account extends GlmDataRegistrationsAccount ), ARRAY_A ); - $returnPassword = $returnData['password']; - $returnId = $returnData['id']; - if ( $returnPassword == crypt( $password, $returnPassword ) ) { - $return = array( - 'valid' => true, - 'email' => $username, - 'id' => $returnId, - 'fname' => $returnData['fname'], - 'lname' => $returnData['lname'], - ); - // Add the user to the php session - $_SESSION['LoginAccount'] = array( - 'id' => $returnId, - 'email' => $username, - 'fname' => $returnData['fname'], - 'lname' => $returnData['lname'], - ); + + if ($this->wpdb->last_error || $returnData == NULL) { + $message = 'Login Fail'; } else { - $return = array( 'valid' => false ); + + // Get the hashed password and ID from the user account + $returnPassword = $returnData['password']; + $returnId = $returnData['id']; + + // Check to see if the sumbitted password matches the hashed password + if ( hash_equals( $password, $returnPassword ) ) { + + // Build return data for logged in account + $return = array( + 'valid' => true, + 'email' => $username, + 'id' => $returnId, + 'fname' => $returnData['fname'], + 'lname' => $returnData['lname'], + ); + + // Add the user to the php session + $_SESSION['LoginAccount'] = array( + 'id' => $returnId, + 'email' => $username, + 'fname' => $returnData['fname'], + 'lname' => $returnData['lname'], + ); + + } else { + $return = array( 'valid' => false ); + } + } + break; case 'checkEmail': diff --git a/models/admin/ajax/regFront/account.php b/models/admin/ajax/regFront/account.php index eef6857..8b47b00 100644 --- a/models/admin/ajax/regFront/account.php +++ b/models/admin/ajax/regFront/account.php @@ -81,8 +81,6 @@ class GlmMembersAdmin_registrations_ajax_account extends GlmDataRegistrationsReg public function modelAction($modelData) { -trigger_error(print_r($modelData,1)); - if ( !isset( $modelData['option'] ) ) { $option = null; } else { diff --git a/models/admin/ajax/summaryContent.php b/models/admin/ajax/summaryContent.php new file mode 100644 index 0000000..b5c5b37 --- /dev/null +++ b/models/admin/ajax/summaryContent.php @@ -0,0 +1,100 @@ + + * @license http://www.gaslightmedia.com Gaslightmedia + * @release summary.php,v 1.0 2017/11/10 19:31:47 cscott Exp $ + * @link http://dev.gaslightmedia.com/ + */ + + require_once GLM_MEMBERS_REGISTRATIONS_PLUGIN_CLASS_PATH.'/data/dataRegRequest.php'; + + class GlmMembersAdmin_ajax_summaryContent extends GlmDataRegistrationsRegRequest { + /** + * WordPress Database Object + * + * @var $wpdb + * @access public + */ + public $wpdb; + /** + * Plugin Configuration Data + * + * @var $config + * @access public + */ + public $config; + /** + * Constructor + * + * This contructor performs the work for this model. This model returns + * an array containing the following. + * + * 'status' + * + * True if successfull and false if there was a fatal failure. + * + * 'view' + * + * A suggested view name that the contoller should use instead of the + * default view for this model or false to indicate that the default view + * should be used. + * + * 'data' + * + * Data that the model is returning for use in merging with the view to + * produce output. + * + * @wpdb object WordPress database object + * + * @return array Array containing status, suggested view, and any data + */ + + public function modelAction($actionData = false) + { + + $haveRequest = false; + + // Get the reg_request ID + if (!isset($_REQUEST['request'])) { + wp_die(); + } + $requestId = ($_REQUEST['request'] - 0); + if ($requestId <= 0) { + wp_die(); + } + + // Try to get the request content + if ($requestId > 0) { + $request = $this->getEntry($requestId); + } + + if (!$request) { + wp_die(); + } + + // Get the check code + if (!isset($_REQUEST['check'])) { + wp_die(); + } + $check = $_REQUEST['check']; + + // Make sure the check code matches + $md5 = md5($requestId.GLM_MEMBERS_REGISTRATIONS_PLUGIN_SECRET.$request['account']); + if ($md5 != $check) { + wp_die(); + } + + echo $request['summary']; + + wp_die(); + + } + } diff --git a/models/admin/registrations/accounts.php b/models/admin/registrations/accounts.php index edd3c28..6433ce0 100644 --- a/models/admin/registrations/accounts.php +++ b/models/admin/registrations/accounts.php @@ -165,17 +165,18 @@ class GlmMembersAdmin_registrations_accounts extends GlmDataRegistrationsAccount $account = $this->updateEntry( $accountID ); if ( $account['status'] ) { - //echo '
$account: ' . print_r( $account, true ) . '
'; + $accountUpdated = true; + // Retrieve the Edit Entry again $account = $this->editEntry( $accountID ); - if ( $account['status'] ) { - $haveAccount = true; - } + } else { $accountUpdateError = true; } + $haveAccount = true; + $view = 'accountEdit'; break; diff --git a/models/front/registrations/checkout.php b/models/front/registrations/checkout.php index f50cf23..b9f08b5 100644 --- a/models/front/registrations/checkout.php +++ b/models/front/registrations/checkout.php @@ -58,6 +58,16 @@ class GlmMembersFront_registrations_checkout extends GlmRegCartSupport $payMethod = false; $compCode = false; + wp_register_script( + 'glm-members-admin-maskedinput', + GLM_MEMBERS_PLUGIN_JS_URL . '/jquery.maskedinput-1.2.2.js', + array( + 'jquery' + ), + GLM_MEMBERS_PLUGIN_VERSION + ); + wp_enqueue_script('glm-members-admin-maskedinput'); + $Account = new GlmDataRegistrationsAccount($this->wpdb, $this->config); // Check if we received any messages during a redirect @@ -227,7 +237,12 @@ class GlmMembersFront_registrations_checkout extends GlmRegCartSupport $Management = new GlmDataRegistrationsManagement($this->wpdb, $this->config); $management = $Management->getEntry(1); - // Compile template data + // Get misc texts + require_once GLM_MEMBERS_REGISTRATIONS_PLUGIN_CLASS_PATH.'/data/dataMisc.php'; + $Misc = new GlmDataRegistrationsMisc($this->wpdb, $this->config); + $misc = $Misc->getEntry(1); + + // Compile template data $templateData = array( 'page' => 'checkout', 'regAccountId' => $this->cart['request']['account'], @@ -243,7 +258,8 @@ class GlmMembersFront_registrations_checkout extends GlmRegCartSupport 'messages' => $messages, 'payMethod' => $payMethod, 'payMethods' => $management['reg_payment_methods']['bitmap'], - 'payMethodsNumb' => $this->config['payment_method_numb'] + 'payMethodsNumb' => $this->config['payment_method_numb'], + 'misc' => $misc ); // echo "
".print_r($templateData,1)."
"; diff --git a/models/front/registrations/checkoutProcess.php b/models/front/registrations/checkoutProcess.php index 60b0bc6..c028f35 100644 --- a/models/front/registrations/checkoutProcess.php +++ b/models/front/registrations/checkoutProcess.php @@ -87,9 +87,9 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport { $messages = array(); - $haveCheckout = false; + $cartStatus = 0; // Default to CART $requestId = false; - $accountId = false; + $accountId = 0; $regAccount = false; $modelRedirect = false; $view = 'checkout'; @@ -99,8 +99,12 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport $regPayment = false; $cardData = false; $cardTypeMatch = false; + $billing = false; + $payment = false; + $ccConfirmation = ''; $Account = new GlmDataRegistrationsAccount($this->wpdb, $this->config); + $Request = new GlmDataRegistrationsRegRequest($this->wpdb, $this->config); /* * Valid cart? @@ -152,11 +156,18 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport // Otherwise this is a guest so try to create the account using the submitted data } else { + + // Create the new account $Account = new GlmDataRegistrationsAccount($this->wpdb, $this->config); $regAccount = $Account->insertEntry(); - if (!$regAccount) { + + // If that was successful + if ($regAccount) { + $accountId = $regAccount['fieldData']['id']; + } else { $messages[] = 'Unable to create a guest account for this request. Please try again later.'; } + } // Check if there were any problems with the account information sumbission @@ -176,7 +187,7 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport reset($this->cart['events']); foreach ($this->cart['events'] as $event) { - if (!isset($_REQUEST['terms_'.$event['id']]) || $_REQUEST['terms_'.$event['id']] != 'accept') { + if (trim($event['event_terms']) != '' && (!isset($_REQUEST['terms_'.$event['id']]) || $_REQUEST['terms_'.$event['id']] != 'accept')) { $messages[] = 'You did not accept the Terms and Conditions for the '.$event['event_name'].' event.'; } } @@ -306,13 +317,11 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport $messages[] = 'You did not supply all required credit card information.'; } - // Get the correct billing data - // Build array of billing information using either the account data or the billing data as requested + // Billing data $billPrefix = 'bill_'; if (isset($_REQUEST['billing_same']) && $_REQUEST['billing_same']) { $billPrefix = ''; } - $billing = array( 'fname' => $regAccount['fieldData'][$billPrefix.'fname'], 'lname' => $regAccount['fieldData'][$billPrefix.'lname'], @@ -347,9 +356,18 @@ class GlmMembersFront_registrations_checkoutProcess extends GlmRegCartSupport // Now try to run the card processor $ccResult = $CcProcessor->processPayment($payment, $billing); -echo "
".print_r($ccResult,1)."
"; + + // If successful submission - say we're complete + if (is_array($ccResult) && isset($ccResult['status']) && $ccResult['status'] == 1) { + $cartStatus = $this->config['submission_status_numb']['COMPLETE']; + } + + // set $ccConfirmation /**** NEED TO FIX INVOICE # ABOVE ****/ + + + } break; @@ -365,16 +383,181 @@ echo "
".print_r($ccResult,1)."
"; } + /* + * Update the reg_request reccord: account id, billing, payment, status, etc... + */ - if (count($messages) == 0) { + $reqData = array(); + $reqFormat = array(); + $now = date('Y-m-d H:i:s', time()); + + // Account ID + $reqData['account'] = $accountId; + $reqFormat[] = '%d'; + + // Billing data + $reqData = array_merge( + $reqData, + array( + 'bill_fname' => $billing['fname'], + 'bill_lname' => $billing['lname'], + 'bill_org' => $regAccount['fieldData']['org'], + 'bill_title' => $regAccount['fieldData']['title'], + 'bill_addr1' => $billing['addr1'], + 'bill_addr2' => $billing['addr2'], + 'bill_city' => $billing['city'], + 'bill_state' => $billing['state'], + 'bill_zip' => $billing['zip'], + 'bill_country' => $billing['country'], + 'bill_phone' => $billing['phone'], + 'bill_phone' => $regAccount['fieldData']['email'] + ) + ); + $reqFormat = array_merge( + $reqFormat, + array( + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s', + '%s' + ) + ); + // If COMPLETE, save date, pay method, status, total + if ($cartStatus == $this->config['submission_status_numb']['COMPLETE']) { + + // Get the HTML cart summary + $summary = ''; +/*** NEED TO BUILD SUMMARY ***/ + + $reqData = array_merge( + $reqData, + array( + 'date_submitted' => $now, + 'pay_method' => $payMethod, + 'status' => $cartStatus, + 'total' => $payment['charge'], + 'total_discounts' => $this->cart['totalDiscounts'], + 'registrants' => $this->cart['totalRegistrants'] + ) + ); + $reqFormat = array_merge( + $reqFormat, + array( + '%s', + '%d', + '%d', + '%f', + '%f', + '%d' + ) + ); } + // Last update time + $reqData['last_update'] = $now; + $reqFormat[] = '%s'; + + // User Trace data + $trace = array( + 'DateTime' => date('r'), + 'UserAddr' => $_SERVER['REMOTE_ADDR'], // IP address of user's computer + 'URI' => $_SERVER['REQUEST_URI'], // URI submitted to checkout + 'UserAgent' => $_SERVER['HTTP_USER_AGENT'], // User's browser user agent string + 'Referrer' => $_SERVER['HTTP_REFERER'], // Page user came from, should be our checkout page + 'Method' => $_SERVER['REQUEST_METHOD'] // Request method: GET, POST, ... + ); + $reqData['user_trace_info'] = serialize($trace); + $reqFormat[] = '%s'; + + // Credit Card information + $cc_numb_store = ''; + if (is_array($payment)) { + + $cc_numb_store = '....'.substr($payment['ccnumb'], -4); + + $reqData = array_merge( + $reqData, + array( + 'cc_type' => $payment['cctype'], + 'cc_name' => $payment['ccname'], + 'cc_numb' => $cc_numb_store, + 'cc_exp' => $payment['ccexp'], + 'cc_conf' => $ccConfirmation, + ) + ); + $reqFormat = array_merge( + $reqFormat, + array( + '%s', + '%s', + '%s', + '%s', + '%s', + ) + ); + + $reqData['cc_type'] = $payment['cctype']; + $reqFormat[] = '%s'; + + } + + $reqFormat[] = '%s'; + + // Store the data + $updated = $this->wpdb->update( + GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_PREFIX.'reg_request', + $reqData, + array( 'id' => $requestId ), + $reqFormat + ); +// Check if properly stored ..... Retrieve and test. Send E-Mail if not able to store + + // Get the updated information for the request and account + $request = $Request->getEntry($this->cart['request']['id']); + $account = $Account->getEntry($request['account']); + + // Get misc texts + require_once GLM_MEMBERS_REGISTRATIONS_PLUGIN_CLASS_PATH.'/data/dataMisc.php'; + $Misc = new GlmDataRegistrationsMisc($this->wpdb, $this->config); + $misc = $Misc->getEntry(1); + + // Produce HTML for storage and checkout page and add to request + $summaryData = array( + 'cart' => $this->cart, + 'request' => $request, + 'account' => $account, + 'payMethodsNumb' => $this->config['payment_method_numb'], + 'status' => $this->config['submission_status'], + 'misc' => $misc + ); + $summary = $this->generateCheckoutConfHTML($summaryData, 'front/registrations/summaryStore.html'); + $updated = $this->wpdb->update( + GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_PREFIX.'reg_request', + array( + 'summary' => $summary + ), + array( 'id' => $requestId ), + array('%s') + ); + + if (count($messages) == 0) { + + // Removed inventory holds + + // Update inventory totals + + } - /* - * Send out Notifications - */ /* * If all is done correctly, use model redirect to go to Step 4 - Dispaly summary @@ -400,18 +583,33 @@ echo "
".print_r($ccResult,1)."
"; ); } - // Update the cart flags and include updated billing data -/**** NEED TO DO THIS ****/ + /* + * Successful checkout + */ + + // Send acknowledgement to person submitting request + mail($request['email'], $misc['submission_ack_subject'], $summary); + + // Send notice to all registrants that have E-Mail addresses + reset($this->cart); + /*** NEED TO DO THIS ***/ + + + /* + * Remove cart from session + */ + unset($_SESSION['glm_reg_cart_id']); + + $view = 'summary'; -echo "

Checkout Done...

"; + // Build check code for display of summary in iframe + $summaryCheck = md5($this->cart['request']['id'].GLM_MEMBERS_REGISTRATIONS_PLUGIN_SECRET.$this->cart['request']['account']); // Compile template data $templateData = array( - 'page' => $page, - 'haveMessages' => count($messages), - 'messages' => $messages, - 'payMethod' => $payMethod, - 'payMethodName' => $payMethodName + 'requestId' => $requestId, + 'summaryCheck' => $summaryCheck, + 'misc' => $misc ); // Return status, any suggested view, and any data to controller @@ -426,4 +624,80 @@ echo "

Checkout Done...

"; + + + + /** + * Merge template and data to produce HTML + * + * Checks the theme's view directories and the view directories for + * this plugin for a matching view file. + * + * Note that $viewFile needs to have the proper view directory path + * includes. (i.e. "/views/front/registrations/summary.html") + * + * @param $data array Array of data to merge with the template + * @param $view string Path added to + * + * @access public + * @return void + */ + function generateCheckoutConfHTML($data, $viewFile) + { + + // If a view file is specified + if ($viewFile) { + + // Get the specified view file - check theme first + $viewPath = GLM_MEMBERS_PLUGIN_CURRENT_THEME_DIR."/views"; + $viewPath2 = GLM_MEMBERS_WORDPRESS_PLUGIN_PATH . "views"; // Save default + + // If the view is not found in the theme, fall back to views in the plugin + if (!is_file($viewPath.'/'.$viewFile)) { + + // Next try the plugin/add-on + $viewPath = GLM_MEMBERS_REGISTRATIONS_PLUGIN_PATH . "/views"; + + if (!is_file($viewPath.'/'.$viewFile)) { + + if (GLM_MEMBERS_PLUGIN_FRONT_DEBUG) { + trigger_error("Bad or missing view file when generating checkout HTML: $viewPath/$viewFile", E_USER_NOTICE); + } + + } + + } + + } + + // Load Smarty Template support + $smarty = new smartyTemplateSupport(); + + // Add standard parameters + require GLM_MEMBERS_PLUGIN_SETUP_PATH.'/standardTemplateParams.php'; + + // Add data from model to Smarty template + if (is_array($data) && count($data) > 0) { + foreach ($data as $k => $d) { + $smarty->templateAssign($k, $d); + } + } + + // Update the Smarty view path + $smarty->template->setTemplateDir($viewPath); + + // If the view path doesn't match the default, add the default (using theme view) + if ($viewPath2 != $viewPath) { + $smarty->template->addTemplateDir($viewPath2); + } + + // Generate output from model data and view + $out = $smarty->template->fetch($viewFile); + + return $out; + + } + + + } diff --git a/models/front/registrations/login.php b/models/front/registrations/login.php index 9e53638..b43c9c2 100644 --- a/models/front/registrations/login.php +++ b/models/front/registrations/login.php @@ -45,47 +45,65 @@ // Check for $option $option = ( isset( $_REQUEST['option'] ) ) ? filter_var( $_REQUEST['option'], FILTER_SANITIZE_STRING) : null; switch ( $option ) { - case 'logout': - unset( - $_SESSION['LoginAccount'], - $_SESSION['glm_reg_cart_id'] - ); - $modelRedirect = 'index'; - $_REQUEST['page'] = 'list'; - break; - case 'submit': - // check for password and email match - $username = filter_var( $_REQUEST['username'], FILTER_SANITIZE_STRING ); - $password = filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ); - // Check accounts for ones that match - $returnData = $this->wpdb->get_row( - $this->wpdb->prepare( - "SELECT id,password,fname,lname - FROM " . GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_PREFIX . "account - WHERE email = %s - AND active = true", - $username - ), - ARRAY_A - ); - $returnPassword = $returnData['password']; - $returnId = $returnData['id']; - if ( $returnPassword == crypt( $password, $returnPassword ) ) { - // Add the user to the php session - $_SESSION['LoginAccount'] = array( - 'id' => $returnId, - 'email' => $username, - 'fname' => $returnData['fname'], - 'lname' => $returnData['lname'], + + case 'logout': + + unset( + $_SESSION['LoginAccount'], + $_SESSION['glm_reg_cart_id'] ); $modelRedirect = 'index'; $_REQUEST['page'] = 'list'; - } else { - $message = 'Login Fail!'; - } - break; - default: - break; + break; + + case 'submit': + + // Get clean username (E-Mail address) and password + $username = filter_var( $_REQUEST['username'], FILTER_SANITIZE_STRING ); + $password = filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ); + + // Get the password from the matching user account (same E-Mail address) + $returnData = $this->wpdb->get_row( + $this->wpdb->prepare( + "SELECT id,password,fname,lname + FROM " . GLM_MEMBERS_REGISTRATIONS_PLUGIN_DB_PREFIX . "account + WHERE email = %s + AND active = true", + $username + ), + ARRAY_A + ); + + if ($this->wpdb->last_error || $returnData == NULL) { + $message = 'Login Fail'; + } else { + + // Get the hashed password and ID from the user account + $returnPassword = $returnData['password']; + $returnId = $returnData['id']; + + // Check to see if the sumbitted password matches the hashed password + if ( password_verify($password, $returnPassword) ) { + + // Add the user to the php session + $_SESSION['LoginAccount'] = array( + 'id' => $returnId, + 'email' => $username, + 'fname' => $returnData['fname'], + 'lname' => $returnData['lname'], + ); + $modelRedirect = 'index'; + $_REQUEST['page'] = 'list'; + + } else { + $message = 'Login Fail!'; + } + } + + break; + + default: + break; } // Compile template data diff --git a/models/front/registrations/register.php b/models/front/registrations/register.php index 479af59..be7e494 100644 --- a/models/front/registrations/register.php +++ b/models/front/registrations/register.php @@ -103,7 +103,7 @@ 'date_created' => date('Y-m-d'), 'active' => 1, 'email' => $email, - 'password' => crypt( $password ), + 'password' => password_hash($password, PASSWORD_DEFAULT), 'fname' => $fname, 'lname' => $lname, 'addr1' => $addr1, diff --git a/models/front/registrations/summary.php b/models/front/registrations/summary.php index aea9982..a6ec4b6 100644 --- a/models/front/registrations/summary.php +++ b/models/front/registrations/summary.php @@ -1,5 +1,20 @@ + * @license http://www.gaslightmedia.com Gaslightmedia + * @release summary.php,v 1.0 2017/11/10 19:31:47 cscott Exp $ + * @link http://dev.gaslightmedia.com/ + */ + + require_once GLM_MEMBERS_REGISTRATIONS_PLUGIN_CLASS_PATH.'/data/dataRegRequest.php'; class GlmMembersFront_registrations_summary extends GlmDataRegistrationsRegEvent { /** @@ -44,7 +59,7 @@ public function modelAction($actionData = false) { - +/*** THIS NEEDS TO BE RE-DONE ***/ // Get any provided option if (isset($_REQUEST['option'])) { $option = $_REQUEST['option']; @@ -72,7 +87,8 @@ 'page' => 'summary' ); - // Return status, any suggested view, and any data to controller + + // Return status, any suggested view, and any data to controller return array( 'status' => true, 'modelRedirect' => false, diff --git a/setup/databaseScripts/create_database_V0.0.17.sql b/setup/databaseScripts/create_database_V0.0.18.sql similarity index 98% rename from setup/databaseScripts/create_database_V0.0.17.sql rename to setup/databaseScripts/create_database_V0.0.18.sql index 3c203e1..3e804d1 100644 --- a/setup/databaseScripts/create_database_V0.0.17.sql +++ b/setup/databaseScripts/create_database_V0.0.18.sql @@ -408,21 +408,26 @@ CREATE TABLE {prefix}reg_request ( bill_state TINYTEXT NULL, bill_zip TINYTEXT NULL, bill_country TINYTEXT NULL, - date_submitted DATE NULL, + bill_phone TINYTEXT NULL, + bill_email TINYTEXT NULL, + date_submitted DATE NULL, -- Date of final submission (checkout complete) pay_method INT NULL, -- See payment_method in plugin.ini - payment_code TINYTEXT NULL, -- Payment_code (code text) - if submitted and validated + payment_code TINYTEXT NULL, -- Payment_code text (comp code) - if submitted and validated status SMALLINT NULL, -- See submission_status in plugin.ini total DOUBLE PRECISION NULL, -- Total charge including all fees and taxes + total_discounts DOUBLE PRECISION NULL, -- Total of all comps and discounts + registrants SMALLINT NULL, -- Total number of registrants in this cart cc_type TINYINT NULL, -- Credit Card type (if used) - See credit_card in plugin.ini cc_name TINYTEXT NULL, cc_numb TINYTEXT NULL, cc_exp TINYTEXT NULL, cc_cvv TINYTEXT NULL, cc_conf TINYTEXT NULL, -- Confirmation code back from card processor + cc_proc_mesg TINYTEXT NULL, -- Message received from payment processor summary TEXT NULL, -- HTML summary of cart contents, costs and payment - Use same HTML displayed to user mf_data TEXT NULL, -- Any MagicForm data associated with registrant notes TEXT NULL, -- System operator's notes for this registration request - user_trace_info TINYTEXT NULL, -- IP Address of user computer and timestamp + user_trace_info TEXT NULL, -- IP Address of user computer and timestamp date_created DATETIME NULL, -- Date request was first created last_update DATETIME NULL, -- Last update date/time - Used for timing out pending carts and attendee counts PRIMARY KEY (id), diff --git a/setup/databaseScripts/dbVersions.php b/setup/databaseScripts/dbVersions.php index 5af2dd2..e1b0d38 100644 --- a/setup/databaseScripts/dbVersions.php +++ b/setup/databaseScripts/dbVersions.php @@ -30,7 +30,8 @@ $glmMembersRegistrationsDbVersions = array( '0.0.14' => array('version' => '0.0.14', 'tables' => 20, 'date' => '10/13/2017'), '0.0.15' => array('version' => '0.0.15', 'tables' => 15, 'date' => '10/18/2017'), '0.0.16' => array('version' => '0.0.16', 'tables' => 15, 'date' => '10/24/2017'), - '0.0.17' => array('version' => '0.0.17', 'tables' => 15, 'date' => '11/3/2017') + '0.0.17' => array('version' => '0.0.17', 'tables' => 15, 'date' => '11/3/2017'), + '0.0.18' => array('version' => '0.0.18', 'tables' => 15, 'date' => '11/7/2017') ); diff --git a/setup/databaseScripts/drop_database_V0.0.17.sql b/setup/databaseScripts/drop_database_V0.0.18.sql similarity index 100% rename from setup/databaseScripts/drop_database_V0.0.17.sql rename to setup/databaseScripts/drop_database_V0.0.18.sql diff --git a/setup/databaseScripts/update_database_V0.0.18.sql b/setup/databaseScripts/update_database_V0.0.18.sql new file mode 100644 index 0000000..42fc5fa --- /dev/null +++ b/setup/databaseScripts/update_database_V0.0.18.sql @@ -0,0 +1,37 @@ +-- Gaslight Media Members Database - Registratiuons Add-On +-- File Created: 10/03/17 11:00:00 +-- Database Version: 0.0.16 +-- Database Update From Previous Version Script +-- +-- To permit each query below to be executed separately, +-- all queries must be separated by a line with four dashes + +ALTER TABLE {prefix}reg_request ADD COLUMN bill_phone TINYTEXT; + +---- + +ALTER TABLE {prefix}reg_request ADD COLUMN bill_email TINYTEXT; + +---- + +ALTER TABLE {prefix}reg_request ADD COLUMN total_discounts DOUBLE PRECISION; + +---- + +ALTER TABLE {prefix}reg_request ADD COLUMN registrants SMALLINT; + +---- + +ALTER TABLE {prefix}reg_request ADD COLUMN cc_proc_mesg TINYTEXT; + +---- + +ALTER TABLE {prefix}reg_request DROP COLUMN payment_code; + +---- + +ALTER TABLE {prefix}reg_request DROP COLUMN mf_data; + +---- + +ALTER TABLE {prefix}reg_request CHANGE user_trace_info user_trace_info TEXT; \ No newline at end of file diff --git a/setup/validActions.php b/setup/validActions.php index 063f008..8cb4ce9 100644 --- a/setup/validActions.php +++ b/setup/validActions.php @@ -63,7 +63,8 @@ $glmMembersRegistrationsAddOnValidActions = array( 'account' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, 'regAdmin' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, 'regFront' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, - 'cartLinkWidget' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, + 'cartLinkWidget' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, + 'summaryContent' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG ), 'registrations' => array( 'index' => GLM_MEMBERS_REGISTRATIONS_PLUGIN_SLUG, diff --git a/views/front/registrations/checkout.html b/views/front/registrations/checkout.html index 2772ed1..df969ad 100644 --- a/views/front/registrations/checkout.html +++ b/views/front/registrations/checkout.html @@ -14,6 +14,7 @@ {if $haveCart}
+ See summary of registration request and charges below @@ -44,7 +45,10 @@ {else}
E-Mail Address:
-
{$regAccount.fieldData.email}
+
+ {$regAccount.fieldData.email} + {* Required to keep E-Mail address from being cleared *} +
{/if}
@@ -241,19 +245,19 @@
Card Number:
- +
Card Expiration:
- +
CVV:
- +
@@ -265,9 +269,6 @@

*** Pay Pal ****

{/if} - - -

Global Custom Fields Go Here

@@ -275,7 +276,7 @@
Custom fields that are event, level, rate, or registrant specific will be collected on registration selection page.
- {/if} + {/if} {* / total charges > 0 *}
@@ -291,7 +292,6 @@
{$event.event_name}:

*** Any added fields go here *** -
{/if} @@ -395,7 +395,7 @@ ${$cart.totalCharges|number_format:2} -{/if} +{/if} {* / if have cart *} @@ -464,6 +464,11 @@ } }); + + // Various input masks for credit card input + $(".cc-input").mask("9999999999999?999"); + $(".expire-input").mask("99/99"); + $(".cvv-input").mask("999?9"); }); \ No newline at end of file diff --git a/views/front/registrations/list.html b/views/front/registrations/list.html index da599af..25c5728 100644 --- a/views/front/registrations/list.html +++ b/views/front/registrations/list.html @@ -1,4 +1,4 @@ -{include file='front/registrations/header.html'} +{include file='front/registrations/header.html'} {$ajaxUrl}
{if $haveRegEvents} {foreach $regEvents as $event} diff --git a/views/front/registrations/summary.html b/views/front/registrations/summary.html index e69de29..f2f7147 100644 --- a/views/front/registrations/summary.html +++ b/views/front/registrations/summary.html @@ -0,0 +1,17 @@ + +
+
+

Summary of Submitted Registration Request

+
+
+ {$misc.summary_page_text} +
+
+ +
+ +
diff --git a/views/front/registrations/summaryStore.html b/views/front/registrations/summaryStore.html new file mode 100644 index 0000000..4cbda05 --- /dev/null +++ b/views/front/registrations/summaryStore.html @@ -0,0 +1,193 @@ + + + + + +
+ {$misc.submission_ack_text} +
+ +

Checkout Summary

+ + + + +
+ + + + + + + + + + {if $account.phone} + + {/if} + {if $account.fax} + + {/if} + + + + + +
Submission
Requested By: + {$account.fname} {$account.lname}{if $account.title}, {$account.title}{/if}
+ {if $account.org}{$account.org}
{/if} + {$account.addr1}
+ {if $account.addr2}{$account.addr2}
{/if} + {$account.city}, {$account.state} {$account.zip} {$account.country.value}
+
Phone:{$account.phone}
title:{$account.title}
E-Mail Address:{$account.email}
Request #:{$request.id}
Submitted:{$request.date_submitted.datetime}
Status:{$request.status.name}
+ 		+ + + + + + + + + + {if $request.bill_phone} + + {/if} + {if $request.bill_email} + + {/if} + +
Billing
Contact: + {$request.bill_fname} {$request.bill_lname}{if $request.bill_title}, {$request.bill_title}{/if}
+ {if $request.bill_org}{$request.bill_org}
{/if} + {$request.bill_addr1}
+ {if $request.bill_addr2}{$request.bill_addr2}
{/if} + {$request.bill_city}, {$request.bill_state} {$request.bill_zip} {$request.country.bill_value}
+
Phone:{$request.bill_phone}
E-Mail Address:{$request.bill_email}
+ {if $request.pay_method.value == $payMethodsNumb.CreditCard} + + + + + + + + + + + + + {/if} + + +
Payment
Payment Method:{$request.pay_method.name}
Credit Card:{$request.cc_type.name}
Name on Card:{$request.cc_name}
Card Number:{$request.cc_numb}
Expiration:{$request.cc_exp}
Confirmation Code:{$request.cc_conf}
Total Charged:{$request.total}
+
+

Registrations

+ + + + + + + + + + + + {foreach $cart.events as $event} + + + + {foreach $event.classes as $class} + + + + {foreach $class.rates as $rate} + + + + + {foreach $rate.registrants as $registrant} + + + + + + + + {/foreach} + {/foreach} + {/foreach} + {/foreach} + + + + + + + +
RegisteringRegistrantDate/TimeDiscountRate
Event: {$event.event_name}
    {$class.class_name}
+         {$rate.rate_name} + - Base Rate ({$rate.registrant_credits} registrants included) + {$rate.rateBaseCharge|number_format:2}
 {$registrant.fname} {$registrant.lname}{$registrant.event_time} + {if $registrant.registrantDiscounts > 0} + {$registrant.registrantDiscounts|number_format:2} + {else} +   + {/if} + + {if $registrant.registrantRate > 0} + {$registrant.registrantRate|number_format:2} + {else} + (included) + {/if} +
 Total registrants: {$cart.totalRegistrants} + {if $cart.totalDiscounts > 0} + ${$cart.totalDiscounts|number_format:2} + {else} +   + {/if} + ${$cart.totalCharges|number_format:2}
+ + \ No newline at end of file -- 2.17.1