[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/admin/ -> create_account_process.php (source)

   1  <?php
   2  /*

   3  $Id: create_account_process.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2006 osCMax2005 osCMax, 2002 osCommerce

   9  

  10    Released under the GNU General Public License

  11     

  12    Step-By-Step Manual Order Entry Verion 1.0

  13    Customer Entry through Admin

  14  */
  15  
  16    require ('includes/application_top.php');
  17    
  18    require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CREATE_ACCOUNT_PROCESS);
  19  
  20  /*function tep_validate_email($email) {

  21      $valid_address = true;

  22      

  23      $mail_pat = '^(.+)@(.+)$';

  24      $valid_chars = "[^] \(\)<>@,;:\.\\\"\[]";

  25      $atom = "$valid_chars+";

  26      $quoted_user='(\"[^\"]*\")';

  27      $word = "($atom|$quoted_user)";

  28      $user_pat = "^$word(\.$word)*$";

  29      $ip_domain_pat='^\[([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\]$';

  30      $domain_pat = "^$atom(\.$atom)*$";

  31      

  32      if (eregi($mail_pat, $email, $components)) {

  33      

  34        $user = $components[1];

  35        $domain = $components[2];

  36  

  37        // validate user  

  38        if (eregi($user_pat, $user)) {

  39          // validate domain

  40          if (eregi($ip_domain_pat, $domain, $ip_components)) {

  41            // this is an IP address

  42              for ($i=1;$i<=4;$i++) {

  43                if ($ip_components[$i] > 255) {

  44                  $valid_address = false;

  45                  break;

  46                }

  47            }

  48          }

  49          else {

  50            // Domain is symbolic name

  51            if (eregi($domain_pat, $domain)) {

  52    

  53              // domain name seems valid, but now make sure that it ends in a

  54              //  three-letter word (like com, net, org, gov, edu, int) or a two-letter word,

  55              //   representing country (ca, uk, nl), and that there's a hostname preceding 

  56              //   the domain or country. 

  57    

  58              $domain_components = explode(".", $domain);          

  59    

  60              // Make sure there's a host name preceding the domain.

  61              if (sizeof($domain_components) < 2)

  62                $valid_address = false;

  63              else {

  64                $top_level_domain = strtolower($domain_components[sizeof($domain_components)-1]);

  65                if (strlen($top_level_domain) < 2 || strlen($top_level_domain) > 6)

  66                  $valid_address = false;

  67                elseif (strlen($top_level_domain) <= 6 && strlen($top_level_domain) >= 3) {

  68                  switch ($top_level_domain) {

  69                    case 'com':

  70                    case 'net':

  71                    case 'org':

  72                    case 'gov':

  73                    case 'edu':

  74                    case 'int':

  75                    case 'biz':

  76                    case 'mil':

  77                    case 'info':

  78                    case 'name':

  79                    case 'aero':

  80                    case 'coop':

  81                    case 'museum':

  82                      break;

  83                    default:

  84                      $valid_address = false;

  85                      break;

  86                  }

  87                }

  88              }

  89            }

  90            else {

  91                $valid_address = false;

  92              }

  93            }

  94        }

  95        else {

  96          $valid_address = false;

  97        }

  98      }

  99      else

 100        $valid_address = false;

 101  

 102      if ($valid_address && ENTRY_EMAIL_ADDRESS_CHECK == 'true') {

 103        if (!checkdnsrr($domain, "MX") && !checkdnsrr($domain, "A")) {

 104          $valid_address = false;

 105        }

 106      }

 107      

 108      return $valid_address;

 109    }  */
 110  
 111  if ([email protected]$HTTP_POST_VARS['action']) {
 112     tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'NONSSL'));
 113   }
 114  
 115    $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
 116    $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
 117    $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
 118    $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
 119    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
 120    $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
 121    $fax = tep_db_prepare_input($HTTP_POST_VARS['fax']);
 122    $newsletter = tep_db_prepare_input($HTTP_POST_VARS['newsletter']);
 123    //$password = tep_db_prepare_input($HTTP_POST_VARS['password']);

 124    $confirmation = tep_db_prepare_input($HTTP_POST_VARS['confirmation']);
 125    $street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
 126    $company = tep_db_prepare_input($HTTP_POST_VARS['company']);
 127    $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
 128    $postcode = tep_db_prepare_input($HTTP_POST_VARS['postcode']);
 129    $city = tep_db_prepare_input($HTTP_POST_VARS['city']);
 130    $zone_id = tep_db_prepare_input($HTTP_POST_VARS['zone_id']);
 131    $state = tep_db_prepare_input($HTTP_POST_VARS['state']);
 132    $country = tep_db_prepare_input($HTTP_POST_VARS['country']);
 133  
 134      
 135    /////////////////      RAMDOMIZING SCRIPT BY PATRIC VEVERKA       \\\\\\\\\\\\\\\\\\

 136  
 137  $t1 = date("mdy"); 
 138  srand ((float) microtime() * 10000000); 
 139  $input = array ("A", "a", "B", "b", "C", "c", "D", "d", "E", "e", "F", "f", "G", "g", "H", "h", "I", "i", "J", "j", "K", "k", "L", "l", "M", "m", "N", "n", "O", "o", "P", "p", "Q", "q", "R", "r", "S", "s", "T", "t", "U", "u", "V", "v", "W", "w", "X", "x", "Y", "y", "Z", "z"); 
 140  $rand_keys = array_rand ($input, 3); 
 141  $l1 = $input[$rand_keys[0]];
 142  $r1 = rand(0,9); 
 143  $l2 = $input[$rand_keys[1]];
 144  $l3 = $input[$rand_keys[2]]; 
 145  $r2 = rand(0,9); 
 146  
 147  $password = $l1.$r1.$l2.$l3.$r2; 
 148  
 149  /////////////////    End of Randomizing Script   \\\\\\\\\\\\\\\\\\\

 150  
 151    
 152    
 153    $error = false; // reset error flag

 154  
 155    if (ACCOUNT_GENDER == 'true') {
 156      if (($gender == 'm') || ($gender == 'f')) {
 157        $entry_gender_error = false;
 158      } else {
 159        $error = true;
 160        $entry_gender_error = true;
 161      }
 162    }
 163  
 164    if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
 165      $error = true;
 166      $entry_firstname_error = true;
 167    } else {
 168      $entry_firstname_error = false;
 169    }
 170  
 171    if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
 172      $error = true;
 173      $entry_lastname_error = true;
 174    } else {
 175      $entry_lastname_error = false;
 176    }
 177  
 178    if (ACCOUNT_DOB == 'true') {
 179      if (checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4))) {
 180        $entry_date_of_birth_error = false;
 181      } else {
 182        $error = true;
 183        $entry_date_of_birth_error = true;
 184      }
 185    }
 186  
 187    if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
 188      $error = true;
 189      $entry_email_address_error = true;
 190    } else {
 191      $entry_email_address_error = false;
 192    }
 193  
 194   if (!tep_validate_email($email_address)) {
 195      $error = true;
 196      $entry_email_address_check_error = true;
 197    } else {
 198      $entry_email_address_check_error = false;
 199    }
 200  
 201    if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
 202      $error = true;
 203      $entry_street_address_error = true;
 204    } else {
 205      $entry_street_address_error = false;
 206    }
 207  
 208    if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
 209      $error = true;
 210      $entry_post_code_error = true;
 211    } else {
 212      $entry_post_code_error = false;
 213    }
 214  
 215    if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
 216      $error = true;
 217      $entry_city_error = true;
 218    } else {
 219      $entry_city_error = false;
 220    }
 221  
 222    if (!$country) {
 223      $error = true;
 224      $entry_country_error = true;
 225    } else {
 226      $entry_country_error = false;
 227    }
 228  
 229    if (ACCOUNT_STATE == 'true') {
 230      if ($entry_country_error) {
 231        $entry_state_error = true;
 232      } else {
 233        $zone_id = 0;
 234        $entry_state_error = false;
 235        $check_query = tep_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . tep_db_input($country) . "'");
 236        $check_value = tep_db_fetch_array($check_query);
 237        $entry_state_has_zones = ($check_value['total'] > 0);
 238        if ($entry_state_has_zones) {
 239          $zone_query = tep_db_query("select zone_id from " . TABLE_ZONES . " where zone_country_id = '" . tep_db_input($country) . "' and zone_name = '" . tep_db_input($state) . "'");
 240          if (tep_db_num_rows($zone_query) == 1) {
 241            $zone_values = tep_db_fetch_array($zone_query);
 242            $zone_id = $zone_values['zone_id'];
 243          } else {
 244            $zone_query = tep_db_query("select zone_id from " . TABLE_ZONES . " where zone_country_id = '" . tep_db_input($country) . "' and zone_code = '" . tep_db_input($state) . "'");
 245            if (tep_db_num_rows($zone_query) == 1) {
 246              $zone_values = tep_db_fetch_array($zone_query);
 247              $zone_id = $zone_values['zone_id'];
 248            } else {
 249              $error = true;
 250              $entry_state_error = true;
 251            }
 252          }
 253        } else {
 254          if (!$state) {
 255            $error = true;
 256            $entry_state_error = true;
 257          }
 258        }
 259      }
 260    }
 261  
 262    if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
 263      $error = true;
 264      $entry_telephone_error = true;
 265    } else {
 266      $entry_telephone_error = false;
 267    }
 268  
 269    $check_email = tep_db_query("select customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "' and customers_id <> '" . tep_db_input($customer_id) . "'");
 270    if (tep_db_num_rows($check_email)) {
 271      $error = true;
 272      $entry_email_address_exists = true;
 273    } else {
 274      $entry_email_address_exists = false;
 275    }
 276  
 277    if ($error == true) {
 278      $processed = true;
 279  
 280  ?>
 281  <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
 282  <html <?php echo HTML_PARAMS; ?>>
 283  <head>
 284  <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
 285    <title><?php echo TITLE ?></title>
 286  <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
 287  <?php require ('includes/form_check.js.php'); ?>
 288  </head>
 289  <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">
 290  <!-- header //-->
 291  <?php
 292    require (DIR_WS_INCLUDES . 'header.php');
 293  ?>
 294  <!-- header_eof //-->
 295  
 296  <!-- body //-->
 297  <table border="0" width="100%" cellspacing="2" cellpadding="2">
 298    <tr>
 299      <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
 300  <!-- left_navigation //-->
 301  <?php require (DIR_WS_INCLUDES . 'column_left.php'); ?>
 302  <!-- left_navigation_eof //-->
 303      </table></td>
 304  <!-- body_text //-->
 305      <td width="100%" valign="top"><form name="account_edit" method="post" <?php echo 'action="' . tep_href_link(FILENAME_CREATE_ACCOUNT_PROCESS, '', 'SSL') . '"'; ?> onSubmit="return check_form();"><input type="hidden" name="action" value="process"><table border="0" width="100%" cellspacing="0" cellpadding="0">
 306        <tr>
 307          <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
 308            <tr>
 309              <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
 310            </tr>
 311          </table></td>
 312        </tr>
 313  <?php
 314    if (sizeof($navigation->snapshot) > 0) {
 315  ?>
 316        <tr>
 317          <td class="smallText"><br><?php echo sprintf(TEXT_ORIGIN_LOGIN, tep_href_link(FILENAME_LOGIN, tep_get_all_get_params(), 'SSL')); ?></td>
 318        </tr>
 319  <?php
 320    }
 321  ?>
 322        <tr>
 323          <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
 324        </tr>
 325        <tr>
 326          <td>
 327  <?php
 328    //$email_address = tep_db_prepare_input($HTTP_GET_VARS['email_address']);

 329    $account['entry_country_id'] = STORE_COUNTRY;
 330  
 331    require (DIR_WS_MODULES . 'account_details.php');
 332  ?>
 333          </td>
 334        </tr>
 335        <tr>
 336          <td align="right" class="main"><br><?php echo tep_image_submit('button_confirm.gif', IMAGE_BUTTON_CONTINUE); ?></td>
 337        </tr>
 338      </table></form></td>
 339  <!-- body_text_eof //-->
 340      <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
 341      </table></td>
 342    </tr>
 343  </table>
 344  <!-- body_eof //-->
 345  
 346  <!-- footer //-->
 347  <?php include (DIR_WS_INCLUDES . 'footer.php'); ?>
 348  <!-- footer_eof //-->
 349  <br>
 350  </body>
 351  </html>
 352  <?php
 353    } else  {
 354         $sql_data_array = array('customers_firstname' => $firstname,
 355                             'customers_lastname' => $lastname,
 356                             'customers_email_address' => $email_address,
 357                             'customers_telephone' => $telephone,
 358                             'customers_fax' => $fax,
 359                             'customers_newsletter' => $newsletter,
 360                             'customers_password' => tep_encrypt_password($password));
 361                             //'customers_password' => $password,

 362                             //'customers_default_address_id' => 1);

 363  
 364     if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
 365     if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = tep_date_raw($dob);
 366  
 367     tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
 368  
 369     $customer_id = tep_db_insert_id();
 370  
 371     $sql_data_array = array('customers_id' => $customer_id,
 372                             //change line below to suit your version

 373                             //'address_book_id' => 1,  //pre MS2

 374                             'entry_firstname' => $firstname,
 375                             'entry_lastname' => $lastname,
 376                             'entry_street_address' => $street_address,
 377                             'entry_postcode' => $postcode,
 378                             'entry_city' => $city,
 379                             'entry_country_id' => $country);
 380  
 381     if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
 382     if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
 383     if (ACCOUNT_SUBURB == 'true') $sql_data_array['entry_suburb'] = $suburb;
 384     if (ACCOUNT_STATE == 'true') {
 385       if ($zone_id > 0) {
 386         $sql_data_array['entry_zone_id'] = $zone_id;
 387         $sql_data_array['entry_state'] = '';
 388       } else {
 389         $sql_data_array['entry_zone_id'] = '0';
 390         $sql_data_array['entry_state'] = $state;
 391       }
 392     }
 393  
 394     tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
 395  
 396  $address_id = tep_db_insert_id();
 397  
 398  tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int)$address_id . "' where customers_id = '" . (int)$customer_id . "'");
 399  
 400     tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . tep_db_input($customer_id) . "', '0', now())");
 401  
 402     $customer_first_name = $firstname;
 403     //$customer_default_address_id = 1;

 404  $customer_default_address_id = $address_id;
 405     $customer_country_id = $country;
 406     $customer_zone_id = $zone_id;
 407     tep_session_register('customer_id');
 408     tep_session_register('customer_first_name');
 409     tep_session_register('customer_default_address_id');
 410     tep_session_register('customer_country_id');
 411     tep_session_register('customer_zone_id');
 412  
 413      // build the message content

 414      $name = $firstname . " " . $lastname;
 415  
 416      if (ACCOUNT_GENDER == 'true') {
 417         if ($HTTP_POST_VARS['gender'] == 'm') {
 418           $email_text = EMAIL_GREET_MR;
 419         } else {
 420           $email_text = EMAIL_GREET_MS;
 421         }
 422      } else {
 423        $email_text = EMAIL_GREET_NONE;
 424      }
 425  
 426      $email_text .= EMAIL_WELCOME . EMAIL_PASS_1 . $password . EMAIL_PASS_2 . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
 427      tep_mail($name, $email_address, EMAIL_SUBJECT, nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
 428  
 429      tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL'));
 430    }
 431  
 432    require (DIR_WS_INCLUDES . 'application_bottom.php');
 433  ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7