From 056162fe45aa0d850bb22870e1caf9595a847a9b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 15 Oct 2008 22:05:29 +0000 Subject: [PATCH] - Beg link will only work in NONE pay mode! (unfinished, sleepy here...) - Extension "wernis" needs to be re-configured. You need to enter your Wernis-password to make member payouts possible - Editing/changing member/guest menu should now work again - Output of JavaScript code introduced - Minor improvements --- .gitattributes | 3 + beg.php | 111 +++++++++++------- inc/databases.php | 3 +- inc/extensions/ext-beg.php | 101 ++++++++-------- inc/extensions/ext-refback.php | 4 +- inc/extensions/ext-sql_patches.php | 4 +- inc/extensions/ext-wernis.php | 11 +- inc/js/.htaccess | 1 + inc/language/beg_de.php | 7 ++ inc/language/wernis_de.php | 1 + inc/libs/beg_functions.php | 67 +++++++++++ inc/libs/wernis_functions.php | 8 +- inc/modules/admin/what-adminedit.php | 2 +- inc/modules/admin/what-chk_regs.php | 12 +- inc/modules/admin/what-config_beg.php | 37 ++++++ inc/modules/admin/what-config_wernis.php | 4 + inc/modules/admin/what-guestedit.php | 43 +++---- inc/modules/admin/what-memedit.php | 10 +- inc/modules/member/what-wernis.php | 2 +- inc/mysql-manager.php | 4 +- templates/de/html/admin/admin_config_beg.tpl | 23 +++- .../de/html/admin/admin_config_wernis.tpl | 7 ++ templates/de/html/beg/beg_pay_mode_both.tpl | 9 ++ 23 files changed, 328 insertions(+), 146 deletions(-) create mode 100644 inc/js/.htaccess create mode 100644 inc/libs/beg_functions.php create mode 100644 templates/de/html/beg/beg_pay_mode_both.tpl diff --git a/.gitattributes b/.gitattributes index c6a0974e4e..3d8078eedf 100644 --- a/.gitattributes +++ b/.gitattributes @@ -153,6 +153,7 @@ inc/gen_refback.php -text inc/gen_sql_patches.php -text inc/header.php -text inc/install-inc.php -text +inc/js/.htaccess -text inc/language.php -text inc/language/.htaccess -text inc/language/active_de.php -text @@ -203,6 +204,7 @@ inc/language/yoomedia_de.php -text inc/libs/.htaccess -text inc/libs/admins_functions.php -text inc/libs/autopurge_functions.php -text +inc/libs/beg_functions.php -text inc/libs/bonus_functions.php -text inc/libs/cache_functions.php -text inc/libs/country_functions.php -text @@ -1139,6 +1141,7 @@ templates/de/html/beg/beg_done.tpl -text templates/de/html/beg/beg_failed.tpl -text templates/de/html/beg/beg_link.tpl -text templates/de/html/beg/beg_login.tpl -text +templates/de/html/beg/beg_pay_mode_both.tpl -text templates/de/html/birthday/.htaccess -text templates/de/html/birthday/birthday_confirm.tpl -text templates/de/html/birthday/birthday_footer.tpl -text diff --git a/beg.php b/beg.php index f53f158f2e..81ee8d4567 100644 --- a/beg.php +++ b/beg.php @@ -60,36 +60,34 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { if (!empty($_GET['uid'])) { // Init user ID $uid = 0; + $result = false; // Validate if it is not a number if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") { if (EXT_IS_ACTIVE("nickname")) { // Maybe we have found a nickname? $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", - array($_GET['uid']), __FILE__, __LINE__); + array($_GET['uid']), __FILE__, __LINE__); } else { // Nickname entered but nickname is not active $msg = CODE_EXTENSION_PROBLEM; $uid = -1; - $result = false; } } else { // Direct userid $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($_GET['uid'])), __FILE__, __LINE__); + array(bigintval($_GET['uid'])), __FILE__, __LINE__); } // Check if locked in so don't pay points - $login = false; $status = "failed"; - if (IS_MEMBER()) { - // Logged in user detected! - $login = true; - } // END - if + $login = IS_MEMBER(); $status = "failed"; // Check if account was found if ((SQL_NUMROWS($result) == 1) && ($result != false)) { // Found an ID so we simply set it list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result); + + // Account confirmed? if ($status == "CONFIRMED") { // Secure userid $uid = bigintval($uid); @@ -116,69 +114,94 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Free memory SQL_FREERESULT($result); + // User id valid and not webmaster's id? if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) { // Update counter $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array($uid), __FILE__, __LINE__); + array($uid), __FILE__, __LINE__); // Check for last entry for userid w/o IP number - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND remote_ip='%s' LIMIT 1", - array($uid, GET_REMOTE_ADDR()), __FILE__, __LINE__); - if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) { - // Free memory - SQL_FREERESULT($result); + $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1", + array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__); + + // Entry not found, points set and not logged in? + if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!$login) && ($_CONFIG['beg_pay_mode'] == "NONE")) { + // Don't pay is the default... + $pay = false; + // Admin is testing? if (!IS_ADMIN()) { // Remember remote address, userid and timestamp for next click // but only when there is no admin begging. // Admins shall be able to test it! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES ('%s','%s', UNIX_TIMESTAMP())", - array($uid, GET_REMOTE_ADDR()), __FILE__, __LINE__); - } - - // Set mode depending on how many mails the member has to confirm - $locked = false; - if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true; - - // Is begging rallye active? - if ($_CONFIG['beg_rallye'] == "Y") { - // Add points to rallye account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1", - array($points, $uid), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())", + array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__); + + // Was is successfull? + if (SQL_AFFECTEDROWS() == 1) { + // Okay! + $pay = true; + } // END - if } else { - // Add points to account - unset($DEPTH); - ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode'])); + // Is admin! + $pay = true; } - // Subtract begged points from member account if the admin has selected one - if ($_CONFIG['beg_uid'] > 0) { - // Subtract from this account - SUB_POINTS($_CONFIG['beg_uid'], $points); + // Pay points? + if ($pay) { + // Set mode depending on how many mails the member has to confirm + $locked = false; + if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true; + + // Is begging rallye active? + if ($_CONFIG['beg_rallye'] == "Y") { + // Add points to rallye account + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1", + array($points, $uid), __FILE__, __LINE__); + } else { + // Add points to account + unset($DEPTH); + ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode'])); + } + + // Subtract begged points from member account if the admin has selected one + if ($_CONFIG['beg_uid'] > 0) { + // Subtract from this account + SUB_POINTS($_CONFIG['beg_uid'], $points); + } // END - if + + // Set message + define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true)); + } else { + // Error! + define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true)); } - - // Set message - define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true)); } elseif ($login) { // Logged in user found! define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true)); - - // Free memory - SQL_FREERESULT($result); + } elseif ($_CONFIG['beg_pay_mode'] != "NONE") { + // Other pay-mode active! + define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower($_CONFIG['beg_pay_mode']), true)); } else { - // Free memory - SQL_FREERESULT($result); - // Clicked received while reload lock is active define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true)); } + // Free memory + SQL_FREERESULT($result); + // Include header require_once(PATH."inc/header.php"); // Load final template LOAD_TEMPLATE("beg_link"); + // Tracker code enabled? (We don't track users here! + if ($_CONFIG['beg_pay_mode'] != "NONE") { + // Include config-depending template + LOAD_TEMPLATE("beg_pay_code_".strtolower($_CONFIG['beg_pay_mode'])); + } // END - if + // Include footer require_once(PATH."inc/footer.php"); } elseif (($status != "CONFIRMED") && ($status != "failed")) { @@ -190,7 +213,7 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } elseif (($uid == "0") || ($status == "failed")) { // Inalid or locked account, so let's find out $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", - array($_GET['uid']), __FILE__, __LINE__); + array($_GET['uid']), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Locked account $msg = CODE_ACCOUNT_LOCKED; diff --git a/inc/databases.php b/inc/databases.php index bd32483af6..7a2badd635 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -70,6 +70,7 @@ define('CODE_MORE_RECEIVERS3' , 29); define('CODE_INVALID_URL' , 30); define('CODE_MENU_NOT_VALID' , 31); define('CODE_LOGIN_FAILED' , 32); +define('CODE_BEG_SAME_AS_OWN' , 33); // Full version string: /([0-9]){1}\.([0-9]){1}\.([0-9]){1}(-(alpha|beta|pre|rc([1-3]))([0-9]+))?/ // If you understand regular expressions ^^^ you may know how I versionize... ;-) @@ -113,7 +114,7 @@ define('USAGE_BASE', "usage"); define('SERVER_URL', "http://www.mxchange.org"); // This current patch level -define('CURR_SVN_REVISION', "514"); +define('CURR_SVN_REVISION', "515"); // Take a prime number which is long (if you know a longer one please try it out!) define('_PRIME', 591623); diff --git a/inc/extensions/ext-beg.php b/inc/extensions/ext-beg.php index f959f1dc21..f6c66816f2 100644 --- a/inc/extensions/ext-beg.php +++ b/inc/extensions/ext-beg.php @@ -38,27 +38,27 @@ if (!defined('__SECURITY')) { } // Version number -$EXT_VERSION = "0.2.5"; +$EXT_VERSION = "0.2.6"; // Auto-set extension version if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION; // Version history array (add more with , "0.1" and so on) -$EXT_VER_HISTORY = array("0.0", "0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5"); +$EXT_VER_HISTORY = array("0.0", "0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6"); switch ($EXT_LOAD_MODE) { case "register": // Do stuff when installation is running (modules.php?module=admin&action=login is called) // SQL commands to run - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`) VALUES ('setup','config_beg','Bettel-Link','IP-Sperre, {!POINTS!}-Vergütung usw. können Sie hier einstellen.', 10)"; - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_guest_menu (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','beg','{!POINTS!} erbetteln!',4,'Y','Y')"; - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','beg','Ihr Bettel-Link',6,'Y','Y')"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '600'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_uid_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '1800'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_points DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.00100'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD beg_clicks BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; - $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_beg_ips"; - $SQLs[] = "CREATE TABLE "._MYSQL_PREFIX."_beg_ips ( + $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('setup','config_beg','Bettel-Link','IP-Sperre, {!POINTS!}-Vergütung usw. können Sie hier einstellen.', 10)"; + $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_guest_menu` (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','beg','{!POINTS!} erbetteln!',4,'Y','Y')"; + $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_member_menu` (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','beg','Ihr Bettel-Link',6,'Y','Y')"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '600'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_uid_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '1800'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_points DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.00100'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_user_data` ADD beg_clicks BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; + $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_beg_ips`"; + $SQLs[] = "CREATE TABLE `"._MYSQL_PREFIX."_beg_ips` ( id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, userid BIGINT(20) UNSIGNED NOT NULL DEFAULT '0', remote_ip VARCHAR(15) NOT NULL DEFAULT '0.0.0.0', @@ -73,24 +73,24 @@ PRIMARY KEY(id) case "remove": // Do stuff when removing extension // SQL commands to run - $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE what='config_beg' OR what='list_beg' LIMIT 2"; - $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE what='beg' LIMIT 1"; - $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE what='beg' OR what='beg2' LIMIT 2"; - $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_beg_ips"; + $SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE what='config_beg' OR what='list_beg' LIMIT 2"; + $SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_guest_menu` WHERE what='beg' LIMIT 1"; + $SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_member_menu` WHERE what='beg' OR what='beg2' LIMIT 2"; + $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_beg_ips`"; break; case "activate": // Do stuff when admin activates this extension // SQL commands to run - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='Y', locked='N' WHERE what='beg' LIMIT 1"; - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='beg' LIMIT 1"; - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', admin_only='N', mem_only='N' WHERE module='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_guest_menu` SET visible='Y', locked='N' WHERE what='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET visible='Y', locked='N' WHERE what='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_mod_reg` SET locked='N', hidden='N', admin_only='N', mem_only='N' WHERE module='beg' LIMIT 1"; break; case "deactivate": // Do stuff when admin deactivates this extension // SQL commands to run - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='Y', locked='Y' WHERE what='beg' LIMIT 1"; - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='Y' WHERE what='beg' LIMIT 1"; - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='Y' WHERE module='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_guest_menu` SET visible='Y', locked='Y' WHERE what='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET visible='Y', locked='Y' WHERE what='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_mod_reg` SET locked='Y' WHERE module='beg' LIMIT 1"; break; case "update": // Update an extension @@ -107,7 +107,7 @@ case "update": // Update an extension break; case "0.0.3": // SQL queries for v0.0.3 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_points_max DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.10000'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_points_max DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.10000'"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Maximale Obergrenze an {!POINTS!} einstellbar (Standart: 0,1 {!POINTS!})"; @@ -124,14 +124,14 @@ case "update": // Update an extension break; case "0.0.6": // SQL queries for v0.0.6 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_uid BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_uid BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Ein Mitgliedsaccount (empfehlenswert ist Ihr eigenes!) kann zum Abbuchen der {!POINTS!} verwendet werden. Template admin_config_beg.tpl (und pro!) nicht vergessen, zu aktualisieren."; break; case "0.0.8": // SQL queries for v0.0.8 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_ip_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '1800'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_ip_timeout BIGINT(20) UNSIGNED NOT NULL DEFAULT '1800'"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Zeitsperre gegen die selbe IP-Nummer hinzugefügt."; @@ -154,15 +154,15 @@ case "update": // Update an extension case "0.1.2": // SQL queries for v0.1.2 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_mode ENUM('DIRECT','REF') NOT NULL DEFAULT 'REF'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_ranks TINYINT(3) UNSIGNED NOT NULL DEFAULT '10'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_active ENUM('Y','N') NOT NULL DEFAULT 'N'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_rallye ENUM('Y','N') NOT NULL DEFAULT 'N'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD beg_points DOUBLE(21,5) NOT NULL DEFAULT '0.00000'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_mode ENUM('DIRECT','REF') NOT NULL DEFAULT 'REF'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_ranks TINYINT(3) UNSIGNED NOT NULL DEFAULT '10'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_active ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_rallye ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_user_data` ADD beg_points DOUBLE(21,5) NOT NULL DEFAULT '0.00000'"; $VIS = "N"; $LOCKED = "Y"; if (EXT_IS_ACTIVE("beg")) { $VIS = "Y"; $LOCKED = "N"; } - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('main','beg2','Bettel-Rallye','".$VIS."','".$LOCKED."','7')"; - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`) VALUES ('user','list_beg','Bettel-Rallye','Listet alle Teilnehmer der monatlichen Bettel-Rallye auf.','12')"; + $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('main','beg2','Bettel-Rallye','".$VIS."','".$LOCKED."','7')"; + $SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('user','list_beg','Bettel-Rallye','Listet alle Teilnehmer der monatlichen Bettel-Rallye auf.','12')"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Optionale Bettel-Rallye möglich. Und die erbettelten {!POINTS!} können entweder nur dem bettelndem Mitglied direkt oder auch seinem Werber gutgeschrieben werden können."; @@ -179,7 +179,7 @@ case "update": // Update an extension break; case "0.1.5": // SQL queries for v0.1.5 - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET title='Bettellink/-rallye', descr='IP-Sperre, {!POINTS!}-Vergütung und auch die Bettel-Rallye können Sie hier einstellen.' WHERE what='config_beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_admin_menu` SET title='Bettellink/-rallye', descr='IP-Sperre, {!POINTS!}-Vergütung und auch die Bettel-Rallye können Sie hier einstellen.' WHERE what='config_beg' LIMIT 1"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Fehlendes Template im Admin-Bereich hinzugefügt. Im Admin-Bereich Hinweis hinzugefügt, wenn Bettel-Rallye inaktiv ist. Bitte Script inc/monthly_beg.php löschen!"; @@ -191,14 +191,14 @@ case "update": // Update an extension break; case "0.1.7": // SQL queries for v0.1.7 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_ral_en_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_ral_di_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_new_mem_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_notify_bonus DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.00000'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_notify_wait BIGINT(20) UNSIGNED NOT NULL DEFAULT '30'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD beg_ral_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD beg_ral_en_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD beg_ral_di_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_ral_en_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_ral_di_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_new_mem_notify ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_notify_bonus DOUBLE(20,5) UNSIGNED NOT NULL DEFAULT '0.00000'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_notify_wait BIGINT(20) UNSIGNED NOT NULL DEFAULT '30'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_user_data` ADD beg_ral_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_user_data` ADD beg_ral_en_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_user_data` ADD beg_ral_di_notify BIGINT(20) UNSIGNED NOT NULL DEFAULT '0'"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Die Mitglieder können nun optional automatisch über eine aktivierte und/oder deaktivierte Bettel-Rallye informiert werden. Beide Benachrichtigungen können Sie unter Einstellungen --> Bettel-Link/-rallye seperat ein- und ausschalten! Zudem ist eine Sperre gegen eingeloggte Mitglieder eingebaut, die das Klicken auf den eigenen Bettel-Link etwas erschweren soll."; @@ -225,7 +225,7 @@ case "update": // Update an extension break; case "0.2.2": // SQL queries for v0.2.2 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD beg_include_own ENUM('Y','N') NOT NULL DEFAULT 'N'"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD beg_include_own ENUM('Y','N') NOT NULL DEFAULT 'N'"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Eigene User-ID von Bettel-Rallye ausschliessbar."; @@ -237,8 +237,8 @@ case "update": // Update an extension break; case "0.2.4": // SQL queries for v0.2.4 - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_member_menu SET action='extras', sort='1' WHERE what='beg' LIMIT 1"; - $SQLs[] = "UPDATE "._MYSQL_PREFIX."_member_menu SET action='rals', sort='3', title='Bettel-Rallye' WHERE what='beg2' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET action='extras', sort='1' WHERE what='beg' LIMIT 1"; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET action='rals', sort='3', title='Bettel-Rallye' WHERE what='beg2' LIMIT 1"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Mitgliedsmenü komplett umgebaut."; @@ -248,6 +248,14 @@ case "update": // Update an extension // Update notes (these will be set as task text!) $UPDATE_NOTES = "Fehlerhinweis bei deaktivierter Erweiterung verbessert."; break; + + case "0.2.6": // SQL queries for v0.2.6 + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_beg_ips` ADD sid VARCHAR(255) NOT NULL DEFAULT ''"; + $SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD `beg_pay_mode` ENUM('IMG','JS','BOTH','NONE') DEFAULT 'NONE' NOT NULL ;"; + + // Update notes (these will be set as task text!) + $UPDATE_NOTES = "IP-Lock mit Session-ID erweitert. Tracker-Script eingefügt, dass das Einbinden des Bettel-Links als Bild/Script/CSS verhindern soll."; + break; } break; @@ -255,16 +263,13 @@ default: // Do stuff when extension is loaded // Remove old entries $OLD = $_CONFIG['beg_timeout']; if ($_CONFIG['beg_uid_timeout'] > $OLD) $OLD = $_CONFIG['beg_uid_timeout']; - $result_ext = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_beg_ips WHERE timeout < (UNIX_TIMESTAMP() -".($OLD - 60*60).")", __FILE__, __LINE__); + $result_ext = SQL_QUERY("DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_beg_ips` WHERE timeout < (UNIX_TIMESTAMP() -".($OLD + 60*60).")", __FILE__, __LINE__); // Check for beg rallye is active and send mails out if (($_CONFIG['beg_rallye'] == "Y") && ($_CONFIG['beg_new_mem_notify'] == "Y")) { // Include file for sending out mails $INC_POOL[] = sprintf("%sinc/mails/beg_mails.php", PATH); - } - - // Return code for the URL - define('CODE_BEG_SAME_AS_OWN', 100); + } // END - if break; } diff --git a/inc/extensions/ext-refback.php b/inc/extensions/ext-refback.php index 120aaf2560..42d1672a5c 100644 --- a/inc/extensions/ext-refback.php +++ b/inc/extensions/ext-refback.php @@ -76,12 +76,12 @@ case "remove": // Do stuff when removing extension case "activate": // Do stuff when admin activates this extension // SQL commands to run - $SQLs[] = ""; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET visible='Y' locked='N' WHERE what='refback' LIMIT 1"; break; case "deactivate": // Do stuff when admin deactivates this extension // SQL commands to run - $SQLs[] = ""; + $SQLs[] = "UPDATE `"._MYSQL_PREFIX."_member_menu` SET locked='Y' WHERE what='refback' LIMIT 1"; break; case "update": // Update an extension diff --git a/inc/extensions/ext-sql_patches.php b/inc/extensions/ext-sql_patches.php index 9b0bed6a62..78f1bf2aa8 100644 --- a/inc/extensions/ext-sql_patches.php +++ b/inc/extensions/ext-sql_patches.php @@ -358,7 +358,7 @@ PRIMARY KEY(id) break; case "0.2.7": // SQL queries for v0.2.7 - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (action,what,title,sort) VALUES ('main','themes','Designs', 6)"; + $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','themes','Designs', 6,'Y','N')"; $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD curr_theme VARCHAR(255) NOT NULL DEFAULT 'default'"; $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD stats_limit BIGINT(20) UNSIGNED NOT NULL DEFAULT '10'"; $SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET what='config_stats' WHERE what='stats' LIMIT 1"; @@ -672,7 +672,7 @@ PRIMARY KEY (id) break; case "0.5.4": // SQL queries for v0.5.4 - $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','reflist','Ref-Übersicht',5,'N','N')"; + $SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`sort`,`visible`,`locked`) VALUES ('main','reflist','Ref-Übersicht',5,'Y','N')"; // Depends on refback extension $EXT_UPDATE_DEPENDS = "refback"; diff --git a/inc/extensions/ext-wernis.php b/inc/extensions/ext-wernis.php index 6cd48a34ee..e9d2356dc1 100644 --- a/inc/extensions/ext-wernis.php +++ b/inc/extensions/ext-wernis.php @@ -38,13 +38,13 @@ if (!defined('__SECURITY')) { } // Version of this extension -$EXT_VERSION = "0.0.1"; +$EXT_VERSION = "0.0.2"; // Auto-set extension version if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION; // Version history array (add more with , "0.1" and so on) -$EXT_VER_HISTORY = array("0.0", "0.0.1"); +$EXT_VER_HISTORY = array("0.0", "0.0.1", "0.0.2"); switch ($EXT_LOAD_MODE) { @@ -121,6 +121,13 @@ case "update": // Update an extension // Update notes (these will be set as task text!) $UPDATE_NOTES = "Ein-/Auszahlungsfunktion getrennt ein- und ausschaltbar, sowie mit Umrechungsfaktoren {!POINTS!}->Wernis versehen. Prozentualer Abzug als "Betreibergebühr hinzugefügt, was z.B. für Wechselstuben interessant ist."; break; + + case "0.0.2": // SQL queries for v0.0.2 + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD wernis_pass_md5 VARCHAR(32) NOT NULL DEFAULT ''"; + + // Update notes (these will be set as task text!) + $UPDATE_NOTES = "Auszahlunsfunktion an die neue API 0.2-BETA angepasst. Demnach muss Ihr Wernis-Passwort beim Auszahlen benutzt werden und in Ihrem {!MT_WORD!} als MD5-Hash gespeichert werden."; + break; } break; diff --git a/inc/js/.htaccess b/inc/js/.htaccess new file mode 100644 index 0000000000..14249c50bd --- /dev/null +++ b/inc/js/.htaccess @@ -0,0 +1 @@ +Deny from all \ No newline at end of file diff --git a/inc/language/beg_de.php b/inc/language/beg_de.php index 2b25ea2643..0ba7e75813 100644 --- a/inc/language/beg_de.php +++ b/inc/language/beg_de.php @@ -83,6 +83,13 @@ define('BEG_SORRY_YOURE_LOGGED_IN_2', " geklickt. Sie haben somit auch keine "); define('BEG_SORRY_YOURE_LOGGED_IN_3', " {!POINTS!} erhalten!"); define('BEG_SAME_UID_AS_OWN', "Mitglieder-ID des Webmasters benutzt!"); +// Pay modes +define('ADMIN_BEG_PAY_MODE', "Wie sollen {!POINTS!} vergütet werden?"); +define('ADMIN_BEG_PAY_MODE_IMG', "Abgesichert durch ein 1x1-Pixel"); +define('ADMIN_BEG_PAY_MODE_JS', "Abgesichert durch ein Fake-JavaScript"); +define('ADMIN_BEG_PAY_MODE_BOTH', "Durch beides obriges absichern"); +define('ADMIN_BEG_PAY_MODE_NONE', "Keine Absicherung (unsicher)"); + // Begging rallye define('BEG_RANK', "Bettel-Rank"); define('BEG_TOTAL', "Gesamt erbettelt"); diff --git a/inc/language/wernis_de.php b/inc/language/wernis_de.php index e9a808a51b..56da9c0dde 100644 --- a/inc/language/wernis_de.php +++ b/inc/language/wernis_de.php @@ -59,6 +59,7 @@ define('WERNIS_ADMIN_API_ID', "WDS66-API-ID (api_id=x)"); define('WERNIS_ADMIN_API_MD5', "WDS66-API-Key (api_md5=xxxxx; 32-stellig)"); define('WERNIS_ADMIN_API_URL', "Basis-URL der API-Skripte"); define('WERNIS_ADMIN_REFID', "Ihre Referal-ID bei WDS66-Portal (= Ihr Username!)"); +define('WERNIS_ADMIN_WPASS', "Wernis-Passwort (nicht Account-Passwort!)"); define('WERNIS_ADMIN_CONFIG_NOTE', "Hier können Sie schon für 5,00€=25.000 Abfragen ein API-Account beantragen (dazu ist ein kostenloses Wernis-Account dennoch nötig!) Geben Sie immer Ihren Usernamen von WDS66-Hauptaccount ein und überprüfen Sie diesen mehrmals! Er wird zum Überweisen von und nach WDS66-Wernis-Portal benötigt. Die Betreibergebühren und Umrechnungsfaktoren sind für den Betrieb Ihres {!MT_WORD2!} komplett in Wernis ausgelegt, diese müssen Sie also noch anpassen, wenn Sie z.B. Punkte haben und in Wernis auszahlen lassen wollen."); define('WERNIS_ADMIN_NO_TRANSFERS', "Derzeit keine Wernis transferiert!"); define('WERNIS_ADMIN_WDS66_ACCOUNT', "Account bei WDS66-Portal"); diff --git a/inc/libs/beg_functions.php b/inc/libs/beg_functions.php new file mode 100644 index 0000000000..759c83d64c --- /dev/null +++ b/inc/libs/beg_functions.php @@ -0,0 +1,67 @@ + 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true; + + // Is begging rallye active? + if ($_CONFIG['beg_rallye'] == "Y") { + // Add points to rallye account + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1", + array($points, $uid), __FILE__, __LINE__); + } else { + // Add points to account + unset($DEPTH); + ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode'])); + } + + // Subtract begged points from member account if the admin has selected one + if ($_CONFIG['beg_uid'] > 0) { + // Subtract from this account + SUB_POINTS($_CONFIG['beg_uid'], $points); + } // END - if +} + +// [EOF] +?> diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php index 2308b81fa5..fed9c42c5c 100644 --- a/inc/libs/wernis_functions.php +++ b/inc/libs/wernis_functions.php @@ -262,7 +262,7 @@ function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) { // Payout this amount -function WERNIS_EXECUTE_PAYOUT ($wdsId, $userMd5, $amount) { +function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) { global $_CONFIG; // Default is failed attempt @@ -275,9 +275,9 @@ function WERNIS_EXECUTE_PAYOUT ($wdsId, $userMd5, $amount) { // Prepare the request data $requestData = array( 'sub_request' => "send", - 't_uid' => bigintval($wdsId), - 't_md5' => $userMd5, - 'r_uid' => $_CONFIG['wernis_refid'], + 't_uid' => $_CONFIG['wernis_refid'], + 't_md5' => $_CONFIG['wernis_pass_md5'], + 'r_uid' => bigintval($wdsId), 'amount' => bigintval($amount), 'purpose' => urlencode(base64_encode($purpose)) ); diff --git a/inc/modules/admin/what-adminedit.php b/inc/modules/admin/what-adminedit.php index aadbd0c3db..75045efc2b 100644 --- a/inc/modules/admin/what-adminedit.php +++ b/inc/modules/admin/what-adminedit.php @@ -44,7 +44,7 @@ ADD_DESCR("admin", __FILE__); $AND = "(what = '' OR what IS NULL)"; $SUB = ""; if (!empty($_GET['sub'])) { - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); + $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); } diff --git a/inc/modules/admin/what-chk_regs.php b/inc/modules/admin/what-chk_regs.php index 8f8ebc36af..db2c6657df 100644 --- a/inc/modules/admin/what-chk_regs.php +++ b/inc/modules/admin/what-chk_regs.php @@ -41,12 +41,12 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) { ADD_DESCR ("admin", basename(__FILE__)); // Check for accounts -$query = SQL_QUERY("SELECT userid, gender, surname, family, email, REMOTE_ADDR, refid, user_hash FROM "._MYSQL_PREFIX."_user_data WHERE status='UNCONFIRMED' ORDER BY userid", __FILE__, __LINE__); +$result = SQL_QUERY("SELECT userid, gender, surname, family, email, REMOTE_ADDR, refid, user_hash FROM "._MYSQL_PREFIX."_user_data WHERE status='UNCONFIRMED' ORDER BY userid", __FILE__, __LINE__); -if (SQL_NUMROWS($query) > 0) { +if (SQL_NUMROWS($result) > 0) { // We have some (new?) registrations! $SW = 2; $OUT = ""; - while (list($uid, $gender, $sname, $fname, $email, $IP, $ref, $hash) = SQL_FETCHROW($query)) { + while (list($uid, $gender, $sname, $fname, $email, $IP, $ref, $hash) = SQL_FETCHROW($result)) { if ($ref > 0) $ref = ADMIN_USER_PROFILE_LINK($ref); // Prepare array for the row template $content = array( @@ -66,8 +66,7 @@ if (SQL_NUMROWS($query) > 0) { $SW = 3 - $SW; } - // Free memory - SQL_FREERESULT($query); + // Remember rows define('__REG_ROWS', $OUT); // Load main template @@ -77,5 +76,8 @@ if (SQL_NUMROWS($query) > 0) { LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_CONFIRMED_EMAIL); } +// Free memory +SQL_FREERESULT($result); + // ?> diff --git a/inc/modules/admin/what-config_beg.php b/inc/modules/admin/what-config_beg.php index 6745c0ce95..b6033f28c4 100644 --- a/inc/modules/admin/what-config_beg.php +++ b/inc/modules/admin/what-config_beg.php @@ -77,6 +77,7 @@ if (isset($_POST['ok'])) { define('__BEG_RALLYE_N', " checked=\"checked\""); break; } + switch ($_CONFIG['beg_active']) { case 'Y': @@ -89,6 +90,7 @@ if (isset($_POST['ok'])) { define('__BEG_ACTIVE_N', " checked=\"checked\""); break; } + switch ($_CONFIG['beg_mode']) { case "DIRECT": @@ -101,6 +103,7 @@ if (isset($_POST['ok'])) { define('__BEG_MODE_REF' , " checked=\"checked\""); break; } + switch ($_CONFIG['beg_ral_en_notify']) { case 'Y': @@ -113,6 +116,7 @@ if (isset($_POST['ok'])) { define('__BEG_RAL_EN_NOTIFY_N', " checked=\"checked\""); break; } + switch ($_CONFIG['beg_ral_di_notify']) { case 'Y': @@ -125,6 +129,7 @@ if (isset($_POST['ok'])) { define('__BEG_RAL_DI_NOTIFY_N', " checked=\"checked\""); break; } + switch ($_CONFIG['beg_new_mem_notify']) { case 'Y': @@ -137,6 +142,7 @@ if (isset($_POST['ok'])) { define('__BEG_NEW_MEMBER_NOTIFY_N', " checked=\"checked\""); break; } + switch ($_CONFIG['beg_include_own']) { case 'Y': @@ -150,11 +156,42 @@ if (isset($_POST['ok'])) { break; } + switch ($_CONFIG['beg_pay_mode']) { + case "IMG": + define('__BEG_PAY_MODE_IMG' , " selected=\"selected\""); + define('__BEG_PAY_MODE_JS' , ""); + define('__BEG_PAY_MODE_BOTH', ""); + define('__BEG_PAY_MODE_NONE', ""); + break; + + case "JS": + define('__BEG_PAY_MODE_IMG' , ""); + define('__BEG_PAY_MODE_JS' , " selected=\"selected\""); + define('__BEG_PAY_MODE_BOTH', ""); + define('__BEG_PAY_MODE_NONE', ""); + break; + + case "BOTH": + define('__BEG_PAY_MODE_IMG' , ""); + define('__BEG_PAY_MODE_JS' , ""); + define('__BEG_PAY_MODE_BOTH', " selected=\"selected\""); + define('__BEG_PAY_MODE_NONE', ""); + break; + + case "NONE": + define('__BEG_PAY_MODE_IMG' , ""); + define('__BEG_PAY_MODE_JS' , ""); + define('__BEG_PAY_MODE_BOTH', ""); + define('__BEG_PAY_MODE_NONE', " selected=\"selected\""); + break; + } + // Add data to constant __MEMBER_SELECTION define('__MEMBER_SELECTION', ADD_MEMBER_SELECTION_BOX($_CONFIG['beg_uid'], false, true, true, "beg_uid")); // Load form template LOAD_TEMPLATE("admin_config_beg"); } + // ?> diff --git a/inc/modules/admin/what-config_wernis.php b/inc/modules/admin/what-config_wernis.php index 6c4680a55d..be8e48fe7f 100644 --- a/inc/modules/admin/what-config_wernis.php +++ b/inc/modules/admin/what-config_wernis.php @@ -51,6 +51,10 @@ if (isset($_POST['ok'])) { $_POST['wernis_'.$revert] = REVERT_COMMA($_POST['wernis_'.$revert]); } // END - if + // Hash the password and remove clear-text + $_POST['wernis_pass_md5'] = md5($_POST['wernis_pass']); + unset($_POST['wernis_pass']); + // Save settings ADMIN_SAVE_SETTINGS($_POST); } else { diff --git a/inc/modules/admin/what-guestedit.php b/inc/modules/admin/what-guestedit.php index ebbcad632d..cf7ed37a83 100644 --- a/inc/modules/admin/what-guestedit.php +++ b/inc/modules/admin/what-guestedit.php @@ -44,9 +44,9 @@ ADD_DESCR("admin", __FILE__); $AND = "(what = '' OR what IS NULL)"; $SUB = ""; if (!empty($_GET['sub'])) { - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); + $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); -} +} // END - if // Get count of (maybe) selected menu points $chk = 0; @@ -65,12 +65,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if ($confirm == 1) { $cnt++; - $query = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($query) == 1) + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... - list($menu, $act, $wht) = SQL_FETCHROW($query); + list($menu, $act, $wht) = SQL_FETCHROW($result); SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, @@ -112,12 +112,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if ($confirm == 1) { $cnt++; - $query = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($query) == 1) + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... - list($menu) = SQL_FETCHROW($query); + list($menu) = SQL_FETCHROW($result); SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, @@ -157,7 +157,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) $sel = bigintval($sel); // Update entry - $query = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", array($menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], $sel),__FILE__, __LINE__); } LOAD_TEMPLATE("admin_data_saved"); @@ -167,7 +167,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) foreach ($_POST['sel'] as $sel => $menu) { // Delete enty - $query = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); } LOAD_TEMPLATE("admin_data_saved"); @@ -278,31 +278,22 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) // By default list menus if (empty($SUB)) { // List only main menus - $query = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); } else { // List sub menus - $query = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC", + $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC", array($SUB), __FILE__, __LINE__); } // Get number of menu entries - $max = SQL_NUMROWS($query); + $max = SQL_NUMROWS($result); if ($max > 0) { - // Some entties does exist! - if (!empty($SUB)) - { - // Set sub value - define('__SUB_VALUE', $SUB); - } - else - { - // No sub menu selected - define('__SUB_VALUE', ""); - } + // Set sub value + define('__SUB_VALUE', $SUB); $SW = 2; $cnt = 0; $OUT = ""; - while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($query)) + while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result)) { $cnt++; if (($sort == 0) || (($sort == 1) && (!empty($SUB)))) @@ -337,7 +328,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) } // Free memory - SQL_FREERESULT($query); + SQL_FREERESULT($result); define('__MENU_ROWS', $OUT); // Load template diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php index 8e9fb5466c..2c464b2229 100644 --- a/inc/modules/admin/what-memedit.php +++ b/inc/modules/admin/what-memedit.php @@ -43,9 +43,8 @@ ADD_DESCR("admin", __FILE__); // Do we edit/delete/change main menus or sub menus? $AND = "(what = '' OR what IS NULL)"; $SUB = ""; -if (!empty($_GET['sub'])) -{ - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); +if (!empty($_GET['sub'])) { + $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); } @@ -77,7 +76,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) 'sel' => $sel, 'menu' => $menu, 'sw' => $SW, - 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act), + 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act), 'what' => ADMIN_MAKE_MENU_SELECTION("member", "what", "sel_what[".$sel."]", $wht), ); // Load template @@ -272,8 +271,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) $max = SQL_NUMROWS($result); if ($max > 0) { - $SUB = ""; - if (!empty($SUB)) $SUB = $SUB; + // Set sub value define('__SUB_VALUE', $SUB); $SW = 2; $cnt = 0; $OUT = ""; diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php index 4d47daabe5..f38498b40b 100644 --- a/inc/modules/member/what-wernis.php +++ b/inc/modules/member/what-wernis.php @@ -265,7 +265,7 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) { OUTPUT_HTML("
"); } else { // All is fine here so do the withdraw - $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']); + $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], $_POST['amount']); if ($success) { // Sub points SUB_POINTS($GLOBALS['userid'], $_POST['amount']); diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 036e853939..be834e68f2 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -1522,11 +1522,11 @@ function GET_ADMIN_DEFAULT_ACL ($aid) { // Update cache hits if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } - } else { + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", array(bigintval($ret)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (SQL_NUMROWS($result_aid) == 1) { // Fetch data list($ret) = SQL_FETCHROW($result_aid); diff --git a/templates/de/html/admin/admin_config_beg.tpl b/templates/de/html/admin/admin_config_beg.tpl index 439bad394e..5fac24f74f 100644 --- a/templates/de/html/admin/admin_config_beg.tpl +++ b/templates/de/html/admin/admin_config_beg.tpl @@ -126,7 +126,8 @@   - {--ADMIN_BEG_RALLYE_ONLY_ACTIVE--} + + {--ADMIN_BEG_RALLYE_ONLY_ACTIVE--}    {--NO--} + +   + + + + {--ADMIN_BEG_PAY_MODE--} + +   + + + +   - {--ADMIN_EDIT_BEG_RALLYE_NOTIFICATIONS--} + {--ADMIN_EDIT_BEG_RALLYE_NOTIFICATIONS--} +   diff --git a/templates/de/html/admin/admin_config_wernis.tpl b/templates/de/html/admin/admin_config_wernis.tpl index 093ba8d6b2..fd7f95554f 100644 --- a/templates/de/html/admin/admin_config_wernis.tpl +++ b/templates/de/html/admin/admin_config_wernis.tpl @@ -44,6 +44,13 @@ + + {--WERNIS_ADMIN_WPASS--}: +   + + + +   diff --git a/templates/de/html/beg/beg_pay_mode_both.tpl b/templates/de/html/beg/beg_pay_mode_both.tpl new file mode 100644 index 0000000000..e065e5b40a --- /dev/null +++ b/templates/de/html/beg/beg_pay_mode_both.tpl @@ -0,0 +1,9 @@ + + + + +
+ {--BEG_LINK_PAY_BOTH_1--}$content[uid] + {--BEG_LINK_PAY_BOTH_2--}$content[points] + {--BEG_LINK_PAY_BOTH_3--}$content[clicks]{--BEG_LINK_PAY_BOTH_4--} +
-- 2.39.5