<?php
/************************************************************************
- * MXChange v0.2.1 Start: 06/10/2005 *
- * =============== Last change: 05/18/2008 *
+ * Mailer v0.2.1-FINAL Start: 06/10/2005 *
+ * =================== Last change: 05/18/2008 *
* *
* -------------------------------------------------------------------- *
* File : what-sponsor_login.php *
* -------------------------------------------------------------------- *
* Kurzbeschreibung : Loginformular und Neues Passwort fuer Sponsor *
* -------------------------------------------------------------------- *
- * $Revision:: $ *
- * $Date:: $ *
- * $Tag:: 0.2.1-FINAL $ *
- * $Author:: $ *
- * Needs to be in all Files and every File needs "svn propset *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
* *
- * This program is free software. You can redistribute it and/or modify *
+ * This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License. *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
- require($INC);
-} elseif ((!EXT_IS_ACTIVE('sponsor'))) {
- addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('sponsor'));
- return;
-}
+ exit();
+} // END - if
// Add description as navigation point
-ADD_DESCR('guest', __FILE__);
+addYouAreHereLink('guest', __FILE__);
+
+if ((!isExtensionActive('sponsor'))) {
+ displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=sponsor%}');
+ return;
+} elseif (isSponsor()) {
+ // Is already a logged-in sponsor
+ redirectToUrl('modules.php?module=sponsor');
+}
$mode = '';
-if (REQUEST_ISSET_GET('mode')) {
+if (isGetRequestElementSet('do')) {
// A "special" mode of the login system was requested
- switch (REQUEST_GET('mode'))
- {
+ switch (getRequestElement('do')) {
case 'activate' : $mode = 'activate'; break; // Activation link requested
case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
- }
+ } // END - switch
} // END - if
// Check if hash for confirmation of email address is given...
-if (REQUEST_ISSET_GET('hash')) {
+if (isGetRequestElementSet('hash')) {
// Lookup sponsor
- $result = SQL_QUERY_ESC("SELECT id, status, gender, surname, family,
-company, position, tax_ident,
-street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
-points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL')
-LIMIT 1", array(REQUEST_GET('hash')), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
+ $result = sqlQueryEscaped("SELECT
+ `id`, `status`, `gender`, `surname`, `family`,
+ `company`, `position`, `tax_ident`,
+ `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
+ `points_amount` AS `points`, `last_payment`, `last_currency`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `hash`='%s' AND (
+ `status`='UNCONFIRMED' OR
+ `status`='EMAIL'
+ )
+LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__);
+ if (sqlNumRows($result) == 1) {
// Sponsor found, load his data...
- $SPONSOR = SQL_FETCHARRAY($result);
-
- // Translate gender and comma
- $SPONSOR['gender'] = translateGender($SPONSOR['gender']);
- $SPONSOR['points'] = translateComma($SPONSOR['points']);
- $SPONSOR['pay'] = translateComma($SPONSOR['pay']);
+ $data = sqlFetchArray($result);
// Unconfirmed account or changed email address?
- if ($SPONSOR['status'] == 'UNCONFIRMED') {
+ if ($data['status'] == 'UNCONFIRMED') {
// Set account to pending
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='PENDING'
-WHERE `id`='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1",
- array(bigintval($SPONSOR['id']), REQUEST_GET('hash')), __FILE__, __LINE__);
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `status`='PENDING',
+ `hash`=NULL
+WHERE
+ `id`=%s AND
+ `hash`='%s' AND
+ `status`='UNCONFIRMED'
+LIMIT 1",
+ array(
+ bigintval($data['id']),
+ getRequestElement('hash')
+ ), __FILE__, __LINE__);
// Check on success
- if (SQL_AFFECTEDROWS() == 1) {
+ if (!ifSqlHasZeroAffectedRows()) {
// Prepare mail and send it to the sponsor
- $message = LOAD_EMAIL_TEMPLATE('sponsor_pending', $SPONSOR);
- sendEmail($SPONSOR['email'], getMessage('SPONSOR_ACCOUNT_PENDING_SUBJ'), $message);
+ $message = loadEmailTemplate('sponsor_pending', $data);
+ sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message);
// Send email to admin
- sendAdminNotification(getMessage('ADMIN_NEW_SPONSOR'), 'admin_sponsor_pending', $SPONSOR);
+ sendAdminNotification('{--ADMIN_NEW_SPONSOR--}', 'admin_sponsor_pending', $data);
// Sponsor account set to pending
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_PENDING'));
+ displayMessage('{--SPONSOR_ACCOUNT_IS_PENDING--}');
} else {
// Could not unlock account!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_PENDING_FAILED'));
+ displayMessage('{--SPONSOR_ACCOUNT_PENDING_FAILED--}');
}
- } elseif ($SPONSOR['status'] == 'EMAIL') {
+ } elseif ($data['status'] == 'EMAIL') {
// Changed email adress need to be confirmed
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='CONFIRMED'
-WHERE `id`='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1",
- array(bigintval($SPONSOR['id']), REQUEST_GET('hash')), __FILE__, __LINE__);
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `status`='CONFIRMED',
+ `hash`=NULL
+WHERE
+ `id`=%s AND
+ `hash`='%s' AND
+ `status`='EMAIL'
+LIMIT 1",
+ array(bigintval($data['id']), getRequestElement('hash')), __FILE__, __LINE__);
// Check on success
- if (SQL_AFFECTEDROWS() == 1) {
+ if (!ifSqlHasZeroAffectedRows()) {
// Sponsor account is unlocked again
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN'));
+ displayMessage('{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}');
} else {
// Could not unlock account!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_EMAIL_FAILED'));
+ displayMessage('{--SPONSOR_ACCOUNT_EMAIL_FAILED--}');
}
} else {
- /// ??? Other status?
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_STATUS_FAILED'));
+ // ??? Other status?
+ displayMessage('{--SPONSOR_ACCOUNT_STATUS_FAILED--}');
}
} else {
// No sponsor found
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_NOT_FOUND'));
+ displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestElement('hash') . '%}');
}
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} elseif ($mode == 'activate') {
// Send activation link again
- if (isFormSent()) {
+ if (isFormSent('login')) {
// Check submitted data
- if (!REQUEST_ISSET_POST('email')) REQUEST_UNSET_POST('ok');
+ if (!isPostRequestElementSet('email')) unsetPostRequestElement('login');
}
- if (isFormSent()) {
+ if (isFormSent('login')) {
// Check email
- $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
- array(REQUEST_POST('email')), __FILE__, __LINE__);
+ $result = sqlQueryEscaped("SELECT
+ `id`,
+ `hash`,
+ `status`,
+ `remote_addr`,
+ `gender`,
+ `surname`,
+ `family`,
+ UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ '%s' REGEXP `email` AND
+ (`status`='UNCONFIRMED' OR `status`='EMAIL')
+LIMIT 1",
+ array(postRequestElement('email')), __FILE__, __LINE__);
// Entry found?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
- $SPONSOR = SQL_FETCHARRAY($result);
+ $data = sqlFetchArray($result);
// Translate some data
- $SPONSOR['gender'] = translateGender($SPONSOR['gender']);
- $SPONSOR['sponsor_created'] = generateDateTime($SPONSOR['sponsor_created']);
+ $data['sponsor_created'] = generateDateTime($data['sponsor_created']);
// Prepare email and send it to the sponsor
- if ($SPONSOR['status'] == 'UNCONFIRMED') {
+ if ($data['status'] == 'UNCONFIRMED') {
// Unconfirmed accounts
- $message_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_activate', $SPONSOR);
+ $message_sponsor = loadEmailTemplate('sponsor_activate', $data);
} else {
// Confirmed email address
- $message_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_email', $SPONSOR);
+ $message_sponsor = loadEmailTemplate('sponsor_email', $data);
}
- sendEmail(REQUEST_POST('email'), getMessage('SPONSOR_ACTIVATION_LINK_SUBJ'), $message_sponsor);
+ sendEmail(postRequestElement('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor);
// Output message
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_SENT'));
+ displayMessage('{--SPONSOR_ACTIVATION_LINK_SENT--}');
} else {
// No account found or not UNCONFIRMED
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_404'));
+ displayMessage('{--SPONSOR_ACTIVATION_LINK_404--}');
}
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} else {
// Load form
- LOAD_TEMPLATE('guest_sponsor_activate');
+ loadTemplate('guest_sponsor_activate');
}
} elseif ($mode == 'lost_pass') {
// Send new password
- if (isFormSent()) {
+ if (isFormSent('login')) {
// Check submitted data
- if (!REQUEST_ISSET_POST('email')) REQUEST_UNSET_POST('ok');
+ if (!isPostRequestElementSet('email')) unsetPostRequestElement('login');
} // END - if
- if (isFormSent()) {
+ if (isFormSent('login')) {
// Check email
- $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
-FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
- array(REQUEST_POST('email'), bigintval(REQUEST_POST('id'))), __FILE__, __LINE__);
+ $result = sqlQueryEscaped("SELECT
+ `id`,
+ `hash`,
+ `remote_addr`,
+ `gender`,
+ `surname`,
+ `family`,
+ UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ '%s' REGEXP `email` AND
+ `id`=%s AND
+ `status`='CONFIRMED'
+LIMIT 1",
+ array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__);
// Entry found?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
- $DATA = SQL_FETCHARRAY($result);
+ $content = sqlFetchArray($result);
- // Translate some data
- $DATA['gender'] = translateGender($DATA['gender']);
- $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']);
-
- // Generate password
- $DATA['password'] = generatePassword();
+ // Generate password/translate some data
+ $content['password'] = generatePassword();
+ $content['sponsor_created'] = generateDateTime($content['sponsor_created']);
// Prepare email and send it to the sponsor
- $message_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_lost', $DATA);
- sendEmail(REQUEST_POST('email'), getMessage('SPONSOR_LOST_PASSWORD_SUBJ'), $message_sponsor);
+ $message_sponsor = loadEmailTemplate('sponsor_lost', $content);
+ sendEmail(postRequestElement('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor);
// Update password
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `password`='%s'
-WHERE `id`='%s' LIMIT 1",
- array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `password`='%s'
+WHERE
+ `id`=%s
+LIMIT 1",
+ array(md5($content['password']), bigintval($content['id'])), __FILE__, __LINE__);
// Output message
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_SENT'));
+ displayMessage('{--SPONSOR_LOST_PASSWORD_SENT--}');
} else {
// No account found or not UNCONFIRMED
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_404'));
+ displayMessage('{--SPONSOR_LOST_PASSWORD_404--}');
}
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} else {
// Load form
- LOAD_TEMPLATE('guest_sponsor_lost');
+ loadTemplate('guest_sponsor_lost');
}
-} elseif (isFormSent()) {
+} elseif (isFormSent('login')) {
// Check status and login data ...
- $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE `id`='%s' AND password='%s' LIMIT 1",
- array(bigintval(REQUEST_POST('sponsorid')), md5(REQUEST_POST('pass'))), __FILE__, __LINE__);
-
- if (SQL_NUMROWS($result) == 1) {
+ $result = sqlQueryEscaped("SELECT
+ `status`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `id`=%s AND
+ `password`='%s'
+LIMIT 1",
+ array(
+ bigintval(postRequestElement('sponsor_id')),
+ md5(postRequestElement('password'))
+ ), __FILE__, __LINE__);
+
+ if (sqlNumRows($result) == 1) {
// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
- list($status) = SQL_FETCHROW($result);
+ list($status) = sqlFetchRow($result);
if ($status == 'CONFIRMED') {
// Is confirmed so both is fine and we can continue with login procedure
- $login = ((setSession('sponsorid' , bigintval(REQUEST_POST('sponsorid')))) &&
- (setSession('sponsorpass', md5(REQUEST_POST('pass')) ))
+ $login = ((setSession('sponsor_id' , bigintval(postRequestElement('sponsor_id')))) &&
+ (setSession('sponsor_pass', md5(postRequestElement('password')) ))
);
- if ($login === true) {
+ if ($login === TRUE) {
// Cookie setup successfull so we can forward to sponsor area
redirectToUrl('modules.php?module=sponsor');
} else {
// Cookie setup failed!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSPOR_COOKIE_SETUP_FAILED'));
+ displayMessage('{--SPONSOR_COOKIE_SETUP_FAILED--}');
// Login formular and other links
- LOAD_TEMPLATE('guest_sponsor_login');
+ loadTemplate('guest_sponsor_login');
}
} else {
// Status is not fine
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_' . strtoupper($status) . ''));
+ displayMessage('{--SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '--}');
// Login formular and other links
- LOAD_TEMPLATE('guest_sponsor_login');
+ loadTemplate('guest_sponsor_login');
}
} else {
// Account missing or wrong pass! We shall not find this out for the "cracker folks"...
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_404_WRONG_PASS'));
+ displayMessage('{--SPONSOR_LOGIN_FAILED_404_WRONG_PASS--}');
// Login formular and other links
- LOAD_TEMPLATE('guest_sponsor_login');
+ loadTemplate('guest_sponsor_login');
}
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} else {
// Login formular and other links
- LOAD_TEMPLATE('guest_sponsor_login');
+ loadTemplate('guest_sponsor_login');
}
-//
+// [EOF]
?>