/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$sql = 'SELECT cust_email, cust_id FROM customer ' . 'WHERE cust_emailverificationcode = :key AND cust_emailverified = \'n\'';
/** @var \PDOStatement $hResult */
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':key', $_GET["key"], \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$aRow = $hResult->fetch();
$aData = ['cust_emailverified' => 'y', 'cust_id' => $aRow['cust_id']];
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
/** @var \PDOStatement $hResult */
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationsuccess");
} else {
$this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationfail");
}
}
}
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default");
} else {
$this->P->cb_customcontenttemplate = 'customer/register';
$aErr = [];
if (isset($_POST["doRegister"]) && $_POST["doRegister"] == 'yes') {
$aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr);
if (count($aErr) == 0) {
$sql = 'SELECT cust_email FROM customer WHERE cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 0) {
$sEmailVerificationcode = md5($_POST["email"] . time());
$aData = ['cust_email' => $sEmail, 'cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_password' => password_hash($_POST["pwd"], PASSWORD_DEFAULT), 'cust_tosaccepted' => isset($_POST["tos"]) && $_POST["tos"] == 'y' ? 'y' : 'n', 'cust_cancellationdisclaimeraccepted' => isset($_POST["cancellationdisclaimer"]) && $_POST["cancellationdisclaimer"] == 'y' ? 'y' : 'n', 'cust_emailverified' => 'n', 'cust_emailverificationcode' => $sEmailVerificationcode, 'cust_active' => HelperConfig::$customer["register_require_manual_activation"] ? 'n' : 'y', 'cust_registrationtimestamp' => time()];
$sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'customer');
$hResult = $this->serviceManager->get('db')->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue, \PDO::PARAM_STR);
}
$hResult->execute();
CHelper::sendVerificationMail($sEmailVerificationcode, $sEmail, $this->serviceManager, true);
$aPData["showsuccessmessage"] = true;
} else {
$aErr["emailalreadytaken"] = true;
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register');
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["register"] = $aPData;
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$this->P->cb_customcontenttemplate = 'customer/forgotpassword';
$aErr = [];
if (isset($_POST["doSend"]) && $_POST["doSend"] == 'yes') {
$aErr = $this->handleForgotPassword($aErr);
if (count($aErr) == 0) {
$this->P->cb_customdata["forgotpw"]["showsuccessmessage"] = true;
} else {
$this->P->cb_customdata["forgotpw"]["errors"] = $aErr;
}
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (HelperConfig::$shop["show_pricesonlytologgedin"] && !\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_notloggedin");
} else {
$this->P->cb_customcontenttemplate = 'shop/checkedout';
$iId = \filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
$sql = 'SELECT * FROM orders WHERE o_id = :id AND o_paymentcompleted = \'n\'';
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':id', $iId, \PDO::PARAM_INT);
$hResult->execute();
if ($hResult->rowCount() == 1) {
$this->P->cb_customdata["order"] = $hResult->fetch();
$this->P->cb_customdata["gesamtbrutto"] = \HaaseIT\HCSF\Shop\Helper::calculateTotalFromDB($this->P->cb_customdata["order"]);
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
if (!isset($_GET["key"]) || !isset($_GET["email"]) || trim($_GET["key"]) == '' || trim($_GET["email"]) == '' || !\filter_var($_GET["email"], FILTER_VALIDATE_EMAIL)) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$sql = 'SELECT * FROM customer WHERE cust_email = :email AND cust_pwresetcode = :pwresetcode AND cust_pwresetcode != \'\'';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->bindValue(':pwresetcode', filter_var(trim(Tools::getFormfield("key")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), \PDO::PARAM_STR);
$hResult->execute();
if ($hResult->rowCount() != 1) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$aErr = [];
$aResult = $hResult->fetch();
$iTimestamp = time();
if ($aResult['cust_pwresettimestamp'] < $iTimestamp - DAY) {
$this->P->oPayload->cl_html = $this->textcats->T("pwreset_error_expired");
} else {
$this->P->cb_customcontenttemplate = 'customer/resetpassword';
$this->P->cb_customdata["pwreset"]["minpwlength"] = HelperConfig::$customer["minimum_length_password"];
if (isset($_POST["doSend"]) && $_POST["doSend"] == 'yes') {
$aErr = $this->handlePasswordReset($aErr, $aResult['cust_id']);
if (count($aErr) == 0) {
$this->P->cb_customdata["pwreset"]["showsuccessmessage"] = true;
} else {
$this->P->cb_customdata["pwreset"]["errors"] = $aErr;
}
}
}
}
}
}
}
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default");
} else {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ', cust_emailverificationcode FROM customer';
$sql .= ' WHERE cust_email = :email AND cust_emailverified = \'n\'';
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':email', trim($_GET["email"]), \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$aRow = $hResult->fetch();
$sEmailVerificationcode = $aRow['cust_emailverificationcode'];
CHelper::sendVerificationMail($sEmailVerificationcode, $aRow['cust_email'], $this->serviceManager, true);
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("register_verificationmailresent");
}
}
}
public static function getShoppingcartData()
{
$aCartinfo = ['numberofitems' => 0, 'cartsums' => [], 'cartsumnetto' => 0, 'cartsumbrutto' => 0];
if ((!HelperConfig::$shop["show_pricesonlytologgedin"] || CHelper::getUserData()) && isset($_SESSION["cart"]) && count($_SESSION["cart"])) {
$aCartsums = \HaaseIT\HCSF\Shop\Helper::calculateCartItems($_SESSION["cart"]);
$aCartinfo = ['numberofitems' => count($_SESSION["cart"]), 'cartsums' => $aCartsums, 'cartsumnetto' => $aCartsums["sumvoll"] + $aCartsums["sumerm"], 'cartsumbrutto' => $aCartsums["sumvoll"] + $aCartsums["sumerm"] + $aCartsums["taxerm"] + $aCartsums["taxvoll"]];
unset($aCartsums);
foreach ($_SESSION["cart"] as $sKey => $aValue) {
$aCartinfo["cartitems"][$sKey] = ['cartkey' => $sKey, 'name' => $aValue["name"], 'amount' => $aValue["amount"], 'img' => $aValue["img"], 'price' => $aValue["price"]];
}
}
return $aCartinfo;
}
private function showMyOrders($COList)
{
$return = '';
$sql = 'SELECT * FROM orders WHERE o_custno = :custno ORDER BY o_ordertimestamp DESC';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':custno', CHelper::getUserData('cust_no'));
$hResult->execute();
if ($hResult->rowCount() >= 1) {
$aData = [];
while ($aRow = $hResult->fetch()) {
$sStatus = SHelper::showOrderStatusText($this->textcats, $aRow["o_ordercompleted"]);
if ($aRow["o_paymentmethod"] == 'prepay') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_prepay");
} elseif ($aRow["o_paymentmethod"] == 'paypal') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_paypal");
} elseif ($aRow["o_paymentmethod"] == 'debit') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_debit");
} elseif ($aRow["o_paymentmethod"] == 'invoice') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_invoice");
} else {
$sPaymentmethod = ucwords($aRow["o_paymentmethod"]);
}
if ($aRow["o_paymentcompleted"] == 'y') {
$sPaymentstatus = ucwords($this->textcats->T("misc_yes"));
} else {
$sPaymentstatus = ucwords($this->textcats->T("misc_no"));
}
$aData[] = ['o_id' => $aRow["o_id"], 'o_order_status' => $sStatus, 'o_ordertime' => date(HelperConfig::$customer['locale_format_date_time'], $aRow["o_ordertimestamp"]), 'o_paymentmethod' => $sPaymentmethod, 'o_paymentcompleted' => $sPaymentstatus, 'o_shipping_service' => $aRow["o_shipping_service"], 'o_shipping_trackingno' => $aRow["o_shipping_trackingno"]];
}
$return .= \HaaseIT\Tools::makeListtable($COList, $aData, $this->serviceManager->get('twig'));
} else {
$return .= $this->textcats->T("myorders_no_orders_to_display");
}
return $return;
}
public static function generatePage(ServiceManager $serviceManager, $P)
{
$requesturi = $serviceManager->get('request')->getRequestTarget();
$aP = ['language' => HelperConfig::$lang, 'pageconfig' => $P->cb_pageconfig, 'pagetype' => $P->cb_pagetype, 'subnavkey' => $P->cb_subnav, 'requesturi' => $requesturi, 'requesturiarray' => parse_url($requesturi), 'locale_format_date' => HelperConfig::$core['locale_format_date'], 'locale_format_date_time' => HelperConfig::$core['locale_format_date_time'], 'maintenancemode' => HelperConfig::$core['maintenancemode'], 'numberformat_decimals' => HelperConfig::$core['numberformat_decimals'], 'numberformat_decimal_point' => HelperConfig::$core['numberformat_decimal_point'], 'numberformat_thousands_seperator' => HelperConfig::$core['numberformat_thousands_seperator']];
if (HelperConfig::$core["enable_module_customer"]) {
$aP["isloggedin"] = \HaaseIT\HCSF\Customer\Helper::getUserData();
$aP["enable_module_customer"] = true;
}
if (HelperConfig::$core["enable_module_shop"]) {
$aP["currency"] = HelperConfig::$shop["waehrungssymbol"];
$aP["orderamounts"] = HelperConfig::$shop["orderamounts"];
if (isset(HelperConfig::$shop["vat"]["full"])) {
$aP["vatfull"] = HelperConfig::$shop["vat"]["full"];
}
if (isset(HelperConfig::$shop["vat"]["reduced"])) {
$aP["vatreduced"] = HelperConfig::$shop["vat"]["reduced"];
}
if (isset(HelperConfig::$shop["custom_order_fields"])) {
$aP["custom_order_fields"] = HelperConfig::$shop["custom_order_fields"];
}
$aP["enable_module_shop"] = true;
}
if (isset($P->cb_key)) {
$aP["path"] = pathinfo($P->cb_key);
} else {
$aP["path"] = pathinfo($aP["requesturi"]);
}
if ($P->cb_customcontenttemplate != NULL) {
$aP["customcontenttemplate"] = $P->cb_customcontenttemplate;
}
if ($P->cb_customdata != NULL) {
$aP["customdata"] = $P->cb_customdata;
}
if (isset($_SERVER["HTTP_REFERER"])) {
$aP["referer"] = $_SERVER["HTTP_REFERER"];
}
// if there is no subnav defined but there is a default subnav defined, use it
// subnavkey can be used in the templates to find out, where we are
if ((!isset($aP["subnavkey"]) || $aP["subnavkey"] == '') && HelperConfig::$core["subnav_default"] != '') {
$aP["subnavkey"] = HelperConfig::$core["subnav_default"];
$P->cb_subnav = HelperConfig::$core["subnav_default"];
}
if ($P->cb_subnav != NULL && isset(HelperConfig::$navigation[$P->cb_subnav])) {
$aP["subnav"] = HelperConfig::$navigation[$P->cb_subnav];
}
// Get page title, meta-keywords, meta-description
$aP["pagetitle"] = $P->oPayload->getTitle();
$aP["keywords"] = $P->oPayload->cl_keywords;
$aP["description"] = $P->oPayload->cl_description;
// TODO: Add head scripts to DB
//if (isset($P["head_scripts"]) && $P["head_scripts"] != '') $aP["head_scripts"] = $P["head_scripts"];
// Shopping cart infos
if (HelperConfig::$core["enable_module_shop"]) {
$aP["cartinfo"] = SHelper::getShoppingcartData();
}
$aP["countrylist"][] = ' | ';
foreach (HelperConfig::$countries["countries_" . HelperConfig::$lang] as $sKey => $sValue) {
$aP["countrylist"][] = $sKey . '|' . $sValue;
}
if (HelperConfig::$core["enable_module_shop"] && ($aP["pagetype"] == 'itemoverview' || $aP["pagetype"] == 'itemoverviewgrpd' || $aP["pagetype"] == 'itemdetail')) {
$aP = SHelper::handleItemPage($serviceManager, $P, $aP);
}
$aP["content"] = $P->oPayload->cl_html;
$aP["content"] = str_replace("@", "@", $aP["content"]);
// Change @ to HTML Entity -> maybe less spam mails
$aP['lang_available'] = HelperConfig::$core['lang_available'];
$aP['lang_detection_method'] = HelperConfig::$core['lang_detection_method'];
$aP['lang_by_domain'] = HelperConfig::$core['lang_by_domain'];
if (HelperConfig::$core['debug']) {
self::getDebug($aP, $P);
$aP["debugdata"] = Tools::$sDebug;
}
return $aP;
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (!CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin");
} else {
$this->P->cb_customcontenttemplate = 'customer/customerhome';
$aPData["display_logingreeting"] = false;
if (isset($_GET["login"]) && $_GET["login"]) {
$aPData["display_logingreeting"] = true;
}
if (isset($_GET["editprofile"])) {
$sErr = '';
if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $_SESSION["user"]['cust_id'], \PDO::PARAM_INT);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$sErr .= $this->textcats->T("userprofile_emailalreadyinuse") . '<br>';
}
$sErr = CHelper::validateCustomerForm(HelperConfig::$lang, $sErr, true);
if ($sErr == '') {
if (HelperConfig::$customer["allow_edituserprofile"]) {
$aData = ['cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)];
}
if (isset($_POST["pwd"]) && $_POST["pwd"] != '') {
$aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT);
$aPData["infopasswordchanged"] = true;
}
$aData['cust_id'] = $_SESSION["user"]['cust_id'];
if (count($aData) > 1) {
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$aPData["infochangessaved"] = true;
} else {
$aPData["infonothingchanged"] = true;
}
}
}
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'editprofile', $sErr);
//if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'userhome');
}
$aPData["showprofilelinks"] = false;
if (!isset($_GET["editprofile"])) {
$aPData["showprofilelinks"] = true;
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["userhome"] = $aPData;
}
}
}
public function calcPrice($aData)
{
$aPrice = [];
if ($aData['itm_vatid'] != 'reduced') {
$aData['itm_vatid'] = 'full';
}
if (is_numeric($aData['itm_price']) && (double) $aData['itm_price'] > 0) {
$aPrice["netto_list"] = $aData['itm_price'];
$aPrice['brutto_list'] = $this->addVat($aPrice['netto_list'], HelperConfig::$shop['vat'][$aData['itm_vatid']]);
if (isset($aData["itm_data"]["sale"]["start"]) && isset($aData["itm_data"]["sale"]["end"]) && isset($aData["itm_data"]["sale"]["price"])) {
$iToday = date("Ymd");
if ($iToday >= $aData["itm_data"]["sale"]["start"] && $iToday <= $aData["itm_data"]["sale"]["end"]) {
$aPrice["netto_sale"] = $aData["itm_data"]["sale"]["price"];
$aPrice['brutto_sale'] = $this->addVat($aPrice['netto_sale'], HelperConfig::$shop['vat'][$aData['itm_vatid']]);
}
}
if ($aData['itm_rg'] != '' && isset(HelperConfig::$shop["rebate_groups"][$aData['itm_rg']][CHelper::getUserData('cust_group')])) {
$aPrice["netto_rebated"] = bcmul($aData['itm_price'], bcdiv(bcsub('100', (string) HelperConfig::$shop["rebate_groups"][$aData['itm_rg']][CHelper::getUserData('cust_group')]), '100'));
$aPrice['brutto_rebated'] = $this->addVat($aPrice['netto_rebated'], HelperConfig::$shop['vat'][$aData['itm_vatid']]);
}
} else {
return false;
}
$aPrice["netto_use"] = $aPrice["netto_list"];
if (isset($aPrice["netto_rebated"]) && $aPrice["netto_rebated"] < $aPrice["netto_use"]) {
$aPrice["netto_use"] = $aPrice["netto_rebated"];
}
if (isset($aPrice["netto_sale"]) && $aPrice["netto_sale"] < $aPrice["netto_use"]) {
$aPrice["netto_use"] = $aPrice["netto_sale"];
}
$aPrice["brutto_use"] = $this->addVat($aPrice["netto_use"], HelperConfig::$shop['vat'][$aData['itm_vatid']]);
return $aPrice;
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (HelperConfig::$shop["show_pricesonlytologgedin"] && !\HaaseIT\HCSF\Customer\Helper::getUserData() || !isset($_SERVER["HTTP_REFERER"])) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default");
} else {
$iAmount = '';
if (isset($_REQUEST["amount"])) {
$iAmount = $_REQUEST["amount"];
}
if (!isset($_REQUEST["itemno"]) || $_REQUEST["itemno"] == '' || !is_numeric($iAmount)) {
$this->replyToCartUpdate('noitemnooramount');
} else {
$iAmount = floor($iAmount);
// Check if this item exists
$aData = $this->serviceManager->get('oItem')->sortItems('', $_REQUEST["itemno"]);
if (!isset($aData)) {
$this->replyToCartUpdate('itemnotfound');
} else {
// build the key for this item for the shoppingcart
$sItemno = $aData["item"][$_REQUEST["itemno"]]['itm_no'];
$sCartKey = $sItemno;
if (isset(HelperConfig::$shop["custom_order_fields"])) {
foreach (HelperConfig::$shop["custom_order_fields"] as $sValue) {
if (isset($aData["item"][$sItemno]["itm_data"][$sValue])) {
$aOptions = [];
$TMP = explode('|', $aData["item"][$sItemno]["itm_data"][$sValue]);
foreach ($TMP as $sTMPValue) {
if (trim($sTMPValue) != '') {
$aOptions[] = $sTMPValue;
}
}
unset($sTMP);
if (isset($_REQUEST[$sValue]) && in_array($_REQUEST[$sValue], $aOptions)) {
$sCartKey .= '|' . $sValue . ':' . $_REQUEST[$sValue];
} else {
$this->replyToCartUpdate('requiredfieldmissing');
}
}
}
}
// if this Items is not in cart and amount is 0, no need to do anything, return to referer
if (!isset($_SESSION["cart"][$sCartKey]) && $iAmount == 0) {
$this->replyToCartUpdate('noactiontaken');
}
$aItem = ['amount' => $iAmount, 'price' => $this->serviceManager->get('oItem')->calcPrice($aData["item"][$sItemno]), 'rg' => $aData["item"][$sItemno]['itm_rg'], 'vat' => $aData["item"][$sItemno]['itm_vatid'], 'name' => $aData["item"][$sItemno]['itm_name'], 'img' => $aData["item"][$sItemno]['itm_img']];
if (isset($_SESSION["cart"][$sCartKey])) {
// if this item is already in cart, update amount
if ($iAmount == 0) {
// new amount == 0 -> remove from cart
unset($_SESSION["cart"][$sCartKey]);
if (count($_SESSION["cart"]) == 0) {
// once the last cart item is unset, we no longer need cartpricesums
unset($_SESSION["cartpricesums"]);
}
$this->replyToCartUpdate('removed', ['cartkey' => $sCartKey]);
} else {
// update amount
$_SESSION["cart"][$sCartKey]["amount"] = $iAmount;
$this->replyToCartUpdate('updated', ['cartkey' => $sCartKey, 'amount' => $iAmount]);
}
} else {
// if this item is not in the cart yet, add it
$_SESSION["cart"][$sCartKey] = $aItem;
}
$this->replyToCartUpdate('added', ['cartkey' => $sCartKey, 'amount' => $iAmount]);
}
}
die;
}
}
/**
* @return bool
*/
private function doCheckout()
{
if (empty($_SESSION["cart"])) {
return false;
}
/** @var \PDO $db */
$db = $this->serviceManager->get('db');
try {
$db->beginTransaction();
$aDataOrder = $this->prepareDataOrder();
$sql = DBTools::buildPSInsertQuery($aDataOrder, 'orders');
$hResult = $db->prepare($sql);
foreach ($aDataOrder as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$iInsertID = $db->lastInsertId();
$aDataOrderItems = [];
$aImagesToSend = [];
foreach ($_SESSION["cart"] as $sK => $aV) {
$aImagesToSend[$aV["img"]] = $this->getItemImage($aV);
$aDataOrderItems[] = ['oi_o_id' => $iInsertID, 'oi_cartkey' => $sK, 'oi_amount' => $aV["amount"], 'oi_price_netto_list' => $aV["price"]["netto_list"], 'oi_price_netto_use' => $aV["price"]["netto_use"], 'oi_price_brutto_use' => $aV["price"]["brutto_use"], 'oi_price_netto_sale' => isset($aV["price"]["netto_sale"]) ? $aV["price"]["netto_sale"] : '', 'oi_price_netto_rebated' => isset($aV["price"]["netto_rebated"]) ? $aV["price"]["netto_rebated"] : '', 'oi_vat' => HelperConfig::$shop["vat"][$aV["vat"]], 'oi_rg' => $aV["rg"], 'oi_rg_rebate' => isset(HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))]) ? HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))] : '', 'oi_itemname' => $aV["name"], 'oi_img' => $aImagesToSend[$aV["img"]]['base64img']];
}
foreach ($aDataOrderItems as $aV) {
$sql = DBTools::buildPSInsertQuery($aV, 'orders_items');
$hResult = $db->prepare($sql);
foreach ($aV as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
}
$db->commit();
} catch (\Exception $e) {
// If something raised an exception in our transaction block of statements,
// roll back any work performed in the transaction
print '<p>Unable to complete transaction!</p>';
print $e;
$db->rollBack();
}
$sMailbody_us = $this->buildOrderMailBody(false, $iInsertID);
$sMailbody_they = $this->buildOrderMailBody(true, $iInsertID);
// write to file
$this->writeCheckoutToFile($sMailbody_us);
// Send Mails
$this->sendCheckoutMails($iInsertID, $sMailbody_us, $sMailbody_they, $aImagesToSend);
if (isset($_SESSION["cart"])) {
unset($_SESSION["cart"]);
}
if (isset($_SESSION["cartpricesums"])) {
unset($_SESSION["cartpricesums"]);
}
if (isset($_SESSION["sondercart"])) {
unset($_SESSION["sondercart"]);
}
if (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'paypal' && array_search('paypal', HelperConfig::$shop["paymentmethods"]) !== false && isset(HelperConfig::$shop["paypal_interactive"]) && HelperConfig::$shop["paypal_interactive"]) {
header('Location: /_misc/paypal.html?id=' . $iInsertID);
} elseif (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'sofortueberweisung' && array_search('sofortueberweisung', HelperConfig::$shop["paymentmethods"]) !== false) {
header('Location: /_misc/sofortueberweisung.html?id=' . $iInsertID);
} else {
header('Location: /_misc/checkedout.html?id=' . $iInsertID);
}
die;
}
