コード例 #1
0
  if (!empty($action)) {
    switch ($action) {
       case 'setflag':
        if ( ($_GET['loginflag'] == '0') || ($_GET['loginflag'] == '1') ) {
          if (isset($_GET['cID'])) {
            oos_set_customer_login($_GET['cID'], $_GET['loginflag']);
            if ($_GET['loginflag'] == '1') {
              $customerstable = $oostable['customers'];
              $sql = "SELECT customers_firstname, customers_lastname, customers_gender, customers_email_address
                      FROM $customerstable
                      WHERE customers_id = '" . oos_db_input($_GET['cID']) . "'";
               $check_customer = $dbconn->Execute($sql);
               if ($check_customer->RecordCount()) {
                 $check_customer_values = $check_customer->fields;
                 // Crypted password mods - create a new password, update the database and mail it to them
                 $newpass = oos_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
                 $crypted_password = oos_encrypt_password($newpass);
                 $customerstable = $oostable['customers'];
                 $dbconn->Execute("UPDATE $customerstable SET customers_password = '******' WHERE customers_id = '" . $_GET['cID'] . "'");

                 $name = $check_customer_values['customers_firstname'] . " " . $check_customer_values['customers_lastname'];
                 if (ACCOUNT_GENDER == '1') {
                   if ($check_customer_values['customers_gender'] == 'm') {
                     $email_text = EMAIL_GREET_MR . $check_customer_values['customers_lastname'] . ', ' . "\n\n";
                   } else {
                     $email_text = EMAIL_GREET_MS . $check_customer_values['customers_lastname'] . ', ' . "\n\n";
                   }
                 } else {
                   $email_text = EMAIL_GREET_NONE;
                 }
                 $email_text .= EMAIL_WELCOME;
コード例 #2
0
        $news = ENTRY_NEWSLETTER_NO;
    }
    $oSmarty->assign('news', $news);
    $oSmarty->assign('newsletter_ids', array(0, 1));
    $oSmarty->assign('newsletter', array($aLang['entry_newsletter_no'], $aLang['entry_newsletter_yes']));
    $oSmarty->assign('oosPageHeading', $oSmarty->fetch($aOption['page_heading']));
    $oSmarty->assign('contents', $oSmarty->fetch($aOption['template_main']));
    // display the template
    require 'includes/oos_display.php';
} else {
    $customer_max_order = DEFAULT_MAX_ORDER;
    $customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
    $time = mktime();
    $wishlist_link_id = '';
    for ($x = 3; $x < 10; $x++) {
        $wishlist_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
    }
    $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_status' => $customers_status, 'customers_login' => 1, 'customers_max_order' => $customer_max_order, 'customers_password' => oos_encrypt_password($password), 'customers_wishlist_link_id' => $wishlist_link_id, 'customers_default_address_id' => 1);
    if (ACCOUNT_GENDER == '1') {
        $sql_data_array['customers_gender'] = $gender;
    }
    if (ACCOUNT_NUMBER == '1') {
        $sql_data_array['customers_number'] = $number;
    }
    if (ACCOUNT_DOB == '1') {
        $sql_data_array['customers_dob'] = oos_date_raw($dob);
    }
    if (ACCOUNT_VAT_ID == '1') {
        $sql_data_array['customers_vat_id'] = $vat_id;
        if (ACCOUNT_COMPANY_VAT_ID_CHECK == '1' && $vatid_check_error === false) {
            $sql_data_array['customers_vat_id_status'] = 1;
コード例 #3
0
 function generate_cart_id($length = 5)
 {
     return oos_create_random_value($length, 'digits');
 }
コード例 #4
0
/**
 * This function inserts the default data on new installs
 */
function oosInputData($gender, $firstname, $name, $pwd, $repeatpwd, $email, $phone, $fax, $prefix_table, $update)
{
    global $currentlang, $db, $update;
    echo '<font class="oos-title">' . INPUT_DATA . '</font>';
    echo '<table align="center"><tr><td align="left">';
    if (!$prefix_table == '') {
        $prefix_table = $prefix_table . '_';
    }
    // Put basic information in first
    $today = date("Y-m-d H:i:s");
    require 'newdata.php';
    $owp_pwd = oos_encrypt_password($pwd);
    include_once 'newconfigdata.php';
    $admin_groups_id = '1';
    $sql = "INSERT INTO " . $prefix_table . "admin\n            (admin_groups_id,\n             admin_gender,\n             admin_firstname,\n             admin_lastname,\n             admin_email_address,\n             admin_telephone,\n             admin_fax,\n             admin_password,\n             admin_created)\n             VALUES (" . $db->qstr($admin_groups_id) . ',' . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($email) . ',' . $db->qstr($phone) . ',' . $db->qstr($fax) . ',' . $db->qstr($owp_pwd) . ',' . $db->DBTimeStamp($today) . ")";
    $result = $db->Execute($sql);
    if ($result === false) {
        echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
    } else {
        echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'admin&nbsp;' . UPDATED . '</font>';
    }
    $login = '******';
    $status = '1';
    $max_order = '800';
    $default_address = '1';
    $logs = 0;
    $time = mktime();
    $wishlist_link_id = '';
    for ($x = 3; $x < 10; $x++) {
        $wishlist_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
    }
    $sql = "INSERT INTO " . $prefix_table . "customers\n            (customers_gender,\n             customers_firstname,\n             customers_lastname,\n             customers_email_address,\n             customers_telephone,\n             customers_fax,\n             customers_status,\n             customers_login,\n             customers_max_order,\n             customers_password,\n             customers_wishlist_link_id,\n             customers_default_address_id)\n             VALUES (" . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($email) . ',' . $db->qstr($phone) . ',' . $db->qstr($fax) . ',' . $db->qstr($status) . ',' . $db->qstr($login) . ',' . $db->qstr($max_order) . ',' . $db->qstr($owp_pwd) . ',' . $db->qstr($wishlist_link_id) . ',' . $db->qstr($default_address) . ")";
    $result = $db->Execute($sql);
    if ($result === false) {
        echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
    } else {
        echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'customers&nbsp;' . UPDATED . '</font>';
    }
    $customer_id = $db->Insert_ID();
    $book_id = 1;
    $country = 81;
    $zone_id = 88;
    $sStr = '0';
    $sql = "INSERT INTO " . $prefix_table . "address_book\n            (customers_id,\n             address_book_id,\n             entry_gender,\n             entry_firstname,\n             entry_lastname,\n               entry_street_address,\n               entry_postcode,\n               entry_city,\n             entry_country_id,\n             entry_zone_id)\n             VALUES (" . $db->qstr($customer_id) . ',' . $db->qstr($book_id) . ',' . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($name) . ',' . $db->qstr($sStr) . ',' . $db->qstr($sStr) . ',' . $db->qstr($sStr) . ',' . $db->qstr($country) . ',' . $db->qstr($zone_id) . ")";
    $result = $db->Execute($sql);
    if ($result === false) {
        echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
    } else {
        echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'address_book&nbsp;' . UPDATED . '</font>';
    }
    $sql = "INSERT INTO " . $prefix_table . "customers_info\n           (customers_info_id,\n            customers_info_number_of_logons,\n            customers_info_date_account_created) VALUES (" . $db->qstr($customer_id) . ',' . $db->qstr($logs) . ',' . $db->DBTimeStamp($today) . ")";
    $result = $db->Execute($sql);
    if ($result === false) {
        echo '<br /><img src="images/no.gif" alt="" border="0" align="absmiddle"><font class="oos-error">' . $db->ErrorMsg() . NOTMADE . '</font>';
    } else {
        echo '<br /><img src="images/yes.gif" alt="" border="0" align="absmiddle"> <font class="oos-title">' . $prefix_table . 'customers_info&nbsp;' . UPDATED . '</font>';
    }
    echo '</td></tr></table>';
}
コード例 #5
0
    if ($log_times >= 4) {
      $_SESSION['password_forgotten'] = 'password';
    }

// Check if email exists
    $admintable = $oostable['admin'];
    $check_admin_result = $dbconn->Execute("SELECT admin_id as check_id, admin_firstname as check_firstname, admin_lastname as check_lastname, admin_email_address as check_email_address FROM $admintable WHERE admin_email_address = '" . oos_db_input($email_address) . "'");
    if (!$check_admin_result->RecordCount()) {
      $login = '******';
    } else {
      $check_admin = $check_admin_result->fields;
      if ($check_admin['check_firstname'] != $firstname) {
        $login = '******';
      } else {
        $login = '******';
        $make_password = oos_create_random_value(7);
        $crypted_password = oos_encrypt_password($make_password);

        oos_mail($check_admin['check_firstname'] . ' ' . $check_admin['admin_lastname'], $check_admin['check_email_address'], ADMIN_PASSWORD_SUBJECT, nl2br(sprintf(ADMIN_EMAIL_TEXT, $make_password)), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
        $admintable = $oostable['admin'];
        $dbconn->Execute("UPDATE $admintable
                          SET admin_password = '******'
                          WHERE admin_id = '" . oos_db_input($check_admin['check_id']) . "'");
      }
    }
  }
  require('includes/languages/' . $_SESSION['language'] . '/' . $aFilename['login']);

  if ($login == 'success') {
    $success_message = TEXT_FORGOTTEN_SUCCESS;
  } elseif ($login == 'fail') {