/** * Send back in stock notifications for subscribed customers * * @param int $product_id product id * @return boolean always true */ function fn_send_product_notifications($product_id) { if (empty($product_id)) { return false; } $emails = db_get_fields("SELECT email FROM ?:product_subscriptions WHERE product_id = ?i", $product_id); if (!empty($emails)) { $product['name'] = fn_get_product_name($product_id, Registry::get('settings.Appearance.frontend_default_language')); $product['company_id'] = fn_get_company_id('products', 'product_id', $product_id); Mailer::sendMail(array('to' => $emails, 'from' => 'company_orders_department', 'reply_to' => 'company_orders_department', 'data' => array('product' => $product, 'product_id' => $product_id), 'tpl' => 'product/back_in_stock_notification.tpl', 'company_id' => $product['company_id']), 'C', Registry::get('settings.Appearance.frontend_default_language')); if (!defined('ORDER_MANAGEMENT')) { db_query("DELETE FROM ?:product_subscriptions WHERE product_id = ?i", $product_id); } } return true; }
function fn_log_event($type, $action, $data = array()) { $object_primary_keys = array('users' => 'user_id', 'orders' => 'order_id', 'products' => 'product_id', 'categories' => 'category_id'); $update = false; $content = array(); $actions = Registry::get('settings.Logging.log_type_' . $type); $cut_log = Registry::ifGet('log_cut', false); Registry::del('log_cut'); $cut_data = Registry::ifGet('log_cut_data', false); Registry::del('log_cut_data'); if (empty($actions) || $action && !empty($actions) && empty($actions[$action]) || !empty($cut_log)) { return false; } if (!empty($_SESSION['auth']['user_id'])) { $user_id = $_SESSION['auth']['user_id']; } else { $user_id = 0; } if ($type == 'users' && $action == 'logout' && !empty($data['user_id'])) { $user_id = $data['user_id']; } if ($user_id) { $udata = db_get_row("SELECT firstname, lastname, email FROM ?:users WHERE user_id = ?i", $user_id); } $event_type = 'N'; // notice if (!empty($data['backtrace'])) { $_btrace = array(); $func = ''; foreach (array_reverse($data['backtrace']) as $v) { if (!empty($v['file'])) { $v['file'] = fn_get_rel_dir($v['file']); } if (empty($v['file'])) { $func = $v['function']; continue; } elseif (!empty($func)) { $v['function'] = $func; $func = ''; } $_btrace[] = array('file' => !empty($v['file']) ? $v['file'] : '', 'line' => !empty($v['line']) ? $v['line'] : '', 'function' => $v['function']); } $data['backtrace'] = serialize($_btrace); } else { $data['backtrace'] = ''; } if ($type == 'general') { if ($action == 'deprecated') { $content['deprecated_function'] = $data['function']; } $content['message'] = $data['message']; } elseif ($type == 'orders') { $order_status_descr = fn_get_simple_statuses(STATUSES_ORDER, true, true); $content = array('order' => '# ' . $data['order_id'], 'id' => $data['order_id']); if ($action == 'status') { $content['status'] = $order_status_descr[$data['status_from']] . ' -> ' . $order_status_descr[$data['status_to']]; } } elseif ($type == 'products') { $product = db_get_field("SELECT product FROM ?:product_descriptions WHERE product_id = ?i AND lang_code = ?s", $data['product_id'], Registry::get('settings.Appearance.backend_default_language')); $content = array('product' => $product . ' (#' . $data['product_id'] . ')', 'id' => $data['product_id']); if ($action == 'low_stock') { // log stock - warning $event_type = 'W'; } } elseif ($type == 'categories') { $category = db_get_field("SELECT category FROM ?:category_descriptions WHERE category_id = ?i AND lang_code = ?s", $data['category_id'], Registry::get('settings.Appearance.backend_default_language')); $content = array('category' => $category . ' (#' . $data['category_id'] . ')', 'id' => $data['category_id']); } elseif ($type == 'database') { if ($action == 'error') { $content = array('error' => $data['error']['message'], 'query' => $data['error']['query']); $event_type = 'E'; } } elseif ($type == 'requests') { if (!empty($cut_data)) { $data['data'] = preg_replace("/\\<(" . implode('|', $cut_data) . ")\\>(.*?)\\<\\/(" . implode('|', $cut_data) . ")\\>/s", '<${1}>******</${1}>', $data['data']); $data['data'] = preg_replace("/%3C(" . implode('|', $cut_data) . ")%3E(.*?)%3C%2F(" . implode('|', $cut_data) . ")%3E/s", '%3C${1}%3E******%3C%2F${1}%3E', $data['data']); $data['data'] = preg_replace("/(" . implode('|', $cut_data) . ")=(.*?)(&)/s", '${1}=******${3}', $data['data']); } $content = array('url' => $data['url'], 'request' => fn_strlen($data['data']) < LOG_MAX_DATA_LENGTH && preg_match('//u', $data['data']) ? $data['data'] : '', 'response' => fn_strlen($data['response']) < LOG_MAX_DATA_LENGTH && preg_match('//u', $data['response']) ? $data['response'] : ''); } elseif ($type == 'users') { if (!empty($data['time'])) { if (empty($_SESSION['log']['login_log_id'])) { return false; } $content = db_get_field('SELECT content FROM ?:logs WHERE log_id = ?i', $_SESSION['log']['login_log_id']); $content = unserialize($content); $minutes = ceil($data['time'] / 60); $hours = floor($minutes / 60); if ($hours) { $minutes -= $hours * 60; } if ($hours || $minutes) { $content['loggedin_time'] = ($hours ? $hours . ' |hours| ' : '') . ($minutes ? $minutes . ' |minutes|' : ''); } if (!empty($data['timeout']) && $data['timeout']) { $content['timeout'] = true; } $update = $_SESSION['log']['login_log_id']; } else { if (!empty($data['user_id'])) { $info = db_get_row("SELECT firstname, lastname, email FROM ?:users WHERE user_id = ?i", $data['user_id']); $content = array('user' => $info['firstname'] . ($info['firstname'] && $info['lastname'] ? ' ' : '') . $info['lastname'] . ($info['firstname'] || $info['lastname'] ? '; ' : '') . $info['email'] . ' (#' . $data['user_id'] . ')'); $content['id'] = $data['user_id']; } elseif (!empty($data['user'])) { $content = array('user' => $data['user']); } if (in_array($action, array('session', 'failed_login'))) { $ip = fn_get_ip(); $content['ip_address'] = empty($data['ip']) ? $ip['host'] : $data['ip']; } } if ($action == 'failed_login') { // failed login - warning $event_type = 'W'; } } fn_set_hook('save_log', $type, $action, $data, $user_id, $content, $event_type, $object_primary_keys); $content = serialize($content); if ($update) { db_query('UPDATE ?:logs SET content = ?s WHERE log_id = ?i', $content, $update); } else { if (Registry::get('runtime.company_id')) { $company_id = Registry::get('runtime.company_id'); } elseif (!empty($object_primary_keys[$type]) && !empty($data[$object_primary_keys[$type]])) { $company_id = fn_get_company_id($type, $object_primary_keys[$type], $data[$object_primary_keys[$type]]); } else { $company_id = 0; } $row = array('user_id' => $user_id, 'timestamp' => TIME, 'type' => $type, 'action' => $action, 'event_type' => $event_type, 'content' => $content, 'backtrace' => $data['backtrace'], 'company_id' => $company_id); $log_id = db_query("INSERT INTO ?:logs ?e", $row); if ($type == 'users' && $action == 'session') { $_SESSION['log']['login_log_id'] = $log_id; } } return true; }
function fn_update_product_amount($product_id, $amount, $product_options, $sign) { if (Registry::get('settings.General.inventory_tracking') != 'Y') { return true; } $tracking = db_get_field("SELECT tracking FROM ?:products WHERE product_id = ?i", $product_id); if ($tracking == ProductTracking::DO_NOT_TRACK) { return true; } if ($tracking == ProductTracking::TRACK_WITHOUT_OPTIONS) { $product = db_get_row("SELECT amount, product_code FROM ?:products WHERE product_id = ?i", $product_id); $current_amount = $product['amount']; $product_code = $product['product_code']; } else { $cart_id = fn_generate_cart_id($product_id, array('product_options' => $product_options), true); $product = db_get_row("SELECT amount, product_code FROM ?:product_options_inventory WHERE combination_hash = ?i", $cart_id); $current_amount = empty($product['amount']) ? 0 : $product['amount']; if (empty($product['product_code'])) { $product_code = db_get_field("SELECT product_code FROM ?:products WHERE product_id = ?i", $product_id); } else { $product_code = $product['product_code']; } } if ($sign == '-') { $new_amount = $current_amount - $amount; // Notify administrator about inventory low stock if ($new_amount <= Registry::get('settings.General.low_stock_threshold') && !defined('ORDER_MANAGEMENT')) { // Log product low-stock $company_id = fn_get_company_id('products', 'product_id', $product_id); fn_log_event('products', 'low_stock', array('product_id' => $product_id)); $lang_code = fn_get_company_language($company_id); $lang_code = !empty($lang_code) ? $lang_code : Registry::get('settings.Appearance.backend_default_language'); $selected_product_options = $tracking == ProductTracking::TRACK_WITH_OPTIONS ? fn_get_selected_product_options_info($product_options, $lang_code) : ''; Mailer::sendMail(array('to' => 'company_orders_department', 'from' => 'default_company_orders_department', 'data' => array('product_options' => $selected_product_options, 'new_amount' => $new_amount, 'product_id' => $product_id, 'product_code' => $product_code, 'product' => db_get_field("SELECT product FROM ?:product_descriptions WHERE product_id = ?i AND lang_code = ?s", $product_id, $lang_code)), 'tpl' => 'orders/low_stock.tpl', 'company_id' => $company_id), 'A', $lang_code); } if ($new_amount < 0 && Registry::get('settings.General.allow_negative_amount') != 'Y') { return false; } } else { $new_amount = $current_amount + $amount; } fn_set_hook('update_product_amount', $new_amount, $product_id, $cart_id, $tracking); if ($tracking == ProductTracking::TRACK_WITHOUT_OPTIONS) { db_query("UPDATE ?:products SET amount = ?i WHERE product_id = ?i", $new_amount, $product_id); } else { db_query("UPDATE ?:product_options_inventory SET amount = ?i WHERE combination_hash = ?i", $new_amount, $cart_id); } if ($current_amount <= 0 && $new_amount > 0) { fn_send_product_notifications($product_id); } return true; }
function fn_update_page($page_data, $page_id = 0, $lang_code = CART_LANGUAGE) { if (!empty($page_data['avail_from_timestamp'])) { $page_data['avail_from_timestamp'] = fn_parse_date($page_data['avail_from_timestamp']); } else { $page_data['avail_from_timestamp'] = 0; } if (!empty($page_data['avail_till_timestamp'])) { $page_data['avail_till_timestamp'] = fn_parse_date($page_data['avail_till_timestamp']) + 86399; } else { $page_data['avail_till_timestamp'] = 0; } if (isset($page_data['usergroup_ids'])) { $page_data['usergroup_ids'] = empty($page_data['usergroup_ids']) ? '' : implode(',', $page_data['usergroup_ids']); } $_data = $page_data; if (isset($page_data['timestamp'])) { $_data['timestamp'] = fn_parse_date($page_data['timestamp']); } if (isset($_data['localization'])) { $_data['localization'] = empty($_data['localization']) ? '' : fn_implode_localizations($_data['localization']); } fn_set_company_id($_data); if (empty($page_id)) { // page title required if (empty($page_data['page'])) { return false; } // add new page $_data['page_id'] = $page_id = db_query('INSERT INTO ?:pages ?e', $_data); foreach ((array) Registry::get('languages') as $_data['lang_code'] => $v) { db_query('INSERT INTO ?:page_descriptions ?e', $_data); } // now we need to update 'id_path' field, as we know $page_id /* Generate id_path for page */ $parent_id = intval($_data['parent_id']); if ($parent_id == 0) { $id_path = $page_id; } else { $id_path = db_get_row("SELECT id_path FROM ?:pages WHERE page_id = ?i", $parent_id); $id_path = $id_path['id_path'] . '/' . $page_id; } db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', array('id_path' => $id_path), $page_id); } else { if (!fn_check_company_id('pages', 'page_id', $page_id)) { fn_company_access_denied_notification(); return false; } $old_company_id = fn_get_company_id('pages', 'page_id', $page_id); if ($_data['company_id'] != $old_company_id) { fn_change_page_company($page_id, $_data['company_id']); } // page title is not updated if (empty($page_data['page'])) { unset($page_data['page']); } // update existing page db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', $_data, $page_id); db_query('UPDATE ?:page_descriptions SET ?u WHERE page_id = ?i AND lang_code = ?s', $_data, $page_id, $lang_code); // regenerate id_path for child pages if (isset($page_data['parent_id'])) { fn_change_page_parent($page_id, $page_data['parent_id']); } } if (!empty($page_data['block_id'])) { fn_add_items_to_block($page_data['block_id'], $page_data['add_items'], $page_id, 'pages'); } fn_set_hook('update_page', $page_data, $page_id, $lang_code); return $page_id; }
if (!$store_access_id || $store_access_id != $_REQUEST['access_id']) { fn_twg_throw_error_denied($response, 'twgadmin_auth_fail_access_id'); } } // Regenerate session_id for security reasons Session::regenerateId(); fn_login_user($user_data['user_id']); fn_set_session_data(AREA . '_user_id', $user_data['user_id'], COOKIE_ALIVE_TIME); fn_set_session_data(AREA . '_password', $user_data['password'], COOKIE_ALIVE_TIME); // Set last login time db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", array('last_login' => TIME), $user_data['user_id']); $_SESSION['auth']['this_login'] = TIME; $_SESSION['auth']['ip'] = $_SERVER['REMOTE_ADDR']; $auth = $_SESSION['auth']; // Log user successful login fn_log_event('users', 'session', array('user_id' => $user_data['user_id'], 'company_id' => fn_get_company_id('users', 'user_id', $user_data['user_id']))); fn_init_company_id($_REQUEST); fn_init_company_data($_REQUEST); $response->setData(array('status' => 'ok')); $response->setData(array('settings' => fn_twg_get_admin_settings($auth))); $response->returnResponse(); } elseif ($action == 'get') { $object_name = ''; $condition = array(); $options = array('lang_code' => $lang_code); $result = array(); $is_paginate = false; $total_items = 0; $items_per_page = !empty($_REQUEST['items_per_page']) ? $_REQUEST['items_per_page'] : TWG_RESPONSE_ITEMS_LIMIT; if ($object == 'timeline') { list($logs, $pagination_params) = fn_twg_get_logs($_REQUEST);
} else { $email = ''; if (!empty($_REQUEST['track_data'])) { $o_id = 0; // If track by email if (strpos($_REQUEST['track_data'], '@') !== false) { $order_info = db_get_row("SELECT order_id, email, company_id, lang_code FROM ?:orders WHERE email = ?s {$condition} ORDER BY timestamp DESC LIMIT 1", $_REQUEST['track_data']); // Assume that this is order number } else { $order_info = db_get_row("SELECT order_id, email, company_id, lang_code FROM ?:orders WHERE order_id = ?i {$condition}", $_REQUEST['track_data']); } } if (!empty($order_info['email'])) { // Create access key $ekey = fn_generate_ekey($order_info['email'], 'T', SECONDS_IN_HOUR); $company_id = fn_get_company_id('orders', 'order_id', $order_info['order_id']); $result = Mailer::sendMail(array('to' => $order_info['email'], 'from' => 'company_orders_department', 'data' => array('access_key' => $ekey, 'o_id' => $order_info['order_id']), 'tpl' => 'orders/track.tpl', 'company_id' => $company_id), 'C', $order_info['lang_code']); if ($result) { fn_set_notification('N', __('notice'), __('text_track_instructions_sent')); } } else { fn_set_notification('E', __('error'), __('warning_track_orders_not_found')); } } return array(CONTROLLER_STATUS_OK, $_REQUEST['return_url']); // // Show order details // } elseif ($mode == 'details') { fn_add_breadcrumb(__('order_info')); $order_info = fn_get_order_info($_REQUEST['order_id']);
/** * Export product categories * * @param int $product_id product ID * @param string $link_type M - main category, A - additional * @param string $category_delimiter path delimiter * @param string $lang_code 2 letters language code * @return string */ function fn_exim_get_product_categories($product_id, $link_type, $category_delimiter, $lang_code = '') { $set_delimiter = '; '; $conditions = ''; if (fn_allowed_for('ULTIMATE')) { $store_delimiter = ':'; $conditions = fn_get_company_condition('?:categories.company_id'); } $joins = ' JOIN ?:categories ON ?:categories.category_id = ?:products_categories.category_id '; $category_ids = db_get_fields("SELECT ?:products_categories.category_id FROM ?:products_categories {$joins} WHERE product_id = ?i AND link_type = ?s {$conditions}", $product_id, $link_type); $result = array(); foreach ($category_ids as $c_id) { if (fn_allowed_for('ULTIMATE')) { if ($link_type == 'A' && !Registry::get('runtime.company_id')) { $company_id = fn_get_company_id('categories', 'category_id', $c_id); $company_name = fn_get_company_name($company_id); $result[] = $company_name . $store_delimiter . fn_get_category_path($c_id, $lang_code, $category_delimiter); } else { $result[] = fn_get_category_path($c_id, $lang_code, $category_delimiter); } } if (!fn_allowed_for('ULTIMATE')) { $result[] = fn_get_category_path($c_id, $lang_code, $category_delimiter); } } return implode($set_delimiter, $result); }
function fn_rus_unisender_place_order($order_id, $action, $order_status, $cart, $auth) { if (Registry::get('addons.rus_unisender.send_sms_admin') == 'Y') { $admin_phone = Registry::get('addons.rus_unisender.admin_phone'); if (!empty($admin_phone)) { $storefront = fn_get_company_name(fn_get_company_id('orders', 'order_id', $order_id)); $text = Registry::get('addons.rus_unisender.send_sms_admin_text'); $text = str_replace('[order_id]', $order_id, $text); $text = str_replace('[storefront]', $storefront, $text); $post = array('api_key' => Registry::get('addons.rus_unisender.api_key'), 'phone' => $admin_phone, 'sender' => fn_substr(Registry::get('addons.rus_unisender.admin_sender'), 0, 11), 'text' => $text); if (!fn_unisender_api('sendSms', $post, $response)) { $email = Registry::get('settings.Company.company_site_administrator'); Mailer::sendMail(array('to' => $email, 'from' => 'company_site_administrator', 'data' => array('phone' => $admin_phone, 'error' => $response), 'tpl' => 'addons/rus_unisender/unisender.tpl', 'company_id' => fn_get_company_id('orders', 'order_id', $order_id)), 'C', CART_LANGUAGE); } } } }
if (!empty($cart['failed_order_id'])) { $_msg = !empty($_payment_info['reason_text']) ? $_payment_info['reason_text'] : ''; $_msg .= empty($_msg) ? __('text_order_placed_error') : ''; fn_set_notification('O', '', $_msg); $cart['processed_order_id'] = $cart['failed_order_id']; unset($cart['failed_order_id']); } unset($_payment_info['card_number'], $_payment_info['cvv2']); $cart['payment_info'] = $_payment_info; if (!empty($cart['extra_payment_info'])) { $cart['payment_info'] = array_merge($cart['payment_info'], $cart['extra_payment_info']); } } } if ($mode == 'change_login') { $auth = $_SESSION['auth']; if (!empty($auth['user_id'])) { fn_log_event('users', 'session', array('user_id' => $auth['user_id'], 'time' => TIME - $auth['this_login'], 'timeout' => false, 'company_id' => fn_get_company_id('users', 'user_id', $auth['user_id']))); } unset($_SESSION['auth'], $_SESSION['cart']['user_data']); fn_delete_session_data(AREA . '_user_id', AREA . '_password'); return array(CONTROLLER_STATUS_OK, 'onestepcheckout.checkout'); } if (!empty($profile_fields)) { Registry::get('view')->assign('profile_fields', $profile_fields); } Registry::get('view')->assign('cart', $cart); Registry::get('view')->assign('continue_url', empty($_SESSION['continue_url']) ? '' : $_SESSION['continue_url']); Registry::get('view')->assign('mode', $mode); Registry::get('view')->assign('payment_methods', $payment_methods); $_SESSION['checkout_mode'] = $mode;