************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Is the script installed?
if (isBooleanConstantAndTrue('mxchange_installed')) {
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) {
+ // Check if cache is valid
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (in_array($mod, $cacheArray['modules']['module']))) {
// Load from cache
$name = $cacheArray['modules']['title'][$mod];
list($name) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
}
- }
+ } // END - if
// Trim name
$name = trim($name);
if (SQL_NUMROWS($result) == 0) {
// Add module to database
$dummy = CHECK_MODULE($mod);
- }
- }
+ } // END - if
+ } // END - if
+
+ // Return name
return $name;
}
// to find a loop here... *sigh*
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
(module, locked, hidden, mem_only, admin_only, has_menu) VALUES
-('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+('%s','Y','N','N','N','N')", array($mod_chk), __FILE__, __LINE__);
} else {
// Wrong/missing sql_patches!
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
(module, locked, hidden, mem_only, admin_only) VALUES
-('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+('%s','Y','N','N','N')", array($mod_chk), __FILE__, __LINE__);
}
// Everthing is fine?
// Can we close the you-are-here navigation?
//* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*<br />\n";
//* DEBUG: */ die("<pre>".print_r($_CONFIG, true)."</pre>");
- if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview") || (($GLOBALS['what'] == $_CONFIG['index_home']) && ($ACC_LVL == "guest"))))) {
+ if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview")))) {
//* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
$OUT .= "</DIV><br />\n";
$DEPTH="0";
// Load menu header template
LOAD_TEMPLATE($MODE."_menu_title", false, $content);
- $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
+ $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ".$AND." ORDER BY sort",
array($MODE, $main_action), __FILE__, __LINE__);
$ctl = SQL_NUMROWS($result_sub);
if ($ctl > 0) {
//* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
// Search in array for entry
- if ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
+ if (isset($cacheArray['admin_hash'])) {
+ // Use cached string
+ $valPass = $cacheArray['admin_hash'];
+ } elseif ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
// Count cache hits
$_CONFIG['cache_hits']++;
// Login data is valid or not?
$valPass = generatePassString($cacheArray['admins']['password'][$admin]);
+
+ // Cache it away
+ $cacheArray['admin_hash'] = $valPass;
} elseif (!empty($admin)) {
// Search for admin
$result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
// Admin login was found so let's load password from DB
list($passDB) = SQL_FETCHROW($result);
+ // Temporary cache it
+ $cacheArray['admins']['password'][$admin] = $passDB;
+
// Generate password hash
$valPass = generatePassString($passDB);
- }
+ } // END - if
// Free memory
SQL_FREERESULT($result);
//
function IS_MEMBER()
{
- global $status, $LAST;
+ global $status, $LAST, $cacheArray;
if (!is_array($LAST)) $LAST = array();
$ret = false;
+ // is the cache entry there?
+ if (isset($cacheArray['is_member'])) {
+ // Then return it
+ return $cacheArray['is_member'];
+ } // END - if
+
// Fix "deleted" cookies first
- FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
+ FIX_DELETED_COOKIES(array('userid','u_hash','lifetime'));
// Are cookies set?
if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH')))
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Cookie data is invalid!
//* DEBUG: */ echo __LINE__."///<br />";
destroy_user_session();
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
}
+
+ // Cache status
+ $cacheArray['is_member'] = $ret;
+
+ // Return status
return $ret;
}
//
-function UPDATE_LOGIN_DATA ($UPDATE=true) {
+function UPDATE_LOGIN_DATA () {
global $LAST, $_CONFIG;
if (!is_array($LAST)) $LAST = array();
- // Are the required cookies set?
- if ((!isset($GLOBALS['userid'])) || (!isSessionVariableSet('u_hash')) || (!isSessionVariableSet('lifetime'))) {
- // Nope, then return here to caller function
- return false;
- } else {
- // Secure user ID
- $GLOBALS['userid'] = bigintval(get_session('userid'));
- }
+ // Recheck if logged in
+ if (!IS_MEMBER()) return false;
+
+ // Secure user ID
+ $GLOBALS['userid'] = bigintval(get_session('userid'));
// Extract last online time (life) and how long is auto-login valid (time)
$newl = time() + bigintval(get_session('lifetime'));
- // Recheck if logged in
- if (!IS_MEMBER()) return false;
-
// Load last module and last online time
$result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
function GET_ACTION ($MODE, &$wht)
{
global $ret, $_CONFIG;
- // DEPRECATED: Init status
+ // @DEPRECATED Init status
$ret = "";
//* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br />";
} elseif (!empty($GLOBALS['action'])) {
// Get it directly from URL
return $GLOBALS['action'];
- } else {
- // Everything else will be touched after checking the module has a menu assigned
}
//* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";
- if (MODULE_HAS_MENU($MODE))
- {
+ if (MODULE_HAS_MENU($MODE)) {
// Rewriting modules to menu
- switch ($MODE)
- {
+ switch ($MODE) {
case "index": $MODE = "guest"; break;
case "login": $MODE = "member"; break;
- break;
- }
+ } // END - switch
// Guest and member menu is "main" as the default
if (empty($ret)) $ret = "main";
if (SQL_NUMROWS($result) == 1) {
// Load action value and pray that this one is the right you want... ;-)
list($ret) = SQL_FETCHROW($result);
- }
+ } // END - if
// Free memory
SQL_FREERESULT($result);
- }
+ } // END - if
// Return action value
return $ret;
$ret = _CATEGORY_404;
// Is the category id set?
- if (!empty($cid)) {
-
- // Lookup the category
+ if ($cid == "0") {
+ // No category
+ $ret = _CATEGORY_NONE;
+ } elseif ($cid > 0) {
+ // Lookup the category in database
$result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
array(bigintval($cid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
if (SQL_NUMROWS($result) == 0)
{
// No, so we add one!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s','%s','%s')",
array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
$ret = "done";
}
return $ret;
}
//
-function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false)
-{
+function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false) {
$ret = 0;
if ($onlyRows) {
// Count rows
// Load row
list($ret) = SQL_FETCHROW($result);
- //* DEBUG: */ echo __LINE__."*".$DATA."/".$search."/".$tableName."/".$ret."*<br />\n";
+
+ // Free result
SQL_FREERESULT($result);
- if (empty($ret)) {
- if (($lookFor == "counter") || ($lookFor == "id")) {
- $ret = 0;
- } else {
- $ret = "0.00000";
- }
- }
+
+ // Fix empty values
+ if ((empty($ret)) && ($lookFor != "counter") && ($lookFor != "id") && ($lookFor != "userid")) {
+ $ret = "0.00000";
+ } // END - if
+
+ // Return value
return $ret;
}
/**
* rid = inc/modules/guest/what-confirm.php need this
* locked = Shall I pay it to normal (false) or locked (true) points ammount?
* add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
- * will cause no referral will get points ever!!!)
+ * for default value will cause no referral will get points ever!!!)
*/
-function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
-{
+function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref") {
global $DEPTH, $_CONFIG, $DATA;
+ // Convert mode to lower-case
+ $add_mode = strtolower($add_mode);
+
// Debug message
//DEBUG_LOG(__FUNCTION__.": uid={$uid},points={$points}");
$percents = "percents"; if (isset($_CONFIG['db_percents'])) $percents = $_CONFIG['db_percents'];
$table = "refdepths"; if (isset($_CONFIG['db_table'])) $table = $_CONFIG['db_table'];
+ // Default is "normal" points
+ $data = "points";
+
// Which points, locked or normal?
- $data = "points"; if ($locked) $data = "locked_points";
+ if ($locked) $data = "locked_points";
// Check user account
$result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
// Direct payment shall be notified about
define('__POINTS_VALUE', $ref_points);
+ // Prepare content
+ $content = array(
+ 'text' => REASON_DIRECT_PAYMENT,
+ 'points' => TRANSLATE_COMMA($ref_points)
+ );
+
// Load message
- $msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid);
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, $uid);
// And sent it away
SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
if (SQL_AFFECTEDROWS() == 0)
{
// First count!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s','%s','1')",
array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
}
);
} else {
// No entry does exists so we simply add it!
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s','%s','%s', %s, %s, '%s','%s', UNIX_TIMESTAMP(), '%s','%s')",
array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__
);
}
}
// Get ID number from administrator's login name
function GET_ADMIN_ID($login) {
- global $cacheArray;
+ global $cacheArray, $_CONFIG;
$ret = "-1";
if (!empty($cacheArray['admins']['aid'][$login])) {
// Check cache
$ret = $cacheArray['admins']['aid'][$login];
- if (empty($ret)) $ret = "-1";
- } else {
+
+ // Update cache hits
+ $_CONFIG['cache_hits']++;
+ } elseif (!EXT_IS_ACTIVE("cache")) {
// Load from database
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
array($login), __FILE__, __LINE__);
// Get password hash from administrator's login name
function GET_ADMIN_HASH($login)
{
- global $cacheArray;
+ global $cacheArray, $_CONFIG;
$ret = "-1";
- if (!empty($cacheArray['admins']['password'][$login]))
- {
+ if (!empty($cacheArray['admins']['password'][$login])) {
// Check cache
$ret = $cacheArray['admins']['password'][$login];
- if (empty($ret)) $ret = "-1";
- }
- else
- {
+
+ // Update cache hits
+ $_CONFIG['cache_hits']++;
+ } elseif (!EXT_IS_ACTIVE("cache")) {
// Load from database
$result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
array($login), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
+ // Fetch data
list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+
+ // Set cache
+ $cacheArray['admins']['password'][$login] = $ret;
}
+
+ // Free result
+ SQL_FREERESULT($result);
}
return $ret;
}
//
function GET_ADMIN_LOGIN ($aid) {
- global $cacheArray;
+ global $cacheArray, $_CONFIG;
$ret = "***";
- if (!empty($cacheArray['admins']['login'])) {
- // Check cache
- if (!empty($cacheArray['admins']['login'][$aid])) {
- $ret = $cacheArray['admins']['login'][$aid];
- } // END - if
- if (empty($ret)) $ret = "***";
- } else {
+ if (!empty($cacheArray['admins']['login'][$aid])) {
+ // Get cache
+ $ret = $cacheArray['admins']['login'][$aid];
+
+ // Update cache hits
+ $_CONFIG['cache_hits']++;
+ } elseif (!EXT_IS_ACTIVE("cache")) {
// Load from database
$result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
- array(bigintval($aid)), __FILE__, __LINE__);
+ array(bigintval($aid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Fetch data
list($ret) = SQL_FETCHROW($result);
// Set cache
$cacheArray['admins']['login'][$aid] = $ret;
- }
+ } // END - if
// Free memory
SQL_FREERESULT($result);
}
return $ret;
}
+// Get email address of admin id
+function GET_ADMIN_EMAIL ($aid) {
+ global $cacheArray, $_CONFIG;
+
+ $ret = "***";
+ if (!empty($cacheArray['admins']['email'])) {
+ // Get cache
+ $ret = $cacheArray['admins']['email'][$aid];
+
+ // Update cache hits
+ $_CONFIG['cache_hits']++;
+ } elseif (!EXT_IS_ACTIVE("cache")) {
+ // Load from database
+ $result_aid = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+ array(bigintval($ret)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Get data
+ list($ret) = SQL_FETCHROW($result_aid);
+
+ // Set cache
+ $cacheArray['admins']['email'][$aid] = $ret;
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result_aid);
+ }
+
+ // Return email
+ return $ret;
+}
+// Get default ACL of admin id
+function GET_ADMIN_DEFAULT_ACL ($aid) {
+ global $cacheArray, $_CONFIG;
+
+ $ret = "***";
+ if (!empty($cacheArray['admins']['def_acl'])) {
+ // Use cache
+ $ret = $cacheArray['admins']['def_acl'][$aid];
+
+ // Update cache hits
+ $_CONFIG['cache_hits']++;
+ } else {
+ // Load from database
+ $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+ array(bigintval($ret)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Fetch data
+ list($ret) = SQL_FETCHROW($result_aid);
+
+ // Set cache
+ $cacheArray['admins']['def_acl'][$aid] = $ret;
+ }
+
+ // Free result
+ SQL_FREERESULT($result_aid);
+ }
+
+ // Return email
+ return $ret;
+}
//
function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") {
$ret = "";
$ret .= "<OPTION value=\"".$value."\"";
if ($default == $value) $ret .= " selected checked";
$ret .= ">".$name[$idx]."</OPTION>\n";
- }
- }
+ } // END - foreach
+ } // END - if
} else {
// Data from database
$SPEC = ", ".$id;
if ($default == $value) $ret .= " selected checked";
if (!empty($add)) $add = " (".$add.")";
$ret .= ">".$title.$add."</OPTION>\n";
- }
+ } // END - while
// Free memory
SQL_FREERESULT($result);
// Return - hopefully - the requested data
return $ret;
}
-// Aiut
+// Activate exchange (DEPERECATED???)
function activateExchange() {
global $_CONFIG;
$result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
}
// Now a mail to the user and that's all...
- $msg = LOAD_EMAIL_TEMPLATE("del-user", $reason, $uid);
+ $msg = LOAD_EMAIL_TEMPLATE("del-user", array('text' => $reason), $uid);
SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
// Ok, delete the account!
if (SQL_NUMROWS($result) == 0)
{
// Create line
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok','%s')", array($points), __FILE__, __LINE__);
}
else
{
array($subject), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Task not created so it's a brand-new extension which we need to register and create a task for!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s', '0', 'NEW', 'EXTENSION_UPDATE', '%s', '%s', UNIX_TIMESTAMP())",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s','0','NEW','EXTENSION_UPDATE','%s','%s', UNIX_TIMESTAMP())",
array($admin_id, $subject, $notes), __FILE__, __LINE__);
} // END - if
// Task not created so it's a brand-new extension which we need to register and create a task for!
$result_insert = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created)
-VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())",
+VALUES (%s,0,'NEW','EXTENSION','%s','%s',UNIX_TIMESTAMP())",
array(
$admin_id,
$subject,