X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-sponsor_login.php;h=5fccf754029cf8967e7b8952cf0312e10dbfa634;hb=596c8ab32594401ca84abfbfe35513ddfff31bec;hp=1f09c0a3e7ec6961efc147ddf94b176f5bd3a8ca;hpb=330dbb3e2b34450cd1665497506455e195a0a166;p=mailer.git diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php index 1f09c0a3e7..5fccf75402 100644 --- a/inc/modules/guest/what-sponsor_login.php +++ b/inc/modules/guest/what-sponsor_login.php @@ -16,8 +16,8 @@ * $Author:: $ * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009 - 2011 by Mailer Developer Team * - * For more information visit: http://www.mxchange.org * + * Copyright (c) 2009 - 2012 by Mailer Developer Team * + * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -37,14 +37,14 @@ // Some security stuff... if (!defined('__SECURITY')) { - die(); + exit(); } // END - if // Add description as navigation point addYouAreHereLink('guest', __FILE__); if ((!isExtensionActive('sponsor'))) { - displayMessage(generateExtensionInactiveNotInstalledMessage('sponsor')); + displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=sponsor%}'); return; } elseif (isSponsor()) { // Is already a logged-in sponsor @@ -52,16 +52,16 @@ if ((!isExtensionActive('sponsor'))) { } $mode = ''; -if (isGetRequestParameterSet('mode')) { +if (isGetRequestElementSet('do')) { // A "special" mode of the login system was requested - switch (getRequestParameter('mode')) { + switch (getRequestElement('do')) { case 'activate' : $mode = 'activate'; break; // Activation link requested case 'lost_pass': $mode = 'lost_pass'; break; // Request new password } // END - switch } // END - if // Check if hash for confirmation of email address is given... -if (isGetRequestParameterSet('hash')) { +if (isGetRequestElementSet('hash')) { // Lookup sponsor $result = SQL_QUERY_ESC("SELECT `id`, `status`, `gender`, `surname`, `family`, @@ -75,7 +75,7 @@ WHERE `status`='UNCONFIRMED' OR `status`='EMAIL' ) -LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__); +LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Sponsor found, load his data... $data = SQL_FETCHARRAY($result); @@ -95,7 +95,7 @@ WHERE LIMIT 1", array( bigintval($data['id']), - getRequestParameter('hash') + getRequestElement('hash') ), __FILE__, __LINE__); // Check on success @@ -125,7 +125,7 @@ WHERE `hash`='%s' AND `status`='EMAIL' LIMIT 1", - array(bigintval($data['id']), getRequestParameter('hash')), __FILE__, __LINE__); + array(bigintval($data['id']), getRequestElement('hash')), __FILE__, __LINE__); // Check on success if (!SQL_HASZEROAFFECTED()) { @@ -141,30 +141,36 @@ LIMIT 1", } } else { // No sponsor found - displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestParameter('hash') . '%}'); + displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestElement('hash') . '%}'); } // Free memory SQL_FREERESULT($result); } elseif ($mode == 'activate') { // Send activation link again - if (isFormSent()) { + if (isFormSent('login')) { // Check submitted data - if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('login'); } - if (isFormSent()) { + if (isFormSent('login')) { // Check email $result = SQL_QUERY_ESC("SELECT - `id`, `hash`, `status`, `remote_addr`, `gender`, `surname`, `family`, + `id`, + `hash`, + `status`, + `remote_addr`, + `gender`, + `surname`, + `family`, UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE - `email`='%s' AND + '%s' REGEXP `email` AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1", - array(postRequestParameter('email')), __FILE__, __LINE__); + array(postRequestElement('email')), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { @@ -182,7 +188,7 @@ LIMIT 1", // Confirmed email address $message_sponsor = loadEmailTemplate('sponsor_email', $data); } - sendEmail(postRequestParameter('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor); + sendEmail(postRequestElement('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor); // Output message displayMessage('{--SPONSOR_ACTIVATION_LINK_SENT--}'); @@ -199,37 +205,42 @@ LIMIT 1", } } elseif ($mode == 'lost_pass') { // Send new password - if (isFormSent()) { + if (isFormSent('login')) { // Check submitted data - if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('login'); } // END - if - if (isFormSent()) { + if (isFormSent('login')) { // Check email $result = SQL_QUERY_ESC("SELECT - `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, + `id`, + `hash`, + `remote_addr`, + `gender`, + `surname`, + `family`, UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE - `email`='%s' AND + '%s' REGEXP `email` AND `id`=%s AND `status`='CONFIRMED' LIMIT 1", - array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__); + array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data - $DATA = SQL_FETCHARRAY($result); + $content = SQL_FETCHARRAY($result); // Generate password/translate some data - $DATA['password'] = generatePassword(); - $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']); + $content['password'] = generatePassword(); + $content['sponsor_created'] = generateDateTime($content['sponsor_created']); // Prepare email and send it to the sponsor - $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA); - sendEmail(postRequestParameter('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor); + $message_sponsor = loadEmailTemplate('sponsor_lost', $content); + sendEmail(postRequestElement('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor); // Update password SQL_QUERY_ESC("UPDATE @@ -239,7 +250,7 @@ SET WHERE `id`=%s LIMIT 1", - array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__); + array(md5($content['password']), bigintval($content['id'])), __FILE__, __LINE__); // Output message displayMessage('{--SPONSOR_LOST_PASSWORD_SENT--}'); @@ -254,7 +265,7 @@ LIMIT 1", // Load form loadTemplate('guest_sponsor_lost'); } -} elseif (isFormSent()) { +} elseif (isFormSent('login')) { // Check status and login data ... $result = SQL_QUERY_ESC("SELECT `status` @@ -265,8 +276,8 @@ WHERE `password`='%s' LIMIT 1", array( - bigintval(postRequestParameter('sponsor_id')), - md5(postRequestParameter('password')) + bigintval(postRequestElement('sponsor_id')), + md5(postRequestElement('password')) ), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -274,11 +285,11 @@ LIMIT 1", list($status) = SQL_FETCHROW($result); if ($status == 'CONFIRMED') { // Is confirmed so both is fine and we can continue with login procedure - $login = ((setSession('sponsor_id' , bigintval(postRequestParameter('sponsor_id')))) && - (setSession('sponsor_pass', md5(postRequestParameter('password')) )) + $login = ((setSession('sponsor_id' , bigintval(postRequestElement('sponsor_id')))) && + (setSession('sponsor_pass', md5(postRequestElement('password')) )) ); - if ($login === true) { + if ($login === TRUE) { // Cookie setup successfull so we can forward to sponsor area redirectToUrl('modules.php?module=sponsor'); } else {