require($INC);
} elseif ((!EXT_IS_ACTIVE("sponsor"))) {
if (IS_ADMIN()) {
- ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor"));
+ addFatalMessage(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "sponsor"));
} else {
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor");
+ addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor");
}
return;
}
company, position, tax_ident,
street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Unconfirmed account or changed email address?
if ($SPONSOR['status'] == "UNCONFIRMED") {
// Set account to pending
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='PENDING'
WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
}
} elseif ($SPONSOR['status'] == "EMAIL") {
// Changed email adress need to be confirmed
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='CONFIRMED'
WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
if (isset($_POST['ok'])) {
// Check email
$result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
array($_POST['email']), __FILE__, __LINE__);
if (isset($_POST['ok'])) {
// Check email
$result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__);
// Entry found?
SEND_EMAIL($_POST['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor);
// Update password
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET password='%s'
WHERE id='%s' LIMIT 1",
array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__);
}
} elseif (isset($_POST['ok'])) {
// Check status and login data ...
- $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data
+ $result = SQL_QUERY_ESC("SELECT status FROM `"._MYSQL_PREFIX."_sponsor_data`
WHERE id='%s' AND password='%s' LIMIT 1",
array(bigintval($_POST['sponsorid']), md5($_POST['pass'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
list($status) = SQL_FETCHROW($result);
if ($status == "CONFIRMED") {
- // Calculate cookie lifetime, maybe we have to change this so the admin can setup a
- // seperate timeout for these two cookies?
- $life = (time() + $_CONFIG['online_timeout']);
-
// Is confirmed so both is fine and we can continue with login procedure
- $login = ((setcookie("sponsorid" , bigintval($_POST['sponsorid']), $life, COOKIE_PATH)) &&
- (setcookie("sponsorpass", md5($_POST['pass']) , $life, COOKIE_PATH)));
+ $login = ((set_session('sponsorid' , bigintval($_POST['sponsorid']))) &&
+ (set_session('sponsorpass', md5($_POST['pass']) ))
+ );
if ($login) {
// Cookie setup successfull so we can forward to sponsor area
- LOAD_URL(URL."/modules.php?module=sponsor");
+ LOAD_URL("modules.php?module=sponsor");
} else {
// Cookie setup failed!
LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);