X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fframetester.php;h=6bf21086fcb7c664995396f67341579e50fdf74a;hp=48ff5cc346718b6c90f8791683774fdfba22ceb3;hb=7c15ca79161bf475e958810a5b585bce869a2af9;hpb=a05706f3f5f5e6ae26c2114d2fd3ede01d5fe093 diff --git a/inc/modules/frametester.php b/inc/modules/frametester.php index 48ff5cc346..6bf21086fc 100644 --- a/inc/modules/frametester.php +++ b/inc/modules/frametester.php @@ -10,9 +10,14 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Testet die Mitgliedsseite gegen Frame-Killer * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * - * Copyright (c) 2003 - 2008 by Roland Haeder * + * Copyright (c) 2003 - 2009 by Roland Haeder * * For more information visit: http://www.mxchange.org * * * * This program is free software; you can redistribute it and/or modify * @@ -32,19 +37,18 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; - require($INC); -} +if (!defined('__SECURITY')) { + die(); +} // END - if -$MODE = "guest"; +$mode = 'guest'; -if (!empty($_GET['order'])) { +if (isGetRequestElementSet('order')) { // Order number placed, is he also logged in? - if(IS_LOGGED_IN()) { + if (isMember()) { // Ok, test passed... :) - $result = SQL_QUERY_ESC("SELECT subject, url FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1", - array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `subject`, `url` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1", + array(bigintval(getRequestElement('order')), getUserId()), __FILE__, __LINE__); // Finally is the entry valid? if (SQL_NUMROWS($result) == 1) { @@ -52,68 +56,72 @@ if (!empty($_GET['order'])) { list($sub, $url) = SQL_FETCHROW($result); // This fixes a white page - $_POST['url'] = $url; + setRequestPostElement('url', $url); - // Update his login data - UPDATE_LOGIN_DATA(); - $MODE = "member"; + // Mode is member + $mode = 'member'; } else { // Matching line not found! - LOAD_URL("modules.php?module=index&what=login"); + redirectToUrl('modules.php?module=index&what=login'); } // Free memory SQL_FREERESULT($result); } else { // He is no longer logged in - LOAD_URL("modules.php?module=index&what=login"); + redirectToUrl('modules.php?module=index&what=login'); } -} +} // END - if -if ((!empty($_POST['url'])) || (!empty($_GET['url'])) || (!empty($_GET['frame']))) { - $url = URL; - if (!empty($_POST['url'])) $url = $_POST['url']; +if ((isPostRequestElementSet('url')) || (isGetRequestElementSet('url')) || (isGetRequestElementSet('frame'))) { + // Default URL is ours + $url = getConfig('URL'); - // Decode URL if set - if (!empty($_GET['url'])) $url = COMPILE_CODE(gzuncompress(base64_decode(urldecode($_GET['url'])))); + // Use URL from POST or GET data if set + if (isPostRequestElementSet('url')) { + // POST data comes first + $url = postRequestElement('url'); + } elseif (isGetRequestElementSet('url')) { + // Then GET data + $url = decodeString(str_replace(' ', '+', compileUriCode(urldecode(getRequestElement('url'))))); + } // Add missing element - $frame = ""; - if (!empty($_GET['frame'])) $frame = SQL_ESCAPE($_GET['frame']); - switch ($frame) - { - case "": - switch ($MODE) - { - case "member": - // Build frameset - define('__ORDER_VALUE', bigintval($_GET['order'])); - define('__URL_VALUE' , DEREFERER($url)); - LOAD_TEMPLATE("member_order_frametester"); - break; + $frame = ''; + if (isGetRequestElementSet('frame')) $frame = getRequestElement('frame'); + switch ($frame) { + case '': + switch ($mode) { + case 'member': + // Build frameset + $content['order'] = bigintval(getRequestElement('order')); + $content['url'] = generateDerefererUrl($url); + loadTemplate('member_order_frametester', false, $content); + break; - case "guest": - define('__URL_VALUE' , DEREFERER($url)); - LOAD_TEMPLATE("guest_frametester"); + case 'guest': + $content['url'] = generateDerefererUrl($url); + loadTemplate('guest_frametester', false, $content); + break; + } // END - switch break; - } - break; - case "test_top": - OUTPUT_HTML("".GUEST_FRAMETESTER_TOP.""); - break; + case 'test_top': + loadTemplate('admin_settings_saved', false, '
{--GUEST_FRAMETESTER_TOP--}'); + break; - case "back": // Back buttom - LOAD_TEMPLATE("member_order_back", false, $_GET['order']); - break; + case 'back': // Back buttom + loadTemplate('member_order_back', false, getRequestElement('order')); + break; - case "send": // Send mail away - LOAD_TEMPLATE("member_order_send", false, $_GET['order']); - break; - } + case 'send': // Send mail away + loadTemplate('member_order_send', false, getRequestElement('order')); + break; + } // END - switch } else { // Go away... - LOAD_URL("modules.php?module=login"); + redirectToUrl('modules.php?module=login'); } -// + +// [EOF] ?>