X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=e9d5c40fcdeef682d87e01f66bb7b9d2a536fb94;hp=b2083285c0abf408f78975e0a718587d06865ee3;hb=02ca1bea68f829c50935a73ecb0722ba02f20a2d;hpb=4b9887f734067dc52a1730468e25ba066036a3e1 diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index b2083285c0..e9d5c40fcd 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -6,20 +6,18 @@ * -------------------------------------------------------------------- * * File : mysql-manager.php * * -------------------------------------------------------------------- * - * Short description : All MySQL-related functions * + * Short description : All database-related functions * * -------------------------------------------------------------------- * - * Kurzbeschreibung : Alle MySQL-Relevanten Funktionen * + * Kurzbeschreibung : Alle datenbank-relevanten Funktionen * * -------------------------------------------------------------------- * * $Revision:: $ * * $Date:: $ * * $Tag:: 0.2.1-FINAL $ * * $Author:: $ * - * Needs to be in all Files and every File needs "svn propset * - * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009, 2010 by Mailer Developer Team * - * For more information visit: http://www.mxchange.org * + * Copyright (c) 2009 - 2012 by Mailer Developer Team * + * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -44,11 +42,20 @@ if (!defined('__SECURITY')) { // "Getter" for module description // @TODO Can we cache this? -function getTitleFromMenu ($mode, $what, $column = 'what', $ADD='') { +function getTitleFromMenu ($mode, $what, $column = 'what', $ADD = '') { + // Debug message + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'mode=' . $mode . ',what=' . $what . ',column=' . $column . ',add=' . $ADD); + // Fix empty 'what' if (empty($what)) { $what = getIndexHome(); - } // END - if + } elseif ((isGetRequestElementSet('action')) && ($column == 'what')) { + // Get it from action + return getTitleFromMenu($mode, getAction(), 'action', $ADD); + } elseif ($what == 'welcome') { + // Overview page + return '{--WHAT_IS_WELCOME--}'; + } // Default is not found $data['title'] = '??? (' . $what . ')'; @@ -74,8 +81,8 @@ function getTitleFromMenu ($mode, $what, $column = 'what', $ADD='') { return $data['title']; } -// Add menu description pending on given file name (without path!) -function addMenuDescription ($accessLevel, $FQFN, $return = false) { +// Add link into output stream (or return it) for 'You Are Here' navigation +function addYouAreHereLink ($accessLevel, $FQFN, $return = false) { // Use only filename of the FQFN... $file = basename($FQFN); @@ -100,18 +107,21 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false) { // This is a 'what file'! $type = 'what'; $search = substr($file, 5); - $ADD = " AND `visible`='Y' AND `locked`='N'"; // Get access level from it $modCheck = getModuleFromFileName($file, $accessLevel); // Do we have admin? Then display all - if (isAdmin()) $ADD = ''; + $ADD = " AND `visible`='Y' AND `locked`='N'"; + if (isAdmin()) { + // Display all! + $ADD = ''; + } // END - if $dummy = substr($search, 0, -4); $ADD .= sprintf(" AND `action`='%s'", getActionFromModuleWhat($accessLevel, $dummy)); - } elseif (($accessLevel == 'sponsor') || ($accessLevel == 'engine')) { - // Sponsor / engine menu + } elseif ($accessLevel == 'sponsor') { + // Sponsor menu $type = 'what'; $search = $file; $modCheck = getModule(); @@ -130,11 +140,12 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false) { $GLOBALS['nav_depth'] = '0'; // Run the pre-filter chain - $ret = runFilterChain('pre_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => '')); + $ret = runFilterChain('pre_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'search' => $search, 'prefix' => $prefix, 'link_add' => $LINK_ADD, 'content' => '', 'add' => $ADD)); // Add pre-content $prefix = $ret['content']; + // Add default content $prefix .= '
{--YOU_ARE_HERE--} Home'; } elseif ($return === false) { // Count depth @@ -149,23 +160,27 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false) { $search = substr($search, 0, -4); } // END - if + // Is ext-sql_patches installed? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isExtensionInstalledAndNewer()=' . intval(isExtensionInstalledAndNewer('sql_patches', '0.2.3')) . ',youre_here=' . getConfig('youre_here') . ',isAdmin()=' . intval(isAdmin()) . ',modCheck=' . $modCheck); if (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) { // Output HTML code $OUT = $prefix . '' . getTitleFromMenu($accessLevel, $search, $type, $ADD) . ''; // Can we close the you-are-here navigation? - //* DEBUG: */ debugOutput(__LINE__.'*'.$type.'/'.getWhat().'*'); - if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) { - //* DEBUG: */ debugOutput(__LINE__.'+'.$type.'+'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'type=' . $type . ',getWhat()=' . getWhat() . ',isWhatSet()=' . intval(isWhatSet())); + if (($type == 'what') || (($type == 'action') && (!isWhatSet()))) { + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'type=' . $type); // Add closing div and br-tag - $OUT .= '
'; $GLOBALS['nav_depth'] = '0'; // Run the post-filter chain - $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => '')); + $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'search' => $search, 'prefix' => $prefix, 'link_add' => $LINK_ADD, 'content' => $OUT, 'add' => $ADD)); - // Add additional content - $OUT .= $ret['content']; + // Get content from filter back + $OUT = $ret['content']; + + // Close div-tag, so not the filters have to do it + $OUT .= ''; } // END - if } // END - if @@ -183,7 +198,6 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false) { function addMenu ($mode, $action, $what) { // Init some variables $main_cnt = '0'; - $ADD = ''; // is the menu action valid? if (!isMenuActionValid($mode, $action, $what, true)) { @@ -191,13 +205,15 @@ function addMenu ($mode, $action, $what) { } // END - if // Non-admin shall not see all menus - if (!isAdmin()) { - $ADD = " AND `visible`='Y' AND `locked`='N'"; + $ADD = " AND `visible`='Y' AND `locked`='N'"; + if (isAdmin()) { + // Is admin, so make all visible + $ADD = ''; } // END - if // Load SQL data and add the menu to the output stream... $result_main = SQL_QUERY_ESC("SELECT - `title`, `what`, `action`, `visible`, `locked` + `title`,`what`,`action`,`visible`,`locked` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE @@ -207,12 +223,12 @@ ORDER BY `sort` ASC", array($mode), __FUNCTION__, __LINE__); - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.':'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',getWhat()=' . getWhat()); if (!SQL_HASZERONUMS($result_main)) { // There are menus available, so we simply display them... :) $GLOBALS['rows'] = ''; while ($content = SQL_FETCHARRAY($result_main)) { - //* DEBUG: */ debugOutput(__LINE__ . '/' . $main_cnt . '/' . $content['action'] . ':' . getWhat() . '*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',action=' . $content['action'] . ',getWhat()=' . getWhat()); // Disable the block-mode enableBlockMode(false); @@ -239,7 +255,7 @@ ORDER BY // Do we have some entries? if (!SQL_HASZERONUMS($result_sub)) { // Init counter - $cnt = '0'; + $count = '0'; // Load all sub menus while ($content2 = SQL_FETCHARRAY($result_sub)) { @@ -250,7 +266,7 @@ ORDER BY $OUT = ''; // Full file name for checking menu - //* DEBUG: */ debugOutput(__LINE__ . ':!!!!' . $content['sub_what'] . '!!!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sub_what=' . $content['sub_what']); $inc = sprintf("inc/modules/%s/what-%s.php", $mode, $content['sub_what']); if (isIncludeReadable($inc)) { // Mark currently selected menu - open @@ -258,11 +274,17 @@ ORDER BY $OUT = ''; } // END - if - // Navigation link - $OUT .= ''; + // Is ext-sql_patches up-to-date, and display_home_in_index is Y? + if ((getModule() == 'index') && (isExtensionInstalledAndNewer('sql_patches', '0.8.3')) && (isDisplayHomeInIndexEnabled()) && ($content['sub_what'] == getIndexHome())) { + // Use index.php as link + $OUT .= ''; + } else { + // Regular navigation link + $OUT .= ''; + } } else { - // Not found! - open - $OUT .= ''; + // Not found - open + $OUT .= ''; } // Menu title @@ -276,12 +298,12 @@ ORDER BY $OUT .= ''; } // END - if } else { - // Not found! - close - $OUT .= ''; + // Not found - close + $OUT .= ''; } // Cunt it up - $cnt++; + $count++; // Rewrite array $content = array( @@ -292,7 +314,7 @@ ORDER BY ); // Add regular menu row or bottom row? - if ($cnt < SQL_NUMROWS($result_sub)) { + if ($count < SQL_NUMROWS($result_sub)) { $GLOBALS['rows'] .= loadTemplate($mode . '_menu_row', true, $content); } else { $GLOBALS['rows'] .= loadTemplate($mode . '_menu_bottom', true, $content); @@ -307,12 +329,12 @@ ORDER BY if (isFileReadable($INC)) { // Load include file if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_begin', true, $mode); - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',action=' . $content['action'] . ',getWhat()=' . getWhat()); loadInclude($INC); - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',action=' . $content['action'] . ',getWhat()=' . getWhat()); if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_end', true, $mode); } - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',action=' . $content['action'] . ',getWhat()=' . getWhat()); } // Free result @@ -321,18 +343,18 @@ ORDER BY // Count one up $main_cnt++; - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.':'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',getWhat()=' . getWhat()); if (SQL_NUMROWS($result_main) > $main_cnt) { - // Add seperator - $GLOBALS['rows'] .= loadTemplate('menu_seperator', true, $mode); + // Add separator + $GLOBALS['rows'] .= loadTemplate('menu_separator', true, $mode); // Should we display adverts in this menu? if ((isExtensionInstalledAndNewer('menu', '0.0.1')) && (getConfig($mode . '_menu_advert_enabled') == 'Y') && ($action != 'admin')) { // Display advert template $GLOBALS['rows'] .= loadTemplate('menu_' . $mode . '_advert_' . $action, true); - // Add seperator again - $GLOBALS['rows'] .= loadTemplate('menu_seperator', true, $mode); + // Add separator again + $GLOBALS['rows'] .= loadTemplate('menu_separator', true, $mode); } // END - if } // END - if } // END - while @@ -342,8 +364,8 @@ ORDER BY // Should we display adverts in this menu? if ((isExtensionInstalledAndNewer('menu', '0.0.1')) && (getConfig($mode . '_menu_advert_enabled') == 'Y')) { - // Add seperator again - $GLOBALS['rows'] .= loadTemplate('menu_seperator', true, $mode); + // Add separator again + $GLOBALS['rows'] .= loadTemplate('menu_separator', true, $mode); // Display advert template $GLOBALS['rows'] .= loadTemplate('menu_' . $mode . '_advert_end', true); @@ -351,80 +373,77 @@ ORDER BY // Prepare data $content = array( - 'rows' => $GLOBALS['rows'], - 'mode' => $mode + 'rows' => $GLOBALS['rows'], + 'menu_mode' => $mode ); // Load main template - //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat().'*'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'main_cnt=' . $main_cnt . ',getWhat()=' . getWhat()); loadTemplate('menu_table', false, $content); } // END - if } -// Checks wether the current user is a member +// Checks whether the current user is a member function isMember () { // By default no member $ret = false; // Fix missing 'last_online' array, damn stupid code :((( // @TODO Try to rewrite this to one or more functions - if ((!isset($GLOBALS['last_online'])) || (!is_array($GLOBALS['last_online']))) $GLOBALS['last_online'] = array(); + if ((!isset($GLOBALS['last_online'])) || (!is_array($GLOBALS['last_online']))) { + $GLOBALS['last_online'] = array(); + } // END - if - // is the cache entry there? - if (isset($GLOBALS['is_member'])) { + // Is the cache entry there? + if (isset($GLOBALS[__FUNCTION__])) { // Then return it - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CACHED! (' . intval($GLOBALS['is_member']) . ')'); - return $GLOBALS['is_member']; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CACHED! (' . intval($GLOBALS[__FUNCTION__]) . ')'); + return $GLOBALS[__FUNCTION__]; } elseif ((!isSessionVariableSet('userid')) || (!isSessionVariableSet('u_hash'))) { - // No member + // Destroy any existing user session data + destroyMemberSession(); //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'No member set in cookie/session.'); + + // Abort further processing return false; - } else { - // Get it secured from session - setMemberId(getSession('userid')); - setCurrentUserId(getMemberId()); - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . getSession('userid') . ' used from cookie/session.'); } + // Get userid secured from session + setMemberId(getSession('userid')); + + // ... and set it as currently handled user id + setCurrentUserId(getMemberId()); + // Init user data array initUserData(); // Fix "deleted" cookies first fixDeletedCookies(array('userid', 'u_hash')); - // Are cookies set? - if ((isMemberIdSet()) && (isSessionVariableSet('u_hash'))) { - // Cookies are set with values, but are they valid? - if (fetchUserData(getMemberId()) === true) { - // Validate password by created the difference of it and the secret key - $valPass = encodeHashForCookie(getUserData('password')); + // Are cookies set and can the member data be loaded? + if ((isMemberIdSet()) && (isSessionVariableSet('u_hash')) && (fetchUserData(getMemberId()) === true)) { + // Validate password by created the difference of it and the secret key + $valPass = encodeHashForCookie(getUserData('password')); + // So did we now have valid data and an unlocked user? + if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { // Transfer last module and online time - $GLOBALS['last_online']['module'] = getUserData('last_module'); + $GLOBALS['last_online']['module'] = getUserData(getUserLastWhatName()); $GLOBALS['last_online']['online'] = getUserData('last_online'); - // So did we now have valid data and an unlocked user? - if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { - // Account is confirmed and all cookie data is valid so he is definely logged in! :-) - $ret = true; - } else { - // Maybe got locked etc. - //* DEBUG */ logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status') . ',' . $valPass . '(' . strlen($valPass) . ')/' . getSession('u_hash') . '(' . strlen(getSession('u_hash')) . ')/' . getUserData('password') . '(' . strlen(getUserData('password')) . ')'); - destroyMemberSession(); - } - } else { - // Cookie data is invalid! - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cookie data invalid or user not found.'); - destroyMemberSession(); - } - } else { - // Cookie data is invalid! - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cookie data not complete.'); + // Account is confirmed and all cookie data is valid so he is definely logged in! :-) + $ret = true; + } // END - if + } // END - if + + // Is $ret still false? + if ($ret === false) { + // Yes, so destroy the session destroyMemberSession(); - } + } // END - if // Cache status - $GLOBALS['is_member'] = $ret; + $GLOBALS[__FUNCTION__] = $ret; // Return status //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret=' . intval($ret)); @@ -432,38 +451,45 @@ function isMember () { } // Fetch user data for given user id -function fetchUserData ($userid, $column = 'userid') { +function fetchUserData ($value, $column = 'userid') { + // Extension ext-user must be there at any case + if (!isExtensionActive('user')) { + // Absent ext-user is really not good + return false; + } elseif (is_null($value)) { + // This shall never happen, so please report it + reportBug(__FUNCTION__, __LINE__, 'value=NULL,column=' . $column . ' - value can never be NULL'); + } + // If we should look for userid secure&set it here if (substr($column, -2, 2) == 'id') { // Secure userid - $userid = bigintval($userid); - - // Set it here - setCurrentUserId($userid); + $value = bigintval($value); // Don't look for invalid userids... - if ($userid < 1) { + if (!isValidUserId($value)) { // Invalid, so abort here - debug_report_bug(__FUNCTION__, __LINE__, 'User id ' . $userid . ' is invalid.'); + reportBug(__FUNCTION__, __LINE__, 'User id ' . $value . ' is invalid.'); } elseif (isUserDataValid()) { // Use cache, so it is fine + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'value=' . $value . ' is valid, using cache #1'); return true; } - } elseif (isUserDataValid()) { - // Use cache, so it is fine + } elseif (isUserDataValid()) { + // Using cache is fine + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'value=' . $value . ' is valid, using cache #2'); return true; } // By default none was found $found = false; - // Extra statements - $ADD = ''; - if (isExtensionInstalledAndNewer('user', '0.3.5')) $ADD = ', UNIX_TIMESTAMP(`lock_timestamp`) AS `lock_timestamp`'; + // Extra SQL statements + $ADD = runFilterChain('convert_user_data_columns', ''); // Query for the user - $result = SQL_QUERY_ESC("SELECT *".$ADD." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1", - array($column, $userid), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT *" . $ADD . " FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1", + array($column, $value), __FUNCTION__, __LINE__); // Do we have a record? if (SQL_NUMROWS($result) == 1) { @@ -472,16 +498,18 @@ function fetchUserData ($userid, $column = 'userid') { // Set the userid for later use setCurrentUserId($data['userid']); + + // And cache the data for this userid $GLOBALS['user_data'][getCurrentUserId()] = $data; - // Rewrite 'last_failure' if found - if (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure'])) { + // Rewrite 'last_failure' if found and ext-user has version >= 0.3.7 + if ((isExtensionInstalledAndNewer('user', '0.3.7')) && (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure']))) { // Backup the raw one and zero it $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] = $GLOBALS['user_data'][getCurrentUserId()]['last_failure']; - $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = '0'; + $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = NULL; // Is it not zero? - if ($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] != '0000-00-00 00:00:00') { + if (!is_null($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'])) { // Seperate data/time $array = explode(' ', $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw']); @@ -512,7 +540,12 @@ function fetchUserData ($userid, $column = 'userid') { return $found; } -// This patched function will reduce many SELECT queries for the specified or current admin login +/* + * Checks whether the current session bears a valid admin id and password hash. + * + * This patched function will reduce many SELECT queries for the current admin + * login. + */ function isAdmin () { // No admin in installation phase! if ((isInstallationPhase()) || (!isAdminRegistered())) { @@ -522,33 +555,37 @@ function isAdmin () { // Init variables $ret = false; $adminId = '0'; - $passCookie = ''; + $passwordFromCookie = ''; $valPass = ''; //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminId); // If admin login is not given take current from cookies... if ((isSessionVariableSet('admin_id')) && (isSessionVariableSet('admin_md5'))) { // Get admin login and password from session/cookies - $adminId = getSession('admin_id'); - $passCookie = getSession('admin_md5'); + $adminId = getCurrentAdminId(); + $passwordFromCookie = getAdminMd5(); } // END - if - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminId.'/'.$passCookie); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminId=' . $adminId . 'passwordFromCookie=' . $passwordFromCookie); // Abort if admin id is zero if ($adminId == '0') { + // A very noisy debug message ... + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Current adminId is zero. isSessionVariableSet(admin_id)=' . intval(isSessionVariableSet('admin_id')) . ',isSessionVariableSet(admin_md5)=' . intval(isSessionVariableSet('admin_md5'))); + + // Abort here now return false; } // END - if // Do we have cache? - if (!isset($GLOBALS['is_admin'][$adminId])) { + if (!isset($GLOBALS[__FUNCTION__][$adminId])) { // Init it with failed - $GLOBALS['is_admin'][$adminId] = false; + $GLOBALS[__FUNCTION__][$adminId] = false; // Search in array for entry if (isset($GLOBALS['admin_hash'])) { // Use cached string $valPass = $GLOBALS['admin_hash']; - } elseif ((!empty($passCookie)) && (isAdminHashSet($adminId) === true) && (!empty($adminId))) { + } elseif ((!empty($passwordFromCookie)) && (isAdminHashSet($adminId) === true) && (!empty($adminId))) { // Login data is valid or not? $valPass = encodeHashForCookie(getAdminHash($adminId)); @@ -567,13 +604,13 @@ function isAdmin () { if (!empty($valPass)) { // Check if password is valid - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie)); - $GLOBALS['is_admin'][$adminId] = (($GLOBALS['admin_hash'] == $passCookie) || ((strlen($GLOBALS['admin_hash']) == 32) && ($GLOBALS['admin_hash'] == md5($passCookie))) || (($GLOBALS['admin_hash'] == '*FAILED*') && (!isExtensionActive('cache')))); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $valPass . '==' . $passwordFromCookie . ')='.intval($valPass == $passwordFromCookie)); + $GLOBALS[__FUNCTION__][$adminId] = ($GLOBALS['admin_hash'] == $passwordFromCookie); } // END - if } // END - if // Return result of comparision - return $GLOBALS['is_admin'][$adminId]; + return $GLOBALS[__FUNCTION__][$adminId]; } // Generates a list of "max receiveable emails per day" @@ -584,13 +621,14 @@ function addMaxReceiveList ($mode, $default = '', $return = false) { switch ($mode) { case 'guest': // Guests (in the registration form) are not allowed to select 0 mails per day. - $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC', + $result = SQL_QUERY('SELECT `value`,`comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC', __FUNCTION__, __LINE__); break; + case 'admin': case 'member': // Members are allowed to set to zero mails per day (we will change this soon!) - $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC', + $result = SQL_QUERY('SELECT `value`,`comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC', __FUNCTION__, __LINE__); break; @@ -604,7 +642,11 @@ function addMaxReceiveList ($mode, $default = '', $return = false) { $OUT = ''; while ($content = SQL_FETCHARRAY($result)) { $OUT .= ' '; } // END - while } else { // No data found @@ -1461,38 +1394,13 @@ function generateOptionList ($table, $id, $name, $default = '', $special = '', $ // Return - hopefully - the requested data return $ret; } -// Activate exchange -function FILTER_ACTIVATE_EXCHANGE () { - // Is the extension 'user' there? - if ((!isExtensionActive('user')) || (getConfig('activate_xchange') == '0')) { - // Silently abort here - return false; - } // END - if - - // Check total amount of users - if (getTotalConfirmedUser() >= getConfig('activate_xchange')) { - // Activate System - setSqlsArray(array( - "UPDATE `{?_MYSQL_PREFIX?}_mod_reg` SET `locked`='N', `hidden`='N', `mem_only`='Y' WHERE `module`='order' LIMIT 1", - "UPDATE `{?_MYSQL_PREFIX?}_member_menu` SET `visible`='Y', `locked`='N' WHERE `what`='order' OR `what`='unconfirmed' LIMIT 2", - )); - - // Run SQLs - runFilterChain('run_sqls'); - - // Update configuration - updateConfiguration('activate_xchange' ,0); - - // Rebuild cache - rebuildCache('modules', 'modules'); - } // END - if -} // Deletes a user account with given reason function deleteUserAccount ($userid, $reason) { // Init points $data['points'] = '0'; + // Search for the points and user data $result = SQL_QUERY_ESC("SELECT (SUM(p.`points`) - d.`used_points`) AS `points` FROM @@ -1512,6 +1420,7 @@ LIMIT 1", $data = SQL_FETCHARRAY($result); // Delete points entries as well + // @TODO Rewrite these lines to a filter SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s", array(bigintval($userid)), __FUNCTION__, __LINE__); @@ -1522,7 +1431,9 @@ LIMIT 1", } // END - if // Now, when we have all his points adds them do the jackpot! - if (isExtensionActive('jackpot')) addPointsToJackpot($data['points']); + if (isExtensionActive('jackpot')) { + addPointsToJackpot($data['points']); + } // END - if } // END - if // Free the result @@ -1543,7 +1454,7 @@ LIMIT 1", $data['text'] = $reason; // Now a mail to the user and that's all... - $message = loadEmailTemplate('del-user', $data, $userid); + $message = loadEmailTemplate('member_user_deleted', $data, $userid); sendEmail($userid, '{--ADMIN_DELETE_ACCOUNT--}', $message); // Ok, delete the account! @@ -1553,22 +1464,18 @@ LIMIT 1", // Gets the matching what name from module function getWhatFromModule ($modCheck) { // Is the request element set? - if (isGetRequestParameterSet('what')) { + if (isGetRequestElementSet('what')) { // Then return this! - return getRequestParameter('what'); + return getRequestElement('what'); } // END - if // Default is empty $what = ''; - //* DEBUG: */ debugOutput(__LINE__.'!'.$modCheck.'!'); + // Check on given module + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'modCheck=' . $modCheck); switch ($modCheck) { - case 'admin': - $what = 'overview'; - break; - - case 'login': - case 'index': + case 'index': // Guest area // Is ext-sql_patches installed and newer than 0.0.5? if (isExtensionInstalledAndNewer('sql_patches', '0.0.5')) { // Use it from config @@ -1579,8 +1486,8 @@ function getWhatFromModule ($modCheck) { } break; - default: - $what = ''; + default: // Default for all other menus (getIndexHome() is for index module only) + $what = 'welcome'; break; } // END - switch @@ -1588,48 +1495,21 @@ function getWhatFromModule ($modCheck) { return $what; } -// Subtract points from database and mediadata cache -function subtractPoints ($subject, $userid, $points) { - // Add points to used points - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `used_points`=`used_points`+%s WHERE `userid`=%s LIMIT 1", - array($points, bigintval($userid)), __FUNCTION__, __LINE__); - - // Prepare filter data - $filterData = array( - 'subject' => $subject, - 'userid' => $userid, - 'points' => $points, - 'mode' => 'sub' - ); - - // Insert booking record - runFilterChain('sub_points', $filterData); -} - -// "Getter" for total available receivers -function getTotalReceivers ($mode = 'normal') { - // Get num rows - $numRows = countSumTotalData('CONFIRMED', 'user_data', 'userid', 'status', true, ' AND `receive_mails` > 0' . runFilterChain('exclude_users', $mode)); - - // Return value - return $numRows; -} - // Returns HTML code with an option list of all categories -function generateCategoryOptionsList ($mode) { +function generateCategoryOptionsList ($mode, $userid = NULL) { // Prepare WHERE statement $whereStatement = " WHERE `visible`='Y'"; if (isAdmin()) $whereStatement = ''; // Initialize array... - $CATS = array( - 'id' => array(), - 'name' => array(), + $categories = array( + 'id' => array(), + 'name' => array(), 'userids' => array() ); // Get categories - $result = SQL_QUERY('SELECT `id`, `cat` FROM `{?_MYSQL_PREFIX?}_cats`' . $whereStatement . ' ORDER BY `sort` ASC', + $result = SQL_QUERY('SELECT `id`,`cat` FROM `{?_MYSQL_PREFIX?}_cats`' . $whereStatement . ' ORDER BY `sort` ASC', __FUNCTION__, __LINE__); // Do we have entries? @@ -1637,12 +1517,15 @@ function generateCategoryOptionsList ($mode) { // ... and begin loading stuff while ($content = SQL_FETCHARRAY($result)) { // Transfer some data - $CATS['id'][] = $content['id']; - $CATS['name'][] = $content['cat']; + $categories['id'][] = $content['id']; + array_push($categories['name'], $content['cat']); // Check which users are in this category - $result_userids = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_cats` WHERE `cat_id`=%s ORDER BY `userid` ASC", - array(bigintval($content['id'])), __FUNCTION__, __LINE__); + $result_userids = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_cats` WHERE `cat_id`=%s AND `userid` != %s ORDER BY `userid` ASC", + array( + bigintval($content['id']), + convertNullToZero($userid) + ), __FUNCTION__, __LINE__); // Init count $userid_cnt = '0'; @@ -1650,14 +1533,14 @@ function generateCategoryOptionsList ($mode) { // Start adding all while ($data = SQL_FETCHARRAY($result_userids)) { // Add user count - $userid_cnt += countSumTotalData($data['userid'], 'user_data', 'userid', 'userid', true, " AND `status`='CONFIRMED' AND `receive_mails` > 0"); + $userid_cnt += countSumTotalData($data['userid'], 'user_data', 'userid', 'userid', true, runFilterChain('user_exclusion_sql', " AND `status`='CONFIRMED' AND `receive_mails` > 0")); } // END - while // Free memory SQL_FREERESULT($result_userids); // Add counter - $CATS['userids'][] = $userid_cnt; + array_push($categories['userids'], $userid_cnt); } // END - while // Free memory @@ -1665,13 +1548,12 @@ function generateCategoryOptionsList ($mode) { // Generate options $OUT = ''; - foreach ($CATS['id'] as $key => $value) { - if (strlen($CATS['name'][$key]) > 20) $CATS['name'][$key] = substr($CATS['name'][$key], 0, 17)."..."; - $OUT .= ' '; + foreach ($categories['id'] as $key => $value) { + $OUT .= ' '; } // END - foreach } else { // No cateogries are defined yet - $OUT = ''; + $OUT = ''; } // Return HTML code @@ -1679,7 +1561,7 @@ function generateCategoryOptionsList ($mode) { } // Add bonus mail to queue -function addBonusMailToQueue ($subject, $text, $receiverList, $points, $seconds, $url, $cat, $mode='normal', $receiver=0) { +function addBonusMailToQueue ($subject, $text, $receiverList, $points, $seconds, $url, $categoryId, $mode='normal', $receiver=0) { // Is admin or bonus extension there? if (!isAdmin()) { // Abort here @@ -1700,24 +1582,21 @@ function addBonusMailToQueue ($subject, $text, $receiverList, $points, $seconds, // HTML extension active? if (isExtensionActive('html_mail')) { - // No HTML by default - $HTML = 'N'; - - // HTML mode? - if ($mode == 'html') $HTML = 'Y'; + // Determine if we have HTML mode active + $HTML = convertBooleanToYesNo($mode == 'html'); // Add HTML mail SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_bonus` -(`subject`, `text`, `receivers`, `points`, `time`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `mails_sent`, `html_msg`) -VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s')", +(`subject`,`text`,`receivers`,`points`,`time`,`data_type`,`timestamp`,`url`,`cat_id`,`target_send`,`mails_sent`,`html_msg`) +VALUES ('%s','%s','%s',%s,%s,'NEW', UNIX_TIMESTAMP(),'%s',%s,%s,%s,'%s')", array( $subject, $text, $receiverList, $points, - $seconds, + bigintval($seconds), $url, - $cat, + bigintval($categoryId), $target, bigintval($receiver), $HTML @@ -1725,16 +1604,16 @@ VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s } else { // Add regular mail SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_bonus` -(`subject`, `text`, `receivers`, `points`, `time`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `mails_sent`) -VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')", +(`subject`,`text`,`receivers`,`points`,`time`,`data_type`,`timestamp`,`url`,`cat_id`,`target_send`,`mails_sent`) +VALUES ('%s','%s','%s',%s,%s,'NEW', UNIX_TIMESTAMP(),'%s',%s,%s,%s)", array( $subject, $text, $receiverList, $points, - $seconds, + bigintval($seconds), $url, - $cat, + bigintval($categoryId), $target, bigintval($receiver), ), __FUNCTION__, __LINE__); @@ -1742,16 +1621,15 @@ VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')", } // Generate a receiver list for given category and maximum receivers -function generateReceiverList ($cat, $receiver, $mode = '') { +function generateReceiverList ($categoryId, $receiver, $mode = '') { // Init variables - $CAT_TABS = ''; - $CAT_WHERE = ''; + $extraColumns = ''; $receiverList = ''; $result = false; // Secure data - $cat = bigintval($cat); - $receiver = bigintval($receiver); + $categoryId = bigintval($categoryId); + $receiver = bigintval($receiver); // Is the receiver zero and mode set? if (($receiver == '0') && (!empty($mode))) { @@ -1759,39 +1637,41 @@ function generateReceiverList ($cat, $receiver, $mode = '') { $receiver = getTotalReceivers($mode); } // END - if + // Exclude (maybe exclude) testers + $addWhere = runFilterChain('user_exclusion_sql', ' '); + // Category given? - if ($cat > 0) { + if ($categoryId > 0) { // Select category - $CAT_TABS = "LEFT JOIN `{?_MYSQL_PREFIX?}_user_cats` AS c ON d.`userid`=c.`userid`"; - $CAT_WHERE = sprintf(" AND c.`cat_id`=%s", $cat); + $extraColumns = "LEFT JOIN `{?_MYSQL_PREFIX?}_user_cats` AS c ON d.`userid`=c.`userid`"; + $addWhere = sprintf(" AND c.`cat_id`=%s", $categoryId); } // END - if // Exclude users in holiday? if (isExtensionInstalledAndNewer('holiday', '0.1.3')) { // Add something for the holiday extension - $CAT_WHERE .= " AND d.`holiday_active`='N'"; + $addWhere .= " AND d.`holiday_active`='N'"; } // END - if + // Include only HTML recipients? if ((isExtensionActive('html_mail')) && ($mode == 'html')) { - // Only include HTML receivers - $result = SQL_QUERY_ESC("SELECT d.userid FROM `{?_MYSQL_PREFIX?}_user_data` AS d ".$CAT_TABS." WHERE d.`status`='CONFIRMED' AND d.`html`='Y'".$CAT_WHERE." ORDER BY d.{?order_select?} {?order_mode?} LIMIT %s", - array( - $receiver - ), __FUNCTION__, __LINE__); - } else { - // Include all - $result = SQL_QUERY_ESC("SELECT d.userid FROM `{?_MYSQL_PREFIX?}_user_data` AS d ".$CAT_TABS." WHERE d.`status`='CONFIRMED'".$CAT_WHERE." ORDER BY d.{?order_select?} {?order_mode?} LIMIT %s", - array( - $receiver - ), __FUNCTION__, __LINE__); - } + $addWhere .= " AND d.`html`='Y'"; + } // END - if + + // Run query + $result = SQL_QUERY_ESC("SELECT d.`userid` FROM `{?_MYSQL_PREFIX?}_user_data` AS d ".$extraColumns." WHERE d.`status`='CONFIRMED' ".$addWhere." ORDER BY d.`{?order_select?}` {?order_mode?} LIMIT %s", + array( + $receiver + ), __FUNCTION__, __LINE__); // Entries found? if ((SQL_NUMROWS($result) >= $receiver) && ($receiver > 0)) { // Load all entries while ($content = SQL_FETCHARRAY($result)) { // Add receiver when not empty - if (!empty($content['userid'])) $receiverList .= $content['userid'] . ';'; + if (!empty($content['userid'])) { + $receiverList .= $content['userid'] . ';'; + } // END - if } // END - while // Free memory @@ -1805,86 +1685,6 @@ function generateReceiverList ($cat, $receiver, $mode = '') { return $receiverList; } -// "Getter" for array for user refs and points in given level -function getUserReferalPoints ($userid, $level) { - //* DEBUG: */ debugOutput('----------------------- '.__FUNCTION__.' - ENTRY ----------------------------------------------- '.__FUNCTION__.' - EXIT ------------------------
'); - return $refs; -} - // Recuce the amount of received emails for the receipients for given email function reduceRecipientReceivedMails ($column, $id, $count) { // Search for mail in database @@ -1910,7 +1710,9 @@ function reduceRecipientReceivedMails ($column, $id, $count) { } // Reduce this users total received emails? - if ($num === 0) $userids[$data['userid']] = $data['userid']; + if ($num === 0) { + $userids[$data['userid']] = $data['userid']; + } // END - if } // END - while if (count($userids) > 0) { @@ -1919,7 +1721,7 @@ function reduceRecipientReceivedMails ($column, $id, $count) { array(implode(',', $userids), count($userids)), __FUNCTION__, __LINE__); } else { // Nothing deleted - loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_MAIL_NOTHING_DELETED', $id)); + displayMessage('{%message,ADMIN_MAIL_NOTHING_DELETED=' . $id . '%}'); } } // END - if @@ -1928,12 +1730,12 @@ function reduceRecipientReceivedMails ($column, $id, $count) { } // Creates a new task -function createNewTask ($subject, $notes, $taskType, $userid = '0', $adminId = '0', $strip = true) { +function createNewTask ($subject, $notes, $taskType, $userid = NULL, $adminId = NULL, $strip = true) { // Insert the task data into the database - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`, `userid`, `status`, `task_type`, `subject`, `text`, `task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())", + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`,`userid`,`status`,`task_type`,`subject`,`text`,`task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())", array( - $adminId, - $userid, + convertZeroToNull($adminId), + convertZeroToNull($userid), $taskType, $subject, $notes @@ -1944,15 +1746,97 @@ function createNewTask ($subject, $notes, $taskType, $userid = '0', $adminId = ' } // Updates last module / online time -// @TODO Fix inconsistency between last_module and getWhat() function updateLastActivity($userid) { - // Run the update query - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `last_module`='%s', `last_online`=UNIX_TIMESTAMP(), `REMOTE_ADDR`='%s' WHERE `userid`=%s LIMIT 1", + // Is 'what' set? + if (isWhatSet()) { + // Run the update query + SQL_QUERY_ESC("UPDATE + `{?_MYSQL_PREFIX?}_user_data` +SET + `%s`='%s', + `last_online`=UNIX_TIMESTAMP(), + `REMOTE_ADDR`='%s' +WHERE + `userid`=%s +LIMIT 1", array( + getUserLastWhatName(), getWhat(), detectRemoteAddr(), bigintval($userid) ), __FUNCTION__, __LINE__); + } else { + // No what set, needs to be ignored (last_module is last_what) + SQL_QUERY_ESC("UPDATE + `{?_MYSQL_PREFIX?}_user_data` +SET + `%s`=NULL, + `last_online`=UNIX_TIMESTAMP(), + `REMOTE_ADDR`='%s' +WHERE + `userid`=%s +LIMIT 1", + array( + getUserLastWhatName(), + detectRemoteAddr(), + bigintval($userid) + ), __FUNCTION__, __LINE__); + } +} + +/** + * Checks if given subject is found and if not, adds an SQL query to the + * extension registration queue. + */ +function registerExtensionPointsData ($subject, $columnName, $lockedMode, $paymentMethod) { + // Default is old extension version + $add = ''; + + // Is the extension equal or newer 0.8.9? + if (((isInstallationPhase()) && ((getExtensionMode() == 'register') || (getExtensionMode() == 'update'))) || (isExtensionInstalledAndNewer('sql_patches', '0.8.9'))) { + // Then add provider + $add = " AND `account_provider`='EXTENSION'"; + } // END - if + + // Is the 'subject' there? + if (((!ifSqlTableExists('points_data')) && ((getExtensionMode() == 'register') || (getExtensionMode() == 'update'))) || (countSumTotalData($subject, 'points_data', 'id', 'subject', true, $add) == 0)) { + // Not found so: + if (isset($GLOBALS['previous_extension'][getCurrentExtensionName()])) { + $dummy = $GLOBALS['previous_extension'][getCurrentExtensionName()]; + reportBug(__FUNCTION__, __LINE__, 'previous_extension[' . gettype($dummy) . ']=' . $dummy . ',getCurrentExtensionName()=' . getCurrentExtensionName() . ' - Under development, please report this!'); + } // END - if + + // ... add an SQL query + addExtensionSql(sprintf("INSERT INTO `{?_MYSQL_PREFIX?}_points_data` (`subject`,`column_name`,`locked_mode`,`payment_method`) VALUES ('%s','%s','%s','%s')", + $subject, + $columnName, + $lockedMode, + $paymentMethod + )); + } // END - if +} + +/** + * Checks if given subject is found and if so, adds an SQL query to the + * extension unregistration queue. + */ +function unregisterExtensionPointsData ($subject) { + // Default is old extension version + $add = ''; + + // Is the extension equal or newer 0.8.9? + if (isExtensionInstalledAndNewer('sql_patches', '0.8.9')) { + // Then add provider + $add = " AND `account_provider`='EXTENSION'"; + } // END - if + + // Is the 'subject' there? + if (countSumTotalData($subject, 'points_data', 'id', 'subject', true, $add) == 1) { + // Found one or more, so add an SQL query + addExtensionSql(sprintf("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_points_data` WHERE `subject`='%s'" . $add . " LIMIT 1", + $subject + )); + } // END - if } // [EOF]