Not a valid scientist, Please log in again.
<a href = 'LogoutModule.php'>
<button>Login</button>
</a>
<?php
return;
}
$pid = $_SESSION['personid'];
echo "<form name='submit1' method='POST' action='subscribeModule.php'>";
$rows = get_sensors($conn);
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$submit = $_POST['sensors'];
$i = 0;
foreach ($rows as $row) {
if (!empty($submit) and in_array($row['SENSOR_ID'], $submit)) {
add_subscription($conn, $row['SENSOR_ID'], $pid);
} else {
remove_subscription($conn, $row['SENSOR_ID'], $pid);
}
$i++;
}
echo "Subscribed to selected sensors. (Total:" . count(get_subscribed_sensors($conn, $pid)) . ")";
}
echo "<table border='1' class='table table-hover'>";
echo "<tr><td>Subscribed</td><td>SENSOR_ID</td><td>LOCATION</td></tr>";
foreach ($rows as $row) {
if (is_subscribed($conn, $row['SENSOR_ID'], $pid)) {
echo "<tr><td><input type='checkbox' name='sensors[]' value='" . $row['SENSOR_ID'] . "' checked></td>";
echo "<td>" . $row['SENSOR_ID'] . "</td>";
echo "<td>" . $row['LOCATION'] . "</td></tr>";
} else {
set_session("session_new_user_id", $user_id);
set_session("session_new_user_type_id", $type_id);
}
}
if ($new_user_id && ($registration_total_steps == 1 || $registration_last_step == $registration_total_steps)) {
$new_user_added = true;
} else {
$new_user_added = false;
}
// if user pass all steps
if ($new_user_added) {
// add subscription to the cart
if ($is_subscription) {
set_session("session_new_user", "expired");
include_once "./includes/shopping_cart.php";
add_subscription($type_id, $r->get_value("subscription_id"), $subscription_name);
}
// if user approved and he don't need to pay for his account login him automatically
if ($r->get_value("is_approved") == 1 && !$is_subscription) {
if ($user_id) {
user_login("", "", $user_id, 0, "", false, $errors);
} else {
user_login("", "", $new_user_id, 0, "", false, $errors);
}
}
}
// notifications block
if ($new_user_added) {
$registration_date = $r->get_value("registration_date");
$registration_date_string = va_date($datetime_show_format, $registration_date);
$admin_notification = get_setting_value($user_profile, "admin_notification", 0);
$cart_page = strlen($rp) ? get_custom_friendly_url("basket.php") . "?rp=" . urlencode($rp) : get_custom_friendly_url("basket.php");
header("Location: " . $cart_page);
exit;
} elseif ($settings["redirect_to_cart"] == 2) {
header("Location: " . get_custom_friendly_url("checkout.php"));
exit;
}
}
}
break;
case "SUBSCRIPTION":
// add subscription to the cart
$sc_subscription_id = get_param("subscription_id");
$sc_group_id = get_param("group_id");
/* start of adding item to the cart */
$subscription_added = add_subscription(0, $sc_subscription_id, $sc_subscription_name, $sc_group_id);
/* end of adding item to the cart */
if ($subscription_added) {
$rp = get_param("rp");
if (isset($settings["redirect_to_cart"])) {
if ($settings["redirect_to_cart"] == 1) {
$cart_page = strlen($rp) ? get_custom_friendly_url("basket.php") . "?rp=" . urlencode($rp) : get_custom_friendly_url("basket.php");
header("Location: " . $cart_page);
exit;
} elseif ($settings["redirect_to_cart"] == 2) {
header("Location: " . get_custom_friendly_url("checkout.php"));
exit;
}
}
}
break;
function user_login($login, $password, $user_id, $remember_me, $redirect_page, $make_redirects, &$errors)
{
global $db, $table_prefix, $settings;
global $site_id, $multisites_version;
$is_errors = false;
$secure_sessions = get_setting_value($settings, "secure_sessions", 0);
$password_encrypt = get_setting_value($settings, "password_encrypt", 0);
if ($password_encrypt == 1) {
$password_match = md5($password);
} else {
$password_match = $password;
}
// prepare site urls
$site_url = get_setting_value($settings, "site_url", "");
$secure_url = get_setting_value($settings, "secure_url", "");
$sql = " SELECT u.user_id, u.layout_id, u.user_type_id, u.is_approved, ";
$sql .= " u.login, u.nickname, u.name, u.first_name, u.last_name, u.email, u.total_points, u.credit_balance, ";
$sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, ";
$sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, ";
$sql .= " u.reward_type AS user_reward_type, u.reward_amount AS user_reward_amount, ";
$sql .= " ut.reward_type AS group_reward_type, ut.reward_amount AS group_reward_amount, ";
$sql .= " u.credit_reward_type AS user_credit_reward_type, u.credit_reward_amount AS user_credit_reward_amount, ";
$sql .= " ut.credit_reward_type AS group_credit_reward_type, ut.credit_reward_amount AS group_credit_reward_amount, ";
$sql .= " u.registration_last_step, u.registration_total_steps, ";
$sql .= " ut.is_subscription, u.expiry_date, u.is_sms_allowed, ";
$sql .= " u.tax_free AS user_tax_free, ut.tax_free AS group_tax_free, ";
$sql .= " u.order_min_goods_cost AS user_min_goods, u.order_max_goods_cost AS user_max_goods, ";
$sql .= " ut.order_min_goods_cost AS group_min_goods, ut.order_max_goods_cost AS group_max_goods, ";
$sql .= " ut.price_type, c.currency_code, u.subscription_id ";
$sql .= " FROM (((" . $table_prefix . "users u ";
$sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) ";
$sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_id=c.country_id) ";
if ($multisites_version) {
if (isset($site_id)) {
$sql .= " LEFT JOIN " . $table_prefix . "user_types_sites AS uts ON uts.type_id=ut.type_id)";
$sql .= " WHERE (ut.sites_all=1 OR uts.site_id=" . $db->tosql($site_id, INTEGER, true, false) . ") AND ";
} else {
$sql .= ") WHERE ut.sites_all=1 AND ";
}
} else {
$sql .= ") WHERE ";
}
if ($user_id) {
$sql .= " u.user_id=" . $db->tosql($user_id, INTEGER);
} else {
$sql .= " u.login="******" AND u.password="******"user_id");
//Customization by Vital - wishlist sync
if ($user_id) {
sync_wishlist($user_id);
}
//END Customization - wishlist sync
$layout_id = $db->f("layout_id");
$is_approved = $db->f("is_approved");
$is_sms_allowed = $db->f("is_sms_allowed");
$total_points = $db->f("total_points");
$credit_balance = $db->f("credit_balance");
$user_tax_free = $db->f("user_tax_free");
$group_tax_free = $db->f("group_tax_free");
$tax_free = $user_tax_free || $group_tax_free;
$order_min_goods_cost = $db->f("user_min_goods");
if (!strlen($order_min_goods_cost)) {
$order_min_goods_cost = $db->f("group_min_goods");
}
$order_max_goods_cost = $db->f("user_max_goods");
if (!strlen($order_max_goods_cost)) {
$order_max_goods_cost = $db->f("group_max_goods");
}
// check account expiration date
$expiry_date = $db->f("expiry_date", DATETIME);
if (is_array($expiry_date)) {
$expiry_date_ts = mktime(0, 0, 0, $expiry_date[MONTH], $expiry_date[DAY] + 1, $expiry_date[YEAR]);
} else {
$expiry_date_ts = $current_ts;
}
$user_type_id = $db->f("user_type_id");
$is_subscription = $db->f("is_subscription");
$registration_last_step = $db->f("registration_last_step");
$registration_total_steps = $db->f("registration_total_steps");
if ($registration_last_step < $registration_total_steps) {
// if registration process wasn't finished
set_session("session_new_user", "registration");
set_session("session_new_user_id", $user_id);
set_session("session_new_user_type_id", $user_type_id);
// check secure option
$secure_user_profile = get_setting_value($settings, "secure_user_profile", 0);
if ($secure_user_profile || $secure_sessions) {
$user_profile_url = $secure_url . get_custom_friendly_url("user_profile.php");
} else {
$user_profile_url = $site_url . get_custom_friendly_url("user_profile.php");
}
if ($secure_sessions) {
session_set_cookie_params(0, "/", "", true);
session_regenerate_id();
}
header("Location: " . $user_profile_url);
exit;
} elseif ($current_ts > $expiry_date_ts && $is_subscription) {
// if user have to pay for subscription
set_session("session_new_user", "expired");
set_session("session_new_user_id", $user_id);
set_session("session_new_user_type_id", $user_type_id);
// add some data into session for expired user as well
$user_info = array("tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost);
set_session("session_user_info", $user_info);
include_once "./includes/shopping_cart.php";
add_subscription($user_type_id, "", $subscription_name);
// check secure option
$secure_order_profile = get_setting_value($settings, "secure_order_profile", 0);
if ($secure_order_profile || $secure_sessions) {
$order_info_url = $secure_url . get_custom_friendly_url("order_info.php");
} else {
$order_info_url = $site_url . get_custom_friendly_url("order_info.php");
}
if ($secure_sessions) {
session_set_cookie_params(0, "/", "", true);
session_regenerate_id();
}
header("Location: " . $order_info_url);
exit;
} elseif ($current_ts <= $expiry_date_ts && $is_approved) {
$login = $db->f("login");
$nickname = $db->f("nickname");
if (!strlen($nickname)) {
$nickname = $login;
}
$email = $db->f("email");
$currency_code = $db->f("currency_code");
$user_discount_type = $db->f("user_discount_type");
$user_discount_amount = $db->f("user_discount_amount");
$group_discount_type = $db->f("group_discount_type");
$group_discount_amount = $db->f("group_discount_amount");
$user_reward_type = $db->f("user_reward_type");
$user_reward_amount = $db->f("user_reward_amount");
$group_reward_type = $db->f("group_reward_type");
$group_reward_amount = $db->f("group_reward_amount");
$user_credit_reward_type = $db->f("user_credit_reward_type");
$user_credit_reward_amount = $db->f("user_credit_reward_amount");
$group_credit_reward_type = $db->f("group_credit_reward_type");
$group_credit_reward_amount = $db->f("group_credit_reward_amount");
$price_type = $db->f("price_type");
$subscription_id = $db->f("subscription_id");
set_session("session_new_user", "");
set_session("session_new_user_id", "");
set_session("session_new_user_type_id", "");
set_session("session_user_id", $user_id);
set_session("session_user_type_id", $user_type_id);
set_session("session_user_login", $login);
set_session("session_subscription_id", $subscription_id);
if (strlen($db->f("name"))) {
$user_name = $db->f("name");
} elseif (strlen($db->f("first_name")) || strlen($db->f("last_name"))) {
$user_name = $db->f("first_name") . " " . $db->f("last_name");
} else {
$user_name = $login;
}
set_session("session_user_name", $user_name);
set_session("session_user_email", $email);
$discount_type = "";
$discount_amount = "";
if ($user_discount_type > 0) {
$discount_type = $user_discount_type;
$discount_amount = $user_discount_amount;
} elseif ($group_discount_type) {
$discount_type = $group_discount_type;
$discount_amount = $group_discount_amount;
}
set_session("session_discount_type", $discount_type);
set_session("session_discount_amount", $discount_amount);
set_session("session_price_type", $price_type);
$reward_type = "";
$reward_amount = "";
if ($user_reward_type > 0) {
$reward_type = $user_reward_type;
$reward_amount = $user_reward_amount;
} elseif ($group_reward_type) {
$reward_type = $group_reward_type;
$reward_amount = $group_reward_amount;
}
$credit_reward_type = "";
$credit_reward_amount = "";
if ($user_credit_reward_type > 0) {
$credit_reward_type = $user_credit_reward_type;
$credit_reward_amount = $user_credit_reward_amount;
} elseif ($group_credit_reward_type) {
$credit_reward_type = $group_credit_reward_type;
$credit_reward_amount = $group_credit_reward_amount;
}
// check for subscriptions
$subscriptions_ids = "";
$check_date_ts = mktime(0, 0, 0, $current_date[MONTH], $current_date[DAY], $current_date[YEAR]);
$sql = " SELECT subscription_id ";
$sql .= " FROM " . $table_prefix . "orders_items ";
$sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
$sql .= " AND is_subscription=1 ";
$sql .= " AND subscription_expiry_date>=" . $db->tosql($check_date_ts, DATETIME);
$db->query($sql);
while ($db->next_record()) {
if ($subscriptions_ids) {
$subscriptions_ids .= ",";
}
$subscriptions_ids .= $db->f("subscription_id");
}
set_session("session_subscriptions_ids", $subscriptions_ids);
$user_info = array("user_id" => $user_id, "user_type_id" => $user_type_id, "layout_id" => $layout_id, "login" => $login, "nickname" => $nickname, "name" => $user_name, "subscriptions_ids" => $subscriptions_ids, "email" => $email, "discount_type" => $discount_type, "discount_amount" => $discount_amount, "price_type" => $price_type, "tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "reward_type" => $reward_type, "reward_amount" => $reward_amount, "credit_reward_type" => $credit_reward_type, "credit_reward_amount" => $credit_reward_amount, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost);
set_session("session_user_info", $user_info);
if ($remember_me && $login && $password) {
setcookie("cookie_user_login", $login, va_timestamp() + 3600 * 24 * 366);
setcookie("cookie_user_password", $password, va_timestamp() + 3600 * 24 * 366);
}
// get currency if available
if ($currency_code) {
get_currency($currency_code);
}
// update shopping cart if it's available
$shopping_cart = get_session("shopping_cart");
if (is_array($shopping_cart) && sizeof($shopping_cart) > 0) {
include_once "./includes/shopping_cart.php";
recalculate_shopping_cart();
// check if any coupons can be added or removed
check_coupons();
}
// check if need to regenerate session id for secure session
if ($secure_sessions) {
session_set_cookie_params(0, "/", "", true);
session_regenerate_id();
}
// update last visit time
$sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME);
$sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT);
$sql .= ", last_visit_page=" . $db->tosql(get_request_uri(), TEXT);
$sql .= ", last_logged_date=" . $db->tosql(va_time(), DATETIME);
$sql .= ", last_logged_ip=" . $db->tosql(get_ip(), TEXT);
$sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
$db->query($sql);
if ($make_redirects && $redirect_page) {
// convert redirect page to the full url
$ssl = get_param("ssl");
if ($ssl) {
$page_site_url = $secure_url;
} else {
$page_site_url = $site_url;
}
$return_page = get_request_uri();
if (!preg_match("/^https?:\\/\\//i", $redirect_page) && preg_match("/^https?:\\/\\/[^\\/]+(\\/.*)\$/i", $page_site_url, $matches)) {
$page_path_regexp = prepare_regexp($matches[1]);
if (preg_match("/^" . $page_path_regexp . "/i", $redirect_page)) {
$redirect_page = $page_site_url . preg_replace("/^" . $page_path_regexp . "/i", "", $redirect_page);
}
}
header("Location: " . $redirect_page);
exit;
}
} elseif ($current_ts > $expiry_date_ts) {
$is_errors = true;
$errors .= ACCOUNT_EXPIRED_MSG . "<br>";
} else {
$is_errors = true;
$errors .= ACCOUNT_APPROVE_ERROR . "<br>";
}
} else {
$is_errors = true;
if ($user_id) {
$errors .= NO_RECORDS_MSG . "<br>";
} else {
$errors .= LOGIN_PASSWORD_ERROR . "<br>";
}
}
if ($is_errors) {
setcookie("cookie_user_login");
setcookie("cookie_user_password");
}
return !$is_errors;
}
