/**
* Smarty plugin
* -------------------------------------------------------------
* File: insert.oxid_newbasketitem.php
* Type: string, html
* Name: newbasketitem
* Purpose: Used for tracking in econda, etracker etc.
* -------------------------------------------------------------
*
* @param array $params params
* @param Smarty &$smarty clever simulation of a method
*
* @return string
*/
function smarty_insert_oxid_newbasketitem($params, &$smarty)
{
$myConfig = oxConfig::getInstance();
$aTypes = array('0' => 'none', '1' => 'message', '2' => 'popup', '3' => 'basket');
$iType = $myConfig->getConfigParam('iNewBasketItemMessage');
// If corect type of message is expected
if ($iType && $params['type'] && $params['type'] != $aTypes[$iType]) {
return '';
}
//name of template file where is stored message text
$sTemplate = $params['tpl'] ? $params['tpl'] : 'inc_newbasketitem.snippet.tpl';
//allways render for ajaxstyle popup
$blRender = $params['ajax'] && $iType == 2;
//fetching article data
$oNewItem = oxSession::getVar('_newitem');
$oBasket = oxSession::getInstance()->getBasket();
if ($oNewItem) {
// loading article object here because on some system passing article by session couses problems
$oNewItem->oArticle = oxNew('oxarticle');
$oNewItem->oArticle->Load($oNewItem->sId);
// passing variable to template with unique name
$smarty->assign('_newitem', $oNewItem);
// deleting article object data
oxSession::deleteVar('_newitem');
$blRender = true;
}
// returning generated message content
if ($blRender) {
return $smarty->fetch($sTemplate);
}
}
/**
* Executes parent method parent::render(), generates menu HTML code,
* passes data to Smarty engine, returns name of template file "nav_frame.tpl".
*
* @return string
*/
public function render()
{
parent::render();
$myUtilsServer = oxUtilsServer::getInstance();
$sItem = oxConfig::getParameter("item");
$sItem = $sItem ? basename($sItem) : false;
if (!$sItem) {
$sItem = "nav_frame.tpl";
$aFavorites = oxConfig::getParameter("favorites");
if (is_array($aFavorites)) {
$myUtilsServer->setOxCookie('oxidadminfavorites', implode('|', $aFavorites));
}
} else {
$oNavTree = $this->getNavigation();
// set menu structure
$this->_aViewData["menustructure"] = $oNavTree->getDomXml()->documentElement->childNodes;
// version patch strin
$sVersion = str_replace(array("EE.", "PE."), "", $this->_sShopVersion);
$this->_aViewData["sVersion"] = trim($sVersion);
//checking requirements if this is not nav frame reload
if (!oxConfig::getParameter("navReload")) {
// #661 execute stuff we run each time when we start admin once
if ('home.tpl' == $sItem) {
$this->_aViewData['aMessage'] = $this->_doStartUpChecks();
}
} else {
//removing reload param to force requirements checking next time
oxSession::deleteVar("navReload");
}
// favorite navigation
$aFavorites = explode('|', $myUtilsServer->getOxCookie('oxidadminfavorites'));
if (is_array($aFavorites) && count($aFavorites)) {
$this->_aViewData["menufavorites"] = $oNavTree->getListNodes($aFavorites);
$this->_aViewData["aFavorites"] = $aFavorites;
}
// history navigation
$aHistory = explode('|', $myUtilsServer->getOxCookie('oxidadminhistory'));
if (is_array($aHistory) && count($aHistory)) {
$this->_aViewData["menuhistory"] = $oNavTree->getListNodes($aHistory);
}
// open history node ?
$this->_aViewData["blOpenHistory"] = oxConfig::getParameter('openHistory');
}
$oShoplist = oxNew('oxshoplist');
$oBaseShop = $oShoplist->getBaseObject();
$sWhere = '';
$blisMallAdmin = oxSession::getVar('malladmin');
if (!$blisMallAdmin) {
// we only allow to see our shop
$sShopID = oxSession::getVar("actshop");
$sWhere = "where " . $oBaseShop->getViewName() . ".oxid = '{$sShopID}'";
}
$oShoplist->selectString("select " . $oBaseShop->getSelectFields() . " from " . $oBaseShop->getViewName() . " {$sWhere}");
$this->_aViewData['shoplist'] = $oShoplist;
return $sItem;
}
/**
* Smarty plugin
* -------------------------------------------------------------
* File: insert.oxid_newbasketitem.php
* Type: string, html
* Name: newbasketitem
* Purpose: Used for tracking in econda, etracker etc.
* -------------------------------------------------------------
*
* @param array $params params
* @param Smarty &$smarty clever simulation of a method
*
* @return string
*/
function smarty_insert_oxid_fblogin($params, &$smarty)
{
$myConfig = oxConfig::getInstance();
$oView = $myConfig->getActiveView();
if (!$myConfig->getConfigParam("bl_showFbConnect")) {
return;
}
// user logged in using facebook account so showing additional
// popup about connecting facebook user id to existing shop account
$oFb = oxFb::getInstance();
if ($oFb->isConnected() && $oFb->getUser()) {
//name of template
$sTemplate = 'inc/popup_fblogin.tpl';
// checking, if Facebeook User Id was successfully added
if (oxSession::getVar('_blFbUserIdUpdated')) {
$sTemplate = 'inc/popup_fblogin_msg.tpl';
oxSession::deleteVar('_blFbUserIdUpdated');
}
return $smarty->fetch($sTemplate);
}
}
/**
* Returns true if new product was just added to basket
*
* @return bool
*/
public function isNewItemAdded()
{
if ($this->_blNewITemAdded == null) {
$this->_blNewITemAdded = (bool) oxSession::getVar("blAddedNewItem");
oxSession::deleteVar("blAddedNewItem");
}
return $this->_blNewITemAdded;
}
/**
* Validates oxidcreditcard and oxiddebitnote user payment data.
* Returns false if problems on validating occured. If everything
* is OK - returns "order" and redirects to payment confirmation
* page.
*
* Session variables:
* <b>paymentid</b>, <b>dynvalue</b>, <b>payerror</b>
*
* @return mixed
*/
public function validatePayment()
{
$myConfig = $this->getConfig();
$mySession = $this->getSession();
//#1308C - check user. Function is executed before render(), and oUser is not set!
// Set it manually for use in methods getPaymentList(), getShippingSetList()...
$oUser = $this->getUser();
if (!$oUser) {
oxSession::setVar('payerror', 2);
return;
}
if (!($sShipSetId = oxConfig::getParameter('sShipSet'))) {
$sShipSetId = oxSession::getVar('sShipSet');
}
if (!($sPaymentId = oxConfig::getParameter('paymentid'))) {
$sPaymentId = oxSession::getVar('paymentid');
}
if (!($aDynvalue = oxConfig::getParameter('dynvalue'))) {
$aDynvalue = oxSession::getVar('dynvalue');
}
// A. additional protection
if (!$myConfig->getConfigParam('blOtherCountryOrder') && $sPaymentId == 'oxempty') {
$sPaymentId = '';
}
//#1308C - check if we have paymentID, and it really exists
if (!$sPaymentId) {
oxSession::setVar('payerror', 1);
return;
}
$oBasket = $mySession->getBasket();
$oBasket->setPayment(null);
$oPayment = oxNew('oxpayment');
$oPayment->load($sPaymentId);
// getting basket price for payment calculation
$dBasketPrice = $oBasket->getPriceForPayment();
$blOK = $oPayment->isValidPayment($aDynvalue, $myConfig->getShopId(), $oUser, $dBasketPrice, $sShipSetId);
if ($blOK) {
oxSession::setVar('paymentid', $sPaymentId);
oxSession::setVar('dynvalue', $aDynvalue);
if (oxConfig::getParameter('bltsprotection')) {
$sTsProductId = oxConfig::getParameter('stsprotection');
$oBasket->setTsProductId($sTsProductId);
oxSession::setVar('stsprotection', $sTsProductId);
} else {
oxSession::deleteVar('stsprotection');
$oBasket->setTsProductId(null);
}
$oBasket->setShipping($sShipSetId);
oxSession::deleteVar('_selected_paymentid');
return 'order';
} else {
oxSession::setVar('payerror', $oPayment->getPaymentErrorNumber());
//#1308C - delete paymentid from session, and save selected it just for view
oxSession::deleteVar('paymentid');
oxSession::setVar('_selected_paymentid', $sPaymentId);
oxSession::deleteVar('stsprotection');
$oBasket->setTsProductId(null);
return;
}
}
/**
* First checks for basket - if no such object available -
* redirects to start page. Otherwise - executes parent::render()
* and returns name of template to render thankyou::_sThisTemplate.
*
* @return string current template file name
*/
public function render()
{
if (!$this->_oBasket || !$this->_oBasket->getProductsCount()) {
oxUtils::getInstance()->redirect($this->getConfig()->getShopHomeURL() . '&cl=start', true, 302);
}
parent::render();
$oUser = $this->getUser();
// removing also unregistered user info (#2580)
if (!$oUser || !$oUser->oxuser__oxpassword->value) {
oxSession::deleteVar('usr');
oxSession::deleteVar('dynvalue');
}
// loading order sometimes needed in template
if ($this->_oBasket->getOrderId()) {
// owners stock reminder
$oEmail = oxNew('oxemail');
$oEmail->sendStockReminder($this->_oBasket->getContents());
}
// we must set active class as start
$this->getViewConfig()->setViewConfigParam('cl', 'start');
return $this->_sThisTemplate;
}
/**
* Redirects user back to previous part of shop (list, details, ...) from basket.
* Used with option "Display Message when Product is added to Cart" set to "Open Basket"
* ($myConfig->iNewBasketItemMessage == 3)
*
* @return string $sBackLink back link
*/
public function backToShop()
{
if ($this->getConfig()->getConfigParam('iNewBasketItemMessage') == 3) {
if ($sBackLink = oxSession::getVar('_backtoshop')) {
oxSession::deleteVar('_backtoshop');
return $sBackLink;
}
}
}
/**
* Assigns registration points for invited user and
* its inviter (calls oxUser::setInvitationCreditPoints())
*
* @param string $sUserId inviter user id
* @param string $sRecEmail recipient (registrant) email
*
* @return bool
*/
public function setCreditPointsForRegistrant($sUserId, $sRecEmail)
{
$blSet = false;
$oDb = oxDb::getDb();
$iPoints = $this->getConfig()->getConfigParam('dPointsForRegistration');
// check if this invitation is still not accepted
$iPending = $oDb->getOne("select count(oxuserid) from oxinvitations where oxuserid = " . $oDb->quote($sUserId) . " and md5(oxemail) = " . $oDb->quote($sRecEmail) . " and oxpending = 1 and oxaccepted = 0");
if ($iPoints && $iPending) {
$this->oxuser__oxpoints = new oxField($iPoints, oxField::T_RAW);
if ($blSet = $this->save()) {
// updating users statistics
$oDb->execute("UPDATE oxinvitations SET oxpending = '0', oxaccepted = '1' where oxuserid = " . $oDb->quote($sUserId) . " and md5(oxemail) = " . $oDb->quote($sRecEmail));
$oInvUser = oxNew("oxuser");
if ($oInvUser->load($sUserId)) {
$blSet = $oInvUser->setCreditPointsForInviter();
}
}
}
oxSession::deleteVar('su');
oxSession::deleteVar('re');
return $blSet;
}
/**
* This function checks if logged in user has access to admin or not
*
* @return bool
*/
public function checkAccessRights()
{
$myConfig = $this->getConfig();
$blIsAuth = false;
$sUserID = oxSession::getVar("auth");
// deleting admin marker
oxSession::setVar("malladmin", 0);
oxSession::setVar("blIsAdmin", 0);
oxSession::deleteVar("blIsAdmin");
$myConfig->setConfigParam('blMallAdmin', false);
//#1552T
$myConfig->setConfigParam('blAllowInheritedEdit', false);
if ($sUserID) {
// escaping
$oDb = oxDb::getDb();
$sRights = $oDb->getOne("select oxrights from oxuser where oxid = " . $oDb->quote($sUserID));
if ($sRights != "user") {
// malladmin ?
if ($sRights == "malladmin") {
oxSession::setVar("malladmin", 1);
$myConfig->setConfigParam('blMallAdmin', true);
//#1552T
//So far this blAllowSharedEdit is Equal to blMallAdmin but in future to be solved over rights and roles
$myConfig->setConfigParam('blAllowSharedEdit', true);
$sShop = oxSession::getVar("actshop");
if (!isset($sShop)) {
oxSession::setVar("actshop", $myConfig->getBaseShopId());
}
$blIsAuth = true;
} else {
// Shopadmin... check if this shop is valid and exists
$sShopID = $oDb->getOne("select oxid from oxshops where oxid = " . $oDb->quote($sRights));
if (isset($sShopID) && $sShopID) {
// success, this shop exists
oxSession::setVar("actshop", $sRights);
oxSession::setVar("currentadminshop", $sRights);
oxSession::setVar("shp", $sRights);
// check if this subshop admin is evil.
if ('chshp' == oxConfig::getParameter('fnc')) {
// dont allow this call
$blIsAuth = false;
} else {
$blIsAuth = true;
$aShopIdVars = array('actshop', 'shp', 'currentadminshop');
foreach ($aShopIdVars as $sShopIdVar) {
if ($sGotShop = oxConfig::getParameter($sShopIdVar)) {
if ($sGotShop != $sRights) {
$blIsAuth = false;
break;
}
}
}
}
}
}
// marking user as admin
oxSession::setVar("blIsAdmin", 1);
}
}
return $blIsAuth;
}
/**
* stores some info in session
*
* @return null
*
*/
protected function _setSessionParams()
{
// reset it from session
oxSession::deleteVar("sExportDelCost");
$dDelCost = oxConfig::getParameter("sExportDelCost");
if (isset($dDelCost)) {
$dDelCost = str_replace(array(";", " ", "/", "'"), "", $dDelCost);
$dDelCost = str_replace(",", ".", $dDelCost);
oxSession::setVar("sExportDelCost", $dDelCost);
}
oxSession::deleteVar("sExportMinPrice");
$dMinPrice = oxConfig::getParameter("sExportMinPrice");
if (isset($dMinPrice)) {
$dMinPrice = str_replace(array(";", " ", "/", "'"), "", $dMinPrice);
$dMinPrice = str_replace(",", ".", $dMinPrice);
oxSession::setVar("sExportMinPrice", $dMinPrice);
}
// #827
oxSession::deleteVar("sExportCampaign");
$sCampaign = oxConfig::getParameter("sExportCampaign");
if (isset($sCampaign)) {
$sCampaign = str_replace(array(";", " ", "/", "'"), "", $sCampaign);
oxSession::setVar("sExportCampaign", $sCampaign);
}
// reset it from session
oxSession::deleteVar("blAppendCatToCampaign");
// now retrieve it from get or post.
$blAppendCatToCampaign = oxConfig::getParameter("blAppendCatToCampaign");
if ($blAppendCatToCampaign) {
oxSession::setVar("blAppendCatToCampaign", $blAppendCatToCampaign);
}
// reset it from session
oxSession::deleteVar("iExportLanguage");
oxSession::setVar("iExportLanguage", oxConfig::getParameter("iExportLanguage"));
//setting the custom header
oxSession::setVar("sExportCustomHeader", oxConfig::getParameter("sExportCustomHeader"));
}
/**
* Saves selection list parameters changes.
*
* @return mixed
*/
public function save()
{
$aParams = $this->_getParams();
$this->_checkSendData($aParams['sendData']);
if ($aParams['sendData'] == 3 && $aParams['sqlCheck'] == 1 || $aParams['sendData'] == 3 && $aParams['sqlCheck'] == 4) {
$this->_addErrorToDisplay('Fehler');
} else {
if ($this->_getChromephpManager()->saveConfig($aParams)) {
oxSession::deleteVar('debugPHP');
oxSession::deleteVar('debugPHPSearch');
}
}
}
/**
* Checks for session captcha hash validity
*
* @param string $sMacHash hash key
* @param string $sHash captcha hash
* @param int $iTime check time
*
* @return bool
*/
protected function _passFromSession($sMacHash, $sHash, $iTime)
{
$blPass = null;
if ($aHash = oxSession::getVar("aCaptchaHash")) {
$blPass = isset($aHash[$sMacHash][$sHash]) && $aHash[$sMacHash][$sHash] >= $iTime ? true : false;
oxSession::deleteVar("aCaptchaHash");
}
return $blPass;
}
/**
* Order checking, processing and saving method.
* Before saving performed checking if order is still not executed (checks in
* database oxorder table for order with know ID), if yes - returns error code 3,
* if not - loads payment data, assigns all info from basket to new oxorder object
* and saves full order with error status. Then executes payment. On failure -
* deletes order and returns error code 2. On success - saves order (oxorder::save()),
* removes article from wishlist (oxorder::_updateWishlist()), updates voucher data
* (oxorder::_markVouchers()). Finally sends order confirmation email to customer
* (oxemail::SendOrderEMailToUser()) and shop owner (oxemail::SendOrderEMailToOwner()).
* If this is order racalculation, skipping payment execution, marking vouchers as used
* and sending order by email to shop owner and user
* Mailing status (1 if OK, 0 on error) is returned.
*
* @param oxBasket $oBasket Shopping basket object
* @param object $oUser Current user object
* @param bool $blRecalculatingOrder Order recalculation
*
* @return integer
*/
public function finalizeOrder(oxBasket $oBasket, $oUser, $blRecalculatingOrder = false)
{
// check if this order is already stored
$sGetChallenge = oxSession::getVar('sess_challenge');
if ($this->_checkOrderExist($sGetChallenge)) {
oxUtils::getInstance()->logger('BLOCKER');
// we might use this later, this means that somebody klicked like mad on order button
return self::ORDER_STATE_ORDEREXISTS;
}
// if not recalculating order, use sess_challenge id, else leave old order id
if (!$blRecalculatingOrder) {
// use this ID
$this->setId($sGetChallenge);
// validating various order/basket parameters before finalizing
if ($iOrderState = $this->validateOrder($oBasket, $oUser)) {
return $iOrderState;
}
}
// copies user info
$this->_setUser($oUser);
// copies basket info
$this->_loadFromBasket($oBasket);
// payment information
$oUserPayment = $this->_setPayment($oBasket->getPaymentId());
// set folder information, if order is new
// #M575 in recalcualting order case folder must be the same as it was
if (!$blRecalculatingOrder) {
$this->_setFolder();
}
//saving all order data to DB
$this->save();
// executing payment (on failure deletes order and returns error code)
// in case when recalcualting order, payment execution is skipped
if (!$blRecalculatingOrder) {
$blRet = $this->_executePayment($oBasket, $oUserPayment);
if ($blRet !== true) {
return $blRet;
}
}
// executing TS protection
if (!$blRecalculatingOrder && $oBasket->getTsProductId()) {
$blRet = $this->_executeTsProtection($oBasket);
if ($blRet !== true) {
return $blRet;
}
}
// deleting remark info only when order is finished
oxSession::deleteVar('ordrem');
oxSession::deleteVar('stsprotection');
// updating order trans status (success status)
$this->_setOrderStatus('OK');
// store orderid
$oBasket->setOrderId($this->getId());
// updating wish lists
$this->_updateWishlist($oBasket->getContents(), $oUser);
// updating users notice list
$this->_updateNoticeList($oBasket->getContents(), $oUser);
// marking vouchers as used and sets them to $this->_aVoucherList (will be used in order email)
// skipping this action in case of order recalculation
if (!$blRecalculatingOrder) {
$this->_markVouchers($oBasket, $oUser);
}
// send order by email to shop owner and current user
// skipping this action in case of order recalculation
if (!$blRecalculatingOrder) {
$iRet = $this->_sendOrderByEmail($oUser, $oBasket, $oUserPayment);
} else {
$iRet = self::ORDER_STATE_OK;
}
return $iRet;
}
/**
* Stop die Filte startDebug
*
* @author Rafal Wesolowski <*****@*****.**>
* @return void
*/
function stopDebug()
{
oxSession::deleteVar('debugPHP');
}
/**
* renews expiration timer to maximum value
*
* @return null
*/
public function renewExpiration()
{
if ($oReserved = $this->getReservations()) {
$iTime = oxUtilsDate::getInstance()->getTime();
$oReserved->oxuserbaskets__oxupdate = new oxField($iTime);
$oReserved->save();
oxSession::deleteVar("iBasketReservationTimeout");
}
}
/**
* @overload
*/
public function validatePayment()
{
if (oxConfig::getParameter('paymentid') === "paymill_cc" || oxConfig::getParameter('paymentid') === "paymill_elv") {
oxSession::deleteVar('paymill_token');
// set paymill token to session to be available in next step
if (oxConfig::getParameter('paymillToken')) {
oxSession::setVar('paymill_token', oxConfig::getParameter('paymillToken'));
}
}
return parent::validatePayment();
}
/**
* Resets users count
*
* @return null
*/
public function resetUserCount()
{
oxSession::deleteVar("iUserCount");
$this->_iUserCount = null;
}
/**
* Mostly used for customer profile editing screen (OXID eShop ->
* MY ACCOUNT). Checks if oUser is set (oxcmp_user::oUser) - if
* not - executes oxcmp_user::_loadSessionUser(). If user unchecked newsletter
* subscription option - removes him from this group. There is an
* additional MUST FILL fields checking. Function returns true or false
* according to user data submission status.
*
* Session variables:
* <b>ordrem</b>
*
* @return bool true on success, false otherwise
*/
protected function _changeUser_noRedirect()
{
if (!$this->getSession()->checkSessionChallenge()) {
return;
}
// no user ?
$oUser = $this->getUser();
if (!$oUser) {
return;
}
// collecting values to check
$aDelAdress = $this->_getDelAddressData();
// if user company name, user name and additional info has special chars
$aInvAdress = oxConfig::getParameter('invadr', true);
$sUserName = $oUser->oxuser__oxusername->value;
$sPassword = $sPassword2 = $oUser->oxuser__oxpassword->value;
try {
// testing user input
$oUser->changeUserData($sUserName, $sPassword, $sPassword2, $aInvAdress, $aDelAdress);
// assigning to newsletter
if (($blOptin = oxConfig::getParameter('blnewssubscribed')) === null) {
$blOptin = $oUser->getNewsSubscription()->getOptInStatus();
}
$this->_blNewsSubscriptionStatus = $oUser->setNewsSubscription($blOptin, $this->getConfig()->getConfigParam('blOrderOptInEmail'));
} catch (oxUserException $oEx) {
// errors in input
// marking error code
//TODO
oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
return;
} catch (oxInputException $oEx) {
oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
return;
} catch (oxConnectionException $oEx) {
//connection to external resource broken, change message and pass to the view
oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
return;
}
// order remark
$sOrderRemark = oxConfig::getParameter('order_remark', true);
if ($sOrderRemark) {
oxSession::setVar('ordrem', $sOrderRemark);
} else {
oxSession::deleteVar('ordrem');
}
if ($oBasket = $this->getSession()->getBasket()) {
$oBasket->onUpdate();
}
return true;
}
