/**
* リクエストからログイン処理をおこなう
*
* @param bool $is_save_cookie クッキーの保存期限を設定するかどうか
* @return bool
*/
function login($is_save_cookie = false)
{
$this->auth =& $this->factory(true);
if ($this->is_lowercase_username) {
$this->auth->post[$this->auth->_postUsername] = strtolower($this->auth->post[$this->auth->_postUsername]);
}
if ($this->is_encrypt_username) {
$this->auth->post[$this->auth->_postUsername] = t_encrypt($this->auth->post[$this->auth->_postUsername]);
}
$this->auth->start();
if ($this->auth->getAuth()) {
if (OPENPNE_SESSION_CHECK_URL) {
$this->auth->setAuthData('OPENPNE_URL', OPENPNE_URL);
}
if ($this->is_check_user_agent) {
$this->auth->setAuthData('USER_AGENT', $_SERVER['HTTP_USER_AGENT']);
}
$this->sess_id = session_id();
if (!$this->is_ktai) {
if ($is_save_cookie) {
$expire = time() + 2592000;
// 30 days
} else {
$expire = 0;
}
setcookie(session_name(), session_id(), $expire, $this->cookie_path);
}
return true;
} else {
return false;
}
}
/**
* Uses PEAR's Auth class to authenticate the user against a container.
* This allows us to use LDAP, a different database or some other
* external system.
*
* @param string $username Username to check
* @param string $password Password to check
*
* @return boolean If the user has been successfully authenticated or not
*/
public function loginAuth($username, $password)
{
$this->auth->post = array('username' => $username, 'password' => $password);
$this->auth->start();
if (!$this->auth->checkAuth()) {
return false;
}
//put user in database
if (!$this->getUserByUsername($username)) {
$this->addUser($username, $password, $username . $GLOBALS['authEmailSuffix']);
}
return true;
}
/**
* Starts and verifies the PEAR::Auth login process
*
* @return boolean true upon success or false on failure
*
* @access private
*/
function readUserData()
{
$this->pearAuth->start();
// If a user was found, read data into class variables and set
// return value to true
if (!$this->pearAuth->getAuth()) {
return null;
}
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
$this->propertyValues['is_active'] = true;
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['lastlogin'] = '';
return true;
}
/**
* Reads user data from the given data source
* Starts and verifies the PEAR::Auth login process
*
* @param string user handle
* @param string user password
* @param bool|int if the user data should be read using the auth user id
* @return bool true on success or false on failure
*
* @access public
*/
function readUserData($handle = '', $passwd = '', $auth_user_id = false)
{
$this->pearAuth->username = $auth_user_id !== false ? $auth_user_id : $handle;
$this->pearAuth->password = $passwd;
$this->pearAuth->start();
if (!$this->pearAuth->getAuth()) {
return null;
}
// User was found, read data into class variables and set return value to true
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
if (!array_key_exists('is_active', $this->tables['users']['fields'])) {
$this->propertyValues['is_active'] = true;
}
if (!array_key_exists('lastlogin', $this->tables['users']['fields'])) {
$this->propertyValues['lastlogin'] = null;
}
return true;
}
/**
* Methode zur Prüfung ob der Nutzer eingeloggt ist. Ist dies nicht der Fall, wird der link zum einloggen
* andernfalls wird der zum Ausloggen angezeigt.
* @param object $template Verweis auf das Template-Objekt, das in der index.php erzeugt wird.
* @param string $dns der DNS-String, der für die Datenbankabfrage benötigt wird.
*/
function checkLogin(&$template, $dsn)
{
if (empty($_SESSION['_authsession'])) {
$authParams = array('dsn' => $dsn, 'table' => 'user', 'usernamecol' => 'nickname', 'passwordcol' => 'password', 'cryptType' => '', 'db_fields' => '*');
# welche Felder sollen in $_SESSION[auth][data] gespeichert werden; ich will alle <g>
$auth = new Auth('DB', $authParams, 'User::loginFunction(false)', false);
$auth->start();
}
if (is_null($_SESSION["_authsession"]) & is_null($_REQUEST['username'])) {
$login = $_SESSION['translate']->it("LOGIN");
$template->setVariable("LOGIN", "<td><a href=\"index.php?op=login\">" . $login . "</a></td>");
}
// if (is_null($_SESSION["_authsession"]) & !is_null($_REQUEST['username'])) {
// User::loginFunction(false);
// $template->setVariable("LOGIN_FORM", User::loginFunction(false));
// $template->setVariable("CONTENT", "Login failed");
// }
if (!is_null($_SESSION["_authsession"])) {
$logout = $_SESSION['translate']->it("LOG_OFF");
$template->setVariable("LOGOUT", "<td><a href=\"index.php?op=logout\">" . $logout . " (" . $_SESSION['_authsession']['username'] . ")</a></td>");
}
}
public function getUserInterface($params = null)
{
switch (@$_REQUEST['section']) {
/*
*
* Publicly Accesscable Pages
*
*/
case 'signup':
$this->template = 'account_signup.tpl';
$this->addJS('/modules/User/js/profile.js');
if (!($form = $this->getUserAddEditForm('/user/signup'))) {
break;
}
$form->setConstants(array('section' => 'signup'));
if (isset($_POST['a_submit']) && $form->validate()) {
$this->template = 'account_confirmed.tpl';
$_POST['username'] = $_POST['a_username'];
$_POST['password'] = $_POST['a_password'];
$_POST['doLogin'] = "******";
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
$auth->checkAuth();
header('Location: /user/');
}
$this->smarty->assign('form', $form);
return $this->smarty->fetch($this->template);
break;
case 'logout':
unset($_SESSION['authenticated_user']);
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->logout();
header('Location: /');
exit;
break;
default:
if ($_SESSION['authenticated_user']) {
header('Location: /');
exit;
}
return authInlineHTML();
}
}
include PATH_INCLUDE . 'constantes.inc.php';
error_reporting(E_ALL);
// Inclusion des bibliothèques de PEAR
$pear_path = realpath(PATH_INC_BACKEND . '../../pear');
ini_set('include_path', ini_get('include_path') . ':' . $pear_path);
require_once "Auth/Auth.php";
require_once "DB.php";
require_once "PEAR/ErrorStack.php";
// Paramètres pour la base de données
require_once PATH_INCLUDE . 'database.inc.php';
$DSN = "mysql://{$dbuser}:{$dbpass}@{$dbhost}/{$dbbase}";
// Identification de l'utilisateur
$options = array('table' => 'uti_utilisateur', 'usernamecol' => 'uti_login', 'passwordcol' => 'uti_password', 'dsn' => $DSN);
require_once PATH_INC_BACKEND . 'logon.php';
$openwebAuth = new Auth("DB", $options, 'ow_html_login_box', true);
$openwebAuth->start();
if (isset($_GET['logon']) && $openwebAuth->getAuth()) {
$openwebAuth->logout();
unset($_SESSION['utilisateur']);
$openwebAuth->start();
}
if (!$openwebAuth->getAuth()) {
exit;
}
// Connexion à la base de données
$db = DB::Connect($DSN);
$db->setFetchMode(DB_FETCHMODE_ASSOC);
// Récuperation des données de l'utilisateur
if (!isset($_SESSION['utilisateur'])) {
require_once PATH_INC_BACKEND_SERVICE . 'UserManager.class.php';
$um = new UserManager($db);
public function getUserInterface($params = null)
{
switch (@$_REQUEST['section']) {
/*
*
* Publicly Accesscable Pages
*
*/
case 'signup':
//$_REQUEST['id'] = @$_SESSION["authenticated_user"]->getId();
$usr = new User();
$form = $usr->getUserAddEditForm("/user/signup/", false, false);
if (@$_REQUEST["user_created"]) {
//The user has been added
return "You have create a new user";
}
return $form->display();
$this->template = 'account_signup.tpl';
$this->addJS('/modules/User/js/profile.js');
if (!($form = $this->getUserAddEditForm('/user/signup'))) {
break;
}
$form->setConstants(array('section' => 'signup'));
if (isset($_POST['a_submit']) && $form->validate()) {
$this->template = 'account_confirmed.tpl';
$_POST['username'] = $_POST['a_username'];
$_POST['password'] = $_POST['a_password'];
$_POST['doLogin'] = "******";
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
$auth->checkAuth();
header('Location: /user/');
}
$this->smarty->assign('form', $form);
return $this->smarty->fetch($this->template);
break;
case 'logout':
unset($_SESSION['authenticated_user']);
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->logout();
header('Location: /');
exit;
break;
case 'forgotpass':
$form = new Form('frm_forgotpass', 'POST', "/user/forgotpass");
$form->addElement('header', 'via_username', 'Retrieve your password via email');
$form->addElement('text', 'username', 'Username');
$form->addElement('submit', 'submit', 'GO >>');
if ($form->validate() && isset($_REQUEST['submit'])) {
$usr = new User(@$_REQUEST["username"]);
if (!$usr->getId()) {
$form->addElement('static', 'error_msg', ' ', 'This username could not be found in our database');
return $form->display();
}
srand(time());
$randomPass = rand();
$this->smarty->assign('randomPass', $randomPass);
$body = $this->smarty->fetch('resetPasswordEmail.tpl');
$headers = "From: info@feedstore.ca";
$mailResult = mail($usr->getEmail(), "Your password has been reset", $body, $headers);
if ($mailResult) {
$usr->setPassword($randomPass);
$usr->save();
return "Your password has been changed and sent to your email address: " . $usr->getEmail();
} else {
return "Could not reset the password. Please contact the administrator of the site.";
}
}
return $form->display();
break;
case 'profile':
if (!@isset($_SESSION["authenticated_user"]) || !@$_SESSION["authenticated_user"]->getId()) {
header('location: /user/');
exit;
}
$_REQUEST['id'] = @$_SESSION["authenticated_user"]->getId();
$usr = new User();
$form = $usr->getUserAddEditForm("/user/profile", false, false);
if (@$_REQUEST["user_created"]) {
$_SESSION["authenticated_user"] = new User($_SESSION["authenticated_user"]->getId());
//Refresh the user in the session
}
return $form->display();
break;
default:
if (isset($_SESSION['authenticated_user']) && $_SESSION['authenticated_user']) {
$this->smarty->assign('username', $_SESSION['authenticated_user']->getUserName());
return $this->smarty->fetch('my_account.tpl');
}
return authInlineHTML();
}
}
echo '<form method="post" action="pruebaLogin.php">';
echo '<input type="submit" name="botonCerrarSesion" value="Cerrar sesión">';
echo '</form>';
}
function mensajeLogout()
{
echo '<h1>Ha cerrado sesión</h1>';
}
function mensajeLoginExitoso()
{
echo '<h1>Ha iniciado sesión</h1>';
}
function mensajeLoginFallido()
{
echo '<h1>No se pudo iniciar sesión</h1>';
}
$options = array("dsn" => "mysql://*****:*****@localhost/controlacceso", "table" => "usuario", "usernamecol" => "numeroDocumento", "passwordcol" => "password", "cryptType" => "sha1");
$autenticacion = new Auth("MDB2", $options, "formularioLogin");
$autenticacion->setLogoutCallback("mensajeLogout");
$autenticacion->setLoginCallback("mensajeLoginExitoso");
$autenticacion->setFailedLoginCallback("mensajeLoginFallido");
$autenticacion->start();
if ($autenticacion->checkAuth()) {
if (isset($_POST['botonCerrarSesion'])) {
$autenticacion->logout();
$autenticacion->start();
} else {
echo '<p>Logueado como: ' . $autenticacion->getUsername() . '</p>';
formularioLogout();
}
}
require_once $base_dir . '/classes/class_page.php';
require_once $base_dir . '/classes/class_cache.php';
$vars = array('title', 'keywords', 'description', 'padding_top', 'body');
$cache = new cache();
if ($cached = $cache->get()) {
foreach ($vars as $var) {
${$var} = $cached[$var];
}
} else {
// initialization
$db = new db();
$db->connect($dsn);
$db->msg = $msg;
// authentication & and logging
$auth = new Auth('MDB2', array('dsn' => $db->dsn, 'table' => "sys_user", 'usernamecol' => "user_id", 'passwordcol' => "pass_key"), 'login');
$auth->start();
$logger = new logger($db, $auth);
$logger->log();
// define mod
$mods = array('user', 'dictionary', 'glossary', 'home', 'doc', 'proverb', 'abbr', 'dict2');
$_GET['mod'] = strtolower($_GET['mod']);
if ($_GET['mod'] == 'dict') {
$_GET['mod'] = 'dictionary';
}
// backward
if ($_GET['mod'] == 'glo') {
$_GET['mod'] = 'glossary';
}
// backward
if (!in_array($_GET['mod'], $mods)) {
$_GET['mod'] = 'home';
public function getUserInterface($params)
{
//$this->setPageTitle('Feed Store');//Foreign Affair
$this->addCSS('/modules/Cart/css/cart.css');
$this->addJS('/modules/Cart/js/cart.js');
switch (@$params['action']) {
case 'add':
require_once 'include/CartBasket.php';
require_once 'include/CartProduct.php';
$item = new CartBasket();
$product = new CartProduct($params['productId']);
$price = 0;
if (isset($_REQUEST['att'])) {
$uniqid = uniqid(rand(), true);
$item->setProduct($params['productId'] . ':' . $uniqid);
$price = $item->getPrice();
foreach ($_REQUEST['att'] as $key => $newatt) {
$attribute = new CartProductAttribute($newatt);
$att = new CartBasketAttribute();
$att->setProduct($params['productId'] . ':' . $uniqid);
$att->setOptionsId($attribute->getOptionsId()->getId());
$att->setValueId($attribute->getValue()->getId());
$att->setValueText($attribute->getOptionsId()->getName() . ': ' . $attribute->getValue()->getName());
$price = $price + $attribute->getValuesPrice();
if (isset($_SESSION['authenticated_user'])) {
$att->setUser($_SESSION['authenticated_user']->getId());
$att->save();
}
}
} else {
$item->setProduct($params['productId']);
}
if ($product->getSpecials()) {
$price += $product->getSpecials()->getNew_products_price();
} else {
$price += $product->getPrice();
}
$item->setPrice($price);
if (isset($params['productQuantity'])) {
$item->setQuantity($params['productQuantity']);
} else {
$item->setQuantity(1);
}
if (isset($_SESSION['authenticated_user'])) {
$item->setUser($_SESSION['authenticated_user']->getId());
$item->save();
} else {
$_SESSION['cart_basket'][] = $item;
}
break;
case 'remove':
$item = @new CartBasket(@$_REQUEST['cartbasket_id']);
if (is_null($item->delete())) {
$tmp = array();
foreach ($_SESSION['cart_basket'] as &$item) {
if ($item->getProduct()->getId() != $_REQUEST['product_id']) {
$tmp[] = $item;
}
}
$_SESSION['cart_basket'] = $tmp;
}
break;
}
//var_dump($_REQUEST);
//echo $params['section'];exit;
switch ($params['section']) {
case 'search':
$items = CartProduct::searchProducts(@$_REQUEST["selSupplier"], @$_REQUEST["selCategory"], @$_REQUEST["selProductType"]);
$this->smarty->assign('products', $items);
return $this->smarty->fetch('store.tpl');
break;
case 'canCheckout':
/*Check to see if the user is ready to go to Paypal
* We should check the following:
* - The user is actually logged in
* - The price of the order is at least $250
* - The shipping address is present
* - The billing address is present
* - The shipping information is there (Canada Post or FedEx)
*/
$canCheckout = Module_Cart::canUserCheckout();
foreach ($canCheckout as $key => $value) {
$this->smarty->assign($key, $value);
}
$_SESSION['cart_checkout']['delivery_direction'] = @$_REQUEST["delivery_direction"];
return $this->smarty->fetch("canDoCheckOut.tpl");
break;
case 'cartdetail':
if (isset($_REQUEST['ship_type'])) {
$_SESSION['cart_checkout']['shipping'] = Shipping::factory($_REQUEST['ship_type']);
}
$this->setUpCartDetail();
return $this->smarty->fetch('cart_detail.tpl');
break;
case 'cart':
if (!isset($_SESSION['authenticated_user'])) {
//Reset all the shipping variables and addresses
$_SESSION['cart_checkout']['shipping'] = null;
$_SESSION['cart_checkout']['address']['billing_address'] = null;
$_SESSION['cart_checkout']['address']['shipping_address'] = null;
}
$this->setUpCartDetail();
$user = new User();
$form = $user->getUserAddEditForm('/store/checkout');
$form->removeElement('section');
$form->setConstants(array('account' => 'create'));
$form->addElement('hidden', 'account');
$this->smarty->assign('user_form', $form);
$this->smarty->assign('usernameexists', @$_REQUEST["usernameexists"]);
return $this->smarty->fetch('cart.tpl');
break;
case 'buyOrder':
//DO NOT UNCOMMENT THE FOLLOWING LINE UNLESS YOU WANT TO TEST THE PURCHASE OPERATION
//The following line buys the products that are in session. In other words, it bypasses Paypal.
$_SESSION['cart_checkout']['payment']->process();
case 'deliverydirections':
$_SESSION['cart_checkout']['delivery_direction'] = @$_REQUEST["delivery_direction"];
return $_SESSION['cart_checkout']['delivery_direction'];
break;
case 'checkout':
$_SESSION['cart_checkout']['order'] = null;
//Make sure to remove the old order (if any) from the session
$_SESSION['cart_checkout']['orderFailureReason'] = null;
//AND delete the previous failure reason
Module_Cart::initSessionVariables();
switch (@$_REQUEST['account']) {
case 'create':
$user = new User();
$form = $user->getUserAddEditForm();
if (@$_REQUEST["user_created"] == 1) {
$_POST["username"] = $_REQUEST["a_username"];
$_POST["password"] = $_REQUEST["a_password"];
$_POST["doLogin"] = "******";
$auth_container = new CMSAuthContainer();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
}
if (@$_REQUEST["username_already_exists"]) {
header('Location: /store/cart&usernameexists=1');
exit;
}
$_SESSION['authenticated_user'] = $user;
break;
}
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /store/cart');
exit;
}
//echo $_SESSION['authenticated_user']->getAddress()->getId() . "))))";exit;
$_SESSION['cart_checkout']['shipping'] = Shipping::factory('EAndA');
//Always set the shipping to EAndA
//The billing address of the order will be the addres of the user
$_SESSION['cart_checkout']['address']['billing_address'] = @$_SESSION['authenticated_user']->getAddress();
$_SESSION['cart_checkout']['address']['shipping_address'] = @$_SESSION['authenticated_user']->getShippingAddress();
$this->setUpCartDetail();
$this->addJS('/modules/Cart/js/cart.js');
$shipping = Shipping::getAllShippings();
if (isset($_SESSION['cart_checkout']['payment'])) {
$this->smarty->assign('payment_types', $_SESSION['cart_checkout']['payment']->getForm(Payment::getForm()));
} else {
$this->smarty->assign('payment_types', Payment::getForm());
}
if (isset($_SESSION['cart_checkout']['shipping'])) {
$this->smarty->assign('ship_types', $_SESSION['cart_checkout']['shipping']->getForm());
} else {
$this->smarty->assign('ship_types', Shipping::getForm());
}
if (!isset($_SESSION['cart_checkout']['address']['shipping_address'])) {
$_SESSION['cart_checkout']['address']['shipping_address'] = new Address();
}
$this->smarty->assign('ship_address', $_SESSION['cart_checkout']['address']['shipping_address']);
if (!isset($_SESSION['cart_checkout']['address']['billing_address'])) {
$_SESSION['cart_checkout']['address']['billing_address'] = new Address();
}
$this->smarty->assign('bill_address', $_SESSION['cart_checkout']['address']['billing_address']);
$this->smarty->assign('shipping_types', $shipping);
$delivery_direction = @$_SESSION['cart_checkout']['delivery_direction'];
$this->smarty->assign('delivery_direction', $delivery_direction);
return $this->smarty->fetch('cart_checkout_address.tpl');
break;
case 'payment':
//$this->addJS('/modules/Cart/js/cart.js');
$payment = $_SESSION['cart_checkout']['payment'];
$form = $payment->getForm(Payment::getForm());
if ($form->validate() && $form->isSubmitted() && isset($_REQUEST['cart_submit'])) {
return $payment->complete($this->smarty);
} else {
return '<div id="pay_form">' . $form->display() . '</div>';
}
break;
case 'payform':
if (!isset($_REQUEST['pay_type'])) {
$_REQUEST['pay_type'] = "Paypal";
}
if (isset($_REQUEST['pay_type'])) {
$_SESSION['cart_checkout']['payment'] = Payment::factory($_REQUEST['pay_type']);
}
$form = Payment::getForm();
return $_SESSION['cart_checkout']['payment']->getForm($form)->display();
//return Payment::getForm($form)->display();
break;
case 'address':
//No need to set the ID of the address to null.
//$_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]->setId(null);
if (@$_REQUEST["sameAsBilling"]) {
//The user has clicked on the link: "The shipping address is the same as the billing address"
//Copy the billing address object to the shipping address object
//Make sure we're not assigning pointers
$_SESSION['cart_checkout']['address']["shipping_address"]->copy($_SESSION['cart_checkout']['address']["billing_address"]);
}
if ($_REQUEST['adr_type'] == "shipping_address") {
$this->smarty->assign('sameAsBilling', "1");
}
$form = $_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]->getAddEditForm($_REQUEST['adr_type']);
$form->addElement('submit', 'submit', 'Submit');
$form->updateAttributes(array('action' => '/store/address'));
$form->setConstants(array('adr_type' => $_REQUEST['adr_type']));
$form->addElement('hidden', 'adr_type');
if (isset($_REQUEST['submit'])) {
$this->smarty->assign('address', $_SESSION['cart_checkout']['address'][$_REQUEST['adr_type']]);
$this->smarty->assign('adr_type', $_REQUEST['adr_type']);
/***************************************
* The following lines are important.
* Even though the billing address ID is stored in the user's object and there is no need to re-assign it
* The old users have that ID set to zero. So, we need to change that to the ID of the billing address
*/
if ($_REQUEST['adr_type'] == "billing_address") {
$_SESSION['authenticated_user']->setAddress($_SESSION['cart_checkout']['address']["billing_address"]);
$_SESSION['authenticated_user']->save();
}
if ($_REQUEST['adr_type'] == "shipping_address") {
$_SESSION['authenticated_user']->setShippingAddress($_SESSION['cart_checkout']['address']["shipping_address"]);
$_SESSION['authenticated_user']->save();
}
return $this->smarty->fetch('cart_address_format.tpl');
} else {
return $form->display();
}
break;
case 'product':
$this->addJS('/modules/Cart/js/cart.js');
$this->addCSS('/modules/Cart/css/product.css');
$product = new CartProduct($params['page']);
/*
switch (@$_REQUEST['subsection']) {
case 'accessories':
$this->smarty->assign('products', $product->getAccessories());
$this->smarty->assign('section', 'accessories');
break;
default:
}
*/
$this->smarty->assign('product', $product);
return $this->smarty->fetch('cart_product.tpl');
break;
case 'productform':
$product = new CartProduct($params['productId']);
$form = $product->getAddToCartForm();
return $form->display();
break;
case 'manufacturer':
$this->addJS('/modules/Cart/js/cart.js');
$this->smarty->assign('threecol', true);
//$products = CartManufacturer::getProductsByManufacturer($params['page']);
require_once 'Pager.php';
$pagerOptions = array('mode' => 'Sliding', 'delta' => 3, 'perPage' => 8, 'append' => false, 'path' => '/store/manufacturer', 'fileName' => $params['page'] . "/%d", 'totalItems' => CartManufacturer::getCountCartManufacturer($params['page']));
$pager =& Pager::factory($pagerOptions);
list($from, $to) = $pager->getOffsetByPageId();
//$items = CartManufacturer::getCategoriesByManufacturer($params['page']);
$items = CartManufacturer::getProductsByManufacturer($params['page'], $from, $to);
$this->smarty->assign('pager_links', $pager->links);
$this->smarty->assign('page_numbers', array('current' => $pager->getCurrentPageID(), 'total' => $pager->numPages()));
$this->smarty->assign('products', $items);
$this->smarty->assign('manufacturer', new CartManufacturer($params['page']));
//$this->smarty->assign('products', $products);
return $this->smarty->fetch('store.tpl');
break;
case 'IPN':
Module_Cart::initSessionVariables();
require_once 'include/PaypalIPN.php';
require_once 'include/PaypalLog.php';
$pp = new PaypalIPN();
$process = $pp->checkOrder();
//This method returns either true in case the client actually paid for the products they asked for, or false in case the request didn't come from paypal OR the client didn't pay the right amount of money
if ($process) {
//Store the order
$_SESSION['cart_checkout']['payment']->process();
$this->sendEmail(true);
} else {
$this->sendEmail(false);
//Log a false IPN for security purposes
}
exit;
break;
case 'orderComplete':
if (@$_SESSION['cart_checkout']['order']->getId()) {
$this->smarty->assign('order', $_SESSION['cart_checkout']['order']);
$this->smarty->assign('address', $_SESSION['cart_checkout']['address']['shipping_address']);
$this->smarty->assign('shippingCost', $this->getShipping());
return $this->smarty->fetch('orderComplete.tpl');
} else {
$this->smarty->assign('reason', @$_SESSION['cart_checkout']['orderFailureReason']);
return $this->smarty->fetch('orderNotComplete.tpl');
}
break;
case 'suppliers':
$items = CartManufacturer::getAllCartManufacturers();
$this->smarty->assign('suppliers', $items);
return $this->smarty->fetch('store.tpl');
break;
case 'myorders':
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /user/');
exit;
}
$this->addCSS('/modules/Cart/css/cart.css');
$this->addCSS('/css/facebox.css');
$this->addJS('/modules/Cart/js/cart.js');
$this->addJS('/js/facebox.js');
$myOrders = CartOrder::getAllCartOrders($_SESSION['authenticated_user']->getId());
$this->smarty->assign('orders', $myOrders);
return $this->smarty->fetch('my_orders.tpl');
break;
case 'orderDetails':
//Only logged in users can view this page
if (!isset($_SESSION['authenticated_user'])) {
header('Location: /user/');
exit;
}
$order = new CartOrder(@$_REQUEST['cartorder_orders_id']);
if ($order->getCustomer()->getId() == $_SESSION['authenticated_user']->getId()) {
$this->smarty->assign('order', $order);
return $this->smarty->fetch('admin/order_details.tpl');
}
return "You have to login to see this order";
break;
case 'category':
default:
$this->addJS('/modules/Cart/js/cart.js');
$this->smarty->assign('threecol', true);
if (!isset($params['page'])) {
$cat_id = 0;
} else {
$cat_id = $params['page'];
}
$cats = CartCategory::getCartCategorys(array('parent_id' => $cat_id));
if (!isset($_REQUEST['subsection'])) {
// require_once 'Pager.php';
//
// $pagerOptions = array(
// 'mode' => 'Sliding',
// 'delta' => 3,
// 'perPage' => 10,
// 'append' => false,
// 'path' => '/store/category/',
// 'fileName' => $cat_id . "/%d",
// 'totalItems' => CartProduct::getCountCartProductsByCat($cat_id)
// );
// $pager =& Pager::factory($pagerOptions);
// list($from, $to) = $pager->getOffsetByPageId();
$items = CartProduct::getCategoryProducts($cat_id);
// $this->smarty->assign('pager_links', $pager->links);
// $this->smarty->assign(
// 'page_numbers', array(
// 'current' => $pager->getCurrentPageID(),
// 'total' => $pager->numPages()
// )
// );
} else {
if ($_REQUEST['subsection'] == 'manufacturer') {
$items = CartProduct::getCategoryProducts($cat_id);
$arr = array();
foreach ($items as $item) {
if ($item->getManufacturer()->getId() == $_REQUEST['subpage']) {
$arr[] = $item;
}
}
$items = $arr;
}
$this->smarty->assign('manufacturer', new CartManufacturer($_REQUEST['subpage']));
}
$arr = array();
//foreach ($items as $itm) {
// if (count($itm->getAccessoryOf()) == 0) {
// $arr[] = $itm;
// }
//}
//$items = $arr;
$this->smarty->assign('products', $items);
// stuff
//$products = CartProduct::getCategoryProducts($cat_id);
$this->smarty->assign('categories', $cats);
$this->smarty->assign('cur_cat', new CartCategory($cat_id));
//$this->smarty->assign('products', $products);
return $this->smarty->fetch('store.tpl');
}
}
public function start()
{
$this->log(__METHOD__ . "[" . __LINE__ . "]: called.", AUTH_LOG_DEBUG, true);
if ($this->session['_storage_driver'] == '') {
$this->log(__METHOD__ . "[" . __LINE__ . "]: faild: No storage defined.", AUTH_LOG_DEBUG);
return false;
}
$this->log(__METHOD__ . "[" . __LINE__ . "]: Storage driver: {$this->session['_storage_driver']}", AUTH_LOG_DEBUG);
if ($this->options['options']['idleTime'] > 0) {
$this->setIdle($this->options['options']['idleTime']);
}
$this->storage_driver = $this->session['_storage_driver'];
$this->storage_options =& $this->session['_storage_options'];
parent::start();
return true;
}
public function getUserInterface($params = null)
{
include 'include/CMSPage.php';
$this->smarty->assign('hasRestriction', $this->hasRestriction());
$page = new CMSPage($_REQUEST['page']);
$rev = $page->getActiveRevisions($_SESSION['lang']);
if ($page->getAccess() != 'public' && $this->hasRestriction()) {
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
if (!$auth->checkAuth()) {
return authInlineHTML();
} else {
if ($page->getAccess() != 'public' && $_SESSION['authenticated_user']->hasPerm('membersaccess')) {
$this->smarty->assign('content_perms', true);
} else {
$this->smarty->assign('content_perms', false);
}
}
} else {
$this->smarty->assign('content_perms', true);
}
$metaData = $rev->getMetaData();
$this->smarty->assign('content', $rev);
$this->setMetaDescription($metaData['description']);
$this->setMetaTitle($metaData['title']);
$this->setMetaKeywords($metaData['keywords']);
$this->setPageTitle($rev->getPageTitle());
return $this->smarty->fetch('db:content.tpl');
}
break;
case -5:
$errro = "Security Issue. Please login again";
break;
default:
$error = "Authentication Issue. Please report to Admin";
}
if (isset($error)) {
$templateEngine->assign("error", $error);
}
$templateEngine->displayPage('usermin_login.tpl');
exit;
}
$DatabaseConnections = new DatabaseConnections();
$Usermin = new DatabaseUsermin($DatabaseConnections->getRadiusDB());
$options = array('cryptType' => 'none', 'users' => $Usermin->getUsers());
$Auth = new Auth("Array", $options, "loginForm");
$Auth->setSessionName("GRASE Usermin");
$Auth->setAdvancedSecurity(array(AUTH_ADV_USERAGENT => true, AUTH_ADV_IPCHECK => true, AUTH_ADV_CHALLENGE => false));
$Auth->setIdle(120);
$Auth->start();
if (!$Auth->checkAuth()) {
echo "Should never get here";
// THIS CODE SHOULD NEVER RUN
exit;
} elseif (isset($_GET['logoff'])) {
$Auth->logout();
$Auth->start();
} else {
$templateEngine->assign("LoggedInUsername", $Auth->getUsername());
}
/**
* Manage the accounts of the shoppers
*
* This function allows the shoppers to manage their account
* They can change their profile (address, email, phone number, etc), or view all the orders that they made
*
* @return string
*/
public function handleMyAccount($action)
{
$auth_container = new User();
$auth = new Auth($auth_container, null, 'authInlineHTML');
$auth->start();
if (!$auth->checkAuth()) {
return authInlineHTML();
}
$userId = $_SESSION['authenticated_user']->getId();
switch ($action) {
case 'MyProfile':
//Display my profile
//It is easier to re-generate the profile form rather than using the original one
$form = new Form('user_profile', 'POST', '/Store/MyAccount/&action=MyProfile');
$form->addElement('static', 'a_username', 'Username');
$form->addElement('password', 'a_password', 'Password');
$form->addElement('password', 'a_password_confirm', 'Confirm Password');
$form->addElement('text', 'a_name', 'Full Name');
//$form->addElement( 'text', 'a_email', 'Email Address');
$form->addElement('checkbox', 'a_join_newsletter', 'Sign me up for your E-Newsletter');
$form->addElement('submit', 'a_submit', 'Save');
$user = new User($userId);
$defaultValues['a_username'] = $user->getUsername();
$defaultValues['a_name'] = $user->getName();
//$defaultValues ['a_email'] = $user->getEmail();
$defaultValues['a_password'] = null;
$defaultValues['a_password_confirm'] = null;
$defaultValues['a_join_newsletter'] = $user->getJoinNewsletter();
$form->setDefaults($defaultValues);
$form->addRule('a_name', 'Please enter the user\'s name', 'required', null);
//$form->addRule( 'a_email', 'Please enter an email address', 'required', null );
//$form->addRule( 'a_email', 'Please enter a valid email address', 'email', null );
$form->addRule(array('a_password', 'a_password_confirm'), 'The passwords do not match', 'compare', null);
if (isset($_REQUEST['a_submit']) && $form->validate()) {
if ($_REQUEST['a_password'] != '') {
$user->setPassword($_REQUEST['a_password']);
}
$user->setName($_REQUEST['a_name']);
if (!@$_REQUEST['a_join_newsletter']) {
$_REQUEST['a_join_newsletter'] = 0;
}
$user->setJoinNewsletter($_REQUEST['a_join_newsletter']);
//$user->setEmail($_REQUEST['a_email']);
$user->save();
$this->smarty->assign('profileHasBeenChanged', 1);
}
$this->smarty->assign('form', $form);
//After displaying the "standard" user profile, display all the extra fields such as shipping address, billing address, and phone number
$userDetails = UserDetails::getUserDetailsBasedOnUserId($userId);
$this->smarty->assign('userDetails', $userDetails);
return $this->smarty->fetch("MyProfile.tpl");
break;
case 'MyOrders':
//Display all the orders that this user has made, and display the details of a particular order through an ajax call
if (@$_REQUEST["order_id"]) {
$order = new Order($_REQUEST["order_id"]);
if ($order->getUser() != $userId) {
//Make sure users cannot view orders that do not belong to them
return 'Order does not belong to you';
}
$orderItems = OrderDetail::getAll($_REQUEST["order_id"]);
$orderComments = OrderComment::getAll($order->getId());
$this->smarty->assign('order', $order);
$this->smarty->assign('orderItems', $orderItems);
$this->smarty->assign('orderComments', $orderComments);
return $this->smarty->fetch("admin/OrderDetail.tpl");
}
$this->addJS('/js/facebox.js');
$this->addCSS('/css/facebox.css');
$results = Order::getAll(true, $userId);
$this->smarty->assign('results', $results);
return $this->smarty->fetch("MyOrders.tpl");
break;
}
return $this->smarty->fetch("MyAccount.tpl");
}
<?php
session_start();
define('_REQ', TRUE);
header("Content-Type: text/html; charset=utf-8");
require_once 'defines.php';
require_once _DIR . 'config.php';
require_once _ENGINE . 'db.php';
$Db = new DataBase($_CONF);
require_once _ENGINE . 'Auth.class.php';
$Auth = new Auth($Db);
if ($_POST['login'] && $_POST['password']) {
$Auth->start($_POST['login'], $_POST['password']);
}
if ($Auth->isAuth()) {
$User = $Auth->getUser();
require_once _TEMPLATE . 'admin.php';
} else {
require_once _ADMIN . 'auth.php';
}
<?php
require_once "Auth.php";
require_once "DB.php";
require_once "config.php";
require_once "Misc.php";
$a = new Auth("DB", CONN_DSN);
$a->start();
if (!$a->checkAuth()) {
exit;
}
$db =& DB::connect(CONN_DSN);
if (PEAR::isError($db)) {
print $db->getMessage();
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<title>Наш сайт</title>
<link rel="stylesheet" type="text/css" href="styles/Panel.css">
<link rel="stylesheet" type="text/css" href="scripts/Tree/Tree.css">
<script src="scripts/glm-ajax.js"></script>
<script src="scripts/Tree/Tree.js"></script>
<script src="scripts/jquery.js"></script>
<script src="scripts/interface.js"></script>
</head>
<body onselectstart="return false;">
/**
* Main method called by OBM to launch authentication process.
* A flag is stored into user session, to prevent from infinite loop
* due to infinite redirection via HTTP header location.
*/
function start ()
{
global $obm, $auth;
// The following function stops itself, when user is not logged in.
// In this case, authentication form should be display instead.
parent::start();
// Here, user is logged in.
if (!isset($_SESSION['lemonldap_auth']))
{
$_SESSION['lemonldap_auth'] = true;
$url_proto = 'http' . (strcasecmp($_SERVER["HTTPS"], 'on') == 0 ? 's' : '') . '://';
$url_domain = $_SERVER["HTTP_HOST"];
$url_query = $_SERVER["REQUEST_URI"];
$url = $url_proto . $url_domain . $url_query;
header('location: ' . $url);
}
return true;
}
