function execute() { global $lC_Database, $lC_Session, $lC_NavigationHistory, $lC_Customer; if (!$lC_Customer->isLoggedOn()) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); return false; } $id = false; foreach ($_GET as $key => $value) { if ((preg_match('/^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$/', $key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) { $id = $key; } break; } if ($id !== false && lC_Product::checkEntry($id)) { $lC_Product = new lC_Product($id); $Qcheck = $lC_Database->query('select products_id from :table_products_notifications where customers_id = :customers_id and products_id = :products_id limit 1'); $Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->bindInt(':products_id', $lC_Product->getID()); $Qcheck->execute(); if ($Qcheck->numberOfRows() > 0) { $Qn = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id and products_id = :products_id'); $Qn->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qn->bindInt(':customers_id', $lC_Customer->getID()); $Qn->bindInt(':products_id', $lC_Product->getID()); $Qn->execute(); } } lc_redirect(lc_href_link(basename($_SERVER['SCRIPT_FILENAME']), lc_get_all_get_params(array('action')))); }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Vqmod; require_once $lC_Vqmod->modCheck('includes/classes/account.php'); $Qcheck = $lC_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1'); $Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcheck->bindValue(':customers_email_address', $_POST['email_address']); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $password = lc_create_random_string(ACCOUNT_PASSWORD); if (lC_Account::savePassword($password, $Qcheck->valueInt('customers_id'))) { if (ACCOUNT_GENDER > -1) { if ($data['gender'] == 'm') { $email_text = sprintf($lC_Language->get('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } else { $email_text = sprintf($lC_Language->get('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } } else { $email_text = sprintf($lC_Language->get('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n"; } $email_text .= sprintf($lC_Language->get('email_password_reminder_body'), getenv('REMOTE_ADDR'), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS); lc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf($lC_Language->get('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login&success=' . urlencode($lC_Language->get('success_password_forgotten_sent')), 'SSL')); } else { $lC_MessageStack->add('password_forgotten', $lC_Language->get('error_password_forgotten_no_email_address_found')); } }
protected function _process() { global $lC_Database, $lC_Session, $lC_Language, $lC_ShoppingCart, $lC_MessageStack, $lC_Customer, $lC_NavigationHistory, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/account.php'); if (lC_Account::checkEntry($_POST['email_address'])) { if (lC_Account::checkPassword($_POST['password'], $_POST['email_address'])) { if (SERVICE_SESSION_REGENERATE_ID == '1') { $lC_Session->recreate(); } $lC_Customer->setCustomerData(lC_Account::getID($_POST['email_address'])); $Qupdate = $lC_Database->query('update :table_customers set date_last_logon = :date_last_logon, number_of_logons = number_of_logons+1 where customers_id = :customers_id'); $Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS); $Qupdate->bindRaw(':date_last_logon', 'now()'); $Qupdate->bindInt(':customers_id', $lC_Customer->getID()); $Qupdate->execute(); if ($lC_ShoppingCart->hasContents() === true) { $lC_ShoppingCart->synchronizeWithDatabase(); } $lC_NavigationHistory->removeCurrentPage(); lC_Cache::clearAll(); if ($lC_NavigationHistory->hasSnapshot()) { $lC_NavigationHistory->redirectToSnapshot(); } else { lc_redirect(lc_href_link(FILENAME_DEFAULT, null, 'AUTO')); } } else { $lC_MessageStack->add('login', $lC_Language->get('error_login_no_match')); } } else { $lC_MessageStack->add('login', $lC_Language->get('error_login_no_match')); } }
protected function _process() { global $lC_Language, $lC_MessageStack, $lC_Product; if (empty($_POST['from_name'])) { $lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_customers_name_empty')); } if (!lc_validate_email_address($_POST['from_email_address'])) { $lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_invalid_customers_email_address')); } if (empty($_POST['to_name'])) { $lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_friends_name_empty')); } if (!lc_validate_email_address($_POST['to_email_address'])) { $lC_MessageStack->add('tell_a_friend', $lC_Language->get('error_tell_a_friend_invalid_friends_email_address')); } if ($lC_MessageStack->size('tell_a_friend') < 1) { $email_subject = sprintf($lC_Language->get('email_tell_a_friend_subject'), lc_sanitize_string($_POST['from_name']), STORE_NAME); $email_body = sprintf($lC_Language->get('email_tell_a_friend_intro'), lc_sanitize_string($_POST['to_name']), lc_sanitize_string($_POST['from_name']), $lC_Product->getTitle(), STORE_NAME) . "\n\n"; if (!empty($_POST['message'])) { $email_body .= lc_sanitize_string($_POST['message']) . "\n\n"; } $email_body .= sprintf($lC_Language->get('email_tell_a_friend_link'), lc_href_link(HTTP_SERVER . DIR_WS_CATALOG . FILENAME_PRODUCTS, $lC_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf($lC_Language->get('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n"); lc_email(lc_sanitize_string($_POST['to_name']), lc_sanitize_string($_POST['to_email_address']), $email_subject, $email_body, lc_sanitize_string($_POST['from_name']), lc_sanitize_string($_POST['from_email_address'])); lc_redirect(lc_href_link(FILENAME_PRODUCTS, 'tell_a_friend&' . $lC_Product->getID() . '&success=' . urlencode(sprintf($lC_Language->get('success_tell_a_friend_email_sent'), $lC_Product->getTitle(), lc_output_string_protected($_POST['to_name']))))); } }
function execute() { global $lC_Session, $lC_ShoppingCart; if (is_numeric($_GET['item'])) { $lC_ShoppingCart->remove($_GET['item']); } lc_redirect(lc_href_link(FILENAME_CHECKOUT)); }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $lC_Vqmod; require_once $lC_Vqmod->modCheck('includes/classes/account.php'); $data = array(); if (ACCOUNT_GENDER >= 0) { if (isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f')) { $data['gender'] = $_POST['gender']; } else { $lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_gender_error')); } } if (isset($_POST['firstname']) && strlen(trim($_POST['firstname'])) >= ACCOUNT_FIRST_NAME) { $data['firstname'] = $_POST['firstname']; } else { $lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME)); } if (isset($_POST['lastname']) && strlen(trim($_POST['lastname'])) >= ACCOUNT_LAST_NAME) { $data['lastname'] = $_POST['lastname']; } else { $lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME)); } if (ACCOUNT_DATE_OF_BIRTH == '1') { $dateParts = explode("/", $_POST['dob']); if (isset($_POST['dob']) && checkdate($dateParts[0], $dateParts[1], $dateParts[2])) { $data['dob'] = @mktime(0, 0, 0, $dateParts[0], $dateParts[1], $dateParts[2]); } else { $lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_date_of_birth_error')); } } if (isset($_POST['email_address']) && strlen(trim($_POST['email_address'])) >= ACCOUNT_EMAIL_ADDRESS) { if (lc_validate_email_address($_POST['email_address'])) { if (lC_Account::checkDuplicateEntry($_POST['email_address']) === false) { $data['email_address'] = $_POST['email_address']; } else { $lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_email_address_exists_error')); } } else { $lC_MessageStack->add('account_edit', $lC_Language->get('field_customer_email_address_check_error')); } } else { $lC_MessageStack->add('account_edit', sprintf($lC_Language->get('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS)); } if ($lC_MessageStack->size('account_edit') === 0) { if (lC_Account::saveEntry($data)) { // reset the session variables if (ACCOUNT_GENDER > -1) { $lC_Customer->setGender($data['gender']); } $lC_Customer->setFirstName(trim($data['firstname'])); $lC_Customer->setLastName(trim($data['lastname'])); $lC_Customer->setEmailAddress($data['email_address']); $lC_MessageStack->add('account', $lC_Language->get('success_account_updated'), 'success'); } lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL')); } }
protected function _process() { global $lC_Language, $lC_MessageStack; $name = lc_sanitize_string($_POST['name']); $email_address = lc_sanitize_string($_POST['email']); $inquiry = lc_sanitize_string($_POST['inquiry']); if (lc_validate_email_address($email_address)) { lc_email(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $lC_Language->get('contact_email_subject'), $inquiry, $name, $email_address); lc_redirect(lc_href_link(FILENAME_INFO, 'contact&success=' . urlencode($lC_Language->get('contact_email_sent_successfully')), 'AUTO')); } else { $lC_MessageStack->add('contact', $lC_Language->get('field_customer_email_address_check_error')); } }
public function __construct() { global $lC_Language, $lC_Database, $lC_MessageStack; if (!isset($_GET['set'])) { $_GET['set'] = 'members'; } $action = isset($_GET['gid']) && !empty($_GET['gid']) ? 'edit' : 'insert'; switch ($_GET['set']) { case 'groups': $this->_page_title = $lC_Language->get('heading_title_groups'); $this->_page_name = 'groups'; $this->_page_contents = 'groups.php'; if (isset($_GET['process'])) { $result = array(); switch (strtolower($_GET['process'])) { case 'edit': $result = lC_Administrators_Admin::saveGroup($_GET['gid'], $_POST); break; default: $result = lC_Administrators_Admin::saveGroup(NULL, $_POST); } if ($result['rpcStatus'] != 1 || $lC_Database->isError()) { if ($lC_Database->isError()) { $lC_MessageStack->add($this->_module, $lC_Database->getError(), 'error'); } else { $lC_MessageStack->add($this->_module, $lC_Language->get('ms_error_action_not_performed'), 'error'); } } $_SESSION['messageToStack'] = $lC_MessageStack->getAll(); lc_redirect_admin(lc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&set=groups')); } break; case 'access': if ($action == 'insert' && (int) $_SESSION['admin']['access'][$this->_module] < 2) { lc_redirect(lc_href_link_admin(FILENAME_DEFAULT, 'error_pages&set=no_access')); } if ($action != 'insert' && (int) $_SESSION['admin']['access'][$this->_module] < 3) { lc_redirect(lc_href_link_admin(FILENAME_DEFAULT, 'error_pages&set=no_access')); } $this->_page_title = $action == 'insert' ? $lC_Language->get('heading_title_new_group') : $lC_Language->get('heading_title_edit_group'); $this->_page_name = 'access'; $this->_page_contents = 'access.php'; break; case 'members': default: $this->_page_title = $lC_Language->get('heading_title'); $this->_page_name = 'members'; $this->_page_contents = 'main.php'; break; } }
function execute() { global $lC_Database, $lC_Session, $lC_NavigationHistory, $lC_Customer; if (!$lC_Customer->isLoggedOn()) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); return false; } $notifications = array(); if (isset($_GET['products']) && !empty($_GET['products'])) { $products_array = explode(';', $_GET['products']); foreach ($products_array as $product_id) { if (is_numeric($product_id) && !in_array($product_id, $notifications)) { $notifications[] = $product_id; } } } else { $id = false; foreach ($_GET as $key => $value) { if ((preg_match('/^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$/', $key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) { $id = $key; } break; } if ($id !== false && lC_Product::checkEntry($id)) { $lC_Product = new lC_Product($id); $notifications[] = $lC_Product->getID(); } } if (!empty($notifications)) { foreach ($notifications as $product_id) { $Qcheck = $lC_Database->query('select products_id from :table_products_notifications where customers_id = :customers_id and products_id = :products_id limit 1'); $Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->bindInt(':products_id', $product_id); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $Qn = $lC_Database->query('insert into :table_products_notifications (products_id, customers_id, date_added) values (:products_id, :customers_id, :date_added)'); $Qn->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qn->bindInt(':products_id', $product_id); $Qn->bindInt(':customers_id', $lC_Customer->getID()); $Qn->bindRaw(':date_added', 'now()'); $Qn->execute(); } } } lc_redirect(lc_href_link(basename($_SERVER['SCRIPT_FILENAME']), lc_get_all_get_params(array('action')))); }
function execute() { global $lC_Session, $lC_ShoppingCart, $lC_Product, $lC_Language, $lC_Customer; if (!isset($lC_Product)) { $id = false; foreach ($_GET as $key => $value) { if ((is_numeric($key) || preg_match('/^[a-zA-Z0-9 -_]*$/', $key)) && $key != $lC_Session->getName()) { $id = $key; } break; } if ($id !== false && lC_Product::checkEntry($id)) { $lC_Product = new lC_Product($id); } } if (isset($lC_Product)) { // VQMOD-hookpoint; DO NOT MODIFY OR REMOVE THE LINE BELOW $quantity = isset($_POST['quantity']) && !empty($_POST['quantity']) ? (int) $_POST['quantity'] : 1; if ($lC_Product->hasVariants()) { if (isset($_POST['variants']) && is_array($_POST['variants']) && !empty($_POST['variants'])) { if ($lC_Product->variantExists($_POST['variants'])) { $lC_ShoppingCart->add($lC_Product->getProductVariantID($_POST['variants']), $quantity); } else { lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword() . '&error=' . urlencode($lC_Language->get('variant_combo_not_available')))); return false; } } else { lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword())); return false; } } else { if (isset($_GET['info']) && $_GET['info'] == '1') { } else { if ($lC_Product->hasSubProducts($lC_Product->getID()) || $lC_Product->hasSimpleOptions()) { lc_redirect(lc_href_link(FILENAME_PRODUCTS, $lC_Product->getKeyword())); } } if (isset($_POST['quantity']) && is_array($_POST['quantity'])) { foreach ($_POST['quantity'] as $product_id => $quantity) { $lC_ShoppingCart->add((int) $product_id, (int) $quantity); } } else { $lC_ShoppingCart->add($lC_Product->getID(), $quantity); } } } lc_redirect(lc_href_link(FILENAME_CHECKOUT)); }
function _process() { $notify_string = ''; $products_array = isset($_POST['notify']) ? $_POST['notify'] : array(); if (!is_array($products_array)) { $products_array = array($products_array); } $notifications = array(); foreach ($products_array as $product_id) { if (is_numeric($product_id) && !in_array($product_id, $notifications)) { $notifications[] = $product_id; } } if (!empty($notifications)) { $notify_string = 'action=notify_add&products=' . implode(';', $notifications); } lc_redirect(lc_href_link(FILENAME_DEFAULT, $notify_string, 'AUTO')); }
public function lC_Account_Orders() { global $lC_Services, $lC_Language, $lC_Customer, $lC_Breadcrumb, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/order.php'); $this->_page_title = $lC_Language->get('orders_heading'); $lC_Language->load('order'); if ($lC_Services->isStarted('breadcrumb')) { $lC_Breadcrumb->add($lC_Language->get('breadcrumb_my_orders'), lc_href_link(FILENAME_ACCOUNT, $this->_module, 'SSL')); if (is_numeric($_GET[$this->_module])) { $lC_Breadcrumb->add(sprintf($lC_Language->get('breadcrumb_order_information'), $_GET[$this->_module]), lc_href_link(FILENAME_ACCOUNT, $this->_module . '=' . $_GET[$this->_module], 'SSL')); } } if (is_numeric($_GET[$this->_module])) { if (lC_Order::getCustomerID($_GET[$this->_module]) !== $lC_Customer->getID()) { lc_redirect(lc_href_link(FILENAME_ACCOUNT, $this->_module, 'SSL')); } $this->_page_title = sprintf($lC_Language->get('order_information_heading'), $_GET[$this->_module]); $this->_page_contents = 'account_history_info.php'; } }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $Qnewsletter; if (isset($_POST['newsletter_general']) && is_numeric($_POST['newsletter_general'])) { $newsletter_general = $_POST['newsletter_general']; } else { $newsletter_general = '0'; } if ($newsletter_general != $Qnewsletter->valueInt('customers_newsletter')) { $newsletter_general = $Qnewsletter->value('customers_newsletter') == '1' ? '0' : '1'; $Qupdate = $lC_Database->query('update :table_customers set customers_newsletter = :customers_newsletter where customers_id = :customers_id'); $Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS); $Qupdate->bindInt(':customers_newsletter', $newsletter_general); $Qupdate->bindInt(':customers_id', $lC_Customer->getID()); $Qupdate->execute(); if ($Qupdate->affectedRows() === 1) { $lC_MessageStack->add('account', $lC_Language->get('success_newsletter_updated'), 'success'); } } lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL')); }
function execute() { global $lC_ShoppingCart; // update cart qty if (isset($_POST['products']) && is_array($_POST['products']) && !empty($_POST['products'])) { foreach ($_POST['products'] as $item_id => $quantity) { if (!is_numeric($item_id) || !is_numeric($quantity)) { return false; } $lC_ShoppingCart->update($item_id, $quantity); } } // remove cart items if (isset($_POST['delete']) && is_array($_POST['delete']) && !empty($_POST['delete'])) { foreach ($_POST['delete'] as $item_id => $confirm) { if (!is_numeric($item_id)) { return false; } $lC_ShoppingCart->remove($item_id); } } lc_redirect(lc_href_link(FILENAME_CHECKOUT)); }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Vqmod; require_once $lC_Vqmod->modCheck('includes/classes/account.php'); if (!isset($_POST['password_current']) || strlen(trim($_POST['password_current'])) < ACCOUNT_PASSWORD) { $lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_current_error'), ACCOUNT_PASSWORD)); } elseif (!isset($_POST['password_new']) || strlen(trim($_POST['password_new'])) < ACCOUNT_PASSWORD) { $lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_new_error'), ACCOUNT_PASSWORD)); } elseif (!isset($_POST['password_confirmation']) || trim($_POST['password_new']) != trim($_POST['password_confirmation'])) { $lC_MessageStack->add('account_password', $lC_Language->get('field_customer_password_new_mismatch_with_confirmation_error')); } if ($lC_MessageStack->size('account_password') === 0) { if (lC_Account::checkPassword(trim($_POST['password_current']))) { if (lC_Account::savePassword(trim($_POST['password_new']))) { lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'success=' . urlencode($lC_Language->get('success_password_updated')), 'SSL')); } else { $lC_MessageStack->add('account_password', sprintf($lC_Language->get('field_customer_password_new_error'), ACCOUNT_PASSWORD)); } } else { $lC_MessageStack->add('account_password', $lC_Language->get('error_current_password_not_matching')); } } }
protected function _delete($id) { global $lC_MessageStack, $lC_Language, $lC_Customer; if ($id != $lC_Customer->getDefaultAddressID()) { if (lC_AddressBook::deleteEntry($id)) { $lC_MessageStack->add('address_book', $lC_Language->get('success_address_book_entry_deleted'), 'success'); } } else { $lC_MessageStack->add('address_book', $lC_Language->get('warning_primary_address_deletion'), 'warning'); } lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'address_book', 'SSL')); }
/** * Verify an existing session ID and create or resume the session if the existing session ID is valid * * @access public * @return boolean */ public function start() { $sane_session_id = true; if (isset($_GET[$this->_name]) && (empty($_GET[$this->_name]) || ctype_alnum($_GET[$this->_name]) === false)) { $sane_session_id = false; } elseif (isset($_POST[$this->_name]) && (empty($_POST[$this->_name]) || ctype_alnum($_POST[$this->_name]) === false)) { $sane_session_id = false; } elseif (isset($_COOKIE[$this->_name]) && (empty($_COOKIE[$this->_name]) || ctype_alnum($_COOKIE[$this->_name]) === false)) { $sane_session_id = false; } if ($sane_session_id === false) { if (isset($_COOKIE[$this->_name])) { setcookie($this->_name, '', time() - 42000, $this->getCookieParameters('path'), $this->getCookieParameters('domain')); } lc_redirect(lc_href_link(FILENAME_DEFAULT, null, 'NONSSL', false)); } else { if (isset($_GET['lCsid']) && $_GET['lCsid'] != NULL && isset($_GET['qr']) && $_GET['qr'] == '1') { $this->_is_started = true; $this->_id = $_GET['lCsid']; session_id($_GET['lCsid']); session_start(); unset($_SESSION['lC_Customer_data']); $_SESSION['lC_Customer_data']['email_address'] = $_GET['email']; return true; } else { if (isset($_GET['lCAdminID']) && $_GET['lCAdminID'] != NULL) { $this->_is_started = true; $this->_id = $_GET['lCAdminID']; session_id($_GET['lCAdminID']); session_start(); return true; } else { if (session_start()) { $this->_is_started = true; $this->_id = session_id(); return true; } } } } return false; }
protected function _process($id) { global $lC_Language, $lC_MessageStack, $lC_Customer, $lC_Reviews; $data = array('products_id' => $id); if ($lC_Customer->isLoggedOn()) { $data['customer_id'] = $lC_Customer->getID(); $data['customer_name'] = $lC_Customer->getName(); } else { $data['customer_id'] = '0'; $data['customer_name'] = $_POST['customer_name']; } if (strlen(trim($_POST['review'])) < REVIEW_TEXT_MIN_LENGTH) { $lC_MessageStack->add('reviews', sprintf($lC_Language->get('js_review_text'), REVIEW_TEXT_MIN_LENGTH)); } else { $data['review'] = $_POST['review']; } if ($_POST['rating'] < 1 || $_POST['rating'] > 5) { $lC_MessageStack->add('reviews', $lC_Language->get('js_review_rating')); } else { $data['rating'] = $_POST['rating']; } if ($lC_MessageStack->size('reviews') < 1) { if ($lC_Reviews->is_moderated === true) { $data['status'] = '0'; $lC_MessageStack->add('reviews', $lC_Language->get('success_review_moderation'), 'success'); } else { $data['status'] = '1'; $lC_MessageStack->add('reviews', $lC_Language->get('success_review_new'), 'success'); } lC_Reviews::saveEntry($data); lc_redirect(lc_href_link(FILENAME_PRODUCTS, 'reviews&' . $id)); } }
public function redirectToSnapshot() { $target = $this->getSnapshotURL(true); $this->resetSnapshot(); lc_redirect($target); }
public function lC_Checkout_Payment() { global $lC_Database, $lC_Session, $lC_ShoppingCart, $lC_Customer, $lC_Services, $lC_Language, $lC_NavigationHistory, $lC_Breadcrumb, $lC_Payment, $lC_MessageStack, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/address_book.php'); if ($lC_Customer->isLoggedOn() === false) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } if ($lC_ShoppingCart->hasContents() === false) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL')); } // if no shipping method has been selected, redirect the customer to the shipping method selection page if ($lC_ShoppingCart->hasShippingMethod() === false) { if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') { if (lC_AddressBook::numberOfEntries() < 1) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment_address', 'SSL')); } } else { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL')); } } else { if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') { if (lC_AddressBook::numberOfEntries() < 1) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment_address', 'SSL')); } } } // Stock Check if (STOCK_CHECK == '1' && AUTODISABLE_OUT_OF_STOCK_PRODUCT == '1') { foreach ($lC_ShoppingCart->getProducts() as $products) { if ($lC_ShoppingCart->isInStock($products['id']) === false) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'SSL')); break; } } } $this->_page_title = $lC_Language->get('payment_method_heading'); if ($lC_Services->isStarted('breadcrumb')) { $lC_Breadcrumb->add($lC_Language->get('breadcrumb_checkout_payment'), lc_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL')); } // redirect to the billing address page when no default address exists if ($lC_Customer->hasDefaultAddress() === false) { $this->_page_title = $lC_Language->get('payment_address_heading'); $this->_page_contents = 'checkout_payment_address.php'; $this->addJavascriptPhpFilename('templates/' . $this->getCode() . '/javascript/addressBookDetails.js.php'); } else { // if no billing destination address was selected, use the customers own address as default if ($lC_ShoppingCart->hasBillingAddress() == false) { $lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID()); } else { // verify the selected billing address $Qcheck = $lC_Database->query('select address_book_id from :table_address_book where address_book_id = :address_book_id and customers_id = :customers_id limit 1'); $Qcheck->bindTable(':table_address_book', TABLE_ADDRESS_BOOK); $Qcheck->bindInt(':address_book_id', $lC_ShoppingCart->getBillingAddress('id')); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->execute(); if ($Qcheck->numberOfRows() !== 1) { $lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID()); $lC_ShoppingCart->resetBillingMethod(); } } // load all enabled payment modules include $lC_Vqmod->modCheck('includes/classes/payment.php'); $lC_Payment = new lC_Payment(); $this->addJavascriptBlock($lC_Payment->getJavascriptBlocks()); } if (isset($_GET['payment_error'])) { $lC_MessageStack->add('checkout_payment', urldecode($_GET['payment_error']), 'error'); } if (isset($_SESSION['messageToStack']) && !empty($_SESSION['messageToStack'])) { $lC_MessageStack->__construct(); } // ppec inject if (isset($_GET['skip']) && $_GET['skip'] == 'no' || isset($_GET['payment_error'])) { if (isset($_SESSION['SKIP_PAYMENT_PAGE'])) { unset($_SESSION['SKIP_PAYMENT_PAGE']); } if (isset($_SESSION['cartSync'])) { unset($_SESSION['cartSync']); } } else { if (isset($_SESSION['SKIP_PAYMENT_PAGE']) && $_SESSION['SKIP_PAYMENT_PAGE'] === TRUE) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'confirmation', 'SSL')); } } }
function start() { global $request_type, $lC_Session, $lC_Vqmod; include $lC_Vqmod->modCheck('includes/classes/session.php'); $lC_Session = lC_Session::load(); if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') { lc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90); if (isset($_COOKIE['cookie_test'])) { $lC_Session->start(); } } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; if (empty($user_agent) === false) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_flag = true; break; } } } } if ($spider_flag === false) { $lC_Session->start(); } } else { $lC_Session->start(); } // verify the ssl_session_id if ($request_type == 'https' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) { if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) { if (isset($_SESSION['SESSION_SSL_ID']) === false) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO')); } } } // verify the browser user agent if (SERVICE_SESSION_CHECK_USER_AGENT == '1') { $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (isset($_SESSION['SESSION_USER_AGENT']) === false) { $_SESSION['SESSION_USER_AGENT'] = $http_user_agent; } if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // verify the IP address if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') { if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) { $_SESSION['SESSION_IP_ADDRESS'] = lc_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != lc_get_ip_address()) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } return true; }
protected function _process() { global $lC_ShoppingCart, $lC_Shipping, $lC_Vqmod; require_once $lC_Vqmod->modCheck('includes/classes/address_book.php'); if (!empty($_POST['comments'])) { $_SESSION['comments'] = lc_sanitize_string($_POST['comments']); } // added to carry ship to address as billing address if (!empty($_POST['shipto_as_billable'])) { $_SESSION['shipto_as_billable'] = $_POST['shipto_as_billable']; } if ($lC_Shipping->hasQuotes()) { if (isset($_POST['shipping_mod_sel']) && strpos($_POST['shipping_mod_sel'], '_')) { list($module, $method) = explode('_', $_POST['shipping_mod_sel']); $module = 'lC_Shipping_' . $module; if (is_object($GLOBALS[$module]) && $GLOBALS[$module]->isEnabled()) { $quote = $lC_Shipping->getQuote($_POST['shipping_mod_sel']); if (isset($quote['error'])) { $lC_ShoppingCart->resetShippingMethod(); } else { $lC_ShoppingCart->setShippingMethod($quote); $_SESSION['SelectedShippingMethodCost'] = $quote['cost']; lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } } else { $lC_ShoppingCart->resetShippingMethod(); } } } else { $lC_ShoppingCart->resetShippingMethod(); lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } }
/** @package catalog @author Loaded Commerce @copyright Copyright 2003-2014 Loaded Commerce, LLC @copyright Portions Copyright 2003 osCommerce @license https://github.com/loadedcommerce/loaded7/blob/master/LICENSE.txt @version $Id: account.php v1.0 2013-08-08 datazen $ */ $_SERVER['SCRIPT_FILENAME'] = __FILE__; require 'includes/application_top.php'; if ($lC_Customer->isLoggedOn() === false) { if (!empty($_GET)) { $first_array = array_slice($_GET, 0, 1); } if (empty($_GET) || !empty($_GET) && !in_array(lc_sanitize_string(basename(key($first_array))), array('login', 'create', 'password_forgotten'))) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // VQMOD-hookpoint; DO NOT MODIFY OR REMOVE THE LINE BELOW $lC_Language->load('account'); if ($lC_Services->isStarted('breadcrumb')) { $lC_Breadcrumb->add($lC_Language->get('breadcrumb_my_account'), lc_href_link(FILENAME_ACCOUNT, null, 'SSL')); } $lC_Template = lC_Template::setup('account'); $countries_array = array(array('id' => '', 'text' => $lC_Language->get('pull_down_default'))); foreach (lC_Address::getCountries() as $country) { $countries_array[] = array('id' => $country['id'], 'text' => $country['name']); } require $lC_Vqmod->modCheck('templates/' . $lC_Template->getCode() . '.php'); require $lC_Vqmod->modCheck('includes/application_bottom.php');
$Qupdate->execute(); // Now send the file with header() magic header("Expires: Mon, 26 Nov 1962 00:00:00 GMT"); header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: Application/octet-stream"); header("Content-disposition: attachment; filename=" . $Qdownloads->value('orders_products_filename')); if (DOWNLOAD_BY_REDIRECT == '1') { // This will work only on Unix/Linux hosts lc_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC); $tempdir = lc_random_name(); umask(00); mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777); symlink(DIR_FS_DOWNLOAD . $Qdownloads->value('orders_products_filename'), DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $Qdownloads->value('orders_products_filename')); lc_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $Qdownloads->value('orders_products_filename')); } else { // This will work on all systems, but will need considerable resources // We could also loop with fread($fp, 4096) to save memory readfile(DIR_FS_DOWNLOAD . $Qdownloads->value('orders_products_filename')); } /* * Returns a random name, 16 to 20 characters long * * @access public * @return string */ function lc_random_name() { $letters = 'abcdefghijklmnopqrstuvwxyz'; $dirname = '.';
protected function _process() { global $lC_Database, $lC_Session, $lC_Language, $lC_ShoppingCart, $lC_Customer, $lC_MessageStack, $lC_Vqmod; require_once $lC_Vqmod->modCheck('includes/classes/address_book.php'); // process a new billing address if ($lC_Customer->hasDefaultAddress() === false || !empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['street_address'])) { if (ACCOUNT_GENDER > 0) { if (!isset($_POST['gender']) || $_POST['gender'] != 'm' && $_POST['gender'] != 'f') { $lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_gender_error')); } } if (!isset($_POST['firstname']) || strlen(trim($_POST['firstname'])) < ACCOUNT_FIRST_NAME) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME)); } if (!isset($_POST['lastname']) || strlen(trim($_POST['lastname'])) < ACCOUNT_LAST_NAME) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME)); } if (ACCOUNT_COMPANY > 0) { if (!isset($_POST['company']) || strlen(trim($_POST['company'])) < ACCOUNT_COMPANY) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_company_error'), ACCOUNT_COMPANY)); } } if (!isset($_POST['street_address']) || strlen(trim($_POST['street_address'])) < ACCOUNT_STREET_ADDRESS) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_street_address_error'), ACCOUNT_STREET_ADDRESS)); } if (ACCOUNT_SUBURB > 0) { if (!isset($_POST['suburb']) || strlen(trim($_POST['suburb'])) < ACCOUNT_SUBURB) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_suburb_error'), ACCOUNT_SUBURB)); } } if (ACCOUNT_POST_CODE > 0) { if (!isset($_POST['postcode']) || strlen(trim($_POST['postcode'])) < ACCOUNT_POST_CODE) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_post_code_error'), ACCOUNT_POST_CODE)); } } if (!isset($_POST['city']) || strlen(trim($_POST['city'])) < ACCOUNT_CITY) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_city_error'), ACCOUNT_CITY)); } if (ACCOUNT_STATE > 0) { $zone_id = 0; $Qcheck = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id limit 1'); $Qcheck->bindTable(':table_zones', TABLE_ZONES); $Qcheck->bindInt(':zone_country_id', $_POST['country']); $Qcheck->execute(); $entry_state_has_zones = $Qcheck->numberOfRows() > 0; $Qcheck->freeResult(); if ($entry_state_has_zones === true) { $Qzone = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id and zone_code = :zone_code'); $Qzone->bindTable(':table_zones', TABLE_ZONES); $Qzone->bindInt(':zone_country_id', $_POST['country']); $Qzone->bindValue(':zone_code', $_POST['state']); $Qzone->execute(); if ($Qzone->numberOfRows() === 1) { $zone_id = $Qzone->valueInt('zone_id'); } else { $Qzone = $lC_Database->query('select zone_id from :table_zones where zone_country_id = :zone_country_id and zone_name = :zone_name'); $Qzone->bindTable(':table_zones', TABLE_ZONES); $Qzone->bindInt(':zone_country_id', $_POST['country']); $Qzone->bindValue(':zone_name', $_POST['state']); $Qzone->execute(); if ($Qzone->numberOfRows() === 1) { $zone_id = $Qzone->valueInt('zone_id'); } else { $lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_state_select_pull_down_error')); } } $Qzone->freeResult(); } else { if (strlen(trim($_POST['state'])) < ACCOUNT_STATE) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_state_error'), ACCOUNT_STATE)); } } } if (is_numeric($_POST['country']) === false || $_POST['country'] < 1) { $lC_MessageStack->add('checkout_address', $lC_Language->get('field_customer_country_error')); } if (ACCOUNT_TELEPHONE > 0) { if (!isset($_POST['telephone']) || strlen(trim($_POST['telephone'])) < ACCOUNT_TELEPHONE) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_telephone_number_error'), ACCOUNT_TELEPHONE)); } } if (ACCOUNT_FAX > 0) { if (!isset($_POST['fax']) || strlen(trim($_POST['fax'])) < ACCOUNT_FAX) { $lC_MessageStack->add('checkout_address', sprintf($lC_Language->get('field_customer_fax_number_error'), ACCOUNT_FAX)); } } if ($lC_MessageStack->size('checkout_address') === 0) { $Qab = $lC_Database->query('insert into :table_address_book (customers_id, entry_gender, entry_company, entry_firstname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_country_id, entry_zone_id, entry_telephone, entry_fax) values (:customers_id, :entry_gender, :entry_company, :entry_firstname, :entry_lastname, :entry_street_address, :entry_suburb, :entry_postcode, :entry_city, :entry_state, :entry_country_id, :entry_zone_id, :entry_telephone, :entry_fax)'); $Qab->bindTable(':table_address_book', TABLE_ADDRESS_BOOK); $Qab->bindInt(':customers_id', $lC_Customer->getID()); $Qab->bindValue(':entry_gender', ACCOUNT_GENDER > -1 && isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f') ? $_POST['gender'] : ''); $Qab->bindValue(':entry_company', ACCOUNT_COMPANY > -1 ? trim($_POST['company']) : ''); $Qab->bindValue(':entry_firstname', trim($_POST['firstname'])); $Qab->bindValue(':entry_lastname', trim($_POST['lastname'])); $Qab->bindValue(':entry_street_address', trim($_POST['street_address'])); $Qab->bindValue(':entry_suburb', ACCOUNT_SUBURB > -1 ? trim($_POST['suburb']) : ''); $Qab->bindValue(':entry_postcode', ACCOUNT_POST_CODE > -1 ? trim($_POST['postcode']) : ''); $Qab->bindValue(':entry_city', trim($_POST['city'])); $Qab->bindValue(':entry_state', ACCOUNT_STATE > -1 ? $zone_id > 0 ? '' : $_POST['state'] : ''); $Qab->bindInt(':entry_country_id', $_POST['country']); $Qab->bindInt(':entry_zone_id', ACCOUNT_STATE > -1 ? $zone_id > 0 ? $zone_id : 0 : ''); $Qab->bindValue(':entry_telephone', ACCOUNT_TELEPHONE > -1 ? trim($_POST['telephone']) : ''); $Qab->bindValue(':entry_fax', ACCOUNT_FAX > -1 ? trim($_POST['fax']) : ''); $Qab->execute(); if ($Qab->affectedRows() === 1) { $address_book_id = $lC_Database->nextID(); if ($lC_Customer->hasDefaultAddress() === false) { $Qcustomer = $lC_Database->query('update :table_customers set customers_default_address_id = :customers_default_address_id where customers_id = :customers_id'); $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindInt(':customers_default_address_id', $address_book_id); $Qcustomer->bindInt(':customers_id', $lC_Customer->getID()); $Qcustomer->execute(); $lC_Customer->setCountryID($_POST['country']); $lC_Customer->setZoneID($zone_id); $lC_Customer->setDefaultAddressID($address_book_id); } $lC_ShoppingCart->setBillingAddress($address_book_id); //$lC_ShoppingCart->resetBillingMethod(); lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } else { $lC_MessageStack->add('checkout_address', 'Error inserting into address book table.'); } } // process the selected billing destination } elseif (isset($_POST['address'])) { $reset_payment = false; if ($lC_ShoppingCart->hasBillingAddress()) { if ($lC_ShoppingCart->getBillingAddress('id') != $_POST['address']) { if ($lC_ShoppingCart->hasBillingMethod()) { $reset_payment = true; } } } $lC_ShoppingCart->setBillingAddress($_POST['address']); $Qcheck = $lC_Database->query('select address_book_id from :table_address_book where address_book_id = :address_book_id and customers_id = :customers_id limit 1'); $Qcheck->bindTable(':table_address_book', TABLE_ADDRESS_BOOK); $Qcheck->bindInt(':address_book_id', $lC_ShoppingCart->getBillingAddress('id')); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { if ($reset_payment === true) { $lC_ShoppingCart->resetBillingMethod(); } lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } else { $lC_ShoppingCart->resetBillingAddress(); } // no addresses to select from - customer decided to keep the current assigned address } else { $lC_ShoppingCart->setBillingAddress($lC_Customer->getDefaultAddressID()); lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } }
public function __construct() { global $lC_Language, $lC_MessageStack; parent::__construct(); if (isset($_GET['filename'])) { $filename = $_GET['filename']; // Now send the file with header() magic header("Expires: Mon, 26 Nov 1962 00:00:00 GMT"); header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: Application/octet-stream"); header("Content-disposition: attachment; filename=" . $filename); if (DOWNLOAD_BY_REDIRECT == '1') { // This will work only on Unix/Linux hosts lc_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC); $tempdir = lc_random_name(); umask(00); mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777); symlink(DIR_FS_DOWNLOAD . $filename, DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $filename); lc_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $filename); } else { // This will work on all systems, but will need considerable resources // We could also loop with fread($fp, 4096) to save memory readfile(DIR_FS_DOWNLOAD . $filename); } die; } /* * Returns a random name, 16 to 20 characters long * * @access public * @return string */ function lc_random_name() { $letters = 'abcdefghijklmnopqrstuvwxyz'; $dirname = '.'; $length = floor(lc_rand(16, 20)); for ($i = 1; $i <= $length; $i++) { $q = floor(lc_rand(1, 26)); $dirname .= $letters[$q]; } return $dirname; } /* * Unlinks all subdirectories and files in $dir (non-recursive) * * @param string $dir The parent directory * @access public * @return void */ function lc_unlink_temp_dir($dir) { $h1 = opendir($dir); while ($subdir = readdir($h1)) { // Ignore non directories if (!is_dir($dir . $subdir)) { continue; } // Ignore . and .. and CVS if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') { continue; } // Loop and unlink files in subdirectory $h2 = opendir($dir . $subdir); while ($file = readdir($h2)) { if ($file == '.' || $file == '..') { continue; } @unlink($dir . $subdir . '/' . $file); } closedir($h2); @rmdir($dir . $subdir); } closedir($h1); } }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $Qglobal; $updated = false; if (isset($_POST['product_global']) && is_numeric($_POST['product_global'])) { $product_global = $_POST['product_global']; } else { $product_global = '0'; } if (isset($_POST['products'])) { (array) ($products = $_POST['products']); } else { $products = array(); } if ($product_global != $Qglobal->valueInt('global_product_notifications')) { $product_global = $Qglobal->valueInt('global_product_notifications') == '1' ? '0' : '1'; $Qupdate = $lC_Database->query('update :table_customers set global_product_notifications = :global_product_notifications where customers_id = :customers_id'); $Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS); $Qupdate->bindInt(':global_product_notifications', $product_global); $Qupdate->bindInt(':customers_id', $lC_Customer->getID()); $Qupdate->execute(); if ($Qupdate->affectedRows() == 1) { $updated = true; } } elseif (sizeof($products) > 0) { $products_parsed = array_filter($products, 'is_numeric'); if (sizeof($products_parsed) > 0) { $Qcheck = $lC_Database->query('select count(*) as total from :table_products_notifications where customers_id = :customers_id and products_id not in :products_id'); $Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->bindRaw(':products_id', '(' . implode(',', $products_parsed) . ')'); $Qcheck->execute(); if ($Qcheck->valueInt('total') > 0) { $Qdelete = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id and products_id not in :products_id'); $Qdelete->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qdelete->bindInt(':customers_id', $lC_Customer->getID()); $Qdelete->bindRaw(':products_id', '(' . implode(',', $products_parsed) . ')'); $Qdelete->execute(); if ($Qdelete->affectedRows() > 0) { $updated = true; } } } } else { $Qcheck = $lC_Database->query('select count(*) as total from :table_products_notifications where customers_id = :customers_id'); $Qcheck->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qcheck->bindInt(':customers_id', $lC_Customer->getID()); $Qcheck->execute(); if ($Qcheck->valueInt('total') > 0) { $Qdelete = $lC_Database->query('delete from :table_products_notifications where customers_id = :customers_id'); $Qdelete->bindTable(':table_products_notifications', TABLE_PRODUCTS_NOTIFICATIONS); $Qdelete->bindInt(':customers_id', $lC_Customer->getID()); $Qdelete->execute(); if ($Qdelete->affectedRows() > 0) { $updated = true; } } } if ($updated === true) { $lC_MessageStack->add('account', $lC_Language->get('success_notifications_updated'), 'success'); } lc_redirect(lc_href_link(FILENAME_ACCOUNT, null, 'SSL')); }
protected function _process() { global $lC_MessageStack, $lC_Database, $lC_Language, $lC_Customer, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/account.php'); $data = array(); if (DISPLAY_PRIVACY_CONDITIONS == '1') { if (isset($_POST['privacy_conditions']) && ($_POST['privacy_conditions'] == '1' || $_POST['privacy_conditions'] == 'on')) { } else { $lC_MessageStack->add($this->_module, $lC_Language->get('error_privacy_statement_not_accepted')); } } if (ACCOUNT_GENDER >= 0) { if (isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f')) { $data['gender'] = $_POST['gender']; } else { $lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_gender_error')); } } if (isset($_POST['firstname']) && strlen(trim($_POST['firstname'])) >= ACCOUNT_FIRST_NAME) { $data['firstname'] = $_POST['firstname']; } else { $lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_first_name_error'), ACCOUNT_FIRST_NAME)); } if (isset($_POST['lastname']) && strlen(trim($_POST['lastname'])) >= ACCOUNT_LAST_NAME) { $data['lastname'] = $_POST['lastname']; } else { $lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_last_name_error'), ACCOUNT_LAST_NAME)); } if (isset($_POST['newsletter']) && $_POST['newsletter'] == '1') { $data['newsletter'] = 1; } else { $data['newsletter'] = ''; } if (ACCOUNT_DATE_OF_BIRTH == '1') { if (isset($_POST['dob']) && $_POST['dob'] != NULL) { $dateParts = explode("/", $_POST['dob']); } else { $dateParts = array($_POST['dob_days'], $_POST['dob_months'], $_POST['dob_years']); } if (isset($dateParts[1]) && isset($dateParts[0]) && isset($dateParts[2]) && checkdate($dateParts[0], $dateParts[1], $dateParts[2])) { $data['dob'] = @mktime(0, 0, 0, $dateParts[0], $dateParts[1], $dateParts[2]); } else { $lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_date_of_birth_error')); } } if (isset($_POST['email_address']) && strlen(trim($_POST['email_address'])) >= ACCOUNT_EMAIL_ADDRESS) { if (lc_validate_email_address($_POST['email_address'])) { if (lC_Account::checkDuplicateEntry($_POST['email_address']) === false) { $data['email_address'] = $_POST['email_address']; } else { $lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_email_address_exists_error')); } } else { $lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_email_address_check_error')); } } else { $lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS)); } if (isset($_POST['password']) === false || isset($_POST['password']) && strlen(trim($_POST['password'])) < ACCOUNT_PASSWORD) { $lC_MessageStack->add($this->_module, sprintf($lC_Language->get('field_customer_password_error'), ACCOUNT_PASSWORD)); } elseif (isset($_POST['confirmation']) === false || isset($_POST['confirmation']) && trim($_POST['password']) != trim($_POST['confirmation'])) { $lC_MessageStack->add($this->_module, $lC_Language->get('field_customer_password_mismatch_with_confirmation')); } else { $data['password'] = $_POST['password']; } if ($lC_MessageStack->size($this->_module) === 0) { if (lC_Account::createEntry($data)) { $lC_MessageStack->add('create', $lC_Language->get('success_account_updated'), 'success'); } // added to redirect to keep customer in checkout stream foreach ($_SESSION['lC_NavigationHistory_data'] as $data) { foreach ($data as $page) { foreach ($page as $key => $value) { if ($key == 'shipping') { $checkout = true; } } } } if ($checkout == true) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping&account_created=true', 'SSL')); } else { lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'create=success', 'SSL')); } } }
public function lC_Checkout_Confirmation() { global $lC_Session, $lC_Services, $lC_Language, $lC_ShoppingCart, $lC_Customer, $lC_MessageStack, $lC_NavigationHistory, $lC_Breadcrumb, $lC_Payment, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/address_book.php'); if ($lC_Customer->isLoggedOn() === false) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } if ($lC_ShoppingCart->hasContents() === false) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL')); } // if no shipping method has been selected, redirect the customer to the shipping method selection page if ($lC_ShoppingCart->hasShippingAddress() == false) { if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') { } else { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL')); } } include $lC_Vqmod->modCheck('includes/classes/order.php'); $this->_page_title = $lC_Language->get('confirmation_heading'); $lC_Language->load('order'); if ($lC_Services->isStarted('breadcrumb')) { $lC_Breadcrumb->add($lC_Language->get('breadcrumb_checkout_confirmation'), lc_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL')); } // added due to bootstrap not having order comments before confirmation page $_POST['comments'] = $_POST['comments']; //////////////////////////////////////////// if (isset($_POST['comments']) && isset($_SESSION['comments']) && empty($_POST['comments'])) { unset($_SESSION['comments']); } elseif (!empty($_POST['comments'])) { $_SESSION['comments'] = lc_sanitize_string($_POST['comments']); } if (isset($_POST['po_number']) && isset($_SESSION['po_number']) && empty($_POST['po_number'])) { unset($_SESSION['po_number']); } elseif (!empty($_POST['po_number'])) { $_SESSION['po_number'] = lc_sanitize_string($_POST['po_number']); } // added for payment terms if (isset($_POST['payment_terms']) && empty($_POST['payment_terms']) === false) { $_SESSION['payment_terms'] = $_POST['payment_terms']; } // load the selected payment module include $lC_Vqmod->modCheck('includes/classes/payment.php'); $lC_Payment = new lC_Payment(isset($_POST['payment_method']) ? $_POST['payment_method'] : $lC_ShoppingCart->getBillingMethod('id')); if (isset($_POST['payment_method'])) { $lC_ShoppingCart->setBillingMethod(array('id' => $_POST['payment_method'], 'title' => $GLOBALS['lC_Payment_' . $_POST['payment_method']]->getMethodTitle())); } if ($lC_Payment->hasActive() && (isset($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) === false || isset($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) && is_object($GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]) && $GLOBALS['lC_Payment_' . $lC_ShoppingCart->getBillingMethod('id')]->isEnabled() === false)) { $lC_MessageStack->add('checkout_payment', $lC_Language->get('error_no_payment_module_selected'), 'error'); } if (isset($_SESSION['SKIP_PAYMENT_PAGE']) && $_SESSION['SKIP_PAYMENT_PAGE'] == '1') { } else { if ($lC_MessageStack->size('checkout_payment') > 0) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } } if ($lC_Payment->hasActive()) { $lC_Payment->pre_confirmation_check(); } // Stock Check if (STOCK_CHECK == '1' && AUTODISABLE_OUT_OF_STOCK_PRODUCT == '1') { foreach ($lC_ShoppingCart->getProducts() as $product) { if (!$lC_ShoppingCart->isInStock($product['item_id'])) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'AUTO')); } } } }
public function lC_Checkout_Process() { global $lC_Session, $lC_ShoppingCart, $lC_Customer, $lC_NavigationHistory, $lC_Payment, $lC_Vqmod; require $lC_Vqmod->modCheck('includes/classes/address_book.php'); if (isset($_SESSION['PPEC_TOKEN']) && $_SESSION['PPEC_TOKEN'] != NULL && isset($_GET['token']) && $_GET['token'] == $_SESSION['PPEC_TOKEN']) { } else { if ($lC_Customer->isLoggedOn() === false) { $lC_NavigationHistory->setSnapshot(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } if ($lC_ShoppingCart->hasContents() === false) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, null, 'SSL')); } // added for removal of order comments from shipping and payment pages and placed on confirmation page only during checkout if (!empty($_POST['comments'])) { $_SESSION['comments'] = lc_sanitize_string($_POST['comments']); } // if no shipping method has been selected, redirect the customer to the shipping method selection page if ($lC_ShoppingCart->hasShippingMethod() === false && $lC_ShoppingCart->getContentType() != 'virtual') { if (defined('SKIP_CHECKOUT_SHIPPING_PAGE') && SKIP_CHECKOUT_SHIPPING_PAGE == '1') { } else { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL')); } } // load selected payment module include $lC_Vqmod->modCheck('includes/classes/payment.php'); /*VQMOD-003*/ if (isset($_SESSION['PPEC_TOKEN']) && $_SESSION['PPEC_TOKEN'] != NULL && isset($_GET['token']) && $_GET['token'] == $_SESSION['PPEC_TOKEN']) { $lC_Payment = new lC_Payment($lC_ShoppingCart->getBillingMethod('id')); //$lC_ShoppingCart->setBillingMethod(array('id' => 'paypal_adv', 'title' => $GLOBALS['lC_Payment_paypal_adv']->getMethodTitle())); if (isset($_SESSION['cartSync']['cartID']) && $_SESSION['cartSync']['cartID'] != NULL) { $_SESSION['cartID'] = $_SESSION['cartSync']['cartID']; $_SESSION['prepOrderID'] = $_SESSION['cartSync']['prepOrderID']; } } else { if (isset($_SESSION['cartSync']['paymentMethod']) && $_SESSION['cartSync']['paymentMethod'] != NULL) { $lC_Payment = new lC_Payment($_SESSION['cartSync']['paymentMethod']); $lC_ShoppingCart->setBillingMethod(array('id' => $_SESSION['cartSync']['paymentMethod'], 'title' => $GLOBALS['lC_Payment_' . $_SESSION['cartSync']['paymentMethod']]->getMethodTitle())); } else { $lC_Payment = new lC_Payment($lC_ShoppingCart->getBillingMethod('id')); } } if ($lC_Payment->hasActive() && $lC_ShoppingCart->hasBillingMethod() === false) { lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } include $lC_Vqmod->modCheck('includes/classes/order.php'); $lC_Payment->process(); $lC_ShoppingCart->reset(true); // unregister session variables used during checkout if (isset($_SESSION['comments'])) { unset($_SESSION['comments']); } if (isset($_SESSION['cartSync'])) { unset($_SESSION['cartSync']); } /*VQMOD-004*/ if (isset($_SESSION['PPEC_TOKEN'])) { unset($_SESSION['PPEC_TOKEN']); } if (isset($_SESSION['PPEC_PROCESS'])) { unset($_SESSION['PPEC_PROCESS']); } if (isset($_SESSION['PPEC_PAYDATA'])) { unset($_SESSION['PPEC_PAYDATA']); } if (isset($_SESSION['this_handling'])) { unset($_SESSION['this_handling']); } if (isset($_SESSION['this_payment'])) { unset($_SESSION['this_payment']); } if (isset($_SESSION['SelectedShippingMethodCost'])) { unset($_SESSION['SelectedShippingMethodCost']); } lc_redirect(lc_href_link(FILENAME_CHECKOUT, 'success', 'SSL')); }