diff --git a/modules/braderie/ajax.php b/modules/braderie/ajax.php index 250598f1..9766ae23 100644 --- a/modules/braderie/ajax.php +++ b/modules/braderie/ajax.php @@ -30,7 +30,7 @@ function getCategories() $id_sale = (int)Tools::getValue('sale', false); if (!$id_sale) { - http_response_code(500); + http_response_code(404); return Tools::displayError('Catégorie invalide'); } @@ -49,12 +49,12 @@ function getProductId() $ean = (float)Tools::getValue('ean', false); if (!$ean) { - http_response_code(500); + http_response_code(404); return Tools::displayError('Code EAN invalide'); } if (!is_float($ean)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('Code EAN invalide'); } @@ -146,7 +146,7 @@ function getProductId() } return $result; } else { - http_response_code(500); + http_response_code(404); return Tools::displayError('Aucun produit trouvé'); } } @@ -155,31 +155,31 @@ function addToSellout() { $parent_category = (int)Tools::getValue('parent_category', false); if (!$parent_category || !is_int($parent_category)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('La catégorie principale n\'est pas valide'); } $category = (int)Tools::getValue('category', false); if (!$category || !is_int($category)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('La catégorie n\'est pas valide'); } $product_id = (int)Tools::getValue('product', false); if (!$product_id || !is_int($product_id)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('Le produit n\'est pas valide'); } $quantity = (int)Tools::getValue('quantity', false); if (!$quantity || !is_int($quantity)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('La quantitée n\'est pas valide'); } $storage = Tools::getValue('storage'); if (empty($storage)) { - http_response_code(500); + http_response_code(404); return Tools::displayError('L\'emplacement n\'est pas valide'); } diff --git a/modules/fraud/models/FraudCore.php b/modules/fraud/models/FraudCore.php index eb24a7c3..37bb19d1 100755 --- a/modules/fraud/models/FraudCore.php +++ b/modules/fraud/models/FraudCore.php @@ -9,8 +9,8 @@ class FraudCore { private $fraud_score = 0; private $fraud_report = array(); private $delivery_country; - private $invoice_country; - + private $invoice_country; + public function __construct(Order $order) { if( !Validate::isLoadedObject($order) ) { return false; @@ -27,7 +27,7 @@ class FraudCore { if( !Validate::isLoadedObject($this->order) ) { throw new Exception("this->order is not an object"); return false; - } + } $this->fraudAccount(); $this->fraudAdresses(); $this->fraudEmail(); @@ -45,7 +45,7 @@ class FraudCore { } /** - * Tools fraud + * Tools fraud **/ private function fraudAccount() { $account_today = time() - strtotime($this->customer->date_add) < 86400; @@ -58,10 +58,10 @@ class FraudCore { $time_warn? $this->fraud_report[] = 'Commande de nuit (+20)': TRUE; $lower_warn? $this->fraud_report[] = 'Nom en minuscules (+20)': TRUE; $name_warn? $this->fraud_report[] = 'Nom fraudeur ou anormal (+100)': TRUE; - + $this->fraud_score = $account_today * 50 + $time_warn * 20 + $lower_warn * 20 + $name_warn * 100; } - + private function fraudAdresses() { $this->delivery_country = (int) Db::getInstance()->getValue(' SELECT `id_country` @@ -73,7 +73,7 @@ class FraudCore { FROM `'._DB_PREFIX_.'address` WHERE `id_address` = '.(int) $this->cart->id_address_invoice.' '); - + // restriction or France, Espagne, Belgique $foreign_delivery = ($this->delivery_country != 8 && $this->delivery_country != 6 && $this->delivery_country != 3); @@ -106,7 +106,7 @@ class FraudCore { $delivery_dpt_risk ? $this->fraud_report[] = 'Livraison département à risque (75,92,93) (+30)': TRUE; $foreign_delivery? $this->fraud_report[] = 'Livraison à l\'étranger (+50)': TRUE; $foreign_invoice? $this->fraud_report[] = 'Facturation à l\'étranger (+50)': TRUE; - $delivery_warn? $this->fraud_report[] = 'Livraison hors domicile (+20)': TRUE; + $delivery_warn? $this->fraud_report[] = 'Livraison hors domicile (+20)': TRUE; $this->fraud_score += $foreign_delivery * 50 + $foreign_invoice * 50 + $delivery_warn * 20; } @@ -124,7 +124,7 @@ class FraudCore { private function fraudConnexion() { $data = Db::getInstance()->getRow(' - SELECT * + SELECT * FROM `ps_cart_fraud` WHERE `id_cart` = '. (int)$this->cart->id); @@ -138,8 +138,8 @@ class FraudCore { $ip_foreign? $this->fraud_report[] = 'IP étrangère (+50)': TRUE; $ip_alert? $this->fraud_report[] = 'IP étrangère dans un pays en liste grise (+200)': TRUE; $freewifi? $this->fraud_report[] = 'Utilisation de Free Wifi (+50)': TRUE; - - $this->fraud_score += $proxy * 20 + $ip_foreign * 200 + $ip_alert * 50 + $freewifi * 50; + + $this->fraud_score += $proxy * 20 + $ip_foreign * 200 + $ip_alert * 50 + $freewifi * 50; } } @@ -198,7 +198,7 @@ class FraudCore { WHERE `id_customer` = '.(int) $this->customer->id.' AND `valid` = 1 '); - + $has_invite = (bool) (int) Db::getInstance()->getValue(' SELECT `id_invite` FROM `'._DB_PREFIX_.'invite` @@ -233,17 +233,17 @@ class FraudCore { { $already_fraud = Db::getInstance()->getValue(' SELECT COUNT(h.`id_order`) - FROM `'._DB_PREFIX_.'order_history` h + FROM `'._DB_PREFIX_.'order_history` h LEFT JOIN `'._DB_PREFIX_.'orders` o on h.`id_order` = o.`id_order` - WHERE o.`id_customer` = '.(int) $this->customer->id.' + WHERE o.`id_customer` = '.(int) $this->customer->id.' AND h.`id_order_state` IN (15,16,18) '); - + $already_suspect = Db::getInstance()->getValue(' SELECT COUNT(rep.`id_cart`) - FROM `'._DB_PREFIX_.'order_reputation` rep + FROM `'._DB_PREFIX_.'order_reputation` rep LEFT JOIN `'._DB_PREFIX_.'cart` c ON c.`id_cart` = rep.`id_cart` - WHERE c.`id_customer` = '.(int) $this->customer->id.' + WHERE c.`id_customer` = '.(int) $this->customer->id.' AND rep.`score` > 100 '); @@ -255,7 +255,7 @@ class FraudCore { // Adding from 23/02/2016 $already_suspect_by_names = Db::getInstance()->getValue(' SELECT COUNT(rep.`id_cart`) - FROM `'._DB_PREFIX_.'order_reputation` rep + FROM `'._DB_PREFIX_.'order_reputation` rep LEFT JOIN `'._DB_PREFIX_.'cart` c ON c.`id_cart` = rep.`id_cart` LEFT JOIN `'._DB_PREFIX_.'customer` cu ON cu.`id_customer` = c.`id_customer` WHERE cu.`firstname` = "'.pSQL($this->customer->firstname).'" @@ -266,7 +266,7 @@ class FraudCore { $already_fraud_by_names = Db::getInstance()->getValue(' SELECT COUNT(h.`id_order`) - FROM `'._DB_PREFIX_.'order_history` h + FROM `'._DB_PREFIX_.'order_history` h LEFT JOIN `'._DB_PREFIX_.'orders` o on h.`id_order` = o.`id_order` LEFT JOIN `'._DB_PREFIX_.'customer` cu ON cu.`id_customer` = o.`id_customer` WHERE cu.`firstname` = "'.pSQL($this->customer->firstname).'" @@ -291,28 +291,42 @@ class FraudCore { ); } - + public static function validOrder($id_order) { $id_cart = Order::getCartIdStatic($id_order); $order = new Order($id_order); - $sql = 'UPDATE `'._DB_PREFIX_.'order_reputation` - SET pass = 1 + $sql = 'UPDATE `'._DB_PREFIX_.'order_reputation` + SET pass = 1 WHERE id_cart = '. (int)$id_cart; - + if (Db::getInstance()->execute($sql)) { Db::getInstance()->execute(' UPDATE - `'._DB_PREFIX_.'reputation` - SET `score` = 0 + `'._DB_PREFIX_.'reputation` + SET `score` = 0 WHERE `id_customer` = '.(int)$order->id_customer ); Db::getInstance()->execute(' - DELETE FROM - `'._DB_PREFIX_.'order_history` - WHERE `id_order` = '. (int)$id_order + DELETE FROM + `'._DB_PREFIX_.'order_history` + WHERE `id_order` = '. (int)$id_order .' AND `id_order_state` = 18' ); + + $id_order_state = $order->getCurrentState(); + Db::getInstance()->ExecuteS(' + INSERT INTO `'._DB_PREFIX_.'order_state_current` + VALUES ( + '.(int) $id_order.', + '.(int) $id_order_state.', + NOW() + ) + ON DUPLICATE KEY UPDATE + `id_order_state` = '.(int) $id_order_state.', + `date_upd` = NOW() + '); + return TRUE; } else { return FALSE; @@ -391,7 +405,7 @@ class FraudCore { } else{ $foreignip_warn = false; } - + $foreignip_alert = is_object($record) ? ( in_array($record->country_code, array(