testmodus / admin / customers.php @ 3
Historie | Anzeigen | Annotieren | Download (36,7 KB)
1 | 1 | root | <?php
|
---|---|---|---|
2 | /* --------------------------------------------------------------
|
||
3 | $Id: customers.php 13419 2021-02-09 15:13:48Z GTB $
|
||
4 | |||
5 | modified eCommerce Shopsoftware
|
||
6 | http://www.modified-shop.org
|
||
7 | |||
8 | Copyright (c) 2009 - 2013 [www.modified-shop.org]
|
||
9 | --------------------------------------------------------------
|
||
10 | based on:
|
||
11 | (c) 2000-2001 The Exchange Project (earlier name of osCommerce)
|
||
12 | (c) 2002-2003 osCommerce(customers.php,v 1.76 2003/05/04); www.oscommerce.com
|
||
13 | (c) 2003 nextcommerce (customers.php,v 1.22 2003/08/24); www.nextcommerce.org
|
||
14 | (c) 2006 XT-Commerce (customers.php 1296 2005-10-08)
|
||
15 | |||
16 | Released under the GNU General Public License
|
||
17 | --------------------------------------------------------------
|
||
18 | Third Party contribution:
|
||
19 | Customers Status v3.x (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
|
||
20 | |||
21 | Released under the GNU General Public License
|
||
22 | --------------------------------------------------------------*/
|
||
23 | |||
24 | require ('includes/application_top.php'); |
||
25 | |||
26 | require_once (DIR_FS_INC.'xtc_validate_vatid_status.inc.php'); |
||
27 | require_once (DIR_FS_INC.'xtc_get_geo_zone_code.inc.php'); |
||
28 | require_once (DIR_FS_INC.'xtc_encrypt_password.inc.php'); |
||
29 | require_once (DIR_FS_INC.'xtc_js_lang.php'); |
||
30 | require_once (DIR_FS_INC.'ip_clearing.inc.php'); |
||
31 | require_once (DIR_FS_INC.'get_customers_gender.inc.php'); |
||
32 | |||
33 | require(DIR_WS_INCLUDES . 'get_states.php'); |
||
34 | |||
35 | // split page results
|
||
36 | if(!defined('MAX_DISPLAY_LIST_CUSTOMERS')) { |
||
37 | define('MAX_DISPLAY_LIST_CUSTOMERS', 100); |
||
38 | } |
||
39 | |||
40 | // customers totals
|
||
41 | require(DIR_WS_CLASSES . 'currencies.php'); |
||
42 | $currencies = new currencies(); |
||
43 | |||
44 | $customers_statuses_array = xtc_get_customers_statuses();
|
||
45 | // changes all $customers_statuses_array[xx] to $customers_statuses_id_array[xx] in html section
|
||
46 | $customers_statuses_id_array = array(); |
||
47 | for ($i=0;$n=sizeof($customers_statuses_array),$i<$n;$i++) { |
||
48 | $customers_statuses_id_array[$customers_statuses_array[$i]['id']] = $customers_statuses_array[$i]; |
||
49 | } |
||
50 | |||
51 | $processed = false; |
||
52 | $error = false; |
||
53 | $entry_vat_error_text = ''; |
||
54 | $action = (isset($_GET['action']) ? $_GET['action'] : ''); |
||
55 | $customers_id = (isset($_GET['cID']) ? (int)$_GET['cID'] : 0); |
||
56 | $page = (isset($_GET['page']) ? (int)$_GET['page'] : 1); |
||
57 | |||
58 | if (isset($_GET['special']) && $_GET['special'] == 'remove_memo') { |
||
59 | $mID = xtc_db_prepare_input($_GET['mID']); |
||
60 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_MEMO." WHERE memo_id = '".(int)$mID."'"); |
||
61 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array('cID', 'action', 'special')).'cID='.$customers_id.'&action=edit')); |
||
62 | } |
||
63 | |||
64 | if (($action == 'edit' || $action == 'update') && !(($customers_id == 1 && $_SESSION['customer_id'] == 1) || $customers_id != 1)) { |
||
65 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, '')); |
||
66 | } |
||
67 | |||
68 | if ($action) { |
||
69 | switch ($action) { |
||
70 | case 'new_order_confirm': |
||
71 | // customers
|
||
72 | $customers1_query = xtc_db_query("SELECT * FROM ".TABLE_CUSTOMERS." WHERE customers_id = '".$customers_id."'"); |
||
73 | $customers1 = xtc_db_fetch_array($customers1_query); |
||
74 | |||
75 | // customers default address
|
||
76 | $customers_query = xtc_db_query("SELECT * FROM ".TABLE_ADDRESS_BOOK." |
||
77 | WHERE customers_id = '".$customers_id."' |
||
78 | AND address_book_id = '".$customers1['customers_default_address_id']."'"); |
||
79 | $customers = xtc_db_fetch_array($customers_query); |
||
80 | |||
81 | // countries
|
||
82 | $country_query = xtc_db_query("SELECT countries_name, countries_iso_code_2, address_format_id |
||
83 | FROM ".TABLE_COUNTRIES." |
||
84 | WHERE countries_id = '".$customers['entry_country_id']."'"); |
||
85 | $country = xtc_db_fetch_array($country_query); |
||
86 | |||
87 | // customers status
|
||
88 | $stat_query = xtc_db_query("SELECT * FROM ".TABLE_CUSTOMERS_STATUS." WHERE customers_status_id = '".(int)$customers1['customers_status']."' AND language_id = '".(int)$_SESSION['languages_id']."'"); |
||
89 | $stat = xtc_db_fetch_array($stat_query); |
||
90 | |||
91 | if (file_exists(DIR_FS_LANGUAGES . $_SESSION['language'] . '/modules/shipping/' . $_POST['shipping'] . '.php')) { |
||
92 | require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/modules/shipping/' . $_POST['shipping'] . '.php'); |
||
93 | } |
||
94 | |||
95 | $sql_data_array = array ( |
||
96 | 'customers_id' => xtc_db_prepare_input($customers['customers_id']), |
||
97 | 'customers_cid' => xtc_db_prepare_input($customers1['customers_cid']), |
||
98 | 'customers_vat_id' => xtc_db_prepare_input($customers1['customers_vat_id']), |
||
99 | 'customers_status' => xtc_db_prepare_input($customers1['customers_status']), |
||
100 | 'customers_status_name' => xtc_db_prepare_input($stat['customers_status_name']), |
||
101 | 'customers_status_image' => xtc_db_prepare_input($stat['customers_status_image']), |
||
102 | 'customers_status_discount' => xtc_db_prepare_input($stat['customers_status_discount']), |
||
103 | 'customers_name' => xtc_db_prepare_input($customers['entry_firstname'].' '.$customers['entry_lastname']), |
||
104 | 'customers_lastname' => xtc_db_prepare_input($customers['entry_lastname']), |
||
105 | 'customers_firstname' => xtc_db_prepare_input($customers['entry_firstname']), |
||
106 | 'customers_gender' => xtc_db_prepare_input($customers['entry_gender']), |
||
107 | 'customers_company' => xtc_db_prepare_input($customers['entry_company']), |
||
108 | 'customers_street_address' => xtc_db_prepare_input($customers['entry_street_address']), |
||
109 | 'customers_suburb' => xtc_db_prepare_input($customers['entry_suburb']), |
||
110 | 'customers_city' => xtc_db_prepare_input($customers['entry_city']), |
||
111 | 'customers_postcode' => xtc_db_prepare_input($customers['entry_postcode']), |
||
112 | 'customers_state' => xtc_db_prepare_input(xtc_get_zone_code($customers['entry_country_id'], $customers['entry_zone_id'], $customers['entry_state'])), |
||
113 | 'customers_country' => xtc_db_prepare_input($country['countries_name']), |
||
114 | 'customers_telephone' => xtc_db_prepare_input($customers1['customers_telephone']), |
||
115 | 'customers_email_address' => xtc_db_prepare_input($customers1['customers_email_address']), |
||
116 | 'customers_country_iso_code_2' => xtc_db_prepare_input($country['countries_iso_code_2']), |
||
117 | 'customers_address_format_id' => xtc_db_prepare_input($country['address_format_id']), |
||
118 | 'delivery_name' => xtc_db_prepare_input($customers['entry_firstname'].' '.$customers['entry_lastname']), |
||
119 | 'delivery_lastname' => xtc_db_prepare_input($customers['entry_lastname']), |
||
120 | 'delivery_firstname' => xtc_db_prepare_input($customers['entry_firstname']), |
||
121 | 'delivery_gender' => xtc_db_prepare_input($customers['entry_gender']), |
||
122 | 'delivery_company' => xtc_db_prepare_input($customers['entry_company']), |
||
123 | 'delivery_street_address' => xtc_db_prepare_input($customers['entry_street_address']), |
||
124 | 'delivery_suburb' => xtc_db_prepare_input($customers['entry_suburb']), |
||
125 | 'delivery_city' => xtc_db_prepare_input($customers['entry_city']), |
||
126 | 'delivery_postcode' => xtc_db_prepare_input($customers['entry_postcode']), |
||
127 | 'delivery_state' => xtc_db_prepare_input(xtc_get_zone_code($customers['entry_country_id'], $customers['entry_zone_id'], $customers['entry_state'])), |
||
128 | 'delivery_country' => xtc_db_prepare_input($country['countries_name']), |
||
129 | 'delivery_country_iso_code_2' => xtc_db_prepare_input($country['countries_iso_code_2']), |
||
130 | 'delivery_address_format_id' => xtc_db_prepare_input($country['address_format_id']), |
||
131 | 'billing_name' => xtc_db_prepare_input($customers['entry_firstname'].' '.$customers['entry_lastname']), |
||
132 | 'billing_lastname' => xtc_db_prepare_input($customers['entry_lastname']), |
||
133 | 'billing_firstname' => xtc_db_prepare_input($customers['entry_firstname']), |
||
134 | 'billing_gender' => xtc_db_prepare_input($customers['entry_gender']), |
||
135 | 'billing_company' => xtc_db_prepare_input($customers['entry_company']), |
||
136 | 'billing_street_address' => xtc_db_prepare_input($customers['entry_street_address']), |
||
137 | 'billing_suburb' => xtc_db_prepare_input($customers['entry_suburb']), |
||
138 | 'billing_city' => xtc_db_prepare_input($customers['entry_city']), |
||
139 | 'billing_postcode' => xtc_db_prepare_input($customers['entry_postcode']), |
||
140 | 'billing_state' => xtc_db_prepare_input(xtc_get_zone_code($customers['entry_country_id'], $customers['entry_zone_id'], $customers['entry_state'])), |
||
141 | 'billing_country' => xtc_db_prepare_input($country['countries_name']), |
||
142 | 'billing_country_iso_code_2' => xtc_db_prepare_input($country['countries_iso_code_2']), |
||
143 | 'billing_address_format_id' => xtc_db_prepare_input($country['address_format_id']), |
||
144 | 'payment_method' => xtc_db_prepare_input($_POST['payment']), |
||
145 | 'comments' => '', |
||
146 | 'date_purchased' => 'now()', |
||
147 | 'orders_status' => DEFAULT_ORDERS_STATUS_ID, |
||
148 | 'currency' => DEFAULT_CURRENCY, |
||
149 | 'currency_value' => '1.0000', |
||
150 | 'account_type' => $customers1['account_type'], |
||
151 | 'payment_class' => xtc_db_prepare_input($_POST['payment']), |
||
152 | 'shipping_method' => constant('MODULE_SHIPPING_'.strtoupper($_POST['shipping']).'_TEXT_TITLE'), |
||
153 | 'shipping_class' => xtc_db_prepare_input($_POST['shipping']).'_'.xtc_db_prepare_input($_POST['shipping']), |
||
154 | 'customers_ip' => ip_clearing($_SESSION['tracking']['ip']), |
||
155 | 'language' => $_SESSION['language'], |
||
156 | 'languages_id' => $_SESSION['languages_id'] |
||
157 | ); |
||
158 | |||
159 | xtc_db_perform(TABLE_ORDERS, $sql_data_array); |
||
160 | $orders_id = xtc_db_insert_id();
|
||
161 | |||
162 | $sql_data_array = array ( |
||
163 | 'orders_id' => (int)$orders_id, |
||
164 | 'orders_status_id' => DEFAULT_ORDERS_STATUS_ID, |
||
165 | 'date_added' => 'now()', |
||
166 | 'customer_notified' => '0', |
||
167 | 'comments' => '', |
||
168 | ); |
||
169 | xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); |
||
170 | |||
171 | require_once (DIR_FS_LANGUAGES.$_SESSION['language'].'/modules/order_total/ot_total.php'); |
||
172 | $sql_data_array = array( |
||
173 | 'orders_id' => (int)$orders_id, |
||
174 | 'title' => MODULE_ORDER_TOTAL_TOTAL_TITLE.':', |
||
175 | 'text' => '0', |
||
176 | 'value' => '0', |
||
177 | 'class' => 'ot_total', |
||
178 | 'sort_order' => MODULE_ORDER_TOTAL_TOTAL_SORT_ORDER |
||
179 | ); |
||
180 | xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); |
||
181 | |||
182 | require_once (DIR_FS_LANGUAGES.$_SESSION['language'].'/modules/order_total/ot_shipping.php'); |
||
183 | $sql_data_array = array( |
||
184 | 'orders_id' => (int)$orders_id, |
||
185 | 'title' => constant('MODULE_SHIPPING_'.strtoupper($_POST['shipping']).'_TEXT_TITLE').':', |
||
186 | 'text' => '0', |
||
187 | 'value' => '0', |
||
188 | 'class' => 'ot_shipping', |
||
189 | 'sort_order' => MODULE_ORDER_TOTAL_SHIPPING_SORT_ORDER |
||
190 | ); |
||
191 | xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); |
||
192 | |||
193 | require_once (DIR_FS_LANGUAGES.$_SESSION['language'].'/modules/order_total/ot_subtotal.php'); |
||
194 | $sql_data_array = array( |
||
195 | 'orders_id' => (int)$orders_id, |
||
196 | 'title' => MODULE_ORDER_TOTAL_SUBTOTAL_TITLE.':', |
||
197 | 'text' => '0', |
||
198 | 'value' => '0', |
||
199 | 'class' => 'ot_subtotal', |
||
200 | 'sort_order' => MODULE_ORDER_TOTAL_SUBTOTAL_SORT_ORDER |
||
201 | ); |
||
202 | xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); |
||
203 | |||
204 | xtc_redirect(xtc_href_link(FILENAME_ORDERS, 'oID='.(int)$orders_id.'&action=edit')); |
||
205 | break;
|
||
206 | |||
207 | case 'delete_confirm_adressbook' : |
||
208 | xtc_db_query("DELETE FROM ".TABLE_ADDRESS_BOOK." |
||
209 | WHERE address_book_id = '".(int) $_GET['address_book_id']."' |
||
210 | AND customers_id = '".$customers_id."'"); |
||
211 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array ('cID', 'action', 'delete_confirm_adressbook')).'cID='.(int)$customers_id)); |
||
212 | break;
|
||
213 | |||
214 | case 'update_default_adressbook' : |
||
215 | $address_book_query = xtc_db_query("SELECT entry_gender AS customers_gender, |
||
216 | entry_firstname AS customers_firstname,
|
||
217 | entry_lastname AS customers_lastname
|
||
218 | FROM ".TABLE_ADDRESS_BOOK." |
||
219 | WHERE address_book_id = '".(int) $_GET['default']."' |
||
220 | AND customers_id = '".$customers_id."'"); |
||
221 | $address_book_array = xtc_db_fetch_array($address_book_query); |
||
222 | |||
223 | if (ACCOUNT_GENDER != 'true') { |
||
224 | unset($address_book_array['customers_gender']); |
||
225 | } |
||
226 | |||
227 | $sql_data_array = array ( |
||
228 | 'customers_default_address_id' => (int) $_GET['default'], |
||
229 | 'customers_last_modified' => 'now()' |
||
230 | ); |
||
231 | $sql_data_array = array_merge($address_book_array,$sql_data_array); |
||
232 | xtc_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '". $customers_id ."'"); |
||
233 | |||
234 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array ('cID', 'action', 'update_default_adressbook', 'default')).'cID='.$customers_id.'&action=address_book')); |
||
235 | break;
|
||
236 | |||
237 | case 'statusconfirm' : |
||
238 | if (!isset($_POST['multi_customers_confirm']) && (int)$customers_id > 0) { |
||
239 | $_POST['multi_customers_confirm'] = array($customers_id); |
||
240 | } |
||
241 | |||
242 | if (isset($_POST['multi_customers_confirm']) && is_array($_POST['multi_customers_confirm'])) { |
||
243 | foreach ($_POST['multi_customers_confirm'] as $customers_id) { |
||
244 | $error = false; |
||
245 | $check_status_query = xtc_db_query("SELECT customers_firstname, |
||
246 | customers_lastname,
|
||
247 | customers_email_address,
|
||
248 | customers_status,
|
||
249 | member_flag
|
||
250 | FROM ".TABLE_CUSTOMERS." |
||
251 | WHERE customers_id = '".$customers_id."'"); |
||
252 | $check_status = xtc_db_fetch_array($check_status_query); |
||
253 | if ($check_status['customers_status'] != (int)$_POST['customers_status']) { |
||
254 | $sql_data_array = array('customers_status' => (int)$_POST['customers_status']); |
||
255 | |||
256 | $sql_add_data_array['account_type'] = '1'; |
||
257 | if ($_POST['customers_status'] != DEFAULT_CUSTOMERS_STATUS_ID_GUEST) { |
||
258 | $sql_add_data_array['account_type'] = '0'; |
||
259 | } |
||
260 | |||
261 | // check existing account
|
||
262 | if ($sql_add_data_array['account_type'] == '0') { |
||
263 | $check_existing_customer_query = xtc_db_query("SELECT customers_id |
||
264 | FROM ".TABLE_CUSTOMERS." |
||
265 | WHERE customers_email_address = '".xtc_db_input($check_status['customers_email_address'])."' |
||
266 | AND account_type = '0'
|
||
267 | AND customers_id != '".$customers_id."'"); |
||
268 | if (xtc_db_num_rows($check_existing_customer_query) > 0) { |
||
269 | $error = true; |
||
270 | $messageStack->add_session(WARNING_CUSTOMER_ALREADY_EXISTS, 'warning'); |
||
271 | } |
||
272 | } |
||
273 | |||
274 | if ($error === false) { |
||
275 | xtc_db_perform(TABLE_CUSTOMERS, array_merge($sql_data_array, $sql_add_data_array), 'update', "customers_id = '".$customers_id."'"); |
||
276 | |||
277 | // update customers status in newsletters_recipients
|
||
278 | xtc_db_perform(TABLE_NEWSLETTER_RECIPIENTS, $sql_data_array, 'update', "customers_id = '".$customers_id."'"); |
||
279 | |||
280 | // create insert for admin access table if customers status is set to 0
|
||
281 | if ($_POST['customers_status'] == 0) { |
||
282 | xtc_db_query("INSERT INTO ".TABLE_ADMIN_ACCESS." (customers_id) VALUES ('".$customers_id."')"); |
||
283 | } else {
|
||
284 | xtc_db_query("DELETE FROM ".TABLE_ADMIN_ACCESS." WHERE customers_id = '".$customers_id."'"); |
||
285 | } |
||
286 | $sql_data_array = array('customers_id' => $customers_id, |
||
287 | 'new_value' => (int)$_POST['customers_status'], |
||
288 | 'old_value' => $check_status['customers_status'], |
||
289 | 'date_added' => 'now()', |
||
290 | 'customer_notified' => '0'); |
||
291 | xtc_db_perform(TABLE_CUSTOMERS_STATUS_HISTORY, $sql_data_array); |
||
292 | } |
||
293 | } |
||
294 | } |
||
295 | } |
||
296 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array('cID', 'action')).'cID='.$customers_id)); |
||
297 | break;
|
||
298 | |||
299 | case 'update' : |
||
300 | $customers_cid = xtc_db_prepare_input($_POST['customers_cid']); |
||
301 | $customers_vat_id = xtc_db_prepare_input($_POST['customers_vat_id']); |
||
302 | $customers_vat_id_status = (isset($_POST['customers_vat_id_status']) ? xtc_db_prepare_input($_POST['customers_vat_id_status']) : ''); |
||
303 | $customers_firstname = xtc_db_prepare_input($_POST['customers_firstname']); |
||
304 | $customers_lastname = xtc_db_prepare_input($_POST['customers_lastname']); |
||
305 | $customers_email_address = xtc_db_prepare_input($_POST['customers_email_address']); |
||
306 | $customers_telephone = xtc_db_prepare_input($_POST['customers_telephone']); |
||
307 | $customers_fax = xtc_db_prepare_input($_POST['customers_fax']); |
||
308 | if (ACCOUNT_GENDER == 'true') $customers_gender = xtc_db_prepare_input($_POST['customers_gender']); |
||
309 | if (ACCOUNT_DOB == 'true') $customers_dob = xtc_db_prepare_input($_POST['customers_dob']); |
||
310 | $customers_default_address_id = xtc_db_prepare_input($_POST['customers_default_address_id']); |
||
311 | $address_book_id = xtc_db_prepare_input($_POST['address_book_id']); |
||
312 | $entry_street_address = xtc_db_prepare_input($_POST['entry_street_address']); |
||
313 | if (ACCOUNT_SUBURB == 'true') $entry_suburb = xtc_db_prepare_input($_POST['entry_suburb']); |
||
314 | $entry_postcode = xtc_db_prepare_input($_POST['entry_postcode']); |
||
315 | $entry_city = xtc_db_prepare_input($_POST['entry_city']); |
||
316 | $entry_country_id = xtc_db_prepare_input($_POST['entry_country_id']); |
||
317 | if (ACCOUNT_COMPANY == 'true') $entry_company = xtc_db_prepare_input($_POST['entry_company']); |
||
318 | if (ACCOUNT_STATE == 'true') $entry_state = xtc_db_prepare_input($_POST['entry_state']); |
||
319 | if (ACCOUNT_STATE == 'true') $entry_zone_id = xtc_db_prepare_input($_POST['entry_zone_id']); |
||
320 | $memo_title = xtc_db_prepare_input($_POST['memo_title']); |
||
321 | $memo_text = xtc_db_prepare_input($_POST['memo_text']); |
||
322 | $payment_unallowed = implode(',', (isset($_POST['payment_unallowed']) && is_array($_POST['payment_unallowed']) ? $_POST['payment_unallowed'] : array())); |
||
323 | $shipping_unallowed = implode(',', (isset($_POST['shipping_unallowed']) && is_array($_POST['shipping_unallowed']) ? $_POST['shipping_unallowed'] : array())); |
||
324 | $password = xtc_db_prepare_input($_POST['customers_password']); |
||
325 | /*
|
||
326 | $amount = xtc_db_prepare_input($_POST['amount']);
|
||
327 | if ($amount != '') {
|
||
328 | $sql_data_array = array('customer_id' => $customers_id,
|
||
329 | 'amount' => $amount
|
||
330 | );
|
||
331 | $check_gv_query = xtc_db_query("SELECT * FROM " . TABLE_COUPON_GV_CUSTOMER . " WHERE customer_id = '".$customers_id."'");
|
||
332 | if (xtc_db_num_rows($check_gv_query) > 0) {
|
||
333 | xtc_db_perform(TABLE_COUPON_GV_CUSTOMER, $sql_data_array, 'update', "customer_id = '".$customers_id."'");
|
||
334 | } else {
|
||
335 | xtc_db_perform(TABLE_COUPON_GV_CUSTOMER, $sql_data_array);
|
||
336 | }
|
||
337 | }*/
|
||
338 | |||
339 | // reset error flag
|
||
340 | $error = false; |
||
341 | |||
342 | $entry_memo_title_error = false; |
||
343 | $entry_memo_text_error = false; |
||
344 | if ($memo_text != '' || $memo_title != '') { |
||
345 | if ($memo_text != '' && $memo_title == '') { |
||
346 | $error = true; |
||
347 | $entry_memo_title_error = true; |
||
348 | } |
||
349 | if ($memo_text == '' && $memo_title != '') { |
||
350 | $error = true; |
||
351 | $entry_memo_text_error = true; |
||
352 | } |
||
353 | if ($error === false) { |
||
354 | $sql_data_array = array ('customers_id' => $customers_id, |
||
355 | 'memo_date' => date("Y-m-d"), |
||
356 | 'memo_title' => $memo_title, |
||
357 | 'memo_text' => $memo_text, |
||
358 | 'poster_id' => (int)$_SESSION['customer_id'] |
||
359 | ); |
||
360 | xtc_db_perform(TABLE_CUSTOMERS_MEMO, $sql_data_array); |
||
361 | } |
||
362 | } |
||
363 | |||
364 | if (strlen($customers_firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) { |
||
365 | $error = true; |
||
366 | $entry_firstname_error = true; |
||
367 | } else {
|
||
368 | $entry_firstname_error = false; |
||
369 | } |
||
370 | |||
371 | if (strlen($customers_lastname) < ENTRY_LAST_NAME_MIN_LENGTH) { |
||
372 | $error = true; |
||
373 | $entry_lastname_error = true; |
||
374 | } else {
|
||
375 | $entry_lastname_error = false; |
||
376 | } |
||
377 | |||
378 | if (ACCOUNT_GENDER == 'true') { |
||
379 | if (($customers_gender == '')) { |
||
380 | $error = true; |
||
381 | $entry_gender_error = true; |
||
382 | } else {
|
||
383 | $entry_gender_error = false; |
||
384 | } |
||
385 | } |
||
386 | |||
387 | if (ACCOUNT_DOB == 'true') { |
||
388 | if (checkdate(substr(xtc_date_raw($customers_dob), 4, 2), substr(xtc_date_raw($customers_dob), 6, 2), substr(xtc_date_raw($customers_dob), 0, 4))) { |
||
389 | $entry_date_of_birth_error = false; |
||
390 | } else {
|
||
391 | $error = true; |
||
392 | $entry_date_of_birth_error = true; |
||
393 | } |
||
394 | } |
||
395 | |||
396 | // New VAT Check
|
||
397 | if (xtc_get_geo_zone_code($entry_country_id) != '6') { |
||
398 | require_once(DIR_FS_CATALOG.DIR_WS_CLASSES.'vat_validation.php'); |
||
399 | $vatID = new vat_validation($customers_vat_id, $customers_id, '', $entry_country_id); |
||
400 | $customers_vat_id_status = isset($vatID->vat_info['vat_id_status']) ? $vatID->vat_info['vat_id_status'] : ''; |
||
401 | // display correct error code of VAT ID check
|
||
402 | switch ($customers_vat_id_status) { |
||
403 | case '0' :// 'VAT invalid' |
||
404 | $entry_vat_error_text = TEXT_VAT_FALSE; |
||
405 | break;
|
||
406 | case '1' :// 'VAT valid' |
||
407 | $entry_vat_error_text = TEXT_VAT_TRUE; |
||
408 | break;
|
||
409 | case '2' :// 'SOAP ERROR: Connection to host not possible, europe.eu down?' |
||
410 | $entry_vat_error_text = TEXT_VAT_CONNECTION_NOT_POSSIBLE; |
||
411 | break;
|
||
412 | case '8' :// 'unknown country' |
||
413 | $entry_vat_error_text = TEXT_VAT_UNKNOWN_COUNTRY; |
||
414 | break;
|
||
415 | case '94' :// 'INVALID_INPUT' => 'The provided CountryCode is invalid or the VAT number is empty' |
||
416 | $entry_vat_error_text = TEXT_VAT_INVALID_INPUT; |
||
417 | break;
|
||
418 | case '95' :// 'SERVICE_UNAVAILABLE' => 'The SOAP service is unavailable, try again later' |
||
419 | $entry_vat_error_text = TEXT_VAT_SERVICE_UNAVAILABLE; |
||
420 | break;
|
||
421 | case '96' :// 'MS_UNAVAILABLE' => 'The Member State service is unavailable, try again later or with another Member State' |
||
422 | $entry_vat_error_text = TEXT_VAT_MS_UNAVAILABLE; |
||
423 | break;
|
||
424 | case '97' :// 'TIMEOUT' => 'The Member State service could not be reached in time, try again later or with another Member State', |
||
425 | $entry_vat_error_text = TEXT_VAT_TIMEOUT; |
||
426 | break;
|
||
427 | case '98' :// 'SERVER_BUSY' => 'The service cannot process your request. Try again later.' |
||
428 | $entry_vat_error_text = TEXT_VAT_SERVER_BUSY; |
||
429 | break;
|
||
430 | case '99' :// 'no PHP5 SOAP support' |
||
431 | $entry_vat_error_text = TEXT_VAT_NO_PHP5_SOAP_SUPPORT; |
||
432 | break;
|
||
433 | default:
|
||
434 | $entry_vat_error_text = ''; |
||
435 | break;
|
||
436 | } |
||
437 | if (isset($vatID->vat_info['error']) && $vatID->vat_info['error']==1){ |
||
438 | $entry_vat_error = true; |
||
439 | $error = true; |
||
440 | } |
||
441 | } |
||
442 | |||
443 | if (strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) { |
||
444 | $error = true; |
||
445 | $entry_email_address_error = true; |
||
446 | } else {
|
||
447 | $entry_email_address_error = false; |
||
448 | } |
||
449 | |||
450 | if (!xtc_validate_email($customers_email_address)) { |
||
451 | $error = true; |
||
452 | $entry_email_address_check_error = true; |
||
453 | } else {
|
||
454 | $entry_email_address_check_error = false; |
||
455 | } |
||
456 | |||
457 | if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) { |
||
458 | $error = true; |
||
459 | $entry_street_address_error = true; |
||
460 | } else {
|
||
461 | $entry_street_address_error = false; |
||
462 | } |
||
463 | |||
464 | if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) { |
||
465 | $error = true; |
||
466 | $entry_post_code_error = true; |
||
467 | } else {
|
||
468 | $entry_post_code_error = false; |
||
469 | } |
||
470 | |||
471 | if (strlen($entry_city) < ENTRY_CITY_MIN_LENGTH) { |
||
472 | $error = true; |
||
473 | $entry_city_error = true; |
||
474 | } else {
|
||
475 | $entry_city_error = false; |
||
476 | } |
||
477 | |||
478 | if ($entry_country_id == false) { |
||
479 | $error = true; |
||
480 | $entry_country_error = true; |
||
481 | } else {
|
||
482 | $entry_country_error = false; |
||
483 | } |
||
484 | |||
485 | if (ACCOUNT_STATE == 'true') { |
||
486 | if ($entry_country_error == true) { |
||
487 | $entry_state_error = true; |
||
488 | } else {
|
||
489 | $entry_zone_id = 0; |
||
490 | $entry_state_error = false; |
||
491 | $check_query = xtc_db_query("SELECT count(*) as total |
||
492 | FROM ".TABLE_ZONES." |
||
493 | WHERE zone_country_id = '".xtc_db_input($entry_country_id)."'"); |
||
494 | $check_value = xtc_db_fetch_array($check_query); |
||
495 | $entry_state_has_zones = ($check_value['total'] > 0); |
||
496 | if ($entry_state_has_zones == true) { |
||
497 | $zone_query = xtc_db_query("SELECT zone_id |
||
498 | FROM ".TABLE_ZONES." |
||
499 | WHERE zone_country_id = '".xtc_db_input($entry_country_id)."' |
||
500 | AND zone_name = '".xtc_db_input($entry_state)."'"); |
||
501 | if (xtc_db_num_rows($zone_query) == 1) { |
||
502 | $zone_values = xtc_db_fetch_array($zone_query); |
||
503 | $entry_zone_id = $zone_values['zone_id']; |
||
504 | } else {
|
||
505 | $zone_query = xtc_db_query("SELECT zone_id |
||
506 | FROM ".TABLE_ZONES." |
||
507 | WHERE zone_country_id = '".xtc_db_input($entry_country_id)."' |
||
508 | AND zone_code = '".xtc_db_input($entry_state)."'"); |
||
509 | if (xtc_db_num_rows($zone_query) >= 1) { |
||
510 | $zone_values = xtc_db_fetch_array($zone_query); |
||
511 | $entry_zone_id = $zone_values['zone_id']; |
||
512 | } else {
|
||
513 | $error = true; |
||
514 | $entry_state_error = true; |
||
515 | } |
||
516 | } |
||
517 | } else {
|
||
518 | if ($entry_state == false) { |
||
519 | $error = true; |
||
520 | $entry_state_error = true; |
||
521 | } |
||
522 | } |
||
523 | } |
||
524 | } |
||
525 | |||
526 | if (ACCOUNT_TELEPHONE_OPTIONAL == 'false' && strlen($customers_telephone) < ENTRY_TELEPHONE_MIN_LENGTH) { |
||
527 | $error = true; |
||
528 | $entry_telephone_error = true; |
||
529 | } else {
|
||
530 | $entry_telephone_error = false; |
||
531 | } |
||
532 | |||
533 | if (strlen($password) > 0 && strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) { |
||
534 | $error = true; |
||
535 | $entry_password_error = true; |
||
536 | } else {
|
||
537 | $entry_password_error = false; |
||
538 | } |
||
539 | |||
540 | $check_email = xtc_db_query("SELECT customers_email_address |
||
541 | FROM ".TABLE_CUSTOMERS." |
||
542 | WHERE customers_email_address = '".xtc_db_input($customers_email_address)."' |
||
543 | AND account_type = '0'
|
||
544 | AND customers_id != '".$customers_id."'"); |
||
545 | if (xtc_db_num_rows($check_email)) { |
||
546 | $error = true; |
||
547 | $entry_email_address_exists = true; |
||
548 | } else {
|
||
549 | $entry_email_address_exists = false; |
||
550 | } |
||
551 | |||
552 | if ($error == false) { |
||
553 | $sql_data_array = array ( |
||
554 | 'customers_firstname' => $customers_firstname, |
||
555 | 'customers_cid' => $customers_cid, |
||
556 | 'customers_vat_id' => $customers_vat_id, |
||
557 | 'customers_vat_id_status' => $customers_vat_id_status, |
||
558 | 'customers_lastname' => $customers_lastname, |
||
559 | 'customers_email_address' => $customers_email_address, |
||
560 | 'customers_telephone' => $customers_telephone, |
||
561 | 'customers_fax' => $customers_fax, |
||
562 | 'payment_unallowed' => $payment_unallowed, |
||
563 | 'shipping_unallowed' => $shipping_unallowed, |
||
564 | 'customers_last_modified' => 'now()' |
||
565 | ); |
||
566 | |||
567 | if ($password != '') { |
||
568 | $sql_data_array['customers_password'] = xtc_encrypt_password($password); |
||
569 | $sql_data_array['customers_password_time'] = time(); |
||
570 | if ($_SESSION['customer_id'] == $customers_id) { |
||
571 | $_SESSION['customer_time'] = $sql_data_array['customers_password_time']; |
||
572 | } |
||
573 | } |
||
574 | if (ACCOUNT_GENDER == 'true') { |
||
575 | $sql_data_array['customers_gender'] = $customers_gender; |
||
576 | } |
||
577 | if (ACCOUNT_DOB == 'true') { |
||
578 | $sql_data_array['customers_dob'] = xtc_date_raw($customers_dob); |
||
579 | } |
||
580 | |||
581 | 2 | root | # TESTMODUS
|
582 | if(isset($_POST['ip_testmodus'])) { |
||
583 | $sql_data_array['ip_testmodus'] = $_SERVER['REMOTE_ADDR']; |
||
584 | } |
||
585 | |||
586 | 1 | root | xtc_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '".$customers_id."' AND customers_default_address_id = '".$address_book_id."'"); |
587 | |||
588 | 2 | root | # TESTMODUS
|
589 | $ip_query = xtc_db_query("select ip_testmodus from ".TABLE_CUSTOMERS." where ip_testmodus != ''"); |
||
590 | if($fp = @fopen(DIR_FS_DOCUMENT_ROOT . "includes/testmodus.csv", "w")){ |
||
591 | while($ips = xtc_db_fetch_array($ip_query)){ |
||
592 | if(isset($_POST['ip_testmodus']) || $ips['ip_testmodus'] != $_SERVER['REMOTE_ADDR']) |
||
593 | fwrite($fp, $ips['ip_testmodus']."\n"); |
||
594 | } |
||
595 | fclose($fp); |
||
596 | } |
||
597 | |||
598 | 1 | root | xtc_db_query("UPDATE ".TABLE_CUSTOMERS_INFO." |
599 | SET customers_info_date_account_last_modified = now()
|
||
600 | WHERE customers_info_id = '".$customers_id."'"); |
||
601 | |||
602 | $sql_data_array = array ( |
||
603 | 'entry_firstname' => $customers_firstname, |
||
604 | 'entry_lastname' => $customers_lastname, |
||
605 | 'entry_street_address' => $entry_street_address, |
||
606 | 'entry_postcode' => $entry_postcode, |
||
607 | 'entry_city' => $entry_city, |
||
608 | 'entry_country_id' => $entry_country_id, |
||
609 | 'address_last_modified' => 'now()' |
||
610 | ); |
||
611 | |||
612 | if (ACCOUNT_GENDER == 'true') { |
||
613 | $sql_data_array['entry_gender'] = $customers_gender; |
||
614 | } |
||
615 | if (ACCOUNT_COMPANY == 'true') { |
||
616 | $sql_data_array['entry_company'] = $entry_company; |
||
617 | } |
||
618 | if (ACCOUNT_SUBURB == 'true') { |
||
619 | $sql_data_array['entry_suburb'] = $entry_suburb; |
||
620 | } |
||
621 | if (ACCOUNT_STATE == 'true') { |
||
622 | if ($entry_zone_id > 0) { |
||
623 | $entry_state = ''; |
||
624 | } |
||
625 | $sql_data_array['entry_zone_id'] = (int)$entry_zone_id; |
||
626 | $sql_data_array['entry_state'] = $entry_state; |
||
627 | } |
||
628 | if ($address_book_id == 0) { |
||
629 | $sql_data_array['address_date_added'] = 'now()'; |
||
630 | $sql_data_array['customers_id'] = $customers_id; |
||
631 | xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'insert'); |
||
632 | } else {
|
||
633 | xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '".$customers_id."' AND address_book_id = '".xtc_db_input($address_book_id)."'"); |
||
634 | } |
||
635 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array ('cID', 'action')).'cID='.$customers_id)); |
||
636 | |||
637 | } elseif ($error == true) { |
||
638 | |||
639 | // unset memo to avoid duplicate entry
|
||
640 | if ($entry_memo_title_error === false && $entry_memo_text_error === false) { |
||
641 | unset($_POST['memo_title']); |
||
642 | unset($_POST['memo_text']); |
||
643 | } |
||
644 | |||
645 | // unallowd payment/shipping must be comma separated
|
||
646 | $_POST['payment_unallowed'] = $payment_unallowed; |
||
647 | $_POST['shipping_unallowed'] = $shipping_unallowed; |
||
648 | |||
649 | $cInfo = new objectInfo($_POST); |
||
650 | $processed = true; |
||
651 | } |
||
652 | break;
|
||
653 | |||
654 | case 'deleteconfirm' : |
||
655 | if (!isset($_POST['multi_customers_confirm']) && (int)$customers_id > 0) { |
||
656 | $_POST['multi_customers_confirm'] = array($customers_id); |
||
657 | } |
||
658 | |||
659 | if (isset($_POST['multi_customers_confirm']) && is_array($_POST['multi_customers_confirm'])) { |
||
660 | foreach ($_POST['multi_customers_confirm'] as $customers_id) { |
||
661 | if (isset($_POST['delete_reviews']) && $_POST['delete_reviews'] == 'on') { |
||
662 | $reviews_query = xtc_db_query("SELECT reviews_id FROM ".TABLE_REVIEWS." WHERE customers_id = '".$customers_id."'"); |
||
663 | while ($reviews = xtc_db_fetch_array($reviews_query)) { |
||
664 | xtc_db_query("DELETE FROM ".TABLE_REVIEWS_DESCRIPTION." WHERE reviews_id = '".$reviews['reviews_id']."'"); |
||
665 | } |
||
666 | xtc_db_query("DELETE FROM ".TABLE_REVIEWS." WHERE customers_id = '".$customers_id."'"); |
||
667 | } else {
|
||
668 | xtc_db_query("UPDATE ".TABLE_REVIEWS." SET customers_id = null WHERE customers_id = '".$customers_id."'"); |
||
669 | } |
||
670 | xtc_db_query("DELETE FROM ".TABLE_ADDRESS_BOOK." WHERE customers_id = '".$customers_id."'"); |
||
671 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS." WHERE customers_id = '".$customers_id."'"); |
||
672 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_INFO." WHERE customers_info_id = '".$customers_id."'"); |
||
673 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_BASKET." WHERE customers_id = '".$customers_id."'"); |
||
674 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_BASKET_ATTRIBUTES." WHERE customers_id = '".$customers_id."'"); |
||
675 | xtc_db_query("DELETE FROM ".TABLE_PRODUCTS_NOTIFICATIONS." WHERE customers_id = '".$customers_id."'"); |
||
676 | xtc_db_query("DELETE FROM ".TABLE_WHOS_ONLINE." WHERE customer_id = '".$customers_id."'"); |
||
677 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_STATUS_HISTORY." WHERE customers_id = '".$customers_id."'"); |
||
678 | xtc_db_query("DELETE FROM ".TABLE_CUSTOMERS_IP." WHERE customers_id = '".$customers_id."'"); |
||
679 | xtc_db_query("DELETE FROM ".TABLE_ADMIN_ACCESS." WHERE customers_id = '".$customers_id."'"); |
||
680 | xtc_db_query("DELETE FROM ".TABLE_NEWSLETTER_RECIPIENTS." WHERE customers_id = '".$customers_id."'"); |
||
681 | xtc_db_query("DELETE FROM ".TABLE_COUPON_GV_CUSTOMER." WHERE customer_id = '".$customers_id."'"); |
||
682 | } |
||
683 | } |
||
684 | xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array ('cID', 'action')))); |
||
685 | break;
|
||
686 | } |
||
687 | } |
||
688 | |||
689 | require (DIR_WS_INCLUDES.'head.php'); |
||
690 | ?>
|
||
691 | <script type="text/javascript" src="includes/general.js"></script> |
||
692 | <script type="text/javascript" src="includes/javascript/categories.js"></script> |
||
693 | </head>
|
||
694 | <body>
|
||
695 | <!-- header //-->
|
||
696 | <?php require(DIR_WS_INCLUDES . 'header.php'); ?> |
||
697 | <!-- header_eof //-->
|
||
698 | <!-- body //-->
|
||
699 | <table class="tableBody"> |
||
700 | <tr>
|
||
701 | <?php //left_navigation |
||
702 | if (USE_ADMIN_TOP_MENU == 'false') { |
||
703 | echo '<td class="columnLeft2">'.PHP_EOL; |
||
704 | echo '<!-- left_navigation //-->'.PHP_EOL; |
||
705 | require_once(DIR_WS_INCLUDES . 'column_left.php'); |
||
706 | echo '<!-- left_navigation eof //-->'.PHP_EOL; |
||
707 | echo '</td>'.PHP_EOL; |
||
708 | } |
||
709 | ?>
|
||
710 | <!-- body_text //-->
|
||
711 | <td class="boxCenter"> |
||
712 | <?php
|
||
713 | if ($action == 'edit' || $action == 'update') { |
||
714 | include (DIR_WS_MODULES.'customers_edit.php'); |
||
715 | } else {
|
||
716 | include (DIR_WS_MODULES.'customers_listing.php'); |
||
717 | } |
||
718 | ?>
|
||
719 | </td>
|
||
720 | <!-- body_text_eof //-->
|
||
721 | </tr>
|
||
722 | </table>
|
||
723 | <!-- body_eof //-->
|
||
724 | <!-- footer //-->
|
||
725 | <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> |
||
726 | <!-- footer_eof //-->
|
||
727 | <br /> |
||
728 | </body>
|
||
729 | </html>
|
||
730 | <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> |