class Customer
{
private $id;
+ private $email;
+ private $name;
+ private $address;
+ private $contact;
/**construct an empty customer; if $id is given it tries to pre-load from the database*/
public function __construct($id=false)
{
$this->id=false;
if($id!==false){
- $this->getByID($id);
+ if ($this->getByID($id)) {
+ $res=$db->select("customer", "*", "customerid=".$db->escapeInt($id));
+ if (count($res) == 1) {
+ $this->email = $res[0]["email"];
+ $this->name = $res[0]["name"];
+ $this->address = $res[0]["address"];
+ $this->contact = $res[0]["contact"];
+ }
+ }
}
}
public function getByID($id)
{
global $db;
- $res=$db->select("customer","customerid","where customerid=".$db->escapeInt($id));
+ $res=$db->select("customer","customerid","customerid=".$db->escapeInt($id));
if(count($res)>0){
$this->id=$id+0;
return true;
public function getByMail($mail)
{
global $db;
- $res=$db->select("customer","customerid","where email=".$db->escapeString($mail));
+ $res=$db->select("customer","customerid","email=".$db->escapeString($mail));
if(count($res)>0){
$this->id=$res[0]["customerid"];
return true;
return false;
}
+ /** returns the name of the customer */
+ public function getName()
+ {
+ if($this->id===false)
+ return "";
+ else
+ return $this->name;
+ }
+
+ /** returns the email address of the customer */
+ public function getEmail()
+ {
+ if($this->id===false)
+ return "";
+ else
+ return $this->email;
+ }
+
+ /** returns the address of the customer */
+ public function getAddress()
+ {
+ if($this->id===false)
+ return "";
+ else
+ return $this->address;
+ }
+
+ /** returns the contact data of the customer */
+ public function getContact()
+ {
+ if($this->id===false)
+ return "";
+ else
+ return $this->contact;
+ }
+
+ /**returns the data in an array suitable for the web-page-renderer*/
+ public function getParserData()
+ {
+ return array("CUST_NAME"=>$this->getName(), "CUST_EMAIL"=>$this->getEmail(), "CUST_ADDRESS"=>$this->getAddress(), "CUST_CONTACT"=>$this->getContact());
+ }
+
/**checks whether the customer exists in the database; getByID or getByMail must have been called first*/
public function exists()
{
$db->update("customer",array("passwd"=>$pass),"customerid=".$db->escapeInt($this->id));
}
+ /**sets the address of this customer*/
+ public function setAddress($address)
+ {
+ if($this->id===false)
+ return;
+ global $db;
+ $db->update("customer", array("address"=>$address), "customerid=".$db->escapeInt($this->id));
+ }
+
+ /**sets the contact data of this customer*/
+ public function setContact($contact)
+ {
+ if($this->id===false)
+ return;
+ global $db;
+ $db->update("customer", array("contact"=>$phone), "customerid=".$db->escapeInt($this->id));
+ }
+
/**checks whether $password matches the stored password for this customer; returns true on success*/
public function authenticate($passwd)
{
$parser->setVAR("PAGE", $localParser->parseFile("orderlogin.html"));
}
+/** creates the view to register a new customer */
+function createCustomerRegistration()
+{
+ global $parser;
+
+ $error = ErrorManager::singleton();
+
+ $localParser = new Parser("customerregistration.html");
+
+ $email = "";
+
+ // check if email is set and is an correct eMail-Address
+ if (isset($_GET["email"]) && isEmail($_GET["email"])) {
+ $email = $_GET["email"];
+
+ // set new POST-Url
+ $fullUrl = $parser->getVar("FULLURL");
+ $newUrl = substr($fullUrl, 0, (strpos($fullUrl, "&")) - strlen($fullUrl));
+ $localParser->setVar("FULLURL", $newUrl);
+ }
+
+ // if email not available and no error, then it must be an intrusion
+ if (empty($email) && !$error->exists()) {
+ header("Location:index.php");
+ exit();
+ }
+
+ // set input fields
+ $localParser->setVar("fieldCUST_EMAIL", "ms_custEmail");
+ $localParser->setVar("fieldCUST_NAME", "ms_custName");
+ $localParser->setVar("fieldCUST_ADDRESS", "ms_custAddress");
+ $localParser->setVar("fieldCUST_CONTACT", "ms_custContact");
+ $localParser->setVar("fieldCUST_PASSWD", "ms_custPasswd");
+ $localParser->setVar("fieldCUST_PASSWD2", "ms_custPasswd2");
+ $localParser->setVar("buttonCUST_REGISTER", "ms_custRegister");
+
+ // set data
+ if (!$error->exists()) {
+ $localParser->setVar("CUST_EMAIL", $email);
+ $localParser->setVar("CUST_NAME", "");
+ $localParser->setVar("CUST_ADDRESS", "");
+ $localParser->setVar("CUST_CONTACT", "");
+ } else {
+ $localParser->setVar("CUST_EMAIL", $_POST["ms_custEmail"]);
+ $localParser->setVar("CUST_NAME", $_POST["ms_custName"]);
+ $localParser->setVar("CUST_ADDRESS", $_POST["ms_custAddress"]);
+ $localParser->setVar("CUST_CONTACT", $_POST["ms_custContact"]);
+ }
+
+ // set error message
+ if ($error->exists()) {
+ $localParser->setVar("ERROR", "true");
+ $localParser->setVar("ERRORAREA", $error->getAllFormatted());
+ }
+
+ // create page
+ $parser->setVAR("PAGE", $localParser->parseFile("customerregistration.html"));
+}
+
?>
\ No newline at end of file
return;
}
+ // check if eMail already registered
+ $customer = new Customer();
+ if ($customer->getByMail($_POST["ms_email"])) {
+ $error->add(i18n("eMail already registered!"));
+ return;
+ }
+
+ // go to user registration
+ Header("Location: index.php?mode=customerRegistration&email=".$_POST["ms_email"]);
+ exit();
+
// if user is registered
} elseif ($_POST["ms_isCustomer"] == "true") {
if (!isEmail($_POST["ms_email"])) {
- $error->add(i18n("Please enter a correct email address!"));
+ $error->add(i18n("Please enter a valid email address!"));
}
if (empty($_POST["ms_password"])) {
$error->add(i18n("Please enter a password!"));
}
if ($error->exists())
return;
- // TODO: check if login valid
+
+ //check if user really available and password correct
+ $customer = new Customer();
+ $customer->getByMail($_POST["ms_email"]);
+ if ($customer->authenticate($_POST["ms_password"])) {
+ // go to order overview
+ Header("Location: index.php?mode=userdata");
+ exit();
+ } else {
+ $error->add(i18n("eMail or Password wrong"));
+ }
// if radio button is not checked
} else {
$error->add(i18n("Please specify if you're a registered user!"));
return;
}
+ }
+}
+
+/** checks the data for a new user */
+function registerUser()
+{
+ $error = ErrorManager::singleton();
+
+ if (isset($_POST["ms_custRegister"])) {
+
+ // check if eMail already registered
+ $customer = new Customer();
+ if ($customer->getByMail($_POST["ms_custEmail"])) {
+ $error->add(i18n("eMail already registered!"));
+ return;
+ }
- Header("Location: index.php?mode=userdata");
- exit();
+ // check if email is a valid address
+ if (!isEmail($_POST["ms_custEmail"])) {
+ $error->add(i18n("Please enter a valid email address!"));
+ }
+
+ // check if name is not empty
+ if (empty($_POST["ms_custName"])) {
+ $error->add(i18n("Please enter a name!"));
+ }
+
+ // check if address is not empty
+ if (empty($_POST["ms_custAddress"])) {
+ $error->add(i18n("Please enter an address!"));
+ }
+
+ // check if contact data is not empty
+ //if (empty($_POST["ms_custContact"])) {
+ // $error->add(i18n("Please enter a phone number!"));
+ //}
+
+ // check if passwords are not empty and equal
+ if (empty($_POST["ms_custPasswd"]) || ($_POST["ms_custPasswd"] != $_POST["ms_custPasswd2"])) {
+ $error->add(i18n("Passwords are empty or not equal!"));
+ }
+
+ // if error then exit
+ if ($error->exists()) {
+ return;
+ }
+
+ $customer = new Customer();
+ $customer->create($_POST["ms_custName"]);
+ $customer->setMail($_POST["ms_custEmail"]);
+ $customer->setAddress($_POST["ms_custAddress"]);
+ $customer->setPassword($_POST["ms_custPasswd"]);
+
+ if (!empty($_POST["ms_custContact"])) {
+ $customer->setContact($_POST["ms_custContact"]);
+ }
+
+ // redirect to overview page
}
}
/** checks if given value is a valid email address */
-function isEmail($value) {
+function isEmail($value)
+{
return ereg("^[a-zA-Z0-9\._-]+@[a-zA-Z0-9\._-]+$", $value);
}
checkOrderLogin();
createOrderLogin();
break;
+ case "customerRegistration":
+ registerUser();
+ createCustomerRegistration();
+ break;
default:
createEventList();
break;
--- /dev/null
+<h1>Kundenregistrierung</h1>
+<div id="ms_form">
+<form action="@FULLURL@" method="POST">
+<fieldset class="ms_Form">
+<div class="ms_FormRow">
+<label for="ms_text_email">E-Mail-Adresse:</label>
+<input type="text" id="ms_text_email" name="@fieldCUST_EMAIL@" value="@CUST_EMAIL@" />
+</div>
+<div class="ms_FormRow">
+<label for="ms_textfield_name">Name:</label>
+<input type="text" id="ms_textfield_name" name="@fieldCUST_NAME@" value="@CUST_NAME@" />
+</div>
+<div class="ms_FormRow">
+<label for="ms_textfield_address">Adresse:</label>
+<textarea id="ms_textfield_address" name="@fieldCUST_ADDRESS@" rows="3">@CUST_ADDRESS@</textarea>
+</div>
+<div class="ms_FormRow">
+<label for="ms_textfield_contact">Tel-Nr:</label>
+<input type="text" id="ms_textfield_contact" name="@fieldCUST_CONTACT@" value="@CUST_CONTACT@" />
+</div>
+<div class="ms_FormRow">
+<label for="ms_textfield_password">Passwort:</label>
+<input type="password" id="ms_textfield_password" name="@fieldCUST_PASSWD@" />
+</div>
+<div class="ms_FormRow">
+<label for="ms_textfield_password2">Passwort wiederholt:</label>
+<input type="password" id="ms_textfield_password2" name="@fieldCUST_PASSWD2@">
+</div>
+</fieldset>
+
+<div class="ms_ButtonArea">
+<input type="submit" id="ms_button_register" name="@buttonCUST_REGISTER@" value="Registrieren und weiter zur Bestellübersicht" />
+</div>
+</form>
+
+#if:ERROR==true
+@ERRORAREA@
+#endif
+
+</div>
\ No newline at end of file
projects / web/konrad/smoke.git / commitdiff