X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=d56ddf7cd7d4dab2c0ca44b795f2cf40b43b2d11;hp=bd453fac30a4aa7c3b1f44fd84a53c971608df86;hb=c3f2beb3f1d47c9593d262d7f5dac47640b4aa52;hpb=f5ebd83b36f343022977241bd9b570051ece4b0f

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index bd453fac30..d56ddf7cd7 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -568,7 +568,7 @@ function isMember () {
 		setCurrentUserid(getMemberId());
 	}
 
-	// Init global user data array
+	// Init user data array
 	initUserData();
 
 	// Fix "deleted" cookies first
@@ -579,7 +579,7 @@ function isMember () {
 		// Cookies are set with values, but are they valid?
 		if (fetchUserData(getMemberId()) === true) {
 			// Validate password by created the difference of it and the secret key
-			$valPass = generatePassString(getUserData('password'));
+			$valPass = encodeHashForCookie(getUserData('password'));
 
 			// Transfer last module and online time
 			$GLOBALS['last_online']['module'] = getUserData('last_module');
@@ -693,42 +693,42 @@ function fetchUserData ($userid, $column = 'userid') {
 }
 
 // This patched function will reduce many SELECT queries for the specified or current admin login
-function isAdmin ($admin = '') {
+function isAdmin ($adminLogin = '') {
 	// Init variables
 	$ret = false;
 	$passCookie = '';
 	$valPass = '';
-	//* DEBUG: */ print(__FUNCTION__.':'.$admin.'<br />');
+	//* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'<br />');
 
 	// If admin login is not given take current from cookies...
-	if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+	if ((empty($adminLogin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
 		// Get admin login and password from session/cookies
-		$admin = getSession('admin_login');
+		$adminLogin = getSession('admin_login');
 		$passCookie = getSession('admin_md5');
 	} // END - if
-	//* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'<br />');
+	//* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'/'.$passCookie.'<br />');
 
 	// Do we have cache?
-	if (!isset($GLOBALS['is_admin'][$admin])) {
+	if (!isset($GLOBALS['is_admin'][$adminLogin])) {
 		// Init it with failed
-		$GLOBALS['is_admin'][$admin] = false;
+		$GLOBALS['is_admin'][$adminLogin] = false;
 
 		// Search in array for entry
 		if (isset($GLOBALS['admin_hash'])) {
 			// Use cached string
 			$valPass = $GLOBALS['admin_hash'];
-		} elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+		} elseif ((!empty($passCookie)) && (isAdminHashSet($adminLogin) === true) && (!empty($adminLogin))) {
 			// Login data is valid or not?
-			$valPass = generatePassString(getAdminHash($admin));
+			$valPass = encodeHashForCookie(getAdminHash($adminLogin));
 
 			// Cache it away
 			$GLOBALS['admin_hash'] = $valPass;
 
 			// Count cache hits
 			incrementStatsEntry('cache_hits');
-		} elseif ((!empty($admin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($admin) === false))) {
+		} elseif ((!empty($adminLogin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminLogin) === false))) {
 			// Get admin hash and hash it
-			$valPass = generatePassString(getAdminHash($admin));
+			$valPass = encodeHashForCookie(getAdminHash($adminLogin));
 
 			// Cache it away
 			$GLOBALS['admin_hash'] = $valPass;
@@ -737,12 +737,12 @@ function isAdmin ($admin = '') {
 		if (!empty($valPass)) {
 			// Check if password is valid
 			//* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'<br />');
-			$GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
+			$GLOBALS['is_admin'][$adminLogin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
 		} // END - if
 	} // END - if
 
 	// Return result of comparision
-	return $GLOBALS['is_admin'][$admin];
+	return $GLOBALS['is_admin'][$adminLogin];
 }
 
 // Generates a list of "max receiveable emails per day"
@@ -1246,7 +1246,7 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify
 
 				// Send email
 				sendEmail($userid, getMessage('THANX_REFERAL_ONE_SUBJECT'), $message);
-			} elseif (($sendNotify) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) {
+			} elseif (($sendNotify === true) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) {
 				// Prepare content
 				$content = array(
 					'text'   => getMessage('REASON_DIRECT_PAYMENT'),
@@ -1341,21 +1341,21 @@ function sendAdminEmails ($subj, $message) {
 }
 
 // Get id number from administrator's login name
-function getAdminId ($login) {
+function getAdminId ($adminLogin) {
 	// By default no admin is found
 	$data['id'] = '-1';
 
 	// Check cache
-	if (isset($GLOBALS['cache_array']['admin']['admin_id'][$login])) {
+	if (isset($GLOBALS['cache_array']['admin']['admin_id'][$adminLogin])) {
 		// Use it if found to save SQL queries
-		$data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$login];
+		$data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$adminLogin];
 
 		// Update cache hits
 		incrementStatsEntry('cache_hits');
 	} elseif (!isExtensionActive('cache')) {
 		// Load from database
 		$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
-			array($login), __FUNCTION__, __LINE__);
+			array($adminLogin), __FUNCTION__, __LINE__);
 
 		// Do we have an entry?
 		if (SQL_NUMROWS($result) == 1) {
@@ -1382,28 +1382,34 @@ function getCurrentAdminId () {
 		$adminId = getAdminId($adminLogin);
 
 		// Remember in cache securely
-		$GLOBALS['current_admin_id'] = bigintval($adminId);
+		setCurrentAdminId(bigintval($adminId));
 	} // END - if
 
 	// Return it
 	return $GLOBALS['current_admin_id'];
 }
 
+// Setter for current admin id
+function setCurrentAdminId ($currentAdminId) {
+	// Set it secured
+	$GLOBALS['current_admin_id'] = bigintval($currentAdminId);
+}
+
 // Get password hash from administrator's login name
-function getAdminHash ($admin) {
+function getAdminHash ($adminLogin) {
 	// By default an invalid hash is returned
 	$data['password'] = '-1';
 
-	if (isAdminHashSet($admin)) {
+	if (isAdminHashSet($adminLogin)) {
 		// Check cache
-		$data['password'] = $GLOBALS['cache_array']['admin']['password'][$admin];
+		$data['password'] = $GLOBALS['cache_array']['admin']['password'][$adminLogin];
 
 		// Update cache hits
 		incrementStatsEntry('cache_hits');
 	} elseif (!isExtensionActive('cache')) {
 		// Load from database
 		$result = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
-			array($admin), __FUNCTION__, __LINE__);
+			array($adminLogin), __FUNCTION__, __LINE__);
 
 		// Do we have an entry?
 		if (SQL_NUMROWS($result) == 1) {
@@ -1411,7 +1417,7 @@ function getAdminHash ($admin) {
 			$data = SQL_FETCHARRAY($result);
 
 			// Set cache
-			setAdminHash($admin, $data['password']);
+			setAdminHash($adminLogin, $data['password']);
 		} // END - if
 
 		// Free result