/** * Save the edited account details back to the database */ public function SaveAccountDetails() { /** * Customer Details */ $customerMap = array( 'EmailAddress' => 'account_email', 'Password' => 'account_password', 'ConfirmPassword' => 'account_password_confirm' ); $fields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_ACCOUNT, true); /** * Validate the field input. Unset the password and confirm password fields first */ foreach (array_keys($fields) as $fieldId) { if (isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'password' || isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'confirmpassword') { $fields[$fieldId]->setRequired(false); } } $errmsg = ''; if (!validateFieldData($fields, $errmsg)) { return $this->EditAccount($errmsg, MSG_ERROR); } foreach(array_keys($fields) as $fieldId) { if (!array_key_exists($fields[$fieldId]->record['formfieldprivateid'], $customerMap)) { continue; } $_POST[$customerMap[$fields[$fieldId]->record['formfieldprivateid']]] = $fields[$fieldId]->GetValue(); } $customer_id = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerId(); $email_taken = false; $phone_invalid = false; $password_invalid = false; if (isset($_POST['account_firstname']) && isset($_POST['account_lastname']) && isset($_POST['account_companyname']) && isset($_POST['account_email']) && isset($_POST['account_phone']) && isset($_POST['account_password']) && isset($_POST['account_password_confirm'])) { // Are they updating their email address? If so is the new email address available? if ($GLOBALS['ISC_CLASS_CUSTOMER']->AccountWithEmailAlreadyExists($_POST['account_email'], $customer_id)) { $email_taken = true; } if (!$GLOBALS['ISC_CLASS_CUSTOMER']->ValidatePhoneNumber($_POST['account_phone'])) { $phone_invalid = true; } $pass1 = $_POST['account_password']; $pass2 = $_POST['account_password_confirm']; if ($pass1 . $pass2 !== '' && $pass1 !== $pass2) { $password_invalid = true; } if (!$email_taken && !$phone_invalid && !$password_invalid) { $UpdatedAccount = array( "customerid" => $customer_id, "custconfirstname" => $_POST['account_firstname'], "custconlastname" => $_POST['account_lastname'], "custconcompany" => $_POST['account_companyname'], "custconemail" => $_POST['account_email'], "custconphone" => $_POST['account_phone'] ); // Do we need to update the password? if ($pass1 == $pass2 && $pass1 != "") { $UpdatedAccount['custpassword'] = $pass1; } $existingCustomer = $this->customerEntity->get($customer_id); /** * Create/Update our form session data */ if (isId($existingCustomer['custformsessionid'])) { $GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT, true, $existingCustomer['custformsessionid']); } else { $UpdatedAccount['custformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT); } if ($this->customerEntity->edit($UpdatedAccount)) { $this->EditAccount(GetLang('AccountDetailsUpdatedSuccess'), MSG_SUCCESS); } else { $this->EditAccount(GetLang('AccountDetailsUpdatedFailed'), MSG_ERROR); } } else if ($email_taken) { // Email address is already taken $this->EditAccount(sprintf(GetLang('AccountUpdateEmailTaken'), $_POST['account_email']), MSG_ERROR); } else if ($phone_invalid) { // Phone number is invalid $this->EditAccount(sprintf(GetLang('AccountUpdateValidPhone'), $_POST['account_phone']), MSG_ERROR); } else if ($password_invalid) { $this->EditAccount(GetLang('AccountPasswordsDontMatch'), MSG_ERROR); } } else { ob_end_clean(); header(sprintf("Location: %s/account.php", $GLOBALS['ShopPath'])); die(); } }
/** * Validate an incoming shipping/billing address. * * @param string The type of address to validate (billing or shipping) * @param array An array of errors, passed by reference - if there are any * @return array An array of information about the address if valid. */ public function ValidateGuestCheckoutAddress($type, &$errors) { $address = array(); $errors = array(); // for the billing address we need to validate the email address $email = ''; if($type == 'billing' && !customerIsSignedIn()) { $emailField = $GLOBALS['ISC_CLASS_FORM']->getFormField(FORMFIELDS_FORM_ACCOUNT, '1', '', true); $email = $emailField->getValue(); if($email == '' || !is_email_address($email)) { $errors[] = GetLang('AccountEnterValidEmail'); return false; } // if guess checkout enabled and guess account creation on checkout is enabled and the entered email is already exist in the system // then we do email existance checking $customer = GetClass('ISC_CUSTOMER'); if(getConfig('GuestCheckoutEnabled') && getConfig('GuestCheckoutCreateAccounts') && $customer->AccountWithEmailAlreadyExists($email)) { $errors[] = sprintf(GetLang('AccountEmailTaken'), isc_html_escape($email)); return false; } $address['shipemail'] = $email; } require_once(ISC_BASE_PATH . '/lib/addressvalidation.php'); // parse the form fields and validate them $errmsg = ''; if($type == 'billing') { $formFieldType = FORMFIELDS_FORM_BILLING; } else { $formFieldType = FORMFIELDS_FORM_SHIPPING; } $fields = $GLOBALS['ISC_CLASS_FORM']->getFormFields($formFieldType, true); $countryFieldId = 0; $stateFieldId = 0; foreach($fields as $fieldId => $formField) { if($formField->record['formfieldprivateid'] == 'Country') { $countryFieldId = $fieldId; } else if($formField->record['formfieldprivateid'] == 'State') { $stateFieldId = $fieldId; } } // Mark the state field as being optional if there are no states in the // selected country. if ($countryFieldId && $stateFieldId) { $countryId = GetCountryByName($fields[$countryFieldId]->getValue()); $stateOptions = GetStateListAsIdValuePairs($countryId); if (is_array($stateOptions) && !empty($stateOptions)) { $fields[$stateFieldId]->setOptions($stateOptions); } else { $fields[$stateFieldId]->setRequired(false); } } if (!validateFieldData($fields, $errmsg)) { $errors[] = $errmsg; return false; } $fieldMap = array( 'FirstName' => 'firstname', 'LastName' => 'lastname', 'CompanyName' => 'company', 'AddressLine1' => 'address1', 'AddressLine2' => 'address2', 'City' => 'city', 'State' => 'state', 'Country' => 'country', 'Zip' => 'zip', 'Phone' => 'phone', 'Email' => 'email', ); foreach($fields as $fieldId => $formField) { // This isn't a built in field, so save the value for later handling if(!$formField->record['formfieldprivateid']) { $address['customFormFields'][$fieldId] = $formField->getValue(); continue; } // Disregard any fields we don't know about else if(!isset($fieldMap[$formField->record['formfieldprivateid']])) { continue; } $key = 'ship' . $fieldMap[$formField->record['formfieldprivateid']]; $address[$key] = $formField->getValue(); } return $address; }