X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fuser_functions.php;h=827ee9c2c6c6218ae71f8479e59016be4eeb36c8;hp=fd7ac7740d50a6526bbd8ccddeb823b550c88c86;hb=56931cd9321119dd37372bd16d6c552857e40066;hpb=425acd4e0e78608016f9fc2872aafc0140f49b71

diff --git a/inc/libs/user_functions.php b/inc/libs/user_functions.php
index fd7ac7740d..827ee9c2c6 100644
--- a/inc/libs/user_functions.php
+++ b/inc/libs/user_functions.php
@@ -14,11 +14,9 @@
  * $Date::                                                            $ *
  * $Tag:: 0.2.1-FINAL                                                 $ *
  * $Author::                                                          $ *
- * Needs to be in all Files and every File needs "svn propset           *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -45,8 +43,8 @@ if (!defined('__SECURITY')) {
 // Add links for selecting some users
 function alpha ($sortby, $colspan, $return=false) {
 	if (!isGetRequestParameterSet('offset')) setGetRequestParameter('offset', 0);
-	$add = '&page='.getRequestParameter('page').'&offset='.getRequestParameter('offset');
-	if (isGetRequestParameterSet('mode')) $add .= '&mode='.getRequestParameter('mode');
+	$add = '&page=' . getRequestParameter('page').'&offset=' . getRequestParameter('offset');
+	if (isGetRequestParameterSet('mode')) $add .= '&mode=' . getRequestParameter('mode');
 
 	/* Creates the list of letters and makes them a link. */
 	$alphabet = explode(',', 'A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,');
@@ -101,11 +99,13 @@ function addSortLinks ($letter, $sortby, $colspan, $return=false) {
 	elseif (isGetRequestParameterSet('mode')) $add .= '&mode=' . getRequestParameter('mode');
 
 	// Makes order by links..
-	if ($letter == 'front') $letter = '';
+	if ($letter == 'front') {
+		$letter = '';
+	} // END - if
 
 	// Prepare array with all possible sorters
 	$list = array(
-		'userid'      => '{--_UID--}',
+		'userid'      => '{--_USERID--}',
 		'family'      => '{--FAMILY--}',
 		'email'       => '{--EMAIL--}',
 		'REMOTE_ADDR' => '{--REMOTE_IP--}'
@@ -125,7 +125,7 @@ function addSortLinks ($letter, $sortby, $colspan, $return=false) {
 	} // END - foreach
 
 	// Add list and colspan
-	$content['list'] = substr($OUT, 0, -13);
+	$content['list'] = substr($OUT, 0, -1);
 	$content['colspan2'] = $colspan;
 
 	// Load template
@@ -200,7 +200,7 @@ function addPageNavigation ($numPages, $offset, $showForm, $colspan, $return=fal
 }
 
 // Create email link to user's account
-function generateUserEmailLink($email, $mod = 'admin') {
+function generateUserEmailLink ($email, $mod = 'admin') {
 	// Show contact link only if user is confirmed by default
 	$locked = " AND `status`='CONFIRMED'";
 
@@ -234,7 +234,7 @@ LIMIT 1",
 // @TODO Double-check configuration entry here
 function determineRandomReferalId () {
 	// Default is zero refid
-	$refid = '0';
+	$refid = null;
 
 	// Is the extension version fine?
 	if (isExtensionInstalledAndNewer('user', '0.3.4')) {
@@ -255,8 +255,8 @@ function determineRandomReferalId () {
 				// Use that userid as new referal id
 				list($refid) = SQL_FETCHROW($result);
 
-				// Reset this user's counter
-				SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0 WHERE `userid`=%s LIMIT 1",
+				// Reset all users, this makes this random referal id more challenging
+				SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0",
 					array($refid), __FUNCTION__, __LINE__);
 			} // END - if
 
@@ -276,6 +276,7 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 	$add = '';
 	$errorCode = '0';
 	$ext = '';
+	$isFound = false;
 
 	// Init array
 	$content = array(
@@ -296,18 +297,20 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 		$ext = 'nickname';
 	} else {
 		// Direct userid entered
-		fetchUserData($userid);
+		$isFound = fetchUserData($userid);
 	}
 
 	// No error found?
-	if ($errorCode == '0') {
+	if (($errorCode == '0') && ($isFound === true)) {
 		// Get user data array and set userid (e.g. important if we login with nickname)
 		$content = getUserDataArray();
-		if (!empty($content['userid'])) $userid = bigintval($content['userid']);
+		if (!empty($content['userid'])) {
+			$userid = bigintval($content['userid']);
+		} // END - if
 	} // END - if
 
 	// Is there an entry?
-	if ((isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) {
+	if (($errorCode == '0') && (isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) {
 		// Check for old MD5 passwords
 		if ((strlen(getUserData('password')) == 32) && (md5($passwd) == getUserData('password'))) {
 			// Just set the hash to the password from DB... :)
@@ -330,17 +333,26 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 			// No login bonus by default
 			$GLOBALS['bonus_payed'] = false;
 
-			// Probe for last online timemark
-			$probe = time() -  getUserData('last_online');
-			if (getUserData('last_login') > 0) $probe = time() - getUserData('last_login');
-
-			if ((isExtensionInstalledAndNewer('bonus', '0.2.2')) && ($probe >= getConfig('login_timeout'))) {
-				// Add login bonus to user's account
-				$add = ', `login_bonus`=`login_bonus`+{?login_bonus?}';
-				$GLOBALS['bonus_payed'] = true;
-
-				// Subtract login bonus from userid's account or jackpot
-				if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getConfig('bonus_mode') != 'ADD')) handleBonusPoints('login_bonus');
+			// Is bonus up-to-date?
+			if (isExtensionInstalledAndNewer('bonus', '0.2.2')) {
+				// Probe for last online timemark
+				$probe = time() -  getUserData('last_online');
+				if (getUserData('last_login') > 0) {
+					// Use timestamp from last login
+					$probe = time() - getUserData('last_login');
+				} // END - if
+
+				// Is the timeout reached?
+				if ($probe >= getConfig('login_timeout')) {
+					// Add login bonus to user's account
+					$add = ', `login_bonus`=`login_bonus`+{?login_bonus?}';
+					$GLOBALS['bonus_payed'] = true;
+
+					// Subtract login bonus from userid's account or jackpot
+					if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getBonusMode() != 'ADD')) {
+						handleBonusPoints('login_bonus');
+					} // END - if
+				} // END - if
 			} // END - if
 
 			// @TODO Make this filter working: $url = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON));
@@ -354,7 +366,7 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 				// Update database records
 				SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `total_logins`=`total_logins`+1" . $add . " WHERE `userid`=%s LIMIT 1",
 					array($userid), __FUNCTION__, __LINE__);
-				if (SQL_AFFECTEDROWS() == 1) {
+				if (!SQL_HASZEROAFFECTED()) {
 					// Is a success URL set?
 					if (empty($successUrl)) {
 						// Procedure to checking for login data
@@ -378,7 +390,7 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 				$errorCode = getCode('COOKIES_DISABLED');
 			}
 		} elseif (isExtensionInstalledAndNewer('sql_patches', '0.6.1')) {
-			// Update failture counter
+			// Update failure counter
 			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `userid`=%s LIMIT 1",
 				array($userid), __FUNCTION__, __LINE__);
 
@@ -392,7 +404,7 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 		// Set userid in session
 		setSession('current_userid', getUserData('userid'));
 	} elseif (!isUserDataValid()) {
-		// User id not found!
+		// User id not found
 		$errorCode = getCode('WRONG_ID');
 	} else {
 		// Unknown error
@@ -405,7 +417,9 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 		$url = $errorUrl . $errorCode;
 
 		// Extension set? Then add it as well.
-		if (!empty($ext)) $url .= '&ext=' . $ext;
+		if (!empty($ext)) {
+			$url .= '&ext=' . $ext;
+		} // END - if
 	} // END - if
 
 	// Return URL
@@ -414,67 +428,68 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p
 
 // Try to send a new password for the given user account
 function doNewUserPassword ($email, $userid) {
-	// Init result and error
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ' - ENTERED!');
+	// Init found-status and error
 	$errorCode = '';
-	$result = false;
+	$accountFound = false;
 
 	// Probe userid/nickname
-	// @TODO We should try to rewrite this to fetchUserData() somehow
 	if (!empty($email)) {
 		// Email entered
-		$result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `email`='%s' OR `email`='%s' LIMIT 1",
-			array($email, str_replace('.', '{DOT}', $email)), __FUNCTION__, __LINE__);
+		$accountFound = fetchUserData($email, 'email');
 	} elseif ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) {
 		// Nickname entered
-		$result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' OR `userid`='%s' OR `email`='%s' LIMIT 1",
-			array($userid, $userid, $email), __FUNCTION__, __LINE__);
+		$accountFound = fetchUserData($userid, 'nickname');
 	} elseif ((isValidUserId($userid)) && (empty($email))) {
 		// Direct userid entered
-		$result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
-			array(bigintval($userid)), __FUNCTION__, __LINE__);
+		$accountFound = fetchUserData($userid);
 	} else {
 		// Userid not set!
-		logDebugMessage(__FUNCTION__, __LINE__, 'Userid is not set! BUG!');
-		$errorCode = getCode('WRONG_ID');
+		logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',email=' . $email . ': Important variables are empty.');
 	}
 
 	// Any entry found?
-	if (SQL_NUMROWS($result) == 1) {
-		// This data is valid, so we create a new pass... :-)
-		list($userid, $status) = SQL_FETCHROW($result);
-
-		if ($status == 'CONFIRMED') {
-			// Ooppps, this was missing! ;-) We should update the database...
+	if ($accountFound === true) {
+		// Is the account confirmed
+		if (getUserData('status') == 'CONFIRMED') {
+			// Generate new password
 			$NEW_PASS = generatePassword();
+
+			// Update database
 			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s LIMIT 1",
-				array(generateHash($NEW_PASS), $userid), __FUNCTION__, __LINE__);
+				array(generateHash($NEW_PASS), getUserData('userid')), __FUNCTION__, __LINE__);
 
 			// Prepare data and message for email
-			$message = loadEmailTemplate('new-pass', array('new_pass' => $NEW_PASS, 'nickname' => $userid), $userid);
+			$message = loadEmailTemplate('guest_new_password',
+				array(
+					'new_pass' => $NEW_PASS,
+					'nickname' => $userid
+				), bigintval(getUserData('userid')));
 
 			// ... and send it away
-			sendEmail($userid, '{--GUEST_NEW_PASSWORD--}', $message);
+			sendEmail(bigintval(getUserData('userid')), '{--GUEST_NEW_PASSWORD--}', $message);
 
 			// Output note to user
-			loadTemplate('admin_settings_saved', false, '{--GUEST_NEW_PASSWORD_SEND--}');
+			displayMessage('{--GUEST_NEW_PASSWORD_SEND--}');
 		} else {
 			// Account is locked or unconfirmed
-			$errorCode = generateErrorCodeFromUserStatus($status);
+			$errorCode = generateErrorCodeFromUserStatus(getUserData('status'));
 
 			// Load URL
-			redirectToUrl('modules.php?module=index&what=login&login='.$errorCode);
+			redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode);
 		}
 	} else {
 		// id or email is wrong
-		loadTemplate('admin_settings_saved', false, '<span class="guest_failed">{--GUEST_WRONG_ID_EMAIL--}</span>');
+		displayMessage('<span class="notice">{--GUEST_WRONG_ID_EMAIL--}</span>');
 	}
 
 	// Return the error code
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ',errorCode=' . $errorCode . ' - EXIT!');
 	return $errorCode;
 }
 
 // Get timestamp for given stats type and data
-function getTimestampFromUserStats ($statsType, $statsData, $userid = '0') {
+function getEpocheTimeFromUserStats ($statsType, $statsData, $userid = '0') {
 	// Default timestamp is zero
 	$data['inserted'] = '0';
 
@@ -484,7 +499,7 @@ function getTimestampFromUserStats ($statsType, $statsData, $userid = '0') {
 	} // END - if
 
 	// Is the extension installed and updated?
-	if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) {
+	if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
 		// Return zero here
 		return $data['inserted'];
 	} // END - if
@@ -521,15 +536,15 @@ LIMIT 1",
 // Inserts user stats
 function insertUserStatsRecord ($userid, $statsType, $statsData) {
 	// Is the extension installed and updated?
-	if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) {
+	if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
 		// Return zero here
 		return false;
 	} // END - if
 
 	// Does it exist?
-	if ((!getTimestampFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) {
+	if ((!getEpocheTimeFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) {
 		// Then insert it!
-		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')",
+		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`, `stats_type`, `stats_data`) VALUES (%s,'%s','%s')",
 			array(
 				bigintval($userid),
 				$statsType,
@@ -541,6 +556,168 @@ function insertUserStatsRecord ($userid, $statsType, $statsData) {
 	}
 }
 
+// Confirms a user account
+function doConfirmUserAccount ($hash) {
+	// Init content
+	$content = array(
+		'message' => '{--GUEST_CONFIRMED_FAILED--}',
+		'userid'  => 0,
+	);
+
+	// Initialize the user id
+	$userid = '0';
+
+	// Search for an unconfirmed or confirmed account
+	$result = SQL_QUERY_ESC("SELECT `userid`, `refid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `user_hash`='%s' AND (`status`='UNCONFIRMED' OR `status`='CONFIRMED') LIMIT 1",
+		array($hash), __FILE__, __LINE__);
+	if (SQL_NUMROWS($result) == 1) {
+		// Ok, he want's to confirm now so we load some data
+		list($userid, $refid) = SQL_FETCHROW($result);
+
+		// Fetch user data
+		if (!fetchUserData($userid)) {
+			// Not found, should not happen
+			debug_report_bug(__FILE__, __LINE__, 'User account ' . $userid . ' not found.');
+		} // END - if
+
+		// Load all data and add points
+		$content = getUserDataArray();
+
+		// Unlock his account (but only when it is on UNCONFIRMED!)
+		SQL_QUERY_ESC("UPDATE
+	`{?_MYSQL_PREFIX?}_user_data`
+SET
+	`status`='CONFIRMED',
+	`user_hash`=NULL
+WHERE
+	`user_hash`='%s' AND
+	`status`='UNCONFIRMED'
+LIMIT 1",
+			array($hash), __FILE__, __LINE__);
+
+		// Was it updated?
+		if (!SQL_HASZEROAFFECTED()) {
+			// Send email if updated
+			$message = loadEmailTemplate('guest_user_confirmed', $content, bigintval($userid));
+
+			// And send him right away the confirmation mail
+			sendEmail($userid, '{--GUEST_THANX_CONFIRM--}', $message);
+
+			// Maybe he got "referaled"?
+			if (($refid > 0) && ($refid != $userid)) {
+				// Select the referal userid
+				if (fetchUserData($refid)) {
+					// Update ref counter...
+					updateReferalCounter($refid);
+
+					// If version matches add ref bonus to refid's account
+					if ((isExtensionInstalledAndNewer('bonus', '0.4.4')) && (isBonusRallyeActive())) {
+						// Add points (directly only!)
+						SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `bonus_ref`=`bonus_ref`+{?bonus_ref?} WHERE `userid`=%s LIMIT 1",
+							array(bigintval($refid)), __FILE__, __LINE__);
+
+						// Subtract points from system
+						handleBonusPoints(getConfig('bonus_ref'));
+					} // END - if
+
+					// Add one-time referal bonus over referal system or directly
+					initReferalSystem();
+					addPointsThroughReferalSystem('referal_bonus', $refid, getPointsRef(), bigintval($userid));
+				} // END - if
+			} // END - if
+
+			if (isExtensionActive('rallye')) {
+				// Add user to rallye (or not?)
+				addUserToReferalRallye(bigintval($userid));
+			} // END - if
+
+			// Account confirmed!
+			if (isExtensionActive('lead')) {
+				// Set special lead cookie
+				setSession('lead_userid', bigintval($userid));
+
+				// Lead-Code mode enabled
+				redirectToUrl('lead-confirm.php');
+			} else {
+				$content['message'] = '{--GUEST_CONFIRMED_DONE--}';
+				$content['userid']  = bigintval($userid);
+			}
+		} elseif (isExtensionActive('lead')) {
+			// Set special lead cookie
+			setSession('lead_userid', bigintval($userid));
+
+			// Lead-Code mode enabled
+			redirectToUrl('lead-confirm.php');
+		} else {
+			// Nobody was found unter this hash key... or our new member want's to confirm twice?
+			$content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
+		}
+	} else {
+		// Nobody was found unter this hash key... or our new member want's to confirm twice?
+		$content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
+	}
+
+	// Load template
+	displayMessage($content['message']);
+}
+
+// Does resend the user's confirmation link for given email address
+function doResendUserConfirmationLink ($email) {
+	// Email address not registered is default message
+	$message = '{--EMAIL_404--}';
+
+	// Confirmation link requested
+	if (fetchUserData($email, 'email')) {
+		// Email address found
+		$content = getUserDataArray();
+
+		// Is the account unconfirmed?
+		if ($content['status'] == 'UNCONFIRMED') {
+			// Load email template
+			$message = loadEmailTemplate('guest_request_confirm', array(), $content['userid']);
+
+			// Send email
+			sendEmail($content['userid'], '{--GUEST_REQUEST_CONFIRM_LINK_SUBJECT--}', $message);
+		} // END - if
+
+		// Create message based on the status
+		$message = getConfirmationMessageFromUserStatus($content['status']);
+	} // END - if
+
+	// Output message
+	displayMessage($message);
+}
+
+// Get a message (somewhat translation) from user status for confirmation link.
+// This is different to translateUserStatus() in text messages.
+function getConfirmationMessageFromUserStatus ($status) {
+	// Default is 'UNKNOWN'
+	$message = '{%message,GUEST_LOGIN_ID_UNKNOWN_STATUS=' . $status . '%}';
+
+	// Which status is it?
+	switch ($status) {
+		case 'UNCONFIRMED': // Account is unconfirmed
+			// And set message
+			$message = '{--GUEST_CONFIRM_LINK_SENT--}';
+			break;
+
+		case 'CONFIRMED': // Account already confirmed
+			$message = '{--GUEST_LOGIN_ID_CONFIRMED--}';
+			break;
+
+		case 'LOCKED': // Account is locked
+			$message = '{--GUEST_LOGIN_ID_LOCKED--}';
+			break;
+
+		default: // This should not happen
+			debug_report_bug(__FUNCTION__, __LINE__, 'Unknown user status ' . $status . ' detected.');
+			break;
+	} // END - switch
+
+	// Return message
+	return $message;
+}
+
 // Expression call-back function for fetching user data
 function doExpressionUser ($data) {
 	// Use current userid by default
@@ -577,5 +754,23 @@ function doExpressionUser ($data) {
 	return $code;
 }
 
+// Template call-back function for list_user admin function
+function doTemplateAdminListUserTitle ($template, $dummy = false) {
+	// Init title with "all accounts"
+	$code = '{--ADMIN_LIST_ALL_ACCOUNTS--}';
+
+	// Do we have a 'status' or 'mode' set?
+	if (isGetRequestParameterSet('status')) {
+		// Set title according to the 'status'
+		$code = sprintf("{--ADMIN_LIST_STATUS_%s_ACCOUNTS--}", strtoupper(getRequestParameter('status')));
+	} elseif (isGetRequestParameterSet('mode')) {
+		// Set title according to the "mode"
+		$code = sprintf("{--ADMIN_LIST_MODE_%s_ACCOUNTS--}", strtoupper(getRequestParameter('mode')));
+	}
+
+	// Return the code
+	return $code;
+}
+
 // [EOF]
 ?>