# file: userp_reg.html # Copyright (c) 1996-2002 Cuesta Technologies, LLC # All rights reserved. # This document contains confidential and/or proprietary information # beloging to Cuesta Technologies, LLC. # Package: snp # # Purpose: For user login # # Requires: mysql.tcl # set pageID PG_14 cw source mysql.tcl if {[userIsRegistered]} { cw redirect userp_reg_conf$webPgExtn$nocache+reg@Yes force } cw_val_trimSpace redo_form_values set url "usern_reg$webPgExtn$nocache" if {[info exists cw_vals(forgotpw)]} { marked_complain LoginEmail isblank "Please enter your email address." marked_complain LoginEmail is_bad_email "Email address is not valid." if {![llength $complaints]} { MysqlConnectUserDB ## check the existance of user db if {![CheckMysqlTableExist $cdb(mysqlusertable)]} { MysqlCreateTable $cdb(mysqlusertable) $cw_users_tablepath User_Reg_Key User_Reg_Key lappend complaints "Sorry, your login is incorrect." } if {![llength $complaints]} { set flist {User_Reg_Key Order_req_email Order_req_fname Order_req_lname} set cw_val(LoginEmail) [string tolower $cw_val(LoginEmail)] set data [MysqlGrokRec $cdb(mysqlusertable) Order_req_email $cw_val(LoginEmail) $flist] if {$data == 0} { set mark(LoginEmail) 1 lappend complaints "Your e-mail address does not exist in our database." } else { ## get user info from db DataStringToArray $data tmpary $cw_users_tablepath $flist ## reset a new password set passwd [ResetPassword] set dataArray(Password) [crypt $passwd $tmpary(User_Reg_Key)] set dataArray(Last_Update) [time_manip [timenow] "YMD"] ## update user db. MysqlRecordUpdate $cdb(mysqlusertable) dataArray User_Reg_Key $tmpary(User_Reg_Key) $cw_users_tablepath cw stats RESETPASSWD $cw_val(LoginEmail) set subject "Your Login Info from $cdb(company_name)" set message "Dear $tmpary(Order_req_fname) $tmpary(Order_req_lname):\n\nYour password at $cdb(company_url) has been reset to:\n $passwd\n" set cfile $cw_parts/text/userp_reg_message.txt if {[file exists $cfile]} { set fileId [open $cfile r] append message [read $fileId] #cw log 2 "read from $cfile:$message" close $fileId } else { append message "Please visit the site and sign in using this password. Then be sure to change your password by clicking \"Update Account\" and filling out the form.\nThank you,\n$cdb(company_name)" } email $tmpary(Order_req_email) $subject {$message} $cdb(emailRegUserFrom) #cw log 2 "email message:$message" set passwdmsg "

Your password has been reset. An e-mail message with the new password has been sent to $tmpary(Order_req_email).

" catch {unset tmpary} catch {unset dataArray} catch {unset cw_val} catch {unset cw_vals} } } MysqlDisconnect } } # If submit was pressed, do form input validation. if {[info exists cw_vals(submit)]} { # Complain if form wasn't filled out marked_complain LoginEmail isblank "Please enter your email address." marked_complain LoginEmail is_bad_email "Email address is not valid." marked_complain Password isblank "Please enter your password." if {![llength $complaints]} { set error_msg "Sorry your login is incorrect." # Build the user_reg_key from the form set incoming_user_reg_key "$cw_val(LoginEmail)" set password [crypt $cw_val(Password) $cw_val(LoginEmail)] ## CONNECT to mysql database MysqlConnectUserDB if {![CheckMysqlTableExist $cdb(mysqlusertable)]} { MysqlCreateTable $cdb(mysqlusertable) $cw_users_tablepath User_Reg_Key User_Reg_Key lappend complaints $error_msg ## disconnect when there is error MysqlDisconnect } else { set result [sql "SELECT * FROM $cdb(mysqlusertable) WHERE User_Reg_Key='$cw_val(LoginEmail)' OR Order_req_email='$cw_val(LoginEmail)';"] if {![llength $result]} { lappend complaints "User does not exist in the database. Login failed." MysqlDisconnect } else { DataStringToArray $result uAry $cw_users_tablepath ## get saved password to check. set userKey $uAry(User_Reg_Key) set savedpw $uAry(Password) set password [crypt $cw_val(Password) $userKey] if {[string compare $password $savedpw]} { lappend complaints "Password is invalid. Login failed." catch {unset uAry} MysqlDisconnect } } } } ## end of if - complaints # No complaints. Log user in if {![llength $complaints] } { set sdb(User_Reg_Key) $userKey DataStringToArray $result sdb $cw_users_tablepath ##Gayathri June 27 2002, appending the latest date to sdb(Last_Logins) set sdb(Last_Logins) [lappend sdb(Last_Logins) [time_manip [timenow] "YMD"]] ## updated this will be faster than the MySql proc sql "UPDATE $mysqlUsertbl SET Last_Logins=\"$sdb(Last_Logins)\" WHERE User_Reg_Key=\"$sdb(User_Reg_Key)\";" MysqlDisconnect cw stats REGSUCCESS $sdb(User_Reg_Key) if {[info exists cw_args(from)]} { cw_redirect $cw_args(from)$webPgExtn$nocache force } else { cw_redirect userp_reg_conf$webPgExtn$nocache force } } } ## end of if - submit cw source $new_cw_templatePath/templateSetup.tcl cw source $new_cw_templatePath/templateTop.tcl ######################## # Add your own code here ######################## if {[info exists cw_args(from)] && [string match order $cw_args(from)] && [llength $sdb(DigitalItems)]} { puts "Because you are ordering digital items, signing in is required during checkout to access your purchase.

" } puts -nonewline "

"
Login ID: complain_mark LoginEmail "*" cw_text LoginEmail {} 25 (Your e-mail address)
Password: complain_mark Password "*" cw_password Password {} 25

include_file $pagename\_note$cdb(inc_extend) puts "

" basic_form_buttons {Sign In} {Clear Changes} puts "

" include_file $pagename\_bottom$cdb(inc_extend) cw source $new_cw_templatePath/templateBottom.tcl