Complete rewrite of and , wrapper functions added, see bug #101

[mailer.git] / inc / modules / guest / what-confirm.php

diff --git a/inc/modules/guest/what-confirm.php b/inc/modules/guest/what-confirm.php
index a41e757126850fdaed65ca66ab5bac97d209d71e..f0748ce729063e80e286938f8ca890345883eda3 100644 (file)
--- a/inc/modules/guest/what-confirm.php
+++ b/inc/modules/guest/what-confirm.php
@@ -40,20 +40,20 @@ if (!defined('__SECURITY')) {
 // Add description as navigation point
 ADD_DESCR("guest", __FILE__);
 
-if (!empty($_GET['hash'])) {
+if (REQUEST_ISSET_GET(('hash'))) {
        // Initialize the user ID
        $uid = 0;
 
        // Search for an unconfirmed or confirmed account
        $result = SQL_QUERY_ESC("SELECT userid, email, refid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE user_hash='%s' AND (`status`='UNCONFIRMED' OR `status`='CONFIRMED') LIMIT 1",
-               array($_GET['hash']), __FILE__, __LINE__);
+               array(REQUEST_GET('hash')), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {
                // Ok, he want's to confirm now so we load some data
                list ($uid, $email, $rid) = SQL_FETCHROW($result);
 
                // Unlock his account (but only when it is on UNCONFIRMED!)
                SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED', ref_payout=%s, user_hash=NULL WHERE user_hash='%s' AND `status`='UNCONFIRMED' LIMIT 1",
-                       array(getConfig('ref_payout'), $_GET['hash']), __FILE__, __LINE__);
+                       array(getConfig('ref_payout'), REQUEST_GET('hash')), __FILE__, __LINE__);
                if (SQL_AFFECTEDROWS() == 1) {
                        $msg = LOAD_EMAIL_TEMPLATE("confirm-member", array('points' => getConfig('points_register')), bigintval($uid));
 
@@ -132,10 +132,10 @@ if (!empty($_GET['hash'])) {
                define('__UID', "0");
                LOAD_TEMPLATE("guest_confirm_table");
        }
-} elseif ((isset($_POST['ok'])) && (!empty($_POST['email']))) {
+} elseif ((IS_FORM_SENT()) && (REQUEST_ISSET_POST(('email')))) {
        // Confirmation link requested      0     1         2
        $result = SQL_QUERY_ESC("SELECT userid, status, user_hash FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email='%s' LIMIT 1",
-               array($_POST['email']), __FILE__, __LINE__);
+               array(REQUEST_POST('email')), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {
                // Email address found
                $DATA = SQL_FETCHROW($result);
@@ -143,7 +143,7 @@ if (!empty($_GET['hash'])) {
                {
                case "UNCONFIRMED": // Account not confirmed
                        $msg = LOAD_EMAIL_TEMPLATE("guest_request_confirm", array('hash' => $DATA[2]), $DATA[0]);
-                       SEND_EMAIL($_POST['email'], getMessage('REQUEST_CONFIRM_LINK_SUBJ'), $msg);
+                       SEND_EMAIL(REQUEST_POST('email'), getMessage('REQUEST_CONFIRM_LINK_SUBJ'), $msg);
                        $content = getMessage('CONFIRM_LINK_SENT');
                        break;