/* checking the password validity */ if ($ACTION == OP_NEW_USER or !empty($_POST['f_password'])) { if ($_POST['f_password'] != $_POST['f_password2']) { $errs[] = 'The two passwords you entered did not match. Please make sure there is the same value in both password fields'; } elseif (strlen($_POST['f_password']) < 6) { $errs[] = 'Your password must be 6 or more characters long'; } elseif (isset($_POST['f_username']) && $_POST['f_password'] == $_POST['f_username']) { $errs[] = 'Your password cannot be the same as your username'; } } if (!count($errs)) { $pdb->autoCommit(false); // begin trans, because we have potential two stages here that each can fail validation if ($ACTION == OP_NEW_USER or $ACTION == OP_EDIT_PROFILE) { $vals = $fex->get_submitted_vals($_POST); PEAR::setErrorHandling(PEAR_ERROR_RETURN); /* make sure an INSERT is executed, and removes the sesskey too */ if ($ACTION == OP_NEW_USER) { $user->set_id(null); } $res = $user->store($vals); if (PEAR::isError($res) and $res->getCode() != DBCON_ZERO_EFFECT) { //"0 rows were changed" if ($res->getCode() == DB_ERROR_ALREADY_EXISTS) { $smarty->assign('DUPE_EMAIL', $vals['email']); } else { trigger_error($res->getMessage(), E_USER_ERROR); } } elseif ($ACTION == OP_NEW_USER) { // its a brand new user account, save login info and addr too
header("Location: cart.php"); trigger_error("Attempt to checkout with an empty cart.", E_USER_ERROR); exit; } $fex = new formex(); /* enter user shipping addr, and possibly new Anonymous user account */ if ($ACTION == OP_ADD_SHIP) { $pdb->autoCommit(false); // begin trans, because we have potential two stages here that each can fail validation /* they would like to proceed without choosing a password and such. Create an "anonymous" user object stub and log them in automatically */ if (CSHOP_ALLOW_ANON_ACCOUNT and $auth->has_bypass_flag()) { $user = cmClassFactory::getInstanceOf(CSHOP_CLASSES_USER, $pdb); $fex_anon_user = new formex(); $fex_anon_user->add_element($user->get_anon_colmap()); if (!($errs = $fex_anon_user->validate($_POST))) { $vals = $fex_anon_user->get_submitted_vals($_POST); $res = $user->create_anon_user('', $vals); if (PEAR::isError($res)) { trigger_error($res->getCode(), E_USER_ERROR); } $auth->force_preauth($user->get_id()); // magically logs them in with the new uid } } // save the comments on billing/shipping eitheway, its shared if (!empty($_POST['f_user_comments'])) { $cart->set_user_comment($_POST['f_user_comments']); } if (empty($errs) && !$cart->requires_shipping()) { $pdb->commit(); header("Location: {$_SERVER['PHP_SELF']}?billing\n");