Reset rewritten, SQL fixed, zeros are now numeric

[mailer.git] / inc / libs / sponsor_functions.php

diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php
index d76263196e04fcc1e3de56e04a09e210729604c2..fdf4eb9f43b4bded1bc1104cc22545c38181eeb5 100644 (file)
--- a/inc/libs/sponsor_functions.php
+++ b/inc/libs/sponsor_functions.php
@@ -54,7 +54,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
        );
 
        // Check if sponsor already exists
-       foreach ($POST as $k=>$v)
+       foreach ($POST as $k => $v)
        {
                if (!(array_search($k, $SKIPPED) > -1))
                {
@@ -153,7 +153,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
        if ($SAVE)
        {
                // Default is no force even when a guest want to abuse this force switch
-               if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = "0";
+               if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = 0;
 
                // SQL and message string is empty by default
                $SQL = ""; $MSG = "";
@@ -163,7 +163,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
                {
                        // Update his data
                        $SQL = "UPDATE "._MYSQL_PREFIX."_sponsor_data SET ";
-                       foreach ($DATA['keys'] as $k=>$v)
+                       foreach ($DATA['keys'] as $k => $v)
                        {
                                $SQL .= $v."='%s', ";
                        }
@@ -213,7 +213,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
                {
                        // Add all data as hidden data
                        $OUT = "";
-                       foreach ($POST as $k=>$v)
+                       foreach ($POST as $k => $v)
                        {
                                // Do not add 'force' !
                                if ($k != "force")
@@ -421,15 +421,12 @@ ORDER BY sort", array($action), __FILE__, __LINE__);
 function GENERATE_SPONSOR_CONTENT($what)
 {
        global $HTTP_POST_VARS, $_GET, $CONFIG;
-       $FILE = PATH."inc/modules/sponsor/".$what.".php";
        $OUT = "";
-       if (@file_exists($FILE))
-       {
+       $FILE = sprintf("%sinc/modules/sponsor/%s.php", PATH, $what);
+       if (FILE_READABLE($FILE)) {
                // Every sponsor action will output nothing directly. It will be written into $OUT!
                require_once($FILE);
-       }
-        else
-       {
+       } else {
                // File not found!
                $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_CONTENT_404_1.$what.SPONSOR_CONTENT_404_2);
        }
@@ -481,13 +478,13 @@ function SPONSOR_SAVE_DATA($POST, $content)
        $MSG = SPONSOR_ACCOUNT_DATA_NOT_SAVED;
 
        // Check for submitted passwords
-       if ((!empty($HTTP_POST_VARS['pass1'])) && (!empty($HTTP_POST_VARS['pass2'])))
+       if ((!empty($_POST['pass1'])) && (!empty($_POST['pass2'])))
        {
                // Are both passwords the same?
-               if ($HTTP_POST_VARS['pass1'] == $HTTP_POST_VARS['pass2'])
+               if ($_POST['pass1'] == $_POST['pass2'])
                {
                        // Okay, then set password and remove pass1 and pass2
-                       $HTTP_POST_VARS['password'] = md5($HTTP_POST_VARS['pass1']);
+                       $_POST['password'] = md5($_POST['pass1']);
                }
        }
 
@@ -503,7 +500,7 @@ function SPONSOR_SAVE_DATA($POST, $content)
 
        // Prepare SQL string
        $SQL = "UPDATE "._MYSQL_PREFIX."_sponsor_data SET";
-       foreach ($POST as $key=>$value)
+       foreach ($POST as $key => $value)
        {
                // Mmmmm, too less security here???
                $SQL   .= " ".strip_tags($key)."='%s',";