Fix for _GET instead of variable, thanks to monakoianar
[mailer.git] / inc / mysql-manager.php
index 96e7cfb9d57cf5ce8a912b67f1c61bd1aa861abc..bf54a9f45b5b4dff9450c065025295a88bdff584 100644 (file)
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -44,19 +44,20 @@ function ADD_MODULE_TITLE($mod) {
 
        // Is the script installed?
        if (isBooleanConstantAndTrue('mxchange_installed')) {
-               if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) {
+               // Check if cache is valid
+               if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (in_array($mod, $cacheArray['modules']['module']))) {
                        // Load from cache
                        $name = $cacheArray['modules']['title'][$mod];
 
                        // Update cache hits
-                       $_CONFIG['cache_hits']++;
+                       if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
                } else {
                        // Load from database
                        $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
                        list($name) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
                }
-       }
+       } // END - if
 
        // Trim name
        $name = trim($name);
@@ -68,8 +69,10 @@ function ADD_MODULE_TITLE($mod) {
                if (SQL_NUMROWS($result) == 0) {
                        // Add module to database
                        $dummy = CHECK_MODULE($mod);
-               }
-       }
+               } // END - if
+       } // END - if
+
+       // Return name
        return $name;
 }
 
@@ -112,7 +115,7 @@ function CHECK_MODULE($mod) {
                        $mem    = $cacheArray['modules']['mem_only'][$mod_chk];
 
                        // Update cache hits
-                       $_CONFIG['cache_hits']++;
+                       if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
                        $found = true;
                } else {
                        // No, then we have to update it!
@@ -156,25 +159,22 @@ function CHECK_MODULE($mod) {
                                // to find a loop here... *sigh*
                                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
 (module, locked, hidden, mem_only, admin_only, has_menu) VALUES
-('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+('%s','Y','N','N','N','N')", array($mod_chk), __FILE__, __LINE__);
                        } else {
                                // Wrong/missing sql_patches!
                                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg
 (module, locked, hidden, mem_only, admin_only) VALUES
-('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__);
+('%s','Y','N','N','N')", array($mod_chk), __FILE__, __LINE__);
                        }
 
                        // Everthing is fine?
-                       if (SQL_AFFECTEDROWS() == 0) {
+                       if (SQL_AFFECTEDROWS() < 1) {
                                // Something bad happend!
                                return "major";
                        } // END - if
 
                        // Destroy cache here
-                       if (GET_EXT_VERSION("cache") >= "0.1.2") {
-                               if ($cacheInstance->cache_file("mod_reg", true)) $cacheInstance->cache_destroy();
-                               unset($cacheArray['modules']);
-                       } // END - if
+                       REBUILD_CACHE("mod_reg", "modreg");
 
                        // And reload data
                        $ret = CHECK_MODULE($mod_chk);
@@ -191,7 +191,12 @@ function CHECK_MODULE($mod) {
 // Add menu description pending on given file name (without path!)
 function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
        global $DEPTH, $_CONFIG;
+       // Use only filename of the file ;)
+       $file = basename($file);
+
+       // Init variables
        $LINK_ADD = ""; $OUT = ""; $AND = "";
+
        // First we have to do some analysis...
        if (ereg("action-", $file)) {
                // This is an action file!
@@ -254,30 +259,58 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
 
        $prefix .= "&nbsp;-&gt;&nbsp;";
 
-       if (ereg(".php", $search)) {
-               $search = substr($search, 0, strpos($search, ".php"));
-       }
+       // We need to remove .php and the end
+       if (substr($search, -4, 4) == ".php") {
+               // Remove the .php
+               $search = substr($search, 0, -4);
+       } // END - i
 
+       // Get the title from menu
        $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
         array($ACC_LVL, $type, $search), __FILE__, __LINE__);
 
+       // Menu found?
        if (SQL_NUMROWS($result) == 1) {
+               // Load title
                list($ret) = SQL_FETCHROW($result);
-               SQL_FREERESULT($result);
+
+               // Shall we return it?
                if ($return) {
                        // Return title
                        return $ret;
                } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) {
                        // Output HTML code
                        $OUT = $prefix."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&amp;".$type."=".$search.$LINK_ADD."\">".$ret."</A></STRONG>\n";
+
+                       // Can we close the you-are-here navigation?
                        //* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*<br />\n";
-                       if (($type == "what") || (($type == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
+                       //* DEBUG: */ die("<pre>".print_r($_CONFIG, true)."</pre>");
+                       if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview")))) {
                                //* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
-                               $OUT .= "</DIV><br />\n";
-                               $DEPTH="0";
-                       }
+                               $OUT .= "</div>\n";
+
+                               // Extension removeip activated?
+                               if ((EXT_IS_ACTIVE("removeip")) && (isset($_CONFIG['removeip_'.strtolower($ACC_LVL).'_show'])) && ($_CONFIG['removeip_'.strtolower($ACC_LVL).'_show'] == "Y")) {
+                                       // Add anoymity/privacy infos
+                                       $OUT .= REMOVEIP_ADD_INFOS();
+                               } // END - if
+
+                               // Add line-break tag
+                               $OUT .= "<br />\n";
+                               $DEPTH = "0";
+
+                               // Handle failed logins here if not in guest
+                               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):type={$type},action={$GLOBALS['action']},what={$GLOBALS['what']},lvl={$ACC_LVL}<br />\n";
+                               if ((($type == "what") || ($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview") || ($GLOBALS['what'] == $_CONFIG['index_home']))) && ($ACC_LVL != "guest") && ((GET_EXT_VERSION("sql_patches") >= "0.4.7") || (GET_EXT_VERSION("admins") >= "0.7.0"))) {
+                                       // Handle failture
+                                       $OUT .= HANDLE_LOGIN_FAILTURES($ACC_LVL);
+                               } // END - if
+                       } // END - if
                }
-       }
+       } // END - if
+
+       // Free result
+       SQL_FREERESULT($result);
 
        // Return or output HTML code?
        if ($output) {
@@ -326,7 +359,7 @@ function ADD_MENU($MODE, $act, $wht) {
                        // Load menu header template
                        LOAD_TEMPLATE($MODE."_menu_title", false, $content);
 
-                       $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
+                       $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ".$AND." ORDER BY sort",
                         array($MODE, $main_action), __FILE__, __LINE__);
                        $ctl = SQL_NUMROWS($result_sub);
                        if ($ctl > 0) {
@@ -421,12 +454,18 @@ function IS_ADMIN($admin="")
        //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
 
        // Search in array for entry
-       if ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
+       if (isset($cacheArray['admin_hash'])) {
+               // Use cached string
+               $valPass = $cacheArray['admin_hash'];
+       } elseif ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
                // Count cache hits
-               $_CONFIG['cache_hits']++;
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
 
                // Login data is valid or not?
                $valPass = generatePassString($cacheArray['admins']['password'][$admin]);
+
+               // Cache it away
+               $cacheArray['admin_hash'] = $valPass;
        } elseif (!empty($admin)) {
                // Search for admin
                $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
@@ -438,9 +477,12 @@ function IS_ADMIN($admin="")
                        // Admin login was found so let's load password from DB
                        list($passDB) = SQL_FETCHROW($result);
 
+                       // Temporary cache it
+                       $cacheArray['admins']['password'][$admin] = $passDB;
+
                        // Generate password hash
                        $valPass = generatePassString($passDB);
-               }
+               } // END - if
 
                // Free memory
                SQL_FREERESULT($result);
@@ -448,12 +490,12 @@ function IS_ADMIN($admin="")
 
        if (!empty($valPass)) {
                // Check if password is valid
-               //* DEBUG: */ echo __FUNCTION__."*".$valPass."/".$passCookie."*<br />\n";
+               //* DEBUG: */ print __FUNCTION__."*".$valPass."/".$passCookie."*<br />\n";
                $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
        }
 
        // Return result of comparision
-       //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br>";
+       //* DEBUG: */ if (!$ret) echo __LINE__."OK!<br />";
        return $ret;
 }
 //
@@ -555,12 +597,18 @@ function WHAT_IS_VALID($act, $wht, $type="guest")
 //
 function IS_MEMBER()
 {
-       global $status, $LAST;
+       global $status, $LAST, $cacheArray;
        if (!is_array($LAST)) $LAST = array();
        $ret = false;
 
+       // is the cache entry there?
+       if (isset($cacheArray['is_member'])) {
+               // Then return it
+               return $cacheArray['is_member'];
+       } // END - if
+
        // Fix "deleted" cookies first
-       FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
+       FIX_DELETED_COOKIES(array('userid','u_hash','lifetime'));
 
        // Are cookies set?
        if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH')))
@@ -580,60 +628,58 @@ function IS_MEMBER()
                        if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
 
                        // So did we now have valid data and an unlocked user?
-                       //* DEBUG: */ echo $valPass."<br>".get_session('u_hash')."<br>";
+                       //* DEBUG: */ echo $valPass."<br />".get_session('u_hash')."<br />";
                        if (($status == "CONFIRMED") && ($valPass == get_session('u_hash'))) {
                                // Account is confirmed and all cookie data is valid so he is definely logged in! :-)
                                $ret = true;
                        } else {
                                // Maybe got locked etc.
-                               //* DEBUG: */ echo __LINE__."!!!<br>";
+                               //* DEBUG: */ echo __LINE__."!!!<br />";
                                destroy_user_session();
 
-                               // Remove array elements to prevent errors
-                               unset($GLOBALS['userid']);
+                               // Reset userid
+                               $GLOBALS['userid'] = 0;
                        }
                } else {
                        // Cookie data is invalid!
-                       //* DEBUG: */ echo __LINE__."***<br>";
+                       //* DEBUG: */ echo __LINE__."***<br />";
+                       destroy_user_session();
 
-                       // Remove array elements to prevent errors
-                       unset($GLOBALS['userid']);
+                       // Reset userid
+                       $GLOBALS['userid'] = 0;
                }
 
                // Free memory
                SQL_FREERESULT($result);
-       }
-        else
-       {
+       } else {
                // Cookie data is invalid!
-               //* DEBUG: */ echo __LINE__."///<br>";
+               //* DEBUG: */ echo __LINE__."///<br />";
                destroy_user_session();
 
-               // Remove array elements to prevent errors
-               unset($GLOBALS['userid']);
+               // Reset userid
+               $GLOBALS['userid'] = 0;
        }
+
+       // Cache status
+       $cacheArray['is_member'] = $ret;
+
+       // Return status
        return $ret;
 }
 //
-function UPDATE_LOGIN_DATA ($UPDATE=true) {
-       global $LAST;
+function UPDATE_LOGIN_DATA () {
+       global $LAST, $_CONFIG;
        if (!is_array($LAST)) $LAST = array();
 
-       // Are the required cookies set?
-       if ((!isset($GLOBALS['userid'])) || (!isSessionVariableSet('u_hash')) || (!isSessionVariableSet('lifetime'))) {
-               // Nope, then return here to caller function
-               return false;
-       } else {
-               // Secure user ID
-               $GLOBALS['userid'] = bigintval(get_session('userid'));
-       }
+       // Recheck if logged in
+       if (!IS_MEMBER()) return false;
+
+       // Secure user ID
+       $GLOBALS['userid'] = bigintval(get_session('userid'));
 
        // Extract last online time (life) and how long is auto-login valid (time)
        $newl = time() + bigintval(get_session('lifetime'));
 
-       // Recheck if logged in
-       if (!IS_MEMBER()) return false;
-
        // Load last module and last online time
        $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {
@@ -648,14 +694,18 @@ function UPDATE_LOGIN_DATA ($UPDATE=true) {
                        // This will be displayed on welcome page! :-)
                        if (empty($LAST['module'])) {
                                $LAST['module'] = $mod; $LAST['online'] = $onl;
-                       }
+                       } // END - if
+
+                       // "what" not set?
                        if (empty($GLOBALS['what'])) {
+                               // Fix it to default
                                $GLOBALS['what'] = "welcome";
-                       }
+                               if (!empty($_CONFIG['index_home'])) $GLOBALS['what'] = $_CONFIG['index_home'];
+                       } // END - if
 
                        // Update last module / online time
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
-                        array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP(), REMOTE_ADDR='%s' WHERE userid=%s LIMIT 1",
+                        array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
                }
        }  else {
                // Destroy session, we cannot update!
@@ -712,16 +762,29 @@ function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
        return $ret;
 }
 //
-function GET_MOD_DESCR($MODE, $wht)
+function GET_MOD_DESCR($MODE, $wht, $column="what")
 {
-       if (empty($wht)) $wht = "welcome";
+       // Fix empty "what"
+       if (empty($wht)) {
+               $wht = "welcome";
+               if (!empty($_CONFIG['index_home'])) $wht = $_CONFIG['index_home'];
+       } // END - if
+
+       // Default is not found
        $ret = "??? (".$wht.")";
-       $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", array($MODE, $wht), __FILE__, __LINE__);
-       if (SQL_NUMROWS($result) == 1)
-       {
+
+       // Look for title
+       $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' LIMIT 1",
+               array($MODE, $column, $wht), __FILE__, __LINE__);
+
+       // Is there an entry?
+       if (SQL_NUMROWS($result) == 1) {
+               // Fetch the title
                list($ret) = SQL_FETCHROW($result);
-               SQL_FREERESULT($result);
-       }
+       } // END - if
+
+       // Free result
+       SQL_FREERESULT($result);
        return $ret;
 }
 //
@@ -859,47 +922,37 @@ function COUNT_MODULE($mod)
 // Get action value from mode (admin/guest/member) and what-value
 function GET_ACTION ($MODE, &$wht)
 {
-       global $ret; $ret = "";
-       //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br>";
-       if ((empty($wht)) && ($MODE != "admin"))
-       {
+       global $ret, $_CONFIG;
+       // @DEPRECATED Init status
+       $ret = "";
+
+       //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=<br />";
+       if ((empty($wht)) && ($MODE != "admin")) {
                $wht = "welcome";
-       }
-       if ($MODE == "admin")
-       {
+               if (!empty($_CONFIG['index_home'])) $wht = $_CONFIG['index_home'];
+       } // END - if
+
+       if ($MODE == "admin") {
                // Action value for admin area
-               if (!empty($GLOBALS['action']))
-               {
+               if (!empty($GLOBALS['action'])) {
                        // Get it directly from URL
                        return $GLOBALS['action'];
-               }
-                elseif (($wht == "overview") || (empty($GLOBALS['what'])))
-               {
+               } elseif (($wht == "overview") || (empty($GLOBALS['what']))) {
                        // Default value for admin area
                        $ret = "login";
                }
-       }
-        elseif (!empty($GLOBALS['action']))
-       {
-               // Fix welcome value
-               if (empty($wht)) $wht = "welcome";
+       } elseif (!empty($GLOBALS['action'])) {
+               // Get it directly from URL
                return $GLOBALS['action'];
-       }
-        else
-       {
-               // Everything else will be touched after checking the module has a menu assigned
        }
        //* DEBUG: */ echo __LINE__."*".$ret."*<br />\n";
 
-       if (MODULE_HAS_MENU($MODE))
-       {
+       if (MODULE_HAS_MENU($MODE)) {
                // Rewriting modules to menu
-               switch ($MODE)
-               {
+               switch ($MODE) {
                        case "index": $MODE = "guest";  break;
                        case "login": $MODE = "member"; break;
-                               break;
-               }
+               } // END - switch
 
                // Guest and member menu is "main" as the default
                if (empty($ret)) $ret = "main";
@@ -907,15 +960,14 @@ function GET_ACTION ($MODE, &$wht)
                // Load from database
                $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1",
                 array($MODE, $wht), __FILE__, __LINE__);
-               if (SQL_NUMROWS($result) == 1)
-               {
+               if (SQL_NUMROWS($result) == 1) {
                        // Load action value and pray that this one is the right you want... ;-)
                        list($ret) = SQL_FETCHROW($result);
-               }
+               } // END - if
 
                // Free memory
                SQL_FREERESULT($result);
-       }
+       } // END - if
 
        // Return action value
        return $ret;
@@ -926,9 +978,11 @@ function GET_CATEGORY ($cid) {
        $ret = _CATEGORY_404;
 
        // Is the category id set?
-       if (!empty($cid)) {
-
-               // Lookup the category
+       if ($cid == "0") {
+               // No category
+               $ret = _CATEGORY_NONE;
+       } elseif ($cid > 0) {
+               // Lookup the category in database
                $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
                        array(bigintval($cid)), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
@@ -1003,7 +1057,7 @@ function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=fal
                        if (SQL_NUMROWS($result) == 0)
                        {
                                // No, so we add one!
-                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
+                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s','%s','%s')",
                                 array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
                                $ret = "done";
                        }
@@ -1021,115 +1075,146 @@ function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=fal
        return $ret;
 }
 //
-function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false)
-{
+function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false, $add="") {
        $ret = 0;
        if ($onlyRows) {
                // Count rows
-               $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
-                array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'%s",
+                array($lookFor, $tableName, $whereStatement, $search, $add), __FILE__, __LINE__);
        } else {
                // Add all rows
-               $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
-                array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'%s",
+                array($lookFor, $tableName, $whereStatement, $search, $add), __FILE__, __LINE__);
        }
 
        // Load row
        list($ret) = SQL_FETCHROW($result);
-       //* DEBUG: */ echo __LINE__."*".$DATA."/".$search."/".$tableName."/".$ret."*<br />\n";
+
+       // Free result
        SQL_FREERESULT($result);
-       if (empty($ret)) {
-               if (($lookFor == "counter") || ($lookFor == "id")) {
-                       $ret = 0;
-               } else {
-                       $ret = "0.00000";
+
+       // Fix empty values
+       if ((empty($ret)) && ($lookFor != "counter") && ($lookFor != "id") && ($lookFor != "userid")) {
+               $ret = "0.00000";
+       } // END - if
+
+       // Return value
+       return $ret;
+}
+// "Getter fro ref level percents
+function GET_REF_LEVEL_PERCENTS ($level) {
+       global $cacheInstance, $_CONFIG, $cacheArray;
+
+       // Default is zero
+       $per = 0;
+
+       // Do we have cache?
+       if ((isset($cacheArray['ref_depths']['level'])) && (EXT_IS_ACTIVE("cache"))) {
+               // First look for level
+               $key = array_search($level, $cacheArray['ref_depths']['level']);
+               if ($key !== false) {
+                       // Entry found!
+                       $per = $cacheArray['ref_depths']['percents'][$key];
+
+                       // Count cache hit
+                       if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
                }
+       } else {
+               // Get referal data
+               $result_lvl = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
+                       array(bigintval($level)), __FILE__, __LINE__);
+
+               // Entry found?
+               if (SQL_NUMROWS($result_lvl) == 1) {
+                       // Get percents
+                       list($per) = SQL_FETCHROW($result_lvl);
+               } // END - if
+
+               // Free result
+               SQL_FREERESULT($result_lvl);
        }
-       return $ret;
+
+       // Return percent
+       return $per;
 }
 /**
  *
- * Dynamic referral system, can also send mails!
+ * Dynamic referal system, can also send mails!
  *
- * uid         = Referral ID wich should receive...
+ * uid         = Referal ID wich should receive...
  * points      = ... xxx points
- * send_notify = shall I send the referral an email or not?
- * rid         = inc/modules/guest/what-confirm.php need this
+ * send_notify = shall I send the referal an email or not?
+ * rid         = inc/modules/guest/what-confirm.php need this (DEPRECATED???)
  * locked      = Shall I pay it to normal (false) or locked (true) points ammount?
  * add_mode    = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
- *               will cause no referral will get points ever!!!)
+ *               for default value will cause no referal will get points ever!!!)
  */
-function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
-{
-       global $DEPTH, $_CONFIG, $DATA;
+function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref") {
+       //* DEBUG: */ print "----------------------- <font color=\"#00aa00\">".__FUNCTION__." - ENTRY</font> ------------------------<ul><li>\n";
+       global $DEPTH, $_CONFIG, $DATA, $cacheArray;
 
-       // Debug message
-       //DEBUG_LOG(__FUNCTION__.": uid={$uid},points={$points}");
+       // Convert mode to lower-case
+       $add_mode = strtolower($add_mode);
 
        // When $uid = 0 add points to jackpot
        if ($uid == "0") {
                // Add points to jackpot
                ADD_JACKPOT($points);
                return;
-       }
+       } // END - if
 
-       // Count up referral depth
-       if (empty($DEPTH)) {
-               // Initialialize referral system
+       // Count up referal depth
+       if (!isset($DEPTH)) {
+               // Initialialize referal system
                $DEPTH = 0;
        } else {
-               // Increase referral level
+               // Increase referal level
                $DEPTH++;
        }
 
-       // Percents and table
-       $percents = "percents"; if (isset($_CONFIG['db_percents'])) $percents = $_CONFIG['db_percents'];
-       $table = "refdepths";   if (isset($_CONFIG['db_table']))    $table    = $_CONFIG['db_table'];
+       // Default is "normal" points
+       $data = "points";
 
        // Which points, locked or normal?
-       $data = "points"; if ($locked) $data = "locked_points";
+       if ($locked) $data = "locked_points";
 
        // Check user account
        $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
         array(bigintval($uid)), __FILE__, __LINE__);
 
-       //* DEBUG */ echo "+".SQL_NUMROWS($result_user).":".$points."+<br />\n";
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},numRows=".SQL_NUMROWS($result_user).",points={$points}<br />\n";
        if (SQL_NUMROWS($result_user) == 1) {
                // This is the user and his ref
-               list ($ref, $email) = SQL_FETCHROW($result_user);
+               list($ref, $email) = SQL_FETCHROW($result_user);
+               $cacheArray['add_uid'][$ref] = $uid;
 
-               // Debug message
-               //DEBUG_LOG(__FUNCTION__.": ref={$ref},email={$email},DEPTH={$DEPTH}");
-
-               // Get referal data
-               $result_lvl = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE level='%s' LIMIT 1",
-                array($percents, $table, bigintval($DEPTH)), __FILE__, __LINE__);
-               //* DEBUG */ echo "DEPTH:".$DEPTH."<br />\n";
-               if (SQL_NUMROWS($result_lvl) == 1) {
-                       // Get percents
-                       list($per) = SQL_FETCHROW($result_lvl);
+               // Get percents
+               $per = GET_REF_LEVEL_PERCENTS($DEPTH);
+               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},points={$points},depth={$DEPTH},per={$per},mode={$add_mode}<br />\n";
 
+               // Some percents found?
+               if ($per > 0) {
                        // Calculate new points
+                       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},points={$points},per={$per},depth={$DEPTH}<br />\n";
                        $ref_points = $points * $per / 100;
 
-                       // Debug message
-                       //DEBUG_LOG(__FUNCTION__.": percent={$per},ref_points={$ref_points}");
+                       // Pay refback here if level > 0 and in ref-mode
+                       if ((EXT_IS_ACTIVE("refback")) && ($DEPTH > 0) && ($per < 100) && ($add_mode == "ref") && (isset($cacheArray['add_uid'][$uid]))) {
+                               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},data={$cacheArray['add_uid'][$uid]},ref_points={$ref_points},depth={$DEPTH} - BEFORE!<br />\n";
+                               $ref_points = ADD_REFBACK_POINTS($cacheArray['add_uid'][$uid], $uid, $points, $ref_points);
+                               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},data={$cacheArray['add_uid'][$uid]},ref_points={$ref_points},depth={$DEPTH} - AFTER!<br />\n";
+                       } // END - if
 
                        // Update points...
-                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%s AND ref_depth=%d LIMIT 1",
+                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%s AND ref_depth='%s' LIMIT 1",
                         array($data, $data, $ref_points, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
-
-                       // Debug log
-                       //DEBUG_LOG(__FUNCTION__.": affectedRows=".SQL_AFFECTEDROWS().",DEPTH={$DEPTH}");
+                       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):data={$data},ref_points={$ref_points},uid={$uid},depth={$DEPTH},mode={$add_mode} - UPDATE! (".SQL_AFFECTEDROWS().")<br />\n";
 
                        // No entry updated?
-                       if (SQL_AFFECTEDROWS() == 0) {
+                       if (SQL_AFFECTEDROWS() < 1) {
                                // First ref in this level! :-)
-                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%s, %d, %s)",
+                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid,ref_depth,%s) VALUES (%s,%s,%s)",
                                 array($data, bigintval($uid), bigintval($DEPTH), $ref_points), __FILE__, __LINE__);
-
-                               // Debug log
-                               //DEBUG_LOG(__FUNCTION__.": insertedRows=".SQL_AFFECTEDROWS()."");
                        } // END - if
 
                        // Update mediadata as well
@@ -1149,15 +1234,21 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
                                );
 
                                // Load email template
-                               $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", $content, bigintval($uid));
+                               $msg = LOAD_EMAIL_TEMPLATE("confirm-referal", $content, bigintval($uid));
 
                                SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
                        } elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) {
                                // Direct payment shall be notified about
                                define('__POINTS_VALUE', $ref_points);
 
+                               // Prepare content
+                               $content = array(
+                                       'text'   => REASON_DIRECT_PAYMENT,
+                                       'points' => TRANSLATE_COMMA($ref_points)
+                               );
+
                                // Load message
-                               $msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid);
+                               $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, $uid);
 
                                // And sent it away
                                SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
@@ -1167,56 +1258,66 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
                        // Maybe there's another ref?
                        if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) {
                                // Then let's credit him here...
+                               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},ref={$ref},points={$points} - ADVANCE!<br />\n";
                                ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
-                       }
-               }
-
-               // Free result
-               SQL_FREERESULT($result_lvl);
-       }
+                       } // END - if
+               } // END - if
+       } // END - if
 
        // Free result
        SQL_FREERESULT($result_user);
+       //* DEBUG: */ print "</li></ul>----------------------- <font color=\"#aa0000\">".__FUNCTION__." - EXIT</font> ------------------------<br />\n";
 }
 //
-function UPDATE_REF_COUNTER($uid)
-{
-       global $REF_LVL, $cacheInstance;
+function UPDATE_REF_COUNTER ($uid) {
+       global $cacheArray, $cacheInstance;
 
-       // Make it sure referral level zero (member him-/herself) is at least selected
-       if (empty($REF_LVL)) $REF_LVL = 0;
+       // Make it sure referal level zero (member him-/herself) is at least selected
+       if (empty($cacheArray['ref_level'][$uid])) $cacheArray['ref_level'][$uid] = 1;
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},level={$cacheArray['ref_level'][$uid]}<br />\n";
 
        // Update counter
        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1",
-        array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
+               array(bigintval($uid), $cacheArray['ref_level'][$uid]), __FILE__, __LINE__);
 
        // When no entry was updated then we have to create it here
-       if (SQL_AFFECTEDROWS() == 0)
-       {
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):updated=".SQL_AFFECTEDROWS()."<br />\n";
+       if (SQL_AFFECTEDROWS() < 1) {
                // First count!
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
-                array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
-       }
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES (%s,%s,1)",
+                       array(bigintval($uid), $cacheArray['ref_level'][$uid]), __FILE__, __LINE__);
+               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid}<br />\n";
+       } // END - if
 
-       // Check for his referral
+       // Check for his referal
        $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-        array(bigintval($uid)), __FILE__, __LINE__);
+               array(bigintval($uid)), __FILE__, __LINE__);
+
+       // Load refid
        list($ref) = SQL_FETCHROW($result);
 
        // Free memory
        SQL_FREERESULT($result);
-
-       // When he has a referral...
-       if (($ref > 0) && ($ref != $uid))
-       {
-               // Move to next referral level and count his counter one up!
-               $REF_LVL++; UPDATE_REF_COUNTER($ref);
-       }
-        elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
-       {
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):uid={$uid},ref={$ref}<br />\n";
+
+       // When he has a referal...
+       if (($ref > 0) && ($ref != $uid)) {
+               // Move to next referal level and count his counter one up!
+               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ref={$ref} - ADVANCE!<br />\n";
+               $cacheArray['ref_level'][$uid]++; UPDATE_REF_COUNTER($ref);
+       } elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2")) {
                // Remove cache here
-               if ($cacheInstance->cache_file("refsystem", true)) $cacheInstance->cache_destroy();
+               //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ref={$ref} - CACHE!<br />\n";
+               REBUILD_CACHE("refsystem", "refsystem");
        }
+
+       // "Walk" back here
+       $cacheArray['ref_level'][$uid]--;
+
+       // Handle refback here if extension is installed
+       if (EXT_IS_ACTIVE("refback")) {
+               UPDATE_REFBACK_TABLE($uid);
+       } // END - if
 }
 // Updates/extends the online list
 function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) {
@@ -1248,7 +1349,7 @@ function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) {
                $ADMIN = "Y";
        } // END - if
 
-       if (isSessionVariableSet('refid')) {
+       if (isSessionVariableSet('up_refid')) {
                // Check cookie
                if (get_session('refid') > 0) $rid = bigintval($GLOBALS['refid']);
        } // END - if
@@ -1275,8 +1376,8 @@ WHERE sid='%s' LIMIT 1",
                );
        } else {
                // No entry does exists so we simply add it!
-               SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
-                       array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__
+               SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s','%s','%s', %s, %s, '%s','%s', UNIX_TIMESTAMP(), '%s','%s')",
+                       array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, GET_REMOTE_ADDR()), __FILE__, __LINE__
                );
        }
 
@@ -1303,13 +1404,15 @@ function SEND_ADMIN_EMAILS($subj, $msg) {
 }
 // Get ID number from administrator's login name
 function GET_ADMIN_ID($login) {
-       global $cacheArray;
+       global $cacheArray, $_CONFIG;
        $ret = "-1";
        if (!empty($cacheArray['admins']['aid'][$login])) {
                // Check cache
                $ret = $cacheArray['admins']['aid'][$login];
-               if (empty($ret)) $ret = "-1";
-       } else {
+
+               // Update cache hits
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+       } elseif (!EXT_IS_ACTIVE("cache")) {
                // Load from database
                $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
                 array($login), __FILE__, __LINE__);
@@ -1326,54 +1429,118 @@ function GET_ADMIN_ID($login) {
 // Get password hash from administrator's login name
 function GET_ADMIN_HASH($login)
 {
-       global $cacheArray;
+       global $cacheArray, $_CONFIG;
        $ret = "-1";
-       if (!empty($cacheArray['admins']['password'][$login]))
-       {
+       if (!empty($cacheArray['admins']['password'][$login])) {
                // Check cache
                $ret = $cacheArray['admins']['password'][$login];
-               if (empty($ret)) $ret = "-1";
-       }
-        else
-       {
+
+               // Update cache hits
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+       } elseif (!EXT_IS_ACTIVE("cache")) {
                // Load from database
                $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
                 array($login), __FILE__, __LINE__);
-               if (SQL_NUMROWS($result) == 1)
-               {
+               if (SQL_NUMROWS($result) == 1) {
+                       // Fetch data
                        list($ret) = SQL_FETCHROW($result);
-                       SQL_FREERESULT($result);
+
+                       // Set cache
+                       $cacheArray['admins']['password'][$login] = $ret;
                }
+
+               // Free result
+               SQL_FREERESULT($result);
        }
        return $ret;
 }
 //
 function GET_ADMIN_LOGIN ($aid) {
-       global $cacheArray;
+       global $cacheArray, $_CONFIG;
        $ret = "***";
-       if (!empty($cacheArray['admins']['login'])) {
-               // Check cache
-               if (!empty($cacheArray['admins']['login'][$aid])) {
-                       $ret = $cacheArray['admins']['login'][$aid];
-               } // END - if
-               if (empty($ret)) $ret = "***";
-       } else {
+       if (!empty($cacheArray['admins']['login'][$aid])) {
+               // Get cache
+               $ret = $cacheArray['admins']['login'][$aid];
+
+               // Update cache hits
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+       } elseif (!EXT_IS_ACTIVE("cache")) {
                // Load from database
                $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
-                array(bigintval($aid)), __FILE__, __LINE__);
+                       array(bigintval($aid)), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Fetch data
                        list($ret) = SQL_FETCHROW($result);
 
                        // Set cache
                        $cacheArray['admins']['login'][$aid] = $ret;
-               }
+               } // END - if
 
                // Free memory
                SQL_FREERESULT($result);
        }
        return $ret;
 }
+// Get email address of admin id
+function GET_ADMIN_EMAIL ($aid) {
+       global $cacheArray, $_CONFIG;
+
+       $ret = "***";
+       if (!empty($cacheArray['admins']['email'])) {
+               // Get cache
+               $ret = $cacheArray['admins']['email'][$aid];
+
+               // Update cache hits
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+       } elseif (!EXT_IS_ACTIVE("cache")) {
+               // Load from database
+               $result_aid = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+                       array(bigintval($ret)), __FILE__, __LINE__);
+               if (SQL_NUMROWS($result) == 1) {
+                       // Get data
+                       list($ret) = SQL_FETCHROW($result_aid);
+
+                       // Set cache
+                       $cacheArray['admins']['email'][$aid] = $ret;
+                       } // END - if
+
+               // Free result
+               SQL_FREERESULT($result_aid);
+       }
+
+       // Return email
+       return $ret;
+}
+// Get default ACL  of admin id
+function GET_ADMIN_DEFAULT_ACL ($aid) {
+       global $cacheArray, $_CONFIG;
+
+       $ret = "***";
+       if (!empty($cacheArray['admins']['def_acl'])) {
+               // Use cache
+               $ret = $cacheArray['admins']['def_acl'][$aid];
+
+               // Update cache hits
+               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+       } else {
+               // Load from database
+               $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+                       array(bigintval($ret)), __FILE__, __LINE__);
+               if (SQL_NUMROWS($result) == 1) {
+                       // Fetch data
+                       list($ret) = SQL_FETCHROW($result_aid);
+
+                       // Set cache
+                       $cacheArray['admins']['def_acl'][$aid] = $ret;
+               }
+
+               // Free result
+               SQL_FREERESULT($result_aid);
+       }
+
+       // Return email
+       return $ret;
+}
 //
 function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") {
        $ret = "";
@@ -1385,8 +1552,8 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
                                $ret .= "<OPTION value=\"".$value."\"";
                                if ($default == $value) $ret .= " selected checked";
                                $ret .= ">".$name[$idx]."</OPTION>\n";
-                       }
-               }
+                       } // END - foreach
+               } // END - if
        } else {
                // Data from database
                $SPEC = ", ".$id;
@@ -1403,7 +1570,7 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
                                if ($default == $value) $ret .= " selected checked";
                                if (!empty($add)) $add = " (".$add.")";
                                $ret .= ">".$title.$add."</OPTION>\n";
-                       }
+                       } // END - while
 
                        // Free memory
                        SQL_FREERESULT($result);
@@ -1416,7 +1583,7 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
        // Return - hopefully - the requested data
        return $ret;
 }
-// Aiut
+// Activate exchange (DEPERECATED???)
 function activateExchange() {
        global $_CONFIG;
        $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
@@ -1473,12 +1640,12 @@ WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
 
        // Remove from rallye if found
        if (EXT_IS_ACTIVE("rallye")) {
-               $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s",
+               $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s",
                 array(bigintval($uid)), __FILE__, __LINE__);
        }
 
        // Now a mail to the user and that's all...
-       $msg = LOAD_EMAIL_TEMPLATE("del-user", $reason, $uid);
+       $msg = LOAD_EMAIL_TEMPLATE("del-user", array('text' => $reason), $uid);
        SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
 
        // Ok, delete the account!
@@ -1503,7 +1670,7 @@ function ADD_JACKPOT($points)
        if (SQL_NUMROWS($result) == 0)
        {
                // Create line
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok','%s')", array($points), __FILE__, __LINE__);
        }
         else
        {
@@ -1585,6 +1752,8 @@ function LOAD_CONFIG($no="0") {
 }
 // Gets the matching what name from module
 function GET_WHAT($MOD_CHECK) {
+       global $_CONFIG;
+
        $wht = "";
        //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
        switch ($MOD_CHECK)
@@ -1596,6 +1765,7 @@ function GET_WHAT($MOD_CHECK) {
        case "login":
        case "index":
                $wht = "welcome";
+               if (($MOD_CHECK == "index") && (!empty($_CONFIG['index_home']))) $wht = $_CONFIG['index_home'];
                break;
 
        default:
@@ -1613,17 +1783,17 @@ function MODULE_HAS_MENU($mod, $forceDb = false)
 
        // All is false by default
        $ret = false;
-       //* DEBUG: */ echo __FUNCTION__.":mod={$mod},cache=".GET_EXT_VERSION("cache")."<br />\n";
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):mod={$mod},cache=".GET_EXT_VERSION("cache")."<br />\n";
        if (GET_EXT_VERSION("cache") >= "0.1.2") {
                // Cache version is okay, so let's check the cache!
                if (isset($cacheArray['modules']['has_menu'][$mod])) {
                        // Check module cache and count hit
                        $ret = ($cacheArray['modules']['has_menu'][$mod] == "Y");
-                       $_CONFIG['cache_hits']++;
+                       if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
                } elseif (isset($cacheArray['extensions']['ext_menu'][$mod])) {
                        // Check cache and count hit
                        $ret = ($cacheArray['extensions']['ext_menu'][$mod] == "Y");
-                       $_CONFIG['cache_hits']++;
+                       if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
                }
        } elseif ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ((!EXT_IS_ACTIVE("cache")) || ($forceDb === true))) {
                // Check database for entry
@@ -1688,7 +1858,7 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") {
                $entries = substr($all, 0, -1);
        } elseif (!empty($updateMode)) {
                // Update mode set
-               $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$value);
+               $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$values);
        } else {
                // Regular entry to update
                $entries .= sprintf("='%s'", SQL_ESCAPE($values));
@@ -1700,16 +1870,10 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") {
 
        // Get affected rows
        $affectedRows = SQL_AFFECTEDROWS();
-       //* DEBUG: */ echo __FUNCTION__.":entries={$entries},affectedRows={$affectedRows}<br />\n";
+       //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):entries={$entries},affectedRows={$affectedRows}<br />\n";
 
-       // Destroy cache?
-       if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($affectedRows == 1)) {
-               global $cacheInstance, $_CONFIG, $CSS;
-               if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
-
-               // Rebuid the cache
-               require(PATH."inc/load_cache-config.php");
-       } // END - if
+       // Rebuild cache
+       REBUILD_CACHE("config", "config");
 }
 // Creates a new task for updated extension
 function CREATE_EXTENSION_UPDATE_TASK ($admin_id, $subject, $notes) {
@@ -1718,7 +1882,7 @@ function CREATE_EXTENSION_UPDATE_TASK ($admin_id, $subject, $notes) {
                array($subject), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 0) {
                // Task not created so it's a brand-new extension which we need to register and create a task for!
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s', '0', 'NEW', 'EXTENSION_UPDATE', '%s', '%s', UNIX_TIMESTAMP())",
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s','0','NEW','EXTENSION_UPDATE','%s','%s', UNIX_TIMESTAMP())",
                        array($admin_id, $subject, $notes), __FILE__, __LINE__);
        } // END - if
 
@@ -1744,12 +1908,12 @@ function CREATE_NEW_EXTENSION_TASK ($admin_id, $subject, $ext) {
                        $msg = LOAD_TEMPLATE("ext_".$ext, true);
                } else {
                        // Load default message
-                       $msg = LOAD_EMAIL_TEMPLATE("admin_new_ext","", 0);
+                       $msg = LOAD_TEMPLATE("admin_new_ext", "", 0);
                }
 
                // Task not created so it's a brand-new extension which we need to register and create a task for!
                $result_insert = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created)
-VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())",
+VALUES (%s,0,'NEW','EXTENSION','%s','%s',UNIX_TIMESTAMP())",
                        array(
                                $admin_id,
                                $subject,
@@ -1761,5 +1925,227 @@ VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())",
        // Free memory
        SQL_FREERESULT($result);
 }
+
+// Prepares an SQL statement part for HTML mail and/or holiday depency
+function PREPARE_SQL_HTML_HOLIDAY ($mode) {
+       // Exclude no users by default
+       $MORE = "";
+
+       // HTML mail?
+       if ($mode == "html") $MORE = " AND html='Y'";
+       if (GET_EXT_VERSION("holiday") >= "0.1.3") {
+               // Add something for the holiday extension
+               $MORE .= " AND holiday_active='N'";
+       } // END - if
+
+       // Return result
+       return $MORE;
+}
+
+// "Getter" for total available receivers
+function GET_TOTAL_RECEIVERS ($mode="normal") {
+       // Query database
+       $result_all = SQL_QUERY("SELECT userid
+FROM "._MYSQL_PREFIX."_user_data
+WHERE status='CONFIRMED' AND receive_mails > 0".PREPARE_SQL_HTML_HOLIDAY($mode),
+               __FILE__, __LINE__);
+
+       // Get num rows
+       $numRows = SQL_NUMROWS($result_all);
+
+       // Free result
+       SQL_FREERESULT($result_all);
+
+       // Return value
+       return $numRows;
+}
+
+// Returns HTML code with an "<option> list" of all categories
+function ADD_CATEGORY_OPTIONS ($mode) {
+       // Prepare WHERE statement
+       $whereStatement = " WHERE visible='Y'";
+       if (IS_ADMIN()) $whereStatement = "";
+
+       // Initialize array...
+       $CATS = array(
+               'id'   => array(),
+               'name' => array(),
+               'uids' => array()
+       );
+
+       // Get categories
+       $result = SQL_QUERY("SELECT id, cat FROM "._MYSQL_PREFIX."_cats".$whereStatement." ORDER BY sort", __FILE__, __LINE__);
+       if (SQL_NUMROWS($result) > 0) {
+               // ... and begin loading stuff
+               while (list($id, $cat) = SQL_FETCHROW($result)) {
+                       // Transfer some data
+                       $CATS['id'][]   = $id;
+                       $CATS['name'][] = $cat;
+
+                       // Check which users are in this category
+                       $result_uids = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_cats WHERE cat_id=%s",
+                        array(bigintval($id)), __FILE__, __LINE__);
+
+                       // Start adding all
+                       $uid_cnt = 0;
+                       while (list($ucat) = SQL_FETCHROW($result_uids)) {
+                               $result_ver = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data
+WHERE userid=%s AND status='CONFIRMED' AND receive_mails > 0".PREPARE_SQL_HTML_HOLIDAY($mode)." LIMIT 1",
+ array(bigintval($ucat)), __FILE__, __LINE__);
+                               $uid_cnt += SQL_NUMROWS($result_ver);
+
+                               // Free memory
+                               SQL_FREERESULT($result_ver);
+                       } // END - while
+
+                       // Free memory
+                       SQL_FREERESULT($result_uids);
+
+                       // Add counter
+                       $CATS['uids'][] = $uid_cnt;
+               }
+
+               // Free memory
+               SQL_FREERESULT($result);
+
+               // Generate options
+               $OUT = "";
+               foreach ($CATS['id'] as $key => $value) {
+                       if (strlen($CATS['name'][$key]) > 20) $CATS['name'][$key] = substr($CATS['name'][$key], 0, 17)."...";
+                       $OUT .= "      <OPTION value=\"".$value."\">".$CATS['name'][$key]." (".$CATS['uids'][$key]." ".USER_IN_CAT.")</OPTION>\n";
+               }
+       } else {
+               // No cateogries are defined yet
+               $OUT = "<option class=\"member_failed\">".MEMBER_NO_CATS."</option>\n";
+       }
+
+       // Return HTML code
+       return $OUT;
+}
+
+// Add bonus mail to queue
+function ADD_BONUS_MAIL_TO_QUEUE ($subject, $text, $receiverList, $points, $seconds, $url, $cat, $mode="normal", $receiver=0) {
+       // Is admin or bonus extension there?
+       if (!IS_ADMIN()) {
+               // Abort here
+               return false;
+       } elseif (!EXT_IS_ACTIVE("bonus")) {
+               // Abort here
+               return false;
+       }
+
+       // Calculcate target sent
+       $target = SELECTION_COUNT(explode(";", $receiverList));
+
+       // Receiver is zero?
+       if ($receiver == 0) {
+               // Then auto-fix it
+               $receiver = $target;
+       } // END - if
+
+       // HTML extension active?
+       if (EXT_IS_ACTIVE("html")) {
+               // No HTML by default
+               $HTML = "N";
+
+               // HTML mode?
+               if ($mode == "html") $HTML = "Y";
+
+               // Add HTML mail
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus
+(subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent, html_msg)
+VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s')",
+ array(
+       $subject,
+       addslashes($text),
+       $receiverList,
+       $points,
+       $seconds,
+       $url,
+       $cat,
+       $target,
+       bigintval($receiver),
+       $HTML
+), __FILE__, __LINE__);
+       } else {
+               // Add regular mail
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus
+(subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent)
+VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')",
+ array(
+       $subject,
+       addslashes($text),
+       $receiverList,
+       $points,
+       $seconds,
+       $url,
+       $cat,
+       $target,
+       bigintval($receiver),
+), __FILE__, __LINE__);
+       }
+}
+
+// Generate a receiver list for given category and maximum receivers
+function GENERATE_RECEIVER_LIST ($cat, $receiver, $mode="") {
+       global $_CONFIG;
+
+       // Init variables
+       $CAT_TABS     = "%s";
+       $CAT_WHERE    = "";
+       $receiverList = "";
+
+       // Secure data
+       $cat      = bigintval($cat);
+       $receiver = bigintval($receiver);
+
+       // Is the receiver zero and mode set?
+       if (($receiver == 0) && (!empty($mode))) {
+               // Auto-fix receiver maximum
+               $receiver = GET_TOTAL_RECEIVERS($mode);
+       } // END - if
+
+       // Category given?
+       if ($cat > 0) {
+               // Select category
+               $CAT_TABS  = "LEFT JOIN "._MYSQL_PREFIX."_user_cats AS c ON d.userid=c.userid";
+               $CAT_WHERE = " AND c.cat_id=%s";
+       } // END - if
+
+       // Exclude users in holiday?
+       if (GET_EXT_VERSION("holiday") >= "0.1.3") {
+               // Add something for the holiday extension
+               $CAT_WHERE .= " AND d.holiday_active='N'";
+       } // END - if
+
+       if ((EXT_IS_ACTIVE("html_mail")) && ($mode == "html")) {
+               // Only include HTML receivers
+               $result = SQL_QUERY_ESC("SELECT d.userid FROM "._MYSQL_PREFIX."_user_data AS d ".$CAT_TABS." WHERE d.status='CONFIRMED' AND d.html='Y'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s",
+                array($cat, $_CONFIG['order_select'], $_CONFIG['order_mode'], $receiver), __FILE__, __LINE__);
+       } else {
+               // Include all
+               $result = SQL_QUERY_ESC("SELECT d.userid FROM "._MYSQL_PREFIX."_user_data AS d ".$CAT_TABS." WHERE d.status='CONFIRMED'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s",
+                array($cat, $_CONFIG['order_select'], $_CONFIG['order_mode'], $receiver), __FILE__, __LINE__);
+       }
+
+       // Entries found?
+       if ((SQL_NUMROWS($result) >= $receiver) && ($receiver > 0)) {
+               // Load all entries
+               while (list($REC) = SQL_FETCHROW($result)) {
+                       // Add receiver when not empty
+                       if (!empty($REC)) $receiverList .= $REC.";";
+               } // END - while
+
+               // Free memory
+               SQL_FREERESULT($result);
+
+               // Remove trailing semicolon
+               $receiverList = substr($receiverList, 0, -1);
+       } // END - if
+
+       // Return list
+       return $receiverList;
+}
+
 //
 ?>