Beispiel #1
0
 public function save_user($user_id, $data, $from_public = false)
 {
     $use_master_key = $this->get_contact_master_key();
     if ($from_public) {
         $user_id = 0;
     } else {
         if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
             if (!module_user::can_i('edit', 'Contacts', 'Customer')) {
                 set_error('Unable to edit contacts.');
                 return false;
             }
         } else {
             if (!self::can_i('edit', 'Users', 'Config')) {
                 set_error('Unable to edit users.');
                 return false;
             }
         }
         $user_id = (int) $user_id;
     }
     $temp_user = array();
     if ($user_id > 0) {
         // check permissions
         $temp_user = $this->get_user($user_id, true, false);
         if (!$temp_user || $temp_user['user_id'] != $user_id || isset($temp_user['_perms'])) {
             $user_id = false;
         }
     }
     if (!$user_id && !$from_public) {
         if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
             if (!module_user::can_i('create', 'Contacts', 'Customer')) {
                 set_error('Unable to create new contacts.');
                 return false;
             }
         } else {
             if (!self::can_i('create', 'Users', 'Config')) {
                 set_error('Unable to create new users.');
                 return false;
             }
         }
     } else {
         if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
             set_error('Sorry only the administrator can modify this account');
         }
     }
     // check the customer id is valid assignment to someone who has these perms.
     if (!$from_public) {
         if (isset($data['customer_id']) && (int) $data['customer_id'] > 0) {
             $temp_customer = module_customer::get_customer($data['customer_id']);
             if (!$temp_customer || $temp_customer['customer_id'] != $data['customer_id']) {
                 unset($data['customer_id']);
             }
         }
         if (isset($data['vendor_id']) && (int) $data['vendor_id'] > 0) {
             $temp_vendor = module_vendor::get_vendor($data['vendor_id']);
             if (!$temp_vendor || $temp_vendor['vendor_id'] != $data['vendor_id']) {
                 unset($data['vendor_id']);
             }
         }
     }
     if (isset($data['password'])) {
         unset($data['password']);
     }
     // we do the password hash thing here.
     if (isset($data['password_new']) && strlen($data['password_new'])) {
         // an admin is trying to set the password for this account.
         // same permissions checks as on the user_admin_edit_login.php page
         if (!$user_id || isset($temp_user['password']) && !$temp_user['password'] || module_user::can_i('create', 'Users Passwords', 'Config') || isset($_REQUEST['reset_password']) && $_REQUEST['reset_password'] == module_security::get_auto_login_string($user_id)) {
             // we allow the admin to set a new password without typing in previous password.
             $data['password'] = $data['password_new'];
         } else {
             set_error('Sorry, no permissions to set a new password.');
         }
     } else {
         if ($user_id && isset($data['password_new1']) && isset($data['password_new2']) && strlen($data['password_new1'])) {
             // the user is trying to change their password.
             // only do this if the user has edit password permissions and their password matches.
             if (module_user::can_i('edit', 'Users Passwords', 'Config') || $user_id == module_security::get_loggedin_id()) {
                 if (isset($data['password_old']) && (md5($data['password_old']) == $temp_user['password'] || $data['password_old'] == $temp_user['password'])) {
                     // correct old password
                     // verify new password.
                     if ($data['password_new1'] == $data['password_new2']) {
                         $data['password'] = $data['password_new1'];
                     } else {
                         set_error('Verified password mismatch. Password unchanged.');
                     }
                 } else {
                     set_error('Old password does not match. Password unchanged.');
                 }
             } else {
                 set_error('No permissions to change passwords');
             }
         }
     }
     // and we finally hash our password
     if (isset($data['password']) && strlen($data['password']) > 0) {
         $data['password'] = md5($data['password']);
         // if you change md5 also change it in customer import.
         // todo - salt? meh.
     }
     $user_id = update_insert("user_id", $user_id, "user", $data);
     $use_master_key = $this->get_contact_master_key();
     // this will be customer_id or supplier_id
     if ($use_master_key && (isset($data[$use_master_key]) && $data[$use_master_key])) {
         if ($user_id) {
             if (isset($data['customer_primary']) && $data['customer_primary']) {
                 // update the customer/supplier to mark them as primary or not..
                 switch ($use_master_key) {
                     case 'customer_id':
                         module_customer::set_primary_user_id($data['customer_id'], $user_id);
                         break;
                     case 'vendor_id':
                         module_vendor::set_primary_user_id($data['vendor_id'], $user_id);
                         break;
                 }
             } else {
                 // check if this contact was the old customer/supplier primary and
                 switch ($use_master_key) {
                     case 'customer_id':
                         $customer_data = module_customer::get_customer($data['customer_id']);
                         if ($customer_data['primary_user_id'] == $user_id) {
                             module_customer::set_primary_user_id($data['customer_id'], 0);
                         }
                         break;
                     case 'vendor_id':
                         $vendor_data = module_vendor::get_vendor($data['vendor_id']);
                         if ($vendor_data['primary_user_id'] == $user_id) {
                             module_vendor::set_primary_user_id($data['vendor_id'], 0);
                         }
                         break;
                 }
             }
         }
     }
     if (!$from_public) {
         // hack for linked user accounts.
         if ($user_id && isset($data['link_customers']) && $data['link_customers'] == 'yes' && isset($data['link_user_ids']) && is_array($data['link_user_ids']) && isset($data['email']) && $data['email']) {
             $others = module_user::get_contacts(array('email' => $data['email']));
             foreach ($data['link_user_ids'] as $link_user_id) {
                 if (!(int) $link_user_id) {
                     continue;
                 }
                 if ($link_user_id == $user_id) {
                     continue;
                 }
                 // shouldnt happen
                 foreach ($others as $other) {
                     if ($other['user_id'] == $link_user_id) {
                         // success! they'renot trying to hack us.
                         $sql = "REPLACE INTO `" . _DB_PREFIX . "user_customer_rel` SET user_id = '" . (int) $link_user_id . "', customer_id = '" . (int) $other['customer_id'] . "', `primary` = " . (int) $user_id;
                         query($sql);
                         update_insert('user_id', $link_user_id, 'user', array('linked_parent_user_id' => $user_id));
                     }
                 }
             }
             update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => $user_id));
         }
         if ($user_id && isset($data['unlink']) && $data['unlink'] == 'yes') {
             $sql = "DELETE FROM `" . _DB_PREFIX . "user_customer_rel` WHERE user_id = '" . (int) $user_id . "'";
             query($sql);
             update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => 0));
         }
         handle_hook("address_block_save", $this, "physical", "user", "user_id", $user_id);
         handle_hook("address_block_save", $this, "postal", "user", "user_id", $user_id);
         if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
             module_extra::save_extras('user', 'user_id', $user_id);
         }
         // find current role / permissions
         $user_data = $this->get_user($user_id);
         $previous_user_roles = $user_data['roles'];
         $re_save_role_perms = false;
         // hack to support only 1 role (we may support multi-role in the future)
         // TODO: check we have permissions to set this role id, otherwise anyone can set their own role.
         if (isset($_REQUEST['role_id'])) {
             $sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE user_id = '" . (int) $user_id . "'";
             query($sql);
             if ((int) $_REQUEST['role_id'] > 0) {
                 if (!isset($previous_user_roles[$_REQUEST['role_id']])) {
                     $re_save_role_perms = (int) $_REQUEST['role_id'];
                 }
                 $_REQUEST['role'] = array($_REQUEST['role_id'] => 1);
             }
         }
         // save users roles (support for multi roles in future - but probably will never happen)
         if (isset($_REQUEST['role']) && is_array($_REQUEST['role'])) {
             foreach ($_REQUEST['role'] as $role_id => $tf) {
                 $this->add_user_to_role($user_id, $role_id);
             }
         }
         if ($re_save_role_perms) {
             // copy role permissiosn to user permissions
             $sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = " . (int) $user_id;
             query($sql);
             // update - we are not relying on these permissions any more.
             // if the user has a role assigned, we use those permissions period
             // we ignore all permissions in the user_perm table if the user has a role.
             // if the user doesn't have a role, then we use these user_perm permissions.
             /*$security_role = module_security::get_security_role($re_save_role_perms);
             		foreach($security_role['permissions'] as $security_permission_id => $d){
             			$sql = "INSERT INTO `"._DB_PREFIX."user_perm` SET user_id = ".(int)$user_id.", security_permission_id = '".(int)$security_permission_id."'";
             			foreach(module_security::$available_permissions as $perm){
             				$sql .= ", `".$perm."` = ".(int)$d[$perm];
             			}
             			query($sql);
             		}*/
         } else {
             if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) {
                 $sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = '" . (int) $user_id . "'";
                 query($sql);
                 // update permissions for this user.
                 foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) {
                     $actions = array();
                     foreach (module_security::$available_permissions as $permission) {
                         if (isset($permissions[$permission]) && $permissions[$permission]) {
                             $actions[$permission] = 1;
                         }
                     }
                     $sql = "REPLACE INTO `" . _DB_PREFIX . "user_perm` SET user_id = '" . (int) $user_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
                     foreach ($actions as $permission => $tf) {
                         $sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
                     }
                     query($sql);
                 }
             }
         }
         /*global $plugins;
         		if($user_id && isset($data['user_type_id']) && $data['user_type_id'] == 1 && $data['site_id']){
         			// update the site.
         			$plugins['site']->set_primary_user_id($data['site_id'],$user_id);
         		}else{
         			//this use isn't (or isnt any more) the sites primary user.
         			// unset this if he was the primary user before
         			$site_data = $plugins['site']->get_site($data['site_id']);
         			if(isset($site_data['primary_user_id']) && $site_data['primary_user_id'] == $user_id){
         				$plugins['site']->set_primary_user_id($data['site_id'],0);
         			}
         		}*/
         // save the company information if it's available
         if (class_exists('module_company', false) && module_company::can_i('edit', 'Company') && module_company::is_enabled() && module_user::can_i('edit', 'User')) {
             if (isset($_REQUEST['available_user_company']) && is_array($_REQUEST['available_user_company'])) {
                 $selected_companies = isset($_POST['user_company']) && is_array($_POST['user_company']) ? $_POST['user_company'] : array();
                 foreach ($_REQUEST['available_user_company'] as $company_id => $tf) {
                     if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
                         // remove user from this company
                         module_company::delete_user($company_id, $user_id);
                     } else {
                         // add user to this company (if they are not already existing)
                         module_company::add_user_to_company($company_id, $user_id);
                     }
                 }
             }
         }
     }
     module_cache::clear('user');
     return $user_id;
 }
$customer_import = array('customer_name' => $callername, 'customer_extra' => array('Medium' => $referrermedium, 'Source' => $callsource, 'Campaign' => $utm_campaign, 'Content' => $utm_content, 'Term' => $utm_term, 'Query' => $keywords, 'Conversion URL' => $last_requested_url, 'IP Address' => $ip, 'Called In' => $datetime), 'address' => array('line_1' => '123 Test Street', 'line_2' => '', 'suburb' => $callercity, 'state' => $callerstate, 'post_code' => $callerzip), 'contact' => array('name' => $callername, 'last_name' => $callername, 'email' => $trackingnum, 'mobile' => $callernum));
include 'init.php';
// the UCM init code.
$customer_id = $plugins['customer']->save_customer('new', array('customer_name' => $customer_import['customer_name']));
if (!$customer_id) {
    echo 'Failed to create customer';
    exit;
}
if (!empty($customer_import['customer_extra'])) {
    foreach ($customer_import['customer_extra'] as $extra_key => $extra_val) {
        // Add the Medium extra field to that newly created customer
        $extra_db = array('extra_key' => $extra_key, 'extra' => $extra_val, 'owner_table' => 'customer', 'owner_id' => $customer_id);
        $extra_id = update_insert('extra_id', false, 'extra', $extra_db);
    }
}
if (!empty($customer_import['address'])) {
    // Save the address for the customer
    $customer_import['address']['owner_id'] = $customer_id;
    $customer_import['address']['owner_table'] = 'customer';
    $customer_import['address']['address_type'] = 'physical';
    module_address::save_address(false, $customer_import['address']);
}
if (!empty($customer_import['contact'])) {
    // add the contact details to this customer record
    $customer_import['contact']['customer_id'] = $customer_id;
    $contact_user_id = $plugins['user']->create_user($customer_import['contact'], 'signup');
    if ($contact_user_id) {
        module_customer::set_primary_user_id($customer_id, $contact_user_id);
    }
}
echo "Created a customer with ID {$customer_id} and a contact with ID {$contact_user_id} ";
Beispiel #3
0
 public static function handle_import_row($row, $debug, $add_to_group, $extra_options)
 {
     $debug_string = '';
     if (!isset($row['name'])) {
         $row['name'] = '';
     }
     if (!isset($row['url'])) {
         $row['url'] = '';
     }
     if (isset($row['website_id']) && (int) $row['website_id'] > 0) {
         // check if this ID exists.
         $website = self::get_website($row['website_id']);
         if (!$website || $website['website_id'] != $row['website_id']) {
             $row['website_id'] = 0;
         }
     }
     if (!isset($row['website_id']) || !$row['website_id']) {
         $row['website_id'] = 0;
     }
     if (isset($row['name']) && strlen(trim($row['name']))) {
         // we have a website name!
         // search for a website based on name.
         $website = get_single('website', 'name', $row['name']);
         if ($website && $website['website_id'] > 0) {
             $row['website_id'] = $website['website_id'];
         }
     } else {
         if (isset($row['url'])) {
             $row['name'] = $row['url'];
         }
     }
     if (!$row['website_id'] && isset($row['url']) && strlen(trim($row['url']))) {
         // we have a url! find a match too.
         $website = get_single('website', 'url', $row['url']);
         if ($website && $website['website_id'] > 0) {
             $row['website_id'] = $website['website_id'];
         }
     }
     if (!strlen($row['name']) && !strlen($row['url'])) {
         $debug_string .= _l('No website data to import');
         if ($debug) {
             echo $debug_string;
         }
         return false;
     }
     // duplicates.
     //print_r($extra_options);exit;
     if (isset($extra_options['duplicates']) && $extra_options['duplicates'] == 'ignore' && (int) $row['website_id'] > 0) {
         if ($debug) {
             $debug_string .= _l('Skipping import, duplicate of website %s', self::link_open($row['website_id'], true));
             echo $debug_string;
         }
         // don't import duplicates
         return false;
     }
     $row['customer_id'] = 0;
     // todo - support importing of this id? nah
     if (isset($row['customer_name']) && strlen(trim($row['customer_name'])) > 0) {
         // check if this customer exists.
         $customer = get_single('customer', 'customer_name', $row['customer_name']);
         if ($customer && $customer['customer_id'] > 0) {
             $row['customer_id'] = $customer['customer_id'];
             $debug_string .= _l('Linked to customer %s', module_customer::link_open($row['customer_id'], true)) . ' ';
         } else {
             $debug_string .= _l('Create new customer: %s', htmlspecialchars($row['customer_name'])) . ' ';
         }
     } else {
         $debug_string .= _l('No customer') . ' ';
     }
     if ($row['website_id']) {
         $debug_string .= _l('Replace existing website: %s', self::link_open($row['website_id'], true)) . ' ';
     } else {
         $debug_string .= _l('Insert new website: %s', htmlspecialchars($row['url'])) . ' ';
     }
     $customer_primary_user_id = 0;
     if ($row['customer_id'] > 0 && isset($row['customer_contact_email']) && strlen(trim($row['customer_contact_email']))) {
         $users = module_user::get_users(array('customer_id' => $row['customer_id'] > 0));
         foreach ($users as $user) {
             if (strtolower(trim($user['email'])) == strtolower(trim($row['customer_contact_email']))) {
                 $customer_primary_user_id = $user['user_id'];
                 $debug_string .= _l('Customer primary contact is: %s', module_user::link_open_contact($customer_primary_user_id, true)) . ' ';
                 break;
             }
         }
     }
     if ($debug) {
         echo $debug_string;
         return true;
     }
     if (isset($extra_options['duplicates']) && $extra_options['duplicates'] == 'ignore' && $row['customer_id'] > 0) {
         // don't update customer record with new one.
     } else {
         if (isset($row['customer_name']) && strlen(trim($row['customer_name'])) > 0 || $row['customer_id'] > 0) {
             // update customer record with new one.
             $row['customer_id'] = update_insert('customer_id', $row['customer_id'], 'customer', $row);
             if (isset($row['customer_contact_fname']) || isset($row['customer_contact_email'])) {
                 $data = array('customer_id' => $row['customer_id']);
                 if (isset($row['customer_contact_fname'])) {
                     $data['name'] = $row['customer_contact_fname'];
                 }
                 if (isset($row['customer_contact_lname'])) {
                     $data['last_name'] = $row['customer_contact_lname'];
                 }
                 if (isset($row['customer_contact_email'])) {
                     $data['email'] = $row['customer_contact_email'];
                 }
                 if (isset($row['customer_contact_phone'])) {
                     $data['phone'] = $row['customer_contact_phone'];
                 }
                 $customer_primary_user_id = update_insert("user_id", $customer_primary_user_id, "user", $data);
                 module_customer::set_primary_user_id($row['customer_id'], $customer_primary_user_id);
             }
         }
     }
     $website_id = (int) $row['website_id'];
     // check if this ID exists.
     $website = self::get_website($website_id);
     if (!$website || $website['website_id'] != $website_id) {
         $website_id = 0;
     }
     $website_id = update_insert("website_id", $website_id, "website", $row);
     // ad notes if possible
     if (isset($row['notes']) && strlen(trim($row['notes']))) {
         if (class_exists('module_note', false) && module_note::is_plugin_enabled()) {
             module_note::save_note(array('owner_table' => 'website', 'owner_id' => $website_id, 'note' => trim($row['notes']), 'note_time' => time()));
         }
     }
     // handle any extra fields.
     $extra = array();
     foreach ($row as $key => $val) {
         if (!strlen(trim($val))) {
             continue;
         }
         if (strpos($key, 'extra:') !== false) {
             $extra_key = str_replace('extra:', '', $key);
             if (strlen($extra_key)) {
                 $extra[$extra_key] = $val;
             }
         }
     }
     if ($extra) {
         foreach ($extra as $extra_key => $extra_val) {
             // does this one exist?
             $existing_extra = module_extra::get_extras(array('owner_table' => 'website', 'owner_id' => $website_id, 'extra_key' => $extra_key));
             $extra_id = false;
             foreach ($existing_extra as $key => $val) {
                 if ($val['extra_key'] == $extra_key) {
                     $extra_id = $val['extra_id'];
                 }
             }
             $extra_db = array('extra_key' => $extra_key, 'extra' => $extra_val, 'owner_table' => 'website', 'owner_id' => $website_id);
             $extra_id = (int) $extra_id;
             update_insert('extra_id', $extra_id, 'extra', $extra_db);
         }
     }
     foreach ($add_to_group as $group_id => $tf) {
         module_group::add_to_group($group_id, $website_id, 'website');
     }
     return $website_id;
 }