************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
}
// Create array for form errors (= missing data)
$FORM_ERRORS = array();
-if (isset($HTTP_POST_VARS['ok']))
-{
+if (isset($_POST['ok'])) {
//
// Check submitted form data
//
// 1. Salutation / Surname / family name
- if (empty($HTTP_POST_VARS['salut']))
+ if (empty($_POST['salut']))
{
// Surname is empty
$FORM_ERRORS[] = SPONSOR_NO_SALUT_SELECTED;
}
- if (empty($HTTP_POST_VARS['surname']))
+ if (empty($_POST['surname']))
{
// Surname is empty
$FORM_ERRORS[] = SPONSOR_SURNAME_IS_EMPTY;
}
- if (empty($HTTP_POST_VARS['family']))
+ if (empty($_POST['family']))
{
// Surname is empty
$FORM_ERRORS[] = SPONSOR_FAMILY_IS_EMPTY;
}
// 2. Company name
// 012 3 32 23 4 43 3 4 4321 12 3 32 2 3 3210
- if (((empty($HTTP_POST_VARS['company'])) && ((!empty($HTTP_POST_VARS['tax_ident'])) || (!empty($HTTP_POST_VARS['position'])))) || ((!empty($HTTP_POST_VARS['company'])) && (empty($HTTP_POST_VARS['tax_ident']))))
+ if (((empty($_POST['company'])) && ((!empty($_POST['tax_ident'])) || (!empty($_POST['position'])))) || ((!empty($_POST['company'])) && (empty($_POST['tax_ident']))))
{
- if (empty($HTTP_POST_VARS['company']))
+ if (empty($_POST['company']))
{
// Company name is empty
$FORM_ERRORS[] = SPONSOR_COMPANY_IS_EMPTY;
}
- elseif (empty($HTTP_POST_VARS['tax_ident']))
+ elseif (empty($_POST['tax_ident']))
{
// Tax ident number name is empty
$FORM_ERRORS[] = SPONSOR_TAX_IDENT_IS_EMPTY;
}
- if (empty($HTTP_POST_VARS['position']))
+ if (empty($_POST['position']))
{
// Not fatal but not nice: position in company is empty
$FORM_ERRORS[] = SPONSOR_POSITION_IS_EMPTY;
}
}
// 3. Street and number
- if (empty($HTTP_POST_VARS['street_nr1']))
+ if (empty($_POST['street_nr1']))
{
// Street name and house number are empty
$FORM_ERRORS[] = SPONSOR_STREET_NR1_IS_EMPTY;
}
- elseif ((!empty($HTTP_POST_VARS['street_nr2'])) && (empty($HTTP_POST_VARS['street_nr1'])))
+ elseif ((!empty($_POST['street_nr2'])) && (empty($_POST['street_nr1'])))
{
// 1st line for street is empty, but 2nd line not
$FORM_ERRORS[] = SPONSOR_STREET_NR1_IS_EMPTY_2_NOT;
}
// 4. Country code
- if (empty($HTTP_POST_VARS['country']))
+ if (empty($_POST['country']))
{
// Country code is empty
$FORM_ERRORS[] = SPONSOR_COUNTRY_IS_EMPTY;
}
- elseif (strlen($HTTP_POST_VARS['country']) != 2)
+ elseif (strlen($_POST['country']) != 2)
{
// Country code is invalid
$FORM_ERRORS[] = SPONSOR_COUNTRY_IS_INVALID;
}
// 3. ZIP code
- if (empty($HTTP_POST_VARS['zip']))
+ if (empty($_POST['zip']))
{
// ZIP code is empty
$FORM_ERRORS[] = SPONSOR_ZIP_IS_EMPTY;
}
- elseif (bigintval($HTTP_POST_VARS['zip']) != $HTTP_POST_VARS['zip'])
+ elseif (bigintval($_POST['zip']) != $_POST['zip'])
{
// ZIP is invalid
$FORM_ERRORS[] = SPONSOR_ZIP_IS_INVALID;
- $HTTP_POST_VARS['zip'] = "";
+ $_POST['zip'] = "";
}
// 4. City
- if (empty($HTTP_POST_VARS['city']))
+ if (empty($_POST['city']))
{
// City is empty
$FORM_ERRORS[] = SPONSOR_CITY_IS_EMPTY;
}
// 5. Phone number
- if (empty($HTTP_POST_VARS['phone']))
+ if (empty($_POST['phone']))
{
// City is empty
$FORM_ERRORS[] = SPONSOR_PHONE_IS_EMPTY;
}
// 6. Homepage URL
- if (empty($HTTP_POST_VARS['url']))
+ if (empty($_POST['url']))
{
// Homepage URL is empty
$FORM_ERRORS[] = SPONSOR_URL_IS_EMPTY;
}
- elseif (!VALIDATE_URL($HTTP_POST_VARS['url']))
+ elseif (!VALIDATE_URL($_POST['url']))
{
// Homepage URL is invalid
$FORM_ERRORS[] = SPONSOR_URL_IS_INVALID;
- $HTTP_POST_VARS['url'] = "";
+ $_POST['url'] = "";
}
// 7. Light validation of email address
- if ((empty($HTTP_POST_VARS['email'])) || ($HTTP_POST_VARS['email'] == "@"))
+ if ((empty($_POST['email'])) || ($_POST['email'] == "@"))
{
// Email is invalid/empty
$FORM_ERRORS[] = SPONSOR_EMAIL_IS_INVALID;
}
- elseif (SPONSOR_FOUND_EMAIL_DB($HTTP_POST_VARS['email']))
+ elseif (SPONSOR_FOUND_EMAIL_DB($_POST['email']))
{
// Email already found in database!
$FORM_ERRORS[] = SPONSOR_EMAIL_IS_ALREADY_REGISTERED;
- $HTTP_POST_VARS['email'] = "";
+ $_POST['email'] = "";
}
// 8. Pay type selected?
- if (empty($HTTP_POST_VARS['pay_type']))
+ if (empty($_POST['pay_type']))
{
// Not pay type selected
$FORM_ERRORS[] = SPONSOR_NO_PAYTYPE_SELECTED;
}
// 9. Interval of mails
- if (empty($HTTP_POST_VARS['warning_interval']))
+ if (empty($_POST['warning_interval']))
{
// No warning interval selected
$FORM_ERRORS[] = SPONSOR_NO_WARNING_INTERVAL_SELECTED;
}
// 10. Mail notifications disabled/enabled
- if (empty($HTTP_POST_VARS['receive_warnings']))
+ if (empty($_POST['receive_warnings']))
{
// Option not selected!
$FORM_ERRORS[] = SPONSOR_NO_RECEIVE_WARNINGS_SELECTED;
}
// Did he enter his password twice?
- if (((empty($HTTP_POST_VARS['pass1'])) || (empty($HTTP_POST_VARS['pass2']))) || (($HTTP_POST_VARS['pass1'] != $HTTP_POST_VARS['pass2']) && (!empty($HTTP_POST_VARS['pass1'])) && (!empty($HTTP_POST_VARS['pass2']))))
+ if (((empty($_POST['pass1'])) || (empty($_POST['pass2']))) || (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2']))))
{
- if (($HTTP_POST_VARS['pass1'] != $HTTP_POST_VARS['pass2']) && (!empty($HTTP_POST_VARS['pass1'])) && (!empty($HTTP_POST_VARS['pass2'])))
+ if (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])))
{
// Passwords missmatch
$FORM_ERRORS[] = SPONSOR_PASSWORDS_MISMATCH;
}
else
{
- if (empty($HTTP_POST_VARS['pass1']))
+ if (empty($_POST['pass1']))
{
// Password 1 is empty
$FORM_ERRORS[] = SPONSOR_PASSWORD1_EMPTY;
}
- if (empty($HTTP_POST_VARS['pass2']))
+ if (empty($_POST['pass2']))
{
// Password 2 is empty
$FORM_ERRORS[] = SPONSOR_PASSWORD2_EMPTY;
}
}
// Is the password long enough?
- elseif (strlen($HTTP_POST_VARS['pass1']) < $CONFIG['pass_len'])
+ elseif (strlen($_POST['pass1']) < $CONFIG['pass_len'])
{
// Too short!
$FORM_ERRORS[] = SPONSOR_PASSWORD_TOO_SHORT;
}
// Check if he has accepted the terms&conditions
- if (empty($HTTP_POST_VARS['terms']))
+ if (empty($_POST['terms']))
{
// Homepage URL is empty
$FORM_ERRORS[] = SPONSOR_TERMS_NOT_ACCEPTED;
}
// If there is something wrong/missing stop registration
- if (count($FORM_ERRORS) > 0) unset($HTTP_POST_VARS['ok']);
+ if (count($FORM_ERRORS) > 0) unset($_POST['ok']);
}
-if ((isset($HTTP_POST_VARS['ok'])) && (count($FORM_ERRORS) == 0))
+if ((isset($_POST['ok'])) && (count($FORM_ERRORS) == 0))
{
// Generate message array
$MSGs = array(
// Calulate points
$result = SQL_QUERY_ESC("SELECT (pay_rate * pay_min_count) AS points, pay_min_count AS pay, pay_currency AS curr
FROM "._MYSQL_PREFIX."_sponsor_paytypes
-WHERE id='%s' LIMIT 1", array($HTTP_POST_VARS['pay_type']), __FILE__, __LINE__);
+WHERE id='%s' LIMIT 1", array($_POST['pay_type']), __FILE__, __LINE__);
list($points, $pay, $curr) = SQL_FETCHROW($result);
// Free memory
SQL_FREERESULT($result);
// Add points to array
- $HTTP_POST_VARS['points_amount'] = $points;
- $HTTP_POST_VARS['points_used'] = "0.00000";
- $HTTP_POST_VARS['last_pay'] = $pay;
- $HTTP_POST_VARS['last_curr'] = $curr;
+ $_POST['points_amount'] = $points;
+ $_POST['points_used'] = "0.00000";
+ $_POST['last_pay'] = $pay;
+ $_POST['last_curr'] = $curr;
// Register sponsor but never ever update here!
- $STATUS = SPONSOR_HANDLE_SPONSOR($HTTP_POST_VARS, true, $MSGs, true);
+ $STATUS = SPONSOR_HANDLE_SPONSOR($_POST, true, $MSGs, true);
// Check the status of the registration process
switch ($STATUS)
case "added": // Sponsor successfully added with account status = UNCONFIRMED!
// Check for his ID number
$result = SQL_QUERY_ESC("SELECT id, hash FROM "._MYSQL_PREFIX."_sponsor_data WHERE email='%s' LIMIT 1",
- array($HTTP_POST_VARS['email']), __FILE__, __LINE__);
+ array($_POST['email']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
// ID found so let's load it for the confirmation email
// Prepare data for the email template
define('__ID' , $id);
define('__HASH' , $hash);
- define('__EMAIL' , $HTTP_POST_VARS['email']);
- define('__SURNAME' , $HTTP_POST_VARS['surname']);
- define('__FAMILY' , $HTTP_POST_VARS['family']);
- define('__SALUT' , TRANSLATE_SEX($HTTP_POST_VARS['salut']));
+ define('__EMAIL' , $_POST['email']);
+ define('__SURNAME' , $_POST['surname']);
+ define('__FAMILY' , $_POST['family']);
+ define('__SALUT' , TRANSLATE_SEX($_POST['salut']));
define('__TIMESTAMP', MAKE_DATETIME(time(), 0));
- define('__PASSWORD' , $HTTP_POST_VARS['pass1']);
+ define('__PASSWORD' , $_POST['pass1']);
// Generate email and send it to the new sponsor
$EMAIL_MSG = LOAD_EMAIL_TEMPLATE("sponsor_confirm", $hash);
- SEND_EMAIL($HTTP_POST_VARS['email'], SPONSOR_PLEASE_CONFIRM_SUBJ, $EMAIL_MSG);
+ SEND_EMAIL($_POST['email'], SPONSOR_PLEASE_CONFIRM_SUBJ, $EMAIL_MSG);
// Send mail to admin
if (GET_EXT_VERSION("admins") >= "0.4.1")
else
{
// Sponsor account not found???
- $MSG = SPONSOR_EMAIL_404_1.$HTTP_POST_VARS['email'].SPONSOR_EMAIL_404_2;
+ $MSG = SPONSOR_EMAIL_404_1.$_POST['email'].SPONSOR_EMAIL_404_2;
}
// Free memory
if (count($FORM_ERRORS) > 0)
{
// Some found... :-(
- define('__COMPANY' , COMPILE_CODE($HTTP_POST_VARS['company']));
- define('__POSITION' , COMPILE_CODE($HTTP_POST_VARS['position']));
- define('__TAX_IDENT', COMPILE_CODE($HTTP_POST_VARS['tax_ident']));
- define('__SURNAME' , COMPILE_CODE($HTTP_POST_VARS['surname']));
- define('__FAMILY' , COMPILE_CODE($HTTP_POST_VARS['family']));
- define('__STREET1' , COMPILE_CODE($HTTP_POST_VARS['street_nr1']));
- define('__STREET2' , COMPILE_CODE($HTTP_POST_VARS['street_nr2']));
- define('__COUNTRY' , COMPILE_CODE($HTTP_POST_VARS['country']));
- define('__ZIP' , COMPILE_CODE($HTTP_POST_VARS['zip']));
- define('__CITY' , COMPILE_CODE($HTTP_POST_VARS['city']));
- define('__PHONE' , COMPILE_CODE($HTTP_POST_VARS['phone']));
- define('__FAX' , COMPILE_CODE($HTTP_POST_VARS['fax']));
- define('__CELL' , COMPILE_CODE($HTTP_POST_VARS['cell']));
- define('__EMAIL' , COMPILE_CODE($HTTP_POST_VARS['email']));
- define('__URL' , COMPILE_CODE($HTTP_POST_VARS['url']));
+ define('__COMPANY' , COMPILE_CODE($_POST['company']));
+ define('__POSITION' , COMPILE_CODE($_POST['position']));
+ define('__TAX_IDENT', COMPILE_CODE($_POST['tax_ident']));
+ define('__SURNAME' , COMPILE_CODE($_POST['surname']));
+ define('__FAMILY' , COMPILE_CODE($_POST['family']));
+ define('__STREET1' , COMPILE_CODE($_POST['street_nr1']));
+ define('__STREET2' , COMPILE_CODE($_POST['street_nr2']));
+ define('__COUNTRY' , COMPILE_CODE($_POST['country']));
+ define('__ZIP' , COMPILE_CODE($_POST['zip']));
+ define('__CITY' , COMPILE_CODE($_POST['city']));
+ define('__PHONE' , COMPILE_CODE($_POST['phone']));
+ define('__FAX' , COMPILE_CODE($_POST['fax']));
+ define('__CELL' , COMPILE_CODE($_POST['cell']));
+ define('__EMAIL' , COMPILE_CODE($_POST['email']));
+ define('__URL' , COMPILE_CODE($_POST['url']));
// Check for salutation selection
- switch ($HTTP_POST_VARS['salut'])
+ switch ($_POST['salut'])
{
case "M": // Male
define('__SALUT_M' , " selected");
}
// Check for receive_warnings
- switch ($HTTP_POST_VARS['receive_warnings'])
+ switch ($_POST['receive_warnings'])
{
case "Y":
define('__REC_Y' , " selected");
}
$OUT .= "</OL><BR>\n";
define('__SPONSOR_FORM_ERRORS', $OUT);
- define('__SPONSOR_REFID', $HTTP_POST_VARS['refid']);
+ define('__SPONSOR_REFID', $_POST['refid']);
}
else
{
}
// Prepare referral things
- if (!isset($HTTP_GET_VARS['refid']))
+ if (!isset($_GET['refid']))
{
// No referral link
define('__SPONSOR_REFID', "0");
else
{
// Referral ID transmitted, we don't care here if it is right or not
- define('__SPONSOR_REFID', $HTTP_GET_VARS['refid']);
+ define('__SPONSOR_REFID', bigintval($_GET['refid']));
}
// Display registration form