private function createSession($token = null) { // TODO: check if IP address has too many sessions already if (!isset($token)) { $token = $this->generateToken(); } $token_hash = CustomerAuthentication::hashPassword($token); $expires = time() + CustomerAuthentication::$session_expire; $session = new CustomerSession($this->db); $session->data['customer_session_token_hash'] = $token_hash; $session->data['customer_session_customer_id'] = $this->customer->val('customer_id'); $session->data['customer_session_expires'] = SqlQuery::mysqlTimestamp($expires); $session->save(); setcookie($this->cookie_name, $session->val('customer_session_id') . "-" . $token, $expires, '/', false, false); $this->session = $session; }
global $db, $home_dir, $custAuth; if (!$custAuth->customer->val('customer_anonymous')) { $messages->add(t('You are already registered and logged in.')); } else { $email = myTrim(strtolower(_g('register_email'))); $password = _g('register_password'); // validate email and password once again if ($custAuth->isValidEmail($email) && $custAuth->isValidPassword($password)) { // check if email exists $customer = new Customer($db); $customer->loadByEmail($email); if ($customer->is_loaded) { $messages->error(t('This email is already used. ')); } else { $custAuth->customer->data['customer_name'] = null; $custAuth->customer->data['customer_email'] = $email; $custAuth->customer->data['customer_anonymous'] = 0; $custAuth->customer->data['customer_password_hash'] = CustomerAuthentication::hashPassword($password); $custAuth->customer->save(); $custAuth->login($email, $password); if ($custAuth->isAuth()) { redirect(_g('ret', '/')); } else { $messages->add(t('Cannot log you in. Sorry')); } } } else { $messages->error(t('Invalid password or email.')); } }
require_once $home_dir . 'models/customer.m.php'; require_once $home_dir . 'classes/forms.php'; $form = new AdminForm('customer'); $page = 'admin/form'; $form->add([['name' => 'customer_created', 'label' => 'Date', 'type' => 'static'], ['name' => 'customer_last_access', 'label' => 'Last visited', 'type' => 'static'], ['name' => 'customer_deleted', 'label' => 'Deleted', 'type' => 'bool'], ['name' => 'customer_anonymous', 'label' => 'Anonymous', 'type' => 'bool'], ['label' => 'Login', 'type' => 'begin_group'], ['name' => 'customer_email', 'label' => 'E-mail', 'type' => 'text', 'validations' => [['type' => 'email']]], ['name' => 'customer_password', 'label' => 'Password', 'type' => 'password', 'validations' => [['type' => 'password']]], ['name' => 'customer_password_confirm', 'label' => 'Confirm Password', 'type' => 'password', 'validations' => [['type' => 'confirm', 'param' => 'customer_password']]], ['type' => 'end_group'], ['label' => 'Address', 'type' => 'begin_group'], ['name' => 'customer_name', 'label' => 'Name', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_address_city', 'label' => 'City', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_address_street', 'label' => 'Street with house n.', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_address_zip', 'label' => 'ZIP', 'type' => 'text', 'validations' => [['type' => 'integer', 'param' => true]]], ['type' => 'end_group'], ['label' => 'Shipping Address', 'type' => 'begin_group'], ['name' => 'customer_ship_name', 'label' => 'Name (shipping)', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_ship_city', 'label' => 'City (shipping)', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_ship_street', 'label' => 'Street (shipping)', 'type' => 'text', 'validations' => [['type' => 'maxlen', 'param' => 50]]], ['name' => 'customer_ship_zip', 'label' => 'ZIP (shipping)', 'type' => 'text', 'validations' => [['type' => 'integer', 'param' => true]]], ['type' => 'end_group'], ['name' => 'customer_failed_attempts', 'label' => 'Failed attempts', 'type' => 'text', 'validations' => [['type' => 'integer']]], ['name' => 'customer_delivery_type_id', 'label' => 'Delivery Type', 'type' => 'select', 'select_table' => 'delivery_types', 'select_id_field' => 'delivery_type_id', 'select_label_field' => 'delivery_type_name'], ['name' => 'customer_payment_type_id', 'label' => 'Payment Type', 'type' => 'select', 'select_table' => 'payment_types', 'select_id_field' => 'payment_type_id', 'select_label_field' => 'payment_type_name']]); if (isset($_POST['customer_id'])) { if ($_POST['customer_id'] > 0) { $customer = new Customer($db, $_POST['customer_id']); } else { $customer = new Customer($db); } $customer->setData($form->processInput($_POST)); unset($customer->data['customer_password']); unset($customer->data['customer_password_confirm']); if (isset($_POST['customer_password']) && strlen($_POST['customer_password']) > 0) { $customer->data['customer_password_hash'] = CustomerAuthentication::hashPassword($_POST['customer_password']); } if ($customer->save()) { redirect(_g('r', '/admin/customers')); } } elseif (isset($path[2]) && $path[2] == 'edit') { $customer = new Customer($db, $path[3]); $page_title = t('Editing Customer'); } elseif (isset($path[2]) && $path[2] == 'delete') { if (Customer::del($db, $path[3])) { redirect(_g('r', '/admin/customers')); } } else { $customer = new Customer($db); $page_title = t('New Customer'); }