$user_login = "";
if (strlen($login_action)) {
if ($login_action == "logout") {
user_logout();
} else {
$user_login = get_param("user_login");
$user_password = get_param("user_password");
if (!strlen($user_login)) {
$error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE);
$login_errors .= $error_message . "<br>";
}
if (!strlen($user_password)) {
$error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE);
$login_errors .= $error_message . "<br>";
}
if (!$login_errors && check_black_ip()) {
$login_errors = BLACK_IP_MSG;
}
if (!strlen($login_errors)) {
user_login($user_login, $user_password, "", 0, "", false, $login_errors);
}
}
if (!$login_errors) {
// make redirect to original page after successful login/logout operations
header("Location: " . $return_page);
exit;
}
}
if (get_session("session_user_id")) {
$user_info = get_session("session_user_info");
$user_login = get_setting_value($user_info, "nickname", "");
} elseif ($operation == "logout") {
user_logout();
} else {
if (!$cookie_login) {
$login = get_param("login");
$password = get_param("password");
if (!strlen($login)) {
$error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "<br>";
}
if (!strlen($password)) {
$error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "<br>";
}
}
if (!$errors && check_black_ip()) {
$errors = BLACK_IP_MSG;
}
if (!$errors) {
user_login($login, $password, "", $remember_me, $return_page, true, $errors);
}
}
}
$t->set_var("ssl", htmlspecialchars($ssl));
if ($remember_me) {
$t->set_var("remember_me", "checked");
} else {
$t->set_var("remember_me", "");
}
$type_error = get_param("type_error");
if ($type_error == 2) {
} elseif ($r->errors) {
// saved validated number for following submits
set_session("session_validation_number", $validated_number);
}
}
}
if (strlen($user_id)) {
if (!isset($user_settings["edit_profile"]) || $user_settings["edit_profile"] != 1) {
$r->errors = EDIT_PROFILE_ERROR;
}
} else {
if (!isset($user_settings["new_profile"]) || $user_settings["new_profile"] != 1) {
$r->errors = NEW_PROFILE_ERROR;
}
}
if (!$r->errors && check_black_ip()) {
$r->errors = BLACK_IP_MSG;
}
if (!strlen($r->errors)) {
// subscribe/unsubscribe user from newsletter
if ($user_email) {
if ($r->get_value("subscribe") == 1) {
$sql = " SELECT COUNT(*) FROM " . $table_prefix . "newsletters_users ";
$sql .= " WHERE email=" . $db->tosql($user_email, TEXT);
$db->query($sql);
$db->next_record();
$email_count = $db->f(0);
if ($email_count < 1) {
$sql = " INSERT INTO " . $table_prefix . "newsletters_users (email, date_added) ";
$sql .= " VALUES (";
$sql .= $db->tosql($user_email, TEXT) . ", ";
}
}
}
$r->validate();
$r->errors .= $options_errors;
if (strlen($r->errors) || strlen($sc_errors)) {
$is_valid = false;
} else {
$is_valid = true;
}
} elseif ($operation == "fast_checkout") {
$is_valid = true;
} else {
$is_valid = false;
}
if ($is_valid && check_black_ip()) {
$r->errors = BLACK_IP_MSG;
$is_valid = false;
}
if ($is_valid) {
// get payment rate for the selected gateway
$payment_currency = get_payment_rate($payment_id, $currency);
$payment_decimals = $payment_currency["decimals"];
$payment_rate = $payment_currency["rate"];
$r->set_value("payment_currency_code", $payment_currency["code"]);
$r->set_value("payment_currency_rate", $payment_currency["rate"]);
$variables["tax_cost"] = number_format($taxes_total * $payment_rate, $payment_decimals, ".", "");
$variables["tax_total"] = number_format($taxes_total * $payment_rate, $payment_decimals, ".", "");
$variables["processing_fee"] = number_format($processing_fee * $payment_rate, $payment_decimals, ".", "");
$new_order_status = 1;
// set status to zero when adding order
