error_reporting(E_ALL);
ini_set('error_log', 'error.log');
ini_set('log_errors', 'On');
}
if (defined('DEV_MODE') && DEV_MODE == '1') {
error_reporting(E_ALL);
ini_set('display_errors', 'On');
}
$dbh = mysql_connect(DB_SERVER . ':' . DB_PORT, DB_USERNAME, DB_PASSWORD);
if (!$dbh) {
echo "<h3>Unable to connect to database. Please check details in configuration file.</h3>";
exit;
}
mysql_selectdb(DB_NAME, $dbh);
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION = 'utf8_general_ci'");
$_SESSION['guestMode'] = 0;
if (!isset($bannedUserIPs)) {
$bannedUserIPs = array();
}
$userid = getUserID();
if ($guestsMode && $userid == 0) {
$userid = getGuestID();
}
if (empty($_SESSION['cometchat']['timedifference'])) {
$_SESSION['cometchat']['timedifference'] = 0;
}
if (empty($_SESSION['token'])) {
$_SESSION['token'] = sha1(microtime());
}
error_reporting(E_ALL);
ini_set('error_log', 'error.log');
ini_set('log_errors', 'On');
}
if (defined('DEV_MODE') && DEV_MODE == '1') {
error_reporting(E_ALL);
ini_set('display_errors', 'On');
}
cometchatDBConnect();
if (strpos($_SERVER['REQUEST_URI'], 'install.php') === false) {
cometchatMemcacheConnect();
}
$chromeReorderFix = '_';
if (!empty($_REQUEST['callbackfn']) && ($_REQUEST['callbackfn'] != 'mobileapp' || $_REQUEST['callbackfn'] != 'desktop') && empty($_REQUEST['v3'])) {
$chromeReorderFix = '';
}
if (!isset($bannedUserIPs)) {
$bannedUserIPs = array();
}
$userid = getUserID();
if ($guestsMode && ($userid == 0 || $userid > 10000000)) {
if (empty($noguestlogin) && empty($_SESSION['noguestmode'])) {
$userid = getGuestID($userid);
}
}
if (empty($_SESSION['cometchat']['userid']) || $_SESSION['cometchat']['userid'] != $userid) {
unset($_SESSION['cometchat']);
unset($_SESSION['CCAUTH_SESSION']);
$_SESSION['cometchat']['userid'] = $userid;
setcookie($cookiePrefix . "state", "", time() - 3600, '/');
}
ini_set('log_errors', 'On');
}
if (defined('DEV_MODE') && DEV_MODE == '1') {
error_reporting(E_ALL);
ini_set('display_errors', 'On');
}
cometchatDBConnect();
cometchatMemcacheConnect();
$chromeReorderFix = '_';
if (empty($bannedUserIPs)) {
$bannedUserIPs = array();
}
$userid = getUserID();
if ($guestsMode && $userid == 0 && (empty($_REQUEST['callbackfn']) || $_REQUEST['callbackfn'] != 'mobileapp' && $_REQUEST['callbackfn'] != 'desktop')) {
if (empty($noguestlogin) && empty($_SESSION['noguestmode'])) {
$username = '';
if (!empty($_REQUEST['username'])) {
$username = $_REQUEST['username'];
}
$userid = getGuestID($username);
}
}
if (empty($_SESSION['cometchat']) || empty($_SESSION['cometchat']['user']) || empty($_SESSION['cometchat']['user']['n'])) {
getStatus();
}
if (empty($_SESSION['cometchat']['userid']) || $_SESSION['cometchat']['userid'] != $userid) {
unset($_SESSION['cometchat']);
unset($_SESSION['CCAUTH_SESSION']);
$_SESSION['cometchat']['userid'] = $userid;
setcookie($cookiePrefix . "state", "", time() - 3600, '/');
}
function chatLogin($userName, $userPass)
{
$userid = 0;
global $guestsMode;
if (filter_var($userName, FILTER_VALIDATE_EMAIL)) {
$sql = "SELECT * FROM `" . TABLE_PREFIX . DB_USERTABLE . "` WHERE email = '" . mysqli_real_escape_string($GLOBALS['dbh'], $userName) . "'";
} else {
$sql = "SELECT * FROM `" . TABLE_PREFIX . DB_USERTABLE . "` WHERE " . DB_USERTABLE_NAME . " = '" . mysqli_real_escape_string($GLOBALS['dbh'], $userName) . "'";
}
$result = mysqli_query($GLOBALS['dbh'], $sql);
$row = mysqli_fetch_assoc($result);
if (CAKEPHP_VERSION == '3.x.x') {
$checkpass = 0;
$hash = $row['password'];
if (substr($hash, 0, 4) == '$2a$' || substr($hash, 0, 4) == '$2y$') {
if (substr($hash, 0, 4) == '$2y$') {
$type = '$2y$';
} else {
$type = '$2a$';
}
$hash = $type . substr($hash, 4);
$checkpass = crypt($userPass, $hash) === $hash;
}
if (substr($hash, 0, 3) == '$1$') {
$checkpass = crypt($userPass, $hash) === $hash;
}
if (preg_match('#[a-z0-9]{32}:[A-Za-z0-9]{32}#', $hash) === 1) {
$checkpass = md5($userPass . substr($hash, 33)) == substr($hash, 0, 32);
}
if ($checkpass) {
$userid = $row[DB_USERTABLE_USERID];
}
} else {
if (CAKEPHP_VERSION == '2.x.x') {
$salt = 'fvjhdj8fvn85grg73fbrvfn9fjFGfnhvt758nADG';
/* Add here the string used in security hashing methods from 'app/core.php'. */
/* Add your password validation mechanism here. For eg: salted_password = md5($row['value'].$userPass.$row['salt']);*/
$salted_password = sha1($salt . $userPass);
if ($row['password'] == $salted_password) {
$userid = $row[DB_USERTABLE_USERID];
}
}
}
if (!empty($userName) && !empty($_REQUEST['social_details'])) {
$social_details = json_decode($_REQUEST['social_details']);
$userid = socialLogin($social_details);
}
if (!empty($_REQUEST['guest_login']) && $userPass == "CC^CONTROL_GUEST" && $guestsMode == 1) {
$userid = getGuestID($userName);
}
if (!empty($userid) && isset($_REQUEST['callbackfn']) && $_REQUEST['callbackfn'] == 'mobileapp') {
$sql = "insert into cometchat_status (userid,isdevice) values ('" . mysqli_real_escape_string($GLOBALS['dbh'], $userid) . "','1') on duplicate key update isdevice = '1'";
mysqli_query($GLOBALS['dbh'], $sql);
}
if ($userid && function_exists('mcrypt_encrypt') && defined('ENCRYPT_USERID') && ENCRYPT_USERID == '1') {
$key = "";
if (defined('KEY_A') && defined('KEY_B') && defined('KEY_C')) {
$key = KEY_A . KEY_B . KEY_C;
}
$userid = rawurlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $userid, MCRYPT_MODE_CBC, md5(md5($key)))));
}
return $userid;
}
<?php
include_once "../templates/headerA.php";
?>
<style type="text/css">
<?php
include_once $root . "/templates/stylesheetsIE9.php";
?>
</style>
<?php
include_once "../templates/headerB.php";
?>
<?php
//ist der gast schon angelegt?
$gastID = getGuestID($unterkunft_id, $vorname, $nachname, $email, $link);
if ($gastID == "") {
//gast neu anlegen:
$gastID = insertGuest($unterkunft_id, $anrede, $vorname, $nachname, $strasse, $plz, $ort, $land, $email, $tel, $fax, $anmerkung, $sprache, $link);
}
//reservierung eintragen:
?>
<table border="0" cellspacing="3" cellpadding="0" class="table">
<tr>
<td><span class="standardSchriftBold"><?php
echo getUebersetzung("Danke für Ihre Anfrage!", $sprache, $link);
?>
</span> <p>
<?php
echo getUebersetzung("Der Vermieter wurde über Ihre Reservierungs-Anfrage verständigt, und wird sich mit Ihnen in Verbindung setzen.", $sprache, $link);
?>