/**
* Метод вывода сообщения (Сообщение добавлено, Защита от спама, Неверный код и т.д.)
*
* @param string $msg
* @param string $goto
* @param string $tpl
*/
function _guestbookMessageShow($msg = '', $goto = '')
{
global $AVE_Template, $mod;
//$goto = ($goto == '') ? 'index.php?module=guestbook' : $goto;
$msg = str_replace('%%GoTo%%', get_referer_link(), $msg);
$AVE_Template->assign('theme_folder', THEME_FOLDER);
$AVE_Template->assign('GoTo', get_referer_link());
$AVE_Template->assign('content', $msg);
$tpl_out = $AVE_Template->fetch($mod['tpl_dir'] . 'redirect.tpl');
echo $tpl_out;
exit;
}
function bannerClickCount($banner_id)
{
global $AVE_DB;
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'go') {
$banner_url = $AVE_DB->Query("\r\n\t\t\t\tSELECT banner_url\r\n\t\t\t\tFROM " . PREFIX . "_modul_banners\r\n\t\t\t\tWHERE Id = '" . $banner_id . "'\r\n\t\t\t\tLIMIT 1\r\n\t\t\t")->GetCell();
if (!empty($banner_url)) {
$AVE_DB->Query("\r\n\t\t\t\t\tUPDATE " . PREFIX . "_modul_banners\r\n\t\t\t\t\tSET banner_clicks = banner_clicks + 1\r\n\t\t\t\t\tWHERE Id = '" . $banner_id . "'\r\n\t\t\t\t");
header('Location:' . $banner_url);
exit;
}
}
header('Location:' . get_referer_link());
exit;
}
$tpl_dir = BASE_DIR . '/modules/login/templates/';
$lang_file = BASE_DIR . '/modules/login/lang/' . $_SESSION['user_language'] . '.txt';
if (!@(require BASE_DIR . '/modules/login/class.login.php')) {
module_error();
}
$login = new Login($tpl_dir, $lang_file);
switch ($_REQUEST['action']) {
case 'wys':
if (isset($_REQUEST['sub']) && $_REQUEST['sub'] == 'on') {
if (check_permission('documents')) {
$_SESSION['user_adminmode'] = 1;
}
} else {
unset($_SESSION['user_adminmode']);
}
header('Location:' . get_referer_link());
exit;
case 'wys_adm':
if (isset($_REQUEST['sub']) && $_REQUEST['sub'] == 'on') {
if (check_permission('documents')) {
$_SESSION['user_adminmode'] = 1;
}
} else {
unset($_SESSION['user_adminmode']);
}
header('Location:' . get_home_link());
exit;
case 'login':
$login->loginUserLogin();
break;
case 'logout':
if (empty($_POST['action'])) {
header("Location:" . get_referer_link());
} else {
$AVE_Template->display(BASE_DIR . '/modules/basket/templates/basket_show.tpl');
}
exit;
case 'order':
define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE'));
define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_show.tpl'));
break;
case 'update':
$product_delete = isset($_REQUEST['product_delete']) ? $_REQUEST['product_delete'] : null;
$product_quantity = isset($_REQUEST['product_quantity']) ? $_REQUEST['product_quantity'] : null;
$oBasket->basketOrderUpdate($product_quantity, $product_delete);
if (empty($_POST['action'])) {
header("Location:" . get_referer_link());
} else {
$AVE_Template->display(BASE_DIR . '/modules/basket/templates/order_show.tpl');
}
exit;
case 'form':
define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE'));
define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_form.tpl'));
break;
case 'send':
$oBasket->basketOrderSend();
define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE'));
define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_finish.tpl'));
break;
}
}
/**
* Регистрация новой учетной записи пользователя
*
*/
function loginNewUserRegister()
{
global $AVE_DB, $AVE_Template;
if (isset($_SESSION['user_id']) || isset($_SESSION['user_pass'])) {
header('Location:' . get_referer_link());
exit;
}
if (empty($_SESSION['referer'])) {
$referer = get_referer_link();
$_SESSION['referer'] = false === strstr($referer, 'module=login') ? $referer : get_home_link();
}
$AVE_Template->config_load($this->_lang_file, 'registernew');
define('MODULE_SITE', $AVE_Template->get_config_vars('LOGIN_TEXT_REGISTER'));
if ($this->_loginSettingsGet('login_antispam')) {
define('ANTISPAM', 1);
}
switch ($this->_loginSettingsGet('login_status')) {
case '1':
switch ($_REQUEST['sub']) {
case 'register':
$error = array();
$_POST['user_name'] = !empty($_POST['user_name']) ? trim($_POST['user_name']) : '';
$_POST['reg_email'] = !empty($_POST['reg_email']) ? trim($_POST['reg_email']) : '';
$_POST['reg_email_return'] = !empty($_POST['reg_email_return']) ? trim($_POST['reg_email_return']) : '';
// ЛОГИН
if (empty($_POST['user_name'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_L_EMPTY');
} elseif (!ctype_alnum($_POST['user_name'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LOGIN');
} elseif ($this->_loginUserNameExistsCheck($_POST['user_name'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_L_INUSE');
}
// EMAIL
if (empty($_POST['reg_email'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_EM_EMPTY');
} elseif (!preg_match($this->_regex_email, $_POST['reg_email'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_EMAIL');
} else {
if ($this->_loginEmailExistCheck($_POST['reg_email'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_INUSE');
}
if (!$this->_loginEmailDomainInBlacklistCheck($_POST['reg_email'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_DOMAIN_FALSE');
}
if (!$this->_loginEmailInBlacklistCheck($_POST['reg_email'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_EMAIL_FALSE');
}
}
// ПАРОЛЬ
if (empty($_POST['reg_pass'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_PASS');
} elseif (mb_strlen($_POST['reg_pass']) < 5) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_SHORT_PASS');
} elseif (preg_match($this->_regex, $_POST['reg_pass'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_SYM_PASS');
}
// ИМЯ
if ($this->_loginFieldIsRequired('login_require_firstname') && empty($_POST['reg_firstname'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_FN_EMPTY');
}
if (!empty($_POST['reg_firstname']) && preg_match($this->_regex, $_POST['reg_firstname'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_FIRSTNAME');
}
// ФАМИЛИЯ
if ($this->_loginFieldIsRequired('login_require_lastname') && empty($_POST['reg_lastname'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LN_EMPTY');
}
if (!empty($_POST['reg_lastname']) && preg_match($this->_regex, $_POST['reg_lastname'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LASTNAME');
}
// КАПЧА
if (defined("ANTISPAM")) {
if (empty($_POST['reg_secure'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WROND_E_SCODE');
} elseif (!(isset($_SESSION['captcha_keystring']) && $_POST['reg_secure'] == $_SESSION['captcha_keystring'])) {
$error[] = $AVE_Template->get_config_vars('LOGIN_WROND_SCODE');
}
unset($_SESSION['captcha_keystring']);
}
if (count($error)) {
$AVE_Template->assign('errors', $error);
if (defined('ANTISPAM')) {
$AVE_Template->assign('im', 1);
}
$this->_loginRequiredFieldFetch();
$AVE_Template->assign('available_countries', get_country_list(1));
define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register.tpl'));
} else {
$status = 0;
$emailcode = md5(rand(100000, 999999));
switch ($this->_loginSettingsGet('login_reg_type')) {
case 'now':
$email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_1'));
$email_body = str_replace("%NAME%", $_POST['user_name'], $email_body);
$email_body = str_replace("%HOST%", get_home_link(), $email_body);
$email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body);
$email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body);
$status = 1;
$link = $this->_reg_now;
break;
case 'email':
$email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_2') . $AVE_Template->get_config_vars('LOGIN_MESSAGE_3'));
$email_body = str_replace("%NAME%", $_POST['user_name'], $email_body);
$email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body);
$email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body);
$email_body = str_replace("%REGLINK%", get_home_link() . "index.php" . "?module=login" . "&action=register" . "&sub=registerfinal" . "&emc=" . $emailcode, $email_body);
$email_body = str_replace("%HOST%", get_home_link(), $email_body);
$email_body = str_replace("%CODE%", $emailcode, $email_body);
$link = $this->_reg_email;
break;
case 'byadmin':
$email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_2') . $AVE_Template->get_config_vars('LOGIN_MESSAGE_4'));
$email_body = str_replace("%NAME%", $_POST['user_name'], $email_body);
$email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body);
$email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body);
$email_body = str_replace("%HOST%", get_home_link(), $email_body);
$link = $this->_reg_admin;
break;
}
$bodytoadmin = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_5'));
$bodytoadmin = str_replace("%NAME%", $_POST['user_name'], $bodytoadmin);
$bodytoadmin = str_replace("%EMAIL%", $_POST['reg_email'], $bodytoadmin);
$salt = make_random_string();
$md5_pass_salt = md5(md5($_POST['reg_pass'] . $salt));
$AVE_DB->Query("\r\n\t\t\t\t\t\t\t\tINSERT\r\n\t\t\t\t\t\t\t\tINTO " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tId = '',\r\n\t\t\t\t\t\t\t\t\tuser_name = '" . $_POST['user_name'] . "',\r\n\t\t\t\t\t\t\t\t\tpassword = '******',\r\n\t\t\t\t\t\t\t\t\tfirstname = '" . $_POST['reg_firstname'] . "',\r\n\t\t\t\t\t\t\t\t\tlastname = '" . $_POST['reg_lastname'] . "',\r\n\t\t\t\t\t\t\t\t\tuser_group = '" . $this->_newuser_group . "',\r\n\t\t\t\t\t\t\t\t\treg_time = '" . time() . "',\r\n\t\t\t\t\t\t\t\t\tstatus = '" . (int) $status . "',\r\n\t\t\t\t\t\t\t\t\temail = '" . $_POST['reg_email'] . "',\r\n\t\t\t\t\t\t\t\t\temc = '" . addslashes($emailcode) . "',\r\n\t\t\t\t\t\t\t\t\tcountry = '" . strtoupper($_POST['country']) . "',\r\n\t\t\t\t\t\t\t\t\treg_ip = '" . addslashes($_SERVER['REMOTE_ADDR']) . "',\r\n\t\t\t\t\t\t\t\t\ttaxpay = '1',\r\n\t\t\t\t\t\t\t\t\tcompany = '" . @$_POST['company'] . "',\r\n\t\t\t\t\t\t\t\t\tsalt = '" . addslashes($salt) . "'\r\n\t\t\t\t\t\t\t");
if ($status == 1) {
$_SESSION['user_id'] = $AVE_DB->InsertId();
$_SESSION['user_name'] = get_username(stripslashes($_POST['user_name']), stripslashes($_POST['reg_firstname']), stripslashes($_POST['reg_lastname']));
$_SESSION['user_email'] = $_POST['reg_email'];
$_SESSION['user_pass'] = $md5_pass_salt;
$_SESSION['user_group'] = $this->_newuser_group;
$_SESSION['user_country'] = strtoupper($_POST['country']);
$_SESSION['user_ip'] = addslashes($_SERVER['REMOTE_ADDR']);
}
$SystemMail = get_settings('mail_from');
$SystemMailName = get_settings('mail_from_name');
send_mail($SystemMail, $bodytoadmin, $AVE_Template->get_config_vars('LOGIN_SUBJECT_ADMIN'), $SystemMail, $SystemMailName, 'text');
send_mail($_POST['reg_email'], $email_body, $AVE_Template->get_config_vars('LOGIN_SUBJECT_USER'), $SystemMail, $SystemMailName, 'text');
header('Location:' . $link);
exit;
}
break;
case 'thankyou':
$AVE_Template->config_load($this->_lang_file);
define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_thankyou.tpl'));
break;
case 'registerfinal':
if (isset($_REQUEST['emc']) && $_REQUEST['emc'] != '') {
$row = $AVE_DB->Query("\r\n\t\t\t\t\t\t\t\tSELECT *\r\n\t\t\t\t\t\t\t\tFROM " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\tWHERE emc = '" . $_REQUEST['emc'] . "'\r\n\t\t\t\t\t\t\t")->FetchRow();
if ($row) {
// $AVE_Template->assign('reg_type', $reg_type);
$AVE_Template->assign('final', 'ok');
$AVE_DB->Query("\r\n\t\t\t\t\t\t\t\t\tUPDATE " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\t\tSET status = '1'\r\n\t\t\t\t\t\t\t\t\tWHERE emc = '" . $_REQUEST['emc'] . "'\r\n\t\t\t\t\t\t\t\t");
$_SESSION['user_id'] = $row->Id;
$_SESSION['user_pass'] = $row->password;
$_SESSION['user_email'] = $row->email;
$_SESSION['user_name'] = get_username($row->user_name, $row->firstname, $row->lastname);
$_SESSION['user_ip'] = addslashes($_SERVER['REMOTE_ADDR']);
$_SESSION['user_group'] = $this->_newuser_group;
}
}
define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_final.tpl'));
break;
case 'thankadmin':
$AVE_Template->config_load($this->_lang_file);
define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_admin.tpl'));
break;
case '':
default:
if (defined('ANTISPAM')) {
$AVE_Template->assign('im', 1);
}
$this->_loginRequiredFieldFetch();
$AVE_Template->assign('available_countries', get_country_list(1));
define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register.tpl'));
break;
}
break;
case '0':
define('MODULE_CONTENT', $AVE_Template->get_config_vars('LOGIN_NOT_ACTIVE'));
break;
}
}
function showBasket()
{
global $AVE_Template;
if (isset($_REQUEST['refresh']) && $_REQUEST['refresh'] == 1) {
if (isset($_POST['del_product']) && is_array($_POST['del_product'])) {
foreach ($_POST['del_product'] as $id => $Artikel) {
unset($_SESSION['Product'][$id]);
}
header('Location:' . get_referer_link());
exit;
}
if (isset($_POST['amount']) && is_array($_POST['amount'])) {
foreach ($_POST['amount'] as $id => $Artikel) {
if ($Artikel >= 1) {
$_SESSION['Product'][$id] = $Artikel;
}
}
header('Location:' . get_referer_link());
exit;
}
}
$this->_globalProductInfo();
$AVE_Template->assign('VatZones', $this->_showVatZones());
$tpl_out = $AVE_Template->fetch($GLOBALS['mod']['tpl_dir'] . $this->_shop_basket_tpl);
define('MODULE_CONTENT', $tpl_out);
define('MODULE_SITE', $GLOBALS['mod']['config_vars']['PageName'] . $GLOBALS['mod']['config_vars']['PageSep'] . $GLOBALS['mod']['config_vars']['ShopBasket']);
}
