function customers_list() { global $Shopp, $Customers, $wpdb; $db = DB::get(); $defaults = array('page' => false, 'deleting' => false, 'selected' => false, 'update' => false, 'newstatus' => false, 'pagenum' => 1, 'per_page' => false, 'start' => '', 'end' => '', 'status' => false, 's' => '', 'range' => '', 'startdate' => '', 'enddate' => ''); $args = array_merge($defaults, $_GET); extract($args, EXTR_SKIP); if ($page == "shopp-customers" && !empty($deleting) && !empty($selected) && is_array($selected)) { foreach ($selected as $deletion) { $Customer = new Customer($deletion); $Billing = new Billing($Customer->id, 'customer'); $Billing->delete(); $Shipping = new Shipping($Customer->id, 'customer'); $Shipping->delete(); $Customer->delete(); } } if (!empty($_POST['save'])) { check_admin_referer('shopp-save-customer'); if ($_POST['id'] != "new") { $Customer = new Customer($_POST['id']); $Billing = new Billing($Customer->id, 'customer'); $Shipping = new Shipping($Customer->id, 'customer'); } else { $Customer = new Customer(); } $Customer->updates($_POST); if (!empty($_POST['new-password']) && !empty($_POST['confirm-password']) && $_POST['new-password'] == $_POST['confirm-password']) { $Customer->password = wp_hash_password($_POST['new-password']); if (!empty($Customer->wpuser)) { wp_set_password($_POST['new-password'], $Customer->wpuser); } } $Customer->save(); $Billing->updates($_POST['billing']); $Billing->save(); $Shipping->updates($_POST['shipping']); $Shipping->save(); } $pagenum = absint($pagenum); if (empty($pagenum)) { $pagenum = 1; } if (!$per_page || $per_page < 0) { $per_page = 20; } $index = $per_page * ($pagenum - 1); if (!empty($start)) { $startdate = $start; list($month, $day, $year) = explode("/", $startdate); $starts = mktime(0, 0, 0, $month, $day, $year); } if (!empty($end)) { $enddate = $end; list($month, $day, $year) = explode("/", $enddate); $ends = mktime(23, 59, 59, $month, $day, $year); } $customer_table = DatabaseObject::tablename(Customer::$table); $billing_table = DatabaseObject::tablename(Billing::$table); $purchase_table = DatabaseObject::tablename(Purchase::$table); $users_table = $wpdb->users; $where = ''; if (!empty($s)) { $s = stripslashes($s); if (preg_match_all('/(\\w+?)\\:(?="(.+?)"|(.+?)\\b)/', $s, $props, PREG_SET_ORDER)) { foreach ($props as $search) { $keyword = !empty($search[2]) ? $search[2] : $search[3]; switch (strtolower($search[1])) { case "company": $where .= (empty($where) ? "WHERE " : " AND ") . "c.company LIKE '%{$keyword}%'"; break; case "login": $where .= (empty($where) ? "WHERE " : " AND ") . "u.user_login LIKE '%{$keyword}%'"; break; case "address": $where .= (empty($where) ? "WHERE " : " AND ") . "(b.address LIKE '%{$keyword}%' OR b.xaddress='%{$keyword}%')"; break; case "city": $where .= (empty($where) ? "WHERE " : " AND ") . "b.city LIKE '%{$keyword}%'"; break; case "province": case "state": $where .= (empty($where) ? "WHERE " : " AND ") . "b.state='{$keyword}'"; break; case "zip": case "zipcode": case "postcode": $where .= (empty($where) ? "WHERE " : " AND ") . "b.postcode='{$keyword}'"; break; case "country": $where .= (empty($where) ? "WHERE " : " AND ") . "b.country='{$keyword}'"; break; } } } elseif (strpos($s, '@') !== false) { $where .= (empty($where) ? "WHERE " : " AND ") . "c.email='{$s}'"; } else { $where .= (empty($where) ? "WHERE " : " AND ") . " (c.id='{$s}' OR CONCAT(c.firstname,' ',c.lastname) LIKE '%{$s}%' OR c.company LIKE '%{$s}%')"; } } if (!empty($starts) && !empty($ends)) { $where .= (empty($where) ? "WHERE " : " AND ") . ' (UNIX_TIMESTAMP(c.created) >= ' . $starts . ' AND UNIX_TIMESTAMP(c.created) <= ' . $ends . ')'; } $customercount = $db->query("SELECT count(*) as total FROM {$customer_table} AS c {$where}"); $query = "SELECT c.*,b.city,b.state,b.country, u.user_login, SUM(p.total) AS total,count(distinct p.id) AS orders FROM {$customer_table} AS c LEFT JOIN {$purchase_table} AS p ON p.customer=c.id LEFT JOIN {$billing_table} AS b ON b.customer=c.id LEFT JOIN {$users_table} AS u ON u.ID=c.wpuser AND (c.wpuser IS NULL OR c.wpuser !=0) {$where} GROUP BY c.id ORDER BY c.created DESC LIMIT {$index},{$per_page}"; $Customers = $db->query($query, AS_ARRAY); $num_pages = ceil($customercount->total / $per_page); $page_links = paginate_links(array('base' => add_query_arg('pagenum', '%#%'), 'format' => '', 'total' => $num_pages, 'current' => $pagenum)); $ranges = array('all' => __('Show New Customers', 'Shopp'), 'today' => __('Today', 'Shopp'), 'week' => __('This Week', 'Shopp'), 'month' => __('This Month', 'Shopp'), 'quarter' => __('This Quarter', 'Shopp'), 'year' => __('This Year', 'Shopp'), 'yesterday' => __('Yesterday', 'Shopp'), 'lastweek' => __('Last Week', 'Shopp'), 'last30' => __('Last 30 Days', 'Shopp'), 'last90' => __('Last 3 Months', 'Shopp'), 'lastmonth' => __('Last Month', 'Shopp'), 'lastquarter' => __('Last Quarter', 'Shopp'), 'lastyear' => __('Last Year', 'Shopp'), 'lastexport' => __('Last Export', 'Shopp'), 'custom' => __('Custom Dates', 'Shopp')); $exports = array('tab' => __('Tab-separated.txt', 'Shopp'), 'csv' => __('Comma-separated.csv', 'Shopp'), 'xls' => __('Microsoft® Excel.xls', 'Shopp')); $formatPref = $Shopp->Settings->get('customerexport_format'); if (!$formatPref) { $formatPref = 'tab'; } $columns = array_merge(Customer::exportcolumns(), Billing::exportcolumns(), Shipping::exportcolumns()); $selected = $Shopp->Settings->get('customerexport_columns'); if (empty($selected)) { $selected = array_keys($columns); } $authentication = $Shopp->Settings->get('account_system'); include "{$this->basepath}/core/ui/customers/customers.php"; }
/** * lookups () * Provides fast db lookups with as little overhead as possible */ function lookups($wp) { $db =& DB::get(); // Grab query requests from permalink rewriting query vars $admin = false; $download = isset($wp->query_vars['shopp_download']) ? $wp->query_vars['shopp_download'] : ''; $lookup = isset($wp->query_vars['shopp_lookup']) ? $wp->query_vars['shopp_lookup'] : ''; // Admin Lookups if (isset($_GET['page']) && $_GET['page'] == "shopp-lookup") { $admin = true; $image = $_GET['id']; $download = $_GET['download']; } if (!empty($download)) { $lookup = "download"; } if (empty($lookup)) { $lookup = isset($_GET['lookup']) ? $_GET['lookup'] : ''; } switch ($lookup) { case "purchaselog": if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) { die('-1'); } $db =& DB::get(); if (!isset($_POST['settings']['purchaselog_columns'])) { $_POST['settings']['purchaselog_columns'] = array_keys(array_merge($Purchase, $Purchased)); $_POST['settings']['purchaselog_headers'] = "on"; } $this->Flow->settings_save(); $format = $this->Settings->get('purchaselog_format'); if (empty($format)) { $format = 'tab'; } switch ($format) { case "csv": new PurchasesCSVExport(); break; case "xls": new PurchasesXLSExport(); break; case "iif": new PurchasesIIFExport(); break; default: new PurchasesTabExport(); } exit; break; case "customerexport": if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) { die('-1'); } $db =& DB::get(); if (!isset($_POST['settings']['customerexport_columns'])) { $Customer = Customer::exportcolumns(); $Billing = Billing::exportcolumns(); $Shipping = Shipping::exportcolumns(); $_POST['settings']['customerexport_columns'] = array_keys(array_merge($Customer, $Billing, $Shipping)); $_POST['settings']['customerexport_headers'] = "on"; } $this->Flow->settings_save(); $format = $this->Settings->get('customerexport_format'); if (empty($format)) { $format = 'tab'; } switch ($format) { case "csv": new CustomersCSVExport(); break; case "xls": new CustomersXLSExport(); break; default: new CustomersTabExport(); } exit; break; case "receipt": if (!defined('WP_ADMIN') || !is_user_logged_in() || !current_user_can('manage_options')) { die('-1'); } if (preg_match("/\\d+/", $_GET['id'])) { $this->Cart->data->Purchase = new Purchase($_GET['id']); $this->Cart->data->Purchase->load_purchased(); } else { die('-1'); } echo "<html><head>"; echo '<style type="text/css">body { padding: 20px; font-family: Arial,Helvetica,sans-serif; }</style>'; echo "<link rel='stylesheet' href='" . SHOPP_TEMPLATES_URI . "/shopp.css' type='text/css' />"; echo "</head><body>"; echo $this->Flow->order_receipt(); if (isset($_GET['print']) && $_GET['print'] == 'auto') { echo '<script type="text/javascript">window.onload = function () { window.print(); window.close(); }</script>'; } echo "</body></html>"; exit; break; case "zones": $zones = $this->Settings->get('zones'); if (isset($_GET['country'])) { echo json_encode($zones[$_GET['country']]); } exit; break; case "shipcost": @session_start(); $this->ShipCalcs = new ShipCalcs($this->path); if (isset($_GET['method'])) { $this->Cart->data->Order->Shipping->method = $_GET['method']; $this->Cart->retotal = true; $this->Cart->updated(); $this->Cart->totals(); echo json_encode($this->Cart->data->Totals); } exit; break; case "category-menu": echo $this->Flow->category_menu(); exit; break; case "category-products-menu": echo $this->Flow->category_products(); exit; break; case "spectemplate": $db = DB::get(); $table = DatabaseObject::tablename(Category::$table); $result = $db->query("SELECT specs FROM {$table} WHERE id='{$_GET['cat']}' AND spectemplate='on'"); echo json_encode(unserialize($result->specs)); exit; break; case "optionstemplate": $db = DB::get(); $table = DatabaseObject::tablename(Category::$table); $result = $db->query("SELECT options,prices FROM {$table} WHERE id='{$_GET['cat']}' AND variations='on'"); if (empty($result)) { exit; } $result->options = unserialize($result->options); $result->prices = unserialize($result->prices); foreach ($result->options as &$menu) { foreach ($menu['options'] as &$option) { $option['id'] += $_GET['cat']; } } foreach ($result->prices as &$price) { $optionids = explode(",", $price['options']); foreach ($optionids as &$id) { $id += $_GET['cat']; } $price['options'] = join(",", $optionids); $price['optionkey'] = ""; } echo json_encode($result); exit; break; case "newproducts-rss": $NewProducts = new NewProducts(array('show' => 5000)); header("Content-type: application/rss+xml; charset=utf-8"); echo shopp_rss($NewProducts->rss()); exit; break; case "category-rss": $this->catalog($wp); header("Content-type: application/rss+xml; charset=utf-8"); echo shopp_rss($this->Category->rss()); exit; break; case "download": if (empty($download)) { break; } if ($admin) { $Asset = new Asset($download); } else { $db = DB::get(); $pricetable = DatabaseObject::tablename(Purchase::$table); $pricetable = DatabaseObject::tablename(Price::$table); $assettable = DatabaseObject::tablename(Asset::$table); require_once "core/model/Purchased.php"; $Purchased = new Purchased($download, "dkey"); $Purchase = new Purchase($Purchased->purchase); $target = $db->query("SELECT target.* FROM {$assettable} AS target LEFT JOIN {$pricetable} AS pricing ON pricing.id=target.parent AND target.context='price' WHERE pricing.id={$Purchased->price} AND target.datatype='download'"); $Asset = new Asset(); $Asset->populate($target); $forbidden = false; // Purchase Completion check if ($Purchase->transtatus != "CHARGED" && !SHOPP_PREPAYMENT_DOWNLOADS) { new ShoppError(__('This file cannot be downloaded because payment has not been received yet.', 'Shopp'), 'shopp_download_limit'); $forbidden = true; } // Account restriction checks if ($this->Settings->get('account_system') != "none" && (!$this->Cart->data->login || $this->Cart->data->Order->Customer->id != $Purchase->customer)) { new ShoppError(__('You must login to access this download.', 'Shopp'), 'shopp_download_limit', SHOPP_ERR); header('Location: ' . $this->link('account')); exit; } // Download limit checking if ($this->Settings->get('download_limit') && $Purchased->downloads + 1 > $this->Settings->get('download_limit')) { new ShoppError(__('This file can no longer be downloaded because the download limit has been reached.', 'Shopp'), 'shopp_download_limit'); $forbidden = true; } // Download expiration checking if ($this->Settings->get('download_timelimit') && $Purchased->created + $this->Settings->get('download_timelimit') < mktime()) { new ShoppError(__('This file can no longer be downloaded because it has expired.', 'Shopp'), 'shopp_download_limit'); $forbidden = true; } // IP restriction checks if ($this->Settings->get('download_restriction') == "ip" && !empty($Purchase->ip) && $Purchase->ip != $_SERVER['REMOTE_ADDR']) { new ShoppError(__('The file cannot be downloaded because this computer could not be verified as the system the file was purchased from.', 'Shopp'), 'shopp_download_limit'); $forbidden = true; } do_action_ref_array('shopp_download_request', array(&$Purchased)); } if ($forbidden) { header("Status: 403 Forbidden"); return; } if ($Asset->download($download)) { $Purchased->downloads++; $Purchased->save(); do_action_ref_array('shopp_download_success', array(&$Purchased)); exit; } break; } }
/** * Delivers customer export files to the browser * * @since 1.1 * * @return void **/ function export_customers () { if (!current_user_can('ecart_export_customers')) exit(); if (!isset($_POST['settings']['customerexport_columns'])) { $Customer = Customer::exportcolumns(); $Billing = Billing::exportcolumns(); $Shipping = Shipping::exportcolumns(); $_POST['settings']['customerexport_columns'] = array_keys(array_merge($Customer,$Billing,$Shipping)); $_POST['settings']['customerexport_headers'] = "on"; } $this->Settings->saveform(); $format = $this->Settings->get('customerexport_format'); if (empty($format)) $format = 'tab'; switch ($format) { case "csv": new CustomersCSVExport(); break; case "xls": new CustomersXLSExport(); break; default: new CustomersTabExport(); } exit(); }
function CustomersExport () { global $Ecart; $this->customer_cols = Customer::exportcolumns(); $this->billing_cols = Billing::exportcolumns(); $this->shipping_cols = Shipping::exportcolumns(); $this->defined = array_merge($this->customer_cols,$this->billing_cols,$this->shipping_cols); $this->sitename = get_bloginfo('name'); $this->headings = ($Ecart->Settings->get('customerexport_headers') == "on"); $this->selected = $Ecart->Settings->get('customerexport_columns'); $Ecart->Settings->save('customerexport_lastexport',mktime()); }