OXID eShop CE  4.10.2
 All Classes Namespaces Files Functions Variables Pages
oxcmp_user.php
Go to the documentation of this file.
1 <?php
2 
3 // defining login/logout states
4 define('USER_LOGIN_SUCCESS', 1);
5 define('USER_LOGIN_FAIL', 2);
6 define('USER_LOGOUT', 3);
7 
14 class oxcmp_user extends oxView
15 {
16 
22  protected $_blIsNewUser = false;
23 
29  protected $_blIsComponent = true;
30 
36  protected $_blNewsSubscriptionStatus = null;
37 
46  protected $_iLoginStatus = null;
47 
53  protected $_sTermsVer = null;
54 
60  protected $_aAllowedClasses = array(
61  'register',
62  'forgotpwd',
63  'content',
64  'account',
65  'clearcookies',
66  'oxwServiceMenu',
67  );
68 
76  public function init()
77  {
79  $this->_loadSessionUser();
80  $this->_saveInvitor();
81 
82  parent::init();
83  }
84 
91  public function render()
92  {
93  // checks if private sales allows further tasks
94  $this->_checkPsState();
95 
97 
98  return $this->getUser();
99  }
100 
109  protected function _checkPsState()
110  {
111  $oConfig = $this->getConfig();
112  if ($this->getParent()->isEnabledPrivateSales()) {
113  // load session user
114  $oUser = $this->getUser();
115  $sClass = $this->getParent()->getClassName();
116 
117  // no session user
118  if (!$oUser && !in_array($sClass, $this->_aAllowedClasses)) {
119  oxRegistry::getUtils()->redirect($oConfig->getShopHomeURL() . 'cl=account', false, 302);
120  }
121 
122  if ($oUser && !$oUser->isTermsAccepted() && !in_array($sClass, $this->_aAllowedClasses)) {
123  oxRegistry::getUtils()->redirect($oConfig->getShopHomeURL() . 'cl=account&term=1', false, 302);
124  }
125  }
126  }
127 
133  protected function _loadSessionUser()
134  {
135  $myConfig = $this->getConfig();
136  $oUser = $this->getUser();
137 
138  // no session user
139  if (!$oUser) {
140  return;
141  }
142 
143  // this user is blocked, deny him
144  if ($oUser->inGroup('oxidblocked')) {
145  $sUrl = $myConfig->getShopHomeURL() . 'cl=content&tpl=user_blocked.tpl';
146  oxRegistry::getUtils()->redirect($sUrl, true, 302);
147  }
148 
149  // TODO: move this to a proper place
150  if ($oUser->isLoadedFromCookie() && !$myConfig->getConfigParam('blPerfNoBasketSaving')) {
151 
152  if ($oBasket = $this->getSession()->getBasket()) {
153  $oBasket->load();
154  $oBasket->onUpdate();
155  }
156  }
157  }
158 
172  public function login()
173  {
174  $sUser = oxRegistry::getConfig()->getRequestParameter('lgn_usr');
175  $sPassword = oxRegistry::getConfig()->getRequestParameter('lgn_pwd', true);
176  $sCookie = oxRegistry::getConfig()->getRequestParameter('lgn_cook');
177  //$blFbLogin = oxRegistry::getConfig()->getRequestParameter( 'fblogin' );
178 
180 
181  // trying to login user
182  try {
184  $oUser = oxNew('oxuser');
185  $oUser->login($sUser, $sPassword, $sCookie);
187  } catch (oxUserException $oEx) {
188  // for login component send excpetion text to a custom component (if defined)
189  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true, '', false);
190 
191  return 'user';
192  } catch (oxCookieException $oEx) {
193  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx);
194 
195  return 'user';
196  }
197 
198  // finalizing ..
199  return $this->_afterLogin($oUser);
200  }
201 
217  protected function _afterLogin($oUser)
218  {
219  $oSession = $this->getSession();
220 
221  // generating new session id after login
222  if ($this->getLoginStatus() === USER_LOGIN_SUCCESS) {
223  $oSession->regenerateSessionId();
224  }
225 
226  $myConfig = $this->getConfig();
227 
228  // this user is blocked, deny him
229  if ($oUser->inGroup('oxidblocked')) {
230  $sUrl = $myConfig->getShopHomeURL() . 'cl=content&tpl=user_blocked.tpl';
231  oxRegistry::getUtils()->redirect($sUrl, true, 302);
232  }
233 
234  // recalc basket
235  if ($oBasket = $oSession->getBasket()) {
236  $oBasket->onUpdate();
237  }
238 
239 
240  return 'payment';
241  }
242 
247  public function login_noredirect()
248  {
249  $blAgb = oxRegistry::getConfig()->getRequestParameter('ord_agb');
250  $oConfig = $this->getConfig();
251  if ($this->getParent()->isEnabledPrivateSales() && $blAgb !== null && ($oUser = $this->getUser())) {
252  if ($blAgb) {
253  $oUser->acceptTerms();
254  }
255  } else {
256  $this->login();
257 
258  if (!$this->isAdmin() && !$this->getConfig()->getConfigParam('blPerfNoBasketSaving')) {
259  //load basket from the database
260  try {
261  if ($oBasket = $this->getSession()->getBasket()) {
262  $oBasket->load();
263  }
264  } catch (Exception $oE) {
265  //just ignore it
266  }
267  }
268 
269 
270  }
271  }
272 
279  public function login_updateFbId()
280  {
281  $this->login();
282 
283  if ($oUser = $this->getUser()) {
284  //updating user Facebook ID
285  if ($oUser->updateFbId()) {
286  oxRegistry::getSession()->setVariable('_blFbUserIdUpdated', true);
287  }
288  }
289  }
290 
297  protected function _afterLogout()
298  {
299  oxRegistry::getSession()->deleteVariable('paymentid');
300  oxRegistry::getSession()->deleteVariable('sShipSet');
301  oxRegistry::getSession()->deleteVariable('deladrid');
302  oxRegistry::getSession()->deleteVariable('dynvalue');
303 
304  // resetting & recalc basket
305  if (($oBasket = $this->getSession()->getBasket())) {
306  $oBasket->resetUserInfo();
307  $oBasket->onUpdate();
308  }
309 
310  oxRegistry::getSession()->delBasket();
311  }
312 
321  public function logout()
322  {
323  $myConfig = $this->getConfig();
324  $oUser = oxNew('oxuser');
325 
326  if ($oUser->logout()) {
327 
328  $this->setLoginStatus(USER_LOGOUT);
329 
330  // finalizing ..
331  $this->_afterLogout();
332 
333 
334  if ($this->getParent()->isEnabledPrivateSales()) {
335  return 'account';
336  }
337 
338  // redirecting if user logs out in SSL mode
339  if (oxRegistry::getConfig()->getRequestParameter('redirect') && $myConfig->getConfigParam('sSSLShopURL')) {
340  oxRegistry::getUtils()->redirect($this->_getLogoutLink());
341  }
342  }
343  }
344 
354  public function changeUser()
355  {
356  $blUserRegistered = $this->_changeUser_noRedirect();
357 
358  if ($blUserRegistered === true) {
359  return 'payment';
360  } else {
361  return $blUserRegistered;
362  }
363  }
364 
371  public function changeuser_testvalues()
372  {
373  // skip updating user info if this is just form reload
374  // on selecting delivery address
375  // We do redirect only on success not to loose errors.
376 
377  if ($this->_changeUser_noRedirect()) {
378  return 'account_user';
379  }
380  }
381 
402  public function createUser()
403  {
404  $blActiveLogin = $this->getParent()->isEnabledPrivateSales();
405 
406  $oConfig = $this->getConfig();
407 
408  if ($blActiveLogin && !$oConfig->getRequestParameter('ord_agb') && $oConfig->getConfigParam('blConfirmAGB')) {
409  oxRegistry::get("oxUtilsView")->addErrorToDisplay('READ_AND_CONFIRM_TERMS', false, true);
410 
411  return;
412  }
413 
414  // collecting values to check
415  $sUser = $oConfig->getRequestParameter('lgn_usr');
416 
417  // first pass
418  $sPassword = $oConfig->getRequestParameter('lgn_pwd', true);
419 
420  // second pass
421  $sPassword2 = $oConfig->getRequestParameter('lgn_pwd2', true);
422 
423  $aInvAdress = $oConfig->getRequestParameter('invadr', true);
424  $aInvAdress = $this->cleanBillingAddress($aInvAdress);
425 
426  $aDelAdress = $this->_getDelAddressData();
427  $aDelAdress = $this->cleanDeliveryAddress($aDelAdress);
428 
430  $oUser = oxNew('oxuser');
431 
432  try {
433 
434  $oUser->checkValues($sUser, $sPassword, $sPassword2, $aInvAdress, $aDelAdress);
435 
436  $iActState = $blActiveLogin ? 0 : 1;
437 
438  // setting values
439  $oUser->oxuser__oxusername = new oxField($sUser, oxField::T_RAW);
440  $oUser->setPassword($sPassword);
441  $oUser->oxuser__oxactive = new oxField($iActState, oxField::T_RAW);
442 
443  // used for checking if user email currently subscribed
444  $iSubscriptionStatus = $oUser->getNewsSubscription()->getOptInStatus();
445 
446  $oUser->createUser();
447  $oUser->load($oUser->getId());
448  $oUser->changeUserData($oUser->oxuser__oxusername->value, $sPassword, $sPassword, $aInvAdress, $aDelAdress);
449 
450  if ($blActiveLogin) {
451  // accepting terms..
452  $oUser->acceptTerms();
453  }
454 
455  $sUserId = oxRegistry::getSession()->getVariable("su");
456  $sRecEmail = oxRegistry::getSession()->getVariable("re");
457  if ($this->getConfig()->getConfigParam('blInvitationsEnabled') && $sUserId && $sRecEmail) {
458  // setting registration credit points..
459  $oUser->setCreditPointsForRegistrant($sUserId, $sRecEmail);
460  }
461 
462  // assigning to newsletter
463  $blOptin = oxRegistry::getConfig()->getRequestParameter('blnewssubscribed');
464  if ($blOptin && $iSubscriptionStatus == 1) {
465  // if user was assigned to newsletter
466  // and is creating account with newsletter checked,
467  // don't require confirm
468  $oUser->getNewsSubscription()->setOptInStatus(1);
469  $oUser->addToGroup('oxidnewsletter');
470  $this->_blNewsSubscriptionStatus = 1;
471  } else {
472  $blOrderOptInEmailParam = $this->getConfig()->getConfigParam('blOrderOptInEmail');
473  $this->_blNewsSubscriptionStatus = $oUser->setNewsSubscription($blOptin, $blOrderOptInEmailParam);
474  }
475 
476  $oUser->addToGroup('oxidnotyetordered');
477  $oUser->logout();
478 
479  } catch (oxUserException $oEx) {
480  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
481 
482  return false;
483  } catch (oxInputException $oEx) {
484  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
485 
486  return false;
487  } catch (oxConnectionException $oEx) {
488  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
489 
490  return false;
491  }
492 
493  if (!$blActiveLogin) {
494 
495  oxRegistry::getSession()->setVariable('usr', $oUser->getId());
496  $this->_afterLogin($oUser);
497 
498 
499  // order remark
500  //V #427: order remark for new users
501  $sOrderRemark = oxRegistry::getConfig()->getRequestParameter('order_remark', true);
502  if ($sOrderRemark) {
503  oxRegistry::getSession()->setVariable('ordrem', $sOrderRemark);
504  }
505  }
506 
507  // send register eMail
508  //TODO: move into user
509  if ((int) oxRegistry::getConfig()->getRequestParameter('option') == 3) {
510  $oxEMail = oxNew('oxemail');
511  if ($blActiveLogin) {
512  $oxEMail->sendRegisterConfirmEmail($oUser);
513  } else {
514  $oxEMail->sendRegisterEmail($oUser);
515  }
516  }
517 
518  // new registered
519  $this->_blIsNewUser = true;
520 
521  $sAction = 'payment?new_user=1&success=1';
522  if ($this->_blNewsSubscriptionStatus !== null && !$this->_blNewsSubscriptionStatus) {
523  $sAction = 'payment?new_user=1&success=1&newslettererror=4';
524  }
525 
526  return $sAction;
527  }
528 
534  public function registerUser()
535  {
536  // registered new user ?
537  if ($this->createuser() != false && $this->_blIsNewUser) {
538  if ($this->_blNewsSubscriptionStatus === null || $this->_blNewsSubscriptionStatus) {
539  return 'register?success=1';
540  } else {
541  return 'register?success=1&newslettererror=4';
542  }
543  } else {
544  // problems with registration ...
545  $this->logout();
546  }
547  }
548 
552  protected function _saveInvitor()
553  {
554  if ($this->getConfig()->getConfigParam('blInvitationsEnabled')) {
555  $this->getInvitor();
556  $this->setRecipient();
557  }
558  }
559 
563  protected function _saveDeliveryAddressState()
564  {
565  $oSession = oxRegistry::getSession();
566 
567  $blShow = oxRegistry::getConfig()->getRequestParameter('blshowshipaddress');
568  if (!isset($blShow)) {
569  $blShow = $oSession->getVariable('blshowshipaddress');
570  }
571 
572  $oSession->setVariable('blshowshipaddress', $blShow);
573  }
574 
588  protected function _changeUser_noRedirect()
589  {
590  if (!$this->getSession()->checkSessionChallenge()) {
591  return;
592  }
593 
594  // no user ?
595  $oUser = $this->getUser();
596  if (!$oUser) {
597  return;
598  }
599 
600  // collecting values to check
601  $aDelAdress = $this->_getDelAddressData();
602  $aDelAdress = $this->cleanDeliveryAddress($aDelAdress);
603 
604  // if user company name, user name and additional info has special chars
605  $aInvAdress = oxRegistry::getConfig()->getRequestParameter('invadr', true);
606  $aInvAdress = $this->cleanBillingAddress($aInvAdress);
607 
608  $sUserName = $oUser->oxuser__oxusername->value;
609  $sPassword = $sPassword2 = $oUser->oxuser__oxpassword->value;
610 
611  try { // testing user input
612  $oUser->changeUserData($sUserName, $sPassword, $sPassword2, $aInvAdress, $aDelAdress);
613  // assigning to newsletter
614  if (($blOptin = oxRegistry::getConfig()->getRequestParameter('blnewssubscribed')) === null) {
615  $blOptin = $oUser->getNewsSubscription()->getOptInStatus();
616  }
617  // check if email address changed, if so, force check newsletter subscription settings.
618  $sBillingUsername = $aInvAdress['oxuser__oxusername'];
619  $blForceCheckOptIn = ($sBillingUsername !== null && $sBillingUsername !== $sUserName);
620  $blEmailParam = $this->getConfig()->getConfigParam('blOrderOptInEmail');
621  $this->_blNewsSubscriptionStatus = $oUser->setNewsSubscription($blOptin, $blEmailParam, $blForceCheckOptIn);
622 
623  } catch (oxUserException $oEx) { // errors in input
624  // marking error code
625  //TODO
626  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
627 
628  return;
629  } catch (oxInputException $oEx) {
630  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
631  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true, 'input_not_all_fields');
632 
633  return;
634  } catch (oxConnectionException $oEx) {
635  //connection to external resource broken, change message and pass to the view
636  oxRegistry::get("oxUtilsView")->addErrorToDisplay($oEx, false, true);
637 
638  return;
639  }
640 
641 
642  // order remark
643  $sOrderRemark = oxRegistry::getConfig()->getRequestParameter('order_remark', true);
644 
645  if ($sOrderRemark) {
646  oxRegistry::getSession()->setVariable('ordrem', $sOrderRemark);
647  } else {
648  oxRegistry::getSession()->deleteVariable('ordrem');
649  }
650 
651  if ($oBasket = $this->getSession()->getBasket()) {
652  $oBasket->setBasketUser(null);
653  $oBasket->onUpdate();
654  }
655 
656  return true;
657  }
658 
666  private function cleanBillingAddress($aBillingAddress)
667  {
668  if (is_array($aBillingAddress)) {
669  $skipFields = array('oxuser__oxid', 'oxid', 'oxuser__oxpoints', 'oxpoints', 'oxuser__oxboni', 'oxboni');
670  $aBillingAddress = array_change_key_case($aBillingAddress);
671  $aBillingAddress = array_diff_key($aBillingAddress, array_flip($skipFields));
672  }
673  return $aBillingAddress;
674  }
675 
683  private function cleanDeliveryAddress($aDeliveryAddress)
684  {
685  if (is_array($aDeliveryAddress)) {
686  $skipFields = array('oxaddress__oxid', 'oxid', 'oxaddress__oxuserid', 'oxuserid', 'oxaddress__oxaddressuserid', 'oxaddressuserid');
687  $aDeliveryAddress = array_change_key_case($aDeliveryAddress);
688  $aDeliveryAddress = array_diff_key($aDeliveryAddress, array_flip($skipFields));
689  }
690  return $aDeliveryAddress;
691  }
692 
699  protected function _getDelAddressData()
700  {
701  // if user company name, user name and additional info has special chars
702  $blShowShipAddressParameter = oxRegistry::getConfig()->getRequestParameter('blshowshipaddress');
703  $blShowShipAddressVariable = oxRegistry::getSession()->getVariable('blshowshipaddress');
704  $sDeliveryAddressParameter = oxRegistry::getConfig()->getRequestParameter('deladr', true);
705  $aDeladr = ($blShowShipAddressParameter || $blShowShipAddressVariable) ? $sDeliveryAddressParameter : array();
706  $aDelAdress = $aDeladr;
707 
708  if (is_array($aDeladr)) {
709  // checking if data is filled
710  if (isset($aDeladr['oxaddress__oxsal'])) {
711  unset($aDeladr['oxaddress__oxsal']);
712  }
713  if (!count($aDeladr) || implode('', $aDeladr) == '') {
714  // resetting to avoid empty records
715  $aDelAdress = array();
716  }
717  }
718 
719  return $aDelAdress;
720  }
721 
727  protected function _getLogoutLink()
728  {
729  $oConfig = $this->getConfig();
730 
731  $sLogoutLink = $oConfig->isSsl() ? $oConfig->getShopSecureHomeUrl() : $oConfig->getShopHomeUrl();
732  $sLogoutLink .= 'cl=' . $oConfig->getRequestParameter('cl') . $this->getParent()->getDynUrlParams();
733  if ($sParam = $oConfig->getRequestParameter('anid')) {
734  $sLogoutLink .= '&amp;anid=' . $sParam;
735  }
736  if ($sParam = $oConfig->getRequestParameter('cnid')) {
737  $sLogoutLink .= '&amp;cnid=' . $sParam;
738  }
739  if ($sParam = $oConfig->getRequestParameter('mnid')) {
740  $sLogoutLink .= '&amp;mnid=' . $sParam;
741  }
742  if ($sParam = $oConfig->getRequestParameter('tpl')) {
743  $sLogoutLink .= '&amp;tpl=' . $sParam;
744  }
745  if ($sParam = $oConfig->getRequestParameter('oxloadid')) {
746  $sLogoutLink .= '&amp;oxloadid=' . $sParam;
747  }
748  // @deprecated since v5.3 (2016-06-17); Listmania will be moved to an own module.
749  if ($sParam = $oConfig->getRequestParameter('recommid')) {
750  $sLogoutLink .= '&amp;recommid=' . $sParam;
751  }
752  // END deprecated
753 
754  return $sLogoutLink . '&amp;fnc=logout';
755  }
756 
762  public function setLoginStatus($iStatus)
763  {
764  $this->_iLoginStatus = $iStatus;
765  }
766 
775  public function getLoginStatus()
776  {
777  return $this->_iLoginStatus;
778  }
779 
783  public function getInvitor()
784  {
785  $sSu = oxRegistry::getSession()->getVariable('su');
786 
787  if (!$sSu && ($sSuNew = oxRegistry::getConfig()->getRequestParameter('su'))) {
788  oxRegistry::getSession()->setVariable('su', $sSuNew);
789  }
790  }
791 
795  public function setRecipient()
796  {
797  $sRe = oxRegistry::getSession()->getVariable('re');
798  if (!$sRe && ($sReNew = oxRegistry::getConfig()->getRequestParameter('re'))) {
799  oxRegistry::getSession()->setVariable('re', $sReNew);
800  }
801  }
802 }