X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=f11a84bf7493969c8533f933f211cb52f77fbb37;hb=e7639f20342bea7665b00d22025b028408c005f1;hp=92292cfeaf58a6e435d52085cc1b989d353ff2e9;hpb=60494e212a67fe360bfbb481eb4928480a6f379b;p=mailer.git

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 92292cfeaf..f11a84bf74 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -32,30 +32,25 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
 
 //
-function ADD_MODULE_TITLE($mod)
-{
-	global $MODULES, $_CONFIG;
+function ADD_MODULE_TITLE($mod) {
+	global $cacheArray, $_CONFIG;
 	$name = ""; $result = false;
-	// Load title
-	if (!mxchange_installing)
-	{
-		if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))
-		{
+
+	// Is the script installed?
+	if (isBooleanConstantAndTrue('mxchange_installed')) {
+		if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) {
 			// Load from cache
-			$name = $MODULES['title'][$mod];
+			$name = $cacheArray['modules']['title'][$mod];
 
 			// Update cache hits
 			$_CONFIG['cache_hits']++;
-		}
-		 else
-		{
+		} else {
 			// Load from database
 			$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
 			list($name) = SQL_FETCHROW($result);
@@ -67,22 +62,21 @@ function ADD_MODULE_TITLE($mod)
 	$name = trim($name);
 
 	// Still no luck or empty title?
-	if (empty($name))
-	{
+	if (empty($name)) {
 		// No name found
 		$name = LANG_UNKNOWN_MODULE." (".$mod.")";
-		if (SQL_NUMROWS($result) == 0)
-		{
+		if (SQL_NUMROWS($result) == 0) {
 			// Add module to database
 			$dummy = CHECK_MODULE($mod);
 		}
 	}
 	return $name;
 }
+
 // Check validity of a given module name (no file extension)
 function CHECK_MODULE($mod) {
 	// We need them now here...
-	global $MODULES, $_CONFIG, $CACHE;
+	global $cacheArray, $_CONFIG, $cacheInstance;
 
 	// Filter module name (names with low chars and underlines are fine!)
 	$mod = preg_replace("/[^a-z_]/", "", $mod);
@@ -104,18 +98,18 @@ function CHECK_MODULE($mod) {
 	$ret = "major";
 
 	// Check if script is installed if not return a "done" to prevent some errors
-	if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";
+	if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (!isBooleanConstantAndTrue('admin_registered'))) return "done";
 
 	// Check if cache is latest version
 	$locked = 'Y'; $hidden = 'N'; $admin = 'N'; $mem = 'N'; $found = false;
-	if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module']))) {
+	if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module']))) {
 		// Is the module cached?
-		if (isset($MODULES['locked'][$mod_chk])) {
+		if (isset($cacheArray['modules']['locked'][$mod_chk])) {
 			// Check cache
-			$locked = $MODULES['locked'][$mod_chk];
-			$hidden = $MODULES['hidden'][$mod_chk];
-			$admin  = $MODULES['admin_only'][$mod_chk];
-			$mem    = $MODULES['mem_only'][$mod_chk];
+			$locked = $cacheArray['modules']['locked'][$mod_chk];
+			$hidden = $cacheArray['modules']['hidden'][$mod_chk];
+			$admin  = $cacheArray['modules']['admin_only'][$mod_chk];
+			$mem    = $cacheArray['modules']['mem_only'][$mod_chk];
 
 			// Update cache hits
 			$_CONFIG['cache_hits']++;
@@ -178,8 +172,8 @@ function CHECK_MODULE($mod) {
 
 			// Destroy cache here
 			if (GET_EXT_VERSION("cache") >= "0.1.2") {
-				if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();
-				unset($MODULES);
+				if ($cacheInstance->cache_file("mod_reg", true)) $cacheInstance->cache_destroy();
+				unset($cacheArray['modules']);
 			}
 
 			// And reload data
@@ -193,9 +187,9 @@ function CHECK_MODULE($mod) {
 	// Return the value
 	return $ret;
 }
+
 // Add menu description pending on given file name (without path!)
-function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
-{
+function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
 	global $DEPTH, $_CONFIG;
 	$LINK_ADD = ""; $OUT = ""; $AND = "";
 	// First we have to do some analysis...
@@ -235,8 +229,8 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
 			}
 			break;
 		}
-		$DUMMY = substr($search, 0, -4);
-		$AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";
+		$dummy = substr($search, 0, -4);
+		$AND .= " AND action='".GET_ACTION($ACC_LVL, $dummy)."'";
 	} elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine")) {
 		// Sponsor / engine menu
 		$type = "what";
@@ -257,12 +251,16 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
 		if (!$return) $DEPTH++;
 		$prefix = "";
 	}
+
 	$prefix .= " -> ";
+
 	if (ereg(".php", $search)) {
 		$search = substr($search, 0, strpos($search, ".php"));
 	}
+
 	$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
 	 array($ACC_LVL, $type, $search), __FILE__, __LINE__);
+
 	if (SQL_NUMROWS($result) == 1) {
 		list($ret) = SQL_FETCHROW($result);
 		SQL_FREERESULT($result);
@@ -276,6 +274,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
 			if (($type == "what") || (($type == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
 				//* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
 				$OUT .= "</DIV><br />\n";
+				$DEPTH="0";
 			}
 		}
 	}
@@ -292,22 +291,28 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
 //
 function ADD_MENU($MODE, $act, $wht) {
 	global $_CONFIG;
+
+	// Init some variables
+	$main_cnt = 0;
+	$AND = "";
+	$main_action = "";
+	$sub_what = "";
+
 	if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
-	$main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
-	if (!IS_ADMIN())
-	{
+
+	// Non-admin shall not see all menus
+	if (!IS_ADMIN()) {
 		$AND = "AND visible='Y' AND locked='N'";
 	}
+
 	// Load SQL data and add the menu to the output stream...
 	$result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
 	 array($MODE), __FILE__, __LINE__);
 	//* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
-	if (SQL_NUMROWS($result_main) > 0)
-	{
+	if (SQL_NUMROWS($result_main) > 0) {
 		OUTPUT_HTML("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
 		// There are menus available, so we simply display them... :)
-		while (list($main_title, $main_action) = SQL_FETCHROW($result_main))
-		{
+		while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) {
 			//* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
 			// Load menu header template
 			$BLOCK_MODE = false; $act = $main_action;
@@ -316,11 +321,10 @@ function ADD_MENU($MODE, $act, $wht) {
 			$result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
 			 array($MODE, $main_action), __FILE__, __LINE__);
 			$ctl = SQL_NUMROWS($result_sub);
-			if ($ctl > 0)
-			{
+			if ($ctl > 0) {
 				$cnt=0;
-				while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))
-				{
+				while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub)) {
+					// Init content
 					$content = "";
 
 					// Full file name for checking menu
@@ -389,38 +393,37 @@ function ADD_MENU($MODE, $act, $wht) {
 // This patched function will reduce many SELECT queries for the specified or current admin login
 function IS_ADMIN($admin="")
 {
-	global $_COOKIE, $ADMINS, $_CONFIG;
+	global $cacheArray, $_CONFIG;
 	$ret = false; $passCookie = ""; $valPass = "";
 	//* DEBUG: */ echo __LINE__."ADMIN:".$admin."<br />";
 
 	// If admin login is not given take current from cookies...
-	if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))
-	{
-		$admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];
+	if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+		// Get admin login and password from session/cookies
+		$admin = SQL_ESCAPE(get_session('admin_login'));
+		$passCookie = SQL_ESCAPE(get_session('admin_md5'));
 	}
 	//* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
 
 	// Search in array for entry
-	if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))
-	{
+	if ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
 		// Count cache hits
 		$_CONFIG['cache_hits']++;
 
 		// Login data is valid or not?
-		$valPass = generatePassString($ADMINS['password'][$admin]);
-	}
-	 elseif (!empty($admin))
-	{
+		$valPass = generatePassString($cacheArray['admins']['password'][$admin]);
+	} elseif (!empty($admin)) {
 		// Search for admin
 		$result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
 		 array($admin), __FILE__, __LINE__);
 
 		// Is he admin?
 		$passDB = "";
-		if (SQL_NUMROWS($result) == 1)
-		{
+		if (SQL_NUMROWS($result) == 1) {
 			// Admin login was found so let's load password from DB
 			list($passDB) = SQL_FETCHROW($result);
+
+			// Generate password hash
 			$valPass = generatePassString($passDB);
 		}
 
@@ -428,11 +431,10 @@ function IS_ADMIN($admin="")
 		SQL_FREERESULT($result);
 	}
 
-	if (!empty($valPass))
-	{
+	if (!empty($valPass)) {
 		// Check if password is valid
-		//* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";
-		$ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
+		//* DEBUG: */ echo __FUNCTION__."*".$valPass."/".$passCookie."*<br />\n";
+		$ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
 	}
 
 	// Return result of comparision
@@ -538,7 +540,7 @@ function WHAT_IS_VALID($act, $wht, $type="guest")
 //
 function IS_LOGGED_IN()
 {
-	global $_COOKIE, $status, $LAST;
+	global $status, $LAST;
 	if (!is_array($LAST)) $LAST = array();
 	$ret = false;
 
@@ -546,7 +548,7 @@ function IS_LOGGED_IN()
 	FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
 
 	// Are cookies set?
-	if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))
+	if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH')))
 	{
 		// Cookies are set with values, but are they valid?
 		$result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
@@ -563,38 +565,29 @@ function IS_LOGGED_IN()
 			if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
 
 			// So did we now have valid data and an unlocked user?
-			//* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";
-			if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))
-			{
+			//* DEBUG: */ echo $valPass."<br>".get_session('u_hash')."<br>";
+			if (($status == "CONFIRMED") && ($valPass == get_session('u_hash'))) {
 				// Account is confirmed and all cookie data is valid so he is definely logged in! :-)
 				$ret = true;
-			}
-			 else
-			{
+			} else {
 				// Maybe got locked etc.
 				//* DEBUG: */ echo __LINE__."!!!<br>";
-				@setcookie("userid", "", time() - 3600, COOKIE_PATH);
-				@setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
-				@setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+				set_session("userid", "");
+				set_session("u_hash", "");
+				set_session("lifetime", "");
 
 				// Remove array elements to prevent errors
 				unset($GLOBALS['userid']);
-				unset($_COOKIE['u_hash']);
-				unset($_COOKIE['lifetime']);
 			}
-		}
-		 else
-		{
+		} else {
 			// Cookie data is invalid!
 			//* DEBUG: */ echo __LINE__."***<br>";
-			@setcookie("userid", "", time() - 3600, COOKIE_PATH);
-			@setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
-			@setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+			set_session("userid", "");
+			set_session("u_hash", "");
+			set_session("lifetime", "");
 
 			// Remove array elements to prevent errors
 			unset($GLOBALS['userid']);
-			unset($_COOKIE['u_hash']);
-			unset($_COOKIE['lifetime']);
 		}
 
 		// Free memory
@@ -604,14 +597,12 @@ function IS_LOGGED_IN()
 	{
 		// Cookie data is invalid!
 		//* DEBUG: */ echo __LINE__."///<br>";
-		@setcookie("userid", "", time() - 3600, COOKIE_PATH);
-		@setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
-		@setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+		set_session("userid", "");
+		set_session("u_hash", "");
+		set_session("lifetime", "");
 
 		// Remove array elements to prevent errors
 		unset($GLOBALS['userid']);
-		unset($_COOKIE['u_hash']);
-		unset($_COOKIE['lifetime']);
 	}
 	return $ret;
 }
@@ -621,16 +612,16 @@ function UPDATE_LOGIN_DATA ($UPDATE=true) {
 	if (!is_array($LAST)) $LAST = array();
 
 	// Are the required cookies set?
-	if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {
+	if ((!isset($GLOBALS['userid'])) || (!isSessionVariableSet('u_hash')) || (!isSessionVariableSet('lifetime'))) {
 		// Nope, then return here to caller function
 		return false;
 	} else {
 		// Secure user ID
-		$GLOBALS['userid'] = bigintval($_COOKIE['userid']);
+		$GLOBALS['userid'] = bigintval(get_session('userid'));
 	}
 
 	// Extract last online time (life) and how long is auto-login valid (time)
-	$newl = time() + bigintval($_COOKIE['lifetime']);
+	$newl = time() + bigintval(get_session('lifetime'));
 
 	// Recheck if logged in
 	if (!IS_LOGGED_IN()) return false;
@@ -645,7 +636,7 @@ function UPDATE_LOGIN_DATA ($UPDATE=true) {
 		// Maybe first login time?
 		if (empty($mod)) $mod = "login";
 
-		if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {
+		if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", SQL_ESCAPE(get_session('u_hash')), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) {
 			// This will be displayed on welcome page! :-)
 			if (empty($LAST['module'])) {
 				$LAST['module'] = $mod; $LAST['online'] = $onl;
@@ -658,13 +649,11 @@ function UPDATE_LOGIN_DATA ($UPDATE=true) {
 			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
 			 array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
 		}
-	}
-	 else
-	{
+	}  else {
 		// Destroy session, we cannot update!
-		@setcookie("userid", "", time() - 3600, COOKIE_PATH);
-		@setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
-		@setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+		set_session("userid", "");
+		set_session("u_hash", "");
+		set_session("lifetime", "");
 	}
 }
 //
@@ -742,11 +731,11 @@ function SEND_MODE_MAILS($mod, $modes)
 		list($hashDB) = SQL_FETCHROW($result_main);
 
 		// Extract salt from cookie
-		$salt = substr($_COOKIE['u_hash'], 0, -40);
+		$salt = substr(get_session('u_hash'), 0, -40);
 
 		// Now let's compare passwords
 		$hash = generatePassString($hashDB);
-		if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2'])) {
+		if (($hash == get_session('u_hash')) || ($_POST['pass1'] == $_POST['pass2'])) {
 			// Load user's data
 			$result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
 			 array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__);
@@ -1060,21 +1049,17 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
 	global $DEPTH, $_CONFIG, $DATA, $link;
 
 	// When $uid = 0 add points to jackpot
-	if ($uid == "0")
-	{
+	if ($uid == "0") {
 		// Add points to jackpot
 		ADD_JACKPOT($points);
 		return;
 	}
 
 	// Count up referral depth
-	if (empty($DEPTH))
-	{
+	if (empty($DEPTH)) {
 		// Initialialize referral system
 		$DEPTH = "0";
-	}
-	 else
-	{
+	} else {
 		// Increase referral level
 		$DEPTH++;
 	}
@@ -1084,49 +1069,57 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
 
 	$result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
 	 array(bigintval($uid)), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result_user) == 1)
-	{
+	//* DEBUG */ echo "+".SQL_NUMROWS($result_user).":".$points."+<br />\n";
+	if (SQL_NUMROWS($result_user) == 1) {
 		// This is the user and his ref
 		list ($ref, $email) = SQL_FETCHROW($result_user);
 		SQL_FREERESULT($result_user);
+
 		$result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
 		 array(bigintval($DEPTH)), __FILE__, __LINE__);
-		if (SQL_NUMROWS($result) == 1)
-		{
+		//* DEBUG */ echo "DEPTH:".$DEPTH."<br />\n";
+		if (SQL_NUMROWS($result) == 1) {
 			list($per) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
 			$P = $points * $per / 100;
+			//* DEBUG */ echo "ADD:".$P."<br />\n";
 
 			// Update points...
 			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=%d LIMIT 1",
 			 array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
-			if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
-			{
+			if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0) {
 				// First ref in this level! :-)
 				$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%d, %d, %s)",
 				 array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
 			}
 
 			// Update mediadata as well
-			if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-			{
+			if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
 				// Update database
 				MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);
 			}
 
 			// Points updated, maybe I shall send him an email?
-			if (($send_notify) && ($ref > 0) && (!$locked))
-			{
+			if (($send_notify) && ($ref > 0) && (!$locked)) {
 				//              0                1      2              3
 				$DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));
 				$msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
 
 				SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
+			} elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) {
+				// Direct payment shall be notified about
+				define('__POINTS_VALUE', $P);
+
+				// Load message
+				$msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid);
+
+				// And sent it away
+				SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
+				if (!isset($_GET['mid'])) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED);
 			}
 
 			// Maybe there's another ref?
-			if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))
-			{
+			if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) {
 				// Then let's credit him here...
 				ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
 			}
@@ -1136,7 +1129,7 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
 //
 function UPDATE_REF_COUNTER($uid)
 {
-	global $REF_LVL, $link, $CACHE;
+	global $REF_LVL, $link, $cacheInstance;
 	// Make it sure referral level zero (member him-/herself) is at least selected
 	if (empty($REF_LVL)) $REF_LVL = "0";
 
@@ -1169,7 +1162,7 @@ function UPDATE_REF_COUNTER($uid)
 	 elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
 	{
 		// Remove cache here
-		if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();
+		if ($cacheInstance->cache_file("refsystem", true)) $cacheInstance->cache_destroy();
 	}
 }
 //
@@ -1196,10 +1189,9 @@ function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
 		// Is administrator
 		$ADMIN = 'Y';
 	}
-	if (!empty($_COOKIE['refid']))
-	{
+	if (isSessionVariableSet('refid')) {
 		// Check cookie
-		if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];
+		if (get_session('refid') > 0) $rid = $GLOBALS['refid'];
 	}
 
 	// Now Read data
@@ -1239,9 +1231,8 @@ WHERE sid='%s' LIMIT 1",
 	}
 
 	// Purge old entries
-	$TIMEOUT = time() - $_CONFIG['online_timeout'];
-	$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",
-	 array($TIMEOUT), __FILE__, __LINE__);
+	$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %d)",
+	 array($_CONFIG['online_timeout']), __FILE__, __LINE__);
 }
 // OBSULETE: Sends out mail to all administrators
 function SEND_ADMIN_EMAILS($subj, $msg)
@@ -1257,12 +1248,12 @@ function SEND_ADMIN_EMAILS($subj, $msg)
 // Get ID number from administrator's login name
 function GET_ADMIN_ID($login)
 {
-	global $ADMINS;
+	global $cacheArray;
 	$ret = "-1";
-	if (!empty($ADMINS['aid'][$login]))
+	if (!empty($cacheArray['admins']['aid'][$login]))
 	{
 		// Check cache
-		$ret = $ADMINS['aid'][$login];
+		$ret = $cacheArray['admins']['aid'][$login];
 		if (empty($ret)) $ret = "-1";
 	}
 	 else
@@ -1282,12 +1273,12 @@ function GET_ADMIN_ID($login)
 // Get password hash from administrator's login name
 function GET_ADMIN_HASH($login)
 {
-	global $ADMINS;
+	global $cacheArray;
 	$ret = "-1";
-	if (!empty($ADMINS['password'][$login]))
+	if (!empty($cacheArray['admins']['password'][$login]))
 	{
 		// Check cache
-		$ret = $ADMINS['password'][$login];
+		$ret = $cacheArray['admins']['password'][$login];
 		if (empty($ret)) $ret = "-1";
 	}
 	 else
@@ -1306,12 +1297,12 @@ function GET_ADMIN_HASH($login)
 //
 function GET_ADMIN_LOGIN($aid)
 {
-	global $ADMINS;
+	global $cacheArray;
 	$ret = "***";
-	if (!empty($ADMINS['login']['aid']))
+	if (!empty($cacheArray['admins']['login']['aid']))
 	{
 		// Check cache
-		if (!empty($ADMINS['login'][$aid]))	$ret = $ADMINS['login'][$aid];
+		if (!empty($cacheArray['admins']['login'][$aid]))	$ret = $cacheArray['admins']['login'][$aid];
 		if (empty($ret)) $ret = "***";
 	}
 	 else
@@ -1394,7 +1385,7 @@ function activateExchange() {
 		$SQLs = array(
 			"UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
 			"UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
-			"UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"
+			"UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config=0 LIMIT 1"
 		);
 
 		// Run SQLs
@@ -1514,36 +1505,38 @@ function SUB_JACKPOT($points)
 	}
 }
 //
-function IS_DEMO()
-{
-	global $_COOKIE;
-	return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));
+function IS_DEMO() {
+	return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo"));
 }
 //
 function LOAD_CONFIG($no="0")
 {
-	global $CFG_CACHE, $_CONFIG;
-	$CFG_DUMMY = false;
+	global $cacheArray;
+	$CFG_DUMMY = array();
+
 	// Check for cache extension, cache-array and if the requested configuration is in cache
-	if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))
-	{
+	if ((is_array($cacheArray)) && (isset($cacheArray['config'][$no])) && (is_array($cacheArray['config'][$no]))) {
 		// Load config from cache
-		$CFG_DUMMY = array();
-		foreach ($CFG_CACHE as $element=>$cfgs)
-		{
-			$CFG_DUMMY[$element] = $cfgs[$no];
+		//* DEBUG: */ echo gettype($cacheArray['config'][$no])."<br />\n";
+		foreach ($cacheArray['config'][$no] as $key=>$value) {
+			$CFG_DUMMY[$key] = $value;
 		}
 
 		// Count cache hits
-		$_CONFIG['cache_hits']++;
-	}
-	 else
-	{
+		$CFG_DUMMY['cache_hits']++;
+	} else {
 		// Load config from DB
-		$result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",
-		 array(bigintval($no)), __FILE__, __LINE__);
+		$result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config=%d LIMIT 1",
+			array(bigintval($no)), __FILE__, __LINE__);
+
+		// Get config from database
 		$CFG_DUMMY = SQL_FETCHARRAY($result_config);
+
+		// Free result
 		SQL_FREERESULT($result_config);
+
+		// Remember this config in the array
+		$cacheArray['config'][$no] = $CFG_DUMMY;
 	}
 
 	// Return config array
@@ -1576,22 +1569,22 @@ function GET_WHAT($MOD_CHECK)
 //
 function MODULE_HAS_MENU($mod)
 {
-	global $EXTENSIONS, $MODULES, $_CONFIG;
+	global $cacheArray, $_CONFIG;
 
 	// All is false by default
 	$ret = false;
 	if (GET_EXT_VERSION("cache") >= "0.1.2")
 	{
-		if (isset($MODULES['has_menu'][$mod]))
+		if (isset($cacheArray['modules']['has_menu'][$mod]))
 		{
 			// Check module cache and count hit
-			if ($MODULES['has_menu'][$mod] == 'Y') $ret = true;
+			if ($cacheArray['modules']['has_menu'][$mod] == 'Y') $ret = true;
 			$_CONFIG['cache_hits']++;
 		}
-		 elseif (isset($EXTENSIONS['ext_menu'][$mod]))
+		 elseif (isset($cacheArray['extensions']['ext_menu'][$mod]))
 		{
 			// Check cache and count hit
-			if ($EXTENSIONS['ext_menu'][$mod] == 'Y') $ret = true;
+			if ($cacheArray['extensions']['ext_menu'][$mod] == 'Y') $ret = true;
 			$_CONFIG['cache_hits']++;
 		}
 	}