return $ret;
}
// Only be executed on login procedure!
-function CHECK_ADMIN_LOGIN ($admin_login, $password)
-{
+function CHECK_ADMIN_LOGIN ($admin_login, $password) {
global $cacheArray, $_CONFIG, $cacheInstance;
// Init variables
$cacheName = "admin_".$act."_".$wht."_".GET_LANGUAGE()."_".strtolower(get_session('admin_login'));
// Is that cache there?
- if ($cacheInstance->cache_file($cacheName, true)) {
+ if ($cacheInstance->loadCacheFile($cacheName)) {
// Then load it
- $data = $cacheInstance->cache_load();
+ $data = $cacheInstance->getArrayFromCache();
// Extract all parts
$OUT = base64_decode($data['output'][0]);
} // END - if
// Build main menu
- $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort, id DESC", __FILE__, __LINE__);
+ $result_main = SQL_QUERY("SELECT action, title, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort, id DESC", __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) > 0)
{
$OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
}
$OUT .= "</NOBR></TD>
</TR>\n";
- $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort, id DESC",
+ $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort, id DESC",
array($menu), __FILE__, __LINE__);
if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
{
// Is there a cache instance again?
if ((is_object($cacheInstance)) && (isset($_CONFIG['cache_admin_menu'])) && ($_CONFIG['cache_admin_menu'] == "Y")) {
// Init cache
- $cacheInstance->cache_init($cacheName);
+ $cacheInstance->init($cacheName);
// Prepare cache data
$data = array(
);
// Write the data away
- $cacheInstance->add_row($data);
+ $cacheInstance->addRow($data);
// Close cache
- $cacheInstance->cache_close();
+ $cacheInstance->finalize();
} // END - if
// Return or output content?
function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid")
{
// Output selection form with all confirmed user accounts listed
- $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT userid, surname, family FROM `"._MYSQL_PREFIX."_user_data` ORDER BY userid", __FILE__, __LINE__);
$OUT = "";
// USe this only for adding points (e.g. adding refs really makes no sence ;-) )
function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
$wht = "what != ''";
if ($MODE == "action") $wht = "(what='' OR what IS NULL) AND action !='login'";
- $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
+ $result = SQL_QUERY_ESC("SELECT %s, title FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$wht." ORDER BY sort",
array($MODE), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
// Load menu as selection
$test = (float)$val;
if ("".$val."" == "".$test."") {
// Add numbers
- $DATA[] = $id."=".$val."";
+ $DATA[] = sprintf("`%s`=%s", $id, $test);
} else {
// Add strings
- $DATA[] = $id."='".trim($val)."'";
+ $DATA[] = sprintf("`%s`='%s'", $id, trim($val));
}
// Update current configuration
$result = false;
if (!$alwaysAdd) {
if (!empty($whereStatement)) {
- $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
} else {
- $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." LIMIT 1", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` LIMIT 1", __FILE__, __LINE__);
}
} // END - if
$DATA_UPDATE = implode(", ", $DATA);
// Generate SQL string
- $SQL = "UPDATE "._MYSQL_PREFIX.$tableName." SET ".$DATA_UPDATE." WHERE ".$whereStatement." LIMIT 1";
+ $SQL = sprintf("UPDATE `"._MYSQL_PREFIX."%s` SET %s WHERE %s LIMIT 1",
+ $tableName,
+ $DATA_UPDATE,
+ $whereStatement
+ );
} else {
// Add Line (does only work with auto_increment!
$KEYs = array(); $VALUEs = array();
$VALUEs = implode(", ", $VALUEs);
// Generate SQL string
- $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES (".$VALUEs.")";
+ $SQL = sprintf("INSERT INTO "._MYSQL_PREFIX."%s (%s) VALUES (%s)",
+ $tableName,
+ $KEYs,
+ $VALUEs
+ );
}
// Free memory
SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
array($passHash, $login), __FILE__, __LINE__);
+ // Run filters
+ RUN_FILTER('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
+
// Return output
return ADMIN_PASSWORD_RESET_DONE;
}