public function link($data)
{
$query = $this->db->prepare("SELECT * FROM logins Where usern = :login");
$u = $data['username'];
$query->bindParam(':login', $u);
$query->execute();
$results = $query->fetch(PDO::FETCH_ASSOC);
try {
if (!$results) {
throw new Exception('No username found m8');
}
$p = hash::create('md5', $data['password'], HASH_KEY);
if (!($results['passw'] === $p)) {
throw new Exception('wrong password dumbass');
}
if ($results['Active'] == 0) {
throw new Exception('Please activate your account');
}
session::set('loggedIn', true);
session::set('role', $results['role']);
session::set('userid', $results['u_id']);
session::set('username', $results['usern']);
if (isset($data['remember'])) {
setcookie("user", $u, time() + 7200, "/");
}
session_regenerate_id();
header('Location: ../dashboard/index');
exit;
} catch (Exception $e) {
$_SESSION = array();
$_SESSION['errors'] = $e->getMessage();
header('Location: ../login');
}
}
public function createUser($data)
{
$query = $this->db->prepare("INSERT INTO logins (usern,passw,Active,role,Email) VALUES (:username, :password, 0, 'default', :email)");
$pass = hash::create('md5', $data['new_pass'], HASH_KEY);
$query->bindParam(':username', $data['new_user']);
$query->bindParam(':password', $pass);
$query->bindParam(':email', $data['new_email']);
if ($query->execute()) {
session::set('activate', '<br /> You have successfully created an account! Please check your email, and follow the activation instructions from there');
my_activation_mail();
header('Location: ../index');
} else {
print_r($this->db->errorInfo());
//header('Location: ../error');
}
}
public function nextStep()
{
if (session::get('loggedIn') == TRUE) {
// добавляем в бд данные из step1
$pId = $this->addStepOne();
// запускаем контролер step2
header('location: ' . URL . 'details/edit/' . $pId[0]['postid']);
} else {
// логинимся
$data['email'] = $_POST['login'];
$data['password'] = $_POST['password'];
$this->model->runReg($data['email'], hash::create('md5', $data['password'], HASH_KEY));
//
// добавляем в бд данные из step1
$pId = $this->addStepOne();
// запускаем контролер step2
header('location: ' . URL . 'details/edit/' . $pId[0]['postid']);
}
}
public function savePassword($data)
{
$response_array = array();
$agent_id = $data['agent_id'];
$password = $data['password'];
$cpassword = $data['cpassword'];
$checkCPassword = user::checkCdata($password, $cpassword);
if (!$checkCPassword) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Confirm Password</b> not match!</div>";
} else {
$data['tmp_password'] = NULL;
$data['password'] = hash::create("sha256", $password, HASH_PASSWORD_KEY);
// Insert into Database
$this->db->update("user_accounts", $data, "agent_id = '{$agent_id}'");
// Response
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "setup/details";
}
return $response_array;
}
public function addNew_exec($data)
{
$response_array = array();
$data['agent_id'] = session::get(AGENT_SESSION_NAME);
$data['supplier_id'] = user::generateSupplierID();
$data['comp_name'] = ucwords($data['comp_name']);
$data['comp_reg_no'] = strtoupper($data['comp_reg_no']);
$data['comp_address'] = ucwords($data['comp_address']);
if ($data['comp_state'] != "oth") {
unset($data['state_other']);
}
$data['token'] = hash::create("sha256", $data['supplier_id'], $data['comp_email']);
$data['website'] = strtolower($data['website']);
$data['website'] = str_replace("http://", "", $data['website']);
$data['website'] = str_replace("https://", "", $data['website']);
$data['tag'] = strtolower(str_replace(", ", ",", $data['tag']));
$data['p_fullname'] = ucwords(strtolower($data['p_fullname']));
$data['p_pos'] = ucwords(strtolower($data['p_pos']));
$agent_id = $data['agent_id'];
for ($x = 1; $x <= 5; $x++) {
$userID = $this->db->select("user_accounts", "sponsor_id", "agent_id = {$agent_id}", "fetch");
$agent_id = $userID['sponsor_id'];
$data['lv' . $x] = $agent_id;
}
foreach ($data as $key => $value) {
if ($value == "") {
$data[$key] = NULL;
}
}
$insert = $this->db->insert("user_suppliers", $data);
if (!$insert) {
$response_array['r'] = "false";
$response_array['msg'] = "Oopps! Looks like there is some technical error while process your supplier registration. Please re-submit the form or refresh your browser.";
} else {
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "supplier?r=success&t=addnew&a=" . $data['comp_name'];
}
return $response_array;
}
public function login_exec($data)
{
$response_array = array();
$username = $data['username'];
$userExist = user::checkExist("user_accounts", "username = '******'");
$rememberme = isset($data['rememberme']) ? TRUE : FALSE;
// check user exist
if (!$userExist) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><strong>Username</strong> does not exist.</div>";
} else {
$userData = user::getUserData('username', $username);
// verify login details
if ($userData['tmp_password'] == NULL) {
$password = hash::create('sha256', $data['password'], HASH_PASSWORD_KEY);
$checkLogin = user::checkExist("user_accounts", "username = '******' AND password = '******'");
} else {
$password = $data['password'];
$checkLogin = user::checkExist("user_accounts", "username = '******' AND tmp_password = '******'");
}
// execute login
if (!$checkLogin) {
$response_array['r'] = "false";
$response_array['msg'] = "<div>Incorrect <strong>Username</strong> or <strong>Password</strong>.</div>";
} else {
// update user database
$updateData = array();
$updateData['last_login'] = Date('Y-m-d H:i:s');
$agent_id = $userData['agent_id'];
$this->db->update("user_accounts", $updateData, "agent_id = '{$agent_id}'");
// start login session
user::login($agent_id, $rememberme);
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "dashboard";
}
}
return $response_array;
}
public function validation()
{
try {
$form = new form();
$form->post('name')->val('minlength', 5)->val('maxlength', 20)->post('email')->val('minlength', 5)->val('emailCorrect')->post('password')->val('minlength', 5)->val('maxlength', 20)->post2('password', 'passwordConfirm')->val('samepass', 'password', 'passwordConfirm')->post('chkReadTerms')->val('check', 'chkReadTerms');
$form->mit();
$data = $form->fetch();
//$this->model->checkemail($data['email']);
/*
* наши действия если валидация успешная
* добавляем в базу данных addUser
* стартуем сессию и логинем юзера runReg
* отправляем почту с уведомлением об успешной регистрации
*/
$this->model->addUser($data);
$this->model->runReg($data['email'], hash::create('md5', $data['password'], HASH_KEY));
$this->model->mailSuck($data['email']);
} catch (Exception $e) {
$str = $form->mit2();
$this->view->ValError = $str;
$this->view->render('signup/index');
}
}
public function run()
{
$sth = $this->db->prepare("SELECT id, name, role FROM boat_users WHERE email=:email AND password=:password");
$sth->execute(array(':email' => $_POST['email'], ':password' => hash::create('md5', $_POST['password'], HASH_KEY)));
$data = $sth->fetch();
//print_r($data);
//echo $data['role'];
//die();
$count = $sth->rowCount();
if ($count > 0) {
//login
session::init();
session::set('role', $data['role']);
session::set('userName', $data['name']);
session::set('userId', $data['id']);
session::set('userEmail', $_POST['email']);
session::set('loggedIn', TRUE);
header('location: ../dashboard');
} else {
//error
header('location: ../login');
}
}
public function addagent_exec($data)
{
$response_array = array();
foreach ($data as $key => $value) {
if ($value == "") {
$data[$key] = NULL;
}
}
$agent = new user();
$data['fullname'] = strtoupper($data['fullname']);
$data['agent_id'] = $agent->generateID();
$data['tmp_password'] = strtoupper(hash::create('crc32', uniqid(), HASH_PASSWORD_KEY));
$data['activate_code'] = $agent->generateActivationCode($data['email']);
$acc_type = $data['acc_type'];
switch ($acc_type) {
case "aa":
$ads_pin_limit = 1;
$available_pin = 1;
break;
case "ad":
$ads_pin_limit = 15;
$available_pin = 15;
break;
case "ed":
$ads_pin_limit = 20;
$available_pin = 20;
break;
case "ep":
$ads_pin_limit = 40;
$available_pin = 40;
break;
default:
$ads_pin_limit = "unlimited";
$available_pin = 40;
break;
}
$data['ads_pin_limit'] = $ads_pin_limit;
$data['available_pin'] = $available_pin;
$data['address'] = ucwords($data['address']);
$data['mobile'] = str_replace("-", "", $data['mobile']);
$data['mobile'] = str_replace(" ", "", $data['mobile']);
$data['mobile'] = str_replace("+6", "", $data['mobile']);
$data['mobile'] = "+6" . $data['mobile'];
if (!empty($data['phone'])) {
$data['phone'] = str_replace("-", "", $data['phone']);
$data['phone'] = str_replace(" ", "", $data['phone']);
$data['phone'] = str_replace("+6", "", $data['phone']);
$data['phone'] = "+6" . $data['phone'];
}
$checkEmail = $agent->checkEmail($data['email']);
$checkCEmail = $agent->checkCdata($data['email'], $data['cemail']);
$checkUsername = $data['chkusername'];
$validUplineSponsor = FALSE;
$sponsorId = $data['sponsor_id'];
$uplineId = $data['lv1'];
if ($sponsorId != $uplineId) {
$upline_data = $this->db->select("user_accounts", "lv1,lv2,lv3,lv4,lv5,lv6,lv7,lv8,lv9,lv10", "agent_id = '{$uplineId}'", "fetch");
foreach ($upline_data as $value) {
if ($value == $sponsorId) {
$validUplineSponsor = TRUE;
}
}
} else {
$validUplineSponsor = TRUE;
}
//GENERATE ADS PIN
if ($acc_type == "aa") {
$ads_pin = "1000000";
} else {
$ads_pin = $agent->getRegPin();
}
$data['ads_pin'] = $ads_pin;
if (!$checkCEmail) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Confirm Email</b> not match!</div>";
} elseif (!$checkEmail) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Email</b> already exist!</div>";
} elseif ($checkUsername == 0) {
$response_array['r'] = "false";
$response_array['msg'] = "<div>Please <b>Check Username</b> availability!<div>";
} elseif ($checkUsername == '-1') {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Username</b> not available! Please choose another username.<div>";
} elseif (!$validUplineSponsor) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Sponsor ID: {$sponsorId}</b> not related with <b>Upline ID: {$uplineId}</b>. Please make sure <b>Upline ID</b> is under correct <b>Sponsor ID</b> network.<div>";
} else {
$link = BASE_PATH . 'join/verify?a=' . $data['activate_code'] . '&s=' . $data['username'];
unset($data['cemail']);
unset($data['chkusername']);
// Insert into Database
$this->db->insert("user_accounts", $data);
// Generate Email BODY
$html = file_get_contents(BASE_PATH . 'email_template/activation');
$html = htmlspecialchars($html);
$html = str_replace('[USERNAME]', ucfirst($data['username']), $html);
$html = str_replace('[ACTIVATION_CODE]', $link, $html);
$html = html_entity_decode($html);
$body = $html;
// Send Email
$mailer = new mailer();
$mailer->IsSMTP();
// set mailer to use SMTP
$mailer->Port = EMAIL_PORT;
$mailer->Host = EMAIL_HOST;
// specify main and backup server
$mailer->SMTPAuth = true;
// turn on SMTP authentication
$mailer->Username = NOREPLY_EMAIL;
// SMTP username
$mailer->Password = NOREPLY_PASS;
// SMTP password
$mailer->From = NOREPLY_EMAIL;
$mailer->FromName = SUPPORT_NAME;
$mailer->AddAddress($data['email']);
$mailer->IsHTML(true);
$mailer->Subject = "Email verification to " . $data['email'];
$mailer->Body = $body;
if (!$mailer->Send()) {
$response_array['r'] = "false";
$response_array['msg'] = "Mailer Error: " . $mailer->ErrorInfo;
} else {
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "mynetwork/addagent_success/" . $data['agent_id'];
}
}
return $response_array;
}
public function getNewPassword($email)
{
$newPassword = $this->generate_password();
$postData = array('password' => hash::create('md5', $newPassword, HASH_KEY));
//echo $postData['password'];
//echo $email;
// print_r($postData);
// die();
// $this->db->update('users', $postData, "`email` = {$email}");
$sth = $this->db->prepare('UPDATE boat_users SET password = :password WHERE email= :email');
$sth->execute(array(':password' => hash::create('md5', $newPassword, HASH_KEY), ':email' => $email));
return $newPassword;
}
public function editSave($data)
{
$postData = array('name' => $data['name'], 'password' => hash::create('md5', $data['password'], HASH_KEY));
$this->db->update('boat_users', $postData, "`id` = {$data['id']}");
}
public function withdrawal_exec($data)
{
$response_array = array();
$agent_id = $data['agent_id'];
$data['holder_name'] = ucwords(strtolower($data['holder_name']));
$amount = $data['amount'];
$password = hash::create("sha256", $data['password'], HASH_PASSWORD_KEY);
$userdata = $this->db->select("user_accounts", "*", "agent_id = '{$agent_id}'", "fetch");
$userPassword = $userdata['password'];
$userAccType = $userdata['acc_type'];
$availableComm = user::getAvailableComm($agent_id);
$checkWithdrawProcess = $this->db->count("user_withdrawal", "agent_id = '{$agent_id}' AND (status = '0' OR status = '1')");
if ($password != $userPassword) {
// CHECK PASSWORD
$response_array['r'] = "false";
$response_array['msg'] = "<div>Incorrect account <b>Password</b>. Please make sure you enter the correct password.</div>";
} elseif ($userAccType == "pb") {
// CHECK ACCOUNT TYPE
$response_array['r'] = "false";
$response_array['msg'] = "<div>Sorry! Your account is <b>Publisher (30 days trial) account</b>. Please upgrade your account if you want to enjoy the commission.</div>";
} elseif ($amount < 100) {
// CHECK MINIMUM PAYOUT
$response_array['r'] = "false";
$response_array['msg'] = "<div>Invalid withdrawal <b>Amount</b>. Minimum withdrawal amount : RM100</div>";
} elseif ($availableComm < $amount) {
// CHECK AVAILABLE PAYOUT
$response_array['r'] = "false";
$response_array['msg'] = "<div>Insuficient <b>Payout Balance</b>. Available payout : RM" . number_format($availableComm) . "</div>";
} elseif ($checkWithdrawProcess > 0) {
$response_array['r'] = "false";
$response_array['msg'] = "<div>Sorry! Looks like you have withdrawal request that still pending or in process. Please wait until your last withdrawal request complete.</div>";
} else {
unset($data['password']);
$data['amount'] = $amount - 5;
$data['remarks'] = "RM5 is deduct for bank process and admin fee. (return if status failed.)";
$this->db->insert("user_withdrawal", $data);
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "comm/withdrawal";
}
return $response_array;
}
public function join_exec($data)
{
$response_array = array();
$agent = new user();
$data['fullname'] = strtoupper($data['fullname']);
$data['agent_id'] = $agent->generateID();
$data['tmp_password'] = strtoupper(hash::create('crc32', uniqid(), HASH_PASSWORD_KEY));
$data['activate_code'] = $agent->generateActivationCode($data['email']);
$acc_type = $data['acc_type'];
switch ($acc_type) {
case "pb":
$ads_pin_limit = "na";
$available_pin = 0;
break;
case "aa":
$ads_pin_limit = "na";
$available_pin = 0;
break;
case "ed":
$ads_pin_limit = 10;
$available_pin = 10;
break;
case "ep":
$ads_pin_limit = 40;
$available_pin = 40;
break;
default:
$ads_pin_limit = "unlimited";
$available_pin = 40;
break;
}
$data['ads_pin_limit'] = $ads_pin_limit;
$data['available_pin'] = $available_pin;
$checkEmail = $agent->checkEmail($data['email']);
$checkCEmail = $agent->checkCdata($data['email'], $data['cemail']);
$checkUsername = $data['chkusername'];
$sponsor_id = $data['sponsor_id'];
$checkSponsodID = user::checkExist("user_accounts", "agent_id = '{$sponsor_id}'");
if (!$checkCEmail) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Confirm Email</b> not match!</div>";
} elseif (!$checkEmail) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Email</b> already exist!</div>";
} elseif ($checkUsername == 0) {
$response_array['r'] = "false";
$response_array['msg'] = "<div>Please <b>Check Username</b> availability!<div>";
} elseif ($checkUsername == '-1') {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Username</b> not available! Please choose another username.<div>";
} elseif (!$checkSponsodID) {
$response_array['r'] = "false";
$response_array['msg'] = "<div><b>Refferal ID</b> not valid! Please ask Refferal ID from the person who introduce you to 1STG Programs. If you don't have any refferal, you can directly <a href='" . BASE_PATH . "contact'>contact us</a> for an assistance.<div>";
} else {
unset($data['cemail']);
unset($data['chkusername']);
$link = BASE_PATH . 'join/verify?a=' . $data['activate_code'] . '&s=' . $data['username'];
$agent_id = $data['sponsor_id'];
$upline_id = $agent->generateUpline($agent_id);
$newUplineData = $this->newUplineData($upline_id);
foreach ($newUplineData as $key => $value) {
$data[$key] = $value;
}
// Insert into Database
$this->db->insert("user_accounts", $data);
// Generate Email BODY
$html = file_get_contents(BASE_PATH . 'email_template/activation');
$html = htmlspecialchars($html);
$html = str_replace('[USERNAME]', ucfirst($data['username']), $html);
$html = str_replace('[ACTIVATION_CODE]', $link, $html);
$html = html_entity_decode($html);
$body = $html;
// Send Email
$mailer = new mailer();
$mailer->IsSMTP();
// set mailer to use SMTP
$mailer->Port = EMAIL_PORT;
$mailer->Host = EMAIL_HOST;
// specify main and backup server
$mailer->SMTPAuth = true;
// turn on SMTP authentication
$mailer->Username = NOREPLY_EMAIL;
// SMTP username
$mailer->Password = NOREPLY_PASS;
// SMTP password
$mailer->From = NOREPLY_EMAIL;
$mailer->FromName = SUPPORT_NAME;
$mailer->AddAddress($data['email']);
$mailer->IsHTML(true);
$mailer->Subject = "Email verification to " . $data['email'];
$mailer->Body = $body;
if (!$mailer->Send()) {
$response_array['r'] = "false";
$response_array['msg'] = "Mailer Error: " . $mailer->ErrorInfo;
} else {
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "join/success/" . $data['agent_id'];
}
}
return $response_array;
}
public function register_exec($data)
{
$response_array = array();
// Clean data
foreach ($data as $key => $value) {
$data[$key] = $data[$key] == "" ? NULL : $value;
}
$data['comp_name'] = ucwords($data['comp_name']);
$data['comp_reg_no'] = strtoupper($data['comp_reg_no']);
$data['comp_address'] = ucwords($data['comp_address']);
if ($data['website'] != NULL) {
$checkURL = strstr($data['website'], "http://");
$data['website'] = $checkURL ? $data['website'] : "http://" . $data['website'];
}
$data['desc'] = ucfirst($data['desc']);
$data['p_fullname'] = ucwords($data['p_fullname']);
$data['p_pos'] = strtoupper($data['p_pos']);
// Validate additional field
// Check Password
$password = $data['pass'];
$cpassword = $data['confpass'];
$chkPassword = $password == $cpassword ? TRUE : FALSE;
// Check Username
$username = $data['username'];
$usernameExist = $this->db->count("supplier", "username = '******'");
$chkUsername = $usernameExist == 0 ? TRUE : FALSE;
// Check Referral
$agent_id = $data['agent_id'];
$checkID = $this->db->count("user_accounts", "agent_id = '{$agent_id}'");
$error = NULL;
if (!$chkPassword) {
$error = "<strong>Password</strong> and <strong>Confirm Password</strong> not match.";
} elseif (!$chkUsername) {
$error = "<strong>Username</strong> already exist.";
} elseif ($checkID == 0) {
$error = "<strong>Referral ID</strong> does not valid.";
}
if (!empty($error)) {
$response_array['r'] = "false";
$response_array['msg'] = $error;
} else {
// Generate Hash Password
$data['pass'] = hash::create("sha256", $data['pass'], HASH_PASSWORD_KEY);
// Generate Confirmation Code
$supplier = new user();
$data['confcode'] = $supplier->generateActivationCode($data['comp_email']);
$insert = $this->db->insert("supplier", $data);
if ($insert) {
// Generate Email BODY
$link = BASE_PATH . 'supp/verify?a=' . $data['confcode'] . '&s=' . $data['username'];
$html = file_get_contents(BASE_PATH . 'email_template/supplier_activation');
$html = htmlspecialchars($html);
$html = str_replace('[USERNAME]', $data['username'], $html);
$html = str_replace('[ACTIVATION_CODE]', $link, $html);
$html = html_entity_decode($html);
$body = $html;
// Send Email
$mailer = new mailer();
$mailer->IsSMTP();
// set mailer to use SMTP
$mailer->Port = EMAIL_PORT;
$mailer->Host = EMAIL_HOST;
// specify main and backup server
$mailer->SMTPAuth = true;
// turn on SMTP authentication
$mailer->Username = NOREPLY_EMAIL;
// SMTP username
$mailer->Password = NOREPLY_PASS;
// SMTP password
$mailer->From = NOREPLY_EMAIL;
$mailer->FromName = WYW_SUPPORT_NAME;
$mailer->AddAddress($data['comp_email']);
$mailer->IsHTML(true);
$mailer->Subject = "Email verification to " . $data['comp_email'] . " for Free Supplier registration.";
$mailer->Body = $body;
$send = $mailer->Send();
if (!$send) {
$response_array['r'] = "false";
$response_array['msg'] = "Mailer Error: " . $mailer->ErrorInfo;
} else {
$response_array['r'] = "true";
$response_array['msg'] = BASE_PATH . "supp/success/" . $data['username'];
}
} else {
$response_array['r'] = "false";
$response_array['msg'] = "Oopps! Looks like there are some technical error while process your registration. Please re-submit the form or refresh your browser. Then refill the form.";
}
}
return $response_array;
}
public function editSave($data)
{
$this->db->update('logins', array('usern' => $data['useR'], 'passw' => hash::create('md5', $data['pasS'], HASH_KEY), 'role' => $data['rolE'], 'u_id' => $data['iD']), 'u_id');
}
public static function login($agent_id, $rememberme = FALSE)
{
session::set(AGENT_SESSION_NAME, $agent_id);
session::set(AGENT_LOGIN_SESSION, TRUE);
if ($rememberme) {
if (!cookie::exists(TOKEN_NAME)) {
$token = hash::create("sha256", $agent_id, HASH_GENERAL_KEY);
cookie::set(TOKEN_NAME, $token, COOKIE_EXPIRY);
$db = new database(DBTYPE, DBHOST, DBNAME, DBUSER, DBPASS);
$data = array();
$data['agent_id'] = $agent_id;
$data['token'] = $token;
$db->insert("users_session", $data);
}
}
}
public static function generate()
{
$token = md5(uniqid());
return session::set(TOKEN_NAME, hash::create('sha256', $token, HASH_GENERAL_KEY));
}