pcwvanbeers/Commerce
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
580f835fffa26f645a006b25277c9dad3192cfbf
Commerce/myaccount.php
“VeLiTi” 580f835fff 2nd update
2025-05-26 15:07:22 +02:00

371 lines
16 KiB
PHP
Raw Blame History

<?php
// Prevent direct access to file
defined(security_key) or exit;
if (isset($_GET['activation_key']) && strlen($_GET['activation_key']) == 50){
//ACTIVATION KEY IS PROVIDED
//1. CHECK IF KEY EXISTS AND ISVERIFIED = 0 (not verified)
$account = ioAPIv2('/v2/identity/userkey='.$_GET['activation_key'].'&isverified=0','',$clientsecret);
$account = json_decode($account,true);
//ACCOUNT EXISTS NOT VERIFIED
if ($account){
$payload = json_encode(array("userkey" => $_GET['activation_key'], "isverified" => 1), JSON_UNESCAPED_UNICODE);
$verified = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$verified = json_decode($verified,true);
if($verified['status'] == 'updated'){
//USER VERIFIED => LOGIN
session_regenerate_id();
$_SESSION['account_loggedin'] = TRUE;
$_SESSION['account_id'] = $verified['accountID'];
$_SESSION['account_role'] = $account['profile'];
$_SESSION['country_code'] = $account['language'];
$products_in_cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : [];
if ($products_in_cart) {
// user has products in cart, redirect them to the checkout page
header('Location: ' . url('index.php?page=checkout'));
} else {
// Redirect the user back to the same page, they can then see their order history
header('Location: ' . url('index.php?page=myaccount'));
}
exit;
} else {
$error = $error_myaccount;
}
} else {
$error = $error_myaccount;
}
}
// User clicked the "Login" button, proceed with the login process... check POST data and validate email
if (isset($_POST['login'], $_POST['email'], $_POST['password']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
//+++++++++++++++++++++++++++++++++++++++++++++++++++++
// LOGIN CONSUMER
//+++++++++++++++++++++++++++++++++++++++++++++++++++++
$payload = json_encode(array("login" => "consumer", "email" => $_POST['email'], "password" => $_POST['password']), JSON_UNESCAPED_UNICODE);
$account = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$account= json_decode($account,true);
if ($account && isset($account['accountID'])) {
// User has logged in, create session data
session_regenerate_id();
$_SESSION['account_loggedin'] = TRUE;
$_SESSION['account_id'] = $account['accountID'];
$_SESSION['account_role'] = $account['profile'];
$_SESSION['country_code'] = $account['language'];
$products_in_cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : [];
if ($products_in_cart) {
//user has products in cart, redirect them to the checkout page
header('Location: ' . url('index.php?page=checkout'));
} else {
//Redirect the user back to the same page, they can then see their order history
header('Location: ' . url('index.php?page=myaccount'));
}
exit;
} else {
$error = $error_myaccount;
}
}
// Variable that will output registration errors
$register_error = '';
// User clicked the "Register" button, proceed with the registration process... check POST data and validate email
if (isset($_POST['register'], $_POST['email'], $_POST['password'], $_POST['cpassword']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
// Check if the account exists
$account = ioAPIv2('/v2/identity/email='.$_POST['email'],'',$clientsecret);
$account = json_decode($account,true);
if ($account) {
// Account exists!
$register_error = 'Account already exists';
;
} else if ($_POST['cpassword'] != $_POST['password']) {
$register_error = 'Passwords do not match!';
} else if (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 5) {
// Password must be between 5 and 20 characters long.
$register_error = 'Password must be between 5 and 20 characters long';
} else {
// Account doesnt exist, create new account
$payload = json_encode(array("email" => $_POST['email'], "password" => $_POST['password'], "language" => $_SESSION['country_code']), JSON_UNESCAPED_UNICODE);
$account = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$account= json_decode($account,true);
if ($account && isset($account['accountID'])) {
//SEND VERIFICATION EMAIL
include dirname(__FILE__).'/custom/email/email_template_register.php';
$register_mail = $message;
send_mail_by_PHPMailer($account['identity'], $subject, $register_mail,'', '');
$register_error = 'Email send to verify your account';
}
}
}
// Determine the current tab page
$tab = (isset($_GET['activation_key']) && strlen($_GET['activation_key']) != 50 ) ? $_GET['activation_key'] : 'orders';
// If user is logged in
if (isset($_SESSION['account_loggedin'])) {
//CALL TO API
$api_url = '/v2/transactions_items/account_id='.$_SESSION['account_id'];
$orders = ioAPIv2($api_url,'',$clientsecret);
//Decode Payload
if (!empty($orders)){$orders = json_decode($orders,true);}else{$orders = null;}
// Retrieve account details
$api_url = '/v2/identity/userkey='.$_SESSION['account_id'];
$identity = ioAPIv2($api_url,'',$clientsecret);
//Decode Payload
if (!empty($identity)){$identity = json_decode($identity,true);}else{$identity = null;}
$identity = $identity[0];
// Update settings
if (isset($_POST['save_details'], $_POST['email'], $_POST['password'])) {
// Assign and validate input data
$first_name = isset($_POST['first_name']) ? $_POST['first_name'] : '';
$last_name = isset($_POST['last_name']) ? $_POST['last_name'] : '';
$address_street = isset($_POST['address_street']) ? $_POST['address_street'] : '';
$address_city = isset($_POST['address_city']) ? $_POST['address_city'] : '';
$address_state = isset($_POST['address_state']) ? $_POST['address_state'] : '';
$address_zip = isset($_POST['address_zip']) ? $_POST['address_zip'] : '';
$address_country = isset($_POST['address_country']) ? $_POST['address_country'] : '';
$address_phone = isset($_POST['address_phone']) ? $_POST['address_phone'] : '';
// Check if account exists with captured email
if ($_POST['email'] != $identity['email']) {
// Check if the account exists
$account = ioAPIv2('/v2/identity/email='.$_POST['email'],'',$clientsecret);
$account = json_decode($account,true);
if ($account) {
// Account exists with change email
$error = $error_myaccount_exists;
}
}
elseif (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 5) {
// Password must be between 5 and 20 characters long.
$error = $error_account_password_rules;
}
elseif (!$error){
//UPDATE DATA
$payload = json_encode(array(
"email" => $_POST['email'],
"first_name" => $first_name,
"last_name" => $last_name,
"address_street" => $address_street,
"address_city" => $address_city,
"address_state" => $address_state,
"address_zip" => $address_zip,
"address_country" => $address_country,
"address_phone" => $address_phone,
"password" => $_POST['password'],
"language" => $_SESSION['country_code'],
"userkey" => $_SESSION['account_id']), JSON_UNESCAPED_UNICODE);
$update_identity = ioAPIv2('/v2/identity/',$payload,$clientsecret);
$update_identity = json_decode($update_identity,true);
// Redirect to settings page
header('Location: ' . url('index.php?page=myaccount&tab=settings'));
exit;
}
}
}
$view = template_header($myaccount_text,'');
$view .= '
';
if(!isset($_SESSION['account_loggedin'])){
$view .= '
<div class="login content-wrapper">
<div class="login-register">
<div class="login">
<h1>'.$h1_login.'</h1>
<form action="" method="post">
<label for="email" class="form-label">'.$account_create_email.'</label>
<input type="email" name="email" id="email" placeholder="john@example.com" required class="form-field">
<label for="password" class="form-label">'.$account_create_password.'</label>
<input type="password" name="password" id="password" placeholder="'.$account_create_password.'" required class="form-field">
<input name="login" type="submit" value="'.$h1_login.'" class="btn">
</form>';
if($error){
$view .= '<p class="error">'.$error.'</p>';
}
$view .= '</div>
<div class="register">
<h1>'.$h1_register.'</h1>
<form action="" method="post">
<label for="email" class="form-label">'.$account_create_email.'</label>
<input type="email" name="email" id="email" placeholder="john@example.com" required class="form-field">
<label for="password" class="form-label">'.$account_create_password.'</label>
<input type="password" name="password" id="password" placeholder="'.$account_create_password.'" required class="form-field">
<label for="cpassword" class="form-label">'.$account_create_password_confirm.'</label>
<input type="password" name="cpassword" id="cpassword" placeholder="'.$account_create_password_confirm.'" required class="form-field">
<input name="register" type="submit" value="'.$h1_register.'" class="btn">
</form>';
if($register_error){
$view .= '<p class="error">'.$register_error.'</p>';
}
$view .= ' </div>
</div>';
//++++++++++++++++++++++++++++++++++++++++
//MY ACCOUNT DETAILS
//++++++++++++++++++++++++++++++++++++++++
} else {
$view .= '
<div class="myaccount content-wrapper">
<h1>'.$h1_myaccount.'</h1>
<div class="menu">
<h2>'.$h2_menu.'</h2>
<div class="menu-items">
<a href="'.url('index.php?page=myaccount').'">'.$menu_orders.'</a>
<a href="'.url('index.php?page=myaccount&tab=settings').'">'.$menu_settings.'</a>
</div>
</div>';
if($tab == 'orders'){
$view .= '<div class="myorders">
<h2>'.$h2_myorders.'</h2>';
if(empty($orders)){
$view .= '<p>'.$myorders_message.'</p>';
}
foreach($orders as $order){
//Translate status INT to STR
$payment_status = 'payment_status_'.$order['header']['payment_status'];
$view .= '<div class="order">
<div class="order-header">
<div>
<div><span>'.$myorders_order.'</span># '.$order['header']['id'].'</div>
<div class="rhide"><span>'.$myorders_date.'</span>'.date('F j, Y', strtotime($order['header']['created'])).'</div>
<div><span>'.$myorders_status.'</span>'.(${$payment_status} ?? $order['header']['payment_status']).'</div>
</div>
<div>
<div class="rhide"><span>'.$myorders_shipping.'</span>'.currency_code.''.number_format($order['header']['shipping_amount'],2).'</div>
<div><span>'.$myorders_total.'</span>'.currency_code.''.number_format($order['header']['payment_amount'],2).'</div>
</div>
</div>
<div class="order-items">
<table>
<tbody>';
foreach($order['items'] as $transaction_item){
$view .= '<tr>
<td class="img">';
if(!empty($transaction_item['full_path'])){
$view .= '<img src="'.img_url.''.$transaction_item['full_path'].'" width="50" height="50" alt="'.(${$transaction_item['item_name']} ?? $transaction_item['item_name']).'">';
}
$view .= '</td>
<td class="name">'.$transaction_item['item_quantity'].' x '.(${$transaction_item['item_name']} ?? $transaction_item['item_name']).'</td>
<td class="price">'.currency_code.''.number_format($transaction_item['item_price'] * $transaction_item['item_quantity'],2).'</td>
</tr>';
}
$view .= ' </tbody>
</table>
</div>
</div>';
}
$view .= '
</div>';
}
elseif($tab == 'settings'){
$view .= '<div class="settings">
<h2>'.$h2_settings.'</h2>
<form action="" method="post">
<label for="email" class="form-label">'.$settings_email.'</label>
<input id="email" type="email" name="email" placeholder="'.$settings_email.'" value="'.htmlspecialchars($identity['email'] ?? '', ENT_QUOTES).'" class="form-field" required>
<label for="password" class="form-label">'.$settings_new_password.'</label>
<input type="password" id="password" name="password" placeholder="'.$settings_new_password.'" value="" autocomplete="new-password" class="form-field">
<label for="first_name" class="form-label">'.$shipping_first_name.'</label>
<input id="first_name" type="text" name="first_name" placeholder="'.$shipping_first_name.'" value="'.htmlspecialchars($identity['first_name'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="last_name" class="form-label">'.$shipping_last_name.'</label>
<input id="last_name" type="text" name="last_name" placeholder="'.$shipping_last_name.'" value="'.htmlspecialchars($identity['last_name'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_street" class="form-label">'.$shipping_address.'</label>
<input id="address_street" type="text" name="address_street" placeholder="'.$shipping_address.'" value="'.htmlspecialchars($identity['address_street'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_city" class="form-label">'.$shipping_city.'</label>
<input id="address_city" type="text" name="address_city" placeholder="'.$shipping_city.'" value="'.htmlspecialchars($identity['address_city'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_state" class="form-label">'.$shipping_state.'</label>
<input id="address_state" type="text" name="address_state" placeholder="'.$shipping_state.'" value="'.htmlspecialchars($identity['address_state'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_zip" class="form-label">'.$shipping_zip.'</label>
<input id="address_zip" type="text" name="address_zip" placeholder="'.$shipping_zip.'" value="'.htmlspecialchars($identity['address_zip'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_phone" class="form-label">'.$shipping_phone.'</label>
<input id="address_phone" type="text" name="address_phone" placeholder="'.$shipping_phone.'" value="'.htmlspecialchars($identity['address_phone'] ?? '', ENT_QUOTES).'" class="form-field">
<label for="address_country" class="form-label">'.$shipping_country.'</label>
<select id="address_country" name="address_country" required class="form-field">';
foreach($countries_in_scope as $key => $value){
$view .= ' <option value="'.$key.'" '.($key==$identity['address_country'] ? ' selected' : '').'>'.(${$value} ?? $value).'</option>';
}
$view .= '
</select>
<input name="save_details" type="submit" value="'.$btn_settings_save.'" class="btn">
</form>
</div>';
}
}
$view .= '</div>';
$view .= template_footer();
//OUTPUT
echo $view;
Reference in New Issue View Git Blame Copy Permalink