X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Flibs%2Fuser_functions.php;h=a861f8c0b7524ab3b3ef62c31778a97a3bc46cef;hb=30986f637cd3c03951bdbfc880b9a420f7724ce0;hp=32be05f4b6aed24ae2c5d0a3234322fae09e436e;hpb=6e008d188bf9c7f8d4edc2a8799c61940eee48e7;p=mailer.git diff --git a/inc/libs/user_functions.php b/inc/libs/user_functions.php index 32be05f4b6..a861f8c0b7 100644 --- a/inc/libs/user_functions.php +++ b/inc/libs/user_functions.php @@ -49,7 +49,7 @@ function alpha ($sortby, $colspan, $return=false) { if (REQUEST_ISSET_GET(('mode'))) $add .= "&mode=".REQUEST_GET(('mode')); /* Creates the list of letters and makes them a link. */ - $alphabet = array(getMessage('_ALL2'),"A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z",getMessage('_OTHERS')); + $alphabet = explode(',', getMessage('_ALL2') . 'A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z' . getMessage('_OTHERS')); $num = count($alphabet) - 1; $OUT = ''; while (list($counter, $ltr) = each($alphabet)) { @@ -94,7 +94,7 @@ function SortLinks ($letter, $sortby, $colspan, $return=false) { // Add status or mode if (REQUEST_ISSET_GET(('status'))) $add .= "&mode=".REQUEST_GET(('status')); - elseif (REQUEST_ISSET_GET(('mode'))) $add .= "&mode=".REQUEST_GET(('mode')); + elseif (REQUEST_ISSET_GET(('mode'))) $add .= "&mode=".REQUEST_GET(('mode')); // Makes order by links.. if ($letter == "front") $letter = getMessage('_ALL2'); @@ -103,7 +103,7 @@ function SortLinks ($letter, $sortby, $colspan, $return=false) { $list = array( 'userid' => getMessage('_UID'), 'family' => getMessage('FAMILY_NAME'), - 'email' => getMessage('ADDY'), + 'email' => getMessage('ADDY'), 'REMOTE_ADDR' => getMessage('REMOTE_IP') ); @@ -153,7 +153,7 @@ function ADD_PAGENAV ($PAGES, $offset, $show_form, $colspan,$return=false) { $OUT = ''; for ($page = 1; $page <= $PAGES; $page++) { - if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == "1"))) { + if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == '1'))) { $OUT .= "-"; } else { if (!REQUEST_ISSET_GET(('letter'))) REQUEST_SET_GET('letter', getMessage('_ALL2')); @@ -164,15 +164,15 @@ function ADD_PAGENAV ($PAGES, $offset, $show_form, $colspan,$return=false) { // Add status or mode if (REQUEST_ISSET_GET(('status'))) $OUT .= "&mode=".REQUEST_GET(('status')); - elseif (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".REQUEST_GET(('mode')); + elseif (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".REQUEST_GET(('mode')); - // Letter and so on + // Letter and so on $OUT .= "&letter=".REQUEST_GET(('letter'))."&sortby=".REQUEST_GET(('sortby'))."&page=".$page."&offset=".$offset."\">"; } $OUT .= $page; - if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == "1"))) { + if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == '1'))) { $OUT .= "-"; } else { $OUT .= ""; @@ -195,7 +195,7 @@ function ADD_PAGENAV ($PAGES, $offset, $show_form, $colspan,$return=false) { } // Create email link to user's account -function USER_CREATE_EMAIL_LINK($email, $mod='admin') { +function USER_generateMemberEmailLink($email, $mod='admin') { // Show contact link only if user is confirmed by default $locked = " AND `status`='CONFIRMED'"; @@ -205,7 +205,7 @@ function USER_CREATE_EMAIL_LINK($email, $mod='admin') { $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `email`='%s'".$locked." LIMIT 1", - array($email), __FUNCTION__, __LINE__); + array($email), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load userid list($uid) = SQL_FETCHROW($result); @@ -222,14 +222,14 @@ WHERE `email`='%s'".$locked." LIMIT 1", } // Selects a random user id as the new referal id if they have at least X confirmed mails in this run -function SELECT_RANDOM_REFID () { +function determineRandomReferalId () { // Default is zero refid $refid = 0; // Is the extension version fine? if (GET_EXT_VERSION('user') >= '0.3.4') { // Get all user ids - $totalUsers = GET_TOTAL_DATA("CONFIRMED", "user_data", 'userid', "status", true, " AND `rand_confirmed` >= ".getConfig('user_min_confirmed').""); + $totalUsers = GET_TOTAL_DATA('CONFIRMED', 'user_data', 'userid', 'status', true, " AND `rand_confirmed` >= ".getConfig('user_min_confirmed').""); // Do we have at least one? if ($totalUsers > 0) { @@ -238,7 +238,7 @@ function SELECT_RANDOM_REFID () { // Look for random user $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND `rand_confirmed` >= %s ORDER BY `rand_confirmed` DESC LIMIT %s, 1", - array(getConfig('user_min_confirmed'), $randNum), __FUNCTION__, __LINE__); + array(getConfig('user_min_confirmed'), $randNum), __FUNCTION__, __LINE__); // Do we have one entry there? if (SQL_NUMROWS($result) == 1) { @@ -247,7 +247,7 @@ function SELECT_RANDOM_REFID () { // Reset this user's counter SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `rand_confirmed`=0 WHERE userid=%s LIMIT 1", - array($refid), __FUNCTION__, __LINE__); + array($refid), __FUNCTION__, __LINE__); } // END - if // Free result @@ -265,7 +265,7 @@ function USER_DO_LOGIN ($uid, $passwd) { $dmy = ''; // Add last_login if available - $lastOnline = ''; + $lastOnline = ''; if (GET_EXT_VERSION('sql_patches') >= '0.2.8') { $lastOnline = ', last_login'; } // END - if @@ -277,128 +277,128 @@ function USER_DO_LOGIN ($uid, $passwd) { 'last_online' => 0, 'last_login' => 0, 'hash' => '' - ); + ); - // Check login data - if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_PROBE_ON_USERID($uid))) { - // Nickname entered - $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' AND `status`='CONFIRMED' LIMIT 1", + // Check login data + if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_PROBE_ON_USERID($uid))) { + // Nickname entered + $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' AND `status`='CONFIRMED' LIMIT 1", array($uid), __FUNCTION__, __LINE__); - } else { - // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", + } else { + // Direct userid entered + $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", array($uid, $content['hash']), __FUNCTION__, __LINE__); - } + } - // Load entry - $content = SQL_FETCHARRAY($result); - if (!empty($content['userid'])) $uid = bigintval($content['userid']); + // Load entry + $content = SQL_FETCHARRAY($result); + if (!empty($content['userid'])) $uid = bigintval($content['userid']); - // Is there an entry? - if ((SQL_NUMROWS($result) == 1) && ((($probe_nickname) && (!empty($content['userid']))) || ($content['userid'] == $uid))) { - // Free result - SQL_FREERESULT($result); + // Is there an entry? + if ((SQL_NUMROWS($result) == 1) && ((($probe_nickname) && (!empty($content['userid']))) || ($content['userid'] == $uid))) { + // Free result + SQL_FREERESULT($result); - // Check for old MD5 passwords - if ((strlen($content['password']) == 32) && (md5($passwd) == $content['password'])) { - // Just set the hash to the password from DB... :) - $content['hash'] = $content['password']; - } else { - // Hash password with improved way for comparsion - $content['hash'] = generateHash($passwd, substr($content['password'], 0, -40)); - } + // Check for old MD5 passwords + if ((strlen($content['password']) == 32) && (md5($passwd) == $content['password'])) { + // Just set the hash to the password from DB... :) + $content['hash'] = $content['password']; + } else { + // Hash password with improved way for comparsion + $content['hash'] = generateHash($passwd, substr($content['password'], 0, -40)); + } - // Does the password match the hash? - if ($content['hash'] == $content['password']) { - // New hashed password found so let's generate a new one - $content['hash'] = generateHash($passwd); + // Does the password match the hash? + if ($content['hash'] == $content['password']) { + // New hashed password found so let's generate a new one + $content['hash'] = generateHash($passwd); - // ... and update database - // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET password='%s' WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", + // ... and update database + // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET password='%s' WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", array($content['hash'], $uid), __FUNCTION__, __LINE__); - // No login bonus by default - $GLOBALS['bonus_payed'] = false; + // No login bonus by default + $GLOBALS['bonus_payed'] = false; - // Probe for last online timemark - $probe = time() - $content['last_online']; - if (!empty($content['last_login'])) $probe = time() - $content['last_login']; - if ((GET_EXT_VERSION('bonus') >= '0.2.2') && ($probe >= getConfig('login_timeout'))) { - // Add login bonus to user's account - $add = sprintf(", login_bonus=login_bonus+%s", + // Probe for last online timemark + $probe = time() - $content['last_online']; + if (!empty($content['last_login'])) $probe = time() - $content['last_login']; + if ((GET_EXT_VERSION('bonus') >= '0.2.2') && ($probe >= getConfig('login_timeout'))) { + // Add login bonus to user's account + $add = sprintf(", login_bonus=login_bonus+%s", (float)getConfig('login_bonus') - ); - $GLOBALS['bonus_payed'] = true; + ); + $GLOBALS['bonus_payed'] = true; - // Subtract login bonus from userid's account or jackpot - if ((GET_EXT_VERSION('bonus') >= '0.3.5') && (getConfig('bonus_mode') != "ADD")) BONUS_POINTS_HANDLER('login_bonus'); - } // END - if + // Subtract login bonus from userid's account or jackpot + if ((GET_EXT_VERSION('bonus') >= '0.3.5') && (getConfig('bonus_mode') != "ADD")) BONUS_POINTS_HANDLER('login_bonus'); + } // END - if - // Calculate new hash with the secret key and master salt together - $content['hash'] = generatePassString($content['hash']); + // Calculate new hash with the secret key and master salt together + $content['hash'] = generatePassString($content['hash']); - // Update global array - // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); - setUserId($uid); + // Update global array + // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); + setUserId($uid); - // Try to set session data (which shall normally always work!) - if ((set_session('userid', $uid )) && (set_session('u_hash', $content['hash']))) { - // Update database records - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET total_logins=total_logins+1".$add." WHERE userid=%s LIMIT 1", + // Try to set session data (which shall normally always work!) + if ((setSession('userid', $uid )) && (setSession('u_hash', $content['hash']))) { + // Update database records + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET total_logins=total_logins+1".$add." WHERE userid=%s LIMIT 1", array($uid), __FUNCTION__, __LINE__); - if (SQL_AFFECTEDROWS() == 1) { - // Procedure to checking for login data - if (($GLOBALS['bonus_payed']) && (EXT_IS_ACTIVE('bonus'))) { - // Bonus added (just displaying!) - $URL = 'modules.php?module=chk_login&mode=bonus'; + if (SQL_AFFECTEDROWS() == 1) { + // Procedure to checking for login data + if (($GLOBALS['bonus_payed']) && (EXT_IS_ACTIVE('bonus'))) { + // Bonus added (just displaying!) + $URL = 'modules.php?module=chk_login&mode=bonus'; + } else { + // Bonus not added + $URL = 'modules.php?module=chk_login&mode=login'; + } } else { - // Bonus not added - $URL = 'modules.php?module=chk_login&mode=login'; + // Cannot update counter! + $URL = 'modules.php?module=index&what=login&login='.getCode('CNTR_FAILED'); } } else { - // Cannot update counter! - $URL = 'modules.php?module=index&what=login&login='.getCode('CNTR_FAILED'); + // Cookies not setable! + $URL = 'modules.php?module=index&what=login&login='.getCode('NO_COOKIES'); } - } else { - // Cookies not setable! - $URL = 'modules.php?module=index&what=login&login='.getCode('NO_COOKIES'); - } - } elseif (GET_EXT_VERSION('sql_patches') >= '0.6.1') { - // Update failture counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET login_failures=login_failures+1,last_failure=NOW() WHERE userid=%s LIMIT 1", + } elseif (GET_EXT_VERSION('sql_patches') >= '0.6.1') { + // Update failture counter + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET login_failures=login_failures+1,last_failure=NOW() WHERE userid=%s LIMIT 1", array($uid), __FUNCTION__, __LINE__); - // Wrong password! - $URL = 'modules.php?module=index&what=login&login='.getCode('WRONG_PASS'); - } - } elseif ((($probe_nickname) && (!empty($content['userid']))) || ($content['userid'] == $uid)) { - // Other account status? - // @TODO Can this query be merged with above query? - $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + // Wrong password! + $URL = 'modules.php?module=index&what=login&login='.getCode('WRONG_PASS'); + } + } elseif ((($probe_nickname) && (!empty($content['userid']))) || ($content['userid'] == $uid)) { + // Other account status? + // @TODO Can this query be merged with above query? + $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array($uid), __FUNCTION__, __LINE__); - // Entry found? - if (SQL_NUMROWS($result) == 1) { - // Load status - list($status) = SQL_FETCHROW($result); + // Entry found? + if (SQL_NUMROWS($result) == 1) { + // Load status + list($status) = SQL_FETCHROW($result); - // Create an error code from given status - $errorCode = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status); + // Create an error code from given status + $errorCode = generateErrorCodeFromUserStatus($status); + } else { + // ID not found! + $errorCode = getCode('WRONG_ID'); + } + + // Construct URL + $URL = 'modules.php?module=index&what=login&login='.$errorCode; } else { // ID not found! - $errorCode = getCode('WRONG_ID'); + $URL = 'modules.php?module=index&what=login&login='.getCode('WRONG_ID'); } - // Construct URL - $URL = 'modules.php?module=index&what=login&login='.$errorCode; - } else { - // ID not found! - $URL = 'modules.php?module=index&what=login&login='.getCode('WRONG_ID'); - } - - // Return URL - return $URL; + // Return URL + return $URL; } // Try to send a new password for the given user account @@ -414,15 +414,15 @@ function USER_DO_NEW_PASSWORD ($email, $uid) { if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_PROBE_ON_USERID($uid))) { // Nickname entered $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' OR email='%s' LIMIT 1", - array($uid, $email), __FUNCTION__, __LINE__); + array($uid, $email), __FUNCTION__, __LINE__); } elseif (($uid > 0) && (empty($email))) { // Direct userid entered $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($uid)), __FUNCTION__, __LINE__); + array(bigintval($uid)), __FUNCTION__, __LINE__); } elseif (!empty($email)) { // Email entered $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email='%s' LIMIT 1", - array($email), __FUNCTION__, __LINE__); + array($email), __FUNCTION__, __LINE__); } else { // Userid not set! DEBUG_LOG(__FUNCTION__, __LINE__, 'Userid is not set! BUG!'); @@ -436,24 +436,24 @@ function USER_DO_NEW_PASSWORD ($email, $uid) { if ($status == 'CONFIRMED') { // Ooppps, this was missing! ;-) We should update the database... - $NEW_PASS = GEN_PASS(); + $NEW_PASS = generatePassword(); SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET password='%s' WHERE userid=%s LIMIT 1", - array(generateHash($NEW_PASS), $uid), __FUNCTION__, __LINE__); + array(generateHash($NEW_PASS), $uid), __FUNCTION__, __LINE__); // Prepare data and message for email $msg = LOAD_EMAIL_TEMPLATE('new-pass', array('new_pass' => $NEW_PASS), $uid); // ... and send it away - SEND_EMAIL($uid, getMessage('GUEST_NEW_PASSWORD'), $msg); + sendEmail($uid, getMessage('GUEST_NEW_PASSWORD'), $msg); // Output note to user LOAD_TEMPLATE('admin_settings_saved', false, getMessage('GUEST_NEW_PASSWORD_SEND')); } else { // Account is locked or unconfirmed - $errorCode = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status); + $errorCode = generateErrorCodeFromUserStatus($status); // Load URL - LOAD_URL('modules.php?module=index&what=login&login='.$errorCode); + redirectToUrl('modules.php?module=index&what=login&login='.$errorCode); } } else { // ID or email is wrong