2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 10/24/2003 *
4 * =================== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : frametester.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Test your website against frame killers *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Testet die Mitgliedsseite gegen Frame-Killer *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * -------------------------------------------------------------------- *
18 * Copyright (c) 2003 - 2009 by Roland Haeder *
19 * Copyright (c) 2009 - 2012 by Mailer Developer Team *
20 * For more information visit: http://mxchange.org *
22 * This program is free software; you can redistribute it and/or modify *
23 * it under the terms of the GNU General Public License as published by *
24 * the Free Software Foundation; either version 2 of the License, or *
25 * (at your option) any later version. *
27 * This program is distributed in the hope that it will be useful, *
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
30 * GNU General Public License for more details. *
32 * You should have received a copy of the GNU General Public License *
33 * along with this program; if not, write to the Free Software *
34 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
36 ************************************************************************/
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
45 if (isGetRequestElementSet('order')) {
46 // Order number placed, is he also logged in?
48 // Ok, test passed... :)
49 $result = SQL_QUERY_ESC("SELECT `subject`, `url` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1",
50 array(bigintval(getRequestElement('order')), getMemberId()), __FILE__, __LINE__);
52 // Finally is the entry valid?
53 if (SQL_NUMROWS($result) == 1) {
54 // Load subject and URL (but forwhat do we need the subject line here???
55 list($sub, $url) = SQL_FETCHROW($result);
57 // This fixes a white page
58 setPostRequestElement('url', $url);
63 // Matching line not found
64 redirectToUrl('modules.php?module=index&what=login');
68 SQL_FREERESULT($result);
70 // He is no longer logged in
71 redirectToUrl('modules.php?module=index&what=login');
75 if ((isPostRequestElementSet('url')) || (isGetRequestElementSet('url')) || (!isFullPage())) {
76 // Default URL is ours
79 // Use URL from POST or GET data if set
80 if (isPostRequestElementSet('url')) {
81 // POST data comes first
82 $url = postRequestElement('url');
83 } elseif (isGetRequestElementSet('url')) {
85 $url = decodeString(str_replace(' ', '+', compileUriCode(urldecode(getRequestElement('url')))));
88 // Add missing element
91 $frame = getRequestElement('frame');
95 // @TODO Rewrite this somehow
101 $content['order'] = bigintval(getRequestElement('order'));
102 $content['url'] = generateDereferrerUrl($url);
103 loadTemplate('member_order_frametester', FALSE, $content);
107 $content['url'] = generateDereferrerUrl($url);
108 loadTemplate('guest_frametester', FALSE, $content);
114 displayMessage('{--GUEST_FRAMETESTER_TOP--}');
117 case 'back': // Back buttom
118 loadTemplate('member_order_back', FALSE, getRequestElement('order'));
121 case 'send': // Send mail away
122 loadTemplate('member_order_send', FALSE, getRequestElement('order'));
127 redirectToUrl('modules.php?module=login');