function execute()
{
global $lC_Database, $lC_Session, $lC_NavigationHistory, $lC_Customer;
if (!$lC_Customer->isLoggedOn()) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
return false;
}
$id = false;
foreach ($_GET as $key => $value) {
if ((preg_match('/^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$/', $key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) {
$id = $key;
}
break;
}
if ($id !== false && lC_Product::checkEntry($id)) {
$lC_Product = new lC_Product($id);
$Qcheck = $lC_Database->query('select products_id from :table_products_notifications where customers_id = :customers_id and products_id = :products_id limit 1');
$Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->bindInt(':products_id', $lC_Product->getID());
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$Qn = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id and products_id = :products_id');
$Qn->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qn->bindInt(':customers_id', $lC_Customer->getID());
$Qn->bindInt(':products_id', $lC_Product->getID());
$Qn->execute();
}
}
lc_redirect(lc_href_link(basename($_SERVER['SCRIPT_FILENAME']), lc_get_all_get_params(array('action'))));
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Vqmod;
require_once $lC_Vqmod->modCheck('includes/classes/account.php');
$Qcheck = $lC_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1');
$Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() === 1) {
$password = lc_create_random_string(ACCOUNT_PASSWORD);
if (lC_Account::savePassword($password, $Qcheck->valueInt('customers_id'))) {
if (ACCOUNT_GENDER > -1) {
if ($data['gender'] == 'm') {
$email_text = sprintf($lC_Language->get('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
} else {
$email_text = sprintf($lC_Language->get('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
}
} else {
$email_text = sprintf($lC_Language->get('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n";
}
$email_text .= sprintf($lC_Language->get('email_password_reminder_body'), getenv('REMOTE_ADDR'), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS);
lc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf($lC_Language->get('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login&success=' . urlencode($lC_Language->get('success_password_forgotten_sent')), 'SSL'));
} else {
$lC_MessageStack->add('password_forgotten', $lC_Language->get('error_password_forgotten_no_email_address_found'));
}
}
protected function _process()
{
global $lC_Database, $lC_Session, $lC_Language, $lC_ShoppingCart, $lC_MessageStack, $lC_Customer, $lC_NavigationHistory, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/account.php');
if (lC_Account::checkEntry($_POST['email_address'])) {
if (lC_Account::checkPassword($_POST['password'], $_POST['email_address'])) {
if (SERVICE_SESSION_REGENERATE_ID == '1') {
$lC_Session->recreate();
}
$lC_Customer->setCustomerData(lC_Account::getID($_POST['email_address']));
$Qupdate = $lC_Database->query('update :table_customers set date_last_logon = :date_last_logon, number_of_logons = number_of_logons+1 where customers_id = :customers_id');
$Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qupdate->bindRaw(':date_last_logon', 'now()');
$Qupdate->bindInt(':customers_id', $lC_Customer->getID());
$Qupdate->execute();
if ($lC_ShoppingCart->hasContents() === true) {
$lC_ShoppingCart->synchronizeWithDatabase();
}
$lC_NavigationHistory->removeCurrentPage();
lC_Cache::clearAll();
if ($lC_NavigationHistory->hasSnapshot()) {
$lC_NavigationHistory->redirectToSnapshot();
} else {
lc_redirect(lc_href_link(FILENAME_DEFAULT, null, 'AUTO'));
}
} else {
$lC_MessageStack->add('login', $lC_Language->get('error_login_no_match'));
}
} else {
$lC_MessageStack->add('login', $lC_Language->get('error_login_no_match'));
}
}
protected function _process()
{
global $lC_Language, $lC_MessageStack, $lC_Product;
if (empty($_POST['from_name'])) {
$lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_customers_name_empty'));
}
if (!lc_validate_email_address($_POST['from_email_address'])) {
$lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_invalid_customers_email_address'));
}
if (empty($_POST['to_name'])) {
$lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_friends_name_empty'));
}
if (!lc_validate_email_address($_POST['to_email_address'])) {
$lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_invalid_friends_email_address'));
}
if ($lC_MessageStack->size('tell_a_friend') < 1) {
$email_subject = sprintf($lC_Language->get('email_tell_a_friend_subject'), lc_sanitize_string($_POST['from_name']), STORE_NAME);
$email_body = sprintf($lC_Language->get('email_tell_a_friend_intro'), lc_sanitize_string($_POST['to_name']), lc_sanitize_string($_POST['from_name']), $lC_Product->getTitle(), STORE_NAME) . "\n\n";
if (!empty($_POST['message'])) {
$email_body .= lc_sanitize_string($_POST['message']) . "\n\n";
}
$email_body .= sprintf($lC_Language->get('email_tell_a_friend_link'), lc_href_link(HTTP_SERVER . DIR_WS_CATALOG . FILENAME_PRODUCTS, $lC_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf($lC_Language->get('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
lc_email(lc_sanitize_string($_POST['to_name']), lc_sanitize_string($_POST['to_email_address']), $email_subject, $email_body, lc_sanitize_string($_POST['from_name']), lc_sanitize_string($_POST['from_email_address']));
lc_redirect(lc_href_link(FILENAME_PRODUCTS, 'tell_a_friend&' . $lC_Product->getID() . '&success=' . urlencode(sprintf($lC_Language->get('success_tell_a_friend_email_sent'), $lC_Product->getTitle(), lc_output_string_protected($_POST['to_name'])))));
}
}
function execute()
{
global $lC_Session, $lC_ShoppingCart;
if (is_numeric($_GET['item'])) {
$lC_ShoppingCart->remove($_GET['item']);
}
lc_redirect(lc_href_link(FILENAME_CHECKOUT));
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $lC_Vqmod;
require_once $lC_Vqmod->modCheck('includes/classes/account.php');
$data = array();
if (ACCOUNT_GENDER >= 0) {
if (isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f')) {
$data['gender'] = $_POST['gender'];
} else {
$lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_gender_error'));
}
}
if (isset($_POST['firstname']) && strlen(trim($_POST['firstname'])) >= ACCOUNT_FIRST_NAME) {
$data['firstname'] = $_POST['firstname'];
} else {
$lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME));
}
if (isset($_POST['lastname']) && strlen(trim($_POST['lastname'])) >= ACCOUNT_LAST_NAME) {
$data['lastname'] = $_POST['lastname'];
} else {
$lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME));
}
if (ACCOUNT_DATE_OF_BIRTH == '1') {
$dateParts = explode("/", $_POST['dob']);
if (isset($_POST['dob']) && checkdate($dateParts[0], $dateParts[1], $dateParts[2])) {
$data['dob'] = @mktime(0, 0, 0, $dateParts[0], $dateParts[1], $dateParts[2]);
} else {
$lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_date_of_birth_error'));
}
}
if (isset($_POST['email_address']) && strlen(trim($_POST['email_address'])) >= ACCOUNT_EMAIL_ADDRESS) {
if (lc_validate_email_address($_POST['email_address'])) {
if (lC_Account::checkDuplicateEntry($_POST['email_address']) === false) {
$data['email_address'] = $_POST['email_address'];
} else {
$lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_email_address_exists_error'));
}
} else {
$lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_email_address_check_error'));
}
} else {
$lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS));
}
if ($lC_MessageStack->size('account_edit') === 0) {
if (lC_Account::saveEntry($data)) {
// reset the session variables
if (ACCOUNT_GENDER > -1) {
$lC_Customer->setGender($data['gender']);
}
$lC_Customer->setFirstName(trim($data['firstname']));
$lC_Customer->setLastName(trim($data['lastname']));
$lC_Customer->setEmailAddress($data['email_address']);
$lC_MessageStack->add('account', $lC_Language->get('success_account_updated'), 'success');
}
lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL'));
}
}
protected function _process()
{
global $lC_Language, $lC_MessageStack;
$name = lc_sanitize_string($_POST['name']);
$email_address = lc_sanitize_string($_POST['email']);
$inquiry = lc_sanitize_string($_POST['inquiry']);
if (lc_validate_email_address($email_address)) {
lc_email(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $lC_Language->get('contact_email_subject'), $inquiry, $name, $email_address);
lc_redirect(lc_href_link(FILENAME_INFO, 'contact&success=' . urlencode($lC_Language->get('contact_email_sent_successfully')), 'AUTO'));
} else {
$lC_MessageStack->add('contact', $lC_Language->get('field_customer_email_address_check_error'));
}
}
public function __construct()
{
global $lC_Language, $lC_Database, $lC_MessageStack;
if (!isset($_GET['set'])) {
$_GET['set'] = 'members';
}
$action = isset($_GET['gid']) && !empty($_GET['gid']) ? 'edit' : 'insert';
switch ($_GET['set']) {
case 'groups':
$this->_page_title = $lC_Language->get('heading_title_groups');
$this->_page_name = 'groups';
$this->_page_contents = 'groups.php';
if (isset($_GET['process'])) {
$result = array();
switch (strtolower($_GET['process'])) {
case 'edit':
$result = lC_Administrators_Admin::saveGroup($_GET['gid'], $_POST);
break;
default:
$result = lC_Administrators_Admin::saveGroup(NULL, $_POST);
}
if ($result['rpcStatus'] != 1 || $lC_Database->isError()) {
if ($lC_Database->isError()) {
$lC_MessageStack->add($this->_module, $lC_Database->getError(), 'error');
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('ms_error_action_not_performed'), 'error');
}
}
$_SESSION['messageToStack'] = $lC_MessageStack->getAll();
lc_redirect_admin(lc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&set=groups'));
}
break;
case 'access':
if ($action == 'insert' && (int) $_SESSION['admin']['access'][$this->_module] < 2) {
lc_redirect(lc_href_link_admin(FILENAME_DEFAULT, 'error_pages&set=no_access'));
}
if ($action != 'insert' && (int) $_SESSION['admin']['access'][$this->_module] < 3) {
lc_redirect(lc_href_link_admin(FILENAME_DEFAULT, 'error_pages&set=no_access'));
}
$this->_page_title = $action == 'insert' ? $lC_Language->get('heading_title_new_group') : $lC_Language->get('heading_title_edit_group');
$this->_page_name = 'access';
$this->_page_contents = 'access.php';
break;
case 'members':
default:
$this->_page_title = $lC_Language->get('heading_title');
$this->_page_name = 'members';
$this->_page_contents = 'main.php';
break;
}
}
function execute()
{
global $lC_Database, $lC_Session, $lC_NavigationHistory, $lC_Customer;
if (!$lC_Customer->isLoggedOn()) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
return false;
}
$notifications = array();
if (isset($_GET['products']) && !empty($_GET['products'])) {
$products_array = explode(';', $_GET['products']);
foreach ($products_array as $product_id) {
if (is_numeric($product_id) && !in_array($product_id, $notifications)) {
$notifications[] = $product_id;
}
}
} else {
$id = false;
foreach ($_GET as $key => $value) {
if ((preg_match('/^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$/', $key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) {
$id = $key;
}
break;
}
if ($id !== false && lC_Product::checkEntry($id)) {
$lC_Product = new lC_Product($id);
$notifications[] = $lC_Product->getID();
}
}
if (!empty($notifications)) {
foreach ($notifications as $product_id) {
$Qcheck = $lC_Database->query('select products_id from :table_products_notifications where customers_id = :customers_id and products_id = :products_id limit 1');
$Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->bindInt(':products_id', $product_id);
$Qcheck->execute();
if ($Qcheck->numberOfRows() < 1) {
$Qn = $lC_Database->query('insert into :table_products_notifications (products_id, customers_id, date_added) values (:products_id, :customers_id, :date_added)');
$Qn->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qn->bindInt(':products_id', $product_id);
$Qn->bindInt(':customers_id', $lC_Customer->getID());
$Qn->bindRaw(':date_added', 'now()');
$Qn->execute();
}
}
}
lc_redirect(lc_href_link(basename($_SERVER['SCRIPT_FILENAME']), lc_get_all_get_params(array('action'))));
}
function execute()
{
global $lC_Session, $lC_ShoppingCart, $lC_Product, $lC_Language, $lC_Customer;
if (!isset($lC_Product)) {
$id = false;
foreach ($_GET as $key => $value) {
if ((is_numeric($key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) {
$id = $key;
}
break;
}
if ($id !== false && lC_Product::checkEntry($id)) {
$lC_Product = new lC_Product($id);
}
}
if (isset($lC_Product)) {
// VQMOD-hookpoint; DO NOT MODIFY OR REMOVE THE LINE BELOW
$quantity = isset($_POST['quantity']) && !empty($_POST['quantity']) ? (int) $_POST['quantity'] : 1;
if ($lC_Product->hasVariants()) {
if (isset($_POST['variants']) && is_array($_POST['variants']) && !empty($_POST['variants'])) {
if ($lC_Product->variantExists($_POST['variants'])) {
$lC_ShoppingCart->add($lC_Product->getProductVariantID($_POST['variants']), $quantity);
} else {
lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword() . '&error=' . urlencode($lC_Language->get('variant_combo_not_available'))));
return false;
}
} else {
lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword()));
return false;
}
} else {
if (isset($_GET['info']) && $_GET['info'] == '1') {
} else {
if ($lC_Product->hasSubProducts($lC_Product->getID()) || $lC_Product->hasSimpleOptions()) {
lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword()));
}
}
if (isset($_POST['quantity']) && is_array($_POST['quantity'])) {
foreach ($_POST['quantity'] as $product_id => $quantity) {
$lC_ShoppingCart->add((int) $product_id, (int) $quantity);
}
} else {
$lC_ShoppingCart->add($lC_Product->getID(), $quantity);
}
}
}
lc_redirect(lc_href_link(FILENAME_CHECKOUT));
}
function _process()
{
$notify_string = '';
$products_array = isset($_POST['notify']) ? $_POST['notify'] : array();
if (!is_array($products_array)) {
$products_array = array($products_array);
}
$notifications = array();
foreach ($products_array as $product_id) {
if (is_numeric($product_id) && !in_array($product_id, $notifications)) {
$notifications[] = $product_id;
}
}
if (!empty($notifications)) {
$notify_string = 'action=notify_add&products=' . implode(';', $notifications);
}
lc_redirect(lc_href_link(FILENAME_DEFAULT, $notify_string, 'AUTO'));
}
public function lC_Account_Orders()
{
global $lC_Services, $lC_Language, $lC_Customer, $lC_Breadcrumb, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/order.php');
$this->_page_title = $lC_Language->get('orders_heading');
$lC_Language->load('order');
if ($lC_Services->isStarted('breadcrumb')) {
$lC_Breadcrumb->add($lC_Language->get('breadcrumb_my_orders'), lc_href_link(FILENAME_ACCOUNT, $this->_module, 'SSL'));
if (is_numeric($_GET[$this->_module])) {
$lC_Breadcrumb->add(sprintf($lC_Language->get('breadcrumb_order_information'), $_GET[$this->_module]), lc_href_link(FILENAME_ACCOUNT, $this->_module . '=' . $_GET[$this->_module], 'SSL'));
}
}
if (is_numeric($_GET[$this->_module])) {
if (lC_Order::getCustomerID($_GET[$this->_module]) !== $lC_Customer->getID()) {
lc_redirect(lc_href_link(FILENAME_ACCOUNT, $this->_module, 'SSL'));
}
$this->_page_title = sprintf($lC_Language->get('order_information_heading'), $_GET[$this->_module]);
$this->_page_contents = 'account_history_info.php';
}
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $Qnewsletter;
if (isset($_POST['newsletter_general']) && is_numeric($_POST['newsletter_general'])) {
$newsletter_general = $_POST['newsletter_general'];
} else {
$newsletter_general = '0';
}
if ($newsletter_general != $Qnewsletter->valueInt('customers_newsletter')) {
$newsletter_general = $Qnewsletter->value('customers_newsletter') == '1' ? '0' : '1';
$Qupdate = $lC_Database->query('update :table_customers set customers_newsletter = :customers_newsletter where customers_id = :customers_id');
$Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qupdate->bindInt(':customers_newsletter', $newsletter_general);
$Qupdate->bindInt(':customers_id', $lC_Customer->getID());
$Qupdate->execute();
if ($Qupdate->affectedRows() === 1) {
$lC_MessageStack->add('account', $lC_Language->get('success_newsletter_updated'), 'success');
}
}
lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL'));
}
function execute()
{
global $lC_ShoppingCart;
// update cart qty
if (isset($_POST['products']) && is_array($_POST['products']) && !empty($_POST['products'])) {
foreach ($_POST['products'] as $item_id => $quantity) {
if (!is_numeric($item_id) || !is_numeric($quantity)) {
return false;
}
$lC_ShoppingCart->update($item_id, $quantity);
}
}
// remove cart items
if (isset($_POST['delete']) && is_array($_POST['delete']) && !empty($_POST['delete'])) {
foreach ($_POST['delete'] as $item_id => $confirm) {
if (!is_numeric($item_id)) {
return false;
}
$lC_ShoppingCart->remove($item_id);
}
}
lc_redirect(lc_href_link(FILENAME_CHECKOUT));
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Vqmod;
require_once $lC_Vqmod->modCheck('includes/classes/account.php');
if (!isset($_POST['password_current']) || strlen(trim($_POST['password_current'])) < ACCOUNT_PASSWORD) {
$lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_current_error'), ACCOUNT_PASSWORD));
} elseif (!isset($_POST['password_new']) || strlen(trim($_POST['password_new'])) < ACCOUNT_PASSWORD) {
$lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_new_error'), ACCOUNT_PASSWORD));
} elseif (!isset($_POST['password_confirmation']) || trim($_POST['password_new']) != trim($_POST['password_confirmation'])) {
$lC_MessageStack->add('account_password', $lC_Language->get('field_customer_password_new_mismatch_with_confirmation_error'));
}
if ($lC_MessageStack->size('account_password') === 0) {
if (lC_Account::checkPassword(trim($_POST['password_current']))) {
if (lC_Account::savePassword(trim($_POST['password_new']))) {
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'success=' . urlencode($lC_Language->get('success_password_updated')), 'SSL'));
} else {
$lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_new_error'), ACCOUNT_PASSWORD));
}
} else {
$lC_MessageStack->add('account_password', $lC_Language->get('error_current_password_not_matching'));
}
}
}
protected function _delete($id)
{
global $lC_MessageStack, $lC_Language, $lC_Customer;
if ($id != $lC_Customer->getDefaultAddressID()) {
if (lC_AddressBook::deleteEntry($id)) {
$lC_MessageStack->add('address_book', $lC_Language->get('success_address_book_entry_deleted'), 'success');
}
} else {
$lC_MessageStack->add('address_book', $lC_Language->get('warning_primary_address_deletion'), 'warning');
}
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'address_book', 'SSL'));
}
/**
* Verify an existing session ID and create or resume the session if the existing session ID is valid
*
* @access public
* @return boolean
*/
public function start()
{
$sane_session_id = true;
if (isset($_GET[$this->_name]) && (empty($_GET[$this->_name]) || ctype_alnum($_GET[$this->_name]) === false)) {
$sane_session_id = false;
} elseif (isset($_POST[$this->_name]) && (empty($_POST[$this->_name]) || ctype_alnum($_POST[$this->_name]) === false)) {
$sane_session_id = false;
} elseif (isset($_COOKIE[$this->_name]) && (empty($_COOKIE[$this->_name]) || ctype_alnum($_COOKIE[$this->_name]) === false)) {
$sane_session_id = false;
}
if ($sane_session_id === false) {
if (isset($_COOKIE[$this->_name])) {
setcookie($this->_name, '', time() - 42000, $this->getCookieParameters('path'), $this->getCookieParameters('domain'));
}
lc_redirect(lc_href_link(FILENAME_DEFAULT, null, 'NONSSL', false));
} else {
if (isset($_GET['lCsid']) && $_GET['lCsid'] != NULL && isset($_GET['qr']) && $_GET['qr'] == '1') {
$this->_is_started = true;
$this->_id = $_GET['lCsid'];
session_id($_GET['lCsid']);
session_start();
unset($_SESSION['lC_Customer_data']);
$_SESSION['lC_Customer_data']['email_address'] = $_GET['email'];
return true;
} else {
if (isset($_GET['lCAdminID']) && $_GET['lCAdminID'] != NULL) {
$this->_is_started = true;
$this->_id = $_GET['lCAdminID'];
session_id($_GET['lCAdminID']);
session_start();
return true;
} else {
if (session_start()) {
$this->_is_started = true;
$this->_id = session_id();
return true;
}
}
}
}
return false;
}
protected function _process($id)
{
global $lC_Language, $lC_MessageStack, $lC_Customer, $lC_Reviews;
$data = array('products_id' => $id);
if ($lC_Customer->isLoggedOn()) {
$data['customer_id'] = $lC_Customer->getID();
$data['customer_name'] = $lC_Customer->getName();
} else {
$data['customer_id'] = '0';
$data['customer_name'] = $_POST['customer_name'];
}
if (strlen(trim($_POST['review'])) < REVIEW_TEXT_MIN_LENGTH) {
$lC_MessageStack->add('reviews', sprintf($lC_Language->get('js_review_text'), REVIEW_TEXT_MIN_LENGTH));
} else {
$data['review'] = $_POST['review'];
}
if ($_POST['rating'] < 1 || $_POST['rating'] > 5) {
$lC_MessageStack->add('reviews', $lC_Language->get('js_review_rating'));
} else {
$data['rating'] = $_POST['rating'];
}
if ($lC_MessageStack->size('reviews') < 1) {
if ($lC_Reviews->is_moderated === true) {
$data['status'] = '0';
$lC_MessageStack->add('reviews', $lC_Language->get('success_review_moderation'), 'success');
} else {
$data['status'] = '1';
$lC_MessageStack->add('reviews', $lC_Language->get('success_review_new'), 'success');
}
lC_Reviews::saveEntry($data);
lc_redirect(lc_href_link(FILENAME_PRODUCTS, 'reviews&' . $id));
}
}
public function redirectToSnapshot()
{
$target = $this->getSnapshotURL(true);
$this->resetSnapshot();
lc_redirect($target);
}
public function lC_Checkout_Payment()
{
global $lC_Database, $lC_Session, $lC_ShoppingCart, $lC_Customer, $lC_Services, $lC_Language, $lC_NavigationHistory, $lC_Breadcrumb, $lC_Payment, $lC_MessageStack, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/address_book.php');
if ($lC_Customer->isLoggedOn() === false) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
if ($lC_ShoppingCart->hasContents() === false) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL'));
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if ($lC_ShoppingCart->hasShippingMethod() === false) {
if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') {
if (lC_AddressBook::numberOfEntries() < 1) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment_address', 'SSL'));
}
} else {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL'));
}
} else {
if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') {
if (lC_AddressBook::numberOfEntries() < 1) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment_address', 'SSL'));
}
}
}
// Stock Check
if (STOCK_CHECK == '1' && AUTODISABLE_OUT_OF_STOCK_PRODUCT == '1') {
foreach ($lC_ShoppingCart->getProducts() as $products) {
if ($lC_ShoppingCart->isInStock($products['id']) === false) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'SSL'));
break;
}
}
}
$this->_page_title = $lC_Language->get('payment_method_heading');
if ($lC_Services->isStarted('breadcrumb')) {
$lC_Breadcrumb->add($lC_Language->get('breadcrumb_checkout_payment'), lc_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL'));
}
// redirect to the billing address page when no default address exists
if ($lC_Customer->hasDefaultAddress() === false) {
$this->_page_title = $lC_Language->get('payment_address_heading');
$this->_page_contents = 'checkout_payment_address.php';
$this->addJavascriptPhpFilename('templates/' . $this->getCode() . '/javascript/addressBookDetails.js.php');
} else {
// if no billing destination address was selected, use the customers own address as default
if ($lC_ShoppingCart->hasBillingAddress() == false) {
$lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID());
} else {
// verify the selected billing address
$Qcheck = $lC_Database->query('select address_book_id from :table_address_book where address_book_id = :address_book_id and customers_id = :customers_id limit 1');
$Qcheck->bindTable(':table_address_book', TABLE_ADDRESS_BOOK);
$Qcheck->bindInt(':address_book_id', $lC_ShoppingCart->getBillingAddress('id'));
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->execute();
if ($Qcheck->numberOfRows() !== 1) {
$lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID());
$lC_ShoppingCart->resetBillingMethod();
}
}
// load all enabled payment modules
include $lC_Vqmod->modCheck('includes/classes/payment.php');
$lC_Payment = new lC_Payment();
$this->addJavascriptBlock($lC_Payment->getJavascriptBlocks());
}
if (isset($_GET['payment_error'])) {
$lC_MessageStack->add('checkout_payment', urldecode($_GET['payment_error']), 'error');
}
if (isset($_SESSION['messageToStack']) && !empty($_SESSION['messageToStack'])) {
$lC_MessageStack->__construct();
}
// ppec inject
if (isset($_GET['skip']) && $_GET['skip'] == 'no' || isset($_GET['payment_error'])) {
if (isset($_SESSION['SKIP_PAYMENT_PAGE'])) {
unset($_SESSION['SKIP_PAYMENT_PAGE']);
}
if (isset($_SESSION['cartSync'])) {
unset($_SESSION['cartSync']);
}
} else {
if (isset($_SESSION['SKIP_PAYMENT_PAGE']) && $_SESSION['SKIP_PAYMENT_PAGE'] === TRUE) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'confirmation', 'SSL'));
}
}
}
function start()
{
global $request_type, $lC_Session, $lC_Vqmod;
include $lC_Vqmod->modCheck('includes/classes/session.php');
$lC_Session = lC_Session::load();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
lc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$lC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (empty($user_agent) === false) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$lC_Session->start();
}
} else {
$lC_Session->start();
}
// verify the ssl_session_id
if ($request_type == 'https' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (isset($_SESSION['SESSION_SSL_ID']) === false) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
$_SESSION['SESSION_IP_ADDRESS'] = lc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != lc_get_ip_address()) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
return true;
}
protected function _process()
{
global $lC_ShoppingCart, $lC_Shipping, $lC_Vqmod;
require_once $lC_Vqmod->modCheck('includes/classes/address_book.php');
if (!empty($_POST['comments'])) {
$_SESSION['comments'] = lc_sanitize_string($_POST['comments']);
}
// added to carry ship to address as billing address
if (!empty($_POST['shipto_as_billable'])) {
$_SESSION['shipto_as_billable'] = $_POST['shipto_as_billable'];
}
if ($lC_Shipping->hasQuotes()) {
if (isset($_POST['shipping_mod_sel']) && strpos($_POST['shipping_mod_sel'], '_')) {
list($module, $method) = explode('_', $_POST['shipping_mod_sel']);
$module = 'lC_Shipping_' . $module;
if (is_object($GLOBALS[$module]) && $GLOBALS[$module]->isEnabled()) {
$quote = $lC_Shipping->getQuote($_POST['shipping_mod_sel']);
if (isset($quote['error'])) {
$lC_ShoppingCart->resetShippingMethod();
} else {
$lC_ShoppingCart->setShippingMethod($quote);
$_SESSION['SelectedShippingMethodCost'] = $quote['cost'];
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
}
} else {
$lC_ShoppingCart->resetShippingMethod();
}
}
} else {
$lC_ShoppingCart->resetShippingMethod();
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
}
}
/**
@package catalog
@author Loaded Commerce
@copyright Copyright 2003-2014 Loaded Commerce, LLC
@copyright Portions Copyright 2003 osCommerce
@license https://github.com/loadedcommerce/loaded7/blob/master/LICENSE.txt
@version $Id: account.php v1.0 2013-08-08 datazen $
*/
$_SERVER['SCRIPT_FILENAME'] = __FILE__;
require 'includes/application_top.php';
if ($lC_Customer->isLoggedOn() === false) {
if (!empty($_GET)) {
$first_array = array_slice($_GET, 0, 1);
}
if (empty($_GET) || !empty($_GET) && !in_array(lc_sanitize_string(basename(key($first_array))), array('login', 'create', 'password_forgotten'))) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// VQMOD-hookpoint; DO NOT MODIFY OR REMOVE THE LINE BELOW
$lC_Language->load('account');
if ($lC_Services->isStarted('breadcrumb')) {
$lC_Breadcrumb->add($lC_Language->get('breadcrumb_my_account'), lc_href_link(FILENAME_ACCOUNT, null, 'SSL'));
}
$lC_Template = lC_Template::setup('account');
$countries_array = array(array('id' => '', 'text' => $lC_Language->get('pull_down_default')));
foreach (lC_Address::getCountries() as $country) {
$countries_array[] = array('id' => $country['id'], 'text' => $country['name']);
}
require $lC_Vqmod->modCheck('templates/' . $lC_Template->getCode() . '.php');
require $lC_Vqmod->modCheck('includes/application_bottom.php');
$Qupdate->execute();
// Now send the file with header() magic
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/octet-stream");
header("Content-disposition: attachment; filename=" . $Qdownloads->value('orders_products_filename'));
if (DOWNLOAD_BY_REDIRECT == '1') {
// This will work only on Unix/Linux hosts
lc_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC);
$tempdir = lc_random_name();
umask(00);
mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777);
symlink(DIR_FS_DOWNLOAD . $Qdownloads->value('orders_products_filename'), DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $Qdownloads->value('orders_products_filename'));
lc_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $Qdownloads->value('orders_products_filename'));
} else {
// This will work on all systems, but will need considerable resources
// We could also loop with fread($fp, 4096) to save memory
readfile(DIR_FS_DOWNLOAD . $Qdownloads->value('orders_products_filename'));
}
/*
* Returns a random name, 16 to 20 characters long
*
* @access public
* @return string
*/
function lc_random_name()
{
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
protected function _process()
{
global $lC_Database, $lC_Session, $lC_Language, $lC_ShoppingCart, $lC_Customer, $lC_MessageStack, $lC_Vqmod;
require_once $lC_Vqmod->modCheck('includes/classes/address_book.php');
// process a new billing address
if ($lC_Customer->hasDefaultAddress() === false || !empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['street_address'])) {
if (ACCOUNT_GENDER > 0) {
if (!isset($_POST['gender']) || $_POST['gender'] != 'm' && $_POST['gender'] != 'f') {
$lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_gender_error'));
}
}
if (!isset($_POST['firstname']) || strlen(trim($_POST['firstname'])) < ACCOUNT_FIRST_NAME) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME));
}
if (!isset($_POST['lastname']) || strlen(trim($_POST['lastname'])) < ACCOUNT_LAST_NAME) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME));
}
if (ACCOUNT_COMPANY > 0) {
if (!isset($_POST['company']) || strlen(trim($_POST['company'])) < ACCOUNT_COMPANY) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_company_error'), ACCOUNT_COMPANY));
}
}
if (!isset($_POST['street_address']) || strlen(trim($_POST['street_address'])) < ACCOUNT_STREET_ADDRESS) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_street_address_error'), ACCOUNT_STREET_ADDRESS));
}
if (ACCOUNT_SUBURB > 0) {
if (!isset($_POST['suburb']) || strlen(trim($_POST['suburb'])) < ACCOUNT_SUBURB) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_suburb_error'), ACCOUNT_SUBURB));
}
}
if (ACCOUNT_POST_CODE > 0) {
if (!isset($_POST['postcode']) || strlen(trim($_POST['postcode'])) < ACCOUNT_POST_CODE) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_post_code_error'), ACCOUNT_POST_CODE));
}
}
if (!isset($_POST['city']) || strlen(trim($_POST['city'])) < ACCOUNT_CITY) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_city_error'), ACCOUNT_CITY));
}
if (ACCOUNT_STATE > 0) {
$zone_id = 0;
$Qcheck = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id limit 1');
$Qcheck->bindTable(':table_zones', TABLE_ZONES);
$Qcheck->bindInt(':zone_country_id', $_POST['country']);
$Qcheck->execute();
$entry_state_has_zones = $Qcheck->numberOfRows() > 0;
$Qcheck->freeResult();
if ($entry_state_has_zones === true) {
$Qzone = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id and zone_code = :zone_code');
$Qzone->bindTable(':table_zones', TABLE_ZONES);
$Qzone->bindInt(':zone_country_id', $_POST['country']);
$Qzone->bindValue(':zone_code', $_POST['state']);
$Qzone->execute();
if ($Qzone->numberOfRows() === 1) {
$zone_id = $Qzone->valueInt('zone_id');
} else {
$Qzone = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id and zone_name = :zone_name');
$Qzone->bindTable(':table_zones', TABLE_ZONES);
$Qzone->bindInt(':zone_country_id', $_POST['country']);
$Qzone->bindValue(':zone_name', $_POST['state']);
$Qzone->execute();
if ($Qzone->numberOfRows() === 1) {
$zone_id = $Qzone->valueInt('zone_id');
} else {
$lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_state_select_pull_down_error'));
}
}
$Qzone->freeResult();
} else {
if (strlen(trim($_POST['state'])) < ACCOUNT_STATE) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_state_error'), ACCOUNT_STATE));
}
}
}
if (is_numeric($_POST['country']) === false || $_POST['country'] < 1) {
$lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_country_error'));
}
if (ACCOUNT_TELEPHONE > 0) {
if (!isset($_POST['telephone']) || strlen(trim($_POST['telephone'])) < ACCOUNT_TELEPHONE) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_telephone_number_error'), ACCOUNT_TELEPHONE));
}
}
if (ACCOUNT_FAX > 0) {
if (!isset($_POST['fax']) || strlen(trim($_POST['fax'])) < ACCOUNT_FAX) {
$lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_fax_number_error'), ACCOUNT_FAX));
}
}
if ($lC_MessageStack->size('checkout_address') === 0) {
$Qab = $lC_Database->query('insert into :table_address_book (customers_id, entry_gender, entry_company, entry_firstname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_country_id, entry_zone_id, entry_telephone, entry_fax) values (:customers_id, :entry_gender, :entry_company, :entry_firstname, :entry_lastname, :entry_street_address, :entry_suburb, :entry_postcode, :entry_city, :entry_state, :entry_country_id, :entry_zone_id, :entry_telephone, :entry_fax)');
$Qab->bindTable(':table_address_book', TABLE_ADDRESS_BOOK);
$Qab->bindInt(':customers_id', $lC_Customer->getID());
$Qab->bindValue(':entry_gender', ACCOUNT_GENDER > -1 && isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f') ? $_POST['gender'] : '');
$Qab->bindValue(':entry_company', ACCOUNT_COMPANY > -1 ? trim($_POST['company']) : '');
$Qab->bindValue(':entry_firstname', trim($_POST['firstname']));
$Qab->bindValue(':entry_lastname', trim($_POST['lastname']));
$Qab->bindValue(':entry_street_address', trim($_POST['street_address']));
$Qab->bindValue(':entry_suburb', ACCOUNT_SUBURB > -1 ? trim($_POST['suburb']) : '');
$Qab->bindValue(':entry_postcode', ACCOUNT_POST_CODE > -1 ? trim($_POST['postcode']) : '');
$Qab->bindValue(':entry_city', trim($_POST['city']));
$Qab->bindValue(':entry_state', ACCOUNT_STATE > -1 ? $zone_id > 0 ? '' : $_POST['state'] : '');
$Qab->bindInt(':entry_country_id', $_POST['country']);
$Qab->bindInt(':entry_zone_id', ACCOUNT_STATE > -1 ? $zone_id > 0 ? $zone_id : 0 : '');
$Qab->bindValue(':entry_telephone', ACCOUNT_TELEPHONE > -1 ? trim($_POST['telephone']) : '');
$Qab->bindValue(':entry_fax', ACCOUNT_FAX > -1 ? trim($_POST['fax']) : '');
$Qab->execute();
if ($Qab->affectedRows() === 1) {
$address_book_id = $lC_Database->nextID();
if ($lC_Customer->hasDefaultAddress() === false) {
$Qcustomer = $lC_Database->query('update :table_customers set customers_default_address_id = :customers_default_address_id where customers_id = :customers_id');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindInt(':customers_default_address_id', $address_book_id);
$Qcustomer->bindInt(':customers_id', $lC_Customer->getID());
$Qcustomer->execute();
$lC_Customer->setCountryID($_POST['country']);
$lC_Customer->setZoneID($zone_id);
$lC_Customer->setDefaultAddressID($address_book_id);
}
$lC_ShoppingCart->setBillingAddress($address_book_id);
//$lC_ShoppingCart->resetBillingMethod();
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
} else {
$lC_MessageStack->add('checkout_address', 'Error inserting into address book table.');
}
}
// process the selected billing destination
} elseif (isset($_POST['address'])) {
$reset_payment = false;
if ($lC_ShoppingCart->hasBillingAddress()) {
if ($lC_ShoppingCart->getBillingAddress('id') != $_POST['address']) {
if ($lC_ShoppingCart->hasBillingMethod()) {
$reset_payment = true;
}
}
}
$lC_ShoppingCart->setBillingAddress($_POST['address']);
$Qcheck = $lC_Database->query('select address_book_id from :table_address_book where address_book_id = :address_book_id and customers_id = :customers_id limit 1');
$Qcheck->bindTable(':table_address_book', TABLE_ADDRESS_BOOK);
$Qcheck->bindInt(':address_book_id', $lC_ShoppingCart->getBillingAddress('id'));
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->execute();
if ($Qcheck->numberOfRows() === 1) {
if ($reset_payment === true) {
$lC_ShoppingCart->resetBillingMethod();
}
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
} else {
$lC_ShoppingCart->resetBillingAddress();
}
// no addresses to select from - customer decided to keep the current assigned address
} else {
$lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID());
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
}
}
public function __construct()
{
global $lC_Language, $lC_MessageStack;
parent::__construct();
if (isset($_GET['filename'])) {
$filename = $_GET['filename'];
// Now send the file with header() magic
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/octet-stream");
header("Content-disposition: attachment; filename=" . $filename);
if (DOWNLOAD_BY_REDIRECT == '1') {
// This will work only on Unix/Linux hosts
lc_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC);
$tempdir = lc_random_name();
umask(00);
mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777);
symlink(DIR_FS_DOWNLOAD . $filename, DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $filename);
lc_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $filename);
} else {
// This will work on all systems, but will need considerable resources
// We could also loop with fread($fp, 4096) to save memory
readfile(DIR_FS_DOWNLOAD . $filename);
}
die;
}
/*
* Returns a random name, 16 to 20 characters long
*
* @access public
* @return string
*/
function lc_random_name()
{
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
$length = floor(lc_rand(16, 20));
for ($i = 1; $i <= $length; $i++) {
$q = floor(lc_rand(1, 26));
$dirname .= $letters[$q];
}
return $dirname;
}
/*
* Unlinks all subdirectories and files in $dir (non-recursive)
*
* @param string $dir The parent directory
* @access public
* @return void
*/
function lc_unlink_temp_dir($dir)
{
$h1 = opendir($dir);
while ($subdir = readdir($h1)) {
// Ignore non directories
if (!is_dir($dir . $subdir)) {
continue;
}
// Ignore . and .. and CVS
if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') {
continue;
}
// Loop and unlink files in subdirectory
$h2 = opendir($dir . $subdir);
while ($file = readdir($h2)) {
if ($file == '.' || $file == '..') {
continue;
}
@unlink($dir . $subdir . '/' . $file);
}
closedir($h2);
@rmdir($dir . $subdir);
}
closedir($h1);
}
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $Qglobal;
$updated = false;
if (isset($_POST['product_global']) && is_numeric($_POST['product_global'])) {
$product_global = $_POST['product_global'];
} else {
$product_global = '0';
}
if (isset($_POST['products'])) {
(array) ($products = $_POST['products']);
} else {
$products = array();
}
if ($product_global != $Qglobal->valueInt('global_product_notifications')) {
$product_global = $Qglobal->valueInt('global_product_notifications') == '1' ? '0' : '1';
$Qupdate = $lC_Database->query('update :table_customers set global_product_notifications = :global_product_notifications where customers_id = :customers_id');
$Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qupdate->bindInt(':global_product_notifications', $product_global);
$Qupdate->bindInt(':customers_id', $lC_Customer->getID());
$Qupdate->execute();
if ($Qupdate->affectedRows() == 1) {
$updated = true;
}
} elseif (sizeof($products) > 0) {
$products_parsed = array_filter($products, 'is_numeric');
if (sizeof($products_parsed) > 0) {
$Qcheck = $lC_Database->query('select count(*) as total from :table_products_notifications where customers_id = :customers_id and products_id not in :products_id');
$Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->bindRaw(':products_id', '(' . implode(',', $products_parsed) . ')');
$Qcheck->execute();
if ($Qcheck->valueInt('total') > 0) {
$Qdelete = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id and products_id not in :products_id');
$Qdelete->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qdelete->bindInt(':customers_id', $lC_Customer->getID());
$Qdelete->bindRaw(':products_id', '(' . implode(',', $products_parsed) . ')');
$Qdelete->execute();
if ($Qdelete->affectedRows() > 0) {
$updated = true;
}
}
}
} else {
$Qcheck = $lC_Database->query('select count(*) as total from :table_products_notifications where customers_id = :customers_id');
$Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qcheck->bindInt(':customers_id', $lC_Customer->getID());
$Qcheck->execute();
if ($Qcheck->valueInt('total') > 0) {
$Qdelete = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id');
$Qdelete->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS);
$Qdelete->bindInt(':customers_id', $lC_Customer->getID());
$Qdelete->execute();
if ($Qdelete->affectedRows() > 0) {
$updated = true;
}
}
}
if ($updated === true) {
$lC_MessageStack->add('account', $lC_Language->get('success_notifications_updated'), 'success');
}
lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL'));
}
protected function _process()
{
global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/account.php');
$data = array();
if (DISPLAY_PRIVACY_CONDITIONS == '1') {
if (isset($_POST['privacy_conditions']) && ($_POST['privacy_conditions'] == '1' || $_POST['privacy_conditions'] == 'on')) {
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('error_privacy_statement_not_accepted'));
}
}
if (ACCOUNT_GENDER >= 0) {
if (isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f')) {
$data['gender'] = $_POST['gender'];
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_gender_error'));
}
}
if (isset($_POST['firstname']) && strlen(trim($_POST['firstname'])) >= ACCOUNT_FIRST_NAME) {
$data['firstname'] = $_POST['firstname'];
} else {
$lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME));
}
if (isset($_POST['lastname']) && strlen(trim($_POST['lastname'])) >= ACCOUNT_LAST_NAME) {
$data['lastname'] = $_POST['lastname'];
} else {
$lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME));
}
if (isset($_POST['newsletter']) && $_POST['newsletter'] == '1') {
$data['newsletter'] = 1;
} else {
$data['newsletter'] = '';
}
if (ACCOUNT_DATE_OF_BIRTH == '1') {
if (isset($_POST['dob']) && $_POST['dob'] != NULL) {
$dateParts = explode("/", $_POST['dob']);
} else {
$dateParts = array($_POST['dob_days'], $_POST['dob_months'], $_POST['dob_years']);
}
if (isset($dateParts[1]) && isset($dateParts[0]) && isset($dateParts[2]) && checkdate($dateParts[0], $dateParts[1], $dateParts[2])) {
$data['dob'] = @mktime(0, 0, 0, $dateParts[0], $dateParts[1], $dateParts[2]);
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_date_of_birth_error'));
}
}
if (isset($_POST['email_address']) && strlen(trim($_POST['email_address'])) >= ACCOUNT_EMAIL_ADDRESS) {
if (lc_validate_email_address($_POST['email_address'])) {
if (lC_Account::checkDuplicateEntry($_POST['email_address']) === false) {
$data['email_address'] = $_POST['email_address'];
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_email_address_exists_error'));
}
} else {
$lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_email_address_check_error'));
}
} else {
$lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS));
}
if (isset($_POST['password']) === false || isset($_POST['password']) && strlen(trim($_POST['password'])) < ACCOUNT_PASSWORD) {
$lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_password_error'), ACCOUNT_PASSWORD));
} elseif (isset($_POST['confirmation']) === false || isset($_POST['confirmation']) && trim($_POST['password']) != trim($_POST['confirmation'])) {
$lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_password_mismatch_with_confirmation'));
} else {
$data['password'] = $_POST['password'];
}
if ($lC_MessageStack->size($this->_module) === 0) {
if (lC_Account::createEntry($data)) {
$lC_MessageStack->add('create', $lC_Language->get('success_account_updated'), 'success');
}
// added to redirect to keep customer in checkout stream
foreach ($_SESSION['lC_NavigationHistory_data'] as $data) {
foreach ($data as $page) {
foreach ($page as $key => $value) {
if ($key == 'shipping') {
$checkout = true;
}
}
}
}
if ($checkout == true) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping&account_created=true', 'SSL'));
} else {
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'create=success', 'SSL'));
}
}
}
public function lC_Checkout_Confirmation()
{
global $lC_Session, $lC_Services, $lC_Language, $lC_ShoppingCart, $lC_Customer, $lC_MessageStack, $lC_NavigationHistory, $lC_Breadcrumb, $lC_Payment, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/address_book.php');
if ($lC_Customer->isLoggedOn() === false) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
if ($lC_ShoppingCart->hasContents() === false) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL'));
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if ($lC_ShoppingCart->hasShippingAddress() == false) {
if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') {
} else {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL'));
}
}
include $lC_Vqmod->modCheck('includes/classes/order.php');
$this->_page_title = $lC_Language->get('confirmation_heading');
$lC_Language->load('order');
if ($lC_Services->isStarted('breadcrumb')) {
$lC_Breadcrumb->add($lC_Language->get('breadcrumb_checkout_confirmation'), lc_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL'));
}
// added due to bootstrap not having order comments before confirmation page
$_POST['comments'] = $_POST['comments'];
////////////////////////////////////////////
if (isset($_POST['comments']) && isset($_SESSION['comments']) && empty($_POST['comments'])) {
unset($_SESSION['comments']);
} elseif (!empty($_POST['comments'])) {
$_SESSION['comments'] = lc_sanitize_string($_POST['comments']);
}
if (isset($_POST['po_number']) && isset($_SESSION['po_number']) && empty($_POST['po_number'])) {
unset($_SESSION['po_number']);
} elseif (!empty($_POST['po_number'])) {
$_SESSION['po_number'] = lc_sanitize_string($_POST['po_number']);
}
// added for payment terms
if (isset($_POST['payment_terms']) && empty($_POST['payment_terms']) === false) {
$_SESSION['payment_terms'] = $_POST['payment_terms'];
}
// load the selected payment module
include $lC_Vqmod->modCheck('includes/classes/payment.php');
$lC_Payment = new lC_Payment(isset($_POST['payment_method']) ? $_POST['payment_method'] : $lC_ShoppingCart->getBillingMethod('id'));
if (isset($_POST['payment_method'])) {
$lC_ShoppingCart->setBillingMethod(array('id' => $_POST['payment_method'], 'title' => $GLOBALS['lC_Payment_' . $_POST['payment_method']]->getMethodTitle()));
}
if ($lC_Payment->hasActive() && (isset($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) === false || isset($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) && is_object($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) && $GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]->isEnabled() === false)) {
$lC_MessageStack->add('checkout_payment', $lC_Language->get('error_no_payment_module_selected'), 'error');
}
if (isset($_SESSION['SKIP_PAYMENT_PAGE']) && $_SESSION['SKIP_PAYMENT_PAGE'] == '1') {
} else {
if ($lC_MessageStack->size('checkout_payment') > 0) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
}
}
if ($lC_Payment->hasActive()) {
$lC_Payment->pre_confirmation_check();
}
// Stock Check
if (STOCK_CHECK == '1' && AUTODISABLE_OUT_OF_STOCK_PRODUCT == '1') {
foreach ($lC_ShoppingCart->getProducts() as $product) {
if (!$lC_ShoppingCart->isInStock($product['item_id'])) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'AUTO'));
}
}
}
}
public function lC_Checkout_Process()
{
global $lC_Session, $lC_ShoppingCart, $lC_Customer, $lC_NavigationHistory, $lC_Payment, $lC_Vqmod;
require $lC_Vqmod->modCheck('includes/classes/address_book.php');
if (isset($_SESSION['PPEC_TOKEN']) && $_SESSION['PPEC_TOKEN'] != NULL && isset($_GET['token']) && $_GET['token'] == $_SESSION['PPEC_TOKEN']) {
} else {
if ($lC_Customer->isLoggedOn() === false) {
$lC_NavigationHistory->setSnapshot();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
if ($lC_ShoppingCart->hasContents() === false) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL'));
}
// added for removal of order comments from shipping and payment pages and placed on confirmation page only during checkout
if (!empty($_POST['comments'])) {
$_SESSION['comments'] = lc_sanitize_string($_POST['comments']);
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if ($lC_ShoppingCart->hasShippingMethod() === false && $lC_ShoppingCart->getContentType() != 'virtual') {
if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') {
} else {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL'));
}
}
// load selected payment module
include $lC_Vqmod->modCheck('includes/classes/payment.php');
/*VQMOD-003*/
if (isset($_SESSION['PPEC_TOKEN']) && $_SESSION['PPEC_TOKEN'] != NULL && isset($_GET['token']) && $_GET['token'] == $_SESSION['PPEC_TOKEN']) {
$lC_Payment = new lC_Payment($lC_ShoppingCart->getBillingMethod('id'));
//$lC_ShoppingCart->setBillingMethod(array('id' => 'paypal_adv', 'title' => $GLOBALS['lC_Payment_paypal_adv']->getMethodTitle()));
if (isset($_SESSION['cartSync']['cartID']) && $_SESSION['cartSync']['cartID'] != NULL) {
$_SESSION['cartID'] = $_SESSION['cartSync']['cartID'];
$_SESSION['prepOrderID'] = $_SESSION['cartSync']['prepOrderID'];
}
} else {
if (isset($_SESSION['cartSync']['paymentMethod']) && $_SESSION['cartSync']['paymentMethod'] != NULL) {
$lC_Payment = new lC_Payment($_SESSION['cartSync']['paymentMethod']);
$lC_ShoppingCart->setBillingMethod(array('id' => $_SESSION['cartSync']['paymentMethod'], 'title' => $GLOBALS['lC_Payment_' . $_SESSION['cartSync']['paymentMethod']]->getMethodTitle()));
} else {
$lC_Payment = new lC_Payment($lC_ShoppingCart->getBillingMethod('id'));
}
}
if ($lC_Payment->hasActive() && $lC_ShoppingCart->hasBillingMethod() === false) {
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
}
include $lC_Vqmod->modCheck('includes/classes/order.php');
$lC_Payment->process();
$lC_ShoppingCart->reset(true);
// unregister session variables used during checkout
if (isset($_SESSION['comments'])) {
unset($_SESSION['comments']);
}
if (isset($_SESSION['cartSync'])) {
unset($_SESSION['cartSync']);
}
/*VQMOD-004*/
if (isset($_SESSION['PPEC_TOKEN'])) {
unset($_SESSION['PPEC_TOKEN']);
}
if (isset($_SESSION['PPEC_PROCESS'])) {
unset($_SESSION['PPEC_PROCESS']);
}
if (isset($_SESSION['PPEC_PAYDATA'])) {
unset($_SESSION['PPEC_PAYDATA']);
}
if (isset($_SESSION['this_handling'])) {
unset($_SESSION['this_handling']);
}
if (isset($_SESSION['this_payment'])) {
unset($_SESSION['this_payment']);
}
if (isset($_SESSION['SelectedShippingMethodCost'])) {
unset($_SESSION['SelectedShippingMethodCost']);
}
lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'success', 'SSL'));
}
