X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fsurfbar_functions.php;h=c183e5e0aafac1610bae4db28a06d7794ffc80c8;hp=fa03501c1d10ae45d0c5a356946bde011d793e94;hb=8b71e1e79133cd3148fd66ed319920cf58d4360b;hpb=d798a412acb8c1263933bd7f7a0fd9aa251495a7

diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php
index fa03501c1d..c183e5e0aa 100644
--- a/inc/libs/surfbar_functions.php
+++ b/inc/libs/surfbar_functions.php
@@ -225,8 +225,17 @@ function SURFBAR_MEMBER_DO_FORM ($formData, $URLs) {
 		return false;
 	}
 
+	// Secure action
+	$action = SQL_ESCAPE(htmlentities(strip_tags($formData['action']), ENT_QUOTES));
+
+	// Has it changed?
+	if ($action != $formData['action']) {
+		// Invalid data in action found
+		return false;
+	} // END - if
+
 	// Create the function name for selected action
-	$functionName = sprintf("SURFBAR_MEMBER_%s_ACTION", strtoupper(SQL_ESCAPE($formData['action'])));
+	$functionName = sprintf("SURFBAR_MEMBER_%s_ACTION", strtoupper($action));
 
 	// Is the function there?
 	if (function_exists($functionName)) {
@@ -234,7 +243,7 @@ function SURFBAR_MEMBER_DO_FORM ($formData, $URLs) {
 		$URLs[$formData['id']]['new_status'] = $SURFBAR_CACHE['new_status'];
 
 		// Extract URL data for call-back
-		$urlData = array($URLs[$formData['id']]);
+		$urlData = array(array_merge($URLs[$formData['id']], array($action => $formData)));
 
 		// Action found so execute it
 		$performed = call_user_func_array($functionName, $urlData);
@@ -298,7 +307,7 @@ function SURFBAR_MEMBER_BOOKNOW_ACTION ($urlData) {
 // Show edit form or do the changes
 function SURFBAR_MEMBER_EDIT_ACTION ($urlData) {
 	// Is the "execute" flag there?
-	if (isset($urlData['execute'])) {
+	if (isset($urlData['edit']['execute'])) {
 		// Execute the changes
 		return SURFBAR_MEMBER_EXECUTE_ACTION("edit", $urlData);
 	} // END - if
@@ -309,13 +318,13 @@ function SURFBAR_MEMBER_EDIT_ACTION ($urlData) {
 // Show delete form or do the changes
 function SURFBAR_MEMBER_DELETE_ACTION ($urlData) {
 	// Is the "execute" flag there?
-	if (isset($urlData['execute'])) {
+	if (isset($urlData['delete']['execute'])) {
 		// Execute the changes
-		return SURFBAR_MEMBER_EXECUTE_ACTION("del", $urlData);
+		return SURFBAR_MEMBER_EXECUTE_ACTION("delete", $urlData);
 	} // END - if
 
 	// Display form
-	return SURFBAR_MEMBER_DISPLAY_ACTION_FORM("del", $urlData);
+	return SURFBAR_MEMBER_DISPLAY_ACTION_FORM("delete", $urlData);
 }
 // Display selected "action form"
 function SURFBAR_MEMBER_DISPLAY_ACTION_FORM ($action, $urlData) {
@@ -351,6 +360,71 @@ function SURFBAR_MEMBER_DISPLAY_ACTION_FORM ($action, $urlData) {
 	// All fine by default ... ;-)
 	return true;
 }
+// Execute choosen action
+function SURFBAR_MEMBER_EXECUTE_ACTION ($action, $urlData) {
+	// By default nothing is executed
+	$executed = false;
+
+	// Is limitation "no" and "limit" is > 0?
+	if ((isset($urlData[$action]['limited'])) && ($urlData[$action]['limited'] == "N") && ((isset($urlData[$action]['limit'])) && ($urlData[$action]['limit'] > 0)) || (!isset($urlData[$action]['limit']))) {
+		// Set it to unlimited
+		$urlData[$action]['limit'] = 0;
+	} // END - if
+
+	// Construct function name
+	$functionName = sprintf("SURFBAR_MEMBER_EXECUTE_%s_ACTION", strtoupper($action));
+
+	// Is 'userid' set and not 'uid' ?
+	if ((!isset($urlData['uid'])) && (isset($urlData['userid']))) {
+		// Auto-fix this
+		$urlData['uid'] = $urlData['userid'];
+	} // END - if
+
+	// Is that function there?
+	if (function_exists($functionName)) {
+		// Execute the function
+		if (call_user_func_array($functionName, array($urlData)) == true) {
+			// Update status as well
+			$executed = SURFBAR_CHANGE_STATUS($urlData['id'], $urlData['status'], $urlData['new_status'], array($urlData['id'] => $urlData));
+		} // END - if
+	} else {
+		// Not found!
+		ADD_FATAL(sprintf(MEMBER_SURFBAR_EXECUTE_ACTION_404, $functionName));
+	}
+
+	// Return status
+	return $executed;
+}
+// "Execute edit" function: Update changed data
+function SURFBAR_MEMBER_EXECUTE_EDIT_ACTION ($urlData) {
+	// Translate URLs for testing
+	$url1 = COMPILE_CODE($urlData['url']);
+	$url2 = COMPILE_CODE($urlData['edit']['url']);
+
+	// Has the URL or limit changed?
+	if (($urlData['views_allowed'] != $urlData['edit']['limit']) || ($url1 != $url2)) {
+		// Run the query
+		SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_surfbar_urls SET url='%s', views_allowed=%s, views_max=%s WHERE id=%s AND status='%s' LIMIT 1",
+			array($urlData['url'], $urlData['edit']['limit'], $urlData['edit']['limit'], $urlData['id'], $urlData['status']), __FILE__, __LINE__);
+
+		// Prepare new data
+		$urlData['new_url']   = $urlData['edit']['url'];
+		$urlData['new_limit'] = $urlData['edit']['limit'];
+		unset($urlData['edit']);
+
+		// Send admin notification
+		SURFBAR_NOTIFY_ADMIN("url_edited", $urlData);
+
+		// Send user notification
+		SURFBAR_NOTIFY_USER("url_edited", $urlData);
+
+		// All fine
+		return true;
+	}
+
+	// Not updated
+	return false;
+}
 //
 // -----------------------------------------------------------------------------
 //                           Self-maintenance functions
@@ -500,7 +574,6 @@ function SURFBAR_REGISTER_URL ($url, $uid, $status="PENDING", $addMode="reg", $l
 	} // END - if
 
 	// Translate status and limit
-	$content['status'] = SURFBAR_TRANSLATE_STATUS($content['status']);
 	$content['limit'] = SURFBAR_TRANSLATE_LIMIT($content['limit']);
 
 	// If in reg-mode we notify admin
@@ -545,10 +618,25 @@ function SURFBAR_NOTIFY_ADMIN ($messageType, $content) {
 	// Set default subject if following eval() wents wrong
 	$subject = ADMIN_SURFBAR_NOTIFY_DEFAULT_SUBJECT;
 
-	// Prepare subject
-	$subject = constant(sprintf("ADMIN_SURFBAR_NOTIFY_%s_SUBJECT",
+	// Create constant name
+	$constantName = sprintf("ADMIN_SURFBAR_NOTIFY_%s_SUBJECT",
 		strtoupper($messageType)
-	));
+	);
+
+	// Prepare subject
+	if (defined($constantName)) {
+		$subject = constant($constantName);
+	} else {
+		ADD_FATAL(ADMIN_SURFBAR_NOTIFY_SUBJECT_404, $constantName);
+	}
+
+	// Translate some data if present
+	if (isset($content['status']))        $content['status']        = SURFBAR_TRANSLATE_STATUS($content['status']);
+	if (isset($content['registered']))    $content['registered']    = MAKE_DATETIME($content['registered'], "2");
+	if (isset($content['last_locked']))   $content['last_locked']   = MAKE_DATETIME($content['last_locked'], "2");
+	if (isset($content['views_total']))   $content['views_total']   = TRANSLATE_COMMA($content['views_total']);
+	if (isset($content['views_allowed'])) $content['views_allowed'] = TRANSLATE_COMMA($content['views_allowed']);
+	if (isset($content['views_max']))     $content['views_max']     = TRANSLATE_COMMA($content['views_max']);
 
 	// Send the notification out
 	return SEND_ADMIN_NOTIFICATION($subject, $templateName, $content, $content['uid']);
@@ -566,10 +654,17 @@ function SURFBAR_NOTIFY_USER ($messageType, $content) {
 	// Set default subject if following eval() wents wrong
 	$subject = MEMBER_SURFBAR_NOTIFY_DEFAULT_SUBJECT;
 
-	// Prepare subject
-	$subject = constant(sprintf("MEMBER_SURFBAR_NOTIFY_%s_SUBJECT",
+	// Create constant name
+	$constantName = sprintf("MEMBER_SURFBAR_NOTIFY_%s_SUBJECT",
 		strtoupper($messageType)
-	));
+	);
+
+	// Prepare subject
+	if (defined($constantName)) {
+		$subject = constant($constantName);
+	} else {
+		ADD_FATAL(MEMBER_SURFBAR_NOTIFY_SUBJECT_404, $constantName);
+	}
 
 	// Load template
 	$mailText = LOAD_EMAIL_TEMPLATE($templateName, $content, $content['uid']);
@@ -1071,12 +1166,21 @@ function SURFBAR_DETERMINE_WAIT_TIME () {
 function SURFBAR_CHANGE_STATUS ($urlId, $prevStatus, $newStatus, $data=array()) {
 	global $_CONFIG;
 
+	// Make new status always lower-case
+	$newStatus = strtolower($newStatus);
+
 	// Get URL data for status comparison if missing
 	if ((!is_array($data)) || (count($data) == 0)) {
 		// Fetch missing URL data
 		$data = SURFBAR_GET_URL_DATA($urlId);
 	} // END - if
 
+	// Is the new status set?
+	if ((!is_string($newStatus)) || (empty($newStatus))) {
+		// Abort here, but fine!
+		return true;
+	} // END - if
+
 	// Is the status like prevStatus is saying?
 	if ($data[$urlId]['status'] != $prevStatus) {
 		// No, then abort here
@@ -1101,9 +1205,6 @@ function SURFBAR_CHANGE_STATUS ($urlId, $prevStatus, $newStatus, $data=array())
 	$data[$urlId]['frametester'] = FRAMETESTER($data[$urlId]['url']);
 	$data[$urlId]['reward']      = TRANSLATE_COMMA($_CONFIG['surfbar_static_reward']);
 	$data[$urlId]['costs']       = TRANSLATE_COMMA($_CONFIG['surfbar_static_costs']);
-	$data[$urlId]['status']      = SURFBAR_TRANSLATE_STATUS($newStatus);
-	$data[$urlId]['registered']  = MAKE_DATETIME($data[$urlId]['registered'], "2");
-	$newStatus = strtolower($newStatus);
 
 	// Send admin notification
 	SURFBAR_NOTIFY_ADMIN("url_{$newStatus}", $data[$urlId]);