X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Faccount.php;h=b5f9a51493a3c0045d560746126402ea3297f79c;hp=cdd775e718a0dba0b22eb51a89c17fddcf7d1340;hb=7989ec603971c0dc8dc35d8be4e72f8098b83baa;hpb=d18075f375db1b9db40773cdf80a5d6f2c36cd3a diff --git a/inc/modules/sponsor/account.php b/inc/modules/sponsor/account.php index cdd775e718..b5f9a51493 100644 --- a/inc/modules/sponsor/account.php +++ b/inc/modules/sponsor/account.php @@ -12,7 +12,7 @@ * -------------------------------------------------------------------- * * * * -------------------------------------------------------------------- * - * Copyleft (c) 2003, 2004, 2005 by Roland Haeder * + * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * * * * This program is free software. You can redistribute it and/or modify * @@ -31,26 +31,28 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); -} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) { - $FATAL[] = EXTENSION_PROBLEM_EXT_INACTIVE; +} elseif ((!EXT_IS_ACTIVE("sponsor")) + addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor"); return; } elseif (!IS_SPONSOR()) { // No sponsor! - $FATAL[] = SPONSOR_ONLY_AREA_ENTERED; + addFatalMessage(getMessage('SPONSOR_ONLY_AREA_ENTERED')); return; } // Data for the formular $result = SQL_QUERY_ESC("SELECT company, position, tax_ident, -salut, surname, family, street_nr1, street_nr2, zip, city, country, +gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, status, receive_warnings -FROM "._MYSQL_PREFIX."_sponsor_data +FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE id='%s' AND password='%s' LIMIT 1", - array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__); + array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__); + +// Entry found? if (SQL_NUMROWS($result) == 1) { // Load sponsor data $content = SQL_FETCHARRAY($result); @@ -60,22 +62,22 @@ if (SQL_NUMROWS($result) == 1) { // Check passwords if (empty($_POST['pass_old'])) { // No current password entered - $MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED; - } elseif (md5($_POST['pass_old']) != $_COOKIE['sponsorpass']) { + $MSG = getMessage('SPONSOR_NO_CURRENT_PASSWORD_ENTERED'); + } elseif (md5($_POST['pass_old']) != get_session('sponsorpass')) { // Entered password didn't match password in DB - $MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB; + $MSG = getMessage('SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB'); } elseif ((!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] != $_POST['pass2'])) { // Both new passwords did not match - $MSG = SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH; + $MSG = getMessage('SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH'); } elseif ((empty($_POST['pass1'])) && (!empty($_POST['pass2']))) { // No password one entered - $MSG = SPONSOR_PASSWORD_ONE_EMPTY; + $MSG = getMessage('SPONSOR_PASSWORD_ONE_EMPTY'); } elseif ((!empty($_POST['pass1'])) && (empty($_POST['pass2']))) { // No password two entered - $MSG = SPONSOR_PASSWORD_TWO_EMPTY; - } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < $CONFIG['pass_len'])) { + $MSG = getMessage('SPONSOR_PASSWORD_TWO_EMPTY'); + } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < getConfig('pass_len'))) { // Too short password - $MSG = SPONSOR_PASSWORD_TOO_SHORT_1.$CONFIG['pass_len'].SPONSOR_PASSWORD_TOO_SHORT_2; + $MSG = sprintf(getMessage('SPONSOR_PASSWORD_TOO_SHORT'), getConfig('pass_len')); } else { // Default is we don't want to change password! $PASS_AND = ""; $PASS_DATA = ""; @@ -88,7 +90,7 @@ if (SQL_NUMROWS($result) == 1) { } // Unsecure data which we don't want here - $UNSAFE = array('receive_warnings', 'warning_interval'); + $UNSAFE = array('receive_warnings', 'warning_interval'); // Remove all (maybe spoofed) unsafe data from array foreach ($UNSAFE as $remove) { @@ -107,28 +109,28 @@ if (SQL_NUMROWS($result) == 1) { $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG); } else { // No message generated - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED); + $OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_MESSAGE_GENERATED')); } } else { - // Check for salutation selection - switch ($content['salut']) + // Check for gender selection + switch ($content['gender']) { case "M": // Male - define('__SALUT_M', " selected"); - define('__SALUT_F', ""); - define('__SALUT_C', ""); + define('__GENDER_M', " selected=\"selected\""); + define('__GENDER_F', ""); + define('__GENDER_C', ""); break; case "F": // Female - define('__SALUT_M', ""); - define('__SALUT_F', " selected"); - define('__SALUT_C', ""); + define('__GENDER_M', ""); + define('__GENDER_F', " selected=\"selected\""); + define('__GENDER_C', ""); break; case "C": // Company - define('__SALUT_M', ""); - define('__SALUT_F', ""); - define('__SALUT_C', " selected"); + define('__GENDER_M', ""); + define('__GENDER_F', ""); + define('__GENDER_C', " selected=\"selected\""); break; } @@ -142,7 +144,7 @@ if (SQL_NUMROWS($result) == 1) { } } else { // Sponsor account not found! - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2); + $OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid'))); } // Free memory