/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$sql = 'SELECT cust_email, cust_id FROM customer ' . 'WHERE cust_emailverificationcode = :key AND cust_emailverified = \'n\'';
/** @var \PDOStatement $hResult */
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':key', $_GET["key"], \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$aRow = $hResult->fetch();
$aData = ['cust_emailverified' => 'y', 'cust_id' => $aRow['cust_id']];
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
/** @var \PDOStatement $hResult */
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationsuccess");
} else {
$this->P->oPayload->cl_html = $this->textcats->T("register_emailverificationfail");
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
$iId = \filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
$sql = 'SELECT * FROM orders ';
$sql .= "WHERE o_id = :id AND o_paymentmethod = 'paypal' AND o_paymentcompleted = 'n'";
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':id', $iId, \PDO::PARAM_INT);
$hResult->execute();
if ($hResult->rowCount() == 1) {
$aOrder = $hResult->fetch();
$fGesamtbrutto = \HaaseIT\HCSF\Shop\Helper::calculateTotalFromDB($aOrder);
$sPaypalURL = HelperConfig::$shop["paypal"]["url"] . '?cmd=_xclick&rm=2&custom=' . $iId . '&business=' . HelperConfig::$shop["paypal"]["business"];
$sPaypalURL .= '¬ify_url=http://' . $_SERVER["SERVER_NAME"] . '/_misc/paypal_notify.html&item_name=' . $this->textcats->T("misc_paypaypal_paypaltitle") . ' ' . $iId;
$sPaypalURL .= '¤cy_code=' . HelperConfig::$shop["paypal"]["currency_id"] . '&amount=' . str_replace(',', '.', number_format($fGesamtbrutto, 2, '.', ''));
if (HelperConfig::$shop["interactive_paymentmethods_redirect_immediately"]) {
header('Location: ' . $sPaypalURL);
die;
}
$this->P->oPayload->cl_html = $this->textcats->T("misc_paypaypal_greeting") . '<br><br>';
$this->P->oPayload->cl_html .= '<a href="' . $sPaypalURL . '">' . $this->textcats->T("misc_paypaypal") . '</a>';
} else {
$this->P->oPayload->cl_html = $this->textcats->T("misc_paypaypal_paymentnotavailable");
}
}
public static function showOrderStatusText(\HaaseIT\Textcat $textcats, $sStatusShort)
{
$mapping = ['y' => 'order_status_completed', 'n' => 'order_status_open', 'i' => 'order_status_inwork', 's' => 'order_status_canceled', 'd' => 'order_status_deleted'];
if (!empty($mapping[$sStatusShort])) {
return $textcats->T($mapping[$sStatusShort]);
}
return '';
}
private function showMyOrders($COList)
{
$return = '';
$sql = 'SELECT * FROM orders WHERE o_custno = :custno ORDER BY o_ordertimestamp DESC';
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':custno', CHelper::getUserData('cust_no'));
$hResult->execute();
if ($hResult->rowCount() >= 1) {
$aData = [];
while ($aRow = $hResult->fetch()) {
$sStatus = SHelper::showOrderStatusText($this->textcats, $aRow["o_ordercompleted"]);
if ($aRow["o_paymentmethod"] == 'prepay') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_prepay");
} elseif ($aRow["o_paymentmethod"] == 'paypal') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_paypal");
} elseif ($aRow["o_paymentmethod"] == 'debit') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_debit");
} elseif ($aRow["o_paymentmethod"] == 'invoice') {
$sPaymentmethod = $this->textcats->T("order_paymentmethod_invoice");
} else {
$sPaymentmethod = ucwords($aRow["o_paymentmethod"]);
}
if ($aRow["o_paymentcompleted"] == 'y') {
$sPaymentstatus = ucwords($this->textcats->T("misc_yes"));
} else {
$sPaymentstatus = ucwords($this->textcats->T("misc_no"));
}
$aData[] = ['o_id' => $aRow["o_id"], 'o_order_status' => $sStatus, 'o_ordertime' => date(HelperConfig::$customer['locale_format_date_time'], $aRow["o_ordertimestamp"]), 'o_paymentmethod' => $sPaymentmethod, 'o_paymentcompleted' => $sPaymentstatus, 'o_shipping_service' => $aRow["o_shipping_service"], 'o_shipping_trackingno' => $aRow["o_shipping_trackingno"]];
}
$return .= \HaaseIT\Tools::makeListtable($COList, $aData, $this->serviceManager->get('twig'));
} else {
$return .= $this->textcats->T("myorders_no_orders_to_display");
}
return $return;
}
/**
* @return string
*/
private function getNotification()
{
$return = '';
if (isset($this->get["msg"]) && trim($this->get["msg"]) != '') {
if ($this->get["msg"] == 'updated' && isset($this->get["cartkey"]) && isset($this->get["amount"]) || $this->get["msg"] == 'removed' && isset($this->get["cartkey"])) {
$return .= $this->textcats->T("shoppingcart_msg_" . $this->get["msg"] . "_1") . ' ';
if (isset(HelperConfig::$shop["custom_order_fields"]) && mb_strpos($this->get["cartkey"], '|') !== false) {
$mCartkeys = explode('|', $this->get["cartkey"]);
foreach ($mCartkeys as $sKey => $sValue) {
if ($sKey == 0) {
$return .= $sValue . ', ';
} else {
$TMP = explode(':', $sValue);
$return .= $this->textcats->T("shoppingcart_item_" . $TMP[0]) . ' ' . $TMP[1] . ', ';
unset($TMP);
}
}
$return = Tools::cutStringend($return, 2);
} else {
$return .= $this->get["cartkey"];
}
$return .= ' ' . $this->textcats->T("shoppingcart_msg_" . $this->get["msg"] . "_2");
if ($this->get["msg"] == 'updated') {
$return .= ' ' . $this->get["amount"];
}
$return .= '<br><br>';
}
}
return $return;
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (\HaaseIT\HCSF\Customer\Helper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
if (!isset($_GET["key"]) || !isset($_GET["email"]) || trim($_GET["key"]) == '' || trim($_GET["email"]) == '' || !\filter_var($_GET["email"], FILTER_VALIDATE_EMAIL)) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$sql = 'SELECT * FROM customer WHERE cust_email = :email AND cust_pwresetcode = :pwresetcode AND cust_pwresetcode != \'\'';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->bindValue(':pwresetcode', filter_var(trim(Tools::getFormfield("key")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), \PDO::PARAM_STR);
$hResult->execute();
if ($hResult->rowCount() != 1) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_default");
} else {
$aErr = [];
$aResult = $hResult->fetch();
$iTimestamp = time();
if ($aResult['cust_pwresettimestamp'] < $iTimestamp - DAY) {
$this->P->oPayload->cl_html = $this->textcats->T("pwreset_error_expired");
} else {
$this->P->cb_customcontenttemplate = 'customer/resetpassword';
$this->P->cb_customdata["pwreset"]["minpwlength"] = HelperConfig::$customer["minimum_length_password"];
if (isset($_POST["doSend"]) && $_POST["doSend"] == 'yes') {
$aErr = $this->handlePasswordReset($aErr, $aResult['cust_id']);
if (count($aErr) == 0) {
$this->P->cb_customdata["pwreset"]["showsuccessmessage"] = true;
} else {
$this->P->cb_customdata["pwreset"]["errors"] = $aErr;
}
}
}
}
}
}
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
$iId = \filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
$sql = 'SELECT * FROM orders ' . "WHERE o_id = :id AND o_paymentmethod = 'sofortueberweisung' AND o_paymentcompleted = 'n'";
/** @var \PDOStatement $hResult */
$hResult = $this->serviceManager->get('db')->prepare($sql);
$hResult->bindValue(':id', $iId, \PDO::PARAM_INT);
$hResult->execute();
if ($hResult->rowCount() == 1) {
$aOrder = $hResult->fetch();
$fGesamtbrutto = \HaaseIT\HCSF\Shop\Helper::calculateTotalFromDB($aOrder);
$sPURL = 'https://www.sofortueberweisung.de/payment/start?user_id=' . HelperConfig::$shop["sofortueberweisung"]["user_id"] . '&project_id=' . HelperConfig::$shop["sofortueberweisung"]["project_id"] . '&amount=' . number_format($fGesamtbrutto, 2, '.', '') . '&currency_id=' . HelperConfig::$shop["sofortueberweisung"]["currency_id"] . '&reason_1=' . urlencode($this->textcats->T("misc_paysofortueberweisung_ueberweisungsbetreff") . ' ') . $iId;
if (HelperConfig::$shop["interactive_paymentmethods_redirect_immediately"]) {
header('Location: ' . $sPURL);
die;
}
$this->P->oPayload->cl_html = $this->textcats->T("misc_paysofortueberweisung_greeting") . '<br><br>';
$this->P->oPayload->cl_html .= '<a href="' . $sPURL . '">' . $this->textcats->T("misc_paysofortueberweisung") . '</a>';
} else {
$this->P->oPayload->cl_html = $this->textcats->T("misc_paysofortueberweisung_paymentnotavailable");
}
}
/**
* @param $aErr
* @return array
*/
private function handleForgotPassword($aErr)
{
if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
$aErr[] = 'emailinvalid';
} else {
$sql = 'SELECT * FROM customer WHERE cust_email = :email';
$sEmail = filter_var(trim(\HaaseIT\Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
if ($hResult->rowCount() != 1) {
$aErr[] = 'emailunknown';
} else {
$aResult = $hResult->fetch();
$iTimestamp = time();
if ($iTimestamp - HOUR < $aResult['cust_pwresettimestamp']) {
// 1 hour delay between requests
$aErr[] = 'pwresetstilllocked';
} else {
$sResetCode = md5($aResult['cust_email'] . $iTimestamp);
$aData = ['cust_pwresetcode' => $sResetCode, 'cust_pwresettimestamp' => $iTimestamp, 'cust_id' => $aResult['cust_id']];
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$sTargetAddress = $aResult['cust_email'];
$sSubject = $this->textcats->T("forgotpw_mail_subject");
$sMessage = $this->textcats->T("forgotpw_mail_text1");
$sMessage .= "<br><br>" . '<a href="http' . (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' ? 's' : '') . '://';
$sMessage .= $_SERVER["SERVER_NAME"] . '/_misc/rp.html?key=' . $sResetCode . '&email=' . $sTargetAddress . '">';
$sMessage .= 'http' . (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' ? 's' : '') . '://';
$sMessage .= $_SERVER["SERVER_NAME"] . '/_misc/rp.html?key=' . $sResetCode . '&email=' . $sTargetAddress . '</a>';
$sMessage .= '<br><br>' . $this->textcats->T("forgotpw_mail_text2");
\HaaseIT\HCSF\Helper::mailWrapper($sTargetAddress, $sSubject, $sMessage);
}
}
}
return $aErr;
}
/**
*
*/
public function preparePage()
{
$this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
$this->P->cb_pagetype = 'content';
if (!CHelper::getUserData()) {
$this->P->oPayload->cl_html = $this->textcats->T("denied_notloggedin");
} else {
$this->P->cb_customcontenttemplate = 'customer/customerhome';
$aPData["display_logingreeting"] = false;
if (isset($_GET["login"]) && $_GET["login"]) {
$aPData["display_logingreeting"] = true;
}
if (isset($_GET["editprofile"])) {
$sErr = '';
if (isset($_POST["doEdit"]) && $_POST["doEdit"] == 'yes') {
$sql = 'SELECT ' . DB_ADDRESSFIELDS . ' FROM customer WHERE cust_id != :id AND cust_email = :email';
$sEmail = filter_var(trim(Tools::getFormfield("email")), FILTER_SANITIZE_EMAIL);
$hResult = $this->db->prepare($sql);
$hResult->bindValue(':id', $_SESSION["user"]['cust_id'], \PDO::PARAM_INT);
$hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
$hResult->execute();
$iRows = $hResult->rowCount();
if ($iRows == 1) {
$sErr .= $this->textcats->T("userprofile_emailalreadyinuse") . '<br>';
}
$sErr = CHelper::validateCustomerForm(HelperConfig::$lang, $sErr, true);
if ($sErr == '') {
if (HelperConfig::$customer["allow_edituserprofile"]) {
$aData = ['cust_corp' => filter_var(trim(Tools::getFormfield("corpname")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_name' => filter_var(trim(Tools::getFormfield("name")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_street' => filter_var(trim(Tools::getFormfield("street")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_zip' => filter_var(trim(Tools::getFormfield("zip")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_town' => filter_var(trim(Tools::getFormfield("town")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_phone' => filter_var(trim(Tools::getFormfield("phone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_cellphone' => filter_var(trim(Tools::getFormfield("cellphone")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_fax' => filter_var(trim(Tools::getFormfield("fax")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW), 'cust_country' => filter_var(trim(Tools::getFormfield("country")), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW)];
}
if (isset($_POST["pwd"]) && $_POST["pwd"] != '') {
$aData['cust_password'] = password_hash($_POST["pwd"], PASSWORD_DEFAULT);
$aPData["infopasswordchanged"] = true;
}
$aData['cust_id'] = $_SESSION["user"]['cust_id'];
if (count($aData) > 1) {
$sql = \HaaseIT\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
$hResult = $this->db->prepare($sql);
foreach ($aData as $sKey => $sValue) {
$hResult->bindValue(':' . $sKey, $sValue);
}
$hResult->execute();
$aPData["infochangessaved"] = true;
} else {
$aPData["infonothingchanged"] = true;
}
}
}
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'editprofile', $sErr);
//if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation
} else {
$this->P->cb_customdata["customerform"] = CHelper::buildCustomerForm(HelperConfig::$lang, 'userhome');
}
$aPData["showprofilelinks"] = false;
if (!isset($_GET["editprofile"])) {
$aPData["showprofilelinks"] = true;
}
if (isset($aPData) && count($aPData)) {
$this->P->cb_customdata["userhome"] = $aPData;
}
}
}
