public static function execute($data) { if (!empty($data['password'])) { $data['password'] = osc_encrypt_string(trim($data['password'])); } return OSCOM::callDB('Admin\\Administrators\\Save', $data); }
public static function save($id = null, $data, $modules = null) { global $osC_Database; $error = false; $Qcheck = $osC_Database->query('select id from :table_administrators where user_name = :user_name'); if (is_numeric($id)) { $Qcheck->appendQuery('and id != :id'); $Qcheck->bindInt(':id', $id); } $Qcheck->appendQuery('limit 1'); $Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qcheck->bindValue(':user_name', $data['username']); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $osC_Database->startTransaction(); if (is_numeric($id)) { $Qadmin = $osC_Database->query('update :table_administrators set user_name = :user_name'); if (isset($data['password']) && !empty($data['password'])) { $Qadmin->appendQuery(', user_password = :user_password'); $Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password']))); } $Qadmin->appendQuery('where id = :id'); $Qadmin->bindInt(':id', $id); } else { $Qadmin = $osC_Database->query('insert into :table_administrators (user_name, user_password) values (:user_name, :user_password)'); $Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password']))); } $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $data['username']); $Qadmin->setLogging($_SESSION['module'], $id); $Qadmin->execute(); if (!$osC_Database->isError()) { if (!is_numeric($id)) { $id = $osC_Database->nextID(); } } else { $error = true; } if ($error === false) { if (!empty($modules)) { if (in_array('0', $modules)) { $modules = array('*'); } foreach ($modules as $module) { $Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1'); $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); $Qcheck->bindInt(':administrators_id', $id); $Qcheck->bindValue(':module', $module); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)'); $Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); $Qinsert->bindInt(':administrators_id', $id); $Qinsert->bindValue(':module', $module); $Qinsert->setLogging($_SESSION['module'], $id); $Qinsert->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id'); if (!empty($modules)) { $Qdel->appendQuery('and module not in (":module")'); $Qdel->bindRaw(':module', implode('", "', $modules)); } $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); $Qdel->bindInt(':administrators_id', $id); $Qdel->setLogging($_SESSION['module'], $id); $Qdel->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { $osC_Database->commitTransaction(); return 1; } else { $osC_Database->rollbackTransaction(); return -1; } } else { return -2; } }
Released under the GNU General Public License */ require '../includes/database_tables.php'; osc_db_connect($HTTP_POST_VARS['DB_SERVER'], $HTTP_POST_VARS['DB_SERVER_USERNAME'], $HTTP_POST_VARS['DB_SERVER_PASSWORD']); osc_db_select_db($HTTP_POST_VARS['DB_DATABASE']); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_NAME'] . '" where configuration_key = "STORE_NAME"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '" where configuration_key = "STORE_OWNER"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"'); if (!empty($HTTP_POST_VARS['CFG_STORE_OWNER_NAME']) && !empty($HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'])) { osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '\\" <' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>" where configuration_key = "EMAIL_FROM"'); } $check_query = osc_db_query('select user_name from ' . TABLE_ADMINISTRATORS . ' where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"'); if (osc_db_num_rows($check_query)) { osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set user_password = "******" where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"'); } else { osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '", "' . osc_encrypt_string(trim($HTTP_POST_VARS['CFG_ADMINISTRATOR_PASSWORD'])) . '")'); } ?> <div class="mainBlock"> <div class="stepsBox"> <ol> <li>Database Server</li> <li>Web Server</li> <li>Online Store Settings</li> <li style="font-weight: bold;">Finished!</li> </ol> </div> <h1>New Installation</h1>
/** * Updates the password in a customers account * * @param string $password The new password * @param integer $customer_id The ID of the customer account to update * @access public * @return boolean */ public static function savePassword($password, $customer_id = null) { global $osC_Database, $osC_Customer; if (!is_numeric($customer_id)) { $customer_id = $osC_Customer->getID(); } $Qcustomer = $osC_Database->query('update :table_customers set customers_password = :customers_password, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_password', osc_encrypt_string($password)); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $customer_id); $Qcustomer->execute(); return $Qcustomer->affectedRows() === 1; }
$language_selected = 'english'; } require '../includes/database_tables.php'; osc_db_connect(trim($_POST['DB_SERVER']), trim($_POST['DB_SERVER_USERNAME']), trim($_POST['DB_SERVER_PASSWORD'])); osc_db_select_db(trim($_POST['DB_DATABASE'])); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_NAME']) . '" where configuration_key = "STORE_NAME"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . ' ' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '" where configuration_key = "STORE_OWNER"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"'); if (!empty($_POST['CFG_STORE_OWNER_NAME']) && !empty($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'])) { osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . trim($_POST['CFG_STORE_OWNER_NAME']) . '\\" <' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '>" where configuration_key = "EMAIL_FROM"'); } $check_query = osc_db_query('select admin_username from ' . TABLE_ADMINISTRATORS . ' where admin_username = "******"'); if (osc_db_num_rows($check_query)) { osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set admin_password = "******" where admin_username = "******"'); } else { osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (admin_groups_id, admin_username, admin_firstname, admin_lastname, admin_email_address, admin_password, admin_created) values (1, "' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '", "' . osc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD'])) . '", now())'); } // BOF: PGM Renaming the Admin Folder $admin_folder = trim($_POST['CFG_ADMIN_FOLDER']); if ($admin_folder != 'admin' && $admin_folder != '') { rename('../admin', '../' . $admin_folder); $admin_folder_renamed = 'true'; } // Added in case admin name not changed or insufficient permissions if ($admin_folder == '') { $admin_folder = 'admin'; } // EOF: PGM Renaming the Admin Folder ?> <div id="menublock"> <ul id="menutabs">
$Qupdate->bindValue(':configuration_value', '"' . $_POST['CFG_STORE_OWNER_NAME'] . '" <' . $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>'); $Qupdate->bindValue(':configuration_key', 'EMAIL_FROM'); $Qupdate->execute(); } //administrators $Qcheck = $osC_Database->query('select user_name from :table_administrators where user_name = :user_name'); $Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qcheck->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']); $Qcheck->execute(); if ($Qcheck->numberOfRows()) { $Qadmin = $osC_Database->query('update :table_administrators set user_password = :user_password and email_address = :email_address where user_name = :user_name'); } else { $Qadmin = $osC_Database->query('insert into :table_administrators (user_name, user_password, email_address) values (:user_name, :user_password, :email_address)'); } $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_password', osc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD']))); $Qadmin->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']); $Qadmin->bindValue(':email_address', $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']); $Qadmin->execute(); //administrators access $Qadmin = $osC_Database->query('select id from :table_administrators where user_name = :user_name'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']); $Qadmin->execute(); $Qcheck = $osC_Database->query('select module from :table_administrators_access where administrators_id = :administrators_id limit 1'); $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); $Qcheck->bindInt(':administrators_id', $Qadmin->valueInt('id')); $Qcheck->execute(); if ($Qcheck->numberOfRows()) { $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id'); $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
public static function save($id = null, $data, $send_email = true) { global $osC_Database, $osC_Language; $error = false; $osC_Database->startTransaction(); if (is_numeric($id)) { $Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $id); } else { $Qcustomer = $osC_Database->query('insert into :table_customers (customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, number_of_logons, date_account_created) values (:customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :number_of_logons, :date_account_created)'); $Qcustomer->bindInt(':number_of_logons', 0); $Qcustomer->bindRaw(':date_account_created', 'now()'); } $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_gender', $data['gender']); $Qcustomer->bindValue(':customers_firstname', $data['firstname']); $Qcustomer->bindValue(':customers_lastname', $data['lastname']); $Qcustomer->bindValue(':customers_email_address', $data['email_address']); $Qcustomer->bindValue(':customers_dob', $data['dob_year'] . '-' . $data['dob_month'] . '-' . $data['dob_day'] . ' 00:00:00'); $Qcustomer->bindInt(':customers_newsletter', $data['newsletter']); $Qcustomer->bindInt(':customers_status', $data['status']); $Qcustomer->setLogging($_SESSION['module'], $id); $Qcustomer->execute(); if (!$osC_Database->isError()) { if (!empty($data['password'])) { $customer_id = !empty($id) ? $id : $osC_Database->nextID(); $Qpassword = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id'); $Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS); $Qpassword->bindValue(':customers_password', osc_encrypt_string(trim($data['password']))); $Qpassword->bindInt(':customers_id', $customer_id); $Qpassword->setLogging($_SESSION['module'], $customer_id); $Qpassword->execute(); if ($osC_Database->isError()) { $error = true; } } } if ($error === false) { $osC_Database->commitTransaction(); if ($send_email === true) { if (empty($id)) { $full_name = trim($data['firstname'] . ' ' . $data['lastname']); $email_text = ''; if (ACCOUNT_GENDER > -1) { if ($data['gender'] == 'm') { $email_text .= sprintf($osC_Language->get('email_greet_mr'), trim($data['lastname'])) . "\n\n"; } else { $email_text .= sprintf($osC_Language->get('email_greet_ms'), trim($data['lastname'])) . "\n\n"; } } else { $email_text .= sprintf($osC_Language->get('email_greet_general'), $full_name) . "\n\n"; } $email_text .= sprintf($osC_Language->get('email_text'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, trim($data['password'])); osc_email($full_name, $data['email_address'], $osC_Language->get('email_subject'), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } } return true; } $osC_Database->rollbackTransaction(); return false; }
function save($id = null, $data, $send_email = true) { global $osC_Database, $osC_Language; $error = false; $osC_Database->startTransaction(); if (is_numeric($id)) { $Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob, customers_newsletter = :customers_newsletter, customers_groups_id = :customers_groups_id, customers_status = :customers_status, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $id); } else { $Qcustomer = $osC_Database->query('insert into :table_customers (customers_gender, customers_firstname, customers_lastname, customers_email_address, customers_dob, customers_newsletter, customers_status, customers_groups_id, number_of_logons, date_account_created) values (:customers_gender, :customers_firstname, :customers_lastname, :customers_email_address, :customers_dob, :customers_newsletter, :customers_status, :customers_groups_id, :number_of_logons, :date_account_created)'); $Qcustomer->bindInt(':number_of_logons', 0); $Qcustomer->bindRaw(':date_account_created', 'now()'); } $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_gender', $data['gender']); $Qcustomer->bindValue(':customers_firstname', $data['firstname']); $Qcustomer->bindValue(':customers_lastname', $data['lastname']); $Qcustomer->bindValue(':customers_email_address', $data['email_address']); $Qcustomer->bindValue(':customers_dob', $data['dob_year'] . '-' . $data['dob_month'] . '-' . $data['dob_day'] . ' 00:00:00'); $Qcustomer->bindInt(':customers_newsletter', $data['newsletter']); $Qcustomer->bindInt(':customers_status', $data['status']); $Qcustomer->bindReplace(':customers_groups_id', $data['customers_groups_id'] == '' ? 'NULL' : $data['customers_groups_id']); $Qcustomer->setLogging($_SESSION['module'], $id); $Qcustomer->execute(); if (!$osC_Database->isError()) { if (!empty($data['password'])) { $customer_id = !empty($id) ? $id : $osC_Database->nextID(); $Qpassword = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id'); $Qpassword->bindTable(':table_customers', TABLE_CUSTOMERS); $Qpassword->bindValue(':customers_password', osc_encrypt_string(trim($data['password']))); $Qpassword->bindInt(':customers_id', $customer_id); $Qpassword->setLogging($_SESSION['module'], $customer_id); $Qpassword->execute(); if ($osC_Database->isError()) { $error = true; } } } if ($error === false) { $osC_Database->commitTransaction(); if ($send_email === true) { if (empty($id)) { include '../includes/classes/email_template.php'; $email_template = toC_Email_Template::getEmailTemplate('admin_create_account_email'); $email_template->setData($data['firstname'], $data['lastname'], $data['email_address'], trim($data['password']), $data['gender']); $email_template->buildMessage(); $email_template->sendEmail(); } } return true; } $osC_Database->rollbackTransaction(); return false; }
function parseXmlFile() { $customers = @simplexml_load_file($this->_filename); if (is_object($customers)) { foreach ($customers->Customer as $customer) { $data['customers_id'] = $customer->ID; $data['customers_gender'] = $customer->Gender; $data['customers_firstname'] = $customer->Firstname; $data['customers_lastname'] = $customer->Lastname; $data['customers_dob'] = $customer->DateOfBirthday; $data['customers_email_address'] = $customer->Email; $data['customers_password'] = osc_encrypt_string($customer->Password); $data['customers_telephone'] = $customer->Telephone; $data['customers_fax'] = $customer->Fax; $data['customers_password'] = $customer->PassWord; $data['customers_status'] = $customer->Status; $data['date_account_created'] = 'now()'; $address_books = array(); foreach ($customer->AddressBooks->AddressBook as $address_book) { $address['entry_gender'] = $address_book->Gender; $address['entry_company'] = $address_book->Company; $address['entry_firstname'] = $address_book->Firstname; $address['entry_lastname'] = $address_book->Lastname; $address['entry_street_address'] = $address_book->Street; $address['entry_suburb'] = $address_book->Suburb; $address['entry_postcode'] = $address_book->Postcode; $address['entry_city'] = $address_book->City; $address['entry_country'] = $address_book->Country; $address['entry_state'] = $address_book->State; $address['entry_country_id'] = $address_book->CountryId; $address['entry_zone_id'] = $address_book->ZoneId; $address['entry_telephone'] = $address_book->Telephone; $address['entry_fax'] = $address_book->Fax; $address_books[] = $address; } $this->insertCustomer($data, $address_books); } return true; } return false; }
/** * Updates the password in a customers account * * @param string $password The new password * @param integer $customer_id The ID of the customer account to update * @access public * @return boolean */ public static function savePassword($password, $customer_id = null) { $OSCOM_Database = Registry::get('Database'); $OSCOM_Customer = Registry::get('Customer'); if (!is_numeric($customer_id)) { $customer_id = $OSCOM_Customer->getID(); } $Qcustomer = $OSCOM_Database->query('update :table_customers set customers_password = :customers_password, date_account_last_modified = :date_account_last_modified where customers_id = :customers_id'); $Qcustomer->bindValue(':customers_password', osc_encrypt_string($password)); $Qcustomer->bindRaw(':date_account_last_modified', 'now()'); $Qcustomer->bindInt(':customers_id', $customer_id); $Qcustomer->execute(); return $Qcustomer->affectedRows() === 1; }
function generatePassword($email) { global $osC_Database; $password = osc_create_random_string(8); $Qpassword = $osC_Database->query('update :table_administrators set user_password = :user_password where email_address = :email_address'); $Qpassword->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qpassword->bindValue(':user_password', osc_encrypt_string($password)); $Qpassword->bindValue(':email_address', $email); $Qpassword->execute(); if (!$osC_Database->isError()) { $Qadmin = $osC_Database->query('select id, user_name, email_address from :table_administrators where email_address = :email_address'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':email_address', $email); $Qadmin->execute(); include '../includes/classes/email_template.php'; $email_template = toC_Email_Template::getEmailTemplate('admin_password_forgotten'); $email_template->setData($Qadmin->value('user_name'), osc_get_ip_address(), $password, $email); $email_template->buildMessage(); $email_template->sendEmail(); return true; } return false; }