X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=e691d6cf7cc8a5ea6e4fe1da19b04f9cdf7a4d65;hp=47366597c9ddf5569228a3f84ed4a31892459efe;hb=41d7cc2d4ab3b725d1cd2cbe022dd49fbfc0065a;hpb=7c183881355ea6e8dcc4324e1b081a4f75da77cb
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 47366597c9..e691d6cf7c 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -1,7 +1,7 @@
{--YOU_ARE_HERE--} Home";
} else {
if ($return === false) $GLOBALS['nav_depth']++;
@@ -386,7 +373,7 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
//* DEBUG: */ print(__LINE__.'+'.$type."+
");
// Add closing div and br-tag
$OUT .= "
\n";
- $GLOBALS['nav_depth'] = 0;
+ $GLOBALS['nav_depth'] = '0';
// Run the filter chain
$ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => ""));
@@ -411,7 +398,7 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
// Adds a menu (mode = guest/member/admin/sponsor) to output
function addMenu ($mode, $action, $what) {
// Init some variables
- $main_cnt = 0;
+ $main_cnt = '0';
$AND = '';
// is the menu action valid?
@@ -451,7 +438,7 @@ function addMenu ($mode, $action, $what) {
// Do we have some entries?
if ($totalWhats > 0) {
// Init counter
- $cnt = 0;
+ $cnt = '0';
// Load all sub menus
while ($content2 = SQL_FETCHARRAY($result_sub)) {
@@ -580,54 +567,47 @@ function isMember () {
if (isset($GLOBALS['is_member'])) {
// Then return it
return $GLOBALS['is_member'];
- } // END - if
+ } elseif (getMemberId() == '0') {
+ // No member
+ return false;
+ } else {
+ // Transfer userid=>current
+ setCurrentUserid(getMemberId());
+ }
- // Init global 'status'
- $GLOBALS['status'] = false;
+ // Init global user data array
+ initUserData();
// Fix "deleted" cookies first
fixDeletedCookies(array('userid', 'u_hash'));
// Are cookies set?
- if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) {
+ if ((isMemberIdSet()) && (isSessionVariableSet('u_hash'))) {
// Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT `password`, `status`, `last_module`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array(getUserId()), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load data from cookies
- list($password, $GLOBALS['status'], $mod, $onl) = SQL_FETCHROW($result);
-
+ if (fetchUserData(getMemberId()) === true) {
// Validate password by created the difference of it and the secret key
- $valPass = generatePassString($password);
+ $valPass = generatePassString(getUserData('password'));
// Transfer last module and online time
- if ((!empty($mod)) && (empty($GLOBALS['last_online']['module']))) {
- // @TODO Try to rewrite this to one or more functions
- $GLOBALS['last_online']['module'] = $mod;
- $GLOBALS['last_online']['online'] = $onl;
- } // END - if
+ $GLOBALS['last_online']['module'] = getUserData('last_module');
+ $GLOBALS['last_online']['online'] = getUserData('last_online');
// So did we now have valid data and an unlocked user?
- if (($GLOBALS['status'] == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
+ if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
// Account is confirmed and all cookie data is valid so he is definely logged in! :-)
$ret = true;
} else {
// Maybe got locked etc.
- //* DEBUG: */ print(__LINE__."!!!
");
- destroyUserSession();
+ logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status'));
+ destroyMemberSession();
}
} else {
// Cookie data is invalid!
- //* DEBUG: */ print(__LINE__."***
");
- destroyUserSession();
+ destroyMemberSession();
}
-
- // Free memory
- SQL_FREERESULT($result);
} else {
// Cookie data is invalid!
- //* DEBUG: */ print(__LINE__."///
");
- destroyUserSession();
+ destroyMemberSession();
}
// Cache status
@@ -637,6 +617,84 @@ function isMember () {
return $ret;
}
+// Fetch user data for given user id
+function fetchUserData ($userid, $column='userid') {
+ // If we should look for userid secure&set it here
+ if (substr($column, -2, 2) == 'id') {
+ // Secure userid
+ $userid = bigintval($userid);
+
+ // Set it here
+ setCurrentUserId($userid);
+
+ // Don't look for invalid userids...
+ if ($userid < 1) {
+ // Invalid, so abort here
+ debug_report_bug('User id ' . $userid . ' is invalid.');
+ } elseif (isUserDataValid()) {
+ // Use cache, so it is fine
+ return true;
+ }
+ } elseif (isUserDataValid()) {
+ // Use cache, so it is fine
+ return true;
+ }
+
+
+ // By default none was found
+ $found = false;
+
+ // Query for the user
+ $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1",
+ array($column, $userid), __FUNCTION__, __LINE__);
+
+ // Do we have a record?
+ if (SQL_NUMROWS($result) == 1) {
+ // Load data from cookies
+ $data = SQL_FETCHARRAY($result);
+
+ // Set the userid for later use
+ setCurrentUserId($data['userid']);
+ $GLOBALS['user_data'][getCurrentUserId()] = $data;
+
+ // Rewrite 'last_failure' if found
+ if (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure'])) {
+ // Backup the raw one and zero it
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] = $GLOBALS['user_data'][getCurrentUserId()]['last_failure'];
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = '0';
+
+ // Is it not zero?
+ if ($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] != '0000-00-00 00:00:00') {
+ // Seperate data/time
+ $array = explode(' ', $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw']);
+
+ // Seperate data and time again
+ $array['date'] = explode('-', $array[0]);
+ $array['time'] = explode(':', $array[1]);
+
+ // Now pass it to mktime()
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = mktime(
+ $array['time'][0],
+ $array['time'][1],
+ $array['time'][2],
+ $array['date'][1],
+ $array['date'][2],
+ $array['date'][0]
+ );
+ } // END - if
+ } // END - if
+
+ // Found, but valid?
+ $found = isUserDataValid();
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Return result
+ return $found;
+}
+
// This patched function will reduce many SELECT queries for the specified or current admin login
function isAdmin ($admin = '') {
// Init variables
@@ -651,49 +709,55 @@ function isAdmin ($admin = '') {
} // END - if
//* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'
');
- // Search in array for entry
- if (isset($GLOBALS['admin_hash'])) {
- // Use cached string
- $valPass = $GLOBALS['admin_hash'];
- } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
- // Login data is valid or not?
- $valPass = generatePassString(getAdminHash($admin));
+ // Do we have cache?
+ if (!isset($GLOBALS['is_admin'][$admin])) {
+ // Init it with failed
+ $GLOBALS['is_admin'][$admin] = false;
+
+ // Search in array for entry
+ if (isset($GLOBALS['admin_hash'])) {
+ // Use cached string
+ $valPass = $GLOBALS['admin_hash'];
+ } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+ // Login data is valid or not?
+ $valPass = generatePassString(getAdminHash($admin));
+
+ // Cache it away
+ $GLOBALS['admin_hash'] = $valPass;
+
+ // Count cache hits
+ incrementStatsEntry('cache_hits');
+ } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
+ // Search for admin
+ $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
+ array($admin), __FUNCTION__, __LINE__);
- // Cache it away
- $GLOBALS['admin_hash'] = $valPass;
+ // Is he admin?
+ $passDB = '';
+ if (SQL_NUMROWS($result) == 1) {
+ // Admin login was found so let's load password from DB
+ list($passDB) = SQL_FETCHROW($result);
- // Count cache hits
- incrementStatsEntry('cache_hits');
- } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
- // Search for admin
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($admin), __FUNCTION__, __LINE__);
+ // Temporary cache it
+ setAdminHash($admin, $passDB);
- // Is he admin?
- $passDB = '';
- if (SQL_NUMROWS($result) == 1) {
- // Admin login was found so let's load password from DB
- list($passDB) = SQL_FETCHROW($result);
+ // Generate password hash
+ $valPass = generatePassString($passDB);
+ } // END - if
- // Temporary cache it
- setAdminHash($admin, $passDB);
+ // Free memory
+ SQL_FREERESULT($result);
+ }
- // Generate password hash
- $valPass = generatePassString($passDB);
+ if (!empty($valPass)) {
+ // Check if password is valid
+ //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
');
+ $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
-
- // Free memory
- SQL_FREERESULT($result);
- }
-
- if (!empty($valPass)) {
- // Check if password is valid
- //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
');
- $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
// Return result of comparision
- return $ret;
+ return $GLOBALS['is_admin'][$admin];
}
// Generates a list of "max receiveable emails per day"
@@ -800,6 +864,8 @@ function isMenuActionValid ($mode, $action, $what, $updateEntry=false) {
// Run SQL command
$result = SQL_QUERY($sql, __FUNCTION__, __LINE__);
+
+ // Should we look for affected rows (only update) or found rows?
if ($updateEntry === true) {
// Check updated/affected rows
$ret = (SQL_AFFECTEDROWS() == 1);
@@ -818,134 +884,26 @@ function isMenuActionValid ($mode, $action, $what, $updateEntry=false) {
return $ret;
}
-//
-function sendModeMails ($mod, $modes) {
- // Load hash
- $result_main = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1",
- array(getUserId()), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result_main) == 1) {
- // Load hash from database
- list($hashDB) = SQL_FETCHROW($result_main);
-
- // Extract salt from cookie
- $salt = substr(getSession('u_hash'), 0, -40);
-
- // Now let's compare passwords
- $hash = generatePassString($hashDB);
- if (($hash == getSession('u_hash')) || (postRequestElement('pass1') == postRequestElement('pass2'))) {
- // Load user's data 0 1 2 3 4 5 6 7
- $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND password='%s' LIMIT 1",
- array(getUserId(), $hashDB), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load the data
- $content = SQL_FETCHARRAY($result, 0, false);
-
- // Free result
- SQL_FREERESULT($result);
-
- // Translate gender
- $content['gender'] = translateGender($content['gender']);
-
- // Clear/init the content variable
- $content['info'] = '';
-
- switch ($mod) {
- case 'mydata':
- foreach ($modes as $mode) {
- switch ($mode) {
- case 'normal': break; // Do not add any special lines
- case 'email': // Email was changed!
- $content['message'] = getMessage('MEMBER_CHANGED_EMAIL').": ".postRequestElement('old_email')."\n";
- break;
-
- case 'pass': // Password was changed
- $content['message'] = getMessage('MEMBER_CHANGED_PASS')."\n";
- break;
-
- default:
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode));
- $content['message'] = getMessage('MEMBER_UNKNOWN_MODE').": ".$mode."\n\n";
- break;
- } // END - switch
- } // END - if
-
- if (isExtensionActive('country')) {
- // Replace code with description
- $content['country'] = generateCountryInfo(postRequestElement('country_code'));
- } // END - if
-
- // Merge content with data from POST
- $content = merge_array($content, postRequestArray());
-
- // Load template
- $message = loadEmailTemplate('member_mydata_notify', $content, getUserId());
-
- if (getConfig('admin_notify') == 'Y') {
- // The admin needs to be notified about a profile change
- $message_admin = 'admin_mydata_notify';
- $sub_adm = getMessage('ADMIN_CHANGED_DATA');
- } else {
- // No mail to admin
- $message_admin = '';
- $sub_adm = '';
- }
-
- // Set subject lines
- $sub_mem = getMessage('MEMBER_CHANGED_DATA');
-
- // Output success message
- $content = "{--MYDATA_MAIL_SENT--}";
- break;
-
- default: // Unsupported module!
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unsupported module %s detected.", $mod));
- $content = "{--UNKNOWN_MODULE--}";
- break;
- } // END - switch
- } else {
- // Could not load profile data
- $content = "{--MEMBER_CANNOT_LOAD_PROFILE--}";
- }
- } else {
- // Passwords mismatch
- $content = "{--MEMBER_PASSWORD_ERROR--}";
- }
- } else {
- // Could not load profile
- $content = "{--MEMBER_CANNOT_LOAD_PROFILE--}";
- }
-
- // Send email to user if required
- if ((!empty($sub_mem)) && (!empty($message))) {
- // Send member mail
- sendEmail($content['email'], $sub_mem, $message);
- } // END - if
-
- // Send only if no other error has occured
- if (empty($content)) {
- if ((!empty($sub_adm)) && (!empty($message_admin))) {
- // Send admin mail
- sendAdminNotification($sub_adm, $message_admin, $content, getUserId());
- } elseif (getConfig('admin_notify') == 'Y') {
- // Cannot send mails to admin!
- $content = getMessage('CANNOT_SEND_ADMIN_MAILS');
- } else {
- // No mail to admin
- $content = "{--MYDATA_MAIL_SENT--}";
- }
- } // END - if
-
- // Load template
- loadTemplate('admin_settings_saved', false, $content);
-}
-
// Get action value from mode (admin/guest/member) and what-value
function getModeAction ($mode, $what) {
// Init status
$ret = '';
//* DEBUG: */ print(__LINE__.'='.$mode.'/'.$what.'/'.getAction()."=
");
- if ((empty($what)) && ($mode != 'admin')) {
+ if (!isExtensionInstalledAndNewer('sql_patches', '0.0.5')) {
+ // sql_patches is missing so choose depending on mode
+ if (isWhatSet()) {
+ // Use setted what
+ $what = getWhat();
+ } elseif ($mode == 'admin') {
+ // Admin area
+ $what = 'overview';
+ } else {
+ // Everywhere else
+ $what = 'welcome';
+ }
+ } elseif ((empty($what)) && ($mode != 'admin')) {
+ // Use configured 'home'
$what = getConfig('index_home');
} // END - if
@@ -985,7 +943,7 @@ function getModeAction ($mode, $what) {
// Free memory
SQL_FREERESULT($result);
- } elseif ((!isExtensionInstalled('sql_patches')) && ($mode != 'admin')) {
+ } elseif ((!isExtensionInstalled('sql_patches')) && (($mode != 'admin') && ($mode != 'unknown'))) {
// No sql_patches installed, but maybe we need to register an admin?
if (isAdminRegistered()) {
// Redirect to admin area
@@ -1003,7 +961,7 @@ function getCategory ($cid) {
$ret = getMessage('_CATEGORY_404');
// Is the category id set?
- if ($cid == 0) {
+ if ($cid == '0') {
// No category
$ret = getMessage('_CATEGORY_NONE');
} elseif ($cid > 0) {
@@ -1072,7 +1030,7 @@ function getPaymentPoints ($pid, $lookFor = 'price') {
return $ret;
}
-// Remove a receiver's ID from $receivers and add a link for him to confirm
+// Remove a receiver's id from $receivers and add a link for him to confirm
function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $bonus = false) {
// Default is not removed
$ret = 'failed';
@@ -1084,7 +1042,7 @@ function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $
// Is there already a line for this user available?
if ($stats_id > 0) {
- // Only when we got a real stats ID continue searching for the entry
+ // Only when we got a real stats id continue searching for the entry
$type = 'NORMAL'; $rowName = 'stats_id';
if ($bonus) { $type = 'BONUS'; $rowName = 'bonus_id'; }
@@ -1093,7 +1051,7 @@ function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $
array($rowName, $stats_id, bigintval($userid), $type), __FUNCTION__, __LINE__);
// Was it *not* found?
- if (SQL_NUMROWS($result) == 0) {
+ if (SQL_NUMROWS($result) == '0') {
// So we add one!
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_links` (`%s`, `userid`, `link_type`) VALUES ('%s','%s','%s')",
array($rowName, $stats_id, bigintval($userid), $type), __FUNCTION__, __LINE__);
@@ -1114,7 +1072,7 @@ function removeReceiver (&$receivers, $key, $userid, $pool_id, $stats_id = '', $
// Calculate sum (default) or count records of given criteria
function countSumTotalData ($search, $tableName, $lookFor = 'id', $whereStatement = 'userid', $countRows = false, $add = '') {
- $ret = 0;
+ $ret = '0';
//* DEBUG: */ print($search.'/'.$tableName.'/'.$lookFor.'/'.$whereStatement.'/'.$add.'
');
if ((empty($search)) && ($search != '0')) {
// Count or sum whole table?
@@ -1151,16 +1109,17 @@ function countSumTotalData ($search, $tableName, $lookFor = 'id', $whereStatemen
$ret = '0.00000';
} elseif (''.$ret.'' == '') {
// Fix empty result
- $ret = 0;
+ $ret = '0';
}
// Return value
+ //* DEBUG: */ print 'ret='.$ret.'
';
return $ret;
}
// Getter fro ref level percents
function getReferalLevelPercents ($level) {
// Default is zero
- $per = 0;
+ $per = '0';
// Do we have cache?
if ((isset($GLOBALS['cache_array']['refdepths']['level'])) && (isExtensionActive('cache'))) {
@@ -1197,7 +1156,7 @@ function getReferalLevelPercents ($level) {
* Dynamic referal system, can also send mails!
*
* subject = Subject line, write in lower-case letters and underscore is allowed
- * userid = Referal ID wich should receive...
+ * userid = Referal id wich should receive...
* points = ... xxx points
* sendNotify = shall I send the referal an email or not?
* rid = inc/modules/guest/what-confirm.php need this
@@ -1205,13 +1164,13 @@ function getReferalLevelPercents ($level) {
* add_mode = Add points only to $userid or also refs? (WARNING! Changing 'ref' to 'direct'
* for default value will cause no referal will get points ever!!!)
*/
-function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify = false, $rid = 0, $locked = false, $add_mode = 'ref') {
+function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify = false, $rid = '0', $locked = false, $add_mode = 'ref') {
//* DEBUG: */ print("----------------------- ".__FUNCTION__." - ENTRY ------------------------