function customers_list()
{
global $Shopp, $Customers, $wpdb;
$db = DB::get();
$defaults = array('page' => false, 'deleting' => false, 'selected' => false, 'update' => false, 'newstatus' => false, 'pagenum' => 1, 'per_page' => false, 'start' => '', 'end' => '', 'status' => false, 's' => '', 'range' => '', 'startdate' => '', 'enddate' => '');
$args = array_merge($defaults, $_GET);
extract($args, EXTR_SKIP);
if ($page == "shopp-customers" && !empty($deleting) && !empty($selected) && is_array($selected)) {
foreach ($selected as $deletion) {
$Customer = new Customer($deletion);
$Billing = new Billing($Customer->id, 'customer');
$Billing->delete();
$Shipping = new Shipping($Customer->id, 'customer');
$Shipping->delete();
$Customer->delete();
}
}
if (!empty($_POST['save'])) {
check_admin_referer('shopp-save-customer');
if ($_POST['id'] != "new") {
$Customer = new Customer($_POST['id']);
$Billing = new Billing($Customer->id, 'customer');
$Shipping = new Shipping($Customer->id, 'customer');
} else {
$Customer = new Customer();
}
$Customer->updates($_POST);
if (!empty($_POST['new-password']) && !empty($_POST['confirm-password']) && $_POST['new-password'] == $_POST['confirm-password']) {
$Customer->password = wp_hash_password($_POST['new-password']);
if (!empty($Customer->wpuser)) {
wp_set_password($_POST['new-password'], $Customer->wpuser);
}
}
$Customer->save();
$Billing->updates($_POST['billing']);
$Billing->save();
$Shipping->updates($_POST['shipping']);
$Shipping->save();
}
$pagenum = absint($pagenum);
if (empty($pagenum)) {
$pagenum = 1;
}
if (!$per_page || $per_page < 0) {
$per_page = 20;
}
$index = $per_page * ($pagenum - 1);
if (!empty($start)) {
$startdate = $start;
list($month, $day, $year) = explode("/", $startdate);
$starts = mktime(0, 0, 0, $month, $day, $year);
}
if (!empty($end)) {
$enddate = $end;
list($month, $day, $year) = explode("/", $enddate);
$ends = mktime(23, 59, 59, $month, $day, $year);
}
$customer_table = DatabaseObject::tablename(Customer::$table);
$billing_table = DatabaseObject::tablename(Billing::$table);
$purchase_table = DatabaseObject::tablename(Purchase::$table);
$users_table = $wpdb->users;
$where = '';
if (!empty($s)) {
$s = stripslashes($s);
if (preg_match_all('/(\\w+?)\\:(?="(.+?)"|(.+?)\\b)/', $s, $props, PREG_SET_ORDER)) {
foreach ($props as $search) {
$keyword = !empty($search[2]) ? $search[2] : $search[3];
switch (strtolower($search[1])) {
case "company":
$where .= (empty($where) ? "WHERE " : " AND ") . "c.company LIKE '%{$keyword}%'";
break;
case "login":
$where .= (empty($where) ? "WHERE " : " AND ") . "u.user_login LIKE '%{$keyword}%'";
break;
case "address":
$where .= (empty($where) ? "WHERE " : " AND ") . "(b.address LIKE '%{$keyword}%' OR b.xaddress='%{$keyword}%')";
break;
case "city":
$where .= (empty($where) ? "WHERE " : " AND ") . "b.city LIKE '%{$keyword}%'";
break;
case "province":
case "state":
$where .= (empty($where) ? "WHERE " : " AND ") . "b.state='{$keyword}'";
break;
case "zip":
case "zipcode":
case "postcode":
$where .= (empty($where) ? "WHERE " : " AND ") . "b.postcode='{$keyword}'";
break;
case "country":
$where .= (empty($where) ? "WHERE " : " AND ") . "b.country='{$keyword}'";
break;
}
}
} elseif (strpos($s, '@') !== false) {
$where .= (empty($where) ? "WHERE " : " AND ") . "c.email='{$s}'";
} else {
$where .= (empty($where) ? "WHERE " : " AND ") . " (c.id='{$s}' OR CONCAT(c.firstname,' ',c.lastname) LIKE '%{$s}%' OR c.company LIKE '%{$s}%')";
}
}
if (!empty($starts) && !empty($ends)) {
$where .= (empty($where) ? "WHERE " : " AND ") . ' (UNIX_TIMESTAMP(c.created) >= ' . $starts . ' AND UNIX_TIMESTAMP(c.created) <= ' . $ends . ')';
}
$customercount = $db->query("SELECT count(*) as total FROM {$customer_table} AS c {$where}");
$query = "SELECT c.*,b.city,b.state,b.country, u.user_login, SUM(p.total) AS total,count(distinct p.id) AS orders FROM {$customer_table} AS c LEFT JOIN {$purchase_table} AS p ON p.customer=c.id LEFT JOIN {$billing_table} AS b ON b.customer=c.id LEFT JOIN {$users_table} AS u ON u.ID=c.wpuser AND (c.wpuser IS NULL OR c.wpuser !=0) {$where} GROUP BY c.id ORDER BY c.created DESC LIMIT {$index},{$per_page}";
$Customers = $db->query($query, AS_ARRAY);
$num_pages = ceil($customercount->total / $per_page);
$page_links = paginate_links(array('base' => add_query_arg('pagenum', '%#%'), 'format' => '', 'total' => $num_pages, 'current' => $pagenum));
$ranges = array('all' => __('Show New Customers', 'Shopp'), 'today' => __('Today', 'Shopp'), 'week' => __('This Week', 'Shopp'), 'month' => __('This Month', 'Shopp'), 'quarter' => __('This Quarter', 'Shopp'), 'year' => __('This Year', 'Shopp'), 'yesterday' => __('Yesterday', 'Shopp'), 'lastweek' => __('Last Week', 'Shopp'), 'last30' => __('Last 30 Days', 'Shopp'), 'last90' => __('Last 3 Months', 'Shopp'), 'lastmonth' => __('Last Month', 'Shopp'), 'lastquarter' => __('Last Quarter', 'Shopp'), 'lastyear' => __('Last Year', 'Shopp'), 'lastexport' => __('Last Export', 'Shopp'), 'custom' => __('Custom Dates', 'Shopp'));
$exports = array('tab' => __('Tab-separated.txt', 'Shopp'), 'csv' => __('Comma-separated.csv', 'Shopp'), 'xls' => __('Microsoft® Excel.xls', 'Shopp'));
$formatPref = $Shopp->Settings->get('customerexport_format');
if (!$formatPref) {
$formatPref = 'tab';
}
$columns = array_merge(Customer::exportcolumns(), Billing::exportcolumns(), Shipping::exportcolumns());
$selected = $Shopp->Settings->get('customerexport_columns');
if (empty($selected)) {
$selected = array_keys($columns);
}
$authentication = $Shopp->Settings->get('account_system');
include "{$this->basepath}/core/ui/customers/customers.php";
}
/**
* lookups ()
* Provides fast db lookups with as little overhead as possible */
function lookups($wp)
{
$db =& DB::get();
// Grab query requests from permalink rewriting query vars
$admin = false;
$download = isset($wp->query_vars['shopp_download']) ? $wp->query_vars['shopp_download'] : '';
$lookup = isset($wp->query_vars['shopp_lookup']) ? $wp->query_vars['shopp_lookup'] : '';
// Admin Lookups
if (isset($_GET['page']) && $_GET['page'] == "shopp-lookup") {
$admin = true;
$image = $_GET['id'];
$download = $_GET['download'];
}
if (!empty($download)) {
$lookup = "download";
}
if (empty($lookup)) {
$lookup = isset($_GET['lookup']) ? $_GET['lookup'] : '';
}
switch ($lookup) {
case "purchaselog":
if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) {
die('-1');
}
$db =& DB::get();
if (!isset($_POST['settings']['purchaselog_columns'])) {
$_POST['settings']['purchaselog_columns'] = array_keys(array_merge($Purchase, $Purchased));
$_POST['settings']['purchaselog_headers'] = "on";
}
$this->Flow->settings_save();
$format = $this->Settings->get('purchaselog_format');
if (empty($format)) {
$format = 'tab';
}
switch ($format) {
case "csv":
new PurchasesCSVExport();
break;
case "xls":
new PurchasesXLSExport();
break;
case "iif":
new PurchasesIIFExport();
break;
default:
new PurchasesTabExport();
}
exit;
break;
case "customerexport":
if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) {
die('-1');
}
$db =& DB::get();
if (!isset($_POST['settings']['customerexport_columns'])) {
$Customer = Customer::exportcolumns();
$Billing = Billing::exportcolumns();
$Shipping = Shipping::exportcolumns();
$_POST['settings']['customerexport_columns'] = array_keys(array_merge($Customer, $Billing, $Shipping));
$_POST['settings']['customerexport_headers'] = "on";
}
$this->Flow->settings_save();
$format = $this->Settings->get('customerexport_format');
if (empty($format)) {
$format = 'tab';
}
switch ($format) {
case "csv":
new CustomersCSVExport();
break;
case "xls":
new CustomersXLSExport();
break;
default:
new CustomersTabExport();
}
exit;
break;
case "receipt":
if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) {
die('-1');
}
if (preg_match("/\\d+/", $_GET['id'])) {
$this->Cart->data->Purchase = new Purchase($_GET['id']);
$this->Cart->data->Purchase->load_purchased();
} else {
die('-1');
}
echo "<html><head>";
echo '<style type="text/css">body { padding: 20px; font-family: Arial,Helvetica,sans-serif; }</style>';
echo "<link rel='stylesheet' href='" . SHOPP_TEMPLATES_URI . "/shopp.css' type='text/css' />";
echo "</head><body>";
echo $this->Flow->order_receipt();
if (isset($_GET['print']) && $_GET['print'] == 'auto') {
echo '<script type="text/javascript">window.onload = function () { window.print(); window.close(); }</script>';
}
echo "</body></html>";
exit;
break;
case "zones":
$zones = $this->Settings->get('zones');
if (isset($_GET['country'])) {
echo json_encode($zones[$_GET['country']]);
}
exit;
break;
case "shipcost":
@session_start();
$this->ShipCalcs = new ShipCalcs($this->path);
if (isset($_GET['method'])) {
$this->Cart->data->Order->Shipping->method = $_GET['method'];
$this->Cart->retotal = true;
$this->Cart->updated();
$this->Cart->totals();
echo json_encode($this->Cart->data->Totals);
}
exit;
break;
case "category-menu":
echo $this->Flow->category_menu();
exit;
break;
case "category-products-menu":
echo $this->Flow->category_products();
exit;
break;
case "spectemplate":
$db = DB::get();
$table = DatabaseObject::tablename(Category::$table);
$result = $db->query("SELECT specs FROM {$table} WHERE id='{$_GET['cat']}' AND spectemplate='on'");
echo json_encode(unserialize($result->specs));
exit;
break;
case "optionstemplate":
$db = DB::get();
$table = DatabaseObject::tablename(Category::$table);
$result = $db->query("SELECT options,prices FROM {$table} WHERE id='{$_GET['cat']}' AND variations='on'");
if (empty($result)) {
exit;
}
$result->options = unserialize($result->options);
$result->prices = unserialize($result->prices);
foreach ($result->options as &$menu) {
foreach ($menu['options'] as &$option) {
$option['id'] += $_GET['cat'];
}
}
foreach ($result->prices as &$price) {
$optionids = explode(",", $price['options']);
foreach ($optionids as &$id) {
$id += $_GET['cat'];
}
$price['options'] = join(",", $optionids);
$price['optionkey'] = "";
}
echo json_encode($result);
exit;
break;
case "newproducts-rss":
$NewProducts = new NewProducts(array('show' => 5000));
header("Content-type: application/rss+xml; charset=utf-8");
echo shopp_rss($NewProducts->rss());
exit;
break;
case "category-rss":
$this->catalog($wp);
header("Content-type: application/rss+xml; charset=utf-8");
echo shopp_rss($this->Category->rss());
exit;
break;
case "download":
if (empty($download)) {
break;
}
if ($admin) {
$Asset = new Asset($download);
} else {
$db = DB::get();
$pricetable = DatabaseObject::tablename(Purchase::$table);
$pricetable = DatabaseObject::tablename(Price::$table);
$assettable = DatabaseObject::tablename(Asset::$table);
require_once "core/model/Purchased.php";
$Purchased = new Purchased($download, "dkey");
$Purchase = new Purchase($Purchased->purchase);
$target = $db->query("SELECT target.* FROM {$assettable} AS target LEFT JOIN {$pricetable} AS pricing ON pricing.id=target.parent AND target.context='price' WHERE pricing.id={$Purchased->price} AND target.datatype='download'");
$Asset = new Asset();
$Asset->populate($target);
$forbidden = false;
// Purchase Completion check
if ($Purchase->transtatus != "CHARGED" && !SHOPP_PREPAYMENT_DOWNLOADS) {
new ShoppError(__('This file cannot be downloaded because payment has not been received yet.', 'Shopp'), 'shopp_download_limit');
$forbidden = true;
}
// Account restriction checks
if ($this->Settings->get('account_system') != "none" && (!$this->Cart->data->login || $this->Cart->data->Order->Customer->id != $Purchase->customer)) {
new ShoppError(__('You must login to access this download.', 'Shopp'), 'shopp_download_limit', SHOPP_ERR);
header('Location: ' . $this->link('account'));
exit;
}
// Download limit checking
if ($this->Settings->get('download_limit') && $Purchased->downloads + 1 > $this->Settings->get('download_limit')) {
new ShoppError(__('This file can no longer be downloaded because the download limit has been reached.', 'Shopp'), 'shopp_download_limit');
$forbidden = true;
}
// Download expiration checking
if ($this->Settings->get('download_timelimit') && $Purchased->created + $this->Settings->get('download_timelimit') < mktime()) {
new ShoppError(__('This file can no longer be downloaded because it has expired.', 'Shopp'), 'shopp_download_limit');
$forbidden = true;
}
// IP restriction checks
if ($this->Settings->get('download_restriction') == "ip" && !empty($Purchase->ip) && $Purchase->ip != $_SERVER['REMOTE_ADDR']) {
new ShoppError(__('The file cannot be downloaded because this computer could not be verified as the system the file was purchased from.', 'Shopp'), 'shopp_download_limit');
$forbidden = true;
}
do_action_ref_array('shopp_download_request', array(&$Purchased));
}
if ($forbidden) {
header("Status: 403 Forbidden");
return;
}
if ($Asset->download($download)) {
$Purchased->downloads++;
$Purchased->save();
do_action_ref_array('shopp_download_success', array(&$Purchased));
exit;
}
break;
}
}
/**
* Delivers customer export files to the browser
*
* @since 1.1
*
* @return void
**/
function export_customers () {
if (!current_user_can('ecart_export_customers')) exit();
if (!isset($_POST['settings']['customerexport_columns'])) {
$Customer = Customer::exportcolumns();
$Billing = Billing::exportcolumns();
$Shipping = Shipping::exportcolumns();
$_POST['settings']['customerexport_columns'] =
array_keys(array_merge($Customer,$Billing,$Shipping));
$_POST['settings']['customerexport_headers'] = "on";
}
$this->Settings->saveform();
$format = $this->Settings->get('customerexport_format');
if (empty($format)) $format = 'tab';
switch ($format) {
case "csv": new CustomersCSVExport(); break;
case "xls": new CustomersXLSExport(); break;
default: new CustomersTabExport();
}
exit();
}
function CustomersExport () {
global $Ecart;
$this->customer_cols = Customer::exportcolumns();
$this->billing_cols = Billing::exportcolumns();
$this->shipping_cols = Shipping::exportcolumns();
$this->defined = array_merge($this->customer_cols,$this->billing_cols,$this->shipping_cols);
$this->sitename = get_bloginfo('name');
$this->headings = ($Ecart->Settings->get('customerexport_headers') == "on");
$this->selected = $Ecart->Settings->get('customerexport_columns');
$Ecart->Settings->save('customerexport_lastexport',mktime());
}
