X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmysql-manager.php;h=98c45fe686e0b13b182ae9b1981886483f1e7850;hb=08b3c51b70b6498fd92a2760979d64470ad1b586;hp=9484506fc9896cfc92060df76c2e21ef76a5f9a3;hpb=a954ccdf4aba81ec0e75a1836aa4bc14cb245aba;p=mailer.git

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 9484506fc9..98c45fe686 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -37,10 +37,13 @@ if (!defined('__SECURITY')) {
 	require($INC);
 }
 
-//
-function ADD_MODULE_TITLE($mod) {
+// Returns the title for given module
+function ADD_MODULE_TITLE ($mod) {
 	global $cacheArray;
-	$name = ""; $result = false;
+
+	// Init variables
+	$name = "";
+	$result = false;
 
 	// Is the script installed?
 	if (isBooleanConstantAndTrue('mxchange_installed')) {
@@ -65,7 +68,7 @@ function ADD_MODULE_TITLE($mod) {
 	// Still no luck or empty title?
 	if (empty($name)) {
 		// No name found
-		$name = sprintf("%s (%s)", LANG_UNKNOWN_MODULE, $mod);
+		$name = sprintf("%s (%s)", getMessage('LANG_UNKNOWN_MODULE'), $mod);
 		if (SQL_NUMROWS($result) == 0) {
 			// Add module to database
 			$dummy = CHECK_MODULE($mod);
@@ -133,7 +136,7 @@ function CHECK_MODULE ($mod) {
 	}
 
 	// Is the module found?
-	if ($found) {
+	if ($found === true) {
 		// Check returned values against current access permissions
 		//
 		//  Admin access            ----- Guest access -----           --- Guest   or   member? ---
@@ -204,6 +207,7 @@ function CHECK_MODULE ($mod) {
 // Add menu description pending on given file name (without path!)
 function ADD_DESCR ($ACC_LVL, $file, $return = false, $output = true) {
 	global $NAV_DEPTH;
+
 	// Use only filename of the file ;)
 	$file = basename($file);
 
@@ -248,7 +252,7 @@ function ADD_DESCR ($ACC_LVL, $file, $return = false, $output = true) {
 			break;
 		}
 		$dummy = substr($search, 0, -4);
-		$AND .= " AND action='".GET_ACTION($ACC_LVL, $dummy)."'";
+		$AND .= " AND `action`='".GET_ACTION($ACC_LVL, $dummy)."'";
 	} elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine")) {
 		// Sponsor / engine menu
 		$type = "what";
@@ -264,7 +268,7 @@ function ADD_DESCR ($ACC_LVL, $file, $return = false, $output = true) {
 	}
 	if ((!isset($NAV_DEPTH)) && (!$return)) {
 		$NAV_DEPTH = 0;
-		$prefix = "<div class=\"you_are_here\">{!YOU_ARE_HERE!}&nbsp;<strong><a class=\"you_are_here\" href=\"{!URL!}/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</a></strong>";
+		$prefix = "<div class=\"you_are_here\">{--YOU_ARE_HERE--}&nbsp;<strong><a class=\"you_are_here\" href=\"{!URL!}/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</a></strong>";
 	} else {
 		if (!$return) $NAV_DEPTH++;
 		$prefix = "";
@@ -322,6 +326,7 @@ function ADD_DESCR ($ACC_LVL, $file, $return = false, $output = true) {
 		return $OUT;
 	}
 }
+
 //
 function ADD_MENU ($MODE, $act, $wht) {
 	// Init some variables
@@ -330,7 +335,10 @@ function ADD_MENU ($MODE, $act, $wht) {
 	$main_action = "";
 	$sub_what = "";
 
-	if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return getMessage('CODE_MENU_NOT_VALID');
+	// is the menu action valid?
+	if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) {
+		return getMessage('CODE_MENU_NOT_VALID');
+	} // END - if
 
 	// Non-admin shall not see all menus
 	if (!IS_ADMIN()) {
@@ -358,7 +366,7 @@ function ADD_MENU ($MODE, $act, $wht) {
 			// Load menu header template
 			LOAD_TEMPLATE($MODE."_menu_title", false, $content);
 
-			$result_sub = SQL_QUERY_ESC("SELECT title, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE action='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`",
+			$result_sub = SQL_QUERY_ESC("SELECT title, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`",
 			 array($MODE, $main_action), __FILE__, __LINE__);
 			$ctl = SQL_NUMROWS($result_sub);
 			if ($ctl > 0) {
@@ -437,6 +445,7 @@ function ADD_MENU ($MODE, $act, $wht) {
 		OUTPUT_HTML("</table>");
 	}
 }
+
 // This patched function will reduce many SELECT queries for the specified or current admin login
 function IS_ADMIN ($admin="") {
 	global $cacheArray;
@@ -458,14 +467,14 @@ function IS_ADMIN ($admin="") {
 		// Use cached string
 		$valPass = $cacheArray['admin_hash'];
 	} elseif ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
-		// Count cache hits
-		incrementConfigEntry('cache_hits');
-
 		// Login data is valid or not?
 		$valPass = generatePassString($cacheArray['admins']['password'][$admin]);
 
 		// Cache it away
 		$cacheArray['admin_hash'] = $valPass;
+
+		// Count cache hits
+		incrementConfigEntry('cache_hits');
 	} elseif ((!empty($admin)) && ((!EXT_IS_ACTIVE("cache"))) || (!isset($cacheArray['admins']['password'][$admin]))) {
 		// Search for admin
 		$result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
@@ -498,24 +507,21 @@ function IS_ADMIN ($admin="") {
 	//* DEBUG: */ if (!$ret) echo __LINE__."OK!<br />";
 	return $ret;
 }
-//
-function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)
-{
+
+// Generates a list of "max receiveable emails per day"
+function ADD_MAX_RECEIVE_LIST ($MODE, $default = "", $return = false) {
 	global $_POST;
 	$OUT = "";
-	switch ($MODE)
-	{
+	switch ($MODE) {
 	case "guest":
 		// Guests (in the registration form) are not allowed to select 0 mails per day.
 		$result = SQL_QUERY("SELECT value, comment FROM `{!_MYSQL_PREFIX!}_max_receive` WHERE value > 0 ORDER BY value", __FILE__, __LINE__);
-		if (SQL_NUMROWS($result) > 0)
-		{
+		if (SQL_NUMROWS($result) > 0) {
 			$OUT = "";
-  			while (list($value, $comment) = SQL_FETCHROW($result))
-			{
+  			while (list($value, $comment) = SQL_FETCHROW($result)) {
 				$OUT .= "      <option value=\"".$value."\"";
 				if ($_POST['max_mails'] == $value) $OUT .= " selected=\"selected\"";
-				$OUT .= ">".$value." ".PER_DAY;
+				$OUT .= ">".$value." {--PER_DAY--}";
 				if (!empty($comment)) $OUT .= " (".$comment.")";
 				$OUT .= "</option>\n";
 			}
@@ -524,77 +530,60 @@ function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)
 			// Free memory
 			SQL_FREERESULT($result);
 			$OUT = LOAD_TEMPLATE("guest_receive_table", true);
-		}
-		 else
-		{
+		} else {
 			// Maybe the admin has to setup some maximum values?
+			debug_report_bug("Nothing is being done here?");
 		}
 		break;
 
 	case "member":
 		// Members are allowed to set to zero mails per day (we will change this soon!)
 		$result = SQL_QUERY("SELECT value, comment FROM `{!_MYSQL_PREFIX!}_max_receive` ORDER BY value", __FILE__, __LINE__);
-		if (SQL_NUMROWS($result) > 0)
-		{
+		if (SQL_NUMROWS($result) > 0) {
 			$OUT = "";
-  			while (list($value, $comment) = SQL_FETCHROW($result))
-			{
+  			while (list($value, $comment) = SQL_FETCHROW($result)) {
 				$OUT .= "      <option value=\"".$value."\"";
 				if ($default == $value) $OUT .= " selected=\"selected\"";
-				$OUT .= ">".$value." ".PER_DAY;
+				$OUT .= ">".$value." {--PER_DAY--}";
 				if (!empty($comment)) $OUT .= " (".$comment.")";
 				$OUT .= "</option>\n";
 			}
 			define('__MAX_RECEIVE_OPTIONS', $OUT);
 			SQL_FREERESULT($result);
 			$OUT = LOAD_TEMPLATE("member_receive_table", true);
-		}
-		 else
-		{
+		} else {
 			// Maybe the admin has to setup some maximum values?
-			$OUT = LOAD_TEMPLATE("admin_settings_saved", true, NO_MAX_VALUES);
+			$OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('NO_MAX_VALUES'));
 		}
 		break;
 	}
-	if ($return)
-	{
+
+	if ($return) {
 		// Return generated HTML code
 		return $OUT;
-	}
-	 else
-	{
+	} else {
 		// Output directly (default)
 		OUTPUT_HTML($OUT);
 	}
 }
-//
-function SEARCH_EMAIL_USERTAB($email)
-{
-	$ret = false;
-	$result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) == 1) $ret = true;
+
+// Checks wether the given email address is used.
+function SEARCH_EMAIL_USERTAB ($email) {
+	// Query the database
+	$result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email LIKE '{PER}%s{PER}' LIMIT 1",
+		array($email), __FILE__, __LINE__);
+
+	// Is the email there?
+	$ret = (SQL_NUMROWS($result) == 1);
+
+	// Free the result
 	SQL_FREERESULT($result);
+
+	// Return result
 	return $ret;
 }
-//
-function WHAT_IS_VALID($act, $wht, $type="guest")
-{
-	if (IS_ADMIN())
-	{
-		// Everything is valid to the admin :-)
-		return true;
-	}
-	 else
-	{
-		$ret = false;
-		$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE action='%s' AND what='%s' AND `locked`='N' LIMIT 1", array($type, $act, $wht), __FILE__, __LINE__);
-		// Is "what" valid?
-		if (SQL_NUMROWS($result) == 1) $ret = true;
-		SQL_FREERESULT($result);
-		return $ret;
-	}
-}
-//
+
+// Checks wether the current user is a member
 function IS_MEMBER () {
 	global $status, $LAST, $cacheArray;
 	if (!is_array($LAST)) $LAST = array();
@@ -657,30 +646,45 @@ function IS_MEMBER () {
 	// Return status
 	return $ret;
 }
-//
-function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
-{
+
+// Validate the given menu action
+function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false) {
+	global $cacheArray;
+
+	// Is the cache entry there and we shall not update?
+	if ((isset($cacheArray['action_valid'][$MODE][$act][$wht])) && ($UPDATE === false)) {
+		// Count cache hit
+		incrementConfigEntry('cache_hits');
+
+		// Then use this cache
+		return $cacheArray['action_valid'][$MODE][$act][$wht];
+	} // END - if
+
+	// By default nothing is valid
 	$ret = false;
+
+	// Look in all menus or only unlocked
 	$ADD = "";
 	if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND `locked`='N'";
+
 	//* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";
-	if (($MODE != "admin") && ($UPDATE)) {
+	if (($MODE != "admin") && ($UPDATE === true)) {
 		// Update guest or member menu
-		$SQL = SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s_menu` SET counter=counter+1 WHERE action='%s' AND what='%s'".$ADD." LIMIT 1",
+		$SQL = SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s_menu` SET counter=counter+1 WHERE `action`='%s' AND `what`='%s'".$ADD." LIMIT 1",
 			array($MODE, $act, $wht), __FILE__, __LINE__, false);
-	} elseif ($wht != "overview") {
+	} elseif (($wht != "overview") && (!empty($wht))) {
 		// Other actions
-		$SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE action='%s'".$ADD." ORDER BY action DESC LIMIT 1",
-			array($MODE, $act), __FILE__, __LINE__, false);
+		$SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND `what`='%s'".$ADD." ORDER BY action DESC LIMIT 1",
+			array($MODE, $act, $wht), __FILE__, __LINE__, false);
 	} else {
 		// Admin login overview
-		$SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE action='%s' AND (what='' OR `what` IS NULL)".$ADD." ORDER BY action DESC LIMIT 1",
+		$SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND (what='' OR `what` IS NULL)".$ADD." ORDER BY action DESC LIMIT 1",
 			array($MODE, $act), __FILE__, __LINE__, false);
 	}
 
 	// Run SQL command
 	$result = SQL_QUERY($SQL, __FILE__, __LINE__);
-	if ($UPDATE) {
+	if ($UPDATE === true) {
 		// Check updated/affected rows
 		$ret = (SQL_AFFECTEDROWS() == 1);
 	} else {
@@ -691,6 +695,9 @@ function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
 	// Free memory
 	SQL_FREERESULT($result);
 
+	// Set cache entry
+	$cacheArray['action_valid'][$MODE][$act][$wht] = $ret;
+
 	// Return result
 	return $ret;
 }
@@ -809,15 +816,15 @@ function SEND_MODE_MAILS($mod, $modes) {
 				} // END - switch
 			} else {
 				// Could not load profile data
-				$content = "<span class=\"member_failed\">{!MEMBER_CANNOT_LOAD_PROFILE!}</span>";
+				$content = "<span class=\"member_failed\">{--MEMBER_CANNOT_LOAD_PROFILE--}</span>";
 			}
 		} else {
 			// Passwords mismatch
-			$content = "<span class=\"member_failed\">{!MEMBER_PASSWORD_ERROR!}</span>";
+			$content = "<span class=\"member_failed\">{--MEMBER_PASSWORD_ERROR--}</span>";
 		}
 	} else {
 		// Could not load profile
-		$content = "<span class=\"member_failed\">{!MEMBER_CANNOT_LOAD_PROFILE!}</span>";
+		$content = "<span class=\"member_failed\">{--MEMBER_CANNOT_LOAD_PROFILE--}</span>";
 	}
 
 	// Send email to user if required
@@ -833,10 +840,10 @@ function SEND_MODE_MAILS($mod, $modes) {
 			SEND_ADMIN_NOTIFICATION($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
 		} elseif (getConfig('admin_notify') == "Y") {
 			// Cannot send mails to admin!
-			$content = CANNOT_SEND_ADMIN_MAILS;
+			$content = getMessage('CANNOT_SEND_ADMIN_MAILS');
 		} else {
 			// No mail to admin
-			$content = "<span class=\"member_done\">".MYDATA_MAIL_SENT."</span>";
+			$content = "<span class=\"member_done\">{--MYDATA_MAIL_SENT--}</span>";
 		}
 	} // END - if
 
@@ -891,7 +898,7 @@ function GET_ACTION ($MODE, &$wht) {
 		if (empty($ret)) $ret = "main";
 
 		// Load from database
-		$result = SQL_QUERY_ESC("SELECT action FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE what='%s' LIMIT 1",
+		$result = SQL_QUERY_ESC("SELECT action FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `what`='%s' LIMIT 1",
 			array($MODE, $wht), __FILE__, __LINE__);
 		if (SQL_NUMROWS($result) == 1) {
 			// Load action value and pray that this one is the right you want... ;-)
@@ -1495,7 +1502,7 @@ function activateExchange() {
 		// Activate System
 		$SQLs = array(
 			"UPDATE `{!_MYSQL_PREFIX!}_mod_reg` SET `locked`='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
-			"UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='Y', `locked`='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
+			"UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='Y', `locked`='N' WHERE `what`='order' OR `what`='unconfirmed' LIMIT 2",
 			"UPDATE `{!_MYSQL_PREFIX!}_config` SET activate_xchange='0' WHERE config=0 LIMIT 1"
 		);
 
@@ -1605,7 +1612,7 @@ function SUB_JACKPOT($points) {
 	SQL_FREERESULT($result);
 }
 //
-function IS_DEMO() {
+function IS_DEMO () {
 	return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo"));
 }
 //