/**
* Check if current User Agent is matching the one from
* Rakuten Checkout and don't trigger swapped client
* warning in that case, fallback to native logic otherwise
*
* @return bool
*/
protected function _isSwappedClient()
{
if (oxUtilsServer::getInstance()->getServerVar('HTTP_USER_AGENT') == 'Zend_Http_Client') {
return false;
} else {
return parent::_isSwappedClient();
}
}
/**
* Executes parent method parent::render(), generates menu HTML code,
* passes data to Smarty engine, returns name of template file "nav_frame.tpl".
*
* @return string
*/
public function render()
{
parent::render();
$myUtilsServer = oxUtilsServer::getInstance();
$sItem = oxConfig::getParameter("item");
$sItem = $sItem ? basename($sItem) : false;
if (!$sItem) {
$sItem = "nav_frame.tpl";
$aFavorites = oxConfig::getParameter("favorites");
if (is_array($aFavorites)) {
$myUtilsServer->setOxCookie('oxidadminfavorites', implode('|', $aFavorites));
}
} else {
$oNavTree = $this->getNavigation();
// set menu structure
$this->_aViewData["menustructure"] = $oNavTree->getDomXml()->documentElement->childNodes;
// version patch strin
$sVersion = str_replace(array("EE.", "PE."), "", $this->_sShopVersion);
$this->_aViewData["sVersion"] = trim($sVersion);
//checking requirements if this is not nav frame reload
if (!oxConfig::getParameter("navReload")) {
// #661 execute stuff we run each time when we start admin once
if ('home.tpl' == $sItem) {
$this->_aViewData['aMessage'] = $this->_doStartUpChecks();
}
} else {
//removing reload param to force requirements checking next time
oxSession::deleteVar("navReload");
}
// favorite navigation
$aFavorites = explode('|', $myUtilsServer->getOxCookie('oxidadminfavorites'));
if (is_array($aFavorites) && count($aFavorites)) {
$this->_aViewData["menufavorites"] = $oNavTree->getListNodes($aFavorites);
$this->_aViewData["aFavorites"] = $aFavorites;
}
// history navigation
$aHistory = explode('|', $myUtilsServer->getOxCookie('oxidadminhistory'));
if (is_array($aHistory) && count($aHistory)) {
$this->_aViewData["menuhistory"] = $oNavTree->getListNodes($aHistory);
}
// open history node ?
$this->_aViewData["blOpenHistory"] = oxConfig::getParameter('openHistory');
}
$oShoplist = oxNew('oxshoplist');
$oBaseShop = $oShoplist->getBaseObject();
$sWhere = '';
$blisMallAdmin = oxSession::getVar('malladmin');
if (!$blisMallAdmin) {
// we only allow to see our shop
$sShopID = oxSession::getVar("actshop");
$sWhere = "where " . $oBaseShop->getViewName() . ".oxid = '{$sShopID}'";
}
$oShoplist->selectString("select " . $oBaseShop->getSelectFields() . " from " . $oBaseShop->getViewName() . " {$sWhere}");
$this->_aViewData['shoplist'] = $oShoplist;
return $sItem;
}
/**
* Returns server utils instance
*
* @return oxUtilsServer
*/
public static function getInstance()
{
// disable caching for test modules
if (defined('OXID_PHP_UNIT')) {
self::$_instance = modInstances::getMod(__CLASS__);
}
if (!self::$_instance instanceof oxUtilsServer) {
self::$_instance = oxNew('oxUtilsServer');
if (defined('OXID_PHP_UNIT')) {
modInstances::addMod(__CLASS__, self::$_instance);
}
}
return self::$_instance;
}
/**
* Process ROPE requests
*
* @return void
*/
public function rope()
{
/** @var $oRakutenCheckout rakuten_checkout */
$oRakutenCheckout = oxNew('rakuten_checkout');
// TODO: If request isn't POSTed show 404
if (oxUtilsServer::getInstance()->getServerVar('REQUEST_METHOD') != 'POST') {
die;
}
$request = file_get_contents('php://input');
// TODO: If request has no data show 404
if (empty($request)) {
die;
}
try {
// Process ROPE request and output response
echo $oRakutenCheckout->processRopeRequest($request);
} catch (Exception $e) {
// TODO: Log exception and show 404
}
die;
}
/**
* Set history article id's to session or cookie
*
* @param array $aArticlesIds array history article ids
*
* @return null
*/
public function setHistoryArticles($aArticlesIds)
{
if ($this->getSession()->getId()) {
oxSession::setVar('aHistoryArticles', $aArticlesIds);
// clean cookie, if session started
oxUtilsServer::getInstance()->setOxCookie('aHistoryArticles', '');
} else {
oxUtilsServer::getInstance()->setOxCookie('aHistoryArticles', implode('|', $aArticlesIds));
}
}
/**
* Returns cookie stored used login data
*
* @param string $sShopId shop ID (default null)
*
* @deprecated should be used oxUtilsServer::getUserCookie()
*
* @return string
*/
protected static function _getUserCookie($sShopId = null)
{
return oxUtilsServer::getInstance()->getUserCookie($sShopId);
}
/**
* Returns active shop language id
*
* @return string
*/
public function getBaseLanguage()
{
if ($this->_iBaseLanguageId === null) {
$myConfig = $this->getConfig();
$blAdmin = $this->isAdmin();
// languages and search engines
if ($blAdmin && ($iSeLang = oxConfig::getParameter('changelang')) !== null) {
$this->_iBaseLanguageId = $iSeLang;
}
if (is_null($this->_iBaseLanguageId)) {
$this->_iBaseLanguageId = oxConfig::getParameter('lang');
}
//or determining by domain
$aLanguageUrls = $myConfig->getConfigParam('aLanguageURLs');
if (!$blAdmin && is_array($aLanguageUrls)) {
foreach ($aLanguageUrls as $iId => $sUrl) {
if ($myConfig->isCurrentUrl($sUrl)) {
$this->_iBaseLanguageId = $iId;
break;
}
}
}
if (is_null($this->_iBaseLanguageId)) {
$this->_iBaseLanguageId = oxConfig::getParameter('language');
if (!isset($this->_iBaseLanguageId)) {
$this->_iBaseLanguageId = oxSession::getVar('language');
}
}
// if language still not setted and not search engine browsing,
// getting language from browser
if (is_null($this->_iBaseLanguageId) && !$blAdmin && !oxUtils::getInstance()->isSearchEngine()) {
// getting from cookie
$this->_iBaseLanguageId = oxUtilsServer::getInstance()->getOxCookie('language');
// getting from browser
if (is_null($this->_iBaseLanguageId)) {
$this->_iBaseLanguageId = $this->detectLanguageByBrowser();
}
}
if (is_null($this->_iBaseLanguageId)) {
$this->_iBaseLanguageId = $myConfig->getConfigParam('sDefaultLang');
}
$this->_iBaseLanguageId = (int) $this->_iBaseLanguageId;
// validating language
$this->_iBaseLanguageId = $this->validateLanguage($this->_iBaseLanguageId);
// setting language to cookie
oxUtilsServer::getInstance()->setOxCookie('language', $this->_iBaseLanguageId);
}
return $this->_iBaseLanguageId;
}
/**
* Returns id which is used for product preview in shop during administration
*
* @return string
*/
public function getPreviewId()
{
$sAdminSid = oxUtilsServer::getInstance()->getOxCookie('admin_sid');
if ($oUser = $this->getUser()) {
return md5($sAdminSid . $oUser->getId() . $oUser->oxuser__oxpassword->value . $oUser->oxuser__oxrights->value);
}
}
/**
* Compares current URL to supplied string
*
* @param string $sURL URL
*
* @return bool true if $sURL is equal to current page URL
*/
public function isCurrentUrl($sURL)
{
if (!$sURL) {
return false;
}
$oUtilsServer = oxUtilsServer::getInstance();
// #4010: force_sid added in https to every link
preg_match("/^(https?:\\/\\/)?([^\\/]+)/i", $sURL, $matches);
$sUrlHost = $matches[2];
// #4010: force_sid added in https to every link
preg_match("/^(https?:\\/\\/)?([^\\/]+)/i", $oUtilsServer->getServerVar('HTTP_HOST'), $matches);
$sRealHost = $matches[2];
$sCurrentHost = preg_replace('/\\/\\w*\\.php.*/', '', $oUtilsServer->getServerVar('HTTP_HOST') . $oUtilsServer->getServerVar('SCRIPT_NAME'));
//remove double slashes all the way
$sCurrentHost = str_replace('/', '', $sCurrentHost);
$sURL = str_replace('/', '', $sURL);
if (getStr()->strpos($sURL, $sCurrentHost) !== false) {
//bug fix #0002991
if ($sUrlHost == $sRealHost) {
return true;
}
}
return false;
}
/**
* Returns cookie sid value
*
* @return string
*/
protected function _getCookieSid()
{
return oxUtilsServer::getInstance()->getOxCookie($this->getName());
}
/**
* Get available admin interface languages
*
* @return array
*/
protected function _getAvailableLanguages()
{
$sDefLang = oxUtilsServer::getInstance()->getOxCookie('oxidadminlanguage');
$sDefLang = $sDefLang ? $sDefLang : $this->_getBrowserLanguage();
$aLanguages = oxLang::getInstance()->getAdminTplLanguageArray();
foreach ($aLanguages as $oLang) {
$oLang->selected = $sDefLang == $oLang->abbr ? 1 : 0;
}
return $aLanguages;
}
/**
* Gathers and assigns to new oxorder object customer data, payment, delivery
* and shipping info, customer odere remark, currency, voucher, language data.
* Additionally stores general discount and wrapping. Sets order status to "error"
* and creates oxorderarticle objects and assigns to them basket articles.
*
* @param oxBasket $oBasket Shopping basket object
*
* @return null
*/
protected function _loadFromBasket(oxBasket $oBasket)
{
$myConfig = $this->getConfig();
// store IP Adress - default must be FALSE as it is illegal to store
if ($myConfig->getConfigParam('blStoreIPs') && $this->oxorder__oxip->value === null) {
$this->oxorder__oxip = new oxField(oxUtilsServer::getInstance()->getRemoteAddress(), oxField::T_RAW);
}
// copying main price info
$this->oxorder__oxtotalnetsum = new oxField(oxUtils::getInstance()->fRound($oBasket->getDiscountedNettoPrice()), oxField::T_RAW);
$this->oxorder__oxtotalbrutsum = new oxField($oBasket->getProductsPrice()->getBruttoSum(), oxField::T_RAW);
$this->oxorder__oxtotalordersum = new oxField($oBasket->getPrice()->getBruttoPrice(), oxField::T_RAW);
// copying discounted VAT info
$iVatIndex = 1;
foreach ($oBasket->getProductVats(false) as $iVat => $dPrice) {
$this->{"oxorder__oxartvat{$iVatIndex}"} = new oxField($this->_convertVat($iVat), oxField::T_RAW);
$this->{"oxorder__oxartvatprice{$iVatIndex}"} = new oxField($dPrice, oxField::T_RAW);
$iVatIndex++;
}
// payment costs if available
if ($oPaymentCost = $oBasket->getCosts('oxpayment')) {
$this->oxorder__oxpaycost = new oxField($oPaymentCost->getBruttoPrice(), oxField::T_RAW);
$this->oxorder__oxpayvat = new oxField($oPaymentCost->getVAT(), oxField::T_RAW);
}
// delivery info
if ($oDeliveryCost = $oBasket->getCosts('oxdelivery')) {
$this->oxorder__oxdelcost = new oxField($oDeliveryCost->getBruttoPrice(), oxField::T_RAW);
//V #M382: Save VAT, not VAT value for delivery costs
$this->oxorder__oxdelvat = new oxField($oDeliveryCost->getVAT(), oxField::T_RAW);
//V #M382
$this->oxorder__oxdeltype = new oxField($oBasket->getShippingId(), oxField::T_RAW);
}
// user remark
if (!isset($this->oxorder__oxremark) || $this->oxorder__oxremark->value === null) {
$this->oxorder__oxremark = new oxField(oxSession::getVar('ordrem'), oxField::T_RAW);
}
// currency
$oCur = $myConfig->getActShopCurrencyObject();
$this->oxorder__oxcurrency = new oxField($oCur->name);
$this->oxorder__oxcurrate = new oxField($oCur->rate, oxField::T_RAW);
// store voucherdiscount
if ($oVoucherDiscount = $oBasket->getVoucherDiscount()) {
$this->oxorder__oxvoucherdiscount = new oxField($oVoucherDiscount->getBruttoPrice(), oxField::T_RAW);
}
// general discount
if ($this->_blReloadDiscount) {
$dDiscount = 0;
$aDiscounts = $oBasket->getDiscounts();
if (count($aDiscounts) > 0) {
foreach ($aDiscounts as $oDiscount) {
$dDiscount += $oDiscount->dDiscount;
}
}
$this->oxorder__oxdiscount = new oxField($dDiscount, oxField::T_RAW);
}
//order language
$this->oxorder__oxlang = new oxField($this->getOrderLanguage());
// initial status - 'ERROR'
$this->oxorder__oxtransstatus = new oxField('ERROR', oxField::T_RAW);
// copies basket product info ...
$this->_setOrderArticles($oBasket->getContents());
// copies wrapping info
$this->_setWrapping($oBasket);
// copies TS protection info
$this->_setTsProtection($oBasket);
}
/**
* Returns the OXID server utilities object.
*
* @return oxUtilsServer
*/
public function getUtilsServer()
{
return oxUtilsServer::getInstance();
}
/**
* Returns TRUE if facebook widgets are on
*
* @return boolean
*/
public function isFbWidgetWisible()
{
if ($this->_blFbWidgetsOn === null) {
$oUtils = oxUtilsServer::getInstance();
// reading ..
$this->_blFbWidgetsOn = (bool) $oUtils->getOxCookie("fbwidgetson");
// .. and setting back
$oUtils->setOxCookie("fbwidgetson", $this->_blFbWidgetsOn ? 1 : 0);
}
return $this->_blFbWidgetsOn;
}
/**
* performs authorization of admin user
*
* @return boolean
*/
protected function _authorize()
{
return (bool) ($this->getSession()->checkSessionChallenge() && count(oxUtilsServer::getInstance()->getOxCookie()) && oxUtils::getInstance()->checkAccessRights());
}
/**
* Performs user login by username and password. Fetches user data from DB.
* Registers in session. Returns true on success, FALSE otherwise.
*
* @param string $sUser User username
* @param string $sPassword User password
* @param bool $blCookie (default false)
*
* @throws oxConnectionException, oxCookieException, oxUserException
*
* @return bool
*/
public function login($sUser, $sPassword, $blCookie = false)
{
if ($this->isAdmin() && !count(oxUtilsServer::getInstance()->getOxCookie())) {
$oEx = oxNew('oxCookieException');
$oEx->setMessage('EXCEPTION_COOKIE_NOCOOKIE');
throw $oEx;
}
$myConfig = $this->getConfig();
if ($sPassword) {
$sShopID = $myConfig->getShopId();
$oDb = oxDb::getDb();
$sUserSelect = is_numeric($sUser) ? "oxuser.oxcustnr = {$sUser} " : "oxuser.oxusername = "******" oxuser.oxpassword = MD5( CONCAT( " . $oDb->quote($sPassword) . ", UNHEX( oxuser.oxpasssalt ) ) ) ";
$sShopSelect = "";
// admin view: can only login with higher than 'user' rights
if ($this->isAdmin()) {
$sShopSelect = " and ( oxrights != 'user' ) ";
}
$sWhat = "oxid";
$sSelect0 = "select {$sWhat} from oxuser where oxuser.oxactive = 1 and ";
$sSelect = $sSelect0 . "{$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
if ($myConfig->isDemoShop() && $this->isAdmin()) {
if ($sPassword == "admin" && $sUser == "admin") {
$sSelect = "select {$sWhat} from oxuser where oxrights = 'malladmin' {$sShopSelect} ";
} else {
$oEx = oxNew('oxUserException');
$oEx->setMessage('EXCEPTION_USER_NOVALIDLOGIN');
throw $oEx;
}
}
// load from DB
$aData = $oDb->getAll($sSelect);
$sOXID = @$aData[0][0];
//Avenger -- Try to login with master admins password start.
$blIsInvalidValigLogin = !$sOXID;
for ($iLoginStep = 1; $iLoginStep <= 2; $iLoginStep++) {
if ($blIsInvalidValigLogin) {
if ($iLoginStep == 2) {
$oEx = oxNew('oxUserException');
$oEx->setMessage('EXCEPTION_USER_NOVALIDLOGIN');
throw $oEx;
} else {
//Reduce login requirements as 1st step (only check for eMail-address)
$sSelect = $sSelect0 . "{$sUserSelect} {$sShopSelect} ";
// load from DB
$aData = $oDb->getAll($sSelect);
$sOXID = @$aData[0][0];
if ($sOXID) {
//User found by eMail-address, now check password against master admins' password....
//Get master admins' password and password 'salt'
$sWhat .= ",oxpassword,oxpasssalt";
$sSelect = "select {$sWhat} from oxuser where oxid='oxdefaultadmin'";
$aData = $oDb->getAll($sSelect);
$sAdminOXID = @$aData[0][0];
$sAdminPassword = @$aData[0][1];
$sAdminPasswordSalt = @$aData[0][2];
//Check password entered against master admins' password
$blIsInvalidValigLogin = $sAdminPassword != md5($sPassword . $this->unhex($sAdminPasswordSalt));
} else {
$blIsInvalidValigLogin = true;
}
}
} else {
$this->load($sOXID);
break;
}
}
//Avenger -- Try to login with master admins password end.
}
//login successfull?
if ($this->oxuser__oxid->value) {
// yes, successful login
if ($this->isAdmin()) {
oxSession::setVar('auth', $this->oxuser__oxid->value);
} else {
oxSession::setVar('usr', $this->oxuser__oxid->value);
}
// cookie must be set ?
if ($blCookie) {
oxUtilsServer::getInstance()->setUserCookie($this->oxuser__oxusername->value, $this->oxuser__oxpassword->value, $myConfig->getShopId());
}
return true;
} else {
$oEx = oxNew('oxUserException');
$oEx->setMessage('EXCEPTION_USER_NOVALIDLOGIN');
throw $oEx;
}
}
/**
* Process ROPE requests
*
* @return void
*/
public function rope()
{
/** @var $oRakutenRope rakuten_rope */
$oRakutenRope = oxNew('rakuten_rope');
if (oxUtilsServer::getInstance()->getServerVar('REQUEST_METHOD') != 'POST') {
die;
}
$request = file_get_contents('php://input');
if (empty($request)) {
die;
}
try {
/** Process ROPE request and output response **/
echo $oRakutenRope->processRopeRequest($request);
} catch (Exception $e) {
/** TODO: Log exception and show 404 **/
}
die;
}
/**
* Returns visitor ip address
*
* @return string
*/
public function getRemoteAddress()
{
if (($sValue = $this->getViewConfigParam('ip')) === null) {
$sValue = oxUtilsServer::getInstance()->getRemoteAddress();
$this->setViewConfigParam('ip', $sValue);
}
return $sValue;
}
include_once $sBasePath . 'modules/functions.php';
include_once $sBasePath . 'core/oxfunctions.php';
include_once $sBasePath . 'core/adodblite/adodb.inc.php';
include_once $sBasePath . 'core/oxconfig.php';
include_once $sBasePath . 'core/oxsupercfg.php';
include_once $sBasePath . "core/oxutils.php";
$myConfig = oxConfig::getInstance();
// Includes Utility module.
$sUtilModule = $myConfig->getConfigParam('sUtilModule');
if ($sUtilModule && file_exists(getShopBasePath() . "modules/" . $sUtilModule)) {
include_once getShopBasePath() . "modules/" . $sUtilModule;
}
$myConfig->setConfigParam('blAdmin', true);
$myConfig->setConfigParam('blTemplateCaching', false);
// authorization
if (!(oxSession::getInstance()->checkSessionChallenge() && count(oxUtilsServer::getInstance()->getOxCookie()) && oxUtils::getInstance()->checkAccessRights())) {
header("location:index.php");
oxUtils::getInstance()->showMessageAndExit("");
}
if ($sContainer = oxConfig::getParameter('container')) {
$sContainer = trim(strtolower(basename($sContainer)));
$aColumns = array();
include_once 'inc/' . $sContainer . '.inc.php';
//$oAjaxComponent = new ajaxcomponent( $aColumns );
$oAjaxComponent = oxNew("ajaxcomponent");
$oAjaxComponent->init($aColumns);
$oAjaxComponent->setName($sContainer);
$oAjaxComponent->processRequest(oxConfig::getParameter('fnc'));
} else {
}
$myConfig->pageClose();
