[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/ -> create_account.php (source)

   1  <?php
   2  /*

   3  $Id: create_account.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2006 osCMax

   9  

  10    Released under the GNU General Public License

  11  */
  12  
  13  // Most of this file is changed or moved to BTS - Basic Template System - format.

  14  // For adding in contribution or modification - parts of this file has been moved to: catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).

  15  //       catalog\templates\fallback\contents\<filename>.tpl.php as a default (sub 'fallback' with your current template to see if there is a template specife change).

  16  // (Sub 'fallback' with your current template to see if there is a template specific file.)

  17  
  18    require ('includes/application_top.php');
  19  
  20  // needs to be included earlier to set the success message in the messageStack

  21    require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CREATE_ACCOUNT);
  22  
  23    $process = false;
  24  // BOF: MOD - Country-State Selector

  25    $refresh = false;
  26    if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'process') || ($HTTP_POST_VARS['action'] == 'refresh'))) {
  27      if ($HTTP_POST_VARS['action'] == 'process')  $process = true;
  28    if ($HTTP_POST_VARS['action'] == 'refresh') $refresh = true;
  29  // EOF: MOD - Country-State Selector

  30  
  31      if (ACCOUNT_GENDER == 'true') {
  32        if (isset($HTTP_POST_VARS['gender'])) {
  33          $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
  34        } else {
  35          $gender = false;
  36        }
  37      }
  38      $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
  39      $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
  40      if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
  41      $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
  42      // BOF Separate Pricing Per Customer, added: field for tax id number

  43      if (ACCOUNT_COMPANY == 'true') { 
  44        $company = tep_db_prepare_input($HTTP_POST_VARS['company']);
  45        $company_tax_id = tep_db_prepare_input($HTTP_POST_VARS['company_tax_id']);
  46      }
  47      // EOF Separate Pricing Per Customer, added: field for tax id number

  48      $street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
  49      if (ACCOUNT_SUBURB == 'true') $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
  50      $postcode = tep_db_prepare_input($HTTP_POST_VARS['postcode']);
  51      $city = tep_db_prepare_input($HTTP_POST_VARS['city']);
  52      if (ACCOUNT_STATE == 'true') {
  53        $state = tep_db_prepare_input($HTTP_POST_VARS['state']);
  54        if (isset($HTTP_POST_VARS['zone_id'])) {
  55          $zone_id = tep_db_prepare_input($HTTP_POST_VARS['zone_id']);
  56        } else {
  57          $zone_id = false;
  58        }
  59      }
  60      $country = tep_db_prepare_input($HTTP_POST_VARS['country']);
  61      $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
  62      $fax = tep_db_prepare_input($HTTP_POST_VARS['fax']);
  63      if (isset($HTTP_POST_VARS['newsletter'])) {
  64        $newsletter = tep_db_prepare_input($HTTP_POST_VARS['newsletter']);
  65      } else {
  66        $newsletter = false;
  67      }
  68      $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
  69      $confirmation = tep_db_prepare_input($HTTP_POST_VARS['confirmation']);
  70  
  71  // BOF: MOD - Country-State Selector

  72      if ($process) {
  73  // EOF: MOD - Country-State Selector

  74      $error = false;
  75  
  76      if (ACCOUNT_GENDER == 'true') {
  77        if ( ($gender != 'm') && ($gender != 'f') ) {
  78          $error = true;
  79  
  80          $messageStack->add('create_account', ENTRY_GENDER_ERROR);
  81        }
  82      }
  83  
  84      if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
  85        $error = true;
  86  
  87        $messageStack->add('create_account', ENTRY_FIRST_NAME_ERROR);
  88      }
  89  
  90      if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
  91        $error = true;
  92  
  93        $messageStack->add('create_account', ENTRY_LAST_NAME_ERROR);
  94      }
  95  
  96      if (ACCOUNT_DOB == 'true') {
  97        if (checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4)) == false) {
  98          $error = true;
  99  
 100          $messageStack->add('create_account', ENTRY_DATE_OF_BIRTH_ERROR);
 101        }
 102      }
 103  
 104      if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
 105        $error = true;
 106  
 107        $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR);
 108      } elseif (tep_validate_email($email_address) == false) {
 109        $error = true;
 110  
 111        $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
 112      } else {
 113        $check_email_query = tep_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
 114        $check_email = tep_db_fetch_array($check_email_query);
 115  // BOF: MOD - PWA

 116  //      if ($check_email['total'] > 0) {

 117  //        $error = true;

 118  //        $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);

 119        if ($check_email['total'] > 0) {
 120  //PWA delete account

 121          $get_customer_info = tep_db_query("select customers_id, customers_email_address, purchased_without_account from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
 122          $customer_info = tep_db_fetch_array($get_customer_info); 
 123          $customer_id = $customer_info['customers_id']; 
 124          $customer_email_address = $customer_info['customers_email_address']; 
 125          $customer_pwa = $customer_info['purchased_without_account']; 
 126          if ($customer_pwa !='1') {
 127             $error = true;
 128  
 129             $messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
 130          } else {   
 131            tep_db_query("delete from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $customer_id . "'");   
 132            tep_db_query("delete from " . TABLE_CUSTOMERS . " where customers_id = '" . $customer_id . "'");   
 133            tep_db_query("delete from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customer_id . "'");   
 134            tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . $customer_id . "'");   
 135            tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " where customers_id = '" . $customer_id . "'");   
 136            tep_db_query("delete from " . TABLE_WHOS_ONLINE . " where customer_id = '" . $customer_id . "'"); 
 137          }  
 138  // EOF: MOD - PWA

 139        }
 140      }
 141  
 142      if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
 143        $error = true;
 144  
 145        $messageStack->add('create_account', ENTRY_STREET_ADDRESS_ERROR);
 146      }
 147  
 148      if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
 149        $error = true;
 150  
 151        $messageStack->add('create_account', ENTRY_POST_CODE_ERROR);
 152      }
 153  
 154      if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
 155        $error = true;
 156  
 157        $messageStack->add('create_account', ENTRY_CITY_ERROR);
 158      }
 159  
 160      if (is_numeric($country) == false) {
 161        $error = true;
 162  
 163        $messageStack->add('create_account', ENTRY_COUNTRY_ERROR);
 164      }
 165  
 166      if (ACCOUNT_STATE == 'true') {
 167        $zone_id = 0;
 168        $check_query = tep_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country . "'");
 169        $check = tep_db_fetch_array($check_query);
 170        $entry_state_has_zones = ($check['total'] > 0);
 171        if ($entry_state_has_zones == true) {
 172          $zone_query = tep_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country . "' and (zone_name like '" . tep_db_input($state) . "%' or zone_code like '%" . tep_db_input($state) . "%')");
 173          if (tep_db_num_rows($zone_query) == 1) {
 174            $zone = tep_db_fetch_array($zone_query);
 175            $zone_id = $zone['zone_id'];
 176          } else {
 177            $error = true;
 178  
 179            $messageStack->add('create_account', ENTRY_STATE_ERROR_SELECT);
 180          }
 181        } else {
 182          if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
 183            $error = true;
 184  
 185            $messageStack->add('create_account', ENTRY_STATE_ERROR);
 186          }
 187        }
 188      }
 189  
 190      if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
 191        $error = true;
 192  
 193        $messageStack->add('create_account', ENTRY_TELEPHONE_NUMBER_ERROR);
 194      }
 195  
 196  
 197      if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
 198        $error = true;
 199  
 200        $messageStack->add('create_account', ENTRY_PASSWORD_ERROR);
 201      } elseif ($password != $confirmation) {
 202        $error = true;
 203  
 204        $messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING);
 205      }
 206  
 207      if ($error == false) {
 208        $sql_data_array = array('customers_firstname' => $firstname,
 209                                'customers_lastname' => $lastname,
 210                                'customers_email_address' => $email_address,
 211                                'customers_telephone' => $telephone,
 212                                'customers_fax' => $fax,
 213                                'customers_newsletter' => $newsletter,
 214                                'customers_password' => tep_encrypt_password($password));
 215  
 216        if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
 217        if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = tep_date_raw($dob);
 218  // BOF: MOD - Separate Pricing Per Customer

 219  // if you would like to have an alert in the admin section when either a company name has been entered in

 220  // the appropriate field or a tax id number, or both then uncomment the next line and comment the default

 221  // setting: only alert when a tax_id number has been given

 222  //    if ( (ACCOUNT_COMPANY == 'true' && tep_not_null($company) ) || (ACCOUNT_COMPANY == 'true' && tep_not_null($company_tax_id) ) ) { 

 223        if ( ACCOUNT_COMPANY == 'true' && tep_not_null($company_tax_id)  ) { 
 224          $sql_data_array['customers_group_ra'] = '1';
 225        }
 226  // EOF: MOD - Separate Pricing Per Customer

 227  
 228        tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
 229  
 230        $customer_id = tep_db_insert_id();
 231  
 232        $sql_data_array = array('customers_id' => $customer_id,
 233                                'entry_firstname' => $firstname,
 234                                'entry_lastname' => $lastname,
 235                                'entry_street_address' => $street_address,
 236                                'entry_postcode' => $postcode,
 237                                'entry_city' => $city,
 238                                'entry_country_id' => $country);
 239  
 240        if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
 241  // BOF: MOD - Separate Pricing Per Customer

 242  //    if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;

 243        if (ACCOUNT_COMPANY == 'true') {
 244          $sql_data_array['entry_company'] = $company;
 245          $sql_data_array['entry_company_tax_id'] = $company_tax_id;
 246        }
 247   // EOF: MOD - Separate Pricing Per Customer

 248        if (ACCOUNT_SUBURB == 'true') $sql_data_array['entry_suburb'] = $suburb;
 249        if (ACCOUNT_STATE == 'true') {
 250          if ($zone_id > 0) {
 251            $sql_data_array['entry_zone_id'] = $zone_id;
 252            $sql_data_array['entry_state'] = '';
 253          } else {
 254            $sql_data_array['entry_zone_id'] = '0';
 255            $sql_data_array['entry_state'] = $state;
 256          }
 257        }
 258  
 259        tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
 260  
 261        $address_id = tep_db_insert_id();
 262  
 263        tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int)$address_id . "' where customers_id = '" . (int)$customer_id . "'");
 264  
 265        tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int)$customer_id . "', '0', now())");
 266  
 267        if (SESSION_RECREATE == 'True') {
 268          tep_session_recreate();
 269        }
 270  
 271        $customer_first_name = $firstname;
 272        $customer_default_address_id = $address_id;
 273        $customer_country_id = $country;
 274        $customer_zone_id = $zone_id;
 275        tep_session_register('customer_id');
 276        tep_session_register('customer_first_name');
 277        tep_session_register('customer_default_address_id');
 278        tep_session_register('customer_country_id');
 279        tep_session_register('customer_zone_id');
 280  
 281  // restore cart contents

 282        $cart->restore_contents();
 283        
 284  //BOF: MOD - Wishlist 3.5

 285  // restore wishlist to sesssion

 286          $wishList->restore_wishlist();
 287  //EOF: MOD - Wishlist 3.5      

 288  
 289  // build the message content

 290        $name = $firstname . ' ' . $lastname;
 291  
 292        if (ACCOUNT_GENDER == 'true') {
 293           if ($gender == 'm') {
 294             $email_text = sprintf(EMAIL_GREET_MR, $lastname);
 295           } else {
 296             $email_text = sprintf(EMAIL_GREET_MS, $lastname);
 297           }
 298        } else {
 299          $email_text = sprintf(EMAIL_GREET_NONE, $firstname);
 300        }
 301  
 302        $email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
 303  
 304  // BOF - MOD: CREDIT CLASS Gift Voucher Contribution

 305    if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
 306      $coupon_code = create_coupon_code();
 307      $insert_query = tep_db_query("insert into " . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
 308      $insert_id = tep_db_insert_id($insert_query);
 309      $insert_query = tep_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id ."', '0', 'Admin', '" . $email_address . "', now() )");
 310  
 311      $email_text .= sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" .
 312                     sprintf(EMAIL_GV_REDEEM, $coupon_code) . "\n\n" .
 313                     EMAIL_GV_LINK . tep_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code,'NONSSL', false) .
 314                     "\n\n";
 315    }
 316    if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
 317          $coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
 318      $coupon_query = tep_db_query("select * from " . TABLE_COUPONS . " where coupon_code = '" . $coupon_code . "'");
 319      $coupon = tep_db_fetch_array($coupon_query);
 320      $coupon_id = $coupon['coupon_code'];    
 321      $coupon_desc_query = tep_db_query("select * from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . (int)$languages_id . "'");
 322      $coupon_desc = tep_db_fetch_array($coupon_desc_query);
 323      $insert_query = tep_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id ."', '0', 'Admin', '" . $email_address . "', now() )");
 324      $email_text .= EMAIL_COUPON_INCENTIVE_HEADER .  "\n" .
 325                     sprintf("%s", $coupon_desc['coupon_description']) ."\n\n" .
 326                     sprintf(EMAIL_COUPON_REDEEM, $coupon['coupon_code']) . "\n\n" .
 327                     "\n\n";
 328    }
 329  //    $email_text .= EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;

 330    //---------

 331    //add these:

 332        if (tep_session_is_registered('floating_gv_code')) {
 333          $gv_query = tep_db_query("SELECT c.coupon_id, c.coupon_amount, IF(rt.coupon_id>0, 'true', 'false') AS redeemed FROM ". TABLE_COUPONS ." c LEFT JOIN ". TABLE_COUPON_REDEEM_TRACK." rt USING(coupon_id), ". TABLE_COUPON_EMAIL_TRACK ." et WHERE c.coupon_code = '". $floating_gv_code ."' AND c.coupon_id = et.coupon_id");
 334          // check if coupon exist

 335          if (tep_db_num_rows($gv_query) >0) {
 336            $coupon = tep_db_fetch_array($gv_query);
 337            // check if coupon_id exist and coupon not redeemed

 338            if($coupon['coupon_id']>0 && $coupon['redeemed'] == 'false') {
 339                tep_session_unregister('floating_gv_code');
 340                $gv_query = tep_db_query("insert into  " . TABLE_COUPON_REDEEM_TRACK . " (coupon_id, customer_id, redeem_date, redeem_ip) values ('" . $coupon['coupon_id'] . "', '" . $customer_id . "', now(),'" . $REMOTE_ADDR . "')");
 341                $gv_update = tep_db_query("update " . TABLE_COUPONS . " set coupon_active = 'N' where coupon_id = '" . $coupon['coupon_id'] . "'");
 342                tep_gv_account_update($customer_id, $coupon['coupon_id']);
 343            }
 344          }
 345        }
 346  // BOF: MOD - GV_REDEEM_EXPLOIT_FIX (GVREF)

 347  
 348        tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
 349  
 350  // BOF: MOD - Separate Pricing Per Customer: alert shop owner of account created by a company

 351  // if you would like to have an email when either a company name has been entered in

 352  // the appropriate field or a tax id number, or both then uncomment the next line and comment the default

 353  // setting: only email when a tax_id number has been given

 354  //    if ( (ACCOUNT_COMPANY == 'true' && tep_not_null($company) ) || (ACCOUNT_COMPANY == 'true' && tep_not_null($company_tax_id) ) ) { 

 355        if ( ACCOUNT_COMPANY == 'true' && tep_not_null($company_tax_id) ) { 
 356          $alert_email_text = "Please note that " . $firstname . " " . $lastname . " of the company: " . $company . " has created an account.";
 357          tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Company account created', $alert_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
 358        }
 359  // EOF: MOD - Separate Pricing Per Customer: alert shop owner of account created by a company

 360  
 361        tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL'));
 362      }
 363    }
 364   
 365  // BOF: MOD - Country-State Selector 

 366   }
 367  if ($HTTP_POST_VARS['action'] == 'refresh') {$state = '';}
 368  if (!isset($country)){$country = DEFAULT_COUNTRY;}
 369  // EOF: MOD - Country-State Selector 

 370  
 371    $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL'));
 372  
 373    $content = CONTENT_CREATE_ACCOUNT;
 374  
 375    include (bts_select('main', $content_template)); // BTSv1.5

 376  
 377    require (DIR_WS_INCLUDES . 'application_bottom.php');
 378  ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7