在将订单放入数据库后执行Observer sales_order_place_after

时间:2013-06-10 09:38:32

标签: php magento zend-framework mage

我正在创建一个Magento插件,我在其中创建了一个Observer脚本,我获取了订单信息和产品信息,以便向magento之外的API发出请求。问题是,当脚本执行时,Magento尚未将数据放入数据库。简单地将脚本暂停x秒并没有帮助(当然)因为整个系统都停止了。

这是我的代码:

<?php
//require_once("DelayedDatabaseAccess.php");

class Plesents_Plugin_Model_Observer {
    public function plesentsRedirect(Varien_Event_Observer $obs) {
        //require_once("DelayedDatabaseAccess.php");
        ob_start();


        $data = $obs->getEvent()->getOrder()->getData();
        $ent_id = $data['entity_id'];
        mail("jeffhuys@gmail.com", "Yeah!", $data['increment_id'] . " || " .     $data['entity_id'] . ".. Waiting 10 seconds..");

        //$data = $obs->getEvent()->getOrder()->getData();
        //$result = ob_get_clean();


        //$ent_id = $data['entity_id'];
        //$ent_id = $_POST['entity_id'];


        //DB Connectie voor DB Magento
        $con =  mysql_connect("xxxx", "xxxx", "xxxx");
                mysql_select_db("xxxx");

        // Query voor dataopvraag
        // TODO pas hier enorm op! Volgens mij is dit SQL-injectie-gevoelig!!!!
        // Stel dat iemand als email "jeffhuys@gmail.com' DROP TABLE x" doet, bam.
        echo($ent_id);
        $sql = "SELECT o.base_subtotal, o.increment_id, o.customer_email,     o.customer_firstname, o.customer_lastname, o.shipping_amount FROM mag1_sales_flat_order o,     mag1_sales_flat_order_item i, mag1_catalog_product_flat_1 f WHERE o.entity_id=i.order_id     AND o.entity_id='107' AND i.name=f.name ORDER BY o.increment_id LIMIT 1";

        $sql2 = "SELECT i.name, f.short_description, f.small_image FROM     mag1_sales_flat_order o, mag1_sales_flat_order_item i, mag1_catalog_product_flat_1 f WHERE     o.entity_id=i.order_id AND i.name=f.name AND o.entity_id='107' ORDER BY o.increment_id";

        echo($sql . "\n\n");
        echo($sql2 . "\n\n");

        $result  = mysql_query($sql);
        echo("  ERROR1?: " . mysql_error());
        $result2 = mysql_query($sql2);
        echo("  ERROR2?: " . mysql_error());

        echo("   ROWS:  " . mysql_num_rows($result));



        var_dump($result);

        // Static variabeles table: plesents_authentication
            $app_id = 3;
        $authentication_token = "xxxx";


        // Opbouw basis URL voor Plesents
        $plesentsurl ="http:/xxxxx/api/orders.json";

            //Resultaten uit Query in Array
        $row = mysql_fetch_array($result);
        echo("\n\nDATA:");
        var_dump($row);
        //var_dump($data);

        $row['base_subtotal']   = $row['base_subtotal'] * 100;
        $row['shipping_amount'] = $row['shipping_amount'] * 100;


        $sha1=sha1($app_id.$authentication_token.$row['base_subtotal'].$row['increment_id']."https://oege.ie.hva.nl/~hilgern001/magento/notify.php".$row['customer_firstname']." ".$row['customer_lastname'].$row['customer_email']);
    echo("Sha1 calc: " . $sha1);


        $httpacc = array(
          "authentication_token" => $authentication_token,
      "order" => array(
        "price_in_cents"     => $row['base_subtotal'],
        "notify_url"         => "https://xxxxx/magento/notify.php",
        "user_name"          => $row['customer_firstname']." ".$row['customer_lastname'],
        "user_email"         => $row['customer_email'],
        "order_id"           => $row['increment_id'],
        "test"               => true,
        "sha1"               => $sha1
        )
    );
    $product_lines = array();
        while($row2 = mysql_fetch_array($result2)) {
        $product_lines[] = array(
          "name"             => $row2['name'],
          "description"      => $row2['short_description'],
          "remote_image_url" => "https://xxxx/magento/media/catalog/product/cache/1/small_image/170x/9df78eab33525d08d6e5fb8d27136e95".$row2['small_image']
        );
    }  
    $httpacc['order']['details_attributes'] = $product_lines;

    $pathdirectory = json_encode($httpacc);

    //URL opbouwen en escapen (voor debugging)  
    //echo $pathdirectory;

    $ch = curl_init($plesentsurl);  

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");                                                                     
    curl_setopt($ch, CURLOPT_POSTFIELDS, $pathdirectory);                                                                  
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);                                                                      
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
        'Content-Type: application/json',                                                                                
        'Content-Length: ' . strlen($pathdirectory))                                                                       
    );                                                                                                                   

    $result = curl_exec($ch);
    $redirect_result = json_decode($result, true);
    $redirect_result_staging = explode('.', $redirect_result['redirect_url']);
    $redirect_url_staging = "https://staging." . $redirect_result_staging[1] . "." . $redirect_result_staging[2];
    $sha_id = $redirect_result['id'];
    $sha1_validate = sha1($app_id.$authentication_token.$sha_id.$row['base_subtotal'].$row['increment_id']."https://xxxx/magento/notify.php".$row['customer_firstname']." ".$row['customer_lastname'].$row['customer_email']);

    echo("\n\nsha1_validate: " . $sha1_validate);
    echo("\n\nredirect_result: " . $redirect_result['sha1']);

    var_dump($result);

    if($redirect_result['sha1']==$sha1_validate) {
        //echo '<meta http-equiv="refresh" content="0;URL='.$redirect_url_staging.'" />';
        $ch = curl_init($redirect_url_staging);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        $result = curl_exec($ch); 
    } 
    else {
        echo "sha1 could not be validated correctly!";
    }

    $pagerender = ob_get_clean();
    mail('jeffhuys@gmail.com', 'pagerender', $pagerender);

    //$res = ob_get_clean();
    //mail("jeffhuys@gmail.com", "Yeah!", "Magento moves forward.\n " . $res);
}
}

?>

我知道我可以使用法师来获取订单信息,但我不能用它来获取产品信息(我绝对需要)。

在Magento将他的信息插入数据库后,有没有办法让这段代码执行?

非常感谢。

编辑:对不起,忘了添加。在SQL查询中,entity_id ='107'可以工作,但是当我将其设置为动态(entity_id = $ _ POST ['entity_id']或类似的东西)时,它将无法工作,因为这会请求尚未提供的数据。

0 个答案:

没有答案