1: | <?php
|
2: | namespace Opencart\Catalog\Model\Account;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Customer extends \Opencart\System\Engine\Model {
|
9: | |
10: | |
11: | |
12: | |
13: | |
14: | |
15: |
|
16: | public function addCustomer(array $data): int {
|
17: | if (isset($data['customer_group_id']) && is_array($this->config->get('config_customer_group_display')) && in_array($data['customer_group_id'], $this->config->get('config_customer_group_display'))) {
|
18: | $customer_group_id = (int)$data['customer_group_id'];
|
19: | } else {
|
20: | $customer_group_id = (int)$this->config->get('config_customer_group_id');
|
21: | }
|
22: |
|
23: | $this->load->model('account/customer_group');
|
24: |
|
25: | $customer_group_info = $this->model_account_customer_group->getCustomerGroup($customer_group_id);
|
26: |
|
27: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer` SET `customer_group_id` = '" . (int)$customer_group_id . "', `store_id` = '" . (int)$this->config->get('config_store_id') . "', `language_id` = '" . (int)$this->config->get('config_language_id') . "', `firstname` = '" . $this->db->escape($data['firstname']) . "', `lastname` = '" . $this->db->escape($data['lastname']) . "', `email` = '" . $this->db->escape(oc_strtolower($data['email'])) . "', `telephone` = '" . $this->db->escape($data['telephone']) . "', `custom_field` = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "', `password` = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `newsletter` = '" . (isset($data['newsletter']) ? (int)$data['newsletter'] : 0) . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', `status` = '" . (int)!$customer_group_info['approval'] . "', `date_added` = NOW()");
|
28: |
|
29: | $customer_id = $this->db->getLastId();
|
30: |
|
31: | if ($customer_group_info['approval']) {
|
32: | $this->load->model('account/approval');
|
33: |
|
34: | $this->model_account_approval->addApproval($customer_id, 'customer');
|
35: | }
|
36: |
|
37: | return $customer_id;
|
38: | }
|
39: |
|
40: | |
41: | |
42: | |
43: | |
44: | |
45: | |
46: | |
47: |
|
48: | public function editCustomer(int $customer_id, array $data): void {
|
49: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `firstname` = '" . $this->db->escape($data['firstname']) . "', `lastname` = '" . $this->db->escape($data['lastname']) . "', `email` = '" . $this->db->escape(oc_strtolower($data['email'])) . "', `telephone` = '" . $this->db->escape($data['telephone']) . "', `custom_field` = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
50: | }
|
51: |
|
52: | |
53: | |
54: | |
55: | |
56: | |
57: | |
58: | |
59: |
|
60: | public function editPassword(string $email, string $password): void {
|
61: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `password` = '" . $this->db->escape(password_hash(html_entity_decode($password, ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `code` = '' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
62: | }
|
63: |
|
64: | |
65: | |
66: | |
67: | |
68: | |
69: | |
70: | |
71: |
|
72: | public function editCode(string $email, string $code): void {
|
73: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `code` = '" . $this->db->escape($code) . "' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
74: | }
|
75: |
|
76: | |
77: | |
78: | |
79: | |
80: | |
81: | |
82: | |
83: |
|
84: | public function editToken(string $email, string $token): void {
|
85: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `token` = '" . $this->db->escape($token) . "' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
86: | }
|
87: |
|
88: | |
89: | |
90: | |
91: | |
92: | |
93: | |
94: | |
95: |
|
96: | public function editNewsletter(int $customer_id, bool $newsletter): void {
|
97: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `newsletter` = '" . (bool)$newsletter . "' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
98: | }
|
99: |
|
100: | |
101: | |
102: | |
103: | |
104: | |
105: | |
106: |
|
107: | public function deleteCustomer(int $customer_id): void {
|
108: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
109: |
|
110: | $this->load->model('account/activity');
|
111: |
|
112: | $this->model_account_activity->deleteActivities($customer_id);
|
113: |
|
114: | $this->load->model('account/address');
|
115: |
|
116: | $this->model_account_address->deleteAddresses($customer_id);
|
117: |
|
118: | $this->load->model('account/affiliate');
|
119: |
|
120: | $this->model_account_affiliate->deleteAffiliate($customer_id);
|
121: |
|
122: | $this->load->model('account/approval');
|
123: |
|
124: | $this->model_account_approval->deleteApprovals($customer_id);
|
125: |
|
126: | $this->load->model('account/reward');
|
127: |
|
128: | $this->model_account_reward->deleteRewards($customer_id);
|
129: |
|
130: | $this->load->model('account/transaction');
|
131: |
|
132: | $this->model_account_transaction->deleteTransactions($customer_id);
|
133: |
|
134: | $this->load->model('account/wishlist');
|
135: |
|
136: | $this->model_account_wishlist->deleteWishlists($customer_id);
|
137: |
|
138: | $this->deleteHistories($customer_id);
|
139: | $this->deleteIps($customer_id);
|
140: | $this->deleteAuthorizes($customer_id);
|
141: | }
|
142: |
|
143: | |
144: | |
145: | |
146: | |
147: | |
148: | |
149: |
|
150: | public function getCustomer(int $customer_id): array {
|
151: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
152: |
|
153: | if ($query->num_rows) {
|
154: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
155: | } else {
|
156: | return [];
|
157: | }
|
158: | }
|
159: |
|
160: | |
161: | |
162: | |
163: | |
164: | |
165: | |
166: |
|
167: | public function getCustomerByEmail(string $email): array {
|
168: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
169: |
|
170: | if ($query->num_rows) {
|
171: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
172: | } else {
|
173: | return [];
|
174: | }
|
175: | }
|
176: |
|
177: | |
178: | |
179: | |
180: | |
181: | |
182: | |
183: |
|
184: | public function getCustomerByCode(string $code): array {
|
185: | $query = $this->db->query("SELECT `customer_id`, `firstname`, `lastname`, `email` FROM `" . DB_PREFIX . "customer` WHERE `code` = '" . $this->db->escape($code) . "' AND `code` != ''");
|
186: |
|
187: | if ($query->num_rows) {
|
188: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
189: | } else {
|
190: | return [];
|
191: | }
|
192: | }
|
193: |
|
194: | |
195: | |
196: | |
197: | |
198: | |
199: | |
200: |
|
201: | public function getCustomerByToken(string $token): array {
|
202: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE `token` = '" . $this->db->escape($token) . "' AND `token` != ''");
|
203: |
|
204: | if ($query->num_rows) {
|
205: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `token` = '' WHERE `customer_id` = '" . (int)$query->row['customer_id'] . "'");
|
206: |
|
207: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
208: | } else {
|
209: | return [];
|
210: | }
|
211: | }
|
212: |
|
213: | |
214: | |
215: | |
216: | |
217: | |
218: | |
219: |
|
220: | public function getTotalCustomersByEmail(string $email): int {
|
221: | $query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "customer` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
222: |
|
223: | return (int)$query->row['total'];
|
224: | }
|
225: |
|
226: | |
227: | |
228: | |
229: | |
230: | |
231: | |
232: |
|
233: | public function deleteHistory(int $customer_id): void {
|
234: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_history` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
235: | }
|
236: |
|
237: | |
238: | |
239: | |
240: | |
241: | |
242: | |
243: |
|
244: | public function deleteIp(int $customer_id): void {
|
245: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
246: | }
|
247: |
|
248: | |
249: | |
250: | |
251: | |
252: | |
253: | |
254: |
|
255: | public function getIps(int $customer_id): array {
|
256: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
257: |
|
258: | return $query->rows;
|
259: | }
|
260: |
|
261: | |
262: | |
263: | |
264: | |
265: | |
266: | |
267: |
|
268: | public function getTotalIps(int $customer_id): int {
|
269: | $query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
270: |
|
271: | return (int)$query->row['total'];
|
272: | }
|
273: |
|
274: | |
275: | |
276: | |
277: | |
278: | |
279: | |
280: | |
281: | |
282: |
|
283: | public function addLogin(int $customer_id, string $ip, string $country = ''): void {
|
284: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_ip` SET `customer_id` = '" . (int)$customer_id . "', `store_id` = '" . (int)$this->config->get('config_store_id') . "', `ip` = '" . $this->db->escape($ip) . "', `country` = '" . $this->db->escape($country) . "', `date_added` = NOW()");
|
285: | }
|
286: |
|
287: | |
288: | |
289: | |
290: | |
291: | |
292: | |
293: |
|
294: | public function addLoginAttempt(string $email): void {
|
295: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower((string)$email)) . "' AND `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'");
|
296: |
|
297: | if (!$query->num_rows) {
|
298: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_login` SET `email` = '" . $this->db->escape(oc_strtolower((string)$email)) . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', `total` = '1', `date_added` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "', `date_modified` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "'");
|
299: | } else {
|
300: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_login` SET `total` = (`total` + 1), `date_modified` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "' WHERE `customer_login_id` = '" . (int)$query->row['customer_login_id'] . "'");
|
301: | }
|
302: | }
|
303: |
|
304: | |
305: | |
306: | |
307: | |
308: | |
309: | |
310: |
|
311: | public function deleteLoginAttempts(string $email): void {
|
312: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
313: | }
|
314: |
|
315: | |
316: | |
317: | |
318: | |
319: | |
320: | |
321: |
|
322: | public function getLoginAttempts(string $email): array {
|
323: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
324: |
|
325: | return $query->row;
|
326: | }
|
327: |
|
328: | |
329: | |
330: | |
331: | |
332: | |
333: | |
334: | |
335: |
|
336: | public function addAuthorize(int $customer_id, array $data): void {
|
337: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_authorize` SET `customer_id` = '" . (int)$customer_id . "', `token` = '" . $this->db->escape($data['token']) . "', `ip` = '" . $this->db->escape($data['ip']) . "', `user_agent` = '" . $this->db->escape($data['user_agent']) . "', `date_added` = NOW()");
|
338: | }
|
339: |
|
340: | |
341: | |
342: | |
343: | |
344: | |
345: | |
346: | |
347: |
|
348: | public function editAuthorizeStatus(int $customer_authorize_id, bool $status): void {
|
349: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `status` = '" . (bool)$status . "' WHERE `customer_authorize_id` = '" . (int)$customer_authorize_id . "'");
|
350: | }
|
351: |
|
352: | |
353: | |
354: | |
355: | |
356: | |
357: | |
358: | |
359: |
|
360: | public function editAuthorizeTotal(int $customer_authorize_id, int $total): void {
|
361: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `total` = '" . (int)$total . "' WHERE `customer_authorize_id` = '" . (int)$customer_authorize_id . "'");
|
362: | }
|
363: |
|
364: | |
365: | |
366: | |
367: | |
368: | |
369: | |
370: | |
371: |
|
372: | public function deleteAuthorize(int $customer_id, int $customer_authorize_id = 0): void {
|
373: | $sql = "DELETE FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "'";
|
374: |
|
375: | if ($customer_authorize_id) {
|
376: | $sql .= " AND `customer_authorize_id` = '" . (int)$customer_authorize_id . "'";
|
377: | }
|
378: |
|
379: | $this->db->query($sql);
|
380: | }
|
381: |
|
382: | |
383: | |
384: | |
385: | |
386: | |
387: | |
388: | |
389: |
|
390: | public function getAuthorizeByToken(int $customer_id, string $token): array {
|
391: | $query = $this->db->query("SELECT *, (SELECT SUM(`total`) FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "') AS `attempts` FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "' AND `token` = '" . $this->db->escape($token) . "'");
|
392: |
|
393: | return $query->row;
|
394: | }
|
395: |
|
396: | |
397: | |
398: | |
399: | |
400: | |
401: | |
402: |
|
403: | public function resetAuthorizes(int $customer_id): void {
|
404: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `total` = '0' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
405: | }
|
406: | }
|
407: | |