* *
* -------------------------------------------------------------------- *
* File : what-sponsor_login.php *
* *
* -------------------------------------------------------------------- *
* File : what-sponsor_login.php *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
case 'activate' : $mode = 'activate'; break; // Activation link requested
case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
} // END - switch
} // END - if
// Check if hash for confirmation of email address is given...
case 'activate' : $mode = 'activate'; break; // Activation link requested
case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
} // END - switch
} // END - if
// Check if hash for confirmation of email address is given...
// Lookup sponsor
$result = SQL_QUERY_ESC("SELECT
`id`, `status`, `gender`, `surname`, `family`,
`company`, `position`, `tax_ident`,
`street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
// Lookup sponsor
$result = SQL_QUERY_ESC("SELECT
`id`, `status`, `gender`, `surname`, `family`,
`company`, `position`, `tax_ident`,
`street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
- `hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL')
-LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__);
+ `hash`='%s' AND (
+ `status`='UNCONFIRMED' OR
+ `status`='EMAIL'
+ )
+LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Sponsor found, load his data...
if (SQL_NUMROWS($result) == 1) {
// Sponsor found, load his data...
- $SPONSOR = SQL_FETCHARRAY($result);
-
- // Translate gender and comma
- $SPONSOR['gender'] = translateGender($SPONSOR['gender']);
- $SPONSOR['points'] = translateComma($SPONSOR['points']);
- $SPONSOR['pay'] = translateComma($SPONSOR['pay']);
+ $data = SQL_FETCHARRAY($result);
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='PENDING'
-WHERE `id`='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1",
- array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `status`='PENDING',
+ `hash`=NULL
+WHERE
+ `id`=%s AND
+ `hash`='%s' AND
+ `status`='UNCONFIRMED'
+LIMIT 1",
+ array(
+ bigintval($data['id']),
+ getRequestParameter('hash')
+ ), __FILE__, __LINE__);
- $message = loadEmailTemplate('sponsor_pending', $SPONSOR);
- sendEmail($SPONSOR['email'], getMessage('SPONSOR_ACCOUNT_PENDING_SUBJ'), $message);
+ $message = loadEmailTemplate('sponsor_pending', $data);
+ sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message);
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='CONFIRMED'
-WHERE `id`='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1",
- array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `status`='CONFIRMED',
+ `hash`=NULL
+WHERE
+ `id`=%s AND
+ `hash`='%s' AND
+ `status`='EMAIL'
+LIMIT 1",
+ array(bigintval($data['id']), getRequestParameter('hash')), __FILE__, __LINE__);
- loadTemplate('admin_settings_saved', false, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getRequestElement('hash')));
+ displayMessage(getMaskedMessage('SPONSOR_ACCOUNT_404', getRequestParameter('hash')));
- $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
- array(postRequestElement('email')), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT
+ `id`, `hash`, `status`, `remote_addr`, `gender`, `surname`, `family`,
+ UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `email`='%s' AND
+ (`status`='UNCONFIRMED' OR `status`='EMAIL')
+LIMIT 1",
+ array(postRequestParameter('email')), __FILE__, __LINE__);
// Entry found?
if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
// Entry found?
if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
- sendEmail(postRequestElement('email'), getMessage('SPONSOR_ACTIVATION_LINK_SUBJ'), $message_sponsor);
+ sendEmail(postRequestParameter('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor);
- $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
-FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
- array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT
+ `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`,
+ UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `email`='%s' AND
+ `id`=%s AND
+ `status`='CONFIRMED'
+LIMIT 1",
+ array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__);
// Entry found?
if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
$DATA = SQL_FETCHARRAY($result);
// Entry found?
if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
$DATA = SQL_FETCHARRAY($result);
// Prepare email and send it to the sponsor
$message_sponsor = loadEmailTemplate('sponsor_lost', $DATA);
// Prepare email and send it to the sponsor
$message_sponsor = loadEmailTemplate('sponsor_lost', $DATA);
- sendEmail(postRequestElement('email'), getMessage('SPONSOR_LOST_PASSWORD_SUBJ'), $message_sponsor);
+ sendEmail(postRequestParameter('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor);
array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
// Output message
array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
// Output message
- $result = SQL_QUERY_ESC("SELECT status FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE `id`='%s' AND password='%s' LIMIT 1",
- array(bigintval(postRequestElement('sponsorid')), md5(postRequestElement('pass'))), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT
+ `status`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `id`=%s AND
+ `password`='%s'
+LIMIT 1",
+ array(
+ bigintval(postRequestParameter('sponsor_id')),
+ md5(postRequestParameter('password'))
+ ), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
list($status) = SQL_FETCHROW($result);
if ($status == 'CONFIRMED') {
// Is confirmed so both is fine and we can continue with login procedure
if (SQL_NUMROWS($result) == 1) {
// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
list($status) = SQL_FETCHROW($result);
if ($status == 'CONFIRMED') {
// Is confirmed so both is fine and we can continue with login procedure
- $login = ((setSession('sponsorid' , bigintval(postRequestElement('sponsorid')))) &&
- (setSession('sponsorpass', md5(postRequestElement('pass')) ))
+ $login = ((setSession('sponsor_id' , bigintval(postRequestParameter('sponsor_id')))) &&
+ (setSession('sponsor_pass', md5(postRequestParameter('password')) ))
// Login formular and other links
loadTemplate('guest_sponsor_login');
}
} else {
// Account missing or wrong pass! We shall not find this out for the "cracker folks"...
// Login formular and other links
loadTemplate('guest_sponsor_login');
}
} else {
// Account missing or wrong pass! We shall not find this out for the "cracker folks"...