<?php
/************************************************************************
- * MXChange v0.2.1 Start: 04/24/2005 *
- * =============== Last change: 05/18/2008 *
+ * M-XChange v0.2.1 Start: 04/24/2005 *
+ * ================ Last change: 05/12/2005 *
* *
* -------------------------------------------------------------------- *
* File : what-edit_sponsor.php *
* Copyright (c) 2003 - 2008 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
- * This program is free software. You can redistribute it and/or modify *
+ * This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License. *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!is_admin()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
-if ((!empty($HTTP_GET_VARS['id'])) && (!empty($HTTP_GET_VARS['mode'])))
-{
+if ((REQUEST_ISSET_GET(('id'))) && (REQUEST_ISSET_GET(('mode')))) {
// Check for selected sponsor
- $result = SQL_QUERY_ESC("SELECT company, position, salut, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' LIMIT 1",
- array($HTTP_GET_VARS['id']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT company, position, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE id='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Load sponsor details
$DATA = SQL_FETCHARRAY($result);
SQL_FREERESULT($result);
// Prepare all data for the template
// Sponsor's ID
- define('__SPONSOR_ID' , $HTTP_GET_VARS['id']);
+ define('__SPONSOR_ID' , bigintval(REQUEST_GET('id')));
// Company's data
define('__COMPANY' , $DATA['company']);
define('__POSITION' , $DATA['position']);
define('__TAX_IDENT' , $DATA['tax_ident']);
// Personal data
- switch ($DATA['salut'])
+ switch ($DATA['gender'])
{
case "M":
- define('__SALUT_M', " selected");
- define('__SALUT_F', "");
- define('__SALUT_C', "");
+ define('__GENDER_M', " selected=\"selected\"");
+ define('__GENDER_F', "");
+ define('__GENDER_C', "");
break;
case "F":
- define('__SALUT_M', "");
- define('__SALUT_F', " selected");
- define('__SALUT_C', "");
+ define('__GENDER_M', "");
+ define('__GENDER_F', " selected=\"selected\"");
+ define('__GENDER_C', "");
break;
case "C":
- define('__SALUT_M', "");
- define('__SALUT_F', "");
- define('__SALUT_C', " selected");
+ define('__GENDER_M', "");
+ define('__GENDER_F', "");
+ define('__GENDER_C', " selected=\"selected\"");
break;
}
define('__SURNAME' , $DATA['surname']);
define('__REC_WARNING', ADD_SELECTION("yn", $DATA['receive_warnings'], "receive_warning"));
define('__INTERVAL' , CREATE_TIME_SELECTIONS($DATA['warning_interval'], "warning_interval", "MWDh"));
+ // Init variables here
+ $TPL = sprintf("admin_edit_sponsor_%s", SQL_ESCAPE(REQUEST_GET('mode')));
+ $SQLs = array();
+
// Sponsor was found
- $TPL = "admin_edit_sponsor_".$HTTP_GET_VARS['mode']; $SQLs = array();
- if ((isset($HTTP_POST_VARS['ok'])) || (isset($HTTP_POST_VARS['edit'])))
- {
+ if ((IS_FORM_SENT()) || (REQUEST_ISSET_POST(('edit')))) {
// Perform action on mode
- switch ($HTTP_GET_VARS['mode'])
+ switch (REQUEST_GET('mode'))
{
case "add_points": // Add points
- if (strval($HTTP_POST_VARS['points']) > 0)
- {
+ if (strval(REQUEST_POST('points')) > 0) {
// Replace german decimal comma with computer's decimal dot
- $POINTS = strval(str_replace(",", ".", $HTTP_POST_VARS['points']));
+ $POINTS = strval(REVERT_COMMA(REQUEST_POST('points')));
// Add points to account
- $result_add = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET points_amount=points_amount+%s WHERE id='%s' LIMIT 1",
- array($POINTS, bigintval($HTTP_GET_VARS['id'])), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_amount=points_amount+%s WHERE id='%s' LIMIT 1",
+ array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
define('__POINTS' , TRANSLATE_COMMA($POINTS));
- define('__REASON' , $HTTP_POST_VARS['reason']);
+ define('__REASON' , REQUEST_POST('reason'));
// Send email
- $msg = LOAD_EMAIL_TEMPLATE("sponsor_add_points", $HTTP_POST_VARS['reason'], true);
- SEND_EMAIL(__EMAIL, SPONSOR_ADMIN_ADD_POINTS, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sponsor_add_points", REQUEST_POST('reason'), true);
+ SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_ADD_POINTS, $msg);
$MSG = ADMIN_SPONSOR_POINTS_ADDED;
- }
- else
- {
+ } else {
// No points entered to add!
$MSG = ADMIN_SPONSPOR_NO_POINTS_TO_ADD;
}
break;
case "sub_points": // Subtract points
- if (strval($HTTP_POST_VARS['points']) > 0)
- {
+ if (strval(REQUEST_POST('points')) > 0) {
// Replace german decimal comma with computer's decimal dot
- $POINTS = strval(str_replace(",", ".", $HTTP_POST_VARS['points']));
+ $POINTS = strval(REVERT_COMMA(REQUEST_POST('points')));
// Add points to account
- $result_add = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET points_used=points_used+%s WHERE id='%s' LIMIT 1",
- array($POINTS, bigintval($HTTP_GET_VARS['id'])), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_used=points_used+%s WHERE id='%s' LIMIT 1",
+ array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
define('__POINTS' , TRANSLATE_COMMA($POINTS));
- define('__REASON' , $HTTP_POST_VARS['reason']);
+ define('__REASON' , REQUEST_POST('reason'));
// Send email
- $msg = LOAD_EMAIL_TEMPLATE("sponsor_sub_points", $HTTP_POST_VARS['reason'], true);
- SEND_EMAIL(__EMAIL, SPONSOR_ADMIN_SUB_POINTS, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sponsor_sub_points", REQUEST_POST('reason'), true);
+ SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_SUB_POINTS, $msg);
$MSG = ADMIN_SPONSOR_POINTS_SUBTRACTED;
- }
- else
- {
+ } else {
// No points entered to add!
$MSG = ADMIN_SPONSPOR_NO_POINTS_TO_SUBTRACT;
}
case "edit": // Edit sponsor account
$PASS = true;
- if (($HTTP_POST_VARS['pass1'] != $HTTP_POST_VARS['pass2']) || ((empty($HTTP_POST_VARS['pass1'])) && (empty($HTTP_POST_VARS['pass1']))))
- {
+ if ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) || ((!REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass1'))))) {
// Remove passwords
- unset($HTTP_POST_VARS['pass1']);
- unset($HTTP_POST_VARS['pass2']);
+ REQUEST_UNSET_POST(('pass1'));
+ REQUEST_UNSET_POST(('pass2'));
$PASS = false;
}
- SPONSOR_HANDLE_SPONSOR($HTTP_POST_VARS);
+
+ // Convert time selection
+ $DATA = array(); $id = "warning_interval_ye"; $skip = false;
+ CONVERT_SELECTIONS_TO_TIMESTAMP(REQUEST_POST_ARRAY(), $DATA, $id, $skip);
+
+ // Save the sponsor
+ SPONSOR_HANDLE_SPONSOR(REQUEST_POST_ARRAY());
// Convert some data for the email template
- $HTTP_POST_VARS['salut'] = TRANSLATE_SEX($HTTP_POST_VARS['salut']);
- $HTTP_POST_VARS['warning_interval'] = CREATE_FANCY_TIME($HTTP_POST_VARS['warning_interval']);
- if (!$PASS) $HTTP_POST_VARS['pass1'] = SPONSOR_PASS_UNCHANGED;
+ REQUEST_POST('gender' , TRANSLATE_GENDER(REQUEST_POST('gender')));
+ REQUEST_POST('warning_interval', CREATE_FANCY_TIME(REQUEST_POST('warning_interval')));
+
+ if (!$PASS) REQUEST_SET_POST('pass1', getMessage('SPONSOR_PASS_UNCHANGED'));
// Load email template and send the mail away
- $msg = LOAD_EMAIL_TEMPLATE("admin_sponsor_edit", $HTTP_POST_VARS, false);
- SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_ADMIN_EDIT_SUBJECT, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("admin_sponsor_edit", REQUEST_POST_ARRAY(), false);
+ SEND_EMAIL(REQUEST_POST('email'), getMessage('ADMIN_SPONSOR_EDIT_SUBJECT'), $msg);
break;
default: // Unknown mode
- $MSG = ADMIN_INVALID_MODE_1.$HTTP_GET_VARS['mode'].ADMIN_INVALID_MODE_2;
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown mode %s detected.", REQUEST_GET('mode')));
+ $MSG = sprintf(getMessage('ADMIN_SPONSOR_INVALID_MODE'), SQL_ESCAPE(REQUEST_GET('mode')));
break;
}
- if (!empty($MSG))
- {
+ if (!empty($MSG)) {
// Output message
LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
- }
- }
- elseif (file_exists(PATH."templates/".GET_LANGUAGE()."/html/admin/".$TPL.".tpl"))
- {
+ } // END - if
+ } elseif (FILE_READABLE(sprintf("%stemplates/%s/html/admin/%s.tpl", constant('PATH'), GET_LANGUAGE(), $TPL))) {
// Create mailto link
- define('__SPONSOR_VALUE', "<A href=\"mailto:".__EMAIL."\">".__SURNAME." ".__FAMILY."</A>");
+ define('__SPONSOR_VALUE', "<a href=\"mailto:{!__EMAIL!}\">{!__SURNAME!} {!__FAMILY!}</a>");
// Load mode template
LOAD_TEMPLATE($TPL);
- }
- else
- {
+ } else {
// Template not found!
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_TPL_404_1.$HTTP_GET_VARS['mode'].ADMIN_TPL_404_2);
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_MODUS_TPL_404'), SQL_ESCAPE(REQUEST_GET('mode'))));
}
- }
- else
- {
+ } else {
// Sponsor not found!
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_SPONSOR_404_1.$HTTP_GET_VARS['id'].ADMIN_SPONSOR_404_2);
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_404'), bigintval(REQUEST_GET('id'))));
}
-}
- else
-{
+} else {
// Not called by what-list_sponsor.php
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_CALL_NOT_DIRECTLY);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_CALL_NOT_DIRECTLY'));
}
//
projects / mailer.git / blobdiff