1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 524: 525: 526: 527: 528: 529: 530: 531: 532: 533: 534: 535: 536: 537: 538: 539: 540: 541: 542: 543: 544: 545: 546: 547: 548: 549: 550: 551: 552: 553: 554: 555: 556: 557: 558: 559: 560: 561: 562: 563: 564: 565: 566: 567: 568: 569: 570: 571: 572: 573: 574: 575: 576: 577: 578: 579: 580: 581: 582: 583: 584: 585: 586: 587: 588: 589: 590: 591: 592: 593: 594: 595: 596: 597: 598: 599: 600: 601: 602: 603: 604: 605: 606: 607: 608: 609: 610: 611: 612: 613: 614: 615: 616: 617: 618: 619: 620: 621: 622: 623: 624: 625: 626: 627: 628: 629: 630: 631: 632: 633: 634: 635: 636: 637: 638: 639: 640: 641: 642: 643: 644: 645: 646: 647: 648: 649: 650: 651: 652: 653: 654: 655: 656: 657: 658: 659: 660: 661: 662: 663: 664: 665: 666: 667: 668: 669: 670: 671: 672: 673: 674: 675: 676: 677: 678: 679: 680: 681: 682: 683: 684: 685: 686: 687: 688: 689: 690: 691: 692: 693: 694: 695: 696: 697: 698: 699: 700: 701: 702: 703: 704: 705: 706: 707: 708: 709: 710: 711: 712: 713: 714: 715: 716: 717: 718: 719: 720: 721: 722: 723: 724: 725: 726: 727: 728: 729: 730: 731: 732: 733: 734: 735: 736: 737: 738: 739: 740: 741: 742: 743: 744: 745: 746: 747: 748: 749: 750: 751: 752: 753: 754: 755: 756: 757: 758: 759: 760: 761: 762: 763: 764: 765: 766: 767: 768: 769: 770: 771: 772: 773: 774: 775: 776: 777: 778: 779: 780: 781: 782: 783: 784: 785: 786: 787: 788: 789: 790: 791: 792: 793: 794: 795: 796: 797: 798: 799: 800: 801: 802: 803: 804: 805: 806: 807: 808: 809: 810: 811: 812: 813: 814: 815: 816: 817: 818: 819: 820: 821: 822: 823: 824: 825: 826: 827: 828: 829: 830: 831: 832: 833: 834: 835: 836: 837: 838: 839: 840: 841: 842: 843: 844: 845: 846: 847: 848: 849: 850: 851: 852: 853: 854: 855: 856: 857: 858: 859: 860: 861: 862: 863: 864: 865: 866: 867: 868: 869: 870: 871: 872: 873: 874: 875: 876: 877: 878: 879: 880: 881: 882: 883: 884: 885: 886: 887: 888: 889: 890: 891: 892: 893: 894: 895: 896: 897: 898: 899: 900: 901: 902: 903: 904: 905: 906: 907: 908: 909: 910: 911: 912: 913: 914: 915: 916: 917: 918: 919: 920: 921: 922: 923: 924: 925: 926: 927: 928: 929: 930: 931: 932: 933: 934: 935: 936: 937: 938: 939: 940: 941: 942: 943: 944: 945: 946: 947: 948: 949: 950: 951: 952: 953: 954: 955: 956: 957: 958: 959: 960: 961: 962: 963: 964: 965: 966: 967: 968: 969: 970: 971: 972: 973: 974: 975: 976: 977: 978: 979: 980: 981: 982: 983: 984: 985: 986: 987: 988: 989: 990: 991: 992: 993: 994: 995: 996: 997: 998: 999: 1000: 1001: 1002: 1003: 1004: 1005: 1006: 1007: 1008: 1009: 1010: 1011: 1012: 1013: 1014: 1015: 1016: 1017: 1018: 1019: 1020: 1021: 1022: 1023: 1024: 1025: 1026: 1027: 1028: 1029: 1030: 1031: 1032: 1033: 1034: 1035: 1036: 1037: 1038: 1039: 1040: 1041: 1042: 1043: 1044: 1045: 1046: 1047: 1048: 1049: 1050: 1051: 1052: 1053: 1054: 1055: 1056: 1057: 1058: 1059: 1060: 1061: 1062: 1063: 1064: 1065: 1066: 1067: 1068: 1069: 1070: 1071: 1072: 1073: 1074: 1075: 1076: 1077: 1078: 1079: 1080: 1081: 1082: 1083: 1084: 1085: 1086: 1087: 1088: 1089: 1090: 1091: 1092: 1093: 1094: 1095: 1096: 1097: 1098: 1099: 1100: 1101: 1102: 1103: 1104: 1105: 1106: 1107: 1108: 1109: 1110: 1111: 1112: 1113: 1114: 1115: 1116: 1117: 1118: 1119: 1120: 1121: 1122: 1123: 1124: 1125: 1126: 1127: 1128: 1129: 1130: 1131: 1132: 1133: 1134: 1135: 1136: 1137: 1138: 1139: 1140: 1141: 1142: 1143: 1144: 1145: 1146: 1147: 1148: 1149: 1150: 1151: 1152: 1153: 1154: 1155: 1156: 1157: 1158: 1159: 1160: 1161: 1162: 1163: 1164: 1165: 1166: 1167: 1168: 1169: 1170: 1171: 1172: 1173: 1174: 1175: 1176: 1177: 1178: 1179: 1180: 1181: 1182: 1183: 1184: 1185: 1186: 1187: 1188: 1189: 1190: 1191: 1192: 1193: 1194: 1195: 1196: 1197: 1198: 1199: 1200: 1201: 1202: 1203: 1204: 1205: 1206: 1207: 1208: 1209: 1210: 1211: 1212: 1213: 1214: 1215: 1216: 1217: 1218: 1219: 1220: 1221: 1222: 1223: 1224: 1225: 1226: 1227: 1228: 1229: 1230: 1231: 1232: 1233: 1234: 1235: 1236: 1237: 1238: 1239: 1240: 1241: 1242: 1243: 1244: 1245: 1246: 1247: 1248: 1249: 1250: 1251: 1252: 1253: 1254: 1255: 1256: 1257: 1258: 1259: 1260: 1261: 1262: 1263: 1264: 1265: 1266: 1267: 1268: 1269: 1270: 1271: 1272: 1273: 1274: 1275: 1276: 1277: 1278: 1279: 1280: 1281: 1282: 1283: 1284: 1285: 1286: 1287: 1288: 1289: 1290: 1291: 1292: 1293: 1294: 1295: 1296: 1297: 1298: 1299: 1300: 1301: 1302: 1303: 1304:
<?php
PHPShopObj::loadClass('user');
PHPShopObj::loadClass('mail');
PHPShopObj::loadClass('order');
PHPShopObj::loadClass('delivery');
class PHPShopUsers extends PHPShopCore {
var $activation = false;
var $debug = false;
var $no_captcha = false;
function __construct() {
$this->objBase = $GLOBALS['SysValue']['base']['shopusers'];
$this->action = array('get' => array('productId', 'noticeId'), 'post' => array('add_notice', 'update_password', 'add_user', 'update_user', 'passw_send'),
'name' => array('register', 'order', 'wishlist', 'useractivate', 'sendpassword', 'notice', 'message', 'newsletter', 'sms'), 'nav' => 'index');
$this->action_prefix = 'action_';
$this->PHPShopUserElement = new PHPShopUserElement();
$this->locale = array();
parent::__construct();
if ($this->PHPShopSystem->ifSerilizeParam('admoption.user_mail_activate') or $this->PHPShopSystem->ifSerilizeParam('admoption.user_mail_activate_pre'))
$this->activation = true;
$this->title = __('');
}
function action_index() {
if ($this->setHook(__CLASS__, __FUNCTION__, false, 'START'))
return true;
if ($this->true_user()) {
$this->user_info();
} else {
$this->action_register();
}
}
function action_sms() {
if ($this->PHPShopSystem->getSerilizeParam("admoption.sms_login") != 1) {
$this->setError404();
return true;
}
if (PHPShopSecurity::true_tel($_POST['tel'])) {
$PHPShopOrm = new PHPShopOrm($this->objBase);
$PHPShopOrm->debug = false;
if (!empty($_POST['token'])) {
if (!empty($this->true_sms($_POST['tel'], $_POST['token']))) {
header('Location: /users/');
return true;
} else
$this->set('user_sms_error', PHPShopText::alert(__('')));
}
$until = time() + 180;
$data = $PHPShopOrm->getOne(array('*'), array('tel' => '="' . $_POST['tel'] . '"'));
if (is_array($data)) {
if (!empty($data['tel'])) {
if ($data['token_time'] < $until) {
$token_new = substr(rand(10000, 100000), 0, 5);
$PHPShopOrm->update(array('token_new' => $token_new, 'token_time_new' => $until), array('id' => '=' . $data['id']));
$phone = trim(str_replace(array('(', ')', '-', '+', '+'), '', $data['tel']));
$first_d = substr($phone, 0, 1);
if ($first_d != 8 and $first_d != 7)
$phone = '7' . $phone;
include_once $this->getValue('file.sms');
$msg = __('' . $token_new);
$send = SendSMS($msg, $phone);
}
$this->set('userTel', $data['tel']);
if (PHPShopParser::checkFile("users/sms.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/sms.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/sms.tpl', true));
$this->setHook(__CLASS__, __FUNCTION__);
}
} else {
$this->set('user_sms_error', PHPShopText::alert(__('')));
if (PHPShopParser::checkFile("users/tel.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/tel.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/tel.tpl', true));
}
}
else {
if (PHPShopParser::checkFile("users/tel.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/tel.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/tel.tpl', true));
$this->set('usersError', null);
}
$this->set('formaTitle', __(''));
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function true_sms($tel, $sms) {
global $PHPShopUserElement;
$PHPShopOrm = new PHPShopOrm($this->objBase);
$data = $PHPShopOrm->getOne(array('*'), array('tel' => '="' . $tel . '"', 'token' => '=' . intval($sms)), array('order' => 'id'));
if (is_array($data)) {
$_POST['login'] = $data['login'];
$_POST['password'] = base64_decode($data['password']);
return $PHPShopUserElement->autorization();
}
}
function action_add_notice() {
if ($this->true_user()) {
if (PHPShopSecurity::true_num($_POST['productId']))
$this->notice_add();
else
$this->action_notice();
} else {
$this->action_register();
}
}
function action_message() {
if ($this->true_user()) {
$this->user_message();
} else {
$this->action_register();
}
}
function user_message() {
$this->title .= ' - ' . __('');
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__);
}
function action_notice() {
if ($this->true_user()) {
$this->notice_list();
} else {
$this->action_register();
}
}
function notice_list() {
$this->title .= ' - ' . __('');
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__);
}
function notice_add() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__);
}
function action_noticeId() {
if ($this->true_user()) {
if (PHPShopSecurity::true_num($_GET['noticeId'])) {
$PHPShopOrm = new PHPShopOrm($this->getValue('base.notice'));
$PHPShopOrm->debug = $this->debug;
$PHPShopOrm->delete(array('user_id' => '=' . $this->UsersId, 'id' => '=' . $_GET['noticeId']));
$this->action_notice();
} else
$this->setError404();
}
else {
$this->action_register();
}
}
function action_productId() {
$this->title .= ' - ' . __('');
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
if (PHPShopSecurity::true_num($_GET['productId'])) {
$PHPShopProduct = new PHPShopProduct($_GET['productId']);
if (PHPShopSecurity::true_num($PHPShopProduct->getParam('id'))) {
$this->set('productId', $_GET['productId']);
$this->set('pic_small', $PHPShopProduct->getParam('pic_small'));
$this->set('pic_big', $PHPShopProduct->getParam('pic_big'));
$this->set('productName', $PHPShopProduct->getParam('name'));
$this->setHook(__CLASS__, __FUNCTION__, $PHPShopProduct, 'MIDDLE');
if ($this->true_user())
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/notice.tpl', true));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/notice_no_auth.tpl', true));
$this->set('formaTitle', __(''));
$this->setHook(__CLASS__, __FUNCTION__, $PHPShopProduct, 'END');
$this->ParseTemplate($this->getValue('templates.users_page_list'));
} else
$this->setError404();
} else
$this->setError404();
}
function action_order_info() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__, $tip = 1);
}
function order_list() {
$this->title .= ' - ' . __('');
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__, $tip = 1);
}
function link_encode($files) {
$str = array(
"files" => $files,
"time" => (time("U") + ($this->getValue('my.digital_time') * 86400))
);
$str = serialize($str);
$code = base64_encode($str);
$code2 = str_replace($this->getValue('my.digital_pass1'), "!", $code);
$code2 = str_replace($this->getValue('my.digital_pass2'), "$", $code2);
return $code2;
}
function clean_old_activation() {
$nowData = time() - 432000;
$this->PHPShopOrm->delete(array('datas' => '<' . $nowData, 'enabled' => "='0'"));
$this->PHPShopOrm->clean();
}
function true_key($passw) {
return preg_match("/^[a-zA-Z0-9_]{4,35}$/", $passw);
}
function action_useractivate() {
if ($this->setHook(__CLASS__, __FUNCTION__, false, 'START'))
return true;
if ($this->true_key($_GET['key'])) {
$this->clean_old_activation();
$data = $this->PHPShopOrm->select(array('login'), array('status' => "='" . $_GET['key'] . "'"), false, array('limit' => 1));
if (!empty($data['login'])) {
$this->set('date', date("d-m-y H:i a"));
$this->set('user_ip', $_SERVER['REMOTE_ADDR']);
$this->set('user_name', $data['login']);
$this->set('user_login', $data['login']);
if (!$this->PHPShopSystem->ifSerilizeParam('admoption.user_mail_activate_pre')) {
$this->PHPShopOrm->clean();
$this->PHPShopOrm->update(array('enabled_new' => '1', 'status_new' => $this->PHPShopSystem->getSerilizeParam('admoption.user_status')), array('status' => "='" . $_GET['key'] . "'"));
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/message_activation_done.tpl', true));
} else {
$this->PHPShopOrm->clean();
$this->PHPShopOrm->update(array('status_new' => $this->PHPShopSystem->getSerilizeParam('admoption.user_status')), array('status' => "='" . $_GET['key'] . "'"));
$title = $this->lang('activation_admin_title') . " " . $_POST['name_new'];
$content = ParseTemplateReturn('./phpshop/lib/templates/users/mail_admin_activation.tpl', true);
$PHPShopMail = new PHPShopMail($this->PHPShopSystem->getValue('adminmail2'), $this->PHPShopSystem->getValue('adminmail2'), $title, '', true, true, array('replyto' => $data['login']));
$content = ParseTemplateReturn('./phpshop/lib/templates/users/mail_admin_activation.tpl', true);
$PHPShopMail->sendMailNow($content);
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/message_admin_activation.tpl', true), true);
}
} else {
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/message_activation_error.tpl', true));
}
$this->set('formaTitle', $this->lang('user_register_title'));
$this->setHook(__CLASS__, __FUNCTION__, $data, 'END');
$this->ParseTemplate($this->getValue('templates.users_page_list'));
} else
$this->action_register();
}
function action_order() {
if ($this->setHook(__CLASS__, __FUNCTION__, false, 'START'))
return true;
if ($this->true_user()) {
$this->order_list();
$this->waitAction('order_info');
$this->setHook(__CLASS__, __FUNCTION__, false, 'END');
$this->ParseTemplate($this->getValue('templates.users_page_list'));
} else {
$this->set('usersError', __(''));
$this->action_register();
}
}
function update_user_adres() {
if (PHPShopSecurity::true_email($_POST['mail'])) {
$data = $this->PHPShopOrm->select(array('data_adres'), array('mail' => "='" . $_POST['mail'] . "'"), false, array('limit' => 1));
if ($data['data_adres'])
$data_adres = unserialize($data['data_adres']);
if (!empty($_POST['country_new']))
$newAdres['country_new'] = PHPShopSecurity::CleanStr(@$_POST['country_new']);
if (!empty($_POST['state_new']))
$newAdres['state_new'] = PHPShopSecurity::CleanStr(@$_POST['state_new']);
if (!empty($_POST['city_new']))
$newAdres['city_new'] = PHPShopSecurity::CleanStr(@$_POST['city_new']);
if (!empty($_POST['index_new']))
$newAdres['index_new'] = PHPShopSecurity::CleanStr(@$_POST['index_new']);
if (!empty($_POST['fio_new']))
$newAdres['fio_new'] = PHPShopSecurity::CleanStr(@$_POST['fio_new']);
if (!empty($_POST['tel_new']))
$newAdres['tel_new'] = PHPShopSecurity::CleanStr(@$_POST['tel_new']);
if (!empty($_POST['street_new']))
$newAdres['street_new'] = PHPShopSecurity::CleanStr(@$_POST['street_new']);
if (!empty($_POST['house_new']))
$newAdres['house_new'] = PHPShopSecurity::CleanStr(@$_POST['house_new']);
if (!empty($_POST['porch_new']))
$newAdres['porch_new'] = PHPShopSecurity::CleanStr(@$_POST['porch_new']);
if (!empty($_POST['door_phone_new']))
$newAdres['door_phone_new'] = PHPShopSecurity::CleanStr(@$_POST['door_phone_new']);
if (!empty($_POST['flat_new']))
$newAdres['flat_new'] = PHPShopSecurity::CleanStr(@$_POST['flat_new']);
if (!empty($_POST['delivtime_new']))
$newAdres['delivtime_new'] = PHPShopSecurity::CleanStr(@$_POST['delivtime_new']);
if (!empty($_POST['org_name_new']))
$newAdres['org_name_new'] = PHPShopSecurity::CleanStr(@$_POST['org_name_new']);
if (!empty($_POST['org_inn_new']))
$newAdres['org_inn_new'] = PHPShopSecurity::CleanStr(@$_POST['org_inn_new']);
if (!empty($_POST['org_kpp_new']))
$newAdres['org_kpp_new'] = PHPShopSecurity::CleanStr(@$_POST['org_kpp_new']);
if (!empty($_POST['org_yur_adres_new']))
$newAdres['org_yur_adres_new'] = PHPShopSecurity::CleanStr(@$_POST['org_yur_adres_new']);
if (!empty($_POST['org_fakt_adres_new']))
$newAdres['org_fakt_adres_new'] = PHPShopSecurity::CleanStr(@$_POST['org_fakt_adres_new']);
if (!empty($_POST['org_ras_new']))
$newAdres['org_ras_new'] = PHPShopSecurity::CleanStr(@$_POST['org_ras_new']);
if (!empty($_POST['org_bank_new']))
$newAdres['org_bank_new'] = PHPShopSecurity::CleanStr(@$_POST['org_bank_new']);
if (!empty($_POST['org_kor_new']))
$newAdres['org_kor_new'] = PHPShopSecurity::CleanStr(@$_POST['org_kor_new']);
if (!empty($_POST['org_bik_new']))
$newAdres['org_bik_new'] = PHPShopSecurity::CleanStr(@$_POST['org_bik_new']);
if (!empty($_POST['org_city_new']))
$newAdres['org_city_new'] = PHPShopSecurity::CleanStr(@$_POST['org_city_new']);
if (is_array($newAdres) AND count($newAdres)) {
if (isset($_POST['adres_id']) AND is_numeric($_POST['adres_id'])) {
$id = intval($_POST['adres_id']);
if (is_array($newAdres) and is_array($data_adres['list'][$id]))
$data_adres['list'][$id] = array_merge($data_adres['list'][$id], $newAdres);
} else {
$data_adres['list'][] = $newAdres;
end($data_adres['list']);
$id = key($data_adres['list']);
}
if ((!empty($_POST['adres_this_default']) AND $_POST['adres_this_default']) OR ! isset($data_adres['main']) OR ! isset($data_adres['list'][$data_adres['main']])) {
$data_adres['main'] = $id;
}
$data_adres = serialize($data_adres);
$this->PHPShopOrm->clean();
$this->PHPShopOrm->update(array(
'data_adres_new' => $data_adres), array('mail' => "='" . $_POST['mail'] . "'"));
}
$this->setHook(__CLASS__, __FUNCTION__, $_POST);
return $newAdres;
}
}
function action_update_user() {
if (PHPShopSecurity::true_num($_SESSION['UsersId'])) {
if (count($this->error) == 0) {
if (!empty($_POST['sendmail_new']))
$update['sendmail_new'] = 0;
else
$update['sendmail_new'] = 1;
if (PHPShopSecurity::true_email($_POST['login_new']))
$update['login_new'] = PHPShopSecurity::TotalClean($_POST['login_new']);
if (PHPShopSecurity::true_tel($_POST['tel_new']))
$update['tel_new'] = PHPShopSecurity::TotalClean($_POST['tel_new']);
if (!empty($_POST['name_new'])) {
$_SESSION['UsersName'] = PHPShopSecurity::TotalClean($_POST['name_new']);
$update['name_new'] = $_SESSION['UsersName'];
}
if (!empty($_POST['password_new']))
$update['password_new'] = $this->encode($_POST['password_new']);
$this->PHPShopOrm->update($update, array('id' => '=' . $_SESSION['UsersId']));
$this->error[] = $this->lang('done');
$this->setHook(__CLASS__, __FUNCTION__, $_POST);
}
}
$this->error();
$this->user_info();
}
function action_sendpassword() {
$this->set('formaTitle', __(''));
if (PHPShopParser::checkFile("users/register.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/sendpassword.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/sendpassword.tpl', true));
$this->setHook(__CLASS__, __FUNCTION__);
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function action_passw_send() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
if (PHPShopSecurity::true_email($_POST['login'])) {
$this->PHPShopOrm->clean();
$data = $this->PHPShopOrm->select(array('*'), array('login' => '="' . $_POST['login'] . '"'), false, array('limit' => 1));
if (is_array($data)) {
$this->set('date', date("d-m-y H:i a"));
$this->set('user_ip', $_SERVER['REMOTE_ADDR']);
$this->set('user_login', $data['login']);
$this->set('user_name', $data['name']);
$this->set('user_mail', $data['login']);
$this->set('user_password', $this->decode($data['password']));
$title = $this->PHPShopSystem->getName() . " - " . __('') . " " . $_POST['login'];
$title = __('') . " " . $_POST['login'];
$PHPShopMail = new PHPShopMail($data['login'], $this->PHPShopSystem->getParam('adminmail2'), $title, '', true, true);
$content = ParseTemplateReturn('./phpshop/lib/templates/users/mail_sendpassword.tpl', true);
$PHPShopMail->sendMailNow($content);
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/message_sendpassword.tpl', true));
} else {
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/message_sendpassword_error.tpl', true));
}
}
$this->set('formaTitle', __(''));
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function action_update_password() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
if (PHPShopSecurity::true_num($_SESSION['UsersId'])) {
if ($_POST['password_new'] != $_POST['password_new2'])
$this->error[] = $this->lang('error_password');
if (!empty($_POST['sendmail_new']))
$update['sendmail_new'] = 0;
else
$update['sendmail_new'] = 1;
if (!PHPShopSecurity::true_passw($_POST['password_new']))
$this->error[] = $this->lang('error_password_hack');
$update['password_new'] = $this->encode($_POST['password_new']);
if (count($this->error) == 0) {
$this->PHPShopOrm->update($update, array('id' => '=' . $_SESSION['UsersId']));
$this->error[] = $this->lang('done');
}
}
$this->error();
$this->user_info();
}
function error() {
$user_error = null;
if (is_array($this->error))
foreach ($this->error as $val)
$user_error .= PHPShopText::ul(PHPShopText::li($val));
$this->set('user_error', $user_error);
}
function action_wishlist() {
global $PHPShopSystem;
if ($this->setHook(__CLASS__, __FUNCTION__, false, 'START'))
return true;
$dis = null;
$this->set('formaTitle', __(''));
if ($this->true_user()) {
$PHPShopUser = new PHPShopUser($_SESSION['UsersId']);
$wishlist = unserialize($PHPShopUser->objRow['wishlist']);
} else {
$wishlist = &$_SESSION['wishlist'];
}
if (is_array($wishlist)) {
if ($_REQUEST['delete']) {
unset($wishlist[$_REQUEST['delete']]);
$_SESSION['wishlistCount'] = count($wishlist);
if ($this->true_user())
$this->PHPShopOrm->update(array('wishlist' => serialize($wishlist)), array('id' => '=' . $_SESSION['UsersId']), false, false);
header("Location: ./wishlist.html");
die();
}
foreach ($wishlist as $key => $value) {
$objProduct = new PHPShopProduct($key);
if ($objProduct->getParam("enabled") == 1) {
if ($objProduct->getParam("sklad") == 1)
$this->set('prodDisabled', 'disabled');
else
$this->set('prodDisabled', '');
$this->set('prodId', $key);
$this->set('prodName', $objProduct->getParam("name"));
if (empty($objProduct->getParam("pic_small") == ""))
$this->set('prodPic', $objProduct->getParam("pic_big"));
else
$this->set('prodPic', $objProduct->getParam("pic_small"));
if ($value > 1) {
$objProductParent = new PHPShopProduct($value);
$this->set('prodUid', $value);
if ($this->get('prodPic') == "")
$this->set('prodPic', $objProductParent->getParam("pic_small"));
$this->set('wishlistCartHide', null);
}
elseif ($objProduct->getParam("parent") != "") {
$this->set('wishlistCartHide', 'hide');
} else {
$this->set('prodUid', $key);
$this->set('wishlistCartHide', null);
}
$price = PHPShopProductFunction::GetPriceValuta($objProduct->objRow['id'], array($objProduct->objRow['price'], $objProduct->objRow['price2'], $objProduct->objRow['price3'], $objProduct->objRow['price4'], $objProduct->objRow['price5']), $objProduct->objRow['baseinputvaluta']);
$this->set('prodPrice', number_format($price, $this->format, '.', ' '));
$dis .= ParseTemplateReturn('users/wishlist/wishlist_list_one.tpl');
}
}
}
if ($dis) {
$this->set('wishlistList', $dis);
$this->set('formaContent', ParseTemplateReturn('users/wishlist/wishlist_list_main.tpl'));
} else {
$this->set('formaContent', ParseTemplateReturn('users/wishlist/wishlist_list_empty.tpl'));
}
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function user_info() {
if ($this->setHook(__CLASS__, __FUNCTION__, false, 'START'))
return true;
$this->PHPShopUser = new PHPShopUser($_SESSION['UsersId']);
$this->set('user_status', $this->PHPShopUser->getStatusName());
if ($this->get('user_status') == "")
$this->set('user_status', __(''));
$discount = 0 + max($this->PHPShopUser->getDiscount(), $this->PHPShopUser->getParam('cumulative_discount'));
$this->set('user_login', $this->PHPShopUser->getParam('login'));
$this->set('user_password', $this->decode($this->PHPShopUser->getParam('password')));
$this->set('user_name', $this->PHPShopUser->getParam('name'));
$this->set('user_mail', $this->PHPShopUser->getParam('mail'));
$this->set('user_company', $this->PHPShopUser->getParam('company'));
$this->set('user_inn', $this->PHPShopUser->getParam('inn'));
$this->set('user_tel', $this->PHPShopUser->getParam('tel'));
$this->set('user_tel_code', $this->PHPShopUser->getParam('tel_code'));
$this->set('user_adres', $this->PHPShopUser->getParam('adres'));
$this->set('user_kpp', $this->PHPShopUser->getParam('kpp'));
$this->set('user_cumulative_discount', $discount);
if ($this->PHPShopSystem->getSerilizeParam('admoption.order_bonus') > 0)
$this->set('user_bonus', $this->PHPShopUser->getBonus());
if ($this->PHPShopUser->getParam('sendmail') == 0)
$this->set('user_sendmail_checked', 'checked');
$this->set('formaTitle', $this->lang('user_info_title'));
if (PHPShopParser::checkFile("users/users_page_info.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/users_page_info.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/info.tpl', true));
$this->setHook(__CLASS__, __FUNCTION__, $this->PHPShopUser, 'END');
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function true_user() {
$hook = $this->setHook(__CLASS__, __FUNCTION__);
if ($hook)
return $hook;
if (PHPShopSecurity::true_num($_SESSION['UsersId'])) {
$this->UsersId = $_SESSION['UsersId'];
$this->UsersStatus = $_SESSION['UsersStatus'];
return true;
}
}
function encode($str) {
$hook = $this->setHook(__CLASS__, __FUNCTION__, $str);
if ($hook)
return $hook;
return base64_encode($str);
}
function decode($str) {
$hook = $this->setHook(__CLASS__, __FUNCTION__, $str);
if ($hook)
return $hook;
return base64_decode($str);
}
function secirity($option = array('url' => false, 'captcha' => true)) {
global $PHPShopRecaptchaElement;
if (!empty($option['url'])) {
preg_match_all('/http:?/', $_POST[$option['url']], $url, PREG_SET_ORDER);
if (count($url) > 0)
return false;
}
if ($option['captcha'] === true) {
if ($PHPShopRecaptchaElement->true()) {
$result = $PHPShopRecaptchaElement->check();
return $result;
}
elseif (!empty($_SESSION['text']) and strtoupper($_POST['key']) == strtoupper($_SESSION['text'])) {
return true;
} else
return false;
}
return true;
}
function add_user_check() {
if (!$this->secirity() and $this->no_captcha == false) {
$this->error[] = $this->lang('error_key');
return false;
}
$_POST['mail_new'] = $_POST['login_new'];
if (PHPShopSecurity::true_email($_POST['login_new'])) {
$where = array('login' => "='" . $_POST['login_new'] . "'");
if ($this->PHPShopSystem->ifSerilizeParam("admoption.user_servers_control"))
$where['servers'] = '=' . intval(HostID);
$data = $this->PHPShopOrm->select(array('id'), $where, false, array('limit' => 1));
if (!empty($data['id']))
$this->error[] = $this->lang('error_id');
} else {
$this->error[] = $this->lang('error_login');
}
if ($_POST['password_new'] != $_POST['password_new2'])
$this->error[] = $this->lang('error_password');
if (!PHPShopSecurity::true_passw($_POST['password_new']))
$this->error[] = $this->lang('error_password_hack');
if (strlen($_POST['name_new']) < 3)
$this->error[] = $this->lang('error_name');
$this->setHook(__CLASS__, __FUNCTION__, $_POST);
if (count($this->error) == 0)
return true;
}
function add($content = false, $list = false) {
if (!$this->activation) {
$user_mail_activate = 1;
$this->user_status = $this->PHPShopSystem->getSerilizeParam('admoption.user_status');
} else {
$user_mail_activate = 0;
$this->user_status = md5(time());
}
if ($_POST['subscribe_new'] == 'on') {
$subscribe = 1;
}
$insert = array(
'login_new' => PHPShopSecurity::TotalClean($_POST['login_new'], 3),
'password_new' => $this->encode($_POST['password_new']),
'datas_new' => time(),
'mail_new' => PHPShopSecurity::TotalClean($_POST['mail_new'], 3),
'name_new' => PHPShopSecurity::TotalClean($_POST['name_new']),
'company_new' => PHPShopSecurity::TotalClean($_POST['company_new']),
'inn_new' => PHPShopSecurity::TotalClean($_POST['inn_new']),
'tel_new' => PHPShopSecurity::TotalClean($_POST['tel_new']),
'adres_new' => PHPShopSecurity::TotalClean($_POST['adres_new']),
'enabled_new' => $user_mail_activate,
'status_new' => $this->user_status,
'kpp_new' => PHPShopSecurity::TotalClean($_POST['kpp_new']),
'subscribe_new' => $subscribe,
'tel_code_new' => PHPShopSecurity::TotalClean($_POST['tel_code_new']),
'servers_new' => HostID
);
$hook = $this->setHook(__CLASS__, __FUNCTION__, $insert);
if (is_array($hook))
$insert = $hook;
$result = $this->PHPShopOrm->insert($insert);
return $result;
}
function user_check_by_email($login) {
$PHPShopOrm = new PHPShopOrm($this->getValue('base.shopusers'));
$PHPShopOrm->debug = $this->debug;
$PHPShopOrm->Option['where'] = " or ";
if (PHPShopSecurity::true_email($login)) {
$data = $PHPShopOrm->select(array('id'), array('mail' => '="' . trim($login) . '"', 'login' => '="' . trim($login) . '"'), array('order' => 'id desc'), array('limit' => 1));
if (is_array($data) AND PHPShopSecurity::true_num($data['id'])) {
return $data['id'];
}
}
return false;
}
function generatePassword($length = 8) {
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
$numChars = strlen($chars);
$string = '';
for ($i = 0; $i < $length; $i++) {
$string .= substr($chars, rand(1, $numChars) - 1, 1);
}
return $string;
}
function add_user_from_order($login) {
$this->activation = false;
$this->no_captcha = true;
$_POST['mail_new'] = $_POST['login_new'] = $login;
$_POST['password_new'] = $_POST['password_new2'] = $this->generatePassword();
$this->UsersId = $this->user_check_by_email($login);
if (!$this->UsersId)
$this->action_add_user();
if ($this->UsersId)
return $this->UsersId;
else
return false;
}
function action_newsletter() {
$_SESSION['text'] = $_POST['key'] = "fromOrder";
$login = $_REQUEST['newsletter_email'];
$_POST['mail_new'] = $_POST['login_new'] = $login;
$_POST['password_new'] = $_POST['password_new2'] = $this->generatePassword();
$_POST['name_new'] = "";
$this->UsersId = $this->user_check_by_email($login);
if ($this->UsersId) {
if (PHPShopParser::checkFile("users/newsletter/newsletter_user_exist.tpl"))
$this->Disp = ParseTemplateReturn('users/newsletter/newsletter_user_exist.tpl');
else
$this->Disp = ParseTemplateReturn('phpshop/lib/templates/users/newsletter/newsletter_user_exist.tpl', true);
return true;
}
if (!$this->UsersId) {
$this->action_add_user();
}
if (count($this->error)) {
if (PHPShopParser::checkFile("users/newsletter/newsletter_add_error.tpl"))
$this->Disp = ParseTemplateReturn('users/newsletter/newsletter_add_error.tpl');
else
$this->Disp = ParseTemplateReturn('phpshop/lib/templates/users/newsletter/newsletter_add_error.tpl', true);
return true;
}
if ($this->UsersId) {
if (!$this->activation) {
if (PHPShopParser::checkFile("users/newsletter/newsletter_add_success.tpl"))
$this->Disp = ParseTemplateReturn('users/newsletter/newsletter_add_success.tpl');
else
$this->Disp = ParseTemplateReturn('phpshop/lib/templates/users/newsletter/newsletter_add_success.tpl', true);
}
else {
if (PHPShopParser::checkFile("users/newsletter/newsletter_add_success_need_activation.tpl"))
$this->Disp = ParseTemplateReturn('users/newsletter/newsletter_add_success_need_activation.tpl');
else
$this->Disp = ParseTemplateReturn('phpshop/lib/templates/users/newsletter/newsletter_add_success_need_activation.tpl', true);
}
}
}
function action_add_user() {
if ($this->add_user_check()) {
$this->UsersId = $this->add();
if (!$this->activation) {
$_POST['login'] = $_POST['login_new'];
$_POST['password'] = $_POST['password_new'];
$this->PHPShopUserElement->autorization();
$this->message_register_success();
$this->PHPShopUserElement->checkRedirect();
$this->redirectToUserInfo();
} else {
$this->message_activation();
}
} else {
$this->error();
$this->action_register();
}
}
function message_register_success() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__, false, 'users');
}
function redirectToUserInfo() {
if ($this->PHPShopNav->getPath() != "done" AND $this->PHPShopNav->getName() != "newsletter")
header("Location: " . $GLOBALS['SysValue']['dir']['dir'] . "/users/");
}
function message_activation() {
if ($this->setHook(__CLASS__, __FUNCTION__))
return true;
$this->doLoadFunction(__CLASS__, __FUNCTION__, false, 'users');
}
function action_register() {
if ($this->true_user()) {
$this->user_info();
return;
}
$this->set('formaTitle', $this->lang('user_register_title'));
if (PHPShopParser::checkFile("users/register.tpl"))
$this->set('formaContent', ParseTemplateReturn('users/register.tpl'));
else
$this->set('formaContent', ParseTemplateReturn('phpshop/lib/templates/users/register.tpl', true));
$this->setHook(__CLASS__, __FUNCTION__);
$this->ParseTemplate($this->getValue('templates.users_page_list'));
}
function tr() {
$Arg = func_get_args();
$tr = '<tr>';
foreach ($Arg as $key => $val)
if ($val != '-')
$col[$key] = 1;
else
$col[$key] = 2;
foreach ($Arg as $key => $val) {
if ($val != '-')
$tr .= PHPShopText::td($val, false, @$col[$key + 1], $id = 'allspecwhite');
}
$tr .= '</tr>';
return $tr;
}
function caption() {
$Arg = func_get_args();
$tr = '<thead><tr id="allspec">';
foreach ($Arg as $val) {
$tr .= PHPShopText::td(PHPShopText::b($val), false, false);
}
$tr .= '</tr></thead>';
return $tr;
}
}
?>