175 lines
6.4 KiB
PHP
175 lines
6.4 KiB
PHP
<?php
|
|
/* ----------------------------------------------------------------------
|
|
|
|
MyOOS [Shopsystem]
|
|
https://www.oos-shop.de
|
|
|
|
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
|
|
----------------------------------------------------------------------
|
|
Based on:
|
|
|
|
File: login.php,v 1.75 2003/02/13 03:01:49 hpdl
|
|
----------------------------------------------------------------------
|
|
osCommerce, Open Source E-Commerce Solutions
|
|
http://www.oscommerce.com
|
|
|
|
Copyright (c) 2003 osCommerce
|
|
|
|
Max Order - 2003/04/27 JOHNSON - Copyright (c) 2003 Matti Ressler - mattifinn@optusnet.com.au
|
|
----------------------------------------------------------------------
|
|
Released under the GNU General Public License
|
|
---------------------------------------------------------------------- */
|
|
|
|
/** ensure this file is being included by a parent file */
|
|
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
|
|
|
|
$bError = FALSE;
|
|
|
|
// start the session
|
|
if ( $session->hasStarted() === FALSE ) $session->start();
|
|
|
|
if (!isset($_SESSION['user'])) {
|
|
$_SESSION['user'] = new oosUser();
|
|
$_SESSION['user']->anonymous();
|
|
}
|
|
|
|
|
|
// require the password crypto functions
|
|
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
|
|
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_login.php';
|
|
|
|
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
|
|
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
|
|
|
|
$email_address = oos_prepare_input($_POST['email_address']);
|
|
$password = oos_prepare_input($_POST['password']);
|
|
|
|
if ( empty( $email_address ) || !is_string( $email_address ) ) {
|
|
$_SESSION['error_message'] = $aLang['text_login_error'];
|
|
oos_redirect(oos_href_link($aContents['login']));
|
|
}
|
|
|
|
if ( empty( $password ) || !is_string( $password ) ) {
|
|
$_SESSION['error_message'] = $aLang['text_login_error'];
|
|
oos_redirect(oos_href_link($aContents['login']));
|
|
}
|
|
|
|
/* Check if it is ok to login */
|
|
if (!isset($_SESSION['password_forgotten_count'])) {
|
|
$_SESSION['login_count'] = 1;
|
|
} else {
|
|
$_SESSION['login_count'] ++;
|
|
}
|
|
|
|
if ( $_SESSION['login_count'] > 3) {
|
|
oos_redirect(oos_href_link($aContents['403']));
|
|
}
|
|
|
|
// Check if email exists
|
|
$customerstable = $oostable['customers'];
|
|
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,
|
|
customers_password, customers_wishlist_link_id, customers_language,
|
|
customers_email_address, customers_default_address_id, customers_max_order
|
|
FROM $customerstable
|
|
WHERE customers_login = '1'
|
|
AND customers_email_address = '" . oos_db_input($email_address) . "'";
|
|
$check_customer_result = $dbconn->Execute($sql);
|
|
|
|
if (!$check_customer_result->RecordCount()) {
|
|
$bError = TRUE;
|
|
} else {
|
|
$check_customer = $check_customer_result->fields;
|
|
|
|
// Check that password is good
|
|
if (!oos_validate_password($password, $check_customer['customers_password'])) {
|
|
$bError = TRUE;
|
|
} else {
|
|
$address_booktable = $oostable['address_book'];
|
|
$sql = "SELECT entry_vat_id, entry_vat_id_status, entry_country_id, entry_zone_id
|
|
FROM $address_booktable
|
|
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'
|
|
AND address_book_id = '" . intval($check_customer['customers_default_address_id']) . "'";
|
|
$check_country = $dbconn->GetRow($sql);
|
|
|
|
if ($check_customer['customers_language'] == '') {
|
|
$customerstable = $oostable['customers'];
|
|
$dbconn->Execute("UPDATE $customerstable
|
|
SET customers_language = '" . oos_db_input($sLanguage) . "'
|
|
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'");
|
|
}
|
|
|
|
|
|
$_SESSION['login_count'] = 1;
|
|
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
|
|
$_SESSION['customer_id'] = $check_customer['customers_id'];
|
|
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
|
|
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $check_customer['customers_gender'];
|
|
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
|
|
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
|
|
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
|
|
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
|
|
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
|
|
if (ACCOUNT_VAT_ID == 'true') $_SESSION['customers_vat_id_status'] = $check_country['entry_vat_id_status'];
|
|
|
|
$_SESSION['user']->restore_group();
|
|
$aUser = $_SESSION['user']->group;
|
|
|
|
$customers_infotable = $oostable['customers_info'];
|
|
$dbconn->Execute("UPDATE $customers_infotable
|
|
SET customers_info_date_of_last_logon = now(),
|
|
customers_info_number_of_logons = customers_info_number_of_logons+1
|
|
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
|
|
|
|
// restore cart contents
|
|
$_SESSION['cart']->restore_contents();
|
|
|
|
if (count($_SESSION['navigation']->snapshot) > 0) {
|
|
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
|
|
$_SESSION['navigation']->clear_snapshot();
|
|
oos_redirect($origin_href);
|
|
} else {
|
|
oos_redirect(oos_href_link($aContents['account']));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
// links breadcrumb
|
|
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['login']));
|
|
$sCanonical = oos_href_link($aContents['login'], '', FALSE, TRUE);
|
|
|
|
if (isset($bError) && ($bError == TRUE)) {
|
|
$sErrorMessage = $aLang['text_login_error'];
|
|
}
|
|
|
|
$aTemplate['page'] = $sTheme . '/page/user_login.html';
|
|
|
|
$nPageType = OOS_PAGE_TYPE_SERVICE;
|
|
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
|
|
|
|
if ($oMessage->size('login') > 0) {
|
|
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('login') );
|
|
}
|
|
|
|
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
|
|
if (!isset($option)) {
|
|
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
|
|
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
|
|
}
|
|
|
|
// assign Smarty variables;
|
|
$smarty->assign(
|
|
array(
|
|
'breadcrumb' => $oBreadcrumb->trail(),
|
|
'heading_title' => $aLang['navbar_title'],
|
|
'robots' => 'noindex,follow,noodp,noydir',
|
|
'login_active' => 1,
|
|
|
|
'canonical' => $sCanonical
|
|
)
|
|
);
|
|
|
|
// display the template
|
|
$smarty->display($aTemplate['page']);
|