<?php
/************************************************************************
- * MXChange v0.2.1 Start: 04/23/2005 *
- * =============== Last change: 05/18/2008 *
+ * Mailer v0.2.1-FINAL Start: 04/23/2005 *
+ * =================== Last change: 05/18/2008 *
* *
* -------------------------------------------------------------------- *
* File : sponsor_functions.php *
* Needs to be in all Files and every File needs "svn propset *
* svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
- * This program is free software. You can redistribute it and/or modify *
+ * This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License. *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
- require($INC);
+ die();
}
//
-function SPONSOR_HANDLE_SPONSOR (&$POST, $NO_UPDATE=false, $messageArray=array(), $RET_STATUS=false) {
+function handlSponsorRequest (&$postData, $update=false, $messageArray=array(), $RET_STATUS=false) {
// Init a lot variables
$SAVE = true;
$UPDATE = false;
// Skip these entries
$SKIPPED = array(
'ok', 'edit', 'terms', 'pay_type'
- );
+ );
- // Save sponsor data
- $DATA = array(
+ // Save sponsor data
+ $DATA = array(
'keys' => array(),
'values' => array()
- );
+ );
// Check if sponsor already exists
- foreach ($POST as $k => $v) {
+ foreach ($postData as $k => $v) {
if (!(array_search($k, $SKIPPED) > -1)) {
// Check only posted input entries not the submit button
switch ($k)
$SAVE = false;
} else {
// Do we want to add a new sponsor or update his data?
- $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1",
- array($POST['email']), __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE email='%s' LIMIT 1",
+ array($postData['email']), __FUNCTION__, __LINE__);
// Is a sponsor alread in the db?
if (SQL_NUMROWS($result) == 1) {
// Yes, he is!
- if (($GLOBALS['what'] == 'add_sponsor') || ($NO_UPDATE)) {
+ if ((getWhat() == 'add_sponsor') || ($update)) {
// Already found!
$ALREADY = true;
} else {
default:
// Test if there is are time selections
- convertSelectionsToTimestamp($POST, $DATA, $k, $skip);
+ convertSelectionsToTimestamp($postData, $DATA, $k, $skip);
break;
}
}
// Save sponsor?
- if ($SAVE) {
+ if ($SAVE === true) {
// Default is no force even when a guest want to abuse this force switch
- if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = 0;
+ if ((empty($postData['force'])) || (!isAdmin())) $postData['force'] = '0';
// SQL and message string is empty by default
$sql = ''; $message = '';
// Update?
if ($UPDATE) {
// Update his data
- $sql = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET ";
+ $sql = "UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET ";
foreach ($DATA['keys'] as $k => $v) {
$sql .= $v."='%s', ";
}
// Remove last ", " from SQL string
$sql = substr($sql, 0, -2)." WHERE `id`='%s' LIMIT 1";
- $DATA['values'][] = bigintval(REQUEST_GET('id'));
+ $DATA['values'][] = bigintval(getRequestElement('id'));
// Generate message
- $message = SPONSOR_GET_MESSAGE(ADMIN_SPONSOR_UPDATED, "updated", $messageArray);
+ $message = getMessageFromIndexedArray(getMessage('ADMIN_SPONSOR_UPDATED'), 'updated', $messageArray);
$ret = "updated";
- } elseif ((!$ALREADY) || (($POST['force'] == '1') && (IS_ADMIN()))) {
+ } elseif (($ALREADY === false) || (($postData['force'] == 1) && (isAdmin()))) {
// Add new sponsor, first add more data
- $DATA['keys'][] = "sponsor_created"; $DATA['values'][] = time();
+ $DATA['keys'][] = 'sponsor_created'; $DATA['values'][] = time();
$DATA['keys'][] = 'status';
- if ((!$NO_UPDATE) && (IS_ADMIN()) && ($GLOBALS['what'] == "add_sponsor")) {
+ if (($update === true) && (isAdmin()) && (getWhat() == 'add_sponsor')) {
// Only allowed for admin
$DATA['values'][] = 'PENDING';
} else {
$DATA['values'][] = 'UNCONFIRMED';
// Generate hash code
- $DATA['keys'][] = "hash";
- $DATA['values'][] = md5(session_id().':'.$POST['email'].':'.detectRemoteAddr().':'.detectUserAgent().':'.time());
- $DATA['keys'][] = "remote_addr";
+ $DATA['keys'][] = 'hash';
+ $DATA['values'][] = md5(session_id().':'.$postData['email'].':'.detectRemoteAddr().':'.detectUserAgent().':'.time());
+ $DATA['keys'][] = 'remote_addr';
$DATA['values'][] = detectRemoteAddr();
}
// Implode all data into strings
- $KEYS = implode(", " , $DATA['keys']);
+ $KEYS = implode("`, `" , $DATA['keys']);
$valueS = str_repeat("%s', '", count($DATA['values']) - 1);
// Generate string
- $sql = "INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$valueS."%s')";
+ $sql = "INSERT INTO `{?_MYSQL_PREFIX?}_sponsor_data` (`".$KEYS."`) VALUES ('".$valueS."%s')";
// Generate message
- $message = SPONSOR_GET_MESSAGE(getMessage('ADMIN_SPONSOR_ADDED'), "added", $messageArray);
- $ret = "added";
- } elseif ((!$NO_UPDATE) && (IS_ADMIN())) {
+ $message = getMessageFromIndexedArray(getMessage('ADMIN_SPONSOR_ADDED'), "added", $messageArray);
+ $ret = 'added';
+ } elseif (($update === true) && (isAdmin())) {
// Add all data as hidden data
$OUT = '';
- foreach ($POST as $k => $v) {
+ foreach ($postData as $k => $v) {
// Do not add 'force' !
- if ($k != "force") {
- $OUT .= "<input type=\"hidden\" name=\"".$k."\" value=\"".stripslashes($v)."\" />\n";
- }
- }
- define('__HIDDEN_DATA', $OUT);
- define('__EMAIL' , $POST['email']);
+ if ($k != 'force') {
+ $OUT .= "<input type=\"hidden\" name=\"" . secureString($k) . "\" value=\"" . SQL_ESCAPE($v) . "\" />\n";
+ } // END - if
+ } // END - foreach
+
+ // Remember data
+ $content['hidden'] = $OUT;
+ $content['email'] = $postData['email'];
// Ask for adding a sponsor with same email address
- LOAD_TEMPLATE("admin_add_sponsor_already");
+ loadTemplate('admin_add_sponsor_already', false, $content);
return;
} else {
// Already added!
- $message = sprintf(getMessage('SPONSOR_ALREADY_FOUND', $POST['email']));
- $ret = "already";
+ $message = sprintf(getMessage('SPONSOR_ALREADY_FOUND'), $postData['email']);
+ $ret = 'already';
}
if (!empty($sql)) {
} // END - if
// Output message
- if ((!$NO_UPDATE) && (IS_ADMIN())) {
- LOAD_TEMPLATE('admin_settings_saved', false, $message);
+ if (($update === true) && (isAdmin())) {
+ loadTemplate('admin_settings_saved', false, $message);
} // END - if
} else {
// Error found!
- $message = SPONSOR_GET_MESSAGE(getMessage('SPONSOR_DATA_NOT_SAVED'), 'failed', $messageArray);
- LOAD_TEMPLATE('admin_settings_saved', false, $message);
+ $message = getMessageFromIndexedArray(getMessage('SPONSOR_DATA_NOT_SAVED'), 'failed', $messageArray);
+ loadTemplate('admin_settings_saved', false, $message);
}
// Shall we return the status?
if ($RET_STATUS === true) return $ret;
}
+
//
function sponsorTranslateUserStatus ($status) {
// Construct constant name
$ret = constant($constantName);
} else {
// Not found!
- DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status));
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status));
$ret = sprintf(getMessage('UNKNOWN_STATUS'), $status);
}
return $ret;
}
+
// Search for an email address in the database
-function SPONSOR_FOUND_EMAIL_DB ($email) {
+function isSponsorRegisteredWithEmail ($email) {
// Do we already have the provided email address in our DB?
- $ret = (GET_TOTAL_DATA($email, "sponsor_data", 'id', 'email', true) == 1);
-
- // Return result
- return $ret;
-}
-//
-function SPONSOR_GET_MESSAGE ($msg, $pos, $array) {
- // Check if the requested message was found in array
- if (isset($array[$pos])) {
- // ... if yes then use it!
- $ret = $array[$pos];
- } else {
- // ... else use default message
- $ret = $msg;
- }
+ $ret = (countSumTotalData($email, 'sponsor_data', 'id', 'email', true) == 1);
// Return result
return $ret;
}
-//
-function IS_SPONSOR () {
+// Wether the current user is a sponsor
+function isSponsor () {
// Failed...
$ret = false;
if ((isSessionVariableSet('sponsorid')) && (isSessionVariableSet('sponsorpass'))) {
// Check cookies against database records...
- $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE `id`='%s' AND password='%s' AND `status`='CONFIRMED' LIMIT 1",
- array(bigintval(getSession('sponsorid')), getSession('sponsorpass')), __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT
+ `id`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `id`='%s' AND `password`='%s' AND `status`='CONFIRMED'
+LIMIT 1",
+ array(
+ bigintval(getSession('sponsorid')),
+ getSession('sponsorpass')
+ ), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// All is fine
$ret = true;
- }
+ } // END - if
// Free memory
SQL_FREERESULT($result);
- }
+ } // END - if
// Return status
return $ret;
}
+
//
-function GENERATE_SPONSOR_MENU($current)
-{
+function addSponsorMenu ($current) {
$OUT = '';
$WHERE = " AND active='Y'";
- if (IS_ADMIN()) $WHERE = '';
+ if (isAdmin()) $WHERE = '';
// Load main menu entries
- $result_main = SQL_QUERY("SELECT action AS main_action, title AS main_title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+ $result_main = SQL_QUERY("SELECT action AS main_action, title AS main_title FROM `{?_MYSQL_PREFIX?}_sponsor_menu`
WHERE (`what`='' OR `what` IS NULL) ".$WHERE."
ORDER BY `sort`", __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result_main) > 0) {
// Load every menu and it's sub menus
while ($content = SQL_FETCHARRAY($result_main)) {
// Load sub menus
- $result_sub = SQL_QUERY_ESC("SELECT what AS sub_what, title AS sub_title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+ $result_sub = SQL_QUERY_ESC("SELECT what AS sub_what, title AS sub_title FROM `{?_MYSQL_PREFIX?}_sponsor_menu`
WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$WHERE."
ORDER BY `sort`",
array($content['main_action']), __FUNCTION__, __LINE__);
);
// Load row template
- $SUB .= LOAD_TEMPLATE("sponsor_what", true, $content);
+ $SUB .= loadTemplate('sponsor_what', true, $content);
}
// Prepare data for the main template
);
// Load menu template
- $OUT .= LOAD_TEMPLATE("sponsor_action", true, $content);
+ $OUT .= loadTemplate('sponsor_action', true, $content);
} else {
// No sub menus active
- $OUT .= LOAD_TEMPLATE('admin_settings_saved', true, getMessage('SPONSOR_NO_SUB_MENUS_ACTIVE'));
+ $OUT .= loadTemplate('admin_settings_saved', true, getMessage('SPONSOR_NO_SUB_MENUS_ACTIVE'));
}
// Free memory
}
} else {
// No main menus active
- $OUT .= LOAD_TEMPLATE('admin_settings_saved', true, getMessage('SPONSOR_NO_MAIN_MENUS_ACTIVE'));
+ $OUT .= loadTemplate('admin_settings_saved', true, getMessage('SPONSOR_NO_MAIN_MENUS_ACTIVE'));
}
// Free memory
}
//
-function GENERATE_SPONSOR_CONTENT ($what) {
+function addSponsorContent ($what) {
$OUT = '';
$INC = sprintf("inc/modules/sponsor/%s.php", $what);
if (isIncludeReadable($INC)) {
loadIncludeOnce($INC);
} else {
// File not found!
- $OUT .= LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_CONTENT_404'), $what));
+ $OUT .= loadTemplate('admin_settings_saved', true, sprintf(getMessage('SPONSOR_CONTENT_404'), $what));
}
// Return content
}
//
-function UPDATE_SPONSOR_LOGIN () {
+function updateSponsorLogin () {
// Failed by default
$login = false;
// Is sponsor?
- if (IS_SPONSOR()) {
+ if (isSponsor()) {
// Update last online timestamp
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data`
-SET last_online=UNIX_TIMESTAMP()
-WHERE `id`='%s' AND password='%s' LIMIT 1",
- array(bigintval(getSession('sponsorid')), getSession('sponsorpass')), __FUNCTION__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data`
+SET `last_online`=UNIX_TIMESTAMP()
+WHERE `id`='%s' AND `password`='%s' LIMIT 1",
+ array(
+ bigintval(getSession('sponsorid')),
+ getSession('sponsorpass')
+ ), __FUNCTION__, __LINE__);
// This update went fine?
$login = (SQL_AFFECTEDROWS() == 1);
// Return status
return $login;
}
-//
-function SPONSOR_SAVE_DATA ($POST, $content) {
+
+// Saves sponsor's data
+function saveSponsorData ($postData, $content) {
$EMAIL = false;
// Unsecure data which we don't want
$message = getMessage('SPONSOR_ACCOUNT_DATA_NOT_SAVED');
// Check for submitted passwords
- if ((!empty($POST['pass1'])) && (!empty($POST['pass2']))) {
+ if ((!empty($postData['pass1'])) && (!empty($postData['pass2']))) {
// Are both passwords the same?
- if ($POST['pass1'] == $POST['pass2']) {
+ if ($postData['pass1'] == $postData['pass2']) {
// Okay, then set password and remove pass1 and pass2
- $POST['password'] = md5($POST['pass1']);
+ $postData['password'] = md5($postData['pass1']);
} // END - if
} // END - if
// Remove all (maybe spoofed) unsafe data from array
foreach ($UNSAFE as $remove) {
- unset($POST[$remove]);
+ unset($postData[$remove]);
} // END - foreach
// This array is for the submitted data which we will use with the SQL_QUERY_ESC() function to
$DATA = array();
// Prepare SQL string
- $sql = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET";
- foreach ($POST as $key => $value) {
+ $sql = "UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET";
+ foreach ($postData as $key => $value) {
// Mmmmm, too less security here???
- $sql .= " ".strip_tags($key)."='%s',";
+ $sql .= " `".secureString($key)."`='%s',";
// We will secure this later inside the SQL_QUERY_ESC() function
- $DATA[] = strip_tags($value);
-
- // Compile {SLASH} and so on for the email templates
- $POST[$key] = COMPILE_CODE($value);
+ $DATA[] = secureString($value);
} // END - foreach
// Check if email has changed
- if ((!empty($content['email'])) && (!empty($POST['email']))) {
- if ($content['email'] != $POST['email']) {
+ if ((!empty($content['email'])) && (!empty($postData['email']))) {
+ if ($content['email'] != $postData['email']) {
// Change email address
$EMAIL = true;
// Okay, has changed then add status with UNCONFIRMED and new hash code
- $sql .= " `status`='EMAIL', hash='%s',";
+ $sql .= " `status`='EMAIL', `hash`='%s',";
// Generate hash code
- $HASH = md5(session_id().':'.$POST['email'].':'.detectRemoteAddr().':'.detectUserAgent().':'.time());
+ $HASH = md5(session_id().':'.$postData['email'].':'.detectRemoteAddr().':'.detectUserAgent().':'.time());
$DATA[] = $HASH;
} // END - if
} // END - if
$DATA[] = getSession('sponsorpass');
// Saving data was completed... ufff...
- switch ($GLOBALS['what'])
+ switch (getWhat())
{
- case "account": // Change account data
+ case 'account': // Change account data
if ($EMAIL === true) {
$message = getMessage('SPONSOR_ACCOUNT_EMAIL_CHANGED');
- $templ = "admin_sponsor_change_email";
+ $templ = 'admin_sponsor_change_email';
$subj = getMessage('ADMIN_SPONSOR_ACC_EMAIL_SUBJ');
} else {
$message = getMessage('SPONSOR_ACCOUNT_DATA_SAVED');
- $templ = "admin_sponsor_change_data";
+ $templ = 'admin_sponsor_change_data';
$subj = getMessage('ADMIN_SPONSOR_ACC_DATA_SUBJ');
}
break;
- case "settings": // Change settings
+ case 'settings': // Change settings
// Translate some data
$content['receive'] = translateYesNo($content['receive_warnings']);
$content['interval'] = createFancyTime($content['warning_interval']);
// Set message template and subject for admin
$message = getMessage('SPONSOR_SETTINGS_SAVED');
- $templ = "admin_sponsor_settings";
+ $templ = 'admin_sponsor_settings';
$subj = getMessage('ADMIN_SPONSOR_SETTINGS_SUBJ');
break;
default: // Unknown sponsor what value!
- DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown sponsor module (what) %s detected.", $GLOBALS['what']));
- $message = sprintf(getMessage('SPONSOR_UNKNOWN_WHAT'), $GLOBALS['what']);
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown sponsor module (what) %s detected.", getWhat()));
+ $message = sprintf(getMessage('SPONSOR_UNKNOWN_WHAT'), getWhat());
$templ = ''; $subj = '';
break;
}
$result = SQL_QUERY_ESC($sql, $DATA, __FUNCTION__, __LINE__);
// Add all data to content
- global $DATA;
- $DATA = $POST;
+ $content['new_data'] = $postData;
// Change some data
- if (isset($content['gender'])) $content['gender'] = translateGender($content['gender']);
- if (isset($DATA['gender'])) $DATA['gender'] = translateGender($DATA['gender']);
- if (isset($content['receive_warnings'])) $DATA['receive'] = translateYesNo($POST['receive_warnings']);
- if (isset($content['warning_interval'])) $DATA['interval'] = createFancyTime($POST['warning_interval']);
+ if (isset($content['gender'])) $content['gender'] = translateGender($content['gender']);
+ if (isset($content['new_data']['gender'])) $content['new_data']['gender'] = translateGender($content['new_data']['gender']);
+ if (isset($content['receive_warnings'])) $content['new_data']['receive'] = translateYesNo($content['new_data']['receive_warnings']);
+ if (isset($content['warning_interval'])) $content['new_data']['interval'] = createFancyTime($content['new_data']['warning_interval']);
// Send email to admins
sendAdminNotification($subj, $templ, $content);
// to the old address
// First to old address
- switch ($GLOBALS['what'])
+ switch (getWhat())
{
- case "account": // Change account data
- $email_msg = LOAD_EMAIL_TEMPLATE("sponsor_change_data", $content);
+ case 'account': // Change account data
+ $email_msg = loadEmailTemplate('sponsor_change_data', $content);
sendEmail($content['email'], getMessage('SPONSOR_ACC_DATA_SUBJ'), $email_msg);
if ($EMAIL === true) {
$content['hash'] = $HASH;
// Second mail goes to the new address
- $email_msg = LOAD_EMAIL_TEMPLATE("sponsor_change_email", $content);
+ $email_msg = loadEmailTemplate('sponsor_change_email', $content);
sendEmail($content['email'], getMessage('SPONSOR_ACC_EMAIL_SUBJ'), $email_msg);
}
break;
- case "settings": // Change settings
+ case 'settings': // Change settings
// Send email
- $email_msg = LOAD_EMAIL_TEMPLATE("sponsor_settings", $content);
+ $email_msg = loadEmailTemplate('sponsor_settings', $content);
sendEmail($content['email'], getMessage('SPONSOR_SETTINGS_SUBJ'), $email_msg);
break;
}
return $message;
}
-//
+// [EOF]
?>