if (!empty($action)) {
switch ($action) {
case 'setflag':
if ( ($_GET['loginflag'] == '0') || ($_GET['loginflag'] == '1') ) {
if (isset($_GET['cID'])) {
oos_set_customer_login($_GET['cID'], $_GET['loginflag']);
if ($_GET['loginflag'] == '1') {
$customerstable = $oostable['customers'];
$sql = "SELECT customers_firstname, customers_lastname, customers_gender, customers_email_address
FROM $customerstable
WHERE customers_id = '" . oos_db_input($_GET['cID']) . "'";
$check_customer = $dbconn->Execute($sql);
if ($check_customer->RecordCount()) {
$check_customer_values = $check_customer->fields;
// Crypted password mods - create a new password, update the database and mail it to them
$newpass = oos_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password = oos_encrypt_password($newpass);
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE $customerstable SET customers_password = '******' WHERE customers_id = '" . $_GET['cID'] . "'");
$name = $check_customer_values['customers_firstname'] . " " . $check_customer_values['customers_lastname'];
if (ACCOUNT_GENDER == '1') {
if ($check_customer_values['customers_gender'] == 'm') {
$email_text = EMAIL_GREET_MR . $check_customer_values['customers_lastname'] . ', ' . "\n\n";
} else {
$email_text = EMAIL_GREET_MS . $check_customer_values['customers_lastname'] . ', ' . "\n\n";
}
} else {
$email_text = EMAIL_GREET_NONE;
}
$email_text .= EMAIL_WELCOME;
$news = ENTRY_NEWSLETTER_NO;
}
$oSmarty->assign('news', $news);
$oSmarty->assign('newsletter_ids', array(0, 1));
$oSmarty->assign('newsletter', array($aLang['entry_newsletter_no'], $aLang['entry_newsletter_yes']));
$oSmarty->assign('oosPageHeading', $oSmarty->fetch($aOption['page_heading']));
$oSmarty->assign('contents', $oSmarty->fetch($aOption['template_main']));
// display the template
require 'includes/oos_display.php';
} else {
$customer_max_order = DEFAULT_MAX_ORDER;
$customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
$time = mktime();
$wishlist_link_id = '';
for ($x = 3; $x < 10; $x++) {
$wishlist_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
}
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_status' => $customers_status, 'customers_login' => 1, 'customers_max_order' => $customer_max_order, 'customers_password' => oos_encrypt_password($password), 'customers_wishlist_link_id' => $wishlist_link_id, 'customers_default_address_id' => 1);
if (ACCOUNT_GENDER == '1') {
$sql_data_array['customers_gender'] = $gender;
}
if (ACCOUNT_NUMBER == '1') {
$sql_data_array['customers_number'] = $number;
}
if (ACCOUNT_DOB == '1') {
$sql_data_array['customers_dob'] = oos_date_raw($dob);
}
if (ACCOUNT_VAT_ID == '1') {
$sql_data_array['customers_vat_id'] = $vat_id;
if (ACCOUNT_COMPANY_VAT_ID_CHECK == '1' && $vatid_check_error === false) {
$sql_data_array['customers_vat_id_status'] = 1;
function generate_cart_id($length = 5)
{
return oos_create_random_value($length, 'digits');
}
/**
* This function inserts the default data on new installs
*/
function oosInputData($gender, $firstname, $name, $pwd, $repeatpwd, $email, $phone, $fax, $prefix_table, $update)
{
global $currentlang, $db, $update;
echo '<font class="oos-title">' . INPUT_DATA . '</font>';
echo '<table align="center"><tr><td align="left">';
if (!$prefix_table == '') {
$prefix_table = $prefix_table . '_';
}
// Put basic information in first
$today = date("Y-m-d H:i:s");
require 'newdata.php';
$owp_pwd = oos_encrypt_password($pwd);
include_once 'newconfigdata.php';
$admin_groups_id = '1';
$sql = "INSERT INTO " . $prefix_table . "admin\n (admin_groups_id,\n admin_gender,\n admin_firstname,\n admin_lastname,\n admin_email_address,\n admin_telephone,\n admin_fax,\n admin_password,\n admin_created)\n VALUES (" . $db->qstr($admin_groups_id) . ',' . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($email) . ',' . $db->qstr($phone) . ',' . $db->qstr($fax) . ',' . $db->qstr($owp_pwd) . ',' . $db->DBTimeStamp($today) . ")";
$result = $db->Execute($sql);
if ($result === false) {
echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
} else {
echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'admin ' . UPDATED . '</font>';
}
$login = '******';
$status = '1';
$max_order = '800';
$default_address = '1';
$logs = 0;
$time = mktime();
$wishlist_link_id = '';
for ($x = 3; $x < 10; $x++) {
$wishlist_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
}
$sql = "INSERT INTO " . $prefix_table . "customers\n (customers_gender,\n customers_firstname,\n customers_lastname,\n customers_email_address,\n customers_telephone,\n customers_fax,\n customers_status,\n customers_login,\n customers_max_order,\n customers_password,\n customers_wishlist_link_id,\n customers_default_address_id)\n VALUES (" . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($email) . ',' . $db->qstr($phone) . ',' . $db->qstr($fax) . ',' . $db->qstr($status) . ',' . $db->qstr($login) . ',' . $db->qstr($max_order) . ',' . $db->qstr($owp_pwd) . ',' . $db->qstr($wishlist_link_id) . ',' . $db->qstr($default_address) . ")";
$result = $db->Execute($sql);
if ($result === false) {
echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
} else {
echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'customers ' . UPDATED . '</font>';
}
$customer_id = $db->Insert_ID();
$book_id = 1;
$country = 81;
$zone_id = 88;
$sStr = '0';
$sql = "INSERT INTO " . $prefix_table . "address_book\n (customers_id,\n address_book_id,\n entry_gender,\n entry_firstname,\n entry_lastname,\n entry_street_address,\n entry_postcode,\n entry_city,\n entry_country_id,\n entry_zone_id)\n VALUES (" . $db->qstr($customer_id) . ',' . $db->qstr($book_id) . ',' . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($sStr) . ',' . $db->qstr($sStr) . ',' . $db->qstr($sStr) . ',' . $db->qstr($country) . ',' . $db->qstr($zone_id) . ")";
$result = $db->Execute($sql);
if ($result === false) {
echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
} else {
echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'address_book ' . UPDATED . '</font>';
}
$sql = "INSERT INTO " . $prefix_table . "customers_info\n (customers_info_id,\n customers_info_number_of_logons,\n customers_info_date_account_created) VALUES (" . $db->qstr($customer_id) . ',' . $db->qstr($logs) . ',' . $db->DBTimeStamp($today) . ")";
$result = $db->Execute($sql);
if ($result === false) {
echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
} else {
echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'customers_info ' . UPDATED . '</font>';
}
echo '</td></tr></table>';
}
if ($log_times >= 4) {
$_SESSION['password_forgotten'] = 'password';
}
// Check if email exists
$admintable = $oostable['admin'];
$check_admin_result = $dbconn->Execute("SELECT admin_id as check_id, admin_firstname as check_firstname, admin_lastname as check_lastname, admin_email_address as check_email_address FROM $admintable WHERE admin_email_address = '" . oos_db_input($email_address) . "'");
if (!$check_admin_result->RecordCount()) {
$login = '******';
} else {
$check_admin = $check_admin_result->fields;
if ($check_admin['check_firstname'] != $firstname) {
$login = '******';
} else {
$login = '******';
$make_password = oos_create_random_value(7);
$crypted_password = oos_encrypt_password($make_password);
oos_mail($check_admin['check_firstname'] . ' ' . $check_admin['admin_lastname'], $check_admin['check_email_address'], ADMIN_PASSWORD_SUBJECT, nl2br(sprintf(ADMIN_EMAIL_TEXT, $make_password)), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$admintable = $oostable['admin'];
$dbconn->Execute("UPDATE $admintable
SET admin_password = '******'
WHERE admin_id = '" . oos_db_input($check_admin['check_id']) . "'");
}
}
}
require('includes/languages/' . $_SESSION['language'] . '/' . $aFilename['login']);
if ($login == 'success') {
$success_message = TEXT_FORGOTTEN_SUCCESS;
} elseif ($login == 'fail') {