);
// Check if sponsor already exists
- foreach ($POST as $k=>$v)
+ foreach ($POST as $k => $v)
{
if (!(array_search($k, $SKIPPED) > -1))
{
if ($SAVE)
{
// Default is no force even when a guest want to abuse this force switch
- if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = "0";
+ if ((empty($POST['force'])) || (!IS_ADMIN())) $POST['force'] = 0;
// SQL and message string is empty by default
$SQL = ""; $MSG = "";
{
// Update his data
$SQL = "UPDATE "._MYSQL_PREFIX."_sponsor_data SET ";
- foreach ($DATA['keys'] as $k=>$v)
+ foreach ($DATA['keys'] as $k => $v)
{
$SQL .= $v."='%s', ";
}
{
// Add all data as hidden data
$OUT = "";
- foreach ($POST as $k=>$v)
+ foreach ($POST as $k => $v)
{
// Do not add 'force' !
if ($k != "force")
// Load main menu entries
$result_main = SQL_QUERY("SELECT action, title FROM "._MYSQL_PREFIX."_sponsor_menu
-WHERE what='' ".$WHERE."
+WHERE (what='' OR what IS NULL) ".$WHERE."
ORDER BY sort", __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) > 0)
{
function GENERATE_SPONSOR_CONTENT($what)
{
global $HTTP_POST_VARS, $_GET, $CONFIG;
- $FILE = PATH."inc/modules/sponsor/".$what.".php";
$OUT = "";
- if (@file_exists($FILE))
- {
+ $FILE = sprintf("%sinc/modules/sponsor/%s.php", PATH, $what);
+ if (FILE_READABLE($FILE)) {
// Every sponsor action will output nothing directly. It will be written into $OUT!
require_once($FILE);
- }
- else
- {
+ } else {
// File not found!
$OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_CONTENT_404_1.$what.SPONSOR_CONTENT_404_2);
}
$MSG = SPONSOR_ACCOUNT_DATA_NOT_SAVED;
// Check for submitted passwords
- if ((!empty($HTTP_POST_VARS['pass1'])) && (!empty($HTTP_POST_VARS['pass2'])))
+ if ((!empty($_POST['pass1'])) && (!empty($_POST['pass2'])))
{
// Are both passwords the same?
- if ($HTTP_POST_VARS['pass1'] == $HTTP_POST_VARS['pass2'])
+ if ($_POST['pass1'] == $_POST['pass2'])
{
// Okay, then set password and remove pass1 and pass2
- $HTTP_POST_VARS['password'] = md5($HTTP_POST_VARS['pass1']);
+ $_POST['password'] = md5($_POST['pass1']);
}
}
// Prepare SQL string
$SQL = "UPDATE "._MYSQL_PREFIX."_sponsor_data SET";
- foreach ($POST as $key=>$value)
+ foreach ($POST as $key => $value)
{
// Mmmmm, too less security here???
$SQL .= " ".strip_tags($key)."='%s',";
if (isset($content['warning_interval'])) $DATA['interval'] = CREATE_FANCY_TIME($POST['warning_interval']);
// Send email to admins
- if (GET_EXT_VERSION("admins") < "0.4.1")
- {
- // Use old method to send out
- $msg = LOAD_EMAIL_TEMPLATE($templ, $content);
- SEND_ADMIN_EMAILS($subj, $msg);
- }
- else
- {
- // Use new system to send out
- SEND_ADMIN_EMAILS_PRO($subj, $templ, $content);
- }
+ SEND_ADMIN_NOTIFICATION($subj, $templ, $content);
// Shall we send mail to the sponsor's new email address?
if ($content['receive_warnings'] == "Y")