From 9a723dcbc61944a87999b3f2c9dbfd84d33ecf9a Mon Sep 17 00:00:00 2001 From: root Date: Tue, 25 Jul 2017 16:54:35 +0200 Subject: [PATCH 1/4] fix philea from prod --- .../philea_magistor/AdminPhileaMagistor.php | 4 +- .../philea_magistor/script/connection_ftp.php | 14 +++- .../script/recept_reception.php | 5 +- .../philea_magistor/script/send_commande.php | 81 +++++++++---------- 4 files changed, 54 insertions(+), 50 deletions(-) diff --git a/modules/philea_magistor/AdminPhileaMagistor.php b/modules/philea_magistor/AdminPhileaMagistor.php index 4f9956d0..f0cddf6b 100644 --- a/modules/philea_magistor/AdminPhileaMagistor.php +++ b/modules/philea_magistor/AdminPhileaMagistor.php @@ -728,8 +728,8 @@ class AdminPhileaMagistor extends AdminTab { '; if(!empty($crr_report)) { foreach($crr_report as $key => $report) { - $received = (Array)json_decode($report['quantity_received']); - $expected = (Array)json_decode($report['quantity_expected']); + $received = (Array)json_decode($report['quantity_received'],true); + $expected = (Array)json_decode($report['quantity_expected'],true); $btn='primary'; if((int)$report['status'] == 2){ $btn='danger'; diff --git a/modules/philea_magistor/script/connection_ftp.php b/modules/philea_magistor/script/connection_ftp.php index 268e0581..8105ac1d 100644 --- a/modules/philea_magistor/script/connection_ftp.php +++ b/modules/philea_magistor/script/connection_ftp.php @@ -1,9 +1,13 @@ active) { continue; } $sales[$id_sale] = array( - 'expected' => (Array)json_decode($query_stock['quantity_expected']), - 'received' => (Array)json_decode($query_stock['quantity_received']), + 'expected' => (Array)json_decode($query_stock['quantity_expected'],true), + 'received' => (Array)json_decode($query_stock['quantity_received'],true), 'status' => ($query_stock['status'] == 0 ? 1:$query_stock['status']) ); } @@ -167,7 +167,6 @@ if($magistorModule->active) { WHERE `id_sale` = '.(int)$id_sale.' LIMIT 1 '); - echo '
';var_dump($query);echo '
';die(); } // CLEAN FILE diff --git a/modules/philea_magistor/script/send_commande.php b/modules/philea_magistor/script/send_commande.php index 03a20be6..da399ab5 100644 --- a/modules/philea_magistor/script/send_commande.php +++ b/modules/philea_magistor/script/send_commande.php @@ -186,7 +186,7 @@ if($magistorModule->active) { continue; }*/ $carriers_socol = array(67,87,88,89); - //$carriers_mr = array(90); // fake data + $carriers_mr = array(91); $customer = new Customer($order->id_customer); $address_invoice = new Address($order->id_address_invoice); @@ -208,22 +208,21 @@ if($magistorModule->active) { } $prid = $delivery_info['prid']; } + } elseif(in_array((int) $order->id_carrier, $carriers_mr)) { + /* MONDIAL RELAY */ + $delivery_info = $db->getRow(' + SELECT mr_m.`col_mode`, mr_m.`dlv_mode`, mr_s.* + FROM `'._DB_PREFIX_.'mr_selected` mr_s + LEFT JOIN `'._DB_PREFIX_.'mr_method` mr_m ON (mr_m.`id_mr_method` = mr_s.`id_method`) + WHERE mr_s.`id_cart` = '.(int) $order->id_cart.' + AND mr_m.`id_carrier` = '.(int) $order->id_carrier.' + AND `MR_Selected_Num` IS NOT NULL + '); + if($delivery_info) { + $carrier_value = $mr_to_magistor[$delivery_info['dlv_mode']]; + $prid = substr($delivery_info['MR_Selected_Num'], -5); + } } - //elseif(in_array((int) $order->id_carrier, $carriers_mr) { - // /* MONDIAL RELAY */ - // $delivery_info = $db->getRow(' - // SELECT mr_m.`col_mode`, mr_m.`dlv_mode`, mr_s.* - // FROM `'._DB_PREFIX_.'mr_selected` mr_s - // LEFT JOIN `'._DB_PREFIX_.'mr_method` mr_m ON (mr_m.`id_mr_method` = mr_s.`id_method`) - // WHERE mr_s.`id_cart` = '.(int) $order->id_cart.' - // AND mr_m.`id_carrier` = '.(int) $order->id_carrier.' - // AND `MR_Selected_Num` IS NOT NULL - // '); - // if($delivery_info) { - // $carrier_value = $mr_to_magistor[$delivery_info['dlv_mode']]; - // $prid = substr($delivery_info['MR_Selected_Num'], -5); - // } - // } if(!$carrier_value) { @@ -267,13 +266,13 @@ if($magistorModule->active) { $data .= str_pad(substr(utf8_decode(cleanChar($address_invoice->firstname.' '.$address_invoice->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); } // LIVRAISON DOMICILE MONDIAL RELAY - // elseif(in_array((int) $order->id_carrier, $carriers_mr) - // && $delivery_info - // && in_array($delivery_info['dlv_mode'], array('LD1', 'LDS', 'HOM')) - // ) { - // $data .= str_pad(substr(utf8_decode(cleanChars($address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // $data .= str_pad(substr(utf8_decode(cleanChars($address_invoice->firstname.' '.$address_invoice->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // } + elseif(in_array((int) $order->id_carrier, $carriers_mr) + && $delivery_info + && in_array($delivery_info['dlv_mode'], array('LD1', 'LDS', 'HOM')) + ) { + $data .= str_pad(substr(utf8_decode(cleanChar($address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); + $data .= str_pad(substr(utf8_decode(cleanChar($address_invoice->firstname.' '.$address_invoice->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); + } else { $data .= str_pad(substr(utf8_decode(cleanChar($address_delivery->firstname.' '.$address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); $data .= str_pad(substr(utf8_decode(cleanChar($address_delivery->company)), 0, 50), 50, ' ', STR_PAD_RIGHT); @@ -306,24 +305,24 @@ if($magistorModule->active) { $data .= str_pad('', 50, ' ', STR_PAD_RIGHT); } // LIVRAISON MONDIAL RELAY - // elseif (in_array((int) $order->id_carrier, $carriers_mr) && $delivery_info) { - // // MR DOMICILE - // if (in_array($delivery_info['dlv_mode'], array('LD1', 'LDS', 'HOM'))){ - // $data .= str_pad( substr(utf8_decode(cleanChars($address_delivery->firstname.' '.$address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // $data .= str_pad( substr(utf8_decode(cleanChars($address_delivery->company)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // } else { - // $data .= str_pad( substr(utf8_decode(cleanChars($address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // $data .= str_pad( substr(utf8_decode(cleanChars($address_invoice->firstname.' '.$address_invoice->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); - // } - // $data .= str_pad( substr(utf8_decode($address_delivery->address1),0,50), 50, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( substr(utf8_decode($address_delivery->address2),0,50), 50, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( substr(utf8_decode(cleanChar($address_delivery->other)),0,50), 50, ' ', STR_PAD_RIGHT );//ADRESSE 3 - // $data .= str_pad( substr(utf8_decode($address_delivery->postcode),0,8), 8, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( substr(utf8_decode($address_delivery->city),0,50), 50, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( utf8_decode($db->getValue('SELECT iso_code FROM `'._DB_PREFIX_.'country` WHERE id_country = '.$address_delivery->id_country)), 50, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( (isset($address_delivery->phone_mobile)?$address_delivery->phone_mobile:$address_delivery->phone), 50, ' ', STR_PAD_RIGHT ); - // $data .= str_pad( '', 50, ' ', STR_PAD_RIGHT ); - // } + elseif (in_array((int) $order->id_carrier, $carriers_mr) && $delivery_info) { + // MR DOMICILE + if (in_array($delivery_info['dlv_mode'], array('LD1', 'LDS', 'HOM'))){ + $data .= str_pad( substr(utf8_decode(cleanChar($address_delivery->firstname.' '.$address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); + $data .= str_pad( substr(utf8_decode(cleanChar($address_delivery->company)), 0, 50), 50, ' ', STR_PAD_RIGHT); + } else { + $data .= str_pad( substr(utf8_decode(cleanChar($address_delivery->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); + $data .= str_pad( substr(utf8_decode(cleanChar($address_invoice->firstname.' '.$address_invoice->lastname)), 0, 50), 50, ' ', STR_PAD_RIGHT); + } + $data .= str_pad( substr(utf8_decode($address_delivery->address1),0,50), 50, ' ', STR_PAD_RIGHT ); + $data .= str_pad( substr(utf8_decode($address_delivery->address2),0,50), 50, ' ', STR_PAD_RIGHT ); + $data .= str_pad( substr(utf8_decode(cleanChar($address_delivery->other)),0,50), 50, ' ', STR_PAD_RIGHT );//ADRESSE 3 + $data .= str_pad( substr(utf8_decode($address_delivery->postcode),0,8), 8, ' ', STR_PAD_RIGHT ); + $data .= str_pad( substr(utf8_decode($address_delivery->city),0,50), 50, ' ', STR_PAD_RIGHT ); + $data .= str_pad( utf8_decode($db->getValue('SELECT iso_code FROM `'._DB_PREFIX_.'country` WHERE id_country = '.$address_delivery->id_country)), 50, ' ', STR_PAD_RIGHT ); + $data .= str_pad( (isset($address_delivery->phone_mobile)?$address_delivery->phone_mobile:$address_delivery->phone), 50, ' ', STR_PAD_RIGHT ); + $data .= str_pad( '', 50, ' ', STR_PAD_RIGHT ); + } // LIVRAISON DOMICILE else{ $data .= str_pad( '', 50, ' ', STR_PAD_RIGHT); From e75e1e61bbb9b135d409f2a8bd36c59a2b30e905 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 25 Jul 2017 16:56:59 +0200 Subject: [PATCH 2/4] fix from prod --- adm/mraddressedit.php | 141 ++++++++++++--------- modules/logistics/AdminLogistics.php | 111 +++++++++------- modules/mondialrelay/es.php | 30 ++++- modules/philea_magistor/cron.php | 5 +- modules/philea_magistor/cron_auto_sync.php | 2 +- modules/privatesales/Sale.php | 2 + 6 files changed, 178 insertions(+), 113 deletions(-) diff --git a/adm/mraddressedit.php b/adm/mraddressedit.php index bdb22f47..f84680a7 100644 --- a/adm/mraddressedit.php +++ b/adm/mraddressedit.php @@ -251,75 +251,98 @@ function updateForm(delivery_mode, address1, address2, address3, address4, postc $("input[name=MR_Selected_Ville]").val(city); $("input[name=MR_Selected_Num]").val(prid); } +function displayMap(results, status, is_city) { + if ( status === "OK" ) { + var lat = null; + var lng = null; + + if(results[0].geometry.location.H) { + lat = results[0].geometry.location.H; + lng = results[0].geometry.location.L; + } else if(results[0].geometry.location.G) { + lat = results[0].geometry.location.G; + lng = results[0].geometry.location.K; + } else { + var loc = results[0].geometry.location.toString().replace("(", "").replace(")", "").replace(" ", "").split(","); + lat = loc[0]; + lng = loc[1]; + } + + if(!is_city) { + $("#map_canvas").gmap("addMarker", {"icon": "http://static.privatesportshop.com/img/admin/marker_home.png", "idpr": "pr_home", "position": lat + "," + lng, "bounds": true}).click(function() { + $("#map_canvas").gmap("openInfoWindow", {"content": "Adresse actuelle"}, this); + }); + } + + '; + + for($i= 0, $l = count($relay_points); $i < $l; $i++) { + $relay = $relay_points[$i]; + + if($relay->Pays == "") { + continue; + } + + echo ' + $("#map_canvas").gmap("search", {"address": "'.htmlentities(preg_replace('/(, ){2,}/', ', ', preg_replace('/(, ){2,}/', ', ', implode(', ', array(trim($relay->LgAdr3), trim($relay->LgAdr2), trim($relay->LgAdr4), trim($relay->CP).' '.trim($relay->Ville), Country::getNameById(2, $relay->Pays != 'FR'? Country::getByIso($relay->Pays): 8))))), ENT_COMPAT | ENT_HTML401, 'UTF-8').'"}, function(results, status) { + if ( status === "OK" ) { + var lat = null; + var lng = null; + + if(results[0].geometry.location.H) { + lat = results[0].geometry.location.H; + lng = results[0].geometry.location.L; + } else if(results[0].geometry.location.G) { + lat = results[0].geometry.location.G; + lng = results[0].geometry.location.K; + } else { + var loc = results[0].geometry.location.toString().replace("(", "").replace(")", "").replace(" ", "").split(","); + lat = loc[0]; + lng = loc[1]; + } + + var prtext = ["", "'.htmlentities(trim($relay->LgAdr1), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr2), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr3), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr4), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities($relay->CP, ENT_COMPAT | ENT_HTML401, 'UTF-8').' '.htmlentities($relay->Ville, ENT_COMPAT | ENT_HTML401, 'UTF-8').'"].filter(function(x) { return x != ""; }).join("
"); + var prtext_action = "
Sélectionner"; + + markers.push($("#map_canvas").gmap("addMarker", { "id": "pr_'.htmlentities($relay->Num, ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "position": lat + "," +lng, "bounds": true, "content": prtext + prtext_action })); + markers[markers.length - 1].click(function() { + $("#map_canvas").gmap("openInfoWindow", {"content": $(this).attr("content")}, this); + }); + + var litem = $("
  • ").attr("data-index", '.$i.').html(prtext).click(function() { + $.each(markers, function(id, el) { + if(el[0].id == "pr_'.htmlentities(trim($relay->Num), ENT_COMPAT | ENT_HTML401, 'UTF-8').'") { + google.maps.event.trigger(el[0], "click"); + } + }); + $("#map_canvas").gmap("option", "center", markers[parseInt($(this).attr("data-index"))][0].getPosition()); + updateForm("24R", "'.htmlentities(trim($relay->LgAdr1), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr2), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr3), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr4), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->CP), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->Ville), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->Num), ENT_COMPAT | ENT_HTML401, 'UTF-8').'"); + }); + + $("#pr_list ul").append(litem); + } + });'; + } + echo ' + } +} + $(document).ready(function() { delivery_modes = {}; $("select[name=delivery_mode] option").each(function(id, el) { delivery_modes[$(el).attr("value")] = $(el).text(); }); + $("#map_canvas").gmap('.($pr_coords? '{ "center": "'.(float) $pr_coords['xcoords'].','.(float) $pr_coords['ycoords'].'" }': '').').bind("init", function(ev, map) {'; $current_address = htmlentities(preg_replace('/(, ){2,}/', ', ', preg_replace('/(, ){2,}/', ', ', implode(', ', array(trim($deliv_address['address1']), trim($deliv_address['address2'])))).', '.trim($deliv_address['postcode']).' '.$deliv_address['city'].', '.Country::getNameById(2, $deliv_address['id_country'])), ENT_COMPAT | ENT_HTML401, 'UTF-8'); echo ' $("#map_canvas").gmap("search", {"address": "'.$current_address.'"}, function(results, status) { - if ( status === "OK" ) { - var lat = null; - var lng = null; - if(results[0].geometry.location.H) { - lat = results[0].geometry.location.H; - lng = results[0].geometry.location.L; - } else if(results[0].geometry.location.G) { - lat = results[0].geometry.location.G; - lng = results[0].geometry.location.K; - } else { - var loc = results[0].geometry.location.toString().replace("(", "").replace(")", "").replace(" ", "").split(","); - lat = loc[0]; - lng = loc[1]; - } - $("#map_canvas").gmap("addMarker", {"icon": "http://static.privatesportshop.com/img/admin/marker_home.png", "idpr": "pr_home", "position": lat + "," + lng, "bounds": true}).click(function() { - $("#map_canvas").gmap("openInfoWindow", {"content": "Adresse actuelle"}, this); + if(results.length == 0) { + $("#map_canvas").gmap("search", {"address": "'.htmlentities(trim($deliv_address['postcode']).' '.$deliv_address['city'].', '.Country::getNameById(2, $deliv_address['id_country']), ENT_COMPAT | ENT_HTML401, 'UTF-8').'"}, function(results, status) { + displayMap(results, status, true); }); - '; - for($i= 0, $l = count($relay_points); $i < $l; $i++) { - $relay = $relay_points[$i]; - if($relay->Pays == "") { - continue; - } - echo ' - $("#map_canvas").gmap("search", {"address": "'.htmlentities(preg_replace('/(, ){2,}/', ', ', preg_replace('/(, ){2,}/', ', ', implode(', ', array(trim($relay->LgAdr3), trim($relay->LgAdr2), trim($relay->LgAdr4), trim($relay->CP).' '.trim($relay->Ville), Country::getNameById(2, $relay->Pays != 'FR'? Country::getByIso($relay->Pays): 8))))), ENT_COMPAT | ENT_HTML401, 'UTF-8').'"}, function(results, status) { - if ( status === "OK" ) { - var lat = null; - var lng = null; - if(results[0].geometry.location.H) { - lat = results[0].geometry.location.H; - lng = results[0].geometry.location.L; - } else if(results[0].geometry.location.G) { - lat = results[0].geometry.location.G; - lng = results[0].geometry.location.K; - } else { - var loc = results[0].geometry.location.toString().replace("(", "").replace(")", "").replace(" ", "").split(","); - lat = loc[0]; - lng = loc[1]; - } - var prtext = ["", "'.htmlentities(trim($relay->LgAdr1), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr2), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr3), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr4), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities($relay->CP, ENT_COMPAT | ENT_HTML401, 'UTF-8').' '.htmlentities($relay->Ville, ENT_COMPAT | ENT_HTML401, 'UTF-8').'"].filter(function(x) { return x != ""; }).join("
    "); - var prtext_action = "
    Sélectionner"; - markers.push($("#map_canvas").gmap("addMarker", { "id": "pr_'.htmlentities($relay->Num, ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "position": lat + "," +lng, "bounds": true, "content": prtext + prtext_action })); - markers[markers.length - 1].click(function() { - $("#map_canvas").gmap("openInfoWindow", {"content": $(this).attr("content")}, this); - }); - var litem = $("
  • ").attr("data-index", '.$i.').html(prtext).click(function() { - $.each(markers, function(id, el) { - if(el[0].id == "pr_'.htmlentities(trim($relay->Num), ENT_COMPAT | ENT_HTML401, 'UTF-8').'") { - google.maps.event.trigger(el[0], "click"); - } - }); - $("#map_canvas").gmap("option", "center", markers[parseInt($(this).attr("data-index"))][0].getPosition()); - updateForm("24R", "'.htmlentities(trim($relay->LgAdr1), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr2), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr3), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->LgAdr4), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->CP), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->Ville), ENT_COMPAT | ENT_HTML401, 'UTF-8').'", "'.htmlentities(trim($relay->Num), ENT_COMPAT | ENT_HTML401, 'UTF-8').'"); - }); - $("#pr_list ul").append(litem); - } - }); - '; - } - echo ' + } else { + displayMap(results, status); } }); }); diff --git a/modules/logistics/AdminLogistics.php b/modules/logistics/AdminLogistics.php index 5ddedf38..fa90efe2 100644 --- a/modules/logistics/AdminLogistics.php +++ b/modules/logistics/AdminLogistics.php @@ -274,50 +274,61 @@ class AdminLogistics extends AdminTab { $order = new Order((int) $id_order); if(Validate::isLoadedObject($order)) { $parcel_carrier == 'laposte'? $weight = 0.24: TRUE; - $result = $logistics_carriers[$parcel_carrier]->registerParcel($order, $products, $weight); - if($result[0] != '') { - $this->_html .= $result[0]; - return; - } - - $render = $logistics_carriers[$parcel_carrier]->renderLabel($order, $weight, $result[1]); - - if($render === 'pr_error') { - $this->_html .= '

    '.$this->l('Unknown delivery point').'


    '; - } elseif($render === 'route_error') { - $this->_html .= '

    '.$this->l('Route not found').'


    '; - } elseif($render !== FALSE) { - $this->printLabel($render); - - $this->_html .= '

    '.$this->l('Registration complete, label sent to printer').'


    '; - - if($_SERVER['REMOTE_ADDR'] != '109.190.53.175' - && $_SERVER['REMOTE_ADDR'] != '78.226.56.137' - && $_SERVER['REMOTE_ADDR'] != '88.163.22.223' - && $_SERVER['REMOTE_ADDR'] != '37.160.139.229' - && substr($_SERVER['REMOTE_ADDR'], 0, 2) != '37') { - - $products_names = array(); - foreach(Db::getInstance()->ExecuteS(' - SELECT `id_order_detail`, `product_name` - FROM `'._DB_PREFIX_.'order_detail` - WHERE `id_order_detail` IN ('.implode(', ', array_keys($products)).') - ') as $p) { - $products_names[(int) $p['id_order_detail']] = $p['product_name']; - } - - $logistics_carriers[$parcel_carrier]->logParcel($result[1], $products); - - foreach($products as $k => $v) { - if($v > 0) { - $products_sent .= '
    '."\r\n".$v.' x '.(isset($products_names[$k])? $products_names[$k]: '--'); - } - } - - $logistics_carriers[$parcel_carrier]->addOrderHistory($result[1], $order, $products_sent); + if($parcel_carrier == "laposte") { + $result = $logistics_carriers[$parcel_carrier]->registerParcel($order, $products, $weight); + if($result[0] != '') { + $this->_html .= $result[0]; + return; } - } else { - $this->html .= '

    '.$this->l('An error happened during the label rendering').'


    '; + + $render = $logistics_carriers[$parcel_carrier]->renderLabel($order, $weight, $result[1]); + + if($render === 'pr_error') { + $this->_html .= '

    '.$this->l('Unknown delivery point').'


    '; + } elseif($render === 'route_error') { + $this->_html .= '

    '.$this->l('Route not found').'


    '; + } elseif($render !== FALSE) { + $this->printLabel($render); + + $this->_html .= '

    '.$this->l('Registration complete, label sent to printer').'


    '; + + if($_SERVER['REMOTE_ADDR'] != '109.190.53.175' + && $_SERVER['REMOTE_ADDR'] != '78.226.56.137' + && $_SERVER['REMOTE_ADDR'] != '88.163.22.223' + && $_SERVER['REMOTE_ADDR'] != '37.160.139.229' + && substr($_SERVER['REMOTE_ADDR'], 0, 2) != '37') { + + $products_names = array(); + foreach(Db::getInstance()->ExecuteS(' + SELECT `id_order_detail`, `product_name` + FROM `'._DB_PREFIX_.'order_detail` + WHERE `id_order_detail` IN ('.implode(', ', array_keys($products)).') + ') as $p) { + $products_names[(int) $p['id_order_detail']] = $p['product_name']; + } + + $logistics_carriers[$parcel_carrier]->logParcel($result[1], $products); + + foreach($products as $k => $v) { + if($v > 0) { + $products_sent .= '
    '."\r\n".$v.' x '.(isset($products_names[$k])? $products_names[$k]: '--'); + } + } + + $logistics_carriers[$parcel_carrier]->addOrderHistory($result[1], $order, $products_sent); + } + } else { + $this->html .= '

    '.$this->l('An error happened during the label rendering').'


    '; + } + } elseif($parcel_carrier=='mondialrelay' + && ( + ($id_order_detail = Tools::getValue('id_order_detail_reprint')) + && ($weight = Tools::getValue('weight_reprint')) + ) + ){ + $result = $logistics_carriers['mondialrelay']->_getRegisteredParcel(new Order($id_order), $id_order_detail, $products, $weight); + $render = $logistics_carriers['mondialrelay']->renderLabel(new Order($id_order), $weight, $result[1]); + $this->printLabel($render,true); } } //$this->printLabel($logistics_carriers['laposte']->renderLabel(new Order((int) $id_order), $weight, $reprint_number)); @@ -330,10 +341,10 @@ class AdminLogistics extends AdminTab { $this->printLabel($logistics_carriers['exapaq']->renderLabel(new Order(23336), 0.24, array('shipping_number' => '100000000', 'exapass' => '250094100000000068'))); } elseif(Tools::isSubmit('submitTestMondialrelay')) { $this->_html .= '

    '.$this->l('Registration complete, label sent to printer').'


    '; - $weight = 0.12; - $id_order = 578808; - $id_order_detail = 1844105; - $product = array('5154233' => "1"); + $weight = 0.100000; + $id_order = 628811; + $id_order_detail = 1994641; + $product = array('5189355' => "1"); $result = $logistics_carriers['mondialrelay']->_getRegisteredParcel(new Order($id_order), $id_order_detail, $product, $weight); $render = $logistics_carriers['mondialrelay']->renderLabel(new Order($id_order), $weight, $result[1]); $f = fopen(dirname(__FILE__).'/label_mr.txt', 'a+'); @@ -803,7 +814,7 @@ class AdminLogistics extends AdminTab { '.(((int) $cookie->profile == 1 || (int) $cookie->profile == 9 || (int) $cookie->profile == 7 || (int) $cookie->profile == 14)? 'x': '').'\ '.(((int) $cookie->profile == 1 || (int) $cookie->profile == 9 || (int) $cookie->profile == 7 || (int) $cookie->profile == 14)? - '") + \'" data-ref="\' + loaded.logs[i].product_reference + \'" data-id_order="\' + loaded.order.id + \'" data-carrier="\' + loaded.logs[i].carrier + \'" data-id_order_detail="\' + loaded.logs[i].id_order_detail + \'">+': '').'\ + '") + \'" data-weight="\' + loaded.logs[i].weight + \'" data-ref="\' + loaded.logs[i].product_reference + \'" data-id_order="\' + loaded.order.id + \'" data-carrier="\' + loaded.logs[i].carrier + \'" data-id_order_detail="\' + loaded.logs[i].id_order_detail + \'">+': '').'\ \'; } @@ -818,6 +829,8 @@ class AdminLogistics extends AdminTab {

    \ \ \ + \ + \

    \ \ \ @@ -868,6 +881,8 @@ class AdminLogistics extends AdminTab { $("span#product-ref").text($(this).data("ref")); $("#carrier-reprint").val($(this).data("carrier")); $("#id_order-reprint").val($(this).data("id_order")); + $("#id_order_detail-reprint").val($(this).data("id_order_detail")); + $("#weight-reprint").val($(this).data("weight")); $("#quantity-reprint").attr("name","products_reprint["+$(this).data("id_order_detail")+"]"); /*$("#form-reprint-labels").hide();*/ diff --git a/modules/mondialrelay/es.php b/modules/mondialrelay/es.php index f6b98876..e8e974ee 100755 --- a/modules/mondialrelay/es.php +++ b/modules/mondialrelay/es.php @@ -36,6 +36,18 @@ $_MODULE['<{mondialrelay}prestashop>mondialrelay_8bf569ff65b32464e623ca9e9a10688 $_MODULE['<{mondialrelay}prestashop>mondialrelay_6ed26bdf3f9141ddca4ede91f943e567'] = 'El metodo del transportista no puede agregarse al modulo'; $_MODULE['<{mondialrelay}prestashop>mondialrelay_af135815ccf731bcbffb522004762b57'] = 'EL transportista no puede borrarse todavia'; $_MODULE['<{mondialrelay}prestashop>mondialrelay_bba366864d25056c941b72f18ef79e7c'] = 'Este error no se conoce:'; +$_MODULE['<{mondialrelay}prestashop>selection_ea574723dfe9b3fe22cf852273eb54b2'] = 'Selección de los puntos de relevo'; +$_MODULE['<{mondialrelay}prestashop>selection_250705eeb4818b4a895bc9c148644db9'] = 'Hay un error :'; +$_MODULE['<{mondialrelay}prestashop>selection_96e0f3ab27038ff8ead88d3bb38fd2f9'] = 'Su punto de relevo ha sido registrada.'; +$_MODULE['<{mondialrelay}prestashop>selection_90d64eeba8247d656ef6b4800ec0f52f'] = 'sin IVA'; +$_MODULE['<{mondialrelay}prestashop>selection_f01390a0b796aab97beed915df1cdd63'] = 'IVA'; +$_MODULE['<{mondialrelay}prestashop>selection_b43150a5a761a760418604407b286237'] = 'Gratis!'; +$_MODULE['<{mondialrelay}prestashop>selection_bb8ecbd9a446c1868a8232c83a6a871f'] = 'Portador'; +$_MODULE['<{mondialrelay}prestashop>selection_a82be0f551b8708bc08eb33cd9ded0cf'] = 'información'; +$_MODULE['<{mondialrelay}prestashop>selection_bc138131629e312572f811a97f506f44'] = 'Precio'; +$_MODULE['<{mondialrelay}prestashop>selection_30f2be33218fc16bc6e11da40c43e773'] = 'Gratis!'; +$_MODULE['<{mondialrelay}prestashop>selection_7bb566167636b828774fe2be76976d34'] = 'elegir sus puntos de relevo'; +$_MODULE['<{mondialrelay}prestashop>selection_4525a58423124b28924e6751f6e1b088'] = 'Validar mi selección'; $_MODULE['<{mondialrelay}prestashop>mrcreatetickets_a1c3470a944b9625cfb924fd15c8bdbf'] = 'Por favor, seleccione al menos un pedido'; $_MODULE['<{mondialrelay}prestashop>mrcreatetickets_dc41aac14af17f1d19fca5e3b9439e74'] = 'La clave'; $_MODULE['<{mondialrelay}prestashop>mrcreatetickets_306b346c19017609403424203ea3d720'] = 'está vacío y debe ser llenado'; @@ -167,10 +179,24 @@ $_MODULE['<{mondialrelay}prestashop>settings_d02bbc3cb147c272b0445ac5ca7d1a36'] $_MODULE['<{mondialrelay}prestashop>settings_ca57625685f058f54d82c6e05876a131'] = 'Elige el estado para que las etiquetas.'; $_MODULE['<{mondialrelay}prestashop>settings_c9cc8cce247e49bae79f15173ce97354'] = 'Guardar '; $_MODULE['<{mondialrelay}prestashop>settings_f4f70727dc34561dfde1a3c529b6205c'] = 'Ajustes'; -$_MODULE['<{mondialrelay}prestashop>checkout_process_836f6c949a2f2d61489bf410def82111'] = 'Mondial Relay no puede buscar cualquier punto de repetición debido a un error prestashop'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_e0626222614bdee31951d84c64e5e9ff'] = 'Seleccionar'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_91b442d385b54e1418d81adc34871053'] = 'Seleccionado'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_ef2a1f426c2c289ed5986c7636a5d696'] = 'Por favor, elija un punto de relevo'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_80a0c205cd57b22fca7f174253870300'] = 'Horario de apertura'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_2b56b60f878922093facd42284848a0c'] = 'Más detalles'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_836f6c949a2f2d61489bf410def82111'] = 'Mondial Relay no puede buscar cualquier punto de relevo debido a un error prestashop'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_widget_ad3d06d03d94223fa652babc913de686'] = 'Validar'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_widget_b5cdf9b63fda35c33bb5e35cc3716b95'] = 'Lugar de recogida selecto:'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_widget_607fe9e462c0a459f540c94157016039'] = 'Cambiar selección'; +$_MODULE['<{mondialrelay}prestashop>checkout_process_widget_d807b6535a1b2ebfa0580f205a79f1cb'] = 'Debe seleccionar un punto de relevo para utilizar este método de entrega.'; $_MODULE['<{mondialrelay}prestashop>header_e0626222614bdee31951d84c64e5e9ff'] = 'Seleccionar'; -$_MODULE['<{mondialrelay}prestashop>header_91b442d385b54e1418d81adc34871053'] = 'seleccionado'; +$_MODULE['<{mondialrelay}prestashop>header_91b442d385b54e1418d81adc34871053'] = 'Seleccionado'; $_MODULE['<{mondialrelay}prestashop>header_ef2a1f426c2c289ed5986c7636a5d696'] = 'Por favor, elija un punto de relevo'; $_MODULE['<{mondialrelay}prestashop>header_80a0c205cd57b22fca7f174253870300'] = 'Horario de apertura'; $_MODULE['<{mondialrelay}prestashop>header_2b56b60f878922093facd42284848a0c'] = 'Más detalles'; +$_MODULE['<{mondialrelay}prestashop>header_widget_e0626222614bdee31951d84c64e5e9ff'] = 'Seleccionar'; +$_MODULE['<{mondialrelay}prestashop>header_widget_91b442d385b54e1418d81adc34871053'] = 'seleccionado'; +$_MODULE['<{mondialrelay}prestashop>header_widget_ef2a1f426c2c289ed5986c7636a5d696'] = 'Por favor, elija un punto de relevo'; +$_MODULE['<{mondialrelay}prestashop>header_widget_80a0c205cd57b22fca7f174253870300'] = 'Horario de apertura'; +$_MODULE['<{mondialrelay}prestashop>header_widget_2b56b60f878922093facd42284848a0c'] = 'Más detalles'; $_MODULE['<{mondialrelay}prestashop>order_detail_c2d05abc7f5ebdc72b6656df35038b43'] = 'Siga mi paquete en la página web Mondial Relay'; diff --git a/modules/philea_magistor/cron.php b/modules/philea_magistor/cron.php index e998277a..e472061c 100644 --- a/modules/philea_magistor/cron.php +++ b/modules/philea_magistor/cron.php @@ -1,7 +1,6 @@ getRow(' system('cd '.dirname(__FILE__).'/script && php send_article.php '.(int) $row['id_sale']); sleep(20); - // SEND REC01 - pas de gestion recption fournisseur sur bbb + // SEND REC01 Db::getInstance()->ExecuteS(' UPDATE `'._DB_PREFIX_.'philea_sync` SET `status` = 2 WHERE `id_sync` = '.(int) $row['id_sync'].' LIMIT 1 '); - /*system('cd '.dirname(__FILE__).'/script && php send_recep_orderform.php '.(int) $row['id_sale']);*/ + system('cd '.dirname(__FILE__).'/script && php send_recep_orderform.php '.(int) $row['id_sale']); } } diff --git a/modules/philea_magistor/cron_auto_sync.php b/modules/philea_magistor/cron_auto_sync.php index 626c2bfb..7bcbf76b 100644 --- a/modules/philea_magistor/cron_auto_sync.php +++ b/modules/philea_magistor/cron_auto_sync.php @@ -16,7 +16,7 @@ $auto_sync_sales = Db::getInstance()->executeS(' WHERE pms.`status` >= 2 AND pmas.active = 1 AND p.date_start <= NOW() - AND p.date_end >= DATE_SUB(NOW(), INTERVAL 1 HOUR) + AND p.date_end >= DATE_SUB(NOW(), INTERVAL 5 DAY) '); if ($auto_sync_sales && count($auto_sync_sales)) { diff --git a/modules/privatesales/Sale.php b/modules/privatesales/Sale.php index c1d45efb..d6e760fc 100755 --- a/modules/privatesales/Sale.php +++ b/modules/privatesales/Sale.php @@ -851,6 +851,7 @@ class Sale { if($carrier === "lp") { $carriers = array_map('intval',explode(',', Configuration::get('ANT_CARRIERS_SOCOL'))); + $carriers[] = 22; // dropshipping } else { $carriers = array_map('intval',explode(',', Configuration::get('ANT_CARRIERS_MR'))); } @@ -999,6 +1000,7 @@ class Sale { if($carrier === "lp") { $carriers = array_map('intval',explode(',', Configuration::get('ANT_CARRIERS_SOCOL'))); + $carriers[] = 22; // dropshipping } else { $carriers = array_map('intval',explode(',', Configuration::get('ANT_CARRIERS_MR'))); } From 4acbde03190749dca45a4bccf46ed302732c4e47 Mon Sep 17 00:00:00 2001 From: Marion Muszynski Date: Wed, 26 Jul 2017 11:09:47 +0200 Subject: [PATCH 3/4] add module alerthack to prevent hacker to post --- adm/tabs/AdminImport.php | 1 + modules/ant_alerthack/AdminAntAlertHack.php | 225 ++++++++++++++++++++ modules/ant_alerthack/ant_alerthack.php | 179 ++++++++++++++++ modules/ant_alerthack/models/Suspect.php | 125 +++++++++++ modules/ant_support_form/support.php | 48 ++++- override/controllers/ContactController.php | 34 ++- 6 files changed, 594 insertions(+), 18 deletions(-) create mode 100644 modules/ant_alerthack/AdminAntAlertHack.php create mode 100644 modules/ant_alerthack/ant_alerthack.php create mode 100644 modules/ant_alerthack/models/Suspect.php diff --git a/adm/tabs/AdminImport.php b/adm/tabs/AdminImport.php index ac81e603..5b4bdbef 100755 --- a/adm/tabs/AdminImport.php +++ b/adm/tabs/AdminImport.php @@ -898,6 +898,7 @@ class AdminImport extends AdminTab $image->id_product = (int)($product->id); $image->position = Image::getHighestPosition($product->id) + 1; $image->cover = (!$key AND !$productHasImages) ? true : false; + $image->legend = self::createMultiLangField($product->name); if (($fieldError = $image->validateFields(UNFRIENDLY_ERROR, true)) === true AND ($langFieldError = $image->validateFieldsLang(UNFRIENDLY_ERROR, true)) === true AND $image->add()) { if (!self::copyImg($product->id, $image->id, $url)) diff --git a/modules/ant_alerthack/AdminAntAlertHack.php b/modules/ant_alerthack/AdminAntAlertHack.php new file mode 100644 index 00000000..cb96614a --- /dev/null +++ b/modules/ant_alerthack/AdminAntAlertHack.php @@ -0,0 +1,225 @@ +is_suspect = Tools::getValue('state'); + } + if($suspect->save()){ + echo HelperFormBootstrap::displaySuccess($this->l('Suspect has been updated')); + return; + } else { + echo HelperFormBootstrap::displayError($this->l('Error occured while updating Suspect')); + return; + } + } elseif (Tools::isSubmit('update_conf')) { + if(($limit = Tools::getValue('limit')) !== false) { + Configuration::updateValue('ANT_ALERTHACK_LIMIT', (int) $limit); + } + if($time = Tools::getValue('time')) { + Configuration::updateValue('ANT_ALERTHACK_TIME', (int) $time); + } + if($emails = Tools::getValue('emails')) { + Configuration::updateValue('ANT_ALERTHACK_EMAILS', $emails); + } + echo HelperFormBootstrap::displaySuccess($this->l('Configurations has been updated')); + return; + } + } + + public function display() { + global $cookie; + + $helper = new HelperFormBootstrap(); + $helper->_css.= $this->_addCss(); + $html = $helper->renderStyle(); + $html .= ' +
    +
    +
    +
    +

    Alert Hack

    +
    +
    +
    +
    +
    +
    '; + $input = array( + 'type' => 'text', + 'label' => $this->l('Emails :'), + 'name' => 'emails', + 'id' => 'emails', + 'required' => true, + 'help' => "Emails à alerter (séparés d'une virgule)", + 'default' => Configuration::get('ANT_ALERTHACK_EMAILS') + ); + $html.= $helper->generateInput($input); + $html.= '
    '; + + $input = array( + 'type' => 'text', + 'label' => $this->l('Temps :'), + 'name' => 'time', + 'id' => 'time', + 'required' => true, + 'help' => "Temps en min ex: 5", + 'default' => Configuration::get('ANT_ALERTHACK_TIME') + ); + $html.= $helper->generateInput($input); + $html.= '
    '; + + $input = array( + 'type' => 'text', + 'label' => $this->l('Limit :'), + 'name' => 'limit', + 'id' => 'limit', + 'required' => true, + 'help' => "Nombres de message envoyés dans le temps renseigné", + 'default' => Configuration::get('ANT_ALERTHACK_LIMIT') + ); + $html.= $helper->generateInput($input); + $html.= '
    '; + + $html .=' +
    +
    +
    +
    + +
    +
    +
    +
    +
    +
    +
    '; + + $suspects = Suspect::getSuspects(); + $states = Suspect::$states; + $html .= ' +
    +
    +
    +
    +

    Suspects

    +
    +
    +
    +
    +
    + + + + + + + + + + + + + + '; + foreach ($suspects as $suspect) { + $html .= ' + + + + + + + + + + '; + } + $html .= ' + +
    '.$this->l('ID').''.$this->l('email').''.$this->l('id_customer').''.$this->l('Remote IP').''.$this->l('Remote Host').''.$this->l('Condition').''.$this->l('State').''.$this->l('Action').'
    '.$suspect['id_suspect'].''.$suspect['email'].''.$suspect['id_customer'].''.$suspect['remote_ip'].''.$suspect['remote_host'].''.$suspect['condition'].' '.$states[(int)$suspect['is_suspect']]['name'].' +
    '; + if($suspect['is_suspect'] == 1){ + $html .= ' + + '; + }elseif($suspect['is_suspect'] == 2){ + $html .= ' + + '; + } + $html .=' + +
    +
    +
    +
    +
    +
    +
    +
    '; + + $html .= $helper->renderScript(); + + echo $html; + } + + protected function _addCss() + { + return ' + form sup { + color: #CC0000; + font-weight: bold; + vertical-align: sub; + } + #content .bootstrap-datetimepicker-widget tr th { + border-radius :0px !important; + } + .table tr th { + background: #565485; + background: rgba(86,84,133,0.9); + color: #fff; + font-size: 12px; + } + .table tr:nth-child(even) { + background: #F1F1F1; + } + .table>tbody>tr>td, + .table>tbody>tr>th, + .table>tfoot>tr>td, + .table>tfoot>tr>th, + .table>thead>tr>td, + .table>thead>tr>th { + vertical-align: middle; + } + .table .input-group-btn .btn { + padding: 4px 5px; + color: #504d8b; + + } + .table .input-group-btn .btn .anticon{ + font-size: 12px; + } + .bg-grey{ + background: #EFEFEF; + border-radius:4px; + } + .bg-grey .div-title { + border-bottom: 2px solid #504D8B; + } + .div-title i.anticon, + .div-title i.glyphicon, + ul li a{ + color:#504d8b; + } + '; + } +} \ No newline at end of file diff --git a/modules/ant_alerthack/ant_alerthack.php b/modules/ant_alerthack/ant_alerthack.php new file mode 100644 index 00000000..8800099d --- /dev/null +++ b/modules/ant_alerthack/ant_alerthack.php @@ -0,0 +1,179 @@ +name = 'ant_alerthack'; + $this->tab = 'administration'; + $this->author = 'Antadis'; + $this->version = '1.0'; + $this->need_instance = 0; + + parent::__construct(); + + $this->displayName = $this->l('Alert for hacking tentative'); + $this->description = $this->l('Alert when someone try to make SQL injection in contact form'); + } + + public function install() + { + // if (!$this->installDB()){ + // return false; + // } + + $hooks = array( + 'ant_alerthack' => array('Ant Alert Hack', 'Called when someone sends some messages in few minutes'), + 'ant_alerthackbefore' => array('Ant Alert Hack Before', 'Called before customer or visitor makes an action'), + ); + foreach($hooks as $k => $v) { + if(count(Db::getInstance()->ExecuteS(' + SELECT `id_hook` + FROM `'._DB_PREFIX_.'hook` + WHERE `name` = "'.$k.'" + LIMIT 1 + ')) == 0) { + Db::getInstance()->ExecuteS(' + INSERT INTO `'._DB_PREFIX_.'hook` + VALUES (DEFAULT, "'.$k.'", "'.$v[0].'", "'.$v[1].'", 0, 0) + '); + } + } + + if(!parent::install() + || !$this->registerHook('ant_alerthack') + || !$this->registerHook('ant_alerthackbefore')) { + return false; + } + + # Set default configuration values + Configuration::updateValue('ANT_ALERTHACK_LIMIT', 5); + Configuration::updateValue('ANT_ALERTHACK_TIME', 1); + Configuration::updateValue('ANT_ALERTHACK_EMAILS', 'marion@antadis.com'); + + return true; + } + + private function installDB() + { + $result = true; + # Add tables + $query = ' + CREATE TABLE IF NOT EXISTS `' . _DB_PREFIX_ . 'ant_alerthack_suspect` ( + `id_suspect` INTEGER NOT NULL AUTO_INCREMENT, + `id_customer` INTEGER DEFAULT 0, + `email` VARCHAR(128), + `page` VARCHAR(250), + `referrer` VARCHAR(250), + `user_agent` VARCHAR(128), + `remote_host` VARCHAR(255), + `remote_ip` VARCHAR(20), + `condition` VARCHAR(50), + `is_suspect` INTEGER DEFAULT 0, + `date_add` DATETIME NOT NULL, + `date_upd` DATETIME NOT NULL, + PRIMARY KEY(`id_suspect`) + ) ENGINE=' . _MYSQL_ENGINE_ . ' DEFAULT CHARSET=utf8 + '; + + $result = Db::getInstance()->Execute($query); + + return $result; + } + + + public function uninstall() { + + if(parent::uninstall() == false) { + return false; + } + + Configuration::deleteByName('ANT_ALERTHACK_LIMIT'); + Configuration::deleteByName('ANT_ALERTHACK_TIME'); + Configuration::deleteByName('ANT_ALERTHACK_EMAILS'); + + return true; + } + + public function hookAnt_Alerthackbefore($params) { + global $cookie; + return true; + } + + public function hookAnt_Alerthack($params) { + global $cookie; + $min = (int)Configuration::get('ANT_ALERTHACK_TIME'); + $count_limit = (int)Configuration::get('ANT_ALERTHACK_LIMIT'); + $id_customer = ($params['id_customer']?$params['id_customer']:''); + + $count = Db::getInstance()->getValue(' + SELECT COUNT(m.`id_customer_message`) + FROM `'._DB_PREFIX_.'customer_message` m + LEFT JOIN `'._DB_PREFIX_.'customer_thread` t ON (t.`id_customer_thread` = m.`id_customer_thread`) + WHERE ( + t.`email` = "'.pSQL($params['email']).'" + '.(!empty($id_customer)?' OR t.`id_customer` = '.(int)$id_customer:'').' + ) + AND m.`date_add` < NOW() AND m.`date_add` > DATE_SUB(NOW(), INTERVAL '.$min.' MINUTE) + '); + + if($count >= $count_limit){ + $info = array( + 'count' => (int)$count, + 'time' => (int)$min + ); + $this->saveInfo($info, $params['email'], $id_customer); + + $emails = Configuration::get('ANT_ALERTHACK_EMAILS'); + $to = explode(',', $emails); + $data = array( + '{limit}' => (int)Configuration::get('ANT_ALERTHACK_LIMIT'), + '{time}' => (int)Configuration::get('ANT_ALERTHACK_TIME'), + '{suspect_email}' => $params['email'], + ); + foreach ($to as $email) { + Mail::Send((int)$cookie->id_lang, 'ant_alerthack', 'Alert Hack', $data, $to); + } + } + } + + public function saveInfo($info, $email, $id_customer = '') + { + + $remoteIP = $_SERVER['REMOTE_ADDR']; + if (strstr($remoteIP, ', ')) { + $ips = explode(', ', $remoteIP); + $remoteIP = $ips[0]; + } + $page = "https://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}"; + $page .= (!empty($_SERVER['QUERY_STRING'])? $_SERVER['QUERY_STRING']:''); + $referrer = $_SERVER['HTTP_REFERER']; + $useragent = $_SERVER['HTTP_USER_AGENT']; + $remotehost = gethostbyaddr($remoteIP); + $is_exist = Db::getInstance()->getRow(' + SELECT `id_suspect` + FROM `'._DB_PREFIX_.'ant_alerthack_suspect` + WHERE `email` = "'.pSQL($email).'" + '); + if($is_exist){ + $suspect = new Suspect((int)$is_exist['id_suspect']); + } else { + $suspect = new Suspect(); + } + $suspect->id_customer = (!empty($id_customer)?$id_customer:0); + $suspect->email = pSQL($email); + $suspect->page = pSQL($page); + $suspect->user_agent = pSQL($useragent); + $suspect->remote_host = pSQL($remotehost); + $suspect->remote_ip = pSQL($remoteIP); + $suspect->referrer = pSQL($referrer); + $suspect->is_suspect = 1; + $suspect->condition = pSQL($info['count'].' messages in '.$info['time'].' minutes'); + $suspect->save(); + } + +} diff --git a/modules/ant_alerthack/models/Suspect.php b/modules/ant_alerthack/models/Suspect.php new file mode 100644 index 00000000..77db2c7d --- /dev/null +++ b/modules/ant_alerthack/models/Suspect.php @@ -0,0 +1,125 @@ + array( + 'name' => "A vérifier", + 'icon' => 'anticon anticon-hour-glass text-orange', + ), + 1 => array( + 'name' => "Suspect", + 'icon' => 'anticon anticon-target text-rose', + ), + 2 => array( + 'name' => "Verifié", + 'icon' => 'anticon anticon-checkmark text-green-light', + ), + ); + + public $id_suspect; + public $id_customer; + public $email; + public $page; + public $referrer; + public $user_agent; + public $remote_host; + public $remote_ip; + public $condition; + public $is_suspect; + public $date_add; + public $date_upd; + + protected $fieldsRequired = array('email'); + protected $fieldsValidate = array( + 'id_suspect' => 'isUnsignedId', + 'id_customer' => 'isUnsignedId', + 'email' => 'isEmail', + 'page' => 'isString', + 'referrer' => 'isString', + 'user_agent' => 'isString', + 'remote_host' => 'isString', + 'remote_ip' => 'isString', + 'condition' => 'isString', + 'is_suspect' => 'isInt', + 'date_add' => 'isDate', + 'date_upd' => 'isDate', + ); + + protected $table = 'ant_alerthack_suspect'; + protected $identifier = 'id_suspect'; + + + public function getFields() + { + parent::validateFields(); + + $fields['id_suspect'] = (int)$this->id_suspect; + $fields['id_customer'] = (int)$this->id_customer; + $fields['email'] = pSQL($this->email); + $fields['page'] = pSQL($this->page); + $fields['referrer'] = pSQL($this->referrer); + $fields['user_agent'] = pSQL($this->user_agent); + $fields['remote_host'] = pSQL($this->remote_host); + $fields['remote_ip'] = pSQL($this->remote_ip); + $fields['condition'] = pSQL($this->condition); + $fields['is_suspect'] = (int)$this->is_suspect; + $fields['date_add'] = pSQL($this->date_add); + $fields['date_upd'] = pSQL($this->date_upd); + + return $fields; + } + + public function delete() + { + return true; + } + + /** + * Get suspects + * @param $states array get only suspects in specific states + * @return Array Groups + */ + public static function getSuspects($states = array(), $where = false) + { + if($where){ + return Db::getInstance()->executeS(' + SELECT * + FROM `'._DB_PREFIX_.'ant_alerthack_suspect` s + WHERE '.$where.' + '); + } else { + return Db::getInstance()->executeS(' + SELECT * + FROM `'._DB_PREFIX_.'ant_alerthack_suspect` s + WHERE 1 + '.(!empty($states) ? 'AND s.`is_suspect` IN ('.implode(',',$states).')' : '').' + ORDER BY s.date_add DESC + '); + } + } + + public function save() + { + if (parent::save()) { + return true; + } + } + + public static function isBannished($email){ + + $suspect = Db::getInstance()->getRow(' + SELECT `is_suspect` + FROM `'._DB_PREFIX_.'ant_alerthack_suspect` + WHERE `email` = "'.pSQL($email).'" + '); + if((int)$suspect['is_suspect'] == 1){ + return true; + } + return false; + } +} diff --git a/modules/ant_support_form/support.php b/modules/ant_support_form/support.php index e8b389ab..792c53b3 100644 --- a/modules/ant_support_form/support.php +++ b/modules/ant_support_form/support.php @@ -36,6 +36,12 @@ if ($cookie->isLogged()) { } if (Tools::isSubmit('submitMessage')) { + $alert_mode = false; + if(Module::isInstalled('ant_alerthack')) { + $alert_mode = true; + include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php'; + } + $fileAttachment = NULL; if (isset($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['tmp_name'])) { @@ -46,24 +52,40 @@ if (Tools::isSubmit('submitMessage')) { $fileAttachment['mime'] = $_FILES['fileUpload']['type']; } $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); - if (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) + if (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){ $errors[] = Tools::displayError('Invalid e-mail address'); - elseif (!($message = nl2br2($message))) + } + elseif ($alert_mode && Suspect::isBannished($from)){ + $errors[] = Tools::displayError('Message cannot be sent.'); + } + elseif (!($message = nl2br2($message))){ $errors[] = Tools::displayError('Message cannot be blank'); - elseif (!Validate::isCleanHtml($message)) + } + elseif (!Validate::isCleanHtml($message)){ $errors[] = Tools::displayError('Invalid message'); - elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))) + } + elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))){ $errors[] = Tools::displayError('Please select a subject on the list.'); - elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) + } + elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')){ $errors[] = Tools::displayError('Please select a reason on the list.'); - elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) + } + elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')){ $errors[] = Tools::displayError('Please enter/choose an order ID'); - elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) - $errors[] = Tools::displayError('Please choose a product'); - elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) + } + elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')){ + if((int)($cookie->id_customer)){ + $errors[] = Tools::displayError('Please choose a product'); + } else { + $errors[] = Tools::displayError('You have to be logged'); + } + } + elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){ $errors[] = Tools::displayError('An error occurred during the file upload'); - elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) + } + elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){ $errors[] = Tools::displayError('Bad file extension'); + } else { if ((int)($cookie->id_customer)) @@ -218,7 +240,11 @@ if (Tools::isSubmit('submitMessage')) { $errors[] = Tools::displayError('An error occurred while sending message.'); } - // Module::hookExec('ant_alert', array()); // @ToDo - uncomment it + Module::hookExec('ant_alerthack', array( + 'email' => $from, + 'id_customer' => (isset($customer->id)?$customer->id:false), + 'message' => $message + )); if (count($errors) > 1) array_unique($errors); diff --git a/override/controllers/ContactController.php b/override/controllers/ContactController.php index fa7bdaf6..2a6d26db 100755 --- a/override/controllers/ContactController.php +++ b/override/controllers/ContactController.php @@ -3,7 +3,7 @@ class ContactController extends ContactControllerCore { public function preProcess() { - parent::preProcess(); + FrontController::preProcess(); if (self::$cookie->isLogged()) { @@ -40,6 +40,12 @@ class ContactController extends ContactControllerCore { if (Tools::isSubmit('submitMessage')) { + $alert_mode = false; + if(Module::isInstalled('ant_alerthack')) { + $alert_mode = true; + include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php'; + } + $fileAttachment = NULL; if (isset($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['tmp_name'])) { @@ -50,18 +56,27 @@ class ContactController extends ContactControllerCore { $fileAttachment['mime'] = $_FILES['fileUpload']['type']; } $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); - if (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) + if (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){ $this->errors[] = Tools::displayError('Invalid e-mail address'); - elseif (!($message = nl2br2($message))) + } + elseif ($alert_mode AND Suspect::isBannished($from)){ + $this->errors[] = Tools::displayError('Message cannot be sent.'); + } + elseif (!($message = nl2br2($message))){ $this->errors[] = Tools::displayError('Message cannot be blank'); - elseif (!Validate::isCleanHtml($message)) + } + elseif (!Validate::isCleanHtml($message)){ $this->errors[] = Tools::displayError('Invalid message'); - elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))) + } + elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))){ $this->errors[] = Tools::displayError('Please select a subject on the list.'); - elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) + } + elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){ $this->errors[] = Tools::displayError('An error occurred during the file upload'); - elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) + } + elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){ $this->errors[] = Tools::displayError('Bad file extension'); + } else { if ((int)(self::$cookie->id_customer)) @@ -188,6 +203,11 @@ class ContactController extends ContactControllerCore { } Module::hookExec('ant_alert', array()); + Module::hookExec('ant_alerthack', array( + 'email' => $from, + 'id_customer' => (isset($customer->id)?$customer->id:false), + 'message' => $message + )); if (count($this->errors) > 1) array_unique($this->errors); From 58b3c509b4feda9a29518d20d0be2e872384696e Mon Sep 17 00:00:00 2001 From: Marion Muszynski Date: Wed, 26 Jul 2017 13:21:18 +0200 Subject: [PATCH 4/4] prevent multi tracking after registration --- modules/trackingtag/trackingtag.php | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/modules/trackingtag/trackingtag.php b/modules/trackingtag/trackingtag.php index b05583ae..6afbba58 100644 --- a/modules/trackingtag/trackingtag.php +++ b/modules/trackingtag/trackingtag.php @@ -234,18 +234,18 @@ class TrackingTag extends Module {
    - +
    -
    +
    +
    @@ -302,6 +302,16 @@ class TrackingTag extends Module { public function hookAccountValidation($params) { global $cookie, $site_version_front; + if($cookie->isLogged()) { + $customer = new Customer((int)$cookie->id_customer); + $accountCreationDateTime = new DateTime($customer->date_add); + $nowDateTime = new DateTime(); + $maxTrackingDateInterval = new DateInterval('PT8S'); //8 seconds + if ($nowDateTime > $accountCreationDateTime->add($maxTrackingDateInterval)) { + return ''; + } + } + $tags = Db::getInstance()->ExecuteS(' SELECT * FROM `'._DB_PREFIX_.'trackingtag` @@ -317,6 +327,9 @@ class TrackingTag extends Module { $output = ''; foreach($tags as $tag) { + if((int)$tag['id_trackingtag'] == 2 && $cookie->id_lang == 3){ + continue; + } $output .= str_replace(array( '{id_customer}', '{email}',