// Saving contacts contact_delete($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT); contact_delete($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT); contact_delete($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS); contact_add($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT, array(CNT_ATTR_NAME => $_POST['NAME'], CNT_ATTR_STREET => $_POST['STREET'], CNT_ATTR_POSTAL => $_POST['POSTAL'], CNT_ATTR_CITY => $_POST['CITY'], CNT_ATTR_COUNTRY => $_POST['COUNTRY'], CNT_ATTR_PHONE => $_POST['PHONE'])); contact_add($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT, array(CNT_ATTR_EMAIL => $_POST['CONTACT_EMAIL'], CNT_ATTR_PHONE => $_POST['CONTACT_PHONE'])); contact_add($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS, array(CNT_ATTR_EMAIL => $_POST['ORDER_EMAIL'], CNT_ATTR_FTP_ADDR => $_POST['ORDER_FTP_ADDRESS'], CNT_ATTR_FTP_USER => $_POST['ORDER_FTP_USER'], CNT_ATTR_FTP_PASS => $_POST['ORDER_FTP_PASS'])); $success[] = 'Your profile has been updated'; } catch (Exception $e) { $errors[] = $e->getMessage(); } } } // Getting clients data $customer = person_get($_SESSION['user']['PARTY_ID']); $user_login = users_get_login($_SESSION['user']['PARTY_ID']); $affiliate = person_affiliate_get($_SESSION['user']['PARTY_ID']); $contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT); $contact_attributes = array(); foreach ($contacts['attributes'] as $_attr) { $contact_attributes[$_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; } $contact_person_contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT); foreach ($contact_person_contacts['attributes'] as $_attr) { $contact_person['CONTACT_' . $_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; } $order_contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS); foreach ($order_contacts['attributes'] as $_attr) { $order_contacts_attributes['ORDER_' . $_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; } }
/** * If the admin wants to visit the homepage of the client * then we use the VIEW otherwise the admin is visiting the * profile of the client which is the profile VARIABLE */ if (isset($_GET['VIEW']) && !empty($_GET['VIEW']) || isset($_GET['PROFILE']) && !empty($_GET['PROFILE'])) { // Login as the user if (isset($_GET['VIEW'])) { $client_id = $_GET['VIEW']; $redirect_url = '/dashboard/dashboard'; } else { $client_id = $_GET['PROFILE']; $redirect_url = '/users/profile'; } $_SESSION['FAKE_LOGIN'] = $_SESSION['user']['PARTY_ID']; $client = users_get_login($client_id); user_login($client['USER_LOGIN_ID'], $client['CURRENT_PASSWORD']); $_SESSION['user']['IS_ADMIN'] = false; $_SESSION['user']['LAST_ACTION'] = time(); header(sprintf('location: %s', $redirect_url)); exit; } if (isset($_GET['DELETE']) && !empty($_GET['DELETE'])) { if (!party_exists($_GET['DELETE'])) { $errors[] = sprintf('Customer with id %s does not exist', $_GET['DELETE']); } else { $person = person_get($_GET['DELETE']); person_status_update($_GET['DELETE'], DELETED); $success[] = sprintf('Customer: %s %s has been marked as deleted', $person['FIRST_NAME'], $person['LAST_NAME']); } }
<?php if (isset($_SESSION['FAKE_LOGIN'])) { $client = users_get_login(ENTERPRICE_PARTY_ID); user_login($client['USER_LOGIN_ID'], $client['CURRENT_PASSWORD']); $_SESSION['user']['IS_ADMIN'] = true; $_SESSION['user']['LAST_ACTION'] = time(); unset($_SESSION['FAKE_LOGIN']); header('location: /users/index'); exit; } else { session_destroy(); unset($_SESSION['CART']); header('location: /index/login'); exit; }