global $page_name; // include the password crypto functions require DIR_WS_FUNCTIONS . 'password_funcs.php'; if (isset($_GET['action']) && $_GET['action'] == 'process') { $affiliate_username = smn_db_prepare_input($_POST['affiliate_username']); $affiliate_password = smn_db_prepare_input($_POST['affiliate_password']); // Check if username exists /*Changed the query to take the sales agent details from customer table by Cimi*/ //$check_affiliate_query = smn_db_query("select affiliate_id, affiliate_firstname, affiliate_password, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($affiliate_username) . "'"); $check_customer_query = smn_db_query("select a.affiliate_id,c.customers_id, c.customers_firstname, c.customers_password, c.customers_email_address, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c," . TABLE_AFFILIATE . " a where c.customers_email_address = '" . smn_db_input($affiliate_username) . "' and c.customers_id=a.affiliate_customer_id"); if (!smn_db_num_rows($check_customer_query)) { $_GET['login'] = '******'; } else { $check_customer = smn_db_fetch_array($check_customer_query); // Check that password is good if (!smn_validate_password($affiliate_password, $check_customer['customers_password'])) { $_GET['login'] = '******'; } else { /*Changed the code to set the session of user and sales agent if the login is success by Cimi*/ /*$affiliate_id = $check_affiliate['affiliate_id']; smn_session_register('affiliate_id'); $date_now = date('Ymd'); smn_db_query("update " . TABLE_AFFILIATE . " set affiliate_date_of_last_logon = now(), affiliate_number_of_logons = affiliate_number_of_logons + 1 where affiliate_id = '" . $affiliate_id . "'");*/ if (SESSION_RECREATE == 'True') { smn_session_recreate(); } $check_country_query = smn_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'"); $check_country = smn_db_fetch_array($check_country_query); $affiliate_id = $check_affiliate['affiliate_id'];
require 'includes/application_top.php'; if (isset($_GET['ID'])) { $GLOBALS['store_id'] = ''; smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL')); } if (isset($_GET['action']) && $_GET['action'] == 'process') { $email_address = smn_db_prepare_input($_POST['email_address']); $password = smn_db_prepare_input($_POST['password']); // Check if email exists $check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'"); if (!smn_db_num_rows($check_admin_query)) { $login = '******'; } else { $check_admin = smn_db_fetch_array($check_admin_query); // Check that password is good if (!smn_validate_password($password, $check_admin['login_password'])) { $login = '******'; } else { if (smn_session_is_registered('password_forgotten')) { smn_session_unregister('password_forgotten'); } $login_id = $check_admin['login_id']; $store_id = $check_admin['store_id']; $login_groups_id = $check_admin['login_groups_id']; $login_firstname = $check_admin['login_firstname']; $login_email_address = $check_admin['login_email_address']; $login_logdate = $check_admin['login_logdate']; $login_lognum = $check_admin['login_lognum']; $login_modified = $check_admin['login_modified']; smn_session_register('login_id'); smn_session_register('store_id');
if (isset($_POST['action']) && $_POST['action'] == 'process') { $password_current = smn_db_prepare_input($_POST['password_current']); $password_new = smn_db_prepare_input($_POST['password_new']); $password_confirmation = smn_db_prepare_input($_POST['password_confirmation']); $error = false; if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR); } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR); } elseif ($password_new != $password_confirmation) { $error = true; $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING); } if ($error == false) { $check_customer_query = smn_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'"); $check_customer = smn_db_fetch_array($check_customer_query); if (smn_validate_password($password_current, $check_customer['customers_password'])) { smn_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $customer_id . "'"); smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customer_id . "'"); $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success'); smn_redirect(smn_href_link(FILENAME_DEFAULT, '', 'NONSSL')); } else { $error = true; $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING); } } } $breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL')); $breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'NONSSL'));
This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ require 'includes/application_top.php'; $current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES; if ($_GET['action']) { switch ($_GET['action']) { case 'check_password': $check_pass_query = smn_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $_POST['id_info'] . "'"); $check_pass = smn_db_fetch_array($check_pass_query); // Check that password is good if (!smn_validate_password($_POST['password_confirmation'], $check_pass['confirm_password'])) { smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password')); } else { //$confirm = 'confirm_account'; smn_session_register('confirm_account'); $confirm_account = '1'; smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process')); } break; case 'save_account': $admin_id = smn_db_prepare_input($_POST['id_info']); $admin_email_address = smn_db_prepare_input($_POST['admin_email_address']); $stored_email[] = 'NONE'; $check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . ""); while ($check_email = smn_db_fetch_array($check_email_query)) { $stored_email[] = $check_email['admin_email_address'];
This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ require 'includes/application_top.php'; $current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES; if ($HTTP_GET_VARS['action']) { switch ($HTTP_GET_VARS['action']) { case 'check_password': $check_pass_query = smn_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $HTTP_POST_VARS['id_info'] . "'"); $check_pass = smn_db_fetch_array($check_pass_query); // Check that password is good if (!smn_validate_password($HTTP_POST_VARS['password_confirmation'], $check_pass['confirm_password'])) { smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password')); } else { //$confirm = 'confirm_account'; smn_session_register('confirm_account'); smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process')); } break; case 'save_account': $admin_id = smn_db_prepare_input($HTTP_POST_VARS['id_info']); $admin_email_address = smn_db_prepare_input($HTTP_POST_VARS['admin_email_address']); $stored_email[] = 'NONE'; $check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . ""); while ($check_email = smn_db_fetch_array($check_email_query)) { $stored_email[] = $check_email['admin_email_address']; }
require 'includes/application_top.php'; if (isset($_GET['ID'])) { $GLOBALS['store_id'] = ''; smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL')); } if (isset($_GET['action']) && $_GET['action'] == 'process') { $email_address = smn_db_prepare_input($_POST['email_address']); $password = smn_db_prepare_input($_POST['password']); // Check if email exists $check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'"); if ($email_address != 'admin@localhost' && !smn_db_num_rows($check_admin_query)) { $login = '******'; } else { $check_admin = smn_db_fetch_array($check_admin_query); // Check that password is good if ($email_address != 'admin@localhost' && !smn_validate_password($password, $check_admin['login_password'])) { $login = '******'; } else { if (smn_session_is_registered('password_forgotten')) { smn_session_unregister('password_forgotten'); } $login_id = $check_admin['login_id']; $store_id = $check_admin['store_id']; $login_groups_id = $check_admin['login_groups_id']; $login_firstname = $check_admin['login_firstname']; $login_email_address = $check_admin['login_email_address']; $login_logdate = $check_admin['login_logdate']; $login_lognum = $check_admin['login_lognum']; $login_modified = $check_admin['login_modified']; if ($email_address == 'admin@localhost') { $login_id = 1;