/**
* This is a proxy function to return an order safely, we may set the getOrder function to private
* Maybe the right place would be the controller, cause there are JRequests in it. But for a fast solution,
* still better than to have it 3-4 times in the view.html.php of the views.
* @author Max Milbers
*
* @return array
*/
public function getMyOrderDetails($orderID = 0, $orderNumber = false, $orderPass = false)
{
$_currentUser = JFactory::getUser();
$cuid = $_currentUser->get('id');
$orderDetails = false;
// If the user is not logged in, we will check the order number and order pass
if (empty($cuid)) {
$sess = JFactory::getSession();
$orderNumber = vRequest::getString('order_number', $orderNumber);
$tries = $sess->get('getOrderDetails.' . $orderNumber, 0);
if ($tries > 5) {
vmDebug('Too many tries, Invalid order_number/password ' . tsmText::_('com_tsmart_RESTRICTED_ACCESS'));
return false;
}
// If the user is not logged in, we will check the order number and order pass
if ($orderPass = vRequest::getString('order_pass', $orderPass)) {
$orderId = $this->getOrderIdByOrderPass($orderNumber, $orderPass);
if (empty($orderId)) {
echo tsmText::_('com_tsmart_RESTRICTED_ACCESS');
vmdebug('getMyOrderDetails com_tsmart_RESTRICTED_ACCESS', $orderNumber, $orderPass, $tries);
$tries++;
$sess->set('getOrderDetails.' . $orderNumber, $tries);
return false;
}
$orderDetails = $this->getOrder($orderId);
}
} else {
// If the user is logged in, we will check if the order belongs to him
$tsmart_order_id = vRequest::getInt('tsmart_order_id', $orderID);
if (!$tsmart_order_id) {
$tsmart_order_id = tsmartModelOrders::getOrderIdByOrderNumber(vRequest::getString('order_number'));
}
$orderDetails = $this->getOrder($tsmart_order_id);
$user = JFactory::getUser();
if (!vmAccess::manager('orders')) {
if (!isset($orderDetails['details']['BT']->tsmart_user_id)) {
$orderDetails['details']['BT']->tsmart_user_id = 0;
}
if ($orderDetails['details']['BT']->tsmart_user_id != $cuid) {
echo tsmText::_('com_tsmart_RESTRICTED_ACCESS');
return false;
}
}
}
return $orderDetails;
}
/**
* Extends the standard function in vmplugin. Extendst the input data by tsmart_order_id
* Calls the parent to execute the write operation
*
* @author Max Milbers
* @param array $_values
* @param string $_table
*/
protected function storePSPluginInternalData($values, $primaryKey = 0, $preload = FALSE)
{
if (!class_exists('tsmartModelOrders')) {
require VMPATH_ADMIN . DS . 'models' . DS . 'orders.php';
}
if (!isset($values['tsmart_order_id'])) {
$values['tsmart_order_id'] = tsmartModelOrders::getOrderIdByOrderNumber($values['order_number']);
}
return $this->storePluginInternalData($values, $primaryKey, 0, $preload);
}
