1: <?php
2: namespace Opencart\System\Library\Cart;
3: /**
4: * Class Customer
5: *
6: * @package Opencart\System\Library\Cart
7: */
8: class Customer {
9: /**
10: * @var object
11: */
12: private object $db;
13: /**
14: * @var object
15: */
16: private object $config;
17: /**
18: * @var object
19: */
20: private object $request; // Do not add namespace as it stops devs being able to extend classes
21: /**
22: * @var object
23: */
24: private object $session;
25: /**
26: * @var int
27: */
28: private int $customer_id = 0;
29: /**
30: * @var string
31: */
32: private string $firstname = '';
33: /**
34: * @var string
35: */
36: private string $lastname = '';
37: /**
38: * @var int
39: */
40: private int $customer_group_id = 0;
41: /**
42: * @var string
43: */
44: private string $email = '';
45: /**
46: * @var string
47: */
48: private string $telephone = '';
49: /**
50: * @var bool
51: */
52: private bool $newsletter = false;
53: /**
54: * @var bool
55: */
56: private bool $safe = false;
57: /**
58: * @var bool
59: */
60: private bool $commenter = false;
61:
62: /**
63: * Constructor
64: *
65: * @param \Opencart\System\Engine\Registry $registry
66: */
67: public function __construct(\Opencart\System\Engine\Registry $registry) {
68: $this->db = $registry->get('db');
69: $this->config = $registry->get('config');
70: $this->request = $registry->get('request');
71: $this->session = $registry->get('session');
72:
73: if (isset($this->session->data['customer_id'])) {
74: $customer_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE `customer_id` = '" . (int)$this->session->data['customer_id'] . "' AND `status` = '1'");
75:
76: if ($customer_query->num_rows) {
77: $this->customer_id = $customer_query->row['customer_id'];
78: $this->firstname = $customer_query->row['firstname'];
79: $this->lastname = $customer_query->row['lastname'];
80: $this->customer_group_id = $customer_query->row['customer_group_id'];
81: $this->email = $customer_query->row['email'];
82: $this->telephone = $customer_query->row['telephone'];
83: $this->newsletter = $customer_query->row['newsletter'];
84: $this->safe = (bool)$customer_query->row['safe'];
85: $this->commenter = (bool)$customer_query->row['commenter'];
86:
87: $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `language_id` = '" . (int)$this->config->get('config_language_id') . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE `customer_id` = '" . (int)$this->customer_id . "'");
88: } else {
89: $this->logout();
90: }
91: }
92: }
93:
94: /**
95: * Login
96: *
97: * @param string $email
98: * @param string $password
99: * @param bool $override
100: *
101: * @return bool
102: */
103: public function login(string $email, string $password, bool $override = false): bool {
104: $customer_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "' AND `status` = '1'");
105:
106: if ($customer_query->row) {
107: if (!$override) {
108: if (password_verify($password, $customer_query->row['password'])) {
109: $rehash = password_needs_rehash($customer_query->row['password'], PASSWORD_DEFAULT);
110: } elseif (isset($customer_query->row['salt']) && $customer_query->row['password'] == sha1($customer_query->row['salt'] . sha1($customer_query->row['salt'] . sha1($password)))) {
111: $rehash = true;
112: } elseif ($customer_query->row['password'] == md5($password)) {
113: $rehash = true;
114: } else {
115: return false;
116: }
117:
118: if ($rehash) {
119: $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `password` = '" . $this->db->escape(password_hash($password, PASSWORD_DEFAULT)) . "' WHERE `customer_id` = '" . (int)$customer_query->row['customer_id'] . "'");
120: }
121: }
122:
123: $this->session->data['customer_id'] = $customer_query->row['customer_id'];
124:
125: $this->customer_id = $customer_query->row['customer_id'];
126: $this->firstname = $customer_query->row['firstname'];
127: $this->lastname = $customer_query->row['lastname'];
128: $this->customer_group_id = $customer_query->row['customer_group_id'];
129: $this->email = $customer_query->row['email'];
130: $this->telephone = $customer_query->row['telephone'];
131: $this->newsletter = $customer_query->row['newsletter'];
132: $this->safe = (bool)$customer_query->row['safe'];
133: $this->commenter = (bool)$customer_query->row['commenter'];
134:
135: $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `language_id` = '" . (int)$this->config->get('config_language_id') . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE `customer_id` = '" . (int)$this->customer_id . "'");
136:
137: return true;
138: } else {
139: return false;
140: }
141: }
142:
143: /**
144: * Logout
145: *
146: * @return void
147: */
148: public function logout(): void {
149: unset($this->session->data['customer_id']);
150:
151: $this->customer_id = 0;
152: $this->firstname = '';
153: $this->lastname = '';
154: $this->customer_group_id = 0;
155: $this->email = '';
156: $this->telephone = '';
157: $this->newsletter = false;
158: $this->safe = false;
159: $this->commenter = false;
160: }
161:
162: /**
163: * isLogged
164: *
165: * @return bool
166: */
167: public function isLogged(): bool {
168: return $this->customer_id ? true : false;
169: }
170:
171: /**
172: * getId
173: *
174: * @return int
175: */
176: public function getId(): int {
177: return $this->customer_id;
178: }
179:
180: /**
181: * getFirstName
182: *
183: * @return string
184: */
185: public function getFirstName(): string {
186: return $this->firstname;
187: }
188:
189: /**
190: * getLastName
191: *
192: * @return string
193: */
194: public function getLastName(): string {
195: return $this->lastname;
196: }
197:
198: /**
199: * getGroupId
200: *
201: * @return int
202: */
203: public function getGroupId(): int {
204: return $this->customer_group_id;
205: }
206:
207: /**
208: * getEmail
209: *
210: * @return string
211: */
212: public function getEmail(): string {
213: return $this->email;
214: }
215:
216: /**
217: * getTelephone
218: *
219: * @return string
220: */
221: public function getTelephone(): string {
222: return $this->telephone;
223: }
224:
225: /**
226: * getNewsletter
227: *
228: * @return bool
229: */
230: public function getNewsletter(): bool {
231: return $this->newsletter;
232: }
233:
234: /**
235: * isSafe
236: *
237: * @return bool
238: */
239: public function isSafe(): bool {
240: return $this->safe;
241: }
242:
243: /**
244: * isCommenter
245: *
246: * @return bool
247: */
248: public function isCommenter(): bool {
249: return $this->commenter;
250: }
251:
252: /**
253: * getAddressId
254: *
255: * @return int
256: */
257: public function getAddressId(): int {
258: $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "address` WHERE `customer_id` = '" . (int)$this->customer_id . "' AND `default` = '1'");
259:
260: if ($query->num_rows) {
261: return (int)$query->row['address_id'];
262: } else {
263: return 0;
264: }
265: }
266:
267: /**
268: * getBalance
269: *
270: * @return float
271: */
272: public function getBalance(): float {
273: $query = $this->db->query("SELECT SUM(`amount`) AS `total` FROM `" . DB_PREFIX . "customer_transaction` WHERE `customer_id` = '" . (int)$this->customer_id . "'");
274:
275: return (float)$query->row['total'];
276: }
277:
278: /**
279: * getRewardPoints
280: *
281: * @return float
282: */
283: public function getRewardPoints(): float {
284: $query = $this->db->query("SELECT SUM(`points`) AS `total` FROM `" . DB_PREFIX . "customer_reward` WHERE `customer_id` = '" . (int)$this->customer_id . "'");
285:
286: return (float)$query->row['total'];
287: }
288: }
289: