| 1: | <?php
|
| 2: | namespace Opencart\Catalog\Model\Account;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Customer extends \Opencart\System\Engine\Model {
|
| 9: | |
| 10: | |
| 11: | |
| 12: | |
| 13: | |
| 14: | |
| 15: |
|
| 16: | public function addCustomer(array $data): int {
|
| 17: | if (isset($data['customer_group_id']) && is_array($this->config->get('config_customer_group_display')) && in_array($data['customer_group_id'], $this->config->get('config_customer_group_display'))) {
|
| 18: | $customer_group_id = (int)$data['customer_group_id'];
|
| 19: | } else {
|
| 20: | $customer_group_id = (int)$this->config->get('config_customer_group_id');
|
| 21: | }
|
| 22: |
|
| 23: | $this->load->model('account/customer_group');
|
| 24: |
|
| 25: | $customer_group_info = $this->model_account_customer_group->getCustomerGroup($customer_group_id);
|
| 26: |
|
| 27: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer` SET `customer_group_id` = '" . (int)$customer_group_id . "', `store_id` = '" . (int)$this->config->get('config_store_id') . "', `language_id` = '" . (int)$this->config->get('config_language_id') . "', `firstname` = '" . $this->db->escape($data['firstname']) . "', `lastname` = '" . $this->db->escape($data['lastname']) . "', `email` = '" . $this->db->escape(oc_strtolower($data['email'])) . "', `telephone` = '" . $this->db->escape($data['telephone']) . "', `custom_field` = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "', `password` = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `newsletter` = '" . (isset($data['newsletter']) ? (int)$data['newsletter'] : 0) . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', `status` = '" . (int)!$customer_group_info['approval'] . "', `date_added` = NOW()");
|
| 28: |
|
| 29: | $customer_id = $this->db->getLastId();
|
| 30: |
|
| 31: | if ($customer_group_info['approval']) {
|
| 32: | $this->load->model('account/approval');
|
| 33: |
|
| 34: | $this->model_account_approval->addApproval($customer_id, 'customer');
|
| 35: | }
|
| 36: |
|
| 37: | return $customer_id;
|
| 38: | }
|
| 39: |
|
| 40: | |
| 41: | |
| 42: | |
| 43: | |
| 44: | |
| 45: | |
| 46: | |
| 47: |
|
| 48: | public function editCustomer(int $customer_id, array $data): void {
|
| 49: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `firstname` = '" . $this->db->escape($data['firstname']) . "', `lastname` = '" . $this->db->escape($data['lastname']) . "', `email` = '" . $this->db->escape(oc_strtolower($data['email'])) . "', `telephone` = '" . $this->db->escape($data['telephone']) . "', `custom_field` = '" . $this->db->escape(isset($data['custom_field']) ? json_encode($data['custom_field']) : '') . "' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 50: | }
|
| 51: |
|
| 52: | |
| 53: | |
| 54: | |
| 55: | |
| 56: | |
| 57: | |
| 58: | |
| 59: |
|
| 60: | public function editPassword(string $email, string $password): void {
|
| 61: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `password` = '" . $this->db->escape(password_hash(html_entity_decode($password, ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `code` = '' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 62: | }
|
| 63: |
|
| 64: | |
| 65: | |
| 66: | |
| 67: | |
| 68: | |
| 69: | |
| 70: | |
| 71: |
|
| 72: | public function editCode(string $email, string $code): void {
|
| 73: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `code` = '" . $this->db->escape($code) . "' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 74: | }
|
| 75: |
|
| 76: | |
| 77: | |
| 78: | |
| 79: | |
| 80: | |
| 81: | |
| 82: | |
| 83: |
|
| 84: | public function editToken(string $email, string $token): void {
|
| 85: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `token` = '" . $this->db->escape($token) . "' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 86: | }
|
| 87: |
|
| 88: | |
| 89: | |
| 90: | |
| 91: | |
| 92: | |
| 93: | |
| 94: | |
| 95: |
|
| 96: | public function editNewsletter(int $customer_id, bool $newsletter): void {
|
| 97: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `newsletter` = '" . (bool)$newsletter . "' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 98: | }
|
| 99: |
|
| 100: | |
| 101: | |
| 102: | |
| 103: | |
| 104: | |
| 105: | |
| 106: |
|
| 107: | public function deleteCustomer(int $customer_id): void {
|
| 108: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 109: |
|
| 110: | $this->load->model('account/activity');
|
| 111: |
|
| 112: | $this->model_account_activity->deleteActivities($customer_id);
|
| 113: |
|
| 114: | $this->load->model('account/address');
|
| 115: |
|
| 116: | $this->model_account_address->deleteAddresses($customer_id);
|
| 117: |
|
| 118: | $this->load->model('account/affiliate');
|
| 119: |
|
| 120: | $this->model_account_affiliate->deleteAffiliate($customer_id);
|
| 121: |
|
| 122: | $this->load->model('account/approval');
|
| 123: |
|
| 124: | $this->model_account_approval->deleteApprovals($customer_id);
|
| 125: |
|
| 126: | $this->load->model('account/reward');
|
| 127: |
|
| 128: | $this->model_account_reward->deleteRewards($customer_id);
|
| 129: |
|
| 130: | $this->load->model('account/transaction');
|
| 131: |
|
| 132: | $this->model_account_transaction->deleteTransactions($customer_id);
|
| 133: |
|
| 134: | $this->load->model('account/wishlist');
|
| 135: |
|
| 136: | $this->model_account_wishlist->deleteWishlists($customer_id);
|
| 137: |
|
| 138: | $this->deleteHistories($customer_id);
|
| 139: | $this->deleteIps($customer_id);
|
| 140: | $this->deleteAuthorizes($customer_id);
|
| 141: | }
|
| 142: |
|
| 143: | |
| 144: | |
| 145: | |
| 146: | |
| 147: | |
| 148: | |
| 149: |
|
| 150: | public function getCustomer(int $customer_id): array {
|
| 151: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 152: |
|
| 153: | if ($query->num_rows) {
|
| 154: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
| 155: | } else {
|
| 156: | return [];
|
| 157: | }
|
| 158: | }
|
| 159: |
|
| 160: | |
| 161: | |
| 162: | |
| 163: | |
| 164: | |
| 165: | |
| 166: |
|
| 167: | public function getCustomerByEmail(string $email): array {
|
| 168: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 169: |
|
| 170: | if ($query->num_rows) {
|
| 171: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
| 172: | } else {
|
| 173: | return [];
|
| 174: | }
|
| 175: | }
|
| 176: |
|
| 177: | |
| 178: | |
| 179: | |
| 180: | |
| 181: | |
| 182: | |
| 183: |
|
| 184: | public function getCustomerByCode(string $code): array {
|
| 185: | $query = $this->db->query("SELECT `customer_id`, `firstname`, `lastname`, `email` FROM `" . DB_PREFIX . "customer` WHERE `code` = '" . $this->db->escape($code) . "' AND `code` != ''");
|
| 186: |
|
| 187: | if ($query->num_rows) {
|
| 188: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
| 189: | } else {
|
| 190: | return [];
|
| 191: | }
|
| 192: | }
|
| 193: |
|
| 194: | |
| 195: | |
| 196: | |
| 197: | |
| 198: | |
| 199: | |
| 200: |
|
| 201: | public function getCustomerByToken(string $token): array {
|
| 202: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer` WHERE `token` = '" . $this->db->escape($token) . "' AND `token` != ''");
|
| 203: |
|
| 204: | if ($query->num_rows) {
|
| 205: | $this->db->query("UPDATE `" . DB_PREFIX . "customer` SET `token` = '' WHERE `customer_id` = '" . (int)$query->row['customer_id'] . "'");
|
| 206: |
|
| 207: | return $query->row + ['custom_field' => json_decode($query->row['custom_field'], true)];
|
| 208: | } else {
|
| 209: | return [];
|
| 210: | }
|
| 211: | }
|
| 212: |
|
| 213: | |
| 214: | |
| 215: | |
| 216: | |
| 217: | |
| 218: | |
| 219: |
|
| 220: | public function getTotalCustomersByEmail(string $email): int {
|
| 221: | $query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "customer` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 222: |
|
| 223: | return (int)$query->row['total'];
|
| 224: | }
|
| 225: |
|
| 226: | |
| 227: | |
| 228: | |
| 229: | |
| 230: | |
| 231: | |
| 232: |
|
| 233: | public function deleteHistory(int $customer_id): void {
|
| 234: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_history` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 235: | }
|
| 236: |
|
| 237: | |
| 238: | |
| 239: | |
| 240: | |
| 241: | |
| 242: | |
| 243: |
|
| 244: | public function deleteIp(int $customer_id): void {
|
| 245: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 246: | }
|
| 247: |
|
| 248: | |
| 249: | |
| 250: | |
| 251: | |
| 252: | |
| 253: | |
| 254: |
|
| 255: | public function getIps(int $customer_id): array {
|
| 256: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 257: |
|
| 258: | return $query->rows;
|
| 259: | }
|
| 260: |
|
| 261: | |
| 262: | |
| 263: | |
| 264: | |
| 265: | |
| 266: | |
| 267: |
|
| 268: | public function getTotalIps(int $customer_id): int {
|
| 269: | $query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "customer_ip` WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 270: |
|
| 271: | return (int)$query->row['total'];
|
| 272: | }
|
| 273: |
|
| 274: | |
| 275: | |
| 276: | |
| 277: | |
| 278: | |
| 279: | |
| 280: | |
| 281: | |
| 282: |
|
| 283: | public function addLogin(int $customer_id, string $ip, string $country = ''): void {
|
| 284: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_ip` SET `customer_id` = '" . (int)$customer_id . "', `store_id` = '" . (int)$this->config->get('config_store_id') . "', `ip` = '" . $this->db->escape($ip) . "', `country` = '" . $this->db->escape($country) . "', `date_added` = NOW()");
|
| 285: | }
|
| 286: |
|
| 287: | |
| 288: | |
| 289: | |
| 290: | |
| 291: | |
| 292: | |
| 293: |
|
| 294: | public function addLoginAttempt(string $email): void {
|
| 295: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower((string)$email)) . "' AND `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'");
|
| 296: |
|
| 297: | if (!$query->num_rows) {
|
| 298: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_login` SET `email` = '" . $this->db->escape(oc_strtolower((string)$email)) . "', `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', `total` = '1', `date_added` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "', `date_modified` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "'");
|
| 299: | } else {
|
| 300: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_login` SET `total` = (`total` + 1), `date_modified` = '" . $this->db->escape(date('Y-m-d H:i:s')) . "' WHERE `customer_login_id` = '" . (int)$query->row['customer_login_id'] . "'");
|
| 301: | }
|
| 302: | }
|
| 303: |
|
| 304: | |
| 305: | |
| 306: | |
| 307: | |
| 308: | |
| 309: | |
| 310: |
|
| 311: | public function deleteLoginAttempts(string $email): void {
|
| 312: | $this->db->query("DELETE FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 313: | }
|
| 314: |
|
| 315: | |
| 316: | |
| 317: | |
| 318: | |
| 319: | |
| 320: | |
| 321: |
|
| 322: | public function getLoginAttempts(string $email): array {
|
| 323: | $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_login` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
| 324: |
|
| 325: | return $query->row;
|
| 326: | }
|
| 327: |
|
| 328: | |
| 329: | |
| 330: | |
| 331: | |
| 332: | |
| 333: | |
| 334: | |
| 335: |
|
| 336: | public function addAuthorize(int $customer_id, array $data): void {
|
| 337: | $this->db->query("INSERT INTO `" . DB_PREFIX . "customer_authorize` SET `customer_id` = '" . (int)$customer_id . "', `token` = '" . $this->db->escape($data['token']) . "', `ip` = '" . $this->db->escape($data['ip']) . "', `user_agent` = '" . $this->db->escape($data['user_agent']) . "', `date_added` = NOW()");
|
| 338: | }
|
| 339: |
|
| 340: | |
| 341: | |
| 342: | |
| 343: | |
| 344: | |
| 345: | |
| 346: | |
| 347: |
|
| 348: | public function editAuthorizeStatus(int $customer_authorize_id, bool $status): void {
|
| 349: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `status` = '" . (bool)$status . "' WHERE `customer_authorize_id` = '" . (int)$customer_authorize_id . "'");
|
| 350: | }
|
| 351: |
|
| 352: | |
| 353: | |
| 354: | |
| 355: | |
| 356: | |
| 357: | |
| 358: | |
| 359: |
|
| 360: | public function editAuthorizeTotal(int $customer_authorize_id, int $total): void {
|
| 361: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `total` = '" . (int)$total . "' WHERE `customer_authorize_id` = '" . (int)$customer_authorize_id . "'");
|
| 362: | }
|
| 363: |
|
| 364: | |
| 365: | |
| 366: | |
| 367: | |
| 368: | |
| 369: | |
| 370: | |
| 371: |
|
| 372: | public function deleteAuthorize(int $customer_id, int $customer_authorize_id = 0): void {
|
| 373: | $sql = "DELETE FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "'";
|
| 374: |
|
| 375: | if ($customer_authorize_id) {
|
| 376: | $sql .= " AND `customer_authorize_id` = '" . (int)$customer_authorize_id . "'";
|
| 377: | }
|
| 378: |
|
| 379: | $this->db->query($sql);
|
| 380: | }
|
| 381: |
|
| 382: | |
| 383: | |
| 384: | |
| 385: | |
| 386: | |
| 387: | |
| 388: | |
| 389: |
|
| 390: | public function getAuthorizeByToken(int $customer_id, string $token): array {
|
| 391: | $query = $this->db->query("SELECT *, (SELECT SUM(`total`) FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "') AS `attempts` FROM `" . DB_PREFIX . "customer_authorize` WHERE `customer_id` = '" . (int)$customer_id . "' AND `token` = '" . $this->db->escape($token) . "'");
|
| 392: |
|
| 393: | return $query->row;
|
| 394: | }
|
| 395: |
|
| 396: | |
| 397: | |
| 398: | |
| 399: | |
| 400: | |
| 401: | |
| 402: |
|
| 403: | public function resetAuthorizes(int $customer_id): void {
|
| 404: | $this->db->query("UPDATE `" . DB_PREFIX . "customer_authorize` SET `total` = '0' WHERE `customer_id` = '" . (int)$customer_id . "'");
|
| 405: | }
|
| 406: | }
|
| 407: | |