function display($tpl = null) { // Load the helper(s) if (!class_exists('VmHTML')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'html.php'; } // $this->assignRef('perms', Permissions::getInstance()); $model = VmModel::getModel(); $layoutName = JRequest::getWord('layout', 'default'); if ($layoutName == 'edit') { $shoppergroup = $model->getShopperGroup(); $this->SetViewTitle('SHOPPERGROUP', $shoppergroup->shopper_group_name); $vendors = ShopFunctions::renderVendorList($shoppergroup->virtuemart_vendor_id); $this->assignRef('vendorList', $vendors); $this->assignRef('shoppergroup', $shoppergroup); $this->addStandardEditViewCommands(); } else { $this->SetViewTitle(); JToolBarHelper::makeDefault(); $this->loadHelper('permissions'); $showVendors = Permissions::getInstance()->check('admin'); $this->assignRef('showVendors', $showVendors); $this->addStandardDefaultViewCommands(); $this->addStandardDefaultViewLists($model); $shoppergroups = $model->getShopperGroups(false, true); $this->assignRef('shoppergroups', $shoppergroups); $pagination = $model->getPagination(); $this->assignRef('pagination', $pagination); } parent::display($tpl); }
public function getOrderDetails() { $orderModel = VmModel::getModel('orders'); $orderDetails = 0; // If the user is not logged in, we will check the order number and order pass if ($orderPass = JRequest::getString('order_pass', false) and $orderNumber = JRequest::getString('order_number', false)) { $orderId = $orderModel->getOrderIdByOrderPass($orderNumber, $orderPass); if (empty($orderId)) { vmDebug('Invalid order_number/password ' . JText::_('COM_VIRTUEMART_RESTRICTED_ACCESS')); return 0; } $orderDetails = $orderModel->getOrder($orderId); } if ($orderDetails == 0) { $_currentUser = JFactory::getUser(); $cuid = $_currentUser->get('id'); // If the user is logged in, we will check if the order belongs to him $virtuemart_order_id = JRequest::getInt('virtuemart_order_id', 0); if (!$virtuemart_order_id) { $virtuemart_order_id = VirtueMartModelOrders::getOrderIdByOrderNumber(JRequest::getString('order_number')); } $orderDetails = $orderModel->getOrder($virtuemart_order_id); JLoader::register('Permissions', JPATH_VM_ADMINISTRATOR . '/helpers/permissions.php'); if (!Permissions::getInstance()->check("admin")) { if (!empty($orderDetails['details']['BT']->virtuemart_user_id)) { if ($orderDetails['details']['BT']->virtuemart_user_id != $cuid) { echo 'view ' . JText::_('COM_VIRTUEMART_RESTRICTED_ACCESS'); return; } } } } return $orderDetails; }
function can($task, $view, $created_by = null, $vendorId = null) { static $user_id = null; static $isAdmin = null; static $vendor = null; if ($vendor === null) { JLoader::register('Permissions', JPATH_VM_ADMINISTRATOR . '/helpers/permissions.php'); $vendor = Permissions::getInstance()->isSuperVendor(); if ($user_id = JFactory::getUser()->get('id')) { $isAdmin = Permissions::getInstance()->check("admin,storeadmin"); JLoader::register('ShopFunctions', JPATH_VM_ADMINISTRATOR . '/helpers/shopfunctions.php'); } } if (!$vendor) { return ''; } if ($vendor > 1) { if (!ShopFunctions::can($task, $view)) { return false; } // only link to own entries or same vendor id if ($vendorId) { if ($vendorId != $vendor) { return false; } } elseif ($created_by != $user_id) { return false; } } return true; }
/** * Retireve a list of currencies from the database. * This function is used in the backend for the currency listing, therefore no asking if enabled or not * @author Max Milbers * @return object List of currency objects */ function getCurrenciesList($search, $vendorId = 1) { $where = array(); // $this->_query = 'SELECT * FROM `#__virtuemart_currencies` '; if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check('admin')) { $where[] = '(`virtuemart_vendor_id` = "' . (int) $vendorId . '" OR `shared`="1")'; } if (empty($search)) { $search = JRequest::getString('search', false); } /* add filters */ if ($search) { $search = '"%' . $this->_db->getEscaped($search, true) . '%"'; //$search = $this->_db->Quote($search, false); $where[] = '`currency_name` LIKE ' . $search . ' OR `currency_code_2` LIKE ' . $search . ' OR `currency_code_3` LIKE ' . $search; } // if (JRequest::getString('search', false)) $where[] = '`currency_name` LIKE "%'.$this->_db->getEscaped(JRequest::getString('search')).'%"'; $whereString = ''; if (count($where) > 0) { $whereString = ' WHERE ' . implode(' AND ', $where); } // if (count($where) > 0) $this->_query .= ' WHERE '.implode(' AND ', $where) ; // $this->_query .= $this->_getOrdering('currency_name'); // $this->_data = $this->_getList($this->_query, $this->getState('limitstart'), $this->getState('limit')); // $this->_total = $this->_getListCount($this->_query) ; // $object, $select, $joinedTables, $whereString = '', $groupBy = '', $orderBy = '', $filter_order_Dir = '', $nbrReturnProducts = false $this->_data = $this->exeSortSearchListQuery(0, '*', ' FROM `#__virtuemart_currencies`', $whereString, '', $this->_getOrdering()); return $this->_data; // return $this->_data; }
function display($tpl = null) { // Load the helper(s) $this->addHelperPath(JPATH_VM_ADMINISTRATOR . DS . 'helpers'); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!class_exists('VmHTML')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'html.php'; } if (!class_exists('vmPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmplugin.php'; } $this->assignRef('perms', Permissions::getInstance()); $model = VmModel::getModel('paymentmethod'); //@todo should be depended by loggedVendor // $vendorId=1; // $this->assignRef('vendorId', $vendorId); // TODO logo $this->SetViewTitle(); $layoutName = JRequest::getWord('layout', 'default'); $vendorModel = VmModel::getModel('vendor'); $vendorModel->setId(1); $vendor = $vendorModel->getVendor(); $currencyModel = VmModel::getModel('currency'); $currencyModel = $currencyModel->getCurrency($vendor->vendor_currency); $this->assignRef('vendor_currency', $currencyModel->currency_symbol); if ($layoutName == 'edit') { // Load the helper(s) if (!class_exists('VmImage')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'image.php'; } if (!class_exists('vmParameters')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'parameterparser.php'; } $payment = $model->getPayment(); $this->assignRef('payment', $payment); $this->assignRef('vmPPaymentList', self::renderInstalledPaymentPlugins($payment->payment_jplugin_id)); // $this->assignRef('PaymentTypeList',self::renderPaymentRadioList($paym->payment_type)); // $this->assignRef('creditCardList',self::renderCreditCardRadioList($paym->payment_creditcards)); // echo 'humpf <pre>'.print_r($paym).'</pre>' ; //$this->assignRef('creditCardList',ShopFunctions::renderCreditCardList($paym->payment_creditcards,true)); $this->assignRef('shopperGroupList', ShopFunctions::renderShopperGroupList($payment->virtuemart_shoppergroup_ids, true)); if (Vmconfig::get('multix', 'none') !== 'none') { $vendorList = ShopFunctions::renderVendorList($payment->virtuemart_vendor_id); $this->assignRef('vendorList', $vendorList); } $this->addStandardEditViewCommands($payment->virtuemart_paymentmethod_id); } else { $this->addStandardDefaultViewCommands(); $this->addStandardDefaultViewLists($model); $payments = $model->getPayments(); $this->assignRef('payments', $payments); $pagination = $model->getPagination(); $this->assignRef('pagination', $pagination); } parent::display($tpl); }
public function display($tpl = null) { $user =& JFactory::getUser(); $db =& JFactory::getDBO(); $session = JFactory::getSession(); $cmp = $session->get('compare', ''); $listpid = explode(",", $cmp); if (empty($cmp)) { $valid = 0; $this->assignRef('valid', $valid); //$app =& JFactory::getApplication(); //$app->enqueueMessage('Your Wishlist is Empty Please Add any product to Wishlist', 'error'); //$app->redirect('index.php'); //exit; } else { $valid = 1; $this->assignRef('valid', $valid); $this->assignRef('wids', $wids); $productModel = VmModel::getModel('product'); $products = $productModel->getProducts($listpid); //echo "<pre>"; //print_r($wishlist); //exit; $productModel->addImages($products, 1); $this->assignRef('products', $products); foreach ($products as $product) { $product->stock = $productModel->getStockIndicator($product); } $show_prices = VmConfig::get('show_prices', 1); if ($show_prices == '1') { if (!class_exists('calculationHelper')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'calculationh.php'; } } $this->assignRef('show_prices', $show_prices); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } $showBasePrice = Permissions::getInstance()->check('admin'); //todo add config settings $this->assignRef('showBasePrice', $showBasePrice); $currency = CurrencyDisplay::getInstance(); $this->assignRef('currency', $currency); $pagination = $productModel->getPagination(3); $this->assignRef('vmPagination', $pagination); /*** rating ***/ $ratingModel = VmModel::getModel('ratings'); $showRating = $ratingModel->showRating($product->virtuemart_product_id); $this->assignRef('showRating', $showRating); if ($showRating) { $vote = $ratingModel->getVoteByProduct($product->virtuemart_product_id); $this->assignRef('vote', $vote); $rating = $ratingModel->getRatingByProduct($product->virtuemart_product_id); $this->assignRef('rating', $rating); } } parent::display($tpl); }
function display($tpl = null) { $this->loadHelper('html'); $model = VmModel::getModel(); $layoutName = $this->getLayout(); if ($layoutName == 'edit') { $category = $model->getCategory('', false); if (isset($category->category_name)) { $name = $category->category_name; } else { $name = ''; } $this->SetViewTitle('CATEGORY', $name); $model->addImages($category); if ($category->virtuemart_category_id > 1) { $relationInfo = $model->getRelationInfo($category->virtuemart_category_id); $this->assignRef('relationInfo', $relationInfo); } $parent = $model->getParentCategory($category->virtuemart_category_id); $this->assignRef('parent', $parent); if (!class_exists('ShopFunctions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'shopfunctions.php'; } $templateList = ShopFunctions::renderTemplateList(JText::_('COM_VIRTUEMART_CATEGORY_TEMPLATE_DEFAULT')); $this->assignRef('jTemplateList', $templateList); if (!class_exists('VirtueMartModelConfig')) { require JPATH_VM_ADMINISTRATOR . DS . 'models' . DS . 'config.php'; } $categoryLayoutList = VirtueMartModelConfig::getLayoutList('category'); $this->assignRef('categoryLayouts', $categoryLayoutList); $productLayouts = VirtueMartModelConfig::getLayoutList('productdetails'); $this->assignRef('productLayouts', $productLayouts); //Nice fix by Joe, the 4. param prevents setting an category itself as child $categorylist = ShopFunctions::categoryListTree(array($parent->virtuemart_category_id), 0, 0, (array) $category->virtuemart_category_id); $this->loadHelper('permissions'); $perms = Permissions::getInstance(); $this->assignRef('perms', $perms); if (Vmconfig::get('multix', 'none') !== 'none') { $vendorList = ShopFunctions::renderVendorList($category->virtuemart_vendor_id, false); $this->assignRef('vendorList', $vendorList); } $this->assignRef('category', $category); $this->assignRef('categorylist', $categorylist); $this->addStandardEditViewCommands($category->virtuemart_category_id, $category); } else { $this->SetViewTitle('CATEGORY_S'); $keyWord = ''; $this->assignRef('model', $model); $this->addStandardDefaultViewCommands(); $this->addStandardDefaultViewLists($model, 'category_name'); $categories = $model->getCategoryTree(0, 0, false, $this->lists['search']); $this->assignRef('categories', $categories); $pagination = $model->getPagination(); $this->assignRef('pagination', $pagination); } parent::display($tpl); }
function display($tpl = null) { // Load the helper(s) $this->loadHelper('permissions'); $this->loadHelper('html'); if (!class_exists('vmPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmplugin.php'; } $this->perms = Permissions::getInstance(); $model = VmModel::getModel('paymentmethod'); //@todo should be depended by loggedVendor // $vendorId=1; // $this->assignRef('vendorId', $vendorId); $vendorModel = VmModel::getModel('vendor'); $vendorModel->setId(1); $vendor = $vendorModel->getVendor(); $currencyModel = VmModel::getModel('currency'); $currencyModel->setId($vendor->vendor_currency); $currency = $currencyModel->getData(); $this->vendor_currency = $currency->currency_symbol; $layoutName = JRequest::getWord('layout', 'default'); if ($layoutName == 'edit') { // Load the helper(s) $this->loadHelper('image'); // jimport('joomla.html.pane'); $this->payment = $model->getPayment(); // $this->vmPPaymentList = self::InstalledPaymentPlgSelectList($payment->payment_jplugin_id); // $this->assignRef('PaymentTypeList',self::renderPaymentRadioList($paym->payment_type)); // $this->assignRef('creditCardList',self::renderCreditCardRadioList($paym->payment_creditcards)); // echo 'humpf <pre>'.print_r($paym).'</pre>' ; //$this->assignRef('creditCardList',ShopFunctions::renderCreditCardList($paym->payment_creditcards,true)); $this->shopperGroupList = ShopFunctions::renderShopperGroupList($this->payment->virtuemart_shoppergroup_ids, true); if (Vmconfig::get('multix', 'none') !== 'none') { $this->vendorList = ShopFunctions::renderVendorList($this->payment->virtuemart_vendor_id); } // TODO logo $this->SetViewTitle('', $this->payment->payment_name); $this->addStandardEditViewCommands($this->payment->virtuemart_paymentmethod_id); } else { if (JRequest::getWord('format', '') === 'raw') { $tpl = 'results'; } else { $this->SetViewTitle(); $this->addStandardDefaultViewCommands(); // know payment list $this->installedPayments = $this->PaymentPlgList(); } $this->addStandardDefaultViewLists($model); $this->payments = $model->getPayments(); $this->pagination = $model->getPagination(); } parent::display($tpl); if ($tpl === 'results') { echo $this->AjaxScripts(); } }
/** * Call at begin of every task to check if the permission is high enough. * Atm the standard is at least vm admin * @author Max Milbers */ private function checkPermissionForTools(){ //Hardcore Block, we may do that better later if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); if(!Permissions::getInstance()->check('admin')){ $msg = 'Forget IT'; $this->setRedirect('index.php?option=com_virtuemart', $msg); } return true; }
function display($tpl = null) { $this->loadHelper('html'); $this->loadHelper('permissions'); //@todo should be depended by loggedVendor $this->vendorId = 1; $titleMsg = ''; $model = VmModel::getModel(); $this->perms = Permissions::getInstance(); // to add in vmview ? $multivendor = Vmconfig::get('multix', 'none'); $this->multiX = $multivendor !== 'none' && $multivendor != '' ? true : false; $layoutName = JRequest::getWord('layout', 'default'); if ($layoutName == 'edit') { $this->media = $model->getFile(); $this->addStandardEditViewCommands(); } else { $this->cat_id = 0; if ($this->product_id = JRequest::getInt('virtuemart_product_id', 0)) { $product = VmModel::getModel('product')->getProductSingle($this->product_id, false, false); $this->link = $this->editLink($this->product_id, '<i class="icon-edit"></i> ' . $product->product_name, 'virtuemart_product_id', array('class' => 'hasTooltip btn btn-inverse', 'title' => JText::_('COM_VIRTUEMART_EDIT') . ' ' . $product->product_name), 'product'); $titleMsg = $product->product_name; } else { if ($this->cat_id = JRequest::getInt('virtuemart_category_id', 0)) { $category = VmModel::getModel('category')->getCategory($this->cat_id, false); $this->link = $this->editLink($this->cat_id, '<i class="icon-edit"></i> ' . $category->category_name, 'virtuemart_category_id', array('class' => 'hasTooltip btn btn-inverse', 'title' => JText::_('COM_VIRTUEMART_EDIT') . ' ' . $category->category_name), 'category'); $titleMsg = $category->category_name; } } // RAW render if (JRequest::getWord('format', '') === 'raw') { $tpl = 'results'; } else { if ($this->adminVendor == 1) { JToolBarHelper::custom('synchronizeMedia', 'new', 'new', JText::_('COM_VIRTUEMART_TOOLS_SYNC_MEDIA_FILES'), false); if ($this->multiX) { JToolBarHelper::custom('toggle.shared.1', 'ok', 'yes', JText::_('COM_VIRTUEMART_SHARED'), true); JToolBarHelper::custom('toggle.shared.0', 'cancel', 'no', JText::_('COM_VIRTUEMART_SHARED'), true); } } $this->addStandardDefaultViewCommands(); } $this->addStandardDefaultViewLists($model, null, null, 'searchMedia'); $options = array('' => '- ' . JText::_('COM_VIRTUEMART_TYPE') . ' -', 'product' => JText::_('COM_VIRTUEMART_PRODUCT'), 'category' => JText::_('COM_VIRTUEMART_CATEGORY'), 'manufacturer' => JText::_('COM_VIRTUEMART_MANUFACTURER'), 'vendor' => JText::_('COM_VIRTUEMART_VENDOR')); $this->lists['search_type'] = VmHTML::selectList('search_type', JRequest::getVar('search_type'), $options, 1, '', 'onchange="Joomla.ajaxSearch(this); return false;"'); $options = array('' => JText::_('COM_VIRTUEMART_LIST_ALL_ROLES'), 'file_is_displayable' => JText::_('COM_VIRTUEMART_FORM_MEDIA_DISPLAYABLE'), 'file_is_downloadable' => JText::_('COM_VIRTUEMART_FORM_MEDIA_DOWNLOADABLE'), 'file_is_forSale' => JText::_('COM_VIRTUEMART_FORM_MEDIA_SET_FORSALE')); $this->lists['search_role'] = VmHTML::selectList('search_role', JRequest::getVar('search_role'), $options, 1, '', 'onchange="this.form.submit();"'); $this->files = $model->getFiles(false, false, $this->product_id, $this->cat_id); $this->pagination = $model->getPagination(); } // TODO add icon for media view $this->SetViewTitle('', $titleMsg); parent::display($tpl); }
/** * We want to allow html so we need to overwrite some request data * * @author Max Milbers */ function save($data = 0) { $data = JRequest::get('post'); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (Permissions::getInstance()->check('admin')) { $data['product_desc'] = JRequest::getVar('product_desc', '', 'post', 'STRING', 2); $data['product_s_desc'] = JRequest::getVar('product_s_desc', '', 'post', 'STRING', 2); } parent::save($data); }
function synchronizeMedia() { if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check('admin')) { $msg = 'Forget IT'; $this->setRedirect('index.php?option=com_virtuemart', $msg); } if (!class_exists('Migrator')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'migrator.php'; } $migrator = new Migrator(); $result = $migrator->portMedia(); $this->setRedirect($this->redirectPath, $result); }
/** * Smarty {userHasPermission} block plugin * * Type: block<br> * Name: userHasPermission<br> * Purpose: Outputs $content if user has permission * Useage: {userHasPermission controller='foo' action='bar'}you have permission{/userHasPermission} * @author Nathan Gardner <*****@*****.**> */ function smarty_block_userHasPermission(&$params, $content, &$smarty, &$repeat) { if (!empty($params['controller']) && !empty($params['action'])) { $objPermissions = Permissions::getInstance(); $objAuth = Authentication::getInstance(); $user_id = $objAuth->user_id; $isAllowed = $objPermissions->actionAllowed($params['controller'], $params['action'], $user_id); if ($isAllowed) { return $content; } else { return false; } } else { echo 'Must pass controller and action to do permission check.'; } }
function display($tpl = null) { $this->loadHelper('html'); $this->loadHelper('permissions'); //@todo should be depended by loggedVendor $vendorId = 1; $this->assignRef('vendorId', $vendorId); // TODO add icon for media view $this->SetViewTitle(); $model = VmModel::getModel(); $perms = Permissions::getInstance(); $this->assignRef('perms', $perms); $layoutName = JRequest::getWord('layout', 'default'); if ($layoutName == 'edit') { $media = $model->getFile(); $this->assignRef('media', $media); $isNew = $media->virtuemart_media_id < 1; /* if ($isNew) { if(!Permissions::getInstance()->check('admin')) { $usermodel = VmModel::getModel('user'); // $usermodel->setCurrent(); $userDetails = $usermodel->getUser(); if(empty($userDetails->virtuemart_vendor_id)){ JError::raiseError(403,'Forbidden for non vendors'); } } else $media->virtuemart_vendor_id = 1; if(empty($media->virtuemart_vendor_id))$media->virtuemart_vendor_id = $userDetails->virtuemart_vendor_id; } */ $this->addStandardEditViewCommands(); } else { $virtuemart_product_id = JRequest::getInt('virtuemart_product_id', 0); $cat_id = JRequest::getInt('virtuemart_category_id', 0); JToolBarHelper::customX('synchronizeMedia', 'new', 'new', JText::_('COM_VIRTUEMART_TOOLS_SYNC_MEDIA_FILES'), false); $this->addStandardDefaultViewCommands(); $this->addStandardDefaultViewLists($model, null, null, 'searchMedia'); $options = array('' => JText::_('COM_VIRTUEMART_LIST_EMPTY_OPTION'), 'product' => JText::_('COM_VIRTUEMART_PRODUCT'), 'category' => JText::_('COM_VIRTUEMART_CATEGORY'), 'manufacturer' => JText::_('COM_VIRTUEMART_MANUFACTURER'), 'vendor' => JText::_('COM_VIRTUEMART_VENDOR')); $this->lists['search_type'] = VmHTML::selectList('search_type', JRequest::getVar('search_type'), $options, 1, '', 'onchange="this.form.submit();"'); $files = $model->getFiles(false, false, $virtuemart_product_id, $cat_id); $this->assignRef('files', $files); $pagination = $model->getPagination(); $this->assignRef('pagination', $pagination); } parent::display($tpl); }
public static function isSuperVendor() { if (JVM_VERSION <= 2) { if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (Permissions::getInstance()->check("admin,storeadmin")) { return true; } } else { $text = ''; $user = JFactory::getUser(); if ($user->authorise('core.admin', 'com_virtuemart') or $user->authorise('core.manage', 'com_virtuemart') or VmConfig::isSuperVendor()) { return true; } } return false; }
/** * Method to get a list of products. * Overriddes the the function defined in the com_virtuemart/models/product.php. * * @author Sakis Terz * @return mixed An array of data items on success, false on failure. * @since 1.0 */ public function getProductListing($group = false, $nbrReturnProducts = false, $withCalc = true, $onlyPublished = true, $single = false) { $front = true; if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check('admin', 'storeadmin')) { $onlyPublished = true; if ($show_prices = VmConfig::get('show_prices', 1) == '0') { $withCalc = false; } } //get the published custom filters $this->published_cf = $this->getPublishedCustomfilters(); $ids = $this->sortSearchListQuery($onlyPublished, $vmcat = false, $group, $nbrReturnProducts); $products = $this->getProducts($ids, $front, $withCalc, $onlyPublished, $single); return $products; }
/** * We want to allow html so we need to overwrite some request data * * @author Max Milbers */ function save($data = 0) { if ($data === 0) { $data = JRequest::get('post'); } $data['product_desc'] = $this->filterText('product_desc'); $data['product_s_desc'] = $this->filterText('product_s_desc'); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (Permissions::getInstance()->isSuperVendor() != 1) { $multix = Vmconfig::get('multix', 'none'); if ($multix != 'none') { unset($data['childs']); } } return parent::save($data); }
function display($tpl = null) { if (!class_exists('VmHTML')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'html.php'; } if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } //@todo should be depended by loggedVendor $vendorId = 1; $this->assignRef('vendorId', $vendorId); // TODO add icon for media view $this->SetViewTitle(); $model = VmModel::getModel('media'); $perms = Permissions::getInstance(); $this->assignRef('perms', $perms); $layoutName = JRequest::getWord('layout', 'default'); if ($layoutName == 'edit') { $media = $model->getFile(); $this->assignRef('media', $media); $isNew = $media->virtuemart_media_id < 1; $this->addStandardEditViewCommands(); } else { $virtuemart_product_id = JRequest::getVar('virtuemart_product_id', array(), '', 'array'); if (is_array($virtuemart_product_id) && count($virtuemart_product_id) > 0) { $virtuemart_product_id = (int) $virtuemart_product_id[0]; } else { $virtuemart_product_id = (int) $virtuemart_product_id; } $cat_id = JRequest::getInt('virtuemart_category_id', 0); JToolBarHelper::customX('synchronizeMedia', 'new', 'new', JText::_('COM_VIRTUEMART_TOOLS_SYNC_MEDIA_FILES'), false); $this->addStandardDefaultViewCommands(); $this->addStandardDefaultViewLists($model, null, null, 'searchMedia'); $options = array('' => JText::_('COM_VIRTUEMART_LIST_ALL_TYPES'), 'product' => JText::_('COM_VIRTUEMART_PRODUCT'), 'category' => JText::_('COM_VIRTUEMART_CATEGORY'), 'manufacturer' => JText::_('COM_VIRTUEMART_MANUFACTURER'), 'vendor' => JText::_('COM_VIRTUEMART_VENDOR')); $this->lists['search_type'] = VmHTML::selectList('search_type', JRequest::getVar('search_type'), $options, 1, '', 'onchange="this.form.submit();"'); $options = array('' => JText::_('COM_VIRTUEMART_LIST_ALL_ROLES'), 'file_is_displayable' => JText::_('COM_VIRTUEMART_FORM_MEDIA_DISPLAYABLE'), 'file_is_downloadable' => JText::_('COM_VIRTUEMART_FORM_MEDIA_DOWNLOADABLE'), 'file_is_forSale' => JText::_('COM_VIRTUEMART_FORM_MEDIA_SET_FORSALE')); $this->lists['search_role'] = VmHTML::selectList('search_role', JRequest::getVar('search_role'), $options, 1, '', 'onchange="this.form.submit();"'); $files = $model->getFiles(false, false, $virtuemart_product_id, $cat_id); $this->assignRef('files', $files); $pagination = $model->getPagination(); $this->assignRef('pagination', $pagination); } parent::display($tpl); }
function __construct() { parent::__construct(); // always use same method for cidName $vName = $this->getName(); $this->_cidName = 'virtuemart_' . $vName . '_id'; // var_dump($this); //Template path and helper fix for Front-end editing $this->addTemplatePath(JPATH_VM_ADMINISTRATOR . '/views/' . $vName . '/tmpl'); $this->addHelperPath(JPATH_VM_ADMINISTRATOR . '/helpers'); $this->frontEdit = jRequest::getvar('tmpl') === 'component' ? true : false; if ($this->frontEdit) { $this->tmpl = '&tmpl=component'; JLoader::register('JToolBarHelper', JPATH_VM_ADMINISTRATOR . '/helpers/toolbarhelper.php'); JLoader::register('JToolbarButton', JPATH_VM_ADMINISTRATOR . '/helpers/button.php'); JLoader::register('JToolbar', JPATH_VM_ADMINISTRATOR . '/helpers/toolbar.php'); } // this is to check, in most cases $this->adminVendor = Permissions::getInstance()->isSuperVendor(); }
/** * Method to render the plugin datas * this is an entry point to plugin to easy renders json or html * * * @access public */ function Plugin() { if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); if(!Permissions::getInstance()->check('admin')){ return false; } $type = JRequest::getWord('type', 'vmcustom'); $typeWhiteList = array('vmshopper','vmcustom','vmcalculation','vmpayment','vmshipment', 'vmuserfield'); if(!in_array($type,$typeWhiteList)) return false; $name = JRequest::getWord('name',''); JPluginHelper::importPlugin($type, $name); $dispatcher = JDispatcher::getInstance(); // if you want only one render simple in the plugin use jExit(); // or $render is an array of code to echo as html or json Object! $render = null ; $dispatcher->trigger('plgVmOnSelfCallBE',array($type, $name, &$render)); if ($render ) { // Get the document object. $document =JFactory::getDocument(); if (JRequest::getWord('cache', 'no')) { JResponse::setHeader('Cache-Control','no-cache, must-revalidate'); JResponse::setHeader('Expires','Mon, 6 Jul 2000 10:00:00 GMT'); } $format = JRequest::getWord('format', 'json'); if ($format == 'json') { $document->setMimeEncoding('application/json'); // Change the suggested filename. JResponse::setHeader('Content-Disposition','attachment;filename="'.$type.'".json"'); echo json_encode($render); } else echo $render; } return true; }
/** * Retireve a list of currencies from the database. * This function is used in the backend for the currency listing, therefore no asking if enabled or not * @author Max Milbers * @return object List of currency objects */ function getCurrenciesList($search, $vendorId = 1) { $where = array(); // $this->_query = 'SELECT * FROM `#__virtuemart_currencies` '; if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check('admin')) { $where[] = '(`virtuemart_vendor_id` = "' . (int) $vendorId . '" OR `shared`="1")'; } if (empty($search)) { $search = JRequest::getString('search', false); } /* add filters */ if ($search) { $search = '"%' . $this->_db->escape($search, true) . '%"'; //$search = $this->_db->Quote($search, false); $where[] = '`currency_name` LIKE ' . $search . ' OR `currency_code_2` LIKE ' . $search . ' OR `currency_code_3` LIKE ' . $search; } $published = JRequest::getVar('filter_published', false); if ($published !== false) { if ($published === '1') { $where[] = " `published` = 1 "; } else { if ($published === '0') { $where[] = " `published` = 0 "; } } } // if (JRequest::getString('search', false)) $where[] = '`currency_name` LIKE "%'.$this->_db->escape(JRequest::getString('search')).'%"'; $whereString = ''; if (count($where) > 0) { $whereString = ' WHERE ' . implode(' AND ', $where); } $this->_data = $this->exeSortSearchListQuery(0, '*', ' FROM `#__virtuemart_currencies`', $whereString, '', $this->_getOrdering()); return $this->_data; // return $this->_data; }
/** * We want to allow html so we need to overwrite some request data * * @author Max Milbers */ function save($data = 0) { $data = JRequest::get('post'); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (Permissions::getInstance()->check('admin')) { $data['product_desc'] = JRequest::getVar('product_desc', '', 'post', 'STRING', 2); $data['product_s_desc'] = JRequest::getVar('product_s_desc', '', 'post', 'STRING', 2); $data['customtitle'] = JRequest::getVar('customtitle', '', 'post', 'STRING', 2); } else { $data['product_desc'] = JRequest::getVar('product_desc', '', 'post', 'STRING', 2); $data['product_desc'] = JComponentHelper::filterText($data['product_desc']); //Why we have this? $multix = Vmconfig::get('multix', 'none'); if ($multix != 'none') { //in fact this shoudl be used, when the mode is administrated and the sysetm is so that //every product must be approved by an admin. unset($data['published']); //unset($data['childs']); } } parent::save($data); }
function display($tpl = null) { // Load the helper(s) $this->loadHelper('html'); $model = VmModel::getModel(); $layoutName = $this->getLayout(); $this->task = JRequest::getWord('task', $layoutName); if ($layoutName == 'edit') { $this->perms = Permissions::getInstance(); VmConfig::loadJLang('com_virtuemart_config'); $shoppergroup = $model->getShopperGroup(); $this->SetViewTitle('SHOPPERGROUP', $shoppergroup->shopper_group_name); if (Vmconfig::get('multix', 'none') !== 'none') { $this->vendorList = ShopFunctions::renderVendorList($shoppergroup->virtuemart_vendor_id, false); } $this->shoppergroup = $shoppergroup; $this->addStandardEditViewCommands(); } else { if (JRequest::getWord('format', '') === 'raw') { $tpl = 'results'; } else { $this->SetViewTitle(); JToolBarHelper::makeDefault(); $this->addStandardDefaultViewCommands(); } $this->addStandardDefaultViewLists($model); $this->loadHelper('permissions'); $this->showVendors = Permissions::getInstance()->check('admin'); $this->shoppergroups = $model->getShopperGroups(false, true); $this->pagination = $model->getPagination(); } parent::display($tpl); if ($tpl === 'results') { echo $this->AjaxScripts(); } }
/** * @author Max Milbers * @param */ function check() { if (!empty($this->_slugAutoName)) { $slugAutoName = $this->_slugAutoName; $slugName = $this->_slugName; if (in_array($slugAutoName, $this->_translatableFields)) { $checkTable = $this->_tbl . '_' . VmConfig::$vmlang; } else { $checkTable = $this->_tbl; } if (empty($this->{$slugName})) { // vmdebug('table check use _slugAutoName '.$slugAutoName.' '.$slugName); if (!empty($this->{$slugAutoName})) { $this->{$slugName} = $this->{$slugAutoName}; } else { vmError('VmTable ' . $checkTable . ' Check not passed. Neither slug nor obligatory value at ' . $slugAutoName . ' for auto slug creation is given'); return false; } } //if (JVM_VERSION === 1) $this->$slugName = JFilterOutput::stringURLSafe($this->$slugName); //else $this->$slugName = JApplication::stringURLSafe($this->$slugName); //pro+#'!"§$%&/()=?duct-w-| ||cu|st|omfield-|str<ing> //vmdebug('my slugName '.$slugName,$this->$slugName); $this->{$slugName} = str_replace('-', ' ', $this->{$slugName}); //$config =& JFactory::getConfig(); //$transliterate = $config->get('unicodeslugs'); $unicodeslugs = VmConfig::get('transliterateSlugs', false); if ($unicodeslugs) { $lang = JFactory::getLanguage(); $this->{$slugName} = $lang->transliterate($this->{$slugName}); } // Trim white spaces at beginning and end of alias and make lowercase $this->{$slugName} = trim(JString::strtolower($this->{$slugName})); $this->{$slugName} = str_replace(array('`', '´', "'"), '', $this->{$slugName}); $this->{$slugName} = vRequest::filterUword($this->{$slugName}, '-,_,|', '-'); while (strpos($this->{$slugName}, '--')) { $this->{$slugName} = str_replace('--', '-', $this->{$slugName}); } // Trim dashes at beginning and end of alias $this->{$slugName} = trim($this->{$slugName}, '-'); if ($unicodeslugs) { $this->{$slugName} = rawurlencode($this->{$slugName}); } $valid = $this->checkCreateUnique($checkTable, $slugName); //vmdebug('my Final slugName '.$slugName,$this->$slugName); if (!$valid) { return false; } } foreach ($this->_obkeys as $obkeys => $error) { if (empty($this->{$obkeys})) { if (empty($error)) { $error = 'Serious error cant save ' . $this->_tbl . ' without ' . $obkeys; } else { // $error = get_class($this).' '.vmText::_($error); $error = get_class($this) . ' ' . $error; } $this->setError($error); vmError($error); return false; } } if ($this->_unique) { if (empty($this->_db)) { $this->_db = JFactory::getDBO(); } foreach ($this->_unique_name as $obkeys => $error) { if (empty($this->{$obkeys})) { // vmError(vmText::sprintf('COM_VIRTUEMART_NON_UNIQUE_KEY',$this->$obkeys)); $this->setError($error); vmError('Non unique ' . $this->_unique_name . ' ' . $error); return false; } else { $valid = $this->checkCreateUnique($this->_tbl, $obkeys); if (!$valid) { return false; } } } } if (isset($this->virtuemart_vendor_id)) { $multix = Vmconfig::get('multix', 'none'); //Lets check if the user is admin or the mainvendor $virtuemart_vendor_id = false; if ($multix == 'none' and get_class($this) !== 'TableVmusers') { $this->virtuemart_vendor_id = 1; return true; } else { $loggedVendorId = Permissions::getInstance()->isSuperVendor(); $user = JFactory::getUser(); $admin = $user->authorise('core.admin', 'com_virtuemart'); $tbl_key = $this->_tbl_key; $className = get_class($this); if (strpos($this->_tbl, 'virtuemart_vmusers') === FALSE) { $q = 'SELECT `virtuemart_vendor_id` FROM `' . $this->_tbl . '` WHERE `' . $this->_tbl_key . '`="' . $this->{$tbl_key} . '" '; if (!isset(self::$_cache[md5($q)])) { $this->_db->setQuery($q); $virtuemart_vendor_id = $this->_db->loadResult(); } else { $virtuemart_vendor_id = self::$_cache[md5($q)]; } } else { $q = 'SELECT `virtuemart_vendor_id`,`user_is_vendor` FROM `' . $this->_tbl . '` WHERE `' . $this->_tbl_key . '`="' . $this->{$tbl_key} . '" '; if (!isset(self::$_cache[md5($q)])) { $this->_db->setQuery($q); $vmuser = $this->_db->loadRow(); } else { $vmuser = self::$_cache[md5($q)]; } if ($vmuser and count($vmuser) === 2) { $virtuemart_vendor_id = $vmuser[0]; $user_is_vendor = $vmuser[1]; if ($multix == 'none') { if (empty($user_is_vendor)) { $this->virtuemart_vendor_id = 0; } else { $this->virtuemart_vendor_id = 1; } return true; } else { if (!$admin) { $this->virtuemart_vendor_id = $loggedVendorId; return true; } } } else { //New User //vmInfo('We run in multivendor mode and you did not set any vendor for '.$className.' and '.$this->_tbl);//, Set to mainvendor '.$this->virtuemart_vendor_id } } if (!$admin and !empty($virtuemart_vendor_id) and !empty($loggedVendorId) and $loggedVendorId != $virtuemart_vendor_id) { //vmWarn('COM_VIRTUEMART_NOT_SAME_VENDOR',$loggedVendorId,$virtuemart_vendor_id //vmWarn('Stop try to hack this store, you got logged'); vmdebug('Hacking attempt stopped, logged vendor ' . $loggedVendorId . ' but data belongs to ' . $virtuemart_vendor_id); return false; } else { if (!$admin) { if ($virtuemart_vendor_id) { $this->virtuemart_vendor_id = $virtuemart_vendor_id; vmdebug('Non admin is storing using loaded vendor_id'); } else { //No id is stored, even users are allowed to use for the storage and vendorId, no change } } else { //Admins are allowed to do anything. We just trhow some messages if (!empty($virtuemart_vendor_id) and $loggedVendorId != $virtuemart_vendor_id) { vmdebug('Admin with vendor id ' . $loggedVendorId . ' is using for storing vendor id ' . $this->virtuemart_vendor_id); } else { if (empty($virtuemart_vendor_id)) { if (empty($this->virtuemart_vendor_id)) { if (strpos($this->_tbl, 'virtuemart_vendors') === FALSE and strpos($this->_tbl, 'virtuemart_vmusers') === FALSE) { vmInfo('We run in multivendor mode and you did not set any vendor for ' . $className . ' and ' . $this->_tbl); //$this->virtuemart_vendor_id = 1; } } } } } } } } return true; }
/** * Select the products to list on the product list page * @param $uid integer Optional user ID to get the orders of a single user * @param $_ignorePagination boolean If true, ignore the Joomla pagination (for embedded use, default false) */ public function getOrdersList($uid = 0, $noLimit = false) { // vmdebug('getOrdersList'); $this->_noLimit = $noLimit; $select = " o.*, CONCAT_WS(' ',u.first_name,u.middle_name,u.last_name) AS order_name " . ',u.email as order_email,pm.payment_name AS payment_method '; $from = $this->getOrdersListQuery(); /* $_filter = array(); if ($uid > 0) { $_filter[] = ('u.virtuemart_user_id = ' . (int)$uid); }*/ if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check('admin')) { $myuser = JFactory::getUser(); $where[] = ' u.virtuemart_user_id = ' . (int) $myuser->id . ' AND o.virtuemart_vendor_id = "1" '; } else { if (empty($uid)) { $where[] = ' o.virtuemart_vendor_id = "1" '; } else { $where[] = ' u.virtuemart_user_id = ' . (int) $uid . ' AND o.virtuemart_vendor_id = "1" '; } } if ($search = JRequest::getString('search', false)) { $search = '"%' . $this->_db->getEscaped($search, true) . '%"'; $searchFields = array(); $searchFields[] = 'u.first_name'; $searchFields[] = 'u.middle_name'; $searchFields[] = 'u.last_name'; $searchFields[] = 'o.order_number'; $searchFields[] = 'u.company'; $searchFields[] = 'u.email'; $searchFields[] = 'u.phone_1'; $searchFields[] = 'u.address_1'; $searchFields[] = 'u.zip'; $where[] = implode(' LIKE ' . $search . ' OR ', $searchFields) . ' LIKE ' . $search . ' '; //$where[] = ' ( u.first_name LIKE '.$search.' OR u.middle_name LIKE '.$search.' OR u.last_name LIKE '.$search.' OR `order_number` LIKE '.$search.')'; } if ($order_status_code = JRequest::getString('order_status_code', false)) { $where[] = ' o.order_status = "' . $order_status_code . '" '; } if (count($where) > 0) { $whereString = ' WHERE (' . implode(' AND ', $where) . ') '; } else { $whereString = ''; } if (JRequest::getCmd('view') == 'orders') { $ordering = $this->_getOrdering(); } else { $ordering = ' order by o.modified_on DESC'; } $this->_data = $this->exeSortSearchListQuery(0, $select, $from, $whereString, '', $ordering); return $this->_data; }
/** * Retrieve a list of layouts from the default and chosen templates directory. * * We may use here the getCustoms function of the custom model or write something simular * * @author Max Milbers * @param name of the view * @return object List of flypage objects */ function getCustomsList($publishedOnly = FALSE) { JLoader::register('Permissions', JPATH_VM_ADMINISTRATOR . '/helpers/permissions.php'); $vendorId = Permissions::getInstance()->isSupervendor(); // get custom parents $q = 'SELECT virtuemart_custom_id as value ,custom_title as text FROM `#__virtuemart_customs` where custom_parent_id=0 AND field_type <> "R" AND field_type <> "Z" AND field_type <> "K"'; if ($publishedOnly) { $q .= ' AND `published`=1'; } if ($ID = JRequest::getInt('virtuemart_custom_id', 0)) { $q .= ' AND `virtuemart_custom_id`!=' . (int) $ID; } // TODO better vendor check STUDIO42 if (!Permissions::getInstance()->check('admin')) { $q .= ' AND (`virtuemart_vendor_id` = "' . (int) $vendorId . '" OR `shared` = "1") '; } //if (isset($this->virtuemart_custom_id)) $q.=' and virtuemart_custom_id !='.$this->virtuemart_custom_id; $this->_db->setQuery($q); // $result = $this->_db->loadAssocList(); $result = $this->_db->loadObjectList(); $errMsg = $this->_db->getErrorMsg(); $errs = $this->_db->getErrors(); if (!empty($errMsg)) { $app = JFactory::getApplication(); $errNum = $this->_db->getErrorNum(); $app->enqueueMessage('SQL-Error: ' . $errNum . ' ' . $errMsg); } if ($errs) { $app = JFactory::getApplication(); foreach ($errs as $err) { $app->enqueueMessage($err); } } return $result; }
/** * Validates the user info record fields. * * @author RickG, RolandD, Max Milbers * @return boolean True if the table buffer is contains valid data, false otherwise. */ public function check() { if ($this->address_type == 'BT' or $this->address_type == 'ST') { if ($this->address_type == 'ST' and empty($this->address_type_name)) { vmError('Table userinfos check failed: address_type ' . $this->address_type . ' without name', 'check failed: ST has no name'); return false; } } else { vmError('Table userinfos check failed: Unknown address_type ' . $this->address_type, 'check failed: Unknown address_type '); vmdebug('Table userinfos check failed: Unknown address_type ' . $this->address_type . ' virtuemart_user_id ' . $this->virtuemart_user_id . ' name ' . $this->name); return false; } if (!empty($this->virtuemart_userinfo_id)) { $this->virtuemart_userinfo_id = (int) $this->virtuemart_userinfo_id; if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check("admin")) { $q = "SELECT virtuemart_user_id\n\t\t\t\t\t\t\t\t\t\tFROM #__virtuemart_userinfos\n\t\t\t\t\t\t\t\t\t\tWHERE virtuemart_userinfo_id = " . $this->virtuemart_userinfo_id; $this->_db->setQuery($q); $total = $this->_db->loadResultArray(); if (count($total) > 0) { $userId = JFactory::getUser()->id; if ($total[0] != $userId) { vmError('Hacking attempt uid check, you got logged'); echo 'Hacking attempt uid check, you got logged'; return false; } } } return parent::check(); } if (empty($this->address_type)) { $this->address_type = 'BT'; } /* Check if a record exists */ $q = "SELECT virtuemart_userinfo_id\n\t\t\tFROM #__virtuemart_userinfos\n\t\t\tWHERE virtuemart_user_id = " . $this->virtuemart_user_id . "\n\t\t\tAND address_type = " . $this->_db->Quote($this->address_type); if ($this->address_type != 'BT') { $q .= " AND address_type_name = " . $this->_db->Quote($this->address_type_name); } $this->_db->setQuery($q); $total = $this->_db->loadResultArray(); if (count($total) > 0) { $this->virtuemart_userinfo_id = (int) $total[0]; } else { $this->virtuemart_userinfo_id = 0; //md5(uniqid($this->virtuemart_user_id)); } return parent::check(); }
/** * @author Max Milbers * @param */ function check() { if (!empty($this->_slugAutoName)) { $slugAutoName = $this->_slugAutoName; $slugName = $this->_slugName; if (in_array($slugAutoName, $this->_translatableFields)) { $checkTable = $this->_tbl . '_' . VMLANG; } else { $checkTable = $this->_tbl; } if (empty($this->{$slugName})) { // vmdebug('table check use _slugAutoName '.$slugAutoName.' '.$slugName); if (!empty($this->{$slugAutoName})) { $this->{$slugName} = $this->{$slugAutoName}; } else { vmError('VmTable ' . $checkTable . ' Check not passed. Neither slug nor obligatory value at ' . $slugAutoName . ' for auto slug creation is given'); return false; } } //if (!class_exists('VmMediaHandler')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'mediahandler.php'); //vmdebug('check $slug before stringURLSafe',$this->$slugName); //$this->$slugName = vmFile::makeSafe( $this->$slugName ); //$lang = JFactory::getLanguage(); //$this->$slugName = $lang->transliterate($this->$slugName); if (JVM_VERSION === 1) { $this->{$slugName} = JFilterOutput::stringURLSafe($this->{$slugName}); } else { $this->{$slugName} = JApplication::stringURLSafe($this->{$slugName}); } $valid = $this->checkCreateUnique($checkTable, $slugName); if (!$valid) { return false; } } foreach ($this->_obkeys as $obkeys => $error) { if (empty($this->{$obkeys})) { if (empty($error)) { $error = 'Serious error cant save ' . $this->_tbl . ' without ' . $obkeys; } else { // $error = get_class($this).' '.JText::_($error); $error = get_class($this) . ' ' . $error; } $this->setError($error); vmError($error); return false; } } if ($this->_unique) { if (empty($this->_db)) { $this->_db = JFactory::getDBO(); } foreach ($this->_unique_name as $obkeys => $error) { if (empty($this->{$obkeys})) { // vmError(JText::sprintf('COM_VIRTUEMART_NON_UNIQUE_KEY',$this->$obkeys)); $this->setError($error); vmError('Non unique ' . $this->_unique_name . ' ' . $error); return false; } else { $valid = $this->checkCreateUnique($this->_tbl, $obkeys); if (!$valid) { return false; } } } } if (isset($this->virtuemart_vendor_id)) { $multix = Vmconfig::get('multix', 'none'); //Lets check if the user is admin or the mainvendor if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } $virtuemart_vendor_id = false; if ($multix == 'none' and get_class($this) !== 'TableVmusers') { $this->virtuemart_vendor_id = 1; } else { $loggedVendorId = Permissions::getInstance()->isSuperVendor(); $admin = Permissions::getInstance()->check('admin'); $tbl_key = $this->_tbl_key; if (get_class($this) !== 'TableVmusers') { $q = 'SELECT `virtuemart_vendor_id` FROM `' . $this->_tbl . '` WHERE `' . $this->_tbl_key . '`=' . $this->{$tbl_key}; $this->_db->setQuery($q); $virtuemart_vendor_id = $this->_db->loadResult(); } else { $q = 'SELECT `virtuemart_vendor_id`,`user_is_vendor` FROM `' . $this->_tbl . '` WHERE `' . $this->_tbl_key . '`=' . $this->{$tbl_key}; $this->_db->setQuery($q); $vmuser = $this->_db->loadRow(); if ($vmuser and count($vmuser) === 2) { $virtuemart_vendor_id = $vmuser[0]; $user_is_vendor = $vmuser[1]; if ($multix == 'none') { if (empty($user_is_vendor)) { $this->virtuemart_vendor_id = 0; } else { $this->virtuemart_vendor_id = 1; } return true; } else { if (!$admin) { $this->virtuemart_vendor_id = $loggedVendorId; return true; } } } } if (!$admin and !empty($virtuemart_vendor_id) and !empty($loggedVendorId) and $loggedVendorId != $virtuemart_vendor_id) { //vmWarn('COM_VIRTUEMART_NOT_SAME_VENDOR',$loggedVendorId,$virtuemart_vendor_id //vmWarn('Stop try to hack this store, you got logged'); vmdebug('Hacking attempt stopped, logged vendor ' . $loggedVendorId . ' but data belongs to ' . $virtuemart_vendor_id); return false; } else { if (!$admin) { if ($virtuemart_vendor_id) { $this->virtuemart_vendor_id = $virtuemart_vendor_id; vmdebug('Non admin is storing using loaded vendor_id'); } else { //No id is stored, even users are allowed to use for the storage and vendorId, no change } } else { if (!empty($virtuemart_vendor_id) and $loggedVendorId != $virtuemart_vendor_id) { vmInfo('Admin with vendor id ' . $loggedVendorId . ' is using for storing vendor id ' . $this->virtuemart_vendor_id); vmdebug('Admin with vendor id ' . $loggedVendorId . ' is using for storing vendor id ' . $this->virtuemart_vendor_id); $this->virtuemart_vendor_id = $virtuemart_vendor_id; } } } } //tables to consider for multivendor //if(get_class($this)!== 'TableOrders' and get_class($this)!== 'TableInvoices' and get_class($this)!== 'TableOrder_items'){ } return true; }
public function display($tpl = null) { $mainframe = JFactory::getApplication(); $pathway = $mainframe->getPathway(); $task = JRequest::getWord('task', 'list'); $layoutName = JRequest::getWord('layout', 'list'); $this->setLayout($layoutName); $_currentUser = JFactory::getUser(); $document = JFactory::getDocument(); if (!empty($tpl)) { $format = $tpl; } else { $format = JRequest::getWord('format', 'html'); } $this->assignRef('format', $format); if ($format == 'pdf') { $document->setTitle(JText::_('COM_VIRTUEMART_INVOICE')); //PDF needs more RAM than usual $memory_limit = ini_get('memory_limit'); if ($memory_limit < 40) { @ini_set('memory_limit', '40M'); } } else { if ($layoutName == 'details') { $document->setTitle(JText::_('COM_VIRTUEMART_ACC_ORDER_INFO')); $pathway->additem(JText::_('COM_VIRTUEMART_ACC_ORDER_INFO')); } else { $document->setTitle(JText::_('COM_VIRTUEMART_ORDERS_VIEW_DEFAULT_TITLE')); $pathway->additem(JText::_('COM_VIRTUEMART_ORDERS_VIEW_DEFAULT_TITLE')); } } $orderModel = VmModel::getModel('orders'); if ($layoutName == 'details') { $order_list_link = FALSE; $cuid = $_currentUser->get('id'); // if(!empty($cuid)){ $order_list_link = JRoute::_('index.php?option=com_virtuemart&view=orders&layout=list'); // } else { // $order_list_link = false; // $order_list_link = JRoute::_('index.php?option=com_virtuemart&view=orders');; // } $this->assignRef('order_list_link', $order_list_link); if (empty($cuid)) { // If the user is not logged in, we will check the order number and order pass if ($orderPass = JRequest::getString('order_pass', false)) { $orderNumber = JRequest::getString('order_number', false); $orderId = $orderModel->getOrderIdByOrderPass($orderNumber, $orderPass); if (empty($orderId)) { echo JText::_('COM_VIRTUEMART_RESTRICTED_ACCESS'); return; } $orderDetails = $orderModel->getOrder($orderId); } } else { // If the user is logged in, we will check if the order belongs to him $virtuemart_order_id = JRequest::getInt('virtuemart_order_id', 0); if (!$virtuemart_order_id) { $virtuemart_order_id = VirtueMartModelOrders::getOrderIdByOrderNumber(JRequest::getString('order_number')); } $orderDetails = $orderModel->getOrder($virtuemart_order_id); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } if (!Permissions::getInstance()->check("admin")) { if (!empty($orderDetails['details']['BT']->virtuemart_user_id)) { if ($orderDetails['details']['BT']->virtuemart_user_id != $cuid) { echo JText::_('COM_VIRTUEMART_RESTRICTED_ACCESS'); return; } } } } if (empty($orderDetails['details'])) { echo JText::_('COM_VIRTUEMART_ORDER_NOTFOUND'); return; } $userFieldsModel = VmModel::getModel('userfields'); $_userFields = $userFieldsModel->getUserFields('account', array('captcha' => true, 'delimiters' => true), array('delimiter_userinfo', 'user_is_vendor', 'username', 'password', 'password2', 'agreed', 'address_type')); $orderbt = $orderDetails['details']['BT']; $orderst = array_key_exists('ST', $orderDetails['details']) ? $orderDetails['details']['ST'] : $orderbt; $userfields = $userFieldsModel->getUserFieldsFilled($_userFields, $orderbt); $_userFields = $userFieldsModel->getUserFields('shipment', array(), array('delimiter_userinfo', 'username', 'email', 'password', 'password2', 'agreed', 'address_type')); $shipmentfields = $userFieldsModel->getUserFieldsFilled($_userFields, $orderst); $shipment_name = ''; if (!class_exists('vmPSPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmpsplugin.php'; } JPluginHelper::importPlugin('vmshipment'); $dispatcher = JDispatcher::getInstance(); $returnValues = $dispatcher->trigger('plgVmOnShowOrderFEShipment', array($orderDetails['details']['BT']->virtuemart_order_id, $orderDetails['details']['BT']->virtuemart_shipmentmethod_id, &$shipment_name)); $payment_name = ''; if (!class_exists('vmPSPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmpsplugin.php'; } JPluginHelper::importPlugin('vmpayment'); $dispatcher = JDispatcher::getInstance(); $returnValues = $dispatcher->trigger('plgVmOnShowOrderFEPayment', array($orderDetails['details']['BT']->virtuemart_order_id, $orderDetails['details']['BT']->virtuemart_paymentmethod_id, &$payment_name)); if ($format == 'pdf') { $invoiceNumberDate = array(); $return = $orderModel->createInvoiceNumber($orderDetails['details']['BT'], $invoiceNumberDate); if (empty($invoiceNumberDate)) { $invoiceNumberDate[0] = 'no invoice number accessible'; $invoiceNumberDate[1] = 'no invoice date accessible'; } $this->assignRef('invoiceNumber', $invoiceNumberDate[0]); $this->assignRef('invoiceDate', $invoiceNumberDate[1]); } $this->assignRef('userfields', $userfields); $this->assignRef('shipmentfields', $shipmentfields); $this->assignRef('shipment_name', $shipment_name); $this->assignRef('payment_name', $payment_name); $this->assignRef('orderdetails', $orderDetails); $tmpl = JRequest::getWord('tmpl'); $print = false; if ($tmpl) { $print = true; } $this->prepareVendor(); $this->assignRef('print', $print); $vendorId = 1; $emailCurrencyId = 0; $exchangeRate = FALSE; if (!class_exists('vmPSPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmpsplugin.php'; } JPluginHelper::importPlugin('vmpayment'); $dispatcher = JDispatcher::getInstance(); $dispatcher->trigger('plgVmgetEmailCurrency', array($orderDetails['details']['BT']->virtuemart_paymentmethod_id, $orderDetails['details']['BT']->virtuemart_order_id, &$emailCurrencyId)); if (!class_exists('CurrencyDisplay')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'currencydisplay.php'; } $currency = CurrencyDisplay::getInstance($emailCurrencyId, $vendorId); if ($emailCurrencyId) { vmdebug('exchangerate', $orderDetails['details']['BT']->user_currency_rate); $currency->exchangeRateShopper = $orderDetails['details']['BT']->user_currency_rate; } $this->assignRef('currency', $currency); // Implement the Joomla panels. If we need a ShipTo tab, make it the active one. // In tmpl/edit.php, this is the 4th tab (0-based, so set to 3 above) // jimport('joomla.html.pane'); // $pane = JPane::getInstance((__VM_ORDER_USE_SLIDERS?'Sliders':'Tabs')); // $this->assignRef('pane', $pane); } else { // 'list' -. default $useSSL = VmConfig::get('useSSL', 0); $useXHTML = true; $this->assignRef('useSSL', $useSSL); $this->assignRef('useXHTML', $useXHTML); if ($_currentUser->get('id') == 0) { // getOrdersList() returns all orders when no userID is set (admin function), // so explicetly define an empty array when not logged in. $orderList = array(); } else { $orderList = $orderModel->getOrdersList($_currentUser->get('id'), TRUE); foreach ($orderList as $order) { $vendorId = 1; $emailCurrencyId = 0; $exchangeRate = FALSE; if (!class_exists('vmPSPlugin')) { require JPATH_VM_PLUGINS . DS . 'vmpsplugin.php'; } JPluginHelper::importPlugin('vmpayment'); $dispatcher = JDispatcher::getInstance(); $dispatcher->trigger('plgVmgetEmailCurrency', array($order->virtuemart_paymentmethod_id, $order->virtuemart_order_id, &$emailCurrencyId)); if (!class_exists('CurrencyDisplay')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'currencydisplay.php'; } $currency = CurrencyDisplay::getInstance($emailCurrencyId, $vendorId); if ($emailCurrencyId) { vmdebug('exchangerate', $order->user_currency_rate); $currency->exchangeRateShopper = $order->user_currency_rate; } $order->currency = $currency; } } $this->assignRef('orderlist', $orderList); } /* if (!class_exists('CurrencyDisplay')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'currencydisplay.php'); $currency = CurrencyDisplay::getInstance(); $this->assignRef('currency', $currency); */ $orderStatusModel = VmModel::getModel('orderstatus'); $_orderstatuses = $orderStatusModel->getOrderStatusList(); $orderstatuses = array(); foreach ($_orderstatuses as $_ordstat) { $orderstatuses[$_ordstat->order_status_code] = JText::_($_ordstat->order_status_name); } $this->assignRef('orderstatuses', $orderstatuses); if (!class_exists('ShopFunctions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'shopfunctions.php'; } // this is no setting in BE to change the layout ! //shopFunctionsF::setVmTemplate($this,0,0,$layoutName); parent::display($tpl); }
public function display($tpl = null) { /* MULTI-X * $this->loadHelper('vendorHelper'); * $vendorModel = new Vendor; * $vendor = $vendorModel->getVendor(); * $this->assignRef('vendor', $vendor); */ $vendorId = JRequest::getInt('vendorid', 1); $vendorModel = VmModel::getModel('vendor'); $vendorModel->setId(1); $vendor = $vendorModel->getVendor(); $this->assignRef('vendor', $vendor); if (!VmConfig::get('shop_is_offline', 0)) { $categoryModel = VmModel::getModel('category'); $productModel = VmModel::getModel('product'); $products = array(); $categoryId = JRequest::getInt('catid', 0); $cache = JFactory::getCache('com_virtuemart', 'callback'); $categoryChildren = $cache->call(array('VirtueMartModelCategory', 'getChildCategoryList'), $vendorId, $categoryId); // self::$categoryTree = self::categoryListTreeLoop($selectedCategories, $cid, $level, $disabledFields); //$categoryChildren = $categoryModel->getChildCategoryList($vendorId, $categoryId); //$categoryChildren = $categoryModel->getChildCategoryList($vendorId, $categoryId); $categoryModel->addImages($categoryChildren, 1); $this->assignRef('categories', $categoryChildren); if (!class_exists('CurrencyDisplay')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'currencydisplay.php'; } $currency = CurrencyDisplay::getInstance(); $this->assignRef('currency', $currency); if (VmConfig::get('show_featured', 1)) { $products['featured'] = $productModel->getProductListing('featured', 5); $productModel->addImages($products['featured'], 1); } if (VmConfig::get('show_latest', 1)) { $products['latest'] = $productModel->getProductListing('latest', 5); $productModel->addImages($products['latest'], 1); } if (VmConfig::get('show_topTen', 1)) { $products['topten'] = $productModel->getProductListing('topten', 5); $productModel->addImages($products['topten'], 1); } $this->assignRef('products', $products); if (!class_exists('Permissions')) { require JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'; } $showBasePrice = Permissions::getInstance()->check('admin'); //todo add config settings $this->assignRef('showBasePrice', $showBasePrice); // $layoutName = VmConfig::get('vmlayout','default'); $layout = VmConfig::get('vmlayout', 'default'); $this->setLayout($layout); } else { $this->setLayout('off_line'); } # Set the titles $document = JFactory::getDocument(); $error = JRequest::getInt('error', 0); //Todo this may not work everytime as expected, because the error must be set in the redirect links. if (!empty($error)) { /* $head = $document->getHeadData(); $head['title'] = JText::_('COM_VIRTUEMART_PRODUCT_NOT_FOUND'); $document->setHeadData($head);*/ $document->setTitle(JText::_('COM_VIRTUEMART_PRODUCT_NOT_FOUND') . JText::sprintf('COM_VIRTUEMART_HOME', $vendor->vendor_store_name)); } else { $document->setTitle(JText::sprintf('COM_VIRTUEMART_HOME', $vendor->vendor_store_name)); } $template = VmConfig::get('vmtemplate', 'default'); if (is_dir(JPATH_THEMES . DS . $template)) { $mainframe = JFactory::getApplication(); $mainframe->set('setTemplate', $template); } parent::display($tpl); }