/**
* Send back in stock notifications for subscribed customers
*
* @param int $product_id product id
* @return boolean always true
*/
function fn_send_product_notifications($product_id)
{
if (empty($product_id)) {
return false;
}
$emails = db_get_fields("SELECT email FROM ?:product_subscriptions WHERE product_id = ?i", $product_id);
if (!empty($emails)) {
$product['name'] = fn_get_product_name($product_id, Registry::get('settings.Appearance.frontend_default_language'));
$product['company_id'] = fn_get_company_id('products', 'product_id', $product_id);
Mailer::sendMail(array('to' => $emails, 'from' => 'company_orders_department', 'reply_to' => 'company_orders_department', 'data' => array('product' => $product, 'product_id' => $product_id), 'tpl' => 'product/back_in_stock_notification.tpl', 'company_id' => $product['company_id']), 'C', Registry::get('settings.Appearance.frontend_default_language'));
if (!defined('ORDER_MANAGEMENT')) {
db_query("DELETE FROM ?:product_subscriptions WHERE product_id = ?i", $product_id);
}
}
return true;
}
function fn_log_event($type, $action, $data = array())
{
$object_primary_keys = array('users' => 'user_id', 'orders' => 'order_id', 'products' => 'product_id', 'categories' => 'category_id');
$update = false;
$content = array();
$actions = Registry::get('settings.Logging.log_type_' . $type);
$cut_log = Registry::ifGet('log_cut', false);
Registry::del('log_cut');
$cut_data = Registry::ifGet('log_cut_data', false);
Registry::del('log_cut_data');
if (empty($actions) || $action && !empty($actions) && empty($actions[$action]) || !empty($cut_log)) {
return false;
}
if (!empty($_SESSION['auth']['user_id'])) {
$user_id = $_SESSION['auth']['user_id'];
} else {
$user_id = 0;
}
if ($type == 'users' && $action == 'logout' && !empty($data['user_id'])) {
$user_id = $data['user_id'];
}
if ($user_id) {
$udata = db_get_row("SELECT firstname, lastname, email FROM ?:users WHERE user_id = ?i", $user_id);
}
$event_type = 'N';
// notice
if (!empty($data['backtrace'])) {
$_btrace = array();
$func = '';
foreach (array_reverse($data['backtrace']) as $v) {
if (!empty($v['file'])) {
$v['file'] = fn_get_rel_dir($v['file']);
}
if (empty($v['file'])) {
$func = $v['function'];
continue;
} elseif (!empty($func)) {
$v['function'] = $func;
$func = '';
}
$_btrace[] = array('file' => !empty($v['file']) ? $v['file'] : '', 'line' => !empty($v['line']) ? $v['line'] : '', 'function' => $v['function']);
}
$data['backtrace'] = serialize($_btrace);
} else {
$data['backtrace'] = '';
}
if ($type == 'general') {
if ($action == 'deprecated') {
$content['deprecated_function'] = $data['function'];
}
$content['message'] = $data['message'];
} elseif ($type == 'orders') {
$order_status_descr = fn_get_simple_statuses(STATUSES_ORDER, true, true);
$content = array('order' => '# ' . $data['order_id'], 'id' => $data['order_id']);
if ($action == 'status') {
$content['status'] = $order_status_descr[$data['status_from']] . ' -> ' . $order_status_descr[$data['status_to']];
}
} elseif ($type == 'products') {
$product = db_get_field("SELECT product FROM ?:product_descriptions WHERE product_id = ?i AND lang_code = ?s", $data['product_id'], Registry::get('settings.Appearance.backend_default_language'));
$content = array('product' => $product . ' (#' . $data['product_id'] . ')', 'id' => $data['product_id']);
if ($action == 'low_stock') {
// log stock - warning
$event_type = 'W';
}
} elseif ($type == 'categories') {
$category = db_get_field("SELECT category FROM ?:category_descriptions WHERE category_id = ?i AND lang_code = ?s", $data['category_id'], Registry::get('settings.Appearance.backend_default_language'));
$content = array('category' => $category . ' (#' . $data['category_id'] . ')', 'id' => $data['category_id']);
} elseif ($type == 'database') {
if ($action == 'error') {
$content = array('error' => $data['error']['message'], 'query' => $data['error']['query']);
$event_type = 'E';
}
} elseif ($type == 'requests') {
if (!empty($cut_data)) {
$data['data'] = preg_replace("/\\<(" . implode('|', $cut_data) . ")\\>(.*?)\\<\\/(" . implode('|', $cut_data) . ")\\>/s", '<${1}>******</${1}>', $data['data']);
$data['data'] = preg_replace("/%3C(" . implode('|', $cut_data) . ")%3E(.*?)%3C%2F(" . implode('|', $cut_data) . ")%3E/s", '%3C${1}%3E******%3C%2F${1}%3E', $data['data']);
$data['data'] = preg_replace("/(" . implode('|', $cut_data) . ")=(.*?)(&)/s", '${1}=******${3}', $data['data']);
}
$content = array('url' => $data['url'], 'request' => fn_strlen($data['data']) < LOG_MAX_DATA_LENGTH && preg_match('//u', $data['data']) ? $data['data'] : '', 'response' => fn_strlen($data['response']) < LOG_MAX_DATA_LENGTH && preg_match('//u', $data['response']) ? $data['response'] : '');
} elseif ($type == 'users') {
if (!empty($data['time'])) {
if (empty($_SESSION['log']['login_log_id'])) {
return false;
}
$content = db_get_field('SELECT content FROM ?:logs WHERE log_id = ?i', $_SESSION['log']['login_log_id']);
$content = unserialize($content);
$minutes = ceil($data['time'] / 60);
$hours = floor($minutes / 60);
if ($hours) {
$minutes -= $hours * 60;
}
if ($hours || $minutes) {
$content['loggedin_time'] = ($hours ? $hours . ' |hours| ' : '') . ($minutes ? $minutes . ' |minutes|' : '');
}
if (!empty($data['timeout']) && $data['timeout']) {
$content['timeout'] = true;
}
$update = $_SESSION['log']['login_log_id'];
} else {
if (!empty($data['user_id'])) {
$info = db_get_row("SELECT firstname, lastname, email FROM ?:users WHERE user_id = ?i", $data['user_id']);
$content = array('user' => $info['firstname'] . ($info['firstname'] && $info['lastname'] ? ' ' : '') . $info['lastname'] . ($info['firstname'] || $info['lastname'] ? '; ' : '') . $info['email'] . ' (#' . $data['user_id'] . ')');
$content['id'] = $data['user_id'];
} elseif (!empty($data['user'])) {
$content = array('user' => $data['user']);
}
if (in_array($action, array('session', 'failed_login'))) {
$ip = fn_get_ip();
$content['ip_address'] = empty($data['ip']) ? $ip['host'] : $data['ip'];
}
}
if ($action == 'failed_login') {
// failed login - warning
$event_type = 'W';
}
}
fn_set_hook('save_log', $type, $action, $data, $user_id, $content, $event_type, $object_primary_keys);
$content = serialize($content);
if ($update) {
db_query('UPDATE ?:logs SET content = ?s WHERE log_id = ?i', $content, $update);
} else {
if (Registry::get('runtime.company_id')) {
$company_id = Registry::get('runtime.company_id');
} elseif (!empty($object_primary_keys[$type]) && !empty($data[$object_primary_keys[$type]])) {
$company_id = fn_get_company_id($type, $object_primary_keys[$type], $data[$object_primary_keys[$type]]);
} else {
$company_id = 0;
}
$row = array('user_id' => $user_id, 'timestamp' => TIME, 'type' => $type, 'action' => $action, 'event_type' => $event_type, 'content' => $content, 'backtrace' => $data['backtrace'], 'company_id' => $company_id);
$log_id = db_query("INSERT INTO ?:logs ?e", $row);
if ($type == 'users' && $action == 'session') {
$_SESSION['log']['login_log_id'] = $log_id;
}
}
return true;
}
function fn_update_product_amount($product_id, $amount, $product_options, $sign)
{
if (Registry::get('settings.General.inventory_tracking') != 'Y') {
return true;
}
$tracking = db_get_field("SELECT tracking FROM ?:products WHERE product_id = ?i", $product_id);
if ($tracking == ProductTracking::DO_NOT_TRACK) {
return true;
}
if ($tracking == ProductTracking::TRACK_WITHOUT_OPTIONS) {
$product = db_get_row("SELECT amount, product_code FROM ?:products WHERE product_id = ?i", $product_id);
$current_amount = $product['amount'];
$product_code = $product['product_code'];
} else {
$cart_id = fn_generate_cart_id($product_id, array('product_options' => $product_options), true);
$product = db_get_row("SELECT amount, product_code FROM ?:product_options_inventory WHERE combination_hash = ?i", $cart_id);
$current_amount = empty($product['amount']) ? 0 : $product['amount'];
if (empty($product['product_code'])) {
$product_code = db_get_field("SELECT product_code FROM ?:products WHERE product_id = ?i", $product_id);
} else {
$product_code = $product['product_code'];
}
}
if ($sign == '-') {
$new_amount = $current_amount - $amount;
// Notify administrator about inventory low stock
if ($new_amount <= Registry::get('settings.General.low_stock_threshold') && !defined('ORDER_MANAGEMENT')) {
// Log product low-stock
$company_id = fn_get_company_id('products', 'product_id', $product_id);
fn_log_event('products', 'low_stock', array('product_id' => $product_id));
$lang_code = fn_get_company_language($company_id);
$lang_code = !empty($lang_code) ? $lang_code : Registry::get('settings.Appearance.backend_default_language');
$selected_product_options = $tracking == ProductTracking::TRACK_WITH_OPTIONS ? fn_get_selected_product_options_info($product_options, $lang_code) : '';
Mailer::sendMail(array('to' => 'company_orders_department', 'from' => 'default_company_orders_department', 'data' => array('product_options' => $selected_product_options, 'new_amount' => $new_amount, 'product_id' => $product_id, 'product_code' => $product_code, 'product' => db_get_field("SELECT product FROM ?:product_descriptions WHERE product_id = ?i AND lang_code = ?s", $product_id, $lang_code)), 'tpl' => 'orders/low_stock.tpl', 'company_id' => $company_id), 'A', $lang_code);
}
if ($new_amount < 0 && Registry::get('settings.General.allow_negative_amount') != 'Y') {
return false;
}
} else {
$new_amount = $current_amount + $amount;
}
fn_set_hook('update_product_amount', $new_amount, $product_id, $cart_id, $tracking);
if ($tracking == ProductTracking::TRACK_WITHOUT_OPTIONS) {
db_query("UPDATE ?:products SET amount = ?i WHERE product_id = ?i", $new_amount, $product_id);
} else {
db_query("UPDATE ?:product_options_inventory SET amount = ?i WHERE combination_hash = ?i", $new_amount, $cart_id);
}
if ($current_amount <= 0 && $new_amount > 0) {
fn_send_product_notifications($product_id);
}
return true;
}
function fn_update_page($page_data, $page_id = 0, $lang_code = CART_LANGUAGE)
{
if (!empty($page_data['avail_from_timestamp'])) {
$page_data['avail_from_timestamp'] = fn_parse_date($page_data['avail_from_timestamp']);
} else {
$page_data['avail_from_timestamp'] = 0;
}
if (!empty($page_data['avail_till_timestamp'])) {
$page_data['avail_till_timestamp'] = fn_parse_date($page_data['avail_till_timestamp']) + 86399;
} else {
$page_data['avail_till_timestamp'] = 0;
}
if (isset($page_data['usergroup_ids'])) {
$page_data['usergroup_ids'] = empty($page_data['usergroup_ids']) ? '' : implode(',', $page_data['usergroup_ids']);
}
$_data = $page_data;
if (isset($page_data['timestamp'])) {
$_data['timestamp'] = fn_parse_date($page_data['timestamp']);
}
if (isset($_data['localization'])) {
$_data['localization'] = empty($_data['localization']) ? '' : fn_implode_localizations($_data['localization']);
}
fn_set_company_id($_data);
if (empty($page_id)) {
// page title required
if (empty($page_data['page'])) {
return false;
}
// add new page
$_data['page_id'] = $page_id = db_query('INSERT INTO ?:pages ?e', $_data);
foreach ((array) Registry::get('languages') as $_data['lang_code'] => $v) {
db_query('INSERT INTO ?:page_descriptions ?e', $_data);
}
// now we need to update 'id_path' field, as we know $page_id
/* Generate id_path for page */
$parent_id = intval($_data['parent_id']);
if ($parent_id == 0) {
$id_path = $page_id;
} else {
$id_path = db_get_row("SELECT id_path FROM ?:pages WHERE page_id = ?i", $parent_id);
$id_path = $id_path['id_path'] . '/' . $page_id;
}
db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', array('id_path' => $id_path), $page_id);
} else {
if (!fn_check_company_id('pages', 'page_id', $page_id)) {
fn_company_access_denied_notification();
return false;
}
$old_company_id = fn_get_company_id('pages', 'page_id', $page_id);
if ($_data['company_id'] != $old_company_id) {
fn_change_page_company($page_id, $_data['company_id']);
}
// page title is not updated
if (empty($page_data['page'])) {
unset($page_data['page']);
}
// update existing page
db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', $_data, $page_id);
db_query('UPDATE ?:page_descriptions SET ?u WHERE page_id = ?i AND lang_code = ?s', $_data, $page_id, $lang_code);
// regenerate id_path for child pages
if (isset($page_data['parent_id'])) {
fn_change_page_parent($page_id, $page_data['parent_id']);
}
}
if (!empty($page_data['block_id'])) {
fn_add_items_to_block($page_data['block_id'], $page_data['add_items'], $page_id, 'pages');
}
fn_set_hook('update_page', $page_data, $page_id, $lang_code);
return $page_id;
}
if (!$store_access_id || $store_access_id != $_REQUEST['access_id']) {
fn_twg_throw_error_denied($response, 'twgadmin_auth_fail_access_id');
}
}
// Regenerate session_id for security reasons
Session::regenerateId();
fn_login_user($user_data['user_id']);
fn_set_session_data(AREA . '_user_id', $user_data['user_id'], COOKIE_ALIVE_TIME);
fn_set_session_data(AREA . '_password', $user_data['password'], COOKIE_ALIVE_TIME);
// Set last login time
db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", array('last_login' => TIME), $user_data['user_id']);
$_SESSION['auth']['this_login'] = TIME;
$_SESSION['auth']['ip'] = $_SERVER['REMOTE_ADDR'];
$auth = $_SESSION['auth'];
// Log user successful login
fn_log_event('users', 'session', array('user_id' => $user_data['user_id'], 'company_id' => fn_get_company_id('users', 'user_id', $user_data['user_id'])));
fn_init_company_id($_REQUEST);
fn_init_company_data($_REQUEST);
$response->setData(array('status' => 'ok'));
$response->setData(array('settings' => fn_twg_get_admin_settings($auth)));
$response->returnResponse();
} elseif ($action == 'get') {
$object_name = '';
$condition = array();
$options = array('lang_code' => $lang_code);
$result = array();
$is_paginate = false;
$total_items = 0;
$items_per_page = !empty($_REQUEST['items_per_page']) ? $_REQUEST['items_per_page'] : TWG_RESPONSE_ITEMS_LIMIT;
if ($object == 'timeline') {
list($logs, $pagination_params) = fn_twg_get_logs($_REQUEST);
} else {
$email = '';
if (!empty($_REQUEST['track_data'])) {
$o_id = 0;
// If track by email
if (strpos($_REQUEST['track_data'], '@') !== false) {
$order_info = db_get_row("SELECT order_id, email, company_id, lang_code FROM ?:orders WHERE email = ?s {$condition} ORDER BY timestamp DESC LIMIT 1", $_REQUEST['track_data']);
// Assume that this is order number
} else {
$order_info = db_get_row("SELECT order_id, email, company_id, lang_code FROM ?:orders WHERE order_id = ?i {$condition}", $_REQUEST['track_data']);
}
}
if (!empty($order_info['email'])) {
// Create access key
$ekey = fn_generate_ekey($order_info['email'], 'T', SECONDS_IN_HOUR);
$company_id = fn_get_company_id('orders', 'order_id', $order_info['order_id']);
$result = Mailer::sendMail(array('to' => $order_info['email'], 'from' => 'company_orders_department', 'data' => array('access_key' => $ekey, 'o_id' => $order_info['order_id']), 'tpl' => 'orders/track.tpl', 'company_id' => $company_id), 'C', $order_info['lang_code']);
if ($result) {
fn_set_notification('N', __('notice'), __('text_track_instructions_sent'));
}
} else {
fn_set_notification('E', __('error'), __('warning_track_orders_not_found'));
}
}
return array(CONTROLLER_STATUS_OK, $_REQUEST['return_url']);
//
// Show order details
//
} elseif ($mode == 'details') {
fn_add_breadcrumb(__('order_info'));
$order_info = fn_get_order_info($_REQUEST['order_id']);
/**
* Export product categories
*
* @param int $product_id product ID
* @param string $link_type M - main category, A - additional
* @param string $category_delimiter path delimiter
* @param string $lang_code 2 letters language code
* @return string
*/
function fn_exim_get_product_categories($product_id, $link_type, $category_delimiter, $lang_code = '')
{
$set_delimiter = '; ';
$conditions = '';
if (fn_allowed_for('ULTIMATE')) {
$store_delimiter = ':';
$conditions = fn_get_company_condition('?:categories.company_id');
}
$joins = ' JOIN ?:categories ON ?:categories.category_id = ?:products_categories.category_id ';
$category_ids = db_get_fields("SELECT ?:products_categories.category_id FROM ?:products_categories {$joins} WHERE product_id = ?i AND link_type = ?s {$conditions}", $product_id, $link_type);
$result = array();
foreach ($category_ids as $c_id) {
if (fn_allowed_for('ULTIMATE')) {
if ($link_type == 'A' && !Registry::get('runtime.company_id')) {
$company_id = fn_get_company_id('categories', 'category_id', $c_id);
$company_name = fn_get_company_name($company_id);
$result[] = $company_name . $store_delimiter . fn_get_category_path($c_id, $lang_code, $category_delimiter);
} else {
$result[] = fn_get_category_path($c_id, $lang_code, $category_delimiter);
}
}
if (!fn_allowed_for('ULTIMATE')) {
$result[] = fn_get_category_path($c_id, $lang_code, $category_delimiter);
}
}
return implode($set_delimiter, $result);
}
function fn_rus_unisender_place_order($order_id, $action, $order_status, $cart, $auth)
{
if (Registry::get('addons.rus_unisender.send_sms_admin') == 'Y') {
$admin_phone = Registry::get('addons.rus_unisender.admin_phone');
if (!empty($admin_phone)) {
$storefront = fn_get_company_name(fn_get_company_id('orders', 'order_id', $order_id));
$text = Registry::get('addons.rus_unisender.send_sms_admin_text');
$text = str_replace('[order_id]', $order_id, $text);
$text = str_replace('[storefront]', $storefront, $text);
$post = array('api_key' => Registry::get('addons.rus_unisender.api_key'), 'phone' => $admin_phone, 'sender' => fn_substr(Registry::get('addons.rus_unisender.admin_sender'), 0, 11), 'text' => $text);
if (!fn_unisender_api('sendSms', $post, $response)) {
$email = Registry::get('settings.Company.company_site_administrator');
Mailer::sendMail(array('to' => $email, 'from' => 'company_site_administrator', 'data' => array('phone' => $admin_phone, 'error' => $response), 'tpl' => 'addons/rus_unisender/unisender.tpl', 'company_id' => fn_get_company_id('orders', 'order_id', $order_id)), 'C', CART_LANGUAGE);
}
}
}
}
if (!empty($cart['failed_order_id'])) {
$_msg = !empty($_payment_info['reason_text']) ? $_payment_info['reason_text'] : '';
$_msg .= empty($_msg) ? __('text_order_placed_error') : '';
fn_set_notification('O', '', $_msg);
$cart['processed_order_id'] = $cart['failed_order_id'];
unset($cart['failed_order_id']);
}
unset($_payment_info['card_number'], $_payment_info['cvv2']);
$cart['payment_info'] = $_payment_info;
if (!empty($cart['extra_payment_info'])) {
$cart['payment_info'] = array_merge($cart['payment_info'], $cart['extra_payment_info']);
}
}
}
if ($mode == 'change_login') {
$auth = $_SESSION['auth'];
if (!empty($auth['user_id'])) {
fn_log_event('users', 'session', array('user_id' => $auth['user_id'], 'time' => TIME - $auth['this_login'], 'timeout' => false, 'company_id' => fn_get_company_id('users', 'user_id', $auth['user_id'])));
}
unset($_SESSION['auth'], $_SESSION['cart']['user_data']);
fn_delete_session_data(AREA . '_user_id', AREA . '_password');
return array(CONTROLLER_STATUS_OK, 'onestepcheckout.checkout');
}
if (!empty($profile_fields)) {
Registry::get('view')->assign('profile_fields', $profile_fields);
}
Registry::get('view')->assign('cart', $cart);
Registry::get('view')->assign('continue_url', empty($_SESSION['continue_url']) ? '' : $_SESSION['continue_url']);
Registry::get('view')->assign('mode', $mode);
Registry::get('view')->assign('payment_methods', $payment_methods);
$_SESSION['checkout_mode'] = $mode;
