PageRenderTime 28ms CodeModel.GetById 0ms RepoModel.GetById 1ms app.codeStats 0ms

/includes/modules/pages/account_edit/header_php.php

https://github.com/yama/zencart13x-ja
PHP | 186 lines | 137 code | 34 blank | 15 comment | 65 complexity | dfa38f739647b80e4d95856793ac330c MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Header code file for the customer's Account-Edit page
    4. 

  4.  *
    5. 

  5.  * @package page
    6. 

  6.  * @copyright Copyright 2003-2006 Zen Cart Development Team
    7. 

  7.  * @copyright Portions Copyright 2003 osCommerce
    8. 

  8.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
    9. 

  9.  * @version $Id: header_php.php 4825 2006-10-23 22:25:11Z drbyte $
    10. 

  10.  */
    11. 

  11. // This should be first line of the script:
    12. 

  12. $zco_notifier->notify('NOTIFY_HEADER_START_ACCOUNT_EDIT');
    13. 

  13. 

  14. if (!$_SESSION['customer_id']) {
    15. 

  15.   $_SESSION['navigation']->set_snapshot();
    16. 

  16.   zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
    17. 

  17. }
    18. 

  18. 

  19. require(DIR_WS_MODULES . zen_get_module_directory('require_languages.php'));
    20. 

  20. if (isset($_POST['action']) && ($_POST['action'] == 'process')) {
    21. 

  21.   if (ACCOUNT_GENDER == 'true') $gender = zen_db_prepare_input($_POST['gender']);
    22. 

  22.   $firstname = zen_db_prepare_input($_POST['firstname']);
    23. 

  23.   $lastname = zen_db_prepare_input($_POST['lastname']);
    24. 

  24.   if (ACCOUNT_DOB == 'true') $dob = (empty($_POST['dob']) ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_db_prepare_input($_POST['dob']));
    25. 

  25.   $email_address = zen_db_prepare_input($_POST['email_address']);
    26. 

  26.   $email_format = zen_db_prepare_input($_POST['email_format']);
    27. 

  27. 

  28.   if (CUSTOMERS_REFERRAL_STATUS == '2' and $_POST['customers_referral'] != '') $customers_referral = zen_db_prepare_input($_POST['customers_referral']);
    29. 

  29. 

  30.   $error = false;
    31. 

  31. 

  32.   if (ACCOUNT_GENDER == 'true') {
    33. 

  33.     if ( ($gender != 'm') && ($gender != 'f') ) {
    34. 

  34.       $error = true;
    35. 

  35.       $messageStack->add('account_edit', ENTRY_GENDER_ERROR);
    36. 

  36.     }
    37. 

  37.   }
    38. 

  38. 

  39.   if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
    40. 

  40.     $error = true;
    41. 

  41.     $messageStack->add('account_edit', ENTRY_FIRST_NAME_ERROR);
    42. 

  42.   }
    43. 

  43. 

  44.   if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
    45. 

  45.     $error = true;
    46. 

  46.     $messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
    47. 

  47.   }
    48. 

  48. 

  49.   if (ACCOUNT_DOB == 'true') {
    50. 

  50.     if (ENTRY_DOB_MIN_LENGTH > 0 or !empty($_POST['dob'])) {
    51. 

  51.       if (substr_count($dob,'/') > 2 || checkdate((int)substr(zen_date_raw($dob), 4, 2), (int)substr(zen_date_raw($dob), 6, 2), (int)substr(zen_date_raw($dob), 0, 4)) == false) {
    52. 

  52.         $error = true;
    53. 

  53.         $messageStack->add('account_edit', ENTRY_DATE_OF_BIRTH_ERROR);
    54. 

  54.       }
    55. 

  55.     }
    56. 

  56.   }
    57. 

  57. 

  58.   if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
    59. 

  59.     $error = true;
    60. 

  60.     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
    61. 

  61.   }
    62. 

  62. 

  63.   if (!zen_validate_email($email_address)) {
    64. 

  64.     $error = true;
    65. 

  65.     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
    66. 

  66.   }
    67. 

  67. 

  68.   $check_email_query = "SELECT count(*) AS total
    69. 

  69.                         FROM   " . TABLE_CUSTOMERS . "
    70. 

  70.                         WHERE  customers_email_address = :emailAddress
    71. 

  71.                         AND    customers_id != :customersID";
    72. 

    73. 

  73.   $check_email_query = $db->bindVars($check_email_query, ':emailAddress', $email_address, 'string');
    74. 

  74.   $check_email_query = $db->bindVars($check_email_query, ':customersID', $_SESSION['customer_id'], 'integer');
    75. 

  75.   $check_email = $db->Execute($check_email_query);
    76. 

  76. 

  77.   if ($check_email->fields['total'] > 0) {
    78. 

  78.     $error = true;
    79. 

  79.     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
    80. 

  80. 

  81.     // check phpBB for duplicate email address
    82. 

  82.     if ($phpBB->phpbb_check_for_duplicate_email(zen_db_input($email_address)) == 'already_exists' ) {
    83. 

  83.       $error = true;
    84. 

  84.       $messageStack->add('account_edit', 'phpBB-'.ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
    85. 

  85.     }
    86. 

  86.   }
    87. 

  87. 

  88. 

  89.   if ($error == false) {
    90. 

  90.     //update phpBB with new email address
    91. 

  91.     $old_addr_check=$db->Execute("select customers_email_address from ".TABLE_CUSTOMERS." where customers_id='".(int)$_SESSION['customer_id']."'");
    92. 

  92.     $phpBB->phpbb_change_email(zen_db_input($old_addr_check->fields['customers_email_address']),zen_db_input($email_address));
    93. 

  93. 

  94.     $sql_data_array = array(array('fieldName'=>'customers_firstname', 'value'=>$firstname, 'type'=>'string'),
    95. 

  95.                             array('fieldName'=>'customers_lastname', 'value'=>$lastname, 'type'=>'string'),
    96. 

  96.                             array('fieldName'=>'customers_email_address', 'value'=>$email_address, 'type'=>'string'),
    97. 

  97.                             array('fieldName'=>'customers_email_format', 'value'=>$email_format, 'type'=>'string')
    98. 

  98.     );
    99. 

  99. 

  100.     if ((CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '')) {
    101. 

  101.       $sql_data_array[] = array('fieldName'=>'customers_referral', 'value'=>$customers_referral, 'type'=>'string');
    102. 

  102.     }
    103. 

  103.     if (ACCOUNT_GENDER == 'true') {
    104. 

  104.       $sql_data_array[] = array('fieldName'=>'customers_gender', 'value'=>$gender, 'type'=>'string');
    105. 

  105.     }
    106. 

  106.     if (ACCOUNT_DOB == 'true') {
    107. 

  107.       if ($dob == '0001-01-01 00:00:00' or $_POST['dob'] == '') {
    108. 

  108.         $sql_data_array[] = array('fieldName'=>'customers_dob', 'value'=>'0001-01-01 00:00:00', 'type'=>'date');
    109. 

  109.       } else {
    110. 

  110.         $sql_data_array[] = array('fieldName'=>'customers_dob', 'value'=>zen_date_raw($_POST['dob']), 'type'=>'date');
    111. 

  111.       }
    112. 

  112.     }
    113. 

  113. 

  114.     $where_clause = "customers_id = :customersID";
    115. 

  115.     $where_clause = $db->bindVars($where_clause, ':customersID', $_SESSION['customer_id'], 'integer');
    116. 

  116.     $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', $where_clause);
    117. 

  117. 

  118.     $sql = "UPDATE " . TABLE_CUSTOMERS_INFO . "
    119. 

  119.             SET    customers_info_date_account_last_modified = now()
    120. 

  120.             WHERE  customers_info_id = :customersID";
    121. 

    122. 

  122.     $sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer');
    123. 

  123. 

  124.     $db->Execute($sql);
    125. 

  125. 

  126.     $where_clause = "customers_id = :customersID AND address_book_id = :customerDefaultAddressID";
    127. 

  127.     $where_clause = $db->bindVars($where_clause, ':customersID', $_SESSION['customer_id'], 'integer');
    128. 

  128.     $where_clause = $db->bindVars($where_clause, ':customerDefaultAddressID', $_SESSION['customer_default_address_id'], 'integer');
    129. 

  129.     $sql_data_array = array(array('fieldName'=>'entry_firstname', 'value'=>$firstname, 'type'=>'string'),
    130. 

  130.     array('fieldName'=>'entry_lastname', 'value'=>$lastname, 'type'=>'string'));
    131. 

  131.     if (ACCOUNT_GENDER == 'true') {
    132. 

  132.       $sql_data_array[] = array('fieldName'=>'entry_gender', 'value'=>$gender, 'type'=>'string');
    133. 

  133.     }
    134. 

  134.     $db->perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', $where_clause);
    135. 

  135. 

  136.     $zco_notifier->notify('NOTIFY_HEADER_ACCOUNT_EDIT_UPDATES_COMPLETE');
    137. 

  137. 

  138.     // reset the session variables
    139. 

  139.     $_SESSION['customer_first_name'] = $firstname;
    140. 

  140. 

  141.     $messageStack->add_session('account', SUCCESS_ACCOUNT_UPDATED, 'success');
    142. 

  142. 

  143.     zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
    144. 

  144.   }
    145. 

  145. }
    146. 

  146. 

  147. $account_query = "SELECT customers_gender, customers_firstname, customers_lastname,
    148. 

  148.                          customers_dob, customers_email_address, customers_telephone,
    149. 

  149.                          customers_fax, customers_email_format, customers_referral
    150. 

  150.                   FROM   " . TABLE_CUSTOMERS . "
    151. 

  151.                   WHERE  customers_id = :customersID";
    152. 

    153. 

  153. $account_query = $db->bindVars($account_query, ':customersID', $_SESSION['customer_id'], 'integer');
    154. 

  154. $account = $db->Execute($account_query);
    155. 

  155. if (ACCOUNT_GENDER == 'true') {
    156. 

  156.   if (isset($gender)) {
    157. 

  157.     $male = ($gender == 'm') ? true : false;
    158. 

  158.   } else {
    159. 

  159.     $male = ($account->fields['customers_gender'] == 'm') ? true : false;
    160. 

  160.   }
    161. 

  161.   $female = !$male;
    162. 

  162. }
    163. 

  163. 

  164. // if DOB field has database default setting, show blank:
    165. 

  165. $dob = ($dob == '0001-01-01 00:00:00') ? '' : $dob;
    166. 

  166. 

  167. $customers_referral = $account->fields['customers_referral'];
    168. 

  168. 

  169. if (isset($customers_email_format)) {
    170. 

  170.   $email_pref_html = (($customers_email_format == 'HTML') ? true : false);
    171. 

  171.   $email_pref_none = (($customers_email_format == 'NONE') ? true : false);
    172. 

  172.   $email_pref_optout = (($customers_email_format == 'OUT')  ? true : false);
    173. 

  173.   $email_pref_text = (($email_pref_html || $email_pref_none || $email_pref_out) ? false : true);  // if not in any of the others, assume TEXT
    174. 

  174. } else {
    175. 

  175.   $email_pref_html = (($account->fields['customers_email_format'] == 'HTML') ? true : false);
    176. 

  176.   $email_pref_none = (($account->fields['customers_email_format'] == 'NONE') ? true : false);
    177. 

  177.   $email_pref_optout = (($account->fields['customers_email_format'] == 'OUT')  ? true : false);
    178. 

  178.   $email_pref_text = (($email_pref_html || $email_pref_none || $email_pref_out) ? false : true);  // if not in any of the others, assume TEXT
    179. 

  179. }
    180. 

  180. 

  181. $breadcrumb->add(NAVBAR_TITLE_1, zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
    182. 

  182. $breadcrumb->add(NAVBAR_TITLE_2);
    183. 

  183. 

  184. // This should be last line of the script:
    185. 

  185. $zco_notifier->notify('NOTIFY_HEADER_END_ACCOUNT_EDIT');
    186. 

  186. ?>
    187.