File: D:/HostingSpaces/NVonken/mijneigenlied.com/wwwroot/Core/Components/account.com.php
<?php
class account
{
private $_tpl;
private $_wishCache;
////////////////////////////////
// Component Execution Method //
////////////////////////////////
function __construct()
{
General::Load("User");
General::Load("Session");
$this->_tpl = new tpl();
}
function Run()
{
//if there is no action, probably a script kiddy, die
if (!defined("GET_2")) {
die("No access granted.");
}
if (method_exists($this, '_action_' . GET_2))
$pageContent = call_user_func(array($this, '_action_' . GET_2));
else
{
header("Location: " . SETTING_ROOT . "/home.html");
die();
}
$this->_tpl->Clear();
$this->_tpl->Assign("Content", $pageContent);
$this->_tpl->assign("scriptTags", "");
$this->_tpl->assign("pageTitle", "Account");
return $this->_tpl->Parse("Layout/index");
}
/////////////////////
// Private Methods //
/////////////////////
private function _action_register()
{
//check if user is allready logged in
if (User::CheckLogin()) {
//redirect to home screen
header("Location: " . SETTING_ROOT . "/home.html");
die();
}
$message = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$userObject = new User();
$valid = true;
if (General::ValidEmail($_POST['txtUserEmail'])) {
if ($userObject->SelectByEmail($_POST["txtUserEmail"]) != null) {
$valid = false;
$errorMessage = "Dit email adres is reeds in gebruik.";
}
else $userObject->Email = $_POST['txtUserEmail'];
}
else
{
$valid = false;
$errorMessage = "Geen geldig email adres";
}
if (strlen(trim($_POST['txtUserName'])) < 5) {
$valid = false;
$errorMessage = "Ongeldige naam, minimaal 5 karakters.";
}
else $userObject->Name = $_POST["txtUserName"];
if (!isset($_POST['txtUserCity']) || $_POST["txtUserCity"] == "") {
$valid = false;
$errorMessage = "Geen geldige plaats ingevoerd.";
}
else
{
$userObject->City = $_POST["txtUserCity"];
$userObject->CityUrlSafe = General::UrlSafe($_POST["txtUserCity"]);
}
if (strlen($_POST["txtUserPassword"]) == 0 || $_POST["txtUserPassword"] != $_POST["txtUserPasswordRepeat"]) {
$valid = false;
$errorMessage = "De opgegeven wachtwoorden zijn niet gelijk.";
}
else $userObject->Password = sha1($_POST["txtUserPassword"] . SALT);
if ($valid) {
//set the activation hash
$activationHash = sha1(microtime() . SALT);
$userObject->ActivationHash = $activationHash;
$userObject->Active = 0;
$userObject->IsAdmin = 0;
//insert user
$userId = $userObject->Insert();
//send mail
$this->_tpl->assign("userName", $userObject->Name);
$this->_tpl->assign("userId", $userId);
$this->_tpl->assign("userHash", $activationHash);
General::Email("Activeer uw Waardevol Fietsen account", $userObject->Email, $this->_tpl->parse("Email/registration"));
//set succesfull message
$this->_tpl->assign("message", "Uw account is geregistreerd. U heeft een email ontvangen met verdere instructies.");
$message = $this->_tpl->parse("General/success");
//clear post
unset($_POST);
}
else
{
$this->_tpl->assign("message", $errorMessage);
$message = $this->_tpl->parse("General/error");
}
}
//assign form values
$this->_tpl->assign("message", $message);
$this->_tpl->assign("txtUserName", (isset($_POST["txtUserName"]) ? $_POST["txtUserName"] : ""));
$this->_tpl->assign("txtUserEmail", (isset($_POST["txtUserEmail"]) ? $_POST["txtUserEmail"] : ""));
$this->_tpl->assign("txtUserPassword", (isset($_POST["txtUserPassword"]) ? $_POST["txtUserPassword"] : ""));
$this->_tpl->assign("txtUserPasswordRepeat", (isset($_POST["txtUserPasswordRepeat"]) ? $_POST["txtUserPasswordRepeat"] : ""));
return $this->_tpl->parse("Account/register");
}
private function _action_activate()
{
//get_3 = hash
//get_4 = user id
$success = false;
//check if vars are set
if (defined("GET_3") && defined("GET_4")) {
//if numeric user id
if (is_numeric(GET_4)) {
//select user
$user = User::Select(GET_4);
//check user hash
if ($user != null && $user->ActivationHash == GET_3) {
$user->Active = 1;
$user->Update();
$success = true;
}
}
}
if ($success) {
$this->_tpl->assign("message", "Uw account is succesvol geactiveerd. U kunt nu inloggen en beginnen met Waardevol Fietsen.");
return $this->_tpl->parse("General/success");
}
else
{
$this->_tpl->assign("message", "Oeps, er ging iets fout bij het activeren.");
return $this->_tpl->parse("General/error");
}
}
private function _action_login()
{
if (User::CheckLogin()) {
header("Location: " . BASE_URL . "/");
die();
}
$error = false;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$error = false;
$userObject = new User();
$user = $userObject->SelectByEmail($_POST["txtEmail"]);
if ($user != null) {
if ($user->Password == sha1($_POST["txtPassword"] . SALT) && $user->Active == 1) {
$user->Login();
if (isset($_GET["reason"]) && $_GET["reason"] == "admin")
header("Location: " . BASE_URL . "/admin.html");
else
header("Location: " . BASE_URL . "/");
die();
}
else
{
$error = true;
}
}
else
{
$error = true;
}
}
$this->_tpl->assign("message", "");
if ($error) {
$message = "Dit is geen geldige combinatie van email en wachtwoord";
$this->_tpl->assign("message", $message);
$this->_tpl->assign("message", $this->_tpl->parse("General/error"));
}
$this->_tpl->assign("txtEmail", isset($_POST["txtEmaik"]) ? $_POST["txtEmail"] : "");
return $this->_tpl->parse("Account/login");
}
private function _action_forgotten()
{
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$user = User::SelectByEmail($_POST["txtEmail"]);
if ($user != null) {
$random = General::RandomString(8);
$user->Password = sha1($random . SALT);
$user->Update();
$this->_tpl->assign("password", $random);
General::Email("Wachtwoord reset", $user->Email, $this->_tpl->parse("Email/forgot-password"));
}
//allways show message an email has been sent, to trick email lurkers
$this->_tpl->assign("message", "Er is een mail gestuurd naar het opgegeven email adres(mits een geldig adres).");
$message = $this->_tpl->parse("General/success");
}
$this->_tpl->assign("message", $message);
return $this->_tpl->parse("Account/forgotten");
}
private function _action_logoff()
{
//delete session
Session::DeleteByHash($_SESSION["sessionhash"]);
//send user to homepage
header("Location: " . SETTING_ROOT . "/home.html");
}
private function _action_settings()
{
//only when user is loggedin
if (User::CheckLogin()) {
//get data from user
$user = User::GetUserInfo();
$message = "";
if ($_SERVER['REQUEST_METHOD'] == "POST") {
//check button
if (isset($_POST['btnSaveName'])) {
$valid = true;
$errorMessage = "";
if (!isset($_POST['txtUserName']) || strlen($_POST['txtUserName']) < 5) {
$valid = false;
$errorMessage = "Uw naam dient mimimaal 5 letters te bevatten.";
}
else $user->Name = $_POST['txtUserName'];
if (!General::ValidEmail($_POST['txtUserEmail'])) {
$valid = false;
$errorMessage = 'Het opgegeven email adres is niet geldig';
}
else $user->Email = $_POST['txtUserEmail'];
if ($valid) {
$user->Update();
$this->_tpl->assign("message", "De wijzigingen zijn succesvol opgeslagen");
$message = $this->_tpl->parse("General/success");
//remove data from post var
unset($_POST);
}
else
{
$this->_tpl->assign("message", $errorMessage);
$message = $this->_tpl->parse("General/error");
}
}
elseif (isset($_POST["btnPassword"]))
{
$valid = true;
if (sha1($_POST["txtUserOldPassword"] . SALT) != $user->Password) {
$valid = false;
$errorMessage = "Het opgegeven oude wachtwoord is onjuist.";
}
if ($_POST["txtUserPassword"] != $_POST["txtUserPasswordRepeat"]) {
$valid = false;
$errorMessage = "Het nieuwe wachtwoord is niet juist bevestigd.";
}
else $user->Password = sha1($_POST["txtUserPassword"] . SALT);
if ($valid) {
$user->Update();
$this->_tpl->assign("message", "Het wachtwoord is succesvol gewijzgid.");
$message = $this->_tpl->parse("General/success");
}
else
{
$this->_tpl->assign("message", $errorMessage);
$message = $this->_tpl->parse("General/error");
}
}
}
$this->_tpl->assign("txtUserName", isset($_POST['txtUserName']) ? $_POST['txtUserName'] : $user->Name);
$this->_tpl->assign("txtUserEmail", isset($_POST['txtUserEmail']) ? $_POST['txtUserEmail'] : $user->Email);
$this->_tpl->assign("message", $message);
return $this->_tpl->parse("Account/settings");
}
else
{
header("Location: " . SETTING_ROOT . "/account/login.html", true, 302);
die();
}
}
}
?>