/**
* save invite
*
* @param int $id
* @param UserTable $user
*/
private function saveInviteEdit( $id, $user )
{
global $_CB_framework, $_CB_database, $_PLUGINS;
$row = new InviteTable();
$row->load( (int) $id );
$isModerator = CBGroupJive::isModerator( $user->get( 'id' ) );
$groupId = $this->input( 'group', null, GetterInterface::INT );
if ( $groupId === null ) {
$group = $row->group();
} else {
$group = CBGroupJive::getGroup( $groupId );
}
$returnUrl = $_CB_framework->pluginClassUrl( $this->element, false, array( 'action' => 'groups', 'func' => 'show', 'id' => (int) $group->get( 'id' ) ) );
if ( ! CBGroupJive::canAccessGroup( $group, $user ) ) {
cbRedirect( $returnUrl, CBTxt::T( 'Group does not exist.' ), 'error' );
} elseif ( $row->get( 'id' ) && ( $user->get( 'id' ) != $row->get( 'user_id' ) ) ) {
cbRedirect( $returnUrl, CBTxt::T( 'You do not have sufficient permissions to edit this invite.' ), 'error' );
} elseif ( ! $isModerator ) {
if ( ( $group->get( 'published' ) == -1 ) || ( ( ! $this->params->get( 'groups_invites_display', 1 ) ) && ( $group->get( 'type' ) != 3 ) ) ) {
cbRedirect( $returnUrl, CBTxt::T( 'You do not have access to invites in this group.' ), 'error' );
} elseif ( ( ! $row->get( 'id' ) ) && ( ! CBGroupJive::canCreateGroupContent( $user, $group, 'invites' ) ) ) {
cbRedirect( $returnUrl, CBTxt::T( 'You do not have sufficient permissions to create an invite in this group.' ), 'error' );
}
}
$skipCaptcha = false;
$row->set( 'message', $this->input( 'post/message', $row->get( 'message' ), GetterInterface::STRING ) );
if ( ! $row->get( 'id' ) ) {
$row->set( 'user_id', (int) $row->get( 'user_id', $user->get( 'id' ) ) );
$row->set( 'group', (int) $group->get( 'id' ) );
$to = $this->input( 'post/to', null, GetterInterface::STRING );
$selected = (int) $this->input( 'post/selected', 0, GetterInterface::INT );
if ( $selected ) {
$token = $this->input( 'post/token', null, GetterInterface::STRING );
if ( $token ) {
if ( $token == md5( $row->get( 'user_id' ) . $to . $row->get( 'group' ) . $row->get( 'message' ) . $_CB_framework->getCfg( 'secret' ) ) ) {
$skipCaptcha = true;
$row->set( 'user', (int) $selected );
}
} elseif ( $this->params->get( 'groups_invites_list', 0 ) ) {
$connections = array();
$cbConnection = new cbConnection( (int) $user->get( 'id' ) );
foreach( $cbConnection->getConnectedToMe( (int) $user->get( 'id' ) ) as $connection ) {
$connections[] = (int) $connection->id;
}
if ( in_array( $selected, $connections ) ) {
$row->set( 'user', (int) $selected );
}
}
} else {
$inviteByLimit = explode( '|*|', $this->params->get( 'groups_invites_by', '1|*|2|*|3|*|4' ) );
if ( ! $inviteByLimit ) {
$inviteByLimit = array( 1, 2, 3, 4 );
}
$recipient = new UserTable();
if ( in_array( 1, $inviteByLimit ) && $recipient->load( (int) $to ) ) {
$row->set( 'user', (int) $recipient->get( 'id' ) );
} elseif ( in_array( 4, $inviteByLimit ) && cbIsValidEmail( $to ) ) {
if ( $recipient->load( array( 'email' => $to ) ) ) {
$row->set( 'user', (int) $recipient->get( 'id' ) );
} else {
$row->set( 'email', $to );
}
} elseif ( in_array( 2, $inviteByLimit ) && $recipient->load( array( 'username' => $to ) ) ) {
$row->set( 'user', (int) $recipient->get( 'id' ) );
} elseif ( in_array( 3, $inviteByLimit ) ) {
$query = 'SELECT cb.' . $_CB_database->NameQuote( 'id' )
. "\n FROM " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS cb"
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__users' ) . " AS j"
. ' ON j.' . $_CB_database->NameQuote( 'id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' )
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__groupjive_users' ) . " AS u"
. ' ON u.' . $_CB_database->NameQuote( 'user_id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' )
. ' AND u.' . $_CB_database->NameQuote( 'group' ) . ' = ' . (int) $group->get( 'id' )
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__groupjive_invites' ) . " AS i"
. ' ON i.' . $_CB_database->NameQuote( 'group' ) . ' = ' . (int) $group->get( 'id' )
. ' AND i.' . $_CB_database->NameQuote( 'user' ) . ' = cb.' . $_CB_database->NameQuote( 'id' )
. "\n WHERE j." . $_CB_database->NameQuote( 'name' ) . " LIKE " . $_CB_database->Quote( '%' . $_CB_database->getEscaped( $to, true ) . '%', false )
. "\n AND cb." . $_CB_database->NameQuote( 'approved' ) . " = 1"
. "\n AND cb." . $_CB_database->NameQuote( 'confirmed' ) . " = 1"
. "\n AND j." . $_CB_database->NameQuote( 'block' ) . " = 0"
. "\n AND u." . $_CB_database->NameQuote( 'id' ) . " IS NULL"
. "\n AND i." . $_CB_database->NameQuote( 'id' ) . " IS NULL"
. "\n ORDER BY j." . $_CB_database->NameQuote( 'registerDate' ) . " DESC";
$_CB_database->setQuery( $query, 0, 15 );
$users = $_CB_database->loadResultArray();
if ( $users ) {
if ( count( $users ) > 1 ) {
CBGroupJive::getTemplate( 'invite_list' );
CBuser::advanceNoticeOfUsersNeeded( $users );
HTML_groupjiveInviteList::showInviteList( $to, $users, $row, $group, $user, $this );
return;
} else {
$row->set( 'user', (int) $users[0] );
}
}
}
}
}
if ( ( ! $isModerator ) && $this->params->get( 'groups_create_captcha', 0 ) && ( ! $skipCaptcha ) ) {
$_PLUGINS->loadPluginGroup( 'user' );
$_PLUGINS->trigger( 'onCheckCaptchaHtmlElements', array() );
if ( $_PLUGINS->is_errors() ) {
$row->setError( $_PLUGINS->getErrorMSG() );
}
}
$new = ( $row->get( 'id' ) ? false : true );
if ( $row->getError() || ( ! $row->check() ) ) {
$_CB_framework->enqueueMessage( CBTxt::T( 'GROUP_INVITE_FAILED_TO_SAVE', 'Invite failed to save! Error: [error]', array( '[error]' => $row->getError() ) ), 'error' );
$this->showInviteEdit( $id, $user );
return;
}
if ( $row->getError() || ( ! $row->store() ) ) {
$_CB_framework->enqueueMessage( CBTxt::T( 'GROUP_INVITE_FAILED_TO_SAVE', 'Invite failed to save! Error: [error]', array( '[error]' => $row->getError() ) ), 'error' );
$this->showInviteEdit( $id, $user );
return;
}
if ( $new ) {
cbRedirect( $returnUrl, CBTxt::T( 'Invite created successfully!' ) );
} else {
cbRedirect( $returnUrl, CBTxt::T( 'Invite saved successfully!' ) );
}
}
/**
* Deletes a user without any check or warning, and related reports, sessions
*
* @deprecated 2.0 Use UserTable()->load( $condition or $id )->delete( null, $cbUserOnly )
*
* @param int $id User id
* @param string $condition ONLY allowed string: "return (\$user->block == 1);" (CBSubs 3.0.0) php condition string on $user e.g. "return (\$user->block == 1);"
* @param boolean $inComprofilerOnly deletes user only in CB, not in Mambo/Joomla
* @return null|boolean|string '' if user deleted and found ok, NULL if user not found, FALSE if condition was not met, STRING error in case of error raised by plugin
*/
function cbDeleteUser($id, $condition = null, $inComprofilerOnly = false)
{
if (!$id) {
return null;
}
$user = new UserTable();
if ($inComprofilerOnly) {
$user->load(array('user_id' => (int) $id));
} else {
$user->load((int) $id);
}
if (!$user->id) {
return null;
}
if ($condition == null || eval($condition)) {
if (!$user->delete((int) $id, $inComprofilerOnly)) {
return $user->getError();
}
return '';
}
return false;
}
/**
* Notifies connection changes
*
* @param int $userId
* @param int $connectionId
* @param string $msg
* @param string $subject
* @param string $messageHTML
* @param string $messageText
* @param string $userMessage
* @return boolean
*/
protected function _notifyConnectionChange( $userId, $connectionId, $msg, $subject, $messageHTML, $messageText, $userMessage = null )
{
global $_CB_framework, $ueConfig;
$rowFrom = new UserTable();
$rowFrom->load( (int) $userId );
$fromName = getNameFormat( $rowFrom->name, $rowFrom->username, $ueConfig['name_format'] );
$fromURL = 'index.php?option=com_comprofiler&view=userprofile&user='******'&tab=1' . getCBprofileItemid(true);
$fromURL = cbSef( $fromURL );
if ( strncasecmp( 'http', $fromURL, 4 ) != 0 ) {
$fromURL = $_CB_framework->getCfg( 'live_site' ) . '/' . $fromURL;
}
$subject = sprintf( $subject, $fromName );
if ( $userMessage != null ) {
$messageHTML .= sprintf( str_replace( "\n", "\n<br />", CBTxt::T( 'UE_CONNECTIONMSGPREFIX', " %s included the following personal message:\n\n%s" ) ),
htmlspecialchars( $fromName ),
'<strong>' . htmlspecialchars( $userMessage ) . '</strong>' );
$messageText .= sprintf( str_replace( "\n", "\r\n", CBTxt::T( 'UE_CONNECTIONMSGPREFIX', " %s included the following personal message:\n\n%s" ) ),
$fromName,
$userMessage );
}
$notificationMsgHTML = sprintf( $messageHTML, '<strong><a href="' . $fromURL . '">' . htmlspecialchars( $fromName ) . '</a></strong>' );
$notificationMsgText = sprintf( $messageText, $fromName );
$manageURL = 'index.php?option=com_comprofiler&view=manageconnections' . getCBprofileItemid( true );
$manageURL = cbSef( $manageURL );
if ( strncasecmp( 'http', $manageURL, 4 ) != 0 ) {
$manageURL = $_CB_framework->getCfg( 'live_site' ) . '/' . $manageURL;
}
$notificationMsgHTML = $notificationMsgHTML
. "\n<br /><br /><a href=\"" . $manageURL . '">'
. CBTxt::T( 'UE_MANAGECONNECTIONS_LINK UE_MANAGECONNECTIONS', 'Manage Connections' )
. "</a>\n";
$notificationMsgText = $notificationMsgText
. "\r\n\r\n\r\n" . $fromName . ' '
. CBTxt::T( 'CONNECTION_PROFILE UE_PROFILE', 'Profile' )
. ': '
. cbUnHtmlspecialchars( $fromURL );
$notificationMsgText = $notificationMsgText
. "\r\n\r\n"
. CBTxt::T( 'UE_MANAGECONNECTIONS_URL_LABEL UE_MANAGECONNECTIONS', 'Manage Connections' )
. ': '
. cbUnHtmlspecialchars( $manageURL )
. "\r\n";
$notificationMsgHTML = '<div style="padding: 4px; margin: 4px 3px 6px 0px; background: #C44; font-weight: bold;" class="cbNotice">'
. CBTxt::T( 'UE_SENDPMSNOTICE', 'NOTE: This is a message generated automatically by the Connections system. It has the connecting user\'s address, so you can conveniently reply if you wish to.' )
. "</div>\n\n"
. $notificationMsgHTML;
$cbNotification = new cbNotification();
$cbNotification->sendFromUser( $connectionId, $userId, $subject, $notificationMsgHTML, $notificationMsgText );
$this->_setUserMSG( $msg );
return true;
}
/**
* Loads from database a new user of $cbUserId
*
* @param int $cbUserId User id
* @return boolean True: loaded ok, False:load failed
*/
function load($cbUserId)
{
$this->_cbuser = new UserTable($this->_db);
return $this->_cbuser->load($cbUserId);
}
/**
* @deprecated 2.0 No use anymore for such functionality, since we have Permissions for that and we should not be depending on groups
*
* @param array $user_ids
* @param string $action
* @param boolean $allow_myself
* @return null|string
*/
public function get_users_permission($user_ids, $action, $allow_myself = false)
{
global $_CB_framework, $_PLUGINS;
$msg = null;
if (is_array($user_ids) && count($user_ids)) {
$obj = new UserTable($this->_db);
foreach ($user_ids as $user_id) {
if ($user_id != 0) {
if ($obj->load((int) $user_id)) {
/** @noinspection PhpDeprecationInspection */
$groups = $this->get_object_groups($user_id);
if (isset($groups[0])) {
$this_group = strtolower(Application::CmsPermissions()->getGroupName($groups[0]));
} else {
$this_group = 'Registered';
}
} else {
$msg .= 'User not found. ';
$this_group = null;
}
} else {
$this_group = 'Registered';
}
if ($user_id == $_CB_framework->myId()) {
if (!$allow_myself) {
$msg .= "You cannot {$action} Yourself! ";
}
} else {
if (!Application::MyUser()->isSuperAdmin()) {
/** @noinspection PhpDeprecationInspection */
$userGroups = $this->get_object_groups($user_id);
/** @noinspection PhpDeprecationInspection */
$myGroups = $this->get_object_groups($_CB_framework->myId());
$iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users');
$exactGids = !$iAmAdmin;
/** @noinspection PhpDeprecationInspection */
$myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids);
$isHeSAdmin = Application::User((int) $user_id)->isSuperAdmin();
if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_id && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) {
$msg .= "You cannot {$action} a `{$this_group}`. Only higher-level users have this power. ";
}
}
}
}
} else {
if ($user_ids == $_CB_framework->myId()) {
if (!$allow_myself) {
$msg .= "You cannot {$action} Yourself! ";
}
} else {
if (!Application::MyUser()->isSuperAdmin()) {
/** @noinspection PhpDeprecationInspection */
$userGroups = $this->get_object_groups($user_ids);
/** @noinspection PhpDeprecationInspection */
$myGroups = $this->get_object_groups($_CB_framework->myId());
$iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users');
$exactGids = !$iAmAdmin;
/** @noinspection PhpDeprecationInspection */
$myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids);
$isHeSAdmin = Application::User((int) $user_ids)->isSuperAdmin();
if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_ids && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) {
$msg .= "You cannot {$action} a user. Only higher-level users have this power. ";
}
}
}
}
if ($_PLUGINS) {
$_PLUGINS->trigger('onUsersPermission', array($user_ids, $action, $allow_myself, &$msg));
}
return $msg;
}
/**
* Replaces @MENTION with profile urls
*
* @return string
*/
public function profiles()
{
global $_CB_database, $_CB_framework;
/** @var UserTable[] $users */
static $users = array();
foreach ( $this->words as $k => $word ) {
if ( preg_match( $this->regexp['profile'], $word, $match ) ) {
$cleanWord = Get::clean( $match[1], GetterInterface::STRING );
if ( ! isset( $users[$cleanWord] ) ) {
$user = new UserTable();
if ( is_numeric( $match[1] ) ) {
$user->load( (int) $match[1] );
}
if ( ! $user->get( 'id' ) ) {
$wordNext2 = ( isset( $this->words[$k+1] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+1] ) ) ? $cleanWord . ' ' . Get::clean( $this->words[$k+1], GetterInterface::STRING ) : null );
$wordNext3 = ( $wordNext2 && isset( $this->words[$k+2] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+2] ) ) ? $wordNext2 . ' ' . Get::clean( $this->words[$k+2], GetterInterface::STRING ) : null );
$wordNext4 = ( $wordNext3 && isset( $this->words[$k+3] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+3] ) ) ? $wordNext3 . ' ' . Get::clean( $this->words[$k+3], GetterInterface::STRING ) : null );
$wordNext5 = ( $wordNext4 && isset( $this->words[$k+4] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+4] ) ) ? $wordNext4 . ' ' . Get::clean( $this->words[$k+4], GetterInterface::STRING ) : null );
$wordNext6 = ( $wordNext5 && isset( $this->words[$k+5] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+5] ) ) ? $wordNext5 . ' ' . Get::clean( $this->words[$k+5], GetterInterface::STRING ) : null );
$query = 'SELECT c.*, u.*'
. "\n FROM " . $_CB_database->NameQuote( '#__users' ) . " AS u"
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS c"
. ' ON c.' . $_CB_database->NameQuote( 'id' ) . ' = u.' . $_CB_database->NameQuote( 'id' )
. "\n WHERE ( u." . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $cleanWord ) // Match username exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $cleanWord ); // Match name exactly
if ( $wordNext2 ) { // 2 Words
$query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext2 ) // Match username +1 word exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext2 ); // Match name +1 word exactly
}
if ( $wordNext3 ) { // 3 Words
$query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext3 ) // Match username +2 words exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext3 ); // Match name +2 words exactly
}
if ( $wordNext4 ) { // 4 Words
$query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext4 ) // Match username +3 words exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext4 ); // Match name +3 words exactly
}
if ( $wordNext5 ) { // 5 Words
$query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext5 ) // Match username +4 words exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext5 ); // Match name +4 words exactly
}
if ( $wordNext6 ) { // 6 Words
$query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext6 ) // Match username +5 words exactly
. ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext6 ); // Match name +5 words exactly
}
$query .= ' )'
. "\n ORDER BY u." . $_CB_database->NameQuote( 'username' ) . ", u." . $_CB_database->NameQuote( 'name' );
$_CB_database->setQuery( $query );
$_CB_database->loadObject( $user );
}
$users[$cleanWord] = $user;
}
$user = $users[$cleanWord];
if ( $user->get( 'id' ) ) {
$this->parsed = preg_replace( '/@' . (int) $user->get( 'id' ) . '\b|@' . preg_quote( $user->get( 'name' ), '/' ) . '\b|@' . preg_quote( $user->get( 'username' ), '/' ) . '\b|' . preg_quote( $word, '/' ) . '\b/i', '<a href="' . $_CB_framework->userProfileUrl( (int) $user->get( 'id' ) ) . '" rel="nofollow">@' . htmlspecialchars( getNameFormat( $user->get( 'name' ), $user->get( 'username' ), Application::Config()->get( 'name_format' ) ) ) . '</a>', $this->parsed );
}
}
}
return $this->parsed;
}
/**
* Updates payment status of basket and of corresponding subscriptions if there is a change in status
*
* @param cbpaidPaymentBasket $paymentBasket Basket
* @param string $eventType type of event (paypal type): 'web_accept', 'subscr_payment', 'subscr_signup', 'subscr_modify', 'subscr_eot', 'subscr_cancel', 'subscr_failed'
* @param string $paymentStatus new status (Completed, RegistrationCancelled)
* @param cbpaidPaymentNotification $notification notification object of the payment
* @param int $occurrences renewal occurrences
* @param int $autorecurring_type 0: not auto-recurring, 1: auto-recurring without payment processor notifications, 2: auto-renewing with processor notifications updating $expiry_date
* @param int $autorenew_type 0: not auto-renewing (manual renewals), 1: asked for by user, 2: mandatory by configuration
* @param boolean|string $txnIdMultiplePaymentDates FALSE: unique txn_id for each payment, TRUE: same txn_id can have multiple payment dates, additionally: 'SINGLEPAYMENT' will not look at txn_id at all
* @param boolean $storePaymentRecord TRUE: normal case, create payment record if needed. FALSE: offline case where pending payment should not create a payment record.
* @return void
*/
public function updatePaymentStatus($paymentBasket, $eventType, $paymentStatus, &$notification, $occurrences, $autorecurring_type, $autorenew_type, $txnIdMultiplePaymentDates, $storePaymentRecord = true)
{
global $_CB_framework, $_PLUGINS;
$pluginsLoaded = false;
$basketUpdateNulls = false;
$previousUnifiedStatus = $this->mapPaymentStatus($paymentBasket->payment_status);
$unifiedStatus = $this->mapPaymentStatus($paymentStatus);
// get all related subscriptions being paid by this basket:
$subscriptions = $paymentBasket->getSubscriptions();
$thisIsReferencePayment = false;
$user = CBuser::getUserDataInstance((int) $paymentBasket->user_id);
if ($paymentBasket->payment_status != $paymentStatus || $unifiedStatus == 'Partially-Refunded' || $autorecurring_type) {
if ($paymentStatus && (in_array($eventType, array('web_accept', 'subscr_payment', 'subscr_signup')) || in_array($unifiedStatus, array('Reversed', 'Refunded', 'Partially-Refunded')))) {
$paymentBasket->payment_status = $paymentStatus;
}
if (in_array($eventType, array('subscr_payment', 'subscr_signup'))) {
$paymentBasket->recurring = 1;
}
if ($autorecurring_type == 0 && in_array($unifiedStatus, array('Completed', 'Processed', 'FreeTrial'))) {
$paymentBasket->mc_amount1 = null;
$paymentBasket->mc_amount3 = null;
$paymentBasket->period1 = null;
$paymentBasket->period3 = null;
$basketUpdateNulls = true;
}
// if (count($subscriptions) >= 1) {
$now = $_CB_framework->now();
$completed = false;
$thisIsReferencePayment = false;
$reason = null;
switch ($unifiedStatus) {
case 'FreeTrial':
case 'Completed':
case 'Processed':
// this includes Canceled_Reversal !!! :
if ($unifiedStatus == 'FreeTrial') {
$paymentBasket->payment_status = 'Completed';
}
if ($unifiedStatus == 'FreeTrial' || $unifiedStatus == 'Completed') {
if ($notification->payment_date) {
$time_completed = cbpaidTimes::getInstance()->gmStrToTime($notification->payment_date);
} else {
$time_completed = $now;
}
$paymentBasket->time_completed = Application::Database()->getUtcDateTime($time_completed);
$completed = true;
}
if ($paymentStatus == 'Canceled_Reversal') {
$paymentBasket->payment_status = 'Completed';
}
if (is_object($notification) && isset($notification->txn_id)) {
// real payment with transaction id: store as reference payment if not already stored:
$thisIsReferencePayment = $this->_storePaymentOnce($paymentBasket, $notification, $now, $txnIdMultiplePaymentDates, 'Updating payment record because of new status of payment basket: ' . $unifiedStatus . ($paymentStatus != $unifiedStatus ? ' (new gateway-status: ' . $paymentStatus . ')' : '') . ' because of event received: ' . $eventType . '. Previous status was: ' . $previousUnifiedStatus);
} else {
// Free trials don't have a notification:
$thisIsReferencePayment = true;
}
if ($thisIsReferencePayment) {
// payment not yet processed:
$autorenewed = $paymentBasket->recurring == 1 && $unifiedStatus == 'Completed' && $previousUnifiedStatus == 'Completed';
for ($i = 0, $n = count($subscriptions); $i < $n; $i++) {
$reason = $autorenewed ? 'R' : $subscriptions[$i]->_reason;
$subscriptions[$i]->activate($user, $now, $completed, $reason, $occurrences, $autorecurring_type, $autorenew_type, $autorenewed ? 1 : 0);
}
}
break;
case 'RegistrationCancelled':
case 'Reversed':
case 'Refunded':
case 'Unsubscribed':
if ($unifiedStatus == 'RegistrationCancelled') {
if (!($previousUnifiedStatus == 'NotInitiated' || $previousUnifiedStatus === 'Pending' && $paymentBasket->payment_method === 'offline')) {
return;
}
}
for ($i = 0, $n = count($subscriptions); $i < $n; $i++) {
$reason = $subscriptions[$i]->_reason;
if ($reason != 'R' || in_array($unifiedStatus, array('Reversed', 'Refunded'))) {
// Expired and Cancelled as well as Partially-Refunded are not reverted ! //TBD: really revert on refund everything ? a plan param would be nice here
if (!in_array($previousUnifiedStatus, array('Pending', 'In-Progress', 'Denied', 'Reversed', 'Refunded')) && in_array($subscriptions[$i]->status, array('A', 'R', 'I')) && !$subscriptions[$i]->hasPendingPayment($paymentBasket->id)) {
// not a cancelled or denied renewal:
$subscriptions[$i]->revert($user, $unifiedStatus);
}
}
}
if ($unifiedStatus == 'RegistrationCancelled') {
$paymentBasket->historySetMessage('Payment basket deleted because the subscriptions and payment got cancelled');
$paymentBasket->delete();
// deletes also payment_Items
}
$paidUserExtension = cbpaidUserExtension::getInstance($paymentBasket->user_id);
$subscriptionsAnyAtAll = $paidUserExtension->getUserSubscriptions('');
$params = cbpaidApp::settingsParams();
$createAlsoFreeSubscriptions = $params->get('createAlsoFreeSubscriptions', 0);
if (count($subscriptionsAnyAtAll) == 0 && !$createAlsoFreeSubscriptions) {
$user = new UserTable();
$id = (int) cbGetParam($_GET, 'user');
$user->load((int) $id);
if ($user->id && $user->block == 1) {
$user->delete(null);
}
}
break;
case 'Denied':
case 'Pending':
if ($unifiedStatus == 'Denied') {
// In fact when denied, it's the case as if the user attempted payment but failed it: He should be able to re-try: So just store the payment as denied for the records.
if ($eventType == 'subscr_failed' || $eventType == 'subscr_cancel' && $autorecurring_type != 2) {
// special case of a failed attempt:
// or this is the final failed attempt of a basket with notifications:
break;
}
}
if ($previousUnifiedStatus == 'Completed') {
return;
// do not change a Completed payment as it cannot become Pending again. If we get "Pending" after "Completed", it is a messages chronological order mistake.
}
break;
case 'In-Progress':
case 'Partially-Refunded':
default:
break;
}
if ($eventType == 'subscr_cancel') {
if (!in_array($unifiedStatus, array('Denied', 'Reversed', 'Refunded', 'Unsubscribed'))) {
for ($i = 0, $n = count($subscriptions); $i < $n; $i++) {
$subscriptions[$i]->autorecurring_cancelled($user, $unifiedStatus, $eventType);
}
}
}
for ($i = 0, $n = count($subscriptions); $i < $n; $i++) {
$subscriptions[$i]->notifyPaymentStatus($unifiedStatus, $previousUnifiedStatus, $paymentBasket, $notification, $now, $user, $eventType, $paymentStatus, $occurrences, $autorecurring_type, $autorenew_type);
}
if (in_array($unifiedStatus, array('Denied', 'Reversed', 'Refunded', 'Partially-Refunded', 'Pending', 'In-Progress'))) {
$thisIsReferencePayment = $this->_storePaymentOnce($paymentBasket, $notification, $now, $txnIdMultiplePaymentDates, 'Updating payment record because of new status of payment basket: ' . $unifiedStatus . ($paymentStatus != $unifiedStatus ? ' (new gateway-status: ' . $paymentStatus . ')' : '') . ' because of event received: ' . $eventType . '. Previous status was: ' . $previousUnifiedStatus);
}
// }
foreach ($paymentBasket->loadPaymentTotalizers() as $totalizer) {
$totalizer->notifyPaymentStatus($thisIsReferencePayment, $unifiedStatus, $previousUnifiedStatus, $paymentBasket, $notification, $now, $user, $eventType, $paymentStatus, $occurrences, $autorecurring_type, $autorenew_type, $txnIdMultiplePaymentDates);
}
if (!in_array($unifiedStatus, array('RegistrationCancelled'))) {
if ($thisIsReferencePayment && in_array($unifiedStatus, array('Completed', 'Processed'))) {
$paymentBasket->setPaidInvoiceNumber($reason);
}
$paymentBasket->historySetMessage('Updating payment basket ' . ($paymentStatus !== null ? 'status: ' . $unifiedStatus . ($paymentStatus != $unifiedStatus ? ' (new gateway-status: ' . $paymentStatus . ')' : '') : '') . ' because of event received: ' . $eventType . ($paymentStatus !== null ? '. Previous status was: ' . $previousUnifiedStatus : ''));
$paymentBasket->store($basketUpdateNulls);
} else {
//TDB ? : $paymentBasket->delete(); in case of RegistrationCancelled done above, but should be done in case of FreeTrial ? (could be a param in future)
}
if (!in_array($unifiedStatus, array('Completed', 'Processed')) || $thisIsReferencePayment) {
$_PLUGINS->loadPluginGroup('user', 'cbsubs.');
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
$pluginsLoaded = true;
$_PLUGINS->trigger('onCPayAfterPaymentStatusChange', array(&$user, &$paymentBasket, &$subscriptions, $unifiedStatus, $previousUnifiedStatus, $occurrences, $autorecurring_type, $autorenew_type));
}
}
if (!in_array($unifiedStatus, array('Completed', 'Processed')) || $thisIsReferencePayment) {
if (!$pluginsLoaded) {
$_PLUGINS->loadPluginGroup('user', 'cbsubs.');
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
}
$_PLUGINS->trigger('onCPayAfterPaymentStatusUpdateEvent', array(&$user, &$paymentBasket, &$subscriptions, $unifiedStatus, $previousUnifiedStatus, $eventType, &$notification));
}
}
/**
* Logins on host CMS using any allowed authentication methods
*
* @param string $username The username
* @param string|boolean $password Well, The password OR strictly boolean false for login without password
* @param boolean $rememberMe If login should be remembered in a cookie to be sent back to user's browser
* @param boolean $message If an alert message should be prepared on successful login
* @param string $return IN & OUT: IN: return URL NOT SEFED for normal login completition (unless an event says different), OUT: redirection url (no htmlspecialchars) NOT SEFED
* @param array $messagesToUser OUT: messages to display to user (html)
* @param array $alertMessages OUT: messages to alert to user (text)
* @param int $loginType 0: username, 1: email, 2: username or email, 3: username, email or CMS authentication
* @param string $secretKey secretKey used for two step authentication
* @return string Error message if error
*/
public function login($username, $password, $rememberMe, $message, &$return, &$messagesToUser, &$alertMessages, $loginType = 0, $secretKey = null)
{
global $_CB_framework, $ueConfig, $_PLUGINS;
$returnURL = null;
$loggedIn = false;
if (!$username || !$password && $password !== false) {
$resultError = CBTxt::T('LOGIN_INCOMPLETE', 'Please complete the username and password fields.');
} else {
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeLogin', array(&$username, &$password, &$secretKey));
$resultError = null;
$showSysMessage = true;
$stopLogin = false;
$firstLogin = false;
$row = new UserTable();
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
} else {
$foundUser = false;
// Try login by CB authentication trigger:
$_PLUGINS->trigger('onLoginAuthentication', array(&$username, &$password, &$row, $loginType, &$foundUser, &$stopLogin, &$resultError, &$messagesToUser, &$alertMessages, &$return, &$secretKey));
if (!$foundUser) {
if ($loginType != 2) {
// login by username:
$foundUser = $row->loadByUsername($username) && ($password === false || $row->verifyPassword($password));
}
if (!$foundUser && $loginType >= 1) {
// login by email:
$foundUser = $row->loadByEmail($username) && ($password === false || $row->verifyPassword($password));
if ($foundUser) {
$username = $row->username;
}
}
if (!$foundUser && $loginType > 2) {
// If no result, try login by CMS authentication:
if ($_CB_framework->login($username, $password, $rememberMe, null, $secretKey)) {
$foundUser = $row->load((int) $_CB_framework->myId());
// core user might not have username set, so we use id (bug #3303 fix)
$this->cbSplitSingleName($row);
$row->confirmed = 1;
$row->approved = 1;
$row->store();
// synchronizes with comprofiler table
$loggedIn = true;
}
}
}
if ($foundUser) {
$returnPluginsOverrides = null;
$pluginResults = $_PLUGINS->trigger('onDuringLogin', array(&$row, 1, &$returnPluginsOverrides));
if ($returnPluginsOverrides) {
$return = $returnPluginsOverrides;
}
if (is_array($pluginResults) && count($pluginResults)) {
foreach ($pluginResults as $res) {
if (is_array($res)) {
if (isset($res['messagesToUser'])) {
$messagesToUser[] = $res['messagesToUser'];
}
if (isset($res['alertMessage'])) {
$alertMessages[] = $res['alertMessage'];
}
if (isset($res['showSysMessage'])) {
$showSysMessage = $showSysMessage && $res['showSysMessage'];
}
if (isset($res['stopLogin'])) {
$stopLogin = $stopLogin || $res['stopLogin'];
}
}
}
}
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
} elseif ($stopLogin) {
// login stopped: don't even check for errors...
} elseif ($row->approved == 2) {
$resultError = CBTxt::T('LOGIN_REJECTED', 'Your sign up request was rejected!');
} elseif ($row->confirmed != 1) {
if ($row->cbactivation == '') {
$row->store();
// just in case the activation code was missing
}
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($row->id, CBTxt::T(stripslashes($ueConfig['reg_pend_appr_sub'])), CBTxt::T(stripslashes($ueConfig['reg_pend_appr_msg'])), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0);
$resultError = CBTxt::T('LOGIN_NOT_CONFIRMED', 'Your sign up process is not yet complete! Please check again your email for further instructions that have just been resent. If you don\'t find the email, check your spam-box. Make sure that your email account options are not set to immediately delete spam. If that was the case, just try logging in again to receive a new instructions email.');
} elseif ($row->approved == 0) {
$resultError = CBTxt::T('LOGIN_NOT_APPROVED', 'Your account has not yet been approved!');
} elseif ($row->block == 1) {
$resultError = CBTxt::T('LOGIN_BLOCKED', 'Your login is blocked.');
} elseif ($row->lastvisitDate == '0000-00-00 00:00:00') {
$firstLogin = true;
if (isset($ueConfig['reg_first_visit_url']) and $ueConfig['reg_first_visit_url'] != "") {
$return = $ueConfig['reg_first_visit_url'];
} else {
if ($returnPluginsOverrides) {
$return = $returnPluginsOverrides;
// by default return to homepage on first login (or on page overridden by plugin).
}
}
$_PLUGINS->trigger('onBeforeFirstLogin', array(&$row, $username, $password, &$return, $secretKey));
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG("<br />");
}
}
} else {
if ($loginType < 2) {
$resultError = CBTxt::T('LOGIN_INCORRECT_USER_NOT_FOUND LOGIN_INCORRECT', 'Incorrect username or password. Please try again.');
} else {
$resultError = CBTxt::T('UE_INCORRECT_EMAIL_OR_PASSWORD', 'Incorrect email or password. Please try again.');
}
}
}
if ($resultError) {
if ($showSysMessage) {
$alertMessages[] = $resultError;
}
} elseif (!$stopLogin) {
if (!$loggedIn) {
$_PLUGINS->trigger('onDoLoginNow', array($username, $password, $rememberMe, &$row, &$loggedIn, &$resultError, &$messagesToUser, &$alertMessages, &$return, $secretKey));
}
if (!$loggedIn) {
$_CB_framework->login($username, $password, $rememberMe, null, $secretKey);
$loggedIn = true;
}
if ($firstLogin) {
$_PLUGINS->trigger('onAfterFirstLogin', array(&$row, $loggedIn));
}
$_PLUGINS->trigger('onAfterLogin', array(&$row, $loggedIn));
if ($loggedIn && $message && $showSysMessage) {
$alertMessages[] = CBTxt::T('LOGIN_SUCCESS', 'You have successfully logged in');
}
if (!$loggedIn) {
$resultError = CBTxt::T('LOGIN_INCORRECT_USER_AUTHENTICATION_FAILED LOGIN_INCORRECT', 'Incorrect username or password. Please try again.');
}
// changing com_comprofiler to comprofiler is a quick-fix for SEF ON on return path...
if ($return && !(strpos($return, 'comprofiler') && (strpos($return, 'login') || strpos($return, 'logout') || strpos($return, 'registers') || strpos(strtolower($return), 'lostpassword')))) {
// checks for the presence of a return url
// and ensures that this url is not the registration or login pages
$returnURL = $return;
} elseif (!$returnURL) {
$returnURL = 'index.php';
}
}
}
if (!$loggedIn) {
$_PLUGINS->trigger('onLoginFailed', array(&$resultError, &$returnURL));
}
$return = $returnURL;
return $resultError;
}
function userSave($option, $uid)
{
global $_CB_framework, $_POST, $_PLUGINS;
// simple spoof check security
cbSpoofCheck('userEdit');
// check rights to access:
if ($uid == null) {
$msg = CBTxt::Th('UE_USER_PROFILE_NOT', 'Your profile could not be updated.');
} else {
$msg = cbCheckIfUserCanPerformUserTask($uid, 'allowModeratorsUserEdit');
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeUserProfileSaveRequest', array($uid, &$msg, 1));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
// Get current user state:
$userComplete = new UserTable();
if (!$userComplete->load((int) $uid)) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USER_PROFILE_NOT', 'Your profile could not be updated.'), 'error');
return;
}
// Update lastupdatedate of profile by user:
if ($_CB_framework->myId() == $uid) {
$userComplete->lastupdatedate = $_CB_framework->dateDbOfNow();
}
// Store new user state:
$saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'edit');
if (!$saveResult) {
$regErrorMSG = $userComplete->getError();
$_PLUGINS->trigger('onAfterUserProfileSaveFailed', array(&$userComplete, &$regErrorMSG, 1));
HTML_comprofiler::userEdit($userComplete, $option, CBTxt::T('UE_UPDATE', 'Update'), $regErrorMSG);
return;
}
$_PLUGINS->trigger('onAfterUserProfileSaved', array(&$userComplete, 1));
cbRedirectToProfile($uid, CBTxt::Th('USER_DETAILS_SAVE', 'Your settings have been saved.'));
}
