Not a valid scientist, Please log in again. <a href = 'LogoutModule.php'> <button>Login</button> </a> <?php return; } $pid = $_SESSION['personid']; echo "<form name='submit1' method='POST' action='subscribeModule.php'>"; $rows = get_sensors($conn); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $submit = $_POST['sensors']; $i = 0; foreach ($rows as $row) { if (!empty($submit) and in_array($row['SENSOR_ID'], $submit)) { add_subscription($conn, $row['SENSOR_ID'], $pid); } else { remove_subscription($conn, $row['SENSOR_ID'], $pid); } $i++; } echo "Subscribed to selected sensors. (Total:" . count(get_subscribed_sensors($conn, $pid)) . ")"; } echo "<table border='1' class='table table-hover'>"; echo "<tr><td>Subscribed</td><td>SENSOR_ID</td><td>LOCATION</td></tr>"; foreach ($rows as $row) { if (is_subscribed($conn, $row['SENSOR_ID'], $pid)) { echo "<tr><td><input type='checkbox' name='sensors[]' value='" . $row['SENSOR_ID'] . "' checked></td>"; echo "<td>" . $row['SENSOR_ID'] . "</td>"; echo "<td>" . $row['LOCATION'] . "</td></tr>"; } else {
set_session("session_new_user_id", $user_id); set_session("session_new_user_type_id", $type_id); } } if ($new_user_id && ($registration_total_steps == 1 || $registration_last_step == $registration_total_steps)) { $new_user_added = true; } else { $new_user_added = false; } // if user pass all steps if ($new_user_added) { // add subscription to the cart if ($is_subscription) { set_session("session_new_user", "expired"); include_once "./includes/shopping_cart.php"; add_subscription($type_id, $r->get_value("subscription_id"), $subscription_name); } // if user approved and he don't need to pay for his account login him automatically if ($r->get_value("is_approved") == 1 && !$is_subscription) { if ($user_id) { user_login("", "", $user_id, 0, "", false, $errors); } else { user_login("", "", $new_user_id, 0, "", false, $errors); } } } // notifications block if ($new_user_added) { $registration_date = $r->get_value("registration_date"); $registration_date_string = va_date($datetime_show_format, $registration_date); $admin_notification = get_setting_value($user_profile, "admin_notification", 0);
$cart_page = strlen($rp) ? get_custom_friendly_url("basket.php") . "?rp=" . urlencode($rp) : get_custom_friendly_url("basket.php"); header("Location: " . $cart_page); exit; } elseif ($settings["redirect_to_cart"] == 2) { header("Location: " . get_custom_friendly_url("checkout.php")); exit; } } } break; case "SUBSCRIPTION": // add subscription to the cart $sc_subscription_id = get_param("subscription_id"); $sc_group_id = get_param("group_id"); /* start of adding item to the cart */ $subscription_added = add_subscription(0, $sc_subscription_id, $sc_subscription_name, $sc_group_id); /* end of adding item to the cart */ if ($subscription_added) { $rp = get_param("rp"); if (isset($settings["redirect_to_cart"])) { if ($settings["redirect_to_cart"] == 1) { $cart_page = strlen($rp) ? get_custom_friendly_url("basket.php") . "?rp=" . urlencode($rp) : get_custom_friendly_url("basket.php"); header("Location: " . $cart_page); exit; } elseif ($settings["redirect_to_cart"] == 2) { header("Location: " . get_custom_friendly_url("checkout.php")); exit; } } } break;
function user_login($login, $password, $user_id, $remember_me, $redirect_page, $make_redirects, &$errors) { global $db, $table_prefix, $settings; global $site_id, $multisites_version; $is_errors = false; $secure_sessions = get_setting_value($settings, "secure_sessions", 0); $password_encrypt = get_setting_value($settings, "password_encrypt", 0); if ($password_encrypt == 1) { $password_match = md5($password); } else { $password_match = $password; } // prepare site urls $site_url = get_setting_value($settings, "site_url", ""); $secure_url = get_setting_value($settings, "secure_url", ""); $sql = " SELECT u.user_id, u.layout_id, u.user_type_id, u.is_approved, "; $sql .= " u.login, u.nickname, u.name, u.first_name, u.last_name, u.email, u.total_points, u.credit_balance, "; $sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, "; $sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, "; $sql .= " u.reward_type AS user_reward_type, u.reward_amount AS user_reward_amount, "; $sql .= " ut.reward_type AS group_reward_type, ut.reward_amount AS group_reward_amount, "; $sql .= " u.credit_reward_type AS user_credit_reward_type, u.credit_reward_amount AS user_credit_reward_amount, "; $sql .= " ut.credit_reward_type AS group_credit_reward_type, ut.credit_reward_amount AS group_credit_reward_amount, "; $sql .= " u.registration_last_step, u.registration_total_steps, "; $sql .= " ut.is_subscription, u.expiry_date, u.is_sms_allowed, "; $sql .= " u.tax_free AS user_tax_free, ut.tax_free AS group_tax_free, "; $sql .= " u.order_min_goods_cost AS user_min_goods, u.order_max_goods_cost AS user_max_goods, "; $sql .= " ut.order_min_goods_cost AS group_min_goods, ut.order_max_goods_cost AS group_max_goods, "; $sql .= " ut.price_type, c.currency_code, u.subscription_id "; $sql .= " FROM (((" . $table_prefix . "users u "; $sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) "; $sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_id=c.country_id) "; if ($multisites_version) { if (isset($site_id)) { $sql .= " LEFT JOIN " . $table_prefix . "user_types_sites AS uts ON uts.type_id=ut.type_id)"; $sql .= " WHERE (ut.sites_all=1 OR uts.site_id=" . $db->tosql($site_id, INTEGER, true, false) . ") AND "; } else { $sql .= ") WHERE ut.sites_all=1 AND "; } } else { $sql .= ") WHERE "; } if ($user_id) { $sql .= " u.user_id=" . $db->tosql($user_id, INTEGER); } else { $sql .= " u.login="******" AND u.password="******"user_id"); //Customization by Vital - wishlist sync if ($user_id) { sync_wishlist($user_id); } //END Customization - wishlist sync $layout_id = $db->f("layout_id"); $is_approved = $db->f("is_approved"); $is_sms_allowed = $db->f("is_sms_allowed"); $total_points = $db->f("total_points"); $credit_balance = $db->f("credit_balance"); $user_tax_free = $db->f("user_tax_free"); $group_tax_free = $db->f("group_tax_free"); $tax_free = $user_tax_free || $group_tax_free; $order_min_goods_cost = $db->f("user_min_goods"); if (!strlen($order_min_goods_cost)) { $order_min_goods_cost = $db->f("group_min_goods"); } $order_max_goods_cost = $db->f("user_max_goods"); if (!strlen($order_max_goods_cost)) { $order_max_goods_cost = $db->f("group_max_goods"); } // check account expiration date $expiry_date = $db->f("expiry_date", DATETIME); if (is_array($expiry_date)) { $expiry_date_ts = mktime(0, 0, 0, $expiry_date[MONTH], $expiry_date[DAY] + 1, $expiry_date[YEAR]); } else { $expiry_date_ts = $current_ts; } $user_type_id = $db->f("user_type_id"); $is_subscription = $db->f("is_subscription"); $registration_last_step = $db->f("registration_last_step"); $registration_total_steps = $db->f("registration_total_steps"); if ($registration_last_step < $registration_total_steps) { // if registration process wasn't finished set_session("session_new_user", "registration"); set_session("session_new_user_id", $user_id); set_session("session_new_user_type_id", $user_type_id); // check secure option $secure_user_profile = get_setting_value($settings, "secure_user_profile", 0); if ($secure_user_profile || $secure_sessions) { $user_profile_url = $secure_url . get_custom_friendly_url("user_profile.php"); } else { $user_profile_url = $site_url . get_custom_friendly_url("user_profile.php"); } if ($secure_sessions) { session_set_cookie_params(0, "/", "", true); session_regenerate_id(); } header("Location: " . $user_profile_url); exit; } elseif ($current_ts > $expiry_date_ts && $is_subscription) { // if user have to pay for subscription set_session("session_new_user", "expired"); set_session("session_new_user_id", $user_id); set_session("session_new_user_type_id", $user_type_id); // add some data into session for expired user as well $user_info = array("tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost); set_session("session_user_info", $user_info); include_once "./includes/shopping_cart.php"; add_subscription($user_type_id, "", $subscription_name); // check secure option $secure_order_profile = get_setting_value($settings, "secure_order_profile", 0); if ($secure_order_profile || $secure_sessions) { $order_info_url = $secure_url . get_custom_friendly_url("order_info.php"); } else { $order_info_url = $site_url . get_custom_friendly_url("order_info.php"); } if ($secure_sessions) { session_set_cookie_params(0, "/", "", true); session_regenerate_id(); } header("Location: " . $order_info_url); exit; } elseif ($current_ts <= $expiry_date_ts && $is_approved) { $login = $db->f("login"); $nickname = $db->f("nickname"); if (!strlen($nickname)) { $nickname = $login; } $email = $db->f("email"); $currency_code = $db->f("currency_code"); $user_discount_type = $db->f("user_discount_type"); $user_discount_amount = $db->f("user_discount_amount"); $group_discount_type = $db->f("group_discount_type"); $group_discount_amount = $db->f("group_discount_amount"); $user_reward_type = $db->f("user_reward_type"); $user_reward_amount = $db->f("user_reward_amount"); $group_reward_type = $db->f("group_reward_type"); $group_reward_amount = $db->f("group_reward_amount"); $user_credit_reward_type = $db->f("user_credit_reward_type"); $user_credit_reward_amount = $db->f("user_credit_reward_amount"); $group_credit_reward_type = $db->f("group_credit_reward_type"); $group_credit_reward_amount = $db->f("group_credit_reward_amount"); $price_type = $db->f("price_type"); $subscription_id = $db->f("subscription_id"); set_session("session_new_user", ""); set_session("session_new_user_id", ""); set_session("session_new_user_type_id", ""); set_session("session_user_id", $user_id); set_session("session_user_type_id", $user_type_id); set_session("session_user_login", $login); set_session("session_subscription_id", $subscription_id); if (strlen($db->f("name"))) { $user_name = $db->f("name"); } elseif (strlen($db->f("first_name")) || strlen($db->f("last_name"))) { $user_name = $db->f("first_name") . " " . $db->f("last_name"); } else { $user_name = $login; } set_session("session_user_name", $user_name); set_session("session_user_email", $email); $discount_type = ""; $discount_amount = ""; if ($user_discount_type > 0) { $discount_type = $user_discount_type; $discount_amount = $user_discount_amount; } elseif ($group_discount_type) { $discount_type = $group_discount_type; $discount_amount = $group_discount_amount; } set_session("session_discount_type", $discount_type); set_session("session_discount_amount", $discount_amount); set_session("session_price_type", $price_type); $reward_type = ""; $reward_amount = ""; if ($user_reward_type > 0) { $reward_type = $user_reward_type; $reward_amount = $user_reward_amount; } elseif ($group_reward_type) { $reward_type = $group_reward_type; $reward_amount = $group_reward_amount; } $credit_reward_type = ""; $credit_reward_amount = ""; if ($user_credit_reward_type > 0) { $credit_reward_type = $user_credit_reward_type; $credit_reward_amount = $user_credit_reward_amount; } elseif ($group_credit_reward_type) { $credit_reward_type = $group_credit_reward_type; $credit_reward_amount = $group_credit_reward_amount; } // check for subscriptions $subscriptions_ids = ""; $check_date_ts = mktime(0, 0, 0, $current_date[MONTH], $current_date[DAY], $current_date[YEAR]); $sql = " SELECT subscription_id "; $sql .= " FROM " . $table_prefix . "orders_items "; $sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER); $sql .= " AND is_subscription=1 "; $sql .= " AND subscription_expiry_date>=" . $db->tosql($check_date_ts, DATETIME); $db->query($sql); while ($db->next_record()) { if ($subscriptions_ids) { $subscriptions_ids .= ","; } $subscriptions_ids .= $db->f("subscription_id"); } set_session("session_subscriptions_ids", $subscriptions_ids); $user_info = array("user_id" => $user_id, "user_type_id" => $user_type_id, "layout_id" => $layout_id, "login" => $login, "nickname" => $nickname, "name" => $user_name, "subscriptions_ids" => $subscriptions_ids, "email" => $email, "discount_type" => $discount_type, "discount_amount" => $discount_amount, "price_type" => $price_type, "tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "reward_type" => $reward_type, "reward_amount" => $reward_amount, "credit_reward_type" => $credit_reward_type, "credit_reward_amount" => $credit_reward_amount, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost); set_session("session_user_info", $user_info); if ($remember_me && $login && $password) { setcookie("cookie_user_login", $login, va_timestamp() + 3600 * 24 * 366); setcookie("cookie_user_password", $password, va_timestamp() + 3600 * 24 * 366); } // get currency if available if ($currency_code) { get_currency($currency_code); } // update shopping cart if it's available $shopping_cart = get_session("shopping_cart"); if (is_array($shopping_cart) && sizeof($shopping_cart) > 0) { include_once "./includes/shopping_cart.php"; recalculate_shopping_cart(); // check if any coupons can be added or removed check_coupons(); } // check if need to regenerate session id for secure session if ($secure_sessions) { session_set_cookie_params(0, "/", "", true); session_regenerate_id(); } // update last visit time $sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME); $sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT); $sql .= ", last_visit_page=" . $db->tosql(get_request_uri(), TEXT); $sql .= ", last_logged_date=" . $db->tosql(va_time(), DATETIME); $sql .= ", last_logged_ip=" . $db->tosql(get_ip(), TEXT); $sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER); $db->query($sql); if ($make_redirects && $redirect_page) { // convert redirect page to the full url $ssl = get_param("ssl"); if ($ssl) { $page_site_url = $secure_url; } else { $page_site_url = $site_url; } $return_page = get_request_uri(); if (!preg_match("/^https?:\\/\\//i", $redirect_page) && preg_match("/^https?:\\/\\/[^\\/]+(\\/.*)\$/i", $page_site_url, $matches)) { $page_path_regexp = prepare_regexp($matches[1]); if (preg_match("/^" . $page_path_regexp . "/i", $redirect_page)) { $redirect_page = $page_site_url . preg_replace("/^" . $page_path_regexp . "/i", "", $redirect_page); } } header("Location: " . $redirect_page); exit; } } elseif ($current_ts > $expiry_date_ts) { $is_errors = true; $errors .= ACCOUNT_EXPIRED_MSG . "<br>"; } else { $is_errors = true; $errors .= ACCOUNT_APPROVE_ERROR . "<br>"; } } else { $is_errors = true; if ($user_id) { $errors .= NO_RECORDS_MSG . "<br>"; } else { $errors .= LOGIN_PASSWORD_ERROR . "<br>"; } } if ($is_errors) { setcookie("cookie_user_login"); setcookie("cookie_user_password"); } return !$is_errors; }