assets/s2diclient.php
/// Art: Shop Business Logic
/// Inhalt: Klasse client
/// Beschreibung: Business Logic für den Kunden
/// Benötigt: config.php, db.php
/// CCML-Parsing: nein
///
//////////////////////////////////////////////////////////////////////////////////////////
///
/// Letzte Änderungen:
/// 20.03.2009 Kundespezifische Felder bei Kauf ohne Konto entfernt
/// 06.04.2009 Entcryption für Bank/Karten entfernt
/// 16.04.2009 Anpassung Postleitzahlen
/// 21.09.2009 Korrektur Pflichtfelder auch ohne Anmeldung
/// 22.09.2009 split -> explode
/// 02.11.2009 Linzenzen Link angepasst
/// 11.11.2009 Passwort senden reine Textmail verbessert
/// 03.12.2009 Bugfix Newsletter bei empfindlichem SQL
/// 22.01.2010 Neue Funktion zur Überprüfung der Email Wiederholung
/// 06.03.2010 Neue Funktion getorderssorted zur geordneten Ausgabe digitaler Güter
/// 06.03.2010 Firme required Bugfix
/// 22.07.2010 Prüfung der Emailadresse toleranter auf Groß- Kleinschreibung
/// 31.07.2010 Änderung Start-Kundennummer
/// 02.08.2010 Prüfungen für Bankdaten entfernt
/// 11.08.2010 Geänderter Parameter für Direktlink zur Auftragsverwaltung
///
//////////////////////////////////////////////////////////////////////////////////////////
///<11.08.2010/7.0.1.12/>
if (!defined('SHOP_TO_DATE'))
die('Forbidden');
class client extends db {
var $client_id;
// Mit Bestellnummer ist Kundenkopie für Auftrag
var $order_id = 0;
var $password = null;
// Merkdaten
var $shipping_uid = null;
var $payment_uid = null;
// Kundendaten
var $salutation = '';
var $firstname = '';
var $lastname = '';
var $company = null;
var $street = '';
var $streetnumber = '';
var $zip = '';
var $city = '';
var $country = '';
var $phone = null;
var $cellphone = null;
var $fax = null;
var $custom1 = null;
var $custom2 = null;
var $custom3 = null;
var $custom4 = null;
var $custom5 = null;
var $newsletter = 0;
var $email = '';
var $emailrepeat;
var $reliability = 0;
var $novat = 0;
var $rebate_amount = 0;
var $rebate_absolute = 0;
var $daystopayment = CC_SITE_DAYSTOPAYMENT;
// Rechnungsadresse
var $deviating_shipping_address = 0;
var $shipping_salutation = null;
var $shipping_firstname = null;
var $shipping_lastname = null;
var $shipping_company = null;
var $shipping_street = null;
var $shipping_streetnumber = null;
var $shipping_zip = null;
var $shipping_city = null;
var $shipping_country = null;
// Bank und Krdeditkarte
var $bank_accountnumber = null;
var $bank_accountholder = null;
var $bank_name = null;
var $bank_code = null;
var $credit_accountnumber = null;
var $credit_validuntil = null;
var $credit_accountholder = null;
var $credit_cvc = null;
var $message = null;
var $change_id = null;
var $coupon_id = null;
var $custom_options = null;
// Konstruktor öffnet Kunden oder Kundenkopie für Auftrag
function client($client_id = null, $order_id = null) {
$this->db(TABLE_CLIENTS);
if ($client_id)
$this->db_selectobject(array('client_id' => $client_id, 'order_id' => 0));
if ($order_id)
$this->db_selectobject(array('order_id' => $order_id));
format::to_abs($this, array('newsletter', 'novat', 'rebate_absolute', 'deviating_shipping_address', 'daystopayment'));
format::to_int($this, array('reliability'));
format::to_float($this, array('rebate_amount'), 2);
}
// Prüfen pb Kunde angemeldet ist oder nur ohne Konto bestellt
function has_account() {
return $this->client_id > 0;
}
// Prüfen ob Kunden nicht angemeldet ist, aber Nutzerdaten gespeichert
function saved_on_machine() {
return $this->client_id < 0 && $this->password;
}
// Prüfen ob Kunden nicht angemeldet ist, aber Nutzerdaten gespeichert
function not_saved_on_machine() {
return $this->client_id < 0 && !$this->password;
}
// Umsatzsteueranpassung Spanien
// Prüfung auf Land und Provinz
function get_zip() {
if ($this->deviating_shipping_address) {
if (substr($this->shipping_country, 0, 2) == 'ES')
return substr($this->shipping_zip, 0, 2);
} else {
if (substr($this->country, 0, 2) == 'ES')
return substr($this->zip, 0, 2);
}
return null;
}
// Neues Passwort generieren
function new_password() {
$password = substr(md5(uniqid(microtime())), 0, 8);
$this->password = md5($password);
return $password;
}
// Passwort senden falls vorhanden
function send_password($password) {
$text_mail = str_replace('[p]', $password, CC_RESSOURCE_NEWPASSWORD)."\n\n".str_replace('
', "\n", CC_SITE_SHOPADDRESS);
$html_mail = ''.str_replace('[p]', $password, CC_RESSOURCE_NEWPASSWORD).
'
'.CC_SITE_SHOPADDRESS.'
';
$email = new email();
$email->to_email = $this->email;
$email->to_plain = $this->firstname.' '.$this->lastname;
$email->from_email = CC_SITE_MAILFROM;
$email->from_plain = CC_SITE_MAILNAME;
$email->subject = CC_SITE_MAILSUBJECTPASSWORD;
$email->content_plain = $text_mail;
$email->content_html = $html_mail;
$email->store();
}
// Nachricht an Shopbeteiber, Fragen und Reklamationen
function send_message($message, $order_id, $item) {
$url_client = CC_SITE_HTTPURL.clean_url(CC_URL_OSCLIENTS).'?'.PARAMETER_MODE.'=id&'.PARAMETER_TEXT.'='.$this->client_id;
$url_order = CC_SITE_HTTPURL.clean_url(CC_URL_OSORDERS).'?'.PARAMETER_MODE.'=id&'.PARAMETER_TEXT.'='.$order_id;
$body =
"$this->firstname $this->lastname
\n".
"$this->street $this->streetnumber
\n".
"$this->zip $this->city
\n".
substr($this->country, 11)."
\n".
($this->phone ? CC_RESSOURCE_PHONE.": $this->phone
\n" : "").
($this->cellphone ? CC_RESSOURCE_CELLPHONE.": $this->cellphone
\n" : "").
''.$url_client.''."
\n\n".
($order_id ? CC_RESSOURCE_ORDERID.": $order_id
\n" : '').
($order_id ? ''.$url_order.''."
\n\n" : "").
($item ? CC_RESSOURCE_CLAIMSELECT.": $item
\n
\n" : '').
str_replace("\n", "
\n", $message);
$email = new email();
$email->client_id = $this->client_id;
if ($order_id)
$email->order_id = $order_id;
$email->from_email = $this->email;
$email->from_plain = "$this->firstname $this->lastname";
$email->to_email = CC_SITE_MAILMESSAGE;
$email->subject = CC_SITE_MAILMESSAGESUBJECT;
$email->content_html = $body;
$email->content_plain = strip_tags($body);
$email->store();
}
// Loginüberprüfung
function check_login($email, $password) {
if (constant('CC_SITE_WEBBACKENDEMAIL') && constant('CC_SITE_WEBBACKENDPASSWORD') &&
strtolower($email) == strtolower(CC_SITE_WEBBACKENDEMAIL) && $password == CC_SITE_WEBBACKENDPASSWORD)
return null;
// Prüfen auf Email
$this->db_selectobject(array('lower(email)' => strtolower($email), 'order_id' => 0, 'client_id > 0'));
if (strtolower($this->email) == strtolower($email) && $this->password == md5($password))
return true;
// Prüfen auf Kundennummer
$this->db_selectobject(array('client_id' => $email, 'order_id' => 0));
if ($this->client_id == $email && $this->password == md5($password))
return true;
return false;
}
// Emailüberprüfung
function check_email($email, $mode = null) {
// Fehler, wenn EMail vom Shopbetreiber genutzt wird
if ($email && (strtolower($email) == strtolower(CC_SITE_MAILMESSAGE) ||
strtolower($email) == strtolower(CC_SITE_MAILCOPY) ||
strtolower($email) == strtolower(CC_SITE_MAILFROM) ||
strtolower($email) == strtolower(CC_SITE_WEBBACKENDEMAIL)))
return true;
// Bei ohne Anmeldung dürfen Emails doppelt sein
if ($mode == MODE_CONTINUEWITHOUTLOGIN) {
$this->email = $email;
return false;
}
// Bim Bearbeiten der Daten und Email unverändert
if ($mode == MODE_EDIT && strtolower($email) == strtolower($this->email))
return false;
// Sonst schauen ob bereits Email existiert, ausgenommen unangemeldete
$object = $this->db_selectone(array('email'), array('lower(email)' => strtolower($email), 'client_id > 0'));
if ($email && isset($object->email) && strtolower($object->email) == strtolower($email)) {
return true;
}else {
$this->email = $email;
return false;
}
}
// Wiederholungsemailüberprüfung
function check_email_repeat($email, $emailrepeat) {
// Fehler, wenn EMail vom Shopbetreiber genutzt wird
$this->emailrepeat = $emailrepeat;
if ($email != $emailrepeat && CC_SITE_REPEATEMAILREQUEST)
return true;
else
return false;
}
// Überprüfung auf fehlerhaft ausgefüllte Formularfelder
function is_error($field) {
global $start;
if ($start)
return '';
switch($field) {
case 'password':
if (!$this->password)
return 'h';
break;
// Persönliche Daten
case 'firstname':
if (!$this->firstname)
return 'h';
break;
case 'lastname':
if (!$this->lastname)
return 'h';
break;
case 'company':
if (!$this->company && CC_SITE_COMPANYREQUIRED == REQUIRED)
return 'h';
break;
case 'street':
if (!$this->street)
return 'h';
break;
case 'streetnumber':
if (!$this->streetnumber)
return 'h';
break;
case 'zip':
if (!$this->zip)
return 'h';
break;
case 'city':
if (!$this->city)
return 'h';
break;
// Weitere persönliche Daten
case 'phone':
if (!$this->phone && CC_SITE_PHONEREQUIRED == REQUIRED)
return 'h';
break;
case 'cellphone':
if (!$this->cellphone && CC_SITE_CELLPHONEREQUIRED == REQUIRED)
return 'h';
break;
case 'fax':
if (!$this->fax && CC_SITE_FAXREQUIRED == REQUIRED)
return 'h';
break;
case 'custom1':
if (!$this->custom1 && CC_SITE_CUSTOM1REQUIRED == REQUIRED)
return 'h';
break;
case 'custom2':
if (!$this->custom2 && CC_SITE_CUSTOM2REQUIRED == REQUIRED)
return 'h';
break;
case 'custom3':
if (!$this->custom3 && CC_SITE_CUSTOM3REQUIRED == REQUIRED)
return 'h';
break;
case 'custom4':
if (!$this->custom4 && CC_SITE_CUSTOM4REQUIRED == REQUIRED)
return 'h';
break;
case 'custom5':
if (!$this->custom5 && CC_SITE_CUSTOM5REQUIRED == REQUIRED)
return 'h';
break;
case 'email':
if (!preg_match('/^[\w-\.]+@[\w-\.]+\.[a-zA-Z]{2,6}$/', $this->email))
return 'h';
break;
// Lieferadresse
case 'shipping_firstname':
if (!$this->shipping_firstname)
return 'h';
break;
case 'shipping_lastname':
if (!$this->shipping_lastname)
return 'h';
break;
case 'shipping_company':
if (!$this->shipping_company && CC_SITE_COMPANYREQUIRED == REQUIRED)
return 'h';
break;
case 'shipping_street':
if (!$this->shipping_street)
return 'h';
break;
case 'shipping_streetnumber':
if (!$this->shipping_streetnumber)
return 'h';
break;
case 'shipping_zip':
if (!$this->shipping_zip)
return 'h';
break;
case 'shipping_city':
if (!$this->shipping_city)
return 'h';
break;
// Bankverbindung
case 'bank_accountnumber':
if (!$this->bank_accountnumber)
return 'h';
break;
case 'bank_name':
if (!$this->bank_name)
return 'h';
break;
case 'bank_accountholder':
if (!$this->bank_accountholder)
return 'h';
break;
case 'bank_code':
if (!$this->bank_code)
return 'h';
break;
// Kreditkarteninfo
case 'credit_accountnumber':
$credit_accountnumber = $this->credit_accountnumber;
if (preg_match('/^0+$/', $credit_accountnumber))
return 'h';
if (strlen($credit_accountnumber) < 15 || strlen($credit_accountnumber) > 16)
return 'h';
$sum = 0;
$mul = 1;
for ($i = strlen($credit_accountnumber) - 1; $i >= 0; $i--) {
$digit = $credit_accountnumber{$i};
$product = $digit * $mul;
if ($product > 9) {
$sum++;
$product -= 10;
}
$sum += $product;
$mul = $mul == 1 ? 2 : 1;
}
if ($sum % 10 != 0)
return 'h';
break;
case 'credit_validuntil':
$date = explode(' / ', $this->credit_validuntil);
if (count($date) != 2)
return 'h';
if (mktime(23, 59, 59, $date[0] == 12 ? 1 : $date[0] + 1, 0, $date[0] == 12 ? $date[1] + 1 : $date[1]) < time())
return 'h';
break;
case 'credit_accountholder':
if (!$this->credit_accountholder)
return 'h';
break;
case 'credit_cvc':
if (!preg_match('/^\d{3}$/', $this->credit_cvc))
return 'h';
break;
}
return '';
}
// Kundennummer setzen
function set_client_id($mode = null) {
// Neuer Kunde
if ($mode == MODE_NEW) {
$object = $this->db_selectone(array('max(client_id) as id'), array('client_id > 0'));
if ($object->id === null || $object->id < CC_SITE_STARTCLIENTID)
$this->client_id = CC_SITE_STARTCLIENTID;
else
$this->client_id = $object->id + 1;
// Anmeldung ohne Kontoerstellung, Kundenummer negativ
} else {
$object = $this->db_selectone(array('min(client_id) as id'), array('client_id < 0'));
if ($object->id === null)
$this->client_id = -2;
else
$this->client_id = $object->id - 1;
}
}
// Kundendaten von POST übernehmen
function set_client($mode = null) {
$prefix = $mode == MODE_CONTINUEWITHOUTLOGIN ? '_' : '';
$this->salutation = post($prefix.'salutation');
$this->firstname = post($prefix.'firstname');
$this->lastname = post($prefix.'lastname');
if (post($prefix.'company'))
$this->company = post($prefix.'company');
$this->street = post($prefix.'street');
$this->streetnumber = post($prefix.'streetnumber');
$this->zip = post($prefix.'zip');
$this->city = post($prefix.'city');
$this->country = post($prefix.'country');
if (post($prefix.'phone'))
$this->phone = post($prefix.'phone');
if (post($prefix.'cellphone'))
$this->cellphone = post($prefix.'cellphone');
if (post($prefix.'fax'))
$this->fax = post($prefix.'fax');
if (post($prefix.'custom1'))
$this->custom1 = post($prefix.'custom1');
if (post($prefix.'custom2'))
$this->custom2 = post($prefix.'custom2');
if (post($prefix.'custom3'))
$this->custom3 = post($prefix.'custom3');
if (post($prefix.'custom4'))
$this->custom4 = post($prefix.'custom4');
if (post($prefix.'custom5'))
$this->custom5 = post($prefix.'custom5');
// Anmeldung ohne Kundenkonto
if ($mode == MODE_CONTINUEWITHOUTLOGIN) {
$this->newsletter = 0;
return
$this->is_error('firstname') ||
$this->is_error('lastname') ||
$this->is_error('company') ||
$this->is_error('street') ||
$this->is_error('streetnumber') ||
$this->is_error('zip') ||
$this->is_error('city') ||
$this->is_error('email') ||
$this->is_error('country') ||
$this->is_error('phone') ||
$this->is_error('cellphone') ||
$this->is_error('fax') ||
$this->is_error('custom1') ||
$this->is_error('custom2') ||
$this->is_error('custom3') ||
$this->is_error('custom4') ||
$this->is_error('custom5');
// Anmeldung mit Kundenkonto
} else {
$this->newsletter = is_post('newsletter') && post('newsletter') ? 1 : 0;
$password = post('password');
$password_confirm = post('password_confirm');
if (!empty($password) || !empty($password_confirm)) {
if ($password == $password_confirm)
$this->password = md5($password);
else
$this->password = '';
}
return
$this->is_error('firstname') ||
$this->is_error('lastname') ||
$this->is_error('company') ||
$this->is_error('street') ||
$this->is_error('streetnumber') ||
$this->is_error('zip') ||
$this->is_error('city') ||
$this->is_error('email') ||
$this->is_error('country') ||
$this->is_error('phone') ||
$this->is_error('cellphone') ||
$this->is_error('fax') ||
$this->is_error('password') ||
$this->is_error('custom1') ||
$this->is_error('custom2') ||
$this->is_error('custom3') ||
$this->is_error('custom4') ||
$this->is_error('custom5');
}
}
// Bankdaten von POST übernehmen
function set_bank_account() {
$this->bank_accountnumber = post('bank_accountnumber');
$this->bank_name = post('bank_name');
$this->bank_accountholder = post('bank_accountholder');
$this->bank_code = post('bank_code');
return
$this->is_error('bank_accountnumber') ||
$this->is_error('bank_name') ||
$this->is_error('bank_accountholder') ||
$this->is_error('bank_code');
}
// Kreditkarte von POST übernehmen
function set_credit_card($param) {
$this->credit_accountnumber = preg_replace('/[^0-9]/', '', post('credit_accountnumber'));
$this->credit_cvc = post('credit_cvc');
$this->credit_validuntil = post('credit_validuntil_month', CHECK_NUM)." / ".post('credit_validuntil_year', CHECK_NUM);
$this->credit_accountholder = post('credit_accountholder');
$error =
$this->is_error('credit_accountnumber') ||
$this->is_error('credit_accountholder') ||
$this->is_error('credit_validuntil');
if ($param == 'ccardcvc')
$error = $error || $this->is_error('credit_cvc');
return $error;
}
// Lieferadresse POST übernehmen
function set_shipping_address() {
$this->deviating_shipping_address = 1;
$this->shipping_salutation = post('shipping_salutation');
$this->shipping_firstname = post('shipping_firstname');
$this->shipping_lastname = post('shipping_lastname');
$this->shipping_company = post('shipping_company');
$this->shipping_street = post('shipping_street');
$this->shipping_streetnumber = post('shipping_streetnumber');
$this->shipping_zip = post('shipping_zip');
$this->shipping_city = post('shipping_city');
$this->shipping_country = post('shipping_country');
return
$this->is_error('shipping_firstname') ||
$this->is_error('shipping_lastname') ||
$this->is_error('shipping_company') ||
$this->is_error('shipping_street') ||
$this->is_error('shipping_streetnumber') ||
$this->is_error('shipping_zip') ||
$this->is_error('shipping_city');
}
//////////////////////////////////////////////////////////////////////////// Datenbank
// Kundendatan speichern
function store($mode = null, $client_id_session = null) {
if (!$this->order_id)
$this->generate_change_id();
else
$this->change_id = null;
// Neuen Kunden speichern
if ($mode && !$client_id_session) {
$this->set_client_id($mode);
$this->db_insertobject();
// Kundenkopie zum Auftrag speichern
} else if ($mode === false)
$this->db_insertobject();
// Kundensatz aktualisieren
else {
if (!$this->client_id && $client_id_session)
$this->client_id = $client_id_session;
$this->db_updateobject(array('order_id' => $this->order_id));
}
return $this->client_id;
}
// Kunden holen - normale Kundenkonten
function get($fields, $where, $order = null, $page = null, $perpage = null) {
return $this->db_get($fields, array_merge($where, array('order_id' => 0, 'client_id > 0')), $order, $page, $perpage);
}
// Kunden holen - Kundenkopien für Auftrag
function getorders($fields, $where, $order = null) {
if (!$this->is_result())
$this->db_select($fields, array_merge($where, array('order_id != 0')), $order, null, null);
$object = $this->db_fetch();
if (!$object)
$this->db_free();
return $object;
}
// Auftragsnummer sortiert
function getorderssorted($fields, $where, $order = null) {
if (!$this->is_result())
$this->db_selectjoin($fields, 'orders', 'order_id', array_merge($where, array('t1.order_id != 0')), $order);
$object = $this->db_fetch();
if (!$object)
$this->db_free();
return $object;
}
// Kunde löschen
function delete() {
$this->db_delete(array('client_id' => $this->client_id, 'order_id' => $this->order_id));
if (!$this->order_id && $this->client_id >= 0) {
$deleted_ids = new abstractdb(TABLE_DELETED);
$deleted_ids->client_id = $this->client_id;
$this->generate_change_id();
$deleted_ids->change_id = $this->change_id;
$deleted_ids->store(true);
return $this->change_id;
}
}
}
?>