<?
class ENGINE_front_logowanie extends CMS
{
public $valid = false;
function defaulted()
{
header('Location: '.$this->config['root']);
}
function zaloguj()
{
$b=$_POST['back']!='' ? $_POST['back'] : '/uzytkownik/';
if(isset($_POST['email']) && isset($_POST['pass']))
{
$data = $this->slashesData($_POST,'add');
$res = $this->db->dbQuery("SELECT * FROM customers WHERE email='".$data['email']."' AND pass=sha1('".$data['pass']."') AND access=1");
$data = $this->db->assocAll($res);
if($data)
{
$fields = array('firstname','secondname','company','street','nr1',
'nr2','postcode','city','fax','phone','nip','email');
foreach($fields as $field)
$_SESSION[$field] = $data[0][$field];
$_SESSION['id'] = $data[0]['id'];
unset($_SESSION['pass']);
$d['idUser'] = $data[0]['id'];
$d['ip'] = $_SERVER['REMOTE_ADDR'];
$d['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$d['data_dodania'] = time();
$this->contents->table = 'login_logs';
$this->contents->data = $d;
$this->contents->insert();
$res = $this->db->dbQuery("SELECT * FROM customers_groups WHERE id=".$data[0]['grupa']);
$rabat = $this->db->result($res,'rabat');
$_SESSION['rabat'] = $rabat;
}
else
{
if($_POST['back']=='/koszyk/platnosc.html')
{header('location:../koszyk/platnosc.html?error=pass');exit();}
$this->contents->assign('error',true);
}
}
else
$this->contents->assign('form',true);
if($_POST['back']=='/koszyk/platnosc.html' && $_SESSION['rabat'])
$b = '/koszyk/udziel_rabatu.html';
if(isset($_SESSION['auth']) && $_SESSION['auth']==true) {
$this->loadModule('logs');
$this->logs->insert("Uzytkownik sie zalogowal");
}
$this->contents->display('system/zaloguj.html');
}
function wyloguj()
{
if(!isset($_SESSION['auth'])) header("Location: ".$this->config['root']);
$_SESSION['id']=0;
$_SESSION['id']=0;
/*$this->setHeaderToTpl('Refresh','5; URL=../');
$this->putHeaderToTpl('contents');
$this->contents->assign('system','logout');
echo '<META HTTP-EQUIV="Refresh" CONTENT="5;URL='.$this->config['root'].'">';
$this->contents->display('system/login.html');
*/
header("location:/?mess=Zostałeś wylogowany");
}
function przypomnij_haslo()
{
if(isset($_POST['email']))
{
'reguired' => true,
'regxp2' => '[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}',
'length_min' => 6,
'length_max' => 128,
'db' => array('table'=>'customers','field'=>'email'),
'dbrequired' => true
)
);
$this->validationFields($fields,$_POST,'contents');
if($this->valid)
$this->remaindPassword();
}
$this->contents->display('forms/remain_password.html');
}
function zmien_haslo()
{
if(strlen($_POST['pass'])>2 AND
$_POST['pass']==$_POST['pass1'])
{
header("Location: zmien_haslo.html?mess=Hasło zostało zmienione!");
$this->contents->assign('ch',true);
}
$this->contents->display('forms/zmien_haslo.html');
}
function remaindPassword()
{
$new_pass='now'.rand(11,2339);
$this->contents->table = 'customers';
$this->contents->order = false;
$this->contents->data=array('tmppass'=>$new_pass);
$this->contents->update();
$user = $this->contents->getContent();
$this->contents->assign('hash',sha1($user['email']));
$this->contents->assign('new_pass',$new_pass);
$this->contents->display('system/remain_password.html');
$this->sendEmailMsg($this->config['remain_password_msg_from'],$this->config['remain_password_msg_email'],$_POST['email'], $this->config['remain_password_msg_title'], $msg);
}
function akceptujHaslo()
{
$res = $this->db->dbQuery("UPDATE customers set pass=sha1(tmppass) WHERE sha1(email)='".mysql_escape_string($_GET['hash'])."'");
if($this->db->affected())
header('Location: ../?mess=Twoje hasło zostało aktywowane');
else
header('Location: ../?mess=Twój link stracił ważność lub jest niepoprawny');
}
}
?>