/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'contentnosubnav'; if (HelperConfig::$shop["show_pricesonlytologgedin"] && !CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin"); } else { $this->P->cb_customcontenttemplate = 'shop/shoppingcart'; $this->P->oPayload->cl_html = ''; // ---------------------------------------------------------------------------- // Check if there is a message to display above the shoppingcart // ---------------------------------------------------------------------------- $this->P->oPayload->cl_html = $this->getNotification(); // ---------------------------------------------------------------------------- // Display the shoppingcart // ---------------------------------------------------------------------------- $aErr = []; if (isset($_SESSION["cart"]) && count($_SESSION["cart"]) >= 1) { if (isset($this->post["doCheckout"]) && $this->post["doCheckout"] == 'yes') { $aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr, true); if (!CHelper::getUserData() && (!isset($this->post["tos"]) || $this->post["tos"] != 'y')) { $aErr["tos"] = true; } if (!CHelper::getUserData() && (!isset($this->post["cancellationdisclaimer"]) || $this->post["cancellationdisclaimer"] != 'y')) { $aErr["cancellationdisclaimer"] = true; } if (!isset($this->post["paymentmethod"]) || array_search($this->post["paymentmethod"], HelperConfig::$shop["paymentmethods"]) === false) { $aErr["paymentmethod"] = true; } } $aShoppingcart = SHelper::buildShoppingCartTable($_SESSION["cart"], false, '', $aErr); } // ---------------------------------------------------------------------------- // Checkout // ---------------------------------------------------------------------------- if (!isset($aShoppingcart)) { $this->P->oPayload->cl_html .= $this->textcats->T("shoppingcart_empty"); } else { if (isset($this->post["doCheckout"]) && $this->post["doCheckout"] == 'yes') { if (count($aErr) == 0) { $this->doCheckout(); } } // endif $this->post["doCheckout"] == 'yes' } if (isset($aShoppingcart)) { $this->P->cb_customdata = $aShoppingcart; } } }
public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default"); } else { $this->P->cb_customcontenttemplate = 'customer/register'; $aErr = []; if (isset($_POST["doRegister"]) && $_POST["doRegister"] == 'yes') { $aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr); if (count($aErr) == 0) { $sql = 'SELECT cust_email FROM customer WHERE cust_email = :email'; $sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL); /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->prepare($sql); $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 0) { $sEmailVerificationcode = md5($_POST["email"] . time()); $aData = ['cust_email' => $sEmail, 'cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_password' => password_hash($_POST["pwd"], PASSWORD_DEFAULT), 'cust_tosaccepted' => isset($_POST["tos"]) && $_POST["tos"] == 'y' ? 'y' : 'n', 'cust_cancellationdisclaimeraccepted' => isset($_POST["cancellationdisclaimer"]) && $_POST["cancellationdisclaimer"] == 'y' ? 'y' : 'n', 'cust_emailverified' => 'n', 'cust_emailverificationcode' => $sEmailVerificationcode, 'cust_active' => HelperConfig::$customer["register_require_manual_activation"] ? 'n' : 'y', 'cust_registrationtimestamp' => time()]; $sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'customer'); $hResult = $this->serviceManager->get('db')->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue, \PDO::PARAM_STR); } $hResult->execute(); CHelper::sendVerificationMail($sEmailVerificationcode, $sEmail, $this->serviceManager, true); $aPData["showsuccessmessage"] = true; } else { $aErr["emailalreadytaken"] = true; $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr); } } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr); } } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register'); } if (isset($aPData) && count($aPData)) { $this->P->cb_customdata["register"] = $aPData; } } }
/** * @param $CUA * @param $twig * @return mixed */ private function handleCustomerAdmin($CUA, $twig) { $sType = 'all'; if (isset($_REQUEST["type"])) { if ($_REQUEST["type"] == 'active') { $sType = 'active'; } elseif ($_REQUEST["type"] == 'inactive') { $sType = 'inactive'; } } $return = ''; if (!isset($_GET["action"])) { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer'; if ($sType == 'active') { $sql .= ' WHERE cust_active = \'y\''; } elseif ($sType == 'inactive') { $sql .= ' WHERE cust_active = \'n\''; } $sql .= ' ORDER BY cust_no ASC'; $hResult = $this->db->query($sql); if ($hResult->rowCount() != 0) { $aData = $hResult->fetchAll(); $return .= \HaaseIT\Tools::makeListtable($CUA, $aData, $twig); } else { $aInfo["nodatafound"] = true; } } elseif (isset($_GET["action"]) && $_GET["action"] == 'edit') { $iId = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); $aErr = []; if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') { $sCustno = filter_var(trim($_POST["custno"]), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); if (strlen($sCustno) < HelperConfig::$customer["minimum_length_custno"]) { $aErr["custnoinvalid"] = true; } else { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_no = :custno'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->bindValue(':custno', $sCustno); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aErr["custnoalreadytaken"] = true; } $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->bindValue(':email', filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aErr["emailalreadytaken"] = true; } $aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr, true); if (count($aErr) == 0) { $aData = ['cust_no' => $sCustno, 'cust_email' => trim(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)), 'cust_corp' => trim(filter_input(INPUT_POST, 'corpname', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_name' => trim(filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_street' => trim(filter_input(INPUT_POST, 'street', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_zip' => trim(filter_input(INPUT_POST, 'zip', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_town' => trim(filter_input(INPUT_POST, 'town', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_phone' => trim(filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_cellphone' => trim(filter_input(INPUT_POST, 'cellphone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_fax' => trim(filter_input(INPUT_POST, 'fax', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_country' => trim(filter_input(INPUT_POST, 'country', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_group' => trim(filter_input(INPUT_POST, 'custgroup', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_emailverified' => isset($_POST["emailverified"]) && $_POST["emailverified"] == 'y' ? 'y' : 'n', 'cust_active' => isset($_POST["active"]) && $_POST["active"] == 'y' ? 'y' : 'n', 'cust_id' => $iId]; if (isset($_POST["pwd"]) && $_POST["pwd"] != '') { $aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT); $aInfo["passwordchanged"] = true; } $sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $aInfo["changeswritten"] = true; } } } $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id = :id'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->execute(); if ($hResult->rowCount() == 1) { $aUser = $hResult->fetch(); $aPData["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'admin', $aErr, $aUser); } else { $aInfo["nosuchuserfound"] = true; } } $aPData["customeradmin"]["text"] = $return; $aPData["customeradmin"]["type"] = $sType; if (isset($aInfo)) { $aPData["customeradmin"]["info"] = $aInfo; } return $aPData; }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (!CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin"); } else { $this->P->cb_customcontenttemplate = 'customer/customerhome'; $aPData["display_logingreeting"] = false; if (isset($_GET["login"]) && $_GET["login"]) { $aPData["display_logingreeting"] = true; } if (isset($_GET["editprofile"])) { $sErr = ''; if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email'; $sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL); $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $_SESSION["user"]['cust_id'], \PDO::PARAM_INT); $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $sErr .= $this->textcats->T("userprofile_emailalreadyinuse") . '<br>'; } $sErr = CHelper::validateCustomerForm(HelperConfig::$lang, $sErr, true); if ($sErr == '') { if (HelperConfig::$customer["allow_edituserprofile"]) { $aData = ['cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)]; } if (isset($_POST["pwd"]) && $_POST["pwd"] != '') { $aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT); $aPData["infopasswordchanged"] = true; } $aData['cust_id'] = $_SESSION["user"]['cust_id']; if (count($aData) > 1) { $sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $aPData["infochangessaved"] = true; } else { $aPData["infonothingchanged"] = true; } } } $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'editprofile', $sErr); //if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'userhome'); } $aPData["showprofilelinks"] = false; if (!isset($_GET["editprofile"])) { $aPData["showprofilelinks"] = true; } if (isset($aPData) && count($aPData)) { $this->P->cb_customdata["userhome"] = $aPData; } } }