/**
* Run before each action.
*
* @param CAction $action Passed action from Yii.
*
* @return boolean
*/
public function beforeAction($action)
{
if ($action->Id == "checkout" && _xls_get_conf('ENABLE_SSL') == 1) {
if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') {
$this->redirect(Yii::app()->createAbsoluteUrl('cart/' . $action->Id, array(), 'https'));
Yii::app()->end();
}
}
// For passing a cart when not logged in under Common SSL
if ($action->Id == "checkout" && Yii::app()->isCommonSSL && Yii::app()->user->isGuest) {
$c = Yii::app()->getRequest()->getQuery('c');
if (isset($c)) {
$item = explode(",", _xls_decrypt($c));
Yii::app()->shoppingcart->assign($item[0]);
}
}
if (Yii::app()->shoppingcart->wasCartModified && Yii::app()->request->isAjaxRequest === false) {
// Web Store has removed cart items or modified requested quantities
// to reflect recent updates to inventory.
// Since these changes may have invalidated the end user's originally selected shipping
// option, clear cache of shipping info. When the user returns to checkout they will be
// forced to recalculate shipping and choose from valid options
Yii::app()->shoppingcart->clearCachedShipping();
// Redirect the user to the index page and display the relevant message.
$this->redirect(Yii::app()->createUrl('cart/index'));
}
return parent::beforeAction($action);
}
protected function successfullyLogin($user)
{
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
$this->setState('fullname', $user->first_name . ' ' . $user->last_name);
$this->setState('firstname', $user->first_name);
$this->setState('profilephoto', Yii::app()->theme->baseUrl . "/css/images/loginhead.png");
if ($user->allow_login == Customer::ADMIN_USER) {
$this->setState('role', 'admin');
} else {
$this->setState('role', 'user');
}
// Update the password storage format
if ($user->password == $this->hash($this->password) || $this->password == _xls_decrypt($user->password)) {
$user->setScenario(Customer::SCENARIO_UPDATEPASSWORD);
$user->attributes = array("password" => $this->password, "password_repeat" => $this->password);
Yii::log("Note, user's old password format upgraded " . $user->fullname, 'error', 'application.' . __CLASS__ . "." . __FUNCTION__);
}
$user->last_login = new CDbExpression('UTC_TIMESTAMP()');
if (!$user->save()) {
Yii::log("ERROR Saving user record " . print_r($user->getErrors(), true), 'error', 'application.' . __CLASS__ . "." . __FUNCTION__);
}
}
/**
* Short Description.
*
* @return void
*/
public function actionEdit()
{
$id = Yii::app()->getRequest()->getQuery('id');
$model = Configuration::model()->findAllByAttributes(array('configuration_type_id' => $id), array('order' => 'sort_order'));
if ($this->IsCloud) {
$model = $this->sanitizeEditModule($model, 'Cloud');
}
if ($this->IsMT) {
$model = $this->sanitizeEditModule($model, 'MT');
}
if ($this->isHosted) {
$model = $this->sanitizeEditModule($model, 'Hosted');
}
if (isset($_POST['Configuration'])) {
$valid = true;
foreach ($model as $i => $item) {
if (isset($_POST['Configuration'][$i])) {
$item->attributes = $_POST['Configuration'][$i];
}
if ($item->key_name == 'LANG_MENU' && $item->key_value == 1) {
$itemLanguages = $model[2];
$itemLanguages->attributes = $_POST['Configuration'][2];
if (empty($itemLanguages->key_value)) {
$valid = false;
}
}
if ($item->options == "INT") {
if ((int) $item->key_value) {
$valid = true;
} else {
$valid = false;
}
}
if ($item->options == "EMAIL") {
$valid = $this->validateEmail($item) && $valid;
} else {
$valid = $item->validate() && $valid;
}
if (!$valid) {
if ($item->options == 'EMAIL') {
Yii::app()->user->setFlash('error', $item->title . ' is not a valid email address');
} elseif ($item->key_name == 'LANG_MENU') {
Yii::app()->user->setFlash('error', 'Languages field cannot be empty when language menu is enabled');
} elseif ($item->options == "INT") {
Yii::app()->user->setFlash('error', $item->title . ': ' . 'Only numbers are allowed', true);
} else {
$err = $item->getErrors();
Yii::app()->user->setFlash('error', $item->title . ' -- ' . print_r($err['key_value'][0], true));
}
break;
}
}
if ($valid) {
foreach ($model as $i => $item) {
$item->attributes = $_POST['Configuration'][$i];
if ($item->options == "PASSWORD") {
$item->key_value = _xls_encrypt($item->key_value);
}
if ($item->save() === false) {
Yii::app()->user->setFlash('error', print_r($item->getErrors(), true));
} else {
Yii::app()->user->setFlash('success', Yii::t('admin', 'Configuration updated on {time}.', array('{time}' => date('d F, Y h:i:sa'))));
$item->postConfigurationChange();
}
if ($item->key_name == 'EMAIL_TEST' && $item->key_value == 1) {
$this->sendEmailTest();
}
}
}
}
foreach ($model as $i => $item) {
if ($item->options == 'BOOL') {
$this->registerOnOff($item->id, "Configuration_{$i}_key_value", $item->key_value);
}
if ($item->options == 'PASSWORD') {
$model[$i]->key_value = _xls_decrypt($model[$i]->key_value);
}
$model[$i]->title = Yii::t('admin', $item->title, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check')));
$model[$i]->helper_text = Yii::t('admin', $item->helper_text, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check')));
}
/*
* http://www.yiiframework.com/doc/api/1.1/CModel#generateAttributeLabel-detail
*
* Unless we define the label attribute in activeLabelEx htmlOptions in the view,
* the label will be generated when it calls CModel::generateAttributeLabel().
* This is a problem for the labels we want to display on pages like the Google Integration
* page that have labels which deliberately require dashes and camel-case formatting.
*/
$defineLabel = false;
switch (CPropertyValue::ensureInteger($id)) {
case 20:
// IntegrationController::GOOGLE = 20
$defineLabel = true;
break;
default:
break;
}
$this->render('admin.views.default.edit', array('model' => $model, 'defineLabel' => $defineLabel));
}
public function authenticate()
{
$user = $this->getCustomerRecord();
$this->username = $user->email;
$this->password = _xls_decrypt($user->password);
$this->successfullyLogin($user);
return !$this->errorCode;
}
public function actionEdit()
{
$id = Yii::app()->getRequest()->getQuery('id');
$model = Configuration::model()->findAllByAttributes(array('configuration_type_id' => $id), array('order' => 'sort_order'));
if (isset($_POST['Configuration'])) {
$valid = true;
foreach ($model as $i => $item) {
if (isset($_POST['Configuration'][$i])) {
$item->attributes = $_POST['Configuration'][$i];
}
$valid = $item->validate() && $valid;
if (!$valid) {
$err = $item->getErrors();
Yii::app()->user->setFlash('error', $item->title . " -- " . print_r($err['key_value'][0], true));
break;
}
}
if ($valid) {
foreach ($model as $i => $item) {
$item->attributes = $_POST['Configuration'][$i];
if ($item->options == "PASSWORD") {
$item->key_value = _xls_encrypt($item->key_value);
}
if (!$item->save()) {
Yii::app()->user->setFlash('error', print_r($item->getErrors(), true));
} else {
$item->postConfigurationChange();
}
if ($item->key_name == 'EMAIL_TEST' && $item->key_value == 1) {
$this->sendEmailTest();
}
}
Yii::app()->user->setFlash('success', Yii::t('admin', 'Configuration updated on {time}.', array('{time}' => date("d F, Y h:i:sa"))));
}
}
foreach ($model as $i => $item) {
if ($item->key_name == "EMAIL_TEST") {
$item->key_value = 0;
}
if ($item->options == "BOOL") {
$this->registerOnOff($item->id, "Configuration_{$i}_key_value", $item->key_value);
}
if ($item->options == "PASSWORD") {
$model[$i]->key_value = _xls_decrypt($model[$i]->key_value);
}
$model[$i]->title = Yii::t('admin', $item->title, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check')));
$model[$i]->helper_text = Yii::t('admin', $item->helper_text, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check')));
}
$this->render('edit', array('model' => $model));
}
<?php
$this->beginContent('//layouts/mail-layout');
?>
<tr>
<td style="border-bottom: 1px solid #dddddd;display: block; padding-bottom: 30px;color:#111111;font-family:'Lucida Grande','Lucida Sans', Verdana, sans-serif;font-size: 16px;line-height:1.5em;">
<?php
echo Yii::t('email', 'Dear') . ' ' . $model->first_name;
?>
,<br/><br/>
<?php
echo Yii::t('email', 'The password that is registered at {storename} is {password}', array('{password}' => _xls_decrypt($model->password), '{storename}' => _xls_get_conf('STORE_NAME')));
?>
.<br/><br/>
</td>
</tr>
<?php
$this->endContent();
/**
* Compares the supplied password with the hashed password in the database.
* @param $plain_text
* @return bool
*/
public function authenticate($plain_text)
{
// Users with no password or guest records should not be able to login
// A registered user with an empty password can make a reset request
if (!$this->allow_login || !$this->password || $this->record_type == Customer::GUEST) {
return false;
}
// Check the old ways of storing passwords, please get rid of this someday.
return md5($plain_text) == $this->password || $plain_text == _xls_decrypt($this->password) || CPasswordHelper::verifyPassword($plain_text, $this->password);
}
function _xls_send_email($id, $hideJson = false)
{
$objMail = EmailQueue::model()->findByPk($id);
if ($objMail instanceof EmailQueue) {
$orderEmail = _xls_get_conf('ORDER_FROM', '');
$from = empty($orderEmail) ? _xls_get_conf('EMAIL_FROM') : $orderEmail;
Yii::app()->setComponent('Smtpmail', null);
$mail = Yii::app()->Smtpmail;
//$mail->CharSet="utf-8";
$mail->Debugoutput = "error_log";
$mail->IsSMTP();
$mail->Username = Yii::app()->params['EMAIL_SMTP_USERNAME'];
$mail->Password = _xls_decrypt(Yii::app()->params['EMAIL_SMTP_PASSWORD']);
$mail->Mailer = 'smtp';
$mail->Port = Yii::app()->params['EMAIL_SMTP_PORT'];
$SMTPSecure = "";
if (Yii::app()->params['EMAIL_SMTP_SECURITY_MODE'] == '0') {
if (Yii::app()->params['EMAIL_SMTP_PORT'] == "465") {
$SMTPSecure = "ssl";
}
if (Yii::app()->params['EMAIL_SMTP_PORT'] == "587") {
$SMTPSecure = "tls";
}
}
if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '1') {
$SMTPSecure = "";
}
if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '2') {
$SMTPSecure = "ssl";
}
if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '3') {
$SMTPSecure = "tls";
}
$mail->SMTPAuth = true;
$mail->AuthType = "LOGIN";
if (_xls_get_conf('EMAIL_SMTP_AUTH_PLAIN', '0') == '1') {
$mail->AuthType = "PLAIN";
}
if (empty(Yii::app()->params['EMAIL_SMTP_PASSWORD'])) {
Yii::log("Password for SMTP blank, turning off SMTP Authentication", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__);
$mail->SMTPAuth = false;
$mail->Username = '';
$mail->Password = '';
}
$mail->SMTPDebug = 1;
$mail->SMTPSecure = $SMTPSecure;
$mail->Host = Yii::app()->params['EMAIL_SMTP_SERVER'];
$mail->SetFrom($from, Yii::app()->params['STORE_NAME']);
$mail->Subject = $objMail->subject;
$mail->ClearAllRecipients();
$mail->AddAddress($objMail->to);
if (!empty(Yii::app()->params['EMAIL_BCC'])) {
if ($objMail->to != Yii::app()->params['EMAIL_BCC'] && $objMail->to == $from) {
$mail->AddCC(Yii::app()->params['EMAIL_BCC']);
}
}
$mail->MsgHTML($objMail->htmlbody);
$blnResult = $mail->Send();
$mail->Password = '******';
//replace the real password before logging
Yii::log("Contents of mail " . print_r($mail, true), 'info', 'application.' . __CLASS__ . "." . __FUNCTION__);
if ($blnResult) {
Yii::log("Sent email to " . $objMail->to . " successfully.", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__);
$objMail->delete();
Yii::log("Email removed from queue", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__);
if (!$hideJson) {
echo json_encode("success");
}
} else {
$objMail->sent_attempts += 1;
$objMail->save();
Yii::log("Sending email failed ID " . $id . " " . $objMail->to . " " . print_r($mail->ErrorInfo, true), 'error', 'application.' . __CLASS__ . "." . __FUNCTION__);
if (!$hideJson) {
echo json_encode("failure");
}
}
}
return $blnResult;
}
