/** * Function to update a Shopper Entry * (uses who have perms='shopper') */ function update(&$d) { global $my, $perm, $sess, $vmLogger, $page; $auth = $_SESSION['auth']; $db = new ps_DB(); if (@$d["user_id"] != $my->id && @$d["user_id"] != $auth['user_id'] && $auth["perms"] != "admin") { $vmLogger->crit("Tricky tricky, but we know about this one."); return False; } require_once CLASSPATH . 'ps_user.php'; if (!empty($d['username'])) { $_POST['username'] = $d['username']; } else { $_POST['username'] = $my->username; } $_POST['name'] = $d['first_name'] . " " . $d['last_name']; $_POST['id'] = $auth["user_id"]; $_POST['gid'] = $my->gid; $d['error'] = ""; if (VM_REGISTRATION_TYPE != 'NO_REGISTRATION') { ps_user::saveUser($d); } if (!empty($d['error'])) { return false; } if (!$this->validate_update($d)) { return false; } $user_id = $auth["user_id"]; /* Update Bill To */ // Get all fields which where shown to the user $userFields = ps_userfield::getUserFields('account', false, '', true); $skip_fields = ps_userfield::getSkipFields(); $fields = array('mdate' => time()); foreach ($userFields as $userField) { if (!in_array($userField->name, $skip_fields)) { $fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name))); } } $fields['user_email'] = $fields['email']; unset($fields['email']); $db->buildQuery('UPDATE', '#__{vm}_user_info', $fields, " WHERE user_id=" . $user_id . " AND address_type='BT'"); // Run the query! $db->query(); // UPDATE #__{vm}_shopper group relationship $q = "SELECT shopper_group_id FROM #__{vm}_shopper_vendor_xref "; $q .= "WHERE user_id = '" . $user_id . "'"; $db->query($q); if (!$db->num_rows()) { //add $shopper_db = new ps_DB(); // get the default shopper group $q = "SELECT shopper_group_id from #__{vm}_shopper_group WHERE "; $q .= "`default`='1'"; $shopper_db->query($q); if (!$shopper_db->num_rows()) { // when there is no "default", take the first in the table $q = "SELECT shopper_group_id from #__{vm}_shopper_group"; $shopper_db->query($q); } $shopper_db->next_record(); $my_shopper_group_id = $shopper_db->f("shopper_group_id"); if (empty($d['customer_number'])) { $d['customer_number'] = ""; } $q = "INSERT INTO #__{vm}_shopper_vendor_xref "; $q .= "(user_id,vendor_id,shopper_group_id) "; $q .= "VALUES ('"; $q .= $_SESSION['auth']['user_id'] . "','"; $q .= $_SESSION['ps_vendor_id'] . "','"; $q .= $my_shopper_group_id . "')"; $db->query($q); } $q = "SELECT user_id FROM #__{vm}_auth_user_vendor "; $q .= "WHERE user_id = '" . $_SESSION['auth']['user_id'] . "'"; $db->query($q); if (!$db->num_rows()) { // Insert vendor relationship $q = "INSERT INTO #__{vm}_auth_user_vendor (user_id,vendor_id)"; $q .= " VALUES "; $q .= "('" . $_SESSION['auth']['user_id'] . "','"; $q .= $_SESSION['ps_vendor_id'] . "') "; $db->query($q); } return True; }
/** * Called to validate the payment_method * If payment with CreditCard is used, than the Data must be in stored in the session * This has be done to prevent sending the CreditCard Number back in hidden fields * If the parameter $is_test is true the Number Visa Creditcard number 4111 1111 1111 1111 * * @param array $d * @param boolean $is_test * @return boolean */ function validate_payment_method(&$d, $is_test) { global $VM_LANG, $vmLogger, $order_total; $auth = $_SESSION['auth']; $cart = $_SESSION['cart']; // We don't need to validate a payment method when // the user has no order total he should pay if (empty($_REQUEST['order_total'])) { if (isset($d['order_total'])) { if (round($d['order_total'], 2) <= 0.0) { return true; } } if (isset($order_total) && $order_total <= 0.0) { return true; } } if (!isset($d["payment_method_id"]) || $d["payment_method_id"] == 0) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_PAYM', false)); return false; } require_once CLASSPATH . 'ps_payment_method.php'; $ps_payment_method = new ps_payment_method(); $dbp = new ps_DB(); //DB Payment_method // Now Check if all needed Payment Information are entered // Bank Information is found in the User_Info $w = "SELECT `enable_processor` FROM `#__{vm}_payment_method` WHERE "; $w .= "payment_method_id=" . (int) $d["payment_method_id"]; $dbp->query($w); $dbp->next_record(); if ($dbp->f("enable_processor") == "Y" || $dbp->f("enable_processor") == "") { // Creditcard if (empty($_SESSION['ccdata']['creditcard_code'])) { $vmLogger->err($VM_LANG->_('VM_CHECKOUT_ERR_CCTYPE')); return false; } // $_SESSION['ccdata'] = $ccdata; // The Data should be in the session if (!isset($_SESSION['ccdata'])) { //Not? Then Error $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_CCDATA', false)); return False; } if (!$_SESSION['ccdata']['order_payment_number']) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_CCNR_FOUND', false)); return False; } // CREDIT CARD NUMBER CHECK // USING THE CREDIT CARD CLASS in ps_payment if (!$ps_payment_method->validate_payment($_SESSION['ccdata']['creditcard_code'], $_SESSION['ccdata']['order_payment_number'])) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_CCDATE', false)); return False; } if (!$is_test) { $payment_number = ereg_replace(" |-", "", $_SESSION['ccdata']['order_payment_number']); if ($payment_number == "4111111111111111") { $vmLogger->warning($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_TEST', false)); return False; } } if (!empty($_SESSION['ccdata']['need_card_code']) && empty($_SESSION['ccdata']['credit_card_code'])) { $vmLogger->err($VM_LANG->_('PHPSHOP_CUSTOMER_CVV2_ERROR', false)); return False; } if (!$_SESSION['ccdata']['order_payment_expire_month']) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_CCMON', false)); return False; } if (!$_SESSION['ccdata']['order_payment_expire_year']) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_CCYEAR', false)); return False; } $date = getdate(time()); if ($_SESSION['ccdata']['order_payment_expire_year'] < $date["year"] or $_SESSION['ccdata']['order_payment_expire_year'] == $date["year"] and $_SESSION['ccdata']['order_payment_expire_month'] < $date["mon"]) { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_CCDATE_INV', false)); return False; } return True; } elseif ($dbp->f("enable_processor") == "B") { $_SESSION['ccdata']['creditcard_code'] = ""; $_SESSION['ccdata']['order_payment_name'] = ""; $_SESSION['ccdata']['order_payment_number'] = ""; $_SESSION['ccdata']['order_payment_expire_month'] = ""; $_SESSION['ccdata']['order_payment_expire_year'] = ""; // Bank Account require_once CLASSPATH . 'ps_user.php'; $dbu =& ps_user::getUserInfo($auth["user_id"], array('bank_account_holder', 'bank_iban', 'bank_account_nr', 'bank_sort_code', 'bank_name')); if ($dbu->f("bank_account_holder") == "" || $dbu->f("bank_account_nr") == "") { if (!empty($d['bank_account_holder']) && !empty($d['bank_account_nr'])) { // Insert the given data $fields = array('bank_account_holder' => $d['bank_account_holder'], 'bank_account_nr' => $d['bank_account_nr'], 'bank_sort_code' => $d['bank_sort_code'], 'bank_name' => $d['bank_name'], 'bank_iban' => $d['bank_iban']); ps_user::setUserInfo($fields, $auth["user_id"]); $dbu =& ps_user::getUserInfo($auth["user_id"], array('bank_account_holder', 'bank_iban', 'bank_account_nr', 'bank_sort_code', 'bank_name')); } else { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_USER_DATA', false)); return False; } } if ($dbu->f("bank_account_holder") == "") { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_BA_HOLDER_NAME', false)); return False; } if ($dbu->f("bank_iban") == "" and $dbu->f("bank_account_nr") == "") { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_IBAN', false)); return False; } if ($dbu->f("bank_iban") == "") { if ($dbu->f("bank_account_nr") == "") { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_BA_NUM', false)); return False; } if ($dbu->f("bank_sort_code") == "") { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_BANK_SORT', false)); return False; } if ($dbu->f("bank_name") == "") { $vmLogger->err($VM_LANG->_('PHPSHOP_CHECKOUT_ERR_NO_BANK_NAME', false)); return False; } } } else { $_SESSION['ccdata']['creditcard_code'] = ''; $_SESSION['ccdata']['order_payment_name'] = ""; $_SESSION['ccdata']['order_payment_number'] = ""; $_SESSION['ccdata']['order_payment_expire_month'] = ""; $_SESSION['ccdata']['order_payment_expire_year'] = ""; } // Enter additional Payment check procedures here if neccessary return True; }
/** * Returns all Bank payment in a Radiolist * * @param int $payment_method_id * @param boolean $horiz */ function list_bank($payment_method_id, $horiz) { $has_bank_methods = $this->list_payment_radio("B", $payment_method_id, $horiz); //A bit easier :-) if ($has_bank_methods) { require_once CLASSPATH . 'ps_user.php'; $dbu =& ps_user::getUserInfo($_SESSION['auth']['user_id'], array('bank_account_holder', 'bank_iban', 'bank_account_nr', 'bank_sort_code', 'bank_name')); if (!$dbu->f('bank_account_holder') || !$dbu->f('bank_account_nr') || !$dbu->f('bank_sort_code')) { echo '<br />'; require_once CLASSPATH . 'ps_userfield.php'; ps_userfield::listUserFields(ps_userfield::getUserfields('bank'), array(), $dbu); } } }