* $Date:: $ *
* $Tag:: 0.2.1-FINAL $ *
* $Author:: $ *
- * Needs to be in all Files and every File needs "svn propset *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009, 2010 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Add links for selecting some users
function alpha ($sortby, $colspan, $return=false) {
- if (!isGetRequestParameterSet('offset')) setGetRequestParameter('offset', 0);
- $add = '&page='.getRequestParameter('page').'&offset='.getRequestParameter('offset');
- if (isGetRequestParameterSet('mode')) $add .= '&mode='.getRequestParameter('mode');
+ if (!isGetRequestParameterSet('offset')) {
+ setGetRequestParameter('offset', 0);
+ } // END - if
+ $add = '&page=' . getRequestParameter('page').'&offset=' . getRequestParameter('offset');
+ foreach (array('mode','status') as $param) {
+ if (isGetRequestParameterSet($param)) {
+ $add .= '&' . $param . '=' . getRequestParameter($param);
+ } // END - if
+ } // END - foreach
/* Creates the list of letters and makes them a link. */
$alphabet = explode(',', 'A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,');
} else {
// Output link to letter
$OUT .= '<a href="{%url=modules.php?module=admin&what=' . getWhat();
- if (isGetRequestParameterSet('mode')) $OUT .= '&mode=' . getRequestParameter('mode');
+ foreach (array('mode','status') as $param) {
+ if (isGetRequestParameterSet($param)) {
+ $OUT .= '&' . $param . '=' . getRequestParameter($param);
+ } // END - if
+ } // END - foreach
$OUT .= '&letter=' . $ltr . '&sortby=' . $sortby . $add . '%}">' . $ltr . '</a>';
}
// Add page and offset
$add = '&page=' . getRequestParameter('page') . '&offset=' . getRequestParameter('offset');
- // Add status or mode
- if (isGetRequestParameterSet('status')) $add .= '&mode=' . getRequestParameter('status');
- elseif (isGetRequestParameterSet('mode')) $add .= '&mode=' . getRequestParameter('mode');
+ // Add status/ mode
+ foreach (array('mode','status') as $param) {
+ if (isGetRequestParameterSet($param)) {
+ $add .= '&' . $param . '=' . getRequestParameter($param);
+ } // END - if
+ } // END - foreach
// Makes order by links..
- if ($letter == 'front') $letter = '';
+ if ($letter == 'front') {
+ $letter = '';
+ } // END - if
// Prepare array with all possible sorters
$list = array(
- 'userid' => '{--_UID--}',
+ 'userid' => '{--_USERID--}',
'family' => '{--FAMILY--}',
'email' => '{--EMAIL--}',
'REMOTE_ADDR' => '{--REMOTE_IP--}'
} // END - foreach
// Add list and colspan
- $content['list'] = substr($OUT, 0, -13);
+ $content['list'] = substr($OUT, 0, -1);
$content['colspan2'] = $colspan;
// Load template
// Base link
$OUT .= '<a href="{%url=modules.php?module=admin&what=' . getWhat();
- // Add status or mode
- if (isGetRequestParameterSet('status')) $OUT .= '&mode=' . getRequestParameter('status');
- elseif (isGetRequestParameterSet('mode')) $OUT .= '&mode=' . getRequestParameter('mode');
+ // Add status/mode
+ foreach (array('mode','status') as $param) {
+ if (isGetRequestParameterSet($param)) {
+ $OUT .= '&' . $param . '=' . getRequestParameter($param);
+ } // END - if
+ } // END - foreach
// Letter and so on
$OUT .= '&letter=' . getRequestParameter('letter') . '&sortby=' . getRequestParameter('sortby') . '&page=' . $page . '&offset=' . $offset . '%}">';
}
// Create email link to user's account
-function generateUserEmailLink($email, $mod = 'admin') {
+function generateUserEmailLink ($email, $mod = 'admin') {
// Show contact link only if user is confirmed by default
$locked = " AND `status`='CONFIRMED'";
// @TODO Double-check configuration entry here
function determineRandomReferalId () {
// Default is zero refid
- $refid = '0';
+ $refid = null;
// Is the extension version fine?
if (isExtensionInstalledAndNewer('user', '0.3.4')) {
// Use that userid as new referal id
list($refid) = SQL_FETCHROW($result);
- // Reset this user's counter
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0 WHERE `userid`=%s LIMIT 1",
+ // Reset all users, this makes this random referal id more challenging
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0",
array($refid), __FUNCTION__, __LINE__);
} // END - if
$add = '';
$errorCode = '0';
$ext = '';
+ $isFound = false;
// Init array
$content = array(
$ext = 'nickname';
} else {
// Direct userid entered
- fetchUserData($userid);
+ $isFound = fetchUserData($userid);
}
// No error found?
- if ($errorCode == '0') {
+ if (($errorCode == '0') && ($isFound === true)) {
// Get user data array and set userid (e.g. important if we login with nickname)
$content = getUserDataArray();
- if (!empty($content['userid'])) $userid = bigintval($content['userid']);
+ if (!empty($content['userid'])) {
+ $userid = bigintval($content['userid']);
+ } // END - if
} // END - if
// Is there an entry?
- if ((isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) {
+ if (($errorCode == '0') && (isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) {
// Check for old MD5 passwords
if ((strlen(getUserData('password')) == 32) && (md5($passwd) == getUserData('password'))) {
// Just set the hash to the password from DB... :)
// No login bonus by default
$GLOBALS['bonus_payed'] = false;
- // Probe for last online timemark
- $probe = time() - getUserData('last_online');
- if (getUserData('last_login') > 0) $probe = time() - getUserData('last_login');
-
- if ((isExtensionInstalledAndNewer('bonus', '0.2.2')) && ($probe >= getConfig('login_timeout'))) {
- // Add login bonus to user's account
- $add = ', `login_bonus`=`login_bonus`+{?login_bonus?}';
- $GLOBALS['bonus_payed'] = true;
-
- // Subtract login bonus from userid's account or jackpot
- if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getConfig('bonus_mode') != 'ADD')) handleBonusPoints('login_bonus');
+ // Is bonus up-to-date?
+ if (isExtensionInstalledAndNewer('bonus', '0.2.2')) {
+ // Probe for last online timemark
+ $probe = time() - getUserData('last_online');
+ if (getUserData('last_login') > 0) {
+ // Use timestamp from last login
+ $probe = time() - getUserData('last_login');
+ } // END - if
+
+ // Is the timeout reached?
+ if ($probe >= getConfig('login_timeout')) {
+ // Add login bonus to user's account
+ $add = ', `login_bonus`=`login_bonus`+{?login_bonus?}';
+ $GLOBALS['bonus_payed'] = true;
+
+ // Subtract login bonus from userid's account or jackpot
+ if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getBonusMode() != 'ADD')) {
+ handleBonusPoints('login_bonus');
+ } // END - if
+ } // END - if
} // END - if
// @TODO Make this filter working: $url = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON));
// Update database records
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `total_logins`=`total_logins`+1" . $add . " WHERE `userid`=%s LIMIT 1",
array($userid), __FUNCTION__, __LINE__);
- if (SQL_AFFECTEDROWS() == 1) {
+ if (!SQL_HASZEROAFFECTED()) {
// Is a success URL set?
if (empty($successUrl)) {
// Procedure to checking for login data
$errorCode = getCode('COOKIES_DISABLED');
}
} elseif (isExtensionInstalledAndNewer('sql_patches', '0.6.1')) {
- // Update failture counter
+ // Update failure counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `userid`=%s LIMIT 1",
array($userid), __FUNCTION__, __LINE__);
// Wrong password!
$errorCode = getCode('WRONG_PASS');
}
- } elseif (getUserData('status') != 'CONFIRMED') {
+ } elseif ((isUserDataValid()) && (getUserData('status') != 'CONFIRMED')) {
// Create an error code from given status
$errorCode = generateErrorCodeFromUserStatus(getUserData('status'));
// Set userid in session
setSession('current_userid', getUserData('userid'));
} elseif (!isUserDataValid()) {
- // User id not found!
+ // User id not found
$errorCode = getCode('WRONG_ID');
} else {
// Unknown error
$url = $errorUrl . $errorCode;
// Extension set? Then add it as well.
- if (!empty($ext)) $url .= '&ext=' . $ext;
+ if (!empty($ext)) {
+ $url .= '&ext=' . $ext;
+ } // END - if
} // END - if
// Return URL
// Try to send a new password for the given user account
function doNewUserPassword ($email, $userid) {
- // Init result and error
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ' - ENTERED!');
+ // Init found-status and error
$errorCode = '';
- $result = false;
+ $accountFound = false;
// Probe userid/nickname
- // @TODO We should try to rewrite this to fetchUserData() somehow
if (!empty($email)) {
// Email entered
- $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `email`='%s' OR `email`='%s' LIMIT 1",
- array($email, str_replace('.', '{DOT}', $email)), __FUNCTION__, __LINE__);
+ $accountFound = fetchUserData($email, 'email');
} elseif ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) {
// Nickname entered
- $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' OR `userid`='%s' OR `email`='%s' LIMIT 1",
- array($userid, $userid, $email), __FUNCTION__, __LINE__);
- } elseif (($userid > 0) && (empty($email))) {
+ $accountFound = fetchUserData($userid, 'nickname');
+ } elseif ((isValidUserId($userid)) && (empty($email))) {
// Direct userid entered
- $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array(bigintval($userid)), __FUNCTION__, __LINE__);
+ $accountFound = fetchUserData($userid);
} else {
// Userid not set!
- logDebugMessage(__FUNCTION__, __LINE__, 'Userid is not set! BUG!');
- $errorCode = getCode('WRONG_ID');
+ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',email=' . $email . ': Important variables are empty.');
}
// Any entry found?
- if (SQL_NUMROWS($result) == 1) {
- // This data is valid, so we create a new pass... :-)
- list($userid, $status) = SQL_FETCHROW($result);
-
- if ($status == 'CONFIRMED') {
- // Ooppps, this was missing! ;-) We should update the database...
+ if ($accountFound === true) {
+ // Is the account confirmed
+ if (getUserData('status') == 'CONFIRMED') {
+ // Generate new password
$NEW_PASS = generatePassword();
+
+ // Update database
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s LIMIT 1",
- array(generateHash($NEW_PASS), $userid), __FUNCTION__, __LINE__);
+ array(generateHash($NEW_PASS), getUserData('userid')), __FUNCTION__, __LINE__);
// Prepare data and message for email
- $message = loadEmailTemplate('new-pass', array('new_pass' => $NEW_PASS, 'nickname' => $userid), $userid);
+ $message = loadEmailTemplate('guest_new_password',
+ array(
+ 'new_pass' => $NEW_PASS,
+ 'nickname' => $userid
+ ), bigintval(getUserData('userid')));
// ... and send it away
- sendEmail($userid, '{--GUEST_NEW_PASSWORD--}', $message);
+ sendEmail(bigintval(getUserData('userid')), '{--GUEST_NEW_PASSWORD--}', $message);
// Output note to user
- loadTemplate('admin_settings_saved', false, '{--GUEST_NEW_PASSWORD_SEND--}');
+ displayMessage('{--GUEST_NEW_PASSWORD_SEND--}');
} else {
// Account is locked or unconfirmed
- $errorCode = generateErrorCodeFromUserStatus($status);
+ $errorCode = generateErrorCodeFromUserStatus(getUserData('status'));
// Load URL
- redirectToUrl('modules.php?module=index&what=login&login='.$errorCode);
+ redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode);
}
} else {
// id or email is wrong
- loadTemplate('admin_settings_saved', false, '<span class="guest_failed">{--GUEST_WRONG_ID_EMAIL--}</span>');
+ displayMessage('<span class="notice">{--GUEST_WRONG_ID_EMAIL--}</span>');
}
// Return the error code
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ',errorCode=' . $errorCode . ' - EXIT!');
return $errorCode;
}
// Get timestamp for given stats type and data
-function getTimestampFromUserStats ($statsType, $statsData, $userid = '0') {
+function getEpocheTimeFromUserStats ($statsType, $statsData, $userid = '0') {
// Default timestamp is zero
$data['inserted'] = '0';
} // END - if
// Is the extension installed and updated?
- if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) {
+ if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
// Return zero here
return $data['inserted'];
} // END - if
// Inserts user stats
function insertUserStatsRecord ($userid, $statsType, $statsData) {
// Is the extension installed and updated?
- if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) {
+ if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
// Return zero here
return false;
} // END - if
// Does it exist?
- if ((!getTimestampFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) {
+ if ((!getEpocheTimeFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) {
// Then insert it!
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')",
- array(bigintval($userid), $statsType, $statsData), __FUNCTION__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`, `stats_type`, `stats_data`) VALUES (%s,'%s','%s')",
+ array(
+ bigintval($userid),
+ $statsType,
+ $statsData
+ ), __FUNCTION__, __LINE__);
} elseif (is_array($statsData)) {
// Invalid data!
- logDebugMessage(__FUNCTION__, __LINE__, "userid={$userid},type={$statsType},data={".gettype($statsData).": Invalid statistics data type!");
+ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',type=' . $statsType . ',data=' . gettype($statsData) . ': Invalid statistics data type!');
}
}
+// Confirms a user account
+function doConfirmUserAccount ($hash) {
+ // Init content
+ $content = array(
+ 'message' => '{--GUEST_CONFIRMED_FAILED--}',
+ 'userid' => 0,
+ );
+
+ // Initialize the user id
+ $userid = '0';
+
+ // Search for an unconfirmed or confirmed account
+ $result = SQL_QUERY_ESC("SELECT `userid`, `refid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `user_hash`='%s' AND (`status`='UNCONFIRMED' OR `status`='CONFIRMED') LIMIT 1",
+ array($hash), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Ok, he want's to confirm now so we load some data
+ list($userid, $refid) = SQL_FETCHROW($result);
+
+ // Fetch user data
+ if (!fetchUserData($userid)) {
+ // Not found, should not happen
+ debug_report_bug(__FILE__, __LINE__, 'User account ' . $userid . ' not found.');
+ } // END - if
+
+ // Load all data and add points
+ $content = getUserDataArray();
+
+ // Unlock his account (but only when it is on UNCONFIRMED!)
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_user_data`
+SET
+ `status`='CONFIRMED',
+ `user_hash`=NULL
+WHERE
+ `user_hash`='%s' AND
+ `status`='UNCONFIRMED'
+LIMIT 1",
+ array($hash), __FILE__, __LINE__);
+
+ // Was it updated?
+ if (!SQL_HASZEROAFFECTED()) {
+ // Send email if updated
+ $message = loadEmailTemplate('guest_user_confirmed', $content, bigintval($userid));
+
+ // And send him right away the confirmation mail
+ sendEmail($userid, '{--GUEST_THANX_CONFIRM--}', $message);
+
+ // Maybe he got "referaled"?
+ if (($refid > 0) && ($refid != $userid)) {
+ // Select the referal userid
+ if (fetchUserData($refid)) {
+ // Update ref counter...
+ updateReferalCounter($refid);
+
+ // If version matches add ref bonus to refid's account
+ if ((isExtensionInstalledAndNewer('bonus', '0.4.4')) && (isBonusRallyeActive())) {
+ // Add points (directly only!)
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `bonus_ref`=`bonus_ref`+{?bonus_ref?} WHERE `userid`=%s LIMIT 1",
+ array(bigintval($refid)), __FILE__, __LINE__);
+
+ // Subtract points from system
+ handleBonusPoints(getConfig('bonus_ref'));
+ } // END - if
+
+ // Add one-time referal bonus over referal system or directly
+ initReferalSystem();
+ addPointsThroughReferalSystem('referal_bonus', $refid, getPointsRef(), bigintval($userid));
+ } // END - if
+ } // END - if
+
+ if (isExtensionActive('rallye')) {
+ // Add user to rallye (or not?)
+ addUserToReferalRallye(bigintval($userid));
+ } // END - if
+
+ // Account confirmed!
+ if (isExtensionActive('lead')) {
+ // Set special lead cookie
+ setSession('lead_userid', bigintval($userid));
+
+ // Lead-Code mode enabled
+ redirectToUrl('lead-confirm.php');
+ } else {
+ $content['message'] = '{--GUEST_CONFIRMED_DONE--}';
+ $content['userid'] = bigintval($userid);
+ }
+ } elseif (isExtensionActive('lead')) {
+ // Set special lead cookie
+ setSession('lead_userid', bigintval($userid));
+
+ // Lead-Code mode enabled
+ redirectToUrl('lead-confirm.php');
+ } else {
+ // Nobody was found unter this hash key... or our new member want's to confirm twice?
+ $content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
+ }
+ } else {
+ // Nobody was found unter this hash key... or our new member want's to confirm twice?
+ $content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
+ }
+
+ // Load template
+ displayMessage($content['message']);
+}
+
+// Does resend the user's confirmation link for given email address
+function doResendUserConfirmationLink ($email) {
+ // Email address not registered is default message
+ $message = '{--EMAIL_404--}';
+
+ // Confirmation link requested
+ if (fetchUserData($email, 'email')) {
+ // Email address found
+ $content = getUserDataArray();
+
+ // Is the account unconfirmed?
+ if ($content['status'] == 'UNCONFIRMED') {
+ // Load email template
+ $message = loadEmailTemplate('guest_request_confirm', array(), $content['userid']);
+
+ // Send email
+ sendEmail($content['userid'], '{--GUEST_REQUEST_CONFIRM_LINK_SUBJECT--}', $message);
+ } // END - if
+
+ // Create message based on the status
+ $message = getConfirmationMessageFromUserStatus($content['status']);
+ } // END - if
+
+ // Output message
+ displayMessage($message);
+}
+
+// Get a message (somewhat translation) from user status for confirmation link.
+// This is different to translateUserStatus() in text messages.
+function getConfirmationMessageFromUserStatus ($status) {
+ // Default is 'UNKNOWN'
+ $message = '{%message,GUEST_LOGIN_ID_UNKNOWN_STATUS=' . $status . '%}';
+
+ // Which status is it?
+ switch ($status) {
+ case 'UNCONFIRMED': // Account is unconfirmed
+ // And set message
+ $message = '{--GUEST_CONFIRM_LINK_SENT--}';
+ break;
+
+ case 'CONFIRMED': // Account already confirmed
+ $message = '{--GUEST_LOGIN_ID_CONFIRMED--}';
+ break;
+
+ case 'LOCKED': // Account is locked
+ $message = '{--GUEST_LOGIN_ID_LOCKED--}';
+ break;
+
+ default: // This should not happen
+ debug_report_bug(__FUNCTION__, __LINE__, 'Unknown user status ' . $status . ' detected.');
+ break;
+ } // END - switch
+
+ // Return message
+ return $message;
+}
+
+// Expression call-back function for fetching user data
+function doExpressionUser ($data) {
+ // Use current userid by default
+ $functionName = 'getMemberId()';
+
+ // User-related data, so is there a userid?
+ if (!empty($data['matches'][4][$data['key']])) {
+ // Do we have a userid or $userid?
+ if ($data['matches'][4][$data['key']] == '$userid') {
+ // Use dynamic call
+ $functionName = "getFetchedUserData('userid', \$userid, '" . $data['callback'] . "')";
+ } elseif (!empty($data['matches'][4][$data['key']])) {
+ // User data found
+ $functionName = "getFetchedUserData('userid', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')";
+ }
+ } elseif ((!empty($data['callback'])) && (isUserDataValid())) {
+ // "Call-back" alias column for current logged in user's data
+ $functionName = "getUserData('" . $data['callback'] . "')";
+ }
+
+ // Do we have another function to run (e.g. translations)
+ if (!empty($data['extra_func'])) {
+ // Surround the original function call with it
+ $functionName = $data['extra_func'] . '(' . $functionName . ')';
+ } // END - if
+
+ // Generate replacer
+ $replacer = '{DQUOTE} . ' . $functionName . ' . {DQUOTE}';
+
+ // Now replace the code
+ $code = replaceExpressionCode($data, $replacer);
+
+ // Return replaced code
+ return $code;
+}
+
+// Template call-back function for list_user admin function
+function doTemplateAdminListUserTitle ($template, $dummy = false) {
+ // Init title with "all accounts"
+ $code = '{--ADMIN_LIST_ALL_ACCOUNTS--}';
+
+ // Do we have a 'status' or 'mode' set?
+ if (isGetRequestParameterSet('status')) {
+ // Set title according to the 'status'
+ $code = sprintf("{--ADMIN_LIST_STATUS_%s_ACCOUNTS--}", strtoupper(getRequestParameter('status')));
+ } elseif (isGetRequestParameterSet('mode')) {
+ // Set title according to the "mode"
+ $code = sprintf("{--ADMIN_LIST_MODE_%s_ACCOUNTS--}", strtoupper(getRequestParameter('mode')));
+ }
+
+ // Return the code
+ return $code;
+}
+
// [EOF]
?>