Ejemplo n.º 1
0
 /**
  * Check if product exists and can be viewed by the current user
  *
  * @param  	int		product ID or alias
  * @return 	int 	pId on success, null if no match found
  */
 public function checkProduct($product, $showInactive = false)
 {
     // Integer is a pID, string must be an alias
     if (is_numeric($product)) {
         $lookupField = 'pId';
     } else {
         $lookupField = 'pAlias';
     }
     $sql = "SELECT `pId`, `access`";
     $sql .= ", IF(";
     $sql .= " (`publish_up` IS NULL OR `publish_up` <= NOW())";
     $sql .= " AND (`publish_down` IS NULL OR `publish_down` = '0000-00-00 00:00:00' OR `publish_down` > NOW()";
     $sql .= "), 1, 0) AS isPublished";
     $sql .= " FROM `#__storefront_products` p WHERE p.`{$lookupField}` = " . $this->_db->quote($product);
     if (!$showInactive) {
         $sql .= " AND p.`pActive` = 1";
     }
     $this->_db->setQuery($sql);
     $pInfo = $this->_db->loadObject();
     $response = new \stdClass();
     $response->status = 1;
     if (empty($pInfo)) {
         $response->status = 0;
         $response->errorCode = 404;
         $response->message = 'COM_STOREFRONT_PRODUCT_NOT_FOUND';
         return $response;
     }
     // Check if the product can be viewed (if access level scope is set)
     if (\Component::params('com_storefront')->get('productAccess')) {
         if ($this->accessGroupsScope) {
             $product = new Product();
             $product->setId($pInfo->pId);
             $accessgroups = $product->getAccessGroups('include');
             // See what groups are in common
             $groups = array_intersect($accessgroups, $this->accessGroupsScope);
             // No common groups
             if (empty($groups)) {
                 $response->status = 0;
                 $response->errorCode = 403;
                 $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED';
                 return $response;
             }
             $accessgroups = $product->getAccessGroups('exclude');
             // See what groups are in common
             $groups = array_intersect($accessgroups, $this->accessGroupsScope);
             // User in disallowed groups
             if (!empty($groups)) {
                 $response->status = 0;
                 $response->errorCode = 403;
                 $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED';
                 return $response;
             }
         }
     } else {
         if ($this->accessLevelsScope) {
             if (!in_array($pInfo->access, $this->accessLevelsScope)) {
                 $response->status = 0;
                 $response->errorCode = 403;
                 $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED';
                 return $response;
             }
         }
     }
     // Check if the product is published
     if (!$pInfo->isPublished) {
         $response->status = 0;
         $response->errorCode = 403;
         $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED';
         return $response;
     }
     $response->pId = $pInfo->pId;
     return $response;
 }