//print_r($_COOKIE);
include 'includes/SharedFunctionsStrict.php';
//expires cookies after 1/2 hour
$sessionExpire = 60 * 30;
session_set_cookie_params($sessionExpire);
//start new session
session_start();
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = array();
}
$strBin = hex2bin($_COOKIE["AUTH"]);
$strDecrypted = funcDecrypt($strBin);
$strUserID = substr($strDecrypted, 0, strpos($strDecrypted, "&"));
$strExpiry = time() + 600;
$value = funcEncrypt($strUserID . "&" . $strExpiry);
if ($strUserID != "") {
//echo "*" . $strUserID;
setcookie("AUTH", $value, $strExpiry, "/", "shop.scifivault.com", 0);
/* expire in 10 mins */
echo "<meta http-equiv='refresh' content='0;url=/ChooseDelivery.php?strUserID=" . $strUserID . "'>";
exit;
//echo "<meta http-equiv='refresh' content='0;url=/UserLogon.php'>";
//exit;
}
?>
<HTML>
<HEAD>
<TITLE>Welcome to SciFi Vault!</TITLE>
<link rel="stylesheet" href="stylesheets/mainstylesheet.css" type="text/css">
//$value = bin2hex($cookieData);
//echo $_GET["strUserID"] . "<BR>" . $strUserID;
//expires cookies after 1/2 hour
$sessionExpire = 60 * 30;
session_set_cookie_params($sessionExpire);
//start new session
session_start();
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = array();
}
if ($_GET["key"] != "") {
$strBin = hex2bin($_GET["key"]);
$strDecrypted = funcDecrypt($strBin);
$strUserID = substr($strDecrypted, 0, strpos($strDecrypted, "&"));
$strNow = date('Y-m-j H:i:s');
$value = funcEncrypt($strUserID . "&" . $strNow);
//$str = strpos(strDecrypted,"&");
funcLogToDebug("ChooseDelivery3.php: " . $strBin);
funcLogToDebug("ChooseDelivery3.php: " . $strDecrypted);
funcLogToDebug("ChooseDelivery3.php: " . $strUserID);
}
if ($_GET["strUserID"] != $strUserID) {
setcookie("AUTH", "", time() - 600, "/", "shop.scifivault.com", 0);
/* expire in 10 mins ago */
echo "denied. Give it 3 seconds";
echo "<meta http-equiv='refresh' content='3;url=/UserLogon.php'>";
} else {
//echo "<!--\n<b>We have an Auth cookie</b>";
//echo "\n<br>Cookie(auth): " . $_COOKIE["AUTH"];
//now can we decrypt the cookie....
//echo "\n<br>Binary: " . hex2bin($_COOKIE["AUTH"]);
// 送信元メールアドレスの取得
if (eregi("^from:", $line) || eregi("^Return-Path:", $line)) {
$email = getmail($line);
}
}
funcPdoClear($arrNm, $arrVal, $arrType);
$strQuery = "select * from m_member where member_mail=:member_mail";
funcPdoParaSet(":member_mail", $email, PDO::PARAM_STR, $arrNm, $arrVal, $arrType);
if (!($pdo_st = funcPdoExecute($pdo, $strQuery, $arrNm, $arrVal, $arrType))) {
throw new Exception("PDO::error:" . $pdo->errorCode() . ":" . $pdo->errorInfo());
}
$sw_ari = 0;
if ($pdo_st->rowCount() > 0) {
$sw_ari = 1;
}
$enc_email = funcEncrypt($email, ENCRYPTION_KEY);
//メール送信処理
//送られてきたメールに、メール本文に送られてきたメールアドレスを記載して返す
$to = $email;
if ($sw_ari == 0) {
$subject = "相模カンツリー倶楽部会員登録URLのご案内";
$det = <<<EOL
==================================================================
◇◇相模カンツリー倶楽部会員登録URLのご案内◇◇
==================================================================
{$email}様
このたびは相模カンツリー倶楽部会員申込いただき、ありがとうございます。
下記のURLにアクセスし、本登録をお願いいたします。
$strMailUser = funcSanitize($_POST["emailUser"]);
if ($strMailUser == 'on') {
$strMailUser = '******';
} else {
$strMailUser = '******';
}
$strEncFirstName = funcEncrypt($strFirstName);
$strEncSurName = funcEncrypt($strSurName);
$strEncAddressLine1 = funcEncrypt($strAddressLine1);
$strEncAddressLine2 = funcEncrypt($strAddressLine2);
$strEncTown = funcEncrypt($strTown);
$strEncCounty = funcEncrypt($strCounty);
$strEncCountry = funcEncrypt($strCountry);
$strEncPostCode = funcEncrypt($strPostCode);
$strEncDayTimeNo = funcEncrypt($strDayTimeNo);
$strEncMobile = funcEncrypt($strMobile);
//connect to server
$link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error());
//change to correct database
mysql_select_db("sfvault_store") or die("Could not select database");
//Does User Exist
$strUpdateQuery = "UPDATE tbl_UserLogin SET FirstName = '" . $strEncFirstName . "', SurName = '" . $strEncSurName . "',AddressLine1 = '" . $strEncAddressLine1 . "',AddressLine2 = '" . $strEncAddressLine2 . "', Town = '" . $strEncTown . "', County = '" . $strEncCounty . "', Country = '" . $strEncCountry . "', PostCode = '" . $strEncPostCode . "', DayTimeNo = '" . $strEncDayTimeNo . "',Mobile = '" . $strEncMobile . "', EmailAddress = '" . $strEmailAddress . "', MailUser = '******' where UserID = '" . $strUserID . "'";
$strResult = mysql_query($strUpdateQuery) or die("Query Failed:" . mysql_error());
echo "<meta http-equiv='refresh' content='0;url=/UserDetails.php?strUserID=" . $strUserID . "'>";
funcLogtoDebug("addDetails.php: " . $strEmailAddress . " amended their details");
mail($strEmailAddress, "ScifiVault.com, User Amended Details", "\n\n This is a notification mail to make you aware that changes we're made to your account. \n\n If you didn't make these changes please get in touch with us immediately.", "From: webmaster@{$_SERVER['SERVER_NAME']}\r\nBCC:webmaster@{$_SERVER['SERVER_NAME']}\r\n" . "Reply-To: webmaster@{$_SERVER['SERVER_NAME']}\r\n" . "X-Mailer: PHP/" . phpversion());
?>
</HEAD>
</HTML>
$rand_pass2 = implode('', $rand_key2);
//echo $rand_pass;
$strNow = date('Y-m-j H:i:s');
//User Doesn't exist so carry on Adding
//$strAddUserQuery = "INSERT tbl_UserLogin values ('', '" . $strUserName . "', '" . $strEmailAddress. "','" . $strMD5 ."', '" . $rand_pass . " ', '" . $strNow . "', '', '" . $strFirstName . "','" . $strSurName . "','" . $strAddressLine1 . "','" . $strAddressLine2 . "','" . $strTown . "','" . $strCounty. "','". $strCountry . "','" . $strPostCode . "','" . $strDayTimeNo. "','".$strMobile."','','')";
$strAddUserQuery = "INSERT tbl_UserLogin values ('', '" . $strUserName . "', '" . $strEmailAddress . "','" . md5($rand_pass2) . "', '" . $rand_pass . "', '" . $strNow . "', '', '" . $strEncFirstName . "','" . $strEncSurName . "','" . $strEncAddressLine1 . "','" . $strEncAddressLine2 . "','" . $strEncTown . "','" . $strEncCounty . "','" . $strEncCountry . "','" . $strEncPostCode . "','" . $strEncDayTimeNo . "','" . $strEncMobile . "','','1','" . $strEmailUser . "')";
$strAddUserResult = mysql_query($strAddUserQuery) or die("Query Failed:" . mysql_error());
$strMailText = " \nWe've taken the time to register you with us at Sci-Fi Vault. \n\r\nYour account login details are as follows:\r\n\nUsername: "******"\r\nPassword: "******"\r\n\r\nIf you would like to order with us in future, click on the verify link below to complete your registration:\r\n\r\nhttp://shop.scifivault.com/verifyUser.php?UserID=" . $strUserName . "&VerifyKey=" . $rand_pass . "\r\n\r\nYou can change your details at any point by logging in to your account and navigating to the Add/Update User Details section.\n\r\nIf you have any queries in relation to your registration, please contact our Customer Service department at info@scifivault.com";
mail($strEmailAddress, "ScifiVault.com Verification Process *", $strMailText, "From: webmaster@{$_SERVER['SERVER_NAME']}\r\nBCC:webmaster@{$_SERVER['SERVER_NAME']}\r\n" . "Reply-To: webmaster@{$_SERVER['SERVER_NAME']}\r\n" . "X-Mailer: PHP/" . phpversion());
funcLogtoDebug("AddUser2.php: " . $strUserName . " sent partial verification email");
//now forward on to submitOrder...
$strExpiry = time() + 600;
$value = funcEncrypt($strUserName . "&" . $strExpiry);
//echo "<meta http-equiv='refresh' content='0;url=/submitOrder2.php?strUserID=" . $strUserName. "&key=" . $value . "'>";
echo "<meta http-equiv='refresh' content='0;url=/ChooseDelivery3.php?strUserID=" . $strUserName . "&key=" . $value . "'>";
} else {
//User Does exist so end
echo "<meta http-equiv='refresh' content='0;url=/ChooseDelivery2.php?UserExistsError=1'>";
}
//funcDebug ($strUserName);
//funcLogtoDebug ("Authenticate.php: " . $strEmailAddress . " " . $strPassword1);
funcLogtoDebug("AddUser2.php: " . $strEmailAddress . " " . funcEncrypt($strPassword1));
//funcDebug ($strPassword1);
//funcDebug ($strMD5);
?>
</BODY>
</HTML>
<?php
include 'includes/SharedFunctionsStrict.php';
echo funcEncrypt("APV, House Speedwell Road");
//echo bin2hex (funcDecrypt("3247eb2d28fbebef00f9038ba87e0dd8203766a7351ebc3218f9b807e5ecb5d0"));
