OXID eShop CE  4.8.12
 All Classes Files Functions Variables Pages
oxuser.php
Go to the documentation of this file.
1 <?php
2 
9 class oxUser extends oxBase
10 {
15  protected $_blDisableShopCheck = true;
16 
21  protected $_oNewsSubscription = null;
22 
27  protected $_sClassName = 'oxuser';
28 
34  protected $_aBaskets = array();
35 
41  protected $_oGroups;
42 
48  protected $_aAddresses = array();
49 
55  protected $_oPayments;
56 
62  protected $_oRecommList;
63 
69  protected $_blMallUsers = false;
70 
76  protected static $_aUserCookie = array();
77 
83  protected $_iCntNoticeListArticles = null;
84 
90  protected $_iCntWishListArticles = null;
91 
97  protected $_iCntRecommLists = null;
98 
104  protected $_sUpdateKey = null;
105 
111  protected $_blLoadedFromCookie = null;
112 
118  protected $_sSelAddressId = null;
119 
125  protected $_oSelAddress = null;
126 
132  protected $_sWishId = null;
133 
139  protected $_oUserCountryTitle = null;
140 
146  public function __construct()
147  {
148  $this->setMallUsersStatus( $this->getConfig()->getConfigParam( 'blMallUsers' ) );
149 
151  $this->init( 'oxuser' );
152  }
153 
161  public function setMallUsersStatus( $blOn = false )
162  {
163  $this->_blMallUsers = $blOn;
164  }
165 
173  public function __get( $sParamName )
174  {
175  // it saves memory using - loads data only if it is used
176  switch ( $sParamName ) {
177  case 'oGroups':
178  return $this->_oGroups = $this->getUserGroups();
179  break;
180  case 'iCntNoticeListArticles':
181  return $this->_iCntNoticeListArticles = $this->getNoticeListArtCnt();
182  break;
183  case 'iCntWishListArticles':
184  return $this->_iCntWishListArticles = $this->getWishListArtCnt();
185  break;
186  case 'iCntRecommLists':
187  return $this->_iCntRecommLists = $this->getRecommListsCount();
188  break;
189  case 'oAddresses':
190  return $this->getUserAddresses();
191  break;
192  case 'oPayments':
193  return $this->_oPayments = $this->getUserPayments();
194  break;
195  case 'oxuser__oxcountry':
196  return $this->oxuser__oxcountry = $this->getUserCountry();
197  break;
198  case 'sDBOptin':
199  return $this->sDBOptin = $this->getNewsSubscription()->getOptInStatus();
200  break;
201  case 'sEmailFailed':
202  return $this->sEmailFailed = $this->getNewsSubscription()->getOptInEmailStatus();
203  break;
204  }
205  }
206 
212  public function getNewsSubscription()
213  {
214  if ( $this->_oNewsSubscription !== null ) {
216  }
217 
218  $this->_oNewsSubscription = oxNew( 'oxnewssubscribed' );
219 
220  // if subscription object is not set yet - we should create one
221  if ( !$this->_oNewsSubscription->loadFromUserId( $this->getId() ) ) {
222  if ( !$this->_oNewsSubscription->loadFromEmail( $this->oxuser__oxusername->value ) ) {
223 
224  // no subscription defined yet - creating one
225  $this->_oNewsSubscription->oxnewssubscribed__oxuserid = new oxField($this->getId(), oxField::T_RAW);
226  $this->_oNewsSubscription->oxnewssubscribed__oxemail = new oxField($this->oxuser__oxusername->value, oxField::T_RAW);
227  $this->_oNewsSubscription->oxnewssubscribed__oxsal = new oxField($this->oxuser__oxsal->value, oxField::T_RAW);
228  $this->_oNewsSubscription->oxnewssubscribed__oxfname = new oxField($this->oxuser__oxfname->value, oxField::T_RAW);
229  $this->_oNewsSubscription->oxnewssubscribed__oxlname = new oxField($this->oxuser__oxlname->value, oxField::T_RAW);
230  }
231  }
232 
234  }
235 
245  public function getUserCountry( $sCountryId = null, $iLang = null )
246  {
247  if ( $this->_oUserCountryTitle == null || $sCountryId ) {
248  $sId = $sCountryId ? $sCountryId : $this->oxuser__oxcountryid->value;
249  $oDb = oxDb::getDb();
250  $sViewName = getViewName( 'oxcountry', $iLang );
251  $sQ = "select oxtitle from {$sViewName} where oxid = " . $oDb->quote( $sId ) . " ";
252  $oCountry = new oxField( $oDb->getOne( $sQ ), oxField::T_RAW);
253  if ( !$sCountryId ) {
254  $this->_oUserCountryTitle = $oCountry;
255  }
256  } else {
258  }
259 
260  return $oCountry;
261  }
262 
270  public function getUserCountryId( $sCountry = null )
271  {
272  $oDb = oxDb::getDb();
273  $sQ = "select oxid from ".getviewName( "oxcountry" )." where oxactive = '1' and oxisoalpha2 = " . $oDb->quote( $sCountry ) . " ";
274  $sCountryId = $oDb->getOne( $sQ );
275 
276  return $sCountryId;
277  }
278 
286  public function getUserGroups( $sOXID = null )
287  {
288 
289  if ( isset( $this->_oGroups ) ) {
290  return $this->_oGroups;
291  }
292 
293  if ( !$sOXID ) {
294  $sOXID = $this->getId();
295  }
296 
297  $sViewName = getViewName( "oxgroups" );
298  $this->_oGroups = oxNew( 'oxlist', 'oxgroups' );
299  $sSelect = "select {$sViewName}.* from {$sViewName} left join oxobject2group on oxobject2group.oxgroupsid = {$sViewName}.oxid
300  where oxobject2group.oxobjectid = " . oxDb::getDb()->quote( $sOXID );
301  $this->_oGroups->selectString( $sSelect );
302  return $this->_oGroups;
303  }
304 
312  public function getUserAddresses( $sUserId = null )
313  {
314  $sUserId = isset( $sUserId ) ? $sUserId : $this->getId();
315  if ( !isset( $this->_aAddresses[$sUserId] ) ) {
316  $sSelect = "select * from oxaddress where oxaddress.oxuserid = " . oxDb::getDb()->quote( $sUserId );
317 
318  //P
319  $this->_aAddresses[$sUserId] = oxNew( "oxlist" );
320  $this->_aAddresses[$sUserId]->init( "oxaddress" );
321  $this->_aAddresses[$sUserId]->selectString( $sSelect );
322 
323  // marking selected
324  if ( $sAddressId = $this->getSelectedAddressId() ) {
325  foreach ( $this->_aAddresses[$sUserId] as $oAddress ) {
326  if ( $oAddress->getId() === $sAddressId ) {
327  $oAddress->setSelected();
328  break;
329  }
330  }
331  }
332  }
333  return $this->_aAddresses[$sUserId];
334  }
335 
343  public function setSelectedAddressId( $sAddressId )
344  {
345  $this->_sSelAddressId = $sAddressId;
346  }
347 
353  public function getSelectedAddressId()
354  {
355  if ( $this->_sSelAddressId !== null ) {
356  return $this->_sSelAddressId;
357  }
358 
359  $sAddressId = oxConfig::getParameter( "oxaddressid");
360  if ( !$sAddressId && !oxConfig::getParameter( 'reloadaddress' ) ) {
361  $sAddressId = oxSession::getVar( "deladrid" );
362  }
363  return $sAddressId;
364  }
365 
371  protected function _getWishListId()
372  {
373  $this->_sWishId = null;
374  // check if we have to set it here
375  $oBasket = $this->getSession()->getBasket();
376  foreach ( $oBasket->getContents() as $oBasketItem ) {
377  if ( $this->_sWishId = $oBasketItem->getWishId() ) {
378  // stop on first found
379  break;
380  }
381  }
382  return $this->_sWishId;
383  }
384 
393  public function getSelectedAddress( $sWishId = false )
394  {
395  if ( $this->_oSelAddress !== null ) {
396  return $this->_oSelAddress;
397  }
398 
399  $oSelectedAddress = null;
400  $oAddresses = $this->getUserAddresses();
401  if ( $oAddresses->count() ) {
402  if ( $sAddressId = $this->getSelectedAddressId() ) {
403  foreach ( $oAddresses as $oAddress ) {
404  if ( $oAddress->getId() == $sAddressId ) {
405  $oAddress->selected = 1;
406  $oAddress->setSelected();
407  $oSelectedAddress = $oAddress;
408  break;
409  }
410  }
411  }
412 
413  // in case none is set - setting first one
414  if ( !$oSelectedAddress ) {
415  if ( !$sAddressId || $sAddressId >= 0 ) {
416  $oAddresses->rewind();
417  $oAddress = $oAddresses->current();
418  } else {
419  $aAddresses = $oAddresses->getArray();
420  $oAddress = array_pop( $aAddresses );
421  }
422  $oAddress->selected = 1;
423  $oAddress->setSelected();
424  $oSelectedAddress = $oAddress;
425  }
426  }
427  $this->_oSelAddress = $oSelectedAddress;
428  return $oSelectedAddress;
429  }
430 
438  public function getUserPayments( $sOXID = null )
439  {
440  if ( $this->_oPayments === null ) {
441 
442  if ( !$sOXID ) {
443  $sOXID = $this->getId();
444  }
445 
446  $sSelect = 'select * from oxuserpayments where oxuserid = ' . oxDb::getDb()->quote( $sOXID ) . ' ';
447 
448  $this->_oPayments = oxNew( 'oxlist' );
449  $this->_oPayments->init( 'oxUserPayment' );
450  $this->_oPayments->selectString( $sSelect );
451 
452  $myUtils = oxRegistry::getUtils();
453  foreach ( $this->_oPayments as $oPayment ) {
454  // add custom fields to this class
455  $oPayment = $myUtils->assignValuesFromText( $val->oxuserpayments__oxvalue->value );
456  }
457  }
458 
459  return $this->_oPayments;
460  }
461 
467  public function save()
468  {
470 
471  $blAddRemark = false;
472  if ( $this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1 ) {
473  $blAddRemark = true;
474  //save oxregister value
475  $this->oxuser__oxregister = new oxField(date( 'Y-m-d H:i:s' ), oxField::T_RAW);
476  }
477 
478  // setting user rights
479  $this->oxuser__oxrights = new oxField($this->_getUserRights(), oxField::T_RAW);
480 
481  // processing birth date which came from output as array
482  if ( is_array( $this->oxuser__oxbirthdate->value ) ) {
483  $this->oxuser__oxbirthdate = new oxField($this->convertBirthday( $this->oxuser__oxbirthdate->value ), oxField::T_RAW);
484  }
485 
486  // checking if user Facebook ID should be updated
487  if ( $myConfig->getConfigParam( "bl_showFbConnect" ) ) {
488  $oFb = oxRegistry::get("oxFb");
489  if ( $oFb->isConnected() && $oFb->getUser() ) {
490  $this->oxuser__oxfbid = new oxField( $oFb->getUser() );
491  }
492  }
493 
494  $blRet = parent::save();
495 
496  //add registered remark
497  if ( $blAddRemark && $blRet ) {
498  $oRemark = oxNew( 'oxremark' );
499  $oRemark->oxremark__oxtext = new oxField(oxRegistry::getLang()->translateString( 'usrRegistered', null, true ), oxField::T_RAW);
500  $oRemark->oxremark__oxtype = new oxField('r', oxField::T_RAW);
501  $oRemark->oxremark__oxparentid = new oxField($this->getId(), oxField::T_RAW);
502  $oRemark->save();
503  }
504 
505  return $blRet;
506  }
507 
513  public function allowDerivedUpdate()
514  {
515  return true;
516  }
517 
525  public function inGroup( $sGroupID )
526  {
527  $blIn = false;
528  if ( ( $oGroups = $this->getUserGroups() ) ) {
529  $blIn = isset( $oGroups[ $sGroupID ] );
530  }
531 
532  return $blIn;
533  }
534 
543  public function delete( $sOXID = null )
544  {
545 
546  if ( !$sOXID ) {
547  $sOXID = $this->getId();
548  }
549  if ( !$sOXID ) {
550  return false;
551  }
552 
553  $blDeleted = parent::delete( $sOXID );
554 
555  if ( $blDeleted ) {
556  $oDb = oxDb::getDb();
557  $sOXIDQuoted = $oDb->quote($sOXID);
558 
559  // deleting stored payment, address, group dependencies, remarks info
560  $rs = $oDb->execute( "delete from oxaddress where oxaddress.oxuserid = {$sOXIDQuoted}" );
561  $rs = $oDb->execute( "delete from oxobject2group where oxobject2group.oxobjectid = {$sOXIDQuoted}" );
562 
563  // deleting notice/wish lists
564  $rs = $oDb->execute( "delete oxuserbasketitems.* from oxuserbasketitems, oxuserbaskets where oxuserbasketitems.oxbasketid = oxuserbaskets.oxid and oxuserid = {$sOXIDQuoted}" );
565  $rs = $oDb->execute( "delete from oxuserbaskets where oxuserid = {$sOXIDQuoted}" );
566 
567  // deleting newsletter subscription
568  $rs = $oDb->execute( "delete from oxnewssubscribed where oxuserid = {$sOXIDQuoted}" );
569 
570  // delivery and delivery sets
571  $rs = $oDb->execute( "delete from oxobject2delivery where oxobjectid = {$sOXIDQuoted}");
572 
573  // discounts
574  $rs = $oDb->execute( "delete from oxobject2discount where oxobjectid = {$sOXIDQuoted}");
575 
576 
577  // and leaving all order related information
578  $rs = $oDb->execute( "delete from oxremark where oxparentid = {$sOXIDQuoted} and oxtype !='o'" );
579 
580  $blDeleted = $rs->EOF;
581  }
582 
583  return $blDeleted;
584  }
585 
593  public function load( $oxID )
594  {
595 
596  $blRet = parent::load( $oxID );
597 
598  // convert date's to international format
599  if ( isset( $this->oxuser__oxcreate->value ) ) {
600  $this->oxuser__oxcreate->setValue(oxRegistry::get("oxUtilsDate")->formatDBDate( $this->oxuser__oxcreate->value ));
601  }
602 
603  // change newsSubcription user id
604  if ( isset($this->_oNewsSubscription) ) {
605  $this->_oNewsSubscription->oxnewssubscribed__oxuserid = new oxField( $oxID, oxField::T_RAW);
606  }
607 
608  return $blRet;
609  }
610 
618  public function exists( $sOXID = null )
619  {
620  if (!$sOXID) {
621  $sOXID = $this->getId();
622  }
623  //#5901 if physical record exists return true unconditionally
624  if (parent::exists($sOXID)) {
625  $this->setId($sOXID);
626  return true;
627  }
628 
629  //additional username check
630  //This part is used by not yet saved user object, to detect the case when such username exists in db.
631  //Basically it is called when anonymous visitor enters existing username for newsletter subscription
632  //see Newsletter::send()
633  //TODO: transfer this validation to newsletter part
634  $sShopSelect = '';
635  if (!$this->_blMallUsers && $this->oxuser__oxrights->value != 'malladmin') {
636  $sShopSelect = ' AND oxshopid = "' . $this->getConfig()->getShopId() . '" ';
637  }
638  $oDb = oxDb::getDb();
639  $sSelect = 'SELECT oxid FROM ' . $this->getViewName() . '
640  WHERE ( oxusername = ' . $oDb->quote($this->oxuser__oxusername->value) . ' ) ';
641  $sSelect .= $sShopSelect;
642 
643  if (($sOxid = $oDb->getOne($sSelect, false, false))) {
644  // update - set oxid
645  $this->setId($sOxid);
646 
647  return true;
648  }
649  return false;
650  }
651 
660  public function getOrders( $iLimit = false, $iPage = 0 )
661  {
662  $oOrders = oxNew( 'oxlist' );
663  $oOrders->init( 'oxorder' );
664 
665  if ( $iLimit !== false ) {
666  $oOrders->setSqlLimit( $iLimit * $iPage, $iLimit );
667  }
668 
669  //P
670  // Lists does not support loading from two tables, so orders
671  // articles now are loaded in account_order.php view and no need to use blLoadProdInfo
672  // forcing to load product info which is used in templates
673  // $oOrders->aSetBeforeAssign['blLoadProdInfo'] = true;
674 
675  //loading order for registered user
676  if ( $this->oxuser__oxregister->value > 1 ) {
677  $oDb = oxDb::getDb();
678  $sQ = 'select * from oxorder where oxuserid = '.$oDb->quote( $this->getId() ).' and oxorderdate >= ' . $oDb->quote( $this->oxuser__oxregister->value ) . ' ';
679 
680  //#1546 - shopid check added, if it is not multishop
681 
682  $sQ .= ' order by oxorderdate desc ';
683  $oOrders->selectString( $sQ );
684  }
685 
686  return $oOrders;
687  }
688 
694  public function getOrderCount()
695  {
696  $iCnt = 0;
697  if ( $this->getId() && $this->oxuser__oxregister->value > 1 ) {
698  $oDb = oxDb::getDb();
699  $sQ = 'select count(*) from oxorder where oxuserid = '.$oDb->quote( $this->getId() ).' AND oxorderdate >= ' . $oDb->quote( $this->oxuser__oxregister->value) . ' and oxshopid = "'.$this->getConfig()->getShopId().'" ';
700  $iCnt = (int) $oDb->getOne( $sQ );
701  }
702 
703  return $iCnt;
704  }
705 
711  public function getNoticeListArtCnt()
712  {
713  if ( $this->_iCntNoticeListArticles === null ) {
714  $this->_iCntNoticeListArticles = 0;
715  if ( $this->getId() ) {
716  $this->_iCntNoticeListArticles = $this->getBasket( 'noticelist' )->getItemCount();
717  }
718  }
720  }
721 
727  public function getWishListArtCnt()
728  {
729  if ( $this->_iCntWishListArticles === null ) {
730  $this->_iCntWishListArticles = false;
731  if ( $this->getId() ) {
732  $this->_iCntWishListArticles = $this->getBasket( 'wishlist' )->getItemCount();
733  }
734  }
736  }
737 
743  public function getEncodedDeliveryAddress()
744  {
745  return md5($this->_getMergedAddressFields());
746  }
747 
754  public function getActiveCountry()
755  {
756  $sDeliveryCountry = '';
757  $soxAddressId = oxSession::getVar( 'deladrid' );
758  if ( $soxAddressId ) {
759  $oDelAddress = oxNew( 'oxaddress' );
760  $oDelAddress->load( $soxAddressId );
761  $sDeliveryCountry = $oDelAddress->oxaddress__oxcountryid->value;
762  } elseif ( $this->getId() ) {
763  $sDeliveryCountry = $this->oxuser__oxcountryid->value;
764  } else {
765  $oUser = oxNew( 'oxuser' );
766  if ( $oUser->loadActiveUser() ) {
767  $sDeliveryCountry = $oUser->oxuser__oxcountryid->value;
768  }
769  }
770 
771  return $sDeliveryCountry;
772  }
773 
781  public function createUser()
782  {
783  $oDb = oxDb::getDb();
784  $sShopID = $this->getConfig()->getShopId();
785 
786  // check if user exists AND there is no password - in this case we update otherwise we try to insert
787  $sSelect = "select oxid from oxuser where oxusername = " . $oDb->quote( $this->oxuser__oxusername->value ) . " and oxpassword = '' ";
788  if ( !$this->_blMallUsers ) {
789  $sSelect .= " and oxshopid = '{$sShopID}' ";
790  }
791  $sOXID = $oDb->getOne( $sSelect, false, false );
792 
793  // user without password found - lets use
794  if ( isset( $sOXID ) && $sOXID ) {
795  // try to update
796  $this->delete( $sOXID );
797  } elseif ( $this->_blMallUsers ) {
798  // must be sure if there is no dublicate user
799  $sQ = "select oxid from oxuser where oxusername = " . $oDb->quote( $this->oxuser__oxusername->value ) . " and oxusername != '' ";
800  if ( $oDb->getOne( $sQ, false, false ) ) {
801  $oEx = oxNew( 'oxUserException' );
802  $oLang = oxRegistry::getLang();
803  $oEx->setMessage( sprintf( $oLang->translateString( 'ERROR_MESSAGE_USER_USEREXISTS', $oLang->getTplLanguage() ), $this->oxuser__oxusername->value ) );
804  throw $oEx;
805  }
806  }
807 
808  $this->oxuser__oxshopid = new oxField( $sShopID, oxField::T_RAW );
809  if ( ( $blOK = $this->save() ) ) {
810  // dropping/cleaning old delivery address/payment info
811  $oDb->execute( "delete from oxaddress where oxaddress.oxuserid = " . $oDb->quote( $this->oxuser__oxid->value ) . " " );
812  $oDb->execute( "update oxuserpayments set oxuserpayments.oxuserid = " . $oDb->quote( $this->oxuser__oxusername->value ) . " where oxuserpayments.oxuserid = " . $oDb->quote( $this->oxuser__oxid->value ) . " " );
813  } else {
814  $oEx = oxNew( 'oxUserException' );
815  $oEx->setMessage( 'EXCEPTION_USER_USERCREATIONFAILED' );
816  throw $oEx;
817  }
818 
819  return $blOK;
820  }
821 
829  public function addToGroup( $sGroupID )
830  {
831  if ( !$this->inGroup( $sGroupID ) ) {
832  // create oxgroup object
833  $oGroup = oxNew('oxGroups');
834  if ( $oGroup->load($sGroupID) ) {
835  $oNewGroup = oxNew( 'oxobject2group' );
836  $oNewGroup->oxobject2group__oxobjectid = new oxField( $this->getId(), oxField::T_RAW );
837  $oNewGroup->oxobject2group__oxgroupsid = new oxField( $sGroupID, oxField::T_RAW );
838  if ( $oNewGroup->save() ) {
839  $this->_oGroups[$sGroupID] = $oGroup;
840  return true;
841  }
842  }
843  }
844  return false;
845  }
846 
854  public function removeFromGroup( $sGroupID = null )
855  {
856  if ( $sGroupID != null && $this->inGroup( $sGroupID ) ) {
857  $oGroups = oxNew( 'oxlist' );
858  $oGroups->init( 'oxobject2group' );
859  $sSelect = 'select * from oxobject2group where oxobject2group.oxobjectid = "'.$this->getId().'" and oxobject2group.oxgroupsid = "'.$sGroupID.'" ';
860  $oGroups->selectString( $sSelect );
861  foreach ( $oGroups as $oRemgroup ) {
862  if ( $oRemgroup->delete() ) {
863  unset( $this->_oGroups[$oRemgroup->oxobject2group__oxgroupsid->value] );
864  }
865  }
866  }
867  }
868 
877  public function onOrderExecute( $oBasket, $iSuccess )
878  {
879 
880  if ( is_numeric( $iSuccess ) && $iSuccess != 2 && $iSuccess <= 3 ) {
881  //adding user to particular customer groups
882  if ( !$this->oxuser__oxdisableautogrp->value ) {
883 
884  $myConfig = $this->getConfig();
885  $dMidlleCustPrice = (float) $myConfig->getConfigParam( 'sMidlleCustPrice' );
886  $dLargeCustPrice = (float) $myConfig->getConfigParam( 'sLargeCustPrice' );
887 
888  $this->addToGroup( 'oxidcustomer' );
889  $dBasketPrice = $oBasket->getPrice()->getBruttoPrice();
890  if ( $dBasketPrice < $dMidlleCustPrice ) {
891  $this->addToGroup( 'oxidsmallcust' );
892  }
893  if ( $dBasketPrice >= $dMidlleCustPrice && $dBasketPrice < $dLargeCustPrice ) {
894  $this->addToGroup( 'oxidmiddlecust' );
895  }
896  if ( $dBasketPrice >= $dLargeCustPrice ) {
897  $this->addToGroup( 'oxidgoodcust' );
898  }
899  }
900 
901  if ( $this->inGroup( 'oxidnotyetordered' ) ) {
902  $this->removeFromGroup( 'oxidnotyetordered' );
903  }
904  }
905  }
906 
914  public function getBasket( $sName )
915  {
916  if ( !isset( $this->_aBaskets[$sName] ) ) {
917  $oBasket = oxNew( 'oxuserbasket' );
918  $aWhere = array( 'oxuserbaskets.oxuserid' => $this->getId(), 'oxuserbaskets.oxtitle' => $sName );
919 
920  // creating if it does not exist
921  if ( !$oBasket->assignRecord( $oBasket->buildSelectString( $aWhere ) ) ) {
922  $oBasket->oxuserbaskets__oxtitle = new oxField($sName);
923  $oBasket->oxuserbaskets__oxuserid = new oxField($this->getId());
924 
925  // marking basket as new (it will not be saved in DB yet)
926  $oBasket->setIsNewBasket();
927  }
928 
929  $this->_aBaskets[$sName] = $oBasket;
930  }
931 
932  return $this->_aBaskets[$sName];
933  }
934 
943  public function convertBirthday( $aData )
944  {
945 
946  // preparing data to process
947  $iYear = isset($aData['year'])?((int) $aData['year']):false;
948  $iMonth = isset($aData['month'])?((int) $aData['month']):false;
949  $iDay = isset($aData['day'])?((int) $aData['day']):false;
950 
951  // leaving empty if not set
952  if ( !$iYear && !$iMonth && !$iDay )
953  return "";
954 
955  // year
956  if ( !$iYear || $iYear < 1000 || $iYear > 9999)
957  $iYear = date('Y');
958 
959  // month
960  if ( !$iMonth || $iMonth < 1 || $iMonth > 12)
961  $iMonth = 1;
962 
963  // maximum nuber of days in month
964  $iMaxDays = 31;
965  switch( $iMonth) {
966  case 2 :
967  if ($iMaxDays > 28)
968  $iMaxDays = ($iYear % 4 == 0 && ($iYear % 100 != 0 || $iYear % 400 == 0)) ? 29 : 28;
969  break;
970  case 4 :
971  case 6 :
972  case 9 :
973  case 11 :
974  $iMaxDays = min(30, $iMaxDays);
975  break;
976  }
977 
978  // day
979  if ( !$iDay || $iDay < 1 || $iDay > $iMaxDays) {
980  $iDay = 1;
981  }
982 
983  // whole date
984  return sprintf("%04d-%02d-%02d", $iYear, $iMonth, $iDay);
985  }
986 
992  public function getBoni()
993  {
994  if ( ! $iBoni = $this->getConfig()->getConfigParam( 'iCreditRating' ) ) {
995  $iBoni = 1000;
996  }
997 
998  return $iBoni;
999  }
1000 
1013  public function addDynGroup( $sDynGoup, $aDeniedDynGroups )
1014  {
1015  // preparing input
1016  $sDynGoup = strtolower( trim( $sDynGoup ) );
1017 
1018  // setting denied groups from admin settings also
1019  $aDisabledDynGroups = array_merge( array( 'oxidadmin' ), (array) $aDeniedDynGroups );
1020 
1021  // default state ..
1022  $blAdd = false;
1023 
1024  // user assignment to dyn group is not allowed
1025  if ( $this->oxuser__oxdisableautogrp->value || !$sDynGoup ) {
1026  $blAdd = false;
1027  } elseif ( in_array( $sDynGoup, $aDisabledDynGroups ) ) {
1028  // trying to add user to prohibited user group?
1029  $blAdd = false;
1030  } elseif ( $this->addToGroup( $sDynGoup ) ) {
1031  $blAdd = true;
1032  }
1033 
1034  // cleanup
1035  oxSession::deleteVar( 'dgr' );
1036 
1037  return $blAdd;
1038  }
1039 
1058  public function checkValues( $sLogin, $sPassword, $sPassword2, $aInvAddress, $aDelAddress )
1059  {
1060  // 1. checking user name
1061  $sLogin = $this->_checkLogin( $sLogin, $aInvAddress );
1062 
1063  // 2. cheking email
1064  $this->_checkEmail( $sLogin );
1065 
1066  // 3. password
1067  $this->checkPassword( $sPassword, $sPassword2, ((int) oxConfig::getParameter( 'option' ) == 3) );
1068 
1069  // 4. required fields
1070  $this->_checkRequiredFields( $aInvAddress, $aDelAddress );
1071 
1072  // 5. country check
1073  $this->_checkCountries( $aInvAddress, $aDelAddress );
1074 
1075  // 6. vat id check.
1076  $this->_checkVatId( $aInvAddress );
1077 
1078 
1079  // throwing first validation error
1080  if ( $oError = oxRegistry::get("oxInputValidator")->getFirstValidationError() ) {
1081  throw $oError;
1082  }
1083  }
1084 
1094  public function setNewsSubscription( $blSubscribe, $blSendOptIn, $blForceCheckOptIn = false )
1095  {
1096  // assigning to newsletter
1097  $blSuccess = false;
1098  $myConfig = $this->getConfig();
1099  $mySession = $this->getSession();
1100 
1101  // user wants to get newsletter messages or no ?
1102  $oNewsSubscription = $this->getNewsSubscription();
1103  if ( $oNewsSubscription ) {
1104  if ( $blSubscribe && ($blForceCheckOptIn || ( $iOptInStatus = $oNewsSubscription->getOptInStatus() ) != 1) ) {
1105  if ( !$blSendOptIn ) {
1106 
1107  // double-opt-in check is disabled - assigning automatically
1108  $this->addToGroup( 'oxidnewsletter' );
1109  // and setting subscribed status
1110  $oNewsSubscription->setOptInStatus( 1 );
1111  $blSuccess = true;
1112  } else {
1113 
1114  // double-opt-in check enabled - sending confirmation email and setting waiting status
1115  if ( $iOptInStatus != 2 ) {
1116  // sending double-opt-in mail
1117  $oEmail = oxNew( 'oxemail' );
1118  $blSuccess = $oEmail->sendNewsletterDbOptInMail( $this );
1119  } else {
1120  // mail already was sent, so just confirming that
1121  $blSuccess = true;
1122  }
1123 
1124  $oNewsSubscription->setOptInStatus( 2 );
1125  }
1126  } elseif ( !$blSubscribe ) {
1127  // removing user from newsletter subscribers
1128  $this->removeFromGroup( 'oxidnewsletter' );
1129  $oNewsSubscription->setOptInStatus( 0 );
1130  $blSuccess = true;
1131  }
1132  }
1133 
1134  return $blSuccess;
1135  }
1136 
1154  public function changeUserData( $sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress )
1155  {
1156 
1157  // validating values before saving. If validation fails - exception is thrown
1158  $this->checkValues( $sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress );
1159  // input data is fine - lets save updated user info
1160 
1161 
1162 
1163  $this->assign( $aInvAddress );
1164 
1165 
1166 
1167 
1168 
1169  // update old or add new delivery address
1170  $this->_assignAddress( $aDelAddress );
1171 
1172 
1173 
1174 
1175  // saving new values
1176  if ( $this->save() ) {
1177 
1178  // assigning automatically to specific groups
1179  $sCountryId = isset( $aInvAddress['oxuser__oxcountryid'] )?$aInvAddress['oxuser__oxcountryid']:'';
1180  $this->_setAutoGroups( $sCountryId );
1181  }
1182  }
1183 
1189  protected function _getMergedAddressFields()
1190  {
1191  $sDelAddress = '';
1192  $sDelAddress .= $this->oxuser__oxcompany;
1193  $sDelAddress .= $this->oxuser__oxusername;
1194  $sDelAddress .= $this->oxuser__oxfname;
1195  $sDelAddress .= $this->oxuser__oxlname;
1196  $sDelAddress .= $this->oxuser__oxstreet;
1197  $sDelAddress .= $this->oxuser__oxstreetnr;
1198  $sDelAddress .= $this->oxuser__oxaddinfo;
1199  $sDelAddress .= $this->oxuser__oxustid;
1200  $sDelAddress .= $this->oxuser__oxcity;
1201  $sDelAddress .= $this->oxuser__oxcountryid;
1202  $sDelAddress .= $this->oxuser__oxstateid;
1203  $sDelAddress .= $this->oxuser__oxzip;
1204  $sDelAddress .= $this->oxuser__oxfon;
1205  $sDelAddress .= $this->oxuser__oxfax;
1206  $sDelAddress .= $this->oxuser__oxsal;
1207 
1208  return $sDelAddress;
1209  }
1210 
1218  protected function _assignAddress( $aDelAddress )
1219  {
1220  if ( is_array( $aDelAddress ) && count( $aDelAddress ) ) {
1221 
1222  $sAddressId = $this->getConfig()->getRequestParameter( 'oxaddressid' );
1223  $sAddressId = ( $sAddressId === null || $sAddressId == -1 || $sAddressId == -2 ) ? null : $sAddressId;
1224 
1225  $oAddress = oxNew( 'oxaddress' );
1226  $oAddress->setId( $sAddressId );
1227  $oAddress->load( $sAddressId );
1228  $oAddress->assign( $aDelAddress );
1229  $oAddress->oxaddress__oxuserid = new oxField( $this->getId(), oxField::T_RAW );
1230  $oAddress->oxaddress__oxcountry = $this->getUserCountry( $oAddress->oxaddress__oxcountryid->value );
1231  $oAddress->save();
1232 
1233  // resetting addresses
1234  $this->_aAddresses = null;
1235 
1236  // saving delivery Address for later use
1237  oxSession::setVar( 'deladrid', $oAddress->getId() );
1238  } else {
1239  // resetting
1240  oxSession::setVar( 'deladrid', null );
1241  }
1242  }
1243 
1254  protected function _getLegacyLoginQuery( $sUser, $sPassword, $sShopID, $blAdmin )
1255  {
1256  $myConfig = $this->getConfig();
1257  $oDb = oxDb::getDb();
1258 
1259  $sUserSelect = is_numeric( $sUser ) ? "oxuser.oxcustnr = {$sUser} " : "oxuser.oxusername = " . $oDb->quote( $sUser );
1260  $sPassSelect = " oxuser.oxpassword = BINARY MD5( CONCAT( ".$oDb->quote( $sPassword ).", UNHEX( oxuser.oxpasssalt ) ) ) ";
1261  $sShopSelect = "";
1262 
1263 
1264  // admin view: can only login with higher than 'user' rights
1265  if ( $blAdmin ) {
1266  $sShopSelect = " and ( oxrights != 'user' ) ";
1267  }
1268 
1269  $sSelect = "select `oxid` from oxuser where oxuser.oxactive = 1 and {$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
1270 
1271 
1272  return $sSelect;
1273  }
1274 
1287  protected function _getLoginQuery( $sUser, $sPassword, $sShopID, $blAdmin )
1288  {
1289  $myConfig = $this->getConfig();
1290  $oDb = oxDb::getDb();
1291 
1292  $sUserSelect = is_numeric( $sUser ) ? "oxuser.oxcustnr = {$sUser} " : "oxuser.oxusername = " . $oDb->quote( $sUser );
1293 
1294  $sShopSelect = "";
1295 
1296  // admin view: can only login with higher than 'user' rights
1297  if ($blAdmin) {
1298  $sShopSelect = " and ( oxrights != 'user' ) ";
1299  }
1300 
1301  $sSalt = $oDb->getOne("SELECT `oxpasssalt` FROM `oxuser` WHERE " . $sUserSelect . $sShopSelect);
1302 
1303  $sPassSelect = " oxuser.oxpassword = " . $oDb->quote($this->encodePassword($sPassword, $sSalt));
1304 
1305  $sSelect = "select `oxid` from oxuser where oxuser.oxactive = 1 and {$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
1306 
1307 
1308  return $sSelect;
1309  }
1310 
1320  protected function _getShopSelect( $myConfig, $sShopID, $blAdmin )
1321  {
1322  $sShopSelect = "";
1323  // admin view: can only login with higher than 'user' rights
1324  if ( $blAdmin ) {
1325  $sShopSelect = " and ( oxrights != 'user' ) ";
1326  }
1327 
1328  return $sShopSelect;
1329  }
1337  protected function _loadSavedUserBasketAfterLogin()
1338  {
1339  if ( !$this->isAdmin() && !$this->getConfig()->getConfigParam( 'blPerfNoBasketSaving' )) {
1340  //load basket from the database
1341  try {
1342  if ( $oBasket = $this->getSession()->getBasket() ) {
1343  $oBasket->load();
1344  }
1345  } catch ( Exception $oE ) {
1346  //just ignore it
1347  }
1348  }
1349  }
1350 
1365  public function login( $sUser, $sPassword, $blCookie = false)
1366  {
1367  if ( $this->isAdmin() && !count( oxRegistry::get("oxUtilsServer")->getOxCookie() ) ) {
1369  $oEx = oxNew( 'oxCookieException' );
1370  $oEx->setMessage( 'ERROR_MESSAGE_COOKIE_NOCOOKIE' );
1371  throw $oEx;
1372  }
1373 
1374  $oConfig = $this->getConfig();
1375 
1376 
1377  if ( $sPassword ) {
1378 
1379  $sShopID = $oConfig->getShopId();
1380  $this->_dbLogin( $sUser, $sPassword, $sShopID );
1381 
1382  }
1383 
1384 
1385 
1386 
1387 
1388 
1389 
1390  //login successful?
1391  if ( $this->oxuser__oxid->value ) {
1392 
1393  // yes, successful login
1394 
1395  //resetting active user
1396  $this->setUser( null );
1397 
1398  if ( $this->isAdmin() ) {
1399  oxSession::setVar( 'auth', $this->oxuser__oxid->value );
1400  } else {
1401  oxSession::setVar( 'usr', $this->oxuser__oxid->value );
1402  }
1403 
1404  // cookie must be set ?
1405  if ( $blCookie && $oConfig->getConfigParam( 'blShowRememberMe' ) ) {
1406  oxRegistry::get("oxUtilsServer")->setUserCookie( $this->oxuser__oxusername->value, $this->oxuser__oxpassword->value, $oConfig->getShopId(), 31536000, $this->oxuser__oxpasssalt->value );
1407  }
1408 
1409  return true;
1410  } else {
1412  $oEx = oxNew( 'oxUserException' );
1413  $oEx->setMessage( 'ERROR_MESSAGE_USER_NOVALIDLOGIN' );
1414  throw $oEx;
1415  }
1416  }
1417 
1423  public function logout()
1424  {
1425  // deleting session info
1426  oxSession::deleteVar( 'usr' ); // for front end
1427  oxSession::deleteVar( 'auth' ); // for back end
1428  oxSession::deleteVar( 'dgr' );
1429  oxSession::deleteVar( 'dynvalue' );
1430  oxSession::deleteVar( 'paymentid' );
1431  // oxSession::deleteVar( 'deladrid' );
1432 
1433  // delete cookie
1434  oxRegistry::get("oxUtilsServer")->deleteUserCookie( $this->getConfig()->getShopID() );
1435 
1436  // unsetting global user
1437  $this->setUser( null );
1438 
1439  return true;
1440  }
1441 
1448  public function loadAdminUser()
1449  {
1450  return $this->loadActiveUser( true );
1451  }
1452 
1461  public function loadActiveUser( $blForceAdmin = false )
1462  {
1463  $oConfig = $this->getConfig();
1464 
1465  $blAdmin = $this->isAdmin() || $blForceAdmin;
1466 
1467  // first - checking session info
1468  $sUserID = $blAdmin ? oxRegistry::getSession()->getVariable( 'auth' ) : oxRegistry::getSession()->getVariable( 'usr' );
1469 
1470  // trying automatic login (by 'remember me' cookie)
1471  $blFoundInCookie = false;
1472  if ( !$sUserID && !$blAdmin && $oConfig->getConfigParam('blShowRememberMe') ) {
1473  $sUserID = $this->_getCookieUserId();
1474  $blFoundInCookie = $sUserID? true : false;
1475  }
1476 
1477  // If facebook connection is enabled, trying to login user using Facebook ID
1478  if ( !$sUserID && !$blAdmin && $oConfig->getConfigParam( "bl_showFbConnect") ) {
1479  $sUserID = $this->_getFacebookUserId();
1480  }
1481 
1482  // checking user results
1483  if ( $sUserID ) {
1484  if ( $this->load( $sUserID ) ) {
1485  // storing into session
1486  if ($blAdmin) {
1487  oxRegistry::getSession()->setVariable( 'auth', $sUserID );
1488  } else {
1489  oxRegistry::getSession()->setVariable( 'usr', $sUserID );
1490  }
1491 
1492  // marking the way user was loaded
1493  $this->_blLoadedFromCookie = $blFoundInCookie;
1494  return true;
1495  }
1496  } else {
1497  // no user
1498  if ($blAdmin) {
1499  oxRegistry::getSession()->deleteVariable( 'auth' );
1500  } else {
1501  oxRegistry::getSession()->deleteVariable( 'usr' );
1502  }
1503 
1504  return false;
1505  }
1506  }
1507 
1513  protected function _getFacebookUserId()
1514  {
1515  $oDb = oxDb::getDb();
1516  $oFb = oxRegistry::get("oxFb");
1517  $oConfig = $this->getConfig();
1518  if ( $oFb->isConnected() && $oFb->getUser() ) {
1519  $sUserSelect = "oxuser.oxfbid = " . $oDb->quote( $oFb->getUser() );
1520  $sShopSelect = "";
1521 
1522 
1523  $sSelect = "select oxid from oxuser where oxuser.oxactive = 1 and {$sUserSelect} {$sShopSelect} ";
1524  $sUserID = $oDb->getOne( $sSelect );
1525  }
1526  return $sUserID;
1527  }
1528 
1534  protected function _getCookieUserId()
1535  {
1536  $sUserID = null;
1537  $oConfig = $this->getConfig();
1538  $sShopID = $oConfig->getShopId();
1539  if ( ( $sSet = oxRegistry::get("oxUtilsServer")->getUserCookie( $sShopID ) ) ) {
1540  $oDb = oxDb::getDb();
1541  $aData = explode( '@@@', $sSet );
1542  $sUser = $aData[0];
1543  $sPWD = @$aData[1];
1544 
1545  $sSelect = 'select oxid, oxpassword, oxpasssalt from oxuser where oxuser.oxpassword != "" and oxuser.oxactive = 1 and oxuser.oxusername = '.$oDb->quote($sUser);
1546 
1547  $rs = $oDb->select( $sSelect );
1548  if ( $rs != false && $rs->recordCount() > 0 ) {
1549  while (!$rs->EOF) {
1550  $sTest = crypt( $rs->fields[1], $rs->fields[2] );
1551  if ( $sTest == $sPWD ) {
1552  // found
1553  $sUserID = $rs->fields[0];
1554  break;
1555  }
1556  $rs->moveNext();
1557  }
1558  }
1559  // if cookie info is not valid, remove it.
1560  if ( !$sUserID ) {
1561  oxRegistry::get('oxUtilsServer')->deleteUserCookie( $sShopID );
1562  }
1563  }
1564  return $sUserID;
1565  }
1566 
1579  protected function _ldapLogin( $sUser, $sPassword, $sShopID, $sShopSelect)
1580  {
1581  $aLDAPParams = $this->getConfig()->getConfigParam( 'aLDAPParams' );
1582  $oLDAP = oxNew( "oxLDAP", $aLDAPParams['HOST'], $aLDAPParams['PORT'] );
1583 
1584  // maybe this is LDAP user but supplied email Address instead of LDAP login
1585  $oDb = oxDb::getDb();
1586  $sLDAPKey = $oDb->getOne( "select oxldapkey from oxuser where oxuser.oxactive = 1 and oxuser.oxusername = ".$oDb->quote( $sUser )." $sShopSelect");
1587  if ( isset( $sLDAPKey) && $sLDAPKey) {
1588  $sUser = $sLDAPKey;
1589  }
1590 
1591  //$throws oxConnectionException
1592  $oLDAP->login( $sUser, $sPassword, $aLDAPParams['USERQUERY'], $aLDAPParams['BASEDN'], $aLDAPParams['FILTER'] );
1593 
1594  $aData = $oLDAP->mapData($aLDAPParams['DATAMAP']);
1595  if ( isset( $aData['OXUSERNAME']) && $aData['OXUSERNAME']) {
1596  // login successful
1597 
1598  // check if user is already in database
1599  $sSelect = "select oxid from oxuser where oxuser.oxusername = ".$oDb->quote( $aData['OXUSERNAME'] )." $sShopSelect";
1600  $sOXID = $oDb->getOne( $sSelect );
1601 
1602  if ( !isset( $sOXID ) || !$sOXID ) {
1603  // we need to create a new user
1604  //$oUser->oxuser__oxid->setValue($oUser->setId());
1605  $this->setId();
1606 
1607  // map all user data fields
1608  foreach ( $aData as $fldname => $value) {
1609  $sField = "oxuser__".strtolower( $fldname);
1610  $this->$sField = new oxField( $aData[$fldname] );
1611  }
1612 
1613  $this->oxuser__oxactive = new oxField( 1 );
1614  $this->oxuser__oxshopid = new oxField( $sShopID );
1615  $this->oxuser__oxldapkey = new oxField( $sUser );
1616  $this->oxuser__oxrights = new oxField( "user" );
1617  $this->setPassword( "ldap user" );
1618 
1619  $this->save();
1620  } else {
1621  // LDAP user is already in OXID DB, load it
1622  $this->load( $sOXID);
1623  }
1624 
1625  } else {
1626  $oEx = oxNew( 'oxUserException' );
1627  $oEx->setMessage('EXCEPTION_USER_NOVALUES');
1628  throw $oEx;
1629  }
1630  }
1631 
1638  protected function _getUserRights()
1639  {
1640  // previously user had no rights defined
1641  if ( !$this->oxuser__oxrights->value )
1642  return 'user';
1643 
1644  $oDb = oxDb::getDb();
1645  $myConfig = $this->getConfig();
1646  $sAuthRights = null;
1647 
1648  // choosing possible user rights index
1649  $sAuthUserID = $this->isAdmin()?oxSession::getVar( 'auth' ):null;
1650  $sAuthUserID = $sAuthUserID?$sAuthUserID:oxSession::getVar( 'usr' );
1651  if ( $sAuthUserID ) {
1652  $sAuthRights = $oDb->getOne( 'select oxrights from '.$this->getViewName().' where oxid='.$oDb->quote( $sAuthUserID ) );
1653  }
1654 
1655  //preventing user rights edit for non admin
1656  $aRights = array();
1657 
1658  // selecting current users rights ...
1659  if ( $sCurrRights = $oDb->getOne( 'select oxrights from '.$this->getViewName().' where oxid='.$oDb->quote( $this->getId() ) ) ) {
1660  $aRights[] = $sCurrRights;
1661  }
1662  $aRights[] = 'user';
1663 
1664  if ( !$sAuthRights || !( $sAuthRights == 'malladmin' || $sAuthRights == $myConfig->getShopId() ) ) {
1665  return current( $aRights );
1666  } elseif ( $sAuthRights == $myConfig->getShopId() ) {
1667  $aRights[] = $sAuthRights;
1668  if ( !in_array( $this->oxuser__oxrights->value, $aRights ) ) {
1669  return current( $aRights );
1670  }
1671  }
1672 
1673  // leaving as it was set ...
1674  return $this->oxuser__oxrights->value;
1675  }
1676 
1682  protected function _insert()
1683  {
1684 
1685  // set oxcreate date
1686  $this->oxuser__oxcreate = new oxField(date( 'Y-m-d H:i:s' ), oxField::T_RAW);
1687 
1688  if ( !isset( $this->oxuser__oxboni->value ) ) {
1689  $this->oxuser__oxboni = new oxField($this->getBoni(), oxField::T_RAW);
1690  }
1691 
1692  return parent::_insert();
1693  }
1694 
1700  protected function _update()
1701  {
1702  //V #M418: for not registered users, don't change boni during update
1703  if (!$this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1) {
1704  $this->_aSkipSaveFields[] = 'oxboni';
1705  }
1706 
1707  // don't change this field
1708  $this->_aSkipSaveFields[] = 'oxcreate';
1709  if ( !$this->isAdmin() ) {
1710  $this->_aSkipSaveFields[] = 'oxcustnr';
1711  $this->_aSkipSaveFields[] = 'oxrights';
1712  }
1713 
1714  // updating subscription information
1715  if ( ( $blUpdate = parent::_update() ) ) {
1716  $this->getNewsSubscription()->updateSubscription( $this );
1717  }
1718 
1719  return $blUpdate;
1720  }
1721 
1737  protected function _checkLogin( $sLogin, $aInvAddress )
1738  {
1739  $sLogin = ( isset( $aInvAddress['oxuser__oxusername'] ) )?$aInvAddress['oxuser__oxusername'] : $sLogin;
1740  oxRegistry::get("oxInputValidator")->checkLogin( $this, $sLogin, $aInvAddress );
1741  return $sLogin;
1742  }
1743 
1751  public function checkIfEmailExists( $sEmail )
1752  {
1753  $myConfig = $this->getConfig();
1754  $oDb = oxDb::getDb();
1755  $iShopId = $myConfig->getShopId();
1756  $blExists = false;
1757 
1758  $sQ = 'select oxshopid, oxrights, oxpassword from oxuser where oxusername = '. $oDb->quote( $sEmail );
1759  if ( ( $sOxid = $this->getId() ) ) {
1760  $sQ .= " and oxid <> ".$oDb->quote( $sOxid );
1761  }
1762  $oRs = $oDb->select( $sQ, false, false );
1763  if ( $oRs != false && $oRs->recordCount() > 0 ) {
1764 
1765  if ( $this->_blMallUsers ) {
1766 
1767  $blExists = true;
1768  if ( $oRs->fields[1] == 'user' && !$oRs->fields[2] ) {
1769 
1770  // password is not set - allow to override
1771  $blExists = false;
1772  }
1773  } else {
1774 
1775  $blExists = false;
1776  while ( !$oRs->EOF ) {
1777  if ( $oRs->fields[1] != 'user' ) {
1778 
1779  // exists admin with same login - must not allow
1780  $blExists = true;
1781  break;
1782  } elseif ( $oRs->fields[0] == $iShopId && $oRs->fields[2] ) {
1783 
1784  // exists same login (with password) in same shop
1785  $blExists = true;
1786  break;
1787  }
1788 
1789  $oRs->moveNext();
1790  }
1791  }
1792  }
1793  return $blExists;
1794  }
1795 
1803  public function getUserRecommLists( $sOXID = null )
1804  {
1805  if ( !$sOXID )
1806  $sOXID = $this->getId();
1807 
1808  // sets active page
1809  $iActPage = (int) oxConfig::getParameter( 'pgNr' );
1810  $iActPage = ($iActPage < 0) ? 0 : $iActPage;
1811 
1812  // load only lists which we show on screen
1813  $iNrofCatArticles = $this->getConfig()->getConfigParam( 'iNrofCatArticles' );
1814  $iNrofCatArticles = $iNrofCatArticles ? $iNrofCatArticles : 10;
1815 
1816 
1817  $oRecommList = oxNew( 'oxlist' );
1818  $oRecommList->init( 'oxrecommlist' );
1819  $oRecommList->setSqlLimit( $iNrofCatArticles * $iActPage, $iNrofCatArticles );
1820  $iShopId = $this->getConfig()->getShopId();
1821  $sSelect = 'select * from oxrecommlists where oxuserid ='. oxDb::getDb()->quote( $sOXID ) . ' and oxshopid ="'. $iShopId .'"';
1822  $oRecommList->selectString( $sSelect );
1823 
1824  return $oRecommList;
1825  }
1826 
1834  public function getRecommListsCount( $sOx = null )
1835  {
1836  if ( !$sOx ) {
1837  $sOx = $this->getId();
1838  }
1839 
1840  if ( $this->_iCntRecommLists === null || $sOx ) {
1841  $oDb = oxDb::getDb();
1842  $this->_iCntRecommLists = 0;
1843  $iShopId = $this->getConfig()->getShopId();
1844  $sSelect = 'select count(oxid) from oxrecommlists where oxuserid = ' . $oDb->quote( $sOx ) . ' and oxshopid ="'. $iShopId .'"';
1845  $this->_iCntRecommLists = $oDb->getOne( $sSelect );
1846  }
1847  return $this->_iCntRecommLists;
1848  }
1849 
1860  protected function _checkEmail( $sEmail )
1861  {
1862  oxRegistry::get("oxInputValidator")->checkEmail( $this, $sEmail );
1863  }
1864 
1877  public function checkPassword( $sNewPass, $sConfPass, $blCheckLenght = false )
1878  {
1879  return oxRegistry::get("oxInputValidator")->checkPassword( $this, $sNewPass, $sConfPass, $blCheckLenght );
1880  }
1881 
1892  protected function _checkCountries( $aInvAddress, $aDelAddress )
1893  {
1894  oxRegistry::get("oxInputValidator")->checkCountries( $this, $aInvAddress, $aDelAddress );
1895  }
1896 
1908  protected function _checkRequiredFields( $aInvAddress, $aDelAddress )
1909  {
1910  oxRegistry::get("oxInputValidator")->checkRequiredFields( $this, $aInvAddress, $aDelAddress );
1911  }
1912 
1923  protected function _checkRequiredArrayFields( $sFieldName, $aFieldValues )
1924  {
1925  oxRegistry::get("oxInputValidator")->checkRequiredArrayFields( $this, $sFieldName, $aFieldValues );
1926  }
1927 
1938  protected function _checkVatId( $aInvAddress )
1939  {
1940  oxRegistry::get("oxInputValidator")->checkVatId( $this, $aInvAddress );
1941  }
1942 
1951  protected function _setAutoGroups( $sCountryId )
1952  {
1953  // assigning automatically to specific groups
1954  $blForeigner = true;
1955  $blForeignGroupExists = false;
1956  $blInlandGroupExists = false;
1957 
1958  $aHomeCountry = $this->getConfig()->getConfigParam( 'aHomeCountry' );
1959  // foreigner ?
1960  if ( is_array($aHomeCountry)) {
1961  if (in_array($sCountryId, $aHomeCountry)) {
1962  $blForeigner = false;
1963  }
1964  } elseif ($sCountryId == $aHomeCountry) {
1965  $blForeigner = false;
1966  }
1967 
1968  if ( $this->inGroup( 'oxidforeigncustomer' ) ) {
1969  $blForeignGroupExists = true;
1970  if ( !$blForeigner ) {
1971  $this->removeFromGroup( 'oxidforeigncustomer' );
1972  }
1973  }
1974 
1975  if ( $this->inGroup( 'oxidnewcustomer' ) ) {
1976  $blInlandGroupExists = true;
1977  if ( $blForeigner ) {
1978  $this->removeFromGroup( 'oxidnewcustomer' );
1979  }
1980  }
1981 
1982  if ( !$this->oxuser__oxdisableautogrp->value ) {
1983  if ( !$blForeignGroupExists && $blForeigner ) {
1984  $this->addToGroup( 'oxidforeigncustomer' );
1985  }
1986  if ( !$blInlandGroupExists && !$blForeigner ) {
1987  $this->addToGroup( 'oxidnewcustomer' );
1988  }
1989  }
1990  }
1991 
1992 
2001  public function loadUserByUpdateId( $sUid )
2002  {
2003  $oDb = oxDb::getDb();
2004  $sQ = "select oxid from ".$this->getViewName()." where oxupdateexp >= ".time()." and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = ".$oDb->quote( $sUid );
2005  if ( $sUserId = $oDb->getOne( $sQ ) ) {
2006  return $this->load( $sUserId );
2007  }
2008  }
2009 
2017  public function setUpdateKey( $blReset = false )
2018  {
2019  $sUpKey = $blReset ? '' : oxUtilsObject::getInstance()->generateUId();
2020  $iUpTime = $blReset ? 0 : oxRegistry::get("oxUtilsDate")->getTime() + $this->getUpdateLinkTerm();
2021 
2022  // generating key
2023  $this->oxuser__oxupdatekey = new oxField( $sUpKey, oxField::T_RAW );
2024 
2025  // setting expiration time for 6 hours
2026  $this->oxuser__oxupdateexp = new oxField( $iUpTime, oxField::T_RAW );
2027 
2028  // saving
2029  $this->save();
2030  }
2031 
2037  public function getUpdateLinkTerm()
2038  {
2039  return 3600 * 6;
2040  }
2041 
2049  public function isExpiredUpdateId( $sKey )
2050  {
2051  $oDb = oxDb::getDb();
2052  $sQ = "select 1 from ".$this->getViewName()." where oxupdateexp >= ".time()." and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = ".$oDb->quote( $sKey );
2053  return !( (bool) $oDb->getOne( $sQ ) );
2054  }
2055 
2061  public function getUpdateId()
2062  {
2063  if ( $this->_sUpdateKey === null ) {
2064  $this->setUpdateKey();
2065  $this->_sUpdateKey = md5( $this->getId() . $this->oxuser__oxshopid->value . $this->oxuser__oxupdatekey->value );
2066  }
2067  return $this->_sUpdateKey;
2068  }
2069 
2080  public function encodePassword( $sPassword, $sSalt )
2081  {
2083  $oSha512Hasher = oxNew('oxSha512Hasher');
2085  $oHasher = oxNew('oxPasswordHasher', $oSha512Hasher );
2086 
2087  return $oHasher->hash($sPassword, $sSalt);
2088  }
2089 
2099  public function prepareSalt( $sSalt )
2100  {
2102  $oOpenSSLFunctionalityChecker = oxNew('oxOpenSSLFunctionalityChecker');
2104  $oGenerator = oxNew('oxPasswordSaltGenerator', $oOpenSSLFunctionalityChecker);
2105 
2106  return $oGenerator->generate();
2107  }
2108 
2118  public function decodeSalt( $sSaltHex )
2119  {
2120  return ( $sSaltHex ? oxDb::getDb()->getOne( "select UNHEX( '{$sSaltHex}' )" ) : '' );
2121  }
2122 
2130  public function setPassword( $sPassword = null )
2131  {
2133  $oOpenSSLFunctionalityChecker = oxNew('oxOpenSSLFunctionalityChecker');
2134  // setting salt if password is not empty
2136  $oSaltGenerator = oxNew('oxPasswordSaltGenerator', $oOpenSSLFunctionalityChecker);
2137 
2138  $sSalt = $sPassword ? $oSaltGenerator->generate() : '';
2139 
2140  // encoding only if password was not empty (e.g. user registration without pass)
2141  $sPassword = $sPassword ? $this->encodePassword( $sPassword, $sSalt ) : '';
2142 
2143  $this->oxuser__oxpassword = new oxField( $sPassword, oxField::T_RAW );
2144  $this->oxuser__oxpasssalt = new oxField( $sSalt, oxField::T_RAW );
2145  }
2146 
2154  public function isSamePassword( $sNewPass )
2155  {
2156  return $this->encodePassword( $sNewPass, $this->oxuser__oxpasssalt->value ) == $this->oxuser__oxpassword->value;
2157  }
2158 
2164  public function isLoadedFromCookie()
2165  {
2167  }
2168 
2175  public function getPasswordHash()
2176  {
2177  $sHash = null;
2178  if ( $this->oxuser__oxpassword->value ) {
2179  if ( strlen( $this->oxuser__oxpassword->value ) < 32 ) {
2180  $this->setPassword( $this->oxuser__oxpassword->value );
2181  }
2182  $sHash = $this->oxuser__oxpassword->value;
2183  }
2184  return $sHash;
2185  }
2186 
2194  public function getReviewUserHash( $sUserId )
2195  {
2196  $oDb = oxDb::getDb();
2197  $sReviewUserHash = $oDb->getOne('select md5(concat("oxid", oxpassword, oxusername )) from oxuser where oxid = ' . $oDb->quote( $sUserId ) .'');
2198  return $sReviewUserHash;
2199  }
2200 
2208  public function getReviewUserId( $sReviewUserHash )
2209  {
2210  $oDb = oxDb::getDb();
2211  $sUserId = $oDb->getOne('select oxid from oxuser where md5(concat("oxid", oxpassword, oxusername )) = ' . $oDb->quote( $sReviewUserHash ) .'');
2212  return $sUserId;
2213  }
2214 
2220  public function getState()
2221  {
2222  return $this->oxuser__oxstateid->value;
2223  }
2224 
2230  public function isTermsAccepted()
2231  {
2232  $oDb = oxDb::getDb();
2233  $sShopId = $this->getConfig()->getShopId();
2234  $sUserId = $oDb->quote( $this->getId() );
2235  return (bool) $oDb->getOne( "select 1 from oxacceptedterms where oxuserid={$sUserId} and oxshopid='{$sShopId}'" );
2236  }
2237 
2243  public function acceptTerms()
2244  {
2245  $oDb = oxDb::getDb();
2246  $sUserId = $oDb->quote( $this->getId() );
2247  $sShopId = $this->getConfig()->getShopId();
2248  $sVersion = oxNew( "oxcontent" )->getTermsVersion();
2249 
2250  $oDb->execute( "replace oxacceptedterms set oxuserid={$sUserId}, oxshopid='{$sShopId}', oxtermversion='{$sVersion}'" );
2251  }
2252 
2262  public function setCreditPointsForRegistrant( $sUserId, $sRecEmail )
2263  {
2264  $blSet = false;
2265  $oDb = oxDb::getDb();
2266  $iPoints = $this->getConfig()->getConfigParam( 'dPointsForRegistration' );
2267  // check if this invitation is still not accepted
2268  $iPending = $oDb->getOne( "select count(oxuserid) from oxinvitations where oxuserid = ".$oDb->quote( $sUserId )." and md5(oxemail) = ".$oDb->quote( $sRecEmail )." and oxpending = 1 and oxaccepted = 0", false, false);
2269  if ( $iPoints && $iPending ) {
2270  $this->oxuser__oxpoints = new oxField( $iPoints, oxField::T_RAW );
2271  if ( $blSet = $this->save() ) {
2272  // updating users statistics
2273  $oDb->execute( "UPDATE oxinvitations SET oxpending = '0', oxaccepted = '1' where oxuserid = ".$oDb->quote( $sUserId )." and md5(oxemail) = ".$oDb->quote( $sRecEmail ) );
2274  $oInvUser = oxNew( "oxuser" );
2275  if ( $oInvUser->load( $sUserId ) ) {
2276  $blSet = $oInvUser->setCreditPointsForInviter();
2277  }
2278  }
2279  }
2280  oxSession::deleteVar( 'su' );
2281  oxSession::deleteVar( 're' );
2282 
2283  return $blSet;
2284  }
2285 
2291  public function setCreditPointsForInviter()
2292  {
2293  $blSet = false;
2294  $iPoints = $this->getConfig()->getConfigParam( 'dPointsForInvitation' );
2295  if ( $iPoints ) {
2296  $iNewPoints = $this->oxuser__oxpoints->value + $iPoints;
2297  $this->oxuser__oxpoints = new oxField( $iNewPoints, oxField::T_RAW );
2298  $blSet = $this->save();
2299  }
2300 
2301  return $blSet;
2302  }
2303 
2309  public function updateFbId()
2310  {
2311  $oFb = oxRegistry::get("oxFb");
2312  $blRet = false;
2313 
2314  if ( $oFb->isConnected() && $oFb->getUser() ) {
2315  $this->oxuser__oxfbid = new oxField( $oFb->getUser() );
2316  $blRet = $this->save();
2317  }
2318 
2319  return $blRet;
2320  }
2321 
2329  public function updateInvitationStatistics( $aRecEmail )
2330  {
2331  $oDb = oxDb::getDb();
2332  $sUserId = $this->getId();
2333 
2334  if ( $sUserId && is_array( $aRecEmail ) && count( $aRecEmail ) > 0 ) {
2335  //iserting statistics about invitation
2336  $sDate = oxRegistry::get("oxUtilsDate")->formatDBDate( date("Y-m-d"), true );
2337  $aRecEmail = oxDb::getInstance()->quoteArray( $aRecEmail );
2338  foreach ( $aRecEmail as $sRecEmail ) {
2339  $sSql = "INSERT INTO oxinvitations SET oxuserid = ".$oDb->quote( $sUserId ).", oxemail = $sRecEmail, oxdate='$sDate', oxpending = '1', oxaccepted = '0', oxtype = '1' ";
2340  $oDb->execute( $sSql );
2341  }
2342  }
2343  }
2344 
2352  public function getIdByUserName( $sUserName )
2353  {
2354  $oDb = oxDb::getDb();
2355  $sQ = "SELECT `oxid` FROM `oxuser` WHERE `oxusername` = ". $oDb->quote( $sUserName );
2356  if ( !$this->getConfig()->getConfigParam( 'blMallUsers' ) ) {
2357  $sQ .= " AND `oxshopid` = ". $oDb->quote( $this->getConfig()->getShopId() );
2358  }
2359 
2360  return $oDb->getOne( $sQ );
2361 
2362  }
2363 
2369  public function hasAccount()
2370  {
2371 
2372  return (bool) $this->oxuser__oxpassword->value;
2373 
2374  }
2375 
2381  public function isPriceViewModeNetto()
2382  {
2383  return (bool) $this->getConfig()->getConfigParam('blShowNetPrice');
2384  }
2385 
2393  protected function _dbLogin( $sUser, $sPassword, $sShopID )
2394  {
2395  $blOldHash = false;
2396  $oDb = oxDb::getDb();
2397 
2398  if ($this->_isDemoShop() && $this->isAdmin()) {
2399  $sUserOxId = $oDb->getOne( $this->_getDemoShopLoginQuery( $sUser, $sPassword ));
2400  } else {
2401  $sUserOxId = $oDb->getOne( $this->_getLoginQuery( $sUser, $sPassword, $sShopID, $this->isAdmin() ) );
2402  if( !$sUserOxId ){
2403  $sUserOxId = $oDb->getOne( $this->_getLegacyLoginQuery( $sUser, $sPassword, $sShopID, $this->isAdmin() ) );
2404  $blOldHash = true;
2405  }
2406  }
2407 
2408  if ( $sUserOxId ) {
2409  if ( !$this->load( $sUserOxId ) ) {
2411  $oEx = oxNew( 'oxUserException' );
2412  $oEx->setMessage( 'ERROR_MESSAGE_USER_NOVALIDLOGIN' );
2413  throw $oEx;
2414  }elseif($blOldHash && $this->getId()){
2415  $this->setPassword($sPassword);
2416  $this->save();
2417  }
2418  }
2419 
2420  }
2421 
2422  protected function _isDemoShop()
2423  {
2424  $blDemoMode = false;
2425 
2426  if ($this->getConfig()->isDemoShop()) {
2427  $blDemoMode = true;
2428  }
2429 
2430  return $blDemoMode;
2431  }
2432 
2433  protected function _getDemoShopLoginQuery( $sUser, $sPassword )
2434  {
2435  if ( $sPassword == "admin" && $sUser == "admin" ) {
2436  $sSelect = "SELECT `oxid` FROM `oxuser` WHERE `oxrights` = 'malladmin' ";
2437  } else {
2439  $oEx = oxNew( 'oxUserException' );
2440  $oEx->setMessage( 'ERROR_MESSAGE_USER_NOVALIDLOGIN' );
2441  throw $oEx;
2442  }
2443 
2444  return $sSelect;
2445  }
2446 }