public function save_vendor($vendor_id, $data)
{
$vendor_id = (int) $vendor_id;
$temp_vendor = false;
if ($vendor_id > 0) {
// check permissions
$temp_vendor = $this->get_vendor($vendor_id);
if (!$temp_vendor || $temp_vendor['vendor_id'] != $vendor_id) {
$temp_vendor = false;
$vendor_id = false;
}
}
if (_DEMO_MODE && $vendor_id == 1) {
set_error('Sorry this is a Demo Vendor. It cannot be changed.');
redirect_browser(self::link_open($vendor_id));
}
if (isset($data['default_tax_system']) && $data['default_tax_system']) {
$data['default_tax'] = -1;
$data['default_tax_name'] = '';
}
if (isset($data['primary_user_id'])) {
unset($data['primary_user_id']);
}
// only allow this to be set through the method.
$vendor_id = update_insert("vendor_id", $vendor_id, "vendor", $data);
if (isset($_REQUEST['user_id'])) {
$user_id = (int) $_REQUEST['user_id'];
if ($user_id > 0) {
// check permissions
$temp_user = module_user::get_user($user_id);
if (!$temp_user || $temp_user['user_id'] != $user_id) {
$user_id = false;
}
}
// assign specified user_id to this vendor.
// could this be a problem?
// maybe?
// todo: think about security precautions here, maybe only allow admins to set primary contacts.
$data['vendor_id'] = $vendor_id;
if (!$user_id) {
// hack to set the default role of a contact (if one is set in settings).
if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) {
// todo - save from vendor import
$bits = explode(' ', $data['name']);
$data['last_name'] = array_pop($bits);
$data['name'] = implode(' ', $bits);
}
$user_id = update_insert("user_id", false, "user", $data);
module_cache::clear('user');
$role_id = module_config::c('contact_default_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($user_id, $role_id);
}
$this->set_primary_user_id($vendor_id, $user_id);
} else {
// make sure this user is part of this vendor.
// wait! addition, we want to be able to move an existing vendor contact to this new vendor.
$saved_user_id = false;
if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_vendor::can_i('create', 'Companies')) {
$old_user = module_user::get_user((int) $_REQUEST['move_user_id']);
if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
module_cache::clear('user');
hook_handle_callback('vendor_contact_moved', $user_id, $old_user['vendor_id'], $vendor_id);
$this->set_primary_user_id($vendor_id, $user_id);
module_cache::clear('user');
}
} else {
// save normally, only those linked to this account:
$users = module_user::get_contacts(array('vendor_id' => $vendor_id));
foreach ($users as $user) {
if ($user['user_id'] == $user_id) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
$this->set_primary_user_id($vendor_id, $user_id);
module_cache::clear('user');
break;
}
}
}
if (!$saved_user_id) {
$this->set_primary_user_id($vendor_id, 0);
module_cache::clear('user');
}
}
// todo: move this functionality back into the user class.
// maybe with a static save_user method ?
if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
}
handle_hook("address_block_save", $this, "physical", "vendor", "vendor_id", $vendor_id);
//handle_hook("address_block_save",$this,"postal","vendor","vendor_id",$vendor_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('vendor', 'vendor_id', $vendor_id);
}
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
if (isset($_REQUEST['available_vendor_company']) && is_array($_REQUEST['available_vendor_company'])) {
$selected_companies = isset($_POST['vendor_company']) && is_array($_POST['vendor_company']) ? $_POST['vendor_company'] : array();
$company_access = module_company::get_company_data_access();
if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) {
// user is unassignging this vendor from all companies we have access to, dont let them do this?
}
foreach ($_REQUEST['available_vendor_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove vendor from this company
module_company::delete_vendor($company_id, $vendor_id);
} else {
// add vendor to this company (if they are not already existing)
module_company::add_vendor_to_company($company_id, $vendor_id);
}
}
}
}
self::update_vendor_status($vendor_id);
module_cache::clear('vendor');
return $vendor_id;
}
