function tep_session_start()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;
$sane_session_id = true;
if (isset($HTTP_GET_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) {
unset($HTTP_GET_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_POST_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) {
unset($HTTP_POST_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {
if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {
$session_data = session_get_cookie_params();
setcookie(tep_session_name(), '', time() - 42000, $session_data['path'], $session_data['domain']);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(get_href_link(PAGE_DEFAULT, '', 'NONSSL', false));
}
return session_start();
}
function userLoginCheck()
{
global $navigation, $login_account_number;
if (!tep_session_is_registered('login_account_number') || !tep_not_null($login_account_number)) {
$navigation->set_snapshot();
tep_redirect(get_href_link(PAGE_LOGIN, '', 'SSL'));
}
}
function smarty_function_dev_get_link($params, &$smarty)
{
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'page':
$page = (string) $_val;
break;
case 'ssl':
$ssl = (bool) $_val;
break;
}
}
return get_href_link($page);
}
}
if ($security_question == -1) {
$validator->validateGeneral('Custom Question', $custom_question, _ERROR_FIELD_EMPTY);
}
$validator->validateGeneral('Security Answer', $security_answer, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Welcome Mesasge', $welcome_message, _ERROR_FIELD_EMPTY);
} else {
$validator->addError('Turing Number', ERROR_SECURE_CODE_WRONG);
}
if (count($validator->errors) == 0) {
// create new user
if (!tep_session_is_registered('signup_info')) {
tep_session_register('signup_info');
}
$signup_info = array('firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'welcome_message' => $welcome_message, 'security_question' => $security_question == -1 ? $custom_question : $security_question, 'security_answer' => $security_answer);
tep_redirect(get_href_link(PAGE_SIGNUP_PERSONAL));
} else {
postAssign($smarty);
}
}
// get security questions
$security_questions_array = array();
$security_questions_query = db_query('SELECT s.security_questions_id, sd.question FROM ' . _TABLE_SECURITY_QUESTIONS . " s, " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " sd WHERE s.security_questions_id =sd.security_questions_id AND sd.language_id='" . $languages_id . "' ORDER BY s.sort_order, sd.question ");
while ($security_question = db_fetch_array($security_questions_query)) {
$security_questions_array[$security_question['question']] = $security_question['question'];
}
// Customer Question
$security_questions_array[-1] = TEXT_CUSTOM_QUESTION;
$smarty->assign('security_questions_array', $security_questions_array);
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/signup.html');
if ($mss_flag) {
$verification_key = tep_create_random_value(10, 'digits');
$signup_data_array['verification_key'] = $verification_key;
db_perform(_TABLE_USERS, $signup_data_array, 'update', " user_id='" . $user_info['user_id'] . "' ");
$email_info = get_email_template('VERIFYCATION_KEY');
$msg_subject = $email_info['emailtemplate_subject'];
$msg_content = str_replace(array('[firstname]', '[verification_key]'), array($user_info['firstname'], $verification_key), $email_info['emailtemplate_content']);
$msg_content = html_entity_decode($msg_content);
tep_mail($user_info['firstname'] . ' ' . $user_info['lastname'], $user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL);
}
if (sizeof($navigation->snapshot) > 0) {
$origin_href = get_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
$navigation->clear_snapshot();
tep_redirect($origin_href, '', 'SSL');
} else {
tep_redirect(get_href_link(PAGE_LOGIN_CONFIRM, '', 'SSL'));
}
}
} else {
$validator->addError(ERROR_FIELD_LOGIN, ERROR_INVALID_ACCOUNT);
}
if (count($validator->errors) == 0) {
// create new user
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
if (empty($error_log_login)) {
$error_log_login = 1;
tep_session_register('error_log_login');
} elseif (tep_not_null($to_account)) {
$where_filter .= " AND to_account LIKE '" . $to_account . "%' AND from_account='" . $login_account_number . "' ";
}
if (tep_not_null($note)) {
$where_filter .= " AND transaction_memo LIKE '%" . $note . "%' ";
}
postAssign($smarty);
break;
}
$smarty->assign('link_transaction', get_href_link(PAGE_ACCOUNT_TRANSACTIONS, tep_get_all_get_params(array('action', 'module', 'page'))));
$sql_transaction = "SELECT * FROM " . _TABLE_TRANSACTIONS . " WHERE ( from_userid='" . $login_userid . "' OR to_userid='" . $login_userid . "') {$where_filter} ";
$sql_transaction_page = "SELECT * FROM " . _TABLE_TRANSACTIONS . " WHERE ( from_userid='" . $login_userid . "' OR to_userid='" . $login_userid . "') {$where_filter} ORDER BY transaction_time DESC, transaction_id DESC";
$transaction_query = db_query($sql_transaction);
$transaction_numbers = db_num_rows($transaction_query);
$transactionpage =& new Paginator($_GET['pg'], $transaction_numbers);
$transactionpage->set_Limit(25);
$transactionpage->pagename = get_href_link(PAGE_ACCOUNT_TRANSACTIONS, tep_get_all_get_params(array('pg', 'x', 'y', 'action', 'module', 'page')));
$transactionpage->set_Links(6);
$limit1 = $transactionpage->getRange1();
$limit2 = $transactionpage->getRange2();
$sql_transaction_page .= " LIMIT {$limit1}, {$limit2}";
$transaction_page_query = db_query($sql_transaction_page);
// get smarty transaction list
$transaction_array = array();
while ($transaction = db_fetch_array($transaction_page_query)) {
$transactions_array[] = $transaction;
}
$smarty->assign('page_links', $transactionpage->getPageLinks());
$smarty->assign('transactions', $transactions_array);
// get all transaction transactions
$_html_main_content = $smarty->fetch('account/history.html');
<?php
if (!tep_session_is_registered('login_account_number') && tep_not_null($login_account_number)) {
tep_redirect(get_href_link(PAGE_LOGIN));
}
// get currencies balance
$currencies_balance = array();
$sql_balances = "SELECT currency_code, balance FROM " . _TABLE_USER_BALANCE . " WHERE user_id='" . $login_userid . "'";
$balances_query = db_query($sql_balances);
while ($balance = db_fetch_array($balances_query)) {
$balances_array[$balance['currency_code']] = $balance['balance'];
}
// get all currencies_list
$currencies_array = get_currencies();
foreach ($currencies_array as $currency_code => $currency_info) {
$balance_info_array[] = array('balance_name' => $currency_info['title'], 'balance_text' => get_currency_value_format($balances_array[$currency_code], $currency_info));
}
$smarty->assign('balances', $balance_info_array);
$_html_main_content = $smarty->fetch('home/login_balance.html');
<script type="text/javascript">
$(document).ready(function(){
$("#buttonSearch").click(function() {
if ($("#ajaxSearchContent").css("display") =='none') {
$("#ajaxDetailsContent").hide();
$("#ajaxSearchContent").fadeIn();
} else {
document.frmSearch.submit();
}
});
});
function getTransactionDetails(transactionid)
{
$.post('<?php
echo get_href_link(PAGE_ACCOUNT_TRANSACTIONS_AJAX, tep_get_all_get_params(array('action', 'module', 'page')));
?>
',{doajax:'get_transaction_details',transaction_id:transactionid}, function(data)
{
$("#ajaxSearchContent").hide();
$("#ajaxDetailsContent").html(data);
$("#ajaxDetailsContent").fadeIn();
}
);
}
// close delete new confirmform
function closeTransactionDetailsContent()
{
$("#ajaxDetailsContent").hide();
<script type="text/javascript" src="includes/js/jquery.min.js"></script>
<script type="text/javascript">
function getStates(countryid) {
$.post('<?php
echo get_href_link(PAGE_GLOBAL_AJAX);
?>
', {doajax : 'get_states',country_id: countryid}, function(data) {
$("select:#state").html(data);
});
}
</script>
<?php
if (!tep_session_is_registered('signup_info')) {
tep_redirect(get_href_link(PAGE_SIGNUP));
}
$signup_finished = false;
if ($_POST['action'] == 'process') {
$account_name = db_prepare_input($_POST['account_name']);
$company_name = db_prepare_input($_POST['company_name']);
$address = db_prepare_input($_POST['address']);
$city = db_prepare_input($_POST['city']);
$country_id = (int) $_POST['country_id'];
$state = db_prepare_input($_POST['state']);
$postcode = db_prepare_input($_POST['postcode']);
$phone = db_prepare_input($_POST['phone']);
$mobile = db_prepare_input($_POST['mobile']);
$validator->validateGeneral('Account Name', $account_name, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Company Name', $account_name, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Address', $address, _ERROR_FIELD_EMPTY);
if ($country_id == 0) {
$validator->addError('Country', 'Please select country.');
}
$validator->validateGeneral('City', $city, _ERROR_FIELD_EMPTY);
if ($state == 0) {
$validator->addError('State', 'Please select state.');
}
if (strlen($phone) < 7) {
$validator->addError('Phone', 'Please input correct phone number.');
}
if (strlen($postcode) < 4) {
$validator->addError('Zip/Post Code', 'Please input correct Zip/Post Code.');
break;
case 'stcki_ipn':
include_once 'settings/stcki_ipn.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_CKI_IPN));
break;
case 'stapi':
include_once 'settings/stapi.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_API));
break;
case 'stchange_password':
include_once 'settings/stchange_password.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_PASSWORD));
break;
case 'stsecure_pin':
include_once 'settings/stsecure_pin.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_SECURE_PIN));
break;
case 'security_code':
include_once 'settings/security_code.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_SECURE_CODE));
break;
default:
break;
}
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('account/settings.html');
//if ($master_key_pass) {
// $_html_main_content = $smarty->fetch('account/edit_account.html');
//} else {
// $_html_main_content = $smarty->fetch('account/settings.html');
//}
<?php
if (!tep_session_is_registered('login_account_number') && tep_not_null($login_account_number)) {
tep_redirect(get_href_link(PAGE_LOGIN));
}
if (tep_session_is_registered('login_main_account_info')) {
tep_session_unregister('login_main_account_info');
}
if ($_POST['action'] == 'process') {
$login_pin = db_prepare_input($_POST['login_pin']);
// check login_pin
$sql_check = "SELECT account_name, firstname, lastname FROM " . _TABLE_USERS . " WHERE user_id='" . $login_userid . "' and account_number='" . $login_account_number . "' and login_pin='" . $login_pin . "'";
$check_login_query = db_query($sql_check);
if (db_num_rows($check_login_query) > 0) {
$login_main_account_info = db_fetch_array($check_login_query);
$login_main_account_info['activity_clock_log'] = array('mins' => 15, 'sec' => 59);
tep_session_register('login_main_account_info');
tep_redirect(get_href_link(PAGE_ACCOUNT));
} else {
// invalid login pin
$validator->addError('Login PIN', 'Invalid Login Pin.');
}
}
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/login_pin.html');
function reconstruct_target_body($focus, $target_body, $component_array, $notify_user_id = "", $alert_user_array = array())
{
global $beanList;
$replace_array = array();
foreach ($component_array as $module_name => $module_array) {
if ($module_name == $focus->module_dir) {
//base module
foreach ($module_array as $field => $field_array) {
if ($field_array['value_type'] == 'href_link') {
//Create href link to target record
$replacement_value = get_href_link($focus);
}
if ($field_array['value_type'] == 'invite_link') {
//Create href link to target record
$replacement_value = get_invite_link($focus, $notify_user_id);
}
if ($field_array['value_type'] == 'future') {
$replacement_value = check_special_fields($field_array['name'], $focus, false, array());
}
if ($field_array['value_type'] == 'past') {
$replacement_value = check_special_fields($field_array['name'], $focus, true, array());
}
$replace_array[$field_array['original']] = $replacement_value;
//end foreach module_array
}
//end if base module array
} else {
//Confirm this is an actual module in the beanlist
if (isset($beanList[$module_name]) || isset($focus->field_defs[$module_name])) {
///Build the relationship information using the Relationship handler
$rel_handler = $focus->call_relationship_handler("module_dir", true);
if (isset($focus->field_defs[$module_name])) {
$rel_handler->rel1_relationship_name = $focus->field_defs[$module_name]['relationship'];
$rel_module = get_rel_module_name($focus->module_dir, $rel_handler->rel1_relationship_name, $focus->db);
$rel_handler->rel1_module = $rel_module;
$rel_handler->rel1_bean = BeanFactory::getBean($rel_module);
} else {
$rel_handler->process_by_rel_bean($module_name);
}
foreach ($focus->field_defs as $field => $attribute_array) {
if (!empty($attribute_array['relationship']) && $attribute_array['relationship'] == $rel_handler->rel1_relationship_name) {
//$relationship_name = $field;
$rel_handler->base_vardef_field = $field;
break;
}
}
//obtain the rel_module object
$rel_list = $rel_handler->build_related_list("base");
foreach ($alert_user_array as $user_meta_array) {
////Filter the first related module
$rel_list = process_rel_type("rel_module1_type", "rel1_filter", $rel_list, $user_meta_array);
////Filter using second filter if necessary
if (!empty($user_meta_array['expression']) && $user_meta_array['rel_module2'] == "") {
$rel_list = process_rel_type("filter", "expression", $rel_list, $user_meta_array, true);
//end second filter if necessary
}
}
//$rel_list = $focus->get_linked_beans($relationship_name, $bean_name);
if (!empty($rel_list[0])) {
$rel_object = $rel_list[0];
$rel_module_present = true;
} else {
$rel_module_present = false;
}
foreach ($module_array as $field => $field_array) {
if ($rel_module_present == true) {
if ($field_array['value_type'] == 'href_link') {
//Create href link to target record
$replacement_value = get_href_link($rel_object);
} elseif ($field_array['value_type'] == 'invite_link') {
//Create href link to target record
$replacement_value = get_invite_link($rel_object, $notify_user_id);
} else {
//use future always for rel because fetched should always be the same
$replacement_value = check_special_fields($field_array['name'], $rel_object, false, array());
}
} else {
$replacement_value = "Invalid Value";
}
$replace_array[$field_array['original']] = $replacement_value;
//end foreach module_array
}
//end check to see if this is an actual module in the beanlist
}
//end if else base or related module array
}
//end outside foreach
}
$parsed_target_body = replace_target_body_items($target_body, $replace_array);
return $parsed_target_body;
//end function reconstruct_target_body
}
<?php
if (!tep_session_is_registered('signup_info')) {
tep_redirect(get_href_link(PAGE_SIGNUP, '', 'SSL'));
}
$signup_finished = false;
if ($_POST['action'] == 'process') {
$account_name = db_prepare_input($_POST['account_name']);
$company_name = db_prepare_input($_POST['company_name']);
$address = db_prepare_input($_POST['address']);
$city = db_prepare_input($_POST['city']);
$country_id = (int) $_POST['country_id'];
$state = 0;
$postcode = db_prepare_input($_POST['postcode']);
$phone = db_prepare_input($_POST['phone']);
$mobile = db_prepare_input($_POST['mobile']);
$validator->validateGeneral('Account Name', $account_name, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Company Name', $account_name, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Address', $address, _ERROR_FIELD_EMPTY);
if ($country_id == 0) {
$validator->addError('Country', 'Please select country.');
}
$validator->validateGeneral('City', $city, _ERROR_FIELD_EMPTY);
// if ($state == 0) {
// $validator->addError('State', 'Please select state.');
// }
if (strlen($phone) < 7) {
$validator->addError('Phone', 'Please input correct phone number.');
}
if (strlen($postcode) < 4) {
$validator->addError('Zip/Post Code', 'Please input correct Zip/Post Code.');
?>
"><font color="#FFFFFF">Corporate</font></a> |
<a href="<?php
echo get_href_link(PAGE_TERMS);
?>
"><font color="#FFFFFF">Terms of Service</font></a> |
<a href="<?php
echo get_href_link(PAGE_PRIVACY);
?>
"><font color="#FFFFFF">Privacy Policy</font></a> |
<a href="<?php
echo get_href_link(PAGE_AML);
?>
"><font color="#FFFFFF">Anti -
money Laundering Policy</font></a> | <a href="<?php
echo get_href_link(PAGE_CONTACT_US);
?>
">
<font color="#FFFFFF">Contact us</font></a></span></font></td>
</tr>
<tr>
<td width="100%" height="22" valign="bottom">
<p align="center"><font face="Tahoma" size="2" color="#FFFFFF">© 2002 —
2010 e-GlobalCash All rights reserved. </font></td>
</tr>
</table>
</center>
</div>
</body>
<?php
tep_session_unregister('login_userid');
tep_session_unregister('login_account_number');
tep_session_unregister('login_useremail');
tep_session_unregister('navigation');
tep_session_unregister('login_main_account_info');
// delete the cookie
tep_setcookie("account_number", $account_number, time() - 1, HTTP_COOKIE_PATH, HTTP_COOKIE_DOMAIN);
tep_setcookie("password", $login_password, time() - 1, HTTP_COOKIE_PATH, HTTP_COOKIE_DOMAIN);
tep_redirect(get_href_link(PAGE_DEFAULT));
$history = db_fetch_array($history_query);
if (empty($history)) {
tep_redirect(get_href_link(PAGE_LOGIN));
}
if ($history['transaction_status'] == 'completed') {
$currency = get_currency($history['transaction_currency']);
$balance = get_currency_value_format($history['amount'], $currency);
$transfer_info['fees_text'] = get_currency_value_format($history['fee'], $currency);
$sql_check = "SELECT account_name, firstname, lastname FROM " . _TABLE_USERS . " WHERE user_id='" . $history['from_userid'] . "'";
$user_check = db_query($sql_check);
$user_transfer = db_fetch_array($user_check);
$smarty->assign('user_transfer', $user_transfer);
$sql_user = "******" . _TABLE_USERS . " WHERE user_id='" . $history['to_userid'] . "'";
$user_query = db_query($sql_user);
if (db_num_rows($user_query) == 0) {
tep_redirect(get_href_link(PAGE_TRANSFER));
}
if (!empty($history['status_url'])) {
$dataPost = array('payee_account' => $history['to_account'], 'payer_account' => $history['from_account'], 'checkout_amount' => $history['amount'], 'checkout_currency' => $history['transaction_currency'], 'batch_number' => $history['batch_number'], 'transaction_status' => $history['transaction_status'], 'transaction_currency' => $history['transaction_currency']);
$extra_fields = unserialize($history['extra_fields']);
$dataPost = array_merge($extra_fields, $dataPost);
if ($history['status_method'] == 'GET') {
$results = curl_get($history['status_url'], $dataPost);
} else {
$results = curl_post($history['status_url'], $dataPost);
}
if ($results) {
$sql_delete = "DELETE FROM " . _TABLE_TRANSACTIONS_HISTOTY . " WHERE history_id='" . $history_id . "'";
db_query($sql_delete);
if (eregi("SUCCESS", $results) && !empty($history['success_url'])) {
$smarty->assign('url', $history['success_url']);
<?php
if (!tep_session_is_registered('login_account_number') && tep_not_null($login_account_number)) {
tep_redirect(get_href_link(PAGE_LOGIN, '', 'SSL'));
}
$_html_main_content = $smarty->fetch('home/account.html');
// check user's balance currency init ?
$check_balance = db_fetch_array(db_query("SELECT count(*) as total FROM " . _TABLE_USER_BALANCE . " WHERE user_id='" . $to_user_info['user_id'] . "' and currency_code='" . $balance_currency . "'"));
$current_amount = $amount - $fees;
if ($check_balance['total'] > 0) {
db_query("UPDATE " . _TABLE_USER_BALANCE . " SET balance=balance+ " . $current_amount . ", last_updated='" . date('YmdHis') . "' WHERE user_id='" . $to_user_info['user_id'] . "' and currency_code='" . $balance_currency . "'");
} else {
$balance_data_array = array('user_id' => $to_user_info['user_id'], 'currency_code' => $balance_currency, 'balance' => $current_amount, 'last_updated' => date('YmdHis'));
db_perform(_TABLE_USER_BALANCE, $balance_data_array);
}
// Send Transaction Notify Email to User
$email_info = get_email_template('TRANSFER_EMAIL');
$firstname = $to_user_info['firstname'];
$msg_subject = $email_info['emailtemplate_subject'];
// echo "amount_text = $amount_text <br>";
$msg_content = str_replace(array('[firstname]', '[amount_text]', '[batch_number]', '[balance_currency]', '[from_account]'), array($firstname, $amount_text, $batch_number, $balance_currency, $login_account_number), $email_info['emailtemplate_content']);
$msg_content = html_entity_decode($msg_content);
//add by donghp 26/03/2012
//echo $email_info['emailtemplate_content']."<br>-------------------<br>";
// echo $msg_content."<br>";
tep_mail($firstname, $to_user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL);
//admin transfer
$batch_number_admin = tep_create_random_value(11, 'digits');
$transaction_data_array_admin = array('from_userid' => $to_user_info['user_id'], 'batch_number' => $batch_number_admin, 'to_userid' => 1, 'amount' => $fees, 'fee' => 0, 'transaction_time' => date('YmdHis'), 'transaction_memo' => 'transaction fees #' . $batch_number, 'from_account' => $to_user_info['account_number'], 'to_account' => 'OOKCASH', 'transaction_currency' => $balance_currency, 'amount_text' => $transaction_data_array['fee_text'], 'transaction_status' => 'completed', 'status' => '0');
db_perform(_TABLE_TRANSACTIONS, $transaction_data_array_admin);
transfer_admin($transaction_data_array_admin);
tep_redirect(get_href_link(PAGE_QUICK_PAYMENT, 'success=1'));
} else {
$smarty->assign('validerrors', $validator->errors);
}
}
$_html_main_content = $smarty->fetch('account/quick_payment.html');
$smarty->assign('email', $email);
$smarty->assign('account_number', $account['account_number']);
$smarty->assign('security_question', $account['security_question']);
$smarty->assign('message_err', $message_err);
//--------------------------------------------------------------------
$_html_main_content = $smarty->fetch('home/reset_password_sent.html');
// echo "Have not exits";
}
} else {
if ($_POST['action'] == 'process3') {
//update new pasword
$password = db_prepare_input($_POST['Password']);
$password2 = db_prepare_input($_POST['Password2']);
$resetcode_sent = true;
if (empty($session_email) || empty($session_account_number)) {
tep_redirect(get_href_link(PAGE_RESET_PASSWORD, '', 'SSL'));
}
$sql = "SELECT user_id, firstname, lastname,security_question,account_number FROM " . _TABLE_USERS . " WHERE (email='" . $session_email . "') and (account_number='" . $session_account_number . "')";
$account = db_fetch_array(db_query($sql));
$user_id = $account['user_id'];
$ok = false;
if ($validator->validateEqual('Password', $password, $password2, _ERROR_PASSWORD)) {
}
if ($validator->validateMinLength('Password Length', $password, 6, _ERROR_PASSWORD_MIN_LENGTH)) {
}
if (count($validator->errors) == 0) {
$ok = true;
$q = db_query("UPDATE users SET password = '******' WHERE user_id = {$user_id}");
$_html_main_content = $smarty->fetch('home/reset_password_success.html');
} else {
// postAssign($smarty);
<?php
if (!tep_session_is_registered('login_account_number') && tep_not_null($login_account_number)) {
tep_redirect(get_href_link(PAGE_LOGIN, '', 'SSL'));
}
if (tep_session_is_registered('login_main_account_info')) {
tep_session_unregister('login_main_account_info');
}
if ($_POST['action'] == 'process') {
$login_pin = db_prepare_input($_POST['login_pin']);
// check login_pin
$sql_check = "SELECT account_name, firstname, lastname FROM " . _TABLE_USERS . " WHERE user_id='" . $login_userid . "' and account_number='" . $login_account_number . "' and login_pin='" . $login_pin . "'";
$check_login_query = db_query($sql_check);
if (db_num_rows($check_login_query) > 0) {
$login_main_account_info = db_fetch_array($check_login_query);
$login_main_account_info['activity_clock_log'] = array('mins' => 15, 'sec' => 59);
tep_session_register('login_main_account_info');
tep_redirect(get_href_link(PAGE_ACCOUNT, '', 'SSL'));
} else {
// invalid login pin
$validator->addError('Login PIN', 'Invalid Login Pin.');
}
}
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/login_pin.html');
// completed
$transaction_data = array('batch_number' => $batch_number, 'from_account' => $login_account_number, 'to_account' => $to_account, 'amount_text' => $amount_text, 'memo' => $transaction_memo, 'transaction_time' => date('d/m/Y H:i'));
$smarty->assign('transaction_data', $transaction_data);
// Send Transaction Notify Email to User
$email_info = get_email_template('TRANSFER_EMAIL');
$user_info = db_fetch_array(db_query("SELECT firstname, email FROM " . _TABLE_USERS . " WHERE user_id='" . $to_userid . "'"));
$firstname = $user_info['firstname'];
$msg_subject = $email_info['emailtemplate_subject'];
// echo "amount_text = $amount_text <br>";
$msg_content = str_replace(array('[firstname]', '[amount_text]', '[batch_number]', '[balance_currency]', '[from_account]'), array($firstname, $amount_text, $batch_number, $balance_currency, $login_account_number), $email_info['emailtemplate_content']);
$msg_content = html_entity_decode($msg_content);
//add by donghp 26/03/2012
//echo $email_info['emailtemplate_content']."<br>-------------------<br>";
// echo $msg_content."<br>";
tep_mail($firstname, $user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL);
$stepValue = 'complate';
tep_redirect(get_href_link(PAGE_SCI_TRANSFER_COMPLETE, 'transaction=' . $history_id));
}
} else {
$transaction_memo = db_prepare_input($_POST['transaction_memo']);
$smarty->assign('transaction_memo', $transaction_memo);
$smarty->assign('master_key', $master_key);
}
} else {
postAssign($smarty);
$validator->addError('Master Key', 'Invalid master key entered. Master Key is a three digit number you have selected at the time of registration. Please try again.');
}
}
$smarty->assign('validerrors', $validator->errors);
$smarty->assign('step_value', $step);
$_html_main_content = $smarty->fetch('account/sci_transfer.html');
db_perform(_TABLE_TRANSACTIONS, $transaction_data_array);
// deduce balance of the from account
db_query("UPDATE " . _TABLE_USER_BALANCE . " SET balance=balance- " . $amount . ", last_updated='" . date('YmdHis') . "' WHERE user_id='" . $login_userid . "' and currency_code='" . $balance_currency . "'");
// add balance to the account
// check user's balance currency init ?
$check_balance = db_fetch_array(db_query("SELECT count(*) as total FROM " . _TABLE_USER_WALLET . " WHERE user_id='" . $login_userid . "' and currency_code='" . $balance_currency . "'"));
$current_amount = $amount;
if ($check_balance['total'] > 0) {
db_query("UPDATE " . _TABLE_USER_WALLET . " SET balance=balance+ " . $current_amount . ", last_updated='" . date('YmdHis') . "' WHERE user_id='" . $login_userid . "' and currency_code='" . $balance_currency . "'");
} else {
$balance_data_array = array('user_id' => $login_userid, 'currency_code' => $balance_currency, 'balance' => $current_amount, 'last_updated' => date('YmdHis'));
db_perform(_TABLE_USER_WALLET, $balance_data_array);
}
// Send Transaction Notify Email to User
$email_info = get_email_template('TRANSFER_WALLET_EMAIL');
$user_info = db_fetch_array(db_query("SELECT firstname, email FROM " . _TABLE_USERS . " WHERE user_id='" . $login_userid . "'"));
$firstname = $user_info['firstname'];
$msg_subject = $email_info['emailtemplate_subject'];
// echo "amount_text = $amount_text <br>";
$msg_content = str_replace(array('[firstname]', '[amount_text]', '[batch_number]', '[balance_currency]', '[from_account]'), array($firstname, $amount_text, $batch_number, $balance_currency, $login_account_number), $email_info['emailtemplate_content']);
$msg_content = html_entity_decode($msg_content);
//add by donghp 26/03/2012
//echo $email_info['emailtemplate_content']."<br>-------------------<br>";
// echo $msg_content."<br>";
tep_mail($firstname, $user_info['email'], $msg_subject, $msg_content, SITE_NAME, SITE_CONTACT_EMAIL);
tep_redirect(get_href_link(PAGE_ACCOUNT_TRANSFER_WALLET, 'success=1'));
} else {
$smarty->assign('validerrors', $validator->errors);
}
}
$_html_main_content = $smarty->fetch('account/transfer_wallet.html');
<?php
tep_session_unregister('login_userid');
tep_session_unregister('login_account_number');
tep_session_unregister('login_useremail');
tep_session_unregister('navigation');
tep_session_unregister('login_main_account_info');
// delete the cookie
tep_setcookie("account_number", $account_number, time() - 1, HTTP_COOKIE_PATH, HTTP_COOKIE_DOMAIN);
tep_setcookie("password", $login_password, time() - 1, HTTP_COOKIE_PATH, HTTP_COOKIE_DOMAIN);
tep_redirect(get_href_link(PAGE_DEFAULT, '', 'SSL'));
<?php
if (!tep_session_is_registered('login_account_number') && tep_not_null($login_account_number)) {
tep_redirect(get_href_link(PAGE_LOGIN, '', 'SSL'));
}
// get persional Welcome Message
$account_info = db_fetch_array(db_query("SELECT * FROM " . _TABLE_USERS . " WHERE account_number='" . $login_account_number . "'"));
$smarty->assign('account_info', $account_info);
$welcome_message = $account_info['welcome_message'];
//db_fetch_array(db_query("SELECT welcome_message FROM " . _TABLE_USERS . " WHERE account_number='" . $login_account_number . "'"));
$smarty->assign('personal_welcome_message', $welcome_message);
$current_ip = get_client_ip();
$mss_flag = FALSE;
if ($account_info['verification_status'] == 1 && $current_ip != $account_info['verification_ip']) {
$mss_flag = true;
}
$smarty->assign('mss_flag', $mss_flag);
if ($_POST['action'] == 'process') {
if ($mss_flag && $account_info['verification_key'] != $_POST['verification_key']) {
$validator->addError('Verification code', 'Invalid verification code. Please try again.');
}
if (count($validator->errors) == 0) {
if ($_POST['confirm_message'] == 1) {
//make sure correct personal welcome message
tep_redirect(get_href_link(PAGE_LOGIN_BALANCE, '', 'SSL'));
}
}
}
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/login_confirm.html');
}
if ($security_question == -1) {
$validator->validateGeneral('Custom Question', $custom_question, _ERROR_FIELD_EMPTY);
}
$validator->validateGeneral('Security Answer', $security_answer, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Welcome Mesasge', $welcome_message, _ERROR_FIELD_EMPTY);
} else {
$validator->addError('Turing Number', ERROR_SECURE_CODE_WRONG);
}
if (count($validator->errors) == 0) {
// create new user
if (!tep_session_is_registered('signup_info')) {
tep_session_register('signup_info');
}
$signup_info = array('firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'welcome_message' => $welcome_message, 'security_question' => $security_question == -1 ? $custom_question : $security_question, 'security_answer' => $security_answer);
tep_redirect(get_href_link(PAGE_SIGNUP_PERSONAL, '', 'SSL'));
} else {
postAssign($smarty);
}
}
// get security questions
$security_questions_array = array();
$security_questions_query = db_query('SELECT s.security_questions_id, sd.question FROM ' . _TABLE_SECURITY_QUESTIONS . " s, " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " sd WHERE s.security_questions_id =sd.security_questions_id AND sd.language_id='" . $languages_id . "' ORDER BY s.sort_order, sd.question ");
while ($security_question = db_fetch_array($security_questions_query)) {
$security_questions_array[$security_question['question']] = $security_question['question'];
}
// Customer Question
$security_questions_array[-1] = TEXT_CUSTOM_QUESTION;
$smarty->assign('security_questions_array', $security_questions_array);
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/signup.html');
<?php
$smarty->assign('general_form_href', get_href_link(PAGE_GENERAL_FORM));
$_html_main_content = $smarty->fetch('home/applications.html');