X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Fsettings.php;h=a85fa205ea5f7d0195d6f12ec3e3e8e8d37d0fca;hp=c8e7c4b4b73cf34d21d1d1c0c7bc31f1b64f86ad;hb=4001187f22197f55e5a1f211fc8defcc180f7c32;hpb=4ef4c88fc481335dc0631b223111c15a84cccb51

diff --git a/inc/modules/sponsor/settings.php b/inc/modules/sponsor/settings.php
index c8e7c4b4b7..a85fa205ea 100644
--- a/inc/modules/sponsor/settings.php
+++ b/inc/modules/sponsor/settings.php
@@ -31,52 +31,52 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
 	require($INC);
-} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
-	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE);
+} elseif ((!EXT_IS_ACTIVE("sponsor"))
+	addFatalMessage(__FILE__, __LINE__, getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor");
 	return;
 } elseif (!IS_SPONSOR()) {
 	// No sponsor!
-	ADD_FATAL(SPONSOR_ONLY_AREA_ENTERED);
+	addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED'));
 	return;
 }
 
 // Data for the formular
-$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, salut
-FROM "._MYSQL_PREFIX."_sponsor_data
+$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
+FROM `{!_MYSQL_PREFIX!}_sponsor_data`
 WHERE id='%s' AND password='%s' LIMIT 1",
- array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
+ array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
 if (SQL_NUMROWS($result) == 1) {
 	// Load sponsor data
 	$content = SQL_FETCHARRAY($result);
 	if ($content['status'] == "CONFIRMED") {
 		// Check if form was submitted or not
-		if (!empty($_POST['ok'])) {
+		if (IS_FORM_SENT()) {
 			// Check passwords
-			if (empty($_POST['password'])) {
+			if (!REQUEST_ISSET_POST(('password'))) {
 				// No current password entered
 				$MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
-			} elseif (md5($_POST['password']) != $_COOKIE['sponsorpass']) {
+			} elseif (md5(REQUEST_POST('password')) != get_session('sponsorpass')) {
 				// Entered password didn't match password in DB
 				$MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
 			} else {
 				// Unsecure data which we don't want here
-				$UNSAFE = array('company', 'position', 'tax_ident', 'salut', 'surname', 'family',
+				$UNSAFE = array('company', 'position', 'tax_ident', 'gender', 'surname', 'family',
 				                'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
 				                'email', 'url');
 
 				// Remove all (maybe spoofed) unsafe data from array
 				foreach ($UNSAFE as $remove) {
-					unset($_POST[$remove]);
+					REQUEST_UNSET_POST($remove);
 				}
 
 				// Set last change timestamp
-				$_POST['last_change'] = time();
+				REQUEST_SET_POST('last_change', "UNIX_TIMESTAMP()");
 
 				// Save data
-				$MSG = SPONSOR_SAVE_DATA($_POST, $content);
+				$MSG = SPONSOR_SAVE_DATA(REQUEST_POST_ARRAY(), $content);
 			}
 
 			if (!empty($MSG)) {
@@ -84,13 +84,20 @@ if (SQL_NUMROWS($result) == 1) {
 				$OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG);
 			} else {
 				// No message generated
-				$OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED);
+				$OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_MESSAGE_GENERATED'));
 			}
 		} else {
 			// Make yes/no selection
 			switch ($content['receive_warnings']) {
-				case "Y": define('__YES', " checked"); define('__NO', "");         break;
-				case "N": define('__YES', "");         define('__NO', " checked"); break;
+				case "Y":
+					define('__YES', " checked=\"checked\"");
+					define('__NO', "");
+					break;
+
+				case "N":
+					define('__YES', "");
+					define('__NO', " checked=\"checked\"");
+					break;
 			}
 
 			// Translate current interval into fancy string
@@ -102,11 +109,11 @@ if (SQL_NUMROWS($result) == 1) {
 	} else {
 		// Locked or so?
 		$STATUS = SPONSOR_TRANSLATE_STATUS($content['status']);
-		$OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2);
+		$OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_FAILED'), $STATUS));
 	}
 } else {
 	// Sponsor account not found!
-	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2);
+	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid')));
 }
 
 // Free memory