khosb/modules/checkout/checkout.inc.php

<?php
/**
 * AgileBill - Open Billing Software
 *
 * This body of work is free software; you can redistribute it and/or
 * modify it under the terms of the Open AgileBill License
 * License as published at http://www.agileco.com/agilebill/license1-4.txt
 *
 * Originally authored by Tony Landis, AgileBill LLC
 *
 * Recent modifications by Deon George
 *
 * @author Deon George <deonATleenooksDOTnet>
 * @copyright 2009 Deon George
 * @link http://osb.leenooks.net
 *
 * @link http://www.agileco.com/
 * @copyright 2004-2008 Agileco, LLC.
 * @license http://www.agileco.com/agilebill/license1-4.txt
 * @author Tony Landis <tony@agileco.com>
 * @package AgileBill
 * @subpackage Module:Checkout
 */

/**
 * The main AgileBill Checkout Class
 *
 * @package AgileBill
 * @subpackage Module:Checkout
 */
class checkout extends OSB_module {
	var $admin_view=false;
	var $admin_checkout=false;
	var $admin_checkout_option=false;

	/**
	 * Add Discount for Admin Checkout
	 */
	function admin_adddiscount($VAR) {
		if(empty($VAR['amount'])) return false;
		if(empty($VAR['id'])) return false;
		$db=&DB();
		$fields=Array('ad_hoc_discount'=>round($VAR['amount'],2));
		$db->Execute(sqlUpdate($db,"cart",$fields,"id = ::{$VAR['id']}:: "));
		return true;
	}

	/**
	 * Admin Create the Invoice Record
	 */
	function admin_checkoutnow($VAR)
	{
		# Get the account id & session_id
		if(!empty($VAR['account_id']))
		{
			$this->account_id = $VAR['account_id'];
			$db     = &DB();
			$sql    = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'session WHERE account_id   =  ' . $db->qstr( $this->account_id ) . ' AND  site_id      =  ' . $db->qstr(DEFAULT_SITE);
			$rs = $db->Execute($sql);
			if(!empty($rs->fields['id'])) {
				$this->session_id = $rs->fields['id'];
			} else {
				$this->session_id = SESS;
			}
		} else {
			return false;
		}

		# Get the affiliate details
		global $C_list;
		if(!$C_list->is_installed('affiliate')) {
			$this->affiliate_id = '';
		} else {
			if(SESS_AFFILIATE != "") {
				$this->affiliate_id = SESS_AFFILIATE;
			} else {
				# Get the affiliate details for this account
				$db     = &DB();
				$sql    = 'SELECT affiliate_id FROM ' . AGILE_DB_PREFIX . 'account WHERE id = ' . $db->qstr( $this->account_id ) . ' AND site_id = ' . $db->qstr(DEFAULT_SITE);
				$rs = $db->Execute($sql);
				if(!empty($rs->fields['affiliate_id']))
				{
					$this->affiliate_id = $rs->fields['affiliate_id'];
				} else {
					# Get the affiliate account for the admin creating this invoice
					$db = &DB();
					$sql    = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'affiliate WHERE account_id =  ' . $db->qstr( SESS_ACCOUNT ) . ' AND  site_id =  ' . $db->qstr(DEFAULT_SITE);
					$rs = $db->Execute($sql);
					if(!empty($rs->fields['id']))
					$this->affiliate_id = $rs->fields['id'];
					else
					$this->affiliate_id = '';
				}
			}
		}
		$this->redirect = true;
		$this->admin_checkout = true;

		# Is processor free checkout?
		if(@$VAR['option'] == '999') $this->admin_checkout_option = true;

		# Checkout
		if($this->checkoutnow($VAR, $this)) {
			echo '<script language="javascript">
                    window.parent.location = \'?_page=invoice:view&id='.$this->invoice_id.'\';
                    window.parent.window.parent.location = \'?_page=invoice:view&id='.$this->invoice_id.'\';
                    window.close();
                </script>';
		}
	}

	/**
	 * Get available checkout option
	 *
	 * @param int $account_id
	 * @param float $total
	 * @param array $product_arr Array of product_ids being purchased
	 * @param bool $any_new
	 * @param bool $any_trial
	 * @param bool $any_recurring
	 * @return array
	 * @uses account
	 */
	function get_checkout_options($account_id,$total=0,$product_arr=false,$any_new=false,$any_trial=false,$any_recurring=false) {
	 	$options = '';
		if ($any_trial)
			$options .= ' AND allow_trial=1';
		if ($any_recurring)
			$options .= ' AND allow_recurring=1';
		if ($any_new)
			$options .= ' AND allow_new=1';

		if (! $options)
			return false;

		include_once(PATH_MODULES.'account/account.inc.php');
		$ao = new account($account_id);
		$country_id = $ao->getRecordAttr('country_id');

		$db = &DB();
		$chopt = $db->Execute(sqlSelect($db,'checkout','*',sprintf('active=1 %s',$options)));
		if($chopt && $chopt->RecordCount()) {
			while( !$chopt->EOF )  {
				$show = true;
				# Check that the cart total is not to low:
				if ( $show == true && $chopt->fields["total_minimum"] != "" && $total < $chopt->fields["total_minimum"] ) $show = false;
				# Check that the cart total is not to high:
				if ( $show == true && $chopt->fields["total_maximum"] != "" && $total > $chopt->fields["total_maximum"] ) {
					$show = false;
				} elseif ($chopt->fields["total_maximum"] == '0' && $total > 0) {
					$show = false;
				}
				# Check that the group requirement is met:
				if ( $show == true && !$this->admin_view && !empty ( $chopt->fields["required_groups"] ) ) {
					global $C_auth;
					$arr = unserialize ( $chopt->fields["required_groups"] );
					if(count($arr) > 0 && !empty($arr[0])) $show = false;
					for ( $i=0; $i<count($arr); $i++ )  {
						if($C_auth->auth_group_by_id($arr[$i])) {
							$show = true;
							$i=count($arr);
						}
					}
				}
				# Check that the customer is not ordering a blocked SKU:
				if ( $show == true && !$this->admin_view && !empty ( $chopt->fields["excluded_products"] ) && $product_arr ) {
					$arr = unserialize ( $chopt->fields["excluded_products"] );
					if(count($arr) > 0)  {
						for($i=0; $i<count($product_arr); $i++)  {
							for($isk=0; $isk<count($arr); $isk++) {
								if($product_arr[$i] == $arr[$isk] && !empty($arr[$isk]) && !empty($product_arr[$i]['product_id']) ) {
									$show = false;
									//$i=count($smart);
									$isk=count($arr);
								}
							}
						}
					}
				}
				$list_ord = 100;
				# Check if this method should be the default method:
				if ( $show == true) {
					# By Amount:
					if ( !empty ( $chopt->fields["default_when_amount"] ) ) {
						@$arr = unserialize ( $chopt->fields["default_when_amount"] );
						for ( $i=0; $i<count($arr); $i++ ) if ( $total >= $arr[$i] ) $list_ord--; $i=count($arr);
					}
					# By Currency
					if ( !empty ( $chopt->fields["default_when_currency"] ) ) {
						@$arr = unserialize ( $chopt->fields["default_when_currency"] );
						for ( $i=0; $i<count($arr); $i++ ) if ( SESS_CURRENCY == $arr[$i] ) $list_ord--; $i=count($arr);
					}
					# By Group
					if ( !empty ( $chopt->fields["default_when_group"] ) ) {
						@$arr = unserialize ( $chopt->fields["default_when_group"] );
						global $C_auth;
						for ( $i=0; $i<count($arr); $i++ )  if ( $C_auth->auth_group_by_account_id( $account_id, $arr[$i] ) ) $list_ord--; $i=count($arr);
					}
					# By Country
					if ( !empty ( $chopt->fields["default_when_country"] ) ) {
						@$arr = unserialize ( $chopt->fields["default_when_country"] );
						for ( $i=0; $i<count($arr); $i++ )  if ( $country_id == $arr[$i] ) $list_ord--; $i=count($arr);
					}
					# Add to the array
					$checkout_options[] = Array ('sort'=>$list_ord, 'fields'=>$chopt->fields);
				}
				$chopt->MoveNext();
			}
			# Sort the checkout_options array by the [fields] element
			if(count($checkout_options) > 0 ) {
				foreach ( $checkout_options as $key => $row ) $sort[$key] = $row["sort"];
				array_multisort ( $sort, SORT_ASC, $checkout_options );
				return $checkout_options;
			}
		} else {
			return false;
		}
		return false;
	}


	/**
     * Admin View Preview / Confirm prior to checkout
     */
	function admin_preview($VAR) {
		global $C_auth;
        if(!empty($VAR['account_id']) && $C_auth->auth_method_by_name('checkout','admin_checkoutnow')) {
        	$this->account_id=$VAR['account_id'];
        	$this->admin_view = true;
        } else {
        	$this->account_id=SESS_ACCOUNT;
        }
		$this->preview($VAR, $this);
	}

	/**
	 * Preview / Confirm prior to checkout
	 *
	 * @uses account
	 * @uses cart
	 */
	public function preview($VAR,$object,$returnInvoice=false) {
		if (! SESS_LOGGED)
			return false;

		if (empty($this->account_id))
			$this->account_id = SESS_ACCOUNT;

		# Load the cart
		include_once(PATH_MODULES.'/cart/cart.inc.php');
		$co = new cart();

		if (! $results = $co->sGetContents())
			return false;

		# Load invoice object
		include_once(PATH_MODULES.'invoice/invoice.inc.php');
		$invoice = new invoice();

		$invoice->setRecordAttr('account_id',$this->account_id);

		# Put the cart items into an invoice
		foreach ($results as $result) {
			$invoice->aaddItem(array(
				'charge_id'=>null,
				'domain_name'=>$result['domain_name'],
				'domain_term'=>$result['domain_term'],
				'domain_type'=>$result['domain_type'],
				'domain_tld'=>$result['domain_tld'],
				'host_type'=>$result['host_type'],
				'item_type'=>0,
				'service_id'=>null,
				'cart_id'=>$result['id'],
				'product_id'=>$result['product_id'],
				'quantity'=>isset($result['quantity']) ? $result['quantity'] : 1,
				'recurr_schedule'=>$result['recurr_schedule'],
				'product_attr'=>$result['product_attr'],
				'product_attr_cart'=>$result['product_attr'],
				'type'=>in_array($result['host_type'],array('register')) ? 'domain' : null
			));
		}

		# If we are being called by checkout, then we use the preview code to build our invoice.
		if ($returnInvoice)
			return $invoice;

		global $smarty;

		$smarty->assign('results',$invoice->sCountItems());
		$smarty->assign('cart',$invoice->getItems());
		$smarty->assign('sub_total',$invoice->sSubTotal());
		$smarty->assign('discounttotal',$invoice->sTotalDiscount(true));
		$smarty->assign('discount',$invoice->getDiscountDetails(true));
		$smarty->assign('taxtotal',$invoice->sTotalTax(true));
		$smarty->assign('tax',$invoice->getTaxDetails());
		$smarty->assign('total',$invoice->sTotal(true));

		# Get our checkout options
		$checkout_options = $this->get_checkout_options($this->account_id,$invoice->sTotal(),$invoice->getProductItems(),
			(is_null($invoice->getRecordAttr('id'))),
			in_array(2,$invoice->getProductItemTypes()),(! is_null($invoice->getRecordAttr('id'))));
		$checkout_c = count($checkout_options);

		$smarty->assign('checkout',$checkout_options);
		$smarty->assign('checkout_c',$checkout_c);
		$checkout_c--;
		$smarty->assign('last_checkout_id',$checkout_options[$checkout_c]['fields']['id']);
	}

	/**
	 * Create the Invoice Record and send user to checkout
	 *
	 * @uses account
	 * @uses currency
	 */
	public function checkoutnow($VAR) {
		global $C_translate,$C_list,$smarty;

		# Validate user is logged in:
		if (! SESS_LOGGED) {
			printf('<script type="text/javascript">alert("%s...");</script>',
				_('You must be logged in to complete this purchase! Please refresh this page in your browser to login now.'));

			return false;
		}

		$db = &DB();

		# Check for admin
		if (! $this->admin_checkout && ! empty($VAR['account_id'])) {
			global $C_auth;

       		if (! empty($VAR['account_id']) && $C_auth->auth_method_by_name('checkout','admin_checkoutnow')) {
        		$this->account_id = $VAR['account_id'];
        		$this->admin_checkout = true;

        	} else {
        		$this->account_id = SESS_ACCOUNT;
        	}
		}

		$invoice = $this->preview($VAR,null,true);

		# Set some defaults
		$invoice->setRecordAttr('actual_billed_amt',0);
		$invoice->setRecordAttr('billed_amt',0);
		$invoice->setRecordAttr('billing_status',0);
		$invoice->setRecordAttr('due_date',time());
		$invoice->setRecordAttr('grace_period',0);
		$invoice->setRecordAttr('notice_count',0);
		$invoice->setRecordAttr('notice_max',0);
		$invoice->setRecordAttr('notice_next_date',null);
		$invoice->setRecordAttr('print_status',0);
		$invoice->setRecordAttr('process_status',0);
		$invoice->setRecordAttr('status',1);
		$invoice->setRecordAttr('suspend_billing',0);
		$invoice->setRecordAttr('reseller_id',0);
		$invoice->setRecordAttr('type',0);

		# (Re)Calculate our discounts and taxes
		$invoice->setRecordAttr('discount_amt',$invoice->sTotalDiscount(true));
		$invoice->setRecordAttr('tax_amt',$invoice->sTotalTax(true));
		$invoice->setRecordAttr('total_amt',$invoice->sTotal(true));

 		// Validate and init a checkout plugin
 		$checkout = false;
 		if ($this->admin_checkout_option) {
 			# Admin checkout option specified
			include_once(PATH_MODULES.'checkout/checkout_admin.inc.php');
			$PLG = new checkout_admin;

			$checkout = true;
			$invoice->setRecordAttr('checkout_plugin_id',false);

 		} else {
			# Get available checkout options and check against the one provided
			$invoice->setRecordAttr('checkout_plugin_id',$VAR['option']);

			$checkout_options = $this->get_checkout_options($this->account_id,$invoice->sTotal(),$invoice->getProductItems(),
				(is_null($invoice->getRecordAttr('id'))),
				in_array(2,$invoice->getProductItemTypes()),in_array(1,$invoice->getProductItemTypes()));
			if ($checkout_options) {
				foreach ($checkout_options as $a) {
					if ($a['fields']['id'] == $invoice->getRecordAttr('checkout_plugin_id')) {
						# Load the selected checkout plugin and run pre-validation
						$checkout_plugin = $a['fields']['checkout_plugin'];
						include_once(sprintf('%scheckout/%s.php',PATH_PLUGINS,$checkout_plugin));
						eval (sprintf('$PLG = new plg_chout_%s("%s");',$checkout_plugin,$invoice->getRecordAttr('checkout_plugin_id')));

						$plugin_validate = $PLG->validate($VAR,$this);
						if ($plugin_validate != true) {
							echo $plugin_validate;
							return false;
						}

						$checkout=true;
						break;
					}
				}
			}
 		}

		# If we werent able to checkout, then return here
		if (! $checkout) {
			echo '<script type="text/javascript">alert("Unable to checkout with the selected method, please select another.");</script>';

			return false;
		}

		// validate credit card on file details
		global $VAR;
		if (! empty($VAR['account_billing_id']) && @$VAR['new_card']==2) {
			$invoice->setRecordAttr('account_billing_id',$VAR['account_billing_id']);
			/* validate credit card on file details */
			if(!$PLG->setBillingFromDB($this->account_id,$VAR['account_billing_id'],$invoice->checkout_plugin_id)) {
				global $C_debug;
				$C_debug->alert("Sorry, we cannot use that billing record for this purchase.");
				return false;
			}

		} else {
			/* use passed in vars */
			$PLG->setBillingFromParams($VAR);
		}

		// validate recurring processing options
		if ($PLG->recurr_only) {
			if ($invoice->recur_amt<=0) {
				echo '<script language=Javascript> alert("Cannot process non-recurring charges with this payment option, please select another payment option."); </script> ';
				return false;
			}

			if(is_array($invoice->recur_arr) && count($invoice->recur_arr)>1) {
				$recurring = true;
				// validate recur day and recurring schedule are the same for both products
				foreach($invoice->recur_arr as $a) {
					foreach($invoice->recur_arr as $b) {
						foreach($b as $key=>$val) {
							if($key != 'price' && $key != 'recurr_week' && $a[$key] != $val) {
								$recurring=false;
								break;
							}
						}
					}
				}
				if (!$recurring) {
					echo '<script language=Javascript> alert("This payment option cannot be used when ordering both prorated and non-prorated subscriptions, or when ordering two or more subscriptions with different billing schedules selected. Please make sure all your subscriptions have the same billing schedule selected, try another payment option, or order one subscription at a time. We apologize for any inconvenience."); </script> ';
					return false;
				}
			}
		}

		# Load account object
		include_once(PATH_MODULES.'account/account.inc.php');
		$ao = new account($this->account_id);

		# Affiliate
		if (is_null($invoice->getRecordAttr('affiliate_id')))
			$invoice->setRecordAttr('affiliate_id',
				(! is_null($ao->getRecordAttr('affiliate_id'))) ? $ao->getRecordAttr('affiliate_id') : SESS_AFFILIATE);

		# Campaign
		if (is_null($invoice->getRecordAttr('campaign_id')))
			$invoice->setRecordAttr('campaign_id',
				(! is_null($ao->getRecordAttr('campaign_id'))) ? $ao->getRecordAttr('campaign_id') : SESS_CAMPAIGN);

		$invoice->setRecordAttr('actual_billed_currency_id',SESS_CURRENCY);
		$invoice->setRecordAttr('billed_currency_id',DEFAULT_CURRENCY);
		$invoice->checkout_type = $PLG->type;
		$invoice->setRecordAttr('id',sqlGenID($db,'invoice'));

		# Initial invoice status
		if ($invoice->sTotal() == 0 || $PLG->type == 'gateway') {
			$invoice->setRecordAttr('billing_status',1);
			$invoice->actual_billed_amt = $C_list->format_currency_decimal($invoice->sTotal(),SESS_CURRENCY);
			$invoice->billed_amt = $invoice->sTotal();
		}

		# Currency conversion
		if (SESS_CURRENCY != DEFAULT_CURRENCY) {
			$bill_amt = $C_list->format_currency_decimal($invoice->sTotal(),SESS_CURRENCY);
			$recur_amt = is_null($invoice->sRecurAmt()) ? null : $C_list->format_currency_decimal($invoice->sRecurAmt(),SESS_CURRENCY);
		} else {
			$bill_amt = round($invoice->sTotal(),2);
			$recur_amt = is_null($invoice->sRecurAmt()) ? null : round($invoice->sRecurAmt(),2);
		}

		# Get currency ISO (three_digit) for checkout plugin
		include_once(PATH_MODULES.'currency/currency.inc.php');
		$cuo = new currency();

		$currencies = $cuo->sql_GetRecords(array('where'=>array('id'=>SESS_CURRENCY)));
		if ($currencies)
			$currency_iso = $currencies[0]['three_digit'];
		else
			$currency_iso = $C_list->currency_iso(SESS_CURRENCY);

		# Run the plugin bill_checkout() method:
		$invoice->setRecordAttr('checkout_plugin_data',
			$PLG->bill_checkout($bill_amt,$invoice->getRecordAttr('id'),$currency_iso,$ao->getRecord(),$recur_amt,$invoice->recur_arr));
		if ($invoice->getRecordAttr('checkout_plugin_data') === false || $invoice->getRecordAttr('checkout_plugin_data') == '' ) {
			if (! empty($PLG->redirect))
				echo $PLG->redirect;

			return false;

		} elseif ($PLG->type == 'gateway' || empty($PLG->redirect)) {
			$VAR['id'] = $invoice->getRecordAttr('id');
			if (! $this->admin_checkout)
				$VAR['_page'] = 'invoice:thankyou';

			$invoice->setRecordAttr('checkout_plugin_data',false);

		} elseif (! $this->admin_checkout) {
			echo "<html><head></head><body><center>Please wait while we redirect you to the secure payment site.... {$PLG->redirect}</center></body></html>";
		}

		# Call the Plugin method for storing the checkout data:
		$invoice->setRecordAttr('account_billing_id',$PLG->store_billing($VAR,$invoice->account_id));

		# Clear user discounts
		$db->Execute(sqlUpdate($db,'session',array('discounts'=>null),array('id'=>SESS)));

		# admin options
		$email = true;
		if ($this->admin_checkout) {
			if (empty($VAR['send_email']) || $VAR['send_email']=='false')
				$email=false;
			else
				$email=true;

			if (! empty($VAR['due_date']))
				$invoice->due_date=$this->getInputDate($VAR['due_date']);

			if (! empty($VAR['grace_period']))
				$invoice->grace_period=$VAR['grace_period'];

			if (! empty($VAR['notice_max']))
				$invoice->notice_max=$VAR['notice_max'];
		}

		if ($invoice->sql_SaveRecord(true)) {
			# Delete all cart items
			$db->Execute(sqlDelete($db,'cart',sprintf('(session_id=::%s:: OR account_id=%s)',SESS,$invoice->getRecordAttr('account_id'))));

			# Admin redirect
			if ($this->admin_checkout)
				printf('<script language="javascript">parent.location.href=\'%sadmin.php?_page=invoice:view&id=%s\';</script>',URL,$invoice->getRecordAttr('id'));
		}

		return false;
	}

	/** Convert a localized d,m,y string to epoch timestamp
	*/
	function getInputDate($date) {

  		$Arr_format = explode(DEFAULT_DATE_DIVIDER, UNIX_DATE_FORMAT);
        $Arr_date   = explode(DEFAULT_DATE_DIVIDER, $date);
        for($i=0; $i<3; $i++)
        {
            if($Arr_format[$i] == 'd') $day = $Arr_date[$i];
            if($Arr_format[$i] == 'm') $month = $Arr_date[$i];
            if($Arr_format[$i] == 'Y') $year = $Arr_date[$i];
        }
        $timestamp = mktime(0, 0, 0, $month, $day, $year);
        return $timestamp;

		return time();
	}

	/**
	 * Manage postback for multiple invoices
	 */
	function postback_multiple($arr) {
		$db=&DB();
		include_once(PATH_MODULES.'invoice/invoice.inc.php');
		$invoice=new invoice;

		// get multi-invoice details
		$total = $invoice->multiple_invoice_total($arr['invoice_id']);
		if(!$total) return false;

		$amt = $arr['amount'];

		foreach($invoice->invoice_id as $id)
		{
			if($amt > 0)
			{
				// get total due for this invoice:
				$rs=sqlSelect($db, "invoice","SUM(total_amt-billed_amt-IFNULL(credit_amt,0)) as total","id=$id");
				if($rs && $rs->RecordCount()) {
					$thisamt = $rs->fields["total"];

					if($thisamt > $amt)
						$arr['amount'] = $amt;
					else
						$arr['amount'] = $thisamt;
					$arr["invoice_id"] = $id;

					$this->postback($arr);
					$amt -= $thisamt;
				}
			}
		}
	}

	/**
	 * Postback Payment Processing
	 * This function will handle the postback processing from a payment processor
	 *
	 * @param array $arr Incoming payment information
	 * @uses invoice
	 * @uses invoice_item
	 */
	public function postback($arr) {
		global $C_debug,$C_list;

		# Minimum incoming values to continue
		if (empty($arr['invoice_id']))
			return false;
		if (empty($arr['transaction_id']))
			return false;
		if (empty($arr['amount']))
			return false;

		# Does this postback pay multiple invoices?
		if (preg_match('/^MULTI-/',$arr['invoice_id']))
			return $this->postback_multiple($arr);

		$db = &DB();

		include_once(PATH_MODULES.'invoice/invoice.inc.php');
		$io = new invoice();

		# Get the latest invoice information
		$invoices = $io->sql_GetRecords(array(
			'where'=>sprintf('(parent_id=%s OR id=%s%s)',$arr['invoice_id'],$arr['invoice_id'],
				(! empty($arr['subscription_id']) && trim($arr['subscription_id'])) ? sprintf(' OR checkout_plugin_data=%s',trim($arr['subscription_id'])) : ''),
			'limit'=>'0,1'));

		if (! count($invoices)) {
			$C_debug->error(__FILE__,__METHOD__,sprintf('No invoice records, unable to process payment for: %s',$arr['invoice_id']));

			return false;
		}

		# Get our invoice object, that this payment is for.
		$invoice = array_pop($invoices);

		# If we are not passed a currency, we can only assume it is the same as that used to bill the invoice.
		if (! isset($arr['currency']) || ! trim($arr['currency'])) {
			$this->billed_amt = $arr['amount']+$invoice['billed_amt'];
			$this->actual_billed_amt = $arr['amount']+$invoice['billed_amt'];
			$this->actual_billed_currency_id = $invoice['billed_currency_id'];

		} else {
			# Get the actual billed currency id currency info
			$rs = $db->Execute(sqlSelect('currency','*',array('where'=>array('three_digit'=>$arr['currency']))));

			if (! $rs)
				$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());

			# No currency information, assume the currency of the invoice
			elseif (! $rs->RecordCount()) {
				$C_debug->error(__FILE__,__METHOD__,sprintf('No currency: %s?',$arr['currency']));

				$this->billed_amt = $arr['amount']+$invoice['billed_amt'];
				$this->actual_billed_amt = $arr['amount']+$invoice['billed_amt'];
				$this->actual_billed_currency_id = $invoice['billed_currency_id'];

			} else {
				$this->actual_billed_currency_id = $rs->fields['id'];

				if (is_string($rs->fields['convert_array']))
					$convert = unserialize($rs->fields['convert_array']);
				else
					$convert = false;

				$this->format_currency[$this->actual_billed_currency_id] = array(
					'symbol'=>$rs->fields['symbol'],
					'convert'=>$convert,
					'iso'=>$rs->fields['three_digit']);

				# Get the billed currency id currency info:
				$rs = $db->Execute(sqlSelect('currency','*',array('where'=>array('id'=>$invoice['billed_currency_id']))));

				if (! $rs)
					$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());

				$this->format_currency[$invoice['billed_currency_id']] = array(
					'symbol'=>$rs->fields['symbol'],
					'convert'=>unserialize($rs->fields['convert_array']),
					'iso'=>$rs->fields['three_digit']);

				# Convert the invoice amount to the actual billed currency amount
				$conversion = $this->format_currency[$invoice['billed_currency_id']]['convert'][$this->actual_billed_currency_id]['rate'];

				$this->billed_amt = $invoice['billed_amt']+($arr['amount']/$conversion);
				$this->actual_billed_amt = $invoice['actual_billed_amt']+$arr['amount'];
			}
		}

		# Check for any subscription_id
		if (! empty($arr['subscription_id']))
			$this->subscription_id = trim($arr['subscription_id']);
		else
			$this->subscription_id = trim($invoice['checkout_plugin_data']);

		$this->checkout_id = $this->getRecordAttr('id');

		# Check for the billing status:
		if ($this->billed_amt >= $invoice['total_amt'])
			$this->billing_status = '1';
		else
			$this->billing_status = '0';

		# Check if this transaction_id has already been processed:
		$rs = $db->Execute(
			sqlSelect('invoice_memo','id',
				array('where'=>array('invoice_id'=>$invoice['id'],'type'=>'postback','memo'=>sprintf('%s-%s',$this->getRecordAttr('id'),$arr['transaction_id'])))));

		if (! $rs)
			$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());

		# Transaction ID already exists
		elseif ($rs->RecordCount()) {
			# Duplicate post:
			$C_debug->error(__FILE__,__METHOD__,
				sprintf('Duplicate postback for invoice %s & transaction id %s-%s',$arr['invoice_id'],$this->getRecordAttr('id'),$arr['transaction_id']));

		# Record new transaction ID
		} else {
			# Create the invoice memo
			# @todo should get the account_id
			$rs = $db->Execute(
				sqlInsert($db,'invoice_memo',
					array('date_orig'=>time(),'invoice_id'=>$invoice['id'],'account_id'=>null,
						'type'=>'postback','memo'=>sprintf('%s-%s',$this->getRecordAttr('id'),$arr['transaction_id']))));

			if (! $rs)
				$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());

			$io = new invoice($invoice['id']);

			# Update the invoice approval status
			if (! isset($arr['status']) || ! $arr['status']) {
				$rs = $db->Execute(
					sqlInsert($db,'invoice_memo',
						array('date_orig'=>time(),'invoice_id'=>$invoice['id'],
							'account_id'=>null,'type'=>'void','memo'=>sprintf('%s: %s-%s',_('Voided due to postback'),$this->getRecordAttr('id'),$arr['transaction_id']))));

				if (! $rs)
					$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());

				# Void
				$io->voidInvoice(array('id'=>$invoice['id']));

			} else {
				# Check the items, see if there is a payment fee to add to the invoice
				if (isset($arr['items']) && is_array($arr['items'])) {
					include_once(PATH_MODULES.'invoice_item/invoice_item.inc.php');

					foreach ($arr['items'] as $k => $v) {
						if (isset($v['item_number']) && $v['item_number'] == 'PAYFEE') {
							$ito = new invoice_item();

							$ito->setRecordAttr('invoice_id',$invoice['id']);
							$ito->setRecordAttr('account_id',0);
							$ito->setRecordAttr('service_id',null);
							$ito->setRecordAttr('charge_id',null);
							$ito->setRecordAttr('product_name',sprintf('Payment Fee: %s',$this->getRecordAttr('name')));
							$ito->setRecordAttr('product_id',null);
							$ito->setRecordAttr('product_attr',null);
							$ito->setRecordAttr('product_attr_cart',null);
							$ito->setRecordAttr('sku','PAYFEE');
							$ito->setRecordAttr('quantity',1);
							$ito->setRecordAttr('item_type',0);
							$ito->setRecordAttr('price_setup',0);
							$ito->setRecordAttr('domain_name',null);
							$ito->setRecordAttr('domain_tld',null);
							$ito->setRecordAttr('domain_type',null);
							$ito->setRecordAttr('domain_term',null);
							$ito->setRecordAttr('price_type',null);
							$ito->setRecordAttr('recurring_schedule',null);
							$ito->setRecordAttr('date_start',null);
							$ito->setRecordAttr('date_stop',null);
							$ito->setRecordAttr('price_base',$v['mc_gross_']);
							# @todo need to retro work out the tax amount.
							$ito->setRecordAttr('tax_amt',0);
							$item = $ito->sql_SaveRecord();

							$io->setRecordAttr('total_amt',$io->getRecordAttr('total_amt')+$ito->getRecordAttr('total_amt'));
							$io->setRecordAttr('tax_amt',$io->getRecordAttr('tax_amt')+$ito->getRecordAttr('tax_amt'));
						}
					}
				}

				$io->setRecordAttr('billing_status',$this->billing_status);
				$io->setRecordAttr('checkout_plugin_id',$this->getRecordAttr('id'));
				$io->setRecordAttr('checkout_plugin_data',$this->subscription_id);
				$io->setRecordAttr('billed_amt',$this->billed_amt);
				$io->setRecordAttr('actual_billed_amt',$this->actual_billed_amt);
				$io->setRecordAttr('actual_billed_currency_id',$this->actual_billed_currency_id);
				$rs = $io->sql_SaveRecord();

				# If the payment module is installed, record the payment item.
				if ($C_list->is_installed('payment')) {
					include_once(PATH_MODULES.'payment/payment.inc.php');
					include_once(PATH_MODULES.'payment_item/payment_item.inc.php');

					$po = new payment();

					$po->setRecordAttr('account_id',$io->getRecordAttr('account_id'));
					$po->setRecordAttr('date_payment',time());
					$po->setRecordAttr('checkout_plugin_id',$this->getRecordAttr('id'));
					$po->setRecordAttr('total_amt',$arr['amount']);
					$po->setRecordAttr('fees_amt',(isset($arr['fee']) ? $arr['fee'] : 0));
					$po->setRecordAttr('notes',print_r($_POST,true));
					$po->setRecordAttr('source_id',$io->getRecordAttr('account_id'));
					$pid = $po->sql_SaveRecord(true);
					$po->sql_LoadRecord($pid);

					# Mark this payment pending
					# @todo Make this a global configuration option to auto mark payments as pending, so they can be reviewed.
					$po->setRecordAttr('pending_status',1);
					$po->sql_SaveRecord();

					$pio = new payment_item();

					$pio->setRecordAttr('payment_id',$pid);
					$pio->setRecordAttr('invoice_id',$io->getRecordAttr('id'));
					$pio->setRecordAttr('alloc_amt',$arr['amount']);
					$pio->sql_SaveRecord();
				}

				# Approve
				$io->autoApproveInvoice($invoice['id']);

				# User invoice payment confirmation
				include_once(PATH_MODULES.'email_template/email_template.inc.php');
				$email = new email_template;
				$email->send('invoice_paid_user',$invoice['account_id'],$invoice['id'],DEFAULT_CURRENCY,'');

				# Admin alert of payment processed
				$email = new email_template;
				$email->send('admin->invoice_paid_admin',$invoice['account_id'],$invoice['id'],DEFAULT_CURRENCY,'');
			}
		}

		return true;
	}

	/**
	 * Display Checkout Data Form
	 */
	function checkoutoption($VAR) {
		global $VAR,$C_translate,$C_auth,$C_vars,$smarty;

		if (SESS_LOGGED != '1') {
			$smarty->assign('plugin_template',false);
			return false;
		}

		# Normal checkout
		$db = &DB();
		$rs = $db->Execute(sqlSelect($db,'checkout','*',array('id'=>$VAR['option'])));
		if (! $rs || $rs->RecordCount() == 0) {
			$smarty->assign('plugin_template',false);
			return false;
		}

		# Determine account id
		if (! empty($VAR['account_id']) && $C_auth->auth_method_by_name('checkout','admin_checkoutnow')) {
			$this->account_id = $VAR['account_id'];
			$this->admin_view = true;
		} else {
			$this->account_id=SESS_ACCOUNT;
		}

		# Set account options && seed VAR with defaults
		if (empty($VAR['detailsnocopy'])) {
			$acct = $db->Execute(sqlSelect($db,'account','first_name,last_name,address1,address2,city,state,zip,country_id,email,company',array('id'=>$this->account_id)));

			if ($acct && $acct->RecordCount())
				foreach ($acct->fields as $key=>$val)
					if(!is_numeric($key) && empty($VAR[$key]))
						$VAR[$key]=stripslashes($acct->fields[$key]);
		}

		$C_vars->strip_slashes_all();
		$smarty->assign('VAR',$VAR);
		$smarty->assign('plugin_template','checkout_plugin:plugin_ord_'.$rs->fields['checkout_plugin']);
	}

	public function tpl_get_plugindata($VAR) {
		global $smarty;

		# Normal checkout
		$db = &DB();
		$rs = $db->Execute(sqlSelect($db,'checkout','plugin_data',array('id'=>$VAR['checkout_id'])));
		if ($rs || $rs->RecordCount() == 1)
			$smarty->assign('plugin_data',$rs->fields['plugin_data']);
	}
}
?>