Index: openacs-4/packages/invoices/catalog/invoices.en_US.ISO-8859-1.xml =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/catalog/invoices.en_US.ISO-8859-1.xml,v diff -u -r1.3 -r1.4 --- openacs-4/packages/invoices/catalog/invoices.en_US.ISO-8859-1.xml 17 Sep 2005 11:23:11 -0000 1.3 +++ openacs-4/packages/invoices/catalog/invoices.en_US.ISO-8859-1.xml 1 Oct 2005 11:05:05 -0000 1.4 @@ -138,6 +138,7 @@ Accept Offer Accepted on <html><body><h3>Accepted Offer</h3>%offer_text%</html></body> + Thank you for accepted our offer. We will contact you as soon as possible. Cost Sheet for "%organization_name%" Add Cost Sheet Rebate Index: openacs-4/packages/invoices/lib/offer-list.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/lib/offer-list.xql,v diff -u -r1.2 -r1.3 --- openacs-4/packages/invoices/lib/offer-list.xql 6 Sep 2005 22:59:40 -0000 1.2 +++ openacs-4/packages/invoices/lib/offer-list.xql 1 Oct 2005 11:05:05 -0000 1.3 @@ -35,6 +35,7 @@ and pr.revision_id = pi.latest_revision and pp.project_id = pr.revision_id [template::list::filter_where_clauses -and -name iv_offer] + [template::list::page_where_clauses -and -name iv_offer -key cr.item_id] [template::list::orderby_clause -name iv_offer -orderby] Index: openacs-4/packages/invoices/tcl/util-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/tcl/util-procs.tcl,v diff -u -r1.2 -r1.3 --- openacs-4/packages/invoices/tcl/util-procs.tcl 28 Sep 2005 19:08:28 -0000 1.2 +++ openacs-4/packages/invoices/tcl/util-procs.tcl 1 Oct 2005 11:05:05 -0000 1.3 @@ -50,24 +50,22 @@ } ad_proc -public iv::util::get_x_field { - -party_id:required -offer_id:required } { - Creates the x-field for the email (for party authentification) + Creates the x-field for the email (for authentification) } { db_1row get_offer_creator_data {} - return [ns_sha1 "$party_id $user_password $user_salt"] + return [ns_sha1 "$offer_id $user_password $user_salt"] } ad_proc -public iv::util::valid_x_field_p { - -party_id:required -offer_id:required -x_field:required } { Verifies the x-field in the email } { # generate the expected x-variable - set expected_x [iv::util::get_x_field -party_id $party_id -offer_id $offer_id] + set expected_x [iv::util::get_x_field -offer_id $offer_id] # Check if both values are the same and return t or f return [string equal $x_field $expected_x] Index: openacs-4/packages/invoices/www/offer-accepted.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/www/offer-accepted.adp,v diff -u --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/invoices/www/offer-accepted.adp 1 Oct 2005 11:06:16 -0000 1.1 @@ -0,0 +1,5 @@ + + +

#invoices.iv_offer_accepted_thanks#

+ + Index: openacs-4/packages/invoices/www/offer-accepted.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/www/offer-accepted.tcl,v diff -u --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/invoices/www/offer-accepted.tcl 1 Oct 2005 11:06:16 -0000 1.1 @@ -0,0 +1,34 @@ +ad_page_contract { + Accepts offer by customer +} { + offer_id:integer,notnull + x:notnull +} + +if {![db_0or1row check_offer_id {}]} { + ad_return_complaint 1 "This is not the latest offer." + return +} + +# user most likely clicked a link in an email +# verify the secret key +set valid_x_p [iv::util::valid_x_field_p -offer_id $offer_rev_id -x_field $x] +if {!$valid_x_p} { + # could not verify the secret key for that user + ad_return_complaint 1 "Invalid secret key" + return +} + +set package_id [ad_conn package_id] + +if {$valid_x_p} { + db_transaction { + iv::offer::accept -offer_id $offer_id + callback iv::offer_accept -offer_id $offer_id + callback iv::offer_accepted -offer_id $offer_id + } +} else { + ns_log notice "Invalid secret key when accepting offer $offer_id" +} + +ad_return_template Index: openacs-4/packages/invoices/www/offer-accepted.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/www/offer-accepted.xql,v diff -u --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/invoices/www/offer-accepted.xql 1 Oct 2005 11:06:16 -0000 1.1 @@ -0,0 +1,15 @@ + + + + + + + select i.item_id as offer_id, o.offer_id as offer_rev_id + from iv_offers o, cr_items i + where i.live_revision = o.offer_id + and o.offer_id = :offer_id + + + + + Index: openacs-4/packages/invoices/www/offer-send.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/www/offer-send.tcl,v diff -u -r1.3 -r1.4 --- openacs-4/packages/invoices/www/offer-send.tcl 28 Sep 2005 17:19:12 -0000 1.3 +++ openacs-4/packages/invoices/www/offer-send.tcl 1 Oct 2005 11:05:05 -0000 1.4 @@ -18,6 +18,8 @@ set context [list [list [export_vars -base offer-list {organization_id}] "[_ invoices.iv_offer_2]"] [list [export_vars -base offer-ae {offer_id}] "[_ invoices.iv_offer_View]"] $page_title] set offer_text [iv::offer::text -offer_id $offer_id] +set x [iv::util::get_x_field -offer_id $offer_rev_id] +set accept_link [export_vars -base "[ad_url][ad_conn package_url]offer-accepted" {x {offer_id $offer_rev_id}}] if {[empty_string_p $accepted_date]} { # send pending offer Index: openacs-4/packages/invoices/www/offer-send.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/invoices/www/offer-send.xql,v diff -u -r1.1 -r1.2 --- openacs-4/packages/invoices/www/offer-send.xql 16 Aug 2005 20:04:34 -0000 1.1 +++ openacs-4/packages/invoices/www/offer-send.xql 1 Oct 2005 11:05:05 -0000 1.2 @@ -4,7 +4,7 @@ - select o.offer_nr, o.organization_id, o.accepted_date + select o.offer_nr, o.organization_id, o.accepted_date, oi.live_revision as offer_rev_id from iv_offers o, cr_items oi where oi.latest_revision = o.offer_id and oi.item_id = :offer_id