oxcmp_user.php

Go to the documentation of this file.

<?php

// defining login/logout states
define( 'USER_LOGIN_SUCCESS', 1 );
define( 'USER_LOGIN_FAIL', 2 );
define( 'USER_LOGOUT', 3 );

class oxcmp_user extends oxView
{
    protected $_blIsNewUser    = false;

    protected $_blIsComponent = true;

    protected $_blNewsSubscriptionStatus = null;

    protected $_iLoginStatus = null;

    protected $_sTermsVer = null;

    protected $_aAllowedClasses = array(
                                        'register',
                                        'forgotpwd',
                                        'content',
                                        'account',
                                        );
    public function init()
    {
        // saving show/hide delivery address state
        $blShow = oxConfig::getParameter( 'blshowshipaddress' );
        if (!isset($blShow)) {
            $blShow = oxSession::getVar( 'blshowshipaddress' );
        }
        // @deprecated, remove blhideshipaddress checking when basic theme support discontinued
        if (oxConfig::getParameter( 'blhideshipaddress' ) || oxSession::getVar( 'blhideshipaddress' )) {
            $blShow = false;
        }

        oxSession::setVar( 'blshowshipaddress', $blShow );

        // load session user
        $this->_loadSessionUser();
        if ( $this->getConfig()->getConfigParam( 'blInvitationsEnabled' ) ) {
            // get invitor ID
            $this->getInvitor();
            $this->setRecipient();
        }

        parent::init();
    }

    public function render()
    {
        // checks if private sales allows further tasks
        $this->_checkPsState();

        parent::render();

        // dyn_group feature: if you specify a groupid in URL the user
        // will automatically be added to this group later
        if ( $sDynGoup = oxConfig::getParameter( 'dgr' ) ) {
            oxSession::setVar( 'dgr', $sDynGoup );
        }

        return $this->getUser();
    }

    protected function _checkPsState()
    {
        $oConfig = $this->getConfig();
        if ( $this->getParent()->isEnabledPrivateSales() ) {
            // load session user
            $oUser  = $this->getUser();
            $sClass = $this->getParent()->getClassName();

            // no session user
            if ( !$oUser && !in_array( $sClass, $this->_aAllowedClasses ) ) {
                oxUtils::getInstance()->redirect( $oConfig->getShopHomeURL() . 'cl=account', false, 302 );
            }

            if ( $oUser && !$oUser->isTermsAccepted() && !in_array( $sClass, $this->_aAllowedClasses ) ) {
                oxUtils::getInstance()->redirect( $oConfig->getShopHomeURL() . 'cl=account&term=1', false, 302 );
            }
        }
    }

    protected function _loadSessionUser()
    {
        $myConfig = $this->getConfig();
        $oUser = $this->getUser();

        // no session user
        if ( !$oUser ) {
            return;
        }

        // this user is blocked, deny him
        if ( $oUser->inGroup( 'oxidblocked' ) ) {
            oxUtils::getInstance()->redirect( $myConfig->getShopHomeURL() . 'cl=content&tpl=user_blocked.tpl', true, 302  );
        }

        // TODO: move this to a proper place
        if ( $oUser->isLoadedFromCookie() && !$myConfig->getConfigParam( 'blPerfNoBasketSaving' )) {

            // #1678 R
            // @deprecated since 2012-03-14 in version 4.5.8. This parameter will not be used anymore
            if ( !$myConfig->getConfigParam( 'blPerfNoBasketSaving' ) ) {
                $myConfig->setGlobalParameter( 'blUserChanged', 1 );
            }
            // @end deprecated

            if ( $oBasket = $this->getSession()->getBasket() ) {
                $oBasket->load();
                $oBasket->onUpdate();
            }
        }
    }

    public function login()
    {
        $sUser     = oxConfig::getParameter( 'lgn_usr' );
        $sPassword = oxConfig::getParameter( 'lgn_pwd', true );
        $sCookie   = oxConfig::getParameter( 'lgn_cook' );
        //$blFbLogin = oxConfig::getParameter( 'fblogin' );

        $this->setLoginStatus( USER_LOGIN_FAIL );

        // trying to login user
        try {
            $oUser = oxNew( 'oxuser' );
            $oUser->login( $sUser, $sPassword, $sCookie );
            $this->setLoginStatus( USER_LOGIN_SUCCESS );
        } catch ( oxUserException $oEx ) {
            // for login component send excpetion text to a custom component (if defined)
            oxUtilsView::getInstance()->addErrorToDisplay( $oEx, false, true );
            return 'user';
        } catch( oxCookieException $oEx ){
            oxUtilsView::getInstance()->addErrorToDisplay( $oEx );
            return 'user';
        }
        // finalizing ..
        return $this->_afterLogin( $oUser );
    }

    protected function _afterLogin( $oUser )
    {
        $oSession = $this->getSession();

        // generating new session id after login
        if ( $this->getLoginStatus() === USER_LOGIN_SUCCESS ) {
            $oSession->regenerateSessionId();
        }

        $myConfig = $this->getConfig();

        // this user is blocked, deny him
        if ( $oUser->inGroup( 'oxidblocked' ) ) {
            oxUtils::getInstance()->redirect( $myConfig->getShopHomeURL().'cl=content&tpl=user_blocked.tpl', true, 302 );
        }

        // adding to dyn group
        $oUser->addDynGroup(oxSession::getVar( 'dgr' ), $myConfig->getConfigParam( 'aDeniedDynGroups' ));

        // recalc basket
        if ( $oBasket = $oSession->getBasket() ) {
            $oBasket->onUpdate();
        }

        // #1678 R
        // @deprecated since 2012-03-14 in version 4.5.8. This parameter will not be used anymore
        if ( !$myConfig->getConfigParam( 'blPerfNoBasketSaving' ) ) {
            $myConfig->setGlobalParameter( 'blUserChanged', 1);
        }
        // @end deprecated


        return 'payment';
    }

    public function login_noredirect()
    {
        $blAgb = oxConfig::getParameter( 'ord_agb' );
        $oConfig = $this->getConfig();
        if ( $this->getParent()->isEnabledPrivateSales() && $blAgb !== null && ( $oUser = $this->getUser() ) ) {
            if ( $blAgb ) {
                $oUser->acceptTerms();
            }
        } else {
            $this->login();
        }
    }

    public function login_updateFbId()
    {
        $this->login();

        if ( $oUser = $this->getUser() ) {
            //updating user Facebook ID
            if ( $oUser->updateFbId() ) {
                oxSession::setVar( '_blFbUserIdUpdated', true );
            }
        }
    }

    protected function _afterLogout()
    {
        oxSession::deleteVar( 'paymentid' );
        oxSession::deleteVar( 'sShipSet' );
        oxSession::deleteVar( 'deladrid' );
        oxSession::deleteVar( 'dynvalue' );

        // resetting & recalc basket
        if ( ( $oBasket = $this->getSession()->getBasket() ) ) {
            $oBasket->resetUserInfo();
            $oBasket->onUpdate();
        }
    }

    public function logout()
    {
        $myConfig  = $this->getConfig();
        $oUser = oxNew( 'oxuser' );

        if ( $oUser->logout() ) {

            $this->setLoginStatus( USER_LOGOUT );

            // finalizing ..
            $this->_afterLogout();


            if ( $this->getParent()->isEnabledPrivateSales() ) {
                return 'account';
            }

            // redirecting if user logs out in SSL mode
            if ( oxConfig::getParameter('redirect') && $myConfig->getConfigParam( 'sSSLShopURL' ) ) {

                oxUtils::getInstance()->redirect( $this->_getLogoutLink());
            }
        }
    }

    public function changeUser( )
    {
        // checking if "open address area" button was clicked
        // or reloading form when delivery address was selected
        if ( $this->_setupDelAddress() ) {
            return;
        }

        $blUserRegistered = $this->_changeUser_noRedirect();

        if ( $blUserRegistered === true ) {
            return 'payment';
        } else {
            return $blUserRegistered;
        }
    }

    public function changeuser_testvalues()
    {
        // skip updating user info if this is just form reload
        // on selecting delivery address
        // We do redirect only on success not to loose errors.

        if ( $this->_changeUser_noRedirect() ) {
            return 'account_user';
        }
    }

    public function createUser()
    {
        // checking if "open address area" button was clicked
        if ( $blSetup = $this->_setupDelAddress() ) {
            return;
        }

        $blActiveLogin = $this->getParent()->isEnabledPrivateSales();

        $myConfig = $this->getConfig();
        if ( $blActiveLogin && !oxConfig::getParameter( 'ord_agb' ) && $myConfig->getConfigParam( 'blConfirmAGB' ) ) {
            oxUtilsView::getInstance()->addErrorToDisplay( 'ORDER_READANDCONFIRMTERMS', false, true );
            return;
        }

        $myUtils  = oxUtils::getInstance();

        // collecting values to check
        $sUser = oxConfig::getParameter( 'lgn_usr' );

        // first pass
        $sPassword = oxConfig::getParameter( 'lgn_pwd', true );

        // second pass
        $sPassword2 = oxConfig::getParameter( 'lgn_pwd2', true );

        $aInvAdress = oxConfig::getParameter( 'invadr', true );
        $aDelAdress = $this->_getDelAddressData();

        $oUser = oxNew( 'oxuser' );

        try {

            $oUser->checkValues( $sUser, $sPassword, $sPassword2, $aInvAdress, $aDelAdress );

            $iActState = $blActiveLogin ? 0 : 1;

            // setting values
            $oUser->oxuser__oxusername = new oxField($sUser, oxField::T_RAW);
            $oUser->setPassword( $sPassword );
            $oUser->oxuser__oxactive   = new oxField( $iActState, oxField::T_RAW);

            // used for checking if user email currently subscribed
            $iSubscriptionStatus = $oUser->getNewsSubscription()->getOptInStatus();

            $oUser->createUser();
            $oUser->load( $oUser->getId() );
            $oUser->changeUserData( $oUser->oxuser__oxusername->value, $sPassword, $sPassword, $aInvAdress, $aDelAdress );

            if ( $blActiveLogin ) {
                // accepting terms..
                $oUser->acceptTerms();
            }

            $sUserId = oxSession::getVar( "su" );
            $sRecEmail = oxSession::getVar( "re" );
            if ( $this->getConfig()->getConfigParam( 'blInvitationsEnabled' ) && $sUserId && $sRecEmail ) {
                // setting registration credit points..
                $oUser->setCreditPointsForRegistrant( $sUserId, $sRecEmail );
            }

            // assigning to newsletter
            $blOptin = oxConfig::getParameter( 'blnewssubscribed' );
            if ( $blOptin && $iSubscriptionStatus == 1 ) {
                // if user was assigned to newsletter and is creating account with newsletter checked, don't require confirm
                $oUser->getNewsSubscription()->setOptInStatus(1);
                $oUser->addToGroup( 'oxidnewsletter' );
                $this->_blNewsSubscriptionStatus = 1;
            } else {
                $this->_blNewsSubscriptionStatus = $oUser->setNewsSubscription( $blOptin, $this->getConfig()->getConfigParam( 'blOrderOptInEmail' ) );
            }

            $oUser->addToGroup( 'oxidnotyetordered' );
            $oUser->addDynGroup( oxSession::getVar( 'dgr' ), $myConfig->getConfigParam( 'aDeniedDynGroups' ) );
            $oUser->logout();

        } catch ( oxUserException $oEx ) {
            oxUtilsView::getInstance()->addErrorToDisplay( $oEx, false, true );
            return false;
        } catch( oxInputException $oEx ){
            oxUtilsView::getInstance()->addErrorToDisplay( $oEx, false, true );
            return false;
        } catch( oxConnectionException $oEx ){
            oxUtilsView::getInstance()->addErrorToDisplay( $oEx, false, true );
            return false;
        }

        if ( !$blActiveLogin ) {
            if ( !$sPassword ) {
                oxSession::setVar( 'usr', $oUser->getId() );
                $this->_afterLogin( $oUser );
            } elseif ( $this->login() == 'user' ) {
                return false;
            }

            // order remark
            //V #427: order remark for new users
            $sOrderRemark = oxConfig::getParameter( 'order_remark', true );
            if ( $sOrderRemark ) {
                oxSession::setVar( 'ordrem', $sOrderRemark );
            }
        }

        // send register eMail
        //TODO: move into user
        if ( (int) oxConfig::getParameter( 'option' ) == 3 ) {
            $oxEMail = oxNew( 'oxemail' );
            if ( $blActiveLogin ) {
                $oxEMail->sendRegisterConfirmEmail( $oUser );
            } else {
                $oxEMail->sendRegisterEmail( $oUser );
            }
        }

        // new registered
        $this->_blIsNewUser = true;

        return 'payment';
    }

    public function registerUser()
    {
        // checking if "open address area" button was clicked
        if ( $blSetup = $this->_setupDelAddress() ) {
            return;
        }

        // registered new user ?
        if ( $this->createuser()!= false && $this->_blIsNewUser ) {
            if ( $this->_blNewsSubscriptionStatus === null || $this->_blNewsSubscriptionStatus ) {
                return 'register?success=1';
            } else {
                return 'register?success=1&newslettererror=4';
            }
        } else {
            // problems with registration ...
            $this->logout();
        }
    }

    protected function _changeUser_noRedirect( )
    {
        if (!$this->getSession()->checkSessionChallenge()) {
            return;
        }

        // no user ?
        $oUser = $this->getUser();
        if ( !$oUser ) {
            return;
        }

        // collecting values to check
        $aDelAdress = $this->_getDelAddressData();

        // if user company name, user name and additional info has special chars
        $aInvAdress = oxConfig::getParameter( 'invadr', true );

        $sUserName  = $oUser->oxuser__oxusername->value;
        $sPassword  = $sPassword2 = $oUser->oxuser__oxpassword->value;

        try { // testing user input
            $oUser->changeUserData( $sUserName, $sPassword, $sPassword2, $aInvAdress, $aDelAdress );
            // assigning to newsletter
            if (($blOptin = oxConfig::getParameter( 'blnewssubscribed' )) === null) {
                $blOptin = $oUser->getNewsSubscription()->getOptInStatus();
            }
            // check if email address changed, if so, force check news subscription settings.
            $blForceCheckOptIn = ( $aInvAdress['oxuser__oxusername'] !== null && $aInvAdress['oxuser__oxusername'] !== $sUserName );
            $this->_blNewsSubscriptionStatus = $oUser->setNewsSubscription( $blOptin, $this->getConfig()->getConfigParam( 'blOrderOptInEmail' ), $blForceCheckOptIn );

        } catch ( oxUserException $oEx ) { // errors in input
            // marking error code
            //TODO
            oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
            return;
        } catch(oxInputException $oEx) {
            oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
            return;
        } catch(oxConnectionException $oEx){
             //connection to external resource broken, change message and pass to the view
            oxUtilsView::getInstance()->addErrorToDisplay($oEx, false, true);
            return;
        }


        // order remark
        $sOrderRemark = oxConfig::getParameter( 'order_remark', true );

        if ( $sOrderRemark ) {
            oxSession::setVar( 'ordrem', $sOrderRemark );
        } else {
            oxSession::deleteVar( 'ordrem' );
        }

        if ( $oBasket = $this->getSession()->getBasket() ) {
            $oBasket->onUpdate();
        }
        return true;
    }

    protected function _getDelAddressData()
    {
        // if user company name, user name and additional info has special chars
        $aDelAdress = $aDeladr = (oxConfig::getParameter( 'blshowshipaddress' ) || oxSession::getVar( 'blshowshipaddress' )) ? oxConfig::getParameter( 'deladr', true ) : array();

        if ( is_array( $aDeladr ) ) {
            // checking if data is filled
            if ( isset( $aDeladr['oxaddress__oxsal'] ) ) {
                unset( $aDeladr['oxaddress__oxsal'] );
            }
            if ( !count( $aDeladr ) || implode( '', $aDeladr ) == '' ) {
                // resetting to avoid empty records
                $aDelAdress = array();
            }
        }
        return $aDelAdress;
    }

    protected function _getLogoutLink()
    {
        $myConfig = $this->getConfig();
        $sLogoutLink = $myConfig->getShopHomeUrl();
        if ( $myConfig->isSsl() ) {
            $sLogoutLink = $myConfig->getShopSecureHomeUrl();
        }
        $sLogoutLink .= 'cl='.oxConfig::getParameter('cl').$this->getParent()->getDynUrlParams();
        if ( $sParam = oxConfig::getParameter('anid') ) {
            $sLogoutLink .= '&amp;anid='.$sParam;
        }
        if ( $sParam = oxConfig::getParameter('cnid') ) {
            $sLogoutLink .= '&amp;cnid='.$sParam;
        }
        if ( $sParam = oxConfig::getParameter('mnid') ) {
            $sLogoutLink .= '&amp;mnid='.$sParam;
        }
        if ( $sParam = oxConfig::getParameter('tpl') ) {
            $sLogoutLink .= '&amp;tpl='.$sParam;
        }
        if ( $sParam = oxConfig::getParameter('recommid') ) {
            $sLogoutLink .= '&amp;recommid='.$sParam;
        }
        return $sLogoutLink.'&amp;fnc=logout';
    }

    protected function _setupDelAddress()
    {
        return (oxConfig::getParameter( 'blshowshipaddress' ) !== null || oxConfig::getParameter( 'blhideshipaddress' ) !== null) && oxConfig::getParameter( 'userform' ) === null;
    }

    public function setLoginStatus( $iStatus )
    {
        $this->_iLoginStatus = $iStatus;
    }

    public function getLoginStatus()
    {
        return $this->_iLoginStatus;
    }

    public function getInvitor()
    {
        $sSu = oxSession::getVar( 'su' );
        if ( !$sSu && ( $sSuNew = oxConfig::getParameter( 'su' ) ) ) {
            oxSession::setVar( 'su', $sSuNew );
        }
    }

    public function setRecipient()
    {
        $sRe = oxSession::getVar( 're' );
        if ( !$sRe && ( $sReNew = oxConfig::getParameter( 're' ) ) ) {
            oxSession::setVar( 're', $sReNew );
        }
    }
}