X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-sponsor_login.php;h=b81d0b51b01e61f4b80d1f4289e5d116a36f3913;hb=43ef1d67a04c351e4432515b53c04fd70f8dc760;hp=3586e33e88658a1e87de0f0b9cb69969777dec71;hpb=b8ba3824d640da47d5f81485650b5885ba60867b;p=mailer.git

diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php
index 3586e33e88..b81d0b51b0 100644
--- a/inc/modules/guest/what-sponsor_login.php
+++ b/inc/modules/guest/what-sponsor_login.php
@@ -36,9 +36,9 @@ if (!defined('__SECURITY')) {
 	require($INC);
 } elseif ((!EXT_IS_ACTIVE("sponsor"))) {
 	if (IS_ADMIN()) {
-		ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor"));
+		addFatalMessage(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor"));
 	} else {
-		ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor");
+		addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor");
 	}
 	return;
 }
@@ -63,7 +63,7 @@ if (!empty($_GET['hash'])) {
 company, position, tax_ident,
 street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
 points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
 LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
 	if (SQL_NUMROWS($result) == 1) {
@@ -78,7 +78,7 @@ LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
 		// Unconfirmed account or changed email address?
 		if ($SPONSOR['status'] == "UNCONFIRMED") {
 			// Set account to pending
-			$result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
+			SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='PENDING'
 WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -99,7 +99,7 @@ WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
 			}
 		} elseif ($SPONSOR['status'] == "EMAIL") {
 			// Changed email adress need to be confirmed
-			$result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
+			SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='CONFIRMED'
 WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -132,7 +132,7 @@ WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
 	if (isset($_POST['ok'])) {
 		// Check email
 		$result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
 			array($_POST['email']), __FILE__, __LINE__);
 
@@ -178,7 +178,7 @@ WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
 	if (isset($_POST['ok'])) {
 		// Check email
 		$result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
 			array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__);
 		// Entry found?
@@ -198,7 +198,7 @@ WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
 			SEND_EMAIL($_POST['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor);
 
 			// Update password
-			$result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
+			SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET password='%s'
 WHERE id='%s' LIMIT 1",
  array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__);
 
@@ -217,24 +217,21 @@ WHERE id='%s' LIMIT 1",
 	}
 } elseif (isset($_POST['ok'])) {
 	// Check status and login data ...
-	$result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data
+	$result = SQL_QUERY_ESC("SELECT status FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE id='%s' AND password='%s' LIMIT 1",
  array(bigintval($_POST['sponsorid']), md5($_POST['pass'])), __FILE__, __LINE__);
 	if (SQL_NUMROWS($result) == 1) {
 		// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
 		list($status) = SQL_FETCHROW($result);
 		if ($status == "CONFIRMED") {
-			// Calculate cookie lifetime, maybe we have to change this so the admin can setup a
-			// seperate timeout for these two cookies?
-			$life = (time() + $_CONFIG['online_timeout']);
-
 			// Is confirmed so both is fine and we can continue with login procedure
-			$login = ((setcookie("sponsorid"  , bigintval($_POST['sponsorid']), $life, COOKIE_PATH)) &&
-			          (setcookie("sponsorpass", md5($_POST['pass'])           , $life, COOKIE_PATH)));
+			$login = ((set_session('sponsorid'  , bigintval($_POST['sponsorid']))) &&
+			          (set_session('sponsorpass', md5($_POST['pass'])           ))
+			);
 
 			if ($login) {
 				// Cookie setup successfull so we can forward to sponsor area
-				LOAD_URL(URL."/modules.php?module=sponsor");
+				LOAD_URL("modules.php?module=sponsor");
 			} else {
 				// Cookie setup failed!
 				LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);