X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=21e7f49846b3b240985bed1b866363b1b1f12663;hp=ad02fe75d7d97711cf2329abe7055c5f7c97187a;hb=53044feaa7d4a19c7793f6310586a81100435a1c;hpb=41e2891fb998d13b22b8d7984358f258cc85267d diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index ad02fe75d7..21e7f49846 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -44,19 +44,20 @@ function ADD_MODULE_TITLE($mod) { // Is the script installed? if (isBooleanConstantAndTrue('mxchange_installed')) { - if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) { + // Check if cache is valid + if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (in_array($mod, $cacheArray['modules']['module']))) { // Load from cache $name = $cacheArray['modules']['title'][$mod]; // Update cache hits - $_CONFIG['cache_hits']++; - } else { + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod), __FILE__, __LINE__); list($name) = SQL_FETCHROW($result); SQL_FREERESULT($result); } - } + } // END - if // Trim name $name = trim($name); @@ -64,17 +65,19 @@ function ADD_MODULE_TITLE($mod) { // Still no luck or empty title? if (empty($name)) { // No name found - $name = LANG_UNKNOWN_MODULE." (".$mod.")"; + $name = sprintf("%s (%s)", LANG_UNKNOWN_MODULE, $mod); if (SQL_NUMROWS($result) == 0) { // Add module to database $dummy = CHECK_MODULE($mod); - } - } + } // END - if + } // END - if + + // Return name return $name; } // Check validity of a given module name (no file extension) -function CHECK_MODULE($mod) { +function CHECK_MODULE ($mod) { // We need them now here... global $cacheArray, $_CONFIG, $cacheInstance; @@ -112,13 +115,13 @@ function CHECK_MODULE($mod) { $mem = $cacheArray['modules']['mem_only'][$mod_chk]; // Update cache hits - $_CONFIG['cache_hits']++; + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } $found = true; } else { // No, then we have to update it! $ret = "cache_miss"; } - } else { + } elseif (!EXT_IS_ACTIVE("cache")) { // Check for module in database $result = SQL_QUERY_ESC("SELECT locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", array($mod_chk), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -156,16 +159,16 @@ function CHECK_MODULE($mod) { // to find a loop here... *sigh* $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg (module, locked, hidden, mem_only, admin_only, has_menu) VALUES -('%s', 'Y', 'N', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__); +('%s','Y','N','N','N','N')", array($mod_chk), __FILE__, __LINE__); } else { // Wrong/missing sql_patches! $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_mod_reg (module, locked, hidden, mem_only, admin_only) VALUES -('%s', 'Y', 'N', 'N', 'N')", array($mod_chk), __FILE__, __LINE__); +('%s','Y','N','N','N')", array($mod_chk), __FILE__, __LINE__); } // Everthing is fine? - if (SQL_AFFECTEDROWS() == 0) { + if (SQL_AFFECTEDROWS() < 1) { // Something bad happend! return "major"; } // END - if @@ -187,27 +190,32 @@ function CHECK_MODULE($mod) { // Add menu description pending on given file name (without path!) function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { - global $DEPTH, $_CONFIG; + global $NAV_DEPTH, $_CONFIG; + // Use only filename of the file ;) + $file = basename($file); + + // Init variables $LINK_ADD = ""; $OUT = ""; $AND = ""; + // First we have to do some analysis... - if (ereg("action-", $file)) { + if (substr($file, 0, 7) == "action-") { // This is an action file! $type = "action"; $search = substr($file, 7); switch ($ACC_LVL) { case "admin": - $MOD_CHECK = "admin"; + $modCheck = "admin"; break; case "sponsor": case "guest": case "member": - $MOD_CHECK = $GLOBALS['module']; + $modCheck = $GLOBALS['module']; break; } $AND = " AND (what='' OR what IS NULL)"; - } elseif (ereg("what-", $file)) { + } elseif (substr($file, 0, 5) == "what-") { // This is an admin what file! $type = "what"; $search = substr($file, 5); @@ -215,12 +223,12 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { switch ($ACC_LVL) { case "admin": - $MOD_CHECK = "admin"; + $modCheck = "admin"; break; case "guest": case "member": - $MOD_CHECK = $GLOBALS['module']; + $modCheck = $GLOBALS['module']; if (!IS_ADMIN()) { $AND = " AND visible='Y' AND locked='N'"; } @@ -232,20 +240,20 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { // Sponsor / engine menu $type = "what"; $search = $file; - $MOD_CHECK = $GLOBALS['module']; + $modCheck = $GLOBALS['module']; $AND = ""; } else { // Other $type = "menu"; $search = $file; - $MOD_CHECK = $GLOBALS['module']; + $modCheck = $GLOBALS['module']; $AND = ""; } - if ((!isset($DEPTH)) && (!$return)) { - $DEPTH = 0; + if ((!isset($NAV_DEPTH)) && (!$return)) { + $NAV_DEPTH = 0; $prefix = "
".YOU_ARE_HERE." Home"; } else { - if (!$return) $DEPTH++; + if (!$return) $NAV_DEPTH++; $prefix = ""; } @@ -259,7 +267,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { // Get the title from menu $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1", - array($ACC_LVL, $type, $search), __FILE__, __LINE__); + array($ACC_LVL, $type, $search), __FILE__, __LINE__); // Menu found? if (SQL_NUMROWS($result) == 1) { @@ -270,24 +278,22 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { if ($return) { // Return title return $ret; - } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) { + } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && (getConfig('youre_here') == "Y")) || ((IS_ADMIN()) && ($modCheck == "admin"))) { // Output HTML code - $OUT = $prefix."".$ret."\n"; + $OUT = $prefix."".$ret."\n"; // Can we close the you-are-here navigation? //* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*
\n"; //* DEBUG: */ die("
".print_r($_CONFIG, true)."
"); - if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview") || (($GLOBALS['what'] == $_CONFIG['index_home']) && ($ACC_LVL == "guest"))))) { + if (($type == "what") || (($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview")))) { //* DEBUG: */ echo __LINE__."+".$type."+
\n"; - $OUT .= "

\n"; - $DEPTH="0"; - - // Handle failed logins here if not in guest - //* DEBUG: */ echo __FUNCTION__.":type={$type},action={$GLOBALS['action']},what={$GLOBALS['what']},lvl={$ACC_LVL}
\n"; - if ((($type == "what") || ($type == "action") && ((!isset($GLOBALS['what'])) || ($GLOBALS['what'] == "overview") || ($GLOBALS['what'] == $_CONFIG['index_home']))) && ($ACC_LVL != "guest") && ((GET_EXT_VERSION("sql_patches") >= "0.4.7") || (GET_EXT_VERSION("admins") >= "0.7.0"))) { - // Handle failture - $OUT .= HANDLE_LOGIN_FAILTURES($ACC_LVL); - } // END - if + // Add closing div and br-tag + $OUT .= "
\n"; + $NAV_DEPTH = "0"; + + // Run the filter chain + $ret = RUN_FILTER('post_youhere_line', array('access_level' => $ACC_LVL, 'type' => $type, 'content' => "")); + $OUT .= $ret['content']; } // END - if } } // END - if @@ -318,11 +324,11 @@ function ADD_MENU($MODE, $act, $wht) { // Non-admin shall not see all menus if (!IS_ADMIN()) { - $AND = "AND visible='Y' AND locked='N'"; + $AND = " AND visible='Y' AND locked='N'"; } // Load SQL data and add the menu to the output stream... - $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE (what='' OR what IS NULL) ".$AND." ORDER BY sort", + $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE (what='' OR what IS NULL)".$AND." ORDER BY sort", array($MODE), __FILE__, __LINE__); //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*
\n"; if (SQL_NUMROWS($result_main) > 0) { @@ -342,7 +348,7 @@ function ADD_MENU($MODE, $act, $wht) { // Load menu header template LOAD_TEMPLATE($MODE."_menu_title", false, $content); - $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort", + $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ".$AND." ORDER BY sort", array($MODE, $main_action), __FILE__, __LINE__); $ctl = SQL_NUMROWS($result_sub); if ($ctl > 0) { @@ -367,7 +373,7 @@ function ADD_MENU($MODE, $act, $wht) { } // Menu title - $content .= $_CONFIG['menu_blur_spacer'].$sub_title; + $content .= getConfig('menu_blur_spacer') . $sub_title; if ($test) { $content .= ""; @@ -437,16 +443,22 @@ function IS_ADMIN($admin="") //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."
"; // Search in array for entry - if ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) { + if (isset($cacheArray['admin_hash'])) { + // Use cached string + $valPass = $cacheArray['admin_hash']; + } elseif ((!empty($passCookie)) && (isset($cacheArray['admins']['password'][$admin])) && (!empty($admin))) { // Count cache hits - $_CONFIG['cache_hits']++; + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } // Login data is valid or not? $valPass = generatePassString($cacheArray['admins']['password'][$admin]); - } elseif (!empty($admin)) { + + // Cache it away + $cacheArray['admin_hash'] = $valPass; + } elseif ((!empty($admin)) && ((!EXT_IS_ACTIVE("cache"))) || (!isset($cacheArray['admins']['password'][$admin]))) { // Search for admin $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array($admin), __FILE__, __LINE__); + array($admin), __FILE__, __LINE__); // Is he admin? $passDB = ""; @@ -454,9 +466,12 @@ function IS_ADMIN($admin="") // Admin login was found so let's load password from DB list($passDB) = SQL_FETCHROW($result); + // Temporary cache it + $cacheArray['admins']['password'][$admin] = $passDB; + // Generate password hash $valPass = generatePassString($passDB); - } + } // END - if // Free memory SQL_FREERESULT($result); @@ -464,7 +479,7 @@ function IS_ADMIN($admin="") if (!empty($valPass)) { // Check if password is valid - //* DEBUG: */ echo __FUNCTION__."*".$valPass."/".$passCookie."*
\n"; + //* DEBUG: */ print __FUNCTION__."*".$valPass."/".$passCookie."*
\n"; $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache")))); } @@ -545,7 +560,7 @@ function ADD_MAX_RECEIVE_LIST($MODE, $default="", $return=false) function SEARCH_EMAIL_USERTAB($email) { $ret = false; - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE email LIKE '{PER}%s{PER}' LIMIT 1", array($email), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) $ret = true; SQL_FREERESULT($result); return $ret; @@ -571,18 +586,24 @@ function WHAT_IS_VALID($act, $wht, $type="guest") // function IS_MEMBER() { - global $status, $LAST; + global $status, $LAST, $cacheArray; if (!is_array($LAST)) $LAST = array(); $ret = false; + // is the cache entry there? + if (isset($cacheArray['is_member'])) { + // Then return it + return $cacheArray['is_member']; + } // END - if + // Fix "deleted" cookies first - FIX_DELETED_COOKIES(array('userid', 'u_hash', 'lifetime')); + FIX_DELETED_COOKIES(array('userid','u_hash','lifetime')); // Are cookies set? if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime')) && (defined('COOKIE_PATH'))) { // Cookies are set with values, but are they valid? - $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT password, status, last_module, last_online FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -605,82 +626,34 @@ function IS_MEMBER() //* DEBUG: */ echo __LINE__."!!!
"; destroy_user_session(); - // Remove array elements to prevent errors - unset($GLOBALS['userid']); + // Reset userid + $GLOBALS['userid'] = 0; } } else { // Cookie data is invalid! //* DEBUG: */ echo __LINE__."***
"; + destroy_user_session(); - // Remove array elements to prevent errors - unset($GLOBALS['userid']); + // Reset userid + $GLOBALS['userid'] = 0; } // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Cookie data is invalid! //* DEBUG: */ echo __LINE__."///
"; destroy_user_session(); - // Remove array elements to prevent errors - unset($GLOBALS['userid']); - } - return $ret; -} -// -function UPDATE_LOGIN_DATA ($UPDATE=true) { - global $LAST, $_CONFIG; - if (!is_array($LAST)) $LAST = array(); - - // Are the required cookies set? - if ((!isset($GLOBALS['userid'])) || (!isSessionVariableSet('u_hash')) || (!isSessionVariableSet('lifetime'))) { - // Nope, then return here to caller function - return false; - } else { - // Secure user ID - $GLOBALS['userid'] = bigintval(get_session('userid')); + // Reset userid + $GLOBALS['userid'] = 0; } - // Extract last online time (life) and how long is auto-login valid (time) - $newl = time() + bigintval(get_session('lifetime')); - - // Recheck if logged in - if (!IS_MEMBER()) return false; - - // Load last module and last online time - $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Load last module and online time - list($mod, $onl) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - - // Maybe first login time? - if (empty($mod)) $mod = "login"; - - if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", get_session('u_hash'), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) { - // This will be displayed on welcome page! :-) - if (empty($LAST['module'])) { - $LAST['module'] = $mod; $LAST['online'] = $onl; - } // END - if - - // "what" not set? - if (empty($GLOBALS['what'])) { - // Fix it to default - $GLOBALS['what'] = "welcome"; - if (!empty($_CONFIG['index_home'])) $GLOBALS['what'] = $_CONFIG['index_home']; - } // END - if + // Cache status + $cacheArray['is_member'] = $ret; - // Update last module / online time - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_module='%s', last_online=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1", - array($GLOBALS['what'], $GLOBALS['userid']), __FILE__, __LINE__); - } - } else { - // Destroy session, we cannot update! - destroy_user_session(); - } + // Return status + return $ret; } // function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false) @@ -737,7 +710,7 @@ function GET_MOD_DESCR($MODE, $wht, $column="what") // Fix empty "what" if (empty($wht)) { $wht = "welcome"; - if (!empty($_CONFIG['index_home'])) $wht = $_CONFIG['index_home']; + if (getConfig('index_home') != "") $wht = getConfig('index_home'); } // END - if // Default is not found @@ -763,8 +736,8 @@ function SEND_MODE_MAILS($mod, $modes) global $_CONFIG, $DATA; // Load hash - $result_main = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); + $result_main = SQL_QUERY_ESC("SELECT password FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s AND status='CONFIRMED' LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); if (SQL_NUMROWS($result_main) == 1) { // Load hash from database list($hashDB) = SQL_FETCHROW($result_main); @@ -776,8 +749,8 @@ function SEND_MODE_MAILS($mod, $modes) $hash = generatePassString($hashDB); if (($hash == get_session('u_hash')) || ($_POST['pass1'] == $_POST['pass2'])) { // Load user's data - $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND password='%s' LIMIT 1", - array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s AND password='%s' LIMIT 1", + array($GLOBALS['userid'], $hashDB), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load the data $DATA = SQL_FETCHROW($result); @@ -809,97 +782,97 @@ function SEND_MODE_MAILS($mod, $modes) break; default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode)); $content = MEMBER_UNKNOWN_MODE.": ".$mode."\n\n"; break; - } + } // END - switch } // END - if if (EXT_IS_ACTIVE("country")) { // Replace code with description $DATA[4] = COUNTRY_GENERATE_INFO($_POST['country_code']); - } + } // END - if // Load template $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']); - if ($_CONFIG['admin_notify'] == "Y") { + if (getConfig('admin_notify') == "Y") { // The admin needs to be notified about a profile change $msg_admin = "admin_mydata_notify"; - $sub_adm = ADMIN_CHANGED_DATA; + $sub_adm = ADMIN_CHANGED_DATA; } else { // No mail to admin $msg_admin = ""; - $sub_adm = ""; + $sub_adm = ""; } // Set subject lines $sub_mem = MEMBER_CHANGED_DATA; // Output success message - $content = "".MYDATA_MAIL_SENT.""; + $content = "".MYDATA_MAIL_SENT.""; break; default: - $content = "".UNKNOWN_MODULE.""; + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unsupported module %s detected.", $mod)); + $content = "".UNKNOWN_MODULE.""; break; - } + } // END - switch } else { // Could not load profile data - $content = "".MEMBER_CANNOT_LOAD_PROFILE.""; + $content = "".MEMBER_CANNOT_LOAD_PROFILE.""; } } else { // Passwords mismatch - $content = "".MEMBER_PASSWORD_ERROR.""; + $content = "".MEMBER_PASSWORD_ERROR.""; } } else { // Could not load profile - $content = "".MEMBER_CANNOT_LOAD_PROFILE.""; + $content = "".MEMBER_CANNOT_LOAD_PROFILE.""; } // Send email to user if required if ((!empty($sub_mem)) && (!empty($msg))) { // Send member mail SEND_EMAIL($DATA[7], $sub_mem, $msg); - } + } // END - if // Send only if no other error has occured if (empty($content)) { if ((!empty($sub_adm)) && (!empty($msg_admin))) { // Send admin mail SEND_ADMIN_NOTIFICATION($sub_adm, $msg_admin, $content, $GLOBALS['userid']); - } elseif ($_CONFIG['admin_notify'] == "Y") { + } elseif (getConfig('admin_notify') == "Y") { // Cannot send mails to admin! $content = CANNOT_SEND_ADMIN_MAILS; } else { // No mail to admin - $content = "".MYDATA_MAIL_SENT.""; + $content = "".MYDATA_MAIL_SENT.""; } - } + } // END - if // Load template LOAD_TEMPLATE("admin_settings_saved", false, $content); } // Update module counter -function COUNT_MODULE($mod) -{ - if ($mod != "css") - { +function COUNT_MODULE($mod) { + if ($mod != "css") { // Do count all other modules but not accesses on CSS file css.php! $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET clicks=clicks+1 WHERE module='%s' LIMIT 1", - array($mod), __FILE__, __LINE__); - } + array($mod), __FILE__, __LINE__); + } // END - if } // Get action value from mode (admin/guest/member) and what-value function GET_ACTION ($MODE, &$wht) { global $ret, $_CONFIG; - // DEPRECATED: Init status + // @DEPRECATED Init status $ret = ""; //* DEBUG: */ echo __LINE__."=".$MODE."/".$wht."/".$GLOBALS['action']."=
"; if ((empty($wht)) && ($MODE != "admin")) { $wht = "welcome"; - if (!empty($_CONFIG['index_home'])) $wht = $_CONFIG['index_home']; + if (getConfig('index_home') != "") $wht = getConfig('index_home'); } // END - if if ($MODE == "admin") { @@ -914,48 +887,46 @@ function GET_ACTION ($MODE, &$wht) } elseif (!empty($GLOBALS['action'])) { // Get it directly from URL return $GLOBALS['action']; - } else { - // Everything else will be touched after checking the module has a menu assigned } - //* DEBUG: */ echo __LINE__."*".$ret."*
\n"; + //* DEBUG: */ echo __FUNCTION__."(".__LINE__."): ret=".$ret."
\n"; - if (MODULE_HAS_MENU($MODE)) - { + if (MODULE_HAS_MENU($MODE)) { // Rewriting modules to menu - switch ($MODE) - { + switch ($MODE) { case "index": $MODE = "guest"; break; case "login": $MODE = "member"; break; - break; - } + } // END - switch // Guest and member menu is "main" as the default if (empty($ret)) $ret = "main"; // Load from database $result = SQL_QUERY_ESC("SELECT action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='%s' LIMIT 1", - array($MODE, $wht), __FILE__, __LINE__); + array($MODE, $wht), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load action value and pray that this one is the right you want... ;-) list($ret) = SQL_FETCHROW($result); - } + } // END - if // Free memory SQL_FREERESULT($result); - } + } // END - if // Return action value return $ret; } -// + +// Get category name back function GET_CATEGORY ($cid) { // Default is not found $ret = _CATEGORY_404; // Is the category id set? - if (!empty($cid)) { - - // Lookup the category + if ($cid == "0") { + // No category + $ret = _CATEGORY_NONE; + } elseif ($cid > 0) { + // Lookup the category in database $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1", array(bigintval($cid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -970,7 +941,8 @@ function GET_CATEGORY ($cid) { // Return result return $ret; } -// + +// Get a string of "mail title" and price back function GET_PAYMENT ($pid, $full=false) { // Default is not found $ret = _PAYMENT_404; @@ -996,7 +968,8 @@ function GET_PAYMENT ($pid, $full=false) { // Return result return $ret; } -// + +// Get (basicly) the price of given payment id function GET_PAY_POINTS($pid, $lookFor="price") { $ret = "-1"; @@ -1010,8 +983,9 @@ function GET_PAY_POINTS($pid, $lookFor="price") } return $ret; } + // Remove a receiver's ID from $ARRAY and add a link for him to confirm -function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false) +function REMOVE_RECEIVER (&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=false) { $ret = "failed"; if ($uid > 0) @@ -1030,7 +1004,7 @@ function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=fal if (SQL_NUMROWS($result) == 0) { // No, so we add one! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s', '%s', '%s')", + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_links (%s, userid, link_type) VALUES ('%s','%s','%s')", array($rowName, $stats_id, bigintval($uid), $type), __FILE__, __LINE__); $ret = "done"; } @@ -1047,116 +1021,165 @@ function REMOVE_RECEIVER(&$ARRAY, $key, $uid, $pool_id, $stats_id="", $bonus=fal // Return status for sending routine return $ret; } -// -function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false) -{ + +// Calculate sum (default) or count records of given criteria +function GET_TOTAL_DATA ($search, $tableName, $lookFor, $whereStatement="userid", $onlyRows=false, $add="") { $ret = 0; - if ($onlyRows) { + //* DEBUG: */ echo $search."/".$tableName."/".$lookFor."/".$whereStatement."/".$add."
\n"; + if (($onlyRows) || ($lookFor == "userid")) { // Count rows - $result = SQL_QUERY_ESC("SELECT COUNT(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'", - array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__); + //* DEBUG: */ echo "COUNT!
\n"; + $result = SQL_QUERY_ESC("SELECT COUNT(`%s`) FROM `"._MYSQL_PREFIX."_%s` WHERE `%s`='%s'".$add, + array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__); } else { // Add all rows - $result = SQL_QUERY_ESC("SELECT SUM(%s) FROM "._MYSQL_PREFIX."_%s WHERE %s='%s'", - array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__); + //* DEBUG: */ echo "SUM!
\n"; + $result = SQL_QUERY_ESC("SELECT SUM(`%s`) FROM `"._MYSQL_PREFIX."_%s` WHERE `%s`='%s'".$add, + array($lookFor, $tableName, $whereStatement, $search), __FILE__, __LINE__); } // Load row list($ret) = SQL_FETCHROW($result); - //* DEBUG: */ echo __LINE__."*".$DATA."/".$search."/".$tableName."/".$ret."*
\n"; + + // Free result SQL_FREERESULT($result); - if (empty($ret)) { - if (($lookFor == "counter") || ($lookFor == "id")) { - $ret = 0; - } else { - $ret = "0.00000"; - } + + // Fix empty values + if ((empty($ret)) && ($lookFor != "counter") && ($lookFor != "id") && ($lookFor != "userid")) { + // Float number + $ret = "0.00000"; + } elseif ("".$ret."" == "") { + // Fix empty result + $ret = "0"; } + + // Return value return $ret; } +// "Getter fro ref level percents +function GET_REF_LEVEL_PERCENTS ($level) { + global $cacheInstance, $_CONFIG, $cacheArray; + + // Default is zero + $per = 0; + + // Do we have cache? + if ((isset($cacheArray['ref_depths']['level'])) && (EXT_IS_ACTIVE("cache"))) { + // First look for level + $key = array_search($level, $cacheArray['ref_depths']['level']); + if ($key !== false) { + // Entry found! + $per = $cacheArray['ref_depths']['percents'][$key]; + + // Count cache hit + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } + } elseif (!EXT_IS_ACTIVE("cache")) { + // Get referal data + $result_lvl = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1", + array(bigintval($level)), __FILE__, __LINE__); + + // Entry found? + if (SQL_NUMROWS($result_lvl) == 1) { + // Get percents + list($per) = SQL_FETCHROW($result_lvl); + } // END - if + + // Free result + SQL_FREERESULT($result_lvl); + } + + // Return percent + return $per; +} /** * - * Dynamic referral system, can also send mails! + * Dynamic referal system, can also send mails! * - * uid = Referral ID wich should receive... + * subject = Subject line, write in lower-case letters and underscore is allowed + * uid = Referal ID wich should receive... * points = ... xxx points - * send_notify = shall I send the referral an email or not? - * rid = inc/modules/guest/what-confirm.php need this + * send_notify = shall I send the referal an email or not? + * rid = inc/modules/guest/what-confirm.php need this (DEPRECATED???) * locked = Shall I pay it to normal (false) or locked (true) points ammount? * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct" - * will cause no referral will get points ever!!!) + * for default value will cause no referal will get points ever!!!) */ -function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref") -{ - global $DEPTH, $_CONFIG, $DATA; +function ADD_POINTS_REFSYSTEM ($subject, $uid, $points, $send_notify=false, $rid="0", $locked=false, $add_mode="ref") { + //* DEBUG: */ print "----------------------- ".__FUNCTION__." - ENTRY ----------------------------------------------- ".__FUNCTION__." - EXIT ------------------------
\n"; } // -function UPDATE_REF_COUNTER($uid) -{ - global $REF_LVL, $cacheInstance; +function UPDATE_REF_COUNTER ($uid) { + global $cacheArray, $cacheInstance; - // Make it sure referral level zero (member him-/herself) is at least selected - if (empty($REF_LVL)) $REF_LVL = 0; + // Make it sure referal level zero (member him-/herself) is at least selected + if (empty($cacheArray['ref_level'][$uid])) $cacheArray['ref_level'][$uid] = 1; + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):uid={$uid},level={$cacheArray['ref_level'][$uid]}
\n"; // Update counter $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refsystem SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1", - array(bigintval($uid), $REF_LVL), __FILE__, __LINE__); + array(bigintval($uid), $cacheArray['ref_level'][$uid]), __FILE__, __LINE__); // When no entry was updated then we have to create it here - if (SQL_AFFECTEDROWS() == 0) - { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):updated=".SQL_AFFECTEDROWS()."
\n"; + if (SQL_AFFECTEDROWS() < 1) { // First count! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES ('%s', '%s', '1')", - array(bigintval($uid), $REF_LVL), __FILE__, __LINE__); - } + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refsystem (userid, level, counter) VALUES (%s,%s,1)", + array(bigintval($uid), $cacheArray['ref_level'][$uid]), __FILE__, __LINE__); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):uid={$uid}
\n"; + } // END - if - // Check for his referral - $result = SQL_QUERY_ESC("SELECT refid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($uid)), __FILE__, __LINE__); + // Check for his referal + $result = SQL_QUERY_ESC("SELECT refid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + array(bigintval($uid)), __FILE__, __LINE__); + + // Load refid list($ref) = SQL_FETCHROW($result); // Free memory SQL_FREERESULT($result); - - // When he has a referral... - if (($ref > 0) && ($ref != $uid)) - { - // Move to next referral level and count his counter one up! - $REF_LVL++; UPDATE_REF_COUNTER($ref); - } - elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2")) - { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):uid={$uid},ref={$ref}
\n"; + + // When he has a referal... + if (($ref > 0) && ($ref != $uid)) { + // Move to next referal level and count his counter one up! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):ref={$ref} - ADVANCE!
\n"; + $cacheArray['ref_level'][$uid]++; UPDATE_REF_COUNTER($ref); + } elseif ((($ref == $uid) || ($ref == 0)) && (GET_EXT_VERSION("cache") >= "0.1.2")) { // Remove cache here - if ($cacheInstance->cache_file("refsystem", true)) $cacheInstance->cache_destroy(); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):ref={$ref} - CACHE!
\n"; + REBUILD_CACHE("refsystem", "refsystem"); } -} -// Updates/extends the online list -function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) { - global $_CONFIG; - - // Do not update online list when extension is deactivated - if (!EXT_IS_ACTIVE("online", true)) return; - - // Empty session? - if (empty($SID)) { - // This is invalid here! - print "Invalid session. Backtrace:
";
-		debug_print_backtrace();
-		die("
"); - } // END - if - - // Initialize variables - $uid = 0; $rid = 0; $MEM = "N"; $ADMIN = "N"; - // Valid userid? - if ((!empty($GLOBALS['userid'])) && ($GLOBALS['userid'] > 0) && (IS_MEMBER())) { - // Is valid user - $uid = bigintval($GLOBALS['userid']); - $MEM = "Y"; - } // END - if - - if (IS_ADMIN()) { - // Is administrator - $ADMIN = "Y"; - } // END - if + // "Walk" back here + $cacheArray['ref_level'][$uid]--; - if (isSessionVariableSet('refid')) { - // Check cookie - if (get_session('refid') > 0) $rid = bigintval($GLOBALS['refid']); + // Handle refback here if extension is installed + if (EXT_IS_ACTIVE("refback")) { + UPDATE_REFBACK_TABLE($uid); } // END - if - - // Now search for the user - $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_online -WHERE sid='%s' LIMIT 1", - array($SID), __FILE__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result) == 1) { - // Then update it - SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_online SET -module='%s', -action='%s', -what='%s', -userid=%s, -refid=%s, -is_member='%s', -is_admin='%s', -timestamp=UNIX_TIMESTAMP() -WHERE sid='%s' LIMIT 1", - array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID), __FILE__, __LINE__ - ); - } else { - // No entry does exists so we simply add it! - SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_online (module, action, what, userid, refid, is_member, is_admin, timestamp, sid, ip) VALUES ('%s', '%s', '%s', %s, %s, '%s', '%s', UNIX_TIMESTAMP(), '%s', '%s')", - array($mod, $act, $wht, $uid, $rid, $MEM, $ADMIN, $SID, getenv('REMOTE_ADDR')), __FILE__, __LINE__ - ); - } - - // Free result - SQL_FREERESULT($result); - - // Purge old entries - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_online WHERE timestamp <= (UNIX_TIMESTAMP() - %s)", - array($_CONFIG['online_timeout']), __FILE__, __LINE__); } -// OBSULETE: Sends out mail to all administrators -function SEND_ADMIN_EMAILS($subj, $msg) { + +// OBSOLETE: Sends out mail to all administrators +function SEND_ADMIN_EMAILS ($subj, $msg) { // Load all admin email addresses $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id ASC", __FILE__, __LINE__); while (list($email) = SQL_FETCHROW($result)) { @@ -1328,15 +1299,18 @@ function SEND_ADMIN_EMAILS($subj, $msg) { // Really simple... ;-) } + // Get ID number from administrator's login name -function GET_ADMIN_ID($login) { - global $cacheArray; +function GET_ADMIN_ID ($login) { + global $cacheArray, $_CONFIG; $ret = "-1"; - if (!empty($cacheArray['admins']['aid'][$login])) { + if (isset($cacheArray['admins']['aid'][$login])) { // Check cache $ret = $cacheArray['admins']['aid'][$login]; - if (empty($ret)) $ret = "-1"; - } else { + + // Update cache hits + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", array($login), __FILE__, __LINE__); @@ -1349,58 +1323,134 @@ function GET_ADMIN_ID($login) { } return $ret; } -// + +// "Getter" for current admin id +function GET_CURRENT_ADMIN_ID () { + // Get the admin login from session + $adminLogin = get_session('admin_login'); + + // "Solve" it into an id + $adminId = GET_ADMIN_ID($adminLogin); + + // Secure and return it + return bigintval($adminId); +} + // Get password hash from administrator's login name -function GET_ADMIN_HASH($login) +function GET_ADMIN_HASH ($aid) { - global $cacheArray; + global $cacheArray, $_CONFIG; $ret = "-1"; - if (!empty($cacheArray['admins']['password'][$login])) - { + if (isset($cacheArray['admins']['password'][$aid])) { // Check cache - $ret = $cacheArray['admins']['password'][$login]; - if (empty($ret)) $ret = "-1"; - } - else - { + $ret = $cacheArray['admins']['password'][$aid]; + + // Update cache hits + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database - $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array($login), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array($aid), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { + // Fetch data list($ret) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + + // Set cache + $cacheArray['admins']['password'][$aid] = $ret; } + + // Free result + SQL_FREERESULT($result); } return $ret; } // function GET_ADMIN_LOGIN ($aid) { - global $cacheArray; + global $cacheArray, $_CONFIG; $ret = "***"; - if (!empty($cacheArray['admins']['login'])) { - // Check cache - if (!empty($cacheArray['admins']['login'][$aid])) { - $ret = $cacheArray['admins']['login'][$aid]; - } // END - if - if (empty($ret)) $ret = "***"; - } else { + if (isset($cacheArray['admins']['login'][$aid])) { + // Get cache + $ret = $cacheArray['admins']['login'][$aid]; + + // Update cache hits + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { // Load from database $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", - array(bigintval($aid)), __FILE__, __LINE__); + array(bigintval($aid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Fetch data list($ret) = SQL_FETCHROW($result); // Set cache $cacheArray['admins']['login'][$aid] = $ret; - } + } // END - if // Free memory SQL_FREERESULT($result); } return $ret; } +// Get email address of admin id +function GET_ADMIN_EMAIL ($aid) { + global $cacheArray, $_CONFIG; + + $ret = "***"; + if (isset($cacheArray['admins']['email'][$aid])) { + // Get cache + $ret = $cacheArray['admins']['email'][$aid]; + + // Update cache hits + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { + // Load from database + $result_aid = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array(bigintval($aid)), __FILE__, __LINE__); + if (SQL_NUMROWS($result_aid) == 1) { + // Get data + list($ret) = SQL_FETCHROW($result_aid); + + // Set cache + $cacheArray['admins']['email'][$aid] = $ret; + } // END - if + + // Free result + SQL_FREERESULT($result_aid); + } + + // Return email + return $ret; +} +// Get default ACL of admin id +function GET_ADMIN_DEFAULT_ACL ($aid) { + global $cacheArray, $_CONFIG; + + $ret = "***"; + if (isset($cacheArray['admins']['def_acl'][$aid])) { + // Use cache + $ret = $cacheArray['admins']['def_acl'][$aid]; + + // Update cache hits + if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + } elseif (!EXT_IS_ACTIVE("cache")) { + // Load from database + $result_aid = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array(bigintval($aid)), __FILE__, __LINE__); + if (SQL_NUMROWS($result_aid) == 1) { + // Fetch data + list($ret) = SQL_FETCHROW($result_aid); + + // Set cache + $cacheArray['admins']['def_acl'][$aid] = $ret; + } + + // Free result + SQL_FREERESULT($result_aid); + } + + // Return email + return $ret; +} // function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") { $ret = ""; @@ -1412,8 +1462,8 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") $ret .= "\n"; - } + } // END - while // Free memory SQL_FREERESULT($result); @@ -1443,11 +1493,11 @@ function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") // Return - hopefully - the requested data return $ret; } -// Aiut +// Activate exchange (DEPERECATED???) function activateExchange() { global $_CONFIG; - $result = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__); - if (SQL_NUMROWS($result) >= $_CONFIG['activate_xchange']) + $result = SQL_QUERY("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND max_mails > 0", __FILE__, __LINE__); + if (SQL_NUMROWS($result) >= getConfig('activate_xchange')) { // Free memory SQL_FREERESULT($result); @@ -1455,8 +1505,8 @@ function activateExchange() { // Activate System $SQLs = array( "UPDATE "._MYSQL_PREFIX."_mod_reg SET locked='N', hidden='N', mem_only='Y' WHERE module='order' LIMIT 1", - "UPDATE "._MYSQL_PREFIX."_member_menu SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2", - "UPDATE "._MYSQL_PREFIX."_config SET activate_xchange='0' WHERE config=0 LIMIT 1" + "UPDATE `"._MYSQL_PREFIX."_member_menu` SET visible='Y', locked='N' WHERE what='order' OR what='unconfirmed' LIMIT 2", + "UPDATE `"._MYSQL_PREFIX."_config` SET activate_xchange='0' WHERE config=0 LIMIT 1" ); // Run SQLs @@ -1473,7 +1523,7 @@ function DELETE_USER_ACCOUNT($uid, $reason) $points = 0; $result = SQL_QUERY_ESC("SELECT (SUM(p.points) - d.used_points) AS points FROM "._MYSQL_PREFIX."_user_points AS p -LEFT JOIN "._MYSQL_PREFIX."_user_data AS d +LEFT JOIN `"._MYSQL_PREFIX."_user_data` AS d ON p.userid=d.userid WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -1500,83 +1550,78 @@ WHERE p.userid=%s", array(bigintval($uid)), __FILE__, __LINE__); // Remove from rallye if found if (EXT_IS_ACTIVE("rallye")) { - $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE userid=%s", array(bigintval($uid)), __FILE__, __LINE__); } // Now a mail to the user and that's all... - $msg = LOAD_EMAIL_TEMPLATE("del-user", $reason, $uid); + $msg = LOAD_EMAIL_TEMPLATE("del-user", array('text' => $reason), $uid); SEND_EMAIL($uid, ADMIN_DEL_ACCOUNT, $msg); // Ok, delete the account! - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); } // -function META_DESCRIPTION($mod, $wht) -{ - global $_CONFIG, $DEPTH; - if (($mod != "admin") && ($mod != "login")) - { - // Exclude admin and member's area - $DESCR = MAIN_TITLE." ".trim($_CONFIG['title_middle'])." ".ADD_DESCR("guest", "what-".$wht, true); - unset($DEPTH); - OUTPUT_HTML(""); - } +function META_DESCRIPTION ($mod, $wht) { + global $_CONFIG; + + // Exclude admin and member's area + if (($mod != "admin") && ($mod != "login")) { + // Construct dynamic description + $DESCR = MAIN_TITLE." ".trim(getConfig('title_middle'))." ".ADD_DESCR("guest", "what-".$wht, true); + + // Output it directly + OUTPUT_HTML(""); + } // END - if + + // Remove depth + unset($GLOBALS['ref_level']); } // -function ADD_JACKPOT($points) -{ +function ADD_JACKPOT($points) { $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) - { + if (SQL_NUMROWS($result) == 0) { // Create line - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', '%s')", array($points), __FILE__, __LINE__); - } - else - { + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok','%s')", array($points), __FILE__, __LINE__); + } else { // Free memory SQL_FREERESULT($result); // Update points $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points+%s WHERE ok='ok' LIMIT 1", - array($points), __FILE__, __LINE__); + array($points), __FILE__, __LINE__); } } // -function SUB_JACKPOT($points) -{ +function SUB_JACKPOT($points) { // First failed $ret = "-1"; // Get current points $result = SQL_QUERY("SELECT points FROM "._MYSQL_PREFIX."_jackpot WHERE ok='ok' LIMIT 1", __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) - { + if (SQL_NUMROWS($result) == 0) { // Create line - $result = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', 0.00000)", __FILE__, __LINE__); - } - else - { - // Free memory - SQL_FREERESULT($result); - + SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_jackpot (ok, points) VALUES ('ok', 0.00000)", __FILE__, __LINE__); + } else { // Read points list($jackpot) = SQL_FETCHROW($result); - if ($jackpot >= $points) - { + if ($jackpot >= $points) { // Update points when there are enougth points in jackpot - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_jackpot SET points=points-%s WHERE ok='ok' LIMIT 1", array($points), __FILE__, __LINE__); $ret = $jackpot - $points; - } + } // END - if } + + // Free memory + SQL_FREERESULT($result); } // function IS_DEMO() { return ((EXT_IS_ACTIVE("demo")) && (get_session('admin_login') == "demo")); } // -function LOAD_CONFIG($no="0") { +function LOAD_CONFIG ($no="0") { global $cacheArray; $CFG_DUMMY = array(); @@ -1592,9 +1637,9 @@ function LOAD_CONFIG($no="0") { if ((isset($CFG_DUMMY['cache_hits'])) && (EXT_IS_ACTIVE("cache"))) { $CFG_DUMMY['cache_hits']++; } // END - if - } else { + } elseif ((!EXT_IS_ACTIVE("cache")) || (!isset($cacheArray['config'][$no]))) { // Load config from DB - $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config=%d LIMIT 1", + $result_config = SQL_QUERY_ESC("SELECT * FROM `"._MYSQL_PREFIX."_config` WHERE config=%d LIMIT 1", array(bigintval($no)), __FILE__, __LINE__); // Get config from database @@ -1611,12 +1656,12 @@ function LOAD_CONFIG($no="0") { return $CFG_DUMMY; } // Gets the matching what name from module -function GET_WHAT($MOD_CHECK) { +function GET_WHAT($modCheck) { global $_CONFIG; $wht = ""; - //* DEBUG: */ echo __LINE__."!".$MOD_CHECK."!
\n"; - switch ($MOD_CHECK) + //* DEBUG: */ echo __LINE__."!".$modCheck."!
\n"; + switch ($modCheck) { case "admin": $wht = "overview"; @@ -1625,7 +1670,7 @@ function GET_WHAT($MOD_CHECK) { case "login": case "index": $wht = "welcome"; - if (($MOD_CHECK == "index") && (!empty($_CONFIG['index_home']))) $wht = $_CONFIG['index_home']; + if (($modCheck == "index") && (getConfig('index_home') != "")) $wht = getConfig('index_home'); break; default: @@ -1636,63 +1681,35 @@ function GET_WHAT($MOD_CHECK) { // Return what value return $wht; } -// -function MODULE_HAS_MENU($mod, $forceDb = false) -{ - global $cacheArray, $_CONFIG; - - // All is false by default - $ret = false; - //* DEBUG: */ echo __FUNCTION__.":mod={$mod},cache=".GET_EXT_VERSION("cache")."
\n"; - if (GET_EXT_VERSION("cache") >= "0.1.2") { - // Cache version is okay, so let's check the cache! - if (isset($cacheArray['modules']['has_menu'][$mod])) { - // Check module cache and count hit - $ret = ($cacheArray['modules']['has_menu'][$mod] == "Y"); - $_CONFIG['cache_hits']++; - } elseif (isset($cacheArray['extensions']['ext_menu'][$mod])) { - // Check cache and count hit - $ret = ($cacheArray['extensions']['ext_menu'][$mod] == "Y"); - $_CONFIG['cache_hits']++; - } - } elseif ((GET_EXT_VERSION("sql_patches") >= "0.3.6") && ((!EXT_IS_ACTIVE("cache")) || ($forceDb === true))) { - // Check database for entry - $result = SQL_QUERY_ESC("SELECT has_menu FROM "._MYSQL_PREFIX."_mod_reg WHERE module='%s' LIMIT 1", - array($mod), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - list($has_menu) = SQL_FETCHROW($result); - - // Fake cache... ;-) - $cacheArray['extensions']['ext_menu'][$mod] = $has_menu; - // Does it have a menu? - $ret = ($has_menu == "Y"); - } // END - if - - // Free memory - SQL_FREERESULT($result); - } elseif (GET_EXT_VERSION("sql_patches") == "") { - // No sql_patches installed, so maybe in admin area? - $ret = ((IS_ADMIN()) && ($mod == "admin")); // Then there is a menu! - } - - // Return status - return $ret; -} // Subtract points from database and mediadata cache -function SUB_POINTS ($uid, $points) { +function SUB_POINTS ($subject, $uid, $points) { // Add points to used points - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points`=`used_points`+%s WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `used_points`=`used_points`+%s WHERE userid=%s LIMIT 1", array($points, bigintval($uid)), __FILE__, __LINE__); + // Insert booking record + if (EXT_IS_ACTIVE("booking")) { + // Add record + ADD_BOOKING_RECORD($subject, $uid, $points, "sub"); + } // END - if + // Update mediadata as well if (GET_EXT_VERSION("mediadata") >= "0.0.4") { // Update database MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points); } // END - if } + // Update config entries function UPDATE_CONFIG ($entries, $values, $updateMode="") { + global $CSS; + + // Do not update config in CSS mode + if (($CSS == "1") || ($CSS == -1)) { + return; + } // END - if + // Do we have multiple entries? if (is_array($entries)) { // Walk through all @@ -1707,6 +1724,9 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") { if (($values[$idx] + 0) === $values[$idx]) { // Number detected $all .= sprintf("%s=%s,", $entry, (float)$values[$idx]); + } elseif ($values[$idx] == "UNIX_TIMESTAMP()") { + // Function UNIX_TIMESTAMP() detected + $all .= sprintf("%s=%s,", $entry, $values[$idx]); } else { // String detected $all .= sprintf("%s='%s',", $entry, SQL_ESCAPE($values[$idx])); @@ -1718,73 +1738,393 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") { $entries = substr($all, 0, -1); } elseif (!empty($updateMode)) { // Update mode set - $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$value); + $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$values); } else { // Regular entry to update $entries .= sprintf("='%s'", SQL_ESCAPE($values)); } // Run database update - //DEBUG_LOG(__FUNCTION__.":entries={$entries}"); - SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET ".$entries." WHERE config=0 LIMIT 1", __FILE__, __LINE__); + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "entries={$entries}"); + SQL_QUERY("UPDATE `"._MYSQL_PREFIX."_config` SET ".$entries." WHERE config=0 LIMIT 1", __FILE__, __LINE__); // Get affected rows $affectedRows = SQL_AFFECTEDROWS(); - //* DEBUG: */ echo __FUNCTION__.":entries={$entries},affectedRows={$affectedRows}
\n"; + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):entries={$entries},affectedRows={$affectedRows}
\n"; // Rebuild cache REBUILD_CACHE("config", "config"); } -// Creates a new task for updated extension -function CREATE_EXTENSION_UPDATE_TASK ($admin_id, $subject, $notes) { - // Check if task is not there - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE subject='%s' LIMIT 1", - array($subject), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) { - // Task not created so it's a brand-new extension which we need to register and create a task for! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, userid, status, task_type, subject, text, task_created) VALUES ('%s', '0', 'NEW', 'EXTENSION_UPDATE', '%s', '%s', UNIX_TIMESTAMP())", - array($admin_id, $subject, $notes), __FILE__, __LINE__); + +// Prepares an SQL statement part for HTML mail and/or holiday depency +function PREPARE_SQL_HTML_HOLIDAY ($mode) { + // Exclude no users by default + $MORE = ""; + + // HTML mail? + if ($mode == "html") $MORE = " AND html='Y'"; + if (GET_EXT_VERSION("holiday") >= "0.1.3") { + // Add something for the holiday extension + $MORE .= " AND holiday_active='N'"; } // END - if - // Free memory - SQL_FREERESULT($result); + // Return result + return $MORE; } -// Creates a new task for newly installed extension -function CREATE_NEW_EXTENSION_TASK ($admin_id, $subject, $ext) { - // Not installed and do we have created a task for the admin? - $result = SQL_QUERY_ESC("SELECT `id` FROM `"._MYSQL_PREFIX."_task_system` WHERE `subject` LIKE '%s%%' LIMIT 1", - array($subject), __FILE__, __LINE__); - if ((SQL_NUMROWS($result) == 0) && (GET_EXT_VERSION($ext) == "")) { - // Template file - $tpl = sprintf("%stemplates/%s/html/ext/ext_%s.tpl", - PATH, - GET_LANGUAGE(), - $ext - ); - // Load text for task - if (FILE_READABLE($tpl)) { - // Load extension's own text template (HTML!) - $msg = LOAD_TEMPLATE("ext_".$ext, true); - } else { - // Load default message - $msg = LOAD_EMAIL_TEMPLATE("admin_new_ext","", 0); +// "Getter" for total available receivers +function GET_TOTAL_RECEIVERS ($mode="normal") { + // Query database + $result_all = SQL_QUERY("SELECT userid +FROM "._MYSQL_PREFIX."_user_data +WHERE status='CONFIRMED' AND receive_mails > 0".PREPARE_SQL_HTML_HOLIDAY($mode), + __FILE__, __LINE__); + + // Get num rows + $numRows = SQL_NUMROWS($result_all); + + // Free result + SQL_FREERESULT($result_all); + + // Return value + return $numRows; +} + +// Returns HTML code with an "\n"; + } + } else { + // No cateogries are defined yet + $OUT = "\n"; + } + + // Return HTML code + return $OUT; +} + +// Add bonus mail to queue +function ADD_BONUS_MAIL_TO_QUEUE ($subject, $text, $receiverList, $points, $seconds, $url, $cat, $mode="normal", $receiver=0) { + // Is admin or bonus extension there? + if (!IS_ADMIN()) { + // Abort here + return false; + } elseif (!EXT_IS_ACTIVE("bonus")) { + // Abort here + return false; + } + + // Calculcate target sent + $target = SELECTION_COUNT(explode(";", $receiverList)); + + // Receiver is zero? + if ($receiver == 0) { + // Then auto-fix it + $receiver = $target; } // END - if - // Free memory + // HTML extension active? + if (EXT_IS_ACTIVE("html")) { + // No HTML by default + $HTML = "N"; + + // HTML mode? + if ($mode == "html") $HTML = "Y"; + + // Add HTML mail + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus +(subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent, html_msg) +VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s')", + array( + $subject, + $text, + $receiverList, + $points, + $seconds, + $url, + $cat, + $target, + bigintval($receiver), + $HTML +), __FILE__, __LINE__); + } else { + // Add regular mail + $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus +(subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent) +VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')", + array( + $subject, + $text, + $receiverList, + $points, + $seconds, + $url, + $cat, + $target, + bigintval($receiver), +), __FILE__, __LINE__); + } +} + +// Generate a receiver list for given category and maximum receivers +function GENERATE_RECEIVER_LIST ($cat, $receiver, $mode="") { + global $_CONFIG; + + // Init variables + $CAT_TABS = "%s"; + $CAT_WHERE = ""; + $receiverList = ""; + + // Secure data + $cat = bigintval($cat); + $receiver = bigintval($receiver); + + // Is the receiver zero and mode set? + if (($receiver == 0) && (!empty($mode))) { + // Auto-fix receiver maximum + $receiver = GET_TOTAL_RECEIVERS($mode); + } // END - if + + // Category given? + if ($cat > 0) { + // Select category + $CAT_TABS = "LEFT JOIN "._MYSQL_PREFIX."_user_cats AS c ON d.userid=c.userid"; + $CAT_WHERE = " AND c.cat_id=%s"; + } // END - if + + // Exclude users in holiday? + if (GET_EXT_VERSION("holiday") >= "0.1.3") { + // Add something for the holiday extension + $CAT_WHERE .= " AND d.holiday_active='N'"; + } // END - if + + if ((EXT_IS_ACTIVE("html_mail")) && ($mode == "html")) { + // Only include HTML receivers + $result = SQL_QUERY_ESC("SELECT d.userid FROM `"._MYSQL_PREFIX."_user_data` AS d ".$CAT_TABS." WHERE d.status='CONFIRMED' AND d.html='Y'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s", + array($cat, getConfig('order_select'), getConfig('order_mode'), $receiver), __FILE__, __LINE__); + } else { + // Include all + $result = SQL_QUERY_ESC("SELECT d.userid FROM `"._MYSQL_PREFIX."_user_data` AS d ".$CAT_TABS." WHERE d.status='CONFIRMED'".$CAT_WHERE." ORDER BY d.%s %s LIMIT %s", + array($cat, getConfig('order_select'), getConfig('order_mode'), $receiver), __FILE__, __LINE__); + } + + // Entries found? + if ((SQL_NUMROWS($result) >= $receiver) && ($receiver > 0)) { + // Load all entries + while (list($REC) = SQL_FETCHROW($result)) { + // Add receiver when not empty + if (!empty($REC)) $receiverList .= $REC.";"; + } // END - while + + // Free memory + SQL_FREERESULT($result); + + // Remove trailing semicolon + $receiverList = substr($receiverList, 0, -1); + } // END - if + + // Return list + return $receiverList; +} + +// Get timestamp for given stats type and data +function USER_STATS_GET_TIMESTAMP ($type, $data, $uid = 0) { + // Default timestamp is zero + $stamp = 0; + + // User id set? + if ((isset($GLOBALS['userid'])) && ($uid == 0)) { + $uid = $GLOBALS['userid']; + } // END - if + + // Is the extension installed and updated? + if ((!EXT_IS_ACTIVE("sql_patches")) || (EXT_VERSION_IS_OLDER("sql_patches", "0.5.6"))) { + // Return zero here + return $stamp; + } // END - if + + // Try to find the entry + $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`inserted`) AS `stamp` +FROM "._MYSQL_PREFIX."_user_stats_data +WHERE userid=%s AND stats_type='%s' AND stats_data='%s' +LIMIT 1", + array(bigintval($uid), $type, $data), __FILE__, __LINE__); + + // Is the entry there? + if (SQL_NUMROWS($result) == 1) { + // Get this stamp + list($stamp) = SQL_FETCHROW($result); + } // END - if + + // Free result SQL_FREERESULT($result); + + // Return stamp + return $stamp; } -// +// Inserts user stats +function USER_STATS_INSERT_RECORD ($uid, $type, $data) { + // Is the extension installed and updated? + if ((!EXT_IS_ACTIVE("sql_patches")) || (EXT_VERSION_IS_OLDER("sql_patches", "0.5.6"))) { + // Return zero here + return false; + } // END - if + + // Does it exist? + if ((!USER_STATS_GET_TIMESTAMP($type, $data, $uid)) && (!is_array($data))) { + // Then insert it! + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_stats_data (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')", + array(bigintval($uid), $type, $data), __FILE__, __LINE__); + } elseif (is_array($data)) { + // Invalid data! + DEBUG_LOG(__FUNCTION__, __LINE__, " uid={$uid},type={$type},data={".gettype($data).": Invalid statistics data type!"); + } +} + +// "Getter" for array for user refs and points in given level +function GET_USER_REF_POINTS ($uid, $level) { + global $_CONFIG; + + //* DEBUG: */ print "----------------------- ".__FUNCTION__." - ENTRY ----------------------------------------------- ".__FUNCTION__." - EXIT ------------------------
\n"; + return $refs; +} + +// Recuced the amount of received emails for the receipients for given email +function REDUCT_RECIPIENT_RECEIVED_MAILS ($column, $id, $count) { + // Search for mail in database + $result = SQL_QUERY_ESC("SELECT `userid` FROM `"._MYSQL_PREFIX."_user_links` WHERE `%s`=%s ORDER BY `userid` ASC LIMIT %s", + array($column, bigintval($id), $count), __FILE__, __LINE__); + + // Are there entries? + if (SQL_NUMROWS($result) > 0) { + // Now load all userids for one big query! + $UIDs = array(); + while (list($uid) = SQL_FETCHROW($result)) { + $UIDs[$uid] = $uid; + } // END - while + + // Now update all user accounts + SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `emails_received`=`emails_received`-1 WHERE `userid` IN (%s) LIMIT %s", + array(implode(",", $UIDs), count($UIDs)), __FILE__, __LINE__); + } // END - if + + // Free result + SQL_FREERESULT($result); +} + +// [EOF] ?>