public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->serviceManager->get('textcats')->T("denied_default");
} else {
$this->P->cb_customcontenttemplate = 'customer/register';
$aErr = [];
if (isset($_POST["doRegister"]) && $_POST["doRegister"] == 'yes') {
$aErr = CHelper::validateCustomerForm(HelperConfig::$lang, $aErr);
if (count($aErr) == 0) {
$sql = 'SELECT cust_email FROM customer WHERE cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 0) {
$sEmailVerificationcode = md5($_POST["email"] . time());
$aData = ['cust_email' => $sEmail, 'cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_password' => password_hash($_POST["pwd"], PASSWORD_DEFAULT), 'cust_tosaccepted' => isset($_POST["tos"]) && $_POST["tos"] == 'y' ? 'y' : 'n', 'cust_cancellationdisclaimeraccepted' => isset($_POST["cancellationdisclaimer"]) && $_POST["cancellationdisclaimer"] == 'y' ? 'y' : 'n', 'cust_emailverified' => 'n', 'cust_emailverificationcode' => $sEmailVerificationcode, 'cust_active' => HelperConfig::$customer["register_require_manual_activation"] ? 'n' : 'y', 'cust_registrationtimestamp' => time()];
$sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'customer');
$hResult = $this->serviceManager->get('db')->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue, \PDO::PARAM_STR);
}
$hResult->execute();
CHelper::sendVerificationMail($sEmailVerificationcode, $sEmail, $this->serviceManager, true);
$aPData["showsuccessmessage"] = true;
} else {
$aErr["emailalreadytaken"] = true;
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register', $aErr);
}
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'register');
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["register"] = $aPData;
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
$this->P->cb_subnav = 'admin';
$this->P->cb_customcontenttemplate = 'shop/itemgroupadmin';
$return = '';
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'insert_lang') {
$sql = 'SELECT itmg_id FROM itemgroups_base WHERE itmg_id = :gid';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':gid', $_REQUEST["gid"]);
$hResult->execute();
$iNumRowsBasis = $hResult->rowCount();
$sql = 'SELECT itmgt_id FROM itemgroups_text WHERE itmgt_pid = :gid AND itmgt_lang = :lang';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':gid', $_REQUEST["gid"]);
$hResult->bindValue(':lang', HelperConfig::$lang);
$hResult->execute();
$iNumRowsLang = $hResult->rowCount();
if ($iNumRowsBasis == 1 && $iNumRowsLang == 0) {
$iGID = filter_var($_REQUEST["gid"], FILTER_SANITIZE_NUMBER_INT);
$aData = ['itmgt_pid' => $iGID, 'itmgt_lang' => HelperConfig::$lang];
$sql = DBTools::buildPSInsertQuery($aData, 'itemgroups_text');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
header('Location: /_admin/itemgroupadmin.html?gid=' . $iGID . '&action=editgroup');
die;
}
}
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'editgroup') {
if (isset($_REQUEST["do"]) && $_REQUEST["do"] == 'true') {
$this->P->cb_customdata["updatestatus"] = $this->admin_updateGroup(\HaaseIT\HCSF\Helper::getPurifier('itemgroup'));
}
$iGID = filter_var($_REQUEST["gid"], FILTER_SANITIZE_NUMBER_INT);
$aGroup = $this->admin_getItemgroups($iGID);
if (isset($_REQUEST["added"])) {
$this->P->cb_customdata["groupjustadded"] = true;
}
$this->P->cb_customdata["showform"] = 'edit';
$this->P->cb_customdata["group"] = $this->admin_prepareGroup('edit', $aGroup[0]);
} elseif (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'addgroup') {
$aErr = [];
if (isset($_REQUEST["do"]) && $_REQUEST["do"] == 'true') {
$sName = filter_var($_REQUEST["name"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
$sGNo = filter_var($_REQUEST["no"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
$sImg = filter_var($_REQUEST["img"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
if (strlen($sName) < 3) {
$aErr["nametooshort"] = true;
}
if (strlen($sGNo) < 3) {
$aErr["grouptooshort"] = true;
}
if (count($aErr) == 0) {
$sql = 'SELECT itmg_no FROM itemgroups_base WHERE itmg_no = :no';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':no', $sGNo);
$hResult->execute();
if ($hResult->rowCount() > 0) {
$aErr["duplicateno"] = true;
}
}
if (count($aErr) == 0) {
$aData = ['itmg_name' => $sName, 'itmg_no' => $sGNo, 'itmg_img' => $sImg];
$sql = DBTools::buildPSInsertQuery($aData, 'itemgroups_base');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$iLastInsertID = $this->db->lastInsertId();
header('Location: /_admin/itemgroupadmin.html?action=editgroup&added&gid=' . $iLastInsertID);
die;
} else {
$this->P->cb_customdata["err"] = $aErr;
$this->P->cb_customdata["showform"] = 'add';
$this->P->cb_customdata["group"] = $this->admin_prepareGroup('add');
}
} else {
$this->P->cb_customdata["showform"] = 'add';
$this->P->cb_customdata["group"] = $this->admin_prepareGroup('add');
}
} else {
if (!($return .= $this->admin_showItemgroups($this->admin_getItemgroups('')))) {
$this->P->cb_customdata["err"]["nogroupsavaliable"] = true;
}
}
$this->P->oPayload->cl_html = $return;
}
/**
* @param $iID
*/
public function initTextIfVoid($iID)
{
// Check if this textkey already has a child in the language table, if not, insert one
$sql = "SELECT * FROM textcat_lang WHERE tcl_tcid = :id AND tcl_lang = :lang";
$hResult = $this->DB->prepare($sql);
$iID = filter_var($iID, FILTER_SANITIZE_NUMBER_INT);
$hResult->bindValue(':id', $iID);
$hResult->bindValue(':lang', $this->sLang);
$hResult->execute();
if ($hResult->rowCount() == 0) {
$aData = ['tcl_tcid' => $iID, 'tcl_lang' => $this->sLang];
$sql = \HaaseIT\DBTools::buildPSInsertQuery($aData, 'textcat_lang');
$hResult = $this->DB->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
}
}
/**
* @return bool
*/
private function doCheckout()
{
if (empty($_SESSION["cart"])) {
return false;
}
/** @var \PDO $db */
$db = $this->serviceManager->get('db');
try {
$db->beginTransaction();
$aDataOrder = $this->prepareDataOrder();
$sql = DBTools::buildPSInsertQuery($aDataOrder, 'orders');
$hResult = $db->prepare($sql);
foreach ($aDataOrder as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$iInsertID = $db->lastInsertId();
$aDataOrderItems = [];
$aImagesToSend = [];
foreach ($_SESSION["cart"] as $sK => $aV) {
$aImagesToSend[$aV["img"]] = $this->getItemImage($aV);
$aDataOrderItems[] = ['oi_o_id' => $iInsertID, 'oi_cartkey' => $sK, 'oi_amount' => $aV["amount"], 'oi_price_netto_list' => $aV["price"]["netto_list"], 'oi_price_netto_use' => $aV["price"]["netto_use"], 'oi_price_brutto_use' => $aV["price"]["brutto_use"], 'oi_price_netto_sale' => isset($aV["price"]["netto_sale"]) ? $aV["price"]["netto_sale"] : '', 'oi_price_netto_rebated' => isset($aV["price"]["netto_rebated"]) ? $aV["price"]["netto_rebated"] : '', 'oi_vat' => HelperConfig::$shop["vat"][$aV["vat"]], 'oi_rg' => $aV["rg"], 'oi_rg_rebate' => isset(HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))]) ? HelperConfig::$shop["rebate_groups"][$aV["rg"]][trim(CHelper::getUserData('cust_group'))] : '', 'oi_itemname' => $aV["name"], 'oi_img' => $aImagesToSend[$aV["img"]]['base64img']];
}
foreach ($aDataOrderItems as $aV) {
$sql = DBTools::buildPSInsertQuery($aV, 'orders_items');
$hResult = $db->prepare($sql);
foreach ($aV as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
}
$db->commit();
} catch (\Exception $e) {
// If something raised an exception in our transaction block of statements,
// roll back any work performed in the transaction
print '<p>Unable to complete transaction!</p>';
print $e;
$db->rollBack();
}
$sMailbody_us = $this->buildOrderMailBody(false, $iInsertID);
$sMailbody_they = $this->buildOrderMailBody(true, $iInsertID);
// write to file
$this->writeCheckoutToFile($sMailbody_us);
// Send Mails
$this->sendCheckoutMails($iInsertID, $sMailbody_us, $sMailbody_they, $aImagesToSend);
if (isset($_SESSION["cart"])) {
unset($_SESSION["cart"]);
}
if (isset($_SESSION["cartpricesums"])) {
unset($_SESSION["cartpricesums"]);
}
if (isset($_SESSION["sondercart"])) {
unset($_SESSION["sondercart"]);
}
if (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'paypal' && array_search('paypal', HelperConfig::$shop["paymentmethods"]) !== false && isset(HelperConfig::$shop["paypal_interactive"]) && HelperConfig::$shop["paypal_interactive"]) {
header('Location: /_misc/paypal.html?id=' . $iInsertID);
} elseif (isset($this->post["paymentmethod"]) && $this->post["paymentmethod"] == 'sofortueberweisung' && array_search('sofortueberweisung', HelperConfig::$shop["paymentmethods"]) !== false) {
header('Location: /_misc/sofortueberweisung.html?id=' . $iInsertID);
} else {
header('Location: /_misc/checkedout.html?id=' . $iInsertID);
}
die;
}