public static function execute($data)
{
if (!empty($data['password'])) {
$data['password'] = osc_encrypt_string(trim($data['password']));
}
return OSCOM::callDB('Admin\\Administrators\\Save', $data);
}
public static function save($id = null, $data, $modules = null)
{
global $osC_Database;
$error = false;
$Qcheck = $osC_Database->query('select id from :table_administrators where user_name = :user_name');
if (is_numeric($id)) {
$Qcheck->appendQuery('and id != :id');
$Qcheck->bindInt(':id', $id);
}
$Qcheck->appendQuery('limit 1');
$Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qcheck->bindValue(':user_name', $data['username']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() < 1) {
$osC_Database->startTransaction();
if (is_numeric($id)) {
$Qadmin = $osC_Database->query('update :table_administrators set user_name = :user_name');
if (isset($data['password']) && !empty($data['password'])) {
$Qadmin->appendQuery(', user_password = :user_password');
$Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password'])));
}
$Qadmin->appendQuery('where id = :id');
$Qadmin->bindInt(':id', $id);
} else {
$Qadmin = $osC_Database->query('insert into :table_administrators (user_name, user_password) values (:user_name, :user_password)');
$Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password'])));
}
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':user_name', $data['username']);
$Qadmin->setLogging($_SESSION['module'], $id);
$Qadmin->execute();
if (!$osC_Database->isError()) {
if (!is_numeric($id)) {
$id = $osC_Database->nextID();
}
} else {
$error = true;
}
if ($error === false) {
if (!empty($modules)) {
if (in_array('0', $modules)) {
$modules = array('*');
}
foreach ($modules as $module) {
$Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1');
$Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
$Qcheck->bindInt(':administrators_id', $id);
$Qcheck->bindValue(':module', $module);
$Qcheck->execute();
if ($Qcheck->numberOfRows() < 1) {
$Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)');
$Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
$Qinsert->bindInt(':administrators_id', $id);
$Qinsert->bindValue(':module', $module);
$Qinsert->setLogging($_SESSION['module'], $id);
$Qinsert->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
if ($error === false) {
$Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id');
if (!empty($modules)) {
$Qdel->appendQuery('and module not in (":module")');
$Qdel->bindRaw(':module', implode('", "', $modules));
}
$Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
$Qdel->bindInt(':administrators_id', $id);
$Qdel->setLogging($_SESSION['module'], $id);
$Qdel->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if ($error === false) {
$osC_Database->commitTransaction();
return 1;
} else {
$osC_Database->rollbackTransaction();
return -1;
}
} else {
return -2;
}
}
Released under the GNU General Public License
*/
require '../includes/database_tables.php';
osc_db_connect($HTTP_POST_VARS['DB_SERVER'], $HTTP_POST_VARS['DB_SERVER_USERNAME'], $HTTP_POST_VARS['DB_SERVER_PASSWORD']);
osc_db_select_db($HTTP_POST_VARS['DB_DATABASE']);
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_NAME'] . '" where configuration_key = "STORE_NAME"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '" where configuration_key = "STORE_OWNER"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"');
if (!empty($HTTP_POST_VARS['CFG_STORE_OWNER_NAME']) && !empty($HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'])) {
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '\\" <' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>" where configuration_key = "EMAIL_FROM"');
}
$check_query = osc_db_query('select user_name from ' . TABLE_ADMINISTRATORS . ' where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"');
if (osc_db_num_rows($check_query)) {
osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set user_password = "******" where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"');
} else {
osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '", "' . osc_encrypt_string(trim($HTTP_POST_VARS['CFG_ADMINISTRATOR_PASSWORD'])) . '")');
}
?>
<div class="mainBlock">
<div class="stepsBox">
<ol>
<li>Database Server</li>
<li>Web Server</li>
<li>Online Store Settings</li>
<li style="font-weight: bold;">Finished!</li>
</ol>
</div>
<h1>New Installation</h1>
/**
* Updates the password in a customers account
*
* @param string $password The new password
* @param integer $customer_id The ID of the customer account to update
* @access public
* @return boolean
*/
public static function savePassword($password, $customer_id = null)
{
global $osC_Database, $osC_Customer;
if (!is_numeric($customer_id)) {
$customer_id = $osC_Customer->getID();
}
$Qcustomer = $osC_Database->query('update :table_customers set customers_password = :customers_password, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_password', osc_encrypt_string($password));
$Qcustomer->bindRaw(':date_account_last_modified', 'now()');
$Qcustomer->bindInt(':customers_id', $customer_id);
$Qcustomer->execute();
return $Qcustomer->affectedRows() === 1;
}
$language_selected = 'english';
}
require '../includes/database_tables.php';
osc_db_connect(trim($_POST['DB_SERVER']), trim($_POST['DB_SERVER_USERNAME']), trim($_POST['DB_SERVER_PASSWORD']));
osc_db_select_db(trim($_POST['DB_DATABASE']));
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_NAME']) . '" where configuration_key = "STORE_NAME"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . ' ' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '" where configuration_key = "STORE_OWNER"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"');
if (!empty($_POST['CFG_STORE_OWNER_NAME']) && !empty($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'])) {
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . trim($_POST['CFG_STORE_OWNER_NAME']) . '\\" <' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '>" where configuration_key = "EMAIL_FROM"');
}
$check_query = osc_db_query('select admin_username from ' . TABLE_ADMINISTRATORS . ' where admin_username = "******"');
if (osc_db_num_rows($check_query)) {
osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set admin_password = "******" where admin_username = "******"');
} else {
osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (admin_groups_id, admin_username, admin_firstname, admin_lastname, admin_email_address, admin_password, admin_created) values (1, "' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '", "' . osc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD'])) . '", now())');
}
// BOF: PGM Renaming the Admin Folder
$admin_folder = trim($_POST['CFG_ADMIN_FOLDER']);
if ($admin_folder != 'admin' && $admin_folder != '') {
rename('../admin', '../' . $admin_folder);
$admin_folder_renamed = 'true';
}
// Added in case admin name not changed or insufficient permissions
if ($admin_folder == '') {
$admin_folder = 'admin';
}
// EOF: PGM Renaming the Admin Folder
?>
<div id="menublock">
<ul id="menutabs">
$Qupdate->bindValue(':configuration_value', '"' . $_POST['CFG_STORE_OWNER_NAME'] . '" <' . $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>');
$Qupdate->bindValue(':configuration_key', 'EMAIL_FROM');
$Qupdate->execute();
}
//administrators
$Qcheck = $osC_Database->query('select user_name from :table_administrators where user_name = :user_name');
$Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qcheck->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']);
$Qcheck->execute();
if ($Qcheck->numberOfRows()) {
$Qadmin = $osC_Database->query('update :table_administrators set user_password = :user_password and email_address = :email_address where user_name = :user_name');
} else {
$Qadmin = $osC_Database->query('insert into :table_administrators (user_name, user_password, email_address) values (:user_name, :user_password, :email_address)');
}
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':user_password', osc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD'])));
$Qadmin->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']);
$Qadmin->bindValue(':email_address', $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']);
$Qadmin->execute();
//administrators access
$Qadmin = $osC_Database->query('select id from :table_administrators where user_name = :user_name');
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']);
$Qadmin->execute();
$Qcheck = $osC_Database->query('select module from :table_administrators_access where administrators_id = :administrators_id limit 1');
$Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
$Qcheck->bindInt(':administrators_id', $Qadmin->valueInt('id'));
$Qcheck->execute();
if ($Qcheck->numberOfRows()) {
$Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id');
$Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
public static function save($id = null, $data, $send_email = true)
{
global $osC_Database, $osC_Language;
$error = false;
$osC_Database->startTransaction();
if (is_numeric($id)) {
$Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id');
$Qcustomer->bindRaw(':date_account_last_modified', 'now()');
$Qcustomer->bindInt(':customers_id', $id);
} else {
$Qcustomer = $osC_Database->query('insert into :table_customers (customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, number_of_logons, date_account_created) values (:customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :number_of_logons, :date_account_created)');
$Qcustomer->bindInt(':number_of_logons', 0);
$Qcustomer->bindRaw(':date_account_created', 'now()');
}
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_gender', $data['gender']);
$Qcustomer->bindValue(':customers_firstname', $data['firstname']);
$Qcustomer->bindValue(':customers_lastname', $data['lastname']);
$Qcustomer->bindValue(':customers_email_address', $data['email_address']);
$Qcustomer->bindValue(':customers_dob', $data['dob_year'] . '-' . $data['dob_month'] . '-' . $data['dob_day'] . ' 00:00:00');
$Qcustomer->bindInt(':customers_newsletter', $data['newsletter']);
$Qcustomer->bindInt(':customers_status', $data['status']);
$Qcustomer->setLogging($_SESSION['module'], $id);
$Qcustomer->execute();
if (!$osC_Database->isError()) {
if (!empty($data['password'])) {
$customer_id = !empty($id) ? $id : $osC_Database->nextID();
$Qpassword = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
$Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qpassword->bindValue(':customers_password', osc_encrypt_string(trim($data['password'])));
$Qpassword->bindInt(':customers_id', $customer_id);
$Qpassword->setLogging($_SESSION['module'], $customer_id);
$Qpassword->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
if ($error === false) {
$osC_Database->commitTransaction();
if ($send_email === true) {
if (empty($id)) {
$full_name = trim($data['firstname'] . ' ' . $data['lastname']);
$email_text = '';
if (ACCOUNT_GENDER > -1) {
if ($data['gender'] == 'm') {
$email_text .= sprintf($osC_Language->get('email_greet_mr'), trim($data['lastname'])) . "\n\n";
} else {
$email_text .= sprintf($osC_Language->get('email_greet_ms'), trim($data['lastname'])) . "\n\n";
}
} else {
$email_text .= sprintf($osC_Language->get('email_greet_general'), $full_name) . "\n\n";
}
$email_text .= sprintf($osC_Language->get('email_text'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, trim($data['password']));
osc_email($full_name, $data['email_address'], $osC_Language->get('email_subject'), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
}
return true;
}
$osC_Database->rollbackTransaction();
return false;
}
function save($id = null, $data, $send_email = true)
{
global $osC_Database, $osC_Language;
$error = false;
$osC_Database->startTransaction();
if (is_numeric($id)) {
$Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_groups_id = :customers_groups_id, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id');
$Qcustomer->bindRaw(':date_account_last_modified', 'now()');
$Qcustomer->bindInt(':customers_id', $id);
} else {
$Qcustomer = $osC_Database->query('insert into :table_customers (customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, customers_groups_id, number_of_logons, date_account_created) values (:customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :customers_groups_id, :number_of_logons, :date_account_created)');
$Qcustomer->bindInt(':number_of_logons', 0);
$Qcustomer->bindRaw(':date_account_created', 'now()');
}
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_gender', $data['gender']);
$Qcustomer->bindValue(':customers_firstname', $data['firstname']);
$Qcustomer->bindValue(':customers_lastname', $data['lastname']);
$Qcustomer->bindValue(':customers_email_address', $data['email_address']);
$Qcustomer->bindValue(':customers_dob', $data['dob_year'] . '-' . $data['dob_month'] . '-' . $data['dob_day'] . ' 00:00:00');
$Qcustomer->bindInt(':customers_newsletter', $data['newsletter']);
$Qcustomer->bindInt(':customers_status', $data['status']);
$Qcustomer->bindReplace(':customers_groups_id', $data['customers_groups_id'] == '' ? 'NULL' : $data['customers_groups_id']);
$Qcustomer->setLogging($_SESSION['module'], $id);
$Qcustomer->execute();
if (!$osC_Database->isError()) {
if (!empty($data['password'])) {
$customer_id = !empty($id) ? $id : $osC_Database->nextID();
$Qpassword = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
$Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qpassword->bindValue(':customers_password', osc_encrypt_string(trim($data['password'])));
$Qpassword->bindInt(':customers_id', $customer_id);
$Qpassword->setLogging($_SESSION['module'], $customer_id);
$Qpassword->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
if ($error === false) {
$osC_Database->commitTransaction();
if ($send_email === true) {
if (empty($id)) {
include '../includes/classes/email_template.php';
$email_template = toC_Email_Template::getEmailTemplate('admin_create_account_email');
$email_template->setData($data['firstname'], $data['lastname'], $data['email_address'], trim($data['password']), $data['gender']);
$email_template->buildMessage();
$email_template->sendEmail();
}
}
return true;
}
$osC_Database->rollbackTransaction();
return false;
}
function parseXmlFile()
{
$customers = @simplexml_load_file($this->_filename);
if (is_object($customers)) {
foreach ($customers->Customer as $customer) {
$data['customers_id'] = $customer->ID;
$data['customers_gender'] = $customer->Gender;
$data['customers_firstname'] = $customer->Firstname;
$data['customers_lastname'] = $customer->Lastname;
$data['customers_dob'] = $customer->DateOfBirthday;
$data['customers_email_address'] = $customer->Email;
$data['customers_password'] = osc_encrypt_string($customer->Password);
$data['customers_telephone'] = $customer->Telephone;
$data['customers_fax'] = $customer->Fax;
$data['customers_password'] = $customer->PassWord;
$data['customers_status'] = $customer->Status;
$data['date_account_created'] = 'now()';
$address_books = array();
foreach ($customer->AddressBooks->AddressBook as $address_book) {
$address['entry_gender'] = $address_book->Gender;
$address['entry_company'] = $address_book->Company;
$address['entry_firstname'] = $address_book->Firstname;
$address['entry_lastname'] = $address_book->Lastname;
$address['entry_street_address'] = $address_book->Street;
$address['entry_suburb'] = $address_book->Suburb;
$address['entry_postcode'] = $address_book->Postcode;
$address['entry_city'] = $address_book->City;
$address['entry_country'] = $address_book->Country;
$address['entry_state'] = $address_book->State;
$address['entry_country_id'] = $address_book->CountryId;
$address['entry_zone_id'] = $address_book->ZoneId;
$address['entry_telephone'] = $address_book->Telephone;
$address['entry_fax'] = $address_book->Fax;
$address_books[] = $address;
}
$this->insertCustomer($data, $address_books);
}
return true;
}
return false;
}
/**
* Updates the password in a customers account
*
* @param string $password The new password
* @param integer $customer_id The ID of the customer account to update
* @access public
* @return boolean
*/
public static function savePassword($password, $customer_id = null)
{
$OSCOM_Database = Registry::get('Database');
$OSCOM_Customer = Registry::get('Customer');
if (!is_numeric($customer_id)) {
$customer_id = $OSCOM_Customer->getID();
}
$Qcustomer = $OSCOM_Database->query('update :table_customers set customers_password = :customers_password, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id');
$Qcustomer->bindValue(':customers_password', osc_encrypt_string($password));
$Qcustomer->bindRaw(':date_account_last_modified', 'now()');
$Qcustomer->bindInt(':customers_id', $customer_id);
$Qcustomer->execute();
return $Qcustomer->affectedRows() === 1;
}
function generatePassword($email)
{
global $osC_Database;
$password = osc_create_random_string(8);
$Qpassword = $osC_Database->query('update :table_administrators set user_password = :user_password where email_address = :email_address');
$Qpassword->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qpassword->bindValue(':user_password', osc_encrypt_string($password));
$Qpassword->bindValue(':email_address', $email);
$Qpassword->execute();
if (!$osC_Database->isError()) {
$Qadmin = $osC_Database->query('select id, user_name, email_address from :table_administrators where email_address = :email_address');
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':email_address', $email);
$Qadmin->execute();
include '../includes/classes/email_template.php';
$email_template = toC_Email_Template::getEmailTemplate('admin_password_forgotten');
$email_template->setData($Qadmin->value('user_name'), osc_get_ip_address(), $password, $email);
$email_template->buildMessage();
$email_template->sendEmail();
return true;
}
return false;
}
