X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Fsettings.php;h=bc42faed3b8d79bab08a12346f486b41020f2d11;hp=927d33cf97906e6467923495d187b567ebb06126;hb=414570c5081d337bb6c28dcf521bd8bca02f69e7;hpb=f01652b7b8efac92d97889e312402c4a845c2f14 diff --git a/inc/modules/sponsor/settings.php b/inc/modules/sponsor/settings.php index 927d33cf97..bc42faed3b 100644 --- a/inc/modules/sponsor/settings.php +++ b/inc/modules/sponsor/settings.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Der Sponsor kann seine Einstellungen aendern * * -------------------------------------------------------------------- * - * * + * $Revision:: 856 $ * + * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009) $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: stelzi $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -31,34 +36,34 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); -} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) { - ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE); +} elseif ((!EXT_IS_ACTIVE("sponsor")) + addFatalMessage(__FILE__, __LINE__, getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor"); return; } elseif (!IS_SPONSOR()) { // No sponsor! - ADD_FATAL(SPONSOR_ONLY_AREA_ENTERED); + addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED')); return; } // Data for the formular $result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender -FROM "._MYSQL_PREFIX."_sponsor_data +FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE id='%s' AND password='%s' LIMIT 1", - array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__); + array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load sponsor data $content = SQL_FETCHARRAY($result); if ($content['status'] == "CONFIRMED") { // Check if form was submitted or not - if (!empty($_POST['ok'])) { + if (IS_FORM_SENT()) { // Check passwords - if (empty($_POST['password'])) { + if (!REQUEST_ISSET_POST(('password'))) { // No current password entered $MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED; - } elseif (md5($_POST['password']) != $_COOKIE['sponsorpass']) { + } elseif (md5(REQUEST_POST('password')) != get_session('sponsorpass')) { // Entered password didn't match password in DB $MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB; } else { @@ -69,14 +74,14 @@ if (SQL_NUMROWS($result) == 1) { // Remove all (maybe spoofed) unsafe data from array foreach ($UNSAFE as $remove) { - unset($_POST[$remove]); + REQUEST_UNSET_POST($remove); } // Set last change timestamp - $_POST['last_change'] = time(); + REQUEST_SET_POST('last_change', "UNIX_TIMESTAMP()"); // Save data - $MSG = SPONSOR_SAVE_DATA($_POST, $content); + $MSG = SPONSOR_SAVE_DATA(REQUEST_POST_ARRAY(), $content); } if (!empty($MSG)) { @@ -84,13 +89,20 @@ if (SQL_NUMROWS($result) == 1) { $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG); } else { // No message generated - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED); + $OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_MESSAGE_GENERATED')); } } else { // Make yes/no selection switch ($content['receive_warnings']) { - case "Y": define('__YES', " checked"); define('__NO', ""); break; - case "N": define('__YES', ""); define('__NO', " checked"); break; + case "Y": + define('__YES', " checked=\"checked\""); + define('__NO', ""); + break; + + case "N": + define('__YES', ""); + define('__NO', " checked=\"checked\""); + break; } // Translate current interval into fancy string @@ -102,11 +114,11 @@ if (SQL_NUMROWS($result) == 1) { } else { // Locked or so? $STATUS = SPONSOR_TRANSLATE_STATUS($content['status']); - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2); + $OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_FAILED'), $STATUS)); } } else { // Sponsor account not found! - $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2); + $OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid'))); } // Free memory