Customer Portal now supports viewing of own credentials [#32]
Customer Portal now supports viewing of own credentials [#32]

--- a/Install/index.php
+++ b/Install/index.php
@@ -561,9 +561,9 @@
   KEY `idx_failedips` (`FailedIP`)
 ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;',
 
-'CREATE TABLE CustPortal( `id` INT NOT NULL, `email` TEXT, `pass` TEXT, `active` TINYINT(1), PRIMARY KEY (`id`));',
-'CREATE UNIQUE INDEX idx_portal_logins ON CustPortal(`email`(100));',
-'CREATE INDEX ifdx_active_portal ON wewt_CustPortal(`active`);,'
+'CREATE TABLE #__CustPortal( `id` INT NOT NULL, `email` TEXT, `pass` TEXT, `active` TINYINT(1), PRIMARY KEY (`id`));',
+'CREATE UNIQUE INDEX idx_portal_logins ON #__CustPortal(`email`(100));',
+'CREATE INDEX ifdx_active_portal ON #__CustPortal(`active`);,'
 
 );
 

--- a/lib/Framework/main.php
+++ b/lib/Framework/main.php
@@ -151,10 +151,18 @@
 function buildACLQuery($tbl = false){
 $groups = BTMain::getUser()->groups;
 $tab ='';
-
 if ($tbl){
 $tab = "$tbl.";
 }
+
+
+if (BTMain::getUser()->PortalLogin == '1'){
+return "$tab.cust = '".BTMain::getUser()->PortalID."' ";
+
+}
+
+
+
 
 if (!in_array("-1",$groups)){
 return "$tab`Group`=" . implode(" OR $tab`Group`=",$groups) ;

--- a/lib/Handler.php
+++ b/lib/Handler.php
@@ -21,6 +21,9 @@
 $notifications = new notifications;
 $option = BTMain::getVar('option');
 $auth = new ProgAuth;
+
+$custportalmethods = array("logout","editCred");
+
 
     // See if the user has an active session
     if (BTMain::getsessVar('Session')){
@@ -71,7 +74,10 @@
 
 
 
-
+if ((BTMain::getUser()->PortalLogin == 1) && (!in_array($option,$custportalmethods))){
+$option = 'viewCust';
+BTMain::setVar('id',BTMain::getUser()->PortalID);
+}
 
 
 switch ($option){

--- a/lib/customer.class.php
+++ b/lib/customer.class.php
@@ -67,19 +67,37 @@
 function edit($id,$name,$group,$firstname,$surname,$email){
 
 $db = new CustDB;
+$auth = new ProgAuth;
 
 if (!$db->editCustomer($id,$name,$group,$firstname,$surname,$email)){
 return false;
 }
 
 $db = new AuthDB;
-if ($db->editPortalCustDetails($id,$email)){
-  return true;
-  }else{
-  global $notifications;
-  $notifications->setNotification('CustPortalFail');
+// We add the customer to the portal, even if we won't let them log-in (i.e. the portal is disabled)
+$password = $auth->generatePassword();
+$salt = $auth->createSalt();
+$pass = md5($password.$salt);
 
-  }
+
+
+
+if ($db->addCusttoPortal($id,$email,$pass.":".$salt,1)){
+ 
+
+
+   
+
+    $not->className = 'alert alert-success';
+    $not->text = "The customer has been successfully added to the customer portal and can use the password <i>$password</i> to manage their credentials";
+    // This echo is a temporary thing until I update Notifications
+    echo "<div class='{$not->className}'>{$not->text}</div>";
+    $notifications->setNotification($not);
+    }
+
+  
+
+  
 
 
 

--- a/lib/db/authdb.class.php
+++ b/lib/db/authdb.class.php
@@ -49,28 +49,14 @@
 
 
 
-$sql = "INSERT INTO #__CustPortal VALUES('$id','$email','$pass','$active')";
+$sql = "INSERT INTO #__CustPortal VALUES('$id','$email','$pass','$active') ON DUPLICATE KEY UPDATE `email`='$email'";
 $this->setQuery($sql);
 return $this->runQuery();
 
 }
 
 
-/** Edit the Portal login details for the specified customer - Passwords done seperately
-*
-* @arg id - Customer ID
-* @arg email - Customers login email address
-*
-*/
-function editPortalCustDetails($id,$email){
-$crypt = new Crypto;
-$id = $this->stringEscape($id);
-$email = $this->stringEscape($crypt->encrypt($email,'auth'));
-
-$sql = "UPDATE #__CustPortal SET `email`='$email' WHERE `id`='$id'";
-$this->setQuery($sql);
-return $this->runQuery();
-}
+
 
 
 /** See if a Customer Portal record exists, and return it if it does

--- a/lib/includes/groupSelection.php
+++ b/lib/includes/groupSelection.php
@@ -26,7 +26,20 @@
 
 $groups = $auth->retrieveGroupNames();
 
-if ($multiselect != 1):
+if (BTMain::getUser->PortalLogin() == 1):?>
+
+
+<select name="frmGroup" id="frmGroup" style="display: none;">
+<option value="<?php if (isset($preselect)){ echo $preselect; } else{ echo 0;}?>">nochange</option>
+</select>
+
+</select>
+
+
+<?php else: ?>
+
+
+<?php if ($multiselect != 1):
 ?> 
 <label for="frmGroup">Group</label><select name="frmGroup" id="frmGroup">
 <option value='null'> -- Select Group --</option>
@@ -77,3 +90,5 @@
 ?>
 </fieldset>
 <?php endif;?>
+
+<?php endif; ?>

--- a/views/Customer/view.php
+++ b/views/Customer/view.php
@@ -10,9 +10,10 @@
 global $notifications;
 $custom = new CustDB;
 $custom->connreuse = 1;
+$portallogin = BTMain::getUser()->PortalLogin;
 
 
-
+if ($portallogin != 1){
 // Get the customer details
 $custdetails = $custom->getCustomerDetail(BTMain::getVar('id'));
 
@@ -23,6 +24,8 @@
   return;
 
   }
+
+}
 
 
 // Get credentials
@@ -50,7 +53,7 @@
 
 
 
-
+<?php if ($portallogin != 1): ?>
 <h1>Credentials for <?php echo $customer; ?></h1>
 
 
@@ -60,6 +63,8 @@
 <button id='AddCredBtnTop' onclick="window.location.href='index.php?option=addCred&cust=<?php echo htmlspecialchars(BTMain::getVar('id')); ?>';" class='btn btn-primary'>Add Credential</button>
 
 </div>
+
+<?php endif; ?>
 
 <input type="hidden" id="defaultInterval" value="<?php echo BTMain::getConf()->CredDisplay; ?>">
 <table class='credTbl table table-hover' id='CredsTbl'>
@@ -108,7 +113,7 @@
 </td>
 
   <td class='delicon' onclick="DelCred('<?php echo $customer->id;?>');">
-  <i class="icon-remove"></i>
+  <?php if ($portallogin != 1): ?><i class="icon-remove"></i><?php endif; ?>
   </td>
 
   <td id='CredPluginOutput<?php echo $customer->id;?>' class="CredPluginOutput">
@@ -130,6 +135,8 @@
 <br />
 
 
+<?php if ($portallogin != 1): ?>
+
 <div class='viewButtons'>
 
 <button id='EditCustBtnBottom' onclick="window.location.href='index.php?option=EditCustomer&id=<?php echo htmlspecialchars(BTMain::getVar('id')); ?>';" class='btn btn-primary'>Edit <?php echo Lang::_('Customer');?></button>
@@ -137,3 +144,5 @@
 
 </div>
 
+<?php endif; ?>
+