#!/usr/local/bin/perl
##########################################################################
##                                                                      ##
##                       Smart Search version 4.23                      ##
##                         ----------------------                       ##
##                           By Smarter Scripts                         ##
##                    (http://www.smarterscripts.com)                   ##
##                                                                      ##
##  "Smart Search" is not a free script. If you got this from someplace ##
##  other than SmarterScripts.com, please contact us, we do offer       ##
##  rewards for that type of information. Visit our site for up to date ##
##  versions. Most CGIs are over $200, sometimes more than $500,        ##
##  this script is much less. We can keep this script cheap,            ##
##  as well as free scripts on our site, if people don't steal it.      ##
##  Also, no return links are required, but we appreciate it if you     ##
##  do find a spot for us.                                              ##
##  Thanks!                                                             ##
##                                                                      ##
##  Special Notice to Resellers                                         ##
##  ===========================                                         ##
##  You can use this script on any site of yours, but if you sell one   ##
##  of these sites, you are required to FIRST purchase a reseller       ##
##  license for the domain. If you don't, it's considered copyright     ##
##  infringement and we will prosecute any offenders.                   ##
##  WE MONITOR EBAY.COM AUCTIONS, SO BEWARE.                            ##
##  Reseller prices are very low, for more information, go to:          ##
##  http://www.smarterscripts.com/resellers.shtml                       ##
##                                                                      ##
##  (c) copyright 2002 SmarterScripts.com and R3N3 Internet Services    ##
##########################################################################
if ($ENV{'SERVER_SOFTWARE'} =~ /microsoft/i)
{
	$path = $ENV{'PATH_TRANSLATED'};
	$path =~ /^(.*)\\[^\\]*$/;
	$path = $1;
	chdir $path;
}

require 'include/functions.cgi';

&loadsettings;
&loadstrings('general');

if ($settings{'debug'}) { open(DEBUG, ">$data_dir/debug.dat") }

use CGI;
use CGI::Carp qw/fatalsToBrowser/;
$cgi = new CGI;

$action = $cgi->param('action');
$sub = $cgi->param('sub');

if ($action eq 'forgot') { &forgot }
elsif ($action eq 'logout')
{
	$template = 'accounts_login.tpl';
    $info{'HIDDENFORM'} = '<input type="hidden" name="login" value="1">';
    push @cookies, $cgi->cookie(-name=>'ssaccuser', -value=>'');
    push @cookies, $cgi->cookie(-name=>'ssaccpass', -value=>'');
}
elsif (&checkpass)
{
    $info{'MESSAGE'} = '&nbsp;';

    if ($action eq 'edit') { require 'include/accounts_edit.cgi' }
    elsif ($action eq 'manage') { require 'include/accounts_manage.cgi' }
    elsif ($action eq 'search') { require 'include/accounts_search.cgi' }
    elsif ($action eq 'payment') { require 'include/accounts_payment.cgi' }
    elsif ($action eq 'stats') { require 'include/accounts_stats.cgi' }
    elsif ($action eq 'aff') { &affiliates }
    else { &main }


    &assignuserinfo;
}

&readtemplate('accounts_header.tpl');
$info{'HEADER'} = $tpl;
&readtemplate('accounts_footer.tpl');
$info{'FOOTER'} = $tpl;

&readtemplate($template);
$info{'CURRENCY'} = $settings{'currency'};
$info{'SITETITLE'} = $settings{'sitetitle'};
$tpl =~ s/<<([^>]+)>>/$info{$1}/g;
print $cgi->header(-cookie=>[@cookies]);
print $tpl;

exit;

sub checkpass
{
    if ($cgi->param('login'))
    {
        $username = $cgi->param('username');
        $password = $cgi->param('password');
    }
    elsif ($cgi->cookie('ssaccuser') ne '')
    {
        $username = &Decrypt($cgi->cookie('ssaccuser'),$encryptkey,'asdfhzxcvnmpoiyk');
        $password = &Decrypt($cgi->cookie('ssaccpass'),$encryptkey,'asdfhzxcvnmpoiyk');
    }

    $template = 'accounts_login.tpl';
    $info{'USERNAME'} = $username;
    $info{'PASSWORD'} = $password;
    $info{'HIDDENFORM'} = '<input type="hidden" name="login" value="1">';

    if ($username eq '' && $password eq '') { return 0 }
    elsif ($username eq '' || $password eq '')
    {
        $info{'MESSAGE'} = $string{'invalid_login'};
        return 0;
    }
    else
    {
        &readuser($username);
        if ($user{'password'} ne $password)
        {
            if (!$cgi->param('login'))
            {
                $info{'USERNAME'} = '';
                $info{'PASSWORD'} = '';
            }
            else
            {
                $info{'MESSAGE'} = $string{'invalid_login'};
            }
            return 0;
        }
    }

    push @cookies, $cgi->cookie(-name=>'ssaccuser', -value=>&Encrypt($username,$encryptkey,'asdfhzxcvnmpoiyk'));
    push @cookies, $cgi->cookie(-name=>'ssaccpass', -value=>&Encrypt($password,$encryptkey,'asdfhzxcvnmpoiyk'));

    return 1;
}

sub forgot
{
    $template = 'accounts_forgot_pass.tpl';

    $username = $cgi->param('username');
    if ($username ne '')
    {
        if (not(-e "$accounts_dir/$username")) { $info{'MESSAGE'} = $string{'user_not_found'}; return }
        else
        {
            &readuser($username);
            $info{'EMAIL'} = $user{'email'};
            $info{'USERNAME'} = $username;
            $info{'PASSWORD'} = $user{'password'};
            &sendmail('email_forgot_pass.tpl');
            undef %info;
            $info{'MESSAGE'} = $string{'password_email'};
        }
    }
}

sub affiliates
{
    $template = 'accounts_affiliates.tpl';
}

sub main
{
    $days = 0;
    $template = 'accounts_main.tpl';
    $info{'BALANCE'} = &readbalance($username);
    my ($avgcost) = &getavgcost($username);
    $info{'AVGCOST'} = $avgcost;
    $days = int ($info{'BALANCE'}/$avgcost) if ($avgcost > 0);
    $info{'DAYSLEFT'} = $days;
}