/**
* Prepare a user field for database update
*/
public function prepareFieldDataSave($fieldType, $fieldName, $value, &$post, $params)
{
// $post = JRequest::get('post');
if (!class_exists('vmFilter')) {
require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'vmfilter.php';
}
switch (strtolower($fieldType)) {
case 'webaddress':
if (isset($post[$fieldName . "Text"]) && $post[$fieldName . "Text"]) {
$oValuesArr = array();
$oValuesArr[0] = str_replace(array('mailto:', 'http://', 'https://'), '', $value);
$oValuesArr[1] = str_replace(array('mailto:', 'http://', 'https://'), '', $post[$fieldName . "Text"]);
$value = implode("|*|", $oValuesArr);
} else {
if ($value = vmFilter::urlcheck($value)) {
$value = str_replace(array('mailto:', 'http://', 'https://'), '', $value);
}
}
break;
case 'email':
case 'emailaddress':
$value = vmFilter::mail($value);
$value = str_replace('mailto:', '', $value);
$value = str_replace(array('\'', '"', ',', '%', '*', '/', '\\', '?', '^', '`', '{', '}', '|', '~'), array(''), $value);
//vmdebug('mail',$value);
break;
// case 'phone':
// $value = vmFilter::phone( $value );
// break;
// case 'phone':
// $value = vmFilter::phone( $value );
// break;
case 'multiselect':
case 'multicheckbox':
case 'select':
if (is_array($value)) {
$value = implode("|*|", $value);
}
break;
case 'age_verification':
$value = JRequest::getInt('birthday_selector_year') . '-' . JRequest::getInt('birthday_selector_month') . '-' . JRequest::getInt('birthday_selector_day');
break;
case 'textarea':
$value = JRequest::getVar($fieldName, '', 'post', 'string', JREQUEST_ALLOWRAW);
$value = vmFilter::hl($value, 'text');
break;
default:
case 'editorta':
$value = JRequest::getVar($fieldName, '', 'post', 'string', JREQUEST_ALLOWRAW);
$value = vmFilter::hl($value, 'no_js_flash');
break;
default:
// //*** code for htmlpurifier ***
// //SEE http://htmlpurifier.org/
// // must only add all htmlpurifier in library/htmlpurifier/
// if (!$this->htmlpurifier) {
// require(JPATH_VM_ADMINISTRATOR.DS.'library'.DS.'htmlpurifier'.DS.'HTMLPurifier.auto.php');
// $config = HTMLPurifier_Config::createDefault();
// $this->htmlpurifier = new HTMLPurifier($config);
// }
// $value = $this->htmlpurifier->purify($value);
// vmdebug( "purified filter" , $value);
//$config->set('URI.HostBlacklist', array('google.com'));// set eg .add google.com in black list
if (strpos($fieldType, 'plugin') !== false) {
JPluginHelper::importPlugin('vmuserfield');
$dispatcher = JDispatcher::getInstance();
// vmdebug('params',$params);
$dispatcher->trigger('plgVmPrepareUserfieldDataSave', array($fieldType, $fieldName, &$post, &$value, $params));
return $value;
}
// no HTML TAGS but permit all alphabet
$value = vmFilter::hl($value, array('deny_attribute' => '*'));
$value = preg_replace('@<[\\/\\!]*?[^<>]*?>@si', '', $value);
//remove all html tags
$value = (string) preg_replace('#on[a-z](.+?)\\)#si', '', $value);
//replace start of script onclick() onload()...
$value = trim(str_replace('"', ' ', $value), "'");
$value = (string) preg_replace('#^\'#si', '', $value);
//replace ' at start
break;
}
return $value;
}
function saveAddressInCart($data, $type, $putIntoSession = true,$prefix='') {
// VirtueMartModelUserfields::getUserFields() won't work
if(!class_exists('VirtueMartModelUserfields')) require(VMPATH_ADMIN.DS.'models'.DS.'userfields.php' );
$userFieldsModel = VmModel::getModel('userfields');
if ($type == 'STaddress' or $type == 'BTaddress'){
vmTrace('STaddress found, seek and destroy');
}
$prepareUserFields = $userFieldsModel->getUserFieldsFor('cart',$type);
if(!is_array($data)){
$data = get_object_vars($data);
}
if ($type =='ST') {
$this->STsameAsBT = 0;
} else { // BT
if(empty($data['email'])){
$jUser = JFactory::getUser();
$address['email'] = $jUser->email;
}
}
$address = array();
if(!class_exists('vmFilter'))require(VMPATH_ADMIN.DS.'helpers'.DS.'vmfilter.php');
foreach ($prepareUserFields as $fld) {
if(!empty($fld->name)){
$name = $fld->name;
if(!isset($data[$prefix.$name])){
$tmp = vRequest::getString($prefix.$name,false);
if($tmp){
$data[$prefix.$name] = $tmp;
}
else if($fld->required and isset($this->{$type}[$name])){ //Why we have this fallback to the already stored value?
$data[$prefix.$name] = $this->{$type}[$name];
}
/*if($fld->type=='text'){
} else {
vmdebug('my fld ',$fld);
}*/
}
if(isset($data[$prefix.$name])){
if(!empty($data[$prefix.$name])){
$value = vmFilter::hl( $data[$prefix.$name],array('deny_attribute'=>'*'));
//to strong
/* $value = preg_replace('@<[\/\!]*?[^<>]*?>@si','',$value);//remove all html tags */
//lets use instead
$value = JComponentHelper::filterText($value);
$value = (string)preg_replace('#on[a-z](.+?)\)#si','',$value);//replace start of script onclick() onload()...
$value = trim(str_replace('"', ' ', $value),"'") ;
$data[$prefix.$name] = (string)preg_replace('#^\'#si','',$value);
}
$address[$name] = $data[$prefix.$name];
} else {
vmdebug('Data not found for type '.$type.' and name '.$prefix.$name.' ');
}
}
}
//dont store passwords in the session
unset($address['password']);
unset($address['password2']);
$this->{$type} = $address;
if($putIntoSession){
$this->setCartIntoSession(true);
}
}
private function filterCartInput($v)
{
$v = vmFilter::hl($v, array('deny_attribute' => '*'));
//to strong
/* $value = preg_replace('@<[\/\!]*?[^<>]*?>@si','',$value);//remove all html tags */
//lets use instead
$v = JComponentHelper::filterText($v);
$v = (string) preg_replace('#on[a-z](.+?)\\)#si', '', $v);
//replace start of script onclick() onload()...
$v = str_replace(array('"', "\t", "\n", "\r", "", "\v"), ' ', trim($v));
return (string) preg_replace('#^\'#si', '', $v);
}
/**
* Add a product to the cart
*
* @author RolandD
* @author Max Milbers
* @access public
*/
public function add($virtuemart_product_ids = null, &$errorMsg = '')
{
$mainframe = JFactory::getApplication();
$success = false;
$post = JRequest::get('default');
if (empty($virtuemart_product_ids)) {
$virtuemart_product_ids = JRequest::getVar('virtuemart_product_id', array(), 'default', 'array');
//is sanitized then
}
if (empty($virtuemart_product_ids)) {
$mainframe->enqueueMessage(JText::_('COM_VIRTUEMART_CART_ERROR_NO_PRODUCT_IDS', false));
return false;
}
//Iterate through the prod_id's and perform an add to cart for each one
foreach ($virtuemart_product_ids as $p_key => $virtuemart_product_id) {
$quantityPost = (int) $post['quantity'][$p_key];
if ($quantityPost === 0) {
continue;
}
$tmpProduct = $this->getProduct((int) $virtuemart_product_id, $quantityPost);
// dump($tmpProduct,'my product add to cart before');
// trying to save some space in the session table
$product = new stdClass();
$product->virtuemart_manufacturer_id = $tmpProduct->virtuemart_manufacturer_id;
// $product -> mf_name = $tmpProduct -> mf_name;
$product->slug = $tmpProduct->slug;
// $product -> mf_desc = $tmpProduct -> mf_desc;
// $product -> mf_url = $tmpProduct -> mf_url;
$product->published = $tmpProduct->published;
$product->virtuemart_product_price_id = $tmpProduct->virtuemart_product_price_id;
$product->virtuemart_product_id = $tmpProduct->virtuemart_product_id;
$product->virtuemart_shoppergroup_id = $tmpProduct->virtuemart_shoppergroup_id;
$product->product_price = $tmpProduct->product_price;
$product->override = $tmpProduct->override;
$product->product_override_price = $tmpProduct->product_override_price;
$product->product_tax_id = $tmpProduct->product_tax_id;
$product->product_discount_id = $tmpProduct->product_discount_id;
$product->product_currency = $tmpProduct->product_currency;
// $product -> product_price_vdate = $tmpProduct -> product_price_vdate;
// $product -> product_price_edate = $tmpProduct -> product_price_edate;
$product->virtuemart_vendor_id = $tmpProduct->virtuemart_vendor_id;
$product->product_parent_id = $tmpProduct->product_parent_id;
$product->product_sku = $tmpProduct->product_sku;
$product->product_name = $tmpProduct->product_name;
$product->product_s_desc = $tmpProduct->product_s_desc;
$product->product_weight = $tmpProduct->product_weight;
$product->product_weight_uom = $tmpProduct->product_weight_uom;
$product->product_length = $tmpProduct->product_length;
$product->product_width = $tmpProduct->product_width;
$product->product_height = $tmpProduct->product_height;
$product->product_lwh_uom = $tmpProduct->product_lwh_uom;
$product->product_in_stock = $tmpProduct->product_in_stock;
$product->product_ordered = $tmpProduct->product_ordered;
$product->product_sales = $tmpProduct->product_sales;
$product->product_unit = $tmpProduct->product_unit;
$product->product_packaging = $tmpProduct->product_packaging;
$product->min_order_level = $tmpProduct->min_order_level;
$product->max_order_level = $tmpProduct->max_order_level;
$product->virtuemart_media_id = $tmpProduct->virtuemart_media_id;
if (!empty($tmpProduct->images)) {
$product->image = $tmpProduct->images[0];
}
$product->categories = $tmpProduct->categories;
$product->virtuemart_category_id = $tmpProduct->virtuemart_category_id;
$product->category_name = $tmpProduct->category_name;
$product->link = $tmpProduct->link;
$product->packaging = $tmpProduct->packaging;
//$product -> customfields = empty($tmpProduct -> customfields)? array():$tmpProduct -> customfields ;
//$product -> customfieldsCart = empty($tmpProduct -> customfieldsCart)? array(): $tmpProduct -> customfieldsCart;
if (!empty($tmpProduct->customfieldsCart)) {
$product->customfieldsCart = true;
}
//$product -> customsChilds = empty($tmpProduct -> customsChilds)? array(): $tmpProduct -> customsChilds;
//Why reloading the product wiht same name $product ?
// passed all from $tmpProduct and relaoding it second time ????
// $tmpProduct = $this->getProduct((int) $virtuemart_product_id); seee before !!!
// $product = $this->getProduct((int) $virtuemart_product_id);
// Who ever noted that, yes that is exactly right that way, before we have a full object, with all functions
// of all its parents, we only need the data of the product, so we create a dummy class which contains only the data
// This is extremly important for performance reasons, else the sessions becomes too big.
// Check if we have a product
if ($product) {
if (!empty($post['virtuemart_category_id'][$p_key])) {
$virtuemart_category_idPost = (int) $post['virtuemart_category_id'][$p_key];
$product->virtuemart_category_id = $virtuemart_category_idPost;
}
$productKey = $product->virtuemart_product_id;
// INDEX NOT FOUND IN JSON HERE
// changed name field you know exactly was this is
if (isset($post['customPrice'])) {
$product->customPrices = $post['customPrice'];
if (isset($post['customPlugin'])) {
if (!class_exists('vmFilter')) {
require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'vmfilter.php';
}
if (!is_array($post['customPlugin'])) {
$customPluginPost = (array) $post['customPlugin'];
} else {
$customPluginPost = $post['customPlugin'];
}
VmConfig::$echoDebug = TRUE;
foreach ($customPluginPost as &$customPlugin) {
if (is_array($customPlugin)) {
foreach ($customPlugin as &$customPlug) {
if (is_array($customPlug)) {
foreach ($customPlug as &$customPl) {
$value = vmFilter::hl($customPl, array('deny_attribute' => '*'));
$value = preg_replace('@<[\\/\\!]*?[^<>]*?>@si', '', $value);
//remove all html tags
$value = (string) preg_replace('#on[a-z](.+?)\\)#si', '', $value);
//replace start of script onclick() onload()...
$value = trim(str_replace('"', ' ', $value), "'");
$customPl = (string) preg_replace('#^\'#si', '', $value);
}
}
}
}
}
$product->customPlugin = json_encode($customPluginPost);
}
$productKey .= '::';
foreach ($product->customPrices as $customPrice) {
foreach ($customPrice as $customId => $custom_fieldId) {
//MarkerVarMods
if (is_array($custom_fieldId)) {
foreach ($custom_fieldId as $userfieldId => $userfield) {
//$productKey .= (int)$customId . ':' . (int)$userfieldId . ';';
$productKey .= (int) $custom_fieldId . ':' . (int) $customId . ';';
}
} else {
//TODO productCartId
$productKey .= (int) $custom_fieldId . ':' . (int) $customId . ';';
}
}
}
}
// Add in the quantity in case the customfield plugins need it
$product->quantity = (int) $quantityPost;
if (!class_exists('vmCustomPlugin')) {
require JPATH_VM_PLUGINS . DS . 'vmcustomplugin.php';
}
JPluginHelper::importPlugin('vmcustom');
$dispatcher = JDispatcher::getInstance();
// on returning false the product have not to be added to cart
$addToCartReturnValues = $dispatcher->trigger('plgVmOnAddToCart', array(&$product));
foreach ($addToCartReturnValues as $returnValue) {
if ($returnValue === false) {
continue 2;
}
}
if (array_key_exists($productKey, $this->products) && empty($product->customPlugin)) {
$errorMsg = JText::_('COM_VIRTUEMART_CART_PRODUCT_UPDATED');
$totalQuantity = $this->products[$productKey]->quantity + $quantityPost;
if ($this->checkForQuantities($product, $totalQuantity, $errorMsg)) {
$this->products[$productKey]->quantity = $totalQuantity;
} else {
continue;
}
} else {
if (!empty($product->customPlugin)) {
$productKey .= count($this->products);
}
if ($this->checkForQuantities($product, $quantityPost, $errorMsg)) {
$this->products[$productKey] = $product;
$product->quantity = $quantityPost;
//$mainframe->enqueueMessage(JText::_('COM_VIRTUEMART_CART_PRODUCT_ADDED'));
} else {
// $errorMsg = JText::_('COM_VIRTUEMART_CART_PRODUCT_OUT_OF_STOCK');
continue;
}
}
$success = true;
} else {
$mainframe->enqueueMessage(JText::_('COM_VIRTUEMART_PRODUCT_NOT_FOUND', false));
return false;
}
}
if ($success == false) {
return false;
}
// End Iteration through Prod id's
$this->setCartIntoSession();
return true;
}
