php_self)) { $this->php_self = strtolower(basename($_SERVER['PHP_SELF'])); } if ($this->php_self == '404.php') { $page_name = 'page-404'; } else { if(preg_match('#^'.__PS_BASE_URI__.'modules/([a-zA-Z0-9_-]+?)/([^?]*)(\?(.*))?$#', strtolower($_SERVER['REQUEST_URI']), $m)) { $page_name = 'module-'.$m[1].'-'.str_replace(array('.php', '/'), array('', '-'), $m[2]); } else { $page_name = preg_replace('/\.php$/', '', $this->php_self); } } self::$smarty->assign(array('page_name' => $page_name)); $displayLeft = array( 'page-404', 'address', 'addresses', /*'authentication',*/ 'best-sales', 'breadcrumb', 'category', 'category-cms-tree-branch', 'category-tree-branch', 'cms', 'contact-form', 'discount', 'errors', 'footer', 'guest-tracking', 'header', 'history', 'identity', /*'index',*/ 'maintenance', 'manufacturer', 'manufacturer-list', 'my-account', 'new-products', 'order', 'order-address', 'order-carrier', 'order-confirmation', 'order-detail', 'order-follow', 'order-opc', 'order-opc-new-account', 'order-payment', 'order-return', 'order-slip', 'order-steps', 'pagination', /*'password',*/ 'payment', 'prices-drop', /*'product',*/ 'product-compare', 'product-list', 'products-comparison', 'product-sort', 'restricted-country', 'scenes', 'search', 'shopping-cart', 'shopping-cart-product-line', 'sitemap', 'store_infos', 'stores', 'supplier', 'supplier-list', 'module-privatesales-salechange', 'module-invite-invite-program', 'module-referralprogram-referral-program', 'module-cheque-payment', 'module-bankwire-payment', 'module-invite-invite-rules', ); if($page_name == 'index') { global $cookie; if($cookie->isLogged()) { $displayLeft[] = 'index'; } } $displayRight = array( /*'page-404', 'address', 'addresses', 'authentication', 'best-sales', 'breadcrumb', 'category', 'category-cms-tree-branch', 'category-tree-branch', 'cms', 'contact-form', 'discount', 'errors', 'footer', 'guest-tracking', 'header', 'history', 'identity', 'index', 'maintenance', 'manufacturer', 'manufacturer-list', 'my-account', 'new-products', 'order', 'order-address', 'order-carrier', 'order-confirmation', 'order-detail', 'order-follow', 'order-opc', 'order-opc-new-account', 'order-payment', 'order-return', 'order-slip', 'order-steps', 'pagination', 'password', 'payment', 'prices-drop', 'product', 'product-compare', 'product-list', 'products-comparison', 'product-sort', 'restricted-country', 'scenes', 'search', 'shopping-cart', 'shopping-cart-product-line', 'sitemap', 'store_infos', 'stores', 'supplier', 'supplier-list', 'module-privatesales-salechange', 'module-invite-invite-program', 'module-referralprogram-referral-program', 'module-cheque-payment', 'module-bankwire-payment', 'module-invite-invite-rules',*/ ); $countCols = count(array_keys($displayLeft + $displayRight, $page_name)); $bodyClass = 'singleCol'; if($countCols == 1) { $bodyClass = 'doubleCol'; } elseif($countCols == 2) { $bodyClass = 'tripleCol'; } self::$smarty->assign(array( 'displayLeft' => $displayLeft, 'displayRight' => $displayRight, 'bodyClass' => $bodyClass, )); Module::hookExec('preprocess'); if (self::$cookie->isLogged() && !Tools::isSubmit('ajax')) { Tools::redirect('/'); } if (Tools::getValue('create_account')) { $create_account = 1; self::$smarty->assign('email_create', 1); } if (Tools::isSubmit('SubmitCreate')) { $create_account = 1; self::$smarty->assign('email_create', Tools::safeOutput($email)); } if (Tools::isSubmit('submitAccount') || Tools::isSubmit('submitGuestAccount')) { $create_account = 1; if(Tools::isSubmit('submitAccount')) { self::$smarty->assign('email_create', 1); } /* New Guest customer */ if (!Tools::getValue('is_new_customer', 1) && !Configuration::get('PS_GUEST_CHECKOUT_ENABLED')) { $this->errors[] = Tools::displayError('You cannot create a guest account.'); } if (!Tools::getValue('is_new_customer', 1)) { $_POST['passwd'] = md5(time()._COOKIE_KEY_); } $email = Tools::getValue('email'); if (Tools::getValue('guest_email') !== false) { $email = Tools::getValue('guest_email'); } $email = $emailOri = strtolower(trim($email)); // Prepare Check email $domains = array( /* Default domains included */ "aol.com", "att.net", "comcast.net", "facebook.com", "gmail.com", "gmx.com", "googlemail.com", "google.com", "hotmail.com", "hotmail.co.uk", "mac.com", "me.com", "mail.com", "msn.com", "live.com", "sbcglobal.net", "verizon.net", "yahoo.com", "yahoo.co.uk", /* Other global domains */ "email.com", "fastmail.fm", "games.com" /* AOL */, "gmx.net", "hush.com", "hushmail.com", "icloud.com", "iname.com", "inbox.com", "lavabit.com", "love.com" /* AOL */, "outlook.com", "pobox.com", "protonmail.com", "rocketmail.com" /* Yahoo */, "safe-mail.net", "wow.com" /* AOL */, "ygm.com" /* AOL */, "ymail.com" /* Yahoo */, "zoho.com", "yandex.com", /* United States ISP domains */ "bellsouth.net", "charter.net", "cox.net", "earthlink.net", "juno.com", /* British ISP domains */ "btinternet.com", "virginmedia.com", "blueyonder.co.uk", "freeserve.co.uk", "live.co.uk", "ntlworld.com", "o2.co.uk", "orange.net", "sky.com", "talktalk.co.uk", "tiscali.co.uk", "virgin.net", "wanadoo.co.uk", "bt.com", /* Domains used in Asia */ "sina.com", "qq.com", "naver.com", "hanmail.net", "daum.net", "nate.com", "yahoo.co.jp", "yahoo.co.kr", "yahoo.co.id", "yahoo.co.in", "yahoo.com.sg", "yahoo.com.ph", /* French ISP domains */ "hotmail.fr", "live.fr", "laposte.net", "yahoo.fr", "wanadoo.fr", "orange.fr", "gmx.fr", "sfr.fr", "neuf.fr", "free.fr", /* German ISP domains */ "gmx.de", "hotmail.de", "live.de", "online.de", "t-online.de" /* T-Mobile */, "web.de", "yahoo.de", /* Italian ISP domains */ "libero.it", "virgilio.it", "hotmail.it", "aol.it", "tiscali.it", "alice.it", "live.it", "yahoo.it", "email.it", "tin.it", "poste.it", "teletu.it", /* Russian ISP domains */ "mail.ru", "rambler.ru", "yandex.ru", "ya.ru", "list.ru", /* Belgian ISP domains */ "hotmail.be", "live.be", "skynet.be", "voo.be", "tvcablenet.be", "telenet.be", /* Argentinian ISP domains */ "hotmail.com.ar", "live.com.ar", "yahoo.com.ar", "fibertel.com.ar", "speedy.com.ar", "arnet.com.ar", /* Domains used in Mexico */ "yahoo.com.mx", "live.com.mx", "hotmail.es", "hotmail.com.mx", "prodigy.net.mx", /* Domains used in Brazil */ "yahoo.com.br", "hotmail.com.br", "outlook.com.br", "uol.com.br", "bol.com.br", "terra.com.br", "ig.com.br", "itelefonica.com.br", "r7.com", "zipmail.com.br", "globo.com", "globomail.com", "oi.com.br" ); // Real association $replaceSLD = array( '@hotmil.' => '@hotmail.', '@htmail.' => '@hotmail.', '@hotmal.' => '@hotmail.', '@hotml.' => '@hotmail.', '@hotmai.' => '@hotmail.', '@gmal.' => '@gmail.', '@gail.' => '@gmail.', '@gml.' => '@gmail.', '@gmai.' => '@gmail.', '@gmil.' => '@gmail.', ); $replaceGlobal = array( '@gmailcom' => '@gmail.com', '@hotmailcom' => '@hotmail.com', '@hotmailfr' => '@hotmail.fr', '@yahoocom' => '@yahoo.com', '@yahoofr' => '@yahoo.fr', ); // Real use case replacement $email = strtr($email, $replaceGlobal); // Check TLD $atPos = strpos($email, '@'); $pointPos = strpos($email, '.', $atPos); $tld = substr($email, $pointPos + 1); $sld = substr($email, $atPos + 1, strlen($email) - ($atPos+1) - (strlen($tld)+1) ); if (empty($tld)) { $this->errors[] = Tools::displayError('Invalid email'); $_POST['email'] = ''; } if (empty($this->errors)) { // If you have a complete list of TLD, check it ! } // Check SLD if (empty($this->errors)) { // Real use case replacement $email = strtr($email, $replaceSLD); // Levenhstein remplacement if (count($domains) > 0 && $email == $emailOri) { foreach ($domains as $d) { $dpPos = strpos($d, '.'); $realDomain = substr($d, 0, $dpPos); $lev = levenshtein($sld, $realDomain); if ($lev == O) { break; } elseif ($lev == 1 && $tld == substr($d, $dpPos+1)) { $email = str_replace('@'.$sld.'.', '@'.$realDomain.'.', $email); break; } } } } /* Preparing customer */ $customer = new Customer(); $lastnameAddress = $_POST['lastname']; $firstnameAddress = $_POST['firstname']; $_POST['lastname'] = $_POST['customer_lastname']; $_POST['firstname'] = $_POST['customer_firstname']; if (!@checkdate(Tools::getValue('months'), Tools::getValue('days'), Tools::getValue('years')) AND !(Tools::getValue('months') == '' AND Tools::getValue('days') == '' AND Tools::getValue('years') == '')) { $this->errors[] = Tools::displayError('Invalid date of birth'); } $customer->birthday = (empty($_POST['years']) ? '' : (int)($_POST['years']).'-'.(int)($_POST['months']).'-'.(int)($_POST['days'])); $this->errors = array_unique(array_merge($this->errors, $customer->validateControler())); $_POST['lastname'] = $lastnameAddress; $_POST['firstname'] = $firstnameAddress; if (!sizeof($this->errors)) { if (Customer::customerExists($email)) { $this->errors[] = Tools::displayError('An account is already registered with this e-mail, please fill in the password or request a new one.'); } if (Tools::isSubmit('newsletter')) { $customer->ip_registration_newsletter = pSQL(Tools::getRemoteAddr()); $customer->newsletter_date_add = pSQL(date('Y-m-d H:i:s')); } $customer->email = $_POST['email'] = $email; $customer->birthday = (empty($_POST['years'])? '': (int)($_POST['years']).'-'.(int)($_POST['months']).'-'.(int)($_POST['days'])); if (!sizeof($this->errors)) { $customer->active = 1; /* New Guest customer */ if (Tools::isSubmit('is_new_customer')) { $customer->is_guest = !Tools::getValue('is_new_customer', 1); } else { $customer->is_guest = 0; } if (!$customer->add()) { $this->errors[] = Tools::displayError('An error occurred while creating your account.'); } else { if (!$customer->is_guest) { if(!Mail::Send((int)(self::$cookie->id_lang), 'account', Mail::l('Welcome!'), array( '{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{email}' => $customer->email, '{passwd}' => Tools::getValue('passwd') ), $customer->email, $customer->firstname.' '.$customer->lastname)) { $this->errors[] = Tools::displayError('Cannot send email'); } } global $site_version_front; Db::getInstance()->ExecuteS(' INSERT INTO `'._DB_PREFIX_.'customer_version` VALUES ( '.(int) $customer->id.', "'.pSQL(!isset($site_version_front) ? 'fr': $site_version_front).'", NOW() ) '); self::$smarty->assign('confirmation', 1); self::$cookie->id_customer = (int)($customer->id); self::$cookie->customer_lastname = $customer->lastname; self::$cookie->customer_firstname = $customer->firstname; self::$cookie->passwd = $customer->passwd; self::$cookie->logged = 1; self::$cookie->email = $customer->email; self::$cookie->is_guest = !Tools::getValue('is_new_customer', 1); /* Update cart address */ self::$cart->secure_key = $customer->secure_key; self::$cart->id_address_delivery = 0; self::$cart->id_address_invoice = 0; self::$cart->update(); Module::hookExec('createAccount', array( '_POST' => $_POST, 'newCustomer' => $customer )); if (Tools::isSubmit('ajax')) { $return = array( 'hasError' => !empty($this->errors), 'errors' => $this->errors, 'isSaved' => true, 'id_customer' => (int)self::$cookie->id_customer, 'id_address_delivery' => 0, 'id_address_invoice' => 0, 'token' => Tools::getToken(false) ); die(Tools::jsonEncode($return)); } if ($back = Tools::getValue('back')) { if($back == '/') { $back = '/index.php?validation=1'; Tools::redirect($back); } Tools::redirect($back.'?validation=1'); } Tools::redirect('my-account.php?validation=1'); } } } if (sizeof($this->errors)) { if(!Tools::getValue('is_new_customer')) { unset($_POST['passwd']); } if(Tools::isSubmit('ajax')) { $return = array( 'hasError' => !empty($this->errors), 'errors' => $this->errors, 'isSaved' => false, 'id_customer' => 0 ); die(Tools::jsonEncode($return)); } } } if (Tools::isSubmit('SubmitLogin')) { Module::hookExec('beforeAuthentication'); $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) { $this->errors[] = Tools::displayError('E-mail address required'); } elseif (!Validate::isEmail($email)) { $this->errors[] = Tools::displayError('Invalid e-mail address'); } elseif (empty($passwd)) { $this->errors[] = Tools::displayError('Password is required'); } elseif (Tools::strlen($passwd) > 32) { $this->errors[] = Tools::displayError('Password is too long'); } elseif (!Validate::isPasswd($passwd)) { $this->errors[] = Tools::displayError('Invalid password'); } else { $customer = new Customer(); $authentication = $customer->getByEmail(trim($email), trim($passwd)); if (!$authentication || !$customer->id) { /* Handle brute force attacks */ sleep(1); $this->errors[] = Tools::displayError('Authentication failed'); } else { self::$cookie->id_customer = (int)($customer->id); self::$cookie->customer_lastname = $customer->lastname; self::$cookie->customer_firstname = $customer->firstname; self::$cookie->logged = 1; self::$cookie->is_guest = $customer->isGuest(); self::$cookie->passwd = $customer->passwd; self::$cookie->email = $customer->email; if(Configuration::get('PS_CART_FOLLOWING') && (empty(self::$cookie->id_cart) || Cart::getNbProducts(self::$cookie->id_cart) == 0)) { self::$cookie->id_cart = (int)(Cart::lastNoneOrderedCart((int)($customer->id))); } /* Update cart address */ self::$cart->id_carrier = 0; self::$cart->id_address_delivery = 0; self::$cart->id_address_invoice = 0; // If a logged guest logs in as a customer, the cart secure key was already set and needs to be updated self::$cart->secure_key = $customer->secure_key; self::$cart->update(); // update customer version global $site_version_front; Db::getInstance()->ExecuteS(' INSERT INTO `'._DB_PREFIX_.'customer_version` VALUES ( '.(int) $customer->id.', "'.pSQL($site_version_front).'", NOW() ) ON DUPLICATE KEY UPDATE `version` = "'.pSQL($site_version_front).'" '); Module::hookExec('authentication'); if(!Tools::isSubmit('ajax')) { if ($back = Tools::getValue('back')) Tools::redirect($back); Tools::redirect('my-account.php'); } } } if (Tools::isSubmit('ajax')) { $return = array( 'hasError' => !empty($this->errors), 'errors' => $this->errors, 'token' => Tools::getToken(false) ); die(Tools::jsonEncode($return)); } } if (isset($create_account)) { /* Call a hook to display more information on form */ self::$smarty->assign(array( 'HOOK_CREATE_ACCOUNT_FORM' => Module::hookExec('createAccountForm'), 'HOOK_CREATE_ACCOUNT_TOP' => Module::hookExec('createAccountTop') )); } /* Generate years, months and days */ if (isset($_POST['years']) && is_numeric($_POST['years'])) { $selectedYears = (int)($_POST['years']); } $years = Tools::dateYears(); if (isset($_POST['months']) && is_numeric($_POST['months'])) { $selectedMonths = (int)($_POST['months']); } $months = Tools::dateMonths(); if (isset($_POST['days']) && is_numeric($_POST['days'])) { $selectedDays = (int)($_POST['days']); } $days = Tools::dateDays(); self::$smarty->assign(array( 'years' => $years, 'sl_year' => (isset($selectedYears)? $selectedYears: 0), 'months' => $months, 'sl_month' => (isset($selectedMonths)? $selectedMonths: 0), 'days' => $days, 'sl_day' => (isset($selectedDays)? $selectedDays: 0) )); self::$smarty->assign('newsletter', (int)Module::getInstanceByName('blocknewsletter')->active); } public function displayContent() { Tools::safePostVars(); self::$smarty->assign('errors', $this->errors); self::$smarty->assign('HOOK_CREATE_ACCOUNT_FORM_BOTTOM', Module::hookExec('createAccountFormBottom', array())); self::$smarty->display(_PS_THEME_DIR_.'authentication.tpl'); } public function setMedia() { parent::setMedia(); global $css_files; $css_files = array_slice($css_files, 0, 1); } }