function content_55d2f3b104f8b0_98025960($_smarty_tpl) { if (!is_callable('smarty_block_hook')) { include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php'; } if (!is_callable('smarty_modifier_date_format')) { include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.date_format.php'; } fn_preload_lang_vars(array('id', 'username', 'person_name', 'email', 'registered', 'type', 'status', 'view', 'administrator', 'vendor_administrator', 'customer', 'affiliate', 'view_all_orders', 'act_on_behalf', 'edit', 'delete', 'notify_user', 'no_data', 'export_selected', 'users', 'add_user')); if (fn_allowed_for("MULTIVENDOR")) { ?> <?php $_smarty_tpl->tpl_vars["no_hide_input"] = new Smarty_variable("cm-no-hide-input", null, 0); } ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profiles_scripts.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0); ?> <?php $_smarty_tpl->_capture_stack[0][] = array("mainbox", null, null); ob_start(); ?> <?php $_smarty_tpl->tpl_vars["c_icon"] = new Smarty_variable("<i class=\"exicon-" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev'] . "\"></i>", null, 0); $_smarty_tpl->tpl_vars["c_dummy"] = new Smarty_variable("<i class=\"exicon-dummy\"></i>", null, 0); ?> <form action="<?php echo htmlspecialchars(fn_url(''), ENT_QUOTES, 'UTF-8'); ?> " method="post" name="userlist_form" id="userlist_form" class="<?php if ($_smarty_tpl->tpl_vars['runtime']->value['company_id'] && !fn_allowed_for("ULTIMATE")) { ?> cm-hide-inputs<?php } ?> "> <input type="hidden" name="fake" value="1" /> <input type="hidden" name="user_type" value="<?php echo htmlspecialchars($_REQUEST['user_type'], ENT_QUOTES, 'UTF-8'); ?> " /> <?php echo $_smarty_tpl->getSubTemplate("common/pagination.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('save_current_page' => true, 'save_current_url' => true, 'div_id' => $_REQUEST['content_id']), 0); ?> <?php $_smarty_tpl->tpl_vars["c_url"] = new Smarty_variable(fn_query_remove($_smarty_tpl->tpl_vars['config']->value['current_url'], "sort_by", "sort_order"), null, 0); ?> <?php $_smarty_tpl->tpl_vars["rev"] = new Smarty_variable(($tmp = @$_REQUEST['content_id']) === null || $tmp === '' ? "pagination_contents" : $tmp, null, 0); ?> <?php if ($_smarty_tpl->tpl_vars['users']->value) { ?> <table width="100%" class="table table-middle"> <thead> <tr> <th width="1%" class="center <?php echo htmlspecialchars($_smarty_tpl->tpl_vars['no_hide_input']->value, ENT_QUOTES, 'UTF-8'); ?> "> <?php echo $_smarty_tpl->getSubTemplate("common/check_items.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0); ?> </th> <th width="3%" class="nowrap"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=id&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("id"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "id") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <?php if ($_smarty_tpl->tpl_vars['settings']->value['General']['use_email_as_login'] != "Y") { ?> <th width="18%"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=username&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("username"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "username") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <?php } ?> <th width="18%"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=name&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("person_name"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "name") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <th width="20%"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=email&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("email"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "email") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <th width="16%"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=date&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("registered"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "date") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <th><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=type&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("type"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "type") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:manage_header")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:manage_header"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:manage_header"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <th class="right"> </th> <th width="10%" class="right"><a class="cm-ajax" href="<?php echo htmlspecialchars(fn_url((string) $_smarty_tpl->tpl_vars['c_url']->value . "&sort_by=status&sort_order=" . (string) $_smarty_tpl->tpl_vars['search']->value['sort_order_rev']), ENT_QUOTES, 'UTF-8'); ?> " data-ca-target-id=<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['rev']->value, ENT_QUOTES, 'UTF-8'); ?> ><?php echo $_smarty_tpl->__("status"); if ($_smarty_tpl->tpl_vars['search']->value['sort_by'] == "status") { echo $_smarty_tpl->tpl_vars['c_icon']->value; } else { echo $_smarty_tpl->tpl_vars['c_dummy']->value; } ?> </a></th> </tr> </thead> <?php $_smarty_tpl->tpl_vars['user'] = new Smarty_Variable(); $_smarty_tpl->tpl_vars['user']->_loop = false; $_from = $_smarty_tpl->tpl_vars['users']->value; if (!is_array($_from) && !is_object($_from)) { settype($_from, 'array'); } foreach ($_from as $_smarty_tpl->tpl_vars['user']->key => $_smarty_tpl->tpl_vars['user']->value) { $_smarty_tpl->tpl_vars['user']->_loop = true; ?> <?php $_smarty_tpl->tpl_vars["allow_save"] = new Smarty_variable(fn_allow_save_object($_smarty_tpl->tpl_vars['user']->value, "users"), null, 0); ?> <?php if (!$_smarty_tpl->tpl_vars['allow_save']->value && !defined("RESTRICTED_ADMIN") && $_smarty_tpl->tpl_vars['auth']->value['is_root'] != 'Y') { ?> <?php $_smarty_tpl->tpl_vars["link_text"] = new Smarty_variable($_smarty_tpl->__("view"), null, 0); ?> <?php $_smarty_tpl->tpl_vars["popup_additional_class"] = new Smarty_variable('', null, 0); } elseif ($_smarty_tpl->tpl_vars['allow_save']->value || defined("RESTRICTED_ADMIN") || $_smarty_tpl->tpl_vars['auth']->value['is_root'] == 'Y') { ?> <?php $_smarty_tpl->tpl_vars["link_text"] = new Smarty_variable('', null, 0); ?> <?php $_smarty_tpl->tpl_vars["popup_additional_class"] = new Smarty_variable("cm-no-hide-input", null, 0); } else { ?> <?php $_smarty_tpl->tpl_vars["popup_additional_class"] = new Smarty_variable('', null, 0); ?> <?php $_smarty_tpl->tpl_vars["link_text"] = new Smarty_variable('', null, 0); } if (!fn_allowed_for("ULTIMATE")) { ?> <tr class="cm-row-status-<?php echo htmlspecialchars(mb_strtolower($_smarty_tpl->tpl_vars['user']->value['status'], 'UTF-8'), ENT_QUOTES, 'UTF-8'); ?> "> <?php } ?> <?php if (fn_allowed_for("ULTIMATE")) { ?> <tr class="cm-row-status-<?php echo htmlspecialchars(mb_strtolower($_smarty_tpl->tpl_vars['user']->value['status'], 'UTF-8'), ENT_QUOTES, 'UTF-8'); if (!$_smarty_tpl->tpl_vars['allow_save']->value || $_smarty_tpl->tpl_vars['user']->value['user_id'] == $_SESSION['auth']['user_id']) { ?> cm-hide-inputs<?php } ?> "> <?php } ?> <td class="center <?php echo htmlspecialchars($_smarty_tpl->tpl_vars['no_hide_input']->value, ENT_QUOTES, 'UTF-8'); ?> "> <input type="checkbox" name="user_ids[]" value="<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['user_id'], ENT_QUOTES, 'UTF-8'); ?> " class="checkbox cm-item" /></td> <td><a class="row-status" href="<?php echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&user_type=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_type']), ENT_QUOTES, 'UTF-8'); ?> "><?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['user_id'], ENT_QUOTES, 'UTF-8'); ?> </a></td> <?php if ($_smarty_tpl->tpl_vars['settings']->value['General']['use_email_as_login'] != "Y") { ?> <td><a class="row-status" href="<?php echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&user_type=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_type']), ENT_QUOTES, 'UTF-8'); ?> "><?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['user_login'], ENT_QUOTES, 'UTF-8'); ?> </a></td> <?php } ?> <td class="row-status"><?php if ($_smarty_tpl->tpl_vars['user']->value['firstname'] || $_smarty_tpl->tpl_vars['user']->value['lastname']) { ?> <a href="<?php echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&user_type=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_type']), ENT_QUOTES, 'UTF-8'); ?> "><?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['lastname'], ENT_QUOTES, 'UTF-8'); ?> <?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['firstname'], ENT_QUOTES, 'UTF-8'); ?> </a><?php } else { ?> -<?php } if ($_smarty_tpl->tpl_vars['user']->value['company_id']) { echo $_smarty_tpl->getSubTemplate("views/companies/components/company_name.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('object' => $_smarty_tpl->tpl_vars['user']->value), 0); } ?> </td> <td><a class="row-status" href="mailto:<?php echo htmlspecialchars(rawurlencode($_smarty_tpl->tpl_vars['user']->value['email']), ENT_QUOTES, 'UTF-8'); ?> "><?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['email'], ENT_QUOTES, 'UTF-8'); ?> </a></td> <td class="row-status"><?php echo htmlspecialchars(smarty_modifier_date_format($_smarty_tpl->tpl_vars['user']->value['timestamp'], (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['date_format'] . ", " . (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['time_format']), ENT_QUOTES, 'UTF-8'); ?> </td> <td class="row-status"><?php if ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "A") { echo $_smarty_tpl->__("administrator"); } elseif ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "V") { echo $_smarty_tpl->__("vendor_administrator"); } elseif ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "C") { echo $_smarty_tpl->__("customer"); } elseif ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "P") { echo $_smarty_tpl->__("affiliate"); } ?> </td> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:manage_data")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:manage_data"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:manage_data"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <td class="right nowrap"> <?php $_smarty_tpl->_capture_stack[0][] = array("tools_list", null, null); ob_start(); ?> <?php $_smarty_tpl->tpl_vars['list_extra_links'] = new Smarty_variable(false, null, 0); ?> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:list_extra_links")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:list_extra_links"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php if ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "C") { ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("view_all_orders"), 'href' => "orders.manage?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'])); ?> </li> <?php $_smarty_tpl->tpl_vars['list_extra_links'] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php if (fn_user_need_login($_smarty_tpl->tpl_vars['user']->value['user_type']) && (!$_smarty_tpl->tpl_vars['runtime']->value['company_id'] || $_smarty_tpl->tpl_vars['runtime']->value['company_id'] == $_smarty_tpl->tpl_vars['auth']->value['company_id'] && fn_check_permission_act_as_user()) && $_smarty_tpl->tpl_vars['user']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id'] && !($_smarty_tpl->tpl_vars['user']->value['user_type'] == $_smarty_tpl->tpl_vars['auth']->value['user_type'] && $_smarty_tpl->tpl_vars['user']->value['is_root'] == 'Y' && (!$_smarty_tpl->tpl_vars['user']->value['company_id'] || $_smarty_tpl->tpl_vars['user']->value['company_id'] == $_smarty_tpl->tpl_vars['auth']->value['company_id']))) { ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'target' => "_blank", 'text' => __("act_on_behalf"), 'href' => "profiles.act_as_user?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'])); ?> </li> <?php $_smarty_tpl->tpl_vars['list_extra_links'] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php $_smarty_tpl->tpl_vars["return_current_url"] = new Smarty_variable(rawurlencode($_smarty_tpl->tpl_vars['config']->value['current_url']), null, 0); ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:list_extra_links"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php if ($_smarty_tpl->tpl_vars['list_extra_links']->value) { ?> <li class="divider"></li> <?php } ?> <?php if ($_REQUEST['user_type']) { ?> <?php $_smarty_tpl->tpl_vars["user_edit_link"] = new Smarty_variable("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&user_type=" . (string) $_REQUEST['user_type'], null, 0); ?> <?php } else { ?> <?php $_smarty_tpl->tpl_vars["user_edit_link"] = new Smarty_variable("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&user_type=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_type'], null, 0); ?> <?php } ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("edit"), 'href' => $_smarty_tpl->tpl_vars['user_edit_link']->value)); ?> </li> <?php $_smarty_tpl->_capture_stack[0][] = array("tools_delete", null, null); ob_start(); ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("delete"), 'class' => "cm-confirm", 'href' => "profiles.delete?user_id=" . (string) $_smarty_tpl->tpl_vars['user']->value['user_id'] . "&redirect_url=" . (string) $_smarty_tpl->tpl_vars['return_current_url']->value)); ?> </li> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php if ($_smarty_tpl->tpl_vars['user']->value['user_id'] != $_SESSION['auth']['user_id']) { ?> <?php if (!$_smarty_tpl->tpl_vars['runtime']->value['company_id'] && !($_smarty_tpl->tpl_vars['user']->value['user_type'] == "A" && $_smarty_tpl->tpl_vars['user']->value['is_root'] == "Y")) { ?> <?php echo Smarty::$_smarty_vars['capture']['tools_delete']; ?> <?php } elseif ($_smarty_tpl->tpl_vars['allow_save']->value) { ?> <?php if (fn_allowed_for("MULTIVENDOR") && $_smarty_tpl->tpl_vars['user']->value['user_type'] == "V" && $_smarty_tpl->tpl_vars['user']->value['is_root'] == "N") { ?> <?php echo Smarty::$_smarty_vars['capture']['tools_delete']; ?> <?php } ?> <?php if (fn_allowed_for("ULTIMATE")) { ?> <?php echo Smarty::$_smarty_vars['capture']['tools_delete']; ?> <?php } ?> <?php } ?> <?php } ?> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <div class="hidden-tools"> <?php smarty_template_function_dropdown($_smarty_tpl, array('content' => Smarty::$_smarty_vars['capture']['tools_list'])); ?> </div> </td> <td class="right"> <input type="hidden" name="user_types[<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['user_id'], ENT_QUOTES, 'UTF-8'); ?> ]" value="<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['user']->value['user_type'], ENT_QUOTES, 'UTF-8'); ?> " /> <?php if ($_smarty_tpl->tpl_vars['user']->value['is_root'] == "Y" && ($_smarty_tpl->tpl_vars['user']->value['user_type'] == "A" || $_smarty_tpl->tpl_vars['user']->value['user_type'] == "V" && $_smarty_tpl->tpl_vars['runtime']->value['company_id'] && $_smarty_tpl->tpl_vars['runtime']->value['company_id'] == $_smarty_tpl->tpl_vars['user']->value['company_id'])) { ?> <?php $_smarty_tpl->tpl_vars["u_id"] = new Smarty_variable('', null, 0); ?> <?php } else { ?> <?php $_smarty_tpl->tpl_vars["u_id"] = new Smarty_variable($_smarty_tpl->tpl_vars['user']->value['user_id'], null, 0); ?> <?php } ?> <?php $_smarty_tpl->tpl_vars["non_editable"] = new Smarty_variable(false, null, 0); ?> <?php if ($_smarty_tpl->tpl_vars['user']->value['is_root'] == "Y" && $_smarty_tpl->tpl_vars['user']->value['user_type'] == $_smarty_tpl->tpl_vars['auth']->value['user_type'] && (!$_smarty_tpl->tpl_vars['user']->value['company_id'] || $_smarty_tpl->tpl_vars['user']->value['company_id'] == $_smarty_tpl->tpl_vars['auth']->value['company_id']) || $_smarty_tpl->tpl_vars['user']->value['user_id'] == $_smarty_tpl->tpl_vars['auth']->value['user_id'] || fn_allowed_for("MULTIVENDOR") && $_smarty_tpl->tpl_vars['runtime']->value['company_id'] && ($_smarty_tpl->tpl_vars['user']->value['user_type'] == 'C' || $_smarty_tpl->tpl_vars['user']->value['company_id'] && $_smarty_tpl->tpl_vars['user']->value['company_id'] != $_smarty_tpl->tpl_vars['runtime']->value['company_id'])) { ?> <?php $_smarty_tpl->tpl_vars["non_editable"] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php echo $_smarty_tpl->getSubTemplate("common/select_popup.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('id' => $_smarty_tpl->tpl_vars['u_id']->value, 'status' => $_smarty_tpl->tpl_vars['user']->value['status'], 'hidden' => '', 'update_controller' => "profiles", 'notify' => true, 'notify_text' => __("notify_user"), 'popup_additional_class' => (string) $_smarty_tpl->tpl_vars['popup_additional_class']->value . " dropleft", 'non_editable' => $_smarty_tpl->tpl_vars['non_editable']->value), 0); ?> </td> </tr> <?php } ?> </table> <?php } else { ?> <p class="no-items"><?php echo $_smarty_tpl->__("no_data"); ?> </p> <?php } ?> <?php echo $_smarty_tpl->getSubTemplate("common/pagination.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('div_id' => $_REQUEST['content_id']), 0); ?> <?php $_smarty_tpl->_capture_stack[0][] = array("buttons", null, null); ob_start(); ?> <?php if ($_smarty_tpl->tpl_vars['users']->value) { ?> <?php $_smarty_tpl->_capture_stack[0][] = array("tools_list", null, null); ob_start(); ?> <?php if (fn_allowed_for("ULTIMATE") || !$_smarty_tpl->tpl_vars['runtime']->value['company_id']) { ?> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:list_tools")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:list_tools"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("export_selected"), 'dispatch' => "dispatch[profiles.export_range]", 'form' => "userlist_form")); ?> </li> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:list_tools"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php } ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "delete_selected", 'dispatch' => "dispatch[profiles.m_delete]", 'form' => "userlist_form")); ?> </li> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php smarty_template_function_dropdown($_smarty_tpl, array('content' => Smarty::$_smarty_vars['capture']['tools_list'])); ?> <?php } list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> </form> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php $_smarty_tpl->_capture_stack[0][] = array("adv_buttons", null, null); ob_start(); ?> <?php if ($_REQUEST['user_type']) { ?> <?php $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable(fn_get_user_type_description($_REQUEST['user_type'], true), null, 0); ?> <?php } else { ?> <?php $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable($_smarty_tpl->__("users"), null, 0); ?> <?php } ?> <?php if ($_REQUEST['user_type']) { ?> <?php if (!($_smarty_tpl->tpl_vars['runtime']->value['company_id'] && fn_allowed_for("MULTIVENDOR") && ($_REQUEST['user_type'] == 'C' || $_smarty_tpl->tpl_vars['auth']->value['is_root'] != 'Y'))) { ?> <a class="btn cm-tooltip" href="<?php echo htmlspecialchars(fn_url("profiles.add?user_type=" . (string) $_REQUEST['user_type']), ENT_QUOTES, 'UTF-8'); ?> " title="<?php echo $_smarty_tpl->__("add_user"); ?> "><i class="icon-plus"></i></a> <?php } ?> <?php } else { ?> <?php if (!empty($_smarty_tpl->tpl_vars['user_types']->value)) { ?> <?php $_smarty_tpl->_capture_stack[0][] = array("tools_list", null, null); ob_start(); ?> <?php $_smarty_tpl->tpl_vars["_p"] = new Smarty_Variable(); $_smarty_tpl->tpl_vars["_p"]->_loop = false; $_smarty_tpl->tpl_vars["_k"] = new Smarty_Variable(); $_from = $_smarty_tpl->tpl_vars['user_types']->value; if (!is_array($_from) && !is_object($_from)) { settype($_from, 'array'); } foreach ($_from as $_smarty_tpl->tpl_vars["_p"]->key => $_smarty_tpl->tpl_vars["_p"]->value) { $_smarty_tpl->tpl_vars["_p"]->_loop = true; $_smarty_tpl->tpl_vars["_k"]->value = $_smarty_tpl->tpl_vars["_p"]->key; ?> <?php if (!($_smarty_tpl->tpl_vars['runtime']->value['company_id'] && fn_allowed_for("MULTIVENDOR") && ($_REQUEST['user_type'] == 'C' || $_smarty_tpl->tpl_vars['auth']->value['is_root'] != 'Y'))) { ?> <li><a href="<?php echo htmlspecialchars(fn_url("profiles.add?user_type=" . (string) $_smarty_tpl->tpl_vars['_k']->value), ENT_QUOTES, 'UTF-8'); ?> "><?php echo $_smarty_tpl->__($_smarty_tpl->tpl_vars['_p']->value); ?> </a></li> <?php } ?> <?php } ?> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php smarty_template_function_dropdown($_smarty_tpl, array('content' => Smarty::$_smarty_vars['capture']['tools_list'], 'no_caret' => true, 'icon' => "icon-plus", 'placement' => "right")); ?> <?php } ?> <?php } list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php $_smarty_tpl->_capture_stack[0][] = array("sidebar", null, null); ob_start(); ?> <?php echo $_smarty_tpl->getSubTemplate("common/saved_search.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('dispatch' => "profiles.manage", 'view_type' => "users"), 0); ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/users_search_form.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('dispatch' => "profiles.manage"), 0); ?> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php echo $_smarty_tpl->getSubTemplate("common/mainbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('title' => $_smarty_tpl->tpl_vars['_title']->value, 'content' => Smarty::$_smarty_vars['capture']['mainbox'], 'sidebar' => Smarty::$_smarty_vars['capture']['sidebar'], 'adv_buttons' => Smarty::$_smarty_vars['capture']['adv_buttons'], 'buttons' => Smarty::$_smarty_vars['capture']['buttons'], 'content_id' => "manage_users"), 0); }
function content_55e61e6bb11d10_64552035($_smarty_tpl) { if (!is_callable('smarty_block_hook')) { include '/var/www/html/market/app/functions/smarty_plugins/block.hook.php'; } fn_preload_lang_vars(array('contact_information', 'user_profile_info', 'text_multiprofile_notice', 'billing_address', 'shipping_address', 'shipping_address', 'usergroup', 'status', 'no_data', 'allow_api_access', 'api_key', 'new_profile', 'editing_profile', 'editing_profile', 'editing_profile', 'view_all_orders', 'act_on_behalf', 'delete', 'create', 'notify_user')); if ($_smarty_tpl->tpl_vars['user_data']->value) { ?> <?php $_smarty_tpl->tpl_vars["id"] = new Smarty_variable($_smarty_tpl->tpl_vars['user_data']->value['user_id'], null, 0); } else { ?> <?php $_smarty_tpl->tpl_vars["id"] = new Smarty_variable(0, null, 0); } ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profiles_scripts.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0); ?> <form name="profile_form" action="<?php echo htmlspecialchars(fn_url(''), ENT_QUOTES, 'UTF-8'); ?> " method="post" class="form-horizontal form-edit form-table <?php if ($_smarty_tpl->tpl_vars['runtime']->value['company_id'] && $_smarty_tpl->tpl_vars['id']->value && $_smarty_tpl->tpl_vars['user_data']->value['company_id'] != $_smarty_tpl->tpl_vars['runtime']->value['company_id'] && $_smarty_tpl->tpl_vars['id']->value != $_smarty_tpl->tpl_vars['auth']->value['user_id'] || $_smarty_tpl->tpl_vars['hide_inputs']->value) { ?> cm-hide-inputs<?php } ?> "> <?php $_smarty_tpl->_capture_stack[0][] = array("mainbox", null, null); ob_start(); ?> <?php $_smarty_tpl->_capture_stack[0][] = array("tabsbox", null, null); ob_start(); ?> <?php $_smarty_tpl->tpl_vars['hide_inputs'] = new Smarty_variable(false, null, 0); ?> <?php if ($_smarty_tpl->tpl_vars['user_data']->value['user_type'] == $_smarty_tpl->tpl_vars['auth']->value['user_type'] && $_smarty_tpl->tpl_vars['user_data']->value['is_root'] == 'Y' && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id'] && (!$_smarty_tpl->tpl_vars['user_data']->value['company_id'] || $_smarty_tpl->tpl_vars['user_data']->value['company_id'] == $_smarty_tpl->tpl_vars['auth']->value['company_id'])) { ?> <?php $_smarty_tpl->tpl_vars['hide_inputs'] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php if (fn_allowed_for("ULTIMATE") && !fn_allow_save_object($_smarty_tpl->tpl_vars['user_data']->value, "users") && $_smarty_tpl->tpl_vars['id']->value && !fn_ult_check_users_usergroup_companies($_smarty_tpl->tpl_vars['id']->value) && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id']) { ?> <?php $_smarty_tpl->tpl_vars['hide_inputs'] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php if (fn_allowed_for("MULTIVENDOR") && (!fn_allow_save_object($_smarty_tpl->tpl_vars['user_data']->value, "users") || $_smarty_tpl->tpl_vars['runtime']->value['company_id'] && ($_REQUEST['user_type'] == 'C' || fn_string_not_empty($_smarty_tpl->tpl_vars['user_data']->value['company_id']) && $_smarty_tpl->tpl_vars['user_data']->value['company_id'] != $_smarty_tpl->tpl_vars['runtime']->value['company_id'])) && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id']) { ?> <?php $_smarty_tpl->tpl_vars['hide_inputs'] = new Smarty_variable(true, null, 0); ?> <?php } ?> <input type="hidden" name="user_id" value="<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['id']->value, ENT_QUOTES, 'UTF-8'); ?> " /> <input type="hidden" class="cm-no-hide-input" name="selected_section" id="selected_section" value="<?php echo htmlspecialchars($_smarty_tpl->tpl_vars['selected_section']->value, ENT_QUOTES, 'UTF-8'); ?> " /> <input type="hidden" class="cm-no-hide-input" name="user_type" value="<?php echo htmlspecialchars($_REQUEST['user_type'], ENT_QUOTES, 'UTF-8'); ?> " /> <div id="content_general"> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:general_content")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:general_content"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profiles_account.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0); ?> <?php if ((fn_allowed_for("ULTIMATE") || $_smarty_tpl->tpl_vars['user_type']->value == "V") && $_smarty_tpl->tpl_vars['id']->value != $_smarty_tpl->tpl_vars['auth']->value['user_id']) { ?> <?php $_smarty_tpl->tpl_vars['zero_company_id_name_lang_var'] = new Smarty_variable(false, null, 0); ?> <?php if (fn_allowed_for("ULTIMATE") && fn_check_user_type_admin_area($_smarty_tpl->tpl_vars['user_type']->value)) { ?> <?php $_smarty_tpl->tpl_vars['zero_company_id_name_lang_var'] = new Smarty_variable('all_vendors', null, 0); ?> <?php } ?> <?php echo $_smarty_tpl->getSubTemplate("views/companies/components/company_field.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('name' => "user_data[company_id]", 'id' => "user_data_company_id", 'selected' => $_smarty_tpl->tpl_vars['user_data']->value['company_id'], 'zero_company_id_name_lang_var' => $_smarty_tpl->tpl_vars['zero_company_id_name_lang_var']->value, 'disable_company_picker' => $_smarty_tpl->tpl_vars['hide_inputs']->value), 0); ?> <?php } else { ?> <input type="hidden" name="user_data[company_id]" value="<?php echo htmlspecialchars(($tmp = @$_smarty_tpl->tpl_vars['user_data']->value['company_id']) === null || $tmp === '' ? 0 : $tmp, ENT_QUOTES, 'UTF-8'); ?> "> <?php } ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:general_content"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profile_fields.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('section' => "C", 'title' => __("contact_information")), 0); ?> <?php if ($_smarty_tpl->tpl_vars['settings']->value['General']['user_multiple_profiles'] == "Y" && $_smarty_tpl->tpl_vars['id']->value) { ?> <?php echo $_smarty_tpl->getSubTemplate("common/subheader.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('title' => __("user_profile_info")), 0); ?> <p class="form-note"><?php echo $_smarty_tpl->__("text_multiprofile_notice"); ?> </p> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/multiple_profiles.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0); ?> <?php } ?> <?php if ($_smarty_tpl->tpl_vars['profile_fields']->value['B']) { ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profile_fields.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('section' => "B", 'title' => __("billing_address")), 0); ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profile_fields.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('section' => "S", 'title' => __("shipping_address"), 'body_id' => "sa", 'shipping_flag' => fn_compare_shipping_billing($_smarty_tpl->tpl_vars['profile_fields']->value)), 0); ?> <?php } else { ?> <?php echo $_smarty_tpl->getSubTemplate("views/profiles/components/profile_fields.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('section' => "S", 'title' => __("shipping_address"), 'shipping_flag' => false), 0); ?> <?php } ?> </div> <?php if (!fn_allowed_for("ULTIMATE:FREE")) { ?> <?php if ($_smarty_tpl->tpl_vars['id']->value && ((!fn_check_user_type_admin_area($_smarty_tpl->tpl_vars['user_data']->value) || !$_smarty_tpl->tpl_vars['user_data']->value['user_id']) && !$_smarty_tpl->tpl_vars['runtime']->value['company_id'] || fn_check_user_type_admin_area($_smarty_tpl->tpl_vars['user_data']->value) && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] && $_smarty_tpl->tpl_vars['usergroups']->value && !$_smarty_tpl->tpl_vars['runtime']->value['company_id'] && $_smarty_tpl->tpl_vars['auth']->value['is_root'] == 'Y' && ($_smarty_tpl->tpl_vars['user_data']->value['company_id'] != 0 || $_smarty_tpl->tpl_vars['user_data']->value['company_id'] == 0 && $_smarty_tpl->tpl_vars['user_data']->value['is_root'] != 'Y') || $_smarty_tpl->tpl_vars['user_data']->value['user_type'] == 'V' && $_smarty_tpl->tpl_vars['runtime']->value['company_id'] && $_smarty_tpl->tpl_vars['auth']->value['is_root'] == 'Y' && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id'] && $_smarty_tpl->tpl_vars['user_data']->value['company_id'] == $_smarty_tpl->tpl_vars['runtime']->value['company_id'])) { ?> <div id="content_usergroups" class="cm-hide-save-button"> <?php if ($_smarty_tpl->tpl_vars['usergroups']->value) { ?> <table width="100%" class="table table-middle"> <thead> <tr> <th width="50%"><?php echo $_smarty_tpl->__("usergroup"); ?> </th> <th class="right" width="10%"><?php echo $_smarty_tpl->__("status"); ?> </th> </tr> </thead> <?php $_smarty_tpl->tpl_vars['usergroup'] = new Smarty_Variable(); $_smarty_tpl->tpl_vars['usergroup']->_loop = false; $_from = $_smarty_tpl->tpl_vars['usergroups']->value; if (!is_array($_from) && !is_object($_from)) { settype($_from, 'array'); } foreach ($_from as $_smarty_tpl->tpl_vars['usergroup']->key => $_smarty_tpl->tpl_vars['usergroup']->value) { $_smarty_tpl->tpl_vars['usergroup']->_loop = true; ?> <tr> <td><a href="<?php echo htmlspecialchars(fn_url("usergroups.manage#group" . (string) $_smarty_tpl->tpl_vars['usergroup']->value['usergroup_id']), ENT_QUOTES, 'UTF-8'); ?> "><?php echo htmlspecialchars($_smarty_tpl->tpl_vars['usergroup']->value['usergroup'], ENT_QUOTES, 'UTF-8'); ?> </a></td> <td class="right"> <?php if ($_smarty_tpl->tpl_vars['user_data']->value['usergroups'][$_smarty_tpl->tpl_vars['usergroup']->value['usergroup_id']]) { ?> <?php $_smarty_tpl->tpl_vars["ug_status"] = new Smarty_variable($_smarty_tpl->tpl_vars['user_data']->value['usergroups'][$_smarty_tpl->tpl_vars['usergroup']->value['usergroup_id']]['status'], null, 0); ?> <?php } else { ?> <?php $_smarty_tpl->tpl_vars["ug_status"] = new Smarty_variable("F", null, 0); ?> <?php } ?> <?php echo $_smarty_tpl->getSubTemplate("common/select_popup.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('id' => $_smarty_tpl->tpl_vars['usergroup']->value['usergroup_id'], 'status' => $_smarty_tpl->tpl_vars['ug_status']->value, 'hidden' => '', 'items_status' => fn_get_predefined_statuses("profiles"), 'extra' => "&user_id=" . (string) $_smarty_tpl->tpl_vars['id']->value, 'update_controller' => "usergroups", 'notify' => true, 'hide_for_vendor' => $_smarty_tpl->tpl_vars['runtime']->value['company_id']), 0); ?> </td> </tr> <?php } ?> </table> <?php } else { ?> <p class="no-items"><?php echo $_smarty_tpl->__("no_data"); ?> </p> <?php } ?> </div> <?php } ?> <?php } ?> <div id="content_addons"> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:detailed_content")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:detailed_content"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:detailed_content"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> </div> <?php if ($_smarty_tpl->tpl_vars['show_api_tab']->value) { ?> <div id="content_api"> <div class="control-group <?php if ($_smarty_tpl->tpl_vars['hide_api_checkbox']->value) { ?> hidden<?php } ?> "> <div class="controls"> <label class="checkbox" for="sw_api_container"> <input <?php if ($_smarty_tpl->tpl_vars['user_data']->value['api_key'] != '') { ?> checked="checked"<?php } ?> class="cm-combination" type="checkbox" name="user_api_status" value="Y" id="sw_api_container" /><?php echo $_smarty_tpl->__("allow_api_access"); ?> </label> </div> </div> <div id="api_container" <?php if ($_smarty_tpl->tpl_vars['user_data']->value['api_key'] == '') { ?> class="hidden"<?php } ?> > <div class="control-group"> <label class="control-label"><?php echo $_smarty_tpl->__("api_key"); ?> </label> <div class="controls"> <input type="text" class="input-large" name="user_data[api_key]" value="<?php if ($_smarty_tpl->tpl_vars['user_data']->value['api_key']) { echo htmlspecialchars($_smarty_tpl->tpl_vars['user_data']->value['api_key'], ENT_QUOTES, 'UTF-8'); } else { echo htmlspecialchars($_smarty_tpl->tpl_vars['new_api_key']->value, ENT_QUOTES, 'UTF-8'); } ?> " readonly="readonly"/> </div> </div> </div> </div> <?php } ?> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:tabs_content")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:tabs_content"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:tabs_content"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php if (!fn_allow_save_object($_smarty_tpl->tpl_vars['user_data']->value, "users") && $_smarty_tpl->tpl_vars['id']->value && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id'] || $_smarty_tpl->tpl_vars['hide_inputs']->value) { ?> <?php $_smarty_tpl->tpl_vars["hide_first_button"] = new Smarty_variable(true, null, 0); ?> <?php } ?> <?php if ($_smarty_tpl->tpl_vars['id']->value) { ?> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:tabs_extra")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:tabs_extra"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:tabs_extra"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php } list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php echo $_smarty_tpl->getSubTemplate("common/tabsbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('content' => Smarty::$_smarty_vars['capture']['tabsbox'], 'group_name' => $_smarty_tpl->tpl_vars['runtime']->value['controller'], 'active_tab' => $_smarty_tpl->tpl_vars['selected_section']->value, 'track' => true), 0); ?> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php if (!$_smarty_tpl->tpl_vars['id']->value) { ?> <?php $_smarty_tpl->tpl_vars["_user_desc"] = new Smarty_variable(fn_get_user_type_description($_smarty_tpl->tpl_vars['user_type']->value), null, 0); ?> <?php ob_start(); echo $_smarty_tpl->__("new_profile"); $_tmp1 = ob_get_clean(); $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable($_tmp1 . " (" . (string) $_smarty_tpl->tpl_vars['_user_desc']->value . ")", null, 0); } else { ?> <?php if ($_smarty_tpl->tpl_vars['user_data']->value['firstname']) { ?> <?php ob_start(); echo $_smarty_tpl->__("editing_profile"); $_tmp2 = ob_get_clean(); $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable($_tmp2 . ": " . (string) $_smarty_tpl->tpl_vars['user_data']->value['firstname'] . " " . (string) $_smarty_tpl->tpl_vars['user_data']->value['lastname'], null, 0); ?> <?php } elseif ($_smarty_tpl->tpl_vars['user_data']->value['b_firstname']) { ?> <?php ob_start(); echo $_smarty_tpl->__("editing_profile"); $_tmp3 = ob_get_clean(); $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable($_tmp3 . ": " . (string) $_smarty_tpl->tpl_vars['user_data']->value['b_firstname'] . " " . (string) $_smarty_tpl->tpl_vars['user_data']->value['b_lastname'], null, 0); ?> <?php } else { ?> <?php ob_start(); echo $_smarty_tpl->__("editing_profile"); $_tmp4 = ob_get_clean(); $_smarty_tpl->tpl_vars["_title"] = new Smarty_variable($_tmp4 . ": " . (string) $_smarty_tpl->tpl_vars['user_data']->value['email'], null, 0); ?> <?php } } ?> <?php $_smarty_tpl->tpl_vars['_title'] = new Smarty_variable(preg_replace('!<[^>]*?>!', ' ', $_smarty_tpl->tpl_vars['_title']->value), null, 0); $_smarty_tpl->tpl_vars["redirect_url"] = new Smarty_variable("profiles.manage%26user_type=" . (string) $_smarty_tpl->tpl_vars['user_data']->value['user_type'], null, 0); ?> <?php $_smarty_tpl->_capture_stack[0][] = array("buttons", null, null); ob_start(); ?> <?php $_smarty_tpl->_capture_stack[0][] = array("tools_list", null, null); ob_start(); ?> <?php $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "profiles:update_tools_list")); $_block_repeat = true; echo smarty_block_hook(array('name' => "profiles:update_tools_list"), null, $_smarty_tpl, $_block_repeat); while ($_block_repeat) { ob_start(); ?> <?php if ($_smarty_tpl->tpl_vars['user_data']->value['user_type'] == "C") { ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("view_all_orders"), 'href' => "orders.manage?user_id=" . (string) $_smarty_tpl->tpl_vars['id']->value)); ?> </li> <?php } ?> <?php if (fn_user_need_login($_smarty_tpl->tpl_vars['user_data']->value['user_type']) && (!$_smarty_tpl->tpl_vars['runtime']->value['company_id'] || $_smarty_tpl->tpl_vars['runtime']->value['company_id'] == $_smarty_tpl->tpl_vars['auth']->value['company_id']) && $_smarty_tpl->tpl_vars['user_data']->value['user_id'] != $_smarty_tpl->tpl_vars['auth']->value['user_id'] && !($_smarty_tpl->tpl_vars['user_data']->value['user_type'] == 'A' && $_smarty_tpl->tpl_vars['user_data']->value['is_root'] == 'Y' && !$_smarty_tpl->tpl_vars['user_data']->value['company_id'])) { ?> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'target' => "_blank", 'text' => __("act_on_behalf"), 'href' => "profiles.act_as_user?user_id=" . (string) $_smarty_tpl->tpl_vars['id']->value)); ?> </li> <li class="divider"></li> <li><?php smarty_template_function_btn($_smarty_tpl, array('type' => "list", 'text' => __("delete"), 'class' => "cm-confirm cm-post", 'href' => "profiles.delete?user_id=" . (string) $_smarty_tpl->tpl_vars['id']->value . "&redirect_url=" . (string) $_smarty_tpl->tpl_vars['redirect_url']->value)); ?> </li> <?php } ?> <?php $_block_content = ob_get_clean(); $_block_repeat = false; echo smarty_block_hook(array('name' => "profiles:update_tools_list"), $_block_content, $_smarty_tpl, $_block_repeat); } array_pop($_smarty_tpl->smarty->_tag_stack); ?> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php if ($_smarty_tpl->tpl_vars['id']->value && trim(Smarty::$_smarty_vars['capture']['tools_list']) !== '') { ?> <?php smarty_template_function_dropdown($_smarty_tpl, array('content' => Smarty::$_smarty_vars['capture']['tools_list'])); ?> <?php } ?> <div class="btn-group btn-hover dropleft"> <?php if ($_smarty_tpl->tpl_vars['id']->value) { ?> <?php echo $_smarty_tpl->getSubTemplate("buttons/save_changes.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('but_meta' => "dropdown-toggle", 'but_role' => "submit-link", 'but_name' => "dispatch[profiles." . (string) $_smarty_tpl->tpl_vars['runtime']->value['mode'] . "]", 'but_target_form' => "profile_form", 'save' => $_smarty_tpl->tpl_vars['id']->value), 0); ?> <?php } else { ?> <?php echo $_smarty_tpl->getSubTemplate("buttons/button.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('but_text' => __("create"), 'but_meta' => "dropdown-toggle", 'but_role' => "submit-link", 'but_name' => "dispatch[profiles." . (string) $_smarty_tpl->tpl_vars['runtime']->value['mode'] . "]", 'but_target_form' => "profile_form", 'save' => $_smarty_tpl->tpl_vars['id']->value), 0); ?> <?php } ?> <ul class="dropdown-menu"> <li><a><input type="checkbox" name="notify_customer" value="Y" checked="checked" id="notify_customer" /> <?php echo $_smarty_tpl->__("notify_user"); ?> </a></li> </ul> </div> <?php list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]); if (!empty($_capture_buffer)) { if (isset($_capture_assign)) { $_smarty_tpl->assign($_capture_assign, ob_get_contents()); } if (isset($_capture_append)) { $_smarty_tpl->append($_capture_append, ob_get_contents()); } Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean(); } else { $_smarty_tpl->capture_error(); } ?> <?php echo $_smarty_tpl->getSubTemplate("common/mainbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('title' => $_smarty_tpl->tpl_vars['_title']->value, 'content' => Smarty::$_smarty_vars['capture']['mainbox'], 'buttons' => Smarty::$_smarty_vars['capture']['buttons']), 0); ?> </form><?php }
/** * Add/update user * * @param int $user_id - user ID to update (empty for new user) * @param array $user_data - user data * @param array $auth - authentication information * @param bool $ship_to_another - flag indicates that shipping and billing fields are different * @param bool $notify_user - flag indicates that user should be notified * @return array with user ID and profile ID if success, false otherwise */ function fn_update_user($user_id, $user_data, &$auth, $ship_to_another, $notify_user) { /** * Actions before updating user * * @param int $user_id User ID to update (empty for new user) * @param array $user_data User data * @param array $auth Authentication information * @param bool $ship_to_another Flag indicates that shipping and billing fields are different * @param bool $notify_user Flag indicates that user should be notified */ fn_set_hook('update_user_pre', $user_id, $user_data, $auth, $ship_to_another, $notify_user); array_walk($user_data, 'fn_trim_helper'); $register_at_checkout = isset($user_data['register_at_checkout']) && $user_data['register_at_checkout'] == 'Y' ? true : false; if (fn_allowed_for('ULTIMATE')) { if (AREA == 'A' && !empty($user_data['user_type']) && $user_data['user_type'] == 'C' && (empty($user_data['company_id']) || Registry::get('runtime.company_id') && $user_data['company_id'] != Registry::get('runtime.company_id'))) { fn_set_notification('W', __('warning'), __('access_denied')); return false; } } if (!empty($user_id)) { $current_user_data = db_get_row("SELECT user_id, company_id, is_root, status, user_type, user_login, lang_code, password, salt, last_passwords FROM ?:users WHERE user_id = ?i", $user_id); if (empty($current_user_data)) { fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('user'))), '', '404'); return false; } if (!fn_check_editable_permissions($auth, $current_user_data)) { fn_set_notification('E', __('error'), __('access_denied')); return false; } if (!empty($user_data['profile_id']) && AREA != 'A') { $profile_ids = db_get_fields("SELECT profile_id FROM ?:user_profiles WHERE user_id = ?i", $user_id); if (!in_array($user_data['profile_id'], $profile_ids)) { fn_set_notification('W', __('warning'), __('access_denied')); return false; } } if (fn_allowed_for('ULTIMATE')) { if (AREA != 'A' || empty($user_data['company_id'])) { //we should set company_id for the frontdend, in the backend company_id received from form if ($current_user_data['user_type'] == 'A') { if (!isset($user_data['company_id']) || AREA != 'A' || Registry::get('runtime.company_id')) { // reset administrator's company if it was not set to root $user_data['company_id'] = $current_user_data['company_id']; } } elseif (Registry::get('settings.Stores.share_users') == 'Y') { $user_data['company_id'] = $current_user_data['company_id']; } else { $user_data['company_id'] = Registry::ifGet('runtime.company_id', 1); } } } if (fn_allowed_for('MULTIVENDOR')) { if (AREA != 'A') { //we should set company_id for the frontend $user_data['company_id'] = $current_user_data['company_id']; } } $action = 'update'; } else { $current_user_data = array('status' => AREA != 'A' && Registry::get('settings.General.approve_user_profiles') == 'Y' ? 'D' : (!empty($user_data['status']) ? $user_data['status'] : 'A'), 'user_type' => 'C'); if (fn_allowed_for('ULTIMATE')) { if (!empty($user_data['company_id']) || Registry::get('runtime.company_id') || AREA == 'A') { //company_id can be received when we create user account from the backend $company_id = !empty($user_data['company_id']) ? $user_data['company_id'] : Registry::get('runtime.company_id'); if (empty($company_id)) { $company_id = fn_check_user_type_admin_area($user_data['user_type']) ? $user_data['company_id'] : fn_get_default_company_id(); } $user_data['company_id'] = $current_user_data['company_id'] = $company_id; } else { fn_set_notification('W', __('warning'), __('access_denied')); return false; } } $action = 'add'; $user_data['lang_code'] = !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE; $user_data['timestamp'] = TIME; } $original_password = ''; $current_user_data['password'] = !empty($current_user_data['password']) ? $current_user_data['password'] : ''; $current_user_data['salt'] = !empty($current_user_data['salt']) ? $current_user_data['salt'] : ''; // Set the user type $user_data['user_type'] = fn_check_user_type($user_data, $current_user_data); if (Registry::get('runtime.company_id') && !fn_allowed_for('ULTIMATE') && (!fn_check_user_type_admin_area($user_data['user_type']) || isset($current_user_data['company_id']) && $current_user_data['company_id'] != Registry::get('runtime.company_id'))) { fn_set_notification('W', __('warning'), __('access_denied')); return false; } // Check if this user needs login/password if (fn_user_need_login($user_data['user_type'])) { // Check if user_login already exists // FIXME if (!isset($user_data['email'])) { $user_data['email'] = db_get_field("SELECT email FROM ?:users WHERE user_id = ?i", $user_id); } $is_exist = fn_is_user_exists($user_id, $user_data); if ($is_exist) { fn_set_notification('E', __('error'), __('error_user_exists'), '', 'user_exist'); return false; } // Check the passwords if (!empty($user_data['password1']) || !empty($user_data['password2'])) { $original_password = trim($user_data['password1']); $user_data['password1'] = !empty($user_data['password1']) ? trim($user_data['password1']) : ''; $user_data['password2'] = !empty($user_data['password2']) ? trim($user_data['password2']) : ''; } // if the passwords are not set and this is not a forced password check // we will not update password, otherwise let's check password if (!empty($_SESSION['auth']['forced_password_change']) || !empty($user_data['password1']) || !empty($user_data['password2'])) { $valid_passwords = true; if ($user_data['password1'] != $user_data['password2']) { $valid_passwords = false; fn_set_notification('E', __('error'), __('error_passwords_dont_match')); } // PCI DSS Compliance if (fn_check_user_type_admin_area($user_data['user_type'])) { $msg = array(); // Check password length $min_length = Registry::get('settings.Security.min_admin_password_length'); if (strlen($user_data['password1']) < $min_length || strlen($user_data['password2']) < $min_length) { $valid_passwords = false; $msg[] = str_replace("[number]", $min_length, __('error_password_min_symbols')); } // Check password content if (Registry::get('settings.Security.admin_passwords_must_contain_mix') == 'Y') { $tmp_result = preg_match('/\\d+/', $user_data['password1']) && preg_match('/\\D+/', $user_data['password1']) && preg_match('/\\d+/', $user_data['password2']) && preg_match('/\\D+/', $user_data['password2']); if (!$tmp_result) { $valid_passwords = false; $msg[] = __('error_password_content'); } } if ($msg) { fn_set_notification('E', __('error'), implode('<br />', $msg)); } // Check last 4 passwords if (!empty($user_id)) { $prev_passwords = !empty($current_user_data['last_passwords']) ? explode(',', $current_user_data['last_passwords']) : array(); if (!empty($_SESSION['auth']['forced_password_change'])) { // if forced password change - new password can't be equal to current password. $prev_passwords[] = $current_user_data['password']; } if (in_array(fn_generate_salted_password($user_data['password1'], $current_user_data['salt']), $prev_passwords)) { $valid_passwords = false; fn_set_notification('E', __('error'), __('error_password_was_used')); } else { if (count($prev_passwords) >= 5) { array_shift($prev_passwords); } $user_data['last_passwords'] = implode(',', $prev_passwords); } } } // PCI DSS Compliance if (!$valid_passwords) { return false; } $user_data['salt'] = fn_generate_salt(); $user_data['password'] = fn_generate_salted_password($user_data['password1'], $user_data['salt']); if ($user_data['password'] != $current_user_data['password'] && !empty($user_id)) { // if user set current password - there is no necessity to update password_change_timestamp $user_data['password_change_timestamp'] = $_SESSION['auth']['password_change_timestamp'] = TIME; } unset($_SESSION['auth']['forced_password_change']); fn_delete_notification('password_expire'); } } $user_data['status'] = AREA != 'A' || empty($user_data['status']) ? $current_user_data['status'] : $user_data['status']; // only administrator can change user status // Fill the firstname, lastname and phone from the billing address if the profile was created or updated through the admin area. if (AREA == 'A' || Registry::get('settings.Checkout.address_position') == 'billing_first') { $main_address_zone = BILLING_ADDRESS_PREFIX; $alt_address_zone = SHIPPING_ADDRESS_PREFIX; } else { $main_address_zone = SHIPPING_ADDRESS_PREFIX; $alt_address_zone = BILLING_ADDRESS_PREFIX; } $user_data = fn_fill_contact_info_from_address($user_data, $main_address_zone, $alt_address_zone); if (!fn_allowed_for('ULTIMATE')) { //for ult company_id was set before fn_set_company_id($user_data); } if (!empty($current_user_data['is_root']) && $current_user_data['is_root'] == 'Y') { $user_data['is_root'] = 'Y'; } else { $user_data['is_root'] = 'N'; } // check if it is a root admin $is_root_admin_exists = db_get_field("SELECT user_id FROM ?:users WHERE company_id = ?i AND is_root = 'Y' AND user_id != ?i", $user_data['company_id'], !empty($user_id) ? $user_id : 0); $user_data['is_root'] = empty($is_root_admin_exists) && $user_data['user_type'] !== 'C' ? 'Y' : 'N'; unset($user_data['user_id']); if (!empty($user_id)) { db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", $user_data, $user_id); fn_clean_usergroup_links($user_id, $current_user_data['user_type'], $user_data['user_type']); fn_log_event('users', 'update', array('user_id' => $user_id)); } else { if (!isset($user_data['password_change_timestamp'])) { $user_data['password_change_timestamp'] = 1; } $user_id = db_query("INSERT INTO ?:users ?e", $user_data); fn_log_event('users', 'create', array('user_id' => $user_id)); } $user_data['user_id'] = $user_id; // Set/delete insecure password notification if (AREA == 'A' && Registry::get('config.demo_mode') != true && !empty($user_data['password1'])) { if (!fn_compare_login_password($user_data, $user_data['password1'])) { fn_delete_notification('insecure_password'); } else { $lang_var = 'warning_insecure_password_email'; fn_set_notification('E', __('warning'), __($lang_var, array('[link]' => fn_url("profiles.update?user_id=" . $user_id))), 'K', 'insecure_password'); } } if (empty($user_data['user_login'])) { // if we're using email as login or user type does not require login, fill login field db_query("UPDATE ?:users SET user_login = '******' WHERE user_id = ?i AND user_login = ''", $user_id, $user_id); } // Fill shipping info with billing if needed if (empty($ship_to_another)) { $profile_fields = fn_get_profile_fields($user_data['user_type']); $use_default = AREA == 'A' ? true : false; fn_fill_address($user_data, $profile_fields, $use_default); } $user_data['profile_id'] = fn_update_user_profile($user_id, $user_data, $action); $user_data = fn_get_user_info($user_id, true, $user_data['profile_id']); if ($register_at_checkout) { $user_data['register_at_checkout'] = 'Y'; } $lang_code = AREA == 'A' && !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE; if (!fn_allowed_for('ULTIMATE:FREE')) { $user_data['usergroups'] = db_get_hash_array("SELECT lnk.link_id, lnk.usergroup_id, lnk.status, a.type, b.usergroup" . " FROM ?:usergroup_links as lnk" . " INNER JOIN ?:usergroups as a ON a.usergroup_id = lnk.usergroup_id AND a.status != 'D'" . " LEFT JOIN ?:usergroup_descriptions as b ON b.usergroup_id = a.usergroup_id AND b.lang_code = ?s" . " WHERE a.status = 'A' AND lnk.user_id = ?i AND lnk.status != 'D' AND lnk.status != 'F'", 'usergroup_id', $lang_code, $user_id); } // Send notifications to customer if (!empty($notify_user)) { $from = 'company_users_department'; if (fn_allowed_for('MULTIVENDOR')) { // Vendor administrator's notification // is sent from root users department if ($user_data['user_type'] == 'V') { $from = 'default_company_users_department'; } } // Notify customer about profile activation (when update profile only) if ($action == 'update' && $current_user_data['status'] === 'D' && $user_data['status'] === 'A') { Mailer::sendMail(array('to' => $user_data['email'], 'from' => $from, 'data' => array('user_data' => $user_data), 'tpl' => 'profiles/profile_activated.tpl', 'company_id' => $user_data['company_id']), fn_check_user_type_admin_area($user_data['user_type']) ? 'A' : 'C', $lang_code); } // Notify customer about profile add/update $prefix = $action == 'add' ? 'create' : 'update'; // Send password to user only if it was created by admin or vendor if (AREA != 'C' && $auth['user_id'] != $user_id) { $password = $original_password; } else { $password = null; } Mailer::sendMail(array('to' => $user_data['email'], 'from' => $from, 'data' => array('password' => $password, 'user_data' => $user_data), 'tpl' => 'profiles/' . $prefix . '_profile.tpl', 'company_id' => $user_data['company_id']), fn_check_user_type_admin_area($user_data['user_type']) ? 'A' : 'C', $lang_code); } if ($action == 'add') { if (AREA != 'A') { if (Registry::get('settings.General.approve_user_profiles') == 'Y') { fn_set_notification('W', __('important'), __('text_profile_should_be_approved')); // Notify administrator about new profile Mailer::sendMail(array('to' => 'company_users_department', 'from' => 'company_users_department', 'reply_to' => $user_data['email'], 'data' => array('user_data' => $user_data), 'tpl' => 'profiles/activate_profile.tpl', 'company_id' => $user_data['company_id']), 'A', Registry::get('settings.Appearance.backend_default_language')); } else { fn_set_notification('N', __('information'), __('text_profile_is_created')); } } if (!is_null($auth)) { if (!empty($auth['order_ids'])) { db_query("UPDATE ?:orders SET user_id = ?i WHERE order_id IN (?n)", $user_id, $auth['order_ids']); } } } else { if (AREA == 'C') { fn_set_notification('N', __('information'), __('text_profile_is_updated')); } } fn_set_hook('update_profile', $action, $user_data, $current_user_data); return array($user_id, !empty($user_data['profile_id']) ? $user_data['profile_id'] : false); }
/** * Add/update user * * @param int $user_id - user ID to update (empty for new user) * @param array $user_data - user data * @param array $auth - authentication information * @param bool $ship_to_another - flag indicates that shipping and billing fields are different * @param bool $notify_customer - flag indicates that customer should be notified * @param bool $send_password - TRUE if the password should be included into the e-mail * @return array with user ID and profile ID if success, false otherwise */ function fn_update_user($user_id, $user_data, &$auth, $ship_to_another, $notify_customer, $send_password = false) { if (!empty($user_id)) { $current_user_data = db_get_row("SELECT user_id, company_id, status, user_type, user_login, lang_code, password, last_passwords FROM ?:users WHERE user_id = ?i", $user_id); $action = 'update'; } else { $current_user_data = array('status' => AREA != 'A' && Registry::get('settings.General.approve_user_profiles') == 'Y' ? 'D' : (!empty($user_data['status']) ? $user_data['status'] : 'A'), 'user_type' => 'C'); $action = 'add'; $user_data['lang_code'] = !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE; $user_data['timestamp'] = TIME; } $original_password = ''; $current_user_data['password'] = !empty($current_user_data['password']) ? $current_user_data['password'] : ''; // Set the user type $user_data['user_type'] = fn_check_user_type($user_data, $current_user_data); if (defined('COMPANY_ID') && ($user_data['user_type'] != 'A' || isset($current_user_data['company_id']) && $current_user_data['company_id'] != COMPANY_ID)) { fn_save_post_data(); fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied')); return false; } // Check if this user needs login/password if (fn_user_need_login($user_data['user_type'])) { // Check if user_login already exists $is_exist = db_get_field("SELECT user_id FROM ?:users WHERE (email = ?s ?p) AND user_id != ?i", $user_data['email'], empty($user_data['user_login']) ? '' : db_quote(" OR user_login = ?s", $user_data['user_login']), $user_id); if ($is_exist) { fn_save_post_data(); fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_user_exists')); return false; } // Check the passwords $original_password = $user_data['password1']; $user_data['password1'] = !empty($user_data['password1']) ? trim($user_data['password1']) : ''; $user_data['password2'] = !empty($user_data['password2']) ? trim($user_data['password2']) : ''; // if the passwords are not set and this is not a forced password check // we will not update password, otherwise let's check password if (!empty($_SESSION['auth']['forced_password_change']) || !empty($user_data['password1']) || !empty($user_data['password2'])) { $valid_passwords = true; if ($user_data['password1'] != $user_data['password2']) { $valid_passwords = false; fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_passwords_dont_match')); } // PCI DSS Compliance if ($user_data['user_type'] == 'A') { $msg = array(); // Check password length $min_length = Registry::get('settings.Security.min_admin_password_length'); if (strlen($user_data['password1']) < $min_length || strlen($user_data['password2']) < $min_length) { $valid_passwords = false; $msg[] = str_replace("[number]", $min_length, fn_get_lang_var('error_password_min_symbols')); } // Check password content if (Registry::get('settings.Security.admin_passwords_must_contain_mix') == 'Y') { $tmp_result = preg_match('/\\d+/', $user_data['password1']) && preg_match('/\\D+/', $user_data['password1']) && preg_match('/\\d+/', $user_data['password2']) && preg_match('/\\D+/', $user_data['password2']); if (!$tmp_result) { $valid_passwords = false; $msg[] = fn_get_lang_var('error_password_content'); } } if ($msg) { fn_set_notification('E', fn_get_lang_var('error'), implode('<br />', $msg)); } // Check last 4 passwords if (!empty($user_id)) { $prev_passwords = !empty($current_user_data['last_passwords']) ? explode(',', $current_user_data['last_passwords']) : array(); if (!empty($_SESSION['auth']['forced_password_change'])) { // if forced password change - new password can't be equal to current password. $prev_passwords[] = $current_user_data['password']; } if (in_array(md5($user_data['password1']), $prev_passwords) || in_array(md5($user_data['password2']), $prev_passwords)) { $valid_passwords = false; fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_password_was_used')); } else { if (count($prev_passwords) >= 5) { array_shift($prev_passwords); } $user_data['last_passwords'] = implode(',', $prev_passwords); } } } // PCI DSS Compliance if (!$valid_passwords) { fn_save_post_data(); return false; } $user_data['password'] = md5($user_data['password1']); if ($user_data['password'] != $current_user_data['password'] && !empty($user_id)) { // if user set current password - there is no necessity to update password_change_timestamp $user_data['password_change_timestamp'] = $_SESSION['auth']['password_change_timestamp'] = TIME; } unset($_SESSION['auth']['forced_password_change']); fn_delete_notification('password_expire'); } } $user_data['status'] = AREA != 'A' || empty($user_data['status']) ? $current_user_data['status'] : $user_data['status']; // only administrator can change user status // Fill the firstname, lastname and phone from the billing address if the profile was created or updated through the admin area. if (AREA != 'A') { Registry::get('settings.General.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's'); } else { $address_zone = 'b'; } if (!empty($user_data['firstname']) || !empty($user_data[$address_zone . '_firstname'])) { $user_data['firstname'] = empty($user_data['firstname']) && !empty($user_data[$address_zone . '_firstname']) ? $user_data[$address_zone . '_firstname'] : $user_data['firstname']; } if (!empty($user_data['lastname']) || !empty($user_data[$address_zone . '_lastname'])) { $user_data['lastname'] = empty($user_data['lastname']) && !empty($user_data[$address_zone . '_lastname']) ? $user_data[$address_zone . '_lastname'] : $user_data['lastname']; } if (!empty($user_data['phone']) || !empty($user_data[$address_zone . '_phone'])) { $user_data['phone'] = empty($user_data['phone']) && !empty($user_data[$address_zone . '_phone']) ? $user_data[$address_zone . '_phone'] : $user_data['phone']; } // reset company_id for root admin if ($user_id == 1) { $user_data['company_id'] = 0; } if (!empty($user_id)) { db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", $user_data, $user_id); fn_log_event('users', 'update', array('user_id' => $user_id)); } else { $user_id = db_query("INSERT INTO ?:users ?e", $user_data); fn_log_event('users', 'create', array('user_id' => $user_id)); } $user_data['user_id'] = $user_id; // Set/delete insecure password notification if (AREA == 'A' && Registry::get('config.demo_mode') != true && !empty($user_data['user_login']) && !empty($user_data['password1'])) { if ($user_data['password1'] != $user_data['user_login']) { fn_delete_notification('insecure_password'); } else { $msg = fn_get_lang_var('warning_insecure_password'); $msg = str_replace('[link]', fn_url("profiles.update?user_id=" . $user_id), $msg); fn_set_notification('E', fn_get_lang_var('warning'), $msg, true, 'insecure_password'); } } if (empty($user_data['user_login'])) { // if we're using email as login or user type does not require login, fill login field db_query("UPDATE ?:users SET user_login = '******' WHERE user_id = ?i AND user_login = ''", $user_id, $user_id); } // Fill shipping info with billing if needed if (empty($ship_to_another)) { $profile_fields = fn_get_profile_fields($user_data['user_type']); $use_default = AREA == 'A' ? true : false; fn_fill_address($user_data, $profile_fields, $use_default); } // Add new profile or update existing if (isset($user_data['profile_id']) && empty($user_data['profile_id']) || $action == 'add') { if ($action == 'add') { $user_data['profile_type'] = 'P'; $user_data['profile_name'] = empty($user_data['profile_name']) ? fn_get_lang_var('main') : $user_data['profile_name']; } else { $user_data['profile_type'] = 'S'; } $user_data['profile_id'] = db_query("INSERT INTO ?:user_profiles ?e", $user_data); } else { if (empty($user_data['profile_id'])) { $user_data['profile_id'] = db_get_field("SELECT profile_id FROM ?:user_profiles WHERE user_id = ?i AND profile_type = 'P'", $user_id); } db_query("UPDATE ?:user_profiles SET ?u WHERE profile_id = ?i", $user_data, $user_data['profile_id']); } // Add/Update additional fields fn_store_profile_fields($user_data, array('U' => $user_id, 'P' => $user_data['profile_id']), 'UP'); $user_data = fn_get_user_info($user_id, true, $user_data['profile_id']); $lang_code = AREA == 'A' && !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE; Registry::get('view_mail')->assign('password', $original_password); Registry::get('view_mail')->assign('send_password', $send_password); Registry::get('view_mail')->assign('user_data', $user_data); // Send notifications to customer if (!empty($notify_customer)) { // Notify customer about profile activation (when update profile only) if ($action == 'update' && $current_user_data['status'] === 'D' && $user_data['status'] === 'A') { fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/profile_activated_subj.tpl', 'profiles/profile_activated.tpl', '', $lang_code); } // Notify customer about profile add/update if ($action == 'add') { fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/create_profile_subj.tpl', 'profiles/create_profile.tpl', '', $lang_code); fn_send_mail('*****@*****.**', Registry::get('settings.Company.company_users_department'), 'profiles/create_profile_subj.tpl', 'profiles/create_profile.tpl', '', $lang_code); } else { fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/update_profile_subj.tpl', 'profiles/update_profile.tpl', '', $lang_code); fn_send_mail('*****@*****.**', Registry::get('settings.Company.company_users_department'), 'profiles/update_profile_subj.tpl', 'profiles/update_profile.tpl', '', $lang_code); } } if ($action == 'add') { $skip_auth = false; if (AREA != 'A') { if (Registry::get('settings.General.approve_user_profiles') == 'Y') { fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_should_be_approved')); // Notify administrator about new profile fn_send_mail(Registry::get('settings.Company.company_users_department'), Registry::get('settings.Company.company_users_department'), 'profiles/activate_profile_subj.tpl', 'profiles/activate_profile.tpl', '', Registry::get('settings.Appearance.admin_default_language'), $user_data['email']); $skip_auth = true; } else { fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_created')); } } else { fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_created')); } if (!is_null($auth)) { if (!empty($auth['order_ids'])) { db_query("UPDATE ?:orders SET user_id = ?i WHERE order_id IN (?n)", $user_id, $auth['order_ids']); } if (empty($skip_auth)) { $auth = fn_fill_auth($user_data); } } } else { fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_updated')); } fn_set_hook('update_profile', $action, $user_data, $current_user_data); return array($user_id, $user_data['profile_id']); }