/** * logs a user in * * Status Codes:<br /> * 0: success<br /> * 1: incorrect password<br /> * 1: incorrect email<br /> * * @param String $u Username * @param String $p Password * @param Boolean $redirect redirect on successful login * @return Int status code */ public static function log_user_in($u, $p, $redirect = true) { if ($_SESSION['logged_in']) { self::logout(); } $u = dbi()->escape($u); $ip = $_SESSION['IpAddr']; if ($row = dbi()->q_1("SELECT CustomerID, Password FROM Customers WHERE Email = '$u'")) { if (crypt($p, $row->Password) == $row->Password) { // match found self::force_login($row->CustomerID); if ($redirect) { if ($_SESSION['last_page']) { $page = $_SESSION['last_page']; unset($_SESSION['last_page']); } else { $page = '/'; } Gadget::redirect($page); } return 0; } else { // incorrect password return 1; } } else { // email not found return 2; } }
$code = $PromoCode->PromoCodeName; if ($code != 'red35') { if ($PromoCode && $PromoCode->can_be_used($_SESSION['CustomerID'], 'GiftCertificates')) { $promoCodeAmount = intval($PromoCode->Amount); $giftCertAmount = intval($data['GiftAmount']); $newPromoCodeAmount = $promoCodeAmount - $giftCertAmount; if ($newPromoCodeAmount < 0) { $newPromoCodeAmount = 0; } $dbi->update('PromoCodes', array('Amount' => $newPromoCodeAmount), array('PromoCodeID' => $PromoCodeID)); } } //Gadget::add_message('success'); Gadget::redirect('success2'); } else { Gadget::add_message($transaction->get_error_message()); } } catch (Exception $e) { s('Error: ' . $e->getMessage() . $transaction->get_error_message()); Gadget::add_message($e->getMessage() . $transaction->get_error_message()); } } } $page = Page::get_from_alias('giftcertificates'); $page->add_js('/js/giftcertificates.js'); require 'header.php'; ?>
<?php require '../includes/global.inc.php'; debug(1, 1, 0); if (!$_SESSION['madison_status_UserName']) { Gadget::redirect('/admin'); } $date = date(DATE_FORMAT_MYSQL, strtotime('next Tuesday', strtotime('-1 day'))); $date_do = new DateTime($date); switch ($date) { case '2013-12-24': $date_do->setDate('2013', '12', '23'); break; case '2013-12-31': $date_do->setDate('2013', '12', '30'); break; } $date_delivery = $date_do->format('n/j/Y'); ?> <!doctype html> <html> <head> <style type="text/css" media="screen"> .order{ margin-bottom:20px; font-family: "Gill Sans", "Gill Sans MT", "Myriad Pro", "DejaVu Sans Condensed", Helvetica, Arial, sans-serif, sans-serif; font-size: 10pt; line-height: 1.1; } .header_image img{
Your meals will be delivered between {$time_window} pm at {$krustomer->DeliveryAddress->Address1}. </p> <p style="margin-top:25px;"> Get ready to don your apron – you are going to have a great time cooking with us! </p> <p style="font-weight:bold;margin-top:25px;"> Melanie & Josh<br /> Co-Founders, Madison & Rayne<br /> </p> EOT; $email->MsgHTML($body); $email->Send(); unset($_SESSION['new_order']); } } Gadget::redirect('success-sydcon'); } catch (Exception $e) { s('Error: ' . $e->getMessage() . $transaction->get_error_message()); Gadget::add_message($e->getMessage() . $transaction->get_error_message()); } } } $page = Page::get_from_alias('checkout'); $page->add_js('/js/checkout.js'); require 'header.php'; ?> <div class="content-padding"> <div><?php echo $page->content['main']; ?> </div>
</div> <?php require 'footer.php'; die; } else { Gadget::redirect('index'); die; } } elseif (isset($_REQUEST['submit_new_pass'])) { // Insert new password and set expires to 0 $request = dbi()->q_1("SELECT * FROM password_reset_requests WHERE token_id = '" . $_SESSION['token_id'] . "'"); dbi()->update('Customers', array('Password' => Access::create_hash($_REQUEST['new_pass'], 'strong')), 'CustomerID = ' . $request->CustomerID); dbi()->update('password_reset_requests', array('expires' => '0000-00-00 00:00:00'), 'token_id = \'' . $_SESSION['token_id'] . '\''); unset($_SESSION['token_id']); Gadget::add_message('Your password has been reset!'); Gadget::redirect('login'); die; } require 'header.php'; ?> <div class="content-padding"> <form name="forgot-form" class="user-form" id="forgot-form" action="forgot" method="post"> <table> <tr> <td> <label for="forgot-email">email:</label> </td> <td> <input type="text" name="forgot-email" id="forgot-email" /> </td> </tr>
<?php require '../includes/global.inc.php'; //debug(1, 1, 1); if (!$_SESSION['madison_status_UserName']) { Gadget::redirect('/admin'); } $result = $dbi->q_all(" SELECT DeliveryDate, ItemName, ItemID, Allergies, Letter_Code, IngredientName, ItemIngredients.Amount, `Count`, FirstName, LastName, Comments, CustomerID, kitchen_note, IngredientID, Type, IF((TransactionNumber IS NOT NULL OR Chefs_Tasting = '1'), '1', '0') AS TransactionStatus FROM KitchenReport1 JOIN ItemIngredients USING (ItemID) JOIN Ingredients USING (IngredientID) LEFT JOIN Customers USING (CustomerID) GROUP BY ItemName, Customers.CustomerID, IngredientID, Letter_Code ORDER BY ItemName, Customers.CustomerID, Letter_Code"); $meals = array(); foreach ($result as $row) { $item = &$meals[htmlspecialchars($row->ItemName)]; $item->Ingredients[$row->IngredientID . $row->Letter_Code] = (object) array( 'IngredientName' => htmlspecialchars($row->IngredientName), 'Amount' => $row->Amount, 'Type' => $row->Type, 'Letter_Code' => htmlspecialchars($row->Letter_Code), ); $item->Customers[$row->CustomerID] = (object) array( 'Allergies' => htmlspecialchars($row->Allergies), 'ItemName' => $row->ItemName, 'Count' => $row->Count, 'Name' => htmlspecialchars($row->FirstName . ' ' . $row->LastName), 'Comments' => htmlspecialchars($row->Comments),
} if ($meals) { if (isset($_SESSION['new_order']) && !empty($_SESSION['new_order'])) { if ($PromoCodeID !== NULL) { $_SESSION['new_order']['PromoCodeID'] = $PromoCodeID; } //$_SESSION['new_order']['meals'] = array_replace($_SESSION['new_order']['meals'], $meals); } else { /*$_SESSION['new_order'] = array( 'PromoCodeID' => $PromoCodeID, 'meals' => $meals, );*/ $_SESSION['new_order']['PromoCodeID'] = $PromoCodeID; } Gadget::redirect('checkout-sydcon'); } else { // empty order, just clear it here /*$order->PromoCodeID = $PromoCodeID; $order->DeliveryDate = Gadget::$date_do->format(DATE_FORMAT_MYSQL); $order->CustomerID = $krustomer->CustomerID; foreach ($meals as $key => $value) { $order->add_meal($key, (int) $value['n'], (int) $value['v'], '0'); } $order->insert();*/ } Access::protect_page(); }
} } if ($meals) { if (isset($_SESSION['new_order']) && !empty($_SESSION['new_order'])) { if ($PromoCodeID !== NULL) { $_SESSION['new_order']['PromoCodeID'] = $PromoCodeID; } //$_SESSION['new_order']['meals'] = array_replace($_SESSION['new_order']['meals'], $meals); } else { /*$_SESSION['new_order'] = array( 'PromoCodeID' => $PromoCodeID, 'meals' => $meals, );*/ $_SESSION['new_order']['PromoCodeID'] = $PromoCodeID; } Gadget::redirect('checkout'); } else { // empty order, just clear it here /*$order->PromoCodeID = $PromoCodeID; $order->DeliveryDate = Gadget::$date_do->format(DATE_FORMAT_MYSQL); $order->CustomerID = $krustomer->CustomerID; foreach ($meals as $key => $value) { $order->add_meal($key, (int) $value['n'], (int) $value['v'], '0'); } $order->insert();*/ } } $page = Page::get_from_alias('menu'); $page->add_css('/css/menu.css');
<?php /** * @author Brad Jorgensen <*****@*****.**> */ require 'includes/global.inc.php'; debug(0, 0, 0); Access::logout(); Gadget::redirect('index');
$PromoCode = PromoCode::get_from_id($PromoCodeID); if ($PromoCode && $PromoCode->can_be_used($krustomer->CustomerID, 'Orders')) { $PromoCodeID = $PromoCode->PromoCodeID; } else { $PromoCodeID = NULL; } } $_SESSION['subscription_update'] = array( 'WeeklyMeals' => (int) $_POST['WeeklyMeals'], 'WeeklyReg' => (int) $_POST['WeeklyReg'], 'WeeklyVeg' => (int) $_POST['WeeklyVeg'], 'PromoCodeID' => $PromoCodeID, ); Gadget::redirect('preferences'); } Gadget::add_message('Please select the number of meals and servings per week.'); } $page = Page::get_from_alias('tasting'); $page->add_css('/css/menu.css'); $page->add_js('/js/tasting.js'); require 'header.php'; ?> <div id="content-header"> <div id="content-header-left"> <p class="header-p"> our chef selects meals for you<br /> from weekly menu plus new exclusive dishes<br />