function init()
{
$this->module_name = "language";
$language_code = basename(module_config::c('default_language'));
if (module_security::is_logged_in()) {
$user = module_user::get_user(module_security::get_loggedin_id(), false);
if ($user && $user['user_id'] && isset($user['language']) && $user['language']) {
$language_code = basename($user['language']);
}
}
// language code, like en, gb, etc..
self::set_ui_language($language_code);
}
}
}));
if ($quote['customer_id']) {
$c = array();
$res = module_user::get_contacts(array('customer_id' => $quote['customer_id']), false, false);
$primary_contact = false;
while ($row = mysql_fetch_assoc($res)) {
$c[$row['user_id']] = $row['name'] . ' ' . $row['last_name'];
if ($row['primary_user_id'] == $row['user_id']) {
$primary_contact = $row;
}
}
$c[0] = _l('Primary (%s)', $primary_contact ? htmlspecialchars($primary_contact['name'] . ' ' . $primary_contact['last_name']) : _l('N/A'));
if ($quote['contact_user_id'] > 0 && !isset($c[$quote['contact_user_id']])) {
// this option isn't in the listing. add it in.
$user_temp = module_user::get_user($quote['contact_user_id'], false);
$c[$quote['contact_user_id']] = $user_temp['name'] . ' ' . $user_temp['last_name'] . ' ' . _l('(under different customer)');
}
$fieldset_data['elements'][] = array('title' => 'Contact', 'field' => array('type' => 'select', 'name' => 'contact_user_id', 'value' => $quote['contact_user_id'] > 0 ? $quote['contact_user_id'] : 0, 'options' => $c, 'blank' => false));
}
}
if (class_exists('module_website', false) && module_website::is_plugin_enabled()) {
$fieldset_data['elements'][] = array('title' => module_config::c('project_name_single', 'Website'), 'fields' => array(function () use(&$quote) {
if (module_quote::can_i('edit', 'Quotes')) {
$c = array();
// change between websites within this customer?
// or websites all together?
$res = module_website::get_websites(array('customer_id' => isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : false));
//$res = module_website::get_websites();
while ($row = array_shift($res)) {
$c[$row['website_id']] = $row['name'];
$for_email=true;
include('quote_public.php');
$quote['quote_tasks'] = ob_get_clean();*/
// generate the PDF ready for sending.
$pdf = module_quote::generate_pdf($quote_id);
// find available "to" recipients.
// customer contacts.
$to_select = false;
if ($quote['customer_id']) {
$customer = module_customer::get_customer($quote['customer_id']);
$quote['customer_name'] = $customer['customer_name'];
$to = module_user::get_contacts(array('customer_id' => $quote['customer_id']));
if ($quote['contact_user_id']) {
$primary = module_user::get_user($quote['contact_user_id']);
if ($primary) {
$to_select = $primary['email'];
}
} else {
if ($customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
if ($primary) {
$to_select = $primary['email'];
}
}
}
} else {
$to = array();
}
$template->assign_values($quote);
ob_start();
module_email::print_compose(array('title' => _l('Email Quote: %s', $quote['name']), 'find_other_templates' => 'quote_email', 'current_template' => $template_name, 'customer_id' => $quote['customer_id'], 'quote_id' => $quote['quote_id'], 'debug_message' => 'Sending quote as email', 'to' => $to, 'to_select' => $to_select, 'bcc' => module_config::c('admin_email_address', ''), 'content' => $template->render('html'), 'subject' => $template->replace_description(), 'success_url' => module_quote::link_open($quote_id), 'cancel_url' => module_quote::link_open($quote_id), 'attachments' => array(array('path' => $pdf, 'name' => basename($pdf), 'preview' => module_quote::link_public_print($quote_id)))));
}));
if ($ticket['customer_id'] && $ticket_id > 0) {
$fieldset_data['elements'][] = array('title' => _l('Contact'), 'fields' => array(function () use($ticket_id, $ticket) {
if (module_ticket::can_edit_tickets() && isset($_REQUEST['show_change_contact'])) {
$c = array();
if ($ticket['customer_id']) {
$res = module_user::get_contacts(array('customer_id' => $ticket['customer_id']));
} else {
$res = array();
}
while ($row = array_shift($res)) {
$c[$row['user_id']] = $row['name'] . ' ' . $row['last_name'];
}
if ($ticket['user_id'] && !isset($c[$ticket['user_id']])) {
// this option isn't in the listing. add it in.
$user_temp = module_user::get_user($ticket['user_id'], false);
$c[$ticket['user_id']] = $user_temp['name'] . ' ' . $user_temp['last_name'];
if ($user_temp['customer_id'] >= 0) {
$c[$ticket['user_id']] .= ' ' . _l('(under different customer)');
} else {
// user not assigned to a customer.
}
}
echo '<a name="#change_contact"></a>';
echo print_select_box($c, 'change_user_id', $ticket['user_id']);
} else {
echo module_user::link_open_contact($ticket['user_id'], true);
if (module_ticket::can_edit_tickets()) {
echo ' ';
echo '<a href="' . module_ticket::link_open($ticket_id) . '&show_change_contact#change_contact">' . _l('Change') . '</a>';
}
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$user_safe) {
die('fail');
}
$user_id = (int) $_REQUEST['user_id'];
$user = module_user::get_user($user_id);
if (!$user) {
$user_id = 'new';
}
if (!$user && $user_id > 0) {
// bad url. hack attempt?
// direct back to customer page
if (isset($_REQUEST['customer_id']) && (int) $_REQUEST['customer_id']) {
redirect_browser(module_customer::link_open($_REQUEST['customer_id']));
}
}
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry, only the Administrator can access this page.');
redirect_browser(_UCM_HOST . _BASE_HREF);
}
// permission check.
<!-- end header.head -->
</div>
<!-- /#top -->
<?php
if (module_security::getcred()) {
?>
<div id="left">
<div class="media user-media">
<div class="media-body">
<h5 class="media-heading"><?php
$user = module_user::get_user(module_security::get_loggedin_id());
_e('Welcome %s', htmlspecialchars($user['name']));
?>
</h5>
<ul class="list-unstyled user-info">
<li><small><i class="fa fa-user"></i> <a href="<?php
echo module_user::link_open($_SESSION['_user_id']);
?>
"><?php
_e('Edit Profile');
?>
</a></small></li>
<?php
$header_buttons = array();
if (module_security::is_logged_in()) {
$header_buttons = hook_filter_var('header_buttons', $header_buttons);
public static function hook_job_task_after($hook, $job_id, $task_id, $job_data, $task_data)
{
$comments = get_multiple('job_discussion', array('job_id' => $job_id, 'task_id' => $task_id), 'job_discussion_id', 'exact', 'job_discussion_id');
if ($job_data && isset($job_data['job_discussion']) && $job_data['job_discussion'] == 1) {
// disabled & hidden.
return;
}
if ($job_data && isset($job_data['job_discussion']) && $job_data['job_discussion'] == 2 && count($comments) == 0) {
// disabled & shown.
return;
}
if (isset($_POST['job_discussion_add_job_id']) && isset($_POST['job_discussion_add_task_id']) && $_POST['job_discussion_add_job_id'] == $job_id && $_POST['job_discussion_add_task_id'] == $task_id && isset($_POST['note']) && strlen($_POST['note'])) {
$x = 0;
while (ob_get_level() && $x++ < 10) {
ob_end_clean();
}
$current_user_id = module_security::get_loggedin_id();
$customer = module_customer::get_customer($job_data['customer_id']);
if (!$current_user_id) {
if ($job_data['customer_id'] && $customer['primary_user_id']) {
$current_user_id = $customer['primary_user_id'];
}
}
$result = array();
// adding a new note.
$job_discussion_id = update_insert('job_discussion_id', 0, 'job_discussion', array('job_id' => $job_id, 'task_id' => $task_id, 'user_id' => $current_user_id, 'note' => $_POST['note']));
$result['job_discussion_id'] = $job_discussion_id;
$result['count'] = count($comments) + 1;
$tasks = module_job::get_tasks($job_id);
$result['email_customer'] = array();
if (isset($_POST['sendemail_customer']) && is_array($_POST['sendemail_customer'])) {
//$_POST['sendemail_customer'] == 'yes' && $customer['primary_user_id']){
// send email to customer primary user id.
$customer_contacts = module_user::get_contacts(array('customer_id' => $job_data['customer_id']));
foreach ($_POST['sendemail_customer'] as $user_id) {
$user_id = (int) $user_id;
if ($user_id && isset($customer_contacts[$user_id])) {
// we can email this user.
$user = module_user::get_user($user_id, false);
if ($user && $user['user_id'] == $user_id) {
$values = array_merge($user, $job_data);
$values['job_url'] = module_job::link_public($job_id);
$values['job_url'] .= (strpos($values['job_url'], '?') === false ? '?' : '&') . 'discuss=' . $task_id . '#discuss' . $task_id;
$values['job_name'] = $job_data['name'];
$values['customer_name'] = $user['name'] . ' ' . $user['last_name'];
$values['note'] = $_POST['note'];
//todo: no order if no showning numbers
$values['task_name'] = '#' . $tasks[$task_id]['task_order'] . ': ' . $tasks[$task_id]['description'];
$template = module_template::get_template_by_key('job_discussion_email_customer');
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->replace_values = $values;
$email->set_to('user', $user['user_id']);
$email->set_from('user', $current_user_id);
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
$result['email_customer'][] = $user['user_id'];
} else {
/// log err?
}
}
}
}
/*$user = module_user::get_user($customer['primary_user_id'],false);
if($user['user_id'] == $customer['primary_user_id']){
$values = array_merge($user,$job_data);
$values['job_url'] = module_job::link_public($job_id);
$values['job_url'] .= (strpos($values['job_url'],'?')===false ? '?' : '&').'discuss='.$task_id.'#discuss'.$task_id;
$values['job_name'] = $job_data['name'];
$values['customer_name'] = $user['name'].' '.$user['last_name'];
$values['note'] = $_POST['note'];
//todo: no order if no showning numbers
$values['task_name'] = '#'.$tasks[$task_id]['task_order'].': '.$tasks[$task_id]['description'];
$template = module_template::get_template_by_key('job_discussion_email_customer');
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->replace_values = $values;
$email->set_to('user',$user['user_id']);
$email->set_from('user',$current_user_id);
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
if($email->send()){
// it worked successfully!!
$result['email_customer'] = 1;
}else{
/// log err?
$result['email_customer'] = 0;
}
}else{
// log error?
$result['email_customer'] = 0;
}*/
}
if (isset($_POST['sendemail_staff']) && is_array($_POST['sendemail_staff'])) {
// == 'yes' && $job_data['user_id']
// todo: handle the restul better when sending to multiple people
$result['email_staff_list'] = $_POST['sendemail_staff'];
foreach ($_POST['sendemail_staff'] as $staff_id) {
// send email to staff
$staff_id = (int) $staff_id;
if (!$staff_id) {
$result['nostaff'] = 1;
continue;
}
if (isset($task_data['user_id']) && $task_data['user_id'] == $staff_id || isset($job_data['user_id']) && $job_data['user_id'] == $staff_id) {
//$user = module_user::get_user($job_data['user_id'],false);
$user = module_user::get_user($staff_id, false);
if ($user['user_id'] == $staff_id) {
$values = array_merge($user, $job_data);
$values['job_url'] = module_job::link_public($job_id);
$values['job_url'] .= (strpos($values['job_url'], '?') === false ? '?' : '&') . 'discuss=' . $task_id . '#discuss' . $task_id;
$values['job_name'] = $job_data['name'];
$values['staff_name'] = $user['name'] . ' ' . $user['last_name'];
$values['note'] = $_POST['note'];
//todo: no order if no showning numbers
$values['task_name'] = '#' . $tasks[$task_id]['task_order'] . ': ' . $tasks[$task_id]['description'];
$template = module_template::get_template_by_key('job_discussion_email_staff');
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->replace_values = $values;
$email->set_to('user', $staff_id);
$email->set_from('user', $current_user_id);
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
$result['email_staff'] = 1;
} else {
/// log err?
$result['email_staff'] = 0;
}
} else {
// log error?
$result['email_staff'] = 0;
}
}
}
}
$x = 0;
while ($x++ < 5 && ob_get_level()) {
ob_end_clean();
}
header("Content-type: text/javascript", true);
echo json_encode($result);
exit;
}
$label = htmlspecialchars(module_config::c('job_discussion_button_label', 'Task Comments'));
?>
<a href="<?php
echo self::link_public($job_id, $task_id);
?>
" id="discuss<?php
echo $task_id;
?>
" class="task_job_discussion <?php
echo $label ? 'with_text' : '';
?>
" title="<?php
_e('View Discussion');
?>
"><span><?php
echo count($comments) > 0 ? count($comments) : '';
?>
</span><?php
echo $label;
?>
</a>
<div class="task_job_discussion_holder"<?php
echo isset($_REQUEST['discuss']) && $_REQUEST['discuss'] == $task_id ? ' style="display:block;"' : '';
?>
>
<?php
if (isset($_REQUEST['discuss']) && $_REQUEST['discuss'] == $task_id) {
$_REQUEST['t'] = $task_id;
$_REQUEST['i'] = $job_id;
$_REQUEST['hash'] = self::link_public($job_id, $task_id, true);
self::external_hook('public');
}
?>
</div>
<?php
}
$home_widgets = array_merge($home_widgets, $home_widgets2);
}
// group the widgets into columsn.
// the default columns is 3, but each widget can specify which column group they want to appear in.
// layout the default widget structure in the order we want it to display on the page:
$widget_columns = array();
$widget_columns[4] = array(1 => array(), 2 => array(), 3 => array(), 4 => array());
$widget_columns[1] = array(1 => array());
$widget_columns[2] = array(1 => array(), 2 => array());
$widget_columns[3] = array(1 => array(), 2 => array(), 3 => array());
// then display the welcome message:
module_template::init_template('welcome_message', '<p>
Hi {USER_NAME}, and Welcome to {SYSTEM_NAME}
</p>', 'Welcome message on Dashboard', array('USER_NAME' => 'Current user name', 'SYSTEM_NAME' => 'System name from settings area'));
// check if there is a template for this user role.
$my_account = module_user::get_user(module_security::get_loggedin_id());
$security_role = current($my_account['roles']);
$template = false;
if ($security_role && isset($security_role['security_role_id'])) {
$template = module_template::get_template_by_key('welcome_message_role_' . $security_role['security_role_id']);
}
if (!$template || !$template->template_key) {
$template = module_template::get_template_by_key('welcome_message');
}
$template->assign_values(array('user_name' => htmlspecialchars($_SESSION['_user_name']), 'system_name' => htmlspecialchars(module_config::s('admin_system_name'))));
$widget_sort_json = @json_decode(module_config::c('dash_widgets_sort_' . module_security::get_loggedin_id()), true);
if (!is_array($widget_sort_json)) {
$widget_sort_json = array();
}
$widget_sort_order = array();
$widget_sort_page_order = 1;
>
<?php
}
?>
</strong>
</span>
<span>
<?php
_e('To:');
?>
<strong><?php
$to_temp = array();
if ($ticket_message['to_user_id']) {
$to_temp = module_user::get_user($ticket_message['to_user_id'], false);
} else {
if ($header_cache && isset($header_cache['to_email'])) {
$to_temp['email'] = $header_cache['to_email'];
}
}
if (isset($to_temp['name'])) {
echo htmlspecialchars($to_temp['name']);
}
if (isset($to_temp['email'])) {
?>
<<?php
echo htmlspecialchars($to_temp['email']);
?>
>
public static function get_replace_fields($customer_id, $primary_user_id = false)
{
$customer_data = module_customer::get_customer($customer_id);
$address_combined = array();
if (isset($customer_data['customer_address'])) {
foreach ($customer_data['customer_address'] as $key => $val) {
if (strlen(trim($val))) {
$address_combined[$key] = $val;
}
}
}
// do we use the primary contact or
$contact_data = module_user::get_user($primary_user_id ? $primary_user_id : $customer_data['primary_user_id']);
//print_r($contact_data);exit;
if ($contact_data && $contact_data['customer_id'] != $customer_id && (!isset($contact_data['linked_parent_user_id']) || !$contact_data['linked_parent_user_id'])) {
$contact_data = array('user_id' => 0, 'customer_id' => 0, 'name' => '', 'last_name' => '', 'email' => '', 'password' => '', 'phone' => '', 'mobile' => '', 'fax' => '');
}
$data = array('customer_details' => ' - todo - ', 'customer_name' => isset($customer_data['customer_name']) ? htmlspecialchars($customer_data['customer_name']) : _l('N/A'), 'customer_address' => htmlspecialchars(implode(', ', $address_combined)), 'contact_name' => $contact_data['name'] != $contact_data['email'] ? htmlspecialchars($contact_data['name'] . ' ' . $contact_data['last_name']) : '', 'contact_first_name' => $contact_data['name'], 'contact_last_name' => $contact_data['last_name'], 'first_name' => $contact_data['name'], 'last_name' => $contact_data['last_name'], 'contact_email' => htmlspecialchars($contact_data['email']), 'contact_phone' => htmlspecialchars($contact_data['phone']), 'contact_mobile' => htmlspecialchars($contact_data['mobile']), 'customer_invoice_prefix' => isset($customer_data['default_invoice_prefix']) ? $customer_data['default_invoice_prefix'] : '');
$data = array_merge($customer_data, $data);
foreach ($customer_data['customer_address'] as $key => $val) {
$data['address_' . $key] = $val;
}
if (class_exists('module_group', false) && module_group::is_plugin_enabled()) {
// get the customer groups
$g = array();
if ((int) $customer_data['customer_id'] > 0) {
foreach (module_group::get_groups_search(array('owner_table' => 'customer', 'owner_id' => $customer_data['customer_id'])) as $group) {
$g[] = $group['name'];
}
}
$data['customer_group'] = implode(', ', $g);
// get the customer groups
$g = array();
if ($customer_id > 0) {
$customer_data = module_customer::get_customer($customer_id);
foreach (module_group::get_groups_search(array('owner_table' => 'customer', 'owner_id' => $customer_id)) as $group) {
$g[$group['group_id']] = $group['name'];
}
}
$data['customer_group'] = implode(', ', $g);
}
// addition. find all extra keys for this customer and add them in.
// we also have to find any EMPTY extra fields, and add those in as well.
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
$all_extra_fields = module_extra::get_defaults('customer');
foreach ($all_extra_fields as $e) {
$data[$e['key']] = _l('N/A');
}
// and find the ones with values:
$extras = module_extra::get_extras(array('owner_table' => 'customer', 'owner_id' => $customer_id));
foreach ($extras as $e) {
$data[$e['extra_key']] = $e['extra'];
}
// and the primary contact
$all_extra_fields = module_extra::get_defaults('user');
foreach ($all_extra_fields as $e) {
$data[$e['key']] = _l('N/A');
}
if ($contact_data && $contact_data['user_id']) {
// and find the ones with values:
$extras = module_extra::get_extras(array('owner_table' => 'user', 'owner_id' => $contact_data['user_id']));
foreach ($extras as $e) {
$data[$e['extra_key']] = $e['extra'];
}
}
}
return $data;
}
$required = array('fields' => array('name' => 'Name'));
if (module_config::c('user_email_required', 1)) {
$required['fields']['email'] = true;
}
module_form::set_required($required);
// check if this customer is linked to anyone else. and isn't the primary
$contact_links = array();
if ((int) $user_id > 0 && $use_master_key == 'customer_id') {
$this_one_is_linked_primary = false;
$contact_links = module_user::get_contact_customer_links($user['user_id']);
if (count($contact_links)) {
// check if this user is primary.
$this_one_is_linked_primary = $user['linked_parent_user_id'] == $user_id;
$c = array();
foreach ($contact_links as $contact_link) {
$other_contact = module_user::get_user($contact_link['user_id']);
if ($this_one_is_linked_primary && !$other_contact['linked_parent_user_id']) {
// hack to ensure data validity
$other_contact['linked_parent_user_id'] = $user_id;
update_insert('user_id', $other_contact['user_id'], 'user', array('linked_parent_user_id' => $user_id));
}
$c[] = module_customer::link_open($contact_link['customer_id'], true);
}
if ($this_one_is_linked_primary) {
?>
<div>
<?php
_e('Notice: This contact is primary and has access to the other linked customers: %s', implode(', ', $c));
?>
public static function get_replace_fields($user_id)
{
// do we use the primary contact or
$contact_data = module_user::get_user($user_id);
//print_r($contact_data);exit;
if ($contact_data && $contact_data['user_id'] != $user_id) {
$contact_data = array('user_id' => 0, 'customer_id' => 0, 'name' => '', 'last_name' => '', 'email' => '', 'password' => '', 'phone' => '', 'mobile' => '', 'fax' => '');
}
$contact_data['password'] = '';
$contact_data['first_name'] = $contact_data['name'];
// addition. find all extra keys for this customer and add them in.
// we also have to find any EMPTY extra fields, and add those in as well.
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
// and the primary contact
$all_extra_fields = module_extra::get_defaults('user');
foreach ($all_extra_fields as $e) {
$contact_data[$e['key']] = _l('N/A');
}
if ($contact_data && $contact_data['user_id']) {
// and find the ones with values:
$extras = module_extra::get_extras(array('owner_table' => 'user', 'owner_id' => $contact_data['user_id']));
foreach ($extras as $e) {
$contact_data[$e['extra_key']] = $e['extra'];
}
}
}
return $contact_data;
}
public function external_hook($hook)
{
switch ($hook) {
case 'event_ipn':
require_once 'includes/plugin_paymethod_stripe/stripe-php/lib/Stripe.php';
$stripe = array("secret_key" => module_config::c('payment_method_stripe_secret_key'), "publishable_key" => module_config::c('payment_method_stripe_publishable_key'));
Stripe::setApiKey($stripe['secret_key']);
$body = @file_get_contents('php://input');
$event_json = json_decode($body);
ob_start();
// echo "INPUT: <br>\n";
// print_r($body);
// echo "<br><br>\n";
echo "UCM STRIPE DEBUG:<br><br>JSON: <br>\n";
print_r($event_json);
echo "<br><br>\n";
$event_id = $event_json->id;
try {
$event = Stripe_Event::retrieve($event_id);
// This will send receipts on succesful invoices
if ($event->type == 'charge.succeeded' && $event->data->object->invoice) {
$paid_amount = $event->data->object->amount / 100;
// get the invoice.
$invoice = Stripe_Invoice::retrieve($event->data->object->invoice);
echo "INVOICE: <br>\n";
print_r($invoice);
echo "<br><br>\n";
if ($invoice && $invoice->subscription && $invoice->paid) {
// this payment was for a subscription! which one though?
$customer = Stripe_Customer::retrieve($invoice->customer);
echo "CUSTOMER: <br>\n";
print_r($customer);
echo "<br><br>\n";
$subscription = $customer->subscriptions->retrieve($invoice->subscription);
echo "SUBSCRIPTION: <br>\n";
print_r($subscription);
echo "<br><br>\n";
// now we have the Customer and Subscription we can look through our invoice_payment_subscription table for those values.
/*update_insert('invoice_payment_subscription_id',$invoice_payment_subscription_id,'invoice_payment_subscription',array(
'status' => _INVOICE_SUBSCRIPTION_ACTIVE,
'date_start' => date('Y-m-d'),
// we also have to store the stripe details here so we can easily search for them later on.
'stripe_customer' => $stripe_customer->id,
'stripe_subscription' => $stripe_subscription->id,
));*/
$invoice_payment_subscription = get_single('invoice_payment_subscription', array('stripe_customer', 'stripe_subscription'), array($customer->id, $subscription->id));
if ($invoice_payment_subscription) {
// FIND THE linked invoice_payment for this original invoice payment subscription, this allows us to perform the same creatE_new_invoice as paypal below:
$invoice_payment_subscription_id = $invoice_payment_subscription['invoice_payment_subscription_id'];
$invoice_payment = get_single('invoice_payment', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if ($invoice_payment) {
$payment_id = $invoice_payment['invoice_payment_id'];
$invoice_id = $invoice_payment['invoice_id'];
// we have a subscription payment. woo!
// this gets a bit tricky, we have to work out if the invoice has been generated for this subscription yet.
// if this invoice hasn't been generated yet then we have to generate it.
// pass this back to the invoice class so we can reuse this feature in the future.
$data = module_invoice::create_new_invoice_for_subscription_payment($invoice_id, $payment_id, $invoice_payment_subscription_id);
if ($data && $data['invoice_id'] && $data['invoice_payment_id']) {
$next_time = time();
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['days']) . ' days', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['months']) . ' months', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['years']) . ' years', $next_time);
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('date_last_pay' => date('Y-m-d'), 'date_next' => date('Y-m-d', $next_time)));
update_insert("invoice_payment_id", $data['invoice_payment_id'], "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $paid_amount, 'method' => 'Stripe (Subscription)', 'invoice_payment_subscription_id' => $invoice_payment_subscription_id));
module_paymethod_stripe::add_payment_data($data['invoice_payment_id'], 'log', "Payment Received via Webhook: " . var_export(array('event.type' => $event->type, 'invoice.id' => $invoice->id, 'subscription.id' => $subscription->id, 'customer.id' => $customer->id, '$invoice_payment_subscription_id' => $invoice_payment_subscription_id, '$invoice_payment_id' => $payment_id), true));
module_invoice::save_invoice($data['invoice_id'], array());
echo "Successful Subscription Payment For Invoice " . $data['invoice_id'];
} else {
send_error("Stripe Webhook Subscription Error (failed to generate new invoice!) " . var_export($data, true));
}
} else {
echo 'Failed to find matching invoice payment in db';
}
} else {
echo 'Failed to find matching subscription payment in db';
}
}
}
} catch (Exception $e) {
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Webhook failed. <br><br>\n\n";
$error .= $err['message'];
$error .= "\n\n\n" . var_export($e, true);
echo $error;
}
$debug = ob_get_clean();
//mail('*****@*****.**','Stripe Webhook debug',$debug);
if (module_config::c('stripe_payment_debug', 0)) {
echo $debug;
}
echo "Thanks! (set stripe_payment_debug to 1 in UCM to see more data here)";
exit;
break;
case 'pay_subscription':
$invoice_id = isset($_REQUEST['invoice_id']) ? $_REQUEST['invoice_id'] : false;
$invoice_payment_id = isset($_REQUEST['invoice_payment_id']) ? $_REQUEST['invoice_payment_id'] : false;
$invoice_payment_subscription_id = isset($_REQUEST['invoice_payment_subscription_id']) ? $_REQUEST['invoice_payment_subscription_id'] : false;
$stripe_plan_id = isset($_REQUEST['stripe_plan_id']) ? $_REQUEST['stripe_plan_id'] : false;
$user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : false;
if ($invoice_id && $invoice_payment_id && $stripe_plan_id && $invoice_payment_subscription_id && $user_id && isset($_POST['stripeToken'])) {
$user_data = module_user::get_user($user_id);
$email = isset($_REQUEST['stripeEmail']) && strlen($_REQUEST['stripeEmail']) ? $_REQUEST['stripeEmail'] : $user_data['email'];
if (!$email || !strpos($email, '@')) {
die('Please ensure your user account has a valid email address before paying with stripe');
}
$invoice_payment = get_single('invoice_payment', 'invoice_payment_id', $invoice_payment_id);
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if (!$invoice_payment || !$invoice_payment_subscription || $invoice_payment['invoice_id'] != $invoice_id || $invoice_payment['invoice_payment_subscription_id'] != $invoice_payment_subscription_id) {
die('Invalid invoice payment subscription id');
}
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$invoice_data = module_invoice::get_invoice($invoice_id);
if ($invoice_payment_data && $invoice_data && $invoice_id == $invoice_data['invoice_id'] && $invoice_payment_data['invoice_id'] == $invoice_data['invoice_id']) {
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
$currency_code = $currency['code'];
$description = isset($_REQUEST['description']) ? $_REQUEST['description'] : 'N/A';
$template = new module_template();
ob_start();
require_once 'includes/plugin_paymethod_stripe/stripe-php/lib/Stripe.php';
$stripe = array("secret_key" => module_config::c('payment_method_stripe_secret_key'), "publishable_key" => module_config::c('payment_method_stripe_publishable_key'));
Stripe::setApiKey($stripe['secret_key']);
try {
// todo- search for existing customer based on email address???
// todo: check if adding new plan to existing customer work??
$stripe_customer = Stripe_Customer::create(array("card" => $_POST['stripeToken'], "email" => $email, 'metadata' => array('user_id' => $user_id)));
if ($stripe_customer && $stripe_customer->id) {
//} && $stripe_customer->subscriptions){
$stripe_subscription = $stripe_customer->subscriptions->create(array('plan' => $stripe_plan_id));
if ($stripe_subscription && $stripe_subscription->id) {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d'), 'stripe_customer' => $stripe_customer->id, 'stripe_subscription' => $stripe_subscription->id));
module_paymethod_stripe::add_payment_data($invoice_payment_id, 'log', "Started Stripe Subscription: " . var_export(array('customer.id' => $stripe_customer->id, 'plan.id' => $stripe_plan_id, 'subscription.id' => $stripe_subscription->id), true));
// success!
// redirect to receipt page.
redirect_browser(module_invoice::link_public_payment_complete($invoice_id));
} else {
echo 'Failed to create subscription with stripe';
}
}
$error = "Something went wrong during stripe payment. Please confirm invoice payment went through: " . htmlspecialchars($description);
send_error($error);
echo $error;
} catch (Stripe_CardError $e) {
// The card has been declined
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
} catch (Exception $e) {
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
}
$template->content = ob_get_clean();
echo $template->render('pretty_html');
exit;
}
}
echo 'Error paying via Stripe';
exit;
case 'pay':
$invoice_id = isset($_REQUEST['invoice_id']) ? $_REQUEST['invoice_id'] : false;
$invoice_payment_id = isset($_REQUEST['invoice_payment_id']) ? $_REQUEST['invoice_payment_id'] : false;
if ($invoice_id && $invoice_payment_id && isset($_POST['stripeToken'])) {
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$invoice_data = module_invoice::get_invoice($invoice_id);
if ($invoice_payment_data && $invoice_data && $invoice_id == $invoice_data['invoice_id'] && $invoice_payment_data['invoice_id'] == $invoice_data['invoice_id']) {
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
$currency_code = $currency['code'];
$description = _l('Payment for invoice %s', $invoice_data['name']);
$template = new module_template();
ob_start();
include module_theme::include_ucm('includes/plugin_paymethod_stripe/pages/stripe_form.php');
$template->content = ob_get_clean();
echo $template->render('pretty_html');
exit;
}
}
echo 'Error paying via Stripe';
exit;
}
}
@flush();
// do the ticket processing.
// assign a new status?
if ((int) $_SESSION['ticket_bulk_status_id'] > 0) {
update_insert('ticket_id', $ticket_id, 'ticket', array('status_id' => $_SESSION['ticket_bulk_status_id']));
}
if ($_SESSION['ticket_bulk_send_message'] && $_SESSION['ticket_bulk_send_message_content']) {
// send our reply! tricky!
// who from? just like the admin is writing it I guess.
// hack: so that the tickets do not loose their positions in the queue we want to keep the same 'last message' timestamp on the thread.
$ticket_data = module_ticket::get_ticket($ticket_id);
$from_user_id = $ticket_data['assigned_user_id'] ? $ticket_data['assigned_user_id'] : 1;
// the <br> is a hack so that our script knows this is html.
$message = $_SESSION['ticket_bulk_send_message_content'] . '<br><br>';
// replace our values.
$to_user = module_user::get_user($ticket_data['user_id'], false);
$replace = array('name' => $to_user['name'], 'ticket_id' => module_ticket::ticket_number($ticket_id), 'ticket_url' => module_ticket::link_public($ticket_id), 'ticket_url_cancel' => module_ticket::link_public_status($ticket_id, 7), 'ticket_url_resolved' => module_ticket::link_public_status($ticket_id, 6), 'ticket_url_inprogress' => module_ticket::link_public_status($ticket_id, 5));
foreach ($replace as $key => $val) {
$message = str_replace('{' . strtoupper($key) . '}', $val, $message);
$message = str_replace('{' . $key . '}', $val, $message);
}
$ticket_message_id = module_ticket::send_reply($ticket_id, $message, $from_user_id, $ticket_data['user_id'], 'admin');
if ($ticket_message_id) {
// success!
// do the timestamp.
update_insert('ticket_message_id', $ticket_message_id, 'ticket_message', array('message_time' => $ticket_data['last_message_timestamp'] + 1));
update_insert('ticket_id', $ticket_id, 'ticket', array('last_message_timestamp' => $ticket_data['last_message_timestamp'] + 1));
}
}
?>
<script type="text/javascript">
<tr class="title">
<th><?php
echo _l('Name');
?>
</th>
<th><?php
echo _l('Email Address');
?>
</th>
</tr>
</thead>
<tbody>
<?php
$c = 0;
foreach ($pagination['rows'] as $user) {
$user2 = module_user::get_user($user['user_id']);
// for primary contact / link check
?>
<tr class="<?php
echo $c++ % 2 ? "odd" : "even";
?>
">
<td class="row_action">
<?php
echo module_user::link_open_contact($user['user_id'], true, $user2);
?>
<?php
if ($user['is_primary'] == $user['user_id']) {
echo ' *';
?>
" class="note_edit note_options_link" rel="<?php
echo $note_item['note_id'];
?>
"> <?php
echo $note_text;
?>
</a>
<?php
} else {
echo forum_text($note_item['note']);
}
});
$columns['info'] = array('title' => 'Info', 'width' => 40, 'callback' => function ($note_item) {
if (module_config::c('note_show_creator', 1)) {
$user_data = module_user::get_user($note_item['create_user_id']);
echo $user_data['name'];
}
if ($note_item['display_summary'] && $note_item['rel_data'] && $note_item['owner_id']) {
global $plugins;
if (module_config::c('note_show_creator', 1)) {
echo ' / ';
}
echo $plugins[$note_item['owner_table']]->link_open($note_item['owner_id'], true);
}
});
if ($can_delete) {
$columns['del'] = array('title' => ' ', 'callback' => function ($note_item) {
if ($note_item['can_delete']) {
?>
<a href="<?php
}
if (module_job::can_i('view', 'Job Advanced')) {
/***** JOB ADVANCED *****/
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Advanced'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array(array('title' => 'Customer Link', 'field' => array('type' => 'html', 'value' => '<a href="' . module_job::link_public($job_id) . '" target="_blank">' . _l('Click to view external link') . '</a>', 'help' => 'You can send this link to the customer and they can view progress on their job. They can also view a list of any invoices attached to this job. This is VERY useful to stop customers asking you "how far along are you" with a job because they can see exactly where you have logged up to in the system.'))));
if ((int) $job_id > 0 && module_job::can_i('edit', 'Jobs')) {
$fieldset_data['elements'][] = array('title' => 'Email Job', 'field' => array('type' => 'html', 'value' => '<a href="' . module_job::link_generate($job_id, array('arguments' => array('email' => 1))) . '">' . _l('Email this Job to Customer') . '</a>', 'help' => 'You can email the customer a copy of this job. This can be a progress report or as an initial quote. '));
$fieldset_data['elements'][] = array('title' => 'Email Staff', 'fields' => array(function () use(&$job_tasks, $job_id) {
$allocated_staff_members = array();
foreach ($job_tasks as $job_task) {
if (!isset($allocated_staff_members[$job_task['user_id']])) {
$allocated_staff_members[$job_task['user_id']] = 0;
}
$allocated_staff_members[$job_task['user_id']]++;
}
foreach ($allocated_staff_members as $staff_id => $count) {
$staff = module_user::get_user($staff_id);
?>
<a href="<?php
echo module_job::link_generate($job_id, array('arguments' => array('email_staff' => 1, 'staff_id' => $staff_id)));
?>
"><?php
_e('Email staff (%s - %s tasks)', $staff['name'], $count);
?>
</a> <br/>
<?php
}
}));
}
if (class_exists('module_website', false) && module_website::is_plugin_enabled()) {
$fieldset_data['elements'][] = array('title' => module_config::c('project_name_single', 'Website'), 'fields' => array(function () use(&$job) {
echo $user_data['name'];
echo ' on ';
echo print_date($note['date_created'], true);
?>
</td>
</tr>
<tr>
<th>
<?php
echo _l('Updated');
?>
</th>
<td>
<?php
if ($note['update_user_id']) {
$user_data = module_user::get_user($note['update_user_id']);
echo $user_data['name'];
echo ' on ';
echo print_date($note['date_updated'], true);
} else {
echo 'never';
}
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
public function external_hook($hook)
{
switch ($hook) {
case 'event_ipn':
$body = @file_get_contents('php://input');
$event_json = json_decode($body);
ob_start();
echo "UCM coinbase DEBUG:<br><br>JSON: <br>\n";
print_r($event_json);
echo "<br><br>\n";
$success = false;
$bits = explode(':', isset($event_json->order->custom) ? $event_json->order->custom : '');
if (count($bits) == 4) {
// we have our custom bits, invoice_id, invoice_payment_id and hash
// check they are right
$invoice_id = (int) $bits[0];
$invoice_payment_id = (int) $bits[1];
$invoice_payment_subscription_id = (int) $bits[2];
$hash = $bits[3];
$correct_hash = self::get_payment_key($invoice_id, $invoice_payment_id, $invoice_payment_subscription_id, true);
if ($invoice_id && $invoice_payment_id && $hash == $correct_hash) {
// This will send receipts on succesful invoices
// todo - coinbase doesnt sent this callback correctly just yet
if ($event_json && isset($event_json->recurring_payment) && $invoice_payment_subscription_id) {
// status changes on a recurring payment.
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if (!$invoice_payment_subscription['date_start'] || $invoice_payment_subscription['date_start'] == '0000-00-00') {
// no start date yet, set the start date now.
if ($event_json->recurring_payment->status == 'active') {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d')));
}
}
if ($event_json->recurring_payment->status == 'paused' || $event_json->recurring_payment->status == 'canceled') {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_FAILED));
}
}
if ($event_json && isset($event_json->order->status) && $event_json->order->status == 'completed' && isset($event_json->order->total_native) && isset($event_json->order->custom)) {
// crab out the custom bits so we know what to deal with.
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
if ($invoice_payment_subscription_id) {
// this API result is for a subscription payment.
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if ($invoice_payment_subscription && $invoice_payment_subscription['invoice_payment_subscription_id'] == $invoice_payment_subscription_id && $currency['code'] == $event_json->order->total_native->currency_iso) {
if (!$invoice_payment_subscription['date_start'] || $invoice_payment_subscription['date_start'] == '0000-00-00') {
// no start date yet, set the start date now (this should really happen in the above callback, but coinbase isn't working right now)
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d')));
}
// we have a subscription payment. woo!
// this gets a bit tricky, we have to work out if the invoice has been generated for this subscription yet.
// if this invoice hasn't been generated yet then we have to generate it.
// pass this back to the invoice class so we can reuse this feature in the future.
$data = module_invoice::create_new_invoice_for_subscription_payment($invoice_id, $invoice_payment_id, $invoice_payment_subscription_id);
if ($data && $data['invoice_id'] && $data['invoice_payment_id']) {
$next_time = time();
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['days']) . ' days', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['months']) . ' months', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['years']) . ' years', $next_time);
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('date_last_pay' => date('Y-m-d'), 'date_next' => date('Y-m-d', $next_time)));
update_insert("invoice_payment_id", $data['invoice_payment_id'], "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $event_json->order->total_native->cents / 100, 'method' => self::get_payment_method_name() . ' (Subscription)', 'invoice_payment_subscription_id' => $invoice_payment_subscription_id));
self::add_payment_data($data['invoice_payment_id'], 'log', "Invoice Payment Subscription Received!");
self::add_payment_data($data['invoice_payment_id'], 'log', "API IP is " . $_SERVER['REMOTE_ADDR']);
self::add_payment_data($data['invoice_payment_id'], 'log', "Received BTC: " . $event_json->order->total_btc->cents / 10000000);
self::add_payment_data($data['invoice_payment_id'], 'log', "Received " . $event_json->order->total_native->currency_iso . ': ' . $event_json->order->total_native->cents / 100);
self::add_payment_data($data['invoice_payment_id'], 'log', "Destination Address: " . $event_json->order->receive_address);
self::add_payment_data($data['invoice_payment_id'], 'log', "Currency code matches, marking invoice as paid.");
self::add_payment_data($data['invoice_payment_id'], 'log', "Raw Event Data: \n" . json_encode($event_json));
module_invoice::save_invoice($data['invoice_id'], array());
echo "Successful Subscription Payment!";
} else {
send_error("Coinbase Subscription Error (failed to generate new invoice!) " . var_export($data, true));
}
} else {
send_error('Currency code missmatch on coinbase subscription payment');
}
} else {
// this is a normal once off payment.
self::add_payment_data($invoice_payment_id, 'log', "API IP is " . $_SERVER['REMOTE_ADDR']);
self::add_payment_data($invoice_payment_id, 'log', "Received BTC: " . $event_json->order->total_btc->cents / 10000000);
self::add_payment_data($invoice_payment_id, 'log', "Received " . $event_json->order->total_native->currency_iso . ': ' . $event_json->order->total_native->cents / 100);
self::add_payment_data($invoice_payment_id, 'log', "Destination Address: " . $event_json->order->receive_address);
if ($currency['code'] == $event_json->order->total_native->currency_iso) {
self::add_payment_data($invoice_payment_id, 'log', "Currency code matches, marking invoice as paid.");
update_insert("invoice_payment_id", $invoice_payment_id, "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $event_json->order->total_native->cents / 100));
module_invoice::save_invoice($invoice_id, array());
echo "Successful Payment!";
$success = true;
} else {
self::add_payment_data($invoice_payment_id, 'log', "Currency code missmatch, please check settings!");
}
self::add_payment_data($invoice_payment_id, 'log', "Raw Event Data: \n" . json_encode($event_json));
}
}
}
}
$debug = ob_get_clean();
if (module_config::c('coinbase_payment_debug', 0)) {
send_error("Coinbase Debug: {$debug}");
}
exit;
break;
case 'pay_subscription':
$invoice_id = isset($_REQUEST['invoice_id']) ? $_REQUEST['invoice_id'] : false;
$invoice_payment_id = isset($_REQUEST['invoice_payment_id']) ? $_REQUEST['invoice_payment_id'] : false;
$invoice_payment_subscription_id = isset($_REQUEST['invoice_payment_subscription_id']) ? $_REQUEST['invoice_payment_subscription_id'] : false;
$coinbase_plan_id = isset($_REQUEST['coinbase_plan_id']) ? $_REQUEST['coinbase_plan_id'] : false;
$user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : false;
if ($invoice_id && $invoice_payment_id && $coinbase_plan_id && $invoice_payment_subscription_id && $user_id && isset($_POST['coinbaseToken'])) {
$user_data = module_user::get_user($user_id);
$email = isset($_REQUEST['coinbaseEmail']) && strlen($_REQUEST['coinbaseEmail']) ? $_REQUEST['coinbaseEmail'] : $user_data['email'];
if (!$email || !strpos($email, '@')) {
die('Please ensure your user account has a valid email address before paying with coinbase');
}
$invoice_payment = get_single('invoice_payment', 'invoice_payment_id', $invoice_payment_id);
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if (!$invoice_payment || !$invoice_payment_subscription || $invoice_payment['invoice_id'] != $invoice_id || $invoice_payment['invoice_payment_subscription_id'] != $invoice_payment_subscription_id) {
die('Invalid invoice payment subscription id');
}
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$invoice_data = module_invoice::get_invoice($invoice_id);
if ($invoice_payment_data && $invoice_data && $invoice_id == $invoice_data['invoice_id'] && $invoice_payment_data['invoice_id'] == $invoice_data['invoice_id']) {
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
$currency_code = $currency['code'];
$description = isset($_REQUEST['description']) ? $_REQUEST['description'] : 'N/A';
$template = new module_template();
ob_start();
require_once 'includes/plugin_paymethod_coinbase/coinbase-php/lib/coinbase.php';
$coinbase = array("secret_key" => module_config::c('payment_method_coinbase_api_key'), "publishable_key" => module_config::c('payment_method_coinbase_secret_key'));
coinbase::setApiKey($coinbase['secret_key']);
try {
// todo- search for existing customer based on email address???
// todo: check if adding new plan to existing customer work??
$coinbase_customer = coinbase_Customer::create(array("card" => $_POST['coinbaseToken'], "email" => $email, 'metadata' => array('user_id' => $user_id)));
if ($coinbase_customer && $coinbase_customer->id) {
//} && $coinbase_customer->subscriptions){
$coinbase_subscription = $coinbase_customer->subscriptions->create(array('plan' => $coinbase_plan_id));
if ($coinbase_subscription && $coinbase_subscription->id) {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d'), 'coinbase_customer' => $coinbase_customer->id, 'coinbase_subscription' => $coinbase_subscription->id));
module_paymethod_coinbase::add_payment_data($invoice_payment_id, 'log', "Started coinbase Subscription: " . var_export(array('customer.id' => $coinbase_customer->id, 'plan.id' => $coinbase_plan_id, 'subscription.id' => $coinbase_subscription->id), true));
// success!
// redirect to receipt page.
redirect_browser(module_invoice::link_public_payment_complete($invoice_id));
} else {
echo 'Failed to create subscription with coinbase';
}
}
$error = "Something went wrong during coinbase payment. Please confirm invoice payment went through: " . htmlspecialchars($description);
send_error($error);
echo $error;
} catch (coinbase_CardError $e) {
// The card has been declined
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
} catch (Exception $e) {
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
}
$template->content = ob_get_clean();
echo $template->render('pretty_html');
exit;
}
}
echo 'Error paying via coinbase';
exit;
}
}
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$ticket_safe) {
die('failed');
}
$ticket_id = (int) $_REQUEST['ticket_id'];
$ticket = module_ticket::get_ticket($ticket_id);
print_heading(_l('Notify Staff About Ticket: %s', module_ticket::ticket_number($ticket['ticket_id'])));
// template for sending emails.
// are we sending the paid one? or the dueone.
$template = module_template::get_template_by_key('ticket_email_notify');
$ticket['ticket_number'] = module_ticket::ticket_number($ticket['ticket_id']);
$ticket['from_name'] = module_security::get_loggedin_name();
$ticket['ticket_url'] = module_ticket::link_open($ticket_id);
$ticket['ticket_subject'] = $ticket['subject'];
// sending to the staff member.
$to = module_user::get_user($ticket['assigned_user_id']);
$ticket['staff_name'] = $to['name'] . ' ' . $to['last_name'];
$to = array($to);
$template->assign_values($ticket);
module_email::print_compose(array('to' => $to, 'bcc' => module_config::c('admin_email_address', ''), 'content' => $template->render('html'), 'subject' => $template->replace_description(), 'success_url' => module_ticket::link_open($ticket_id), 'cancel_url' => module_ticket::link_open($ticket_id)));
?>
</th>
</tr>
</thead>
<tbody>
<?php
$x = 1;
$c = 1;
$current_revision = array();
$last_revision_id = false;
$next_revision_id = false;
$previous_revision_id = false;
$temp_revision_id = -1;
$custom_highlight_fields = array();
foreach ($data_record_revisions as $data_record_revision) {
$user = module_user::get_user($data_record_revision['create_user_id']);
if ($previous_revision_id && !$next_revision_id) {
$next_revision_id = $data_record_revision['data_record_revision_id'];
}
if ($data_record_revision['data_record_revision_id'] == $view_revision_id) {
$current_revision = $data_record_revision;
$current_revision['number'] = $x;
$previous_revision_id = $temp_revision_id;
}
$temp_revision_id = $data_record_revision['data_record_revision_id'];
?>
<tr class="<?php
echo $c++ % 2 ? "odd" : "even";
?>
">
<td class="row_action"><a href="<?php
});
$columns['role'] = array('title' => 'Role / Permissions', 'callback' => function ($user) use($roles) {
if ($user['user_id'] == 1) {
echo _l('Everything');
} else {
if (isset($user['roles']) && $user['roles']) {
foreach ($user['roles'] as $role) {
echo $roles[$role['security_role_id']]['name'];
}
}
}
});
$columns['can_login'] = array('title' => 'Can Login', 'callback' => function ($user) {
echo module_security::can_user_login($user['user_id']) ? _l('Yes') : _l('No');
});
$table_manager->set_columns($columns);
$table_manager->row_callback = function ($row_data) {
// load the full vendor data before displaying each row so we have access to more details
return module_user::get_user($row_data['user_id']);
};
$table_manager->set_rows($users);
if (class_exists('module_extra', false)) {
$table_manager->display_extra('user', function ($user) {
module_extra::print_table_data('user', $user['user_id']);
});
}
$table_manager->pagination = true;
$table_manager->print_table();
?>
</form>
public static function email_invoice_to_customer($invoice_id, $debug = false)
{
// this is a copy of some of the code in invoie_admin_email.php
// used in the CRON job when sending out automated emails.
$invoice = module_invoice::get_invoice($invoice_id);
// template for sending emails.
// are we sending the paid one? or the dueone.
$template_name = '';
$template_prefix = isset($invoice['invoice_template_email']) && strlen($invoice['invoice_template_email']) ? $invoice['invoice_template_email'] : 'invoice_email';
if (isset($invoice['credit_note_id']) && $invoice['credit_note_id']) {
$template_name = 'credit_note_email';
} else {
if ($invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00') {
$template_name = $template_prefix . '_paid';
} else {
if ($invoice['overdue'] && $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00') {
$template_name = $template_prefix . '_overdue';
} else {
$template_name = $template_prefix . '_due';
}
}
}
$template_name = hook_filter_var('invoice_email_template', $template_name, $invoice_id, $invoice);
if (class_exists('module_company', false) && isset($invoice_data['company_id']) && (int) $invoice_data['company_id'] > 0) {
module_company::set_current_company_id($invoice_data['company_id']);
}
$template = module_template::get_template_by_key($template_name);
if (!$template || $template->template_key != $template_name) {
// backup default templates incase someone has chosen a template that doesn't exist (eg: created invoice_email_MINE_due but not invoice_email_MINE_paid )
$template_prefix = 'invoice_email';
if ($invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00') {
$template_name = $template_prefix . '_paid';
} else {
if ($invoice['overdue'] && $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00') {
$template_name = $template_prefix . '_overdue';
} else {
$template_name = $template_prefix . '_due';
}
}
}
$replace = module_invoice::get_replace_fields($invoice_id, $invoice);
if (defined('_BLOCK_EMAILS') && _BLOCK_EMAILS) {
$pdf = false;
} else {
$pdf = module_invoice::generate_pdf($invoice_id);
}
$send_email_to = array();
$to = array();
if ($invoice['customer_id']) {
$customer = module_customer::get_customer($invoice['customer_id']);
$replace['customer_name'] = $customer['customer_name'];
if ($invoice['user_id']) {
// this invoice has a manually assigned user, only send the invoice to this user.
// todo: should we also send to accounts? not sure - see if peopel complain
$primary = module_user::get_user($invoice['user_id']);
if ($primary) {
$send_email_to[] = $primary;
}
} else {
$to = module_user::get_contacts(array('customer_id' => $invoice['customer_id']));
// hunt for 'accounts' extra field
$field_to_find = strtolower(module_config::c('accounts_extra_field_name', 'Accounts'));
foreach ($to as $contact) {
$extras = module_extra::get_extras(array('owner_table' => 'user', 'owner_id' => $contact['user_id']));
foreach ($extras as $e) {
if (strtolower($e['extra_key']) == $field_to_find) {
// this is the accounts contact - woo!
$send_email_to[] = $contact;
}
}
}
if (!count($send_email_to) && $customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
if ($primary) {
$send_email_to[] = $primary;
}
}
}
} else {
if ($invoice['member_id']) {
$member = module_member::get_member($invoice['member_id']);
$to = array($member);
$replace['customer_name'] = $member['first_name'];
} else {
$to = array();
}
}
$template->assign_values($replace);
$html = $template->render('html');
// send an email to this user.
$email = module_email::new_email();
$email->replace_values = $replace;
// todo: send to all customer contacts ?
if ($send_email_to) {
foreach ($send_email_to as $send_email_t) {
if (!empty($send_email_t['user_id'])) {
$email->set_to('user', $send_email_t['user_id']);
} else {
if (!empty($send_email_t['email'])) {
$email->set_to_manual($send_email_t['email']);
}
}
}
} else {
foreach ($to as $t) {
if (!empty($t['user_id'])) {
$email->set_to('user', $t['user_id']);
} else {
if (!empty($t['email'])) {
$email->set_to_manual($t['email']);
}
}
break;
// only 1? todo: all?
}
}
$email->set_bcc_manual(module_config::c('admin_email_address', ''), '');
//$email->set_from('user',); // nfi
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
if ($pdf) {
$email->add_attachment($pdf);
}
$email->invoice_id = $invoice_id;
$email->customer_id = $invoice['customer_id'];
$email->prevent_duplicates = true;
if ($email->send($debug)) {
// it worked successfully!!
// record a log on the invoice when it's done.
self::email_sent(array('invoice_id' => $invoice_id, 'template_name' => $template_name));
return true;
} else {
/// log err?
return false;
}
}
public static function get_replace_fields($quote_id, $quote_data = false)
{
if (!$quote_data) {
$quote_data = self::get_quote($quote_id);
}
$data = array('quote_number' => htmlspecialchars($quote_data['name']), 'quote_name' => htmlspecialchars($quote_data['name']), 'project_type' => _l(module_config::c('project_name_single', 'Website')), 'print_link' => self::link_public_print($quote_id), 'quote_url' => self::link_public($quote_id), 'title' => module_config::s('admin_system_name'), 'create_date' => print_date($quote_data['date_create']));
if (isset($quote_data['customer_id']) && $quote_data['customer_id']) {
$customer_data = module_customer::get_replace_fields($quote_data['customer_id'], $quote_data['contact_user_id'] ? $quote_data['contact_user_id'] : false);
$data = array_merge($data, $customer_data);
// so we get total_amount_due and stuff.
}
$user_details = array('staff_first_name' => '', 'staff_last_name' => '', 'staff_email' => '', 'staff_phone' => '', 'staff_fax' => '', 'staff_mobile' => '');
if (isset($quote_data['user_id']) && $quote_data['user_id']) {
$user_data = module_user::get_user($quote_data['user_id'], false);
if ($user_data && $user_data['user_id'] == $quote_data['user_id']) {
$user_details = array('staff_first_name' => $user_data['name'], 'staff_last_name' => $user_data['last_name'], 'staff_email' => $user_data['email'], 'staff_phone' => $user_data['phone'], 'staff_fax' => $user_data['fax'], 'staff_mobile' => $user_data['mobile']);
}
}
$data = array_merge($data, $user_details);
foreach ($quote_data as $key => $val) {
if (strpos($key, 'date') !== false) {
$quote_data[$key] = print_date($val);
}
}
if (isset($quote_data['description'])) {
$quote_data['description'] = module_security::purify_html($quote_data['description']);
}
// $customer_data = $quote_data['customer_id'] ? module_customer::get_replace_fields($quote_data['customer_id']) : array();
// $website_data = $quote_data['website_id'] ? module_website::get_replace_fields($quote_data['website_id']) : array();
// $data = array_merge($data,$customer_data,$website_data,$quote_data);
$data = array_merge($data, $quote_data);
$website_url = $project_names = $project_names_and_url = array();
if ($quote_data['website_id']) {
$website_data = module_website::get_website($quote_data['website_id']);
if ($website_data && $website_data['website_id'] == $quote_data['website_id']) {
if (isset($website_data['url']) && $website_data['url']) {
$website_url[$website_data['website_id']] = module_website::urlify($website_data['url']);
$website_data['name_url'] = $website_data['name'] . ' (' . module_website::urlify($website_data['url']) . ')';
} else {
$website_data['name_url'] = $website_data['name'];
}
$project_names[$website_data['website_id']] = $website_data['name'];
$project_names_and_url[$website_data['website_id']] = $website_data['name_url'];
$fields = module_website::get_replace_fields($website_data['website_id'], $website_data);
foreach ($fields as $key => $val) {
if (!isset($data[$key]) || !$data[$key] && $val) {
$data[$key] = $val;
}
}
}
}
$data['website_name'] = $data['project_name'] = forum_text(count($project_names) ? implode(', ', $project_names) : '');
$data['website_name_url'] = forum_text(count($project_names_and_url) ? implode(', ', $project_names_and_url) : '');
$data['website_url'] = forum_text(count($website_url) ? implode(', ', $website_url) : '');
if (class_exists('module_group', false) && module_group::is_plugin_enabled()) {
// get the quote groups
$wg = array();
$g = array();
if ($quote_id > 0) {
$quote_data = module_quote::get_quote($quote_id);
foreach (module_group::get_groups_search(array('owner_table' => 'quote', 'owner_id' => $quote_id)) as $group) {
$g[$group['group_id']] = $group['name'];
}
/*// get the website groups
foreach(module_group::get_groups_search(array(
'owner_table' => 'website',
'owner_id' => $quote_data['website_id'],
)) as $group){
$wg[$group['group_id']] = $group['name'];
}*/
}
$data['quote_group'] = implode(', ', $g);
/*$data['website_group'] = implode(', ',$wg);*/
}
// addition. find all extra keys for this quote and add them in.
// we also have to find any EMPTY extra fields, and add those in as well.
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
$all_extra_fields = module_extra::get_defaults('quote');
foreach ($all_extra_fields as $e) {
$data[$e['key']] = _l('N/A');
}
// and find the ones with values:
$extras = module_extra::get_extras(array('owner_table' => 'quote', 'owner_id' => $quote_id));
foreach ($extras as $e) {
$data[$e['extra_key']] = $e['extra'];
}
}
// also do this for customer fields
/*if($quote_data['customer_id']){
$all_extra_fields = module_extra::get_defaults('customer');
foreach($all_extra_fields as $e){
$data[$e['key']] = _l('N/A');
}
$extras = module_extra::get_extras(array('owner_table'=>'customer','owner_id'=>$quote_data['customer_id']));
foreach($extras as $e){
$data[$e['extra_key']] = $e['extra'];
}
}*/
return $data;
}
public static function get_finances($search = array())
{
// we have to search for recent transactions. this involves combining the "finance" table with the "invoice_payment" table
// then sort the results by date
$hide_invoice_payments = false;
$sql = "SELECT f.* ";
$sql .= " , fa.name AS account_name ";
$sql .= " , GROUP_CONCAT(fc.`name` ORDER BY fc.`name` ASC SEPARATOR ', ') AS categories ";
$sql .= " FROM `" . _DB_PREFIX . "finance` f ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_account` fa USING (finance_account_id) ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_category_rel` fcr ON f.finance_id = fcr.finance_id ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_category` fc ON fcr.finance_category_id = fc.finance_category_id ";
$where = " WHERE 1 ";
if (isset($search['finance_account_id']) && is_array($search['finance_account_id'])) {
$fo = array();
foreach ($search['finance_account_id'] as $val) {
if ((int) $val > 0) {
$fo[(int) $val] = true;
}
}
if (count($fo) > 0) {
$where .= " AND ( ";
foreach ($fo as $f => $ff) {
$where .= " f.finance_account_id = " . $f . ' OR';
}
$where = rtrim($where, 'OR');
$where .= ' )';
$hide_invoice_payments = true;
}
}
if (isset($search['finance_recurring_id']) && $search['finance_recurring_id']) {
$where .= " AND f.finance_recurring_id = '" . (int) $search['finance_recurring_id'] . "'";
$hide_invoice_payments = true;
}
if (isset($search['finance_category_id']) && is_array($search['finance_category_id'])) {
$fo = array();
foreach ($search['finance_category_id'] as $val) {
if ((int) $val > 0) {
$fo[(int) $val] = true;
}
}
if (count($fo) > 0) {
$where .= " AND EXISTS ( SELECT * FROM `" . _DB_PREFIX . "finance_category_rel` fcr2 WHERE fcr2.finance_id = f.finance_id AND ( ";
foreach ($fo as $f => $ff) {
$where .= " fcr2.finance_category_id = " . $f . ' OR';
}
$where = rtrim($where, 'OR');
$where .= ' )';
$where .= ' )';
$hide_invoice_payments = true;
}
}
if (isset($search['invoice_payment_id']) && $search['invoice_payment_id']) {
$where .= " AND f.invoice_payment_id = '" . (int) $search['invoice_payment_id'] . "'";
$hide_invoice_payments = true;
}
// below 6 searches are repeated again below in invoice payments
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$where .= " AND f.`job_id` = " . (int) $search['job_id'];
}
if (isset($search['invoice_id']) && (int) $search['invoice_id'] > 0) {
$where .= " AND f.`invoice_id` = " . (int) $search['invoice_id'];
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND f.`customer_id` = " . (int) $search['customer_id'];
}
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON f.customer_id = cc.customer_id ";
$where .= " AND ( cc.`company_id` = " . (int) $search['company_id'] . " OR f.`company_id` = " . (int) $search['company_id'] . " )";
}
}
}
if (isset($search['generic']) && strlen(trim($search['generic']))) {
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (f.`name` LIKE '%{$name}%' OR f.description LIKE '%{$name}%' )";
}
if (isset($search['date_from']) && $search['date_from'] != '') {
$where .= " AND f.transaction_date >= '" . input_date($search['date_from']) . "'";
}
if (isset($search['date_to']) && $search['date_to'] != '') {
$where .= " AND f.transaction_date <= '" . input_date($search['date_to']) . "'";
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND f.amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND f.amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
if (isset($search['type']) && $search['type'] != '' && $search['type'] != 'ie') {
$where .= " AND f.type = '" . mysql_real_escape_string($search['type']) . "'";
}
// permissions from job module.
/*switch(module_job::get_job_access_permissions()){
case _JOB_ACCESS_ALL:
break;
case _JOB_ACCESS_ASSIGNED:
// only assigned jobs!
//$from .= " LEFT JOIN `"._DB_PREFIX."task` t ON u.job_id = t.job_id ";
//u.user_id = ".(int)module_security::get_loggedin_id()." OR
$where .= " AND (t.user_id = ".(int)module_security::get_loggedin_id().")";
break;
case _JOB_ACCESS_CUSTOMER:
break;
}*/
// permissions from customer module.
// tie in with customer permissions to only get jobs from customers we can access.
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND f.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$where .= " GROUP BY f.finance_id ";
$where .= " ORDER BY f.transaction_date DESC ";
$sql .= $where;
$finances_from_finance_db_table = qa($sql);
// invoice payments:
$finance_from_invoice_payments = array();
$finance_from_job_staff_expenses = array();
if (!$hide_invoice_payments && (!isset($search['invoice_id']) || !(int) $search['invoice_id'] > 0)) {
$sql = "SELECT j.*, f.finance_id AS existing_finance_id ";
$sql .= " FROM `" . _DB_PREFIX . "job` j ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance` f ON j.job_id = f.job_id AND f.job_staff_expense > 0 ";
$where = " WHERE 1 ";
//j.date_completed != '0000-00-00' ";
$where .= " AND j.`c_staff_total_amount` > 0 ";
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$where .= " AND (j.`job_id` = " . (int) $search['job_id'] . " ) ";
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND j.`customer_id` = " . (int) $search['customer_id'];
}
/*if(isset($search['generic']) && strlen(trim($search['generic']))){
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
}*/
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON j.customer_id = cc.customer_id ";
$where .= " AND cc.`company_id` = " . (int) $search['company_id'];
}
}
}
if (isset($search['date_from']) && $search['date_from'] != '') {
$where .= " AND j.date_completed >= '" . input_date($search['date_from']) . "'";
}
if (isset($search['date_to']) && $search['date_to'] != '') {
$where .= " AND j.date_completed <= '" . input_date($search['date_to']) . "'";
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND j.c_staff_total_amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND j.c_staff_total_amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
switch (module_job::get_job_access_permissions()) {
case _JOB_ACCESS_ALL:
break;
case _JOB_ACCESS_ASSIGNED:
// only assigned jobs!
$sql .= " LEFT JOIN `" . _DB_PREFIX . "task` t ON j.job_id = t.job_id ";
$where .= " AND (j.user_id = " . (int) module_security::get_loggedin_id() . " OR t.user_id = " . (int) module_security::get_loggedin_id() . ")";
break;
case _JOB_ACCESS_CUSTOMER:
// tie in with customer permissions to only get jobs from customers we can access.
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND j.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
break;
}
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND j.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$sql .= $where . " GROUP BY j.job_id ORDER BY j.date_completed DESC ";
//echo $sql;
$finance_from_job_staff_expenses = array();
$res = qa($sql);
foreach ($res as $finance) {
// we have a job with staff expenses. split this up into gruops based on staff members.
$staff_total_grouped = false;
if (isset($finance['c_staff_total_grouped']) && strlen($finance['c_staff_total_grouped'])) {
$staff_total_grouped = @unserialize($finance['c_staff_total_grouped']);
}
if ($staff_total_grouped === false) {
// echo 'here: ';
// var_dump($finance);
// var_dump($staff_total_grouped);
$job_data = module_job::get_job($finance['job_id']);
$staff_total_grouped = $job_data['staff_total_grouped'];
}
if (is_array($staff_total_grouped)) {
foreach ($staff_total_grouped as $staff_id => $staff_total) {
$staff_member = module_user::get_user($staff_id);
if ($staff_member && $staff_member['user_id'] == $staff_id) {
// make sure this entry doesn't already exist in the database table for this job
// there MAY be an existing entry if 'existing_finance_id' is set
if ($finance['existing_finance_id'] > 0) {
// check if it exists for this staff member.
$existing = get_single('finance', array('job_id', 'job_staff_expense', 'amount'), array($finance['job_id'], $staff_id, $staff_total));
if ($existing) {
// match exists already, skip adding this one to the list.
continue;
}
}
//$finance = self::_format_invoice_payment($finance, $finance);
//$finance['url'] = module_job::link_open($finance['job_id'],false,$finance);
$finance['url'] = module_finance::link_open('new', false) . '&job_staff_expense=' . $staff_id . '&from_job_id=' . $finance['job_id'];
$finance['transaction_date'] = $finance['date_completed'];
$finance['description'] = _l('Job Expense For Staff Member: %s', $staff_member['name'] . ' ' . $staff_member['last_name']);
//"Exiting: ".$finance['existing_finance_id'].": ".
$finance['amount'] = $staff_total;
$finance['debit'] = $staff_total;
$finance['sub_amount'] = $staff_total;
$finance['taxable_amount'] = $staff_total;
$finance['credit'] = 0;
$finance['type'] = 'e';
$finance_from_job_staff_expenses[] = $finance;
}
}
}
}
}
if (!$hide_invoice_payments) {
$sql = "SELECT p.*, i.customer_id ";
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
// show entries by invoice create date, not payment date.
$sql .= " , i.date_create AS transaction_date ";
} else {
// default, show by paid date.
$sql .= " , p.date_paid AS transaction_date ";
}
$sql .= " FROM `" . _DB_PREFIX . "invoice_payment` p ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "invoice` i ON p.invoice_id = i.invoice_id ";
$where = " WHERE p.date_paid != '0000-00-00' ";
$where .= " AND p.`amount` != 0 ";
$where .= " AND ( p.`payment_type` = " . _INVOICE_PAYMENT_TYPE_NORMAL . " OR p.`payment_type` = " . _INVOICE_PAYMENT_TYPE_REFUND . ' OR p.`payment_type` = ' . _INVOICE_PAYMENT_TYPE_OVERPAYMENT_CREDIT . ' OR p.`payment_type` = ' . _INVOICE_PAYMENT_TYPE_CREDIT . ')';
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "invoice_item` ii ON i.invoice_id = ii.invoice_id";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "task` t ON ii.task_id = t.task_id";
$where .= " AND (t.`job_id` = " . (int) $search['job_id'] . " OR i.`deposit_job_id` = " . (int) $search['job_id'] . " ) ";
}
if (isset($search['invoice_id']) && (int) $search['invoice_id'] > 0) {
$where .= " AND p.`invoice_id` = " . (int) $search['invoice_id'];
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND i.`customer_id` = " . (int) $search['customer_id'];
}
/*if(isset($search['generic']) && strlen(trim($search['generic']))){
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
}*/
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON i.customer_id = cc.customer_id ";
$where .= " AND cc.`company_id` = " . (int) $search['company_id'];
}
}
}
if (isset($search['date_from']) && $search['date_from'] != '') {
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
$where .= " AND i.date_create >= '" . input_date($search['date_from']) . "'";
} else {
$where .= " AND p.date_paid >= '" . input_date($search['date_from']) . "'";
}
}
if (isset($search['date_to']) && $search['date_to'] != '') {
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
$where .= " AND i.date_create <= '" . input_date($search['date_to']) . "'";
} else {
$where .= " AND p.date_paid <= '" . input_date($search['date_to']) . "'";
}
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND p.amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND p.amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
if (isset($search['type']) && $search['type'] != '' && $search['type'] != 'ie') {
if ($search['type'] == 'i') {
$where .= " AND p.amount > 0";
} else {
if ($search['type'] == 'e') {
$where .= " AND p.amount < 0";
}
}
}
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND i.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$sql .= $where . " ORDER BY p.date_paid DESC ";
//echo $sql;
$finance_from_invoice_payments = qa($sql);
foreach ($finance_from_invoice_payments as $finance_id => $finance) {
// doesn't have an finance / account reference just yet.
// but they can create one and this will become a child entry to it.
$finance = self::_format_invoice_payment($finance, $finance);
/*if(!isset($finance['customer_id']) || !$finance['customer_id']){
$invoice_data = module_invoice::get_invoice($finance['invoice_id'],2);
$finance['customer_id'] = $invoice_data['customer_id'];
}*/
// grab a new name/descriptino/etc.. from other plugins (at the moment only subscription)
/*$new_finance = hook_handle_callback('finance_invoice_listing',$finance['invoice_id'],$finance);
if(is_array($new_finance) && count($new_finance)){
foreach($new_finance as $n){
$finance = array_merge($finance,$n);
}
}*/
$finance_from_invoice_payments[$finance_id] = $finance;
}
if (isset($search['generic']) && strlen(trim($search['generic']))) {
$name = mysql_real_escape_string(trim($search['generic']));
// $where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
// we have to do a PHP search here because
foreach ($finance_from_invoice_payments as $finance_id => $finance) {
if (stripos($finance['name'], $name) === false && stripos($finance['description'], $name) === false) {
unset($finance_from_invoice_payments[$finance_id]);
}
}
}
}
$finances = array_merge($finances_from_finance_db_table, $finance_from_invoice_payments, $finance_from_job_staff_expenses);
unset($finances_from_finance_db_table);
unset($finance_from_invoice_payments);
unset($finance_from_job_staff_expenses);
// sort this
if (!function_exists('sort_finance')) {
function sort_finance($a, $b)
{
$t1 = strtotime($a['transaction_date']);
$t2 = strtotime($b['transaction_date']);
if ($t1 == $t2) {
// sort by finance id, putting ones with a finance id first before others. then amount.
if (isset($a['finance_id']) && !isset($b['finance_id'])) {
// put $a before $b
return -1;
} else {
if (!isset($a['finance_id']) && isset($b['finance_id'])) {
// put $b before $a
return 1;
} else {
return $a['amount'] > $b['amount'];
}
}
} else {
return $t1 < $t2;
}
}
}
uasort($finances, 'sort_finance');
foreach ($finances as $finance_id => $finance) {
// we load each of these transactions
// transaction can be a "transaction" or an "invoice_payment"
// find out if this transaction is a child transaction to another transaction.
// if it is a child transaction and we haven't already dispayed it in this listing
// then we find the parent transaction and display it along with all it's children in this place.
// this wont be perfect all the time but will be awesome in 99% of cases.
if (isset($finance['finance_id']) && $finance['finance_id']) {
// displayed before already?
if (isset($displayed_finance_ids[$finance['finance_id']])) {
$finances[$displayed_finance_ids[$finance['finance_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
}
$displayed_finance_ids[$finance['finance_id']] = $finance_id;
if (isset($finance['invoice_payment_id']) && $finance['invoice_payment_id']) {
$displayed_invoice_payment_ids[$finance['invoice_payment_id']] = $finance_id;
// so we dont display again.
}
} else {
if (isset($finance['invoice_payment_id']) && $finance['invoice_payment_id'] && isset($finance['invoice_id']) && $finance['invoice_id']) {
// this is an invoice payment (incoming payment)
// displayed before already?
if (isset($displayed_invoice_payment_ids[$finance['invoice_payment_id']])) {
$finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]] = array_merge($finance, $finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]]);
$finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
}
$displayed_invoice_payment_ids[$finance['invoice_payment_id']] = $finance_id;
// so we dont display again.
} else {
if (isset($finance['c_staff_total_amount'])) {
// staff expense.
} else {
// nfi?
unset($finances[$finance_id]);
continue;
}
}
}
if (isset($finance['parent_finance_id']) && $finance['parent_finance_id']) {
// check if it's parent finance id has been displayed already somewhere.
if (isset($displayed_finance_ids[$finance['parent_finance_id']])) {
$finances[$displayed_finance_ids[$finance['parent_finance_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
// already done it on this page.
}
$displayed_finance_ids[$finance['parent_finance_id']] = $finance_id;
// we haven't displayed the parent one yet.
// display the parent one in this listing.
$finance = self::get_finance($finance['parent_finance_id']);
}
/*if(isset($finance['invoice_payment_id']) && $finance['invoice_payment_id'] && isset($finance['invoice_id']) && $finance['invoice_id']){
// moved to above.
}else*/
if (isset($finance['finance_id']) && $finance['finance_id']) {
$finance['url'] = self::link_open($finance['finance_id'], false);
$finance['credit'] = $finance['type'] == 'i' ? $finance['amount'] : 0;
$finance['debit'] = $finance['type'] == 'e' ? $finance['amount'] : 0;
if (!isset($finance['categories'])) {
$finance['categories'] = '';
}
if (!isset($finance['account_name'])) {
$finance['account_name'] = '';
}
}
if (isset($finance['taxes']) && !isset($finance['sub_amount'])) {
$finance['sub_amount'] = $finance['amount'];
foreach ($finance['taxes'] as $tax) {
if (isset($tax['amount'])) {
$finance['sub_amount'] -= $tax['amount'];
}
}
}
$finance['link_count'] = 0;
$finances[$finance_id] = $finance;
}
return $finances;
}
private static function send_job_task_email($job_id, $task_id, $reason)
{
$return_messages = array();
if (module_config::c('job_send_staff_task_email_automatically', 0) && $reason == 'created') {
// send the same emial as if going to job_admin_email_staff.php
$task_data = self::get_task($job_id, $task_id);
$job_data = self::get_job($job_id);
if ($task_data['user_id'] > 0 && $task_data['user_id'] != module_security::get_loggedin_id()) {
$staff = module_user::get_user($task_data['user_id']);
if ($staff && $staff['user_id'] == $task_data['user_id'] && !(module_config::c('job_staff_email_skip_complete', 0) && $task_data['fully_completed'])) {
$template = module_template::get_template_by_key('job_staff_email');
$job_data['job_name'] = $job_data['name'];
$job_data['staff_name'] = $staff['name'];
$job_data['job_url'] = module_job::link_open($job_id);
$job_data['job_tasks'] = '<ul>';
$job_data['task_count'] = 0;
//foreach($job_tasks as $job_task){
$job_task = $task_data;
//if($job_task['user_id']!=$staff_id)continue;
//if(module_config::c('job_staff_email_skip_complete',0)&&$job_task['fully_completed'])continue;
$job_data['job_tasks'] .= '<li><strong>' . $job_task['description'] . '</strong>';
if ($job_task['fully_completed']) {
$job_data['job_tasks'] .= ' <span style="color: #99cc00; font-weight:bold;">(' . _l('complete') . ')</span>';
}
$job_data['job_tasks'] .= ' <br/>';
if ($job_task['long_description']) {
$job_data['job_tasks'] .= _l('Notes:') . ' <em>' . $job_task['long_description'] . '</em><br/>';
}
if ($job_task['date_due'] && $job_task['date_due'] != '0000-00-00') {
$job_data['job_tasks'] .= _l('Date Due:') . ' ' . print_date($job_task['date_due']) . '<br/>';
}
if ($job_task['hours']) {
$job_data['job_tasks'] .= _l('Assigned Hours:') . ' ' . $job_task['hours'] . '<br/>';
}
if ($job_task['completed']) {
$job_data['job_tasks'] .= _l('Completed Hours:') . ' ' . $job_task['completed'] . '<br/>';
}
$job_data['job_tasks'] .= '</li>';
$job_data['task_count']++;
//}
$job_data['job_tasks'] .= '</ul>';
// find available "to" recipients.
// customer contacts.
$to = array();
$to[] = array('name' => $staff['name'], 'email' => $staff['email']);
$html = $template->render('html');
// send an email to this user.
$email = module_email::new_email();
$email->replace_values = $job_data;
$email->set_to('user', $staff['user_id']);
$email->set_bcc_manual(module_config::c('admin_email_address', ''), '');
//$email->set_from('user',); // nfi
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
$email->job_id = $job_id;
$email->prevent_duplicates = true;
if ($email->send(false)) {
self::add_history($job_id, _l('Job task emailed to staff successfully'));
$return_messages[] = _l(' and email sent to staff %s', $staff['name']);
} else {
/// log err?
}
}
}
}
if (module_config::c('job_send_task_completion_email_automatically', 0) && isset($_POST['confirm_job_task_email'])) {
$task_data = self::get_task($job_id, $task_id);
$job_data = self::get_job($job_id);
if ($task_data['fully_completed'] && $job_data['customer_id']) {
$template_name = 'job_task_completion_email';
/*if(class_exists('module_company',false) && isset($invoice_data['company_id']) && (int)$invoice_data['company_id']>0){
module_company::set_current_company_id($invoice_data['company_id']);
}*/
$template = module_template::get_template_by_key($template_name);
$replace = module_job::get_replace_fields($job_id, $job_data);
$to_select = false;
if ($job_data['customer_id']) {
$customer = module_customer::get_customer($job_data['customer_id']);
$replace['customer_name'] = $customer['customer_name'];
$to = module_user::get_contacts(array('customer_id' => $job_data['customer_id']));
if ($customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
if ($primary) {
$to_select = $primary['email'];
}
}
} else {
$to = array();
}
$replace['job_name'] = $job_data['name'];
$replace['task_description'] = $task_data['description'];
$template->assign_values($replace);
$html = $template->render('html');
// send an email to this user.
$email = module_email::new_email();
$email->replace_values = $replace;
// todo: send to all customer contacts ?
if ($to_select) {
$email->set_to_manual($to_select);
} else {
foreach ($to as $t) {
$email->set_to_manual($t['email']);
break;
// only 1? todo: all?
}
}
$email->set_bcc_manual(module_config::c('admin_email_address', ''), '');
//$email->set_from('user',); // nfi
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
$email->job_id = $job_id;
$email->customer_id = $job_data['customer_id'];
$email->prevent_duplicates = true;
if ($email->send(false)) {
// it worked successfully!!
// record a log on the invoice when it's done.
/*self::email_sent(array(
'invoice_id' => $invoice_id,
'template_name' => $template_name,
));*/
self::add_history($job_id, _l('Job task emailed to customer successfully'));
$return_messages[] = _l(' and email sent to customer');
} else {
// log err?
}
}
}
// if we are approving or rejecting job tasks with a message.
if (isset($_POST['job_task'][$task_id]['approval_actioned']) && $_POST['job_task'][$task_id]['approval_actioned']) {
$task_data = self::get_task($job_id, $task_id);
$job_data = self::get_job($job_id);
if ($task_data['user_id'] > 0) {
$staff = module_user::get_user($task_data['user_id']);
if ($staff && $staff['user_id'] == $task_data['user_id'] && !(module_config::c('job_staff_email_skip_complete', 0) && $task_data['fully_completed'])) {
$template = module_template::get_template_by_key('job_task_approval');
$job_data['job_name'] = $job_data['name'];
$job_data['staff_name'] = $staff['name'];
$job_data['job_url'] = module_job::link_open($job_id);
$job_data['approved_or_rejected'] = $_POST['job_task'][$task_id]['approval_required'] == 2 ? _l('Rejected') : _l('Approved');
$job_data['message'] = isset($_POST['job_task'][$task_id]['approval_message']) ? $_POST['job_task'][$task_id]['approval_message'] : _l('N/A');
$job_data['job_task'] = '<ul>';
$job_data['task_count'] = 0;
//foreach($job_tasks as $job_task){
$job_task = $task_data;
//if($job_task['user_id']!=$staff_id)continue;
//if(module_config::c('job_staff_email_skip_complete',0)&&$job_task['fully_completed'])continue;
$job_data['job_task'] .= '<li><strong>' . $job_task['description'] . '</strong>';
if ($job_task['fully_completed']) {
$job_data['job_task'] .= ' <span style="color: #99cc00; font-weight:bold;">(' . _l('complete') . ')</span>';
}
$job_data['job_task'] .= ' <br/>';
if ($job_task['long_description']) {
$job_data['job_task'] .= _l('Notes:') . ' <em>' . $job_task['long_description'] . '</em><br/>';
}
if ($job_task['date_due'] && $job_task['date_due'] != '0000-00-00') {
$job_data['job_task'] .= _l('Date Due:') . ' ' . print_date($job_task['date_due']) . '<br/>';
}
if ($job_task['hours']) {
$job_data['job_task'] .= _l('Assigned Hours:') . ' ' . $job_task['hours'] . '<br/>';
}
if (isset($job_task['completed']) && $job_task['completed']) {
$job_data['job_task'] .= _l('Completed Hours:') . ' ' . (isset($job_task['completed']) ? $job_task['completed'] : '') . '<br/>';
}
$job_data['job_task'] .= '</li>';
$job_data['task_count']++;
//}
$job_data['job_task'] .= '</ul>';
// find available "to" recipients.
// customer contacts.
$to = array();
$to[] = array('name' => $staff['name'], 'email' => $staff['email']);
$template->assign_values($job_data);
$html = $template->render('html');
// send an email to this user.
$email = module_email::new_email();
$email->replace_values = $job_data;
$email->set_to('user', $staff['user_id']);
$email->set_bcc_manual(module_config::c('admin_email_address', ''), '');
//$email->set_from('user',); // nfi
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
$email->job_id = $job_id;
$email->prevent_duplicates = true;
if ($email->send(false)) {
self::add_history($job_id, _l('Job task emailed to staff successfully'));
$return_messages[] = _l(' and email sent to staff %s', $staff['name']);
} else {
/// log err?
}
}
}
}
if (count($return_messages)) {
return array('message' => implode(' ', $return_messages));
}
return false;
}
}));
if ($invoice['customer_id']) {
$c = array();
$res = module_user::get_contacts(array('customer_id' => $invoice['customer_id']));
if (isset($invoice['primary_user_id']) && $invoice['primary_user_id']) {
$primary_contact = isset($res[$invoice['primary_user_id']]) ? $res[$invoice['primary_user_id']] : false;
} else {
$primary_contact = false;
}
$c[0] = _l('Primary (%s)', $primary_contact ? htmlspecialchars($primary_contact['name'] . ' ' . $primary_contact['last_name']) : _l('N/A'));
while ($row = array_shift($res)) {
$c[$row['user_id']] = $row['name'] . ' ' . $row['last_name'];
}
if ($invoice['user_id'] && !isset($c[$invoice['user_id']])) {
// this option isn't in the listing. add it in.
$user_temp = module_user::get_user($invoice['user_id'], false);
$c[$invoice['user_id']] = $user_temp['name'] . ' ' . $user_temp['last_name'] . ' ' . _l('(under different customer)');
}
$fieldset_data['elements'][] = array('title' => 'Contact', 'field' => array('type' => 'select', 'name' => 'user_id', 'value' => $invoice['user_id'], 'options' => $c, 'blank' => false));
}
echo module_form::generate_fieldset($fieldset_data);
unset($fieldset_data);
if ((int) $invoice_id > 0) {
hook_handle_callback('invoice_sidebar', $invoice_id);
}
if ($invoice_id && $invoice_id != 'new') {
$note_summary_owners = array();
// generate a list of all possible notes we can display for this invoice.
// display all the notes which are owned by all the sites we have access to
if (class_exists('module_note', false) && module_note::is_plugin_enabled()) {
module_note::display_notes(array('title' => 'Invoice Notes', 'owner_table' => 'invoice', 'owner_id' => $invoice_id, 'view_link' => module_invoice::link_open($invoice_id), 'public' => array('enabled' => true, 'title' => 'Public', 'text' => 'Yes, show this note in invoice', 'help' => 'If this is ticked then this note will be available to the customer and will be included in the {INVOICE_NOTES} shortcode in the invoice template.')));
public static function process_login($redirect = true, $captcha_check = true)
{
if ($captcha_check && module_config::c('login_recaptcha', 0)) {
// ignore captcha check from auto_login call (sets $captcha_check=false)
if (!module_captcha::check_captcha_form()) {
// captcha was wrong.
set_error('Sorry the captcha code you entered was incorrect. Please try again.');
return;
//_e('Sorry the captcha code you entered was incorrect. Please <a href="%s" onclick="%s">go back</a> and try again.','#','window.history.go(-1); return false;');
//exit;
}
}
$email = trim($_REQUEST['email']);
$password = trim($_REQUEST['password']);
$_SESSION['_AVA_logged_in'] = false;
if (strlen($email) && strlen($password)) {
// a user logs in, and they can access a certain areas of the website based on their permissions.
// each user is assigned a site.
// all data in the system is related to a particular site.
// we store the users current site id in the system.
// this way when the security 'sanatise' option runs we know which site_id to place into newly created date and
// which site_id's the user can access if they are not super admins
// update! we match hashed passwords, as well as unhashed passwords.
$sql = "SELECT * FROM `" . _DB_PREFIX . "user` WHERE `email` LIKE '" . mysql_real_escape_string($email) . "' AND ( `password` = '" . mysql_real_escape_string($password) . "' OR `password` = '" . mysql_real_escape_string(md5($password)) . "' )";
$res = qa1($sql);
if (strlen(trim($res['email'])) > 0 && strtolower($res['email']) == strtolower($email)) {
// check the status of the user.
// not sure what this will do.
if (isset($res['linked_parent_user_id']) && $res['linked_parent_user_id'] > 0) {
// swap to this user
$parent_user = module_user::get_user($res['linked_parent_user_id'], false, false);
if ($parent_user && $res['linked_parent_user_id'] == $parent_user['user_id']) {
// login as this user instead.
$res = $parent_user;
}
}
//if(!$res['status_id'] && $res['user_id']!=1){ // 0 is inactive. 1 is active.
// check this user has permissions to login.
if ($res['user_id'] != 1 && !self::can_user_login($res['user_id'])) {
set_error('Account disabled');
if ($redirect) {
$_SERVER['REQUEST_URI'] = preg_replace('/auto_login=[^&]*&?/', '', $_SERVER['REQUEST_URI']);
redirect_browser($_SERVER['REQUEST_URI']);
}
return false;
}
$_SESSION['_AVA_logged_in'] = true;
// todo - find out all their links.
/*if(isset($res['linked_parent_user_id']) && $res['linked_parent_user_id'] == $res['user_id']){
// this user is a primary user.
$_SESSION['_restrict_customer_id'] = array();
$_SESSION['_restrict_customer_id'][$res['customer_id']] = $res['customer_id'];
foreach(module_user::get_contact_customer_links($res['user_id']) as $linked){
$_SESSION['_restrict_customer_id'][$linked['customer_id']] = $linked['customer_id'];
}
}else{
// oldschool permissions.
$_SESSION['_restrict_customer_id'] = $res['customer_id'];
}*/
// find the access level from the security_access table.
/*$level = self::get_access_level($res['user_id']);
$_SESSION['_access_level'] = $level['access_level'];
$_SESSION['_data_access'] = $level['data_access'];*/
$sql = "INSERT INTO `" . _DB_PREFIX . "security_login` SET user_id = '" . $res['user_id'] . "', `time` = '" . time() . "', ip_address = '" . $_SERVER['REMOTE_ADDR'] . "'";
query($sql);
$_SESSION['_user_name'] = $res['name'];
$_SESSION['_user_email'] = $res['email'];
$_SESSION['_user_id'] = $res['user_id'];
/*if(!$res['user_type_id']){
$res['user_type_id'] = 2; // default to a 'contact' ..
module_user::set_user_type($res['user_id'],2);
}
$_SESSION['_user_type_id'] = $res['user_type_id'];*/
$_SESSION['_language'] = $res['language'];
set_message(_l("You have successfully logged in."));
if ($redirect) {
$_SERVER['REQUEST_URI'] = preg_replace('/auto_login=[^&]*&?/', '', $_SERVER['REQUEST_URI']);
redirect_browser($_SERVER['REQUEST_URI']);
exit;
}
return true;
}
}
set_error('Invalid username or password, please try again.');
return true;
}
public static function print_note($note_id, $note_item, $display_summary = false, $can_edit = true, $can_delete = true, $options = array())
{
if (!$note_item) {
$note_item = self::get_note($note_id);
}
static $x = 0;
global $plugins;
$can_view = $can_edit = $can_create = $can_delete = false;
// re-check permissions...
if (isset($options) && isset($options['owner_table']) && $options['owner_table'] && isset($options['title']) && $options['title']) {
$can_view = $plugins[$options['owner_table']]->can_i('view', $options['title']);
$can_edit = $plugins[$options['owner_table']]->can_i('edit', $options['title']);
$can_create = $plugins[$options['owner_table']]->can_i('create', $options['title']);
$can_delete = $plugins[$options['owner_table']]->can_i('delete', $options['title']);
} else {
}
if (!module_security::is_page_editable()) {
//$can_edit=$can_create=$can_delete=false;
}
if (isset($options['summary_owners'])) {
unset($options['summary_owners']);
}
if (isset($options['display_summary'])) {
unset($options['display_summary']);
}
//
if (!trim($note_item['note'])) {
$note_item['note'] = 'none';
}
ob_start();
/** START TABLE LAYOUT **/
$table_manager = module_theme::new_table_manager();
$columns = array();
$columns['date'] = array('title' => 'Date', 'width' => 60, 'callback' => function ($note_item) {
if ($note_item['reminder']) {
echo '<strong>';
}
echo print_date($note_item['note_time']);
if ($note_item['reminder']) {
echo '</strong>';
}
});
$columns['description'] = array('title' => 'Description', 'callback' => function ($note_item) {
if (isset($note_item['public']) && $note_item['public']) {
echo '* ';
}
if ($note_item['can_edit']) {
$note_text = nl2br(htmlspecialchars(substr($note_item['note'], 0, module_config::c('note_trim_length', 35))));
$note_text .= strlen($note_item['note']) > module_config::c('note_trim_length', 35) ? '...' : '';
?>
<a href="<?php
echo module_note::link_open($note_item['note_id'], false, $note_item['options']);
?>
" data-options="<?php
echo htmlspecialchars(base64_encode(serialize($note_item['options'])));
?>
" class="note_edit note_options_link" rel="<?php
echo $note_item['note_id'];
?>
"> <?php
echo $note_text;
?>
</a>
<?php
} else {
echo forum_text($note_item['note']);
}
});
$columns['info'] = array('title' => 'Info', 'width' => 40, 'callback' => function ($note_item) {
if ($note_item['display_summary']) {
if ($note_item['rel_data']) {
global $plugins;
echo $plugins[$note_item['owner_table']]->link_open($note_item['owner_id'], true);
}
} else {
// find the user name who made thsi note.
$user_data = module_user::get_user($note_item['create_user_id']);
echo $user_data['name'];
}
});
if ($can_delete) {
$columns['del'] = array('title' => ' ', 'callback' => function ($note_item) {
if ($note_item['can_delete']) {
?>
<a href="<?php
echo module_note::link_open($note_item['note_id'], false, array_merge($note_item['options'], array('do_delete' => 'yes', 'note_id' => $note_item['note_id'])));
?>
" data-options="<?php
echo htmlspecialchars(base64_encode(serialize(array_merge($note_item['options'], array('do_delete' => 'yes', 'note_id' => $note_item['note_id'])))));
?>
" rel="<?php
echo $note_item['note_id'];
?>
" onclick="if(confirm('<?php
_e('Really Delete Note?');
?>
'))return true; else return false;" class="note_delete note_options_link delete ui-state-default ui-corner-all ui-icon ui-icon-trash">[x]</a> <?php
}
});
}
$table_manager->set_columns($columns);
$table_manager->inline_table = true;
$table_manager->row_callback = function ($row_data, &$row_object) use($display_summary, $can_edit, $can_delete, &$options) {
$row_data['display_summary'] = $display_summary;
$row_data['can_edit'] = $can_edit;
$row_data['can_delete'] = $can_delete;
$row_data['options'] = $options;
$row_object->row_id = 'note_' . $row_data['note_id'];
return $row_data;
};
$table_manager->print_row($note_item);
/*?>
<tr id="note_<?php echo $note_item['note_id'];?>" class="<?php echo ($x++%2)?'odd':'even';?>">
<td>
<?php
if($note_item['reminder'])echo '<strong>';
echo print_date($note_item['note_time']);
if($note_item['reminder'])echo '</strong>';
?>
</td>
<td>
<?php
if(isset($note_item['public']) && $note_item['public'])echo '* ';
if($can_edit){
$note_text = nl2br(htmlspecialchars(substr($note_item['note'],0,module_config::c('note_trim_length',35))));
$note_text .= strlen($note_item['note']) > module_config::c('note_trim_length',35) ? '...' : '';
?>
<a href="<?php echo self::link_open($note_item['note_id'],false,$options);?>" data-options="<?php echo htmlspecialchars(base64_encode(serialize($options)));?>" class="note_edit note_options_link" rel="<?php echo $note_item['note_id'];?>"> <?php echo $note_text; ?> </a>
<?php }else{
echo forum_text($note_item['note']);
} ?>
</td>
<td nowrap="nowrap">
<?php
if($display_summary){
if($note_item['rel_data']){
echo $plugins[$note_item['owner_table']]->link_open($note_item['owner_id'],true);
}
}else{
// find the user name who made thsi note.
$user_data = module_user::get_user($note_item['create_user_id']);
echo $user_data['name'];
}
?>
</td>
<?php if($can_delete){ ?>
<td><a href="<?php echo self::link_open($note_item['note_id'],false,array_merge($options,array('do_delete'=>'yes','note_id'=>$note_item['note_id'])));?>" data-options="<?php echo htmlspecialchars(base64_encode(serialize(array_merge($options,array('do_delete'=>'yes','note_id'=>$note_item['note_id'])))));?>" rel="<?php echo $note_item['note_id'];?>" onclick="if(confirm('<?php _e('Really Delete Note?');?>'))return true; else return false;" class="note_delete note_options_link delete ui-state-default ui-corner-all ui-icon ui-icon-trash">[x]</a></td>
<?php } ?>
</tr>
<?php
*/
return ob_get_clean();
}
/**
* @static
* @param $ticket_id
* @return array
*
* return a ticket recipient ready for sending a newsletter based on the ticket id.
*
*/
public static function get_newsletter_recipient($ticket_id, $basic = false)
{
if ($basic) {
$sql = "SELECT u.*, u.name AS user_name, t.* FROM `" . _DB_PREFIX . "ticket` t LEFT JOIN `" . _DB_PREFIX . "user` u USING (user_id) WHERE t.ticket_id = " . (int) $ticket_id;
$ticket = qa1($sql);
if ($ticket && $ticket['user_id']) {
$name_parts = explode(" ", preg_replace('/\\s+/', ' ', $ticket['user_name']));
$ticket['first_name'] = array_shift($name_parts);
$ticket['last_name'] = implode(' ', $name_parts);
} else {
return false;
}
} else {
$ticket = self::get_ticket($ticket_id);
if (!$ticket || !(int) $ticket['ticket_id'] || !(int) $ticket['user_id']) {
return false;
}
// doesn't exist any more
// some other details the newsletter system might need.
$contact = module_user::get_user($ticket['user_id'], false);
$name_parts = explode(" ", preg_replace('/\\s+/', ' ', $contact['name']));
$ticket['first_name'] = array_shift($name_parts);
$ticket['last_name'] = implode(' ', $name_parts);
$ticket['email'] = $contact['email'];
$ticket['public_link'] = self::link_public($ticket_id);
$ticket['ticket_number'] = self::ticket_number($ticket_id);
$ticket['ticket_subject'] = $ticket['subject'];
unset($ticket['subject']);
if ($ticket['status_id'] == 2 || $ticket['status_id'] == 3 || $ticket['status_id'] == 5) {
$ticket['pending_status'] = _l('%s out of %s tickets', ordinal($ticket['position']), $ticket['total_pending']);
} else {
$ticket['pending_status'] = 'ticket completed';
}
$ticket['_edit_link'] = self::link_open($ticket_id, false, $ticket);
}
return $ticket;
}
