public function Subscribe()
{
if(!isset($_POST['check'])) {
$GLOBALS['SubscriptionHeading'] = GetLang('Oops');
$GLOBALS['Class'] = "ErrorMessage";
$GLOBALS['SubscriptionMessage'] = GetLang('NewsletterSpammerVerification');
}
else if(isset($_POST['nl_first_name']) && isset($_POST['nl_email'])) {
$first_name = $_POST['nl_first_name'];
$email = $_POST['nl_email'];
if (!is_email_address($email)) {
$GLOBALS['SubscriptionHeading'] = GetLang('NewsletterSubscription');
$GLOBALS['Class'] = "ErrorMessage";
$GLOBALS['SubscriptionMessage'] = GetLang('NewsletterEnterValidEmail');
} else {
$subscription = new Interspire_EmailIntegration_Subscription_Newsletter($email, $first_name);
$results = $subscription->routeSubscription();
$success = false;
$existed = false;
foreach ($results as /** @var Interspire_EmailIntegration_SubscriberActionResult */$result) {
// message sent to visitor is 'ok' if even one subscription worked; other failures will be logged internally & emailed to store owner
// this is a little counter-intuitive when multiple modules are enabled but it's the best compromise I think short of sending info about every module back to the visitor, who shouldn't be concered with such detail
if ($result->pending) {
$success = true;
} else {
if ($result->success) {
$success = true;
}
if ($result->existed) {
$existed = true;
}
}
}
if ($success) {
if ($existed) {
// most APIs will simply update existing details, rather than error - but this mimmicks the existing behaviour of ISC if the API can let us know the subscriber existed
$GLOBALS['SubscriptionHeading'] = GetLang('Oops');
$GLOBALS['Class'] = "ErrorMessage";
$GLOBALS['SubscriptionMessage'] = sprintf(GetLang('NewsletterAlreadySubscribed'), $email); // legacy sprintf
} else {
$GLOBALS['SubscriptionHeading'] = GetLang('NewsletterThanksForSubscribing');
$GLOBALS['Class'] = "";
$GLOBALS['SubscriptionMessage'] = GetLang('NewsletterSubscribedSuccessfully') . sprintf(" <a href='%s'>%s.</a>", $GLOBALS['ShopPath'], GetLang('Continue'));
}
} else {
$GLOBALS['SubscriptionHeading'] = GetLang('Oops');
$GLOBALS['Class'] = "ErrorMessage";
$GLOBALS['SubscriptionMessage'] = GetLang('NewsletterSubscribeError');
}
}
}
$GLOBALS['ISC_CLASS_TEMPLATE']->SetPageTitle(sprintf("%s - %s", GetConfig('StoreName'), GetLang('NewsletterSubscription')));
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("newsletter_subscribe");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
/**
* Add a subscriber to the mailing list for the newsletter. Returns an array contaning
* status (success/fail) and an optional return message
*/
public function AddSubscriberToNewsletter($FirstName, $Email)
{
// Is this email address valid?
if (!is_email_address($Email)) {
$result = array("status" => "fail", "message" => sprintf(GetLang('NewsletterInvalidEmail'), isc_html_escape($Email)));
// Is this person already in the subscribers table?
} else {
if ($this->SubscriberExists(GetConfig('MailNewsletterList'), $Email)) {
$result = array("status" => "fail", "message" => sprintf(GetLang('NewsletterAlreadySubscribed'), isc_html_escape($Email)));
// Add the subscriber
} else {
$add_xml = "<xmlrequest>\n\t\t\t\t\t\t\t<username>" . GetConfig('MailUsername') . "</username>\n\t\t\t\t\t\t\t<usertoken>" . GetConfig('MailXMLToken') . "</usertoken>\n\t\t\t\t\t\t\t<requesttype>subscribers</requesttype>\n\t\t\t\t\t\t\t<requestmethod>AddSubscriberToList</requestmethod>\n\t\t\t\t\t\t\t<details>\n\t\t\t\t\t\t\t\t<emailaddress>" . $Email . "</emailaddress>\n\t\t\t\t\t\t\t\t<mailinglist>" . GetConfig('MailNewsletterList') . "</mailinglist>\n\t\t\t\t\t\t\t\t<confirmed>yes</confirmed>";
// Do we need to add the first name custom field?
if (GetConfig('MailNewsletterCustomField') > 0) {
$add_xml .= "<customfields>\n\t\t\t\t\t\t\t\t\t<fieldid>" . GetConfig('MailNewsletterCustomField') . "</fieldid>\n\t\t\t\t\t\t\t\t\t<value>" . $FirstName . "</value>\n\t\t\t\t\t\t\t\t</customfields>";
}
$add_xml .= "\n\t\t\t\t\t\t\t</details>\n\t\t\t\t\t\t</xmlrequest>";
$add_xml = urlencode($add_xml);
$result = PostToRemoteFileAndGetResponse(GetConfig('MailXMLPath'), "xml=" . $add_xml);
$xml = @simplexml_load_string($result);
$response = '';
if ($xml && isset($xml->status)) {
$response = $xml->status;
}
if ($response == "SUCCESS") {
$result = array("status" => "success", "message" => GetLang('NewsletterSubscribedSuccessfully'));
} else {
$result = array("status" => "fail", "message" => sprintf(GetLang('NewsletterSubscribeErrorIEM'), $xml->errormessage));
}
}
}
return $result;
}
function au_landing_user_login($event, $type, $object)
{
if (elgg_instanceof($object, 'user')) {
if (!is_email_address($object->email)) {
system_message(elgg_echo('au_landing:invalidemail'));
}
}
}
/**
* {@inheritdoc}
*/
public function put(ParameterBag $params)
{
$owner = get_entity($params->guid);
if (!$owner->canEdit()) {
throw new GraphException("You are not allowed to modify this user's profile", HttpResponse::HTTP_FORBIDDEN);
}
$profile_fields = (array) elgg_get_config('profile_fields');
$access_id = $params->access_id !== null ? $params->access_id : get_default_access($owner);
$input = array();
foreach ($profile_fields as $field => $valuetype) {
// Making sure the consumer has sent these fields with the request
if (isset($params->{$field}) && $this->request->get($field) !== null) {
$value = $params->{$field};
$value = _elgg_html_decode($value);
if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
throw new GraphException(elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$field}")), HttpResponse::HTTP_BAD_REQUEST));
}
if ($value && $valuetype == 'url' && !preg_match('~^https?\\://~i', $value)) {
$value = "http://{$value}";
}
if ($valuetype == 'tags') {
$value = string_to_tag_array($value);
}
if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) {
throw new GraphException(elgg_echo('profile:invalid_email', array(elgg_echo("profile:{$field}"))), HttpResponse::HTTP_BAD_REQUEST);
}
$input[$field] = $value;
}
}
// go through custom fields
if (sizeof($input) > 0) {
foreach ($input as $shortname => $value) {
$options = array('guid' => $owner->guid, 'metadata_name' => $shortname, 'limit' => false);
elgg_delete_metadata($options);
if (!is_null($value) && $value !== '') {
// only create metadata for non empty values (0 is allowed) to prevent metadata records
// with empty string values #4858
if (is_array($value)) {
$i = 0;
foreach ($value as $interval) {
$i++;
$multiple = $i > 1 ? TRUE : FALSE;
create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
}
} else {
create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
}
}
}
$owner->save();
// Notify of profile update
elgg_trigger_event('profileupdate', $owner->type, $owner);
}
return $this->get($params);
}
/**
* Create or retrieve a Stripe customer account
* @param mixed $user_attr ElggUser or guid or email
* @throws IOException
*/
function __construct($user_attr = null)
{
if ($user_attr instanceof ElggUser) {
$this->user = $user_attr;
} else {
if (is_email_address($user_attr)) {
$users = get_user_by_email($user_attr);
if (!$users) {
$customer_ref = elgg_get_plugin_setting($user_attr, 'stripe');
if ($customer_ref) {
$customer_ref = unserialize($customer_ref);
} else {
$customer_ref = array();
}
$customer_id = $customer_ref[0];
} else {
$this->user = $users[0];
}
$email = $user_attr;
} else {
if (is_string($user_attr) && substr($user_attr, 0, 4) == 'cus_') {
$customer_id = $user_attr;
} else {
if (is_numeric($user_attr)) {
$this->user = get_entity($user_attr);
}
}
}
}
if (!$this->user && $customer_id) {
if ($user = stripe_get_user_from_customer_id($customer_id)) {
$this->user = $user;
}
}
if (!$this->user) {
$this->user = new ElggUser();
$this->user->email = $email;
if ($customer_id) {
$this->user->setPrivateSetting('stripe_customer_id', $customer_id);
}
}
$this->account = $this->getCustomerAccount();
if (!$this->account) {
throw new IOException("Stripe customer account can not be retrieved or created");
}
}
function spam_login_filter_notify_admin($blockedEmail, $blockedIp, $reason)
{
if (elgg_get_plugin_setting('notify_by_mail', 'spam_login_filter') == "yes") {
//Notify spam tentative to administrator
$site = elgg_get_site_entity();
if ($site && isset($site->email)) {
$from = $site->email;
} else {
$from = 'noreply@' . get_site_domain($site->guid);
}
$message = sprintf(elgg_echo('spam_login_filter:notify_message'), $blockedEmail, $blockedIp, $reason);
$to = elgg_get_plugin_setting('notify_mail_address', 'spam_login_filter');
if (!is_email_address($to)) {
return;
}
elgg_send_email($from, $to, elgg_echo('spam_login_filter:notify_subject'), $message);
}
}
/**
* Allow login by username/email and password
*
* @param string $username username
* @param string $password password
*
* @throws SecurityException
*
* @return void|string
*/
function ws_pack_auth_gettoken($username, $password)
{
// check if username is an email address
if (is_email_address($username)) {
$users = get_user_by_email($username);
// check if we have a unique user
if (is_array($users) && count($users) == 1) {
$username = $users[0]->username;
}
}
// validate username and password
if (true === elgg_authenticate($username, $password)) {
$token = create_user_token($username);
if ($token) {
return $token;
}
}
throw new SecurityException(elgg_echo("SecurityException:authenticationfailed"));
}
/**
* Send password for new user who is registered using facebook connect
*
* @param $email
* @param $name
* @param $username
* @param $password
*/
function send_user_password_mail($email, $name, $username, $password)
{
$site = elgg_get_site_entity();
$email = trim($email);
// send out other email addresses
if (!is_email_address($email)) {
return false;
}
$message = elgg_echo('facebook_connect:email:body', array($name, $site->name, $site->url, $username, $email, $password, $site->name, $site->url));
$subject = elgg_echo('facebook_connect:email:subject', array($name));
// create the from address
$site = get_entity($site->guid);
if ($site && isset($site->email)) {
$from = $site->email;
} else {
$from = 'noreply@' . get_site_domain($site->guid);
}
elgg_send_email($from, $email, $subject, $message);
}
function group_tools_invite_email(ElggGroup $group, $email, $text = "", $resend = false)
{
$result = false;
if (!empty($group) && $group instanceof ElggGroup && !empty($email) && is_email_address($email) && ($loggedin_user = elgg_get_logged_in_user_entity())) {
// get site secret
$site_secret = get_site_secret();
// generate invite code
$invite_code = md5($site_secret . $email . $group->getGUID());
if (!group_tools_check_group_email_invitation($invite_code, $group->getGUID()) || $resend) {
// make site email
$site = elgg_get_site_entity();
if (!empty($site->email)) {
if (!empty($site->name)) {
$site_from = $site->name . " <" . $site->email . ">";
} else {
$site_from = $site->email;
}
} else {
// no site email, so make one up
if (!empty($site->name)) {
$site_from = $site->name . " <noreply@" . get_site_domain($site->getGUID()) . ">";
} else {
$site_from = "noreply@" . get_site_domain($site->getGUID());
}
}
if (!$resend) {
// register invite with group
$group->annotate("email_invitation", $invite_code, ACCESS_LOGGED_IN, $group->getGUID());
}
// make subject
$subject = elgg_echo("group_tools:groups:invite:email:subject", array($group->name));
// make body
$body = elgg_echo("group_tools:groups:invite:email:body", array($loggedin_user->name, $group->name, $site->name, $text, $site->name, elgg_get_site_url() . "register", elgg_get_site_url() . "groups/invitations/?invitecode=" . $invite_code, $invite_code));
$result = elgg_send_email($site_from, $email, $subject, $body);
} else {
$result = null;
}
}
return $result;
}
/**
* create the notification script
*/
function set_notifier()
{
unset_notifier();
$dataroot = elgg_get_config('dataroot');
$contents = file_get_contents(__DIR__ . '/lib/template.php');
$emails = '';
$email_string = elgg_get_plugin_setting('emails', PLUGIN_ID);
if ($email_string) {
$emails = array_unique(array_map('trim', explode("\n", $email_string)));
foreach ($emails as $key => $e) {
if (!is_email_address($e)) {
unset($emails[$key]);
}
$emails[$key] = "'{$e}'";
}
}
$contents = str_replace('{{emails}}', implode(', ', $emails), $contents);
$html = elgg_get_plugin_setting('html', PLUGIN_ID);
$file = elgg_get_config('dataroot') . NOTIFIER;
file_put_contents($file, $contents);
$file = elgg_get_config('dataroot') . HTML;
file_put_contents($file, $html);
}
function engap_gettoken($username, $password)
{
//error_log("user".$username);
if (is_email_address($username)) {
$users = get_user_by_email($username);
if (is_array($users) && count($users) == 1) {
$user = $users[0];
$username = $user->username;
}
} else {
$user = get_user_by_username($username);
}
// validate username and password
if ($user instanceof ELGGUser) {
if (true === elgg_authenticate($username, $password)) {
//expiry in minute
//1 hour = 60
//24 hours = 1440
$token = create_user_token($username, 1440);
//1 day
if ($token) {
$return['token'] = $token;
$return['username'] = $user->username;
$return['user_guid'] = $user->guid;
$return['email'] = $user->email;
$return['phone'] = $user->phone;
$return['city'] = $user->city;
$return['avatar_path'] = $user->getIconURL('large');
$plugin = elgg_get_plugin_from_id("engap");
$return['plugin_version'] = $plugin->getManifest()->getVersion();
return $return;
}
}
}
throw new SecurityException(elgg_echo('SecurityException:authenticationfailed'));
}
/**
* Invite a new user by email to a group
*
* @param ElggGroup $group the group to be invited for
* @param string $email the email address to be invited
* @param string $text (optional) extra text in the invitation
* @param boolean $resend should existing invitations be resend
*
* @return boolean|NULL true is invited, false on failure, null when already send
*/
function group_tools_invite_email(ElggGroup $group, $email, $text = "", $resend = false)
{
$result = false;
$loggedin_user = elgg_get_logged_in_user_entity();
if (!empty($group) && $group instanceof ElggGroup && !empty($email) && is_email_address($email) && !empty($loggedin_user)) {
// generate invite code
$invite_code = group_tools_generate_email_invite_code($group->getGUID(), $email);
if (!empty($invite_code)) {
$found_group = group_tools_check_group_email_invitation($invite_code, $group->getGUID());
if (empty($found_group) || $resend) {
// make site email
$site = elgg_get_site_entity();
if (!empty($site->email)) {
if (!empty($site->name)) {
$site_from = $site->name . " <" . $site->email . ">";
} else {
$site_from = $site->email;
}
} else {
// no site email, so make one up
if (!empty($site->name)) {
$site_from = $site->name . " <noreply@" . get_site_domain($site->getGUID()) . ">";
} else {
$site_from = "noreply@" . get_site_domain($site->getGUID());
}
}
if (empty($found_group)) {
// register invite with group
$group->annotate("email_invitation", $invite_code . "|" . $email, ACCESS_LOGGED_IN, $group->getGUID());
}
// make subject
$subject = elgg_echo("group_tools:groups:invite:email:subject", array($group->name));
// make body
$body = elgg_echo("group_tools:groups:invite:email:body", array($loggedin_user->name, $group->name, $site->name, $text, $site->name, elgg_get_site_url() . "register?group_invitecode=" . $invite_code, elgg_get_site_url() . "groups/invitations/?invitecode=" . $invite_code, $invite_code));
$params = array("group" => $group, "inviter" => $loggedin_user, "invitee" => $email);
$body = elgg_trigger_plugin_hook("invite_notification", "group_tools", $params, $body);
$result = elgg_send_email($site_from, $email, $subject, $body);
} else {
$result = null;
}
}
}
return $result;
}
/**
* Set a user's email address
* Returns null if no change is required or input is not present in the form
* Returns true or false indicating success or failure if change was needed
*
* @return bool|void
* @since 1.8.0
* @access private
*/
function _elgg_set_user_email()
{
$email = get_input('email');
$user_guid = get_input('guid');
if (!isset($email)) {
return;
}
if ($user_guid) {
$user = get_user($user_guid);
} else {
$user = elgg_get_logged_in_user_entity();
}
if (!is_email_address($email)) {
register_error(elgg_echo('email:save:fail'));
return false;
}
if (!$user instanceof ElggUser) {
register_error(elgg_echo('email:save:fail'));
return false;
}
if (strcmp($email, $user->email) === 0) {
// no change
return;
}
if (elgg_get_config('security_email_require_password') && $user->getGUID() === elgg_get_logged_in_user_guid()) {
// validate password
$pwd = get_input('email_password');
$auth = elgg_authenticate($user->username, $pwd);
if ($auth !== true) {
register_error(elgg_echo('email:save:fail:password'));
return false;
}
}
if (!get_user_by_email($email)) {
$user->email = $email;
if ($user->save()) {
system_message(elgg_echo('email:save:success'));
return true;
} else {
register_error(elgg_echo('email:save:fail'));
}
} else {
register_error(elgg_echo('registration:dupeemail'));
}
return false;
}
/**
* Imports an actual product record in to the database.
*
* @param array Array of record data
*/
protected function _ImportRecord($record)
{
if (!$record['custconemail']) {
$this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersMissingEmail');
return;
}
if (!is_email_address($record['custconemail'])) {
$this->ImportSession['Results']['Failures'][] = implode(",", $record['original_record']) . " " . GetLang('ImportCustomersInvalidEmail');
return;
}
$fillin = array('custconcompany', 'custconfirstname', 'custconlastname', 'custconphone');
foreach ($fillin as $fillkey) {
if (!isset($record[$fillkey])) {
$record[$fillkey] = '';
}
}
// Is there an existing customer with the same email?
$customerId = 0;
$existingFormSessionId = 0;
$query = sprintf("select customerid from [|PREFIX|]customers where lower(custconemail)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote(isc_strtolower($record['custconemail'])));
$result = $GLOBALS["ISC_CLASS_DB"]->Query($query);
if ($row = $GLOBALS["ISC_CLASS_DB"]->Fetch($result)) {
// Overriding existing products, set the product id
if (isset($this->ImportSession['OverrideDuplicates']) && $this->ImportSession['OverrideDuplicates'] == 1) {
$customerId = $row['customerid'];
$this->ImportSession['Results']['Updates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")";
} else {
$this->ImportSession['Results']['Duplicates'][] = $record['custconfirstname'] . " " . $record['custconlastname'] . " (" . $record['custconemail'] . ")";
return;
}
if (isId($row['custformsessionid'])) {
$existingFormSessionId = $row['custformsessionid'];
}
}
$customerData = array('company' => $record['custconcompany'], 'firstname' => $record['custconfirstname'], 'lastname' => $record['custconlastname'], 'email' => $record['custconemail'], 'phone' => $record['custconphone']);
if (isset($record['custpassword']) && $record['custpassword'] !== '') {
$customerData['password'] = $record['custpassword'];
}
if (isset($record['custstorecredit'])) {
$customerData['storecredit'] = DefaultPriceFormat($record['custstorecredit']);
}
if (isId($customerId)) {
$customerData['customerid'] = $customerId;
}
// Are we placing the customer in a customer group?
$groupId = 0;
if (!empty($record['custgroup'])) {
static $customerGroups;
$groupName = strtolower($record['custgroup']);
if (isset($customerGroups[$groupName])) {
$groupId = $customerGroups[$groupName];
} else {
$query = "\n\t\t\t\t\tSELECT customergroupid\n\t\t\t\t\tFROM [|PREFIX|]customer_groups\n\t\t\t\t\tWHERE LOWER(groupname)='" . $GLOBALS['ISC_CLASS_DB']->Quote($groupName) . "'\n\t\t\t\t";
$groupId = $GLOBALS['ISC_CLASS_DB']->FetchOne($query, 'customergroupid');
// Customer group doesn't exist, create it
if (!$groupId) {
$newGroup = array('name' => $record['custgroup'], 'discount' => 0, 'isdefault' => 0, 'categoryaccesstype' => 'all');
$entity = new ISC_ENTITY_CUSTOMERGROUP();
$groupId = $entity->add($newGroup);
}
if ($groupId) {
$customerGroups[$groupName] = $groupId;
}
}
}
$customerData['customergroupid'] = $groupId;
// Do we have a shipping address?
$shippingData = array();
if (isset($record['shipfullname']) || isset($record['shipfirstname']) || isset($record['shipaddress1']) || isset($record['shipaddress2']) || isset($record['shipcity']) || isset($record['shipstate']) || isset($record['shipzip']) || isset($record['shipcountry'])) {
$fillin = array('shipaddress1', 'shipaddress2', 'shipcity', 'shipstate', 'shipzip', 'shipcountry');
foreach ($fillin as $fillkey) {
if (!isset($record[$fillkey])) {
$record[$fillkey] = '';
}
}
$shippingData['shipfirstname'] = '';
$shippingData['shiplastname'] = '';
$shippingData['shipaddress1'] = $record['shipaddress1'];
$shippingData['shipaddress2'] = $record['shipaddress2'];
$shippingData['shipcity'] = $record['shipcity'];
$shippingData['shipstate'] = $record['shipstate'];
$shippingData['shipzip'] = $record['shipzip'];
$shippingData['shipcountry'] = $record['shipcountry'];
$shippingData['shipstateid'] = 0;
$shippingData['shipcountryid'] = 0;
$shippingData['shipdestination'] = '';
// Find the country and state
$shippingData['shipcountryid'] = (int) GetCountryByName($record['shipcountry']);
if (!$shippingData['shipcountryid']) {
$shippingData['shipcountryid'] = (int) GetCountryIdByISO2($record['shipcountry']);
}
// Still nothing? 0 for the shipping country ID
if (!$shippingData['shipcountryid']) {
$shippingData['shipcountryid'] = 0;
}
if (isset($record['shipstate'])) {
$shippingData['shipstateid'] = GetStateByName($record['shipstate'], $shippingData['shipcountryid']);
}
// Still nothing? 0 for the shipping state ID
if (!$shippingData['shipstateid']) {
$shippingData['shipstateid'] = 0;
}
if (!isset($record['shipfullname']) || $record['shipfullname'] == "") {
if (isset($record['shipfirstname']) && $record['shipfirstname'] != '') {
$shippingData['shipfirstname'] = $record['shipfirstname'];
} else {
$shippingData['shipfirstname'] = $customerData['firstname'];
}
if (isset($record['shiplastname']) && $record['shiplastname'] != '') {
$shippingData['shiplastname'] = $record['shiplastname'];
} else {
$shippingData['shiplastname'] = $customerData['lastname'];
}
}
if (!isset($record['shipphone']) && isset($record['custconphone'])) {
$shippingData['shipphone'] = $record['custconphone'];
} else {
$shippingData['shipphone'] = $record['shipphone'];
}
/**
* Handle any of the address custom fields that we might have
*/
if (!empty($this->customFields) && array_key_exists('custom', $record)) {
$shippingData['shipformsessionid'] = $this->_importCustomFormfields(FORMFIELDS_FORM_ADDRESS, $record['custom']);
if (!isId($shippingData['shipformsessionid'])) {
unset($shippingData['shipformsessionid']);
}
}
}
/**
* Handle any of the customer custom fields that we might have
*/
if (!empty($this->customFields) && array_key_exists('custom', $record)) {
$formSessionId = $this->_importCustomFormfields(FORMFIELDS_FORM_ACCOUNT, $record['custom'], $existingFormSessionId);
if (isId($formSessionId)) {
$customerData['custformsessionid'] = $formSessionId;
}
}
$customerData['is_import'] = true;
$customerEntity = new ISC_ENTITY_CUSTOMER();
// New customer, insert in to DB
if ($customerId == 0) {
// Set a temporary password, retrievable later via lost password function
if (!isset($customerData['password']) || $customerData['password'] == '') {
$customerData['password'] = isc_substr(uniqid(rand(), true), 0, 10);
}
$customerData['token'] = GenerateCustomerToken();
$customerData['shipping_address'] = $shippingData;
$rtn = $customerEntity->add($customerData);
++$this->ImportSession['Results']['SuccessCount'];
} else {
if (count($shippingData) > 0) {
$query = sprintf("select shipid from [|PREFIX|]shipping_addresses where shipcustomerid='%d' and lower(shipaddress1)='%s' and lower(shipaddress2)='%s' and lower(shipcity)='%s' and lower(shipstate)='%s' and lower(shipcountry)='%s'", $GLOBALS['ISC_CLASS_DB']->Quote($customerId), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress1']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipaddress2']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcity']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipstate']), $GLOBALS['ISC_CLASS_DB']->Quote($shippingData['shipcountry']));
$Result = $GLOBALS['ISC_CLASS_DB']->Query($query);
$row = $GLOBALS['ISC_CLASS_DB']->Fetch($Result);
// Address doesn't exist, we insert it
if (!$row['shipid']) {
$customerData['shipping_address'] = $shippingData;
}
}
$rtn = $customerEntity->edit($customerData);
}
}
/**
* Simple validation of a email.
*
* @param string $address
* @throws RegistrationException on invalid
* @return bool
*/
function validate_email_address($address)
{
if (!is_email_address($address)) {
throw new RegistrationException(elgg_echo('registration:notemail'));
}
// Got here, so lets try a hook (defaulting to ok)
$result = true;
return trigger_plugin_hook('registeruser:validate:email', 'all', array('email' => $address), $result);
}
function profile_manager_generate_username_from_email($email)
{
$result = false;
if (!empty($email) && is_email_address($email)) {
list($username) = explode("@", $email);
// show hidden entities (unvalidated users)
$hidden = access_get_show_hidden_status();
access_show_hidden_entities(true);
// check if username is unique
if (get_user_by_username($username)) {
$i = 1;
while (get_user_by_username($username . $i)) {
$i++;
}
$username = $username . $i;
}
// restore hidden entities
access_show_hidden_entities($hidden);
$result = $username;
}
return $result;
}
// invite from csv
if (!empty($csv)) {
$file_location = $_FILES['csv']['tmp_name'];
$fh = fopen($file_location, 'r');
if (!empty($fh)) {
while (($data = fgetcsv($fh, 0, ';')) !== false) {
/*
* data structure
* data[0] => displayname
* data[1] => e-mail address
*/
$email = '';
if (isset($data[1])) {
$email = trim($data[1]);
}
if (empty($email) || !is_email_address($email)) {
continue;
}
$users = get_user_by_email($email);
if (!empty($users)) {
// found a user with this email on the site, so invite (or add)
$user = $users[0];
if ($group->isMember($user)) {
$member++;
continue;
}
if ($adding) {
if (group_tools_add_user($group, $user, $text)) {
$join++;
}
continue;
// SET DEFAULTS
$result = 0;
$is_error = 0;
// SET DEFAULT EMAIL IF NOT SUBMITTED
if (!isset($_POST['contact_email'])) {
$contact_email = $user->user_info['user_email'];
} else {
$contact_email = $_POST['contact_email'];
}
// SEND HELP MESSAGE
if ($task == "dosend") {
$contact_name = $_POST['contact_name'];
$contact_subject = $_POST['contact_subject'];
$contact_message = $_POST['contact_message'];
// MAKE SURE FIELDS ARE NOT BLANK
if (!is_email_address($contact_email)) {
$is_error = 698;
}
if (trim($contact_message) == "") {
$is_error = 1036;
}
if (trim($contact_name) == "") {
$is_error = 1046;
}
// CHECK CODE
// NOW IN HEADER:
//session_start();
if (!empty($setting['setting_contact_code'])) {
$code = $_SESSION['code'];
if ($code == "") {
$code = randomcode();
/**
* Validate customer input data
*
* Method will read the POST data and validate the customer data
*
* @access private
* @param int $CustomerId The optional customer ID relating to the POST data
* @param string &$Error The referenced string to store any error messages to
* @return bool TRUE if the validation was successful, FALSE otherwise
*/
private function _ValidateCustomerFormData($CustomerId=null, &$Error = "")
{
$checkFields = array('FirstName', 'LastName', 'Email');
if (!isId($CustomerId)) {
$checkFields[] = 'Password';
$checkFields[] = 'PasswordConfirm';
}
foreach ($checkFields as $field) {
if (!array_key_exists('cust' . $field, $_POST) || trim($_POST['cust' . $field]) == '') {
$Error = stripslashes(GetLang('Customer' . $field . 'Required'));
return false;
}
}
if (!is_email_address($_POST['custEmail'])) {
$Error = stripslashes(GetLang('CustomerEmailInvalue'));
return false;
}
if ($_POST['custPhone'] !== '') {
$GLOBALS['ISC_CLASS_CUSTOMER'] = GetClass('ISC_CUSTOMER');
if (!$GLOBALS['ISC_CLASS_CUSTOMER']->ValidatePhoneNumber($_POST['custPhone'])) {
$Error = stripslashes(GetLang('CustomerPhoneInvalid'));
return false;
}
}
if (!isId($CustomerId) && $_POST['custPassword'] !== $_POST['custPasswordConfirm']) {
$Error = stripslashes(GetLang('CustomerPasswordConfirmError'));
return false;
}
if ($_POST['custStoreCredit'] !== '' && !isPrice($_POST['custStoreCredit'])) {
$Error = stripslashes(GetLang('CustomerStoreCreditError'));
return false;
}
$query = "SELECT *
FROM [|PREFIX|]customers
WHERE custconemail='" . $GLOBALS['ISC_CLASS_DB']->Quote($_POST['custEmail']) . "'";
if (isId($CustomerId)) {
$query .= " AND customerid != " . (int)$CustomerId;
}
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
if ($GLOBALS['ISC_CLASS_DB']->CountResult($result) > 0) {
$Error = stripslashes(GetLang('CustomerEmailNotUnique'));
return false;
}
return true;
}
/**
* Validate the supplied information about an order before it is inserted/updated.
*
* @param array An array of details about the order.
* @param string An error message, by reference, if there are any errors.
* @return boolean True if the order is valid, false if not.
*/
private function ValidateOrder($data, &$error)
{
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->LoadLangFile('customers');
switch ($data['customerType']) {
case 'anonymous':
break;
case 'new':
$requiredFields = array('custconemail' => GetLang('CustomerEmailRequired'), 'custpassword' => GetLang('CustomerPasswordRequired'), 'custpassword2' => GetLang('CustomerPasswordConfirmRequired'));
foreach ($requiredFields as $field => $message) {
if (!isset($data[$field]) || !trim($data[$field])) {
$error = $message;
return false;
}
}
// Validate that the email address is actually valid
if (!is_email_address($data['custconemail'])) {
$error = GetLang('CustomerEmailInvalue');
return false;
}
// Is the email address already in use?
$query = "\n\t\t\t\t\t\tSELECT customerid\n\t\t\t\t\t\tFROM [|PREFIX|]customers\n\t\t\t\t\t\tWHERE custconemail='" . $GLOBALS['ISC_CLASS_DB']->Quote($data['custconemail']) . "'\n\t\t\t\t\t";
if ($GLOBALS['ISC_CLASS_DB']->FetchOne($query)) {
$error = GetLang('CustomerEmailNotUnique');
return false;
}
break;
case 'existing':
// Did they choose a customer?
if (!$data['ordcustid']) {
$error = GetLang('ErrorSelectACustomer');
return false;
}
// Does the customer they've chosen actually exist?
$query = "\n\t\t\t\t\t\tSELECT customerid\n\t\t\t\t\t\tFROM [|PREFIX|]customers\n\t\t\t\t\t\tWHERE customerid='" . (int) $data['ordcustid'] . "'\n\t\t\t\t\t";
if (!$GLOBALS['ISC_CLASS_DB']->FetchOne($query)) {
$error = GetLang('CustomerDoesntExist');
return false;
}
}
// Are there any items in the order?
$cartProducts = $this->GetCartApi($data['orderSession'])->GetProductsInCart();
if (empty($cartProducts)) {
$error = GetLang('OrderMustContainOneProduct');
return false;
}
$requiredFields = array('orderpaymentmodule' => GetLang('InvalidPaymentModule'));
foreach ($requiredFields as $field => $message) {
if (!isset($data[$field]) || !trim($data[$field])) {
$error = $message;
return false;
}
}
return true;
}
}
// limit to reasonable sizes
// @todo - throwing away changes due to this is dumb!
// ^^ This is a sticky form so changes aren't lost...?
if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
$error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}")));
register_error($error);
forward(REFERER);
}
if ($value && $valuetype == 'url' && !preg_match('~^https?\\://~i', $value)) {
$value = "http://{$value}";
}
if ($valuetype == 'tags') {
$value = string_to_tag_array($value);
}
if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) {
register_error(elgg_echo('profile:invalid_email', array(elgg_echo("profile:{$shortname}"))));
forward(REFERER);
}
$input[$shortname] = $value;
}
// display name is handled separately
$name = strip_tags(get_input('name'));
if ($name) {
if (elgg_strlen($name) > 50) {
register_error(elgg_echo('user:name:fail'));
} elseif ($owner->name != $name) {
$owner->name = $name;
$owner->save();
}
}
private function editOrderSaveBillingAddressAction()
{
if(empty($_POST['quoteSession']) || empty($_POST['orderFor'])) {
exit;
}
$errors = array();
$quote = getClass('ISC_ADMIN_ORDERS')->getQuoteSession($_POST['quoteSession']);
if(!$quote) {
$this->sendEditOrderNoQuoteResponse('customerDetailsInvalid');
}
try {
$customerId = 0;
$password = '';
$confirmedPassword = '';
$email = '';
$accountFormFields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_ACCOUNT, true);
foreach($accountFormFields as $formField) {
$formFieldPrivateId = $formField->record['formfieldprivateid'];
if($formFieldPrivateId == 'EmailAddress') {
$email = $formField->getValue();
}
else if($formFieldPrivateId == 'Password') {
$password = $formField->getValue();
}
else if($formFieldPrivateId == 'ConfirmPassword') {
$confirmedPassword = $formField->getValue();
}
}
if($email && !is_email_address($email)) {
$this->sendEditOrderResponse(array(
'stateTransition' => 'customerDetailsInvalid',
'errors' => array(
getLang('CustomerEmailInvalid')
)
));
}
if($_POST['orderFor'] == 'new') {
foreach($accountFormFields as $formField) {
// All fields are optional on the order management page, so only validate
// when there is a value.
$error = '';
if($formField->getValue() && !$formField->runValidation($error)) {
$errors[] = $error;
break;
}
}
// Passwords don't match
if($password && $password != $confirmedPassword) {
$errors[] = getLang('CustomerPasswordConfirmError');
}
// If there's a password and an email then we're registering an
// account. Make sure the email address isn't already in use
// by another customer.
if($email && $password && getClass('ISC_CUSTOMER')->accountWithEmailAlreadyExists($email)) {
$errors[] = getLang('CustomerEmailNotUnique');
}
if(!empty($errors)) {
$this->sendEditOrderResponse(array(
'stateTransition' => 'customerDetailsInvalid',
'errors' => $errors
));
}
$quote->setCustomerId(0);
if(!empty($_POST['accountCustomerGroup'])) {
$quote->setCustomerGroupId($_POST['accountCustomerGroup']);
}
}
// Verify a valid customer was selected for the order
else {
if(empty($_POST['customerId'])) {
$this->sendEditOrderResponse(array(
'stateTransition' => 'customerDetailsInvalid',
'errors' => array(
getLang('OrderInvalidCustomer')
)
));
}
$customerId = $_POST['customerId'];
$customer = getClass('ISC_CUSTOMER')->getCustomerInfo($customerId);
if(!$customer) {
$this->sendEditOrderResponse(array(
'stateTransition' => 'customerDetailsInvalid',
'errors' => array(
getLang('OrderInvalidCustomer')
)
));
}
$quote->setCustomerId($customerId);
$quote->setCustomerGroupId($customer['custgroupid']);
}
$saveAddress = false;
// If the "save billing address" option is ticked, and this order is for a new
// customer where an account is being created, or for an existing customer and
// an existing address isn't being used, then the address can be saved.
if((bool)Interspire_Request::post('saveBillingAddress', false) && (($_POST['orderFor'] == 'new' && $email && $password) ||
$_POST['orderFor'] == 'customer' || $_POST['orderFor'] == 'dontchange')) {
$saveAddress = true;
}
$billingCustomFields = array();
$billingFormFields = $GLOBALS['ISC_CLASS_FORM']->getFormFields(FORMFIELDS_FORM_BILLING, true);
foreach($billingFormFields as $formFieldId => $formField) {
// All fields are optional on the order management page, so only validate
// when there is a value.
$error = '';
if($formField->getValue() && !$formField->runValidation($error)) {
$errors[] = $error;
}
if(!$formField->record['formfieldprivateid']) {
$billingCustomFields[$formFieldId] = $formField->getValue();
}
}
require ISC_BASE_PATH . '/lib/addressvalidation.php';
$billingAddressArray = convertAddressFieldsToArray($billingFormFields);
// Actually set the billing address on the quote
$quote->getBillingAddress()
->setAddressByArray($billingAddressArray)
->setEmail($email)
->setCustomFields($billingCustomFields)
->setSaveAddress($saveAddress);
// Send the response back
$response = array(
'stateTransition' => 'customerDetailsOk',
'billingDetailsSummary' => $this->generateBillingDetailsSummary($quote),
);
$response['billingEmailAddress'] = $email;
$response['itemsTable'] = GetClass('ISC_ADMIN_ORDERS')->generateEditOrderItemsTable($quote);
$response['isDigital'] = $quote->isDigital();
$this->sendEditOrderResponse($response);
} catch (ISC_QUOTE_EXCEPTION $exception) {
$this->sendEditOrderResponse(array(
'stateTransition' => 'customerDetailsInvalid',
'errors' => array(
$exception->getMessage(),
),
));
}
}
/**
* Validate account form variables
*
* @param array $submissionVars Submitted vars
* @param array $formVars Form vars
*
* @return bool
*/
protected function validateAdminVars($submissionVars, $formVars)
{
foreach ($formVars as $field => $info) {
if ($info['required'] == TRUE && !$submissionVars[$field]) {
$name = elgg_echo("install:admin:label:{$field}");
register_error(elgg_echo('install:error:requiredfield', array($name)));
return FALSE;
}
}
if ($submissionVars['password1'] !== $submissionVars['password2']) {
register_error(elgg_echo('install:admin:password:mismatch'));
return FALSE;
}
if (trim($submissionVars['password1']) == "") {
register_error(elgg_echo('install:admin:password:empty'));
return FALSE;
}
$minLength = get_config('min_password_length');
if (strlen($submissionVars['password1']) < $minLength) {
register_error(elgg_echo('install:admin:password:tooshort'));
return FALSE;
}
// check that email address is email address
if ($submissionVars['email'] && !is_email_address($submissionVars['email'])) {
$msg = elgg_echo('install:error:emailaddress', array($submissionVars['email']));
register_error($msg);
return FALSE;
}
return TRUE;
}
/**
* Export a single value for an entity
*
* @param string $hook the name of the hook
* @param string $type the type of the hook
* @param mixed $return_value the current return value
* @param array $params supplied params
*
* @return void|mixed
*/
public static function exportEntityValue($hook, $type, $return_value, $params)
{
if (!is_null($return_value)) {
// someone already provided output
return;
}
$entity = elgg_extract('entity', $params);
if (!$entity instanceof \ElggEntity) {
return;
}
$exportable_value = elgg_extract('exportable_value', $params);
$owner = $entity->getOwnerEntity();
$container = $entity->getContainerEntity();
if (stristr($exportable_value, 'csv_exporter_owner_') !== false && !$owner instanceof \ElggEntity) {
// trying to export owner information, but owner not available
return;
}
if (stristr($exportable_value, 'csv_exporter_container_') !== false && !$container instanceof \ElggEntity) {
// trying to export container information, but container not available
return;
}
switch ($exportable_value) {
case 'csv_exporter_owner_name':
if ($owner instanceof \ElggObject) {
return $owner->title;
} else {
return $owner->name;
}
break;
case 'csv_exporter_owner_username':
if ($owner instanceof \ElggUser) {
return $owner->username;
} else {
return $owner->getGUID();
}
break;
case 'csv_exporter_owner_email':
$email = $owner->email;
if (is_email_address($email)) {
return $email;
}
break;
case 'csv_exporter_owner_url':
return $owner->getURL();
break;
case 'csv_exporter_container_name':
if ($container instanceof \ElggObject) {
return $container->title;
} else {
return $container->name;
}
break;
case 'csv_exporter_container_username':
if ($container instanceof \ElggUser) {
return $container->username;
} else {
return $container->getGUID();
}
break;
case 'csv_exporter_container_email':
$email = $container->email;
if (is_email_address($email)) {
return $email;
}
break;
case 'csv_exporter_container_url':
return $container->getURL();
break;
case 'csv_exporter_time_created_readable':
return date(elgg_echo('friendlytime:date_format'), $entity->time_created);
break;
case 'csv_exporter_time_updated_readable':
return date(elgg_echo('friendlytime:date_format'), $entity->time_updated);
break;
case 'csv_exporter_url':
return $entity->getURL();
break;
}
}
/**
* Set a user's email address
*
* @return bool
* @since 1.8.0
* @access private
*/
function _elgg_set_user_email()
{
$email = get_input('email');
$user_guid = get_input('guid');
if ($user_guid) {
$user = get_user($user_guid);
} else {
$user = elgg_get_logged_in_user_entity();
}
if (!is_email_address($email)) {
register_error(elgg_echo('email:save:fail'));
return false;
}
if ($user) {
if (strcmp($email, $user->email) != 0) {
if (!get_user_by_email($email)) {
if ($user->email != $email) {
$user->email = $email;
if ($user->save()) {
system_message(elgg_echo('email:save:success'));
return true;
} else {
register_error(elgg_echo('email:save:fail'));
}
}
} else {
register_error(elgg_echo('registration:dupeemail'));
}
} else {
// no change
return null;
}
} else {
register_error(elgg_echo('email:save:fail'));
}
return false;
}
/**
* Invite a new user by email to a group
*
* @param $user invitation sender
* @param $entity the group or event to be invited for
* @param string $email the email address to be invited
* @param string $text (optional) extra text in the invitation
*
* @return boolean|NULL true is invited, false on failure, null when already send
*/
function send_invite_email($user, $entity, $email, $text = "")
{
$result = false;
if (empty($email)) {
elgg_log("ZHError, send_invite_email, email is empty", "ERROR");
return $result;
}
if (!is_email_address($email)) {
elgg_log("ZHError, send_invite_email, email is invalid, email {$email}", "ERROR");
return $result;
}
if (empty($entity)) {
elgg_log("ZHError, send_invite_email, entity is empty", "ERROR");
return $result;
}
if ($entity instanceof ElggGroup) {
$senderName = $entity->name;
} else {
if ($entity instanceof Zhaohu) {
$senderName = $entity->title;
} else {
elgg_log("ZHError, send_invite_email, entity is invalid entity id {$entity->guid}", "ERROR");
return $result;
}
}
$subject = elgg_echo("zhaohu:invite:email:subject", array($user->name, $senderName));
$body = '<div style="color:#333;font-size:16px;">' . elgg_echo("zhaohu:invite:email:body", array($user->getURL(), $user->name, $entity->getURL(), $senderName, $user->name, $text)) . '</div>';
//$body = elgg_trigger_plugin_hook("invite_notification", "zhgroups", $params, $body);
//for debug register_error("senderName {$senderName}, email {$email}, subjec {$subject}");
//for debug register_error("body {$body}");
$result = zhgroups_send_email($senderName, $email, $subject, $body, '');
return $result;
}
* @package Elgg
* @subpackage Core
* @author Curverider Ltd
* @link http://elgg.org/
*/
global $CONFIG;
gatekeeper();
$email = get_input('email');
$user_id = get_input('guid');
$user = "";
if (!$user_id) {
$user = $_SESSION['user'];
} else {
$user = get_entity($user_id);
}
if (!is_email_address($email)) {
register_error(elgg_echo('email:save:fail'));
forward($_SERVER['HTTP_REFERER']);
}
if ($user) {
if (strcmp($email, $user->email) != 0) {
if (!get_user_by_email($email)) {
if ($user->email != $email) {
$user->email = $email;
if ($user->save()) {
request_user_validation($user->getGUID());
system_message(elgg_echo('email:save:success'));
} else {
register_error(elgg_echo('email:save:fail'));
}
}
function subsite_manager_create_username_from_email($email)
{
$result = false;
if (!empty($email) && is_email_address($email)) {
list($name, $dummy) = explode("@", $email);
$name = trim($name);
if (!empty($name)) {
// show hidden entities (unvalidated users)
$hidden = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (get_user_by_username($name)) {
$i = 1;
while (get_user_by_username($name . $i)) {
$i++;
}
$result = $name . $i;
} else {
$result = $name;
}
// restore hidden entities
access_show_hidden_entities($hidden);
}
}
return $result;
}
// invite from csv
if (!empty($csv)) {
$file_location = $_FILES["csv"]["tmp_name"];
$fh = fopen($file_location, "r");
if (!empty($fh)) {
while (($data = fgetcsv($fh, 0, ";")) !== false) {
/*
* data structure
* data[0] => displayname
* data[1] => e-mail address
*/
$email = "";
if (isset($data[1])) {
$email = trim($data[1]);
}
if (!empty($email) && is_email_address($email)) {
$users = get_user_by_email($email);
if (!empty($users)) {
// found a user with this email on the site, so invite (or add)
$user = $users[0];
if (!$group->isMember($user)) {
if (!$adding) {
if (!check_entity_relationship($group->getGUID(), "invited", $user->getGUID()) || $resend) {
// invite user
if (group_tools_invite_user($group, $user, $text, $resend)) {
$invited++;
}
} else {
// user was already invited
$already_invited++;
}
register_error(elgg_echo("event_manager:action:registration:edit:error_fields_program_only"));
}
} else {
register_error(elgg_echo("event_manager:action:event:edit:error_fields"));
}
forward($forward_url);
} else {
$_SESSION['registerevent_values'] = null;
}
if (elgg_is_logged_in()) {
$object = elgg_get_logged_in_user_entity();
} else {
// validate email
$old_ia = elgg_set_ignore_access(true);
$object = null;
if (!is_email_address($answers["email"])) {
register_error(elgg_echo("registration:notemail"));
forward($forward_url);
} else {
// check for user with this emailaddress
if ($existing_user = get_user_by_email($answers["email"])) {
$object = $existing_user[0];
// todo check if there already is a relationship with the event.
$current_relationship = $event->getRelationshipByUser($object->getGUID());
if ($current_relationship) {
switch ($current_relationship) {
case EVENT_MANAGER_RELATION_ATTENDING:
// already attendee
register_error(elgg_echo("event_manager:action:register:email:account_exists:attending"));
forward($forward_url);
case EVENT_MANAGER_RELATION_ATTENDING_WAITINGLIST: