array('table' => 'Contact', 'field' => 'UserName', 'label' => 'Username', 'required' => true), 'password' => array('table' => 'Contact', 'field' => 'UserPass', 'label' => 'Password', 'required' => true), 'firstName' => array('table' => 'Contact', 'field' => 'FirstName', 'label' => 'First Name', 'required' => true), 'lastName' => array('table' => 'Contact', 'field' => 'LastName', 'label' => 'Last Name', 'required' => true), 'customerType' => array('table' => 'Contact', 'field' => 'contactType', 'label' => 'Customer Type', 'required' => true), 'company' => array('table' => 'Contact', 'field' => 'Organization', 'label' => 'Company'), 'resellerId' => array('table' => 'Contact', 'field' => 'Notes', 'label' => 'Reseller Id'), 'b_address1' => array('table' => 'Contact', 'field' => 'Address1', 'label' => 'Billing Address 1', 'required' => true), 'b_address2' => array('table' => 'Contact', 'field' => 'Address2', 'label' => ''), 'b_city' => array('table' => 'Contact', 'field' => 'City', 'label' => 'Billing City', 'required' => true), 'b_state' => array('table' => 'Contact', 'field' => 'State', 'label' => 'Billing State', 'required' => true), 'b_zip' => array('table' => 'Contact', 'field' => 'Zip', 'label' => 'Billing Zip', 'required' => true), 'b_country' => array('table' => 'Contact', 'field' => 'Country', 'label' => 'Billing Country', 'required' => true), 'b_phone' => array('table' => 'Contact', 'field' => 'WorkPhone', 'label' => 'Billing Phone', 'required' => true), 'b_fax' => array('table' => 'Contact', 'field' => 'Fax', 'label' => ''), 'b_email' => array('table' => 'Contact', 'field' => 'Email', 'label' => 'Billing Email', 'required' => true), 's_address1' => array('table' => 'Contact', 'field' => 'altAddress1', 'label' => '', 'billingField' => 'b_address1'), 's_address2' => array('table' => 'Contact', 'field' => 'altAddress2', 'label' => '', 'billingField' => 'b_address2'), 's_city' => array('table' => 'Contact', 'field' => 'altCity', 'label' => '', 'billingField' => 'b_city'), 's_state' => array('table' => 'Contact', 'field' => 'altState', 'label' => '', 'billingField' => 'b_state'), 's_zip' => array('table' => 'Contact', 'field' => 'altZip', 'label' => '', 'billingField' => 'b_zip'), 's_country' => array('table' => 'Contact', 'field' => 'altCountry', 'label' => '', 'billingField' => 'b_country'), 's_phone' => array('table' => 'Contact', 'field' => 'altWorkPhone', 'label' => '', 'billingField' => 'b_phone'), 's_fax' => array('table' => 'Contact', 'field' => 'altFax', 'label' => ''), 's_email' => array('table' => 'Contact', 'field' => 'altEmail', 'label' => '', 'billingField' => 'b_email'), 'paymentMethod' => array('table' => 'custom_paymentinfo', 'field' => 'paymentMethod'), 'ccName' => array('table' => 'custom_paymentinfo', 'field' => 'ccName'), 'ccType' => array('table' => 'custom_paymentinfo', 'field' => 'ccType'), 'ccNumber' => array('table' => 'custom_paymentinfo', 'field' => 'ccNumber', 'encrypt' => true), 'ccMonth' => array('table' => 'custom_paymentinfo', 'field' => 'ccMonth'), 'ccYear' => array('table' => 'custom_paymentinfo', 'field' => 'ccYear'), ); function auctionGetAccountValues() { global $fieldMap; // get Contact table values $sql = "SELECT * FROM Contact WHERE Id = {$_SESSION['auction']['user']['Id']}"; $result = mysql_query($sql) or print("There was an error retrieving your user information.
".mysql_error()."
".$contactInsertSql); $userInfo['Contact'] = mysql_fetch_assoc($result); // get custom_paymentinfo table values $sql = "SELECT * FROM custom_paymentinfo WHERE ContactId = {$_SESSION['auction']['user']['Id']}"; $result = mysql_query($sql) or print("There was an error retrieving your user information.
".mysql_error()."
".$contactInsertSql); $userInfo['custom_paymentinfo'] = mysql_fetch_assoc($result); // fill the $values array foreach($fieldMap as $field => $fieldInfo) { $values[$field] = $userInfo[$fieldInfo['table']][$fieldInfo['field']]; } return $values; } // if the form was submitted, proceed to verify and record data if($_REQUEST['regSubmitted']) { // verify all required fields were provided $formComplete = true; foreach($fieldMap as $key => $value) { if($value['required'] && !$_REQUEST["$key"]) { $incompleteFields[] = $value['label']; $formComplete = false; } } if(!$formComplete) { $errorMessage = "Please complete all required fields"; } $usernameAvailable = true; if(auctionUserExists($_REQUEST['username']) && !$_SESSION['auction']['user']) { $usernameAvailable = false; $errorMessage = "The username you have chosen already exists. Please choose another."; } // all required fields provided, so record data and log in user if($formComplete && $usernameAvailable) { // if the user is not logged in this is a user add operation if(!$_SESSION['auction']['user']) { // record contact info foreach($fieldMap as $key => $value) { if($value['table'] == 'Contact') { $contactInsertSqlFields[] = $value['field']; $contactInsertSqlValues[] = "'".$_REQUEST[$key]."'"; } } $contactInsertSqlFields[] = "SourceId"; $contactInsertSqlValues[] = "'".$sourceId."'"; $contactInsertSql = "INSERT INTO Contact ("; $contactInsertSql .= implode(",", $contactInsertSqlFields); $contactInsertSql .= ") VALUES ("; $contactInsertSql .= implode(",", $contactInsertSqlValues); $contactInsertSql .= ")"; $contactInsertResult = mysql_query($contactInsertSql) or print("There was an error recording your user information.
".mysql_error()."
".$contactInsertSql); $contactId = mysql_insert_id(); // record payment info foreach($fieldMap as $key => $value) { if($value['table'] == 'custom_paymentinfo') { // don't record an encrypted value if the field submitted is empty - basically just save the empty field as empty if($value['encrypt'] && $_REQUEST["$key"]) { $recordValue = encryptValue($_REQUEST["$key"]); } else { $recordValue = $_REQUEST["$key"]; } $paymentInfoInsertSqlFields[] = $value['field']; $paymentInfoInsertSqlValues[] = "'".$recordValue."'"; } } $paymentInfoInsertSqlFields[] = "contactId"; $paymentInfoInsertSqlValues[] = "'".$contactId."'"; $paymentInfoInsertSql = "INSERT INTO custom_paymentinfo ("; $paymentInfoInsertSql .= implode(",", $paymentInfoInsertSqlFields); $paymentInfoInsertSql .= ") VALUES ("; $paymentInfoInsertSql .= implode(",", $paymentInfoInsertSqlValues); $paymentInfoInsertSql .= ")"; $paymentInfoInsertResult = mysql_query($paymentInfoInsertSql) or print("There was an error recording your user information.
".mysql_error()."
".$paymentInfoInsertSql); if($contactInsertResult && $paymentInfoInsertResult) { $actionCompleted = 'add'; auctionLogInUser($contactId); auctionSendAccountRegistrationConfirmation(); } else { $errorMessage = "We're sorry, there was an error recording your data."; } // user is logged in so this is a user update } else { // update contact info foreach($fieldMap as $key => $value) { if($value['table'] == 'Contact') { $contactUpdateSqlSet[] = $value['field']."='".$_REQUEST[$key]."'"; } } $contactUpdateSql = "UPDATE Contact SET "; $contactUpdateSql .= implode(",", $contactUpdateSqlSet); $contactUpdateSql .= " WHERE Id = {$_SESSION['auction']['user']['Id']}"; $contactUpdateResult = mysql_query($contactUpdateSql) or print("There was an error recording your user information.
".mysql_error()."
".$contactUpdateSql); // update payment info foreach($fieldMap as $key => $value) { if($value['table'] == 'custom_paymentinfo') { // '[no change]' used for CC number to not show the encrypted pgp info but not overwrite it if no new info provided if($_REQUEST["$key"] == '[no change]') continue; // don't record an encrypted value if the field submitted is empty - basically just save the empty field as empty if($value['encrypt'] && $_REQUEST["$key"]) { $recordValue = encryptValue($_REQUEST["$key"]); } else { $recordValue = $_REQUEST["$key"]; } $paymentInfoUpdateSqlSet[] = $value['field']."='".$recordValue."'"; } } $paymentInfoUpdateSql = "UPDATE custom_paymentinfo SET "; $paymentInfoUpdateSql .= implode(",", $paymentInfoUpdateSqlSet); $paymentInfoUpdateSql .= " WHERE contactId = {$_SESSION['auction']['user']['Id']}"; $paymentInfoUpdateResult = mysql_query($paymentInfoUpdateSql) or print("There was an error recording your user information.
".mysql_error()."
".$paymentInfoUpdateSql); if($contactUpdateResult && $paymentInfoUpdateResult) { $actionCompleted = 'update'; // "log in" the user again to update their session info auctionLogInUser($_SESSION['auction']['user']['Id']); auctionSendAccountUpdateConfirmation(); // do nothing special } else { $errorMessage = "We're sorry, there was an error recording your data."; } } // not all required fields were provided } else { } } /* firstName lastName customerType company resellerId b_address1 b_address2 b_city b_state b_zip b_country b_phone b_fax b_email *shipBillSame s_address1 s_address2 s_city s_state s_zip s_country s_phone s_fax s_email paymentMethod ccType ccNumber ccMonth ccYear ccName */ // if the user is logged in then show the account editing form, which is the fields prepopulated $values = array(); if($_SESSION['auction']['user']) { $values = auctionGetAccountValues(); } // use a merged array of request and values for what to fill the input fields with $inputValues = array_merge($values, $_REQUEST); ?>

		About Us  |  Contact  |  Account Info  |  Logout  |  Login / Register View Bids   You have successfully registered with Johns Western Gallery. You can now place bids on lots in the current auction catalog. Click here to continue   Your account information has been updated. Click here to continue Please complete this form to register as a bidder with Johns Western Gallery. All fields with an * are required.   The following fields were not completed: *  Username *  Password *  First Name *  Last Name *  Customer Type >Individual >Dealer Note: if you select "Dealer" you must provide a company name and Reseller ID.   Company   Reseller ID Contact and Billing Address *  Address Line 1 *  Address Line 2 *  City *  State/Province Please Select Alabama Alaska Alberta American Samoa Arizona Arkansas British Columbia California Colorado Connecticut Delaware District of Columbia Florida Georgia Guam Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Manitoba Marshall Islands Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Brunswick New Hampshire New Jersey New Mexico New York Newfoundland North Carolina North Dakota Northern Mariana Islands Northwest Territories Nova Scotia Ohio Oklahoma Ontario Oregon Palau Pennsylvania Prince Edward Island Puerto Rico Quebec Rhode Island Saskatchewan South Carolina South Dakota Tennessee Texas Utah Vermont Virgin Islands Virginia Washington West Virginia Wisconsin Wyoming Yukon *  Zip/Postal Code *  Country >US >Canada *  Phone Number   Fax Number *  Email Check box if this address is the SAME as your SHIPPING address. If not, please enter your shipping address below Shipping Address   Address Line 1   Address Line 2   City   State/Province Please Select Alabama Alaska Alberta American Samoa Arizona Arkansas British Columbia California Colorado Connecticut Delaware District of Columbia Florida Georgia Guam Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Manitoba Marshall Islands Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Brunswick New Hampshire New Jersey New Mexico New York Newfoundland North Carolina North Dakota Northern Mariana Islands Northwest Territories Nova Scotia Ohio Oklahoma Ontario Oregon Palau Pennsylvania Prince Edward Island Puerto Rico Quebec Rhode Island Saskatchewan South Carolina South Dakota Tennessee Texas Utah Vermont Virgin Islands Virginia Washington West Virginia Wisconsin Wyoming Yukon   Zip/Postal Code   Country >US >Canada   Phone Number   Email Payment Method   Select Payment >Credit Card >Pre-Pay >Money Order >Will Call >Wire Transfer Credit Card Credity Card No. Expiration Cardholder's Name  >Visa >Master Card >01 >02 >03 >04 >05 >06 >07 >08 >09 >10 >11 >12 >2004 >2005 >2006 >2007 >2008 >2009 >2010