/**
* Return minimum quantity
*
* @return integer
*/
protected function getMinQuantity()
{
$minQuantity = $this->getProduct()->getMinQuantity($this->getCart()->getProfile() ? $this->getCart()->getProfile()->getMembership() : null);
$result = parent::getMinQuantity();
$minimumQuantity = $minQuantity ? $minQuantity : $result;
if (!$this->isCartPage()) {
$items = \XLite\Model\Cart::getInstance()->getItemsByProductId($this->getProduct()->getProductId());
$quantityInCart = $items ? \Includes\Utils\ArrayManager::sumObjectsArrayFieldValues($items, 'getAmount', true) : 0;
$result = $minimumQuantity > $quantityInCart ? $minimumQuantity - $quantityInCart : $result;
} else {
$result = $minimumQuantity;
}
return $result;
}
/**
* Get list of cart items containing current product
*
* @return array
*/
protected function getLockedItems()
{
return !$this->getDefaultAmount() ? \XLite\Model\Cart::getInstance()->getItemsByVariantId($this->getId()) : $this->getProduct()->getInventory()->getLockedItems();
}
/**
* Get list of cart items containing current product
*
* @return array
*/
protected function getLockedItems()
{
return $this->getProduct() ? \XLite\Model\Cart::getInstance()->getItemsByProductId($this->getProduct()->getProductId()) : array();
}
/**
* Perform 'SetExpressCheckout' request and get Token value from Paypal
*
* @param \XLite\Model\Payment\Method $method Payment method
*
* @return string
* @see https://developer.paypal.com/docs/classic/api/merchant/SetExpressCheckout_API_Operation_NVP/
*/
public function doSetExpressCheckout(\XLite\Model\Payment\Method $method)
{
$token = null;
if (!isset($this->transaction)) {
$this->transaction = new \XLite\Model\Payment\Transaction();
$this->transaction->setPaymentMethod($method);
$this->transaction->setOrder(\XLite\Model\Cart::getInstance());
}
$responseData = $this->doRequest('SetExpressCheckout');
if (!empty($responseData['TOKEN'])) {
$token = $responseData['TOKEN'];
} else {
$this->setDetail('status', isset($responseData['L_LONGMESSAGE0']) ? $responseData['L_LONGMESSAGE0'] : 'Unknown', 'Status');
$this->errorMessage = isset($responseData['L_LONGMESSAGE0']) ? $responseData['L_LONGMESSAGE0'] : null;
}
return $token;
}
/**
* Return cart instance
*
* @return \XLite\Model\Order
*/
public function getCart()
{
return \XLite\Model\Cart::getInstance();
}
/**
* Check if In-Context checkout available
*
* @return boolean
*/
public static function isInContextCheckoutAvailable()
{
static $result;
if (!isset($result)) {
// https://developer.paypal.com/docs/classic/express-checkout/in-context/#eligibility-review
$allowedCountries = array('US', 'GB', 'FR', 'DE', 'AU', 'CA', 'IT', 'ES', 'AT', 'BE', 'DK', 'NO', 'NL', 'PL', 'SE', 'CH', 'TR');
$allowedCurrencies = array('USD', 'EUR', 'GBP', 'CAD', 'AUD', 'DKK', 'NOK', 'PLN', 'SEK', 'CHF', 'TRY');
/** @var \XLite\Model\Cart $cart */
$cart = \XLite\Model\Cart::getInstance();
$currency = $cart->getCurrency()->getCode();
/** @var \XLite\Model\Address $billingAddress */
$billingAddress = $cart->getProfile() ? $cart->getProfile()->getBillingAddress() : null;
$customerCountry = $billingAddress ? $billingAddress->getCountryCode() : null;
$result = in_array($currency, $allowedCurrencies) && (!isset($customerCountry) || in_array($customerCountry, $allowedCountries));
}
return $result;
}
/**
* Logs in user to cart
*
* @param string $login User's login
* @param string $password User's password
* @param string $secureHash Secret token OPTIONAL
*
* @return \XLite\Model\Profile|integer
*/
public function login($login, $password, $secureHash = null)
{
$result = self::RESULT_ACCESS_DENIED;
// Check for the valid parameters
if (!empty($login) && !empty($password)) {
if (isset($secureHash) && !$this->checkSecureHash($secureHash)) {
// TODO - potential attack; send the email to admin
$this->doDie('Trying to log in using an invalid secure hash string.');
}
// Initialize order Id
$orderId = \XLite\Core\Request::getInstance()->anonymous ? \XLite\Model\Cart::getInstance()->getOrderId() : 0;
// Try to get user profile
$profile = \XLite\Core\Database::getRepo('XLite\\Model\\Profile')->findByLoginPassword($login, null, $orderId);
if (isset($profile) && !isset($secureHash) && !static::comparePassword($profile->getPassword(), $password)) {
$profile = null;
}
// Return profile object if it's ok
if (isset($profile) && $this->loginProfile($profile)) {
if (!isset($secureHash) && $password && $profile->getPasswordAlgo() != static::DEFAULT_HASH_ALGO) {
$profile->setPassword(static::encryptPassword($password));
}
$result = $profile;
$orderId = $orderId ?: \XLite\Core\Session::getInstance()->order_id;
$order = \XLite\Core\Database::getRepo('XLite\\Model\\Cart')->find($orderId);
if ($order) {
$order->renew();
}
}
}
// Invalidate cache
$this->resetProfileCache();
return $result;
}
/**
* Get init payment form data from XPayments
*
* @param \XLite\Model\Payment\Transaction $transaction Transaction
*
* @return array
*/
protected function getInitDataFromXpayments(\XLite\Model\Payment\Transaction $transaction)
{
$init = $this->requestPaymentInit($transaction, \XLite\Model\Cart::getInstance());
if ($init->isSuccess()) {
$response = $init->getResponse();
$data = array('xpcBackReference' => $response['xpcBackReference'], 'txnId' => $response['txnId'], 'fields' => $response['fields']);
$this->saveInitDataToSession($transaction, $data);
} else {
$data = null;
$this->setXpcInitError($transaction, $init->getError());
}
return $data;
}
/**
* Return cart instance
*
* @param null|boolean $doCalculate Flag: completely recalculate cart if true OPTIONAL
*
* @return \XLite\Model\Order
*/
public function getCart($doCalculate = null)
{
return \XLite\Model\Cart::getInstance(null !== $doCalculate ? $doCalculate : $this->markCartCalculate());
}
/**
* Logs in user to cart
*
* @param string $login User's login
* @param string $password User's password
* @param string $secureHash Secret token OPTIONAL
*
* @return \XLite\Model\Profile|integer
*/
public function login($login, $password, $secureHash = null)
{
$result = static::RESULT_ACCESS_DENIED;
if (!empty($login) && !empty($password)) {
list($profile, $result) = $this->checkLoginPassword($login, $password, $secureHash);
if ($result === static::RESULT_INVALID_SECURE_HASH) {
// TODO - potential attack; send the email to admin
$this->doDie('Trying to log in using an invalid secure hash string.');
}
if (isset($profile) && $result === static::RESULT_PASSWORD_NOT_EQUAL) {
$countOfLoginAttempts = \XLite\Core\Converter::time() < $profile->getDateOfLoginAttempt() + static::TIME_OF_LOCK_LOGIN ? $profile->getCountOfLoginAttempts() + 1 : 1;
$profile->setCountOfLoginAttempts($countOfLoginAttempts);
$profile->setDateOfLoginAttempt(\XLite\Core\Converter::time());
$profile->update();
if (\XLite::isAdminZone() && static::MAX_COUNT_OF_LOGIN_ATTEMPTS <= $profile->getCountOfLoginAttempts()) {
\XLite\Core\Session::getInstance()->dateOfLockLogin = \XLite\Core\Converter::time();
\XLite\Core\Mailer::sendFailedAdminLoginAdmin($profile->getLogin());
}
$profile = null;
}
if ($result === static::RESULT_LOGIN_IS_LOCKED) {
$profile = null;
}
// Check annonymous state - anonymous use cannot login
if ($result === static::RESULT_PROFILE_IS_ANONYMOUS) {
$profile = null;
}
// Initialize order Id
$orderId = \XLite\Core\Request::getInstance()->anonymous ? \XLite\Model\Cart::getInstance()->getOrderId() : 0;
// Return profile object if it's ok
if (isset($profile) && $this->loginProfile($profile)) {
// Rewrite password hash if current hash is obsolete
if (!isset($secureHash) && $password && $profile->getPasswordAlgo() != static::DEFAULT_HASH_ALGO) {
$profile->setPassword(static::encryptPassword($password));
}
$result = $profile;
// Renew order
$orderId = $orderId ?: \XLite\Core\Session::getInstance()->order_id;
$order = \XLite\Core\Database::getRepo('XLite\\Model\\Cart')->find($orderId);
if ($order) {
$order->renew();
}
}
}
// Invalidate cache
$this->resetProfileCache();
return $result;
}
/**
* testLogin
*
* @return void
* @access public
* @see ____func_see____
* @since 1.0.0
*/
public function testLogin()
{
// Test #1
$result = \XLite\Core\Auth::getInstance()->login(null, null, null);
$this->assertEquals(\XLite\Core\Auth::RESULT_ACCESS_DENIED, $result, 'Test #1');
// Test #2
$result = \XLite\Core\Auth::getInstance()->login(null, null, md5('testhashstring'));
$this->assertEquals(\XLite\Core\Auth::RESULT_ACCESS_DENIED, $result, 'Test #1');
// Test #3
$result = \XLite\Core\Auth::getInstance()->login('*****@*****.**', null);
$this->assertEquals(\XLite\Core\Auth::RESULT_ACCESS_DENIED, $result, 'Test #3');
// Test #4
$result = \XLite\Core\Auth::getInstance()->login(null, 'guest');
$this->assertEquals(\XLite\Core\Auth::RESULT_ACCESS_DENIED, $result, 'Test #4');
// Test #5
$result = \XLite\Core\Auth::getInstance()->login('*****@*****.**', 'guest');
$this->assertTrue($result instanceof \XLite\Model\Profile, 'Test #5');
$this->assertEquals(2, $result->getProfileId(), 'Test #5: checking profile_id');
// Test #6
$newProfile = $result->cloneEntity();
$newProfile->setLogin('*****@*****.**');
$newProfile->disable();
$newProfile->update();
$result = \XLite\Core\Auth::getInstance()->login('*****@*****.**', 'guest');
$this->assertEquals(\XLite\Core\Auth::RESULT_ACCESS_DENIED, $result, 'Test #6');
// Test #7
\XLite\Core\Request::getInstance()->anonymous = true;
\XLite\Model\Cart::getInstance()->setOrderId(2);
$result = \XLite\Core\Auth::getInstance()->login('*****@*****.**', 'guest');
\XLite\Core\Request::getInstance()->anonymous = null;
\XLite\Model\Cart::getInstance()->setOrderId(null);
$this->assertTrue($result instanceof \XLite\Model\Profile, 'Test #7');
$this->assertEquals(4, $result->getProfileId(), 'Test #7: checking profile_id');
// Test #8
$hashString = 'testHashString';
\XLite\Core\Auth::getInstance()->setSecureHash($hashString);
$profile = \XLite\Core\Database::getRepo('XLite\\Model\\Profile')->find(2);
// Same profile
$profile->setPassword('testpassword');
// Unencrypted password
if ($profile->getOrder()) {
$profile->getOrder()->setProfile(null);
}
\XLite\Core\Database::getEM()->flush();
$result = \XLite\Core\Auth::getInstance()->login('*****@*****.**', 'testpassword', $hashString);
// Login by email/hash
$this->assertTrue($result instanceof \XLite\Model\Profile, 'Test #8');
$this->assertEquals(2, $result->getProfileId(), 'Test #8: checking profile_id');
$profile->setPassword(self::$guest['password']);
\XLite\Core\Auth::getInstance()->setSecureHash('');
}
/**
* prepareCart
*
* @return void
* @access protected
* @see ____func_see____
* @since 1.0.0
*/
protected function prepareCart()
{
$cart = \XLite\Model\Cart::getInstance();
$cart->setItems(new \Doctrine\Common\Collections\ArrayCollection());
$item = new \XLite\Model\OrderItem();
$item->setProduct($this->getProductWithInventory());
$item->setAmount(self::CART_AMOUNT_WITH_INVENTORY);
$cart->addItem($item);
$item = new \XLite\Model\OrderItem();
$item->setProduct($this->getProductWithoutInventory());
$item->setAmount(self::CART_AMOUNT_WITHOUT_INVENTORY);
$cart->addItem($item);
}
/**
* Get array of parameters for SET_EXPRESS_CHECKOUT request
*
* @return array
*/
protected function getSetExpressCheckoutRequestParams()
{
$cart = \XLite\Model\Cart::getInstance();
$shippingModifier = $cart->getModifier(\XLite\Model\Base\Surcharge::TYPE_SHIPPING, 'SHIPPING');
if ($shippingModifier && $shippingModifier->canApply()) {
$noShipping = '0';
$freightAmt = $cart->getCurrency()->roundValue($cart->getSurchargeSumByType(\XLite\Model\Base\Surcharge::TYPE_SHIPPING));
} else {
$noShipping = '1';
$freightAmt = 0;
}
$postData = array('TRXTYPE' => $this->getSetting('transaction_type'), 'TENDER' => 'P', 'ACTION' => 'S', 'RETURNURL' => urldecode($this->getECReturnURL()), 'CANCELURL' => urldecode($this->getECReturnURL(true)), 'AMT' => $cart->getCurrency()->roundValue($cart->getTotal()), 'CURRENCY' => $cart->getCurrency()->getCode(), 'FREIGHTAMT' => $freightAmt, 'HANDLINGAMT' => 0, 'INSURANCEAMT' => 0, 'NOSHIPPING' => $noShipping, 'INVNUM' => $cart->getOrderId(), 'ALLOWNOTE' => 1, 'CUSTOM' => $cart->getOrderId());
$postData = $postData + $this->getLineItems($cart);
$type = \XLite\Core\Session::getInstance()->ec_type;
if (self::EC_TYPE_SHORTCUT == $type) {
$postData['REQCONFIRMSHIPPING'] = 0;
} elseif (self::EC_TYPE_MARK == $type) {
$postData += array('ADDROVERRIDE' => 1, 'PHONENUM' => $this->getProfile()->getBillingAddress()->getPhone(), 'EMAIL' => $this->getProfile()->getLogin());
if ('1' !== $noShipping) {
$postData += array('SHIPTONAME' => $this->getProfile()->getShippingAddress()->getFirstname() . $this->getProfile()->getShippingAddress()->getLastname(), 'SHIPTOSTREET' => $this->getProfile()->getShippingAddress()->getStreet(), 'SHIPTOSTREET2' => '', 'SHIPTOCITY' => $this->getProfile()->getShippingAddress()->getCity(), 'SHIPTOSTATE' => $this->getProfile()->getShippingAddress()->getState()->getCode(), 'SHIPTOZIP' => $this->getProfile()->getShippingAddress()->getZipcode(), 'SHIPTOCOUNTRY' => $this->getProfile()->getShippingAddress()->getCountry()->getCode());
}
}
return $postData;
}
