/** * Check if product exists and can be viewed by the current user * * @param int product ID or alias * @return int pId on success, null if no match found */ public function checkProduct($product, $showInactive = false) { // Integer is a pID, string must be an alias if (is_numeric($product)) { $lookupField = 'pId'; } else { $lookupField = 'pAlias'; } $sql = "SELECT `pId`, `access`"; $sql .= ", IF("; $sql .= " (`publish_up` IS NULL OR `publish_up` <= NOW())"; $sql .= " AND (`publish_down` IS NULL OR `publish_down` = '0000-00-00 00:00:00' OR `publish_down` > NOW()"; $sql .= "), 1, 0) AS isPublished"; $sql .= " FROM `#__storefront_products` p WHERE p.`{$lookupField}` = " . $this->_db->quote($product); if (!$showInactive) { $sql .= " AND p.`pActive` = 1"; } $this->_db->setQuery($sql); $pInfo = $this->_db->loadObject(); $response = new \stdClass(); $response->status = 1; if (empty($pInfo)) { $response->status = 0; $response->errorCode = 404; $response->message = 'COM_STOREFRONT_PRODUCT_NOT_FOUND'; return $response; } // Check if the product can be viewed (if access level scope is set) if (\Component::params('com_storefront')->get('productAccess')) { if ($this->accessGroupsScope) { $product = new Product(); $product->setId($pInfo->pId); $accessgroups = $product->getAccessGroups('include'); // See what groups are in common $groups = array_intersect($accessgroups, $this->accessGroupsScope); // No common groups if (empty($groups)) { $response->status = 0; $response->errorCode = 403; $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED'; return $response; } $accessgroups = $product->getAccessGroups('exclude'); // See what groups are in common $groups = array_intersect($accessgroups, $this->accessGroupsScope); // User in disallowed groups if (!empty($groups)) { $response->status = 0; $response->errorCode = 403; $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED'; return $response; } } } else { if ($this->accessLevelsScope) { if (!in_array($pInfo->access, $this->accessLevelsScope)) { $response->status = 0; $response->errorCode = 403; $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED'; return $response; } } } // Check if the product is published if (!$pInfo->isPublished) { $response->status = 0; $response->errorCode = 403; $response->message = 'COM_STOREFRONT_PRODUCT_ACCESS_NOT_AUTHORIZED'; return $response; } $response->pId = $pInfo->pId; return $response; }