public function main()
 {
     //init controller data
     $this->extensions->hk_InitData($this, __FUNCTION__);
     $this->loadLanguage('common/forgot_password');
     $this->document->setTitle($this->language->get('heading_title'));
     if ($this->request->is_POST() && $this->_validate()) {
         //generate hash
         $hash = AEncryption::getHash(time());
         $link = $this->html->getSecureURL('index/forgot_password/validate', '&hash=' . $hash);
         //create a scratch data for future use
         $passreset = new ADataset();
         $passreset->createDataset('admin_pass_reset', $this->request->post['username']);
         $passreset->setDatasetProperties(array('hash' => $hash, 'email' => $this->request->post['email']));
         $mail = new AMail($this->config);
         $mail->setTo($this->request->post['email']);
         $mail->setFrom($this->config->get('store_main_email'));
         $mail->setSender($this->config->get('config_owner'));
         $mail->setSubject(sprintf($this->language->get('reset_email_subject'), $this->config->get('store_name')));
         $mail->setHtml(sprintf($this->language->get('reset_email_body_html'), $link, $link));
         $mail->setText(sprintf($this->language->get('reset_email_body_text'), $link, $link));
         $mail->send();
         $this->redirect($this->html->getSecureURL('index/forgot_password', '&mail=sent'));
     }
     $this->data['login'] = $this->html->getSecureURL('index/login');
     if (isset($this->request->get['mail']) && $this->request->get['mail'] == 'sent') {
         $this->data['show_instructions'] = true;
     } else {
         $this->data['error'] = $this->error;
         $fields = array('username', 'email', 'captcha');
         foreach ($fields as $f) {
             if (isset($this->request->post[$f])) {
                 $this->data[$f] = $this->request->post[$f];
             } else {
                 $this->data[$f] = '';
             }
         }
         $this->data['action'] = $this->html->getSecureURL('index/forgot_password');
         $this->data['update'] = '';
         $form = new AForm('ST');
         $form->setForm(array('form_name' => 'forgotFrm', 'update' => $this->data['update']));
         $this->data['form']['id'] = 'forgotFrm';
         $this->data['form']['form_open'] = $form->getFieldHtml(array('type' => 'form', 'name' => 'forgotFrm', 'action' => $this->data['action']));
         $this->data['form']['submit'] = $form->getFieldHtml(array('type' => 'button', 'name' => 'submit', 'text' => $this->language->get('button_reset_password'), 'style' => 'button3'));
         $this->data['form']['fields']['username'] = $form->getFieldHtml(array('type' => 'input', 'name' => 'username', 'value' => $this->data['username'], 'required' => true, 'placeholder' => $this->language->get('entry_username')));
         $this->data['form']['fields']['email'] = $form->getFieldHtml(array('type' => 'input', 'name' => 'email', 'value' => $this->data['email'], 'required' => true, 'placeholder' => $this->language->get('entry_email')));
         if ($this->config->get('config_recaptcha_site_key')) {
             $this->data['form']['fields']['captcha'] = $form->getFieldHtml(array('type' => 'recaptcha', 'name' => 'captcha', 'recaptcha_site_key' => $this->config->get('config_recaptcha_site_key'), 'language_code' => $this->language->getLanguageCode()));
         } else {
             $this->data['form']['fields']['captcha'] = $form->getFieldHtml(array('type' => 'captcha', 'name' => 'captcha', 'value' => $this->data['captcha'], 'required' => true, 'placeholder' => $this->language->get('entry_captcha')));
         }
     }
     $this->view->batchAssign($this->data);
     $this->processTemplate('pages/index/forgot_password.tpl');
     //update controller data
     $this->extensions->hk_UpdateData($this, __FUNCTION__);
 }
 private function _validate($loginname, $password)
 {
     if (!$this->customer->login($loginname, $password)) {
         return FALSE;
     } else {
         unset($this->session->data['guest']);
         $this->loadModel('account/address');
         $address = $this->model_account_address->getAddress($this->customer->getAddressId());
         $this->session->data['country_id'] = $address['country_id'];
         $this->session->data['zone_id'] = $address['zone_id'];
         $this->session->data['token'] = AEncryption::getHash(mt_rand());
         return TRUE;
     }
 }
示例#3
0
 public function editUser($user_id, $data)
 {
     $fields = array('username', 'firstname', 'lastname', 'email', 'user_group_id', 'status');
     $update = array();
     foreach ($fields as $f) {
         if (isset($data[$f])) {
             $update[] = $f . " = '" . $this->db->escape($data[$f]) . "'";
         }
     }
     if (!empty($data['password'])) {
         $update[] = "password = '******'password'])) . "'";
     }
     if (!empty($update)) {
         $sql = "UPDATE " . $this->db->table("users") . " SET " . implode(',', $update) . " WHERE user_id = '" . (int) $user_id . "'";
         $this->db->query($sql);
     }
 }
示例#4
0
 public function post()
 {
     //This is login attempt
     $request = $this->rest->getRequestParams();
     if (isset($request['token'])) {
         //this is the request to authorized
         $this->_validate_token($request['token']);
     } else {
         if (isset($request['username']) && isset($request['password']) && $this->_validate($request['username'], $request['password'])) {
             $this->session->data['token'] = AEncryption::getHash(mt_rand());
             $this->rest->setResponseData(array('status' => 1, 'success' => 'Logged in', 'token' => $this->session->data['token']));
             $this->rest->sendResponse(200);
         } else {
             $this->rest->setResponseData(array('status' => 0, 'error' => 'Login attempt failed!'));
             $this->rest->sendResponse(401);
         }
     }
 }
示例#5
0
 public function RunSQL($data)
 {
     $db = new ADB($data['db_driver'], $data['db_host'], $data['db_user'], $data['db_password'], $data['db_name']);
     $file = DIR_APP_SECTION . 'abantecart_database.sql';
     if ($sql = file($file)) {
         $query = '';
         foreach ($sql as $line) {
             $tsl = trim($line);
             if ($sql != '' && substr($tsl, 0, 2) != "--" && substr($tsl, 0, 1) != '#') {
                 $query .= $line;
                 if (preg_match('/;\\s*$/', $line)) {
                     $query = str_replace("DROP TABLE IF EXISTS `ac_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $query);
                     $query = str_replace("CREATE TABLE `ac_", "CREATE TABLE `" . $data['db_prefix'], $query);
                     $query = str_replace("INSERT INTO `ac_", "INSERT INTO `" . $data['db_prefix'], $query);
                     $query = str_replace("ON `ac_", "ON `" . $data['db_prefix'], $query);
                     $db->query($query);
                     //no silence mode! if error - will throw to exception
                     $query = '';
                 }
             }
         }
         $db->query("SET CHARACTER SET utf8;");
         $db->query("SET @@session.sql_mode = 'MYSQL40';");
         $db->query("INSERT INTO `" . $data['db_prefix'] . "users`\n\t\t\t\tSET user_id = '1',\n\t\t\t\t\tuser_group_id = '1',\n\t\t\t\t\temail = '" . $db->escape($data['email']) . "',\n\t\t\t\t    username = '******'username']) . "',\n\t\t\t\t    password = '******'password'])) . "',\n\t\t\t\t    status = '1',\n\t\t\t\t    date_added = NOW();");
         $db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape($data['email']) . "' WHERE `key` = 'store_main_email'; ");
         $db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape(HTTP_ABANTECART) . "' WHERE `key` = 'config_url'; ");
         $db->query("INSERT INTO `" . $data['db_prefix'] . "settings` SET `group` = 'config', `key` = 'install_date', value = NOW(); ");
         $db->query("UPDATE `" . $data['db_prefix'] . "products` SET `viewed` = '0';");
         //process triggers
         //$this->create_triggers($db, $data['db_name']);
         //run descructor and close db-connection
         unset($db);
     }
     //clear cache dir in case of reinstall
     $cache = new ACache();
     $cache->remove('*');
 }
示例#6
0
 public function editUser($user_id, $data)
 {
     $fields = array('username', 'firstname', 'lastname', 'email', 'user_group_id', 'status');
     $update = array();
     foreach ($fields as $f) {
         if (isset($data[$f])) {
             $update[] = $f . " = '" . $this->db->escape($data[$f]) . "'";
         }
     }
     if ($data['password'] || $data['email'] || $data['username']) {
         //notify admin user of important infoamtion change
         $language = new ALanguage($this->registry, '', 1);
         $language->load('common/im');
         $message_arr = array(1 => array('message' => $language->get('im_account_update_text_to_admin')));
         $this->im->sendToUser($user_id, 'account_update', $message_arr);
     }
     if (!empty($data['password'])) {
         $update[] = "password = '******'password'])) . "'";
     }
     if (!empty($update)) {
         $sql = "UPDATE " . $this->db->table("users") . " SET " . implode(',', $update) . " WHERE user_id = '" . (int) $user_id . "'";
         $this->db->query($sql);
     }
 }
示例#7
0
 /**
  * @param $username string
  * @param $password string
  * @return bool
  */
 public function login($username, $password)
 {
     $user_query = $this->db->query("SELECT *\n    \t                                FROM " . $this->db->table("users") . " \n    \t                                WHERE username = '******'\n    \t                                AND password = '******'");
     if ($user_query->num_rows) {
         $this->session->data['user_id'] = $user_query->row['user_id'];
         $this->session->data['user_last_login'] = $user_query->row['last_login'];
         $this->user_id = $user_query->row['user_id'];
         $this->username = $user_query->row['username'];
         $this->last_login = $user_query->row['last_login'];
         if (!$this->last_login || $this->last_login == 'null' || $this->last_login == '0000-00-00 00:00:00') {
             $this->session->data['user_last_login'] = $this->last_login = '';
         }
         $this->db->query("UPDATE " . $this->db->table("users") . " \n\t\t\t\t\t\t\t  SET last_login = NOW()\n\t\t\t\t\t\t\t  WHERE user_id = '" . (int) $this->session->data['user_id'] . "'");
         $user_group_query = $this->db->query("SELECT permission\n      \t\t                                      FROM " . $this->db->table("user_groups") . " \n      \t\t                                      WHERE user_group_id = '" . (int) $user_query->row['user_group_id'] . "'");
         if ($user_group_query->row['permission']) {
             foreach (unserialize($user_group_query->row['permission']) as $key => $value) {
                 $this->permission[$key] = $value;
             }
         }
         return TRUE;
     } else {
         return FALSE;
     }
 }
示例#8
0
 public function main()
 {
     //init controller data
     $this->extensions->hk_InitData($this, __FUNCTION__);
     $this->loadLanguage('common/login');
     $this->cache->delete('admin_menu');
     $this->document->setTitle($this->language->get('heading_title'));
     $this->document->addBreadcrumb(array('href' => '', 'text' => $this->language->get('text_home'), 'separator' => FALSE));
     $this->document->addBreadcrumb(array('href' => $this->html->getSecureURL('index/login'), 'text' => $this->language->get('heading_title'), 'current' => true, 'sub_text' => '', 'icon' => ''));
     if ($this->request->is_POST() && $this->_validate()) {
         $this->session->data['token'] = AEncryption::getHash(mt_rand());
         $this->session->data['checkupdates'] = true;
         // sign to run ajax-request to check for updates. see common/head for details
         //login is sussessful redirect to originaly requested page
         if (isset($this->request->post['redirect']) && !preg_match("/rt=index\\/login/i", $this->request->post['redirect'])) {
             $redirect = $this->html->filterQueryParams($this->request->post['redirect'], array('token'));
             $redirect .= "&token=" . $this->session->data['token'];
             $this->redirect($redirect);
         } else {
             $this->redirect($this->html->getSecureURL('index/home'));
         }
     }
     if (isset($this->session->data['token']) && !isset($this->request->get['token']) || isset($this->request->get['token']) && (isset($this->session->data['token']) && $this->request->get['token'] != $this->session->data['token'])) {
         $this->error['warning'] = $this->language->get('error_token');
     }
     //There was no login done, so clear the session for new login screen
     $this->session->clear();
     if ($this->request->cookie['new_cart'] == 1 && $this->error['warning'] && $this->request->server['REQUEST_METHOD'] == 'GET') {
         $this->error['warning'] = '';
     }
     $this->data['action'] = $this->html->getSecureURL('index/login');
     $this->data['update'] = '';
     $form = new AForm('ST');
     $form->setForm(array('form_name' => 'loginFrm', 'update' => $this->data['update']));
     $this->data['form']['id'] = 'loginFrm';
     $this->data['form']['form_open'] = $form->getFieldHtml(array('type' => 'form', 'name' => 'loginFrm', 'action' => $this->data['action']));
     $this->data['form']['submit'] = $form->getFieldHtml(array('type' => 'button', 'name' => 'submit', 'text' => $this->language->get('button_login'), 'style' => 'button3'));
     $fields = array('username', 'password');
     foreach ($fields as $f) {
         $this->data['form']['fields'][$f] = $form->getFieldHtml(array('type' => $f == 'password' ? 'password' : 'input', 'name' => $f, 'value' => $this->data[$f], 'placeholder' => $this->language->get('entry_' . $f)));
     }
     $this->view->assign('error_warning', $this->error['warning']);
     $this->view->assign('forgot_password', $this->html->getSecureURL('index/forgot_password'));
     if (isset($this->request->get['rt'])) {
         $route = $this->request->get['rt'];
         unset($this->request->get['rt']);
         if (isset($this->request->get['token'])) {
             unset($this->request->get['token']);
         }
         $url = '';
         if ($this->request->get) {
             $url = '&' . http_build_query($this->request->get);
         }
         if ($this->request->is_POST()) {
             $this->view->assign('redirect', $this->request->post['redirect']);
             // if login attempt failed - save path for redirect
         } else {
             $this->view->assign('redirect', $this->html->getSecureURL($route, $url));
         }
     } else {
         $this->view->assign('redirect', '');
     }
     $this->view->batchAssign($this->data);
     $this->processTemplate('pages/index/login.tpl');
     //update controller data
     $this->extensions->hk_UpdateData($this, __FUNCTION__);
 }
示例#9
0
 /**
  * @param int $customer_id
  * @param string $field
  * @param mixed $value
  * @return bool
  */
 public function editCustomerField($customer_id, $field, $value)
 {
     if (!$customer_id || !$field) {
         return false;
     }
     $data = array('loginname', 'firstname', 'lastname', 'email', 'telephone', 'fax', 'newsletter', 'customer_group_id', 'status', 'approved');
     //adds IM fields
     //get only active IM drivers
     $im_protocols = $this->im->getProtocols();
     foreach ($im_protocols as $protocol) {
         if (!in_array($protocol, $data)) {
             $data[] = $protocol;
         }
     }
     if (in_array($field, $data)) {
         if ($this->dcrypt->active && in_array($field, $this->dcrypt->getEcryptedFields("customers"))) {
             //check key_id to use
             $query_key = $this->db->query("SELECT key_id\n\t\t\t\t\t\t\t\t\t FROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t         WHERE customer_id = '" . (int) $customer_id . "'");
             $key_id = $query_key->rows[0]['key_id'];
             $value = $this->dcrypt->encrypt_field($value, $key_id);
         }
     }
     $this->db->query("UPDATE " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t  SET " . $field . " = '" . $this->db->escape($value) . "'\n\t\t\t\t\t\t\t  WHERE customer_id = '" . (int) $customer_id . "'");
     if ($field == 'password') {
         $this->db->query("UPDATE " . $this->db->table("customers") . "\n        \t                  SET password = '******'\n        \t                  WHERE customer_id = '" . (int) $customer_id . "'");
     }
     if ($field == 'newsletter') {
         $this->saveCustomerNotificationSettings($customer_id, array('newsletter' => array('email' => (int) $value)));
     }
     return true;
 }
示例#10
0
 /**
  * @param int $customer_id
  * @param string $field
  * @param mixed $value
  */
 public function editCustomerField($customer_id, $field, $value)
 {
     $data = array('loginname', 'firstname', 'lastname', 'email', 'telephone', 'fax', 'newsletter', 'customer_group_id', 'status', 'approved');
     if (in_array($field, $data)) {
         if ($this->dcrypt->active && in_array($field, $this->dcrypt->getEcryptedFields("customers"))) {
             //check key_id to use
             $query_key = $this->db->query("select key_id from " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t  WHERE customer_id = '" . (int) $customer_id . "'");
             $key_id = $query_key->rows[0]['key_id'];
             $value = $this->dcrypt->encrypt_field($value, $key_id);
         }
     }
     $this->db->query("UPDATE " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t  SET {$field} = '" . $this->db->escape($value) . "'\n\t\t\t\t\t\t\t  WHERE customer_id = '" . (int) $customer_id . "'");
     if ($field == 'password') {
         $this->db->query("UPDATE " . $this->db->table("customers") . "\n        \t                  SET password = '******'\n        \t                  WHERE customer_id = '" . (int) $customer_id . "'");
     }
 }
示例#11
0
 /**
  * Get unique hashed cache key string from an key/group pair
  *
  * @param   string	$key	The cache data key
  * @param   string	$group	The cache data group
  *
  * @return  string
  *
  * @since   1.2.7
  */
 protected function _hashCacheKey($key, $group)
 {
     return AEncryption::getHash($group . '-' . $key);
 }
 /**
  * @param string $loginname
  * @param string $password
  * @return bool
  */
 public function login($loginname, $password)
 {
     $approved_only = '';
     if ($this->config->get('config_customer_approval')) {
         $approved_only = " AND approved = '1'";
     }
     $customer_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t\t\t\t\tWHERE LOWER(loginname)  = LOWER('" . $this->db->escape($loginname) . "')\n\t\t\t\t\t\t\t\t\t\t\tAND password = '******'\n\t\t\t\t\t\t\t\t\t\t\tAND status = '1'" . $approved_only);
     if ($customer_query->num_rows) {
         $this->customer_id = $this->session->data['customer_id'] = $customer_query->row['customer_id'];
         //load customer saved cart and merge with session cart before login
         $cart = $this->getCustomerCart();
         $this->mergeCustomerCart($cart);
         //save merged cart
         $this->saveCustomerCart();
         $this->loginname = $loginname;
         $this->firstname = $customer_query->row['firstname'];
         $this->lastname = $customer_query->row['lastname'];
         if ($this->dcrypt->active) {
             $this->email = $this->dcrypt->decrypt_field($customer_query->row['email'], $customer_query->row['key_id']);
             $this->telephone = $this->dcrypt->decrypt_field($customer_query->row['telephone'], $customer_query->row['key_id']);
             $this->fax = $this->dcrypt->decrypt_field($customer_query->row['fax'], $customer_query->row['key_id']);
         } else {
             $this->email = $customer_query->row['email'];
             $this->telephone = $customer_query->row['telephone'];
             $this->fax = $customer_query->row['fax'];
         }
         $this->newsletter = $customer_query->row['newsletter'];
         $this->customer_group_id = $customer_query->row['customer_group_id'];
         $this->address_id = $customer_query->row['address_id'];
         $this->cache->delete('storefront_menu');
         //set cookie for unauthenticated user (expire in 1 year)
         $encryption = new AEncryption($this->config->get('encryption_key'));
         $cutomer_data = $encryption->encrypt(serialize(array('first_name' => $this->firstname, 'customer_id' => $this->customer_id, 'script_name' => $this->request->server['SCRIPT_NAME'])));
         setcookie('customer', $cutomer_data, time() + 60 * 60 * 24 * 365, '/', $this->request->server['HTTP_HOST']);
         return true;
     } else {
         return false;
     }
 }
示例#13
0
 protected function migrateCustomers()
 {
     $customers = $this->cartObj->getCustomers();
     if (!$customers) {
         $errors = $this->cartObj->getErrors();
         $class = '';
         if (!$errors) {
             $errors = $this->language->get('text_no_customers');
             $class = 'attention';
         }
         $this->addLog($errors, $class);
         return true;
     }
     // get all loginnames to prevent conflicts.
     $query = $this->db->query("SELECT LOWER(`loginname`) AS loginname\n\t\t\t\t\t\t\t\t   FROM " . $this->db->table("customers"));
     $logins = array();
     foreach ($query->rows as $row) {
         $logins[] = $row['loginname'];
     }
     foreach ($customers as $data) {
         if (!trim($data['email'])) {
             continue;
         }
         $store_id = has_value($data['store_id']) ? (int) $data['store_id'] : (int) $this->config->get('config_store_id');
         $date_added = has_value($data['date_added']) ? "'" . $this->db->escape($data['date_added']) . "'" : 'NOW()';
         $status = has_value($data['status']) ? $data['status'] : 1;
         $approved = has_value($data['approved']) ? $data['approved'] : 1;
         $data['email'] = mb_strtolower($data['email']);
         //process unique loginname
         $loginname = $data['loginname'] ? $data['loginname'] : '';
         $loginname = mb_strtolower($loginname);
         if (!$loginname && !$this->config->get('prevent_email_as_login') && $data['email'] && !in_array($data['email'], $logins)) {
             $loginname = $data['email'];
         }
         if (in_array($loginname, $logins)) {
             $loginname = '';
         }
         if (!$loginname) {
             $loginname = 'gen_' . md5(microtime());
         }
         $sql = "INSERT INTO " . DB_PREFIX . "customers\n\t\t\t\t\tSET store_id = '" . $store_id . "',\n\t\t\t\t\t\tfirstname = '" . $this->db->escape($data['firstname']) . "',\n\t\t\t\t\t\tlastname = '" . $this->db->escape($data['lastname']) . "',\n\t\t\t\t\t\temail = '" . $this->db->escape($data['email']) . "',\n\t\t\t\t\t\tloginname = '" . $this->db->escape($loginname) . "',\n\t\t\t\t\t\ttelephone = '" . $this->db->escape($data['telephone']) . "',\n\t\t\t\t\t\tfax = '" . $this->db->escape($data['fax']) . "',\n\t\t\t\t\t\tpassword = '******'password'])) . "',\n\t\t\t\t\t\tnewsletter = '" . $this->db->escape($data['newsletter']) . "',\n\t\t\t\t\t\tip = '" . $this->db->escape($data['ip']) . "',\n\t\t\t\t\t\tcustomer_group_id = '" . (int) $this->config->get('config_customer_group_id') . "',\n\t\t\t\t\t\tstatus = '" . $status . "',\n\t\t\t\t\t\tapproved = '" . $approved . "',\n\t\t\t\t\t\tdate_added = " . $date_added . "";
         $result = $this->db->query($sql, true);
         $logins[] = $loginname;
         if ($result === false) {
             $this->addLog($this->db->error);
         }
         $customer_id = $this->db->getLastId();
         $customer_id_map[$data['customer_id']] = $customer_id;
         $data['address'] = (array) $data['address'];
         foreach ($data['address'] as $address) {
             $sql = "INSERT INTO " . DB_PREFIX . "addresses\n\t\t\t\t\t  SET customer_id = '" . (int) $customer_id . "',\n\t\t\t\t\t\t  firstname = '" . $this->db->escape($address['firstname']) . "',\n\t\t\t\t\t\t\tlastname = '" . $this->db->escape($address['lastname']) . "',\n\t\t\t\t\t\t\tcompany = '" . $this->db->escape($address['company']) . "',\n\t\t\t\t\t\t\taddress_1 = '" . $this->db->escape($address['address_1']) . "',\n\t\t\t\t\t\t\tcity = '" . $this->db->escape($address['city']) . "',\n\t\t\t\t\t\t\tpostcode = '" . $this->db->escape($address['postcode']) . "',\n\t\t\t\t\t\t\tcountry_id = " . ($address['country_iso_code2'] ? " COALESCE((SELECT country_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . DB_PREFIX . "countries\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE iso_code_2='" . $this->db->escape($address['country_iso_code2']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 0,1),0)" : "'0'") . ",\n\t\t\t\t\t\t\tzone_id = " . ($address['zone_iso_code2'] ? "COALESCE((SELECT zone_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . DB_PREFIX . "zones\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE code='" . $this->db->escape($address['zone_iso_code2']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 0,1),0)" : "'0'");
             $result = $this->db->query($sql, true);
             if ($result === false) {
                 $this->addLog($this->db->error);
             }
             $address_id = $this->db->getLastId();
         }
         $result = $this->db->query("UPDATE " . DB_PREFIX . "customers\n\t\t\t\t\t\t\t\t\t    SET address_id = '" . (int) $address_id . "'\n\t\t\t\t\t\t\t\t        WHERE customer_id = '" . (int) $customer_id . "'", true);
         if ($result === false) {
             $this->addLog($this->db->error);
         }
     }
     $this->addLog(count($customers) . ' customers imported', 'success');
     return true;
 }
 /**
  * @param string $loginname
  * @param string $password
  */
 public function editPassword($loginname, $password)
 {
     $password = AEncryption::getHash($password);
     $this->db->query("UPDATE " . $this->db->table("customers") . " SET password = '******' WHERE loginname = '" . $this->db->escape($loginname) . "'");
 }
示例#15
0
 /**
  * @param string $loginname
  * @param string $password
  */
 public function editPassword($loginname, $password)
 {
     $password = AEncryption::getHash($password);
     $this->db->query("UPDATE " . $this->db->table("customers") . "\n      \t                SET password = '******'\n      \t                WHERE loginname = '" . $this->db->escape($loginname) . "'");
     //send IM
     $sql = "SELECT customer_id\n \t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t      \tWHERE loginname = '" . $this->db->escape($loginname) . "'";
     $result = $this->db->query($sql);
     $customer_id = $result->row['customer_id'];
     if ($customer_id) {
         $language = new ALanguage($this->registry);
         $language->load('common/im');
         $message_arr = array(0 => array('message' => $language->get('im_customer_account_update_password_to_customer')));
         $this->im->send('customer_account_update', $message_arr);
     }
 }
示例#16
0
 /**
  * @param string $loginname
  * @param string $password
  * @return bool
  */
 public function login($loginname, $password)
 {
     $approved_only = '';
     if ($this->config->get('config_customer_approval')) {
         $approved_only = " AND approved = '1'";
     }
     $customer_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t\t\t\t\tWHERE loginname = '" . $this->db->escape($loginname) . "'\n\t\t\t\t\t\t\t\t\t\t\tAND password = '******'\n\t\t\t\t\t\t\t\t\t\t\tAND status = '1'" . $approved_only);
     if ($customer_query->num_rows) {
         $this->session->data['customer_id'] = $customer_query->row['customer_id'];
         if ($customer_query->row['cart'] && is_string($customer_query->row['cart'])) {
             $cart = unserialize($customer_query->row['cart']);
             foreach ($cart as $key => $value) {
                 if (!array_key_exists($key, $this->session->data['cart'])) {
                     $this->session->data['cart'][$key] = $value;
                 } else {
                     $this->session->data['cart'][$key]['qty'] += $value['qty'];
                 }
             }
         }
         $this->loginname = $loginname;
         $this->customer_id = $customer_query->row['customer_id'];
         $this->firstname = $customer_query->row['firstname'];
         $this->lastname = $customer_query->row['lastname'];
         if ($this->dcrypt->active) {
             $this->email = $this->dcrypt->decrypt_field($customer_query->row['email'], $customer_query->row['key_id']);
             $this->telephone = $this->dcrypt->decrypt_field($customer_query->row['telephone'], $customer_query->row['key_id']);
             $this->fax = $this->dcrypt->decrypt_field($customer_query->row['fax'], $customer_query->row['key_id']);
         } else {
             $this->email = $customer_query->row['email'];
             $this->telephone = $customer_query->row['telephone'];
             $this->fax = $customer_query->row['fax'];
         }
         $this->newsletter = $customer_query->row['newsletter'];
         $this->customer_group_id = $customer_query->row['customer_group_id'];
         $this->address_id = $customer_query->row['address_id'];
         $this->cache->delete('storefront_menu');
         return TRUE;
     } else {
         return FALSE;
     }
 }
示例#17
0
 /**
  * Beta! 
  * Preload JavaScript and return an output.
  * @param string/array $js_file file(s) with relative name
  * @param string $group JS group name for caching 
  * @return string
  */
 public function PreloadJS($js_file, $group = 'js')
 {
     if (empty($js_file)) {
         return '';
     }
     //build hash key
     $key = '';
     //get file time stamp
     if (is_array($js_file)) {
         foreach ($js_file as $js) {
             //get file time stamp
             $key .= $js . "-" . filemtime($this->templateResource($js, 'file'));
         }
     } else {
         $key .= $js_file . "-" . filemtime($this->templateResource($js_file, 'file'));
     }
     $key = $group . "." . AEncryption::getHash($group . '-' . $key);
     //check if hash is created and load
     $js_data = $this->cache->pull($key);
     if ($js_data === false) {
         //load js and save to cache
         //TODO: Add stable minify method. minify_js in html-css-js-minifier.php is not stable
         $js_data = '';
         if (is_array($js_file)) {
             foreach ($js_file as $file) {
                 $js_data .= file_get_contents($this->templateResource($file, 'file')) . "\n";
             }
         } else {
             $js_data .= file_get_contents($this->templateResource($js_file, 'file'));
         }
         //$js_data = minify_js($js_data);
         $this->cache->push($key, $js_data);
     }
     return $js_data;
 }
 /**
  * @param AForm $form
  * @param $data
  * @return array
  */
 private function _build_system($form, $data)
 {
     $ret_data = array();
     if ($data['storefront_template_debug']) {
         $this->session->data['tmpl_debug'] = AEncryption::getHash(mt_rand());
         $ret_data['storefront_debug_url'] = $this->html->getCatalogURL('index/home', '&tmpl_debug=' . $this->session->data['tmpl_debug']);
         $ret_data['admin_debug_url'] = $this->html->getSecureURL('index/home', '&tmpl_debug=' . $this->session->data['tmpl_debug']);
     } else {
         unset($this->session->data['tmpl_debug']);
         $ret_data['storefront_debug_url'] = '';
         $ret_data['admin_debug_url'] = '';
     }
     $ignore = array('common/login', 'common/logout', 'error/not_found', 'error/permission');
     $ret_data['tokens'] = array();
     $files_pages = glob(DIR_APP_SECTION . 'controller/pages/*/*.php');
     $files_response = glob(DIR_APP_SECTION . 'controller/responses/*/*.php');
     $files = array_merge($files_pages, $files_response);
     foreach ($files as $file) {
         $tmp_data = explode('/', dirname($file));
         $token = end($tmp_data) . '/' . basename($file, '.php');
         if (!in_array($token, $ignore)) {
             $ret_data['tokens'][$token] = $token;
         }
     }
     $ret_data['form'] = array('fields' => $this->conf_mngr->getFormFields('system', $form, $data));
     return $ret_data;
 }