votianng/html/admin/register.php

<?

include_once("../include/global.inc.php");


session_start();

// Check HTTP-Parameters
// list ($f_submit, $statusMessage, 
//       $f_cmp_comp ,$f_cmp_comp2, $f_usr_id, $f_usr_name, $f_usr_firstname,  
//       $f_usr_phone, $f_usr_phone2, $f_usr_fax, $f_usr_email, 
//       $f_cmp_iln, $f_cmp_tax_idno, $f_cmp_bank, $f_cmp_bankno, $f_cmp_bankacc, 
//       $f_cs_discount, $f_usr_account, $f_usr_password, $f_usr_password2,       
//       $f_ad_street, $f_cmp_hsno, $f_ad_zipcode, $f_ad_city) =
// getHttpVars(array("f_submit", "statusMessage", 
//                   "f_cmp_comp", "f_cmp_comp2", "f_usr_id", "f_usr_name", "f_usr_firstname",  
//                   "f_usr_phone", "f_usr_phone2", "f_usr_fax", "f_usr_email", 
//                   "f_cmp_iln", "f_cmp_tax_idno", "f_cmp_bank", "f_cmp_bankno", "f_cmp_bankacc", 
//                   "f_cs_discount", "f_usr_account", "f_usr_password", "f_usr_password2",
//                   "f_ad_street", "f_cmp_hsno", "f_ad_zipcode", "f_ad_city"));

getSecHttpVars("1",array("f_submit", "statusMessage", 
                         "f_cmp_comp", "f_cmp_comp2", "f_usr_id", "f_usr_name", "f_usr_firstname",  
                         "f_usr_phone", "f_usr_phone2", "f_usr_fax", "f_usr_email", 
                         "f_cmp_iln", "f_cmp_tax_idno", "f_cmp_bank", "f_cmp_bankno", "f_cmp_bankacc", 
                         "f_cs_discount", "f_usr_account", "f_usr_password", "f_usr_password2",
                         "f_ad_street", "f_cmp_hsno", "f_ad_zipcode", "f_ad_city"));

if (isset($HTTP_SESSION_VARS['usr_id']) && isset($HTTP_SESSION_VARS['hq_id'])):
  // wenn bereits eingeloggt, ist ein Aufruf der Registrierungsseite
  // sinnlos, deshalb Redirect auf Start-Seite
  header("Location: ../admin/start.php");
else:
  if ($f_submit == 'Senden'):
    // Submit-Button wurde gedrückt
    // -> Eingaben prüfen
    checkRegister();
  elseif ($f_submit == 'Abbrechen'):
    header("Location: ../index.php");
  endif;  

  if ($statusMessage != "" || $f_submit != 'Senden'):
    // Wenn Register ok, dann statusMessage leer
    $tpl = new IntegratedTemplate();
    $tpl->loadTemplatefile("register.tpl.htm", true, true);
    $tpl->setCurrentBlock("register");
    $tpl->setVariable("statusMessage", $statusMessage);
    $tpl->setVariable("f_cmp_comp", $f_cmp_comp);
    $tpl->setVariable("f_cmp_comp2", $f_cmp_comp2);
    $tpl->setVariable("f_ad_street", $f_ad_street);
    $tpl->setVariable("f_cmp_hsno", $f_cmp_hsno);
    $tpl->setVariable("f_ad_zipcode", $f_ad_zipcode);
    $tpl->setVariable("f_ad_city", $f_ad_city);
    $tpl->setVariable("f_usr_name", $f_usr_name);
    $tpl->setVariable("f_usr_phone", $f_usr_phone);
    $tpl->setVariable("f_usr_fax", $f_usr_fax);
    $tpl->setVariable("f_usr_email", $f_usr_email);
    $tpl->parseCurrentBlock("register"); 
    $tpl->show();
  else:
    header("Location: ../index.php");
  endif;  
endif;

// Login-Formular
function checkRegister()
{
  global $db, $f_submit, $statusMessage, 
      $f_cmp_comp ,$f_cmp_comp2, $f_usr_id, $f_usr_name, $f_usr_firstname,  
      $f_usr_phone, $f_usr_phone2, $f_usr_fax, $f_usr_email, 
      $f_cmp_iln, $f_cmp_tax_idno, $f_cmp_bank, $f_cmp_bankno, $f_cmp_bankacc, 
      $f_cs_discount, $f_usr_account, $f_usr_password, $f_usr_password2,       
      $f_ad_street, $f_cmp_hsno, $f_ad_zipcode, $f_ad_city;

  // $statusMessage = "";
  
  if ($f_cmp_comp != "" && $f_usr_name != "" && $f_usr_firstname != "" && 
      $f_usr_phone != "" && $f_usr_email != "" && $f_usr_account != "" &&
      $f_ad_street != "" && $f_ad_zipcode != "" && $f_ad_city != "" && $f_cmp_hsno != "") :
    $statusMessage = "Bitte alle mit einem * gekennzeichneten Felder ausfüllen!";
  elseif ($db->getOne("SELECT cmp_comp FROM company WHERE cmp_comp = '$f_cmp_comp'") == $f_cmp_comp):
    $statusMessage = "Der Firmenname ist bereits vorhanden!";
  elseif ($db->getOne("SELECT usr_account FROM user WHERE usr_account = '$f_usr_account'") == $f_usr_account):
    $statusMessage = "Der Benutzername ist bereits vorhanden!";
  elseif (checkPasswordValidation($f_usr_password, $f_usr_password2)):
    
    // if hq enables new customer, the new structure will be added to the system (not here!)
    // insertStmt("costcenter", array("csc_name", $f_cmp_comp));
    // $csc_id = getLastInsertId();
        
    // $sqlStmtPwd = "INSERT INTO employee (csc_id,emp_rights)" .
    //                            " VALUES ('$csc_id','111111111111111')";
    // $res = $db->query($sqlStmtPwd);
    // if (DB::isError($res)) : die ("$PHP_SELF: " . $res->getMessage()); endif;     
    // $emp_id = getLastInsertId();

    // Insert company (authentication-flag = 0)
    
    TA("B");
    
    insertStmt("company", array("cmp_comp", $f_cmp_comp, "cmp_comp2", $f_cmp_comp2, 
               "cmp_hsno", $f_cmp_hsno, "cmp_iln", $f_cmp_iln, "cmp_tax_idno", $f_cmp_tax_idno, 
               "cmp_bank", $f_cmp_bank, "cmp_bankno", $f_cmp_bankno, 
               "cmp_bankacc", $f_cmp_bankacc, "cmp_authenticated", "0"));
    $cmp_id_new = getLastInsertId();

    insertStmt("customer", array("cmp_id", $cmp_id_new, "hq_id", $hq_id,"csc_id", $csc_id_new, 
                                 "cs_admin", "0"));


    updateStmt("costcenter", "csc_id", $csc_id, array("cs_id", $cs_id));
//    insertStmt("address", array("csc_id", "cs_comp", "cs_comp2", "cs_admin"));
    list($ad_id, $dummy_hsno, $dummy_comp, $dummy_remark, $dummy_person) =
      insertAddress($f_cs_street, $f_cs_zipcode, $f_cs_city, "");
    insertStmt("costcenteraddress", array("csc_id", $csc_id, "cscad_comp", $f_cs_comp, "cscad_comp2", $f_cs_comp2, "ad_id", $ad_id, "adt_id", 1, "cscad_hsno", $f_cs_hsno));
    insertStmt("costcenteraddress", array("csc_id", $csc_id, "cscad_comp", $f_cs_comp, "cscad_comp2", $f_cs_comp2, "ad_id", $ad_id, "adt_id", 2, "cscad_hsno", $f_cs_hsno));
    insertStmt("costcenteraddress", array("csc_id", $csc_id, "cscad_comp", $f_cs_comp, "cscad_comp2", $f_cs_comp2, "ad_id", $ad_id, "adt_id", 3, "cscad_hsno", $f_cs_hsno));
    insertStmt("costcenteraddress", array("csc_id", $csc_id, "cscad_comp", $f_cs_comp, "cscad_comp2", $f_cs_comp2, "ad_id", $ad_id, "adt_id", 4, "cscad_hsno", $f_cs_hsno));
    
    TA("C");
    TA("E");
    
  endif;  
  return;
}

?>