/**
* Bind the post data to the JUser object and the VM tables, then saves it
* It is used to register new users
* This function can also change already registered users, this is important when a registered user changes his email within the checkout.
*
* @author Max Milbers
* @author Oscar van Eijk
* @return boolean True is the save was successful, false otherwise.
*/
public function store(&$data)
{
$message = '';
vRequest::vmCheckToken('Invalid Token, while trying to save user');
if (empty($data)) {
vmError('Developer notice, no data to store for user');
return false;
}
//To find out, if we have to register a new user, we take a look on the id of the usermodel object.
//The constructor sets automatically the right id.
$new = false;
if (empty($this->_id) or $this->_id < 1) {
$new = true;
$user = new JUser();
//thealmega http://forum.tsmart.net/index.php?topic=99755.msg393758#msg393758
} else {
$cUser = JFactory::getUser();
if (!vmAccess::manager('user.edit') and $cUser->id != $this->_id) {
vmWarn('Insufficient permission');
return false;
}
$user = JFactory::getUser($this->_id);
}
$gid = $user->get('gid');
// Save original gid
// Preformat and control user datas by plugin
JPluginHelper::importPlugin('vmuserfield');
$dispatcher = JDispatcher::getInstance();
$valid = true;
$dispatcher->trigger('plgVmOnBeforeUserfieldDataSave', array(&$valid, $this->_id, &$data, $user));
// $valid must be false if plugin detect an error
if (!$valid) {
return false;
}
// Before I used this "if($cart && !$new)"
// This construction is necessary, because this function is used to register a new JUser, so we need all the JUser data in $data.
// On the other hand this function is also used just for updating JUser data, like the email for the BT address. In this case the
// name, username, password and so on is already stored in the JUser and dont need to be entered again.
if (empty($data['email'])) {
$email = $user->get('email');
if (!empty($email)) {
$data['email'] = $email;
}
} else {
$data['email'] = vRequest::getEmail('email', '');
}
//$data['email'] = str_replace(array('\'','"',',','%','*','/','\\','?','^','`','{','}','|','~'),array(''),$data['email']);
//This is important, when a user changes his email address from the cart,
//that means using view user layout edit_address (which is called from the cart)
$user->set('email', $data['email']);
if (empty($data['name'])) {
$name = $user->get('name');
if (!empty($name)) {
$data['name'] = $name;
}
} else {
$data['name'] = vRequest::getWord('name', '');
}
$data['name'] = str_replace(array('\'', '"', ',', '%', '*', '/', '\\', '?', '^', '`', '{', '}', '|', '~'), array(''), $data['name']);
if (empty($data['username'])) {
$username = $user->get('username');
if (!empty($username)) {
$data['username'] = $username;
} else {
$data['username'] = vRequest::getWord('username', '');
}
}
if (empty($data['password'])) {
$data['password'] = vRequest::getCmd('password', '');
if ($data['password'] != vRequest::get('password')) {
vmError('Password contained invalid character combination.');
return false;
}
}
if (empty($data['password2'])) {
$data['password2'] = vRequest::getCmd('password2');
if ($data['password2'] != vRequest::get('password2')) {
vmError('Password2 contained invalid character combination.');
return false;
}
}
if (!$new and empty($data['password2'])) {
unset($data['password']);
unset($data['password2']);
}
if (!vmAccess::manager('core')) {
$whiteDataToBind = array();
if (isset($data['name'])) {
$whiteDataToBind['name'] = $data['name'];
}
if (isset($data['username'])) {
$whiteDataToBind['username'] = $data['username'];
}
if (isset($data['email'])) {
$whiteDataToBind['email'] = $data['email'];
}
if (isset($data['language'])) {
$whiteDataToBind['language'] = $data['language'];
}
if (isset($data['editor'])) {
$whiteDataToBind['editor'] = $data['editor'];
}
if (isset($data['password'])) {
$whiteDataToBind['password'] = $data['password'];
}
if (isset($data['password2'])) {
$whiteDataToBind['password2'] = $data['password2'];
}
unset($data['isRoot']);
} else {
$whiteDataToBind = $data;
}
// Bind Joomla userdata
if (!$user->bind($whiteDataToBind)) {
vmdebug('Couldnt bind data to joomla user');
//array('user'=>$user,'password'=>$data['password'],'message'=>$message,'newId'=>$newId,'success'=>false);
}
if ($new) {
// If user registration is not allowed, show 403 not authorized.
// But it is possible for admins and storeadmins to save
$usersConfig = JComponentHelper::getParams('com_users');
$cUser = JFactory::getUser();
if ($usersConfig->get('allowUserRegistration') == '0' and !vmAccess::manager('user')) {
tsmConfig::loadJLang('com_tsmart');
vmError(tsmText::_('com_tsmart_ACCESS_FORBIDDEN'));
return;
}
// Initialize new usertype setting
$newUsertype = $usersConfig->get('new_usertype');
if (!$newUsertype) {
$newUsertype = 2;
}
// Set some initial user values
$user->set('usertype', $newUsertype);
$user->groups[] = $newUsertype;
$date = JFactory::getDate();
$user->set('registerDate', $date->toSQL());
// If user activation is turned on, we need to set the activation information
$useractivation = $usersConfig->get('useractivation');
$doUserActivation = false;
if ($useractivation == '1' or $useractivation == '2') {
$doUserActivation = true;
}
if ($doUserActivation) {
jimport('joomla.user.helper');
$user->set('activation', vRequest::getHash(JUserHelper::genRandomPassword()));
$user->set('block', '1');
//$user->set('lastvisitDate', '0000-00-00 00:00:00');
}
}
$option = vRequest::getCmd('option');
// If an exising superadmin gets a new group, make sure enough admins are left...
if (!$new && $user->get('gid') != $gid && $gid == __SUPER_ADMIN_GID) {
if ($this->getSuperAdminCount() <= 1) {
vmError(tsmText::_('com_tsmart_USER_ERR_ONLYSUPERADMIN'));
return false;
}
}
if (isset($data['language'])) {
$user->setParam('language', $data['language']);
}
// Save the JUser object
if (!$user->save()) {
$msg = tsmText::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $user->getError());
vmError($msg, $msg);
return false;
} else {
$data['name'] = $user->get('name');
$data['username'] = $user->get('username');
$data['email'] = $user->get('email');
$data['language'] = $user->get('language');
$data['editor'] = $user->get('editor');
}
$newId = $user->get('id');
$data['tsmart_user_id'] = $newId;
//We need this in that case, because data is bound to table later
$this->setUserId($newId);
//Save the VM user stuff
if (!$this->saveUserData($data) || !self::storeAddress($data)) {
vmError('com_tsmart_NOT_ABLE_TO_SAVE_USER_DATA');
// vmError(vmText::_('com_tsmart_NOT_ABLE_TO_SAVE_USERINFO_DATA'));
} else {
if ($new) {
$user->userInfo = $data;
$password = '';
if ($usersConfig->get('sendpassword', 1)) {
$password = $user->password_clear;
}
$this->sendRegistrationEmail($user, $password, $doUserActivation);
if ($doUserActivation) {
vmInfo('com_tsmart_REG_COMPLETE_ACTIVATE');
} else {
vmInfo('com_tsmart_REG_COMPLETE');
$user->set('activation', '');
$user->set('block', '0');
$user->set('guest', '0');
}
} else {
vmInfo('com_tsmart_USER_DATA_STORED');
}
}
//The extra check for isset vendor_name prevents storing of the vendor if there is no form (edit address cart)
if ((int) $data['user_is_vendor'] == 1 and isset($data['vendor_currency'])) {
vmdebug('vendor recognised ' . $data['tsmart_vendor_id']);
if ($this->storeVendorData($data)) {
if ($new) {
if ($doUserActivation) {
vmInfo('com_tsmart_REG_VENDOR_COMPLETE_ACTIVATE');
} else {
vmInfo('com_tsmart_REG_VENDOR_COMPLETE');
}
} else {
vmInfo('com_tsmart_VENDOR_DATA_STORED');
}
}
}
return array('user' => $user, 'password' => $data['password'], 'message' => $message, 'newId' => $newId, 'success' => true);
}
private static function _checkCreateKeyFile($date)
{
jimport('joomla.filesystem.file');
vmSetStartTime('check');
static $existingKeys = false;
$keyPath = self::_getEncryptSafepath();
if (!$existingKeys) {
$dir = opendir($keyPath);
if (is_resource($dir)) {
$existingKeys = array();
while (false !== ($file = readdir($dir))) {
if ($file != '.' && $file != '..') {
if (!is_dir($keyPath . DS . $file)) {
$ext = Jfile::getExt($file);
if ($ext == 'ini' and file_exists($keyPath . DS . $file)) {
$content = parse_ini_file($keyPath . DS . $file);
if ($content and is_array($content) and isset($content['unixtime'])) {
$key = $content['unixtime'];
unset($content['unixtime']);
$existingKeys[$key] = $content;
//vmdebug('Reading '.$keyPath .DS. $file,$content);
}
} else {
vmdebug('Resource says there is file, but does not exists? ' . $keyPath . DS . $file);
}
} else {
//vmdebug('Directory in they keyfolder? '.$keyPath .DS. $file);
}
} else {
//vmdebug('Directory in the keyfolder '.$keyPath .DS. $file);
}
}
} else {
static $warn = false;
if (!$warn) {
vmWarn('Key folder in safepath unaccessible ' . $keyPath);
}
$warn = true;
}
}
if ($existingKeys and is_array($existingKeys) and count($existingKeys) > 0) {
ksort($existingKeys);
if (!empty($date)) {
$key = '';
foreach ($existingKeys as $unixDate => $values) {
if ($unixDate - 30 >= $date) {
vmdebug('$unixDate ' . $unixDate . ' >= $date ' . $date);
continue;
}
vmdebug('$unixDate < $date');
//$usedKey = $values;
$key = $values['key'];
}
vmdebug('Use key file ', $key);
//include($keyPath .DS. $usedKey.'.php');
} else {
$usedKey = end($existingKeys);
$key = $usedKey['key'];
}
vmTime('my time', 'check');
return $key;
} else {
$usedKey = date("ymd");
$filename = $keyPath . DS . $usedKey . '.ini';
if (!JFile::exists($filename)) {
$token = vRequest::getHash(JUserHelper::genRandomPassword());
$salt = JUserHelper::getSalt('crypt-md5');
$hashedToken = md5($token . $salt);
$key = base64_encode($hashedToken);
$date = JFactory::getDate();
$today = $date->toUnix();
//$key = pack('H*',$key);
$content = ';<?php die(); */
[keys]
key = "' . $key . '"
unixtime = "' . $today . '"
date = "' . date("Y-m-d H:i:s") . '"
; */ ?>';
$result = JFile::write($filename, $content);
vmTime('my time', 'check');
return $key;
}
}
vmTime('my time', 'check');
//return pack('H*',$key);
}
function emptyCartFromStorageSession($session_id, $order_number)
{
$conf = JFactory::getConfig();
$handler = $conf->get('session_handler', 'none');
$config['session_name'] = 'site';
$name = vRequest::getHash($config['session_name']);
$options['name'] = $name;
$sessionStorage = JSessionStorage::getInstance($handler, $options);
$delete = false;
// we remove the session for unsecure unserialized PHP version
$phpVersion = phpversion();
if (version_compare($phpVersion, '5.4.0') >= 0) {
if (version_compare($phpVersion, '5.4.38') == -1) {
$delete = true;
} else {
if (version_compare($phpVersion, '5.5.0') >= 0) {
if (version_compare($phpVersion, '5.5.22') == -1) {
$delete = true;
} else {
if (version_compare($phpVersion, '5.6.0') >= 0) {
if (version_compare($phpVersion, '5.6.6') == -1) {
$delete = true;
}
}
}
}
}
}
// The session store MUST be registered.
$sessionStorage->register();
if ($delete) {
$sessionStorage->write($session_id, NULL);
return;
}
// reads directly the session from the storage
$sessionStored = $sessionStorage->read($session_id);
if (empty($sessionStored)) {
return;
}
$sessionStorageDecoded = self::session_decode($sessionStored);
$vm_namespace = '__vm';
$cart_name = 'vmcart';
if (isset($sessionStorageDecoded[$vm_namespace])) {
// vm session is there
$vm_sessionStorage = $sessionStorageDecoded[$vm_namespace];
if (isset($vm_sessionStorage[$cart_name])) {
// vm cart session is there
unset($sessionStorageDecoded[$vm_namespace][$cart_name]);
//$sessionStorageDecoded[$vm_namespace][$cart_name] = json_encode ($cart);
$sessionStorageEncoded = self::session_encode($sessionStorageDecoded);
$sessionStorage->write($session_id, $sessionStorageEncoded);
//}
}
}
}
function emptyCartFromStorageSession($session_id, $order_number)
{
$conf = JFactory::getConfig();
$handler = $conf->get('session_handler', 'none');
$config['session_name'] = 'site';
$name = vRequest::getHash($config['session_name']);
$options['name'] = $name;
$sessionStorage = JSessionStorage::getInstance($handler, $options);
// The session store MUST be registered.
$sessionStorage->register();
// reads directly the session from the storage
$sessionStored = $sessionStorage->read($session_id);
if (empty($sessionStored)) {
return;
}
$sessionStorageDecoded = self::session_decode($sessionStored);
$vm_namespace = '__vm';
$cart_name = 'vmcart';
if (isset($sessionStorageDecoded[$vm_namespace])) {
// vm session is there
$vm_sessionStorage = $sessionStorageDecoded[$vm_namespace];
if (isset($vm_sessionStorage[$cart_name])) {
// vm cart session is there
unset($sessionStorageDecoded[$vm_namespace][$cart_name]);
//$sessionStorageDecoded[$vm_namespace][$cart_name] = json_encode ($cart);
$sessionStorageEncoded = self::session_encode($sessionStorageDecoded);
$sessionStorage->write($session_id, $sessionStorageEncoded);
//}
}
}
}
