/** exdoc
* Loads permission data from the database for the specified user.
*
* @param User $user the user to load permissions for.
*
* @node Subsystems:expPermissions
*/
public static function load($user)
{
global $db, $exponent_permissions_r;
// The $has_admin boolean will be flipped to true if the user has any administrate permission anywhere.
// It will be used for figuring out the allowable UI levels.
// $has_admin = 0;
// Clear the global permissions array;
$exponent_permissions_r = array();
if ($user == null) {
// If the user is not logged in, they have no permissions.
return;
}
if ($user->is_acting_admin == 0) {
// Retrieve all of the explicit user permissions, by user id
foreach ($db->selectObjects('userpermission', 'uid=' . $user->id) as $obj) {
$exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1;
}
// Retrieve all of the implicit user permissions (by virtue of group membership).
foreach ($db->selectObjects('groupmembership', 'member_id=' . $user->id) as $memb) {
foreach ($db->selectObjects('grouppermission', 'gid=' . $memb->group_id) as $obj) {
$exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1;
}
}
// Retrieve all of the implicit user permissions (by virtue of subscriptions).
foreach ($db->selectObjects('subscriptions_users', 'user_id=' . $user->id) as $memb) {
foreach ($db->selectObjects('subscriptionpermission', 'subscription_id=' . $memb->subscription_id) as $obj) {
$exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1;
}
}
}
expSession::set('permissions', $exponent_permissions_r);
}
public function edituser()
{
global $user, $db;
// set history
expHistory::set('editable', $this->params);
expSession::set("userkey", sha1(microtime()));
expSession::clearCurrentUserSessionCache();
$id = isset($this->params['id']) ? $this->params['id'] : null;
// check to see if we should be editing. You either need to be an admin, or
// editing your own account.
if ($user->isAdmin() || $user->id == $id) {
$u = new user($id);
} else {
flash('error', gt('You do not have the proper permissions to edit this user'));
expHistory::back();
}
// $active_extensions = $db->selectColumn('profileextension','classname','active=1', 'rank');
$active_extensions = $db->selectObjects('profileextension', 'active=1', 'rank');
//If there is no image uploaded and the system is not in the development mode, use the default avatar
// if(empty($u->image) && !DEVELOPMENT) {
if (empty($u->image)) {
$u->image = DEFAULT_AVATAR;
}
assign_to_template(array('edit_user' => $u, 'extensions' => $active_extensions, "userkey" => expSession::get("userkey")));
}
function addToCart($params)
{
global $order;
expSession::set('params', $params);
//get the configuration
$cfg->mod = "ecomconfig";
$cfg->src = "@globalstoresettings";
$cfg->int = "";
$config = new expConfig($cfg);
$this->config = empty($catConfig->config) || @$catConfig->config['use_global'] == 1 ? $config->config : $catConfig->config;
$min_amount = $this->config['minimum_gift_card_purchase'];
$custom_message_product = $this->config['custom_message_product'];
if (empty($params['product_id'])) {
flash('error', gt("Please specify the style of the gift card you want to purchase."));
expHistory::back();
}
if (empty($params['card_amount']) && empty($params['card_amount_txt'])) {
flash('error', gt("You need to specify the card amount for the gift card."));
expHistory::back();
} else {
// eDebug($params, true);
$item = new orderitem($params);
$sm = $order->getCurrentShippingMethod();
$item->shippingmethods_id = $sm->id;
if (isset($params['card_amount_txt'])) {
$params['card_amount_txt'] = preg_replace("/[^0-9.]/", "", $params['card_amount_txt']);
}
if (!empty($params['card_amount_txt']) && $params['card_amount_txt'] > 0) {
$item->products_price = preg_replace("/[^0-9.]/", "", $params['card_amount_txt']);
} else {
$item->products_price = preg_replace("/[^0-9.]/", "", $params['card_amount']);
}
if ($item->products_price < $min_amount) {
flash('error', gt("The minimum amount of gift card is") . " " . $min_amount);
expHistory::back();
}
$item->products_name = expCore::getCurrencySymbol() . $params['card_amount'] . ' ' . $this->title . " Style Gift Card";
if (!empty($params['toname'])) {
$ed['To'] = isset($params['toname']) ? $params['toname'] : '';
}
if (!empty($params['fromname'])) {
$ed['From'] = isset($params['fromname']) ? $params['fromname'] : '';
}
if (!empty($params['msg'])) {
$ed['Message'] = isset($params['msg']) ? $params['msg'] : '';
$item->products_price += $custom_message_product;
$item->products_name = $item->products_name . " (with message)";
}
$item->extra_data = serialize($ed);
// we need to unset the orderitem's ID to force a new entry..other wise we will overwrite any
// other giftcards in the cart already
$item->id = null;
$item->quantity = $this->getDefaultQuantity();
$item->save();
return true;
}
}
function update($values, $object)
{
if ($object == null) {
$object = new uploadcontrol();
}
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
return $object;
}
function update($values, $object)
{
if ($object == null) {
$object = new antispamcontrol();
}
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->size = intval($values['size']);
$object->maxlength = intval($values['maxlength']);
$object->required = isset($values['required']);
return $object;
}
$check = $db->selectObject('formbuilder_control', 'name="' . $ctl->identifier . '" AND form_id=' . $f->id);
if (!empty($check) && empty($_POST['id'])) {
//expValidator::failAndReturnToForm(gt('A field with the same name already exists for this form'), $_POST);
flash('error', gt('A field by the name")." "' . $ctl->identifier . '" ".gt("already exists on this form'));
expHistory::returnTo('editable');
}
if ($ctl != null) {
$name = substr(preg_replace('/[^A-Za-z0-9]/', '_', $ctl->identifier), 0, 20);
if (!isset($_POST['id']) && $db->countObjects('formbuilder_control', "name='" . $name . "' and form_id=" . intval($_POST['form_id'])) > 0) {
$post = $_POST;
$post['_formError'] = gt('Identifier must be unique.');
expSession::set('last_POST', $post);
} elseif ($name == 'id' || $name == 'ip' || $name == 'user_id' || $name == 'timestamp') {
$post = $_POST;
$post['_formError'] = sprintf(gt('Identifier cannot be "%s".'), $name);
expSession::set('last_POST', $post);
} else {
if (!isset($_POST['id'])) {
$control->name = $name;
}
$control->caption = $ctl->caption;
$control->form_id = intval($_POST['form_id']);
$control->is_static = isset($ctl->is_static) ? $ctl->is_static : 0;
$control->data = serialize($ctl);
if (isset($control->id)) {
$db->updateObject($control, 'formbuilder_control');
} else {
if (!$db->countObjects('formbuilder_control', 'form_id=' . $control->form_id)) {
$control->rank = 0;
} else {
$control->rank = $db->max('formbuilder_control', 'rank', 'form_id', 'form_id=' . $control->form_id) + 1;
public function getSectionObj($section)
{
global $db;
if ($section == "*") {
$action = $this->params['controller'] . "Controller";
$sectionObj = call_user_func($action . "::getSection", $this->params);
} else {
$sectionObj = $db->selectObject('section', 'id=' . intval($section));
}
// $sectionObj = $db->selectObject('section','id='. intval($section));
if (!navigationmodule::canView($sectionObj)) {
define('AUTHORIZED_SECTION', 0);
} else {
define('AUTHORIZED_SECTION', 1);
}
if (!navigationmodule::isPublic($sectionObj)) {
define('PUBLIC_SECTION', 0);
} else {
define('PUBLIC_SECTION', 1);
}
if (isset($_REQUEST['section'])) {
expSession::set('last_section', intval($_REQUEST['section']));
} else {
//expSession::unset('last_section');
}
return $sectionObj;
}
function update($values, $object)
{
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
if ($object == null) {
$object = new dropdowncontrol();
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->items = listbuildercontrol::parseData($values, 'items', true);
$object->size = intval($values['size']) <= 0 ? 1 : intval($values['size']);
$object->required = isset($values['required']);
return $object;
}
function update($values, $object)
{
if ($object == null) {
$object = new texteditorcontrol();
}
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->rows = intval($values['rows']);
$object->cols = intval($values['cols']);
$object->maxchars = intval($values['maxchars']);
$object->required = isset($values['required']);
return $object;
}
function update($values, $object)
{
if ($object == null) {
$object = new genericcontrol();
}
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
if (empty($object->type)) {
$object->type = empty($values['control_type']) ? "text" : substr($values['control_type'], 0, -7);
}
if (!empty($values['size'])) {
$object->size = $values['size'];
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = isset($values['default']);
$object->flip = isset($values['flip']);
$object->required = isset($values['required']);
return $object;
}
public function verifyAndRestoreCart()
{
global $user, $order;
$sessAr = expSession::get('verify_shopper');
if (isset($sessAr) && isset($this->params['cid']) && $this->params['cid'] == $sessAr['cid']) {
$tmpCart = new order($sessAr['cid']);
if (isset($tmpCart->id)) {
//eDebug($tmpCart,true);
$shippingMethod = $tmpCart->shippingmethod;
$billingMethod = $tmpCart->billingmethod[0];
if (($this->params['lastname'] == $shippingMethod->lastname || $this->params['lastname'] == $billingMethod->lastname) && ($this->params['email'] == $shippingMethod->email || $this->params['email'] == $billingMethod->email) && ($this->params['zip_code'] == $shippingMethod->zip || $this->params['zip_code'] == $billingMethod->zip)) {
//validatio succeed, so restore order, login user and continue on to orig_path
//eDebug("Validated",true);
$sessAr['validated'] = true;
expSession::set('verify_shopper', $sessAr);
redirect_to($sessAr['orig_path']);
} else {
//eDebug("Validated NOT",true);
//validation failed, so go back
flash('error', gt("We're sorry, but we could not verify your information. Please try again, or start a new shopping cart."));
redirect_to(array('controller' => 'order', 'action' => 'verifyReturnShopper', 'id' => $sessAr['cid']));
}
} else {
flash('error', gt('We were unable to restore the previous order, we apologize for the inconvenience. Please start a new shopping cart.'));
$this->clearCart();
}
}
}
} else {
$responses[$col->caption . $num] = $value;
}
} else {
if ($coltype == 'checkboxcontrol') {
$responses[$col->caption . $num] = 'No';
} elseif ($coltype == 'datetimecontrol') {
$responses[$col->name] = $value;
} elseif ($coltype == 'uploadcontrol') {
$_POST[$col->name] = URL_FULL . call_user_func(array($coltype, 'moveFile'), $col->name, $_FILES, true);
$value = call_user_func(array($coltype, 'buildDownloadLink'), $_POST[$col->name], $_FILES[$col->name]['name'], true);
//eDebug($value);
$responses[$col->caption . $num] = $_FILES[$col->name]['name'];
} elseif ($coltype != 'htmlcontrol') {
$responses[$col->caption . $num] = '';
}
}
}
// remove some post data we don't want to pass thru to the form
unset($_POST['action']);
unset($_POST['module']);
foreach ($_POST as $k => $v) {
// $_POST[$k]=htmlentities(htmlspecialchars($v,ENT_COMPAT,LANG_CHARSET));
$_POST[$k] = htmlspecialchars($v, ENT_COMPAT, LANG_CHARSET);
}
expSession::set('formmodule_data_' . $_POST['id'], $_POST);
$template = new template("formbuilder", "_confirm_form");
$template->assign('recaptcha_theme', RECAPTCHA_THEME);
$template->assign('responses', $responses);
$template->assign('postdata', $_POST);
$template->output();
public static function redirecto_login($redirecturl = null)
{
$redirecturl = empty($redirecturl) ? self::getLastNotEditable() : $redirecturl;
expSession::set('redirecturl', $redirecturl);
redirect_to(array('controller' => 'login', 'action' => 'loginredirect'));
}
public function toggle_mobile()
{
if (!expSession::is_set('mobile')) {
// account for FORCE_MOBILE initial state
expSession::set('mobile', MOBILE);
}
expSession::set('mobile', !expSession::get('mobile'));
expTheme::removeSmartyCache();
expHistory::back();
}
function update($values, $object)
{
if ($object == null) {
$object = new datetimecontrol();
$object->default = 0;
//This will force the control to always show the current time as default
}
if ($values['identifier'] == "") {
$post = $_POST;
$post['_formError'] = gt('Identifier is required.');
expSession::set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->showdate = isset($values['showdate']);
$object->showtime = isset($values['showtime']);
return $object;
}
/**
* method to redirect to a login if needed
*/
public static function loginredirect()
{
global $user;
global $router;
ob_start();
if ($user->isLoggedIn()) {
header('Location: ' . expSession::get('redirecturl'));
} else {
//expSession::set('redirecturl', expHistory::getLastNotEditable());
expSession::set('redirecturl', expHistory::getLast());
expSession::set('redirecturl_error', makeLink(array('controller' => 'login', 'action' => 'loginredirect')));
// expHistory::flowSet(SYS_FLOW_PUBLIC,SYS_FLOW_ACTION);
expHistory::set('viewable', $router->params);
}
redirect_to(array('controller' => 'login', 'action' => 'showlogin'));
}
public static function flushAllQueues()
{
expSession::set('flash', array());
}
function showallImpropercategorized()
{
expHistory::set('viewable', $this->params);
$sql = 'SELECT DISTINCT(p.id),p.product_type FROM ' . DB_TABLE_PREFIX . '_product p JOIN ' . DB_TABLE_PREFIX . '_product_storeCategories psc ON p.id = psc.product_id ';
$sql .= 'JOIN exponent_storeCategories sc ON psc.storecategories_id = sc.parent_id WHERE ';
$sql .= 'p.parent_id=0 AND sc.parent_id != 0';
expSession::set('product_export_query', $sql);
$page = new expPaginator(array('model_field' => 'product_type', 'sql' => $sql, 'controller' => $this->params['controller'], 'action' => $this->params['action'], 'columns' => array('Model #' => 'model', 'Product Name' => 'title', 'Price' => 'base_price')));
assign_to_template(array('page' => $page, 'moduletitle' => 'Improperly Categorized Products'));
}
<?php
##################################################
#
# Copyright (c) 2004-2011 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
echo json_encode(expSession::set($_REQUEST['var'], $_REQUEST['value']));
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
/** @define "BASE" "../../../../.." */
if (!defined('EXPONENT')) {
exit('');
}
$dest_dir = $_POST['dest_dir'];
$files = array();
foreach (array_keys($_POST['mods']) as $file) {
$files[$file] = expFile::canCreate(BASE . 'files/' . $file);
// if (class_exists($mod)) {
// $files[$mod][0] = call_user_func(array($mod,'name'));
// }
// foreach (array_keys(expFile::listFlat($dest_dir.'/files',1,null,array(),$dest_dir.'/files/')) as $file) {
// $files[$mod][1][$file] = expFile::canCreate(BASE.'files/'.$file);
// }
}
expSession::set('dest_dir', $dest_dir);
expSession::set('files_data', $files);
$template = new template('importer', '_files_verifyFiles');
$template->assign('files_data', $files);
$template->output();
<?php
##################################################
#
# Copyright (c) 2004-2011 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
/** @define "BASE" "." */
// Initialize the Exponent Framework
require_once 'exponent.php';
//Fire off the login form via an exponent action.
expSession::set('redirecturl', expHistory::getLastNotEditable());
redirect_to(array("controller" => "login", "action" => "showlogin"));
function update($values, $object)
{
if ($object == null) {
$object = new radiocontrol();
}
if ($values['groupname'] == "") {
$post = $_POST;
$post['_formError'] = gt('Group name is required.');
expSession::set("last_POST", $post);
return null;
}
$object->identifier = uniqid("");
$object->groupname = $values['groupname'];
$object->caption = $values['caption'];
$object->default = isset($values['default']);
$object->flip = isset($values['flip']);
return $object;
}
/**
* Routine to check for installation or upgrade
*/
public static function checkVersion()
{
global $db, $user;
$swversion->major = EXPONENT_VERSION_MAJOR;
$swversion->minor = EXPONENT_VERSION_MINOR;
$swversion->revision = EXPONENT_VERSION_REVISION;
$swversion->type = EXPONENT_VERSION_TYPE;
$swversion->iteration = EXPONENT_VERSION_ITERATION;
$swversion->builddate = EXPONENT_VERSION_BUILDDATE;
// check database version against installed software version
if ($db->havedb) {
if ($user->isAdmin()) {
$dbversion = $db->selectObject('version', 1);
if (empty($dbversion)) {
$dbversion->major = 0;
$dbversion->minor = 0;
$dbversion->revision = 0;
$dbversion->type = '';
$dbversion->iteration = '';
}
// check if software version is newer than database version
if (self::compareVersion($dbversion, $swversion)) {
$oldvers = $dbversion->major . '.' . $dbversion->minor . '.' . $dbversion->revision . ($dbversion->type ? $dbversion->type : '') . ($dbversion->iteration ? $dbversion->iteration : '');
$newvers = $swversion->major . '.' . $swversion->minor . '.' . $swversion->revision . ($swversion->type ? $swversion->type : '') . ($swversion->iteration ? $swversion->iteration : '');
flash('message', gt('The database requires upgrading from') . ' v' . $oldvers . ' ' . gt('to') . ' v' . $newvers . '<br><a href="' . makelink(array("controller" => "administration", "action" => "install_exponent")) . '">' . gt('Click here to Upgrade your website') . '</a>');
}
}
} else {
// database is unavailable, so show us as being offline
$template = new standalonetemplate('_maintenance');
$template->assign("db_down", true);
$template->output();
exit;
}
// check if online version is newer than installed software version, but only once per session
if ($user->isAdmin()) {
if (!expSession::is_set('update-check')) {
$onlineVer = self::getOnlineVersion();
expSession::set('update-check', '1');
if (self::compareVersion($swversion, $onlineVer)) {
$newvers = $onlineVer->major . '.' . $onlineVer->minor . '.' . $onlineVer->revision . ($onlineVer->type ? $onlineVer->type : '') . ($onlineVer->iteration ? $onlineVer->iteration : '');
flash('message', gt('A newer version of Exponent is available') . ': v' . $newvers . ' ' . gt('was released') . ' ' . expDateTime::format_date($onlineVer->builddate) . '<br><a href="https://github.com/exponentcms/exponent-cms/downloads" target="_blank">' . gt('Click here to see available Downloads') . '</a>');
}
}
}
}
$post['_formError'] = "File is not a delimited text file.";
expSession::set("last_POST",$post);
header("Location: " . $_SERVER['HTTP_REFERER']);
exit("");
}
*/
//split the line into its columns
$fh = fopen(BASE . $directory . "/" . $file->filename, "r");
for ($x = 0; $x < $_POST["rowstart"]; $x++) {
$lineInfo = fgetcsv($fh, 2000, $_POST["delimiter"]);
}
$colNames = array("none" => gt('--Disregard this column--'), "username" => gt('Username'), "password" => gt('Password'), "firstname" => gt('First Name'), "lastname" => gt('Last Name'), "email" => gt('Email Address'));
//Check to see if the line got split, otherwise throw an error
if ($lineInfo == null) {
$post['_formError'] = sprintf(gt('This file does not appear to be delimited by "%s". <br />Please specify a different delimiter.<br /><br />'), $_POST["delimiter"]);
expSession::set("last_POST", $post);
header("Location: " . $_SERVER['HTTP_REFERER']);
exit("");
} else {
//Setup the mete data (hidden values)
$form = new form();
$form->meta("module", "importer");
$form->meta("action", "page");
$form->meta("page", "process");
$form->meta("rowstart", $_POST["rowstart"]);
$form->meta("importer", "usercsv");
$form->meta("filename", $directory . "/" . $file->filename);
$form->meta("delimiter", $_POST["delimiter"]);
for ($i = 0; $i < count($lineInfo); $i++) {
$form->register("column[{$i}]", $lineInfo[$i], new dropdowncontrol("none", $colNames));
}
static function getUserCart()
{
global $db, $user, $router;
$sessAr = expSession::get('verify_shopper');
// initialize this users cart if they have ecomm installed.
$active = $db->selectValue('modstate', 'active', 'module="storeController"');
if (!expModules::controllerExists('cart') || empty($active)) {
// if ecomm is turned off, no cart.
return null;
} else {
if (isset($router->params['controller']) && $router->params['controller'] == 'order' && ($router->params['action'] == 'verifyReturnShopper' || $router->params['action'] == 'verifyAndRestoreCart' || $router->params['action'] == 'clearCart') && (!isset($sessAr['validated']) || $sessAr['validated'] != true)) {
return new order();
} else {
// if ecomm is turned off, no cart.
//$active = ;
if (empty($active)) {
return null;
}
$order = new order();
//initialize a new order object to use the find function from.
$ticket = expSession::getTicketString();
//get this users session ticket. this is how we track anonymous users.
// grab the origional referrer from the session table so that we can transfer it into the cart where it will be used for reporting purposes
// sessions are temporary so we can't report on the referrer in the session table itsef because it may not be there
// and we can't just get the referrer ar this point becaues the user likely navigated the site a bit and we want the origional referring site
$orig_referrer = $db->selectValue('sessionticket', 'referrer', "`ticket`='" . $ticket . "'");
//see if we have a LIVE and ACTIVE session w/ cart and grab it if so
$sessioncart = $order->find('first', "invoice_id='' AND sessionticket_ticket='" . $ticket . "'");
//check to see if the user is logged in, and if so grab their existing cart
if (!empty($user) && $user->isLoggedIn()) {
$usercart = $order->find('first', "invoice_id='' AND user_id=" . $user->id);
}
//eDebug($sessioncart);
//eDebug($usercart);
//enter here if we have NO ACTIVE SESSION CART -OR- We're awaiting a potential cart retore
if (empty($sessioncart->id) || $sessAr['awaiting_choice'] == true) {
if (empty($usercart->id)) {
// no SESSION cart was found and user is not logged in...
//let's see if they have a cart_id cookie set and we'll snag that if so
//they won't have any user data, since they are "logged in" once they get to
//checkout, so all we're really doing here is populating a cart for return
//shoppers
$cookie_cart_id = isset($_COOKIE['cid']) ? $_COOKIE['cid'] : 0;
//eDebug($cookie_cart_id,true);
if ($cookie_cart_id) {
$tmpCart = new order($cookie_cart_id);
if ($tmpCart->id != $cookie_cart_id) {
//cookie set, but we gots no cart in the DB so act as if we had no cookie
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer, 'return_count' => $cart->setReturnCount($orig_referrer)));
order::setCartCookie($cart);
} else {
$u = new user($tmpCart->user_id);
//1) Was Not logged in
if (empty($tmpCart->user_id)) {
$cart = new order($cookie_cart_id);
//update the session ticket and return count
$cart->update(array('sessionticket_ticket' => $ticket, 'return_count' => $cart->setReturnCount($orig_referrer)));
order::setCartCookie($cart);
flash('message', gt('Welcome back'));
} else {
if (!empty($tmpCart->user_id)) {
//check for is admin first
if ($u->isActingAdmin() || $u->isAdmin()) {
//no need to restore anything.
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer));
order::setCartCookie($cart);
} else {
if (!empty($tmpCart->user_id) && count($tmpCart->orderitem) == 0) {
//silently copy tracking data from old order and continue on
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer, 'return_count' => $tmpCart->setReturnCount($orig_referrer)));
order::setCartCookie($cart);
flash('message', gt('Welcome back'));
} else {
if (!empty($tmpCart->user_id) && count($tmpCart->orderitem) > 0) {
//3) Was Logged in w/ NON-?real user? account
//eDebug(expUtil::right($u->username,10),true);
if ($u->isTempUser()) {
if (isset($sessAr['validated']) && $sessAr['validated']) {
//already went through validation and we're good to go
$cart = new order($sessAr['cid']);
//update the session ticket and return count
$cart->update(array('sessionticket_ticket' => $ticket, 'return_count' => $cart->mergeReturnCount($sessioncart->return_count), 'orig_referrer' => $sessioncart->orig_referrer));
order::setCartCookie($cart);
expSession::un_set('verify_shopper');
$user = new user($cart->user_id);
expSession::login($user);
//Update the last login timestamp for this user.
$user->updateLastLogin();
flash('message', gt('Welcome back') . ' ' . $sessAr['firstname'] . '! ' . gt('Your shopping cart has been restored - you may continue shopping or') . ' <a href="' . makelink(array("controller" => "cart", "action" => "checkout")) . '">checkout</a> ' . gt('at your convenience.'));
} else {
//send to verification? If user has elected to restore their cart
//eDebug($_SESSION);
if (isset($sessAr['awaiting_choice']) && $sessAr['awaiting_choice'] == true) {
/*expSession::set('verify_shopper',array('au'=>1,'orig_path'=>$router->current_url, 'firstname'=>$u->firstname, 'cid'=>$cookie_cart_id));
redirect_to(array("controller"=>"order",'action'=>'verifyReturnShopper'));
orderController::verifyReturnShopper();*/
//just give em the sessioncart
$cart = $sessioncart;
if (count($cart->orderitem) > 0) {
//added items to current cart, so we'll assume they do not want to restore the previous at this point
expSession::un_set('verify_shopper');
order::setCartCookie($cart);
} else {
flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('We see that you have shopped with us before.') . '<br><br><a id="submit-verify" href="' . makelink(array("controller" => "order", "action" => "verifyReturnShopper")) . '" rel="nofollow">' . gt('Click Here to Restore Your Previous Shopping Cart') . '</a><br><br><a class="exp-ecom-link" href="' . makelink(array("controller" => "order", "action" => "clearCart", "id" => $cookie_cart_id)) . '">' . gt('Click Here To Start a New Shopping Cart') . '</a>');
$sessAr['orig_path'] = $router->current_url;
expSession::set('verify_shopper', $sessAr);
}
} else {
//first time...create a default cart, issue message, set session, rinse, repeat
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'return_count' => $cart->setReturnCount($orig_referrer)));
expSession::set('verify_shopper', array('au' => 1, 'orig_path' => $router->current_url, 'firstname' => $u->firstname, 'cid' => $cookie_cart_id, 'awaiting_choice' => true));
//order::setCartCookie($cart);
flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('We see that you have shopped with us before.') . '<br><br><a id="submit-verify" href="' . makelink(array("controller" => "order", "action" => "verifyReturnShopper")) . '" rel="nofollow">' . gt('Click Here to Restore Your Previous Shopping Cart') . '</a><br><br><a class="exp-ecom-link" href="' . makelink(array("controller" => "order", "action" => "clearCart", "id" => $cookie_cart_id)) . '">' . gt('Click Here To Start a New Shopping Cart') . '</a>');
}
}
} else {
//prompt to login and restore, otherwise reset and start fresh
//this should be all we need to do here
//redirect_to(array("controller"=>"order",'action'=>'verifyReturnShopper','au'=>'0'));
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer));
order::setCartCookie($cart);
flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('If you would like to pick up where you left off, click here to login and your previous shopping cart will be restored.'));
}
}
}
}
}
}
}
} else {
$cart = new order();
$cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer));
order::setCartCookie($cart);
}
} else {
//user is logged in, so we grab their usercart and update the session ticket only
//$usercart->update(array('sessionticket_ticket'=>$ticket, 'orig_referrer'=>$orig_referrer));
$usercart->update(array('sessionticket_ticket' => $ticket));
$cart = $usercart;
}
//enter here if we HAVE an ACTIVE session/cart, but the user is not logged in
} elseif (!empty($sessioncart->id) && $user->id == 0) {
// the user isn't logged in yet...the session cart will do for now.
$cart = $sessioncart;
// if we hit here we've found a session cart AND a usercart because the user just logged in
// and had both...that means we need to merge them
} elseif (!empty($sessioncart->id) && !empty($usercart->id)) {
// if we hit here we've found a session cart and a usercart...that means we need to merge them
// if it's not the same cart.
if ($sessioncart->id == $usercart->id) {
$cart = $sessioncart;
} else {
// if the old user cart had gone through any of the checkout process before, than we
// will clean that data out now and start fresh.
$usercart->cleanOrderitems();
//merge the current session cart with previously saved user cart.
foreach ($sessioncart->orderitem as $orderitem) {
$orderitem->merge(array('orders_id' => $usercart->id, 'user_id' => $user->id));
}
//if session cart HAS coupon codes, delete usercart codes and copy new code to usercart, else leave be
if (count($sessioncart->getOrderDiscounts())) {
foreach ($usercart->getOrderDiscounts() as $od) {
$od->delete();
}
foreach ($sessioncart->getOrderDiscounts() as $sod) {
$sod->orders_id = $usercart->id;
$sod->save();
}
}
$cart = new order($usercart->id);
$sessioncart->delete();
}
order::setCartCookie($cart);
expSession::un_set('verify_shopper');
// the user doesn't have a cart with his/her user id in it. this probably means they just
// logged in so we need to update the cart with the new user id information.
} elseif (!empty($sessioncart->id) && (empty($usercart->id) && $user->isLoggedIn())) {
//$sessioncart->update(array('user_id'=>$user->id, 'orig_referrer'=>$orig_referrer));
$sessioncart->update(array('user_id' => $user->id));
$cart = $sessioncart;
}
$cart->item_count = 0;
foreach ($cart->orderitem as $items) {
if ($items->product->requiresShipping && !$items->product->no_shipping) {
$cart->shipping_required = true;
}
if ($items->product->requiresBilling) {
$cart->billing_required = true;
}
$cart->item_count += $items->quantity;
}
$cart->lastcat = expSession::get('last_ecomm_category');
$cart->total = $cart->getCartTotal();
//eDebug($cart,true);
return $cart;
}
}
}
/**
* Hack to try and determine page which help doc is assoc with
* @static
* @param $params
* @return null|void
*/
public static function getSection($params)
{
global $db;
$h = new help();
$hv = $db->selectValue('help_version', 'id', 'version=' . $params['version']);
$help = $h->find('first', 'help_version_id=' . $hv . ' and sef_url=\'' . $params['title'] . '\'');
$sessec = expSession::get('last_section') ? expSession::get('last_section') : 1;
$sid = $help->section != 0 ? $help->section : $sessec;
if (!expSession::get('last_section')) {
expSession::set('last_section', $sid);
}
$section = $db->selectObject('section', 'id=' . intval($sid));
return $section;
}
/**
* @param $file
* @return mixed
*/
public static function uploadSuccessful($file)
{
global $db;
if (is_object($file)) {
return $db->insertObject($file, 'file');
} else {
$post = $_POST;
$post['_formError'] = $file;
flash('error', $file);
expSession::set('last_POST', $post);
header('Location: ' . $_SERVER['HTTP_REFERER']);
exit;
}
}
} else {
$source_select['showmodules'] = explode(',', $_REQUEST['showmodules']);
}
}
} else {
if (!isset($source_select['showmodules'])) {
$source_select['showmodules'] = null;
}
}
if (isset($_REQUEST['dest'])) {
$source_select['dest'] = $_REQUEST['dest'];
} else {
if (!isset($source_select['dest'])) {
$source_select['dest'] = null;
}
}
if (isset($_REQUEST['hideOthers'])) {
$source_select['hideOthers'] = $_REQUEST['hideOthers'];
} else {
if (!isset($source_select['hideOthers'])) {
$source_select['hideOthers'] = 0;
}
}
expSession::set('source_select', $source_select);
// Include the rendering page.
include_once BASE . $page;
expTheme::satisfyThemeRequirements();
} else {
echo sprintf(gt('Page') . ' "%s" ' . gt('not readable.'), BASE . $page);
}
ob_end_flush();
public function customerSignup()
{
expSession::set('customer-signup', true);
redirect_to(array('controller' => 'cart', 'action' => 'checkout'));
}
function generateProductReport()
{
global $db;
// eDebug($this->params);
$p = $this->params;
$sqlids = "SELECT DISTINCT(p.id) from ";
$sqlcount = "SELECT COUNT(DISTINCT(p.id)) from ";
$sqlstart = "SELECT DISTINCT(p.id), p.title, p.model, p.base_price, ps.title as status from ";
$sql = $db->prefix . "product as p ";
$sql .= "INNER JOIN " . $db->prefix . "product_status as ps ON p.product_status_id = ps.id ";
//if (!isset($p['uncategorized'])){
$sql .= "INNER JOIN " . $db->prefix . "product_storeCategories as psc ON p.id = psc.product_id ";
//}
//$sqlidsjoin = "INNER JOIN " . $db->prefix . "product as childp ON p.id = childp.parent_id ";
$sqlwhere = 'WHERE (1=1 ';
$inc = 0;
$sqltmp = '';
if (isset($p['product_status'])) {
foreach ($p['product_status'] as $os) {
if ($os == '') {
continue;
} else {
if ($inc == 0) {
$inc++;
$sqltmp .= " AND (p.product_status_id = " . $os;
} else {
$sqltmp .= " OR p.product_status_id = " . $os;
}
}
}
if (!empty($sqltmp)) {
$sqlwhere .= $sqltmp .= ")";
}
}
$inc = 0;
$sqltmp = '';
foreach ($p['product_type'] as $ot) {
if ($ot == '') {
continue;
} else {
if ($inc == 0) {
$inc++;
$sqltmp .= " AND (p.product_type = '" . $ot . "'";
} else {
$sqltmp .= " OR p.product_type = '" . $ot . "'";
}
}
}
if (!empty($sqltmp)) {
$sqlwhere .= $sqltmp .= ")";
}
if (!isset($p['uncategorized'])) {
$inc = 0;
$sqltmp = '';
foreach ($p['storeCategory'] as $ot) {
if ($ot == '') {
continue;
} else {
if ($inc == 0) {
$inc++;
$sqltmp .= " AND (psc.storecategories_id = " . $ot;
} else {
$sqltmp .= " OR psc.storecategories_id = " . $ot;
}
}
}
if (!empty($sqltmp)) {
$sqlwhere .= $sqltmp .= ")";
}
} else {
$sqlwhere .= " AND psc.storecategories_id = 0 AND p.parent_id = 0";
}
if (!empty($p['product-range-num'])) {
$operator = '';
switch ($p['product-range-op']) {
case 'g':
$operator = '>';
break;
case 'l':
$operator = '<';
break;
case 'e':
$operator = '=';
break;
}
$sqlwhere .= " AND p.id" . $operator . $p['product-range-num'];
}
$inc = 0;
$sqltmp = '';
if (isset($p['company'])) {
foreach ($p['company'] as $os) {
if ($os == '') {
continue;
} else {
if ($inc == 0) {
$inc++;
$sqltmp .= " AND (p.companies_id = " . $os;
} else {
$sqltmp .= " OR p.companies_id = " . $os;
}
}
}
if (!empty($sqltmp)) {
$sqlwhere .= $sqltmp .= ")";
}
}
if (!empty($p['product-price-num'])) {
$operator = '';
switch ($p['product-price-op']) {
case 'g':
$operator = '>';
break;
case 'l':
$operator = '<';
break;
case 'e':
$operator = '=';
break;
}
$sqlwhere .= " AND p.base_price" . $operator . $p['product-price-num'];
}
if (!empty($p['pnam'])) {
$sqlwhere .= " AND p.title LIKE '%" . $p['pnam'] . "%'";
}
if (!empty($p['sku'])) {
$sqlwhere .= " AND p.model LIKE '%" . $p['sku'] . "%'";
}
$sqlwhere .= ")";
$exportSQL = $sqlids . $sql . $sqlwhere;
// . ")"; // " OR p.parent_id IN (".$sqlids . $sql . $sqlwhere . ")";
//$sqlidswhere = " OR p.id IN (SELECT id FROM".$db->prefix."_product WHERE parent_id=)";
eDebug($sqlstart . $sql . $sqlwhere);
eDebug($sqlcount . $sql . $sqlwhere);
eDebug("Stored:" . $exportSQL);
expSession::set('product_export_query', $exportSQL);
//expSession::set('product_export_query', "SELECT DISTINCT(p.id) FROM `exponent_product` p WHERE (title like '%Velcro%' OR feed_title like '%Velcro%' OR title like '%Multicam%' OR feed_title like '%Multicam%') AND parent_id = 0");
$order = 'id';
$limit = empty($this->config['limit']) ? 350 : $this->config['limit'];
$product = new product();
//$items = $product->find('all', '', 'id', 25);
//$page = new expPaginator();
//eDebug($page,true);
$page = new expPaginator(array('model' => 'product', 'sql' => $sqlstart . $sql . $sqlwhere, 'count_sql' => $sqlcount . $sql . $sqlwhere, 'limit' => $limit, 'order' => $order, 'controller' => 'store', 'action' => $this->params['action'], 'columns' => array('actupon' => true, 'ID' => 'id', 'Product' => 'title|controller=store,action=show,showby=id', 'SKU' => 'model', 'Price' => 'base_price')));
//eDebug($page,true);
/*$page = new expPaginator(array(
'model'=>'order',
'controller'=>$this->params['controller'],
'action'=>$this->params['action'],
'sql'=>$sql,
'order'=>'purchased',
'dir'=>'DESC',
'columns'=>array(
'Customer'=>'lastname',
'Invoice #'=>'invoice_id',
'Total'=>'total',
'Date Purchased'=>'purchased',
'Status'=>'order_status_id',
)
)); */
$action_items = array('batch_export' => 'Export Products to CSV', 'status_export' => 'Export Status Report to CSV');
assign_to_template(array('page' => $page, 'action_items' => $action_items));
//
//
// assign_to_template(array('page'=>$page));
}
