************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
if (!empty($_GET['mid'])) {
// Load email data
- $result = SQL_QUERY_ESC("SELECT id, sender, subject, url, timestamp, payment_id FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id, sender, subject, url, timestamp, payment_id FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
// Delete mail only once
LOAD_TEMPLATE("admin_del_email_normal");
// Transfer data to data array
- $DATA = array($url, $subject);
+ $DATA = array('url' => $url, 'subject' => $subject);
// Load email template and send the email away
- $msg_user = LOAD_EMAIL_TEMPLATE("order-deleted", "", $sender);
+ $msg_user = LOAD_EMAIL_TEMPLATE("order-deleted", array(), $sender);
SEND_EMAIL($sender, MEMBER_ORDER_DELETED, $msg_user);
// Delete mail from queue
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
// Fetch right stats_id from pool
$result = SQL_QUERY_ESC("SELECT s.id FROM "._MYSQL_PREFIX."_user_stats AS s
LEFT JOIN "._MYSQL_PREFIX."_pool AS p
ON s.pool_id=p.id
-WHERE s.pool_id=%d LIMIT 1",
+WHERE s.pool_id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Fetch stats id
SQL_FREERESULT($result);
// Get all user links
- $result = SQL_QUERY_ESC("SELECT COUNT(id) AS 'cnt' FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d",
+ $result = SQL_QUERY_ESC("SELECT COUNT(id) AS 'cnt' FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s",
array(bigintval($stats_id)), __FILE__, __LINE__);
// Get unconfirmed links for calculation of total points
}
// Remove links from DB
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s",
array(bigintval($stats_id)), __FILE__, __LINE__);
// Output link for manually removing stats entry
}
} elseif (!empty($_GET['pid'])) {
// Remove stats entries
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%s LIMIT 1",
array(bigintval($_GET['pid'])), __FILE__, __LINE__);
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_USER_STATS_REMOVED);
} elseif ((!empty($_GET['bid'])) && (EXT_IS_ACTIVE("bonus"))) {
// Load data from bonus mail
- $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM "._MYSQL_PREFIX."_bonus WHERE id=%d",
+ $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM "._MYSQL_PREFIX."_bonus WHERE id=%s",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
// Delete mail only once
SQL_FREERESULT($result);
// Delete bonus mail entirely from database
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%s",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
// Prepare data for the template
// Mail already deleted!
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_BONUS_MAIL_ALREADY_DELETED);
}
+} elseif ((!empty($_GET['nid'])) && (GET_EXT_VERSION("bonus") >= "0.8.7")) {
+ // Load data from bonus mail
+ $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM "._MYSQL_PREFIX."_bonus WHERE id=%s",
+ array(bigintval($_GET['nid'])), __FILE__, __LINE__);
+
+ // Delete mail only once
+ if (SQL_NUMROWS($result) == 1) {
+ // Load data
+ list ($id, $subject, $url, $timestamp) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Delete bonus mail entirely from database
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
+ array(bigintval($_GET['nid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%s",
+ array(bigintval($_GET['nid'])), __FILE__, __LINE__);
+
+ // Prepare data for the template
+ define('__ID' , $id);
+ define('__SUBJECT', $subject);
+ define('__URL' , DEREFERER($url));
+ define('__ORDERED', MAKE_DATETIME($timestamp, "0"));
+
+ // Load template
+ LOAD_TEMPLATE("admin_del_email_notify");
+ } else {
+ // Mail already deleted!
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTIFY_MAIL_ALREADY_DELETED);
+ }
} else {
// No mail orders fond
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL);
projects / mailer.git / blobdiff