2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 06/10/2005 *
4 * =================== Last change: 05/18/2008 *
6 * -------------------------------------------------------------------- *
7 * File : what-sponsor_login.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Login form and password resending for sponsor *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Loginformular und Neues Passwort fuer Sponsor *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * -------------------------------------------------------------------- *
18 * Copyright (c) 2003 - 2009 by Roland Haeder *
19 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
20 * For more information visit: http://mxchange.org *
22 * This program is free software; you can redistribute it and/or modify *
23 * it under the terms of the GNU General Public License as published by *
24 * the Free Software Foundation; either version 2 of the License, or *
25 * (at your option) any later version. *
27 * This program is distributed in the hope that it will be useful, *
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
30 * GNU General Public License for more details. *
32 * You should have received a copy of the GNU General Public License *
33 * along with this program; if not, write to the Free Software *
34 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
36 ************************************************************************/
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
43 // Add description as navigation point
44 addYouAreHereLink('guest', __FILE__);
46 if ((!isExtensionActive('sponsor'))) {
47 displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=sponsor%}');
49 } elseif (isSponsor()) {
50 // Is already a logged-in sponsor
51 redirectToUrl('modules.php?module=sponsor');
55 if (isGetRequestElementSet('do')) {
56 // A "special" mode of the login system was requested
57 switch (getRequestElement('do')) {
58 case 'activate' : $mode = 'activate'; break; // Activation link requested
59 case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
63 // Check if hash for confirmation of email address is given...
64 if (isGetRequestElementSet('hash')) {
66 $result = SQL_QUERY_ESC("SELECT
67 `id`, `status`, `gender`, `surname`, `family`,
68 `company`, `position`, `tax_ident`,
69 `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
70 `points_amount` AS `points`, `last_payment`, `last_currency`
72 `{?_MYSQL_PREFIX?}_sponsor_data`
75 `status`='UNCONFIRMED' OR
78 LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__);
79 if (SQL_NUMROWS($result) == 1) {
80 // Sponsor found, load his data...
81 $data = SQL_FETCHARRAY($result);
83 // Unconfirmed account or changed email address?
84 if ($data['status'] == 'UNCONFIRMED') {
85 // Set account to pending
87 `{?_MYSQL_PREFIX?}_sponsor_data`
94 `status`='UNCONFIRMED'
97 bigintval($data['id']),
98 getRequestElement('hash')
99 ), __FILE__, __LINE__);
102 if (!SQL_HASZEROAFFECTED()) {
103 // Prepare mail and send it to the sponsor
104 $message = loadEmailTemplate('sponsor_pending', $data);
105 sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message);
107 // Send email to admin
108 sendAdminNotification('{--ADMIN_NEW_SPONSOR--}', 'admin_sponsor_pending', $data);
110 // Sponsor account set to pending
111 displayMessage('{--SPONSOR_ACCOUNT_IS_PENDING--}');
113 // Could not unlock account!
114 displayMessage('{--SPONSOR_ACCOUNT_PENDING_FAILED--}');
116 } elseif ($data['status'] == 'EMAIL') {
117 // Changed email adress need to be confirmed
118 SQL_QUERY_ESC("UPDATE
119 `{?_MYSQL_PREFIX?}_sponsor_data`
121 `status`='CONFIRMED',
128 array(bigintval($data['id']), getRequestElement('hash')), __FILE__, __LINE__);
131 if (!SQL_HASZEROAFFECTED()) {
132 // Sponsor account is unlocked again
133 displayMessage('{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}');
135 // Could not unlock account!
136 displayMessage('{--SPONSOR_ACCOUNT_EMAIL_FAILED--}');
140 displayMessage('{--SPONSOR_ACCOUNT_STATUS_FAILED--}');
144 displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestElement('hash') . '%}');
148 SQL_FREERESULT($result);
149 } elseif ($mode == 'activate') {
150 // Send activation link again
151 if (isFormSent('login')) {
152 // Check submitted data
153 if (!isPostRequestElementSet('email')) unsetPostRequestElement('login');
156 if (isFormSent('login')) {
158 $result = SQL_QUERY_ESC("SELECT
166 UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
168 `{?_MYSQL_PREFIX?}_sponsor_data`
170 '%s' REGEXP `email` AND
171 (`status`='UNCONFIRMED' OR `status`='EMAIL')
173 array(postRequestElement('email')), __FILE__, __LINE__);
176 if (SQL_NUMROWS($result) == 1) {
177 // Unconfirmed sponsor account found so let's load the requested data
178 $data = SQL_FETCHARRAY($result);
180 // Translate some data
181 $data['sponsor_created'] = generateDateTime($data['sponsor_created']);
183 // Prepare email and send it to the sponsor
184 if ($data['status'] == 'UNCONFIRMED') {
185 // Unconfirmed accounts
186 $message_sponsor = loadEmailTemplate('sponsor_activate', $data);
188 // Confirmed email address
189 $message_sponsor = loadEmailTemplate('sponsor_email', $data);
191 sendEmail(postRequestElement('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor);
194 displayMessage('{--SPONSOR_ACTIVATION_LINK_SENT--}');
196 // No account found or not UNCONFIRMED
197 displayMessage('{--SPONSOR_ACTIVATION_LINK_404--}');
201 SQL_FREERESULT($result);
204 loadTemplate('guest_sponsor_activate');
206 } elseif ($mode == 'lost_pass') {
208 if (isFormSent('login')) {
209 // Check submitted data
210 if (!isPostRequestElementSet('email')) unsetPostRequestElement('login');
213 if (isFormSent('login')) {
215 $result = SQL_QUERY_ESC("SELECT
222 UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
224 `{?_MYSQL_PREFIX?}_sponsor_data`
226 '%s' REGEXP `email` AND
230 array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__);
233 if (SQL_NUMROWS($result) == 1) {
234 // Unconfirmed sponsor account found so let's load the requested data
235 $content = SQL_FETCHARRAY($result);
237 // Generate password/translate some data
238 $content['password'] = generatePassword();
239 $content['sponsor_created'] = generateDateTime($content['sponsor_created']);
241 // Prepare email and send it to the sponsor
242 $message_sponsor = loadEmailTemplate('sponsor_lost', $content);
243 sendEmail(postRequestElement('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor);
246 SQL_QUERY_ESC("UPDATE
247 `{?_MYSQL_PREFIX?}_sponsor_data`
253 array(md5($content['password']), bigintval($content['id'])), __FILE__, __LINE__);
256 displayMessage('{--SPONSOR_LOST_PASSWORD_SENT--}');
258 // No account found or not UNCONFIRMED
259 displayMessage('{--SPONSOR_LOST_PASSWORD_404--}');
263 SQL_FREERESULT($result);
266 loadTemplate('guest_sponsor_lost');
268 } elseif (isFormSent('login')) {
269 // Check status and login data ...
270 $result = SQL_QUERY_ESC("SELECT
273 `{?_MYSQL_PREFIX?}_sponsor_data`
279 bigintval(postRequestElement('sponsor_id')),
280 md5(postRequestElement('password'))
281 ), __FILE__, __LINE__);
283 if (SQL_NUMROWS($result) == 1) {
284 // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
285 list($status) = SQL_FETCHROW($result);
286 if ($status == 'CONFIRMED') {
287 // Is confirmed so both is fine and we can continue with login procedure
288 $login = ((setSession('sponsor_id' , bigintval(postRequestElement('sponsor_id')))) &&
289 (setSession('sponsor_pass', md5(postRequestElement('password')) ))
292 if ($login === TRUE) {
293 // Cookie setup successfull so we can forward to sponsor area
294 redirectToUrl('modules.php?module=sponsor');
296 // Cookie setup failed!
297 displayMessage('{--SPONSOR_COOKIE_SETUP_FAILED--}');
299 // Login formular and other links
300 loadTemplate('guest_sponsor_login');
303 // Status is not fine
304 displayMessage('{--SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '--}');
306 // Login formular and other links
307 loadTemplate('guest_sponsor_login');
310 // Account missing or wrong pass! We shall not find this out for the "cracker folks"...
311 displayMessage('{--SPONSOR_LOGIN_FAILED_404_WRONG_PASS--}');
313 // Login formular and other links
314 loadTemplate('guest_sponsor_login');
318 SQL_FREERESULT($result);
320 // Login formular and other links
321 loadTemplate('guest_sponsor_login');