public function update($id, $params)
{
$auth = $this->auth;
$data = array();
$status = Response::STATUS_BAD_REQUEST;
unset($params['user_id']);
list($user_id, $profile_id) = fn_update_user($id, $params, $auth, false, false);
if ($user_id) {
$status = Response::STATUS_OK;
$data = array('user_id' => $user_id, 'profile_id' => $profile_id);
}
return array('status' => $status, 'data' => $data);
}
}
if (!isset($user_data['password1'])) {
$user_data['password1'] = '';
}
$notify_user = true;
if (isset($_REQUEST['page']) && $_REQUEST['page'] == 'cart') {
$notify_user = false;
if ($user_data['copy_address']) {
$profile_fields = fn_get_profile_fields('O');
fn_fill_address($user_data, $profile_fields);
}
}
if (isset($user_data['fields']) && is_array($user_data['fields'])) {
$user_data['fields'] = array_filter($user_data['fields'], 'fn_twg_filter_profile_fields');
}
$result = fn_update_user($user_data['user_id'], $user_data, $_SESSION['auth'], !$user_data['copy_address'], $notify_user);
if (!$result) {
if (!fn_twg_set_internal_errors($response, 'ERROR_FAIL_CREATE_USER')) {
$response->addError('ERROR_FAIL_CREATE_USER', __('twgadmin_fail_create_user'));
}
$response->returnResponse();
}
if ($_SESSION['auth']['user_id'] == 0 && version_compare(PRODUCT_VERSION, '4.3.1', '>=')) {
list($user_id, $profile_id) = $result;
fn_login_user($user_id);
}
$_SESSION['cart']['user_data'] = fn_get_user_info($_SESSION['auth']['user_id']);
$profile = fn_twg_get_user_info($_SESSION['auth']['user_id']);
$profile = array_merge($profile, array('cart' => fn_twg_api_get_session_cart($_SESSION['cart'], $lang_code)));
$response->setData($profile);
} elseif ($meta['object'] == 'cart_profile') {
}
$is_valid_user_data = false;
} elseif ($_REQUEST['user_data']['password1'] !== $_REQUEST['user_data']['password2']) {
fn_set_notification('W', __('warning'), __('error_validator_password', array('[field2]' => __('password'), '[field]' => __('confirm_password'))));
$is_valid_user_data = false;
}
if (!$is_valid_user_data) {
return array(CONTROLLER_STATUS_REDIRECT, 'profiles.add');
}
}
if ($_REQUEST['user_data']['email'] !== $_REQUEST['user_data']['email2']) {
fn_set_notification('W', __('warning'), __('error_validator_password', array('[field2]' => __('email'), '[field]' => __('validate_email'))));
$is_valid_user_data = false;
}
fn_restore_processed_user_password($_REQUEST['user_data'], $_POST['user_data']);
$res = fn_update_user($auth['user_id'], $_REQUEST['user_data'], $auth, !empty($_REQUEST['ship_to_another']), true);
if ($res) {
list($user_id, $profile_id) = $res;
// Cleanup user info stored in cart
if (!empty($_SESSION['cart']) && !empty($_SESSION['cart']['user_data'])) {
$_SESSION['cart']['user_data'] = fn_array_merge($_SESSION['cart']['user_data'], $_REQUEST['user_data']);
}
// Delete anonymous authentication
if ($cu_id = fn_get_session_data('cu_id') && !empty($auth['user_id'])) {
fn_delete_session_data('cu_id');
}
Session::regenerateId();
if (!empty($_REQUEST['return_url'])) {
return array(CONTROLLER_STATUS_OK, $_REQUEST['return_url']);
}
} else {
}
$user_data = array();
if (!empty($_REQUEST['company_data']['admin_username'])) {
$user_data['user_login'] = $_REQUEST['company_data']['admin_username'];
} else {
$user_data['user_login'] = $_REQUEST['company_data']['email'];
}
$user_data['user_type'] = 'A';
$user_data['password1'] = fn_generate_password();
$user_data['password2'] = $user_data['password1'];
$user_data['status'] = $_REQUEST['company_data']['status'];
$user_data['company_id'] = $company_id;
$user_data['email'] = $_REQUEST['company_data']['email'];
$user_data['company'] = $_REQUEST['company_data']['company'];
// Create new user, avoiding switching to the vendor admin's session ($null in the 3rd argument)
fn_update_user(0, $user_data, $null, false, true, true);
}
$suffix = ".update?company_id={$company_id}";
} else {
$suffix = ".add";
}
} else {
$suffix = ".add";
}
}
//
// Processing updating of company element
//
if ($mode == 'update') {
if (!empty($_REQUEST['company_data']['company'])) {
if (!empty($_REQUEST['company_id']) && defined('COMPANY_ID') && COMPANY_ID != $_REQUEST['company_id']) {
/**
* Update steps data handler
*
* @param array $cart Cart
* @param array $auth Auth
* @param array $params Params
* @return array
*/
function fn_checkout_update_steps(&$cart, &$auth, $params)
{
$redirect_params = array();
$user_data = !empty($params['user_data']) ? $params['user_data'] : array();
unset($user_data['user_type']);
if (!empty($auth['user_id'])) {
if (isset($user_data['profile_id'])) {
if (empty($user_data['profile_id'])) {
$user_data['profile_type'] = 'S';
}
$profile_id = $user_data['profile_id'];
} elseif (!empty($cart['profile_id'])) {
$profile_id = $cart['profile_id'];
} else {
$profile_id = db_get_field("SELECT profile_id FROM ?:user_profiles WHERE user_id = ?i AND profile_type = 'P'", $auth['user_id']);
}
$user_data['user_id'] = $auth['user_id'];
$current_user_data = fn_get_user_info($auth['user_id'], true, $profile_id);
if ($profile_id != NULL) {
$cart['profile_id'] = $profile_id;
}
$errors = false;
// Update contact information
if (($params['update_step'] == 'step_one' || $params['update_step'] == 'step_two') && !empty($user_data['email'])) {
// Check email
$email_exists = fn_is_user_exists($auth['user_id'], $user_data);
if (!empty($email_exists)) {
fn_set_notification('E', __('error'), __('error_user_exists'));
$redirect_params['edit_step'] = $params['update_step'];
$errors = true;
$params['next_step'] = $params['update_step'];
}
}
// Update billing/shipping information
if ($params['update_step'] == 'step_two' || $params['update_step'] == 'step_one' && !$errors) {
if (!empty($user_data)) {
$user_data = fn_array_merge($current_user_data, $user_data);
$user_data['user_type'] = !empty($current_user_data['user_type']) ? $current_user_data['user_type'] : AREA;
$user_data = fn_fill_contact_info_from_address($user_data);
}
$user_data = fn_array_merge($current_user_data, $user_data);
if (empty($params['ship_to_another'])) {
$profile_fields = fn_get_profile_fields('O');
fn_fill_address($user_data, $profile_fields);
}
// Check if we need to send notification with new email to customer
$email = db_get_field('SELECT email FROM ?:users WHERE user_id = ?i', $auth['user_id']);
$send_notification = false;
if (isset($user_data['email']) && $user_data['email'] != $email) {
$send_notification = true;
}
list($user_id, $profile_id) = fn_update_user($auth['user_id'], $user_data, $auth, !empty($params['ship_to_another']), $send_notification, false);
$cart['profile_id'] = $profile_id;
}
// Add/Update additional fields
if (!empty($user_data['fields'])) {
fn_store_profile_fields($user_data, array('U' => $auth['user_id'], 'P' => $profile_id), 'UP');
// FIXME
}
} elseif (Registry::get('settings.Checkout.disable_anonymous_checkout') != 'Y') {
if (empty($auth['user_id']) && !empty($user_data['email'])) {
$email_exists = fn_is_user_exists(0, $user_data);
if (!empty($email_exists)) {
fn_set_notification('E', __('error'), __('error_user_exists'));
fn_save_post_data('user_data');
if (!empty($params['guest_checkout'])) {
$redirect_params['edit_step'] = $params['step_two'];
$redirect_params['guest_checkout'] = 1;
}
return $redirect_params;
}
}
if (isset($user_data['fields'])) {
$fields = fn_array_merge(isset($cart['user_data']['fields']) ? $cart['user_data']['fields'] : array(), $user_data['fields']);
}
if ($params['update_step'] == 'step_two' && !empty($user_data)) {
$user_data = fn_fill_contact_info_from_address($user_data);
}
$cart['user_data'] = fn_array_merge($cart['user_data'], $user_data);
// Fill shipping info with billing if needed
if (empty($params['ship_to_another']) && $params['update_step'] == 'step_two') {
$profile_fields = fn_get_profile_fields('O');
fn_fill_address($cart['user_data'], $profile_fields);
}
if (!empty($cart['user_data']['b_vat_id']) && !empty($cart['user_data']['b_country'])) {
if (fn_check_vat_id($user_data['b_vat_id'], $cart['user_data']['b_country'])) {
fn_set_notification('N', __('notice'), __('vat_id_number_is_valid'));
} else {
fn_set_notification('E', __('error'), __('vat_id_number_is_not_valid'));
$cart['user_data']['b_vat_id'] = '';
return $redirect_params;
}
} elseif (isset($user_data['b_vat_id'])) {
$user_data['b_vat_id'] = '';
}
}
if (!empty($params['next_step'])) {
$redirect_params['edit_step'] = $params['next_step'];
}
if (!empty($params['shipping_ids'])) {
fn_checkout_update_shipping($cart, $params['shipping_ids']);
}
if (!empty($params['payment_id'])) {
$cart['payment_id'] = (int) $params['payment_id'];
if (!empty($params['payment_info'])) {
$cart['extra_payment_info'] = $params['payment_info'];
if (!empty($cart['extra_payment_info']['card_number'])) {
$cart['extra_payment_info']['secure_card_number'] = preg_replace('/^(.+?)([0-9]{4})$/i', '***-$2', $cart['extra_payment_info']['card_number']);
}
} else {
unset($cart['extra_payment_info']);
}
fn_update_payment_surcharge($cart, $auth);
fn_save_cart_content($cart, $auth['user_id']);
}
if (!empty($params['customer_notes'])) {
$cart['notes'] = $params['customer_notes'];
}
// Recalculate the cart
$cart['recalculate'] = true;
if (!empty($params['next_step']) && ($params['next_step'] == 'step_three' || $params['next_step'] == 'step_four')) {
$cart['calculate_shipping'] = true;
}
$shipping_calculation_type = Registry::get('settings.General.estimate_shipping_cost') == 'Y' || !empty($completed_steps['step_two']) ? 'A' : 'S';
list($cart_products, $product_groups) = fn_calculate_cart_content($cart, $auth, $shipping_calculation_type, true, 'F');
$shipping_hash = fn_get_shipping_hash($cart['product_groups']);
if (!empty($_SESSION['shipping_hash']) && $_SESSION['shipping_hash'] != $shipping_hash && $params['next_step'] == 'step_four' && $cart['shipping_required']) {
if (!empty($cart['chosen_shipping'])) {
fn_set_notification('W', __('important'), __('text_shipping_rates_changed'));
}
$cart['chosen_shipping'] = array();
$redirect_params['edit_step'] = 'step_three';
return $redirect_params;
}
return $redirect_params;
}
$user_data['email'] = $_REQUEST['company_data']['email'];
$user_data['company'] = $_REQUEST['company_data']['company'];
$user_data['last_login'] = 0;
$user_data['lang_code'] = $_REQUEST['company_data']['lang_code'];
$user_data['password_change_timestamp'] = 0;
$user_data['is_root'] = 'N';
// Copy vendor admin billing and shipping addresses from the company's credentials
$user_data['firstname'] = $user_data['b_firstname'] = $user_data['s_firstname'] = !empty($_REQUEST['company_data']['admin_firstname']) ? $_REQUEST['company_data']['admin_firstname'] : '';
$user_data['lastname'] = $user_data['b_lastname'] = $user_data['s_lastname'] = !empty($_REQUEST['company_data']['admin_lastname']) ? $_REQUEST['company_data']['admin_lastname'] : '';
$user_data['b_address'] = $user_data['s_address'] = $_REQUEST['company_data']['address'];
$user_data['b_city'] = $user_data['s_city'] = $_REQUEST['company_data']['city'];
$user_data['b_country'] = $user_data['s_country'] = $_REQUEST['company_data']['country'];
$user_data['b_state'] = $user_data['s_state'] = $_REQUEST['company_data']['state'];
$user_data['b_zipcode'] = $user_data['s_zipcode'] = $_REQUEST['company_data']['zipcode'];
// Create new user, avoiding switching to the vendor admin's session ($null as the 3rd argument)
list($added_user_id, $null) = fn_update_user(0, $user_data, $null, false, true, true);
if ($added_user_id) {
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $added_user_id) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
}
}
}
} else {
fn_save_post_data('company_data', 'update');
}
}
} else {
$company_id = fn_update_company($_REQUEST['company_data']);
}
if (!empty($company_id)) {
if (fn_allowed_for('ULTIMATE') && !empty($_REQUEST['update'])) {
/**
* Fucntion changes company status. Allowed statuses are A(ctive) and D(isabled)
*
* @param int $company_id
* @param string $status_to A or D
* @param string $reason The reason of the change
* @param string $status_from Previous status
* @param boolean $skip_query By default false. Update query might be skipped if status is already changed.
* @return boolean True on success or false on failure
*/
function fn_companies_change_status($company_id, $status_to, $reason = '', &$status_from = '', $skip_query = false, $notify = true)
{
if (empty($status_from)) {
$status_from = db_get_field("SELECT status FROM ?:companies WHERE company_id = ?i", $company_id);
}
if (!in_array($status_to, array('A', 'P', 'D')) || $status_from == $status_to) {
return false;
}
$result = $skip_query ? true : db_query("UPDATE ?:companies SET status = ?s WHERE company_id = ?i", $status_to, $company_id);
if (!$result) {
return false;
}
$company_data = fn_get_company_data($company_id);
$account = $username = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
if (Registry::get('settings.Vendors.create_vendor_administrator_account') == 'Y') {
if (!empty($company_data['request_user_id'])) {
$password_change_timestamp = db_get_field("SELECT password_change_timestamp FROM ?:users WHERE user_id = ?i", $company_data['request_user_id']);
$_set = '';
if (empty($password_change_timestamp)) {
$_set = ", password_change_timestamp = 1 ";
}
db_query("UPDATE ?:users SET company_id = ?i, user_type = 'V'{$_set} WHERE user_id = ?i", $company_id, $company_data['request_user_id']);
$username = fn_get_user_name($company_data['request_user_id']);
$account = 'updated';
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $company_data['request_user_id']) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
} else {
$user_data = array();
if (!empty($company_data['request_account_name'])) {
$user_data['user_login'] = $company_data['request_account_name'];
} else {
$user_data['user_login'] = $company_data['email'];
}
$request_account_data = unserialize($company_data['request_account_data']);
$user_data['fields'] = $request_account_data['fields'];
$user_data['firstname'] = $user_data['b_firstname'] = $user_data['s_firstname'] = $request_account_data['admin_firstname'];
$user_data['lastname'] = $user_data['b_lastname'] = $user_data['s_lastname'] = $request_account_data['admin_lastname'];
$user_data['user_type'] = 'V';
$user_data['password1'] = fn_generate_password();
$user_data['password2'] = $user_data['password1'];
$user_data['status'] = 'A';
$user_data['company_id'] = $company_id;
$user_data['email'] = $company_data['email'];
$user_data['company'] = $company_data['company'];
$user_data['last_login'] = 0;
$user_data['lang_code'] = $company_data['lang_code'];
$user_data['password_change_timestamp'] = 0;
// Copy vendor admin billing and shipping addresses from the company's credentials
$user_data['b_address'] = $user_data['s_address'] = $company_data['address'];
$user_data['b_city'] = $user_data['s_city'] = $company_data['city'];
$user_data['b_country'] = $user_data['s_country'] = $company_data['country'];
$user_data['b_state'] = $user_data['s_state'] = $company_data['state'];
$user_data['b_zipcode'] = $user_data['s_zipcode'] = $company_data['zipcode'];
list($added_user_id, $null) = fn_update_user(0, $user_data, $null, false, false);
if ($added_user_id) {
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $added_user_id) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
$username = $user_data['user_login'];
$account = 'new';
}
}
}
}
if (empty($user_data)) {
$user_id = db_get_field("SELECT user_id FROM ?:users WHERE company_id = ?i AND is_root = 'Y' AND user_type = 'V'", $company_id);
$user_data = fn_get_user_info($user_id);
}
if ($notify && !empty($company_data['email'])) {
$e_username = '';
$e_account = '';
$e_password = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
$e_username = $username;
$e_account = $account;
if ($account == 'new') {
$e_password = $user_data['password1'];
}
}
$mail_template = fn_strtolower($status_from . '_' . $status_to);
Mailer::sendMail(array('to' => $company_data['email'], 'from' => 'default_company_support_department', 'data' => array('user_data' => $user_data, 'reason' => $reason, 'status' => __($status_to == 'A' ? 'active' : 'disabled'), 'e_username' => $e_username, 'e_account' => $e_account, 'e_password' => $e_password), 'company_id' => $company_id, 'tpl' => 'companies/status_' . $mail_template . '_notification.tpl'), 'A');
}
return $result;
}
}
$profile_fields = fn_get_profile_fields('O', $customer_auth);
// Clean up saved shipping rates
unset($_SESSION['shipping_rates']);
if (is_array($_REQUEST['user_data'])) {
// Fill shipping info with billing if needed
if (empty($_REQUEST['ship_to_another'])) {
fn_fill_address($_REQUEST['user_data'], $profile_fields, true);
}
// Add descriptions for countries and states
fn_add_user_data_descriptions($_REQUEST['user_data']);
$cart['user_data'] = $_REQUEST['user_data'];
$cart['ship_to_another'] = !empty($_REQUEST['ship_to_another']);
if (empty($cart['order_id']) && (Registry::get('settings.General.disable_anonymous_checkout') == 'Y' && !empty($_REQUEST['user_data']['password1']))) {
$cart['profile_registration_attempt'] = true;
if (fn_update_user(0, $cart['user_data'], $customer_auth, !empty($_REQUEST['ship_to_another']), true) == false) {
$action = '';
}
}
}
}
if ($mode == 'place_order') {
// Clean up saved shipping rates
unset($_SESSION['shipping_rates']);
// update totals and etc.
fn_update_cart_by_data($cart, $_REQUEST, $customer_auth);
if (!empty($_REQUEST['shipping_ids'])) {
fn_checkout_update_shipping($cart, $_REQUEST['shipping_ids']);
}
if (empty($cart['stored_shipping'])) {
$cart['calculate_shipping'] = true;
/**
* Creating company admin
*
* @param array $company_data Company data
* @param string $fields Fields list
* @param boolean $notify Notify flag
* @return array
*/
function fn_create_company_admin($company_data, $fields = '', $notify = false)
{
/**
* Actions before creating company admin
*
* @param array $company_data Company data
* @param string $fields Fields list
* @param boolean $notify Notify flag
*/
fn_set_hook('create_company_admin_pre', $company_data, $fields, $notify);
$user = array('fields' => $fields);
if (!empty($company_data['admin_username'])) {
$user['user_login'] = $company_data['admin_username'];
} else {
$user['user_login'] = $company_data['email'];
}
$password_length = USER_PASSWORD_LENGTH;
$min_password_length = (int) Registry::get('settings.Security.min_admin_password_length');
if ($min_password_length > $password_length) {
$password_length = $min_password_length;
}
$user['user_type'] = 'V';
$user['password1'] = fn_generate_password($password_length);
$user['password2'] = $user['password1'];
$user['status'] = !empty($company_data['status']) ? $company_data['status'] : 'A';
$user['company_id'] = $company_data['company_id'];
$user['email'] = $company_data['email'];
$user['company'] = $company_data['company'];
$user['last_login'] = 0;
$user['lang_code'] = $company_data['lang_code'];
$user['password_change_timestamp'] = 0;
$user['is_root'] = !empty($company_data['is_root']) ? $company_data['is_root'] : 'N';
// Copy vendor admin billing and shipping addresses from the company's credentials
$user['firstname'] = !empty($company_data['admin_firstname']) ? $company_data['admin_firstname'] : '';
$user['b_firstname'] = $user['s_firstname'] = $user['firstname'];
$user['lastname'] = !empty($company_data['admin_lastname']) ? $company_data['admin_lastname'] : '';
$user['b_lastname'] = $user['s_lastname'] = $user['lastname'];
$user['b_address'] = $user['s_address'] = $company_data['address'];
$user['b_city'] = $user['s_city'] = $company_data['city'];
$user['b_country'] = $user['s_country'] = $company_data['country'];
$user['b_state'] = $user['s_state'] = $company_data['state'];
$user['b_zipcode'] = $user['s_zipcode'] = $company_data['zipcode'];
/**
* Actions before directly creating company admin
*
* @param array $company_data Company data
* @param string $fields Fields list
* @param boolean $notify Notify flag
* @param array $user User data
*/
fn_set_hook('create_company_admin', $company_data, $fields, $notify, $user);
// Create new user, avoiding switching to the vendor admin's session ($null as the 3rd argument)
list($added_user_id) = fn_update_user(0, $user, $null, false, $notify);
if ($added_user_id) {
$msg = sprintf('%s<a href="%s">%s</a>', __('new_administrator_account_created'), fn_url('profiles.update?user_id=' . $added_user_id), __('you_can_edit_account_details'));
fn_set_notification('N', __('notice'), $msg, 'K');
$user['user_id'] = $added_user_id;
}
/**
* Actions after creating company admin
*
* @param array $company_data Company data
* @param string $fields Fields list
* @param boolean $notify Notify flag
* @param array $user User data
*/
fn_set_hook('create_company_admin_post', $company_data, $fields, $notify, $user);
return $user;
}
function importUsers()
{
$this->useDatabase($this->sourceDB);
$query = "SELECT * FROM members";
$result = mysqli_query($this->link, $query) or die("Failed to select from: cscart_users" . mysqli_error($this->link, $this->link));
$destLink = mysqli_connect($this->config['db_host'], $this->config['db_user'], $this->config['db_password']) or die('Database connection error. ' . mysqli_error($this->link));
$destQuery = "UPDATE cscart_users SET user_id=0 WHERE user_id=1";
$this->useDatabase($this->destinationDB, $destLink);
mysqli_query($destLink, $destQuery);
while ($user = mysqli_fetch_array($result, MYSQL_ASSOC)) {
$timestamp = strtotime($user['date']);
$user_data = array('user_id' => $user['id'], 'user_login' => $user['login'], 'email' => $user['email'], 'password1' => 'tempPass', 'password2' => 'tempPass', 'firstname' => $user['name'], 'lastname' => $user['surname'], 'fields' => array(35 => $user['phone'], 61 => $user['from'], 36 => $user['comment'], 38 => $user['usercomment'], 59 => $user['country']), 'b_state' => '', 'b_zipcode' => $user['index'], 'b_address' => $user['adress'], 'b_city' => $user['city'], 'b_phone' => $user['phone'], 'b_country' => $user['country'] == 'Россия' ? 'RU' : '');
$auth = array('ip' => $user['ip']);
fn_update_user('', $user_data, $auth, false, false);
$destQuery = "UPDATE cscart_users SET timestamp={$timestamp}, password='******'pass']}' WHERE user_id={$user['id']}";
mysqli_query($destLink, $destQuery);
}
//Add one admin
unset($user_data['user_id']);
$user_data['email'] = '*****@*****.**';
$user_data['user_login'] = '******';
$user_data['password1'] = 'admin';
$user_data['password2'] = 'admin';
$user_data['user_type'] = 'A';
fn_update_user('', $user_data, $auth, false, false);
}
}
$profile_fields = fn_get_profile_fields('O', $customer_auth);
// Clean up saved shipping rates
unset($_SESSION['shipping_rates']);
if (is_array($_REQUEST['user_data'])) {
// Fill shipping info with billing if needed
if (empty($_REQUEST['ship_to_another'])) {
fn_fill_address($_REQUEST['user_data'], $profile_fields, !fn_compare_shipping_billing($profile_fields));
}
// Add descriptions for countries and states
fn_add_user_data_descriptions($_REQUEST['user_data']);
$cart['user_data'] = $_REQUEST['user_data'];
$cart['ship_to_another'] = !empty($_REQUEST['ship_to_another']);
if (empty($cart['order_id']) && (Registry::get('settings.Checkout.disable_anonymous_checkout') == 'Y' && !empty($_REQUEST['user_data']['password1']))) {
$cart['profile_registration_attempt'] = true;
list($user_id) = fn_update_user(0, $cart['user_data'], $customer_auth, !empty($_REQUEST['ship_to_another']), true);
if ($user_id == false) {
$action = '';
} else {
$cart['user_id'] = $user_id;
$u_data = db_get_row("SELECT user_id, tax_exempt, user_type FROM ?:users WHERE user_id = ?i", $cart['user_id']);
$customer_auth = fn_fill_auth($u_data, array(), false, 'C');
$cart['user_data'] = array();
}
}
}
}
if ($mode == 'place_order') {
// Clean up saved shipping rates
unset($_SESSION['shipping_rates']);
// update totals and etc.
if (!empty($user_data)) {
$user_data = fn_array_merge($current_user_data, $user_data);
$user_data['user_type'] = !empty($current_user_data['user_type']) ? $current_user_data['user_type'] : AREA;
$user_data = fn_fill_contact_info_from_address($user_data);
}
$user_data = fn_array_merge($current_user_data, $user_data);
if (empty($_REQUEST['ship_to_another'])) {
$profile_fields = fn_get_profile_fields('O');
fn_fill_address($user_data, $profile_fields);
}
$email = db_get_field('SELECT email FROM ?:users WHERE user_id = ?i', $auth['user_id']);
$send_notification = false;
if (isset($user_data['email']) && $user_data['email'] != $email) {
$send_notification = true;
}
list($user_id, $profile_id) = fn_update_user($auth['user_id'], $user_data, $auth, !empty($_REQUEST['ship_to_another']), $send_notification, false);
$cart['profile_id'] = $profile_id;
}
if (!empty($user_data['fields'])) {
fn_store_profile_fields($user_data, array('U' => $auth['user_id'], 'P' => $profile_id), 'UP');
}
$cart['user_data'] = $user_data;
} elseif (Registry::get('settings.Checkout.disable_anonymous_checkout') != 'Y') {
if (empty($auth['user_id']) && !empty($user_data['email'])) {
$email_exists = fn_is_user_exists(0, $user_data);
if (!empty($email_exists)) {
fn_set_notification('E', __('error'), __('error_user_exists'));
fn_save_post_data('user_data');
return array(CONTROLLER_STATUS_REDIRECT, 'onestepcheckout' . $_suffix);
}
}
if (!empty($_REQUEST['default_cc'])) {
$cards_data = db_get_field("SELECT credit_cards FROM ?:user_profiles WHERE profile_id = ?i", $_REQUEST['profile_id']);
if (!empty($cards_data)) {
$cards = unserialize(fn_decrypt_text($cards_data));
foreach ($cards as $cc_id => $val) {
$cards[$cc_id]['default'] = $_REQUEST['default_cc'] == $cc_id ? true : false;
}
$cards_data = array('credit_cards' => fn_encrypt_text(serialize($cards)));
db_query('UPDATE ?:user_profiles SET ?u WHERE profile_id = ?i', $cards_data, $_REQUEST['profile_id']);
}
}
if (isset($_REQUEST['copy_address']) && empty($_REQUEST['copy_address'])) {
$_REQUEST['ship_to_another'] = 'Y';
}
//fn_check_company_id($_REQUEST['user_data']);
if ($res = fn_update_user($user_id, $_REQUEST['user_data'], $_auth, !empty($_REQUEST['ship_to_another']), AREA == 'A' ? !empty($_REQUEST['notify_customer']) : true)) {
list($user_id, $profile_id) = $res;
// Cleanup user info stored in cart
if (!empty($_SESSION['cart']) && !empty($_SESSION['cart']['user_data']) && AREA != 'A') {
unset($_SESSION['cart']['user_data']);
}
if (!empty($_REQUEST['return_url'])) {
return array(CONTROLLER_STATUS_OK, $_REQUEST['return_url']);
}
if (Registry::get('settings.General.user_multiple_profiles') == 'Y') {
$suffix = "?profile_id={$profile_id}";
}
}
if (AREA == 'A' && !empty($_REQUEST['user_id'])) {
$suffix .= "?user_id={$_REQUEST['user_id']}";
}
function fn_twg_api_update_user($user, &$auth, $notify_user = false)
{
if (!($user = fn_twg_check_api_user_data($user))) {
return false;
}
if (!empty($user['user_id'])) {
$user_data = db_get_row("SELECT * FROM ?:users WHERE user_id = ?i", $user['user_id']);
$user_data = array_merge($user_data, $user);
} else {
$user['user_id'] = 0;
$user_data = $user;
}
$user_data['password1'] = !empty($user_data['password1']) ? $user_data['password1'] : '';
$result = fn_update_user($user['user_id'], $user_data, $auth, true, $notify_user);
return $result;
}
}
}
$user_data = db_get_row("SELECT user_id, password FROM ?:users WHERE 1 {$condition}");
if (empty($user_data['user_id'])) {
Registry::get('settings.Checkout.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's');
$user_data = array();
$user_data['janrain_identifier'] = md5($data['profile']['identifier']);
$user_data['email'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com');
$user_data['user_login'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com');
$user_data['user_type'] = 'C';
$user_data['is_root'] = 'N';
$user_data['password1'] = $user_data['password2'] = '';
$user_data['title'] = !empty($data['profile']['honorificPrefix']) ? $data['profile']['honorificPrefix'] : 'mr';
$user_data[$address_zone . '_firstname'] = !empty($data['profile']['name']['givenName']) ? $data['profile']['name']['givenName'] : $data['profile']['displayName'];
$user_data[$address_zone . '_lastname'] = !empty($data['profile']['name']['familyName']) ? $data['profile']['name']['familyName'] : '';
list($user_data['user_id'], $profile_id) = fn_update_user('', $user_data, $auth, true, true, false);
}
$user_status = empty($user_data['user_id']) ? LOGIN_STATUS_USER_NOT_FOUND : fn_login_user($user_data['user_id']);
if ($user_status == LOGIN_STATUS_OK) {
if (empty($user_data['password'])) {
fn_set_notification('W', __('warning'), __('janrain_need_update_profile'));
$redirect_url = 'profiles.update';
} else {
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : fn_url();
}
} elseif ($user_status == LOGIN_STATUS_USER_DISABLED) {
fn_set_notification('E', __('error'), __('error_account_disabled'));
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : fn_url();
} elseif ($user_status == LOGIN_STATUS_USER_NOT_FOUND) {
fn_delete_notification('user_exist');
fn_set_notification('W', __('warning'), __('janrain_cant_create_profile'));
$_REQUEST['user_data']['user_type'] = !empty($_REQUEST['user_type']) ? $_REQUEST['user_type'] : 'C';
}
// Restricted admin cannot change its user type
if (fn_is_restricted_admin($_REQUEST) && $user_id == $auth['user_id'] || $user_id == $auth['user_id'] && $auth['area'] == 'A') {
$_REQUEST['user_type'] = '';
$_REQUEST['user_data']['user_type'] = $auth['user_type'];
}
/**
* Only admin can set the api key.
*/
if (empty($_REQUEST['user_api_status']) || $_REQUEST['user_api_status'] == 'N') {
$_REQUEST['user_data']['api_key'] = '';
}
fn_restore_processed_user_password($_REQUEST['user_data'], $_POST['user_data']);
$send_password = $user_id != $auth['user_id'];
$res = fn_update_user($user_id, $_REQUEST['user_data'], $auth, !empty($_REQUEST['ship_to_another']), !empty($_REQUEST['notify_customer']), $send_password);
if ($res) {
list($user_id, $profile_id) = $res;
if (!empty($_REQUEST['return_url'])) {
return array(CONTROLLER_STATUS_OK, $_REQUEST['return_url']);
}
} else {
fn_save_post_data('user_data');
fn_delete_notification('changes_saved');
}
$redirect_params = array('user_id' => $user_id);
if (Registry::get('settings.General.user_multiple_profiles') == 'Y') {
$redirect_params['profile_id'] = $profile_id;
}
if (!empty($_REQUEST['user_type'])) {
$redirect_params['user_type'] = $_REQUEST['user_type'];
//
// Recover password mode
//
if ($mode == 'recover_password') {
$user_email = !empty($_REQUEST['user_email']) ? $_REQUEST['user_email'] : '';
$redirect_url = '';
if (!fn_recover_password_generate_key($user_email)) {
$redirect_url = "auth.recover_password";
}
}
//
// Change expired password
//
if ($mode == 'password_change') {
fn_restore_processed_user_password($_REQUEST['user_data'], $_POST['user_data']);
if (fn_update_user($auth['user_id'], $_REQUEST['user_data'], $auth, false, true)) {
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : '';
} else {
$redirect_url = 'auth.password_change';
if (!empty($_REQUEST['return_url'])) {
$redirect_url .= '?return_url=' . urlencode($_REQUEST['return_url']);
}
}
}
return array(CONTROLLER_STATUS_OK, !empty($redirect_url) ? $redirect_url : fn_url());
}
//
// Perform user log out
//
if ($mode == 'logout') {
fn_user_logout($auth);
function fn_specific_development_before_login($request, $redirect_url)
{
if (!empty($request['token'])) {
$auth =& $auth;
$_request = array();
$_request[] = 'apiKey=' . Registry::get('addons.specific_development.apikey');
$_request[] = 'token=' . $request['token'];
list($header, $_result) = fn_https_request('POST', 'https://rpxnow.com/api/v2/auth_info', $_request);
$data = fn_from_json($_result, true);
if (isset($data['stat']) && $data['stat'] == 'ok') {
$user_data = array();
$user_data = db_get_row('SELECT user_id, password FROM ?:users WHERE janrain_identifier = ?s', md5($data['profile']['identifier']));
if (empty($user_data['user_id'])) {
Registry::get('settings.General.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's');
$user_data = array();
$user_data['janrain_identifier'] = md5($data['profile']['identifier']);
$user_data['email'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com');
$user_data['user_login'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com');
$user_data['user_type'] = 'C';
$user_data['is_root'] = 'N';
$user_data['password1'] = $user_data['password2'] = '';
$user_data['title'] = 'mr';
$user_data[$address_zone . '_firstname'] = !empty($data['profile']['name']['givenName']) ? $data['profile']['name']['givenName'] : $data['profile']['displayName'];
$user_data[$address_zone . '_lastname'] = !empty($data['profile']['name']['familyName']) ? $data['profile']['name']['familyName'] : '';
list($user_data['user_id'], $profile_id) = fn_update_user('', $user_data, $auth, true, false, false);
}
$user_status = empty($user_data['user_id']) ? LOGIN_STATUS_USER_NOT_FOUND : fn_login_user($user_data['user_id']);
if ($user_status == LOGIN_STATUS_OK) {
if (empty($user_data['password'])) {
$subscriber = db_get_row("SELECT * FROM ?:subscribers WHERE email = ?s", $user_data['email']);
if (empty($subscriber)) {
$c_data = array('email' => $user_data['email'], 'timestamp' => TIME);
$subscriber_id = db_query("INSERT INTO ?:subscribers ?e", $c_data);
$_data['subscriber_id'] = $subscriber_id;
$_data['list_id'] = "1";
$_data['timestamp'] = TIME;
$_data['activation_key'] = md5(uniqid(rand()));
$_data['unsubscribe_key'] = md5(uniqid(rand()));
db_query("INSERT INTO ?:user_mailing_lists ?e", $_data);
} else {
$subscriber_id = $subscriber['subscriber_id'];
}
$redirect_url = 'checkout.checkout&edit_step=step_two&from_step=step_one';
} else {
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : $index_script;
}
} elseif ($user_status == LOGIN_STATUS_USER_DISABLED) {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_account_disabled'));
fn_save_post_data();
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : $index_script;
} elseif ($user_status == LOGIN_STATUS_USER_NOT_FOUND) {
fn_delete_notification('user_exist');
fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('janrain_cant_create_profile'));
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : $index_script;
}
fn_delete_user($user_data['user_id']);
}
unset($request['token']);
} elseif (empty($_REQUEST['user_login']) || empty($_REQUEST['password'])) {
$redirect_url = !empty($_REQUEST['return_url']) ? $_REQUEST['return_url'] : $index_script;
}
}
function fn_hybrid_auth_create_user($auth_data, $provider)
{
Registry::get('settings.Checkout.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's');
$user_data = array();
$user_data['email'] = !empty($auth_data->verifiedEmail) ? $auth_data->verifiedEmail : (!empty($auth_data->email) ? $auth_data->email : '');
$user_data['user_login'] = !empty($auth_data->verifiedEmail) ? $auth_data->verifiedEmail : (!empty($auth_data->email) ? $auth_data->email : $auth_data->displayName);
$user_data['user_type'] = 'C';
$user_data['is_root'] = 'N';
$user_data['password'] = $user_data['password1'] = $user_data['password2'] = fn_generate_password();
$user_data[$address_zone . '_firstname'] = !empty($auth_data->firstName) ? $auth_data->firstName : '';
$user_data[$address_zone . '_lastname'] = !empty($auth_data->lastName) ? $auth_data->lastName : '';
$user_data[$address_zone . '_phone'] = !empty($auth_data->phone) ? $auth_data->phone : '';
$user_data[$address_zone . '_address'] = !empty($auth_data->address) ? $auth_data->address : '';
$user_data[$address_zone . '_country'] = !empty($auth_data->country) ? $auth_data->country : '';
$user_data[$address_zone . '_state'] = !empty($auth_data->region) ? $auth_data->region : '';
$user_data[$address_zone . '_city'] = !empty($auth_data->city) ? $auth_data->city : '';
$user_data[$address_zone . '_zipcode'] = !empty($auth_data->zip) ? $auth_data->zip : '';
list($user_data['user_id'], $profile_id) = fn_update_user('', $user_data, $auth, true, false, false);
if (!empty($user_data['email'])) {
Mailer::sendMail(array('to' => $user_data['email'], 'from' => 'company_orders_department', 'data' => array('user_data' => $user_data, 'user_name' => $user_data[$address_zone . '_firstname'] . " " . $user_data[$address_zone . '_lastname']), 'tpl' => 'addons/hybrid_auth/create_profile.tpl'), 'C', DESCR_SL);
}
return $user_data;
}
if ($mode == 'post') {
if ($object == 'profile') {
$user_data = fn_twg_get_api_data($response, $format);
$user_data['ship_to_another'] = empty($user_data['copy_address']) ? 'Y' : '';
if (empty($user_data['ship_to_another'])) {
$profile_fields = fn_get_profile_fields('O');
fn_fill_address($user_data, $profile_fields);
}
if (isset($user_data['fields']) && is_array($user_data['fields'])) {
$user_data['fields'] = array_filter($user_data['fields'], 'fn_twg_filter_profile_fields');
}
$old_user_data = fn_get_user_info($user_data['user_id']);
if (isset($old_user_data['company_id'])) {
$user_data['company_id'] = $old_user_data['company_id'];
}
$result = fn_update_user($user_data['user_id'], $user_data, $auth, $user_data['ship_to_another'], false);
if ($result) {
fn_set_notification('N', '', fn_twg_get_lang_var('twgadmin_saved'));
} else {
if (!fn_twg_set_internal_errors($response, 'ERROR_FAIL_CREATE_USER')) {
$response->addError('ERROR_FAIL_CREATE_USER', __('twgadmin_fail_create_user'));
}
$response->returnResponse();
}
$profile = fn_twg_get_user_info($user_data['user_id']);
$response->setData($profile);
} elseif ($object == 'orders' && !empty($data['order_id'])) {
if ($action == 'update') {
if (!fn_twg_check_permissions('orders', 'update_status', $auth) && isset($data['status'])) {
unset($data['status']);
}
}
if ($mode == 'update_steps') {
$redirect_params = fn_checkout_update_steps($cart, $auth, $_REQUEST);
return array(CONTROLLER_STATUS_REDIRECT, 'checkout.checkout?' . http_build_query($redirect_params));
}
if ($mode == 'create_profile') {
if (!empty($_REQUEST['order_id']) && !empty($auth['order_ids']) && in_array($_REQUEST['order_id'], $auth['order_ids'])) {
$order_info = fn_get_order_info($_REQUEST['order_id']);
$user_data = $_REQUEST['user_data'];
fn_fill_user_fields($user_data);
foreach ($user_data as $k => $v) {
if (isset($order_info[$k])) {
$user_data[$k] = $order_info[$k];
}
}
if ($res = fn_update_user(0, $user_data, $auth, true, true)) {
list($user_id) = $res;
fn_login_user($user_id);
return array(CONTROLLER_STATUS_REDIRECT, 'profiles.success_add');
} else {
return array(CONTROLLER_STATUS_REDIRECT, 'checkout.complete?order_id=' . $_REQUEST['order_id']);
}
} else {
return array(CONTROLLER_STATUS_DENIED);
}
}
return array(CONTROLLER_STATUS_OK, 'checkout.cart');
}
//
// Delete discount coupon
//
/**
* Регистрация на сайте и в таблице uLogin
* @param Array $u_user - данные о пользователе, полученные от uLogin
* @param int $in_db - при значении 1 необходимо переписать данные в таблице ?:ulogin
* @return bool|int|Error
*/
function fn_ulogin_registration_user($u_user, $in_db = 0)
{
if (!isset($u_user['email'])) {
Tygh::$app['view']->assign('ulogin_title', __('ulogin_auth_error_title'));
Tygh::$app['view']->assign('ulogin_error', __('ulogin_auth_error_msg'));
Tygh::$app['view']->assign('backurl', $_GET['backurl']);
Tygh::$app['view']->display('addons/ulogin/views/ulogin/error.tpl');
exit;
}
$u_user['network'] = isset($u_user['network']) ? $u_user['network'] : '';
$u_user['phone'] = isset($u_user['phone']) ? $u_user['phone'] : '';
// данные о пользователе есть в ulogin_table, но отсутствуют в Базе
if ($in_db == 1) {
db_query('DELETE FROM ?:ulogin WHERE identity = ?s', $u_user['identity']);
}
$user_id = fn_ulogin_getUserInfoByEmail($u_user['email']);
// $check_m_user == 1 -> есть пользователь с таким email
$check_m_user = !empty($user_id) ? 1 : 0;
$auth = $_SESSION['auth'];
$current_user = isset($auth['user_id']) ? $auth['user_id'] : 0;
// $isLoggedIn == true -> ползователь онлайн
$isLoggedIn = !empty($current_user) ? 1 : 0;
if (!$check_m_user && !$isLoggedIn) {
// отсутствует пользователь с таким email в базе -> регистрация
$date = explode('.', $u_user['bdate']);
$user_data = array();
$user_data['email'] = $u_user['email'];
$user_data['user_login'] = fn_ulogin_generateNickname($u_user['first_name'], $u_user['last_name'], $u_user['nickname'], $u_user['bdate']);
$user_data['user_type'] = 'C';
$user_data['is_root'] = 'N';
$user_data['salt'] = fn_generate_salt();
$user_data['password1'] = $user_data['password2'] = fn_generate_password();
$user_data['b_firstname'] = $u_user['first_name'];
$user_data['s_firstname'] = $u_user['first_name'];
$user_data['b_lastname'] = $u_user['last_name'];
$user_data['s_lastname'] = $u_user['last_name'];
$user_data['b_phone'] = isset($u_user['phone']) ? trim(preg_replace('/[^0-9]/', ' ', $u_user['phone'])) : '';
$user_data['s_phone'] = isset($u_user['phone']) ? trim(preg_replace('/[^0-9]/', ' ', $u_user['phone'])) : '';
$user_data['b_city'] = isset($u_user['city']) ? $u_user['city'] : '';
$user_data['s_city'] = isset($u_user['city']) ? $u_user['city'] : '';
$user_data['birthday'] = isset($date['2']) ? $date['2'] : '';
list($user_data['user_id'], $profile_id) = fn_update_user('', $user_data, $auth, true, true, true);
$u_user_data = array('user_id' => $user_data['user_id'], 'identity' => $u_user['identity'], 'network' => $u_user['network']);
db_query("INSERT INTO ?:ulogin ?e", $u_user_data);
return $user_data['user_id'];
} else {
// существует пользователь с таким email или это текущий пользователь
if (!isset($u_user["verified_email"]) || intval($u_user["verified_email"]) != 1) {
Tygh::$app['view']->assign('token', $_REQUEST['token']);
Tygh::$app['view']->display('addons/ulogin/views/ulogin/confirm.tpl');
exit;
}
if (intval($u_user["verified_email"]) == 1) {
$user_id = $isLoggedIn ? $current_user : $user_id;
$other_u = db_get_row("SELECT identity FROM ?:ulogin WHERE user_id = ?i", $user_id);
if ($other_u) {
if (!$isLoggedIn && !isset($u_user['merge_account'])) {
Tygh::$app['view']->assign('token', $_REQUEST['token']);
Tygh::$app['view']->assign('identity', $other_u['identity']);
Tygh::$app['view']->display('addons/ulogin/views/ulogin/merge.tpl');
exit;
}
}
$u_user_data = array('user_id' => $user_id, 'identity' => $u_user['identity'], 'network' => $u_user['network']);
db_query("INSERT INTO ?:ulogin ?e", $u_user_data);
return $user_id;
}
}
return false;
}
