f1a90a82bde87f14eb7279694520284d0d2d515f
[mailer.git] / inc / mysql-manager.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/26/2003 *
4  * ===============                              Last change: 11/29/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : mysql-manager.php                                *
8  * -------------------------------------------------------------------- *
9  * Short description : All MySQL-related functions                      *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Alle MySQL-Relevanten Funktionen                 *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (!defined('__SECURITY')) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Returns the title for given module
41 function ADD_MODULE_TITLE ($mod) {
42         // Init variables
43         $name = "";
44         $result = false;
45
46         // Is the script installed?
47         if (isInstalled()) {
48                 // Check if cache is valid
49                 if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($GLOBALS['cache_array']['modules']['module'])) && (in_array($mod, $GLOBALS['cache_array']['modules']['module']))) {
50                         // Load from cache
51                         $name = $GLOBALS['cache_array']['modules']['title'][$mod];
52
53                         // Update cache hits
54                         incrementConfigEntry('cache_hits');
55                 } elseif (!EXT_IS_ACTIVE("cache")) {
56                         // Load from database
57                         $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_mod_reg` WHERE module='%s' LIMIT 1",
58                                 array($mod), __FILE__, __LINE__);
59                         list($name) = SQL_FETCHROW($result);
60                         SQL_FREERESULT($result);
61                 }
62         } // END - if
63
64         // Trim name
65         $name = trim($name);
66
67         // Still no luck or empty title?
68         if (empty($name)) {
69                 // No name found
70                 $name = sprintf("%s (%s)", getMessage('LANG_UNKNOWN_MODULE'), $mod);
71                 if (SQL_NUMROWS($result) == 0) {
72                         // Add module to database
73                         $dummy = CHECK_MODULE($mod);
74                 } // END - if
75         } // END - if
76
77         // Return name
78         return $name;
79 }
80
81 // Check validity of a given module name (no file extension)
82 function CHECK_MODULE ($mod) {
83         // Filter module name (names with low chars and underlines are fine!)
84         $mod = preg_replace("/[^a-z_]/", "", $mod);
85
86         // Check for prefix is a extension...
87         $modSplit = explode("_", $mod);
88         $extension = ""; $mod_chk = $mod;
89         //* DEBUG: */ echo __LINE__."*".count($modSplit)."*/".$mod."*<br />";
90         if (count($modSplit) == 2) {
91                 // Okay, there is a seperator (_) in the name so is the first part a module?
92                 //* DEBUG: */ echo __LINE__."*".$modSplit[0]."*<br />";
93                 if (EXT_IS_ACTIVE($modSplit[0])) {
94                         // The prefix is an extension's name, so let's set it
95                         $extension = $modSplit[0]; $mod = $modSplit[1];
96                 } // END - if
97         } // END - if
98
99         // Major error in module registry is the default
100         $ret = "major";
101
102         // Check if script is installed if not return a "done" to prevent some errors
103         if ((!isInstalled()) || (isInstalling()) || (!isAdminRegistered())) {
104                 // Not installed or no admin registered or in installation phase
105                 return "done";
106         } // END - if
107
108         // Init variables
109         $locked = "Y";
110         $hidden = "N";
111         $admin  = "N";
112         $mem    = "N";
113         $found  = false;
114
115         // Check if cache is latest version
116         if (GET_EXT_VERSION("cache") >= "0.1.2") {
117                 // Is the module cached?
118                 if (isset($GLOBALS['cache_array']['modules']['locked'][$mod_chk])) {
119                         // Check cache
120                         $locked = $GLOBALS['cache_array']['modules']['locked'][$mod_chk];
121                         $hidden = $GLOBALS['cache_array']['modules']['hidden'][$mod_chk];
122                         $admin  = $GLOBALS['cache_array']['modules']['admin_only'][$mod_chk];
123                         $mem    = $GLOBALS['cache_array']['modules']['mem_only'][$mod_chk];
124
125                         // Update cache hits
126                         incrementConfigEntry('cache_hits');
127                         $found = true;
128                 } else {
129                         // No, then we have to update it!
130                         $ret = "cache_miss";
131                 }
132         } elseif (!EXT_IS_ACTIVE("cache")) {
133                 // Check for module in database
134                 $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM `{!_MYSQL_PREFIX!}_mod_reg` WHERE module='%s' LIMIT 1",
135                         array($mod_chk), __FILE__, __LINE__);
136                 if (SQL_NUMROWS($result) == 1) {
137                         // Read data
138                         list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);
139                         SQL_FREERESULT($result);
140                         $found = true;
141                 }
142         }
143
144         // Is the module found?
145         if ($found === true) {
146                 // Check returned values against current access permissions
147                 //
148                 //  Admin access            ----- Guest access -----           --- Guest   or   member? ---
149                 if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_MEMBER())))) {
150                         // If you are admin you are welcome for everything!
151                         $ret = "done";
152                 } elseif ($locked == "Y") {
153                         // Module is locked
154                         $ret = "locked";
155                 } elseif (($mem == "Y") && (!IS_MEMBER())) {
156                         // You have to login first!
157                         $ret = "mem_only";
158                 } elseif (($admin == "Y") && (!IS_ADMIN())) {
159                         // Only the Admin is allowed to enter this module!
160                         $ret = "admin_only";
161                 } else {
162                         // @TODO Nothing helped???
163                         DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("ret=%s,locked=%s,admin=%s,mem=%s",
164                                 $ret,
165                                 $locked,
166                                 $admin,
167                                 $mem
168                         ));
169                 }
170         } // END - if
171
172         // Still no luck or not found?
173         if (($ret == "cache_miss") || (!$found)) {
174                 //              ----- Legacy module -----                                               ---- Module in base folder  ----                       --- Module with extension's name ---
175                 if ((FILE_READABLE(sprintf("%sinc/modules/%s.php", constant('PATH'), $mod))) || (FILE_READABLE(sprintf("%s%s.php", constant('PATH'), $mod))) || (FILE_READABLE(sprintf("%s%s/%s.php", constant('PATH'), $extension, $mod)))) {
176                         // Data is missing so we add it
177                         if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
178                                 // Since 0.3.6 we have a has_menu column, this took me a half hour
179                                 // to find a loop here... *sigh*
180                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_mod_reg`
181 (module, locked, hidden, mem_only, admin_only, has_menu) VALUES
182 ('%s','Y','N','N','N','N')", array($mod_chk), __FILE__, __LINE__);
183                         } else {
184                                 // Wrong/missing sql_patches!
185                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_mod_reg`
186 (module, locked, hidden, mem_only, admin_only) VALUES
187 ('%s','Y','N','N','N')", array($mod_chk), __FILE__, __LINE__);
188                         }
189
190                         // Everthing is fine?
191                         if (SQL_AFFECTEDROWS() < 1) {
192                                 // Something bad happend!
193                                 return "major";
194                         } // END - if
195
196                         // Destroy cache here
197                         REBUILD_CACHE("mod_reg", "modreg");
198
199                         // And reload data
200                         $ret = CHECK_MODULE($mod_chk);
201                 } else {
202                         // Module not found we don't add it to the database
203                         $ret = "404";
204                 }
205         } elseif (!$found) {
206                 // Problem with module detected
207                 DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Problem in module %s detected. ret=%s, locked=%s, hidden=%s, mem=%s, admin=%s",
208                         $mod,
209                         $ret,
210                         $locked,
211                         $hidden,
212                         $mem,
213                         $admin
214                 ));
215         }
216
217         // Return the value
218         return $ret;
219 }
220
221 // Add menu description pending on given file name (without path!)
222 function ADD_DESCR ($ACC_LVL, $FQFN, $return = false, $output = true) {
223         // Use only filename of the FQFN...
224         $file = basename($FQFN);
225
226         // Init variables
227         $LINK_ADD = "";
228         $OUT = "";
229         $AND = "";
230
231         // First we have to do some analysis...
232         if (substr($file, 0, 7) == "action-") {
233                 // This is an action file!
234                 $type = "action";
235                 $search = substr($file, 7);
236                 switch ($ACC_LVL) {
237                 case "admin":
238                         $modCheck = "admin";
239                         break;
240
241                 case "sponsor":
242                 case "guest":
243                 case "member":
244                         $modCheck = $GLOBALS['module'];
245                         break;
246                 }
247                 $AND = " AND (what='' OR `what` IS NULL)";
248         } elseif (substr($file, 0, 5) == "what-") {
249                 // This is an admin what file!
250                 $type = "what";
251                 $search = substr($file, 5);
252                 $AND = "";
253                 switch ($ACC_LVL) {
254                 case "admin":
255                         $modCheck = "admin";
256                         break;
257
258                 case "guest":
259                 case "member":
260                         $modCheck = $GLOBALS['module'];
261                         if (!IS_ADMIN()) {
262                                 $AND = " AND `visible`='Y' AND `locked`='N'";
263                         }
264                         break;
265                 }
266                 $dummy = substr($search, 0, -4);
267                 $AND .= " AND `action`='".GET_ACTION($ACC_LVL, $dummy)."'";
268         } elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine")) {
269                 // Sponsor / engine menu
270                 $type     = "what";
271                 $search   = $file;
272                 $modCheck = $GLOBALS['module'];
273                 $AND      = "";
274         } else {
275                 // Other
276                 $type     = "menu";
277                 $search   = $file;
278                 $modCheck = $GLOBALS['module'];
279                 $AND      = "";
280         }
281
282         // Begin the navigation line
283         if ((!isset($GLOBALS['nav_depth'])) && (!$return)) {
284                 $GLOBALS['nav_depth'] = 0;
285                 $prefix = "<div class=\"you_are_here\">{--YOU_ARE_HERE--}&nbsp;<strong><a class=\"you_are_here\" href=\"{!URL!}/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</a></strong>";
286         } else {
287                 if (!$return) $GLOBALS['nav_depth']++;
288                 $prefix = "";
289         }
290
291         $prefix .= "&nbsp;-&gt;&nbsp;";
292
293         // We need to remove .php and the end
294         if (substr($search, -4, 4) == ".php") {
295                 // Remove the .php
296                 $search = substr($search, 0, -4);
297         } // END - i
298
299         // Get the title from menu
300         $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE %s='%s' ".$AND." LIMIT 1",
301                 array($ACC_LVL, $type, $search), __FILE__, __LINE__);
302
303         // Menu found?
304         if (SQL_NUMROWS($result) == 1) {
305                 // Load title
306                 list($ret) = SQL_FETCHROW($result);
307
308                 // Shall we return it?
309                 if ($return) {
310                         // Return title
311                         return $ret;
312                 } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && (getConfig('youre_here') == "Y")) || ((IS_ADMIN()) && ($modCheck == "admin"))) {
313                         // Output HTML code
314                         $OUT = $prefix."<strong><a class=\"you_are_here\" href=\"{!URL!}/modules.php?module=".$modCheck."&amp;".$type."=".$search.$LINK_ADD."\">".$ret."</a></strong>\n";
315
316                         // Can we close the you-are-here navigation?
317                         //* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*<br />\n";
318                         if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview")))) {
319                                 //* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
320                                 // Add closing div and br-tag
321                                 $OUT .= "</div><br />\n";
322                                 $GLOBALS['nav_depth'] = "0";
323
324                                 // Run the filter chain
325                                 $ret = RUN_FILTER('post_youhere_line', array('access_level' => $ACC_LVL, 'type' => $type, 'content' => ""));
326                                 $OUT .= $ret['content'];
327                         } // END - if
328                 }
329         } // END - if
330
331         // Free result
332         SQL_FREERESULT($result);
333
334         // Return or output HTML code?
335         if ($output) {
336                 // Output HTML code here
337                 OUTPUT_HTML($OUT);
338         } else {
339                 // Return HTML code
340                 return $OUT;
341         }
342 }
343
344 //
345 function ADD_MENU ($MODE, $act, $wht) {
346         // Init some variables
347         $main_cnt = 0;
348         $AND = "";
349         $main_action = "";
350         $sub_what = "";
351
352         // is the menu action valid?
353         if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) {
354                 return getMessage('CODE_MENU_NOT_VALID');
355         } // END - if
356
357         // Non-admin shall not see all menus
358         if (!IS_ADMIN()) {
359                 $AND = " AND `visible`='Y' AND `locked`='N'";
360         }
361
362         // Load SQL data and add the menu to the output stream...
363         $result_main = SQL_QUERY_ESC("SELECT title, action FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE (what='' OR `what` IS NULL)".$AND." ORDER BY `sort`",
364                 array($MODE), __FILE__, __LINE__);
365         //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
366         if (SQL_NUMROWS($result_main) > 0) {
367                 OUTPUT_HTML("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
368                 // There are menus available, so we simply display them... :)
369                 while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) {
370                         //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
371                         // Init variables
372                         $BLOCK_MODE = false; $act = $main_action;
373
374                         // Prepare content
375                         $content = array(
376                                 'action' => $main_action,
377                                 'title'  => $main_title
378                         );
379
380                         // Load menu header template
381                         LOAD_TEMPLATE($MODE."_menu_title", false, $content);
382
383                         $result_sub = SQL_QUERY_ESC("SELECT title, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`",
384                          array($MODE, $main_action), __FILE__, __LINE__);
385                         $ctl = SQL_NUMROWS($result_sub);
386                         if ($ctl > 0) {
387                                 $cnt=0;
388                                 while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub)) {
389                                         // Init content
390                                         $content = "";
391
392                                         // Full file name for checking menu
393                                         //* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";
394                                         $FQFN = sprintf("%sinc/modules/%s/what-%s.php", constant('PATH'), $MODE, $sub_what);
395                                         if (FILE_READABLE($FQFN)) {
396                                                 if ((!empty($wht)) && (($wht == $sub_what))) {
397                                                         $content = "<strong>";
398                                                 }
399
400                                                 // Navigation link
401                                                 $content .= "<a name=\"menu\" class=\"menu_blur\" href=\"{!URL!}/modules.php?module=".$GLOBALS['module']."&amp;what=".$sub_what.ADD_URL_DATA("")."\" target=\"_self\">";
402                                         } else {
403                                                 $content .= "<em>";
404                                         }
405
406                                         // Menu title
407                                         $content .= getConfig('menu_blur_spacer') . $sub_title;
408
409                                         if (FILE_READABLE($FQFN)) {
410                                                 $content .= "</a>";
411                                         } else {
412                                                 $content .= "</em>";
413                                         }
414
415                                         if ((!empty($wht)) && (($wht == $sub_what))) {
416                                                 $content .= "</strong>";
417                                         }
418                                         $wht = $sub_what; $cnt++;
419                                         // Prepare array
420                                         $content =  array(
421                                                 'menu' => $content,
422                                                 'what' => $sub_what
423                                         );
424
425                                         // Add regular menu row or bottom row?
426                                         if ($cnt < $ctl) {
427                                                 LOAD_TEMPLATE($MODE."_menu_row", false, $content);
428                                         } else {
429                                                 LOAD_TEMPLATE($MODE."_menu_bottom", false, $content);
430                                         }
431                                 }
432                         } else {
433                                 // This is a menu block... ;-)
434                                 $BLOCK_MODE = true;
435                                 $INC_BLOCK = sprintf("inc/modules/%s/action-%s.php", $MODE, $main_action);
436                                 if (FILE_READABLE($INC_BLOCK)) {
437                                         // Load include file
438                                         if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML("<tr>
439
440   <td class=\"".$MODE."_menu_whats\">");
441                                         //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
442                                         LOAD_INC($INC_BLOCK);
443                                         //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
444                                         if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML("  </td>
445 </tr>");
446                                 }
447                                 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
448                         }
449                         $main_cnt++;
450                         //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
451                         if (SQL_NUMROWS($result_main) > $main_cnt)      OUTPUT_HTML("<tr><td class=\"".$MODE."_menu_seperator\"></td></tr>");
452                 }
453
454                 // Free memory
455                 SQL_FREERESULT($result_main);
456
457                 // Close table
458                 //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
459                 OUTPUT_HTML("</table>");
460         }
461 }
462
463 // This patched function will reduce many SELECT queries for the specified or current admin login
464 function IS_ADMIN ($admin="") {
465         // Init variables
466         $ret = false; $passCookie = ""; $valPass = "";
467         //* DEBUG: */ echo __LINE__."ADMIN:".$admin."<br />";
468
469         // If admin login is not given take current from cookies...
470         if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
471                 // Get admin login and password from session/cookies
472                 $admin = get_session('admin_login');
473                 $passCookie = get_session('admin_md5');
474         }
475         //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
476
477         // Search in array for entry
478         if (isset($GLOBALS['cache_array']['admin_hash'])) {
479                 // Use cached string
480                 $valPass = $GLOBALS['cache_array']['admin_hash'];
481         } elseif ((!empty($passCookie)) && (isset($GLOBALS['cache_array']['admins']['password'][$admin])) && (!empty($admin))) {
482                 // Login data is valid or not?
483                 $valPass = generatePassString($GLOBALS['cache_array']['admins']['password'][$admin]);
484
485                 // Cache it away
486                 $GLOBALS['cache_array']['admin_hash'] = $valPass;
487
488                 // Count cache hits
489                 incrementConfigEntry('cache_hits');
490         } elseif ((!empty($admin)) && ((!EXT_IS_ACTIVE("cache"))) || (!isset($GLOBALS['cache_array']['admins']['password'][$admin]))) {
491                 // Search for admin
492                 $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
493                         array($admin), __FILE__, __LINE__);
494
495                 // Is he admin?
496                 $passDB = "";
497                 if (SQL_NUMROWS($result) == 1) {
498                         // Admin login was found so let's load password from DB
499                         list($passDB) = SQL_FETCHROW($result);
500
501                         // Temporary cache it
502                         $GLOBALS['cache_array']['admins']['password'][$admin] = $passDB;
503
504                         // Generate password hash
505                         $valPass = generatePassString($passDB);
506                 } // END - if
507
508                 // Free memory
509                 SQL_FREERESULT($result);
510         }
511
512         if (!empty($valPass)) {
513                 // Check if password is valid
514                 //* DEBUG: */ print __FUNCTION__."*".$valPass."/".$passCookie."*<br />\n";
515                 $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
516         }
517
518         // Return result of comparision
519         //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br />";
520         return $ret;
521 }
522
523 // Generates a list of "max receiveable emails per day"
524 function ADD_MAX_RECEIVE_LIST ($MODE, $default = "", $return = false) {
525         $OUT = "";
526         switch ($MODE) {
527         case "guest":
528                 // Guests (in the registration form) are not allowed to select 0 mails per day.
529                 $result = SQL_QUERY("SELECT value, comment FROM `{!_MYSQL_PREFIX!}_max_receive` WHERE value > 0 ORDER BY value", __FILE__, __LINE__);
530                 if (SQL_NUMROWS($result) > 0) {
531                         $OUT = "";
532                         while (list($value, $comment) = SQL_FETCHROW($result)) {
533                                 $OUT .= "      <option value=\"".$value."\"";
534                                 if (REQUEST_POST('max_mails') == $value) $OUT .= " selected=\"selected\"";
535                                 $OUT .= ">".$value." {--PER_DAY--}";
536                                 if (!empty($comment)) $OUT .= " (".$comment.")";
537                                 $OUT .= "</option>\n";
538                         }
539                         define('__MAX_RECEIVE_OPTIONS', $OUT);
540
541                         // Free memory
542                         SQL_FREERESULT($result);
543                         $OUT = LOAD_TEMPLATE("guest_receive_table", true);
544                 } else {
545                         // Maybe the admin has to setup some maximum values?
546                         debug_report_bug("Nothing is being done here?");
547                 }
548                 break;
549
550         case "member":
551                 // Members are allowed to set to zero mails per day (we will change this soon!)
552                 $result = SQL_QUERY("SELECT value, comment FROM `{!_MYSQL_PREFIX!}_max_receive` ORDER BY value", __FILE__, __LINE__);
553                 if (SQL_NUMROWS($result) > 0) {
554                         $OUT = "";
555                         while (list($value, $comment) = SQL_FETCHROW($result)) {
556                                 $OUT .= "      <option value=\"".$value."\"";
557                                 if ($default == $value) $OUT .= " selected=\"selected\"";
558                                 $OUT .= ">".$value." {--PER_DAY--}";
559                                 if (!empty($comment)) $OUT .= " (".$comment.")";
560                                 $OUT .= "</option>\n";
561                         }
562                         define('__MAX_RECEIVE_OPTIONS', $OUT);
563                         SQL_FREERESULT($result);
564                         $OUT = LOAD_TEMPLATE("member_receive_table", true);
565                 } else {
566                         // Maybe the admin has to setup some maximum values?
567                         $OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('NO_MAX_VALUES'));
568                 }
569                 break;
570         }
571
572         if ($return) {
573                 // Return generated HTML code
574                 return $OUT;
575         } else {
576                 // Output directly (default)
577                 OUTPUT_HTML($OUT);
578         }
579 }
580
581 // Checks wether the given email address is used.
582 function SEARCH_EMAIL_USERTAB ($email) {
583         // Query the database
584         $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email LIKE '{PER}%s{PER}' LIMIT 1",
585                 array($email), __FILE__, __LINE__);
586
587         // Is the email there?
588         $ret = (SQL_NUMROWS($result) == 1);
589
590         // Free the result
591         SQL_FREERESULT($result);
592
593         // Return result
594         return $ret;
595 }
596
597 // Checks wether the current user is a member
598 function IS_MEMBER () {
599         // @TODO Why is this global??? #100
600         global $status;
601         if (!is_array($GLOBALS['last'])) $GLOBALS['last'] = array();
602         $ret = false;
603
604         // is the cache entry there?
605         if (isset($GLOBALS['cache_array']['is_member'])) {
606                 // Then return it
607                 return $GLOBALS['cache_array']['is_member'];
608         } // END - if
609
610         // Fix "deleted" cookies first
611         FIX_DELETED_COOKIES(array('userid', 'u_hash'));
612
613         // Are cookies set?
614         if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash'))) {
615                 // Cookies are set with values, but are they valid?
616                 $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
617                         array($GLOBALS['userid']), __FILE__, __LINE__);
618                 if (SQL_NUMROWS($result) == 1) {
619                         // Load data from cookies
620                         list($password, $status, $mod, $onl) = SQL_FETCHROW($result);
621
622                         // Validate password by created the difference of it and the secret key
623                         $valPass = generatePassString($password);
624
625                         // Transfer last module and online time
626                         if ((!empty($mod)) && (empty($GLOBALS['last']['module']))) {
627                                 $GLOBALS['last']['module'] = $mod;
628                                 $GLOBALS['last']['online'] = $onl;
629                         } // END - if
630
631                         // So did we now have valid data and an unlocked user?
632                         //* DEBUG: */ echo $valPass."<br />".get_session('u_hash')."<br />";
633                         if (($status == "CONFIRMED") && ($valPass == get_session('u_hash'))) {
634                                 // Account is confirmed and all cookie data is valid so he is definely logged in! :-)
635                                 $ret = true;
636                         } else {
637                                 // Maybe got locked etc.
638                                 //* DEBUG: */ echo __LINE__."!!!<br />";
639                                 destroy_user_session();
640                         }
641                 } else {
642                         // Cookie data is invalid!
643                         //* DEBUG: */ echo __LINE__."***<br />";
644                         destroy_user_session();
645                 }
646
647                 // Free memory
648                 SQL_FREERESULT($result);
649         } else {
650                 // Cookie data is invalid!
651                 //* DEBUG: */ echo __LINE__."///<br />";
652                 destroy_user_session();
653         }
654
655         // Cache status
656         $GLOBALS['cache_array']['is_member'] = $ret;
657
658         // Return status
659         return $ret;
660 }
661
662 // Validate the given menu action
663 function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false) {
664         // Is the cache entry there and we shall not update?
665         if ((isset($GLOBALS['cache_array']['action_valid'][$MODE][$act][$wht])) && ($UPDATE === false)) {
666                 // Count cache hit
667                 incrementConfigEntry('cache_hits');
668
669                 // Then use this cache
670                 return $GLOBALS['cache_array']['action_valid'][$MODE][$act][$wht];
671         } // END - if
672
673         // By default nothing is valid
674         $ret = false;
675
676         // Look in all menus or only unlocked
677         $ADD = "";
678         if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND `locked`='N'";
679
680         //* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";
681         if (($MODE != "admin") && ($UPDATE === true)) {
682                 // Update guest or member menu
683                 $SQL = SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s_menu` SET counter=counter+1 WHERE `action`='%s' AND `what`='%s'".$ADD." LIMIT 1",
684                         array($MODE, $act, $wht), __FILE__, __LINE__, false);
685         } elseif (($wht != "overview") && (!empty($wht))) {
686                 // Other actions
687                 $SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND `what`='%s'".$ADD." ORDER BY action DESC LIMIT 1",
688                         array($MODE, $act, $wht), __FILE__, __LINE__, false);
689         } else {
690                 // Admin login overview
691                 $SQL = SQL_QUERY_ESC("SELECT id, what FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `action`='%s' AND (what='' OR `what` IS NULL)".$ADD." ORDER BY action DESC LIMIT 1",
692                         array($MODE, $act), __FILE__, __LINE__, false);
693         }
694
695         // Run SQL command
696         $result = SQL_QUERY($SQL, __FILE__, __LINE__);
697         if ($UPDATE === true) {
698                 // Check updated/affected rows
699                 $ret = (SQL_AFFECTEDROWS() == 1);
700         } else {
701                 // Check found rows
702                 $ret = (SQL_NUMROWS($result) == 1);
703         }
704
705         // Free memory
706         SQL_FREERESULT($result);
707
708         // Set cache entry
709         $GLOBALS['cache_array']['action_valid'][$MODE][$act][$wht] = $ret;
710
711         // Return result
712         return $ret;
713 }
714
715 //
716 function GET_MOD_DESCR($MODE, $wht, $column="what") {
717         // Fix empty "what"
718         if (empty($wht)) {
719                 $wht = "welcome";
720                 if (getConfig('index_home') != "") $wht = getConfig('index_home');
721         } // END - if
722
723         // Default is not found
724         $ret = "??? (".$wht.")";
725
726         // Look for title
727         $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE %s='%s' LIMIT 1",
728                 array($MODE, $column, $wht), __FILE__, __LINE__);
729
730         // Is there an entry?
731         if (SQL_NUMROWS($result) == 1) {
732                 // Fetch the title
733                 list($ret) = SQL_FETCHROW($result);
734         } // END - if
735
736         // Free result
737         SQL_FREERESULT($result);
738         return $ret;
739 }
740 //
741 function SEND_MODE_MAILS($mod, $modes) {
742         global $DATA;
743
744         // Load hash
745         $result_main = SQL_QUERY_ESC("SELECT password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
746                 array($GLOBALS['userid']), __FILE__, __LINE__);
747         if (SQL_NUMROWS($result_main) == 1) {
748                 // Load hash from database
749                 list($hashDB) = SQL_FETCHROW($result_main);
750
751                 // Extract salt from cookie
752                 $salt = substr(get_session('u_hash'), 0, -40);
753
754                 // Now let's compare passwords
755                 $hash = generatePassString($hashDB);
756                 if (($hash == get_session('u_hash')) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) {
757                         // Load user's data
758                         $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND password='%s' LIMIT 1",
759                                 array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__);
760                         if (SQL_NUMROWS($result) == 1) {
761                                 // Load the data
762                                 $DATA = SQL_FETCHROW($result);
763
764                                 // Free result
765                                 SQL_FREERESULT($result);
766
767                                 // Translate gender
768                                 $DATA[0] = TRANSLATE_GENDER($DATA[0]);
769
770                                 // Clear/init the content variable
771                                 $content = "";
772                                 $DATA['info'] = "";
773
774                                 switch ($mod)
775                                 {
776                                 case "mydata":
777                                         foreach ($modes as $mode) {
778                                                 switch ($mode)
779                                                 {
780                                                 case "normal": break; // Do not add any special lines
781
782                                                 case "email": // Email was changed!
783                                                         $content = MEMBER_CHANGED_EMAIL.": ".REQUEST_POST('old_addy')."\n";
784                                                         break;
785
786                                                 case "pass": // Password was changed
787                                                         $content = MEMBER_CHANGED_PASS."\n";
788                                                         break;
789
790                                                 default:
791                                                         DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode));
792                                                         $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n";
793                                                         break;
794                                                 } // END - switch
795                                         } // END - if
796
797                                         if (EXT_IS_ACTIVE("country")) {
798                                                 // Replace code with description
799                                                 $DATA[4] = COUNTRY_GENERATE_INFO(REQUEST_POST('country_code'));
800                                         } // END - if
801
802                                         // Load template
803                                         $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);
804
805                                         if (getConfig('admin_notify') == "Y") {
806                                                 // The admin needs to be notified about a profile change
807                                                 $msg_admin = "admin_mydata_notify";
808                                                 $sub_adm   = ADMIN_CHANGED_DATA;
809                                         } else {
810                                                 // No mail to admin
811                                                 $msg_admin = "";
812                                                 $sub_adm   = "";
813                                         }
814
815                                         // Set subject lines
816                                         $sub_mem = MEMBER_CHANGED_DATA;
817
818                                         // Output success message
819                                         $content = "<span class=\"member_done\">".MYDATA_MAIL_SENT."</span>";
820                                         break;
821
822                                 default:
823                                         DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unsupported module %s detected.", $mod));
824                                         $content = "<span class=\"member_failed\">".UNKNOWN_MODULE."</span>";
825                                         break;
826                                 } // END - switch
827                         } else {
828                                 // Could not load profile data
829                                 $content = "<span class=\"member_failed\">{--MEMBER_CANNOT_LOAD_PROFILE--}</span>";
830                         }
831                 } else {
832                         // Passwords mismatch
833                         $content = "<span class=\"member_failed\">{--MEMBER_PASSWORD_ERROR--}</span>";
834                 }
835         } else {
836                 // Could not load profile
837                 $content = "<span class=\"member_failed\">{--MEMBER_CANNOT_LOAD_PROFILE--}</span>";
838         }
839
840         // Send email to user if required
841         if ((!empty($sub_mem)) && (!empty($msg))) {
842                 // Send member mail
843                 SEND_EMAIL($DATA[7], $sub_mem, $msg);
844         } // END - if
845
846         // Send only if no other error has occured
847         if (empty($content)) {
848                 if ((!empty($sub_adm)) && (!empty($msg_admin))) {
849                         // Send admin mail
850                         SEND_ADMIN_NOTIFICATION($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
851                 } elseif (getConfig('admin_notify') == "Y") {
852                         // Cannot send mails to admin!
853                         $content = getMessage('CANNOT_SEND_ADMIN_MAILS');
854                 } else {
855                         // No mail to admin
856                         $content = "<span class=\"member_done\">{--MYDATA_MAIL_SENT--}</span>";
857                 }
858         } // END - if
859
860         // Load template
861         LOAD_TEMPLATE("admin_settings_saved", false, $content);
862 }
863 // Update module counter
864 function COUNT_MODULE($mod) {
865         if ($mod != "css") {
866                 // Do count all other modules but not accesses on CSS file css.php!
867                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_mod_reg` SET clicks=clicks+1 WHERE module='%s' LIMIT 1",
868                         array($mod), __FILE__, __LINE__);
869         } // END - if
870 }
871 // Get action value from mode (admin/guest/member) and what-value
872 function GET_ACTION ($MODE, &$wht) {
873         // Init status
874         $ret = "";
875
876         //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br />";
877         if ((empty($wht)) && ($MODE != "admin")) {
878                 $wht = "welcome";
879                 if (getConfig('index_home') != "") $wht = getConfig('index_home');
880         } // END - if
881
882         if ($MODE == "admin") {
883                 // Action value for admin area
884                 if (!empty($GLOBALS['action'])) {
885                         // Get it directly from URL
886                         return $GLOBALS['action'];
887                 } elseif (($wht == "overview") || (empty($GLOBALS['what']))) {
888                         // Default value for admin area
889                         $ret = "login";
890                 }
891         } elseif (!empty($GLOBALS['action'])) {
892                 // Get it directly from URL
893                 return $GLOBALS['action'];
894         }
895         //* DEBUG: */ echo __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ret=".$ret."<br />\n";
896
897         // Does the module have a menu?
898         if (MODULE_HAS_MENU($MODE)) {
899                 // Rewriting modules to menu
900                 switch ($MODE) {
901                         case "index": $MODE = "guest";  break;
902                         case "login": $MODE = "member"; break;
903                 } // END - switch
904
905                 // Guest and member menu is "main" as the default
906                 if (empty($ret)) $ret = "main";
907
908                 // Load from database
909                 $result = SQL_QUERY_ESC("SELECT action FROM `{!_MYSQL_PREFIX!}_%s_menu` WHERE `what`='%s' LIMIT 1",
910                         array($MODE, $wht), __FILE__, __LINE__);
911                 if (SQL_NUMROWS($result) == 1) {
912                         // Load action value and pray that this one is the right you want... ;-)
913                         list($ret) = SQL_FETCHROW($result);
914                 } // END - if
915
916                 // Free memory
917                 SQL_FREERESULT($result);
918         } elseif ((GET_EXT_VERSION("sql_patches") == "") && ($MODE != "admin")) {
919                 // No sql_patches installed, but maybe we need to register an admin?
920                 if (isAdminRegistered()) {
921                         // Redirect
922                         // @TODO Why does this lead into an endless loop but we still need it???
923                         LOAD_URL("admin.php");
924                 } // END - if
925         }
926
927         // Return action value
928         return $ret;
929 }
930
931 // Get category name back
932 function GET_CATEGORY ($cid) {
933         // Default is not found
934         $ret = getMessage('_CATEGORY_404');
935
936         // Is the category id set?
937         if ($cid == "0") {
938                 // No category
939                 $ret = getMessage('_CATEGORY_NONE');
940         } elseif ($cid > 0) {
941                 // Lookup the category in database
942                 $result = SQL_QUERY_ESC("SELECT cat FROM `{!_MYSQL_PREFIX!}_cats` WHERE id=%s LIMIT 1",
943                         array(bigintval($cid)), __FILE__, __LINE__);
944                 if (SQL_NUMROWS($result) == 1) {
945                         // Category found... :-)
946                         list($ret) = SQL_FETCHROW($result);
947                 } // END - if
948
949                 // Free result
950                 SQL_FREERESULT($result);
951         } // END - if
952
953         // Return result
954         return $ret;
955 }
956
957 // Get a string of "mail title" and price back
958 function GET_PAYMENT ($pid, $full=false) {
959         // Default is not found
960         $ret = getMessage('_PAYMENT_404');
961
962         // Load payment data
963         $result = SQL_QUERY_ESC("SELECT mail_title, price FROM `{!_MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
964                 array(bigintval($pid)), __FILE__, __LINE__);
965         if (SQL_NUMROWS($result) == 1) {
966                 // Payment type found... :-)
967                 if (!$full) {
968                         // Return only title
969                         list($ret) = SQL_FETCHROW($result);
970                 } else {
971                         // Return title and price
972                         list($t, $p) = SQL_FETCHROW($result);
973                         $ret = $t." / ".TRANSLATE_COMMA($p)." {!POINTS!}";
974                 }
975         }
976
977         // Free result
978         SQL_FREERESULT($result);
979
980         // Return result
981         return $ret;
982 }
983
984 // Get (basicly) the price of given payment id
985 function GET_PAY_POINTS ($pid, $lookFor = "price") {
986         $ret = "-1";
987         $result = SQL_QUERY_ESC("SELECT %s FROM `{!_MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
988                 array($lookFor, $pid), __FILE__, __LINE__);
989         if (SQL_NUMROWS($result) == 1) {
990                 // Payment type found... :-)
991                 list($ret) = SQL_FETCHROW($result);
992                 SQL_FREERESULT($result);
993         }
994         return $ret;
995 }
996
997 // Remove a receiver's ID from $ARRAY and add a link for him to confirm
998 function REMOVE_RECEIVER (&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false) {
999         $ret = "failed";
1000         if ($uid > 0)
1001         {
1002                 // Remove entry from array
1003                 unset($ARRAY[$key]);
1004
1005                 // Is there already a line for this user available?
1006                 if ($stats_id > 0)
1007                 {
1008                         // Only when we got a real stats ID continue searching for the entry
1009                         $type = "NORMAL"; $rowName = "stats_id";
1010                         if ($bonus) { $type = "BONUS"; $rowName = "bonus_id"; }
1011                         $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_user_links` WHERE %s='%s' AND userid=%s AND link_type='%s' LIMIT 1",
1012                          array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
1013                         if (SQL_NUMROWS($result) == 0)
1014                         {
1015                                 // No, so we add one!
1016                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_links` (%s, userid, link_type) VALUES ('%s','%s','%s')",
1017                                  array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
1018                                 $ret = "done";
1019                         }
1020                          else
1021                         {
1022                                 // Already found
1023                                 $ret = "already";
1024                         }
1025
1026                         // Free memory
1027                         SQL_FREERESULT($result);
1028                 }
1029         }
1030         // Return status for sending routine
1031         return $ret;
1032 }
1033
1034 // Calculate sum (default) or count records of given criteria
1035 function GET_TOTAL_DATA ($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false, $add="") {
1036         $ret = 0;
1037         //* DEBUG: */ echo $search."/".$tableName."/".$lookFor."/".$whereStatement."/".$add."<br />\n";
1038         if (($onlyRows) || ($lookFor == "userid")) {
1039                 // Count rows
1040                 //* DEBUG: */ echo "COUNT!<br />\n";
1041                 $result = SQL_QUERY_ESC("SELECT COUNT(`%s`) FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`='%s'".$add,
1042                         array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
1043         } else {
1044                 // Add all rows
1045                 //* DEBUG: */ echo "SUM!<br />\n";
1046                 $result = SQL_QUERY_ESC("SELECT SUM(`%s`) FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`='%s'".$add,
1047                         array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
1048         }
1049
1050         // Load row
1051         list($ret) = SQL_FETCHROW($result);
1052
1053         // Free result
1054         SQL_FREERESULT($result);
1055
1056         // Fix empty values
1057         if ((empty($ret)) && ($lookFor != "counter") && ($lookFor != "id") && ($lookFor != "userid")) {
1058                 // Float number
1059                 $ret = "0.00000";
1060         } elseif ("".$ret."" == "") {
1061                 // Fix empty result
1062                 $ret = "0";
1063         }
1064
1065         // Return value
1066         return $ret;
1067 }
1068 // "Getter fro ref level percents
1069 function GET_REF_LEVEL_PERCENTS ($level) {
1070         // Default is zero
1071         $per = 0;
1072
1073         // Do we have cache?
1074         if ((isset($GLOBALS['cache_array']['ref_depths']['level'])) && (EXT_IS_ACTIVE("cache"))) {
1075                 // First look for level
1076                 $key = array_search($level, $GLOBALS['cache_array']['ref_depths']['level']);
1077                 if ($key !== false) {
1078                         // Entry found!
1079                         $per = $GLOBALS['cache_array']['ref_depths']['percents'][$key];
1080
1081                         // Count cache hit
1082                         incrementConfigEntry('cache_hits');
1083                 }
1084         } elseif (!EXT_IS_ACTIVE("cache")) {
1085                 // Get referal data
1086                 $result_lvl = SQL_QUERY_ESC("SELECT percents FROM `{!_MYSQL_PREFIX!}_refdepths` WHERE level='%s' LIMIT 1",
1087                         array(bigintval($level)), __FILE__, __LINE__);
1088
1089                 // Entry found?
1090                 if (SQL_NUMROWS($result_lvl) == 1) {
1091                         // Get percents
1092                         list($per) = SQL_FETCHROW($result_lvl);
1093                 } // END - if
1094
1095                 // Free result
1096                 SQL_FREERESULT($result_lvl);
1097         }
1098
1099         // Return percent
1100         return $per;
1101 }
1102 /**
1103  *
1104  * Dynamic referal system, can also send mails!
1105  *
1106  * subject     = Subject line, write in lower-case letters and underscore is allowed
1107  * uid         = Referal ID wich should receive...
1108  * points      = ... xxx points
1109  * send_notify = shall I send the referal an email or not?
1110  * rid         = inc/modules/guest/what-confirm.php need this (DEPRECATED???)
1111  * locked      = Shall I pay it to normal (false) or locked (true) points ammount?
1112  * add_mode    = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
1113  *               for default value will cause no referal will get points ever!!!)
1114  */
1115 function ADD_POINTS_REFSYSTEM ($subject, $uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref") {
1116         //* DEBUG: */ print "----------------------- <font color=\"#00aa00\">".__FUNCTION__." - ENTRY</font> ------------------------<ul><li>\n";
1117         global $DATA;
1118
1119         // Convert mode to lower-case
1120         $add_mode = strtolower($add_mode);
1121
1122         // When $uid = 0 add points to jackpot
1123         if ($uid == "0") {
1124                 // Add points to jackpot
1125                 ADD_JACKPOT($points);
1126                 return;
1127         } // END - if
1128
1129         // Add booking record if extension is installed
1130         if (EXT_IS_ACTIVE("booking")) {
1131                 // Add record
1132                 ADD_BOOKING_RECORD($subject, $uid, $points, "add");
1133         } // END - if
1134
1135         // Count up referal depth
1136         if (!isset($GLOBALS['ref_level'])) {
1137                 // Initialialize referal system
1138                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): Referal system initialized!<br />\n";
1139                 $GLOBALS['ref_level'] = 0;
1140         } else {
1141                 // Increase referal level
1142                 $GLOBALS['ref_level']++;
1143                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): Referal level increased. DEPTH={$GLOBALS['ref_level']}<br />\n";
1144         }
1145
1146         // Default is "normal" points
1147         $data = "points";
1148
1149         // Which points, locked or normal?
1150         if ($locked) $data = "locked_points";
1151
1152         // Check user account
1153         $result_user = SQL_QUERY_ESC("SELECT refid, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
1154                 array(bigintval($uid)), __FILE__, __LINE__);
1155
1156         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},numRows=".SQL_NUMROWS($result_user).",points={$points}<br />\n";
1157         if (SQL_NUMROWS($result_user) == 1) {
1158                 // This is the user and his ref
1159                 list($ref, $email) = SQL_FETCHROW($result_user);
1160                 $GLOBALS['cache_array']['add_uid'][$ref] = $uid;
1161
1162                 // Get percents
1163                 $per = GET_REF_LEVEL_PERCENTS($GLOBALS['ref_level']);
1164                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},points={$points},depth={$GLOBALS['ref_level']},per={$per},mode={$add_mode}<br />\n";
1165
1166                 // Some percents found?
1167                 if ($per > 0) {
1168                         // Calculate new points
1169                         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},points={$points},per={$per},depth={$GLOBALS['ref_level']}<br />\n";
1170                         $ref_points = $points * $per / 100;
1171
1172                         // Pay refback here if level > 0 and in ref-mode
1173                         if ((EXT_IS_ACTIVE("refback")) && ($GLOBALS['ref_level'] > 0) && ($per < 100) && ($add_mode == "ref") && (isset($GLOBALS['cache_array']['add_uid'][$uid]))) {
1174                                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},data={$GLOBALS['cache_array']['add_uid'][$uid]},ref_points={$ref_points},depth={$GLOBALS['ref_level']} - BEFORE!<br />\n";
1175                                 $ref_points = ADD_REFBACK_POINTS($GLOBALS['cache_array']['add_uid'][$uid], $uid, $points, $ref_points);
1176                                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},data={$GLOBALS['cache_array']['add_uid'][$uid]},ref_points={$ref_points},depth={$GLOBALS['ref_level']} - AFTER!<br />\n";
1177                         } // END - if
1178
1179                         // Update points...
1180                         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_points` SET %s=%s+%s WHERE userid=%s AND ref_depth='%s' LIMIT 1",
1181                                 array($data, $data, $ref_points, bigintval($uid), bigintval($GLOBALS['ref_level'])), __FILE__, __LINE__);
1182                         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):data={$data},ref_points={$ref_points},uid={$uid},depth={$GLOBALS['ref_level']},mode={$add_mode} - UPDATE! (".SQL_AFFECTEDROWS().")<br />\n";
1183
1184                         // No entry updated?
1185                         if (SQL_AFFECTEDROWS() < 1) {
1186                                 // First ref in this level! :-)
1187                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_points` (userid,ref_depth,%s) VALUES (%s,'%s',%s)",
1188                                         array($data, bigintval($uid), bigintval($GLOBALS['ref_level']), $ref_points), __FILE__, __LINE__);
1189                                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):data={$data},ref_points={$ref_points},uid={$uid},depth={$GLOBALS['ref_level']},mode={$add_mode} - INSERTED! (".SQL_AFFECTEDROWS().")<br />\n";
1190                         } // END - if
1191
1192                         // Update mediadata as well
1193                         if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
1194                                 // Update database
1195                                 MEDIA_UPDATE_ENTRY(array("total_points"), "add", $ref_points);
1196                         } // END - if
1197
1198                         // Points updated, maybe I shall send him an email?
1199                         if (($send_notify) && ($ref > 0) && (!$locked)) {
1200                                 // Prepare content
1201                                 $content = array(
1202                                         'percent' => $per,
1203                                         'level'   => bigintval($GLOBALS['ref_level']),
1204                                         'points'  => $ref_points,
1205                                         'refid'   => bigintval($ref)
1206                                 );
1207
1208                                 // Load email template
1209                                 $msg = LOAD_EMAIL_TEMPLATE("confirm-referal", $content, bigintval($uid));
1210
1211                                 SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
1212                         } elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) {
1213                                 // Direct payment shall be notified about
1214                                 define('__POINTS_VALUE', $ref_points);
1215
1216                                 // Prepare content
1217                                 $content = array(
1218                                         'text'   => REASON_DIRECT_PAYMENT,
1219                                         'points' => TRANSLATE_COMMA($ref_points)
1220                                 );
1221
1222                                 // Load message
1223                                 $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, $uid);
1224
1225                                 // And sent it away
1226                                 SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
1227                                 if (!REQUEST_ISSET_GET(('mid'))) LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_POINTS_ADDED'));
1228                         }
1229
1230                         // Maybe there's another ref?
1231                         if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) {
1232                                 // Then let's credit him here...
1233                                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},ref={$ref},points={$points} - ADVANCE!<br />\n";
1234                                 ADD_POINTS_REFSYSTEM(sprintf("%s_ref:%s", $subject, $GLOBALS['ref_level']), $ref, $points, $send_notify, $ref, $locked);
1235                         } // END - if
1236                 } // END - if
1237         } // END - if
1238
1239         // Free result
1240         SQL_FREERESULT($result_user);
1241         //* DEBUG: */ print "</li></ul>----------------------- <font color=\"#aa0000\">".__FUNCTION__." - EXIT</font> ------------------------<br />\n";
1242 }
1243 //
1244 function UPDATE_REF_COUNTER ($uid) {
1245         // Make it sure referal level zero (member him-/herself) is at least selected
1246         if (empty($GLOBALS['cache_array']['ref_level'][$uid])) $GLOBALS['cache_array']['ref_level'][$uid] = 1;
1247         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},level={$GLOBALS['cache_array']['ref_level'][$uid]}<br />\n";
1248
1249         // Update counter
1250         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_refsystem` SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1",
1251                 array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FILE__, __LINE__);
1252
1253         // When no entry was updated then we have to create it here
1254         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):updated=".SQL_AFFECTEDROWS()."<br />\n";
1255         if (SQL_AFFECTEDROWS() < 1) {
1256                 // First count!
1257                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_refsystem` (userid, level, counter) VALUES (%s,%s,1)",
1258                         array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FILE__, __LINE__);
1259                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid}<br />\n";
1260         } // END - if
1261
1262         // Check for his referal
1263         $result = SQL_QUERY_ESC("SELECT refid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
1264                 array(bigintval($uid)), __FILE__, __LINE__);
1265
1266         // Load refid
1267         list($ref) = SQL_FETCHROW($result);
1268
1269         // Free memory
1270         SQL_FREERESULT($result);
1271         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},ref={$ref}<br />\n";
1272
1273         // When he has a referal...
1274         if (($ref > 0) && ($ref != $uid)) {
1275                 // Move to next referal level and count his counter one up!
1276                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ref={$ref} - ADVANCE!<br />\n";
1277                 $GLOBALS['cache_array']['ref_level'][$uid]++; UPDATE_REF_COUNTER($ref);
1278         } elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2")) {
1279                 // Remove cache here
1280                 //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ref={$ref} - CACHE!<br />\n";
1281                 REBUILD_CACHE("refsystem", "refsystem");
1282         }
1283
1284         // "Walk" back here
1285         $GLOBALS['cache_array']['ref_level'][$uid]--;
1286
1287         // Handle refback here if extension is installed
1288         if (EXT_IS_ACTIVE("refback")) {
1289                 UPDATE_REFBACK_table($uid);
1290         } // END - if
1291 }
1292
1293 // OBSOLETE: Sends out mail to all administrators
1294 function SEND_ADMIN_EMAILS ($subj, $msg) {
1295         // Load all admin email addresses
1296         $result = SQL_QUERY("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id` ASC", __FILE__, __LINE__);
1297         while (list($email) = SQL_FETCHROW($result)) {
1298                 // Send the email out
1299                 SEND_EMAIL($email, $subj, $msg);
1300         } // END - if
1301
1302         // Free result
1303         SQL_FREERESULT($result);
1304
1305         // Really simple... ;-)
1306 }
1307
1308 // Get ID number from administrator's login name
1309 function GET_ADMIN_ID ($login) {
1310         // By default no admin is found
1311         $ret = "-1";
1312
1313         // Check cache
1314         if (isset($GLOBALS['cache_array']['admins']['aid'][$login])) {
1315                 // Use it if found to save SQL queries
1316                 $ret = $GLOBALS['cache_array']['admins']['aid'][$login];
1317
1318                 // Update cache hits
1319                 incrementConfigEntry('cache_hits');
1320         } elseif (!EXT_IS_ACTIVE("cache")) {
1321                 // Load from database
1322                 $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
1323                         array($login), __FILE__, __LINE__);
1324                 if (SQL_NUMROWS($result) == 1) {
1325                         list($ret) = SQL_FETCHROW($result);
1326                 } // END - if
1327
1328                 // Free result
1329                 SQL_FREERESULT($result);
1330         }
1331         return $ret;
1332 }
1333
1334 // "Getter" for current admin id
1335 function GET_CURRENT_ADMIN_ID () {
1336         // Get the admin login from session
1337         $adminLogin = get_session('admin_login');
1338
1339         // "Solve" it into an id
1340         $adminId = GET_ADMIN_ID($adminLogin);
1341
1342         // Secure and return it
1343         return bigintval($adminId);
1344 }
1345
1346 // Get password hash from administrator's login name
1347 function GET_ADMIN_HASH ($aid) {
1348         // By default an invalid hash is returned
1349         $ret = "-1";
1350
1351         if (isset($GLOBALS['cache_array']['admins']['password'][$aid])) {
1352                 // Check cache
1353                 $ret = $GLOBALS['cache_array']['admins']['password'][$aid];
1354
1355                 // Update cache hits
1356                 incrementConfigEntry('cache_hits');
1357         } elseif (!EXT_IS_ACTIVE("cache")) {
1358                 // Load from database
1359                 $result = SQL_QUERY_ESC("SELECT password FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
1360                  array($aid), __FILE__, __LINE__);
1361                 if (SQL_NUMROWS($result) == 1) {
1362                         // Fetch data
1363                         list($ret) = SQL_FETCHROW($result);
1364
1365                         // Set cache
1366                         $GLOBALS['cache_array']['admins']['password'][$aid] = $ret;
1367                 }
1368
1369                 // Free result
1370                 SQL_FREERESULT($result);
1371         }
1372         return $ret;
1373 }
1374 //
1375 function GET_ADMIN_LOGIN ($aid) {
1376         // By default a non-existent login is returned (other functions react on this!)
1377         $ret = "***";
1378
1379         if (isset($GLOBALS['cache_array']['admins']['login'][$aid])) {
1380                 // Get cache
1381                 $ret = $GLOBALS['cache_array']['admins']['login'][$aid];
1382
1383                 // Update cache hits
1384                 incrementConfigEntry('cache_hits');
1385         } elseif (!EXT_IS_ACTIVE("cache")) {
1386                 // Load from database
1387                 $result = SQL_QUERY_ESC("SELECT login FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
1388                         array(bigintval($aid)), __FILE__, __LINE__);
1389                 if (SQL_NUMROWS($result) == 1) {
1390                         // Fetch data
1391                         list($ret) = SQL_FETCHROW($result);
1392
1393                         // Set cache
1394                         $GLOBALS['cache_array']['admins']['login'][$aid] = $ret;
1395                 } // END - if
1396
1397                 // Free memory
1398                 SQL_FREERESULT($result);
1399         }
1400         return $ret;
1401 }
1402 // Get email address of admin id
1403 function GET_ADMIN_EMAIL ($aid) {
1404         // By default an invalid emails is returned
1405         $ret = "***";
1406
1407         if (isset($GLOBALS['cache_array']['admins']['email'][$aid])) {
1408                 // Get cache
1409                 $ret = $GLOBALS['cache_array']['admins']['email'][$aid];
1410
1411                 // Update cache hits
1412                 incrementConfigEntry('cache_hits');
1413         } elseif (!EXT_IS_ACTIVE("cache")) {
1414                 // Load from database
1415                 $result_aid = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
1416                         array(bigintval($aid)), __FILE__, __LINE__);
1417                 if (SQL_NUMROWS($result_aid) == 1) {
1418                         // Get data
1419                         list($ret) = SQL_FETCHROW($result_aid);
1420
1421                         // Set cache
1422                         $GLOBALS['cache_array']['admins']['email'][$aid] = $ret;
1423                         } // END - if
1424
1425                 // Free result
1426                 SQL_FREERESULT($result_aid);
1427         }
1428
1429         // Return email
1430         return $ret;
1431 }
1432 // Get default ACL  of admin id
1433 function GET_ADMIN_DEFAULT_ACL ($aid) {
1434         // By default an invalid ACL value is returned
1435         $ret = "***";
1436
1437         if (isset($GLOBALS['cache_array']['admins']['def_acl'][$aid])) {
1438                 // Use cache
1439                 $ret = $GLOBALS['cache_array']['admins']['def_acl'][$aid];
1440
1441                 // Update cache hits
1442                 incrementConfigEntry('cache_hits');
1443         } elseif (!EXT_IS_ACTIVE("cache")) {
1444                 // Load from database
1445                 $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
1446                         array(bigintval($aid)), __FILE__, __LINE__);
1447                 if (SQL_NUMROWS($result_aid) == 1) {
1448                         // Fetch data
1449                         list($ret) = SQL_FETCHROW($result_aid);
1450
1451                         // Set cache
1452                         $GLOBALS['cache_array']['admins']['def_acl'][$aid] = $ret;
1453                 }
1454
1455                 // Free result
1456                 SQL_FREERESULT($result_aid);
1457         }
1458
1459         // Return email
1460         return $ret;
1461 }
1462 //
1463 function ADD_OPTION_LINES ($table, $id, $name, $default="", $special="", $where="") {
1464         $ret = "";
1465         if ($table == "/ARRAY/") {
1466                 // Selection from array
1467                 if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name)) {
1468                         // Both are arrays
1469                         foreach ($id as $idx => $value) {
1470                                 $ret .= "<option value=\"".$value."\"";
1471                                 if ($default == $value) $ret .= " selected=\"selected\"";
1472                                 $ret .= ">".$name[$idx]."</option>\n";
1473                         } // END - foreach
1474                 } // END - if
1475         } else {
1476                 // Data from database
1477                 $SPEC = ", ".$id;
1478                 if (!empty($special)) $SPEC = ", ".$special;
1479                 $ORDER = $name.$SPEC;
1480                 if ($table == "country") $ORDER = $special;
1481                 $result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM `{!_MYSQL_PREFIX!}_%s` ".$where." ORDER BY %s",
1482                         array($id, $ORDER, $table, $name), __FILE__, __LINE__);
1483                 if (SQL_NUMROWS($result) > 0) {
1484                         // Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option
1485                         while (list($value, $title, $add) = SQL_FETCHROW($result)) {
1486                                 if (empty($special)) $add = "";
1487                                 $ret .= "<option value=\"".$value."\"";
1488                                 if ($default == $value) $ret .= " selected=\"selected\"";
1489                                 if (!empty($add)) $add = " (".$add.")";
1490                                 $ret .= ">".$title.$add."</option>\n";
1491                         } // END - while
1492
1493                         // Free memory
1494                         SQL_FREERESULT($result);
1495                 } else {
1496                         // No data found
1497                         $ret = "<option value=\"x\">".SELECT_NONE."</option>\n";
1498                 }
1499         }
1500
1501         // Return - hopefully - the requested data
1502         return $ret;
1503 }
1504 // Activate exchange (DEPERECATED???)
1505 function activateExchange() {
1506         // Check total amount of users
1507         $totalUsers = GET_TOTAL_DATA("CONFIRMED", "user_data", "userid", "status", true, " AND max_mails > 0");
1508
1509         if ($totalUsers >= getConfig('activate_xchange')) {
1510                 // Activate System
1511                 $SQLs = array(
1512                         "UPDATE `{!_MYSQL_PREFIX!}_mod_reg` SET `locked`='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
1513                         "UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='Y', `locked`='N' WHERE `what`='order' OR `what`='unconfirmed' LIMIT 2",
1514                         "UPDATE `{!_MYSQL_PREFIX!}_config` SET activate_xchange='0' WHERE config=0 LIMIT 1"
1515                 );
1516
1517                 // Run SQLs
1518                 RUN_FILTER('run_sqls', array('dry_run' => false, 'sqls' => $SQLs));
1519
1520                 // Rebuild cache
1521                 REBUILD_CACHE("config", "config");
1522         } // END - if
1523 }
1524 //
1525 function DELETE_USER_ACCOUNT($uid, $reason)
1526 {
1527         $points = 0;
1528         $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points
1529 FROM `{!_MYSQL_PREFIX!}_user_points` AS p
1530 LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS d
1531 ON p.userid=d.userid
1532 WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
1533         if (SQL_NUMROWS($result) == 1) {
1534                 // Save his points to add them to the jackpot
1535                 list($points) = SQL_FETCHROW($result);
1536                 SQL_FREERESULT($result);
1537
1538                 // Delete points entries as well
1539                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_points` WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
1540
1541                 // Update mediadata as well
1542                 if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
1543                         // Update database
1544                         MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
1545                 } // END - if
1546
1547                 // Now, when we have all his points adds them do the jackpot!
1548                 ADD_JACKPOT($points);
1549         }
1550
1551         // Delete category selections as well...
1552         SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE userid=%s",
1553                 array(bigintval($uid)), __FILE__, __LINE__);
1554
1555         // Remove from rallye if found
1556         if (EXT_IS_ACTIVE("rallye")) {
1557                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_rallye_users` WHERE userid=%s",
1558                         array(bigintval($uid)), __FILE__, __LINE__);
1559         }
1560
1561         // Now a mail to the user and that's all...
1562         $msg = LOAD_EMAIL_TEMPLATE("del-user", array('text' => $reason), $uid);
1563         SEND_EMAIL($uid, getMessage('ADMIN_DEL_ACCOUNT'), $msg);
1564
1565         // Ok, delete the account!
1566         SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
1567 }
1568
1569 //
1570 function META_DESCRIPTION ($mod, $wht) {
1571         // Exclude admin and member's area
1572         if (($mod != "admin") && ($mod != "login")) {
1573                 // Construct dynamic description
1574                 $DESCR = "{!MAIN_TITLE!} ".trim(getConfig('title_middle'))." ".ADD_DESCR("guest", "what-".$wht, true);
1575
1576                 // Output it directly
1577                 OUTPUT_HTML("<meta name=\"description\" content=\"".$DESCR."\" />");
1578         } // END - if
1579
1580         // Remove depth
1581         unset($GLOBALS['ref_level']);
1582 }
1583 //
1584 function ADD_JACKPOT($points) {
1585         $result = SQL_QUERY("SELECT points FROM `{!_MYSQL_PREFIX!}_jackpot` WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
1586         if (SQL_NUMROWS($result) == 0) {
1587                 // Create line
1588                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_jackpot` (ok, points) VALUES ('ok','%s')", array($points), __FILE__, __LINE__);
1589         } else {
1590                 // Free memory
1591                 SQL_FREERESULT($result);
1592
1593                 // Update points
1594                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_jackpot` SET points=points+%s WHERE ok='ok' LIMIT 1",
1595                         array($points), __FILE__, __LINE__);
1596         }
1597 }
1598 //
1599 function SUB_JACKPOT($points) {
1600         // First failed
1601         $ret = "-1";
1602
1603         // Get current points
1604         $result = SQL_QUERY("SELECT points FROM `{!_MYSQL_PREFIX!}_jackpot` WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
1605         if (SQL_NUMROWS($result) == 0) {
1606                 // Create line
1607                 SQL_QUERY("INSERT INTO `{!_MYSQL_PREFIX!}_jackpot` (ok, points) VALUES ('ok', 0.00000)", __FILE__, __LINE__);
1608         } else {
1609                 // Read points
1610                 list($jackpot) = SQL_FETCHROW($result);
1611                 if ($jackpot >= $points) {
1612                         // Update points when there are enougth points in jackpot
1613                         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_jackpot` SET points=points-%s WHERE ok='ok' LIMIT 1",
1614                                 array($points), __FILE__, __LINE__);
1615                         $ret = $jackpot - $points;
1616                 } // END - if
1617         }
1618
1619         // Free memory
1620         SQL_FREERESULT($result);
1621 }
1622 //
1623 function IS_DEMO () {
1624         return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo"));
1625 }
1626 //
1627 function LOAD_CONFIG ($no="0") {
1628         $CFG_DUMMY = array();
1629
1630         // Check for cache extension, cache-array and if the requested configuration is in cache
1631         if ((is_array($GLOBALS['cache_array'])) && (isset($GLOBALS['cache_array']['config'][$no])) && (is_array($GLOBALS['cache_array']['config'][$no]))) {
1632                 // Load config from cache
1633                 //* DEBUG: */ echo gettype($GLOBALS['cache_array']['config'][$no])."<br />\n";
1634                 foreach ($GLOBALS['cache_array']['config'][$no] as $key => $value) {
1635                         $CFG_DUMMY[$key] = $value;
1636                 } // END - foreach
1637
1638                 // Count cache hits if exists
1639                 if ((isset($CFG_DUMMY['cache_hits'])) && (EXT_IS_ACTIVE("cache"))) {
1640                         $CFG_DUMMY['cache_hits']++;
1641                 } // END - if
1642         } elseif ((!EXT_IS_ACTIVE("cache")) || (!isset($GLOBALS['cache_array']['config'][$no]))) {
1643                 // Load config from DB
1644                 $result_config = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_config` WHERE config=%d LIMIT 1",
1645                         array(bigintval($no)), __FILE__, __LINE__);
1646
1647                 // Get config from database
1648                 $CFG_DUMMY = SQL_FETCHARRAY($result_config);
1649
1650                 // Free result
1651                 SQL_FREERESULT($result_config);
1652
1653                 // Remember this config in the array
1654                 $GLOBALS['cache_array']['config'][$no] = $CFG_DUMMY;
1655         }
1656
1657         // Return config array
1658         return $CFG_DUMMY;
1659 }
1660 // Gets the matching what name from module
1661 function GET_WHAT($modCheck) {
1662         $wht = "";
1663         //* DEBUG: */ echo __LINE__."!".$modCheck."!<br />\n";
1664         switch ($modCheck)
1665         {
1666         case "admin":
1667                 $wht = "overview";
1668                 break;
1669
1670         case "login":
1671         case "index":
1672                 $wht = "welcome";
1673                 if (($modCheck == "index") && (getConfig('index_home') != "")) $wht = getConfig('index_home');
1674                 break;
1675
1676         default:
1677                 $wht = "";
1678                 break;
1679         }
1680
1681         // Return what value
1682         return $wht;
1683 }
1684
1685 // Subtract points from database and mediadata cache
1686 function SUB_POINTS ($subject, $uid, $points) {
1687         // Add points to used points
1688         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `used_points`=`used_points`+%s WHERE userid=%s LIMIT 1",
1689          array($points, bigintval($uid)), __FILE__, __LINE__);
1690
1691         // Insert booking record
1692         if (EXT_IS_ACTIVE("booking")) {
1693                 // Add record
1694                 ADD_BOOKING_RECORD($subject, $uid, $points, "sub");
1695         } // END - if
1696
1697         // Update mediadata as well
1698         if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
1699                 // Update database
1700                 MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
1701         } // END - if
1702 }
1703
1704 // Update config entries
1705 function UPDATE_CONFIG ($entries, $values, $updateMode="") {
1706         // Do not update config in CSS mode
1707         if (($GLOBALS['output_mode'] == "1") || ($GLOBALS['output_mode'] == -1)) {
1708                 return;
1709         } // END - if
1710
1711         // Do we have multiple entries?
1712         if (is_array($entries)) {
1713                 // Walk through all
1714                 $all = "";
1715                 foreach ($entries as $idx => $entry) {
1716                         // Update mode set?
1717                         if (!empty($updateMode)) {
1718                                 // Update entry
1719                                 // @TODO Find a way for updating $_CONFIG here
1720                                 $all .= sprintf("%s=%s%s%s,", $entry, $entry, $updateMode, (float)$values[$idx]);
1721                         } else {
1722                                 // Check if string or number
1723                                 if (($values[$idx] + 0) === $values[$idx]) {
1724                                         // Number detected
1725                                         $all .= sprintf("%s=%s,", $entry, (float)$values[$idx]);
1726                                 } elseif ($values[$idx] == "UNIX_TIMESTAMP()") {
1727                                         // Function UNIX_TIMESTAMP() detected
1728                                         $all .= sprintf("%s=%s,", $entry, $values[$idx]);
1729                                 } else {
1730                                         // String detected
1731                                         $all .= sprintf("%s='%s',", $entry, SQL_ESCAPE($values[$idx]));
1732                                 }
1733                         }
1734
1735                         // Set it in $_CONFIG as well
1736                         setConfigEntry($entry, $values[$idx]);
1737                 } // END - foreach
1738
1739                 // Remove last comma
1740                 $entries = substr($all, 0, -1);
1741         } elseif (!empty($updateMode)) {
1742                 // Update mode set
1743                 // @TODO Find a way for updating $_CONFIG here
1744                 $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$values);
1745         } else {
1746                 // Set it in $_CONFIG first
1747                 setConfigEntry($entries, $values);
1748
1749                 // Regular entry to update
1750                 $entries .= sprintf("='%s'", SQL_ESCAPE($values));
1751         }
1752
1753         // Run database update
1754         //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "entries={$entries}");
1755         SQL_QUERY("UPDATE `{!_MYSQL_PREFIX!}_config` SET ".$entries." WHERE config=0 LIMIT 1", __FILE__, __LINE__);
1756
1757         // Get affected rows
1758         $affectedRows = SQL_AFFECTEDROWS();
1759         //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):entries={$entries},affectedRows={$affectedRows}<br />\n";
1760
1761         // Rebuild cache
1762         REBUILD_CACHE("config", "config");
1763 }
1764
1765 // Prepares an SQL statement part for HTML mail and/or holiday depency
1766 function PREPARE_SQL_HTML_HOLIDAY ($mode) {
1767         // Exclude no users by default
1768         $MORE = "";
1769
1770         // HTML mail?
1771         if ($mode == "html") $MORE = " AND html='Y'";
1772         if (GET_EXT_VERSION("holiday") >= "0.1.3") {
1773                 // Add something for the holiday extension
1774                 $MORE .= " AND holiday_active='N'";
1775         } // END - if
1776
1777         // Return result
1778         return $MORE;
1779 }
1780
1781 // "Getter" for total available receivers
1782 function GET_TOTAL_RECEIVERS ($mode="normal") {
1783         // Query database
1784         $result_all = SQL_QUERY("SELECT userid
1785 FROM `{!_MYSQL_PREFIX!}_user_data`
1786 WHERE `status`='CONFIRMED' AND receive_mails > 0 ".PREPARE_SQL_HTML_HOLIDAY($mode),
1787                 __FILE__, __LINE__);
1788
1789         // Get num rows
1790         $numRows = SQL_NUMROWS($result_all);
1791
1792         // Free result
1793         SQL_FREERESULT($result_all);
1794
1795         // Return value
1796         return $numRows;
1797 }
1798
1799 // Returns HTML code with an "<option> list" of all categories
1800 function ADD_CATEGORY_OPTIONS ($mode) {
1801         // Prepare WHERE statement
1802         $whereStatement = " WHERE `visible`='Y'";
1803         if (IS_ADMIN()) $whereStatement = "";
1804
1805         // Initialize array...
1806         $CATS = array(
1807                 'id'   => array(),
1808                 'name' => array(),
1809                 'uids' => array()
1810         );
1811
1812         // Get categories
1813         $result = SQL_QUERY("SELECT id, cat FROM `{!_MYSQL_PREFIX!}_cats`".$whereStatement." ORDER BY `sort`", __FILE__, __LINE__);
1814         if (SQL_NUMROWS($result) > 0) {
1815                 // ... and begin loading stuff
1816                 while (list($id, $cat) = SQL_FETCHROW($result)) {
1817                         // Transfer some data
1818                         $CATS['id'][]   = $id;
1819                         $CATS['name'][] = $cat;
1820
1821                         // Check which users are in this category
1822                         $result_uids = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE cat_id=%s",
1823                          array(bigintval($id)), __FILE__, __LINE__);
1824
1825                         // Start adding all
1826                         $uid_cnt = 0;
1827                         while (list($ucat) = SQL_FETCHROW($result_uids)) {
1828                                 $result_ver = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data`
1829 WHERE userid=%s AND `status`='CONFIRMED' AND receive_mails > 0".PREPARE_SQL_HTML_HOLIDAY($mode)." LIMIT 1",
1830  array(bigintval($ucat)), __FILE__, __LINE__);
1831                                 $uid_cnt += SQL_NUMROWS($result_ver);
1832
1833                                 // Free memory
1834                                 SQL_FREERESULT($result_ver);
1835                         } // END - while
1836
1837                         // Free memory
1838                         SQL_FREERESULT($result_uids);
1839
1840                         // Add counter
1841                         $CATS['uids'][] = $uid_cnt;
1842                 }
1843
1844                 // Free memory
1845                 SQL_FREERESULT($result);
1846
1847                 // Generate options
1848                 $OUT = "";
1849                 foreach ($CATS['id'] as $key => $value) {
1850                         if (strlen($CATS['name'][$key]) > 20) $CATS['name'][$key] = substr($CATS['name'][$key], 0, 17)."...";
1851                         $OUT .= "      <option value=\"".$value."\">".$CATS['name'][$key]." (".$CATS['uids'][$key]." ".USER_IN_CAT.")</option>\n";
1852                 }
1853         } else {
1854                 // No cateogries are defined yet
1855                 $OUT = "<option class=\"member_failed\">{!MEMBER_NO_CATS!}</option>\n";
1856         }
1857
1858         // Return HTML code
1859         return $OUT;
1860 }
1861
1862 // Add bonus mail to queue
1863 function ADD_BONUS_MAIL_TO_QUEUE ($subject, $text, $receiverList, $points, $seconds, $url, $cat, $mode="normal", $receiver=0) {
1864         // Is admin or bonus extension there?
1865         if (!IS_ADMIN()) {
1866                 // Abort here
1867                 return false;
1868         } elseif (!EXT_IS_ACTIVE("bonus")) {
1869                 // Abort here
1870                 return false;
1871         }
1872
1873         // Calculcate target sent
1874         $target = SELECTION_COUNT(explode(";", $receiverList));
1875
1876         // Receiver is zero?
1877         if ($receiver == 0) {
1878                 // Then auto-fix it
1879                 $receiver = $target;
1880         } // END - if
1881
1882         // HTML extension active?
1883         if (EXT_IS_ACTIVE("html")) {
1884                 // No HTML by default
1885                 $HTML = "N";
1886
1887                 // HTML mode?
1888                 if ($mode == "html") $HTML = "Y";
1889
1890                 // Add HTML mail
1891                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_bonus`
1892 (subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent, html_msg)
1893 VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s')",
1894                         array(
1895                                 $subject,
1896                                 $text,
1897                                 $receiverList,
1898                                 $points,
1899                                 $seconds,
1900                                 $url,
1901                                 $cat,
1902                                 $target,
1903                                 bigintval($receiver),
1904                                 $HTML
1905                         ), __FILE__, __LINE__);
1906         } else {
1907                 // Add regular mail
1908                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_bonus`
1909 (subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent)
1910 VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')",
1911                         array(
1912                                 $subject,
1913                                 $text,
1914                                 $receiverList,
1915                                 $points,
1916                                 $seconds,
1917                                 $url,
1918                                 $cat,
1919                                 $target,
1920                                 bigintval($receiver),
1921                         ), __FILE__, __LINE__);
1922         }
1923 }
1924
1925 // Generate a receiver list for given category and maximum receivers
1926 function GENERATE_RECEIVER_LIST ($cat, $receiver, $mode="") {
1927         // Init variables
1928         $CAT_TABS     = "%s";
1929         $CAT_WHERE    = "";
1930         $receiverList = "";
1931
1932         // Secure data
1933         $cat      = bigintval($cat);
1934         $receiver = bigintval($receiver);
1935
1936         // Is the receiver zero and mode set?
1937         if (($receiver == 0) && (!empty($mode))) {
1938                 // Auto-fix receiver maximum
1939                 $receiver = GET_TOTAL_RECEIVERS($mode);
1940         } // END - if
1941
1942         // Category given?
1943         if ($cat > 0) {
1944                 // Select category
1945                 $CAT_TABS  = "LEFT JOIN `{!_MYSQL_PREFIX!}_user_cats` AS c ON d.userid=c.userid";
1946                 $CAT_WHERE = " AND c.cat_id=%s";
1947         } // END - if
1948
1949         // Exclude users in holiday?
1950         if (GET_EXT_VERSION("holiday") >= "0.1.3") {
1951                 // Add something for the holiday extension
1952                 $CAT_WHERE .= " AND d.holiday_active='N'";
1953         } // END - if
1954
1955         if ((EXT_IS_ACTIVE("html_mail")) && ($mode == "html")) {
1956                 // Only include HTML receivers
1957                 $result = SQL_QUERY_ESC("SELECT d.userid FROM `{!_MYSQL_PREFIX!}_user_data` AS d ".$CAT_TABS." WHERE d.`status`='CONFIRMED' AND d.html='Y'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s",
1958                  array($cat, getConfig('order_select'), getConfig('order_mode'), $receiver), __FILE__, __LINE__);
1959         } else {
1960                 // Include all
1961                 $result = SQL_QUERY_ESC("SELECT d.userid FROM `{!_MYSQL_PREFIX!}_user_data` AS d ".$CAT_TABS." WHERE d.`status`='CONFIRMED'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s",
1962                  array($cat, getConfig('order_select'), getConfig('order_mode'), $receiver), __FILE__, __LINE__);
1963         }
1964
1965         // Entries found?
1966         if ((SQL_NUMROWS($result) >= $receiver) && ($receiver > 0)) {
1967                 // Load all entries
1968                 while (list($REC) = SQL_FETCHROW($result)) {
1969                         // Add receiver when not empty
1970                         if (!empty($REC)) $receiverList .= $REC.";";
1971                 } // END - while
1972
1973                 // Free memory
1974                 SQL_FREERESULT($result);
1975
1976                 // Remove trailing semicolon
1977                 $receiverList = substr($receiverList, 0, -1);
1978         } // END - if
1979
1980         // Return list
1981         return $receiverList;
1982 }
1983
1984 // Get timestamp for given stats type and data
1985 function USER_STATS_GET_TIMESTAMP ($type, $data, $uid = 0) {
1986         // Default timestamp is zero
1987         $stamp = 0;
1988
1989         // User id set?
1990         if ((isset($GLOBALS['userid'])) && ($uid == 0)) {
1991                 $uid = $GLOBALS['userid'];
1992         } // END - if
1993
1994         // Is the extension installed and updated?
1995         if ((!EXT_IS_ACTIVE("sql_patches")) || (EXT_VERSION_IS_OLDER("sql_patches", "0.5.6"))) {
1996                 // Return zero here
1997                 return $stamp;
1998         } // END - if
1999
2000         // Try to find the entry
2001         $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`inserted`) AS `stamp`
2002 FROM `{!_MYSQL_PREFIX!}_user_stats_data`
2003 WHERE userid=%s AND stats_type='%s' AND stats_data='%s'
2004 LIMIT 1",
2005                 array(bigintval($uid), $type, $data), __FILE__, __LINE__);
2006
2007         // Is the entry there?
2008         if (SQL_NUMROWS($result) == 1) {
2009                 // Get this stamp
2010                 list($stamp) = SQL_FETCHROW($result);
2011         } // END - if
2012
2013         // Free result
2014         SQL_FREERESULT($result);
2015
2016         // Return stamp
2017         return $stamp;
2018 }
2019
2020 // Inserts user stats
2021 function USER_STATS_INSERT_RECORD ($uid, $type, $data) {
2022         // Is the extension installed and updated?
2023         if ((!EXT_IS_ACTIVE("sql_patches")) || (EXT_VERSION_IS_OLDER("sql_patches", "0.5.6"))) {
2024                 // Return zero here
2025                 return false;
2026         } // END - if
2027
2028         // Does it exist?
2029         if ((!USER_STATS_GET_TIMESTAMP($type, $data, $uid)) && (!is_array($data))) {
2030                 // Then insert it!
2031                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')",
2032                         array(bigintval($uid), $type, $data), __FILE__, __LINE__);
2033         } elseif (is_array($data)) {
2034                 // Invalid data!
2035                 DEBUG_LOG(__FUNCTION__, __LINE__, " uid={$uid},type={$type},data={".gettype($data).": Invalid statistics data type!");
2036         }
2037 }
2038
2039 // "Getter" for array for user refs and points in given level
2040 function GET_USER_REF_POINTS ($uid, $level) {
2041         //* DEBUG: */ print "----------------------- <font color=\"#00aa00\">".__FUNCTION__." - ENTRY</font> ------------------------<ul><li>\n";
2042         // Default is no refs and no nickname
2043         $ADD = "";
2044         $refs = array();
2045
2046         // Do we have nickname extension installed?
2047         if (EXT_IS_ACTIVE("nickname")) {
2048                 $ADD = ", ud.nickname";
2049         } // END - if
2050
2051         // Get refs from database
2052         $result = SQL_QUERY_ESC("SELECT ur.id, ur.refid, ud.status, ud.last_online, ud.mails_confirmed, ud.emails_received".$ADD."
2053 FROM `{!_MYSQL_PREFIX!}_user_refs` AS ur
2054 LEFT JOIN `{!_MYSQL_PREFIX!}_user_points` AS up
2055 ON ur.refid=up.userid AND ur.level=0
2056 LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS ud
2057 ON ur.refid=ud.userid
2058 WHERE ur.userid=%s AND ur.level=%s
2059 ORDER BY ur.refid ASC",
2060                 array(bigintval($uid), bigintval($level)), __FILE__, __LINE__);
2061
2062         // Are there some entries?
2063         if (SQL_NUMROWS($result) > 0) {
2064                 // Fetch all entries
2065                 while ($row = SQL_FETCHARRAY($result)) {
2066                         // Get total points of this user
2067                         $row['points'] = GET_TOTAL_DATA($row['refid'], "user_points", "points") - GET_TOTAL_DATA($row['refid'], "user_data", "used_points");
2068
2069                         // Get unconfirmed mails
2070                         $row['unconfirmed']  = GET_TOTAL_DATA($row['refid'], "user_links", "id", "userid", true);
2071
2072                         // Init clickrate with zero
2073                         $row['clickrate'] = 0;
2074
2075                         // Is at least one mail received?
2076                         if ($row['emails_received'] > 0) {
2077                                 // Calculate clickrate
2078                                 $row['clickrate'] = ($row['mails_confirmed'] / $row['emails_received'] * 100);
2079                         } // END - if
2080
2081                         // Activity is "active" by default because if autopurge is not installed
2082                         $row['activity'] = MEMBER_ACTIVITY_ACTIVE;
2083
2084                         // Is autopurge installed and the user inactive?
2085                         if ((EXT_IS_ACTIVE("autopurge")) && ((time() - getConfig('ap_inactive_since')) >= $row['last_online']))  {
2086                                 // Inactive user!
2087                                 $row['activity'] = MEMBER_ACTIVITY_INACTIVE;
2088                         } // END - if
2089
2090                         // Remove some entries
2091                         unset($row['mails_confirmed']);
2092                         unset($row['emails_received']);
2093                         unset($row['last_online']);
2094
2095                         // Add row
2096                         $refs[$row['id']] = $row;
2097                 } // END - while
2098         } // END - if
2099
2100         // Free result
2101         SQL_FREERESULT($result);
2102
2103         // Return result
2104         //* DEBUG: */ print "</li></ul>----------------------- <font color=\"#aa0000\">".__FUNCTION__." - EXIT</font> ------------------------<br />\n";
2105         return $refs;
2106 }
2107
2108 // Recuced the amount of received emails for the receipients for given email
2109 function REDUCT_RECIPIENT_RECEIVED_MAILS ($column, $id, $count) {
2110         // Search for mail in database
2111         $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_links` WHERE `%s`=%s ORDER BY `userid` ASC LIMIT %s",
2112                 array($column, bigintval($id), $count), __FILE__, __LINE__);
2113
2114         // Are there entries?
2115         if (SQL_NUMROWS($result) > 0) {
2116                 // Now load all userids for one big query!
2117                 $UIDs = array();
2118                 while (list($uid) = SQL_FETCHROW($result)) {
2119                         $UIDs[$uid] = $uid;
2120                 } // END - while
2121
2122                 // Now update all user accounts
2123                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `emails_received`=`emails_received`-1 WHERE `userid` IN (%s) LIMIT %s",
2124                         array(implode(",", $UIDs), count($UIDs)), __FILE__, __LINE__);
2125         } // END - if
2126
2127         // Free result
2128         SQL_FREERESULT($result);
2129 }
2130
2131 // [EOF]
2132 ?>