X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=88c5f62138298de9fb1466e1a2ce294f7d211f23;hp=46154a41084d7508073acf6f18619de9225ccf75;hb=0a7e0faba4feaf17432cbdcaf17eb7d2f3812a1e;hpb=feebd0199748544fe8c930b70e97452001a13f76 diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 46154a4108..88c5f62138 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -32,19 +32,18 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } // -function ADD_MODULE_TITLE($mod) -{ +function ADD_MODULE_TITLE($mod) { global $cacheArray, $_CONFIG; $name = ""; $result = false; - // Load title - if (!isBooleanConstantAndTrue('mxchange_installed')) { + + // Is the script installed? + if (isBooleanConstantAndTrue('mxchange_installed')) { if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module'])) && (isset($cacheArray['modules']['module'][$mod]))) { // Load from cache $name = $cacheArray['modules']['title'][$mod]; @@ -73,6 +72,7 @@ function ADD_MODULE_TITLE($mod) } return $name; } + // Check validity of a given module name (no file extension) function CHECK_MODULE($mod) { // We need them now here... @@ -101,7 +101,7 @@ function CHECK_MODULE($mod) { if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (!isBooleanConstantAndTrue('admin_registered'))) return "done"; // Check if cache is latest version - $locked = 'Y'; $hidden = 'N'; $admin = 'N'; $mem = 'N'; $found = false; + $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false; if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module']))) { // Is the module cached? if (isset($cacheArray['modules']['locked'][$mod_chk])) { @@ -132,16 +132,16 @@ function CHECK_MODULE($mod) { // Check returned values against current access permissions // // Admin access ----- Guest access ----- --- Guest or member? --- - if ((IS_ADMIN()) || (($locked == 'N') && ($admin == 'N') && (($mem == 'N') || (IS_LOGGED_IN())))) { + if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN())))) { // If you are admin you are welcome for everything! $ret = "done"; - } elseif ($locked == 'Y') { + } elseif ($locked == "Y") { // Module is locked $ret = "locked"; - } elseif (($mem == 'Y') && (!IS_LOGGED_IN())) { + } elseif (($mem == "Y") && (!IS_LOGGED_IN())) { // You have to login first! $ret = "mem_only"; - } elseif (($admin == 'Y') && (!IS_ADMIN())) { + } elseif (($admin == "Y") && (!IS_ADMIN())) { // Only the Admin is allowed to enter this module! $ret = "admin_only"; } @@ -187,9 +187,9 @@ function CHECK_MODULE($mod) { // Return the value return $ret; } + // Add menu description pending on given file name (without path!) -function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) -{ +function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { global $DEPTH, $_CONFIG; $LINK_ADD = ""; $OUT = ""; $AND = ""; // First we have to do some analysis... @@ -209,7 +209,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) $MOD_CHECK = $GLOBALS['module']; break; } - $AND = " AND what=''"; + $AND = " AND (what='' OR what IS NULL)"; } elseif (ereg("what-", $file)) { // This is an admin what file! $type = "what"; @@ -251,25 +251,30 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) if (!$return) $DEPTH++; $prefix = ""; } + $prefix .= " -> "; + if (ereg(".php", $search)) { $search = substr($search, 0, strpos($search, ".php")); } + $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1", array($ACC_LVL, $type, $search), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { list($ret) = SQL_FETCHROW($result); SQL_FREERESULT($result); if ($return) { // Return title return $ret; - } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == 'Y')) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) { + } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) { // Output HTML code $OUT = $prefix."".$ret."\n"; //* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*
\n"; if (($type == "what") || (($type == "action") && (!isset($_GET['what'])) && ($GLOBALS['what'] != "welcome"))) { //* DEBUG: */ echo __LINE__."+".$type."+
\n"; $OUT .= "
\n"; + $DEPTH="0"; } } } @@ -286,22 +291,28 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) // function ADD_MENU($MODE, $act, $wht) { global $_CONFIG; + + // Init some variables + $main_cnt = 0; + $AND = ""; + $main_action = ""; + $sub_what = ""; + if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID; - $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = ""; - if (!IS_ADMIN()) - { + + // Non-admin shall not see all menus + if (!IS_ADMIN()) { $AND = "AND visible='Y' AND locked='N'"; } + // Load SQL data and add the menu to the output stream... - $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort", + $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE (what='' OR what IS NULL) ".$AND." ORDER BY sort", array($MODE), __FILE__, __LINE__); //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*
\n"; - if (SQL_NUMROWS($result_main) > 0) - { + if (SQL_NUMROWS($result_main) > 0) { OUTPUT_HTML(""); // There are menus available, so we simply display them... :) - while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) - { + while (list($main_title, $main_action) = SQL_FETCHROW($result_main)) { //* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*
\n"; // Load menu header template $BLOCK_MODE = false; $act = $main_action; @@ -310,11 +321,10 @@ function ADD_MENU($MODE, $act, $wht) { $result_sub = SQL_QUERY_ESC("SELECT title, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what != '' ".$AND." ORDER BY sort", array($MODE, $main_action), __FILE__, __LINE__); $ctl = SQL_NUMROWS($result_sub); - if ($ctl > 0) - { + if ($ctl > 0) { $cnt=0; - while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub)) - { + while (list($sub_title, $sub_what) = SQL_FETCHROW($result_sub)) { + // Init content $content = ""; // Full file name for checking menu @@ -333,7 +343,7 @@ function ADD_MENU($MODE, $act, $wht) { } // Menu title - $content .= $_CONFIG['middot'].$sub_title; + $content .= $_CONFIG['menu_blur_spacer'].$sub_title; if ($test) { $content .= ""; @@ -354,7 +364,7 @@ function ADD_MENU($MODE, $act, $wht) { } else { // This is a menu block... ;-) $BLOCK_MODE = true; - $INC_BLOCK = sprintf(PATH."inc/modules/%s/action-%s.php", $MODE, $main_action); + $INC_BLOCK = sprintf("%sinc/modules/%s/action-%s.php", PATH, $MODE, $main_action); if ((file_exists($INC_BLOCK)) && (is_readable($INC_BLOCK))) { // Load include file if ((!EXT_IS_ACTIVE($main_action)) || ($main_action == "online")) OUTPUT_HTML(" @@ -389,7 +399,9 @@ function IS_ADMIN($admin="") // If admin login is not given take current from cookies... if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) { - $admin = SQL_ESCAPE(get_session('admin_login')); $passCookie = get_session('admin_md5'); + // Get admin login and password from session/cookies + $admin = SQL_ESCAPE(get_session('admin_login')); + $passCookie = SQL_ESCAPE(get_session('admin_md5')); } //* DEBUG: */ echo __LINE__."ADMIN:".$admin."/".$passCookie."
"; @@ -410,6 +422,8 @@ function IS_ADMIN($admin="") if (SQL_NUMROWS($result) == 1) { // Admin login was found so let's load password from DB list($passDB) = SQL_FETCHROW($result); + + // Generate password hash $valPass = generatePassString($passDB); } @@ -419,8 +433,8 @@ function IS_ADMIN($admin="") if (!empty($valPass)) { // Check if password is valid - //* DEBUG: */ echo __LINE__."*".$valPass."/".$passCookie)."*
"; - $ret = (($valPass == $passCookie) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache")))); + //* DEBUG: */ echo __FUNCTION__."*".$valPass."/".$passCookie."*
\n"; + $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == "*FAILED*") && (!EXT_IS_ACTIVE("cache")))); } // Return result of comparision @@ -665,7 +679,7 @@ function VALIDATE_MENU_ACTION ($MODE, $act, $wht, $UPDATE=false) else { // Admin login overview - $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND what=''".$ADD." ORDER BY action DESC LIMIT 1", + $SQL = SQL_QUERY_ESC("SELECT id, what FROM "._MYSQL_PREFIX."_%s_menu WHERE action='%s' AND (what='' OR what IS NULL)".$ADD." ORDER BY action DESC LIMIT 1", array($MODE, $act), __FILE__, __LINE__, false); } @@ -769,7 +783,7 @@ function SEND_MODE_MAILS($mod, $modes) // Load template $msg = LOAD_EMAIL_TEMPLATE("member_mydata_notify", $content, $GLOBALS['userid']); - if ($_CONFIG['admin_notify'] == 'Y') { + if ($_CONFIG['admin_notify'] == "Y") { // The admin needs to be notified about a profile change $msg_admin = "admin_mydata_notify"; $sub_adm = ADMIN_CHANGED_DATA; @@ -818,7 +832,7 @@ function SEND_MODE_MAILS($mod, $modes) } else { SEND_ADMIN_EMAILS($sub_adm, LOAD_EMAIL_TEMPLATE($msg_admin, $content, $GLOBALS['userid'])); } - } elseif ($_CONFIG['admin_notify'] == 'Y') { + } elseif ($_CONFIG['admin_notify'] == "Y") { // Cannot send mails to admin! $content = CANNOT_SEND_ADMIN_MAILS; } else { @@ -1025,7 +1039,7 @@ function GET_TOTAL_DATA($search, $tableName, $lookFor, $whereStatement="userid", * uid = Referral ID wich should receive... * points = ... xxx points * send_notify = shall I send the referral an email or not? - * refid = inc/modules/guest/what-confirm.php need this + * rid = inc/modules/guest/what-confirm.php need this * locked = Shall I pay it to normal (false) or locked (true) points ammount? * add_mode = Add points only to $uid or also refs? (WARNING! Changing "ref" to "direct" * will cause no referral will get points ever!!!) @@ -1035,21 +1049,17 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock global $DEPTH, $_CONFIG, $DATA, $link; // When $uid = 0 add points to jackpot - if ($uid == "0") - { + if ($uid == "0") { // Add points to jackpot ADD_JACKPOT($points); return; } // Count up referral depth - if (empty($DEPTH)) - { + if (empty($DEPTH)) { // Initialialize referral system $DEPTH = "0"; - } - else - { + } else { // Increase referral level $DEPTH++; } @@ -1059,49 +1069,57 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock $result_user = SQL_QUERY_ESC("SELECT refid, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result_user) == 1) - { + //* DEBUG */ echo "+".SQL_NUMROWS($result_user).":".$points."+
\n"; + if (SQL_NUMROWS($result_user) == 1) { // This is the user and his ref list ($ref, $email) = SQL_FETCHROW($result_user); SQL_FREERESULT($result_user); + $result = SQL_QUERY_ESC("SELECT percents FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1", array(bigintval($DEPTH)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + //* DEBUG */ echo "DEPTH:".$DEPTH."
\n"; + if (SQL_NUMROWS($result) == 1) { list($per) = SQL_FETCHROW($result); SQL_FREERESULT($result); $P = $points * $per / 100; + //* DEBUG */ echo "ADD:".$P."
\n"; // Update points... $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=%d LIMIT 1", array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__); - if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0) - { + if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0) { // First ref in this level! :-) $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%d, %d, %s)", array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__); } // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") - { + if (GET_EXT_VERSION("mediadata") >= "0.0.4") { // Update database MEDIA_UPDATE_ENTRY(array("total_points"), "add", $P); } // Points updated, maybe I shall send him an email? - if (($send_notify) && ($ref > 0) && (!$locked)) - { + if (($send_notify) && ($ref > 0) && (!$locked)) { // 0 1 2 3 $DATA = array($per, bigintval($DEPTH), $P, bigintval($ref)); $msg = LOAD_EMAIL_TEMPLATE("confirm-referral", "", bigintval($uid)); SEND_EMAIL($email, THANX_REFERRAL_ONE, $msg); + } elseif (($send_notify) && ($ref == 0) && (!$locked) && ($add_mode == "direct") && (!defined('__POINTS_VALUE'))) { + // Direct payment shall be notified about + define('__POINTS_VALUE', $P); + + // Load message + $msg = LOAD_EMAIL_TEMPLATE("add-points", REASON_DIRECT_PAYMENT, $uid); + + // And sent it away + SEND_EMAIL($email, SUBJECT_DIRECT_PAYMENT, $msg); + if (!isset($_GET['mid'])) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED); } // Maybe there's another ref? - if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) - { + if (($ref > 0) && ($points > 0) && ($ref != $uid) && ($add_mode == "ref")) { // Then let's credit him here... ADD_POINTS_REFSYSTEM($ref, $points, $send_notify, $ref, $locked); } @@ -1155,7 +1173,7 @@ function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) if (!EXT_IS_ACTIVE("online", true)) return; // Initialize variables - $uid = "0"; $rid = "0"; $MEM = 'N'; $ADMIN = 'N'; + $uid = "0"; $rid = "0"; $MEM = "N"; $ADMIN = "N"; if (!empty($GLOBALS['userid'])) { // Update member status only when userid is valid @@ -1163,13 +1181,13 @@ function UPDATE_ONLINE_LIST($SID, $mod, $act, $wht) { // Is valid user $uid = $GLOBALS['userid']; - $MEM = 'Y'; + $MEM = "Y"; } } if (IS_ADMIN()) { // Is administrator - $ADMIN = 'Y'; + $ADMIN = "Y"; } if (isSessionVariableSet('refid')) { // Check cookie @@ -1277,23 +1295,18 @@ function GET_ADMIN_HASH($login) return $ret; } // -function GET_ADMIN_LOGIN($aid) -{ +function GET_ADMIN_LOGIN($aid) { global $cacheArray; $ret = "***"; - if (!empty($cacheArray['admins']['login']['aid'])) - { + if (!empty($cacheArray['admins']['login']['aid'])) { // Check cache if (!empty($cacheArray['admins']['login'][$aid])) $ret = $cacheArray['admins']['login'][$aid]; if (empty($ret)) $ret = "***"; - } - else - { + } else { // Load from database $result = SQL_QUERY_ESC("SELECT login FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1", array(bigintval($aid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + if (SQL_NUMROWS($result) == 1) { // Fetch data list($ret) = SQL_FETCHROW($result); } @@ -1304,25 +1317,19 @@ function GET_ADMIN_LOGIN($aid) return $ret; } // -function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") -{ +function ADD_OPTION_LINES($table, $id, $name, $default="",$special="",$where="") { $ret = ""; - if ($table == "/ARRAY/") - { + if ($table == "/ARRAY/") { // Selection from array - if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name)) - { + if (is_array($id) && is_array($name) && sizeof($id) == sizeof($name)) { // Both are arrays - foreach ($id as $idx=>$value) - { + foreach ($id as $idx=>$value) { $ret .= "\n"; } } + // Return - hopefully - the requested data return $ret; } @@ -1504,8 +1508,10 @@ function LOAD_CONFIG($no="0") $CFG_DUMMY[$key] = $value; } - // Count cache hits - $CFG_DUMMY['cache_hits']++; + // Count cache hits if exists + if ((isset($CFG_DUMMY['cache_hits'])) && (EXT_IS_ACTIVE("cache"))) { + $CFG_DUMMY['cache_hits']++; + } // END - if } else { // Load config from DB $result_config = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_config WHERE config=%d LIMIT 1", @@ -1560,13 +1566,13 @@ function MODULE_HAS_MENU($mod) if (isset($cacheArray['modules']['has_menu'][$mod])) { // Check module cache and count hit - if ($cacheArray['modules']['has_menu'][$mod] == 'Y') $ret = true; + if ($cacheArray['modules']['has_menu'][$mod] == "Y") $ret = true; $_CONFIG['cache_hits']++; } elseif (isset($cacheArray['extensions']['ext_menu'][$mod])) { // Check cache and count hit - if ($cacheArray['extensions']['ext_menu'][$mod] == 'Y') $ret = true; + if ($cacheArray['extensions']['ext_menu'][$mod] == "Y") $ret = true; $_CONFIG['cache_hits']++; } } @@ -1578,7 +1584,7 @@ function MODULE_HAS_MENU($mod) if (SQL_NUMROWS($result) == 1) { list($has_menu) = SQL_FETCHROW($result); - if ($has_menu == 'Y') $ret = true; + if ($has_menu == "Y") $ret = true; } // Free memory