config['root']); } function zaloguj() { $b=$_POST['back']!='' ? $_POST['back'] : '/uzytkownik/'; if(isset($_POST['email']) && isset($_POST['pass'])) { $data = $this->slashesData($_POST,'add'); $res = $this->db->dbQuery("SELECT * FROM customers WHERE email='".$data['email']."' AND pass=sha1('".$data['pass']."') AND access=1"); $data = $this->db->assocAll($res); if($data) { $fields = array('firstname','secondname','company','street','nr1', 'nr2','postcode','city','fax','phone','nip','email'); foreach($fields as $field) $_SESSION[$field] = $data[0][$field]; $_SESSION['id'] = $data[0]['id']; $_SESSION['auth'] = md5(time()); unset($_SESSION['pass']); $d = array(); $d['idUser'] = $data[0]['id']; $d['ip'] = $_SERVER['REMOTE_ADDR']; $d['user_agent'] = $_SERVER['HTTP_USER_AGENT']; $d['data_dodania'] = time(); $this->contents->table = 'login_logs'; $this->contents->data = $d; $this->contents->insert(); $res = $this->db->dbQuery("SELECT * FROM customers_groups WHERE id=".$data[0]['grupa']); $rabat = $this->db->result($res,'rabat'); $_SESSION['rabat'] = $rabat; } else { if($_POST['back']=='/koszyk/platnosc.html') {header('location:../koszyk/platnosc.html?error=pass');exit();} $this->contents->assign('error',true); } } else $this->contents->assign('form',true); if($_POST['back']=='/koszyk/platnosc.html' && $_SESSION['rabat']) $b = '/koszyk/udziel_rabatu.html'; if(isset($_SESSION['auth']) && $_SESSION['auth']==true) { $this->loadModule('logs'); $this->logs->insert("Uzytkownik sie zalogowal"); header("Location: ..".$b); exit(); } $this->contents->display('system/zaloguj.html'); } function wyloguj() { if(!isset($_SESSION['auth'])) header("Location: ".$this->config['root']); $_SESSION['id']=0; session_destroy(); $_SESSION = array(); $_SESSION['id']=0; /*$this->setHeaderToTpl('Refresh','5; URL=../'); $this->putHeaderToTpl('contents'); $this->contents->assign('system','logout'); echo ''; $this->contents->display('system/login.html'); */ header("location:/?mess=Zostałeś wylogowany"); } function przypomnij_haslo() { if(isset($_POST['email'])) { $fields = array( 'email' => array( 'reguired' => true, 'regxp2' => '[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}', 'length_min' => 6, 'length_max' => 128, 'db' => array('table'=>'customers','field'=>'email'), 'dbrequired' => true ) ); $this->validationFields($fields,$_POST,'contents'); if($this->valid) $this->remaindPassword(); } $this->contents->display('forms/remain_password.html'); } function zmien_haslo() { if(strlen($_POST['pass'])>2 AND $_POST['pass']==$_POST['pass1']) { $this->db->dbQuery("Update customers set pass ='".sha1(mysql_real_escape_string($_POST['pass']))."' where id=".$_SESSION['id']); header("Location: zmien_haslo.html?mess=Hasło zostało zmienione!"); $this->contents->assign('ch',true); } $this->contents->display('forms/zmien_haslo.html'); } function remaindPassword() { $new_pass='now'.rand(11,2339); $this->contents->table = 'customers'; $this->contents->cond = "email='".mysql_real_escape_string($_POST['email'])."'"; $this->contents->order = false; $this->contents->data=array('tmppass'=>$new_pass); $this->contents->update(); $user = $this->contents->getContent(); $this->contents->assign('hash',sha1($user['email'])); $this->contents->assign('new_pass',$new_pass); $msg = mysql_escape_string($this->contents->fetch('system/remain_password_email.html')); $this->contents->display('system/remain_password.html'); $this->sendEmailMsg($this->config['remain_password_msg_from'],$this->config['remain_password_msg_email'],$_POST['email'], $this->config['remain_password_msg_title'], $msg); exit; } function akceptujHaslo() { $res = $this->db->dbQuery("UPDATE customers set pass=sha1(tmppass) WHERE sha1(email)='".mysql_escape_string($_GET['hash'])."'"); if($this->db->affected()) header('Location: ../?mess=Twoje hasło zostało aktywowane'); else header('Location: ../?mess=Twój link stracił ważność lub jest niepoprawny'); } } ?>