3.2.7

core/protected/components/Controller.php

@@ -190,7 +190,7 @@ public function init()
 		$this->buildBootstrap();
 		if(_xls_facebook_login())
 		{
-			$this->getFacebookLogin();
+			$this->setFacebookComponent();
 		}
 
 		if (Yii::app()->params['STORE_OFFLINE'] != '0' || Yii::app()->params['INSTALLED'] != '1')
@@ -544,46 +544,12 @@ protected function getloginDialog() {
 
 	}
 
-	protected function getFacebookLogin()
+	protected function setFacebookComponent()
 	{
-
-		//Facebook integration
 		$fbArray = require(YiiBase::getPathOfAlias('application.config').'/_wsfacebook.php');
 		$fbArray['appId'] = Yii::app()->params['FACEBOOK_APPID'];
 		$fbArray['secret'] = Yii::app()->params['FACEBOOK_SECRET'];
 		Yii::app()->setComponent('facebook', $fbArray);
-
-		if (Yii::app()->user->isGuest)
-		{
-			$userid = Yii::app()->facebook->getUser();
-
-			if ($userid > 0)
-			{
-				$results = Yii::app()->facebook->api('/'.$userid);
-				if(!isset($results['email']))
-				{
-					//we've lost our authentication, user may have revoked
-					Yii::app()->facebook->destroySession();
-					$this->redirect(Yii::app()->createUrl("site/index"));
-				}
-
-				$identity = new FBIdentity($results['email'], $userid); //we user userid in the password field
-				$identity->authenticate();
-				if($identity->errorCode === UserIdentity::ERROR_NONE)
-				{
-					Yii::app()->user->login($identity, 0);
-					$this->redirect(Yii::app()->createUrl("site/index"));
-				}
-			}
-		}
-
-		if(isset(Yii::app()->user->facebook))
-		{
-			if(Yii::app()->user->facebook)
-			{
-				$this->logoutUrl = Yii::app()->facebook->getLogoutUrl();
-			}
-		}
 	}
 
 	public function setReturnUrl()
@@ -700,10 +666,16 @@ public function getMenuTree()
 		{
 			$familyMenu['families_brands_menu'] = array(
 				'text' => CHtml::link(
-					Yii::app()->params['ENABLE_FAMILIES_MENU_LABEL'],
-					$this->createUrl("search/browse", array('brand' => '*'))
+					Yii::t(
+						'category',
+						Yii::app()->params['ENABLE_FAMILIES_MENU_LABEL']
+					),
+					$this->createUrl(
+						"search/browse",
+						array('brand' => '*')
+					)
 				),
-				'label' => Yii::app()->params['ENABLE_FAMILIES_MENU_LABEL'],
+				'label' => Yii::t('category', Yii::app()->params['ENABLE_FAMILIES_MENU_LABEL']),
 				'link' => $this->createUrl("search/browse", array('brand' => '*')),
 				'url' => $this->createUrl("search/browse", array('brand' => '*')),
 				'id' => 0,

core/protected/components/UserIdentity.php

@@ -20,27 +20,39 @@ class UserIdentity extends CUserIdentity
 	 */
 	public function authenticate()
 	{
-
 		$user = $this->getCustomerRecord();
 
-		if (!($user instanceof Customer) || $user->email !== $this->username)
+		if (is_null($user))
 		{
 			$this->errorCode = self::ERROR_USERNAME_INVALID;
-		} elseif ($user->allow_login != Customer::NORMAL_USER && $user->allow_login != Customer::ADMIN_USER) {
+			return false;
+		}
+
+		if ($user->allow_login != Customer::NORMAL_USER && $user->allow_login != Customer::ADMIN_USER)
+		{
 			$this->errorCode = self::ERROR_NOT_APPROVED;
-		} elseif (!$user->authenticate($this->password)) {
+			return false;
+		}
+
+		if ($user->authenticate($this->password))
+		{
+			$this->successfullyLogin($user);
+			return true;
+		}
+		else
+		{
 			//is this an account that was set up via facebook login and doesn't have its own password?
 			if ($user->password == "facebook")
 			{
 				$this->errorCode = self::ERROR_PASSWORD_FACEBOOK;
-			} else {
+			}
+			else
+			{
 				$this->errorCode = self::ERROR_PASSWORD_INVALID;
 			}
-		} else {
-			$this->successfullyLogin($user);
 		}
 
-		return !$this->errorCode;
+		return false;
 	}
 
 	//Note that this is only for backwards compatibility, password is upgraded on login
@@ -69,7 +81,7 @@ public function getIsAdmin()
 
 	protected function getCustomerRecord()
 	{
-		return Customer::model()->findByAttributes(array('email' => $this->username,'record_type' => Customer::REGISTERED));
+		return Customer::model()->findByAttributes(array('email' => $this->username, 'record_type' => Customer::REGISTERED));
 	}
 
 	protected function successfullyLogin($user)
@@ -83,7 +95,9 @@ protected function successfullyLogin($user)
 		if ($user->allow_login == Customer::ADMIN_USER)
 		{
 			$this->setState('role', 'admin');
-		} else {
+		}
+		else
+		{
 			$this->setState('role', 'user');
 		}
 
@@ -103,7 +117,7 @@ protected function successfullyLogin($user)
 
 		if (!$user->save())
 		{
-			Yii::log("ERROR Saving user record ".print_r($user->getErrors(), true), 'error', 'application.'.__CLASS__.".".__FUNCTION__);
+			Yii::log("ERROR Saving user record " . print_r($user->getErrors(), true), 'error', 'application.'.__CLASS__.".".__FUNCTION__);
 		}
 	}
 }

core/protected/components/WsExtension.php

@@ -565,4 +565,14 @@ public function __set($strName, $mixValue) {
 		}
 
 	}
+
+	/**
+	 * Whether the module is allowed to be displayed in admin panel. This is
+	 * overridden for payment modules.
+	 *
+	 * @return bool True if we can display the module. False otherwise.
+	 */
+	public function isDisplayable () {
+		return true;
+	}
 }

core/protected/components/WsWebApplication.php

@@ -13,9 +13,6 @@ class WsWebApplication extends CWebApplication
 		'site/logout',
 		'site/forgotpassword',
 		'site/sendemail',
-		'myaccount/edit',
-		'myaccount/address',
-		'myaccount/resetpassword',
 		'checkout/thankyou',
 	);
 
@@ -34,7 +31,8 @@ class WsWebApplication extends CWebApplication
 	 */
 	private $_arrNeedToSecureControllers = array(
 		'admin',
-		'checkout'
+		'checkout',
+		'myaccount'
 	);
 
 	/**

core/protected/components/helpers.php

@@ -1583,6 +1583,29 @@ function _xls_get_url_resource($filename)
 	return $filename;
 }
 
+
+/**
+ * Convert accented characters into their non-accented equivalent
+ *
+ * @param $str
+ * @return mixed
+ */
+// @codingStandardsIgnoreStart
+function _xls_replaceAccents($str)
+// @codingStandardsIgnoreEnd
+{
+	$search = explode(
+		",",
+		"ç,æ,œ,á,é,í,ó,ú,à,è,ì,ò,ù,ä,ë,ï,ö,ü,ÿ,â,ê,î,ô,û,å,ø,Ø,Å,Á,À,Â,Ä,È,É,Ê,Ë,Í,Î,Ï,Ì,Ò,Ó,Ô,Ö,Ú,Ù,Û,Ü,Ÿ,Ç,Æ,Œ"
+	);
+	$replace = explode(
+		",",
+		"c,ae,oe,a,e,i,o,u,a,e,i,o,u,a,e,i,o,u,y,a,e,i,o,u,a,o,O,A,A,A,A,A,E,E,E,E,I,I,I,I,O,O,O,O,U,U,U,U,Y,C,AE,OE"
+	);
+
+	return str_replace($search, $replace, $str);
+}
+
 /**
  * Do a permanent 301 redirect
  *
@@ -1601,10 +1624,16 @@ function _xls_301($strUrl)
  *
  */
 // @codingStandardsIgnoreStart
-function _xls_404()
+function _xls_404($errorMessage = "The requested page does not exist.")
 // @codingStandardsIgnoreEnd
 {
-	throw new CHttpException(404, 'The requested page does not exist.');
+	throw new CHttpException(
+		404,
+		Yii::t(
+			'application errors',
+			$errorMessage
+		)
+	);
 }
 
 /**
@@ -3158,6 +3187,39 @@ function findWhere($arr, $properties)
 	return null;
 }
 
+/**
+ * Implementation of Underscore.js where.
+ * Looks through the $arr and returns all values that matches all of the
+ * key-value pairs listed in properties.
+ * @param array $arr An array of containing associative arrays.
+ * @param array $properties An associative array of properties to match against
+ * each element in $arr.
+ * @return mixed The matching elements of $arr.
+ */
+function where($arr, $properties)
+{
+	if (is_array($arr) === false && $arr instanceof Traversable === false)
+	{
+		return array();
+	}
+
+	if (is_array($properties) === false)
+	{
+		return array();
+	}
+
+	$results = array();
+	foreach ($arr as $element)
+	{
+		if (sizeof(array_intersect_assoc($element, $properties)) === sizeof($properties))
+		{
+			$results[] = $element;
+		}
+	}
+
+	return $results;
+}
+
 /**
  * This method will take two keys from an array
  * and swap their position in the array.

core/protected/config/wsver.php

@@ -1,5 +1,5 @@
 <?php
 
-define('XLSWS_VERSION', '3.2.6');
-define('XLSWS_VERSIONBUILD', 300200600);
-define('XLSWS_BUILDDATE', 'webstore-2015-04-14-1637');
+define('XLSWS_VERSION', '3.2.7');
+define('XLSWS_VERSIONBUILD', 300200700);
+define('XLSWS_BUILDDATE', 'webstore-2015-05-11-2008');

core/protected/controllers/ApiController.php

@@ -417,5 +417,3 @@ private function _getObjectEncoded($model, $array)
 		}
 	}
 }
-
-

core/protected/controllers/CartController.php

@@ -217,7 +217,7 @@ public function actionReceipt()
 
 		if (!($objCart instanceof Cart))
 		{
-			throw new CHttpException(404, 'The requested page does not exist.');
+			_xls_404();
 		}
 
 		//Try to send e-mails that might still be stuck in the queue.
@@ -497,7 +497,7 @@ public function actionEmail()
 
 				if (!($objCart instanceof Cart))
 				{
-					throw new CHttpException(404,'The requested page does not exist.');
+					_xls_404();
 				}
 
 				if (!Yii::app()->user->isGuest)
@@ -1054,6 +1054,14 @@ public function actionCheckout()
 					return;
 				}
 
+				// to support error messages that occur with Cayan during the createTransaction process
+				// see the extension for more info
+				if (isset($arrPaymentResult['errorMessage']))
+				{
+					Yii::app()->user->setFlash('error', $arrPaymentResult['errorMessage']);
+					$this->redirect($this->createAbsoluteUrl('/cart/checkout'));
+				}
+
 				// If we are this far, we're using an Advanced Payment (or
 				// non-payment like COD) so save the result of the payment
 				// process (may be pass or fail).

core/protected/controllers/CheckoutController.php

@@ -5,6 +5,8 @@
 class CheckoutController extends Controller
 {
 	public $layout;
+	public $divId = 'checkout';
+	public $sectionId = 'confirm';
 
 	const NEWADDRESS = 1;
 	const EDITADDRESS = 2;
@@ -1633,7 +1635,7 @@ public function actionThankyou()
 
 		if ($objCart instanceof Cart === false)
 		{
-			throw new CHttpException(404, 'The requested page does not exist.');
+			_xls_404();
 		}
 
 		// Send any emails we may still have.
@@ -1920,6 +1922,14 @@ public function runPaymentSim()
 			$this->redirect($arrPaymentResult['jump_url']);
 		}
 
+		// to support error messages that occur with Cayan during the createTransaction process
+		// see the extension for more info
+		elseif (isset($arrPaymentResult['errorMessage']))
+		{
+			Yii::app()->user->setFlash('error', $arrPaymentResult['errorMessage']);
+			$this->redirect($this->createAbsoluteUrl('/checkout/confirmation/'));
+		}
+
 		else
 		{
 			// If we are this far then we have a no cc SIM method (COD, Phone Order, Check, etc.)

core/protected/controllers/CommonsslController.php

@@ -136,15 +136,15 @@ public function actionSharedSSLReceive()
 
 		if (!Yii::app()->params['LIGHTSPEED_HOSTING_COMMON_SSL'])
 		{
-			throw new CHttpException(404, 'The requested page does not exist.');
+			_xls_404();
 		}
 
 		//Parse the information we were sent (encrypted) on the command line
 		$strLink = Yii::app()->getRequest()->getQuery('link');
 
 		if (empty($strLink))
 		{
-			throw new CHttpException(404, 'The requested page does not exist.');
+			_xls_404();
 		}
 
 		$link = _xls_decrypt($strLink);