public function save_vendor($vendor_id, $data) { $vendor_id = (int) $vendor_id; $temp_vendor = false; if ($vendor_id > 0) { // check permissions $temp_vendor = $this->get_vendor($vendor_id); if (!$temp_vendor || $temp_vendor['vendor_id'] != $vendor_id) { $temp_vendor = false; $vendor_id = false; } } if (_DEMO_MODE && $vendor_id == 1) { set_error('Sorry this is a Demo Vendor. It cannot be changed.'); redirect_browser(self::link_open($vendor_id)); } if (isset($data['default_tax_system']) && $data['default_tax_system']) { $data['default_tax'] = -1; $data['default_tax_name'] = ''; } if (isset($data['primary_user_id'])) { unset($data['primary_user_id']); } // only allow this to be set through the method. $vendor_id = update_insert("vendor_id", $vendor_id, "vendor", $data); if (isset($_REQUEST['user_id'])) { $user_id = (int) $_REQUEST['user_id']; if ($user_id > 0) { // check permissions $temp_user = module_user::get_user($user_id); if (!$temp_user || $temp_user['user_id'] != $user_id) { $user_id = false; } } // assign specified user_id to this vendor. // could this be a problem? // maybe? // todo: think about security precautions here, maybe only allow admins to set primary contacts. $data['vendor_id'] = $vendor_id; if (!$user_id) { // hack to set the default role of a contact (if one is set in settings). if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) { // todo - save from vendor import $bits = explode(' ', $data['name']); $data['last_name'] = array_pop($bits); $data['name'] = implode(' ', $bits); } $user_id = update_insert("user_id", false, "user", $data); module_cache::clear('user'); $role_id = module_config::c('contact_default_role', 0); if ($role_id > 0) { module_user::add_user_to_role($user_id, $role_id); } $this->set_primary_user_id($vendor_id, $user_id); } else { // make sure this user is part of this vendor. // wait! addition, we want to be able to move an existing vendor contact to this new vendor. $saved_user_id = false; if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_vendor::can_i('create', 'Companies')) { $old_user = module_user::get_user((int) $_REQUEST['move_user_id']); if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) { $saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data); module_cache::clear('user'); hook_handle_callback('vendor_contact_moved', $user_id, $old_user['vendor_id'], $vendor_id); $this->set_primary_user_id($vendor_id, $user_id); module_cache::clear('user'); } } else { // save normally, only those linked to this account: $users = module_user::get_contacts(array('vendor_id' => $vendor_id)); foreach ($users as $user) { if ($user['user_id'] == $user_id) { $saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data); $this->set_primary_user_id($vendor_id, $user_id); module_cache::clear('user'); break; } } } if (!$saved_user_id) { $this->set_primary_user_id($vendor_id, 0); module_cache::clear('user'); } } // todo: move this functionality back into the user class. // maybe with a static save_user method ? if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) { module_extra::save_extras('user', 'user_id', $user_id); } } handle_hook("address_block_save", $this, "physical", "vendor", "vendor_id", $vendor_id); //handle_hook("address_block_save",$this,"postal","vendor","vendor_id",$vendor_id); if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) { module_extra::save_extras('vendor', 'vendor_id', $vendor_id); } // save the company information if it's available if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) { if (isset($_REQUEST['available_vendor_company']) && is_array($_REQUEST['available_vendor_company'])) { $selected_companies = isset($_POST['vendor_company']) && is_array($_POST['vendor_company']) ? $_POST['vendor_company'] : array(); $company_access = module_company::get_company_data_access(); if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) { // user is unassignging this vendor from all companies we have access to, dont let them do this? } foreach ($_REQUEST['available_vendor_company'] as $company_id => $tf) { if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) { // remove vendor from this company module_company::delete_vendor($company_id, $vendor_id); } else { // add vendor to this company (if they are not already existing) module_company::add_vendor_to_company($company_id, $vendor_id); } } } } self::update_vendor_status($vendor_id); module_cache::clear('vendor'); return $vendor_id; }