X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-unlock_emails.php;h=00db3aaf66d0dddf8096805073a9d845c2499fa3;hp=45281dd170fc475e66c3a66997d7192e57728445;hb=4001187f22197f55e5a1f211fc8defcc180f7c32;hpb=7f104f6fe558bb56b4205241435a2357c2feece1 diff --git a/inc/modules/admin/what-unlock_emails.php b/inc/modules/admin/what-unlock_emails.php index 45281dd170..00db3aaf66 100644 --- a/inc/modules/admin/what-unlock_emails.php +++ b/inc/modules/admin/what-unlock_emails.php @@ -38,36 +38,39 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) { } // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // Define some variables global $DATA; // Check for mails -$result_main = SQL_QUERY("SELECT id, sender, subject, payment_id, timestamp, url, target_send, cat_id FROM "._MYSQL_PREFIX."_pool WHERE data_type='ADMIN' ORDER BY timestamp", __FILE__, __LINE__); +$result_main = SQL_QUERY("SELECT `id`, `sender`, `subject`, `payment_id` AS `payment`, `timestamp`, `url`, `target_send`, `cat_id` AS `category` +FROM `{!_MYSQL_PREFIX!}_pool` +WHERE `data_type`='ADMIN' +ORDER BY `timestamp` ASC", __FILE__, __LINE__); -if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) { +if ((SQL_NUMROWS($result_main) > 0) || (REQUEST_ISSET_POST(('lock')))) { // Count checked checkboxes $SEL = 0; - if (isset($_POST['sel'])) { + if (REQUEST_ISSET_POST('sel')) { // Are there checked boxes? - if (count($_POST['sel']) > 0) { + if (count(REQUEST_POST('sel')) > 0) { // Count now... We use an own function for now - $SEL = SELECTION_COUNT($_POST['sel']); + $SEL = SELECTION_COUNT(REQUEST_POST('sel')); } // END - if } // END - if - if (isset($_POST['accept'])) { + if (REQUEST_ISSET_POST(('accept'))) { if ($SEL > 0) { // Accept mail orders - foreach ($_POST['sel'] as $id => $value) { + foreach (REQUEST_POST('sel') as $id => $value) { // Secure ID number $id = bigintval($id); // Order placed in queue... $result = SQL_QUERY_ESC("SELECT po.url, po.subject, po.sender, pay.payment, po.payment_id -FROM "._MYSQL_PREFIX."_pool AS po -INNER JOIN "._MYSQL_PREFIX."_payments AS pay +FROM `{!_MYSQL_PREFIX!}_pool` AS po +INNER JOIN `{!_MYSQL_PREFIX!}_payments` AS pay ON po.payment_id=pay.id WHERE po.id=%s LIMIT 1", @@ -82,19 +85,19 @@ LIMIT 1", SQL_FREERESULT($result); // Is the surfbar installed? - if ((EXT_IS_ACTIVE("surfbar")) && ($_CONFIG['surfbar_migrate_order'] == "Y")) { + if ((EXT_IS_ACTIVE("surfbar")) && (getConfig('surfbar_migrate_order') == "Y")) { // Then "migrate" the URL to the surfbar SURFBAR_ADMIN_MIGRATE_URL($DATA['url'], $DATA['sender']); } // END - if // Check for bonus extension version >= 0.4.4 for the order bonus - if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) { + if ((GET_EXT_VERSION("bonus") >= "0.4.4") && (getConfig('bonus_active') == "Y")) { // Add points directly - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$_CONFIG['bonus_order']." WHERE userid=%s LIMIT 1", - array(bigintval($DATA['sender'])), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET bonus_order=bonus_order+".getConfig('bonus_order')." WHERE userid=%s LIMIT 1", + array(bigintval($DATA['sender'])), __FILE__, __LINE__); // Subtract bonus points from system - BONUS_POINTS_HANDLER($_CONFIG['bonus_order']); + BONUS_POINTS_HANDLER(getConfig('bonus_order')); } // END - if // Load email template @@ -104,7 +107,7 @@ LIMIT 1", SEND_EMAIL($DATA['sender'], MEMBER_ORDER_ACCEPTED, $msg_user); // Unlock selected email - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%s AND data_type='ADMIN' LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET data_type='NEW' WHERE id=%s AND data_type='ADMIN' LIMIT 1", array($id), __FILE__, __LINE__); } // END - if } // END - foreach @@ -118,17 +121,17 @@ LIMIT 1", // Mails unlocked for mail delivery LOAD_TEMPLATE("admin_settings_saved", false, $MSG); - } elseif (isset($_POST['reject'])) { + } elseif (REQUEST_ISSET_POST(('reject'))) { if ($SEL > 0) { // Reject mail orders - $SW = 2; $OUT = ""; - foreach ($_POST['sel'] as $id => $value) { + $OUT = ""; $SW = 2; + foreach (REQUEST_POST('sel') as $id => $value) { // Secure ID number $id = bigintval($id); // Load URL and subject from pool - $result = SQL_QUERY_ESC("SELECT url, subject, sender FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1", - array($id), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT url, subject, sender FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s LIMIT 1", + array($id), __FILE__, __LINE__); // Load data $DATA = SQL_FETCHARRAY($result); @@ -141,17 +144,17 @@ LIMIT 1", SEND_EMAIL($DATA['sender'], MEMBER_ORDER_REJECTED, $msg_user); // If you do not enter an URL to redirect to, your URL will be set! - if ((empty($_POST['redirect'])) || ($_POST['redirect'] == "http://")) $_POST['redirect'] = URL; + if ((!REQUEST_ISSET_POST(('redirect'))) || (REQUEST_POST('redirect') == "http://")) REQUEST_SET_POST('redirect', constant('URL')); // Redirect URL - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET url='%s', data_type='NEW' WHERE id=%s LIMIT 1", - array($_POST['redirect'], $id),__FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET url='%s', data_type='NEW' WHERE id=%s LIMIT 1", + array(REQUEST_POST('redirect'), $id),__FILE__, __LINE__); // Prepare data for the row template $content = array( 'sw' => $SW, 'id' => $id, - 'url' => $_POST['url'][$id], + 'url' => REQUEST_POST('url', $id), ); // Load row template and switch colors @@ -164,77 +167,76 @@ LIMIT 1", LOAD_TEMPLATE("admin_unlock_emails_redir"); } else { // Nothing selected - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MAILS_NOTHING_CHECKED); - } - } elseif ((isset($_POST['lock'])) || ($SEL > 0)) { - if ($SEL > 0) { - // Lock URLs - foreach ($_POST['sel'] as $id => $url) { - // Lookup in blacklist - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1", - array($url), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) { - // Did not find a record so we can add it... :) - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())", - array($url), __FILE__, __LINE__); - } else { - // Free memory - SQL_FREERESULT($result); - } - } - - // Set message - $MSG = ADMIN_URLS_BLOCKED; - } else { - // Nothing selected - $MSG = ADMIN_MAILS_NOTHING_CHECKED; + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_MAILS_NOTHING_CHECKED')); } - LOAD_TEMPLATE("admin_settings_saved", false, $MSG); - } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) { + } elseif ((REQUEST_ISSET_POST(('lock'))) && ($SEL > 0) && (getConfig('url_blacklist') == "Y")) { + // Lock URLs + foreach (REQUEST_POST('sel') as $id => $url) { + // Secure id number + $id = bigintval($id); + + // Lookup in blacklist + $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_url_blacklist` WHERE `url`='%s' LIMIT 1", + array($url), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 0) { + // Did not find a record so we can add it... :) + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_url_blacklist` (`url`,`pool_id`) VALUES ('%s',%s)", + array($url, $id), __FILE__, __LINE__); + } // END - if + + // Free memory + SQL_FREERESULT($result); + } // END - foreach + + // Output message + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_URLS_BLOCKED')); + } elseif ((!REQUEST_ISSET_POST(('lock'))) && (!REQUEST_ISSET_POST(('accept'))) && (!REQUEST_ISSET_POST(('reject'))) && (getConfig('url_blacklist') == "Y")) { // Mail orders are in pool so we can display them - $SW = 2; $OUT = ""; - while (list($id, $sender, $subj, $pay, $time, $url, $tsend, $cat) = SQL_FETCHROW($result_main)) - { + $OUT = ""; $SW = 2; + while ($content = SQL_FETCHARRAY($result_main)) { // Prepare data for the template $content = array( 'sw' => $SW, - 'id' => $id, - 'sender' => $sender, - 'u_link' => ADMIN_USER_PROFILE_LINK($sender), - 'subj' => COMPILE_CODE($subj), - 'tester' => FRAMETESTER($url), - 'url' => $url, - 'cat_title' => str_replace("\"", """, GET_CATEGORY($cat)), - 'cat_link' => $cat, - 'pay_title' => str_replace("\"", """, GET_PAYMENT($pay, true)), - 'pay_link' => $pay, - 'ordered' => MAKE_DATETIME($time, "2"), - 'tsend' => $tsend, + 'id' => $content['id'], + 'sender' => $content['sender'], + 'u_link' => ADMIN_USER_PROFILE_LINK($content['sender']), + 'subj' => COMPILE_CODE($content['subject']), + 'tester' => FRAMETESTER($content['url']), + 'url' => $content['url'], + 'cat_title' => str_replace("\"", """, GET_CATEGORY($content['category'])), + 'cat_link' => $content['category'], + 'pay_title' => str_replace("\"", """, GET_PAYMENT($content['payment'], true)), + 'pay_link' => $content['payment'], + 'ordered' => MAKE_DATETIME($content['timestamp'], "2"), + 'tsend' => $content['target_send'], ); // Load row template and switch colors $OUT .= LOAD_TEMPLATE("admin_unlock_emails_row", true, $content); $SW = 3 - $SW; - } + } // END - while // Free memory - SQL_FREERESULT($result); + SQL_FREERESULT($result_main); define('__UNLOCK_ROWS', $OUT); // Prepare rejection URL $REJECT = "http://"; - if (GET_EXT_VERSION("other") >= "0.1.6") $REJECT = $_CONFIG['reject_url']; + if (GET_EXT_VERSION("other") >= "0.1.6") $REJECT = getConfig('reject_url'); define('__REJECT_URL', $REJECT); // Load main template LOAD_TEMPLATE("admin_unlock_emails"); + } elseif ((REQUEST_ISSET_POST(('lock'))) && (getConfig('url_blacklist') != "Y")) { + // URL blacklist not activated + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_URL_BLACKLIST_DISABLED')); } else { // Wrong call! - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_WRONG_CALL')); } } else { // No mail orders fond - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MAILS_IN_POOL); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NO_MAILS_IN_POOL')); } //