-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 08/26/2003 *\r
- * =============== Last change: 11/29/2004 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : mysql-manager.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : All MySQL-related functions *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Alle MySQL-Relevanten Funktionen *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Some security stuff...\r
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))\r
-{\r
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";\r
- require($INC);\r
-}\r
-\r
-//\r
-function ADD_MODULE_TITLE($mod)\r
-{\r
- global $MODULES, $CONFIG;\r
- $name = ""; $result = false;\r
- // Load title\r
- if (!mxchange_installing)\r
- {\r
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))\r
- {\r
- // Load from cache\r
- $name = $MODULES['title'][$mod];\r
-\r
- // Update cache hits\r
- $CONFIG['cache_hits']++;\r
- }\r
- else\r
- {\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);\r
- list($name) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- }\r
-\r
- // Trim name\r
- $name = trim($name);\r
-\r
- // Still no luck or empty title?\r
- if (empty($name))\r
- {\r
- // No name found\r
- $name = LANG_UNKNOWN_MODULE." (".$mod.")";\r
- if (SQL_NUMROWS($result) == 0)\r
- {\r
- // Add module to database\r
- $dummy = CHECK_MODULE($mod);\r
- }\r
- }\r
- return $name;\r
-}\r
-//\r
-function CHECK_MODULE($mod)\r
-{\r
- // We need them now here...\r
- global $MODULES, $CONFIG, $CACHE;\r
-\r
- // Filter module name (names with low chars and underlines are fine!)\r
- $mod = preg_replace("/[^a-z_]/", "", $mod);\r
-\r
- // Check for prefix is a extension...\r
- $MOD_SPLIT = explode("_", $mod);\r
- $extension = ""; $mod_chk = $mod;\r
- //* DEBUG: */ echo __LINE__."*".count($MOD_SPLIT)."*/".$mod."*<BR>";\r
- if (count($MOD_SPLIT) == 2)\r
- {\r
- // Okay, there is a seperator (_) in the name so is the first part a module?\r
- //* DEBUG: */ echo __LINE__."*".$MOD_SPLIT[0]."*<BR>";\r
- if (EXT_IS_ACTIVE($MOD_SPLIT[0]))\r
- {\r
- // The prefix is an extension's name, so let's set it\r
- $extension = $MOD_SPLIT[0]; $mod = $MOD_SPLIT[1];\r
- }\r
- }\r
-\r
- // Major error in module registry is the default\r
- $ret = "major";\r
-\r
- // Check if script is installed if not return a "done" to prevent some errors\r
- if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";\r
-\r
- // Check if cache is latest version\r
- $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;\r
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])))\r
- {\r
- // Is the module cached?\r
- if (isset($MODULES['locked'][$mod_chk])) {\r
- // Check cache\r
- $locked = $MODULES['locked'][$mod_chk];\r
- $hidden = $MODULES['hidden'][$mod_chk];\r
- $admin = $MODULES['admin_only'][$mod_chk];\r
- $mem = $MODULES['mem_only'][$mod_chk];\r
-\r
- // Update cache hits\r
- $CONFIG['cache_hits']++;\r
- $found = true;\r
- } else {\r
- // No, then we have to update it!\r
- $ret = "cache_miss";\r
- }\r
- }\r
- else\r
- {\r
- // Check for module in database\r
- $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod_chk), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Read data\r
- list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $found = true;\r
- }\r
- }\r
-\r
- // Check returned values against current access permissions\r
- //\r
- // Admin access ----- Guest access ----- --- Guest or member? ---\r
- if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN()))))\r
- {\r
- // If you are admin you are welcome for everything!\r
- $ret = "done";\r
- }\r
- elseif ($locked == "Y")\r
- {\r
- // Module is locked\r
- $ret = "locked";\r
- }\r
- elseif (($mem == "Y") && (!IS_LOGGED_IN()))\r
- {\r
- // You have to login first!\r
- $ret = "mem_only";\r
- }\r
- elseif (($admin == "Y") && (!IS_ADMIN()))\r
- {\r
- // Only the Admin is allowed to enter this module!\r
- $ret = "admin_only";\r
- }\r
-\r
- // Still no luck or not found?\r
- if (($ret == "major") || ($ret == "cache_miss") || (!$found))\r
- {\r
- // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---\r
- if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php")))\r
- {\r
- // Data is missing so we add it\r
- if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {\r
- // Since 0.3.6 we have a has_menu column, this took me a half hour\r
- // to find a loop here... *sigh*\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg\r
-(module, locked, hidden, mem_only, admin_only, has_menu) VALUES\r
-('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);\r
- } else {\r
- // Wrong/missing sql_patches!\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg\r
-(module, locked, hidden, mem_only, admin_only) VALUES\r
-('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);\r
- }\r
-\r
- // Everthing is fine?\r
- if (SQL_AFFECTEDROWS() == 0) {\r
- // Something bad happend!\r
- return "major";\r
- }\r
-\r
- // Destroy cache here\r
- if (GET_EXT_VERSION("cache") >= "0.1.2")\r
- {\r
- if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();\r
- unset($MODULES);\r
- }\r
-\r
- // And reload data\r
- $ret = CHECK_MODULE($mod_chk);\r
- }\r
- else\r
- {\r
- // Module not found we don't add it to the database\r
- $ret = "404";\r
- }\r
- }\r
-\r
- // Return the value\r
- return $ret;\r
-}\r
-//\r
-function ADD_DESCR($ACC_LVL, $FILE, $return = false, $output = true)\r
-{\r
- global $_GET, $DEPTH, $CONFIG;\r
- $LINK_ADD = ""; $OUT = ""; $AND = "";\r
- // First we have to do some analysis...\r
- if (ereg("action-", $FILE))\r
- {\r
- // This is an action file!\r
- $TYPE = "action";\r
- $SEARCH = substr($FILE, 7);\r
- switch ($ACC_LVL)\r
- {\r
- case "admin":\r
- $MOD_CHECK = "admin";\r
- break;\r
-\r
- case "sponsor":\r
- case "guest":\r
- case "member":\r
- $MOD_CHECK = $GLOBALS['module'];\r
- break;\r
- }\r
- $AND = " AND what=''";\r
- }\r
- elseif (ereg("what-", $FILE))\r
- {\r
- // This is an admin what file!\r
- $TYPE = "what";\r
- $SEARCH = substr($FILE, 5);\r
- $AND = "";\r
- switch ($ACC_LVL)\r
- {\r
- case "admin":\r
- $MOD_CHECK = "admin";\r
- break;\r
-\r
- case "guest":\r
- case "member":\r
- $MOD_CHECK = $GLOBALS['module'];\r
- if (!IS_ADMIN())\r
- {\r
- $AND = " AND visible='Y' AND locked='N'";\r
- }\r
- break;\r
- }\r
- $DUMMY = substr($SEARCH, 0, -4);\r
- $AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";\r
- }\r
- elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine"))\r
- {\r
- // Sponsor / engine menu\r
- $TYPE = "what";\r
- $SEARCH = $FILE;\r
- $MOD_CHECK = $GLOBALS['module'];\r
- $AND = "";\r
- }\r
- else\r
- {\r
- // Other\r
- $TYPE = "menu";\r
- $SEARCH = $FILE;\r
- $MOD_CHECK = $GLOBALS['module'];\r
- $AND = "";\r
- }\r
- if ((!isset($DEPTH)) && (!$return))\r
- {\r
- $DEPTH = "0";\r
- $PREFIX = "<DIV class=\"you_are_here\">".YOU_ARE_HERE." <STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";\r
- }\r
- else\r
- {\r
- if (!$return) $DEPTH++;\r
- $PREFIX = "";\r
- }\r
- $PREFIX .= " -> ";\r
- if (ereg(".php", $SEARCH))\r
- {\r
- $SEARCH = substr($SEARCH, 0, strpos($SEARCH, ".php"));\r
- }\r
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",\r
- array($ACC_LVL, $TYPE, $SEARCH), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- if ($return)\r
- {\r
- // Return title\r
- return $ret;\r
- }\r
- elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin")))\r
- {\r
- // Output HTML code\r
- $OUT = $PREFIX."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&".$TYPE."=".$SEARCH.$LINK_ADD."\">".$ret."</A></STRONG>\n";\r
- //* DEBUG: */ echo __LINE__."*".$TYPE."/".$GLOBALS['what']."*<br />\n";\r
- if (($TYPE == "what") || (($TYPE == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {\r
- //* DEBUG: */ echo __LINE__."+".$TYPE."+<br />\n";\r
- $OUT .= "</DIV><BR>\n";\r
- }\r
- }\r
- }\r
-\r
- // Return or output HTML code?\r
- if ($output)\r
- {\r
- // Output HTML code here\r
- OUTPUT_HTML($OUT);\r
- }\r
- else\r
- {\r
- // Return HTML code\r
- return $OUT;\r
- }\r
-}\r
-//\r
-function ADD_MENU($MODE, $act, $wht)\r
-{\r
- global $CONFIG;\r
- if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;\r
- $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";\r
- if (!IS_ADMIN())\r
- {\r
- $AND = "AND visible='Y' AND locked='N'";\r
- }\r
- // Load SQL data and add the menu to the output stream...\r
- $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",\r
- array($MODE), __FILE__, __LINE__);\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- if (SQL_NUMROWS($result_main) > 0)\r
- {\r
- OUTPUT_HTML ("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");\r
- // There are menus available, so we simply display them... :)\r
- while (list($main_title, $main_action) = SQL_FETCHROW($result_main))\r
- {\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- // Load menu header template\r
- $BLOCK_MODE = false; $act = $main_action;\r
- LOAD_TEMPLATE($MODE."_menu_title", false, $main_title);\r
-\r
- $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",\r
- array($MODE, $main_action), __FILE__, __LINE__);\r
- $ctl = SQL_NUMROWS($result_sub);\r
- if ($ctl > 0)\r
- {\r
- $cnt=0;\r
- while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))\r
- {\r
- $content = "";\r
-\r
- // Full file name for checking menu\r
- //* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";\r
- $test_inc = sprintf("%sinc/modules/%s/what-%s.php", PATH, $MODE, $sub_what);\r
- $test = (file_exists($test_inc) && is_readable($test_inc));\r
- if ($test)\r
- {\r
- if ((!empty($wht)) && (($wht == $sub_what)))\r
- {\r
- $content = "<STRONG>";\r
- }\r
-\r
- // Navigation link\r
- $content .= "<A name=\"menu\" class=\"menu_blur\" href=\"".URL."/modules.php?module=".$GLOBALS['module']."&what=".$sub_what.ADD_URL_DATA("")."\"";\r
-\r
- if (frameset_active)\r
- {\r
- // We need to add a JavaScript here to reload both frames!\r
- }\r
- else\r
- {\r
- // Add the default target _self\r
- $content .= " target=\"_self\"";\r
- }\r
- $content .= ">";\r
- }\r
- else\r
- {\r
- $content .= "<I>";\r
- }\r
-\r
- // Menu title\r
- $content .= $CONFIG['middot'].$sub_title;\r
-\r
- if ($test)\r
- {\r
- $content .= "</A>";\r
- }\r
- else\r
- {\r
- $content .= "</I>";\r
- }\r
-\r
- if ((!empty($wht)) && (($wht == $sub_what)))\r
- {\r
- $content .= "</STRONG>";\r
- }\r
- $wht = $sub_what; $cnt++;\r
- if ($cnt < $ctl)\r
- {\r
- LOAD_TEMPLATE($MODE."_menu_row", false, $content);\r
- }\r
- else\r
- {\r
- LOAD_TEMPLATE($MODE."_menu_bottom", false, $content);\r
- }\r
- }\r
- }\r
- else\r
- {\r
- // This is a menu block... ;-)\r
- $BLOCK_MODE = true;\r
- $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action);\r
- if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK)))\r
- {\r
- // Load include file\r
- if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML ("<TR>\r
- <TD class=\"".$MODE."_menu_whats\">");\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- include ($INC_BLOCK);\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML (" </TD>\r
-</TR>");\r
- }\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- }\r
- $main_cnt++;\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- if (SQL_NUMROWS($result_main) > $main_cnt) OUTPUT_HTML ("<TR><TD class=\"".$MODE."_menu_seperator\"></TD></TR>");\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result_main);\r
-\r
- // Close table\r
- //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";\r
- OUTPUT_HTML ("</TABLE>");\r
- }\r
-}\r
-// This patched function will reduce many SELECT queries for the specified or current admin login\r
-function IS_ADMIN($admin="")\r
-{\r
- global $_COOKIE, $ADMINS, $CONFIG;\r
- $ret = false; $passCookie = ""; $valPass = "";\r
- //* DEBUG: */ echo __LINE__."ADMIN:".$admin."<BR>";\r
-\r
- // If admin login is not given take current from cookies...\r
- if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))\r
- {\r
- $admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];\r
- }\r
- //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<BR>";\r
-\r
- // Search in array for entry\r
- if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))\r
- {\r
- // Count cache hits\r
- $CONFIG['cache_hits']++;\r
-\r
- // Login data is valid or not?\r
- $valPass = generatePassString($ADMINS['password'][$admin]);\r
- }\r
- elseif (!empty($admin))\r
- {\r
- // Search for admin\r
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",\r
- array($admin), __FILE__, __LINE__);\r
-\r
- // Is he admin?\r
- $passDB = "";\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Admin login was found so let's load password from DB\r
- list($passDB) = SQL_FETCHROW($result);\r
- $valPass = generatePassString($passDB);\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
-\r
- if (!empty($valPass))\r
- {\r
- // Check if password is valid\r
- //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";\r
- $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));\r
- }\r
-\r
- // Return result of comparision\r
- //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br>";\r
- return $ret;\r
-}\r
-//\r
-function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)\r
-{\r
- global $_POST;\r
- $OUT = "";\r
- switch ($MODE)\r
- {\r
- case "guest":\r
- // Guests (in the registration form) are not allowed to select 0 mails per day.\r
- $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE value > 0 ORDER BY value", __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) > 0)\r
- {\r
- $OUT = "";\r
- while (list($value, $comment) = SQL_FETCHROW($result))\r
- {\r
- $OUT .= " <OPTION value=\"".$value."\"";\r
- if ($_POST['max_mails'] == $value) $OUT .= " selected=\"selected\"";\r
- $OUT .= ">".$value." ".PER_DAY;\r
- if (!empty($comment)) $OUT .= " (".$comment.")";\r
- $OUT .= "</OPTION>\n";\r
- }\r
- define('__MAX_RECEIVE_OPTIONS', $OUT);\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- $OUT = LOAD_TEMPLATE("guest_receive_table", true);\r
- }\r
- else\r
- {\r
- // Maybe the admin has to setup some maximum values?\r
- }\r
- break;\r
-\r
- case "member":\r
- // Members are allowed to set to zero mails per day (we will change this soon!)\r
- $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive ORDER BY value", __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) > 0)\r
- {\r
- $OUT = "";\r
- while (list($value, $comment) = SQL_FETCHROW($result))\r
- {\r
- $OUT .= " <OPTION value=\"".$value."\"";\r
- if ($default == $value) $OUT .= " selected=\"selected\"";\r
- $OUT .= ">".$value." ".PER_DAY;\r
- if (!empty($comment)) $OUT .= " (".$comment.")";\r
- $OUT .= "</OPTION>\n";\r
- }\r
- define('__MAX_RECEIVE_OPTIONS', $OUT);\r
- SQL_FREERESULT($result);\r
- $OUT = LOAD_TEMPLATE("member_receive_table", true);\r
- }\r
- else\r
- {\r
- // Maybe the admin has to setup some maximum values?\r
- $OUT = LOAD_TEMPLATE("admin_settings_saved", true, NO_MAX_VALUES);\r
- }\r
- break;\r
- }\r
- if ($return)\r
- {\r
- // Return generated HTML code\r
- return $OUT;\r
- }\r
- else\r
- {\r
- // Output directly (default)\r
- OUTPUT_HTML ($OUT);\r
- }\r
-}\r
-//\r
-function SEARCH_EMAIL_USERTAB($email)\r
-{\r
- $ret = false;\r
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1) $ret = true;\r
- SQL_FREERESULT($result);\r
- return $ret;\r
-}\r
-//\r
-function WHAT_IS_VALID($act, $wht, $TYPE="guest")\r
-{\r
- if (IS_ADMIN())\r
- {\r
- // Everything is valid to the admin :-)\r
- return true;\r
- }\r
- else\r
- {\r
- $ret = false;\r
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what='%s' AND locked='N' LIMIT 1", array($TYPE, $act, $wht), __FILE__, __LINE__);\r
- // Is "what" valid?\r
- if (SQL_NUMROWS($result) == 1) $ret = true;\r
- SQL_FREERESULT($result);\r
- return $ret;\r
- }\r
-}\r
-//\r
-function IS_LOGGED_IN()\r
-{\r
- global $_COOKIE, $status, $LAST;\r
- if (!is_array($LAST)) $LAST = array();\r
- $ret = false;\r
-\r
- // Fix "deleted" cookies first\r
- FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));\r
-\r
- // Are cookies set?\r
- if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))\r
- {\r
- // Cookies are set with values, but are they valid?\r
- $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array($GLOBALS['userid']), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Load data from cookies\r
- list($password, $status, $mod, $onl) = SQL_FETCHROW($result);\r
-\r
- // Validate password by created the difference of it and the secret key\r
- $valPass = generatePassString($password);\r
-\r
- // Transfer last module and online time\r
- if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }\r
-\r
- // So did we now have valid data and an unlocked user?\r
- //* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";\r
- if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))\r
- {\r
- // Account is confirmed and all cookie data is valid so he is definely logged in! :-)\r
- $ret = true;\r
- }\r
- else\r
- {\r
- // Maybe got locked etc.\r
- //* DEBUG: */ echo __LINE__."!!!<br>";\r
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);\r
-\r
- // Remove array elements to prevent errors\r
- unset($GLOBALS['userid']);\r
- unset($_COOKIE['u_hash']);\r
- unset($_COOKIE['lifetime']);\r
- }\r
- }\r
- else\r
- {\r
- // Cookie data is invalid!\r
- //* DEBUG: */ echo __LINE__."***<br>";\r
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);\r
-\r
- // Remove array elements to prevent errors\r
- unset($GLOBALS['userid']);\r
- unset($_COOKIE['u_hash']);\r
- unset($_COOKIE['lifetime']);\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- else\r
- {\r
- // Cookie data is invalid!\r
- //* DEBUG: */ echo __LINE__."///<br>";\r
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);\r
-\r
- // Remove array elements to prevent errors\r
- unset($GLOBALS['userid']);\r
- unset($_COOKIE['u_hash']);\r
- unset($_COOKIE['lifetime']);\r
- }\r
- return $ret;\r
-}\r
-//\r
-function UPDATE_LOGIN_DATA ($UPDATE=true) {\r
- global $LAST;\r
- if (!is_array($LAST)) $LAST = array();\r
-\r
- // Are the required cookies set?\r
- if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {\r
- // Nope, then return here to caller function\r
- return false;\r
- } else {\r
- // Secure user ID\r
- $GLOBALS['userid'] = bigintval($_COOKIE['userid']);\r
- }\r
-\r
- // Extract last online time (life) and how long is auto-login valid (time)\r
- $newl = time() + bigintval($_COOKIE['lifetime']);\r
-\r
- // Recheck if logged in\r
- if (!IS_LOGGED_IN()) return false;\r
-\r
- // Load last module and last online time\r
- $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1) {\r
- // Load last module and online time\r
- list($mod, $onl) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
-\r
- // Maybe first login time?\r
- if (empty($mod)) $mod = "login";\r
-\r
- if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {\r
- // This will be displayed on welcome page! :-)\r
- if (empty($LAST['module'])) {\r
- $LAST['module'] = $mod; $LAST['online'] = $onl;\r
- }\r
- if (empty($GLOBALS['what'])) {\r
- $GLOBALS['what'] = "welcome";\r
- }\r
-\r
- // Update last module / online time\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",\r
- array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);\r
- }\r
- }\r
- else\r
- {\r
- // Destroy session, we cannot update!\r
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);\r
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);\r
- }\r
-}\r
-//\r
-function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)\r
-{\r
- global $link;\r
- $ret = false;\r
- $ADD = "";\r
- if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND locked='N'";\r
- //* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";\r
- if (($MODE != "admin") && ($UPDATE))\r
- {\r
- // Update guest or member menu\r
- $SQL = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s_menu SET counter=counter+1 WHERE action='%s' AND what='%s'".$ADD." LIMIT 1",\r
- array($MODE, $act, $wht), __FILE__, __LINE__, false);\r
- }\r
- elseif ($wht != "overview")\r
- {\r
- // Other actions\r
- $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s'".$ADD." ORDER BY action DESC LIMIT 1",\r
- array($MODE, $act), __FILE__, __LINE__, false);\r
- }\r
- else\r
- {\r
- // Admin login overview\r
- $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1",\r
- array($MODE, $act), __FILE__, __LINE__, false);\r
- }\r
-\r
- // Run SQL command\r
- $result = SQL_QUERY($SQL, __FILE__, __LINE__);\r
- if ($UPDATE)\r
- {\r
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) $ret = true;\r
- //* DEBUG: */ debug_print_backtrace();\r
- }\r
- else\r
- {\r
- if (SQL_NUMROWS($result) == 1) {\r
- list($id, $wht2) = SQL_FETCHROW($result);\r
- //* DEBUG: */ echo __LINE__."+".$SQL."+<br />\n";\r
- //* DEBUG: */ echo __LINE__."*".$id."/".$wht."/".$wht2."*<br />\n";\r
- $ret = true;\r
- }\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- //* DEBUG: */ var_dump($ret);\r
- return $ret;\r
-}\r
-//\r
-function GET_MOD_DESCR($MODE, $wht)\r
-{\r
- if (empty($wht)) $wht = "welcome";\r
- $ret = "??? (".$wht.")";\r
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", array($MODE, $wht), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- return $ret;\r
-}\r
-//\r
-function SEND_MODE_MAILS($mod, $modes)\r
-{\r
- global $_COOKIE, $_POST, $CONFIG, $DATA;\r
- // Load hash\r
- $result_main = SQL_QUERY("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",\r
- array($GLOBALS['userid']), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result_main) == 1)\r
- {\r
- // Load hash and extract salt\r
- list($hash) = SQL_FETCHROW($result_main);\r
- $salt = substr($hash, 0, -40);\r
-\r
- // Now let's compare passwords\r
- $hash = generateHash($_POST['pass1'], $salt);\r
- if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2']))\r
- {\r
- // Load user's data\r
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",\r
- array($GLOBALS['userid'], $hash), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- $DATA = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $DATA[0] = TRANSLATE_SEX($DATA[0]);\r
- switch ($mod)\r
- {\r
- case "mydata":\r
- foreach ($modes as $mode)\r
- {\r
- switch ($mode)\r
- {\r
- case "normal": break; // Do not add any special lines\r
-\r
- case "email": // Email was changed!\r
- $content = MEMBER_CHANGED_EMAIL.": ".$_POST['old_addy']."\n";\r
- break;\r
-\r
- case "pass": // Password was changed\r
- $content = MEMBER_CHANGED_PASS."\n";\r
- break;\r
-\r
- default:\r
- $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n";\r
- break;\r
- }\r
- }\r
-\r
- if (EXT_IS_ACTIVE("country"))\r
- {\r
- // Replace code with description\r
- $DATA[4] = COUNTRY_GENERATE_INFO($_POST['country_code']);\r
- }\r
-\r
- // Load template\r
- $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);\r
-\r
- if ($CONFIG['admin_notify'] == "Y")\r
- {\r
- // The admin needs to be notified about a profile change\r
- $msg_admin = "admin_mydata_notify";\r
- $sub_adm = ADMIN_CHANGED_DATA;\r
- }\r
- else\r
- {\r
- // No mail to admin\r
- $msg_admin = "";\r
- $sub_adm = "";\r
- }\r
-\r
- // Set subject lines\r
- $sub_mem = MEMBER_CHANGED_DATA;\r
-\r
- // Output success message\r
- $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";\r
- break;\r
-\r
- default:\r
- $content = "<STRONG><SPAN class=\"member_failed\">".UNKNOWN_MODULE."</SPAN></STRONG>";\r
- break;\r
- }\r
- }\r
- else\r
- {\r
- // Could not load profile data\r
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";\r
- }\r
- }\r
- else\r
- {\r
- // Passwords mismatch\r
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_PASSWORD_ERROR."</SPAN></STRONG>";\r
- }\r
- }\r
- else\r
- {\r
- // Could not load profile\r
- $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";\r
- }\r
- if ((!empty($sub_mem)) && (!empty($msg)))\r
- {\r
- // Send member mail\r
- SEND_EMAIL($DATA[7], $sub_mem, $msg);\r
- }\r
- if ((!empty($sub_adm)) && (!empty($msg_admin)))\r
- {\r
- // Send admin mail\r
- if (GET_EXT_VERSION("admins") >= "0.4.1")\r
- {\r
- SEND_ADMIN_EMAILS_PRO($sub_adm, $msg_admin, $content, $GLOBALS['userid']);\r
- }\r
- else\r
- {\r
- SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid']));\r
- }\r
- }\r
- elseif ($CONFIG['admin_notify'] == "Y")\r
- {\r
- // Cannot send mails to admin!\r
- $content = CANNOT_SEND_ADMIN_MAILS;\r
- }\r
- else\r
- {\r
- // No mail to admin\r
- $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";\r
- }\r
-\r
- // Load template\r
- LOAD_TEMPLATE("admin_settings_saved", false, $content);\r
-}\r
-// Update module counter\r
-function COUNT_MODULE($mod)\r
-{\r
- if ($mod != "css")\r
- {\r
- // Do count all other modules but not accesses on CSS file css.php!\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET clicks=clicks+1 WHERE module='%s' LIMIT 1",\r
- array($mod), __FILE__, __LINE__);\r
- }\r
-}\r
-// Get action value from mode (admin/guest/member) and what-value\r
-function GET_ACTION ($MODE, &$wht)\r
-{\r
- global $ret; $ret = "";\r
- //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br>";\r
- if ((empty($wht)) && ($MODE != "admin"))\r
- {\r
- $wht = "welcome";\r
- }\r
- if ($MODE == "admin")\r
- {\r
- // Action value for admin area\r
- if (!empty($GLOBALS['action']))\r
- {\r
- // Get it directly from URL\r
- return $GLOBALS['action'];\r
- }\r
- elseif (($wht == "overview") || (empty($GLOBALS['what'])))\r
- {\r
- // Default value for admin area\r
- $ret = "login";\r
- }\r
- }\r
- elseif (!empty($GLOBALS['action']))\r
- {\r
- // Fix welcome value\r
- if (empty($wht)) $wht = "welcome";\r
- return $GLOBALS['action'];\r
- }\r
- else\r
- {\r
- // Everything else will be touched after checking the module has a menu assigned\r
- }\r
- //* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";\r
-\r
- if (MODULE_HAS_MENU($MODE))\r
- {\r
- // Rewriting modules to menu\r
- switch ($MODE)\r
- {\r
- case "index": $MODE = "guest"; break;\r
- case "login": $MODE = "member"; break;\r
- break;\r
- }\r
-\r
- // Guest and member menu is "main" as the default\r
- if (empty($ret)) $ret = "main";\r
-\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1",\r
- array($MODE, $wht), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Load action value and pray that this one is the right you want... ;-)\r
- list($ret) = SQL_FETCHROW($result);\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
-\r
- // Return action value\r
- return $ret;\r
-}\r
-//\r
-function GET_CATEGORY ($cid)\r
-{\r
- $ret = _CATEGORY_404;\r
- $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1", array($cid), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Category found... :-)\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- return $ret;\r
-}\r
-//\r
-function GET_PAYMENT ($pid, $full=false)\r
-{\r
- $ret = _PAYMENT_404;\r
- $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($pid), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Payment type found... :-)\r
- if (!$full)\r
- {\r
- // Return only title\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- else\r
- {\r
- // Return title and price\r
- list($t, $p) = SQL_FETCHROW($result);\r
- $ret = $t." / ".TRANSLATE_COMMA($p)." ".POINTS;\r
- }\r
- }\r
- return $ret;\r
-}\r
-//\r
-function GET_PAY_POINTS($pid, $DATA="price")\r
-{\r
- $ret = "-1";\r
- $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($DATA, $pid), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Payment type found... :-)\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- return $ret;\r
-}\r
-// Remove a receiver's ID from $ARRAY and add a link for him to confirm\r
-function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false)\r
-{\r
- $ret = "failed";\r
- if ($uid > 0)\r
- {\r
- // Remove entry from array\r
- unset($ARRAY[$key]);\r
-\r
- // Is there already a line for this user available?\r
- if ($stats_id > 0)\r
- {\r
- // Only when we got a real stats ID continue searching for the entry\r
- $TYPE = "NORMAL"; $ROW = "stats_id";\r
- if ($bonus) { $TYPE = "BONUS"; $ROW = "bonus_id"; }\r
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",\r
- array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 0)\r
- {\r
- // No, so we add one!\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",\r
- array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);\r
- $ret = "done";\r
- }\r
- else\r
- {\r
- // Already found\r
- $ret = "already";\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- }\r
- // Return status for sending routine\r
- return $ret;\r
-}\r
-//\r
-function GET_TOTAL_DATA($SEARCH, $TABLE, $DATA, $WHERE="userid", $ONLY_ROWS=false)\r
-{\r
- $ret = "0";\r
- if ($ONLY_ROWS)\r
- {\r
- // Count rows\r
- $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",\r
- array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Add all rows\r
- $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",\r
- array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);\r
- }\r
- // Load row\r
- list($ret) = SQL_FETCHROW($result);\r
- //* DEBUG: */ echo __LINE__."*".$DATA."/".$SEARCH."/".$TABLE."/".$ret."*<br />\n";\r
- SQL_FREERESULT($result);\r
- if (empty($ret)) {\r
- if (($DATA == "counter") || ($DATA == "id")) {\r
- $ret = "0";\r
- } else {\r
- $ret = "0.00000";\r
- }\r
- }\r
- return $ret;\r
-}\r
-/**\r
- *\r
- * Dynamic referral system, can also send mails!\r
- *\r
- * uid = Referral ID wich should receive...\r
- * points = ... xxx points\r
- * send_notify = shall I send the referral an email or not?\r
- * refid = inc/modules/guest/what-confirm.php need this\r
- * locked = Shall I pay it to normal (false) or locked (true) points ammount?\r
- * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"\r
- * will cause no referral will get points ever!!!)\r
- */\r
-function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")\r
-{\r
- global $DEPTH, $_GET, $CONFIG, $DATA, $link;\r
-\r
- // When $uid = 0 add points to jackpot\r
- if ($uid == "0")\r
- {\r
- // Add points to jackpot\r
- ADD_JACKPOT($points);\r
- return;\r
- }\r
-\r
- // Count up referral depth\r
- if (empty($DEPTH))\r
- {\r
- // Initialialize referral system\r
- $DEPTH = "0";\r
- }\r
- else\r
- {\r
- // Increase referral level\r
- $DEPTH++;\r
- }\r
-\r
- // Which points, locked or normal?\r
- $data = "points"; if ($locked) $data = "locked_points";\r
-\r
- $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",\r
- array(bigintval($uid)), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result_user) == 1)\r
- {\r
- // This is the user and his ref\r
- list ($ref, $email) = SQL_FETCHROW($result_user);\r
- SQL_FREERESULT($result_user);\r
- $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",\r
- array(bigintval($DEPTH)), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($per) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $P = $points * $per / 100;\r
-\r
- // Update points...\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='%s' LIMIT 1",\r
- array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);\r
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)\r
- {\r
- // First ref in this level! :-)\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES ('%s', '%s', '%s')",\r
- array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);\r
- }\r
-\r
- // Update mediadata as well\r
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")\r
- {\r
- // Update database\r
- MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);\r
- }\r
-\r
- // Points updated, maybe I shall send him an email?\r
- if (($send_notify) && ($ref > 0) && (!$locked))\r
- {\r
- // 0 1 2 3\r
- $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));\r
- $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));\r
-\r
- SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);\r
- }\r
-\r
- // Maybe there's another ref?\r
- if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))\r
- {\r
- // Then let's credit him here...\r
- ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);\r
- }\r
- }\r
- }\r
-}\r
-//\r
-function UPDATE_REF_COUNTER($uid)\r
-{\r
- global $REF_LVL, $link, $CACHE;\r
- // Make it sure referral level zero (member him-/herself) is at least selected\r
- if (empty($REF_LVL)) $REF_LVL = "0";\r
-\r
- // Update counter\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",\r
- array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);\r
-\r
- // When no entry was updated then we have to create it here\r
- if (SQL_AFFECTEDROWS($link) == 0)\r
- {\r
- // First count!\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",\r
- array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);\r
- }\r
-\r
- // Check for his referral\r
- $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(bigintval($uid)), __FILE__, __LINE__);\r
- list($ref) = SQL_FETCHROW($result);\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- // When he has a referral...\r
- if (($ref > 0) && ($ref != $uid))\r
- {\r
- // Move to next referral level and count his counter one up!\r
- $REF_LVL++; UPDATE_REF_COUNTER($ref);\r
- }\r
- elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))\r
- {\r
- // Remove cache here\r
- if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();\r
- }\r
-}\r
-//\r
-function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)\r
-{\r
- global $_COOKIE, $_SERVER, $link, $_GET, $CONFIG;\r
- // Do not update online list when extension is deactivated\r
- if (!EXT_IS_ACTIVE("online", true)) return;\r
-\r
- // Initialize variables\r
- $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N";\r
- if (!empty($GLOBALS['userid']))\r
- {\r
- // Update member status only when userid is valid\r
- if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN()))\r
- {\r
- // Is valid user\r
- $uid = $GLOBALS['userid'];\r
- $MEM = "Y";\r
- }\r
- }\r
- if (IS_ADMIN())\r
- {\r
- // Is administrator\r
- $ADMIN = "Y";\r
- }\r
- if (!empty($_COOKIE['refid']))\r
- {\r
- // Check cookie\r
- if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];\r
- }\r
-\r
- // Now Read data\r
- $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online\r
-WHERE sid='%s' LIMIT 1",\r
- array($SID), __FILE__, __LINE__);\r
-\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- SQL_FREERESULT($result);\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET\r
-module='%s',\r
-action='%s',\r
-what='%s',\r
-userid=%d,\r
-refid=%d,\r
-is_member='%s',\r
-is_admin='%s',\r
-timestamp=UNIX_TIMESTAMP()\r
-WHERE sid='%s' LIMIT 1",\r
- array(\r
- $mod,\r
- $act,\r
- $wht,\r
- bigintval($uid),\r
- bigintval($rid),\r
- $MEM,\r
- $ADMIN,\r
- $SID\r
-), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // No entry does exists so we simply add it!\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",\r
- array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);\r
- }\r
-\r
- // Purge old entries\r
- $TIMEOUT = time() - $CONFIG['online_timeout'];\r
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",\r
- array($TIMEOUT), __FILE__, __LINE__);\r
-}\r
-// OBSULETE: Sends out mail to all administrators\r
-function SEND_ADMIN_EMAILS($subj, $msg)\r
-{\r
- $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__);\r
- while (list($email) = SQL_FETCHROW($result))\r
- {\r
- SEND_EMAIL($email, $subj, $msg);\r
- }\r
- // Really simple... ;-)\r
- SQL_FREERESULT($result);\r
-}\r
-// Get ID number from administrator's login name\r
-function GET_ADMIN_ID($login)\r
-{\r
- global $ADMINS;\r
- $ret = "-1";\r
- if (!empty($ADMINS['aid'][$login]))\r
- {\r
- // Check cache\r
- $ret = $ADMINS['aid'][$login];\r
- if (empty($ret)) $ret = "-1";\r
- }\r
- else\r
- {\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",\r
- array($login), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- }\r
- return $ret;\r
-}\r
-//\r
-// Get password hash from administrator's login name\r
-function GET_ADMIN_HASH($login)\r
-{\r
- global $ADMINS;\r
- $ret = "-1";\r
- if (!empty($ADMINS['password'][$login]))\r
- {\r
- // Check cache\r
- $ret = $ADMINS['password'][$login];\r
- if (empty($ret)) $ret = "-1";\r
- }\r
- else\r
- {\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",\r
- array($login), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($ret) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
- }\r
- return $ret;\r
-}\r
-//\r
-function GET_ADMIN_LOGIN($aid)\r
-{\r
- global $ADMINS;\r
- $ret = "***";\r
- if (!empty($ADMINS['login']['aid']))\r
- {\r
- // Check cache\r
- if (!empty($ADMINS['login'][$aid])) $ret = $ADMINS['login'][$aid];\r
- if (empty($ret)) $ret = "***";\r
- }\r
- else\r
- {\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",\r
- array(bigintval($aid)), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Fetch data\r
- list($ret) = SQL_FETCHROW($result);\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- return $ret;\r
-}\r
-//\r
-function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")\r
-{\r
- $ret = "";\r
- if ($table == "/ARRAY/")\r
- {\r
- // Selection from array\r
- if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name))\r
- {\r
- // Both are arrays\r
- foreach ($id as $idx=>$value)\r
- {\r
- $ret .= "<OPTION value=\"".$value."\"";\r
- if ($default == $value) $ret .= " selected checked";\r
- $ret .= ">".$name[$idx]."</OPTION>\n";\r
- }\r
- }\r
- }\r
- else\r
- {\r
- // Data from database\r
- $SPEC = ", ".$id;\r
- if (!empty($special)) $SPEC = ", ".$special;\r
- $ORDER = $name.$SPEC;\r
- if ($table == "country") $ORDER = $special;\r
- $result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM "._MYSQL_PREFIX."_%s ".$where." ORDER BY %s",\r
- array($id, $ORDER, $table, $name), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) > 0)\r
- {\r
- // Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option\r
- while (list($value, $title, $add) = SQL_FETCHROW($result))\r
- {\r
- if (empty($special)) $add = "";\r
- $ret .= "<OPTION value=\"".$value."\"";\r
- if ($default == $value) $ret .= " selected checked";\r
- if (!empty($add)) $add = " (".$add.")";\r
- $ret .= ">".$title.$add."</OPTION>\n";\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- else\r
- {\r
- // No data found\r
- $ret = "<OPTION value=\"x\">".SELECT_NONE."</OPTION>\n";\r
- }\r
- }\r
- // Return - hopefully - the requested data\r
- return $ret;\r
-}\r
-// Aiut\r
-function activateExchange() {\r
- global $CONFIG;\r
- $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) >= $CONFIG['activate_xchange'])\r
- {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- // Activate System\r
- $SQLs = array(\r
- "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",\r
- "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",\r
- "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"\r
- );\r
-\r
- // Run SQLs\r
- foreach ($SQLs as $sql)\r
- {\r
- $result = SQL_QUERY($sql, __FILE__, __LINE__);\r
- }\r
-\r
- // Destroy cache\r
- }\r
-}\r
-//\r
-function DELETE_USER_ACCOUNT($uid, $reason)\r
-{\r
- $POINTS = 0;\r
- $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points\r
-FROM "._MYSQL_PREFIX."_user_points AS p\r
-LEFT JOIN "._MYSQL_PREFIX."_user_data AS d\r
-ON p.userid=d.userid\r
-WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Save his points to add them to the jackpot\r
- list($POINTS) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
-\r
- // Delete points entries as well\r
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);\r
-\r
- // Update mediadata as well\r
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")\r
- {\r
- // Update database\r
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);\r
- }\r
-\r
- // Now, when we have all his points adds them do the jackpot!\r
- ADD_JACKPOT($POINTS);\r
- }\r
-\r
- // Delete category selections as well...\r
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",\r
- array(bigintval($uid)), __FILE__, __LINE__);\r
-\r
- // Remove from rallye if found\r
- if (EXT_IS_ACTIVE("rallye"))\r
- {\r
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",\r
- array(bigintval($uid)), __FILE__, __LINE__);\r
- }\r
-\r
- // Now a mail to the user and that's all...\r
- $msg = LOAD_EMAIL_TEMPLATE("del-user", stripslashes($reason), $uid);\r
- SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);\r
-\r
- // Ok, delete the account!\r
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);\r
-}\r
-//\r
-function META_DESCRIPTION($mod, $wht)\r
-{\r
- global $CONFIG, $DEPTH;\r
- if (($mod != "admin") && ($mod != "login"))\r
- {\r
- // Exclude admin and member's area\r
- $DESCR = MAIN_TITLE." ".trim($CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);\r
- unset($DEPTH);\r
- OUTPUT_HTML ("<META name=\"description\" content=\"".$DESCR."\">\n");\r
- }\r
-}\r
-//\r
-function ADD_JACKPOT($points)\r
-{\r
- $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 0)\r
- {\r
- // Create line\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- // Update points\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points+%s WHERE ok='ok' LIMIT 1",\r
- array($points), __FILE__, __LINE__);\r
- }\r
-}\r
-//\r
-function SUB_JACKPOT($points)\r
-{\r
- // First failed\r
- $ret = "-1";\r
-\r
- // Get current points\r
- $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 0)\r
- {\r
- // Create line\r
- $result = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '0.00000')", __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- // Read points\r
- list($jackpot) = SQL_FETCHROW($result);\r
- if ($jackpot >= $points)\r
- {\r
- // Update points when there are enougth points in jackpot\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", array($points), __FILE__, __LINE__);\r
- $ret = $jackpot - $points;\r
- }\r
- }\r
-}\r
-//\r
-function IS_DEMO()\r
-{\r
- global $_COOKIE;\r
- return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));\r
-}\r
-//\r
-function LOAD_CONFIG($no="0")\r
-{\r
- global $CFG_CACHE, $CONFIG;\r
- $CFG_DUMMY = false;\r
- // Check for cache extension, cache-array and if the requested configuration is in cache\r
- if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))\r
- {\r
- // Load config from cache\r
- $CFG_DUMMY = array();\r
- foreach ($CFG_CACHE as $element=>$cfgs)\r
- {\r
- $CFG_DUMMY[$element] = $cfgs[$no];\r
- }\r
-\r
- // Count cache hits\r
- $CONFIG['cache_hits']++;\r
- }\r
- else\r
- {\r
- // Load config from DB\r
- $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",\r
- array(bigintval($no)), __FILE__, __LINE__);\r
- $CFG_DUMMY = SQL_FETCHARRAY($result_config);\r
- SQL_FREERESULT($result_config);\r
- }\r
-\r
- // Return config array\r
- return $CFG_DUMMY;\r
-}\r
-// Gets the matching what name from module\r
-function GET_WHAT($MOD_CHECK)\r
-{\r
- $wht = "";\r
- //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";\r
- switch ($MOD_CHECK)\r
- {\r
- case "admin":\r
- $wht = "overview";\r
- break;\r
-\r
- case "login":\r
- case "index":\r
- $wht = "welcome";\r
- break;\r
-\r
- default:\r
- $wht = "";\r
- break;\r
- }\r
-\r
- // Return what value\r
- return $wht;\r
-}\r
-//\r
-function MODULE_HAS_MENU($mod)\r
-{\r
- global $EXTENSIONS, $MODULES, $CONFIG;\r
-\r
- // All is false by default\r
- $ret = false;\r
- if (GET_EXT_VERSION("cache") >= "0.1.2")\r
- {\r
- if (isset($MODULES['has_menu'][$mod]))\r
- {\r
- // Check module cache and count hit\r
- if ($MODULES['has_menu'][$mod] == "Y") $ret = true;\r
- $CONFIG['cache_hits']++;\r
- }\r
- elseif (isset($EXTENSIONS['ext_menu'][$mod]))\r
- {\r
- // Check cache and count hit\r
- if ($EXTENSIONS['ext_menu'][$mod] == "Y") $ret = true;\r
- $CONFIG['cache_hits']++;\r
- }\r
- }\r
- if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))\r
- {\r
- // Check database for entry\r
- $result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",\r
- array($mod), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- list($has_menu) = SQL_FETCHROW($result);\r
- if ($has_menu == "Y") $ret = true;\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- } elseif (GET_EXT_VERSION("sql_patches") == "") {\r
- // No sql_patches installed, so maybe in admin area?\r
- if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!\r
- }\r
-\r
- // Return status\r
- return $ret;\r
-}\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 08/26/2003 *
+ * =============== Last change: 11/29/2004 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : mysql-manager.php *
+ * -------------------------------------------------------------------- *
+ * Short description : All MySQL-related functions *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Alle MySQL-Relevanten Funktionen *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ require($INC);
+}
+
+//
+function ADD_MODULE_TITLE($mod)
+{
+ global $MODULES, $CONFIG;
+ $name = ""; $result = false;
+ // Load title
+ if (!mxchange_installing)
+ {
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))
+ {
+ // Load from cache
+ $name = $MODULES['title'][$mod];
+
+ // Update cache hits
+ $CONFIG['cache_hits']++;
+ }
+ else
+ {
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
+ list($name) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ }
+
+ // Trim name
+ $name = trim($name);
+
+ // Still no luck or empty title?
+ if (empty($name))
+ {
+ // No name found
+ $name = LANG_UNKNOWN_MODULE." (".$mod.")";
+ if (SQL_NUMROWS($result) == 0)
+ {
+ // Add module to database
+ $dummy = CHECK_MODULE($mod);
+ }
+ }
+ return $name;
+}
+//
+function CHECK_MODULE($mod)
+{
+ // We need them now here...
+ global $MODULES, $CONFIG, $CACHE;
+
+ // Filter module name (names with low chars and underlines are fine!)
+ $mod = preg_replace("/[^a-z_]/", "", $mod);
+
+ // Check for prefix is a extension...
+ $MOD_SPLIT = explode("_", $mod);
+ $extension = ""; $mod_chk = $mod;
+ //* DEBUG: */ echo __LINE__."*".count($MOD_SPLIT)."*/".$mod."*<BR>";
+ if (count($MOD_SPLIT) == 2)
+ {
+ // Okay, there is a seperator (_) in the name so is the first part a module?
+ //* DEBUG: */ echo __LINE__."*".$MOD_SPLIT[0]."*<BR>";
+ if (EXT_IS_ACTIVE($MOD_SPLIT[0]))
+ {
+ // The prefix is an extension's name, so let's set it
+ $extension = $MOD_SPLIT[0]; $mod = $MOD_SPLIT[1];
+ }
+ }
+
+ // Major error in module registry is the default
+ $ret = "major";
+
+ // Check if script is installed if not return a "done" to prevent some errors
+ if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";
+
+ // Check if cache is latest version
+ $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])))
+ {
+ // Is the module cached?
+ if (isset($MODULES['locked'][$mod_chk])) {
+ // Check cache
+ $locked = $MODULES['locked'][$mod_chk];
+ $hidden = $MODULES['hidden'][$mod_chk];
+ $admin = $MODULES['admin_only'][$mod_chk];
+ $mem = $MODULES['mem_only'][$mod_chk];
+
+ // Update cache hits
+ $CONFIG['cache_hits']++;
+ $found = true;
+ } else {
+ // No, then we have to update it!
+ $ret = "cache_miss";
+ }
+ }
+ else
+ {
+ // Check for module in database
+ $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod_chk), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Read data
+ list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $found = true;
+ }
+ }
+
+ // Check returned values against current access permissions
+ //
+ // Admin access ----- Guest access ----- --- Guest or member? ---
+ if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN()))))
+ {
+ // If you are admin you are welcome for everything!
+ $ret = "done";
+ }
+ elseif ($locked == "Y")
+ {
+ // Module is locked
+ $ret = "locked";
+ }
+ elseif (($mem == "Y") && (!IS_LOGGED_IN()))
+ {
+ // You have to login first!
+ $ret = "mem_only";
+ }
+ elseif (($admin == "Y") && (!IS_ADMIN()))
+ {
+ // Only the Admin is allowed to enter this module!
+ $ret = "admin_only";
+ }
+
+ // Still no luck or not found?
+ if (($ret == "major") || ($ret == "cache_miss") || (!$found))
+ {
+ // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---
+ if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php")))
+ {
+ // Data is missing so we add it
+ if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
+ // Since 0.3.6 we have a has_menu column, this took me a half hour
+ // to find a loop here... *sigh*
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
+(module, locked, hidden, mem_only, admin_only, has_menu) VALUES
+('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+ } else {
+ // Wrong/missing sql_patches!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
+(module, locked, hidden, mem_only, admin_only) VALUES
+('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+ }
+
+ // Everthing is fine?
+ if (SQL_AFFECTEDROWS() == 0) {
+ // Something bad happend!
+ return "major";
+ }
+
+ // Destroy cache here
+ if (GET_EXT_VERSION("cache") >= "0.1.2")
+ {
+ if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();
+ unset($MODULES);
+ }
+
+ // And reload data
+ $ret = CHECK_MODULE($mod_chk);
+ }
+ else
+ {
+ // Module not found we don't add it to the database
+ $ret = "404";
+ }
+ }
+
+ // Return the value
+ return $ret;
+}
+//
+function ADD_DESCR($ACC_LVL, $FILE, $return = false, $output = true)
+{
+ global $_GET, $DEPTH, $CONFIG;
+ $LINK_ADD = ""; $OUT = ""; $AND = "";
+ // First we have to do some analysis...
+ if (ereg("action-", $FILE))
+ {
+ // This is an action file!
+ $TYPE = "action";
+ $SEARCH = substr($FILE, 7);
+ switch ($ACC_LVL)
+ {
+ case "admin":
+ $MOD_CHECK = "admin";
+ break;
+
+ case "sponsor":
+ case "guest":
+ case "member":
+ $MOD_CHECK = $GLOBALS['module'];
+ break;
+ }
+ $AND = " AND what=''";
+ }
+ elseif (ereg("what-", $FILE))
+ {
+ // This is an admin what file!
+ $TYPE = "what";
+ $SEARCH = substr($FILE, 5);
+ $AND = "";
+ switch ($ACC_LVL)
+ {
+ case "admin":
+ $MOD_CHECK = "admin";
+ break;
+
+ case "guest":
+ case "member":
+ $MOD_CHECK = $GLOBALS['module'];
+ if (!IS_ADMIN())
+ {
+ $AND = " AND visible='Y' AND locked='N'";
+ }
+ break;
+ }
+ $DUMMY = substr($SEARCH, 0, -4);
+ $AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";
+ }
+ elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine"))
+ {
+ // Sponsor / engine menu
+ $TYPE = "what";
+ $SEARCH = $FILE;
+ $MOD_CHECK = $GLOBALS['module'];
+ $AND = "";
+ }
+ else
+ {
+ // Other
+ $TYPE = "menu";
+ $SEARCH = $FILE;
+ $MOD_CHECK = $GLOBALS['module'];
+ $AND = "";
+ }
+ if ((!isset($DEPTH)) && (!$return))
+ {
+ $DEPTH = "0";
+ $PREFIX = "<DIV class=\"you_are_here\">".YOU_ARE_HERE." <STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";
+ }
+ else
+ {
+ if (!$return) $DEPTH++;
+ $PREFIX = "";
+ }
+ $PREFIX .= " -> ";
+ if (ereg(".php", $SEARCH))
+ {
+ $SEARCH = substr($SEARCH, 0, strpos($SEARCH, ".php"));
+ }
+ $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
+ array($ACC_LVL, $TYPE, $SEARCH), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ if ($return)
+ {
+ // Return title
+ return $ret;
+ }
+ elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin")))
+ {
+ // Output HTML code
+ $OUT = $PREFIX."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&".$TYPE."=".$SEARCH.$LINK_ADD."\">".$ret."</A></STRONG>\n";
+ //* DEBUG: */ echo __LINE__."*".$TYPE."/".$GLOBALS['what']."*<br />\n";
+ if (($TYPE == "what") || (($TYPE == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
+ //* DEBUG: */ echo __LINE__."+".$TYPE."+<br />\n";
+ $OUT .= "</DIV><BR>\n";
+ }
+ }
+ }
+
+ // Return or output HTML code?
+ if ($output)
+ {
+ // Output HTML code here
+ OUTPUT_HTML($OUT);
+ }
+ else
+ {
+ // Return HTML code
+ return $OUT;
+ }
+}
+//
+function ADD_MENU($MODE, $act, $wht)
+{
+ global $CONFIG;
+ if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
+ $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
+ if (!IS_ADMIN())
+ {
+ $AND = "AND visible='Y' AND locked='N'";
+ }
+ // Load SQL data and add the menu to the output stream...
+ $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
+ array($MODE), __FILE__, __LINE__);
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ if (SQL_NUMROWS($result_main) > 0)
+ {
+ OUTPUT_HTML ("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
+ // There are menus available, so we simply display them... :)
+ while (list($main_title, $main_action) = SQL_FETCHROW($result_main))
+ {
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ // Load menu header template
+ $BLOCK_MODE = false; $act = $main_action;
+ LOAD_TEMPLATE($MODE."_menu_title", false, $main_title);
+
+ $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
+ array($MODE, $main_action), __FILE__, __LINE__);
+ $ctl = SQL_NUMROWS($result_sub);
+ if ($ctl > 0)
+ {
+ $cnt=0;
+ while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))
+ {
+ $content = "";
+
+ // Full file name for checking menu
+ //* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";
+ $test_inc = sprintf("%sinc/modules/%s/what-%s.php", PATH, $MODE, $sub_what);
+ $test = (file_exists($test_inc) && is_readable($test_inc));
+ if ($test)
+ {
+ if ((!empty($wht)) && (($wht == $sub_what)))
+ {
+ $content = "<STRONG>";
+ }
+
+ // Navigation link
+ $content .= "<A name=\"menu\" class=\"menu_blur\" href=\"".URL."/modules.php?module=".$GLOBALS['module']."&what=".$sub_what.ADD_URL_DATA("")."\"";
+
+ if (frameset_active)
+ {
+ // We need to add a JavaScript here to reload both frames!
+ }
+ else
+ {
+ // Add the default target _self
+ $content .= " target=\"_self\"";
+ }
+ $content .= ">";
+ }
+ else
+ {
+ $content .= "<I>";
+ }
+
+ // Menu title
+ $content .= $CONFIG['middot'].$sub_title;
+
+ if ($test)
+ {
+ $content .= "</A>";
+ }
+ else
+ {
+ $content .= "</I>";
+ }
+
+ if ((!empty($wht)) && (($wht == $sub_what)))
+ {
+ $content .= "</STRONG>";
+ }
+ $wht = $sub_what; $cnt++;
+ if ($cnt < $ctl)
+ {
+ LOAD_TEMPLATE($MODE."_menu_row", false, $content);
+ }
+ else
+ {
+ LOAD_TEMPLATE($MODE."_menu_bottom", false, $content);
+ }
+ }
+ }
+ else
+ {
+ // This is a menu block... ;-)
+ $BLOCK_MODE = true;
+ $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action);
+ if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK)))
+ {
+ // Load include file
+ if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML ("<TR>
+ <TD class=\"".$MODE."_menu_whats\">");
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ include ($INC_BLOCK);
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML (" </TD>
+</TR>");
+ }
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ }
+ $main_cnt++;
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ if (SQL_NUMROWS($result_main) > $main_cnt) OUTPUT_HTML ("<TR><TD class=\"".$MODE."_menu_seperator\"></TD></TR>");
+ }
+
+ // Free memory
+ SQL_FREERESULT($result_main);
+
+ // Close table
+ //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
+ OUTPUT_HTML ("</TABLE>");
+ }
+}
+// This patched function will reduce many SELECT queries for the specified or current admin login
+function IS_ADMIN($admin="")
+{
+ global $_COOKIE, $ADMINS, $CONFIG;
+ $ret = false; $passCookie = ""; $valPass = "";
+ //* DEBUG: */ echo __LINE__."ADMIN:".$admin."<BR>";
+
+ // If admin login is not given take current from cookies...
+ if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))
+ {
+ $admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];
+ }
+ //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<BR>";
+
+ // Search in array for entry
+ if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))
+ {
+ // Count cache hits
+ $CONFIG['cache_hits']++;
+
+ // Login data is valid or not?
+ $valPass = generatePassString($ADMINS['password'][$admin]);
+ }
+ elseif (!empty($admin))
+ {
+ // Search for admin
+ $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
+ array($admin), __FILE__, __LINE__);
+
+ // Is he admin?
+ $passDB = "";
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Admin login was found so let's load password from DB
+ list($passDB) = SQL_FETCHROW($result);
+ $valPass = generatePassString($passDB);
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+
+ if (!empty($valPass))
+ {
+ // Check if password is valid
+ //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";
+ $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
+ }
+
+ // Return result of comparision
+ //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br>";
+ return $ret;
+}
+//
+function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false)
+{
+ global $_POST;
+ $OUT = "";
+ switch ($MODE)
+ {
+ case "guest":
+ // Guests (in the registration form) are not allowed to select 0 mails per day.
+ $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE value > 0 ORDER BY value", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0)
+ {
+ $OUT = "";
+ while (list($value, $comment) = SQL_FETCHROW($result))
+ {
+ $OUT .= " <OPTION value=\"".$value."\"";
+ if ($_POST['max_mails'] == $value) $OUT .= " selected=\"selected\"";
+ $OUT .= ">".$value." ".PER_DAY;
+ if (!empty($comment)) $OUT .= " (".$comment.")";
+ $OUT .= "</OPTION>\n";
+ }
+ define('__MAX_RECEIVE_OPTIONS', $OUT);
+
+ // Free memory
+ SQL_FREERESULT($result);
+ $OUT = LOAD_TEMPLATE("guest_receive_table", true);
+ }
+ else
+ {
+ // Maybe the admin has to setup some maximum values?
+ }
+ break;
+
+ case "member":
+ // Members are allowed to set to zero mails per day (we will change this soon!)
+ $result = SQL_QUERY("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive ORDER BY value", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0)
+ {
+ $OUT = "";
+ while (list($value, $comment) = SQL_FETCHROW($result))
+ {
+ $OUT .= " <OPTION value=\"".$value."\"";
+ if ($default == $value) $OUT .= " selected=\"selected\"";
+ $OUT .= ">".$value." ".PER_DAY;
+ if (!empty($comment)) $OUT .= " (".$comment.")";
+ $OUT .= "</OPTION>\n";
+ }
+ define('__MAX_RECEIVE_OPTIONS', $OUT);
+ SQL_FREERESULT($result);
+ $OUT = LOAD_TEMPLATE("member_receive_table", true);
+ }
+ else
+ {
+ // Maybe the admin has to setup some maximum values?
+ $OUT = LOAD_TEMPLATE("admin_settings_saved", true, NO_MAX_VALUES);
+ }
+ break;
+ }
+ if ($return)
+ {
+ // Return generated HTML code
+ return $OUT;
+ }
+ else
+ {
+ // Output directly (default)
+ OUTPUT_HTML ($OUT);
+ }
+}
+//
+function SEARCH_EMAIL_USERTAB($email)
+{
+ $ret = false;
+ $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) $ret = true;
+ SQL_FREERESULT($result);
+ return $ret;
+}
+//
+function WHAT_IS_VALID($act, $wht, $TYPE="guest")
+{
+ if (IS_ADMIN())
+ {
+ // Everything is valid to the admin :-)
+ return true;
+ }
+ else
+ {
+ $ret = false;
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what='%s' AND locked='N' LIMIT 1", array($TYPE, $act, $wht), __FILE__, __LINE__);
+ // Is "what" valid?
+ if (SQL_NUMROWS($result) == 1) $ret = true;
+ SQL_FREERESULT($result);
+ return $ret;
+ }
+}
+//
+function IS_LOGGED_IN()
+{
+ global $_COOKIE, $status, $LAST;
+ if (!is_array($LAST)) $LAST = array();
+ $ret = false;
+
+ // Fix "deleted" cookies first
+ FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
+
+ // Are cookies set?
+ if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))
+ {
+ // Cookies are set with values, but are they valid?
+ $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Load data from cookies
+ list($password, $status, $mod, $onl) = SQL_FETCHROW($result);
+
+ // Validate password by created the difference of it and the secret key
+ $valPass = generatePassString($password);
+
+ // Transfer last module and online time
+ if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
+
+ // So did we now have valid data and an unlocked user?
+ //* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";
+ if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))
+ {
+ // Account is confirmed and all cookie data is valid so he is definely logged in! :-)
+ $ret = true;
+ }
+ else
+ {
+ // Maybe got locked etc.
+ //* DEBUG: */ echo __LINE__."!!!<br>";
+ @setcookie("userid", "", time() - 3600, COOKIE_PATH);
+ @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
+ @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+
+ // Remove array elements to prevent errors
+ unset($GLOBALS['userid']);
+ unset($_COOKIE['u_hash']);
+ unset($_COOKIE['lifetime']);
+ }
+ }
+ else
+ {
+ // Cookie data is invalid!
+ //* DEBUG: */ echo __LINE__."***<br>";
+ @setcookie("userid", "", time() - 3600, COOKIE_PATH);
+ @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
+ @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+
+ // Remove array elements to prevent errors
+ unset($GLOBALS['userid']);
+ unset($_COOKIE['u_hash']);
+ unset($_COOKIE['lifetime']);
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ else
+ {
+ // Cookie data is invalid!
+ //* DEBUG: */ echo __LINE__."///<br>";
+ @setcookie("userid", "", time() - 3600, COOKIE_PATH);
+ @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
+ @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+
+ // Remove array elements to prevent errors
+ unset($GLOBALS['userid']);
+ unset($_COOKIE['u_hash']);
+ unset($_COOKIE['lifetime']);
+ }
+ return $ret;
+}
+//
+function UPDATE_LOGIN_DATA ($UPDATE=true) {
+ global $LAST;
+ if (!is_array($LAST)) $LAST = array();
+
+ // Are the required cookies set?
+ if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {
+ // Nope, then return here to caller function
+ return false;
+ } else {
+ // Secure user ID
+ $GLOBALS['userid'] = bigintval($_COOKIE['userid']);
+ }
+
+ // Extract last online time (life) and how long is auto-login valid (time)
+ $newl = time() + bigintval($_COOKIE['lifetime']);
+
+ // Recheck if logged in
+ if (!IS_LOGGED_IN()) return false;
+
+ // Load last module and last online time
+ $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Load last module and online time
+ list($mod, $onl) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Maybe first login time?
+ if (empty($mod)) $mod = "login";
+
+ if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {
+ // This will be displayed on welcome page! :-)
+ if (empty($LAST['module'])) {
+ $LAST['module'] = $mod; $LAST['online'] = $onl;
+ }
+ if (empty($GLOBALS['what'])) {
+ $GLOBALS['what'] = "welcome";
+ }
+
+ // Update last module / online time
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
+ array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
+ }
+ }
+ else
+ {
+ // Destroy session, we cannot update!
+ @setcookie("userid", "", time() - 3600, COOKIE_PATH);
+ @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
+ @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+ }
+}
+//
+function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
+{
+ global $link;
+ $ret = false;
+ $ADD = "";
+ if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND locked='N'";
+ //* DEBUG: */ echo __LINE__.":".$MODE."/".$act."/".$wht."*<br />\n";
+ if (($MODE != "admin") && ($UPDATE))
+ {
+ // Update guest or member menu
+ $SQL = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s_menu SET counter=counter+1 WHERE action='%s' AND what='%s'".$ADD." LIMIT 1",
+ array($MODE, $act, $wht), __FILE__, __LINE__, false);
+ }
+ elseif ($wht != "overview")
+ {
+ // Other actions
+ $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s'".$ADD." ORDER BY action DESC LIMIT 1",
+ array($MODE, $act), __FILE__, __LINE__, false);
+ }
+ else
+ {
+ // Admin login overview
+ $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1",
+ array($MODE, $act), __FILE__, __LINE__, false);
+ }
+
+ // Run SQL command
+ $result = SQL_QUERY($SQL, __FILE__, __LINE__);
+ if ($UPDATE)
+ {
+ if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) $ret = true;
+ //* DEBUG: */ debug_print_backtrace();
+ }
+ else
+ {
+ if (SQL_NUMROWS($result) == 1) {
+ list($id, $wht2) = SQL_FETCHROW($result);
+ //* DEBUG: */ echo __LINE__."+".$SQL."+<br />\n";
+ //* DEBUG: */ echo __LINE__."*".$id."/".$wht."/".$wht2."*<br />\n";
+ $ret = true;
+ }
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ //* DEBUG: */ var_dump($ret);
+ return $ret;
+}
+//
+function GET_MOD_DESCR($MODE, $wht)
+{
+ if (empty($wht)) $wht = "welcome";
+ $ret = "??? (".$wht.")";
+ $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", array($MODE, $wht), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ return $ret;
+}
+//
+function SEND_MODE_MAILS($mod, $modes)
+{
+ global $_COOKIE, $_POST, $CONFIG, $DATA;
+ // Load hash
+ $result_main = SQL_QUERY("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result_main) == 1)
+ {
+ // Load hash and extract salt
+ list($hash) = SQL_FETCHROW($result_main);
+ $salt = substr($hash, 0, -40);
+
+ // Now let's compare passwords
+ $hash = generateHash($_POST['pass1'], $salt);
+ if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2']))
+ {
+ // Load user's data
+ $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
+ array($GLOBALS['userid'], $hash), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $DATA[0] = TRANSLATE_SEX($DATA[0]);
+ switch ($mod)
+ {
+ case "mydata":
+ foreach ($modes as $mode)
+ {
+ switch ($mode)
+ {
+ case "normal": break; // Do not add any special lines
+
+ case "email": // Email was changed!
+ $content = MEMBER_CHANGED_EMAIL.": ".$_POST['old_addy']."\n";
+ break;
+
+ case "pass": // Password was changed
+ $content = MEMBER_CHANGED_PASS."\n";
+ break;
+
+ default:
+ $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n";
+ break;
+ }
+ }
+
+ if (EXT_IS_ACTIVE("country"))
+ {
+ // Replace code with description
+ $DATA[4] = COUNTRY_GENERATE_INFO($_POST['country_code']);
+ }
+
+ // Load template
+ $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);
+
+ if ($CONFIG['admin_notify'] == "Y")
+ {
+ // The admin needs to be notified about a profile change
+ $msg_admin = "admin_mydata_notify";
+ $sub_adm = ADMIN_CHANGED_DATA;
+ }
+ else
+ {
+ // No mail to admin
+ $msg_admin = "";
+ $sub_adm = "";
+ }
+
+ // Set subject lines
+ $sub_mem = MEMBER_CHANGED_DATA;
+
+ // Output success message
+ $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
+ break;
+
+ default:
+ $content = "<STRONG><SPAN class=\"member_failed\">".UNKNOWN_MODULE."</SPAN></STRONG>";
+ break;
+ }
+ }
+ else
+ {
+ // Could not load profile data
+ $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
+ }
+ }
+ else
+ {
+ // Passwords mismatch
+ $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_PASSWORD_ERROR."</SPAN></STRONG>";
+ }
+ }
+ else
+ {
+ // Could not load profile
+ $content = "<STRONG><SPAN class=\"member_failed\">".MEMBER_CANNOT_LOAD_PROFILE."</SPAN></STRONG>";
+ }
+ if ((!empty($sub_mem)) && (!empty($msg)))
+ {
+ // Send member mail
+ SEND_EMAIL($DATA[7], $sub_mem, $msg);
+ }
+ if ((!empty($sub_adm)) && (!empty($msg_admin)))
+ {
+ // Send admin mail
+ if (GET_EXT_VERSION("admins") >= "0.4.1")
+ {
+ SEND_ADMIN_EMAILS_PRO($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
+ }
+ else
+ {
+ SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid']));
+ }
+ }
+ elseif ($CONFIG['admin_notify'] == "Y")
+ {
+ // Cannot send mails to admin!
+ $content = CANNOT_SEND_ADMIN_MAILS;
+ }
+ else
+ {
+ // No mail to admin
+ $content = "<STRONG><SPAN class=\"member_done\">".MYDATA_MAIL_SENT."</SPAN></STRONG>";
+ }
+
+ // Load template
+ LOAD_TEMPLATE("admin_settings_saved", false, $content);
+}
+// Update module counter
+function COUNT_MODULE($mod)
+{
+ if ($mod != "css")
+ {
+ // Do count all other modules but not accesses on CSS file css.php!
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET clicks=clicks+1 WHERE module='%s' LIMIT 1",
+ array($mod), __FILE__, __LINE__);
+ }
+}
+// Get action value from mode (admin/guest/member) and what-value
+function GET_ACTION ($MODE, &$wht)
+{
+ global $ret; $ret = "";
+ //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br>";
+ if ((empty($wht)) && ($MODE != "admin"))
+ {
+ $wht = "welcome";
+ }
+ if ($MODE == "admin")
+ {
+ // Action value for admin area
+ if (!empty($GLOBALS['action']))
+ {
+ // Get it directly from URL
+ return $GLOBALS['action'];
+ }
+ elseif (($wht == "overview") || (empty($GLOBALS['what'])))
+ {
+ // Default value for admin area
+ $ret = "login";
+ }
+ }
+ elseif (!empty($GLOBALS['action']))
+ {
+ // Fix welcome value
+ if (empty($wht)) $wht = "welcome";
+ return $GLOBALS['action'];
+ }
+ else
+ {
+ // Everything else will be touched after checking the module has a menu assigned
+ }
+ //* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";
+
+ if (MODULE_HAS_MENU($MODE))
+ {
+ // Rewriting modules to menu
+ switch ($MODE)
+ {
+ case "index": $MODE = "guest"; break;
+ case "login": $MODE = "member"; break;
+ break;
+ }
+
+ // Guest and member menu is "main" as the default
+ if (empty($ret)) $ret = "main";
+
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1",
+ array($MODE, $wht), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Load action value and pray that this one is the right you want... ;-)
+ list($ret) = SQL_FETCHROW($result);
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+
+ // Return action value
+ return $ret;
+}
+//
+function GET_CATEGORY ($cid)
+{
+ $ret = _CATEGORY_404;
+ $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1", array($cid), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Category found... :-)
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ return $ret;
+}
+//
+function GET_PAYMENT ($pid, $full=false)
+{
+ $ret = _PAYMENT_404;
+ $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($pid), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Payment type found... :-)
+ if (!$full)
+ {
+ // Return only title
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ else
+ {
+ // Return title and price
+ list($t, $p) = SQL_FETCHROW($result);
+ $ret = $t." / ".TRANSLATE_COMMA($p)." ".POINTS;
+ }
+ }
+ return $ret;
+}
+//
+function GET_PAY_POINTS($pid, $DATA="price")
+{
+ $ret = "-1";
+ $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($DATA, $pid), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Payment type found... :-)
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ return $ret;
+}
+// Remove a receiver's ID from $ARRAY and add a link for him to confirm
+function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false)
+{
+ $ret = "failed";
+ if ($uid > 0)
+ {
+ // Remove entry from array
+ unset($ARRAY[$key]);
+
+ // Is there already a line for this user available?
+ if ($stats_id > 0)
+ {
+ // Only when we got a real stats ID continue searching for the entry
+ $TYPE = "NORMAL"; $ROW = "stats_id";
+ if ($bonus) { $TYPE = "BONUS"; $ROW = "bonus_id"; }
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",
+ array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0)
+ {
+ // No, so we add one!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
+ array($ROW, $stats_id, bigintval($uid), $TYPE), __FILE__, __LINE__);
+ $ret = "done";
+ }
+ else
+ {
+ // Already found
+ $ret = "already";
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ }
+ // Return status for sending routine
+ return $ret;
+}
+//
+function GET_TOTAL_DATA($SEARCH, $TABLE, $DATA, $WHERE="userid", $ONLY_ROWS=false)
+{
+ $ret = "0";
+ if ($ONLY_ROWS)
+ {
+ // Count rows
+ $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
+ array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Add all rows
+ $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
+ array($DATA, $TABLE, $WHERE, $SEARCH), __FILE__, __LINE__);
+ }
+ // Load row
+ list($ret) = SQL_FETCHROW($result);
+ //* DEBUG: */ echo __LINE__."*".$DATA."/".$SEARCH."/".$TABLE."/".$ret."*<br />\n";
+ SQL_FREERESULT($result);
+ if (empty($ret)) {
+ if (($DATA == "counter") || ($DATA == "id")) {
+ $ret = "0";
+ } else {
+ $ret = "0.00000";
+ }
+ }
+ return $ret;
+}
+/**
+ *
+ * Dynamic referral system, can also send mails!
+ *
+ * uid = Referral ID wich should receive...
+ * points = ... xxx points
+ * send_notify = shall I send the referral an email or not?
+ * refid = inc/modules/guest/what-confirm.php need this
+ * locked = Shall I pay it to normal (false) or locked (true) points ammount?
+ * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
+ * will cause no referral will get points ever!!!)
+ */
+function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
+{
+ global $DEPTH, $_GET, $CONFIG, $DATA, $link;
+
+ // When $uid = 0 add points to jackpot
+ if ($uid == "0")
+ {
+ // Add points to jackpot
+ ADD_JACKPOT($points);
+ return;
+ }
+
+ // Count up referral depth
+ if (empty($DEPTH))
+ {
+ // Initialialize referral system
+ $DEPTH = "0";
+ }
+ else
+ {
+ // Increase referral level
+ $DEPTH++;
+ }
+
+ // Which points, locked or normal?
+ $data = "points"; if ($locked) $data = "locked_points";
+
+ $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ array(bigintval($uid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result_user) == 1)
+ {
+ // This is the user and his ref
+ list ($ref, $email) = SQL_FETCHROW($result_user);
+ SQL_FREERESULT($result_user);
+ $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
+ array(bigintval($DEPTH)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($per) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $P = $points * $per / 100;
+
+ // Update points...
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='%s' LIMIT 1",
+ array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
+ if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
+ {
+ // First ref in this level! :-)
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES ('%s', '%s', '%s')",
+ array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
+ }
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4")
+ {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);
+ }
+
+ // Points updated, maybe I shall send him an email?
+ if (($send_notify) && ($ref > 0) && (!$locked))
+ {
+ // 0 1 2 3
+ $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));
+ $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
+
+ SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
+ }
+
+ // Maybe there's another ref?
+ if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))
+ {
+ // Then let's credit him here...
+ ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
+ }
+ }
+ }
+}
+//
+function UPDATE_REF_COUNTER($uid)
+{
+ global $REF_LVL, $link, $CACHE;
+ // Make it sure referral level zero (member him-/herself) is at least selected
+ if (empty($REF_LVL)) $REF_LVL = "0";
+
+ // Update counter
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",
+ array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
+
+ // When no entry was updated then we have to create it here
+ if (SQL_AFFECTEDROWS($link) == 0)
+ {
+ // First count!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
+ array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
+ }
+
+ // Check for his referral
+ $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(bigintval($uid)), __FILE__, __LINE__);
+ list($ref) = SQL_FETCHROW($result);
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // When he has a referral...
+ if (($ref > 0) && ($ref != $uid))
+ {
+ // Move to next referral level and count his counter one up!
+ $REF_LVL++; UPDATE_REF_COUNTER($ref);
+ }
+ elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
+ {
+ // Remove cache here
+ if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();
+ }
+}
+//
+function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
+{
+ global $_COOKIE, $_SERVER, $link, $_GET, $CONFIG;
+ // Do not update online list when extension is deactivated
+ if (!EXT_IS_ACTIVE("online", true)) return;
+
+ // Initialize variables
+ $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N";
+ if (!empty($GLOBALS['userid']))
+ {
+ // Update member status only when userid is valid
+ if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN()))
+ {
+ // Is valid user
+ $uid = $GLOBALS['userid'];
+ $MEM = "Y";
+ }
+ }
+ if (IS_ADMIN())
+ {
+ // Is administrator
+ $ADMIN = "Y";
+ }
+ if (!empty($_COOKIE['refid']))
+ {
+ // Check cookie
+ if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];
+ }
+
+ // Now Read data
+ $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online
+WHERE sid='%s' LIMIT 1",
+ array($SID), __FILE__, __LINE__);
+
+ if (SQL_NUMROWS($result) == 1)
+ {
+ SQL_FREERESULT($result);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
+module='%s',
+action='%s',
+what='%s',
+userid=%d,
+refid=%d,
+is_member='%s',
+is_admin='%s',
+timestamp=UNIX_TIMESTAMP()
+WHERE sid='%s' LIMIT 1",
+ array(
+ $mod,
+ $act,
+ $wht,
+ bigintval($uid),
+ bigintval($rid),
+ $MEM,
+ $ADMIN,
+ $SID
+), __FILE__, __LINE__);
+ }
+ else
+ {
+ // No entry does exists so we simply add it!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
+ array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
+ }
+
+ // Purge old entries
+ $TIMEOUT = time() - $CONFIG['online_timeout'];
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",
+ array($TIMEOUT), __FILE__, __LINE__);
+}
+// OBSULETE: Sends out mail to all administrators
+function SEND_ADMIN_EMAILS($subj, $msg)
+{
+ $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__);
+ while (list($email) = SQL_FETCHROW($result))
+ {
+ SEND_EMAIL($email, $subj, $msg);
+ }
+ // Really simple... ;-)
+ SQL_FREERESULT($result);
+}
+// Get ID number from administrator's login name
+function GET_ADMIN_ID($login)
+{
+ global $ADMINS;
+ $ret = "-1";
+ if (!empty($ADMINS['aid'][$login]))
+ {
+ // Check cache
+ $ret = $ADMINS['aid'][$login];
+ if (empty($ret)) $ret = "-1";
+ }
+ else
+ {
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
+ array($login), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ }
+ return $ret;
+}
+//
+// Get password hash from administrator's login name
+function GET_ADMIN_HASH($login)
+{
+ global $ADMINS;
+ $ret = "-1";
+ if (!empty($ADMINS['password'][$login]))
+ {
+ // Check cache
+ $ret = $ADMINS['password'][$login];
+ if (empty($ret)) $ret = "-1";
+ }
+ else
+ {
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
+ array($login), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($ret) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+ }
+ return $ret;
+}
+//
+function GET_ADMIN_LOGIN($aid)
+{
+ global $ADMINS;
+ $ret = "***";
+ if (!empty($ADMINS['login']['aid']))
+ {
+ // Check cache
+ if (!empty($ADMINS['login'][$aid])) $ret = $ADMINS['login'][$aid];
+ if (empty($ret)) $ret = "***";
+ }
+ else
+ {
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
+ array(bigintval($aid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Fetch data
+ list($ret) = SQL_FETCHROW($result);
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ return $ret;
+}
+//
+function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
+{
+ $ret = "";
+ if ($table == "/ARRAY/")
+ {
+ // Selection from array
+ if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name))
+ {
+ // Both are arrays
+ foreach ($id as $idx=>$value)
+ {
+ $ret .= "<OPTION value=\"".$value."\"";
+ if ($default == $value) $ret .= " selected checked";
+ $ret .= ">".$name[$idx]."</OPTION>\n";
+ }
+ }
+ }
+ else
+ {
+ // Data from database
+ $SPEC = ", ".$id;
+ if (!empty($special)) $SPEC = ", ".$special;
+ $ORDER = $name.$SPEC;
+ if ($table == "country") $ORDER = $special;
+ $result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM "._MYSQL_PREFIX."_%s ".$where." ORDER BY %s",
+ array($id, $ORDER, $table, $name), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0)
+ {
+ // Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option
+ while (list($value, $title, $add) = SQL_FETCHROW($result))
+ {
+ if (empty($special)) $add = "";
+ $ret .= "<OPTION value=\"".$value."\"";
+ if ($default == $value) $ret .= " selected checked";
+ if (!empty($add)) $add = " (".$add.")";
+ $ret .= ">".$title.$add."</OPTION>\n";
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ else
+ {
+ // No data found
+ $ret = "<OPTION value=\"x\">".SELECT_NONE."</OPTION>\n";
+ }
+ }
+ // Return - hopefully - the requested data
+ return $ret;
+}
+// Aiut
+function activateExchange() {
+ global $CONFIG;
+ $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) >= $CONFIG['activate_xchange'])
+ {
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Activate System
+ $SQLs = array(
+ "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
+ "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
+ "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"
+ );
+
+ // Run SQLs
+ foreach ($SQLs as $sql)
+ {
+ $result = SQL_QUERY($sql, __FILE__, __LINE__);
+ }
+
+ // Destroy cache
+ }
+}
+//
+function DELETE_USER_ACCOUNT($uid, $reason)
+{
+ $POINTS = 0;
+ $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points
+FROM "._MYSQL_PREFIX."_user_points AS p
+LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
+ON p.userid=d.userid
+WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Save his points to add them to the jackpot
+ list($POINTS) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Delete points entries as well
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4")
+ {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
+ }
+
+ // Now, when we have all his points adds them do the jackpot!
+ ADD_JACKPOT($POINTS);
+ }
+
+ // Delete category selections as well...
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",
+ array(bigintval($uid)), __FILE__, __LINE__);
+
+ // Remove from rallye if found
+ if (EXT_IS_ACTIVE("rallye"))
+ {
+ $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",
+ array(bigintval($uid)), __FILE__, __LINE__);
+ }
+
+ // Now a mail to the user and that's all...
+ $msg = LOAD_EMAIL_TEMPLATE("del-user", stripslashes($reason), $uid);
+ SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
+
+ // Ok, delete the account!
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
+}
+//
+function META_DESCRIPTION($mod, $wht)
+{
+ global $CONFIG, $DEPTH;
+ if (($mod != "admin") && ($mod != "login"))
+ {
+ // Exclude admin and member's area
+ $DESCR = MAIN_TITLE." ".trim($CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);
+ unset($DEPTH);
+ OUTPUT_HTML ("<META name=\"description\" content=\"".$DESCR."\">\n");
+ }
+}
+//
+function ADD_JACKPOT($points)
+{
+ $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0)
+ {
+ // Create line
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Update points
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points+%s WHERE ok='ok' LIMIT 1",
+ array($points), __FILE__, __LINE__);
+ }
+}
+//
+function SUB_JACKPOT($points)
+{
+ // First failed
+ $ret = "-1";
+
+ // Get current points
+ $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0)
+ {
+ // Create line
+ $result = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '0.00000')", __FILE__, __LINE__);
+ }
+ else
+ {
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Read points
+ list($jackpot) = SQL_FETCHROW($result);
+ if ($jackpot >= $points)
+ {
+ // Update points when there are enougth points in jackpot
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", array($points), __FILE__, __LINE__);
+ $ret = $jackpot - $points;
+ }
+ }
+}
+//
+function IS_DEMO()
+{
+ global $_COOKIE;
+ return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));
+}
+//
+function LOAD_CONFIG($no="0")
+{
+ global $CFG_CACHE, $CONFIG;
+ $CFG_DUMMY = false;
+ // Check for cache extension, cache-array and if the requested configuration is in cache
+ if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))
+ {
+ // Load config from cache
+ $CFG_DUMMY = array();
+ foreach ($CFG_CACHE as $element=>$cfgs)
+ {
+ $CFG_DUMMY[$element] = $cfgs[$no];
+ }
+
+ // Count cache hits
+ $CONFIG['cache_hits']++;
+ }
+ else
+ {
+ // Load config from DB
+ $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",
+ array(bigintval($no)), __FILE__, __LINE__);
+ $CFG_DUMMY = SQL_FETCHARRAY($result_config);
+ SQL_FREERESULT($result_config);
+ }
+
+ // Return config array
+ return $CFG_DUMMY;
+}
+// Gets the matching what name from module
+function GET_WHAT($MOD_CHECK)
+{
+ $wht = "";
+ //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
+ switch ($MOD_CHECK)
+ {
+ case "admin":
+ $wht = "overview";
+ break;
+
+ case "login":
+ case "index":
+ $wht = "welcome";
+ break;
+
+ default:
+ $wht = "";
+ break;
+ }
+
+ // Return what value
+ return $wht;
+}
+//
+function MODULE_HAS_MENU($mod)
+{
+ global $EXTENSIONS, $MODULES, $CONFIG;
+
+ // All is false by default
+ $ret = false;
+ if (GET_EXT_VERSION("cache") >= "0.1.2")
+ {
+ if (isset($MODULES['has_menu'][$mod]))
+ {
+ // Check module cache and count hit
+ if ($MODULES['has_menu'][$mod] == "Y") $ret = true;
+ $CONFIG['cache_hits']++;
+ }
+ elseif (isset($EXTENSIONS['ext_menu'][$mod]))
+ {
+ // Check cache and count hit
+ if ($EXTENSIONS['ext_menu'][$mod] == "Y") $ret = true;
+ $CONFIG['cache_hits']++;
+ }
+ }
+ if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))
+ {
+ // Check database for entry
+ $result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",
+ array($mod), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ list($has_menu) = SQL_FETCHROW($result);
+ if ($has_menu == "Y") $ret = true;
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ } elseif (GET_EXT_VERSION("sql_patches") == "") {
+ // No sql_patches installed, so maybe in admin area?
+ if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!
+ }
+
+ // Return status
+ return $ret;
+}
+//
+?>