public function save_user($user_id, $data, $from_public = false)
{
$use_master_key = $this->get_contact_master_key();
if ($from_public) {
$user_id = 0;
} else {
if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
if (!module_user::can_i('edit', 'Contacts', 'Customer')) {
set_error('Unable to edit contacts.');
return false;
}
} else {
if (!self::can_i('edit', 'Users', 'Config')) {
set_error('Unable to edit users.');
return false;
}
}
$user_id = (int) $user_id;
}
$temp_user = array();
if ($user_id > 0) {
// check permissions
$temp_user = $this->get_user($user_id, true, false);
if (!$temp_user || $temp_user['user_id'] != $user_id || isset($temp_user['_perms'])) {
$user_id = false;
}
}
if (!$user_id && !$from_public) {
if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
if (!module_user::can_i('create', 'Contacts', 'Customer')) {
set_error('Unable to create new contacts.');
return false;
}
} else {
if (!self::can_i('create', 'Users', 'Config')) {
set_error('Unable to create new users.');
return false;
}
}
} else {
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry only the administrator can modify this account');
}
}
// check the customer id is valid assignment to someone who has these perms.
if (!$from_public) {
if (isset($data['customer_id']) && (int) $data['customer_id'] > 0) {
$temp_customer = module_customer::get_customer($data['customer_id']);
if (!$temp_customer || $temp_customer['customer_id'] != $data['customer_id']) {
unset($data['customer_id']);
}
}
if (isset($data['vendor_id']) && (int) $data['vendor_id'] > 0) {
$temp_vendor = module_vendor::get_vendor($data['vendor_id']);
if (!$temp_vendor || $temp_vendor['vendor_id'] != $data['vendor_id']) {
unset($data['vendor_id']);
}
}
}
if (isset($data['password'])) {
unset($data['password']);
}
// we do the password hash thing here.
if (isset($data['password_new']) && strlen($data['password_new'])) {
// an admin is trying to set the password for this account.
// same permissions checks as on the user_admin_edit_login.php page
if (!$user_id || isset($temp_user['password']) && !$temp_user['password'] || module_user::can_i('create', 'Users Passwords', 'Config') || isset($_REQUEST['reset_password']) && $_REQUEST['reset_password'] == module_security::get_auto_login_string($user_id)) {
// we allow the admin to set a new password without typing in previous password.
$data['password'] = $data['password_new'];
} else {
set_error('Sorry, no permissions to set a new password.');
}
} else {
if ($user_id && isset($data['password_new1']) && isset($data['password_new2']) && strlen($data['password_new1'])) {
// the user is trying to change their password.
// only do this if the user has edit password permissions and their password matches.
if (module_user::can_i('edit', 'Users Passwords', 'Config') || $user_id == module_security::get_loggedin_id()) {
if (isset($data['password_old']) && (md5($data['password_old']) == $temp_user['password'] || $data['password_old'] == $temp_user['password'])) {
// correct old password
// verify new password.
if ($data['password_new1'] == $data['password_new2']) {
$data['password'] = $data['password_new1'];
} else {
set_error('Verified password mismatch. Password unchanged.');
}
} else {
set_error('Old password does not match. Password unchanged.');
}
} else {
set_error('No permissions to change passwords');
}
}
}
// and we finally hash our password
if (isset($data['password']) && strlen($data['password']) > 0) {
$data['password'] = md5($data['password']);
// if you change md5 also change it in customer import.
// todo - salt? meh.
}
$user_id = update_insert("user_id", $user_id, "user", $data);
$use_master_key = $this->get_contact_master_key();
// this will be customer_id or supplier_id
if ($use_master_key && (isset($data[$use_master_key]) && $data[$use_master_key])) {
if ($user_id) {
if (isset($data['customer_primary']) && $data['customer_primary']) {
// update the customer/supplier to mark them as primary or not..
switch ($use_master_key) {
case 'customer_id':
module_customer::set_primary_user_id($data['customer_id'], $user_id);
break;
case 'vendor_id':
module_vendor::set_primary_user_id($data['vendor_id'], $user_id);
break;
}
} else {
// check if this contact was the old customer/supplier primary and
switch ($use_master_key) {
case 'customer_id':
$customer_data = module_customer::get_customer($data['customer_id']);
if ($customer_data['primary_user_id'] == $user_id) {
module_customer::set_primary_user_id($data['customer_id'], 0);
}
break;
case 'vendor_id':
$vendor_data = module_vendor::get_vendor($data['vendor_id']);
if ($vendor_data['primary_user_id'] == $user_id) {
module_vendor::set_primary_user_id($data['vendor_id'], 0);
}
break;
}
}
}
}
if (!$from_public) {
// hack for linked user accounts.
if ($user_id && isset($data['link_customers']) && $data['link_customers'] == 'yes' && isset($data['link_user_ids']) && is_array($data['link_user_ids']) && isset($data['email']) && $data['email']) {
$others = module_user::get_contacts(array('email' => $data['email']));
foreach ($data['link_user_ids'] as $link_user_id) {
if (!(int) $link_user_id) {
continue;
}
if ($link_user_id == $user_id) {
continue;
}
// shouldnt happen
foreach ($others as $other) {
if ($other['user_id'] == $link_user_id) {
// success! they'renot trying to hack us.
$sql = "REPLACE INTO `" . _DB_PREFIX . "user_customer_rel` SET user_id = '" . (int) $link_user_id . "', customer_id = '" . (int) $other['customer_id'] . "', `primary` = " . (int) $user_id;
query($sql);
update_insert('user_id', $link_user_id, 'user', array('linked_parent_user_id' => $user_id));
}
}
}
update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => $user_id));
}
if ($user_id && isset($data['unlink']) && $data['unlink'] == 'yes') {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_customer_rel` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => 0));
}
handle_hook("address_block_save", $this, "physical", "user", "user_id", $user_id);
handle_hook("address_block_save", $this, "postal", "user", "user_id", $user_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
// find current role / permissions
$user_data = $this->get_user($user_id);
$previous_user_roles = $user_data['roles'];
$re_save_role_perms = false;
// hack to support only 1 role (we may support multi-role in the future)
// TODO: check we have permissions to set this role id, otherwise anyone can set their own role.
if (isset($_REQUEST['role_id'])) {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
if ((int) $_REQUEST['role_id'] > 0) {
if (!isset($previous_user_roles[$_REQUEST['role_id']])) {
$re_save_role_perms = (int) $_REQUEST['role_id'];
}
$_REQUEST['role'] = array($_REQUEST['role_id'] => 1);
}
}
// save users roles (support for multi roles in future - but probably will never happen)
if (isset($_REQUEST['role']) && is_array($_REQUEST['role'])) {
foreach ($_REQUEST['role'] as $role_id => $tf) {
$this->add_user_to_role($user_id, $role_id);
}
}
if ($re_save_role_perms) {
// copy role permissiosn to user permissions
$sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = " . (int) $user_id;
query($sql);
// update - we are not relying on these permissions any more.
// if the user has a role assigned, we use those permissions period
// we ignore all permissions in the user_perm table if the user has a role.
// if the user doesn't have a role, then we use these user_perm permissions.
/*$security_role = module_security::get_security_role($re_save_role_perms);
foreach($security_role['permissions'] as $security_permission_id => $d){
$sql = "INSERT INTO `"._DB_PREFIX."user_perm` SET user_id = ".(int)$user_id.", security_permission_id = '".(int)$security_permission_id."'";
foreach(module_security::$available_permissions as $perm){
$sql .= ", `".$perm."` = ".(int)$d[$perm];
}
query($sql);
}*/
} else {
if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
// update permissions for this user.
foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) {
$actions = array();
foreach (module_security::$available_permissions as $permission) {
if (isset($permissions[$permission]) && $permissions[$permission]) {
$actions[$permission] = 1;
}
}
$sql = "REPLACE INTO `" . _DB_PREFIX . "user_perm` SET user_id = '" . (int) $user_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
}
/*global $plugins;
if($user_id && isset($data['user_type_id']) && $data['user_type_id'] == 1 && $data['site_id']){
// update the site.
$plugins['site']->set_primary_user_id($data['site_id'],$user_id);
}else{
//this use isn't (or isnt any more) the sites primary user.
// unset this if he was the primary user before
$site_data = $plugins['site']->get_site($data['site_id']);
if(isset($site_data['primary_user_id']) && $site_data['primary_user_id'] == $user_id){
$plugins['site']->set_primary_user_id($data['site_id'],0);
}
}*/
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('edit', 'Company') && module_company::is_enabled() && module_user::can_i('edit', 'User')) {
if (isset($_REQUEST['available_user_company']) && is_array($_REQUEST['available_user_company'])) {
$selected_companies = isset($_POST['user_company']) && is_array($_POST['user_company']) ? $_POST['user_company'] : array();
foreach ($_REQUEST['available_user_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove user from this company
module_company::delete_user($company_id, $user_id);
} else {
// add user to this company (if they are not already existing)
module_company::add_user_to_company($company_id, $user_id);
}
}
}
}
}
module_cache::clear('user');
return $user_id;
}
$customer_import = array('customer_name' => $callername, 'customer_extra' => array('Medium' => $referrermedium, 'Source' => $callsource, 'Campaign' => $utm_campaign, 'Content' => $utm_content, 'Term' => $utm_term, 'Query' => $keywords, 'Conversion URL' => $last_requested_url, 'IP Address' => $ip, 'Called In' => $datetime), 'address' => array('line_1' => '123 Test Street', 'line_2' => '', 'suburb' => $callercity, 'state' => $callerstate, 'post_code' => $callerzip), 'contact' => array('name' => $callername, 'last_name' => $callername, 'email' => $trackingnum, 'mobile' => $callernum));
include 'init.php';
// the UCM init code.
$customer_id = $plugins['customer']->save_customer('new', array('customer_name' => $customer_import['customer_name']));
if (!$customer_id) {
echo 'Failed to create customer';
exit;
}
if (!empty($customer_import['customer_extra'])) {
foreach ($customer_import['customer_extra'] as $extra_key => $extra_val) {
// Add the Medium extra field to that newly created customer
$extra_db = array('extra_key' => $extra_key, 'extra' => $extra_val, 'owner_table' => 'customer', 'owner_id' => $customer_id);
$extra_id = update_insert('extra_id', false, 'extra', $extra_db);
}
}
if (!empty($customer_import['address'])) {
// Save the address for the customer
$customer_import['address']['owner_id'] = $customer_id;
$customer_import['address']['owner_table'] = 'customer';
$customer_import['address']['address_type'] = 'physical';
module_address::save_address(false, $customer_import['address']);
}
if (!empty($customer_import['contact'])) {
// add the contact details to this customer record
$customer_import['contact']['customer_id'] = $customer_id;
$contact_user_id = $plugins['user']->create_user($customer_import['contact'], 'signup');
if ($contact_user_id) {
module_customer::set_primary_user_id($customer_id, $contact_user_id);
}
}
echo "Created a customer with ID {$customer_id} and a contact with ID {$contact_user_id} ";
public static function handle_import_row($row, $debug, $add_to_group, $extra_options)
{
$debug_string = '';
if (!isset($row['name'])) {
$row['name'] = '';
}
if (!isset($row['url'])) {
$row['url'] = '';
}
if (isset($row['website_id']) && (int) $row['website_id'] > 0) {
// check if this ID exists.
$website = self::get_website($row['website_id']);
if (!$website || $website['website_id'] != $row['website_id']) {
$row['website_id'] = 0;
}
}
if (!isset($row['website_id']) || !$row['website_id']) {
$row['website_id'] = 0;
}
if (isset($row['name']) && strlen(trim($row['name']))) {
// we have a website name!
// search for a website based on name.
$website = get_single('website', 'name', $row['name']);
if ($website && $website['website_id'] > 0) {
$row['website_id'] = $website['website_id'];
}
} else {
if (isset($row['url'])) {
$row['name'] = $row['url'];
}
}
if (!$row['website_id'] && isset($row['url']) && strlen(trim($row['url']))) {
// we have a url! find a match too.
$website = get_single('website', 'url', $row['url']);
if ($website && $website['website_id'] > 0) {
$row['website_id'] = $website['website_id'];
}
}
if (!strlen($row['name']) && !strlen($row['url'])) {
$debug_string .= _l('No website data to import');
if ($debug) {
echo $debug_string;
}
return false;
}
// duplicates.
//print_r($extra_options);exit;
if (isset($extra_options['duplicates']) && $extra_options['duplicates'] == 'ignore' && (int) $row['website_id'] > 0) {
if ($debug) {
$debug_string .= _l('Skipping import, duplicate of website %s', self::link_open($row['website_id'], true));
echo $debug_string;
}
// don't import duplicates
return false;
}
$row['customer_id'] = 0;
// todo - support importing of this id? nah
if (isset($row['customer_name']) && strlen(trim($row['customer_name'])) > 0) {
// check if this customer exists.
$customer = get_single('customer', 'customer_name', $row['customer_name']);
if ($customer && $customer['customer_id'] > 0) {
$row['customer_id'] = $customer['customer_id'];
$debug_string .= _l('Linked to customer %s', module_customer::link_open($row['customer_id'], true)) . ' ';
} else {
$debug_string .= _l('Create new customer: %s', htmlspecialchars($row['customer_name'])) . ' ';
}
} else {
$debug_string .= _l('No customer') . ' ';
}
if ($row['website_id']) {
$debug_string .= _l('Replace existing website: %s', self::link_open($row['website_id'], true)) . ' ';
} else {
$debug_string .= _l('Insert new website: %s', htmlspecialchars($row['url'])) . ' ';
}
$customer_primary_user_id = 0;
if ($row['customer_id'] > 0 && isset($row['customer_contact_email']) && strlen(trim($row['customer_contact_email']))) {
$users = module_user::get_users(array('customer_id' => $row['customer_id'] > 0));
foreach ($users as $user) {
if (strtolower(trim($user['email'])) == strtolower(trim($row['customer_contact_email']))) {
$customer_primary_user_id = $user['user_id'];
$debug_string .= _l('Customer primary contact is: %s', module_user::link_open_contact($customer_primary_user_id, true)) . ' ';
break;
}
}
}
if ($debug) {
echo $debug_string;
return true;
}
if (isset($extra_options['duplicates']) && $extra_options['duplicates'] == 'ignore' && $row['customer_id'] > 0) {
// don't update customer record with new one.
} else {
if (isset($row['customer_name']) && strlen(trim($row['customer_name'])) > 0 || $row['customer_id'] > 0) {
// update customer record with new one.
$row['customer_id'] = update_insert('customer_id', $row['customer_id'], 'customer', $row);
if (isset($row['customer_contact_fname']) || isset($row['customer_contact_email'])) {
$data = array('customer_id' => $row['customer_id']);
if (isset($row['customer_contact_fname'])) {
$data['name'] = $row['customer_contact_fname'];
}
if (isset($row['customer_contact_lname'])) {
$data['last_name'] = $row['customer_contact_lname'];
}
if (isset($row['customer_contact_email'])) {
$data['email'] = $row['customer_contact_email'];
}
if (isset($row['customer_contact_phone'])) {
$data['phone'] = $row['customer_contact_phone'];
}
$customer_primary_user_id = update_insert("user_id", $customer_primary_user_id, "user", $data);
module_customer::set_primary_user_id($row['customer_id'], $customer_primary_user_id);
}
}
}
$website_id = (int) $row['website_id'];
// check if this ID exists.
$website = self::get_website($website_id);
if (!$website || $website['website_id'] != $website_id) {
$website_id = 0;
}
$website_id = update_insert("website_id", $website_id, "website", $row);
// ad notes if possible
if (isset($row['notes']) && strlen(trim($row['notes']))) {
if (class_exists('module_note', false) && module_note::is_plugin_enabled()) {
module_note::save_note(array('owner_table' => 'website', 'owner_id' => $website_id, 'note' => trim($row['notes']), 'note_time' => time()));
}
}
// handle any extra fields.
$extra = array();
foreach ($row as $key => $val) {
if (!strlen(trim($val))) {
continue;
}
if (strpos($key, 'extra:') !== false) {
$extra_key = str_replace('extra:', '', $key);
if (strlen($extra_key)) {
$extra[$extra_key] = $val;
}
}
}
if ($extra) {
foreach ($extra as $extra_key => $extra_val) {
// does this one exist?
$existing_extra = module_extra::get_extras(array('owner_table' => 'website', 'owner_id' => $website_id, 'extra_key' => $extra_key));
$extra_id = false;
foreach ($existing_extra as $key => $val) {
if ($val['extra_key'] == $extra_key) {
$extra_id = $val['extra_id'];
}
}
$extra_db = array('extra_key' => $extra_key, 'extra' => $extra_val, 'owner_table' => 'website', 'owner_id' => $website_id);
$extra_id = (int) $extra_id;
update_insert('extra_id', $extra_id, 'extra', $extra_db);
}
}
foreach ($add_to_group as $group_id => $tf) {
module_group::add_to_group($group_id, $website_id, 'website');
}
return $website_id;
}
