$SAVE = false;
} else {
// Do we want to add a new sponsor or update his data?
- $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1",
array($POST['email']), __FILE__, __LINE__);
// Is a sponsor alread in the db?
// Update?
if ($UPDATE) {
// Update his data
- $SQL = "UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET ";
+ $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET ";
foreach ($DATA['keys'] as $k => $v) {
$SQL .= $v."='%s', ";
}
$VALUES = str_repeat("%s', '", count($DATA['values']) - 1);
// Generate string
- $SQL = "INSERT INTO `{!MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')";
+ $SQL = "INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')";
// Generate message
$MSG = SPONSOR_GET_MESSAGE(ADMIN_SPONSOR_ADDED, "added", $MSGs);
$ret = false;
if ((isSessionVariableSet('sponsorid'))) && (isSessionVariableSet('sponsorpass')))) {
// Check cookies against database records...
- $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_sponsor_data`
-WHERE id='%s' AND password='%s' AND status='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_sponsor_data`
+WHERE id='%s' AND password='%s' AND `status`='CONFIRMED' LIMIT 1",
array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// All is fine
if (IS_ADMIN()) $WHERE = "";
// Load main menu entries
- $result_main = SQL_QUERY("SELECT action, title FROM `{!MYSQL_PREFIX!}_sponsor_menu`
-WHERE (what='' OR what IS NULL) ".$WHERE."
-ORDER BY sort", __FILE__, __LINE__);
+ $result_main = SQL_QUERY("SELECT action, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+WHERE (what='' OR `what` IS NULL) ".$WHERE."
+ORDER BY `sort`", __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) > 0)
{
// Load every menu and it's sub menus
- while(list($action, $title_main) = SQL_FETCHROW($result_main))
+ while (list($action, $title_main) = SQL_FETCHROW($result_main))
{
// Load sub menus
- $result_sub = SQL_QUERY_ESC("SELECT what, title FROM `{!MYSQL_PREFIX!}_sponsor_menu`
-WHERE action='%s' AND what != '' AND what IS NOT NULL ".$WHERE."
-ORDER BY sort", array($action), __FILE__, __LINE__);
+ $result_sub = SQL_QUERY_ESC("SELECT what, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+WHERE action='%s' AND `what` != '' AND `what` IS NOT NULL ".$WHERE."
+ORDER BY `sort`", array($action), __FILE__, __LINE__);
if (SQL_NUMROWS($result_sub) > 0)
{
// Load sub menus
$SUB = "";
- while(list($what, $title_sub) = SQL_FETCHROW($result_sub))
+ while (list($what, $title_sub) = SQL_FETCHROW($result_sub))
{
// Check if current selected menu is matching the loaded one
if ($current == $what) $title_sub = "<strong>".$title_sub."</strong>";
{
global $_CONFIG;
$OUT = "";
- $FILE = sprintf("%sinc/modules/sponsor/%s.php", PATH, $what);
- if (FILE_READABLE($FILE)) {
+ $INC = sprintf("inc/modules/sponsor/%s.php", $what);
+ if (FILE_READABLE($INC)) {
// Every sponsor action will output nothing directly. It will be written into $OUT!
- require_once($FILE);
+ LOAD_INC_ONCE($INC);
} else {
// File not found!
$OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_CONTENT_404_1.$what.SPONSOR_CONTENT_404_2);
// Is sponsor?
if (IS_SPONSOR()) {
// Update last online timestamp
- SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_sponsor_data`
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data`
SET last_online=UNIX_TIMESTAMP()
WHERE id='%s' AND password='%s' LIMIT 1",
array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
$DATA = array();
// Prepare SQL string
- $SQL = "UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET";
+ $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET";
foreach ($POST as $key => $value) {
// Mmmmm, too less security here???
$SQL .= " ".strip_tags($key)."='%s',";
$EMAIL = true;
// Okay, has changed then add status with UNCONFIRMED and new hash code
- $SQL .= " status='EMAIL', hash='%s',";
+ $SQL .= " `status`='EMAIL', hash='%s',";
// Generate hash code
$HASH = md5(session_id().":".$POST['email'].":".GET_REMOTE_ADDR().":".GET_USER_AGENT().":".time());