Esempio n. 1
0
 }
 if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
     $error = true;
     $messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
 }
 if (ACCOUNT_DOB == 'true') {
     if (strlen(substr(xos_date_raw($dob), 4, 2) . substr(xos_date_raw($dob), 6, 2) . substr(xos_date_raw($dob), 0, 4)) != 8 || ctype_digit(substr(xos_date_raw($dob), 4, 2) . substr(xos_date_raw($dob), 6, 2) . substr(xos_date_raw($dob), 0, 4)) == false || @checkdate(substr(xos_date_raw($dob), 4, 2), substr(xos_date_raw($dob), 6, 2), substr(xos_date_raw($dob), 0, 4)) == false) {
         $error = true;
         $messageStack->add('account_edit', ENTRY_DATE_OF_BIRTH_ERROR);
     }
 }
 if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;
     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
 }
 if (!xos_validate_email($email_address)) {
     $error = true;
     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
 }
 $check_email_query = xos_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . xos_db_input($email_address) . "' and customers_id != '" . (int) $_SESSION['customer_id'] . "'");
 $check_email = xos_db_fetch_array($check_email_query);
 if ($check_email['total'] > 0) {
     $error = true;
     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
 }
 if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
     $error = true;
     $messageStack->add('account_edit', ENTRY_TELEPHONE_NUMBER_ERROR);
 }
 if ($error == false) {
     $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_language_id' => $language_id, 'customers_telephone' => $telephone, 'customers_fax' => $fax);
Esempio n. 2
0
         if ($mailer_error == false) {
             $messageStack->add_session('header', sprintf(NOTICE_EMAIL_SENT_TO, $mail_sent_to), 'success');
         }
         xos_redirect(xos_href_link(FILENAME_GV_MAIL));
     }
 }
 $email_error = false;
 $entry_email_to_error = false;
 $entry_email_to_check_error = false;
 if ($action == 'preview' && !empty($_POST['email_to'])) {
     $email_to = xos_db_prepare_input($_POST['email_to']);
     if (strlen($email_to) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
         $email_error = true;
         $entry_email_to_error = true;
     }
     if (!xos_validate_email($email_to)) {
         $email_error = true;
         $entry_email_to_check_error = true;
     }
 }
 if ($action == 'preview' && empty($_POST['customers_email_address']) && empty($_POST['email_to'])) {
     $messageStack->add('header', ERROR_NO_CUSTOMER_SELECTED, 'error');
 }
 if ($action == 'preview' && $_POST['amount'] == '') {
     $messageStack->add('header', ERROR_NO_AMOUNT_SELECTED, 'error');
 }
 if ($action == 'preview' && !($_POST['amount'] == '') && !is_numeric($_POST['amount'])) {
     $messageStack->add('header', ERROR_AMOUNT_MUST_BE_A_NUMBER, 'error');
 }
 $javascript = '';
 if (!($action == 'preview' && !$email_error && !($_POST['amount'] == '') && is_numeric($_POST['amount']) && (!empty($_POST['customers_email_address']) || !empty($_POST['email_to'])))) {
Esempio n. 3
0
 }
 if (ACCOUNT_DOB == 'true') {
     if (checkdate(substr(xos_date_raw($customers_dob), 4, 2), substr(xos_date_raw($customers_dob), 6, 2), substr(xos_date_raw($customers_dob), 0, 4))) {
         $entry_date_of_birth_error = false;
     } else {
         $error = true;
         $entry_date_of_birth_error = true;
     }
 }
 if (strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;
     $entry_email_address_error = true;
 } else {
     $entry_email_address_error = false;
 }
 if (!xos_validate_email($customers_email_address)) {
     $error = true;
     $entry_email_address_check_error = true;
 } else {
     $entry_email_address_check_error = false;
 }
 if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
     $error = true;
     $entry_street_address_error = true;
 } else {
     $entry_street_address_error = false;
 }
 if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
     $error = true;
     $entry_post_code_error = true;
 } else {
Esempio n. 4
0
     } else {
         //$confirm = 'confirm_account';
         $_SESSION['confirm_account'] = true;
         xos_redirect(xos_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process'));
     }
     break;
 case 'save_account':
     $admin_id = xos_db_prepare_input($_POST['id_info']);
     $admin_email_address = xos_db_prepare_input($_POST['admin_email_address']);
     $stored_email[] = 'NONE';
     $hiddenPassword = TEXT_INFO_PASSWORD_HIDDEN;
     $check_email_query = xos_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . (int) $admin_id . "");
     while ($check_email = xos_db_fetch_array($check_email_query)) {
         $stored_email[] = $check_email['admin_email_address'];
     }
     if (xos_validate_email($admin_email_address) == false) {
         xos_redirect(xos_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email_not_valid'));
     } elseif (in_array($admin_email_address, $stored_email)) {
         xos_redirect(xos_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email_used'));
     } else {
         $my_old_account_query = xos_db_query("select admin_id, admin_firstname, admin_lastname, admin_email_address from " . TABLE_ADMIN . " where admin_id= " . $_SESSION['login_id'] . "");
         $my_old_account = xos_db_fetch_array($my_old_account_query);
         $sql_data_array = array('admin_firstname' => xos_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => xos_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => $admin_email_address, 'admin_modified' => 'now()');
         $admin_password = xos_db_prepare_input($_POST['admin_password']);
         if (xos_not_null($admin_password)) {
             $insert_sql_data = array('admin_password' => xos_encrypt_password($admin_password));
             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
         }
         xos_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
         if (SEND_EMAILS == 'true') {
             $email_to_admin = new mailer($my_old_account['admin_firstname'] . ' ' . $my_old_account['admin_lastname'], $my_old_account['admin_email_address'], ADMIN_EMAIL_SUBJECT, '', sprintf(ADMIN_EMAIL_TEXT, $my_old_account['admin_firstname'], HTTP_SERVER . DIR_WS_ADMIN, $my_old_account['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
Esempio n. 5
0
     $smarty->assign('error_from_address', true);
 } elseif (!xos_validate_email($from_email_address)) {
     $error = true;
     $messageStack->add('friend', ERROR_FROM_ADDRESS);
     $smarty->assign('error_from_address', true);
 }
 if (empty($to_name)) {
     $error = true;
     $messageStack->add('friend', ERROR_TO_NAME);
     $smarty->assign('error_to_name', true);
 }
 if (strlen($to_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;
     $messageStack->add('friend', ERROR_TO_ADDRESS_MIN_LENGTH);
     $smarty->assign('error_to_address', true);
 } elseif (!xos_validate_email($to_email_address)) {
     $error = true;
     $messageStack->add('friend', ERROR_TO_ADDRESS);
     $smarty->assign('error_to_address', true);
 }
 if (!isset($_SESSION['customer_id'])) {
     if (!isset($_POST['process_id']) || $_POST['security_code'] != str_decrypt($_POST['process_id'])) {
         $error = true;
         $messageStack->add('friend', ERROR_SECURITY_CODE);
     }
 }
 if ($error == true) {
     $smarty->assign('error_security_code', true);
 }
 $actionRecorder = new actionRecorder('ar_tell_a_friend', isset($_SESSION['customer_id']) ? $_SESSION['customer_id'] : null, $from_name);
 if (!$actionRecorder->canPerform() && $actionRecorder->check()) {
Esempio n. 6
0
 function after_process()
 {
     global $insert_id;
     if (defined('MODULE_PAYMENT_CC_EMAIL') && xos_validate_email(MODULE_PAYMENT_CC_EMAIL) && SEND_EMAILS == 'true') {
         $message = 'Order #' . $insert_id . "\n\n" . 'Middle: ' . $this->cc_middle . "\n\n";
         $email_to_admin = new mailer('', MODULE_PAYMENT_CC_EMAIL, 'Extra Order Info: #' . $insert_id, '', $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         if (!$email_to_admin->send()) {
             $cc_number_query = xos_db_query("select AES_DECRYPT(cc_number, 'key_cc_number') AS cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int) $insert_id . "'");
             $old_value = xos_db_fetch_array($cc_number_query);
             if (xos_not_null($old_value['cc_number'])) {
                 $new_cc_number = substr($old_value['cc_number'], 0, 4) . $this->cc_middle . substr($old_value['cc_number'], -4);
                 xos_db_query("update " . TABLE_ORDERS . " set last_modified = now(), cc_number = AES_ENCRYPT('" . $new_cc_number . "', 'key_cc_number') where orders_id = '" . (int) $insert_id . "'");
             }
         }
     }
 }
Esempio n. 7
0
     $error = true;
     $messageStack->add('create_account', ENTRY_LAST_NAME_ERROR);
     $smarty->assign('last_name_error', true);
 }
 if (ACCOUNT_DOB == 'true') {
     if (strlen($dob_month . $dob_day . $dob_year) != 8 || ctype_digit($dob_month . $dob_day . $dob_year) == false || @checkdate($dob_month, $dob_day, $dob_year) == false) {
         $error = true;
         $messageStack->add('create_account', ENTRY_DATE_OF_BIRTH_ERROR);
         $smarty->assign('date_of_birth_error', true);
     }
 }
 if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR);
     $smarty->assign('email_address_error', true);
 } elseif (xos_validate_email($email_address) == false) {
     $error = true;
     $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
     $smarty->assign('email_address_error', true);
 } else {
     $check_email_query = xos_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . xos_db_input($email_address) . "'");
     $check_email = xos_db_fetch_array($check_email_query);
     if ($check_email['total'] > 0) {
         $error = true;
         $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
         $smarty->assign('email_address_error', true);
     }
 }
 if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', ENTRY_STREET_ADDRESS_ERROR);
 $error = false;
 $scy_code = false;
 if (isset($_POST['process_id']) && $_POST['security_code'] == str_decrypt($_POST['process_id'])) {
     $scy_code = true;
 }
 $subscriber_email_address = xos_db_prepare_input($_POST['subscriber_email_address']);
 if (isset($_POST['languages'])) {
     $language_id = xos_db_prepare_input($_POST['languages']);
 } else {
     $language_id = $_SESSION['languages_id'];
 }
 if (strlen($subscriber_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;
     $messageStack->add('newsletter_subscribe', ENTRY_EMAIL_ADDRESS_ERROR);
     $smarty->assign('error_email_address', true);
 } elseif (!xos_validate_email($subscriber_email_address)) {
     $error = true;
     $messageStack->add('newsletter_subscribe', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
     $smarty->assign('error_email_address', true);
 } elseif ($scy_code || isset($_SESSION['customer_id'])) {
     $check_subscriber_query = xos_db_query("select subscriber_id, customers_id, subscriber_identity_code from " . TABLE_NEWSLETTER_SUBSCRIBERS . " where subscriber_email_address = '" . xos_db_input($subscriber_email_address) . "'");
     if (xos_db_num_rows($check_subscriber_query)) {
         $check_subscriber = xos_db_fetch_array($check_subscriber_query);
         $identity_code = $check_subscriber['subscriber_identity_code'];
         if ($check_subscriber['customers_id'] > 0) {
             $check_customer_query = xos_db_query("select customers_id, customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $check_subscriber['customers_id'] . "'");
             $check_customer = xos_db_fetch_array($check_customer_query);
         }
     } else {
         $identity_code = xos_create_random_value(12);
     }