/** * Create the pending order in the database with the customers selected payment details, etc. * * @return array An array containing information about what needs to be done next. */ public function SavePendingOrder() { $provider = null; $verifyPaymentProvider = true; $redirectToFinishOrder = false; $providerId = ''; $pendingOrderResult = array(); if (!isset($_SESSION['CHECKOUT']['PENDING_DATA'])) { return false; } // Did they agree to signup to any mailing lists? if (isset($_POST['join_mailing_list'])) { ISC_SetCookie("JOIN_MAILING_LIST", 1, time() + 3600 * 24 * 7); } if (isset($_POST['join_order_list'])) { ISC_SetCookie("JOIN_ORDER_LIST", 1, time() + 3600 * 24 * 7); } $orderTotal = $_SESSION['CHECKOUT']['PENDING_DATA']['ORDER_TOTAL']; $giftCertificateAmount = $_SESSION['CHECKOUT']['PENDING_DATA']['GIFTCERTIFICATE_AMOUNT']; $gatewayAmount = $_SESSION['CHECKOUT']['PENDING_DATA']['GATEWAY_AMOUNT']; $creditUsed = 0; $giftCertificates = array(); // Find out what currency we are using. We'll need this later to display their previous orders in the currency that they have selected $selectedCurrency = GetCurrencyById($GLOBALS['CurrentCurrency']); if (isset($_SESSION['OFFERCART']['GIFTCERTIFICATES']) && is_array($_SESSION['OFFERCART']['GIFTCERTIFICATES'])) { $giftCertificates = $_SESSION['OFFERCART']['GIFTCERTIFICATES']; // Now we check that the gift certificates can actually be applied to the order $GLOBALS['ISC_CLASS_GIFT_CERTIFICATES'] = GetClass('ISC_GIFTCERTIFICATES'); $badCertificates = array(); $remainingBalance = 0; $GLOBALS['ISC_CLASS_GIFT_CERTIFICATES']->GiftCertificatesApplicableToOrder($orderTotal, $giftCertificates, $remainingBalance, $badCertificates); // One or more gift certificates were invalid so this order is now invalid if (count($badCertificates) > 0) { $badCertificatesList = '<strong>' . GetLang('BadGiftCertificates') . '</strong><ul>'; foreach ($badCertificates as $code => $reason) { if (is_array($reason) && $reason[0] == "expired") { $reason = sprintf(GetLang('BadGiftCertificateExpired'), CDate($reason[1])); } else { $reason = GetLang('BadGiftCertificate' . ucfirst($reason)); } $badCertificatesList .= sprintf("<li>%s - %s", isc_html_escape($code), $reason); } $badCertificatesList .= "</ul>"; $pendingOrderResult = array('error' => GetLang('OrderContainedInvalidGiftCertificates'), 'errorDetails' => $badCertificatesList); return $pendingOrderResult; } else { if ($orderTotal == $giftCertificateAmount && $remainingBalance > 0) { $pendingOrderResult = array('error' => GetLang('OrderTotalStillRemainingCertificates')); return $pendingOrderResult; } else { if ($orderTotal == $giftCertificateAmount) { $providerId = 'giftcertificate'; $verifyPaymentProvider = false; $redirectToFinishOrder = true; } } } } // If the order total is 0, then we just forward the user on to the "Thank You" page and set the payment provider to '' if ($orderTotal == 0) { $providerId = ''; $verifyPaymentProvider = false; $redirectToFinishOrder = true; } if ($verifyPaymentProvider) { if (isset($_POST['credit_checkout_provider']) && $_POST['credit_checkout_provider'] != "") { $_POST['checkout_provider'] = $_POST['credit_checkout_provider']; } $selected_provider = ""; $providers = GetCheckoutModulesThatCustomerHasAccessTo(true); // If there's more than one, use the value they've chosen if (count($providers) > 1 && isset($_POST['checkout_provider']) || isset($_SESSION['CHECKOUT']['ProviderListHTML'])) { $selected_provider = $_POST['checkout_provider']; } else { if (count($providers) == 1) { $selected_provider = $providers[0]['object']->GetId(); $_POST['checkout_provider'] = $selected_provider; } else { $selected_provider = ''; } } if (!isset($_POST['checkout_provider'])) { $_POST['checkout_provider'] = ''; } // Are we using our store credit? $GLOBALS['ISC_CLASS_CUSTOMER'] = GetClass('ISC_CUSTOMER'); $customer = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerDataByToken(); if (isset($_POST['store_credit']) && $_POST['store_credit'] == 1 && $customer['custstorecredit'] > 0) { // User has not chosen a payment provider and can't afford this order using only store credit, throw back as error if (!$_POST['checkout_provider'] && $customer['custstorecredit'] < $orderTotal) { return false; } else { $onlyCredit = false; $updateExtra = ''; // If we're only using store credit $creditToUse = $orderTotal - $giftCertificateAmount; if ($customer['custstorecredit'] >= $creditToUse) { // Set the checkout provider $providerId = 'storecredit'; $verifyPaymentProvider = false; $redirectToFinishOrder = true; $creditUsed = $creditToUse; $onlyCredit = true; } else { // Using all of our store credit to pay for this order and we owe more. $creditUsed = $customer['custstorecredit']; $gatewayAmount -= $creditUsed; } } } } // Now with round 2, do we still need to verify the payment provider? if ($verifyPaymentProvider) { // If there's more than one provider and one wasn't selected on the order confirmation screen then there's a problem if ((count($providers) == 0 || count($providers) > 1 && !isset($_POST['checkout_provider'])) && !isset($_SESSION['CHECKOUT']['ProviderListHTML'])) { return false; } // Is the payment provider selected actually valid? if (!GetModuleById('checkout', $provider, $selected_provider)) { return false; } $providerId = $provider->GetId(); } // Load up all of the data for the items in the cart $GLOBALS['ISC_CLASS_MAKEAOFFER'] = GetClass('ISC_MAKEAOFFER'); $cartItems = $GLOBALS['ISC_CLASS_MAKEAOFFER']->api->GetProductsInCart(); // OK, we're successful down to here - do they want to create an account? if (isset($_SESSION['CHECKOUT']['CREATE_ACCOUNT'])) { $accountDetails = $_SESSION['CHECKOUT']['ACCOUNT_DETAILS']; $token = GenerateCustomerToken(); $customerData = array('email' => trim($accountDetails['email']), 'password' => $accountDetails['password'], 'firstname' => $accountDetails['firstname'], 'lastname' => $accountDetails['lastname'], 'company' => $accountDetails['company'], 'phone' => $accountDetails['phone'], 'token' => $token); //alandy modify.2011-5-20. /*$sql="select customerid from [|PREFIX|]customers where custconemail='".$accountDetails['email']."'"; $query=$GLOBALS['ISC_CLASS_DB']->Query($sql); while($rs=$GLOBALS['ISC_CLASS_DB']->Fetch($query)){ $GLOBALS['Hasemailflag']="yes"; return array( 'error' => GetLang('AccountInternalError') ); }*/ $cusquery = "SELECT customerid\n\t\t\t\tFROM [|PREFIX|]customers\n\t\t\t\tWHERE isguest = 1 AND LOWER(custconemail)='" . $GLOBALS['ISC_CLASS_DB']->Quote(isc_strtolower($customerData['email'])) . "'"; $cusresult = $GLOBALS['ISC_CLASS_DB']->Query($cusquery); $cusrow = $GLOBALS['ISC_CLASS_DB']->Fetch($cusresult); $custId = $cusrow['customerid']; if ($custId == '') { // 20110613 johnny add ---- add flag for guest user email don't exist if ($_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) { $customerData['isguest'] = 1; } $customerId = $GLOBALS['ISC_CLASS_CUSTOMER']->CreateCustomerAccount($customerData, false, $accountDetails['autoAccount']); } else { if (!$_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) { $customerId = $GLOBALS['ISC_CLASS_CUSTOMER']->CreateCustomerAccount($customerData, true, $accountDetails['autoAccount']); /* delet already exist guest account $entity = new ISC_ENTITY_CUSTOMER(); $entity->delete($custId); */ } else { $customerId = $custId; // update guest account in customer table for guest user email exist $GLOBALS['ISC_CLASS_DB']->Query("UPDATE [|PREFIX|]customers SET custconfirstname = '" . $customerData['firstname'] . "', custconlastname = '" . $customerData['lastname'] . "' WHERE customerid = {$customerId}"); } } if (!$customerId) { return array('error' => GetLang('AccountInternalError')); } if (!$_SESSION['CHECKOUT']['PENDING_DATA']['GUEST_CHECKOUT']) { $GLOBALS['ISC_CLASS_CUSTOMER']->LoginCustomerById($customerId, true); } unset($_SESSION['CHECKOUT']['CREATE_ACCOUNT']); unset($_SESSION['CHECKOUT']['ACCOUNT_DETAILS']); // Log the customer in @ob_end_clean(); } if (isset($_COOKIE['SHOP_TOKEN'])) { $customerToken = $_COOKIE['SHOP_TOKEN']; } else { $customerToken = ''; } $orderComments = ''; if (isset($_REQUEST['ordercomments'])) { $orderComments = $_REQUEST['ordercomments']; } $checkoutSession = $_SESSION['CHECKOUT']; $pendingData = $checkoutSession['PENDING_DATA']; // Get a list of the vendors for all of the items in the cart, and loop through them // to build all of the pending orders $cartContent = $this->BreakdownCartByAddressVendorforshipping(); //Changed to merging function by Simha $vendorOrderInfo = array(); foreach ($cartContent as $vendorId => $addresses) { foreach ($addresses as $addressId => $products) { $allDigital = 1; $productArray = array(); foreach ($products as $cartItemId => $product) { // A physical product, mark as so if ($product['data']['prodtype'] == PT_PHYSICAL) { $allDigital = 0; } // Mark the quantity of this item $productArray[$cartItemId] = $product['quantity']; } $vendorInfo = $pendingData['VENDORS'][$vendorId . '_' . $addressId]; $vendorData = array('itemtotal' => $vendorInfo['ITEM_TOTAL'], 'taxcost' => $vendorInfo['TAX_COST'], 'taxname' => $vendorInfo['TAX_NAME'], 'taxrate' => $vendorInfo['TAX_RATE'], 'totalcost' => $vendorInfo['ORDER_TOTAL'], 'shippingcost' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['COST'], 'handlingcost' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['HANDLING'], 'shippingprovider' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['PROVIDER'], 'shippingmodule' => @$_SESSION['CHECKOUT']['SHIPPING'][$vendorId][$addressId]['MODULE'], 'isdigitalorder' => $allDigital, 'products' => $productArray); if ($addressId == 0) { $addresses = $this->GetOrderShippingAddresses(); $vendorData['shippingaddress'] = $addresses[$addressId]; } else { $vendorData['shippingaddressid'] = $addressId; } // Shipping zones can be configured per vendor, so we need to be sure // to pass this along correctly too if (isset($vendorInfo['SHIPPING_ZONE'])) { $shippingZone = GetShippingZoneById($vendorInfo['SHIPPING_ZONE']); if (is_array($shippingZone)) { $vendorData['ordshippingzoneid'] = $shippingZone['zoneid']; $vendorData['ordshippingzone'] = $shippingZone['zonename']; } } $vendorOrderInfo[$vendorId . '_' . $addressId] = $vendorData; } } // Set some defaults about the rest of the order $pendingOrder = array("customertoken" => $customerToken, 'paymentmethod' => $providerId, "storecreditamount" => $creditUsed, "giftcertificateamount" => $giftCertificateAmount, "giftcertificates" => $giftCertificates, "gatewayamount" => $gatewayAmount, 'totalincludestax' => $pendingData['TAX_INCLUDED'], "currencyid" => $selectedCurrency['currencyid'], "currencyexchangerate" => $selectedCurrency['currencyexchangerate'], 'ordercomments' => $orderComments, 'ipaddress' => GetIP(), 'vendorinfo' => $vendorOrderInfo); if (isset($customerId)) { $pendingOrder['customerid'] = $customerId; } // Determine the address ID we're using for billing if (is_array($_SESSION['CHECKOUT']['BILLING_ADDRESS'])) { $pendingOrder['billingaddress'] = $_SESSION['CHECKOUT']['BILLING_ADDRESS']; } else { $pendingOrder['billingaddressid'] = (int) $_SESSION['CHECKOUT']['BILLING_ADDRESS']; } if (isset($_POST['ordermessage'])) { $pendingOrder['ordermessage'] = $_POST['ordermessage']; } else { $pendingOrder['ordermessage'] = ''; } /** * Save our custom fields. If we are creating a new account then split this up so the * account fields will go in the customers table and the rest will go in the orders table */ if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['customer']) && isset($customerId) && isId($customerId)) { $formSessionId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['customer']); if (isId($formSessionId)) { $updateData = array('customerid' => $customerId, 'email' => $customerData['email'], 'firstname' => $customerData['firstname'], 'lastname' => $customerData['lastname'], 'company' => $customerData['company'], 'phone' => $customerData['phone'], 'custformsessionid' => $formSessionId); $entity = new ISC_ENTITY_CUSTOMER(); $entity->edit($updateData); } } /** * OK, now to store the custom address fields. Check here to see if we are not split * shipping (single order) */ if (!isset($_SESSION['CHECKOUT']['IS_SPLIT_SHIPPING']) || !$_SESSION['CHECKOUT']['IS_SPLIT_SHIPPING']) { $pendingOrder['ordformsessionid'] = ''; if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS'])) { /** * Save the billing */ if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && isset($pendingOrder['billingaddress']['saveAddress']) && $pendingOrder['billingaddress']['saveAddress']) { $pendingOrder['billingaddress']['shipformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']); } /** * Now for the shipping. Only save this once for all the shipping addresses */ if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'])) { $shippSessId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping']); foreach ($pendingOrder['vendorinfo'] as $vendorId => $vendorData) { if (isset($vendorData['shippingaddress']['saveAddress']) && $vendorData['shippingaddress']['saveAddress']) { $pendingOrder['vendorinfo'][$vendorId]['shippingaddress']['shipformsessionid'] = $shippSessId; } } } /** * Now the orders. This part is tricky because the billing and shipping information * have the same keys (same fields used in the frontend). We need to split them up * into separate billing and shipping information and then save it */ if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'])) { /** * We create a map first so we can map the shipping information to its proper field * ID */ $billingKeys = array_keys($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']); $fieldAddressMap = $GLOBALS['ISC_CLASS_FORM']->mapAddressFieldList(FORMFIELDS_FORM_BILLING, $billingKeys); /** * OK, we have the map, now to split up the custom fields */ $orderSessData = array(); foreach ($fieldAddressMap as $fieldId => $newShippingFieldId) { $orderSessData[$fieldId] = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'][$fieldId]; if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'][$fieldId])) { $orderSessData[$newShippingFieldId] = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['shipping'][$fieldId]; } } $pendingOrder['ordformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($orderSessData); } } /** * This is for split shipping. Loop through each address to get their default custom * field data, combine it with the billing custom field data, create the form session * record and then save that ID for each address */ } else { $shippingAddresses = $this->GetOrderShippingAddresses(); $origFormSessionData = array(); if (isset($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']) && is_array($_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing'])) { $origFormSessionData = $_SESSION['CHECKOUT']['CUSTOM_FIELDS']['billing']; } foreach ($pendingOrder['vendorinfo'] as $vendorId => $vendorData) { $address = null; $orderSessData = array(); if (array_key_exists($vendorData['shippingaddressid'], $shippingAddresses)) { $address = $shippingAddresses[$vendorData['shippingaddressid']]; } if (isset($address['shipformsessionid']) && isId($address['shipformsessionid'])) { $shippingSessionData = $GLOBALS['ISC_CLASS_FORM']->getSavedSessionData($address['shipformsessionid']); if (is_array($shippingSessionData)) { /** * Same deal with this save session data because the billing and shipping data * use the same fields and therefore have the same keys */ $billingKeys = array_keys($origFormSessionData); $fieldAddressMap = $GLOBALS['ISC_CLASS_FORM']->mapAddressFieldList(FORMFIELDS_FORM_BILLING, $billingKeys); /** * OK, we have the map, now to split up the custom fields */ $orderSessData = array(); foreach ($fieldAddressMap as $fieldId => $newShippingFieldId) { $orderSessData[$fieldId] = $origFormSessionData[$fieldId]; $orderSessData[$newShippingFieldId] = $shippingSessionData[$fieldId]; } } } $newFormSessionId = $GLOBALS['ISC_CLASS_FORM']->saveFormSessionManual($orderSessData); if (isId($newFormSessionId)) { $pendingOrder['vendorinfo'][$vendorId]['ordformsessionid'] = $newFormSessionId; } } } $pendingToken = CreateOrder($pendingOrder, $cartItems); // Try to add the record and if we can't then take them back to the shopping cart if (!$pendingToken) { return false; } // Persist the pending order token as a cookie for 24 hours ISC_SetCookie("SHOP_ORDER_TOKEN", $pendingToken, time() + 3600 * 24, true); $_COOKIE['SHOP_ORDER_TOKEN'] = $pendingToken; // Redirecting to finish order page? if ($redirectToFinishOrder) { return array('redirectToFinishOrder' => true); } $orderData = LoadPendingOrdersByToken($pendingToken); // Otherwise, the gateway want's to do something $provider->SetOrderData($orderData); // Is this an online payment provider? It would like to do something if ($provider->GetPaymentType() == PAYMENT_PROVIDER_ONLINE || method_exists($provider, "ShowPaymentForm")) { // Call the checkout process for the selected provider if (method_exists($provider, "ShowPaymentForm")) { return array('provider' => $provider, 'showPaymentForm' => true); } else { return array('provider' => $provider); } } else { return array('provider' => $provider); } }
/** * Imports an actual product record in to the database. * * @param array Array of record data */ protected function _ImportRecord($record) { if (!$record['custconemail']) { $this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersMissingEmail'); return; } if (!is_email_address($record['custconemail'])) { $this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersInvalidEmail'); return; } $fillin = array('custconcompany', 'custconfirstname', 'custconlastname', 'custconphone'); foreach ($fillin as $fillkey) { if (!isset($record[$fillkey])) { $record[$fillkey] = ''; } } // Is there an existing customer with the same email? $customerId = 0; $existingFormSessionId = 0; $query = sprintf("select customerid from [|PREFIX|]customers where lower(custconemail)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote(isc_strtolower($record['custconemail']))); $result = $GLOBALS["ISC_CLASS_DB"]->Query($query); if ($row = $GLOBALS["ISC_CLASS_DB"]->Fetch($result)) { // Overriding existing products, set the product id if (isset($this->ImportSession['OverrideDuplicates']) && $this->ImportSession['OverrideDuplicates'] == 1) { $customerId = $row['customerid']; $this->ImportSession['Results']['Updates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")"; } else { $this->ImportSession['Results']['Duplicates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")"; return; } if (isId($row['custformsessionid'])) { $existingFormSessionId = $row['custformsessionid']; } } $customerData = array('company' => $record['custconcompany'], 'firstname' => $record['custconfirstname'], 'lastname' => $record['custconlastname'], 'email' => $record['custconemail'], 'phone' => $record['custconphone']); if (isset($record['custpassword']) && $record['custpassword'] !== '') { $customerData['password'] = $record['custpassword']; } if (isset($record['custstorecredit'])) { $customerData['storecredit'] = DefaultPriceFormat($record['custstorecredit']); } if (isId($customerId)) { $customerData['customerid'] = $customerId; } // Are we placing the customer in a customer group? $groupId = 0; if (!empty($record['custgroup'])) { static $customerGroups; $groupName = strtolower($record['custgroup']); if (isset($customerGroups[$groupName])) { $groupId = $customerGroups[$groupName]; } else { $query = "\n\t\t\t\t\tSELECT customergroupid\n\t\t\t\t\tFROM [|PREFIX|]customer_groups\n\t\t\t\t\tWHERE LOWER(groupname)='" . $GLOBALS['ISC_CLASS_DB']->Quote($groupName) . "'\n\t\t\t\t"; $groupId = $GLOBALS['ISC_CLASS_DB']->FetchOne($query, 'customergroupid'); // Customer group doesn't exist, create it if (!$groupId) { $newGroup = array('name' => $record['custgroup'], 'discount' => 0, 'isdefault' => 0, 'categoryaccesstype' => 'all'); $entity = new ISC_ENTITY_CUSTOMERGROUP(); $groupId = $entity->add($newGroup); } if ($groupId) { $customerGroups[$groupName] = $groupId; } } } $customerData['customergroupid'] = $groupId; // Do we have a shipping address? $shippingData = array(); if (isset($record['shipfullname']) || isset($record['shipfirstname']) || isset($record['shipaddress1']) || isset($record['shipaddress2']) || isset($record['shipcity']) || isset($record['shipstate']) || isset($record['shipzip']) || isset($record['shipcountry'])) { $fillin = array('shipaddress1', 'shipaddress2', 'shipcity', 'shipstate', 'shipzip', 'shipcountry'); foreach ($fillin as $fillkey) { if (!isset($record[$fillkey])) { $record[$fillkey] = ''; } } $shippingData['shipfirstname'] = ''; $shippingData['shiplastname'] = ''; $shippingData['shipaddress1'] = $record['shipaddress1']; $shippingData['shipaddress2'] = $record['shipaddress2']; $shippingData['shipcity'] = $record['shipcity']; $shippingData['shipstate'] = $record['shipstate']; $shippingData['shipzip'] = $record['shipzip']; $shippingData['shipcountry'] = $record['shipcountry']; $shippingData['shipstateid'] = 0; $shippingData['shipcountryid'] = 0; $shippingData['shipdestination'] = ''; // Find the country and state $shippingData['shipcountryid'] = (int) GetCountryByName($record['shipcountry']); if (!$shippingData['shipcountryid']) { $shippingData['shipcountryid'] = (int) GetCountryIdByISO2($record['shipcountry']); } // Still nothing? 0 for the shipping country ID if (!$shippingData['shipcountryid']) { $shippingData['shipcountryid'] = 0; } if (isset($record['shipstate'])) { $shippingData['shipstateid'] = GetStateByName($record['shipstate'], $shippingData['shipcountryid']); } // Still nothing? 0 for the shipping state ID if (!$shippingData['shipstateid']) { $shippingData['shipstateid'] = 0; } if (!isset($record['shipfullname']) || $record['shipfullname'] == "") { if (isset($record['shipfirstname']) && $record['shipfirstname'] != '') { $shippingData['shipfirstname'] = $record['shipfirstname']; } else { $shippingData['shipfirstname'] = $customerData['firstname']; } if (isset($record['shiplastname']) && $record['shiplastname'] != '') { $shippingData['shiplastname'] = $record['shiplastname']; } else { $shippingData['shiplastname'] = $customerData['lastname']; } } if (!isset($record['shipphone']) && isset($record['custconphone'])) { $shippingData['shipphone'] = $record['custconphone']; } else { $shippingData['shipphone'] = $record['shipphone']; } /** * Handle any of the address custom fields that we might have */ if (!empty($this->customFields) && array_key_exists('custom', $record)) { $shippingData['shipformsessionid'] = $this->_importCustomFormfields(FORMFIELDS_FORM_ADDRESS, $record['custom']); if (!isId($shippingData['shipformsessionid'])) { unset($shippingData['shipformsessionid']); } } } /** * Handle any of the customer custom fields that we might have */ if (!empty($this->customFields) && array_key_exists('custom', $record)) { $formSessionId = $this->_importCustomFormfields(FORMFIELDS_FORM_ACCOUNT, $record['custom'], $existingFormSessionId); if (isId($formSessionId)) { $customerData['custformsessionid'] = $formSessionId; } } $customerData['is_import'] = true; $customerEntity = new ISC_ENTITY_CUSTOMER(); // New customer, insert in to DB if ($customerId == 0) { // Set a temporary password, retrievable later via lost password function if (!isset($customerData['password']) || $customerData['password'] == '') { $customerData['password'] = isc_substr(uniqid(rand(), true), 0, 10); } $customerData['token'] = GenerateCustomerToken(); $customerData['shipping_address'] = $shippingData; $rtn = $customerEntity->add($customerData); ++$this->ImportSession['Results']['SuccessCount']; } else { if (count($shippingData) > 0) { $query = sprintf("select shipid from [|PREFIX|]shipping_addresses where shipcustomerid='%d' and lower(shipaddress1)='%s' and lower(shipaddress2)='%s' and lower(shipcity)='%s' and lower(shipstate)='%s' and lower(shipcountry)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote($customerId), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress1']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress2']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcity']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipstate']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcountry'])); $Result = $GLOBALS['ISC_CLASS_DB']->Query($query); $row = $GLOBALS['ISC_CLASS_DB']->Fetch($Result); // Address doesn't exist, we insert it if (!$row['shipid']) { $customerData['shipping_address'] = $shippingData; } } $rtn = $customerEntity->edit($customerData); } }
/** * Save the edited account details back to the database */ public function SaveAccountDetails() { /** * Customer Details */ $customerMap = array('EmailAddress' => 'account_email', 'Password' => 'account_password', 'ConfirmPassword' => 'account_password_confirm'); $fields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_ACCOUNT, true); /** * Validate the field input. Unset the password and confirm password fields first */ foreach (array_keys($fields) as $fieldId) { if (isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'password' || isc_strtolower($fields[$fieldId]->record['formfieldprivateid']) == 'confirmpassword') { $fields[$fieldId]->setRequired(false); } } $errmsg = ''; if (!$this->validateFieldData($fields, $errmsg)) { return $this->EditAccount($errmsg, MSG_ERROR); } foreach (array_keys($fields) as $fieldId) { if (!array_key_exists($fields[$fieldId]->record['formfieldprivateid'], $customerMap)) { continue; } $_POST[$customerMap[$fields[$fieldId]->record['formfieldprivateid']]] = $fields[$fieldId]->GetValue(); } $customer_id = $GLOBALS['ISC_CLASS_CUSTOMER']->GetCustomerId(); $email_taken = false; $phone_invalid = false; $password_invalid = false; if (isset($_POST['account_firstname']) && isset($_POST['account_lastname']) && isset($_POST['account_companyname']) && isset($_POST['account_email']) && isset($_POST['account_phone']) && isset($_POST['account_password']) && isset($_POST['account_password_confirm'])) { // Are they updating their email address? If so is the new email address available? if ($GLOBALS['ISC_CLASS_CUSTOMER']->AccountWithEmailAlreadyExists($_POST['account_email'], $customer_id)) { $email_taken = true; } if (!$GLOBALS['ISC_CLASS_CUSTOMER']->ValidatePhoneNumber($_POST['account_phone'])) { $phone_invalid = true; } $pass1 = $_POST['account_password']; $pass2 = $_POST['account_password_confirm']; if ($pass1 . $pass2 !== '' && $pass1 !== $pass2) { $password_invalid = true; } if (!$email_taken && !$phone_invalid && !$password_invalid) { $UpdatedAccount = array("customerid" => $customer_id, "firstname" => $_POST['account_firstname'], "lastname" => $_POST['account_lastname'], "company" => $_POST['account_companyname'], "email" => $_POST['account_email'], "phone" => $_POST['account_phone']); // Do we need to update the password? if ($pass1 == $pass2 && $pass1 != "") { $UpdatedAccount['password'] = $pass1; } $entity = new ISC_ENTITY_CUSTOMER(); $existingCustomer = $entity->get($customer_id); /** * Create/Update our form session data */ if (isId($existingCustomer['custformsessionid'])) { $GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT, true, $existingCustomer['custformsessionid']); } else { $UpdatedAccount['custformsessionid'] = $GLOBALS['ISC_CLASS_FORM']->saveFormSession(FORMFIELDS_FORM_ACCOUNT); } if ($entity->edit($UpdatedAccount)) { $this->EditAccount(GetLang('AccountDetailsUpdatedSuccess'), MSG_SUCCESS); } else { $this->EditAccount(GetLang('AccountDetailsUpdatedFailed'), MSG_ERROR); } } else { if ($email_taken) { // Email address is already taken $this->EditAccount(sprintf(GetLang('AccountUpdateEmailTaken'), $_POST['account_email']), MSG_ERROR); } else { if ($phone_invalid) { // Phone number is invalid $this->EditAccount(sprintf(GetLang('AccountUpdateValidPhone'), $_POST['account_phone']), MSG_ERROR); } else { if ($password_invalid) { $this->EditAccount(GetLang('AccountPasswordsDontMatch'), MSG_ERROR); } } } } } else { ob_end_clean(); header(sprintf("Location: %s/account.php", $GLOBALS['ShopPath'])); die; } }