WebSVN – SmartDukaan – Diff – /trunk/DtrMobileAppDashboard/app/Controller/ShippingsController.php

 	 	$addressid = json_decode($this->request->data['addressid']);
 	 	$pincode = 0;
 		$cod = $this->request->query('cod');
 		$userId = $this->request->query('user_id');
-		if(isset($this->request->data->pincode)){
+		//Added token validation to ensure only user
-			$pincode = $this->request->data->pincode;
+	 	$tokenValidated = !Configure::read ( 'requireusercheck' ) || $this->checkToken($userId);
-		}
-		if($pincode==0 && isset($_COOKIE['s_pincode'])){
+		if(!empty($userId) && $tokenValidated==1){
-			$pincode = base64_decode($_COOKIE['s_pincode']);
-		}
-		$suserId = base64_decode($_COOKIE['s_id']);
+			$url = $this->getAutoLoginUrl($userId,$url);
-		$scartId = base64_decode($_COOKIE['s_cart']);
-		$semailId = base64_decode($_COOKIE['s_email']);
-		if(isset($_COOKIE['txn_comp'])) {
+			if(isset($this->request->data->pincode)){
-			unset($_COOKIE['txn_comp']);
-		}
-		if($cod==1){
-			$url = Configure::read('saholicapihost').'order?payment_option=3000&isLoggedIn=true&privateDealUser=true&userId='.$suserId.'&id='.$scartId.'&email='.$semailId.'&addressid='.$addressid;
-		 	if($pincode!='0'){
-				$url = $url.'&pinCode='.$pincode;
+				$pincode = $this->request->data->pincode;
+			}
+			if($pincode==0 && isset($_COOKIE['s_pincode'])){
+				$pincode = base64_decode($_COOKIE['s_pincode']);
+			}
+			$suserId = base64_decode($_COOKIE['s_id']);
+			$scartId = base64_decode($_COOKIE['s_cart']);
+			$semailId = base64_decode($_COOKIE['s_email']);
+			if(isset($_COOKIE['txn_comp'])) {
+				unset($_COOKIE['txn_comp']);
+			}
+			if($cod==1){
+				$url = Configure::read('saholicapihost').'order?payment_option=3000&isLoggedIn=true&privateDealUser=true&userId='.$suserId.'&id='.$scartId.'&email='.$semailId.'&addressid='.$addressid;
+			 	if($pincode!='0'){
+					$url = $url.'&pinCode='.$pincode;
+				}
-			$orderCreationResponse = $this->post_cartinfo_request($url, null);
+				$orderCreationResponse = $this->post_cartinfo_request($url, null);
-			//{"response":{"success":true,"redirectUrl":"pay-success?paymentId=998593"}}
+				//{"response":{"success":true,"redirectUrl":"pay-success?paymentId=998593"}}
-			$redirecturl = $orderCreationResponse['response']['redirectUrl'];
+				$redirecturl = $orderCreationResponse['response']['redirectUrl'];
-			if (strpos($redirecturl,'pay-success') === false) {
+				if (strpos($redirecturl,'pay-success') === false) {
-			    setcookie('txn_comp', 'no', -1, '/');
+				    setcookie('txn_comp', 'no', -1, '/');
-			} else {
+				} else {
-				$order_det = array();
+					$order_det = array();
-				$this->loadModel('Order');
+					$this->loadModel('Order');
-				$order_det['user_id'] = $this->Auth->User('id');
+					$order_det['user_id'] = $this->Auth->User('id');
-				$order_det['store_id'] = 4;
+					$order_det['store_id'] = 4;
-				$str = Configure::read('saholicauthurl');
+					$str = Configure::read('saholicauthurl');
-				$order_det['order_url'] = explode('/autologin/',$str)[0]."/".$redirecturl;
+					$order_det['order_url'] = explode('/autologin/',$str)[0]."/".$redirecturl;
-				$this->log(print_r($order_det,1),'ordersdet');
+					$this->log(print_r($order_det,1),'ordersdet');
-				$this->Order->create();
+					$this->Order->create();
-				if ($this->Order->save($order_det)) {
-					$id = $this->Order->getLastInsertID();
-					$order = $this->Order->find('first',array('conditions'=>array('id'=>$id),'recursive'=>-1));
-					$apihost = Configure::read('pythonapihost');
-					$url = $apihost."storeorder";
-					$this->log(print_r($url,1),'ordersdet');
-					$this->log(print_r($order,1),'ordersdet');
+					if ($this->Order->save($order_det)) {
-					$response = array();
-// 					$params = array('sourceId'=>$order['Order']['store_id'],'orderId'=>$order['Order']['id'],'subTagId'=>$order['Order']['sub_tag'],'userId'=>$order['Order']['user_id'],'rawHtml'=>$order['Order']['rawhtml'],'orderSuccessUrl'=>$order['Order']['order_url']);
+						$id = $this->Order->getLastInsertID();
-					if(!empty($order)) {
-						$params = array('sourceId'=>$order['Order']['store_id'],'orderId'=>$order['Order']['id'],'subTagId'=>$order['Order']['sub_tag'],'userId'=>$order['Order']['user_id'],'rawHtml'=>$order['Order']['rawhtml'],'orderSuccessUrl'=>$order['Order']['order_url']);
+						$order = $this->Order->find('first',array('conditions'=>array('id'=>$id),'recursive'=>-1));
-						$jsonVar = json_encode($params);
-						$response =  $this->make_request($url,$jsonVar);
+						$apihost = Configure::read('pythonapihost');
-					}else{
-						$result = array('success'=>false,'message'=>'Empty order array');
-						$response = $result;
-					}
-					$this->log(print_r('response',1),'ordersdet');
-					$this->log(print_r($response,1),'ordersdet');
-					if(!empty($response) && $response['result']) {
-						if($response['htmlRequired'] == 1) {
-							$this->loadModel('Rawhtml');
-							$data = array('order_id' => $order['Order']['id'],'url' => $response['url'], 'status' => 'new');
-							$this->Rawhtml->create();
+						$url = $apihost."storeorder";
-							$this->Rawhtml->save($data);
-							$this->log(print_r('insideif',1),'ordersdet');
-							$result =  $response;
-							$sql = "UPDATE orders SET status = '".$response['result']."' WHERE id = ".$order['Order']['id'];
-						}
-						else {
-							$result =array('success'=>true,'message'=> $response['result']);
-							$sql = "UPDATE orders SET status = '".$response['result']."' WHERE id = ".$order['Order']['id'];
-							$this->log(print_r('insideelse',1),'ordersdet');
-						}
-						$this->log(print_r($sql,1),'ordersdet');
-						$this->Order->query($sql);
+						$this->log(print_r($url,1),'ordersdet');
+						$this->log(print_r($order,1),'ordersdet');
+						$response = array();
+	// 					$params = array('sourceId'=>$order['Order']['store_id'],'orderId'=>$order['Order']['id'],'subTagId'=>$order['Order']['sub_tag'],'userId'=>$order['Order']['user_id'],'rawHtml'=>$order['Order']['rawhtml'],'orderSuccessUrl'=>$order['Order']['order_url']);
+						if(!empty($order)) {
-					}
+							$params = array('sourceId'=>$order['Order']['store_id'],'orderId'=>$order['Order']['id'],'subTagId'=>$order['Order']['sub_tag'],'userId'=>$order['Order']['user_id'],'rawHtml'=>$order['Order']['rawhtml'],'orderSuccessUrl'=>$order['Order']['order_url']);
+							$jsonVar = json_encode($params);
+							$response =  $this->make_request($url,$jsonVar);
+						}else{
+							$result = array('success'=>false,'message'=>'Empty order array');
+							$response = $result;
+						}
+						$this->log(print_r('response',1),'ordersdet');
+						$this->log(print_r($response,1),'ordersdet');
+						if(!empty($response) && $response['result']) {
+							if($response['htmlRequired'] == 1) {
+								$this->loadModel('Rawhtml');
+								$data = array('order_id' => $order['Order']['id'],'url' => $response['url'], 'status' => 'new');
+								$this->Rawhtml->create();
+								$this->Rawhtml->save($data);
+								$this->log(print_r('insideif',1),'ordersdet');
+								$result =  $response;
+								$sql = "UPDATE orders SET status = '".$response['result']."' WHERE id = ".$order['Order']['id'];
+							}
+							else {
+								$result =array('success'=>true,'message'=> $response['result']);
+								$sql = "UPDATE orders SET status = '".$response['result']."' WHERE id = ".$order['Order']['id'];
+								$this->log(print_r('insideelse',1),'ordersdet');
+							}
+							$this->log(print_r($sql,1),'ordersdet');
+							$this->Order->query($sql);
+						}
+					}
+				}
+				$this->layout = 'innerpages';
+				$next = $redirecturl;
+				$redirectUrl = $this->getAutoLoginUrl($userId,$next);
+				$this->log($redirectUrl,'headers');
+				$this->set(compact('redirectUrl','next'));
+			}else{
+				$dataGiven = json_decode($this->request->data['cart_details']);
+				$totalSkus= intval($dataGiven->totalSkus);
+				setcookie('txn_comp', 'no', -1, '/');
+				$this->layout = 'innerpages';
+				$next = "payment?cq=".$totalSkus.'&addressid='.$addressid;
+				$redirectUrl = $this->getAutoLoginUrl($userId,$next);
+				$this->log($redirectUrl,'headers');
+				$this->set(compact('redirectUrl','next'));
+			}
+		} else {
+			if($tokenValidated == 0){
+				$url = '/special/native/login';
+			}elseif($tokenValidated == -1){
+				$url = '/abouts/askforupdate';
+			}
-			$this->layout = 'innerpages';
-			$next = $redirecturl;
-			$redirectUrl = $this->getAutoLoginUrl($userId,$next);
-			$this->log($redirectUrl,'headers');
+			$this->redirect($url);
-			$this->set(compact('redirectUrl','next'));
-		}else{
-			$dataGiven = json_decode($this->request->data['cart_details']);
-			$totalSkus= intval($dataGiven->totalSkus);
-			setcookie('txn_comp', 'no', -1, '/');
-			$this->layout = 'innerpages';
-			$next = "payment?cq=".$totalSkus.'&addressid='.$addressid;
-			$redirectUrl = $this->getAutoLoginUrl($userId,$next);
-			$this->log($redirectUrl,'headers');
-			$this->set(compact('redirectUrl','next'));
+		}
+	 }
+}

Subversion Repositories SmartDukaan

(root)/trunk/DtrMobileAppDashboard/app/Controller/ShippingsController.php – Rev 18613 → 18619