/**
* Fucntion changes company status. Allowed statuses are A(ctive) and D(isabled)
*
* @param int $company_id
* @param string $status_to A or D
* @param string $reason The reason of the change
* @param string $status_from Previous status
* @param boolean $skip_query By default false. Update query might be skipped if status is already changed.
* @return boolean True on success or false on failure
*/
function fn_companies_change_status($company_id, $status_to, $reason = '', &$status_from = '', $skip_query = false, $notify = true)
{
if (empty($status_from)) {
$status_from = db_get_field("SELECT status FROM ?:companies WHERE company_id = ?i", $company_id);
}
if (!in_array($status_to, array('A', 'P', 'D')) || $status_from == $status_to) {
return false;
}
$result = $skip_query ? true : db_query("UPDATE ?:companies SET status = ?s WHERE company_id = ?i", $status_to, $company_id);
if (!$result) {
return false;
}
$company_data = fn_get_company_data($company_id);
$account = $username = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
if (Registry::get('settings.Vendors.create_vendor_administrator_account') == 'Y') {
if (!empty($company_data['request_user_id'])) {
$password_change_timestamp = db_get_field("SELECT password_change_timestamp FROM ?:users WHERE user_id = ?i", $company_data['request_user_id']);
$_set = '';
if (empty($password_change_timestamp)) {
$_set = ", password_change_timestamp = 1 ";
}
db_query("UPDATE ?:users SET company_id = ?i, user_type = 'V'{$_set} WHERE user_id = ?i", $company_id, $company_data['request_user_id']);
$username = fn_get_user_name($company_data['request_user_id']);
$account = 'updated';
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $company_data['request_user_id']) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
} else {
$user_data = array();
if (!empty($company_data['request_account_name'])) {
$user_data['user_login'] = $company_data['request_account_name'];
} else {
$user_data['user_login'] = $company_data['email'];
}
$request_account_data = unserialize($company_data['request_account_data']);
$user_data['fields'] = $request_account_data['fields'];
$user_data['firstname'] = $user_data['b_firstname'] = $user_data['s_firstname'] = $request_account_data['admin_firstname'];
$user_data['lastname'] = $user_data['b_lastname'] = $user_data['s_lastname'] = $request_account_data['admin_lastname'];
$user_data['user_type'] = 'V';
$user_data['password1'] = fn_generate_password();
$user_data['password2'] = $user_data['password1'];
$user_data['status'] = 'A';
$user_data['company_id'] = $company_id;
$user_data['email'] = $company_data['email'];
$user_data['company'] = $company_data['company'];
$user_data['last_login'] = 0;
$user_data['lang_code'] = $company_data['lang_code'];
$user_data['password_change_timestamp'] = 0;
// Copy vendor admin billing and shipping addresses from the company's credentials
$user_data['b_address'] = $user_data['s_address'] = $company_data['address'];
$user_data['b_city'] = $user_data['s_city'] = $company_data['city'];
$user_data['b_country'] = $user_data['s_country'] = $company_data['country'];
$user_data['b_state'] = $user_data['s_state'] = $company_data['state'];
$user_data['b_zipcode'] = $user_data['s_zipcode'] = $company_data['zipcode'];
list($added_user_id, $null) = fn_update_user(0, $user_data, $null, false, false);
if ($added_user_id) {
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $added_user_id) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
$username = $user_data['user_login'];
$account = 'new';
}
}
}
}
if (empty($user_data)) {
$user_id = db_get_field("SELECT user_id FROM ?:users WHERE company_id = ?i AND is_root = 'Y' AND user_type = 'V'", $company_id);
$user_data = fn_get_user_info($user_id);
}
if ($notify && !empty($company_data['email'])) {
$e_username = '';
$e_account = '';
$e_password = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
$e_username = $username;
$e_account = $account;
if ($account == 'new') {
$e_password = $user_data['password1'];
}
}
$mail_template = fn_strtolower($status_from . '_' . $status_to);
Mailer::sendMail(array('to' => $company_data['email'], 'from' => 'default_company_support_department', 'data' => array('user_data' => $user_data, 'reason' => $reason, 'status' => __($status_to == 'A' ? 'active' : 'disabled'), 'e_username' => $e_username, 'e_account' => $e_account, 'e_password' => $e_password), 'company_id' => $company_id, 'tpl' => 'companies/status_' . $mail_template . '_notification.tpl'), 'A');
}
return $result;
}
function fn_ult_check_store_permission($params, &$redirect_controller)
{
$result = true;
$controller = Registry::get('runtime.controller');
$redirect_controller = $controller;
// FIXME: move in schema
switch ($controller) {
case 'products':
if (!empty($params['product_id'])) {
$key = 'product_id';
$key_id = $params[$key];
$table = 'products';
$object_name = fn_get_product_name($key_id, DESCR_SL);
$object_type = __('product');
$check_store_permission = array('func' => 'fn_ult_check_store_permission_product', 'args' => array('$table', '$key', '$key_id'));
}
break;
case 'categories':
if (!empty($params['category_id'])) {
$key = 'category_id';
$key_id = $params[$key];
$table = 'categories';
$object_name = fn_get_category_name($key_id, DESCR_SL);
$object_type = __('category');
}
break;
case 'orders':
if (!empty($params['order_id'])) {
$key = 'order_id';
$key_id = $params[$key];
$table = 'orders';
$object_name = '#' . $key_id;
$object_type = __('order');
}
break;
case 'shippings':
if (!empty($params['shipping_id'])) {
$key = 'shipping_id';
$key_id = $params[$key];
$table = 'shippings';
$object_name = fn_get_shipping_name($key_id, DESCR_SL);
$object_type = __('shipping');
}
break;
case 'promotions':
if (!empty($params['promotion_id'])) {
$key = 'promotion_id';
$key_id = $params[$key];
$table = 'promotions';
$object_name = fn_get_promotion_name($key_id, DESCR_SL);
$object_type = __('promotion');
}
break;
case 'pages':
if (!empty($params['page_id'])) {
$key = 'page_id';
$key_id = $params[$key];
$table = 'pages';
$object_name = fn_get_page_name($key_id, DESCR_SL);
$object_type = __('content');
}
break;
case 'profiles':
if (!empty($params['user_id'])) {
$key = 'user_id';
$key_id = $params[$key];
$table = 'users';
$object_name = fn_get_user_name($key_id, DESCR_SL);
$object_type = __('user');
$check_store_permission = array('func' => 'fn_ult_check_store_permission_profiles', 'args' => array('$params', '$table', '$key', '$key_id'));
}
break;
case 'settings':
if (!empty($params['section_id'])) {
$object_name = $params['section_id'];
$object_type = __('section');
$table = 'settings';
$check_store_permission = array('func' => 'fn_ult_check_store_permission_settings', 'args' => array('$object_name'));
}
break;
case 'shipments':
if (!empty($params['shipment_id'])) {
$key = 'shipment_id';
$key_id = $params[$key];
$table = 'shipments';
$object_name = '#' . $key_id;
$object_type = __('shipment');
$check_store_permission = array('func' => 'fn_ult_check_store_permission_shipments', 'args' => array('$key_id'));
}
break;
case 'static_data':
if (!empty($params['menu_id'])) {
$key = 'menu_id';
$key_id = $params[$key];
$table = 'menus';
$object_name = fn_get_menu_name($key_id);
$object_type = __('menu');
$redirect_controller = 'menus';
}
break;
case 'companies':
if (!empty($params['company_id'])) {
$key = 'company_id';
$key_id = $params[$key];
$table = 'companies';
$object_name = fn_get_company_name($key_id);
$object_type = __('company');
}
break;
}
fn_set_hook('ult_check_store_permission', $params, $object_type, $object_name, $table, $key, $key_id);
if (!empty($object_name)) {
if (!empty($check_store_permission)) {
$args = array();
foreach ($check_store_permission['args'] as $arg) {
if ($arg[0] == '$') {
$arg = ltrim($arg, "\$");
$args[] = ${$arg};
}
}
$result = call_user_func_array($check_store_permission['func'], $args);
} else {
$result = fn_check_company_id($table, $key, $key_id) || fn_check_shared_company_id($table, $key_id);
}
}
fn_set_hook('ult_check_store_permission_post', $params, $object_type, $object_name, $result);
if ($result == false) {
fn_set_notification('W', __('warning'), __('store_object_denied', array('[object_type]' => $object_type, '[object_name]' => fn_truncate_chars($object_name, 20))), '', 'store_object_denied');
}
return $result;
}
/**
* Fucntion changes company status. Allowed statuses are A(ctive) and D(isabled)
*
* @param int $company_id
* @param string $status_to A or D
* @param string $reason The reason of the change
* @param string $status_from Previous status
* @param boolean $skip_query By default false. Update query might be skipped if status is already changed.
* @return boolean True on success or false on failure
*/
function fn_change_company_status($company_id, $status_to, $reason = '', &$status_from = '', $skip_query = false, $notify = true)
{
/**
* Actions before change company status
*
* @param int $company_id Company ID
* @param string $status_to Status to letter
* @param string $reason Reason text
* @param string $status_from Status from letter
* @param bool $skip_query Skip query flag
* @param bool $notify Notify flag
*/
fn_set_hook('change_company_status_pre', $company_id, $status_to, $reason, $status_from, $skip_query, $notify);
if (empty($status_from)) {
$status_from = db_get_field("SELECT status FROM ?:companies WHERE company_id = ?i", $company_id);
}
if (!in_array($status_to, array('A', 'P', 'D')) || $status_from == $status_to) {
return false;
}
$result = $skip_query ? true : db_query("UPDATE ?:companies SET status = ?s WHERE company_id = ?i", $status_to, $company_id);
if (!$result) {
return false;
}
$company_data = fn_get_company_data($company_id);
$account = $username = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
if (Registry::get('settings.Vendors.create_vendor_administrator_account') == 'Y') {
if (!empty($company_data['request_user_id'])) {
$password_change_timestamp = db_get_field("SELECT password_change_timestamp FROM ?:users WHERE user_id = ?i", $company_data['request_user_id']);
$_set = '';
if (empty($password_change_timestamp)) {
$_set = ", password_change_timestamp = 1 ";
}
db_query("UPDATE ?:users SET company_id = ?i, user_type = 'V'{$_set} WHERE user_id = ?i", $company_id, $company_data['request_user_id']);
$username = fn_get_user_name($company_data['request_user_id']);
$account = 'updated';
$msg = __('new_administrator_account_created') . '<a href="' . fn_url('profiles.update?user_id=' . $company_data['request_user_id']) . '">' . __('you_can_edit_account_details') . '</a>';
fn_set_notification('N', __('notice'), $msg, 'K');
} else {
$_company_data = $company_data + unserialize($company_data['request_account_data']);
$_company_data['status'] = 'A';
if (!empty($_company_data['request_account_name'])) {
$_company_data['admin_username'] = $_company_data['request_account_name'];
}
$user_data = fn_create_company_admin($_company_data, $_company_data['fields'], false);
if (!empty($user_data['user_id'])) {
$username = $user_data['user_login'];
$account = 'new';
}
}
}
}
if (empty($user_data)) {
$user_id = db_get_field("SELECT user_id FROM ?:users WHERE company_id = ?i AND is_root = 'Y' AND user_type = 'V'", $company_id);
$user_data = fn_get_user_info($user_id);
}
/**
* Actions between change company status and send mail
*
* @param int $company_id Company ID
* @param string $status_to Status to letter
* @param string $reason Reason text
* @param string $status_from Status from letter
* @param bool $skip_query Skip query flag
* @param bool $notify Notify flag
* @param array $company_data Company data
* @param array $user_data User data
* @param bool $result Updated flag
*/
fn_set_hook('change_company_status_before_mail', $company_id, $status_to, $reason, $status_from, $skip_query, $notify, $company_data, $user_data, $result);
if ($notify && !empty($company_data['email'])) {
$e_username = '';
$e_account = '';
$e_password = '';
if ($status_from == 'N' && ($status_to == 'A' || $status_to == 'P')) {
$e_username = $username;
$e_account = $account;
if ($account == 'new') {
$e_password = $user_data['password1'];
}
}
$mail_template = fn_strtolower($status_from . '_' . $status_to);
Mailer::sendMail(array('to' => $company_data['email'], 'from' => 'default_company_support_department', 'data' => array('user_data' => $user_data, 'reason' => $reason, 'status' => __($status_to == 'A' ? 'active' : 'disabled'), 'e_username' => $e_username, 'e_account' => $e_account, 'e_password' => $e_password), 'company_id' => $company_id, 'tpl' => 'companies/status_' . $mail_template . '_notification.tpl'), 'A');
}
return $result;
}
<?php
/***************************************************************************
* *
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
use Tygh\Registry;
$viewed_categories = db_get_array('SELECT * FROM ?:advanced_addon_data');
if (!empty($viewed_categories)) {
foreach ($viewed_categories as $key => $category_data) {
$category_data['user_name'] = fn_get_user_name($category_data['user_id']);
$category_data['categories'] = unserialize($category_data['categories']);
$category_data['categories'] = fn_get_category_name(array_keys($category_data['categories']));
$viewed_categories[$key] = $category_data;
}
Registry::get('view')->assign('viewed_categories', $viewed_categories);
}
