HaaseIT/HCSF

View on GitHub
src/Controller/Customer/Userhome.php

Summary

Maintainability
C
1 day
Test Coverage
<?php

/*
    HCSF - A multilingual CMS and Shopsystem
    Copyright (C) 2014  Marcus Haase - mail@marcus.haase.name

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace HaaseIT\HCSF\Controller\Customer;

use HaaseIT\Toolbox\Tools;
use Zend\ServiceManager\ServiceManager;

/**
 * Class Userhome
 * @package HaaseIT\HCSF\Controller\Customer
 */
class Userhome extends Base
{
    /**
     * @var \HaaseIT\Toolbox\Textcat
     */
    private $textcats;

    /**
     * @var \PDO
     */
    private $db;

    /**
     * Userhome constructor.
     * @param ServiceManager $serviceManager
     */
    public function __construct(ServiceManager $serviceManager)
    {
        parent::__construct($serviceManager);
        $this->textcats = $serviceManager->get('textcats');
        $this->db = $serviceManager->get('db');
    }

    /**
     *
     */
    public function preparePage()
    {
        $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager);
        $this->P->cb_pagetype = 'content';

        if (!$this->helperCustomer->getUserData()) {
            $this->P->oPayload->cl_html = $this->textcats->T('denied_notloggedin');
        } else {
            $this->P->cb_customcontenttemplate = 'customer/customerhome';

            $aPData['display_logingreeting'] = false;
            if (filter_input(INPUT_GET, 'login') !== null) {
                $aPData['display_logingreeting'] = true;
            }
            if (filter_input(INPUT_GET, 'editprofile') !== null) {
                $aErr = [];

                if (filter_input(INPUT_POST, 'doEdit') === 'yes') {
                    $sql = 'SELECT '.DB_ADDRESSFIELDS.' FROM customer WHERE cust_id != :id AND cust_email = :email';

                    $sEmail = filter_var(trim(Tools::getFormfield('email')), FILTER_SANITIZE_EMAIL);

                    $hResult = $this->db->prepare($sql);
                    $hResult->bindValue(':id', $_SESSION['user']['cust_id'], \PDO::PARAM_INT);
                    $hResult->bindValue(':email', $sEmail, \PDO::PARAM_STR);
                    $hResult->execute();
                    $iRows = $hResult->rowCount();
                    if ($iRows == 1) {
                        $aErr['adrform_error_emailalreadytaken'] = true;
                    }
                    $aErr = $this->helperCustomer->validateCustomerForm($this->config->getLang(), $aErr, true);

                    if (empty($aErr)) {
                        if ($this->config->getCustomer('allow_edituserprofile')) {
                            $aData = [
                                //'cust_email' => $sEmail, // disabled until renwewd email verification implemented
                                'cust_corp' => filter_var(trim(Tools::getFormfield('corpname')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_name' => filter_var(trim(Tools::getFormfield('name')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_street' => filter_var(trim(Tools::getFormfield('street')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_zip' => filter_var(trim(Tools::getFormfield('zip')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_town' => filter_var(trim(Tools::getFormfield('town')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_phone' => filter_var(trim(Tools::getFormfield('phone')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_cellphone' => filter_var(trim(Tools::getFormfield('cellphone')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_fax' => filter_var(trim(Tools::getFormfield('fax')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                                'cust_country' => filter_var(trim(Tools::getFormfield('country')), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW),
                            ];
                        }
                        $postpwd = filter_input(INPUT_POST, 'pwd');
                        if (!empty($postpwd)) {
                            $aData['cust_password'] = password_hash($postpwd, PASSWORD_DEFAULT);
                            $aPData['infopasswordchanged'] = true;
                        }
                        $aData['cust_id'] = $_SESSION['user']['cust_id'];

                        if (count($aData) > 1) {
                            $sql = \HaaseIT\Toolbox\DBTools::buildPSUpdateQuery($aData, 'customer', 'cust_id');
                            $hResult = $this->db->prepare($sql);
                            foreach ($aData as $sKey => $sValue) {
                                $hResult->bindValue(':'.$sKey, $sValue);
                            }
                            $hResult->execute();
                            $aPData['infochangessaved'] = true;
                        } else {
                            $aPData['infonothingchanged'] = true;
                        }
                    }
                }
                $this->P->cb_customdata['customerform'] = $this->helperCustomer->buildCustomerForm(
                    $this->config->getLang(),
                    'editprofile',
                    $aErr
                );
                //if (HelperConfig::$customer["allow_edituserprofile"]) $P["lang"]["cl_html"] .= '<br>'.$this->textcats->T("userprofile_infoeditemail"); // Future implementation
            } else {
                $this->P->cb_customdata['customerform'] = $this->helperCustomer->buildCustomerForm(
                    $this->config->getLang(),
                    'userhome'
                );
            }
            $aPData['showprofilelinks'] = false;
            if (filter_input(INPUT_GET, 'editprofile') === null) {
                $aPData['showprofilelinks'] = true;
            }
            if (isset($aPData) && count($aPData)) {
                $this->P->cb_customdata['userhome'] = $aPData;
            }
        }
    }
}