X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-sponsor_login.php;h=2a7df6cfac4a763e4134ef6ca7cebc236575c23d;hb=e8ce566b7f77e4f96fa8a6d6ced4b8f5053c447a;hp=2c00d2ec863356f7f7548eb06b001fcb3889225c;hpb=d18075f375db1b9db40773cdf80a5d6f2c36cd3a;p=mailer.git
diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php
index 2c00d2ec86..2a7df6cfac 100644
--- a/inc/modules/guest/what-sponsor_login.php
+++ b/inc/modules/guest/what-sponsor_login.php
@@ -10,14 +10,20 @@
* -------------------------------------------------------------------- *
* Kurzbeschreibung : Loginformular und Neues Passwort fuer Sponsor *
* -------------------------------------------------------------------- *
- * *
+ * $Revision:: $ *
+ * $Date:: $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: $ *
+ * Needs to be in all Files and every File needs "svn propset *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
- * This program is free software. You can redistribute it and/or modify *
+ * This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License. *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
@@ -31,294 +37,236 @@
************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
- require($INC);
-}
+if (!defined('__SECURITY')) {
+ die();
+} // END - if
// Add description as navigation point
-ADD_DESCR("guest", basename(__FILE__));
+addMenuDescription('guest', __FILE__);
-$MODE = "";
-if (!empty($_GET['mode']))
-{
+if ((!isExtensionActive('sponsor'))) {
+ loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('sponsor'));
+ return;
+} // END - if
+
+$mode = '';
+if (isGetRequestElementSet('mode')) {
// A "special" mode of the login system was requested
- switch ($_GET['mode'])
- {
- case "activate" : $MODE = "activate"; break; // Activation link requested
- case "lost_pass": $MODE = "lost_pass"; break; // Request new password
- }
-}
+ switch (getRequestElement('mode')) {
+ case 'activate' : $mode = 'activate'; break; // Activation link requested
+ case 'lost_pass': $mode = 'lost_pass'; break; // Request new password
+ } // END - switch
+} // END - if
// Check if hash for confirmation of email address is given...
-if (!empty($_GET['hash']))
-{
+if (isGetRequestElementSet('hash')) {
// Lookup sponsor
- $result = SQL_QUERY_ESC("SELECT id, status, salut, surname, family,
-company, position, tax_ident,
-street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
-points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
-LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT
+ `id`, `status`, `gender`, `surname`, `family`,
+ `company`, `position`, `tax_ident`,
+ `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
+ `points_amount` AS points, `last_pay` AS pay, `last_curr` AS curr
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL')
+LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Sponsor found, load his data...
$SPONSOR = SQL_FETCHARRAY($result);
- // Translate salut and comma
- $SPONSOR['salut'] = TRANSLATE_SEX($SPONSOR['salut']);
- $SPONSOR['points'] = TRANSLATE_COMMA($SPONSOR['points']);
- $SPONSOR['pay'] = TRANSLATE_COMMA($SPONSOR['pay']);
+ // Translate gender and comma
+ $SPONSOR['gender'] = translateGender($SPONSOR['gender']);
+ $SPONSOR['points'] = translateComma($SPONSOR['points']);
+ $SPONSOR['pay'] = translateComma($SPONSOR['pay']);
// Unconfirmed account or changed email address?
- if ($SPONSOR['status'] == "UNCONFIRMED")
- {
+ if ($SPONSOR['status'] == 'UNCONFIRMED') {
// Set account to pending
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
-WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
- array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='PENDING'
+WHERE `id`='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1",
+ array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__);
- // Check on success
- if (SQL_AFFECTEDROWS($link) == 1)
- {
+ // Check on success
+ if (SQL_AFFECTEDROWS() == 1) {
// Prepare mail and send it to the sponsor
- $MSG = LOAD_EMAIL_TEMPLATE("sponsor_pending", $SPONSOR);
- SEND_EMAIL($SPONSOR['email'], SPONSOR_ACCOUNT_PENDING_SUBJ, $MSG);
+ $message = loadEmailTemplate('sponsor_pending', $SPONSOR);
+ sendEmail($SPONSOR['email'], getMessage('SPONSOR_ACCOUNT_PENDING_SUBJ'), $message);
// Send email to admin
- if (GET_EXT_VERSION("admins") >= "0.4.1")
- {
- // Use new system
- SEND_ADMIN_EMAILS_PRO (ADMIN_NEW_SPONSOR, "admin_sponsor_pending", $SPONSOR);
- }
- else
- {
- // Send over old system
- $msg_admin = LOAD_EMAIL_TEMPLATE("admin_sponsor_pending", $SPONSOR);
- SEND_ADMIN_EMAILS (ADMIN_NEW_SPONSOR, $msg_admin);
- }
+ sendAdminNotification(getMessage('ADMIN_NEW_SPONSOR'), 'admin_sponsor_pending', $SPONSOR);
// Sponsor account set to pending
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_PENDING);
- }
- else
- {
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_PENDING'));
+ } else {
// Could not unlock account!
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_PENDING_FAILED);
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_PENDING_FAILED'));
}
- }
- elseif ($SPONSOR['status'] == "EMAIL")
- {
+ } elseif ($SPONSOR['status'] == 'EMAIL') {
// Changed email adress need to be confirmed
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
-WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
- array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='CONFIRMED'
+WHERE `id`='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1",
+ array(bigintval($SPONSOR['id']), getRequestElement('hash')), __FILE__, __LINE__);
- // Check on success
- if (SQL_AFFECTEDROWS($link) == 1)
- {
+ // Check on success
+ if (SQL_AFFECTEDROWS() == 1) {
// Sponsor account is unlocked again
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN);
- }
- else
- {
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN'));
+ } else {
// Could not unlock account!
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_EMAIL_FAILED);
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_EMAIL_FAILED'));
}
- }
- else
- {
+ } else {
/// ??? Other status?
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_STATUS_FAILED);
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACCOUNT_STATUS_FAILED'));
}
- }
- else
- {
+ } else {
// No sponsor found
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_404);
+ loadTemplate('admin_settings_saved', false, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getRequestElement('hash')));
}
// Free memory
SQL_FREERESULT($result);
-}
- elseif ($MODE == "activate")
-{
+} elseif ($mode == 'activate') {
// Send activation link again
- if (isset($HTTP_POST_VARS['ok']))
- {
+ if (isFormSent()) {
// Check submitted data
- if (empty($HTTP_POST_VARS['email'])) unset($HTTP_POST_VARS['ok']);
+ if (!isPostRequestElementSet('email')) unsetPostRequestElement('ok');
}
- if (isset($HTTP_POST_VARS['ok']))
- {
+ if (isFormSent()) {
// Check email
- $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, salut, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
- array($HTTP_POST_VARS['email']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
+FROM `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
+ array(postRequestElement('email')), __FILE__, __LINE__);
+
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
$SPONSOR = SQL_FETCHARRAY($result);
// Translate some data
- $SPONSOR['salut'] = TRANSLATE_SEX($SPONSOR['salut']);
- $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']);
+ $SPONSOR['gender'] = translateGender($SPONSOR['gender']);
+ $SPONSOR['sponsor_created'] = generateDateTime($SPONSOR['sponsor_created']);
// Prepare email and send it to the sponsor
- if ($SPONSOR['status'] == "UNCONFIRMED")
- {
+ if ($SPONSOR['status'] == 'UNCONFIRMED') {
// Unconfirmed accounts
- $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_activate", $SPONSOR);
- }
- else
- {
+ $message_sponsor = loadEmailTemplate('sponsor_activate', $SPONSOR);
+ } else {
// Confirmed email address
- $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_email", $SPONSOR);
+ $message_sponsor = loadEmailTemplate('sponsor_email', $SPONSOR);
}
- SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_ACTIVATION_LINK_SUBJ, $msg_sponsor);
+ sendEmail(postRequestElement('email'), getMessage('SPONSOR_ACTIVATION_LINK_SUBJ'), $message_sponsor);
// Output message
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_SENT);
- }
- else
- {
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_SENT'));
+ } else {
// No account found or not UNCONFIRMED
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_404);
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_ACTIVATION_LINK_404'));
}
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Load form
- LOAD_TEMPLATE("guest_sponsor_activate");
+ loadTemplate('guest_sponsor_activate');
}
-}
- elseif ($MODE == "lost_pass")
-{
+} elseif ($mode == 'lost_pass') {
// Send new password
- if (isset($HTTP_POST_VARS['ok']))
- {
+ if (isFormSent()) {
// Check submitted data
- if (empty($HTTP_POST_VARS['email'])) unset($HTTP_POST_VARS['ok']);
- }
+ if (!isPostRequestElementSet('email')) unsetPostRequestElement('ok');
+ } // END - if
- if (isset($HTTP_POST_VARS['ok']))
- {
+ if (isFormSent()) {
// Check email
- $result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, salut, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
- array($HTTP_POST_VARS['email'], bigintval($HTTP_POST_VARS['id'])), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
+FROM `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
+ array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__);
+
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
// Unconfirmed sponsor account found so let's load the requested data
- $SPONSOR = SQL_FETCHARRAY($result);
+ $DATA = SQL_FETCHARRAY($result);
// Translate some data
- $SPONSOR['salut'] = TRANSLATE_SEX($SPONSOR['salut']);
- $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']);
+ $DATA['gender'] = translateGender($DATA['gender']);
+ $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']);
// Generate password
- $SPONSOR['password'] = GEN_PASS();
+ $DATA['password'] = generatePassword();
// Prepare email and send it to the sponsor
- $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_lost", $SPONSOR);
- SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor);
+ $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA);
+ sendEmail(postRequestElement('email'), getMessage('SPONSOR_LOST_PASSWORD_SUBJ'), $message_sponsor);
// Update password
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
-WHERE id='%s' LIMIT 1",
- array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `password`='%s'
+WHERE `id`='%s' LIMIT 1",
+ array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
// Output message
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_SENT);
- }
- else
- {
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_SENT'));
+ } else {
// No account found or not UNCONFIRMED
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_404);
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOST_PASSWORD_404'));
}
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Load form
- LOAD_TEMPLATE("guest_sponsor_lost");
+ loadTemplate('guest_sponsor_lost');
}
-}
- elseif (isset($HTTP_POST_VARS['ok']))
-{
+} elseif (isFormSent()) {
// Check status and login data ...
- $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE id='%s' AND password='%s' LIMIT 1",
- array(bigintval($HTTP_POST_VARS['sponsorid']), md5($HTTP_POST_VARS['pass'])), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT status FROM `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE `id`='%s' AND password='%s' LIMIT 1",
+ array(bigintval(postRequestElement('sponsorid')), md5(postRequestElement('pass'))), __FILE__, __LINE__);
+
+ if (SQL_NUMROWS($result) == 1) {
// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
list($status) = SQL_FETCHROW($result);
- if ($status == "CONFIRMED")
- {
- // Calculate cookie lifetime, maybe we have to change this so the admin can setup a
- // seperate timeout for these two cookies?
- $life = (time() + $CONFIG['online_timeout']);
-
+ if ($status == 'CONFIRMED') {
// Is confirmed so both is fine and we can continue with login procedure
- $login = ((setcookie("sponsorid" , bigintval($HTTP_POST_VARS['sponsorid']), $life, COOKIE_PATH)) &&
- (setcookie("sponsorpass", md5($HTTP_POST_VARS['pass']) , $life, COOKIE_PATH)));
+ $login = ((setSession('sponsorid' , bigintval(postRequestElement('sponsorid')))) &&
+ (setSession('sponsorpass', md5(postRequestElement('pass')) ))
+ );
- if ($login)
- {
+ if ($login === true) {
// Cookie setup successfull so we can forward to sponsor area
- LOAD_URL(URL."/modules.php?module=sponsor");
- }
- else
- {
+ redirectToUrl('modules.php?module=sponsor');
+ } else {
// Cookie setup failed!
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);
- OUTPUT_HTML("
");
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSPOR_COOKIE_SETUP_FAILED'));
// Login formular and other links
- LOAD_TEMPLATE("guest_sponsor_login");
+ loadTemplate('guest_sponsor_login');
}
- }
- else
- {
+ } else {
// Status is not fine
- $eval = "\$content = SPONSOR_LOGIN_FAILED_".strtoupper($status).";";
- eval($eval);
- LOAD_TEMPLATE("admin_settings_saved", false, $content);
- OUTPUT_HTML("
");
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_' . strtoupper($status) . ''));
// Login formular and other links
- LOAD_TEMPLATE("guest_sponsor_login");
+ loadTemplate('guest_sponsor_login');
}
- }
- else
- {
- // Account missing or wrong pass! We shall not find this out for the "hacker folks"...
- LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOGIN_FAILED_404_WRONG_PASS);
- OUTPUT_HTML("
");
+ } else {
+ // Account missing or wrong pass! We shall not find this out for the "cracker folks"...
+ loadTemplate('admin_settings_saved', false, getMessage('SPONSOR_LOGIN_FAILED_404_WRONG_PASS'));
// Login formular and other links
- LOAD_TEMPLATE("guest_sponsor_login");
+ loadTemplate('guest_sponsor_login');
}
// Free memory
SQL_FREERESULT($result);
-}
- else
-{
+} else {
// Login formular and other links
- LOAD_TEMPLATE("guest_sponsor_login");
+ loadTemplate('guest_sponsor_login');
}
-//
+// [EOF]
?>