/** * Метод вывода сообщения (Сообщение добавлено, Защита от спама, Неверный код и т.д.) * * @param string $msg * @param string $goto * @param string $tpl */ function _guestbookMessageShow($msg = '', $goto = '') { global $AVE_Template, $mod; //$goto = ($goto == '') ? 'index.php?module=guestbook' : $goto; $msg = str_replace('%%GoTo%%', get_referer_link(), $msg); $AVE_Template->assign('theme_folder', THEME_FOLDER); $AVE_Template->assign('GoTo', get_referer_link()); $AVE_Template->assign('content', $msg); $tpl_out = $AVE_Template->fetch($mod['tpl_dir'] . 'redirect.tpl'); echo $tpl_out; exit; }
function bannerClickCount($banner_id) { global $AVE_DB; if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'go') { $banner_url = $AVE_DB->Query("\r\n\t\t\t\tSELECT banner_url\r\n\t\t\t\tFROM " . PREFIX . "_modul_banners\r\n\t\t\t\tWHERE Id = '" . $banner_id . "'\r\n\t\t\t\tLIMIT 1\r\n\t\t\t")->GetCell(); if (!empty($banner_url)) { $AVE_DB->Query("\r\n\t\t\t\t\tUPDATE " . PREFIX . "_modul_banners\r\n\t\t\t\t\tSET banner_clicks = banner_clicks + 1\r\n\t\t\t\t\tWHERE Id = '" . $banner_id . "'\r\n\t\t\t\t"); header('Location:' . $banner_url); exit; } } header('Location:' . get_referer_link()); exit; }
$tpl_dir = BASE_DIR . '/modules/login/templates/'; $lang_file = BASE_DIR . '/modules/login/lang/' . $_SESSION['user_language'] . '.txt'; if (!@(require BASE_DIR . '/modules/login/class.login.php')) { module_error(); } $login = new Login($tpl_dir, $lang_file); switch ($_REQUEST['action']) { case 'wys': if (isset($_REQUEST['sub']) && $_REQUEST['sub'] == 'on') { if (check_permission('documents')) { $_SESSION['user_adminmode'] = 1; } } else { unset($_SESSION['user_adminmode']); } header('Location:' . get_referer_link()); exit; case 'wys_adm': if (isset($_REQUEST['sub']) && $_REQUEST['sub'] == 'on') { if (check_permission('documents')) { $_SESSION['user_adminmode'] = 1; } } else { unset($_SESSION['user_adminmode']); } header('Location:' . get_home_link()); exit; case 'login': $login->loginUserLogin(); break; case 'logout':
if (empty($_POST['action'])) { header("Location:" . get_referer_link()); } else { $AVE_Template->display(BASE_DIR . '/modules/basket/templates/basket_show.tpl'); } exit; case 'order': define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE')); define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_show.tpl')); break; case 'update': $product_delete = isset($_REQUEST['product_delete']) ? $_REQUEST['product_delete'] : null; $product_quantity = isset($_REQUEST['product_quantity']) ? $_REQUEST['product_quantity'] : null; $oBasket->basketOrderUpdate($product_quantity, $product_delete); if (empty($_POST['action'])) { header("Location:" . get_referer_link()); } else { $AVE_Template->display(BASE_DIR . '/modules/basket/templates/order_show.tpl'); } exit; case 'form': define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE')); define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_form.tpl')); break; case 'send': $oBasket->basketOrderSend(); define('MODULE_SITE', $AVE_Template->get_config_vars('BASKET_TITLE')); define('MODULE_CONTENT', $AVE_Template->fetch(BASE_DIR . '/modules/basket/templates/order_finish.tpl')); break; } }
/** * Регистрация новой учетной записи пользователя * */ function loginNewUserRegister() { global $AVE_DB, $AVE_Template; if (isset($_SESSION['user_id']) || isset($_SESSION['user_pass'])) { header('Location:' . get_referer_link()); exit; } if (empty($_SESSION['referer'])) { $referer = get_referer_link(); $_SESSION['referer'] = false === strstr($referer, 'module=login') ? $referer : get_home_link(); } $AVE_Template->config_load($this->_lang_file, 'registernew'); define('MODULE_SITE', $AVE_Template->get_config_vars('LOGIN_TEXT_REGISTER')); if ($this->_loginSettingsGet('login_antispam')) { define('ANTISPAM', 1); } switch ($this->_loginSettingsGet('login_status')) { case '1': switch ($_REQUEST['sub']) { case 'register': $error = array(); $_POST['user_name'] = !empty($_POST['user_name']) ? trim($_POST['user_name']) : ''; $_POST['reg_email'] = !empty($_POST['reg_email']) ? trim($_POST['reg_email']) : ''; $_POST['reg_email_return'] = !empty($_POST['reg_email_return']) ? trim($_POST['reg_email_return']) : ''; // ЛОГИН if (empty($_POST['user_name'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_L_EMPTY'); } elseif (!ctype_alnum($_POST['user_name'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LOGIN'); } elseif ($this->_loginUserNameExistsCheck($_POST['user_name'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_L_INUSE'); } // EMAIL if (empty($_POST['reg_email'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_EM_EMPTY'); } elseif (!preg_match($this->_regex_email, $_POST['reg_email'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_EMAIL'); } else { if ($this->_loginEmailExistCheck($_POST['reg_email'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_INUSE'); } if (!$this->_loginEmailDomainInBlacklistCheck($_POST['reg_email'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_DOMAIN_FALSE'); } if (!$this->_loginEmailInBlacklistCheck($_POST['reg_email'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_EMAIL_FALSE'); } } // ПАРОЛЬ if (empty($_POST['reg_pass'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_PASS'); } elseif (mb_strlen($_POST['reg_pass']) < 5) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_SHORT_PASS'); } elseif (preg_match($this->_regex, $_POST['reg_pass'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_SYM_PASS'); } // ИМЯ if ($this->_loginFieldIsRequired('login_require_firstname') && empty($_POST['reg_firstname'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_FN_EMPTY'); } if (!empty($_POST['reg_firstname']) && preg_match($this->_regex, $_POST['reg_firstname'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_FIRSTNAME'); } // ФАМИЛИЯ if ($this->_loginFieldIsRequired('login_require_lastname') && empty($_POST['reg_lastname'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LN_EMPTY'); } if (!empty($_POST['reg_lastname']) && preg_match($this->_regex, $_POST['reg_lastname'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WRONG_LASTNAME'); } // КАПЧА if (defined("ANTISPAM")) { if (empty($_POST['reg_secure'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WROND_E_SCODE'); } elseif (!(isset($_SESSION['captcha_keystring']) && $_POST['reg_secure'] == $_SESSION['captcha_keystring'])) { $error[] = $AVE_Template->get_config_vars('LOGIN_WROND_SCODE'); } unset($_SESSION['captcha_keystring']); } if (count($error)) { $AVE_Template->assign('errors', $error); if (defined('ANTISPAM')) { $AVE_Template->assign('im', 1); } $this->_loginRequiredFieldFetch(); $AVE_Template->assign('available_countries', get_country_list(1)); define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register.tpl')); } else { $status = 0; $emailcode = md5(rand(100000, 999999)); switch ($this->_loginSettingsGet('login_reg_type')) { case 'now': $email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_1')); $email_body = str_replace("%NAME%", $_POST['user_name'], $email_body); $email_body = str_replace("%HOST%", get_home_link(), $email_body); $email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body); $email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body); $status = 1; $link = $this->_reg_now; break; case 'email': $email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_2') . $AVE_Template->get_config_vars('LOGIN_MESSAGE_3')); $email_body = str_replace("%NAME%", $_POST['user_name'], $email_body); $email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body); $email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body); $email_body = str_replace("%REGLINK%", get_home_link() . "index.php" . "?module=login" . "&action=register" . "&sub=registerfinal" . "&emc=" . $emailcode, $email_body); $email_body = str_replace("%HOST%", get_home_link(), $email_body); $email_body = str_replace("%CODE%", $emailcode, $email_body); $link = $this->_reg_email; break; case 'byadmin': $email_body = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_2') . $AVE_Template->get_config_vars('LOGIN_MESSAGE_4')); $email_body = str_replace("%NAME%", $_POST['user_name'], $email_body); $email_body = str_replace("%KENNWORT%", $_POST['reg_pass'], $email_body); $email_body = str_replace("%EMAIL%", $_POST['reg_email'], $email_body); $email_body = str_replace("%HOST%", get_home_link(), $email_body); $link = $this->_reg_admin; break; } $bodytoadmin = str_replace("%N%", "\n", $AVE_Template->get_config_vars('LOGIN_MESSAGE_5')); $bodytoadmin = str_replace("%NAME%", $_POST['user_name'], $bodytoadmin); $bodytoadmin = str_replace("%EMAIL%", $_POST['reg_email'], $bodytoadmin); $salt = make_random_string(); $md5_pass_salt = md5(md5($_POST['reg_pass'] . $salt)); $AVE_DB->Query("\r\n\t\t\t\t\t\t\t\tINSERT\r\n\t\t\t\t\t\t\t\tINTO " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tId = '',\r\n\t\t\t\t\t\t\t\t\tuser_name = '" . $_POST['user_name'] . "',\r\n\t\t\t\t\t\t\t\t\tpassword = '******',\r\n\t\t\t\t\t\t\t\t\tfirstname = '" . $_POST['reg_firstname'] . "',\r\n\t\t\t\t\t\t\t\t\tlastname = '" . $_POST['reg_lastname'] . "',\r\n\t\t\t\t\t\t\t\t\tuser_group = '" . $this->_newuser_group . "',\r\n\t\t\t\t\t\t\t\t\treg_time = '" . time() . "',\r\n\t\t\t\t\t\t\t\t\tstatus = '" . (int) $status . "',\r\n\t\t\t\t\t\t\t\t\temail = '" . $_POST['reg_email'] . "',\r\n\t\t\t\t\t\t\t\t\temc = '" . addslashes($emailcode) . "',\r\n\t\t\t\t\t\t\t\t\tcountry = '" . strtoupper($_POST['country']) . "',\r\n\t\t\t\t\t\t\t\t\treg_ip = '" . addslashes($_SERVER['REMOTE_ADDR']) . "',\r\n\t\t\t\t\t\t\t\t\ttaxpay = '1',\r\n\t\t\t\t\t\t\t\t\tcompany = '" . @$_POST['company'] . "',\r\n\t\t\t\t\t\t\t\t\tsalt = '" . addslashes($salt) . "'\r\n\t\t\t\t\t\t\t"); if ($status == 1) { $_SESSION['user_id'] = $AVE_DB->InsertId(); $_SESSION['user_name'] = get_username(stripslashes($_POST['user_name']), stripslashes($_POST['reg_firstname']), stripslashes($_POST['reg_lastname'])); $_SESSION['user_email'] = $_POST['reg_email']; $_SESSION['user_pass'] = $md5_pass_salt; $_SESSION['user_group'] = $this->_newuser_group; $_SESSION['user_country'] = strtoupper($_POST['country']); $_SESSION['user_ip'] = addslashes($_SERVER['REMOTE_ADDR']); } $SystemMail = get_settings('mail_from'); $SystemMailName = get_settings('mail_from_name'); send_mail($SystemMail, $bodytoadmin, $AVE_Template->get_config_vars('LOGIN_SUBJECT_ADMIN'), $SystemMail, $SystemMailName, 'text'); send_mail($_POST['reg_email'], $email_body, $AVE_Template->get_config_vars('LOGIN_SUBJECT_USER'), $SystemMail, $SystemMailName, 'text'); header('Location:' . $link); exit; } break; case 'thankyou': $AVE_Template->config_load($this->_lang_file); define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_thankyou.tpl')); break; case 'registerfinal': if (isset($_REQUEST['emc']) && $_REQUEST['emc'] != '') { $row = $AVE_DB->Query("\r\n\t\t\t\t\t\t\t\tSELECT *\r\n\t\t\t\t\t\t\t\tFROM " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\tWHERE emc = '" . $_REQUEST['emc'] . "'\r\n\t\t\t\t\t\t\t")->FetchRow(); if ($row) { // $AVE_Template->assign('reg_type', $reg_type); $AVE_Template->assign('final', 'ok'); $AVE_DB->Query("\r\n\t\t\t\t\t\t\t\t\tUPDATE " . PREFIX . "_users\r\n\t\t\t\t\t\t\t\t\tSET status = '1'\r\n\t\t\t\t\t\t\t\t\tWHERE emc = '" . $_REQUEST['emc'] . "'\r\n\t\t\t\t\t\t\t\t"); $_SESSION['user_id'] = $row->Id; $_SESSION['user_pass'] = $row->password; $_SESSION['user_email'] = $row->email; $_SESSION['user_name'] = get_username($row->user_name, $row->firstname, $row->lastname); $_SESSION['user_ip'] = addslashes($_SERVER['REMOTE_ADDR']); $_SESSION['user_group'] = $this->_newuser_group; } } define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_final.tpl')); break; case 'thankadmin': $AVE_Template->config_load($this->_lang_file); define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register_admin.tpl')); break; case '': default: if (defined('ANTISPAM')) { $AVE_Template->assign('im', 1); } $this->_loginRequiredFieldFetch(); $AVE_Template->assign('available_countries', get_country_list(1)); define('MODULE_CONTENT', $AVE_Template->fetch($this->_tpl_dir . 'register.tpl')); break; } break; case '0': define('MODULE_CONTENT', $AVE_Template->get_config_vars('LOGIN_NOT_ACTIVE')); break; } }
function showBasket() { global $AVE_Template; if (isset($_REQUEST['refresh']) && $_REQUEST['refresh'] == 1) { if (isset($_POST['del_product']) && is_array($_POST['del_product'])) { foreach ($_POST['del_product'] as $id => $Artikel) { unset($_SESSION['Product'][$id]); } header('Location:' . get_referer_link()); exit; } if (isset($_POST['amount']) && is_array($_POST['amount'])) { foreach ($_POST['amount'] as $id => $Artikel) { if ($Artikel >= 1) { $_SESSION['Product'][$id] = $Artikel; } } header('Location:' . get_referer_link()); exit; } } $this->_globalProductInfo(); $AVE_Template->assign('VatZones', $this->_showVatZones()); $tpl_out = $AVE_Template->fetch($GLOBALS['mod']['tpl_dir'] . $this->_shop_basket_tpl); define('MODULE_CONTENT', $tpl_out); define('MODULE_SITE', $GLOBALS['mod']['config_vars']['PageName'] . $GLOBALS['mod']['config_vars']['PageSep'] . $GLOBALS['mod']['config_vars']['ShopBasket']); }