X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-sponsor_login.php;h=2a7df6cfac4a763e4134ef6ca7cebc236575c23d;hb=d3c4fdd9bfab35389e1a5ff48f3952d527c7b4bb;hp=037f146eee79373b47254ef9452b78c0006388d5;hpb=2f0357c7ac9da6c17d361b8e7cb0b1ad09eb85f6;p=mailer.git diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php index 037f146eee..2a7df6cfac 100644 --- a/inc/modules/guest/what-sponsor_login.php +++ b/inc/modules/guest/what-sponsor_login.php @@ -17,12 +17,13 @@ * Needs to be in all Files and every File needs "svn propset * * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * - * Copyright (c) 2003 - 2008 by Roland Haeder * + * Copyright (c) 2003 - 2009 by Roland Haeder * * For more information visit: http://www.mxchange.org * * * - * This program is free software. You can redistribute it and/or modify * + * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License. * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * * * * This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * @@ -37,105 +38,108 @@ // Some security stuff... if (!defined('__SECURITY')) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; - require($INC); -} elseif ((!EXT_IS_ACTIVE('sponsor'))) { - addFatalMessage(__FILE__, __LINE__, sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), 'sponsor')); - return; -} + die(); +} // END - if // Add description as navigation point -ADD_DESCR('guest', __FILE__); +addMenuDescription('guest', __FILE__); + +if ((!isExtensionActive('sponsor'))) { + loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('sponsor')); + return; +} // END - if $mode = ''; -if (REQUEST_ISSET_GET(('mode'))) { +if (isGetRequestElementSet('mode')) { // A "special" mode of the login system was requested - switch (REQUEST_GET('mode')) - { + switch (getRequestElement('mode')) { case 'activate' : $mode = 'activate'; break; // Activation link requested case 'lost_pass': $mode = 'lost_pass'; break; // Request new password - } + } // END - switch } // END - if // Check if hash for confirmation of email address is given... -if (REQUEST_ISSET_GET(('hash'))) { +if (isGetRequestElementSet('hash')) { // Lookup sponsor - $result = SQL_QUERY_ESC("SELECT id, status, gender, surname, family, -company, position, tax_ident, -street_nr1, street_nr2, country, zip, city, email, phone, fax, cell, -points_amount AS points, last_pay AS pay, last_curr AS curr -FROM `{!_MYSQL_PREFIX!}_sponsor_data` -WHERE hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') -LIMIT 1", array(REQUEST_GET('hash')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT + `id`, `status`, `gender`, `surname`, `family`, + `company`, `position`, `tax_ident`, + `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`, + `points_amount` AS points, `last_pay` AS pay, `last_curr` AS curr +FROM + `{?_MYSQL_PREFIX?}_sponsor_data` +WHERE + `hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') +LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Sponsor found, load his data... $SPONSOR = SQL_FETCHARRAY($result); // Translate gender and comma - $SPONSOR['gender'] = TRANSLATE_GENDER($SPONSOR['gender']); - $SPONSOR['points'] = TRANSLATE_COMMA($SPONSOR['points']); - $SPONSOR['pay'] = TRANSLATE_COMMA($SPONSOR['pay']); + $SPONSOR['gender'] = translateGender($SPONSOR['gender']); + $SPONSOR['points'] = translateComma($SPONSOR['points']); + $SPONSOR['pay'] = translateComma($SPONSOR['pay']); // Unconfirmed account or changed email address? if ($SPONSOR['status'] == 'UNCONFIRMED') { // Set account to pending - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='PENDING' -WHERE id='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1", - array(bigintval($SPONSOR['id']), REQUEST_GET('hash')), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='PENDING' +WHERE `id`='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1", + array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__); // Check on success if (SQL_AFFECTEDROWS() == 1) { // Prepare mail and send it to the sponsor - $message = LOAD_EMAIL_TEMPLATE('sponsor_pending', $SPONSOR); - SEND_EMAIL($SPONSOR['email'], getMessage('SPONSOR_ACCOUNT_PENDING_SUBJ'), $message); + $message = loadEmailTemplate('sponsor_pending', $SPONSOR); + sendEmail($SPONSOR['email'], getMessage('SPONSOR_ACCOUNT_PENDING_SUBJ'), $message); // Send email to admin - SEND_ADMIN_NOTIFICATION(getMessage('ADMIN_NEW_SPONSOR'), 'admin_sponsor_pending', $SPONSOR); + sendAdminNotification(getMessage('ADMIN_NEW_SPONSOR'), 'admin_sponsor_pending', $SPONSOR); // Sponsor account set to pending - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_PENDING')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_PENDING')); } else { // Could not unlock account! - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_PENDING_FAILED')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_PENDING_FAILED')); } } elseif ($SPONSOR['status'] == 'EMAIL') { // Changed email adress need to be confirmed - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='CONFIRMED' -WHERE id='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1", - array(bigintval($SPONSOR['id']), REQUEST_GET('hash')), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='CONFIRMED' +WHERE `id`='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1", + array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__); - // Check on success + // Check on success if (SQL_AFFECTEDROWS() == 1) { // Sponsor account is unlocked again - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN')); } else { // Could not unlock account! - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_EMAIL_FAILED')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_EMAIL_FAILED')); } } else { /// ??? Other status? - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_STATUS_FAILED')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_STATUS_FAILED')); } } else { // No sponsor found - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_NOT_FOUND')); + loadTemplate('admin_settings_saved', false, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getRequestElement('hash'))); } // Free memory SQL_FREERESULT($result); } elseif ($mode == 'activate') { // Send activation link again - if (IS_FORM_SENT()) { + if (isFormSent()) { // Check submitted data - if (!REQUEST_ISSET_POST(('email'))) REQUEST_UNSET_POST('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('ok'); } - if (IS_FORM_SENT()) { + if (isFormSent()) { // Check email $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created -FROM `{!_MYSQL_PREFIX!}_sponsor_data` +FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1", - array(REQUEST_POST('email')), __FILE__, __LINE__); + array(postRequestElement('email')), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { @@ -143,127 +147,126 @@ WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1", $SPONSOR = SQL_FETCHARRAY($result); // Translate some data - $SPONSOR['gender'] = TRANSLATE_GENDER($SPONSOR['gender']); - $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']); + $SPONSOR['gender'] = translateGender($SPONSOR['gender']); + $SPONSOR['sponsor_created'] = generateDateTime($SPONSOR['sponsor_created']); // Prepare email and send it to the sponsor if ($SPONSOR['status'] == 'UNCONFIRMED') { // Unconfirmed accounts - $msg_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_activate', $SPONSOR); + $message_sponsor = loadEmailTemplate('sponsor_activate', $SPONSOR); } else { // Confirmed email address - $msg_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_email', $SPONSOR); + $message_sponsor = loadEmailTemplate('sponsor_email', $SPONSOR); } - SEND_EMAIL(REQUEST_POST('email'), SPONSOR_ACTIVATION_LINK_SUBJ, $msg_sponsor); + sendEmail(postRequestElement('email'), getMessage('SPONSOR_ACTIVATION_LINK_SUBJ'), $message_sponsor); // Output message - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_SENT')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_SENT')); } else { // No account found or not UNCONFIRMED - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_404')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_404')); } // Free memory SQL_FREERESULT($result); } else { // Load form - LOAD_TEMPLATE('guest_sponsor_activate'); + loadTemplate('guest_sponsor_activate'); } } elseif ($mode == 'lost_pass') { // Send new password - if (IS_FORM_SENT()) { + if (isFormSent()) { // Check submitted data - if (!REQUEST_ISSET_POST(('email'))) REQUEST_UNSET_POST('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('ok'); } // END - if - if (IS_FORM_SENT()) { + if (isFormSent()) { // Check email - $result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created -FROM `{!_MYSQL_PREFIX!}_sponsor_data` -WHERE email='%s' AND id='%s' AND `status`='CONFIRMED' LIMIT 1", - array(REQUEST_POST('email'), bigintval(REQUEST_POST('id'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created` +FROM `{?_MYSQL_PREFIX?}_sponsor_data` +WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1", + array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data - $SPONSOR = SQL_FETCHARRAY($result); + $DATA = SQL_FETCHARRAY($result); // Translate some data - $SPONSOR['gender'] = TRANSLATE_GENDER($SPONSOR['gender']); - $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']); + $DATA['gender'] = translateGender($DATA['gender']); + $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']); // Generate password - $SPONSOR['password'] = GEN_PASS(); + $DATA['password'] = generatePassword(); // Prepare email and send it to the sponsor - $msg_sponsor = LOAD_EMAIL_TEMPLATE('sponsor_lost', $SPONSOR); - SEND_EMAIL(REQUEST_POST('email'), SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor); + $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA); + sendEmail(postRequestElement('email'), getMessage('SPONSOR_LOST_PASSWORD_SUBJ'), $message_sponsor); // Update password - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET password='%s' -WHERE id='%s' LIMIT 1", - array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `password`='%s' +WHERE `id`='%s' LIMIT 1", + array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__); // Output message - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_SENT')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_SENT')); } else { // No account found or not UNCONFIRMED - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_404')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_404')); } // Free memory SQL_FREERESULT($result); } else { // Load form - LOAD_TEMPLATE('guest_sponsor_lost'); + loadTemplate('guest_sponsor_lost'); } -} elseif (IS_FORM_SENT()) { +} elseif (isFormSent()) { // Check status and login data ... - $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_sponsor_data` -WHERE id='%s' AND password='%s' LIMIT 1", - array(bigintval(REQUEST_POST('sponsorid')), md5(REQUEST_POST('pass'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT status FROM `{?_MYSQL_PREFIX?}_sponsor_data` +WHERE `id`='%s' AND password='%s' LIMIT 1", + array(bigintval(postRequestElement('sponsorid')), md5(postRequestElement('pass'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account? list($status) = SQL_FETCHROW($result); if ($status == 'CONFIRMED') { // Is confirmed so both is fine and we can continue with login procedure - $login = ((set_session('sponsorid' , bigintval(REQUEST_POST('sponsorid')))) && - (set_session('sponsorpass', md5(REQUEST_POST('pass')) )) + $login = ((setSession('sponsorid' , bigintval(postRequestElement('sponsorid')))) && + (setSession('sponsorpass', md5(postRequestElement('pass')) )) ); if ($login === true) { // Cookie setup successfull so we can forward to sponsor area - LOAD_URL('modules.php?module=sponsor'); + redirectToUrl('modules.php?module=sponsor'); } else { // Cookie setup failed! - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSPOR_COOKIE_SETUP_FAILED')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSPOR_COOKIE_SETUP_FAILED')); // Login formular and other links - LOAD_TEMPLATE('guest_sponsor_login'); + loadTemplate('guest_sponsor_login'); } } else { // Status is not fine - $content = constant('SPONSOR_LOGIN_FAILED_'.strtoupper($status).''); - LOAD_TEMPLATE('admin_settings_saved', false, $content); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '')); // Login formular and other links - LOAD_TEMPLATE('guest_sponsor_login'); + loadTemplate('guest_sponsor_login'); } } else { // Account missing or wrong pass! We shall not find this out for the "cracker folks"... - LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_404_WRONG_PASS')); + loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_404_WRONG_PASS')); // Login formular and other links - LOAD_TEMPLATE('guest_sponsor_login'); + loadTemplate('guest_sponsor_login'); } // Free memory SQL_FREERESULT($result); } else { // Login formular and other links - LOAD_TEMPLATE('guest_sponsor_login'); + loadTemplate('guest_sponsor_login'); } -// +// [EOF] ?>