set_file("main","user_login.html");
$t->set_var("user_login_href", "user_login.php");
$t->set_var("user_home_href", "user_home.php");
$t->set_var("user_profile_href", "user_profile.php");
$t->set_var("user_profile_url", $user_profile_url);
$t->set_var("forgot_password_href", "forgot_password.php");
$t->set_var("LOGIN_TITLE", LOGIN_TITLE);
$t->set_var("NEW_USER_MSG", NEW_USER_MSG);
$t->set_var("SIGN_UP_MSG", SIGN_UP_MSG);
$t->set_var("EXISTS_USER_MSG", EXISTS_USER_MSG);
$t->set_var("ENTER_LOGIN_MSG", ENTER_LOGIN_MSG);
$t->set_var("LOGIN_FIELD", LOGIN_FIELD);
$t->set_var("PASSWORD_FIELD", PASSWORD_FIELD);
$t->set_var("REMEMBER_LOGIN_MSG", REMEMBER_LOGIN_MSG);
$t->set_var("SIGN_IN_BUTTON", SIGN_IN_BUTTON);
$t->set_var("LOGIN_AS_MSG", LOGIN_AS_MSG);
$t->set_var("ACCESS_HOME_MSG", ACCESS_HOME_MSG);
$t->set_var("CLICK_HERE_MSG", CLICK_HERE_MSG);
$t->set_var("LOGOUT_BUTTON", LOGOUT_BUTTON);
$t->set_var("FORGOT_PASSWORD_MSG", FORGOT_PASSWORD_MSG);
$return_page = get_param("return_page");
if(!strlen($return_page)) $return_page = "user_home.php";
$login = get_cookie("cookie_user_login");
$password = get_cookie("cookie_user_password");
if(strlen($login) && strlen($password))
{
$cookie_login = true;
}
else
{
$cookie_login = false;
$login = "";
$password = "";
}
$remember_me = get_param("remember_me");
$operation = get_param("operation");
$errors = "";
if(strlen($operation) || ($cookie_login && !get_session("session_user_id")))
{
if($operation == "cancel")
{
header("Location: index.php");
exit;
}
else if($operation == "logout")
{
set_session("session_user_id", "");
set_session("session_user_type_id", "");
set_session("session_user_login", "");
set_session("session_user_name", "");
set_session("session_user_email", "");
set_session("session_discount_type", "");
set_session("session_discount_amount", "");
if (get_setting_value($settings, "logout_cart_clear", 0) == 1) {
set_session("shopping_cart", "");
set_session("session_coupons", "");
}
}
else
{
if(!$cookie_login)
{
$login = get_param("login");
$password = get_param("password");
if(!strlen($login)) {
$error_message = str_replace("{field_name}", LOGIN_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "
";
}
if(!strlen($password)) {
$error_message = str_replace("{field_name}", PASSWORD_FIELD, REQUIRED_MESSAGE);
$errors .= $error_message . "
";
}
}
if(!$errors && check_black_ip()) {
$errors = BLACK_IP_MSG;
}
if(!$errors)
{
$password_encrypt = get_setting_value($settings, "password_encrypt", 0);
if ($password_encrypt == 1) {
$password_match = md5($password);
} else {
$password_match = $password;
}
$sql = " SELECT u.user_id,u.user_type_id,u.name,u.first_name,u.last_name,u.email,u.is_approved, ";
$sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, ";
$sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, ";
$sql .= " c.currency_code ";
$sql .= " FROM ((" . $table_prefix . "users u ";
$sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) ";
$sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_code=c.country_code) ";
$sql .= " WHERE login=" . $db->tosql($login, TEXT);
$sql .= " AND password=" . $db->tosql($password_match, TEXT);
$db->query($sql);
if($db->next_record())
{
$is_approved = $db->f("is_approved");
if($is_approved) {
$user_id = $db->f("user_id");
$currency_code = $db->f("currency_code");
$user_discount_type = $db->f("user_discount_type");
$user_discount_amount = $db->f("user_discount_amount");
$group_discount_type = $db->f("group_discount_type");
$group_discount_amount = $db->f("group_discount_amount");
set_session("session_user_id", $user_id);
set_session("session_user_type_id", $db->f("user_type_id"));
set_session("session_user_login", $login);
if(strlen($db->f("name"))) {
$user_name = $db->f("name");
} else if (strlen($db->f("first_name")) || strlen($db->f("last_name"))) {
$user_name = $db->f("first_name") . " " . $db->f("last_name");
} else {
$user_name = $login;
}
set_session("session_user_name", $user_name);
set_session("session_user_email", $db->f("email"));
if ($user_discount_type > 0) {
set_session("session_discount_type", $user_discount_type);
set_session("session_discount_amount", $user_discount_amount);
} else if ($group_discount_type) {
set_session("session_discount_type", $group_discount_type);
set_session("session_discount_amount", $group_discount_amount);
}
if($remember_me)
{
setcookie("cookie_user_login", $login, time() + 3600 * 24 * 366);
setcookie("cookie_user_password", $password, time() + 3600 * 24 * 366);
}
// get currency if available
if ($currency_code) {
get_currency($currency_code);
}
// update last visit time
$sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME);
$sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT);
$sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
$db->query($sql);
header("Location: " . $return_page);
exit;
} else {
$errors .= ACCOUNT_APPROVE_ERROR . "
";
}
}
else
{
$errors .= LOGIN_PASSWORD_ERROR . "
";
if($cookie_login)
{
setcookie("cookie_user_login");
setcookie("cookie_user_password");
}
}
}
}
}
if($remember_me)
$t->set_var("remember_me", "checked");
else
$t->set_var("remember_me", "");
if($errors) {
$t->set_var("errors_list", $errors);
$t->parse("errors", false);
} else {
$t->set_var("errors", "");
}
if(get_session("session_user_id"))
{
$t->set_var("user_login", get_session("session_user_login"));
$t->set_var("user_name", get_session("session_user_name"));
$t->set_var("operation", "logout");
$t->set_var("login_form", "");
$t->parse("logout_form", false);
}
else
{
$t->set_var("return_page", htmlspecialchars($return_page));
$t->set_var("login", htmlspecialchars($login));
$t->set_var("operation", "login");
$t->set_var("logout_form", "");
$t->parse("login_form", false);
}
$type_error = get_param("type_error");
if($type_error == 2) {
//$t->parse("access_error", false);
//$errors = true;
}
include("./header.php");
include("./footer.php");
$t->pparse("main");
?>