{--YOU_ARE_HERE--} Home';
} else {
if ($return === false) $GLOBALS['nav_depth']++;
$prefix = '';
@@ -363,48 +358,33 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
$search = substr($search, 0, -4);
} // END - i
- // Get the title from menu
- $result = SQL_QUERY_ESC("SELECT title FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE %s='%s' ".$AND." LIMIT 1",
- array($accessLevel, $type, $search), __FUNCTION__, __LINE__);
+ if (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) {
+ // Output HTML code
+ $OUT = $prefix . '' . getTitleFromMenu($accessLevel, $search, $type, $ADD) . '';
- // Menu found?
- if (SQL_NUMROWS($result) == 1) {
- // Load title
- list($ret) = SQL_FETCHROW($result);
-
- // Shall we return it?
- if ($return === true) {
- // Return title
- return $ret;
- } elseif (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) {
- // Output HTML code
- $OUT = $prefix . "" . $ret . "\n";
-
- // Can we close the you-are-here navigation?
- //* DEBUG: */ print(__LINE__."*".$type.'/'.getWhat()."* ");
- if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) {
- //* DEBUG: */ print(__LINE__.'+'.$type."+ ");
- // Add closing div and br-tag
- $OUT .= "
\n";
- $GLOBALS['nav_depth'] = '0';
-
- // Run the filter chain
- $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => ""));
- $OUT .= $ret['content'];
- } // END - if
- }
- } // END - if
+ // Can we close the you-are-here navigation?
+ //* DEBUG: */ print(__LINE__."*".$type.'/'.getWhat()."* ");
+ if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) {
+ //* DEBUG: */ print(__LINE__.'+'.$type."+ ");
+ // Add closing div and br-tag
+ $OUT .= '
';
+ $GLOBALS['nav_depth'] = '0';
- // Free result
- SQL_FREERESULT($result);
+ // Run the filter chain
+ $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => ''));
+
+ // Add additional content
+ $OUT .= $ret['content'];
+ } // END - if
+ }
// Return or output HTML code?
- if ($output) {
- // Output HTML code here
- outputHtml($OUT);
- } else {
+ if ($return === true) {
// Return HTML code
return $OUT;
+ } else {
+ // Output HTML code here
+ outputHtml($OUT);
}
}
@@ -412,7 +392,7 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
function addMenu ($mode, $action, $what) {
// Init some variables
$main_cnt = '0';
- $AND = '';
+ $ADD = '';
// is the menu action valid?
if (!isMenuActionValid($mode, $action, $what, true)) {
@@ -421,11 +401,11 @@ function addMenu ($mode, $action, $what) {
// Non-admin shall not see all menus
if (!isAdmin()) {
- $AND = " AND `visible`='Y' AND `locked`='N'";
+ $ADD = " AND `visible`='Y' AND `locked`='N'";
} // END - if
// Load SQL data and add the menu to the output stream...
- $result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$AND." ORDER BY `sort` ASC",
+ $result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$ADD." ORDER BY `sort` ASC",
array($mode), __FUNCTION__, __LINE__);
//* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."* ");
@@ -442,7 +422,7 @@ function addMenu ($mode, $action, $what) {
$GLOBALS['rows'] .= loadTemplate($mode . '_menu_title', true, $content);
// Sub menu
- $result_sub = SQL_QUERY_ESC("SELECT `title` AS sub_title, `what` AS sub_what FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`",
+ $result_sub = SQL_QUERY_ESC("SELECT `title` AS sub_title, `what` AS sub_what FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$ADD." ORDER BY `sort`",
array($mode, $content['action']), __FUNCTION__, __LINE__);
// Get number of rows
@@ -467,29 +447,29 @@ function addMenu ($mode, $action, $what) {
if (isIncludeReadable($inc)) {
// Mark currently selected menu - open
if ((!empty($what)) && (($what == $content['sub_what']))) {
- $OUT = "";
+ $OUT = '';
} // END - if
// Navigation link
- $OUT .= "";
+ $OUT .= '';
} else {
// Not found! - open
- $OUT .= "";
+ $OUT .= '';
}
// Menu title
$OUT .= getConfig('menu_blur_spacer') . $content['sub_title'];
if (isIncludeReadable($inc)) {
- $OUT .= "";
+ $OUT .= '';
// Mark currently selected menu - close
if ((!empty($what)) && (($what == $content['sub_what']))) {
- $OUT .= "";
+ $OUT .= '';
} // END - if
} else {
// Not found! - close
- $OUT .= "";
+ $OUT .= '';
}
// Cunt it up
@@ -579,16 +559,20 @@ function isMember () {
// is the cache entry there?
if (isset($GLOBALS['is_member'])) {
// Then return it
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CACHED! (' . intval($GLOBALS['is_member']) . ')');
return $GLOBALS['is_member'];
- } elseif (getMemberId() == '0') {
+ } elseif ((!isSessionVariableSet('userid')) || (!isSessionVariableSet('u_hash'))) {
// No member
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'No member set in cookie/session.');
return false;
} else {
- // Transfer userid=>current
- setCurrentUserid(getMemberId());
+ // Get it secured from session
+ setMemberId(getSession('userid'));
+ setCurrentUserId(getMemberId());
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . getSession('userid') . ' used from cookie/session.');
}
- // Init global user data array
+ // Init user data array
initUserData();
// Fix "deleted" cookies first
@@ -599,7 +583,7 @@ function isMember () {
// Cookies are set with values, but are they valid?
if (fetchUserData(getMemberId()) === true) {
// Validate password by created the difference of it and the secret key
- $valPass = generatePassString(getUserData('password'));
+ $valPass = encodeHashForCookie(getUserData('password'));
// Transfer last module and online time
$GLOBALS['last_online']['module'] = getUserData('last_module');
@@ -611,15 +595,17 @@ function isMember () {
$ret = true;
} else {
// Maybe got locked etc.
- logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status'));
+ //* DEBUG */ logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status') . ',' . $valPass . '(' . strlen($valPass) . ')/' . getSession('u_hash') . '(' . strlen(getSession('u_hash')) . ')/' . getUserData('password') . '(' . strlen(getUserData('password')) . ')');
destroyMemberSession();
}
} else {
// Cookie data is invalid!
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cookie data invalid or user not found.');
destroyMemberSession();
}
} else {
// Cookie data is invalid!
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cookie data not complete.');
destroyMemberSession();
}
@@ -627,11 +613,12 @@ function isMember () {
$GLOBALS['is_member'] = $ret;
// Return status
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret=' . intval($ret));
return $ret;
}
// Fetch user data for given user id
-function fetchUserData ($userid, $column='userid') {
+function fetchUserData ($userid, $column = 'userid') {
// If we should look for userid secure&set it here
if (substr($column, -2, 2) == 'id') {
// Secure userid
@@ -657,8 +644,12 @@ function fetchUserData ($userid, $column='userid') {
// By default none was found
$found = false;
+ // Extra statements
+ $ADD = '';
+ if (isExtensionInstalledAndNewer('user', '0.3.5')) $ADD = ', UNIX_TIMESTAMP(`lock_timestamp`) AS `lock_timestamp`';
+
// Query for the user
- $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT *".$ADD." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1",
array($column, $userid), __FUNCTION__, __LINE__);
// Do we have a record?
@@ -709,68 +700,56 @@ function fetchUserData ($userid, $column='userid') {
}
// This patched function will reduce many SELECT queries for the specified or current admin login
-function isAdmin ($admin = '') {
+function isAdmin ($adminLogin = '') {
// Init variables
- $ret = false; $passCookie = ''; $valPass = '';
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.' ');
+ $ret = false;
+ $passCookie = '';
+ $valPass = '';
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminLogin.' ');
// If admin login is not given take current from cookies...
- if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+ if ((empty($adminLogin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
// Get admin login and password from session/cookies
- $admin = getSession('admin_login');
+ $adminLogin = getSession('admin_login');
$passCookie = getSession('admin_md5');
} // END - if
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.' ');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminLogin.'/'.$passCookie.' ');
// Do we have cache?
- if (!isset($GLOBALS['is_admin'][$admin])) {
+ if (!isset($GLOBALS['is_admin'][$adminLogin])) {
// Init it with failed
- $GLOBALS['is_admin'][$admin] = false;
+ $GLOBALS['is_admin'][$adminLogin] = false;
// Search in array for entry
if (isset($GLOBALS['admin_hash'])) {
// Use cached string
$valPass = $GLOBALS['admin_hash'];
- } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+ } elseif ((!empty($passCookie)) && (isAdminHashSet($adminLogin) === true) && (!empty($adminLogin))) {
// Login data is valid or not?
- $valPass = generatePassString(getAdminHash($admin));
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
// Cache it away
$GLOBALS['admin_hash'] = $valPass;
// Count cache hits
incrementStatsEntry('cache_hits');
- } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
- // Search for admin
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($admin), __FUNCTION__, __LINE__);
-
- // Is he admin?
- $passDB = '';
- if (SQL_NUMROWS($result) == 1) {
- // Admin login was found so let's load password from DB
- list($passDB) = SQL_FETCHROW($result);
-
- // Temporary cache it
- setAdminHash($admin, $passDB);
-
- // Generate password hash
- $valPass = generatePassString($passDB);
- } // END - if
+ } elseif ((!empty($adminLogin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminLogin) === false))) {
+ // Get admin hash and hash it
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
- // Free memory
- SQL_FREERESULT($result);
+ // Cache it away
+ $GLOBALS['admin_hash'] = $valPass;
}
if (!empty($valPass)) {
// Check if password is valid
- //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).' ');
- $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie));
+ $GLOBALS['is_admin'][$adminLogin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
} // END - if
// Return result of comparision
- return $GLOBALS['is_admin'][$admin];
+ return $GLOBALS['is_admin'][$adminLogin];
}
// Generates a list of "max receiveable emails per day"
@@ -781,13 +760,13 @@ function addMaxReceiveList ($mode, $default = '', $return = false) {
switch ($mode) {
case 'guest':
// Guests (in the registration form) are not allowed to select 0 mails per day.
- $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE value > 0 ORDER BY value",
+ $result = SQL_QUERY("SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC",
__FUNCTION__, __LINE__);
break;
case 'member':
// Members are allowed to set to zero mails per day (we will change this soon!)
- $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY value",
+ $result = SQL_QUERY("SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC",
__FUNCTION__, __LINE__);
break;
@@ -800,11 +779,11 @@ function addMaxReceiveList ($mode, $default = '', $return = false) {
if (SQL_NUMROWS($result) > 0) {
$OUT = '';
while ($content = SQL_FETCHARRAY($result)) {
- $OUT .= " ';
}
+
+ // Free memory
+ SQL_FREERESULT($result);
}
// Return - hopefully - the requested data
@@ -1707,13 +1626,15 @@ function FILTER_ACTIVATE_EXCHANGE () {
updateConfiguration('activate_xchange' ,0);
// Rebuild cache
- rebuildCacheFile('modules', 'modules');
+ rebuildCache('modules', 'modules');
} // END - if
}
// Deletes a user account with given reason
function deleteUserAccount ($userid, $reason) {
- $points = '0';
+ // Init points
+ $data['points'] = '0';
+
$result = SQL_QUERY_ESC("SELECT
(SUM(p.points) - d.used_points) AS points
FROM
@@ -1725,9 +1646,11 @@ ON
WHERE
p.userid=%s",
array(bigintval($userid)), __FUNCTION__, __LINE__);
+
+ // Do we have an entry?
if (SQL_NUMROWS($result) == 1) {
// Save his points to add them to the jackpot
- list($points) = SQL_FETCHROW($result);
+ $data = SQL_FETCHARRAY($result);
// Delete points entries as well
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s", array(bigintval($userid)), __FUNCTION__, __LINE__);
@@ -1735,11 +1658,11 @@ WHERE
// Update mediadata as well
if (isExtensionInstalledAndNewer('mediadata', '0.0.4')) {
// Update database
- updateMediadataEntry(array('total_points'), 'sub', $points);
+ updateMediadataEntry(array('total_points'), 'sub', $data['points']);
} // END - if
// Now, when we have all his points adds them do the jackpot!
- if (isExtensionActive('jackpot')) addPointsToJackpot($points);
+ if (isExtensionActive('jackpot')) addPointsToJackpot($data['points']);
} // END - if
// Free the result
@@ -1750,40 +1673,30 @@ WHERE
array(bigintval($userid)), __FUNCTION__, __LINE__);
// Remove from rallye if found
+ // @TODO Rewrite this to a filter
if (isExtensionActive('rallye')) {
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_rallye_users` WHERE `userid`=%s",
array(bigintval($userid)), __FUNCTION__, __LINE__);
} // END - if
+ // Add reason and translate points
+ $data['text'] = $reason;
+ $data['points'] = translateComma($data['points']);
+
// Now a mail to the user and that's all...
- $message = loadEmailTemplate('del-user', array('text' => $reason), $userid);
+ $message = loadEmailTemplate('del-user', $data, $userid);
sendEmail($userid, getMessage('ADMIN_DEL_ACCOUNT'), $message);
// Ok, delete the account!
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", array(bigintval($userid)), __FUNCTION__, __LINE__);
}
-// Generates meta description for given module and 'what' value
-function generateMetaDescriptionCode ($mod, $what) {
- // Exclude admin and member's area
- if (($mod != 'admin') && ($mod != 'login')) {
- // Construct dynamic description
- $DESCR = '{?MAIN_TITLE?} '.trim(getConfig('title_middle')) . ' ' . addMenuDescription('guest', 'what-'.$what, true);
-
- // Output it directly
- outputHtml('');
- } // END - if
-
- // Remove depth
- unset($GLOBALS['ref_level']);
-}
-
// Gets the matching what name from module
function getWhatFromModule ($modCheck) {
// Is the request element set?
- if (isGetRequestElementSet('what')) {
+ if (isGetRequestParameterSet('what')) {
// Then return this!
- return getRequestElement('what');
+ return getRequestParameter('what');
} // END - if
// Default is empty
@@ -1855,7 +1768,7 @@ WHERE
return $numRows;
}
-// Returns HTML code with an "