public function save_customer($customer_id, $data)
{
$customer_id = (int) $customer_id;
$temp_customer = false;
if ($customer_id > 0) {
// check permissions
$temp_customer = $this->get_customer($customer_id);
if (!$temp_customer || $temp_customer['customer_id'] != $customer_id) {
$temp_customer = false;
$customer_id = false;
}
}
if (_DEMO_MODE && $customer_id == 1) {
set_error('Sorry this is a Demo Customer. It cannot be changed.');
redirect_browser(self::link_open($customer_id));
}
if (isset($data['default_tax_system']) && $data['default_tax_system']) {
$data['default_tax'] = -1;
$data['default_tax_name'] = '';
}
if (isset($data['primary_user_id'])) {
unset($data['primary_user_id']);
}
// only allow this to be set through the method.
$customer_id = update_insert("customer_id", $customer_id, "customer", $data);
if (isset($data['single_staff_id']) && (int) $data['single_staff_id'] > 0 && module_customer::get_customer_data_access() == _CUSTOMER_ACCESS_STAFF && $data['single_staff_id'] == module_security::get_loggedin_id()) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "customer_user_rel` SET ";
$sql .= " `user_id` = " . (int) $data['single_staff_id'];
$sql .= ", `customer_id` = " . (int) $customer_id;
query($sql);
} else {
if (isset($data['staff_ids']) && is_array($data['staff_ids']) && module_customer::can_i('edit', 'Customer Staff')) {
$existing_staff = array();
if ($temp_customer) {
$existing_staff = $temp_customer['staff_ids'];
}
foreach ($data['staff_ids'] as $staff_id) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "customer_user_rel` SET ";
$sql .= " `user_id` = " . (int) $staff_id;
$sql .= ", `customer_id` = " . (int) $customer_id;
$key = array_search($staff_id, $existing_staff);
if ($key !== false) {
unset($existing_staff[$key]);
}
query($sql);
}
foreach ($existing_staff as $staff_id) {
delete_from_db('customer_user_rel', array('user_id', 'customer_id'), array($staff_id, $customer_id));
}
}
}
if (isset($_REQUEST['user_id'])) {
$user_id = (int) $_REQUEST['user_id'];
if ($user_id > 0) {
// check permissions
$temp_user = module_user::get_user($user_id);
if (!$temp_user || $temp_user['user_id'] != $user_id) {
$user_id = false;
}
}
// assign specified user_id to this customer.
// could this be a problem?
// maybe?
// todo: think about security precautions here, maybe only allow admins to set primary contacts.
$data['customer_id'] = $customer_id;
if (!$user_id) {
// hack to set the default role of a contact (if one is set in settings).
if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) {
// todo - save from customer import
$bits = explode(' ', $data['name']);
$data['last_name'] = array_pop($bits);
$data['name'] = implode(' ', $bits);
}
global $plugins;
$user_id = $plugins['user']->create_user($data, 'contact');
//$user_id = update_insert("user_id",false,"user",$data);
//module_cache::clear('user');
$role_id = module_config::c('contact_default_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($user_id, $role_id);
}
$this->set_primary_user_id($customer_id, $user_id);
} else {
// make sure this user is part of this customer.
// wait! addition, we want to be able to move an existing customer contact to this new customer.
$saved_user_id = false;
if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_customer::can_i('create', 'Active Leads')) {
$old_user = module_user::get_user((int) $_REQUEST['move_user_id']);
if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
module_cache::clear('user');
hook_handle_callback('customer_contact_moved', $user_id, $old_user['customer_id'], $customer_id);
$this->set_primary_user_id($customer_id, $user_id);
module_cache::clear('user');
}
} else {
// save normally, only those linked to this account:
$users = module_user::get_contacts(array('customer_id' => $customer_id));
foreach ($users as $user) {
if ($user['user_id'] == $user_id) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
$this->set_primary_user_id($customer_id, $user_id);
module_cache::clear('user');
break;
}
}
}
if (!$saved_user_id) {
$this->set_primary_user_id($customer_id, 0);
module_cache::clear('user');
}
}
// todo: move this functionality back into the user class.
// maybe with a static save_user method ?
if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
}
handle_hook("address_block_save", $this, "physical", "customer", "customer_id", $customer_id);
//handle_hook("address_block_save",$this,"postal","customer","customer_id",$customer_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('customer', 'customer_id', $customer_id);
}
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
if (isset($_REQUEST['available_customer_company']) && is_array($_REQUEST['available_customer_company'])) {
$selected_companies = isset($_POST['customer_company']) && is_array($_POST['customer_company']) ? $_POST['customer_company'] : array();
$company_access = module_company::get_company_data_access();
if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) {
// user is unassignging this customer from all companies we have access to, dont let them do this?
}
foreach ($_REQUEST['available_customer_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove customer from this company
module_company::delete_customer($company_id, $customer_id);
} else {
// add customer to this company (if they are not already existing)
module_company::add_customer_to_company($company_id, $customer_id);
}
}
}
}
self::update_customer_status($customer_id);
module_cache::clear('customer');
return $customer_id;
}