/**
  * Log the current customer out of the store.
  *
  * @param boolean Set to true to do a silent logout (not redirect the customer, etc). Defaults to false.
  */
 public function Logout($silent = false)
 {
     ISC_UnsetCookie("SHOP_TOKEN");
     unset($_COOKIE['SHOP_TOKEN']);
     //alandy modify.
     unset($_SESSION['Haslogin']);
     // If performing a silent logout, just stop here and return
     if ($silent == true) {
         return true;
     }
     $GLOBALS['LoginOrLogoutLink'] = "login.php";
     if (strtolower(GetConfig('CustomerFunctionality')) == 'login') {
         $GLOBALS['LoginOrLogoutText'] = sprintf(GetLang('SignIn'), $GLOBALS['ShopPath']);
     } else {
         $GLOBALS['LoginOrLogoutText'] = sprintf(GetLang('SignInOrCreateAccount'), $GLOBALS['ShopPath'], $GLOBALS['ShopPath']);
     }
     $this->ShowLoginPage("LoggedOutSuccessfully");
 }
    public function LogOut()
    {
        // Kill the session auth variable and redirect the user
        // to the login page
        ISC_UnsetCookie("STORESUITE_CP_TOKEN");
        ISC_UnsetCookie("RememberToken");
        ?>
				<script type="text/javascript">
					document.location.href='index.php?ToDo=';
				</script>
			<?php 
        die;
    }
Exemple #3
0
	public function _SessionDestroy($token)
	{
		$result = $GLOBALS['ISC_CLASS_DB']->deleteQuery('sessions', "WHERE sessionhash='".$GLOBALS['ISC_CLASS_DB']->quote($token)."'");
		ISC_UnsetCookie("SHOP_SESSION_TOKEN");
		$this->_OnSessionEnd($token);
		return $result;
	}
Exemple #4
0
		/**
		 * _CheckPermissions
		 * Create the database and perform other install-orientated tasks
		 *
		 * @param none
		 *
		 * @return void
		 */
		private function RunInstall()
		{
			
				$lk = '';
				if(isset($_POST['LK'])) {
					$lk = ech0($_POST['LK']);
				}

				if(!$lk) {
					$installMessage = GetLang('LKBad');
					$installCode = "badLicenseKey";
				}

			if(!isset($_POST['StoreCountryLocationId']) || !isId($_POST['StoreCountryLocationId'])) {
				$_POST['StoreCountryLocationId'] = 227; // United States
			}

			if(!isset($_POST['StoreCurrencyCode']) || $_POST['StoreCurrencyCode'] == '') {
				$_POST['StoreCurrencyCode'] = 'USD';
			}

			if(!isset($_POST['ShopPath']) || $_POST['ShopPath'] == '') {
				$installMessage = GetLang('InstallMissingShopPath');
				$installCode = "missingShopPath";
			}
			else if (isc_strlen($_POST['StoreCurrencyCode']) > 3) {
				$installMessage = GetLang('InstallInvalidStoreCurrencyCode');
				$installCode = "invalidStoreCurrencyCode";
			}
			else if(!isset($_POST['ShopPath']) || $_POST['ShopPath'] == '') {
				$installMessage = GetLang('InstallMissingShopPath');
				$installCode = "missingShopPath";
			}
			else if(!isset($_POST['UserEmail']) || $_POST['UserEmail'] == '') {
				$installMessage = GetLang('InstallMissingUserEmail');
				$installCode = "missingUserEmail";
			}
			else if(!isset($_POST['UserPass']) || $_POST['UserPass'] == '') {
				$installMessage = GetLang('InstallMissingUserPass');
				$installCode = "missingUserPass";
			}
			else if(!isset($_POST['dbServer']) || $_POST['dbServer'] == '') {
				$installMessage = GetLang('InstallMissingDbServer');
				$installCode = "missingDbServer";
			}
			else if(!isset($_POST['dbUser']) || $_POST['dbUser'] == '') {
				$installMessage = GetLang('InstallMissingDbUser');
				$installCode = "missingDbUser";
			}
			else if(!isset($_POST['dbPass'])) {
				$installMessage = GetLang('InstallMissingDbPass');
				$installCode = "missingDbPass";
			}
			else if(!isset($_POST['dbDatabase']) || $_POST['dbDatabase'] == '') {
				$installMessage = GetLang('InstallMissingDbDatabase');
				$installCode = "missingDbDatabase";
			}

			if(!isset($_POST['tablePrefix'])) {
				$_POST['tablePrefix'] = '';
			}

			// One or more error messages were detected
			if(isset($installMessage)) {
				$errors = array(
					0 => array(
						"code" => $installCode,
						"message" => $installMessage
					)
				);
				$this->ShowInstallErrors($installMessage, $errors, false, true);
				return;
			}

			// Try to connect to the database
			$db_type = GetConfig("dbType") . 'Db';
			$db = new $db_type();

			if(isset($GLOBALS['ISC_CFG']["dbEncoding"])) {
				$db->charset = $GLOBALS['ISC_CFG']["dbEncoding"];
			}

			$connection = $db->Connect($_POST['dbServer'], $_POST['dbUser'], $_POST['dbPass'], $_POST['dbDatabase']);
			$db->TablePrefix = $_POST['tablePrefix'];

			if($connection) {
				$GLOBALS["ISC_CLASS_DB"] = &$db;

				// Are we running the required version of MySQL?
				$ver = $GLOBALS["ISC_CLASS_DB"]->FetchOne("select version() as ver");

				$mysql_check = version_compare($ver, MYSQL_VERSION_REQUIRED);

				if($mysql_check < 0) {
					$message = sprintf(GetLang("MySQLV4Message"), MYSQL_VERSION_REQUIRED, $ver);
					$errors = array(
						0 => array(
							"code" => "mysqlVersion",
							"extra" => $ver,
							"message" => $message
						)
					);
					$this->ShowInstallErrors($message, $errors, false, true);
					return;
				}
				else {
					// Run the database commands
					$queries = $this->template->render('install.schema.tpl');
					$queries = str_replace("\r", "\n", str_replace("\r\n", "\n", $queries));
					$queries = explode(";\n", $queries);
					$GLOBALS["ISC_CLASS_DB"]->Query("start transaction");

					// Initialize the admin auth class to get the list of permissions
					$auth = new ISC_ADMIN_AUTH();

					require_once(dirname(__FILE__) . "/class.user.php");
					$userManager = GetClass('ISC_ADMIN_USER');
					$pass = $_POST['UserPass'];
					$token = $userManager->_GenerateUserToken();

					foreach($queries as $query) {
						$query = str_replace("%%PREFIX%%", $_POST['tablePrefix'], $query);
						$query = str_replace("%%EMAIL%%", $GLOBALS["ISC_CLASS_DB"]->Quote($_POST['UserEmail']), $query);
						$query = str_replace("%%TOKEN%%", $GLOBALS["ISC_CLASS_DB"]->Quote($token), $query);

						if(trim($query) != "") {
							$GLOBALS["ISC_CLASS_DB"]->Query($query);
						}
					}

					// update admin user password
					$user_id = $userManager->getUserByField('username', 'admin');
					$userManager->updatePassword($user_id, $pass);

					// Give the admin user permissions
					$constants = get_defined_constants();

					foreach($constants as $constant => $val) {
						if(is_numeric(strpos($constant, "AUTH_")) && strpos($constant, "AUTH_") == 0) {
							$newPermission = array(
								"permuserid" => $user_id,
								"permpermissionid" => $val
							);
							$GLOBALS['ISC_CLASS_DB']->InsertQuery("permissions", $newPermission);
						}
					}

					// Set the version
					$db_version = array(
						'database_version' => PRODUCT_VERSION_CODE
					);
					$GLOBALS['ISC_CLASS_DB']->InsertQuery('config', $db_version);

					// Install our default currency. We need to do it here as it also needs to be in the config file
					$GLOBALS['ISC_CLASS_DB']->Query("DELETE FROM [|PREFIX|]currencies");
					$GLOBALS['ISC_CLASS_DB']->Query("ALTER TABLE [|PREFIX|]currencies AUTO_INCREMENT=1");
					$currency = array(
						'currencycountryid'			=> $_POST['StoreCountryLocationId'],
						'currencycode'				=> isc_strtoupper($_POST['StoreCurrencyCode']),
						'currencyname'				=> GetLang('InstallDefaultCurrencyName'),
						'currencyexchangerate'		=> GetConfig('DefaultCurrencyRate'),
						'currencystring'			=> html_entity_decode(GetLang('InstallDefaultCurrencyString')),
						'currencystringposition'	=> isc_strtolower(GetLang('InstallDefaultCurrencyStringPosition')),
						'currencydecimalstring'		=> GetLang('InstallDefaultCurrencyDecimalString'),
						'currencythousandstring'	=> GetLang('InstallDefaultCurrencyThousandString'),
						'currencydecimalplace'		=> GetLang('InstallDefaultCurrencyDecimalPlace'),
						'currencylastupdated'		=> time(),
						'currencyisdefault'			=> 1,
						'currencystatus'			=> 1
					);
					$defaultCurrencyId = $GLOBALS['ISC_CLASS_DB']->InsertQuery('currencies', $currency);

					// Insert the default/master shipping zone
					$GLOBALS['ISC_CLASS_DB']->Query("DELETE FROM [|PREFIX|]shipping_zones");
					$GLOBALS['ISC_CLASS_DB']->Query("ALTER TABLE [|PREFIX|]shipping_zones AUTO_INCREMENT=1");
					$masterZone = array(
						'zonename' => 'Default Zone',
						'zonetype' => 'country',
						'zonefreeshipping' => 0,
						'zonefreeshippingtotal' => 0,
						'zonehandlingtype' => 'none',
						'zonehandlingfee' => 0,
						'zonehandlingseparate' => 1,
						'zoneenabled' => 1,
						'zonedefault' => 1
					);
					$GLOBALS['ISC_CLASS_DB']->InsertQuery('shipping_zones', $masterZone);

					// Is there a custom SQL file to include?
					$customPath = ISC_BASE_PATH.'/custom';
					if(file_exists($customPath.'/install.schema.tpl')) {
						$template = Interspire_Template::getInstance('custominstall', $customPath, array(
							'cache' => getAdminTwigTemplateCacheDirectory(),
							'auto_reload' => true
						));
						$queries = $template->render('install.schema.tpl');
						$queries = str_replace("\r", "\n", str_replace("\r\n", "\n", $queries));
						$queries = explode(";\n", $queries);
						$GLOBALS['ISC_CLASS_DB']->StartTransaction();
						foreach($queries as $query) {
							$query = str_replace("%%PREFIX%%", $_POST['tablePrefix'], $query);
							if(trim($query)) {
								$GLOBALS['ISC_CLASS_DB']->Query($query);
							}
						}
						$GLOBALS['ISC_CLASS_DB']->CommitTransaction();
					}

					// Was there an error?
					if($GLOBALS["ISC_CLASS_DB"]->Error() == "") {
						$GLOBALS["ISC_CLASS_DB"]->Query("commit");

						// Save the config file
						foreach($_POST as $k => $v) {
							$GLOBALS['ISC_NEW_CFG'][$k] = $v;
						}

						// Set the email address for this user as the store admin/order email address
						$GLOBALS['ISC_NEW_CFG']['AdminEmail'] = $_POST['UserEmail'];
						$GLOBALS['ISC_NEW_CFG']['OrderEmail'] = $_POST['UserEmail'];

						$GLOBALS['ISC_NEW_CFG']['serverStamp'] = $_POST['LK'];
						$GLOBALS['ISC_CFG']['serverStamp'] = $_POST['LK'];

						$settings = GetClass('ISC_ADMIN_SETTINGS');

						$GLOBALS['ISC_NEW_CFG']['HostingProvider'] = "";


						// Can we send server details back to Interspire?
						// If we can, the HostingProvider global will also be set
						if(isset($_POST['sendServerDetails'])) {
							$this->SendServerDetails();
							if(isset($GLOBALS['InfoImage'])) {
								$GLOBALS['HiddenImage'] = $GLOBALS['InfoImage'];
							}
						}


						$GLOBALS['ISC_NEW_CFG']['ShopPath'] = $_POST['ShopPath'];
						$GLOBALS['ISC_NEW_CFG']['DefaultCurrencyID'] = $defaultCurrencyId;

						if (isset($GLOBALS['ISC_NEW_CFG']['StoreCountryLocationId'])) {
							unset($GLOBALS['ISC_NEW_CFG']['StoreCountryLocationId']);
						}
						if (isset($GLOBALS['ISC_NEW_CFG']['StoreCurrencyCode'])) {
							unset($GLOBALS['ISC_NEW_CFG']['StoreCurrencyCode']);
						}

						// set up the product images sizes
						// load the product image class to get the constants
						GetClass('ISC_PRODUCT_IMAGE');
						$GLOBALS['ISC_NEW_CFG']['ProductImagesStorewideThumbnail_width'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_THUMBNAIL;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesStorewideThumbnail_height'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_THUMBNAIL;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesProductPageImage_width'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_STANDARD;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesProductPageImage_height'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_STANDARD;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesGalleryThumbnail_width'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_TINY;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesGalleryThumbnail_height'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_TINY;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesZoomImage_width'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_ZOOM;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesZoomImage_height'] = ISC_PRODUCT_DEFAULT_IMAGE_SIZE_ZOOM;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesTinyThumbnailsEnabled'] = 1;
						$GLOBALS['ISC_NEW_CFG']['ProductImagesImageZoomEnabled'] = 1;

						// Build the unique encryption token
						$GLOBALS['ISC_NEW_CFG']['EncryptionToken'] = $this->_BuildEncryptionToken();

						// Set the install date
						$GLOBALS['ISC_NEW_CFG']['InstallDate'] = time();

						if ($settings->CommitSettings()) {
							// Calling commit settings a second time to ensure the config.backup.php file
							// Is written with valid data
							$settings->CommitSettings();

							// The installation is complete
							$GLOBALS['Password'] = $pass;

							// Do we need to install the sample product data? Copy that across
							if(isset($_POST['installSampleData']) && $_POST['installSampleData'] == 1) {
								$this->InstallSampleData();
							}

							// The install schemas can't predict the nested set values if custom install scripts arbitrarily add categories or pages
							// Rebuilt any nested sets instead of including their values in the install schema
							$nestedSet = new ISC_NESTEDSET_CATEGORIES();
							$nestedSet->rebuildTree();

							$nestedSet = new ISC_NESTEDSET_PAGES();
							$nestedSet->rebuildTree();

							// Remove any existing cookies
							ISC_UnsetCookie("STORESUITE_CP_TOKEN");

							//Initialize the data store system
							require_once ISC_BASE_PATH."/lib/class.datastore.php";
							$GLOBALS['ISC_CLASS_DATA_STORE'] = new ISC_DATA_STORE();

							// Clear the data store just in case it contains something
							$GLOBALS['ISC_CLASS_DATA_STORE']->Clear();

							$GLOBALS['ISC_LANG']['InstallationCompleted'] = sprintf(GetLang('InstallationCompleted'), $pass);

							unset($_SESSION['LK'.md5(strtolower($_POST['ShopPath']))]);

							// The installation was complete!
							if($this->apiMode == 'cli') {
								fwrite(STDOUT, "Success:\n");
								fwrite(STDOUT, "\n");
								fwrite(STDOUT, "ShopPath: ".$_POST['ShopPath']."\n");
								fwrite(STDOUT, "ControlPanel: ".$_POST['ShopPath']."admin/index.php\n");
								fwrite(STDOUT, "Username: admin\n");
								fwrite(STDOUT, "Password: "******"1.0" encoding="'.GetConfig("CharacterSet").'" ?'.">\n";
								echo "<response>\n";
								echo "  <status>OK</status>\n";
								echo "  <shop>\n";
								echo "      <shopPath>".$_POST['ShopPath']."</shopPath>\n";
								echo "      <controlPanel>".$_POST['ShopPath']."admin/index.php</controlPanel>\n";
								echo "  </shop>\n";
								echo "  <user>\n";
								echo "      <username>admin</username>\n";
								echo "      <password>".$_POST['UserPass']."</password>\n";
								echo "  </user>\n";
								echo "</response>\n";
								exit;
							}
							else {
								$this->template->display('install.done.tpl');
							}
						}
						else {
							$message = GetLang("ConfigErr");
							$errors = array(
								0 => array(
									"code" => "unableSaveConfig",
									"message" => $message
								)
							);
							$this->ShowInstallErrors($message, $errors, false, true);
							return;
						}
					}
					else {
						list($error, $level) = $db->GetError();
						$GLOBALS["ISC_CLASS_DB"]->Query("rollback");
						$message = sprintf(GetLang("DBErr"), $error);
						$errors = array(
							0 => array(
								"code" => "dbError",
								"message" => $GLOBALS["ISC_CLASS_DB"]->Error()
							)
						);
						$this->ShowInstallErrors($message, $errors, false, true);
						return;
					}
				}
			}
			else {
				list($error, $level) = $db->GetError();
				$message = sprintf(GetLang("DBErr"), $error);
				$errors = array(
					0 => array(
						"code" => "dbConnectError",
						"message" => $error
					)
				);
				$this->ShowInstallErrors($message, $errors, false, true);
				return;
			}
		}
 public function _SessionDestroy($token)
 {
     if ($token == $this->_token) {
         $query = sprintf("DELETE FROM [|PREFIX|]sessions WHERE sessionid='%d'", $this->_id);
     } else {
         $token = $GLOBALS['ISC_CLASS_DB']->Quote($token);
         $query = sprintf("DELETE FROM [|PREFIX|}session WHERE sessionhash='%s'", $token);
     }
     ISC_UnsetCookie("SHOP_SESSION_TOKEN");
     return $GLOBALS['ISC_CLASS_DB']->Query($query);
 }
 public function EmptyCartAndKillCheckout()
 {
     // Unset all of the unset the cart the user previously had
     unset($_SESSION['OFFERCART']);
     $GLOBALS['ISC_CLASS_MAKEAOFFER'] = GetClass('ISC_MAKEAOFFER');
     $GLOBALS['ISC_CLASS_MAKEAOFFER']->SetNumItemsInCart();
     ISC_UnsetCookie("SHOP_ORDER_TOKEN");
     // Unset our checkout session
     unset($_SESSION['CHECKOUT']);
     unset($_SESSION['OFFERCART']);
 }
Exemple #7
0
		public function LogOut()
		{
			// Kill the session auth variable and redirect the user
			// to the login page

			ISC_UnsetCookie('STORESUITE_CP_TOKEN');
			ISC_UnsetCookie('RememberToken');
			if (isset($_GET['type']) && $_GET['type'] == 'idle') {
				// set the auto logout due to idle msg
				$idleTime = (int) GetConfig('PCILoginIdleTimeMin');
				if ($idleTime == 1) {
					$idleTime = $idleTime.' minute';
				} else if ($idleTime != 0) {
					$idleTime = $idleTime.' minutes';
				}

				FlashMessage(GetLang('IdleLogout', array('idleTime' => $idleTime)), MSG_ERROR);
			}

			?>
				<script type="text/javascript">
					document.location.href='index.php?ToDo=';
				</script>
			<?php
			die();
		}