require_once DIR_FS_INC . 'vam_image_button.inc.php'; require_once DIR_FS_INC . 'vam_validate_password.inc.php'; if (isset($_SESSION['affiliate_id'])) { vam_redirect(vam_href_link(FILENAME_AFFILIATE_SUMMARY, '', 'SSL')); } if (isset($_GET['action']) && $_GET['action'] == 'process') { $affiliate_username = vam_db_prepare_input($_POST['affiliate_username']); $affiliate_password = vam_db_prepare_input($_POST['affiliate_password']); // Check if username exists $check_affiliate_query = vam_db_query("select affiliate_id, affiliate_firstname, affiliate_password, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . vam_db_input($affiliate_username) . "'"); if (!vam_db_num_rows($check_affiliate_query)) { $_GET['login'] = '******'; } else { $check_affiliate = vam_db_fetch_array($check_affiliate_query); // Check that password is good if (!vam_validate_password($affiliate_password, $check_affiliate['affiliate_password'])) { $_GET['login'] = '******'; } else { $_SESSION['affiliate_id'] = $check_affiliate['affiliate_id']; $date_now = date('Ymd'); vam_db_query("update " . TABLE_AFFILIATE . " set affiliate_date_of_last_logon = now(), affiliate_number_of_logons = affiliate_number_of_logons + 1 where affiliate_id = '" . $_SESSION['affiliate_id'] . "'"); vam_redirect(vam_href_link(FILENAME_AFFILIATE_SUMMARY, '', 'SSL')); } } } $breadcrumb->add(NAVBAR_TITLE, vam_href_link(FILENAME_AFFILIATE, '', 'SSL')); require DIR_WS_INCLUDES . 'header.php'; if (isset($_GET['login']) && $_GET['login'] == 'fail') { $info_message = 'true'; } else { $info_message = 'false';
$password_confirmation = vam_db_prepare_input($_POST['password_confirmation']); $error = false; if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR); } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR); } elseif ($password_new != $password_confirmation) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING); } if ($error == false) { $check_customer_query = vam_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $_SESSION['customer_id'] . "'"); $check_customer = vam_db_fetch_array($check_customer_query); if (vam_validate_password($password_current, $check_customer['customers_password'])) { vam_db_query("UPDATE " . TABLE_CUSTOMERS . " SET customers_password = '******', customers_last_modified=now() WHERE customers_id = '" . (int) $_SESSION['customer_id'] . "'"); vam_db_query("UPDATE " . TABLE_CUSTOMERS_INFO . " SET customers_info_date_account_last_modified = now() WHERE customers_info_id = '" . (int) $_SESSION['customer_id'] . "'"); $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success'); vam_redirect(vam_href_link(FILENAME_ACCOUNT, '', 'SSL')); } else { $error = true; $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING); } } } $breadcrumb->add(NAVBAR_TITLE_1_ACCOUNT_PASSWORD, vam_href_link(FILENAME_ACCOUNT, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2_ACCOUNT_PASSWORD, vam_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'SSL')); require DIR_WS_INCLUDES . 'header.php'; if ($messageStack->size('account_password') > 0) { $vamTemplate->assign('error', $messageStack->output('account_password'));
} else { vam_redirect(vam_href_link(FILENAME_SHOPPING_CART, '', 'SSL')); } } else { vam_redirect(vam_href_link(FILENAME_DEFAULT)); } } } else { // code falsch $info_message = TEXT_WRONG_CODE; // Login tries + 1 vam_db_query("update " . TABLE_CUSTOMERS . " SET login_tries = login_tries+1, login_time = now() WHERE customers_email_address = '" . vam_db_input($email_address) . "'"); } } else { // Check that password is good if (!vam_validate_password($password, $check_customer['customers_password'])) { $_GET['login'] = '******'; // Login tries + 1 vam_db_query("update " . TABLE_CUSTOMERS . " SET login_tries = login_tries+1, login_time = now() WHERE customers_email_address = '" . vam_db_input($email_address) . "'"); $info_message = TEXT_LOGIN_ERROR; } else { if (SESSION_RECREATE == 'True') { vam_session_recreate(); } // Login tries = 0 $date_now = date('Ymd'); vam_db_query("update " . TABLE_CUSTOMERS . " SET login_tries = 0, login_time = now() WHERE customers_email_address = '" . vam_db_input($email_address) . "'"); $check_country_query = vam_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . $check_customer['customers_default_address_id'] . "'"); $check_country = vam_db_fetch_array($check_country_query); $_SESSION['customer_gender'] = $check_customer['customers_gender']; $_SESSION['customer_first_name'] = $check_customer['customers_firstname']; $_SESSION['customer_last_name'] = $check_customer['customers_lastname'];