X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=90c8d83eb01ce56ccd44682df6b67583904a6459;hb=16de7d9e8b98108627db01688bc095240b5ba8d2;hp=9aa35d0f2d7b07d3d9e39e2b69fda346afd3902b;hpb=2d54220e76ce2b27798e402740e32e6021938503;p=mailer.git
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 9aa35d0f2d..90c8d83eb0 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -134,10 +134,10 @@ function checkModulePermissions ($mod = '') {
// Check for prefix is a extension...
$modSplit = explode('_', $mod);
$extension = ''; $mod_chk = $mod;
- //* DEBUG: */ outputHtml(__LINE__."*".count($modSplit)."*/".$mod."*
");
+ //* DEBUG: */ print(__LINE__."*".count($modSplit)."*/".$mod."*
");
if (count($modSplit) == 2) {
// Okay, there is a seperator (_) in the name so is the first part a module?
- //* DEBUG: */ outputHtml(__LINE__."*".$modSplit[0]."*
");
+ //* DEBUG: */ print(__LINE__."*".$modSplit[0]."*
");
if (isExtensionActive($modSplit[0])) {
// The prefix is an extension's name, so let's set it
$extension = $modSplit[0]; $mod = $modSplit[1];
@@ -253,7 +253,7 @@ function checkModulePermissions ($mod = '') {
// Destroy cache here
// @TODO Rewrite this to a filter
- if (getOutputMode() == 0) rebuildCacheFile('modules', 'modules');
+ if ((getOutputMode() == 0) || (getOutputMode() == -1)) rebuildCacheFile('modules', 'modules');
// And reload data
unset($GLOBALS['module_status'][$mod]);
@@ -381,9 +381,9 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
$OUT = $prefix . "" . $ret . "\n";
// Can we close the you-are-here navigation?
- //* DEBUG: */ outputHtml(__LINE__."*".$type.'/'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__."*".$type.'/'.getWhat()."*
");
if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) {
- //* DEBUG: */ outputHtml(__LINE__.'+'.$type."+
");
+ //* DEBUG: */ print(__LINE__.'+'.$type."+
");
// Add closing div and br-tag
$OUT .= "
\n";
$GLOBALS['nav_depth'] = 0;
@@ -428,12 +428,12 @@ function addMenu ($mode, $action, $what) {
$result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$AND." ORDER BY `sort` ASC",
array($mode), __FUNCTION__, __LINE__);
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.':'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."*
");
if (SQL_NUMROWS($result_main) > 0) {
// There are menus available, so we simply display them... :)
$GLOBALS['rows'] = '';
while ($content = SQL_FETCHARRAY($result_main)) {
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.'/'.$content['action'].':'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].':'.getWhat()."*
");
// Init variables
enableBlockMode(false);
$action = $content['action'];
@@ -462,7 +462,7 @@ function addMenu ($mode, $action, $what) {
$OUT = '';
// Full file name for checking menu
- //* DEBUG: */ outputHtml(__LINE__.":!!!!".$content['sub_what']."!!!
");
+ //* DEBUG: */ print(__LINE__.":!!!!".$content['sub_what']."!!!
");
$inc = sprintf("inc/modules/%s/what-%s.php", $mode, $content['sub_what']);
if (isIncludeReadable($inc)) {
// Mark currently selected menu - open
@@ -517,17 +517,17 @@ function addMenu ($mode, $action, $what) {
if (isFileReadable($INC)) {
// Load include file
if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_begin', true, $mode);
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
");
loadInclude($INC);
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
");
if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_end', true, $mode);
}
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
");
}
$main_cnt++;
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.':'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."*
");
if (SQL_NUMROWS($result_main) > $main_cnt) {
// Add seperator
$GLOBALS['rows'] .= loadTemplate('menu_seperator', true, $mode);
@@ -562,7 +562,7 @@ function addMenu ($mode, $action, $what) {
);
// Load main template
- //* DEBUG: */ outputHtml(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
");
+ //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
");
loadTemplate('menu_table', false, $content);
} // END - if
}
@@ -580,10 +580,13 @@ function isMember () {
if (isset($GLOBALS['is_member'])) {
// Then return it
return $GLOBALS['is_member'];
- } // END - if
+ } elseif (getUserId() == 0) {
+ // No member
+ return false;
+ }
- // Init global 'status'
- $GLOBALS['status'] = false;
+ // Init global user data array
+ initUserData();
// Fix "deleted" cookies first
fixDeletedCookies(array('userid', 'u_hash'));
@@ -591,42 +594,31 @@ function isMember () {
// Are cookies set?
if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) {
// Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT `password`, `status`, `last_module`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array(getUserId()), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load data from cookies
- list($password, $GLOBALS['status'], $mod, $onl) = SQL_FETCHROW($result);
-
+ if (fetchUserData(getUserId()) === true) {
// Validate password by created the difference of it and the secret key
- $valPass = generatePassString($password);
+ $valPass = generatePassString(getUserData('password'));
// Transfer last module and online time
- if ((!empty($mod)) && (empty($GLOBALS['last_online']['module']))) {
- // @TODO Try to rewrite this to one or more functions
- $GLOBALS['last_online']['module'] = $mod;
- $GLOBALS['last_online']['online'] = $onl;
- } // END - if
+ $GLOBALS['last_online']['module'] = getUserData('last_module');
+ $GLOBALS['last_online']['online'] = getUserData('last_online');
// So did we now have valid data and an unlocked user?
- if (($GLOBALS['status'] == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
+ if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
// Account is confirmed and all cookie data is valid so he is definely logged in! :-)
$ret = true;
} else {
// Maybe got locked etc.
- //* DEBUG: */ outputHtml(__LINE__."!!!
");
+ //* DEBUG: */ print(__LINE__."!!!
");
destroyUserSession();
}
} else {
// Cookie data is invalid!
- //* DEBUG: */ outputHtml(__LINE__."***
");
+ //* DEBUG: */ print(__LINE__."***
");
destroyUserSession();
}
-
- // Free memory
- SQL_FREERESULT($result);
} else {
// Cookie data is invalid!
- //* DEBUG: */ outputHtml(__LINE__."///
");
+ //* DEBUG: */ print(__LINE__."///
");
destroyUserSession();
}
@@ -637,11 +629,82 @@ function isMember () {
return $ret;
}
+// Fetch user data for given user id
+function fetchUserData ($userid, $column='userid') {
+ // Don't look for invalid userids...
+ if ($userid < 1) {
+ // Invalid, so abort here
+ debug_report_bug('User id ' . $userid . ' is invalid.');
+ } elseif (isset($GLOBALS['user_data'][$userid])) {
+ // Use cache, so it is fine
+ return true;
+ }
+
+ // By default none was found
+ $found = false;
+
+ // Do we have userid/refid?
+ if (($column == 'userid') || ($column == 'refid')) {
+ // Then secure the id
+ $userid = bigintval($userid);
+ } // END - if
+
+ // Query for the user
+ $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1",
+ array($column, $userid), __FUNCTION__, __LINE__);
+
+ // Do we have a record?
+ if (SQL_NUMROWS($result) == 1) {
+ // Load data from cookies
+ $data = SQL_FETCHARRAY($result);
+
+ // Set the userid for later use
+ setCurrentUserId($data['userid']);
+ $GLOBALS['user_data'][getCurrentUserId()] = $data;
+
+ // Rewrite 'last_failure' if found
+ if (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure'])) {
+ // Backup the raw one and zero it
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] = $GLOBALS['user_data'][getCurrentUserId()]['last_failure'];
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = 0;
+
+ // Is it not zero?
+ if ($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] != '0000-00-00 00:00:00') {
+ // Seperate data/time
+ $array = explode(' ', $GLOBALS['user_data'][getCurrentUserId()]['last_failure']);
+
+ // Seperate data and time again
+ $array['date'] = explode('-', $array[0]);
+ $array['time'] = explode(':', $array[1]);
+
+ // Now pass it to mktime()
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = mktime(
+ $array['time'][0],
+ $array['time'][1],
+ $array['time'][2],
+ $array['date'][1],
+ $array['date'][2],
+ $array['date'][0]
+ );
+ } // END - if
+ } // END - if
+
+ // Found, but valid?
+ $found = isUserDataValid();
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Return result
+ return $found;
+}
+
// This patched function will reduce many SELECT queries for the specified or current admin login
function isAdmin ($admin = '') {
// Init variables
$ret = false; $passCookie = ''; $valPass = '';
- //* DEBUG: */ outputHtml(__LINE__."ADMIN:".$admin."
");
+ //* DEBUG: */ print(__FUNCTION__.':'.$admin.'
');
// If admin login is not given take current from cookies...
if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
@@ -649,51 +712,57 @@ function isAdmin ($admin = '') {
$admin = getSession('admin_login');
$passCookie = getSession('admin_md5');
} // END - if
- //* DEBUG: */ outputHtml(__LINE__."ADMIN:".$admin.'/'.$passCookie."
");
+ //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'
');
- // Search in array for entry
- if (isset($GLOBALS['admin_hash'])) {
- // Use cached string
- $valPass = $GLOBALS['admin_hash'];
- } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
- // Login data is valid or not?
- $valPass = generatePassString(getAdminHash($admin));
+ // Do we have cache?
+ if (!isset($GLOBALS['is_admin'][$admin])) {
+ // Init it with failed
+ $GLOBALS['is_admin'][$admin] = false;
+
+ // Search in array for entry
+ if (isset($GLOBALS['admin_hash'])) {
+ // Use cached string
+ $valPass = $GLOBALS['admin_hash'];
+ } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+ // Login data is valid or not?
+ $valPass = generatePassString(getAdminHash($admin));
+
+ // Cache it away
+ $GLOBALS['admin_hash'] = $valPass;
+
+ // Count cache hits
+ incrementStatsEntry('cache_hits');
+ } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
+ // Search for admin
+ $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
+ array($admin), __FUNCTION__, __LINE__);
- // Cache it away
- $GLOBALS['admin_hash'] = $valPass;
+ // Is he admin?
+ $passDB = '';
+ if (SQL_NUMROWS($result) == 1) {
+ // Admin login was found so let's load password from DB
+ list($passDB) = SQL_FETCHROW($result);
- // Count cache hits
- incrementStatsEntry('cache_hits');
- } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
- // Search for admin
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($admin), __FUNCTION__, __LINE__);
+ // Temporary cache it
+ setAdminHash($admin, $passDB);
- // Is he admin?
- $passDB = '';
- if (SQL_NUMROWS($result) == 1) {
- // Admin login was found so let's load password from DB
- list($passDB) = SQL_FETCHROW($result);
+ // Generate password hash
+ $valPass = generatePassString($passDB);
+ } // END - if
- // Temporary cache it
- setAdminHash($admin, $passDB);
+ // Free memory
+ SQL_FREERESULT($result);
+ }
- // Generate password hash
- $valPass = generatePassString($passDB);
+ if (!empty($valPass)) {
+ // Check if password is valid
+ //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
');
+ $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
-
- // Free memory
- SQL_FREERESULT($result);
- }
-
- if (!empty($valPass)) {
- // Check if password is valid
- //* DEBUG: */ print(__FUNCTION__ . ':' . $valPass . '/' . $passCookie . '
');
- $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
// Return result of comparision
- return $ret;
+ return $GLOBALS['is_admin'][$admin];
}
// Generates a list of "max receiveable emails per day"
@@ -783,7 +852,7 @@ function isMenuActionValid ($mode, $action, $what, $updateEntry=false) {
$add = '';
if ((!isAdmin()) && ($mode != 'admin')) $add = " AND `locked`='N'";
- //* DEBUG: */ outputHtml(__LINE__.':'.$mode.'/'.$action.'/'.$what."*
");
+ //* DEBUG: */ print(__LINE__.':'.$mode.'/'.$action.'/'.$what."*
");
if (($mode != 'admin') && ($updateEntry === true)) {
// Update guest or member menu
$sql = SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET counter=counter+1 WHERE `action`='%s' AND `what`='%s'".$add." LIMIT 1",
@@ -818,24 +887,22 @@ function isMenuActionValid ($mode, $action, $what, $updateEntry=false) {
return $ret;
}
-//
+// Send out mails depending on the 'mod/modes' combination
+// @TODO Lame description for this function
function sendModeMails ($mod, $modes) {
// Load hash
- $result_main = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1",
- array(getUserId()), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result_main) == 1) {
- // Load hash from database
- list($hashDB) = SQL_FETCHROW($result_main);
-
+ if (fetchUserData(getUserId())) {
// Extract salt from cookie
$salt = substr(getSession('u_hash'), 0, -40);
// Now let's compare passwords
- $hash = generatePassString($hashDB);
+ $hash = generatePassString(getUserData('password'));
+
+ // Does the hash match or should we change it?
if (($hash == getSession('u_hash')) || (postRequestElement('pass1') == postRequestElement('pass2'))) {
// Load user's data 0 1 2 3 4 5 6 7
$result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND password='%s' LIMIT 1",
- array(getUserId(), $hashDB), __FUNCTION__, __LINE__);
+ array(getUserId(), getUserData('password')), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load the data
$content = SQL_FETCHARRAY($result, 0, false);
@@ -847,7 +914,7 @@ function sendModeMails ($mod, $modes) {
$content['gender'] = translateGender($content['gender']);
// Clear/init the content variable
- $content['info'] = '';
+ $content['message'] = '';
switch ($mod) {
case 'mydata':
@@ -864,10 +931,10 @@ function sendModeMails ($mod, $modes) {
default:
logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode));
- $content['message'] = getMessage('MEMBER_UNKNOWN_MODE').": ".$mode."\n\n";
+ $content['message'] = getMessage('MEMBER_UNKNOWN_MODE') . ': ' . $mode . "\n\n";
break;
} // END - switch
- } // END - if
+ } // END - foreach
if (isExtensionActive('country')) {
// Replace code with description
@@ -944,7 +1011,7 @@ function getModeAction ($mode, $what) {
// Init status
$ret = '';
- //* DEBUG: */ outputHtml(__LINE__.'='.$mode.'/'.$what.'/'.getAction()."=
");
+ //* DEBUG: */ print(__LINE__.'='.$mode.'/'.$what.'/'.getAction()."=
");
if ((empty($what)) && ($mode != 'admin')) {
$what = getConfig('index_home');
} // END - if
@@ -965,7 +1032,7 @@ function getModeAction ($mode, $what) {
// Get it directly from URL
return getAction();
}
- //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."): ret=".$ret."
");
+ //* DEBUG: */ print(__FUNCTION__."(".__LINE__."): ret=".$ret.'
');
// Does the module have a menu?
if (ifModuleHasMenu($mode)) {
@@ -1072,7 +1139,7 @@ function getPaymentPoints ($pid, $lookFor = 'price') {
return $ret;
}
-// Remove a receiver's ID from $receivers and add a link for him to confirm
+// Remove a receiver's id from $receivers and add a link for him to confirm
function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $bonus = false) {
// Default is not removed
$ret = 'failed';
@@ -1084,7 +1151,7 @@ function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $
// Is there already a line for this user available?
if ($stats_id > 0) {
- // Only when we got a real stats ID continue searching for the entry
+ // Only when we got a real stats id continue searching for the entry
$type = 'NORMAL'; $rowName = 'stats_id';
if ($bonus) { $type = 'BONUS'; $rowName = 'bonus_id'; }
@@ -1115,7 +1182,7 @@ function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $
// Calculate sum (default) or count records of given criteria
function countSumTotalData ($search, $tableName, $lookFor = 'id', $whereStatement = 'userid', $countRows = false, $add = '') {
$ret = 0;
- //* DEBUG: */ outputHtml($search.'/'.$tableName.'/'.$lookFor.'/'.$whereStatement.'/'.$add.'
');
+ //* DEBUG: */ print($search.'/'.$tableName.'/'.$lookFor.'/'.$whereStatement.'/'.$add.'
');
if ((empty($search)) && ($search != '0')) {
// Count or sum whole table?
if ($countRows === true) {
@@ -1129,12 +1196,12 @@ function countSumTotalData ($search, $tableName, $lookFor = 'id', $whereStatemen
}
} elseif (($countRows === true) || ($lookFor == 'userid')) {
// Count rows
- //* DEBUG: */ outputHtml("COUNT!
");
+ //* DEBUG: */ print("COUNT!
");
$result = SQL_QUERY_ESC("SELECT COUNT(`%s`) FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`='%s'".$add,
array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__);
} else {
// Add all rows
- //* DEBUG: */ outputHtml("SUM!
");
+ //* DEBUG: */ print("SUM!
");
$result = SQL_QUERY_ESC("SELECT SUM(`%s`) FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`='%s'".$add,
array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__);
}
@@ -1155,6 +1222,7 @@ function countSumTotalData ($search, $tableName, $lookFor = 'id', $whereStatemen
}
// Return value
+ //* DEBUG: */ print 'ret='.$ret.'
';
return $ret;
}
// Getter fro ref level percents
@@ -1197,7 +1265,7 @@ function getReferalLevelPercents ($level) {
* Dynamic referal system, can also send mails!
*
* subject = Subject line, write in lower-case letters and underscore is allowed
- * userid = Referal ID wich should receive...
+ * userid = Referal id wich should receive...
* points = ... xxx points
* sendNotify = shall I send the referal an email or not?
* rid = inc/modules/guest/what-confirm.php need this
@@ -1206,7 +1274,7 @@ function getReferalLevelPercents ($level) {
* for default value will cause no referal will get points ever!!!)
*/
function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify = false, $rid = 0, $locked = false, $add_mode = 'ref') {
- //* DEBUG: */ outputHtml("----------------------- ".__FUNCTION__." - ENTRY ------------------------