X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Faccount.php;h=cb46839d0a31873e14dc3e0bd80e98ef86a7b62c;hp=747104be271497a12d118b849743e62c0dfc5403;hb=7b0f17cd637e388049d2167811e4332cec1e979b;hpb=3daede4c904e23905c3e48dd6749019deca0a0e0 diff --git a/inc/modules/sponsor/account.php b/inc/modules/sponsor/account.php index 747104be27..cb46839d0a 100644 --- a/inc/modules/sponsor/account.php +++ b/inc/modules/sponsor/account.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Der Sponsor kann sein Account verwalten * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -32,14 +37,14 @@ // Some security stuff... if (!defined('__SECURITY')) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); -} elseif ((!EXT_IS_ACTIVE("sponsor")) - addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE); +} elseif ((!EXT_IS_ACTIVE('sponsor')) + addFatalMessage(__FILE__, __LINE__, sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), 'sponsor')); return; } elseif (!IS_SPONSOR()) { // No sponsor! - addFatalMessage(SPONSOR_ONLY_AREA_ENTERED); + addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED')); return; } @@ -48,43 +53,45 @@ $result = SQL_QUERY_ESC("SELECT company, position, tax_ident, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, status, receive_warnings -FROM "._MYSQL_PREFIX."_sponsor_data -WHERE id='%s' AND password='%s' LIMIT 1", - array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__); +FROM `{!_MYSQL_PREFIX!}_sponsor_data` +WHERE `id`='%s' AND password='%s' LIMIT 1", + array(bigintval(getSession('sponsorid')), getSession('sponsorpass')), __FILE__, __LINE__); + +// Entry found? if (SQL_NUMROWS($result) == 1) { // Load sponsor data $content = SQL_FETCHARRAY($result); - if ($content['status'] == "CONFIRMED") { + if ($content['status'] == 'CONFIRMED') { // Check if form was submitted or not - if (!empty($_POST['ok'])) { + if (IS_FORM_SENT()) { // Check passwords - if (empty($_POST['pass_old'])) { + if (!REQUEST_ISSET_POST(('pass_old'))) { // No current password entered - $MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED; - } elseif (md5($_POST['pass_old']) != get_session('sponsorpass')) { + $message = getMessage('SPONSOR_NO_CURRENT_PASSWORD_ENTERED'); + } elseif (md5(REQUEST_POST('pass_old')) != getSession('sponsorpass')) { // Entered password didn't match password in DB - $MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB; - } elseif ((!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] != $_POST['pass2'])) { + $message = getMessage('SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB'); + } elseif ((REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2'))) && (REQUEST_POST('pass1') != REQUEST_POST('pass2'))) { // Both new passwords did not match - $MSG = SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH; - } elseif ((empty($_POST['pass1'])) && (!empty($_POST['pass2']))) { + $message = getMessage('SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH'); + } elseif ((!REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2')))) { // No password one entered - $MSG = SPONSOR_PASSWORD_ONE_EMPTY; - } elseif ((!empty($_POST['pass1'])) && (empty($_POST['pass2']))) { + $message = getMessage('SPONSOR_PASSWORD_ONE_EMPTY'); + } elseif ((REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass2')))) { // No password two entered - $MSG = SPONSOR_PASSWORD_TWO_EMPTY; - } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < getConfig('pass_len'))) { + $message = getMessage('SPONSOR_PASSWORD_TWO_EMPTY'); + } elseif ((REQUEST_ISSET_POST(('pass1'))) && (strlen(REQUEST_POST('pass1')) < getConfig('pass_len'))) { // Too short password - $MSG = SPONSOR_PASSWORD_TOO_SHORT_1.getConfig('pass_len').SPONSOR_PASSWORD_TOO_SHORT_2; + $message = sprintf(getMessage('SPONSOR_PASSWORD_TOO_SHORT'), getConfig('pass_len')); } else { // Default is we don't want to change password! - $PASS_AND = ""; $PASS_DATA = ""; + $PASS_AND = ''; $PASS_DATA = ''; // Check if we want to change password or not - if (($_POST['pass1'] == $_POST['pass2']) && (!empty($_POST['pass1'])) && ($_POST['pass1'] != $_POST['pass_old'])) { + if ((REQUEST_POST('pass1') == REQUEST_POST('pass2')) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') != REQUEST_POST('pass_old'))) { // Change current password $PASS_AND = ", password='%s'"; - $PASS_DATA = md5($_POST['pass1']); + $PASS_DATA = md5(REQUEST_POST('pass1')); } // Unsecure data which we don't want here @@ -92,43 +99,43 @@ if (SQL_NUMROWS($result) == 1) { // Remove all (maybe spoofed) unsafe data from array foreach ($UNSAFE as $remove) { - unset($_POST[$remove]); + REQUEST_UNSET_POST($remove); } // Set last change timestamp - $_POST['last_change'] = time(); + REQUEST_SET_POST('last_change', "UNIX_TIMESTAMP()"); // Save data - $MSG = SPONSOR_SAVE_DATA($_POST, $content); + $message = SPONSOR_SAVE_DATA(REQUEST_POST_ARRAY(), $content); } - if (!empty($MSG)) { + if (!empty($message)) { // Output message - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG); + $OUT = LOAD_TEMPLATE('admin_settings_saved', true, $message); } else { // No message generated - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED); + $OUT = LOAD_TEMPLATE('admin_settings_saved', true, getMessage('SPONSOR_NO_MESSAGE_GENERATED')); } } else { // Check for gender selection switch ($content['gender']) { case "M": // Male - define('__GENDER_M', " selected=\"selected\""); - define('__GENDER_F', ""); - define('__GENDER_C', ""); + define('__GENDER_M', ' selected="selected"'); + define('__GENDER_F', ''); + define('__GENDER_C', ''); break; case "F": // Female - define('__GENDER_M', ""); - define('__GENDER_F', " selected=\"selected\""); - define('__GENDER_C', ""); + define('__GENDER_M', ''); + define('__GENDER_F', ' selected="selected"'); + define('__GENDER_C', ''); break; case "C": // Company - define('__GENDER_M', ""); - define('__GENDER_F', ""); - define('__GENDER_C', " selected=\"selected\""); + define('__GENDER_M', ''); + define('__GENDER_F', ''); + define('__GENDER_C', ' selected="selected"'); break; } @@ -137,12 +144,12 @@ if (SQL_NUMROWS($result) == 1) { } } else { // Locked or so? - $STATUS = SPONSOR_TRANSLATE_STATUS($content['status']); - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2); + $STATUS = sponsorTranslateUserStatus($content['status']); + $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_FAILED'), $STATUS)); } } else { // Sponsor account not found! - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.get_session('sponsorid').SPONSOR_ACCOUNT_404_2); + $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getSession('sponsorid'))); } // Free memory