Cookie code removed, rewritten, internal URLs are now relative (see LOAD_URL()),...

[mailer.git] / inc / modules / guest / what-sponsor_login.php

diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php
index 895e2280de8cac8ce12b0ae7abe9992b1e87c213..2f7ed2aebda320035273e145e3660f673f424dd0 100644 (file)
--- a/inc/modules/guest/what-sponsor_login.php
+++ b/inc/modules/guest/what-sponsor_login.php
@@ -78,7 +78,7 @@ LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
                // Unconfirmed account or changed email address?
                if ($SPONSOR['status'] == "UNCONFIRMED") {
                        // Set account to pending
-                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
+                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
 WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -99,7 +99,7 @@ WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
                        }
                } elseif ($SPONSOR['status'] == "EMAIL") {
                        // Changed email adress need to be confirmed
-                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
+                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
 WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -198,7 +198,7 @@ WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
                        SEND_EMAIL($_POST['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor);
 
                        // Update password
-                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
+                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
 WHERE id='%s' LIMIT 1",
  array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__);
 
@@ -224,17 +224,14 @@ WHERE id='%s' AND password='%s' LIMIT 1",
                // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
                list($status) = SQL_FETCHROW($result);
                if ($status == "CONFIRMED") {
-                       // Calculate cookie lifetime, maybe we have to change this so the admin can setup a
-                       // seperate timeout for these two cookies?
-                       $life = (time() + getConfig('online_timeout'));
-
                        // Is confirmed so both is fine and we can continue with login procedure
-                       $login = ((setcookie("sponsorid"  , bigintval($_POST['sponsorid']), $life, COOKIE_PATH)) &&
-                                 (setcookie("sponsorpass", md5($_POST['pass'])           , $life, COOKIE_PATH)));
+                       $login = ((set_session('sponsorid'  , bigintval($_POST['sponsorid']))) &&
+                                 (set_session('sponsorpass', md5($_POST['pass'])           ))
+                       );
 
                        if ($login) {
                                // Cookie setup successfull so we can forward to sponsor area
-                               LOAD_URL(URL."/modules.php?module=sponsor");
+                               LOAD_URL("modules.php?module=sponsor");
                        } else {
                                // Cookie setup failed!
                                LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);