/**
* Create the pending order in the database with the customers selected payment details, etc.
*
* @return array An array containing information about what needs to be done next.
*/
public function SavePendingOrder()
{
$provider = null;
$verifyPaymentProvider = true;
$redirectToFinishOrder = false;
$providerId = '';
$pendingOrderResult = array();
if (!isset($_SESSION['CHECKOUT']['PENDING_DATA'])) {
return false;
}
// Did they agree to signup to any mailing lists?
if (isset($_POST['join_mailing_list'])) {
ISC_SetCookie("JOIN_MAILING_LIST", 1, time() + 3600 * 24 * 7);
}
if (isset($_POST['join_order_list'])) {
ISC_SetCookie("JOIN_ORDER_LIST", 1, time() + 3600 * 24 * 7);
}
$orderTotal = $_SESSION['CHECKOUT']['PENDING_DATA']['ORDER_TOTAL'];
$giftCertificateAmount = $_SESSION['CHECKOUT']['PENDING_DATA']['GIFTCERTIFICATE_AMOUNT'];
$gatewayAmount = $_SESSION['CHECKOUT']['PENDING_DATA']['GATEWAY_AMOUNT'];
$creditUsed = 0;
$giftCertificates = array();
// Find out what currency we are using. We'll need this later to display their previous orders in the currency that they have selected
$selectedCurrency = GetCurrencyById($GLOBALS['CurrentCurrency']);
if (isset($_SESSION['OFFERCART']['GIFTCERTIFICATES']) && is_array($_SESSION['OFFERCART']['GIFTCERTIFICATES'])) {
$giftCertificates = $_SESSION['OFFERCART']['GIFTCERTIFICATES'];
// Now we check that the gift certificates can actually be applied to the order
$GLOBALS['ISC_CLASS_GIFT_CERTIFICATES'] = GetClass('ISC_GIFTCERTIFICATES');
$badCertificates = array();
$remainingBalance = 0;
$GLOBALS['ISC_CLASS_GIFT_CERTIFICATES']->GiftCertificatesApplicableToOrder($orderTotal, $giftCertificates, $remainingBalance, $badCertificates);
// One or more gift certificates were invalid so this order is now invalid
if (count($badCertificates) > 0) {
$badCertificatesList = '<strong>' . GetLang('BadGiftCertificates') . '</strong><ul>';
foreach ($badCertificates as $code => $reason) {
if (is_array($reason) && $reason[0] == "expired") {
$reason = sprintf(GetLang('BadGiftCertificateExpired'), CDate($reason[1]));
} else {
$reason = GetLang('BadGiftCertificate' . ucfirst($reason));
}
$badCertificatesList .= sprintf("<li>%s - %s", isc_html_escape($code), $reason);
}
$badCertificatesList .= "</ul>";
$pendingOrderResult = array('error' => GetLang('OrderContainedInvalidGiftCertificates'), 'errorDetails' => $badCertificatesList);
return $pendingOrderResult;
} else {
if ($orderTotal == $giftCertificateAmount && $remainingBalance > 0) {
$pendingOrderResult = array('error' => GetLang('OrderTotalStillRemainingCertificates'));
return $pendingOrderResult;
} else {
if ($orderTotal == $giftCertificateAmount) {
$providerId = 'giftcertificate';
$verifyPaymentProvider = false;
$redirectToFinishOrder = true;
}
}
}
}
// If the order total is 0, then we just forward the user on to the "Thank You" page and set the payment provider to ''
if ($orderTotal == 0) {
$providerId = '';
$verifyPaymentProvider = false;
$redirectToFinishOrder = true;
}
if ($verifyPaymentProvider) {
if (isset($_POST['credit_checkout_provider']) && $_POST['credit_checkout_provider'] != "") {
$_POST['checkout_provider'] = $_POST['credit_checkout_provider'];
}
$selected_provider = "";
$providers = GetCheckoutModulesThatCustomerHasAccessTo(true);
// If there's more than one, use the value they've chosen
if (count($providers) > 1 && isset($_POST['checkout_provider']) || isset($_SESSION['CHECKOUT']['ProviderListHTML'])) {
$selected_provider = $_POST['checkout_provider'];
} else {
if (count($providers) == 1) {
$selected_provider = $providers[0]['object']->GetId();
$_POST['checkout_provider'] = $selected_provider;
} else {
$selected_provider = '';
}
}
if (!isset($_POST['checkout_provider'])) {
$_POST['checkout_provider'] = '';
}
// Are we using our store credit?
$GLOBALS['ISC_CLASS_CUSTOMER'] = GetClass('ISC_CUSTOMER');
$customer = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerDataByToken();
if (isset($_POST['store_credit']) && $_POST['store_credit'] == 1 && $customer['custstorecredit'] > 0) {
// User has not chosen a payment provider and can't afford this order using only store credit, throw back as error
if (!$_POST['checkout_provider'] && $customer['custstorecredit'] < $orderTotal) {
return false;
} else {
$onlyCredit = false;
$updateExtra = '';
// If we're only using store credit
$creditToUse = $orderTotal - $giftCertificateAmount;
if ($customer['custstorecredit'] >= $creditToUse) {
// Set the checkout provider
$providerId = 'storecredit';
$verifyPaymentProvider = false;
$redirectToFinishOrder = true;
$creditUsed = $creditToUse;
$onlyCredit = true;
} else {
// Using all of our store credit to pay for this order and we owe more.
$creditUsed = $customer['custstorecredit'];
$gatewayAmount -= $creditUsed;
}
}
}
}
// Now with round 2, do we still need to verify the payment provider?
if ($verifyPaymentProvider) {
// If there's more than one provider and one wasn't selected on the order confirmation screen then there's a problem
if ((count($providers) == 0 || count($providers) > 1 && !isset($_POST['checkout_provider'])) && !isset($_SESSION['CHECKOUT']['ProviderListHTML'])) {
return false;
}
// Is the payment provider selected actually valid?
if (!GetModuleById('checkout', $provider, $selected_provider)) {
return false;
}
$providerId = $provider->GetId();
}
// Load up all of the data for the items in the cart
$GLOBALS['ISC_CLASS_MAKEAOFFER'] = GetClass('ISC_MAKEAOFFER');
$cartItems = $GLOBALS['ISC_CLASS_MAKEAOFFER']->api->GetProductsInCart();
// OK, we're successful down to here - do they want to create an account?
if (isset($_SESSION['CHECKOUT']['CREATE_ACCOUNT'])) {
$accountDetails = $_SESSION['CHECKOUT']['ACCOUNT_DETAILS'];
$token = GenerateCustomerToken();
$customerData = array('email' => trim($accountDetails['email']), 'password' => $accountDetails['password'], 'firstname' => $accountDetails['firstname'], 'lastname' => $accountDetails['lastname'], 'company' => $accountDetails['company'], 'phone' => $accountDetails['phone'], 'token' => $token);
//alandy modify.2011-5-20.
/*$sql="select customerid from [|PREFIX|]customers where custconemail='".$accountDetails['email']."'";
$query=$GLOBALS['ISC_CLASS_DB']->Query($sql);
while($rs=$GLOBALS['ISC_CLASS_DB']->Fetch($query)){
$GLOBALS['Hasemailflag']="yes";
return array(
'error' => GetLang('AccountInternalError')
);
}*/
$cusquery = "SELECT customerid\n\t\t\t\tFROM [|PREFIX|]customers\n\t\t\t\tWHERE isguest = 1 AND LOWER(custconemail)='" . $GLOBALS['ISC_CLASS_DB']->Quote(isc_strtolower($customerData['email'])) . "'";
$cusresult = $GLOBALS['ISC_CLASS_DB']->Query($cusquery);
$cusrow = $GLOBALS['ISC_CLASS_DB']->Fetch($cusresult);
$custId = $cusrow['customerid'];
if ($custId == '') {
// 20110613 johnny add ---- add flag for guest user email don't exist
if ($_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) {
$customerData['isguest'] = 1;
}
$customerId = $GLOBALS['ISC_CLASS_CUSTOMER']->CreateCustomerAccount($customerData, false, $accountDetails['autoAccount']);
} else {
if (!$_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) {
$customerId = $GLOBALS['ISC_CLASS_CUSTOMER']->CreateCustomerAccount($customerData, true, $accountDetails['autoAccount']);
/* delet already exist guest account
$entity = new ISC_ENTITY_CUSTOMER();
$entity->delete($custId);
*/
} else {
$customerId = $custId;
// update guest account in customer table for guest user email exist
$GLOBALS['ISC_CLASS_DB']->Query("UPDATE [|PREFIX|]customers SET custconfirstname = '" . $customerData['firstname'] . "', custconlastname = '" . $customerData['lastname'] . "' WHERE customerid = {$customerId}");
}
}
if (!$customerId) {
return array('error' => GetLang('AccountInternalError'));
}
if (!$_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) {
$GLOBALS['ISC_CLASS_CUSTOMER']->LoginCustomerById($customerId, true);
}
unset($_SESSION['CHECKOUT']['CREATE_ACCOUNT']);
unset($_SESSION['CHECKOUT']['ACCOUNT_DETAILS']);
// Log the customer in
@ob_end_clean();
}
if (isset($_COOKIE['SHOP_TOKEN'])) {
$customerToken = $_COOKIE['SHOP_TOKEN'];
} else {
$customerToken = '';
}
$orderComments = '';
if (isset($_REQUEST['ordercomments'])) {
$orderComments = $_REQUEST['ordercomments'];
}
$checkoutSession = $_SESSION['CHECKOUT'];
$pendingData = $checkoutSession['PENDING_DATA'];
// Get a list of the vendors for all of the items in the cart, and loop through them
// to build all of the pending orders
$cartContent = $this->BreakdownCartByAddressVendorforshipping();
//Changed to merging function by Simha
$vendorOrderInfo = array();
foreach ($cartContent as $vendorId => $addresses) {
foreach ($addresses as $addressId => $products) {
$allDigital = 1;
$productArray = array();
foreach ($products as $cartItemId => $product) {
// A physical product, mark as so
if ($product['data']['prodtype'] == PT_PHYSICAL) {
$allDigital = 0;
}
// Mark the quantity of this item
$productArray[$cartItemId] = $product['quantity'];
}
$vendorInfo = $pendingData['VENDORS'][$vendorId . '_' . $addressId];
$vendorData = array('itemtotal' => $vendorInfo['ITEM_TOTAL'], 'taxcost' => $vendorInfo['TAX_COST'], 'taxname' => $vendorInfo['TAX_NAME'], 'taxrate' => $vendorInfo['TAX_RATE'], 'totalcost' => $vendorInfo['ORDER_TOTAL'], 'shippingcost' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['COST'], 'handlingcost' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['HANDLING'], 'shippingprovider' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['PROVIDER'], 'shippingmodule' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['MODULE'], 'isdigitalorder' => $allDigital, 'products' => $productArray);
if ($addressId == 0) {
$addresses = $this->GetOrderShippingAddresses();
$vendorData['shippingaddress'] = $addresses[$addressId];
} else {
$vendorData['shippingaddressid'] = $addressId;
}
// Shipping zones can be configured per vendor, so we need to be sure
// to pass this along correctly too
if (isset($vendorInfo['SHIPPING_ZONE'])) {
$shippingZone = GetShippingZoneById($vendorInfo['SHIPPING_ZONE']);
if (is_array($shippingZone)) {
$vendorData['ordshippingzoneid'] = $shippingZone['zoneid'];
$vendorData['ordshippingzone'] = $shippingZone['zonename'];
}
}
$vendorOrderInfo[$vendorId . '_' . $addressId] = $vendorData;
}
}
// Set some defaults about the rest of the order
$pendingOrder = array("customertoken" => $customerToken, 'paymentmethod' => $providerId, "storecreditamount" => $creditUsed, "giftcertificateamount" => $giftCertificateAmount, "giftcertificates" => $giftCertificates, "gatewayamount" => $gatewayAmount, 'totalincludestax' => $pendingData['TAX_INCLUDED'], "currencyid" => $selectedCurrency['currencyid'], "currencyexchangerate" => $selectedCurrency['currencyexchangerate'], 'ordercomments' => $orderComments, 'ipaddress' => GetIP(), 'vendorinfo' => $vendorOrderInfo);
if (isset($customerId)) {
$pendingOrder['customerid'] = $customerId;
}
// Determine the address ID we're using for billing
if (is_array($_SESSION['CHECKOUT']['BILLING_ADDRESS'])) {
$pendingOrder['billingaddress'] = $_SESSION['CHECKOUT']['BILLING_ADDRESS'];
} else {
$pendingOrder['billingaddressid'] = (int) $_SESSION['CHECKOUT']['BILLING_ADDRESS'];
}
if (isset($_POST['ordermessage'])) {
$pendingOrder['ordermessage'] = $_POST['ordermessage'];
} else {
$pendingOrder['ordermessage'] = '';
}
/**
* Save our custom fields. If we are creating a new account then split this up so the
* account fields will go in the customers table and the rest will go in the orders table
*/
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['customer']) && isset($customerId) && isId($customerId)) {
$formSessionId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['customer']);
if (isId($formSessionId)) {
$updateData = array('customerid' => $customerId, 'email' => $customerData['email'], 'firstname' => $customerData['firstname'], 'lastname' => $customerData['lastname'], 'company' => $customerData['company'], 'phone' => $customerData['phone'], 'custformsessionid' => $formSessionId);
$entity = new ISC_ENTITY_CUSTOMER();
$entity->edit($updateData);
}
}
/**
* OK, now to store the custom address fields. Check here to see if we are not split
* shipping (single order)
*/
if (!isset($_SESSION['CHECKOUT']['IS_SPLIT_SHIPPING']) || !$_SESSION['CHECKOUT']['IS_SPLIT_SHIPPING']) {
$pendingOrder['ordformsessionid'] = '';
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS'])) {
/**
* Save the billing
*/
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && isset($pendingOrder['billingaddress']['saveAddress']) && $pendingOrder['billingaddress']['saveAddress']) {
$pendingOrder['billingaddress']['shipformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']);
}
/**
* Now for the shipping. Only save this once for all the shipping addresses
*/
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'])) {
$shippSessId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping']);
foreach ($pendingOrder['vendorinfo'] as $vendorId => $vendorData) {
if (isset($vendorData['shippingaddress']['saveAddress']) && $vendorData['shippingaddress']['saveAddress']) {
$pendingOrder['vendorinfo'][$vendorId]['shippingaddress']['shipformsessionid'] = $shippSessId;
}
}
}
/**
* Now the orders. This part is tricky because the billing and shipping information
* have the same keys (same fields used in the frontend). We need to split them up
* into separate billing and shipping information and then save it
*/
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'])) {
/**
* We create a map first so we can map the shipping information to its proper field
* ID
*/
$billingKeys = array_keys($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']);
$fieldAddressMap = $GLOBALS['ISC_CLASS_FORM']->mapAddressFieldList(FORMFIELDS_FORM_BILLING, $billingKeys);
/**
* OK, we have the map, now to split up the custom fields
*/
$orderSessData = array();
foreach ($fieldAddressMap as $fieldId => $newShippingFieldId) {
$orderSessData[$fieldId] = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'][$fieldId];
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'][$fieldId])) {
$orderSessData[$newShippingFieldId] = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'][$fieldId];
}
}
$pendingOrder['ordformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($orderSessData);
}
}
/**
* This is for split shipping. Loop through each address to get their default custom
* field data, combine it with the billing custom field data, create the form session
* record and then save that ID for each address
*/
} else {
$shippingAddresses = $this->GetOrderShippingAddresses();
$origFormSessionData = array();
if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'])) {
$origFormSessionData = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'];
}
foreach ($pendingOrder['vendorinfo'] as $vendorId => $vendorData) {
$address = null;
$orderSessData = array();
if (array_key_exists($vendorData['shippingaddressid'], $shippingAddresses)) {
$address = $shippingAddresses[$vendorData['shippingaddressid']];
}
if (isset($address['shipformsessionid']) && isId($address['shipformsessionid'])) {
$shippingSessionData = $GLOBALS['ISC_CLASS_FORM']->getSavedSessionData($address['shipformsessionid']);
if (is_array($shippingSessionData)) {
/**
* Same deal with this save session data because the billing and shipping data
* use the same fields and therefore have the same keys
*/
$billingKeys = array_keys($origFormSessionData);
$fieldAddressMap = $GLOBALS['ISC_CLASS_FORM']->mapAddressFieldList(FORMFIELDS_FORM_BILLING, $billingKeys);
/**
* OK, we have the map, now to split up the custom fields
*/
$orderSessData = array();
foreach ($fieldAddressMap as $fieldId => $newShippingFieldId) {
$orderSessData[$fieldId] = $origFormSessionData[$fieldId];
$orderSessData[$newShippingFieldId] = $shippingSessionData[$fieldId];
}
}
}
$newFormSessionId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($orderSessData);
if (isId($newFormSessionId)) {
$pendingOrder['vendorinfo'][$vendorId]['ordformsessionid'] = $newFormSessionId;
}
}
}
$pendingToken = CreateOrder($pendingOrder, $cartItems);
// Try to add the record and if we can't then take them back to the shopping cart
if (!$pendingToken) {
return false;
}
// Persist the pending order token as a cookie for 24 hours
ISC_SetCookie("SHOP_ORDER_TOKEN", $pendingToken, time() + 3600 * 24, true);
$_COOKIE['SHOP_ORDER_TOKEN'] = $pendingToken;
// Redirecting to finish order page?
if ($redirectToFinishOrder) {
return array('redirectToFinishOrder' => true);
}
$orderData = LoadPendingOrdersByToken($pendingToken);
// Otherwise, the gateway want's to do something
$provider->SetOrderData($orderData);
// Is this an online payment provider? It would like to do something
if ($provider->GetPaymentType() == PAYMENT_PROVIDER_ONLINE || method_exists($provider, "ShowPaymentForm")) {
// Call the checkout process for the selected provider
if (method_exists($provider, "ShowPaymentForm")) {
return array('provider' => $provider, 'showPaymentForm' => true);
} else {
return array('provider' => $provider);
}
} else {
return array('provider' => $provider);
}
}
/**
* Imports an actual product record in to the database.
*
* @param array Array of record data
*/
protected function _ImportRecord($record)
{
if (!$record['custconemail']) {
$this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersMissingEmail');
return;
}
if (!is_email_address($record['custconemail'])) {
$this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersInvalidEmail');
return;
}
$fillin = array('custconcompany', 'custconfirstname', 'custconlastname', 'custconphone');
foreach ($fillin as $fillkey) {
if (!isset($record[$fillkey])) {
$record[$fillkey] = '';
}
}
// Is there an existing customer with the same email?
$customerId = 0;
$existingFormSessionId = 0;
$query = sprintf("select customerid from [|PREFIX|]customers where lower(custconemail)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote(isc_strtolower($record['custconemail'])));
$result = $GLOBALS["ISC_CLASS_DB"]->Query($query);
if ($row = $GLOBALS["ISC_CLASS_DB"]->Fetch($result)) {
// Overriding existing products, set the product id
if (isset($this->ImportSession['OverrideDuplicates']) && $this->ImportSession['OverrideDuplicates'] == 1) {
$customerId = $row['customerid'];
$this->ImportSession['Results']['Updates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")";
} else {
$this->ImportSession['Results']['Duplicates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")";
return;
}
if (isId($row['custformsessionid'])) {
$existingFormSessionId = $row['custformsessionid'];
}
}
$customerData = array('company' => $record['custconcompany'], 'firstname' => $record['custconfirstname'], 'lastname' => $record['custconlastname'], 'email' => $record['custconemail'], 'phone' => $record['custconphone']);
if (isset($record['custpassword']) && $record['custpassword'] !== '') {
$customerData['password'] = $record['custpassword'];
}
if (isset($record['custstorecredit'])) {
$customerData['storecredit'] = DefaultPriceFormat($record['custstorecredit']);
}
if (isId($customerId)) {
$customerData['customerid'] = $customerId;
}
// Are we placing the customer in a customer group?
$groupId = 0;
if (!empty($record['custgroup'])) {
static $customerGroups;
$groupName = strtolower($record['custgroup']);
if (isset($customerGroups[$groupName])) {
$groupId = $customerGroups[$groupName];
} else {
$query = "\n\t\t\t\t\tSELECT customergroupid\n\t\t\t\t\tFROM [|PREFIX|]customer_groups\n\t\t\t\t\tWHERE LOWER(groupname)='" . $GLOBALS['ISC_CLASS_DB']->Quote($groupName) . "'\n\t\t\t\t";
$groupId = $GLOBALS['ISC_CLASS_DB']->FetchOne($query, 'customergroupid');
// Customer group doesn't exist, create it
if (!$groupId) {
$newGroup = array('name' => $record['custgroup'], 'discount' => 0, 'isdefault' => 0, 'categoryaccesstype' => 'all');
$entity = new ISC_ENTITY_CUSTOMERGROUP();
$groupId = $entity->add($newGroup);
}
if ($groupId) {
$customerGroups[$groupName] = $groupId;
}
}
}
$customerData['customergroupid'] = $groupId;
// Do we have a shipping address?
$shippingData = array();
if (isset($record['shipfullname']) || isset($record['shipfirstname']) || isset($record['shipaddress1']) || isset($record['shipaddress2']) || isset($record['shipcity']) || isset($record['shipstate']) || isset($record['shipzip']) || isset($record['shipcountry'])) {
$fillin = array('shipaddress1', 'shipaddress2', 'shipcity', 'shipstate', 'shipzip', 'shipcountry');
foreach ($fillin as $fillkey) {
if (!isset($record[$fillkey])) {
$record[$fillkey] = '';
}
}
$shippingData['shipfirstname'] = '';
$shippingData['shiplastname'] = '';
$shippingData['shipaddress1'] = $record['shipaddress1'];
$shippingData['shipaddress2'] = $record['shipaddress2'];
$shippingData['shipcity'] = $record['shipcity'];
$shippingData['shipstate'] = $record['shipstate'];
$shippingData['shipzip'] = $record['shipzip'];
$shippingData['shipcountry'] = $record['shipcountry'];
$shippingData['shipstateid'] = 0;
$shippingData['shipcountryid'] = 0;
$shippingData['shipdestination'] = '';
// Find the country and state
$shippingData['shipcountryid'] = (int) GetCountryByName($record['shipcountry']);
if (!$shippingData['shipcountryid']) {
$shippingData['shipcountryid'] = (int) GetCountryIdByISO2($record['shipcountry']);
}
// Still nothing? 0 for the shipping country ID
if (!$shippingData['shipcountryid']) {
$shippingData['shipcountryid'] = 0;
}
if (isset($record['shipstate'])) {
$shippingData['shipstateid'] = GetStateByName($record['shipstate'], $shippingData['shipcountryid']);
}
// Still nothing? 0 for the shipping state ID
if (!$shippingData['shipstateid']) {
$shippingData['shipstateid'] = 0;
}
if (!isset($record['shipfullname']) || $record['shipfullname'] == "") {
if (isset($record['shipfirstname']) && $record['shipfirstname'] != '') {
$shippingData['shipfirstname'] = $record['shipfirstname'];
} else {
$shippingData['shipfirstname'] = $customerData['firstname'];
}
if (isset($record['shiplastname']) && $record['shiplastname'] != '') {
$shippingData['shiplastname'] = $record['shiplastname'];
} else {
$shippingData['shiplastname'] = $customerData['lastname'];
}
}
if (!isset($record['shipphone']) && isset($record['custconphone'])) {
$shippingData['shipphone'] = $record['custconphone'];
} else {
$shippingData['shipphone'] = $record['shipphone'];
}
/**
* Handle any of the address custom fields that we might have
*/
if (!empty($this->customFields) && array_key_exists('custom', $record)) {
$shippingData['shipformsessionid'] = $this->_importCustomFormfields(FORMFIELDS_FORM_ADDRESS, $record['custom']);
if (!isId($shippingData['shipformsessionid'])) {
unset($shippingData['shipformsessionid']);
}
}
}
/**
* Handle any of the customer custom fields that we might have
*/
if (!empty($this->customFields) && array_key_exists('custom', $record)) {
$formSessionId = $this->_importCustomFormfields(FORMFIELDS_FORM_ACCOUNT, $record['custom'], $existingFormSessionId);
if (isId($formSessionId)) {
$customerData['custformsessionid'] = $formSessionId;
}
}
$customerData['is_import'] = true;
$customerEntity = new ISC_ENTITY_CUSTOMER();
// New customer, insert in to DB
if ($customerId == 0) {
// Set a temporary password, retrievable later via lost password function
if (!isset($customerData['password']) || $customerData['password'] == '') {
$customerData['password'] = isc_substr(uniqid(rand(), true), 0, 10);
}
$customerData['token'] = GenerateCustomerToken();
$customerData['shipping_address'] = $shippingData;
$rtn = $customerEntity->add($customerData);
++$this->ImportSession['Results']['SuccessCount'];
} else {
if (count($shippingData) > 0) {
$query = sprintf("select shipid from [|PREFIX|]shipping_addresses where shipcustomerid='%d' and lower(shipaddress1)='%s' and lower(shipaddress2)='%s' and lower(shipcity)='%s' and lower(shipstate)='%s' and lower(shipcountry)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote($customerId), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress1']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress2']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcity']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipstate']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcountry']));
$Result = $GLOBALS['ISC_CLASS_DB']->Query($query);
$row = $GLOBALS['ISC_CLASS_DB']->Fetch($Result);
// Address doesn't exist, we insert it
if (!$row['shipid']) {
$customerData['shipping_address'] = $shippingData;
}
}
$rtn = $customerEntity->edit($customerData);
}
}
/**
* Save the edited account details back to the database
*/
public function SaveAccountDetails()
{
/**
* Customer Details
*/
$customerMap = array('EmailAddress' => 'account_email', 'Password' => 'account_password', 'ConfirmPassword' => 'account_password_confirm');
$fields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_ACCOUNT, true);
/**
* Validate the field input. Unset the password and confirm password fields first
*/
foreach (array_keys($fields) as $fieldId) {
if (isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'password' || isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'confirmpassword') {
$fields[$fieldId]->setRequired(false);
}
}
$errmsg = '';
if (!$this->validateFieldData($fields, $errmsg)) {
return $this->EditAccount($errmsg, MSG_ERROR);
}
foreach (array_keys($fields) as $fieldId) {
if (!array_key_exists($fields[$fieldId]->record['formfieldprivateid'], $customerMap)) {
continue;
}
$_POST[$customerMap[$fields[$fieldId]->record['formfieldprivateid']]] = $fields[$fieldId]->GetValue();
}
$customer_id = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerId();
$email_taken = false;
$phone_invalid = false;
$password_invalid = false;
if (isset($_POST['account_firstname']) && isset($_POST['account_lastname']) && isset($_POST['account_companyname']) && isset($_POST['account_email']) && isset($_POST['account_phone']) && isset($_POST['account_password']) && isset($_POST['account_password_confirm'])) {
// Are they updating their email address? If so is the new email address available?
if ($GLOBALS['ISC_CLASS_CUSTOMER']->AccountWithEmailAlreadyExists($_POST['account_email'], $customer_id)) {
$email_taken = true;
}
if (!$GLOBALS['ISC_CLASS_CUSTOMER']->ValidatePhoneNumber($_POST['account_phone'])) {
$phone_invalid = true;
}
$pass1 = $_POST['account_password'];
$pass2 = $_POST['account_password_confirm'];
if ($pass1 . $pass2 !== '' && $pass1 !== $pass2) {
$password_invalid = true;
}
if (!$email_taken && !$phone_invalid && !$password_invalid) {
$UpdatedAccount = array("customerid" => $customer_id, "firstname" => $_POST['account_firstname'], "lastname" => $_POST['account_lastname'], "company" => $_POST['account_companyname'], "email" => $_POST['account_email'], "phone" => $_POST['account_phone']);
// Do we need to update the password?
if ($pass1 == $pass2 && $pass1 != "") {
$UpdatedAccount['password'] = $pass1;
}
$entity = new ISC_ENTITY_CUSTOMER();
$existingCustomer = $entity->get($customer_id);
/**
* Create/Update our form session data
*/
if (isId($existingCustomer['custformsessionid'])) {
$GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT, true, $existingCustomer['custformsessionid']);
} else {
$UpdatedAccount['custformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT);
}
if ($entity->edit($UpdatedAccount)) {
$this->EditAccount(GetLang('AccountDetailsUpdatedSuccess'), MSG_SUCCESS);
} else {
$this->EditAccount(GetLang('AccountDetailsUpdatedFailed'), MSG_ERROR);
}
} else {
if ($email_taken) {
// Email address is already taken
$this->EditAccount(sprintf(GetLang('AccountUpdateEmailTaken'), $_POST['account_email']), MSG_ERROR);
} else {
if ($phone_invalid) {
// Phone number is invalid
$this->EditAccount(sprintf(GetLang('AccountUpdateValidPhone'), $_POST['account_phone']), MSG_ERROR);
} else {
if ($password_invalid) {
$this->EditAccount(GetLang('AccountPasswordsDontMatch'), MSG_ERROR);
}
}
}
}
} else {
ob_end_clean();
header(sprintf("Location: %s/account.php", $GLOBALS['ShopPath']));
die;
}
}
