$item) {
$properties_more = $item["PROPERTIES_MORE"];
if (!$properties_more) {
$total_items++;
}
}
}
if (!$total_items) {
$rp = get_param("rp");
$rp = strlen($rp) ? "basket.php?rp=" . urlencode($rp) : "basket.php";
header("Location: " . $rp);
exit;
}
$secure_url = get_setting_value($settings, "secure_url", "");
$secure_order_profile = get_setting_value($settings, "secure_order_profile", 0);
$secure_user_profile = get_setting_value($settings, "secure_user_profile", 0);
if ($secure_order_profile) {
$order_info_url = $secure_url . "order_info.php";
} else {
$order_info_url = "order_info.php";
}
if ($secure_user_profile) {
$user_profile_url = $secure_url . "user_profile.php?return_page=" . urlencode($order_info_url);
} else {
$user_profile_url = "user_profile.php?return_page=" . urlencode($order_info_url);
}
set_session("session_vc", "");
set_session("session_order_id", "");
set_session("session_payment_id", "");
if(get_session("session_user_id"))
{
header("Location: " . $order_info_url);
exit;
}
$t = new VA_Template($settings["templates_dir"]);
$t->set_file("main","checkout.html");
$t->set_var("order_info_href", "order_info.php");
$t->set_var("order_info_url", $order_info_url);
$t->set_var("user_profile_href", "user_profile.php");
$t->set_var("user_profile_url", $user_profile_url);
$t->set_var("forgot_password_href", "forgot_password.php");
$t->set_var("CHECKOUT_LOGIN_TITLE", CHECKOUT_LOGIN_TITLE);
$t->set_var("CHECKOUT_WITHOUT_MSG", CHECKOUT_WITHOUT_MSG);
$t->set_var("OPEN_AND_CHECKOUT_MSG", OPEN_AND_CHECKOUT_MSG);
$t->set_var("NEW_USER_MSG", NEW_USER_MSG);
$t->set_var("SIGN_UP_MSG", SIGN_UP_MSG);
$t->set_var("EXISTS_USER_MSG", EXISTS_USER_MSG);
$t->set_var("ENTER_LOGIN_MSG", ENTER_LOGIN_MSG);
$t->set_var("LOGIN_FIELD", LOGIN_FIELD);
$t->set_var("PASSWORD_FIELD", PASSWORD_FIELD);
$t->set_var("REMEMBER_LOGIN_MSG", REMEMBER_LOGIN_MSG);
$t->set_var("SIGN_IN_BUTTON", SIGN_IN_BUTTON);
$t->set_var("LOGIN_AS_MSG", LOGIN_AS_MSG);
$t->set_var("ACCESS_HOME_MSG", ACCESS_HOME_MSG);
$t->set_var("CLICK_HERE_MSG", CLICK_HERE_MSG);
$t->set_var("LOGOUT_BUTTON", LOGOUT_BUTTON);
$t->set_var("FORGOT_PASSWORD_MSG", FORGOT_PASSWORD_MSG);
$login = get_cookie("cookie_user_login");
$password = get_cookie("cookie_user_password");
if(strlen($login) && strlen($password))
{
$cookie_login = true;
}
else
{
$cookie_login = false;
$login = "";
$password = "";
}
$errors = "";
$remember_me = get_param("remember_me");
$action = get_param("action");
if($action == "login" || $cookie_login)
{
if(!$cookie_login)
{
$login = get_param("login");
$password = get_param("password");
if(!strlen($login)) {
$error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "
";
}
if(!strlen($password)) {
$error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "
";
}
}
if(!$errors && check_black_ip()) {
$errors = BLACK_IP_MSG;
}
if(!strlen($errors))
{
$password_encrypt = get_setting_value($settings, "password_encrypt", 0);
if ($password_encrypt == 1) {
$password_match = md5($password);
} else {
$password_match = $password;
}
$sql = " SELECT u.user_id,u.user_type_id,u.name,u.first_name,u.last_name,u.email,u.is_approved, ";
$sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, ";
$sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, ";
$sql .= " ut.price_type, c.currency_code ";
$sql .= " FROM ((" . $table_prefix . "users u ";
$sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) ";
$sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_code=c.country_code) ";
$sql .= " WHERE login=" . $db->tosql($login, TEXT);
$sql .= " AND password=" . $db->tosql($password_match, TEXT);
$db->query($sql);
if($db->next_record())
{
$is_approved = $db->f("is_approved");
if ($is_approved) {
$user_id = $db->f("user_id");
$currency_code = $db->f("currency_code");
$user_discount_type = $db->f("user_discount_type");
$user_discount_amount = $db->f("user_discount_amount");
$group_discount_type = $db->f("group_discount_type");
$group_discount_amount = $db->f("group_discount_amount");
$price_type = $db->f("price_type");
set_session("session_user_id", $user_id);
set_session("session_user_type_id", $db->f("user_type_id"));
set_session("session_user_login", $login);
if(strlen($db->f("name"))) {
$user_name = $db->f("name");
} else if (strlen($db->f("first_name")) || strlen($db->f("last_name"))) {
$user_name = $db->f("first_name") . " " . $db->f("last_name");
} else {
$user_name = $login;
}
set_session("session_user_name", $user_name);
set_session("session_user_email", $db->f("email"));
if ($user_discount_type > 0) {
set_session("session_discount_type", $user_discount_type);
set_session("session_discount_amount", $user_discount_amount);
} else if ($group_discount_type) {
set_session("session_discount_type", $group_discount_type);
set_session("session_discount_amount", $group_discount_amount);
}
set_session("session_price_type", $price_type);
if($remember_me)
{
setcookie("cookie_user_login", $login, time() + 3600 * 24 * 366);
setcookie("cookie_user_password", $password, time() + 3600 * 24 * 366);
}
// get currency if available
if ($currency_code) {
get_currency($currency_code);
}
// update last visit time
$sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME);
$sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT);
$sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
$db->query($sql);
header("Location: " . $order_info_url);
exit;
} else {
$errors .= ACCOUNT_APPROVE_ERROR . "
";
}
}
else
{
$errors .= LOGIN_PASSWORD_ERROR . "
";
if($cookie_login)
{
setcookie("cookie_user_login");
setcookie("cookie_user_password");
}
}
}
}
if($remember_me)
$t->set_var("remember_me", "checked");
else
$t->set_var("remember_me", "");
$t->set_var("login", htmlspecialchars($login));
$user_registration = get_setting_value($settings, "user_registration", 0);
if ($user_registration == 1) {
$t->set_var("checkout_without_link", "");
} else {
$t->parse("checkout_without_link", false);
}
if(strlen($errors))
{
$t->set_var("errors_list", $errors);
$t->parse("errors", false);
}
else
{
$t->set_var("errors", "");
}
include("./header.php");
include("./footer.php");
$t->pparse("main");
?>