elseif ($none) $OUT = " <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
while (list($id, $sname, $fname) = SQL_FETCHROW($result))
{
- $OUT .= " <OPTION value=\"".$id."\"";
+ $OUT .= " <OPTION value=\"".bigintval($id)."\"";
if ($def == $id) $OUT .= " selected=\"selected\"";
- $OUT .= ">".$sname." ".$fname." (".$id.")</OPTION>\n";
+ $OUT .= ">".$sname." ".$fname." (".bigintval($id).")</OPTION>\n";
}
// Free memory
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
}
}
+// Send mails for del/edit/lock build modes
+function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") {
+ // Default subject is the subject part
+ $subject = $subjectPart;
+
+ // Is the subject part not set?
+ if (empty($subjectPart)) {
+ // Then use it from the mode
+ $subject = strtoupper($mode);
+ } // END - if
+
+ // Is the raw userid set?
+ if ($_POST['uid_raw'][$id] > 0) {
+ // Generate subject
+ $eval = "\$subjectLine = MEMBER_".$subject."_".strtoupper($table)."_SUBJECT;";
+ eval($eval);
+
+ // Load email template
+ if (!empty($subjectPart)) {
+ $mail = LOAD_EMAIL_TEMPLATE("member_".$mode."_".strtolower($subjectPart)."_".$table, $content);
+ } else {
+ $mail = LOAD_EMAIL_TEMPLATE("member_".$mode."_".$table, $content);
+ }
+
+ // Send email out
+ SEND_EMAIL($_POST['uid_raw'][$id], $subjectLine, $mail);
+ } // END - if
+
+ // Generate subject
+ $eval = "\$subjectLine = ADMIN_".$subject."_".strtoupper($table)."_SUBJECT;";
+ eval($eval);
+
+ // Send admin notification out
+ if (!empty($subjectPart)) {
+ SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".strtolower($subjectPart)."_".$table, $content, $_POST['uid_raw'][$id]);
+ } else {
+ SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".$table, $content, $_POST['uid_raw'][$id]);
+ }
+}
// Build a special template list
function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn) {
global $_CONFIG;
// Secure ID number
$id = bigintval($id);
- // Will always be 1 ;-)
- if ($selected == 1) {
- // Get result from a given column array and table name
- $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id);
-
- // Is there one entry?
- if (SQL_NUMROWS($result) == 1) {
- // Load all data
- $content = SQL_FETCHARRAY($result);
-
- // Filter all data
- foreach ($content as $key => $value) {
- // Search index
- $idx = array_search($key, $columns, true);
-
- // Do we have a userid?
- if ($key == "userid") {
- // Add it again as raw id
- $content['uid'] = bigintval($value);
- } // END - if
+ // Get result from a given column array and table name
+ $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id);
- // Handle the call in external function
- $content[$key] = HANDLE_EXTRA_VALUES($filterFunctions[$idx], $value, $extraValues[$idx]);
- } // END - foreach
+ // Is there one entry?
+ if (SQL_NUMROWS($result) == 1) {
+ // Load all data
+ $content = SQL_FETCHARRAY($result);
+
+ // Filter all data
+ foreach ($content as $key => $value) {
+ // Search index
+ $idx = array_search($key, $columns, true);
+
+ // Do we have a userid?
+ if ($key == "userid") {
+ // Add it again as raw id
+ $content['uid'] = bigintval($value);
+ } // END - if
- // Add color switching
- $content['sw'] = $SW;
+ // Handle the call in external function
+ $content[$key] = HANDLE_EXTRA_VALUES($filterFunctions[$idx], $value, $extraValues[$idx]);
+ } // END - foreach
- // Then list it
- $OUT .= LOAD_TEMPLATE("admin_".$listType."_".$table."_row", true, $content);
+ // Add color switching
+ $content['sw'] = $SW;
- // Switch color
- $SW = 3 - $SW;
- } // END - if
+ // Then list it
+ $OUT .= LOAD_TEMPLATE("admin_".$listType."_".$table."_row", true, $content);
- // Free the result
- SQL_FREERESULT($result);
+ // Switch color
+ $SW = 3 - $SW;
} // END - if
+
+ // Free the result
+ SQL_FREERESULT($result);
} // END - foreach
// Load master template
$idList = "";
foreach ($IDs as $id => $sel) {
// Is there a userid?
- if (isset($_POST['uid'][$id])) {
+ if (isset($_POST['uid_raw'][$id])) {
// Load all data from that id
$result = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
array($table, $idColumn, $id), __FILE__, __LINE__);
// Free the result
SQL_FREERESULT($result);
- // Do we have a *real* userid?
- if ($_POST['uid'][$id] > 0) {
- // Generate subject
- $eval = "\$subject = MEMBER_DEL_".strtoupper($table)."_SUBJECT;";
- eval($eval);
-
- // Load email template
- $mail = LOAD_EMAIL_TEMPLATE("member_del_".$table, $content);
-
- // Send email out
- SEND_EMAIL($_POST['uid'][$id], $subject, $mail);
- } // END - if
-
- // Generate subject
- $eval = "\$subject = ADMIN_DEL_".strtoupper($table)."_SUBJECT;";
- eval($eval);
-
- // Send admin notification out
- SEND_ADMIN_NOTIFICATION($subject, "admin_del_".$table, $content, $_POST['uid'][$id]);
+ // Send "build mails" out
+ ADMIN_SEND_BUILD_MAILS("del", $table, $content, $id);
} // END - if
// Add id number
$content['frametester'] = FRAMETESTER($content[$key]);
} // END - if
}
- $SQL = substr($SQL, 0, -1) . " WHERE ".$idColumn."=".$id." LIMIT 1";
+ $SQL = substr($SQL, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." LIMIT 1";
// Run this query
SQL_QUERY($SQL, __FILE__, __LINE__);
// Free the result
SQL_FREERESULT($result);
- // Is a raw user id set?
- if ((isset($_POST['uid_raw'][$id])) && ($_POST['uid_raw'][$id] > 0)) {
- // Generate subject
- $eval = "\$subject = MEMBER_EDIT_".strtoupper($table)."_SUBJECT;";
- eval($eval);
-
- // Load email template
- $mail = LOAD_EMAIL_TEMPLATE("member_edit_".$table, $content);
-
- // Send email out
- SEND_EMAIL($_POST['uid_raw'][$id], $subject, $mail);
- } // END - if
-
- // Generate subject
- $eval = "\$subject = ADMIN_EDIT_".strtoupper($table)."_SUBJECT;";
- eval($eval);
-
- // Send admin notification out
- SEND_ADMIN_NOTIFICATION($subject, "admin_edit_".$table, $content, $_POST['uid_raw'][$id]);
+ // Send "build mails" out
+ ADMIN_SEND_BUILD_MAILS("edit", $table, $content, $id);
} // END - foreach
// Was this fine?
}
} // END - if
}
+// Un-/lock rows by given ID numbers
+function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn="userid") {
+ // All valid entries? (We hope so here!)
+ if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && ((!$lockNow) || (count($statusArray) == 1))) {
+ // Shall we un-/lock here or list for locking?
+ if ($lockNow) {
+ // Un-/lock entries
+ foreach ($IDs as $id => $sel) {
+ // Construct SQL query
+ $SQL = "UPDATE "._MYSQL_PREFIX."_".$table." SET";
+
+ // Load data of entry
+ $result = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
+ array($table, $idColumn, $id), __FILE__, __LINE__);
+
+ // Fetch the data
+ $content = SQL_FETCHARRAY($result);
+
+ // Free the result
+ SQL_FREERESULT($result);
+
+ // Add all status entries (e.g. status column last_updated or so)
+ $newStatus = "UNKNOWN";
+ $oldStatus = "UNKNOWN";
+ $statusColumn = "unknown";
+ foreach ($statusArray as $column => $statusInfo) {
+ // Does the entry exist?
+ if ((isset($content[$column])) && (isset($statusInfo[$content[$column]]))) {
+ // Add these entries for update
+ $SQL .= sprintf(" %s='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]]));
+
+ // Remember status
+ if ($statusColumn == "unknown") {
+ // Always (!!!) change status column first!
+ $oldStatus = $content[$column];
+ $newStatus = $statusInfo[$oldStatus];
+ $statusColumn = $column;
+ } // END - if
+ } elseif (isset($content[$column])) {
+ // Unfinished!
+ die("UNFINISHED: {$column}[".gettype($statusInfo)."] = {$content[$column]}");
+ }
+ } // END - foreach
+
+ // Add other columns as well
+ foreach ($_POST as $key => $entries) {
+ // Skip id, raw userid and 'do_lock'
+ if (!in_array($key, array($idColumn, 'uid_raw', 'do_lock'))) {
+ // Are there brackets () at the end?
+ if (substr($entries[$id], -2, 2) == "()") {
+ // Direct SQL command found
+ $SQL .= sprintf(" %s=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+ } else {
+ // Add regular entry
+ $SQL .= sprintf(" %s='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+ }
+ } // END - if
+ } // END - if
+
+ // Finish SQL statement
+ $SQL = substr($SQL, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." AND ".$statusColumn."='".$oldStatus."' LIMIT 1";
+
+ // Run the SQL
+ SQL_QUERY($SQL, __FILE__, __LINE__);
+
+ // Do we have an URL?
+ if (isset($content['url'])) {
+ // Then add a framekiller test as well
+ $content['frametester'] = FRAMETESTER($content['url']);
+ } // END - if
+
+ // Send "build mails" out
+ ADMIN_SEND_BUILD_MAILS("lock", $table, $content, $id, $statusInfo[$content[$column]]);
+ } // END - if
+ } else {
+ // List for editing
+ ADMIN_BUILD_LIST("lock", $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ }
+ } // END - if
+}
// Checks proxy settins by fetching check-updates3.php from www.mxchange.org
function ADMIN_TEST_PROXY_SETTINGS ($settingsArray) {
global $_CONFIG;
- // By default they are invalid
- $valid = false;
-
// Set temporary the new settings
$_CONFIG = array_merge($_CONFIG, $settingsArray);