/** * Updates the password in a customers account * * @param string $password The new password * @param integer $customer_id The ID of the customer account to update * @access public * @return boolean */ public static function savePassword($password, $customer_id = null) { global $lC_Database, $lC_Customer; if (!is_numeric($customer_id)) { $customer_id = $lC_Customer->getID(); } $Qcustomer = $lC_Database->query('update :table_customers set customers_password = :customers_password, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_password', lc_encrypt_string($password)); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $customer_id); $Qcustomer->execute(); return $Qcustomer->affectedRows() === 1; }
public static function save($id = null, $data, $send_email = true) { global $lC_Database, $lC_Language, $lC_DateTime; $lC_Language->loadIniFile('customers.php'); $error = false; $result = array(); if (!is_numeric($id) || is_numeric($id)) { // check that email doesnt exist $Qcheck = $lC_Database->query('select customers_id from :table_customers where customers_email_address = :customers_email_address'); if (isset($id) && is_numeric($id)) { $Qcheck->appendQuery('and customers_id != :customers_id'); $Qcheck->bindInt(':customers_id', $id); } $Qcheck->appendQuery('limit 1'); $Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcheck->bindValue(':customers_email_address', $data['email_address']); $Qcheck->execute(); if ($Qcheck->numberOfRows() > 0) { $error = true; $result['rpcStatus'] = -2; } $Qcheck->freeResult(); if (trim($data['password']) != null) { // check that passwords match if (trim($data['password']) != trim($data['confirmation'])) { $error = true; $result['rpcStatus'] = -3; } } } else { // check that passwords match if (trim($data['password']) != trim($data['confirmation'])) { $error = true; $result['rpcStatus'] = -3; } } if ($error === false) { $lC_Database->startTransaction(); if (is_numeric($id)) { $Qcustomer = $lC_Database->query('update :table_customers set customers_group_id = :customers_group_id, customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $id); } else { $Qcustomer = $lC_Database->query('insert into :table_customers (customers_group_id, customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, number_of_logons, date_account_created) values (:customers_group_id, :customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :number_of_logons, :date_account_created)'); $Qcustomer->bindInt(':number_of_logons', 0); $Qcustomer->bindRaw(':date_account_created', 'now()'); } $dob = isset($data['dob']) && !empty($data['dob']) ? lC_DateTime::toDateTime($data['dob']) : '0000-00-00 00:00:00'; $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_gender', $data['gender']); $Qcustomer->bindValue(':customers_firstname', $data['firstname']); $Qcustomer->bindValue(':customers_lastname', $data['lastname']); $Qcustomer->bindValue(':customers_email_address', $data['email_address']); $Qcustomer->bindValue(':customers_dob', $dob); $Qcustomer->bindInt(':customers_newsletter', $data['newsletter']); $Qcustomer->bindInt(':customers_status', $data['status']); $Qcustomer->bindInt(':customers_group_id', $data['group']); $Qcustomer->setLogging($_SESSION['module'], $id); $Qcustomer->execute(); if (!$lC_Database->isError()) { if (!empty($data['password'])) { $customer_id = !empty($id) ? $id : $lC_Database->nextID(); $result['new_customer_id'] = $customer_id; $Qpassword = $lC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id'); $Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS); $Qpassword->bindValue(':customers_password', lc_encrypt_string(trim($data['password']))); $Qpassword->bindInt(':customers_id', $customer_id); $Qpassword->setLogging($_SESSION['module'], $customer_id); $Qpassword->execute(); if ($lC_Database->isError()) { $error = true; $result['rpcStatus'] = -1; } } } } if ($error === false) { $lC_Database->commitTransaction(); if ($send_email === true) { if (empty($id)) { $full_name = trim($data['firstname'] . ' ' . $data['lastname']); $email_text = ''; if (ACCOUNT_GENDER > -1) { if ($data['gender'] == 'm') { $email_text .= sprintf($lC_Language->get('email_greet_mr'), trim($data['lastname'])) . "\n\n"; } else { $email_text .= sprintf($lC_Language->get('email_greet_ms'), trim($data['lastname'])) . "\n\n"; } } else { $email_text .= sprintf($lC_Language->get('email_greet_general'), $full_name) . "\n\n"; } $email_text .= sprintf($lC_Language->get('email_text'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, trim($data['password'])); $email_subject = sprintf($lC_Language->get('email_subject'), STORE_NAME); lc_email($full_name, $data['email_address'], $email_subject, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } } return $result; } $lC_Database->rollbackTransaction(); return $result; }
/** * Saves the administrator information * * @param integer $id The administrator id used on update, null on insert * @param array $data An array containing the administrator information * @access public * @return array */ public static function save($id = null, $data) { global $lC_Database; $error = false; $result = array(); $Qcheck = $lC_Database->query('select id, language_id from :table_administrators where user_name = :user_name'); if (isset($id) && $id != null) { $Qcheck->appendQuery('and id != :id'); $Qcheck->bindInt(':id', $id); } $Qcheck->appendQuery('limit 1'); $Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qcheck->bindValue(':user_name', $data['user_name']); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $lC_Database->startTransaction(); if (isset($id) && $id != null) { $Qadmin = $lC_Database->query('update :table_administrators set user_name = :user_name, first_name = :first_name, last_name = :last_name, image = :image, access_group_id = :access_group_id, language_id = :language_id, verify_key = :verify_key'); if (isset($data['user_password']) && !empty($data['user_password'])) { $Qadmin->appendQuery(', user_password = :user_password'); $Qadmin->bindValue(':user_password', lc_encrypt_string(trim($data['user_password']))); } $Qadmin->appendQuery('where id = :id'); $Qadmin->bindInt(':id', $id); } else { $Qadmin = $lC_Database->query('insert into :table_administrators (user_name, user_password, first_name, last_name, image, access_group_id, language_id, verify_key) values (:user_name, :user_password, :first_name, :last_name, :image, :access_group_id,:language_id, :verify_key)'); $Qadmin->bindValue(':user_password', lc_encrypt_string(trim($data['user_password']))); } $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $data['user_name']); $Qadmin->bindValue(':first_name', $data['first_name']); $Qadmin->bindValue(':last_name', $data['last_name']); $Qadmin->bindValue(':image', $data['avatar']); $Qadmin->bindInt(':access_group_id', $data['access_group_id']); $Qadmin->bindInt(':language_id', $data['language_id']); $Qadmin->bindValue(':verify_key', ''); $Qadmin->setLogging($_SESSION['module'], $id); $Qadmin->execute(); if (!$lC_Database->isError()) { if (!is_numeric($id)) { $id = $lC_Database->nextID(); $new = 1; } } else { $error = true; } if ($error === false) { $lC_Database->commitTransaction(); if (!$new) { // check for language changes and set session accordingly if ($data['language_id'] != $Qcheck->value('language_id')) { $_SESSION['admin']['language_id'] = $data['language_id']; } $_SESSION['admin']['username'] = $data['user_name']; $_SESSION['admin']['firstname'] = $data['first_name']; $_SESSION['admin']['lastname'] = $data['last_name']; } } else { $lC_Database->rollbackTransaction(); $result['rpcStatus'] = -1; } } else { $result['rpcStatus'] = -2; } return $result; }
public static function passwordChange($pass, $email) { global $lC_Database; $lC_Database->startTransaction(); // update the password $Qpass = $lC_Database->query('update :table_administrators set user_password = :user_password where user_name = :user_name'); $Qpass->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qpass->bindValue(':user_password', lc_encrypt_string(trim($pass))); $Qpass->bindValue(':user_name', $email); $Qpass->setLogging($_SESSION['module'], $email); $Qpass->execute(); // successful password update, move on if (!$lC_Database->isError()) { // get user info $Qadmin = $lC_Database->query('select * from :table_administrators where user_name = :user_name'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $email); $Qadmin->execute(); // set session info $_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'firstname' => $Qadmin->value('first_name'), 'lastname' => $Qadmin->value('last_name'), 'username' => $Qadmin->value('user_name'), 'password' => $Qadmin->value('user_pasword'), 'access' => lC_Access::getUserLevels($Qadmin->valueInt('access_group_id'))); // remove key to stop further changes with this key $Qkeyremove = $lC_Database->query('update :table_administrators set verify_key = :verify_key where user_name = :user_name'); $Qkeyremove->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qkeyremove->bindValue(':user_name', $email); $Qkeyremove->bindValue(':verify_key', null); $Qkeyremove->execute(); $lC_Database->commitTransaction(); $_SESSION['user_confirmed_email'] = null; $_SESSION['user_not_exists'] = null; return true; } else { $lC_Database->rollbackTransaction(); return false; } }
$Qupdate->bindTable(':table_configuration', TABLE_CONFIGURATION); $Qupdate->bindValue(':configuration_value', '"' . $_POST['CFG_STORE_OWNER_NAME'] . '" <' . $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>'); $Qupdate->bindValue(':configuration_key', 'EMAIL_FROM'); $Qupdate->execute(); } $Qcheck = $lC_Database->query('select user_name from :table_administrators where user_name = :user_name'); $Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qcheck->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']); $Qcheck->execute(); if ($Qcheck->numberOfRows()) { $Qadmin = $lC_Database->query('update :table_administrators set user_password = :user_password, first_name = :first_name, last_name = :last_name, access_group_id = :access_group_id where user_name = :user_name'); } else { $Qadmin = $lC_Database->query('insert into :table_administrators (user_name, user_password, first_name, last_name, access_group_id) values (:user_name, :user_password, :first_name, :last_name, :access_group_id)'); } $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_password', lc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD']))); $Qadmin->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']); $Qadmin->bindValue(':first_name', $_POST['CFG_STORE_OWNER_FIRST_NAME']); $Qadmin->bindValue(':last_name', $_POST['CFG_STORE_OWNER_LAST_NAME']); $Qadmin->bindInt(':access_group_id', 1); $Qadmin->execute(); ?> <form name="upgrade" id="upgradeForm" action="upgrade.php?step=7" method="post" class="block wizard-enabled"> <span style="width:48%;" class="with-small-padding" style="padding: 10px 0 10px 0;" id="image"><img src="templates/img/logo.png" border="0"></span> <span class="with-small-padding float-right hide-on-mobile" id="logoContainer"><img style="padding-right:10px;" src="templates/img/new_version.png" border="0"></span> <ul class="wizard-steps"> <li class="completed hide-on-mobile"><span class="wizard-step">1</span><?php echo $lC_Language->get('upgrade_nav_text_1'); ?> </li> <li class="completed hide-on-mobile"><span class="wizard-step">2</span><?php