<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!_UCM_INSTALLED) {
module_security::logout();
}
$setup_errors = false;
// see if we can write to a file, ext.php or design_menu.php
if (!touch(_UCM_FOLDER . 'cron.php') || !touch(_UCM_FOLDER . 'ext.php') || !touch(_UCM_FOLDER . 'design_menu.php')) {
set_error('Sorry, the base folder <strong>' . _UCM_FOLDER . '</strong> is not writable by PHP. Please contact your hosting provider and ask for this folder to be set writable by PHP. Or change the permissions to writable (777 in most cases) using your FTP program.');
$setup_errors = true;
}
// check folder permissions and the like.
$temp_folder = _UCM_FOLDER . "temp/";
if (!is_dir($temp_folder) || !is_writable($temp_folder)) {
if ($temp_folder === false) {
// doesn't exist.
$temp_folder = '/temp/';
}
set_error('Sorry, the folder <strong>' . $temp_folder . '</strong> is not writable. Please contact your hosting provider and ask for this folder to be set writable by PHP. Or change the permissions to writable using your FTP program.');
$setup_errors = true;
}
// check folder permissions and the like.
public function external_hook($hook)
{
switch ($hook) {
case 'public_signup_form':
$signup_form = module_template::get_template_by_key('customer_signup_form_wrapper');
$signup_form->page_title = $signup_form->description;
$signup_form->assign_values(array('signup_form' => self::get_customer_signup_form_html()));
echo $signup_form->render('pretty_html');
exit;
case 'public_signup':
// sign out if testing.
if (module_security::is_logged_in()) {
set_message('Logged out due to signup');
module_security::logout();
}
$result = array('messages' => array());
function customer_signup_complete($result)
{
if (isset($_REQUEST['via_ajax'])) {
echo json_encode($result);
} else {
echo implode('<br/>', $result['messages']);
}
exit;
}
if (!module_config::c('customer_signup_allowed', 0)) {
$result['error'] = 1;
$result['messages'][] = 'Customer signup disabled';
customer_signup_complete($result);
}
//recaptcha on signup form.
if (module_config::c('captcha_on_signup_form', 0)) {
if (!module_captcha::check_captcha_form()) {
$result['error'] = 1;
$result['messages'][] = 'Captcha fail, please go back and enter correct captcha code.';
customer_signup_complete($result);
}
}
$customer = isset($_POST['customer']) && is_array($_POST['customer']) ? $_POST['customer'] : array();
$contact = isset($_POST['contact']) && is_array($_POST['contact']) ? $_POST['contact'] : array();
$contact_extra = isset($contact['extra']) && is_array($contact['extra']) ? $contact['extra'] : array();
$contact_group = isset($contact['group_ids']) && is_array($contact['group_ids']) ? $contact['group_ids'] : array();
$customer_extra = isset($customer['extra']) ? $customer['extra'] : array();
$customer_group = isset($customer['group_ids']) && is_array($customer['group_ids']) ? $customer['group_ids'] : array();
$address = isset($_POST['address']) ? $_POST['address'] : array();
$website = isset($_POST['website']) ? $_POST['website'] : array();
$website_extra = isset($website['extra']) ? $website['extra'] : array();
$website_group = isset($website['group_ids']) && is_array($website['group_ids']) ? $website['group_ids'] : array();
$job = isset($_POST['job']) ? $_POST['job'] : array();
$job_extra = isset($job['extra']) ? $job['extra'] : array();
$subscription = isset($_POST['subscription']) ? $_POST['subscription'] : array();
// sanatise possibly problematic fields:
// customer:
$allowed = array('name', 'last_name', 'customer_name', 'email', 'phone', 'mobile', 'extra', 'type');
foreach ($customer as $key => $val) {
if (!in_array($key, $allowed)) {
unset($customer[$key]);
}
}
if (isset($customer['type']) && $customer['type'] != _CUSTOMER_TYPE_NORMAL && $customer['type'] != _CUSTOMER_TYPE_LEAD) {
unset($customer['type']);
}
// added multiple contact support in the form of arrays.
$contact_fields = array('name', 'last_name', 'email', 'phone');
if (module_config::c('customer_signup_password', 0)) {
$contact_fields[] = 'password';
}
foreach ($contact_fields as $multi_value) {
if (isset($contact[$multi_value])) {
if (!is_array($contact[$multi_value])) {
$contact[$multi_value] = array($contact[$multi_value]);
}
} else {
if (isset($customer[$multi_value])) {
$contact[$multi_value] = array($customer[$multi_value]);
} else {
$contact[$multi_value] = array();
}
}
}
$valid_contact_email = false;
$name_fallback = false;
$primary_email = false;
foreach ($contact['email'] as $contact_key => $email) {
if (!$name_fallback && isset($contact['name'][$contact_key])) {
$name_fallback = $contact['name'][$contact_key];
}
$contact['email'][$contact_key] = filter_var(strtolower(trim($email)), FILTER_VALIDATE_EMAIL);
if ($contact['email'][$contact_key]) {
$valid_contact_email = true;
if (!$primary_email) {
$primary_email = $contact['email'][$contact_key];
// set the primary contact details here by adding them to the master customer array
foreach ($contact_fields as $primary_contact_field) {
$customer[$primary_contact_field] = isset($contact[$primary_contact_field][$contact_key]) ? $contact[$primary_contact_field][$contact_key] : '';
unset($contact[$primary_contact_field][$contact_key]);
}
}
}
}
// start error checking / required fields
if (!isset($customer['customer_name']) || !strlen($customer['customer_name'])) {
$customer['customer_name'] = $name_fallback;
}
if (!strlen($customer['customer_name'])) {
$result['error'] = 1;
$result['messages'][] = "Failed, please go back and provide a customer name.";
}
if (!$valid_contact_email || !$primary_email) {
$result['error'] = 1;
$result['messages'][] = "Failed, please go back and provide an email address.";
}
// check all posted required fields.
function check_required($postdata, $messages = array())
{
if (is_array($postdata)) {
foreach ($postdata as $key => $val) {
if (strpos($key, '_required') && strlen($val)) {
$required_key = str_replace('_required', '', $key);
if (!isset($postdata[$required_key]) || !$postdata[$required_key]) {
$messages[] = 'Required field missing: ' . htmlspecialchars($val);
}
}
if (is_array($val)) {
$messages = check_required($val, $messages);
}
}
}
return $messages;
}
$messages = check_required($_POST);
if (count($messages)) {
$result['error'] = 1;
$result['messages'] = array_merge($result['messages'], $messages);
}
if (isset($result['error'])) {
customer_signup_complete($result);
}
// end error checking / required fields.
// check if this customer already exists in the system, based on email address
$customer_id = false;
$creating_new = true;
$_REQUEST['user_id'] = 0;
if (isset($customer['email']) && strlen($customer['email']) && !module_config::c('customer_signup_always_new', 0)) {
$users = module_user::get_contacts(array('email' => $customer['email']));
foreach ($users as $user) {
if (isset($user['customer_id']) && (int) $user['customer_id'] > 0) {
// this user exists as a customer! yey!
// add them to this listing.
$customer_id = $user['customer_id'];
$creating_new = false;
$_REQUEST['user_id'] = $user['user_id'];
// dont let signups update existing passwords.
if (isset($customer['password'])) {
unset($customer['password']);
}
if (isset($customer['new_password'])) {
unset($customer['new_password']);
}
}
}
}
$_REQUEST['extra_customer_field'] = array();
$_REQUEST['extra_user_field'] = array();
module_extra::$config['allow_new_keys'] = false;
module_extra::$config['delete_existing_empties'] = false;
// save customer extra fields.
if (count($customer_extra)) {
// format the address so "save_customer" handles the save for us
foreach ($customer_extra as $key => $val) {
$_REQUEST['extra_customer_field'][] = array('key' => $key, 'val' => $val);
}
}
// save customer and customer contact details:
$customer_id = $this->save_customer($customer_id, $customer);
if (!$customer_id) {
$result['error'] = 1;
$result['messages'][] = 'System error: failed to create customer.';
customer_signup_complete($result);
}
$customer_data = module_customer::get_customer($customer_id);
// todo - merge primary and secondary contact/extra/group saving into a single loop
if (!$customer_data['primary_user_id']) {
$result['error'] = 1;
$result['messages'][] = 'System error: Failed to create customer contact.';
customer_signup_complete($result);
} else {
$role_id = module_config::c('customer_signup_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($customer_data['primary_user_id'], $role_id);
}
// save contact extra data (repeated below for additional contacts)
if (isset($contact_extra[0]) && count($contact_extra[0])) {
$_REQUEST['extra_user_field'] = array();
foreach ($contact_extra[0] as $key => $val) {
$_REQUEST['extra_user_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('user', 'user_id', $customer_data['primary_user_id']);
}
// save contact groups
if (isset($contact_group[0]) && count($contact_group[0])) {
foreach ($contact_group[0] as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $customer_data['primary_user_id'], 'user');
}
}
}
}
foreach ($contact['email'] as $contact_key => $email) {
// add any additional contacts to the customer.
$users = module_user::get_contacts(array('email' => $email, 'customer_id' => $customer_id));
if (count($users)) {
// this contact already exists for this customer, dont update/change it.
continue;
}
$new_contact = array('customer_id' => $customer_id);
foreach ($contact_fields as $primary_contact_field) {
$new_contact[$primary_contact_field] = isset($contact[$primary_contact_field][$contact_key]) ? $contact[$primary_contact_field][$contact_key] : '';
}
// dont let additional contacts have passwords.
if (isset($new_contact['password'])) {
unset($new_contact['password']);
}
if (isset($new_contact['new_password'])) {
unset($new_contact['new_password']);
}
global $plugins;
$contact_user_id = $plugins['user']->create_user($new_contact, 'signup');
if ($contact_user_id) {
$role_id = module_config::c('customer_signup_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($contact_user_id, $role_id);
}
// save contact extra data (repeated below for primary contacts)
if (isset($contact_extra[$contact_key]) && count($contact_extra[$contact_key])) {
$_REQUEST['extra_user_field'] = array();
foreach ($contact_extra[$contact_key] as $key => $val) {
$_REQUEST['extra_user_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('user', 'user_id', $contact_user_id);
}
// save contact groups
if (isset($contact_group[$contact_key]) && count($contact_group[$contact_key])) {
foreach ($contact_group[$contact_key] as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $contact_user_id, 'user');
}
}
}
}
}
if (count($customer_group)) {
// format the address so "save_customer" handles the save for us
foreach ($customer_group as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $customer_id, 'customer');
}
}
}
$note_keys = array('customer', 'website', 'job', 'address', 'subscription');
$note_text = _l('Customer signed up from Signup Form:');
$note_text .= "\n\n";
foreach ($note_keys as $note_key) {
$note_text .= "\n" . ucwords(_l($note_key)) . "\n";
if (isset($_POST[$note_key]) && is_array($_POST[$note_key])) {
foreach ($_POST[$note_key] as $post_key => $post_val) {
$note_text .= "\n - " . _l($post_key) . ": ";
if (is_array($post_val)) {
foreach ($post_val as $p => $v) {
$note_text .= "\n - - " . _l($p) . ': ' . $v;
}
} else {
$note_text .= $post_val;
}
}
}
}
$note_data = array('note_id' => false, 'owner_id' => $customer_id, 'owner_table' => 'customer', 'note_time' => time(), 'note' => $note_text, 'rel_data' => module_customer::link_open($customer_id), 'reminder' => 0, 'user_id' => 0);
update_insert('note_id', false, 'note', $note_data);
// save customer address fields.
if (count($address)) {
$address_db = module_address::get_address($customer_id, 'customer', 'physical');
$address_id = $address_db && isset($address_db['address_id']) ? (int) $address_db['address_id'] : false;
$address['owner_id'] = $customer_id;
$address['owner_table'] = 'customer';
$address['address_type'] = 'physical';
// we have post data to save, write it to the table!!
module_address::save_address($address_id, $address);
}
// website:
$allowed = array('url', 'name', 'extra', 'notes');
foreach ($website as $key => $val) {
if (!in_array($key, $allowed)) {
unset($website[$key]);
}
}
$website['url'] = isset($website['url']) ? strtolower(trim($website['url'])) : '';
$website_id = 0;
if (count($website) && class_exists('module_website', false) && module_website::is_plugin_enabled()) {
if (strlen($website['url'])) {
// see if website already exists, don't create or update existing one for now.
$existing_websites = module_website::get_websites(array('customer_id' => $customer_id, 'url' => $website['url']));
foreach ($existing_websites as $existing_website) {
$website_id = $existing_website['website_id'];
}
}
// echo $website_id;echo $website['url']; print_r($website_extra);exit;
if (!$website_id) {
$website_data = module_website::get_website($website_id);
$website_data['url'] = isset($website['url']) ? $website['url'] : 'N/A';
$website_data['name'] = isset($website['url']) ? $website['url'] : 'N/A';
$website_data['customer_id'] = $customer_id;
$website_id = update_insert('website_id', false, 'website', $website_data);
// save website extra data.
if ($website_id && count($website_extra)) {
$_REQUEST['extra_website_field'] = array();
foreach ($website_extra as $key => $val) {
$_REQUEST['extra_website_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('website', 'website_id', $website_id);
}
if ($website_id && isset($website['notes']) && strlen($website['notes'])) {
// add notes to this website.
$note_data = array('note_id' => false, 'owner_id' => $website_id, 'owner_table' => 'website', 'note_time' => time(), 'note' => $website['notes'], 'rel_data' => module_website::link_open($website_id), 'reminder' => 0, 'user_id' => $customer_data['primary_user_id']);
$note_id = update_insert('note_id', false, 'note', $note_data);
}
}
if ($website_id) {
if (count($website_group)) {
// format the address so "save_customer" handles the save for us
foreach ($website_group as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $website_id, 'website');
}
}
}
}
}
// generate jobs for this customer.
$job_created = array();
if ($job && isset($job['type']) && is_array($job['type'])) {
if (module_config::c('customer_signup_any_job_type', 0)) {
foreach ($job['type'] as $type_name) {
// we have a match in our system. create the job.
$job_data = module_job::get_job(false);
$job_data['type'] = $type_name;
if (!$job_data['name']) {
$job_data['name'] = $type_name;
}
$job_data['website_id'] = $website_id;
$job_data['customer_id'] = $customer_id;
$job_id = update_insert('job_id', false, 'job', $job_data);
// todo: add default tasks for this job type.
$job_created[] = $job_id;
}
} else {
foreach (module_job::get_types() as $type_id => $type) {
foreach ($job['type'] as $type_name) {
if ($type_name == $type) {
// we have a match in our system. create the job.
$job_data = module_job::get_job(false);
$job_data['type'] = $type;
if (!$job_data['name']) {
$job_data['name'] = $type;
}
$job_data['website_id'] = $website_id;
$job_data['customer_id'] = $customer_id;
$job_id = update_insert('job_id', false, 'job', $job_data);
// todo: add default tasks for this job type.
$job_created[] = $job_id;
}
}
}
}
if (count($job_created) && count($job_extra)) {
// save job extra data.
foreach ($job_created as $job_created_id) {
if ($job_created_id && count($job_extra)) {
$_REQUEST['extra_job_field'] = array();
foreach ($job_extra as $key => $val) {
$_REQUEST['extra_job_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('job', 'job_id', $job_created_id);
}
}
}
}
// save files against customer
$uploaded_files = array();
if (isset($_FILES['customerfiles']) && isset($_FILES['customerfiles']['tmp_name'])) {
foreach ($_FILES['customerfiles']['tmp_name'] as $file_id => $tmp_file) {
if (is_uploaded_file($tmp_file)) {
// save to file module for this customer
$file_name = basename($_FILES['customerfiles']['name'][$file_id]);
if (strlen($file_name)) {
$file_path = 'includes/plugin_file/upload/' . md5(time() . $file_name);
if (move_uploaded_file($tmp_file, $file_path)) {
// success! write to db.
$file_data = array('customer_id' => $customer_id, 'job_id' => current($job_created), 'website_id' => $website_id, 'status' => module_config::c('file_default_status', 'Uploaded'), 'pointers' => false, 'description' => "Uploaded from Customer Signup form", 'file_time' => time(), 'file_name' => $file_name, 'file_path' => $file_path, 'file_url' => false);
$file_id = update_insert('file_id', false, 'file', $file_data);
$uploaded_files[] = $file_id;
}
}
}
}
}
// we create subscriptions for this customer/website (if none already exist)
$subscription['subscription_name'] = array();
$subscription['subscription_invoice'] = array();
if (class_exists('module_subscription', false) && module_subscription::is_plugin_enabled() && isset($subscription['for']) && isset($subscription['subscriptions'])) {
if ($subscription['for'] == 'website' && $website_id > 0) {
$owner_table = 'website';
$owner_id = $website_id;
} else {
$owner_table = 'customer';
$owner_id = $customer_id;
}
$available_subscriptions = module_subscription::get_subscriptions();
$members_subscriptions = module_subscription::get_subscriptions_by($owner_table, $owner_id);
foreach ($subscription['subscriptions'] as $subscription_id => $tf) {
if (isset($available_subscriptions[$subscription_id])) {
if (isset($members_subscriptions[$subscription_id])) {
// we don't allow a member to sign up to the same subscription twice (just yet)
} else {
$subscription['subscription_name'][$subscription_id] = $available_subscriptions[$subscription_id]['name'];
$start_date = date('Y-m-d');
$start_modifications = module_config::c('customer_signup_subscription_start', '');
if ($start_modifications == 'hidden') {
$start_modifications = isset($_REQUEST['customer_signup_subscription_start']) ? $_REQUEST['customer_signup_subscription_start'] : '';
}
if (!empty($start_modifications)) {
$start_date = date('Y-m-d', strtotime($start_modifications));
}
$sql = "INSERT INTO `" . _DB_PREFIX . "subscription_owner` SET ";
$sql .= " owner_id = '" . (int) $owner_id . "'";
$sql .= ", owner_table = '" . mysql_real_escape_string($owner_table) . "'";
$sql .= ", subscription_id = '" . (int) $subscription_id . "'";
$sql .= ", start_date = '{$start_date}'";
query($sql);
module_subscription::update_next_due_date($subscription_id, $owner_table, $owner_id, true);
// and the same option here to send a subscription straight away upon signup
if (module_config::c('subscription_send_invoice_straight_away', 0)) {
global $plugins;
$plugins['subscription']->run_cron();
// check if there are any invoices for this subscription
$history = module_subscription::get_subscription_history($subscription_id, $owner_table, $owner_id);
if (count($history) > 0) {
foreach ($history as $h) {
if ($h['invoice_id']) {
$invoice_data = module_invoice::get_invoice($h['invoice_id']);
if ($invoice_data['date_cancel'] != '0000-00-00') {
continue;
}
$subscription['subscription_invoice'][] = '<a href="' . module_invoice::link_public($h['invoice_id']) . '">' . _l('Invoice #%s for %s', htmlspecialchars($invoice_data['name']), dollar($invoice_data['total_amount'], true, $invoice_data['currency_id'])) . '</a>';
}
}
}
}
}
}
}
}
if (!count($subscription['subscription_name'])) {
$subscription['subscription_name'][] = _l('N/A');
}
if (!count($subscription['subscription_invoice'])) {
$subscription['subscription_invoice'][] = _l('N/A');
}
$subscription['subscription_name'] = implode(', ', $subscription['subscription_name']);
$subscription['subscription_invoice'] = implode(', ', $subscription['subscription_invoice']);
// email the admin when a customer signs up.
$values = array_merge($customer, $customer_extra, $website, $website_extra, $address, $subscription);
$values['customer_name'] = $customer['customer_name'];
$values['CUSTOMER_LINK'] = module_customer::link_open($customer_id);
$values['CUSTOMER_NAME_LINK'] = module_customer::link_open($customer_id, true);
if ($website_id) {
$values['WEBSITE_LINK'] = module_website::link_open($website_id);
$values['WEBSITE_NAME_LINK'] = module_website::link_open($website_id, true);
} else {
$values['WEBSITE_LINK'] = _l('N/A');
$values['WEBSITE_NAME_LINK'] = _l('N/A');
}
$values['JOB_LINKS'] = '';
if (count($job_created)) {
$values['JOB_LINKS'] .= 'The customer created ' . count($job_created) . ' jobs in the system: <br>';
foreach ($job_created as $job_created_id) {
$values['JOB_LINKS'] .= module_job::link_open($job_created_id, true) . "<br>\n";
}
} else {
$values['JOB_LINKS'] = _l('N/A');
}
if (count($uploaded_files)) {
$values['uploaded_files'] = 'The customer uploaded ' . count($uploaded_files) . " files:<br>\n";
foreach ($uploaded_files as $uploaded_file) {
$values['uploaded_files'] .= module_file::link_open($uploaded_file, true) . "<br>\n";
}
} else {
$values['uploaded_files'] = 'No files were uploaded';
}
$values['WEBSITE_NAME'] = isset($website['url']) ? $website['url'] : 'N/A';
if (!$creating_new) {
$values['system_note'] = "Note: this signup updated the existing customer record in the system.";
} else {
$values['system_note'] = "Note: this signup created a new customer record in the system.";
}
$customer_signup_template = module_config::c('customer_signup_email_admin_template', 'customer_signup_email_admin');
if (isset($_REQUEST['customer_signup_email_admin_template'])) {
$customer_signup_template = $_REQUEST['customer_signup_email_admin_template'];
}
if ($customer_signup_template) {
$template = module_template::get_template_by_key($customer_signup_template);
if ($template->template_id) {
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->replace_values = $values;
$email->set_subject($template->description);
$email->set_to_manual(module_config::c('customer_signup_admin_email', module_config::c('admin_email_address')));
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
} else {
/// log err?
}
}
}
$customer_signup_template = module_config::c('customer_signup_email_welcome_template', 'customer_signup_email_welcome');
if (isset($_REQUEST['customer_signup_email_welcome_template'])) {
$customer_signup_template = $_REQUEST['customer_signup_email_welcome_template'];
}
if ($customer_signup_template) {
$template = module_template::get_template_by_key($customer_signup_template);
if ($template->template_id) {
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->customer_id = $customer_id;
$email->replace_values = $values;
$email->set_subject($template->description);
$email->set_to('user', $customer_data['primary_user_id']);
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
} else {
/// log err?
}
}
}
//todo: optional redirect to url
if (isset($_REQUEST['via_ajax'])) {
echo json_encode(array('success' => 1, 'customer_id' => $customer_id));
exit;
}
if (module_config::c('customer_signup_redirect', '')) {
redirect_browser(module_config::c('customer_signup_redirect', ''));
}
// load up the thank you template.
$template = module_template::get_template_by_key('customer_signup_thank_you_page');
$template->page_title = _l("Customer Signup");
foreach ($values as $key => $val) {
if (!is_array($val)) {
$values[$key] = htmlspecialchars($val);
}
}
$template->assign_values($values);
echo $template->render('pretty_html');
exit;
break;
}
}
