<?
$row = bsql_quickrow('SELECT * FROM client_data WHERE cd_field = \'login\'
AND cd_value = \''.addslashes($_POST['email']).'\'');
if($haspass == '1') {
if($row && client_getval($row[0],'c_type') == 'site') {
$id = $row[0];
if(client_getval($id,'password') == $_POST['password']) {
$SITECLIENT = $id;
setcookie('bcom_'.$_BCOM['db_name'].'_mb',$SITECLIENT,time()+2592000);
$ORD->setval('clientid',$SITECLIENT);
if(client_getval($id,'currentorder')!='') {
//perhaps a "continue last order" message here.
//some how resume an old order!?
//$ORDID = client_getval($id,'currentorder');
} else {
client_setval($SITECLIENT,'currentorder',$ORDID);
}
if(isset($aftersignin) && $aftersignin != '') {
$display = $aftersignin;
}
} else {
$loginmsg = 'Login Failed, incorrect password.';
}
} else {
$loginmsg = 'Login Failed, unknown user.';
}
} elseif($row && client_getval($row[0],'c_type') == 'site' && !isset($mode)) {
$O['HEADING'] = 'User already exists'; $O['BUTTONS'] = ''; $O['NEXT'] = '';
$O['BODY'] = '<B>You appear to already have an account with us,
you can sign in by typing your password into the box below and pressing continue.</B><BR><BR>
<INPUT TYPE="password" NAME="password" SIZE="15">'.formbutton('continue','continue').'
<INPUT TYPE="HIDDEN" NAME="email" VALUE="'.urlencode($email).'">
<INPUT TYPE="HIDDEN" NAME="haspass" VALUE="1">
<BR><BR>
<B>If you have forgotten your password, you can attempt
to set a new password by <A HREF="order.php?action=lostpassword">clicking here</A></B>.
<BR>
<BR>
<B>If you want to create a new account, you can do so by
<A HREF="order.php?action=signin&mode=replace&haspass=0&email='.urlencode($email).'">clicking here</A>.
You will lose your order history and
will be required to re-fill all your details</B>.';
order_display('default',$O);
}
else {
if(!isset($firstname)) { $firstname = ''; }
if(!isset($lastname)) { $lastname = ''; }
if(!isset($email2)) { $email2 = ''; }
if(!isset($password2)) { $password2 = ''; }
if(isset($mode) && $mode == 'replace') {
bsql_query('DELETE FROM client_data WHERE cd_field = \'login\' and cd_value = \''.$email.'\'');
}
$O['HEADING'] = 'Registration'; $O['NEXT'] = '';
if($errmsg != '') {
$O['BODY'] = $tfont.'<B>The following details were not filled out correctly!</B></FONT>
'.$font.'<UL>'.$errmsg.'</UL></FONT><BR>';
}
else { $O['BODY'] = ''; }
$O['BODY'] .= $tfont.'<B>Please Enter you registration details below:</B></FONT><BR>
<TABLE BORDER="0">
<TR><TD ALIGN="RIGHT"><B>'.$font.'My first name is:</TD><TD>'.ui_textbox('firstname',$firstname,30).'</TR>
<TR><TD ALIGN="RIGHT"><B>'.$font.'My last name is:</TD><TD>'.ui_textbox('lastname',$lastname,30).'</TD></TR>
<TR><TD> </TD><TD> </TD></TR>
<TR><TD ALIGN="RIGHT"><B>'.$font.'My e-mail address is:</TD><TD>'.ui_textbox('email',$email,30).'</TD></TR>
<TR><TD ALIGN="RIGHT"><B>'.$font.'Type it again:</TD><TD>'.ui_textbox('email2',$email2,30).'</TD></TR>
</TABLE><BR>
'.$tfont.'<B>Enter a password to protect your information:</B></FONT></BR>
<TABLE BORDER="0">
<TR><TD ALIGN="RIGHT"><B>'.$font.'Enter a new password: '.ui_textbox('password',$password,15,255,'password').'<BR>
<TR><TD ALIGN="RIGHT"><B>'.$font.'Type it again: '.ui_textbox('password2',$password2,15,255,'password').'<BR>
</TABLE><BR>
'.formbutton('continue','continue').'<INPUT TYPE="HIDDEN" NAME="action" VALUE="createaccount">';
$O['NEXT'] = '';
$O['BUTTONS'] = '';
order_display('default',$O);
}
?>