function checkacc($customers_email, $customers_password, $username, $password, $database, $configValues)
{
if (strlen($_SESSION['customer_ip']) < 7) {
//$ip = $HTTP_SERVER_VARS["REMOTE_ADDR"];
$ip = $_SERVER['REMOTE_ADDR'];
$_SESSION['customer_ip'] = $ip;
}
$ip = $_SESSION['customer_ip'];
//echo "ip = $ip <br>";
// set all defaults for not logged in
$_SESSION['loggedin'] = 0;
$_SESSION['promotion'] = 0;
$_SESSION['customers_email'] = $customers_email;
$_SESSION['customers_password'] = $customers_password;
$_SESSION['login_date_time'] = date("F j, Y, g:i a");
$_SESSION['login_timestamp'] = time();
$_SESSION['bytesleft'] = 0;
// check freenet user name
$mysql = new_mysql($username, $password, $database, "localhost");
$query = "SELECT * FROM customers WHERE customers_email_address='{$customers_email}'";
$result = get_query($query, $mysql);
if ($result == 0) {
//echo "<br> Failed Freenet user not fount <br>";
mysql_close();
$_SESSION['code'] = 0;
return 0;
}
// check freenet password and collect needed user info
$i = 0;
$first = mysql_result($result, $i, "customers_firstname");
$_SESSION['firstname'] = $first;
$email = mysql_result($result, $i, "customers_email_address");
$expire = mysql_result($result, $i, "customers_date_account_expires");
$_SESSION['expire'] = $expire;
$strlen = strlen($expire);
$cust_password = mysql_result($result, $i, "customers_password");
$pass = strcmp($cust_password, $customers_password);
if ($pass != 0) {
// echo "<br> Failed user name (email) not found in database <br>";
mysql_close();
$_SESSION['code'] = -1;
return -1;
}
// check to see if customer has an IP address set in mysql records
// if not make sure they don't already have an account as someone else
// if no records with this ip then update there ip address in customer account
$cust_ip_address = mysql_result($result, $i, "customers_ip_address");
$strlen = strlen($cust_ip_address);
// echo "strlen = $strlen <br>";
if (strlen($cust_ip_address) == 0) {
$cust_ip_address = $_SESSION['customer_ip'];
if (strlen($cust_ip_address) < 7) {
// invalid ip address given to check
$_SESSION['code'] = -5;
return 5;
}
// $cust_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
// echo " ip = $cust_ip_address <br>";
$query = "SELECT * FROM customers WHERE customers_ip_address='{$cust_ip_address}'";
$result = get_query($query, $mysql);
if ($result != 0) {
// sorry they already have an account they will have to update the other one
mysql_close();
$_SESSION['code'] = -3;
return -3;
}
$query = "UPDATE customers SET customers_ip_address='{$cust_ip_address}' WHERE customers_email_address='{$customers_email}'";
get_query($query, $mysql);
}
$expire = update_account($customers_email, $mysql, $configValues);
// check if account time window expired
$timenow = time();
if ($timenow > $expire) {
// time window has expired so
// set code account expired and return -2
$_SESSION['code'] = -2;
return -2;
}
// successfull login
$expire = date("F j, Y, g:i a", $expire);
$_SESSION['expire'] = $expire;
//echo "<b>firstname: $first <br>E-mail: $email<br>Account will expires on: $expire <br><hr><br>";
//echo "<br> cust_password = $cust_password customers_password = $customers_password <br>";
//echo "<br> timenow = $timenow <br>";
$_SESSION['code'] = 1;
$_SESSION['loggedin'] = 1;
mysql_close();
return 1;
}
if ($gender == 'm') {
$email_text = sprintf(EMAIL_GREET_MR, $lastname);
} else {
$email_text = sprintf(EMAIL_GREET_MS, $lastname);
}
} else {
$email_text = sprintf(EMAIL_GREET_NONE, $firstname);
}
$email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
// added by scotty to enable ip of customer if no duplicate ip seen (hacker making 2 accounts)
// so they won't have to login after a new account created.
mysql_close();
$remote_addr = $HTTP_SERVER_VARS["REMOTE_ADDR"];
//$mysql = new_mysql($username,$password,$database,"localhost");
$mysql = new_mysql($mysql_username, $mysql_password, $mysql_database, $mysql_hostname);
if (check_user_already($email_address, $remote_addr, $mysql) == 1) {
$expire = update_account($email_address, $remote_addr, $mysql, $configValues);
$timenow = time();
if ($timenow < $expire) {
ip_enable($HTTP_SERVER_VARS["REMOTE_ADDR"]);
}
}
mysql_close();
tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL'));
}
}
$breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL'));
require DIR_WS_INCLUDES . 'template_top.php';
require 'includes/form_check.js.php';
?>
<br><br>
<?php
if ($global['global_product_notifications'] != '1') {
echo TEXT_NOTIFY_PRODUCTS . '<br><p class="productsNotifications">';
$products_displayed = array();
for ($i = 0, $n = sizeof($products_array); $i < $n; $i++) {
if (!in_array($products_array[$i]['id'], $products_displayed)) {
echo tep_draw_checkbox_field('notify[]', $products_array[$i]['id']) . ' ' . $products_array[$i]['text'] . '<br>';
$products_displayed[] = $products_array[$i]['id'];
}
}
echo '</p>';
} else {
echo TEXT_SEE_ORDERS . '<br><br>' . TEXT_CONTACT_STORE_OWNER;
}
$mysql = new_mysql($username, $password, $database, "localhost");
$emailaddress = GetEmailAddress((int) $customer_id, $mysql);
if (strcmp($emailaddress, "nul") != 0) {
$ExpireDate = date(" d M Y g:i:sA ", update_account($emailaddress, $HTTP_SERVER_VARS["REMOTE_ADDR"], $mysql, $configValues));
ip_enable($HTTP_SERVER_VARS["REMOTE_ADDR"]);
$emailaddress = $emailaddress . " ok";
}
//$ExpireDate = GetExpireDate((int)$customer_id,$mysql);
mysql_close($mysql);
?>
<h3><?php
echo TEXT_THANKS_FOR_SHOPPING . '<br> your IP address: ' . $HTTP_SERVER_VARS["REMOTE_ADDR"] . ' <br> for email: ' . $emailaddress . '<br> New Expire Date: ' . $ExpireDate;
?>
</h3></td>
</tr>
</table></td>
