hasStarted() === FALSE ) $session->start(); if (!isset($_SESSION['customer_id'])) { // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new navigationHistory(); } $_SESSION['navigation']->set_snapshot(); oos_redirect(oos_href_link($aContents['login'])); } require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php'; require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_address_book_process.php'; if ( isset($_POST['action']) && ($_POST['action'] == 'deleteconfirm') && isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) && ( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){ $entry_id = oos_db_prepare_input($_POST['entry_id']); if ($entry_id == $_SESSION['customer_default_address_id']) { $oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning'); } else { $address_booktable = $oostable['address_book']; $query = "DELETE FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "' AND customers_id = '" . intval($_SESSION['customer_id']) . "'"; $dbconn->Execute($query); $oMessage->add_session('addressbook', $aLang['success_address_book_entry_deleted'], 'success'); } oos_redirect(oos_href_link($aContents['account_address_book'])); } // Post-entry error checking when updating or adding an entry $bProcess = FALSE; if ( isset($_POST['action']) && ($_POST['action'] == 'process') || ($_POST['action'] == 'update') && ( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){ $bProcess = TRUE; if ( isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) ) { $entry_id = oos_db_prepare_input($_POST['entry_id']); } if (ACCOUNT_GENDER == 'true') { if (isset($_POST['gender'])) { $gender = oos_db_prepare_input($_POST['gender']); } else { $gender = FALSE; } } $firstname = oos_db_prepare_input($_POST['firstname']); $lastname = oos_db_prepare_input($_POST['lastname']); if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']); if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']); if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']); $street_address = oos_db_prepare_input($_POST['street_address']); $postcode = oos_db_prepare_input($_POST['postcode']); $city = oos_db_prepare_input($_POST['city']); if (ACCOUNT_STATE == 'true') { $state = oos_db_prepare_input($_POST['state']); if (isset($_POST['zone_id'])) { $zone_id = oos_db_prepare_input($_POST['zone_id']); } else { $zone_id = FALSE; } } $country = oos_db_prepare_input($_POST['country']); $bError = FALSE; // reset error flag if (ACCOUNT_GENDER == 'true') { if ( ($gender != 'm') && ($gender != 'f') ) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_gender_error']); } } if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_first_name_error'] ); } if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_last_name_error'] ); } if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){ if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_vat_id_error']); } else { $vatid_check_error = FALSE; } } if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_street_address_error']); } if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_post_code_error']); } if (strlen($city) < ENTRY_CITY_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_city_error']); } if (is_numeric($country) == FALSE) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_country_error']); } if (ACCOUNT_STATE == 'true') { $zone_id = 0; $zonestable = $oostable['zones']; $country_check_sql = "SELECT COUNT(*) AS total FROM $zonestable WHERE zone_country_id = '" . intval($country) . "'"; $country_check = $dbconn->Execute($country_check_sql); $entry_state_has_zones = ($country_check->fields['total'] > 0); if ($entry_state_has_zones == TRUE) { $zonestable = $oostable['zones']; $zone_query = "SELECT DISTINCT zone_id FROM $zonestable WHERE zone_country_id = '" . intval($country) . "' AND (zone_name = '" . oos_db_input($state) . "' OR zone_code = '" . oos_db_input($state) . "')"; $zone_result = $dbconn->Execute($zone_query); if ($zone_result->RecordCount() == 1) { $zone = $zone_result->fields; $zone_id = $zone['zone_id']; } else { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_state_error_select']); } } else { if (strlen($state) < ENTRY_STATE_MIN_LENGTH) { $bError = TRUE; $oMessage->add_session('addressbook', $aLang['entry_state_error']); } } } if ($bError == FALSE) { $sql_data_array = array('entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country); if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender; if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company; if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner; if (ACCOUNT_STATE == 'true') { if ($zone_id > 0) { $sql_data_array['entry_zone_id'] = $zone_id; $sql_data_array['entry_state'] = ''; } else { $sql_data_array['entry_zone_id'] = '0'; $sql_data_array['entry_state'] = $state; } } if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) { $sql_data_array['entry_vat_id_status'] = '1'; } else { $sql_data_array['entry_vat_id_status'] = '0'; } if ($_POST['action'] == 'update') { $address_booktable = $oostable['address_book']; $check_query = "SELECT address_book_id FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "'' AND customers_id = '" . intval($_SESSION['customer_id']) . "'"; $check_result = $dbconn->Execute($check_query); if ($check_result->RecordCount()) { oos_db_perform($oostable['address_book'], $sql_data_array, 'UPDATE', "address_book_id = '" . intval($entry_id) . "' AND customers_id ='" . intval($_SESSION['customer_id']) . "'"); if ( (isset($_POST['primary']) && ($_POST['primary'] == 'on')) || ($entry_id == $_SESSION['customer_default_address_id']) ) { if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender; $_SESSION['customer_first_name'] = $firstname; $_SESSION['customer_lastname'] = $lastname; $_SESSION['customer_country_id'] = $country; $_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0'); $_SESSION['customer_default_address_id'] = intval($entry_id); if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) { $_SESSION['customers_vat_id_status'] = '1'; } else { $_SESSION['customers_vat_id_status'] = '0'; } $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_default_address_id' => intval($entry_id)); if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'"); $update_info_sql = "UPDATE " . $oostable['customers_info'] . " SET customers_info_date_account_last_modified = now() WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'"; $dbconn->Execute($update_info_sql); } } } else { $sql_data_array['customers_id'] = intval($_SESSION['customer_id']); oos_db_perform($oostable['address_book'], $sql_data_array); $new_address_book_id = $dbconn->Insert_ID(); if (isset($_POST['primary']) && ($_POST['primary'] == 'on')) { if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender; $_SESSION['customer_first_name'] = $firstname; $_SESSION['customer_lastname'] = $lastname; $_SESSION['customer_country_id'] = $country; $_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0'); $_SESSION['customer_default_address_id'] = $new_address_book_id; if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) { $_SESSION['customers_vat_id_status'] = '1'; } else { $_SESSION['customers_vat_id_status'] = '0'; } $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname); if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; $sql_data_array['customers_default_address_id'] = $new_address_book_id; oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'"); $update_info_sql = "UPDATE " . $oostable['customers_info'] . " SET customers_info_date_account_last_modified = now() WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'"; $dbconn->Execute($update_info_sql); } $oMessage->add_session('addressbook', $aLang['success_address_book_entry_updated'], 'success'); oos_redirect(oos_href_link($aContents['account_address_book'])); } } } if (isset($_GET['edit']) && is_numeric($_GET['edit'])) { $address_booktable = $oostable['address_book']; $address_sql = "SELECT entry_gender, entry_company, entry_owner, entry_vat_id, entry_vat_id_status, entry_firstname, entry_lastname, entry_street_address, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id FROM $address_booktable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND address_book_id = '" . intval($_GET['edit']) . "'"; $entry_result = $dbconn->Execute($address_sql); if (!$entry_result->RecordCount()) { $oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']); oos_redirect(oos_href_link($aContents['account_address_book'])); } $entry = $entry_result->fields; } elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) { $entry_id = oos_db_prepare_input($_GET['delete']); if ($delete == $_SESSION['customer_default_address_id']) { $oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning'); oos_redirect(oos_href_link($aContents['account_address_book'])); } else { $address_booktable = $oostable['address_book']; $check_query = "SELECT count(*) as total FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "' AND customers_id = '" . intval($_SESSION['customer_id']) . "'"; $check_result = $dbconn->Execute($check_query); if ($check_result->fields['total'] < 1) { $oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']); oos_redirect(oos_href_link($aContents['account_address_book'])); } } } else { $entry = array('entry_country_id' => STORE_COUNTRY); } if (!isset($_GET['delete']) && !isset($_GET['edit'])) { if (oos_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) { $oMessage->add_session('addressbook', $aLang['error_address_book_full']); oos_redirect(oos_href_link($aContents['account_address_book'])); } } if ( isset($_GET['entry_id']) && is_numeric($_GET['entry_id']) ) { $entry_id = oos_db_prepare_input($_GET['entry_id']); } $back_link = oos_href_link($aContents['account_address_book']); // links breadcrumb $oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account'])); $oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_address_book'])); if (isset ($_GET['edit']) && is_numeric($_GET['edit'])) { $oBreadcrumb->add($aLang['navbar_title_modify_entry'], oos_href_link($aContents['account_address_book_process'], 'edit=' . intval($_GET['edit']))); } elseif (isset ($_GET['delete']) && is_numeric($_GET['delete'])) { $oBreadcrumb->add($aLang['navbar_title_delete_entry'], oos_href_link($aContents['account_address_book_process'], 'delete=' . intval($_GET['delete']))); } else { $oBreadcrumb->add($aLang['navbar_title_add_entry'], oos_href_link($aContents['account_address_book_process'])); } $aTemplate['page'] = $sTheme . '/page/address_book_process.html'; $nPageType = OOS_PAGE_TYPE_ACCOUNT; $sPagetitle = $aLang['navbar_title_1'] . ' ' . $aLang['navbar_title_2'] . ' ' . OOS_META_TITLE; require_once MYOOS_INCLUDE_PATH . '/includes/system.php'; if (!isset($option)) { require_once MYOOS_INCLUDE_PATH . '/includes/message.php'; require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php'; } // assign Smarty variables; $smarty->assign( array( 'breadcrumb' => $oBreadcrumb->trail(), 'back_link' => $back_link, 'entry_id' => $entry_id, 'process' => $process ) ); if (isset($_GET['action']) && $_GET['action'] == 'edit') { $smarty->assign( array( 'heading_title' => $aLang['heading_title_modify_entry'] ) ); } else { $smarty->assign( array( 'heading_title' => $aLang['heading_title_add_entry'] ) ); } $smarty->assign( array( 'robots' => 'noindex,nofollow,noodp,noydir', 'account_active' => 1, 'gender' => $gender, 'firstname' => $firstname, 'lastname' => $lastname, 'company' => $company, 'street_address' => $street_address, 'postcode' => $postcode, 'city' => $city, 'country' => $country ) ); if ($state_has_zones == 'true') { $aZonesNames = array(); $aZonesValues = array(); $zonestable = $oostable['zones']; $zones_query = "SELECT zone_name FROM $zonestable WHERE zone_country_id = '" . oos_db_input($country) . "' ORDER BY zone_name"; $zones_result = $dbconn->Execute($zones_query); while ($zones = $zones_result->fields) { $aZonesNames[] = $zones['zone_name']; $aZonesValues[] = $zones['zone_name']; $zones_result->MoveNext(); } $smarty->assign('zones_names', $aZonesNames); $smarty->assign('zones_values', $aZonesValues); } else { $state = oos_get_zone_name($country, $zone_id, $state); $smarty->assign('state', $state); $smarty->assign('zone_id', $zone_id); } $country_name = oos_get_country_name($country); $smarty->assign('country_name', $country_name); $smarty->assign('entry', $entry); // display the template $smarty->display($aTemplate['page']);