X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-register.php;h=7fe0bf2b7c18a10f4b2007a30fae54f220649fe7;hp=e4fa749c486ce10080e71e514302bd096bbf501b;hb=f9a9c09e1ae257449bfd98f8854e321efba1dc3c;hpb=7eb9da85bfb337997a58a244cb610c97a8d10c13

diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php
index e4fa749c48..7fe0bf2b7c 100644
--- a/inc/modules/guest/what-register.php
+++ b/inc/modules/guest/what-register.php
@@ -72,15 +72,15 @@ if (empty($_POST['country_code'])) $_POST['country_code'] = "1";
 $_POST['refid'] = 0;
 if ($GLOBALS['refid'] > 0) {
 	// Test if the refid is valid
-	$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+	$result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
 		array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
 
 	// Userid found?
 	//* DEBUG: */ die("refid={$GLOBALS['refid']}/numRows=".SQL_NUMROWS($result)."");
 	if (SQL_NUMROWS($result) == 0) {
 		// Not found so we set your refid!
-		$_POST['refid'] = $_CONFIG['def_refid'];
-		set_session('refid', $_CONFIG['def_refid']);
+		$_POST['refid'] = getConfig('def_refid');
+		set_session('refid', getConfig('def_refid'));
 	} else {
 		// Use the refid here
 		$_POST['refid'] = $GLOBALS['refid'];
@@ -94,96 +94,97 @@ if (isset($_POST['ok'])) {
 	if ($_POST['agree'] != "Y") {
 		$_POST['agree'] = "!";
 		$FAILED = true;
-	}
+	} // END - if
 
 	// Did he enter a valid email address? (we really don't care about
 	// that, he has to click on a confirmation link :P )
 	if ((empty($_POST['addy'])) || (!VALIDATE_EMAIL($_POST['addy']))) {
 		$_POST['addy'] = "!";
 		$FAILED = true;
-	}
+	} // END - if
 
 	// And what about surname and family's name?
 	if (empty($_POST['surname'])) {
 		$_POST['surname'] = "!";
 		$FAILED = true;
-	}
+	} // END - if
 	if (empty($_POST['family_name'])) {
 		$_POST['family_name'] = "!";
 		$FAILED = true;
-	}
+	} // END - if
 
 	// Check for required fields
 	if (!$FAILED) $FAILED = REGISTER_CHECK_REQUIRED_FIELDS($_POST);
 
 	// Did he enter his password twice?
-	if (((empty($_POST['pass1'])) || (empty($_POST['pass2']))) || (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2']))))
-	{
-		if (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])))
-		{
+	if (((empty($_POST['pass1'])) || (empty($_POST['pass2']))) || (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])))) {
+		if (($_POST['pass1'] != $_POST['pass2']) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2']))) {
 			$_POST['pass1'] = "!";
 			$_POST['pass2'] = "!";
-		}
-		 else
-		{
+		} else {
 			if (empty($_POST['pass1'])) { $_POST['pass1'] = "!"; } else { $_POST['pass1'] = ""; }
 			if (empty($_POST['pass2'])) { $_POST['pass2'] = "!"; } else { $_POST['pass2'] = ""; }
 		}
 		$FAILED = true;
-	}
+	} // END - if
+
 	// Is the password long enouth?
-	if ((strlen($_POST['pass1']) < $_CONFIG['pass_len']) && (!$FAILED) && (!IS_ADMIN()))
-	{
+	if ((strlen($_POST['pass1']) < getConfig('pass_len')) && (!$FAILED)) {
 		$SHORT_PASS = true;
 		$FAILED = true;
-	}
-	// Did he select enougth categories?
-	if (!IS_ADMIN())
-	{
+	} // END - if
+
+	// No admin? Admins can always register!
+	if (!IS_ADMIN()) {
 		// Do this check only when no admin is logged in
-		foreach ($_POST['cat'] as $id => $answer)
-		{
+		foreach ($_POST['cat'] as $id => $answer) {
 			if ($answer == "Y") $cats++;
-		}
-		if ($cats < $_CONFIG['least_cats'])
-		{
+		} // END - foreach
+
+		if ($cats < getConfig('least_cats')) {
 			// ... nope!
 			$FAILED = true;
-		}
-	}
-	if (($_POST['addy'] != "!") && ($_CONFIG['check_double_email'] == "Y") && (!IS_ADMIN()))
-	{
+		} // END - if
+	} // END - if
+
+	if (($_POST['addy'] != "!") && (getConfig('check_double_email') == "Y")) {
 		// Does the email address already exists in our database?
 		$CHK = SEARCH_EMAIL_USERTAB($_POST['addy']);
 		if ($CHK) { $_POST['addy'] = "?"; $FAILED = true; }
-	}
+	} // END - if
 
-	// Check his IP number
-	$result = SQL_QUERY_ESC("SELECT joined, last_update FROM "._MYSQL_PREFIX."_user_data WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
-	 array(GET_REMOTE_ADDR(), $_CONFIG['ip_timeout'], $_CONFIG['ip_timeout']), __FILE__, __LINE__);
-	if ((SQL_NUMROWS($result) == 1) && (!IS_ADMIN()))
-	{
-		// Same IP in timeout range and different email address entered... Eat this, faker! ;-)
-		// But admins are allowed to fake their own exchange service.
-		$IP_TIMEOUT = true;
-		$FAILED = true;
-	}
+	// Check for IP timeout?
+	if (getConfig('ip_timeout') > 0) {
+		// Check his IP number
+		$result = SQL_QUERY_ESC("SELECT joined, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
+			array(GET_REMOTE_ADDR(), getConfig('ip_timeout'), getConfig('ip_timeout')), __FILE__, __LINE__);
+		if (SQL_NUMROWS($result) == 1) {
+			// Same IP in timeout range and different email address entered... Eat this, faker! ;-)
+			// But admins are allowed to fake their own exchange service.
+			$IP_TIMEOUT = true;
+			$FAILED = true;
+		} // END - if
+	} // END - if
 
 	// Free memory
 	SQL_FREERESULT($result);
 }
 
-if ((isset($_POST['ok'])) && (!$FAILED))
-{
-	// Save the registration
+if ((isset($_POST['ok'])) && ((!$FAILED) || (IS_ADMIN()))) {
+	// Prepapre month and day of birth
 	if (strlen($_POST['day'])   == 1) $_POST['day']   = "0".$_POST['day'];
 	if (strlen($_POST['month']) == 1) $_POST['month'] = "0".$_POST['month'];
 
-	// Get total users
-	$totalUsers = GET_TOTAL_DATA("CONFIRMED", "user_data", "userid", "status", true);
+	// Get total ...
+	// ... confirmed, ...
+	$confirmedUsers   = GET_TOTAL_DATA("CONFIRMED", "user_data", "userid", "status", true);
+	// ... unconfirmed ...
+	$unconfirmedUsers = GET_TOTAL_DATA("UNCONFIRMED", "user_data", "userid", "status", true);
+	// ... and locked users!
+	$lockedUsers      = GET_TOTAL_DATA("LOCKED", "user_data", "userid", "status", true);
 
-	// Hash = MM-DD-YYYY:IP:USER_AGENT:TIMEMARK
-	$hash = generateHash(sha1($totalUsers.":".$_POST['month']."-".$_POST['day']."-".$_POST['year'].":".getenv('SERVER_NAME').":".GET_REMOTE_ADDR().":".GET_USER_AGENT()."-".time())."/".RAND_NUMBER);
+	// Generate hash which will be inserted into confirmation mail
+	$hash = generateHash(sha1($confirmedUsers.":".$unconfirmedUsers.":".$lockedUsers.":".$_POST['month']."-".$_POST['day']."-".$_POST['year'].":".getenv('SERVER_NAME').":".GET_REMOTE_ADDR().":".GET_USER_AGENT()."/".SITE_KEY."/".DATE_KEY."/".RAND_NUMBER));
 
 	// Add design when extension sql_patches is v0.2.7 or greater
 	$ADD1 = ""; $ADD2 = "";
@@ -198,7 +199,7 @@ if ((isset($_POST['ok'])) && (!$FAILED))
 	// First comes first: begging rallye
 	if (GET_EXT_VERSION("beg") >= "0.1.7") {
 		// Okay, shall I disable now?
-		if ($_CONFIG['beg_new_mem_notify'] == "N") {
+		if (getConfig('beg_new_mem_notify') == "N") {
 			$ADD1 .= ", beg_ral_notify, beg_ral_en_notify";
 			$ADD2 .= ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP()";
 		} // END - if
@@ -207,7 +208,7 @@ if ((isset($_POST['ok'])) && (!$FAILED))
 	// Second: active rallye
 	if (GET_EXT_VERSION("bonus") >= "0.7.7") {
 		// Okay, shall I disable now?
-		if ($_CONFIG['bonus_new_mem_notify'] == "N") {
+		if (getConfig('bonus_new_mem_notify') == "N") {
 			$ADD1 .= ", bonus_ral_notify, bonus_ral_en_notify";
 			$ADD2 .= ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP()";
 		} // END - if
@@ -228,7 +229,7 @@ if ((isset($_POST['ok'])) && (!$FAILED))
 	// Create user's account... //
 	//////////////////////////////
 	//
-	$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_data (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
+	$result = SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
 VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
 	array(
 		$countryRow,
@@ -273,14 +274,14 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 	if (SQL_NUMROWS($result) == 0) {
 		// Add only when the line was not found (maybe some more secure?)
 		$locked = "points";
-		if ($_CONFIG['ref_payout'] > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails!
+		if (getConfig('ref_payout') > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails!
 		$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, ".$locked.") VALUES (%s,0,'%s')",
-		 array(bigintval($userid), $_CONFIG['points_register']), __FILE__, __LINE__);
+		 array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__);
 
 		// Update mediadata as well
 		if ((GET_EXT_VERSION("mediadata") >= "0.0.4") && ($locked == "points")) {
 			// Update database
-			MEDIA_UPDATE_ENTRY(array("total_points"), "add", $_CONFIG['points_register']);
+			MEDIA_UPDATE_ENTRY(array("total_points"), "add", getConfig('points_register'));
 		} // END - if
 	} // END - if
 
@@ -301,22 +302,41 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 	// ... rewrite a zero referal ID to the main title
 	if ($_POST['refid'] == "0") $_POST['refid'] = MAIN_TITLE;
 
-	// Prepare data array for the email template
-	// Start with the gender...
-	$DATA = array(
-		'hash'    => $hash,
-		'uid'     => $userid,
-		'gender'  => $gender,
-		'surname' => SQL_ESCAPE($_POST['surname']),
-		'family'  => SQL_ESCAPE($_POST['family_name']),
-		'email'   => SQL_ESCAPE($_POST['addy']),
-		'street'  => SQL_ESCAPE($_POST['street_nr']),
-		'city'    => SQL_ESCAPE($_POST['city']),
-		'zip'     => bigintval($_POST['zip']),
-		'country' => $countryData,
-		'refid'   => SQL_ESCAPE($_POST['refid']),
-		'pass'    => SQL_ESCAPE($_POST['pass1']),
-	);
+	// Is ZIP code set?
+	if (!empty($_POST['zip'])) {
+		// Prepare data array for the email template
+		// Start with the gender...
+		$DATA = array(
+			'hash'    => $hash,
+			'uid'     => $userid,
+			'gender'  => $gender,
+			'surname' => SQL_ESCAPE($_POST['surname']),
+			'family'  => SQL_ESCAPE($_POST['family_name']),
+			'email'   => SQL_ESCAPE($_POST['addy']),
+			'street'  => SQL_ESCAPE($_POST['street_nr']),
+			'city'    => SQL_ESCAPE($_POST['city']),
+			'zip'     => bigintval($_POST['zip']),
+			'country' => $countryData,
+			'refid'   => SQL_ESCAPE($_POST['refid']),
+			'pass'    => SQL_ESCAPE($_POST['pass1']),
+		);
+	} else {
+		// No ZIP code entered
+		$DATA = array(
+			'hash'    => $hash,
+			'uid'     => $userid,
+			'gender'  => $gender,
+			'surname' => SQL_ESCAPE($_POST['surname']),
+			'family'  => SQL_ESCAPE($_POST['family_name']),
+			'email'   => SQL_ESCAPE($_POST['addy']),
+			'street'  => SQL_ESCAPE($_POST['street_nr']),
+			'city'    => SQL_ESCAPE($_POST['city']),
+			'zip'     => "",
+			'country' => $countryData,
+			'refid'   => SQL_ESCAPE($_POST['refid']),
+			'pass'    => SQL_ESCAPE($_POST['pass1']),
+		);
+	}
 
 	// Continue with birthday...
 	switch (GET_LANGUAGE())
@@ -375,15 +395,15 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 	}
 
 	if ($SHORT_PASS) {
-		OUTPUT_HTML("<STRONG><SPAN class=\"register_failed\">".SHORT_PASS.": ".$_CONFIG['pass_len']."</SPAN></STRONG><br /><br />");
+		OUTPUT_HTML("<STRONG><SPAN class=\"register_failed\">".SHORT_PASS.": ".getConfig('pass_len')."</SPAN></STRONG><br /><br />");
 	} // END - if
 
 	if ($IP_TIMEOUT) {
 		OUTPUT_HTML("<STRONG><SPAN class=\"register_failed\">".REMOTE_ADDR_TIMEOUT."</SPAN></STRONG><br /><br />");
 	} // END - if
 
-	if ((!empty($cats)) && ($cats < $_CONFIG['least_cats'])) {
-		OUTPUT_HTML("<STRONG><SPAN class=\"register_failed\">".CATS_LEAST.": ".$_CONFIG['least_cats']."</SPAN></STRONG><br /><br />");
+	if ((!empty($cats)) && ($cats < getConfig('least_cats'))) {
+		OUTPUT_HTML("<STRONG><SPAN class=\"register_failed\">".CATS_LEAST.": ".getConfig('least_cats')."</SPAN></STRONG><br /><br />");
 	} // END - if
 
 	// Generate birthday selection
@@ -394,6 +414,7 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 		break;
 
 	default: // Default is the US date format... :)
+		define('BIRTHDAY_SELECTION', ADD_SELECTION("month", $_POST['month']).ADD_SELECTION("day", $_POST['day']).ADD_SELECTION("year", $_POST['year']));
 		break;
 	}
 
@@ -404,7 +425,7 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 	define('MAX_RECEIVE_LIST', ADD_MAX_RECEIVE_LIST("guest", "", true));
 
 	// Shall I display the refid or shall I make it editable?
-	if ($_CONFIG['display_refid'] == "Y") {
+	if (getConfig('display_refid') == "Y") {
 		// Load "hide" form template
 		define('REFID_CONTENT', LOAD_TEMPLATE("guest_register_refid_hide", true, $GLOBALS['refid']));
 	} else {
@@ -416,14 +437,18 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
 	define('REGISTER_HEADER_CONTENT', LOAD_TEMPLATE("register_header", true));
 
 	// Please select at least x categories
-	define('LEAST_CATS_VALUE', $_CONFIG['least_cats']);
+	define('LEAST_CATS_VALUE', getConfig('least_cats'));
 
 	// Other values
 	define('__SURNAME', SQL_ESCAPE($_POST['surname']));
 	define('__FAMILY',  SQL_ESCAPE($_POST['family_name']));
 	define('__STREET',  SQL_ESCAPE($_POST['street_nr']));
 	define('__COUNTRY', SQL_ESCAPE($_POST['cntry']));
-	define('__ZIP',     bigintval($_POST['zip']));
+	if (!empty($_POST['zip'])) {
+		define('__ZIP', bigintval($_POST['zip']));
+	} else {
+		define('__ZIP', "");
+	}
 	define('__CITY',    SQL_ESCAPE($_POST['city']));
 	define('__ADDY',    SQL_ESCAPE($_POST['addy']));