private function getChangePassword($id, $key)
{
$text = Core_Text::__getInstance();
$text->setFile('main');
$text->setSection('lostpass');
// Check the key
$db = Core_Database::__getInstance();
$chk = $db->select('players', array('plid'), "plid = " . intval($id) . " AND seckey = '" . $db->escape($key) . "'");
if (count($chk) === 1) {
$password1 = Core_Tools::getInput('_POST', 'pass1', 'varchar');
$password2 = Core_Tools::getInput('_POST', 'pass2', 'varchar');
$page = new Core_Template();
$page->set('title', $text->get('changepass'));
$page->set('about', $text->get('aboutchange'));
$page->set('pass1', $text->get('pass1'));
$page->set('pass2', $text->get('pass2'));
$page->set('submit', $text->get('submitchange'));
if ($password1 && $password1 === $password2) {
$login = Core_Login::__getInstance();
$login->setPassword($chk[0]['plid'], $password1);
$page->set('success', $text->get('passchanged'));
} elseif ($password1 || $password2) {
$page->set('warning', $text->get('passmismatch'));
}
return $page->parse('lostPassword_res.tpl');
} else {
return '<p class="false">Security Key Not Found.</p>';
}
}
protected function getContent()
{
$action = Core_Tools::getInput('_POST', 'welcome_selection', 'varchar');
switch ($action) {
case 'honger':
header('Location: ' . $this->getUrl('page=register&nocompany=false'));
break;
case 'geld':
header('Location: ' . $this->getUrl('page=register&nocompany=true&action=shopowner'));
break;
}
$text = Core_Text::__getInstance();
$text->setFile('about');
$text->setSection('home');
$page = new Core_Template();
$page->set('action', $this->getUrl('page=welcome'));
return $page->parse('welcome.tpl');
}
public function __construct($level)
{
/* Store level */
$this->level = $level;
/* Check for login */
$uid = Core_Tools::getInput('_SESSION', 'plid', 'int', false);
$logout = Core_Tools::getInput('_GET', 'logout', 'bool', false);
/* Check for logout */
if ($logout) {
$this->logout();
} elseif ($uid) {
$this->uid = $uid;
} else {
// Check for different auth types
$authType = Core_Tools::getInput('_SESSION', 'loginAuthType', 'varchar');
$authUID = Core_Tools::getInput('_SESSION', 'loginAuthUID', 'int');
$authKey = Core_Tools::getInput('_SESSION', 'loginAuthSesKey', 'varchar');
if (!empty($authType) && $authUID > 0) {
// There is an auth, just make sure there is a user in the database.
$db = Core_Database::__getInstance();
$data = $db->select('players', array('plid, authSesKey'), "authType = '{$authType}' && authUID = '{$authUID}'");
if (count($data) == 1) {
$this->uid = $data[0]['plid'];
if ($data[0]['authSesKey'] != $authKey) {
// Update the session key!
$db->update('players', array('authSesKey' => $authKey), "plid = '" . $this->uid . "'");
}
} else {
// Only one ring to rule them all.
if (count($data) > 0) {
$db->remove('players', "authType = '{$authType}' && authUID = '{$authUID}'");
}
$this->uid = $db->insert('players', array('authType' => $authType, 'authUID' => $authUID, 'authSesKey' => $authKey, 'activated' => 1));
}
} else {
/* Check for cookies */
$uid = Core_Tools::getInput('_COOKIE', 'un' . $this->level, 'username', false);
$pas = Core_Tools::getInput('_COOKIE', 'ps' . $this->level, 'md5', false);
$sal = Core_Tools::getInput('_COOKIE', 'sl' . $this->level, 'md5', false);
/* Process login (to be written) */
$this->uid = false;
}
}
}
private function getIMAPI()
{
// Fetch the user key
$key = Core_Tools::getInput('_POST', 'userkey', 'varchar');
if (!empty($key)) {
$db = Core_Database::__getInstance();
$user = $db->select('im_users', array('im_player', 'im_activated'), "im_user = '******'");
if (count($user) == 0) {
// Request to login
$this->processIMLogin($key, Core_Tools::getInput('_POST', 'msg', 'varchar'));
} elseif ($user[0]['im_activated'] == 0) {
$this->processIMActivate($key, Core_Tools::getInput('_POST', 'msg', 'varchar'));
} else {
// User is authenticated
$this->processIMCommand($user[0]['im_player'], Core_Tools::getInput('_POST', 'msg', 'varchar'));
}
} else {
echo 'What are you doing here?';
}
}
private function getEditProfile()
{
$myself = Profile_Member::getMyself();
if (!$myself) {
return $this->getRegistrationForm();
}
// Process incoming data
$firstname = Core_Tools::getInput('_POST', 'firstname', 'varchar');
$name = Core_Tools::getInput('_POST', 'name', 'varchar');
$nickname = Core_Tools::getInput('_POST', 'nickname', 'username');
$email = Core_Tools::getInput('_POST', 'email', 'email');
$page = new Core_Template();
if ($firstname && $name && $nickname && $email) {
// Update the database
$db = Core_Database::__getInstance();
$db->update('players', array('firstname' => $firstname, 'lastname' => $name, 'realname' => $nickname, 'email' => $email), "plid = {$myself->getId()}");
$myself->reloadData();
$page->set('done', true);
} elseif ($firstname || $name || $nickname || $email) {
$page->set('done', false);
}
$page->set('nickname', Core_Tools::output_form($myself->getUsername()));
$page->set('firstname', Core_Tools::output_form($myself->getFirstname()));
$page->set('name', Core_Tools::output_form($myself->getName()));
$page->set('email', Core_Tools::output_form($myself->getEmail()));
return $page->parse('account_edit.tpl');
}
protected function getBasket()
{
$myself = Profile_Member::getMyself();
if ($myself) {
$orders = $myself->getPendingOrders();
if (count($orders) > 0) {
// Process Input
$remId = Core_Tools::getInput('_GET', 'bRem', 'int');
if ($remId > 0) {
$myself->removeProductFromBasket($remId);
// Reload ;-)
$orders = $myself->getPendingOrders();
}
$text = Core_Text::__getInstance();
$page = new Core_Template();
$page->set('remove', addslashes($text->get('remove', 'basket', 'main')));
$page->set('title', $text->get('title', 'basket', 'main'));
foreach ($orders as $v) {
// Create combination string
$comb = $v[1]['op_amount'] . 'x ' . Core_Tools::output_varchar($v[0]['p_name']) . ", ";
$comb .= !empty($v[1]['op_message']) ? Core_Tools::output_varchar($v[1]['op_message']) . ", " : null;
$comb .= Core_Tools::output_varchar($v[2]->getName()) . ", ";
$comb .= Core_Tools::output_varchar($v[3]->getName());
$page->addListValue('products', array(Core_Tools::output_varchar($v[0]['p_name']), Core_Tools::output_varchar($v[1]['op_amount']), Core_Tools::output_varchar($v[1]['op_message']), Core_Tools::output_varchar($v[1]['op_price']), Core_Tools::output_varchar($v[2]->getName()), Core_Tools::output_varchar($v[3]->getName()), addslashes($comb), self::getUrl('page=register&bRem=' . $v[1]['op_id'])));
}
return $page->parse('blocks/basket.tpl');
} else {
return null;
}
} else {
return null;
}
}
private function processManagementInput($objShop)
{
$db = Core_Database::__getInstance();
$iCount = 0;
while ($iCount !== false && $iCount >= 0 && $iCount < 200) {
$iCount++;
$productName = Core_Tools::getInput('_POST', 'productName' . $iCount, 'varchar');
$productText = Core_Tools::getInput('_POST', 'productText' . $iCount, 'varchar');
$originalId = Core_Tools::getInput('_POST', 'productOrg' . $iCount, 'varchar');
$categoryId = Core_Tools::getInput('_POST', 'categoryId' . $iCount, 'varchar');
$okay = true;
$productPrice = "";
$i = 0;
while ($okay && $i < 10) {
$priceIn = Core_Tools::getInput('_POST', 'productPrice' . $iCount . '_' . $i, 'float');
if ($priceIn > 0) {
$productPrice .= $priceIn . ',';
} else {
$okay = false;
}
$i++;
}
$productPrice = substr($productPrice, 0, -1);
/* 2 requirements: name & price */
if ($productName) {
if ($originalId > 0) {
// update
$db->update('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 'c_id' => $categoryId), "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'");
} else {
// add
$db->insert('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 's_id' => $objShop->getId(), 'c_id' => $categoryId));
}
} elseif ($originalId > 0) {
$db->remove('products', "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'");
} else {
// Get out of here!
$iCount = false;
}
}
// Last: general info
$message = Core_Tools::getInput('_POST', 'shopMessage', 'varchar');
$db->update('shops', array('s_message' => $message), "s_id = '" . $objShop->getId() . "'");
$objShop->refreshData();
}
public function getGoogleContent()
{
$db = Core_Database::__getInstance();
$shop = Core_Tools::getInput('_GET', 'sid', 'int', false);
if ($shop > 0) {
// Show all products of this shop
$shop = Profile_Shop::getShop($shop);
if ($shop) {
$shop_page = new Pages_Shop();
return $shop_page->getOverview($shop);
}
}
// Show a list of all shops.
$page = new Core_Template();
$data = $db->select('shops', array('*'), null, 's_name ASC');
foreach ($data as $v) {
$page->addListValue('shops', array('name' => Core_Tools::output_varchar($v['s_name']), 'url' => self::getUrl('page=order&sid=' . $v['s_id']), 'location' => Core_Tools::output_varchar($v['s_gemeente'])));
}
return $page->parse('google_shops.phpt');
}
public function getPoefboekLog($objCompany)
{
$me = Profile_Member::getMyself();
$status = $objCompany->getUserStatus($me);
$bShowLogs = Core_Tools::getInput('_GET', 'details', 'int') == 1;
if ($status != 'pending') {
$user = Profile_Member::getMember(Core_Tools::getInput('_GET', 'uid', 'int'));
if ($user->isFound()) {
$text = Core_Text::__getInstance();
$text->setFile('company');
$text->setSection('poeflog');
$page = new Core_Template();
$locname = Core_Tools::output_varchar($user->getUsername()) . ' @ ' . Core_Tools::output_varchar($objCompany->getName());
$page->set('poeflog', $text->get('poeflog') . ': ' . $locname);
$page->set('nologs', $text->get('nologs'));
$page->set('return', $text->get('return'));
$page->set('return_url', self::getUrl('page=company&id=' . $objCompany->getId()));
if (!$bShowLogs) {
$page->set('show_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=1'));
} else {
$page->set('hide_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=0'));
}
$page->set('datum', $text->get('datum'));
$page->set('amount', $text->get('amount'));
$page->set('balance', $text->get('balance'));
$page->set('actor', $text->get('actor'));
foreach ($objCompany->getPoefboekLog($user, $bShowLogs) as $v) {
$page->addListValue('logs', array('date' => date(DATETIME, $v['date']), 'amount' => Core_Tools::convert_price($v['amount']), 'newpoef' => Core_Tools::convert_price($v['newpoef']), 'actor_name' => $v['actor_name'], 'actor_url' => $v['actor_url'], 'comment' => Core_Tools::output_varchar($v['comment']), 'details' => $v['details']));
}
$page->set('showDetails', $bShowLogs);
return $page->parse('company_poeflog.tpl');
} else {
return '<p>User not found.</p>';
}
} else {
return '<p>No permission to watch logs.</p>';
}
}
