// SQL string escaping
function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true) {
global $link;
+
+ if ($strip) {
+ $strip = "true";
+ } else {
+ $strip = "false";
+ }
+
$query = "";
$eval = "\$query = sprintf(\"".$qstring."\"";
foreach ($data as $var) {
if ((!empty($var)) || ($var === 0)) {
- if ($strip) {
- $eval .= ", SQL_ESCAPE(\"".strip_tags($var)."\")";
- } else {
- $eval .= ", SQL_ESCAPE(\"".$var."\")";
- }
+ $eval .= ", SQL_ESCAPE(\"".$var."\",true,".$strip.")";
} else {
$eval .= ", ''";
}
//fwrite($fp, $file."(".$line."): ".str_replace("\r", "", str_replace("\n", " ", $eval))."\n");
//fclose($fp);
@eval($eval);
+ // Was the eval() command fine?
if (empty($query)) {
+ // Something went wrong?
print "eval=".htmlentities($eval)."<pre>";
debug_print_backtrace();
die("</pre>");
- }
+ } // END - if
+
if ($run) {
// Run SQL query (default)
return SQL_QUERY($query, $file, $line);
return @mysql_insert_id();
}
// Escape a string for the database
-function SQL_ESCAPE($str, $secureString = true) {
+function SQL_ESCAPE($str, $secureString=true,$strip=true) {
global $link;
// Secure string first? (which is the default behaviour!)
if ($secureString) {
// Then do it here
- $str = secureString($str);
+ $str = secureString($str, $strip);
} // END - if
if (!is_resource($link)) {
$file = sprintf("%sinc/extensions/ext-%s.php", PATH, $ext_name);
// Does this extension exists?
- if (FILE_READABLE($file))
- {
+ if (FILE_READABLE($file)) {
// Extension was found so we can load it in registration mode
require($file);
// And run possible updates
$EXT_LOAD_MODE = "update"; $EXT_UPDATE_DEPENDS = "";
- foreach ($EXT_VER_HISTORY as $EXT_VER)
- {
+ foreach ($EXT_VER_HISTORY as $EXT_VER) {
+ // Load extension in update mode
require($file);
+
+ // Do we have an update?
if (((GET_EXT_VERSION("sql_patches") != "") && ($_CONFIG['verbose_sql'] == "Y")) || (!EXT_IS_ACTIVE("sql_patches"))) {
if (!empty($UPDATE_NOTES)) {
// Update notes found
// No update notes found!
$NOTES .= "<STRONG>v".$EXT_VER.":</STRONG><br /><I>".NO_UPDATE_NOTES."</I><br /><br />\n";
}
- }
- }
+ } // END - if
+ } // END - foreach
// Does this extension depends on an outstanding update of another update?
- if (!empty($EXT_UPDATE_DEPENDS))
- {
+ if (!empty($EXT_UPDATE_DEPENDS)) {
// Backup SQL commands and clear current
- $SQLs2 = $SQLs; $SQLs = array(); $test = false;
+ $SQLs2 = $SQLs;
+ $SQLs = array();
+ $test = false;
// Backup language as well
- $LANG_BCK = $EXT_LANG_PREFIX; $EXT_ALWAYS_ACTIVE = "N";
+ $LANG_BCK = $EXT_LANG_PREFIX;
+ $EXT_ALWAYS_ACTIVE = "N";
// Load required extension also in update mode
$file = sprintf("%sinc/extensions/ext-%s.php", PATH, $EXT_UPDATE_DEPENDS);
// Check for required file
- if (FILE_READABLE($file))
- {
+ if (FILE_READABLE($file)) {
// File exists so let's load it
$VER_BACKUP = $EXT_VERSION;
require($file);
// If versions mismatch update extension first
$ext_ver = GET_EXT_VERSION($EXT_UPDATE_DEPENDS);
- if (empty($ext_ver))
- {
+
+ // Extension version set?
+ if (empty($ext_ver)) {
// Extension not registered so far so first load task's ID...
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE task_type='EXTENSION' AND subject LIKE '[%s:]%%' LIMIT 1",
array($EXT_UPDATE_DEPENDS), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
// Task found so load task's ID and register extension...
list($task) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+
+ // Try to register the extension
$test = EXTENSION_REGISTER($EXT_UPDATE_DEPENDS, $task, $dry_run);
- }
- }
- elseif ($ext_ver != $EXT_VERSION)
- {
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+ } elseif ($ext_ver != $EXT_VERSION) {
// Ok, update this extension now
EXTENSION_UPDATE(basename($file), $EXT_UPDATE_DEPENDS, $ext_ver, $dry_run);
// All okay!
$test = true;
- }
- else
- {
+ } else {
// Nothing to register / update before...
$test = true;
}
- }
- else
- {
+ } else {
// Required file for update does not exists!
$test = true;
// But this is fine for the first time...
// Finally restore previous SQLs
$SQLs = $SQLs2; unset($SQLs2);
$EXT_LANG_PREFIX = $LANG_BCK;
- }
- else
- {
+ } else {
// Does not depend on an other extension
$test = true;
}
if (FILE_READABLE($file)) {
// Load the include
require($file);
- }
+ } // END - if
//* DEBUG: */ echo __FUNCTION__.":SQLs::count=".count($SQLs)."<br />\n";
if ((is_array($SQLs) && (sizeof($SQLs) > 0))) {
// Load extension in update mode
$EXT_LOAD_MODE = "update"; $EXT_UPDATE_DEPENDS = ""; $NOTES = "";
- include(PATH."inc/extensions/".$file);
- if (!empty($EXT_UPDATE_DEPENDS))
- {
+
+ // Load extension file
+ include(sprintf("%sinc/extensions/%s", PATH, $file));
+
+ if (!empty($EXT_UPDATE_DEPENDS)) {
// Update another extension first!
$test = EXTENSION_UPDATE(("ext-".$EXT_UPDATE_DEPENDS.".php"), $EXT_UPDATE_DEPENDS, GET_EXT_VERSION($EXT_UPDATE_DEPENDS), $dry_run);
}
`reward` FLOAT(10,5) UNSIGNED NOT NULL DEFAULT '0.00000',
`costs` FLOAT(10,5) UNSIGNED NOT NULL DEFAULT '0.00000',
`views_total` BIGINT(20) UNSIGNED NOT NULL DEFAULT '0',
-`status` ENUM('PENDING','CONFIRMED','LOCKED') NOT NULL DEFAULT 'CONFIRMED',
+`status` ENUM('PENDING','CONFIRMED','LOCKED','STOPPED','REJECTED','DELETED') NOT NULL DEFAULT 'CONFIRMED',
`registered` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
`last_locked` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
`lock_reason` VARCHAR(255) NOT NULL DEFAULT '',
+`reject_reason` VARCHAR(255) NOT NULL DEFAULT '',
PRIMARY KEY(`id`),
UNIQUE KEY `userid_url` (`userid`, `url`)
) TYPE=MyISAM COMMENT='Surfbar URLs'";
INDEX (`userid`,`url_id`)
) TYPE=MyISAM COMMENT='Surfbar Statistics'";
+ // Member actions pending on status
+ $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_actions`";
+ $SQLs[] = "CREATE TABLE `"._MYSQL_PREFIX."_surfbar_actions` (
+`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+`status` ENUM('PENDING','CONFIRMED','LOCKED','STOPPED','REJECTED','DELETED') NOT NULL DEFAULT 'PENDING',
+`action` ENUM('EDIT','DELETE','PAUSE','UNPAUSE','FRAMETEST','RETREAT','RESUBMIT') NULL DEFAULT NULL,
+`new_status` ENUM('PENDING','CONFIRMED','LOCKED','STOPPED','REJECTED','DELETED') NULL DEFAULT NULL,
+PRIMARY KEY (`id`),
+INDEX (`status`)
+) TYPE=MyISAM COMMENT='Surfbar Member Actions'";
+
+ // Member actions
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('PENDING','RETREAT','DELETED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('PENDING','FRAMETEST',NULL)";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('CONFIRMED','EDIT','PENDING')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('CONFIRMED','DELETE','DELETED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('CONFIRMED','PAUSE','PAUSED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('CONFIRMED','FRAMETEST',NULL)";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('LOCKED','DELETE','DELETED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('LOCKED','FRAMETEST',NULL)";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('LOCKED','RESUBMIT','PENDING')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('STOPPED','EDIT','PENDING')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('STOPPED','DELETE','DELETED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('STOPPED','UNPAUSE','CONFIRMED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('REJECTED','EDIT','PENDING')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('REJECTED','DELETE','DELETED')";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('REJECTED','FRAMETEST',NULL)";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_surfbar_actions` (`status`,`action`,`new_status`) VALUES('REJECTED','RESUBMIT','PENDING')";
+
// Config entries
$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_pay_model` ENUM('STATIC','DYNAMIC') NOT NULL DEFAULT 'STATIC'";
$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_static_reward` FLOAT(20,5) UNSIGNED NOT NULL DEFAULT 0.25000";
$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_weekly_counter` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0";
$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_monthly_counter` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0";
$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_stats_reload` BIGINT(20) UNSIGNED NOT NULL DEFAULT 30";
+ $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `surfbar_purge_deleted` BIGINT(20) UNSIGNED NOT NULL DEFAULT ".(ONE_DAY*7)."";
// Member menus
$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('surfbar',NULL,'Surfbar','Y','Y',4)";
$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('surfbar','unlock_surfbar_urls','Wartende URLs freigeben','Geben Sie hier nur direkt in der Surfbar gebuchte URLs frei.',3)";
$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('surfbar','config_surfbar','Einstellungen','Einstellungen an der Surfbar ändern, wie Festvergütung, prozentuale Ref-Vergütung und vieles mehr.',4)";
$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('surfbar','surfbar_stats','Statistiken','Detailierte Statistiken zu einer ausgewählten URL anzeigen.',5)";
+ $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('surfbar','surfbar_actions','Mitgliederaktionen','Listet alle Mitgliederaktionen auf.',6)";
// Load CSS?
$EXT_CSS = "Y";
case "remove": // Do stuff when removing extension
// SQL commands to run
- $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_urls`";
+ $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_actions`";
$SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_locks`";
$SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_salts`";
$SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_stats`";
+ $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_surfbar_urls`";
$SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_member_menu` WHERE `action`='surfbar' LIMIT 5";
- $SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE `action`='surfbar' LIMIT 6";
+ $SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE `action`='surfbar' LIMIT 7";
break;
case "activate": // Do stuff when admin activates this extension
// SQL commands to run
- $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET `visible`='Y', `locked`='N' WHERE `action`='surfbar' LIMIT 3";
+ $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET `visible`='Y', `locked`='N' WHERE `action`='surfbar' LIMIT 5";
break;
case "deactivate": // Do stuff when admin deactivates this extension
// SQL commands to run
- $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET `locked`='Y' WHERE `action` = 'surfbar' LIMIT 3";
+ $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET `locked`='Y' WHERE `action` = 'surfbar' LIMIT 5";
break;
case "update": // Update an extension
$content['expiration'] = $EXPIRATION;
} // END - if
- // @TODO Try to rewrite this part
- if ($template == "add-points") {
- if (isset($_POST['points'])) {
- $points = bigintval($_POST['points']);
- } else {
- $points = __POINTS_VALUE;
- }
- } // END - if
-
// Load user's data
if ($UID > 0) {
if (EXT_IS_ACTIVE("nickname")) {
define('ADMIN_SOME_ENTRIES_NOT_DELETED', "Es wurden <u>%s</u> von <u>%s</u> ausgewählten Einträge gelöscht.");
define('ADMIN_ALL_ENTRIES_EDITED', "Alle ausgewählten Einträge sind geändert.");
define('ADMIN_SOME_ENTRIES_NOT_EDITED', "Es wurden <u>%s</u> von <u>%s</u> ausgewählten Einträge geändert.");
+define('USER_NOT_REGISTERED', "Anmeldung hat nicht geklappt! :-( Ist unten eine Fehlermeldung eingeblendet? Bitte beim Support melden.");
//
?>
define('ADMIN_CONFIG_SURFBAR_RESTART_TIME', "Ruhezeit der Surfbar, wenn alle URLs in Reload-Lock sind: (*)");
define('ADMIN_CONFIG_SURFBAR_AUTOSTART', "Surfbar soll nach Ruhezeit automatisch starten?");
define('ADMIN_CONFIG_SURFBAR_STATS_RELOAD', "Reload-Zeit der Statistik unterhalb der beworbenen Seite:");
+define('ADMIN_CONFIG_SURFBAR_PURGE_DELETED', "Verweildauer gelöschter URLs in der Datenbank:");
define('ADMIN_CONFIG_SURFBAR_NOTE', "(*): Es wird empfohlen, die Ruhezeit etwas länger als die Reload-Sperre einzustellen.");
// General admin text
define('ADMIN_SURFBAR_EDIT_URL_NOW', "URL jetzt ändern");
define('ADMIN_SURFBAR_DEL_URL', "URL löschen");
define('ADMIN_SURFBAR_DEL_URL_NOW', "URLs jetzt entfernen");
+define('ADMIN_SURFBAR_UNDELETE_URL', "Löschung zurücknehmen");
define('ADMIN_SURFBAR_UNLOCK_URL', "URL ent-/sperren");
define('ADMIN_SURFBAR_LOCK_URL_NOW', "URL jetzt ent-/sperren");
define('ADMIN_SURFBAR_CONFIRM_URL', "URL(s) freigeben");
+define('ADMIN_SURFBAR_REJECT_URL', "URL(s) ablehnen");
define('ADMIN_SURFBAR_UNLOCK_DONE', "Freischaltung ausgewählter URL(s) vollständig. :-)");
define('ADMIN_SURFBAR_UNLOCK_FAILED', "Freischaltung fehlgeschlagen. Bitte nachschauen, welche URLs nicht freigegeben wurden.");
define('ADMIN_SURFBAR_URL_ADDED', "URL wurde der Surfbar hinzugefügt.");
define('SURFBAR_URL_STATUS_CONFIRMED', "Freigegeben");
define('SURFBAR_URL_STATUS_LOCKED', "Gesperrt");
define('SURFBAR_URL_STATUS_PENDING', "Wartend");
+define('SURFBAR_URL_STATUS_STOPPED', "Angehalten");
+define('SURFBAR_URL_STATUS_REJECTED', "Abgelehnt");
+define('SURFBAR_URL_STATUS_DELETED', "Gelöscht");
//
?>
* Function to secure input strings
*
* @param $str The unsecured string
+ * @param $strip Strip tags
* @return $str A (hopefully) secured string against XSS and other bad things
*/
-function secureString ($str) {
- $str = trim(strip_tags($str));
+function secureString ($str, $strip=true) {
+ // Shall we strip HTML code?
+ if ($strip) $str = strip_tags($str);
+
+ // Trim string
+ $str = trim($str);
+
+ // Encode in entities
$str = htmlentities($str, ENT_QUOTES);
return $str;
}
global $_CONFIG;
// Is this admin and userid is zero or does the user has some URLs left to book?
- return ((($uid == 0) && (IS_ADMIN())) || (SURFBAR_GET_TOTAL_USER_URLS($uid) < $_CONFIG['surfbar_max_order']));
+ return ((($uid == 0) && (IS_ADMIN())) || (SURFBAR_GET_TOTAL_USER_URLS($uid, "", array("REJECTED")) < $_CONFIG['surfbar_max_order']));
}
// Get total amount of URLs of given status for current user
-function SURFBAR_GET_TOTAL_USER_URLS ($uid=0, $status="") {
+function SURFBAR_GET_TOTAL_USER_URLS ($uid=0, $status="",$exclude="") {
global $_CONFIG;
// Is the user 0 and user is logged in?
$ADD = "";
// Is the status set?
- if (!empty($status)) {
+ if (is_array($status)) {
+ // Only URLs with these status
+ $ADD = sprintf(" AND status IN('%s')", implode("','", $status));
+ } elseif (!empty($status)) {
+ // Only URLs with this status
$ADD = sprintf(" AND status='%s'", $status);
- } // END - if
+ } elseif (is_array($exclude)) {
+ // Exclude URLs with these status
+ $ADD = sprintf(" AND status NOT IN('%s')", implode("','", $exclude));
+ } elseif (!empty($exclude)) {
+ // Exclude URLs with this status
+ $ADD = sprintf(" AND status != '%s'", $exclude);
+ }
// Get amount from database
$result = SQL_QUERY_ESC("SELECT COUNT(id) AS cnt
// Begin the query
$result = SQL_QUERY_ESC("SELECT u.id, u.url, u.views_total, u.status, UNIX_TIMESTAMP(u.registered) AS registered, UNIX_TIMESTAMP(u.last_locked) AS last_locked, u.lock_reason AS lock_reason
FROM "._MYSQL_PREFIX."_surfbar_urls AS u
-WHERE u.userid=%s
+WHERE u.userid=%s AND u.status != 'DELETED'
ORDER BY u.id ASC",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Return the array
return $URLs;
}
+// Create list of actions depending on status for the user
+function SURFBAR_MEMBER_ACTIONS ($id, $status) {
+ /* DEBUG: */ die("id={$id},status={$status}");
+}
// Determine next id for surfbar or get data for given id, always call this before you call other
// getters below this function!!!
function SURFBAR_DETERMINE_NEXT_ID ($id = 0) {
if ((empty($cacheArray['extensions']['ext_version'][$ext])) && (SQL_NUMROWS($result) == 1)) {
list($dummy, $ext_ver) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- }
+ } // END - if
// Update extension
if (!empty($ext_ver)) EXTENSION_UPDATE($file, $ext, $ext_ver);
if (SQL_NUMROWS($result_tasks) > 0) {
// New jobs found!
$JOBS_DONE = false;
- }
+ } // END - if
// Free the result
SQL_FREERESULT($result);
// Assgin current admin to unassgigned task
$result_assign = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='%s' WHERE id=%s LIMIT 1",
array(GET_ADMIN_ID(get_session('admin_login')), bigintval($tid)), __FILE__, __LINE__);
- }
+ } // END - if
$ADD = "";
if ($type == "SUPPORT_MEMBER") {
$mode = substr($text, 0, strpos($text, ":"));
$text = substr($text, strpos($text, ":") + 1);
$ADD = "<LI>".ADMIN_TASK_SUPPORT_MODE.": <STRONG>".$mode."</STRONG></LI>";
- }
+ } // END - if
if ($uid > 0) {
$result_user = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_user) == 1)
- {
+ if (SQL_NUMROWS($result_user) == 1) {
list($gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
SQL_FREERESULT($result_user);
$ADD = "<LI>".ADMIN_MEMBER_UID.": <STRONG>".ADMIN_USER_PROFILE_LINK($uid)." (<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$sname." ".$fname."</A>)</STRONG></LI>";
- }
- }
+ } // END - if
+ } // END - if
+
+ // Decode entities of the text
+ $text = html_entity_decode($text);
// Compile and insert text from task into table template
- $text = LOAD_TEMPLATE("admin_extensions_text", true, COMPILE_CODE($text));
+ $text = LOAD_TEMPLATE("admin_extensions_text", true, $text);
// Initialize variables (no title for SQL commands by default)
$ext_name = "";
if ((!empty($ext_name)) && (GET_EXT_VERSION("sql_patches")) && ($_CONFIG['verbose_sql'] == "Y")) {
// Add verbose SQL table
$text .= EXTENSION_VERBOSE_TABLE($SQLs, $title, " class=\"admin_table top2 left2 right2\"", true, "100%")."<br />\n";
- }
+ } // END - if
} else {
// Run SQL commands in dry mode but only return the notes
$SQLs = EXTENSION_UPDATE("ext-".$ext_name.".php", $ext_name, $ext_ver, true);
// Close task but not already closes or deleted or update tasks
if (($status != "CLOSED") && ($status != "DELETED") && ($type != "EXTENSION_UPDATE")) {
ADMIN_SOLVE_TASK($tid);
- }
+ } // END - if
}
break;
if (($status != "CLOSED") && ($status != "DELETED")) {
// Solve the task
ADMIN_SOLVE_TASK($tid);
- }
+ } // END - if
break;
case "SUPPORT_MEMBER": // Assign on member's support request
break;
case "PAYOUT_REQUEST": // Payout requests
- if (EXT_IS_ACTIVE("payout"))
- {
+ if (EXT_IS_ACTIVE("payout")) {
// Extension is installed so let him send a notification to the user
$result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_payouts WHERE userid=%s AND payout_timestamp=%s LIMIT 1",
array(bigintval($uid), bigintval($created)), __FILE__, __LINE__);
list($pid) = SQL_FETCHROW($result_pay);
SQL_FREERESULT($result_pay);
- if ((!empty($pid)) && ($pid > 0))
- {
+ if ((!empty($pid)) && ($pid > 0)) {
// Payout ID can be obtained
$content = array(
'pid' => $pid,
'tid' => $tid,
);
$OUT .= LOAD_TEMPLATE("admin_payout_overview_form", true, $content);
- }
- else
- {
+ } else {
// Problem obtaining payout ID
$OUT .= "<FONT class=\"admin_failed medium\">".PAYOUT_OBTAIN_ID_FAILED."</FONT>\n";
}
- }
- else
- {
+ } else {
// Extension is not installed
$OUT .= "<FONT class=\"admin_failed medium\">".ADMIN_PAYOUT_NOT_INSTALLED."</FONT>\n";
}
break;
case "WERNIS_REQUEST": // Wernis requests
- if (EXT_IS_ACTIVE("wernis"))
- {
+ if (EXT_IS_ACTIVE("wernis")) {
// Extension is installed so let him send a notification to the user
$result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_wernis WHERE userid=%s AND wernis_timestamp=%s LIMIT 1",
array(bigintval($uid), bigintval($created)), __FILE__, __LINE__);
list($pid) = SQL_FETCHROW($result_pay);
SQL_FREERESULT($result_pay);
- if ((!empty($pid)) && ($pid > 0))
- {
+ if ((!empty($pid)) && ($pid > 0)) {
// Payout ID can be obtained
$content = array(
'pid' => $pid,
'tid' => $tid,
);
$OUT .= LOAD_TEMPLATE("admin_wernis_overview_form", true, $content);
- }
- else
- {
+ } else {
// Problem obtaining wernis ID
$OUT .= "<FONT class=\"admin_failed medium\">".WERNIS_OBTAIN_ID_FAILED."</FONT>\n";
}
- }
- else
- {
+ } else {
// Extension is not installed
$OUT .= "<FONT class=\"admin_failed medium\">".ADMIN_WERNIS_NOT_INSTALLED."</FONT>\n";
}
list($span) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- if ($span > 0)
- {
+ if ($span > 0) {
// Undone unscubscribe request
$content = array(
'uid' => $uid,
'id' => $tid
);
$OUT .= LOAD_TEMPLATE("admin_newsletter_tsk", true, $content);
- }
- else
- {
+ } else {
// Already unsubscribed
$OUT .= "<FONT class=\"admin_failed medium\">".ADMIN_NL_UNSUBSCRIBE_ALREADY."</FONT>\n";
}
$OUT .= " </TD>
<TD width=\"1%\" class=\"switch_sw".$SW." bottom2 right2\"> </TD>
</TR>\n";
- }
+ } // END - if
$SW = 3 - $SW;
- }
+ } // END - foreach
define('__TASK_ROWS', $OUT);
// Load final template
LOAD_TEMPLATE("admin_overview_list");
- }
- else
- {
- if ((isset($_POST['task'])) && ((sizeof($_POST['task']) > 0) || ($_POST['task'][0] == "1")))
- {
+ } else {
+ if ((isset($_POST['task'])) && ((sizeof($_POST['task']) > 0) || ($_POST['task'][0] == "1"))) {
// Only unassign / delete tasks when there are selected tasks posted
- if (!empty($_POST['unassign']))
- {
+ if (!empty($_POST['unassign'])) {
// Unassign from tasks
- foreach ($_POST['task'] as $id => $sel)
- {
+ foreach ($_POST['task'] as $id => $sel) {
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE id=%s AND assigned_admin=%s LIMIT 1",
array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__);
}
- }
- elseif (isset($_POST['del']))
- {
+ } elseif (isset($_POST['del'])) {
// Delete tasks
- foreach ($_POST['task'] as $id => $sel)
- {
+ foreach ($_POST['task'] as $id => $sel) {
$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_task_system WHERE id=%s AND assigned_admin IN (%s,0) LIMIT 1",
array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__);
}
// Update query
$result_tasks = SQL_QUERY_ESC("SELECT id, assigned_admin, userid, task_type, subject, text, task_created FROM "._MYSQL_PREFIX."_task_system WHERE assigned_admin=%s OR (assigned_admin=0 AND status='NEW') ORDER BY task_created DESC",
array(GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__);
- }
+ } // END - if
// There are uncompleted jobs!
LOAD_TEMPLATE("admin_overview_header");
$SW = 2;
- while (list($id, $admin, $uid, $type, $subj, $text, $created) = SQL_FETCHROW($result_tasks))
- {
+ while (list($id, $admin, $uid, $type, $subj, $text, $created) = SQL_FETCHROW($result_tasks)) {
$infos = "---";
- if ($admin == "0")
- {
+ if ($admin == "0") {
// No admin currently is assigned
$admin = "<FONT class=\"admin_note\">".ADMIN_NO_ADMIN_ASSIGNED."</FONT>";
- }
- else
- {
+ } else {
// Load admin's data
$login = GET_ADMIN_LOGIN($admin);
- if ($login != "***")
- {
+ if ($login != "***") {
// Admin found
$admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
- }
- else
- {
+ } else {
// Maybe deleted?
$admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
}
MEDIA_UPDATE_ENTRY(array("total_points"), "add", $_POST['points']);
}
+ // Prepare content
+ $content = array(
+ 'text' => SQL_ESCAPE($_POST['reason']),
+ 'points' => bigintval($_POST['points'])
+ );
+
// Load email template and send email away
- $msg = LOAD_EMAIL_TEMPLATE("add-points", $_POST['reason'], $uid);
- SEND_EMAIL($email, ADMIN_ADD_SUBJ, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($uid));
+ SEND_EMAIL(bigintval($uid), ADMIN_ADD_SUBJ, $msg);
}
}
}
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%s AND ref_depth=0 LIMIT 1",
array($_POST['points'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
- // Remember points in constant
- define('__POINTS_VALUE', $_POST['points']);
+ // Prepare content
+ $content = array(
+ 'text' => SQL_ESCAPE($_POST['reason']),
+ 'points' => bigintval($_POST['points'])
+ );
// Message laden
- $msg = LOAD_EMAIL_TEMPLATE("add-points", $_POST['reason'], $_GET['u_id']);
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($_GET['u_id']));
- SEND_EMAIL($email, ADMIN_ADD_SUBJ, $msg);
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_ADD_SUBJ, $msg);
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED);
} else {
// Opps, missing form here
'surfbar_dynamic_percent' => TRANSLATE_COMMA($_CONFIG['surfbar_dynamic_percent']),
'surfbar_max_order' => $_CONFIG['surfbar_max_order'],
// @TODO Rewrite this to tiny selection boxes
- 'surfbar_stats_reload' => $_CONFIG['surfbar_stats_reload']
+ 'surfbar_stats_reload' => $_CONFIG['surfbar_stats_reload'],
+ // @TODO Rewrite this to tiny selection boxes
+ 'surfbar_purge_deleted' => $_CONFIG['surfbar_purge_deleted']
);
// Prepare payment model for template
array("status" => array("CONFIRMED" => "LOCKED", "LOCKED" => "CONFIRMED")),
true
);
+} elseif (isset($_POST['undelete'])) {
+ // Undelete selected URLs. This does only work for deleted URLs... ;-)
+ ADMIN_LOCK_ENTRIES_CONFIRM(
+ $_POST['id'],
+ "surfbar_urls",
+ array("id", "userid", "url", "registered", "status"),
+ array("bigintval", "ADMIN_USER_PROFILE_LINK", "FRAMETESTER", "MAKE_DATETIME", "SURFBAR_TRANSLATE_STATUS"),
+ array("", "", "", "2", "")
+ );
+ $show = false;
+} elseif (isset($_POST['do_undelete'])) {
+ // Undelete selected URLs. This does only work for deleted URLs... ;-)
+ ADMIN_LOCK_ENTRIES_CONFIRM(
+ $_POST['id'],
+ "surfbar_urls",
+ array(),
+ array(),
+ array(),
+ array("status" => array("DELETED" => "CONFIRMED"),
+ true
+ );
}
// Show entries?
if (SQL_AFFECTEDROWS() == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("lock-user", $_POST['reason'], bigintval($_GET['u_id']));
+ $msg = LOAD_EMAIL_TEMPLATE("lock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
// Send away...
- SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_LOCKED_SUBJ, $msg);
}
// Prepare message
if (SQL_AFFECTEDROWS() == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("unlock-user", $_POST['reason'], bigintval($_GET['u_id']));
+ $msg = LOAD_EMAIL_TEMPLATE("unlock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
// Send away...
- SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_UNLOCKED_SUBJ, $msg);
if (EXT_IS_ACTIVE("rallye"))
{
RALLYE_AUTOADD_USER($_GET['u_id']);
// Ok, add points to used points and send an email to him...
SUB_POINTS($uid, $_POST['points']);
+ // Prepare content
+ $content = array(
+ 'text' => SQL_ESCAPE($_POST['reason']),
+ 'points' => bigintval($_POST['points'])
+ );
+
// Load message and send it away
- $msg = LOAD_EMAIL_TEMPLATE("sub-points", $_POST['reason'], $uid);
- SEND_EMAIL($email, ADMIN_SUB_SUBJ, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval($uid));
+ SEND_EMAIL(bigintval($uid), ADMIN_SUB_SUBJ, $msg);
}
}
}
// Ok, add to used points and send an email to him...
SUB_POINTS(bigintval($_GET['u_id']), $_POST['points']);
- // Remember points in template
- define('__POINTS_VALUE', bigintval($_POST['points']));
+ // Prepare content
+ $content = array(
+ 'text' => SQL_ESCAPE($_POST['reason']),
+ 'points' => bigintval($_POST['points'])
+ );
// Load email and send it away
- $msg = LOAD_EMAIL_TEMPLATE("sub-points", $_POST['reason'], $_GET['u_id']);
- SEND_EMAIL($email, ADMIN_SUB_SUBJ, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval($_GET['u_id']));
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_SUB_SUBJ, $msg);
// Output message
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_SUBTRACTED);
// Unlock failed!
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_SURFBAR_UNLOCK_FAILED);
}
-} // END - if
+} elseif ((isset($_POST['reject'])) && (is_array($_POST['id'])) && (count($_POST['id']) > 0)) {
+ // Reject selected URLs
+ if (SURFBAR_ADMIN_REJECT_URL_IDS($_POST['id'])) {
+ // Unlock done! :-)
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_SURFBAR_UNLOCK_DONE);
+ } else {
+ // Unlock failed!
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_SURFBAR_UNLOCK_FAILED);
+ }
+}
// List all URLs
$result = SQL_QUERY("SELECT id, userid, url, reward, costs, UNIX_TIMESTAMP(registered) AS registered
foreach ($URLs as $id => $content) {
// "Translate"/insert data
$content['sw'] = $SW;
+ $content['url'] = FRAMETESTER($content['url']);
+ if ($content['views_total'] > 0) {
+ // Include link to stats
+ $content['views_total'] = "[<a href=\"".URL."/modules.php?module=login&what=surfbar_list\">".TRANSLATE_COMMA($content['views_total'])."</a>]";
+ } // END - if
+ $content['registered'] = MAKE_DATETIME($content['registered'], "2");
+ $content['last_locked'] = MAKE_DATETIME($content['last_locked'], "2");
+ $content['actions'] = SURFBAR_MEMBER_ACTIONS($content['id'], $content['status']);
+ $content['status'] = SURFBAR_TRANSLATE_STATUS($content['status']);
// Load row template
$OUT .= LOAD_TEMPLATE("member_surfbar_list_row", true, $content);
// Direct payment shall be notified about
define('__POINTS_VALUE', $ref_points);
+ // Prepare content
+ $content = array(
+ 'text' => REASON_DIRECT_PAYMENT,
+ 'points' => TRANSLATE_COMMA($ref_points)
+ );
+
// Load message
- $msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid);
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, $uid);
// And sent it away
SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
* MA 02110-1301 USA *
************************************************************************/
-echo "<HTML><HEAD><TITLE>Protected file ".basename($_SERVER['PHP_SELF'])." - ACCESS DENIED!</TITLE></HEAD>
-<BODY bgcolor=\"#880000\" text=\"#FFFFFF\"><DIV align=\"center\">
+echo "<HTML>
+<HEAD>
+<TITLE>Protected file ".basename($_SERVER['PHP_SELF'])." - ACCESS DENIED!</TITLE>
+</HEAD>
+<BODY bgcolor=\"#880000\" text=\"#FFFFFF\">
+<DIV align=\"center\">
<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
<TR>
<TD align=\"center\"><U><STRONG><BIG><BIG>A C C E S S D E N I E D !</BIG></BIG></STRONG></U></TD>
</TD>
</TR>
</TABLE>
-</DIV></BODY>
+</DIV>
+</BODY>
</HTML>\n";
exit();
//
Hallo $content[gender] $content[surname] $content[family],
-Einer unserer Administratoren hat Ihnen soeben {!__POINTS_VALUE!} {!POINTS!} gutgeschrieben!
+Einer unserer Administratoren hat Ihnen soeben $content[points] {!POINTS!} gutgeschrieben!
Grund dazu war folgender:
------------------------------
-$content
+$content[text]
------------------------------
Mit freundlichem Gruss,
Grund der Loeschung war folgender:
------------------------------------
-$content
+$content[text]
------------------------------------
Ihre User-ID war: $UID
------------------------------------
Grund der Sperrung war:
--------------
-$content
+$content[text]
--------------
Sollten Sie damit nicht einverstanden sein, so melden Sie sich bitte bei uns ({!WEBMASTER!}). Wir kommen dann in Kontakt mit Ihnen.
Sie erhalten diesen Newsletter von uns, weil Sie Mitglied bei unserem {!MT_WORD!}-Dienst {!MAIN_TITLE!} ({!URL!}) sind. Dies ist somit kein Spam! Eine Abmeldemoeglichkeit finden Sie am Ende dieses Newsletters.
-$content
+============================================================
+$content[text]
+============================================================
Moechten Sie keine weiteren Newsletter mehr von uns erhalten, melden Sie sich bitte bei uns ({!WEBMASTER!}) und wir loeschen dann Ihren Account bei uns.
Sie erhalten diesen Newsletter von uns, weil Sie Mitglied bei unserem {!MT_WORD!}-Dienst {!MAIN_TITLE!} ({!URL!}) sind. Dies ist somit kein Spam! Eine Abmeldemöglichkeit finden Sie am Ende dieses Newsletters.
-$content
+============================================================
+$content[text]
+============================================================
Möchten Sie keine weiteren Newsletter mehr von uns erhalten, melden Sie sich bitte bei uns ({!WEBMASTER!}) und wir löschen dann Ihren Account bei uns.
Hallo $content[gender] $content[surname] $content[family],
-Einer unserer Administratoren hat Ihnen soeben {!__POINTS_VALUE!} {!POINTS!} abgezogen!
+Einer unserer Administratoren hat Ihnen soeben $content[points] {!POINTS!} abgezogen!
Grund dazu war folgender:
----------------
-$content
+$content[text]
----------------
Mit freundlichem Gruss,
Nachricht vom Admin:
---------------------------
-$content
+$content[text]
---------------------------
Bitte beachten Sie beim naechsten Mal auf unsere AGBs, damit Ihnen diese Unangenehmlichkeiten erspart bleiben.
<INPUT type="text" name="surfbar_stats_reload" size="6" maxlength="20" value="$content[surfbar_stats_reload]" />
</TD>
</TR>
+ <TR><TD height="3" colspan="2" class="seperator"> </TD></TR>
+ <TR>
+ <TD height="30" align="right" style="padding-right:5px">
+ {--ADMIN_CONFIG_SURFBAR_PURGE_DELETED--}
+ </TD>
+ <TD>
+ <INPUT type="text" name="surfbar_purge_deleted" size="6" maxlength="20" value="$content[surfbar_purge_deleted]" />
+ </TD>
+ </TR>
<TR><TD height="8" colspan="2" class="seperator bottom2"> </TD></TR>
<TR>
<TD align="center" colspan="2" class="admin_footer bottom2">
<input type="reset" class="admin_reset" value="{--UNDO_SELECTIONS--}"> *
<input type="submit" name="edit" class="admin_submit" value="{--ADMIN_SURFBAR_EDIT_URL--}"> *
<input type="submit" name="lock" class="admin_submit" value="{--ADMIN_SURFBAR_UNLOCK_URL--}"> *
+ <input type="submit" name="undelete" class="admin_submit" value="{--ADMIN_SURFBAR_UNDELETE_URL--}"> *
<input type="submit" name="delete" class="admin_delete" value="{--ADMIN_SURFBAR_DEL_URL--}">
</td>
</tr>
<TR>
<TD class="admin_footer" colspan="6">
<INPUT type="reset" class="admin_reset" value="{--UNDO_SELECTIONS--}"> *
+ <INPUT type="submit" name="reject" class="admin_submit" value="{--ADMIN_SURFBAR_REJECT_URL--}">
<INPUT type="submit" name="unlock" class="admin_submit" value="{--ADMIN_SURFBAR_CONFIRM_URL--}">
</TD>
</TR>
projects / mailer.git / commitdiff