function makeModule($params) { $this->params = $params; $log_in = $this->getParams($params->params); switch ($log_in['log_in']) { case 1: if (UthandoUser::authorize()) { $return_mod = true; } break; case 0: $return_mod = true; break; } $this->module = null; if ($return_mod) { $this->getModuleHeader(); $this->getModuleTitle($this->params->module); if ($this->params->show_title == 1) { $this->module_wrap->appendChild($this->title); } $this->module = $this->getModule($params->module_name, $this->getParams($params->params)); //$this->appendChild($this->module_wrap); //return $this->toHTML(); return $this->module_wrap; } }
private function checkUserCountry() { global $uthando, $registry; if (UthandoUser::authorize()) { $row = $uthando->getResult('country_id', $registry->user . $uthando->ushop->prefix . 'user_info', null, array('WHERE' => 'user_id=' . $_SESSION['user_id']), false); if ($row) { if ($row->country_id > 0) { $_SESSION['CountryCode'] = $row->country_id; } else { unset($_SESSION['CountryCode']); } } else { unset($_SESSION['CountryCode']); } } }
$registry->config = new Config($registry, array('path' => $registry->ini_dir . '/uthando.ini.php')); $registry->db_default = $registry->config->get('core', 'DATABASE') . '.'; $registry->core = $registry->config->get('core', 'DATABASE') . '.'; $registry->user = $registry->config->get('user', 'DATABASE') . '.'; $registry->sessions = $registry->config->get('session', 'DATABASE') . '.'; $registry->dbug = $registry->config->get('dbug', 'SERVER'); $registry->compress_files = $registry->config->get('compress_files', 'SERVER'); $uthando = new AjaxContent($registry); $uthando->timer = new Benchmark_Timer(); $uthando->timer->start(); $registry->template = $registry->config->get('site_template', 'SERVER'); $uthando->setTemplate(__SITE_PATH . '/templates/' . $registry->template . '/ajax_content.php'); $uthando->AddParameter('MERCHANT_NAME', $registry->config->get('site_name', 'SERVER')); $registry->session = new Session($registry); UthandoUser::setUserInfo(); if (UthandoUser::authorize()) { $registry->loggedInUser = true; $uthando->AddParameter('LOGIN_STATUS', "<p>You are logged in as: " . $_SESSION['name'] . "</p>"); } else { $registry->loggedInUser = false; } try { $registry->db = new UthandoDB($registry); // Load component. $uthando->loadComponent(); // Get Modules and add them. $uthando->addModules(); } catch (PDOException $e) { $registry->Error($e->getMessage(), $e); } if ($registry->component_css) {
<?php // no direct access defined('PARENT_FILE') or die('Restricted access'); if (UthandoUser::checkUser() && !UthandoUser::authorize()) { // Apply form element filters. $form->applyFilter('__ALL__', 'escape_data'); $email = $form->exportValue('email'); $rand_chars = $_SESSION['rand_chars']; unset($_SESSION['rand_chars']); foreach ($rand_chars as $key => $value) { $password[$value] = $form->exportValue('pwd' . $key); } // If user exists then login user else display form. $sql = $this->registry->db->query("\n\t\tSELECT user_id, CONCAT(first_name, ' ', last_name) AS name, user_group, password, iv\n\t\tFROM " . $this->registry->user . "users\n\t\tNATURAL JOIN " . $this->registry->user . "user_groups\n\t\tWHERE email = :email\n\t\tAND user_group='registered'\n\t", array(':email' => $email)); $num_rows = count($sql); if ($num_rows == 1) { // login user. $row = $sql[0]; // decrypt password. $decrypted = UthandoUser::decodePassword($row->password, $user_config->get('key', 'cipher'), $row->iv); // split the password for checking. $decrypted = str_split($decrypted); // check password against the characters submitted foreach ($password as $key => $value) { $pwd_validate[$key] = $value == $decrypted[$key - 1] ? true : false; } // did it pass? $validated = true; foreach ($pwd_validate as $value) { if (!$value) {
<? // no direct access defined( 'PARENT_FILE' ) or die( 'Restricted access' ); if (!UthandoUser::authorize()): $form = new HTML_QuickForm('login', 'post', '/user/register'); $user_config = new Config($this->registry, array('path' => $this->registry->ini_dir.'/user/user.ini.php')); // Remove name attribute for xhtml strict compliance. $form->removeAttribute('name'); // Add form elements. // Grouped elements $name['first'] = &HTML_QuickForm::createElement('text', 'first', null, array('size' => 20, 'class' => 'inputbox')); $name['last'] = &HTML_QuickForm::createElement('text', 'last', null, array('size' => 30, 'class' => 'inputbox')); $form->addGroup($name, 'name', 'Name (first, last):', ' '); $form->addElement('text', 'email1', 'Enter your email address:', array('size' => 20, 'maxlength' => 100, 'class' => 'inputbox')); $form->addElement('text', 'email2', 'Comfirm your email address:', array('size' => 20, 'maxlength' => 100, 'class' => 'inputbox')); $form->addElement('password', 'password1', 'Set your password:'******'size' => 15, 'maxlength' => 12, 'class' => 'inputbox')); $form->addElement('password', 'password2', 'Comfirm your password:'******'size' => 15, 'maxlength' => 12, 'class' => 'inputbox')); // set up rules. // name rules // Define the rules for each element in the group $first_name_rule_1 = array('First Name is required','required');
public function retrieveCart() { if (UthandoUser::authorize()) { if (isset($_SESSION['cart'])) { if (!$this->getCart()) { $this->insertCart($_SESSION['cart']); } } $cart = $this->getCart(); return new UShop_ShoppingCart($this->registry, $cart); } else { $cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : null; return new UShop_ShoppingCart($this->registry, $cart); } }