Create($crm_db,$crm_user,$crm_host,$crm_pass); // connect SEARCH DB $crm_search = new MySQL_class; $crm_search->Create($crm_search_db,$crm_search_user,$crm_search_host,$crm_search_pass); $cdc = new MySQL_class; $cdc->Create($cdc_db,$cdc_user,$cdc_host,$cdc_pass); $tmp = new MySQL_class; $tmp->Create($template_db,$template_user,$template_host,$template_pass); $brnd = new MySQL_class; $brnd->Create($db,$user,$host,$pass); $gc_sql=$crm; // session handling if($code=='ASE') { exit(); } // foil hackers unset($u_type,$u_id,$session_email); // start session start_session($php_sessid); // log it app_log('store',$PHP_SELF,$search_word,$application_id,'view',$code,$array); if(page_auth(3,$u_type,$cdc) == "yes") { $staging = "yes"; } unset($u_type,$u_id,$session_email); if(!$sessid && $code!='EVENTREG') { if($login_submit || $register_submit) { $message .="
Make sure cookies for this domain are enabled in your browser. ".$_SERVER["HTTP_REFERER"].""; } } $end_user = "yes"; start_session($sessid); if(trim($new_array[email])!='') { $new_array[email] = str_replace("'","",$new_array[email]); } // lost password if($get_password) { if($new_array[email]=='') { $message = urlencode("
Please enter an email adddress. "); header("location: $PHP_SELF?message=$message&forgot_password=yes&sessid=$sessid"); exit(); } $query = "select cdc_id, password from $CDC where email = '$new_array[email]' and brand = '$code'"; $data=$cdc->mydata($query); if($data[cdc_id][0]=='') { $message = urlencode("
Unfortunately, the email address you provided is not registered with us. Please enter another email address that is on our system."); header("location: $PHP_SELF?message=$message&forgot_password=yes&sessid=$sessid"); exit(); } if($data[password][0]=='') { // account found but no password - so we give em a password and send it to them $new_array = get_cdc($data[cdc_id][0],$code,$cdc); $new_array[password] = substr(make_rand(),0,6); $query = "update $CDC set password = '$new_array[password]' where cdc_id = '".$data[cdc_id][0]."' and brand = '$code' "; $cdc->Update($query); system_email("8","$new_array[email]","$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); $message = urlencode("
A password was created for you and sent to your email address, please come back to this page after you receive the email."); header("location: $PHP_SELF?message=$message&sessid=$sessid"); exit(); } else { // password so we send it to them $new_array = get_cdc($data[cdc_id][0],$code,$cdc); system_email("9","$new_array[email]","$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); $message = urlencode("
Your password was found and sent to your email address, please come back to this page after you receive the email."); header("location: $PHP_SELF?message=$message&sessid=$sessid"); exit(); } } // logging in if($login_submit!="") { // lets validate $email = trim($email); if($email=="") { $message .="
You must enter an email address."; } // password if($password=="") { $message .="
You must enter a password."; } if($customer_relation_id) { $message .="
You are already logged in."; } $show_login = yes; } // test the supplied uid and pass if($login_submit && !$message) { // see if the account even has a password .. if not create one and send it to them. $query = "select cdc_id, password from $CDC where email = '".ass($email)."' and brand = '$code'"; $data = $cdc->mydata($query); if($date[cdc_id][0]!='' && $data[password][0]=='' && $email!='') { $new_array = get_cdc($data[cdc_id][0],$code,$cdc); $new_array[password] = substr(make_rand(),0,6); $query = "update $CDC set password = '$new_array[password]' where cdc_id = '".$data[cdc_id][0]."' and brand = '$code' "; $cdc->Update($query); system_email("8","$new_array[email]","$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); $message = urlencode("
A password was created for you and sent to your email address, please come back to this page after you receive the email."); header("location: $PHP_SELF?message=$message&sessid=$sessid"); } if(ss($data[password][0])==$password) { // if the uid and pass etc were ok $u_id = $data[cdc_id][0]; $u_type = "customer"; $query = "select relation_id, company_id, division_id from $CRM_RELATION where contact_id = '".$data[cdc_id][0]."' and disable != '1' and brand = '$code' order by company_id desc"; $relation_data = $crm->mydata($query); // first company we find for now .... for($a=0;$aUpdate($query); $sql = $crm; $query = "delete from $SESSION where session_id = '$sessid' and brand = '$code' "; $sql->Delete($query); store_cookie2($sessid,$u_id,$u_type,$email); if($next=="") { header("location: /store/my_account.html?sessid=$sessid"); exit(); } else { if(ereg('\?',urldecode($next))) { header("location: ".urldecode($next)."&sessid=$sessid"); exit(); } else { header("location: ".urldecode($next)."?sessid=$sessid"); exit(); } } } else { $message .="
Your email address and password failed, please try again."; } } if($register_submit) { if($other_state!="") { $new_array[province_1] = $other_state; } else { $new_array[province_1] = $state; } if($other_country!="") { $new_array[country_1] = $other_country; } else { $new_array[country_1] = $country; } if($cdc_id=="") { $message = error_cdc(36,$new_array,$cdc); if($verify_word_id) { if(!verify_word($verify_word_id,$match_word,$code,$crm)) { $message[] = "The confirmation word you entered is incorrect."; } } } else { $message = error_cdc(7,$new_array,$cdc); } // check for a valid email address if($new_array[email]!='') { if(simple_valid_email(trim($new_array[email]))!='TRUE') { $message[] = "You entered an invalid email address."; } } // check for existing email addresses if($cdc_id) { $query = "select cdc_id from $CDC where email = '$new_array[email]' and cdc_id != '$cdc_id' and brand = '$code' "; $data = $cdc->mydata($query); } else { $query = "select cdc_id from $CDC where email = '$new_array[email]' and brand = '$code' "; $data = $cdc->mydata($query); } if($data[cdc_id][0]!="" && $new_array[email]!='') { $message = "
The email address you entered during registration has been previously registered and controls an active account. Please log-in to change mail settings for this account.

If you are attempting to set up a new account, you will need to register with a new email address."; header("location: login.html?email=$new_array[email]&next=$next&message=".urlencode($message)."&show_login=yes&sessid=$sessid"); exit(); } // check for conflicting external ids // ** companies and contacts may have the same external id so $new_array[external_id] = str_replace(",","",$new_array[external_id]); if(is_numeric($new_array[external_id])) { $new_array[external_id] = abs($new_array[external_id]); } if(strlen($new_array[external_id])>6) { $message[] = "
State Bar numbers can only be 6 numbers or 5 numbers."; } if(trim($new_array[external_id])!='') { $new_array[external_id] = trim($new_array[external_id]); if($cdc_id) { $query = "select cdc_id, email, password from $CDC where external_id = '$new_array[external_id]' and brand = '$code' and first_name != '' and cdc_id != '$cdc_id' "; $data = $cdc->mydata($query); } else { $query = "select cdc_id, email, password from $CDC where external_id = '$new_array[external_id]' and brand = '$code' and first_name != '' "; $data = $cdc->mydata($query); } if($data[cdc_id][0]!='') { if($code=='EVENTREG') { $message[] = "Your State Bar number is already entered into the system."; // look for an email address and password if($data[email][0]) { if(!trim($data[password][0])) { $new_array[password] = substr(make_rand(),0,6); $query = "update $CDC set password = '$new_array[password]' where cdc_id = '".$data[cdc_id][0]."' and brand = '$code' "; $cdc->Update($query); } else { $new_array[password] = $data[password][0]; } $tmp_email = $new_array[email]; $new_array[email] = $data[email][0]; system_email("8",$data[email][0],"$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); $new_array[email] = $tmp_email; // el("$PHP_SELF $new_array[email] - $new_array[external_id] "); $message[] = "We found an email address associated with the bar number you entered and have sent the password to the email address you have on record. NOTE: Often people change email addresses and do not have access to the old email address, if you are having a problem like this please send us an email with your new email address and your bar number to support@ieventreg.com."; } else { $message[] = "We did not find an email address associated with the bar number you entered. To complete your registration please call 415.538.2508."; } } else { $message[] = "Your ID is incorrect, it is already taken by another user."; } } } // check password $password = trim($password); $confirm_password = trim($confirm_password); if($cdc_id=="") { if($password=="" || $confirm_password=="") { $message[] = "You must enter a password, and confirm it."; } } if($password!="" && $confirm_password!="") { if($password!=$confirm_password) { $message[] = "The password and confirmation password must match."; } else { $new_array[password]=$password; } } $show_register = yes; } if($register_submit && $message == "") { $s_sql = $crm; $new_array[first_name] = ucfirst($new_array[first_name]); $new_array[last_name] = ucfirst($new_array[last_name]); // cdc if($cdc_id=="") { $temp_array=$new_array; $temp_array[company_name] = ''; if($temp_array[external_id]=='') { $temp_array[external_id] = "".substr(make_rand(),0,7).""; } $cdc_id = insert_cdc($temp_array,$cdc); $query = "update cdc set created_by = '$cdc_id', modified_by = '$cdc_id' where cdc_id = '$cdc_id' and brand = '$code' "; $cdc->Update($query); unset($temp_array); // crm $query = "insert into $CRM_CDC set type_id = '0', cdc_id = '$cdc_id', first_name = '".addslashes($new_array[first_name])."', last_name = '".addslashes($new_array[last_name])."', created = '$now', disabled = '0', brand = '$code' "; $crm->Insert($query); // create a company IF a company name exists if($new_array[company_name]!='') { $temp_array=$new_array; $temp_array[first_name] = ''; $temp_array[last_name] = ''; $temp_array[email] = ''; $temp_array[external_id] = "".substr($cdc_id,0,7)."c"; $company_cdc_id = insert_cdc($temp_array,$cdc); $query = "update cdc set created_by = '$cdc_id', modified_by = '$cdc_id' where cdc_id = '$company_cdc_id' and brand = '$code' "; $cdc->Update($query); unset($temp_array); $query = "insert into $CRM_CDC set type_id = '1', cdc_id = '$company_cdc_id', company_name = '".addslashes($new_array[company_name])."', created = '$now', brand = '$code' "; $crm->Insert($query); search_inserter($company_cdc_id,'Y',$new_array[company_name],'company',$date,$CRM_SEARCH,$crm_search,$code); } // lets send an email to sales system_email("0","","",$new_array,$EMAIL,$code,$crm); // lets send the thank you letter to the prospect if($code!='ASE') { system_email("1",$new_array[email],"$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); } } else { // check permissions -- if it is their account OK if it is an owner ok if anyone else NOT OK if($cdc_id!=$u_id) { // check that they are part of the same company $query = "select company_id from $CRM_RELATION where relation_id = '$customer_relation_id' and brand = '$code' "; $data = $crm->mydata($query); $query = "select relation_id from $CRM_RELATION where company_id = '".$data[company_id][0]."' and contact_id = '$cdc_id' and brand = '$code' "; $data = $crm->mydata($query); if($data[relation_id][0]=="") { echo"access denied -- this account is not part of your company"; exit(); } } // do not let people change a first or last name or external ID -- UNLESS THEY ARE EMPTY :) $c_foo = get_cdc($cdc_id,$code,$cdc); if($c_foo[first_name]) { $new_array[first_name] = $c_foo[first_name]; } if($c_foo[last_name]) { $new_array[last_name] = $c_foo[last_name]; } if($c_foo[external_id]) { $new_array[external_id] = $c_foo[external_id]; } update_cdc(7,$cdc_id,$new_array,$cdc); $query = "update cdc set modified_by = '$u_id' where cdc_id = '$cdc_id' and brand = '$code' "; $cdc->Update($query); if($password!='') { $query = "update cdc set password = '$password' where cdc_id = '$cdc_id' and brand = '$code' "; $cdc->Update($query); } $query = "update $CRM_CDC set first_name = '".addslashes($new_array[first_name])."', last_name = '".addslashes($new_array[last_name])."' where cdc_id = '$cdc_id' and brand = '$code' "; // $crm->Insert($query); $update = "yes"; } // categories if($sub_category_id) { // delete the categories updated for($a=0;$aDelete($query); } // insert the categories selected for($a=0;$aInsert($query); } } // CRM search foo $new_array = get_cdc($cdc_id,$code,$cdc); $banned[]="created"; $banned[]="brand"; $banned[]="modified"; $banned[]="modified_by"; $banned[]="created_by"; $banned[]="cdc_id"; $banned[]="password"; $array_keys = array_keys($new_array); for($a=0;$aThank for creating/updating the profile.
"); if($next) { if(ereg('\?',urldecode($next))) { header("location: ".urldecode($next)."&sessid=$sessid"); } else { header("location: ".urldecode($next)."?sessid=$sessid"); } exit(); } if($store) { header("location: /store/checkout.html?sessid=$sessid"); exit(); } else { header("location: /store/my_account.html?message=$message&sessid=$sessid"); exit(); } } if($update!='yes') { // relation $customer_relation_id = make_rand(); $query = "insert into $CRM_RELATION set relation_id = '$customer_relation_id', company_id = '$company_cdc_id', contact_id = '$cdc_id', brand = '$code' "; $crm->Insert($query); } // update the shopping cart $query = "update $SHOPPING_CART set relation_id = '$customer_relation_id' where session_id = '$sessid' and brand = '$code' "; $crm->Update($query); // log them in $u_id = $cdc_id; $u_type = "customer"; $sql = $crm; $query = "delete from $SESSION where session_id = '$sessid' and brand = '$code' "; $sql->Delete($query); store_cookie2($sessid,$u_id,$u_type,$new_array[email]); // send to their next page if($next) { if(ereg('\?',urldecode($next))) { header("location: ".urldecode($next)."&sessid=$sessid"); } else { header("location: ".urldecode($next)."?sessid=$sessid"); } exit(); } else { header("location: /store/my_account.html?message=Account+creation+complete.&show_login=yes&sessid=$sessid"); exit(); } } // make the form ..... // start template engine $tpl = new rFastTemplate(); $tpl->no_strict(); $tpl->assign(array( HLI1 => "", HLO1 => "" )); $ms = mail_status($session_email,$crm,$code,$tpl,$vars); $tpl = $ms[tpl]; if(preg_match("/mail_center/i",$PHP_SELF)) { $tpl->assign(array( CANCEL => "/mail_center/" )); $main = get_template('73',$TEMPLATE,$tmp,$code,$staging); } if(preg_match("/store/i",$PHP_SELF)) { $tpl->assign(array( CANCEL => "/store/" )); $main = get_template('13',$TEMPLATE,$tmp,$code,$staging); } if(preg_match("/event/i",$PHP_SELF)) { $tpl->assign(array( CANCEL => "/store/" )); $main = get_template('40',$TEMPLATE,$tmp,$code,$staging); } $tpl->define_raw( array( main => $main, login_register => get_template('15',$TEMPLATE,$tmp,$code,$staging), login_only => get_template('18',$TEMPLATE,$tmp,$code,$staging), register_only => get_template('17',$TEMPLATE,$tmp,$code,$staging), update_info => get_template('25',$TEMPLATE,$tmp,$code,$staging), forgot_password => get_template('48',$TEMPLATE,$tmp,$code,$staging) )); $tpl = show_login($u_id,$tpl); $tpl->assign(array( TODAY => date("l, F j, Y") )); $query = "select title, meta from $TEMPLATE where template_id = '18' and brand = '$code' "; $data = $tmp->mydata($query); $tpl->assign(array( PAGE_TITLE => ss($data[title][0]), PAGE_META => ss($data[meta][0]) )); $tpl->assign(array( HIDE_LOGIN_1 => '' )); if(is_array($message)) { for($a=0;$aassign(array( LOGIN => $login, HIDE_COMPANY_IMAGE1 => " ", STATE => $state_list, COUNTRY => $country_list, OTHER_STATE => $other_state, OTHER_COUNTRY => $other_country, CDC_ID => $cdc_id )); $tpl->assign( array( SELF => $PHP_SELF )); if($cn_email!='' && $email=='') { $email = $cn_email; } if(!$message) { $next = urlencode($next); } $tpl->assign(array( MESSAGE => urldecode($message), SESSID => $sessid, EMAIL => $email, PASSWORD => $password, STORE => $store, SELF => $PHP_SELF, EVENT_IMAGE => str_replace("http:","https:",$event_image), NEXT => $next )); if(!$event_image && !$next) { $tpl->assign(array( HIDE_EVENT_1 => ' ' )); } if($cdc_id) { if($new_array[first_name]=='') { $new_array = get_cdc($cdc_id,$code,$cdc); } if($cdc_id!=$u_id) { // check that they are part of the same company $query = "select company_id from $CRM_RELATION where relation_id = '$customer_relation_id' and brand = '$code' "; $data = $crm->mydata($query); $query = "select relation_id from $CRM_RELATION where company_id = '".$data[company_id][0]."' and contact_id = '$cdc_id' and brand = '$code' "; $data = $crm->mydata($query); if($data[relation_id][0]=="") { echo"access denied -- this account is not part of your company"; exit(); } } $tpl = category_item($cdc_id,$sub_category_id,$tpl,$code,$crm); $new_array = cdc_template_array($new_array); $tpl->assign( $new_array ); $tpl->assign(array( CDC_ID => $cdc_id, EVENT_ID => $event_id, ORDER_HEADER_ID => $order_header_id )); $tpl = html_chunks($staging,$tpl,$code,$brnd); $tpl->parse( MAIN, array( "update_info", "main" )); $tpl->FastPrint(); exit(); } $tpl = html_chunks($staging,$tpl,$code,$brnd); if($forgot_password) { $tpl->parse( MAIN, array( "forgot_password", "main" )); $tpl->FastPrint(); exit(); } if($show_register) { $tpl = category_item($cdc_id,$sub_category_id,$tpl,$code,$crm); $tpl = create_word($tpl,$code,$crm); $new_array = cdc_template_array($new_array); $tpl->assign( $new_array ); $tpl->parse( MAIN, array( "register_only", "main" )); $tpl->FastPrint(); exit(); } if($show_login) { $tpl->parse( MAIN, array( "login_only", "main" )); $tpl->FastPrint(); exit(); } $tpl = create_word($tpl,$code,$crm); $tpl->parse( MAIN, array( "login_register", "main" )); $tpl->FastPrint(); exit(); // functions function verify_word($verify_word_id,$word,$code,$crm) { global $VERIFY_WORD; $query = "select verify_word_id from $VERIFY_WORD where brand = '$code' and verify_word_id = '$verify_word_id' and match_word = '".trim(addslashes($word))."' "; $data = $crm->mydata($query); if($data[verify_word_id][0]!='') { return('1'); } else { return('0'); } } function create_word($tpl,$code,$crm) { global $VERIFY_WORD; $query = "select verify_word_id, image_tag from $VERIFY_WORD where brand = '$code' order by rand() limit 0,1"; $data = $crm->mydata($query); $tpl->assign(array( VERIFY_WORD_ID => $data[verify_word_id][0], VERIFY_IMAGE_TAG => stripslashes($data[image_tag][0]) )); return($tpl); } ?>