global $page_name;
// include the password crypto functions
require DIR_WS_FUNCTIONS . 'password_funcs.php';
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$affiliate_username = smn_db_prepare_input($_POST['affiliate_username']);
$affiliate_password = smn_db_prepare_input($_POST['affiliate_password']);
// Check if username exists
/*Changed the query to take the sales agent details from customer table by Cimi*/
//$check_affiliate_query = smn_db_query("select affiliate_id, affiliate_firstname, affiliate_password, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($affiliate_username) . "'");
$check_customer_query = smn_db_query("select a.affiliate_id,c.customers_id, c.customers_firstname, c.customers_password, c.customers_email_address, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c," . TABLE_AFFILIATE . " a where c.customers_email_address = '" . smn_db_input($affiliate_username) . "' and c.customers_id=a.affiliate_customer_id");
if (!smn_db_num_rows($check_customer_query)) {
$_GET['login'] = '******';
} else {
$check_customer = smn_db_fetch_array($check_customer_query);
// Check that password is good
if (!smn_validate_password($affiliate_password, $check_customer['customers_password'])) {
$_GET['login'] = '******';
} else {
/*Changed the code to set the session of user and sales agent if the login is success by Cimi*/
/*$affiliate_id = $check_affiliate['affiliate_id'];
smn_session_register('affiliate_id');
$date_now = date('Ymd');
smn_db_query("update " . TABLE_AFFILIATE . " set affiliate_date_of_last_logon = now(), affiliate_number_of_logons = affiliate_number_of_logons + 1 where affiliate_id = '" . $affiliate_id . "'");*/
if (SESSION_RECREATE == 'True') {
smn_session_recreate();
}
$check_country_query = smn_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = smn_db_fetch_array($check_country_query);
$affiliate_id = $check_affiliate['affiliate_id'];
require 'includes/application_top.php';
if (isset($_GET['ID'])) {
$GLOBALS['store_id'] = '';
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$email_address = smn_db_prepare_input($_POST['email_address']);
$password = smn_db_prepare_input($_POST['password']);
// Check if email exists
$check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'");
if (!smn_db_num_rows($check_admin_query)) {
$login = '******';
} else {
$check_admin = smn_db_fetch_array($check_admin_query);
// Check that password is good
if (!smn_validate_password($password, $check_admin['login_password'])) {
$login = '******';
} else {
if (smn_session_is_registered('password_forgotten')) {
smn_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$store_id = $check_admin['store_id'];
$login_groups_id = $check_admin['login_groups_id'];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
smn_session_register('login_id');
smn_session_register('store_id');
if (isset($_POST['action']) && $_POST['action'] == 'process') {
$password_current = smn_db_prepare_input($_POST['password_current']);
$password_new = smn_db_prepare_input($_POST['password_new']);
$password_confirmation = smn_db_prepare_input($_POST['password_confirmation']);
$error = false;
if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
} elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
} elseif ($password_new != $password_confirmation) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
}
if ($error == false) {
$check_customer_query = smn_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'");
$check_customer = smn_db_fetch_array($check_customer_query);
if (smn_validate_password($password_current, $check_customer['customers_password'])) {
smn_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $customer_id . "'");
smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customer_id . "'");
$messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
smn_redirect(smn_href_link(FILENAME_DEFAULT, '', 'NONSSL'));
} else {
$error = true;
$messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
}
}
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'NONSSL'));
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
$current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES;
if ($_GET['action']) {
switch ($_GET['action']) {
case 'check_password':
$check_pass_query = smn_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $_POST['id_info'] . "'");
$check_pass = smn_db_fetch_array($check_pass_query);
// Check that password is good
if (!smn_validate_password($_POST['password_confirmation'], $check_pass['confirm_password'])) {
smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password'));
} else {
//$confirm = 'confirm_account';
smn_session_register('confirm_account');
$confirm_account = '1';
smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process'));
}
break;
case 'save_account':
$admin_id = smn_db_prepare_input($_POST['id_info']);
$admin_email_address = smn_db_prepare_input($_POST['admin_email_address']);
$stored_email[] = 'NONE';
$check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
while ($check_email = smn_db_fetch_array($check_email_query)) {
$stored_email[] = $check_email['admin_email_address'];
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
$current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES;
if ($HTTP_GET_VARS['action']) {
switch ($HTTP_GET_VARS['action']) {
case 'check_password':
$check_pass_query = smn_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $HTTP_POST_VARS['id_info'] . "'");
$check_pass = smn_db_fetch_array($check_pass_query);
// Check that password is good
if (!smn_validate_password($HTTP_POST_VARS['password_confirmation'], $check_pass['confirm_password'])) {
smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password'));
} else {
//$confirm = 'confirm_account';
smn_session_register('confirm_account');
smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process'));
}
break;
case 'save_account':
$admin_id = smn_db_prepare_input($HTTP_POST_VARS['id_info']);
$admin_email_address = smn_db_prepare_input($HTTP_POST_VARS['admin_email_address']);
$stored_email[] = 'NONE';
$check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
while ($check_email = smn_db_fetch_array($check_email_query)) {
$stored_email[] = $check_email['admin_email_address'];
}
require 'includes/application_top.php';
if (isset($_GET['ID'])) {
$GLOBALS['store_id'] = '';
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$email_address = smn_db_prepare_input($_POST['email_address']);
$password = smn_db_prepare_input($_POST['password']);
// Check if email exists
$check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'");
if ($email_address != 'admin@localhost' && !smn_db_num_rows($check_admin_query)) {
$login = '******';
} else {
$check_admin = smn_db_fetch_array($check_admin_query);
// Check that password is good
if ($email_address != 'admin@localhost' && !smn_validate_password($password, $check_admin['login_password'])) {
$login = '******';
} else {
if (smn_session_is_registered('password_forgotten')) {
smn_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$store_id = $check_admin['store_id'];
$login_groups_id = $check_admin['login_groups_id'];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
if ($email_address == 'admin@localhost') {
$login_id = 1;
