- Login failtures added to admin/member menu

[mailer.git] / inc / mysql-manager.php

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 8ddbea29c9404486280f61d5c47c56b11b3f0e92..a5b364cf65ad2aad539997501b61663eedefd5b0 100644 (file)
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -245,7 +245,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
                $AND = "";
        }
        if ((!isset($DEPTH)) && (!$return)) {
-               $DEPTH = "0";
+               $DEPTH = 0;
                $prefix = "<DIV class=\"you_are_here\">".YOU_ARE_HERE."&nbsp;<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";
        } else {
                if (!$return) $DEPTH++;
@@ -261,9 +261,12 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
        $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
         array($ACC_LVL, $type, $search), __FILE__, __LINE__);
 
+       // Menu found?
        if (SQL_NUMROWS($result) == 1) {
+               // Load title
                list($ret) = SQL_FETCHROW($result);
-               SQL_FREERESULT($result);
+
+               // Shall we return it?
                if ($return) {
                        // Return title
                        return $ret;
@@ -275,9 +278,18 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
                                //* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
                                $OUT .= "</DIV><br />\n";
                                $DEPTH="0";
-                       }
+
+                               // Handle failed logins here if not in guest
+                               if (($type != "guest") && (GET_EXT_VERSION("sql_patches") >= "0.4.7")) {
+                                       // Handle failture
+                                       $OUT .= HANDLE_LOGIN_FAILTURES($type);
+                               } // END - if
+                       } // END - if
                }
-       }
+       } // END - if
+
+       // Free result
+       SQL_FREERESULT($result);
 
        // Return or output HTML code?
        if ($output) {
@@ -314,9 +326,17 @@ function ADD_MENU($MODE, $act, $wht) {
                // There are menus available, so we simply display them... :)
                while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) {
                        //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
-                       // Load menu header template
+                       // Init variables
                        $BLOCK_MODE = false; $act = $main_action;
-                       LOAD_TEMPLATE($MODE."_menu_title", false, $main_title);
+
+                       // Prepare content
+                       $content = array(
+                               'action' => $main_action,
+                               'title'  => $main_title
+                       );
+
+                       // Load menu header template
+                       LOAD_TEMPLATE($MODE."_menu_title", false, $content);
 
                        $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
                         array($MODE, $main_action), __FILE__, __LINE__);
@@ -355,6 +375,13 @@ function ADD_MENU($MODE, $act, $wht) {
                                                $content .= "</STRONG>";
                                        }
                                        $wht = $sub_what; $cnt++;
+                                       // Prepare array
+                                       $content =  array(
+                                               'menu' => $content,
+                                               'what' => $sub_what
+                                       );
+
+                                       // Add regular menu row or bottom row?
                                        if ($cnt < $ctl) {
                                                LOAD_TEMPLATE($MODE."_menu_row", false, $content);
                                        } else {
@@ -728,7 +755,7 @@ function SEND_MODE_MAILS($mod, $modes)
                $hash = generatePassString($hashDB);
                if (($hash == get_session('u_hash')) || ($_POST['pass1'] == $_POST['pass2'])) {
                        // Load user's data
-                       $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND password='%s' LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND password='%s' LIMIT 1",
                         array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__);
                        if (SQL_NUMROWS($result) == 1) {
                                // Load the data
@@ -737,8 +764,8 @@ function SEND_MODE_MAILS($mod, $modes)
                                // Free result
                                SQL_FREERESULT($result);
 
-                               // Translate salutation
-                               $DATA[0] = TRANSLATE_SEX($DATA[0]);
+                               // Translate gender
+                               $DATA[0] = TRANSLATE_GENDER($DATA[0]);
 
                                // Clear/init the content variable
                                $content = "";
@@ -910,16 +937,20 @@ function GET_CATEGORY ($cid) {
        // Default is not found
        $ret = _CATEGORY_404;
 
-       // Lookup the category
-       $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
-               array(bigintval($cid)), __FILE__, __LINE__);
-       if (SQL_NUMROWS($result) == 1) {
-               // Category found... :-)
-               list($ret) = SQL_FETCHROW($result);
-       } // END - if
+       // Is the category id set?
+       if (!empty($cid)) {
 
-       // Free result
-       SQL_FREERESULT($result);
+               // Lookup the category
+               $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
+                       array(bigintval($cid)), __FILE__, __LINE__);
+               if (SQL_NUMROWS($result) == 1) {
+                       // Category found... :-)
+                       list($ret) = SQL_FETCHROW($result);
+               } // END - if
+
+               // Free result
+               SQL_FREERESULT($result);
+       } // END - if
 
        // Return result
        return $ret;
@@ -1004,7 +1035,7 @@ function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=fal
 //
 function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false)
 {
-       $ret = "0";
+       $ret = 0;
        if ($onlyRows) {
                // Count rows
                $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
@@ -1021,7 +1052,7 @@ function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid",
        SQL_FREERESULT($result);
        if (empty($ret)) {
                if (($lookFor == "counter") || ($lookFor == "id")) {
-                       $ret = "0";
+                       $ret = 0;
                } else {
                        $ret = "0.00000";
                }
@@ -1057,7 +1088,7 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
        // Count up referral depth
        if (empty($DEPTH)) {
                // Initialialize referral system
-               $DEPTH = "0";
+               $DEPTH = 0;
        } else {
                // Increase referral level
                $DEPTH++;
@@ -1121,9 +1152,16 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
 
                        // Points updated, maybe I shall send him an email?
                        if (($send_notify) && ($ref > 0) && (!$locked)) {
-                               //              0                1      2              3
-                               $DATA = array($per, bigintval($DEPTH), $ref_points, bigintval($ref));
-                               $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
+                               // Prepare content
+                               $content = array(
+                                       'percent' => $per,
+                                       'level'   => bigintval($DEPTH),
+                                       'points'  => $ref_points,
+                                       'refid'   => bigintval($ref)
+                               );
+
+                               // Load email template
+                               $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", $content, bigintval($uid));
 
                                SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
                        } elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) {
@@ -1156,8 +1194,9 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
 function UPDATE_REF_COUNTER($uid)
 {
        global $REF_LVL, $cacheInstance;
+
        // Make it sure referral level zero (member him-/herself) is at least selected
-       if (empty($REF_LVL)) $REF_LVL = "0";
+       if (empty($REF_LVL)) $REF_LVL = 0;
 
        // Update counter
        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1",
@@ -1191,45 +1230,50 @@ function UPDATE_REF_COUNTER($uid)
                if ($cacheInstance->cache_file("refsystem", true)) $cacheInstance->cache_destroy();
        }
 }
-//
-function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
-{
+// Updates/extends the online list
+function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) {
        global $_CONFIG;
 
        // Do not update online list when extension is deactivated
        if (!EXT_IS_ACTIVE("online", true)) return;
 
+       // Empty session?
+       if (empty($SID)) {
+               // This is invalid here!
+               print "Invalid session. Backtrace:<pre>";
+               debug_print_backtrace();
+               die("</pre>");
+       } // END - if
+
        // Initialize variables
-       $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N";
-       if (!empty($GLOBALS['userid']))
-       {
-               // Update member status only when userid is valid
-               if (($GLOBALS['userid'] > 0) && (IS_MEMBER()))
-               {
-                       // Is valid user
-                       $uid = $GLOBALS['userid'];
-                       $MEM = "Y";
-               }
-       }
-       if (IS_ADMIN())
-       {
+       $uid = 0; $rid = 0; $MEM = "N"; $ADMIN = "N";
+
+       // Valid userid?
+       if ((!empty($GLOBALS['userid'])) && ($GLOBALS['userid'] > 0) && (IS_MEMBER())) {
+               // Is valid user
+               $uid = bigintval($GLOBALS['userid']);
+               $MEM = "Y";
+       } // END - if
+
+       if (IS_ADMIN()) {
                // Is administrator
                $ADMIN = "Y";
-       }
+       } // END - if
+
        if (isSessionVariableSet('refid')) {
                // Check cookie
-               if (get_session('refid') > 0) $rid = $GLOBALS['refid'];
-       }
+               if (get_session('refid') > 0) $rid = bigintval($GLOBALS['refid']);
+       } // END - if
 
-       // Now Read data
+       // Now search for the user
        $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online
 WHERE sid='%s' LIMIT 1",
  array($SID), __FILE__, __LINE__);
 
-       if (SQL_NUMROWS($result) == 1)
-       {
-               SQL_FREERESULT($result);
-               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
+       // Entry found?
+       if (SQL_NUMROWS($result) == 1) {
+               // Then update it
+               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
 module='%s',
 action='%s',
 what='%s',
@@ -1239,24 +1283,18 @@ is_member='%s',
 is_admin='%s',
 timestamp=UNIX_TIMESTAMP()
 WHERE sid='%s' LIMIT 1",
- array(
-       $mod,
-       $act,
-       $wht,
-       bigintval($uid),
-       bigintval($rid),
-       $MEM,
-       $ADMIN,
-       $SID
-), __FILE__, __LINE__);
-       }
-        else
-       {
+                       array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID), __FILE__, __LINE__
+               );
+       } else {
                // No entry does exists so we simply add it!
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
-                array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
+               SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
+                       array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__
+               );
        }
 
+       // Free result
+       SQL_FREERESULT($result);
+
        // Purge old entries
        $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %s)",
         array($_CONFIG['online_timeout']), __FILE__, __LINE__);
@@ -1435,7 +1473,7 @@ WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
                if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
                        // Update database
                        MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
-               }
+               } // END - if
 
                // Now, when we have all his points adds them do the jackpot!
                ADD_JACKPOT($points);
@@ -1626,7 +1664,7 @@ function MODULE_HAS_MENU($mod, $forceDb = false)
 // Subtract points from database and mediadata cache
 function SUB_POINTS ($uid, $points) {
        // Add points to used points
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points`=`used_points`+%s WHERE userid=%s LIMIT 1",
         array($points, bigintval($uid)), __FILE__, __LINE__);
 
        // Update mediadata as well
@@ -1682,7 +1720,7 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") {
                if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
 
                // Rebuid the cache
-               require(PATH."inc/load_cache-config.php");
+               require(PATH."inc/loader/load_cache-config.php");
        } // END - if
 }
 // Creates a new task for updated extension
@@ -1735,5 +1773,30 @@ VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())",
        // Free memory
        SQL_FREERESULT($result);
 }
+// Handle menu-depending failed logins and return the rendered content
+function HANDLE_LOGIN_FAILTURES ($menuType) {
+       // Default output is empty ;-)
+       $OUT = "";
+
+       // Guest menus doesn't have login failtures so is the session data set?
+       if (($menuType != "guest") && (isSessionVariableSet('mxchange_'.$menuType.'_failtures')) && (isSessionVariableSet('mxchange_'.$menuType.'_last_fail'))) {
+               // Non-guest has login failtures found, get both data and prepare it for template
+               $content = array(
+                       'login_failtures' => get_session('mxchange_'.$menuType.'_failtures'),
+                       'last_failture'   => MAKE_DATETIME(get_session('mxchange_'.$menuType.'_last_fail'), "2")
+               );
+
+               // Load template
+               $OUT = LOAD_TEMPLATE("login_failture", true, $content);
+
+               // Reset session data
+               set_session('mxchange_'.$menuType.'_failtures', "");
+               set_session('mxchange_'.$menuType.'_last_fail', "");
+       } // END - if
+
+       // Return rendered content
+       return $OUT;
+}
+
 //
 ?>