File: D:/HostingSpaces/SBogers10/deensekroon.komma-mediadesign.nl/wwwroot/php/page_myaccount.php
<?php
/*
Deense Kroon
Myaccount
Mike Ontwerpt 2012
www.mikeontwerpt.nl
initMyAccount();
*/
function initMyAccount(){
global $mysqli;
$output = '';
// header \\
$output .= '<div class="acc-pageheader">';
if($_SESSION['cart']['loginfromcart']){ $output .= '<h1>Winkelwagen / Mijn gegevens</h1>'; }
else{ $output .= '<h1>Mijn account</h1>'; }
$output .= '<div class="small-banner-holder">';
////////////////// BANNER \\\\\\\\\\\\\\\\\\\\\\\
/* load & display small banner */
// get info \\
$query = 'SELECT b.title, b.bannerimage, b.url
FROM banners AS b, content_status AS s
WHERE type = 3
AND s.active = 1
AND s.itemId = b.id
AND s.linkname = "banners"
ORDER BY itemOrder ASC';
if($result = $mysqli->query($query)){
$numbanners = $result->num_rows;
if($numbanners > 0){
$i = 0;
$banners = array();
while($record = $result->fetch_assoc()){
$title = fromDatabase($record['title']);
$shortcode = $record['bannerimage'];
$url = $record['url'];
if(substr($url,0,7) != 'http://' && substr($url,0,8) != 'https://' && !empty($url)) $url = 'http://'.$url;
//get image
$shortcode = substr($shortcode, 1, -1);
$mediaResult = $mysqli->query('SELECT title, path FROM media_files WHERE shortcode = "'.$shortcode.'" LIMIT 1');
$mediaRecord = $mediaResult->fetch_assoc();
$filename = $mediaRecord['path'];
$banners[$i] = '';
if(!empty($url)) $banners[$i] .= '<a href="'.$url.'" target="_blank">';
$banners[$i] .= '<img src="/images/uploads/'.$filename.'" alt="'.$title.'" />';
if(!empty($url)) $banners[$i] .= '</a>';
$i++;
}
shuffle($banners);
$output .= $banners[0];
}
}
else{
$output .= '<img src="/images/temp/temp-small-banner.jpg" alt="test"/>';
}
$output .= '</div>';
$output .= '</div>';
////////////////////////////// D I S P A T C H E R \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
if(checkCustomerLogin() != 1){
////////////////////////////// C U S T O M E R N O T L O G G E D I N \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
if(isset($_POST['login_customer'])){
//does error array exists?
if(!isset($_SESSION['login-customer-err'])) $_SESSION['login-customer-err'] = '';
//sbm login
$output .= sbmLoginCustomer();
}
else if(defined('URL_PAGE')){
$page = URL_PAGE;
switch($page){
case 'registreren' :
// register error
if(!isset($_SESSION['fm-acc'])) $_SESSION['fm-acc'] = '';
if(!empty($_SESSION['fm-acc'])){
$output .= '<div class="acc-pageerror">';
$output .= $_SESSION['fm-acc'];
unset( $_SESSION['fm-acc']);
$output .= '</div>';
}
// register dispatcher
if(isset($_POST['sbm-new-customer'])){
$output .= validateRegForm();
}
else{
$output .= showRegForm();
}
break;
case 'inloggen-of-registreren' :
$output .= showSplitpage();
break;
case 'activeer-uw-account' :
if(defined('URL_SUB')){
//activate
$output .= activateAccount();
}
else{
//show message
$output .= showActivateMessage();
}
break;
default:
$output .= showSplitpage();
}
}
else{
$output .= showSplitpage();
}
}
else{
////////////////////////////// C U S T O M E R L O G G E D I N \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
$output .= showMyAccount();
}
$output .= '<div class="acc-pagefooter">';
$output .= '</div>';
return $output;
}
////////////////////////////// L O G I N O R R E G I S T E R \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function showSplitpage(){
$_SESSION['cart']['loginfromcart'] = false;
$output ='';
// login ? \\
$output .= '<div class="acc-splitpage-login-holder">';
if(isset($_SESSION['fp_success']))
{
$output .= '<div class="login-success-msg">'.$_SESSION['fp_success'].'</div>';
unset($_SESSION['fp_success']);
}
if(isset($_SESSION['login-customer-err'])){
$output .= '<div class="login-err-msg">'.$_SESSION['login-customer-err'].'</div>';
unset($_SESSION['login-customer-err']);
}
$output .= '<h4>Ik ben al een klant van Deense Kroon.</h4>';
$output .= 'Zijn uw gegevens al bekend bij ons? <br />Log in
met uw persoonlijke <br />Deense Kroon account.<br /><br />';
$output .= '<form action="" method="post">';
$output .= '<h5>uw email adres</h5>';
$output .= '<input type="text" name="email" value="" class="txt-232" />';
$output .= '<h5>uw wachtwoord</h5>';
$output .= '<input type="password" name="pass" value="" class="txt-232" />';
$output .= '<input type="hidden" name="location" value="../mijn-account/" />';
$output .= '<input type="submit" name="login_customer" value="login" class="button-arrow-168"/>';
$output .= '</form>';
// Wachtwoord vergeten?
$output .= '<div class="clear"></div>
<br /><br /><br /><a href="/wachtwoord-vergeten/">Ik ben mijn wachtwoord vergeten</a>';
$output .= '</div>';
$output .= '<div class="acc-splitpage-vertruler"></div>';
// register ? \\
$output .= '<div class="acc-splitpage-reg-holder">';
$output .= '<h4>Ik ben nieuw bij Deense Kroon.</h4>';
$output .= 'Maak uw bestelproces nog makkelijker,
meldt uzelf aan en creeƫr uw persoonlijke
Deense Kroon account.<br /><br />';
$output .= '<form action="" method="post">';
$output .= '<a href="/registreren/"><span class="button-arrow-168">nieuwe klant</span></a>';
$output .= '</form>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
return $output;
}
////////////////////////////// S H O W R E G I S T R A T I O N F O R M \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function showRegForm($method='add'){
global $mysqli;
$output = '';
if($method == 'edit'){
global $mysqli;
$output = '';
// klant details
$temp = explode('_', $_SESSION['customerstr']);
$customerId = $temp[0];
if(isset($_SESSION['fm-acc']) && !empty($_SESSION['fm-acc'])){
$output .= '<div class="acc-pageerror">';
$output .= $_SESSION['fm-acc'];
$output .= '</div>';
unset($_SESSION['fm-acc']);
}
}
if(!isset($_SESSION['acc-regform'])){
$_SESSION['acc-regform']['title'] = '';
$_SESSION['acc-regform']['firstname'] = '';
$_SESSION['acc-regform']['middlename'] = '';
$_SESSION['acc-regform']['lastname'] = '';
$_SESSION['acc-regform']['street'] = '';
$_SESSION['acc-regform']['number'] = '';
$_SESSION['acc-regform']['addition'] = '';
$_SESSION['acc-regform']['postal'] = '';
$_SESSION['acc-regform']['city'] = '';
$_SESSION['acc-regform']['country'] = '';
$_SESSION['acc-regform']['birthday'] = '';
$_SESSION['acc-regform']['birthmonth'] = '';
$_SESSION['acc-regform']['birthyear'] = '';
$_SESSION['acc-regform']['phone'] = '';
$_SESSION['acc-regform']['email'] = '';
//if method == edit, fill session with current
if($method == 'edit' && isset($_SESSION['customerstr'])){
//// get info \\\\
if($result = $mysqli->query('SELECT DISTINCT cl.id AS customerId, cl.email, cl.status,
cp.title, cp.customerCode, cp.firstname, cp.middlename, cp.lastname, cp.timest, cp.newsletter,
cp.postal, cp.street, cp.number, cp.addition, cp.city, cp.country, cp.phone, cp.birthday
FROM shop_customer_login AS cl, shop_customer_personal AS cp
WHERE cl.personalId = cp.id
AND cl.id = '.$customerId.' LIMIT 1')){
$numOrders = $result->num_rows;
$record = $result->fetch_assoc();
$_SESSION['acc-regform']['title'] = $record['title'];
$_SESSION['acc-regform']['firstname'] = fromDatabase($record['firstname']);
$_SESSION['acc-regform']['middlename'] = fromDatabase($record['middlename']);
$_SESSION['acc-regform']['lastname'] = fromDatabase($record['lastname']);
$_SESSION['acc-regform']['street'] = fromDatabase($record['street']);
$_SESSION['acc-regform']['number'] = $record['number'];
$_SESSION['acc-regform']['addition'] = $record['addition'];
$_SESSION['acc-regform']['postal'] = $record['postal'];
$_SESSION['acc-regform']['city'] = fromDatabase($record['city']);
$_SESSION['acc-regform']['country'] = fromDatabase($record['country']);
$_SESSION['acc-regform']['birthday'] = date('d',$record['birthday']);
$_SESSION['acc-regform']['birthmonth'] = date('m',$record['birthday']);
$_SESSION['acc-regform']['birthyear'] = date('Y',$record['birthday']);
$_SESSION['acc-regform']['phone'] = $record['phone'];
$_SESSION['acc-regform']['email'] = fromDatabase($record['email']);
}
}
}
$output .= '<form action="" name="regForm" method="post">';
// DESCRIPTION LEFT \\
$output .= '<div class="acc-regform-desc-holder">';
// voornaam \\
$output .= '<div class="acc-regform-desc-block">Voornaam<span class="acc-regform-required">*</span></div>';
// tussenvoegsel \\
$output .= '<div class="acc-regform-desc-block">Tussenvoegsel</div>';
// achternaam \\
$output .= '<div class="acc-regform-desc-block regform-space">Achternaam<span class="acc-regform-required">*</span></div>';
// straat \\
$output .= '<div class="acc-regform-desc-block">Straat<span class="acc-regform-required">*</span></div>';
// huisnummer \\
$output .= '<div class="acc-regform-desc-block">Huisnummer<span class="acc-regform-required">*</span></div>';
// postcode \\
$output .= '<div class="acc-regform-desc-block">Postcode<span class="acc-regform-required">*</span></div>';
// woonplaats \\
$output .= '<div class="acc-regform-desc-block">Woonplaats<span class="acc-regform-required">*</span></div>';
// land \\
$output .= '<div class="acc-regform-desc-block regform-space">Land<span class="acc-regform-required">*</span></div>';
// geboortedatum \\
$output .= '<div class="acc-regform-desc-block">Geboortedatum</div>';
// telefoonnummer \\
$output .= '<div class="acc-regform-desc-block">Telefoonnummer</div>';
$output .= '</div>';
// PERSONAL \\
$output .= '<div class="acc-regform-column">';
if($method == 'edit'){
$output .= '<h2>wijzig je persoonlijke gegevens</h2><br /><br /><br />';
}
else{
$output .= '<h2>persoonlijke gegevens</h2><br /><br /><br />';
}
// title \\
$output .= '<div class="acc-regform-input-block"><input type="radio" name="title" value="mevr"';
if($_SESSION['acc-regform']['title'] == 'mevr' || empty($_SESSION['acc-regform']['title'])) $output .= ' checked';
$output .= ' />mevr <input type="radio" name="title" value="dhr"';
if($_SESSION['acc-regform']['title'] == 'dhr') $output .= ' checked';
$output .= ' /> dhr</div> ';
// firstname \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="firstname" value="'.$_SESSION['acc-regform']['firstname'].'" class="txt-232" /></div>';
// middlename \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="middlename" value="'.$_SESSION['acc-regform']['middlename'].'" class="txt-104" /></div>';
$output .= '<div class="clear"></div>';
// lastname \\
$output .= '<div class="acc-regform-input-block regform-space"><input type="text" name="lastname" value="'.$_SESSION['acc-regform']['lastname'].'" class="txt-232" /></div>';
// street \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="street" value="'.$_SESSION['acc-regform']['street'].'" class="txt-232" /></div>';
// number \\
$output .= '<div class="acc-regform-input-block">
<input type="text" name="number" value="'.$_SESSION['acc-regform']['number'].'" class="txt-48" />
<input type="text" name="addition" value="'.$_SESSION['acc-regform']['addition'].'" class="txt-48" /><div class="middlename-desc"> toevoeging</div>
</div>';
$output .= '<div class="clear"></div>';
// postal \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="postal" value="'.$_SESSION['acc-regform']['postal'].'" class="txt-104" /></div>';
$output .= '<div class="clear"></div>';
// city \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="city" value="'.$_SESSION['acc-regform']['city'].'" class="txt-232" /></div>';
// country \\
$output .= '<div class="acc-regform-input-block regform-space">';
#Select countries
$cResult = $mysqli->query('SELECT name, isocode FROM countries ORDER BY name');
$output .= '<select name="country">';
while($cRecord = $cResult->fetch_assoc()){
$cName = fromDatabase($cRecord['name']);
$cIso = fromDatabase($cRecord['isocode']);
$output .= '<option value="'.$cIso.'" ';
if(strtolower($cIso) == 'nl')$output.=' selected';
$output.='>'.$cName.'</option>';
}
$output .= '</select>';
$output .= '</div>';
// birthday \\
$output .= '<div class="acc-regform-input-block">
<input type="text" name="birthday" value="'.$_SESSION['acc-regform']['birthday'].'" class="txt-32" maxlength="2"/>
<input type="text" name="birthmonth" value="'.$_SESSION['acc-regform']['birthmonth'].'" class="txt-32" maxlength="2" />
<input type="text" name="birthyear" value="'.$_SESSION['acc-regform']['birthyear'].'" class="txt-40" maxlength="4" />
<div class="middlename-desc"> dd-mm-yyyy</div>
<div class="clear"></div>
</div>';
// phone \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="phone" value="'.$_SESSION['acc-regform']['phone'].'" class="txt-232" /></div>';
$output .= '</div>';
// DESCRIPTION RIGHT \\
$output .= '<div class="acc-regform-desc-holder regform-right">';
if($method == 'edit'){
// huidgi wachtwoord \\
$output .= '<div class="acc-regform-desc-block">huidig wachtwoord<span class="acc-regform-required">*</span></div>';
}
// email \\
$output .= '<div class="acc-regform-desc-block">email<span class="acc-regform-required">*</span></div>';
if($method == 'edit'){
// wachtwoord \\
$output .= '<div class="acc-regform-desc-block reg-longer-desc">nieuw wachtwoord</div>';
// bevestig wachtwoord \\
$output .= '<div class="acc-regform-desc-block regform-space reg-longer-desc">bevestig je wachtwoord</div>';
}
else{
// wachtwoord \\
$output .= '<div class="acc-regform-desc-block">wachtwoord (ww)<span class="acc-regform-required">*</span></div>';
// bevestig wachtwoord \\
$output .= '<div class="acc-regform-desc-block regform-space">bevestig ww<span class="acc-regform-required">*</span></div>';
}
$output .= '</div>';
// ACCOUNT SETTINGS \\
$output .= '<div class="acc-regform-column">';
$output .= '<h2>Deense Kroon account</h2><br /><br /><br />';
// space \\
$output .= '<div class="acc-regform-input-block"></div> ';
if($method == 'edit'){
// huidgi wachtwoord \\
$output .= '<div class="acc-regform-desc-block"><input type="password" name="currentpass" value="" class="txt-232" /></div>';
}
// email \\
$output .= '<div class="acc-regform-input-block"><input type="text" name="email" value="'.$_SESSION['acc-regform']['email'].'" class="txt-232" /></div>';
// wachtwoord \\
$output .= '<div class="acc-regform-input-block"><input type="password" name="pass" value="" class="txt-232" /></div>';
// wachtwoord bevestigen \\
$output .= '<div class="acc-regform-input-block regform-space"><input type="password" name="confirmpass" value="" class="txt-232" /></div>';
// nieuwsbrief \\
$output .= '<h2>Onze nieuwsbrief</h2><br /><br /><br />';
$output .= '<div class="regform-nb-holder">';
$output .= '<input type="checkbox" name="newsletter" value="1" class="cbox" checked />ik wil graag op de hoogte blijven van het laatste nieuws en aanbiedingen.';
$output .= '</div>';
if($method == 'edit'){
$output .= '<input type="hidden" name="customerId" value="'.$customerId.'" />';
$output .= '<input type="submit" name="sbm-edit-customer" value="wijzig je gegevens" class="button-arrow-168 reg-continue"/>';
}
else{
$output .= '<input type="submit" name="sbm-new-customer" value="doorgaan" class="button-arrow-168 reg-continue"/>';
}
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '</form>';
return $output;
}
////////////////////////////// V A L I D A T E R E G I S T R A T I O N \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function validateRegForm($method='add')
{
global $mysqli;
// Validate Registration Form \\
#1 load input & save in session
$title = $_SESSION['acc-regform']['title'] = $required[] = $_POST['title'];
$firstname = $_SESSION['acc-regform']['firstname'] = $required[] = $_POST['firstname'];
$middlename = $_SESSION['acc-regform']['middlename'] = $_POST['middlename'];
$lastname = $_SESSION['acc-regform']['lastname'] = $required[] = $_POST['lastname'];
$street = $_SESSION['acc-regform']['street'] = $required[] = $_POST['street'];
$number = $_SESSION['acc-regform']['number'] = $required[] = $_POST['number'];
$addition = $_SESSION['acc-regform']['addition'] = $_POST['addition'];
$postal = $_SESSION['acc-regform']['postal'] = $required[] = $_POST['postal'];
$city = $_SESSION['acc-regform']['city'] = $required[] = $_POST['city'];
$country = $_SESSION['acc-regform']['country'] = $required[] = $_POST['country'];
$birthday = $_SESSION['acc-regform']['birthday'] = $_POST['birthday'];
$birthmonth = $_SESSION['acc-regform']['birthmonth'] = $_POST['birthmonth'];
$birthyear = $_SESSION['acc-regform']['birthyear'] = $_POST['birthyear'];
$phone = $_SESSION['acc-regform']['phone'] = $_POST['phone'];
$email = $_SESSION['acc-regform']['email'] = $required[] = $_POST['email'];
if($method == 'edit'){
$customerId = $_POST['customerId'];
$currentpass = $required[] = $_POST['currentpass'];
//not required
$pass = $_POST['pass'];
$confirmpass = $_POST['confirmpass'];
}
else{
$pass = $required[] = $_POST['pass'];
$confirmpass = $required[] = $_POST['confirmpass'];
}
//if EDIT current pass == correct ?
if($method == 'edit'){
#current email
$result = $mysqli->query('SELECT email FROM shop_customer_login WHERE id = '.$customerId.' LIMIT 1');
$record = $result->fetch_assoc();
$currentemail = $record['email'];
$passcorrect = 0;
#1 check for empty fields
if(!empty($currentemail) && !empty($currentpass)){
#2 check for existing user
$query = "SELECT id, email, hash, status FROM shop_customer_login WHERE email = '".addslashes($currentemail)."'";
if(!$result = $mysqli->query($query)){
//error handling
}
else{
if ($result->num_rows > 0) {
#3 check for correct password
$record = $result->fetch_assoc();
$hash = crypt($currentpass,$record['hash']);
if($record['hash'] == $hash ){
$passcorrect = 1;
}
}
}
}
if($passcorrect == 0){
$errors[] = '<span class="icon-fm-err"></span> Je huidige wachtwoord is niet correct.';
}
}
#2 check if required fields aren't empty
$empty = false;
foreach($required as $key => $value){
if(empty($value)) $empty = true;
}
if($empty) $errors[] = '<span class="icon-fm-err"></span> Je dient de verplichte velden in te vullen, deze velden herken je aan het sterretje.';
#3 email valid ?
$email = strtolower($email);
if(!isEmail($email)) {
//feedback invalid email
$errors[] = '<span class="icon-fm-err"></span> Je hebt geen geldig e-mail adres ingevoerd.';
}
#4 email unique ?
if($method == 'add'){
$query = 'SELECT email FROM shop_customer_login WHERE email = "'.$email.'" LIMIT 1';
if($result = $mysqli->query($query)){
//feedback email exists
if($result->num_rows > 0){
$errors[] = '<span class="icon-fm-err"></span> Dit email adres is bij ons al geregistreerd, ben je je wachtwoord vergeten?';
}
}
}
else{
$query = 'SELECT email FROM shop_customer_login WHERE email = "'.$email.'" LIMIT 1';
if($result = $mysqli->query($query)){
$record = $result->fetch_assoc();
$existingemail = $record['email'];
//feedback email exists
if($result->num_rows > 0 && $existingemail != $currentemail){
$errors[] = '<span class="icon-fm-err"></span> Dit email adres is bij ons al geregistreerd, ben je je wachtwoord vergeten?';
}
}
}
#5 date correct?
if(!empty($birthmonth) && !empty($birthday) && !empty($birthyear)){
if(empty($birthmonth)) $birthmonth = 0;
if(empty($birthday)) $birthday = 0;
if(empty($birthyear)) $birthyear = 0;
if(checkdate($birthmonth, $birthday, $birthyear)){
$birthday = mktime(12,0,0,$birthmonth,$birthday,$birthyear);
}
else{
$errors[] = '<span class="icon-fm-err"></span> Je hebt een niet-bestaande datum ingevuld.';
}
}
#6 check postal?
$postal = str_replace(' ','',$postal);
/*if(!eregi('^[0-9]{4}[a-zA-Z]{2}$',$postal)){
if(!eregi('^[0-9]{4}[a-zA-Z]{3}$',$postal)){
$errors[] = '<span class="icon-fm-err"></span> U heeft een foutieve postcode ingevuld.';
}
}*/
#7 valid passwords
if(!empty($pass)){
if(strlen($pass) < 6){
$errors[] = '<span class="icon-fm-err"></span> Je wachtwoord moet minimaal uit zes characters bestaan.';
}
if($pass != $confirmpass){
$errors[] = '<span class="icon-fm-err"></span> Je twee wachtwoorden komen niet overeen.';
}
}
if(isset($errors)){
//error msg
//set error in session
$fmsg = '';
foreach($errors as $key => $msg){
$fmsg .= $msg.'<br />';
}
$_SESSION['fm-acc'] = $fmsg;
header('location: ./');
}
else{
/* VALID */
// CREATE DEBITEURNR / CUSTOMERCODE \\
$letter1 = getNumberFromLetter(substr($lastname,0,1));
$letter1 = str_pad($letter1, 2, '0', STR_PAD_LEFT);
$letter2 = getNumberFromLetter(substr($lastname,1,1));
$letter2 = str_pad($letter2, 2, '0', STR_PAD_LEFT);
#8 prepare values for database
$title = inDatabase($title);
$firstname = inDatabase($firstname);
$middlename = inDatabase($middlename);
$lastname = inDatabase($lastname);
$street = inDatabase($street);
$addition = inDatabase($addition);
$city = inDatabase($city);
$country = inDatabase($country);
$email = inDatabase($email);;
// encrypt password \\
if(!empty($pass)){
$salt = generateSalt(8);
$hash = crypt($pass, $salt);
}
// get users ip \\
$ip = ip();
$ip = inDatabase($ip);
isset($_POST['newsletter']) ? $newsletter = 1 : $newsletter = 0;
if($method == 'add'){
## ADD ##
if($newsletter == 1){
// if newsletter ? -> add to mailChimplist
// Include Mailchimp API class
require_once('./php/MCAPI.class.php');
// Your API Key: http://admin.mailchimp.com/account/api/
$api = new MCAPI('ccb62294f1d37a7e16dbdbba4b4b25ca-us5');
// Your List Unique ID: http://admin.mailchimp.com/lists/ (Click "settings")
$list_id = "fad30feefb";
// Variables in your form that match up to variables on your subscriber
// list. You might have only a single 'name' field, no fields at all, or more
// fields that you want to sync up.
$tempLastname = '';
if(!empty($middlename)) $tempLastname .= $middlename.' ';
$tempLastname.= $lastname;
$merge_vars = array(
'FNAME' => $firstname,
'LNAME' => $tempLastname
);
// SUBSCRIBE TO LIST
if ( $api->listSubscribe($list_id, $email, $merge_vars) === true ){
$mailchimp_result = 'Success! Check your email to confirm sign up.';
} else {
$mailchimp_result = 'Error: ' . $api->errorMessage;
}
}
/*
//create activation key
$activationkey = mt_rand().mt_rand().mt_rand().mt_rand().mt_rand();
//make sure it doesn't exists
if(!activationkeyUnique()){
$actvalid = false;
while(!$actvalid){
$activationkey = mt_rand().mt_rand().mt_rand().mt_rand().mt_rand();
if(activationkeyUnique()) $actvalid = true;
}
}
*/
// insert values into personal table \\
$query = 'INSERT INTO shop_customer_personal(title, lastname, middlename, firstname, street, number, addition, postal, city, country, birthday, phone, newsletter, timest)
VALUES("'.$title.'","'.$lastname.'","'.$middlename.'","'.$firstname.'","'.$street.'","'.$number.'","'.$addition.'","'.$postal.'","'.$city.'","'.$country.'","'.$birthday.'","'.$phone.'","'.$newsletter.'",'.time().')';
if($result = $mysqli->query($query)){
//insert succes
$personalId = $mysqli->insert_id;
$query = 'INSERT INTO shop_customer_login(personalId, email, hash, status, ip )
VALUES('.$personalId.',"'.$email.'","'.$hash.'","1","'.$ip.'")';
$mysqli->query($query);
$loginId = $mysqli->insert_id;
$idCode = str_pad($personalId, 7, '0', STR_PAD_LEFT);
$customerCode = $letter1.$letter2.$idCode;
$mysqli->query('UPDATE shop_customer_personal SET customerCode = "'.$customerCode.'" WHERE id = '.$personalId.' LIMIT 1');
// send mail with activation key \\
/*
require_once('./php/mailformats.php');
// get msg \\
$msg = getActivationEmail();
// insert activation code \\
$msg = str_replace('[activationkey]',$activationkey,$msg);
$to = fromDatabase($email);
// headers \\
$headers = "From: Deense Kroon <noreply@deensekroon.nl>\r\n";
$headers .= "Reply-To: ".$to."\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
//subjects \\
$subject = 'Welkom! Activeer uw account';
if(mail($to, $subject, $msg, $headers)){
// header succes page \\
unset($_SESSION['fm-acc']);
unset($_SESSION['acc-regform']);
header('location: ../activeer-uw-account/');
}
else{
$_SESSION['fm-acc'] = 'Er is iets misgegaan bij het versturen van uw activatie mail. Neem contact op met info@deensekroon.nl. Onze excuses voor het ongemak.';
header('location: ./');
}*/
//SET CUSTOMER AS LOGGED IN
$str = $loginId.'_'.md5($hash);
$_SESSION['customerstr'] = $str;
//Header to next step
if($_SESSION['cart']['loginfromcart']){
header('location: /toont-uw-winkelwagen/uw-gegevens/');
}
else if(isset($_POST['location'])){
header('location: '.$_POST['location']);
}
else{
header('location: ./ ');
}
}
}
else{
## EDIT ##
$result = $mysqli->query('SELECT personalId FROM shop_customer_login WHERE id = '.$customerId.' LIMIT 1');
$record = $result->fetch_assoc();
$personalId = $record['personalId'];
$query = 'UPDATE shop_customer_personal SET title = "'.$title.'", lastname = "'.$lastname.'", middlename = "'.$middlename.'", firstname = "'.$firstname.'", street = "'.$street.'", number = "'.$number.'", addition = "'.$addition.'",
postal = "'.$postal.'", city = "'.$city.'", country = "'.$country.'", birthday = "'.$birthday.'", phone = "'.$phone.'", newsletter = "'.$newsletter.'"
WHERE id = '.$personalId.' LIMIT 1';
if(!$mysqli->query($query)){
}
$query = 'UPDATE shop_customer_login SET email = "'.$email.'"';
if(!empty($pass)) $query .= ', hash = "'.$hash.'"';
$query .= ' WHERE id = '.$customerId.' LIMIT 1';
$mysqli->query($query);
unset($_SESSION['fm-acc']);
unset($_SESSION['acc-regform']);
// if password changed, change session
if(!empty($pass) && $pass != $currentpass){
//create the admin string
$str = $customerId.'_'.md5($hash);
$_SESSION['customerstr'] = $str;
}
header('location: ../gegevens/');
}
}
}
////////////////////////////// C H E C K I F K E Y I S U N I Q U E \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function activationkeyUnique(){
global $mysqli;
$unique = false;
$query = 'SELECT activationkey FROM shop_customer_login WHERE activationkey = "'.$activationkey.'"';
if($mysqli->query($query)){
if($result->num_rows > 0){
$unique = false;
}
else{
$unique = true;
}
}
return $unique;
}
////////////////////////////// M E S S A G E A F T E R R E G I S T R A T I O N \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function showActivateMessage(){
// if isset customer session \\
$output = '';
$output .= 'Bedankt voor uw registratie!<br />Er is een link naar uw emailadres gestuurd om uw account te activeren.';
return $output;
}
////////////////////////////// A C T I V A T E A C C O U N T \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function activateAccount(){
global $mysqli;
//get activation key
$activationkey = URL_SUB;
$output = '';
//activate account
$query = 'SELECT activationkey, status FROM shop_customer_login WHERE activationkey = "'.$activationkey.'"';
if($result = $mysqli->query($query)){
$record = $result->fetch_assoc();
$status = $record['status'];
$output .= '<div class="acc-splitpage-login-holder">';
// check for action / message
if($status == 0){
if($result->num_rows > 0){
//valid key!
$updateQuery = 'UPDATE shop_customer_login SET status = 1 WHERE activationkey = "'.$activationkey.'"';
$mysqli->query($updateQuery);
//uw account is geactiveerd!
$output .= 'Gefeliciteerd, uw account is geactiveerd!<br /><br />';
unset($_SESSION['login-customer-err']);
}
}
else{
// uw account is al geactiveerd
$output .= 'Uw account is al geactiveerd, u kunt hieronder inloggen!<br /><br />';
unset($_SESSION['login-customer-err']);
}
// login!
$output .= '<h4>Inloggen bij Deense Kroon.</h4>';
if(isset($_SESSION['login-customer-err'])){
$output .= '<div class="login-err-msg">'.$_SESSION['login-customer-err'].'</div>';
}
$output .= '<form action="" method="post">';
$output .= '<h5>uw email adres</h5>';
$output .= '<input type="text" name="email" value="" class="txt-232" />';
$output .= '<h5>uw wachtwoord</h5>';
$output .= '<input type="password" name="pass" value="" class="txt-232" />';
$output .= '<input type="hidden" name="location" value="../../mijn-account/" />';
$output .= '<input type="submit" name="login_customer" value="login" class="button-arrow-168"/>';
$output .= '</form>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<div class="bottom-space"></div>';
$output .= '<div class="bottom-space"></div>';
}
return $output;
}
////////////////////////////// L O G I N C U S T O M E R \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function sbmLoginCustomer(){
//access the global sql object
global $mysqli;
//store email in var
$email = $_POST['email'];
//store pass
$pass = $_POST['pass'];
#1 check for empty fields
if(!empty($email) && !empty($pass)){
#2 check for existing user
$query = "SELECT id, email, hash, status FROM shop_customer_login WHERE email = '".addslashes($_POST['email'])."'";
if(!$result = $mysqli->query($query)){
//error handling
}
else{
if ($result->num_rows > 0) {
#3 check for correct password
$record = $result->fetch_assoc();
$hash = crypt($_POST['pass'],$record['hash']);
if($record['hash'] == $hash ){
if($record['status'] == 1){
// login valid!
//create the admin string
$str = $record['id'].'_'.md5($hash);
$_SESSION['customerstr'] = $str;
unset($_SESSION['login-customer-err']);
//header to the main page
if($_SESSION['cart']['loginfromcart']){
header('location: /toont-uw-winkelwagen/uw-gegevens/');
}
else if(isset($_POST['location'])){
header('location: '.$_POST['location']);
}
else{
header('location: ./ ');
}
}
else if($record['status'] == 0){
$_SESSION['login-customer-err'] = '<span class="icon-fm-err"></span>Uw account is nog niet geactiveerd, <br />kijk voor de link in uw mail.';
header('location: ./ ');
}
}
else {
//feedback pass incorrect
$_SESSION['login-customer-err'] = '<span class="icon-fm-err"></span>Uw wachtwoord of emailadres is incorrect.';
header('location: ./ ');
}
}
else {
//feedback user incorrect
$_SESSION['login-customer-err'] = '<span class="icon-fm-err"></span>Uw wachtwoord of emailadres is incorrect.';
header('location: ./ ');
}
}
}
else{
//feedback fill in both fields
$_SESSION['login-customer-err'] = '<span class="icon-fm-err"></span>Vult u beide velden in a.u.b.';
header('location: ./ ');
}
}
////////////////////////////// S H O W M Y A C C O U N T \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
function showMyAccount(){
# dispatch content
$page = 'overzicht';
if(defined('URL_SUB')){
$page = URL_SUB;
}
$contentOutput = '';
switch($page){
case 'overzicht':
$contentOutput .= '<div id="acc-content">';
$contentOutput .= showMyAcountDashboard();
$contentOutput .= '</div>';
break;
case 'gegevens':
$contentOutput .= '<div id="acc-content">';
$contentOutput .= showMyAcountData();
$contentOutput .= '</div>';
break;
case 'bestellingen':
$contentOutput .= '<div id="acc-content">';
$contentOutput .= showMyAcountOrders();
$contentOutput .= '</div>';
break;
case 'facturen':
$contentOutput .= '<div id="acc-content">';
$contentOutput .= showMyAcountInvoices();
$contentOutput .= '</div>';
break;
case 'wijzig-gegevens':
// register dispatcher
if(isset($_POST['sbm-edit-customer'])){
validateRegForm('edit');
}
else{
$contentOutput .= showRegForm('edit');
}
break;
default:
$contentOutput .= '<div id="acc-content">';
$contentOutput .= showMyAcountDashboard();
$contentOutput .= '</div>';
}
$output = '';
$output .= '<ul id="acc-menu">';
$output .= '<li class="acc-title">menu</li>';
//overzicht
$output .= '<li id="acc-menu-overzicht"';
if($page == 'overzicht') $output .= ' class="acc-active"';
$output .= '><a href="/mijn-account/overzicht/">';
if($page == 'overzicht') $output .= '<span class="icon-arrow-down acc-active"></span>';
$output .= 'overzicht</a></li>';
//gegevens
$output .= '<li id="acc-menu-gegevens" ';
if($page == 'gegevens') $output .= ' class="acc-active"';
$output .= '><a href="/mijn-account/gegevens/">';
if($page == 'gegevens') $output .= '<span class="icon-arrow-down acc-active"></span>';
$output .= 'mijn gegevens</a></li>';
//bestellingen
$output .= '<li id="acc-menu-bestellingen"';
if($page == 'bestellingen') $output .= ' class="acc-active"';
$output .= '><a href="/mijn-account/bestellingen/">';
if($page == 'bestellingen') $output .= '<span class="icon-arrow-down acc-active"></span>';
$output .= 'bestellingen</a></li>';
//facturen
$output .= '<li id="acc-menu-facturen"';
if($page == 'facturen') $output .= ' class="acc-active"';
$output .= '><a href="/mijn-account/facturen/">';
if($page == 'facturen') $output .= '<span class="icon-arrow-down acc-active"></span>';
$output .= 'facturen</a></li>';
$output .= '</ul>';
$output .= $contentOutput;
return $output;
}
function showMyAcountDashboard(){
$output = '';
if(isset($_SESSION['customerstr'])){
$output .= '<h2>laatste facturen</h2><br /><br />';
$output .= '<a href="/mijn-account/facturen/">bekijk al je facturen</a>';
$output .= '<hr />';
$output .= showMyAcountInvoices(2);
$output .= '<div class="clear"></div>';
$output .= '<h2>laatste bestellingen</h2><br /><br />';
$output .= '<a href="/mijn-account/bestellingen/">bekijk al je bestellingen</a>';
$output .= '<hr />';
$output .= showMyAcountOrders(2);
$output .= '<div class="clear"></div>';
}
return $output;
}
function showMyAcountData(){
$output = '';
if(isset($_SESSION['customerstr'])){
global $mysqli;
$output = '';
// klant details
$temp = explode('_', $_SESSION['customerstr']);
$customerId = $temp[0];
//// get info \\\\
if($result = $mysqli->query('SELECT DISTINCT cl.id AS customerId, cl.email, cl.status,
cp.title, cp.customerCode, cp.firstName, cp.middleName, cp.lastName, cp.timest, cp.newsletter,
cp.postal, cp.street, cp.number, cp.addition, cp.city, cp.country, cp.phone, cp.birthday
FROM shop_customer_login AS cl, shop_customer_personal AS cp
WHERE cl.personalId = cp.id
AND cl.id = '.$customerId.' LIMIT 1')){
$numOrders = $result->num_rows;
$record = $result->fetch_assoc();
//// store info \\\\
$customerId = $record['customerId'];
$customerCode = $record['customerCode'];
$memberSince = $record['timest'];
$email = fromDatabase($record['email']);
$newsletter = $record['newsletter'];
$status = $record['status'];
$title = $record['title'];
$phone = $record['phone'];
$street = $record['street'];
$number = $record['number'];
$addition = $record['addition'];
$postal = $record['postal'];
$city = $record['city'];
$country = $record['country'];
$birthday = $record['birthday'];
$firstName = $record['firstName'];
$middleName = $record['middleName'];
$lastName = $record['lastName'];
$adress = $street.' '.$number;
if(!empty($addition)) $adress .= $addition;
$country = $record['country'];
$name = $record['firstName'];
if(!empty($record['middleName'])) $name .= ' '.$record['middleName'];
$name .= ' '.$record['lastName'];
//// create display info \\\\
$memberSince = date('d / m / Y',$memberSince); # memberSince
$newsletter == 1 ? $displayNewsletter = 'ja' : $displayNewsletter = 'nee';
switch($status){
case 0: $displayStatus = 'non-actief';
break;
case 1: $displayStatus = 'actief';
break;
case 2: $displayStatus = 'geblokkeerd';
break;
}
$output .= '<h2>jouw gegevens</h2>';
$output .= '<table class="customer-data" cellpadding="0" cellspacing="0">';
// debiteur nummer
$output .= '<tr>';
$output .= '<td>Debiteurnummerr</td>';
$output .= '<td class="order-customer-detail">'.$customerCode.'</td>';
$output .= '</tr>';
// debiteur nummer
$output .= '<tr>';
$output .= '<td>Klant sinds</td>';
$output .= '<td class="order-customer-detail">'.$memberSince.'</td>';
$output .= '</tr>';
// space
$output .= '<tr>';
$output .= '<td colspan="2"> </td>';
$output .= '</tr>';
// voornaam
$output .= '<tr>';
$output .= '<td>Voornaam</td>';
$output .= '<td class="order-customer-detail">'.ucfirst($firstName).'</td>';
$output .= '</tr>';
// naam
$output .= '<tr>';
$output .= '<td>Naam</td>';
$output .= '<td class="order-customer-detail">'.ucfirst($lastName);
if(!empty($middleName)) $output .= ', '.$middleName;
$output .= '</td>';
$output .= '</tr>';
// email
$output .= '<tr>';
$output .= '<td>Email</td>';
$output .= '<td class="order-customer-detail">'.$email.'</td>';
$output .= '</tr>';
// tel
$output .= '<tr>';
$output .= '<td>Tel.</td>';
$output .= '<td class="order-customer-detail">'.$phone.'</td>';
$output .= '</tr>';
// space
$output .= '<tr>';
$output .= '<td colspan="2"> </td>';
$output .= '</tr>';
// afleveradres / straat
$output .= '<tr>';
$output .= '<td>Adres.</td>';
$output .= '<td class="order-customer-detail">'.$adress.'</td>';
$output .= '</tr>';
// postcode
$output .= '<tr>';
$output .= '<td> </td>';
$output .= '<td class="order-customer-detail">'.$postal.' '.$city.'</td>';
$output .= '</tr>';
// land
$output .= '<tr>';
$output .= '<td> </td>';
$output .= '<td class="order-customer-detail">'.$country.'</td>';
$output .= '</tr>';
// space
$output .= '<tr>';
$output .= '<td colspan="2"> </td>';
$output .= '</tr>';
$output .= '<tr>';
$output .= '<td>Geboren</td>';
$output .= '<td class="order-customer-detail">'.date('d / m / Y',$birthday).'</td>';
$output .= '</tr>';
$output .= '<tr>';
$output .= '<td>Nieuwsbrief</td>';
$output .= '<td class="order-customer-detail">'.$displayNewsletter.'</td>';
$output .= '</tr>';
$output .= '</table>';
$output .= '<br />';
$output .= '<a href="/mijn-account/wijzig-gegevens/"><span class="button-arrow-168">Wijzig je gegevens</span></a>';
$output .= '<div class="clear"></div>';
}
else{
$output .= 'Geen klant gevonden';
}
}
return $output;
}
function showMyAcountOrders($limit = 0){
$output = '';
if(isset($_SESSION['customerstr'])){
//// shows a list of the latest orders by this customer\\\\
#1. get customer id
#2. get information
#3. output information
global $mysqli;
$temp = explode('_',$_SESSION['customerstr']);
$customerId = $temp[0];
$query = 'SELECT DISTINCT oi.id, oi.orderCode, oi.orderDate, amount, orderStatus, lastUpdate
FROM shop_order_info AS oi
WHERE oi.customerId = '.$customerId.'
ORDER BY lastUpdate DESC';
if($limit != 0) $query .= ' LIMIT '.$limit;
if($result = $mysqli->query($query)){
if($result->num_rows > 0){
while($record = $result->fetch_assoc()){
$orderId = $record['id'];
$orderCode = $record['orderCode'];
$orderDate = $record['orderDate'];
$amount = $record['amount'];
$orderStatus = $record['orderStatus'];
$lastUpdate = $record['lastUpdate'];
$displayAmount = displayPrice($amount);
$displayOrderdate = date('d / m / Y', $orderDate);
$displayOrderStatus = 'In behandeling';
$displayDeliveryStatus = '-';
$products = array();
$i = 0;
$totalProducts = 0;
if($productResult = $mysqli->query('SELECT stockcode, numproducts, productId, title
FROM shop_order_products
WHERE orderId = '.$orderId)){
while($productRecord = $productResult->fetch_assoc()){
$products[$i]['stockcode'] = $productRecord['stockcode'];
$products[$i]['numproducts'] = $productRecord['numproducts'];
$products[$i]['productId'] = $productRecord['productId'];
$products[$i]['title'] = $productRecord['title'];
$totalProducts += $productRecord['numproducts'];
$i++;
}
}
if($totalProducts > 1){ $displayNumproducts = $totalProducts.' artikelen'; }
else{ $displayNumproducts = $totalProducts.' artikel'; }
$output .= '<div class="order-holder">';
$output .= '<a name="'.$orderCode.'"></a>';
$output .= '<span class="order-code"><span class="icon-arrow-bullet"></span>Bestelnr: '.$orderCode.'</span>';
$output .= '<span class="order-info">'.$displayOrderdate.', '.$displayNumproducts.', totaal: '.$displayAmount.'</span>';
$output .= '<div class="quadruple-column no-padding">';
$output .= '<div class="acc-order-column"><strong>Artikelen</strong></div>';
$output .= '<div class="acc-order-column"><strong>Bestelstatus</strong></div>';
$output .= '<div class="acc-order-column"><strong>Verzending</strong></div>';
$output .= '<div class="acc-order-column"><strong>Retourneren</strong></div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<hr class="no-margin-top"/>';
$output .= '<div class="quadruple-column no-padding">';
$output .= '<div class="acc-order-column">';
foreach($products as $key => $value){
//$linkTitle = linkname($products[$key]['title']);
//$link = '/toont-het-artikel/'.$linkTitle.'-'.$products[$key]['productId'].'/';
///$output .= '<a href="'.$link.'">';
//if(isset($products[$key]['productId']))$output .= '</a>';
$output .= $products[$key]['numproducts'].'x ' . $products[$key]['title'] .' ('.$products[$key]['stockcode'] .')';
}
$output .= ' </div>';
$output .= '<div class="acc-order-column">'.$displayOrderStatus.'</div>';
$output .= '<div class="acc-order-column">'.$displayDeliveryStatus.'</div>';
$output .= '<div class="acc-order-column">info@deensekroon.nl</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<hr />';
$output .= '</div>';
}
}
else{
$output .= 'Je hebt nog geen bestellingen geplaatst.<br /><br /><a href="/toont-haar-collectie/">Kijk eens naar onze collectie!</a>';
}
}
}
return $output ;
}
function showMyAcountInvoices($limit = 0){
$output = '';
if(isset($_SESSION['customerstr'])){
//// shows a list of the latest orders by this customer\\\\
#1. get customer id
#2. get information
#3. output information
global $mysqli;
$temp = explode('_',$_SESSION['customerstr']);
$customerId = $temp[0];
$query = 'SELECT DISTINCT oi.id, oi.orderCode, oi.orderDate, amount, orderStatus, lastUpdate, paymentStatus
FROM shop_order_info AS oi
WHERE oi.customerId = '.$customerId.'
ORDER BY lastUpdate DESC';
if($limit != 0) $query .= ' LIMIT '.$limit;
if($result = $mysqli->query($query)){
if($result->num_rows > 0){
//heading
$output .= '<div class="order-holder">';
$output .= '<div class="quadruple-column no-padding">';
$output .= '<div class="acc-invoice-column larger"><strong>Bestelnummer</strong></div>';
$output .= '<div class="acc-invoice-column larger"><strong>Factuur</strong></div>';
$output .= '<div class="acc-invoice-column"><strong>Datum</strong></div>';
$output .= '<div class="acc-invoice-column smaller"><strong>Bedrag</strong></div>';
$output .= '<div class="acc-invoice-column smaller"><strong>Betaling</strong></div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<hr class="no-margin-top"/>';
while($record = $result->fetch_assoc()){
$orderId = $record['id'];
$orderCode = $record['orderCode'];
$orderDate = $record['orderDate'];
$amount = $record['amount'];
$orderStatus = $record['orderStatus'];
$lastUpdate = $record['lastUpdate'];
$paymentStatus = $record['paymentStatus'];
$displayAmount = displayPrice($amount);
$displayOrderdate = date('d / m / Y', $orderDate);
$displayOrderStatus = 'In behandeling';
$displayDeliveryStatus = '-';
$output .= '<div class="quadruple-column no-padding">';
$output .= '<div class="acc-invoice-column larger"><a href="/mijn-account/bestellingen/#'.$orderCode.'">'.$orderCode.'</a></div>';
$output .= '<div class="acc-invoice-column larger"><a href="/invoice/invoice.php?invoice='.$orderCode.'&orderId='.$orderId.'" target="_blank">'.$orderCode.'</a></div>';
$output .= '<div class="acc-invoice-column">'.$displayOrderdate.'</div>';
$output .= '<div class="acc-invoice-column smaller">'.$displayAmount.'</div>';
$output .= '<div class="acc-invoice-column smaller">'.$paymentStatus.'</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
$output .= '<div class="clear"></div>';
$output .= '<hr />';
$output .= '</div>';
}
else{
$output .= 'Er zijn geen facturen voor je beschikbaar. Wellicht heb je nog geen bestellingen gedaan. <br /><br /><a href="/toont-haar-collectie/">Kijk eens naar onze collectie!</a>';
}
}
}
return $output ;
}
?>