/*
Copyright (c), 1999, 2000 - phpauction
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation (version 2 or later).
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
include "./includes/messages.inc.php";
include "./includes/config.inc.php";
include "./includes/countries.inc.php";
if(empty($action))
{
$action = "login";
}
if (($REQUEST_METHOD=="GET" && $action=="login") && !$HTTP_COOKIE_VARS["$LOGGED_IN_COOKIE"])
{
include "header.php";
include "templates/template_user_login_php.html";
}
if (($REQUEST_METHOD=="POST" && $action=="login") || ($HTTP_COOKIE_VARS["$LOGGED_IN_COOKIE"] && $REQUEST_METHOD!="POST"))
{
if (($TPL_nick && $TPL_password) || $HTTP_COOKIE_VARS[$LOGGED_IN_COOKIE])
{
if(!$TPL_nick)
{
$TPL_nick = $HTTP_COOKIE_VARS["$LOGGED_IN_NICK"];
}
$sql="SELECT * FROM users WHERE nick=\"". AddSlashes($TPL_nick)."\"";
$res=mysql_query ($sql);
if ($res)
{
if (mysql_num_rows($res)>0)
{
$arr=mysql_fetch_array ($res);
if ((md5($MD5_PREFIX.$TPL_password) == $arr[password]) || $HTTP_COOKIE_VARS["$LOGGED_IN_COOKIE"])
{
if(!$HTTP_COOKIE_VARS["$LOGGED_IN_NICK"])
{
//-- Login user
setcookie($LOGGED_IN_COOKIE,$arr["id"]);
setcookie($LOGGED_IN_NICK,$TPL_nick);
}
$TPL_id_hidden=$arr[id];
$TPL_name=$arr[name];
$TPL_nick=$arr[nick];
$TPL_password="";
$TPL_repeat_password="";
$TPL_email=$arr[email];
$TPL_birthdate=$arr[birthdate ];
$TPL_address=$arr[address];
$TPL_city=$arr[city];
$TPL_prov=$arr[prov];
$TPL_country=$arr[country];
$TPL_zip=$arr[zip];
$TPL_phone=$arr[phone];
$TPL_status = $arr[status];
$TPL_p18 = $arr[p18];
$TPL_newsletter = $arr[newsletter];
if ($arr[rate_num])
{
$TPL_rate=round($arr[rate_sum]/$arr[rate_num]);
}
else
{
$TPL_rate=0;
}
$TPL_birthdate = substr($TPL_birthdate,6,2).".".
substr($TPL_birthdate,4,2).".".
substr($TPL_birthdate,0,4);
$country="";
while (list ($code, $name) = each ($countries))
{
$bodi = $code + 1;
$country .= "";
$status.= "";
*/
$newsletter = "";
$newsletter.= "";
$expires = time()+(60*60*34*265*10); // Cookie expires in 10 years.
setcookie("YA_USER_NICK",$TPL_nick,$expires,'','',0);
include "header.php";
include "templates/template_change_details_php.html";
}
else
{
$TPL_err=1;
$TPL_errmsg=$ERR_101;
}
}
else
{
$TPL_err=1;
$TPL_errmsg=$ERR_100;
}
}
else
{
$TPL_err=1;
$TPL_errmsg=$ERR_001;
}
}
else
{
$TPL_err=1;
$TPL_errmsg=$ERR_112;
}
}
if ($REQUEST_METHOD=="POST" && $action=="update")
{
if ($TPL_name && $TPL_nick && $TPL_email && $TPL_address && $TPL_city && $TPL_country && $TPL_zip && $TPL_phone && $TPL_status && $TPL_newsletter)
{
if (strlen($TPL_nick)<6)
{
$TPL_err=1;
$TPL_errmsg=$ERR_010;
}
else if (strlen($TPL_password)<6 && strlen($TPL_password) > 0)
{
$TPL_err=1;
$TPL_errmsg=$ERR_011;
}
else if ($TPL_password!=$TPL_repeat_password)
{
$TPL_err=1;
$TPL_errmsg=$ERR_109;
}
else if (strlen($TPL_email)<5) //Primitive mail check
{
$TPL_err=1;
$TPL_errmsg=$ERR_110;
}
else if (strlen($TPL_zip)<5) //Primitive zip check
{
$TPL_err=1;
$TPL_errmsg=$ERR_616;
}
else if (strlen($TPL_phone)<3) //Primitive phone check
{
$TPL_err=1;
$TPL_errmsg=$ERR_617;
}
else
{
$TPL_birthdate = substr($TPL_birthdate,6,4).
substr($TPL_birthdate,3,2).
substr($TPL_birthdate,0,2);
$sql="UPDATE users SET name=\"".AddSlashes($TPL_name)
."\", nick=\"". AddSlashes($TPL_nick)
."\", email=\"". AddSlashes($TPL_email)
."\", birthdate=\"". AddSlashes($TPL_birthdate)
."\", address=\"". AddSlashes($TPL_address)
."\", city=\"". AddSlashes($TPL_city)
."\", prov=\"". AddSlashes($TPL_prov)
."\", country=\"". AddSlashes($TPL_country - 1)
."\", zip=\"". AddSlashes($TPL_zip)
."\", phone=\"". AddSlashes($TPL_phone)
."\", status=\"". AddSlashes($TPL_status)
."\", newsletter=\"". AddSlashes($TPL_newsletter);
if(strlen($TPL_password) > 0)
{
$sql .= "\", password=\"". md5($MD5_PREFIX.AddSlashes($TPL_password));
}
if($TPL_p18 == "1")
{
$sql .= "\", p18=\"beantragt";
}
if(strlen($TPL_p18) == 0)
{
$sql .= "\", p18=\"nicht beantragt";
}
$sql .= "\" WHERE id='".AddSlashes($TPL_id_hidden)."'";
$echosql = $sql;
$res=mysql_query ($sql);
include "header.php";
include "templates/template_updated.html";
}
}
else
{
$TPL_err=1;
$TPL_errmsg=$ERR_112;
}
}
echo $echosql;
if ($REQUEST_METHOD=="POST" && $action == "update" && $TPL_err)
{
include "header.php";
//-- If an error occures re-built countries