oxuser.php

Go to the documentation of this file.

<?php

class oxUser extends oxBase
{
    protected $_blDisableShopCheck = true;

    protected $_oNewsSubscription = null;

    protected $_sCoreTbl = 'oxuser';

    protected $_sClassName = 'oxuser';

    protected $_aBaskets = array();

    protected $_oGroups;

    protected $_oAddresses;

    protected $_oPayments;

    protected $_oRecommList;

    protected $_blMallUsers = false;

    protected static $_aUserCookie = array();

    protected $_iCntNoticeListArticles = null;

    protected $_iCntWishListArticles = null;

    protected $_iCntRecommLists = null;

     protected $_sUpdateKey = null;

     protected $_blLoadedFromCookie  = null;

    public function __construct()
    {
        $this->setMallUsersStatus( $this->getConfig()->getConfigParam( 'blMallUsers' ) );

        parent::__construct();
        $this->init( 'oxuser' );
    }

    public function setMallUsersStatus( $blOn = false )
    {
        $this->_blMallUsers = $blOn;
    }

    public function __get( $sParamName )
    {
        // it saves memory using - loads data only if it is used
        switch ( $sParamName ) {
            case 'oGroups':
                return $this->_oGroups = $this->getUserGroups();
            case 'iCntNoticeListArticles':
                return $this->_iCntNoticeListArticles = $this->getNoticeListArtCnt();
            case 'iCntWishListArticles':
                return $this->_iCntWishListArticles = $this->getWishListArtCnt();
            case 'iCntRecommLists':
                return $this->_iCntRecommLists = $this->getRecommListsCount();
            case 'oAddresses':
                return $this->_oAddresses = $this->getUserAddresses();
            case 'oPayments':
                return $this->_oPayments = $this->getUserPayments();
            case 'oxuser__oxcountry':
                return $this->oxuser__oxcountry = $this->getUserCountry();
            case 'sDBOptin':
                return $this->sDBOptin = $this->getNewsSubscription()->getOptInStatus();
            case 'sEmailFailed':
                return $this->sEmailFailed = $this->getNewsSubscription()->getOptInEmailStatus();
            }
    }

    public function getNewsSubscription()
    {
        if ( $this->_oNewsSubscription !== null ) {
            return $this->_oNewsSubscription;
        }

        $this->_oNewsSubscription = oxNew( 'oxnewssubscribed' );

        // if subscription object is not set yet - we should create one
        if ( !$this->_oNewsSubscription->loadFromUserId( $this->getId() ) ) {
            if ( !$this->_oNewsSubscription->loadFromEmail( $this->oxuser__oxusername->value ) ) {

                // no subscription defined yet - creating one
                $this->_oNewsSubscription->oxnewssubscribed__oxuserid = new oxField($this->getId(), oxField::T_RAW);
                $this->_oNewsSubscription->oxnewssubscribed__oxemail  = new oxField($this->oxuser__oxusername->value, oxField::T_RAW);
                $this->_oNewsSubscription->oxnewssubscribed__oxsal    = new oxField($this->oxuser__oxsal->value, oxField::T_RAW);
                $this->_oNewsSubscription->oxnewssubscribed__oxfname  = new oxField($this->oxuser__oxfname->value, oxField::T_RAW);
                $this->_oNewsSubscription->oxnewssubscribed__oxlname  = new oxField($this->oxuser__oxlname->value, oxField::T_RAW);
            }
        }

        return $this->_oNewsSubscription;
    }

    public function getUserCountry( $sCountryId = null, $iLang = null )
    {

        if ( !$sCountryId ) {
            $sCountryId = $this->oxuser__oxcountryid->value;
        }

        $sQ = 'select oxtitle'.oxLang::getInstance()->getLanguageTag( $iLang ).' from oxcountry where oxid = "'.$sCountryId.'" ';
        $this->oxuser__oxcountry = new oxField( oxDb::getDb()->GetOne( $sQ ), oxField::T_RAW);

        return $this->oxuser__oxcountry;
    }

    public function getUserGroups( $sOXID = null )
    {

        if ( isset( $this->_oGroups ) ) {
            return $this->_oGroups;
        }

        if ( !$sOXID ) {
            $sOXID = $this->getId();
        }

        $this->_oGroups = oxNew( 'oxlist', 'oxgroups' );
        //$this->oGroups->Init( 'oxbase' );
        //$this->oGroups->oLstoTpl->Init( array( 'oxgroups', 'oxobject2group' ) );
        $sSelect  = 'select oxgroups.* from oxgroups left join oxobject2group on oxobject2group.oxgroupsid = oxgroups.oxid ';
        $sSelect .= 'where oxobject2group.oxobjectid = "'.$sOXID.'" ';
        $this->_oGroups->selectString( $sSelect );
        return $this->_oGroups;
    }

    public function getUserAddresses( $sOXID = null )
    {

        if ( isset( $this->_oAddresses ) ) {
            return $this->_oAddresses;
        }

        if ( !$sOXID ) {
            $sOXID = $this->getId();
        }

        //P
        $this->_oAddresses = oxNew( 'oxlist' );
        $this->_oAddresses->init( "oxbase", "oxaddress" );
        $sSelect = 'select * from oxaddress where oxaddress.oxuserid = "'.$sOXID.'" ';
        $this->_oAddresses->selectString( $sSelect );
        return $this->_oAddresses;
    }

    public function getSelectedAddress( $sWishId = false )
    {
        $sAddressId = oxConfig::getParameter( "oxaddressid");
        if ( !$sAddressId ) {
            $sAddressId = oxSession::getVar( "deladrid" );
        }

        if ( $sAddressId ) {
            $sWishId = null;
        }

        $oAddresses = $this->getUserAddresses();
        if ( $sWishId && $oAddresses->count()) {
            foreach ( $oAddresses as $oAddress ) {
                $oAddress->selected = 0;
                if ( $oAddress->oxaddress__oxaddressuserid->value == $sWishId ) {
                    $oAddress->selected = 1;
                    return $oAddress->getId();
                }
            }
        }

        if ( !$sAddressId && $oAddresses->count() ) {
            $oAddresses->rewind();
            if ( ( $oCurAdress = $oAddresses->current() ) ) {
                $sAddressId = $oCurAdress->getId();
            }
        }

        // #597A
        if ( $sAddressId ) {
            foreach ( $oAddresses as $oAddress ) {
                $oAddress->selected = 0;
                if ( $oAddress->getId() == $sAddressId ) {
                    $oAddress->selected = 1;
                    break;
                }
            }
        }

        return $sAddressId;
    }

    public function getUserPayments( $sOXID = null )
    {
        if ( $this->_oPayments === null ) {

            if ( !$sOXID ) {
                $sOXID = $this->getId();
            }

            $sSelect = 'select * from oxuserpayments where oxuserid ="'. $sOXID .'"';

            $this->_oPayments = oxNew( 'oxlist' );
            $this->_oPayments->init( 'oxUserPayment' );
            $this->_oPayments->selectString( $sSelect );

            //while ( list( $key, $val ) = each( $oPayments ) ) {
            foreach ( $this->_oPayments as $oPayment ) {
                // add custom fields to this class
                $oPayment = oxUtils::getInstance()->assignValuesFromText( $val->oxuserpayments__oxvalue->value );
            }
        }

        return $this->_oPayments;
    }

    public function save()
    {

        $blAddRemark = false;
        if ( $this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1 ) {
            $blAddRemark = true;
            //save oxregister value
            $this->oxuser__oxregister = new oxField(date( 'Y-m-d H:i:s' ), oxField::T_RAW);
        }

        // setting user rights
        $this->oxuser__oxrights = new oxField($this->_getUserRights(), oxField::T_RAW);

        // processing birth date which came from output as array
        if ( is_array( $this->oxuser__oxbirthdate->value ) ) {
            $this->oxuser__oxbirthdate = new oxField($this->convertBirthday( $this->oxuser__oxbirthdate->value ), oxField::T_RAW);
        }

        // dodger  Task #1535 - editing user information in shop
        // isDerived seems to be wrong here
        $blStore = $this->_blIsDerived;
        $this->_blIsDerived = false;
        $blRet = parent::save();
        $this->_blIsDerived = $blStore;

        //add registered remark
        if ( $blAddRemark && $blRet ) {
            $oRemark = oxNew( 'oxremark' );
            $oRemark->oxremark__oxtext     = new oxField(oxLang::getInstance()->translateString( 'usrRegistered' ), oxField::T_RAW);
            $oRemark->oxremark__oxparentid = new oxField($this->getId(), oxField::T_RAW);
            $oRemark->save();
        }

        return $blRet;
    }

    public function inGroup( $sGroupID )
    {
         $blIn = false;
         if( ( $oGroups = $this->getUserGroups() ) ) {
            $blIn = isset( $oGroups[ $sGroupID ] );
         }

         return $blIn;
    }

    public function delete( $sOXID = null )
    {

        if ( !$sOXID ) {
            $sOXID = $this->getId();
        }
        if ( !$sOXID ) {
            return false;
        }

        $blDeleted = parent::delete( $sOXID );

        if ( $blDeleted ) {
            $oDB = oxDb::getDb();

            // deleting stored payment, address, group dependencies, remarks info
            $rs = $oDB->execute( 'delete from oxuserpayments where oxuserpayments.oxuserid = "'.$sOXID.'" ' );
            $rs = $oDB->execute( 'delete from oxaddress where oxaddress.oxuserid = "'.$sOXID.'" ' );
            $rs = $oDB->execute( 'delete from oxobject2group where oxobject2group.oxobjectid = "'.$sOXID.'" ');
            $rs = $oDB->execute( 'delete from oxremark where oxparentid = "'.$sOXID.'" ' );

            // deleting notice/wish lists
            $rs = $oDB->execute( 'delete oxuserbasketitems.* from oxuserbasketitems, oxuserbaskets where oxuserbasketitems.oxbasketid = oxuserbaskets.oxid and oxuserid = "'.$sOXID.'" ' );
            $rs = $oDB->execute( 'delete from oxuserbaskets where oxuserid = "'.$sOXID.'" ' );

            // deleting Newsletter subscription
            $rs = $oDB->execute( 'delete from oxnewssubscribed where oxuserid = "'.$sOXID.'" ');

            $blDeleted = $rs->EOF;
        }

        return $blDeleted;
    }

    public function load( $oxID )
    {

        $blRet = parent::Load( $oxID );

        // convert date's to international format
        if ( isset( $this->oxuser__oxcreate->value ) ) {
            $this->oxuser__oxcreate->setValue(oxUtilsDate::getInstance()->formatDBDate( $this->oxuser__oxcreate->value ));
        }

        return $blRet;
    }

    public function exists( $sOXID = null )
    {
        if ( !$sOXID ) {
            $sOXID = $this->getId();
        }

        $sSelect = 'SELECT oxid FROM '.$this->getViewName().'
                    WHERE ( oxusername = "'.$this->oxuser__oxusername->value.'"';

        if ( $sOXID ) {
            $sSelect.= " or oxid = '$sOXID' ) ";
        } else {
            $sSelect.= ' ) ';
        }

        if ( !$this->_blMallUsers && $this->oxuser__oxrights->value != 'malladmin') {
            $sSelect .= ' AND oxshopid = "'.$this->getConfig()->getShopId().'" ';
        }

        $blExists = false;
        if ( ( $sOxid = oxDb::getDb()->getOne( $sSelect ) ) ) {
             // update - set oxid
            $this->setId( $sOxid );
            $blExists = true;
        }
        return $blExists;
    }

    public function getOrders()
    {
        $myConfig = $this->getConfig();
        $oOrders = oxNew( 'oxlist' );
        $oOrders->init( 'oxorder' );

        //P
        // Lists does not support loading from two tables, so orders
        // articles now are loaded in account_order.php view and no need to use blLoadProdInfo
        // forcing to load product info which is used in templates
        // $oOrders->aSetBeforeAssign['blLoadProdInfo'] = true;

        //loading order for registered user
        if ( $this->oxuser__oxregister->value > 1 ) {
            $sQ = 'select * from oxorder where oxuserid = "'.$this->getId().'" and oxorderdate >= "'.$this->oxuser__oxregister->value.'" ';

            //#1546 - shopid check added, if it is not multishop

            $sQ .= ' order by oxorderdate desc ';
            $oOrders->selectString( $sQ );
        }

        return $oOrders;
    }

    public function getOrderCount()
    {
        $iCnt = 0;
        if ( $this->getId() && $this->oxuser__oxregister->value > 1 ) {
            $sQ  = 'select count(*) from oxorder where oxuserid = "'.$this->getId().'" AND oxorderdate >= "'.$this->oxuser__oxregister->value.'" and oxshopid = "'.$this->getConfig()->getShopId().'" ';
            $iCnt = (int) oxDb::getDb()->getOne( $sQ );
        }

        return $iCnt;
    }

    public function getNoticeListArtCnt()
    {
        if ( $this->_iCntNoticeListArticles === null ) {
            $this->_iCntNoticeListArticles = 0;
            if ( $this->getId() ) {
                $this->_iCntNoticeListArticles = $this->getBasket( 'noticelist' )->getItemCount();
            }
        }
        return $this->_iCntNoticeListArticles;
    }

    public function getWishListArtCnt()
    {
        if ( $this->_iCntWishListArticles === null ) {
            $this->_iCntWishListArticles = false;
            if ( $this->getId() ) {
                $this->_iCntWishListArticles = $this->getBasket( 'wishlist' )->getItemCount();
            }
        }
        return $this->_iCntWishListArticles;
    }

    public function getActiveCountry()
    {
        $sDeliveryCountry = '';
        if (!($soxAddressId = oxConfig::getParameter( 'deladrid' ))) {
            $soxAddressId = oxSession::getVar( 'deladrid' );
        }
        if ( $soxAddressId ) {
            $oDelAddress = oxNew( 'oxbase' );
            $oDelAddress->init( 'oxaddress' );
            $oDelAddress->load( $soxAddressId );
            $sDeliveryCountry = $oDelAddress->oxaddress__oxcountryid->value;
        } elseif ( $this->getId() ) {
            $sDeliveryCountry = $this->oxuser__oxcountryid->value;
        } else {
            $oUser = oxNew( 'oxuser' );
            if ( $oUser->loadActiveUser() ) {
                $sDeliveryCountry = $oUser->oxuser__oxcountryid->value;
            }
        }

        return $sDeliveryCountry;
    }

    public function createUser()
    {
        $oDB = oxDb::getDb();
        $sShopID = $this->getConfig()->getShopId();

        // check if user exists AND there is no password - in this case we update otherwise we try to insert
        $sSelect = "select oxid from oxuser where oxusername = '{$this->oxuser__oxusername->value}' and oxpassword = '' ";
        if ( !$this->_blMallUsers ) {
            $sSelect .= " and oxshopid = '{$sShopID}' ";
        }
        $sOXID = $oDB->getOne( $sSelect );

        // user without password found - lets use
        if ( isset( $sOXID ) && $sOXID ) {
            // try to update
            $this->setId( $sOXID );
        } elseif ( $this->_blMallUsers ) { // must be sure if there is no dublicate user
            $sQ = "select oxid from oxuser where oxusername = '{$this->oxuser__oxusername->value}' and oxusername != '' ";
            if ( $oDB->getOne( $sQ ) ) {
                $oEx = oxNew( 'oxUserException' );
                $oEx->setMessage('EXCEPTION_USER_USEREXISTS');
                throw $oEx;
            }
        }

        $this->oxuser__oxshopid = new oxField( $sShopID, oxField::T_RAW );
        if ( ( $blOK = $this->save() ) ) {
            // dropping/cleaning old delivery address/payment info
            $oDB->execute( "delete from oxaddress where oxaddress.oxuserid = '{$this->oxuser__oxid->value}' " );
            $oDB->execute( "update oxuserpayments set oxuserpayments.oxuserid = '{$this->oxuser__oxusername->value}' where oxuserpayments.oxuserid = '{$this->oxuser__oxid->value}' " );
        } else {
            $oEx = oxNew( 'oxUserException' );
            $oEx->setMessage( 'EXCEPTION_USER_USERCREATIONFAILED' );
            throw $oEx;
        }

        return $blOK;
    }

    public function addToGroup( $sGroupID )
    {
        if ( !$this->inGroup( $sGroupID ) ) {
            $oNewGroup = oxNew( 'oxobject2group' );
            $oNewGroup->oxobject2group__oxobjectid = new oxField($this->getId(), oxField::T_RAW);
            $oNewGroup->oxobject2group__oxgroupsid = new oxField($sGroupID, oxField::T_RAW);
            if ( $oNewGroup->save() ) {
                $this->_oGroups[$sGroupID] = $oNewGroup;
                return true;
            }
        }
        return false;
    }

    public function removeFromGroup( $sGroupID = null )
    {
        if ( $sGroupID != null && $this->inGroup( $sGroupID ) ) {
            $oGroups = oxNew( 'oxlist' );
            $oGroups->init( 'oxobject2group' );
            $sSelect = 'select * from oxobject2group where oxobject2group.oxobjectid = "'.$this->getId().'" and oxobject2group.oxgroupsid = "'.$sGroupID.'" ';
            $oGroups->selectString( $sSelect );
            foreach ( $oGroups as $oRemgroup ) {
                if ( $oRemgroup->delete() ) {
                    unset( $this->_oGroups[$oRemgroup->oxobject2group__oxgroupsid->value] );
                }
            }
        }
    }

    public function onOrderExecute( $oBasket, $iSuccess )
    {

        if ( is_numeric( $iSuccess ) && $iSuccess != 2 && $iSuccess <= 3 ) {
            //adding user to particular customer groups
            if ( !$this->oxuser__oxdisableautogrp->value ) {

                $myConfig = $this->getConfig();
                $dMidlleCustPrice = (float) $myConfig->getConfigParam( 'sMidlleCustPrice' );
                $dLargeCustPrice  = (float) $myConfig->getConfigParam( 'sLargeCustPrice' );

                $this->addToGroup( 'oxidcustomer' );
                $dBasketPrice = $oBasket->getPrice()->getBruttoPrice();
                if ( $dBasketPrice < $dMidlleCustPrice ) {
                    $this->addToGroup( 'oxidsmallcust' );
                }
                if ( $dBasketPrice >= $dMidlleCustPrice && $dBasketPrice < $dLargeCustPrice ) {
                    $this->addToGroup( 'oxidmiddlecust' );
                }
                if ( $dBasketPrice >= $dLargeCustPrice ) {
                    $this->addToGroup( 'oxidgoodcust' );
                }
            }

                if ( $this->inGroup( 'oxidnotyetordered' ) ) {
                    $this->removeFromGroup( 'oxidnotyetordered' );
                }
        }
    }

    public function getBasket( $sName )
    {
        if ( !isset( $this->_aBaskets[$sName] ) ) {
            $oBasket = oxNew( 'oxuserbasket' );
            $aWhere = array( 'oxuserbaskets.oxuserid' => $this->getId(), 'oxuserbaskets.oxtitle' => $sName );

            // creating if it does not exist
            if ( !$oBasket->assignRecord( $oBasket->buildSelectString( $aWhere ) ) ) {
                $oBasket->oxuserbaskets__oxtitle  = new oxField($sName);
                $oBasket->oxuserbaskets__oxuserid = new oxField($this->getId());

                // marking basket as new (it will not be saved in DB yet)
                $oBasket->setIsNewBasket();
            }

            $this->_aBaskets[$sName] = $oBasket;
        }

        return $this->_aBaskets[$sName];
    }

    public function convertBirthday( $aData )
    {

        // preparing data to process
        $iYear  = isset($aData['year'])?((int) $aData['year']):false;
        $iMonth = isset($aData['month'])?((int) $aData['month']):false;
        $iDay   = isset($aData['day'])?((int) $aData['day']):false;

        // leaving empty if not set
        if ( !$iYear && !$iMonth && !$iDay )
            return "";

        // year
        if ( !$iYear || $iYear < 1000 || $iYear > 9999)
            $iYear = date('Y');

        // month
        if ( !$iMonth || $iMonth < 1 || $iMonth > 12)
            $iMonth = 1;

        // maximum nuber of days in month
        $iMaxDays = 31;
        switch( $iMonth) {
            case 2 :
                if ($iMaxDays > 28)
                    $iMaxDays = ($iYear % 4 == 0 && ($iYear % 100 != 0 || $iYear % 400 == 0)) ? 29 : 28;
                break;
            case 4  :
            case 6  :
            case 9  :
            case 11 :
                $iMaxDays = min(30, $iMaxDays);
                break;
        }

        // day
        if ( !$iDay || $iDay < 1 || $iDay > $iMaxDays) {
            $iDay = 1;
        }

        // whole date
        return sprintf("%04d-%02d-%02d", $iYear, $iMonth, $iDay);
    }

    public function getBoni()
    {
        return 1000;
    }

    public function addDynGroup( $sDynGoup, $aDeniedDynGroups )
    {
        // preparing input
        $sDynGoup = strtolower( trim( $sDynGoup ) );

        // setting denied groups from admin settings also
        $aDisabledDynGroups = array_merge( array( 'oxidadmin' ), (array) $aDeniedDynGroups );

        // default state ..
        $blAdd = false;

        // user assignment to dyn group is not allowed
        if ( $this->oxuser__oxdisableautogrp->value || !$sDynGoup ) {
            $blAdd = false;
        } elseif ( in_array( $sDynGoup, $aDisabledDynGroups ) ) {
            // trying to add user to prohibited user group?
            $blAdd = false;
        } elseif ( $this->addToGroup( $sDynGoup ) ) {
            $blAdd = true;
        }

        // cleanup
        oxSession::deleteVar( 'dgr' );

        return $blAdd;
    }

    public function checkValues( $sLogin, $sPassword, $sPassword2, $aInvAddress, $aDelAddress )
    {
        // 1. checking user name
        $this->_checkLogin( $sLogin, $aInvAddress );

        // 2. cheking email
        $this->_checkEmail( $sLogin );

        // 3. password
        $this->_checkPassword( $sPassword, $sPassword2, ((int) oxConfig::getParameter( 'option' ) == 3) );

        // 4. required fields
        $this->_checkRequiredFields( $aInvAddress, $aDelAddress );

        // 5. vat id check.
            $this->_checkVatId( $aInvAddress );
    }

    public function setNewsSubscription( $blSubscribe, $blSendOptIn )
    {
        // assigning to newsletter
        $blSuccess = false;
        $myConfig  = $this->getConfig();

        // user wants to get newsletter messages or no ?
        $oNewsSubscription = $this->getNewsSubscription();
        if ( $blSubscribe && $oNewsSubscription->getOptInStatus() != 1 ) {
            if ( !$blSendOptIn ) {

                // double-opt-in check is disabled - assigning automatically
                $this->addToGroup( 'oxidnewsletter' );
                // and setting subscribed status
                $oNewsSubscription->setOptInStatus( 1 );
                $blSuccess = true;
            } else {

                // double-opt-in check enabled - sending confirmation email and setting waiting status
                $oNewsSubscription->setOptInStatus( 2 );

                // sending double-opt-in mail
                $oEmail = oxNew( 'oxemail' );
                $blSuccess = $oEmail->sendNewsletterDBOptInMail( $this );
            }
        } elseif ( !$blSubscribe ) { // removing user from newsletter subscribers
            $this->removeFromGroup( 'oxidnewsletter' );
            $oNewsSubscription->setOptInStatus( 0 );
            $blSuccess = true;
        }

        return $blSuccess;
    }

    public function changeUserData( $sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress )
    {

        // validating values before saving. If validation fails - exception is thrown
        $this->checkValues( $sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress );

        // input data is fine - lets save updated user info
        $this->assign( $aInvAddress );


        // update old or add new delivery address
        $this->_assignAddress( $aDelAddress );

        // saving new values
        if ( $this->save() ) {

            // assigning automatically to specific groups
            $sCountryId = isset( $aInvAddress['oxuser__oxcountryid'] )?$aInvAddress['oxuser__oxcountryid']:'';
            $this->_setAutoGroups( $sCountryId );
        }
    }

    public function addUserAddress( $oUser )
    {

        if ( $this->_hasUserAddress( $oUser->getId() ) ) {
            return false;
        }

        $oAddress = oxNew( 'oxbase' );
        $oAddress->init( 'oxaddress' );

        $oAddress->oxaddress__oxuserid        = new oxField($this->getId(), oxField::T_RAW);
        $oAddress->oxaddress__oxaddressuserid = new oxField($oUser->getId(), oxField::T_RAW);
        $oAddress->oxaddress__oxfname         = new oxField($oUser->oxuser__oxfname->value, oxField::T_RAW);
        $oAddress->oxaddress__oxlname         = new oxField($oUser->oxuser__oxlname->value, oxField::T_RAW);
        $oAddress->oxaddress__oxstreet        = new oxField($oUser->oxuser__oxstreet->value, oxField::T_RAW);
        $oAddress->oxaddress__oxstreetnr      = new oxField($oUser->oxuser__oxstreetnr->value, oxField::T_RAW);
        $oAddress->oxaddress__oxcity          = new oxField($oUser->oxuser__oxcity->value, oxField::T_RAW);
        $oAddress->oxaddress__oxzip           = new oxField($oUser->oxuser__oxzip->value, oxField::T_RAW);
        $oAddress->oxaddress__oxcountry       = new oxField($oUser->oxuser__oxcountry->value, oxField::T_RAW);
        $oAddress->oxaddress__oxcountryid     = new oxField($oUser->oxuser__oxcountryid->value, oxField::T_RAW);
        $oAddress->oxaddress__oxcompany       = new oxField($oUser->oxuser__oxcompany->value, oxField::T_RAW);

        // adding new address
        if ( $oAddress->save() ) {
            // resetting addresses
            $this->_oAddresses = null;
            return $oAddress->getId();
        }
    }

    protected function _assignAddress( $aDelAddress )
    {
        if ( ( isset( $aDelAddress['oxaddress__oxfname'] ) && $aDelAddress['oxaddress__oxfname'] ) ||
             ( isset( $aDelAddress['oxaddress__oxlname'] ) && $aDelAddress['oxaddress__oxlname'] ) ) {

            $sAddressId = oxConfig::getParameter( 'oxaddressid' );
            $aDelAddress['oxaddress__oxid'] = ( $sAddressId === null || $sAddressId == -1 || $sAddressId == -2 ) ?  null : $sAddressId;

            $oAddress = oxNew( 'oxbase' );
            $oAddress->init( 'oxaddress' );
            $oAddress->assign( $aDelAddress );
            $oAddress->oxaddress__oxuserid  = new oxField( $this->getId(), oxField::T_RAW );
            $oAddress->oxaddress__oxcountry = $this->getUserCountry( $oAddress->oxaddress__oxcountryid->value );
            $oAddress->save();

            // resetting addresses
            $this->_oAddresses = null;

            // saving delivery Address for later use
            oxSession::setVar( 'deladrid', $oAddress->getId() );
        } else {
            // resetting
            oxSession::setVar( 'deladrid', null );
        }
    }

    public function login( $sUser, $sPassword, $blCookie = false)
    {
        if ( $this->isAdmin() && !count( oxUtilsServer::getInstance()->getOxCookie() ) ) {
            $oEx = oxNew( 'oxCookieException' );
            $oEx->setMessage( 'EXCEPTION_COOKIE_NOCOOKIE' );
            throw $oEx;
        }

        $myConfig = $this->getConfig();
        if ( $sPassword ) {

            $sShopID = $myConfig->getShopId();
            $oDb = oxDb::getDb();

            $sUserSelect = is_numeric( $sUser ) ? "oxuser.oxcustnr = {$sUser} " : "oxuser.oxusername = " . $oDb->quote( $sUser );
            $sPassSelect = " oxuser.oxpassword = MD5( CONCAT( ".$oDb->quote( $sPassword ).", UNHEX( oxuser.oxpasssalt ) ) ) ";
            $sShopSelect = "";


            // admin view: can only login with higher than 'user' rights
            if ( $this->isAdmin() ) {
                $sShopSelect = " and ( oxrights != 'user' ) ";
            }

            $sWhat = "oxid";

            $sSelect =  "select $sWhat from oxuser where oxuser.oxactive = 1 and {$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
            if ( $myConfig->isDemoShop() && $this->isAdmin() ) {
                if ( $sPassword == "admin" && $sUser == "admin" ) {
                    $sSelect = "select $sWhat from oxuser where oxrights = 'malladmin' {$sShopSelect} ";
                } else {
                    $oEx = oxNew( 'oxUserException' );
                    $oEx->setMessage( 'EXCEPTION_USER_NOVALIDLOGIN' );
                    throw $oEx;
                }
            }

            // load from DB
            $aData = $oDb->getAll( $sSelect );
            $sOXID = @$aData[0][0];
            if ( isset( $sOXID ) && $sOXID && !@$aData[0][1] ) {

                if ( !$this->load( $sOXID ) ) {
                    $oEx = oxNew( 'oxUserException' );
                    $oEx->setMessage( 'EXCEPTION_USER_NOVALIDLOGIN' );
                    throw $oEx;
                }
            }
        }


        //login successfull?
        if ( $this->oxuser__oxid->value ) {   // yes, successful login
            if ( $this->isAdmin() ) {
                oxSession::setVar( 'auth', $this->oxuser__oxid->value );
            } else {
                oxSession::setVar( 'usr', $this->oxuser__oxid->value );
            }

            // cookie must be set ?
            if ( $blCookie ) {
                oxUtilsServer::getInstance()->setUserCookie( $this->oxuser__oxusername->value, $this->oxuser__oxpassword->value, $myConfig->getShopId() );
            }
            return true;
        } else {
            $oEx = oxNew( 'oxUserException' );
            $oEx->setMessage( 'EXCEPTION_USER_NOVALIDLOGIN' );
            throw $oEx;
        }
    }

    public function logout()
    {
        // deleting session info
        oxSession::deleteVar( 'usr' );  // for front end
        oxSession::deleteVar( 'auth' ); // for back end
        oxSession::deleteVar( 'dgr' );
        oxSession::deleteVar( 'dynvalue' );
        oxSession::deleteVar( 'paymentid' );
        // oxSession::deleteVar( 'deladrid' );

        // delete cookie
        oxUtilsServer::getInstance()->deleteUserCookie( $this->getConfig()->getShopID() );

        // unsetting global user
        $this->setUser( null );

        return true;
    }

    public function loadAdminUser()
    {
        return $this->loadActiveUser( true );
    }

    public function loadActiveUser( $blForceAdmin = false )
    {
        $myConfig = oxConfig::getInstance();

        $blAdmin = $myConfig->isAdmin() || $blForceAdmin;
        $oDB = oxDb::getDb();

        // first - checking session info
        $sUserID = $blAdmin ? oxSession::getVar( 'auth' ) : oxSession::getVar( 'usr' );
        $blFoundInCookie = false;

        //trying automatic login (by 'remember me' cookie)
        if ( !$sUserID && !$blAdmin ) {
            $sShopID = $myConfig->getShopId();
            if ( ( $sSet = oxUtilsServer::getInstance()->getUserCookie( $sShopID ) ) ) {
                $aData = explode( '@@@', $sSet );
                $sUser = $oDB->quote( $aData[0] );
                $sPWD  = @$aData[1];

                $sSelect =  'select oxid, oxpassword from oxuser where oxuser.oxactive = 1 and oxuser.oxusername = '.$sUser;


                $oDB = oxDb::getDb();
                $rs = $oDB->execute( $sSelect );
                if ( $rs != false && $rs->recordCount() > 0 ) {
                    while (!$rs->EOF) {
                        $sTest = crypt( $rs->fields[1], 'ox' );
                        if ( $sTest == $sPWD ) {
                            // found
                            $sUserID = $rs->fields[0];
                            $blFoundInCookie = true;
                            break;
                        }
                        $rs->moveNext();
                    }
                }
            }
        }

        // checking user results
        if ( $sUserID ) {
            if ( $this->load( $sUserID ) ) {
                // storing into session
                if ($blAdmin) {
                    oxSession::setVar( 'auth', $sUserID );
                } else {
                    oxSession::setVar( 'usr', $sUserID );
                }

                // marking the way user was loaded
                $this->_blLoadedFromCookie = $blFoundInCookie;
                return true;
            }
        } else {
            // no user
            oxSession::deleteVar( 'usr' );
            oxSession::deleteVar( 'auth' );

            return false;
        }
    }

    protected function _ldapLogin( $sUser, $sPassword, $sShopID, $sShopSelect)
    {
        include "oxldap.php";
        $myConfig = $this->getConfig();
        //$throws oxConnectionException
        $aLDAPParams = $myConfig->getConfigParam( 'aLDAPParams' );
        $oLDAP = new oxLDAP( $aLDAPParams['HOST'], $aLDAPParams['PORT'] );
        // maybe this is LDAP user but supplied email Address instead of LDAP login
        $sLDAPKey = oxDb::getDb()->GetOne("select oxldapkey from oxuser where oxuser.oxactive = 1 and oxuser.oxusername = ".oxDb::getDb()->Quote($sUser)." $sShopSelect");
        if( isset( $sLDAPKey) && $sLDAPKey) {
            $sUser = $sLDAPKey;
        }

        //$throws oxConnectionException
        $oLDAP->login( $sUser, $sPassword, $aLDAPParams['USERQUERY'], $aLDAPParams['BASEDN'], $aLDAPParams['FILTER']);

        $aData = $oLDAP->mapData($aLDAPParams['DATAMAP']);
        if ( isset( $aData['OXUSERNAME']) && $aData['OXUSERNAME']) {   // login successful

            // check if user is already in database
            $sSelect =  "select oxid from oxuser where oxuser.oxusername = ".oxDb::getDb()->Quote($aData['OXUSERNAME'])." $sShopSelect";
            $sOXID = oxDb::getDb()->GetOne( $sSelect);

            if ( !isset( $sOXID) || !$sOXID) {   // we need to create a new user
                //$oUser->oxuser__oxid->setValue($oUser->setId());
                $this->setId();

                // map all user data fields
                foreach ( $aData as $fldname => $value) {
                    $sField = "oxuser__".strtolower( $fldname);
                    $this->$sField->setValue($aData[$fldname]);
                }

                $this->oxuser__oxactive->setValue(1);
                $this->oxuser__oxshopid->setValue($sShopID);
                $this->oxuser__oxldapkey->setValue($sUser);
                $this->oxuser__oxrights->setValue("user");
                $this->setPassword( "ldap user" );

                $this->save();
            } else {   // LDAP user is already in OXID DB, load it
                $this->load( $sOXID);
            }

        } else {
            $oEx = oxNew( 'oxUserException' );
            $oEx->setMessage('EXCEPTION_USER_NOVALUES');
            throw $oEx;
        }
    }

    protected function _getUserRights()
    {
        // previously user had no rights defined
        if ( !$this->oxuser__oxrights->value )
            return 'user';

        $oDB = oxDb::getDb();
        $myConfig    = $this->getConfig();
        $sAuthRights = null;

        // choosing possible user rights index
        $sAuthUserID = $this->isAdmin()?oxSession::getVar( 'auth' ):null;
        $sAuthUserID = $sAuthUserID?$sAuthUserID:oxSession::getVar( 'usr' );
        if ( $sAuthUserID ) {
            $sAuthUserID = $oDB->quote( $sAuthUserID );
            $sAuthRights = $oDB->getOne( 'select oxrights from '.$this->getViewName().' where oxid='.$sAuthUserID );
        }

        //preventing user rights edit for non admin
        $aRights = array();

        // selecting current users rights ...
        if ( $sCurrRights = $oDB->getOne( 'select oxrights from '.$this->getViewName().' where oxid="'.$this->getId().'"' ) ) {
            $aRights[] = $sCurrRights;
        }
        $aRights[] = 'user';

        if ( !$sAuthRights || !( $sAuthRights == 'malladmin' || $sAuthRights == $myConfig->getShopId() ) ) {
            return current( $aRights );
        } elseif ( $sAuthRights == $myConfig->getShopId() ) {
            $aRights[] = $sAuthRights;
            if ( !in_array( $this->oxuser__oxrights->value, $aRights ) ) {
                return current( $aRights );
            }
        }

        // leaving as it was set ...
        return $this->oxuser__oxrights->value;
    }

    protected function _setRecordNumber( $sMaxField, $aWhere = null ,$iMaxTryCnt = 5 )
    {

        /*if ( !$myConfig->blMallUsers ) {
            $sShopID = $myConfig->getShopId();
            $aWhere = array(" {$this->getViewName()}.oxshopid = '$sShopID' ");
        }*/

        return parent::_setRecordNumber( $sMaxField, $aWhere, $iMaxTryCnt );
    }

    protected function _insert()
    {

        // set oxcreate date
        $this->oxuser__oxcreate = new oxField(date( 'Y-m-d H:i:s' ), oxField::T_RAW);

        if ( !isset( $this->oxuser__oxboni->value ) ) {
            $this->oxuser__oxboni = new oxField($this->getBoni(), oxField::T_RAW);
        }

        if ( $blInsert = parent::_insert() ) {
            // setting customer number
            if ( !$this->oxuser__oxcustnr->value || !$this->isAdmin() ) {
                $this->_setRecordNumber( 'oxcustnr' );
            }
        }

        return $blInsert;
    }

    protected function _update()
    {
        //V #M418: for not registered users, don't change boni during update
        if (!$this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1) {
            $this->_aSkipSaveFields[] = 'oxboni';
        }

        // don't change this field
        $this->_aSkipSaveFields[] = 'oxcreate';
        if ( !$this->isAdmin() ) {
            $this->_aSkipSaveFields[] = 'oxcustnr';
            $this->_aSkipSaveFields[] = 'oxrights';
        }

        // updating subscription information
        if ( ( $blUpdate = parent::_update() ) ) {
            $this->getNewsSubscription()->updateSubscription( $this );
        }

        return $blUpdate;
    }

    protected function _checkLogin( &$sLogin, $aInvAddress )
    {
        $myConfig = $this->getConfig();

        $sLogin   = ( isset( $aInvAddress['oxuser__oxusername'] ) && $aInvAddress['oxuser__oxusername'] )?$aInvAddress['oxuser__oxusername']:$sLogin;

        // check only for users with password during registration
        // if user wants to change user name - we must check if passwords are ok before changing
        if ( $this->oxuser__oxpassword->value && $sLogin != $this->oxuser__oxusername->value ) {

            // on this case password must be taken directly from request
            $sNewPass = isset( $aInvAddress['oxuser__oxpassword'] )?$aInvAddress['oxuser__oxpassword']:oxConfig::getParameter( 'user_password' );
            if ( !$sNewPass ) {

                // 1. user forgot to enter password
                $oEx = oxNew( 'oxInputException' );
                $oEx->setMessage('EXCEPTION_INPUT_NOTALLFIELDS');
                throw $oEx;
            } else {

                // 2. entered wrong password
                if ( !$this->isSamePassword( $sNewPass ) ) {
                    $oEx = oxNew( 'oxUserException' );
                    $oEx->setMessage('EXCEPTION_USER_PWDDONTMATCH');
                    throw $oEx;
                }
            }
        }

        if ( $this->checkIfEmailExists( $sLogin)) {
            //if exists then we do now allow to do that
            $oEx = oxNew( 'oxUserException' );
            $oEx->setMessage('EXCEPTION_USER_USEREXISTS');
            throw $oEx;
        }
    }

    public function checkIfEmailExists( $sEmail )
    {
        $myConfig = $this->getConfig();
        $oDB = oxDb::getDb();
        $iShopId = $myConfig->getShopId();
        $blExists = false;

        $sQ = 'select oxshopid, oxrights, oxpassword from oxuser where oxusername = '. $oDB->quote( $sEmail );
        if ( ( $sOxid = $this->getId() ) ) {
            $sQ .= " and oxid <> '$sOxid' ";
        }

        $oRs = $oDB->execute( $sQ );
        if ( $oRs != false && $oRs->recordCount() > 0 ) {

            if ( $this->_blMallUsers ) {

                $blExists = true;
                if ( $oRs->fields[1] == 'user' && !$oRs->fields[2] ) {

                    // password is not set - allow to override
                    $blExists = false;
                }
            } else {

                $blExists = false;
                while ( !$oRs->EOF ) {
                    if ( $oRs->fields[1] != 'user' ) {

                        // exists admin with same login - must not allow
                        $blExists = true;
                        break;
                    } elseif ( $oRs->fields[0] == $iShopId && $oRs->fields[2] ) {

                        // exists same login (with password) in same shop
                        $blExists = true;
                        break;
                    }

                    $oRs->moveNext();
                }
            }
        }
        return $blExists;
    }

    public function getUserRecommLists( $sOXID = null )
    {
        if ( !$sOXID )
            $sOXID = $this->getId();

        // sets active page
        $iActPage = (int) oxConfig::getParameter( 'pgNr' );
        $iActPage = ($iActPage < 0) ? 0 : $iActPage;

        // load only lists which we show on screen
        $iNrofCatArticles = $this->getConfig()->getConfigParam( 'iNrofCatArticles' );
        $iNrofCatArticles = $iNrofCatArticles ? $iNrofCatArticles : 10;


        $oRecommList = oxNew( 'oxlist' );
        $oRecommList->init( 'oxrecommlist' );
        $oRecommList->setSqlLimit( $iNrofCatArticles * $iActPage, $iNrofCatArticles );
        $iShopId = $this->getConfig()->getShopId();
        $sSelect = 'select * from oxrecommlists where oxuserid ="'. $sOXID .'" and oxshopid ="'. $iShopId .'"';
        $oRecommList->selectString( $sSelect );

        return $oRecommList;
    }

    public function getRecommListsCount( $sOx = null )
    {
        if ( !$sOx ) {
            $sOXID = $this->getId();
        }

        if ( $this->_iCntRecommLists === null || $sOx ) {
            $this->_iCntRecommLists = 0;
            $iShopId = $this->getConfig()->getShopId();
            $sSelect = 'select count(oxid) from oxrecommlists where oxuserid ="'. $sOXID .'" and oxshopid ="'. $iShopId .'"';
            $this->_iCntRecommLists = oxDb::getDb()->getOne( $sSelect );
        }
        return $this->_iCntRecommLists;
    }

    protected function _checkEmail( $sEmail )
    {
        // missing email address (user login name) ?
        if ( !$sEmail ) {
            $oEx = oxNew( 'oxInputException' );
            $oEx->setMessage('EXCEPTION_INPUT_NOTALLFIELDS');
            throw $oEx;
        }

        // invalid email address ?
        if ( !oxUtils::getInstance()->isValidEmail( $sEmail ) ) {
            $oEx = oxNew( 'oxInputException' );
            $oEx->setMessage( 'EXCEPTION_INPUT_NOVALIDEMAIL' );
            throw $oEx;
        }
    }

    protected function _checkPassword( $sNewPass, $sConfPass, $blCheckLenght = false )
    {

        //  password is too short ?
        if ( $blCheckLenght &&  strlen( $sNewPass ) < 6 ) {
            $oEx = oxNew( 'oxInputException' );
            $oEx->setMessage('EXCEPTION_INPUT_PASSTOOSHORT');
            throw $oEx;
        }

        //  passwords do not match ?
        if ( $sNewPass != $sConfPass ) {
            $oEx = oxNew( 'oxUserException' );
            $oEx->setMessage('EXCEPTION_USER_PWDDONTMATCH');
            throw $oEx;
        }
    }

    protected function _checkRequiredFields( $aInvAddress, $aDelAddress )
    {
        // collecting info about required fields
        $aMustFields = array( 'oxuser__oxfname',
                              'oxuser__oxlname',
                              'oxuser__oxstreetnr',
                              'oxuser__oxstreet',
                              'oxuser__oxzip',
                              'oxuser__oxcity' );

        // config shoud override default fields
        $aMustFillFields = $this->getConfig()->getConfigParam( 'aMustFillFields' );
        if ( is_array( $aMustFillFields ) ) {
            $aMustFields = $aMustFillFields;
        }

        // assuring data to check
        $aInvAddress = is_array( $aInvAddress )?$aInvAddress:array();
        $aDelAddress = is_array( $aDelAddress )?$aDelAddress:array();

        // collecting fields
        $aFields = array_merge( $aInvAddress, $aDelAddress );

        // check delivery address ?
        $blCheckDel = false;
        if ( count( $aDelAddress ) ) {
            $blCheckDel = true;
        }

        // checking
        foreach ( $aMustFields as $sMustField ) {

            // A. not nice, but we keep all fields info in one config array, and must support baskwards compat.
            if ( !$blCheckDel && strpos( $sMustField, 'oxaddress__' ) === 0 ) {
                continue;
            }

            if ( !isset( $aFields[$sMustField] ) || ! trim( $aFields[$sMustField] ) ) {
                   $oEx = oxNew( 'oxInputException' );
                   $oEx->setMessage('EXCEPTION_INPUT_NOTALLFIELDS');
                   throw $oEx;
            }
        }
    }

    protected function _checkVatId( $aInvAddress )
    {
        // vat ID must be checked only for business customers
        if ( $aInvAddress['oxuser__oxustid'] && $aInvAddress['oxuser__oxcompany'] ) {

            if (!($sCountryId = $aInvAddress['oxuser__oxcountryid'])) {
                // no country
                return;
            }
            $oCountry = oxNew('oxcountry');
            if (!$oCountry->load($sCountryId)) {
                throw new oxObjectException();
            }
            if ($oCountry->isForeignCountry() && $oCountry->isInEU()) {
                    if (strncmp($aInvAddress['oxuser__oxustid'], $oCountry->oxcountry__oxisoalpha2->value, 2)) {
                        $oEx = oxNew( 'oxInputException' );
                        $oEx->setMessage( 'VAT_MESSAGE_ID_NOT_VALID' );
                        throw $oEx;
                    }
            }

        }
    }

    protected function _setAutoGroups( $sCountryId )
    {
        // assigning automatically to specific groups
        $blForeigner = true;
        $blForeignGroupExists = false;
        $blInlandGroupExists = false;

        $aHomeCountry = $this->getConfig()->getConfigParam( 'aHomeCountry' );
        // foreigner ?
        if ( is_array($aHomeCountry)) {
            if (in_array($sCountryId, $aHomeCountry)) {
                $blForeigner = false;
            }
        } elseif ($sCountryId == $aHomeCountry) {
            $blForeigner = false;
        }

        if ( $this->inGroup( 'oxidforeigncustomer' ) ) {
            $blForeignGroupExists = true;
            if ( !$blForeigner ) {
                $this->removeFromGroup( 'oxidforeigncustomer' );
            }
        }

        if ( $this->inGroup( 'oxidnewcustomer' ) ) {
            $blInlandGroupExists = true;
            if ( $blForeigner ) {
                $this->removeFromGroup( 'oxidnewcustomer' );
            }
        }

        if ( !$this->oxuser__oxdisableautogrp->value ) {
            if ( !$blForeignGroupExists && $blForeigner ) {
                $this->addToGroup( 'oxidforeigncustomer' );
            }
            if ( !$blInlandGroupExists && !$blForeigner ) {
                $this->addToGroup( 'oxidnewcustomer' );
            }
        }
    }

    protected function _hasUserAddress( $sUserId )
    {

        $oAddresses = $this->getUserAddresses();
        if ( $oAddresses && count($oAddresses)>0 ) {
            $oAddresses->rewind() ;
            foreach ($oAddresses as $key => $oAddress) {
                if ( $oAddress->oxaddress__oxaddressuserid->value == $sUserId ) {
                    return true;
                }
            }
        }
        return false;
    }

    protected function _setUserCookie( $sUser, $sPassword,  $sShopId = null, $iTimeout = 31536000 )
    {
        oxUtilsServer::getInstance()->setUserCookie( $sUser, $sPassword, $sShopId, $iTimeout );
    }

    protected function _deleteUserCookie( $sShopId = null )
    {
        oxUtilsServer::getInstance()->deleteUserCookie( $sShopId );
    }

    protected static function _getUserCookie( $sShopId = null )
    {
        return oxUtilsServer::getInstance()->getUserCookie( $sShopId );
    }


    public function loadUserByUpdateId( $sUid )
    {
        $oDb = oxDb::getDb();
        $sQ = "select oxid from ".$this->getViewName()." where oxupdateexp >= UNIX_TIMESTAMP() and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = ".$oDb->quote( $sUid );
        if ( $sUserId = $oDb->getOne( $sQ ) ) {
            return $this->load( $sUserId );
        }
    }

    public function setUpdateKey( $blReset = false )
    {
        $sUpKey  = $blReset ? '' : oxUtilsObject::getInstance()->generateUId();
        $iUpTime = $blReset ? 0 : oxUtilsDate::getInstance()->getTime() + $this->getUpdateLinkTerm();

        // generating key
        $this->oxuser__oxupdatekey = new oxField( $sUpKey, oxField::T_RAW );

        // setting expiration time for 6 hours
        $this->oxuser__oxupdateexp = new oxField( $iUpTime, oxField::T_RAW );

        // saving
        $this->save();
    }

    public function getUpdateLinkTerm()
    {
        return 3600 * 6;
    }

    public function isExpiredUpdateId( $sKey )
    {
        $oDb = oxDb::getDb();
        $sQ = "select 1 from ".$this->getViewName()." where oxupdateexp >= UNIX_TIMESTAMP() and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = ".$oDb->quote( $sKey );
        return !( (bool) $oDb->getOne( $sQ ) );
    }

    public function getUpdateId()
    {
        if ( $this->_sUpdateKey === null ) {
            $this->setUpdateKey();
            $this->_sUpdateKey = md5( $this->getId() . $this->oxuser__oxshopid->value . $this->oxuser__oxupdatekey->value );
        }
        return $this->_sUpdateKey;
    }

    public function encodePassword( $sPassword, $sSalt )
    {
        $oDb = oxDb::getDb();
        return $oDb->getOne( "select MD5( CONCAT( ".$oDb->quote( $sPassword ).", UNHEX( '{$sSalt}' ) ) )" );
    }

    public function prepareSalt( $sSalt )
    {
        return ( $sSalt ? oxDb::getDb()->getOne( "select HEX( '{$sSalt}' )" ) : '' );
    }

    public function decodeSalt( $sSaltHex )
    {
        return ( $sSaltHex ? oxDb::getDb()->getOne( "select UNHEX( '{$sSaltHex}' )" ) : '' );
    }

    public function setPassword( $sPassword = null )
    {
        // setting salt if password is not empty
        $sSalt = $sPassword ? $this->prepareSalt( oxUtilsObject::getInstance()->generateUID() ) : '';

        // encoding only if password was not empty (e.g. user registration without pass)
        $sPassword = $sPassword ? $this->encodePassword( $sPassword, $sSalt ) : '';

        $this->oxuser__oxpassword = new oxField( $sPassword, oxField::T_RAW );
        $this->oxuser__oxpasssalt = new oxField( $sSalt, oxField::T_RAW );
    }

    public function isSamePassword( $sNewPass )
    {
        return $this->encodePassword( $sNewPass, $this->oxuser__oxpasssalt->value ) == $this->oxuser__oxpassword->value;
    }

    public function isLoadedFromCookie()
    {
        return $this->_blLoadedFromCookie;
    }

    public function getPasswordHash()
    {
        $sHash = null;
        if ( $this->oxuser__oxpassword->value ) {
            if ( strpos( $this->oxuser__oxpassword->value, 'ox_' ) === 0 ) {
                // decodable pass ?
                $this->setPassword( oxUtils::getInstance()->strRem( $this->oxuser__oxpassword->value ) );
            } elseif ( strlen( $this->oxuser__oxpassword->value ) < 32 ) {
                // plain pass ?
                $this->setPassword( $this->oxuser__oxpassword->value );
            }
            $sHash = $this->oxuser__oxpassword->value;
        }
        return $sHash;
    }

    public static function getAdminUser()
    {
        return self::getActiveUser( true );
    }

    public static function getActiveUser( $blForceAdmin = false )
    {
        $oUser = oxNew( 'oxuser' );
        if ( $oUser->loadActiveUser( $blForceAdmin ) ) {
            return $oUser;
        } else {
            return false;
        }
    }
}

---