diff --git a/GEAENDERTE DATEIEN/DEINADMIN/customers.php b/GEAENDERTE DATEIEN/DEINADMIN/customers.php index 2fdfcbb..87c96f2 100644 --- a/GEAENDERTE DATEIEN/DEINADMIN/customers.php +++ b/GEAENDERTE DATEIEN/DEINADMIN/customers.php @@ -1,92 +1,89 @@ bindVars($addresses_query, ':customersID', $_GET['cID'], 'integer'); - - $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_LIST_ADDRESSES', $addresses_query); - - $addresses = $db->Execute($addresses_query); - $addressArray = array(); - foreach ($addresses as $address) { - $format_id = zen_get_address_format_id($address['country_id']); +if (!empty($action)) { + switch ($action) { + case 'list_addresses': + $customer = new Customer($_GET['cID']); + $addressArray = $customer->getData('addresses'); + break; + case 'status': + if (isset($_POST['current_status']) && ctype_digit($_POST['current_status'])) { + if ($_POST['current_status'] === CUSTOMERS_APPROVAL_AUTHORIZATION) { + if (CUSTOMERS_APPROVAL_AUTHORIZATION === '1' || CUSTOMERS_APPROVAL_AUTHORIZATION === '2') { + $customers_authorization = 0; + } else { + $customers_authorization = 4; + } - $addressArray[] = array( - 'firstname' => $address['firstname'], - 'lastname' => $address['lastname'], - 'address_book_id' => $address['address_book_id'], - 'format_id' => $format_id, - 'address' => $address); - } - break; - case 'list_addresses_done': - $action = ''; - zen_redirect(zen_href_link(FILENAME_CUSTOMERS, 'cID=' . (int)$_GET['cID'] . '&page=' . $_GET['page'], 'NONSSL')); - break; - case 'status': - if (isset($_POST['current']) && is_numeric($_POST['current'])) { - if ($_POST['current'] == CUSTOMERS_APPROVAL_AUTHORIZATION) { - if (CUSTOMERS_APPROVAL_AUTHORIZATION == 1 || CUSTOMERS_APPROVAL_AUTHORIZATION == 2) { - $customers_authorization = 0; - } else { - $customers_authorization = 4; - } - $sql = "UPDATE " . TABLE_CUSTOMERS . " - SET customers_authorization = " . $customers_authorization . " - WHERE customers_id = " . (int)$customers_id; - $custinfo = $db->Execute("SELECT customers_email_address, customers_firstname, customers_lastname - FROM " . TABLE_CUSTOMERS . " - WHERE customers_id = " . (int)$customers_id); - if ((int)CUSTOMERS_APPROVAL_AUTHORIZATION > 0 && (int)$_POST['current'] > 0 && $custinfo->RecordCount() > 0) { - $message = EMAIL_CUSTOMER_STATUS_CHANGE_MESSAGE; - $html_msg['EMAIL_MESSAGE_HTML'] = EMAIL_CUSTOMER_STATUS_CHANGE_MESSAGE; - zen_mail($custinfo->fields['customers_firstname'] . ' ' . $custinfo->fields['customers_lastname'], $custinfo->fields['customers_email_address'], EMAIL_CUSTOMER_STATUS_CHANGE_SUBJECT, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'default'); - } - zen_record_admin_activity('Customer-approval-authorization set customer auth status to 0 for customer ID ' . (int)$customers_id, 'info'); - } else { - $sql = "UPDATE " . TABLE_CUSTOMERS . " - SET customers_authorization = '" . CUSTOMERS_APPROVAL_AUTHORIZATION . "' - WHERE customers_id = " . (int)$customers_id; - zen_record_admin_activity('Customer-approval-authorization set customer auth status to ' . CUSTOMERS_APPROVAL_AUTHORIZATION . ' for customer ID ' . (int)$customers_id, 'info'); - } - $db->Execute($sql); - $action = ''; - zen_redirect(zen_href_link(FILENAME_CUSTOMERS, 'cID=' . (int)$customers_id . '&page=' . $_GET['page'], 'NONSSL')); - } - $action = ''; - break; - case 'update': + $customer = new Customer($customers_id); + $old = $customer->getData('customers_authorization'); + $custinfo = $customer->setCustomerAuthorizationStatus($customers_authorization); + if ((int)CUSTOMERS_APPROVAL_AUTHORIZATION > 0 && (int)$_POST['current_status'] > 0 && $old != $customers_authorization) { + $message = EMAIL_CUSTOMER_STATUS_CHANGE_MESSAGE; + $html_msg['EMAIL_MESSAGE_HTML'] = EMAIL_CUSTOMER_STATUS_CHANGE_MESSAGE; + zen_mail( + $custinfo['customers_firstname'] . ' ' . $custinfo['customers_lastname'], + $custinfo['customers_email_address'], + EMAIL_CUSTOMER_STATUS_CHANGE_SUBJECT, + $message, + STORE_NAME, + EMAIL_FROM, + $html_msg, + 'default' + ); + } + zen_record_admin_activity( + 'Customer-approval-authorization set customer auth status to 0 for customer ID ' . $customers_id, + 'info' + ); + } else { + $customer = new Customer($customers_id); + $customer->setCustomerAuthorizationStatus(CUSTOMERS_APPROVAL_AUTHORIZATION); + zen_record_admin_activity( + 'Customer-approval-authorization set customer auth status to ' . CUSTOMERS_APPROVAL_AUTHORIZATION . ' for customer ID ' . (int)$customers_id, + 'info' + ); + } + zen_redirect( + zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(['action']), 'NONSSL') + ); + } + $action = ''; + break; + case 'update': // bof Zahlungsart nur fuer bestimmte Kunden anbieten if (isset($_POST['optional_payment_1']) && zen_not_null($_POST['optional_payment_1'])) { @@ -99,596 +96,593 @@ $customers_lastname = zen_db_prepare_input(zen_sanitize_string($_POST['customers_lastname'])); $customers_email_address = zen_db_prepare_input($_POST['customers_email_address']); $customers_telephone = zen_db_prepare_input($_POST['customers_telephone']); - if (ACCOUNT_FAX_NUMBER == 'true'){ - $customers_fax = zen_db_prepare_input($_POST['customers_fax']); - } - $customers_newsletter = zen_db_prepare_input($_POST['customers_newsletter']); - $customers_group_pricing = (int)zen_db_prepare_input($_POST['customers_group_pricing']); - $customers_email_format = zen_db_prepare_input($_POST['customers_email_format']); - $customers_gender = !empty($_POST['customers_gender']) ? zen_db_prepare_input($_POST['customers_gender']) : ''; - $customers_dob = (empty($_POST['customers_dob']) ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_db_prepare_input($_POST['customers_dob'])); - - $customers_authorization = zen_db_prepare_input($_POST['customers_authorization']); - $customers_referral = zen_db_prepare_input($_POST['customers_referral']); - - if (CUSTOMERS_APPROVAL_AUTHORIZATION == 2 && $customers_authorization == 1) { - $customers_authorization = 2; - $messageStack->add_session(ERROR_CUSTOMER_APPROVAL_CORRECTION2, 'caution'); - } + $customers_fax = ''; + if (ACCOUNT_FAX_NUMBER === 'true') { + $customers_fax = zen_db_prepare_input($_POST['customers_fax']); + } + $customers_newsletter = zen_db_prepare_input($_POST['customers_newsletter']); + $customers_group_pricing = (int)$_POST['customers_group_pricing']; + $customers_email_format = zen_db_prepare_input($_POST['customers_email_format']); + $customers_gender = !empty($_POST['customers_gender']) ? + zen_db_prepare_input($_POST['customers_gender']) : ''; + $customers_dob = (empty($_POST['customers_dob'])) ? + zen_db_prepare_input('0001-01-01 00:00:00') : zen_db_prepare_input($_POST['customers_dob']); + + $customers_authorization = (int)$_POST['customers_authorization']; + $customers_referral = zen_db_prepare_input($_POST['customers_referral']); + + if (CUSTOMERS_APPROVAL_AUTHORIZATION === '2' && $customers_authorization === 1) { + $customers_authorization = 2; + $messageStack->add_session(ERROR_CUSTOMER_APPROVAL_CORRECTION2, 'caution'); + } - if (CUSTOMERS_APPROVAL_AUTHORIZATION == 1 && $customers_authorization == 2) { - $customers_authorization = 1; - $messageStack->add_session(ERROR_CUSTOMER_APPROVAL_CORRECTION1, 'caution'); - } + if (CUSTOMERS_APPROVAL_AUTHORIZATION === '1' && $customers_authorization === 2) { + $customers_authorization = 1; + $messageStack->add_session(ERROR_CUSTOMER_APPROVAL_CORRECTION1, 'caution'); + } - $default_address_id = zen_db_prepare_input($_POST['default_address_id']); - $entry_street_address = zen_db_prepare_input($_POST['entry_street_address']); - $entry_suburb = zen_db_prepare_input($_POST['entry_suburb']); - $entry_suburb_error = false; - $entry_postcode = zen_db_prepare_input($_POST['entry_postcode']); + $default_address_id = (int)$_POST['default_address_id']; + $entry_street_address = zen_db_prepare_input($_POST['entry_street_address']); + $entry_suburb = !empty($_POST['entry_suburb']) ? zen_db_prepare_input($_POST['entry_suburb']) : ''; + $entry_postcode = zen_db_prepare_input($_POST['entry_postcode']); $entry_city = zen_db_prepare_input($_POST['entry_city']); - $entry_country_id = zen_db_prepare_input($_POST['entry_country_id']); - - $entry_company = zen_db_prepare_input($_POST['entry_company']); - $entry_company_error = false; - if (ACCOUNT_STATE == 'true'){ - $entry_state = zen_db_prepare_input($_POST['entry_state']); - } - if (isset($_POST['entry_zone_id'])) $entry_zone_id = zen_db_prepare_input($_POST['entry_zone_id']); - - if (strlen($customers_firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) { - $error = true; - $entry_firstname_error = true; - } else { - $entry_firstname_error = false; - } - - if (strlen($customers_lastname) < ENTRY_LAST_NAME_MIN_LENGTH) { - $error = true; - $entry_lastname_error = true; - } else { - $entry_lastname_error = false; - } - - if (ACCOUNT_DOB == 'true') { - if (ENTRY_DOB_MIN_LENGTH > 0) { - if (checkdate(substr(zen_date_raw($customers_dob), 4, 2), substr(zen_date_raw($customers_dob), 6, 2), substr(zen_date_raw($customers_dob), 0, 4))) { - $entry_date_of_birth_error = false; - } else { - $error = true; - $entry_date_of_birth_error = true; - } - } - } else { - $customers_dob = '0001-01-01 00:00:00'; - } - - if (strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) { - $error = true; - $entry_email_address_error = true; - } else { - $entry_email_address_error = false; - } - - if (!zen_validate_email($customers_email_address)) { - $error = true; - $entry_email_address_check_error = true; - } else { - $entry_email_address_check_error = false; - } - - if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) { - $error = true; - $entry_street_address_error = true; - } else { - $entry_street_address_error = false; - } - - if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) { - $error = true; - $entry_post_code_error = true; - } else { - $entry_post_code_error = false; - } - - if (strlen($entry_city) < ENTRY_CITY_MIN_LENGTH) { - $error = true; - $entry_city_error = true; - } else { - $entry_city_error = false; - } - - if ($entry_country_id == false) { - $error = true; - $entry_country_error = true; - } else { - $entry_country_error = false; - } - - if (ACCOUNT_STATE == 'true') { - if ($entry_country_error == true) { - $entry_state_error = true; - } else { - $zone_id = 0; - $entry_state_error = false; - $check_value = $db->Execute("SELECT COUNT(*) AS total - FROM " . TABLE_ZONES . " - WHERE zone_country_id = " . (int)$entry_country_id); - - $entry_state_has_zones = ($check_value->fields['total'] > 0); - if ($entry_state_has_zones == true) { - $zone_query = $db->Execute("SELECT zone_id - FROM " . TABLE_ZONES . " - WHERE zone_country_id = " . (int)$entry_country_id . " - AND zone_name = '" . zen_db_input($entry_state) . "'"); - - if ($zone_query->RecordCount() > 0) { - $entry_zone_id = $zone_query->fields['zone_id']; + $entry_country_id = (int)$_POST['entry_country_id']; + $entry_company = !empty($_POST['entry_company']) ? zen_db_prepare_input($_POST['entry_company']) : ''; + $entry_state = !empty($_POST['entry_state']) ? zen_db_prepare_input($_POST['entry_state']) : ''; + $entry_zone_id = (int)($_POST['entry_zone_id'] ?? 0); + + if (ACCOUNT_GENDER === 'true' && empty($customers_gender)) { + $error = true; + $entry_gender_error = true; } else { - $error = true; - $entry_state_error = true; - } - } else { - if (strlen($entry_state) < (int)ENTRY_STATE_MIN_LENGTH) { - $error = true; - $entry_state_error = true; + $entry_gender_error = false; } - } - } - } - if (strlen($customers_telephone) < ENTRY_TELEPHONE_MIN_LENGTH) { - $error = true; - $entry_telephone_error = true; - } else { - $entry_telephone_error = false; - } - - $check_email = $db->Execute("SELECT customers_email_address - FROM " . TABLE_CUSTOMERS . " - WHERE customers_email_address = '" . zen_db_input($customers_email_address) . "' - AND customers_id != " . (int)$customers_id); - - if ($check_email->RecordCount() > 0) { - $error = true; - $entry_email_address_exists = true; - } else { - $entry_email_address_exists = false; - } + if (ACCOUNT_DOB === 'true') { + if (checkdate( + (int)substr(zen_date_raw($customers_dob), 4, 2), + (int)substr(zen_date_raw($customers_dob), 6, 2), + (int)substr(zen_date_raw($customers_dob), 0, 4) + )) { + $entry_date_of_birth_error = false; + } else { + $error = true; + $entry_date_of_birth_error = true; + } + } else { + $customers_dob = '0001-01-01 00:00:00'; + } - $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_UPDATE_VALIDATE', array(), $error); + $entry_email_address_check_error = false; + if (!zen_validate_email($customers_email_address)) { + $error = true; + $entry_email_address_check_error = true; + } - if ($error == false) { + $entry_email_address_exists = !zen_check_email_address_not_already_used( + $customers_email_address, + $customers_id + ); + if ($entry_email_address_exists) { + $error = true; + } - $sql_data_array = array(array('fieldName' => 'customers_firstname', 'value' => $customers_firstname, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_lastname', 'value' => $customers_lastname, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'optional_payment_1', 'value'=>$optional_payment_1, 'type'=>'stringIgnoreNull'), - array('fieldName' => 'customers_email_address', 'value' => $customers_email_address, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_telephone', 'value' => $customers_telephone, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_group_pricing', 'value' => $customers_group_pricing, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_newsletter', 'value' => $customers_newsletter, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_email_format', 'value' => $customers_email_format, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_authorization', 'value' => $customers_authorization, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'customers_referral', 'value' => $customers_referral, 'type' => 'stringIgnoreNull'), - ); + $zone_id = 0; + $entry_state_error = false; + if (ACCOUNT_STATE === 'true') { + $entry_state_has_zones = count(zen_get_country_zones($entry_country_id)) > 0; + if ($entry_state_has_zones) { + $zone_query = $db->Execute( + "SELECT zone_id + FROM " . TABLE_ZONES . " + WHERE zone_country_id = " . (int)$entry_country_id . " + AND zone_name = '" . zen_db_input($entry_state) . "'" + ); + + if (!$zone_query->EOF) { + $entry_zone_id = $zone_query->fields['zone_id']; + } else { + $error = true; + $entry_state_error = true; + } + } + } - if (ACCOUNT_GENDER == 'true') { - $sql_data_array[] = array('fieldName' => 'customers_gender', 'value' => $customers_gender, 'type' => 'stringIgnoreNull'); - } - if (ACCOUNT_DOB == 'true') { - $sql_data_array[] = array('fieldName' => 'customers_dob', 'value' => ($customers_dob == '0001-01-01 00:00:00' ? '0001-01-01 00:00:00' : zen_date_raw($customers_dob)), 'type' => 'date'); - } - if (ACCOUNT_FAX_NUMBER == 'true'){ - $sql_data_array[] = array('fieldName' => 'customers_fax', 'value' => $customers_fax, 'type' => 'stringIgnoreNull'); - } + $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_UPDATE_VALIDATE', [], $error); + + if ($error === false) { + $sql_data_array = [ + [ + 'fieldName' => 'customers_firstname', + 'value' => $customers_firstname, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_lastname', + 'value' => $customers_lastname, + 'type' => 'stringIgnoreNull' + ], + + + [ + 'fieldName' => 'optional_payment_1', + 'value' => $optional_payment_1, + 'type' => 'stringIgnoreNull' + ], + + [ + 'fieldName' => 'customers_email_address', + 'value' => $customers_email_address, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_telephone', + 'value' => $customers_telephone, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_fax', + 'value' => $customers_fax, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_group_pricing', + 'value' => $customers_group_pricing, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_newsletter', + 'value' => $customers_newsletter, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_email_format', + 'value' => $customers_email_format, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_authorization', + 'value' => $customers_authorization, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'customers_referral', + 'value' => $customers_referral, + 'type' => 'stringIgnoreNull' + ], + ]; + + if (ACCOUNT_GENDER === 'true') { + $sql_data_array[] = [ + 'fieldName' => 'customers_gender', + 'value' => $customers_gender, + 'type' => 'stringIgnoreNull' + ]; + } + if (ACCOUNT_DOB === 'true') { + $sql_data_array[] = [ + 'fieldName' => 'customers_dob', + 'value' => ($customers_dob === '0001-01-01 00:00:00') ? + '0001-01-01 00:00:00' : zen_date_raw($customers_dob), + 'type' => 'date' + ]; + } - $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customers_id . "'"); + $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_CUSTOMER_UPDATE', $customers_id, $sql_data_array); + $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = " . (int)$customers_id . " LIMIT 1"); - $db->Execute("UPDATE " . TABLE_CUSTOMERS_INFO . " + $db->Execute( + "UPDATE " . TABLE_CUSTOMERS_INFO . " SET customers_info_date_account_last_modified = now() - WHERE customers_info_id = " . (int)$customers_id); - if (ACCOUNT_STATE == 'true') { + WHERE customers_info_id = " . (int)$customers_id . " + LIMIT 1" + ); if ($entry_zone_id > 0) { $entry_state = ''; } - } - - $sql_data_array = array(array('fieldName' => 'entry_firstname', 'value' => $customers_firstname, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'entry_lastname', 'value' => $customers_lastname, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'entry_street_address', 'value' => $entry_street_address, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'entry_postcode', 'value' => $entry_postcode, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'entry_city', 'value' => $entry_city, 'type' => 'stringIgnoreNull'), - array('fieldName' => 'entry_country_id', 'value' => $entry_country_id, 'type' => 'integer'), - ); - - if (ACCOUNT_COMPANY == 'true') { - $sql_data_array[] = array('fieldName' => 'entry_company', 'value' => $entry_company, 'type' => 'stringIgnoreNull'); - } - if (ACCOUNT_SUBURB == 'true') { - $sql_data_array[] = array('fieldName' => 'entry_suburb', 'value' => $entry_suburb, 'type' => 'stringIgnoreNull'); - } + $sql_data_array = [ + [ + 'fieldName' => 'entry_firstname', + 'value' => $customers_firstname, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'entry_lastname', + 'value' => $customers_lastname, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'entry_street_address', + 'value' => $entry_street_address, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'entry_postcode', + 'value' => $entry_postcode, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'entry_city', + 'value' => $entry_city, + 'type' => 'stringIgnoreNull' + ], + [ + 'fieldName' => 'entry_country_id', + 'value' => $entry_country_id, + 'type' => 'integer' + ], + ]; + + if (ACCOUNT_COMPANY === 'true') { + $sql_data_array[] = [ + 'fieldName' => 'entry_company', + 'value' => $entry_company, + 'type' => 'stringIgnoreNull' + ]; + } + if (ACCOUNT_SUBURB === 'true') { + $sql_data_array[] = [ + 'fieldName' => 'entry_suburb', + 'value' => $entry_suburb, + 'type' => 'stringIgnoreNull' + ]; + } - if (ACCOUNT_STATE == 'true') { - if ($entry_zone_id > 0) { - $sql_data_array[] = array('fieldName' => 'entry_zone_id', 'value' => $entry_zone_id, 'type' => 'integer'); - $sql_data_array[] = array('fieldName' => 'entry_state', 'value' => '', 'type' => 'stringIgnoreNull'); - } else { - $sql_data_array[] = array('fieldName' => 'entry_zone_id', 'value' => 0, 'type' => 'integer'); - $sql_data_array[] = array('fieldName' => 'entry_state', 'value' => $entry_state, 'type' => 'stringIgnoreNull'); - } - } + if (ACCOUNT_STATE === 'true') { + if ($entry_zone_id > 0) { + $sql_data_array[] = [ + 'fieldName' => 'entry_zone_id', + 'value' => $entry_zone_id, + 'type' => 'integer' + ]; + $sql_data_array[] = [ + 'fieldName' => 'entry_state', + 'value' => '', + 'type' => 'string' + ]; + } else { + $sql_data_array[] = [ + 'fieldName' => 'entry_zone_id', + 'value' => 0, + 'type' => 'integer' + ]; + $sql_data_array[] = [ + 'fieldName' => 'entry_state', + 'value' => $entry_state, + 'type' => 'string' + ]; + } + } - $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_B4_ADDRESS_UPDATE', array('customers_id' => $customers_id, 'address_book_id' => $default_address_id), $sql_data_array); + $zco_notifier->notify( + 'NOTIFY_ADMIN_CUSTOMERS_B4_ADDRESS_UPDATE', + ['customers_id' => $customers_id, 'address_book_id' => $default_address_id], + $sql_data_array + ); + + $db->perform( + TABLE_ADDRESS_BOOK, + $sql_data_array, + 'update', + "customers_id = " . (int)$customers_id . " AND address_book_id = " . (int)$default_address_id . " LIMIT 1" + ); + + if (isset($_POST['customer_groups']) && is_array($_POST['customer_groups'])) { + zen_sync_customer_group_assignments($customers_id, $_POST['customer_groups']); + } - $db->perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '" . (int)$customers_id . "' and address_book_id = '" . (int)$default_address_id . "'"); - zen_record_admin_activity('Customer record updated for customer ID ' . (int)$customers_id, 'notice'); - $zco_notifier->notify('ADMIN_CUSTOMER_UPDATE', (int)$customers_id, $default_address_id, $sql_data_array); - zen_redirect(zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id, 'NONSSL')); - } else if ($error == true) { - $cInfo = new objectInfo($_POST); - $processed = true; - } + zen_record_admin_activity('Customer record updated for customer ID ' . (int)$customers_id, 'notice'); - break; - case 'pwdresetconfirm': - if ((int)$customers_id > 0 && isset($_POST['newpassword']) && $_POST['newpassword'] != '' && isset($_POST['newpasswordConfirm']) && $_POST['newpasswordConfirm'] != '') { + // ----- + // The following, seemingly duplicate, notifications enable an auto-loaded admin observer to successfully + // bind to the notification using the 'NOTIFY_ADMIN_CUSTOMER_UPDATE' version. The other notification is kept + // for downward compatibility with existing plugins' observers. + // + $zco_notifier->notify( + 'NOTIFY_ADMIN_CUSTOMER_UPDATE', + $customers_id, + $default_address_id, + $sql_data_array + ); + $zco_notifier->notify( + 'ADMIN_CUSTOMER_UPDATE', + $customers_id, + $default_address_id, + $sql_data_array + ); + + zen_redirect( + zen_href_link( + FILENAME_CUSTOMERS, + zen_get_all_get_params(['cID', 'action']) . 'cID=' . $customers_id, + 'NONSSL' + ) + ); + } elseif ($error === true) { + $cInfo = new objectInfo($_POST); + $cInfo->company = $cInfo->entry_company; + $cInfo->street_address = $cInfo->entry_street_address; + $cInfo->suburb = $cInfo->entry_suburb; + $cInfo->postcode = $cInfo->entry_postcode; + $cInfo->city = $cInfo->entry_city; + $cInfo->state = $cInfo->entry_state; + $processed = true; + } + break; + case 'pwdresetconfirm': + if ($customers_id > 0 && isset($_POST['newpassword']) && $_POST['newpassword'] !== '' && isset($_POST['newpasswordConfirm']) && $_POST['newpasswordConfirm'] !== '') { $password_new = zen_db_prepare_input($_POST['newpassword']); $password_confirmation = zen_db_prepare_input($_POST['newpasswordConfirm']); $error = FALSE; if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) { $error = true; $messageStack->add_session(ERROR_PWD_TOO_SHORT . '(' . ENTRY_PASSWORD_MIN_LENGTH . ')', 'error'); - } elseif ($password_new != $password_confirmation) { - $error = true; - $messageStack->add_session(ERROR_PASSWORDS_NOT_MATCHING, 'error'); - } - if ($error == FALSE) { - $sql = "SELECT customers_email_address, customers_firstname, customers_lastname - FROM " . TABLE_CUSTOMERS . " - WHERE customers_id = :customersID"; - $sql = $db->bindVars($sql, ':customersID', $customers_id, 'integer'); - $custinfo = $db->Execute($sql); - if ($custinfo->RecordCount() == 0) { - die('ERROR: customer ID not specified. This error should never happen.'); - } - - $sql = "UPDATE " . TABLE_CUSTOMERS . " - SET customers_password = :password - WHERE customers_id = :customersID"; - $sql = $db->bindVars($sql, ':customersID', $customers_id, 'integer'); - $sql = $db->bindVars($sql, ':password', zen_encrypt_password($password_new), 'string'); - $db->Execute($sql); - $sql = "UPDATE " . TABLE_CUSTOMERS_INFO . " - SET customers_info_date_account_last_modified = now() - WHERE customers_info_id = :customersID"; - $sql = $db->bindVars($sql, ':customersID', $customers_id, 'integer'); - $db->Execute($sql); - - $message = EMAIL_CUSTOMER_PWD_CHANGE_MESSAGE . "\n\n" . $password_new . "\n\n\n"; - $html_msg['EMAIL_MESSAGE_HTML'] = nl2br($message); - zen_mail($custinfo->fields['customers_firstname'] . ' ' . $custinfo->fields['customers_lastname'], $custinfo->fields['customers_email_address'], EMAIL_CUSTOMER_PWD_CHANGE_SUBJECT, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'default'); - $userList = zen_get_users($_SESSION['admin_id']); + } elseif ($password_new !== $password_confirmation) { + $error = true; + $messageStack->add_session(ERROR_PASSWORDS_NOT_MATCHING, 'error'); + } + if ($error === false) { + $customer = new Customer($customers_id); + $custinfo = $customer->getData(); + if (empty($custinfo)) { + die('ERROR: customer ID not specified. This error should never happen.'); + } + $customer->setPassword($password_new); + + $message = EMAIL_CUSTOMER_PWD_CHANGE_MESSAGE . "\n\n" . $password_new . "\n\n\n"; + $html_msg['EMAIL_MESSAGE_HTML'] = nl2br($message); + zen_mail( + $custinfo['customers_firstname'] . ' ' . $custinfo['customers_lastname'], + $custinfo['customers_email_address'], + EMAIL_CUSTOMER_PWD_CHANGE_SUBJECT, + $message, + STORE_NAME, + EMAIL_FROM, + $html_msg, + 'default' + ); + $userList = zen_get_users($_SESSION['admin_id']); $userDetails = $userList[0]; $adminUser = $userDetails['id'] . '-' . $userDetails['name'] . ' ' . zen_get_ip_address(); - $message = sprintf(EMAIL_CUSTOMER_PWD_CHANGE_MESSAGE_FOR_ADMIN, $custinfo->fields['customers_firstname'] . ' ' . $custinfo->fields['customers_lastname'] . ' ' . $custinfo->fields['customers_email_address'], $adminUser) . "\n"; - $html_msg['EMAIL_MESSAGE_HTML'] = nl2br($message); - zen_mail($userDetails['name'], $userDetails['email'], EMAIL_CUSTOMER_PWD_CHANGE_SUBJECT, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'default'); + $message = sprintf( + EMAIL_CUSTOMER_PWD_CHANGE_MESSAGE_FOR_ADMIN, + $custinfo['customers_firstname'] . ' ' . $custinfo['customers_lastname'] . ' ' . $custinfo['customers_email_address'], + $adminUser + ) . "\n"; + $html_msg['EMAIL_MESSAGE_HTML'] = nl2br($message); + zen_mail( + $userDetails['name'], + $userDetails['email'], + EMAIL_CUSTOMER_PWD_CHANGE_SUBJECT, + $message, + STORE_NAME, + EMAIL_FROM, + $html_msg, + 'default' + ); $messageStack->add_session(SUCCESS_PASSWORD_UPDATED, 'success'); } - zen_redirect(zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id)); - } - break; - case 'deleteconfirm': - $customers_id = zen_db_prepare_input($_POST['cID']); - - $zco_notifier->notify('NOTIFIER_ADMIN_ZEN_CUSTOMERS_DELETE_CONFIRM', array('customers_id' => $customers_id)); - - if (isset($_POST['delete_reviews']) && ($_POST['delete_reviews'] == 'on')) { - $reviews = $db->Execute("SELECT reviews_id - FROM " . TABLE_REVIEWS . " - WHERE customers_id = " . (int)$customers_id); - while (!$reviews->EOF) { - $db->Execute("DELETE FROM " . TABLE_REVIEWS_DESCRIPTION . " - WHERE reviews_id = " . (int)$reviews->fields['reviews_id']); - $reviews->MoveNext(); - } - - $db->Execute("DELETE FROM " . TABLE_REVIEWS . " - WHERE customers_id = '" . (int)$customers_id . "'"); - } else { - $db->Execute("UPDATE " . TABLE_REVIEWS . " - SET customers_id = null - WHERE customers_id = " . (int)$customers_id); - } - - $db->Execute("DELETE FROM " . TABLE_ADDRESS_BOOK . " - WHERE customers_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_CUSTOMERS . " - WHERE customers_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_CUSTOMERS_INFO . " - WHERE customers_info_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_CUSTOMERS_BASKET . " - WHERE customers_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " - WHERE customers_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_WHOS_ONLINE . " - WHERE customer_id = " . (int)$customers_id); - - $db->Execute("DELETE FROM " . TABLE_PRODUCTS_NOTIFICATIONS . " - WHERE customers_id = " . (int)$customers_id); - - zen_record_admin_activity('Customer with customer ID ' . (int)$customers_id . ' deleted.', 'warning'); - zen_redirect(zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(array('cID', 'action')), 'NONSSL')); - break; + zen_redirect( + zen_href_link( + FILENAME_CUSTOMERS, + zen_get_all_get_params(['cID', 'action']) . 'cID=' . $customers_id + ) + ); + } + break; + case 'deleteconfirm': + $zco_notifier->notify('NOTIFIER_ADMIN_ZEN_CUSTOMERS_DELETE_CONFIRM', ['customers_id' => $customers_id]); + $customer = new Customer($customers_id); + $delete_reviews = (isset($_POST['delete_reviews']) && $_POST['delete_reviews'] === 'on'); + $forget_only = (isset($_POST['delete_type_forget']) && $_POST['delete_type_forget'] === 'forget'); + $customer->delete($delete_reviews, $forget_only); + zen_redirect(zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(['cID', 'action']), 'NONSSL')); + break; default: - $customers = $db->Execute("SELECT c.customers_id, c.customers_gender, c.customers_firstname, c.optional_payment_1, - c.customers_lastname, c.customers_dob, c.customers_email_address, - a.entry_company, a.entry_street_address, a.entry_suburb, - a.entry_postcode, a.entry_city, a.entry_state, a.entry_zone_id, - a.entry_country_id, c.customers_telephone, c.customers_fax, - c.customers_newsletter, c.customers_default_address_id, - c.customers_email_format, c.customers_group_pricing, - c.customers_authorization, c.customers_referral, c.customers_secret - FROM " . TABLE_CUSTOMERS . " c - LEFT JOIN " . TABLE_ADDRESS_BOOK . " a ON c.customers_default_address_id = a.address_book_id - WHERE a.customers_id = c.customers_id - AND c.customers_id = " . (int)$customers_id); - - $reviews = $db->Execute("SELECT COUNT(*) AS number_of_reviews - FROM " . TABLE_REVIEWS . " - WHERE customers_id = " . (int)$customers_id); - - $cInfo_array = array_merge($customers->fields, $reviews->fields); - $cInfo = new objectInfo($cInfo_array); - } + $customer = new Customer($customers_id); + $cInfo = new objectInfo($customer->getData()); + break; + } } ?> -> -
- -+ + | ++ + | +
+ ' . TABLE_HEADING_LASTNAME . '' :
+ TABLE_HEADING_LASTNAME); ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+ ' . TABLE_HEADING_FIRSTNAME . '' :
+ TABLE_HEADING_FIRSTNAME; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+
+ ' . TABLE_HEADING_COMPANY . '' :
+ TABLE_HEADING_COMPANY; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+ + + | + 'The content for the column', + // 'class' => 'Any additional class for the display', + // 'parms' => 'Any additional parameters for the display', + // ], + // ... + // ]; + // + // The 'content' element is required; the 'class' and 'parms' are optional. + // + $additional_headings = []; + $additional_heading_count = 0; + $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_LISTING_HEADER', [], $additional_headings); + if (is_array($additional_headings) && count($additional_headings) !== 0) { + $additional_heading_count = count($additional_headings); + foreach ($additional_headings as $heading_data) { + $additional_class = (isset($heading_data['class'])) ? (' ' . $heading_data['class']) : ''; + $additional_parms = (isset($heading_data['parms'])) ? (' ' . $heading_data['parms']) : ''; + $heading_content = $heading_data['content']; +?> +> + + | + -
---|
- - | -
- ' . TABLE_HEADING_LASTNAME . '' : TABLE_HEADING_LASTNAME); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
- ' . TABLE_HEADING_FIRSTNAME . '' : TABLE_HEADING_FIRSTNAME); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
- ' . TABLE_HEADING_COMPANY . '' : TABLE_HEADING_COMPANY); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
- 'The content for the column',
- // 'class' => 'Any additional class for the display',
- // 'parms' => 'Any additional parameters for the display',
- // ),
- // ...
- // );
- //
- // The 'content' element is required; the 'class' and 'parms' are optional.
- //
- $additional_headings = array();
- $additional_heading_count = 0;
- $zco_notifier->notify('NOTIFY_ADMIN_CUSTOMERS_LISTING_HEADER', array(), $additional_headings);
- if (is_array($additional_headings) && count($additional_headings) != 0) {
- $additional_heading_count = count($additional_headings);
- foreach ($additional_headings as $heading_data) {
- $additional_class = (isset($heading_data['class'])) ? (' ' . $heading_data['class']) : '';
- $additional_parms = (isset($heading_data['parms'])) ? (' ' . $heading_data['parms']) : '';
- $heading_content = $heading_data['content'];
- ?>
- > | - -
- ' . TABLE_HEADING_ACCOUNT_CREATED . '' : TABLE_HEADING_ACCOUNT_CREATED); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
-
- ' . TABLE_HEADING_LOGIN . '' : TABLE_HEADING_LOGIN); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
-
- ' . TABLE_HEADING_PRICING_GROUP . '' : TABLE_HEADING_PRICING_GROUP); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
-
-
- ' . TABLE_HEADING_GV_AMOUNT . '' : TABLE_HEADING_GV_AMOUNT); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
-
-
- ' . TABLE_HEADING_AUTHORIZATION_APPROVAL . '' : TABLE_HEADING_AUTHORIZATION_APPROVAL); ?> - Asc' : 'Asc'); ?> - Desc' : 'Desc'); ?> - |
-
- - |
+ ' . TABLE_HEADING_ACCOUNT_CREATED . '' :
+ TABLE_HEADING_ACCOUNT_CREATED; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+
+ ' . TABLE_HEADING_LOGIN . '' :
+ TABLE_HEADING_LOGIN; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+
+ ' . TABLE_HEADING_PRICING_GROUP . '' :
+ TABLE_HEADING_PRICING_GROUP; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
- $reviews = $db->Execute("SELECT COUNT(*) AS number_of_reviews
- FROM " . TABLE_REVIEWS . "
- WHERE customers_id = " . (int)$customer['customers_id']);
+
+
+ ' . TABLE_HEADING_GV_AMOUNT . '' :
+ TABLE_HEADING_GV_AMOUNT; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+
+ ' . TABLE_HEADING_AUTHORIZATION_APPROVAL . '' :
+ TABLE_HEADING_AUTHORIZATION_APPROVAL; ?>
+ + + ' . TEXT_ASC . '' : + '' . TEXT_ASC . ''; ?> + + + ' . TEXT_DESC . '' : + '' . TEXT_DESC . ''; ?> + + |
+
+ + + | + + + +notify( + 'NOTIFY_ADMIN_CUSTOMERS_LISTING_NEW_FIELDS', + [], + $new_fields, + $disp_order + ); + + $customers_query_raw = + "SELECT c.customers_id " . $new_fields . ", cgc.amount + FROM " . TABLE_CUSTOMERS . " c + LEFT JOIN " . TABLE_CUSTOMERS_INFO . " ci ON c.customers_id= ci.customers_info_id + LEFT JOIN " . TABLE_ADDRESS_BOOK . " a ON c.customers_id = a.customers_id AND c.customers_default_address_id = a.address_book_id + LEFT JOIN " . TABLE_COUPON_GV_CUSTOMER . " cgc ON c.customers_id = cgc.customer_id + " . $search . " + ORDER BY " . $disp_order; + + // Split Page + // reset page when page is unknown + if ((empty($_GET['page']) || $_GET['page'] === '1') && !empty($_GET['cID'])) { + $check_page = $db->Execute($customers_query_raw); + $check_count = 0; + if ($check_page->RecordCount() > MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER) { + foreach ($check_page as $item) { + if ($item['customers_id'] === $_GET['cID']) { + break; + } + $check_count++; + } + $_GET['page'] = round( + (($check_count / MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER) + (fmod_round( + $check_count, + MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER + ) != 0 ? .5 : 0)), + 0 + ); + // zen_redirect(zen_href_link(FILENAME_CUSTOMERS, 'cID=' . $_GET['cID'] . (isset($_GET['page']) ? '&page=' . $_GET['page'] : ''), 'NONSSL')); + } else { + $_GET['page'] = '1'; + } + } - $customer_info = array_merge($country->fields, $info->fields, $reviews->fields); + $customers_split = new splitPageResults( + $_GET['page'], + MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER, + $customers_query_raw, + $customers_query_numrows + ); + $customers = $db->Execute($customers_query_raw); + foreach ($customers as $result) { + $cust = new Customer($result['customers_id']); + $customer = $cust->getData(); + if ((!isset($_GET['cID']) || (int)$_GET['cID'] === $customer['customers_id']) && !isset($cInfo)) { + $cInfo = new objectInfo($customer); + } - $cInfo_array = array_merge($customer, $customer_info); - $cInfo = new objectInfo($cInfo_array); - } + if (isset($cInfo) && is_object($cInfo) && ($customer['customers_id'] === (int)$cInfo->customers_id)) { +?> +
---|---|---|---|---|---|---|---|---|---|---|---|---|
+ | + | ++ | + + | + + | +RecordCount() < 1) { - $group_name_entry = TEXT_NONE; - } else { - $group_name_entry = $group_query->fields['group_name']; - } + // ----- + // If a plugin has additional columns to add to the display, it attaches to both this "listing element" and (see above) + // the "listing heading" notifications. + // + // For the element "insert", the observer sets the $additional_headings to include a simple array of arrays. Each + // entry contains the information for one element column in the format: + // + // $additional_columns = [ + // [ + // 'content' => 'The content for the column', + // 'class' => 'Any additional class for the display', + // 'parms' => 'Any additional parameters for the display', + // ], + // ... + // ]; + // + // The 'content' element is required; the 'class' and 'parms' are optional. + // + $additional_columns = []; + $zco_notifier->notify( + 'NOTIFY_ADMIN_CUSTOMERS_LISTING_ELEMENT', + $customer, + $additional_columns + ); + if (is_array($additional_columns) && count($additional_columns) !== 0) { + if (count($additional_columns) !== $additional_heading_count) { + trigger_error( + "Mismatched additional column heading ($additional_heading_count) and column element (" . count( + $additional_columns + ) . ") counts detected for the Customers listing.", + E_USER_WARNING + ); + } + foreach ($additional_columns as $column_data) { + $additional_class = (isset($column_data['class'])) ? (' ' . $column_data['class']) : ''; + $additional_parms = (isset($column_data['parms'])) ? (' ' . $column_data['parms']) : ''; + $element_content = $column_data['content']; +?> + | > + + | + ++ + | ++ + | ++ + | + ++ format($customer['gv_balance']); ?> + | + ++ + + + '; ?> + | ++customers_id)) { +?> + + + + + + + | +
display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?> | -display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], zen_get_all_get_params(array('page', 'info', 'x', 'y', 'cID'))); ?> | -
' . zen_image_button('button_reset.gif', IMAGE_RESET) . ''; ?> | -
+ display_count( + $customers_query_numrows, + MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER, + $_GET['page'], + TEXT_DISPLAY_NUMBER_OF_CUSTOMERS + ); ?> + | ++ display_links( + $customers_query_numrows, + MAX_DISPLAY_SEARCH_RESULTS_CUSTOMER, + MAX_DISPLAY_PAGE_LINKS, + $_GET['page'], + zen_get_all_get_params(['page', 'info', 'x', 'y', 'cID']) + ); ?> + | +
+ + + + | +