/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (\HaaseIT\HCSF\Customer\Helper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_default"); } else { $sql = 'SELECT cust_email, cust_id FROM customer ' . 'WHERE cust_emailverificationcode = :key AND cust_emailverified = \'n\''; /** @var \PDOStatement $hResult */ $hResult = $this->db->prepare($sql); $hResult->bindValue(':key', $_GET["key"], \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aRow = $hResult->fetch(); $aData = ['cust_emailverified' => 'y', 'cust_id' => $aRow['cust_id']]; $sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id'); /** @var \PDOStatement $hResult */ $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationsuccess"); } else { $this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationfail"); } } }
public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default"); } else { $this->P->cb_customcontenttemplate = 'customer/register'; $aErr = []; if (isset($_POST["doRegister"]) && $_POST["doRegister"] == 'yes') { $aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr); if (count($aErr) == 0) { $sql = 'SELECT cust_email FROM customer WHERE cust_email = :email'; $sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL); /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->prepare($sql); $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 0) { $sEmailVerificationcode = md5($_POST["email"] . time()); $aData = ['cust_email' => $sEmail, 'cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_password' => password_hash($_POST["pwd"], PASSWORD_DEFAULT), 'cust_tosaccepted' => isset($_POST["tos"]) && $_POST["tos"] == 'y' ? 'y' : 'n', 'cust_cancellationdisclaimeraccepted' => isset($_POST["cancellationdisclaimer"]) && $_POST["cancellationdisclaimer"] == 'y' ? 'y' : 'n', 'cust_emailverified' => 'n', 'cust_emailverificationcode' => $sEmailVerificationcode, 'cust_active' => HelperConfig::$customer["register_require_manual_activation"] ? 'n' : 'y', 'cust_registrationtimestamp' => time()]; $sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'customer'); $hResult = $this->serviceManager->get('db')->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue, \PDO::PARAM_STR); } $hResult->execute(); CHelper::sendVerificationMail($sEmailVerificationcode, $sEmail, $this->serviceManager, true); $aPData["showsuccessmessage"] = true; } else { $aErr["emailalreadytaken"] = true; $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr); } } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr); } } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register'); } if (isset($aPData) && count($aPData)) { $this->P->cb_customdata["register"] = $aPData; } } }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (\HaaseIT\HCSF\Customer\Helper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_default"); } else { $this->P->cb_customcontenttemplate = 'customer/forgotpassword'; $aErr = []; if (isset($_POST["doSend"]) && $_POST["doSend"] == 'yes') { $aErr = $this->handleForgotPassword($aErr); if (count($aErr) == 0) { $this->P->cb_customdata["forgotpw"]["showsuccessmessage"] = true; } else { $this->P->cb_customdata["forgotpw"]["errors"] = $aErr; } } } }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (HelperConfig::$shop["show_pricesonlytologgedin"] && !\HaaseIT\HCSF\Customer\Helper::getUserData()) { $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_notloggedin"); } else { $this->P->cb_customcontenttemplate = 'shop/checkedout'; $iId = \filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); $sql = 'SELECT * FROM orders WHERE o_id = :id AND o_paymentcompleted = \'n\''; /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->prepare($sql); $hResult->bindValue(':id', $iId, \PDO::PARAM_INT); $hResult->execute(); if ($hResult->rowCount() == 1) { $this->P->cb_customdata["order"] = $hResult->fetch(); $this->P->cb_customdata["gesamtbrutto"] = \HaaseIT\HCSF\Shop\Helper::calculateTotalFromDB($this->P->cb_customdata["order"]); } } }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (\HaaseIT\HCSF\Customer\Helper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_default"); } else { if (!isset($_GET["key"]) || !isset($_GET["email"]) || trim($_GET["key"]) == '' || trim($_GET["email"]) == '' || !\filter_var($_GET["email"], FILTER_VALIDATE_EMAIL)) { $this->P->oPayload->cl_html = $this->textcats->T("denied_default"); } else { $sql = 'SELECT * FROM customer WHERE cust_email = :email AND cust_pwresetcode = :pwresetcode AND cust_pwresetcode != \'\''; $sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL); $hResult = $this->db->prepare($sql); $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR); $hResult->bindValue(':pwresetcode', filter_var(trim(Tools::getFormfield("key")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), \PDO::PARAM_STR); $hResult->execute(); if ($hResult->rowCount() != 1) { $this->P->oPayload->cl_html = $this->textcats->T("denied_default"); } else { $aErr = []; $aResult = $hResult->fetch(); $iTimestamp = time(); if ($aResult['cust_pwresettimestamp'] < $iTimestamp - DAY) { $this->P->oPayload->cl_html = $this->textcats->T("pwreset_error_expired"); } else { $this->P->cb_customcontenttemplate = 'customer/resetpassword'; $this->P->cb_customdata["pwreset"]["minpwlength"] = HelperConfig::$customer["minimum_length_password"]; if (isset($_POST["doSend"]) && $_POST["doSend"] == 'yes') { $aErr = $this->handlePasswordReset($aErr, $aResult['cust_id']); if (count($aErr) == 0) { $this->P->cb_customdata["pwreset"]["showsuccessmessage"] = true; } else { $this->P->cb_customdata["pwreset"]["errors"] = $aErr; } } } } } } }
public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default"); } else { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ', cust_emailverificationcode FROM customer'; $sql .= ' WHERE cust_email = :email AND cust_emailverified = \'n\''; /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->prepare($sql); $hResult->bindValue(':email', trim($_GET["email"]), \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aRow = $hResult->fetch(); $sEmailVerificationcode = $aRow['cust_emailverificationcode']; CHelper::sendVerificationMail($sEmailVerificationcode, $aRow['cust_email'], $this->serviceManager, true); $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("register_verificationmailresent"); } } }
/** * @param $CUA * @param $twig * @return mixed */ private function handleCustomerAdmin($CUA, $twig) { $sType = 'all'; if (isset($_REQUEST["type"])) { if ($_REQUEST["type"] == 'active') { $sType = 'active'; } elseif ($_REQUEST["type"] == 'inactive') { $sType = 'inactive'; } } $return = ''; if (!isset($_GET["action"])) { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer'; if ($sType == 'active') { $sql .= ' WHERE cust_active = \'y\''; } elseif ($sType == 'inactive') { $sql .= ' WHERE cust_active = \'n\''; } $sql .= ' ORDER BY cust_no ASC'; $hResult = $this->db->query($sql); if ($hResult->rowCount() != 0) { $aData = $hResult->fetchAll(); $return .= \HaaseIT\Tools::makeListtable($CUA, $aData, $twig); } else { $aInfo["nodatafound"] = true; } } elseif (isset($_GET["action"]) && $_GET["action"] == 'edit') { $iId = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); $aErr = []; if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') { $sCustno = filter_var(trim($_POST["custno"]), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); if (strlen($sCustno) < HelperConfig::$customer["minimum_length_custno"]) { $aErr["custnoinvalid"] = true; } else { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_no = :custno'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->bindValue(':custno', $sCustno); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aErr["custnoalreadytaken"] = true; } $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->bindValue(':email', filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $aErr["emailalreadytaken"] = true; } $aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr, true); if (count($aErr) == 0) { $aData = ['cust_no' => $sCustno, 'cust_email' => trim(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)), 'cust_corp' => trim(filter_input(INPUT_POST, 'corpname', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_name' => trim(filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_street' => trim(filter_input(INPUT_POST, 'street', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_zip' => trim(filter_input(INPUT_POST, 'zip', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_town' => trim(filter_input(INPUT_POST, 'town', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_phone' => trim(filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_cellphone' => trim(filter_input(INPUT_POST, 'cellphone', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_fax' => trim(filter_input(INPUT_POST, 'fax', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_country' => trim(filter_input(INPUT_POST, 'country', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_group' => trim(filter_input(INPUT_POST, 'custgroup', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)), 'cust_emailverified' => isset($_POST["emailverified"]) && $_POST["emailverified"] == 'y' ? 'y' : 'n', 'cust_active' => isset($_POST["active"]) && $_POST["active"] == 'y' ? 'y' : 'n', 'cust_id' => $iId]; if (isset($_POST["pwd"]) && $_POST["pwd"] != '') { $aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT); $aInfo["passwordchanged"] = true; } $sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $aInfo["changeswritten"] = true; } } } $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id = :id'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->execute(); if ($hResult->rowCount() == 1) { $aUser = $hResult->fetch(); $aPData["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'admin', $aErr, $aUser); } else { $aInfo["nosuchuserfound"] = true; } } $aPData["customeradmin"]["text"] = $return; $aPData["customeradmin"]["type"] = $sType; if (isset($aInfo)) { $aPData["customeradmin"]["info"] = $aInfo; } return $aPData; }
public static function getShoppingcartData() { $aCartinfo = ['numberofitems' => 0, 'cartsums' => [], 'cartsumnetto' => 0, 'cartsumbrutto' => 0]; if ((!HelperConfig::$shop["show_pricesonlytologgedin"] || CHelper::getUserData()) && isset($_SESSION["cart"]) && count($_SESSION["cart"])) { $aCartsums = \HaaseIT\HCSF\Shop\Helper::calculateCartItems($_SESSION["cart"]); $aCartinfo = ['numberofitems' => count($_SESSION["cart"]), 'cartsums' => $aCartsums, 'cartsumnetto' => $aCartsums["sumvoll"] + $aCartsums["sumerm"], 'cartsumbrutto' => $aCartsums["sumvoll"] + $aCartsums["sumerm"] + $aCartsums["taxerm"] + $aCartsums["taxvoll"]]; unset($aCartsums); foreach ($_SESSION["cart"] as $sKey => $aValue) { $aCartinfo["cartitems"][$sKey] = ['cartkey' => $sKey, 'name' => $aValue["name"], 'amount' => $aValue["amount"], 'img' => $aValue["img"], 'price' => $aValue["price"]]; } } return $aCartinfo; }
/** * @param $CSA * @return array */ private function handleShopAdmin($CSA) { $aSData = []; $aData = []; if (!isset($_GET["action"])) { $bIgnoreStorno = false; $sql = 'SELECT * FROM orders WHERE '; if (!isset($_REQUEST["type"]) or $_REQUEST["type"] == 'openinwork') { $sql .= "(o_ordercompleted = 'n' OR o_ordercompleted = 'i') "; } elseif ($_REQUEST["type"] == 'closed') { $sql .= "o_ordercompleted = 'y' "; } elseif ($_REQUEST["type"] == 'open') { $sql .= "o_ordercompleted = 'n' "; } elseif ($_REQUEST["type"] == 'inwork') { $sql .= "o_ordercompleted = 'i' "; } elseif ($_REQUEST["type"] == 'storno') { $sql .= "o_ordercompleted = 's' "; } elseif ($_REQUEST["type"] == 'deleted') { $sql .= "o_ordercompleted = 'd' "; } elseif ($_REQUEST["type"] == 'all') { $sql .= "o_ordercompleted != 'd' "; $bIgnoreStorno = true; } else { die(HardcodedText::get('shopadmin_error_invalidrequest')); } $bFromTo = false; $sFrom = null; $sTo = null; if (isset($_REQUEST["type"]) && ($_REQUEST["type"] == 'deleted' or $_REQUEST["type"] == 'all' or $_REQUEST["type"] == 'closed')) { $sql .= "AND "; $sFrom = \filter_var($_REQUEST["fromyear"], FILTER_SANITIZE_NUMBER_INT) . '-' . Tools::dateAddLeadingZero(\filter_var($_REQUEST["frommonth"], FILTER_SANITIZE_NUMBER_INT)); $sFrom .= '-' . Tools::dateAddLeadingZero(\filter_var($_REQUEST["fromday"], FILTER_SANITIZE_NUMBER_INT)); $sTo = \filter_var($_REQUEST["toyear"], FILTER_SANITIZE_NUMBER_INT) . '-' . Tools::dateAddLeadingZero(\filter_var($_REQUEST["tomonth"], FILTER_SANITIZE_NUMBER_INT)); $sTo .= '-' . Tools::dateAddLeadingZero(\filter_var($_REQUEST["today"], FILTER_SANITIZE_NUMBER_INT)); $sql .= "o_orderdate >= :from "; $sql .= "AND o_orderdate <= :to "; $bFromTo = true; } $sql .= "ORDER BY o_ordertimestamp DESC"; $hResult = $this->db->prepare($sql); if ($bFromTo) { $hResult->bindValue(':from', $sFrom); $hResult->bindValue(':to', $sTo); } $hResult->execute(); if ($hResult->rowCount() != 0) { $i = 0; $j = 0; $k = 0; $fGesamtnetto = 0.0; while ($aRow = $hResult->fetch()) { if ($aRow["o_ordercompleted"] == 'y') { $sStatus = '<span style="color: green; font-weight: bold;">' . HardcodedText::get('shopadmin_orderstatus_completed') . '</span>'; } elseif ($aRow["o_ordercompleted"] == 'n') { $sStatus = '<span style="color: orange; font-weight: bold;">' . HardcodedText::get('shopadmin_orderstatus_open') . '</span>'; } elseif ($aRow["o_ordercompleted"] == 'i') { $sStatus = '<span style="color: orange;">' . HardcodedText::get('shopadmin_orderstatus_inwork') . '</span>'; } elseif ($aRow["o_ordercompleted"] == 's') { $sStatus = '<span style="color: red; font-weight: bold;">' . HardcodedText::get('shopadmin_orderstatus_canceled') . '</span>'; } elseif ($aRow["o_ordercompleted"] == 'd') { $sStatus = HardcodedText::get('shopadmin_orderstatus_deleted'); } else { $sStatus = ''; } if ($aRow["o_paymentcompleted"] == 'y') { $sZahlungsmethode = '<span style="color: green;">'; } else { $sZahlungsmethode = '<span style="color: red;">'; } $mZahlungsmethode = $this->serviceManager->get('textcats')->T("order_paymentmethod_" . $aRow["o_paymentmethod"], true); if ($mZahlungsmethode) { $sZahlungsmethode .= $mZahlungsmethode; } else { $sZahlungsmethode .= ucwords($aRow["o_paymentmethod"]); } $sZahlungsmethode .= '</span>'; if (trim($aRow["o_corpname"]) == '') { $sName = $aRow["o_name"]; } else { $sName = $aRow["o_corpname"]; } $aData[] = ['o_id' => $aRow["o_id"], 'o_account_no' => $aRow["o_custno"], 'o_email' => $aRow["o_email"], 'o_cust' => $sName . '<br>' . $aRow["o_zip"] . ' ' . $aRow["o_town"], 'o_authed' => $aRow["o_authed"], 'o_sumnettoall' => number_format($aRow["o_sumnettoall"], HelperConfig::$core['numberformat_decimals'], HelperConfig::$core['numberformat_decimal_point'], HelperConfig::$core['numberformat_thousands_seperator']) . ' ' . HelperConfig::$shop["waehrungssymbol"] . ($aRow["o_mindermenge"] != 0 && $aRow["o_mindermenge"] != '' ? '<br>+' . number_format($aRow["o_mindermenge"], HelperConfig::$core['numberformat_decimals'], HelperConfig::$core['numberformat_decimal_point'], HelperConfig::$core['numberformat_thousands_seperator']) . ' ' . HelperConfig::$shop["waehrungssymbol"] : ''), 'o_order_status' => $sStatus . (trim($aRow["o_lastedit_user"]) != '' ? '<br>' . $aRow["o_lastedit_user"] : ''), 'o_ordertime_number' => date(HelperConfig::$core['locale_format_date_time'], $aRow["o_ordertimestamp"]) . (trim($aRow["o_transaction_no"]) != '' ? '<br>' . $aRow["o_transaction_no"] : ''), 'o_order_host_payment' => $sZahlungsmethode . '<br>' . $aRow["o_srv_hostname"]]; if (!($aRow["o_ordercompleted"] == 's' && $bIgnoreStorno)) { $fGesamtnetto += $aRow["o_sumnettoall"]; $j++; } else { $k++; } $i++; } $aSData['listtable_orders'] = Tools::makeListtable($CSA["list_orders"], $aData, $this->serviceManager->get('twig')); $aSData['listtable_i'] = $i; $aSData['listtable_j'] = $j; $aSData['listtable_k'] = $k; $aSData['listtable_gesamtnetto'] = $fGesamtnetto; } else { $aSData['nomatchingordersfound'] = true; } } elseif (isset($_GET["action"]) && $_GET["action"] == 'edit') { $iId = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); $sql = 'SELECT * FROM orders WHERE o_id = :id'; /** @var \PDOStatement $hResult */ $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->execute(); if ($hResult->rowCount() == 1) { $aSData["orderdata"] = $hResult->fetch(); $sql = 'SELECT * FROM orders_items WHERE oi_o_id = :id'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $iId); $hResult->execute(); $aItems = $hResult->fetchAll(); $aUserdata = ['cust_no' => $aSData["orderdata"]["o_custno"], 'cust_email' => $aSData["orderdata"]["o_email"], 'cust_corp' => $aSData["orderdata"]["o_corpname"], 'cust_name' => $aSData["orderdata"]["o_name"], 'cust_street' => $aSData["orderdata"]["o_street"], 'cust_zip' => $aSData["orderdata"]["o_zip"], 'cust_town' => $aSData["orderdata"]["o_town"], 'cust_phone' => $aSData["orderdata"]["o_phone"], 'cust_cellphone' => $aSData["orderdata"]["o_cellphone"], 'cust_fax' => $aSData["orderdata"]["o_fax"], 'cust_country' => $aSData["orderdata"]["o_country"], 'cust_group' => $aSData["orderdata"]["o_group"]]; $aSData["customerform"] = \HaaseIT\HCSF\Customer\Helper::buildCustomerForm(HelperConfig::$lang, 'shopadmin', '', $aUserdata); $aSData["orderdata"]["options_shippingservices"] = ['']; foreach (HelperConfig::$shop["shipping_services"] as $sValue) { $aSData["orderdata"]["options_shippingservices"][] = $sValue; } $aItemsCarttable = []; foreach ($aItems as $aValue) { $aPrice = ['netto_list' => $aValue["oi_price_netto_list"], 'netto_sale' => $aValue["oi_price_netto_sale"], 'netto_rebated' => $aValue["oi_price_netto_rebated"], 'netto_use' => $aValue["oi_price_netto_use"], 'brutto_use' => $aValue["oi_price_brutto_use"]]; //$aPrice = $oItem->calcPrice($aValue["oi_price_netto"], HelperConfig::$shop["vat"][$aValue["oi_vat_id"]], '', true); $aItemsCarttable[$aValue["oi_cartkey"]] = ['amount' => $aValue["oi_amount"], 'price' => $aPrice, 'vat' => $aValue["oi_vat"], 'rg' => $aValue["oi_rg"], 'rg_rebate' => $aValue["oi_rg_rebate"], 'name' => $aValue["oi_itemname"], 'img' => $aValue["oi_img"]]; } $aSData = array_merge(\HaaseIT\HCSF\Shop\Helper::buildShoppingCartTable($aItemsCarttable, true, $aSData["orderdata"]["o_group"], '', $aSData["orderdata"]["o_vatfull"], $aSData["orderdata"]["o_vatreduced"]), $aSData); } else { $aSData['ordernotfound'] = true; } } return $aSData; }
private function showMyOrders($COList) { $return = ''; $sql = 'SELECT * FROM orders WHERE o_custno = :custno ORDER BY o_ordertimestamp DESC'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':custno', CHelper::getUserData('cust_no')); $hResult->execute(); if ($hResult->rowCount() >= 1) { $aData = []; while ($aRow = $hResult->fetch()) { $sStatus = SHelper::showOrderStatusText($this->textcats, $aRow["o_ordercompleted"]); if ($aRow["o_paymentmethod"] == 'prepay') { $sPaymentmethod = $this->textcats->T("order_paymentmethod_prepay"); } elseif ($aRow["o_paymentmethod"] == 'paypal') { $sPaymentmethod = $this->textcats->T("order_paymentmethod_paypal"); } elseif ($aRow["o_paymentmethod"] == 'debit') { $sPaymentmethod = $this->textcats->T("order_paymentmethod_debit"); } elseif ($aRow["o_paymentmethod"] == 'invoice') { $sPaymentmethod = $this->textcats->T("order_paymentmethod_invoice"); } else { $sPaymentmethod = ucwords($aRow["o_paymentmethod"]); } if ($aRow["o_paymentcompleted"] == 'y') { $sPaymentstatus = ucwords($this->textcats->T("misc_yes")); } else { $sPaymentstatus = ucwords($this->textcats->T("misc_no")); } $aData[] = ['o_id' => $aRow["o_id"], 'o_order_status' => $sStatus, 'o_ordertime' => date(HelperConfig::$customer['locale_format_date_time'], $aRow["o_ordertimestamp"]), 'o_paymentmethod' => $sPaymentmethod, 'o_paymentcompleted' => $sPaymentstatus, 'o_shipping_service' => $aRow["o_shipping_service"], 'o_shipping_trackingno' => $aRow["o_shipping_trackingno"]]; } $return .= \HaaseIT\Tools::makeListtable($COList, $aData, $this->serviceManager->get('twig')); } else { $return .= $this->textcats->T("myorders_no_orders_to_display"); } return $return; }
public static function generatePage(ServiceManager $serviceManager, $P) { $requesturi = $serviceManager->get('request')->getRequestTarget(); $aP = ['language' => HelperConfig::$lang, 'pageconfig' => $P->cb_pageconfig, 'pagetype' => $P->cb_pagetype, 'subnavkey' => $P->cb_subnav, 'requesturi' => $requesturi, 'requesturiarray' => parse_url($requesturi), 'locale_format_date' => HelperConfig::$core['locale_format_date'], 'locale_format_date_time' => HelperConfig::$core['locale_format_date_time'], 'maintenancemode' => HelperConfig::$core['maintenancemode'], 'numberformat_decimals' => HelperConfig::$core['numberformat_decimals'], 'numberformat_decimal_point' => HelperConfig::$core['numberformat_decimal_point'], 'numberformat_thousands_seperator' => HelperConfig::$core['numberformat_thousands_seperator']]; if (HelperConfig::$core["enable_module_customer"]) { $aP["isloggedin"] = \HaaseIT\HCSF\Customer\Helper::getUserData(); $aP["enable_module_customer"] = true; } if (HelperConfig::$core["enable_module_shop"]) { $aP["currency"] = HelperConfig::$shop["waehrungssymbol"]; $aP["orderamounts"] = HelperConfig::$shop["orderamounts"]; if (isset(HelperConfig::$shop["vat"]["full"])) { $aP["vatfull"] = HelperConfig::$shop["vat"]["full"]; } if (isset(HelperConfig::$shop["vat"]["reduced"])) { $aP["vatreduced"] = HelperConfig::$shop["vat"]["reduced"]; } if (isset(HelperConfig::$shop["custom_order_fields"])) { $aP["custom_order_fields"] = HelperConfig::$shop["custom_order_fields"]; } $aP["enable_module_shop"] = true; } if (isset($P->cb_key)) { $aP["path"] = pathinfo($P->cb_key); } else { $aP["path"] = pathinfo($aP["requesturi"]); } if ($P->cb_customcontenttemplate != NULL) { $aP["customcontenttemplate"] = $P->cb_customcontenttemplate; } if ($P->cb_customdata != NULL) { $aP["customdata"] = $P->cb_customdata; } if (isset($_SERVER["HTTP_REFERER"])) { $aP["referer"] = $_SERVER["HTTP_REFERER"]; } // if there is no subnav defined but there is a default subnav defined, use it // subnavkey can be used in the templates to find out, where we are if ((!isset($aP["subnavkey"]) || $aP["subnavkey"] == '') && HelperConfig::$core["subnav_default"] != '') { $aP["subnavkey"] = HelperConfig::$core["subnav_default"]; $P->cb_subnav = HelperConfig::$core["subnav_default"]; } if ($P->cb_subnav != NULL && isset(HelperConfig::$navigation[$P->cb_subnav])) { $aP["subnav"] = HelperConfig::$navigation[$P->cb_subnav]; } // Get page title, meta-keywords, meta-description $aP["pagetitle"] = $P->oPayload->getTitle(); $aP["keywords"] = $P->oPayload->cl_keywords; $aP["description"] = $P->oPayload->cl_description; // TODO: Add head scripts to DB //if (isset($P["head_scripts"]) && $P["head_scripts"] != '') $aP["head_scripts"] = $P["head_scripts"]; // Shopping cart infos if (HelperConfig::$core["enable_module_shop"]) { $aP["cartinfo"] = SHelper::getShoppingcartData(); } $aP["countrylist"][] = ' | '; foreach (HelperConfig::$countries["countries_" . HelperConfig::$lang] as $sKey => $sValue) { $aP["countrylist"][] = $sKey . '|' . $sValue; } if (HelperConfig::$core["enable_module_shop"] && ($aP["pagetype"] == 'itemoverview' || $aP["pagetype"] == 'itemoverviewgrpd' || $aP["pagetype"] == 'itemdetail')) { $aP = SHelper::handleItemPage($serviceManager, $P, $aP); } $aP["content"] = $P->oPayload->cl_html; $aP["content"] = str_replace("@", "@", $aP["content"]); // Change @ to HTML Entity -> maybe less spam mails $aP['lang_available'] = HelperConfig::$core['lang_available']; $aP['lang_detection_method'] = HelperConfig::$core['lang_detection_method']; $aP['lang_by_domain'] = HelperConfig::$core['lang_by_domain']; if (HelperConfig::$core['debug']) { self::getDebug($aP, $P); $aP["debugdata"] = Tools::$sDebug; } return $aP; }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (!CHelper::getUserData()) { $this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin"); } else { $this->P->cb_customcontenttemplate = 'customer/customerhome'; $aPData["display_logingreeting"] = false; if (isset($_GET["login"]) && $_GET["login"]) { $aPData["display_logingreeting"] = true; } if (isset($_GET["editprofile"])) { $sErr = ''; if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') { $sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email'; $sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL); $hResult = $this->db->prepare($sql); $hResult->bindValue(':id', $_SESSION["user"]['cust_id'], \PDO::PARAM_INT); $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR); $hResult->execute(); $iRows = $hResult->rowCount(); if ($iRows == 1) { $sErr .= $this->textcats->T("userprofile_emailalreadyinuse") . '<br>'; } $sErr = CHelper::validateCustomerForm(HelperConfig::$lang, $sErr, true); if ($sErr == '') { if (HelperConfig::$customer["allow_edituserprofile"]) { $aData = ['cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)]; } if (isset($_POST["pwd"]) && $_POST["pwd"] != '') { $aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT); $aPData["infopasswordchanged"] = true; } $aData['cust_id'] = $_SESSION["user"]['cust_id']; if (count($aData) > 1) { $sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $aPData["infochangessaved"] = true; } else { $aPData["infonothingchanged"] = true; } } } $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'editprofile', $sErr); //if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation } else { $this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'userhome'); } $aPData["showprofilelinks"] = false; if (!isset($_GET["editprofile"])) { $aPData["showprofilelinks"] = true; } if (isset($aPData) && count($aPData)) { $this->P->cb_customdata["userhome"] = $aPData; } } }
public function calcPrice($aData) { $aPrice = []; if ($aData['itm_vatid'] != 'reduced') { $aData['itm_vatid'] = 'full'; } if (is_numeric($aData['itm_price']) && (double) $aData['itm_price'] > 0) { $aPrice["netto_list"] = $aData['itm_price']; $aPrice['brutto_list'] = $this->addVat($aPrice['netto_list'], HelperConfig::$shop['vat'][$aData['itm_vatid']]); if (isset($aData["itm_data"]["sale"]["start"]) && isset($aData["itm_data"]["sale"]["end"]) && isset($aData["itm_data"]["sale"]["price"])) { $iToday = date("Ymd"); if ($iToday >= $aData["itm_data"]["sale"]["start"] && $iToday <= $aData["itm_data"]["sale"]["end"]) { $aPrice["netto_sale"] = $aData["itm_data"]["sale"]["price"]; $aPrice['brutto_sale'] = $this->addVat($aPrice['netto_sale'], HelperConfig::$shop['vat'][$aData['itm_vatid']]); } } if ($aData['itm_rg'] != '' && isset(HelperConfig::$shop["rebate_groups"][$aData['itm_rg']][CHelper::getUserData('cust_group')])) { $aPrice["netto_rebated"] = bcmul($aData['itm_price'], bcdiv(bcsub('100', (string) HelperConfig::$shop["rebate_groups"][$aData['itm_rg']][CHelper::getUserData('cust_group')]), '100')); $aPrice['brutto_rebated'] = $this->addVat($aPrice['netto_rebated'], HelperConfig::$shop['vat'][$aData['itm_vatid']]); } } else { return false; } $aPrice["netto_use"] = $aPrice["netto_list"]; if (isset($aPrice["netto_rebated"]) && $aPrice["netto_rebated"] < $aPrice["netto_use"]) { $aPrice["netto_use"] = $aPrice["netto_rebated"]; } if (isset($aPrice["netto_sale"]) && $aPrice["netto_sale"] < $aPrice["netto_use"]) { $aPrice["netto_use"] = $aPrice["netto_sale"]; } $aPrice["brutto_use"] = $this->addVat($aPrice["netto_use"], HelperConfig::$shop['vat'][$aData['itm_vatid']]); return $aPrice; }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; if (HelperConfig::$shop["show_pricesonlytologgedin"] && !\HaaseIT\HCSF\Customer\Helper::getUserData() || !isset($_SERVER["HTTP_REFERER"])) { $this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default"); } else { $iAmount = ''; if (isset($_REQUEST["amount"])) { $iAmount = $_REQUEST["amount"]; } if (!isset($_REQUEST["itemno"]) || $_REQUEST["itemno"] == '' || !is_numeric($iAmount)) { $this->replyToCartUpdate('noitemnooramount'); } else { $iAmount = floor($iAmount); // Check if this item exists $aData = $this->serviceManager->get('oItem')->sortItems('', $_REQUEST["itemno"]); if (!isset($aData)) { $this->replyToCartUpdate('itemnotfound'); } else { // build the key for this item for the shoppingcart $sItemno = $aData["item"][$_REQUEST["itemno"]]['itm_no']; $sCartKey = $sItemno; if (isset(HelperConfig::$shop["custom_order_fields"])) { foreach (HelperConfig::$shop["custom_order_fields"] as $sValue) { if (isset($aData["item"][$sItemno]["itm_data"][$sValue])) { $aOptions = []; $TMP = explode('|', $aData["item"][$sItemno]["itm_data"][$sValue]); foreach ($TMP as $sTMPValue) { if (trim($sTMPValue) != '') { $aOptions[] = $sTMPValue; } } unset($sTMP); if (isset($_REQUEST[$sValue]) && in_array($_REQUEST[$sValue], $aOptions)) { $sCartKey .= '|' . $sValue . ':' . $_REQUEST[$sValue]; } else { $this->replyToCartUpdate('requiredfieldmissing'); } } } } // if this Items is not in cart and amount is 0, no need to do anything, return to referer if (!isset($_SESSION["cart"][$sCartKey]) && $iAmount == 0) { $this->replyToCartUpdate('noactiontaken'); } $aItem = ['amount' => $iAmount, 'price' => $this->serviceManager->get('oItem')->calcPrice($aData["item"][$sItemno]), 'rg' => $aData["item"][$sItemno]['itm_rg'], 'vat' => $aData["item"][$sItemno]['itm_vatid'], 'name' => $aData["item"][$sItemno]['itm_name'], 'img' => $aData["item"][$sItemno]['itm_img']]; if (isset($_SESSION["cart"][$sCartKey])) { // if this item is already in cart, update amount if ($iAmount == 0) { // new amount == 0 -> remove from cart unset($_SESSION["cart"][$sCartKey]); if (count($_SESSION["cart"]) == 0) { // once the last cart item is unset, we no longer need cartpricesums unset($_SESSION["cartpricesums"]); } $this->replyToCartUpdate('removed', ['cartkey' => $sCartKey]); } else { // update amount $_SESSION["cart"][$sCartKey]["amount"] = $iAmount; $this->replyToCartUpdate('updated', ['cartkey' => $sCartKey, 'amount' => $iAmount]); } } else { // if this item is not in the cart yet, add it $_SESSION["cart"][$sCartKey] = $aItem; } $this->replyToCartUpdate('added', ['cartkey' => $sCartKey, 'amount' => $iAmount]); } } die; } }
/** * @return bool */ private function doCheckout() { if (empty($_SESSION["cart"])) { return false; } /** @var \PDO $db */ $db = $this->serviceManager->get('db'); try { $db->beginTransaction(); $aDataOrder = $this->prepareDataOrder(); $sql = DBTools::buildPSInsertQuery($aDataOrder, 'orders'); $hResult = $db->prepare($sql); foreach ($aDataOrder as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $iInsertID = $db->lastInsertId(); $aDataOrderItems = []; $aImagesToSend = []; foreach ($_SESSION["cart"] as $sK => $aV) { $aImagesToSend[$aV["img"]] = $this->getItemImage($aV); $aDataOrderItems[] = ['oi_o_id' => $iInsertID, 'oi_cartkey' => $sK, 'oi_amount' => $aV["amount"], 'oi_price_netto_list' => $aV["price"]["netto_list"], 'oi_price_netto_use' => $aV["price"]["netto_use"], 'oi_price_brutto_use' => $aV["price"]["brutto_use"], 'oi_price_netto_sale' => isset($aV["price"]["netto_sale"]) ? $aV["price"]["netto_sale"] : '', 'oi_price_netto_rebated' => isset($aV["price"]["netto_rebated"]) ? $aV["price"]["netto_rebated"] : '', 'oi_vat' => HelperConfig::$shop["vat"][$aV["vat"]], 'oi_rg' => $aV["rg"], 'oi_rg_rebate' => isset(HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))]) ? HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))] : '', 'oi_itemname' => $aV["name"], 'oi_img' => $aImagesToSend[$aV["img"]]['base64img']]; } foreach ($aDataOrderItems as $aV) { $sql = DBTools::buildPSInsertQuery($aV, 'orders_items'); $hResult = $db->prepare($sql); foreach ($aV as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); } $db->commit(); } catch (\Exception $e) { // If something raised an exception in our transaction block of statements, // roll back any work performed in the transaction print '<p>Unable to complete transaction!</p>'; print $e; $db->rollBack(); } $sMailbody_us = $this->buildOrderMailBody(false, $iInsertID); $sMailbody_they = $this->buildOrderMailBody(true, $iInsertID); // write to file $this->writeCheckoutToFile($sMailbody_us); // Send Mails $this->sendCheckoutMails($iInsertID, $sMailbody_us, $sMailbody_they, $aImagesToSend); if (isset($_SESSION["cart"])) { unset($_SESSION["cart"]); } if (isset($_SESSION["cartpricesums"])) { unset($_SESSION["cartpricesums"]); } if (isset($_SESSION["sondercart"])) { unset($_SESSION["sondercart"]); } if (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'paypal' && array_search('paypal', HelperConfig::$shop["paymentmethods"]) !== false && isset(HelperConfig::$shop["paypal_interactive"]) && HelperConfig::$shop["paypal_interactive"]) { header('Location: /_misc/paypal.html?id=' . $iInsertID); } elseif (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'sofortueberweisung' && array_search('sofortueberweisung', HelperConfig::$shop["paymentmethods"]) !== false) { header('Location: /_misc/sofortueberweisung.html?id=' . $iInsertID); } else { header('Location: /_misc/checkedout.html?id=' . $iInsertID); } die; }