Beispiel #1
0
     $type = "updateEmail";
 } elseif ($_GET['i'] == 3) {
     $linkTo = "../article/createarticle.php";
     $type = "createArticle";
 } elseif ($_GET['i'] == 4 && isset($_GET['a'])) {
     $articleID = trim(htmlentities($_GET['a'], ENT_QUOTES, "UTF-8"));
     $_SESSION['articleID'] = $articleID;
     $linkTo = "../order/orderarticle.php";
     $type = "order";
 } else {
     header("Location: ../../404.php");
     exit;
 }
 $deleteOldToken = $GLOBALS['DB']->query("DELETE FROM securitytoken WHERE userID = '" . $_SESSION['userID'] . "' ");
 $log = new System\Login(1);
 $security = new System\Security();
 $access = $security->askPassword($_SESSION['userID']);
 if ($access[0]) {
     $_SESSION['securityToken'] = System\Helper::generateRandomToken();
     $userID = $_SESSION['userID'];
     $securityToken = $_SESSION['securityToken'];
     $time = time();
     $writeToken = $GLOBALS['DB']->query("INSERT INTO securitytoken (userID, securityToken, type, time) VALUES ('{$userID}', '{$securityToken}', '{$type}', '{$time}') ");
     if ($writeToken == true) {
         header("Location: {$linkTo}");
         exit;
     }
 } else {
     $info = $access[1];
 }
 System\HTML::printHead();
Beispiel #2
0
    $email = $GLOBALS['DB']->escapeString($email);
    $code = md5($email . time() . System\Helper::generateRandomToken());
    $time = time();
    $result = $GLOBALS['DB']->query("INSERT INTO emailverification (email, verificationCode, time) VALUES ('{$email}', '{$code}', '{$time}') ");
    $link = "http://www.crollect.de/scripts/user/activateemail.php?e=" . $email . "&c=" . $code;
    $subject = "Ihre Bestätigungsmail";
    $message = "Sie brauchen nur noch ihre E-Mail Adresse zu bestätigen. Klicken Sie hierzu bitte auf den folgenden Link: " . $link;
    $from = "From: crollect <*****@*****.**>";
    $mailsended = mail($email, $subject, $message, $from);
    if ($mailsended == true) {
        return true;
    } else {
        return false;
    }
}
$security = new System\Security();
if ($security->verifySecToken($_SESSION['securityToken'], $_SESSION['userID'], "updateEmail")) {
    $helper = new System\Helper();
    $oldEmail = $helper->getUserInfo($_SESSION['userID'], "email");
    if (isset($_POST['updateEmail'])) {
        if (!empty($_POST['email']) && !empty($_POST['email2'])) {
            if ($_POST['email'] == $_POST['email2']) {
                $email = trim(htmlentities($_POST['email'], ENT_QUOTES, "UTF-8"));
                $email = $GLOBALS['DB']->escapeString($email);
                if (emailExist($email)) {
                    $info = "Diese Emailadresse existiert bereits.";
                } else {
                    $userID = $_SESSION['userID'];
                    $time = time();
                    $writeInUpdated = $GLOBALS['DB']->query("INSERT INTO updateddata (userID, oldData, time) VALUES ('{$userID}', '{$oldEmail}', '{$time}') ");
                    if ($writeInUpdated == false) {
Beispiel #3
0
<?php

require_once "../../common.php";
require_once "../classes/class.Order.php";
$log = new System\Login(1);
//ArticleID überhaupt da?
if (isset($_SESSION['articleID'])) {
    $articleID = trim(htmlentities($_SESSION['articleID'], ENT_QUOTES, "UTF-8"));
} else {
    die;
}
//Nur wenn vorher ein richtiges Password im Securitybereich einegeben wurde
$security = new System\Security();
if ($security->verifySecToken($_SESSION['securityToken'], $_SESSION['userID'], "order")) {
    $order = new Order();
    $order->sendOrder($articleID);
    System\HTML::printHead();
    System\HTML::printHeader();
    $adress = new System\Helper();
    if ($adress->getUserInfo($_SESSION['userID'], "street") == "") {
        echo "<div class='container' style='margin-bottom: 250px;'>";
        echo "<div class='row'>";
        echo "<div class='span12' style='margin-bottom:12px;'>";
        echo "<img id='lockimg' src='../../images/adress.png'>";
        echo "<p style='padding-top: 30px;'>Hinterlegen Sie bitte ihre <strong>Adresse.</strong><br>";
        echo "Ohne eine Adresse können Sie auf crollect keine Bestellungen tätigen.</p>";
        echo "<a style='margin-left:5px;' href='../user/updateaddress.php' class='btn btn-primary'>Adresse eingeben</a>";
        echo "</div>";
        echo "</div>";
        echo "</div>";
        System\HTML::printFooter();
Beispiel #4
0
<?php

require_once "../../common.php";
require_once "../classes/class.Article.php";
$log = new System\Login(1);
$security = new System\Security();
if ($security->verifySecToken($_SESSION['securityToken'], $_SESSION['userID'], "createArticle")) {
    $article = new Article();
    $article->saveArticle($_SESSION['userID']);
    System\HTML::printHead();
    System\HTML::printHeader();
    $user = new System\Helper();
    $verifiedAccount = $user->getUserInfo($_SESSION['userID'], "verifiedAccount");
    if ($verifiedAccount == 1) {
        echo "<div class='container' style='margin-bottom: 250px;'>";
        echo "<div class='row'>";
        echo "<div class='span12' style='margin-bottom:12px;'>";
        echo "<img id='lockimg' src='../../images/lock.png'>";
        echo "<p style='padding-top: 30px;'>Sie müssen sich <strong>identifizieren</strong><br>";
        echo "um eine Aktion starten zu können.</p>";
        echo "<a style='margin-left:5px;' href='../account/identverify.php' class='btn btn-primary'>Jetzt identifizieren</a>";
        echo "</div>";
        echo "</div>";
        echo "</div>";
        System\HTML::printFooter();
        System\HTML::printFoot();
        exit;
    }
    ?>

<div role="main" class="main">