* -------------------------------------------------------------------- *
* Kurzbeschreibung : Funktionen fuer den Sponsorenbereich *
* -------------------------------------------------------------------- *
- * *
+ * $Revision:: 856 $ *
+ * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009) $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: stelzi $ *
+ * Needs to be in all Files and every File needs "svn propset *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2008 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = 0;
// SQL and message string is empty by default
- $SQL = ""; $MSG = "";
+ $sql = ""; $MSG = "";
// Update?
if ($UPDATE) {
// Update his data
- $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET ";
+ $sql = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET ";
foreach ($DATA['keys'] as $k => $v) {
- $SQL .= $v."='%s', ";
+ $sql .= $v."='%s', ";
}
// Remove last ", " from SQL string
- $SQL = substr($SQL, 0, -2)." WHERE id='%s' LIMIT 1";
+ $sql = substr($sql, 0, -2)." WHERE id='%s' LIMIT 1";
$DATA['values'][] = bigintval(REQUEST_GET('id'));
// Generate message
$VALUES = str_repeat("%s', '", count($DATA['values']) - 1);
// Generate string
- $SQL = "INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')";
+ $sql = "INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')";
// Generate message
$MSG = SPONSOR_GET_MESSAGE(getMessage('ADMIN_SPONSOR_ADDED'), "added", $MSGs);
$ret = "already";
}
- if (!empty($SQL)) {
+ if (!empty($sql)) {
// Run SQL command
- $result = SQL_QUERY_ESC($SQL, $DATA['values'], __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC($sql, $DATA['values'], __FUNCTION__, __LINE__);
}
// Output message
if (IS_ADMIN()) $WHERE = "";
// Load main menu entries
- $result_main = SQL_QUERY("SELECT action, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+ $result_main = SQL_QUERY("SELECT action AS main_action, title AS main_title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
WHERE (what='' OR `what` IS NULL) ".$WHERE."
ORDER BY `sort`", __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result_main) > 0)
- {
+ if (SQL_NUMROWS($result_main) > 0) {
// Load every menu and it's sub menus
- while (list($action, $title_main) = SQL_FETCHROW($result_main))
- {
+ while ($content = SQL_FETCHARRAY($result_main)) {
// Load sub menus
- $result_sub = SQL_QUERY_ESC("SELECT what, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
+ $result_sub = SQL_QUERY_ESC("SELECT what AS sub_what, title AS sub_title FROM `{!_MYSQL_PREFIX!}_sponsor_menu`
WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$WHERE."
-ORDER BY `sort`", array($action), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result_sub) > 0)
- {
+ORDER BY `sort`",
+ array($content['main_action']), __FUNCTION__, __LINE__);
+ if (SQL_NUMROWS($result_sub) > 0) {
// Load sub menus
$SUB = "";
- while (list($what, $title_sub) = SQL_FETCHROW($result_sub))
- {
+ while ($content2 = SQL_FETCHARRAY($result_sub)) {
+ // Merge both arrays
+ $content = merge_array($content, $content2);
+
// Check if current selected menu is matching the loaded one
- if ($current == $what) $title_sub = "<strong>".$title_sub."</strong>";
+ if ($current == $content['sub_what']) $content['sub_title'] = "<strong>".$content['sub_title']."</strong>";
// Prepare data for the sub template
$content = array(
- 'what' => $what,
- 'title' => $title_sub
+ 'what' => $content['sub_what'],
+ 'title' => $content['sub_title']
);
// Load row template
// Prepare data for the main template
$content = array(
- 'title' => $title_main,
+ 'title' => $content['main_title'],
'menu' => $SUB
);
// Load menu template
$OUT .= LOAD_TEMPLATE("sponsor_action", true, $content);
- }
- else
- {
+ } else {
// No sub menus active
- $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_SUB_MENUS_ACTIVE);
+ $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_SUB_MENUS_ACTIVE'));
}
// Free memory
SQL_FREERESULT($result_sub);
}
- }
- else
- {
+ } else {
// No main menus active
- $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MAIN_MENUS_ACTIVE);
+ $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_MAIN_MENUS_ACTIVE'));
}
// Free memory
// Return content
return $OUT;
}
+
//
-function GENERATE_SPONSOR_CONTENT($what)
-{
+function GENERATE_SPONSOR_CONTENT ($what) {
$OUT = "";
$INC = sprintf("inc/modules/sponsor/%s.php", $what);
if (INCLUDE_READABLE($INC)) {
LOAD_INC_ONCE($INC);
} else {
// File not found!
- $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_CONTENT_404_1.$what.SPONSOR_CONTENT_404_2);
+ $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_CONTENT_404'), $what));
}
// Return content
return $OUT;
}
+
//
function UPDATE_SPONSOR_LOGIN () {
// Failed by default
'ok', 'pass1', 'pass2');
// Set default message ("not saved")
- $MSG = SPONSOR_ACCOUNT_DATA_NOT_SAVED;
+ $MSG = getMessage('SPONSOR_ACCOUNT_DATA_NOT_SAVED');
// Check for submitted passwords
if ((!empty($POST['pass1'])) && (!empty($POST['pass2']))) {
if ($POST['pass1'] == $POST['pass2']) {
// Okay, then set password and remove pass1 and pass2
$POST['password'] = md5($POST['pass1']);
- }
- }
+ } // END - if
+ } // END - if
// Remove all (maybe spoofed) unsafe data from array
foreach ($UNSAFE as $remove) {
unset($POST[$remove]);
- }
+ } // END - foreach
// This array is for the submitted data which we will use with the SQL_QUERY_ESC() function to
// secure the data
$DATA = array();
// Prepare SQL string
- $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET";
+ $sql = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET";
foreach ($POST as $key => $value) {
// Mmmmm, too less security here???
- $SQL .= " ".strip_tags($key)."='%s',";
+ $sql .= " ".strip_tags($key)."='%s',";
// We will secure this later inside the SQL_QUERY_ESC() function
$DATA[] = strip_tags($value);
// Compile {SLASH} and so on for the email templates
$POST[$key] = COMPILE_CODE($value);
- }
+ } // END - foreach
// Check if email has changed
if ((!empty($content['email'])) && (!empty($POST['email']))) {
$EMAIL = true;
// Okay, has changed then add status with UNCONFIRMED and new hash code
- $SQL .= " `status`='EMAIL', hash='%s',";
+ $sql .= " `status`='EMAIL', hash='%s',";
// Generate hash code
$HASH = md5(session_id().":".$POST['email'].":".GET_REMOTE_ADDR().":".GET_USER_AGENT().":".time());
$DATA[] = $HASH;
- }
- }
+ } // END - if
+ } // END - if
// Remove last commata
- $SQL = substr($SQL, 0, -1);
+ $sql = substr($sql, 0, -1);
// Add SQL tail data
- $SQL .= " WHERE id='%s' AND password='%s' LIMIT 1";
+ $sql .= " WHERE id='%s' AND password='%s' LIMIT 1";
$DATA[] = bigintval(get_session('sponsorid'));
$DATA[] = get_session('sponsorpass');
if (SQL_AFFECTEDROWS() == 1) {
if (!empty($templ) && !empty($subj)) {
// Run SQL command and check for success
- $result = SQL_QUERY_ESC($SQL, $DATA, __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC($sql, $DATA, __FUNCTION__, __LINE__);
// Add all data to content
global $DATA;
SEND_EMAIL($content['email'], getMessage('SPONSOR_SETTINGS_SUBJ'), $email_msg);
break;
}
- }
- }
- }
+ } // END - if
+ } // END - if
+ } // END - if
// Return final message
return $MSG;