/**
* add new client account to database
*
*/
function __createAccount()
{
//profiling
$this->data['controller_profiling'][] = __FUNCTION__;
//flow control
$next = true;
//prevent direct access
if (!isset($_POST['submit'])) {
//redirect to form instead
redirect('common/signup');
}
//prefill forms with post data
foreach ($_POST as $key => $value) {
$this->data['fields']['new_client'][$key] = $value;
}
//form validation
if (!$this->__flmFormValidation('client_signup')) {
//show error
$this->notices('error', $this->form_processor->error_message, 'html');
//halt
$next = false;
}
//validate optional fields
if ($next) {
$error = '';
for ($i = 1; $i <= 3; $i++) {
//the field names; values; required state
$field_name = "clients_optionalfield{$i}";
$wi_field_name = "wi_clients_optionalfield{$i}";
$field_required = "wi_clients_optionalfield{$i}" . "_required";
$field_title = $this->data['row'][$field_name];
//process each required field
if ($this->data['visible'][$field_required] == 1) {
//is there post data
if ($this->input->post($field_name) == '') {
//error
$error .= "{$field_title} - is required <br/>";
//halt
$next = false;
}
}
//add field to mysql array (for use in model) if its enabled
if ($this->data['visible'][$wi_field_name] == 1) {
$mysql_client_optional_fields[] = $field_name;
}
}
//show error
if (!$next) {
$this->notices('error', $error, 'html');
}
}
//validate captcha
if ($next) {
if (!validate_captcha($this->input->post('captcha_text'))) {
//show error
$this->notices('error', $this->data['lang']['lang_incorrect_security_text'], 'html');
//generate a new cptch image
$this->data['vars']['captcha_image'] = new_captcha();
//halt
$next = false;
}
}
//save information to database & get the id of this new client
if ($next) {
$client_id = $this->clients_model->addClients();
$this->data['debug'][] = $this->clients_model->debug_data;
if (!$client_id) {
//halt
$next = false;
}
}
//save user details & get the id of this new user
if ($next) {
//create a password (fake post)
$_POST['client_users_password'] = random_string('alnum', 8);
//add user to database
$client_users_id = $this->users_model->addUser($client_id);
$this->data['debug'][] = $this->users_model->debug_data;
if (!$client_users_id) {
//halt
$next = false;
}
}
//update primary contact & make this new user the primary contact
if ($next) {
$result = $this->users_model->updatePrimaryContact($client_id, $client_users_id);
$this->data['debug'][] = $this->users_model->debug_data;
if (!$result) {
//halt
$next = false;
}
}
//results
//all is ok
if ($next) {
//send email to client
$this->__emailer('new_client_welcome_client');
//send email to admin
$this->__emailer('new_client_admin');
//show login page
$this->data['template_file'] = PATHS_CLIENT_THEME . 'login.html';
$this->data['visible']['wi_login_form'] = 1;
//show success message
$this->notices('success', $this->data['lang']['lang_account_created_check_email'], 'html');
//delete captch session - to help avoid user refreshing post
$this->session->unset_userdata('captacha_word');
} else {
$this->notifications('wi_notification', $this->data['lang']['lang_an_error_has_occurred']);
}
}
$temp_file = md5(microtime() . uniqid(rand(), true)) . "_" . $bid;
if (move_uploaded_file($_FILES['filename']['tmp_name'], "include/files/" . $temp_file)) {
if (extension_loaded("gd")) {
mkthumb($temp_file);
}
} else {
$error[] = "_FILEUPLOADFAIL";
}
}
//save file to db
if (!$error) {
//save it to db
$query = mysql_query("INSERT INTO `" . $config->db_prefix . "_files` (`upload_time`,`down_count`,`bid`,`demo_file`,`demo_real`,`comment`,`name`,`email`,`file_size`,`addr`) \n\t\t\t\tVALUES (UNIX_TIMESTAMP(),0," . $bid . ",'" . $temp_file . "','" . $real_file . "','" . $comment . "','" . $name . "','" . $email . "'," . $_FILES['filename']['size'] . ",'" . $_SERVER["REMOTE_ADDR"] . "')") or die(mysql_error());
$msg_demo = "_FILEUPLOADSUCCESS";
}
new_captcha();
$smarty->assign("upload_error", $error);
$smarty->assign("demo_layer", 1);
}
//download file
if (isset($_POST["down_demo_x"]) && isset($_POST["did"])) {
global $config;
//get file name from db
$query = mysql_query("SELECT `demo_file`,`demo_real`,`file_size` FROM `" . $config->db_prefix . "_files` WHERE `id`=" . (int) $_POST["did"] . " LIMIT 1") or die(mysql_error());
$result = mysql_fetch_object($query);
$file_local = $config->path_root . "/include/files/" . $result->demo_file;
$file_real = $result->demo_real;
$file_size = $result->file_size;
if (!file_exists($file_local)) {
$error[] = "_FILENOTAVAILABLE";
}