<?php //logout if (isset($_REQUEST['logout'])) { unset($_SESSION['log']); unset($_SESSION['pass']); session_unregister('log'); session_unregister('pass'); cartClearCartContet(); RedirectJavaScript('/'); } //login if (isset($_POST["login"]) && !isset($_SESSION["log"])) { if (regAuthenticate($_POST["user_login"], $_POST["user_pw"])) { $relaccess = checklogin(); if (isset($_POST['check_order'])) { $cartIsEmpty = cartCartIsEmpty($_POST['user_login']); if ($cartIsEmpty) { Redirect('index.php?order2_shipping=yes&shippingAddressID=' . regGetDefaultAddressIDByLogin($_SESSION['log'])); } else { Redirect('index.php?shopping_cart=yes&make_more_exact_cart_content=yes'); } } else { if (in_array(100, $relaccess)) { Redirect(ADMIN_FILE); } else { Redirect("index.php?user_details=yes"); } } } else { $wrongLoginOrPw = true;
$registerResult = regRegisterCustomer($login, $cust_password, $Email, $first_name, $last_name, $subscribed4news, $additional_field_values, $affiliationLogin); if ($registerResult) { if (isset($order)) { $addressID = regAddAddress($receiver_first_name, $receiver_last_name, $countryID, $zoneID, $state, $city, $address, $login, $errorCode); $billingAddressID = $addressID; if (!isset($_POST["billing_address_check"])) { $billingAddressID = regAddAddress($payer_first_name, $payer_last_name, $billingCountryID, $billingZoneID, $billingState, $billingCity, $billingAddress, $login, $errorCode); } regSetDefaultAddressIDByLogin($login, $addressID); } else { $addressID = regAddAddress($first_name, $last_name, $countryID, $zoneID, $state, $city, $address, $login, $errorCode); regSetDefaultAddressIDByLogin($login, $addressID); } regEmailNotification($smarty_mail, $login, $cust_password, $Email, $first_name, $last_name, $subscribed4news, $additional_field_values, $countryID, $zoneID, $state, $city, $address, 0); if (!CONF_ENABLE_REGCONFIRMATION) { regAuthenticate($login, $cust_password); } $RedirectURL = ''; if (isset($order)) { if (isset($billingAddressID)) { $RedirectURL = "index.php?order2_shipping=yes&shippingAddressID=" . regGetDefaultAddressIDByLogin($login) . "&defaultBillingAddressID=" . $billingAddressID; } else { $RedirectURL = "index.php?order2_shipping=yes&shippingAddressID=" . regGetDefaultAddressIDByLogin($login); } } elseif (isset($order_without_billing_address)) { $RedirectURL = "index.php?order2_shipping=yes&shippingAddressID=" . regGetDefaultAddressIDByLogin($login); } else { $RedirectURL = "index.php?r_successful=yes"; } if (CONF_ENABLE_REGCONFIRMATION && (isset($order) || isset($order_without_billing_address))) { xSaveData('xREGMAILCONF_URLORDER2', $RedirectURL);
} else { if ($param_value[0] == "order_time") { $order_time = base64_decode($param_value[1]); } } } } } } } if (isset($_POST["remind_password"])) { regSendPasswordToUser($_POST["login_to_remind_password"], $smarty_mail); } $authenticateError = false; if (isset($_POST["submitLoginAndPassword"])) { $authenticateError = !regAuthenticate($_POST["login"], $_POST["password"]); } //authorized login check $relaccess = checklogin(); if (!isset($customerID)) { $customerID = 0; } if (!isset($_SESSION["log"]) && $customerID != -1) { //unauthorized ?> <form name='MainForm' method=POST> <table> <?php if ($authenticateError) { ?> <tr>
<?php if (isset($_GET['act_customer']) && CONF_ENABLE_REGCONFIRMATION) { $ActErr = false; if (isset($_GET['act_code'])) { if ($_GET['act_code']) { $sql = 'SELECT customerID, Login, cust_password FROM ' . CUSTOMERS_TABLE . ' WHERE ActivationCode="' . xEscapeSQLstring($_GET['act_code']) . '" AND ActivationCode!="" AND ActivationCode IS NOT NULL'; $Result = db_query($sql); $Customer = db_fetch_row($Result); if (isset($Customer['Login']) && $Customer['Login']) { regActivateCustomer($Customer['customerID']); regAuthenticate($Customer['Login'], cryptPasswordDeCrypt($Customer['cust_password'], null)); if (isset($_GET['order2']) && xDataExists('xREGMAILCONF_URLORDER2')) { Redirect(xPopData('xREGMAILCONF_URLORDER2')); } else { Redirect(set_query('&act_code=&act_ok=1')); } } else { $smarty->hassign('ActCode', $_GET['act_code']); $ActErr = true; } } else { $ActErr = true; } } if (isset($_GET['act_ok'])) { $smarty->assign('ActOk', 1); } if (isset($_GET['notact'])) {
define("CURRENCY_WSHOW", $all_currencies[$current_currency]['where2show']); //$selected_currency_details = $all_currencies[$current_currency]; if (isset($_GET["do"])) { if (in_array($_GET["do"], array("invoice", "invoice_jur", "invoice_phys", "configurator", "wishcat", "wishlist", "wishprod", "get_file"))) { include "core/includes/processor/" . $_GET["do"] . ".php"; } else { header("HTTP/1.0 404 Not Found"); header("HTTP/1.1 404 Not Found"); header("Status: 404 Not Found"); die(ERROR_404_HTML); } } else { $relaccess = checklogin(); if (CONF_BACKEND_SAFEMODE != 1 && (!isset($_SESSION["log"]) || !in_array(100, $relaccess))) { if (isset($_POST['user_login']) && isset($_POST['user_pw'])) { if (regAuthenticate($_POST['user_login'], $_POST['user_pw'])) { Redirect(set_query('&__tt=')); } die(ERROR_FORBIDDEN); } die(ERROR_FORBIDDEN); } $eaction = isset($_REQUEST['eaction']) ? $_REQUEST['eaction'] : ''; switch ($eaction) { case 'cat': if (isset($_SESSION["log"])) { $admintempname = $_SESSION["log"]; } //get new orders count $q = db_query("select count(*) from " . ORDERS_TABLE . " WHERE statusID=" . (int) CONF_NEW_ORDER_STATUS); $n = db_fetch_row($q);