if(isset($Submit1)) {
setcookie("_email",$email,time()+60*60*24*30*12,"/",".phoenix-pay.com",1);
}
session_start();
include("includes/siteaccess.inc.php");
include("includes/databaseconnect.php");
include("includes/validationlib.inc.php");
include("includes/recalc.inc.php");
include("includes/isMurray.php");
include("includes/data.inc.php");
include("admin2712/includes/data.inc.php");
#include("layouts/head.inc.php");
session_register("customerid");
session_register("tries");
//session_register("turingnumber");
session_register($turingnumber);
$customerid=null;
$flgError=0;
if(!isset($Password)) { $Password=""; }
if(!isset($email)) { $email=""; }
if(!isset($tries)) { $tries=5; } else { $tries=$tries-1; }
#if(!isset($tries)) { $tries=5; } else { $tries=10; }
$tmstamp=date("YmdHis");
if(isset($Submit1)) {
if(($_POST['turing']!=$turingnumber) || strlen($_POST['turing'])<3) {
$flgError=4;
} else {
$email2=quote_smart( $_POST['email'] );
$password2=quote_smart( $_POST['Password'] );
## check activated status
$sql1="select `activationcode`, `activated`, `moneywaiting` from `customers` where `email`=".$email2." or `businessemail`=".$email2.";";
$rs1=mysql_query($sql1);
$num1=mysql_num_rows($rs1);
if($num1!=0) {
$activated=mysql_result($rs1,0,"activated");
$activationcode=mysql_result($rs1,0,"activationcode");
$moneywaiting=mysql_result($rs1,0,"moneywaiting");
if($activated==0 && $activationcode=="" && $moneywaiting==1) {
$flgError=55;
} elseif($activated==0) {
$flgError=3;
} else {
### customer is activated ## continue with login check
if(strlen($_POST['email'])>6 && strlen($_POST['Password'])>2) {
##### $sql2="select `customerid` from `customers` where (email=".$email2." or `businessemail`=".$email2.") and `password`=".$password2." ;";
$sql2="select `customerid` from `customers` where (email=".$email2.") and `password`=".$password2." ;";
$rs2=mysql_query($sql2);
$num2=mysql_num_rows($rs2);
if($num2==0) {
# incorrect password for this email address
$flgError=1;
} else {
if(is_blocked($email)) {
$flgError=99;
} else {
$thislogindate=date("Y-m-d H:i:s");
$thisloginip_=getenv("REMOTE_ADDR");
$thisloginhost=gethostbyaddr($thisloginip_);
$thisloginip=ip2long($thisloginip_);
$customerid=mysql_result($rs2,0,"customerid");
if($thisloginip_!="210.49.9.138") {
if(identify_suspicious_login($thisloginip, $customerid, $email)) {
$flag=1;
set_customer_flag($customerid, 1);
} else {
$flag=0;
}
$sql4="INSERT INTO `customer_logins` ( `customerid` , `logindatetime` , `loginip` , `loginhost`, `flag` ) VALUES ( '$customerid', '$thislogindate', '$thisloginip', '$thisloginhost', '$flag' ); ";
$re=mysql_query($sql4);
}
$sql3="UPDATE `customers` set `lastlogindate`=`thislogindate`, `lastloginip`=`thisloginip`, `lastloginhost`=`thisloginhost`, `thislogindate`='$thislogindate', `thisloginip`='$thisloginip', `thisloginhost`='$thisloginhost' where customerid='$customerid'";
$re=mysql_query($sql3);
recalc($customerid);
header("location: http://www.phoenix-pay.com/myaccount.php?$tmstamp");
exit();
}
}
}
}
} else {
$flgError=2; #not signed up yet
}
}
}
startpage();
if($flgError==3) {
#not activated yet
?>