function CustomersUpdate() { global $_POST, $Lang_folder; $customers_id = -1; // include PW function require_once DIR_FS_INC . 'olc_encrypt_password.inc.php'; if (isset($_POST['cID'])) { $customers_id = olc_db_prepare_input($_POST['cID']); } // security check, if user = admin, dont allow to perform changes if ($customers_id != -1) { $sec_query = olc_db_query("SELECT customers_status FROM " . TABLE_CUSTOMERS . " where customers_id='" . $customers_id . "'"); $sec_data = olc_db_fetch_array($sec_query); if ($sec_data['customers_status'] == 0) { print_xml_status(120, $_POST['action'], 'CAN NOT CHANGE ADMIN USER!', '', '', ''); return; } } $sql_customers_data_array = array(); if (isset($_POST['customers_cid'])) { $sql_customers_data_array['customers_cid'] = $_POST['customers_cid']; } if (isset($_POST['customers_firstname'])) { $sql_customers_data_array['customers_firstname'] = $_POST['customers_firstname']; } if (isset($_POST['customers_lastname'])) { $sql_customers_data_array['customers_lastname'] = $_POST['customers_lastname']; } if (isset($_POST['customers_dob'])) { $sql_customers_data_array['customers_dob'] = $_POST['customers_dob']; } if (isset($_POST['customers_email'])) { $sql_customers_data_array['customers_email_address'] = $_POST['customers_email']; } if (isset($_POST['customers_tele'])) { $sql_customers_data_array['customers_telephone'] = $_POST['customers_tele']; } if (isset($_POST['customers_fax'])) { $sql_customers_data_array['customers_fax'] = $_POST['customers_fax']; } if (isset($_POST['customers_gender'])) { $sql_customers_data_array['customers_gender'] = $_POST['customers_gender']; } if (isset($_POST['customers_password'])) { $sql_customers_data_array['customers_password'] = olc_encrypt_password($_POST['customers_password']); } $sql_address_data_array = array(); if (isset($_POST['customers_firstname'])) { $sql_address_data_array['entry_firstname'] = $_POST['customers_firstname']; } if (isset($_POST['customers_lastname'])) { $sql_address_data_array['entry_lastname'] = $_POST['customers_lastname']; } if (isset($_POST['customers_company'])) { $sql_address_data_array['entry_company'] = $_POST['customers_company']; } if (isset($_POST['customers_street'])) { $sql_address_data_array['entry_street_address'] = $_POST['customers_street']; } if (isset($_POST['customers_city'])) { $sql_address_data_array['entry_city'] = $_POST['customers_city']; } if (isset($_POST['customers_postcode'])) { $sql_address_data_array['entry_postcode'] = $_POST['customers_postcode']; } if (isset($_POST['customers_gender'])) { $sql_address_data_array['entry_gender'] = $_POST['customers_gender']; } if (isset($_POST['customers_country_id'])) { $country_code = $_POST['customers_country_id']; } $country_query = "SELECT countries_id FROM " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . $country_code . "' LIMIT 1"; $country_result = olc_db_query($country_query); $row = olc_db_fetch_array($country_result); $sql_address_data_array['entry_country_id'] = $row['countries_id']; $count_query = olc_db_query("SELECT count(*) as count FROM " . TABLE_CUSTOMERS . " WHERE customers_id='" . (int) $customers_id . "' LIMIT 1"); $check = olc_db_fetch_array($count_query); if ($check['count'] > 0) { $mode = 'SQL_UPDATE'; $address_book_result = olc_db_query("SELECT customers_default_address_id FROM " . TABLE_CUSTOMERS . " WHERE customers_id = '" . (int) $customers_id . "' LIMIT 1"); $customer = olc_db_fetch_array($address_book_result); olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' LIMIT 1"); olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' AND address_book_id = '" . $customer['customers_default_address_id'] . "' LIMIT 1"); olc_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customers_id . "' LIMIT 1"); } else { $mode = 'APPEND'; if (strlen($_POST['customers_password']) == 0) { // generate PW if empty $pw = olc_RandomString(8); $sql_customers_data_array['customers_password'] = olc_create_password($pw); } olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array); $customers_id = olc_db_insert_id(); $sql_address_data_array['customers_id'] = $customers_id; olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array); $address_id = olc_db_insert_id(); olc_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customers_id . "'"); olc_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '" . STANDARD_GROUP . "' where customers_id = '" . (int) $customers_id . "'"); olc_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customers_id . "', '0', now())"); } if (SEND_ACCOUNT_MAIL == true && $mode == 'APPEND' && $sql_customers_data_array['customers_email_address'] != '') { // generate mail for customer if customer=new require_once DIR_WS_CLASSES . 'class.phpmailer.php'; require_once DIR_FS_INC . 'olc_php_mail.inc.php'; require_once DIR_FS_INC . 'olc_add_tax.inc.php'; require_once DIR_FS_INC . 'olc_not_null.inc.php'; require_once DIR_FS_INC . 'changedataout.inc.php'; require_once DIR_FS_INC . 'olc_href_link.inc.php'; require_once DIR_FS_INC . 'olc_date_long.inc.php'; require_once DIR_FS_INC . 'olc_check_agent.inc.php'; $smarty = new Smarty(); //$smarty->assign('language', $check_status['language']); $smarty->assign('language', $Lang_folder); $smarty->caching = false; $smarty->template_dir = DIR_FS_CATALOG . 'templates'; $smarty->compile_dir = DIR_FS_CATALOG . 'cache/templates_c'; $smarty->config_dir = DIR_FS_CATALOG . 'lang'; $smarty->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/'); $smarty->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/images/'); $smarty->assign('NAME', $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname']); $smarty->assign('EMAIL', $sql_customers_data_array['customers_email_address']); $smarty->assign('PASSWORD', $pw); //$smarty->assign('language', $Lang_folder); $smarty->assign('content', $module_content); $smarty->caching = false; $html_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.html'); $txt_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.txt'); // send mail with html/txt template olc_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $sql_customers_data_array['customers_email_address'], $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail); } print_xml_status(0, $_POST['action'], 'OK', $mode, 'CUSTOMERS_ID', $customers_id); }
if ($IsUserModeEdit) { if ($EditAdressData) { /* display_checkbox_field('CHECKBOX_PRIMARY', $field_desc, $field_desc_size, 'primary','on', $error, $entry_error, $entry_error_desc); */ $smarty->assign('CHECKBOX_PRIMARY', olc_draw_checkbox_field('primary', 'on', false)); } } elseif ($get_all_data) { display_category_start(CATEGORY_OPTIONS); if ($IsCreateAccount) { if (!$IsGuest) { if ($customers_password == EMPTY_STRING) { if (!$IsUserMode) { require_once DIR_FS_INC . 'olc_create_password.inc.php'; $customers_password = olc_RandomString(8); //olc_create_password(8); $cInfo->customers_password = $customers_password; } } display_input_field('INPUT_PASSWORD', true, EMPTY_STRING, ENTRY_PASSWORD, EMPTY_STRING, 'customers_password', $cInfo->customers_password, MAX_LENGTH, MAX_SIZE, EMPTY_STRING, $error, $entry_password_error, ENTRY_PASSWORD_ERROR, EMPTY_STRING); } if ($IsUserMode) { $smarty->assign('CHECKBOX_NEWSLETTER', olc_draw_checkbox_field('newsletter', '1') . ENTRY_NEWSLETTER_TEXT); if (!$IsGuest) { display_input_field('INPUT_CONFIRMATION', true, EMPTY_STRING, ENTRY_PASSWORD_CONFIRMATION, EMPTY_STRING, 'customers_password_confirmation', $customers_password_confirmation, MAX_LENGTH, MAX_SIZE, EMPTY_STRING, $error, $entry_password_confirmation_error, ENTRY_PASSWORD_ERROR_NOT_MATCHING, EMPTY_STRING); } } else { $field_desc_width = 300; //EMPTY_STRING; // display_pulldown_menu(EMPTY_STRING, ENTRY_CUSTOMERS_STATUS, $field_desc_width, 'status', $cInfo->customers_status, $customers_statuses_array, $error, 0, EMPTY_STRING);
function olc_create_password($length) { $pass = olc_RandomString($lenght); return md5($pass); }