function subscribe_confirm($VAR)
{
global $C_debug, $C_translate;
### validate that the user provided their email
/*
We need the following vars to confirm:
'email'
'validate'
*/
if (!isset($VAR['email']) || !isset($VAR['validate'])) {
### ERROR: bad link....
$url = '<br><a href="' . URL . '?_page=newsletter:subscribe">' . $C_translate->translate('submit', 'CORE', '') . '</a>';
$message = eregi_replace('%here%', $url, $C_translate->translate('subscribe_confirm_fail', 'newsletter', ''));
echo $message;
return;
} else {
### Confirm the email/timestamp match
$email = @$VAR['email'];
$time = @$VAR['validate'];
$db =& DB();
$sql = 'SELECT data FROM ' . AGILE_DB_PREFIX . 'temporary_data WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
date_orig = ' . $db->qstr($time) . ' AND
field1 = ' . $db->qstr($email);
$result = $db->Execute($sql);
if ($result->RecordCount() == 0) {
### ERROR: no match for submitted link, invalid or expired.
$url = '<br><a href="' . URL . '?_page=newsletter:subscribe">' . $C_translate->translate('submit', 'CORE', '') . '</a>';
$message = eregi_replace('%here%', $url, $C_translate->translate('subscribe_confirm_fail', 'newsletter', ''));
echo $message;
return;
}
$arr = unserialize($result->fields['data']);
@($varstored['static_relation'] = unserialize(base64_decode($arr['var'])));
###############################################################
### Delete the temporary record
$sql = 'DELETE FROM ' . AGILE_DB_PREFIX . 'temporary_data WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
field1 = ' . $db->qstr($email);
$db->Execute($sql);
###############################################################
### Create the newsletter subscription(s):
$db =& DB();
for ($i = 0; $i < count($arr['newsletter_id']); $i++) {
#########################################################
### Drop any existing subscriptions to avoid duplicates!
$sql = 'DELETE FROM ' . AGILE_DB_PREFIX . 'newsletter_subscriber WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
newsletter_id=' . $db->qstr($arr["newsletter_id"][$i]) . ' AND
email = ' . $db->qstr($email);
$db->Execute($sql);
### Insert
$id = $db->GenID(AGILE_DB_PREFIX . "" . 'newsletter_subscriber_id');
$sql = 'INSERT INTO ' . AGILE_DB_PREFIX . 'newsletter_subscriber SET
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
id = ' . $db->qstr($id) . ',
date_orig = ' . $db->qstr(time()) . ',
newsletter_id= ' . $db->qstr($arr["newsletter_id"][$i]) . ',
email = ' . $db->qstr($arr["email"]) . ',
html = ' . $db->qstr($arr["html"]) . ',
first_name = ' . $db->qstr($arr["first_name"]) . ',
last_name = ' . $db->qstr($arr["last_name"]);
$result = $db->Execute($sql);
### Set the static vars:
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
$static_var->add($varstored, 'newsletter_subscriber', $id);
}
### Return the success message:
echo $C_translate->translate('subscribe_confirm_success', 'newsletter', '');
}
}
function add($VAR)
{
if (!$this->checkLimits()) {
return false;
}
// check account limits
global $C_translate, $C_debug, $smarty;
### Set the hidden values:
$VAR['account_admin_date_orig'] = time();
$VAR['account_admin_date_last'] = time();
if (!empty($VAR["account_admin_date_expire"])) {
include_once PATH_CORE . 'validate.inc.php';
$val = new CORE_validate();
$date_expire = $val->DateToEpoch(false, $VAR["account_admin_date_expire"]);
} else {
$date_expire = 0;
}
### Determine the proper account status:
if (!isset($VAR['account_admin_status']) || $VAR['account_admin_status'] != "1") {
$status = 0;
} else {
$status = 1;
}
### DEFINE A USERNAME:
if (empty($VAR['account_admin_username'])) {
$length = 4;
srand((double) microtime() * 1000000);
$vowels = array("a", "e", "i", "o", "u");
$cons = array("b", "c", "d", "g", "h", "j", "k", "l", "m", "n", "p", "r", "s", "t", "u", "v", "w", "tr", "cr", "br", "fr", "th", "dr", "ch", "ph", "wr", "st", "sp", "sw", "pr", "sl", "cl");
$num_vowels = count($vowels);
$num_cons = count($cons);
for ($i = 0; $i < $length; $i++) {
@($VAR['account_admin_username'] .= $cons[rand(0, $num_cons - 1)] . $vowels[rand(0, $num_vowels - 1)]);
}
}
## Single field login:
if (defined('SINGLE_FIELD_LOGIN') && SINGLE_FIELD_LOGIN == true && empty($VAR['account_admin_password'])) {
$VAR['account_admin_password'] = '******';
$passwd = 'none';
}
### DEFINE A PASSWORD:
if (empty($VAR['account_admin_password'])) {
srand((double) microtime() * 1000000);
$UniqID = md5(uniqid(rand()));
@($VAR['account_admin_password'] = substr(md5(uniqid(rand())), 0, 10));
$passwd = '********';
} else {
$passwd = $VAR['account_admin_password'];
/* hash the password */
if (defined('PASSWORD_ENCODING_SHA')) {
$VAR['account_admin_password'] = sha1($VAR['account_admin_password']);
} else {
$VAR['account_admin_password'] = md5($VAR['account_admin_password']);
}
}
####################################################################
### loop through the field list to validate the required fields
####################################################################
$type = 'add';
$this->method["{$type}"] = explode(",", $this->method["{$type}"]);
$arr = $this->method["{$type}"];
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$this->validated = true;
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $this->module . '_' . $value;
$field_name = $value;
####################################################################
### perform any field validation...
####################################################################
# check if this value is unique
if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
# check if the submitted value meets the specifed requirements
if (isset($this->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
// validate the tax_id
require_once PATH_MODULES . 'tax/tax.inc.php';
$taxObj = new tax();
$tax_arr = @$VAR['account_admin_tax_id'];
if (is_array($tax_arr)) {
foreach ($tax_arr as $country_id => $tax_id) {
if ($country_id == $VAR['account_admin_country_id']) {
$exempt = @$VAR["account_tax_id_exempt"][$country_id];
if (!$taxObj->TaxIdsValidate($country_id, $tax_id, $exempt)) {
$this->validated = false;
$this->val_error[] = array('field' => 'account_admin_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", ""));
}
if ($exempt) {
$account_admin_tax_id = false;
} else {
$account_admin_tax_id = $tax_id;
}
}
}
}
####################################################################
### Get required static_Vars and validate them... return an array
### w/ ALL errors...
####################################################################
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
if (!isset($this->val_error)) {
$this->val_error = false;
}
$all_error = $static_var->validate_form('account', $this->val_error);
if ($all_error != false && gettype($all_error) == 'array') {
$this->validated = false;
} else {
$this->validated = true;
}
####################################################################
### If validation was failed, skip the db insert &
### set the errors & origonal fields as Smarty objects,
### and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $all_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
# Stripslashes
global $C_vars;
$C_vars->strip_slashes_all();
return;
}
# Get default invoice options
$db =& DB();
$invopt = $db->Execute(sqlSelect($db, "setup_invoice", "*", ""));
if ($invopt && $invopt->RecordCount()) {
$invoice_delivery = $invopt->fields['invoice_delivery'];
$invoice_format = $invopt->fields['invoice_show_itemized'];
}
####################################################################
### Insert the account record
####################################################################
$this->account_id = $db->GenID(AGILE_DB_PREFIX . 'account_id');
$validation_str = time();
/** get parent id */
@($parent_id = @$VAR["account_admin_parent_id"]);
if (empty($parent_id)) {
$parent_id = $this->account_id;
}
$sql = '
INSERT INTO ' . AGILE_DB_PREFIX . 'account SET
id = ' . $db->qstr($this->account_id) . ',
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
date_orig = ' . $db->qstr($validation_str) . ',
date_last = ' . $db->qstr(time()) . ',
date_expire = ' . $db->qstr($date_expire) . ',
language_id = ' . $db->qstr($VAR["account_admin_language_id"]) . ',
country_id = ' . $db->qstr($VAR["account_admin_country_id"]) . ',
parent_id = ' . $db->qstr($parent_id) . ',
affiliate_id = ' . $db->qstr(@$VAR["account_admin_affiliate_id"]) . ',
reseller_id = ' . $db->qstr(@$VAR["account_admin_reseller_id"]) . ',
currency_id = ' . $db->qstr($VAR["account_admin_currency_id"]) . ',
theme_id = ' . $db->qstr($VAR["account_admin_theme_id"]) . ',
username = '******',
password = '******',
status = ' . $db->qstr($status) . ',
first_name = ' . $db->qstr($VAR["account_admin_first_name"]) . ',
middle_name = ' . $db->qstr($VAR["account_admin_middle_name"]) . ',
last_name = ' . $db->qstr($VAR["account_admin_last_name"]) . ',
company = ' . $db->qstr($VAR["account_admin_company"]) . ',
title = ' . $db->qstr($VAR["account_admin_title"]) . ',
email = ' . $db->qstr($VAR["account_admin_email"]) . ',
address1 = ' . $db->qstr($VAR["account_admin_address1"]) . ',
address2 = ' . $db->qstr($VAR["account_admin_address2"]) . ',
city = ' . $db->qstr($VAR["account_admin_city"]) . ',
state = ' . $db->qstr($VAR["account_admin_state"]) . ',
zip = ' . $db->qstr($VAR["account_admin_zip"]) . ',
misc = ' . $db->qstr($VAR["account_admin_misc"]) . ',
email_type = ' . $db->qstr($VAR["account_admin_email_html"]) . ',
invoice_delivery= ' . $db->qstr(@$invoice_delivery) . ',
invoice_show_itemized=' . $db->qstr(@$invoice_format) . ',
invoice_advance_gen = ' . $db->qstr(MAX_INV_GEN_PERIOD) . ',
invoice_grace = ' . $db->qstr(GRACE_PERIOD) . ',
tax_id = ' . $db->qstr(@$account_tax_id);
$result = $db->Execute($sql);
### error reporting:
if ($result === false) {
global $C_debug;
$C_debug->error('account_admin.inc.php', 'add', $db->ErrorMsg());
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
return;
}
/* password logging class */
global $C_list;
if ($C_list->is_installed('account_password_history')) {
include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php';
$accountHistory = new account_password_history();
$accountHistory->setNewPassword($this->account_id, $VAR["account_admin_password"]);
}
### Add the account to the default group:
$this->add_account_groups($VAR['groups'], $this->account_id, $VAR['account_admin_date_expire']);
### Insert the static vars:
$static_var->add($VAR, 'account', $this->account_id);
### Mail the new user
if (!empty($VAR['welcome_email'])) {
require_once PATH_MODULES . 'email_template/email_template.inc.php';
$my = new email_template();
if ($status == "1") {
$my->send('account_add_staff_active', $this->account_id, '', '', $passwd);
} else {
$validation_str = strtoupper($validation_str . ':' . $this->account_id);
$my->send('account_add_staff_inactive', $this->account_id, $this->account_id, '', $validation_str);
}
}
### Do any db_mapping
if ($C_list->is_installed('db_mapping')) {
include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
$db_map = new db_mapping();
if (!empty($passwd)) {
$db_map->plaintext_password = $passwd;
} else {
$db_map->plaintext_password = false;
}
$db_map->account_add($this->account_id);
}
### Display the welcome message
if ($status == "1") {
$C_debug->alert($C_translate->translate("staff_add_active", "account_admin", ""));
} else {
$C_debug->alert($C_translate->translate("staff_add_inactive", "account_admin", ""));
}
#$VAR["id"] = $this->account_id;
$url = '?_page=' . $VAR['_page'] . '&id=' . $this->account_id;
if (!empty($VAR['id'])) {
$url .= '&_escape=1';
}
if (!empty($VAR['field'])) {
$url .= '&field=' . $VAR['field'];
$url .= '&name=' . $VAR['account_admin_first_name'] . ' ' . $VAR['account_admin_last_name'];
}
define('REDIRECT_PAGE', $url);
### Affiliate Auto Creation
if (AUTO_AFFILIATE == 1 && $C_list->is_installed("affiliate")) {
$VAR['affiliate_account_id'] = $this->account_id;
$VAR['affiliate_template_id'] = DEFAULT_AFFILIATE_TEMPLATE;
@($VAR['affiliate_parent_affiliate_id'] = $VAR['account_admin_affiliate_id']);
include_once PATH_MODULES . 'affiliate/affiliate.inc.php';
$affiliate = new affiliate();
$affiliate->add($VAR, $affiliate);
}
return;
}
function user_add($VAR)
{
$this->construct();
global $C_debug, $C_translate, $C_vars, $smarty;
### Strip Slashes
global $VAR;
$C_vars->strip_slashes_all();
####################################################################
### Check that the required fields are set:
### ticket_department_id, ticket_subject, ticket_body
####################################################################
$fields = array('priority', 'department_id', 'subject', 'body');
for ($i = 0; $i < count($fields); $i++) {
$field = $fields[$i];
$field_name = $this->table . '_' . $field;
if (!isset($VAR["{$field_name}"]) || trim($VAR["{$field_name}"]) == "") {
$this->val_error[] = array('field' => $this->table . '_' . $field, 'field_trans' => $C_translate->translate('field_' . $field, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
####################################################################
### Get required static_Vars and validate them... return an array
### w/ ALL errors...
####################################################################
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
if (!isset($this->val_error)) {
$this->val_error = false;
}
$all_error = $static_var->validate_form($this->module, $this->val_error);
if ($all_error != false && gettype($all_error) == 'array') {
$this->validated = false;
} else {
$this->validated = true;
}
### Validate e-mail
if (!SESS_LOGGED) {
include_once PATH_CORE . 'validate.inc.php';
$C_validate = new CORE_validate();
if (empty($VAR['ticket_email'])) {
$this->validated = false;
$smarty->assign('ticket_email', true);
$all_error[] = array('field' => 'ticket_email', 'field_trans' => $C_translate->translate('field_email', "ticket", ""), 'error' => $C_translate->translate('validate_any', "", ""));
} elseif (!$C_validate->validate_email(@$VAR['ticket_email'], false)) {
$this->validated = false;
$smarty->assign('ticket_email', true);
$all_error[] = array('field' => 'ticket_email', 'field_trans' => $C_translate->translate('field_email', "ticket", ""), 'error' => $C_translate->translate('validate_email', "", ""));
}
$this->email = $VAR['ticket_email'];
} else {
# Get the e-mail addy from the user's account
$db =& DB();
$sql = 'SELECT email FROM ' . AGILE_DB_PREFIX . 'account WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
id = ' . $db->qstr(SESS_ACCOUNT);
$result = $db->Execute($sql);
$VAR['ticket_email'] = $result->fields['email'];
$this->email = $result->fields['email'];
}
###################################################################
### Check that the user is authorized for this department
$db =& DB();
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'ticket_department WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
id = ' . $db->qstr($VAR['ticket_department_id']) . ' AND
status = ' . $db->qstr('1');
$result = $db->Execute($sql);
if ($result->RecordCount() == 0) {
###################################################################
### ERROR: The selected department is inactive or invalid
$C_debug->alert($C_translate->translate('department_invalid', 'ticket', ''));
return false;
}
global $C_auth;
$i = 0;
$dept_auth = false;
while (!$result->EOF) {
$arr = unserialize($result->fields['group_id']);
if (!SESS_LOGGED) {
### Check if the specified department is authorized for the 'All Users' group (0):
for ($i = 0; $i < count($arr); $i++) {
if ($arr[$i] == '0') {
$dept_auth = true;
}
}
if (!$dept_auth) {
$C_debug->alert($C_translate->translate('login_required', '', ''));
return false;
}
} else {
for ($i = 0; $i < count($arr); $i++) {
if ($C_auth->auth_group_by_id($arr[$i])) {
$dept_auth = true;
}
}
}
$result->MoveNext();
}
if (!$dept_auth) {
###################################################################
### ERROR: The current user does not have access to the selected department!
$C_debug->alert($C_translate->translate('department_not_auth', 'ticket', ''));
return false;
} else {
####################################################################
# If validation was failed, skip the db insert &
# set the errors & origonal fields as Smarty objects,
# and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $all_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
global $C_vars;
$C_vars->strip_slashes_all();
return;
}
###################################################################
### Assemble the SQL & Insert the ticket
$db =& DB();
$id = $db->GenID(AGILE_DB_PREFIX . 'ticket_id');
$sql = 'INSERT INTO ' . AGILE_DB_PREFIX . 'ticket SET
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
id = ' . $db->qstr($id) . ',
date_orig = ' . $db->qstr(time()) . ',
date_last = ' . $db->qstr(time()) . ',
date_expire = ' . $db->qstr(time() + 86400 * 7) . ',
account_id = ' . $db->qstr(SESS_ACCOUNT) . ',
department_id=' . $db->qstr($VAR['ticket_department_id']) . ',
status = ' . $db->qstr(0) . ',
last_reply = 0,
priority = ' . $db->qstr($VAR['ticket_priority']) . ',
subject = ' . $db->qstr($VAR['ticket_subject']) . ',
email = ' . $db->qstr($VAR['ticket_email']) . ',
body = ' . $db->qstr(htmlspecialchars($VAR['ticket_body']));
$result = $db->Execute($sql);
# error reporting:
if ($result === false) {
global $C_debug;
$C_debug->error('ticket.inc.php', 'user_add', $db->ErrorMsg());
return false;
}
###################################################################
### Insert the static vars...
$static_var->add($VAR, $this->module, $id);
###################################################################
### Mail the user the new_ticket email template
require_once PATH_MODULES . 'email_template/email_template.inc.php';
$VAR['email'] = trim($this->email);
$VAR['key'] = $this->key($this->email);
$my = new email_template();
$my->send('ticket_user_add', $this->email, $id, '', '');
unset($VAR['key']);
unset($VAR['email']);
###################################################################
### Get any staff members who should be mailed
$db =& DB();
$sql = 'SELECT id,account_id,department_avail FROM ' . AGILE_DB_PREFIX . 'staff
WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
notify_new = ' . $db->qstr("1");
$result = $db->Execute($sql);
if ($result->RecordCount() > 0) {
while (!$result->EOF) {
@($avail = unserialize($result->fields['department_avail']));
for ($i = 0; $i < count($avail); $i++) {
if ($avail[$i] == $VAR['ticket_department_id']) {
###################################################################
### Mail staff members the new_ticket email template
$my = new email_template();
$my->send('ticket_user_add_staff', $result->fields['account_id'], $id, $avail[$i], 'sql3');
$i = count($avail);
}
}
$result->MoveNext();
}
}
}
global $C_debug, $C_translate;
$C_debug->alert($C_translate->translate('user_add_success', 'ticket', ''));
}
function add($VAR)
{
if (!$this->checkLimits()) {
return false;
}
// check account limits
$this->account_construct();
global $C_list, $C_translate, $C_debug, $VAR, $smarty;
$this->validated = true;
### Set the hidden values:
$VAR['account_date_orig'] = time();
$VAR['account_date_last'] = time();
if (defined("SESS_LANGUAGE")) {
@($VAR['account_language_id'] = SESS_LANGUAGE);
} else {
@($VAR['account_language_id'] = DEFAULT_LANGUAGE);
}
if (defined("SESS_AFFILIATE")) {
@($VAR['account_affiliate_id'] = SESS_AFFILIATE);
} else {
@($VAR['account_affiliate_id'] = DEFAULT_AFFILIATE);
}
if (defined("SESS_RESELLER")) {
@($VAR['account_reseller_id'] = SESS_RESELLER);
} else {
@($VAR['account_reseller_id'] = DEFAULT_RESELLER);
}
if (defined("SESS_CURRENCY")) {
@($VAR['account_currency_id'] = SESS_CURRENCY);
} else {
@($VAR['account_currency_id'] = DEFAULT_CURRENCY);
}
if (defined("SESS_THEME")) {
@($VAR['account_theme_id'] = SESS_THEME);
} else {
@($VAR['account_theme_id'] = DEFAULT_THEME);
}
if (defined("SESS_CAMPAIGN")) {
@($VAR['account_campaign_id'] = SESS_CAMPAIGN);
} else {
@($VAR['account_campaign_id'] = 0);
}
if (!isset($VAR['account_email_type']) && @$VAR['account_email_type'] != "1") {
@($VAR['account_email_type'] = '0');
}
### Determine the proper account status:
if (DEFAULT_ACCOUNT_STATUS != '1') {
$status = '1';
} else {
$status = '0';
}
## Single field login:
if (defined('SINGLE_FIELD_LOGIN') && SINGLE_FIELD_LOGIN == true && empty($VAR['account_password'])) {
$VAR['account_password'] = '******';
$VAR['confirm_password'] = '******';
}
####################################################################
### loop through the field list to validate the required fields
####################################################################
$type = 'add';
$this->method["{$type}"] = split(",", $this->method["{$type}"]);
$arr = $this->method["{$type}"];
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$this->validated = true;
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $this->module . '_' . $value;
$field_name = $value;
####################################################################
### perform any field validation...
####################################################################
# check if this value is unique
if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
# check if the submitted value meets the specifed requirements
if (isset($this->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
####################################################################
### Validate the password
####################################################################
if (isset($VAR['account_password']) && $VAR['account_password'] != "") {
if (isset($VAR['confirm_password']) && $VAR['account_password'] == $VAR['confirm_password']) {
$password = $VAR['account_password'];
$smarty->assign('confirm_account_password', $VAR["account_password"]);
} else {
### ERROR: The passwords provided do not match!
$smarty->assign('confirm_account_password', '');
$this->validated = false;
$this->val_error[] = array('field' => 'account_confirm_password', 'field_trans' => $C_translate->translate('field_confirm_password', $this->module, ""), 'error' => $C_translate->translate('password_change_match', "account", ""));
}
} else {
$smarty->assign('confirm_account_password', '');
}
####################################################################
### Validate that the user's IP & E-mail are not banned!
####################################################################
if ($this->validated) {
require_once PATH_MODULES . 'blocked_email/blocked_email.inc.php';
$blocked_email = new blocked_email();
if (!$blocked_email->is_blocked($VAR['account_email'])) {
$this->val_error[] = array('field' => 'account_email', 'field_trans' => $C_translate->translate('field_email', $this->module, ""), 'error' => $C_translate->translate('validate_banned_email', "", ""));
}
require_once PATH_MODULES . 'blocked_ip/blocked_ip.inc.php';
$blocked_ip = new blocked_ip();
if (!$blocked_ip->is_blocked(USER_IP)) {
$this->val_error[] = array('field' => 'IP Address', 'field_trans' => $C_translate->translate('ip_address', $this->module, ""), 'error' => $C_translate->translate('validate_banned_ip', "", ""));
}
}
// validate the tax_id
require_once PATH_MODULES . 'tax/tax.inc.php';
$taxObj = new tax();
$tax_arr = @$VAR['account_tax_id'];
if (is_array($tax_arr)) {
foreach ($tax_arr as $country_id => $tax_id) {
if ($country_id == $VAR['account_country_id']) {
$exempt = @$VAR["account_tax_id_exempt"][$country_id];
if (!$taxObj->TaxIdsValidate($country_id, $tax_id, $exempt)) {
$this->validated = false;
$this->val_error[] = array('field' => 'account_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", ""));
}
if ($exempt) {
$VAR['account_tax_id'] = false;
} else {
$VAR['account_tax_id'] = $tax_id;
}
}
}
}
####################################################################
### Get required static_Vars and validate them... return an array
### w/ ALL errors...
####################################################################
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
if (!isset($this->val_error)) {
$this->val_error = false;
}
$all_error = $static_var->validate_form($this->module, $this->val_error);
if ($all_error != false && gettype($all_error) == 'array') {
$this->validated = false;
} else {
$this->validated = true;
}
####################################################################
### If validation was failed, skip the db insert &
### set the errors & origonal fields as Smarty objects,
### and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $all_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
# Stripslashes
global $C_vars;
$C_vars->strip_slashes_all();
return;
}
# Get default invoice options
$db =& DB();
$invopt = $db->Execute(sqlSelect($db, "setup_invoice", "*", ""));
if ($invopt && $invopt->RecordCount()) {
$invoice_delivery = $invopt->fields['invoice_delivery'];
$invoice_format = $invopt->fields['invoice_show_itemized'];
}
/* hash the password */
if (defined('PASSWORD_ENCODING_SHA')) {
$password_encoded = sha1($password);
} else {
$password_encoded = md5($password);
}
####################################################################
### Insert the account record
####################################################################
$this->account_id = $db->GenID(AGILE_DB_PREFIX . 'account_id');
$validation_str = time();
/** get parent id */
$this->account_id;
if (empty($this->parent_id)) {
$this->parent_id = $this->account_id;
}
$sql = '
INSERT INTO ' . AGILE_DB_PREFIX . 'account SET
id = ' . $db->qstr($this->account_id) . ',
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
date_orig = ' . $db->qstr($validation_str) . ',
date_last = ' . $db->qstr(time()) . ',
language_id = ' . $db->qstr($VAR["account_language_id"]) . ',
country_id = ' . $db->qstr($VAR["account_country_id"]) . ',
parent_id = ' . $db->qstr($this->parent_id) . ',
affiliate_id = ' . $db->qstr(@$VAR["account_affiliate_id"]) . ',
campaign_id = ' . $db->qstr(@$VAR["account_campaign_id"]) . ',
reseller_id = ' . $db->qstr(@$VAR["account_reseller_id"]) . ',
currency_id = ' . $db->qstr($VAR["account_currency_id"]) . ',
theme_id = ' . $db->qstr($VAR["account_theme_id"]) . ',
username = '******',
password = '******',
status = ' . $db->qstr($status) . ',
first_name = ' . $db->qstr($VAR["account_first_name"], get_magic_quotes_gpc()) . ',
middle_name = ' . $db->qstr($VAR["account_middle_name"], get_magic_quotes_gpc()) . ',
last_name = ' . $db->qstr($VAR["account_last_name"], get_magic_quotes_gpc()) . ',
company = ' . $db->qstr($VAR["account_company"], get_magic_quotes_gpc()) . ',
title = ' . $db->qstr($VAR["account_title"], get_magic_quotes_gpc()) . ',
email = ' . $db->qstr($VAR["account_email"], get_magic_quotes_gpc()) . ',
address1 = ' . $db->qstr($VAR["account_address1"], get_magic_quotes_gpc()) . ',
address2 = ' . $db->qstr($VAR["account_address2"], get_magic_quotes_gpc()) . ',
city = ' . $db->qstr($VAR["account_city"], get_magic_quotes_gpc()) . ',
state = ' . $db->qstr($VAR["account_state"], get_magic_quotes_gpc()) . ',
zip = ' . $db->qstr($VAR["account_zip"], get_magic_quotes_gpc()) . ',
email_type = ' . $db->qstr($VAR["account_email_type"], get_magic_quotes_gpc()) . ',
invoice_delivery= ' . $db->qstr(@$invoice_delivery) . ',
invoice_show_itemized=' . $db->qstr(@$invoice_format) . ',
invoice_advance_gen = ' . $db->qstr(MAX_INV_GEN_PERIOD) . ',
invoice_grace = ' . $db->qstr(GRACE_PERIOD) . ',
tax_id = ' . $db->qstr(@$VAR['account_tax_id']);
$result = $db->Execute($sql);
####################################################################
### error reporting:
####################################################################
if ($result === false) {
global $C_debug;
$C_debug->error('account.inc.php', 'add', $db->ErrorMsg());
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
return;
}
/* password logging class */
if ($C_list->is_installed('account_password_history')) {
include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php';
$accountHistory = new account_password_history();
$accountHistory->setNewPassword($this->account_id, $password_encoded);
}
####################################################################
### Add the account to the default group:
####################################################################
$group_id = $db->GenID(AGILE_DB_PREFIX . 'account_group_id');
$sql = '
INSERT INTO ' . AGILE_DB_PREFIX . 'account_group SET
id = ' . $db->qstr($group_id) . ',
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
date_orig = ' . $db->qstr(time()) . ',
group_id = ' . $db->qstr(DEFAULT_GROUP) . ',
account_id = ' . $db->qstr($this->account_id) . ',
active = ' . $db->qstr('1');
$db->Execute($sql);
####################################################################
### Insert the static vars:
####################################################################
$static_var->add($VAR, $this->module, $this->account_id);
####################################################################
### Mail the user the new_account email template
####################################################################
require_once PATH_MODULES . 'email_template/email_template.inc.php';
$my = new email_template();
if ($status == "1") {
$my->send('account_registration_active', $this->account_id, $this->account_id, '', '');
} else {
$validation_str = strtoupper($validation_str . ':' . $this->account_id);
$my->send('account_registration_inactive', $this->account_id, '', '', $validation_str);
}
####################################################################
### Add the newsletters
####################################################################
if (NEWSLETTER_REGISTRATION == "1") {
@($VAR['newsletter_html'] = $VAR['account_email_type']);
$VAR['newsletter_email'] = $VAR['account_email'];
$VAR['newsletter_first_name'] = $VAR['account_first_name'];
$VAR['newsletter_last_name'] = $VAR['account_last_name'];
require_once PATH_MODULES . '/newsletter/newsletter.inc.php';
$newsletter = new newsletter();
$newsletter->subscribe($VAR, $this);
}
####################################################################
### Log in the user & display the welcome message
####################################################################
if ($status == "1") {
if ($this->parent_id == $this->account_id || empty($this->parent_id)) {
$C_debug->alert($C_translate->translate("user_add_active_welcome", "account", ""));
if (SESSION_EXPIRE == 0) {
$exp = 99999;
} else {
$exp = SESSION_EXPIRE;
}
$date_expire = time() + SESSION_EXPIRE * 60;
# update the session
$db =& DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session\n\t\t\t\t\t\tSET\n\t\t\t\t\t\tip= " . $db->qstr(USER_IP) . ",\n\t\t\t\t\t\tdate_expire = " . $db->qstr($date_expire) . ",\n\t\t\t\t\t\tlogged = " . $db->qstr('1') . ",\n\t\t\t\t\t\taccount_id = " . $db->qstr($this->account_id) . "\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = " . $db->qstr(SESS) . "\n\t\t\t\t\t\tAND\n\t\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($q);
### constants
define('FORCE_SESS_ACCOUNT', $this->account_id);
define('FORCE_SESS_LOGGED', 1);
### Reload the session auth cache
if (CACHE_SESSIONS == '1') {
$force = true;
$C_auth = new CORE_auth($force);
global $C_auth2;
$C_auth2 = $C_auth;
}
if (isset($VAR['_page_next'])) {
define('REDIRECT_PAGE', '?_page=' . $VAR['_page_next']);
} elseif (isset($VAR['_page'])) {
define('REDIRECT_PAGE', '?_page=' . $VAR['_page']);
}
}
####################################################################
### Do any db_mapping
####################################################################
if ($C_list->is_installed('db_mapping')) {
include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
$db_map = new db_mapping();
if (!empty($password)) {
$db_map->plaintext_password = $password;
} else {
$db_map->plaintext_password = false;
}
$db_map->account_add($this->account_id);
$db_map = new db_mapping();
$db_map->login($this->account_id);
}
####################################################################
### Affiliate Auto Creation
####################################################################
if (AUTO_AFFILIATE == 1 && $C_list->is_installed("affiliate")) {
$VAR['affiliate_account_id'] = $this->account_id;
$VAR['affiliate_template_id'] = DEFAULT_AFFILIATE_TEMPLATE;
include_once PATH_MODULES . 'affiliate/affiliate.inc.php';
$affiliate = new affiliate();
$affiliate->add($VAR, $affiliate);
}
} else {
$C_debug->alert($C_translate->translate("user_add_inactive_welcome", "account", ""));
define('FORCE_PAGE', 'core:blank');
}
}
function add($VAR)
{
$type = "add";
$this->method["{$type}"] = split(",", $this->method["{$type}"]);
$db = new CORE_database();
$id = $db->add($VAR, $this, $type);
### Set the static vars:
if ($id) {
global $smarty;
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
$static_var->add($VAR, $this->module, $id);
}
}
function user_add($VAR)
{
global $C_debug, $C_translate;
# check if this affiliate account exists
$db =& DB();
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'affiliate WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
account_id = ' . $db->qstr(SESS_ACCOUNT);
$result = $db->Execute($sql);
if ($result != false && @$result->RecordCount() > 0) {
$C_debug->alert($C_translate->translate('error_acct_aff_exist', 'affiliate', ''));
return;
}
## Get the affiliate template details:
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'affiliate_template WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
id = ' . $db->qstr(DEFAULT_AFFILIATE_TEMPLATE);
$result = $db->Execute($sql);
if ($result->RecordCount() == 0) {
$C_debug->alert($C_translate->translate('error_template_invalid', 'affiliate', ''));
return;
}
####################################################################
### Get required static_Vars and validate them... return an array
### w/ ALL errors...
####################################################################
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
if (!isset($this->val_error)) {
$this->val_error = false;
}
$all_error = $static_var->validate_form('affiliate', $this->val_error);
if ($all_error != false && gettype($all_error) == 'array') {
$this->validated = false;
} else {
$this->validated = true;
}
####################################################################
# If validation was failed, skip the db insert &
# set the errors & origonal fields as Smarty objects,
# and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $all_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
return;
}
## Get the affiliate id that referred this account:
$sql = 'SELECT affiliate_id FROM ' . AGILE_DB_PREFIX . 'account WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
id = ' . $db->qstr(SESS_ACCOUNT);
$ref = $db->Execute($sql);
## Create the record
$this->record_id = $db->GenID(AGILE_DB_PREFIX . "" . 'affiliate_id');
$this->record_id = $this->id_prefix . "" . $this->record_id;
## Generate the full query
$sql = "INSERT INTO " . AGILE_DB_PREFIX . "affiliate\n\t\t\t\t\tSET\n\t\t\t\t\tid = " . $db->qstr($this->record_id) . ",\n\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE) . ",\n\t\t\t\t\taccount_id = " . $db->qstr(SESS_ACCOUNT) . ",\n\t\t\t\t\tparent_affiliate_id = " . $db->qstr($ref->fields['affiliate_id']) . ",\n\t\t\t\t\tstatus = " . $db->qstr($result->fields['status']) . ",\n\t\t\t\t\taffiliate_plugin = " . $db->qstr(@$VAR['affiliate_affiliate_plugin']) . ",\n\t\t\t\t\tavail_campaign_id = " . $db->qstr($result->fields['avail_campaign_id']) . ",\n\t\t\t\t\tmax_tiers = " . $db->qstr($result->fields['max_tiers']) . ",\n\t\t\t\t\tcommission_minimum = " . $db->qstr($result->fields['commission_minimum']) . ",\n\t\t\t\t\tnew_commission_type = " . $db->qstr($result->fields['new_commission_type']) . ",\n\t\t\t\t\tnew_commission_rate = " . $db->qstr($result->fields['new_commission_rate']) . ",\t\t \t \t\n\t\t\t\t\trecurr_commission_type =" . $db->qstr($result->fields['recurr_commission_type']) . ",\n\t\t\t\t\trecurr_commission_rate =" . $db->qstr($result->fields['recurr_commission_rate']) . ",\n\t\t\t\t\trecurr_max_commission_periods = " . $db->qstr($result->fields['recurr_max_commission_periods']) . ",\t\t \t \t\n\t\t\t\t\tdate_orig = " . $db->qstr(time()) . ",\n\t\t\t\t\tdate_last = " . $db->qstr(time());
$result2 = $db->Execute($sql);
if ($result2 != false) {
## Insert the static vars:
$static_var->add($VAR, $this->module, $this->record_id);
## Load the affiliate plugin and run the "Add" method:
$file = strtoupper(eregi_replace('[^0-9a-z_-]{1,}', '', @$VAR['affiliate_affiliate_plugin']));
$pluginfile = PATH_PLUGINS . 'affiliate/' . $file . '.php';
if (@(include_once $pluginfile)) {
eval('$_PLGN_AFF = new plgn_aff_' . strtoupper($file) . ';');
$_PLGN_AFF->add(SESS_ACCOUNT, $this->record_id);
}
## Send the affiliate e-mail:
require_once PATH_MODULES . 'email_template/email_template.inc.php';
if ($result->fields['status'] == "1") {
$my1 = new email_template();
$my1->send('affiliate_user_add_active', SESS_ACCOUNT, '', '', $this->record_id);
$C_debug->alert($C_translate->translate('user_add_active', 'affiliate', ''));
} else {
$my1 = new email_template();
$my1->send('affiliate_user_add_pending', SESS_ACCOUNT, '', '', $this->record_id);
$my2 = new email_template();
$my2->send('affiliate_user_add_staff_notify', SESS_ACCOUNT, '', '', $this->record_id);
$C_debug->alert($C_translate->translate('user_add_inactive', 'affiliate', ''));
}
global $VAR;
$VAR['id'] = $this->record_id;
define('FORCE_PAGE', $VAR['_page_current']);
} else {
$C_debug->alert('There was an error and the affiliate account could not be added.');
define('FORCE_PAGE', $VAR['_page_current']);
}
}
