Exemplo n.º 1
0
 public function save_vendor($vendor_id, $data)
 {
     $vendor_id = (int) $vendor_id;
     $temp_vendor = false;
     if ($vendor_id > 0) {
         // check permissions
         $temp_vendor = $this->get_vendor($vendor_id);
         if (!$temp_vendor || $temp_vendor['vendor_id'] != $vendor_id) {
             $temp_vendor = false;
             $vendor_id = false;
         }
     }
     if (_DEMO_MODE && $vendor_id == 1) {
         set_error('Sorry this is a Demo Vendor. It cannot be changed.');
         redirect_browser(self::link_open($vendor_id));
     }
     if (isset($data['default_tax_system']) && $data['default_tax_system']) {
         $data['default_tax'] = -1;
         $data['default_tax_name'] = '';
     }
     if (isset($data['primary_user_id'])) {
         unset($data['primary_user_id']);
     }
     // only allow this to be set through the method.
     $vendor_id = update_insert("vendor_id", $vendor_id, "vendor", $data);
     if (isset($_REQUEST['user_id'])) {
         $user_id = (int) $_REQUEST['user_id'];
         if ($user_id > 0) {
             // check permissions
             $temp_user = module_user::get_user($user_id);
             if (!$temp_user || $temp_user['user_id'] != $user_id) {
                 $user_id = false;
             }
         }
         // assign specified user_id to this vendor.
         // could this be a problem?
         // maybe?
         // todo: think about security precautions here, maybe only allow admins to set primary contacts.
         $data['vendor_id'] = $vendor_id;
         if (!$user_id) {
             // hack to set the default role of a contact (if one is set in settings).
             if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) {
                 // todo - save from vendor import
                 $bits = explode(' ', $data['name']);
                 $data['last_name'] = array_pop($bits);
                 $data['name'] = implode(' ', $bits);
             }
             $user_id = update_insert("user_id", false, "user", $data);
             module_cache::clear('user');
             $role_id = module_config::c('contact_default_role', 0);
             if ($role_id > 0) {
                 module_user::add_user_to_role($user_id, $role_id);
             }
             $this->set_primary_user_id($vendor_id, $user_id);
         } else {
             // make sure this user is part of this vendor.
             // wait! addition, we want to be able to move an existing vendor contact to this new vendor.
             $saved_user_id = false;
             if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_vendor::can_i('create', 'Companies')) {
                 $old_user = module_user::get_user((int) $_REQUEST['move_user_id']);
                 if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) {
                     $saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
                     module_cache::clear('user');
                     hook_handle_callback('vendor_contact_moved', $user_id, $old_user['vendor_id'], $vendor_id);
                     $this->set_primary_user_id($vendor_id, $user_id);
                     module_cache::clear('user');
                 }
             } else {
                 // save normally, only those linked to this account:
                 $users = module_user::get_contacts(array('vendor_id' => $vendor_id));
                 foreach ($users as $user) {
                     if ($user['user_id'] == $user_id) {
                         $saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
                         $this->set_primary_user_id($vendor_id, $user_id);
                         module_cache::clear('user');
                         break;
                     }
                 }
             }
             if (!$saved_user_id) {
                 $this->set_primary_user_id($vendor_id, 0);
                 module_cache::clear('user');
             }
         }
         // todo: move this functionality back into the user class.
         // maybe with a static save_user method ?
         if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
             module_extra::save_extras('user', 'user_id', $user_id);
         }
     }
     handle_hook("address_block_save", $this, "physical", "vendor", "vendor_id", $vendor_id);
     //handle_hook("address_block_save",$this,"postal","vendor","vendor_id",$vendor_id);
     if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
         module_extra::save_extras('vendor', 'vendor_id', $vendor_id);
     }
     // save the company information if it's available
     if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
         if (isset($_REQUEST['available_vendor_company']) && is_array($_REQUEST['available_vendor_company'])) {
             $selected_companies = isset($_POST['vendor_company']) && is_array($_POST['vendor_company']) ? $_POST['vendor_company'] : array();
             $company_access = module_company::get_company_data_access();
             if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) {
                 // user is unassignging this vendor from all companies we have access to, dont let them do this?
             }
             foreach ($_REQUEST['available_vendor_company'] as $company_id => $tf) {
                 if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
                     // remove vendor from this company
                     module_company::delete_vendor($company_id, $vendor_id);
                 } else {
                     // add vendor to this company (if they are not already existing)
                     module_company::add_vendor_to_company($company_id, $vendor_id);
                 }
             }
         }
     }
     self::update_vendor_status($vendor_id);
     module_cache::clear('vendor');
     return $vendor_id;
 }