X-Cart forums - View Single Post - Credit Card Type +Last 4 digits on HTML Invoice

carpeperdiem · #10 07-30-2006, 04:18 PM

Not so fast....

The on-screen oder confirmation is perfect, HOWEVER...

SQL error email to admin:

Code:

SQL query   : SELECT details FROM xcart_orders WHERE orderid = 
Error code  : 1064
Description :

You have an error in your SQL syntax.  Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Backtrace   :
/xcart/include/func.php:121
/xcart/include/func.php:80
/xcart/include/func.php:187
/xcart/templates_c/%%E6^E62^E6283DF6%%order_invoice.tpl.php:82
/xcart/templates_c/%%E6^E62^E6283DF6%%order_invoice.tpl.php:122
/xcart/Smarty-2.6.9/Smarty.class.php:1861
/xcart/templates_c/%%43^431^431F4BBB%%order_customer.tpl.php:26
/xcart/Smarty-2.6.9/Smarty.class.php:1861
/xcart/templates_c/%%6E^6EF^6EF88A98%%html_message_template.tpl.php:6
/xcart/Smarty-2.6.9/Smarty.class.php:1258
/xcart/include/templater/templater.php:60
/xcart/include/func.php:5286
/xcart/include/func.php:332
/xcart/include/func.php:3144
/xcart/payment/payment_cc.php:151

email notification to customer:

Code:

Order status: Queued
Payment method:
Credit Card INVALID SQL: 0 : 
SQL QUERY FAILURE: SELECT details FROM xcart_orders WHERE orderid = 
: N/A
xxN/A

AND email notification to the admin had the full credit card number...

Hmm....

Any ideas?

order_invoice.tpl is now:

Code:

{* $Id: order_invoice.tpl,v 1.14.2.16 2005/11/17 08:41:18 max Exp $ *}
{if $customer ne ''}{assign var="_userinfo" value=$customer}{else}{assign var="_userinfo" value=$userinfo}{/if}
{config_load file="$skin_config"}
{if $is_nomail ne 'Y'}
{literal}
<STYLE type="text/css">
BODY {
	MARGIN-TOP: 10px; 
	FONT-SIZE: 12px; 
	MARGIN-LEFT: 10px; 
	FONT-FAMILY: arial,helvetica,sans-serif
}
TD {
	FONT-SIZE: 12px; 
	FONT-FAMILY: arial,helvetica,sans-serif
}
TH {
	FONT-SIZE: 13px; 
	FONT-FAMILY: arial,helvetica,sans-serif
}
H1 {
    FONT-SIZE: 20px
}
</STYLE>
{/literal}



{/if}
<TABLE cellSpacing="0" cellPadding="0" width="{if $is_nomail eq 'Y'}100%{else}600{/if}" border="0" bgColor="#ffffff" color="#000000">
<TR>
	<TD>
	<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
	<TR>
		<TD valign="top">

[img]{$ImagesDir}/companyname_small.gif[/img]</TD>
		<TD width="100%">
		<TABLE cellSpacing="0" cellPadding="2" width="100%" border="0">
		<TR>
			<TD width="30"></TD>
			<TD vAlign="top">
<FONT style="FONT-SIZE: 28px"><B style="text-transform: uppercase;">{$lng.lbl_invoice}[/b]</FONT>



{$lng.lbl_date}: {$order.date|date_format:$config.Appearance.datetime_format}
{$lng.lbl_order_id}: #{$order.orderid}
{$lng.lbl_order_status}: {include file="main/order_status.tpl" status=$order.status mode="static"}

{$lng.lbl_payment_method}:


{* BEGIN remove credit card ex-last 4 mod *}
{* {$order.payment_method} *}
{assign var="paren" value=$order.payment_method|strpos:' ('}
{assign var="paymentMethod" value=$order.payment_method|substr:0:$paren}

{$paymentMethod}

{if $paymentMethod eq 'Credit Card'}
   {php}
         
   #
   # Custom function by moneysaver67
   # Retrieve Order details (decrypted) from table by Order ID
   #
      
   if( !function_exists( 'func_order_details' ) )
   {
      
      function func_order_details( $orderid )
      {
          global $sql_tbl;
          // Grab the encrypted details
             
          if( empty( $orderid ) ) $orderid = $GLOBALS[secure_oid][0];             
             
          $sql_orders = func_query_first("SELECT details FROM $sql_tbl[orders] WHERE orderid = $orderid");
         
          // Return decrypted details
          return text_decrypt( $sql_orders['details'] );
      }
   
   }
   
   
   #
   # Custom function by moneysaver67
   # Parse out the info after a given label
   #
   if( !function_exists( 'parseAfterLabel' ) )
   {
      function parseAfterLabel( $label, $details )
      {
         // Force to one line
         $details = preg_replace( '/\n/',' ', $details );

         if( !stristr( $details, $label ) )
         {   
            $return = 'N/A';
         }
         else
         {         
            $pattern = '/^.*'.$label.'\s{0,}(.*)\s{0,}.*$/i';
            $chunk = preg_replace( $pattern, '${1}', $details );

            // return everything prior to first space (auth code)
            $return = substr( $chunk, 0, strpos( $chunk, ' ' ) );      
         }
         return $return;
      }         
   }   
   
   
   // Do you store CC info in the details column?
   if( $GLOBALS[store_cc] )
   {
      $dec_details = func_order_details( $GLOBALS[orderid] );
      $cc_num = parseAfterLabel( 'Card number:', $dec_details );      
      $cc_mask = str_repeat( 'x', strlen( $cc_num ) );
      $cc_mask = substr( $cc_mask, 0, strlen( $cc_mask ) -4 ) . substr( $cc_num, -4, 4 );
      
      echo ': ' . parseAfterLabel( 'Card type:', $dec_details ) . '
' . $cc_mask;
   }


   {/php}
{/if}
{* END remove credit card ex-last 4 mod *}



{$lng.lbl_delivery}:{$order.shipping|trademark|default:$lng.txt_not_available}
			</TD>
			<TD vAlign="bottom" align="right">
{$config.Company.company_name}
{$config.Company.location_address}

									 {$config.Company.location_city},{$config.Company.location_state}{$config.Company.location_zipcode}

									
{$config.Company.location_country_name}

{if $config.Company.company_phone}{$lng.lbl_phone_1_title}: {$config.Company.company_phone}
{/if}
{if $config.Company.company_phone_2}{$lng.lbl_phone_2_title}: {$config.Company.company_phone_2}
{/if}
{if $config.Company.company_fax}{$lng.lbl_fax}: {$config.Company.company_fax}
{/if}
{if $config.Company.orders_department}{* {$lng.lbl_email}: *}{$config.Company.orders_department}
{/if}
{if $order.applied_taxes}


{foreach from=$order.applied_taxes key=tax_name item=tax}
{$tax.regnumber}

{/foreach}
{/if}
			</TD>
		</TR>
		</TABLE>
		</TD>
	</TR>
	</TABLE>
	<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
	<TR>
		<TD>[img]{$ImagesDir}/spacer.gif[/img]</TD>
	</TR>
	<TR>
		<TD bgcolor="#000000">[img]{$ImagesDir}/spacer_black.gif[/img]</TD>
	</TR>
	<TR>
		<TD>[img]{$ImagesDir}/spacer.gif[/img]</TD>
	</TR>
	</TABLE>
	

{* BEGIN FORMATTING MOD *}	
<TABLE cellSpacing="0" cellPadding="0" width="45%" border="0">
{if $_userinfo.default_fields.company}
	<TR>
		<TD>{$lng.lbl_company}:</TD>
		<TD>{$order.company}</TD>
	</TR>
{/if}
{if $_userinfo.default_fields.firstname}
	<TR>
		<TD noWrap>Name:</TD>
		<TD>{$order.firstname} {$order.lastname}</TD>
	</TR>			
{/if}
{if $_userinfo.default_fields.lastname}

{/if}
{if $_userinfo.default_fields.phone}
<TR>
		<TD>{$lng.lbl_phone}:</TD>
		<TD>{$order.phone}</TD>
	</TR>
{/if}
{if $_userinfo.default_fields.fax}
	<TR>
<TD>{$lng.lbl_fax}:</TD>
		<TD>{$order.fax}</TD>
	</TR>
{/if}
{if $_userinfo.default_fields.email}
	<TR>
		<TD>{$lng.lbl_email}:</TD>
		<TD>{$order.email}</TD>
	</TR>
{/if}
{if $_userinfo.default_fields.url}
	<TR>
		<TD>{$lng.lbl_url}:</TD>
		<TD>{$order.url}</TD>
	</TR>
{/if}
{foreach from=$_userinfo.additional_fields item=v}
{if $v.section eq 'C' || $v.section eq 'P'}
	<TR>
		<TD>{$v.title}:</TD>
        <TD>{$v.value}</TD>
	</TR>
	{/if}
{/foreach}
	</TABLE>
	

	<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
	<TR>
		<TD width="45%" height="25">{$lng.lbl_billing_address}</TD>
		<TD width="10%"></TD>
		<TD width="45%" height="25">{$lng.lbl_shipping_address}</TD>
	</TR>
	<TR>
		<TD bgColor="#000000" height="2">[img]{$ImagesDir}/spacer_black.gif[/img]</TD>
		<TD>[img]{$ImagesDir}/spacer.gif[/img]</TD>
		<TD bgColor="#000000" height="2">[img]{$ImagesDir}/spacer_black.gif[/img]</TD>
	</TR>
	<TR>
		<TD colSpan="3">[img]{$ImagesDir}/spacer.gif[/img]</TD>
	</TR>
	<TR>
		<TD>
		<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
{if $_userinfo.default_fields.firstname}
		<TR>
								<TD>{$order.b_firstname} {$order.b_lastname}</TD>
							</TR>
							
{/if}
{if $_userinfo.default_fields.lastname}

{/if}
{if $_userinfo.default_fields.b_address}

							<TR>
								<TD>{$order.b_address}
{$order.b_address_2}</TD>
							</TR>
{/if}
{if $_userinfo.default_fields.b_city}
		<TR>
								<TD>{$order.b_city},{$order.b_state}{$order.b_zipcode}</TD>
							</TR>
{/if}
{if $_userinfo.default_fields.b_county && $config.General.use_counties eq 'Y'}
		<TR>
								<TD>{$order.b_countyname}</TD>
							</TR>
							
{/if}
{if $_userinfo.default_fields.b_state}

{/if}
{if $_userinfo.default_fields.b_country}

							<TR>
								<TD>{$order.b_countryname}</TD>
							</TR>
							
{/if}
{if $_userinfo.default_fields.b_zipcode}

{/if}
{foreach from=$_userinfo.additional_fields item=v}
{if $v.section eq 'B'}

							<TR>
								<TD>{$v.value}</TD>
							</TR>
	{/if}
{/foreach}
		</TABLE>
		</TD>
		<TD></TD>
		<TD>
		<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
{if $_userinfo.default_fields.firstname}
		<TR>
								<TD>{$order.s_firstname} {$order.s_lastname}</TD>
							</TR>
							
{/if}
{if $_userinfo.default_fields.lastname}

{/if}
{if $_userinfo.default_fields.s_address}

							<TR>
								<TD>{$order.s_address}
{$order.s_address_2}</TD>
							</TR>
{/if}
{if $_userinfo.default_fields.s_city}
		<TR><TD>{$order.s_city},{$order.s_state}{$order.s_zipcode}</TD>
							</TR>
{/if}
{if $_userinfo.default_fields.s_county && $config.General.use_counties eq 'Y'}
		<TR>
								<TD>{$order.s_countyname}</TD>
							</TR>						
{/if}
{if $_userinfo.default_fields.s_state}
{/if}
{if $_userinfo.default_fields.s_country}
<TR>
								<TD>{$order.s_countryname}</TD>
							</TR>							
{/if}
{if $_userinfo.default_fields.s_zipcode}

{/if}
{foreach from=$_userinfo.additional_fields item=v}
{if $v.section eq 'S'}

							<TR>
								<TD>{$v.value}</TD>
							</TR>
	{/if}
{/foreach}
		</TABLE>
{* END FORMATTING MOD *}		
        </TD>
	</TR>

{assign var="is_header" value=""}
{foreach from=$_userinfo.additional_fields item=v}
{if $v.section eq 'A'}
{if $is_header eq ''}
<TR>
	<TD colspan="3"></TD>
</TR>
<TR>
	<TD width="45%" height="25">{$lng.lbl_additional_information}</TD>
	<TD colspan="2" width="55%"></TD>
</TR>
<TR>
	<TD bgColor="#000000" height="2">[img]{$ImagesDir}/spacer_black.gif[/img]</TD>
	<TD colspan="2" width="55%">[img]{$ImagesDir}/spacer.gif[/img]</TD>
</TR>
<TR>
	<TD colSpan="3">[img]{$ImagesDir}/spacer.gif[/img]</TD>
</TR>
<TR>
	<TD><TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
{assign var="is_header" value="E"}
{/if}
<TR valign="top">
	<TD>{$v.title}</TD>
   	<TD>{$v.value}</TD>
</TR>
{/if}
{/foreach}
{if $is_header eq 'E'}
</TABLE></TD>
<TD colspan="2" width="55%"></TD>
</TR>
{/if}


{if $config.Email.show_cc_info eq "Y" and $show_order_details eq "Y"}

	<TR>
	<TD colspan="3"></TD>
	</TR>

	<TR>
	<TD width="45%" height="25">{$lng.lbl_order_payment_details}</TD>
	<TD colspan="2" width="55%"></TD>
	</TR>
	
	<TR>
	<TD bgColor="#000000" height="2">[img]{$ImagesDir}/spacer_black.gif[/img]</TD>
	<TD colspan="2">[img]{$ImagesDir}/spacer.gif[/img]</TD>
	<TR>
	<TD colSpan="3">[img]{$ImagesDir}/spacer.gif[/img]</TD>
	</TR>

	<TR>
	<TD colspan="3">{$order.details|replace:"\n":"
"}</TD>
	</TR>

{/if}
{if $order.netbanx_reference}
<TR>
	<TD colspan="3">NetBanx Reference: {$order.netbanx_reference}</TD>
</TR>
{/if}

	</TABLE>
	

	


{include file="mail/html/order_data.tpl"}

	</TD>
</TR>
{if $active_modules.Anti_Fraud eq '' && $show_order_details eq "Y" && ($usertype eq 'A' || ($usertype eq 'P' && $active_modules.Simple_Mode))}
<TR>
	<TD align="center">
{$lng.txt_warning_antifraud_disabled}
</TD>
</TR>
{/if}
<TR>
<TD align="center">

<FONT style="FONT-SIZE:12px">{$lng.txt_thank_you_for_purchase}</FONT></TD>
</TR>

</TABLE>