= "0.4.1") { // Use new system SEND_ADMIN_EMAILS_PRO (ADMIN_NEW_SPONSOR, "admin_sponsor_pending", $SPONSOR); } else { // Send over old system $msg_admin = LOAD_EMAIL_TEMPLATE("admin_sponsor_pending", $SPONSOR); SEND_ADMIN_EMAILS (ADMIN_NEW_SPONSOR, $msg_admin); } // Sponsor account set to pending LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_PENDING); } else { // Could not unlock account! LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_PENDING_FAILED); } } elseif ($SPONSOR['status'] == "EMAIL") { // Changed email adress need to be confirmed $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED' WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1", array(bigintval($SPONSOR['id']), $HTTP_GET_VARS['hash']), __FILE__, __LINE__); // Check on success if (SQL_AFFECTEDROWS($link) == 1) { // Sponsor account is unlocked again LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN); } else { // Could not unlock account! LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_EMAIL_FAILED); } } else { /// ??? Other status? LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_STATUS_FAILED); } } else { // No sponsor found LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACCOUNT_404); } // Free memory SQL_FREERESULT($result); } elseif ($MODE == "activate") { // Send activation link again if (isset($HTTP_POST_VARS['ok'])) { // Check submitted data if (empty($HTTP_POST_VARS['email'])) unset($HTTP_POST_VARS['ok']); } if (isset($HTTP_POST_VARS['ok'])) { // Check email $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, salut, surname, family, sponsor_created FROM "._MYSQL_PREFIX."_sponsor_data WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1", array($HTTP_POST_VARS['email']), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data $SPONSOR = SQL_FETCHARRAY($result); // Translate some data $SPONSOR['salut'] = TRANSLATE_SEX($SPONSOR['salut']); $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']); // Prepare email and send it to the sponsor if ($SPONSOR['status'] == "UNCONFIRMED") { // Unconfirmed accounts $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_activate", $SPONSOR); } else { // Confirmed email address $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_email", $SPONSOR); } SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_ACTIVATION_LINK_SUBJ, $msg_sponsor); // Output message LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_SENT); } else { // No account found or not UNCONFIRMED LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_ACTIVATION_LINK_404); } // Free memory SQL_FREERESULT($result); } else { // Load form LOAD_TEMPLATE("guest_sponsor_activate"); } } elseif ($MODE == "lost_pass") { // Send new password if (isset($HTTP_POST_VARS['ok'])) { // Check submitted data if (empty($HTTP_POST_VARS['email'])) unset($HTTP_POST_VARS['ok']); } if (isset($HTTP_POST_VARS['ok'])) { // Check email $result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, salut, surname, family, sponsor_created FROM "._MYSQL_PREFIX."_sponsor_data WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1", array($HTTP_POST_VARS['email'], bigintval($HTTP_POST_VARS['id'])), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Unconfirmed sponsor account found so let's load the requested data $SPONSOR = SQL_FETCHARRAY($result); // Translate some data $SPONSOR['salut'] = TRANSLATE_SEX($SPONSOR['salut']); $SPONSOR['sponsor_created'] = MAKE_DATETIME($SPONSOR['sponsor_created']); // Generate password $SPONSOR['password'] = GEN_PASS(); // Prepare email and send it to the sponsor $msg_sponsor = LOAD_EMAIL_TEMPLATE("sponsor_lost", $SPONSOR); SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor); // Update password $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s' WHERE id='%s' LIMIT 1", array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__); // Output message LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_SENT); } else { // No account found or not UNCONFIRMED LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOST_PASSWORD_404); } // Free memory SQL_FREERESULT($result); } else { // Load form LOAD_TEMPLATE("guest_sponsor_lost"); } } elseif (isset($HTTP_POST_VARS['ok'])) { // Check status and login data ... $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' AND password='%s' LIMIT 1", array(bigintval($HTTP_POST_VARS['sponsorid']), md5($HTTP_POST_VARS['pass'])), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account? list($status) = SQL_FETCHROW($result); if ($status == "CONFIRMED") { // Calculate cookie lifetime, maybe we have to change this so the admin can setup a // seperate timeout for these two cookies? $life = (time() + $CONFIG['online_timeout']); // Is confirmed so both is fine and we can continue with login procedure $login = ((setcookie("sponsorid" , bigintval($HTTP_POST_VARS['sponsorid']), $life, COOKIE_PATH)) && (setcookie("sponsorpass", md5($HTTP_POST_VARS['pass']) , $life, COOKIE_PATH))); if ($login) { // Cookie setup successfull so we can forward to sponsor area LOAD_URL(URL."/modules.php?module=sponsor"); } else { // Cookie setup failed! LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED); OUTPUT_HTML("
"); // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } } else { // Status is not fine $eval = "\$content = SPONSOR_LOGIN_FAILED_".strtoupper($status).";"; eval($eval); LOAD_TEMPLATE("admin_settings_saved", false, $content); OUTPUT_HTML("
"); // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } } else { // Account missing or wrong pass! We shall not find this out for the "hacker folks"... LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOGIN_FAILED_404_WRONG_PASS); OUTPUT_HTML("
"); // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } // Free memory SQL_FREERESULT($result); } else { // Login formular and other links LOAD_TEMPLATE("guest_sponsor_login"); } // ?>