<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: create_account.php,v 1.59 2003/02/14 05:51:17 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_validate_vatid.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/create_account.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
if ( $_SESSION['login_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == 'true') $dob = oos_db_prepare_input($_POST['dob']);
$email_address = oos_db_prepare_input($_POST['email_address']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_TELEPHONE == 'true') $telephone = oos_db_prepare_input($_POST['telephone']);
$password = oos_db_prepare_input($_POST['password']);
$confirmation = oos_db_prepare_input($_POST['confirmation']);
if (isset($_POST['newsletter'])) {
$newsletter = oos_db_prepare_input($_POST['newsletter']);
}
if (isset($_POST['agree'])) {
$agree = oos_db_prepare_input($_POST['agree']);
}
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_DOB == 'true') {
if ((strlen($dob) < ENTRY_DOB_MIN_LENGTH) || (!empty($dob) &&
(!is_numeric(oos_date_raw($dob)) ||
!checkdate(substr(oos_date_raw($dob), 4, 2), substr(oos_date_raw($dob), 6, 2), substr(oos_date_raw($dob), 0, 4))))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_date_of_birth_error'] );
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error']);
} elseif (oos_validate_is_email($email_address) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_check_error']);
} else {
$customerstable = $oostable['customers'];
$check_email_sql = "SELECT customers_email_address
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_email = $dbconn->Execute($check_email_sql);
if ($check_email->RecordCount()) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error_exists']);
}
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error']);
}
}
}
if (CUSTOMER_NOT_LOGIN == 'false') {
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error']);
} elseif ($password != $confirmation) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error_not_matching']);
}
}
if (empty($agree)) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_agree_error']);
}
if ($bError == FALSE) {
$customer_max_order = DEFAULT_MAX_ORDER;
$customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
if (CUSTOMER_NOT_LOGIN == 'true') {
$customers_login = '0';
} else {
$customers_login = '1';
}
$time = mktime();
$wishlist_link_id = oos_create_wishlist_code();
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_status' => $customers_status,
'customers_login' => $customers_login,
'customers_language' => $sLanguage,
'customers_max_order' => $customer_max_order,
'customers_password' => oos_encrypt_password($password),
'customers_wishlist_link_id' => $wishlist_link_id,
'customers_default_address_id' => 1);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = oos_date_raw($dob);
if (ACCOUNT_TELEPHONE == 'true') $sql_data_array['customers_telephone'] = $telephone;
oos_db_perform($oostable['customers'], $sql_data_array);
$customer_id = $dbconn->Insert_ID();
$sql_data_array = array('customers_id' => $customer_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$address_id = $dbconn->Insert_ID();
$customers_table = $oostable['customers'];
$dbconn->Execute("UPDATE $customers_table SET customers_default_address_id = '" . intval($address_id) . "' WHERE customers_id = '" . intval($customer_id) . "'");
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("INSERT INTO $customers_infotable
(customers_info_id,
customers_info_number_of_logons,
customers_info_date_account_created) VALUES ('" . intval($customer_id) . "',
'0',
now())");
if (CUSTOMER_NOT_LOGIN != 'true') {
$_SESSION['customer_id'] = $customer_id;
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_default_address_id'] = $address_id;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
$_SESSION['customer_wishlist_link_id'] = $wishlist_link_id;
$_SESSION['customer_max_order'] = $customer_max_order;
if (ACCOUNT_VAT_ID == 'true') {
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = 1;
} else {
$_SESSION['customers_vat_id_status'] = 0;
}
}
// restore cart contents
$_SESSION['cart']->restore_contents();
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
}
// build the message content
$name = $firstname . " " . $lastname;
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_text = $aLang['email_greet_mr'];
} else {
$email_text = $aLang['email_greet_ms'];
}
} else {
$email_text = $aLang['email_greet_none'];
}
$email_text .= $aLang['email_welcome'];
if (MODULE_ORDER_TOTAL_GV_STATUS == 'true') {
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = oos_create_coupon_code();
$couponstable = $oostable['coupons'];
$insert_result = $dbconn->Execute("INSERT INTO $couponstable
(coupon_code,
coupon_type,
coupon_amount,
date_created) VALUES ('" . oos_db_input($coupon_code) . "',
'G',
'" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "',
now())");
$insert_id = $dbconn->Insert_ID();
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($insert_id) ."',
'0',
'Admin',
'" . $email_address . "',
now() )");
$email_text .= sprintf($aLang['email_gv_incentive_header'], $oCurrencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" .
sprintf($aLang['email_gv_redeem'], $coupon_code) . "\n\n" .
$aLang['email_gv_link'] . oos_href_link($aContents['gv_redeem'], 'gv_no=' . $coupon_code, false, false) .
"\n\n";
}
if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
$coupon_id = NEW_SIGNUP_DISCOUNT_COUPON;
$couponstable = $oostable['coupons'];
$sql = "SELECT *
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'";
$coupon_result = $dbconn->Execute($sql);
$coupons_descriptiontable = $oostable['coupons_description'];
$sql = "SELECT *
FROM " . $coupons_descriptiontable . "
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'
AND coupon_languages_id = '" . intval($nLanguageID) . "'";
$coupon_desc_result = $dbconn->Execute($sql);
$coupon = $coupon_result->fields;
$coupon_desc = $coupon_desc_result->fields;
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($coupon_id) ."',
'0',
'Admin',
'" . oos_db_input($email_address) . "',
now() )");
$email_text .= $aLang['email_coupon_incentive_header'] . "\n\n" .
$coupon_desc['coupon_description'] .
sprintf($aLang['email_coupon_redeem'], $coupon['coupon_code']) . "\n\n" .
"\n\n";
}
}
$email_text .= $aLang['email_text'] . $aLang['email_contact'] . $aLang['email_warning'] . $aLang['email_disclaimer'];
oos_mail($name, $email_address, $aLang['email_subject'], nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '3');
if (SEND_CUSTOMER_EDIT_EMAILS == 'true') {
$email_owner = $aLang['owner_email_subject'] . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" .
$aLang['email_separator'] . "\n";
if (ACCOUNT_COMPANY == 'true') {
$email_owner .= $aLang['owner_email_company_info'] . "\n" .
$aLang['owner_email_company'] . ' ' . $company . "\n";
if (ACCOUNT_OWNER == 'true') {
$email_owner .= $aLang['owner_email_owner'] . ' ' . $owner . "\n";
}
if (ACCOUNT_VAT_ID == 'true') {
$email_owner .= $aLang['entry_vat_id'] . ' ' . $vat_id . "\n";
}
}
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['male'] . "\n";
} else {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['female'] . "\n";
}
}
$email_owner .= $aLang['owner_email_first_name'] . ' ' . $firstname . "\n" .
$aLang['owner_email_last_name'] . ' ' . $lastname . "\n\n" .
$aLang['owner_email_street'] . ' ' . $street_address . "\n" .
$aLang['owner_email_post_code'] . ' ' . $postcode . "\n" .
$aLang['owner_email_city'] . ' ' . $city . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_contact'] . "\n" .
$aLang['owner_email_telephone_number'] . ' ' . $telephone . "\n" .
$aLang['owner_email_address'] . ' ' . $email_address . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_options'] . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $aLang['owner_email_subject'], nl2br($email_owner), $name, $email_address, '1');
}
if (NEWSLETTER == 'true') {
if ( isset($newsletter) && ($newsletter == 'yes') ) {
oos_newsletter_subscribe_mail($email_address);
}
}
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
oos_redirect($origin_href);
}
oos_redirect(oos_href_link($aContents['create_account_success']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['create_account']));
$sCanonical = oos_href_link($aContents['create_account'], '', FALSE, TRUE);
$snapshot = count($_SESSION['navigation']->snapshot);
if (isset($_GET['email_address'])) {
$email_address = oos_db_prepare_input($_GET['email_address']);
}
$account['entry_country_id'] = STORE_COUNTRY;
$aTemplate['page'] = $sTheme . '/page/create_account.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('create_account') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('create_account') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
$smarty->assign('account', $account);
$smarty->assign('email_address', $email_address);
$smarty->assign('snapshot', $snapshot);
$smarty->assign('login_orgin_text', sprintf($aLang['text_origin_login'], oos_href_link($aContents['login'], '')));
$smarty->assign('login_agree', sprintf($aLang['agree'], oos_href_link($aContents['information'], 'information_id=2'), oos_href_link($aContents['information'], 'information_id=4')));
// display the template
$smarty->display($aTemplate['page']);