From a6471bb025f8149ec310a1eb6371cdc7d0011b49 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Mon, 27 Jul 2009 20:56:16 +0000 Subject: [PATCH] More fixes for missing variables, array elements and logical bugs... --- inc/functions.php | 6 ++++++ inc/modules/login.php | 4 ++-- inc/mysql-manager.php | 27 ++++++++++++++------------- 3 files changed, 22 insertions(+), 15 deletions(-) diff --git a/inc/functions.php b/inc/functions.php index 9589c5e15c..ab9fec7b50 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -2386,6 +2386,12 @@ function getThemeId ($name) { // Generates an error code from given account status function generateErrorCodeFromUserStatus ($status) { + // @TODO The status should never be empty + if (empty($status)) { + // Something really bad happend here + debug_report_bug(__FUNCTION__ . ': status is empty.'); + } // END - if + // Default error code if unknown account status $errorCode = getCode('UNKNOWN_STATUS'); diff --git a/inc/modules/login.php b/inc/modules/login.php index 1c796983da..90a768f922 100644 --- a/inc/modules/login.php +++ b/inc/modules/login.php @@ -46,9 +46,9 @@ if (!defined('__SECURITY')) { redirectToUrl($URL); } -if ($status != 'CONFIRMED') { +if ($GLOBALS['status'] != 'CONFIRMED') { // If the status is different than confirmed move the user away from here - $errorCode = generateErrorCodeFromUserStatus($status); + $errorCode = generateErrorCodeFromUserStatus($GLOBALS['status']); // Load URL redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode); diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 2fdeaa1ad8..6d8037fa6c 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -510,21 +510,22 @@ function ADD_MENU ($mode, $act, $wht) { // Checks wether the current user is a member function IS_MEMBER () { - // @TODO Why is this global??? #100 - global $status; + // By default no member + $ret = false; // Fix missing 'last' array, damn stupid code :((( // @TODO Try to rewrite this to one or more functions if ((!isset($GLOBALS['last'])) || (!is_array($GLOBALS['last']))) $GLOBALS['last'] = array(); - $ret = false; - // is the cache entry there? - if (isset($GLOBALS['cache_array']['is_member'])) { + if (isset($GLOBALS['is_member'])) { // Then return it - return $GLOBALS['cache_array']['is_member']; + return $GLOBALS['is_member']; } // END - if + // Init global 'status' + $GLOBALS['status'] = false; + // Fix "deleted" cookies first fixDeletedCookies(array('userid', 'u_hash')); @@ -532,23 +533,23 @@ function IS_MEMBER () { if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) { // Cookies are set with values, but are they valid? $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); + array(getUserId()), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load data from cookies - list($password, $status, $mod, $onl) = SQL_FETCHROW($result); + list($password, $GLOBALS['status'], $mod, $onl) = SQL_FETCHROW($result); // Validate password by created the difference of it and the secret key $valPass = generatePassString($password); // Transfer last module and online time if ((!empty($mod)) && (empty($GLOBALS['last']['module']))) { + // @TODO Try to rewrite this to one or more functions $GLOBALS['last']['module'] = $mod; $GLOBALS['last']['online'] = $onl; } // END - if // So did we now have valid data and an unlocked user? - //* DEBUG: */ echo $valPass."
".getSession('u_hash')."
"; - if (($status == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { + if (($GLOBALS['status'] == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { // Account is confirmed and all cookie data is valid so he is definely logged in! :-) $ret = true; } else { @@ -571,7 +572,7 @@ function IS_MEMBER () { } // Cache status - $GLOBALS['cache_array']['is_member'] = $ret; + $GLOBALS['is_member'] = $ret; // Return status return $ret; @@ -1052,13 +1053,13 @@ function removeReceiver (&$receivers, $key, $uid, $pool_id, $stats_id='', $bonus // Try to look the entry up $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_links` WHERE %s='%s' AND `userid`=%s AND link_type='%s' LIMIT 1", - array($rowName, $stats_id, bigintval($uid), $type), __FUNCTION__, __LINE__); + array($rowName, $stats_id, bigintval($uid), $type), __FUNCTION__, __LINE__); // Was it *not* found? if (SQL_NUMROWS($result) == 0) { // So we add one! SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_links` (%s, userid, link_type) VALUES ('%s','%s','%s')", - array($rowName, $stats_id, bigintval($uid), $type), __FUNCTION__, __LINE__); + array($rowName, $stats_id, bigintval($uid), $type), __FUNCTION__, __LINE__); $ret = 'done'; } else { // Already found -- 2.39.5