$_SESSION['user'] = get_customer($customer_id); // Redirect to the Checkout application if necessary if (isset($_SESSION['checkout'])) { unset($_SESSION['checkout']); redirect('../checkout'); } else { redirect('.'); } break; case 'login': $email = $_POST['email']; $password = $_POST['password']; // If valid username/password, login // TODO: Improve this validation if (is_valid_customer_login($email, $password)) { $_SESSION['user'] = get_customer_by_email($email); } else { display_error('Login failed. Invalid email or password.'); } // If necessary, redirect to the Checkout app if (isset($_SESSION['checkout'])) { unset($_SESSION['checkout']); redirect('../checkout'); } else { redirect('.'); } break; case 'view_account': $customer_name = $_SESSION['user']['firstName'] . ' ' . $_SESSION['user']['lastName']; $email = $_SESSION['user']['emailAddress']; $ship_address_id = $_SESSION['user']['shipAddressID'];
<?php // Get your db connection file, be sure it has a new connection to the // tech support database require '../model/database.php'; // Get the models needed - work will need to be done in both require '../model/customer_db.php'; require '../model/registration_db.php'; require '../model/product_db.php'; $action = filter_input(INPUT_POST, 'action'); if ($action == 'login') { $email = filter_input(INPUT_POST, 'email'); if ($email == NULL || $email == FALSE) { include '../product_register/customer_login.php'; } else { $login = get_customer_by_email($email); if ($login['customerID'] == NULL || $login['customerID'] == FALSE) { $message = 'Invalid Username'; include '../product_register/product_register.php'; } else { $first = $login['firstName']; $last = $login['lastName']; $list = get_products(); include '../product_register/product_register.php'; } } } else { if ($action == 'add_registration') { $product_code = filter_input(INPUT_POST, 'product_code'); } }
* 5. Automatically enter the user's name in the product registration form * 6. When the page loads the product list should be a drop down menu of * products built from a resultset queried out of the database * 7. If the product registration data is submitted, register the product * 8. If the product is registered successfully, confirm it to the user. */ if ($action == 'register') { include 'customer_login.php'; } else { if ($action == 'login_user') { $email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL); if ($email == null || $email == false) { $error = "Please enter a valid email."; include '../errors/error.php'; } else { $user = get_customer_by_email($email); if (empty($user)) { $error = "User not found. Please try again."; include '../errors/error.php'; } else { $products = get_products(); include 'product_register.php'; } } } else { if ($action == 'register_product') { $product_code = filter_input(INPUT_POST, 'product_code'); $customer_id = filter_input(INPUT_POST, 'customer_id', FILTER_VALIDATE_INT); if ($product_code == null || $customer_id == null || $customer_id == false) { $error = "Please check your values and try again."; include '../errors/error.php';
function is_valid_customer_login($username, $password) { $token = get_customer_by_email($username); if ($token['password'] == $password) { return TRUE; } else { return FALSE; } }