function check_cust_login()
{
if (!empty($_SESSION)) {
if (isset($_SESSION["cust_login"])) {
if ($_SESSION["cust_login"] === true) {
$cust_email = $_SESSION["cust_email"];
$cust_email = trim($cust_email);
$cust_email = stripslashes($cust_email);
$cust_email = htmlspecialchars($cust_email);
if (check_email_exist($cust_email) === true) {
if (check_cust_suspension($cust_email) === false) {
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
include 'functions/global_functions.php';
$_error = '';
if (!isset($_POST['Username']) || !isset($_POST['Password']) || !isset($_POST['RepeatPassword']) || !isset($_POST['Email']) || !isset($_POST['RepeatEmail']) || !isset($_POST['Country']) || !isset($_POST['Age']) || !isset($_POST['foundus']) || !isset($_POST['robot1']) || !isset($_POST['robot2'])) {
$_error = $_error . 'regerror=1&errtype=';
header('Location: ../register?' . $_error);
} else {
if (check_user_exist($_POST['Username']) > 0) {
$_error = $_error . 'A';
}
if (strlen($_POST['Username']) < 3) {
$_error = $_error . 'B';
}
if (strlen($_POST['Password']) < 8) {
$_error = $_error . 'C';
}
if (check_email_exist($_POST['Email']) > 0) {
$_error = $_error . 'D';
}
if (strlen($_POST['Email']) < 10) {
$_error = $_error . 'E';
}
if (strlen($_POST['Country']) < 2) {
$_error = $_error . 'F';
}
if (strlen($_POST['Age']) < 2) {
$_error = $_error . 'G';
}
if (strlen($_POST['foundus']) < 5) {
$_error = $_error . 'H';
}
if (strlen($_POST['robot1']) < 1) {
unset($_GET);
}
$alert = 'Invalid point of entry';
} else {
$GET_email = htmlspecialchars($_GET["email"]);
if (check_email_exist($GET_email) === true && check_email_confirmed($GET_email) === false) {
if (send_confirm_email_again($GET_email) === true) {
$content = "<h3>Another confirmation email has been sent to " . $GET_email . "</h3>\n\t\t\t\t\t\t\t <p>Please confirm your email by clicking the link provided inside the email before proceeding to login</p>\n\t\t\t\t\t\t\t <p>If you haven't received the email, please allow up to 30 minutes for it to arrive and also check your Junk Mail folder.</p>\n\t\t\t\t\t\t\t <div class='notice_box'><h4>*** Important Notice ***</h4>\n\t\t\t\t\t\t\t <p>To prevent any possible abuse, we only allow up to 5 confirmation emails to be sent per email address.</p>\n\t\t\t\t\t\t\t </div>\n\t\t\t\t\t\t\t <h4>Having problem confirming your email address?</h4>\n\t\t\t\t\t\t\t <p>Please give us a call at 1 (562) 860-6108 or <a href='https://www.nayadathai.com/send_comment.php?direction=developer'>submit an email to us</a></p>";
$content .= '
<h4>Still didn\'t get our email?</h4>
<p><a class="show_wait_box" href="confirm_email.php?action=again&email=' . $GET_email . '">Click here to let us send the confirmation email to you again<a></p>';
} else {
$content = "<h3>We're sorry, we cannot send any more email to this email addreess</h3>\n\t\t\t\t\t\t\t\t<p>To prevent any possible abuse, we only allow up to 5 confirmation emails to be sent</p>\n\t\t\t\t\t\t\t\t<p>If you encounter any problem confirming your email, Please give us a call at 1 (562) 860-6108 or <a href='https://www.nayadathai.com/send_comment.php?direction=developer'>submit an email to us</a></p>";
}
// end else ( if the max limit has been reached )
} elseif (check_email_exist($GET_email) === true && check_email_confirmed($GET_email) === true) {
if (isset($_GET)) {
unset($_GET);
}
$alert = 'This email has already been confirmed';
} else {
if (isset($_GET)) {
unset($_GET);
}
$alert = 'Invalid email address';
}
// end else ( if the email has already been confirmed )
}
// end else ( if $_GET email is set )
} else {
if (isset($_GET)) {
$_SESSION["redirect_on_logging_in"] = "https://www.nayadathai.com/send_comment.php";
}
$title = "Please login to send comments";
}
}
// end elseif GET["redirect"] is set
}
// end if GET is set
// Evaluate form here
if (isset($_POST["submit"])) {
if (!isset($_SESSION["cust_login"])) {
if (clean_input($_POST["submit"]) === "login") {
if (!empty($_POST["email"]) && !empty($_POST["password"])) {
$email = clean_input($_POST["email"]);
$password = clean_input($_POST["password"]);
if (check_email_exist($email) === true) {
if (check_email_confirmed($email) === true) {
if (get_cust_single_info($email, "suspension") == 0) {
if (check_need_captcha($email) === false) {
if (validate_password($email, $password) === true) {
login($email);
if (isset($_SESSION["redirect_on_logging_in"])) {
$location = clean_input($_SESSION["redirect_on_logging_in"]);
unset($_SESSION["redirect_on_logging_in"]);
redirect($location);
} else {
// setup urls
if ($url_set == 1 || $url_set == 2) {
redirect("order.php?tab=2");
} elseif ($url_set == 3) {
redirect("https://www.nayadathai.com/order.php?tab=2");
function register_user($username, $_new_password, $re_password, $email, $re_email, $country, $age, $foundus, $robot1, $total = 0, $robot2, $checktext = NULL)
{
$_error = '';
if (check_user_exist($username) > 0) {
$_error = $_error . 'A';
}
if (strlen($username) < 3) {
$_error = $_error . 'B';
}
if (strlen($_new_password) < 8) {
$_error = $_error . 'C';
}
if (check_email_exist($email) > 0) {
$_error = $_error . 'D';
}
if (strlen($email) < 10) {
$_error = $_error . 'E';
}
if (strlen($country) < 2) {
$_error = $_error . 'F';
}
if (strlen($age) < 2) {
$_error = $_error . 'G';
}
if (strlen($foundus) < 5) {
$_error = $_error . 'H';
}
if (strlen($robot1) < 1) {
$_error = $_error . 'I';
}
if (strlen($robot2) < 1) {
$_error = $_error . 'J';
}
if ($_new_password != $re_password) {
$_error = $_error . 'K';
}
if ($email != $re_email) {
$_error = $_error . 'L';
}
if ($robot1 != $total) {
$_error = $_error . 'M';
}
if (strtoupper($robot2) != $checktext) {
$_error = $_error . 'N';
}
if (strlen($_error) > 0) {
echo "<script> window.location.href = 'register?regerror=1&errtype={$_error}';</script>";
} else {
$encr_password = encrypt($username, $_new_password);
global $DB_HOST, $DB_USERNAME, $DB_PASSWORD, $DB_AUTH;
$con = connect($DB_HOST, $DB_USERNAME, $DB_PASSWORD);
$sql = "INSERT INTO " . $DB_AUTH . ".account (username, sha_pass_hash, email, country, age, foundus) VALUES (?,?,?,?,?,?)";
if ($stmt = $con->prepare($sql)) {
$stmt->bind_param("ssssss", $username, $encr_password, $email, $country, $age, $foundus);
$stmt->execute();
$stmt->close();
}
$con->close();
//echo "<script> window.location.href = 'inc/success?page=register&user=$username';</script>";
header('Location: register?success');
}
}
function register_user($username, $email, $password, $repassword, $humtst = 0, $total = 0)
{
if ($password != $repassword) {
echo "<font color='#ff0000;'>Passwords does not match <br></font>";
} else {
$new_password = encrypt($username, $password);
}
$sql = "INSERT INTO `account` (`username`, `sha_pass_hash`, `email`) VALUES (?,?,?)";
global $db_ip, $db_user, $db_password, $db_auth;
$con = connect($db_ip, $db_user, $db_password, $db_auth);
if (check_user_exist($username) > 0) {
echo "<font color='#ff0000;'>This username is already in use<br></font>";
}
if (check_email_exist($email) > 0) {
echo "<font color='#ff0000;'>This email is already in use<br></font>";
}
if (validate_email($email) == false) {
echo "<font color='#ff0000;'>This email is not valid, using a valid email will help us to aid you in case of a problem related to your account<br></font>";
}
if ($total > 0) {
if ($humtst != $total) {
echo "<font color='#ff0000;'>Human verification failed <br></font>";
} else {
if (check_user_exist($username) == 0 && check_email_exist($email) == 0) {
if ($stmt = $con->prepare($sql)) {
$stmt->bind_param("sss", $username, $new_password, $email);
$stmt->execute();
$stmt->close();
echo "<script type='text/javascript'>window.location.href = '?success={$username}';</script>";
}
} else {
echo "<font color='#ff0000;'>Please fix the errors and try again</font>";
}
}
} else {
if (check_user_exist($username) == 0 && check_email_exist($email) == 0 && validate_email($email) != false) {
if ($stmt = $con->prepare($sql)) {
$stmt->bind_param("sss", $username, $new_password, $email);
$stmt->execute();
$stmt->close();
echo "<script type='text/javascript'>window.location.href = '?success={$username}';</script>";
}
} else {
echo "<font color='#ff0000;'>Please fix the errors and try again</font>";
}
}
$con->close();
}
}
}
// end if action === reset
}
// end if action is set
}
// end if GET is set
// Evaluate POST values
if (isset($_POST["submit"])) {
if (clean_input($_POST["submit"]) === "request_reset") {
if (!empty($_POST["email"])) {
$cust_email = clean_input($_POST["email"]);
}
if (!empty($_POST["email"]) && !empty($_POST['g-recaptcha-response'])) {
if (validate_captcha($_POST['g-recaptcha-response']) === true) {
if (check_email_exist($cust_email) === true) {
if (prep_reset_password_email($cust_email) === true) {
$alert = "An email has been sent to the email address you've entered<br /><br />Please follow the link in the mentioned email to reset your password<br /><br />Please note: If you've requested multiple password resets, only the link in the latest email would work";
$appearance = "alert_only";
unset($_POST);
unset($cust_email);
}
// end if email is sent
} else {
$alert = "No such email address exists in our database";
}
// end else ( if email does not exist )
} else {
$alert = "reCAPTCHA validation failed!<br />Please complete reCAPTCHA again";
}
// end else