fn_set_notification('N', __('notice'), __('categories_have_been_added'));
}
}
$suffix = ".manage";
}
//
// Processing multiple updating of category elements
//
if ($mode == 'm_update') {
// Update multiple categories data
if (is_array($_REQUEST['categories_data'])) {
fn_attach_image_pairs('category_main', 'category', 0, DESCR_SL);
foreach ($_REQUEST['categories_data'] as $k => $v) {
if (!fn_allowed_for('ULTIMATE') || fn_allowed_for('ULTIMATE') && fn_check_company_id('categories', 'category_id', $k)) {
if (fn_allowed_for('ULTIMATE')) {
fn_set_company_id($v);
}
fn_update_category($v, $k, DESCR_SL);
}
}
}
$suffix = ".manage";
}
//
// Processing deleting of multiple category elements
//
if ($mode == 'm_delete') {
if (isset($_REQUEST['category_ids'])) {
$category_deletion_queue = fn_filter_redundant_deleting_category_ids((array) $_REQUEST['category_ids']);
foreach ($category_deletion_queue as $category_id) {
if (fn_allowed_for('MULTIVENDOR') || fn_allowed_for('ULTIMATE') && fn_check_company_id('categories', 'category_id', $category_id)) {
$suffix = ".apply";
}
if ($mode == 'update') {
fn_trusted_vars('option_data', 'regexp');
if (fn_allowed_for('MULTIVENDOR')) {
$option_data = array();
if (!empty($_REQUEST['option_id'])) {
$condition = fn_get_company_condition('?:product_options.company_id');
$option_data = db_get_row("SELECT * FROM ?:product_options WHERE option_id = ?i {$condition}", $_REQUEST['option_id']);
if (empty($option_data)) {
fn_set_notification('W', __('warning'), __('access_denied'));
return array(CONTROLLER_STATUS_REDIRECT, 'product_options.manage');
}
}
$_REQUEST['option_data'] = array_merge($option_data, $_REQUEST['option_data']);
fn_set_company_id($_REQUEST['option_data']);
}
$option_id = fn_update_product_option($_REQUEST['option_data'], $_REQUEST['option_id'], DESCR_SL);
if (!empty($_REQUEST['object']) && $_REQUEST['object'] == 'product') {
// FIXME (when assigning page and current url will be removed from ajax)
return array(CONTROLLER_STATUS_OK, $_SERVER['HTTP_REFERER'] . '&selected_section=options');
}
$suffix = ".manage";
}
if ($mode == 'delete') {
if (!empty($_REQUEST['option_id']) && fn_check_company_id('product_options', 'option_id', $_REQUEST['option_id']) || !empty($_REQUEST['product_id']) && fn_check_company_id('products', 'product_id', $_REQUEST['product_id'])) {
$p_id = db_get_field("SELECT product_id FROM ?:product_options WHERE option_id = ?i", $_REQUEST['option_id']);
if (!empty($_REQUEST['product_id']) && empty($p_id)) {
// we're deleting global option from the product
db_query("DELETE FROM ?:product_global_option_links WHERE product_id = ?i AND option_id = ?i", $_REQUEST['product_id'], $_REQUEST['option_id']);
} else {
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Shippings\Shippings;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$_REQUEST['shipping_id'] = empty($_REQUEST['shipping_id']) ? 0 : $_REQUEST['shipping_id'];
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
//
// Update shipping method
//
if ($mode == 'update') {
if (!empty($_REQUEST['shipping_id']) && fn_check_company_id('shippings', 'shipping_id', $_REQUEST['shipping_id']) || empty($_REQUEST['shipping_id'])) {
fn_set_company_id($_REQUEST['shipping_data']);
$_REQUEST['shipping_id'] = fn_update_shipping($_REQUEST['shipping_data'], $_REQUEST['shipping_id']);
}
$_extra = empty($_REQUEST['destination_id']) ? '' : '&destination_id=' . $_REQUEST['destination_id'];
$suffix = '.update?shipping_id=' . $_REQUEST['shipping_id'] . $_extra;
}
// Delete selected rates
if ($mode == 'delete_rate_values') {
if (fn_check_company_id('shippings', 'shipping_id', $_REQUEST['shipping_id'])) {
foreach ($_REQUEST['delete_rate_data'] as $destination_id => $rates) {
fn_delete_rate_values($rates, $_REQUEST['shipping_id'], $destination_id);
}
}
$suffix = ".update?shipping_id={$_REQUEST['shipping_id']}";
}
//
function fn_update_page($page_data, $page_id = 0, $lang_code = CART_LANGUAGE)
{
if (!empty($page_data['avail_from_timestamp'])) {
$page_data['avail_from_timestamp'] = fn_parse_date($page_data['avail_from_timestamp']);
} else {
$page_data['avail_from_timestamp'] = 0;
}
if (!empty($page_data['avail_till_timestamp'])) {
$page_data['avail_till_timestamp'] = fn_parse_date($page_data['avail_till_timestamp']) + 86399;
} else {
$page_data['avail_till_timestamp'] = 0;
}
if (isset($page_data['usergroup_ids'])) {
$page_data['usergroup_ids'] = empty($page_data['usergroup_ids']) ? '' : implode(',', $page_data['usergroup_ids']);
}
$_data = $page_data;
if (isset($page_data['timestamp'])) {
$_data['timestamp'] = fn_parse_date($page_data['timestamp']);
}
if (isset($_data['localization'])) {
$_data['localization'] = empty($_data['localization']) ? '' : fn_implode_localizations($_data['localization']);
}
fn_set_company_id($_data);
if (empty($page_id)) {
// page title required
if (empty($page_data['page'])) {
return false;
}
// add new page
$_data['page_id'] = $page_id = db_query('INSERT INTO ?:pages ?e', $_data);
foreach ((array) Registry::get('languages') as $_data['lang_code'] => $v) {
db_query('INSERT INTO ?:page_descriptions ?e', $_data);
}
// now we need to update 'id_path' field, as we know $page_id
/* Generate id_path for page */
$parent_id = intval($_data['parent_id']);
if ($parent_id == 0) {
$id_path = $page_id;
} else {
$id_path = db_get_row("SELECT id_path FROM ?:pages WHERE page_id = ?i", $parent_id);
$id_path = $id_path['id_path'] . '/' . $page_id;
}
db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', array('id_path' => $id_path), $page_id);
} else {
if (!fn_check_company_id('pages', 'page_id', $page_id)) {
fn_company_access_denied_notification();
return false;
}
$old_company_id = fn_get_company_id('pages', 'page_id', $page_id);
if ($_data['company_id'] != $old_company_id) {
fn_change_page_company($page_id, $_data['company_id']);
}
// page title is not updated
if (empty($page_data['page'])) {
unset($page_data['page']);
}
// update existing page
db_query('UPDATE ?:pages SET ?u WHERE page_id = ?i', $_data, $page_id);
db_query('UPDATE ?:page_descriptions SET ?u WHERE page_id = ?i AND lang_code = ?s', $_data, $page_id, $lang_code);
// regenerate id_path for child pages
if (isset($page_data['parent_id'])) {
fn_change_page_parent($page_id, $page_data['parent_id']);
}
}
if (!empty($page_data['block_id'])) {
fn_add_items_to_block($page_data['block_id'], $page_data['add_items'], $page_id, 'pages');
}
fn_set_hook('update_page', $page_data, $page_id, $lang_code);
return $page_id;
}
/**
* Adds or updates category
*
* @param array $category_data Category data
* @param int $category_id Category identifier
* @param string $lang_code Two-letter language code (e.g. 'en', 'ru', etc.)
* @return int New or updated category identifier
*/
function fn_update_category($category_data, $category_id = 0, $lang_code = CART_LANGUAGE)
{
/**
* Update category data (running before fn_update_category() function)
*
* @param array $category_data Category data
* @param int $category_id Category identifier
* @param string $lang_code Two-letter language code (e.g. 'en', 'ru', etc.)
*/
fn_set_hook('update_category_pre', $category_data, $category_id, $lang_code);
// category title required
if (empty($category_data['category'])) {
//return false; // FIXME: management page doesn't have category name
}
if (isset($category_data['localization'])) {
$category_data['localization'] = empty($category_data['localization']) ? '' : fn_implode_localizations($category_data['localization']);
}
if (isset($category_data['usergroup_ids'])) {
$category_data['usergroup_ids'] = empty($category_data['usergroup_ids']) ? '0' : implode(',', $category_data['usergroup_ids']);
}
if (fn_allowed_for('ULTIMATE')) {
fn_set_company_id($category_data);
}
$_data = $category_data;
unset($_data['parent_id']);
if (isset($category_data['timestamp'])) {
$_data['timestamp'] = fn_parse_date($category_data['timestamp']);
}
if (isset($_data['position']) && empty($_data['position']) && $_data['position'] != '0' && isset($category_data['parent_id'])) {
$_data['position'] = db_get_field("SELECT max(position) FROM ?:categories WHERE parent_id = ?i", $category_data['parent_id']);
$_data['position'] = $_data['position'] + 10;
}
if (isset($_data['selected_layouts'])) {
$_data['selected_layouts'] = serialize($_data['selected_layouts']);
}
if (isset($_data['use_custom_templates']) && $_data['use_custom_templates'] == 'N') {
// Clear the layout settings if the category custom templates were disabled
$_data['product_columns'] = $_data['selected_layouts'] = $_data['default_layout'] = '';
}
// create new category
if (empty($category_id)) {
if (fn_allowed_for('ULTIMATE') && empty($_data['company_id'])) {
fn_set_notification('E', __('error'), __('need_company_id'));
return false;
}
$create = true;
$category_id = db_query("INSERT INTO ?:categories ?e", $_data);
$_data['category_id'] = $category_id;
foreach (fn_get_translation_languages() as $_data['lang_code'] => $v) {
db_query("INSERT INTO ?:category_descriptions ?e", $_data);
}
$category_data['parent_id'] = !empty($category_data['parent_id']) ? $category_data['parent_id'] : 0;
// update existing category
} else {
$category_data['old_company_id'] = db_get_field("SELECT company_id FROM ?:categories WHERE category_id = ?i", $category_id);
$arow = db_query("UPDATE ?:categories SET ?u WHERE category_id = ?i", $_data, $category_id);
$arow_description = db_query("UPDATE ?:category_descriptions SET ?u WHERE category_id = ?i AND lang_code = ?s", $_data, $category_id, $lang_code);
if ($arow === false && $arow_description === false) {
fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('category'))), '', '404');
$category_id = false;
}
}
if ($category_id) {
// regenerate id_path for all child categories of the updated category
if (isset($category_data['parent_id'])) {
fn_change_category_parent($category_id, intval($category_data['parent_id']));
}
// Log category add/update
fn_log_event('categories', !empty($create) ? 'create' : 'update', array('category_id' => $category_id));
// Assign usergroup to all subcategories
if (!empty($_data['usergroup_to_subcats']) && $_data['usergroup_to_subcats'] == 'Y') {
$id_path = db_get_field("SELECT id_path FROM ?:categories WHERE category_id = ?i", $category_id);
db_query("UPDATE ?:categories SET usergroup_ids = ?s WHERE id_path LIKE ?l", $_data['usergroup_ids'], "{$id_path}/%");
}
}
/**
* Update category data (running after fn_update_category() function)
*
* @param array $category_data Category data
* @param int $category_id Category identifier
* @param string $lang_code Two-letter language code (e.g. 'en', 'ru', etc.)
*/
fn_set_hook('update_category_post', $category_data, $category_id, $lang_code);
return $category_id;
}
function fn_mve_update_page_before(&$page_data, &$page_id, &$lang_code)
{
if (!empty($page_data['page'])) {
fn_set_company_id($_data, 'company_id', true);
}
}
/**
* Add/update user
*
* @param int $user_id - user ID to update (empty for new user)
* @param array $user_data - user data
* @param array $auth - authentication information
* @param bool $ship_to_another - flag indicates that shipping and billing fields are different
* @param bool $notify_user - flag indicates that user should be notified
* @return array with user ID and profile ID if success, false otherwise
*/
function fn_update_user($user_id, $user_data, &$auth, $ship_to_another, $notify_user)
{
/**
* Actions before updating user
*
* @param int $user_id User ID to update (empty for new user)
* @param array $user_data User data
* @param array $auth Authentication information
* @param bool $ship_to_another Flag indicates that shipping and billing fields are different
* @param bool $notify_user Flag indicates that user should be notified
*/
fn_set_hook('update_user_pre', $user_id, $user_data, $auth, $ship_to_another, $notify_user);
array_walk($user_data, 'fn_trim_helper');
$register_at_checkout = isset($user_data['register_at_checkout']) && $user_data['register_at_checkout'] == 'Y' ? true : false;
if (fn_allowed_for('ULTIMATE')) {
if (AREA == 'A' && !empty($user_data['user_type']) && $user_data['user_type'] == 'C' && (empty($user_data['company_id']) || Registry::get('runtime.company_id') && $user_data['company_id'] != Registry::get('runtime.company_id'))) {
fn_set_notification('W', __('warning'), __('access_denied'));
return false;
}
}
if (!empty($user_id)) {
$current_user_data = db_get_row("SELECT user_id, company_id, is_root, status, user_type, user_login, lang_code, password, salt, last_passwords FROM ?:users WHERE user_id = ?i", $user_id);
if (empty($current_user_data)) {
fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('user'))), '', '404');
return false;
}
if (!fn_check_editable_permissions($auth, $current_user_data)) {
fn_set_notification('E', __('error'), __('access_denied'));
return false;
}
if (!empty($user_data['profile_id']) && AREA != 'A') {
$profile_ids = db_get_fields("SELECT profile_id FROM ?:user_profiles WHERE user_id = ?i", $user_id);
if (!in_array($user_data['profile_id'], $profile_ids)) {
fn_set_notification('W', __('warning'), __('access_denied'));
return false;
}
}
if (fn_allowed_for('ULTIMATE')) {
if (AREA != 'A' || empty($user_data['company_id'])) {
//we should set company_id for the frontdend, in the backend company_id received from form
if ($current_user_data['user_type'] == 'A') {
if (!isset($user_data['company_id']) || AREA != 'A' || Registry::get('runtime.company_id')) {
// reset administrator's company if it was not set to root
$user_data['company_id'] = $current_user_data['company_id'];
}
} elseif (Registry::get('settings.Stores.share_users') == 'Y') {
$user_data['company_id'] = $current_user_data['company_id'];
} else {
$user_data['company_id'] = Registry::ifGet('runtime.company_id', 1);
}
}
}
if (fn_allowed_for('MULTIVENDOR')) {
if (AREA != 'A') {
//we should set company_id for the frontend
$user_data['company_id'] = $current_user_data['company_id'];
}
}
$action = 'update';
} else {
$current_user_data = array('status' => AREA != 'A' && Registry::get('settings.General.approve_user_profiles') == 'Y' ? 'D' : (!empty($user_data['status']) ? $user_data['status'] : 'A'), 'user_type' => 'C');
if (fn_allowed_for('ULTIMATE')) {
if (!empty($user_data['company_id']) || Registry::get('runtime.company_id') || AREA == 'A') {
//company_id can be received when we create user account from the backend
$company_id = !empty($user_data['company_id']) ? $user_data['company_id'] : Registry::get('runtime.company_id');
if (empty($company_id)) {
$company_id = fn_check_user_type_admin_area($user_data['user_type']) ? $user_data['company_id'] : fn_get_default_company_id();
}
$user_data['company_id'] = $current_user_data['company_id'] = $company_id;
} else {
fn_set_notification('W', __('warning'), __('access_denied'));
return false;
}
}
$action = 'add';
$user_data['lang_code'] = !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE;
$user_data['timestamp'] = TIME;
}
$original_password = '';
$current_user_data['password'] = !empty($current_user_data['password']) ? $current_user_data['password'] : '';
$current_user_data['salt'] = !empty($current_user_data['salt']) ? $current_user_data['salt'] : '';
// Set the user type
$user_data['user_type'] = fn_check_user_type($user_data, $current_user_data);
if (Registry::get('runtime.company_id') && !fn_allowed_for('ULTIMATE') && (!fn_check_user_type_admin_area($user_data['user_type']) || isset($current_user_data['company_id']) && $current_user_data['company_id'] != Registry::get('runtime.company_id'))) {
fn_set_notification('W', __('warning'), __('access_denied'));
return false;
}
// Check if this user needs login/password
if (fn_user_need_login($user_data['user_type'])) {
// Check if user_login already exists
// FIXME
if (!isset($user_data['email'])) {
$user_data['email'] = db_get_field("SELECT email FROM ?:users WHERE user_id = ?i", $user_id);
}
$is_exist = fn_is_user_exists($user_id, $user_data);
if ($is_exist) {
fn_set_notification('E', __('error'), __('error_user_exists'), '', 'user_exist');
return false;
}
// Check the passwords
if (!empty($user_data['password1']) || !empty($user_data['password2'])) {
$original_password = trim($user_data['password1']);
$user_data['password1'] = !empty($user_data['password1']) ? trim($user_data['password1']) : '';
$user_data['password2'] = !empty($user_data['password2']) ? trim($user_data['password2']) : '';
}
// if the passwords are not set and this is not a forced password check
// we will not update password, otherwise let's check password
if (!empty($_SESSION['auth']['forced_password_change']) || !empty($user_data['password1']) || !empty($user_data['password2'])) {
$valid_passwords = true;
if ($user_data['password1'] != $user_data['password2']) {
$valid_passwords = false;
fn_set_notification('E', __('error'), __('error_passwords_dont_match'));
}
// PCI DSS Compliance
if (fn_check_user_type_admin_area($user_data['user_type'])) {
$msg = array();
// Check password length
$min_length = Registry::get('settings.Security.min_admin_password_length');
if (strlen($user_data['password1']) < $min_length || strlen($user_data['password2']) < $min_length) {
$valid_passwords = false;
$msg[] = str_replace("[number]", $min_length, __('error_password_min_symbols'));
}
// Check password content
if (Registry::get('settings.Security.admin_passwords_must_contain_mix') == 'Y') {
$tmp_result = preg_match('/\\d+/', $user_data['password1']) && preg_match('/\\D+/', $user_data['password1']) && preg_match('/\\d+/', $user_data['password2']) && preg_match('/\\D+/', $user_data['password2']);
if (!$tmp_result) {
$valid_passwords = false;
$msg[] = __('error_password_content');
}
}
if ($msg) {
fn_set_notification('E', __('error'), implode('<br />', $msg));
}
// Check last 4 passwords
if (!empty($user_id)) {
$prev_passwords = !empty($current_user_data['last_passwords']) ? explode(',', $current_user_data['last_passwords']) : array();
if (!empty($_SESSION['auth']['forced_password_change'])) {
// if forced password change - new password can't be equal to current password.
$prev_passwords[] = $current_user_data['password'];
}
if (in_array(fn_generate_salted_password($user_data['password1'], $current_user_data['salt']), $prev_passwords)) {
$valid_passwords = false;
fn_set_notification('E', __('error'), __('error_password_was_used'));
} else {
if (count($prev_passwords) >= 5) {
array_shift($prev_passwords);
}
$user_data['last_passwords'] = implode(',', $prev_passwords);
}
}
}
// PCI DSS Compliance
if (!$valid_passwords) {
return false;
}
$user_data['salt'] = fn_generate_salt();
$user_data['password'] = fn_generate_salted_password($user_data['password1'], $user_data['salt']);
if ($user_data['password'] != $current_user_data['password'] && !empty($user_id)) {
// if user set current password - there is no necessity to update password_change_timestamp
$user_data['password_change_timestamp'] = $_SESSION['auth']['password_change_timestamp'] = TIME;
}
unset($_SESSION['auth']['forced_password_change']);
fn_delete_notification('password_expire');
}
}
$user_data['status'] = AREA != 'A' || empty($user_data['status']) ? $current_user_data['status'] : $user_data['status'];
// only administrator can change user status
// Fill the firstname, lastname and phone from the billing address if the profile was created or updated through the admin area.
if (AREA == 'A' || Registry::get('settings.Checkout.address_position') == 'billing_first') {
$main_address_zone = BILLING_ADDRESS_PREFIX;
$alt_address_zone = SHIPPING_ADDRESS_PREFIX;
} else {
$main_address_zone = SHIPPING_ADDRESS_PREFIX;
$alt_address_zone = BILLING_ADDRESS_PREFIX;
}
$user_data = fn_fill_contact_info_from_address($user_data, $main_address_zone, $alt_address_zone);
if (!fn_allowed_for('ULTIMATE')) {
//for ult company_id was set before
fn_set_company_id($user_data);
}
if (!empty($current_user_data['is_root']) && $current_user_data['is_root'] == 'Y') {
$user_data['is_root'] = 'Y';
} else {
$user_data['is_root'] = 'N';
}
// check if it is a root admin
$is_root_admin_exists = db_get_field("SELECT user_id FROM ?:users WHERE company_id = ?i AND is_root = 'Y' AND user_id != ?i", $user_data['company_id'], !empty($user_id) ? $user_id : 0);
$user_data['is_root'] = empty($is_root_admin_exists) && $user_data['user_type'] !== 'C' ? 'Y' : 'N';
unset($user_data['user_id']);
if (!empty($user_id)) {
db_query("UPDATE ?:users SET ?u WHERE user_id = ?i", $user_data, $user_id);
fn_clean_usergroup_links($user_id, $current_user_data['user_type'], $user_data['user_type']);
fn_log_event('users', 'update', array('user_id' => $user_id));
} else {
if (!isset($user_data['password_change_timestamp'])) {
$user_data['password_change_timestamp'] = 1;
}
$user_id = db_query("INSERT INTO ?:users ?e", $user_data);
fn_log_event('users', 'create', array('user_id' => $user_id));
}
$user_data['user_id'] = $user_id;
// Set/delete insecure password notification
if (AREA == 'A' && Registry::get('config.demo_mode') != true && !empty($user_data['password1'])) {
if (!fn_compare_login_password($user_data, $user_data['password1'])) {
fn_delete_notification('insecure_password');
} else {
$lang_var = 'warning_insecure_password_email';
fn_set_notification('E', __('warning'), __($lang_var, array('[link]' => fn_url("profiles.update?user_id=" . $user_id))), 'K', 'insecure_password');
}
}
if (empty($user_data['user_login'])) {
// if we're using email as login or user type does not require login, fill login field
db_query("UPDATE ?:users SET user_login = '******' WHERE user_id = ?i AND user_login = ''", $user_id, $user_id);
}
// Fill shipping info with billing if needed
if (empty($ship_to_another)) {
$profile_fields = fn_get_profile_fields($user_data['user_type']);
$use_default = AREA == 'A' ? true : false;
fn_fill_address($user_data, $profile_fields, $use_default);
}
$user_data['profile_id'] = fn_update_user_profile($user_id, $user_data, $action);
$user_data = fn_get_user_info($user_id, true, $user_data['profile_id']);
if ($register_at_checkout) {
$user_data['register_at_checkout'] = 'Y';
}
$lang_code = AREA == 'A' && !empty($user_data['lang_code']) ? $user_data['lang_code'] : CART_LANGUAGE;
if (!fn_allowed_for('ULTIMATE:FREE')) {
$user_data['usergroups'] = db_get_hash_array("SELECT lnk.link_id, lnk.usergroup_id, lnk.status, a.type, b.usergroup" . " FROM ?:usergroup_links as lnk" . " INNER JOIN ?:usergroups as a ON a.usergroup_id = lnk.usergroup_id AND a.status != 'D'" . " LEFT JOIN ?:usergroup_descriptions as b ON b.usergroup_id = a.usergroup_id AND b.lang_code = ?s" . " WHERE a.status = 'A' AND lnk.user_id = ?i AND lnk.status != 'D' AND lnk.status != 'F'", 'usergroup_id', $lang_code, $user_id);
}
// Send notifications to customer
if (!empty($notify_user)) {
$from = 'company_users_department';
if (fn_allowed_for('MULTIVENDOR')) {
// Vendor administrator's notification
// is sent from root users department
if ($user_data['user_type'] == 'V') {
$from = 'default_company_users_department';
}
}
// Notify customer about profile activation (when update profile only)
if ($action == 'update' && $current_user_data['status'] === 'D' && $user_data['status'] === 'A') {
Mailer::sendMail(array('to' => $user_data['email'], 'from' => $from, 'data' => array('user_data' => $user_data), 'tpl' => 'profiles/profile_activated.tpl', 'company_id' => $user_data['company_id']), fn_check_user_type_admin_area($user_data['user_type']) ? 'A' : 'C', $lang_code);
}
// Notify customer about profile add/update
$prefix = $action == 'add' ? 'create' : 'update';
// Send password to user only if it was created by admin or vendor
if (AREA != 'C' && $auth['user_id'] != $user_id) {
$password = $original_password;
} else {
$password = null;
}
Mailer::sendMail(array('to' => $user_data['email'], 'from' => $from, 'data' => array('password' => $password, 'user_data' => $user_data), 'tpl' => 'profiles/' . $prefix . '_profile.tpl', 'company_id' => $user_data['company_id']), fn_check_user_type_admin_area($user_data['user_type']) ? 'A' : 'C', $lang_code);
}
if ($action == 'add') {
if (AREA != 'A') {
if (Registry::get('settings.General.approve_user_profiles') == 'Y') {
fn_set_notification('W', __('important'), __('text_profile_should_be_approved'));
// Notify administrator about new profile
Mailer::sendMail(array('to' => 'company_users_department', 'from' => 'company_users_department', 'reply_to' => $user_data['email'], 'data' => array('user_data' => $user_data), 'tpl' => 'profiles/activate_profile.tpl', 'company_id' => $user_data['company_id']), 'A', Registry::get('settings.Appearance.backend_default_language'));
} else {
fn_set_notification('N', __('information'), __('text_profile_is_created'));
}
}
if (!is_null($auth)) {
if (!empty($auth['order_ids'])) {
db_query("UPDATE ?:orders SET user_id = ?i WHERE order_id IN (?n)", $user_id, $auth['order_ids']);
}
}
} else {
if (AREA == 'C') {
fn_set_notification('N', __('information'), __('text_profile_is_updated'));
}
}
fn_set_hook('update_profile', $action, $user_data, $current_user_data);
return array($user_id, !empty($user_data['profile_id']) ? $user_data['profile_id'] : false);
}
