************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
//
-function ADD_MODULE_TITLE($mod)
-{
- global $MODULES, $CONFIG;
+function ADD_MODULE_TITLE($mod) {
+ global $cacheArray, $_CONFIG;
$name = ""; $result = false;
- // Load title
- if (!mxchange_installing)
- {
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module'])) && (isset($MODULES['module'][$mod])))
- {
+
+ // Is the script installed?
+ if (isBooleanConstantAndTrue('mxchange_installed')) {
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) {
// Load from cache
- $name = $MODULES['title'][$mod];
+ $name = $cacheArray['modules']['title'][$mod];
// Update cache hits
- $CONFIG['cache_hits']++;
- }
- else
- {
+ $_CONFIG['cache_hits']++;
+ } else {
// Load from database
$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__);
list($name) = SQL_FETCHROW($result);
$name = trim($name);
// Still no luck or empty title?
- if (empty($name))
- {
+ if (empty($name)) {
// No name found
$name = LANG_UNKNOWN_MODULE." (".$mod.")";
- if (SQL_NUMROWS($result) == 0)
- {
+ if (SQL_NUMROWS($result) == 0) {
// Add module to database
$dummy = CHECK_MODULE($mod);
}
}
return $name;
}
+
// Check validity of a given module name (no file extension)
function CHECK_MODULE($mod) {
// We need them now here...
- global $MODULES, $CONFIG, $CACHE;
+ global $cacheArray, $_CONFIG, $cacheInstance;
// Filter module name (names with low chars and underlines are fine!)
$mod = preg_replace("/[^a-z_]/", "", $mod);
$ret = "major";
// Check if script is installed if not return a "done" to prevent some errors
- if ((!mxchange_installed) || (mxchange_installing) || (!admin_registered)) return "done";
+ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (!isBooleanConstantAndTrue('admin_registered'))) return "done";
// Check if cache is latest version
- $locked = 'Y'; $hidden = 'N'; $admin = 'N'; $mem = 'N'; $found = false;
- if ((GET_EXT_VERSION("cache") >= "0.1.2") && (is_array($MODULES['module']))) {
+ $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module']))) {
// Is the module cached?
- if (isset($MODULES['locked'][$mod_chk])) {
+ if (isset($cacheArray['modules']['locked'][$mod_chk])) {
// Check cache
- $locked = $MODULES['locked'][$mod_chk];
- $hidden = $MODULES['hidden'][$mod_chk];
- $admin = $MODULES['admin_only'][$mod_chk];
- $mem = $MODULES['mem_only'][$mod_chk];
+ $locked = $cacheArray['modules']['locked'][$mod_chk];
+ $hidden = $cacheArray['modules']['hidden'][$mod_chk];
+ $admin = $cacheArray['modules']['admin_only'][$mod_chk];
+ $mem = $cacheArray['modules']['mem_only'][$mod_chk];
// Update cache hits
- $CONFIG['cache_hits']++;
+ $_CONFIG['cache_hits']++;
$found = true;
} else {
// No, then we have to update it!
// Check returned values against current access permissions
//
// Admin access ----- Guest access ----- --- Guest or member? ---
- if ((IS_ADMIN()) || (($locked == 'N') && ($admin == 'N') && (($mem == 'N') || (IS_LOGGED_IN())))) {
+ if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_MEMBER())))) {
// If you are admin you are welcome for everything!
$ret = "done";
- } elseif ($locked == 'Y') {
+ } elseif ($locked == "Y") {
// Module is locked
$ret = "locked";
- } elseif (($mem == 'Y') && (!IS_LOGGED_IN())) {
+ } elseif (($mem == "Y") && (!IS_MEMBER())) {
// You have to login first!
$ret = "mem_only";
- } elseif (($admin == 'Y') && (!IS_ADMIN())) {
+ } elseif (($admin == "Y") && (!IS_ADMIN())) {
// Only the Admin is allowed to enter this module!
$ret = "admin_only";
}
// Still no luck or not found?
if (($ret == "major") || ($ret == "cache_miss") || (!$found)) {
- // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---
- if ((file_exists(PATH."inc/modules/".$mod.".php")) || (file_exists(PATH.$mod.".php")) || (file_exists(PATH.$extension."/".$mod.".php"))) {
+ // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name ---
+ if ((FILE_READABLE(sprintf("%sinc/modules/%s.php", PATH, $mod))) || (FILE_READABLE(sprintf("%s%s.php", PATH, $mod))) || (FILE_READABLE(sprintf("%s%s/%s.php", PATH, $extension, $mod)))) {
// Data is missing so we add it
if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
// Since 0.3.6 we have a has_menu column, this took me a half hour
if (SQL_AFFECTEDROWS() == 0) {
// Something bad happend!
return "major";
- }
+ } // END - if
// Destroy cache here
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- if ($CACHE->cache_file("mod_reg", true)) $CACHE->cache_destroy();
- unset($MODULES);
- }
+ if (GET_EXT_VERSION("cache") >= "0.1.2") {
+ if ($cacheInstance->cache_file("mod_reg", true)) $cacheInstance->cache_destroy();
+ unset($cacheArray['modules']);
+ } // END - if
// And reload data
$ret = CHECK_MODULE($mod_chk);
- }
- else
- {
+ } else {
// Module not found we don't add it to the database
$ret = "404";
}
- }
+ } // END - if
// Return the value
return $ret;
}
+
// Add menu description pending on given file name (without path!)
-function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
-{
- global $DEPTH, $CONFIG;
+function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
+ global $DEPTH, $_CONFIG;
$LINK_ADD = ""; $OUT = ""; $AND = "";
// First we have to do some analysis...
if (ereg("action-", $file)) {
$MOD_CHECK = $GLOBALS['module'];
break;
}
- $AND = " AND what=''";
+ $AND = " AND (what='' OR what IS NULL)";
} elseif (ereg("what-", $file)) {
// This is an admin what file!
$type = "what";
}
break;
}
- $DUMMY = substr($search, 0, -4);
- $AND .= " AND action='".GET_ACTION($ACC_LVL, $DUMMY)."'";
+ $dummy = substr($search, 0, -4);
+ $AND .= " AND action='".GET_ACTION($ACC_LVL, $dummy)."'";
} elseif (($ACC_LVL == "sponsor") || ($ACC_LVL == "engine")) {
// Sponsor / engine menu
$type = "what";
$AND = "";
}
if ((!isset($DEPTH)) && (!$return)) {
- $DEPTH = "0";
+ $DEPTH = 0;
$prefix = "<DIV class=\"you_are_here\">".YOU_ARE_HERE." <STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$GLOBALS['module'].$LINK_ADD."\">Home</A></STRONG>";
} else {
if (!$return) $DEPTH++;
$prefix = "";
}
+
$prefix .= " -> ";
+
if (ereg(".php", $search)) {
$search = substr($search, 0, strpos($search, ".php"));
}
+
$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
array($ACC_LVL, $type, $search), __FILE__, __LINE__);
+
if (SQL_NUMROWS($result) == 1) {
list($ret) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ($return) {
// Return title
return $ret;
- } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($CONFIG['youre_here'] == 'Y')) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) {
+ } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) {
// Output HTML code
$OUT = $prefix."<STRONG><A class=\"you_are_here\" href=\"".URL."/modules.php?module=".$MOD_CHECK."&".$type."=".$search.$LINK_ADD."\">".$ret."</A></STRONG>\n";
//* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*<br />\n";
if (($type == "what") || (($type == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) {
//* DEBUG: */ echo __LINE__."+".$type."+<br />\n";
$OUT .= "</DIV><br />\n";
+ $DEPTH="0";
}
}
}
}
//
function ADD_MENU($MODE, $act, $wht) {
- global $CONFIG;
+ global $_CONFIG;
+
+ // Init some variables
+ $main_cnt = 0;
+ $AND = "";
+ $main_action = "";
+ $sub_what = "";
+
if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
- $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
- if (!IS_ADMIN())
- {
+
+ // Non-admin shall not see all menus
+ if (!IS_ADMIN()) {
$AND = "AND visible='Y' AND locked='N'";
}
+
// Load SQL data and add the menu to the output stream...
- $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
+ $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE (what='' OR what IS NULL) ".$AND." ORDER BY sort",
array($MODE), __FILE__, __LINE__);
//* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
- if (SQL_NUMROWS($result_main) > 0)
- {
+ if (SQL_NUMROWS($result_main) > 0) {
OUTPUT_HTML("<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"".$MODE."_menu\">");
// There are menus available, so we simply display them... :)
- while (list($main_title, $main_action) = SQL_FETCHROW($result_main))
- {
+ while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) {
//* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*<br />\n";
// Load menu header template
$BLOCK_MODE = false; $act = $main_action;
$result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort",
array($MODE, $main_action), __FILE__, __LINE__);
$ctl = SQL_NUMROWS($result_sub);
- if ($ctl > 0)
- {
+ if ($ctl > 0) {
$cnt=0;
- while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub))
- {
+ while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub)) {
+ // Init content
$content = "";
// Full file name for checking menu
//* DEBUG: */ echo __LINE__.":!!!!".$sub_what."!!!<br />\n";
$test_inc = sprintf("%sinc/modules/%s/what-%s.php", PATH, $MODE, $sub_what);
- $test = (file_exists($test_inc) && is_readable($test_inc));
+ $test = (FILE_READABLE($test_inc));
if ($test) {
if ((!empty($wht)) && (($wht == $sub_what))) {
$content = "<STRONG>";
}
// Menu title
- $content .= $CONFIG['middot'].$sub_title;
+ $content .= $_CONFIG['menu_blur_spacer'].$sub_title;
if ($test) {
$content .= "</A>";
} else {
// This is a menu block... ;-)
$BLOCK_MODE = true;
- $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action);
- if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK))) {
+ $INC_BLOCK = sprintf("%sinc/modules/%s/action-%s.php", PATH, $MODE, $main_action);
+ if (FILE_READABLE($INC_BLOCK)) {
// Load include file
if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML("<TR>
<TD class=\"".$MODE."_menu_whats\">");
// This patched function will reduce many SELECT queries for the specified or current admin login
function IS_ADMIN($admin="")
{
- global $_COOKIE, $ADMINS, $CONFIG;
+ global $cacheArray, $_CONFIG;
$ret = false; $passCookie = ""; $valPass = "";
//* DEBUG: */ echo __LINE__."ADMIN:".$admin."<br />";
// If admin login is not given take current from cookies...
- if ((empty($admin)) && (!empty($_COOKIE['admin_login'])) && (!empty($_COOKIE['admin_md5'])))
- {
- $admin = SQL_ESCAPE($_COOKIE['admin_login']); $passCookie = $_COOKIE['admin_md5'];
+ if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+ // Get admin login and password from session/cookies
+ $admin = get_session('admin_login');
+ $passCookie = get_session('admin_md5');
}
//* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."<br />";
// Search in array for entry
- if ((!empty($passCookie)) && (isset($ADMINS['password'][$admin])) && (!empty($admin)))
- {
+ if ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) {
// Count cache hits
- $CONFIG['cache_hits']++;
+ $_CONFIG['cache_hits']++;
// Login data is valid or not?
- $valPass = generatePassString($ADMINS['password'][$admin]);
- }
- elseif (!empty($admin))
- {
+ $valPass = generatePassString($cacheArray['admins']['password'][$admin]);
+ } elseif (!empty($admin)) {
// Search for admin
$result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
array($admin), __FILE__, __LINE__);
// Is he admin?
$passDB = "";
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// Admin login was found so let's load password from DB
list($passDB) = SQL_FETCHROW($result);
+
+ // Generate password hash
$valPass = generatePassString($passDB);
}
SQL_FREERESULT($result);
}
- if (!empty($valPass))
- {
+ if (!empty($valPass)) {
// Check if password is valid
- //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*<br>";
- $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
+ //* DEBUG: */ echo __FUNCTION__."*".$valPass."/".$passCookie."*<br />\n";
+ $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache"))));
}
// Return result of comparision
}
}
//
-function IS_LOGGED_IN()
+function IS_MEMBER()
{
- global $_COOKIE, $status, $LAST;
+ global $status, $LAST;
if (!is_array($LAST)) $LAST = array();
$ret = false;
FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime'));
// Are cookies set?
- if ((!empty($GLOBALS['userid'])) && (!empty($_COOKIE['u_hash'])) && (!empty($_COOKIE['lifetime'])) && (defined('COOKIE_PATH')))
+ if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH')))
{
// Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
if ((!empty($mod)) && (empty($LAST['module']))) { $LAST['module'] = $mod; $LAST['online'] = $onl; }
// So did we now have valid data and an unlocked user?
- //* DEBUG: */ echo $valPass."<br>".$_COOKIE['u_hash']."<br>";
- if (($status == "CONFIRMED") && ($valPass == $_COOKIE['u_hash']))
- {
+ //* DEBUG: */ echo $valPass."<br>".get_session('u_hash')."<br>";
+ if (($status == "CONFIRMED") && ($valPass == get_session('u_hash'))) {
// Account is confirmed and all cookie data is valid so he is definely logged in! :-)
$ret = true;
- }
- else
- {
+ } else {
// Maybe got locked etc.
//* DEBUG: */ echo __LINE__."!!!<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+ destroy_user_session();
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
}
- }
- else
- {
+ } else {
// Cookie data is invalid!
//* DEBUG: */ echo __LINE__."***<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
}
// Free memory
{
// Cookie data is invalid!
//* DEBUG: */ echo __LINE__."///<br>";
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+ destroy_user_session();
// Remove array elements to prevent errors
unset($GLOBALS['userid']);
- unset($_COOKIE['u_hash']);
- unset($_COOKIE['lifetime']);
}
return $ret;
}
if (!is_array($LAST)) $LAST = array();
// Are the required cookies set?
- if ((!isset($GLOBALS['userid'])) || (!isset($_COOKIE['u_hash'])) || (!isset($_COOKIE['lifetime']))) {
+ if ((!isset($GLOBALS['userid'])) || (!isSessionVariableSet('u_hash')) || (!isSessionVariableSet('lifetime'))) {
// Nope, then return here to caller function
return false;
} else {
// Secure user ID
- $GLOBALS['userid'] = bigintval($_COOKIE['userid']);
+ $GLOBALS['userid'] = bigintval(get_session('userid'));
}
// Extract last online time (life) and how long is auto-login valid (time)
- $newl = time() + bigintval($_COOKIE['lifetime']);
+ $newl = time() + bigintval(get_session('lifetime'));
// Recheck if logged in
- if (!IS_LOGGED_IN()) return false;
+ if (!IS_MEMBER()) return false;
// Load last module and last online time
- $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load last module and online time
list($mod, $onl) = SQL_FETCHROW($result);
// Maybe first login time?
if (empty($mod)) $mod = "login";
- if (@setcookie("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && @setcookie("u_hash", SQL_ESCAPE($_COOKIE['u_hash']), $newl, COOKIE_PATH) && @setcookie("lifetime", bigintval($_COOKIE['lifetime']), $newl, COOKIE_PATH)) {
+ if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", get_session('u_hash'), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) {
// This will be displayed on welcome page! :-)
if (empty($LAST['module'])) {
$LAST['module'] = $mod; $LAST['online'] = $onl;
}
// Update last module / online time
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__);
}
- }
- else
- {
+ } else {
// Destroy session, we cannot update!
- @setcookie("userid", "", time() - 3600, COOKIE_PATH);
- @setcookie("u_hash", "", time() - 3600, COOKIE_PATH);
- @setcookie("lifetime", "0", time() - 3600, COOKIE_PATH);
+ destroy_user_session();
}
}
//
function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false)
{
- global $link;
$ret = false;
$ADD = "";
if ((!IS_ADMIN()) && ($MODE != "admin")) $ADD = " AND locked='N'";
else
{
// Admin login overview
- $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1",
+ $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND (what='' OR what IS NULL)".$ADD." ORDER BY action DESC LIMIT 1",
array($MODE, $act), __FILE__, __LINE__, false);
}
$result = SQL_QUERY($SQL, __FILE__, __LINE__);
if ($UPDATE)
{
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) $ret = true;
+ if (SQL_AFFECTEDROWS() == 1) $ret = true;
//* DEBUG: */ debug_print_backtrace();
}
else
// Free memory
SQL_FREERESULT($result);
- //* DEBUG: */ var_dump($ret);
+
+ // Return result
return $ret;
}
//
//
function SEND_MODE_MAILS($mod, $modes)
{
- global $CONFIG, $DATA;
+ global $_CONFIG, $DATA;
// Load hash
- $result_main = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ $result_main = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result_main) == 1) {
// Load hash from database
list($hashDB) = SQL_FETCHROW($result_main);
// Extract salt from cookie
- $salt = substr($_COOKIE['u_hash'], 0, -40);
+ $salt = substr(get_session('u_hash'), 0, -40);
// Now let's compare passwords
$hash = generatePassString($hashDB);
- if (($hash == $_COOKIE['u_hash']) || ($_POST['pass1'] == $_POST['pass2'])) {
+ if (($hash == get_session('u_hash')) || ($_POST['pass1'] == $_POST['pass2'])) {
// Load user's data
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND password='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT sex, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND password='%s' LIMIT 1",
array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load the data
// Load template
$msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']);
- if ($CONFIG['admin_notify'] == 'Y') {
+ if ($_CONFIG['admin_notify'] == "Y") {
// The admin needs to be notified about a profile change
$msg_admin = "admin_mydata_notify";
$sub_adm = ADMIN_CHANGED_DATA;
if (empty($content)) {
if ((!empty($sub_adm)) && (!empty($msg_admin))) {
// Send admin mail
- if (GET_EXT_VERSION("admins") >= "0.4.1") {
- SEND_ADMIN_EMAILS_PRO($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
- } else {
- SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid']));
- }
- } elseif ($CONFIG['admin_notify'] == 'Y') {
+ SEND_ADMIN_NOTIFICATION($sub_adm, $msg_admin, $content, $GLOBALS['userid']);
+ } elseif ($_CONFIG['admin_notify'] == "Y") {
// Cannot send mails to admin!
$content = CANNOT_SEND_ADMIN_MAILS;
} else {
return $ret;
}
//
-function GET_CATEGORY ($cid)
-{
+function GET_CATEGORY ($cid) {
+ // Default is not found
$ret = _CATEGORY_404;
- $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%d LIMIT 1", array($cid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+
+ // Lookup the category
+ $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
+ array(bigintval($cid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Category found... :-)
list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Return result
return $ret;
}
//
-function GET_PAYMENT ($pid, $full=false)
-{
+function GET_PAYMENT ($pid, $full=false) {
+ // Default is not found
$ret = _PAYMENT_404;
- $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($pid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+
+ // Load payment data
+ $result = SQL_QUERY_ESC("SELECT mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
+ array(bigintval($pid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Payment type found... :-)
- if (!$full)
- {
+ if (!$full) {
// Return only title
list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Return title and price
list($t, $p) = SQL_FETCHROW($result);
$ret = $t." / ".TRANSLATE_COMMA($p)." ".POINTS;
}
}
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Return result
return $ret;
}
//
-function GET_PAY_POINTS($pid, $DATA="price")
+function GET_PAY_POINTS($pid, $lookFor="price")
{
$ret = "-1";
- $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1", array($DATA, $pid), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
+ array($lookFor, $pid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
// Payment type found... :-)
if ($stats_id > 0)
{
// Only when we got a real stats ID continue searching for the entry
- $type = "NORMAL"; $ROW = "stats_id";
- if ($bonus) { $type = "BONUS"; $ROW = "bonus_id"; }
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%d AND link_type='%s' LIMIT 1",
- array($ROW, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
+ $type = "NORMAL"; $rowName = "stats_id";
+ if ($bonus) { $type = "BONUS"; $rowName = "bonus_id"; }
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_links WHERE %s='%s' AND userid=%s AND link_type='%s' LIMIT 1",
+ array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0)
{
// No, so we add one!
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')",
- array($ROW, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
+ array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__);
$ret = "done";
}
else
return $ret;
}
//
-function GET_TOTAL_DATA($search, $TABLE, $DATA, $WHERE="userid", $ONLY_ROWS=false)
+function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false)
{
- $ret = "0";
- if ($ONLY_ROWS)
- {
+ $ret = 0;
+ if ($onlyRows) {
// Count rows
$result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
- array($DATA, $TABLE, $WHERE, $search), __FILE__, __LINE__);
- }
- else
- {
+ array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
+ } else {
// Add all rows
$result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'",
- array($DATA, $TABLE, $WHERE, $search), __FILE__, __LINE__);
+ array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__);
}
+
// Load row
list($ret) = SQL_FETCHROW($result);
- //* DEBUG: */ echo __LINE__."*".$DATA."/".$search."/".$TABLE."/".$ret."*<br />\n";
+ //* DEBUG: */ echo __LINE__."*".$DATA."/".$search."/".$tableName."/".$ret."*<br />\n";
SQL_FREERESULT($result);
if (empty($ret)) {
- if (($DATA == "counter") || ($DATA == "id")) {
- $ret = "0";
+ if (($lookFor == "counter") || ($lookFor == "id")) {
+ $ret = 0;
} else {
$ret = "0.00000";
}
* uid = Referral ID wich should receive...
* points = ... xxx points
* send_notify = shall I send the referral an email or not?
- * refid = inc/modules/guest/what-confirm.php need this
+ * rid = inc/modules/guest/what-confirm.php need this
* locked = Shall I pay it to normal (false) or locked (true) points ammount?
* add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct"
* will cause no referral will get points ever!!!)
*/
function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref")
{
- global $DEPTH, $_GET, $CONFIG, $DATA, $link;
+ global $DEPTH, $_CONFIG, $DATA;
+
+ // Debug message
+ //DEBUG_LOG(__FUNCTION__.": uid={$uid},points={$points}");
// When $uid = 0 add points to jackpot
- if ($uid == "0")
- {
+ if ($uid == "0") {
// Add points to jackpot
ADD_JACKPOT($points);
return;
}
// Count up referral depth
- if (empty($DEPTH))
- {
+ if (empty($DEPTH)) {
// Initialialize referral system
- $DEPTH = "0";
- }
- else
- {
+ $DEPTH = 0;
+ } else {
// Increase referral level
$DEPTH++;
}
+ // Percents and table
+ $percents = "percents"; if (isset($_CONFIG['db_percents'])) $percents = $_CONFIG['db_percents'];
+ $table = "refdepths"; if (isset($_CONFIG['db_table'])) $table = $_CONFIG['db_table'];
+
// Which points, locked or normal?
$data = "points"; if ($locked) $data = "locked_points";
- $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ // Check user account
+ $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_user) == 1)
- {
+
+ //* DEBUG */ echo "+".SQL_NUMROWS($result_user).":".$points."+<br />\n";
+ if (SQL_NUMROWS($result_user) == 1) {
// This is the user and his ref
list ($ref, $email) = SQL_FETCHROW($result_user);
- SQL_FREERESULT($result_user);
- $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
- array(bigintval($DEPTH)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($per) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $P = $points * $per / 100;
+
+ // Debug message
+ //DEBUG_LOG(__FUNCTION__.": ref={$ref},email={$email},DEPTH={$DEPTH}");
+
+ // Get referal data
+ $result_lvl = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE level='%s' LIMIT 1",
+ array($percents, $table, bigintval($DEPTH)), __FILE__, __LINE__);
+ //* DEBUG */ echo "DEPTH:".$DEPTH."<br />\n";
+ if (SQL_NUMROWS($result_lvl) == 1) {
+ // Get percents
+ list($per) = SQL_FETCHROW($result_lvl);
+
+ // Calculate new points
+ $ref_points = $points * $per / 100;
+
+ // Debug message
+ //DEBUG_LOG(__FUNCTION__.": percent={$per},ref_points={$ref_points}");
// Update points...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=%d LIMIT 1",
- array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
- {
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%s AND ref_depth=%d LIMIT 1",
+ array($data, $data, $ref_points, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
+
+ // Debug log
+ //DEBUG_LOG(__FUNCTION__.": affectedRows=".SQL_AFFECTEDROWS().",DEPTH={$DEPTH}");
+
+ // No entry updated?
+ if (SQL_AFFECTEDROWS() == 0) {
// First ref in this level! :-)
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%d, %d, %s)",
- array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
- }
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%s, %d, %s)",
+ array($data, bigintval($uid), bigintval($DEPTH), $ref_points), __FILE__, __LINE__);
+
+ // Debug log
+ //DEBUG_LOG(__FUNCTION__.": insertedRows=".SQL_AFFECTEDROWS()."");
+ } // END - if
// Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
// Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P);
- }
+ MEDIA_UPDATE_ENTRY(array("total_points"), "add", $ref_points);
+ } // END - if
// Points updated, maybe I shall send him an email?
- if (($send_notify) && ($ref > 0) && (!$locked))
- {
+ if (($send_notify) && ($ref > 0) && (!$locked)) {
// 0 1 2 3
- $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref));
+ $DATA = array($per, bigintval($DEPTH), $ref_points, bigintval($ref));
$msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid));
SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg);
+ } elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) {
+ // Direct payment shall be notified about
+ define('__POINTS_VALUE', $ref_points);
+
+ // Load message
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid);
+
+ // And sent it away
+ SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg);
+ if (!isset($_GET['mid'])) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED);
}
// Maybe there's another ref?
- if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref"))
- {
+ if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) {
// Then let's credit him here...
ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked);
}
}
+
+ // Free result
+ SQL_FREERESULT($result_lvl);
}
+
+ // Free result
+ SQL_FREERESULT($result_user);
}
//
function UPDATE_REF_COUNTER($uid)
{
- global $REF_LVL, $link, $CACHE;
+ global $REF_LVL, $cacheInstance;
+
// Make it sure referral level zero (member him-/herself) is at least selected
- if (empty($REF_LVL)) $REF_LVL = "0";
+ if (empty($REF_LVL)) $REF_LVL = 0;
// Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%d AND level='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1",
array(bigintval($uid), $REF_LVL), __FILE__, __LINE__);
// When no entry was updated then we have to create it here
- if (SQL_AFFECTEDROWS($link) == 0)
+ if (SQL_AFFECTEDROWS() == 0)
{
// First count!
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')",
}
// Check for his referral
- $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
list($ref) = SQL_FETCHROW($result);
elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2"))
{
// Remove cache here
- if ($CACHE->cache_file("refsystem", true)) $CACHE->cache_destroy();
+ if ($cacheInstance->cache_file("refsystem", true)) $cacheInstance->cache_destroy();
}
}
-//
-function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht)
-{
- global $_COOKIE, $_SERVER, $link, $_GET, $CONFIG;
+// Updates/extends the online list
+function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) {
+ global $_CONFIG;
+
// Do not update online list when extension is deactivated
if (!EXT_IS_ACTIVE("online", true)) return;
+ // Empty session?
+ if (empty($SID)) {
+ // This is invalid here!
+ print "Invalid session. Backtrace:<pre>";
+ debug_print_backtrace();
+ die("</pre>");
+ } // END - if
+
// Initialize variables
- $uid = "0"; $rid = "0"; $MEM = 'N'; $ADMIN = 'N';
- if (!empty($GLOBALS['userid']))
- {
- // Update member status only when userid is valid
- if (($GLOBALS['userid'] > 0) && (IS_LOGGED_IN()))
- {
- // Is valid user
- $uid = $GLOBALS['userid'];
- $MEM = 'Y';
- }
- }
- if (IS_ADMIN())
- {
+ $uid = 0; $rid = 0; $MEM = "N"; $ADMIN = "N";
+
+ // Valid userid?
+ if ((!empty($GLOBALS['userid'])) && ($GLOBALS['userid'] > 0) && (IS_MEMBER())) {
+ // Is valid user
+ $uid = bigintval($GLOBALS['userid']);
+ $MEM = "Y";
+ } // END - if
+
+ if (IS_ADMIN()) {
// Is administrator
- $ADMIN = 'Y';
- }
- if (!empty($_COOKIE['refid']))
- {
+ $ADMIN = "Y";
+ } // END - if
+
+ if (isSessionVariableSet('refid')) {
// Check cookie
- if ($_COOKIE['refid'] > 0) $rid = $GLOBALS['refid'];
- }
+ if (get_session('refid') > 0) $rid = bigintval($GLOBALS['refid']);
+ } // END - if
- // Now Read data
+ // Now search for the user
$result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online
WHERE sid='%s' LIMIT 1",
array($SID), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- SQL_FREERESULT($result);
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
+ // Then update it
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET
module='%s',
action='%s',
what='%s',
-userid=%d,
-refid=%d,
+userid=%s,
+refid=%s,
is_member='%s',
is_admin='%s',
timestamp=UNIX_TIMESTAMP()
WHERE sid='%s' LIMIT 1",
- array(
- $mod,
- $act,
- $wht,
- bigintval($uid),
- bigintval($rid),
- $MEM,
- $ADMIN,
- $SID
-), __FILE__, __LINE__);
- }
- else
- {
+ array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID), __FILE__, __LINE__
+ );
+ } else {
// No entry does exists so we simply add it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %d, %d, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
- array($mod, $act, $wht, bigintval($uid), bigintval($rid), $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')",
+ array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__
+ );
}
+ // Free result
+ SQL_FREERESULT($result);
+
// Purge old entries
- $TIMEOUT = time() - $CONFIG['online_timeout'];
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= %d",
- array($TIMEOUT), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %s)",
+ array($_CONFIG['online_timeout']), __FILE__, __LINE__);
}
// OBSULETE: Sends out mail to all administrators
-function SEND_ADMIN_EMAILS($subj, $msg)
-{
- $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__);
- while (list($email) = SQL_FETCHROW($result))
- {
+function SEND_ADMIN_EMAILS($subj, $msg) {
+ // Load all admin email addresses
+ $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id ASC", __FILE__, __LINE__);
+ while (list($email) = SQL_FETCHROW($result)) {
+ // Send the email out
SEND_EMAIL($email, $subj, $msg);
- }
- // Really simple... ;-)
+ } // END - if
+
+ // Free result
SQL_FREERESULT($result);
+
+ // Really simple... ;-)
}
// Get ID number from administrator's login name
-function GET_ADMIN_ID($login)
-{
- global $ADMINS;
+function GET_ADMIN_ID($login) {
+ global $cacheArray;
$ret = "-1";
- if (!empty($ADMINS['aid'][$login]))
- {
+ if (!empty($cacheArray['admins']['aid'][$login])) {
// Check cache
- $ret = $ADMINS['aid'][$login];
+ $ret = $cacheArray['admins']['aid'][$login];
if (empty($ret)) $ret = "-1";
- }
- else
- {
+ } else {
// Load from database
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
array($login), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
list($ret) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
}
return $ret;
}
// Get password hash from administrator's login name
function GET_ADMIN_HASH($login)
{
- global $ADMINS;
+ global $cacheArray;
$ret = "-1";
- if (!empty($ADMINS['password'][$login]))
+ if (!empty($cacheArray['admins']['password'][$login]))
{
// Check cache
- $ret = $ADMINS['password'][$login];
+ $ret = $cacheArray['admins']['password'][$login];
if (empty($ret)) $ret = "-1";
}
else
return $ret;
}
//
-function GET_ADMIN_LOGIN($aid)
-{
- global $ADMINS;
+function GET_ADMIN_LOGIN ($aid) {
+ global $cacheArray;
$ret = "***";
- if (!empty($ADMINS['login']['aid']))
- {
+ if (!empty($cacheArray['admins']['login'])) {
// Check cache
- if (!empty($ADMINS['login'][$aid])) $ret = $ADMINS['login'][$aid];
+ if (!empty($cacheArray['admins']['login'][$aid])) {
+ $ret = $cacheArray['admins']['login'][$aid];
+ } // END - if
if (empty($ret)) $ret = "***";
- }
- else
- {
+ } else {
// Load from database
- $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
array(bigintval($aid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// Fetch data
list($ret) = SQL_FETCHROW($result);
+
+ // Set cache
+ $cacheArray['admins']['login'][$aid] = $ret;
}
// Free memory
return $ret;
}
//
-function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="")
-{
+function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") {
$ret = "";
- if ($table == "/ARRAY/")
- {
+ if ($table == "/ARRAY/") {
// Selection from array
- if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name))
- {
+ if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name)) {
// Both are arrays
- foreach ($id as $idx=>$value)
- {
+ foreach ($id as $idx => $value) {
$ret .= "<OPTION value=\"".$value."\"";
if ($default == $value) $ret .= " selected checked";
$ret .= ">".$name[$idx]."</OPTION>\n";
}
}
- }
- else
- {
+ } else {
// Data from database
$SPEC = ", ".$id;
if (!empty($special)) $SPEC = ", ".$special;
if ($table == "country") $ORDER = $special;
$result = SQL_QUERY_ESC("SELECT %s, %s".$SPEC." FROM "._MYSQL_PREFIX."_%s ".$where." ORDER BY %s",
array($id, $ORDER, $table, $name), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
+ if (SQL_NUMROWS($result) > 0) {
// Found data so add them as OPTION lines: $id is the value and $name is the "name" of the option
- while (list($value, $title, $add) = SQL_FETCHROW($result))
- {
+ while (list($value, $title, $add) = SQL_FETCHROW($result)) {
if (empty($special)) $add = "";
$ret .= "<OPTION value=\"".$value."\"";
if ($default == $value) $ret .= " selected checked";
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// No data found
$ret = "<OPTION value=\"x\">".SELECT_NONE."</OPTION>\n";
}
}
+
// Return - hopefully - the requested data
return $ret;
}
// Aiut
function activateExchange() {
- global $CONFIG;
+ global $_CONFIG;
$result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) >= $CONFIG['activate_xchange'])
+ if (SQL_NUMROWS($result) >= $_CONFIG['activate_xchange'])
{
// Free memory
SQL_FREERESULT($result);
$SQLs = array(
"UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1",
"UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2",
- "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config='0' LIMIT 1"
+ "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config=0 LIMIT 1"
);
// Run SQLs
- foreach ($SQLs as $sql)
- {
+ foreach ($SQLs as $sql) {
$result = SQL_QUERY($sql, __FILE__, __LINE__);
}
- // Destroy cache
+ // @TODO Destroy cache
}
}
//
function DELETE_USER_ACCOUNT($uid, $reason)
{
- $POINTS = 0;
+ $points = 0;
$result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points
FROM "._MYSQL_PREFIX."_user_points AS p
LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
ON p.userid=d.userid
-WHERE p.userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Save his points to add them to the jackpot
- list($POINTS) = SQL_FETCHROW($result);
+ list($points) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Delete points entries as well
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d", array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__);
// Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
// Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
}
// Now, when we have all his points adds them do the jackpot!
- ADD_JACKPOT($POINTS);
+ ADD_JACKPOT($points);
}
// Delete category selections as well...
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s",
array(bigintval($uid)), __FILE__, __LINE__);
// Remove from rallye if found
- if (EXT_IS_ACTIVE("rallye"))
- {
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%d",
+ if (EXT_IS_ACTIVE("rallye")) {
+ $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s",
array(bigintval($uid)), __FILE__, __LINE__);
}
// Now a mail to the user and that's all...
- $msg = LOAD_EMAIL_TEMPLATE("del-user", stripslashes($reason), $uid);
+ $msg = LOAD_EMAIL_TEMPLATE("del-user", $reason, $uid);
SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg);
// Ok, delete the account!
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__);
}
//
function META_DESCRIPTION($mod, $wht)
{
- global $CONFIG, $DEPTH;
+ global $_CONFIG, $DEPTH;
if (($mod != "admin") && ($mod != "login"))
{
// Exclude admin and member's area
- $DESCR = MAIN_TITLE." ".trim($CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);
+ $DESCR = MAIN_TITLE." ".trim($_CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true);
unset($DEPTH);
OUTPUT_HTML("<META name=\"description\" content=\"".$DESCR."\">");
}
}
}
//
-function IS_DEMO()
-{
- global $_COOKIE;
- return ((EXT_IS_ACTIVE("demo")) && ($_COOKIE['admin_login'] == "demo"));
+function IS_DEMO() {
+ return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo"));
}
//
-function LOAD_CONFIG($no="0")
-{
- global $CFG_CACHE, $CONFIG;
- $CFG_DUMMY = false;
+function LOAD_CONFIG($no="0") {
+ global $cacheArray;
+ $CFG_DUMMY = array();
+
// Check for cache extension, cache-array and if the requested configuration is in cache
- if ((is_array($CFG_CACHE)) && (isset($CFG_CACHE['config'][$no])))
- {
+ if ((is_array($cacheArray)) && (isset($cacheArray['config'][$no])) && (is_array($cacheArray['config'][$no]))) {
// Load config from cache
- $CFG_DUMMY = array();
- foreach ($CFG_CACHE as $element=>$cfgs)
- {
- $CFG_DUMMY[$element] = $cfgs[$no];
- }
-
- // Count cache hits
- $CONFIG['cache_hits']++;
- }
- else
- {
+ //* DEBUG: */ echo gettype($cacheArray['config'][$no])."<br />\n";
+ foreach ($cacheArray['config'][$no] as $key => $value) {
+ $CFG_DUMMY[$key] = $value;
+ } // END - foreach
+
+ // Count cache hits if exists
+ if ((isset($CFG_DUMMY['cache_hits'])) && (EXT_IS_ACTIVE("cache"))) {
+ $CFG_DUMMY['cache_hits']++;
+ } // END - if
+ } else {
// Load config from DB
- $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config='%d' LIMIT 1",
- array(bigintval($no)), __FILE__, __LINE__);
+ $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config=%d LIMIT 1",
+ array(bigintval($no)), __FILE__, __LINE__);
+
+ // Get config from database
$CFG_DUMMY = SQL_FETCHARRAY($result_config);
+
+ // Free result
SQL_FREERESULT($result_config);
+
+ // Remember this config in the array
+ $cacheArray['config'][$no] = $CFG_DUMMY;
}
// Return config array
return $CFG_DUMMY;
}
// Gets the matching what name from module
-function GET_WHAT($MOD_CHECK)
-{
+function GET_WHAT($MOD_CHECK) {
$wht = "";
//* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!<br />\n";
switch ($MOD_CHECK)
return $wht;
}
//
-function MODULE_HAS_MENU($mod)
+function MODULE_HAS_MENU($mod, $forceDb = false)
{
- global $EXTENSIONS, $MODULES, $CONFIG;
+ global $cacheArray, $_CONFIG;
// All is false by default
$ret = false;
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- if (isset($MODULES['has_menu'][$mod]))
- {
+ //* DEBUG: */ echo __FUNCTION__.":mod={$mod},cache=".GET_EXT_VERSION("cache")."<br />\n";
+ if (GET_EXT_VERSION("cache") >= "0.1.2") {
+ // Cache version is okay, so let's check the cache!
+ if (isset($cacheArray['modules']['has_menu'][$mod])) {
// Check module cache and count hit
- if ($MODULES['has_menu'][$mod] == 'Y') $ret = true;
- $CONFIG['cache_hits']++;
- }
- elseif (isset($EXTENSIONS['ext_menu'][$mod]))
- {
+ $ret = ($cacheArray['modules']['has_menu'][$mod] == "Y");
+ $_CONFIG['cache_hits']++;
+ } elseif (isset($cacheArray['extensions']['ext_menu'][$mod])) {
// Check cache and count hit
- if ($EXTENSIONS['ext_menu'][$mod] == 'Y') $ret = true;
- $CONFIG['cache_hits']++;
+ $ret = ($cacheArray['extensions']['ext_menu'][$mod] == "Y");
+ $_CONFIG['cache_hits']++;
}
- }
- if ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ($ret === false))
- {
+ } elseif ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ((!EXT_IS_ACTIVE("cache")) || ($forceDb === true))) {
// Check database for entry
$result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1",
array($mod), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
list($has_menu) = SQL_FETCHROW($result);
- if ($has_menu == 'Y') $ret = true;
- }
+
+ // Fake cache... ;-)
+ $cacheArray['extensions']['ext_menu'][$mod] = $has_menu;
+
+ // Does it have a menu?
+ $ret = ($has_menu == "Y");
+ } // END - if
// Free memory
SQL_FREERESULT($result);
} elseif (GET_EXT_VERSION("sql_patches") == "") {
// No sql_patches installed, so maybe in admin area?
- if ((IS_ADMIN()) && ($mod == "admin")) return true; // Then there is a menu!
+ $ret = ((IS_ADMIN()) && ($mod == "admin")); // Then there is a menu!
}
// Return status
return $ret;
}
+// Subtract points from database and mediadata cache
+function SUB_POINTS ($uid, $points) {
+ // Add points to used points
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%s LIMIT 1",
+ array($points, bigintval($uid)), __FILE__, __LINE__);
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
+ } // END - if
+}
+// Update config entries
+function UPDATE_CONFIG ($entries, $values, $updateMode="") {
+ // Do we have multiple entries?
+ if (is_array($entries)) {
+ // Walk through all
+ $all = "";
+ foreach ($entries as $idx => $entry) {
+ // Update mode set?
+ if (!empty($updateMode)) {
+ // Update entry
+ $all .= sprintf("%s=%s%s%s,", $entry, $entry, $updateMode, (float)$values[$idx]);
+ } else {
+ // Check if string or number
+ if (($values[$idx] + 0) === $values[$idx]) {
+ // Number detected
+ $all .= sprintf("%s=%s,", $entry, (float)$values[$idx]);
+ } else {
+ // String detected
+ $all .= sprintf("%s='%s',", $entry, SQL_ESCAPE($values[$idx]));
+ }
+ }
+ } // END - foreach
+
+ // Remove last comma
+ $entries = substr($all, 0, -1);
+ } elseif (!empty($updateMode)) {
+ // Update mode set
+ $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$value);
+ } else {
+ // Regular entry to update
+ $entries .= sprintf("='%s'", SQL_ESCAPE($values));
+ }
+
+ // Run database update
+ //DEBUG_LOG(__FUNCTION__.":entries={$entries}");
+ SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET ".$entries." WHERE config=0 LIMIT 1", __FILE__, __LINE__);
+
+ // Get affected rows
+ $affectedRows = SQL_AFFECTEDROWS();
+ //* DEBUG: */ echo __FUNCTION__.":entries={$entries},affectedRows={$affectedRows}<br />\n";
+
+ // Destroy cache?
+ if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($affectedRows == 1)) {
+ global $cacheInstance, $_CONFIG, $CSS;
+ if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
+
+ // Rebuid the cache
+ require(PATH."inc/load_cache-config.php");
+ } // END - if
+}
+// Creates a new task for updated extension
+function CREATE_EXTENSION_UPDATE_TASK ($admin_id, $subject, $notes) {
+ // Check if task is not there
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE subject='%s' LIMIT 1",
+ array($subject), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0) {
+ // Task not created so it's a brand-new extension which we need to register and create a task for!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s', '0', 'NEW', 'EXTENSION_UPDATE', '%s', '%s', UNIX_TIMESTAMP())",
+ array($admin_id, $subject, $notes), __FILE__, __LINE__);
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+}
+// Creates a new task for newly installed extension
+function CREATE_NEW_EXTENSION_TASK ($admin_id, $subject, $ext) {
+ // Not installed and do we have created a task for the admin?
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `"._MYSQL_PREFIX."_task_system` WHERE `subject` LIKE '%s%%' LIMIT 1",
+ array($subject), __FILE__, __LINE__);
+ if ((SQL_NUMROWS($result) == 0) && (GET_EXT_VERSION($ext) == "")) {
+ // Template file
+ $tpl = sprintf("%stemplates/%s/html/ext/ext_%s.tpl",
+ PATH,
+ GET_LANGUAGE(),
+ $ext
+ );
+
+ // Load text for task
+ if (FILE_READABLE($tpl)) {
+ // Load extension's own text template (HTML!)
+ $msg = LOAD_TEMPLATE("ext_".$ext, true);
+ } else {
+ // Load default message
+ $msg = LOAD_EMAIL_TEMPLATE("admin_new_ext","", 0);
+ }
+
+ // Task not created so it's a brand-new extension which we need to register and create a task for!
+ $result_insert = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created)
+VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())",
+ array(
+ $admin_id,
+ $subject,
+ addslashes($msg),
+ ), __FILE__, __LINE__, true, false
+ );
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+}
//
?>
projects / mailer.git / blobdiff