/**
* Stores a new customer account entry in the database
*
* @param array $data An array containing the customers information
* @access public
* @return boolean
*/
public static function createEntry($data)
{
global $lC_Database, $lC_Session, $lC_Language, $lC_ShoppingCart, $lC_Customer, $lC_NavigationHistory;
$Qcustomer = $lC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_firstname', $data['firstname']);
$Qcustomer->bindValue(':customers_lastname', $data['lastname']);
$Qcustomer->bindValue(':customers_email_address', $data['email_address']);
$Qcustomer->bindValue(':customers_newsletter', $data['newsletter']);
$Qcustomer->bindValue(':customers_status', '1');
$Qcustomer->bindValue(':customers_ip_address', lc_get_ip_address());
$Qcustomer->bindValue(':customers_password', lc_encrypt_string($data['password']));
$Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
$Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? @date('Ymd', $data['dob']) : '0000-00-00 00:00:00');
$Qcustomer->bindInt(':number_of_logons', 0);
$Qcustomer->bindRaw(':date_account_created', 'now()');
$Qcustomer->execute();
if ($Qcustomer->affectedRows() === 1) {
$customer_id = $lC_Database->nextID();
if (SERVICE_SESSION_REGENERATE_ID == '1') {
$lC_Session->recreate();
}
$lC_Customer->setCustomerData($customer_id);
// restore cart contents
$lC_ShoppingCart->synchronizeWithDatabase();
$lC_NavigationHistory->removeCurrentPage();
// build the welcome email content
if (ACCOUNT_GENDER > -1 && isset($data['gender'])) {
if ($data['gender'] == 'm') {
$email_text = sprintf($lC_Language->get('email_addressing_gender_male'), $lC_Customer->getLastName()) . "\n\n";
} else {
$email_text = sprintf($lC_Language->get('email_addressing_gender_female'), $lC_Customer->getLastName()) . "\n\n";
}
} else {
$email_text = sprintf($lC_Language->get('email_addressing_gender_unknown'), $lC_Customer->getName()) . "\n\n";
}
$email_text .= sprintf($lC_Language->get('email_create_account_body'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS);
lc_email($lC_Customer->getName(), $lC_Customer->getEmailAddress(), sprintf($lC_Language->get('email_create_account_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
return true;
}
return false;
}
function start()
{
global $lC_Customer, $lC_Database;
if ($lC_Customer->isLoggedOn()) {
$wo_customer_id = $lC_Customer->getID();
$wo_full_name = $lC_Customer->getName();
} else {
$wo_customer_id = '';
$wo_full_name = 'Guest';
if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if (!empty($user_agent)) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (!empty($spider)) {
if (strpos($user_agent, trim($spider)) !== false) {
$wo_full_name = $spider;
break;
}
}
}
}
}
}
$wo_session_id = session_id();
$wo_ip_address = lc_get_ip_address();
$wo_last_page_url = lc_output_string_protected(substr($_SERVER['REQUEST_URI'], 0, 255));
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$Qwhosonline = $lC_Database->query('delete from :table_whos_online where time_last_click < :time_last_click');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindValue(':time_last_click', $xx_mins_ago);
$Qwhosonline->execute();
$Qwhosonline = $lC_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
if ($Qwhosonline->valueInt('count') > 0) {
$Qwhosonline = $lC_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
} else {
$Qwhosonline = $lC_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url)');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_entry', $current_time);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->execute();
}
$Qwhosonline->freeResult();
return true;
}
public function redeem($code, $order_id)
{
global $lC_Database, $lC_Customer;
if ($code == null) {
return false;
}
$cInfo = $this->_getData($code);
if (isset($cInfo['coupons_id']) && empty($cInfo['coupons_id']) === false) {
$Qchk = $lC_Database->query('select id from :table_coupons_redeemed where coupons_id = :coupons_id and order_id = :order_id limit 1)');
$Qchk->bindTable(':table_coupons_redeemed', TABLE_COUPONS_REDEEMED);
$Qchk->bindInt(':coupons_id', $cInfo['coupons_id']);
$Qchk->bindInt(':order_id', $order_id);
$Qchk->execute();
if ($Qchk->numberOfRows() > 0) {
$Qredeemed = $lC_Database->query('update :table_coupons_redeemed set coupons_id = :coupons_id, customers_id = :customers_id, redeem_date = now(), redeem_ip = :redeem_ip, order_id = :order_id where coupons_id = :coupons_id and order_id = :order_id ');
} else {
$Qredeemed = $lC_Database->query('insert into :table_coupons_redeemed (coupons_id, customers_id, redeem_date, redeem_ip, order_id) values (:coupons_id, :customers_id, now(), :redeem_ip, :order_id)');
}
$Qredeemed->bindTable(':table_coupons_redeemed', TABLE_COUPONS_REDEEMED);
$Qredeemed->bindInt(':coupons_id', $cInfo['coupons_id']);
$Qredeemed->bindInt(':customers_id', $lC_Customer->getID());
$Qredeemed->bindValue(':redeem_ip', lc_get_ip_address());
$Qredeemed->bindInt(':order_id', $order_id);
$Qredeemed->execute();
$Qchk->freeResult();
return $Qredeemed->affectedRows() === 1;
}
return false;
}
public function process($order_id, $status_id = '')
{
global $lC_Database, $lC_Customer, $lC_Language, $lC_Currencies, $lC_ShoppingCart, $lC_Coupons, $lC_Tax;
if (empty($status_id) || is_numeric($status_id) === false) {
$status_id = DEFAULT_ORDERS_STATUS_ID;
}
if (isset($_SESSION['cartSync']['orderCreated']) && $_SESSION['cartSync']['orderCreated'] === TRUE) {
if (isset($_SESSION['cartSync']['orderID']) && $_SESSION['cartSync']['orderID'] != NULL) {
$order_id = $_SESSION['cartSync']['orderID'];
}
// update the order info
if ($lC_Customer->getDefaultAddressID() == '') {
$lC_Customer->setCustomerData($lC_Customer->getID());
}
$customer_address = lC_AddressBook::getEntry($lC_Customer->getDefaultAddressID())->toArray();
$Qupdate = $lC_Database->query('update :table_orders set
customers_id = :customers_id,
customers_name = :customers_name,
customers_company = :customers_company,
customers_street_address = :customers_street_address,
customers_suburb = :customers_suburb,
customers_city = :customers_city,
customers_postcode = :customers_postcode,
customers_state = :customers_state,
customers_state_code = :customers_state_code,
customers_country = :customers_country,
customers_country_iso2 = :customers_country_iso2,
customers_country_iso3 = :customers_country_iso3,
customers_telephone = :customers_telephone,
customers_email_address = :customers_email_address,
customers_address_format = :customers_address_format,
customers_ip_address = :customers_ip_address,
delivery_name = :delivery_name,
delivery_company = :delivery_company,
delivery_street_address = :delivery_street_address,
delivery_suburb = :delivery_suburb,
delivery_city = :delivery_city,
delivery_postcode = :delivery_postcode,
delivery_state = :delivery_state,
delivery_state_code = :delivery_state_code,
delivery_country = :delivery_country,
delivery_country_iso2 = :delivery_country_iso2,
delivery_country_iso3 = :delivery_country_iso3,
delivery_address_format = :delivery_address_format,
billing_company = :billing_company,
billing_street_address = :billing_street_address,
billing_suburb = :billing_suburb,
billing_city = :billing_city,
billing_postcode = :billing_postcode,
billing_state = :billing_state,
billing_state_code = :billing_state_code,
billing_country = :billing_country,
billing_country_iso2 = :billing_country_iso2,
billing_country_iso3 = :billing_country_iso3,
billing_address_format = :billing_address_format,
currency = :currency,
currency_value = :currency_value,
orders_status = :orders_status where orders_id = :orders_id');
$Qupdate->bindInt(':customers_id', $lC_Customer->getID());
$Qupdate->bindValue(':customers_name', $lC_Customer->getName());
$Qupdate->bindValue(':customers_company', $customer_address['entry_company']);
$Qupdate->bindValue(':customers_street_address', $customer_address['entry_street_address']);
$Qupdate->bindValue(':customers_suburb', $customer_address['entry_suburb']);
$Qupdate->bindValue(':customers_city', $customer_address['entry_city']);
$Qupdate->bindValue(':customers_postcode', $customer_address['entry_postcode']);
$Qupdate->bindValue(':customers_state', $customer_address['entry_state']);
$Qupdate->bindValue(':customers_state_code', lC_Address::getZoneCode($customer_address['entry_zone_id']));
$Qupdate->bindValue(':customers_country', lC_Address::getCountryName($customer_address['entry_country_id']));
$Qupdate->bindValue(':customers_country_iso2', lC_Address::getCountryIsoCode2($customer_address['entry_country_id']));
$Qupdate->bindValue(':customers_country_iso3', lC_Address::getCountryIsoCode3($customer_address['entry_country_id']));
$Qupdate->bindValue(':customers_telephone', $customer_address['entry_telephone']);
$Qupdate->bindValue(':customers_email_address', $lC_Customer->getEmailAddress());
$Qupdate->bindValue(':customers_address_format', lC_Address::getFormat($customer_address['entry_country_id']));
$Qupdate->bindValue(':customers_ip_address', lc_get_ip_address());
$Qupdate->bindValue(':delivery_name', $lC_ShoppingCart->getShippingAddress('lastname') != NULL ? $lC_ShoppingCart->getShippingAddress('firstname') . ' ' . $lC_ShoppingCart->getShippingAddress('lastname') : $lC_Customer->getName());
$Qupdate->bindValue(':delivery_company', $lC_ShoppingCart->getShippingAddress('company'));
$Qupdate->bindValue(':delivery_street_address', $lC_ShoppingCart->getShippingAddress('street_address'));
$Qupdate->bindValue(':delivery_suburb', $lC_ShoppingCart->getShippingAddress('suburb'));
$Qupdate->bindValue(':delivery_city', $lC_ShoppingCart->getShippingAddress('city'));
$Qupdate->bindValue(':delivery_postcode', $lC_ShoppingCart->getShippingAddress('postcode'));
$Qupdate->bindValue(':delivery_state', $lC_ShoppingCart->getShippingAddress('state'));
$Qupdate->bindValue(':delivery_state_code', $lC_ShoppingCart->getShippingAddress('zone_code'));
$Qupdate->bindValue(':delivery_country', $lC_ShoppingCart->getShippingAddress('country_title'));
$Qupdate->bindValue(':delivery_country_iso2', $lC_ShoppingCart->getShippingAddress('country_iso_code_2'));
$Qupdate->bindValue(':delivery_country_iso3', $lC_ShoppingCart->getShippingAddress('country_iso_code_3'));
$Qupdate->bindValue(':delivery_address_format', $lC_ShoppingCart->getShippingAddress('format'));
$Qupdate->bindValue(':billing_name', $lC_ShoppingCart->getBillingAddress('lastname') != NULL ? $lC_ShoppingCart->getBillingAddress('firstname') . ' ' . $lC_ShoppingCart->getBillingAddress('lastname') : $lC_Customer->getName());
$Qupdate->bindValue(':billing_company', $lC_ShoppingCart->getBillingAddress('company'));
$Qupdate->bindValue(':billing_street_address', $lC_ShoppingCart->getBillingAddress('street_address'));
$Qupdate->bindValue(':billing_suburb', $lC_ShoppingCart->getBillingAddress('suburb'));
$Qupdate->bindValue(':billing_city', $lC_ShoppingCart->getBillingAddress('city'));
$Qupdate->bindValue(':billing_postcode', $lC_ShoppingCart->getBillingAddress('postcode'));
$Qupdate->bindValue(':billing_state', $lC_ShoppingCart->getBillingAddress('state'));
$Qupdate->bindValue(':billing_state_code', $lC_ShoppingCart->getBillingAddress('zone_code'));
$Qupdate->bindValue(':billing_country', $lC_ShoppingCart->getBillingAddress('country_title'));
$Qupdate->bindValue(':billing_country_iso2', $lC_ShoppingCart->getBillingAddress('country_iso_code_2'));
$Qupdate->bindValue(':billing_country_iso3', $lC_ShoppingCart->getBillingAddress('country_iso_code_3'));
$Qupdate->bindValue(':billing_address_format', $lC_ShoppingCart->getBillingAddress('format'));
$Qupdate->bindValue(':currency', $lC_Currencies->getCode());
$Qupdate->bindValue(':currency_value', $lC_Currencies->value($lC_Currencies->getCode()));
$Qpt = $lC_Database->query('delete from :table_orders_total where orders_id = :orders_id');
$Qpt->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qpt->bindInt(':orders_id', $order_id);
$Qpt->execute();
foreach ($lC_ShoppingCart->getOrderTotals() as $module) {
$Qtotals = $lC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)');
$Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotals->bindInt(':orders_id', $order_id);
$Qtotals->bindValue(':title', $module['title']);
$Qtotals->bindValue(':text', strip_tags(str_replace(' ', '', $module['text'])));
$Qtotals->bindValue(':value', $module['value']);
$Qtotals->bindValue(':class', $module['code']);
$Qtotals->bindInt(':sort_order', $module['sort_order']);
$Qtotals->execute();
if (defined('MODULE_SERVICES_INSTALLED') && in_array('coupons', explode(';', MODULE_SERVICES_INSTALLED)) && isset($lC_Coupons)) {
if ($lC_Coupons->is_enabled) {
preg_match('#\\((.*?)\\)#', $module['title'], $match);
$lC_Coupons->redeem($match[1], $order_id);
}
}
}
$Qpd = $lC_Database->query('delete from :table_orders_products where orders_id = :orders_id');
$Qpd->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
$Qpd->bindInt(':orders_id', $order_id);
$Qpd->execute();
foreach ($lC_ShoppingCart->getProducts() as $products) {
$Qproducts = $lC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_sku, products_name, products_price, products_tax, products_quantity, products_simple_options_meta_data) values (:orders_id, :products_id, :products_model, :products_sku, :products_name, :products_price, :products_tax, :products_quantity, :products_simple_options_meta_data)');
$Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
$Qproducts->bindInt(':orders_id', $order_id);
$Qproducts->bindInt(':products_id', lc_get_product_id($products['id']));
$Qproducts->bindValue(':products_model', $products['model']);
$Qproducts->bindValue(':products_sku', $products['sku']);
$Qproducts->bindValue(':products_name', $products['name']);
$Qproducts->bindValue(':products_price', $products['price']);
$Qproducts->bindValue(':products_tax', $lC_Tax->getTaxRate($products['tax_class_id']));
$Qproducts->bindInt(':products_quantity', $products['quantity']);
$Qproducts->bindValue(':products_simple_options_meta_data', serialize($products['simple_options']));
$Qproducts->execute();
$order_products_id = $lC_Database->nextID();
if ($lC_ShoppingCart->isVariant($products['item_id'])) {
foreach ($lC_ShoppingCart->getVariant($products['item_id']) as $variant) {
$Qvariant = $lC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, group_title, value_title) values (:orders_id, :orders_products_id, :group_title, :value_title)');
$Qvariant->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
$Qvariant->bindInt(':orders_id', $insert_id);
$Qvariant->bindInt(':orders_products_id', $order_products_id);
$Qvariant->bindValue(':group_title', $variant['group_title']);
$Qvariant->bindValue(':value_title', $variant['value_title']);
$Qvariant->execute();
}
}
}
} else {
$Qupdate = $lC_Database->query('update :table_orders set orders_status = :orders_status where orders_id = :orders_id');
}
$Qupdate->bindTable(':table_orders', TABLE_ORDERS);
$Qupdate->bindInt(':orders_status', $status_id);
$Qupdate->bindInt(':orders_id', $order_id);
$Qupdate->execute();
$Qstatus = $lC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
$Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
$Qstatus->bindInt(':orders_id', $order_id);
$Qstatus->bindInt(':orders_status_id', $status_id);
$Qstatus->bindInt(':customer_notified', SEND_EMAILS == '1' ? '1' : '0');
$Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : $_POST['comments']);
$Qstatus->execute();
$lC_ShoppingCart->synchronizeWithDatabase();
$Qproducts = $lC_Database->query('select products_id, products_quantity from :table_orders_products where orders_id = :orders_id');
$Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
$Qproducts->bindInt(':orders_id', $order_id);
$Qproducts->execute();
while ($Qproducts->next()) {
if (STOCK_LIMITED == '1') {
/**** still uses logic from the shopping cart class
if (DOWNLOAD_ENABLED == '1') {
$Qstock = $lC_Database->query('select products_quantity, pad.products_attributes_filename from :table_products p left join :table_products_attributes pa on (p.products_id = pa.products_id) left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where p.products_id = :products_id');
$Qstock->bindTable(':table_products', TABLE_PRODUCTS);
$Qstock->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES);
$Qstock->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD);
$Qstock->bindInt(':products_id', $Qproducts->valueInt('products_id'));
// Will work with only one option for downloadable products otherwise, we have to build the query dynamically with a loop
if ($lC_ShoppingCart->hasAttributes($products['id'])) {
$products_attributes = $lC_ShoppingCart->getAttributes($products['id']);
$products_attributes = array_shift($products_attributes);
$Qstock->appendQuery('and pa.options_id = :options_id and pa.options_values_id = :options_values_id');
$Qstock->bindInt(':options_id', $products_attributes['options_id']);
$Qstock->bindInt(':options_values_id', $products_attributes['options_values_id']);
}
} else {
*****/
$Qstock = $lC_Database->query('select products_quantity from :table_products where products_id = :products_id');
$Qstock->bindTable(':table_products', TABLE_PRODUCTS);
$Qstock->bindInt(':products_id', $Qproducts->valueInt('products_id'));
// }
$Qstock->execute();
if ($Qstock->numberOfRows() > 0) {
$stock_left = $Qstock->valueInt('products_quantity');
// do not decrement quantities if products_attributes_filename exists
// if ((DOWNLOAD_ENABLED == '-1') || ((DOWNLOAD_ENABLED == '1') && (strlen($Qstock->value('products_attributes_filename')) < 1))) {
$stock_left = $stock_left - $Qproducts->valueInt('products_quantity');
$Qupdate = $lC_Database->query('update :table_products set products_quantity = :products_quantity where products_id = :products_id');
$Qupdate->bindTable(':table_products', TABLE_PRODUCTS);
$Qupdate->bindInt(':products_quantity', $stock_left);
$Qupdate->bindInt(':products_id', $Qproducts->valueInt('products_id'));
$Qupdate->execute();
// }
if (AUTODISABLE_OUT_OF_STOCK_PRODUCT == '1' && $stock_left < 1) {
$Qupdate = $lC_Database->query('update :table_products set products_status = 0 where products_id = :products_id');
$Qupdate->bindTable(':table_products', TABLE_PRODUCTS);
$Qupdate->bindInt(':products_id', $Qproducts->valueInt('products_id'));
$Qupdate->execute();
}
}
}
// Update products_ordered (for bestsellers list)
$Qupdate = $lC_Database->query('update :table_products set products_ordered = products_ordered + :products_ordered where products_id = :products_id');
$Qupdate->bindTable(':table_products', TABLE_PRODUCTS);
$Qupdate->bindInt(':products_ordered', $Qproducts->valueInt('products_quantity'));
$Qupdate->bindInt(':products_id', $Qproducts->valueInt('products_id'));
$Qupdate->execute();
}
lC_Order::sendEmail($order_id);
$_SESSION['savedOrderID'] = $order_id;
unset($_SESSION['prepOrderID']);
}
function start()
{
global $request_type, $lC_Session, $lC_Vqmod;
include $lC_Vqmod->modCheck('includes/classes/session.php');
$lC_Session = lC_Session::load();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
lc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$lC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (empty($user_agent) === false) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$lC_Session->start();
}
} else {
$lC_Session->start();
}
// verify the ssl_session_id
if ($request_type == 'https' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (isset($_SESSION['SESSION_SSL_ID']) === false) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
$_SESSION['SESSION_IP_ADDRESS'] = lc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != lc_get_ip_address()) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
return true;
}
