projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
A lot has been rewritten, ext-teams added, ext-forced continued:
[mailer.git] / inc / modules / guest / what-sponsor_login.php
diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php
index 340e211f52649f91172daf7eaf1ef22700e3c33b..caaab113579a429136f15defa03c6464dbcda65c 100644 (file)
--- a/inc/modules/guest/what-sponsor_login.php
+++ b/inc/modules/guest/what-sponsor_login.php
@@ -14,11 +14,9 @@
  * $Date::                                                            $ *
  * $Tag:: 0.2.1-FINAL                                                 $ *
  * $Author::                                                          $ *
- * Needs to be in all Files and every File needs "svn propset           *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -43,12 +41,15 @@ if (!defined('__SECURITY')) {
 } // END - if
 
 // Add description as navigation point
-addMenuDescription('guest', __FILE__);
+addYouAreHereLink('guest', __FILE__);
 
 if ((!isExtensionActive('sponsor'))) {
-       loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('sponsor'));
+       displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=sponsor%}');
        return;
-} // END - if
+} elseif (isSponsor()) {
+       // Is already a logged-in sponsor
+       redirectToUrl('modules.php?module=sponsor');
+}
 
 $mode = '';
 if (isGetRequestParameterSet('mode')) {
@@ -63,14 +64,17 @@ if (isGetRequestParameterSet('mode')) {
 if (isGetRequestParameterSet('hash')) {
        // Lookup sponsor
        $result = SQL_QUERY_ESC("SELECT
-       `id`, `status`, `gender`, `surname`, `family`,
-       `company`, `position`, `tax_ident`,
-       `street_nr1`, `street_nr2`, `country`, `zip`, `city`, `email`, `phone`, `fax`, `cell`,
-       `points_amount` AS points, `last_pay` AS pay, `last_curr` AS curr
+       `id`,`status`,`gender`,`surname`,`family`,
+       `company`,`position`,`tax_ident`,
+       `street_nr1`,`street_nr2`,`country`,`zip`,`city`,`email`,`phone`,`fax`,`cell`,
+       `points_amount` AS `points`,`last_payment`,`last_currency`
 FROM
        `{?_MYSQL_PREFIX?}_sponsor_data`
 WHERE
-       `hash='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL')
+       `hash`='%s' AND (
+               `status`='UNCONFIRMED' OR
+               `status`='EMAIL'
+       )
 LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {
                // Sponsor found, load his data...
@@ -82,10 +86,11 @@ LIMIT 1", array(getRequestParameter('hash')), __FILE__, __LINE__);
                        SQL_QUERY_ESC("UPDATE
        `{?_MYSQL_PREFIX?}_sponsor_data`
 SET
-       `status`='PENDING'
+       `status`='PENDING',
+       `hash`=NULL
 WHERE
        `id`=%s AND
-       hash='%s' AND
+       `hash`='%s' AND
        `status`='UNCONFIRMED'
 LIMIT 1",
                                array(
@@ -94,7 +99,7 @@ LIMIT 1",
                                ), __FILE__, __LINE__);
 
                        // Check on success
-                       if (SQL_AFFECTEDROWS() == 1) {
+                       if (!SQL_HASZEROAFFECTED()) {
                                // Prepare mail and send it to the sponsor
                                $message = loadEmailTemplate('sponsor_pending', $data);
                                sendEmail($data['email'], '{--SPONSOR_ACCOUNT_PENDING_SUBJECT--}', $message);
@@ -103,39 +108,40 @@ LIMIT 1",
                                sendAdminNotification('{--ADMIN_NEW_SPONSOR--}', 'admin_sponsor_pending', $data);
 
                                // Sponsor account set to pending
-                               loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_IS_PENDING--}');
+                               displayMessage('{--SPONSOR_ACCOUNT_IS_PENDING--}');
                        } else {
                                // Could not unlock account!
-                               loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_PENDING_FAILED--}');
+                               displayMessage('{--SPONSOR_ACCOUNT_PENDING_FAILED--}');
                        }
                } elseif ($data['status'] == 'EMAIL') {
                        // Changed email adress need to be confirmed
                        SQL_QUERY_ESC("UPDATE
        `{?_MYSQL_PREFIX?}_sponsor_data`
 SET
-       `status`='CONFIRMED'
+       `status`='CONFIRMED',
+       `hash`=NULL
 WHERE
-       `id`='%s' AND
+       `id`=%s AND
        `hash`='%s' AND
        `status`='EMAIL'
 LIMIT 1",
                                array(bigintval($data['id']), getRequestParameter('hash')), __FILE__, __LINE__);
 
                        // Check on success
-                       if (SQL_AFFECTEDROWS() == 1) {
+                       if (!SQL_HASZEROAFFECTED()) {
                                // Sponsor account is unlocked again
-                               loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}');
+                               displayMessage('{--SPONSOR_ACCOUNT_IS_CONFIRMED_AGAIN--}');
                        } else {
                                // Could not unlock account!
-                               loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_EMAIL_FAILED--}');
+                               displayMessage('{--SPONSOR_ACCOUNT_EMAIL_FAILED--}');
                        }
                } else {
-                       /// ??? Other status?
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACCOUNT_STATUS_FAILED--}');
+                       // ??? Other status?
+                       displayMessage('{--SPONSOR_ACCOUNT_STATUS_FAILED--}');
                }
        } else {
                // No sponsor found
-               loadTemplate('admin_settings_saved', false, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getRequestParameter('hash')));
+               displayMessage('{%message,SPONSOR_ACCOUNT_404=' . getRequestParameter('hash') . '%}');
        }
 
        // Free memory
@@ -149,9 +155,15 @@ LIMIT 1",
 
        if (isFormSent()) {
                // Check email
-               $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT
+       `id`,`hash`,`status`,`remote_addr`,`gender`,`surname`,`family`,
+       UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+       `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+       `email`='%s' AND
+       (`status`='UNCONFIRMED' OR `status`='EMAIL')
+LIMIT 1",
                array(postRequestParameter('email')), __FILE__, __LINE__);
 
                // Entry found?
@@ -173,10 +185,10 @@ WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
                        sendEmail(postRequestParameter('email'), '{--SPONSOR_ACTIVATION_LINK_SUBJECT--}', $message_sponsor);
 
                        // Output message
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACTIVATION_LINK_SENT--}');
+                       displayMessage('{--SPONSOR_ACTIVATION_LINK_SENT--}');
                } else {
                        // No account found or not UNCONFIRMED
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_ACTIVATION_LINK_404--}');
+                       displayMessage('{--SPONSOR_ACTIVATION_LINK_404--}');
                }
 
                // Free memory
@@ -194,9 +206,16 @@ WHERE email='%s' AND (`status`='UNCONFIRMED' OR `status`='EMAIL') LIMIT 1",
 
        if (isFormSent()) {
                // Check email
-               $result = SQL_QUERY_ESC("SELECT `id`, `hash`, `remote_addr`, `gender`, `surname`, `family`, `sponsor_created`
-FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT
+       `id`,`hash`,`remote_addr`,`gender`,`surname`,`family`,
+       UNIX_TIMESTAMP(`sponsor_created`) AS `sponsor_created`
+FROM
+       `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+       `email`='%s' AND
+       `id`=%s AND
+       `status`='CONFIRMED'
+LIMIT 1",
                array(postRequestParameter('email'), bigintval(postRequestParameter('id'))), __FILE__, __LINE__);
 
                // Entry found?
@@ -204,12 +223,9 @@ WHERE `email`='%s' AND `id`='%s' AND `status`='CONFIRMED' LIMIT 1",
                        // Unconfirmed sponsor account found so let's load the requested data
                        $DATA = SQL_FETCHARRAY($result);
 
-                       // Translate some data
-                       $DATA['gender']          = translateGender($DATA['gender']);
-                       $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']);
-
-                       // Generate password
+                       // Generate password/translate some data
                        $DATA['password']        = generatePassword();
+                       $DATA['sponsor_created'] = generateDateTime($DATA['sponsor_created']);
 
                        // Prepare email and send it to the sponsor
                        $message_sponsor = loadEmailTemplate('sponsor_lost', $DATA);
@@ -226,10 +242,10 @@ LIMIT 1",
                                array(md5($DATA['password']), bigintval($DATA['id'])), __FILE__, __LINE__);
 
                        // Output message
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOST_PASSWORD_SENT--}');
+                       displayMessage('{--SPONSOR_LOST_PASSWORD_SENT--}');
                } else {
                        // No account found or not UNCONFIRMED
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOST_PASSWORD_404--}');
+                       displayMessage('{--SPONSOR_LOST_PASSWORD_404--}');
                }
 
                // Free memory
@@ -240,17 +256,26 @@ LIMIT 1",
        }
 } elseif (isFormSent()) {
        // Check status and login data ...
-       $result = SQL_QUERY_ESC("SELECT status FROM `{?_MYSQL_PREFIX?}_sponsor_data`
-WHERE `id`='%s' AND password='%s' LIMIT 1",
-       array(bigintval(postRequestParameter('sponsorid')), md5(postRequestParameter('pass'))), __FILE__, __LINE__);
+       $result = SQL_QUERY_ESC("SELECT
+       `status`
+FROM
+       `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+       `id`=%s AND
+       `password`='%s'
+LIMIT 1",
+       array(
+               bigintval(postRequestParameter('sponsor_id')),
+               md5(postRequestParameter('password'))
+       ), __FILE__, __LINE__);
 
        if (SQL_NUMROWS($result) == 1) {
                // Okay, first login data check passed, now has he/she an approved (CONFIRMED) account?
                list($status) = SQL_FETCHROW($result);
                if ($status == 'CONFIRMED') {
                        // Is confirmed so both is fine and we can continue with login procedure
-                       $login = ((setSession('sponsorid'  , bigintval(postRequestParameter('sponsorid')))) &&
-                       (setSession('sponsorpass', md5(postRequestParameter('pass'))           ))
+                       $login = ((setSession('sponsor_id'  , bigintval(postRequestParameter('sponsor_id')))) &&
+                       (setSession('sponsor_pass', md5(postRequestParameter('password'))           ))
                        );
 
                        if ($login === true) {
@@ -258,21 +283,21 @@ WHERE `id`='%s' AND password='%s' LIMIT 1",
                                redirectToUrl('modules.php?module=sponsor');
                        } else {
                                // Cookie setup failed!
-                               loadTemplate('admin_settings_saved', false, '{--SPONSPOR_COOKIE_SETUP_FAILED--}');
+                               displayMessage('{--SPONSOR_COOKIE_SETUP_FAILED--}');
 
                                // Login formular and other links
                                loadTemplate('guest_sponsor_login');
                        }
                } else {
                        // Status is not fine
-                       loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '--}');
+                       displayMessage('{--SPONSOR_LOGIN_FAILED_' . strtoupper($status) . '--}');
 
                        // Login formular and other links
                        loadTemplate('guest_sponsor_login');
                }
        } else {
                // Account missing or wrong pass! We shall not find this out for the "cracker folks"...
-               loadTemplate('admin_settings_saved', false, '{--SPONSOR_LOGIN_FAILED_404_WRONG_PASS--}');
+               displayMessage('{--SPONSOR_LOGIN_FAILED_404_WRONG_PASS--}');
 
                // Login formular and other links
                loadTemplate('guest_sponsor_login');
Mailer-Project repository