/** * Logs an user into the system * @param str $email - the email of the customer * @param str $password - the password of the customer * @return bool - T/F */ function user_login($email, $password) { $return = false; $query = "SELECT COUNT(*)\n\t\t\t FROM user_login ul JOIN person pe ON ul.PARTY_ID = pe.PARTY_ID\n\t\t\t WHERE USER_LOGIN_ID='" . esc($email) . "' AND CURRENT_PASSWORD='******' AND ENABLED = 'A'\n\t\t\t AND pe.STATUS_ID != '" . DELETED . "'"; $data = db_query_to_row($query); if ($data['COUNT(*)'] == 1) { $return = true; $user_login = user_get_login($email); $person = person_get($user_login['PARTY_ID']); $_SESSION['user'] = array(); $_SESSION['user']['SALUTATION'] = $person['SALUTATION']; $_SESSION['user']['FIRST_NAME'] = $person['FIRST_NAME']; $_SESSION['user']['LAST_NAME'] = $person['LAST_NAME']; $_SESSION['user']['PARTY_ID'] = $person['PARTY_ID']; $_SESSION['user']['USER_LOGIN_ID'] = $email; $_SESSION['user']['last_action'] = time(); } return $return; }
if (isset($_GET['VIEW']) && !empty($_GET['VIEW']) || isset($_GET['PROFILE']) && !empty($_GET['PROFILE'])) { // Login as the user if (isset($_GET['VIEW'])) { $client_id = $_GET['VIEW']; $redirect_url = '/dashboard/dashboard'; } else { $client_id = $_GET['PROFILE']; $redirect_url = '/users/profile'; } $_SESSION['FAKE_LOGIN'] = $_SESSION['user']['PARTY_ID']; $client = users_get_login($client_id); user_login($client['USER_LOGIN_ID'], $client['CURRENT_PASSWORD']); $_SESSION['user']['IS_ADMIN'] = false; $_SESSION['user']['LAST_ACTION'] = time(); header(sprintf('location: %s', $redirect_url)); exit; } if (isset($_GET['DELETE']) && !empty($_GET['DELETE'])) { if (!party_exists($_GET['DELETE'])) { $errors[] = sprintf('Customer with id %s does not exist', $_GET['DELETE']); } else { $person = person_get($_GET['DELETE']); person_status_update($_GET['DELETE'], DELETED); $success[] = sprintf('Customer: %s %s has been marked as deleted', $person['FIRST_NAME'], $person['LAST_NAME']); } } $page = forms_get_page(); $customers = users_get_clients($page, 'pe.FIRST_NAME', 'ASC'); $template = set_template('users', 'index'); $link = THEME . 'template.php'; require_once $link;
function LoginForm_AttemptLogin() { global $q_stash, $q_email, $q_name, $q_rememberme; /* User has tried to log in. */ if (is_null($q_email)) { return array('email' => 'Please enter your email address'); } if (!validate_email($q_email)) { return array('email' => 'Please enter a valid email address'); } global $q_password; $P = person_get($q_email); if (is_null($P) || !$P->check_password($q_password)) { return array('badpass' => 'Either your email or password weren\'t recognised. Please try again.'); } else { /* User has logged in correctly. Decide whether they are changing * their name. */ set_login_cookie($P, $q_rememberme ? 28 * 24 * 3600 : null); // one month $P->inc_numlogins(); db_commit(); return array(); } }
} // Saving contacts contact_delete($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT); contact_delete($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT); contact_delete($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS); contact_add($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT, array(CNT_ATTR_NAME => $_POST['NAME'], CNT_ATTR_STREET => $_POST['STREET'], CNT_ATTR_POSTAL => $_POST['POSTAL'], CNT_ATTR_CITY => $_POST['CITY'], CNT_ATTR_COUNTRY => $_POST['COUNTRY'], CNT_ATTR_PHONE => $_POST['PHONE'])); contact_add($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT, array(CNT_ATTR_EMAIL => $_POST['CONTACT_EMAIL'], CNT_ATTR_PHONE => $_POST['CONTACT_PHONE'])); contact_add($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS, array(CNT_ATTR_EMAIL => $_POST['ORDER_EMAIL'], CNT_ATTR_FTP_ADDR => $_POST['ORDER_FTP_ADDRESS'], CNT_ATTR_FTP_USER => $_POST['ORDER_FTP_USER'], CNT_ATTR_FTP_PASS => $_POST['ORDER_FTP_PASS'])); $success[] = 'Your profile has been updated'; } catch (Exception $e) { $errors[] = $e->getMessage(); } } } // Getting clients data $customer = person_get($_SESSION['user']['PARTY_ID']); $user_login = users_get_login($_SESSION['user']['PARTY_ID']); $affiliate = person_affiliate_get($_SESSION['user']['PARTY_ID']); $contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], COMPANY_CONTACT); $contact_attributes = array(); foreach ($contacts['attributes'] as $_attr) { $contact_attributes[$_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; } $contact_person_contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], CONTACT_PERSON_CONTACT); foreach ($contact_person_contacts['attributes'] as $_attr) { $contact_person['CONTACT_' . $_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; } $order_contacts = contact_mech_get($_SESSION['user']['PARTY_ID'], ORDER_CONTACTS); foreach ($order_contacts['attributes'] as $_attr) { $order_contacts_attributes['ORDER_' . $_attr['ATTR_NAME']] = $_attr['ATTR_VALUE']; }
function build_customer_pdf($order_id, $person_id, $client = true) { $system_settings = get_settings(); $order = order_get($order_id); $person = person_get($person_id); $contacts = contact_get_by_party($person_id, COMPANY_CONTACT); $affiliate = person_affiliate_get($person_id); // Dealing with shipments $shipment = shipment_get($order_id); if ($shipment['DESTINATION_CONTACT_MECH_ID'] == SHIPMENT_REQUISITION) { $delivery_address = 'In requisions files'; } else { $attributes = contact_mech_get_attributes($shipment['DESTINATION_CONTACT_MECH_ID']); $delivery_address = contact_generate_string($attributes, '<br />'); } $content = ' <page backtop="30mm" backbottom="14mm" backleft="10mm" backright="10mm" style="font-size: 12px; font-family: Arial; margin-top: 150px;"> <!-- Page header --> <page_header style="margin-left: 20px; height: 400px; margin-bottom: 40px;"> <table style="margin-left: 15px;"> <tr> <td style="width: 530px;"> <div style="background-color: #63cdf5; padding-left: 10px;"> <h1>Order #' . $order_id . '</h1> </div> </td> <td>'; if ($client) { $content .= '<img style="width: 200px;" src="./themes/megamedia/img/website-logo-big.png">'; } $content .= '</td></tr> </table> <div style="clear: both"></div> </page_header> <!-- Metadata --> <table style="margin-left: -30px;" cellspacing="10" cellspadding="0"> <tr> <td style="width: 390px; vertical-align:top; border: 1px solid #fcb040; border-top: none; padding:0; padding-bottom: 10px;"> <div style="background-color: #fcb040; width: 390px; padding-left: 10px; margin-bottom: 10px;"> <h3 style="margin:10 0 10 0; padding: 0;">Customer</h3> </div> <div style="font-size: 15px; margin-left: 10px; width: 390px;"> ' . contact_generate_string($contacts, '<br />') . ' </div> </td>'; if ($client) { $content .= '<td style="width: 300px; vertical-align:top; border: 1px solid #fcb040; border-top: none; padding:0; padding-bottom: 10px;"> <div style="background-color: #fcb040; width: 300px; padding-left: 10px; margin-bottom: 10px;"> <h3 style="margin:10 10 10 10; padding: 0;">Megamedia DK ApS</h3> </div> <div style="font-size: 15px; margin-left: 10px; width: 300px;"> Skøjtevej 19A <br /> 2770 Kastrup <br /> Denmark <br /> Tlf.: +45 70 26 26 99 <br /> <a href="www.megamedia.dk">www.megamedia.dk</a> <br /> Account manager: <b>' . $affiliate['AFFILIATE_NAME'] . '</b> <br /> Telephone: <b>' . $affiliate['AFFILIATE_DESCRIPTION'] . '</b> </div> </td>'; } $content .= '</tr> <tr> <td style="width: 390px; vertical-align:top; border: 1px solid #fcb040; border-top: none; padding:0; padding-bottom: 10px;"> <div style="background-color: #fcb040; width: 390px; padding-left: 10px; margin-bottom: 10px;"> <h3 style="margin:10 0 10 0; padding: 0;">Delivery Address</h3> </div> <div style="font-size: 15px; margin-left: 10px; width: 390px;"> ' . $delivery_address . ' </div> </td>'; if ($client) { $content .= '<td style="width: 300px; vertical-align:top; border: 1px solid #fcb040; border-top: none; padding:0; padding-bottom: 10px;"> <div style="background-color: #fcb040; width: 300px; padding-left: 10px; margin-bottom: 10px;"> <h3 style="margin:10 10 10 10; padding: 0;">Order Details</h3> </div> <div style="font-size: 15px; margin-left: 10px; width: 300px;"> Order done by: <b>' . $person['FIRST_NAME'] . ' ' . $person['LAST_NAME'] . '</b><br /> Order date: <b>' . date_convert($order['ORDER_DATE'], DEFAULT_DATE_FORMAT) . '</b><br /> Your reference: <b>' . $order['EXTERNAL_ID'] . '</b><br /> Additional order info: <b>' . $order['COMMENTS'] . '</b> </div> </td>'; } $content .= '</tr> </table> <!-- Product section --> <div style="margin-left: -20px; width: 715px; background-color: #CB68A8; padding-left: 10px; margin-top: 20px;"> <h3 style="margin:10 10 10 10; padding: 0;">Products</h3> </div> <table style="font-size: 15px; margin-left: -20px; width: 715px; margin-top: 10px;"border="1px" cellspacing="0" > <tr> <th style="width: 228px; padding: 5px;"><b>Product</b></th> <th style="width: 35px; padding: 5px;"><b>Line</b></th> <th style="width: 55px; padding: 5px;"><b>Motives</b></th> <th style="width: 55px; padding: 5px;"><b>Runs</b></th> <th style="width: 85px; padding: 5px;"><b>Variant</b></th>'; if ($client) { $content .= '<th style="width: 95px; padding: 5px;"><b>Price</b></th>'; } $content .= '</tr>'; $Cart = new Cart(); $Cart->fromString($order['SESSION_SERILIALIZE']); $product_count = $Cart->getProductsCount(); $loop = 0; $total = 0; $total_delivery = 0; foreach ($Cart->getProducts() as $i => $_row) { $loop++; list($headers, $rows, $variants, $copies, $delivery) = html_offer_box($_row['PRODUCTS'], $Cart->deliveryDistributionAt($i)); list($html, $add_to_total, $delivery) = pdf_build_offer_box($rows, $variants, $copies, $delivery, $_row['OFFER'], $_row['PRODUCTS']['MOTIVES'], false, true, $_row['PRODUCTS']['RUNS'], $_row['PRODUCTS']['VARIANT'], $client); $content .= $html; $total += $add_to_total; $total_delivery += $delivery; if ($product_count > $loop) { $content .= '<tr><td style="border-left: none; border-right: none;" colspan="6"> </td></tr>'; } } $content .= '</table> <!-- Grand Total --> <div style="clear: both; margin-top: 40px;"> <div style="text-align: right; margin-left: -20px; width: 723px; background-color: #CB68A8; padding-right: 10px; margin-top: 20px;"> <span style="margin:10 10 10 10; padding: 0;">All Delivery + Environment: <span style="color: #fff;">' . number_format($total_delivery + DELIVERY_ENVIRONMENT + $system_settings['ORDER_FEE'], 2) . ' ' . DEFAULT_CURRENCY . '</span></span> </div> </div> <div style="clear: both; margin-top: 40px;"> <div style="text-align: right; margin-left: -20px; width: 723px; background-color: #CB68A8; padding-right: 10px; margin-top: 20px;"> <h3 style="margin:10 10 10 10; padding: 0;">Grand Total: <span style="color: #fff;">' . number_format($total + $total_delivery + DELIVERY_ENVIRONMENT + $system_settings['ORDER_FEE'], 2) . ' ' . DEFAULT_CURRENCY . '</span></h3> </div> </div> <!-- Footer --> <page_footer> <table style="width: 750px;"> <tr> <td class="center">Order: #' . $order_id . ' <i style=" font-size: 10px;">page [[page_cu]]/[[page_nb]]</i></td> </tr> </table> </page_footer> </page>'; try { $html2pdf = new HTML2PDF('P', 'A4', 'en'); $html2pdf->setDefaultFont('Arial'); $html2pdf->writeHTML($content, false); $file_name = $client ? 'Customer-Copy-' : 'Production-Copy-'; $prefix = $file_name . $order_id; $pdf_name = $prefix . '.pdf'; $html2pdf->Output(PDFS_PATH . $pdf_name, 'F'); } catch (HTML2PDF_exception $e) { echo $e; exit; } return PDFS_PATH . $pdf_name; }
function do_reallycreate() { $email = get_http_var('email', ''); $name = get_http_var('name', ''); $person = person_get($email); if ($person) { ?> <div class="action_error"> Already an account with that email address.<br/> see <a href="/adm/useraccounts?person_id=<?php echo $person->id(); ?> ">here</a>. </div> <?php return; } $person = person_get_or_create($email, $name); db_commit(); ?> <div class="action_summary"> New account created. </div> <?php emit_details($person->id()); }
import('person'); import('products'); if (!is_admin()) { header('location: /users/logut'); exit; } $party_id = forms_get('PARTY_ID'); define('PAGE_PRICE_TYPE', $party_id ? CUSTOMER_PRICE : GENERAL_PRICE); if (isset($_POST) && !empty($_POST)) { // Saving prices for a customer foreach ($_POST['APPL_TYPE_ID'] as $product_feat_appl_id => $price) { // If the price is empty we delete it $price = str_replace(',', '.', $price); if ((int) $price == 0 || product_feature_price_exists($product_feat_appl_id, PAGE_PRICE_TYPE, $party_id)) { product_feature_price_delete($product_feat_appl_id, PAGE_PRICE_TYPE, $party_id); } if ((int) $price > 0) { product_feature_price_add($product_feat_appl_id, PAGE_PRICE_TYPE, $party_id, $price, DEFAULT_CURRENCY); } } } if ($party_id) { $person = person_get($party_id); } else { $person['FIRST_NAME'] = 'General'; $person['LAST_NAME'] = 'Prices'; } $categories = products_get_categories(false); $template = set_template('products', 'prices'); $link = THEME . 'template.php'; require_once $link;