2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 06/10/2005 *
4 * =================== Last change: 05/18/2008 *
6 * -------------------------------------------------------------------- *
7 * File : what-sponsor_login.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Login form and password resending for sponsor *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Loginformular und Neues Passwort fuer Sponsor *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2009 by Roland Haeder *
21 * Copyright (c) 2009, 2010 by Mailer Developer Team *
22 * For more information visit: http://www.mxchange.org *
24 * This program is free software; you can redistribute it and/or modify *
25 * it under the terms of the GNU General Public License as published by *
26 * the Free Software Foundation; either version 2 of the License, or *
27 * (at your option) any later version. *
29 * This program is distributed in the hope that it will be useful, *
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
32 * GNU General Public License for more details. *
34 * You should have received a copy of the GNU General Public License *
35 * along with this program; if not, write to the Free Software *
36 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
38 ************************************************************************/
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
45 // Add description as navigation point
46 addMenuDescription('guest', __FILE__);
48 if ((!isExtensionActive('sponsor'))) {
49 loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('sponsor'));
54 if (isGetRequestParameterSet('mode')) {
55 // A "special" mode of the login system was requested
56 switch (getRequestParameter('mode')) {
57 case 'activate' : $mode = 'activate'; break; // Activation link requested
58 case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
62 // Check if hash for confirmation of email address is given...
63 if (isGetRequestParameterSet('hash')) {
65 $result = SQL_QUERY_ESC("SELECT
66 `id`, `status`, `gender`, `surname`, `family`,
67 `company`, `position`, `tax_ident`,
68 `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
69 `points_amount` AS points, `last_pay` AS pay, `last_curr` AS curr
71 `{?_MYSQL_PREFIX?}_sponsor_data`
74 `status`='UNCONFIRMED' OR
77 LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__);
78 if (SQL_NUMROWS($result) == 1) {
79 // Sponsor found, load his data...
80 $data = SQL_FETCHARRAY($result);
82 // Unconfirmed account or changed email address?
83 if ($data['status'] == 'UNCONFIRMED') {
84 // Set account to pending
86 `{?_MYSQL_PREFIX?}_sponsor_data`
93 `status`='UNCONFIRMED'
96 bigintval($data['id']),
97 getRequestParameter('hash')
98 ), __FILE__, __LINE__);
101 if (SQL_AFFECTEDROWS() == 1) {
102 // Prepare mail and send it to the sponsor
103 $message = loadEmailTemplate('sponsor_pending', $data);
104 sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message);
106 // Send email to admin
107 sendAdminNotification('{--ADMIN_NEW_SPONSOR--}', 'admin_sponsor_pending', $data);
109 // Sponsor account set to pending
110 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_IS_PENDING--}');
112 // Could not unlock account!
113 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_PENDING_FAILED--}');
115 } elseif ($data['status'] == 'EMAIL') {
116 // Changed email adress need to be confirmed
117 SQL_QUERY_ESC("UPDATE
118 `{?_MYSQL_PREFIX?}_sponsor_data`
120 `status`='CONFIRMED',
127 array(bigintval($data['id']), getRequestParameter('hash')), __FILE__, __LINE__);
130 if (SQL_AFFECTEDROWS() == 1) {
131 // Sponsor account is unlocked again
132 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}');
134 // Could not unlock account!
135 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_EMAIL_FAILED--}');
138 /// ??? Other status?
139 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_STATUS_FAILED--}');
143 loadTemplate('admin_settings_saved', false, getMaskedMessage('SPONSOR_ACCOUNT_404', getRequestParameter('hash')));
147 SQL_FREERESULT($result);
148 } elseif ($mode == 'activate') {
149 // Send activation link again
151 // Check submitted data
152 if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok');
157 $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
158 FROM `{?_MYSQL_PREFIX?}_sponsor_data`
159 WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
160 array(postRequestParameter('email')), __FILE__, __LINE__);
163 if (SQL_NUMROWS($result) == 1) {
164 // Unconfirmed sponsor account found so let's load the requested data
165 $data = SQL_FETCHARRAY($result);
167 // Translate some data
168 $data['sponsor_created'] = generateDateTime($data['sponsor_created']);
170 // Prepare email and send it to the sponsor
171 if ($data['status'] == 'UNCONFIRMED') {
172 // Unconfirmed accounts
173 $message_sponsor = loadEmailTemplate('sponsor_activate', $data);
175 // Confirmed email address
176 $message_sponsor = loadEmailTemplate('sponsor_email', $data);
178 sendEmail(postRequestParameter('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor);
181 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACTIVATION_LINK_SENT--}');
183 // No account found or not UNCONFIRMED
184 loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACTIVATION_LINK_404--}');
188 SQL_FREERESULT($result);
191 loadTemplate('guest_sponsor_activate');
193 } elseif ($mode == 'lost_pass') {
196 // Check submitted data
197 if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok');
202 $result = SQL_QUERY_ESC("SELECT
203 `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
205 `{?_MYSQL_PREFIX?}_sponsor_data`
211 array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__);
214 if (SQL_NUMROWS($result) == 1) {
215 // Unconfirmed sponsor account found so let's load the requested data
216 $DATA = SQL_FETCHARRAY($result);
218 // Translate some data
219 $DATA['gender'] = translateGender($DATA['gender']);
220 $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']);
223 $DATA['password'] = generatePassword();
225 // Prepare email and send it to the sponsor
226 $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA);
227 sendEmail(postRequestParameter('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor);
230 SQL_QUERY_ESC("UPDATE
231 `{?_MYSQL_PREFIX?}_sponsor_data`
237 array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
240 loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOST_PASSWORD_SENT--}');
242 // No account found or not UNCONFIRMED
243 loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOST_PASSWORD_404--}');
247 SQL_FREERESULT($result);
250 loadTemplate('guest_sponsor_lost');
252 } elseif (isFormSent()) {
253 // Check status and login data ...
254 $result = SQL_QUERY_ESC("SELECT
257 `{?_MYSQL_PREFIX?}_sponsor_data`
263 bigintval(postRequestParameter('sponsor_id')),
264 md5(postRequestParameter('password'))
265 ), __FILE__, __LINE__);
267 if (SQL_NUMROWS($result) == 1) {
268 // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
269 list($status) = SQL_FETCHROW($result);
270 if ($status == 'CONFIRMED') {
271 // Is confirmed so both is fine and we can continue with login procedure
272 $login = ((setSession('sponsor_id' , bigintval(postRequestParameter('sponsor_id')))) &&
273 (setSession('sponsorpass', md5(postRequestParameter('password')) ))
276 if ($login === true) {
277 // Cookie setup successfull so we can forward to sponsor area
278 redirectToUrl('modules.php?module=sponsor');
280 // Cookie setup failed!
281 loadTemplate('admin_settings_saved', false, '{--SPONSPOR_COOKIE_SETUP_FAILED--}');
283 // Login formular and other links
284 loadTemplate('guest_sponsor_login');
287 // Status is not fine
288 loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '--}');
290 // Login formular and other links
291 loadTemplate('guest_sponsor_login');
294 // Account missing or wrong pass! We shall not find this out for the "cracker folks"...
295 loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOGIN_FAILED_404_WRONG_PASS--}');
297 // Login formular and other links
298 loadTemplate('guest_sponsor_login');
302 SQL_FREERESULT($result);
304 // Login formular and other links
305 loadTemplate('guest_sponsor_login');