function CustomersUpdate()
{
global $_POST, $Lang_folder;
$customers_id = -1;
// include PW function
require_once DIR_FS_INC . 'olc_encrypt_password.inc.php';
if (isset($_POST['cID'])) {
$customers_id = olc_db_prepare_input($_POST['cID']);
}
// security check, if user = admin, dont allow to perform changes
if ($customers_id != -1) {
$sec_query = olc_db_query("SELECT customers_status FROM " . TABLE_CUSTOMERS . " where customers_id='" . $customers_id . "'");
$sec_data = olc_db_fetch_array($sec_query);
if ($sec_data['customers_status'] == 0) {
print_xml_status(120, $_POST['action'], 'CAN NOT CHANGE ADMIN USER!', '', '', '');
return;
}
}
$sql_customers_data_array = array();
if (isset($_POST['customers_cid'])) {
$sql_customers_data_array['customers_cid'] = $_POST['customers_cid'];
}
if (isset($_POST['customers_firstname'])) {
$sql_customers_data_array['customers_firstname'] = $_POST['customers_firstname'];
}
if (isset($_POST['customers_lastname'])) {
$sql_customers_data_array['customers_lastname'] = $_POST['customers_lastname'];
}
if (isset($_POST['customers_dob'])) {
$sql_customers_data_array['customers_dob'] = $_POST['customers_dob'];
}
if (isset($_POST['customers_email'])) {
$sql_customers_data_array['customers_email_address'] = $_POST['customers_email'];
}
if (isset($_POST['customers_tele'])) {
$sql_customers_data_array['customers_telephone'] = $_POST['customers_tele'];
}
if (isset($_POST['customers_fax'])) {
$sql_customers_data_array['customers_fax'] = $_POST['customers_fax'];
}
if (isset($_POST['customers_gender'])) {
$sql_customers_data_array['customers_gender'] = $_POST['customers_gender'];
}
if (isset($_POST['customers_password'])) {
$sql_customers_data_array['customers_password'] = olc_encrypt_password($_POST['customers_password']);
}
$sql_address_data_array = array();
if (isset($_POST['customers_firstname'])) {
$sql_address_data_array['entry_firstname'] = $_POST['customers_firstname'];
}
if (isset($_POST['customers_lastname'])) {
$sql_address_data_array['entry_lastname'] = $_POST['customers_lastname'];
}
if (isset($_POST['customers_company'])) {
$sql_address_data_array['entry_company'] = $_POST['customers_company'];
}
if (isset($_POST['customers_street'])) {
$sql_address_data_array['entry_street_address'] = $_POST['customers_street'];
}
if (isset($_POST['customers_city'])) {
$sql_address_data_array['entry_city'] = $_POST['customers_city'];
}
if (isset($_POST['customers_postcode'])) {
$sql_address_data_array['entry_postcode'] = $_POST['customers_postcode'];
}
if (isset($_POST['customers_gender'])) {
$sql_address_data_array['entry_gender'] = $_POST['customers_gender'];
}
if (isset($_POST['customers_country_id'])) {
$country_code = $_POST['customers_country_id'];
}
$country_query = "SELECT countries_id FROM " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . $country_code . "' LIMIT 1";
$country_result = olc_db_query($country_query);
$row = olc_db_fetch_array($country_result);
$sql_address_data_array['entry_country_id'] = $row['countries_id'];
$count_query = olc_db_query("SELECT count(*) as count FROM " . TABLE_CUSTOMERS . " WHERE customers_id='" . (int) $customers_id . "' LIMIT 1");
$check = olc_db_fetch_array($count_query);
if ($check['count'] > 0) {
$mode = 'SQL_UPDATE';
$address_book_result = olc_db_query("SELECT customers_default_address_id FROM " . TABLE_CUSTOMERS . " WHERE customers_id = '" . (int) $customers_id . "' LIMIT 1");
$customer = olc_db_fetch_array($address_book_result);
olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' LIMIT 1");
olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' AND address_book_id = '" . $customer['customers_default_address_id'] . "' LIMIT 1");
olc_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customers_id . "' LIMIT 1");
} else {
$mode = 'APPEND';
if (strlen($_POST['customers_password']) == 0) {
// generate PW if empty
$pw = olc_RandomString(8);
$sql_customers_data_array['customers_password'] = olc_create_password($pw);
}
olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array);
$customers_id = olc_db_insert_id();
$sql_address_data_array['customers_id'] = $customers_id;
olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array);
$address_id = olc_db_insert_id();
olc_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customers_id . "'");
olc_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '" . STANDARD_GROUP . "' where customers_id = '" . (int) $customers_id . "'");
olc_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customers_id . "', '0', now())");
}
if (SEND_ACCOUNT_MAIL == true && $mode == 'APPEND' && $sql_customers_data_array['customers_email_address'] != '') {
// generate mail for customer if customer=new
require_once DIR_WS_CLASSES . 'class.phpmailer.php';
require_once DIR_FS_INC . 'olc_php_mail.inc.php';
require_once DIR_FS_INC . 'olc_add_tax.inc.php';
require_once DIR_FS_INC . 'olc_not_null.inc.php';
require_once DIR_FS_INC . 'changedataout.inc.php';
require_once DIR_FS_INC . 'olc_href_link.inc.php';
require_once DIR_FS_INC . 'olc_date_long.inc.php';
require_once DIR_FS_INC . 'olc_check_agent.inc.php';
$smarty = new Smarty();
//$smarty->assign('language', $check_status['language']);
$smarty->assign('language', $Lang_folder);
$smarty->caching = false;
$smarty->template_dir = DIR_FS_CATALOG . 'templates';
$smarty->compile_dir = DIR_FS_CATALOG . 'cache/templates_c';
$smarty->config_dir = DIR_FS_CATALOG . 'lang';
$smarty->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
$smarty->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/images/');
$smarty->assign('NAME', $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname']);
$smarty->assign('EMAIL', $sql_customers_data_array['customers_email_address']);
$smarty->assign('PASSWORD', $pw);
//$smarty->assign('language', $Lang_folder);
$smarty->assign('content', $module_content);
$smarty->caching = false;
$html_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.html');
$txt_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.txt');
// send mail with html/txt template
olc_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $sql_customers_data_array['customers_email_address'], $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail);
}
print_xml_status(0, $_POST['action'], 'OK', $mode, 'CUSTOMERS_ID', $customers_id);
}
$customers_telephone = olc_db_prepare_input($_POST['customers_telephone']);
$customers_fax = olc_db_prepare_input($_POST['customers_fax']);
$default_address_id = olc_db_prepare_input($_POST['default_address_id']);
}
$entry_primary = olc_db_prepare_input($_POST['primary']);
$entry_company = olc_db_prepare_input($_POST['entry_company']);
$entry_suburb = olc_db_prepare_input($_POST['entry_suburb']);
$entry_state = olc_db_prepare_input($_POST['entry_state']);
$entry_zone_id = olc_db_prepare_input($_POST['entry_zone_id']);
$not_IsEditAccount = !$IsEditAccount;
if ($not_IsEditAccount) {
if ($IsCreateAccount) {
$IsCreateUsermodeAccount = $IsUserMode;
if ($IsGuest) {
//create password
$customers_password = olc_create_password(8);
$customers_status_c = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
} else {
$customers_password = olc_db_prepare_input($_POST['customers_password']);
$entry_password_error = check_input_error(strlen($customers_password) < ENTRY_PASSWORD_MIN_LENGTH, ENTRY_PASSWORD_ERROR);
if ($IsUserMode) {
$customers_password_confirmation = olc_db_prepare_input($_POST['customers_password_confirmation']);
$entry_password_confirmation_error = check_input_error($customers_password != $customers_password_confirmation, ENTRY_PASSWORD_ERROR_NOT_MATCHING);
$customers_status_c = DEFAULT_CUSTOMERS_STATUS_ID;
} else {
$customers_send_mail = olc_db_prepare_input($_POST['customers_mail']);
$customers_mail_comments = olc_db_prepare_input($_POST['mail_comments']);
$customers_status_c = olc_db_prepare_input($_POST['status']);
$entry_mail_error = check_input_error($customers_send_mail != 'yes' && $customers_send_mail != 'no', TEXT_REQUIRED);
}
}
