X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=83677bd75b389c1e8665beb7dfaf5a19f0acca78;hb=2ec83ffdf7e326eb5ff5d9f1c7f4eb2fbc75e57c;hp=88c5f62138298de9fb1466e1a2ce294f7d211f23;hpb=0a7e0faba4feaf17432cbdcaf17eb7d2f3812a1e;p=mailer.git diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 88c5f62138..83677bd75b 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -44,7 +44,8 @@ function ADD_MODULE_TITLE($mod) { // Is the script installed? if (isBooleanConstantAndTrue('mxchange_installed')) { - if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) { + // Check if cache is valid + if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (in_array($mod, $cacheArray['modules']['module']))) { // Load from cache $name = $cacheArray['modules']['title'][$mod]; @@ -56,7 +57,7 @@ function ADD_MODULE_TITLE($mod) { list($name) = SQL_FETCHROW($result); SQL_FREERESULT($result); } - } + } // END - if // Trim name $name = trim($name); @@ -68,8 +69,10 @@ function ADD_MODULE_TITLE($mod) { if (SQL_NUMROWS($result) == 0) { // Add module to database $dummy = CHECK_MODULE($mod); - } - } + } // END - if + } // END - if + + // Return name return $name; } @@ -132,13 +135,13 @@ function CHECK_MODULE($mod) { // Check returned values against current access permissions // // Admin access ----- Guest access ----- --- Guest or member? --- - if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN())))) { + if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_MEMBER())))) { // If you are admin you are welcome for everything! $ret = "done"; } elseif ($locked == "Y") { // Module is locked $ret = "locked"; - } elseif (($mem == "Y") && (!IS_LOGGED_IN())) { + } elseif (($mem == "Y") && (!IS_MEMBER())) { // You have to login first! $ret = "mem_only"; } elseif (($admin == "Y") && (!IS_ADMIN())) { @@ -148,33 +151,30 @@ function CHECK_MODULE($mod) { // Still no luck or not found? if (($ret == "major") || ($ret == "cache_miss") || (!$found)) { - // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name --- - if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php"))) { + // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name --- + if ((FILE_READABLE(sprintf("%sinc/modules/%s.php", PATH, $mod))) || (FILE_READABLE(sprintf("%s%s.php", PATH, $mod))) || (FILE_READABLE(sprintf("%s%s/%s.php", PATH, $extension, $mod)))) { // Data is missing so we add it if (GET_EXT_VERSION("sql_patches") >= "0.3.6") { // Since 0.3.6 we have a has_menu column, this took me a half hour // to find a loop here... *sigh* $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg (module, locked, hidden, mem_only, admin_only, has_menu) VALUES -('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__); +('%s','Y','N','N','N','N')", array($mod_chk), __FILE__, __LINE__); } else { // Wrong/missing sql_patches! $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg (module, locked, hidden, mem_only, admin_only) VALUES -('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__); +('%s','Y','N','N','N')", array($mod_chk), __FILE__, __LINE__); } // Everthing is fine? if (SQL_AFFECTEDROWS() == 0) { // Something bad happend! return "major"; - } + } // END - if // Destroy cache here - if (GET_EXT_VERSION("cache") >= "0.1.2") { - if ($cacheInstance->cache_file("mod_reg", true)) $cacheInstance->cache_destroy(); - unset($cacheArray['modules']); - } + REBUILD_CACHE("mod_reg", "modreg"); // And reload data $ret = CHECK_MODULE($mod_chk); @@ -182,7 +182,7 @@ function CHECK_MODULE($mod) { // Module not found we don't add it to the database $ret = "404"; } - } + } // END - if // Return the value return $ret; @@ -245,7 +245,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { $AND = ""; } if ((!isset($DEPTH)) && (!$return)) { - $DEPTH = "0"; + $DEPTH = 0; $prefix = "
".print_r($_CONFIG, true).""); + if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview")))) { //* DEBUG: */ echo __LINE__."+".$type."+
"; + debug_print_backtrace(); + die(""); + } // END - if + // Initialize variables - $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N"; - if (!empty($GLOBALS['userid'])) - { - // Update member status only when userid is valid - if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN())) - { - // Is valid user - $uid = $GLOBALS['userid']; - $MEM = "Y"; - } - } - if (IS_ADMIN()) - { + $uid = 0; $rid = 0; $MEM = "N"; $ADMIN = "N"; + + // Valid userid? + if ((!empty($GLOBALS['userid'])) && ($GLOBALS['userid'] > 0) && (IS_MEMBER())) { + // Is valid user + $uid = bigintval($GLOBALS['userid']); + $MEM = "Y"; + } // END - if + + if (IS_ADMIN()) { // Is administrator $ADMIN = "Y"; - } + } // END - if + if (isSessionVariableSet('refid')) { // Check cookie - if (get_session('refid') > 0) $rid = $GLOBALS['refid']; - } + if (get_session('refid') > 0) $rid = bigintval($GLOBALS['refid']); + } // END - if - // Now Read data + // Now search for the user $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online WHERE sid='%s' LIMIT 1", array($SID), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { - SQL_FREERESULT($result); - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET + // Entry found? + if (SQL_NUMROWS($result) == 1) { + // Then update it + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET module='%s', action='%s', what='%s', -userid=%d, -refid=%d, +userid=%s, +refid=%s, is_member='%s', is_admin='%s', timestamp=UNIX_TIMESTAMP() WHERE sid='%s' LIMIT 1", - array( - $mod, - $act, - $wht, - bigintval($uid), - bigintval($rid), - $MEM, - $ADMIN, - $SID -), __FILE__, __LINE__); - } - else - { + array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID), __FILE__, __LINE__ + ); + } else { // No entry does exists so we simply add it! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')", - array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s','%s','%s', %s, %s, '%s','%s', UNIX_TIMESTAMP(), '%s','%s')", + array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__ + ); } + // Free result + SQL_FREERESULT($result); + // Purge old entries - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %d)", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %s)", array($_CONFIG['online_timeout']), __FILE__, __LINE__); } // OBSULETE: Sends out mail to all administrators -function SEND_ADMIN_EMAILS($subj, $msg) -{ - $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__); - while (list($email) = SQL_FETCHROW($result)) - { +function SEND_ADMIN_EMAILS($subj, $msg) { + // Load all admin email addresses + $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id ASC", __FILE__, __LINE__); + while (list($email) = SQL_FETCHROW($result)) { + // Send the email out SEND_EMAIL($email, $subj, $msg); - } - // Really simple... ;-) + } // END - if + + // Free result SQL_FREERESULT($result); + + // Really simple... ;-) } // Get ID number from administrator's login name -function GET_ADMIN_ID($login) -{ - global $cacheArray; +function GET_ADMIN_ID($login) { + global $cacheArray, $_CONFIG; $ret = "-1"; - if (!empty($cacheArray['admins']['aid'][$login])) - { + if (!empty($cacheArray['admins']['aid'][$login])) { // Check cache $ret = $cacheArray['admins']['aid'][$login]; - if (empty($ret)) $ret = "-1"; - } - else - { + + // Update cache hits + $_CONFIG['cache_hits']++; + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", array($login), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + if (SQL_NUMROWS($result) == 1) { list($ret) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } + } // END - if + + // Free result + SQL_FREERESULT($result); } return $ret; } @@ -1273,49 +1378,118 @@ function GET_ADMIN_ID($login) // Get password hash from administrator's login name function GET_ADMIN_HASH($login) { - global $cacheArray; + global $cacheArray, $_CONFIG; $ret = "-1"; - if (!empty($cacheArray['admins']['password'][$login])) - { + if (!empty($cacheArray['admins']['password'][$login])) { // Check cache $ret = $cacheArray['admins']['password'][$login]; - if (empty($ret)) $ret = "-1"; - } - else - { + + // Update cache hits + $_CONFIG['cache_hits']++; + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", array($login), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + if (SQL_NUMROWS($result) == 1) { + // Fetch data list($ret) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + + // Set cache + $cacheArray['admins']['password'][$login] = $ret; } + + // Free result + SQL_FREERESULT($result); } return $ret; } // -function GET_ADMIN_LOGIN($aid) { - global $cacheArray; +function GET_ADMIN_LOGIN ($aid) { + global $cacheArray, $_CONFIG; $ret = "***"; - if (!empty($cacheArray['admins']['login']['aid'])) { - // Check cache - if (!empty($cacheArray['admins']['login'][$aid])) $ret = $cacheArray['admins']['login'][$aid]; - if (empty($ret)) $ret = "***"; - } else { + if (!empty($cacheArray['admins']['login'][$aid])) { + // Get cache + $ret = $cacheArray['admins']['login'][$aid]; + + // Update cache hits + $_CONFIG['cache_hits']++; + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database - $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1", - array(bigintval($aid)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array(bigintval($aid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Fetch data list($ret) = SQL_FETCHROW($result); - } + + // Set cache + $cacheArray['admins']['login'][$aid] = $ret; + } // END - if // Free memory SQL_FREERESULT($result); } return $ret; } +// Get email address of admin id +function GET_ADMIN_EMAIL ($aid) { + global $cacheArray, $_CONFIG; + + $ret = "***"; + if (!empty($cacheArray['admins']['email'])) { + // Get cache + $ret = $cacheArray['admins']['email'][$aid]; + + // Update cache hits + $_CONFIG['cache_hits']++; + } elseif (!EXT_IS_ACTIVE("cache")) { + // Load from database + $result_aid = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array(bigintval($ret)), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { + // Get data + list($ret) = SQL_FETCHROW($result_aid); + + // Set cache + $cacheArray['admins']['email'][$aid] = $ret; + } // END - if + + // Free result + SQL_FREERESULT($result_aid); + } + + // Return email + return $ret; +} +// Get default ACL of admin id +function GET_ADMIN_DEFAULT_ACL ($aid) { + global $cacheArray, $_CONFIG; + + $ret = "***"; + if (!empty($cacheArray['admins']['def_acl'])) { + // Use cache + $ret = $cacheArray['admins']['def_acl'][$aid]; + + // Update cache hits + $_CONFIG['cache_hits']++; + } else { + // Load from database + $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array(bigintval($ret)), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { + // Fetch data + list($ret) = SQL_FETCHROW($result_aid); + + // Set cache + $cacheArray['admins']['def_acl'][$aid] = $ret; + } + + // Free result + SQL_FREERESULT($result_aid); + } + + // Return email + return $ret; +} // function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") { $ret = ""; @@ -1323,12 +1497,12 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") // Selection from array if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name)) { // Both are arrays - foreach ($id as $idx=>$value) { + foreach ($id as $idx => $value) { $ret .= "\n"; - } + } // END - while // Free memory SQL_FREERESULT($result); @@ -1358,7 +1532,7 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") // Return - hopefully - the requested data return $ret; } -// Aiut +// Activate exchange (DEPERECATED???) function activateExchange() { global $_CONFIG; $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__); @@ -1375,12 +1549,11 @@ function activateExchange() { ); // Run SQLs - foreach ($SQLs as $sql) - { + foreach ($SQLs as $sql) { $result = SQL_QUERY($sql, __FILE__, __LINE__); } - // Destroy cache + // @TODO Destroy cache } } // @@ -1391,44 +1564,41 @@ function DELETE_USER_ACCOUNT($uid, $reason) FROM "._MYSQL_PREFIX."_user_points AS p LEFT JOIN "._MYSQL_PREFIX."_user_data AS d ON p.userid=d.userid -WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { +WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { // Save his points to add them to the jackpot list($points) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Delete points entries as well - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__); // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") - { + if (GET_EXT_VERSION("mediadata") >= "0.0.4") { // Update database MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points); - } + } // END - if // Now, when we have all his points adds them do the jackpot! ADD_JACKPOT($points); } // Delete category selections as well... - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__); // Remove from rallye if found - if (EXT_IS_ACTIVE("rallye")) - { - $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d", + if (EXT_IS_ACTIVE("rallye")) { + $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__); } // Now a mail to the user and that's all... - $msg = LOAD_EMAIL_TEMPLATE("del-user", $reason, $uid); + $msg = LOAD_EMAIL_TEMPLATE("del-user", array('text' => $reason), $uid); SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg); // Ok, delete the account! - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); } // function META_DESCRIPTION($mod, $wht) @@ -1449,7 +1619,7 @@ function ADD_JACKPOT($points) if (SQL_NUMROWS($result) == 0) { // Create line - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok','%s')", array($points), __FILE__, __LINE__); } else { @@ -1495,8 +1665,7 @@ function IS_DEMO() { return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo")); } // -function LOAD_CONFIG($no="0") -{ +function LOAD_CONFIG($no="0") { global $cacheArray; $CFG_DUMMY = array(); @@ -1504,9 +1673,9 @@ function LOAD_CONFIG($no="0") if ((is_array($cacheArray)) && (isset($cacheArray['config'][$no])) && (is_array($cacheArray['config'][$no]))) { // Load config from cache //* DEBUG: */ echo gettype($cacheArray['config'][$no])."