????
Your IP : 216.73.216.174
<?php
require('includes/application_top.php');
// needs to be included earlier to set the success message in the messageStack
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CREATE_ACCOUNT);
$action = $_POST['action'];
if ($action == 'login'){
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
$check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . $email_address . "'");
if (!tep_db_num_rows($check_customer_query))
{
$success['success'] = 'false';
$success['msg'] = 'Username/Password not match';
echo json_encode($success);
exit;
}
else
{
$check_customer = tep_db_fetch_array($check_customer_query);
if (!tep_validate_password($password, $check_customer['customers_password'])){
$success['success'] = 'false';
$success['msg'] = 'Username/Password not match';
echo json_encode($success);
exit;
}
elseif($check_guest_query = tep_db_fetch_array(tep_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "' and customers_guest = '1' limit 1")))
{
$success['success'] = 'false';
$success['msg'] = 'Username/Password not match';
echo json_encode($success);
exit;
}
else
{
//if (SESSION_RECREATE == 'True') tep_session_recreate();
if (tep_password_type($check_customer['customers_password']) != 'phpass')
tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_encrypt_password($password) . "' where customers_id = '" . (int)$check_customer['customers_id'] . "'");
$check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$check_customer['customers_id'] . "' and address_book_id = '" . (int)$check_customer['customers_default_address_id'] . "'");
$check_country = tep_db_fetch_array($check_country_query);
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
tep_session_register('customer_id');
tep_session_register('customer_default_address_id');
tep_session_register('customer_first_name');
tep_session_register('customer_country_id');
tep_session_register('customer_zone_id');
tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int)$customer_id . "'");
//$sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());
$cart->restore_contents();
$wishList->restore_wishlist();
if(isset($HTTP_POST_VARS['products_id'])) {
if(isset($HTTP_POST_VARS['id'])) {
$attributes_id = $HTTP_POST_VARS['id'];
tep_session_register('attributes_id');
}
$wishlist_id = $HTTP_POST_VARS['products_id'];
tep_session_register('wishlist_id');
$qty = $HTTP_POST_VARS['qty'];
tep_session_register('qty');
}
$success['success'] = 'true';
echo json_encode($success);
}
}
}
/*registration*/
elseif($action == 'creat_account') {
$firstname = tep_db_prepare_input($HTTP_POST_VARS['entry_firstname']);
$lastname = tep_db_prepare_input($HTTP_POST_VARS['entry_lastname']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['entry_email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['entry_password']);
$confirmation = tep_db_prepare_input($HTTP_POST_VARS['entry_password_confirm']);
$check_email_query = tep_db_query("select customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
$check_email = tep_db_fetch_array($check_email_query);
if (!tep_db_num_rows($check_email_query)){
$sql_data_array = array(
'customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_password' => tep_encrypt_password($password));
tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
$customer_id = tep_db_insert_id();
$sql_data_array_ab = array(
'customers_id' => $customer_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname);
tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array_ab);
$address_id = tep_db_insert_id();
tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int)$address_id . "' where customers_id = '" . (int)$customer_id . "'");
tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int)$customer_id . "', '0', now())");
//if (SESSION_RECREATE == 'True') tep_session_recreate();
$customer_first_name = $firstname;
$customer_default_address_id = $address_id;
tep_session_register('customer_id');
tep_session_register('customer_first_name');
tep_session_register('customer_default_address_id');
define('EMAIL_CONTACT', 'For help with any of our online services, please email the store-owner: ' . STORE_OWNER_EMAIL_ADDRESS . '.' . "\n\n");
$name = $firstname. ' ' . $lastname;
$email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
//$sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());
$cart->restore_contents();
$wishList->restore_wishlist();
if(isset($HTTP_POST_VARS['products_id'])) {
if(isset($HTTP_POST_VARS['id'])) {
$attributes_id = $HTTP_POST_VARS['id'];
tep_session_register('attributes_id');
}
$wishlist_id = $HTTP_POST_VARS['products_id'];
$qty = $HTTP_POST_VARS['qty'];
tep_session_register('wishlist_id');
tep_session_register('qty');
}
$success['success'] = 'true';
echo json_encode($success);
} else {
$success['success'] = 'false';
$success['msg'] = 'email already exists';
echo json_encode($success);
exit;
}
/*end registration*/
}
require(DIR_WS_INCLUDES . 'application_bottom.php');
?>