{--YOU_ARE_HERE--} Home';
} else {
if ($return === false) $GLOBALS['nav_depth']++;
$prefix = '';
@@ -363,56 +358,41 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru
$search = substr($search, 0, -4);
} // END - i
- // Get the title from menu
- $result = SQL_QUERY_ESC("SELECT title FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE %s='%s' ".$AND." LIMIT 1",
- array($accessLevel, $type, $search), __FUNCTION__, __LINE__);
+ if (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) {
+ // Output HTML code
+ $OUT = $prefix . '' . getTitleFromMenu($accessLevel, $search, $type, $ADD) . '';
- // Menu found?
- if (SQL_NUMROWS($result) == 1) {
- // Load title
- list($ret) = SQL_FETCHROW($result);
-
- // Shall we return it?
- if ($return === true) {
- // Return title
- return $ret;
- } elseif (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) {
- // Output HTML code
- $OUT = $prefix . "" . $ret . "\n";
-
- // Can we close the you-are-here navigation?
- //* DEBUG: */ print(__LINE__."*".$type.'/'.getWhat()."* ");
- if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) {
- //* DEBUG: */ print(__LINE__.'+'.$type."+ ");
- // Add closing div and br-tag
- $OUT .= "
\n";
- $GLOBALS['nav_depth'] = 0;
-
- // Run the filter chain
- $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => ""));
- $OUT .= $ret['content'];
- } // END - if
- }
- } // END - if
+ // Can we close the you-are-here navigation?
+ //* DEBUG: */ print(__LINE__."*".$type.'/'.getWhat()."* ");
+ if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) {
+ //* DEBUG: */ print(__LINE__.'+'.$type."+ ");
+ // Add closing div and br-tag
+ $OUT .= '
';
+ $GLOBALS['nav_depth'] = '0';
- // Free result
- SQL_FREERESULT($result);
+ // Run the filter chain
+ $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => ''));
+
+ // Add additional content
+ $OUT .= $ret['content'];
+ } // END - if
+ }
// Return or output HTML code?
- if ($output) {
- // Output HTML code here
- outputHtml($OUT);
- } else {
+ if ($return === true) {
// Return HTML code
return $OUT;
+ } else {
+ // Output HTML code here
+ outputHtml($OUT);
}
}
// Adds a menu (mode = guest/member/admin/sponsor) to output
function addMenu ($mode, $action, $what) {
// Init some variables
- $main_cnt = 0;
- $AND = '';
+ $main_cnt = '0';
+ $ADD = '';
// is the menu action valid?
if (!isMenuActionValid($mode, $action, $what, true)) {
@@ -421,11 +401,11 @@ function addMenu ($mode, $action, $what) {
// Non-admin shall not see all menus
if (!isAdmin()) {
- $AND = " AND `visible`='Y' AND `locked`='N'";
+ $ADD = " AND `visible`='Y' AND `locked`='N'";
} // END - if
// Load SQL data and add the menu to the output stream...
- $result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$AND." ORDER BY `sort` ASC",
+ $result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$ADD." ORDER BY `sort` ASC",
array($mode), __FUNCTION__, __LINE__);
//* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."* ");
@@ -442,7 +422,7 @@ function addMenu ($mode, $action, $what) {
$GLOBALS['rows'] .= loadTemplate($mode . '_menu_title', true, $content);
// Sub menu
- $result_sub = SQL_QUERY_ESC("SELECT `title` AS sub_title, `what` AS sub_what FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`",
+ $result_sub = SQL_QUERY_ESC("SELECT `title` AS sub_title, `what` AS sub_what FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$ADD." ORDER BY `sort`",
array($mode, $content['action']), __FUNCTION__, __LINE__);
// Get number of rows
@@ -451,7 +431,7 @@ function addMenu ($mode, $action, $what) {
// Do we have some entries?
if ($totalWhats > 0) {
// Init counter
- $cnt = 0;
+ $cnt = '0';
// Load all sub menus
while ($content2 = SQL_FETCHARRAY($result_sub)) {
@@ -467,29 +447,29 @@ function addMenu ($mode, $action, $what) {
if (isIncludeReadable($inc)) {
// Mark currently selected menu - open
if ((!empty($what)) && (($what == $content['sub_what']))) {
- $OUT = "";
+ $OUT = '';
} // END - if
// Navigation link
- $OUT .= "";
+ $OUT .= '';
} else {
// Not found! - open
- $OUT .= "";
+ $OUT .= '';
}
// Menu title
$OUT .= getConfig('menu_blur_spacer') . $content['sub_title'];
if (isIncludeReadable($inc)) {
- $OUT .= "";
+ $OUT .= '';
// Mark currently selected menu - close
if ((!empty($what)) && (($what == $content['sub_what']))) {
- $OUT .= "";
+ $OUT .= '';
} // END - if
} else {
// Not found! - close
- $OUT .= "";
+ $OUT .= '';
}
// Cunt it up
@@ -580,54 +560,47 @@ function isMember () {
if (isset($GLOBALS['is_member'])) {
// Then return it
return $GLOBALS['is_member'];
- } // END - if
+ } elseif (getMemberId() == '0') {
+ // No member
+ return false;
+ } else {
+ // Transfer userid=>current
+ setCurrentUserid(getMemberId());
+ }
- // Init global 'status'
- $GLOBALS['status'] = false;
+ // Init user data array
+ initUserData();
// Fix "deleted" cookies first
fixDeletedCookies(array('userid', 'u_hash'));
// Are cookies set?
- if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) {
+ if ((isMemberIdSet()) && (isSessionVariableSet('u_hash'))) {
// Cookies are set with values, but are they valid?
- $result = SQL_QUERY_ESC("SELECT `password`, `status`, `last_module`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array(getUserId()), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load data from cookies
- list($password, $GLOBALS['status'], $mod, $onl) = SQL_FETCHROW($result);
-
+ if (fetchUserData(getMemberId()) === true) {
// Validate password by created the difference of it and the secret key
- $valPass = generatePassString($password);
+ $valPass = encodeHashForCookie(getUserData('password'));
// Transfer last module and online time
- if ((!empty($mod)) && (empty($GLOBALS['last_online']['module']))) {
- // @TODO Try to rewrite this to one or more functions
- $GLOBALS['last_online']['module'] = $mod;
- $GLOBALS['last_online']['online'] = $onl;
- } // END - if
+ $GLOBALS['last_online']['module'] = getUserData('last_module');
+ $GLOBALS['last_online']['online'] = getUserData('last_online');
// So did we now have valid data and an unlocked user?
- if (($GLOBALS['status'] == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
+ if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) {
// Account is confirmed and all cookie data is valid so he is definely logged in! :-)
$ret = true;
} else {
// Maybe got locked etc.
- //* DEBUG: */ print(__LINE__."!!! ");
- destroyUserSession();
+ logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status'));
+ destroyMemberSession();
}
} else {
// Cookie data is invalid!
- //* DEBUG: */ print(__LINE__."*** ");
- destroyUserSession();
+ destroyMemberSession();
}
-
- // Free memory
- SQL_FREERESULT($result);
} else {
// Cookie data is invalid!
- //* DEBUG: */ print(__LINE__."/// ");
- destroyUserSession();
+ destroyMemberSession();
}
// Cache status
@@ -637,66 +610,139 @@ function isMember () {
return $ret;
}
+// Fetch user data for given user id
+function fetchUserData ($userid, $column = 'userid') {
+ // If we should look for userid secure&set it here
+ if (substr($column, -2, 2) == 'id') {
+ // Secure userid
+ $userid = bigintval($userid);
+
+ // Set it here
+ setCurrentUserId($userid);
+
+ // Don't look for invalid userids...
+ if ($userid < 1) {
+ // Invalid, so abort here
+ debug_report_bug('User id ' . $userid . ' is invalid.');
+ } elseif (isUserDataValid()) {
+ // Use cache, so it is fine
+ return true;
+ }
+ } elseif (isUserDataValid()) {
+ // Use cache, so it is fine
+ return true;
+ }
+
+
+ // By default none was found
+ $found = false;
+
+ // Extra statements
+ $ADD = '';
+ if (isExtensionInstalledAndNewer('user', '0.3.5')) $ADD = ', UNIX_TIMESTAMP(`lock_timestamp`) AS `lock_timestamp`';
+
+ // Query for the user
+ $result = SQL_QUERY_ESC("SELECT *".$ADD." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1",
+ array($column, $userid), __FUNCTION__, __LINE__);
+
+ // Do we have a record?
+ if (SQL_NUMROWS($result) == 1) {
+ // Load data from cookies
+ $data = SQL_FETCHARRAY($result);
+
+ // Set the userid for later use
+ setCurrentUserId($data['userid']);
+ $GLOBALS['user_data'][getCurrentUserId()] = $data;
+
+ // Rewrite 'last_failure' if found
+ if (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure'])) {
+ // Backup the raw one and zero it
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] = $GLOBALS['user_data'][getCurrentUserId()]['last_failure'];
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = '0';
+
+ // Is it not zero?
+ if ($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] != '0000-00-00 00:00:00') {
+ // Seperate data/time
+ $array = explode(' ', $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw']);
+
+ // Seperate data and time again
+ $array['date'] = explode('-', $array[0]);
+ $array['time'] = explode(':', $array[1]);
+
+ // Now pass it to mktime()
+ $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = mktime(
+ $array['time'][0],
+ $array['time'][1],
+ $array['time'][2],
+ $array['date'][1],
+ $array['date'][2],
+ $array['date'][0]
+ );
+ } // END - if
+ } // END - if
+
+ // Found, but valid?
+ $found = isUserDataValid();
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Return result
+ return $found;
+}
+
// This patched function will reduce many SELECT queries for the specified or current admin login
-function isAdmin ($admin = '') {
+function isAdmin ($adminLogin = '') {
// Init variables
- $ret = false; $passCookie = ''; $valPass = '';
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.' ');
+ $ret = false;
+ $passCookie = '';
+ $valPass = '';
+ //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.' ');
// If admin login is not given take current from cookies...
- if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
+ if ((empty($adminLogin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
// Get admin login and password from session/cookies
- $admin = getSession('admin_login');
+ $adminLogin = getSession('admin_login');
$passCookie = getSession('admin_md5');
} // END - if
- //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.' ');
+ //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'/'.$passCookie.' ');
// Do we have cache?
- if (!isset($GLOBALS['is_admin'][$admin])) {
+ if (!isset($GLOBALS['is_admin'][$adminLogin])) {
+ // Init it with failed
+ $GLOBALS['is_admin'][$adminLogin] = false;
+
// Search in array for entry
if (isset($GLOBALS['admin_hash'])) {
// Use cached string
$valPass = $GLOBALS['admin_hash'];
- } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) {
+ } elseif ((!empty($passCookie)) && (isAdminHashSet($adminLogin) === true) && (!empty($adminLogin))) {
// Login data is valid or not?
- $valPass = generatePassString(getAdminHash($admin));
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
// Cache it away
$GLOBALS['admin_hash'] = $valPass;
// Count cache hits
incrementStatsEntry('cache_hits');
- } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) {
- // Search for admin
- $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
- array($admin), __FUNCTION__, __LINE__);
-
- // Is he admin?
- $passDB = '';
- if (SQL_NUMROWS($result) == 1) {
- // Admin login was found so let's load password from DB
- list($passDB) = SQL_FETCHROW($result);
-
- // Temporary cache it
- setAdminHash($admin, $passDB);
-
- // Generate password hash
- $valPass = generatePassString($passDB);
- } // END - if
+ } elseif ((!empty($adminLogin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminLogin) === false))) {
+ // Get admin hash and hash it
+ $valPass = encodeHashForCookie(getAdminHash($adminLogin));
- // Free memory
- SQL_FREERESULT($result);
+ // Cache it away
+ $GLOBALS['admin_hash'] = $valPass;
}
if (!empty($valPass)) {
// Check if password is valid
//* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).' ');
- $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
+ $GLOBALS['is_admin'][$adminLogin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
} // END - if
} // END - if
// Return result of comparision
- return $GLOBALS['is_admin'][$admin];
+ return $GLOBALS['is_admin'][$adminLogin];
}
// Generates a list of "max receiveable emails per day"
@@ -707,13 +753,13 @@ function addMaxReceiveList ($mode, $default = '', $return = false) {
switch ($mode) {
case 'guest':
// Guests (in the registration form) are not allowed to select 0 mails per day.
- $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE value > 0 ORDER BY value",
+ $result = SQL_QUERY("SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC",
__FUNCTION__, __LINE__);
break;
case 'member':
// Members are allowed to set to zero mails per day (we will change this soon!)
- $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY value",
+ $result = SQL_QUERY("SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC",
__FUNCTION__, __LINE__);
break;
@@ -726,11 +772,11 @@ function addMaxReceiveList ($mode, $default = '', $return = false) {
if (SQL_NUMROWS($result) > 0) {
$OUT = '';
while ($content = SQL_FETCHARRAY($result)) {
- $OUT .= " ';
}
+
+ // Free memory
+ SQL_FREERESULT($result);
}
// Return - hopefully - the requested data
@@ -1615,7 +1597,7 @@ function generateOptionList ($table, $id, $name, $default='', $special='', $wher
// Activate exchange
function FILTER_ACTIVATE_EXCHANGE () {
// Is the extension 'user' there?
- if ((!isExtensionActive('user')) || (getConfig('activate_xchange') == 0)) {
+ if ((!isExtensionActive('user')) || (getConfig('activate_xchange') == '0')) {
// Silently abort here
return false;
} // END - if
@@ -1637,13 +1619,15 @@ function FILTER_ACTIVATE_EXCHANGE () {
updateConfiguration('activate_xchange' ,0);
// Rebuild cache
- rebuildCacheFile('modules', 'modules');
+ rebuildCache('modules', 'modules');
} // END - if
}
// Deletes a user account with given reason
function deleteUserAccount ($userid, $reason) {
- $points = 0;
+ // Init points
+ $data['points'] = '0';
+
$result = SQL_QUERY_ESC("SELECT
(SUM(p.points) - d.used_points) AS points
FROM
@@ -1655,21 +1639,23 @@ ON
WHERE
p.userid=%s",
array(bigintval($userid)), __FUNCTION__, __LINE__);
+
+ // Do we have an entry?
if (SQL_NUMROWS($result) == 1) {
// Save his points to add them to the jackpot
- list($points) = SQL_FETCHROW($result);
+ $data = SQL_FETCHARRAY($result);
// Delete points entries as well
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s", array(bigintval($userid)), __FUNCTION__, __LINE__);
// Update mediadata as well
- if (getExtensionVersion('mediadata') >= '0.0.4') {
+ if (isExtensionInstalledAndNewer('mediadata', '0.0.4')) {
// Update database
- updateMediadataEntry(array('total_points'), 'sub', $points);
+ updateMediadataEntry(array('total_points'), 'sub', $data['points']);
} // END - if
// Now, when we have all his points adds them do the jackpot!
- if (isExtensionActive('jackpot')) addPointsToJackpot($points);
+ if (isExtensionActive('jackpot')) addPointsToJackpot($data['points']);
} // END - if
// Free the result
@@ -1680,40 +1666,30 @@ WHERE
array(bigintval($userid)), __FUNCTION__, __LINE__);
// Remove from rallye if found
+ // @TODO Rewrite this to a filter
if (isExtensionActive('rallye')) {
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_rallye_users` WHERE `userid`=%s",
array(bigintval($userid)), __FUNCTION__, __LINE__);
} // END - if
+ // Add reason and translate points
+ $data['text'] = $reason;
+ $data['points'] = translateComma($data['points']);
+
// Now a mail to the user and that's all...
- $message = loadEmailTemplate('del-user', array('text' => $reason), $userid);
+ $message = loadEmailTemplate('del-user', $data, $userid);
sendEmail($userid, getMessage('ADMIN_DEL_ACCOUNT'), $message);
// Ok, delete the account!
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", array(bigintval($userid)), __FUNCTION__, __LINE__);
}
-// Generates meta description for given module and 'what' value
-function generateMetaDescriptionCode ($mod, $what) {
- // Exclude admin and member's area
- if (($mod != 'admin') && ($mod != 'login')) {
- // Construct dynamic description
- $DESCR = '{?MAIN_TITLE?} '.trim(getConfig('title_middle')) . ' ' . addMenuDescription('guest', 'what-'.$what, true);
-
- // Output it directly
- outputHtml('');
- } // END - if
-
- // Remove depth
- unset($GLOBALS['ref_level']);
-}
-
// Gets the matching what name from module
function getWhatFromModule ($modCheck) {
// Is the request element set?
- if (isGetRequestElementSet('what')) {
+ if (isGetRequestParameterSet('what')) {
// Then return this!
- return getRequestElement('what');
+ return getRequestParameter('what');
} // END - if
// Default is empty
@@ -1785,7 +1761,7 @@ WHERE
return $numRows;
}
-// Returns HTML code with an "