OXID eShop CE  4.9.6
 All Classes Files Functions Variables Pages
oxuser.php
Go to the documentation of this file.
1 <?php
2 
9 class oxUser extends oxBase
10 {
11 
17  protected $_blDisableShopCheck = true;
18 
24  protected $_oNewsSubscription = null;
25 
31  protected $_sClassName = 'oxuser';
32 
38  protected $_aBaskets = array();
39 
45  protected $_oGroups;
46 
52  protected $_aAddresses = array();
53 
59  protected $_oPayments;
60 
66  protected $_oRecommList;
67 
73  protected $_blMallUsers = false;
74 
80  protected static $_aUserCookie = array();
81 
87  protected $_iCntNoticeListArticles = null;
88 
94  protected $_iCntWishListArticles = null;
95 
101  protected $_iCntRecommLists = null;
102 
108  protected $_sUpdateKey = null;
109 
115  protected $_blLoadedFromCookie = null;
116 
122  protected $_sSelAddressId = null;
123 
129  protected $_oSelAddress = null;
130 
136  protected $_sWishId = null;
137 
143  protected $_oUserCountryTitle = null;
144 
148  protected $_oStateObject = null;
149 
155  protected function _getStateObject()
156  {
157  if (is_null($this->_oStateObject)) {
158  $this->_oStateObject = oxNew('oxState');
159  }
160 
161  return $this->_oStateObject;
162  }
163 
169  public function __construct()
170  {
171  $this->setMallUsersStatus($this->getConfig()->getConfigParam('blMallUsers'));
172 
174  $this->init('oxuser');
175  }
176 
182  public function setMallUsersStatus($blOn = false)
183  {
184  $this->_blMallUsers = $blOn;
185  }
186 
194  public function __get($sParamName)
195  {
196  // it saves memory using - loads data only if it is used
197  switch ($sParamName) {
198  case 'oGroups':
199  return $this->_oGroups = $this->getUserGroups();
200  break;
201  case 'iCntNoticeListArticles':
202  return $this->_iCntNoticeListArticles = $this->getNoticeListArtCnt();
203  break;
204  case 'iCntWishListArticles':
205  return $this->_iCntWishListArticles = $this->getWishListArtCnt();
206  break;
207  case 'iCntRecommLists':
208  return $this->_iCntRecommLists = $this->getRecommListsCount();
209  break;
210  case 'oAddresses':
211  return $this->getUserAddresses();
212  break;
213  case 'oPayments':
214  return $this->_oPayments = $this->getUserPayments();
215  break;
216  case 'oxuser__oxcountry':
217  return $this->oxuser__oxcountry = $this->getUserCountry();
218  break;
219  case 'sDBOptin':
220  return $this->sDBOptin = $this->getNewsSubscription()->getOptInStatus();
221  break;
222  case 'sEmailFailed':
223  return $this->sEmailFailed = $this->getNewsSubscription()->getOptInEmailStatus();
224  break;
225  }
226  }
227 
233  public function getNewsSubscription()
234  {
235  if ($this->_oNewsSubscription !== null) {
237  }
238 
239  $this->_oNewsSubscription = oxNew('oxnewssubscribed');
240 
241  // if subscription object is not set yet - we should create one
242  if (!$this->_oNewsSubscription->loadFromUserId($this->getId())) {
243  if (!$this->_oNewsSubscription->loadFromEmail($this->oxuser__oxusername->value)) {
244 
245  // no subscription defined yet - creating one
246  $this->_oNewsSubscription->oxnewssubscribed__oxuserid = new oxField($this->getId(), oxField::T_RAW);
247  $this->_oNewsSubscription->oxnewssubscribed__oxemail = new oxField($this->oxuser__oxusername->value, oxField::T_RAW);
248  $this->_oNewsSubscription->oxnewssubscribed__oxsal = new oxField($this->oxuser__oxsal->value, oxField::T_RAW);
249  $this->_oNewsSubscription->oxnewssubscribed__oxfname = new oxField($this->oxuser__oxfname->value, oxField::T_RAW);
250  $this->_oNewsSubscription->oxnewssubscribed__oxlname = new oxField($this->oxuser__oxlname->value, oxField::T_RAW);
251  }
252  }
253 
255  }
256 
266  public function getUserCountry($sCountryId = null, $iLang = null)
267  {
268  if ($this->_oUserCountryTitle == null || $sCountryId) {
269  $sId = $sCountryId ? $sCountryId : $this->oxuser__oxcountryid->value;
270  $oDb = oxDb::getDb();
271  $sViewName = getViewName('oxcountry', $iLang);
272  $sQ = "select oxtitle from {$sViewName} where oxid = " . $oDb->quote($sId) . " ";
273  $oCountry = new oxField($oDb->getOne($sQ), oxField::T_RAW);
274  if (!$sCountryId) {
275  $this->_oUserCountryTitle = $oCountry;
276  }
277  } else {
279  }
280 
281  return $oCountry;
282  }
283 
291  public function getUserCountryId($sCountry = null)
292  {
293  $oDb = oxDb::getDb();
294  $sQ = "select oxid from " . getviewName("oxcountry") . " where oxactive = '1' and oxisoalpha2 = " . $oDb->quote($sCountry) . " ";
295  $sCountryId = $oDb->getOne($sQ);
296 
297  return $sCountryId;
298  }
299 
307  public function getUserGroups($sOXID = null)
308  {
309 
310  if (isset($this->_oGroups)) {
311  return $this->_oGroups;
312  }
313 
314  if (!$sOXID) {
315  $sOXID = $this->getId();
316  }
317 
318  $sViewName = getViewName("oxgroups");
319  $this->_oGroups = oxNew('oxList', 'oxgroups');
320  $sSelect = "select {$sViewName}.* from {$sViewName} left join oxobject2group on oxobject2group.oxgroupsid = {$sViewName}.oxid
321  where oxobject2group.oxobjectid = " . oxDb::getDb()->quote($sOXID);
322  $this->_oGroups->selectString($sSelect);
323 
324  return $this->_oGroups;
325  }
326 
334  public function getUserAddresses($sUserId = null)
335  {
336  $sUserId = isset($sUserId) ? $sUserId : $this->getId();
337  if (!isset($this->_aAddresses[$sUserId])) {
338  $oUserAddressList = oxNew('oxUserAddressList');
339  $oUserAddressList->load($sUserId);
340  $this->_aAddresses[$sUserId] = $oUserAddressList;
341 
342  // marking selected
343  if ($sAddressId = $this->getSelectedAddressId()) {
344  foreach ($this->_aAddresses[$sUserId] as $oAddress) {
345  if ($oAddress->getId() === $sAddressId) {
346  $oAddress->setSelected();
347  break;
348  }
349  }
350  }
351  }
352 
353  return $this->_aAddresses[$sUserId];
354  }
355 
361  public function setSelectedAddressId($sAddressId)
362  {
363  $this->_sSelAddressId = $sAddressId;
364  }
365 
371  public function getSelectedAddressId()
372  {
373  if ($this->_sSelAddressId !== null) {
374  return $this->_sSelAddressId;
375  }
376 
377  $sAddressId = oxRegistry::getConfig()->getRequestParameter("oxaddressid");
378  if (!$sAddressId && !oxRegistry::getConfig()->getRequestParameter('reloadaddress')) {
379  $sAddressId = oxRegistry::getSession()->getVariable("deladrid");
380  }
381 
382  return $sAddressId;
383  }
384 
390  protected function _getWishListId()
391  {
392  $this->_sWishId = null;
393  // check if we have to set it here
394  $oBasket = $this->getSession()->getBasket();
395  foreach ($oBasket->getContents() as $oBasketItem) {
396  if ($this->_sWishId = $oBasketItem->getWishId()) {
397  // stop on first found
398  break;
399  }
400  }
401 
402  return $this->_sWishId;
403  }
404 
413  public function getSelectedAddress($sWishId = false)
414  {
415  if ($this->_oSelAddress !== null) {
416  return $this->_oSelAddress;
417  }
418 
419  $oSelectedAddress = null;
420  $oAddresses = $this->getUserAddresses();
421  if ($oAddresses->count()) {
422  if ($sAddressId = $this->getSelectedAddressId()) {
423  foreach ($oAddresses as $oAddress) {
424  if ($oAddress->getId() == $sAddressId) {
425  $oAddress->selected = 1;
426  $oAddress->setSelected();
427  $oSelectedAddress = $oAddress;
428  break;
429  }
430  }
431  }
432 
433  // in case none is set - setting first one
434  if (!$oSelectedAddress) {
435  if (!$sAddressId || $sAddressId >= 0) {
436  $oAddresses->rewind();
437  $oAddress = $oAddresses->current();
438  } else {
439  $aAddresses = $oAddresses->getArray();
440  $oAddress = array_pop($aAddresses);
441  }
442  $oAddress->selected = 1;
443  $oAddress->setSelected();
444  $oSelectedAddress = $oAddress;
445  }
446  }
447  $this->_oSelAddress = $oSelectedAddress;
448 
449  return $oSelectedAddress;
450  }
451 
459  public function getUserPayments($sOXID = null)
460  {
461  if ($this->_oPayments === null) {
462 
463  if (!$sOXID) {
464  $sOXID = $this->getId();
465  }
466 
467  $sSelect = 'select * from oxuserpayments where oxuserid = ' . oxDb::getDb()->quote($sOXID) . ' ';
468 
469  $this->_oPayments = oxNew('oxList');
470  $this->_oPayments->init('oxUserPayment');
471  $this->_oPayments->selectString($sSelect);
472  }
473 
474  return $this->_oPayments;
475  }
476 
482  public function save()
483  {
485 
486  $blAddRemark = false;
487  if ($this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1) {
488  $blAddRemark = true;
489  //save oxregister value
490  $this->oxuser__oxregister = new oxField(date('Y-m-d H:i:s'), oxField::T_RAW);
491  }
492 
493  // setting user rights
494  $this->oxuser__oxrights = new oxField($this->_getUserRights(), oxField::T_RAW);
495 
496  // processing birth date which came from output as array
497  if (is_array($this->oxuser__oxbirthdate->value)) {
498  $this->oxuser__oxbirthdate = new oxField($this->convertBirthday($this->oxuser__oxbirthdate->value), oxField::T_RAW);
499  }
500 
501  // checking if user Facebook ID should be updated
502  if ($myConfig->getConfigParam("bl_showFbConnect")) {
503  $oFb = oxRegistry::get("oxFb");
504  if ($oFb->isConnected() && $oFb->getUser()) {
505  $this->oxuser__oxfbid = new oxField($oFb->getUser());
506  }
507  }
508 
509  $blRet = parent::save();
510 
511  //add registered remark
512  if ($blAddRemark && $blRet) {
513  $oRemark = oxNew('oxremark');
514  $oRemark->oxremark__oxtext = new oxField(oxRegistry::getLang()->translateString('usrRegistered', null, true), oxField::T_RAW);
515  $oRemark->oxremark__oxtype = new oxField('r', oxField::T_RAW);
516  $oRemark->oxremark__oxparentid = new oxField($this->getId(), oxField::T_RAW);
517  $oRemark->save();
518  }
519 
520  return $blRet;
521  }
522 
528  public function allowDerivedUpdate()
529  {
530  return true;
531  }
532 
540  public function inGroup($sGroupID)
541  {
542  $blIn = false;
543  if (($oGroups = $this->getUserGroups())) {
544  $blIn = isset($oGroups[$sGroupID]);
545  }
546 
547  return $blIn;
548  }
549 
558  public function delete($sOXID = null)
559  {
560 
561  if (!$sOXID) {
562  $sOXID = $this->getId();
563  }
564  if (!$sOXID) {
565  return false;
566  }
567 
568  $blDeleted = parent::delete($sOXID);
569 
570  if ($blDeleted) {
571  $oDb = oxDb::getDb();
572  $sOXIDQuoted = $oDb->quote($sOXID);
573 
574  // deleting stored payment, address, group dependencies, remarks info
575  $rs = $oDb->execute("delete from oxaddress where oxaddress.oxuserid = {$sOXIDQuoted}");
576  $rs = $oDb->execute("delete from oxobject2group where oxobject2group.oxobjectid = {$sOXIDQuoted}");
577 
578  // deleting notice/wish lists
579  $rs = $oDb->execute("delete oxuserbasketitems.* from oxuserbasketitems, oxuserbaskets where oxuserbasketitems.oxbasketid = oxuserbaskets.oxid and oxuserid = {$sOXIDQuoted}");
580  $rs = $oDb->execute("delete from oxuserbaskets where oxuserid = {$sOXIDQuoted}");
581 
582  // deleting newsletter subscription
583  $rs = $oDb->execute("delete from oxnewssubscribed where oxuserid = {$sOXIDQuoted}");
584 
585  // delivery and delivery sets
586  $rs = $oDb->execute("delete from oxobject2delivery where oxobjectid = {$sOXIDQuoted}");
587 
588  // discounts
589  $rs = $oDb->execute("delete from oxobject2discount where oxobjectid = {$sOXIDQuoted}");
590 
591 
592  // and leaving all order related information
593  $rs = $oDb->execute("delete from oxremark where oxparentid = {$sOXIDQuoted} and oxtype !='o'");
594 
595  $blDeleted = $rs->EOF;
596  }
597 
598  return $blDeleted;
599  }
600 
608  public function load($oxID)
609  {
610 
611  $blRet = parent::load($oxID);
612 
613  // convert date's to international format
614  if (isset($this->oxuser__oxcreate->value)) {
615  $this->oxuser__oxcreate->setValue(oxRegistry::get("oxUtilsDate")->formatDBDate($this->oxuser__oxcreate->value));
616  }
617 
618  // change newsSubcription user id
619  if (isset($this->_oNewsSubscription)) {
620  $this->_oNewsSubscription->oxnewssubscribed__oxuserid = new oxField($oxID, oxField::T_RAW);
621  }
622 
623  return $blRet;
624  }
625 
633  public function exists($sOXID = null)
634  {
635  if (!$sOXID) {
636  $sOXID = $this->getId();
637  }
638  //#5901 if physical record exists return true unconditionally
639  if (parent::exists($sOXID)) {
640  $this->setId($sOXID);
641  return true;
642  }
643 
644  //additional username check
645  //This part is used by not yet saved user object, to detect the case when such username exists in db.
646  //Basically it is called when anonymous visitor enters existing username for newsletter subscription
647  //see Newsletter::send()
648  //TODO: transfer this validation to newsletter part
649  $sShopSelect = '';
650  if (!$this->_blMallUsers && $this->oxuser__oxrights->value != 'malladmin') {
651  $sShopSelect = ' AND oxshopid = "' . $this->getConfig()->getShopId() . '" ';
652  }
653  $oDb = oxDb::getDb();
654  $sSelect = 'SELECT oxid FROM ' . $this->getViewName() . '
655  WHERE ( oxusername = ' . $oDb->quote($this->oxuser__oxusername->value) . ' ) ';
656  $sSelect .= $sShopSelect;
657 
658  if (($sOxid = $oDb->getOne($sSelect, false, false))) {
659  // update - set oxid
660  $this->setId($sOxid);
661 
662  return true;
663  }
664 
665  return false;
666  }
667 
676  public function getOrders($iLimit = false, $iPage = 0)
677  {
678  $oOrders = oxNew('oxList');
679  $oOrders->init('oxorder');
680 
681  if ($iLimit !== false) {
682  $oOrders->setSqlLimit($iLimit * $iPage, $iLimit);
683  }
684 
685  //P
686  // Lists does not support loading from two tables, so orders
687  // articles now are loaded in account_order.php view and no need to use blLoadProdInfo
688  // forcing to load product info which is used in templates
689  // $oOrders->aSetBeforeAssign['blLoadProdInfo'] = true;
690 
691  //loading order for registered user
692  if ($this->oxuser__oxregister->value > 1) {
693  $oDb = oxDb::getDb();
694  $sQ = 'select * from oxorder where oxuserid = ' . $oDb->quote($this->getId()) . ' and oxorderdate >= ' . $oDb->quote($this->oxuser__oxregister->value) . ' ';
695 
696  //#1546 - shopid check added, if it is not multishop
697 
698  $sQ .= ' order by oxorderdate desc ';
699  $oOrders->selectString($sQ);
700  }
701 
702  return $oOrders;
703  }
704 
710  public function getOrderCount()
711  {
712  $iCnt = 0;
713  if ($this->getId() && $this->oxuser__oxregister->value > 1) {
714  $oDb = oxDb::getDb();
715  $sQ = 'select count(*) from oxorder where oxuserid = ' . $oDb->quote($this->getId()) . ' AND oxorderdate >= ' . $oDb->quote($this->oxuser__oxregister->value) . ' and oxshopid = "' . $this->getConfig()->getShopId() . '" ';
716  $iCnt = (int) $oDb->getOne($sQ);
717  }
718 
719  return $iCnt;
720  }
721 
727  public function getNoticeListArtCnt()
728  {
729  if ($this->_iCntNoticeListArticles === null) {
730  $this->_iCntNoticeListArticles = 0;
731  if ($this->getId()) {
732  $this->_iCntNoticeListArticles = $this->getBasket('noticelist')->getItemCount();
733  }
734  }
735 
737  }
738 
744  public function getWishListArtCnt()
745  {
746  if ($this->_iCntWishListArticles === null) {
747  $this->_iCntWishListArticles = false;
748  if ($this->getId()) {
749  $this->_iCntWishListArticles = $this->getBasket('wishlist')->getItemCount();
750  }
751  }
752 
754  }
755 
761  public function getEncodedDeliveryAddress()
762  {
763  return md5($this->_getMergedAddressFields());
764  }
765 
772  public function getActiveCountry()
773  {
774  $sDeliveryCountry = '';
775  $soxAddressId = oxRegistry::getSession()->getVariable('deladrid');
776  if ($soxAddressId) {
777  $oDelAddress = oxNew('oxaddress');
778  $oDelAddress->load($soxAddressId);
779  $sDeliveryCountry = $oDelAddress->oxaddress__oxcountryid->value;
780  } elseif ($this->getId()) {
781  $sDeliveryCountry = $this->oxuser__oxcountryid->value;
782  } else {
783  $oUser = oxNew('oxuser');
784  if ($oUser->loadActiveUser()) {
785  $sDeliveryCountry = $oUser->oxuser__oxcountryid->value;
786  }
787  }
788 
789  return $sDeliveryCountry;
790  }
791 
799  public function createUser()
800  {
801  $oDb = oxDb::getDb();
802  $sShopID = $this->getConfig()->getShopId();
803 
804  // check if user exists AND there is no password - in this case we update otherwise we try to insert
805  $sSelect = "select oxid from oxuser where oxusername = " . $oDb->quote($this->oxuser__oxusername->value) . " and oxpassword = '' ";
806  if (!$this->_blMallUsers) {
807  $sSelect .= " and oxshopid = '{$sShopID}' ";
808  }
809  $sOXID = $oDb->getOne($sSelect, false, false);
810 
811  // user without password found - lets use
812  if (isset($sOXID) && $sOXID) {
813  // try to update
814  $this->delete($sOXID);
815  } elseif ($this->_blMallUsers) {
816  // must be sure if there is no dublicate user
817  $sQ = "select oxid from oxuser where oxusername = " . $oDb->quote($this->oxuser__oxusername->value) . " and oxusername != '' ";
818  if ($oDb->getOne($sQ, false, false)) {
820  $oEx = oxNew('oxUserException');
821  $oLang = oxRegistry::getLang();
822  $oEx->setMessage(sprintf($oLang->translateString('ERROR_MESSAGE_USER_USEREXISTS', $oLang->getTplLanguage()), $this->oxuser__oxusername->value));
823  throw $oEx;
824  }
825  }
826 
827  $this->oxuser__oxshopid = new oxField($sShopID, oxField::T_RAW);
828  if (($blOK = $this->save())) {
829  // dropping/cleaning old delivery address/payment info
830  $oDb->execute("delete from oxaddress where oxaddress.oxuserid = " . $oDb->quote($this->oxuser__oxid->value) . " ");
831  $oDb->execute("update oxuserpayments set oxuserpayments.oxuserid = " . $oDb->quote($this->oxuser__oxusername->value) . " where oxuserpayments.oxuserid = " . $oDb->quote($this->oxuser__oxid->value) . " ");
832  } else {
834  $oEx = oxNew('oxUserException');
835  $oEx->setMessage('EXCEPTION_USER_USERCREATIONFAILED');
836  throw $oEx;
837  }
838 
839  return $blOK;
840  }
841 
849  public function addToGroup($sGroupID)
850  {
851  if (!$this->inGroup($sGroupID)) {
852  // create oxgroup object
853  $oGroup = oxNew('oxGroups');
854  if ($oGroup->load($sGroupID)) {
855  $oNewGroup = oxNew('oxobject2group');
856  $oNewGroup->oxobject2group__oxobjectid = new oxField($this->getId(), oxField::T_RAW);
857  $oNewGroup->oxobject2group__oxgroupsid = new oxField($sGroupID, oxField::T_RAW);
858  if ($oNewGroup->save()) {
859  $this->_oGroups[$sGroupID] = $oGroup;
860 
861  return true;
862  }
863  }
864  }
865 
866  return false;
867  }
868 
874  public function removeFromGroup($sGroupID = null)
875  {
876  if ($sGroupID != null && $this->inGroup($sGroupID)) {
877  $oGroups = oxNew('oxList');
878  $oGroups->init('oxobject2group');
879  $sSelect = 'select * from oxobject2group where oxobject2group.oxobjectid = "' . $this->getId() . '" and oxobject2group.oxgroupsid = "' . $sGroupID . '" ';
880  $oGroups->selectString($sSelect);
881  foreach ($oGroups as $oRemgroup) {
882  if ($oRemgroup->delete()) {
883  unset($this->_oGroups[$oRemgroup->oxobject2group__oxgroupsid->value]);
884  }
885  }
886  }
887  }
888 
895  public function onOrderExecute($oBasket, $iSuccess)
896  {
897 
898  if (is_numeric($iSuccess) && $iSuccess != 2 && $iSuccess <= 3) {
899  //adding user to particular customer groups
900  $myConfig = $this->getConfig();
901  $dMidlleCustPrice = (float) $myConfig->getConfigParam('sMidlleCustPrice');
902  $dLargeCustPrice = (float) $myConfig->getConfigParam('sLargeCustPrice');
903 
904  $this->addToGroup('oxidcustomer');
905  $dBasketPrice = $oBasket->getPrice()->getBruttoPrice();
906  if ($dBasketPrice < $dMidlleCustPrice) {
907  $this->addToGroup('oxidsmallcust');
908  }
909  if ($dBasketPrice >= $dMidlleCustPrice && $dBasketPrice < $dLargeCustPrice) {
910  $this->addToGroup('oxidmiddlecust');
911  }
912  if ($dBasketPrice >= $dLargeCustPrice) {
913  $this->addToGroup('oxidgoodcust');
914  }
915 
916  if ($this->inGroup('oxidnotyetordered')) {
917  $this->removeFromGroup('oxidnotyetordered');
918  }
919  }
920  }
921 
929  public function getBasket($sName)
930  {
931  if (!isset($this->_aBaskets[$sName])) {
932  $oBasket = oxNew('oxuserbasket');
933  $aWhere = array('oxuserbaskets.oxuserid' => $this->getId(), 'oxuserbaskets.oxtitle' => $sName);
934 
935  // creating if it does not exist
936  if (!$oBasket->assignRecord($oBasket->buildSelectString($aWhere))) {
937  $oBasket->oxuserbaskets__oxtitle = new oxField($sName);
938  $oBasket->oxuserbaskets__oxuserid = new oxField($this->getId());
939 
940  // marking basket as new (it will not be saved in DB yet)
941  $oBasket->setIsNewBasket();
942  }
943 
944  $this->_aBaskets[$sName] = $oBasket;
945  }
946 
947  return $this->_aBaskets[$sName];
948  }
949 
958  public function convertBirthday($aData)
959  {
960 
961  // preparing data to process
962  $iYear = isset($aData['year']) ? ((int) $aData['year']) : false;
963  $iMonth = isset($aData['month']) ? ((int) $aData['month']) : false;
964  $iDay = isset($aData['day']) ? ((int) $aData['day']) : false;
965 
966  // leaving empty if not set
967  if (!$iYear && !$iMonth && !$iDay) {
968  return "";
969  }
970 
971  // year
972  if (!$iYear || $iYear < 1000 || $iYear > 9999) {
973  $iYear = date('Y');
974  }
975 
976  // month
977  if (!$iMonth || $iMonth < 1 || $iMonth > 12) {
978  $iMonth = 1;
979  }
980 
981  // maximum nuber of days in month
982  $iMaxDays = 31;
983  switch ($iMonth) {
984  case 2:
985  if ($iMaxDays > 28) {
986  $iMaxDays = ($iYear % 4 == 0 && ($iYear % 100 != 0 || $iYear % 400 == 0)) ? 29 : 28;
987  }
988  break;
989  case 4:
990  case 6:
991  case 9:
992  case 11:
993  $iMaxDays = min(30, $iMaxDays);
994  break;
995  }
996 
997  // day
998  if (!$iDay || $iDay < 1 || $iDay > $iMaxDays) {
999  $iDay = 1;
1000  }
1001 
1002  // whole date
1003  return sprintf("%04d-%02d-%02d", $iYear, $iMonth, $iDay);
1004  }
1005 
1011  public function getBoni()
1012  {
1013  if (!$iBoni = $this->getConfig()->getConfigParam('iCreditRating')) {
1014  $iBoni = 1000;
1015  }
1016 
1017  return $iBoni;
1018  }
1019 
1036  public function checkValues($sLogin, $sPassword, $sPassword2, $aInvAddress, $aDelAddress)
1037  {
1039  $oInputValidator = oxRegistry::get('oxInputValidator');
1040 
1041  // 1. checking user name
1042  $sLogin = $oInputValidator->checkLogin($this, $sLogin, $aInvAddress);
1043 
1044  // 2. checking email
1045  $oInputValidator->checkEmail($this, $sLogin, $aInvAddress);
1046 
1047  // 3. password
1048  $oInputValidator->checkPassword($this, $sPassword, $sPassword2, ((int) oxRegistry::getConfig()->getRequestParameter('option') == 3));
1049 
1050  // 4. required fields
1051  $oInputValidator->checkRequiredFields($this, $aInvAddress, $aDelAddress);
1052 
1053  // 5. country check
1054  $oInputValidator->checkCountries($this, $aInvAddress, $aDelAddress);
1055 
1056  // 6. vat id check.
1057  $oInputValidator->checkVatId($this, $aInvAddress);
1058 
1059 
1060  // throwing first validation error
1061  if ($oError = oxRegistry::get("oxInputValidator")->getFirstValidationError()) {
1062  throw $oError;
1063  }
1064  }
1065 
1075  public function setNewsSubscription($blSubscribe, $blSendOptIn, $blForceCheckOptIn = false)
1076  {
1077  // assigning to newsletter
1078  $blSuccess = false;
1079  $myConfig = $this->getConfig();
1080  $mySession = $this->getSession();
1081 
1082  // user wants to get newsletter messages or no ?
1083  $oNewsSubscription = $this->getNewsSubscription();
1084  if ($oNewsSubscription) {
1085  if ($blSubscribe && ($blForceCheckOptIn || ($iOptInStatus = $oNewsSubscription->getOptInStatus()) != 1)) {
1086  if (!$blSendOptIn) {
1087 
1088  // double-opt-in check is disabled - assigning automatically
1089  $this->addToGroup('oxidnewsletter');
1090  // and setting subscribed status
1091  $oNewsSubscription->setOptInStatus(1);
1092  $blSuccess = true;
1093  } else {
1094 
1095  // double-opt-in check enabled - sending confirmation email and setting waiting status
1096  if ($iOptInStatus != 2) {
1097  // sending double-opt-in mail
1098  $oEmail = oxNew('oxemail');
1099  $blSuccess = $oEmail->sendNewsletterDbOptInMail($this);
1100  } else {
1101  // mail already was sent, so just confirming that
1102  $blSuccess = true;
1103  }
1104 
1105  $oNewsSubscription->setOptInStatus(2);
1106  }
1107  } elseif (!$blSubscribe) {
1108  // removing user from newsletter subscribers
1109  $this->removeFromGroup('oxidnewsletter');
1110  $oNewsSubscription->setOptInStatus(0);
1111  $blSuccess = true;
1112  }
1113  }
1114 
1115  return $blSuccess;
1116  }
1117 
1133  public function changeUserData($sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress)
1134  {
1135  // validating values before saving. If validation fails - exception is thrown
1136  $this->checkValues($sUser, $sPassword, $sPassword2, $aInvAddress, $aDelAddress);
1137  // input data is fine - lets save updated user info
1138 
1139  $this->assign($aInvAddress);
1140 
1141 
1142  // update old or add new delivery address
1143  $this->_assignAddress($aDelAddress);
1144 
1145  // saving new values
1146  if ($this->save()) {
1147 
1148  // assigning automatically to specific groups
1149  $sCountryId = isset($aInvAddress['oxuser__oxcountryid']) ? $aInvAddress['oxuser__oxcountryid'] : '';
1150  $this->_setAutoGroups($sCountryId);
1151  }
1152  }
1153 
1159  protected function _getMergedAddressFields()
1160  {
1161  $sDelAddress = '';
1162  $sDelAddress .= $this->oxuser__oxcompany;
1163  $sDelAddress .= $this->oxuser__oxusername;
1164  $sDelAddress .= $this->oxuser__oxfname;
1165  $sDelAddress .= $this->oxuser__oxlname;
1166  $sDelAddress .= $this->oxuser__oxstreet;
1167  $sDelAddress .= $this->oxuser__oxstreetnr;
1168  $sDelAddress .= $this->oxuser__oxaddinfo;
1169  $sDelAddress .= $this->oxuser__oxustid;
1170  $sDelAddress .= $this->oxuser__oxcity;
1171  $sDelAddress .= $this->oxuser__oxcountryid;
1172  $sDelAddress .= $this->oxuser__oxstateid;
1173  $sDelAddress .= $this->oxuser__oxzip;
1174  $sDelAddress .= $this->oxuser__oxfon;
1175  $sDelAddress .= $this->oxuser__oxfax;
1176  $sDelAddress .= $this->oxuser__oxsal;
1177 
1178  return $sDelAddress;
1179  }
1180 
1186  protected function _assignAddress($aDelAddress)
1187  {
1188  if (is_array($aDelAddress) && count($aDelAddress)) {
1189 
1190  $sAddressId = $this->getConfig()->getRequestParameter('oxaddressid');
1191  $sAddressId = ($sAddressId === null || $sAddressId == -1 || $sAddressId == -2) ? null : $sAddressId;
1192 
1193  $oAddress = oxNew('oxaddress');
1194  $oAddress->setId($sAddressId);
1195  $oAddress->load($sAddressId);
1196  $oAddress->assign($aDelAddress);
1197  $oAddress->oxaddress__oxuserid = new oxField($this->getId(), oxField::T_RAW);
1198  $oAddress->oxaddress__oxcountry = $this->getUserCountry($oAddress->oxaddress__oxcountryid->value);
1199  $oAddress->save();
1200 
1201  // resetting addresses
1202  $this->_aAddresses = null;
1203 
1204  // saving delivery Address for later use
1205  oxRegistry::getSession()->setVariable('deladrid', $oAddress->getId());
1206  } else {
1207  // resetting
1208  oxRegistry::getSession()->setVariable('deladrid', null);
1209  }
1210  }
1211 
1225  protected function _getLoginQueryHashedWithMD5($sUser, $sPassword, $sShopID, $blAdmin)
1226  {
1227  $myConfig = $this->getConfig();
1228  $oDb = oxDb::getDb();
1229 
1230  $sUserSelect = "oxuser.oxusername = " . $oDb->quote($sUser);
1231  $sPassSelect = " oxuser.oxpassword = BINARY MD5( CONCAT( " . $oDb->quote($sPassword) . ", UNHEX( oxuser.oxpasssalt ) ) ) ";
1232  $sShopSelect = "";
1233 
1234 
1235  // admin view: can only login with higher than 'user' rights
1236  if ($blAdmin) {
1237  $sShopSelect = " and ( oxrights != 'user' ) ";
1238  }
1239 
1240  $sSelect = "select `oxid` from oxuser where oxuser.oxactive = 1 and {$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
1241 
1242 
1243  return $sSelect;
1244  }
1245 
1258  protected function _getLoginQuery($sUser, $sPassword, $sShopID, $blAdmin)
1259  {
1260  $myConfig = $this->getConfig();
1261  $oDb = oxDb::getDb();
1262 
1263  $sUserSelect = "oxuser.oxusername = " . $oDb->quote($sUser);
1264 
1265  $sShopSelect = "";
1266  // admin view: can only login with higher than 'user' rights
1267  if ($blAdmin) {
1268  $sShopSelect = " and ( oxrights != 'user' ) ";
1269  }
1270 
1271  $sSalt = $oDb->getOne("SELECT `oxpasssalt` FROM `oxuser` WHERE " . $sUserSelect . $sShopSelect);
1272 
1273  $sPassSelect = " oxuser.oxpassword = " . $oDb->quote($this->encodePassword($sPassword, $sSalt));
1274 
1275  $sSelect = "select `oxid` from oxuser where oxuser.oxactive = 1 and {$sPassSelect} and {$sUserSelect} {$sShopSelect} ";
1276 
1277 
1278  return $sSelect;
1279  }
1280 
1290  protected function _getShopSelect($myConfig, $sShopID, $blAdmin)
1291  {
1292  $sShopSelect = "";
1293  // admin view: can only login with higher than 'user' rights
1294  if ($blAdmin) {
1295  $sShopSelect = " and ( oxrights != 'user' ) ";
1296  }
1297 
1298  return $sShopSelect;
1299  }
1300 
1315  public function login($sUser, $sPassword, $blCookie = false)
1316  {
1317  if ($this->isAdmin() && !count(oxRegistry::get("oxUtilsServer")->getOxCookie())) {
1319  $oEx = oxNew('oxCookieException');
1320  $oEx->setMessage('ERROR_MESSAGE_COOKIE_NOCOOKIE');
1321  throw $oEx;
1322  }
1323 
1324  $oConfig = $this->getConfig();
1325 
1326 
1327  if ($sPassword) {
1328 
1329  $sShopID = $oConfig->getShopId();
1330  $this->_dbLogin($sUser, $sPassword, $sShopID);
1331  }
1332 
1333 
1334 
1335 
1336  //login successful?
1337  if ($this->oxuser__oxid->value) {
1338 
1339  // yes, successful login
1340 
1341  //resetting active user
1342  $this->setUser(null);
1343 
1344  if ($this->isAdmin()) {
1345  oxRegistry::getSession()->setVariable('auth', $this->oxuser__oxid->value);
1346  } else {
1347  oxRegistry::getSession()->setVariable('usr', $this->oxuser__oxid->value);
1348  }
1349 
1350  // cookie must be set ?
1351  if ($blCookie && $oConfig->getConfigParam('blShowRememberMe')) {
1352  oxRegistry::get("oxUtilsServer")->setUserCookie($this->oxuser__oxusername->value, $this->oxuser__oxpassword->value, $oConfig->getShopId(), 31536000, $this->oxuser__oxpasssalt->value);
1353  }
1354 
1355  return true;
1356  } else {
1358  $oEx = oxNew('oxUserException');
1359  $oEx->setMessage('ERROR_MESSAGE_USER_NOVALIDLOGIN');
1360  throw $oEx;
1361  }
1362  }
1363 
1369  public function logout()
1370  {
1371  // deleting session info
1372  oxRegistry::getSession()->deleteVariable('usr'); // for front end
1373  oxRegistry::getSession()->deleteVariable('auth'); // for back end
1374  oxRegistry::getSession()->deleteVariable('dynvalue');
1375  oxRegistry::getSession()->deleteVariable('paymentid');
1376  // oxRegistry::getSession()->deleteVariable( 'deladrid' );
1377 
1378  // delete cookie
1379  oxRegistry::get("oxUtilsServer")->deleteUserCookie($this->getConfig()->getShopID());
1380 
1381  // unsetting global user
1382  $this->setUser(null);
1383 
1384  return true;
1385  }
1386 
1393  public function loadAdminUser()
1394  {
1395  return $this->loadActiveUser(true);
1396  }
1397 
1406  public function loadActiveUser($blForceAdmin = false)
1407  {
1408  $oConfig = $this->getConfig();
1409 
1410  $blAdmin = $this->isAdmin() || $blForceAdmin;
1411 
1412  // first - checking session info
1413  $sUserID = $blAdmin ? oxRegistry::getSession()->getVariable('auth') : oxRegistry::getSession()->getVariable('usr');
1414 
1415  // trying automatic login (by 'remember me' cookie)
1416  $blFoundInCookie = false;
1417  if (!$sUserID && !$blAdmin && $oConfig->getConfigParam('blShowRememberMe')) {
1418  $sUserID = $this->_getCookieUserId();
1419  $blFoundInCookie = $sUserID ? true : false;
1420  }
1421 
1422  // If facebook connection is enabled, trying to login user using Facebook ID
1423  if (!$sUserID && !$blAdmin && $oConfig->getConfigParam("bl_showFbConnect")) {
1424  $sUserID = $this->_getFacebookUserId();
1425  }
1426 
1427  // checking user results
1428  if ($sUserID) {
1429  if ($this->load($sUserID)) {
1430  // storing into session
1431  if ($blAdmin) {
1432  oxRegistry::getSession()->setVariable('auth', $sUserID);
1433  } else {
1434  oxRegistry::getSession()->setVariable('usr', $sUserID);
1435  }
1436 
1437  // marking the way user was loaded
1438  $this->_blLoadedFromCookie = $blFoundInCookie;
1439 
1440  return true;
1441  }
1442  } else {
1443  // no user
1444  if ($blAdmin) {
1445  oxRegistry::getSession()->deleteVariable('auth');
1446  } else {
1447  oxRegistry::getSession()->deleteVariable('usr');
1448  }
1449 
1450  return false;
1451  }
1452  }
1453 
1459  protected function _getFacebookUserId()
1460  {
1461  $oDb = oxDb::getDb();
1462  $oFb = oxRegistry::get("oxFb");
1463  $oConfig = $this->getConfig();
1464  if ($oFb->isConnected() && $oFb->getUser()) {
1465  $sUserSelect = "oxuser.oxfbid = " . $oDb->quote($oFb->getUser());
1466  $sShopSelect = "";
1467 
1468 
1469  $sSelect = "select oxid from oxuser where oxuser.oxactive = 1 and {$sUserSelect} {$sShopSelect} ";
1470  $sUserID = $oDb->getOne($sSelect);
1471  }
1472 
1473  return $sUserID;
1474  }
1475 
1481  protected function _getCookieUserId()
1482  {
1483  $sUserID = null;
1484  $oConfig = $this->getConfig();
1485  $sShopID = $oConfig->getShopId();
1486  if (($sSet = oxRegistry::get("oxUtilsServer")->getUserCookie($sShopID))) {
1487  $oDb = oxDb::getDb();
1488  $aData = explode('@@@', $sSet);
1489  $sUser = $aData[0];
1490  $sPWD = @$aData[1];
1491 
1492  $sSelect = 'select oxid, oxpassword, oxpasssalt from oxuser where oxuser.oxpassword != "" and oxuser.oxactive = 1 and oxuser.oxusername = ' . $oDb->quote($sUser);
1493 
1494  $rs = $oDb->select($sSelect);
1495  if ($rs != false && $rs->recordCount() > 0) {
1496  while (!$rs->EOF) {
1497  $sTest = crypt($rs->fields[1], $rs->fields[2]);
1498  if ($sTest == $sPWD) {
1499  // found
1500  $sUserID = $rs->fields[0];
1501  break;
1502  }
1503  $rs->moveNext();
1504  }
1505  }
1506  // if cookie info is not valid, remove it.
1507  if (!$sUserID) {
1508  oxRegistry::get('oxUtilsServer')->deleteUserCookie($sShopID);
1509  }
1510  }
1511 
1512  return $sUserID;
1513  }
1514 
1525  protected function _ldapLogin($sUser, $sPassword, $sShopID, $sShopSelect)
1526  {
1527  $aLDAPParams = $this->getConfig()->getConfigParam('aLDAPParams');
1528  $oLDAP = oxNew("oxLDAP", $aLDAPParams['HOST'], $aLDAPParams['PORT']);
1529 
1530  // maybe this is LDAP user but supplied email Address instead of LDAP login
1531  $oDb = oxDb::getDb();
1532  $sLDAPKey = $oDb->getOne("select oxldapkey from oxuser where oxuser.oxactive = 1 and oxuser.oxusername = " . $oDb->quote($sUser) . " $sShopSelect");
1533  if (isset($sLDAPKey) && $sLDAPKey) {
1534  $sUser = $sLDAPKey;
1535  }
1536 
1537  //$throws oxConnectionException
1538  $oLDAP->login($sUser, $sPassword, $aLDAPParams['USERQUERY'], $aLDAPParams['BASEDN'], $aLDAPParams['FILTER']);
1539 
1540  $aData = $oLDAP->mapData($aLDAPParams['DATAMAP']);
1541  if (isset($aData['OXUSERNAME']) && $aData['OXUSERNAME']) {
1542  // login successful
1543 
1544  // check if user is already in database
1545  $sSelect = "select oxid from oxuser where oxuser.oxusername = " . $oDb->quote($aData['OXUSERNAME']) . " $sShopSelect";
1546  $sOXID = $oDb->getOne($sSelect);
1547 
1548  if (!isset($sOXID) || !$sOXID) {
1549  // we need to create a new user
1550  //$oUser->oxuser__oxid->setValue($oUser->setId());
1551  $this->setId();
1552 
1553  // map all user data fields
1554  foreach ($aData as $fldname => $value) {
1555  $sField = "oxuser__" . strtolower($fldname);
1556  $this->$sField = new oxField($aData[$fldname]);
1557  }
1558 
1559  $this->oxuser__oxactive = new oxField(1);
1560  $this->oxuser__oxshopid = new oxField($sShopID);
1561  $this->oxuser__oxldapkey = new oxField($sUser);
1562  $this->oxuser__oxrights = new oxField("user");
1563  $this->setPassword("ldap user");
1564 
1565  $this->save();
1566  } else {
1567  // LDAP user is already in OXID DB, load it
1568  $this->load($sOXID);
1569  }
1570  } else {
1572  $oEx = oxNew('oxUserException');
1573  $oEx->setMessage('EXCEPTION_USER_NOVALUES');
1574  throw $oEx;
1575  }
1576  }
1577 
1584  protected function _getUserRights()
1585  {
1586  // previously user had no rights defined
1587  if (!$this->oxuser__oxrights->value) {
1588  return 'user';
1589  }
1590 
1591  $oDb = oxDb::getDb();
1592  $myConfig = $this->getConfig();
1593  $sAuthRights = null;
1594 
1595  // choosing possible user rights index
1596  $sAuthUserID = $this->isAdmin() ? oxRegistry::getSession()->getVariable('auth') : null;
1597  $sAuthUserID = $sAuthUserID ? $sAuthUserID : oxRegistry::getSession()->getVariable('usr');
1598  if ($sAuthUserID) {
1599  $sAuthRights = $oDb->getOne('select oxrights from ' . $this->getViewName() . ' where oxid=' . $oDb->quote($sAuthUserID));
1600  }
1601 
1602  //preventing user rights edit for non admin
1603  $aRights = array();
1604 
1605  // selecting current users rights ...
1606  if ($sCurrRights = $oDb->getOne('select oxrights from ' . $this->getViewName() . ' where oxid=' . $oDb->quote($this->getId()))) {
1607  $aRights[] = $sCurrRights;
1608  }
1609  $aRights[] = 'user';
1610 
1611  if (!$sAuthRights || !($sAuthRights == 'malladmin' || $sAuthRights == $myConfig->getShopId())) {
1612  return current($aRights);
1613  } elseif ($sAuthRights == $myConfig->getShopId()) {
1614  $aRights[] = $sAuthRights;
1615  if (!in_array($this->oxuser__oxrights->value, $aRights)) {
1616  return current($aRights);
1617  }
1618  }
1619 
1620  // leaving as it was set ...
1621  return $this->oxuser__oxrights->value;
1622  }
1623 
1629  protected function _insert()
1630  {
1631 
1632  // set oxcreate date
1633  $this->oxuser__oxcreate = new oxField(date('Y-m-d H:i:s'), oxField::T_RAW);
1634 
1635  if (!isset($this->oxuser__oxboni->value)) {
1636  $this->oxuser__oxboni = new oxField($this->getBoni(), oxField::T_RAW);
1637  }
1638 
1639  return parent::_insert();
1640  }
1641 
1647  protected function _update()
1648  {
1649  //V #M418: for not registered users, don't change boni during update
1650  if (!$this->oxuser__oxpassword->value && $this->oxuser__oxregister->value < 1) {
1651  $this->_aSkipSaveFields[] = 'oxboni';
1652  }
1653 
1654  // don't change this field
1655  $this->_aSkipSaveFields[] = 'oxcreate';
1656  if (!$this->isAdmin()) {
1657  $this->_aSkipSaveFields[] = 'oxcustnr';
1658  $this->_aSkipSaveFields[] = 'oxrights';
1659  }
1660 
1661  // updating subscription information
1662  if (($blUpdate = parent::_update())) {
1663  $this->getNewsSubscription()->updateSubscription($this);
1664  }
1665 
1666  return $blUpdate;
1667  }
1668 
1676  public function checkIfEmailExists($sEmail)
1677  {
1678  $myConfig = $this->getConfig();
1679  $oDb = oxDb::getDb();
1680  $iShopId = $myConfig->getShopId();
1681  $blExists = false;
1682 
1683  $sQ = 'select oxshopid, oxrights, oxpassword from oxuser where oxusername = ' . $oDb->quote($sEmail);
1684  if (($sOxid = $this->getId())) {
1685  $sQ .= " and oxid <> " . $oDb->quote($sOxid);
1686  }
1687  $oRs = $oDb->select($sQ, false, false);
1688  if ($oRs != false && $oRs->recordCount() > 0) {
1689 
1690  if ($this->_blMallUsers) {
1691 
1692  $blExists = true;
1693  if ($oRs->fields[1] == 'user' && !$oRs->fields[2]) {
1694 
1695  // password is not set - allow to override
1696  $blExists = false;
1697  }
1698  } else {
1699 
1700  $blExists = false;
1701  while (!$oRs->EOF) {
1702  if ($oRs->fields[1] != 'user') {
1703 
1704  // exists admin with same login - must not allow
1705  $blExists = true;
1706  break;
1707  } elseif ($oRs->fields[0] == $iShopId && $oRs->fields[2]) {
1708 
1709  // exists same login (with password) in same shop
1710  $blExists = true;
1711  break;
1712  }
1713 
1714  $oRs->moveNext();
1715  }
1716  }
1717  }
1718 
1719  return $blExists;
1720  }
1721 
1729  public function getUserRecommLists($sOXID = null)
1730  {
1731  if (!$sOXID) {
1732  $sOXID = $this->getId();
1733  }
1734 
1735  // sets active page
1736  $iActPage = (int) oxRegistry::getConfig()->getRequestParameter('pgNr');
1737  $iActPage = ($iActPage < 0) ? 0 : $iActPage;
1738 
1739  // load only lists which we show on screen
1740  $iNrofCatArticles = $this->getConfig()->getConfigParam('iNrofCatArticles');
1741  $iNrofCatArticles = $iNrofCatArticles ? $iNrofCatArticles : 10;
1742 
1743 
1744  $oRecommList = oxNew('oxList');
1745  $oRecommList->init('oxrecommlist');
1746  $oRecommList->setSqlLimit($iNrofCatArticles * $iActPage, $iNrofCatArticles);
1747  $iShopId = $this->getConfig()->getShopId();
1748  $sSelect = 'select * from oxrecommlists where oxuserid =' . oxDb::getDb()->quote($sOXID) . ' and oxshopid ="' . $iShopId . '"';
1749  $oRecommList->selectString($sSelect);
1750 
1751  return $oRecommList;
1752  }
1753 
1761  public function getRecommListsCount($sOx = null)
1762  {
1763  if (!$sOx) {
1764  $sOx = $this->getId();
1765  }
1766 
1767  if ($this->_iCntRecommLists === null || $sOx) {
1768  $oDb = oxDb::getDb();
1769  $this->_iCntRecommLists = 0;
1770  $iShopId = $this->getConfig()->getShopId();
1771  $sSelect = 'select count(oxid) from oxrecommlists where oxuserid = ' . $oDb->quote($sOx) . ' and oxshopid ="' . $iShopId . '"';
1772  $this->_iCntRecommLists = $oDb->getOne($sSelect);
1773  }
1774 
1775  return $this->_iCntRecommLists;
1776  }
1777 
1784  protected function _setAutoGroups($sCountryId)
1785  {
1786  // assigning automatically to specific groups
1787  $blForeigner = true;
1788  $blForeignGroupExists = false;
1789  $blInlandGroupExists = false;
1790 
1791  $aHomeCountry = $this->getConfig()->getConfigParam('aHomeCountry');
1792  // foreigner ?
1793  if (is_array($aHomeCountry)) {
1794  if (in_array($sCountryId, $aHomeCountry)) {
1795  $blForeigner = false;
1796  }
1797  } elseif ($sCountryId == $aHomeCountry) {
1798  $blForeigner = false;
1799  }
1800 
1801  if ($this->inGroup('oxidforeigncustomer')) {
1802  $blForeignGroupExists = true;
1803  if (!$blForeigner) {
1804  $this->removeFromGroup('oxidforeigncustomer');
1805  }
1806  }
1807 
1808  if ($this->inGroup('oxidnewcustomer')) {
1809  $blInlandGroupExists = true;
1810  if ($blForeigner) {
1811  $this->removeFromGroup('oxidnewcustomer');
1812  }
1813  }
1814 
1815  if (!$blForeignGroupExists && $blForeigner) {
1816  $this->addToGroup('oxidforeigncustomer');
1817  }
1818  if (!$blInlandGroupExists && !$blForeigner) {
1819  $this->addToGroup('oxidnewcustomer');
1820  }
1821  }
1822 
1823 
1832  public function loadUserByUpdateId($sUid)
1833  {
1834  $oDb = oxDb::getDb();
1835  $sQ = "select oxid from " . $this->getViewName() . " where oxupdateexp >= " . time() . " and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = " . $oDb->quote($sUid);
1836  if ($sUserId = $oDb->getOne($sQ)) {
1837  return $this->load($sUserId);
1838  }
1839  }
1840 
1846  public function setUpdateKey($blReset = false)
1847  {
1848  $sUpKey = $blReset ? '' : oxUtilsObject::getInstance()->generateUId();
1849  $iUpTime = $blReset ? 0 : oxRegistry::get("oxUtilsDate")->getTime() + $this->getUpdateLinkTerm();
1850 
1851  // generating key
1852  $this->oxuser__oxupdatekey = new oxField($sUpKey, oxField::T_RAW);
1853 
1854  // setting expiration time for 6 hours
1855  $this->oxuser__oxupdateexp = new oxField($iUpTime, oxField::T_RAW);
1856 
1857  // saving
1858  $this->save();
1859  }
1860 
1866  public function getUpdateLinkTerm()
1867  {
1868  return 3600 * 6;
1869  }
1870 
1878  public function isExpiredUpdateId($sKey)
1879  {
1880  $oDb = oxDb::getDb();
1881  $sQ = "select 1 from " . $this->getViewName() . " where oxupdateexp >= " . time() . " and MD5( CONCAT( oxid, oxshopid, oxupdatekey ) ) = " . $oDb->quote($sKey);
1882 
1883  return !((bool) $oDb->getOne($sQ));
1884  }
1885 
1891  public function getUpdateId()
1892  {
1893  if ($this->_sUpdateKey === null) {
1894  $this->setUpdateKey();
1895  $this->_sUpdateKey = md5($this->getId() . $this->oxuser__oxshopid->value . $this->oxuser__oxupdatekey->value);
1896  }
1897 
1898  return $this->_sUpdateKey;
1899  }
1900 
1909  public function encodePassword($sPassword, $sSalt)
1910  {
1912  $oSha512Hasher = oxNew('oxSha512Hasher');
1914  $oHasher = oxNew('oxPasswordHasher', $oSha512Hasher);
1915 
1916  return $oHasher->hash($sPassword, $sSalt);
1917  }
1918 
1928  public function prepareSalt($sSalt)
1929  {
1931  $oOpenSSLFunctionalityChecker = oxNew('oxOpenSSLFunctionalityChecker');
1933  $oGenerator = oxNew('oxPasswordSaltGenerator', $oOpenSSLFunctionalityChecker);
1934 
1935  return $oGenerator->generate();
1936  }
1937 
1947  public function decodeSalt($sSaltHex)
1948  {
1949  return ($sSaltHex ? oxDb::getDb()->getOne("select UNHEX( '{$sSaltHex}' )") : '');
1950  }
1951 
1957  public function setPassword($sPassword = null)
1958  {
1960  $oOpenSSLFunctionalityChecker = oxNew('oxOpenSSLFunctionalityChecker');
1961  // setting salt if password is not empty
1963  $oSaltGenerator = oxNew('oxPasswordSaltGenerator', $oOpenSSLFunctionalityChecker);
1964 
1965  $sSalt = $sPassword ? $oSaltGenerator->generate() : '';
1966 
1967  // encoding only if password was not empty (e.g. user registration without pass)
1968  $sPassword = $sPassword ? $this->encodePassword($sPassword, $sSalt) : '';
1969 
1970  $this->oxuser__oxpassword = new oxField($sPassword, oxField::T_RAW);
1971  $this->oxuser__oxpasssalt = new oxField($sSalt, oxField::T_RAW);
1972  }
1973 
1981  public function isSamePassword($sNewPass)
1982  {
1983  return $this->encodePassword($sNewPass, $this->oxuser__oxpasssalt->value) == $this->oxuser__oxpassword->value;
1984  }
1985 
1991  public function isLoadedFromCookie()
1992  {
1994  }
1995 
2004  public function getPasswordHash()
2005  {
2006  $sHash = null;
2007  if ($this->oxuser__oxpassword->value) {
2008  $sHash = $this->oxuser__oxpassword->value;
2009  }
2010 
2011  return $sHash;
2012  }
2013 
2021  public function getReviewUserHash($sUserId)
2022  {
2023  $oDb = oxDb::getDb();
2024  $sReviewUserHash = $oDb->getOne('select md5(concat("oxid", oxpassword, oxusername )) from oxuser where oxid = ' . $oDb->quote($sUserId) . '');
2025 
2026  return $sReviewUserHash;
2027  }
2028 
2036  public function getReviewUserId($sReviewUserHash)
2037  {
2038  $oDb = oxDb::getDb();
2039  $sUserId = $oDb->getOne('select oxid from oxuser where md5(concat("oxid", oxpassword, oxusername )) = ' . $oDb->quote($sReviewUserHash) . '');
2040 
2041  return $sUserId;
2042  }
2043 
2051  public function getState()
2052  {
2053  return $this->getStateId();
2054  }
2055 
2061  public function getStateId()
2062  {
2063  return $this->oxuser__oxstateid->value;
2064  }
2065 
2073  public function getStateTitle($sId = null)
2074  {
2075  $oState = $this->_getStateObject();
2076 
2077  if (is_null($sId)) {
2078  $sId = $this->getStateId();
2079  }
2080 
2081  return $oState->getTitleById($sId);
2082  }
2083 
2089  public function isTermsAccepted()
2090  {
2091  $oDb = oxDb::getDb();
2092  $sShopId = $this->getConfig()->getShopId();
2093  $sUserId = $oDb->quote($this->getId());
2094 
2095  return (bool) $oDb->getOne("select 1 from oxacceptedterms where oxuserid={$sUserId} and oxshopid='{$sShopId}'");
2096  }
2097 
2101  public function acceptTerms()
2102  {
2103  $oDb = oxDb::getDb();
2104  $sUserId = $oDb->quote($this->getId());
2105  $sShopId = $this->getConfig()->getShopId();
2106  $sVersion = oxNew("oxcontent")->getTermsVersion();
2107 
2108  $oDb->execute("replace oxacceptedterms set oxuserid={$sUserId}, oxshopid='{$sShopId}', oxtermversion='{$sVersion}'");
2109  }
2110 
2120  public function setCreditPointsForRegistrant($sUserId, $sRecEmail)
2121  {
2122  $blSet = false;
2123  $oDb = oxDb::getDb();
2124  $iPoints = $this->getConfig()->getConfigParam('dPointsForRegistration');
2125  // check if this invitation is still not accepted
2126  $iPending = $oDb->getOne("select count(oxuserid) from oxinvitations where oxuserid = " . $oDb->quote($sUserId) . " and md5(oxemail) = " . $oDb->quote($sRecEmail) . " and oxpending = 1 and oxaccepted = 0", false, false);
2127  if ($iPoints && $iPending) {
2128  $this->oxuser__oxpoints = new oxField($iPoints, oxField::T_RAW);
2129  if ($blSet = $this->save()) {
2130  // updating users statistics
2131  $oDb->execute("UPDATE oxinvitations SET oxpending = '0', oxaccepted = '1' where oxuserid = " . $oDb->quote($sUserId) . " and md5(oxemail) = " . $oDb->quote($sRecEmail));
2132  $oInvUser = oxNew("oxuser");
2133  if ($oInvUser->load($sUserId)) {
2134  $blSet = $oInvUser->setCreditPointsForInviter();
2135  }
2136  }
2137  }
2138  oxRegistry::getSession()->deleteVariable('su');
2139  oxRegistry::getSession()->deleteVariable('re');
2140 
2141  return $blSet;
2142  }
2143 
2149  public function setCreditPointsForInviter()
2150  {
2151  $blSet = false;
2152  $iPoints = $this->getConfig()->getConfigParam('dPointsForInvitation');
2153  if ($iPoints) {
2154  $iNewPoints = $this->oxuser__oxpoints->value + $iPoints;
2155  $this->oxuser__oxpoints = new oxField($iNewPoints, oxField::T_RAW);
2156  $blSet = $this->save();
2157  }
2158 
2159  return $blSet;
2160  }
2161 
2167  public function updateFbId()
2168  {
2169  $oFb = oxRegistry::get("oxFb");
2170  $blRet = false;
2171 
2172  if ($oFb->isConnected() && $oFb->getUser()) {
2173  $this->oxuser__oxfbid = new oxField($oFb->getUser());
2174  $blRet = $this->save();
2175  }
2176 
2177  return $blRet;
2178  }
2179 
2185  public function updateInvitationStatistics($aRecEmail)
2186  {
2187  $oDb = oxDb::getDb();
2188  $sUserId = $this->getId();
2189 
2190  if ($sUserId && is_array($aRecEmail) && count($aRecEmail) > 0) {
2191  //iserting statistics about invitation
2192  $sDate = oxRegistry::get("oxUtilsDate")->formatDBDate(date("Y-m-d"), true);
2193  $aRecEmail = oxDb::getInstance()->quoteArray($aRecEmail);
2194  foreach ($aRecEmail as $sRecEmail) {
2195  $sSql = "INSERT INTO oxinvitations SET oxuserid = " . $oDb->quote($sUserId) . ", oxemail = $sRecEmail, oxdate='$sDate', oxpending = '1', oxaccepted = '0', oxtype = '1' ";
2196  $oDb->execute($sSql);
2197  }
2198  }
2199  }
2200 
2208  public function getIdByUserName($sUserName)
2209  {
2210  $oDb = oxDb::getDb();
2211  $sQ = "SELECT `oxid` FROM `oxuser` WHERE `oxusername` = " . $oDb->quote($sUserName);
2212  if (!$this->getConfig()->getConfigParam('blMallUsers')) {
2213  $sQ .= " AND `oxshopid` = " . $oDb->quote($this->getConfig()->getShopId());
2214  }
2215 
2216  return $oDb->getOne($sQ);
2217  }
2218 
2224  public function hasAccount()
2225  {
2226 
2227  return (bool) $this->oxuser__oxpassword->value;
2228  }
2229 
2235  public function isPriceViewModeNetto()
2236  {
2237  return (bool) $this->getConfig()->getConfigParam('blShowNetPrice');
2238  }
2239 
2249  protected function _dbLogin($sUser, $sPassword, $sShopID)
2250  {
2251  $blOldHash = false;
2252  $oDb = oxDb::getDb();
2253 
2254  if ($this->_isDemoShop() && $this->isAdmin()) {
2255  $sUserOxId = $oDb->getOne($this->_getDemoShopLoginQuery($sUser, $sPassword));
2256  } else {
2257  $sUserOxId = $oDb->getOne($this->_getLoginQuery($sUser, $sPassword, $sShopID, $this->isAdmin()));
2258  if (!$sUserOxId) {
2259  $sUserOxId = $oDb->getOne($this->_getLoginQueryHashedWithMD5($sUser, $sPassword, $sShopID, $this->isAdmin()));
2260  $blOldHash = true;
2261  }
2262  }
2263 
2264  if ($sUserOxId) {
2265  if (!$this->load($sUserOxId)) {
2267  $oEx = oxNew('oxUserException');
2268  $oEx->setMessage('ERROR_MESSAGE_USER_NOVALIDLOGIN');
2269  throw $oEx;
2270  } elseif ($blOldHash && $this->getId()) {
2271  $this->setPassword($sPassword);
2272  $this->save();
2273  }
2274  }
2275  }
2276 
2282  protected function _isDemoShop()
2283  {
2284  $blDemoMode = false;
2285 
2286  if ($this->getConfig()->isDemoShop()) {
2287  $blDemoMode = true;
2288  }
2289 
2290  return $blDemoMode;
2291  }
2292 
2303  protected function _getDemoShopLoginQuery($sUser, $sPassword)
2304  {
2305  if ($sPassword == "admin" && $sUser == "admin") {
2306  $sSelect = "SELECT `oxid` FROM `oxuser` WHERE `oxrights` = 'malladmin' ";
2307  } else {
2309  $oEx = oxNew('oxUserException');
2310  $oEx->setMessage('ERROR_MESSAGE_USER_NOVALIDLOGIN');
2311  throw $oEx;
2312  }
2313 
2314  return $sSelect;
2315  }
2316 }