// If admin login is not given take current from cookies...
if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
// Get admin login and password from session/cookies
- $admin = SQL_ESCAPE(get_session('admin_login'));
- $passCookie = SQL_ESCAPE(get_session('admin_md5'));
+ $admin = get_session('admin_login');
+ $passCookie = get_session('admin_md5');
}
//* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH')))
{
// Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
} else {
// Maybe got locked etc.
//* DEBUG: */ echo __LINE__."!!!<br>";
- set_session("userid", "");
- set_session("u_hash", "");
- set_session("lifetime", "");
+ destroy_user_session();
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
} else {
// Cookie data is invalid!
//* DEBUG: */ echo __LINE__."***<br>";
- set_session("userid", "");
- set_session("u_hash", "");
- set_session("lifetime", "");
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
{
// Cookie data is invalid!
//* DEBUG: */ echo __LINE__."///<br>";
- set_session("userid", "");
- set_session("u_hash", "");
- set_session("lifetime", "");
+ destroy_user_session();
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
if (!IS_LOGGED_IN()) return false;
// Load last module and last online time
- $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load last module and online time
list($mod, $onl) = SQL_FETCHROW($result);
// Maybe first login time?
if (empty($mod)) $mod = "login";
- if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", SQL_ESCAPE(get_session('u_hash')), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) {
+ if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", get_session('u_hash'), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) {
// This will be displayed on welcome page! :-)
if (empty($LAST['module'])) {
$LAST['module'] = $mod; $LAST['online'] = $onl;
}
// Update last module / online time
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
}
} else {
// Destroy session, we cannot update!
- set_session("userid", "");
- set_session("u_hash", "");
- set_session("lifetime", "");
+ destroy_user_session();
}
}
//
global $_CONFIG, $DATA;
// Load hash
- $result_main = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ $result_main = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) == 1) {
// Load hash from database
$hash = generatePassString($hashDB);
if (($hash == get_session('u_hash')) || ($_POST['pass1'] == $_POST['pass2'])) {
// Load user's data
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND password='%s' LIMIT 1",
array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load the data
$ret = _CATEGORY_404;
// Lookup the category
- $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
array(bigintval($cid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Category found... :-)
$ret = _PAYMENT_404;
// Load payment data
- $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
array(bigintval($pid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Payment type found... :-)
function GET_PAY_POINTS($pid, $lookFor="price")
{
$ret = "-1";
- $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
array($lookFor, $pid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
// Only when we got a real stats ID continue searching for the entry
$type = "NORMAL"; $rowName = "stats_id";
if ($bonus) { $type = "BONUS"; $rowName = "bonus_id"; }
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%s AND link_type='%s' LIMIT 1",
array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0)
{
$DEPTH++;
}
+ // Percents and table
+ $percents = "percents"; if (isset($_CONFIG['db_percents'])) $percents = $_CONFIG['db_percents'];
+ $table = "refdepths"; if (isset($_CONFIG['db_table'])) $table = $_CONFIG['db_table'];
+
// Which points, locked or normal?
$data = "points"; if ($locked) $data = "locked_points";
- $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
//* DEBUG */ echo "+".SQL_NUMROWS($result_user).":".$points."+<br />\n";
if (SQL_NUMROWS($result_user) == 1) {
list ($ref, $email) = SQL_FETCHROW($result_user);
SQL_FREERESULT($result_user);
- $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
- array(bigintval($DEPTH)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE level='%s' LIMIT 1",
+ array($percents, $table, bigintval($DEPTH)), __FILE__, __LINE__);
//* DEBUG */ echo "DEPTH:".$DEPTH."<br />\n";
if (SQL_NUMROWS($result) == 1) {
list($per) = SQL_FETCHROW($result);
//* DEBUG */ echo "ADD:".$P."<br />\n";
// Update points...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%s AND ref_depth=%s LIMIT 1",
array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0) {
// First ref in this level! :-)
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%d, %d, %s)",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%s, %s, %s)",
array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
}
if (empty($REF_LVL)) $REF_LVL = "0";
// Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1",
array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
// When no entry was updated then we have to create it here
}
// Check for his referral
- $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
list($ref) = SQL_FETCHROW($result);
module='%s',
action='%s',
what='%s',
-userid=%d,
-refid=%d,
+userid=%s,
+refid=%s,
is_member='%s',
is_admin='%s',
timestamp=UNIX_TIMESTAMP()
else
{
// No entry does exists so we simply add it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
}
// Purge old entries
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %d)",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %s)",
array($_CONFIG['online_timeout']), __FILE__, __LINE__);
}
// OBSULETE: Sends out mail to all administrators
if (empty($ret)) $ret = "***";
} else {
// Load from database
- $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
array(bigintval($aid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Fetch data
);
// Run SQLs
- foreach ($SQLs as $sql)
- {
+ foreach ($SQLs as $sql) {
$result = SQL_QUERY($sql, __FILE__, __LINE__);
}
- // Destroy cache
+ // @TODO Destroy cache
}
}
//
FROM "._MYSQL_PREFIX."_user_points AS p
LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
ON p.userid=d.userid
-WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Save his points to add them to the jackpot
list($points) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Delete points entries as well
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
// Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
// Update database
MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
}
}
// Delete category selections as well...
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s",
array(bigintval($uid)), __FILE__, __LINE__);
// Remove from rallye if found
- if (EXT_IS_ACTIVE("rallye"))
- {
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",
+ if (EXT_IS_ACTIVE("rallye")) {
+ $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s",
array(bigintval($uid)), __FILE__, __LINE__);
}
SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
// Ok, delete the account!
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
}
//
function META_DESCRIPTION($mod, $wht)
return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo"));
}
//
-function LOAD_CONFIG($no="0")
-{
+function LOAD_CONFIG($no="0") {
global $cacheArray;
$CFG_DUMMY = array();
//* DEBUG: */ echo gettype($cacheArray['config'][$no])."<br />\n";
foreach ($cacheArray['config'][$no] as $key=>$value) {
$CFG_DUMMY[$key] = $value;
- }
+ } // END - foreach
// Count cache hits if exists
if ((isset($CFG_DUMMY['cache_hits'])) && (EXT_IS_ACTIVE("cache"))) {
return $CFG_DUMMY;
}
// Gets the matching what name from module
-function GET_WHAT($MOD_CHECK)
-{
+function GET_WHAT($MOD_CHECK) {
$wht = "";
//* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
switch ($MOD_CHECK)
// All is false by default
$ret = false;
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
+ if (GET_EXT_VERSION("cache") >= "0.1.2") {
if (isset($cacheArray['modules']['has_menu'][$mod]))
{
// Check module cache and count hit
$_CONFIG['cache_hits']++;
}
}
- if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))
- {
+
+ if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false)) {
// Check database for entry
$result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",
array($mod), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
list($has_menu) = SQL_FETCHROW($result);
- if ($has_menu == "Y") $ret = true;
+ $ret = ($has_menu == "Y");
}
// Free memory
SQL_FREERESULT($result);
} elseif (GET_EXT_VERSION("sql_patches") == "") {
// No sql_patches installed, so maybe in admin area?
- if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!
+ $ret = ((IS_ADMIN()) && ($mod == "admin")); // Then there is a menu!
}
// Return status
return $ret;
}
+// Subtract points from database and mediadata cache
+function SUB_POINTS ($uid, $points) {
+ // Add points to used points
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%s LIMIT 1",
+ array($points, bigintval($uid)), __FILE__, __LINE__);
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
+ } // END - if
+}
+// Update config entries
+function UPDATE_CONFIG ($entries, $values, $updateMode="") {
+ // Do we have multiple entries?
+ if (is_array($entries)) {
+ // Walk through all
+ $all = "";
+ foreach ($entries as $idx => $entry) {
+ // Update mode set?
+ if (!empty($updateMode)) {
+ // Update entry
+ $all .= sprintf("%s=%s%s%s,", $entry, $entry, $updateMode, (float)$values[$idx]);
+ } else {
+ // Check if string or number
+ if (($values[$idx] + 0) === $values[$idx]) {
+ // Number detected
+ $all .= sprintf("%s=%s,", $entry, (float)$values[$idx]);
+ } else {
+ // String detected
+ $all .= sprintf("%s='%s',", $entry, SQL_ESCAPE($values[$idx]));
+ }
+ }
+ } // END - foreach
+ // Remove last comma
+ $entries = substr($all, 0, -1);
+ } elseif (!empty($updateMode)) {
+ // Update mode set
+ $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$value);
+ } else {
+ // Regular entry to update
+ $entries .= sprintf("='%s'", SQL_ESCAPE($values));
+ }
+
+ // Run database update
+ //* DEBUG: */ DEBUG_LOG(__FUNCTION__.":entries={$entries}");
+ SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET ".$entries." WHERE config=0 LIMIT 1", __FILE__, __LINE__);
+
+ // Destroy cache
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (SQL_AFFECTEDROWS() == 1)) {
+ global $cacheInstance;
+ if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
+ } // END - if
+}
//
?>