************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
} elseif (!EXT_IS_ACTIVE("mailid")) {
- ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "mailid"));
+ addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "mailid");
return;
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
if (empty($_GET['del'])) $_GET['del'] = "";
if (!empty($_GET['u_id'])) {
// Check if the user already exists
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
// Is there an entry?
if (SQL_NUMROWS($result) == 1) {
// Grab user's all unconfirmed mails
if (EXT_IS_ACTIVE("bonus")) {
// Load bonus ID
- $result = SQL_QUERY_ESC("SELECT stats_id, bonus_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s ORDER BY id",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT stats_id, bonus_id, link_type FROM `{!_MYSQL_PREFIX!}_user_links` WHERE userid=%s ORDER BY `id`",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
} else {
// Load stats ID (2nd will be ignored later! But it is needed for the same fetchrow command)
- $result = SQL_QUERY_ESC("SELECT stats_id, stats_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s ORDER BY id",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT stats_id, stats_id, link_type FROM `{!_MYSQL_PREFIX!}_user_links` WHERE userid=%s ORDER BY `id`",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
}
// Get number of rows from the query
// Some unconfirmed mails left
if ($_GET['del'] == "all") {
// Delete all unconfirmed mails by this user
- $result_del = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s LIMIT %s",
- array(bigintval($_GET['u_id']), $nums), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_links` WHERE userid=%s LIMIT %s",
+ array(bigintval($_GET['u_id']), $nums), __FILE__, __LINE__);
// Prepare mail and send it away
$msg = LOAD_EMAIL_TEMPLATE("admin-del_links", $nums, bigintval($_GET['u_id']));
- SEND_EMAIL($email, ADMIN_DEL_LINK_SUBJ, $msg);
+ SEND_EMAIL($email, getMessage('ADMIN_DEL_LINK_SUBJ'), $msg);
// Display message
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_LINKS_DELETED);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_LINKS_DELETED'));
} else {
// List all unconfirmed mails
$SW = 2; $OUT = "";
while (list($id, $id2, $type) = SQL_FETCHROW($result)) {
- // Load data from stats table...
+ // Initializes some variables
$cat = "";
+ $DATA = "";
+ $PROBLEM = GENERAL_MAIL_PROBLEM;
+ $result_data = false; // Closes Bug #58
+
+ // Load data from stats table...
switch ($type)
{
case "NORMAL":
- $result_data = SQL_QUERY_ESC("SELECT subject, timestamp_ordered, cat_id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
- $type = "mailid"; $DATA = $id; $PROBLEM = NORMAL_MAIL_PROBLEM;
- $LINK = "<A href=\"".URL."/mailid.php?uid=".$_GET['u_id']."&mailid=".$id."\" target=\"_blank\">".$id."</A>";
+ $result_data = SQL_QUERY_ESC("SELECT subject, timestamp_ordered, cat_id FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
+ $type = "mailid"; $DATA = $id; $PROBLEM = getMessage('NORMAL_MAIL_PROBLEM');
+ $LINK = "<a href=\"{!URL!}/mailid.php?uid=".$_GET['u_id']."&mailid=".$id."\" target=\"_blank\">".$id."</a>";
break;
case "BONUS":
- $result_data = SQL_QUERY_ESC("SELECT subject, timestamp, cat_id FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
- array(bigintval($id2)), __FILE__, __LINE__);
- $type = "bonusid"; $DATA = $id2; $PROBLEM = BONUS_MAIL_PROBLEM;
- $LINK = "<A href=\"".URL."/mailid.php?uid=".$_GET['u_id']."&bonusid=".$id2."\" target=\"_blank\">".$id2."</A>";
+ $result_data = SQL_QUERY_ESC("SELECT subject, timestamp, cat_id FROM `{!_MYSQL_PREFIX!}_bonus` WHERE id=%s LIMIT 1",
+ array(bigintval($id2)), __FILE__, __LINE__);
+ $type = "bonusid"; $DATA = $id2; $PROBLEM = getMessage('BONUS_MAIL_PROBLEM');
+ $LINK = "<a href=\"{!URL!}/mailid.php?uid=".$_GET['u_id']."&bonusid=".$id2."\" target=\"_blank\">".$id2."</a>";
+ break;
+
+ default: // Problem in application detected!
+ // Log the error
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid email type %s detected.", $type));
break;
}
// Mail was found!
list($subject, $timestamp, $cat) = SQL_FETCHROW($result_data);
SQL_FREERESULT($result_data);
- if (empty($subject)) $subject = DEFAULT_SUBJECT_LINE;
+ if (empty($subject)) $subject = getMessage('DEFAULT_SUBJECT_LINE');
// Prepare data for the row template
$content = array(
// Remember list in constant for the template
define('__SNAME_VALUE', $sname);
define('__FNAME_VALUE', $fname);
- define('__EMAIL_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".$email."</A>");
+ define('__EMAIL_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".$email."</a>");
define('__EMAIL_LIST' , $OUT);
define('__NUMS_VALUE' , $nums);
- define('__UID_VALUE' , $_GET['u_id']);
+ define('__UID' , bigintval($_GET['u_id']));
// Load final template
LOAD_TEMPLATE("admin_list_links");
}
} else {
// No mails left to confirm
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MEMBER_LINKS_1.$_GET['u_id'].ADMIN_MEMBER_LINKS_2);
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_MEMBER_LINKS'), $_GET['u_id']));
}
} else {
// User not found
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2);
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_MEMBER_404'), $_GET['u_id']));
}
} else {
// Output selection form with all confirmed user accounts listed