PageRenderTime 93ms CodeModel.GetById 3ms app.highlight 80ms RepoModel.GetById 1ms app.codeStats 0ms

/trunk/controllers/myaccount/controller.php

https://bitbucket.org/pooshonk/esw
PHP | 1351 lines | 1155 code | 129 blank | 67 comment | 231 complexity | bdc7731b222aa3d795c684f5cdd9da5f MD5 | raw file
   1<?php
   2
   3class Myaccountcontroller {
   4	
   5	private $registry;
   6	
   7	public function __construct( PeacockCarterFrameworkRegistry $registry, $directCall )
   8	{
   9		$this->registry = $registry;
  10		// temp
  11		$sql = "SELECT c.ID FROM content c, content_types t, content_versions v, content_versions_pages p WHERE c.type=t.ID AND t.reference='page' AND p.version_id=v.ID AND v.ID=c.current_revision AND c.`order` >= 0 ORDER BY c.`order` ASC LIMIT 1";
  12		$this->registry->getObject('db')->executeQuery( $sql );
  13		$p = $this->registry->getObject('db')->getRows();
  14		$this->registry->getObject('menubuilder')->setCustomStuff( 'My Account', 'myaccount', $p['ID']);
  15		$this->registry->getObject('menubuilder')->buildMenu( $p['ID'] );
  16		if( $this->registry->getObject('authenticate')->isLoggedIn() == true )
  17		{
  18			
  19			$this->registry->getObject('template')->getPage()->setTitle('My Account');
  20			$urlBits = $this->registry->getURLBits();
  21			if( isset( $urlBits[1] ) )
  22			{
  23				switch( $urlBits[1] )
  24				{
  25					case 'view-order':
  26						$this->viewOrder( intval($urlBits[2]) );
  27						break;
  28					case 'orders':
  29						$this->listOrders();
  30						break;
  31					case 'change-password':
  32						$this->changePassword();
  33						break;
  34					case 'change-email':
  35						$this->changeEmailAddress();
  36						break;
  37					case 'change-delivery':
  38						$this->changeDefaultDeliveryDetails();
  39						break;
  40					case 'edit':
  41						$this->editAccount();
  42						break;	
  43					default:
  44						$this->dashboard();
  45						break;		
  46				}
  47				
  48			}
  49			else
  50			{
  51				$this->dashboard();
  52			}
  53		}
  54		else
  55		{
  56			$urlBits = $this->registry->getURLBits();
  57			if( $urlBits[1] == 'create' )
  58			{
  59				if( $urlBits[2] == 'events' )
  60				{
  61					$this->createAccount( 'events' );
  62				}
  63				else
  64				{
  65					$this->createAccount( 'myaccount' );
  66				}	
  67			}
  68			else
  69			{
  70				$this->registry->errorPage('Please login', 'You must be logged in to access and manage your account');	
  71			}
  72			
  73		}
  74	}
  75	
  76	/**
  77	 * Send the contact form email
  78	 */
  79	private function sendEmail( $message )
  80	{
  81		$this->registry->getObject('mailout')->startFresh();
  82		$this->registry->getObject('mailout')->setTo( $this->registry->getSetting('adminEmailAddress') );
  83		$this->registry->getObject('mailout')->setSender( $this->registry->getSetting('adminEmailAddress') );
  84		$this->registry->getObject('mailout')->setFromName( $this->registry->getSetting('cms_name') );
  85		$this->registry->getObject('mailout')->setSubject( $message );
  86		
  87		//$this->registry->getObject('mailout')->buildFromTemplates('contactform.tpl.php');
  88		//$tags = $this->values;
  89		//$tags[ 'generator' ] = $this->registry->getSetting('cms_name');
  90		//$tags[ 'sitename' ] = $this->registry->getSetting('sitename');
  91		//$this->registry->getObject('mailout')->replaceTags( $tags );
  92		
  93		$this->registry->getObject('mailout')->setMethod('sendmail');
  94		$this->registry->getObject('mailout')->send();
  95	}
  96	
  97	private function createAccount( $path )
  98	{
  99		if( isset( $_POST ) && is_array( $_POST ) && count( $_POST ) > 0 )
 100		{
 101			// create the account
 102			$required = array( 'username' => 'Username', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
 103			$errors = array();
 104			foreach( array_keys( $required ) as $r )
 105			{
 106				if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
 107				{
 108					$processable = false;
 109					$error = array();
 110					$error['errora'] = $required[ $r ] . " is a required field";
 111					$errors[] = $error;
 112				}
 113				
 114				if( isset( $_POST['email'] ) && $r == 'email' )
 115				{
 116					if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
 117					{
 118						$error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
 119						$errors[] = $error;
 120					}
 121				}
 122				
 123				if( isset( $_POST['username'] ) && $r == 'username' )
 124				{
 125					$username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 126					$sql = "SELECT * FROM users WHERE username = '{$username}'";
 127					$this->registry->getObject('db')->executeQuery($sql);
 128					if( $this->registry->getObject('db')->numRows() > 0 )
 129					{
 130						$error['errora'] = $required[ $r ] . " is already taken. Please try again.";
 131						$errors[] = $error;
 132					}
 133				}
 134				
 135				if(  isset( $_POST['confirm_password'] ) && $r == 'confirm_password' )
 136				{
 137					if( $_POST['password'] != $_POST['confirm_password'] )
 138					{
 139						$error['errora'] = $required[ $r ] . " does not match your password. Please try again.";
 140						$errors[] = $error;
 141					}
 142				}
 143				
 144				if(  isset( $_POST['password'] ) && $r == 'password' )
 145				{
 146					if( strlen( $_POST['password'] ) < 6 )
 147					{
 148						$error['errora'] = $required[ $r ] . " is too short, it must be at least 6 characters.";
 149						$errors[] = $error;
 150					}
 151				}
 152			}
 153							
 154			if( empty( $errors ) )
 155			{
 156				$insert = array();
 157				$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 158				$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
 159				$insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
 160				$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
 161				$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 162				$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 163				$insert['password_hash'] = md5( $_POST['password'] );
 164				$insert['active'] = 1;
 165				$insert['banned'] = 0;
 166				$insert['admin'] = 0;
 167				$insert['deleted'] = 0;
 168				$insert['member'] = 0;
 169				$this->registry->getObject('db')->insertRecords( 'users', $insert );
 170				$id = $this->registry->getObject('db')->lastInsertID();
 171				
 172				$insert = array();
 173				$insert['user_id'] = $id;
 174				$insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
 175				$insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
 176				$insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
 177				$insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
 178				$insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
 179				$insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
 180				$insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
 181				$insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
 182				$insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
 183				//$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
 184				//$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
 185				$insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
 186				$insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
 187				
 188				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 189				{
 190					$insert['kind'] = serialize( $_POST['kind'] );
 191				}
 192				
 193				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 194				{
 195					$insert['interests'] = serialize( $_POST['interests'] );
 196				}
 197				
 198				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
 199				{
 200					$insert['networks'] = serialize( $_POST['networks'] );
 201				}
 202				
 203				if( isset( $_POST['voluntary'] ) )
 204				{
 205					$insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
 206				}
 207				
 208				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 209				{
 210					$insert['areas'] = serialize( $_POST['areas'] );
 211				}
 212				
 213				if( isset( $_POST['declaration'] ) )
 214				{
 215					$insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
 216				}
 217				
 218				$this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
 219				
 220				$username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 221				$password =  $this->registry->getObject('db')->sanitizeData( $_POST['password'] );
 222				$this->registry->getObject('authenticate')->forceLogin( $username, $password );
 223								
 224				require_once( ACP_PATH . 'controllers/goldvision/controller.php');
 225				$controller = new GoldVisionController();
 226				
 227				$summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
 228				$phone_number = str_replace( '&', '&amp;',  $_POST['phone'] );
 229				$address_1 = str_replace( '&', '&amp;',  $_POST['address'] );
 230				$address_2 = str_replace( '&', '&amp;',  $_POST['address_linetwo'] );
 231				$town = str_replace( '&', '&amp;',  $_POST['city'] );
 232				$county = str_replace( '&', '&amp;', $_POST['county'] );
 233				$postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
 234				$website = str_replace( '&', '&amp;', $_POST['website'] );
 235				
 236				$interests = array();
 237				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 238				{
 239					if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
 240					{
 241						foreach( $_POST['interests'] as $interest => $details )
 242						{
 243							switch( $interest )
 244							{								
 245								case 'age':
 246									$interests[] = '2';
 247									break;
 248								case 'asylum':
 249									$interests[] = '21';
 250									break;
 251								case 'disability':
 252									$interests[] = '58';
 253									break;
 254								case 'gender':
 255									$interests[] = '63';
 256									break;
 257								case 'gypsies':
 258									$interests[] = '47';
 259									break;
 260								case 'rights':
 261									$interests[] = '25';
 262									break;
 263								case 'migrants':
 264									$interests[] = '49';
 265									break;
 266								case 'race':
 267									$interests[] = '114';
 268									break;
 269								case 'religon':
 270									$interests[] = '64';
 271									break;
 272								case 'sexual':
 273									$interests[] = '115';
 274									break;
 275								case 'transgender':
 276									$interests[] = '61';
 277									break;										
 278							}
 279						}  
 280					}
 281					else
 282					{
 283						foreach( $_POST['interests'] as $interest => $details )
 284						{
 285							switch( $interest )
 286							{
 287								case 'age':
 288									$interests[] = '137';
 289									break;
 290								case 'asylum':
 291									$interests[] = '21';
 292									break;
 293								case 'disability':
 294									$interests[] = '59';
 295									break;
 296								case 'gender':
 297									$interests[] = '138';
 298									break;
 299								case 'gypsies':
 300									$interests[] = '47';
 301									break;
 302								case 'rights':
 303									$interests[] = '25';
 304									break;
 305								case 'migrants':
 306									$interests[] = '49';
 307									break;
 308								case 'race':
 309									$interests[] = '139';
 310									break;
 311								case 'religon':
 312									$interests[] = '144';
 313									break;
 314								case 'sexual':
 315									$interests[] = '140';
 316									break;
 317								case 'transgender':
 318									$interests[] = '61';
 319									break;											
 320							}
 321						}  
 322					}					
 323				}
 324				
 325				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 326				{
 327					foreach( $_POST['areas'] as $area => $details )
 328					{
 329						switch( $area )
 330						{
 331							case 'bath':
 332								$interests[] = '101';
 333								break;
 334							case 'bristol':
 335								$interests[] = '96'; 
 336								break;
 337							case 'bournemouth':
 338								$interests[] = '102';
 339								break;
 340							case 'cornwall':
 341								$interests[] = '99'; 
 342								break;
 343							case 'devon':
 344								$interests[] = '106';
 345								break;
 346							case 'dorset':
 347								$interests[] = '108'; 
 348								break;
 349							case 'gloucestershire':
 350								$interests[] = '110';
 351								break;
 352							case 'north_somerset':
 353								$interests[] = '103'; 
 354								break;
 355							case 'plymouth':
 356								$interests[] = '104'; 
 357								break;
 358							case 'poole':
 359								$interests[] = '105';
 360								break;
 361							case 'somerset':
 362								$interests[] = '95';
 363								break;
 364							case 'south_gloucestershire':
 365								$interests[] = '107';
 366								break;
 367							case 'swindon':
 368								$interests[] = '109';
 369								break;
 370							case 'torbay':
 371								$interests[] = '111'; 
 372								break;
 373							case 'wiltshire':
 374								$interests[] = '100';
 375								break;
 376							case 'west_of_england':
 377								$interests[] = '98'; 
 378								break;
 379							case 'sw_region':
 380								$interests[] = '94';
 381								break;
 382							case 'outside_region':
 383								$interests[] = '97';
 384								break;																	
 385						}
 386					}					
 387				}	
 388				
 389				switch( $_POST['organisation_type'] )
 390				{
 391					case 'individual':
 392						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 393						break;
 394					case 'private':
 395						$type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
 396						break;	
 397					case 'public':
 398						$type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
 399						break;	
 400					case 'voluntary':
 401						$type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
 402						break;	
 403					case 'social':
 404						$type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
 405						break;	
 406					default:
 407						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 408						break;	
 409				}
 410				
 411				// ind data
 412				$firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
 413				$lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
 414				$title = str_replace( '&', '&amp;', $_POST['title'] ) ;
 415				$jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
 416				$mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
 417				$email = str_replace( '&', '&amp;', $_POST['email'] ) ;
 418				$events = '';
 419				$newsletter = 0;
 420				$volun = '';
 421				$share = 0;
 422				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 423				{
 424					//echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
 425					foreach( $_POST['kind'] as $k => $v )
 426					{
 427						if( $k == 'events' )
 428						{
 429							$events = "1a26da8a-90f5-4527-a8eb-551df1970e49"; 
 430						}
 431						
 432						if( $k == 'newsletter' )
 433						{
 434							$newsletter = 1; 
 435						}
 436					}
 437				}
 438				
 439				if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
 440				{
 441					$volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8"; 
 442				}
 443				else
 444				{
 445					$volun = "065b7934-5313-4656-857a-7e382fc312fe"; 
 446				}
 447				
 448				if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
 449				{
 450					$share = 1;
 451				}
 452				else
 453				{
 454					$share = 0;
 455				}
 456			
 457				if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
 458				{
 459					// organisation exists
 460					$orgID = $controller->getOrgID();
 461					// update it
 462					$controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 463										
 464					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 465					{
 466						// contact not exist: create it													
 467						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 468					
 469						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 470						{
 471							
 472							$controller->createInterest( $interests, $indID );
 473							/*
 474							foreach( $interests as $interest => $tag )
 475							{
 476								$controller->createInterest( $tag, $indID );
 477							}*/
 478						}
 479						
 480					}
 481					else
 482					{
 483						// contact exists; update it
 484						$contactID = $controller->getContactID();
 485						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 486						
 487						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 488						{
 489							$controller->createInterest( $interests, $contactID );
 490							/*
 491							foreach( $interests as $interest => $tag )
 492							{
 493								$controller->createInterest( $tag, $indID );
 494							}*/
 495						}
 496					}		
 497					
 498				}
 499				else
 500				{
 501					// create new organisation		
 502					$orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 503					
 504					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 505					{
 506						// create new contact				
 507						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 508						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 509						{
 510							$controller->createInterest( $interests, $indID );
 511						}
 512						
 513					}
 514					else
 515					{
 516						// update existing contact
 517						$contactID = $controller->getContactID();
 518						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 519						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 520						{
 521							$controller->createInterest( $interests, $contactID );
 522						}
 523					}
 524															
 525				}
 526				
 527				if( $path == 'events' )
 528				{
 529					$this->registry->redirectUser(array('events'),'Account created','Thank you, your account has been created. Taking you back to the events area.',false);
 530				}
 531				else
 532				{
 533					$this->registry->redirectUser(array('myaccount'),'Account created','Thank you, your account has been created.',false);
 534				}
 535							
 536			}
 537			else
 538			{
 539				$this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
 540				$this->registry->getObject('template')->addTemplateBit( 'form_errors', 'myaccount/errors.tpl.php' );
 541				foreach( $_POST as $pkey => $pdata )
 542				{
 543					$this->registry->getObject('template')->getPage()->addTag( 'form_' . $pkey, $pdata );
 544				}
 545				
 546				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 547				{
 548					foreach( $_POST['kind'] as $k => $v )
 549					{
 550						$this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
 551					}
 552				}
 553				
 554				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 555				{
 556					foreach( $_POST['interests'] as $k => $v )
 557					{
 558						$this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
 559					}
 560				}
 561				
 562				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
 563				{
 564					foreach( $_POST['networks'] as $k => $v )
 565					{
 566						$this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
 567					}
 568				}
 569				
 570				if( isset( $_POST['voluntary'] ) )
 571				{
 572					if( $_POST['voluntary'] == 'yes' )
 573					{
 574						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
 575					}
 576					else
 577					{
 578						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
 579					}
 580				}
 581				
 582				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 583				{
 584					foreach( $_POST['areas'] as $k => $v )
 585					{
 586						$this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
 587					}
 588				}
 589				
 590				if( isset( $_POST['declaration'] ) )
 591				{
 592					if( $_POST['declaration'] == 'yes' )
 593					{
 594						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
 595					}
 596					else
 597					{
 598						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
 599					}
 600				}
 601								
 602				if( isset( $_POST['organisation_type'] ) )
 603				{
 604					$this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
 605				}
 606				
 607				$cache = $this->registry->getObject('db')->cacheData( $errors );
 608				$this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
 609				$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/create.tpl.php', 'footer.tpl.php');	
 610			}
 611		}
 612		else
 613		{
 614			$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
 615			$this->registry->getObject('template')->getPage()->addTag( 'path', $path );
 616			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/create.tpl.php', 'footer.tpl.php');	
 617		}
 618	}
 619	
 620	private function editAccount()
 621	{
 622		$id = $this->registry->getObject('authenticate')->getUserID();
 623				
 624		if( isset( $_POST ) && is_array( $_POST ) && count( $_POST ) > 0 )
 625		{
 626			// create the account
 627			$required = array( 'username' => 'Username', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
 628			$errors = array();
 629			foreach( array_keys( $required ) as $r )
 630			{
 631				if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
 632				{
 633					$processable = false;
 634					$error = array();
 635					$error['errora'] = $required[ $r ] . " is a required field";
 636					$errors[] = $error;
 637				}
 638				
 639				if( isset( $_POST['email'] ) && $r == 'email' )
 640				{
 641					if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
 642					{
 643						$error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
 644						$errors[] = $error;
 645					}
 646				}
 647				
 648				if( isset( $_POST['username'] ) && $r == 'username' )
 649				{
 650					if( $_POST['username'] != $_POST['usernameoriginal'] )
 651					{
 652						$username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 653						$sql = "SELECT * FROM users WHERE username = '{$username}'";
 654						$this->registry->getObject('db')->executeQuery($sql);
 655						if( $this->registry->getObject('db')->numRows() > 0 )
 656						{
 657							$error['errora'] = $required[ $r ] . " is already taken. Please try again.";
 658							$errors[] = $error;
 659						}
 660					}
 661				}
 662							
 663			}
 664			
 665			if(  $_POST['password'] != '' )
 666			{
 667				if( strlen( $_POST['password'] ) < 6 )
 668				{
 669					$error['errora'] = "Your password is too short, it must be at least 6 characters.";
 670					$errors[] = $error;
 671				}
 672				
 673				if(  isset( $_POST['confirm_password'] ) )
 674				{
 675					if( $_POST['password'] != $_POST['confirm_password'] )
 676					{
 677						$error['errora'] = "Your passwords do not match. Please try again.";
 678						$errors[] = $error;
 679					}
 680				}
 681			}
 682							
 683			if( empty( $errors ) )
 684			{
 685				$sql = "SELECT u.*, e.* FROM users u, users_extra e WHERE e.user_id=u.ID AND u.ID={$id}";
 686				$this->registry->getObject('db')->executeQuery( $sql );
 687				if( $this->registry->getObject('db')->numRows() == 1 )
 688				{
 689					$data = $this->registry->getObject('db')->getRows();
 690				}	
 691				else
 692				{
 693					echo 'Error editing member';
 694					exit();
 695				}
 696								
 697				require_once( ACP_PATH . 'controllers/goldvision/controller.php');
 698				$controller = new GoldVisionController();
 699				
 700				$summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
 701				$phone_number = str_replace( '&', '&amp;',  $_POST['phone'] );
 702				$address_1 = str_replace( '&', '&amp;',  $_POST['address'] );
 703				$address_2 = str_replace( '&', '&amp;',  $_POST['address_linetwo'] );
 704				$town = str_replace( '&', '&amp;',  $_POST['city'] );
 705				$county = str_replace( '&', '&amp;', $_POST['county'] );
 706				$postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
 707				$website = str_replace( '&', '&amp;', $_POST['website'] );
 708				
 709				$interests = array();
 710				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 711				{
 712					if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
 713					{
 714						foreach( $_POST['interests'] as $interest => $details )
 715						{
 716							switch( $interest )
 717							{								
 718								case 'age':
 719									$interests[] = '2';
 720									break;
 721								case 'asylum':
 722									$interests[] = '21';
 723									break;
 724								case 'disability':
 725									$interests[] = '58';
 726									break;
 727								case 'gender':
 728									$interests[] = '63';
 729									break;
 730								case 'gypsies':
 731									$interests[] = '47';
 732									break;
 733								case 'rights':
 734									$interests[] = '25';
 735									break;
 736								case 'migrants':
 737									$interests[] = '49';
 738									break;
 739								case 'race':
 740									$interests[] = '114';
 741									break;
 742								case 'religon':
 743									$interests[] = '64';
 744									break;
 745								case 'sexual':
 746									$interests[] = '115';
 747									break;
 748								case 'transgender':
 749									$interests[] = '61';
 750									break;										
 751							}
 752						}  
 753					}
 754					else
 755					{
 756						foreach( $_POST['interests'] as $interest => $details )
 757						{
 758							switch( $interest )
 759							{
 760								case 'age':
 761									$interests[] = '137';
 762									break;
 763								case 'asylum':
 764									$interests[] = '21';
 765									break;
 766								case 'disability':
 767									$interests[] = '59';
 768									break;
 769								case 'gender':
 770									$interests[] = '138';
 771									break;
 772								case 'gypsies':
 773									$interests[] = '47';
 774									break;
 775								case 'rights':
 776									$interests[] = '25';
 777									break;
 778								case 'migrants':
 779									$interests[] = '49';
 780									break;
 781								case 'race':
 782									$interests[] = '139';
 783									break;
 784								case 'religon':
 785									$interests[] = '144';
 786									break;
 787								case 'sexual':
 788									$interests[] = '140';
 789									break;
 790								case 'transgender':
 791									$interests[] = '61';
 792									break;											
 793							}
 794						}  
 795					}					
 796				}
 797				
 798				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 799				{
 800					foreach( $_POST['areas'] as $area => $details )
 801					{
 802						switch( $area )
 803						{
 804							case 'bath':
 805								$interests[] = '101';
 806								break;
 807							case 'bristol':
 808								$interests[] = '96'; 
 809								break;
 810							case 'bournemouth':
 811								$interests[] = '102';
 812								break;
 813							case 'cornwall':
 814								$interests[] = '99'; 
 815								break;
 816							case 'devon':
 817								$interests[] = '106';
 818								break;
 819							case 'dorset':
 820								$interests[] = '108'; 
 821								break;
 822							case 'gloucestershire':
 823								$interests[] = '110';
 824								break;
 825							case 'north_somerset':
 826								$interests[] = '103'; 
 827								break;
 828							case 'plymouth':
 829								$interests[] = '104'; 
 830								break;
 831							case 'poole':
 832								$interests[] = '105';
 833								break;
 834							case 'somerset':
 835								$interests[] = '95';
 836								break;
 837							case 'south_gloucestershire':
 838								$interests[] = '107';
 839								break;
 840							case 'swindon':
 841								$interests[] = '109';
 842								break;
 843							case 'torbay':
 844								$interests[] = '111'; 
 845								break;
 846							case 'wiltshire':
 847								$interests[] = '100';
 848								break;
 849							case 'west_of_england':
 850								$interests[] = '98'; 
 851								break;
 852							case 'sw_region':
 853								$interests[] = '94';
 854								break;
 855							case 'outside_region':
 856								$interests[] = '97';
 857								break;																	
 858						}
 859					}					
 860				}	
 861				
 862				switch( $_POST['organisation_type'] )
 863				{
 864					case 'individual':
 865						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 866						break;
 867					case 'private':
 868						$type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
 869						break;	
 870					case 'public':
 871						$type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
 872						break;	
 873					case 'voluntary':
 874						$type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
 875						break;	
 876					case 'social':
 877						$type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
 878						break;	
 879					default:
 880						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 881						break;	
 882				}
 883				
 884				// ind data
 885				$firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
 886				$lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
 887				$title = str_replace( '&', '&amp;', $_POST['title'] ) ;
 888				$jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
 889				$mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
 890				$email = str_replace( '&', '&amp;', $_POST['email'] ) ;
 891				$events = '';
 892				$newsletter = 0;
 893				$volun = '';
 894				$share = 0;
 895				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 896				{
 897					//echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
 898					foreach( $_POST['kind'] as $k => $v )
 899					{
 900						if( $k == 'events' )
 901						{
 902							$events = "1a26da8a-90f5-4527-a8eb-551df1970e49"; 
 903						}
 904						
 905						if( $k == 'newsletter' )
 906						{
 907							$newsletter = 1; 
 908						}
 909					}
 910				}
 911				
 912				if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
 913				{
 914					$volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8"; 
 915				}
 916				else
 917				{
 918					$volun = "065b7934-5313-4656-857a-7e382fc312fe"; 
 919				}
 920				
 921				if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
 922				{
 923					$share = 1;
 924				}
 925				else
 926				{
 927					$share = 0;
 928				}
 929			
 930				if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
 931				{
 932					// organisation exists
 933					$orgID = $controller->getOrgID();
 934					// update it
 935					$controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 936										
 937					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 938					{
 939						// contact not exist: create it													
 940						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 941					
 942						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 943						{
 944							
 945							$controller->createInterest( $interests, $indID );
 946							/*
 947							foreach( $interests as $interest => $tag )
 948							{
 949								$controller->createInterest( $tag, $indID );
 950							}*/
 951						}
 952						
 953					}
 954					else
 955					{
 956						// contact exists; update it
 957						$contactID = $controller->getContactID();
 958						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 959						
 960						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 961						{
 962							$controller->createInterest( $interests, $contactID );
 963							/*
 964							foreach( $interests as $interest => $tag )
 965							{
 966								$controller->createInterest( $tag, $indID );
 967							}*/
 968						}
 969					}		
 970					
 971				}
 972				else
 973				{
 974					// create new organisation		
 975					$orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 976					
 977					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 978					{
 979						// create new contact				
 980						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 981						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 982						{
 983							$controller->createInterest( $interests, $indID );
 984						}
 985						
 986					}
 987					else
 988					{
 989						// update existing contact
 990						$contactID = $controller->getContactID();
 991						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 992						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 993						{
 994							$controller->createInterest( $interests, $contactID );
 995						}
 996					}
 997															
 998				}
 999							
1000				$insert = array();
1001				$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
1002				$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
1003				$insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
1004				$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
1005				$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
1006				$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
1007				if( $_POST['password_hash'] != '' )
1008				{
1009					$insert['password_hash'] = md5($_POST['password_hash'] );
1010				}
1011				$insert['active'] = 1;
1012				$insert['banned'] = 0;
1013				$insert['admin'] = 0;
1014				$insert['deleted'] = 0;
1015				$insert['member'] = 0;
1016				$this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );	
1017								
1018				$insert = array();
1019				$insert['user_id'] = $id;
1020				$insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
1021				$insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
1022				$insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
1023				$insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
1024				$insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
1025				$insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
1026				$insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
1027				$insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
1028				$insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
1029				//$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
1030				//$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
1031				$insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
1032				$insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
1033				
1034				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
1035				{
1036					$insert['kind'] = serialize( $_POST['kind'] );
1037				}
1038				
1039				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
1040				{
1041					$insert['interests'] = serialize( $_POST['interests'] );
1042				}
1043				
1044				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
1045				{
1046					$insert['networks'] = serialize( $_POST['networks'] );
1047				}
1048				
1049				if( isset( $_POST['voluntary'] ) )
1050				{
1051					$insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
1052				}
1053				
1054				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
1055				{
1056					$insert['areas'] = serialize( $_POST['areas'] );
1057				}
1058				
1059				if( isset( $_POST['declaration'] ) )
1060				{
1061					$insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
1062				}
1063				$this->registry->getObject('db')->updateRecords( 'users_extra', $insert, 'user_id=' . $id );	
1064								
1065				$this->registry->redirectUser(array('myaccount'),'Account updated','Thank you, your account has been updated.',false);
1066				
1067			}
1068			else
1069			{
1070				$this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
1071				$this->registry->getObject('template')->addTemplateBit( 'form_errors', 'myaccount/errors.tpl.php' );
1072				foreach( $_POST as $pkey => $pdata )
1073				{
1074					$this->registry->getObject('template')->getPage()->addTag( 'form_' . $pkey, $pdata );
1075				}
1076				
1077				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
1078				{
1079					foreach( $_POST['kind'] as $k => $v )
1080					{
1081						$this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
1082					}
1083				}
1084				
1085				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
1086				{
1087					foreach( $_POST['interests'] as $k => $v )
1088					{
1089						$this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
1090					}
1091				}
1092				
1093				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
1094				{
1095					foreach( $_POST['networks'] as $k => $v )
1096					{
1097						$this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
1098					}
1099				}
1100				
1101				if( isset( $_POST['voluntary'] ) )
1102				{
1103					if( $_POST['voluntary'] == 'yes' )
1104					{
1105						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
1106					}
1107					else
1108					{
1109						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
1110					}
1111				}
1112				
1113				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
1114				{
1115					foreach( $_POST['areas'] as $k => $v )
1116					{
1117						$this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
1118					}
1119				}
1120				
1121				if( isset( $_POST['declaration'] ) )
1122				{
1123					if( $_POST['declaration'] == 'yes' )
1124					{
1125						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
1126					}
1127					else
1128					{
1129						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
1130					}
1131				}
1132								
1133				if( isset( $_POST['organisation_type'] ) )
1134				{
1135					$this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
1136				}
1137				
1138				$this->registry->getObject('template')->getPage()->addTag( 'form_username', $_POST['usernameoriginal'] );
1139				
1140				$cache = $this->registry->getObject('db')->cacheData( $errors );
1141				$this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
1142				$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/edit.tpl.php', 'footer.tpl.php');	
1143			}
1144		}
1145		else
1146		{
1147			$sql = "SELECT u.*, e.* FROM users u LEFT JOIN users_extra e ON e.user_id = u.ID WHERE u.ID=" . $id;
1148			$this->registry->getObject('db')->executeQuery( $sql );
1149			$data = $this->registry->getObject('db')->getRows();
1150			$this->registry->getObject('template')->dataToTags( $data, 'form_' );
1151			
1152			$kind = unserialize( $data['kind'] );
1153			if( isset( $kind ) && is_array($kind) && count( $kind ) > 0 )
1154			{
1155				foreach( $kind as $k => $v )
1156				{
1157					$this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
1158				}
1159			}
1160			
1161			$interests = unserialize( $data['interests'] );
1162					
1163			if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1164			{
1165				foreach( $interests as $k => $v )
1166				{
1167					$this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
1168				}
1169			}
1170			
1171			$networks = unserialize( $data['networks'] );	
1172			if( isset( $networks ) && is_array($networks) && count( $networks ) > 0 )
1173			{
1174				foreach( $networks as $k => $v )
1175				{
1176					$this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
1177				}
1178			}
1179							
1180			if( $data['voluntary'] == 'yes' )
1181			{
1182				$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
1183			}
1184			else
1185			{
1186				$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
1187			}
1188				
1189			$areas = unserialize( $data['areas'] );	
1190			if( isset( $areas ) && is_array($areas) && count( $areas ) > 0 )
1191			{
1192				foreach( $areas as $k => $v )
1193				{
1194					$this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
1195				}
1196			}
1197						
1198			if( $data['declaration'] == 'yes' )
1199			{
1200				$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
1201			}
1202			else
1203			{
1204				$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
1205			}
1206			
1207			$this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $data['organisation_type'], 'selected="selected"' );
1208			
1209			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/edit.tpl.php', 'footer.tpl.php');	
1210		}
1211	}
1212	
1213	private function changeEmailAddress()
1214	{
1215		if( isset( $_POST['email'] ) )
1216		{
1217			if( preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
1218			{
1219				$changes = array();
1220				$changes['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
1221				$this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $this->registry->getObject('authenticate')->getUserID() );
1222				$this->registry->errorPage('Email address saved', 'Your new email address has been saved');	
1223			}
1224			else
1225			{
1226				$this->registry->errorPage( 'Invalid email address', 'Sorry, your email address was not valid, please try again');
1227			}
1228		}
1229		else
1230		{
1231			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/email.tpl.php', 'footer.tpl.php');
1232	
1233		}
1234	}
1235	
1236	private function changePassword()
1237	{
1238		if( isset( $_POST['password'] ) )
1239		{
1240			if( ! isset( $_POST['password_confirm'] ) || ( $_POST['password'] != $_POST['password_confirm'] ) )
1241			{
1242				$this->registry->errorPage('Password not confirmed', 'Sorry, your password and confirmation did not match.  Please try again.');
1243			}
1244			elseif( strlen( $_POST['password'] ) < 6 )
1245			{
1246				$this->registry->errorPage('Password too short', 'Sorry, your password was too short, passwords must be at least 6 characters long');
1247			}
1248			else
1249			{
1250				$changes = array();
1251				$changes['password_hash'] = md5( $_POST['password'] );
1252				$this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $this->registry->getObject('authenticate')->getUserID() );
1253				$this->registry->errorPage('Password changed', 'Your password has been updated');
1254			}
1255		}
1256		else
1257		{
1258			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/password.tpl.php', 'footer.tpl.php');
1259	
1260		}
1261	}
1262	
1263	private function changeDefaultDeliveryDetails()
1264	{
1265		if( isset( $_POST['delivery'] ) )
1266		{
1267			$changes = array();
1268			$changes['default_delivery_name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
1269			$changes['default_delivery_address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
1270			$changes['default_delivery_address2'] = $this->registry->getObject('db')->sanitizeData( $_POST['address2'] );
1271			$changes['default_delivery_city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
1272			$changes['default_delivery_postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
1273			$changes['default_delivery_country'] = $this->registry->getObject('db')->sanitizeData( $_POST['country'] );
1274			$this->registry->getObject('db')->updateRecords( 'users_extra', $changes, 'user_id=' . $this->registry->getObject('authenticate')->getUserID() );
1275			$this->registry->errorPage('Delivery address saved', 'Your delivery address has been saved');
1276			
1277		}
1278		else
1279		{
1280			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/delivery.tpl.php', 'footer.tpl.php');
1281	
1282		}
1283	}
1284	
1285	private function listOrders()
1286	{
1287		// do we have orders
1288		$u = $this->registry->getObject('authenticate')->getUserID();		
1289		$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/orders.tpl.php', 'footer.tpl.php');
1290		$sql = "SELECT o.ID, DATE_FORMAT(date_placed, '%D %M %Y') as placed, (SELECT COUNT(qty) FROM store_orders_items WHERE order_id=o.ID) as products, s.name as status, FORMAT(o.products_cost,2) as cost FROM store_orders o, store_order_statuses s WHERE o.status=s.ID AND o.user_id={$u} ORDER BY ID ASC";
1291		$cache = $this->registry->getObject('db')->cacheQuery( $sql );
1292		$this->registry->getObject('template')->getPage()->addTag('orders', array('SQL', $cache));
1293		// else error page?
1294	}
1295	
1296	private function viewOrder( $order )
1297	{
1298		// order and customer details
1299		$u = $this->registry->getObject('authenticate')->getUserID();
1300		$sql = "SELECT o.dispatch_comment, o.status as status_id, o.ID, o.payment_txn, DATE_FORMAT(o.date_placed, '%D %M %Y') as date_placed, IF(o.date_dispatch='0000-00-00 00:00:00', 'Not yet dispatched', DATE_FORMAT( o.date_dispatch, '%D %M %Y') ) as date_dispatched, FORMAT(o.products_cost,2) as products_cost, FORMAT(o.shipping_cost,2) as shipping_cost, FORMAT( ( FORMAT(o.products_cost,2) + FORMAT(o.shipping_cost,2) ),2 ) as total_cost, s.name as status_name, u.username, o.user_id, pm.name as payment_method, sm.name as shipping_method, IF(o.voucher_code_text='','No voucher code used', o.voucher_code_text) as voucher_code_text, o.shipping_name, o.shipping_address, o.shipping_address2, o.shipping_city, o.shipping_postcode, o.shipping_country, o.delivery_comment FROM store_orders o, store_order_statuses s, users u, store_payment_methods pm, store_shipping_methods sm WHERE o.ID={$order} AND s.ID=o.status AND sm.ID=o.shipping_method AND pm.ID=o.payment_method AND u.ID=o.user_id AND o.user_id={$u}";
1301		$this->registry->getObject('db')->executeQuery( $sql );
1302		if( $this->registry->getObject('db')->numRows() == 1 )
1303		{
1304			$orderdata = $this->registry->getObject('db')->getRows();
1305			$this->registry->getObject('template')->dataToTags( $orderdata, 'od_');
1306			//echo '<pre>' . print_r( $orderdata, true ) . '</pre>';
1307			// product details (and variations)
1308			$sql = "SELECT (
1309	SELECT 
1310	GROUP_CONCAT( a.name,': ', av.name SEPARATOR ', ' ) 
1311	FROM store_product_variation_values av, store_orders_items_variation_value_association ava, store_product_variations a 
1312	WHERE a.ID = av.attribute AND av.ID=ava.variation_id AND ava.order_item_id=i.ID 
1313) AS variations, p.name as product_name, i.product_id as product_id, i.qty as product_quantity, FORMAT(pd.price,2) as unit_cost, FORMAT((pd.price * i.qty),2) as cost, IF(i.uploaded_file='', 0,1) as has_file, i.uploaded_file as uploaded_file, i.standard FROM store_orders_items i, content c, content_versions p, content_types t, content_versions_store_products pd WHERE pd.version_id=p.ID AND i.order_id={$order} AND c.ID=i.product_id AND p.ID=c.current_revision AND c.type=t.ID and t.reference='product'";
1314			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
1315			$this->registry->getObject('template')->getPage()->addTag('items', array( 'SQL', $cache ) );
1316			$sql = "SELECT ID as status_id, name as status_name FROM store_order_statuses";
1317			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
1318			//$this->registry->getObject('template')->getPage()->addTag('statuses', array( 'SQL', $cache ) );
1319			//$this->registry->getObject('template')->getPage()->addAdditionalParsingData( 'statuses', 'status_id', $orderdata['status_id'], 'extra', "selected='selected'");
1320			// template
1321			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/order.tpl.php', 'footer.tpl.php');
1322			// are we updating the order?
1323		}
1324		else
1325		{
1326			$this->registry->errorPage('Order not found', 'The order you requested was not found');	
1327		}
1328	}
1329	
1330	private function dashboard()
1331	{
1332		
1333		header('Location: ' . $this->registry->buildURL(array(), '', false ) );
1334		
1335		//$u = $this->registry->getObject('authenticate')->getUserID();		
1336		//$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'myaccount/dashboard.tpl.php', 'footer.tpl.php');
1337		//$sql = "SELECT o.ID, DATE_FORMAT(date_placed, '%D %M %Y') as placed, (SELECT COUNT(qty) FROM store_orders_items WHERE order_id=o.ID) as products, s.name as status, FORMAT(o.products_cost,2) as cost FROM store_orders o, store_order_statuses s WHERE o.status=s.ID AND s.awaiting_customer=1 AND o.user_id={$u} ORDER BY ID ASC";
1338		//$cache = $this->registry->getObject('db')->cacheQuery( $sql );
1339		//$this->registry->getObject('template')->getPage()->addTag('orders', array('SQL', $cache ) );
1340		
1341	}
1342
1343	
1344	
1345	
1346	
1347	
1348}
1349
1350
1351?>