array($user), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Ok, let's create the admin login
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
array($user, $md5, $email), __FILE__, __LINE__);
$ret = "done";
} else {
$ret = "404";
$data = array();
+ // Get admin id
+ $aid = GET_ADMIN_ID($admin_login);
+
// Is the cache valid?
- if (!empty($cacheArray['admins']['password'][$admin_login])) {
+ if (!empty($cacheArray['admins']['password'][$aid])) {
// Get password from cache
- $data['password'] = $cacheArray['admins']['password'][$admin_login];
+ $data['password'] = $cacheArray['admins']['password'][$aid];
$ret = "pass";
- $_CONFIG['cache_hits']++;
+ if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
// Include more admins data?
if (GET_EXT_VERSION("admins") >= "0.7.0") {
// Load them here
- $data['login_failtures'] = $cacheArray['admins']['login_failtures'][$admin_login];
- $data['last_failture'] = $cacheArray['admins']['last_failture'][$admin_login];
+ $data['login_failtures'] = $cacheArray['admins']['login_failtures'][$aid];
+ $data['last_failture'] = $cacheArray['admins']['last_failture'][$aid];
} // END - if
- } elseif (EXT_IS_ACTIVE("cache")) {
+ } elseif (!EXT_IS_ACTIVE("cache")) {
$ADD = "";
if (GET_EXT_VERSION("admins") >= "0.7.0") {
// Load them here
} // END - if
// Get password from DB
- $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($admin_login), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+ array($aid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Login password found
$ret = "pass";
set_session('mxchange_admin_last_fail', $data['last_failture']);
// Update password and reset login failtures
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
- array($data['password'], $admin_login), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
+ array($data['password'], $aid), __FILE__, __LINE__);
} else {
// Update password
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
- array($data['password'], $admin_login), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE id=%s LIMIT 1",
+ array($data['password'], $aid), __FILE__, __LINE__);
}
// Rebuild cache
// Count login failture if admins extension version is 0.7.0+
if (($ret == "pass") && (GET_EXT_VERSION("admins") >= "0.7.0")) {
// Update counter
- SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=login_failtures+1,last_failture=NOW() WHERE login='%s' LIMIT 1",
- array($admin_login), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=login_failtures+1,last_failture=NOW() WHERE id=%s LIMIT 1",
+ array($aid), __FILE__, __LINE__);
// Rebuild cache
REBUILD_CACHE("admins", "admin");
$ret = "404"; $pass = "";
// Get hash
- $pass = GET_ADMIN_HASH($admin_login);
+ $pass = GET_ADMIN_HASH(GET_ADMIN_ID($admin_login));
if ($pass != "-1") $ret = "pass";
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass)."(".strlen($pass).")/".$password."(".strlen($password).")<br />\n";
// Initialize some variables
$done = false;
$seek++;
+ $next=-1;
$found = false;
// Is the file there and read-/write-able?
if (strpos($line, $search) > -1) { $next = 0; $found = true; }
if ($next > -1) {
- if ($next == $seek) {
+ if ($next === $seek) {
$next = -1;
$line = $prefix . $DATA . $suffix."\n";
} else {
$VALUEs = implode(", ", $VALUEs);
// Generate SQL string
- $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES(".$VALUEs.")";
+ $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES (".$VALUEs.")";
}
// Free memory
// Set the global mode as the mode for all admins
$MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
+ // Get admin id
+ $aid = GET_ADMIN_ID(get_session('admin_login'));
+
// Check individual settings of current admin
- if (isset($cacheArray['admins']['la_mode'][get_session('admin_login')])) {
+ if (isset($cacheArray['admins']['la_mode'][$aid])) {
// Load from cache
- $ADMIN = $cacheArray['admins']['la_mode'][get_session('admin_login')];
- $_CONFIG['cache_hits']++;
+ $ADMIN = $cacheArray['admins']['la_mode'][$aid];
+ if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
} elseif (GET_EXT_VERSION("admins") >= "0.6.7") {
// Load from database when version of "admins" is enough
- $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array(get_session('admin_login')), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+ array($aid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load data
list($ADMIN) = SQL_FETCHROW($result);
// Is the raw userid set?
if ($_POST['uid_raw'][$id] > 0) {
// Generate subject
- $eval = "\$subjectLine = MEMBER_".$subject."_".strtoupper($table)."_SUBJECT;";
- eval($eval);
+ $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
// Load email template
if (!empty($subjectPart)) {
} // END - if
// Generate subject
- $eval = "\$subjectLine = ADMIN_".$subject."_".strtoupper($table)."_SUBJECT;";
- eval($eval);
+ $subjectLine = constant('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
// Send admin notification out
if (!empty($subjectPart)) {
projects / mailer.git / blobdiff