PageRenderTime 53ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 1ms

/trunk/controllers/myaccount/controller.php

https://bitbucket.org/pooshonk/esw
PHP | 1351 lines | 1155 code | 129 blank | 67 comment | 231 complexity | bdc7731b222aa3d795c684f5cdd9da5f MD5 | raw file
Possible License(s): LGPL-2.1

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. class Myaccountcontroller {
  3. private $registry;
  4. public function __construct( PeacockCarterFrameworkRegistry $registry, $directCall )
  5. {
  6. $this->registry = $registry;
  7. // temp
  8. $sql = "SELECT c.ID FROM content c, content_types t, content_versions v, content_versions_pages p WHERE c.type=t.ID AND t.reference='page' AND p.version_id=v.ID AND v.ID=c.current_revision AND c.`order` >= 0 ORDER BY c.`order` ASC LIMIT 1";
  9. $this->registry->getObject('db')->executeQuery( $sql );
  10. $p = $this->registry->getObject('db')->getRows();
  11. $this->registry->getObject('menubuilder')->setCustomStuff( 'My Account', 'myaccount', $p['ID']);
  12. $this->registry->getObject('menubuilder')->buildMenu( $p['ID'] );
  13. if( $this->registry->getObject('authenticate')->isLoggedIn() == true )
  14. {
  15. $this->registry->getObject('template')->getPage()->setTitle('My Account');
  16. $urlBits = $this->registry->getURLBits();
  17. if( isset( $urlBits[1] ) )
  18. {
  19. switch( $urlBits[1] )
  20. {
  21. case 'view-order':
  22. $this->viewOrder( intval($urlBits[2]) );
  23. break;
  24. case 'orders':
  25. $this->listOrders();
  26. break;
  27. case 'change-password':
  28. $this->changePassword();
  29. break;
  30. case 'change-email':
  31. $this->changeEmailAddress();
  32. break;
  33. case 'change-delivery':
  34. $this->changeDefaultDeliveryDetails();
  35. break;
  36. case 'edit':
  37. $this->editAccount();
  38. break;
  39. default:
  40. $this->dashboard();
  41. break;
  42. }
  43. }
  44. else
  45. {
  46. $this->dashboard();
  47. }
  48. }
  49. else
  50. {
  51. $urlBits = $this->registry->getURLBits();
  52. if( $urlBits[1] == 'create' )
  53. {
  54. if( $urlBits[2] == 'events' )
  55. {
  56. $this->createAccount( 'events' );
  57. }
  58. else
  59. {
  60. $this->createAccount( 'myaccount' );
  61. }
  62. }
  63. else
  64. {
  65. $this->registry->errorPage('Please login', 'You must be logged in to access and manage your account');
  66. }
  67. }
  68. }
  69. /**
  70. * Send the contact form email
  71. */
  72. private function sendEmail( $message )
  73. {
  74. $this->registry->getObject('mailout')->startFresh();
  75. $this->registry->getObject('mailout')->setTo( $this->registry->getSetting('adminEmailAddress') );
  76. $this->registry->getObject('mailout')->setSender( $this->registry->getSetting('adminEmailAddress') );
  77. $this->registry->getObject('mailout')->setFromName( $this->registry->getSetting('cms_name') );
  78. $this->registry->getObject('mailout')->setSubject( $message );
  79. //$this->registry->getObject('mailout')->buildFromTemplates('contactform.tpl.php');
  80. //$tags = $this->values;
  81. //$tags[ 'generator' ] = $this->registry->getSetting('cms_name');
  82. //$tags[ 'sitename' ] = $this->registry->getSetting('sitename');
  83. //$this->registry->getObject('mailout')->replaceTags( $tags );
  84. $this->registry->getObject('mailout')->setMethod('sendmail');
  85. $this->registry->getObject('mailout')->send();
  86. }
  87. private function createAccount( $path )
  88. {
  89. if( isset( $_POST ) && is_array( $_POST ) && count( $_POST ) > 0 )
  90. {
  91. // create the account
  92. $required = array( 'username' => 'Username', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
  93. $errors = array();
  94. foreach( array_keys( $required ) as $r )
  95. {
  96. if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
  97. {
  98. $processable = false;
  99. $error = array();
  100. $error['errora'] = $required[ $r ] . " is a required field";
  101. $errors[] = $error;
  102. }
  103. if( isset( $_POST['email'] ) && $r == 'email' )
  104. {
  105. if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
  106. {
  107. $error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
  108. $errors[] = $error;
  109. }
  110. }
  111. if( isset( $_POST['username'] ) && $r == 'username' )
  112. {
  113. $username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  114. $sql = "SELECT * FROM users WHERE username = '{$username}'";
  115. $this->registry->getObject('db')->executeQuery($sql);
  116. if( $this->registry->getObject('db')->numRows() > 0 )
  117. {
  118. $error['errora'] = $required[ $r ] . " is already taken. Please try again.";
  119. $errors[] = $error;
  120. }
  121. }
  122. if( isset( $_POST['confirm_password'] ) && $r == 'confirm_password' )
  123. {
  124. if( $_POST['password'] != $_POST['confirm_password'] )
  125. {
  126. $error['errora'] = $required[ $r ] . " does not match your password. Please try again.";
  127. $errors[] = $error;
  128. }
  129. }
  130. if( isset( $_POST['password'] ) && $r == 'password' )
  131. {
  132. if( strlen( $_POST['password'] ) < 6 )
  133. {
  134. $error['errora'] = $required[ $r ] . " is too short, it must be at least 6 characters.";
  135. $errors[] = $error;
  136. }
  137. }
  138. }
  139. if( empty( $errors ) )
  140. {
  141. $insert = array();
  142. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  143. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  144. $insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
  145. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  146. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  147. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  148. $insert['password_hash'] = md5( $_POST['password'] );
  149. $insert['active'] = 1;
  150. $insert['banned'] = 0;
  151. $insert['admin'] = 0;
  152. $insert['deleted'] = 0;
  153. $insert['member'] = 0;
  154. $this->registry->getObject('db')->insertRecords( 'users', $insert );
  155. $id = $this->registry->getObject('db')->lastInsertID();
  156. $insert = array();
  157. $insert['user_id'] = $id;
  158. $insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
  159. $insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
  160. $insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
  161. $insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
  162. $insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  163. $insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
  164. $insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  165. $insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
  166. $insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  167. //$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
  168. //$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
  169. $insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
  170. $insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
  171. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  172. {
  173. $insert['kind'] = serialize( $_POST['kind'] );
  174. }
  175. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  176. {
  177. $insert['interests'] = serialize( $_POST['interests'] );
  178. }
  179. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  180. {
  181. $insert['networks'] = serialize( $_POST['networks'] );
  182. }
  183. if( isset( $_POST['voluntary'] ) )
  184. {
  185. $insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
  186. }
  187. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  188. {
  189. $insert['areas'] = serialize( $_POST['areas'] );
  190. }
  191. if( isset( $_POST['declaration'] ) )
  192. {
  193. $insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
  194. }
  195. $this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
  196. $username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  197. $password = $this->registry->getObject('db')->sanitizeData( $_POST['password'] );
  198. $this->registry->getObject('authenticate')->forceLogin( $username, $password );
  199. require_once( ACP_PATH . 'controllers/goldvision/controller.php');
  200. $controller = new GoldVisionController();
  201. $summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
  202. $phone_number = str_replace( '&', '&amp;', $_POST['phone'] );
  203. $address_1 = str_replace( '&', '&amp;', $_POST['address'] );
  204. $address_2 = str_replace( '&', '&amp;', $_POST['address_linetwo'] );
  205. $town = str_replace( '&', '&amp;', $_POST['city'] );
  206. $county = str_replace( '&', '&amp;', $_POST['county'] );
  207. $postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
  208. $website = str_replace( '&', '&amp;', $_POST['website'] );
  209. $interests = array();
  210. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  211. {
  212. if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
  213. {
  214. foreach( $_POST['interests'] as $interest => $details )
  215. {
  216. switch( $interest )
  217. {
  218. case 'age':
  219. $interests[] = '2';
  220. break;
  221. case 'asylum':
  222. $interests[] = '21';
  223. break;
  224. case 'disability':
  225. $interests[] = '58';
  226. break;
  227. case 'gender':
  228. $interests[] = '63';
  229. break;
  230. case 'gypsies':
  231. $interests[] = '47';
  232. break;
  233. case 'rights':
  234. $interests[] = '25';
  235. break;
  236. case 'migrants':
  237. $interests[] = '49';
  238. break;
  239. case 'race':
  240. $interests[] = '114';
  241. break;
  242. case 'religon':
  243. $interests[] = '64';
  244. break;
  245. case 'sexual':
  246. $interests[] = '115';
  247. break;
  248. case 'transgender':
  249. $interests[] = '61';
  250. break;
  251. }
  252. }
  253. }
  254. else
  255. {
  256. foreach( $_POST['interests'] as $interest => $details )
  257. {
  258. switch( $interest )
  259. {
  260. case 'age':
  261. $interests[] = '137';
  262. break;
  263. case 'asylum':
  264. $interests[] = '21';
  265. break;
  266. case 'disability':
  267. $interests[] = '59';
  268. break;
  269. case 'gender':
  270. $interests[] = '138';
  271. break;
  272. case 'gypsies':
  273. $interests[] = '47';
  274. break;
  275. case 'rights':
  276. $interests[] = '25';
  277. break;
  278. case 'migrants':
  279. $interests[] = '49';
  280. break;
  281. case 'race':
  282. $interests[] = '139';
  283. break;
  284. case 'religon':
  285. $interests[] = '144';
  286. break;
  287. case 'sexual':
  288. $interests[] = '140';
  289. break;
  290. case 'transgender':
  291. $interests[] = '61';
  292. break;
  293. }
  294. }
  295. }
  296. }
  297. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  298. {
  299. foreach( $_POST['areas'] as $area => $details )
  300. {
  301. switch( $area )
  302. {
  303. case 'bath':
  304. $interests[] = '101';
  305. break;
  306. case 'bristol':
  307. $interests[] = '96';
  308. break;
  309. case 'bournemouth':
  310. $interests[] = '102';
  311. break;
  312. case 'cornwall':
  313. $interests[] = '99';
  314. break;
  315. case 'devon':
  316. $interests[] = '106';
  317. break;
  318. case 'dorset':
  319. $interests[] = '108';
  320. break;
  321. case 'gloucestershire':
  322. $interests[] = '110';
  323. break;
  324. case 'north_somerset':
  325. $interests[] = '103';
  326. break;
  327. case 'plymouth':
  328. $interests[] = '104';
  329. break;
  330. case 'poole':
  331. $interests[] = '105';
  332. break;
  333. case 'somerset':
  334. $interests[] = '95';
  335. break;
  336. case 'south_gloucestershire':
  337. $interests[] = '107';
  338. break;
  339. case 'swindon':
  340. $interests[] = '109';
  341. break;
  342. case 'torbay':
  343. $interests[] = '111';
  344. break;
  345. case 'wiltshire':
  346. $interests[] = '100';
  347. break;
  348. case 'west_of_england':
  349. $interests[] = '98';
  350. break;
  351. case 'sw_region':
  352. $interests[] = '94';
  353. break;
  354. case 'outside_region':
  355. $interests[] = '97';
  356. break;
  357. }
  358. }
  359. }
  360. switch( $_POST['organisation_type'] )
  361. {
  362. case 'individual':
  363. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  364. break;
  365. case 'private':
  366. $type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
  367. break;
  368. case 'public':
  369. $type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
  370. break;
  371. case 'voluntary':
  372. $type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
  373. break;
  374. case 'social':
  375. $type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
  376. break;
  377. default:
  378. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  379. break;
  380. }
  381. // ind data
  382. $firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
  383. $lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
  384. $title = str_replace( '&', '&amp;', $_POST['title'] ) ;
  385. $jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
  386. $mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
  387. $email = str_replace( '&', '&amp;', $_POST['email'] ) ;
  388. $events = '';
  389. $newsletter = 0;
  390. $volun = '';
  391. $share = 0;
  392. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  393. {
  394. //echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
  395. foreach( $_POST['kind'] as $k => $v )
  396. {
  397. if( $k == 'events' )
  398. {
  399. $events = "1a26da8a-90f5-4527-a8eb-551df1970e49";
  400. }
  401. if( $k == 'newsletter' )
  402. {
  403. $newsletter = 1;
  404. }
  405. }
  406. }
  407. if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
  408. {
  409. $volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8";
  410. }
  411. else
  412. {
  413. $volun = "065b7934-5313-4656-857a-7e382fc312fe";
  414. }
  415. if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
  416. {
  417. $share = 1;
  418. }
  419. else
  420. {
  421. $share = 0;
  422. }
  423. if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
  424. {
  425. // organisation exists
  426. $orgID = $controller->getOrgID();
  427. // update it
  428. $controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  429. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  430. {
  431. // contact not exist: create it
  432. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  433. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  434. {
  435. $controller->createInterest( $interests, $indID );
  436. /*
  437. foreach( $interests as $interest => $tag )
  438. {
  439. $controller->createInterest( $tag, $indID );
  440. }*/
  441. }
  442. }
  443. else
  444. {
  445. // contact exists; update it
  446. $contactID = $controller->getContactID();
  447. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  448. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  449. {
  450. $controller->createInterest( $interests, $contactID );
  451. /*
  452. foreach( $interests as $interest => $tag )
  453. {
  454. $controller->createInterest( $tag, $indID );
  455. }*/
  456. }
  457. }
  458. }
  459. else
  460. {
  461. // create new organisation
  462. $orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  463. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  464. {
  465. // create new contact
  466. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  467. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  468. {
  469. $controller->createInterest( $interests, $indID );
  470. }
  471. }
  472. else
  473. {
  474. // update existing contact
  475. $contactID = $controller->getContactID();
  476. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  477. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  478. {
  479. $controller->createInterest( $interests, $contactID );
  480. }
  481. }
  482. }
  483. if( $path == 'events' )
  484. {
  485. $this->registry->redirectUser(array('events'),'Account created','Thank you, your account has been created. Taking you back to the events area.',false);
  486. }
  487. else
  488. {
  489. $this->registry->redirectUser(array('myaccount'),'Account created','Thank you, your account has been created.',false);
  490. }
  491. }
  492. else
  493. {
  494. $this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
  495. $this->registry->getObject('template')->addTemplateBit( 'form_errors', 'myaccount/errors.tpl.php' );
  496. foreach( $_POST as $pkey => $pdata )
  497. {
  498. $this->registry->getObject('template')->getPage()->addTag( 'form_' . $pkey, $pdata );
  499. }
  500. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  501. {
  502. foreach( $_POST['kind'] as $k => $v )
  503. {
  504. $this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
  505. }
  506. }
  507. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  508. {
  509. foreach( $_POST['interests'] as $k => $v )
  510. {
  511. $this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
  512. }
  513. }
  514. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  515. {
  516. foreach( $_POST['networks'] as $k => $v )
  517. {
  518. $this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
  519. }
  520. }
  521. if( isset( $_POST['voluntary'] ) )
  522. {
  523. if( $_POST['voluntary'] == 'yes' )
  524. {
  525. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
  526. }
  527. else
  528. {
  529. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
  530. }
  531. }
  532. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  533. {
  534. foreach( $_POST['areas'] as $k => $v )
  535. {
  536. $this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
  537. }
  538. }
  539. if( isset( $_POST['declaration'] ) )
  540. {
  541. if( $_POST['declaration'] == 'yes' )
  542. {
  543. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  544. }
  545. else
  546. {
  547. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
  548. }
  549. }
  550. if( isset( $_POST['organisation_type'] ) )
  551. {
  552. $this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
  553. }
  554. $cache = $this->registry->getObject('db')->cacheData( $errors );
  555. $this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
  556. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/create.tpl.php', 'footer.tpl.php');
  557. }
  558. }
  559. else
  560. {
  561. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  562. $this->registry->getObject('template')->getPage()->addTag( 'path', $path );
  563. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/create.tpl.php', 'footer.tpl.php');
  564. }
  565. }
  566. private function editAccount()
  567. {
  568. $id = $this->registry->getObject('authenticate')->getUserID();
  569. if( isset( $_POST ) && is_array( $_POST ) && count( $_POST ) > 0 )
  570. {
  571. // create the account
  572. $required = array( 'username' => 'Username', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
  573. $errors = array();
  574. foreach( array_keys( $required ) as $r )
  575. {
  576. if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
  577. {
  578. $processable = false;
  579. $error = array();
  580. $error['errora'] = $required[ $r ] . " is a required field";
  581. $errors[] = $error;
  582. }
  583. if( isset( $_POST['email'] ) && $r == 'email' )
  584. {
  585. if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
  586. {
  587. $error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
  588. $errors[] = $error;
  589. }
  590. }
  591. if( isset( $_POST['username'] ) && $r == 'username' )
  592. {
  593. if( $_POST['username'] != $_POST['usernameoriginal'] )
  594. {
  595. $username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  596. $sql = "SELECT * FROM users WHERE username = '{$username}'";
  597. $this->registry->getObject('db')->executeQuery($sql);
  598. if( $this->registry->getObject('db')->numRows() > 0 )
  599. {
  600. $error['errora'] = $required[ $r ] . " is already taken. Please try again.";
  601. $errors[] = $error;
  602. }
  603. }
  604. }
  605. }
  606. if( $_POST['password'] != '' )
  607. {
  608. if( strlen( $_POST['password'] ) < 6 )
  609. {
  610. $error['errora'] = "Your password is too short, it must be at least 6 characters.";
  611. $errors[] = $error;
  612. }
  613. if( isset( $_POST['confirm_password'] ) )
  614. {
  615. if( $_POST['password'] != $_POST['confirm_password'] )
  616. {
  617. $error['errora'] = "Your passwords do not match. Please try again.";
  618. $errors[] = $error;
  619. }
  620. }
  621. }
  622. if( empty( $errors ) )
  623. {
  624. $sql = "SELECT u.*, e.* FROM users u, users_extra e WHERE e.user_id=u.ID AND u.ID={$id}";
  625. $this->registry->getObject('db')->executeQuery( $sql );
  626. if( $this->registry->getObject('db')->numRows() == 1 )
  627. {
  628. $data = $this->registry->getObject('db')->getRows();
  629. }
  630. else
  631. {
  632. echo 'Error editing member';
  633. exit();
  634. }
  635. require_once( ACP_PATH . 'controllers/goldvision/controller.php');
  636. $controller = new GoldVisionController();
  637. $summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
  638. $phone_number = str_replace( '&', '&amp;', $_POST['phone'] );
  639. $address_1 = str_replace( '&', '&amp;', $_POST['address'] );
  640. $address_2 = str_replace( '&', '&amp;', $_POST['address_linetwo'] );
  641. $town = str_replace( '&', '&amp;', $_POST['city'] );
  642. $county = str_replace( '&', '&amp;', $_POST['county'] );
  643. $postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
  644. $website = str_replace( '&', '&amp;', $_POST['website'] );
  645. $interests = array();
  646. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  647. {
  648. if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
  649. {
  650. foreach( $_POST['interests'] as $interest => $details )
  651. {
  652. switch( $interest )
  653. {
  654. case 'age':
  655. $interests[] = '2';
  656. break;
  657. case 'asylum':
  658. $interests[] = '21';
  659. break;
  660. case 'disability':
  661. $interests[] = '58';
  662. break;
  663. case 'gender':
  664. $interests[] = '63';
  665. break;
  666. case 'gypsies':
  667. $interests[] = '47';
  668. break;
  669. case 'rights':
  670. $interests[] = '25';
  671. break;
  672. case 'migrants':
  673. $interests[] = '49';
  674. break;
  675. case 'race':
  676. $interests[] = '114';
  677. break;
  678. case 'religon':
  679. $interests[] = '64';
  680. break;
  681. case 'sexual':
  682. $interests[] = '115';
  683. break;
  684. case 'transgender':
  685. $interests[] = '61';
  686. break;
  687. }
  688. }
  689. }
  690. else
  691. {
  692. foreach( $_POST['interests'] as $interest => $details )
  693. {
  694. switch( $interest )
  695. {
  696. case 'age':
  697. $interests[] = '137';
  698. break;
  699. case 'asylum':
  700. $interests[] = '21';
  701. break;
  702. case 'disability':
  703. $interests[] = '59';
  704. break;
  705. case 'gender':
  706. $interests[] = '138';
  707. break;
  708. case 'gypsies':
  709. $interests[] = '47';
  710. break;
  711. case 'rights':
  712. $interests[] = '25';
  713. break;
  714. case 'migrants':
  715. $interests[] = '49';
  716. break;
  717. case 'race':
  718. $interests[] = '139';
  719. break;
  720. case 'religon':
  721. $interests[] = '144';
  722. break;
  723. case 'sexual':
  724. $interests[] = '140';
  725. break;
  726. case 'transgender':
  727. $interests[] = '61';
  728. break;
  729. }
  730. }
  731. }
  732. }
  733. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  734. {
  735. foreach( $_POST['areas'] as $area => $details )
  736. {
  737. switch( $area )
  738. {
  739. case 'bath':
  740. $interests[] = '101';
  741. break;
  742. case 'bristol':
  743. $interests[] = '96';
  744. break;
  745. case 'bournemouth':
  746. $interests[] = '102';
  747. break;
  748. case 'cornwall':
  749. $interests[] = '99';
  750. break;
  751. case 'devon':
  752. $interests[] = '106';
  753. break;
  754. case 'dorset':
  755. $interests[] = '108';
  756. break;
  757. case 'gloucestershire':
  758. $interests[] = '110';
  759. break;
  760. case 'north_somerset':
  761. $interests[] = '103';
  762. break;
  763. case 'plymouth':
  764. $interests[] = '104';
  765. break;
  766. case 'poole':
  767. $interests[] = '105';
  768. break;
  769. case 'somerset':
  770. $interests[] = '95';
  771. break;
  772. case 'south_gloucestershire':
  773. $interests[] = '107';
  774. break;
  775. case 'swindon':
  776. $interests[] = '109';
  777. break;
  778. case 'torbay':
  779. $interests[] = '111';
  780. break;
  781. case 'wiltshire':
  782. $interests[] = '100';
  783. break;
  784. case 'west_of_england':
  785. $interests[] = '98';
  786. break;
  787. case 'sw_region':
  788. $interests[] = '94';
  789. break;
  790. case 'outside_region':
  791. $interests[] = '97';
  792. break;
  793. }
  794. }
  795. }
  796. switch( $_POST['organisation_type'] )
  797. {
  798. case 'individual':
  799. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  800. break;
  801. case 'private':
  802. $type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
  803. break;
  804. case 'public':
  805. $type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
  806. break;
  807. case 'voluntary':
  808. $type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
  809. break;
  810. case 'social':
  811. $type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
  812. break;
  813. default:
  814. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  815. break;
  816. }
  817. // ind data
  818. $firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
  819. $lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
  820. $title = str_replace( '&', '&amp;', $_POST['title'] ) ;
  821. $jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
  822. $mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
  823. $email = str_replace( '&', '&amp;', $_POST['email'] ) ;
  824. $events = '';
  825. $newsletter = 0;
  826. $volun = '';
  827. $share = 0;
  828. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  829. {
  830. //echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
  831. foreach( $_POST['kind'] as $k => $v )
  832. {
  833. if( $k == 'events' )
  834. {
  835. $events = "1a26da8a-90f5-4527-a8eb-551df1970e49";
  836. }
  837. if( $k == 'newsletter' )
  838. {
  839. $newsletter = 1;
  840. }
  841. }
  842. }
  843. if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
  844. {
  845. $volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8";
  846. }
  847. else
  848. {
  849. $volun = "065b7934-5313-4656-857a-7e382fc312fe";
  850. }
  851. if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
  852. {
  853. $share = 1;
  854. }
  855. else
  856. {
  857. $share = 0;
  858. }
  859. if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
  860. {
  861. // organisation exists
  862. $orgID = $controller->getOrgID();
  863. // update it
  864. $controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  865. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  866. {
  867. // contact not exist: create it
  868. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  869. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  870. {
  871. $controller->createInterest( $interests, $indID );
  872. /*
  873. foreach( $interests as $interest => $tag )
  874. {
  875. $controller->createInterest( $tag, $indID );
  876. }*/
  877. }
  878. }
  879. else
  880. {
  881. // contact exists; update it
  882. $contactID = $controller->getContactID();
  883. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  884. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  885. {
  886. $controller->createInterest( $interests, $contactID );
  887. /*
  888. foreach( $interests as $interest => $tag )
  889. {
  890. $controller->createInterest( $tag, $indID );
  891. }*/
  892. }
  893. }
  894. }
  895. else
  896. {
  897. // create new organisation
  898. $orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  899. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  900. {
  901. // create new contact
  902. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  903. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  904. {
  905. $controller->createInterest( $interests, $indID );
  906. }
  907. }
  908. else
  909. {
  910. // update existing contact
  911. $contactID = $controller->getContactID();
  912. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  913. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  914. {
  915. $controller->createInterest( $interests, $contactID );
  916. }
  917. }
  918. }
  919. $insert = array();
  920. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  921. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  922. $insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
  923. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  924. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  925. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  926. if( $_POST['password_hash'] != '' )
  927. {
  928. $insert['password_hash'] = md5($_POST['password_hash'] );
  929. }
  930. $insert['active'] = 1;
  931. $insert['banned'] = 0;
  932. $insert['admin'] = 0;
  933. $insert['deleted'] = 0;
  934. $insert['member'] = 0;
  935. $this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );
  936. $insert = array();
  937. $insert['user_id'] = $id;
  938. $insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
  939. $insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
  940. $insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
  941. $insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
  942. $insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  943. $insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
  944. $insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  945. $insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
  946. $insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  947. //$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
  948. //$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
  949. $insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
  950. $insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
  951. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  952. {
  953. $insert['kind'] = serialize( $_POST['kind'] );
  954. }
  955. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  956. {
  957. $insert['interests'] = serialize( $_POST['interests'] );
  958. }
  959. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  960. {
  961. $insert['networks'] = serialize( $_POST['networks'] );
  962. }
  963. if( isset( $_POST['voluntary'] ) )
  964. {
  965. $insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
  966. }
  967. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  968. {
  969. $insert['areas'] = serialize( $_POST['areas'] );
  970. }
  971. if( isset( $_POST['declaration'] ) )
  972. {
  973. $insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
  974. }
  975. $this->registry->getObject('db')->updateRecords( 'users_extra', $insert, 'user_id=' . $id );
  976. $this->registry->redirectUser(array('myaccount'),'Account updated','Thank you, your account has been updated.',false);
  977. }
  978. else
  979. {
  980. $this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
  981. $this->registry->getObject('template')->addTemplateBit( 'form_errors', 'myaccount/errors.tpl.php' );
  982. foreach( $_POST as $pkey => $pdata )
  983. {
  984. $this->registry->getObject('template')->getPage()->addTag( 'form_' . $pkey, $pdata );
  985. }
  986. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  987. {
  988. foreach( $_POST['kind'] as $k => $v )
  989. {
  990. $this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
  991. }
  992. }
  993. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  994. {
  995. foreach( $_POST['interests'] as $k => $v )
  996. {
  997. $this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
  998. }
  999. }
  1000. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  1001. {
  1002. foreach( $_POST['networks'] as $k => $v )
  1003. {
  1004. $this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
  1005. }
  1006. }
  1007. if( isset( $_POST['voluntary'] ) )
  1008. {
  1009. if( $_POST['voluntary'] == 'yes' )
  1010. {
  1011. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
  1012. }
  1013. else
  1014. {
  1015. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
  1016. }
  1017. }
  1018. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  1019. {
  1020. foreach( $_POST['areas'] as $k => $v )
  1021. {
  1022. $this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
  1023. }
  1024. }
  1025. if( isset( $_POST['declaration'] ) )
  1026. {
  1027. if( $_POST['declaration'] == 'yes' )
  1028. {
  1029. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  1030. }
  1031. else
  1032. {
  1033. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
  1034. }
  1035. }
  1036. if( isset( $_POST['organisation_type'] ) )
  1037. {
  1038. $this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
  1039. }
  1040. $this->registry->getObject('template')->getPage()->addTag( 'form_username', $_POST['usernameoriginal'] );
  1041. $cache = $this->registry->getObject('db')->cacheData( $errors );
  1042. $this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
  1043. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/edit.tpl.php', 'footer.tpl.php');
  1044. }
  1045. }
  1046. else
  1047. {
  1048. $sql = "SELECT u.*, e.* FROM users u LEFT JOIN users_extra e ON e.user_id = u.ID WHERE u.ID=" . $id;
  1049. $this->registry->getObject('db')->executeQuery( $sql );
  1050. $data = $this->registry->getObject('db')->getRows();
  1051. $this->registry->getObject('template')->dataToTags( $data, 'form_' );
  1052. $kind = unserialize( $data['kind'] );
  1053. if( isset( $kind ) && is_array($kind) && count( $kind ) > 0 )
  1054. {
  1055. foreach( $kind as $k => $v )
  1056. {
  1057. $this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
  1058. }
  1059. }
  1060. $interests = unserialize( $data['interests'] );
  1061. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1062. {
  1063. foreach( $interests as $k => $v )
  1064. {
  1065. $this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
  1066. }
  1067. }
  1068. $networks = unserialize( $data['networks'] );
  1069. if( isset( $networks ) && is_array($networks) && count( $networks ) > 0 )
  1070. {
  1071. foreach( $networks as $k => $v )
  1072. {
  1073. $this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
  1074. }
  1075. }
  1076. if( $data['voluntary'] == 'yes' )
  1077. {
  1078. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
  1079. }
  1080. else
  1081. {
  1082. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
  1083. }
  1084. $areas = unserialize( $data['areas'] );
  1085. if( isset( $areas ) && is_array($areas) && count( $areas ) > 0 )
  1086. {
  1087. foreach( $areas as $k => $v )
  1088. {
  1089. $this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
  1090. }
  1091. }
  1092. if( $data['declaration'] == 'yes' )
  1093. {
  1094. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  1095. }
  1096. else
  1097. {
  1098. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
  1099. }
  1100. $this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $data['organisation_type'], 'selected="selected"' );
  1101. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/edit.tpl.php', 'footer.tpl.php');
  1102. }
  1103. }
  1104. private function changeEmailAddress()
  1105. {
  1106. if( isset( $_POST['email'] ) )
  1107. {
  1108. if( preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
  1109. {
  1110. $changes = array();
  1111. $changes['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  1112. $this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $this->registry->getObject('authenticate')->getUserID() );
  1113. $this->registry->errorPage('Email address saved', 'Your new email address has been saved');
  1114. }
  1115. else
  1116. {
  1117. $this->registry->errorPage( 'Invalid email address', 'Sorry, your email address was not valid, please try again');
  1118. }
  1119. }
  1120. else
  1121. {
  1122. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/email.tpl.php', 'footer.tpl.php');
  1123. }
  1124. }
  1125. private function changePassword()
  1126. {
  1127. if( isset( $_POST['password'] ) )
  1128. {
  1129. if( ! isset( $_POST['password_confirm'] ) || ( $_POST['password'] != $_POST['password_confirm'] ) )
  1130. {
  1131. $this->registry->errorPage('Password not confirmed', 'Sorry, your password and confirmation did not match. Please try again.');
  1132. }
  1133. elseif( strlen( $_POST['password'] ) < 6 )
  1134. {
  1135. $this->registry->errorPage('Password too short', 'Sorry, your password was too short, passwords must be at least 6 characters long');
  1136. }
  1137. else
  1138. {
  1139. $changes = array();
  1140. $changes['password_hash'] = md5( $_POST['password'] );
  1141. $this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $this->registry->getObject('authenticate')->getUserID() );
  1142. $this->registry->errorPage('Password changed', 'Your password has been updated');
  1143. }
  1144. }
  1145. else
  1146. {
  1147. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/password.tpl.php', 'footer.tpl.php');
  1148. }
  1149. }
  1150. private function changeDefaultDeliveryDetails()
  1151. {
  1152. if( isset( $_POST['delivery'] ) )
  1153. {
  1154. $changes = array();
  1155. $changes['default_delivery_name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
  1156. $changes['default_delivery_address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  1157. $changes['default_delivery_address2'] = $this->registry->getObject('db')->sanitizeData( $_POST['address2'] );
  1158. $changes['default_delivery_city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  1159. $changes['default_delivery_postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  1160. $changes['default_delivery_country'] = $this->registry->getObject('db')->sanitizeData( $_POST['country'] );
  1161. $this->registry->getObject('db')->updateRecords( 'users_extra', $changes, 'user_id=' . $this->registry->getObject('authenticate')->getUserID() );
  1162. $this->registry->errorPage('Delivery address saved', 'Your delivery address has been saved');
  1163. }
  1164. else
  1165. {
  1166. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/delivery.tpl.php', 'footer.tpl.php');
  1167. }
  1168. }
  1169. private function listOrders()
  1170. {
  1171. // do we have orders
  1172. $u = $this->registry->getObject('authenticate')->getUserID();
  1173. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/orders.tpl.php', 'footer.tpl.php');
  1174. $sql = "SELECT o.ID, DATE_FORMAT(date_placed, '%D %M %Y') as placed, (SELECT COUNT(qty) FROM store_orders_items WHERE order_id=o.ID) as products, s.name as status, FORMAT(o.products_cost,2) as cost FROM store_orders o, store_order_statuses s WHERE o.status=s.ID AND o.user_id={$u} ORDER BY ID ASC";
  1175. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  1176. $this->registry->getObject('template')->getPage()->addTag('orders', array('SQL', $cache));
  1177. // else error page?
  1178. }
  1179. private function viewOrder( $order )
  1180. {
  1181. // order and customer details
  1182. $u = $this->registry->getObject('authenticate')->getUserID();
  1183. $sql = "SELECT o.dispatch_comment, o.status as status_id, o.ID, o.payment_txn, DATE_FORMAT(o.date_placed, '%D %M %Y') as date_placed, IF(o.date_dispatch='0000-00-00 00:00:00', 'Not yet dispatched', DATE_FORMAT( o.date_dispatch, '%D %M %Y') ) as date_dispatched, FORMAT(o.products_cost,2) as products_cost, FORMAT(o.shipping_cost,2) as shipping_cost, FORMAT( ( FORMAT(o.products_cost,2) + FORMAT(o.shipping_cost,2) ),2 ) as total_cost, s.name as status_name, u.username, o.user_id, pm.name as payment_method, sm.name as shipping_method, IF(o.voucher_code_text='','No voucher code used', o.voucher_code_text) as voucher_code_text, o.shipping_name, o.shipping_address, o.shipping_address2, o.shipping_city, o.shipping_postcode, o.shipping_country, o.delivery_comment FROM store_orders o, store_order_statuses s, users u, store_payment_methods pm, store_shipping_methods sm WHERE o.ID={$order} AND s.ID=o.status AND sm.ID=o.shipping_method AND pm.ID=o.payment_method AND u.ID=o.user_id AND o.user_id={$u}";
  1184. $this->registry->getObject('db')->executeQuery( $sql );
  1185. if( $this->registry->getObject('db')->numRows() == 1 )
  1186. {
  1187. $orderdata = $this->registry->getObject('db')->getRows();
  1188. $this->registry->getObject('template')->dataToTags( $orderdata, 'od_');
  1189. //echo '<pre>' . print_r( $orderdata, true ) . '</pre>';
  1190. // product details (and variations)
  1191. $sql = "SELECT (
  1192. SELECT
  1193. GROUP_CONCAT( a.name,': ', av.name SEPARATOR ', ' )
  1194. FROM store_product_variation_values av, store_orders_items_variation_value_association ava, store_product_variations a
  1195. WHERE a.ID = av.attribute AND av.ID=ava.variation_id AND ava.order_item_id=i.ID
  1196. ) AS variations, p.name as product_name, i.product_id as product_id, i.qty as product_quantity, FORMAT(pd.price,2) as unit_cost, FORMAT((pd.price * i.qty),2) as cost, IF(i.uploaded_file='', 0,1) as has_file, i.uploaded_file as uploaded_file, i.standard FROM store_orders_items i, content c, content_versions p, content_types t, content_versions_store_products pd WHERE pd.version_id=p.ID AND i.order_id={$order} AND c.ID=i.product_id AND p.ID=c.current_revision AND c.type=t.ID and t.reference='product'";
  1197. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  1198. $this->registry->getObject('template')->getPage()->addTag('items', array( 'SQL', $cache ) );
  1199. $sql = "SELECT ID as status_id, name as status_name FROM store_order_statuses";
  1200. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  1201. //$this->registry->getObject('template')->getPage()->addTag('statuses', array( 'SQL', $cache ) );
  1202. //$this->registry->getObject('template')->getPage()->addAdditionalParsingData( 'statuses', 'status_id', $orderdata['status_id'], 'extra', "selected='selected'");
  1203. // template
  1204. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/order.tpl.php', 'footer.tpl.php');
  1205. // are we updating the order?
  1206. }
  1207. else
  1208. {
  1209. $this->registry->errorPage('Order not found', 'The order you requested was not found');
  1210. }
  1211. }
  1212. private function dashboard()
  1213. {
  1214. header('Location: ' . $this->registry->buildURL(array(), '', false ) );
  1215. //$u = $this->registry->getObject('authenticate')->getUserID();
  1216. //$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/dashboard.tpl.php', 'footer.tpl.php');
  1217. //$sql = "SELECT o.ID, DATE_FORMAT(date_placed, '%D %M %Y') as placed, (SELECT COUN…

Large files files are truncated, but you can click here to view the full file