+++ /dev/null
-<?php
-/************************************************************************
- * MXChange v0.2.1 Start: 08/26/2003 *
- * =============== Last change: 11/29/2004 *
- * *
- * -------------------------------------------------------------------- *
- * File : mysql-manager.php *
- * -------------------------------------------------------------------- *
- * Short description : All MySQL-related functions *
- * -------------------------------------------------------------------- *
- * Kurzbeschreibung : Alle MySQL-Relevanten Funktionen *
- * -------------------------------------------------------------------- *
- * *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
- * MA 02110-1301 USA *
- ************************************************************************/
-
-// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
- require($INC);
-}
-
-//
-function ADD_MODULE_TITLE($mod)
-{
- global $MODULES, $CONFIG;
- $name = ""; $result = false;
- // Load title
- if (!mxchange_installing)
- {
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))
- {
- // Load from cache
- $name = $MODULES['title'][$mod];
-
- // Update cache hits
- $CONFIG['cache_hits']++;
- }
- else
- {
- // Load from database
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
- list($name) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- }
-
- // Trim name
- $name = trim($name);
-
- // Still no luck or empty title?
- if (empty($name))
- {
- // No name found
- $name = LANG_UNKNOWN_MODULE." (".$mod.")";
- if (SQL_NUMROWS($result) == 0)
- {
- // Add module to database
- $dummy = CHECK_MODULE($mod);
- }
- }
- return $name;
-}
-//
-function CHECK_MODULE($mod)
-{
- // We need them now here...
- global $MODULES, $CONFIG, $CACHE;
-
- // Filter module name (names with low chars and underlines are fine!)
- $mod = preg_replace("/[^a-z_]/", "", $mod);
-
- // Check for prefix is a extension...
- $MOD_SPLIT = explode("_", $mod);
- $extension = ""; $mod_chk = $mod;
- //* DEBUG: */ echo __LINE__."*".count($MOD_SPLIT)."*/".$mod."*<BR>";
- if (count($MOD_SPLIT) == 2)
- {
- // Okay, there is a seperator (_) in the name so is the first part a module?
- //* DEBUG: */ echo __LINE__."*".$MOD_SPLIT[0]."*<BR>";
- if (EXT_IS_ACTIVE($MOD_SPLIT[0]))
- {
- // The prefix is an extension's name, so let's set it
- $extension = $MOD_SPLIT[0]; $mod = $MOD_SPLIT[1];
- }
- }
-
- // Major error in module registry is the default
- $ret = "major";
-
- // Check if script is installed if not return a "done" to prevent some errors
- if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";
-
- // Check if cache is latest version
- $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])))
- {
- // Is the module cached?
- if (isset($MODULES['locked'][$mod_chk])) {
- // Check cache
- $locked = $MODULES['locked'][$mod_chk];
- $hidden = $MODULES['hidden'][$mod_chk];
- $admin = $MODULES['admin_only'][$mod_chk];
- $mem = $MODULES['mem_only'][$mod_chk];
-
- // Update cache hits
- $CONFIG['cache_hits']++;
- $found = true;
- } else {
- // No, then we have to update it!
- $ret = "cache_miss";
- }
- }
- else
- {
- // Check for module in database
- $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod_chk), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Read data
- list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $found = true;
- }
- }
-
- // Check returned values against current access permissions
- //
- // Admin access ----- Guest access ----- --- Guest or member? ---
- if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN()))))
- {
- // If you are admin you are welcome for everything!
- $ret = "done";
- }
- elseif ($locked == "Y")
- {
- // Module is locked
- $ret = "locked";
- }
- elseif (($mem == "Y") && (!IS_LOGGED_IN()))
- {
- // You have to login first!
- $ret = "mem_only";
- }
- elseif (($admin == "Y") && (!IS_ADMIN()))
- {
- // Only the Admin is allowed to enter this module!
- $ret = "admin_only";
- }
-
- // Still no luck or not found?
- if (($ret == "major") || ($ret == "cache_miss") || (!$found))
- {
- // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---
- if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php")))
- {
- // Data is missing so we add it
- if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
- // Since 0.3.6 we have a has_menu column, this took me a half hour
- // to find a loop here... *sigh*
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
-(module, locked, hidden, mem_only, admin_only, has_menu) VALUES
-('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
- } else {
- // Wrong/missing sql_patches!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
-(module, locked, hidden, mem_only, admin_only) VALUES
-('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
- }
-
- // Everthing is fine?
- if (SQL_AFFECTEDROWS() == 0) {
- // Something bad happend!
- return "major";
- }
-
- // Destroy cache here
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();
- unset($MODULES);
- }
-
- // And reload data
- $ret = CHECK_MODULE($mod_chk);
- }
- else
- {
- // Module not found we don't add it to the database
- $ret = "404";
- }
- }
-
- // Return the value
- return $ret;
-}
-//
-function ADD_DESCR($ACC_LVL, $FILE, $return = false, $output = true)
-{
- global $_GET, $DEPTH, $CONFIG;
- $LINK_ADD = ""; $OUT = ""; $AND = "";
- // First we have to do some analysis...
- if (ereg("action-", $FILE))
- {
- // This is an action file!
- $TYPE = "action";
- $SEARCH = substr($FILE, 7);
- switch ($ACC_LVL)
- {
- case "admin":
- $MOD_CHECK = "admin";
- break;
-
- case "sponsor":
- case "guest":
- case "member":
- $MOD_CHECK = $GLOBALS['module'];
- break;
- }
- $AND = " AND what=''";
- }
- elseif (ereg("what-", $FILE))
- {
- // This is an admin what file!
- $TYPE = "what";
- $SEARCH = substr($FILE, 5);
- $AND = "";
- switch ($ACC_LVL)
- {
- case "admin":
- $MOD_CHECK = "admin";
- break;
-
- case "guest":
- case "member":
- $MOD_CHECK = $GLOBALS['module'];
- if (!IS_ADMIN())
- {
- $AND = " AND visible='Y' AND locked='N'";
- }
- break;
- }
- $DUMMY = substr($SEARCH, 0, -4);
- $AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";
- }
- elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine"))
- {
- // Sponsor / engine menu
- $TYPE = "what";
- $SEARCH = $FILE;
- $MOD_CHECK = $GLOBALS['module'];
- $AND = "";
- }
- else
- {
- // Other
- $TYPE = "menu";
- $SEARCH = $FILE;
- $MOD_CHECK = $GLOBALS['module'];
- $AND = "";
- }
- if ((!isset($DEPTH)) && (!$return))
- {
- $DEPTH = "0";
- $PREFIX = "<DIV class=\"you_are_here\">".YOU_ARE_HERE." <STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";
- }
- else
- {
- if (!$return) $DEPTH++;
- $PREFIX = "";
- }
- $PREFIX .= " -> ";
- if (ereg(".php", $SEARCH))
- {
- $SEARCH = substr($SEARCH, 0, strpos($SEARCH, ".php"));
- }
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
- array($ACC_LVL, $TYPE, $SEARCH), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if ($return)
- {
- // Return title
- return $ret;
- }
- elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin")))
- {
- // Output HTML code
- $OUT = $PREFIX."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&".$TYPE."=".$SEARCH.$LINK_ADD."\">".$ret."</A></STRONG>\n";
- //* DEBUG: */ echo __LINE__."*".$TYPE."/".$GLOBALS['what']."*<br />\n";
- if (($TYPE == "what") || (($TYPE == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
- //* DEBUG: */ echo __LINE__."+".$TYPE."+<br />\n";
- $OUT .= "</DIV><BR>\n";
- }
- }
- }
-
- // Return or output HTML code?
- if ($output)
- {
- // Output HTML code here
- OUTPUT_HTML($OUT);
- }
- else
- {
- // Return HTML code
- return $OUT;
- }
-}
-//
-function ADD_MENU($MODE, $act, $wht)
-{
- global $CONFIG;
- if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
- $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
- if (!IS_ADMIN())
- {
- $AND = "AND visible='Y' AND locked='N'";
- }
- // Load SQL data and add the menu to the output stream...
- $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
- array($MODE), __FILE__, __LINE__);
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- if (SQL_NUMROWS($result_main) > 0)
- {
- OUTPUT_HTML ("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
- // There are menus available, so we simply display them... :)
- while (list($main_title, $main_action) = SQL_FETCHROW($result_main))
- {
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- // Load menu header template
- $BLOCK_MODE = false; $act = $main_action;
- LOAD_TEMPLATE($MODE."_menu_title", false, $main_title);
-
- $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
- array($MODE, $main_action), __FILE__, __LINE__);
- $ctl = SQL_NUMROWS($result_sub);
- if ($ctl > 0)
- {
- $cnt=0;
- while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))
- {
- $content = "";
-
- // Full file name for checking menu
- //* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";
- $test_inc = sprintf("%sinc/modules/%s/what-%s.php", PATH, $MODE, $sub_what);
- $test = (file_exists($test_inc) && is_readable($test_inc));
- if ($test)
- {
- if ((!empty($wht)) && (($wht == $sub_what)))
- {
- $content = "<STRONG>";
- }
-
- // Navigation link
- $content .= "<A name=\"menu\" class=\"menu_blur\" href=\"".URL."/modules.php?module=".$GLOBALS['module']."&what=".$sub_what.ADD_URL_DATA("")."\"";
-
- if (frameset_active)
- {
- // We need to add a JavaScript here to reload both frames!
- }
- else
- {
- // Add the default target _self
- $content .= " target=\"_self\"";
- }
- $content .= ">";
- }
- else
- {
- $content .= "<I>";
- }
-
- // Menu title
- $content .= $CONFIG['middot'].$sub_title;
-
- if ($test)
- {
- $content .= "</A>";
- }
- else
- {
- $content .= "</I>";
- }
-
- if ((!empty($wht)) && (($wht == $sub_what)))
- {
- $content .= "</STRONG>";
- }
- $wht = $sub_what; $cnt++;
- if ($cnt < $ctl)
- {
- LOAD_TEMPLATE($MODE."_menu_row", false, $content);
- }
- else
- {
- LOAD_TEMPLATE($MODE."_menu_bottom", false, $content);
- }
- }
- }
- else
- {
- // This is a menu block... ;-)
- $BLOCK_MODE = true;
- $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action);
- if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK)))
- {
- // Load include file
- if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML ("<TR>
- <TD class=\"".$MODE."_menu_whats\">");
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- include ($INC_BLOCK);
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML (" </TD>
-</TR>");
- }
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- }
- $main_cnt++;
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- if (SQL_NUMROWS($result_main) > $main_cnt) OUTPUT_HTML ("<TR><TD class=\"".$MODE."_menu_seperator\"></TD></TR>");
- }
-
- // Free memory
- SQL_FREERESULT($result_main);
-
- // Close table
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- OUTPUT_HTML ("</TABLE>");
- }
-}
-// This patched function will reduce many SELECT queries for the specified or current admin login
-function IS_ADMIN($admin="")
-{
- global $_COOKIE, $ADMINS, $CONFIG;
- $ret = false; $passCookie = ""; $valPass = "";
- //* DEBUG: */ echo __LINE__."ADMIN:".$admin."<BR>";
-
- // If admin login is not given take current from cookies...
- if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))
- {
- $admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];
- }
- //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<BR>";
-
- // Search in array for entry
- if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))
- {
- // Count cache hits
- $CONFIG['cache_hits']++;
-
- // Login data is valid or not?
- $valPass = generatePassString($ADMINS['password'][$admin]);
- }
- elseif (!empty($admin))
- {
- // Search for admin
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($admin), __FILE__, __LINE__);
-
- // Is he admin?
- $passDB = "";
- if (SQL_NUMROWS($result) == 1)
- {
- // Admin login was found so let's load password from DB
- list($passDB) = SQL_FETCHROW($result);
- $valPass = generatePassString($passDB);
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
-
- if (!empty($valPass))
- {
- // Check if password is valid
- //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";
- $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
- }
-
- // Return result of comparision
- //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br>";
- return $ret;
-}
-//
-function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)
-{
- global $_POST;
- $OUT = "";
- switch ($MODE)
- {
- case "guest":
- // Guests (in the registration form) are not allowed to select 0 mails per day.
- $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE value > 0 ORDER BY value", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
- $OUT = "";
- while (list($value, $comment) = SQL_FETCHROW($result))
- {
- $OUT .= " <OPTION value=\"".$value."\"";
- if ($_POST['max_mails'] == $value) $OUT .= " selected=\"selected\"";
- $OUT .= ">".$value." ".PER_DAY;
- if (!empty($comment)) $OUT .= " (".$comment.")";
- $OUT .= "</OPTION>\n";
- }
- define('__MAX_RECEIVE_OPTIONS', $OUT);
-
- // Free memory
- SQL_FREERESULT($result);
- $OUT = LOAD_TEMPLATE("guest_receive_table", true);
- }
- else
- {
- // Maybe the admin has to setup some maximum values?
- }
- break;
-
- case "member":
- // Members are allowed to set to zero mails per day (we will change this soon!)
- $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive ORDER BY value", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
- $OUT = "";
- while (list($value, $comment) = SQL_FETCHROW($result))
- {
- $OUT .= " <OPTION value=\"".$value."\"";
- if ($default == $value) $OUT .= " selected=\"selected\"";
- $OUT .= ">".$value." ".PER_DAY;
- if (!empty($comment)) $OUT .= " (".$comment.")";
- $OUT .= "</OPTION>\n";
- }
- define('__MAX_RECEIVE_OPTIONS', $OUT);
- SQL_FREERESULT($result);
- $OUT = LOAD_TEMPLATE("member_receive_table", true);
- }
- else
- {
- // Maybe the admin has to setup some maximum values?
- $OUT = LOAD_TEMPLATE("admin_settings_saved", true, NO_MAX_VALUES);
- }
- break;
- }
- if ($return)
- {
- // Return generated HTML code
- return $OUT;
- }
- else
- {
- // Output directly (default)
- OUTPUT_HTML ($OUT);
- }
-}
-//
-function SEARCH_EMAIL_USERTAB($email)
-{
- $ret = false;
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) $ret = true;
- SQL_FREERESULT($result);
- return $ret;
-}
-//
-function WHAT_IS_VALID($act, $wht, $TYPE="guest")
-{
- if (IS_ADMIN())
- {
- // Everything is valid to the admin :-)
- return true;
- }
- else
- {
- $ret = false;
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what='%s' AND locked='N' LIMIT 1", array($TYPE, $act, $wht), __FILE__, __LINE__);
- // Is "what" valid?
- if (SQL_NUMROWS($result) == 1) $ret = true;
- SQL_FREERESULT($result);
- return $ret;
- }
-}
-//
-function IS_LOGGED_IN()
-{
- global $_COOKIE, $status, $LAST;
- if (!is_array($LAST)) $LAST = array();
- $ret = false;
-
- // Fix "deleted" cookies first
- FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
-
- // Are cookies set?
- if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))
- {
- // Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Load data from cookies
- list($password, $status, $mod, $onl) = SQL_FETCHROW($result);
-
- // Validate password by created the difference of it and the secret key
- $valPass = generatePassString($password);
-
- // Transfer last module and online time
- if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
-
- // So did we now have valid data and an unlocked user?
- //* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";
- if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))
- {
- // Account is confirmed and all cookie data is valid so he is definely logged in! :-)
- $ret = true;
- }
- else
- {
- // Maybe got locked etc.
- //* DEBUG: */ echo __LINE__."!!!<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
-
- // Remove array elements to prevent errors
- unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
- }
- }
- else
- {
- // Cookie data is invalid!
- //* DEBUG: */ echo __LINE__."***<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
-
- // Remove array elements to prevent errors
- unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
- else
- {
- // Cookie data is invalid!
- //* DEBUG: */ echo __LINE__."///<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
-
- // Remove array elements to prevent errors
- unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
- }
- return $ret;
-}
-//
-function UPDATE_LOGIN_DATA ($UPDATE=true) {
- global $LAST;
- if (!is_array($LAST)) $LAST = array();
-
- // Are the required cookies set?
- if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {
- // Nope, then return here to caller function
- return false;
- } else {
- // Secure user ID
- $GLOBALS['userid'] = bigintval($_COOKIE['userid']);
- }
-
- // Extract last online time (life) and how long is auto-login valid (time)
- $newl = time() + bigintval($_COOKIE['lifetime']);
-
- // Recheck if logged in
- if (!IS_LOGGED_IN()) return false;
-
- // Load last module and last online time
- $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load last module and online time
- list($mod, $onl) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Maybe first login time?
- if (empty($mod)) $mod = "login";
-
- if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {
- // This will be displayed on welcome page! :-)
- if (empty($LAST['module'])) {
- $LAST['module'] = $mod; $LAST['online'] = $onl;
- }
- if (empty($GLOBALS['what'])) {
- $GLOBALS['what'] = "welcome";
- }
-
- // Update last module / online time
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
- array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
- }
- }
- else
- {
- // Destroy session, we cannot update!
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
- }
-}
-//
-function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
-{
- global $link;
- $ret = false;
- $ADD = "";
- if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND locked='N'";
- //* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";
- if (($MODE != "admin") && ($UPDATE))
- {
- // Update guest or member menu
- $SQL = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s_menu SET counter=counter+1 WHERE action='%s' AND what='%s'".$ADD." LIMIT 1",
- array($MODE, $act, $wht), __FILE__, __LINE__, false);
- }
- elseif ($wht != "overview")
- {
- // Other actions
- $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s'".$ADD." ORDER BY action DESC LIMIT 1",
- array($MODE, $act), __FILE__, __LINE__, false);
- }
- else
- {
- // Admin login overview
- $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1",
- array($MODE, $act), __FILE__, __LINE__, false);
- }
-
- // Run SQL command
- $result = SQL_QUERY($SQL, __FILE__, __LINE__);
- if ($UPDATE)
- {
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) $ret = true;
- //* DEBUG: */ debug_print_backtrace();
- }
- else
- {
- if (SQL_NUMROWS($result) == 1) {
- list($id, $wht2) = SQL_FETCHROW($result);
- //* DEBUG: */ echo __LINE__."+".$SQL."+<br />\n";
- //* DEBUG: */ echo __LINE__."*".$id."/".$wht."/".$wht2."*<br />\n";
- $ret = true;
- }
- }
-
- // Free memory
- SQL_FREERESULT($result);
- //* DEBUG: */ var_dump($ret);
- return $ret;
-}
-//
-function GET_MOD_DESCR($MODE, $wht)
-{
- if (empty($wht)) $wht = "welcome";
- $ret = "??? (".$wht.")";
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", array($MODE, $wht), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- return $ret;
-}
-//
-function SEND_MODE_MAILS($mod, $modes)
-{
- global $_COOKIE, $_POST, $CONFIG, $DATA;
- // Load hash
- $result_main = SQL_QUERY("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_main) == 1)
- {
- // Load hash and extract salt
- list($hash) = SQL_FETCHROW($result_main);
- $salt = substr($hash, 0, -40);
-
- // Now let's compare passwords
- $hash = generateHash($_POST['pass1'], $salt);
- if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2']))
- {
- // Load user's data
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
- array($GLOBALS['userid'], $hash), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[0] = TRANSLATE_SEX($DATA[0]);
- switch ($mod)
- {
- case "mydata":
- foreach ($modes as $mode)
- {
- switch ($mode)
- {
- case "normal": break; // Do not add any special lines
-
- case "email": // Email was changed!
- $content = MEMBER_CHANGED_EMAIL.": ".$_POST['old_addy']."\n";
- break;
-
- case "pass": // Password was changed
- $content = MEMBER_CHANGED_PASS."\n";
- break;
-
- default:
- $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n";
- break;
- }
- }
-
- if (EXT_IS_ACTIVE("country"))
- {
- // Replace code with description
- $DATA[4] = COUNTRY_GENERATE_INFO($_POST['country_code']);
- }
-
- // Load template
- $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);
-
- if ($CONFIG['admin_notify'] == "Y")
- {
- // The admin needs to be notified about a profile change
- $msg_admin = "admin_mydata_notify";
- $sub_adm = ADMIN_CHANGED_DATA;
- }
- else
- {
- // No mail to admin
- $msg_admin = "";
- $sub_adm = "";
- }
-
- // Set subject lines
- $sub_mem = MEMBER_CHANGED_DATA;
-
- // Output success message
- $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
- break;
-
- default:
- $content = "<STRONG><SPAN class=\"member_failed\">".UNKNOWN_MODULE."</SPAN></STRONG>";
- break;
- }
- }
- else
- {
- // Could not load profile data
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
- }
- }
- else
- {
- // Passwords mismatch
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_PASSWORD_ERROR."</SPAN></STRONG>";
- }
- }
- else
- {
- // Could not load profile
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
- }
- if ((!empty($sub_mem)) && (!empty($msg)))
- {
- // Send member mail
- SEND_EMAIL($DATA[7], $sub_mem, $msg);
- }
- if ((!empty($sub_adm)) && (!empty($msg_admin)))
- {
- // Send admin mail
- if (GET_EXT_VERSION("admins") >= "0.4.1")
- {
- SEND_ADMIN_EMAILS_PRO($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
- }
- else
- {
- SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid']));
- }
- }
- elseif ($CONFIG['admin_notify'] == "Y")
- {
- // Cannot send mails to admin!
- $content = CANNOT_SEND_ADMIN_MAILS;
- }
- else
- {
- // No mail to admin
- $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
- }
-
- // Load template
- LOAD_TEMPLATE("admin_settings_saved", false, $content);
-}
-// Update module counter
-function COUNT_MODULE($mod)
-{
- if ($mod != "css")
- {
- // Do count all other modules but not accesses on CSS file css.php!
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET clicks=clicks+1 WHERE module='%s' LIMIT 1",
- array($mod), __FILE__, __LINE__);
- }
-}
-// Get action value from mode (admin/guest/member) and what-value
-function GET_ACTION ($MODE, &$wht)
-{
- global $ret; $ret = "";
- //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br>";
- if ((empty($wht)) && ($MODE != "admin"))
- {
- $wht = "welcome";
- }
- if ($MODE == "admin")
- {
- // Action value for admin area
- if (!empty($GLOBALS['action']))
- {
- // Get it directly from URL
- return $GLOBALS['action'];
- }
- elseif (($wht == "overview") || (empty($GLOBALS['what'])))
- {
- // Default value for admin area
- $ret = "login";
- }
- }
- elseif (!empty($GLOBALS['action']))
- {
- // Fix welcome value
- if (empty($wht)) $wht = "welcome";
- return $GLOBALS['action'];
- }
- else
- {
- // Everything else will be touched after checking the module has a menu assigned
- }
- //* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";
-
- if (MODULE_HAS_MENU($MODE))
- {
- // Rewriting modules to menu
- switch ($MODE)
- {
- case "index": $MODE = "guest"; break;
- case "login": $MODE = "member"; break;
- break;
- }
-
- // Guest and member menu is "main" as the default
- if (empty($ret)) $ret = "main";
-
- // Load from database
- $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1",
- array($MODE, $wht), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Load action value and pray that this one is the right you want... ;-)
- list($ret) = SQL_FETCHROW($result);
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
-
- // Return action value
- return $ret;
-}
-//
-function GET_CATEGORY ($cid)
-{
- $ret = _CATEGORY_404;
- $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1", array($cid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Category found... :-)
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- return $ret;
-}
-//
-function GET_PAYMENT ($pid, $full=false)
-{
- $ret = _PAYMENT_404;
- $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($pid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Payment type found... :-)
- if (!$full)
- {
- // Return only title
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- else
- {
- // Return title and price
- list($t, $p) = SQL_FETCHROW($result);
- $ret = $t." / ".TRANSLATE_COMMA($p)." ".POINTS;
- }
- }
- return $ret;
-}
-//
-function GET_PAY_POINTS($pid, $DATA="price")
-{
- $ret = "-1";
- $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($DATA, $pid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Payment type found... :-)
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- return $ret;
-}
-// Remove a receiver's ID from $ARRAY and add a link for him to confirm
-function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false)
-{
- $ret = "failed";
- if ($uid > 0)
- {
- // Remove entry from array
- unset($ARRAY[$key]);
-
- // Is there already a line for this user available?
- if ($stats_id > 0)
- {
- // Only when we got a real stats ID continue searching for the entry
- $TYPE = "NORMAL"; $ROW = "stats_id";
- if ($bonus) { $TYPE = "BONUS"; $ROW = "bonus_id"; }
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",
- array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // No, so we add one!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
- array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
- $ret = "done";
- }
- else
- {
- // Already found
- $ret = "already";
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
- }
- // Return status for sending routine
- return $ret;
-}
-//
-function GET_TOTAL_DATA($SEARCH, $TABLE, $DATA, $WHERE="userid", $ONLY_ROWS=false)
-{
- $ret = "0";
- if ($ONLY_ROWS)
- {
- // Count rows
- $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
- array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
- }
- else
- {
- // Add all rows
- $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
- array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
- }
- // Load row
- list($ret) = SQL_FETCHROW($result);
- //* DEBUG: */ echo __LINE__."*".$DATA."/".$SEARCH."/".$TABLE."/".$ret."*<br />\n";
- SQL_FREERESULT($result);
- if (empty($ret)) {
- if (($DATA == "counter") || ($DATA == "id")) {
- $ret = "0";
- } else {
- $ret = "0.00000";
- }
- }
- return $ret;
-}
-/**
- *
- * Dynamic referral system, can also send mails!
- *
- * uid = Referral ID wich should receive...
- * points = ... xxx points
- * send_notify = shall I send the referral an email or not?
- * refid = inc/modules/guest/what-confirm.php need this
- * locked = Shall I pay it to normal (false) or locked (true) points ammount?
- * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
- * will cause no referral will get points ever!!!)
- */
-function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
-{
- global $DEPTH, $_GET, $CONFIG, $DATA, $link;
-
- // When $uid = 0 add points to jackpot
- if ($uid == "0")
- {
- // Add points to jackpot
- ADD_JACKPOT($points);
- return;
- }
-
- // Count up referral depth
- if (empty($DEPTH))
- {
- // Initialialize referral system
- $DEPTH = "0";
- }
- else
- {
- // Increase referral level
- $DEPTH++;
- }
-
- // Which points, locked or normal?
- $data = "points"; if ($locked) $data = "locked_points";
-
- $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_user) == 1)
- {
- // This is the user and his ref
- list ($ref, $email) = SQL_FETCHROW($result_user);
- SQL_FREERESULT($result_user);
- $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
- array(bigintval($DEPTH)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($per) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $P = $points * $per / 100;
-
- // Update points...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='%s' LIMIT 1",
- array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
- {
- // First ref in this level! :-)
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES ('%s', '%s', '%s')",
- array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
- }
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);
- }
-
- // Points updated, maybe I shall send him an email?
- if (($send_notify) && ($ref > 0) && (!$locked))
- {
- // 0 1 2 3
- $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));
- $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
-
- SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
- }
-
- // Maybe there's another ref?
- if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))
- {
- // Then let's credit him here...
- ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
- }
- }
- }
-}
-//
-function UPDATE_REF_COUNTER($uid)
-{
- global $REF_LVL, $link, $CACHE;
- // Make it sure referral level zero (member him-/herself) is at least selected
- if (empty($REF_LVL)) $REF_LVL = "0";
-
- // Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",
- array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
-
- // When no entry was updated then we have to create it here
- if (SQL_AFFECTEDROWS($link) == 0)
- {
- // First count!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
- array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
- }
-
- // Check for his referral
- $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- list($ref) = SQL_FETCHROW($result);
-
- // Free memory
- SQL_FREERESULT($result);
-
- // When he has a referral...
- if (($ref > 0) && ($ref != $uid))
- {
- // Move to next referral level and count his counter one up!
- $REF_LVL++; UPDATE_REF_COUNTER($ref);
- }
- elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
- {
- // Remove cache here
- if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();
- }
-}
-//
-function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
-{
- global $_COOKIE, $_SERVER, $link, $_GET, $CONFIG;
- // Do not update online list when extension is deactivated
- if (!EXT_IS_ACTIVE("online", true)) return;
-
- // Initialize variables
- $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N";
- if (!empty($GLOBALS['userid']))
- {
- // Update member status only when userid is valid
- if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN()))
- {
- // Is valid user
- $uid = $GLOBALS['userid'];
- $MEM = "Y";
- }
- }
- if (IS_ADMIN())
- {
- // Is administrator
- $ADMIN = "Y";
- }
- if (!empty($_COOKIE['refid']))
- {
- // Check cookie
- if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];
- }
-
- // Now Read data
- $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online
-WHERE sid='%s' LIMIT 1",
- array($SID), __FILE__, __LINE__);
-
- if (SQL_NUMROWS($result) == 1)
- {
- SQL_FREERESULT($result);
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
-module='%s',
-action='%s',
-what='%s',
-userid=%d,
-refid=%d,
-is_member='%s',
-is_admin='%s',
-timestamp=UNIX_TIMESTAMP()
-WHERE sid='%s' LIMIT 1",
- array(
- $mod,
- $act,
- $wht,
- bigintval($uid),
- bigintval($rid),
- $MEM,
- $ADMIN,
- $SID
-), __FILE__, __LINE__);
- }
- else
- {
- // No entry does exists so we simply add it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
- array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- }
-
- // Purge old entries
- $TIMEOUT = time() - $CONFIG['online_timeout'];
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",
- array($TIMEOUT), __FILE__, __LINE__);
-}
-// OBSULETE: Sends out mail to all administrators
-function SEND_ADMIN_EMAILS($subj, $msg)
-{
- $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__);
- while (list($email) = SQL_FETCHROW($result))
- {
- SEND_EMAIL($email, $subj, $msg);
- }
- // Really simple... ;-)
- SQL_FREERESULT($result);
-}
-// Get ID number from administrator's login name
-function GET_ADMIN_ID($login)
-{
- global $ADMINS;
- $ret = "-1";
- if (!empty($ADMINS['aid'][$login]))
- {
- // Check cache
- $ret = $ADMINS['aid'][$login];
- if (empty($ret)) $ret = "-1";
- }
- else
- {
- // Load from database
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($login), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- }
- return $ret;
-}
-//
-// Get password hash from administrator's login name
-function GET_ADMIN_HASH($login)
-{
- global $ADMINS;
- $ret = "-1";
- if (!empty($ADMINS['password'][$login]))
- {
- // Check cache
- $ret = $ADMINS['password'][$login];
- if (empty($ret)) $ret = "-1";
- }
- else
- {
- // Load from database
- $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($login), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- }
- return $ret;
-}
-//
-function GET_ADMIN_LOGIN($aid)
-{
- global $ADMINS;
- $ret = "***";
- if (!empty($ADMINS['login']['aid']))
- {
- // Check cache
- if (!empty($ADMINS['login'][$aid])) $ret = $ADMINS['login'][$aid];
- if (empty($ret)) $ret = "***";
- }
- else
- {
- // Load from database
- $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
- array(bigintval($aid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Fetch data
- list($ret) = SQL_FETCHROW($result);
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
- return $ret;
-}
-//
-function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
-{
- $ret = "";
- if ($table == "/ARRAY/")
- {
- // Selection from array
- if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name))
- {
- // Both are arrays
- foreach ($id as $idx=>$value)
- {
- $ret .= "<OPTION value=\"".$value."\"";
- if ($default == $value) $ret .= " selected checked";
- $ret .= ">".$name[$idx]."</OPTION>\n";
- }
- }
- }
- else
- {
- // Data from database
- $SPEC = ", ".$id;
- if (!empty($special)) $SPEC = ", ".$special;
- $ORDER = $name.$SPEC;
- if ($table == "country") $ORDER = $special;
- $result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM "._MYSQL_PREFIX."_%s ".$where." ORDER BY %s",
- array($id, $ORDER, $table, $name), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
- // Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option
- while (list($value, $title, $add) = SQL_FETCHROW($result))
- {
- if (empty($special)) $add = "";
- $ret .= "<OPTION value=\"".$value."\"";
- if ($default == $value) $ret .= " selected checked";
- if (!empty($add)) $add = " (".$add.")";
- $ret .= ">".$title.$add."</OPTION>\n";
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
- else
- {
- // No data found
- $ret = "<OPTION value=\"x\">".SELECT_NONE."</OPTION>\n";
- }
- }
- // Return - hopefully - the requested data
- return $ret;
-}
-// Aiut
-function activateExchange() {
- global $CONFIG;
- $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) >= $CONFIG['activate_xchange'])
- {
- // Free memory
- SQL_FREERESULT($result);
-
- // Activate System
- $SQLs = array(
- "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
- "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
- "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"
- );
-
- // Run SQLs
- foreach ($SQLs as $sql)
- {
- $result = SQL_QUERY($sql, __FILE__, __LINE__);
- }
-
- // Destroy cache
- }
-}
-//
-function DELETE_USER_ACCOUNT($uid, $reason)
-{
- $POINTS = 0;
- $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points
-FROM "._MYSQL_PREFIX."_user_points AS p
-LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
-ON p.userid=d.userid
-WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Save his points to add them to the jackpot
- list($POINTS) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Delete points entries as well
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
- }
-
- // Now, when we have all his points adds them do the jackpot!
- ADD_JACKPOT($POINTS);
- }
-
- // Delete category selections as well...
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",
- array(bigintval($uid)), __FILE__, __LINE__);
-
- // Remove from rallye if found
- if (EXT_IS_ACTIVE("rallye"))
- {
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",
- array(bigintval($uid)), __FILE__, __LINE__);
- }
-
- // Now a mail to the user and that's all...
- $msg = LOAD_EMAIL_TEMPLATE("del-user", stripslashes($reason), $uid);
- SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
-
- // Ok, delete the account!
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
-}
-//
-function META_DESCRIPTION($mod, $wht)
-{
- global $CONFIG, $DEPTH;
- if (($mod != "admin") && ($mod != "login"))
- {
- // Exclude admin and member's area
- $DESCR = MAIN_TITLE." ".trim($CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);
- unset($DEPTH);
- OUTPUT_HTML ("<META name=\"description\" content=\"".$DESCR."\">\n");
- }
-}
-//
-function ADD_JACKPOT($points)
-{
- $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // Create line
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);
- }
- else
- {
- // Free memory
- SQL_FREERESULT($result);
-
- // Update points
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points+%s WHERE ok='ok' LIMIT 1",
- array($points), __FILE__, __LINE__);
- }
-}
-//
-function SUB_JACKPOT($points)
-{
- // First failed
- $ret = "-1";
-
- // Get current points
- $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // Create line
- $result = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '0.00000')", __FILE__, __LINE__);
- }
- else
- {
- // Free memory
- SQL_FREERESULT($result);
-
- // Read points
- list($jackpot) = SQL_FETCHROW($result);
- if ($jackpot >= $points)
- {
- // Update points when there are enougth points in jackpot
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", array($points), __FILE__, __LINE__);
- $ret = $jackpot - $points;
- }
- }
-}
-//
-function IS_DEMO()
-{
- global $_COOKIE;
- return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));
-}
-//
-function LOAD_CONFIG($no="0")
-{
- global $CFG_CACHE, $CONFIG;
- $CFG_DUMMY = false;
- // Check for cache extension, cache-array and if the requested configuration is in cache
- if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))
- {
- // Load config from cache
- $CFG_DUMMY = array();
- foreach ($CFG_CACHE as $element=>$cfgs)
- {
- $CFG_DUMMY[$element] = $cfgs[$no];
- }
-
- // Count cache hits
- $CONFIG['cache_hits']++;
- }
- else
- {
- // Load config from DB
- $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",
- array(bigintval($no)), __FILE__, __LINE__);
- $CFG_DUMMY = SQL_FETCHARRAY($result_config);
- SQL_FREERESULT($result_config);
- }
-
- // Return config array
- return $CFG_DUMMY;
-}
-// Gets the matching what name from module
-function GET_WHAT($MOD_CHECK)
-{
- $wht = "";
- //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
- switch ($MOD_CHECK)
- {
- case "admin":
- $wht = "overview";
- break;
-
- case "login":
- case "index":
- $wht = "welcome";
- break;
-
- default:
- $wht = "";
- break;
- }
-
- // Return what value
- return $wht;
-}
-//
-function MODULE_HAS_MENU($mod)
-{
- global $EXTENSIONS, $MODULES, $CONFIG;
-
- // All is false by default
- $ret = false;
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- if (isset($MODULES['has_menu'][$mod]))
- {
- // Check module cache and count hit
- if ($MODULES['has_menu'][$mod] == "Y") $ret = true;
- $CONFIG['cache_hits']++;
- }
- elseif (isset($EXTENSIONS['ext_menu'][$mod]))
- {
- // Check cache and count hit
- if ($EXTENSIONS['ext_menu'][$mod] == "Y") $ret = true;
- $CONFIG['cache_hits']++;
- }
- }
- if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))
- {
- // Check database for entry
- $result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",
- array($mod), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($has_menu) = SQL_FETCHROW($result);
- if ($has_menu == "Y") $ret = true;
- }
-
- // Free memory
- SQL_FREERESULT($result);
- } elseif (GET_EXT_VERSION("sql_patches") == "") {
- // No sql_patches installed, so maybe in admin area?
- if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!
- }
-
- // Return status
- return $ret;
-}
-//
-?>