* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: pages.php 10229 2010-07-27 14:21:39Z 2tl $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_REQUEST['name1'])) {
$subj = "Вопрос с контактов";
$body = "Имя: " . $_REQUEST['name1'] . "<br /> Почта: " . $_REQUEST['e-mail1'] . "<br /> Телефон: " . $_REQUEST['telephon1'] . "<br /> Сообщение: " . $_REQUEST['message1'] . "<br />";
Registry::get('view_mail')->assign('body', $body);
Registry::get('view_mail')->assign('subj', $subj);
fn_send_mail("*****@*****.**", Registry::get('settings.Company.company_orders_department'), 'addons/news_and_emails/newsletter_subj.tpl', 'addons/news_and_emails/newsletter_body.tpl');
$view->assign('sent', 'Y');
}
return array(CONTROLLER_STATUS_OK, "pages.view?page_id={$_REQUEST['page_id']}");
}
//
// View page details
//
if ($mode == 'view') {
$_REQUEST['page_id'] = empty($_REQUEST['page_id']) ? 0 : $_REQUEST['page_id'];
$preview = $auth['area'] == 'A' && !empty($_REQUEST['action']) && $_REQUEST['action'] == 'preview' ? true : false;
$page = fn_get_page_data($_REQUEST['page_id'], CART_LANGUAGE, $preview);
if (empty($page) || $page['status'] == 'D' && !$preview) {
return array(CONTROLLER_STATUS_NO_PAGE);
}
if (!empty($page['meta_description']) || !empty($page['meta_keywords'])) {
}
$order_info = fn_get_order_info($_REQUEST['order_id']);
fn_order_notification($order_info, array(), fn_get_notification_rules($_REQUEST));
if (!empty($_REQUEST['prolongate_data']) && is_array($_REQUEST['prolongate_data'])) {
foreach ($_REQUEST['prolongate_data'] as $ekey => $v) {
$newttl = fn_parse_date($v, true);
db_query('UPDATE ?:product_file_ekeys SET ?u WHERE ekey = ?s', array('ttl' => $newttl), $ekey);
}
}
if (!empty($_REQUEST['activate_files'])) {
$edp_data = fn_generate_ekeys_for_edp(array(), $order_info, $_REQUEST['activate_files']);
}
if (!empty($edp_data)) {
$view_mail->assign('order_info', $order_info);
$view_mail->assign('edp_data', $edp_data);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_orders_department'), 'orders/edp_access_subj.tpl', 'orders/edp_access.tpl', '', $order_info['lang_code']);
}
// Update file downloads section
if (!empty($_REQUEST['edp_downloads'])) {
foreach ($_REQUEST['edp_downloads'] as $ekey => $v) {
foreach ($v as $file_id => $downloads) {
$max_downloads = db_get_field("SELECT max_downloads FROM ?:product_files WHERE file_id = ?i", $file_id);
if (!empty($max_downloads)) {
db_query('UPDATE ?:product_file_ekeys SET ?u WHERE ekey = ?s', array('downloads' => $max_downloads - $downloads), $ekey);
}
}
}
}
$suffix = ".details?order_id={$_REQUEST['order_id']}";
}
if ($mode == 'bulk_print' && !empty($_REQUEST['order_ids'])) {
/**
* Send order notification
*
* @param array $order_info order information
* @param array $edp_data information about downloadable products
* @param mixed $force_notification user notification flag (true/false), if not set, will be retrieved from status parameters
* @return array structured data
*/
function fn_order_notification(&$order_info, $edp_data = array(), $force_notification = array())
{
static $notified = array();
if (!empty($notified[$order_info['order_id']][$order_info['status']]) && $notified[$order_info['order_id']][$order_info['status']] || $order_info['status'] == STATUS_INCOMPLETED_ORDER || $order_info['status'] == STATUS_PARENT_ORDER) {
return true;
}
if (!is_array($force_notification)) {
$force_notification = fn_get_notification_rules($force_notification, !$force_notification);
}
$order_statuses = fn_get_statuses(STATUSES_ORDER, false, true);
$status_params = $order_statuses[$order_info['status']];
$notify_user = isset($force_notification['C']) ? $force_notification['C'] : (!empty($status_params['notify']) && $status_params['notify'] == 'Y' ? true : false);
$notify_department = isset($force_notification['A']) ? $force_notification['A'] : (!empty($status_params['notify_department']) && $status_params['notify_department'] == 'Y' ? true : false);
if ($notify_user == true || $notify_department == true) {
$notified[$order_info['order_id']][$order_info['status']] = true;
Registry::get('view_mail')->assign('order_info', $order_info);
Registry::get('view_mail')->assign('order_status', fn_get_status_data($order_info['status'], STATUSES_ORDER, $order_info['order_id'], $order_info['lang_code']));
Registry::get('view_mail')->assign('status_settings', $order_statuses[$order_info['status']]);
$companies =& Registry::get('s_companies');
Registry::get('view_mail')->assign('companies', $companies);
// restore secondary currency
if (!empty($order_info['secondary_currency']) && Registry::get("currencies.{$order_info['secondary_currency']}")) {
Registry::get('view_mail')->assign('secondary_currency', $order_info['secondary_currency']);
}
$company_id = $order_info['company_id'];
$old_mail_manifest = Registry::get('view_mail')->get_var('manifest');
// Notify customer
if ($notify_user == true) {
$manifest = fn_get_manifest('customer', $order_info['lang_code'], $company_id);
Registry::get('view_mail')->assign('manifest', $manifest);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_newsletter_email'), 'orders/order_notification_subj.tpl', 'orders/order_notification.tpl', '', $order_info['lang_code']);
// fn_send_mail('*****@*****.**', Registry::get('settings.Company.company_orders_department'), 'orders/order_notification_subj.tpl', 'orders/order_notification.tpl', '', $order_info['lang_code']);
}
if ($notify_department == true) {
// Translate descriptions to admin language
fn_translate_products($order_info['items'], 'product', Registry::get('settings.Appearance.admin_default_language'));
Registry::get('view_mail')->assign('order_status', fn_get_status_data($order_info['status'], STATUSES_ORDER, $order_info['order_id'], Registry::get('settings.Appearance.admin_default_language')));
$company_email = !empty($companies[$company_id]['email']) ? $companies[$company_id]['email'] : Registry::get('settings.Company.company_orders_department');
$lang_code = Registry::get('settings.Appearance.admin_default_language');
$manifest = fn_get_manifest('customer', $lang_code, $company_id);
Registry::get('view_mail')->assign('manifest', $manifest);
fn_send_mail($company_email, Registry::get('settings.Company.company_orders_department'), 'orders/order_notification_subj.tpl', 'orders/order_notification.tpl', '', $lang_code, $order_info['email']);
if (Registry::get('settings.Suppliers.notify_order_department') == 'Y') {
Registry::get('view_mail')->assign('manifest', $old_mail_manifest);
fn_send_mail(Registry::get('settings.Company.company_orders_department'), Registry::get('settings.Company.company_orders_department'), 'orders/order_notification_subj.tpl', 'orders/order_notification.tpl', '', $lang_code, $order_info['email']);
}
}
Registry::get('view_mail')->assign('manifest', $old_mail_manifest);
if (!empty($edp_data) && $notify_user == true) {
Registry::get('view_mail')->assign('edp_data', $edp_data);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_orders_department'), 'orders/edp_access_subj.tpl', 'orders/edp_access.tpl', '', $order_info['lang_code']);
}
}
if (!empty($edp_data) && !$notify_user) {
// Send out download links for EDP with "Immediately" Activation mode
// TRUE if the EDP download links e-mail has already been sent. Used to avoid sending duplicate e-mails.
$download_email_sent = false;
foreach ($edp_data as $edp_item) {
foreach ($edp_item['files'] as $file) {
if (!empty($file['activation']) && $file['activation'] == 'I' && !$download_email_sent) {
Registry::get('view_mail')->assign('edp_data', $edp_data);
Registry::get('view_mail')->assign('order_info', $order_info);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_orders_department'), 'orders/edp_access_subj.tpl', 'orders/edp_access.tpl', '', $order_info['lang_code']);
$download_email_sent = true;
break;
}
}
}
}
if (PRODUCT_TYPE == 'PROFESSIONAL') {
fn_companies_suppliers_order_notification($order_info, $order_statuses, $force_notification);
}
fn_set_hook('order_notification', $order_info, $order_statuses, $force_notification);
}
$redirect_url = "checkout.checkout";
}
}
}
//
// Recover password mode
//
if ($mode == 'recover_password') {
if (!empty($_REQUEST['user_email'])) {
$u_data = db_get_row("SELECT ?:users.user_id, ?:users.email, ?:users.lang_code, ?:users.user_type FROM ?:users WHERE email = ?s", $_REQUEST['user_email']);
if (!empty($u_data['email'])) {
$_data = array('object_id' => $u_data['user_id'], 'object_type' => 'U', 'ekey' => md5(uniqid(rand())), 'ttl' => strtotime("+1 day"));
db_query("REPLACE INTO ?:ekeys ?e", $_data);
$view_mail->assign('index_script', $u_data['user_type'] == 'A' ? Registry::get('config.admin_index') : Registry::get('config.customer_index'));
$view_mail->assign('ekey', $_data['ekey']);
fn_send_mail($u_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/recover_password_subj.tpl', 'profiles/recover_password.tpl', '', $u_data['lang_code']);
fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_password_recovery_instructions_sent'));
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_login_not_exists'));
$redirect_url = "auth.recover_password";
}
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_login_not_exists'));
$redirect_url = "auth.recover_password";
}
}
return array(CONTROLLER_STATUS_OK, !empty($redirect_url) ? $redirect_url : $index_script);
}
//
// Perform user log out
//
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/profile_activated_subj.tpl', 'profiles/profile_activated.tpl', '', $_REQUEST['id'] != 1 ? $user_data['lang_code'] : CART_LANGUAGE);
}
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_status_not_changed'));
$ajax->assign('return_status', $user_data['status']);
}
}
exit;
} elseif ($mode == 'password_reminder') {
$cron_password = Registry::get('settings.Security.cron_password');
if ((!isset($_REQUEST['cron_password']) || $cron_password != $_REQUEST['cron_password']) && !empty($cron_password)) {
die(fn_get_lang_var('access_denied'));
}
$expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
if ($expire) {
// Get available admins
$recepients = db_get_array("SELECT user_id FROM ?:users WHERE user_type = 'A' AND status = 'A' AND (UNIX_TIMESTAMP() - password_change_timestamp) >= ?i", $expire);
if (!empty($recepients)) {
foreach ($recepients as $v) {
$_user_data = fn_get_user_info($v['user_id'], true);
$days = round((TIME - $_user_data['password_change_timestamp']) / SECONDS_IN_DAY);
Registry::get('view_mail')->assign('days', $days);
Registry::get('view_mail')->assign('user_data', $_user_data);
Registry::get('view_mail')->assign('link', fn_url('auth.password_change', 'A', Registry::get('settings.General.secure_admin') == "Y" ? 'https' : 'http', '&'));
fn_send_mail($_user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/reminder_subj.tpl', 'profiles/reminder.tpl', '', $_user_data['lang_code']);
}
}
fn_echo(str_replace('[count]', count($recepients), fn_get_lang_var('administrators_notified')));
}
exit;
}
//
// $Id: send_to_friend.php 10229 2010-07-27 14:21:39Z 2tl $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($mode == 'send') {
if (Registry::get('settings.Image_verification.use_for_send_to_friend') == 'Y' && fn_image_verification('send_to_friend', empty($_REQUEST['verification_answer']) ? '' : $_REQUEST['verification_answer']) == false) {
fn_save_post_data();
// return array(CONTROLLER_STATUS_REDIRECT);
}
if (!empty($_REQUEST['send_data']['to_email'])) {
$view_mail->assign('send_data', $_REQUEST['send_data']);
$lnk = fn_query_remove($_REQUEST['redirect_url'], 'selected_section');
$http_path = Registry::get('config.http_path');
if (!empty($http_path) && strpos($lnk, $http_path) !== false) {
$lnk = str_replace(Registry::get('config.http_path'), '', $lnk);
} else {
$lnk = '/' . ltrim($lnk, '/');
}
$view_mail->assign('link', Registry::get('config.http_location') . $lnk);
if (fn_send_mail($_REQUEST['send_data']['to_email'], array('email' => $_REQUEST['send_data']['from_email'], 'name' => $_REQUEST['send_data']['from_name']), 'addons/send_to_friend/mail_subj.tpl', 'addons/send_to_friend/mail.tpl', '', CART_LANGUAGE)) {
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('text_email_sent'));
}
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_no_recipient_address'));
}
return array(CONTROLLER_STATUS_REDIRECT);
}
}
$amount = $order_info['items'][$key]['amount'] - $order_info['items'][$key]['shipped_amount'];
}
$order_info['items'][$key]['amount'] = $amount;
}
if ($amount == 0) {
continue;
}
$_data = array('item_id' => $key, 'shipment_id' => $shipment_id, 'order_id' => $_REQUEST['shipment_data']['order_id'], 'product_id' => $order_info['items'][$key]['product_id'], 'amount' => $amount);
db_query("INSERT INTO ?:shipment_items ?e", $_data);
}
$force_notification = fn_get_notification_rules($_REQUEST);
if (!empty($force_notification['C'])) {
$shipment = array('shipment_id' => $shipment_id, 'timestamp' => $shipment_data['timestamp'], 'shipping' => db_get_field('SELECT shipping FROM ?:shipping_descriptions WHERE shipping_id = ?i', $shipment_data['shipping_id']), 'tracking_number' => $shipment_data['tracking_number'], 'carrier' => $shipment_data['carrier'], 'comments' => $shipment_data['comments'], 'items' => $_REQUEST['shipment_data']['products']);
$view_mail->assign('shipment', $shipment);
$view_mail->assign('order_info', $order_info);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_orders_department'), 'shipments/shipment_products_subj.tpl', 'shipments/shipment_products.tpl', '', $order_info['lang_code']);
}
if (!empty($shipment_data['order_status'])) {
fn_change_order_status($_REQUEST['shipment_data']['order_id'], $shipment_data['order_status']);
}
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('shipment_has_been_created'));
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('products_for_shipment_not_selected'));
}
$suffix = '.details?order_id=' . $_REQUEST['shipment_data']['order_id'];
} elseif ($mode == 'packing_slip' && !empty($_REQUEST['shipment_ids'])) {
$html = array();
$params = $_REQUEST;
foreach ($params['shipment_ids'] as $k => $v) {
list($shipment, $order_info) = fn_get_packing_info($v);
$view_mail->assign('order_info', $order_info);
function fn_gift_certificate_notification(&$gift_cert_data, $force_notification = array())
{
static $notified = array();
if (!empty($notified[$gift_cert_data['gift_cert_id']])) {
return true;
}
$status_params = fn_get_status_params($gift_cert_data['status'], STATUSES_GIFT_CERTIFICATE);
$notify_user = isset($force_notification['C']) ? $force_notification['C'] : (!empty($status_params['notify']) && $status_params['notify'] == 'Y' ? true : false);
if ($notify_user == true && $gift_cert_data['email'] && $gift_cert_data['send_via'] == 'E') {
$notified[$gift_cert_data['gift_cert_id']] = true;
$templates = fn_get_gift_certificate_templates();
$gift_cert_data['template'] = isset($templates[$gift_cert_data['template']]) ? $gift_cert_data['template'] : key($templates);
Registry::get('view_mail')->assign('gift_cert_data', $gift_cert_data);
Registry::get('view_mail')->assign('certificate_status', fn_get_status_data($gift_cert_data['status'], STATUSES_GIFT_CERTIFICATE, $gift_cert_data['gift_cert_id']));
fn_send_mail($gift_cert_data['email'], Registry::get('settings.Company.company_orders_department'), 'addons/gift_certificates/gift_certificate_subj.tpl', 'addons/gift_certificates/gift_certificate.tpl');
return true;
}
return false;
}
} else {
$uid = $auth['user_id'];
}
return array(CONTROLLER_STATUS_OK, "profiles.update?user_id={$uid}&profile_id={$_REQUEST['profile_id']}");
}
}
exit;
} elseif ($mode == 'request_usergroup') {
if (AREA == 'A' && fn_is_restricted_admin($_REQUEST) == true) {
return array(CONTROLLER_STATUS_DENIED);
}
$uid = $auth['user_id'];
if (!empty($uid)) {
$_data = array('user_id' => $uid, 'usergroup_id' => $_REQUEST['usergroup_id']);
if ($_REQUEST['status'] == 'A' || $_REQUEST['status'] == 'P') {
$_data['status'] = 'F';
} elseif ($_REQUEST['status'] == 'F' || $_REQUEST['status'] == 'D') {
$_data['status'] = 'P';
$usergroup_request = true;
}
db_query("REPLACE INTO ?:usergroup_links SET ?u", $_data);
if (!empty($usergroup_request)) {
$user_data = fn_get_user_info($uid);
Registry::get('view_mail')->assign('user_data', $user_data);
Registry::get('view_mail')->assign('usergroups', fn_get_usergroups('F', Registry::get('settings.Appearance.admin_default_language')));
Registry::get('view_mail')->assign('usergroup_id', $_REQUEST['usergroup_id']);
fn_send_mail(Registry::get('settings.Company.company_users_department'), Registry::get('settings.Company.company_users_department'), 'profiles/usergroup_request_subj.tpl', 'profiles/usergroup_request.tpl', '', Registry::get('settings.Appearance.admin_default_language'), $user_data['email']);
}
}
return array(CONTROLLER_STATUS_OK, "profiles.update");
}
$new_processor_param = $processor_params;
$new_processor_param = array_merge($old_processor_param, $new_processor_param);
$new_processor_data = serialize($new_processor_param);
db_query("UPDATE ?:payments SET params = ?s WHERE payment_id = ?i", $new_processor_data, $_REQUEST['payment_id']);
$ajax->assign("customer_id_{$_REQUEST['payment_id']}", $processor_params['customer_id']);
}
}
if ($mode == 'activate') {
if (!empty($_REQUEST['payment_id']) && !empty($_REQUEST['email']) && !empty($_REQUEST['cust_id']) && !empty($_REQUEST['platform']) && !empty($_REQUEST['merchant_firstname']) && !empty($_REQUEST['merchant_lastname'])) {
$moneybookers_email = '*****@*****.**';
Registry::get('view_mail')->assign('mb_firstname', $_REQUEST['merchant_firstname']);
Registry::get('view_mail')->assign('mb_lastname', $_REQUEST['merchant_lastname']);
Registry::get('view_mail')->assign('platform', $_REQUEST['platform']);
Registry::get('view_mail')->assign('email', $_REQUEST['email']);
Registry::get('view_mail')->assign('cust_id', $_REQUEST['cust_id']);
fn_send_mail($moneybookers_email, $_REQUEST['email'], 'payments/cc_processors/activate_moneybookers_subj.tpl', 'payments/cc_processors/activate_moneybookers.tpl', '', Registry::get('settings.Appearance.admin_default_language'));
fn_set_notification('N', fn_get_lang_var('notice'), str_replace('[date]', date('m.d.Y'), fn_get_lang_var('text_moneybookers_activate_quick_checkout_short_explanation_1')));
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('text_moneybookers_empty_input_data'));
}
}
if ($mode == 'validate_secret_word') {
if (!empty($_REQUEST['email']) && !empty($_REQUEST['payment_id']) && !empty($_REQUEST['cust_id']) && !empty($_REQUEST['secret'])) {
$processor_params['pay_to_email'] = $_REQUEST['email'];
$get_data = array();
$get_data['email'] = $_REQUEST['email'];
$get_data['cust_id'] = $master_account_cust_id;
$get_data['secret'] = md5(md5($_REQUEST['secret']) . md5($master_account_secret_word));
list($headers, $result) = fn_https_request("GET", "https://www.moneybookers.com/app/secret_word_check.pl?email={$get_data['email']}&secret={$get_data['secret']}&cust_id={$get_data['cust_id']}");
$result_array = explode(',', $result);
if ($result_array[0] == 'OK') {
// If track by email
if (strpos($_REQUEST['track_data'], '@') !== false) {
$email = db_get_field("SELECT email FROM ?:orders WHERE email = ?s ORDER BY timestamp LIMIT 1", $_REQUEST['track_data']);
// Assume that this is order number
} else {
$email = db_get_field("SELECT email FROM ?:orders WHERE order_id = ?i", $_REQUEST['track_data']);
$o_id = $_REQUEST['track_data'];
}
}
if (!empty($email)) {
// Create access key
$ekey_data = array('object_string' => $email, 'object_type' => 'T', 'ekey' => md5(uniqid(rand())), 'ttl' => strtotime("+1 hour"));
db_query("REPLACE INTO ?:ekeys ?e", $ekey_data);
$view_mail->assign('access_key', $ekey_data['ekey']);
$view_mail->assign('o_id', $o_id);
$result = fn_send_mail($email, Registry::get('settings.Company.company_orders_department'), 'orders/track_subj.tpl', 'orders/track.tpl');
if ($result) {
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('text_track_instructions_sent'));
}
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('warning_track_orders_not_found'));
}
}
exit;
//
// Show order details
//
} elseif ($mode == 'details') {
fn_add_breadcrumb(fn_get_lang_var('order_info'));
$order_info = fn_get_order_info($_REQUEST['order_id']);
if ($order_info['is_parent_order'] == 'Y') {
/**
* Add/update user
*
* @param int $user_id - user ID to update (empty for new user)
* @param array $user_data - user data
* @param array $auth - authentication information
* @param bool $ship_to_another - flag indicates that shipping and billing fields are different
* @param bool $notify_customer - flag indicates that customer should be notified
* @param bool $send_password - TRUE if the password should be included into the e-mail
* @return array with user ID and profile ID if success, false otherwise
*/
function fn_update_user($user_id, $user_data, &$auth, $ship_to_another, $notify_customer, $send_password = false)
{
if (!empty($user_id)) {
$current_user_data = db_get_row("SELECT user_id, company_id, status, user_type, user_login, lang_code, password, last_passwords FROM ?:users WHERE user_id = ?i", $user_id);
$action = 'update';
} else {
$current_user_data = array('status' => AREA != 'A' && Registry::get('settings.General.approve_user_profiles') == 'Y' ? 'D' : (!empty($user_data['status']) ? $user_data['status'] : 'A'), 'user_type' => 'C');
$action = 'add';
$user_data['lang_code'] = !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE;
$user_data['timestamp'] = TIME;
}
$original_password = '';
$current_user_data['password'] = !empty($current_user_data['password']) ? $current_user_data['password'] : '';
// Set the user type
$user_data['user_type'] = fn_check_user_type($user_data, $current_user_data);
if (defined('COMPANY_ID') && ($user_data['user_type'] != 'A' || isset($current_user_data['company_id']) && $current_user_data['company_id'] != COMPANY_ID)) {
fn_save_post_data();
fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied'));
return false;
}
// Check if this user needs login/password
if (fn_user_need_login($user_data['user_type'])) {
// Check if user_login already exists
$is_exist = db_get_field("SELECT user_id FROM ?:users WHERE (email = ?s ?p) AND user_id != ?i", $user_data['email'], empty($user_data['user_login']) ? '' : db_quote(" OR user_login = ?s", $user_data['user_login']), $user_id);
if ($is_exist) {
fn_save_post_data();
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_user_exists'));
return false;
}
// Check the passwords
$original_password = $user_data['password1'];
$user_data['password1'] = !empty($user_data['password1']) ? trim($user_data['password1']) : '';
$user_data['password2'] = !empty($user_data['password2']) ? trim($user_data['password2']) : '';
// if the passwords are not set and this is not a forced password check
// we will not update password, otherwise let's check password
if (!empty($_SESSION['auth']['forced_password_change']) || !empty($user_data['password1']) || !empty($user_data['password2'])) {
$valid_passwords = true;
if ($user_data['password1'] != $user_data['password2']) {
$valid_passwords = false;
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_passwords_dont_match'));
}
// PCI DSS Compliance
if ($user_data['user_type'] == 'A') {
$msg = array();
// Check password length
$min_length = Registry::get('settings.Security.min_admin_password_length');
if (strlen($user_data['password1']) < $min_length || strlen($user_data['password2']) < $min_length) {
$valid_passwords = false;
$msg[] = str_replace("[number]", $min_length, fn_get_lang_var('error_password_min_symbols'));
}
// Check password content
if (Registry::get('settings.Security.admin_passwords_must_contain_mix') == 'Y') {
$tmp_result = preg_match('/\\d+/', $user_data['password1']) && preg_match('/\\D+/', $user_data['password1']) && preg_match('/\\d+/', $user_data['password2']) && preg_match('/\\D+/', $user_data['password2']);
if (!$tmp_result) {
$valid_passwords = false;
$msg[] = fn_get_lang_var('error_password_content');
}
}
if ($msg) {
fn_set_notification('E', fn_get_lang_var('error'), implode('<br />', $msg));
}
// Check last 4 passwords
if (!empty($user_id)) {
$prev_passwords = !empty($current_user_data['last_passwords']) ? explode(',', $current_user_data['last_passwords']) : array();
if (!empty($_SESSION['auth']['forced_password_change'])) {
// if forced password change - new password can't be equal to current password.
$prev_passwords[] = $current_user_data['password'];
}
if (in_array(md5($user_data['password1']), $prev_passwords) || in_array(md5($user_data['password2']), $prev_passwords)) {
$valid_passwords = false;
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_password_was_used'));
} else {
if (count($prev_passwords) >= 5) {
array_shift($prev_passwords);
}
$user_data['last_passwords'] = implode(',', $prev_passwords);
}
}
}
// PCI DSS Compliance
if (!$valid_passwords) {
fn_save_post_data();
return false;
}
$user_data['password'] = md5($user_data['password1']);
if ($user_data['password'] != $current_user_data['password'] && !empty($user_id)) {
// if user set current password - there is no necessity to update password_change_timestamp
$user_data['password_change_timestamp'] = $_SESSION['auth']['password_change_timestamp'] = TIME;
}
unset($_SESSION['auth']['forced_password_change']);
fn_delete_notification('password_expire');
}
}
$user_data['status'] = AREA != 'A' || empty($user_data['status']) ? $current_user_data['status'] : $user_data['status'];
// only administrator can change user status
// Fill the firstname, lastname and phone from the billing address if the profile was created or updated through the admin area.
if (AREA != 'A') {
Registry::get('settings.General.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's');
} else {
$address_zone = 'b';
}
if (!empty($user_data['firstname']) || !empty($user_data[$address_zone . '_firstname'])) {
$user_data['firstname'] = empty($user_data['firstname']) && !empty($user_data[$address_zone . '_firstname']) ? $user_data[$address_zone . '_firstname'] : $user_data['firstname'];
}
if (!empty($user_data['lastname']) || !empty($user_data[$address_zone . '_lastname'])) {
$user_data['lastname'] = empty($user_data['lastname']) && !empty($user_data[$address_zone . '_lastname']) ? $user_data[$address_zone . '_lastname'] : $user_data['lastname'];
}
if (!empty($user_data['phone']) || !empty($user_data[$address_zone . '_phone'])) {
$user_data['phone'] = empty($user_data['phone']) && !empty($user_data[$address_zone . '_phone']) ? $user_data[$address_zone . '_phone'] : $user_data['phone'];
}
// reset company_id for root admin
if ($user_id == 1) {
$user_data['company_id'] = 0;
}
if (!empty($user_id)) {
db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", $user_data, $user_id);
fn_log_event('users', 'update', array('user_id' => $user_id));
} else {
$user_id = db_query("INSERT INTO ?:users ?e", $user_data);
fn_log_event('users', 'create', array('user_id' => $user_id));
}
$user_data['user_id'] = $user_id;
// Set/delete insecure password notification
if (AREA == 'A' && Registry::get('config.demo_mode') != true && !empty($user_data['user_login']) && !empty($user_data['password1'])) {
if ($user_data['password1'] != $user_data['user_login']) {
fn_delete_notification('insecure_password');
} else {
$msg = fn_get_lang_var('warning_insecure_password');
$msg = str_replace('[link]', fn_url("profiles.update?user_id=" . $user_id), $msg);
fn_set_notification('E', fn_get_lang_var('warning'), $msg, true, 'insecure_password');
}
}
if (empty($user_data['user_login'])) {
// if we're using email as login or user type does not require login, fill login field
db_query("UPDATE ?:users SET user_login = '******' WHERE user_id = ?i AND user_login = ''", $user_id, $user_id);
}
// Fill shipping info with billing if needed
if (empty($ship_to_another)) {
$profile_fields = fn_get_profile_fields($user_data['user_type']);
$use_default = AREA == 'A' ? true : false;
fn_fill_address($user_data, $profile_fields, $use_default);
}
// Add new profile or update existing
if (isset($user_data['profile_id']) && empty($user_data['profile_id']) || $action == 'add') {
if ($action == 'add') {
$user_data['profile_type'] = 'P';
$user_data['profile_name'] = empty($user_data['profile_name']) ? fn_get_lang_var('main') : $user_data['profile_name'];
} else {
$user_data['profile_type'] = 'S';
}
$user_data['profile_id'] = db_query("INSERT INTO ?:user_profiles ?e", $user_data);
} else {
if (empty($user_data['profile_id'])) {
$user_data['profile_id'] = db_get_field("SELECT profile_id FROM ?:user_profiles WHERE user_id = ?i AND profile_type = 'P'", $user_id);
}
db_query("UPDATE ?:user_profiles SET ?u WHERE profile_id = ?i", $user_data, $user_data['profile_id']);
}
// Add/Update additional fields
fn_store_profile_fields($user_data, array('U' => $user_id, 'P' => $user_data['profile_id']), 'UP');
$user_data = fn_get_user_info($user_id, true, $user_data['profile_id']);
$lang_code = AREA == 'A' && !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE;
Registry::get('view_mail')->assign('password', $original_password);
Registry::get('view_mail')->assign('send_password', $send_password);
Registry::get('view_mail')->assign('user_data', $user_data);
// Send notifications to customer
if (!empty($notify_customer)) {
// Notify customer about profile activation (when update profile only)
if ($action == 'update' && $current_user_data['status'] === 'D' && $user_data['status'] === 'A') {
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/profile_activated_subj.tpl', 'profiles/profile_activated.tpl', '', $lang_code);
}
// Notify customer about profile add/update
if ($action == 'add') {
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/create_profile_subj.tpl', 'profiles/create_profile.tpl', '', $lang_code);
fn_send_mail('*****@*****.**', Registry::get('settings.Company.company_users_department'), 'profiles/create_profile_subj.tpl', 'profiles/create_profile.tpl', '', $lang_code);
} else {
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/update_profile_subj.tpl', 'profiles/update_profile.tpl', '', $lang_code);
fn_send_mail('*****@*****.**', Registry::get('settings.Company.company_users_department'), 'profiles/update_profile_subj.tpl', 'profiles/update_profile.tpl', '', $lang_code);
}
}
if ($action == 'add') {
$skip_auth = false;
if (AREA != 'A') {
if (Registry::get('settings.General.approve_user_profiles') == 'Y') {
fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_should_be_approved'));
// Notify administrator about new profile
fn_send_mail(Registry::get('settings.Company.company_users_department'), Registry::get('settings.Company.company_users_department'), 'profiles/activate_profile_subj.tpl', 'profiles/activate_profile.tpl', '', Registry::get('settings.Appearance.admin_default_language'), $user_data['email']);
$skip_auth = true;
} else {
fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_created'));
}
} else {
fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_created'));
}
if (!is_null($auth)) {
if (!empty($auth['order_ids'])) {
db_query("UPDATE ?:orders SET user_id = ?i WHERE order_id IN (?n)", $user_id, $auth['order_ids']);
}
if (empty($skip_auth)) {
$auth = fn_fill_auth($user_data);
}
}
} else {
fn_set_notification('N', fn_get_lang_var('information'), fn_get_lang_var('text_profile_is_updated'));
}
fn_set_hook('update_profile', $action, $user_data, $current_user_data);
return array($user_id, $user_data['profile_id']);
}
fn_update_event($_REQUEST['event_data'], $_REQUEST['event_id']);
$suffix = ".update?event_id={$_REQUEST['event_id']}";
}
if ($mode == 'request_access_key') {
if (!empty($_REQUEST['email'])) {
// check if this email is used by event creator (for private events and anonymous)
$owner_events = db_get_array("SELECT ?:giftreg_events.event_id, ?:giftreg_events.title, ?:giftreg_events.owner, ?:ekeys.ekey FROM ?:giftreg_events LEFT JOIN ?:ekeys ON ?:ekeys.object_id = ?:giftreg_events.event_id AND ?:ekeys.object_type = 'O' WHERE ?:giftreg_events.email = ?s AND (?:giftreg_events.type = 'U' || ?:giftreg_events.user_id = 0)", $_REQUEST['email']);
// check if this email is used in event recipients
$subscriber_events = db_get_array("SELECT ?:giftreg_event_subscribers.name, ?:giftreg_event_subscribers.event_id, ?:giftreg_events.title, ?:ekeys.ekey FROM ?:giftreg_event_subscribers LEFT JOIN ?:giftreg_events ON ?:giftreg_events.event_id = ?:giftreg_event_subscribers.event_id LEFT JOIN ?:ekeys ON ?:ekeys.object_id = ?:giftreg_event_subscribers.event_id AND ?:ekeys.object_type = 'G' WHERE ?:giftreg_event_subscribers.email = ?s AND ?:giftreg_events.type = 'U'", $_REQUEST['email']);
if (empty($subscriber_events) && empty($owner_events)) {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_giftreg_email_not_found'));
} else {
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('text_email_sent'));
$view_mail->assign('owner_events', $owner_events);
$view_mail->assign('subscriber_events', $subscriber_events);
fn_send_mail($_REQUEST['email'], Registry::get('settings.Company.company_users_department'), 'addons/gift_registry/access_key_subj.tpl', 'addons/gift_registry/access_key.tpl');
}
}
$suffix = ".access_key";
}
if (AREA == 'A' && empty($suffix)) {
$suffix = '.field_editor';
} else {
$suffix .= !empty($_REQUEST['access_key']) ? "&access_key={$_REQUEST['access_key']}" : '';
}
return array(CONTROLLER_STATUS_OK, "events{$suffix}");
}
// Search for events
if ($mode == 'search') {
$params = $_REQUEST;
if (AREA == 'C') {
function fn_change_recurring_subscription_status($subscription_id, $status_to, $status_from = '', $force_notification = array(), $display_notification = false)
{
if (empty($status_from)) {
$status_from = db_get_field("SELECT status FROM ?:recurring_subscriptions WHERE subscription_id = ?i", $subscription_id);
}
if ($status_from == 'U') {
fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('rb_unsubscribed_status_not_changed'));
return false;
}
if (empty($status_to)) {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_status_not_changed'));
return false;
}
if ($status_to == 'A') {
fn_apply_subscription_usergroup($subscription_id);
} else {
fn_remove_subscription_usergroup((array) $subscription_id);
}
if (!empty($force_notification['C'])) {
Registry::get('view_mail')->assign('header', Registry::get('addons.recurring_billing.rb_changing_email_header'));
Registry::get('view_mail')->assign('subj', Registry::get('addons.recurring_billing.rb_changing_email_subject'));
$subscription = fn_get_recurring_subscription_info($subscription_id);
Registry::get('view_mail')->assign('subscription_info', $subscription);
fn_send_mail($subscription['email'], Registry::get('settings.Company.company_orders_department'), 'addons/recurring_billing/subscription_notification_subj.tpl', 'addons/recurring_billing/subscription_notification.tpl', '', $subscription['order_info']['lang_code']);
}
db_query("UPDATE ?:recurring_subscriptions SET status = ?s WHERE subscription_id = ?i", $status_to, $subscription_id);
if ($display_notification) {
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('status_changed'));
}
return true;
}
function fn_send_form($page_id, $form_values)
{
if (!empty($form_values)) {
$page_data = fn_get_page_data($page_id);
if (empty($page_data['form']['elements'])) {
return false;
}
$attachments = array();
$fb_files = fn_filter_uploaded_data('fb_files');
if (!empty($fb_files)) {
foreach ($fb_files as $k => $v) {
$attachments[$v['name']] = $v['path'];
$form_values[$k] = $v['name'];
}
}
$max_length = 0;
$sender = '';
foreach ($page_data['form']['elements'] as $k => $v) {
if (($l = strlen($v['description'])) > $max_length) {
$max_length = $l;
}
if ($v['element_type'] == FORM_EMAIL_CONFIRM) {
if (!is_array($form_values[$k]) || $form_values[$k][0] != $form_values[$k][1] || empty($form_values[$k][0]) || $form_values[$k][1]) {
return false;
}
$form_values[$k] = $form_values[$k][0];
}
// Check if sender email exists
if ($v['element_type'] == FORM_EMAIL || $v['element_type'] == FORM_EMAIL_CONFIRM) {
$sender = $form_values[$k];
}
if ($v['element_type'] == FORM_DATE) {
$form_values[$k] = fn_parse_date($form_values[$k]);
}
if ($v['element_type'] == FORM_REFERER) {
$form_values[$k] = $_SESSION['auth']['referer'];
}
if ($v['element_type'] == FORM_IP_ADDRESS) {
$ip = fn_get_ip();
$form_values[$k] = $ip['host'];
}
}
$max_length += 2;
fn_set_hook('send_form', $page_data, $form_values);
Registry::get('view_mail')->assign('max_length', $max_length);
Registry::get('view_mail')->assign('elements', $page_data['form']['elements']);
Registry::get('view_mail')->assign('form_title', $page_data['page']);
Registry::get('view_mail')->assign('form_values', $form_values);
fn_send_mail($page_data['form']['general'][FORM_RECIPIENT], Registry::get('settings.Company.company_support_department'), 'addons/form_builder/form_subject.tpl', 'addons/form_builder/form_body.tpl', $attachments, CART_LANGUAGE, $sender);
}
return false;
}
}
}
}
if ($mode == 'm_decline') {
if (!empty($_REQUEST['partner_ids'])) {
$view_mail->assign('reason_declined', $_REQUEST['action_reason_declined']);
foreach ($_REQUEST['partner_ids'] as $partner_id) {
$_data = fn_get_partner_data($partner_id);
if (empty($_data['approved']) || $_data['approved'] != 'D') {
$p_data = array('approved' => 'D');
$update_result = fn_update_partner_profile($partner_id, $p_data);
if ($update_result) {
$user_data = fn_get_user_info($partner_id, false);
$view_mail->assign('user_data', $user_data);
// Send notification to partners
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'affiliate/declined_subj.tpl', 'affiliate/declined_body.tpl');
}
}
}
}
}
return array(CONTROLLER_STATUS_REDIRECT, "partners.manage");
}
if ($mode == 'update' && !empty($_REQUEST['user_id'])) {
$partner_data = fn_get_partner_data($_REQUEST['user_id']);
if (empty($partner_data)) {
return array(CONTROLLER_STATUS_NO_PAGE);
}
// [Breadcrumbs]
fn_add_breadcrumb(fn_get_lang_var('affiliates'), "partners.manage.reset_view");
fn_add_breadcrumb(fn_get_lang_var('search_results'), "partners.manage.last_view");
function fn_send_usergroup_status_notification($user_id, $usergroup_ids, $status)
{
$user_data = fn_get_user_info($user_id);
Registry::get('view_mail')->assign('user_data', $user_data);
Registry::get('view_mail')->assign('usergroups', fn_get_usergroups('F', $user_data['lang_code']));
Registry::get('view_mail')->assign('usergroup_ids', $usergroup_ids);
$prefix = $status == 'A' ? 'activation' : 'disactivation';
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'profiles/usergroup_' . $prefix . '_subj.tpl', 'profiles/usergroup_' . $prefix . '.tpl', array(), $user_data['lang_code']);
}
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//
//Change points
//
if ($mode == 'do_change_points') {
$amount = intval($_REQUEST['reason']['amount']);
if (!empty($amount)) {
fn_change_user_points($_REQUEST['reason']['action'] == 'A' ? abs($amount) : -abs($amount), $_REQUEST['user_id'], $_REQUEST['reason']['reason'], $_REQUEST['reason']['action']);
$force_notification = fn_get_notification_rules($_REQUEST);
if (!empty($force_notification['C'])) {
$user_data = db_get_row("SELECT firstname, email, lang_code FROM ?:users WHERE user_id = ?i", $_REQUEST['user_id']);
Registry::get('view_mail')->assign('user_data', $user_data);
Registry::get('view_mail')->assign('reason', $_REQUEST['reason']);
fn_send_mail($user_data['email'], Registry::get('settings.Company.company_users_department'), 'addons/reward_points/notification_subj.tpl', 'addons/reward_points/notification.tpl', '', $user_data['lang_code']);
}
}
}
if ($mode == 'do_userlog_delete') {
foreach ($_REQUEST['change_ids'] as $change_id) {
db_query("DELETE FROM ?:reward_point_changes WHERE change_id = ?i", $change_id);
}
}
if ($mode == 'do_cleanup_logs') {
db_query("DELETE FROM ?:reward_point_changes WHERE user_id = ?i", $_REQUEST['user_id']);
}
// Add/Update wholesale prices info
if ($mode == 'add' || $mode == 'update') {
if (isset($_REQUEST['reward_points'])) {
foreach ($_REQUEST['reward_points'] as $k => $v) {
/**
* Promotions post processing
*
* @param char $status_to new order status
* @param char $status_from original order status
* @param array $order_info order information
* @param bool $force_notification force user notification
* @return boolean always true
*/
function fn_promotion_post_processing($status_to, $status_from, $order_info, $force_notification = array())
{
$order_statuses = fn_get_statuses(STATUSES_ORDER, false, true);
$notify_user = isset($force_notification['C']) ? $force_notification['C'] : (!empty($order_statuses[$status_to]['notify']) && $order_statuses[$status_to]['notify'] == 'Y' ? true : false);
if ($status_to != $status_from && $order_statuses[$status_to]['inventory'] != $order_statuses[$status_from]['inventory']) {
if (empty($order_info['promotions'])) {
return false;
}
// Post processing
if ($order_statuses[$status_to]['inventory'] == 'D' && $order_statuses[$status_from]['inventory'] == 'I') {
db_query("UPDATE ?:promotions SET number_of_usages = number_of_usages + 1 WHERE promotion_id IN (?n)", array_keys($order_info['promotions']));
} else {
db_query("UPDATE ?:promotions SET number_of_usages = number_of_usages - 1 WHERE promotion_id IN (?n)", array_keys($order_info['promotions']));
}
// Apply pending actions
foreach ($order_info['promotions'] as $k => $v) {
if (!empty($v['bonuses'])) {
foreach ($v['bonuses'] as $bonus) {
// Assign usergroup
if ($bonus['bonus'] == 'give_usergroup') {
$is_ug_already_assigned = false;
if (empty($order_info['user_id'])) {
continue;
}
// Don't assing a disabled usergroup
$system_usergroups = fn_get_usergroups('C', CART_LANGUAGE);
if (!empty($system_usergroups[$bonus['value']]['status']) && $system_usergroups[$bonus['value']]['status'] == 'A') {
if ($order_statuses[$status_to]['inventory'] == 'D' && $order_statuses[$status_from]['inventory'] == 'I') {
// Don't assing the usergroup to the user if it's already assigned
$current_user_usergroups = fn_get_user_usergroups($order_info['user_id']);
foreach ($current_user_usergroups as $ug) {
if (isset($ug['usergroup_id']) && $bonus['value'] == $ug['usergroup_id'] && $ug['status'] == 'A') {
$is_ug_already_assigned = true;
break;
}
}
if (!$is_ug_already_assigned) {
db_query("REPLACE INTO ?:usergroup_links SET user_id = ?i, usergroup_id = ?i, status = 'A'", $order_info['user_id'], $bonus['value']);
$activated = true;
}
} else {
db_query("UPDATE ?:usergroup_links SET status = 'F' WHERE user_id = ?i AND usergroup_id = ?i", $order_info['user_id'], $bonus['value']);
$activated = false;
}
if ($notify_user == true && !$is_ug_already_assigned) {
Registry::get('view_mail')->assign('user_data', fn_get_user_info($order_info['user_id']));
Registry::get('view_mail')->assign('usergroups', fn_get_usergroups('F', $order_info['lang_code']));
Registry::get('view_mail')->assign('usergroup_ids', (array) $bonus['value']);
$prefix = $activated == true ? 'activation' : 'disactivation';
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_users_department'), 'profiles/usergroup_' . $prefix . '_subj.tpl', 'profiles/usergroup_' . $prefix . '.tpl', array(), $order_info['lang_code']);
}
} else {
if (AREA == 'C') {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('unable_to_assign_usergroup'));
}
}
} elseif ($bonus['bonus'] == 'give_coupon') {
$promotion_data = fn_get_promotion_data($bonus['value']);
if (empty($promotion_data)) {
continue;
}
if ($order_statuses[$status_to]['inventory'] == 'D' && $order_statuses[$status_from]['inventory'] == 'I') {
fn_promotion_update_condition($promotion_data['conditions']['conditions'], 'add', 'auto_coupons', $bonus['coupon_code']);
if ($notify_user == true) {
Registry::get('view_mail')->assign('promotion_data', $promotion_data);
Registry::get('view_mail')->assign('bonus_data', $bonus);
Registry::get('view_mail')->assign('order_info', $order_info);
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_users_department'), 'promotions/give_coupon_subj.tpl', 'promotions/give_coupon.tpl', array(), $order_info['lang_code']);
}
} else {
fn_promotion_update_condition($promotion_data['conditions']['conditions'], 'remove', 'auto_coupons', $bonus['coupon_code']);
}
db_query("UPDATE ?:promotions SET conditions = ?s, conditions_hash = ?s WHERE promotion_id = ?i", serialize($promotion_data['conditions']), fn_promotion_serialize($promotion_data['conditions']['conditions']), $bonus['value']);
}
}
}
}
}
return true;
}
function fn_send_newsletter($to, $from, $subj, $body, $attachments = array(), $lang_code = CART_LANGUAGE, $reply_to = '', $is_html)
{
$reply_to = !empty($reply_to) ? $reply_to : Registry::get('settings.Company.company_newsletter_email');
Registry::get('view_mail')->assign('body', $body);
Registry::get('view_mail')->assign('subj', $subj);
$_from = array('email' => !empty($from['from_email']) ? $from['from_email'] : Registry::get('settings.Company.company_newsletter_email'), 'name' => !empty($from['from_name']) ? $from['from_name'] : Registry::get('settings.Company.company_name'));
return fn_send_mail($to, $_from, 'addons/news_and_emails/newsletter_subj.tpl', 'addons/news_and_emails/newsletter_body.tpl', $attachments, $lang_code, $reply_to, $is_html);
}
function fn_companies_suppliers_order_notification($order_info, $order_statuses, $force_notification)
{
static $notification_sent = array();
if (!empty($notification_sent[$order_info['order_id']][$order_info['status']]) && $notification_sent[$order_info['order_id']][$order_info['status']] || $order_info['status'] == STATUS_INCOMPLETED_ORDER || $order_info['status'] == STATUS_PARENT_ORDER) {
return true;
}
$status_params = $order_statuses[$order_info['status']];
$notify_supplier = isset($force_notification['S']) ? $force_notification['S'] : (!empty($status_params['notify_supplier']) && $status_params['notify_supplier'] == 'Y' ? true : false);
if ($notify_supplier == true) {
$notification_sent[$order_info['order_id']][$order_info['status']] = true;
$suppliers = array();
foreach ($order_info['items'] as $k => $v) {
if (isset($v['company_id'])) {
$suppliers[$v['company_id']] = 0;
}
}
if (!empty($suppliers)) {
if (!empty($order_info['shipping'])) {
foreach ($order_info['shipping'] as $shipping_id => $shipping) {
foreach ((array) $shipping['rates'] as $supplier_id => $rate) {
if (isset($suppliers[$supplier_id])) {
$suppliers[$supplier_id] += $rate;
}
}
}
}
Registry::get('view_mail')->assign('order_status', fn_get_status_data($order_info['status'], STATUSES_ORDER, $order_info['order_id'], Registry::get('settings.Appearance.admin_default_language')));
Registry::get('view_mail')->assign('order_info', $order_info);
Registry::get('view_mail')->assign('status_inventory', $order_statuses[$order_info['status']]['inventory']);
foreach ($suppliers as $supplier_id => $shipping_cost) {
if ($supplier_id != 0) {
Registry::get('view_mail')->assign('shipping_cost', $shipping_cost);
Registry::get('view_mail')->assign('supplier_id', $supplier_id);
$supplier = fn_get_company_data($supplier_id);
fn_send_mail($supplier['email'], Registry::get('settings.Company.company_orders_department'), 'orders/supplier_notification_subj.tpl', 'orders/supplier_notification.tpl', '', Registry::get('settings.Appearance.admin_default_language'));
}
}
return true;
}
}
return false;
}
function fn_send_return_mail(&$return_info, &$order_info, $force_notification = array())
{
$return_statuses = fn_get_statuses(STATUSES_RETURN);
$status_params = $return_statuses[$return_info['status']];
$notify_user = isset($force_notification['C']) ? $force_notification['C'] : (!empty($status_params['notify']) && $status_params['notify'] == 'Y' ? true : false);
$notify_department = isset($force_notification['A']) ? $force_notification['A'] : (!empty($status_params['notify_department']) && $status_params['notify_department'] == 'Y' ? true : false);
if ($notify_user == true || $notify_department == true) {
Registry::get('view_mail')->assign('order_info', $order_info);
Registry::get('view_mail')->assign('return_info', $return_info);
Registry::get('view_mail')->assign('reasons', fn_get_rma_properties(RMA_REASON));
Registry::get('view_mail')->assign('actions', fn_get_rma_properties(RMA_ACTION));
Registry::get('view_mail')->assign('return_status', fn_get_status_data($return_info['status'], STATUSES_RETURN, $return_info['return_id'], $order_info['lang_code']));
// Notify customer
if ($notify_user == true) {
fn_send_mail($order_info['email'], Registry::get('settings.Company.company_orders_department'), 'addons/rma/slip_notification_subj.tpl', 'addons/rma/slip_notification.tpl', '', $order_info['lang_code']);
}
// Notify administrator (only if the changes performed from customer area)
if (AREA == 'C' || $notify_department == true) {
// Translate descriptions to admin language
Registry::get('view_mail')->assign('return_status', fn_get_status_data($return_info['status'], STATUSES_RETURN, $return_info['return_id'], Registry::get('settings.Appearance.admin_default_language')));
fn_send_mail(Registry::get('settings.Company.company_orders_department'), Registry::get('settings.Company.company_orders_department'), 'addons/rma/slip_notification_subj.tpl', 'addons/rma/slip_notification.tpl', '', Registry::get('settings.Appearance.admin_default_language'), $order_info['email']);
}
}
}
$email_to = AREA == 'A' ? db_get_field("SELECT email FROM ?:orders WHERE order_id = ?i", $object['object_id']) : Registry::get('settings.Company.company_orders_department');
$email_from = AREA == 'A' ? Registry::get('settings.Company.company_orders_department') : db_get_field("SELECT email FROM ?:orders WHERE order_id = ?i", $object['object_id']);
$view_mail->assign('url', fn_url("orders.details?order_id={$object['object_id']}", AREA == 'A' ? 'C' : 'A', 'http', '&'));
} elseif (!empty($discussion_settings[$object_name . '_notification_email'])) {
$email_to = $discussion_settings[$object_name . '_notification_email'];
$email_from = Registry::get('settings.Company.company_site_administrator');
$url = "discussion_manager.manage?object_type={$object['object_type']}&post_id={$post_data['post_id']}";
$view_mail->assign('url', fn_url($url, 'A', 'http', '&'));
}
$view_mail->assign('object_data', $object_data);
$view_mail->assign('post_data', $post_data);
$view_mail->assign('object_name', $object_name);
$view_mail->assign('subject', fn_get_lang_var('discussion_title_' . $discussion_object_types[$object['object_type']]) . ' - ' . fn_get_lang_var($discussion_object_types[$object['object_type']]));
// Send notification if needed
if (!empty($email_from)) {
fn_send_mail($email_to, $email_from, 'addons/discussion/notification_subj.tpl', 'addons/discussion/notification.tpl');
}
}
}
if ($mode == 'update_posts') {
if (AREA == 'A' && !empty($_REQUEST['posts']) && is_array($_REQUEST['posts'])) {
$threads = db_get_hash_single_array("SELECT post_id, thread_id FROM ?:discussion_posts WHERE post_id IN (?n)", array('post_id', 'thread_id'), array_keys($_REQUEST['posts']));
$messages_exist = db_get_fields("SELECT post_id FROM ?:discussion_messages WHERE post_id IN (?n)", array_keys($_REQUEST['posts']));
$rating_exist = db_get_fields("SELECT post_id FROM ?:discussion_rating WHERE post_id IN (?n)", array_keys($_REQUEST['posts']));
foreach ($_REQUEST['posts'] as $p_id => $data) {
db_query("UPDATE ?:discussion_posts SET ?u WHERE post_id = ?i", $data, $p_id);
if (in_array($p_id, $messages_exist)) {
db_query("UPDATE ?:discussion_messages SET ?u WHERE post_id = ?i", $data, $p_id);
} else {
$data['thread_id'] = $threads[$p_id];
$data['post_id'] = $p_id;
function fn_recurring_subscription_notification($subscription_id, $notification_type)
{
$addon_settings = Registry::get('addons.recurring_billing');
$data = fn_get_recurring_subscription_info($subscription_id, false);
$evt_data = array('subscription_id' => $subscription_id, 'timestamp' => TIME);
if ($notification_type == 'F') {
Registry::get('view_mail')->assign('header', $addon_settings['rb_future_pay_email_header']);
Registry::get('view_mail')->assign('subj', $addon_settings['rb_future_pay_email_subject']);
$subj = 'addons/recurring_billing/future_notification_subj.tpl';
$body = 'addons/recurring_billing/future_notification.tpl';
$data['next_timestamp'] = db_get_field("SELECT timestamp FROM ?:recurring_events WHERE subscription_id = ?i AND event_type = 'P' AND timestamp > ?i GROUP BY subscription_id", $subscription_id, TIME);
} elseif ($notification_type == 'M') {
Registry::get('view_mail')->assign('header', $addon_settings['rb_manual_pay_email_header']);
Registry::get('view_mail')->assign('subj', $addon_settings['rb_manual_pay_email_subject']);
$subj = 'addons/recurring_billing/manual_notification_subj.tpl';
$body = 'addons/recurring_billing/manual_notification.tpl';
} else {
return false;
}
$evt_data['event_type'] = $notification_type;
db_query("INSERT INTO ?:recurring_events ?e", $evt_data);
Registry::get('view_mail')->assign('subscription_info', $data);
fn_send_mail($data['email'], Registry::get('settings.Company.company_orders_department'), $subj, $body);
return true;
}
