X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fsponsor_functions.php;h=26fd2fa9353ff935541a2b4176bb1caefd9ea59c;hp=50b0d509cb9896b501c14b6f45798c40ec0a7525;hb=c47144dd555bbab4acdf9085e4623900dedb0e7c;hpb=cca98f57dff720b174d21d071cee8303462485d7 diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php index 50b0d509cb..26fd2fa935 100644 --- a/inc/libs/sponsor_functions.php +++ b/inc/libs/sponsor_functions.php @@ -69,7 +69,7 @@ function SPONSOR_HANDLE_SPONSOR (&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_S $SAVE = false; } else { // Do we want to add a new sponsor or update his data? - $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1", array($POST['email']), __FILE__, __LINE__); // Is a sponsor alread in the db? @@ -125,7 +125,7 @@ function SPONSOR_HANDLE_SPONSOR (&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_S // Update? if ($UPDATE) { // Update his data - $SQL = "UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET "; + $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET "; foreach ($DATA['keys'] as $k => $v) { $SQL .= $v."='%s', "; } @@ -160,7 +160,7 @@ function SPONSOR_HANDLE_SPONSOR (&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_S $VALUES = str_repeat("%s', '", count($DATA['values']) - 1); // Generate string - $SQL = "INSERT INTO `{!MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')"; + $SQL = "INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_data` (".$KEYS.") VALUES ('".$VALUES."%s')"; // Generate message $MSG = SPONSOR_GET_MESSAGE(ADMIN_SPONSOR_ADDED, "added", $MSGs); @@ -264,8 +264,8 @@ function IS_SPONSOR () { $ret = false; if ((isSessionVariableSet('sponsorid'))) && (isSessionVariableSet('sponsorpass')))) { // Check cookies against database records... - $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_sponsor_data` -WHERE id='%s' AND password='%s' AND status='CONFIRMED' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_sponsor_data` +WHERE id='%s' AND password='%s' AND `status`='CONFIRMED' LIMIT 1", array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // All is fine @@ -287,23 +287,23 @@ function GENERATE_SPONSOR_MENU($current) if (IS_ADMIN()) $WHERE = ""; // Load main menu entries - $result_main = SQL_QUERY("SELECT action, title FROM `{!MYSQL_PREFIX!}_sponsor_menu` -WHERE (what='' OR what IS NULL) ".$WHERE." -ORDER BY sort", __FILE__, __LINE__); + $result_main = SQL_QUERY("SELECT action, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu` +WHERE (what='' OR `what` IS NULL) ".$WHERE." +ORDER BY `sort`", __FILE__, __LINE__); if (SQL_NUMROWS($result_main) > 0) { // Load every menu and it's sub menus - while(list($action, $title_main) = SQL_FETCHROW($result_main)) + while (list($action, $title_main) = SQL_FETCHROW($result_main)) { // Load sub menus - $result_sub = SQL_QUERY_ESC("SELECT what, title FROM `{!MYSQL_PREFIX!}_sponsor_menu` -WHERE action='%s' AND what != '' AND what IS NOT NULL ".$WHERE." -ORDER BY sort", array($action), __FILE__, __LINE__); + $result_sub = SQL_QUERY_ESC("SELECT what, title FROM `{!_MYSQL_PREFIX!}_sponsor_menu` +WHERE action='%s' AND `what` != '' AND `what` IS NOT NULL ".$WHERE." +ORDER BY `sort`", array($action), __FILE__, __LINE__); if (SQL_NUMROWS($result_sub) > 0) { // Load sub menus $SUB = ""; - while(list($what, $title_sub) = SQL_FETCHROW($result_sub)) + while (list($what, $title_sub) = SQL_FETCHROW($result_sub)) { // Check if current selected menu is matching the loaded one if ($current == $what) $title_sub = "".$title_sub.""; @@ -354,10 +354,10 @@ function GENERATE_SPONSOR_CONTENT($what) { global $_CONFIG; $OUT = ""; - $FILE = sprintf("%sinc/modules/sponsor/%s.php", PATH, $what); - if (FILE_READABLE($FILE)) { + $INC = sprintf("inc/modules/sponsor/%s.php", $what); + if (FILE_READABLE($INC)) { // Every sponsor action will output nothing directly. It will be written into $OUT! - require_once($FILE); + LOAD_INC_ONCE($INC); } else { // File not found! $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_CONTENT_404_1.$what.SPONSOR_CONTENT_404_2); @@ -374,7 +374,7 @@ function UPDATE_SPONSOR_LOGIN () { // Is sponsor? if (IS_SPONSOR()) { // Update last online timestamp - SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_sponsor_data` + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET last_online=UNIX_TIMESTAMP() WHERE id='%s' AND password='%s' LIMIT 1", array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__); @@ -417,7 +417,7 @@ function SPONSOR_SAVE_DATA ($POST, $content) { $DATA = array(); // Prepare SQL string - $SQL = "UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET"; + $SQL = "UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET"; foreach ($POST as $key => $value) { // Mmmmm, too less security here??? $SQL .= " ".strip_tags($key)."='%s',"; @@ -436,7 +436,7 @@ function SPONSOR_SAVE_DATA ($POST, $content) { $EMAIL = true; // Okay, has changed then add status with UNCONFIRMED and new hash code - $SQL .= " status='EMAIL', hash='%s',"; + $SQL .= " `status`='EMAIL', hash='%s',"; // Generate hash code $HASH = md5(session_id().":".$POST['email'].":".GET_REMOTE_ADDR().":".GET_USER_AGENT().":".time());