X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Flibs%2Fsponsor_functions.php;h=a625a5517e9fca8dc6f41e5a69917d8ef8d4f9c7;hb=cd926dbdfbb2b3b16ecc932f17ecf4f367bc73e4;hp=81810de1d1a09172836f1310bc037f2566f85b2d;hpb=30ae22f62ae87c53a56baf0d134569ba91011111;p=mailer.git diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php index 81810de1d1..a625a5517e 100644 --- a/inc/libs/sponsor_functions.php +++ b/inc/libs/sponsor_functions.php @@ -40,16 +40,16 @@ // Some security stuff... if (!defined('__SECURITY')) { die(); -} +} // END - if // -function handlSponsorRequest (&$postData, $update=false, $messageArray=array(), $RET_STATUS=false) { +function handleSponsorRequest ($postData, $update=false, $messageArray=array(), $RET_STATUS=false) { // Init a lot variables $SAVE = true; $UPDATE = false; $skip = false; $ALREADY = false; - $ret = "unused"; + $ret = 'unused'; // Skip these entries $SKIPPED = array( @@ -150,6 +150,10 @@ function handlSponsorRequest (&$postData, $update=false, $messageArray=array(), if (($update === true) && (isAdmin()) && (getWhat() == 'add_sponsor')) { // Only allowed for admin $DATA['values'][] = 'PENDING'; + + // Add remote IP address as well + $DATA['keys'][] = 'remote_addr'; + $DATA['values'][] = detectRemoteAddr(); } else { // Guest area $DATA['values'][] = 'UNCONFIRMED'; @@ -161,6 +165,13 @@ function handlSponsorRequest (&$postData, $update=false, $messageArray=array(), $DATA['values'][] = detectRemoteAddr(); } + // Search the entry + $key = array_search('force', $DATA['keys']); + + // Remove force from both arrays + unset($DATA['keys'][$key]); + unset($DATA['values'][$key]); + // Implode all data into strings $keyArray = implode('`, `' , $DATA['keys']); $valueArray = str_repeat("%s', '", count($DATA['values']) - 1); @@ -198,35 +209,33 @@ function handlSponsorRequest (&$postData, $update=false, $messageArray=array(), // Run SQL command $result = SQL_QUERY_ESC($sql, $DATA['values'], __FUNCTION__, __LINE__); } // END - if - - // Output message - if (($update === true) && (isAdmin())) { - loadTemplate('admin_settings_saved', false, $message); - } // END - if } else { // Error found! $message = getMessageFromIndexedArray('{--SPONSOR_DATA_NOT_SAVED--}', 'failed', $messageArray); loadTemplate('admin_settings_saved', false, $message); } - // Shall we return the status? - if ($RET_STATUS === true) return $ret; + // Always return the status + return $ret; } // function sponsorTranslateUserStatus ($status) { // Construct constant name - $constantName = sprintf("ACCOUNT_%s", $status); + $constantName = sprintf("ACCOUNT_STATUS_%s", $status); // Is the constant there? - if (defined($constantName)) { + if (isMessageIdValid($constantName)) { // Then use it - $ret = constant($constantName); + $ret = getMessage($constantName); } else { // Not found! + /* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); - $ret = getMaskedMessage('UNKNOWN_STATUS', $status); + $ret = getMaskedMessage('ACCOUNT_STATUS_UNKNOWN_STATUS', $status); } + + // Return status return $ret; } @@ -243,7 +252,7 @@ function isSponsorRegisteredWithEmail ($email) { function isSponsor () { // Failed... $ret = false; - if ((isSessionVariableSet('sponsorid')) && (isSessionVariableSet('sponsorpass'))) { + if ((isSessionVariableSet('sponsor_id')) && (isSessionVariableSet('sponsorpass'))) { // Check cookies against database records... $result = SQL_QUERY_ESC("SELECT `id` @@ -253,7 +262,7 @@ WHERE `id`='%s' AND `password`='%s' AND `status`='CONFIRMED' LIMIT 1", array( - bigintval(getSession('sponsorid')), + bigintval(getSession('sponsor_id')), getSession('sponsorpass') ), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -272,7 +281,7 @@ LIMIT 1", // function addSponsorMenu ($current) { $OUT = ''; - $WHERE = " AND active='Y'"; + $WHERE = " AND `active`='Y'"; if (isAdmin()) $WHERE = ''; // Load main menu entries @@ -282,7 +291,7 @@ FROM `{?_MYSQL_PREFIX?}_sponsor_menu` WHERE (`what`='' OR `what` IS NULL) - ".$WHERE." + " . $WHERE . " ORDER BY `sort` ASC", __FUNCTION__, __LINE__); if (!SQL_HASZERONUMS($result_main)) { @@ -297,7 +306,7 @@ WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL - ".$WHERE." + " . $WHERE . " ORDER BY `sort` ASC", array($content['main_action']), __FUNCTION__, __LINE__); @@ -377,7 +386,7 @@ function updateSponsorLogin () { SET `last_online`=UNIX_TIMESTAMP() WHERE `id`='%s' AND `password`='%s' LIMIT 1", array( - bigintval(getSession('sponsorid')), + bigintval(getSession('sponsor_id')), getSession('sponsorpass') ), __FUNCTION__, __LINE__); @@ -423,7 +432,7 @@ function saveSponsorData ($postData, $content) { $sql = "UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET"; foreach ($postData as $key => $value) { // Mmmmm, too less security here??? - $sql .= " `".secureString($key)."`='%s',"; + $sql .= " `" . secureString($key) . "`='%s',"; // We will secure this later inside the SQL_QUERY_ESC() function $DATA[] = secureString($value); @@ -448,8 +457,8 @@ function saveSponsorData ($postData, $content) { $sql = substr($sql, 0, -1); // Add SQL tail data - $sql .= " WHERE `id`=%s AND password='%s' LIMIT 1"; - $DATA[] = bigintval(getSession('sponsorid')); + $sql .= " WHERE `id`=%s AND `password`='%s' LIMIT 1"; + $DATA[] = bigintval(getSession('sponsor_id')); $DATA[] = getSession('sponsorpass'); // Saving data was completed... ufff... @@ -531,5 +540,304 @@ function saveSponsorData ($postData, $content) { return $message; } +// Create email link to sponsor's account +function generateSponsorEmailLink ($email, $mod = 'admin') { + // Show contact link only if sponsor is confirmed by default + $locked = " AND `status`='CONFIRMED'"; + + // But admins shall always see it + if (isAdmin()) $locked = ''; + + $result = SQL_QUERY_ESC("SELECT + `id` +FROM + `{?_MYSQL_PREFIX?}_sponsor_data` +WHERE + `email`='%s'" . $locked." +LIMIT 1", + array($email), __FUNCTION__, __LINE__); + if (SQL_NUMROWS($result) == 1) { + // Load sponsor_id + list($sponsor_id) = SQL_FETCHROW($result); + + // Rewrite email address to contact link + $email = '{%url=modules.php?module=' . $mod . '&what=sponsor_contct&sponsor_id=' . bigintval($sponsor_id) . '%}'; + } // END - if + + // Free memory + SQL_FREERESULT($result); + + // Return rewritten (?) email address + return $email; +} + +// Processes a sponsor request and handles it +function doProcessSponsorFormRequest ($messageArray = array()) { + // Default message + $message = ''; + + // Handle the request + $status = handleSponsorRequest(postRequestArray(), true, $messageArray, true); + + // Check the status of the registration process + switch ($status) { + case 'added': // Sponsor successfully added with account status = UNCONFIRMED! + // Check for his id number + $result = SQL_QUERY_ESC("SELECT `id`, `hash` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `email`='%s' LIMIT 1", + array(postRequestParameter('email')), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { + // id found so let's load it for the confirmation email + list($id, $hash) = SQL_FETCHROW($result); + + // Prepare data for the email template + $content['id'] = $id; + $content['hash'] = $hash; + $content['email'] = secureString(postRequestParameter('email')); + $content['surname'] = secureString(postRequestParameter('surname')); + $content['family'] = secureString(postRequestParameter('family')); + $content['timestamp'] = generateDateTime(time(), 0); + $content['password'] = secureString(postRequestParameter('pass1')); + + // Generate email and send it to the new sponsor + $message = loadEmailTemplate('sponsor_confirm', $content, $id); + sendEmail(postRequestParameter('email'), '{--SPONSOR_PLEASE_CONFIRM_SUBJECT--}', $message); + + // Send mail to admin + sendAdminNotification('{--ADMIN_NEW_SPONSOR--}', 'admin_sponsor_reg', $content); + + // Output message: DONE + $message = $messageArray['added']; + } else { + // Sponsor account not found??? + $message = getMaskedMessage('SPONSOR_EMAIL_404', postRequestParameter('email')); + } + + // Free memory + SQL_FREERESULT($result); + break; + + default: + logDebugMessage(__FILE__, __LINE__, sprintf("Unknown status %s detected.", $status)); + if (!isAdmin()) { + // Message for testing admin + $message = getMaskedMessage('ADMIN_SPONSOR_UNKNOWN_STATUS', $status); + } else { + // Message for the guest + $message = getMaskedMessage('SPONSOR_UNKNOWN_STATUS', $status); + } + break; + } + + // Return message + return $message; +} + +// Expression call-back function for fetching sponsor data +function doExpressionSponsor ($data) { + // Use current sponsor_id by default + $functionName = 'getSponsorId()'; + + // Sponsor-related data, so is there a sponsor_id? + if (!empty($data['matches'][4][$data['key']])) { + // Do we have a sponsor_id or $sponsor_id? + if ($data['matches'][4][$data['key']] == '$userid') { + // Use dynamic call + $functionName = "getFetchedSponsorData('id', \$userid, '" . $data['callback'] . "')"; + } elseif (!empty($data['matches'][4][$data['key']])) { + // Sponsor data found + $functionName = "getFetchedSponsorData('id', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')"; + } + } elseif ((!empty($data['callback'])) && (isSponsorDataValid())) { + // "Call-back" alias column for current logged in sponsor's data + $functionName = "getSponsorData('" . $data['callback'] . "')"; + } + + // Do we have another function to run (e.g. translations) + if (!empty($data['extra_func'])) { + // Surround the original function call with it + $functionName = $data['extra_func'] . '(' . $functionName . ')'; + } // END - if + + // Generate replacer + $replacer = '{DQUOTE} . ' . $functionName . ' . {DQUOTE}'; + + // Now replace the code + $code = replaceExpressionCode($data, $replacer); + + // Return replaced code + return $code; +} + +// Fetch sponsor data for given sponsor id +function fetchSponsorData ($sponsor_id, $column = 'id') { + // If we should look for sponsor_id secure&set it here + if ($column == 'id') { + // Secure sponsor_id + $sponsor_id = bigintval($sponsor_id); + + // Set it here + setCurrentSponsorId($sponsor_id); + + // Don't look for invalid sponsor_ids... + if ($sponsor_id < 1) { + // Invalid, so abort here + debug_report_bug(__FUNCTION__, __LINE__, 'Sponsor id ' . $sponsor_id . ' is invalid.'); + } elseif (isSponsorDataValid()) { + // Use cache, so it is fine + return true; + } + } elseif (isSponsorDataValid()) { + // Use cache, so it is fine + return true; + } + + // By default none was found + $found = false; + + // Extra statements + $ADD = ''; + + // Query for the sponsor + $result = SQL_QUERY_ESC("SELECT *".$ADD." FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `%s`='%s' LIMIT 1", + array($column, $sponsor_id), __FUNCTION__, __LINE__); + + // Do we have a record? + if (SQL_NUMROWS($result) == 1) { + // Load data from cookies + $data = SQL_FETCHARRAY($result); + + // Set the sponsor_id for later use + setCurrentSponsorId($data['id']); + $GLOBALS['sponsor_data'][getCurrentSponsorId()] = $data; + + // Rewrite 'last_failure' if found + if (isset($GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure'])) { + // Backup the raw one and zero it + $GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure_raw'] = $GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure']; + $GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure'] = '0'; + + // Is it not zero? + if ($GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure_raw'] != '0000-00-00 00:00:00') { + // Seperate data/time + $array = explode(' ', $GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure_raw']); + + // Seperate data and time again + $array['date'] = explode('-', $array[0]); + $array['time'] = explode(':', $array[1]); + + // Now pass it to mktime() + $GLOBALS['sponsor_data'][getCurrentSponsorId()]['last_failure'] = mktime( + $array['time'][0], + $array['time'][1], + $array['time'][2], + $array['date'][1], + $array['date'][2], + $array['date'][0] + ); + } // END - if + } // END - if + + // Found, but valid? + $found = isSponsorDataValid(); + } // END - if + + // Free memory + SQL_FREERESULT($result); + + // Return result + return $found; +} + +// Wrapper for fetchSponsorData() and getSponsorData() calls +function getFetchedSponsorData ($keyColumn, $sponsor_id, $valueColumn) { + // Zero ids are not valid + if ($sponsor_id == 0) { + // Abort here + debug_report_bug(__FUNCTION__, __LINE__, 'Zero sponsor_id provided'); + } // END - if + + // Is it cached? + if (!isset($GLOBALS['sponsor_data_cache'][$sponsor_id][$keyColumn][$valueColumn])) { + // Default is empty + $data = ''; + + // Can we fetch the sponsor data? + if ((isValidSponsorId($sponsor_id)) && (fetchSponsorData($sponsor_id, $keyColumn))) { + // Now get the data back + $data = getSponsorData($valueColumn); + } // END - if + + // Cache it + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'cached:id=' . $sponsor_id . ',keyColumn=' . $keyColumn . ',valueColumn=' . $valueColumn . ',data=' . $data); + $GLOBALS['sponsor_data_cache'][$sponsor_id][$keyColumn][$valueColumn] = $data; + } // END - if + + // Return it + return $GLOBALS['sponsor_data_cache'][$sponsor_id][$keyColumn][$valueColumn]; +} + +// Checks if the sponsor data is valid, this may indicate that the sponsor has logged +// in, but you should use isMember() if you want to find that out. +function isSponsorDataValid () { + // Sponsor id should not be zero so abort here + if (!isCurrentSponsorIdSet()) return false; + + // Is it cached? + if (!isset($GLOBALS['is_sponsor_data_valid'][getCurrentSponsorId()])) { + // Determine it + $GLOBALS['is_sponsor_data_valid'][getCurrentSponsorId()] = ((isset($GLOBALS['sponsor_data'][getCurrentSponsorId()])) && (count($GLOBALS['sponsor_data'][getCurrentSponsorId()]) > 1)); + } // END - if + + // Return the result + return $GLOBALS['is_sponsor_data_valid'][getCurrentSponsorId()]; +} + +// Setter for current sponsor_id +function setCurrentSponsorId ($sponsor_id) { + // Set sponsor_id + $GLOBALS['current_sponsor_id'] = bigintval($sponsor_id); + + // Unset it to re-determine the actual state + unset($GLOBALS['is_sponsor_data_valid'][$sponsor_id]); +} + +// Getter for current sponsor_id +function getCurrentSponsorId () { + // Sponsorid must be set before it can be used + if (!isCurrentSponsorIdSet()) { + // Not set + debug_report_bug(__FUNCTION__, __LINE__, 'Sponsor id is not set.'); + } // END - if + + // Return the sponsor_id + return $GLOBALS['current_sponsor_id']; +} + +// Checks if current sponsor_id is set +function isCurrentSponsorIdSet () { + return ((isset($GLOBALS['current_sponsor_id'])) && (isValidSponsorId($GLOBALS['current_sponsor_id']))); +} + +// Is given sponsor_id valid? +function isValidSponsorId ($sponsor_id) { + // Do we have cache? + if (!isset($GLOBALS['is_valid_sponsor_id'][$sponsor_id])) { + // Check it out + $GLOBALS['is_valid_sponsor_id'][$sponsor_id] = ((!is_null($sponsor_id)) && (!empty($sponsor_id)) && ($sponsor_id > 0)); + } // END - if + + // Return cache + return $GLOBALS['is_valid_sponsor_id'][$sponsor_id]; +} + +// Getter for sponsor data +function getSponsorData ($column) { + // Sponsor id should not be zero + if (getCurrentSponsorId() < 1) debug_report_bug(__FUNCTION__, __LINE__, 'Sponsor id is zero.'); + + // Return the value + return $GLOBALS['sponsor_data'][getCurrentSponsorId()][$column]; +} + // [EOF] ?>