X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-sponsor_login.php;h=feb51ef794bcb67cb7b8c613a1b5578ef52afbbb;hb=refs%2Fheads%2F0.2.1-FINAL;hp=7082a5cf0cf17c01ce88da9347fecea4c9da23b5;hpb=391c98ab7233ff3e640d8b9fad8df92ce45e9b31;p=mailer.git diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php index 7082a5cf0c..feb51ef794 100644 --- a/inc/modules/guest/what-sponsor_login.php +++ b/inc/modules/guest/what-sponsor_login.php @@ -10,14 +10,9 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Loginformular und Neues Passwort fuer Sponsor * * -------------------------------------------------------------------- * - * $Revision:: $ * - * $Date:: $ * - * $Tag:: 0.2.1-FINAL $ * - * $Author:: $ * - * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009 - 2011 by Mailer Developer Team * - * For more information visit: http://www.mxchange.org * + * Copyright (c) 2009 - 2016 by Mailer Developer Team * + * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -37,14 +32,14 @@ // Some security stuff... if (!defined('__SECURITY')) { - die(); + exit(); } // END - if // Add description as navigation point addYouAreHereLink('guest', __FILE__); if ((!isExtensionActive('sponsor'))) { - displayMessage(generateExtensionInactiveNotInstalledMessage('sponsor')); + displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=sponsor%}'); return; } elseif (isSponsor()) { // Is already a logged-in sponsor @@ -52,19 +47,19 @@ if ((!isExtensionActive('sponsor'))) { } $mode = ''; -if (isGetRequestParameterSet('mode')) { +if (isGetRequestElementSet('do')) { // A "special" mode of the login system was requested - switch (getRequestParameter('mode')) { + switch (getRequestElement('do')) { case 'activate' : $mode = 'activate'; break; // Activation link requested case 'lost_pass': $mode = 'lost_pass'; break; // Request new password } // END - switch } // END - if // Check if hash for confirmation of email address is given... -if (isGetRequestParameterSet('hash')) { +if (isGetRequestElementSet('hash')) { // Lookup sponsor - $result = SQL_QUERY_ESC("SELECT - `id`, `status`, `gender`, `surname`, `family`, + $result = sqlQueryEscaped("SELECT + `id`, `status`, `sex`, `surname`, `family`, `company`, `position`, `tax_ident`, `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`, `points_amount` AS `points`, `last_payment`, `last_currency` @@ -75,15 +70,15 @@ WHERE `status`='UNCONFIRMED' OR `status`='EMAIL' ) -LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { +LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__); + if (sqlNumRows($result) == 1) { // Sponsor found, load his data... - $data = SQL_FETCHARRAY($result); + $data = sqlFetchArray($result); // Unconfirmed account or changed email address? if ($data['status'] == 'UNCONFIRMED') { // Set account to pending - SQL_QUERY_ESC("UPDATE + sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='PENDING', @@ -95,11 +90,11 @@ WHERE LIMIT 1", array( bigintval($data['id']), - getRequestParameter('hash') + getRequestElement('hash') ), __FILE__, __LINE__); // Check on success - if (!SQL_HASZEROAFFECTED()) { + if (!ifSqlHasZeroAffectedRows()) { // Prepare mail and send it to the sponsor $message = loadEmailTemplate('sponsor_pending', $data); sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message); @@ -115,7 +110,7 @@ LIMIT 1", } } elseif ($data['status'] == 'EMAIL') { // Changed email adress need to be confirmed - SQL_QUERY_ESC("UPDATE + sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='CONFIRMED', @@ -125,10 +120,10 @@ WHERE `hash`='%s' AND `status`='EMAIL' LIMIT 1", - array(bigintval($data['id']), getRequestParameter('hash')), __FILE__, __LINE__); + array(bigintval($data['id']), getRequestElement('hash')), __FILE__, __LINE__); // Check on success - if (!SQL_HASZEROAFFECTED()) { + if (!ifSqlHasZeroAffectedRows()) { // Sponsor account is unlocked again displayMessage('{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}'); } else { @@ -136,40 +131,46 @@ LIMIT 1", displayMessage('{--SPONSOR_ACCOUNT_EMAIL_FAILED--}'); } } else { - /// ??? Other status? + // ??? Other status? displayMessage('{--SPONSOR_ACCOUNT_STATUS_FAILED--}'); } } else { // No sponsor found - displayMessage(getMaskedMessage('SPONSOR_ACCOUNT_404', getRequestParameter('hash'))); + displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestElement('hash') . '%}'); } // Free memory - SQL_FREERESULT($result); + sqlFreeResult($result); } elseif ($mode == 'activate') { // Send activation link again - if (isFormSent()) { + if (isFormSent('login')) { // Check submitted data - if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('login'); } - if (isFormSent()) { + if (isFormSent('login')) { // Check email - $result = SQL_QUERY_ESC("SELECT - `id`, `hash`, `status`, `remote_addr`, `gender`, `surname`, `family`, + $result = sqlQueryEscaped("SELECT + `id`, + `hash`, + `status`, + `remote_addr`, + `sex`, + `surname`, + `family`, UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE - `email`='%s' AND + '%s' REGEXP `email` AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1", - array(postRequestParameter('email')), __FILE__, __LINE__); + array(postRequestElement('email')), __FILE__, __LINE__); // Entry found? - if (SQL_NUMROWS($result) == 1) { + if (sqlNumRows($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data - $data = SQL_FETCHARRAY($result); + $data = sqlFetchArray($result); // Translate some data $data['sponsor_created'] = generateDateTime($data['sponsor_created']); @@ -182,7 +183,7 @@ LIMIT 1", // Confirmed email address $message_sponsor = loadEmailTemplate('sponsor_email', $data); } - sendEmail(postRequestParameter('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor); + sendEmail(postRequestElement('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor); // Output message displayMessage('{--SPONSOR_ACTIVATION_LINK_SENT--}'); @@ -192,54 +193,59 @@ LIMIT 1", } // Free memory - SQL_FREERESULT($result); + sqlFreeResult($result); } else { // Load form loadTemplate('guest_sponsor_activate'); } } elseif ($mode == 'lost_pass') { // Send new password - if (isFormSent()) { + if (isFormSent('login')) { // Check submitted data - if (!isPostRequestParameterSet('email')) unsetPostRequestParameter('ok'); + if (!isPostRequestElementSet('email')) unsetPostRequestElement('login'); } // END - if - if (isFormSent()) { + if (isFormSent('login')) { // Check email - $result = SQL_QUERY_ESC("SELECT - `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, + $result = sqlQueryEscaped("SELECT + `id`, + `hash`, + `remote_addr`, + `sex`, + `surname`, + `family`, UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE - `email`='%s' AND + '%s' REGEXP `email` AND `id`=%s AND `status`='CONFIRMED' LIMIT 1", - array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__); + array(postRequestElement('email'), bigintval(postRequestElement('id'))), __FILE__, __LINE__); // Entry found? - if (SQL_NUMROWS($result) == 1) { + if (sqlNumRows($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data - $DATA = SQL_FETCHARRAY($result); + $content = sqlFetchArray($result); // Generate password/translate some data - $DATA['password'] = generatePassword(); - $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']); + $content['password'] = generatePassword(); + $content['sponsor_created'] = generateDateTime($content['sponsor_created']); // Prepare email and send it to the sponsor - $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA); - sendEmail(postRequestParameter('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor); + $message_sponsor = loadEmailTemplate('sponsor_lost', $content); + sendEmail(postRequestElement('email'), '{--SPONSOR_LOST_PASSWORD_SUBJECT--}', $message_sponsor); // Update password - SQL_QUERY_ESC("UPDATE + sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `password`='%s' WHERE `id`=%s LIMIT 1", - array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__); + array(md5($content['password']), bigintval($content['id'])), __FILE__, __LINE__); // Output message displayMessage('{--SPONSOR_LOST_PASSWORD_SENT--}'); @@ -249,14 +255,14 @@ LIMIT 1", } // Free memory - SQL_FREERESULT($result); + sqlFreeResult($result); } else { // Load form loadTemplate('guest_sponsor_lost'); } -} elseif (isFormSent()) { +} elseif (isFormSent('login')) { // Check status and login data ... - $result = SQL_QUERY_ESC("SELECT + $result = sqlQueryEscaped("SELECT `status` FROM `{?_MYSQL_PREFIX?}_sponsor_data` @@ -265,20 +271,20 @@ WHERE `password`='%s' LIMIT 1", array( - bigintval(postRequestParameter('sponsor_id')), - md5(postRequestParameter('password')) + bigintval(postRequestElement('sponsor_id')), + md5(postRequestElement('password')) ), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (sqlNumRows($result) == 1) { // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account? - list($status) = SQL_FETCHROW($result); + list($status) = sqlFetchRow($result); if ($status == 'CONFIRMED') { // Is confirmed so both is fine and we can continue with login procedure - $login = ((setSession('sponsor_id' , bigintval(postRequestParameter('sponsor_id')))) && - (setSession('sponsor_pass', md5(postRequestParameter('password')) )) + $login = ((setSession('sponsor_id' , bigintval(postRequestElement('sponsor_id')))) && + (setSession('sponsor_pass', md5(postRequestElement('password')) )) ); - if ($login === true) { + if ($login === TRUE) { // Cookie setup successfull so we can forward to sponsor area redirectToUrl('modules.php?module=sponsor'); } else { @@ -304,7 +310,7 @@ LIMIT 1", } // Free memory - SQL_FREERESULT($result); + sqlFreeResult($result); } else { // Login formular and other links loadTemplate('guest_sponsor_login');