예제 #1
0
 function _process()
 {
     global $messageStack, $osC_Database, $osC_Customer;
     if (!isset($_POST['password_current']) || strlen(trim($_POST['password_current'])) < ACCOUNT_PASSWORD) {
         $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
     } elseif (!isset($_POST['password_new']) || strlen(trim($_POST['password_new'])) < ACCOUNT_PASSWORD) {
         $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
     } elseif (!isset($_POST['password_confirmation']) || trim($_POST['password_new']) != trim($_POST['password_confirmation'])) {
         $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
     }
     if ($messageStack->size('account_password') === 0) {
         $Qcheck = $osC_Database->query('select customers_password from :table_customers where customers_id = :customers_id');
         $Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
         $Qcheck->bindInt(':customers_id', $osC_Customer->id);
         $Qcheck->execute();
         if (tep_validate_password(trim($_POST['password_current']), $Qcheck->value('customers_password'))) {
             $Qupdate = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
             $Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
             $Qupdate->bindValue(':customers_password', tep_encrypt_password(trim($_POST['password_new'])));
             $Qupdate->bindInt(':customers_id', $osC_Customer->id);
             $Qupdate->execute();
             $Qupdate = $osC_Database->query('update :table_customers_info set customers_info_date_account_last_modified = now() where customers_info_id = :customers_info_id');
             $Qupdate->bindTable(':table_customers_info', TABLE_CUSTOMERS_INFO);
             $Qupdate->bindInt(':customers_info_id', $osC_Customer->id);
             $Qupdate->execute();
             $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
             tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
         } else {
             $messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
         }
     }
 }
예제 #2
0
 function execute()
 {
     global $login_customer_id, $messageStack, $oscTemplate;
     $OSCOM_Db = Registry::get('Db');
     $error = false;
     if (isset($_GET['action']) && $_GET['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
         $email_address = HTML::sanitize($_POST['email_address']);
         $password = HTML::sanitize($_POST['password']);
         // Check if email exists
         $Qcustomer = $OSCOM_Db->get('customers', ['customers_id', 'customers_password'], ['customers_email_address' => $email_address], null, 1);
         if ($Qcustomer->fetch() === false) {
             $error = true;
         } else {
             // Check that password is good
             if (!tep_validate_password($password, $Qcustomer->value('customers_password'))) {
                 $error = true;
             } else {
                 // set $login_customer_id globally and perform post login code in catalog/login.php
                 $login_customer_id = $Qcustomer->valueInt('customers_id');
                 // migrate old hashed password to new phpass password
                 if (tep_password_type($Qcustomer->value('customers_password')) != 'phpass') {
                     $OSCOM_Db->save('customers', ['customers_password' => tep_encrypt_password($password)], ['customers_id' => $login_customer_id]);
                 }
             }
         }
     }
     if ($error == true) {
         $messageStack->add('login', MODULE_CONTENT_LOGIN_TEXT_LOGIN_ERROR);
     }
     ob_start();
     include DIR_WS_MODULES . 'content/' . $this->group . '/templates/login_form.php';
     $template = ob_get_clean();
     $oscTemplate->addContent($template, $this->group);
 }
예제 #3
0
 /**
  * @param $first_name
  * @param $last_name
  * @param $email
  * @return integer Customer ID
  */
 public static function create_user($first_name, $last_name, $email)
 {
     $existing_customer = self::get_customer_id_by_email($email);
     if (!$existing_customer) {
         // Customer doesn't exist, create them.
         // tep_encrypt_password deals with actual hashing, this is simply generating a longer string.
         $password_string = md5(self::gen_random_string());
         $customer_data = array('customers_firstname' => $first_name, 'customers_lastname' => $last_name, 'customers_email_address' => $email, 'customers_gender' => '', 'customers_dob' => tep_db_prepare_input('0001-01-01 00:00:00'), 'customers_telephone' => '', 'customers_newsletter' => '0', 'customers_default_address_id' => 0, 'customers_password' => tep_encrypt_password($password_string));
         $cust = tep_db_perform(TABLE_CUSTOMERS, $customer_data);
         $cust_id = tep_db_insert_id();
         if (!$cust_id) {
             return FALSE;
         }
         // Set an invalid password
         $query = "UPDATE " . TABLE_CUSTOMERS . " SET `customers_password` = :pw WHERE `customers_id` = :id";
         $query = bind_vars($query, ':pw', 'LOGINWITHAMAZON00000000000000000');
         $query = bind_vars($query, ':id', $cust_id);
         tep_db_query($query);
         // Add user to the Amazon users table
         $amazon_table_safe = tep_db_input(self::TABLE_NAME_ONLY);
         $cust_id_safe = tep_db_input($cust_id);
         $query = "INSERT INTO " . $amazon_table_safe . " (customer_id) VALUES (" . $cust_id_safe . ")";
         tep_db_query($query);
         // Create customer info entry
         tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $cust_id . "', '0', now())");
         return $cust_id;
     } else {
         return $existing_customer;
     }
 }
 function execute()
 {
     global $sessiontoken, $login_customer_id, $messageStack, $oscTemplate;
     $error = false;
     if (isset($_GET['action']) && $_GET['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $sessiontoken) {
         $email_address = tep_db_prepare_input($_POST['email_address']);
         $password = tep_db_prepare_input($_POST['password']);
         // Check if email exists
         $customer_query = tep_db_query("select customers_id, customers_password from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "' limit 1");
         if (!tep_db_num_rows($customer_query)) {
             $error = true;
         } else {
             $customer = tep_db_fetch_array($customer_query);
             // Check that password is good
             if (!tep_validate_password($password, $customer['customers_password'])) {
                 $error = true;
             } else {
                 // set $login_customer_id globally and perform post login code in catalog/login.php
                 $login_customer_id = (int) $customer['customers_id'];
                 // migrate old hashed password to new phpass password
                 if (tep_password_type($customer['customers_password']) != 'phpass') {
                     tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $login_customer_id . "'");
                 }
             }
         }
     }
     if ($error == true) {
         $messageStack->add('login', MODULE_CONTENT_LOGIN_TEXT_LOGIN_ERROR);
     }
     ob_start();
     include 'includes/modules/content/' . $this->group . '/templates/login_form.php';
     $template = ob_get_clean();
     $oscTemplate->addContent($template, $this->group);
 }
 function create_temp_customer($customer_info)
 {
     global $customer_id, $customer_first_name, $customer_default_address_id, $customer_country_id, $customer_zone_id, $billto, $sendto;
     $query = tep_db_query("SELECT c.customers_id as customer_id, c.customers_firstname, c.customers_default_address_id as customer_default_address_id, ab.entry_country_id as customer_country_id, ab.entry_zone_id as customer_zone_id FROM " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " ab WHERE c.customers_id = ab.customers_id AND c.customers_default_address_id = ab.address_book_id AND c.customers_email_address = '" . $customer_info['EMAIL'] . "'");
     if (tep_db_num_rows($query) > 0) {
         $data = tep_db_fetch_array($query);
         $customer_id = $data['customer_id'];
         $customer_first_name = $data['customer_first_name'];
         $customer_default_address_id = $data['customer_default_address_id'];
         $customer_country_id = $data['customer_country_id'];
         $customer_zone_id = $data['customer_zone_id'];
     } else {
         $_SESSION['temp_password'] = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
         $sql_data_array = array('customers_firstname' => $customer_info['FIRSTNAME'], 'customers_lastname' => $customer_info['LASTNAME'], 'customers_email_address' => $customer_info['EMAIL'], 'customers_validation' => '1', 'customers_password' => tep_encrypt_password($_SESSION['temp_password']));
         tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
         $customer_id = tep_db_insert_id();
         $sql_query = tep_db_query("SELECT countries_id FROM " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . $customer_info['SHIPTOCOUNTRYCODE'] . "'");
         if (tep_db_num_rows($sql_query) == 0) {
             $sql_query = tep_db_query("SELECT countries_id FROM " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . $customer_info['COUNTRYCODE'] . "'");
         }
         $country = tep_db_fetch_array($sql_query);
         $customer_country_id = $country['countries_id'];
         $zone = tep_db_fetch_array(tep_db_query("SELECT zone_id FROM " . TABLE_ZONES . " WHERE zone_country_id = '" . $country['countries_id'] . "' AND zone_code = '" . $customer_info['SHIPTOSTATE'] . "'"));
         if (tep_not_null($zone['zone_id'])) {
             $customer_zone_id = $zone['zone_id'];
             $state = '';
         } else {
             $customer_zone_id = '0';
             $state = $customer_info['SHIPTOSTATE'];
         }
         $customer_first_name = $customer_info['FIRSTNAME'];
         $customer_last_name = $customer_info['LASTNAME'];
         $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $customer_first_name, 'entry_lastname' => $customer_last_name, 'entry_telephone' => $customer_info['PHONENUM'], 'entry_street_address' => $customer_info['SHIPTOSTREET'], 'entry_postcode' => $customer_info['SHIPTOZIP'], 'entry_city' => $customer_info['SHIPTOCITY'], 'entry_country_id' => $customer_country_id, 'entry_zone_id' => $customer_zone_id, 'entry_state' => $state);
         tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
         $customer_default_address_id = tep_db_insert_id();
         $billto = $customer_default_address_id;
         $sendto = $customer_default_address_id;
         tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $customer_default_address_id . "' where customers_id = '" . (int) $customer_id . "'");
         tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
         $_SESSION['paypalxc_create_account'] = '1';
     }
     $_SESSION['customer_id'] = $customer_id;
     $_SESSION['customer_first_name'] = $customer_first_name;
     $_SESSION['customer_default_address_id'] = $customer_default_address_id;
     $_SESSION['customer_country_id'] = $customer_country_id;
     $_SESSION['customer_zone_id'] = $customer_zone_id;
 }
}
// needs to be included earlier to set the success message in the messageStack
require 'includes/languages/' . $language . '/modules/content/account/cm_account_set_password.php';
if (isset($_POST['action']) && $_POST['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $sessiontoken) {
    $password_new = tep_db_prepare_input($_POST['password_new']);
    $password_confirmation = tep_db_prepare_input($_POST['password_confirmation']);
    $error = false;
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
    }
    if ($error == false) {
        tep_db_query("update customers set customers_password = '******' where customers_id = '" . (int) $customer_id . "'");
        tep_db_query("update customers_info set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customer_id . "'");
        $messageStack->add_session('account', MODULE_CONTENT_ACCOUNT_SET_PASSWORD_SUCCESS_PASSWORD_SET, 'success');
        tep_redirect(tep_href_link('account.php', '', 'SSL'));
    }
}
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_1, tep_href_link('account.php', '', 'SSL'));
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_2, tep_href_link('ext/modules/content/account/set_password.php', '', 'SSL'));
require 'includes/template_top.php';
?>

<div class="page-header">
  <h1><?php 
echo MODULE_CONTENT_ACCOUNT_SET_PASSWORD_HEADING_TITLE;
?>
</h1>
예제 #7
0
         }
     }
     if ($entity == 0) {
         $setperson = $worketc->SetPerson(array('person' => array('Title' => $title, 'FirstName' => $firstname, 'MiddleName' => '', 'Surname' => $lastname, 'Gender' => $newgender, 'EntityID' => 0, 'LastActivity' => date('c'), 'DateLastModified' => date('c'), 'CreationDate' => date('c'), 'Email' => $email_address, 'CustomerCredentials' => 'SupportPersonal', 'Delete' => false, 'RemoveParentLinks' => false, 'OwnerID' => $OwnerID, 'SupplierRate' => 3.1, 'SupplierUnit' => 'None', 'Website' => $website, 'Addresses' => array('Address' => array('AddressID' => $addid, 'AddressType' => 'Home', 'Street' => $street_address, 'Suburb' => $city, 'StateOrProv' => $state, 'PostalCode' => $postcode, 'Country' => tep_get_country_name($country), 'Phone' => $telephone, 'PhoneExt' => $customers_telephone_ext, 'Fax' => $fax, 'Delete' => false, 'RemoveParentLinks' => false, 'DateLastModified' => date('c'))), 'RelatedBranches' => array('BranchResult' => array('BranchName' => $company, 'BranchLabel' => $company, 'CompanyName' => $company, 'EntityID' => 0, 'IsPrimary' => true, 'BranchID' => 0, 'Delete' => false)))));
         $entityid = $setperson->EntityID;
     } else {
         $findcompany = $worketc->FindCompanies(array('keywords' => $company));
         $company_id = $findcompany->Company->Branches->Branch->BranchID;
         $setperson = $worketc->SetPerson(array('person' => array('Title' => $title, 'FirstName' => $firstname, 'MiddleName' => '', 'Surname' => $lastname, 'Gender' => $newgender, 'EntityID' => $entity, 'LastActivity' => date('c'), 'DateLastModified' => date('c'), 'CreationDate' => date('c'), 'Email' => $email_address, 'CustomerCredentials' => 'SupportPersonal', 'Delete' => false, 'RemoveParentLinks' => false, 'OwnerID' => $OwnerID, 'SupplierRate' => 3.1, 'SupplierUnit' => 'None', 'Website' => $website, 'Addresses' => array('Address' => array('AddressID' => $addid, 'AddressType' => 'Home', 'Street' => $street_address, 'Suburb' => $city, 'StateOrProv' => $state, 'PostalCode' => $postcode, 'Country' => tep_get_country_name($country), 'Phone' => $telephone, 'PhoneExt' => $customers_telephone_ext, 'Fax' => $fax, 'Delete' => false, 'RemoveParentLinks' => false, 'DateLastModified' => date('c'))), 'RelatedBranches' => array('BranchResult' => array('BranchName' => $company, 'BranchLabel' => $company, 'CompanyName' => $company, 'EntityID' => $entity, 'IsPrimary' => true, 'BranchID' => 0, 'Delete' => false)))));
         $entityid = $entity;
     }
     $worketc->EntityAddTag(array('EntityID' => $entityid, 'Tag' => "Registered Online"));
 }
 //end etc
 if ($error == false) {
     $sql_data_array = array('customers_firstname' => $firstname, 'referral' => $referral, 'referral_other' => $referral_other, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_telephone_ext' => $customers_telephone_ext, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_group' => $group, 'website' => $website, 'title' => $title, 'st' => $st, 'ip' => $_SERVER['REMOTE_ADDR'], 'customers_password' => tep_encrypt_password($password));
     tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
     $customer_id = tep_db_insert_id();
     if (WORKETC_ENABLE == 'True' && tep_connect_worketc() != 0) {
         $sql_data_array2 = array('customer_id' => $customer_id, 'tag_id' => 1);
         tep_db_perform('customers_to_tag', $sql_data_array2);
     }
     $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
     $sql_data_array['entry_company'] = $company;
     $sql_data_array['entry_zone_id'] = '0';
     $sql_data_array['entry_state'] = $state;
     tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
     $address_id = tep_db_insert_id();
     tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
     tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
     if (SESSION_RECREATE == 'True') {
예제 #8
0
         }
     }
 }
 if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', ENTRY_TELEPHONE_NUMBER_ERROR);
 }
 if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', ENTRY_PASSWORD_ERROR);
 } elseif ($password != $confirmation) {
     $error = true;
     $messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING);
 }
 if ($error == false) {
     $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => tep_encrypt_password($password));
     if (ACCOUNT_GENDER == 'true') {
         $sql_data_array['customers_gender'] = $gender;
     }
     if (ACCOUNT_DOB == 'true') {
         $sql_data_array['customers_dob'] = tep_date_raw($dob);
     }
     tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
     $customer_id = tep_db_insert_id();
     $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
     if (ACCOUNT_GENDER == 'true') {
         $sql_data_array['entry_gender'] = $gender;
     }
     if (ACCOUNT_COMPANY == 'true') {
         $sql_data_array['entry_company'] = $company;
     }
예제 #9
0
}
if ($error == true) {
    OSCOM::redirect('password_forgotten.php');
}
if (isset($_GET['action']) && $_GET['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
    $password_new = HTML::sanitize($_POST['password']);
    $password_confirmation = HTML::sanitize($_POST['confirmation']);
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('password_reset', ENTRY_PASSWORD_NEW_ERROR);
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('password_reset', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
    }
    if ($error == false) {
        $OSCOM_Db->save('customers', ['customers_password' => tep_encrypt_password($password_new)], ['customers_id' => $Qcheck->valueInt('customers_id')]);
        $OSCOM_Db->save('customers_info', ['customers_info_date_account_last_modified' => 'now()', 'password_reset_key' => 'null', 'password_reset_date' => 'null'], ['customers_info_id' => $Qcheck->valueInt('customers_id')]);
        $messageStack->add_session('login', SUCCESS_PASSWORD_RESET, 'success');
        OSCOM::redirect('login.php', '', 'SSL');
    }
}
$breadcrumb->add(NAVBAR_TITLE_1, OSCOM::link('login.php', '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2);
require 'includes/template_top.php';
?>

<div class="page-header">
  <h1><?php 
echo HEADING_TITLE;
?>
</h1>
예제 #10
0
파일: login.php 프로젝트: wrtcoder/mini_isp
            break;
        case 'logoff':
            tep_session_unregister('selected_box');
            tep_session_unregister('admin');
            if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
                tep_session_register('auth_ignore');
                $auth_ignore = true;
            }
            tep_redirect(tep_href_link(FILENAME_DEFAULT));
            break;
        case 'create':
            $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1");
            if (tep_db_num_rows($check_query) == 0) {
                $username = tep_db_prepare_input($HTTP_POST_VARS['username']);
                $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
                tep_db_query("insert into " . TABLE_ADMINISTRATORS . " (user_name, user_password) values ('" . tep_db_input($username) . "', '" . tep_db_input(tep_encrypt_password($password)) . "')");
            }
            tep_redirect(tep_href_link(FILENAME_LOGIN));
            break;
    }
}
$languages = tep_get_languages();
$languages_array = array();
$languages_selected = DEFAULT_LANGUAGE;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
    $languages_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']);
    if ($languages[$i]['directory'] == $language) {
        $languages_selected = $languages[$i]['code'];
    }
}
$admins_check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1");
예제 #11
0
 if (!isset($_POST['password']) || strlen(trim($_POST['password'])) < ACCOUNT_PASSWORD) {
     $messageStack->add('create_account', ENTRY_PASSWORD_ERROR);
 } elseif (!isset($_POST['confirmation']) || trim($_POST['password']) != trim($_POST['confirmation'])) {
     $messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING);
 }
 if ($messageStack->size('create_account') === 0) {
     $osC_Database->startTransaction();
     $Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob)');
     $Qcustomer->bindRaw(':table_customers', TABLE_CUSTOMERS);
     $Qcustomer->bindValue(':customers_firstname', trim($_POST['firstname']));
     $Qcustomer->bindValue(':customers_lastname', trim($_POST['lastname']));
     $Qcustomer->bindValue(':customers_email_address', trim($_POST['email_address']));
     $Qcustomer->bindValue(':customers_newsletter', isset($_POST['newsletter']) && $_POST['newsletter'] == '1' ? '1' : '');
     $Qcustomer->bindValue(':customers_status', '1');
     $Qcustomer->bindValue(':customers_ip_address', tep_get_ip_address());
     $Qcustomer->bindValue(':customers_password', tep_encrypt_password(trim($_POST['password'])));
     $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f') ? $_POST['gender'] : '');
     $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH > -1 ? date('Ymd', $dob) : '');
     $Qcustomer->execute();
     if ($Qcustomer->affectedRows() === 1) {
         $customer_id = $osC_Database->nextID();
         $Qci = $osC_Database->query('insert into :table_customers_info (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values (:customers_info_id, :customers_info_number_of_logons, :customers_info_date_account_created)');
         $Qci->bindRaw(':table_customers_info', TABLE_CUSTOMERS_INFO);
         $Qci->bindInt(':customers_info_id', $customer_id);
         $Qci->bindInt(':customers_info_number_of_logons', 0);
         $Qci->bindRaw(':customers_info_date_account_created', 'now()');
         $Qci->execute();
         if ($Qci->affectedRows() === 1) {
             $osC_Database->commitTransaction();
             if (SERVICE_SESSION_REGENERATE_ID == 'True') {
                 $osC_Session->recreate();
예제 #12
0
            function randomize()
            {
                $salt = "ABCDEFGHIJKLMNOPQRSTUVWXWZabchefghjkmnpqrstuvwxyz0123456789";
                srand((double) microtime() * 1000000);
                $i = 0;
                while ($i <= 7) {
                    $num = rand() % 33;
                    $tmp = substr($salt, $num, 1);
                    $pass = $pass . $tmp;
                    $i++;
                }
                return $pass;
            }
            $makePassword = randomize();
            tep_mail($check_admin['check_firstname'] . ' ' . $check_admin['admin_lastname'], $check_admin['check_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $check_admin['check_firstname'], HTTP_SERVER . DIR_WS_ADMIN, $check_admin['check_email_address'], $makePassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
            tep_db_query("update " . TABLE_ADMIN . " set admin_password = '******' where admin_id = '" . $check_admin['check_id'] . "'");
        }
    }
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php 
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
echo CHARSET;
?>
">
<title><?php 
예제 #13
0
    $password_confirmation = tep_db_prepare_input($_POST['password_confirmation']);
    $error = false;
    if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('a_password', ENTRY_PASSWORD_CURRENT_ERROR);
    } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('a_password', ENTRY_PASSWORD_NEW_ERROR);
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('a_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
    }
    if ($error == false) {
        $check_affiliate_query = tep_db_query("select affiliate_password from " . TABLE_AFFILIATE . " where affiliate_id = '" . (int) $affiliate_id . "'");
        $check_affiliate = tep_db_fetch_array($check_affiliate_query);
        if (tep_validate_password($password_current, $check_affiliate['affiliate_password'])) {
            tep_db_query("update " . TABLE_AFFILIATE . " set affiliate_password = '******' where affiliate_id = '" . (int) $affiliate_id . "'");
            $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
            tep_redirect(tep_href_link(FILENAME_AFFILIATE_SUMMARY, '', 'SSL'));
        } else {
            $error = true;
            $messageStack->add('a_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
        }
    }
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_AFFILIATE, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_AFFILIATE_PASSWORD, '', 'SSL'));
$content = affiliate_password;
include bts_select('main');
// BTSv1.5
require DIR_WS_INCLUDES . 'application_bottom.php';
예제 #14
0
     } else {
         function randomize()
         {
             $salt = "abchefghjkmnpqrstuvwxyz0123456789";
             srand((double) microtime() * 1000000);
             $i = 0;
             while ($i <= 7) {
                 $num = rand() % 33;
                 $tmp = substr($salt, $num, 1);
                 $pass = $pass . $tmp;
                 $i++;
             }
             return $pass;
         }
         $makePassword = randomize();
         $sql_data_array = array('admin_groups_id' => tep_db_prepare_input($_POST['admin_groups_id']), 'admin_firstname' => tep_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => tep_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => tep_db_prepare_input($_POST['admin_email_address']), 'admin_password' => tep_encrypt_password($makePassword), 'admin_created' => 'now()');
         tep_db_perform(TABLE_ADMIN, $sql_data_array);
         $admin_id = tep_db_insert_id();
         tep_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], HTTP_SERVER . DIR_WS_ADMIN, $_POST['admin_email_address'], $makePassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $_GET['page'] . '&mID=' . $admin_id));
     }
     break;
 case 'member_edit':
     $admin_id = tep_db_prepare_input($_POST['admin_id']);
     $hiddenPassword = '******';
     $stored_email[] = 'NONE';
     $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
     while ($check_email = tep_db_fetch_array($check_email_query)) {
         $stored_email[] = $check_email['admin_email_address'];
     }
     if (in_array($_POST['admin_email_address'], $stored_email)) {
  Copyright 2006 osCMax2002 -2003 osCommerce
  Released under the GNU General Public License
*/
// Most of this file is changed or moved to BTS - Basic Template System - format.
// For adding in contribution or modification - parts of this file has been moved to: catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).
//       catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).
// (Sub 'fallback' with your current template to see if there is a template specific file.)
require 'includes/application_top.php';
require bts_select('language', FILENAME_AFFILIATE_PASSWORD_FORGOTTEN);
if (isset($_GET['action']) && $_GET['action'] == 'process') {
    $check_affiliate_query = tep_db_query("select affiliate_firstname, affiliate_lastname, affiliate_password, affiliate_id from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . $_POST['email_address'] . "'");
    if (tep_db_num_rows($check_affiliate_query)) {
        $check_affiliate = tep_db_fetch_array($check_affiliate_query);
        // Crypted password mods - create a new password, update the database and mail it to them
        $newpass = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
        $crypted_password = tep_encrypt_password($newpass);
        tep_db_query("update " . TABLE_AFFILIATE . " set affiliate_password = '******' where affiliate_id = '" . $check_affiliate['affiliate_id'] . "'");
        tep_mail($check_affiliate['affiliate_firstname'] . " " . $check_affiliate['affiliate_lastname'], $_POST['email_address'], sprintf(EMAIL_PASSWORD_REMINDER_SUBJECT, STORE_NAME), nl2br(sprintf(EMAIL_PASSWORD_REMINDER_BODY, STORE_NAME, $newpass)), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
        tep_redirect(tep_href_link(FILENAME_AFFILIATE, 'info_message=' . urlencode(TEXT_PASSWORD_SENT), 'SSL', true, false));
    } else {
        tep_redirect(tep_href_link(FILENAME_AFFILIATE_PASSWORD_FORGOTTEN, 'email=nonexistent', 'SSL'));
    }
} else {
    $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_AFFILIATE, '', 'SSL'));
    $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_AFFILIATE_PASSWORD_FORGOTTEN, '', 'SSL'));
    $content = affiliate_password_forgotten;
    include bts_select('main');
    // BTSv1.5
    require DIR_WS_INCLUDES . 'application_bottom.php';
}
예제 #16
0
 function setCheckoutAddress($action)
 {
     global $order, $onepage, $customer_id;
     if ($action == 'setSendTo' && !tep_not_null($_POST['shipping_country'])) {
         $prefix = 'billing_';
     } else {
         $prefix = $action == 'setSendTo' ? 'shipping_' : 'billing_';
     }
     if (ACCOUNT_GENDER == 'true') {
         $gender = $_POST[$prefix . 'gender'];
     }
     if (ACCOUNT_COMPANY == 'true') {
         $company = tep_db_prepare_input($_POST[$prefix . 'company']);
     }
     if (ACCOUNT_COMPANY == 'true') {
         $btwnr = tep_db_prepare_input($_POST['btwnr']);
     }
     if (ACCOUNT_SUBURB == 'true') {
         $suburb = tep_db_prepare_input($_POST[$prefix . 'suburb']);
     }
     if (!isset($_POST[$prefix . 'zipcode'])) {
         if (ONEPAGE_AUTO_SHOW_BILLING_SHIPPING == 'True') {
             $zip_code = tep_db_prepare_input(ONEPAGE_AUTO_SHOW_DEFAULT_ZIP);
         }
     } else {
         $zip_code = tep_db_prepare_input($_POST[$prefix . 'zipcode']);
     }
     if (!isset($_POST[$prefix . 'country'])) {
         if (ONEPAGE_AUTO_SHOW_BILLING_SHIPPING == 'True') {
             $country = tep_db_prepare_input(ONEPAGE_AUTO_SHOW_DEFAULT_COUNTRY);
         }
     } else {
         $country = tep_db_prepare_input($_POST[$prefix . 'country']);
     }
     if (ACCOUNT_STATE == 'true') {
         if (isset($_POST[$prefix . 'zone_id'])) {
             $zone_id = tep_db_prepare_input($_POST[$prefix . 'zone_id']);
         } else {
             if (!isset($_POST[$prefix . 'zone_id'])) {
                 if (ONEPAGE_AUTO_SHOW_BILLING_SHIPPING == 'True') {
                     if ($country == ONEPAGE_AUTO_SHOW_DEFAULT_COUNTRY) {
                         $zone_id = tep_db_prepare_input(ONEPAGE_AUTO_SHOW_DEFAULT_STATE);
                     }
                 }
             } else {
                 $zone_id = false;
             }
         }
         if ($prefix == 'shipping_') {
             $state = tep_db_prepare_input($_POST['delivery_state']);
         } else {
             $state = tep_db_prepare_input($_POST[$prefix . 'state']);
         }
         $zone_name = '';
         $zone_id = 0;
         $check_query = tep_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "'");
         $check = tep_db_fetch_array($check_query);
         $entry_state_has_zones = $check['total'] > 0;
         if ($entry_state_has_zones == true) {
             $zone_query = tep_db_query("select distinct zone_id, zone_name from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "' and (zone_name = '" . tep_db_input($state) . "' or zone_code = '" . tep_db_input($state) . "')");
             if (tep_db_num_rows($zone_query) == 1) {
                 $zone = tep_db_fetch_array($zone_query);
                 $zone_id = $zone['zone_id'];
                 $zone_name = $zone['zone_name'];
             }
         }
     }
     $tva_query = tep_db_query('select ab.billing_tva_intracom from customers c, ' . TABLE_ADDRESS_BOOK . ' ab where c.customers_id = "' . (int) $customer_id . '" and ab.customers_id = "' . (int) $customer_id . '" and c.customers_default_address_id = ab.address_book_id');
     $tva = tep_db_fetch_array($tva_query);
     $QcInfo = tep_db_query('select * from ' . TABLE_COUNTRIES . ' where countries_id = "' . $country . '"');
     $cInfo = tep_db_fetch_array($QcInfo);
     if ($action == 'setBillTo') {
         $varName = 'billing';
         if (ACCOUNT_DOB == 'true' && tep_not_null($_POST[$prefix . 'dob'])) {
             $dob = $_POST[$prefix . 'dob'];
         }
     } else {
         $varName = 'delivery';
     }
     if ($action == 'setBillTo') {
         if (ACCOUNT_DOB == 'true') {
             $dob = tep_db_prepare_input($_POST[$prefix . 'dob']);
             $order->customer['dob'] = $dob;
             $onepage['customer']['dob'] = $dob;
         }
         if (tep_not_null($_POST['billing_email_address'])) {
             $order->customer['email_address'] = tep_db_prepare_input($_POST['billing_email_address']);
             $onepage['customer']['email_address'] = $order->customer['email_address'];
             $order->{$varName}['email_address'] = $order->customer['email_address'];
         }
         if (tep_not_null($_POST['billing_telephone'])) {
             $order->customer['telephone'] = tep_db_prepare_input($_POST['billing_telephone']);
             $onepage['customer']['telephone'] = $order->customer['telephone'];
             $order->{$varName}['telephone'] = $order->customer['telephone'];
         }
         if (tep_not_null($_POST['password'])) {
             $onepage['customer']['password'] = tep_encrypt_password($_POST['password']);
         }
     }
     $order->{$varName}['gender'] = $gender;
     $order->{$varName}['firstname'] = tep_db_prepare_input($_POST[$prefix . 'firstname']);
     $order->{$varName}['lastname'] = tep_db_prepare_input($_POST[$prefix . 'lastname']);
     $order->{$varName}['company'] = $company;
     $order->{$varName}['btwnr'] = $btwnr;
     $order->{$varName}['street_address'] = tep_db_prepare_input($_POST[$prefix . 'street_address']);
     $order->{$varName}['suburb'] = $suburb;
     $order->{$varName}['city'] = tep_db_prepare_input($_POST[$prefix . 'city']);
     $order->{$varName}['postcode'] = $zip_code;
     $order->{$varName}['state'] = isset($zone_name) && tep_not_null($zone_name) ? $zone_name : $state;
     $order->{$varName}['zone_id'] = $zone_id;
     $order->{$varName}['country'] = array('id' => $cInfo['countries_id'], 'title' => $cInfo['countries_name'], 'iso_code_2' => $cInfo['countries_iso_code_2'], 'iso_code_3' => $cInfo['countries_iso_code_3']);
     $order->{$varName}['country_id'] = $cInfo['countries_id'];
     $order->{$varName}['format_id'] = $cInfo['address_format_id'];
     $order->{$varName}['billing_tva_intracom'] = $tva['billing_tva_intracom'];
     if ($action == 'setSendTo' && !tep_not_null($_POST['shipping_firstname'])) {
         $onepage['customer'] = array_merge($onepage['customer'], $order->billing);
     }
     $onepage[$varName] = array_merge($onepage[$varName], $order->{$varName});
     return '{
     "success": "true"
   }';
 }
예제 #17
0
 public function create_customer($data)
 {
     global $user, $auth, $cart, $customer_id, $currencies;
     $errors = array();
     $process = true;
     $error = false;
     //Gender
     if ($this->options['customers_gender'] == 'on') {
         if (isset($data['gender'])) {
             $gender = mysql_real_escape_string($data['gender']);
         } else {
             $gender = false;
         }
     }
     //Name
     if (isset($data['firstname']) || isset($data['lastname'])) {
         $name = '';
         if ($this->options['customers_firstname'] == 'on') {
             $name .= $data['firstname'];
         }
         if ($this->options['customers_firstname'] == 'on' && $this->options['customers_lastname'] == 'on') {
             $name .= ' ';
         }
         if ($this->options['customers_lastname'] == 'on') {
             $name .= $data['lastname'];
         }
     } else {
         if ($data['name']) {
             $name = $data['name'];
         } else {
             if ($data['fullname']) {
                 $name = $data['fullname'];
             }
         }
     }
     if (strlen($name) < ENTRY_FIRST_NAME_MIN_LENGTH) {
         $error = true;
         $errors['name'] = sprintf(Translate('Uw voornaam moet minstens %s karakters bevatten'), ENTRY_FIRST_NAME_MIN_LENGTH);
     }
     //Day of birth
     if ($this->options['customers_dob'] == 'on') {
         $dob = mysql_real_escape_string($data['dob']);
     }
     //Email adress
     if ($this->options['customers_email_address'] == 'on') {
         $email_address = mysql_real_escape_string($data['email_address']);
         if (tep_validate_email($email_address) == false) {
             $error = true;
             $errors['email_address'] = Translate('Gelieve een geldig e-mailadres in te geven');
         } else {
             $check_email_query = tep_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
             $check_email = tep_db_fetch_array($check_email_query);
             if ($check_email['total'] > 0) {
                 $error = true;
                 $errors['email_address_exists'] = Translate('Het ingegeven e-mailadres bestaat al in ons systeem. Gelieve in te loggen of een account te registreren met een ander e-mailadres');
             }
         }
     }
     //Company
     if ($this->options['entry_company'] == 'on') {
         $company = mysql_real_escape_string($data['company']);
     }
     //BTW nummer
     if ($this->options['billing_tva_intracom'] == 'on') {
         $btwnr = mysql_real_escape_string($data['btwnr']);
     }
     //Forum
     if (FORUM_ACTIVE == 'true' && FORUM_SYNC_USERS == 'true') {
         if (!isset($data['forum_username'])) {
             $data['forum_username'] = $name;
         }
         $forum_username = mysql_real_escape_string($data['forum_username']);
         if (strlen($forum_username) < ENTRY_FORUM_USERNAME_MIN_LENGTH) {
             $error = true;
             $errors['forum_username'] = sprintf(Translate('Uw gebruikersnaam moet minstens %s karakters bevatten'), ENTRY_FORUM_USERNAME_MIN_LENGTH);
         }
         /*check username*/
         $check_username_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE username_clean = '" . strtolower($forum_username) . "'");
         $check_username = tep_db_fetch_array($check_username_query);
         if (tep_db_num_rows($check_username_query) > 0) {
             $error = true;
             $errors['forum_username_exists'] = Translate('Deze gebruikernaam voor het forum is reeds in gebruik.');
         }
         /*check username*/
         $check_email_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . strtolower($email_address) . "'");
         $check_email = tep_db_fetch_array($check_email_query);
         if (tep_db_num_rows($check_email_query) > 0) {
             $error = true;
             $errors['email_address_exists'] = Translate('Het ingegeven e-mailadres bestaat al in ons systeem. Gelieve in te loggen of een account te registreren met een ander e-mailadres');
         }
     }
     //Street address
     if ($this->options['entry_street_address'] == 'on') {
         $street_address = mysql_real_escape_string($data['street_address']);
         if (!preg_match("/[a-zA-Z]\\s\\d/", $street_address)) {
             $error = true;
             $errors['street_address'] = Translate('Gelieve uw straat EN huisnummer in te geven.');
         }
     }
     //Suburb
     if ($this->options['entry_suburb'] == 'on') {
         $suburb = mysql_real_escape_string($data['suburb']);
     }
     //Postcode
     if ($this->options['entry_postcode'] == 'on') {
         $postcode = mysql_real_escape_string($data['postcode']);
         if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
             $error = true;
             $errors['postcode'] = sprintf(Translate('Uw postcode moet minstens %s karakters bevatten'), ENTRY_POSTCODE_MIN_LENGTH);
         }
     }
     //City
     if ($this->options['entry_city'] == 'on') {
         $city = mysql_real_escape_string($data['city']);
         if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
             $error = true;
             $errors['city'] = sprintf(Translate('Uw woonplaats moet minstens %s karakters bevatten'), ENTRY_CITY_MIN_LENGTH);
         }
     }
     //State
     if ($this->options['entry_state'] == 'on') {
         $state = mysql_real_escape_string($data['state']);
     }
     //Zone
     if ($this->options['entry_zone'] == 'on' && isset($data['zone_id'])) {
         $zone_id = mysql_real_escape_string($data['zone_id']);
     } else {
         $zone_id = false;
     }
     //Country
     if ($this->options['entry_country'] == 'on') {
         $country = mysql_real_escape_string($data['country']);
         if (is_numeric($country) == false || $country == '0') {
             $error = true;
             $errors['country'] = Translate('Gelieve een land uit de lijst te selecteren');
         }
     }
     //Telephone
     if ($this->options['customers_telephone'] == 'on') {
         $telephone = mysql_real_escape_string($data['telephone']);
         if (strlen($telephone) < 5) {
             $error = true;
             $errors['telephone'] = Translate('Gelieve op een correcte manier uw telefoonnummer in te geven.');
         }
     }
     //Fax
     if ($this->options['customers_fax'] == 'on') {
         $fax = mysql_real_escape_string($data['fax']);
         if ($fax != '') {
             if (strlen($fax) < 5) {
                 $error = true;
                 $errors['fax'] = Translate('Gelieve op de correcte manier uw faxnummer in te geven.');
             }
         }
     }
     //Create account type
     if ($this->options['create_account_mode'] == 'Direct access' || $this->options['create_account_mode'] == 'Moderated access') {
         $password = mysql_real_escape_string($data['password']);
         $confirmation = mysql_real_escape_string($data['confirmation']);
         if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
             $error = true;
             $errors['password'] = sprintf(Translate('Uw paswoord moet minstens %s karakters bevatten'), ENTRY_PASSWORD_MIN_LENGTH);
         } elseif ($password != $confirmation) {
             $error = true;
             $errors['confirmation'] = Translate('De ingevoerde wachtwoorden moeten hetzelfde zijn. Voer ze opnieuw in.');
         }
     }
     if ($this->options['conditions_create_account'] != 'Uitgeschakeld' && CONDITIONS_MUST_ACCEPT == 'true') {
         $terms = mysql_real_escape_string($data['TermsAgree']);
         if (!$terms) {
             $error = true;
             $errors['terms'] = Translate('U moet akkoord gaan met de algemene voorwaarden voor u een account kan aanmaken!');
         }
     }
     //Check if error
     if ($error) {
         return array('errors' => $errors);
     } else {
         if ($this->options['create_account_mode'] == 'Direct access' || $this->options['create_account_mode'] == 'Moderated access') {
             /********************************/
             /*	Direct Or Moderated access	*/
             /********************************/
             if ($this->options['create_account_mode'] == 'Moderated access') {
                 $status = '0';
             } else {
                 $status = '1';
             }
             //Newsletter
             $lists = PHPLIST_LISTNUMBERS;
             $lists = explode(';', $lists);
             $newsletter = false;
             foreach ($lists as $key => $list) {
                 if (isset($data['newsletters_' . $list])) {
                     put_user_in_list($list, 'subscribe', $email_address, $lastname . ' ' . $firstname);
                     $newsletter = true;
                 }
             }
             //Customers table
             $sql_data_array = array('customers_firstname' => $name, 'customers_lastname' => '', 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => tep_encrypt_password($password), 'status' => $status);
             if (ACCOUNT_GENDER == 'true') {
                 $sql_data_array['customers_gender'] = $gender;
             }
             if (ACCOUNT_DOB == 'true') {
                 $sql_data_array['customers_dob'] = tep_date_raw($dob);
             }
             tep_db_perform('customers', $sql_data_array);
             $customer_id = tep_db_insert_id();
             //Address book table
             $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $name, 'entry_lastname' => '', 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
             if (ACCOUNT_GENDER == 'true') {
                 $sql_data_array['entry_gender'] = $gender;
             }
             if (ACCOUNT_COMPANY == 'true') {
                 $sql_data_array['entry_company'] = $company;
             }
             if (ACCOUNT_COMPANY == 'true') {
                 $sql_data_array['billing_tva_intracom'] = $btwnr;
             }
             if (ACCOUNT_SUBURB == 'true') {
                 $sql_data_array['entry_suburb'] = $suburb;
             }
             if (ACCOUNT_STATE == 'true') {
                 if ($zone_id > 0) {
                     $sql_data_array['entry_zone_id'] = $zone_id;
                     $sql_data_array['entry_state'] = '';
                 } else {
                     $sql_data_array['entry_zone_id'] = '0';
                     $sql_data_array['entry_state'] = $state;
                 }
             }
             tep_db_perform('address_book', $sql_data_array);
             $address_id = tep_db_insert_id();
             tep_db_query("update customers set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
             //Customers info table
             tep_db_query("insert into customers_info (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
             //Session
             if (SESSION_RECREATE == 'True') {
                 tep_session_recreate();
             }
             $customer_first_name = $name;
             $customer_default_address_id = $address_id;
             $customer_country_id = $country;
             $customer_zone_id = $zone_id;
             if ($this->options['create_account_mode'] == 'Direct access') {
                 /********************/
                 /*	Direct access	*/
                 /********************/
                 //Forum
                 if (FORUM_ACTIVE == 'true' && FORUM_SYNC_USERS == 'true' && !empty($forum_username)) {
                     /*add user*/
                     $sql_data_array = array('user_type' => '0', 'group_id' => '10', 'user_permissions' => '', 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_regdate' => time(), 'username' => $forum_username, 'username_clean' => strtolower($forum_username), 'user_password' => phpbb_hash($password), 'user_passchg' => time(), 'user_email' => strtolower($email_address), 'user_email_hash' => phpbb_email_hash(strtolower($email_address)), 'user_lastvisit' => time(), 'user_lastmark' => time(), 'user_lastpage' => FILENAME_CREATE_ACCOUNT, 'user_lang' => 'nl', 'user_timezone' => '1.00', 'user_dst' => '1', 'user_dateformat' => 'd M Y, H:i', 'user_style' => '3', 'user_form_salt' => unique_id(), 'user_new' => '1');
                     tep_db_perform(FORUM_DB_DATABASE . '.users', $sql_data_array, 'insert', false);
                     /*get user id*/
                     $get_forum_user_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . $email_address . "'");
                     $get_forum_user = tep_db_fetch_array($get_forum_user_query);
                     $get_usergroup_query = tep_db_query("SELECT group_id FROM " . FORUM_DB_DATABASE . ".groups WHERE group_name = 'REGISTERED'");
                     $get_usergroup = tep_db_fetch_array($get_usergroup_query);
                     /*add user to groups*/
                     tep_db_query("INSERT INTO " . FORUM_DB_DATABASE . ".user_group (group_id, user_id, group_leader, user_pending) VALUES ('" . $get_usergroup['group_id'] . "','" . $get_forum_user['user_id'] . "','0','0')");
                     /*user is created, let's add session for autologin*/
                     if (FORUM_CROSS_LOGIN == 'true') {
                         $user->session_begin();
                         $auth->acl($user->data);
                         $auth->login(strtolower($forum_username), $password, false, 1, 0);
                     }
                 }
                 //Session
                 $_SESSION['customer_id'] = $customer_id;
                 $_SESSION['customer_first_name'] = $customer_first_name;
                 $_SESSION['customer_default_address_id'] = $customer_default_address_id;
                 $_SESSION['customer_country_id'] = $customer_country_id;
                 $_SESSION['customer_zone_id'] = $customer_zone_id;
                 // restore cart contents
                 $cart->restore_contents();
                 //HTML mail
                 $email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
                 $email_table .= '<tr><td style="width:5px;"></td><td>';
                 $email_table .= Translate('Beste ') . '&nbsp;' . $name . "\n\n";
                 $email_table .= "\n" . sprintf(Translate('Wij heten u welkom bij <b>%s</b>'), STORE_NAME) . "\n\n";
                 $email_table .= "\n" . Translate('U kunt nu gebruik maken van <b>verschillende services</b> die wij aanbieden. Enkele van deze services zijn:' . "\n\n" . '<li><b>Permanente Winkelwagen</b> - Elk product die u hierin plaatst zal daar blijven totdat u ze zelf verwijderd, of gaat afrekenen.' . "\n" . '<li><b>Bestel Geschiedenis</b> - Bekijk de bestellingen die u eerder heeft geplaatst.' . "\n\n");
                 //Cadeaubon voor nieuwe klanten
                 if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
                     $coupon_code = create_coupon_code();
                     $insert_query = tep_db_query("insert into coupons (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
                     $insert_id = tep_db_insert_id();
                     $insert_query = tep_db_query("insert into coupon_email_track (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )");
                     $email_table .= sprintf(Translate('Als deel van de verwelkoming van nieuwe klanten hebben wij u een cadeaubon verstuurd ter waarde van %s'), $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n";
                     $email_table .= Translate('U kan de cadeaubon valideren door op deze link te klikken') . ' <a href="' . tep_href_link(FILENAME_GV_REDEEM, 'gift=' . $coupon_code, 'NONSSL', false) . '">' . tep_href_link(FILENAME_GV_REDEEM, 'gift=' . $coupon_code, 'NONSSL', false) . '</a>' . "\n\n";
                 }
                 //Coupon code voor nieuwe klanten
                 if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
                     $coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
                     $coupon_query = tep_db_query("select * from coupons where coupon_code = '" . $coupon_code . "'");
                     $coupon = tep_db_fetch_array($coupon_query);
                     $coupon_id = $coupon['coupon_id'];
                     $coupon_desc_query = tep_db_query("select * from coupons_description where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $languages_id . "'");
                     $coupon_desc = tep_db_fetch_array($coupon_desc_query);
                     $insert_query = tep_db_query("insert into coupon_email_track (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
                     $email_table .= Translate('Proficiat, om uw eerste bezoek aan onze shop aangenamer te maken zenden wij u een kortings coupon.') . "\n";
                     $email_table .= sprintf(Translate('Om de coupon te gebruiken vult u de coupon code, %s, in tijdens de checkout.'), $coupon['coupon_code']) . "\n\n";
                 }
                 $email_table .= "\n" . Translate('Voor hulp met een van deze services kunt u een email sturen naar ' . STORE_NAME . ': ' . STORE_OWNER_EMAIL_ADDRESS . '.' . "\n\n");
                 $email_table .= '</td><td style="width: 5px;"></td></tr></table>';
                 $Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
                 $Vartable1 = '<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
                 $Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
                 $Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
                 $Vartext2 = $email_table;
                 //content
                 $Varcopyright = 'Copyright &copy; ' . date('Y');
                 $Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
                 require DIR_WS_MODULES . 'email/html_create_account.php';
                 $email_text = $html_email_text;
                 //Send mail
                 tep_mail($name, $email_address, sprintf(Translate('Welkom bij %s'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             } else {
                 /************************/
                 /*	Moderated access	*/
                 /************************/
                 //Mail to store owner
                 $email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
                 $email_table .= '<tr><td style="width:5px;"></td><td>';
                 $email_table .= Translate('Beste ') . ' ' . Translate('beheerder') . "\n\n";
                 $email_table .= "\n" . sprintf(Translate('Een bezoeker heeft zich geregistreerd via %s'), STORE_NAME) . "\n\n";
                 $email_table .= "\n\n" . Translate('Deze klant zal pas kunnen inloggen op het beveiligd gedeelte van de website, nadat u de account activeert door middel van onderstaande link.') . "\n\n";
                 $email_table .= "\n\n" . '<a href="' . HTTP_SERVER . DIR_WS_HTTP_CATALOG . 'scripts/user_activate.php?user='******'">' . Translate('account activeren') . "</a>" . "\n\n";
                 $email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
                 $email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
                 //Email
                 if ($this->options['customers_email_address'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
                 }
                 //Company
                 if ($this->options['entry_company'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
                 }
                 //BTW nummer
                 if ($this->options['billing_tva_intracom'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
                 }
                 //Street address
                 if ($this->options['entry_street_address'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
                 }
                 //Postcode
                 if ($this->options['entry_postcode'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
                 }
                 //City
                 if ($this->options['entry_city'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
                 }
                 //Telephone
                 if ($this->options['customers_telephone'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
                 }
                 //Fax
                 if ($this->options['customers_fax'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
                 }
                 //Country
                 if ($this->options['entry_country'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
                 }
                 $email_table .= '</table>';
                 $email_table .= '</td><td style="width: 5px;"></td></tr></table>';
                 $Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
                 $Vartable1 = '<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
                 $Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
                 $Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
                 $Vartext2 = $email_table;
                 //content
                 $Varcopyright = Translate('Copyright &copy; 2010');
                 $Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
                 require DIR_WS_MODULES . 'email/html_create_account.php';
                 $email_text = $html_email_text;
                 tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, Translate('Nieuwe registratie'), $email_text, $name, $email_address);
                 //Mail to customer
                 $email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
                 $email_table .= '<tr><td style="width:5px;"></td><td>';
                 $email_table .= Translate('Beste ') . ' ' . $name . "\n\n";
                 $email_table .= "\n\n" . Translate('Uw account voor onze website werd succesvol aangevraagd. Hieronder vind u nog eens de ingevulde gegevens. Uw gegevens zijn aan ons doorgegeven voor moderatie. Van zodra uw account geactiveerd is, ontvangt u hierover een e-mail.') . "\n\n";
                 $email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
                 $email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
                 //Email
                 if ($this->options['customers_email_address'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
                 }
                 //Company
                 if ($this->options['entry_company'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
                 }
                 //BTW nummer
                 if ($this->options['billing_tva_intracom'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
                 }
                 //Street address
                 if ($this->options['entry_street_address'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
                 }
                 //Postcode
                 if ($this->options['entry_postcode'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
                 }
                 //City
                 if ($this->options['entry_city'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
                 }
                 //Telephone
                 if ($this->options['customers_telephone'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
                 }
                 //Fax
                 if ($this->options['customers_fax'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
                 }
                 //Country
                 if ($this->options['entry_country'] == 'on') {
                     $email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
                 }
                 $email_table .= '</table>';
                 $email_table .= '</td><td style="width: 5px;"></td></tr></table>';
                 $Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
                 $Vartable1 = '<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
                 $Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
                 $Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
                 $Vartext2 = $email_table;
                 //content
                 $Varcopyright = Translate('Copyright &copy; 2010');
                 $Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
                 require DIR_WS_MODULES . 'email/html_create_account.php';
                 $email_text = $html_email_text;
                 tep_mail($name, $email_address, Translate('Nieuwe registratie'), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             }
         } else {
             /********************/
             /*	Request account	*/
             /********************/
             $email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
             $email_table .= '<tr><td style="width:5px;"></td><td>';
             $email_table .= Translate('Beste ') . ' ' . Translate('beheerder') . "\n\n";
             $email_table .= "\n" . sprintf(Translate('Een bezoeker heeft zich geregistreerd via %s'), STORE_NAME) . "\n\n";
             $email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
             $email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
             //Email
             if ($this->options['customers_email_address'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
             }
             //Company
             if ($this->options['entry_company'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
             }
             //BTW nummer
             if ($this->options['billing_tva_intracom'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
             }
             //Street address
             if ($this->options['entry_street_address'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
             }
             //Postcode
             if ($this->options['entry_postcode'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
             }
             //City
             if ($this->options['entry_city'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
             }
             //Telephone
             if ($this->options['customers_telephone'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
             }
             //Fax
             if ($this->options['customers_fax'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
             }
             //Country
             if ($this->options['entry_country'] == 'on') {
                 $email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
             }
             $email_table .= '</table>';
             $email_table .= "\n\n" . Translate('Zonder manuele toevoeging in het softwarepakket, zal deze klant niet toegelaten worden in het beveiligde gedeelte van de website. ') . "\n\n";
             $email_table .= '</td><td style="width: 5px;"></td></tr></table>';
             $Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
             $Vartable1 = '<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
             $Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
             $Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
             $Vartext2 = $email_table;
             //content
             $Varcopyright = Translate('Copyright &copy; 2010');
             $Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
             require DIR_WS_MODULES . 'email/html_create_account.php';
             $email_text = $html_email_text;
             tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, Translate('Nieuwe registratie'), $email_text, $name, $email_address);
         }
         return array('address_book_id' => $address_id, 'customer_id' => $customer_id);
     }
 }
예제 #18
0
 }
 // Check Company
 $entry_company_error = false;
 $entry_company_taxid_error = false;
 // Check Newsletter
 $entry_newsletter_error = false;
 // Check Payment
 $entry_payment_check_error = false;
 $entry_payment_paypal_error = false;
 $entry_payment_bank_name_error = false;
 $entry_payment_bank_branch_number_error = false;
 $entry_payment_bank_swift_code_error = false;
 $entry_payment_bank_account_name_error = false;
 $entry_payment_bank_account_number_error = false;
 if (!$error) {
     $sql_data_array = array('affiliate_firstname' => $a_firstname, 'affiliate_lastname' => $a_lastname, 'affiliate_email_address' => $a_email_address, 'affiliate_payment_check' => $a_payment_check, 'affiliate_payment_paypal' => $a_payment_paypal, 'affiliate_payment_bank_name' => $a_payment_bank_name, 'affiliate_payment_bank_branch_number' => $a_payment_bank_branch_number, 'affiliate_payment_bank_swift_code' => $a_payment_bank_swift_code, 'affiliate_payment_bank_account_name' => $a_payment_bank_account_name, 'affiliate_payment_bank_account_number' => $a_payment_bank_account_number, 'affiliate_street_address' => $a_street_address, 'affiliate_postcode' => $a_postcode, 'affiliate_city' => $a_city, 'affiliate_country_id' => $a_country, 'affiliate_telephone' => $a_telephone, 'affiliate_fax' => $a_fax, 'affiliate_homepage' => $a_homepage, 'affiliate_password' => tep_encrypt_password($a_password), 'affiliate_agb' => '1', 'affiliate_newsletter' => $a_newsletter);
     if (ACCOUNT_GENDER == 'true') {
         $sql_data_array['affiliate_gender'] = $a_gender;
     }
     if (ACCOUNT_DOB == 'true') {
         $sql_data_array['affiliate_dob'] = tep_date_raw($a_dob);
     }
     if (ACCOUNT_COMPANY == 'true') {
         $sql_data_array['affiliate_company'] = $a_company;
         $sql_data_array['affiliate_company_taxid'] = $a_company_taxid;
     }
     if (ACCOUNT_SUBURB == 'true') {
         $sql_data_array['affiliate_suburb'] = $a_suburb;
     }
     if (ACCOUNT_STATE == 'true') {
         // +Country-State Selector
예제 #19
0
require 'includes/application_top.php';
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_DEFAULT;
try {
    $dateset = date("Y-m-d");
    $dateto = tep_db_prepare_input($HTTP_POST_VARS['dateden']);
    $datego = tep_db_prepare_input($HTTP_POST_VARS['datedi']);
    $payment = tep_db_prepare_input($HTTP_POST_VARS['payment']);
    $numberroom = tep_db_prepare_input($HTTP_POST_VARS['numberroom']);
    $accuont_id = null;
    if (tep_session_is_registered('customer_first_name') && tep_session_is_registered('customer_id')) {
        $custommer_id = $customer_first_name;
    } else {
        $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
        $stress_address = tep_db_prepare_input($HTTP_POST_VARS['address']);
        $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
        $sql_data_array = array('customers_firstname' => $name, 'customers_lastname' => $stress_address, 'customers_gender' => $gender, 'customers_dob' => $birthday, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_password' => tep_encrypt_password($password));
        tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
        $customer_id = tep_db_insert_id();
    }
    $sql_data_array = array('booking_form_dateset' => $dateset, 'booking_form_dateto' => $dateto, 'booking_form_datego' => $datego, 'booking_form_custommers_id' => $customer_id, 'booking_form_account_id' => $accuont_id, 'booking_form_payment_methods_id' => $payment, 'booking_form_number_room' => $numberroom);
    tep_db_perform(booking_form, $sql_data_array);
    $booking_form_id = tep_db_insert_id();
    echo "Thanh cong";
} catch (Exception $e) {
    echo 'Exception caught: ', $e->getMessage(), "\n";
}
foreach ($_SESSION['cart_room'] as $key => $value) {
    if ($key != null and $value != NULL) {
    }
}
예제 #20
0
                tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process'));
            }
            break;
        case 'save_account':
            $admin_id = tep_db_prepare_input($_POST['id_info']);
            $admin_email_address = tep_db_prepare_input($_POST['admin_email_address']);
            $stored_email[] = 'NONE';
            $hiddenPassword = '******';
            $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
            while ($check_email = tep_db_fetch_array($check_email_query)) {
                $stored_email[] = $check_email['admin_email_address'];
            }
            if (in_array($_POST['admin_email_address'], $stored_email)) {
                tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email'));
            } else {
                $sql_data_array = array('admin_username' => tep_db_prepare_input($_POST['admin_username']), 'admin_firstname' => tep_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => tep_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => tep_db_prepare_input($_POST['admin_email_address']), 'admin_password' => tep_encrypt_password(tep_db_prepare_input($_POST['admin_password'])), 'admin_modified' => 'now()');
                tep_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
                tep_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], HTTP_SERVER . DIR_WS_ADMIN, $_POST['admin_username'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
                tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'page=' . $_GET['page'] . '&mID=' . $admin_id));
            }
            break;
    }
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php 
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
예제 #21
0
  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2008 osCommerce

  Released under the GNU General Public License
*/
require 'includes/application_top.php';
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_PASSWORD_FORGOTTEN;
if (isset($HTTP_GET_VARS['action']) && $HTTP_GET_VARS['action'] == 'process' && isset($HTTP_POST_VARS['formid']) && $HTTP_POST_VARS['formid'] == $sessiontoken) {
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
    $check_customer_query = tep_db_query("select customers_firstname, customers_lastname, customers_password, customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
    if (tep_db_num_rows($check_customer_query)) {
        $check_customer = tep_db_fetch_array($check_customer_query);
        $new_password = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
        $crypted_password = tep_encrypt_password($new_password);
        tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $check_customer['customers_id'] . "'");
        tep_mail($check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
        $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success');
        tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
    } else {
        $messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
    }
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_LOGIN, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL'));
require DIR_WS_INCLUDES . 'template_top.php';
?>

    <?php 
echo tep_draw_form('password_forgotten', tep_href_link(FILENAME_PASSWORD_FORGOTTEN, 'action=process', 'SSL'), 'post', '', true);
예제 #22
0
}
// needs to be included earlier to set the success message in the messageStack
require DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/content/account/cm_account_set_password.php';
if (isset($_POST['action']) && $_POST['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
    $password_new = HTML::sanitize($_POST['password_new']);
    $password_confirmation = HTML::sanitize($_POST['password_confirmation']);
    $error = false;
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
    }
    if ($error == false) {
        $OSCOM_Db->save('customers', ['customers_password' => tep_encrypt_password($password_new)], ['customers_id' => $_SESSION['customer_id']]);
        $OSCOM_Db->save('customers_info', ['customers_info_date_account_last_modified' => 'now()'], ['customers_info_id' => $_SESSION['customer_id']]);
        $messageStack->add_session('account', MODULE_CONTENT_ACCOUNT_SET_PASSWORD_SUCCESS_PASSWORD_SET, 'success');
        OSCOM::redirect('account.php', '', 'SSL');
    }
}
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_1, OSCOM::link('account.php', '', 'SSL'));
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_2, OSCOM::link('ext/modules/content/account/set_password.php', '', 'SSL'));
require 'includes/template_top.php';
?>

<div class="page-header">
  <h1><?php 
echo MODULE_CONTENT_ACCOUNT_SET_PASSWORD_HEADING_TITLE;
?>
</h1>
예제 #23
0
                    }
                }
            }
            $messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error');
            break;
        case 'logoff':
            tep_session_unregister('selected_box');
            tep_session_unregister('admin');
            tep_redirect(tep_href_link(FILENAME_DEFAULT));
            break;
        case 'create':
            $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1");
            if (tep_db_num_rows($check_query) == 0) {
                $username = tep_db_prepare_input($HTTP_POST_VARS['username']);
                $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
                tep_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $username . '", "' . tep_encrypt_password($password) . '")');
            }
            tep_redirect(tep_href_link(FILENAME_LOGIN));
            break;
    }
}
$languages = tep_get_languages();
$languages_array = array();
$languages_selected = DEFAULT_LANGUAGE;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
    $languages_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']);
    if ($languages[$i]['directory'] == $language) {
        $languages_selected = $languages[$i]['code'];
    }
}
$admins_check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1");
예제 #24
0
 function ec_step2()
 {
     global $HTTP_GET_VARS, $paypal_ec_token, $customer_id, $customer_first_name, $language;
     global $customer_default_address_id, $sendto;
     //Visitor just came back from PayPal and so we collect all the info returned, create an account if necessary,
     //then log them in, and then send them to checkout_shipping.php.  What a long, strange trip it's been.
     if ($paypal_ec_token == '') {
         if (isset($HTTP_GET_VARS['token'])) {
             $paypal_ec_token = $HTTP_GET_VARS['token'];
         } else {
             $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
         }
     }
     //Make sure the token is in the correct format
     if (!ereg("([C-E]{2})-([A-Z0-9]{17})", $paypal_ec_token)) {
         $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
     }
     $caller = $this->paypal_init();
     $ecdt =& Services_PayPal::getType('GetExpressCheckoutDetailsRequestType');
     $ecdt->setToken($paypal_ec_token);
     $response = $caller->GetExpressCheckoutDetails($ecdt);
     if (strlen(Services_PayPal::isError($response)) > 0 || $response->Ack != 'Success' && $response->Ack != 'SuccessWithWarning') {
         if ($this->enableDebugging == '1') {
             tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'PayPal Error Dump', "In function: ec_step2()\r\n\r\n" . var_dump($response), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         }
         $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_GEN_ERROR . $this->return_transaction_errors($response->Errors), true);
     } else {
         //This is an array of all the info sent back by PayPal
         $details = $response->getGetExpressCheckoutDetailsResponseDetails();
         $payer_info = $details->getPayerInfo();
         if (MODULE_PAYMENT_PAYPAL_DP_REQ_VERIFIED == 'Yes' && strtolower($payer_info->PayerStatus) != 'verified') {
             $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_UNVERIFIED, true);
         }
         $paypal_ec_payer_id = $payer_info->getPayerID();
         tep_session_register('paypal_ec_payer_id');
         $_SESSION['paypal_ec_payer_id'] = $paypal_ec_payer_id;
         $fullname = $payer_info->getPayerName();
         $address_info = $payer_info->getAddress();
         //Hoag: Begin telephone fix (1 of 3)
         $phone = $details->getContactPhone();
         //Hoag: End telephone fix (1 of 3)
         //I didn't include the international variables since PayPal only supports USD at this time
         $paypal_ec_payer_info = array('payer_id' => $payer_info->PayerID, 'payer_email' => $payer_info->Payer, 'payer_firstname' => $fullname->FirstName, 'payer_lastname' => $fullname->LastName, 'payer_business' => $payer_info->PayerBusiness, 'payer_status' => $payer_info->PayerStatus, 'ship_owner' => $address_info->AddressOwner, 'ship_name' => $address_info->Name, 'ship_street_1' => $address_info->Street1, 'ship_street_2' => $address_info->Street2, 'ship_city' => $address_info->CityName, 'ship_state' => $address_info->StateOrProvince, 'ship_postal_code' => $address_info->PostalCode, 'ship_country' => $address_info->Country, 'ship_country_name' => $address_info->CountryName, 'ship_phone' => $address_info->Phone, 'ship_phone' => $phone, 'ship_address_status' => $address_info->AddressStatus);
         //$_SESSION['paypal_ec_payer_info'] = $paypal_ec_payer_info;
         tep_session_register('paypal_ec_payer_info');
         //Get the customer's country ID.
         $country_query = tep_db_query("SELECT countries_id, address_format_id FROM " . TABLE_COUNTRIES . " WHERE countries_name = '" . $paypal_ec_payer_info['ship_country_name'] . "' LIMIT 1");
         if (tep_db_num_rows($country_query) > 0) {
             $country = tep_db_fetch_array($country_query);
             $country_id = $country['countries_id'];
             $address_format_id = $country['address_format_id'];
         } else {
             $country_id = '';
             $address_format_id = '2';
             //2 is the American format
         }
         $states_query = tep_db_query("SELECT zone_id FROM " . TABLE_ZONES . " WHERE zone_code = '" . $paypal_ec_payer_info['ship_state'] . "' AND zone_country_id = '" . $country_id . "' LIMIT 1");
         if (tep_db_num_rows($states_query) > 0) {
             $states = tep_db_fetch_array($states_query);
             $state_id = $states['zone_id'];
         } else {
             $state_id = '';
         }
         $order->customer['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
         $order->customer['company'] = $paypal_ec_payer_info['payer_business'];
         $order->customer['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->customer['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->customer['city'] = $paypal_ec_payer_info['ship_city'];
         $order->customer['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->customer['state'] = $paypal_ec_payer_info['ship_state'];
         $order->customer['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->customer['format_id'] = $address_format_id;
         $order->customer['email_address'] = $paypal_ec_payer_info['payer_email'];
         //Hoag: Begin telephone fix (3 of 3)
         $order->customer['telephone'] = $paypal_ec_payer_info['ship_phone'];
         //Hoag: End telephone fix (3 of 3)
         //For some reason, $order->billing gets erased between here and checkout_confirmation.php
         $order->billing['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
         $order->billing['company'] = $paypal_ec_payer_info['payer_business'];
         $order->billing['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->billing['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->billing['city'] = $paypal_ec_payer_info['ship_city'];
         $order->billing['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->billing['state'] = $paypal_ec_payer_info['ship_state'];
         $order->billing['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->billing['format_id'] = $address_format_id;
         /*Disabled for now
           //If they selected an address on PayPal's site with a different zipcode than was previously selected
           //send them back to the shipping page
           if ($order->delivery['postcode'] == $paypal_ec_payer_info['ship_postal_code']) {
             $goto_shipping = false;
           } else {
             $goto_shipping = true;
           }
           */
         $order->delivery['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
         $order->delivery['company'] = $paypal_ec_payer_info['payer_business'];
         $order->delivery['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->delivery['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->delivery['city'] = $paypal_ec_payer_info['ship_city'];
         $order->delivery['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->delivery['state'] = $paypal_ec_payer_info['ship_state'];
         $order->delivery['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->delivery['format_id'] = $address_format_id;
         if (!tep_session_is_registered('paypal_ec_temp')) {
             tep_session_register('paypal_ec_temp');
         }
         if (tep_session_is_registered('customer_first_name') && tep_session_is_registered('customer_id')) {
             //They're logged in, so forward them straight to checkout_shipping.php
             $order->customer['id'] = $customer_id;
             if (!tep_session_is_registered('sendto')) {
                 tep_session_register('sendto');
             }
             $_SESSION['sendto'] = $customer_default_address_id;
             $_SESSION['paypal_ec_temp'] = false;
             $this->away_with_you();
             /*disabled for now
               //0.6.2b modification.  If they already have a shipping amount calculated for this zip code, send them on instead of backwards
               if ($goto_shipping) {
                 $this->away_with_you();
               } else {
                 $this->away_with_you('', false, FILENAME_CHECKOUT_CONFIRMATION);
               }
               */
         } else {
             //They're not logged in.  Create an account if necessary, and then log them in.
             //First, see if they're an existing customer
             //If Paypal didn't send an email address, something went wrong
             if (trim($paypal_ec_payer_info['payer_email']) == '') {
                 $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
             }
             $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_paypal_payerid, customers_paypal_ec from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($paypal_ec_payer_info['payer_email']) . "'");
             $check_customer = tep_db_fetch_array($check_customer_query);
             if (tep_db_num_rows($check_customer_query) > 0) {
                 $check_customer = tep_db_fetch_array($check_customer_query);
                 $acct_exists = true;
                 if ($check_customer['customers_paypal_ec'] == '1') {
                     //Delete the existing temporary account
                     $this->ec_delete_user($check_customer['customers_id']);
                     $acct_exists = false;
                 }
             }
             //Create an account
             if (!$acct_exists) {
                 //Generate a random 8-char password
                 $salt = "46z3haZzegmn676PA3rUw2vrkhcLEn2p1c6gf7vp2ny4u3qqfqBh5j6kDhuLmyv9xf";
                 srand((double) microtime() * 1000000);
                 $password = '';
                 for ($x = 0; $x < 7; $x++) {
                     $num = rand() % 33;
                     $tmp = substr($salt, $num, 1);
                     $password = $password . $tmp;
                 }
                 $sql_data_array = array('customers_firstname' => $paypal_ec_payer_info['payer_firstname'], 'customers_lastname' => $paypal_ec_payer_info['payer_lastname'], 'customers_email_address' => $paypal_ec_payer_info['payer_email'], 'customers_telephone' => $paypal_ec_payer_info['ship_phone'], 'customers_fax' => '', 'customers_newsletter' => '0', 'customers_password' => tep_encrypt_password($password), 'customers_paypal_payerid' => $paypal_ec_payer_id);
                 tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
                 $customer_id = tep_db_insert_id();
                 $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $paypal_ec_payer_info['payer_firstname'], 'entry_lastname' => $paypal_ec_payer_info['payer_lastname'], 'entry_street_address' => $paypal_ec_payer_info['ship_street_1'], 'entry_suburb' => $paypal_ec_payer_info['ship_street_2'], 'entry_city' => $paypal_ec_payer_info['ship_city'], 'entry_zone_id' => $state_id, 'entry_postcode' => $paypal_ec_payer_info['ship_postal_code'], 'entry_country_id' => $country_id);
                 tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
                 $address_id = tep_db_insert_id();
                 tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
                 tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
                 if (MODULE_PAYMENT_PAYPAL_DP_NEW_ACCT_NOTIFY == 'Yes') {
                     require DIR_WS_LANGUAGES . $language . '/' . FILENAME_CREATE_ACCOUNT;
                     $email_text = sprintf(EMAIL_GREET_NONE, $paypal_ec_payer_info['payer_firstname']) . EMAIL_WELCOME . EMAIL_TEXT;
                     $email_text .= EMAIL_EC_ACCOUNT_INFORMATION . "Username: "******"\nPassword: "******"\n\n";
                     $email_text .= EMAIL_CONTACT;
                     tep_mail($paypal_ec_payer_info['payer_firstname'] . " " . $paypal_ec_payer_info['payer_lastname'], $paypal_ec_payer_info['payer_email'], EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
                     $_SESSION['paypal_ec_temp'] = false;
                 } else {
                     //Make it a temporary account that'll be deleted once they've checked out
                     tep_db_query("UPDATE " . TABLE_CUSTOMERS . " SET customers_paypal_ec = '1' WHERE customers_id = '" . (int) $customer_id . "'");
                     $_SESSION['paypal_ec_temp'] = True;
                 }
             } else {
                 $_SESSION['paypal_ec_temp'] = false;
             }
             $sendto = $address_id;
             if (!tep_session_is_registered('sendto')) {
                 tep_session_register('sendto');
             }
             $this->user_login($_SESSION['paypal_ec_payer_info']['payer_email']);
         }
     }
 }
예제 #25
0
        ?>

            <script type="text/javascript">
            $(document).ready(function() {
            $('#emailCheck').css({ 'display': 'block'});
            $("#TermsAgree").removeAttr("checked");
            $('#Customers_info_input_password').val('');
            $('#Customers_info_input_password').attr("placeholder", "Wachtwoord");
            $('#Customers_info_input_password2').val('');
            $('#Customers_info_input_password2').attr("placeholder", "Wachtwoord bevestigen");
            });
            </script>

       <?php 
    } else {
        $sql_data_array = array('customers_firstname' => $lastname . ' ' . $firstname, 'customers_lastname' => '', 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_password' => tep_encrypt_password($password), 'status' => '1');
        tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
        $customer_id = tep_db_insert_id();
        $sql_data_array1 = array('customers_id' => $customer_id, 'entry_firstname' => $lastname . ' ' . $firstname, 'entry_lastname' => '', 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
        tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array1);
        $address_id = tep_db_insert_id();
        tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
        tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
    }
    ?>
 <?php 
}
// nikhil
?>
                        </div>
                </div>
예제 #26
0
                $messageStack->add_session(ERROR_ADMINISTRATOR_EXISTS, 'error');
            }
            tep_redirect(tep_href_link(FILENAME_ADMINISTRATORS));
            break;
        case 'save':
            require 'includes/functions/password_funcs.php';
            $username = tep_db_prepare_input($HTTP_POST_VARS['username']);
            $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
            $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($admin['username']) . "'");
            $check = tep_db_fetch_array($check_query);
            if ($admin['id'] == $check['id']) {
                $admin['username'] = $username;
            }
            tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_name = '" . tep_db_input($username) . "' where id = '" . (int) $HTTP_GET_VARS['aID'] . "'");
            if (tep_not_null($password)) {
                tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_password = '******' where id = '" . (int) $HTTP_GET_VARS['aID'] . "'");
            }
            tep_redirect(tep_href_link(FILENAME_ADMINISTRATORS, 'aID=' . (int) $HTTP_GET_VARS['aID']));
            break;
        case 'deleteconfirm':
            $id = tep_db_prepare_input($HTTP_GET_VARS['aID']);
            $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($admin['username']) . "'");
            $check = tep_db_fetch_array($check_query);
            if ($id == $check['id']) {
                tep_session_unregister('admin');
            }
            tep_db_query("delete from " . TABLE_ADMINISTRATORS . " where id = '" . (int) $id . "'");
            tep_redirect(tep_href_link(FILENAME_ADMINISTRATORS));
            break;
    }
}
  Copyright (c) 2005 osCommerce

  Released under the GNU General Public License
*/
require 'includes/application_top.php';
require DIR_WS_LANGUAGES . $osC_Session->value('language') . '/' . FILENAME_PASSWORD_FORGOTTEN;
if (isset($_GET['action']) && $_GET['action'] == 'process') {
    $Qcheck = $osC_Database->query('select customers_id, customers_firstname, customers_lastname, customers_password from :table_customers where customers_email_address = :customers_email_address');
    $Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
    $Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
    $Qcheck->execute();
    if ($Qcheck->numberOfRows()) {
        $new_password = tep_create_random_value(ACCOUNT_PASSWORD);
        $Qupdate = $osC_Database->query('update :table_customers set customers_password = :customers_password where customers_id = :customers_id');
        $Qupdate->bindTable(':table_customers', TABLE_CUSTOMERS);
        $Qupdate->bindValue(':customers_password', tep_encrypt_password($new_password));
        $Qupdate->bindInt(':customers_id', $Qcheck->valueInt('customers_id'));
        $Qupdate->execute();
        tep_mail($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $_POST['email_address'], EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
        $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success');
        tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
    } else {
        $messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
    }
}
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_LOGIN, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL'));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php 
echo HTML_PARAMS;
예제 #28
0
파일: login.php 프로젝트: wrtcoder/mini_isp
 // Check if email exists
 $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
 if (!tep_db_num_rows($check_customer_query)) {
     $error = true;
 } else {
     $check_customer = tep_db_fetch_array($check_customer_query);
     // Check that password is good
     if (!tep_validate_password($password, $check_customer['customers_password'])) {
         $error = true;
     } else {
         if (SESSION_RECREATE == 'True') {
             tep_session_recreate();
         }
         // migrate old hashed password to new phpass password
         if (tep_password_type($check_customer['customers_password']) != 'phpass') {
             tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $check_customer['customers_id'] . "'");
         }
         $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
         $check_country = tep_db_fetch_array($check_country_query);
         $customer_id = $check_customer['customers_id'];
         $customer_default_address_id = $check_customer['customers_default_address_id'];
         $customer_first_name = $check_customer['customers_firstname'];
         $customer_country_id = $check_country['entry_country_id'];
         $customer_zone_id = $check_country['entry_zone_id'];
         tep_session_register('customer_id');
         tep_session_register('customer_default_address_id');
         tep_session_register('customer_first_name');
         tep_session_register('customer_country_id');
         tep_session_register('customer_zone_id');
         tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int) $customer_id . "'");
         // reset session token
예제 #29
0
}
// needs to be included earlier to set the success message in the messageStack
require DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/content/account/cm_account_set_password.php';
if (isset($_POST['action']) && $_POST['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
    $password_new = tep_db_prepare_input($_POST['password_new']);
    $password_confirmation = tep_db_prepare_input($_POST['password_confirmation']);
    $error = false;
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
    }
    if ($error == false) {
        tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $customer_id . "'");
        tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customer_id . "'");
        $messageStack->add_session('account', MODULE_CONTENT_ACCOUNT_SET_PASSWORD_SUCCESS_PASSWORD_SET, 'success');
        tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
    }
}
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
$breadcrumb->add(MODULE_CONTENT_ACCOUNT_SET_PASSWORD_NAVBAR_TITLE_2, tep_href_link('ext/modules/content/account/set_password.php', '', 'SSL'));
require DIR_WS_INCLUDES . 'template_top.php';
?>

<div class="page-header">
  <h1><?php 
echo MODULE_CONTENT_ACCOUNT_SET_PASSWORD_HEADING_TITLE;
?>
</h1>
예제 #30
0
/**
 * Process a <new-order-notification>.
 *
 * If the email user does not exist, create the user and log in.
 *
 * If the user does not exist as a Google Checkout user, add them
 * to the google_checkout table to match the buyer_id and customer_id.
 *
 * Add the order to the logged-in user.
 *
 * TODO(eddavisson): This function is way too long. Split into pieces.
 */
function process_new_order_notification($google_response, $google_checkout)
{
    global $order, $currencies, $languages_id;
    list($root, $gc_data) = $google_response->GetParsedXML();
    // Check if the order was already processed.
    $google_order = tep_db_fetch_array(tep_db_query("select orders_id " . " from " . $google_checkout->table_order . " " . " where google_order_number = " . $gc_data[$root]['google-order-number']['VALUE']));
    // Check if order was alread processed.
    if ($google_order['orders_id'] != '') {
        //Send ACK http 200 to avoid notification resend.
        $google_response->log->logError(sprintf(GOOGLECHECKOUT_ERR_DUPLICATED_ORDER, $gc_data[$root]['google-order-number']['VALUE'], $google_order['orders_id']));
        $google_response->SendAck();
    }
    // Check if the email exists.
    $customer_exists = tep_db_fetch_array(tep_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . gc_make_sql_string($gc_data[$root]['buyer-billing-address']['email']['VALUE']) . "'"));
    // Check if the GC buyer id exists
    $customer_info = tep_db_fetch_array(tep_db_query("select gct.customers_id from " . $google_checkout->table_name . " gct " . " inner join " . TABLE_CUSTOMERS . " tc on gct.customers_id = tc.customers_id " . " where gct.buyer_id = " . gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE'])));
    $new_user = false;
    // Ignore session to avoid mix of Cart-GC sessions/emails
    // GC email is the most important one
    if ($customer_exists['customers_id'] != '') {
        $customer_id = $customer_exists['customers_id'];
        tep_session_register('customer_id');
    } else {
        if ($customer_info['customers_id'] != '') {
            $customer_id = $customer_info['customers_id'];
            tep_session_register('customer_id');
        } else {
            list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-billing-address']['contact-name']['VALUE']), 2);
            $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $gc_data[$root]['buyer-billing-address']['email']['VALUE'], 'customers_telephone' => $gc_data[$root]['buyer-billing-address']['phone']['VALUE'], 'customers_fax' => $gc_data[$root]['buyer-billing-address']['fax']['VALUE'], 'customers_default_address_id' => 0, 'customers_password' => tep_encrypt_password(gc_make_sql_string($gc_data[$root]['buyer-id']['VALUE'])), 'customers_newsletter' => $gc_data[$root]['buyer-marketing-preferences']['email-allowed']['VALUE'] == 'true' ? 1 : 0);
            if (ACCOUNT_DOB == 'true') {
                $sql_data_array['customers_dob'] = 'now()';
            }
            tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
            $customer_id = tep_db_insert_id();
            tep_session_register('customer_id');
            tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . "\n        (customers_info_id, customers_info_number_of_logons,\n        customers_info_date_account_created)\n        values ('" . (int) $customer_id . "', '0', now())");
            tep_db_query("insert into " . $google_checkout->table_name . " " . " values ( " . $customer_id . ", " . $gc_data[$root]['buyer-id']['VALUE'] . ")");
            $new_user = true;
        }
    }
    // The user exists and is logged in.
    // Check database to see if the address exist.
    $address_book = tep_db_query("select address_book_id, entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . "\n          where  customers_id = '" . $customer_id . "'\n              and entry_street_address = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address1']['VALUE']) . "'\n              and entry_suburb = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['address2']['VALUE']) . "'\n              and entry_postcode = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE']) . "'\n              and entry_city = '" . gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['city']['VALUE']) . "'");
    // If not, add the address as the default.
    if (!tep_db_num_rows($address_book)) {
        $buyer_state = $gc_data[$root]['buyer-shipping-address']['region']['VALUE'];
        $zone_answer = tep_db_fetch_array(tep_db_query("select zone_id, zone_country_id from " . TABLE_ZONES . " where zone_code = '" . $buyer_state . "'"));
        list($firstname, $lastname) = explode(' ', gc_make_sql_string($gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE']), 2);
        $sql_data_array = array('customers_id' => $customer_id, 'entry_gender' => '', 'entry_company' => $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE'], 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $gc_data[$root]['buyer-shipping-address']['address1']['VALUE'], 'entry_suburb' => $gc_data[$root]['buyer-shipping-address']['address2']['VALUE'], 'entry_postcode' => $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE'], 'entry_city' => $gc_data[$root]['buyer-shipping-address']['city']['VALUE'], 'entry_state' => $buyer_state, 'entry_country_id' => $zone_answer['zone_country_id'], 'entry_zone_id' => $zone_answer['zone_id']);
        tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
        $address_id = tep_db_insert_id();
        tep_db_query("update " . TABLE_CUSTOMERS . "\n        set customers_default_address_id = '" . (int) $address_id . "'\n        where customers_id = '" . (int) $customer_id . "'");
        $customer_default_address_id = $address_id;
        $customer_country_id = $zone_answer['zone_country_id'];
        $customer_zone_id = $zone_answer['zone_id'];
    } else {
        $customer_default_address_id = $address_book['address_book_id'];
        $customer_country_id = $address_book['entry_country_id'];
        $customer_zone_id = $address_book['entry_zone_id'];
    }
    $customer_first_name = $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'];
    tep_session_register('customer_default_address_id');
    tep_session_register('customer_country_id');
    tep_session_register('customer_zone_id');
    tep_session_register('customer_first_name');
    // Customer exists, is logged and address book is up to date.
    list($shipping, $shipping_cost, $shipping_method_name, $shipping_method_code) = get_shipping_info($google_checkout, $gc_data[$root]);
    $tax_amt = $gc_data[$root]['order-adjustment']['total-tax']['VALUE'];
    //$order_total = $gc_data[$root]['order-total']['VALUE'];
    require DIR_WS_CLASSES . 'order.php';
    $order = new order();
    // Load the selected shipping module.
    $payment_method = $google_checkout->title;
    if (MODULE_PAYMENT_GOOGLECHECKOUT_MODE == 'https://sandbox.google.com/checkout/') {
        $payment_method .= " - SANDBOX";
    }
    //$method_name = '';
    //if (!empty($shipping)) {
    //  require (DIR_WS_CLASSES . 'shipping.php');
    //  $shipping_modules = new shipping($shipping);
    //  list ($a, $method_name) = explode(': ', $shipping, 2);
    //}
    // Set up order info.
    list($order->customer['firstname'], $order->customer['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2);
    $order->customer['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE'];
    $order->customer['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE'];
    $order->customer['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE'];
    $order->customer['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE'];
    $order->customer['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE'];
    $order->customer['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE'];
    $order->customer['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE'];
    $order->customer['telephone'] = $gc_data[$root]['buyer-billing-address']['phone']['VALUE'];
    $order->customer['email_address'] = $gc_data[$root]['buyer-billing-address']['email']['VALUE'];
    $order->customer['format_id'] = 2;
    list($order->delivery['firstname'], $order->delivery['lastname']) = explode(' ', $gc_data[$root]['buyer-shipping-address']['contact-name']['VALUE'], 2);
    $order->delivery['company'] = $gc_data[$root]['buyer-shipping-address']['company-name']['VALUE'];
    $order->delivery['street_address'] = $gc_data[$root]['buyer-shipping-address']['address1']['VALUE'];
    $order->delivery['suburb'] = $gc_data[$root]['buyer-shipping-address']['address2']['VALUE'];
    $order->delivery['city'] = $gc_data[$root]['buyer-shipping-address']['city']['VALUE'];
    $order->delivery['postcode'] = $gc_data[$root]['buyer-shipping-address']['postal-code']['VALUE'];
    $order->delivery['state'] = $gc_data[$root]['buyer-shipping-address']['region']['VALUE'];
    $order->delivery['country']['title'] = $gc_data[$root]['buyer-shipping-address']['country-code']['VALUE'];
    $order->delivery['format_id'] = 2;
    list($order->billing['firstname'], $order->billing['lastname']) = explode(' ', $gc_data[$root]['buyer-billing-address']['contact-name']['VALUE'], 2);
    $order->billing['company'] = $gc_data[$root]['buyer-billing-address']['company-name']['VALUE'];
    $order->billing['street_address'] = $gc_data[$root]['buyer-billing-address']['address1']['VALUE'];
    $order->billing['suburb'] = $gc_data[$root]['buyer-billing-address']['address2']['VALUE'];
    $order->billing['city'] = $gc_data[$root]['buyer-billing-address']['city']['VALUE'];
    $order->billing['postcode'] = $gc_data[$root]['buyer-billing-address']['postal-code']['VALUE'];
    $order->billing['state'] = $gc_data[$root]['buyer-billing-address']['region']['VALUE'];
    $order->billing['country']['title'] = $gc_data[$root]['buyer-billing-address']['country-code']['VALUE'];
    $order->billing['format_id'] = 2;
    $order->info['payment_method'] = $payment_method;
    $order->info['payment_module_code'] = $google_checkout->code;
    $order->info['shipping_method'] = $shipping_method_name;
    $order->info['shipping_module_code'] = $shipping_method_code;
    $order->info['cc_type'] = '';
    $order->info['cc_owner'] = '';
    $order->info['cc_number'] = '';
    $order->info['cc_expires'] = '';
    $order->info['order_status'] = GC_STATE_NEW;
    $order->info['tax'] = $tax_amt;
    $order->info['currency'] = $gc_data[$root]['order-total']['currency'];
    $order->info['currency_value'] = 1;
    //$customers_ip_address'] = $gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE'];
    $order->info['comments'] = GOOGLECHECKOUT_STATE_NEW_ORDER_NUM . $gc_data[$root]['google-order-number']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_MC_USED . (@$gc_data[$root]['order-adjustment']['merchant-calculation-successful']['VALUE'] == 'true' ? 'True' : 'False') . ($new_user ? "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_USER . $gc_data[$root]['buyer-billing-address']['email']['VALUE'] . "\n" . GOOGLECHECKOUT_STATE_NEW_ORDER_BUYER_PASS . $gc_data[$root]['buyer-id']['VALUE'] : '');
    $coupons = gc_get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment']);
    //$gift_cert = get_arr_result(@$gc_data[$root]['order-adjustment']['merchant-codes']['gift-certificate-adjustment']);
    $items = gc_get_arr_result($gc_data[$root]['shopping-cart']['items']['item']);
    // Get Coustoms OT
    $custom_order_totals_total = 0;
    $custom_order_totals = array();
    $order->products = array();
    foreach ($items as $item) {
        if (isset($item['merchant-private-item-data']['item']['VALUE'])) {
            $order->products[] = unserialize(base64_decode($item['merchant-private-item-data']['item']['VALUE']));
        } else {
            if ($item['merchant-private-item-data']['order_total']['VALUE']) {
                $order_total = unserialize(base64_decode($item['merchant-private-item-data']['order_total']['VALUE']));
                $custom_order_totals[] = $order_total;
                $order_total_value = $order_total['value'] * (strrpos($order_total['text'], '-') === false ? 1 : -1);
                $custom_order_totals_total += $currencies->get_value($gc_data[$root]['order-total']['currency']) * $order_total_value;
            } else {
                // For invoices.
                $order->products[] = array('qty' => $item['quantity']['VALUE'], 'name' => $item['item-name']['VALUE'], 'model' => $item['item-description']['VALUE'], 'tax' => 0, 'tax_description' => @$item['tax-table-selector']['VALUE'], 'price' => $item['unit-price']['VALUE'], 'final_price' => $item['unit-price']['VALUE'], 'onetime_charges' => 0, 'weight' => 0, 'products_priced_by_attribute' => 0, 'product_is_free' => 0, 'products_discount_type' => 0, 'products_discount_type_from' => 0, 'id' => @$item['merchant-item-id']['VALUE']);
            }
        }
    }
    $cart = new shoppingCart();
    $prod_attr = gc_get_prattr($order->products);
    foreach ($prod_attr as $product_id => $item_data) {
        //$products_id, $qty = '1', $attributes = '
        $cart->add_cart($product_id, $item_data['qty'], $item_data['attr']);
    }
    // Update values so that order_total modules get the correct values.
    $order->info['total'] = $gc_data[$root]['order-total']['VALUE'];
    $order->info['subtotal'] = $gc_data[$root]['order-total']['VALUE'] - ($shipping_cost + $tax_amt) + @$coupons[0]['applied-amount']['VALUE'] - $custom_order_totals_total;
    $order->info['coupon_code'] = @$coupons[0]['code']['VALUE'];
    $order->info['shipping_method'] = $shipping;
    $order->info['shipping_cost'] = $shipping_cost;
    $order->info['tax_groups']['tax'] = $tax_amt;
    $order->info['currency'] = $gc_data[$root]['order-total']['currency'];
    $order->info['currency_value'] = 1;
    require DIR_WS_CLASSES . 'order_total.php';
    $order_total_modules = new order_total();
    // Disable OT sent as items in the GC cart
    foreach ($order_total_modules->modules as $order_total_code => $order_total) {
        if (!in_array(substr($order_total, 0, strrpos($order_total, '.')), $google_checkout->ignore_order_total)) {
            unset($order_total_modules->modules[$order_total_code]);
        }
    }
    $order_totals = $order_total_modules->process();
    // Not necessary, since order totals are already disabled.
    //foreach($order_totals as $order_total_code => $order_total){
    //  if(!in_array($order_total['code'], $google_checkout->ignore_order_total)){
    //    unset($order_totals[$order_total_code]);
    //  }
    //}
    // Merge all order totals.
    $order_totals = array_merge($order_totals, $custom_order_totals);
    if (isset($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) {
        $order_totals[] = array('code' => 'ot_coupon', 'title' => "<b>" . MODULE_ORDER_TOTAL_COUPON_TITLE . " " . @$coupons[0]['code']['VALUE'] . ":</b>", 'text' => $currencies->format(@$coupons[0]['applied-amount']['VALUE'] * -1, false, @$coupons[0]['applied-amount']['currency']), 'value' => @$coupons[0]['applied-amount']['VALUE'], 'sort_order' => 280);
    }
    function order_total_compare($a, $b)
    {
        if ($a['sort_order'] == $b['sort_order']) {
            return 0;
        } else {
            return $a['sort_order'] < $b['sort_order'] ? -1 : 1;
        }
    }
    usort($order_totals, "order_total_compare");
    $sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']);
    tep_db_perform(TABLE_ORDERS, $sql_data_array);
    $insert_id = tep_db_insert_id();
    for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
        $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']);
        tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
    }
    $customer_notification = SEND_EMAILS == 'true' ? '1' : '0';
    $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']);
    tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
    // Initialized for the email confirmation.
    $products_ordered = '';
    $subtotal = 0;
    $total_tax = 0;
    $total_weight = 0;
    $total_products_price = 0;
    $products_tax = 0;
    $total_cost = 0;
    for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
        // Stock Update - Joao Correia.
        if (STOCK_LIMITED == 'true') {
            if (DOWNLOAD_ENABLED == 'true') {
                $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename\n                            FROM " . TABLE_PRODUCTS . " p\n                            LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                             ON p.products_id=pa.products_id\n                            LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n                             ON pa.products_attributes_id=pad.products_attributes_id\n                            WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
                // Will work with only one option for downloadable products
                // otherwise, we have to build the query dynamically with a loop
                $products_attributes = @$order->products[$i]['attributes'];
                if (is_array($products_attributes)) {
                    $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
                }
                $stock_query = tep_db_query($stock_query_raw);
            } else {
                $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
            }
            if (tep_db_num_rows($stock_query) > 0) {
                $stock_values = tep_db_fetch_array($stock_query);
                // Do not decrement quantities if products_attributes_filename exists
                if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) {
                    $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
                } else {
                    $stock_left = $stock_values['products_quantity'];
                }
                tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
                if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') {
                    tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
                }
            }
        }
        // Update products_ordered (for bestsellers list)
        tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
        $sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']);
        tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
        $order_products_id = tep_db_insert_id();
        // Insert customer-chosen options into order.
        $attributes_exist = '0';
        $products_ordered_attributes = '';
        if (isset($order->products[$i]['attributes'])) {
            $attributes_exist = '1';
            for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
                if (DOWNLOAD_ENABLED == 'true') {
                    $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n                               from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                               left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n                                on pa.products_attributes_id=pad.products_attributes_id\n                               where pa.products_id = '" . $order->products[$i]['id'] . "'\n                                and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n                                and pa.options_id = popt.products_options_id\n                                and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n                                and pa.options_values_id = poval.products_options_values_id\n                                and popt.language_id = '" . $languages_id . "'\n                                and poval.language_id = '" . $languages_id . "'";
                    $attributes = tep_db_query($attributes_query);
                } else {
                    $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
                }
                $attributes_values = tep_db_fetch_array($attributes);
                $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
                tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
                if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
                    $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']);
                    tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
                }
                $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
            }
        }
        $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight'];
        $total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];
        $total_cost += $total_products_price;
        $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
    }
    // FOR COUPON SUPPORT
    /*
    $insert_id = $order->create($order_totals, 2);
    //$order_total_modules = new order_total();
    // Store the product info to the order.
    $order->create_add_products($insert_id);
    //$order_number_created'] = $insert_id;
    // Add coupon to redeem track.
    if (isset ($gc_data[$root]['order-adjustment']['merchant-codes']['coupon-adjustment'])) {
      $sql = "select coupon_id
                              from " . TABLE_COUPONS . "
                              where coupon_code= :couponCodeEntered
                              and coupon_active='Y'";
      $sql = $db->bindVars($sql, ':couponCodeEntered', $coupons[0]['code']['VALUE'], 'string');
    
      $coupon_result = tep_db_query($sql);
      $cc_id = $coupon_result['coupon_id'];
    
      tep_db_query("insert into " . TABLE_COUPON_REDEEM_TRACK . "
                                  (coupon_id, redeem_date, redeem_ip, customer_id, order_id)
                                  values ('" . (int) $cc_id . "', now(), '" .
      $gc_data[$root]['shopping-cart']['merchant-private-data']['ip-address']['VALUE'] .
      "', '" . (int) $customer_id . "', '" . (int) $insert_id . "')");
      $cc_id = "";
    }
    */
    // Add the order details to the table.
    // This table could be modified to hold the merchant id and key if required
    // so that different mids and mkeys can be used for different orders.
    tep_db_query("insert into " . $google_checkout->table_order . " values (" . $insert_id . ", " . gc_make_sql_string($gc_data[$root]['google-order-number']['VALUE']) . ", " . gc_make_sql_float($gc_data[$root]['order-total']['VALUE']) . ")");
    $cart->reset(TRUE);
    tep_session_unregister('sendto');
    tep_session_unregister('billto');
    tep_session_unregister('shipping');
    tep_session_unregister('payment');
    tep_session_unregister('comments');
    $google_response->SendAck();
}