Viên ngọc phương Đông

ruạṛ

<?php
/**
 * Add a customer to the database
 * @version 0.9
 * @author Robert Urquhart <programmer@activatedesign.co.nz>
 * @package WEP-CMS
 */
session_start();
require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php';
$connID = connect_to_db();

/**
 * get cleaned values
 */ 
//extract(get_form($whitelist,'POST',false));
$n = new user();
$_SESSION['passback']['full_name'] = $n->name = clean_plain_data($_POST['customer_name']);
$_SESSION['passback']['email'] = $n->email = clean_plain_data($_POST['email']);
$_SESSION['passback']['phone'] = $n->phone = clean_plain_data($_POST['phone']);
$_SESSION['passback']['address'] = $n->address = clean_plain_data($_POST['address']);
$_SESSION['passback']['notes'] = $n->notes = clean_plain_data($_POST['notes']);
$_SESSION['passback']['shipping'] = $n->shipping_location = clean_plain_data($_POST['shipping']);
$_SESSION['passback']['discount'] = $n->discount = is_decimal_data($_POST['discount']);
$_SESSION['passback']['wholesale'] = $n->wholesale = (isset($_POST['wholesale'])) ? '1' : '0';
$_SESSION['passback']['newsletter'] = $n->newsletter = (isset($_POST['newsletter'])) ? '1' : '0';
foreach($n->interest_list as $name => $label)
{
	if(isset($_POST[$name]))
	{
		$_SESSION['passback'][$name] = $n->interests[] = $name;
	}
}
$_SESSION['passback']['suspended'] = $n->suspended = (isset($_POST['suspended'])) ? '1' : '0';
$pwd = clean_plain_data($_POST['pwd']);

/**
 * validation
 * @var int $check_id record id associated with supplied email address (or false)
 */
$message = '';

if(!is_email($n->email))
{
	$message .= 'Please check the spelling of the email address.<br />';
}
elseif(select_one('users','user_id','email',$n->email))
{
	$message .= 'Sorry, that email address is already associated with an account. Please enter another.<br />';
}

if($pwd!='')
{
	if(strlen($pwd) < 5)
	{
		$message .= 'Please select a longer password (at least 5 characters)<br />';
	}
}
else
{
	$message .= 'Please enter a password.';
}

if($message != '')
{
	getout($message);
	exit;
}

/*
 * update record
 */
if(!$n->create($pwd))
{
	getout('There was an error adding the customer. Please try again.');
	exit;
}

unset($_SESSION['passback']);
/**
 * clean up and exit script
 */
getout('Customer added successfully','../customer-manage.php?customer='.$n->user_id);
exit;
?>