bebeboutik/override/controllers/ContactController.php
Michael RICOIS 7208390679 Typo
2018-03-01 16:29:55 +01:00

259 lines
13 KiB
PHP
Executable File

<?php
class ContactController extends ContactControllerCore {
public function preProcess()
{
FrontController::preProcess();
if (self::$cookie->isLogged())
{
self::$smarty->assign('isLogged', 1);
$customer = new Customer((int)(self::$cookie->id_customer));
if (!Validate::isLoadedObject($customer))
die(Tools::displayError('Customer not found'));
$products = array();
$orders = array();
$getOrders = Db::getInstance()->ExecuteS('
SELECT id_order
FROM '._DB_PREFIX_.'orders
WHERE id_customer = '.(int)$customer->id.' ORDER BY date_add');
foreach ($getOrders as $row)
{
$order = new Order($row['id_order']);
$date = explode(' ', $order->date_add);
$orders[$row['id_order']] = Tools::displayDate($date[0], self::$cookie->id_lang);
$tmp = $order->getProducts();
foreach ($tmp as $key => $val)
$products[$val['product_id']] = $val['product_name'];
}
$orderList = '';
foreach ($orders as $key => $val)
$orderList .= '<option value="'.$key.'" '.((int)(Tools::getValue('id_order')) == $key ? 'selected' : '').' >'.$key.' -- '.$val.'</option>';
$orderedProductList = '';
foreach ($products as $key => $val)
$orderedProductList .= '<option value="'.$key.'" '.((int)(Tools::getValue('id_product')) == $key ? 'selected' : '').' >'.$val.'</option>';
self::$smarty->assign('orderList', $orderList);
self::$smarty->assign('orderedProductList', $orderedProductList);
}
if (Tools::isSubmit('submitMessage'))
{
$alert_mode = false;
if (Module::isInstalled('ant_alerthack')) {
$alert_mode = true;
include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php';
}
$fileAttachment = NULL;
if (isset($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['name']) AND !empty($_FILES['fileUpload']['tmp_name']))
{
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$filename = uniqid().substr($_FILES['fileUpload']['name'], -5);
$fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (Tools::getValue('email2') != '') {
$this->errors[] = Tools::displayError('Invalid');
}
elseif (preg_match("/\p{Han}+/u", $message)) {
$this->errors[] = Tools::displayError('Invalid message');
}
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
}
elseif ($alert_mode && Suspect::isBannished($from)) {
$this->errors[] = Tools::displayError('Message cannot be sent.');
}
elseif (!($message = nl2br2($message))) {
$this->errors[] = Tools::displayError('Message cannot be blank');
}
elseif (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
}
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))) {
$this->errors[] = Tools::displayError('Please select a subject on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) {
$this->errors[] = Tools::displayError('Please select a reason on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) {
$this->errors[] = Tools::displayError('Please enter/choose an order ID');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) {
if((int)(self::$cookie->id_customer)) {
$this->errors[] = Tools::displayError('Please choose a product');
} else {
$this->errors[] = Tools::displayError('You have to be logged');
}
}
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload');
}
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
}
else
{
if ((int)(self::$cookie->id_customer)) {
$customer = new Customer((int)(self::$cookie->id_customer));
}
else {
$customer = new Customer();
$customer->getByEmail($from);
}
$contact = new Contact($id_contact, self::$cookie->id_lang);
if (!((
$id_customer_thread = (int)Tools::getValue('id_customer_thread')
AND (int)Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM '._DB_PREFIX_.'customer_thread cm
WHERE cm.id_customer_thread = '.(int)$id_customer_thread.' AND token = \''.pSQL(Tools::getValue('token')).'\'')
) OR (
$id_customer_thread = (int)Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM '._DB_PREFIX_.'customer_thread cm
WHERE cm.email = \''.pSQL($from).'\' AND cm.id_order = '.(int)(Tools::getValue('id_order')).'')
)))
{
$fields = Db::getInstance()->ExecuteS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM '._DB_PREFIX_.'customer_thread cm
WHERE email = \''.pSQL($from).'\' AND ('.
($customer->id ? 'id_customer = '.(int)($customer->id).' OR ' : '').'
id_order = '.(int)(Tools::getValue('id_order')).')');
$score = 0;
foreach ($fields as $key => $row)
{
$tmp = 0;
if ((int)$row['id_customer'] AND $row['id_customer'] != $customer->id AND $row['email'] != $from)
continue;
if ($row['id_order'] != 0 AND Tools::getValue('id_order') != $row['id_order'])
continue;
if ($row['email'] == $from)
$tmp += 4;
if ($row['id_contact'] == $id_contact)
$tmp++;
if (Tools::getValue('id_product') != 0 AND $row['id_product'] == Tools::getValue('id_product'))
$tmp += 2;
if ($tmp >= 5 AND $tmp >= $score)
{
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM '._DB_PREFIX_.'customer_message cm
WHERE cm.id_customer_thread = '.(int)($id_customer_thread).'
ORDER BY date_add DESC');
if ($old_message == htmlentities($message, ENT_COMPAT, 'UTF-8'))
{
self::$smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if (!empty($contact->email))
{
if (/*Mail::Send((int)(self::$cookie->id_lang), 'contact', Mail::l('Message from contact form'), array('{email}' => $from, '{message}' => stripslashes($message)), $contact->email, $contact->name, $from, ((int)(self::$cookie->id_customer) ? $customer->firstname.' '.$customer->lastname : ''), $fileAttachment)
AND*/ Mail::Send((int)(self::$cookie->id_lang), 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from))
self::$smarty->assign('confirmation', 1);
else
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
if ($contact->customer_service)
{
$ctStatusLast = false;
if ((int)$id_customer_thread)
{
$ct = new CustomerThread($id_customer_thread);
$ctStatusLast = $ct->status;
$ctStatusDate = $ct->date_upd;
$ct->status = 'open';
$ct->id_lang = (int)self::$cookie->id_lang;
$ct->id_contact = (int)($id_contact);
if ($id_order = (int)Tools::getValue('id_order'))
$ct->id_order = $id_order;
if ($id_product = (int)Tools::getValue('id_product'))
$ct->id_product = $id_product;
if (!isset($customer->id) || !$customer->id)
$ct->id_customer = 0;
$ct->update();
}
else
{
$ct = new CustomerThread();
if (isset($customer->id))
$ct->id_customer = (int)($customer->id);
if ($id_order = (int)Tools::getValue('id_order'))
$ct->id_order = $id_order;
if ($id_product = (int)Tools::getValue('id_product'))
$ct->id_product = $id_product;
$ct->id_contact = (int)($id_contact);
$ct->id_lang = (int)self::$cookie->id_lang;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id)
{
// Update date_upd to the last interesting date
if ($ctStatusLast !== false && $ctStatusLast == 'open') {
$sql = 'UPDATE `'._DB_PREFIX_.'customer_thread` SET `date_upd` = "'.$ctStatusDate.'" WHERE id_customer_thread='. $ct->id;
Db::getInstance()->Execute($sql);
}
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = htmlentities($message, ENT_COMPAT, 'UTF-8');
if (isset($filename) AND rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_.'../upload/'.$filename))
$cm->file_name = $filename;
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if ($cm->add())
{
if (empty($contact->email))
Mail::Send((int)(self::$cookie->id_lang), 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from);
self::$smarty->assign('confirmation', 1);
}
else
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
else
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
Module::hookExec('ant_alert', array('id_contact' => (int)($id_contact)));
Module::hookExec('ant_alerthack', array(
'email' => $from,
'id_customer' => (isset($customer->id)?$customer->id:false),
'message' => $message
));
if (count($this->errors) > 1)
array_unique($this->errors);
}
}
}
public function setMedia() {
parent::setMedia();
global $css_files;
$css_files = array_slice($css_files, 0, 1);
}
}