<?php
include('getsettings.php');
if ($_GET['logout'] == 'y') {
	$date_of_expiry = time() - 60 ;
	setcookie( "r3session", "", $date_of_expiry, "/" );
	unset($_COOKIE['r3session']);
}
$whichpanel='login';
if (isset($_POST['DoWhat']) && $_POST['DoWhat'] == 'Register' && $_POST['username'] != '') {
	$db = new mysqlDB();
	$sql = "select * from contact where username='".mysqli_real_escape_string($db->conn,$_POST['username'])."' OR email='".mysqli_real_escape_string($db->conn,$_POST['email'])."'";
	$db->query($sql);
	if ($db->num_rows > 0) {
		$lnote='';
		foreach ($db->rows as $row) {
			if ($_POST['username'] == $row['username']) { $lnote.='That username has already been selected.'; } else { $lnote.='That email address already has an account.'; }
		}
		$lnote.=' Please try and login, select forgot password if you cannot remember it, or register with different information.';
	} else {
		$db = new mysqlDB();
		$sql = "insert into contact (username,password,firstname,lastname,company,email,phone,salesrep,accesslevel,registerdate) values (";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['username'])."',";
		$sql.="PASSWORD('".mysqli_real_escape_string($db->conn,$_POST['pword'])."'),";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['first_name'])."',";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['last_name'])."',";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['company'])."',";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['email'])."',";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['phone'])."',";
		$sql.="'".mysqli_real_escape_string($db->conn,$_POST['salesrep'])."',";
		$sql.="'unapproved',";
		$sql.="Now())";
		$db->query($sql);
		$msg ="Username: ".$_POST['username']."\n";
		$msg ="First Name: ".$_POST['first_name']."\n";
		$msg.="Last Name: ".$_POST['last_name']."\n";
		$msg.="Company: ".$_POST['company']."\n";
		$msg.="Email: ".$_POST['email']."\n";
		$msg.="Phone: ".$_POST['phone']."\n";
		$msg.="Sales Rep: ".$_POST['salesrep']."\n\n";
		$msg.="To Approve: http://". $_SERVER['HTTP_HOST']."/cms/dashboard.html\n";

		$headers = "From: R3FactorChallenge <donotreply@".$_SERVER['HTTP_HOST'].">\n";
		$headers .= "Reply-To: ".$_POST['first_name']." ".$_POST['last_name']." <".$_POST['email'].">";
		mail($settings['Register Approver Email Address'],"R3 Factor Challenge Tool Registration",$msg,$headers);
		$lnote=$settings['Register Thanks Note'];
	}
}
if (isset($_POST['DoWhat']) && $_POST['DoWhat'] == 'Send Password Reset Email') {
	$db = new mysqlDB();
	$sql = "select * from contact where username='".mysqli_real_escape_string($db->conn,$_POST['uname'])."' OR email='".mysqli_real_escape_string($db->conn,$_POST['uname'])."'";
	$db->query($sql);
	if ($db->num_rows == 0) {
		$lnote=$settings['PW Recover No Account'];
	} else if ($db->row['email'] == '') {
		$lnote=$settings['PW Recover No Account Email'];
	} else {
		$ereset=generate_random_string(20);
		$sdb = new mysqlDB();
		$sql = "update contact set pwrecover='".mysqli_real_escape_string($sdb->conn,$ereset)."',pwrecovertime=Now() where contactid=".$db->row['contactid'];
		$sdb->query($sql);
		$msg=$settings['PW Recover Instructions Email'];
		$msg.="\r\r".'http://'.$_SERVER['HTTP_HOST'].'/index.html?ereset='.$ereset;
		$headers = "From: Do Not Reply <donotreply@".$_SERVER['HTTP_HOST'].">";
		mail($db->row['email'],"R3 Factor Challenge Password Reset",$msg,$headers);
		$lnote=$settings['PW Recover Instructions']."\r".$db->row['email'];
	}
}
if (isset($_GET['ereset']) && strlen($_GET['ereset']) == 20) {
	$db = new mysqlDB();
	$sql = "select * from contact where pwrecover='".mysqli_real_escape_string($db->conn,$_GET['ereset'])."'";
	$db->query($sql);
	if ($db->num_rows == 0) {
		$lnote='Sorry, there is no account with that password reset code.';
	} else {
		$whichpanel='pwreset';
	}
}
if (isset($_POST['DoWhat']) && $_POST['DoWhat'] == 'Set New Password') {
	$db = new mysqlDB();
	$sql = "select * from contact where pwrecover='".mysqli_real_escape_string($db->conn,$_POST['resetcode'])."'";
	$db->query($sql);
	if ($db->num_rows == 0) {
		$lnote='Sorry, there is no account with that password reset code.';
	} else {
		$sdb = new mysqlDB();
		$sql = "update contact set password=PASSWORD('".mysqli_real_escape_string($sdb->conn,$_POST['newpw'])."'),pwrecover='',pwrecovertime='0000-00-00 00:00:00' where contactid=".$db->row['contactid'];
		$sdb->query($sql);
		$lnote='Your password has been reset.';
	}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="utf-8" />
	<title>R3 Factor Challenge</title>
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,600,700' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="site.css" type="text/css">
<script src="jquery-1.11.2.min.js"></script>
<script src="equalheightdivlines.js"></script>
<script>
var poppause;
$(document).ready(function() {
	$('#loginform').submit(function(e) {
		var errs='';
		if ($('#uname').val() == '') { errs+='You must enter a Username.'+"\n"; }
		if ($('#pword').val() == '') { errs+='You must enter a Password.'+"\n"; }
		if (errs == '') {
			return true;
		} else {
			alert(errs);
			return false;
		}
	});
	$('#registerform').submit(function(e) {
		//console.log('submit');
		var errs='';
		if ($('#username').val() == '') { errs+='You must enter a Username.'+"\n"; }
		if ($('#rfpword').val().length < 8) { errs+='You must enter a Password of at least 8 characters in length.'+"\n"; }
		if ($('#first_name').val() == '') { errs+='You must enter your First Name.'+"\n"; }
		if ($('#last_name').val() == '') { errs+='You must enter your Last Name.'+"\n"; }
		if ($('#company').val() == '') { errs+='You must enter your Company Name.'+"\n"; }
		if ($('#salesrep').val() == '') { errs+='You must enter your Sales Rep.'+"\n"; }
		if ($('#email').val() == '' || !validateEmail($('#email').val())) { errs+='You must enter a valid Email Address.'+"\n"; }
		if ($('#phone').val() == '') { errs+='You must enter your Phone Number.'+"\n"; }
		if (errs == '') {
			return true;
		} else {
			alert(errs);
			return false;
		}
	});
	$('#forgotform').submit(function(e) {
		var errs='';
		if ($('#funame').val() == '') { errs+='You must enter your username or email.'+"\n"; }
		if (errs == '') {
			return true;
		} else {
			alert(errs);
			return false;
		}
	});
	$('#pwresetform').submit(function(e) {
		var errs='';
		if ($('#newpw').val() == '') { errs+='You must enter a new password for your account.'+"\n"; }
		if (errs == '') {
			return true;
		} else {
			alert(errs);
			return false;
		}
	});
	$('#r3logo').mouseover(function() {
		poppause=setTimeout(function(){ popBigLogo(); }, 10000);
	});
	$('#r3logo').mouseout(function() {
		clearTimeout(poppause);
	});
});
function popBigLogo() {
	$('#indexleft').prepend('<img id="biglogo" src="images/r3-factor-big.png" style="position:absolute;width:134px;height:134px;margin-top:-66px;">');
	$('#biglogo').animate( { height: '1000px',width: '1000px' }, { duration: 300, complete: function() { setTimeout(function(){ unpopBigLogo(); }, 1000); } });
}
function unpopBigLogo() {
	$('#biglogo').animate( { height: '134px',width: '134px' }, { duration: 300, complete: function() { $('#biglogo').remove(); } });
	clearTimeout(poppause);
}
function switchRegister() {
	$('#garageimg').hide();
	$('#loginformdiv').hide();
	$('#registerdiv').fadeIn();
}
function switchForgotPassword() {
	$('#loginformdiv').hide();
	$('#forgotdiv').fadeIn();
}
function switchLogin() {
	$('#forgotdiv').hide();
	$('#registerdiv').hide();
	$('#loginformdiv').fadeIn();
}
function validateEmail(email) {
    var re = /^([\w-]+(?:\.[\w-]+)*)@((?:[\w-]+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$/i;
    return re.test(email);
}
</script>
<?php include('topscripts.php'); ?>
</head>
<body>
<div id="header"></div>
<div id="wrapper">
<div style="display:block;float:right;width:23%;height:700px;background:#d2d2d2 url('images/noise-pattern.png') repeat;padding:5% 10% 5% 5%;text-align:left;font-size: 16px;font-weight:600">
<img src="images/garage.png" id="garageimg" style="margin-left:-40px;"><br>

<div id="loginformdiv"<?php if ($whichpanel != 'login') { echo ' style="display:none;"'; } ?>>
<p>Log-in to the tool now to see the benefits we can bring to your organization.</p>
<?php
if ($_GET['lerr'] == 'y') { echo '<p style="color:red;">Username or Password not found.</p>'."\r\n"; }
if ($_GET['lerr'] == 'u') { echo '<p style="color:red;">Your account has not yet been approved by the admin.  An email will be sent to you when it is.  Thank you for your patience.</p>'."\r\n"; }
if ($lnote != '') { echo '<p style="color:red;">'.$lnote."</p>\r\n"; }
if ($lnote == $settings['PW Recover Instructions']) { echo $resetemail."\r\n"; } 
?>
<form id="loginform" method="POST" action="difference.html">
<label for="uname">USER NAME</label>
<input type="text" name="uname" id="uname"><br>
<label for="pword">PASSWORD</label>
<input type="password" name="pword" id="pword"><br>
<input type="submit" value="Login" class="btn"> <a href="javascript:switchRegister()" style="font-size:10px;font-weight:bold;color:#666666;text-decoration:none;">Don't have a login?</a>
</form>
<p><a href="javascript:switchForgotPassword()">Forgot your password?</a></p>
</div>

<div id="registerdiv" style="<?php if ($whichpanel != 'registerform') { echo 'display:none;'; } ?>margin-top:-70px;">
<p>Fill out the form below. Once submitted, an admin will need to approve your account. </p>
<form id="registerform" method="POST" action="index.html">
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="">
<label for="rfpword">Password:</label>
<input type="password" name="pword" id="rfpword" value="">
<label for="first_name">First Name:</label>
<input type="text" name="first_name" id="first_name" value="">
<label for="last_name">Last Name:</label>
<input type="text" name="last_name" id="last_name" value="">
<label for="company">Company:</label>
<input type="text" name="company" id="company" value="">
<label for="company">Sales Rep:</label>
<input type="text" name="salesrep" id="salesrep" value="">
<label for="email">Email Address:</label>
<input type="text" name="email" id="email" value="">
<label for="phone">Phone:</label>
<input type="text" name="phone" id="phone" value="">
<input type="submit" name="DoWhat" value="Register" class="btn"> 
</form>
<p><a href="javascript:switchLogin()">Back to Login</a></p>
</div>

<div id="forgotdiv"<?php if ($whichpanel != 'forgot') { echo ' style="display:none;"'; } ?>>
<p>Enter your username or email address to have a password reset email sent to you.</p>
<form id="forgotform" method="POST" action="index.html">
<label for="funame">USER NAME or EMAIL</label>
<input type="text" name="uname" id="funame"><br>
<input type="submit" name="DoWhat" value="Send Password Reset Email" class="btn"> 
</form>
<p>Still having problems? <a href="mailto:jeremy.mishork@bunzlusa.com?subject=R3 Factor Challenge Tool Login" style="font-size:10px;font-weight:bold;color:#666666;text-decoration:none;">Contact Us</a></p>
<p><a href="javascript:switchLogin()">Back to Login</a></p>
</div>

<div id="pwresetdiv"<?php if ($whichpanel != 'pwreset') { echo ' style="display:none;"'; } ?>>
<p>Enter a new password for your account.</p>
<form id="pwresetform" method="POST" action="index.html">
<label for="uname">New Password</label>
<input type="password" name="newpw" id="newpw"><br>
<input type="submit" name="DoWhat" value="Set New Password" class="btn"> 
<input type="hidden" name="resetcode" value="<?php echo htmlspecialchars($_GET['ereset']); ?>">
</form>
<p>Still having problems? <a href="mailto:jeremy.mishork@bunzlusa.com?subject=R3 Factor Challenge Tool Login" style="font-size:10px;font-weight:bold;color:#666666;text-decoration:none;">Contact Us</a></p>
<p><a href="javascript:switchLogin()">Back to Login</a></p>
</div>

</div>
<div id="indexleft" style="position:relative;width:54%;margin:10px 5%;" class="equalheightdivlines">
<img src="images/r3-factor-logo.png" id="r3logo" style="margin-top:-66px;">
<h1>Are you ready to take the challenge?</h1>
<p>This interactive evaluation tool exclusively from R3 will reveal how Total Category Management identifies, addresses, and eliminates issues that affect your growth and profitability. Through our Total Category Management program, R3 can help:</p>
<hr style="margin:50px 30%;">
<div class="infoblock"><img src="images/btn-checkbox-blue.png" style="margin-left:-20px;margin-top:-40px;">
<div style="margin:5px;">Reduce operating costs</div>
</div>
<div class="infoblock"><img src="images/btn-checkbox-blue.png" style="margin-left:-20px;margin-top:-40px;">
<div style="margin:5px;">Find better ways to utilize your assets</div>
</div>
<div class="infoblock"><img src="images/btn-checkbox-blue.png" style="margin-left:-20px;margin-top:-40px;">
<div style="margin:5px;">Grow your earned income, sales and bottom line in the Non-Foods category</div>
</div>
<br clear="left">
<div style="margin-top:60px;font-size:13.5px;font-weight:600;color:black;"><img src="images/logo-r3.png" style="vertical-align:middle;"> The Difference That Makes You Better</div>
</div>
<br clear="all">
</div>
<div id="footer"><?php echo $settings['Copyright Notice']; ?> <a href="http://r3redistribution.com/legal/" target="_blank" style="margin-left:10%;">Privacy Policy</a></div>
</body>
</html>