$item) { $properties_more = $item["PROPERTIES_MORE"]; if (!$properties_more) { $total_items++; } } } if (!$total_items) { $rp = get_param("rp"); $rp = strlen($rp) ? "basket.php?rp=" . urlencode($rp) : "basket.php"; header("Location: " . $rp); exit; } $secure_url = get_setting_value($settings, "secure_url", ""); $secure_order_profile = get_setting_value($settings, "secure_order_profile", 0); $secure_user_profile = get_setting_value($settings, "secure_user_profile", 0); if ($secure_order_profile) { $order_info_url = $secure_url . "order_info.php"; } else { $order_info_url = "order_info.php"; } if ($secure_user_profile) { $user_profile_url = $secure_url . "user_profile.php?return_page=" . urlencode($order_info_url); } else { $user_profile_url = "user_profile.php?return_page=" . urlencode($order_info_url); } set_session("session_vc", ""); set_session("session_order_id", ""); set_session("session_payment_id", ""); if(get_session("session_user_id")) { header("Location: " . $order_info_url); exit; } $t = new VA_Template($settings["templates_dir"]); $t->set_file("main","checkout.html"); $t->set_var("order_info_href", "order_info.php"); $t->set_var("order_info_url", $order_info_url); $t->set_var("user_profile_href", "user_profile.php"); $t->set_var("user_profile_url", $user_profile_url); $t->set_var("forgot_password_href", "forgot_password.php"); $t->set_var("CHECKOUT_LOGIN_TITLE", CHECKOUT_LOGIN_TITLE); $t->set_var("CHECKOUT_WITHOUT_MSG", CHECKOUT_WITHOUT_MSG); $t->set_var("OPEN_AND_CHECKOUT_MSG", OPEN_AND_CHECKOUT_MSG); $t->set_var("NEW_USER_MSG", NEW_USER_MSG); $t->set_var("SIGN_UP_MSG", SIGN_UP_MSG); $t->set_var("EXISTS_USER_MSG", EXISTS_USER_MSG); $t->set_var("ENTER_LOGIN_MSG", ENTER_LOGIN_MSG); $t->set_var("LOGIN_FIELD", LOGIN_FIELD); $t->set_var("PASSWORD_FIELD", PASSWORD_FIELD); $t->set_var("REMEMBER_LOGIN_MSG", REMEMBER_LOGIN_MSG); $t->set_var("SIGN_IN_BUTTON", SIGN_IN_BUTTON); $t->set_var("LOGIN_AS_MSG", LOGIN_AS_MSG); $t->set_var("ACCESS_HOME_MSG", ACCESS_HOME_MSG); $t->set_var("CLICK_HERE_MSG", CLICK_HERE_MSG); $t->set_var("LOGOUT_BUTTON", LOGOUT_BUTTON); $t->set_var("FORGOT_PASSWORD_MSG", FORGOT_PASSWORD_MSG); $login = get_cookie("cookie_user_login"); $password = get_cookie("cookie_user_password"); if(strlen($login) && strlen($password)) { $cookie_login = true; } else { $cookie_login = false; $login = ""; $password = ""; } $errors = ""; $remember_me = get_param("remember_me"); $action = get_param("action"); if($action == "login" || $cookie_login) { if(!$cookie_login) { $login = get_param("login"); $password = get_param("password"); if(!strlen($login)) { $error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE); $errors .= $error_message . "
"; } if(!strlen($password)) { $error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE); $errors .= $error_message . "
"; } } if(!$errors && check_black_ip()) { $errors = BLACK_IP_MSG; } if(!strlen($errors)) { $password_encrypt = get_setting_value($settings, "password_encrypt", 0); if ($password_encrypt == 1) { $password_match = md5($password); } else { $password_match = $password; } $sql = " SELECT u.user_id,u.user_type_id,u.name,u.first_name,u.last_name,u.email,u.is_approved, "; $sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, "; $sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, "; $sql .= " ut.price_type, c.currency_code "; $sql .= " FROM ((" . $table_prefix . "users u "; $sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) "; $sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_code=c.country_code) "; $sql .= " WHERE login=" . $db->tosql($login, TEXT); $sql .= " AND password=" . $db->tosql($password_match, TEXT); $db->query($sql); if($db->next_record()) { $is_approved = $db->f("is_approved"); if ($is_approved) { $user_id = $db->f("user_id"); $currency_code = $db->f("currency_code"); $user_discount_type = $db->f("user_discount_type"); $user_discount_amount = $db->f("user_discount_amount"); $group_discount_type = $db->f("group_discount_type"); $group_discount_amount = $db->f("group_discount_amount"); $price_type = $db->f("price_type"); set_session("session_user_id", $user_id); set_session("session_user_type_id", $db->f("user_type_id")); set_session("session_user_login", $login); if(strlen($db->f("name"))) { $user_name = $db->f("name"); } else if (strlen($db->f("first_name")) || strlen($db->f("last_name"))) { $user_name = $db->f("first_name") . " " . $db->f("last_name"); } else { $user_name = $login; } set_session("session_user_name", $user_name); set_session("session_user_email", $db->f("email")); if ($user_discount_type > 0) { set_session("session_discount_type", $user_discount_type); set_session("session_discount_amount", $user_discount_amount); } else if ($group_discount_type) { set_session("session_discount_type", $group_discount_type); set_session("session_discount_amount", $group_discount_amount); } set_session("session_price_type", $price_type); if($remember_me) { setcookie("cookie_user_login", $login, time() + 3600 * 24 * 366); setcookie("cookie_user_password", $password, time() + 3600 * 24 * 366); } // get currency if available if ($currency_code) { get_currency($currency_code); } // update last visit time $sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME); $sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT); $sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER); $db->query($sql); header("Location: " . $order_info_url); exit; } else { $errors .= ACCOUNT_APPROVE_ERROR . "
"; } } else { $errors .= LOGIN_PASSWORD_ERROR . "
"; if($cookie_login) { setcookie("cookie_user_login"); setcookie("cookie_user_password"); } } } } if($remember_me) $t->set_var("remember_me", "checked"); else $t->set_var("remember_me", ""); $t->set_var("login", htmlspecialchars($login)); $user_registration = get_setting_value($settings, "user_registration", 0); if ($user_registration == 1) { $t->set_var("checkout_without_link", ""); } else { $t->parse("checkout_without_link", false); } if(strlen($errors)) { $t->set_var("errors_list", $errors); $t->parse("errors", false); } else { $t->set_var("errors", ""); } include("./header.php"); include("./footer.php"); $t->pparse("main"); ?>