2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 08/26/2003 *
\r
4 * =============== Last change: 11/29/2004 *
\r
6 * -------------------------------------------------------------------- *
\r
7 * File : mysql-manager.php *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : All MySQL-related functions *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Alle MySQL-Relevanten Funktionen *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Some security stuff...
\r
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
\r
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
\r
42 function ADD_MODULE_TITLE($mod)
\r
44 global $MODULES, $CONFIG;
\r
45 $name = ""; $result = false;
\r
47 if (!mxchange_installing)
\r
49 if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))
\r
52 $name = $MODULES['title'][$mod];
\r
54 // Update cache hits
\r
55 $CONFIG['cache_hits']++;
\r
59 // Load from database
\r
60 $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
\r
61 list($name) = SQL_FETCHROW($result);
\r
62 SQL_FREERESULT($result);
\r
67 $name = trim($name);
\r
69 // Still no luck or empty title?
\r
73 $name = LANG_UNKNOWN_MODULE." (".$mod.")";
\r
74 if (SQL_NUMROWS($result) == 0)
\r
76 // Add module to database
\r
77 $dummy = CHECK_MODULE($mod);
\r
83 function CHECK_MODULE($mod)
\r
85 // We need them now here...
\r
86 global $MODULES, $CONFIG, $CACHE;
\r
88 // Filter module name (names with low chars and underlines are fine!)
\r
89 $mod = preg_replace("/[^a-z_]/", "", $mod);
\r
91 // Check for prefix is a extension...
\r
92 $MOD_SPLIT = explode("_", $mod);
\r
93 $extension = ""; $mod_chk = $mod;
\r
94 //* DEBUG: */ echo __LINE__."*".count($MOD_SPLIT)."*/".$mod."*<BR>";
\r
95 if (count($MOD_SPLIT) == 2)
\r
97 // Okay, there is a seperator (_) in the name so is the first part a module?
\r
98 //* DEBUG: */ echo __LINE__."*".$MOD_SPLIT[0]."*<BR>";
\r
99 if (EXT_IS_ACTIVE($MOD_SPLIT[0]))
\r
101 // The prefix is an extension's name, so let's set it
\r
102 $extension = $MOD_SPLIT[0]; $mod = $MOD_SPLIT[1];
\r
106 // Major error in module registry is the default
\r
109 // Check if script is installed if not return a "done" to prevent some errors
\r
110 if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";
\r
112 // Check if cache is latest version
\r
113 $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;
\r
114 if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])))
\r
116 // Is the module cached?
\r
117 if (isset($MODULES['locked'][$mod_chk])) {
\r
119 $locked = $MODULES['locked'][$mod_chk];
\r
120 $hidden = $MODULES['hidden'][$mod_chk];
\r
121 $admin = $MODULES['admin_only'][$mod_chk];
\r
122 $mem = $MODULES['mem_only'][$mod_chk];
\r
124 // Update cache hits
\r
125 $CONFIG['cache_hits']++;
\r
128 // No, then we have to update it!
\r
129 $ret = "cache_miss";
\r
134 // Check for module in database
\r
135 $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod_chk), __FILE__, __LINE__);
\r
136 if (SQL_NUMROWS($result) == 1)
\r
139 list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);
\r
140 SQL_FREERESULT($result);
\r
145 // Check returned values against current access permissions
\r
147 // Admin access ----- Guest access ----- --- Guest or member? ---
\r
148 if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN()))))
\r
150 // If you are admin you are welcome for everything!
\r
153 elseif ($locked == "Y")
\r
155 // Module is locked
\r
158 elseif (($mem == "Y") && (!IS_LOGGED_IN()))
\r
160 // You have to login first!
\r
163 elseif (($admin == "Y") && (!IS_ADMIN()))
\r
165 // Only the Admin is allowed to enter this module!
\r
166 $ret = "admin_only";
\r
169 // Still no luck or not found?
\r
170 if (($ret == "major") || ($ret == "cache_miss") || (!$found))
\r
172 // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---
\r
173 if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php")))
\r
175 // Data is missing so we add it
\r
176 if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
\r
177 // Since 0.3.6 we have a has_menu column, this took me a half hour
\r
178 // to find a loop here... *sigh*
\r
179 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
\r
180 (module, locked, hidden, mem_only, admin_only, has_menu) VALUES
\r
181 ('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
\r
183 // Wrong/missing sql_patches!
\r
184 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
\r
185 (module, locked, hidden, mem_only, admin_only) VALUES
\r
186 ('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
\r
189 // Everthing is fine?
\r
190 if (SQL_AFFECTEDROWS() == 0) {
\r
191 // Something bad happend!
\r
195 // Destroy cache here
\r
196 if (GET_EXT_VERSION("cache") >= "0.1.2")
\r
198 if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();
\r
203 $ret = CHECK_MODULE($mod_chk);
\r
207 // Module not found we don't add it to the database
\r
212 // Return the value
\r
216 function ADD_DESCR($ACC_LVL, $FILE, $return = false, $output = true)
\r
218 global $_GET, $DEPTH, $CONFIG;
\r
219 $LINK_ADD = ""; $OUT = ""; $AND = "";
\r
220 // First we have to do some analysis...
\r
221 if (ereg("action-", $FILE))
\r
223 // This is an action file!
\r
225 $SEARCH = substr($FILE, 7);
\r
229 $MOD_CHECK = "admin";
\r
235 $MOD_CHECK = $GLOBALS['module'];
\r
238 $AND = " AND what=''";
\r
240 elseif (ereg("what-", $FILE))
\r
242 // This is an admin what file!
\r
244 $SEARCH = substr($FILE, 5);
\r
249 $MOD_CHECK = "admin";
\r
254 $MOD_CHECK = $GLOBALS['module'];
\r
257 $AND = " AND visible='Y' AND locked='N'";
\r
261 $DUMMY = substr($SEARCH, 0, -4);
\r
262 $AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";
\r
264 elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine"))
\r
266 // Sponsor / engine menu
\r
269 $MOD_CHECK = $GLOBALS['module'];
\r
277 $MOD_CHECK = $GLOBALS['module'];
\r
280 if ((!isset($DEPTH)) && (!$return))
\r
283 $PREFIX = "<DIV class=\"you_are_here\">".YOU_ARE_HERE." <STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";
\r
287 if (!$return) $DEPTH++;
\r
290 $PREFIX .= " -> ";
\r
291 if (ereg(".php", $SEARCH))
\r
293 $SEARCH = substr($SEARCH, 0, strpos($SEARCH, ".php"));
\r
295 $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
\r
296 array($ACC_LVL, $TYPE, $SEARCH), __FILE__, __LINE__);
\r
297 if (SQL_NUMROWS($result) == 1)
\r
299 list($ret) = SQL_FETCHROW($result);
\r
300 SQL_FREERESULT($result);
\r
306 elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin")))
\r
308 // Output HTML code
\r
309 $OUT = $PREFIX."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&".$TYPE."=".$SEARCH.$LINK_ADD."\">".$ret."</A></STRONG>\n";
\r
310 //* DEBUG: */ echo __LINE__."*".$TYPE."/".$GLOBALS['what']."*<br />\n";
\r
311 if (($TYPE == "what") || (($TYPE == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
\r
312 //* DEBUG: */ echo __LINE__."+".$TYPE."+<br />\n";
\r
313 $OUT .= "</DIV><BR>\n";
\r
318 // Return or output HTML code?
\r
321 // Output HTML code here
\r
326 // Return HTML code
\r
331 function ADD_MENU($MODE, $act, $wht)
\r
334 if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
\r
335 $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
\r
338 $AND = "AND visible='Y' AND locked='N'";
\r
340 // Load SQL data and add the menu to the output stream...
\r
341 $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
\r
342 array($MODE), __FILE__, __LINE__);
\r
343 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
344 if (SQL_NUMROWS($result_main) > 0)
\r
346 OUTPUT_HTML ("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
\r
347 // There are menus available, so we simply display them... :)
\r
348 while (list($main_title, $main_action) = SQL_FETCHROW($result_main))
\r
350 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
351 // Load menu header template
\r
352 $BLOCK_MODE = false; $act = $main_action;
\r
353 LOAD_TEMPLATE($MODE."_menu_title", false, $main_title);
\r
355 $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
\r
356 array($MODE, $main_action), __FILE__, __LINE__);
\r
357 $ctl = SQL_NUMROWS($result_sub);
\r
361 while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))
\r
365 // Full file name for checking menu
\r
366 //* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";
\r
367 $test_inc = sprintf("%sinc/modules/%s/what-%s.php", PATH, $MODE, $sub_what);
\r
368 $test = (file_exists($test_inc) && is_readable($test_inc));
\r
371 if ((!empty($wht)) && (($wht == $sub_what)))
\r
373 $content = "<STRONG>";
\r
377 $content .= "<A name=\"menu\" class=\"menu_blur\" href=\"".URL."/modules.php?module=".$GLOBALS['module']."&what=".$sub_what.ADD_URL_DATA("")."\"";
\r
379 if (frameset_active)
\r
381 // We need to add a JavaScript here to reload both frames!
\r
385 // Add the default target _self
\r
386 $content .= " target=\"_self\"";
\r
396 $content .= $CONFIG['middot'].$sub_title;
\r
400 $content .= "</A>";
\r
404 $content .= "</I>";
\r
407 if ((!empty($wht)) && (($wht == $sub_what)))
\r
409 $content .= "</STRONG>";
\r
411 $wht = $sub_what; $cnt++;
\r
414 LOAD_TEMPLATE($MODE."_menu_row", false, $content);
\r
418 LOAD_TEMPLATE($MODE."_menu_bottom", false, $content);
\r
424 // This is a menu block... ;-)
\r
425 $BLOCK_MODE = true;
\r
426 $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action);
\r
427 if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK)))
\r
429 // Load include file
\r
430 if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML ("<TR>
\r
431 <TD class=\"".$MODE."_menu_whats\">");
\r
432 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
433 include ($INC_BLOCK);
\r
434 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
435 if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML (" </TD>
\r
438 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
441 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
442 if (SQL_NUMROWS($result_main) > $main_cnt) OUTPUT_HTML ("<TR><TD class=\"".$MODE."_menu_seperator\"></TD></TR>");
\r
446 SQL_FREERESULT($result_main);
\r
449 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
\r
450 OUTPUT_HTML ("</TABLE>");
\r
453 // This patched function will reduce many SELECT queries for the specified or current admin login
\r
454 function IS_ADMIN($admin="")
\r
456 global $_COOKIE, $ADMINS, $CONFIG;
\r
457 $ret = false; $passCookie = ""; $valPass = "";
\r
458 //* DEBUG: */ echo __LINE__."ADMIN:".$admin."<BR>";
\r
460 // If admin login is not given take current from cookies...
\r
461 if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))
\r
463 $admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];
\r
465 //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<BR>";
\r
467 // Search in array for entry
\r
468 if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))
\r
470 // Count cache hits
\r
471 $CONFIG['cache_hits']++;
\r
473 // Login data is valid or not?
\r
474 $valPass = generatePassString($ADMINS['password'][$admin]);
\r
476 elseif (!empty($admin))
\r
478 // Search for admin
\r
479 $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
\r
480 array($admin), __FILE__, __LINE__);
\r
484 if (SQL_NUMROWS($result) == 1)
\r
486 // Admin login was found so let's load password from DB
\r
487 list($passDB) = SQL_FETCHROW($result);
\r
488 $valPass = generatePassString($passDB);
\r
492 SQL_FREERESULT($result);
\r
495 if (!empty($valPass))
\r
497 // Check if password is valid
\r
498 //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";
\r
499 $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
\r
502 // Return result of comparision
\r
503 //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br>";
\r
507 function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)
\r
514 // Guests (in the registration form) are not allowed to select 0 mails per day.
\r
515 $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE value > 0 ORDER BY value", __FILE__, __LINE__);
\r
516 if (SQL_NUMROWS($result) > 0)
\r
519 while (list($value, $comment) = SQL_FETCHROW($result))
\r
521 $OUT .= " <OPTION value=\"".$value."\"";
\r
522 if ($_POST['max_mails'] == $value) $OUT .= " selected=\"selected\"";
\r
523 $OUT .= ">".$value." ".PER_DAY;
\r
524 if (!empty($comment)) $OUT .= " (".$comment.")";
\r
525 $OUT .= "</OPTION>\n";
\r
527 define('__MAX_RECEIVE_OPTIONS', $OUT);
\r
530 SQL_FREERESULT($result);
\r
531 $OUT = LOAD_TEMPLATE("guest_receive_table", true);
\r
535 // Maybe the admin has to setup some maximum values?
\r
540 // Members are allowed to set to zero mails per day (we will change this soon!)
\r
541 $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive ORDER BY value", __FILE__, __LINE__);
\r
542 if (SQL_NUMROWS($result) > 0)
\r
545 while (list($value, $comment) = SQL_FETCHROW($result))
\r
547 $OUT .= " <OPTION value=\"".$value."\"";
\r
548 if ($default == $value) $OUT .= " selected=\"selected\"";
\r
549 $OUT .= ">".$value." ".PER_DAY;
\r
550 if (!empty($comment)) $OUT .= " (".$comment.")";
\r
551 $OUT .= "</OPTION>\n";
\r
553 define('__MAX_RECEIVE_OPTIONS', $OUT);
\r
554 SQL_FREERESULT($result);
\r
555 $OUT = LOAD_TEMPLATE("member_receive_table", true);
\r
559 // Maybe the admin has to setup some maximum values?
\r
560 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, NO_MAX_VALUES);
\r
566 // Return generated HTML code
\r
571 // Output directly (default)
\r
572 OUTPUT_HTML ($OUT);
\r
576 function SEARCH_EMAIL_USERTAB($email)
\r
579 $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__);
\r
580 if (SQL_NUMROWS($result) == 1) $ret = true;
\r
581 SQL_FREERESULT($result);
\r
585 function WHAT_IS_VALID($act, $wht, $TYPE="guest")
\r
589 // Everything is valid to the admin :-)
\r
595 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what='%s' AND locked='N' LIMIT 1", array($TYPE, $act, $wht), __FILE__, __LINE__);
\r
596 // Is "what" valid?
\r
597 if (SQL_NUMROWS($result) == 1) $ret = true;
\r
598 SQL_FREERESULT($result);
\r
603 function IS_LOGGED_IN()
\r
605 global $_COOKIE, $status, $LAST;
\r
606 if (!is_array($LAST)) $LAST = array();
\r
609 // Fix "deleted" cookies first
\r
610 FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
\r
612 // Are cookies set?
\r
613 if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))
\r
615 // Cookies are set with values, but are they valid?
\r
616 $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
617 array($GLOBALS['userid']), __FILE__, __LINE__);
\r
618 if (SQL_NUMROWS($result) == 1)
\r
620 // Load data from cookies
\r
621 list($password, $status, $mod, $onl) = SQL_FETCHROW($result);
\r
623 // Validate password by created the difference of it and the secret key
\r
624 $valPass = generatePassString($password);
\r
626 // Transfer last module and online time
\r
627 if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
\r
629 // So did we now have valid data and an unlocked user?
\r
630 //* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";
\r
631 if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))
\r
633 // Account is confirmed and all cookie data is valid so he is definely logged in! :-)
\r
638 // Maybe got locked etc.
\r
639 //* DEBUG: */ echo __LINE__."!!!<br>";
\r
640 @setcookie("userid", "", time() - 3600, COOKIE_PATH);
\r
641 @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
\r
642 @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
\r
644 // Remove array elements to prevent errors
\r
645 unset($GLOBALS['userid']);
\r
646 unset($_COOKIE['u_hash']);
\r
647 unset($_COOKIE['lifetime']);
\r
652 // Cookie data is invalid!
\r
653 //* DEBUG: */ echo __LINE__."***<br>";
\r
654 @setcookie("userid", "", time() - 3600, COOKIE_PATH);
\r
655 @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
\r
656 @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
\r
658 // Remove array elements to prevent errors
\r
659 unset($GLOBALS['userid']);
\r
660 unset($_COOKIE['u_hash']);
\r
661 unset($_COOKIE['lifetime']);
\r
665 SQL_FREERESULT($result);
\r
669 // Cookie data is invalid!
\r
670 //* DEBUG: */ echo __LINE__."///<br>";
\r
671 @setcookie("userid", "", time() - 3600, COOKIE_PATH);
\r
672 @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
\r
673 @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
\r
675 // Remove array elements to prevent errors
\r
676 unset($GLOBALS['userid']);
\r
677 unset($_COOKIE['u_hash']);
\r
678 unset($_COOKIE['lifetime']);
\r
683 function UPDATE_LOGIN_DATA ($UPDATE=true) {
\r
685 if (!is_array($LAST)) $LAST = array();
\r
687 // Are the required cookies set?
\r
688 if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {
\r
689 // Nope, then return here to caller function
\r
693 $GLOBALS['userid'] = bigintval($_COOKIE['userid']);
\r
696 // Extract last online time (life) and how long is auto-login valid (time)
\r
697 $newl = time() + bigintval($_COOKIE['lifetime']);
\r
699 // Recheck if logged in
\r
700 if (!IS_LOGGED_IN()) return false;
\r
702 // Load last module and last online time
\r
703 $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
\r
704 if (SQL_NUMROWS($result) == 1) {
\r
705 // Load last module and online time
\r
706 list($mod, $onl) = SQL_FETCHROW($result);
\r
707 SQL_FREERESULT($result);
\r
709 // Maybe first login time?
\r
710 if (empty($mod)) $mod = "login";
\r
712 if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {
\r
713 // This will be displayed on welcome page! :-)
\r
714 if (empty($LAST['module'])) {
\r
715 $LAST['module'] = $mod; $LAST['online'] = $onl;
\r
717 if (empty($GLOBALS['what'])) {
\r
718 $GLOBALS['what'] = "welcome";
\r
721 // Update last module / online time
\r
722 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
\r
723 array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
\r
728 // Destroy session, we cannot update!
\r
729 @setcookie("userid", "", time() - 3600, COOKIE_PATH);
\r
730 @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
\r
731 @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
\r
735 function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
\r
740 if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND locked='N'";
\r
741 //* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";
\r
742 if (($MODE != "admin") && ($UPDATE))
\r
744 // Update guest or member menu
\r
745 $SQL = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s_menu SET counter=counter+1 WHERE action='%s' AND what='%s'".$ADD." LIMIT 1",
\r
746 array($MODE, $act, $wht), __FILE__, __LINE__, false);
\r
748 elseif ($wht != "overview")
\r
751 $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s'".$ADD." ORDER BY action DESC LIMIT 1",
\r
752 array($MODE, $act), __FILE__, __LINE__, false);
\r
756 // Admin login overview
\r
757 $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1",
\r
758 array($MODE, $act), __FILE__, __LINE__, false);
\r
762 $result = SQL_QUERY($SQL, __FILE__, __LINE__);
\r
765 if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) $ret = true;
\r
766 //* DEBUG: */ debug_print_backtrace();
\r
770 if (SQL_NUMROWS($result) == 1) {
\r
771 list($id, $wht2) = SQL_FETCHROW($result);
\r
772 //* DEBUG: */ echo __LINE__."+".$SQL."+<br />\n";
\r
773 //* DEBUG: */ echo __LINE__."*".$id."/".$wht."/".$wht2."*<br />\n";
\r
779 SQL_FREERESULT($result);
\r
780 //* DEBUG: */ var_dump($ret);
\r
784 function GET_MOD_DESCR($MODE, $wht)
\r
786 if (empty($wht)) $wht = "welcome";
\r
787 $ret = "??? (".$wht.")";
\r
788 $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", array($MODE, $wht), __FILE__, __LINE__);
\r
789 if (SQL_NUMROWS($result) == 1)
\r
791 list($ret) = SQL_FETCHROW($result);
\r
792 SQL_FREERESULT($result);
\r
797 function SEND_MODE_MAILS($mod, $modes)
\r
799 global $_COOKIE, $_POST, $CONFIG, $DATA;
\r
801 $result_main = SQL_QUERY("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
\r
802 array($GLOBALS['userid']), __FILE__, __LINE__);
\r
803 if (SQL_NUMROWS($result_main) == 1)
\r
805 // Load hash and extract salt
\r
806 list($hash) = SQL_FETCHROW($result_main);
\r
807 $salt = substr($hash, 0, -40);
\r
809 // Now let's compare passwords
\r
810 $hash = generateHash($_POST['pass1'], $salt);
\r
811 if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2']))
\r
813 // Load user's data
\r
814 $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
\r
815 array($GLOBALS['userid'], $hash), __FILE__, __LINE__);
\r
816 if (SQL_NUMROWS($result) == 1)
\r
818 $DATA = SQL_FETCHROW($result);
\r
819 SQL_FREERESULT($result);
\r
820 $DATA[0] = TRANSLATE_SEX($DATA[0]);
\r
824 foreach ($modes as $mode)
\r
828 case "normal": break; // Do not add any special lines
\r
830 case "email": // Email was changed!
\r
831 $content = MEMBER_CHANGED_EMAIL.": ".$_POST['old_addy']."\n";
\r
834 case "pass": // Password was changed
\r
835 $content = MEMBER_CHANGED_PASS."\n";
\r
839 $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n";
\r
844 if (EXT_IS_ACTIVE("country"))
\r
846 // Replace code with description
\r
847 $DATA[4] = COUNTRY_GENERATE_INFO($_POST['country_code']);
\r
851 $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);
\r
853 if ($CONFIG['admin_notify'] == "Y")
\r
855 // The admin needs to be notified about a profile change
\r
856 $msg_admin = "admin_mydata_notify";
\r
857 $sub_adm = ADMIN_CHANGED_DATA;
\r
861 // No mail to admin
\r
866 // Set subject lines
\r
867 $sub_mem = MEMBER_CHANGED_DATA;
\r
869 // Output success message
\r
870 $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
\r
874 $content = "<STRONG><SPAN class=\"member_failed\">".UNKNOWN_MODULE."</SPAN></STRONG>";
\r
880 // Could not load profile data
\r
881 $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
\r
886 // Passwords mismatch
\r
887 $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_PASSWORD_ERROR."</SPAN></STRONG>";
\r
892 // Could not load profile
\r
893 $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
\r
895 if ((!empty($sub_mem)) && (!empty($msg)))
\r
897 // Send member mail
\r
898 SEND_EMAIL($DATA[7], $sub_mem, $msg);
\r
900 if ((!empty($sub_adm)) && (!empty($msg_admin)))
\r
903 if (GET_EXT_VERSION("admins") >= "0.4.1")
\r
905 SEND_ADMIN_EMAILS_PRO($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
\r
909 SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid']));
\r
912 elseif ($CONFIG['admin_notify'] == "Y")
\r
914 // Cannot send mails to admin!
\r
915 $content = CANNOT_SEND_ADMIN_MAILS;
\r
919 // No mail to admin
\r
920 $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
\r
924 LOAD_TEMPLATE("admin_settings_saved", false, $content);
\r
926 // Update module counter
\r
927 function COUNT_MODULE($mod)
\r
931 // Do count all other modules but not accesses on CSS file css.php!
\r
932 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET clicks=clicks+1 WHERE module='%s' LIMIT 1",
\r
933 array($mod), __FILE__, __LINE__);
\r
936 // Get action value from mode (admin/guest/member) and what-value
\r
937 function GET_ACTION ($MODE, &$wht)
\r
939 global $ret; $ret = "";
\r
940 //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br>";
\r
941 if ((empty($wht)) && ($MODE != "admin"))
\r
945 if ($MODE == "admin")
\r
947 // Action value for admin area
\r
948 if (!empty($GLOBALS['action']))
\r
950 // Get it directly from URL
\r
951 return $GLOBALS['action'];
\r
953 elseif (($wht == "overview") || (empty($GLOBALS['what'])))
\r
955 // Default value for admin area
\r
959 elseif (!empty($GLOBALS['action']))
\r
961 // Fix welcome value
\r
962 if (empty($wht)) $wht = "welcome";
\r
963 return $GLOBALS['action'];
\r
967 // Everything else will be touched after checking the module has a menu assigned
\r
969 //* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";
\r
971 if (MODULE_HAS_MENU($MODE))
\r
973 // Rewriting modules to menu
\r
976 case "index": $MODE = "guest"; break;
\r
977 case "login": $MODE = "member"; break;
\r
981 // Guest and member menu is "main" as the default
\r
982 if (empty($ret)) $ret = "main";
\r
984 // Load from database
\r
985 $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1",
\r
986 array($MODE, $wht), __FILE__, __LINE__);
\r
987 if (SQL_NUMROWS($result) == 1)
\r
989 // Load action value and pray that this one is the right you want... ;-)
\r
990 list($ret) = SQL_FETCHROW($result);
\r
994 SQL_FREERESULT($result);
\r
997 // Return action value
\r
1001 function GET_CATEGORY ($cid)
\r
1003 $ret = _CATEGORY_404;
\r
1004 $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1", array($cid), __FILE__, __LINE__);
\r
1005 if (SQL_NUMROWS($result) == 1)
\r
1007 // Category found... :-)
\r
1008 list($ret) = SQL_FETCHROW($result);
\r
1009 SQL_FREERESULT($result);
\r
1014 function GET_PAYMENT ($pid, $full=false)
\r
1016 $ret = _PAYMENT_404;
\r
1017 $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($pid), __FILE__, __LINE__);
\r
1018 if (SQL_NUMROWS($result) == 1)
\r
1020 // Payment type found... :-)
\r
1023 // Return only title
\r
1024 list($ret) = SQL_FETCHROW($result);
\r
1025 SQL_FREERESULT($result);
\r
1029 // Return title and price
\r
1030 list($t, $p) = SQL_FETCHROW($result);
\r
1031 $ret = $t." / ".TRANSLATE_COMMA($p)." ".POINTS;
\r
1037 function GET_PAY_POINTS($pid, $DATA="price")
\r
1040 $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($DATA, $pid), __FILE__, __LINE__);
\r
1041 if (SQL_NUMROWS($result) == 1)
\r
1043 // Payment type found... :-)
\r
1044 list($ret) = SQL_FETCHROW($result);
\r
1045 SQL_FREERESULT($result);
\r
1049 // Remove a receiver's ID from $ARRAY and add a link for him to confirm
\r
1050 function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false)
\r
1055 // Remove entry from array
\r
1056 unset($ARRAY[$key]);
\r
1058 // Is there already a line for this user available?
\r
1059 if ($stats_id > 0)
\r
1061 // Only when we got a real stats ID continue searching for the entry
\r
1062 $TYPE = "NORMAL"; $ROW = "stats_id";
\r
1063 if ($bonus) { $TYPE = "BONUS"; $ROW = "bonus_id"; }
\r
1064 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",
\r
1065 array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
\r
1066 if (SQL_NUMROWS($result) == 0)
\r
1068 // No, so we add one!
\r
1069 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
\r
1070 array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
\r
1080 SQL_FREERESULT($result);
\r
1083 // Return status for sending routine
\r
1087 function GET_TOTAL_DATA($SEARCH, $TABLE, $DATA, $WHERE="userid", $ONLY_ROWS=false)
\r
1093 $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
\r
1094 array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
\r
1099 $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
\r
1100 array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
\r
1103 list($ret) = SQL_FETCHROW($result);
\r
1104 //* DEBUG: */ echo __LINE__."*".$DATA."/".$SEARCH."/".$TABLE."/".$ret."*<br />\n";
\r
1105 SQL_FREERESULT($result);
\r
1106 if (empty($ret)) {
\r
1107 if (($DATA == "counter") || ($DATA == "id")) {
\r
1117 * Dynamic referral system, can also send mails!
\r
1119 * uid = Referral ID wich should receive...
\r
1120 * points = ... xxx points
\r
1121 * send_notify = shall I send the referral an email or not?
\r
1122 * refid = inc/modules/guest/what-confirm.php need this
\r
1123 * locked = Shall I pay it to normal (false) or locked (true) points ammount?
\r
1124 * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
\r
1125 * will cause no referral will get points ever!!!)
\r
1127 function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
\r
1129 global $DEPTH, $_GET, $CONFIG, $DATA, $link;
\r
1131 // When $uid = 0 add points to jackpot
\r
1134 // Add points to jackpot
\r
1135 ADD_JACKPOT($points);
\r
1139 // Count up referral depth
\r
1140 if (empty($DEPTH))
\r
1142 // Initialialize referral system
\r
1147 // Increase referral level
\r
1151 // Which points, locked or normal?
\r
1152 $data = "points"; if ($locked) $data = "locked_points";
\r
1154 $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
\r
1155 array(bigintval($uid)), __FILE__, __LINE__);
\r
1156 if (SQL_NUMROWS($result_user) == 1)
\r
1158 // This is the user and his ref
\r
1159 list ($ref, $email) = SQL_FETCHROW($result_user);
\r
1160 SQL_FREERESULT($result_user);
\r
1161 $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
\r
1162 array(bigintval($DEPTH)), __FILE__, __LINE__);
\r
1163 if (SQL_NUMROWS($result) == 1)
\r
1165 list($per) = SQL_FETCHROW($result);
\r
1166 SQL_FREERESULT($result);
\r
1167 $P = $points * $per / 100;
\r
1169 // Update points...
\r
1170 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='%s' LIMIT 1",
\r
1171 array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
\r
1172 if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
\r
1174 // First ref in this level! :-)
\r
1175 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES ('%s', '%s', '%s')",
\r
1176 array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
\r
1179 // Update mediadata as well
\r
1180 if (GET_EXT_VERSION("mediadata") >= "0.0.4")
\r
1182 // Update database
\r
1183 MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);
\r
1186 // Points updated, maybe I shall send him an email?
\r
1187 if (($send_notify) && ($ref > 0) && (!$locked))
\r
1190 $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));
\r
1191 $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
\r
1193 SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
\r
1196 // Maybe there's another ref?
\r
1197 if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))
\r
1199 // Then let's credit him here...
\r
1200 ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
\r
1206 function UPDATE_REF_COUNTER($uid)
\r
1208 global $REF_LVL, $link, $CACHE;
\r
1209 // Make it sure referral level zero (member him-/herself) is at least selected
\r
1210 if (empty($REF_LVL)) $REF_LVL = "0";
\r
1213 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",
\r
1214 array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
\r
1216 // When no entry was updated then we have to create it here
\r
1217 if (SQL_AFFECTEDROWS($link) == 0)
\r
1220 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
\r
1221 array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
\r
1224 // Check for his referral
\r
1225 $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
1226 array(bigintval($uid)), __FILE__, __LINE__);
\r
1227 list($ref) = SQL_FETCHROW($result);
\r
1230 SQL_FREERESULT($result);
\r
1232 // When he has a referral...
\r
1233 if (($ref > 0) && ($ref != $uid))
\r
1235 // Move to next referral level and count his counter one up!
\r
1236 $REF_LVL++; UPDATE_REF_COUNTER($ref);
\r
1238 elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
\r
1240 // Remove cache here
\r
1241 if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();
\r
1245 function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
\r
1247 global $_COOKIE, $_SERVER, $link, $_GET, $CONFIG;
\r
1248 // Do not update online list when extension is deactivated
\r
1249 if (!EXT_IS_ACTIVE("online", true)) return;
\r
1251 // Initialize variables
\r
1252 $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N";
\r
1253 if (!empty($GLOBALS['userid']))
\r
1255 // Update member status only when userid is valid
\r
1256 if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN()))
\r
1259 $uid = $GLOBALS['userid'];
\r
1265 // Is administrator
\r
1268 if (!empty($_COOKIE['refid']))
\r
1271 if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];
\r
1275 $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online
\r
1276 WHERE sid='%s' LIMIT 1",
\r
1277 array($SID), __FILE__, __LINE__);
\r
1279 if (SQL_NUMROWS($result) == 1)
\r
1281 SQL_FREERESULT($result);
\r
1282 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
\r
1290 timestamp=UNIX_TIMESTAMP()
\r
1291 WHERE sid='%s' LIMIT 1",
\r
1301 ), __FILE__, __LINE__);
\r
1305 // No entry does exists so we simply add it!
\r
1306 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
\r
1307 array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
\r
1310 // Purge old entries
\r
1311 $TIMEOUT = time() - $CONFIG['online_timeout'];
\r
1312 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",
\r
1313 array($TIMEOUT), __FILE__, __LINE__);
\r
1315 // OBSULETE: Sends out mail to all administrators
\r
1316 function SEND_ADMIN_EMAILS($subj, $msg)
\r
1318 $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__);
\r
1319 while (list($email) = SQL_FETCHROW($result))
\r
1321 SEND_EMAIL($email, $subj, $msg);
\r
1323 // Really simple... ;-)
\r
1324 SQL_FREERESULT($result);
\r
1326 // Get ID number from administrator's login name
\r
1327 function GET_ADMIN_ID($login)
\r
1331 if (!empty($ADMINS['aid'][$login]))
\r
1334 $ret = $ADMINS['aid'][$login];
\r
1335 if (empty($ret)) $ret = "-1";
\r
1339 // Load from database
\r
1340 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
\r
1341 array($login), __FILE__, __LINE__);
\r
1342 if (SQL_NUMROWS($result) == 1)
\r
1344 list($ret) = SQL_FETCHROW($result);
\r
1345 SQL_FREERESULT($result);
\r
1351 // Get password hash from administrator's login name
\r
1352 function GET_ADMIN_HASH($login)
\r
1356 if (!empty($ADMINS['password'][$login]))
\r
1359 $ret = $ADMINS['password'][$login];
\r
1360 if (empty($ret)) $ret = "-1";
\r
1364 // Load from database
\r
1365 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
\r
1366 array($login), __FILE__, __LINE__);
\r
1367 if (SQL_NUMROWS($result) == 1)
\r
1369 list($ret) = SQL_FETCHROW($result);
\r
1370 SQL_FREERESULT($result);
\r
1376 function GET_ADMIN_LOGIN($aid)
\r
1380 if (!empty($ADMINS['login']['aid']))
\r
1383 if (!empty($ADMINS['login'][$aid])) $ret = $ADMINS['login'][$aid];
\r
1384 if (empty($ret)) $ret = "***";
\r
1388 // Load from database
\r
1389 $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
\r
1390 array(bigintval($aid)), __FILE__, __LINE__);
\r
1391 if (SQL_NUMROWS($result) == 1)
\r
1394 list($ret) = SQL_FETCHROW($result);
\r
1398 SQL_FREERESULT($result);
\r
1403 function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
\r
1406 if ($table == "/ARRAY/")
\r
1408 // Selection from array
\r
1409 if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name))
\r
1411 // Both are arrays
\r
1412 foreach ($id as $idx=>$value)
\r
1414 $ret .= "<OPTION value=\"".$value."\"";
\r
1415 if ($default == $value) $ret .= " selected checked";
\r
1416 $ret .= ">".$name[$idx]."</OPTION>\n";
\r
1422 // Data from database
\r
1424 if (!empty($special)) $SPEC = ", ".$special;
\r
1425 $ORDER = $name.$SPEC;
\r
1426 if ($table == "country") $ORDER = $special;
\r
1427 $result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM "._MYSQL_PREFIX."_%s ".$where." ORDER BY %s",
\r
1428 array($id, $ORDER, $table, $name), __FILE__, __LINE__);
\r
1429 if (SQL_NUMROWS($result) > 0)
\r
1431 // Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option
\r
1432 while (list($value, $title, $add) = SQL_FETCHROW($result))
\r
1434 if (empty($special)) $add = "";
\r
1435 $ret .= "<OPTION value=\"".$value."\"";
\r
1436 if ($default == $value) $ret .= " selected checked";
\r
1437 if (!empty($add)) $add = " (".$add.")";
\r
1438 $ret .= ">".$title.$add."</OPTION>\n";
\r
1442 SQL_FREERESULT($result);
\r
1447 $ret = "<OPTION value=\"x\">".SELECT_NONE."</OPTION>\n";
\r
1450 // Return - hopefully - the requested data
\r
1454 function ACTIVATE_EXCHANGE()
\r
1457 $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
\r
1458 if (SQL_NUMROWS($result) >= $CONFIG['activate_system'])
\r
1461 SQL_FREERESULT($result);
\r
1463 // Activate System
\r
1465 "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
\r
1466 "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
\r
1467 "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"
\r
1471 foreach ($SQLs as $sql)
\r
1473 $result = SQL_QUERY($sql, __FILE__, __LINE__);
\r
1480 function DELETE_USER_ACCOUNT($uid, $reason)
\r
1483 $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points
\r
1484 FROM "._MYSQL_PREFIX."_user_points AS p
\r
1485 LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
\r
1486 ON p.userid=d.userid
\r
1487 WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
\r
1488 if (SQL_NUMROWS($result) == 1)
\r
1490 // Save his points to add them to the jackpot
\r
1491 list($POINTS) = SQL_FETCHROW($result);
\r
1492 SQL_FREERESULT($result);
\r
1494 // Delete points entries as well
\r
1495 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
\r
1497 // Update mediadata as well
\r
1498 if (GET_EXT_VERSION("mediadata") >= "0.0.4")
\r
1500 // Update database
\r
1501 MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
\r
1504 // Now, when we have all his points adds them do the jackpot!
\r
1505 ADD_JACKPOT($POINTS);
\r
1508 // Delete category selections as well...
\r
1509 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",
\r
1510 array(bigintval($uid)), __FILE__, __LINE__);
\r
1512 // Remove from rallye if found
\r
1513 if (EXT_IS_ACTIVE("rallye"))
\r
1515 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",
\r
1516 array(bigintval($uid)), __FILE__, __LINE__);
\r
1519 // Now a mail to the user and that's all...
\r
1520 $msg = LOAD_EMAIL_TEMPLATE("del-user", stripslashes($reason), $uid);
\r
1521 SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
\r
1523 // Ok, delete the account!
\r
1524 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
\r
1527 function META_DESCRIPTION($mod, $wht)
\r
1529 global $CONFIG, $DEPTH;
\r
1530 if (($mod != "admin") && ($mod != "login"))
\r
1532 // Exclude admin and member's area
\r
1533 $DESCR = MAIN_TITLE." ".trim($CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);
\r
1535 OUTPUT_HTML ("<META name=\"description\" content=\"".$DESCR."\">\n");
\r
1539 function ADD_JACKPOT($points)
\r
1541 $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
\r
1542 if (SQL_NUMROWS($result) == 0)
\r
1545 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);
\r
1550 SQL_FREERESULT($result);
\r
1553 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points+%s WHERE ok='ok' LIMIT 1",
\r
1554 array($points), __FILE__, __LINE__);
\r
1558 function SUB_JACKPOT($points)
\r
1563 // Get current points
\r
1564 $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
\r
1565 if (SQL_NUMROWS($result) == 0)
\r
1568 $result = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '0.00000')", __FILE__, __LINE__);
\r
1573 SQL_FREERESULT($result);
\r
1576 list($jackpot) = SQL_FETCHROW($result);
\r
1577 if ($jackpot >= $points)
\r
1579 // Update points when there are enougth points in jackpot
\r
1580 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", array($points), __FILE__, __LINE__);
\r
1581 $ret = $jackpot - $points;
\r
1586 function IS_DEMO()
\r
1589 return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));
\r
1592 function LOAD_CONFIG($no="0")
\r
1594 global $CFG_CACHE, $CONFIG;
\r
1595 $CFG_DUMMY = false;
\r
1596 // Check for cache extension, cache-array and if the requested configuration is in cache
\r
1597 if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))
\r
1599 // Load config from cache
\r
1600 $CFG_DUMMY = array();
\r
1601 foreach ($CFG_CACHE as $element=>$cfgs)
\r
1603 $CFG_DUMMY[$element] = $cfgs[$no];
\r
1606 // Count cache hits
\r
1607 $CONFIG['cache_hits']++;
\r
1611 // Load config from DB
\r
1612 $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",
\r
1613 array(bigintval($no)), __FILE__, __LINE__);
\r
1614 $CFG_DUMMY = SQL_FETCHARRAY($result_config);
\r
1615 SQL_FREERESULT($result_config);
\r
1618 // Return config array
\r
1619 return $CFG_DUMMY;
\r
1621 // Gets the matching what name from module
\r
1622 function GET_WHAT($MOD_CHECK)
\r
1625 //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
\r
1626 switch ($MOD_CHECK)
\r
1629 $wht = "overview";
\r
1642 // Return what value
\r
1646 function MODULE_HAS_MENU($mod)
\r
1648 global $EXTENSIONS, $MODULES, $CONFIG;
\r
1650 // All is false by default
\r
1652 if (GET_EXT_VERSION("cache") >= "0.1.2")
\r
1654 if (isset($MODULES['has_menu'][$mod]))
\r
1656 // Check module cache and count hit
\r
1657 if ($MODULES['has_menu'][$mod] == "Y") $ret = true;
\r
1658 $CONFIG['cache_hits']++;
\r
1660 elseif (isset($EXTENSIONS['ext_menu'][$mod]))
\r
1662 // Check cache and count hit
\r
1663 if ($EXTENSIONS['ext_menu'][$mod] == "Y") $ret = true;
\r
1664 $CONFIG['cache_hits']++;
\r
1667 if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))
\r
1669 // Check database for entry
\r
1670 $result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",
\r
1671 array($mod), __FILE__, __LINE__);
\r
1672 if (SQL_NUMROWS($result) == 1)
\r
1674 list($has_menu) = SQL_FETCHROW($result);
\r
1675 if ($has_menu == "Y") $ret = true;
\r
1679 SQL_FREERESULT($result);
\r
1680 } elseif (GET_EXT_VERSION("sql_patches") == "") {
\r
1681 // No sql_patches installed, so maybe in admin area?
\r
1682 if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!
\r