';
################################ form variables ###################################
# form formatting variables
$openmk="\n
";
$closemk="
\n";
$breakmk=" ";
$tblomk1a="
\n\n
";
$tblomk1b="
\n";
$tblcmk="\n\n
\n\n";
# login form header information block
$form_greet="
Log Into Your Account
\n";
$form_top="\n
\n";
$form_intro_text_01="$openmk Please enter your login ID and password if you have shopped with us before. $closemk";
$form_detail_text_01="$openmk If this is your first time shopping with us, please with us so we can process this and future orders quickly and easily. $closemk";
$shopping_cart_error_text="
You do not have any items in your shopping cart. If you wish to order items, please return to the catalog.
";
$personal_info_update_text="
Please enter your login ID and password if you wish to update your personal information or check on the status of your order.
";
# login form actions
$item_submit="$openmk$closemk";
$form_submit="$openmk ";
$form_reset="$openmk$closemk";
$next_step="
$openmk$closemk
\n";
$submit_check_1="\n";
$submit_items_ok="
Your shopping cart has been updated.
\n";
# customer info form actions
$n_form_greet="
Your Account
\n";
$n_form_top="\n
\n";
$n_form_intro_text_01="$openmk Please review the following account information. Please use the to make changes. $closemk";
$n_form_error_text_1="
We're sorry, but the username or password you entered is invalid. Please try again.
\n";
$n_submit_check_1="";
$n_submit_items_ok="\n";
# order result information
$order_head1a="
Thank you for shopping with us today, ";
$order_head1b=".
\n";
$order_detail_text_01="Your shopping cart:";
$order_bottom_text_01="Your order will be charged to your credit card ending with ";
$order_bottom_text_01a="Please send your payment via certified check or money order. Do not send cash in the mail.";
$order_bottom_text_02="We will e-mail a confirmation of your order to: ";
$order_bottom_text_03a="Again, thank you for your order, ";
$order_bottom_text_03b=". Please visit us again soon. ";
################################ form functions ###################################
# function for retrieving customer information from the database
function get_cust_info() {
$db=mysql_connect('localhost:6033','jsillari','stinky');
$query="SELECT * FROM jsillari.customers WHERE jsillari.customers.cust_login_id = '$_SESSION[uname]' AND jsillari.customers.cust_psswd = '$_SESSION[upass]'";
$result=mysql_query($query);
$error=mysql_error();
if($error) {
return "So sorry: An $error error occurred while checking your account information.";
}
$id=0;
while($row=mysql_fetch_array($result)) {
$custinfo[$row[$id]][custinfo_dbuid]=$row['cust_id'];
$custinfo[$row[$id]][custinfo_firstname]=$row['first_name'];
$custinfo[$row[$id]][custinfo_lastname]=$row['last_name'];
$custinfo[$row[$id]][custinfo_email]=$row['email'];
$custinfo[$row[$id]][custinfo_billaddre1]=$row['bill_addr_1'];
$custinfo[$row[$id]][custinfo_billaddre2]=$row['bill_addre_2'];
$custinfo[$row[$id]][custinfo_billcity]=$row['bill_city'];
$custinfo[$row[$id]][custinfo_billstate]=$row['bill_state'];
$custinfo[$row[$id]][custinfo_billzip]=$row['bill_zip'];
$custinfo[$row[$id]][custinfo_shipaddre1]=$row['ship_addr_1'];
$custinfo[$row[$id]][custinfo_shipaddre2]=$row['ship_addr_2'];
$custinfo[$row[$id]][custinfo_shipcity]=$row['ship_city'];
$custinfo[$row[$id]][custinfo_shipstate]=$row['ship_state'];
$custinfo[$row[$id]][custinfo_shipzip]=$row['ship_zip'];
$custinfo[$row[$id]][custinfo_homephone]=$row['phone_h'];
$custinfo[$row[$id]][custinfo_workphone]=$row['phone_w'];
$custinfo[$row[$id]][custinfo_loginid]=$row['cust_login_id'];
$custinfo[$row[$id]][custinfo_loginpass]=$row['cust_psswd'];
$id++;
} //end while
return $custinfo;
} //end get_cust_info function
# function for retieving customer's order data from database
function get_cust_items() {
$db=mysql_connect('localhost:6033','jsillari','stinky');
$query="SELECT order_det_id,prod_id,prod_num,name,qty,price FROM jsillari.order_items, jsillari.orders, jsillari.product WHERE order_items.order_instance_id = '$_SESSION[order_inst_id]' AND orders.order_instance_id = '$_SESSION[order_inst_id]' AND product.prod_id = order_items.product ORDER BY prod_num ASC";
$result=mysql_query($query);
$id=0;
while($row=mysql_fetch_array($result)) {
$custitems[$row[$id]][custitemrow]=$row['order_det_id'];
$custitems[$row[$id]][custitemid]=$row['prod_id'];
$custitems[$row[$id]][custitemnum]=$row['prod_num'];
$custitems[$row[$id]][custitemname]=$row['name'];
$custitems[$row[$id]][custitemqty]=$row['qty'];
$custitems[$row[$id]][custitemprice]=$row['price'];
$id++;
}
return $custitems;
} //end get_cust_items function
# function for checking if user's shopping cart exists; not really needed if user is returning to check status of order or updating personal info
function shopping_cart_exists() {
if(get_cust_items()) {
return;
}
print "$personal_info_update_text";
} //end function shopping_cart_exists
# function for testing if the user's session is still active
function are_you_still_there() {
if(!($_SESSION[order_inst_id])) {
return "
We're sorry, your ordering session with Everhart Engineering has expired. Please resubmit your order items.
";
} //end if
return;
} //end function are_you_still_there
# function for displaying customer login prompts
function cust_login_form($error) {
print $GLOBALS['form_greet'];
if($error) {
print $error;
}
print $GLOBALS['form_top'];
print $GLOBALS['form_intro_text_01'];
print $GLOBALS['form_detail_text_01'];
if($error) {
print "
Username:
\n";
print "
Password:
\n";
} //end if
else {
print "
Username:
\n";
print "
Password:
\n";
} //end else
print $GLOBALS['submit_check_1'];
print $GLOBALS['next_step'];
print $GLOBALS['form_reset'];
print $GLOBALS['form_bottom'];
} //end function cust_login_form
# function for processing customer login id and password
function process_cust_login_form() {
$username=trim($_POST['cust_login_id']);
$cust_passwd=trim($_POST['cust_psswd']);
$sha_cust_pass=sha1($cust_passwd);
$db=mysql_connect('localhost:6033','jsillari','stinky');
mysql_select_db('jsillari');
$query="SELECT * FROM jsillari.customers WHERE jsillari.customers.cust_login_id = '$username' AND jsillari.customers.cust_psswd = '$sha_cust_pass'";
$result=mysql_query($query);
$error=mysql_error();
if($error) {
return "Sorry: An $error error occurred while checking your login ID and password.";
} //end if
$_SESSION[uname]="$username";
$_SESSION[upass]="$sha_cust_pass";
return;
} //end function process_cust_login_form
# function for displaying customer info
function show_cust_info($error) {
print $GLOBALS['n_form_greet'];
if($error) {
print $error;
}
print $GLOBALS['n_form_top'];
print $GLOBALS['n_form_intro_text_01'];
print $GLOBALS['tblomk1a'];
print $GLOBALS['n_form_detail_text_01'];
print $GLOBALS['tblomk1b'];
print "";
if($error) { // print sticky version for reporting user error
foreach ($GLOBALS['custinfo'] as $cinfo) {
echo "";
} //end foreach
} //end if
else {
foreach ($GLOBALS['custinfo'] as $cinfo) {
print "\n
Name
Billing Address
";
print "\n
First name:
".$cinfo['custinfo_firstname'];
print "
Billing address line 1:
".$cinfo['custinfo_billaddre1'];
print "
";
print "\n
Last name:
".$cinfo['custinfo_lastname'];
print "
Billing address line 2:
".$cinfo['custinfo_billaddre2'];
print "
";
print "\n
E-mail:
".$cinfo['custinfo_email'];
print "
Billing city:
".$cinfo['custinfo_billcity'];
print "
";
print "\n
Home phone:
".$cinfo['custinfo_homephone'];
print "
Billing state:
".$cinfo['custinfo_billstate'];
print "
";
print "\n
Work phone:
".$cinfo['custinfo_workphone'];
print "
Billing zip:
".$cinfo['custinfo_billzip'];
print "
";
print "\n
Login Info
Shipping Address (blank if same as billing address)
";
print "\n
Login name:
".$cinfo['custinfo_loginid'];
print "
Shipping address line 1:
".$cinfo['custinfo_shipaddre1'];
print "
";
print "\n
Shipping address line 2:
".$cinfo['custinfo_shipaddre2'];
print "
";
print "\n
Shipping city:
".$cinfo['custinfo_shipcity'];
print "
";
print "\n
Shipping state:
".$cinfo['custinfo_shipstate'];
print "
";
print "\n
Shipping zip:
".$cinfo['custinfo_shipzip'];
print "
";
} //end foreach
} //end else
print "\n";
print $GLOBALS['n_next_step'];
print $GLOBALS['n_form_bottom'];
} //end function show_cust_info
# function for validating user login input
function validate_login() {
foreach($_POST as $uid) { // do not allow blanks in username and password fields
if($uid == "") {
return "
** Please check that you have typed your user name and password correctly. **
";
} //end if
} //end foreach
return;
} //end function validate_form
################################ main functions ###################################
# main functions execute here to process user's login, display customer info, or
# redirect to new user registration form
if($_POST['login']) {
$error=validate_login();
if($error) {
print $xhtml_top;
cust_login_form($error);
print $xhtml_bot;
} //end if
else {
process_cust_login_form();
$custinfo=get_cust_info();
if(($custinfo == "") or (!($custinfo))) {
print $xhtml_top;
print "$n_form_greet";
print "$n_form_error_text_1";
print "$n_form_error_text_2";
} //end if
else {
print $xhtml_top_2;
show_cust_info($error);
} //end else
print $xhtml_bot;
} //end else
} //end if
else {
print $xhtml_top;
are_you_still_there();
shopping_cart_exists();
cust_login_form($error);
print $xhtml_bot;
} //end else
?>