set('login', safehtml(strtolower($_POST['login'])));
$session->set('password', md5(strtolower($_POST['password'])));
$userlogin = FALSE;
}
// Template header
include ( PATH . '/templates/' . $cookie_template . '/header.php' );
// If logged we can start the page output
if (auth_check($session->fetch('login'), $session->fetch('password')))
{
// Fetching the user ID from the user's table
$sql = 'SELECT approved, id FROM ' . USERS_TABLE . ' WHERE login = "' . $session->fetch('login') . '" LIMIT 1';
$r = $db->query( $sql );
$f = $db->fetcharray( $r );
// If this listing is approved by admin or automatically
// we continue or print an error message
if (isset($f['approved']) && $f['approved'] == 1)
{
// If the user logo/photo was uploaded we start this routine
if (isset($_POST['submit_logo'])
&& $_POST['submit_logo'] == $lang['Realtor_Submit_Logo'])
{
// We think that the image is uploaded or will
// return FALSE if the upload_image function
// will fail
$uploaded = TRUE;
// Upload and resize the image
upload_image ( 'photos', $f['id'], $_FILES['logo_file']['tmp_name'], $conf['photo_resampled_width'] ) or $uploaded = FALSE;
}
// If user removed the logo/photo we run the following
if (isset($_POST['submit_logo_remove'])
&& $_POST['submit_logo_remove'] == $lang['Realtor_Submit_Logo_Remove'])
remove_image ( 'photos' , $f['id']);
// If the Submit button was pressed we start this routine
if (isset($_POST['submit_realtor'])
&& $_POST['submit_realtor'] == $lang['Realtor_Submit'])
{
$form = array();
// safehtml() all the POST variables
// to insert into the database or
// print the form again if errors
// found
$form = array_map('safehtml', $_POST);
// Make password lower case
$passwordin = $_POST['realtor_password'];
// If password was not changed we do not update the
// password field
if ($_SESSION['password'] != $passwordin)
$passwordin = md5(strtolower($passwordin));
else
$passwordin = $session->fetch('password');
// Cut the description if JS is disabled
$form['Realtor_Description'] = substr ($form['realtor_description'], 0, $conf['realtor_description_size']);
echo table_header ( $lang['Information'] );
// Initially we think that no errors were found
$count_error = 0;
// Check for the empty or incorrect required fields
if (empty($form['realtor_first_name']) || strlen($form['realtor_first_name']) < 2 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_First_Name'] . '
'; $count_error++;}
if (empty($form['realtor_last_name']) || strlen($form['realtor_last_name']) < 2 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_Last_Name'] . '
'; $count_error++;}
if (empty($form['realtor_city']) || strlen($form['realtor_city']) < 2 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['City'] . '
'; $count_error++;}
if (empty($form['realtor_address']) || strlen($form['realtor_address']) < 4 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_Address'] . '
'; $count_error++;}
if (empty($form['realtor_zip_code']) || strlen($form['realtor_zip_code']) < 4 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Zip_Code'] . '
'; $count_error++;}
if (empty($form['realtor_phone']) || strlen($form['realtor_phone']) < 4 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_Phone'] . '
'; $count_error++;}
if (empty($form['realtor_e_mail']) || strlen($form['realtor_e_mail']) < 4 || !valid_email($form['realtor_e_mail']))
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_e_mail'] . '
'; $count_error++;}
if (empty($form['realtor_password']) || strlen($form['realtor_password']) < 4 )
{ echo $lang['Field_Empty'] . ' - ' . $lang['Realtor_Password'] . '
'; $count_error++;}
if (!eregi('^[a-z0-9]+$', $form['realtor_password']))
{ echo $lang['Password_Incorrect'] . '
'; $count_error++;}
// Check if both passwords are equal
if ($form['realtor_password'] != $form['realtor_password_2'])
{ echo $lang['Passwords_Missmatch'] . '
'; $count_error++;}
// If errors found we print out the number of errors
if ($count_error > '0')
echo '
' . $lang['Errors_Found'] . ': ' . $count_error . '
';
// If no errors were found during the above checks we continue
if ($count_error == '0')
{
// Update user details in the database
// Get the user IP address
$user_ip = $_SERVER['REMOTE_ADDR'];
// If there is more than one IP
// get the first one from the
// comma separated list
if ( strstr($user_ip, ', ') )
{
$ips = explode(', ', $user_ip);
$user_ip = $ips[0];
}
// Create a mysql query
$sql = 'UPDATE '. USERS_TABLE .
' SET first_name = "' . $form['realtor_first_name'] . '",
last_name = "' . $form['realtor_last_name']. '",
company_name = "' . $form['realtor_company_name'] . '",
description = "' . $form['realtor_description'] . '",
location = "' . $form['realtor_location'] . '",
city = "' . $form['realtor_city'] . '",
zip = "' . $form['realtor_zip_code'] . '",
address = "' . $form['realtor_address'] . '",
phone = "' . $form['realtor_phone'] . '",
fax = "' . $form['realtor_fax'] . '",
mobile = "' . $form['realtor_mobile'] . '",
email = "' . $form['realtor_e_mail'] . '",
website = "' . $form['realtor_website'] . '",
date_updated = "' . date('Y-m-d') . '",
ip_updated = "' . $user_ip . '",
password = "' . $passwordin . '" WHERE login = "' . $session->fetch('login') . '"';
$db->query($sql) or error ('Critical Error', mysql_error ());
// Change current session password if user have changed his
// password in the form
$session->varunset('password');
$session->set('password', $passwordin);
// Output the 'Thank you' message
// ..
// If user needs approval we print a
// different message
if ($conf['approve_realtors'] == 'ON')
echo $lang['Realtor_Listing_Updated_Approve'];
else
echo $lang['Realtor_Listing_Updated'];
}
echo table_footer ( );
}
// Navigation Menu
echo table_header ( $lang['Menu_User_Login'] );
echo ' ';
// Add Listing Link
echo '
' . $lang['Add_Listings'] . ' | ';
// Fetching the listings number from the table
$sql = 'SELECT id FROM ' . PROPERTIES_TABLE . ' WHERE userid = "' . $f['id'] . '"';
$r_listings = $db->query( $sql );
$res_listings = $db->numrows( $r_listings );
// View Listing Link with the number of listings displayed
if ($res_listings > 0)
echo '
' . $lang['Edit_Listings'] . ' (' . $res_listings . ') | ';
echo '
';
echo table_footer();
echo table_header ( $lang['Upgrade_Listing'] );
// Fetch all packages to show the paypal forms
$sql = 'SELECT * FROM ' . PACKAGES_AGENT_TABLE;
$r_packages = $db->query($sql) or error ('Critical Error', mysql_error () );
while ($f_packages = $db->fetcharray($r_packages))
{
// Do not show package we already have
// if ($f_featured['package'] != $f_packages['id'])
if ($conf['gateway'] == '2')
echo '
';
if ($conf['gateway'] == '1')
echo '
';
}
echo '
';
echo table_footer ();
// Upload logo/photo form
echo table_header ( $lang['Realtor_Logo'] );
// Output the form
// Show user logo/picture if exist
echo '' . show_image ('photos', $f['id']) . '
';
echo '
';
// If image was uploaded
if (isset($uploaded) && $uploaded)
echo '' . $lang['Realtor_Image_Uploaded'] . '
';
// If image was not uploaded because of the image
// size problems etc.
if (isset($uploaded) && !$uploaded)
echo '' . $lang['Realtor_Image_NOT_Uploaded'] . '
';
echo table_footer ();
// Main form
echo table_header ( $lang['Menu_Submit_Listing'] );
// Fetch the results from the sql database and populate them into
// the form array
$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE login = "' . $session->fetch('login') . '" LIMIT 1';
$r = $db->query ($sql) or error ('Critical Error', mysql_error () );
$f = $db->fetcharray($r);
// Define the form variables if the form was not updated
if (!isset($form))
{
$form = array();
$form['realtor_first_name'] = $f['first_name'];
$form['realtor_last_name'] = $f['last_name'];
$form['realtor_company_name'] = $f['company_name'];
$form['realtor_description'] = $f['description'];
$form['realtor_location'] = $f['location'];
$form['realtor_city'] = $f['city'];
$form['realtor_address'] = $f['address'];
$form['realtor_zip_code'] = $f['zip'];
$form['realtor_phone'] = $f['phone'];
$form['realtor_fax'] = $f['fax'];
$form['realtor_mobile'] = $f['mobile'];
$form['realtor_e_mail'] = $f['email'];
$form['realtor_website'] = $f['website'];
$form['realtor_password'] = $f['password'];
}
else
// Set new password if the form was changed
$form['realtor_password'] = $passwordin;
// Output the form
echo '
';
echo table_footer ();
// Statistics
echo table_header ( $lang['Information'] );
// Submission date
echo '' . $lang['Listing_Added_Date'] . ': ' . printdate($f['date_added']) . ' (' . $f['ip_added'] . ', ' . gethostbyaddr($f['ip_added']) . ')
';
// Update date
if (!empty($f['date_updated']))
echo '' . $lang['Listing_Updated_Date'] . ': ' . printdate($f['date_updated']) . ' (' . $f['ip_updated'] . ', ' . gethostbyaddr($f['ip_updated']) . ')
';
// Number of visitors
echo '' . $lang['Hits'] . ': ' . $f['hits'] . '
';
echo table_footer ();
}
else
echo $lang['Not_Approved'];
}
else
{
// IF NOT LOGGED we print out the login form
// If this form was already submitted and
// login / password are not correct
// we destroy the session
if (isset($_SESSION['login'])
&& !auth_check($session->fetch('login'), $session->fetch('password'))
&& isset($_POST['login']))
$session->destroy();
echo table_header ( $lang['Menu_User_Login'] );
// Output the form
echo '
';
echo table_footer ();
// If
if (isset($userlogin) && !$userlogin = FALSE)
// Print login error if login/password is incorrect
echo '' . $lang['Auth_Error'] . '
';
// Password reminder link
echo '[ ' . $lang['Password_Reminder'] . ' ]
';
}
// Template footer
include ( PATH . '/templates/' . $cookie_template . '/footer.php' );
?>