PageRenderTime 42ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/catalog/model/account/customer.php

https://bitbucket.org/monobasic/shop.volero.ch
PHP | 174 lines | 130 code | 42 blank | 2 comment | 33 complexity | 57675491fc61496e554059e84ce39582 MD5 | raw file
  1. <?php
  2. class ModelAccountCustomer extends Model {
  3. public function addCustomer($data) {
  4. $this->db->query("INSERT INTO " . DB_PREFIX . "customer SET store_id = '" . (int)$this->config->get('config_store_id') . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', password = '" . $this->db->escape(md5($data['password'])) . "', newsletter = '" . (isset($data['newsletter']) ? (int)$data['newsletter'] : 0) . "', customer_group_id = '" . (int)$this->config->get('config_customer_group_id') . "', status = '1', date_added = NOW()");
  5. $customer_id = $this->db->getLastId();
  6. $this->db->query("INSERT INTO " . DB_PREFIX . "address SET customer_id = '" . (int)$customer_id . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', company = '" . $this->db->escape($data['company']) . "', address_1 = '" . $this->db->escape($data['address_1']) . "', address_2 = '" . $this->db->escape($data['address_2']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int)$data['country_id'] . "', zone_id = '" . (int)$data['zone_id'] . "'");
  7. $address_id = $this->db->getLastId();
  8. $this->db->query("UPDATE " . DB_PREFIX . "customer SET address_id = '" . (int)$address_id . "' WHERE customer_id = '" . (int)$customer_id . "'");
  9. if (!$this->config->get('config_customer_approval')) {
  10. $this->db->query("UPDATE " . DB_PREFIX . "customer SET approved = '1' WHERE customer_id = '" . (int)$customer_id . "'");
  11. }
  12. $this->language->load('mail/customer');
  13. $subject = sprintf($this->language->get('text_subject'), $this->config->get('config_name'));
  14. $message = sprintf($this->language->get('text_welcome'), $this->config->get('config_name')) . "\n\n";
  15. if (!$this->config->get('config_customer_approval')) {
  16. $message .= $this->language->get('text_login') . "\n";
  17. } else {
  18. $message .= $this->language->get('text_approval') . "\n";
  19. }
  20. $message .= $this->url->link('account/login', '', 'SSL') . "\n\n";
  21. $message .= $this->language->get('text_services') . "\n\n";
  22. $message .= $this->language->get('text_thanks') . "\n";
  23. $message .= $this->config->get('config_name');
  24. $mail = new Mail();
  25. $mail->protocol = $this->config->get('config_mail_protocol');
  26. $mail->parameter = $this->config->get('config_mail_parameter');
  27. $mail->hostname = $this->config->get('config_smtp_host');
  28. $mail->username = $this->config->get('config_smtp_username');
  29. $mail->password = $this->config->get('config_smtp_password');
  30. $mail->port = $this->config->get('config_smtp_port');
  31. $mail->timeout = $this->config->get('config_smtp_timeout');
  32. $mail->setTo($data['email']);
  33. $mail->setFrom($this->config->get('config_email'));
  34. $mail->setSender($this->config->get('config_name'));
  35. $mail->setSubject($subject);
  36. $mail->setText($message);
  37. $mail->send();
  38. // Send to main admin email if new account email is enabled
  39. if ($this->config->get('config_account_mail')) {
  40. $mail->setTo($this->config->get('config_email'));
  41. $mail->send();
  42. // Send to additional alert emails if new account email is enabled
  43. $emails = explode(',', $this->config->get('config_alert_emails'));
  44. foreach ($emails as $email) {
  45. if (strlen($email) > 0 && preg_match('/^[^\@]+@.*\.[a-z]{2,6}$/i', $email)) {
  46. $mail->setTo($email);
  47. $mail->send();
  48. }
  49. }
  50. }
  51. }
  52. public function editCustomer($data) {
  53. $this->db->query("UPDATE " . DB_PREFIX . "customer SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "' WHERE customer_id = '" . (int)$this->customer->getId() . "'");
  54. }
  55. public function editPassword($email, $password) {
  56. $this->db->query("UPDATE " . DB_PREFIX . "customer SET password = '" . $this->db->escape(md5($password)) . "' WHERE email = '" . $this->db->escape($email) . "'");
  57. }
  58. public function editNewsletter($newsletter) {
  59. $this->db->query("UPDATE " . DB_PREFIX . "customer SET newsletter = '" . (int)$newsletter . "' WHERE customer_id = '" . (int)$this->customer->getId() . "'");
  60. }
  61. public function getCustomer($customer_id) {
  62. $query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE customer_id = '" . (int)$customer_id . "'");
  63. return $query->row;
  64. }
  65. public function getCustomerByToken($token) {
  66. $query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE token = '" . $this->db->escape($token) . "' AND token != ''");
  67. $this->db->query("UPDATE " . DB_PREFIX . "customer SET token = ''");
  68. return $query->row;
  69. }
  70. public function getCustomers($data = array()) {
  71. $sql = "SELECT *, CONCAT(c.firstname, ' ', c.lastname) AS name, cg.name AS customer_group FROM " . DB_PREFIX . "customer c LEFT JOIN " . DB_PREFIX . "customer_group cg ON (c.customer_group_id = cg.customer_group_id) ";
  72. $implode = array();
  73. if (isset($data['filter_name']) && !is_null($data['filter_name'])) {
  74. $implode[] = "LCASE(CONCAT(c.firstname, ' ', c.lastname)) LIKE '" . $this->db->escape(utf8_strtolower($data['filter_name'])) . "%'";
  75. }
  76. if (isset($data['filter_email']) && !is_null($data['filter_email'])) {
  77. $implode[] = "c.email = '" . $this->db->escape($data['filter_email']) . "'";
  78. }
  79. if (isset($data['filter_customer_group_id']) && !is_null($data['filter_customer_group_id'])) {
  80. $implode[] = "cg.customer_group_id = '" . $this->db->escape($data['filter_customer_group_id']) . "'";
  81. }
  82. if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
  83. $implode[] = "c.status = '" . (int)$data['filter_status'] . "'";
  84. }
  85. if (isset($data['filter_approved']) && !is_null($data['filter_approved'])) {
  86. $implode[] = "c.approved = '" . (int)$data['filter_approved'] . "'";
  87. }
  88. if (isset($data['filter_ip']) && !is_null($data['filter_ip'])) {
  89. $implode[] = "c.customer_id IN (SELECT customer_id FROM " . DB_PREFIX . "customer_ip WHERE ip = '" . $this->db->escape($data['filter_ip']) . "')";
  90. }
  91. if (isset($data['filter_date_added']) && !is_null($data['filter_date_added'])) {
  92. $implode[] = "DATE(c.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
  93. }
  94. if ($implode) {
  95. $sql .= " WHERE " . implode(" AND ", $implode);
  96. }
  97. $sort_data = array(
  98. 'name',
  99. 'c.email',
  100. 'customer_group',
  101. 'c.status',
  102. 'c.ip',
  103. 'c.date_added'
  104. );
  105. if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
  106. $sql .= " ORDER BY " . $data['sort'];
  107. } else {
  108. $sql .= " ORDER BY name";
  109. }
  110. if (isset($data['order']) && ($data['order'] == 'DESC')) {
  111. $sql .= " DESC";
  112. } else {
  113. $sql .= " ASC";
  114. }
  115. if (isset($data['start']) || isset($data['limit'])) {
  116. if ($data['start'] < 0) {
  117. $data['start'] = 0;
  118. }
  119. if ($data['limit'] < 1) {
  120. $data['limit'] = 20;
  121. }
  122. $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
  123. }
  124. $query = $this->db->query($sql);
  125. return $query->rows;
  126. }
  127. public function getTotalCustomersByEmail($email) {
  128. $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "customer WHERE email = '" . $this->db->escape($email) . "'");
  129. return $query->row['total'];
  130. }
  131. }
  132. ?>