X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=d56ddf7cd7d4dab2c0ca44b795f2cf40b43b2d11;hp=bd453fac30a4aa7c3b1f44fd84a53c971608df86;hb=c3f2beb3f1d47c9593d262d7f5dac47640b4aa52;hpb=f5ebd83b36f343022977241bd9b570051ece4b0f
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index bd453fac30..d56ddf7cd7 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -568,7 +568,7 @@ function isMember () {
setCurrentUserid(getMemberId());
}
- // Init global user data array
+ // Init user data array
initUserData();
// Fix "deleted" cookies first
@@ -579,7 +579,7 @@ function isMember () {
// Cookies are set with values, but are they valid?
if (fetchUserData(getMemberId()) === true) {
// Validate password by created the difference of it and the secret key
- $valPass = generatePassString(getUserData('password'));
+ $valPass = encodeHashForCookie(getUserData('password'));
// Transfer last module and online time
$GLOBALS['last_online']['module'] = getUserData('last_module');
@@ -693,42 +693,42 @@ function fetchUserData ($userid, $column = 'userid') {
}
// This patched function will reduce many SELECT queries for the specified or current admin login
-function isAdmin ($admin = '') {
+function isAdmin ($adminLogin = '') {
// Init variables
$ret = false;
$passCookie = '';
$valPass = '';
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.'
');
+ //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'
');
// If admin login is not given take current from cookies...
- if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+ if ((empty($adminLogin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
// Get admin login and password from session/cookies
- $admin = getSession('admin_login');
+ $adminLogin = getSession('admin_login');
$passCookie = getSession('admin_md5');
} // END - if
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'
');
+ //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'/'.$passCookie.'
');
// Do we have cache?
- if (!isset($GLOBALS['is_admin'][$admin])) {
+ if (!isset($GLOBALS['is_admin'][$adminLogin])) {
// Init it with failed
- $GLOBALS['is_admin'][$admin] = false;
+ $GLOBALS['is_admin'][$adminLogin] = false;
// Search in array for entry
if (isset($GLOBALS['admin_hash'])) {
// Use cached string
$valPass = $GLOBALS['admin_hash'];
- } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+ } elseif ((!empty($passCookie)) && (isAdminHashSet($adminLogin) === true) && (!empty($adminLogin))) {
// Login data is valid or not?
- $valPass = generatePassString(getAdminHash($admin));
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
// Cache it away
$GLOBALS['admin_hash'] = $valPass;
// Count cache hits
incrementStatsEntry('cache_hits');
- } elseif ((!empty($admin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($admin) === false))) {
+ } elseif ((!empty($adminLogin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminLogin) === false))) {
// Get admin hash and hash it
- $valPass = generatePassString(getAdminHash($admin));
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
// Cache it away
$GLOBALS['admin_hash'] = $valPass;
@@ -737,12 +737,12 @@ function isAdmin ($admin = '') {
if (!empty($valPass)) {
// Check if password is valid
//* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
');
- $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
+ $GLOBALS['is_admin'][$adminLogin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
} // END - if
// Return result of comparision
- return $GLOBALS['is_admin'][$admin];
+ return $GLOBALS['is_admin'][$adminLogin];
}
// Generates a list of "max receiveable emails per day"
@@ -1246,7 +1246,7 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify
// Send email
sendEmail($userid, getMessage('THANX_REFERAL_ONE_SUBJECT'), $message);
- } elseif (($sendNotify) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) {
+ } elseif (($sendNotify === true) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) {
// Prepare content
$content = array(
'text' => getMessage('REASON_DIRECT_PAYMENT'),
@@ -1341,21 +1341,21 @@ function sendAdminEmails ($subj, $message) {
}
// Get id number from administrator's login name
-function getAdminId ($login) {
+function getAdminId ($adminLogin) {
// By default no admin is found
$data['id'] = '-1';
// Check cache
- if (isset($GLOBALS['cache_array']['admin']['admin_id'][$login])) {
+ if (isset($GLOBALS['cache_array']['admin']['admin_id'][$adminLogin])) {
// Use it if found to save SQL queries
- $data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$login];
+ $data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$adminLogin];
// Update cache hits
incrementStatsEntry('cache_hits');
} elseif (!isExtensionActive('cache')) {
// Load from database
$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($login), __FUNCTION__, __LINE__);
+ array($adminLogin), __FUNCTION__, __LINE__);
// Do we have an entry?
if (SQL_NUMROWS($result) == 1) {
@@ -1382,28 +1382,34 @@ function getCurrentAdminId () {
$adminId = getAdminId($adminLogin);
// Remember in cache securely
- $GLOBALS['current_admin_id'] = bigintval($adminId);
+ setCurrentAdminId(bigintval($adminId));
} // END - if
// Return it
return $GLOBALS['current_admin_id'];
}
+// Setter for current admin id
+function setCurrentAdminId ($currentAdminId) {
+ // Set it secured
+ $GLOBALS['current_admin_id'] = bigintval($currentAdminId);
+}
+
// Get password hash from administrator's login name
-function getAdminHash ($admin) {
+function getAdminHash ($adminLogin) {
// By default an invalid hash is returned
$data['password'] = '-1';
- if (isAdminHashSet($admin)) {
+ if (isAdminHashSet($adminLogin)) {
// Check cache
- $data['password'] = $GLOBALS['cache_array']['admin']['password'][$admin];
+ $data['password'] = $GLOBALS['cache_array']['admin']['password'][$adminLogin];
// Update cache hits
incrementStatsEntry('cache_hits');
} elseif (!isExtensionActive('cache')) {
// Load from database
$result = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($admin), __FUNCTION__, __LINE__);
+ array($adminLogin), __FUNCTION__, __LINE__);
// Do we have an entry?
if (SQL_NUMROWS($result) == 1) {
@@ -1411,7 +1417,7 @@ function getAdminHash ($admin) {
$data = SQL_FETCHARRAY($result);
// Set cache
- setAdminHash($admin, $data['password']);
+ setAdminHash($adminLogin, $data['password']);
} // END - if
// Free result