* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. */ /** * \file idsconnect/launch.php * \ingroup idsconnect * \brief Launcher - generiert und sendet IDS Connect Formular zum Großhandels-Shop */ // Dolibarr laden $res = 0; if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; } $tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; } if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; } if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; } if (!$res && file_exists("../main.inc.php")) { $res = @include "../main.inc.php"; } if (!$res && file_exists("../../main.inc.php")) { $res = @include "../../main.inc.php"; } if (!$res) { die("Include of main fails"); } dol_include_once('/idsconnect/class/idsconnect.class.php'); dol_include_once('/idsconnect/class/idssupplier.class.php'); dol_include_once('/idsconnect/lib/idsconnect.lib.php'); /** * @var Conf $conf * @var DoliDB $db * @var Translate $langs * @var User $user */ $langs->loadLangs(array("idsconnect@idsconnect")); // Berechtigungsprüfung if (!$user->hasRight('idsconnect', 'use')) { accessforbidden(); } // Parameter $supplier_id = GETPOSTINT('supplier_id'); $action = GETPOST('ids_action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); $confirm_wks = GETPOST('confirm_wks', 'alpha'); $fk_commande = GETPOSTINT('fk_commande'); // Validierung if (empty($supplier_id) || empty($action)) { setEventMessages($langs->trans("IdsconnectMissingParams"), null, 'errors'); header('Location: '.DOL_URL_ROOT.'/custom/idsconnect/idsconnectindex.php'); exit; } // CSRF-Schutz für den Launch if (!verifCond(GETPOST('token', 'alpha') == newToken())) { accessforbidden('Bad CSRF token'); } // Großhändler laden $supplier = new IdsSupplier($db); $result = $supplier->fetch($supplier_id); if ($result <= 0) { setEventMessages($langs->trans("IdsconnectSupplierNotFound"), null, 'errors'); header('Location: '.DOL_URL_ROOT.'/custom/idsconnect/idsconnectindex.php'); exit; } // Prüfen ob der Großhändler aktiv ist if (!$supplier->active) { setEventMessages($langs->trans("IdsconnectSupplierInactive"), null, 'errors'); header('Location: '.DOL_URL_ROOT.'/custom/idsconnect/idsconnectindex.php'); exit; } // IDS Connect initialisieren $idsconnect = new IdsConnect($db); $testmode = $idsconnect->isTestMode($supplier); // Bestätigungsseite bei Live-Modus (extra Sicherheit) if (!$testmode && $confirm !== 'yes') { llxHeader('', $langs->trans("IdsconnectLaunchConfirm")); print '

'; print '

'.$langs->trans("IdsconnectLaunchConfirmTitle").'

'; print '

'.$langs->trans("IdsconnectLaunchConfirmWarning").'

'; print '

'.$langs->trans("IdsconnectLaunchConfirmText", $supplier->label, $action).'

'; print '
'; $confirm_url = $_SERVER['PHP_SELF'].'?supplier_id='.$supplier_id.'&ids_action='.urlencode($action).'&confirm=yes&token='.newToken(); if ($fk_commande > 0) { $confirm_url .= '&fk_commande='.$fk_commande; } print ''.$langs->trans("Confirm").''; print ' '; print ''.$langs->trans("Cancel").''; print '

'; llxFooter(); $db->close(); exit; } // Zusätzliche Parameter sammeln $extra = array(); if (!empty(GETPOST('artikelnr', 'alphanohtml'))) { $extra['artikelnr'] = GETPOST('artikelnr', 'alphanohtml'); } if (!empty(GETPOST('target', 'alpha'))) { $extra['target'] = GETPOST('target', 'alpha'); } // Bei WKS: Bestellpositionen aus Dolibarr-Bestellung als Warenkorb-XML generieren $cart_lines = array(); if ($action === 'WKS' && $fk_commande > 0) { require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.commande.class.php'; $order = new CommandeFournisseur($db); $order->fetch($fk_commande); $order->fetch_lines(); if (count($order->lines) > 0) { $cart_lines = array(); foreach ($order->lines as $line) { $cart_lines[] = array( 'artikelnr' => $line->ref_supplier ?: ($line->product_ref ?: ''), 'bezeichnung' => $line->desc ?: ($line->product_label ?: ''), 'menge' => $line->qty, 'einheit' => 'PCE', 'einzelpreis' => $line->subprice, 'mwst_satz' => $line->tva_tx, ); } $extra['warenkorb'] = $idsconnect->buildCartXml($cart_lines); } else { setEventMessages('Bestellung hat keine Positionen', null, 'errors'); header('Location: '.DOL_URL_ROOT.'/fourn/commande/card.php?id='.$fk_commande); exit; } } elseif (!empty(GETPOST('warenkorb', 'none'))) { $extra['warenkorb'] = GETPOST('warenkorb', 'none'); } // WKS-PIN prüfen wenn Bestätigung kommt if ($action === 'WKS' && $confirm_wks === 'yes') { $stored_hash = getDolGlobalString('IDSCONNECT_WKS_PIN'); if (!empty($stored_hash)) { $pin = GETPOST('wks_pin', 'none'); if (empty($pin) || !password_verify($pin, $stored_hash)) { setEventMessages($langs->trans("IdsconnectWksPinWrong"), null, 'errors'); $confirm_wks = ''; // Bestätigungsseite erneut zeigen } } } // WKS-Bestätigung: Bestellinhalt prüfen bevor gesendet wird if ($action === 'WKS' && !empty($cart_lines) && $confirm_wks !== 'yes') { $wks_warn_qty = getDolGlobalInt('IDSCONNECT_WKS_WARN_QTY', 100); $wks_warn_value = (float) getDolGlobalString('IDSCONNECT_WKS_WARN_VALUE', '10000'); llxHeader('', $langs->trans("IdsconnectWksConfirmTitle"), '', '', 0, 0, '', '', '', 'mod-idsconnect page-wks_confirm'); print load_fiche_titre($langs->trans("IdsconnectWksConfirmTitle"), '', 'fa-paper-plane'); idsconnectShowTestModeBanner(); // Info-Box print '

'; print ''.$langs->trans("IdsconnectWksConfirmInfo", $supplier->label).''; print '

'; // Artikeltabelle print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; $total = 0; $warnings = array(); foreach ($cart_lines as $item) { $line_total = (float) $item['menge'] * (float) $item['einzelpreis']; $total += $line_total; $qty_warn = ((float) $item['menge'] > $wks_warn_qty); if ($qty_warn) { $warnings[] = $langs->trans("IdsconnectWksWarnQtyLine", $item['artikelnr'], (float) $item['menge'], $wks_warn_qty); } print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; } print ''; print ''; print ''; print ''; print '

'.$langs->trans("IdsconnectCartArticleNr").'	'.$langs->trans("IdsconnectCartDescription").'	'.$langs->trans("IdsconnectCartQty").'	'.$langs->trans("IdsconnectCartUnit").'	'.$langs->trans("IdsconnectCartUnitPrice").'	'.$langs->trans("IdsconnectCartTotalPrice").'
`'.htmlspecialchars($item['artikelnr']).'`	'.htmlspecialchars($item['bezeichnung']).'	'.($qty_warn ? '' : '').((float) $item['menge']).($qty_warn ? '' : '').'	'.htmlspecialchars($item['einheit']).'	'.price($item['einzelpreis']).'	'.price($line_total).'
'.$langs->trans("Total").'					'.price($total).'

'; // Wertwarnung if ($total > $wks_warn_value) { $warnings[] = $langs->trans("IdsconnectWksWarnValue", price($total), price($wks_warn_value)); } // Warnungen anzeigen if (!empty($warnings)) { print '

'; print ''.$langs->trans("IdsconnectWksWarningTitle").'
'; foreach ($warnings as $w) { print '- '.$w.'
'; } print '

'; } // Formular mit PIN-Eingabe und Absenden print ''; llxFooter(); $db->close(); exit; } // Bei WKS: Bestellstatus auf "Bestellt" setzen if ($action === 'WKS' && $fk_commande > 0 && isset($order) && $order->id > 0) { if ($order->statut == CommandeFournisseur::STATUS_ACCEPTED) { $order->commande($user, dol_now(), 0); dol_syslog("IDS Connect: Bestellstatus auf 'Bestellt' gesetzt für Bestellung #".$order->id, LOG_INFO); } } // Formular generieren $result = $idsconnect->buildLaunchForm($supplier, $action, $user, $extra); if ($result === false) { setEventMessages($idsconnect->error, null, 'errors'); header('Location: '.DOL_URL_ROOT.'/custom/idsconnect/idsconnectindex.php'); exit; } // Testmodus-Hinweis loggen if ($result['testmode']) { dol_syslog("IDS Connect Launch: TESTMODUS aktiv - Verbindung geht zum Mock-Server", LOG_INFO); } // HTML-Formular direkt ausgeben (leitet zum Shop weiter) header('Content-Type: text/html; charset=UTF-8'); echo $result['html']; exit;