public function login($login_name, $password, $override = false)
{
$type = getLoginType($login_name);
//email or telephone or username
if (!$type) {
return false;
}
if ($override) {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE `" . $type . "` = '" . $this->db->escape($login_name) . "' AND status = '1'");
} else {
//$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE `" . $type . "` = '" . $this->db->escape($login_name) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '******') AND status = '1' AND approved = '1'");
$customer_query = $customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE `" . $type . "` = '" . $this->db->escape($login_name) . "' AND `" . $type . "` <>'' AND status = '1'");
if ($customer_query->num_rows > 0) {
$data = array();
$data['username'] = $customer_query->row['username'];
$data['salt'] = $customer_query->row['salt'];
$data['date_added'] = $customer_query->row['date_added'];
$data['password'] = $password;
$password_md5 = user_password($data);
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE `" . $type . "` = '" . $this->db->escape(utf8_strtolower($login_name)) . "' AND password = '******' AND status = '1' AND approved = '1'");
}
}
if ($customer_query->num_rows) {
$this->session->data['customer_id'] = $customer_query->row['customer_id'];
if ($customer_query->row['cart'] && is_string($customer_query->row['cart'])) {
$cart = unserialize($customer_query->row['cart']);
foreach ($cart as $key => $value) {
if (!array_key_exists($key, $this->session->data['cart'])) {
$this->session->data['cart'][$key] = $value;
} else {
$this->session->data['cart'][$key] += $value;
}
}
}
if ($customer_query->row['wishlist'] && is_string($customer_query->row['wishlist'])) {
if (!isset($this->session->data['wishlist'])) {
$this->session->data['wishlist'] = array();
}
$wishlist = unserialize($customer_query->row['wishlist']);
foreach ($wishlist as $product_id) {
if (!in_array($product_id, $this->session->data['wishlist'])) {
$this->session->data['wishlist'][] = $product_id;
}
}
}
$this->customer_id = $customer_query->row['customer_id'];
$this->username = $customer_query->row['username'];
$this->fullname = $customer_query->row['fullname'];
$this->email = $customer_query->row['email'];
$this->telephone = $customer_query->row['telephone'];
$this->fax = $customer_query->row['fax'];
$this->newsletter = $customer_query->row['newsletter'];
$this->customer_group_id = $customer_query->row['customer_group_id'];
$this->address_id = $customer_query->row['address_id'];
$this->db->query("UPDATE " . DB_PREFIX . "customer SET ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE customer_id = '" . (int) $this->customer_id . "'");
return true;
} else {
return false;
}
}
public function getCustomerByLoginName($login_name)
{
$type = getLoginType($login_name);
//email or telephone or username
if (!$type) {
return false;
}
$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE `" . $type . "` = '" . $this->db->escape($login_name) . "'");
return $query->row;
}
