public function main()
{
//init controller data
$this->extensions->hk_InitData($this, __FUNCTION__);
$this->loadLanguage('common/forgot_password');
$this->document->setTitle($this->language->get('heading_title'));
if ($this->request->is_POST() && $this->_validate()) {
//generate hash
$hash = AEncryption::getHash(time());
$link = $this->html->getSecureURL('index/forgot_password/validate', '&hash=' . $hash);
//create a scratch data for future use
$passreset = new ADataset();
$passreset->createDataset('admin_pass_reset', $this->request->post['username']);
$passreset->setDatasetProperties(array('hash' => $hash, 'email' => $this->request->post['email']));
$mail = new AMail($this->config);
$mail->setTo($this->request->post['email']);
$mail->setFrom($this->config->get('store_main_email'));
$mail->setSender($this->config->get('config_owner'));
$mail->setSubject(sprintf($this->language->get('reset_email_subject'), $this->config->get('store_name')));
$mail->setHtml(sprintf($this->language->get('reset_email_body_html'), $link, $link));
$mail->setText(sprintf($this->language->get('reset_email_body_text'), $link, $link));
$mail->send();
$this->redirect($this->html->getSecureURL('index/forgot_password', '&mail=sent'));
}
$this->data['login'] = $this->html->getSecureURL('index/login');
if (isset($this->request->get['mail']) && $this->request->get['mail'] == 'sent') {
$this->data['show_instructions'] = true;
} else {
$this->data['error'] = $this->error;
$fields = array('username', 'email', 'captcha');
foreach ($fields as $f) {
if (isset($this->request->post[$f])) {
$this->data[$f] = $this->request->post[$f];
} else {
$this->data[$f] = '';
}
}
$this->data['action'] = $this->html->getSecureURL('index/forgot_password');
$this->data['update'] = '';
$form = new AForm('ST');
$form->setForm(array('form_name' => 'forgotFrm', 'update' => $this->data['update']));
$this->data['form']['id'] = 'forgotFrm';
$this->data['form']['form_open'] = $form->getFieldHtml(array('type' => 'form', 'name' => 'forgotFrm', 'action' => $this->data['action']));
$this->data['form']['submit'] = $form->getFieldHtml(array('type' => 'button', 'name' => 'submit', 'text' => $this->language->get('button_reset_password'), 'style' => 'button3'));
$this->data['form']['fields']['username'] = $form->getFieldHtml(array('type' => 'input', 'name' => 'username', 'value' => $this->data['username'], 'required' => true, 'placeholder' => $this->language->get('entry_username')));
$this->data['form']['fields']['email'] = $form->getFieldHtml(array('type' => 'input', 'name' => 'email', 'value' => $this->data['email'], 'required' => true, 'placeholder' => $this->language->get('entry_email')));
if ($this->config->get('config_recaptcha_site_key')) {
$this->data['form']['fields']['captcha'] = $form->getFieldHtml(array('type' => 'recaptcha', 'name' => 'captcha', 'recaptcha_site_key' => $this->config->get('config_recaptcha_site_key'), 'language_code' => $this->language->getLanguageCode()));
} else {
$this->data['form']['fields']['captcha'] = $form->getFieldHtml(array('type' => 'captcha', 'name' => 'captcha', 'value' => $this->data['captcha'], 'required' => true, 'placeholder' => $this->language->get('entry_captcha')));
}
}
$this->view->batchAssign($this->data);
$this->processTemplate('pages/index/forgot_password.tpl');
//update controller data
$this->extensions->hk_UpdateData($this, __FUNCTION__);
}
private function _validate($loginname, $password)
{
if (!$this->customer->login($loginname, $password)) {
return FALSE;
} else {
unset($this->session->data['guest']);
$this->loadModel('account/address');
$address = $this->model_account_address->getAddress($this->customer->getAddressId());
$this->session->data['country_id'] = $address['country_id'];
$this->session->data['zone_id'] = $address['zone_id'];
$this->session->data['token'] = AEncryption::getHash(mt_rand());
return TRUE;
}
}
public function editUser($user_id, $data)
{
$fields = array('username', 'firstname', 'lastname', 'email', 'user_group_id', 'status');
$update = array();
foreach ($fields as $f) {
if (isset($data[$f])) {
$update[] = $f . " = '" . $this->db->escape($data[$f]) . "'";
}
}
if (!empty($data['password'])) {
$update[] = "password = '******'password'])) . "'";
}
if (!empty($update)) {
$sql = "UPDATE " . $this->db->table("users") . " SET " . implode(',', $update) . " WHERE user_id = '" . (int) $user_id . "'";
$this->db->query($sql);
}
}
public function post()
{
//This is login attempt
$request = $this->rest->getRequestParams();
if (isset($request['token'])) {
//this is the request to authorized
$this->_validate_token($request['token']);
} else {
if (isset($request['username']) && isset($request['password']) && $this->_validate($request['username'], $request['password'])) {
$this->session->data['token'] = AEncryption::getHash(mt_rand());
$this->rest->setResponseData(array('status' => 1, 'success' => 'Logged in', 'token' => $this->session->data['token']));
$this->rest->sendResponse(200);
} else {
$this->rest->setResponseData(array('status' => 0, 'error' => 'Login attempt failed!'));
$this->rest->sendResponse(401);
}
}
}
public function RunSQL($data)
{
$db = new ADB($data['db_driver'], $data['db_host'], $data['db_user'], $data['db_password'], $data['db_name']);
$file = DIR_APP_SECTION . 'abantecart_database.sql';
if ($sql = file($file)) {
$query = '';
foreach ($sql as $line) {
$tsl = trim($line);
if ($sql != '' && substr($tsl, 0, 2) != "--" && substr($tsl, 0, 1) != '#') {
$query .= $line;
if (preg_match('/;\\s*$/', $line)) {
$query = str_replace("DROP TABLE IF EXISTS `ac_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $query);
$query = str_replace("CREATE TABLE `ac_", "CREATE TABLE `" . $data['db_prefix'], $query);
$query = str_replace("INSERT INTO `ac_", "INSERT INTO `" . $data['db_prefix'], $query);
$query = str_replace("ON `ac_", "ON `" . $data['db_prefix'], $query);
$db->query($query);
//no silence mode! if error - will throw to exception
$query = '';
}
}
}
$db->query("SET CHARACTER SET utf8;");
$db->query("SET @@session.sql_mode = 'MYSQL40';");
$db->query("INSERT INTO `" . $data['db_prefix'] . "users`\n\t\t\t\tSET user_id = '1',\n\t\t\t\t\tuser_group_id = '1',\n\t\t\t\t\temail = '" . $db->escape($data['email']) . "',\n\t\t\t\t username = '******'username']) . "',\n\t\t\t\t password = '******'password'])) . "',\n\t\t\t\t status = '1',\n\t\t\t\t date_added = NOW();");
$db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape($data['email']) . "' WHERE `key` = 'store_main_email'; ");
$db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape(HTTP_ABANTECART) . "' WHERE `key` = 'config_url'; ");
$db->query("INSERT INTO `" . $data['db_prefix'] . "settings` SET `group` = 'config', `key` = 'install_date', value = NOW(); ");
$db->query("UPDATE `" . $data['db_prefix'] . "products` SET `viewed` = '0';");
//process triggers
//$this->create_triggers($db, $data['db_name']);
//run descructor and close db-connection
unset($db);
}
//clear cache dir in case of reinstall
$cache = new ACache();
$cache->remove('*');
}
public function editUser($user_id, $data)
{
$fields = array('username', 'firstname', 'lastname', 'email', 'user_group_id', 'status');
$update = array();
foreach ($fields as $f) {
if (isset($data[$f])) {
$update[] = $f . " = '" . $this->db->escape($data[$f]) . "'";
}
}
if ($data['password'] || $data['email'] || $data['username']) {
//notify admin user of important infoamtion change
$language = new ALanguage($this->registry, '', 1);
$language->load('common/im');
$message_arr = array(1 => array('message' => $language->get('im_account_update_text_to_admin')));
$this->im->sendToUser($user_id, 'account_update', $message_arr);
}
if (!empty($data['password'])) {
$update[] = "password = '******'password'])) . "'";
}
if (!empty($update)) {
$sql = "UPDATE " . $this->db->table("users") . " SET " . implode(',', $update) . " WHERE user_id = '" . (int) $user_id . "'";
$this->db->query($sql);
}
}
/**
* @param $username string
* @param $password string
* @return bool
*/
public function login($username, $password)
{
$user_query = $this->db->query("SELECT *\n \t FROM " . $this->db->table("users") . " \n \t WHERE username = '******'\n \t AND password = '******'");
if ($user_query->num_rows) {
$this->session->data['user_id'] = $user_query->row['user_id'];
$this->session->data['user_last_login'] = $user_query->row['last_login'];
$this->user_id = $user_query->row['user_id'];
$this->username = $user_query->row['username'];
$this->last_login = $user_query->row['last_login'];
if (!$this->last_login || $this->last_login == 'null' || $this->last_login == '0000-00-00 00:00:00') {
$this->session->data['user_last_login'] = $this->last_login = '';
}
$this->db->query("UPDATE " . $this->db->table("users") . " \n\t\t\t\t\t\t\t SET last_login = NOW()\n\t\t\t\t\t\t\t WHERE user_id = '" . (int) $this->session->data['user_id'] . "'");
$user_group_query = $this->db->query("SELECT permission\n \t\t FROM " . $this->db->table("user_groups") . " \n \t\t WHERE user_group_id = '" . (int) $user_query->row['user_group_id'] . "'");
if ($user_group_query->row['permission']) {
foreach (unserialize($user_group_query->row['permission']) as $key => $value) {
$this->permission[$key] = $value;
}
}
return TRUE;
} else {
return FALSE;
}
}
public function main()
{
//init controller data
$this->extensions->hk_InitData($this, __FUNCTION__);
$this->loadLanguage('common/login');
$this->cache->delete('admin_menu');
$this->document->setTitle($this->language->get('heading_title'));
$this->document->addBreadcrumb(array('href' => '', 'text' => $this->language->get('text_home'), 'separator' => FALSE));
$this->document->addBreadcrumb(array('href' => $this->html->getSecureURL('index/login'), 'text' => $this->language->get('heading_title'), 'current' => true, 'sub_text' => '', 'icon' => ''));
if ($this->request->is_POST() && $this->_validate()) {
$this->session->data['token'] = AEncryption::getHash(mt_rand());
$this->session->data['checkupdates'] = true;
// sign to run ajax-request to check for updates. see common/head for details
//login is sussessful redirect to originaly requested page
if (isset($this->request->post['redirect']) && !preg_match("/rt=index\\/login/i", $this->request->post['redirect'])) {
$redirect = $this->html->filterQueryParams($this->request->post['redirect'], array('token'));
$redirect .= "&token=" . $this->session->data['token'];
$this->redirect($redirect);
} else {
$this->redirect($this->html->getSecureURL('index/home'));
}
}
if (isset($this->session->data['token']) && !isset($this->request->get['token']) || isset($this->request->get['token']) && (isset($this->session->data['token']) && $this->request->get['token'] != $this->session->data['token'])) {
$this->error['warning'] = $this->language->get('error_token');
}
//There was no login done, so clear the session for new login screen
$this->session->clear();
if ($this->request->cookie['new_cart'] == 1 && $this->error['warning'] && $this->request->server['REQUEST_METHOD'] == 'GET') {
$this->error['warning'] = '';
}
$this->data['action'] = $this->html->getSecureURL('index/login');
$this->data['update'] = '';
$form = new AForm('ST');
$form->setForm(array('form_name' => 'loginFrm', 'update' => $this->data['update']));
$this->data['form']['id'] = 'loginFrm';
$this->data['form']['form_open'] = $form->getFieldHtml(array('type' => 'form', 'name' => 'loginFrm', 'action' => $this->data['action']));
$this->data['form']['submit'] = $form->getFieldHtml(array('type' => 'button', 'name' => 'submit', 'text' => $this->language->get('button_login'), 'style' => 'button3'));
$fields = array('username', 'password');
foreach ($fields as $f) {
$this->data['form']['fields'][$f] = $form->getFieldHtml(array('type' => $f == 'password' ? 'password' : 'input', 'name' => $f, 'value' => $this->data[$f], 'placeholder' => $this->language->get('entry_' . $f)));
}
$this->view->assign('error_warning', $this->error['warning']);
$this->view->assign('forgot_password', $this->html->getSecureURL('index/forgot_password'));
if (isset($this->request->get['rt'])) {
$route = $this->request->get['rt'];
unset($this->request->get['rt']);
if (isset($this->request->get['token'])) {
unset($this->request->get['token']);
}
$url = '';
if ($this->request->get) {
$url = '&' . http_build_query($this->request->get);
}
if ($this->request->is_POST()) {
$this->view->assign('redirect', $this->request->post['redirect']);
// if login attempt failed - save path for redirect
} else {
$this->view->assign('redirect', $this->html->getSecureURL($route, $url));
}
} else {
$this->view->assign('redirect', '');
}
$this->view->batchAssign($this->data);
$this->processTemplate('pages/index/login.tpl');
//update controller data
$this->extensions->hk_UpdateData($this, __FUNCTION__);
}
/**
* @param int $customer_id
* @param string $field
* @param mixed $value
* @return bool
*/
public function editCustomerField($customer_id, $field, $value)
{
if (!$customer_id || !$field) {
return false;
}
$data = array('loginname', 'firstname', 'lastname', 'email', 'telephone', 'fax', 'newsletter', 'customer_group_id', 'status', 'approved');
//adds IM fields
//get only active IM drivers
$im_protocols = $this->im->getProtocols();
foreach ($im_protocols as $protocol) {
if (!in_array($protocol, $data)) {
$data[] = $protocol;
}
}
if (in_array($field, $data)) {
if ($this->dcrypt->active && in_array($field, $this->dcrypt->getEcryptedFields("customers"))) {
//check key_id to use
$query_key = $this->db->query("SELECT key_id\n\t\t\t\t\t\t\t\t\t FROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t WHERE customer_id = '" . (int) $customer_id . "'");
$key_id = $query_key->rows[0]['key_id'];
$value = $this->dcrypt->encrypt_field($value, $key_id);
}
}
$this->db->query("UPDATE " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t SET " . $field . " = '" . $this->db->escape($value) . "'\n\t\t\t\t\t\t\t WHERE customer_id = '" . (int) $customer_id . "'");
if ($field == 'password') {
$this->db->query("UPDATE " . $this->db->table("customers") . "\n \t SET password = '******'\n \t WHERE customer_id = '" . (int) $customer_id . "'");
}
if ($field == 'newsletter') {
$this->saveCustomerNotificationSettings($customer_id, array('newsletter' => array('email' => (int) $value)));
}
return true;
}
/**
* @param int $customer_id
* @param string $field
* @param mixed $value
*/
public function editCustomerField($customer_id, $field, $value)
{
$data = array('loginname', 'firstname', 'lastname', 'email', 'telephone', 'fax', 'newsletter', 'customer_group_id', 'status', 'approved');
if (in_array($field, $data)) {
if ($this->dcrypt->active && in_array($field, $this->dcrypt->getEcryptedFields("customers"))) {
//check key_id to use
$query_key = $this->db->query("select key_id from " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t WHERE customer_id = '" . (int) $customer_id . "'");
$key_id = $query_key->rows[0]['key_id'];
$value = $this->dcrypt->encrypt_field($value, $key_id);
}
}
$this->db->query("UPDATE " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t SET {$field} = '" . $this->db->escape($value) . "'\n\t\t\t\t\t\t\t WHERE customer_id = '" . (int) $customer_id . "'");
if ($field == 'password') {
$this->db->query("UPDATE " . $this->db->table("customers") . "\n \t SET password = '******'\n \t WHERE customer_id = '" . (int) $customer_id . "'");
}
}
/**
* Get unique hashed cache key string from an key/group pair
*
* @param string $key The cache data key
* @param string $group The cache data group
*
* @return string
*
* @since 1.2.7
*/
protected function _hashCacheKey($key, $group)
{
return AEncryption::getHash($group . '-' . $key);
}
/**
* @param string $loginname
* @param string $password
* @return bool
*/
public function login($loginname, $password)
{
$approved_only = '';
if ($this->config->get('config_customer_approval')) {
$approved_only = " AND approved = '1'";
}
$customer_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t\t\t\t\tWHERE LOWER(loginname) = LOWER('" . $this->db->escape($loginname) . "')\n\t\t\t\t\t\t\t\t\t\t\tAND password = '******'\n\t\t\t\t\t\t\t\t\t\t\tAND status = '1'" . $approved_only);
if ($customer_query->num_rows) {
$this->customer_id = $this->session->data['customer_id'] = $customer_query->row['customer_id'];
//load customer saved cart and merge with session cart before login
$cart = $this->getCustomerCart();
$this->mergeCustomerCart($cart);
//save merged cart
$this->saveCustomerCart();
$this->loginname = $loginname;
$this->firstname = $customer_query->row['firstname'];
$this->lastname = $customer_query->row['lastname'];
if ($this->dcrypt->active) {
$this->email = $this->dcrypt->decrypt_field($customer_query->row['email'], $customer_query->row['key_id']);
$this->telephone = $this->dcrypt->decrypt_field($customer_query->row['telephone'], $customer_query->row['key_id']);
$this->fax = $this->dcrypt->decrypt_field($customer_query->row['fax'], $customer_query->row['key_id']);
} else {
$this->email = $customer_query->row['email'];
$this->telephone = $customer_query->row['telephone'];
$this->fax = $customer_query->row['fax'];
}
$this->newsletter = $customer_query->row['newsletter'];
$this->customer_group_id = $customer_query->row['customer_group_id'];
$this->address_id = $customer_query->row['address_id'];
$this->cache->delete('storefront_menu');
//set cookie for unauthenticated user (expire in 1 year)
$encryption = new AEncryption($this->config->get('encryption_key'));
$cutomer_data = $encryption->encrypt(serialize(array('first_name' => $this->firstname, 'customer_id' => $this->customer_id, 'script_name' => $this->request->server['SCRIPT_NAME'])));
setcookie('customer', $cutomer_data, time() + 60 * 60 * 24 * 365, '/', $this->request->server['HTTP_HOST']);
return true;
} else {
return false;
}
}
protected function migrateCustomers()
{
$customers = $this->cartObj->getCustomers();
if (!$customers) {
$errors = $this->cartObj->getErrors();
$class = '';
if (!$errors) {
$errors = $this->language->get('text_no_customers');
$class = 'attention';
}
$this->addLog($errors, $class);
return true;
}
// get all loginnames to prevent conflicts.
$query = $this->db->query("SELECT LOWER(`loginname`) AS loginname\n\t\t\t\t\t\t\t\t FROM " . $this->db->table("customers"));
$logins = array();
foreach ($query->rows as $row) {
$logins[] = $row['loginname'];
}
foreach ($customers as $data) {
if (!trim($data['email'])) {
continue;
}
$store_id = has_value($data['store_id']) ? (int) $data['store_id'] : (int) $this->config->get('config_store_id');
$date_added = has_value($data['date_added']) ? "'" . $this->db->escape($data['date_added']) . "'" : 'NOW()';
$status = has_value($data['status']) ? $data['status'] : 1;
$approved = has_value($data['approved']) ? $data['approved'] : 1;
$data['email'] = mb_strtolower($data['email']);
//process unique loginname
$loginname = $data['loginname'] ? $data['loginname'] : '';
$loginname = mb_strtolower($loginname);
if (!$loginname && !$this->config->get('prevent_email_as_login') && $data['email'] && !in_array($data['email'], $logins)) {
$loginname = $data['email'];
}
if (in_array($loginname, $logins)) {
$loginname = '';
}
if (!$loginname) {
$loginname = 'gen_' . md5(microtime());
}
$sql = "INSERT INTO " . DB_PREFIX . "customers\n\t\t\t\t\tSET store_id = '" . $store_id . "',\n\t\t\t\t\t\tfirstname = '" . $this->db->escape($data['firstname']) . "',\n\t\t\t\t\t\tlastname = '" . $this->db->escape($data['lastname']) . "',\n\t\t\t\t\t\temail = '" . $this->db->escape($data['email']) . "',\n\t\t\t\t\t\tloginname = '" . $this->db->escape($loginname) . "',\n\t\t\t\t\t\ttelephone = '" . $this->db->escape($data['telephone']) . "',\n\t\t\t\t\t\tfax = '" . $this->db->escape($data['fax']) . "',\n\t\t\t\t\t\tpassword = '******'password'])) . "',\n\t\t\t\t\t\tnewsletter = '" . $this->db->escape($data['newsletter']) . "',\n\t\t\t\t\t\tip = '" . $this->db->escape($data['ip']) . "',\n\t\t\t\t\t\tcustomer_group_id = '" . (int) $this->config->get('config_customer_group_id') . "',\n\t\t\t\t\t\tstatus = '" . $status . "',\n\t\t\t\t\t\tapproved = '" . $approved . "',\n\t\t\t\t\t\tdate_added = " . $date_added . "";
$result = $this->db->query($sql, true);
$logins[] = $loginname;
if ($result === false) {
$this->addLog($this->db->error);
}
$customer_id = $this->db->getLastId();
$customer_id_map[$data['customer_id']] = $customer_id;
$data['address'] = (array) $data['address'];
foreach ($data['address'] as $address) {
$sql = "INSERT INTO " . DB_PREFIX . "addresses\n\t\t\t\t\t SET customer_id = '" . (int) $customer_id . "',\n\t\t\t\t\t\t firstname = '" . $this->db->escape($address['firstname']) . "',\n\t\t\t\t\t\t\tlastname = '" . $this->db->escape($address['lastname']) . "',\n\t\t\t\t\t\t\tcompany = '" . $this->db->escape($address['company']) . "',\n\t\t\t\t\t\t\taddress_1 = '" . $this->db->escape($address['address_1']) . "',\n\t\t\t\t\t\t\tcity = '" . $this->db->escape($address['city']) . "',\n\t\t\t\t\t\t\tpostcode = '" . $this->db->escape($address['postcode']) . "',\n\t\t\t\t\t\t\tcountry_id = " . ($address['country_iso_code2'] ? " COALESCE((SELECT country_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . DB_PREFIX . "countries\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE iso_code_2='" . $this->db->escape($address['country_iso_code2']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 0,1),0)" : "'0'") . ",\n\t\t\t\t\t\t\tzone_id = " . ($address['zone_iso_code2'] ? "COALESCE((SELECT zone_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . DB_PREFIX . "zones\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE code='" . $this->db->escape($address['zone_iso_code2']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 0,1),0)" : "'0'");
$result = $this->db->query($sql, true);
if ($result === false) {
$this->addLog($this->db->error);
}
$address_id = $this->db->getLastId();
}
$result = $this->db->query("UPDATE " . DB_PREFIX . "customers\n\t\t\t\t\t\t\t\t\t SET address_id = '" . (int) $address_id . "'\n\t\t\t\t\t\t\t\t WHERE customer_id = '" . (int) $customer_id . "'", true);
if ($result === false) {
$this->addLog($this->db->error);
}
}
$this->addLog(count($customers) . ' customers imported', 'success');
return true;
}
/**
* @param string $loginname
* @param string $password
*/
public function editPassword($loginname, $password)
{
$password = AEncryption::getHash($password);
$this->db->query("UPDATE " . $this->db->table("customers") . " SET password = '******' WHERE loginname = '" . $this->db->escape($loginname) . "'");
}
/**
* @param string $loginname
* @param string $password
*/
public function editPassword($loginname, $password)
{
$password = AEncryption::getHash($password);
$this->db->query("UPDATE " . $this->db->table("customers") . "\n \t SET password = '******'\n \t WHERE loginname = '" . $this->db->escape($loginname) . "'");
//send IM
$sql = "SELECT customer_id\n \t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t \tWHERE loginname = '" . $this->db->escape($loginname) . "'";
$result = $this->db->query($sql);
$customer_id = $result->row['customer_id'];
if ($customer_id) {
$language = new ALanguage($this->registry);
$language->load('common/im');
$message_arr = array(0 => array('message' => $language->get('im_customer_account_update_password_to_customer')));
$this->im->send('customer_account_update', $message_arr);
}
}
/**
* @param string $loginname
* @param string $password
* @return bool
*/
public function login($loginname, $password)
{
$approved_only = '';
if ($this->config->get('config_customer_approval')) {
$approved_only = " AND approved = '1'";
}
$customer_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM " . $this->db->table("customers") . "\n\t\t\t\t\t\t\t\t\t\t\tWHERE loginname = '" . $this->db->escape($loginname) . "'\n\t\t\t\t\t\t\t\t\t\t\tAND password = '******'\n\t\t\t\t\t\t\t\t\t\t\tAND status = '1'" . $approved_only);
if ($customer_query->num_rows) {
$this->session->data['customer_id'] = $customer_query->row['customer_id'];
if ($customer_query->row['cart'] && is_string($customer_query->row['cart'])) {
$cart = unserialize($customer_query->row['cart']);
foreach ($cart as $key => $value) {
if (!array_key_exists($key, $this->session->data['cart'])) {
$this->session->data['cart'][$key] = $value;
} else {
$this->session->data['cart'][$key]['qty'] += $value['qty'];
}
}
}
$this->loginname = $loginname;
$this->customer_id = $customer_query->row['customer_id'];
$this->firstname = $customer_query->row['firstname'];
$this->lastname = $customer_query->row['lastname'];
if ($this->dcrypt->active) {
$this->email = $this->dcrypt->decrypt_field($customer_query->row['email'], $customer_query->row['key_id']);
$this->telephone = $this->dcrypt->decrypt_field($customer_query->row['telephone'], $customer_query->row['key_id']);
$this->fax = $this->dcrypt->decrypt_field($customer_query->row['fax'], $customer_query->row['key_id']);
} else {
$this->email = $customer_query->row['email'];
$this->telephone = $customer_query->row['telephone'];
$this->fax = $customer_query->row['fax'];
}
$this->newsletter = $customer_query->row['newsletter'];
$this->customer_group_id = $customer_query->row['customer_group_id'];
$this->address_id = $customer_query->row['address_id'];
$this->cache->delete('storefront_menu');
return TRUE;
} else {
return FALSE;
}
}
/**
* Beta!
* Preload JavaScript and return an output.
* @param string/array $js_file file(s) with relative name
* @param string $group JS group name for caching
* @return string
*/
public function PreloadJS($js_file, $group = 'js')
{
if (empty($js_file)) {
return '';
}
//build hash key
$key = '';
//get file time stamp
if (is_array($js_file)) {
foreach ($js_file as $js) {
//get file time stamp
$key .= $js . "-" . filemtime($this->templateResource($js, 'file'));
}
} else {
$key .= $js_file . "-" . filemtime($this->templateResource($js_file, 'file'));
}
$key = $group . "." . AEncryption::getHash($group . '-' . $key);
//check if hash is created and load
$js_data = $this->cache->pull($key);
if ($js_data === false) {
//load js and save to cache
//TODO: Add stable minify method. minify_js in html-css-js-minifier.php is not stable
$js_data = '';
if (is_array($js_file)) {
foreach ($js_file as $file) {
$js_data .= file_get_contents($this->templateResource($file, 'file')) . "\n";
}
} else {
$js_data .= file_get_contents($this->templateResource($js_file, 'file'));
}
//$js_data = minify_js($js_data);
$this->cache->push($key, $js_data);
}
return $js_data;
}
/**
* @param AForm $form
* @param $data
* @return array
*/
private function _build_system($form, $data)
{
$ret_data = array();
if ($data['storefront_template_debug']) {
$this->session->data['tmpl_debug'] = AEncryption::getHash(mt_rand());
$ret_data['storefront_debug_url'] = $this->html->getCatalogURL('index/home', '&tmpl_debug=' . $this->session->data['tmpl_debug']);
$ret_data['admin_debug_url'] = $this->html->getSecureURL('index/home', '&tmpl_debug=' . $this->session->data['tmpl_debug']);
} else {
unset($this->session->data['tmpl_debug']);
$ret_data['storefront_debug_url'] = '';
$ret_data['admin_debug_url'] = '';
}
$ignore = array('common/login', 'common/logout', 'error/not_found', 'error/permission');
$ret_data['tokens'] = array();
$files_pages = glob(DIR_APP_SECTION . 'controller/pages/*/*.php');
$files_response = glob(DIR_APP_SECTION . 'controller/responses/*/*.php');
$files = array_merge($files_pages, $files_response);
foreach ($files as $file) {
$tmp_data = explode('/', dirname($file));
$token = end($tmp_data) . '/' . basename($file, '.php');
if (!in_array($token, $ignore)) {
$ret_data['tokens'][$token] = $token;
}
}
$ret_data['form'] = array('fields' => $this->conf_mngr->getFormFields('system', $form, $data));
return $ret_data;
}