./inc/functions.php:2251: // @TODO This is still very static, rewrite it somehow
./inc/gen_sql_patches.php:96:// @TODO Rewrite this to a filter
./inc/install-functions.php:59: // @TODO DEACTIVATED: changeDataInFile(getCachePath() . 'config-local.php', 'OUTPUT-MODE', "setConfigEntry('OUTPUT_MODE', '", "');", postRequestParameter('omode'), 0);
-./inc/language/de.php:1118:// @TODO Rewrite these two constants
-./inc/language/de.php:1133:// @TODO Rewrite these three constants
+./inc/language/de.php:1119:// @TODO Rewrite these two constants
+./inc/language/de.php:1134:// @TODO Rewrite these three constants
./inc/language/de.php:300: // @TODO Following two are unused?
-./inc/language/de.php:810:// @TODO Are these constants longer used?
+./inc/language/de.php:811:// @TODO Are these constants longer used?
./inc/language-functions.php:234: // @TODO These are all valid languages, again hard-coded
./inc/language-functions.php:46:// @TODO Rewrite all language constants to this function.
./inc/language/rallye_de.php:13: * @TODO Naming convention not applied for language strings *
./inc/modules/member/what-unconfirmed.php:143: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY()
./inc/modules/order.php:76: // @TODO Unused: 2,4
./inc/monthly/monthly_bonus.php:69: // @TODO Rewrite this to a filter
-./inc/mysql-manager.php:1171: // @TODO Rewrite this to a filter
-./inc/mysql-manager.php:1418: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY()
-./inc/mysql-manager.php:1516: // @TODO Rewrite this to a filter
-./inc/mysql-manager.php:1883: // @TODO Rewrite this to a filter
-./inc/mysql-manager.php:1927:// @TODO Fix inconsistency between last_module and getWhat()
+./inc/mysql-manager.php:1170: // @TODO Rewrite this to a filter
+./inc/mysql-manager.php:1417: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY()
+./inc/mysql-manager.php:1515: // @TODO Rewrite this to a filter
+./inc/mysql-manager.php:1882: // @TODO Rewrite this to a filter
+./inc/mysql-manager.php:1926:// @TODO Fix inconsistency between last_module and getWhat()
./inc/mysql-manager.php:370: // @TODO Try to rewrite this to one or more functions
./inc/mysql-manager.php:46:// @TODO Can we cache this?
./inc/reset/reset_beg.php:51:// @TODO This should be converted in a daily beg rallye
'ACCOUNT_STATUS_CONFIRMED' => "<span class=\"admin_green\">Bestätigt</span>",
'ACCOUNT_STATUS_LOCKED' => "<span class=\"admin_failed\">Gesperrt</span>",
'ACCOUNT_STATUS_DELETED' => "<span class=\"admin_failed\">Gelöscht</span>",
+ 'ACCOUNT_STATUS_PENDING' => "<span class=\"admin_failed\">Wartend</span>",
'ADMIN_ALL_ACCOUNTS' => "Alle Mitglieder-Accounts auflisten",
'ADMIN_NO_NONE_REGISTERED' => "Ihre Suchkriterieren ergaben keine Treffer in der Mitgliederliste. ",
'ADMIN_MEMBER_404' => "Mitglieds-Account <span class=\"data\">%s</span> existiert nicht.",
'GUEST_SPONSOR_RECEIVE_WARNINGS' => "Bei Datenänderung eine Bestätigung per Mail erhalten?",
'SPONSOR_ACCEPT_TERMS' => "Ich/wir habe/n die [<strong><a href=\"{%url=modules.php?module=index&what=sponsor_agb%}\" target=\"_blank\">AGBs</a></strong>] gelesen und akzeptiert.",
'SPONSOR_TERMS_HEADER' => "Allgemeine Geschäftsbedingungen",
+ 'ADMIN_SPONSOR_ACCOUNT_404_ALREADY_CONFIRMED' => "Das von Ihnen angegebene Sponsoraccount <span class=\"data\">%s</span> konnte entweder nicht gefunden werden, oder ist bereits freigegeben.",
// Add payment types
'ADMIN_SPONSOR_NO_PAYTYPES' => "Noch keine Buchungspakete eingerichtet.",
}
// Remove last ", " from SQL string
- $sql = substr($sql, 0, -2)." WHERE `id`='%s' LIMIT 1";
+ $sql = substr($sql, 0, -2)." WHERE `id`=%s LIMIT 1";
$DATA['values'][] = bigintval(getRequestParameter('id'));
// Generate message
FROM
`{?_MYSQL_PREFIX?}_sponsor_data`
WHERE
- `id`='%s' AND `password`='%s' AND `status`='CONFIRMED'
+ `id`=%s AND `password`='%s' AND `status`='CONFIRMED'
LIMIT 1",
array(
bigintval(getSession('sponsor_id')),
// Is sponsor?
if (isSponsor()) {
// Update last online timestamp
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data`
-SET `last_online`=UNIX_TIMESTAMP()
-WHERE `id`='%s' AND `password`='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+SET
+ `last_online`=UNIX_TIMESTAMP()
+WHERE
+ `id`=%s AND
+ `password`='%s'
+LIMIT 1",
array(
bigintval(getSession('sponsor_id')),
getSession('sponsorpass')
if (isGetRequestParameterSet('id')) {
// Check for selected sponsor
- $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `id`, `email`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`=%s LIMIT 1",
array(bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Remove sponsor
sendEmail($content['email'], '{--ADMIN_SPONSOR_DELETE_SUBJECT--}', $message);
// Remove account
- SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`=%s LIMIT 1",
array(bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
// Remove orders
// Some security stuff...
if ((!defined('__SECURITY')) || (!isAdmin())) {
die();
-}
+} // END - if
// Add description as navigation point
addMenuDescription('admin', __FILE__);
if ((isGetRequestParameterSet('id')) && (isGetRequestParameterSet('mode'))) {
// Check for selected sponsor
$result_main = SQL_QUERY_ESC("SELECT
- `company`, `position`, `gender`, `surname`, `family`,
+ `id`, `company`, `position`, `gender`, `surname`, `family`,
`street_nr1`, `street_nr2`, `zip`, `city`, `country`,
`phone`, `fax`, `cell`, `email`, `url`, `tax_ident`,
`receive_warnings`, `warning_interval`
FROM
`{?_MYSQL_PREFIX?}_sponsor_data`
WHERE
- `id`='%s'
+ `id`=%s
LIMIT 1",
array(bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) == 1) {
$content = SQL_FETCHARRAY($result_main);
// Prepare all data for the template
- // Sponsor's id
- $content['id'] = bigintval(getRequestParameter('id'));
-
// Init gender
foreach (array('m', 'f', 'c') as $gender) {
$content['gender_' . $gender] = '';
$points = bigintval(convertCommaToDot(postRequestParameter('points')));
// Add points to account
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `points_amount`=`points_amount`+%s WHERE `id`='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `points_amount`=`points_amount`+%s WHERE `id`=%s LIMIT 1",
array($points, bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
$points = bigintval(convertCommaToDot(postRequestParameter('points')));
// Add points to account
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `points_used`=`points_used`+%s WHERE `id`='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `points_used`=`points_used`+%s WHERE `id`=%s LIMIT 1",
array($points, bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
} // END - if
} elseif (isFileReadable(sprintf("%stemplates/%s/html/admin/%s.tpl", getPath(), getLanguage(), $TPL))) {
// Create mailto link
- $content['contact'] = '<a href="' . generateEmailLink($content['email'], 'sponsor_data') . '">' . $content['surname'] . ' ' . $content['family'] . '</a>';
+ $content['contact'] = '<a href="' . generateSponsorEmailLink($content['email'], 'sponsor_data') . '">' . $content['surname'] . ' ' . $content['family'] . '</a>';
// Load mode template
- loadTemplate($TPL);
+ loadTemplate($TPL, false, $content);
} else {
// Template not found!
loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_SPONSOR_MODUS_TPL_404', getRequestParameter('mode')));
SQL_FREERESULT($result);
} elseif (isGetRequestParameterSet('refid')) {
// Search for sponsor
- $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`=%s LIMIT 1",
array(bigintval(getRequestParameter('refid'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Free memory
`pay_min_count`='%s',
`pay_currency`='%s'
WHERE
- `id`='%s'
+ `id`=%s
LIMIT 1",
array(
postRequestParameter('name', $id),
// Remove entries here...
foreach (postRequestParameter('id') as $id => $sel) {
// Remove entry
- SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_sponsor_paytypes` WHERE `id`='%s' LIMIT 1",
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_sponsor_paytypes` WHERE `id`=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
}
if (isGetRequestParameterSet('id')) {
// Check for selected sponsor
- $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`=%s LIMIT 1",
array(bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// ...
if (isGetRequestParameterSet('id')) {
// Check for selected sponsor
- $result_sponsor = SQL_QUERY_ESC("SELECT `gender`, `surname`, `family`, `email`, `status` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ $result_sponsor = SQL_QUERY_ESC("SELECT `gender`, `surname`, `family`, `email`, `status` FROM `{?_MYSQL_PREFIX?}_sponsor_data` WHERE `id`=%s LIMIT 1",
array(bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result_sponsor) == 1) {
// Get sponsor's current status and let only confirmed and locked status pass
sendEmail($content['email'], $subject, $message);
// Update sponsor's account
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='%s' WHERE `id`='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_sponsor_data` SET `status`='%s' WHERE `id`=%s LIMIT 1",
array($content['status'], bigintval(getRequestParameter('id'))), __FILE__, __LINE__);
} elseif (isPostRequestParameterSet('no')) {
// No don't lock / unlock now!
// Load his personal data
$result_main = SQL_QUERY_ESC("SELECT
- `gender`, `surname`, `family`, `email`, `remote_addr`, `sponsor_created`, `points_amount`, `refid`
+ `id`, `gender`, `surname`, `family`, `email`, `remote_addr`, `sponsor_created`, `points_amount`, `points_used`, `refid`
FROM
`{?_MYSQL_PREFIX?}_sponsor_data`
WHERE
- `status`='PENDING' AND
+ `status` IN('PENDING','UNCONFIRMED') AND
`id`=%s
LIMIT 1",
array($content['id']), __FILE__, __LINE__);
+ /// Is there an entry?
if (SQL_NUMROWS($result_main) == 1) {
// Load data
$content = SQL_FETCHARRAY($result_main);
+ // Add total amount
+ $content['points'] = ($content['points_amount'] - $content['points_used']);
+
// Check for open payments and close them
$result = SQL_QUERY_ESC("SELECT
so.admin_id, so.pay_count, so.pay_ordered, so.pay_status,
// Free memory
SQL_FREERESULT($result);
+ } else {
+ // Not found
+ loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_SPONSOR_ACCOUNT_404_ALREADY_CONFIRMED', $content['id']));
+ return;
}
// Free memory
`status`='CONFIRMED'
WHERE
`id`=%s AND
- `status`='PENDING'
+ `status` IN('PENDING','UNCONFIRMED')
LIMIT 1",
array($content['id']), __FILE__, __LINE__);
FROM
`{?_MYSQL_PREFIX?}_sponsor_data`
WHERE
- `status`='PENDING' OR `status`='UNCONFIRMED'
+ `status` IN('PENDING','UNCONFIRMED')
ORDER BY
`id`", __FILE__, __LINE__);
SET
`status`='CONFIRMED'
WHERE
- `id`='%s' AND
+ `id`=%s AND
`hash`='%s' AND
`status`='EMAIL'
LIMIT 1",
if (isFormSent()) {
// Check email
- $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
-FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT
+ `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `email`='%s' AND
+ `id`=%s AND
+ `status`='CONFIRMED'
+LIMIT 1",
array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__);
// Entry found?
FROM
`{?_MYSQL_PREFIX?}_sponsor_data`
WHERE
- `id`='%s' AND
+ `id`=%s AND
`password`='%s'
LIMIT 1",
array(
+<div align="center">
<form accept-charset="utf-8" action="{%url=modules.php?module=admin&what=list_sponsor%}" method="post">
<table border="0" cellspacing="0" cellpadding="0" class="admin_table dashed" align="center">
<tr>
</tr>
</table>
</form>
+</div>
projects / mailer.git / commitdiff