$user_login = ""; if (strlen($login_action)) { if ($login_action == "logout") { user_logout(); } else { $user_login = get_param("user_login"); $user_password = get_param("user_password"); if (!strlen($user_login)) { $error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE); $login_errors .= $error_message . "<br>"; } if (!strlen($user_password)) { $error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE); $login_errors .= $error_message . "<br>"; } if (!$login_errors && check_black_ip()) { $login_errors = BLACK_IP_MSG; } if (!strlen($login_errors)) { user_login($user_login, $user_password, "", 0, "", false, $login_errors); } } if (!$login_errors) { // make redirect to original page after successful login/logout operations header("Location: " . $return_page); exit; } } if (get_session("session_user_id")) { $user_info = get_session("session_user_info"); $user_login = get_setting_value($user_info, "nickname", "");
} elseif ($operation == "logout") { user_logout(); } else { if (!$cookie_login) { $login = get_param("login"); $password = get_param("password"); if (!strlen($login)) { $error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE); $errors .= $error_message . "<br>"; } if (!strlen($password)) { $error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE); $errors .= $error_message . "<br>"; } } if (!$errors && check_black_ip()) { $errors = BLACK_IP_MSG; } if (!$errors) { user_login($login, $password, "", $remember_me, $return_page, true, $errors); } } } $t->set_var("ssl", htmlspecialchars($ssl)); if ($remember_me) { $t->set_var("remember_me", "checked"); } else { $t->set_var("remember_me", ""); } $type_error = get_param("type_error"); if ($type_error == 2) {
} elseif ($r->errors) { // saved validated number for following submits set_session("session_validation_number", $validated_number); } } } if (strlen($user_id)) { if (!isset($user_settings["edit_profile"]) || $user_settings["edit_profile"] != 1) { $r->errors = EDIT_PROFILE_ERROR; } } else { if (!isset($user_settings["new_profile"]) || $user_settings["new_profile"] != 1) { $r->errors = NEW_PROFILE_ERROR; } } if (!$r->errors && check_black_ip()) { $r->errors = BLACK_IP_MSG; } if (!strlen($r->errors)) { // subscribe/unsubscribe user from newsletter if ($user_email) { if ($r->get_value("subscribe") == 1) { $sql = " SELECT COUNT(*) FROM " . $table_prefix . "newsletters_users "; $sql .= " WHERE email=" . $db->tosql($user_email, TEXT); $db->query($sql); $db->next_record(); $email_count = $db->f(0); if ($email_count < 1) { $sql = " INSERT INTO " . $table_prefix . "newsletters_users (email, date_added) "; $sql .= " VALUES ("; $sql .= $db->tosql($user_email, TEXT) . ", ";
} } } $r->validate(); $r->errors .= $options_errors; if (strlen($r->errors) || strlen($sc_errors)) { $is_valid = false; } else { $is_valid = true; } } elseif ($operation == "fast_checkout") { $is_valid = true; } else { $is_valid = false; } if ($is_valid && check_black_ip()) { $r->errors = BLACK_IP_MSG; $is_valid = false; } if ($is_valid) { // get payment rate for the selected gateway $payment_currency = get_payment_rate($payment_id, $currency); $payment_decimals = $payment_currency["decimals"]; $payment_rate = $payment_currency["rate"]; $r->set_value("payment_currency_code", $payment_currency["code"]); $r->set_value("payment_currency_rate", $payment_currency["rate"]); $variables["tax_cost"] = number_format($taxes_total * $payment_rate, $payment_decimals, ".", ""); $variables["tax_total"] = number_format($taxes_total * $payment_rate, $payment_decimals, ".", ""); $variables["processing_fee"] = number_format($processing_fee * $payment_rate, $payment_decimals, ".", ""); $new_order_status = 1; // set status to zero when adding order