street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
points_amount AS points, last_pay AS pay, last_curr AS curr
FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
+WHERE hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL')
LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Sponsor found, load his data...
// Unconfirmed account or changed email address?
if ($SPONSOR['status'] == "UNCONFIRMED") {
// Set account to pending
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET status='PENDING'
-WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='PENDING'
+WHERE id='%s' AND hash='%s' AND `status`='UNCONFIRMED' LIMIT 1",
array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
// Check on success
}
} elseif ($SPONSOR['status'] == "EMAIL") {
// Changed email adress need to be confirmed
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET status='CONFIRMED'
-WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `status`='CONFIRMED'
+WHERE id='%s' AND hash='%s' AND `status`='EMAIL' LIMIT 1",
array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
// Check on success
// Check email
$result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
+WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
array($_POST['email']), __FILE__, __LINE__);
// Entry found?
// Check email
$result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created
FROM `{!_MYSQL_PREFIX!}_sponsor_data`
-WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
+WHERE email='%s' AND id='%s' AND `status`='CONFIRMED' LIMIT 1",
array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__);
// Entry found?
if (SQL_NUMROWS($result) == 1) {
} else {
// Cookie setup failed!
LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);
- OUTPUT_HTML("<br />");
// Login formular and other links
LOAD_TEMPLATE("guest_sponsor_login");
// Status is not fine
$content = constant('SPONSOR_LOGIN_FAILED_'.strtoupper($status).'');
LOAD_TEMPLATE("admin_settings_saved", false, $content);
- OUTPUT_HTML("<br />");
// Login formular and other links
LOAD_TEMPLATE("guest_sponsor_login");
} else {
// Account missing or wrong pass! We shall not find this out for the "hacker folks"...
LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOGIN_FAILED_404_WRONG_PASS);
- OUTPUT_HTML("<br />");
// Login formular and other links
LOAD_TEMPLATE("guest_sponsor_login");
projects / mailer.git / blobdiff