/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'contentnosubnav';
if (HelperConfig::$shop["show_pricesonlytologgedin"] && !CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin");
} else {
$this->P->cb_customcontenttemplate = 'shop/shoppingcart';
$this->P->oPayload->cl_html = '';
// ----------------------------------------------------------------------------
// Check if there is a message to display above the shoppingcart
// ----------------------------------------------------------------------------
$this->P->oPayload->cl_html = $this->getNotification();
// ----------------------------------------------------------------------------
// Display the shoppingcart
// ----------------------------------------------------------------------------
$aErr = [];
if (isset($_SESSION["cart"]) && count($_SESSION["cart"]) >= 1) {
if (isset($this->post["doCheckout"]) && $this->post["doCheckout"] == 'yes') {
$aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr, true);
if (!CHelper::getUserData() && (!isset($this->post["tos"]) || $this->post["tos"] != 'y')) {
$aErr["tos"] = true;
}
if (!CHelper::getUserData() && (!isset($this->post["cancellationdisclaimer"]) || $this->post["cancellationdisclaimer"] != 'y')) {
$aErr["cancellationdisclaimer"] = true;
}
if (!isset($this->post["paymentmethod"]) || array_search($this->post["paymentmethod"], HelperConfig::$shop["paymentmethods"]) === false) {
$aErr["paymentmethod"] = true;
}
}
$aShoppingcart = SHelper::buildShoppingCartTable($_SESSION["cart"], false, '', $aErr);
}
// ----------------------------------------------------------------------------
// Checkout
// ----------------------------------------------------------------------------
if (!isset($aShoppingcart)) {
$this->P->oPayload->cl_html .= $this->textcats->T("shoppingcart_empty");
} else {
if (isset($this->post["doCheckout"]) && $this->post["doCheckout"] == 'yes') {
if (count($aErr) == 0) {
$this->doCheckout();
}
}
// endif $this->post["doCheckout"] == 'yes'
}
if (isset($aShoppingcart)) {
$this->P->cb_customdata = $aShoppingcart;
}
}
}
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default");
} else {
$this->P->cb_customcontenttemplate = 'customer/register';
$aErr = [];
if (isset($_POST["doRegister"]) && $_POST["doRegister"] == 'yes') {
$aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr);
if (count($aErr) == 0) {
$sql = 'SELECT cust_email FROM customer WHERE cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 0) {
$sEmailVerificationcode = md5($_POST["email"] . time());
$aData = ['cust_email' => $sEmail, 'cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_password' => password_hash($_POST["pwd"], PASSWORD_DEFAULT), 'cust_tosaccepted' => isset($_POST["tos"]) && $_POST["tos"] == 'y' ? 'y' : 'n', 'cust_cancellationdisclaimeraccepted' => isset($_POST["cancellationdisclaimer"]) && $_POST["cancellationdisclaimer"] == 'y' ? 'y' : 'n', 'cust_emailverified' => 'n', 'cust_emailverificationcode' => $sEmailVerificationcode, 'cust_active' => HelperConfig::$customer["register_require_manual_activation"] ? 'n' : 'y', 'cust_registrationtimestamp' => time()];
$sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'customer');
$hResult = $this->serviceManager->get('db')->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue, \PDO::PARAM_STR);
}
$hResult->execute();
CHelper::sendVerificationMail($sEmailVerificationcode, $sEmail, $this->serviceManager, true);
$aPData["showsuccessmessage"] = true;
} else {
$aErr["emailalreadytaken"] = true;
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register');
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["register"] = $aPData;
}
}
}
/**
* @param $CUA
* @param $twig
* @return mixed
*/
private function handleCustomerAdmin($CUA, $twig)
{
$sType = 'all';
if (isset($_REQUEST["type"])) {
if ($_REQUEST["type"] == 'active') {
$sType = 'active';
} elseif ($_REQUEST["type"] == 'inactive') {
$sType = 'inactive';
}
}
$return = '';
if (!isset($_GET["action"])) {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer';
if ($sType == 'active') {
$sql .= ' WHERE cust_active = \'y\'';
} elseif ($sType == 'inactive') {
$sql .= ' WHERE cust_active = \'n\'';
}
$sql .= ' ORDER BY cust_no ASC';
$hResult = $this->db->query($sql);
if ($hResult->rowCount() != 0) {
$aData = $hResult->fetchAll();
$return .= \HaaseIT\Tools::makeListtable($CUA, $aData, $twig);
} else {
$aInfo["nodatafound"] = true;
}
} elseif (isset($_GET["action"]) && $_GET["action"] == 'edit') {
$iId = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
$aErr = [];
if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') {
$sCustno = filter_var(trim($_POST["custno"]), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
if (strlen($sCustno) < HelperConfig::$customer["minimum_length_custno"]) {
$aErr["custnoinvalid"] = true;
} else {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_no = :custno';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $iId);
$hResult->bindValue(':custno', $sCustno);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$aErr["custnoalreadytaken"] = true;
}
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $iId);
$hResult->bindValue(':email', filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL));
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$aErr["emailalreadytaken"] = true;
}
$aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr, true);
if (count($aErr) == 0) {
$aData = ['cust_no' => $sCustno, 'cust_email' => trim(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)), 'cust_corp' => trim(filter_input(INPUT_POST, 'corpname', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_name' => trim(filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_street' => trim(filter_input(INPUT_POST, 'street', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_zip' => trim(filter_input(INPUT_POST, 'zip', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_town' => trim(filter_input(INPUT_POST, 'town', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_phone' => trim(filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_cellphone' => trim(filter_input(INPUT_POST, 'cellphone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_fax' => trim(filter_input(INPUT_POST, 'fax', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_country' => trim(filter_input(INPUT_POST, 'country', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_group' => trim(filter_input(INPUT_POST, 'custgroup', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_emailverified' => isset($_POST["emailverified"]) && $_POST["emailverified"] == 'y' ? 'y' : 'n', 'cust_active' => isset($_POST["active"]) && $_POST["active"] == 'y' ? 'y' : 'n', 'cust_id' => $iId];
if (isset($_POST["pwd"]) && $_POST["pwd"] != '') {
$aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT);
$aInfo["passwordchanged"] = true;
}
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$aInfo["changeswritten"] = true;
}
}
}
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id = :id';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $iId);
$hResult->execute();
if ($hResult->rowCount() == 1) {
$aUser = $hResult->fetch();
$aPData["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'admin', $aErr, $aUser);
} else {
$aInfo["nosuchuserfound"] = true;
}
}
$aPData["customeradmin"]["text"] = $return;
$aPData["customeradmin"]["type"] = $sType;
if (isset($aInfo)) {
$aPData["customeradmin"]["info"] = $aInfo;
}
return $aPData;
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (!CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin");
} else {
$this->P->cb_customcontenttemplate = 'customer/customerhome';
$aPData["display_logingreeting"] = false;
if (isset($_GET["login"]) && $_GET["login"]) {
$aPData["display_logingreeting"] = true;
}
if (isset($_GET["editprofile"])) {
$sErr = '';
if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $_SESSION["user"]['cust_id'], \PDO::PARAM_INT);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$sErr .= $this->textcats->T("userprofile_emailalreadyinuse") . '<br>';
}
$sErr = CHelper::validateCustomerForm(HelperConfig::$lang, $sErr, true);
if ($sErr == '') {
if (HelperConfig::$customer["allow_edituserprofile"]) {
$aData = ['cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)];
}
if (isset($_POST["pwd"]) && $_POST["pwd"] != '') {
$aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT);
$aPData["infopasswordchanged"] = true;
}
$aData['cust_id'] = $_SESSION["user"]['cust_id'];
if (count($aData) > 1) {
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$aPData["infochangessaved"] = true;
} else {
$aPData["infonothingchanged"] = true;
}
}
}
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'editprofile', $sErr);
//if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'userhome');
}
$aPData["showprofilelinks"] = false;
if (!isset($_GET["editprofile"])) {
$aPData["showprofilelinks"] = true;
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["userhome"] = $aPData;
}
}
}
