From b8ba3824d640da47d5f81485650b5885ba60867b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 2 Dec 2008 18:22:31 +0000 Subject: [PATCH] Some missing brackes added, sponsor guest modules now depends on extension --- inc/databases.php | 2 +- inc/modules/guest/what-active.php | 2 +- inc/modules/guest/what-beg.php | 2 +- inc/modules/guest/what-login.php | 32 +++--- inc/modules/guest/what-rallyes.php | 2 +- inc/modules/guest/what-sponsor_agb.php | 7 ++ inc/modules/guest/what-sponsor_infos.php | 29 +++-- inc/modules/guest/what-sponsor_login.php | 136 ++++++++--------------- inc/modules/guest/what-sponsor_reg.php | 83 +++++++------- surfbar.php | 8 +- 10 files changed, 134 insertions(+), 169 deletions(-) diff --git a/inc/databases.php b/inc/databases.php index c7a46a17cd..25f1607c87 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -114,7 +114,7 @@ define('USAGE_BASE', "usage"); define('SERVER_URL', "http://www.mxchange.org"); // This current patch level -define('CURR_SVN_REVISION', "582"); +define('CURR_SVN_REVISION', "583"); // Take a prime number which is long (if you know a longer one please try it out!) define('_PRIME', 591623); diff --git a/inc/modules/guest/what-active.php b/inc/modules/guest/what-active.php index 2d701c2ddc..cc5774b0e0 100644 --- a/inc/modules/guest/what-active.php +++ b/inc/modules/guest/what-active.php @@ -35,7 +35,7 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} elseif (!EXT_IS_ACTIVE("active")) +} elseif (!EXT_IS_ACTIVE("active")) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "active"); return; } diff --git a/inc/modules/guest/what-beg.php b/inc/modules/guest/what-beg.php index 36ba9831d5..bf86a824a3 100644 --- a/inc/modules/guest/what-beg.php +++ b/inc/modules/guest/what-beg.php @@ -35,7 +35,7 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} elseif (!EXT_IS_ACTIVE("beg")) +} elseif (!EXT_IS_ACTIVE("beg")) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "beg"); return; } diff --git a/inc/modules/guest/what-login.php b/inc/modules/guest/what-login.php index 6dddc59702..0e74a953e3 100644 --- a/inc/modules/guest/what-login.php +++ b/inc/modules/guest/what-login.php @@ -92,18 +92,18 @@ if (IS_MEMBER()) { if ($probe_nickname === true) { // Nickname entered $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$LAST." FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' AND status='CONFIRMED' LIMIT 1", - array($uid), __FILE__, __LINE__); + array($uid), __FILE__, __LINE__); list($uid2, $password, $online, $login) = SQL_FETCHROW($result); if (!empty($uid2)) $uid = bigintval($uid2); } else { // Direct userid entered $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$LAST." FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array($uid, $hash), __FILE__, __LINE__); - list($dmy, $password, $online, $login) = SQL_FETCHROW($result); + array($uid, $hash), __FILE__, __LINE__); + list($uid2, $password, $online, $login) = SQL_FETCHROW($result); } // Is there an entry? - if ((SQL_NUMROWS($result) == 1) && ((($probe_nickname) && (!empty($uid2))) || ($dmy == $uid))) { + if ((SQL_NUMROWS($result) == 1) && ((($probe_nickname) && (!empty($uid2))) || ($uid2 == $uid))) { // Free result SQL_FREERESULT($result); @@ -115,7 +115,7 @@ if (IS_MEMBER()) { // Just set the hash to the password from DB... :) $hash = $password; } else { - // Encrypt hash for comparsion + // Hash password with improved way for comparsion $hash = generateHash($_POST['password'], substr($password, 0, -40)); } @@ -124,8 +124,8 @@ if (IS_MEMBER()) { $hash = generateHash($_POST['password']); // ... and update database - $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array($hash, $uid), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s AND status='CONFIRMED' LIMIT 1", + array($hash, $uid), __FILE__, __LINE__); // No login bonus by default $BONUS = false; @@ -135,17 +135,22 @@ if (IS_MEMBER()) { if (!empty($login)) $probe = time() - $login; if ((GET_EXT_VERSION("bonus") >= "0.2.2") && ($probe >= $_CONFIG['login_timeout'])) { // Add login bonus to user's account - $ADD = ", login_bonus=login_bonus+'".$_CONFIG['login_bonus']."'"; + $ADD = sprintf(", login_bonus=login_bonus+%s", + (float)$_CONFIG['login_bonus'] + ); $BONUS = true; // Subtract login bonus from userid's account or jackpot if ((GET_EXT_VERSION("bonus") >= "0.3.5") && ($_CONFIG['bonus_mode'] != "ADD")) BONUS_POINTS_HANDLER('login_bonus'); } // END - if + // Init variables + $life = "-1"; $login = false; // Secure lifetime from input form $l = bigintval($_POST['lifetime']); - $life = "-1"; + + // Is the lifetime set? if ($l > 0) { // Calculate lifetime of cookies $life = time() + $l; @@ -156,7 +161,8 @@ if (IS_MEMBER()) { // Update cookies $login = (set_session("userid" , $uid , $life, COOKIE_PATH) && set_session("u_hash" , $hash, $life, COOKIE_PATH) - && set_session("lifetime", $l , $life, COOKIE_PATH)); + && set_session("lifetime", $l , $life, COOKIE_PATH) + ); // Update global array $GLOBALS['userid'] = $uid; @@ -168,7 +174,7 @@ if (IS_MEMBER()) { if ($login) { // Update database records $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET total_logins=total_logins+1".$ADD." WHERE userid=%s LIMIT 1", - array($uid), __FILE__, __LINE__); + array($uid), __FILE__, __LINE__); if (SQL_AFFECTEDROWS() == 1) { // Procedure to checking for login data if (($BONUS) && (EXT_IS_ACTIVE("bonus"))) { @@ -194,10 +200,10 @@ if (IS_MEMBER()) { // Wrong password! $ERROR = CODE_WRONG_PASS; } - } elseif ((($probe_nickname) && (!empty($uid2))) || ($dmy == $uid)) { + } elseif ((($probe_nickname) && (!empty($uid2))) || ($uid2 == $uid)) { // Other account status? $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($uid), __FILE__, __LINE__); + array($uid), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { diff --git a/inc/modules/guest/what-rallyes.php b/inc/modules/guest/what-rallyes.php index 94b818a74c..680f16125d 100644 --- a/inc/modules/guest/what-rallyes.php +++ b/inc/modules/guest/what-rallyes.php @@ -35,7 +35,7 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} elseif (!EXT_IS_ACTIVE("rallye")) +} elseif (!EXT_IS_ACTIVE("rallye")) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "rallye"); return; } diff --git a/inc/modules/guest/what-sponsor_agb.php b/inc/modules/guest/what-sponsor_agb.php index 43a25fc861..ec291ec77a 100644 --- a/inc/modules/guest/what-sponsor_agb.php +++ b/inc/modules/guest/what-sponsor_agb.php @@ -34,6 +34,13 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); +} elseif ((!EXT_IS_ACTIVE("sponsor"))) { + if (IS_ADMIN()) { + ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor")); + } else { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + } + return; } // Add description as navigation point diff --git a/inc/modules/guest/what-sponsor_infos.php b/inc/modules/guest/what-sponsor_infos.php index 886cbcc965..39cf47fe7e 100644 --- a/inc/modules/guest/what-sponsor_infos.php +++ b/inc/modules/guest/what-sponsor_infos.php @@ -34,6 +34,13 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); +} elseif ((!EXT_IS_ACTIVE("sponsor"))) { + if (IS_ADMIN()) { + ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor")); + } else { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + } + return; } // Add description as navigation point @@ -51,12 +58,10 @@ WHERE m.action='actions' AND r.is_active='Y' ORDER BY m.sort ASC", __FILE__, __LINE__); $num_act = SQL_NUMROWS($result_act); -if ($num_act > 0) -{ +if ($num_act > 0) { // Load all actions $OUT_ACT = ""; $SW = 2; - while (list($title, $conv, $name) = SQL_FETCHROW($result_act)) - { + while (list($title, $conv, $name) = SQL_FETCHROW($result_act)) { // Prepare data for the row template $content = array( 'sw' => $SW, @@ -68,16 +73,14 @@ if ($num_act > 0) // Load row template and switch color $OUT_ACT .= LOAD_TEMPLATE("guest_sponsor_act_row", true, $content); $SW = 3 - $SW; - } + } // END - while // Check for pay types $result_pay = SQL_QUERY("SELECT pay_name, pay_rate, pay_min_count, pay_currency FROM "._MYSQL_PREFIX."_sponsor_paytypes ORDER BY pay_name", __FILE__, __LINE__); - if (SQL_NUMROWS($result_pay) > 0) - { + if (SQL_NUMROWS($result_pay) > 0) { // Load all pay types $OUT_PAY = ""; $SW = 2; - while (list($name, $rate, $min, $curr) = SQL_FETCHROW($result_pay)) - { + while (list($name, $rate, $min, $curr) = SQL_FETCHROW($result_pay)) { // Prepare data for the row template $content = array( 'sw' => $SW, @@ -92,17 +95,13 @@ if ($num_act > 0) $OUT_PAY .= LOAD_TEMPLATE("guest_sponsor_pay_row", true, $content); $SW = 3 - $SW; } - } - else - { + } else { // No pay types setuped so far! $OUT_PAY = " ".LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_ACTIONS_ACTIVATED)." "; } -} - else -{ +} else { // No actions activated so far! $OUT_ACT = " ".LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_ACTIONS_ACTIVATED)." diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php index d224bc3672..3586e33e88 100644 --- a/inc/modules/guest/what-sponsor_login.php +++ b/inc/modules/guest/what-sponsor_login.php @@ -34,25 +34,30 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); +} elseif ((!EXT_IS_ACTIVE("sponsor"))) { + if (IS_ADMIN()) { + ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor")); + } else { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + } + return; } // Add description as navigation point ADD_DESCR("guest", __FILE__); $MODE = ""; -if (!empty($_GET['mode'])) -{ +if (!empty($_GET['mode'])) { // A "special" mode of the login system was requested switch ($_GET['mode']) { case "activate" : $MODE = "activate"; break; // Activation link requested case "lost_pass": $MODE = "lost_pass"; break; // Request new password } -} +} // END - if // Check if hash for confirmation of email address is given... -if (!empty($_GET['hash'])) -{ +if (!empty($_GET['hash'])) { // Lookup sponsor $result = SQL_QUERY_ESC("SELECT id, status, gender, surname, family, company, position, tax_ident, @@ -61,8 +66,7 @@ points_amount AS points, last_pay AS pay, last_curr AS curr FROM "._MYSQL_PREFIX."_sponsor_data WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1", array($_GET['hash']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + if (SQL_NUMROWS($result) == 1) { // Sponsor found, load his data... $SPONSOR = SQL_FETCHARRAY($result); @@ -72,16 +76,14 @@ LIMIT 1", array($_GET['hash']), __FILE__, __LINE__); $SPONSOR['pay'] = TRANSLATE_COMMA($SPONSOR['pay']); // Unconfirmed account or changed email address? - if ($SPONSOR['status'] == "UNCONFIRMED") - { + if ($SPONSOR['status'] == "UNCONFIRMED") { // Set account to pending $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING' WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1", array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__); - // Check on success - if (SQL_AFFECTEDROWS() == 1) - { + // Check on success + if (SQL_AFFECTEDROWS() == 1) { // Prepare mail and send it to the sponsor $MSG = LOAD_EMAIL_TEMPLATE("sponsor_pending", $SPONSOR); SEND_EMAIL($SPONSOR['email'], SPONSOR_ACCOUNT_PENDING_SUBJ, $MSG); @@ -91,65 +93,51 @@ WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1", // Sponsor account set to pending LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_PENDING); - } - else - { + } else { // Could not unlock account! LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_PENDING_FAILED); } - } - elseif ($SPONSOR['status'] == "EMAIL") - { + } elseif ($SPONSOR['status'] == "EMAIL") { // Changed email adress need to be confirmed $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED' WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1", array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__); // Check on success - if (SQL_AFFECTEDROWS() == 1) - { + if (SQL_AFFECTEDROWS() == 1) { // Sponsor account is unlocked again LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN); - } - else - { + } else { // Could not unlock account! LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_EMAIL_FAILED); } - } - else - { + } else { /// ??? Other status? LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_STATUS_FAILED); } - } - else - { + } else { // No sponsor found LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_404); } // Free memory SQL_FREERESULT($result); -} - elseif ($MODE == "activate") -{ +} elseif ($MODE == "activate") { // Send activation link again - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Check submitted data if (empty($_POST['email'])) unset($_POST['ok']); } - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Check email $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created FROM "._MYSQL_PREFIX."_sponsor_data WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1", - array($_POST['email']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + array($_POST['email']), __FILE__, __LINE__); + + // Entry found? + if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data $SPONSOR = SQL_FETCHARRAY($result); @@ -158,13 +146,10 @@ WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1", $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']); // Prepare email and send it to the sponsor - if ($SPONSOR['status'] == "UNCONFIRMED") - { + if ($SPONSOR['status'] == "UNCONFIRMED") { // Unconfirmed accounts $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_activate", $SPONSOR); - } - else - { + } else { // Confirmed email address $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_email", $SPONSOR); } @@ -172,40 +157,32 @@ WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1", // Output message LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_SENT); - } - else - { + } else { // No account found or not UNCONFIRMED LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_404); } // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Load form LOAD_TEMPLATE("guest_sponsor_activate"); } -} - elseif ($MODE == "lost_pass") -{ +} elseif ($MODE == "lost_pass") { // Send new password - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Check submitted data if (empty($_POST['email'])) unset($_POST['ok']); - } + } // END - if - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Check email $result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created FROM "._MYSQL_PREFIX."_sponsor_data WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1", - array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__); + // Entry found? + if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data $SPONSOR = SQL_FETCHARRAY($result); @@ -227,34 +204,26 @@ WHERE id='%s' LIMIT 1", // Output message LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_SENT); - } - else - { + } else { // No account found or not UNCONFIRMED LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_404); } // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Load form LOAD_TEMPLATE("guest_sponsor_lost"); } -} - elseif (isset($_POST['ok'])) -{ +} elseif (isset($_POST['ok'])) { // Check status and login data ... $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' AND password='%s' LIMIT 1", array(bigintval($_POST['sponsorid']), md5($_POST['pass'])), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + if (SQL_NUMROWS($result) == 1) { // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account? list($status) = SQL_FETCHROW($result); - if ($status == "CONFIRMED") - { + if ($status == "CONFIRMED") { // Calculate cookie lifetime, maybe we have to change this so the admin can setup a // seperate timeout for these two cookies? $life = (time() + $_CONFIG['online_timeout']); @@ -263,13 +232,10 @@ WHERE id='%s' AND password='%s' LIMIT 1", $login = ((setcookie("sponsorid" , bigintval($_POST['sponsorid']), $life, COOKIE_PATH)) && (setcookie("sponsorpass", md5($_POST['pass']) , $life, COOKIE_PATH))); - if ($login) - { + if ($login) { // Cookie setup successfull so we can forward to sponsor area LOAD_URL(URL."/modules.php?module=sponsor"); - } - else - { + } else { // Cookie setup failed! LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED); OUTPUT_HTML("
"); @@ -277,9 +243,7 @@ WHERE id='%s' AND password='%s' LIMIT 1", // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } - } - else - { + } else { // Status is not fine $content = constant('SPONSOR_LOGIN_FAILED_'.strtoupper($status).''); LOAD_TEMPLATE("admin_settings_saved", false, $content); @@ -288,9 +252,7 @@ WHERE id='%s' AND password='%s' LIMIT 1", // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } - } - else - { + } else { // Account missing or wrong pass! We shall not find this out for the "hacker folks"... LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOGIN_FAILED_404_WRONG_PASS); OUTPUT_HTML("
"); @@ -301,9 +263,7 @@ WHERE id='%s' AND password='%s' LIMIT 1", // Free memory SQL_FREERESULT($result); -} - else -{ +} else { // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } diff --git a/inc/modules/guest/what-sponsor_reg.php b/inc/modules/guest/what-sponsor_reg.php index 9e61d124e3..a101f17ae3 100644 --- a/inc/modules/guest/what-sponsor_reg.php +++ b/inc/modules/guest/what-sponsor_reg.php @@ -34,6 +34,13 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); +} elseif ((!EXT_IS_ACTIVE("sponsor"))) { + if (IS_ADMIN()) { + ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor")); + } else { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + } + return; } // Add description as navigation point @@ -47,107 +54,93 @@ if (isset($_POST['ok'])) { // Check submitted form data // // 1. Salutation / Surname / family name - if (empty($_POST['gender'])) - { + if (empty($_POST['gender'])) { // Surname is empty $FORM_ERRORS[] = SPONSOR_NO_GENDER_SELECTED; } - if (empty($_POST['surname'])) - { + + if (empty($_POST['surname'])) { // Surname is empty $FORM_ERRORS[] = SPONSOR_SURNAME_IS_EMPTY; } - if (empty($_POST['family'])) - { + + if (empty($_POST['family'])) { // Surname is empty $FORM_ERRORS[] = SPONSOR_FAMILY_IS_EMPTY; } + // 2. Company name - // 012 3 32 23 4 43 3 4 4321 12 3 32 2 3 3210 - if (((empty($_POST['company'])) && ((!empty($_POST['tax_ident'])) || (!empty($_POST['position'])))) || ((!empty($_POST['company'])) && (empty($_POST['tax_ident'])))) - { - if (empty($_POST['company'])) - { + // 012 3 32 23 4 43 3 4 4321 12 3 32 2 3 3210 + if (((empty($_POST['company'])) && ((!empty($_POST['tax_ident'])) || (!empty($_POST['position'])))) || ((!empty($_POST['company'])) && (empty($_POST['tax_ident'])))) { + if (empty($_POST['company'])) { // Company name is empty $FORM_ERRORS[] = SPONSOR_COMPANY_IS_EMPTY; - } - elseif (empty($_POST['tax_ident'])) - { + } elseif (empty($_POST['tax_ident'])) { // Tax ident number name is empty $FORM_ERRORS[] = SPONSOR_TAX_IDENT_IS_EMPTY; } - if (empty($_POST['position'])) - { + + if (empty($_POST['position'])) { // Not fatal but not nice: position in company is empty $FORM_ERRORS[] = SPONSOR_POSITION_IS_EMPTY; } } + // 3. Street and number - if (empty($_POST['street_nr1'])) - { + if (empty($_POST['street_nr1'])) { // Street name and house number are empty $FORM_ERRORS[] = SPONSOR_STREET_NR1_IS_EMPTY; - } - elseif ((!empty($_POST['street_nr2'])) && (empty($_POST['street_nr1']))) - { + } elseif ((!empty($_POST['street_nr2'])) && (empty($_POST['street_nr1']))) { // 1st line for street is empty, but 2nd line not $FORM_ERRORS[] = SPONSOR_STREET_NR1_IS_EMPTY_2_NOT; } + // 4. Country code - if (empty($_POST['country'])) - { + if (empty($_POST['country'])) { // Country code is empty $FORM_ERRORS[] = SPONSOR_COUNTRY_IS_EMPTY; - } - elseif (strlen($_POST['country']) != 2) - { + } elseif (strlen($_POST['country']) != 2) { // Country code is invalid $FORM_ERRORS[] = SPONSOR_COUNTRY_IS_INVALID; } + // 3. ZIP code - if (empty($_POST['zip'])) - { + if (empty($_POST['zip'])) { // ZIP code is empty $FORM_ERRORS[] = SPONSOR_ZIP_IS_EMPTY; - } - elseif (bigintval($_POST['zip']) != $_POST['zip']) - { + } elseif (bigintval($_POST['zip']) != $_POST['zip']) { // ZIP is invalid $FORM_ERRORS[] = SPONSOR_ZIP_IS_INVALID; $_POST['zip'] = ""; } + // 4. City - if (empty($_POST['city'])) - { + if (empty($_POST['city'])) { // City is empty $FORM_ERRORS[] = SPONSOR_CITY_IS_EMPTY; } + // 5. Phone number - if (empty($_POST['phone'])) - { + if (empty($_POST['phone'])) { // City is empty $FORM_ERRORS[] = SPONSOR_PHONE_IS_EMPTY; } + // 6. Homepage URL - if (empty($_POST['url'])) - { + if (empty($_POST['url'])) { // Homepage URL is empty $FORM_ERRORS[] = SPONSOR_URL_IS_EMPTY; - } - elseif (!VALIDATE_URL($_POST['url'])) - { + } elseif (!VALIDATE_URL($_POST['url'])) { // Homepage URL is invalid $FORM_ERRORS[] = SPONSOR_URL_IS_INVALID; $_POST['url'] = ""; } + // 7. Light validation of email address - if ((empty($_POST['email'])) || ($_POST['email'] == "@")) - { + if ((empty($_POST['email'])) || ($_POST['email'] == "@")) { // Email is invalid/empty $FORM_ERRORS[] = SPONSOR_EMAIL_IS_INVALID; - } - elseif (SPONSOR_FOUND_EMAIL_DB($_POST['email'])) - { + } elseif (SPONSOR_FOUND_EMAIL_DB($_POST['email'])) { // Email already found in database! $FORM_ERRORS[] = SPONSOR_EMAIL_IS_ALREADY_REGISTERED; $_POST['email'] = ""; diff --git a/surfbar.php b/surfbar.php index 4966280da1..973d4e1b5d 100644 --- a/surfbar.php +++ b/surfbar.php @@ -52,12 +52,12 @@ require("inc/config.php"); // Is the script installed? if (isBooleanConstantAndTrue('mxchange_installed')) { // Only logged in users may use this surfbar! - if (!IS_MEMBER()) { - // Redirect - LOAD_URL(URL."/modules.php?module=index"); - } elseif (!EXT_IS_ACTIVE("surfbar")) { + if (!EXT_IS_ACTIVE("surfbar")) { // Surfbar deactivated LOAD_URL(URL."/modules.php?module=login&msg=".CODE_EXTENSION_PROBLEM."&ext=surfbar"); + } elseif (!IS_MEMBER()) { + // Redirect + LOAD_URL(URL."/modules.php?module=index"); } // Handle tasks on self-maintenance -- 2.39.5