X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=f7238a64a85a8d71b6d5670f1b29f697dcfe2e94;hp=27961f5f608adb5bd0c1fe4a82656cf63718cfec;hb=e8ca54fe91872ab95a6ffdc4f1268bf18889021d;hpb=258bb8c82f21617f7f90bff8023602a11b986f7e diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 27961f5f60..f7238a64a8 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -1,7 +1,7 @@ "); - if (count($modSplit) == 2) { - // Okay, there is a seperator (_) in the name so is the first part a module? - //* DEBUG: */ print(__LINE__."*".$modSplit[0]."*
"); - if (isExtensionActive($modSplit[0])) { - // The prefix is an extension's name, so let's set it - $extension = $modSplit[0]; $mod = $modSplit[1]; - } // END - if - } // END - if - - // Major error in module registry is the default - $ret = 'major'; - - // Check if script is installed if not return a 'done' to prevent some errors - if ((isInstallationPhase()) || (!isAdminRegistered())) { - // Not installed or no admin registered or in installation phase - return 'done'; - } // END - if - - // Init variables - $locked = 'Y'; - $hidden = 'N'; - $admin = 'N'; - $mem = 'N'; - $found = false; - - // Check if cache is latest version - if (isExtensionInstalledAndNewer('cache', '0.1.2')) { - // Is the cache there? - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Using cache.'); - if (isset($GLOBALS['cache_array']['modules']['locked'][$mod_chk])) { - // Check cache - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cache found.'); - $locked = $GLOBALS['cache_array']['modules']['locked'][$mod_chk]; - $hidden = $GLOBALS['cache_array']['modules']['hidden'][$mod_chk]; - $admin = $GLOBALS['cache_array']['modules']['admin_only'][$mod_chk]; - $mem = $GLOBALS['cache_array']['modules']['mem_only'][$mod_chk]; - - // Update cache hits - incrementStatsEntry('cache_hits'); - $found = true; - } else { - // No, then we have to update it! - $ret = 'cache_miss'; - } - } elseif (!isExtensionActive('cache')) { - // Check for module in database - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Using database.'); - $result = SQL_QUERY_ESC("SELECT `locked`, `hidden`, `admin_only`, `mem_only` FROM `{?_MYSQL_PREFIX?}_mod_reg` WHERE `module`='%s' LIMIT 1", - array($mod_chk), __FUNCTION__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Read data - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Entry found.'); - list($locked, $hidden, $admin, $mem) = SQL_FETCHROW($result); - $found = true; - } elseif (isDebugModeEnabled()) { - // Debug message only in debug-mode... - logDebugMessage(__FUNCTION__, __LINE__, 'Module ' . $mod_chk . ' not found!'); - } - - // Free result - SQL_FREERESULT($result); - } - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret=' . $ret); - - // Is the module found? - if ($found === true) { - // Check returned values against current access permissions - // - // Admin access ----- Guest access ----- --- Guest or member? --- - if ((isAdmin()) || (($locked != 'Y') && ($admin != 'Y') && (($mem != 'Y') || (isMember())))) { - // If you are admin you are welcome for everything! - $ret = 'done'; - } elseif ($locked == 'Y') { - // Module is locked - $ret = 'locked'; - } elseif (($mem == 'Y') && (!isMember())) { - // You have to login first! - $ret = 'mem_only'; - } elseif (($admin == 'Y') && (!isAdmin())) { - // Only the Admin is allowed to enter this module! - $ret = 'admin_only'; - } else { - // @TODO Nothing helped??? - logDebugMessage(__FUNCTION__, __LINE__, sprintf("ret=%s,locked=%s,admin=%s,mem=%s", - $ret, - $locked, - $admin, - $mem - )); - } - } // END - if - - // Still no luck or not found? - if (($found === false) && (!isExtensionActive('cache')) && ($ret != 'done')) { - // ----- Legacy module ----- ---- Module in base folder ---- --- Module with extension's name --- - if ((isIncludeReadable(sprintf("inc/modules/%s.php", $mod))) || (isIncludeReadable(sprintf("%s.php", $mod))) || (isIncludeReadable(sprintf("%s/%s.php", $extension, $mod)))) { - // Data is missing so we add it - if (isExtensionInstalledAndNewer('sql_patches', '0.3.6')) { - // Since 0.3.6 we have a has_menu column, this took me a half hour - // to find a loop here... *sigh* - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_mod_reg` -(`module`, `locked`, `hidden`, `mem_only`, `admin_only`, `has_menu`) VALUES -('%s','Y','N','N','N','N')", array($mod_chk), __FUNCTION__, __LINE__); - } else { - // Wrong/missing sql_patches! - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_mod_reg` -(`module`, `locked`, `hidden`, `mem_only`, `admin_only`) VALUES -('%s','Y','N','N','N')", array($mod_chk), __FUNCTION__, __LINE__); - } - - // Everthing is fine? - if (SQL_AFFECTEDROWS() < 1) { - // Something bad happend! - return 'major'; - } // END - if - - // Destroy cache here - // @TODO Rewrite this to a filter - if ((getOutputMode() == '0') || (getOutputMode() == -1)) rebuildCacheFile('modules', 'modules'); - - // And reload data - unset($GLOBALS['module_status'][$mod]); - $ret = checkModulePermissions($mod_chk); - } else { - // Module not found we don't add it to the database - $ret = '404'; - } - } elseif (($ret == 'cache_miss') && (getOutputMode() == '0')) { - // Rebuild the cache files - rebuildCacheFile('modules', 'modules'); - } elseif ($found === false) { - // Problem with module detected - logDebugMessage(__FUNCTION__, __LINE__, sprintf("Problem in module %s detected. ret=%s, locked=%s, hidden=%s, mem=%s, admin=%s, output_mode=%s", - $mod, - $ret, - $locked, - $hidden, - $mem, - $admin, - getOutputMode() - )); - } - - // Return the value - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret=' . $ret); - $GLOBALS['module_status'][$mod] = $ret; - return $ret; + return $data['title']; } -// Add menu description pending on given file name (without path!) -function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = true) { +// Add link into output stream (or return it) for 'You Are Here' navigation +function addYouAreHereLink ($accessLevel, $FQFN, $return = false) { // Use only filename of the FQFN... $file = basename($FQFN); // Init variables $LINK_ADD = ''; $OUT = ''; - $AND = ''; + $ADD = ''; + $prefix = ''; // First we have to do some analysis... if (substr($file, 0, 7) == 'action-') { // This is an action file! $type = 'action'; $search = substr($file, 7); - switch ($accessLevel) { - case 'admin': - $modCheck = 'admin'; - break; - - case 'sponsor': - case 'guest': - case 'member': - $modCheck = getModule(); - break; - } - $AND = " AND (`what`='' OR `what` IS NULL)"; + + // Get access level from it + $modCheck = getModuleFromFileName($file, $accessLevel); + + // Add what + $ADD = " AND (`what`='' OR `what` IS NULL)"; } elseif (substr($file, 0, 5) == 'what-') { - // This is an admin what file! + // This is a 'what file'! $type = 'what'; $search = substr($file, 5); - $AND = ''; - switch ($accessLevel) { - case 'admin': - $modCheck = 'admin'; - break; - - case 'guest': - case 'member': - $modCheck = getModule(); - if (!isAdmin()) { - $AND = " AND `visible`='Y' AND `locked`='N'"; - } - break; - } + $ADD = " AND `visible`='Y' AND `locked`='N'"; + + // Get access level from it + $modCheck = getModuleFromFileName($file, $accessLevel); + + // Do we have admin? Then display all + if (isAdmin()) $ADD = ''; $dummy = substr($search, 0, -4); - $AND .= " AND `action`='".getModeAction($accessLevel, $dummy)."'"; - } elseif (($accessLevel == 'sponsor') || ($accessLevel == "engine")) { + $ADD .= sprintf(" AND `action`='%s'", getActionFromModuleWhat($accessLevel, $dummy)); + } elseif (($accessLevel == 'sponsor') || ($accessLevel == 'engine')) { // Sponsor / engine menu $type = 'what'; $search = $file; $modCheck = getModule(); - $AND = ''; + $ADD = ''; } else { // Other $type = 'menu'; $search = $file; $modCheck = getModule(); - $AND = ''; + $ADD = ''; } // Begin the navigation line - if ((!isset($GLOBALS['nav_depth'])) && ($return === false)) { + if (!isset($GLOBALS['nav_depth'])) { + // Init nav_depth $GLOBALS['nav_depth'] = '0'; - $prefix = "
{--YOU_ARE_HERE--} Home"; - } else { - if ($return === false) $GLOBALS['nav_depth']++; - $prefix = ''; + + // Run the pre-filter chain + $ret = runFilterChain('pre_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => '')); + + // Add pre-content + $prefix = $ret['content']; + + $prefix .= '
{--YOU_ARE_HERE--} Home'; + } elseif ($return === false) { + // Count depth + $GLOBALS['nav_depth']++; } $prefix .= ' -> '; @@ -361,50 +145,35 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru if (substr($search, -4, 4) == '.php') { // Remove the .php $search = substr($search, 0, -4); - } // END - i + } // END - if - // Get the title from menu - $result = SQL_QUERY_ESC("SELECT title FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE %s='%s' ".$AND." LIMIT 1", - array($accessLevel, $type, $search), __FUNCTION__, __LINE__); + if (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) { + // Output HTML code + $OUT = $prefix . '' . getTitleFromMenu($accessLevel, $search, $type, $ADD) . ''; - // Menu found? - if (SQL_NUMROWS($result) == 1) { - // Load title - list($ret) = SQL_FETCHROW($result); - - // Shall we return it? - if ($return === true) { - // Return title - return $ret; - } elseif (((isExtensionInstalledAndNewer('sql_patches', '0.2.3')) && (getConfig('youre_here') == 'Y')) || ((isAdmin()) && ($modCheck == 'admin'))) { - // Output HTML code - $OUT = $prefix . ""); - if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) { - //* DEBUG: */ print(__LINE__.'+'.$type."+
"); - // Add closing div and br-tag - $OUT .= "

\n"; - $GLOBALS['nav_depth'] = '0'; - - // Run the filter chain - $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => "")); - $OUT .= $ret['content']; - } // END - if - } - } // END - if + // Can we close the you-are-here navigation? + //* DEBUG: */ debugOutput(__LINE__.'*'.$type.'/'.getWhat().'*'); + if (($type == 'what') || (($type == 'action') && ((!isWhatSet()) || (getWhat() == 'overview')))) { + //* DEBUG: */ debugOutput(__LINE__.'+'.$type.'+'); + // Add closing div and br-tag + $OUT .= '
'; + $GLOBALS['nav_depth'] = '0'; - // Free result - SQL_FREERESULT($result); + // Run the post-filter chain + $ret = runFilterChain('post_youhere_line', array('access_level' => $accessLevel, 'type' => $type, 'content' => '')); + + // Add additional content + $OUT .= $ret['content']; + } // END - if + } // END - if // Return or output HTML code? - if ($output) { - // Output HTML code here - outputHtml($OUT); - } else { + if ($return === true) { // Return HTML code return $OUT; + } else { + // Output HTML code here + outputHtml($OUT); } } @@ -412,7 +181,7 @@ function addMenuDescription ($accessLevel, $FQFN, $return = false, $output = tru function addMenu ($mode, $action, $what) { // Init some variables $main_cnt = '0'; - $AND = ''; + $ADD = ''; // is the menu action valid? if (!isMenuActionValid($mode, $action, $what, true)) { @@ -421,37 +190,54 @@ function addMenu ($mode, $action, $what) { // Non-admin shall not see all menus if (!isAdmin()) { - $AND = " AND `visible`='Y' AND `locked`='N'"; + $ADD = " AND `visible`='Y' AND `locked`='N'"; } // END - if // Load SQL data and add the menu to the output stream... - $result_main = SQL_QUERY_ESC("SELECT `title`, `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL)".$AND." ORDER BY `sort` ASC", + $result_main = SQL_QUERY_ESC("SELECT + `title`, `what`, `action`, `visible`, `locked` +FROM + `{?_MYSQL_PREFIX?}_%s_menu` +WHERE + (`what`='' OR `what` IS NULL) + ".$ADD." +ORDER BY + `sort` ASC", array($mode), __FUNCTION__, __LINE__); - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."*
"); - if (SQL_NUMROWS($result_main) > 0) { + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.':'.getWhat().'*'); + if (!SQL_HASZERONUMS($result_main)) { // There are menus available, so we simply display them... :) $GLOBALS['rows'] = ''; while ($content = SQL_FETCHARRAY($result_main)) { - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].':'.getWhat()."*
"); - // Init variables + //* DEBUG: */ debugOutput(__LINE__ . '/' . $main_cnt . '/' . $content['action'] . ':' . getWhat() . '*'); + // Disable the block-mode enableBlockMode(false); - $action = $content['action']; // Load menu header template $GLOBALS['rows'] .= loadTemplate($mode . '_menu_title', true, $content); // Sub menu - $result_sub = SQL_QUERY_ESC("SELECT `title` AS sub_title, `what` AS sub_what FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ".$AND." ORDER BY `sort`", + $result_sub = SQL_QUERY_ESC("SELECT + `title` AS `sub_title`, + `what` AS `sub_what`, + `visible` AS `sub_visible`, + `locked` AS `sub_locked` +FROM + `{?_MYSQL_PREFIX?}_%s_menu` +WHERE + `action`='%s' AND + `what` != '' AND + `what` IS NOT NULL + ".$ADD." +ORDER BY + `sort` ASC", array($mode, $content['action']), __FUNCTION__, __LINE__); - // Get number of rows - $totalWhats = SQL_NUMROWS($result_sub); - // Do we have some entries? - if ($totalWhats > 0) { + if (!SQL_HASZERONUMS($result_sub)) { // Init counter - $cnt = '0'; + $count = '0'; // Load all sub menus while ($content2 = SQL_FETCHARRAY($result_sub)) { @@ -462,52 +248,54 @@ function addMenu ($mode, $action, $what) { $OUT = ''; // Full file name for checking menu - //* DEBUG: */ print(__LINE__.":!!!!".$content['sub_what']."!!!
"); + //* DEBUG: */ debugOutput(__LINE__ . ':!!!!' . $content['sub_what'] . '!!!'); $inc = sprintf("inc/modules/%s/what-%s.php", $mode, $content['sub_what']); if (isIncludeReadable($inc)) { // Mark currently selected menu - open if ((!empty($what)) && (($what == $content['sub_what']))) { - $OUT = ""; + $OUT = ''; } // END - if // Navigation link - $OUT .= ""; + $OUT .= ''; } else { // Not found! - open - $OUT .= ""; + $OUT .= ''; } // Menu title - $OUT .= getConfig('menu_blur_spacer') . $content['sub_title']; + $OUT .= '{?menu_blur_spacer?}' . $content['sub_title']; if (isIncludeReadable($inc)) { - $OUT .= ""; + $OUT .= ''; // Mark currently selected menu - close if ((!empty($what)) && (($what == $content['sub_what']))) { - $OUT .= ""; + $OUT .= ''; } // END - if } else { // Not found! - close - $OUT .= ""; + $OUT .= ''; } // Cunt it up - $cnt++; + $count++; // Rewrite array - $content = array( - 'menu' => $OUT, - 'what' => $content['sub_what'] + $content = array( + 'menu' => $OUT, + 'what' => $content['sub_what'], + 'visible' => $content['sub_visible'], + 'locked' => $content['locked'], ); // Add regular menu row or bottom row? - if ($cnt < $totalWhats) { + if ($count < SQL_NUMROWS($result_sub)) { $GLOBALS['rows'] .= loadTemplate($mode . '_menu_row', true, $content); } else { $GLOBALS['rows'] .= loadTemplate($mode . '_menu_bottom', true, $content); } - } + } // END - while } else { // This is a menu block... ;-) enableBlockMode(); @@ -517,17 +305,21 @@ function addMenu ($mode, $action, $what) { if (isFileReadable($INC)) { // Load include file if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_begin', true, $mode); - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
"); + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat().'*'); loadInclude($INC); - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat()."*
"); + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.getWhat().'*'); if ((!isExtensionActive($content['action'])) || ($content['action'] == 'online')) $GLOBALS['rows'] .= loadTemplate('menu_what_end', true, $mode); } - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
"); + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat().'*'); } + // Free result + SQL_FREERESULT($result_sub); + + // Count one up $main_cnt++; - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.':'.getWhat()."*
"); + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.':'.getWhat().'*'); if (SQL_NUMROWS($result_main) > $main_cnt) { // Add seperator $GLOBALS['rows'] .= loadTemplate('menu_seperator', true, $mode); @@ -562,7 +354,7 @@ function addMenu ($mode, $action, $what) { ); // Load main template - //* DEBUG: */ print(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat()."*
"); + //* DEBUG: */ debugOutput(__LINE__.'/'.$main_cnt.'/'.$content['action'].'/'.$content['sub_what'].':'.getWhat().'*'); loadTemplate('menu_table', false, $content); } // END - if } @@ -576,62 +368,64 @@ function isMember () { // @TODO Try to rewrite this to one or more functions if ((!isset($GLOBALS['last_online'])) || (!is_array($GLOBALS['last_online']))) $GLOBALS['last_online'] = array(); - // is the cache entry there? - if (isset($GLOBALS['is_member'])) { + // Is the cache entry there? + if (isset($GLOBALS[__FUNCTION__])) { // Then return it - return $GLOBALS['is_member']; - } elseif (getMemberId() == '0') { - // No member + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CACHED! (' . intval($GLOBALS[__FUNCTION__]) . ')'); + return $GLOBALS[__FUNCTION__]; + } elseif ((!isSessionVariableSet('userid')) || (!isSessionVariableSet('u_hash'))) { + // Destroy any existing user session data + destroyMemberSession(); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'No member set in cookie/session.'); + + // Abort further processing return false; - } else { - // Transfer userid=>current - setCurrentUserid(getMemberId()); } - // Init global user data array + // Get userid secured from session + setMemberId(getSession('userid')); + + // ... and set it as currently handled user id + setCurrentUserId(getMemberId()); + + // Init user data array initUserData(); // Fix "deleted" cookies first fixDeletedCookies(array('userid', 'u_hash')); - // Are cookies set? - if ((isMemberIdSet()) && (isSessionVariableSet('u_hash'))) { - // Cookies are set with values, but are they valid? - if (fetchUserData(getMemberId()) === true) { - // Validate password by created the difference of it and the secret key - $valPass = generatePassString(getUserData('password')); + // Are cookies set and can the member data be loaded? + if ((isMemberIdSet()) && (isSessionVariableSet('u_hash')) && (fetchUserData(getMemberId()) === true)) { + // Validate password by created the difference of it and the secret key + $valPass = encodeHashForCookie(getUserData('password')); + // So did we now have valid data and an unlocked user? + if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { // Transfer last module and online time $GLOBALS['last_online']['module'] = getUserData('last_module'); $GLOBALS['last_online']['online'] = getUserData('last_online'); - // So did we now have valid data and an unlocked user? - if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { - // Account is confirmed and all cookie data is valid so he is definely logged in! :-) - $ret = true; - } else { - // Maybe got locked etc. - logDebugMessage(__FUNCTION__, __LINE__, 'status=' . getUserData('status')); - destroyMemberSession(); - } - } else { - // Cookie data is invalid! - destroyMemberSession(); - } - } else { - // Cookie data is invalid! + // Account is confirmed and all cookie data is valid so he is definely logged in! :-) + $ret = true; + } // END - if + } // END - if + + // Is $ret still false? + if ($ret === false) { + // Yes, so destroy the session destroyMemberSession(); - } + } // END - if // Cache status - $GLOBALS['is_member'] = $ret; + $GLOBALS[__FUNCTION__] = $ret; // Return status + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret=' . intval($ret)); return $ret; } // Fetch user data for given user id -function fetchUserData ($userid, $column='userid') { +function fetchUserData ($userid, $column = 'userid') { // If we should look for userid secure&set it here if (substr($column, -2, 2) == 'id') { // Secure userid @@ -641,9 +435,9 @@ function fetchUserData ($userid, $column='userid') { setCurrentUserId($userid); // Don't look for invalid userids... - if ($userid < 1) { + if (!isValidUserId($userid)) { // Invalid, so abort here - debug_report_bug('User id ' . $userid . ' is invalid.'); + debug_report_bug(__FUNCTION__, __LINE__, 'User id ' . $userid . ' is invalid.'); } elseif (isUserDataValid()) { // Use cache, so it is fine return true; @@ -653,12 +447,15 @@ function fetchUserData ($userid, $column='userid') { return true; } - // By default none was found $found = false; + // Extra statements + $ADD = ''; + if (isExtensionInstalledAndNewer('user', '0.3.5')) $ADD = ', UNIX_TIMESTAMP(`lock_timestamp`) AS `lock_timestamp`'; + // Query for the user - $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT *".$ADD." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1", array($column, $userid), __FUNCTION__, __LINE__); // Do we have a record? @@ -709,68 +506,67 @@ function fetchUserData ($userid, $column='userid') { } // This patched function will reduce many SELECT queries for the specified or current admin login -function isAdmin ($admin = '') { +function isAdmin () { + // No admin in installation phase! + if ((isInstallationPhase()) || (!isAdminRegistered())) { + return false; + } // END - if + // Init variables - $ret = false; $passCookie = ''; $valPass = ''; - //* DEBUG: */ print(__FUNCTION__.':'.$admin.'
'); + $ret = false; + $adminId = '0'; + $passCookie = ''; + $valPass = ''; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminId); // If admin login is not given take current from cookies... - if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) { + if ((isSessionVariableSet('admin_id')) && (isSessionVariableSet('admin_md5'))) { // Get admin login and password from session/cookies - $admin = getSession('admin_login'); + $adminId = getSession('admin_id'); $passCookie = getSession('admin_md5'); } // END - if - //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'
'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminId.'/'.$passCookie); + + // Abort if admin id is zero + if ($adminId == '0') { + return false; + } // END - if // Do we have cache? - if (!isset($GLOBALS['is_admin'][$admin])) { + if (!isset($GLOBALS[__FUNCTION__][$adminId])) { // Init it with failed - $GLOBALS['is_admin'][$admin] = false; + $GLOBALS[__FUNCTION__][$adminId] = false; // Search in array for entry if (isset($GLOBALS['admin_hash'])) { // Use cached string $valPass = $GLOBALS['admin_hash']; - } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) { + } elseif ((!empty($passCookie)) && (isAdminHashSet($adminId) === true) && (!empty($adminId))) { // Login data is valid or not? - $valPass = generatePassString(getAdminHash($admin)); + $valPass = encodeHashForCookie(getAdminHash($adminId)); // Cache it away $GLOBALS['admin_hash'] = $valPass; // Count cache hits incrementStatsEntry('cache_hits'); - } elseif ((!empty($admin)) && ((!isExtensionActive('cache'))) || (isAdminHashSet($admin) === false)) { - // Search for admin - $result = SQL_QUERY_ESC("SELECT HIGH_PRIORITY `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", - array($admin), __FUNCTION__, __LINE__); - - // Is he admin? - $passDB = ''; - if (SQL_NUMROWS($result) == 1) { - // Admin login was found so let's load password from DB - list($passDB) = SQL_FETCHROW($result); - - // Temporary cache it - setAdminHash($admin, $passDB); - - // Generate password hash - $valPass = generatePassString($passDB); - } // END - if + } elseif ((!empty($adminId)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminId) === false))) { + // Get admin hash and hash it + $valPass = encodeHashForCookie(getAdminHash($adminId)); - // Free memory - SQL_FREERESULT($result); + // Cache it away + $GLOBALS['admin_hash'] = $valPass; } if (!empty($valPass)) { // Check if password is valid - //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
'); - $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache')))); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie)); + $GLOBALS[__FUNCTION__][$adminId] = (($GLOBALS['admin_hash'] == $passCookie) || ((strlen($GLOBALS['admin_hash']) == 32) && ($GLOBALS['admin_hash'] == md5($passCookie))) || (($GLOBALS['admin_hash'] == '*FAILED*') && (!isExtensionActive('cache')))); } // END - if } // END - if // Return result of comparision - return $GLOBALS['is_admin'][$admin]; + return $GLOBALS[__FUNCTION__][$adminId]; } // Generates a list of "max receiveable emails per day" @@ -781,13 +577,13 @@ function addMaxReceiveList ($mode, $default = '', $return = false) { switch ($mode) { case 'guest': // Guests (in the registration form) are not allowed to select 0 mails per day. - $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE value > 0 ORDER BY value", + $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC', __FUNCTION__, __LINE__); break; case 'member': // Members are allowed to set to zero mails per day (we will change this soon!) - $result = SQL_QUERY("SELECT value, comment FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY value", + $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC', __FUNCTION__, __LINE__); break; @@ -797,21 +593,21 @@ function addMaxReceiveList ($mode, $default = '', $return = false) { } // Some entries are found? - if (SQL_NUMROWS($result) > 0) { + if (!SQL_HASZERONUMS($result)) { $OUT = ''; while ($content = SQL_FETCHARRAY($result)) { - $OUT .= " '; } + + // Free memory + SQL_FREERESULT($result); } // Return - hopefully - the requested data @@ -1692,20 +1474,16 @@ function generateOptionList ($table, $id, $name, $default='', $special='', $wher // Activate exchange function FILTER_ACTIVATE_EXCHANGE () { // Is the extension 'user' there? - if ((!isExtensionActive('user')) || (getConfig('activate_xchange') == '0')) { + if ((!isExtensionActive('user')) || (getActivateXchange() == '0')) { // Silently abort here return false; } // END - if // Check total amount of users - $totalUsers = countSumTotalData('CONFIRMED', 'user_data', 'userid', 'status', true, ' AND max_mails > 0'); - - if ($totalUsers >= getConfig('activate_xchange')) { + if (getTotalConfirmedUser() >= getActivateXchange()) { // Activate System - setSqlsArray(array( - "UPDATE `{?_MYSQL_PREFIX?}_mod_reg` SET `locked`='N', `hidden`='N', `mem_only`='Y' WHERE `module`='order' LIMIT 1", - "UPDATE `{?_MYSQL_PREFIX?}_member_menu` SET `visible`='Y', `locked`='N' WHERE `what`='order' OR `what`='unconfirmed' LIMIT 2", - )); + addSql("UPDATE `{?_MYSQL_PREFIX?}_mod_reg` SET `locked`='N', `hidden`='N', `mem_only`='Y' WHERE `module`='order' LIMIT 1"); + addSql("UPDATE `{?_MYSQL_PREFIX?}_member_menu` SET `visible`='Y', `locked`='N' WHERE `what`='order' OR `what`='unconfirmed' LIMIT 2"); // Run SQLs runFilterChain('run_sqls'); @@ -1714,39 +1492,45 @@ function FILTER_ACTIVATE_EXCHANGE () { updateConfiguration('activate_xchange' ,0); // Rebuild cache - rebuildCacheFile('modules', 'modules'); + rebuildCache('modules', 'modules'); } // END - if } // Deletes a user account with given reason function deleteUserAccount ($userid, $reason) { - $points = '0'; + // Init points + $data['points'] = '0'; + $result = SQL_QUERY_ESC("SELECT - (SUM(p.points) - d.used_points) AS points + (SUM(p.`points`) - d.`used_points`) AS `points` FROM `{?_MYSQL_PREFIX?}_user_points` AS p LEFT JOIN `{?_MYSQL_PREFIX?}_user_data` AS d ON - p.userid=d.userid + p.`userid`=d.`userid` WHERE - p.userid=%s", + p.`userid`=%s +LIMIT 1", array(bigintval($userid)), __FUNCTION__, __LINE__); + + // Do we have an entry? if (SQL_NUMROWS($result) == 1) { // Save his points to add them to the jackpot - list($points) = SQL_FETCHROW($result); + $data = SQL_FETCHARRAY($result); // Delete points entries as well - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s", array(bigintval($userid)), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s", + array(bigintval($userid)), __FUNCTION__, __LINE__); // Update mediadata as well if (isExtensionInstalledAndNewer('mediadata', '0.0.4')) { // Update database - updateMediadataEntry(array('total_points'), 'sub', $points); + updateMediadataEntry(array('total_points'), 'sub', $data['points']); } // END - if // Now, when we have all his points adds them do the jackpot! - if (isExtensionActive('jackpot')) addPointsToJackpot($points); + if (isExtensionActive('jackpot')) addPointsToJackpot($data['points']); } // END - if // Free the result @@ -1757,46 +1541,35 @@ WHERE array(bigintval($userid)), __FUNCTION__, __LINE__); // Remove from rallye if found + // @TODO Rewrite this to a filter if (isExtensionActive('rallye')) { SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_rallye_users` WHERE `userid`=%s", array(bigintval($userid)), __FUNCTION__, __LINE__); } // END - if + // Add reason and translate points + $data['text'] = $reason; + // Now a mail to the user and that's all... - $message = loadEmailTemplate('del-user', array('text' => $reason), $userid); - sendEmail($userid, getMessage('ADMIN_DEL_ACCOUNT'), $message); + $message = loadEmailTemplate('del-user', $data, $userid); + sendEmail($userid, '{--ADMIN_DELETE_ACCOUNT--}', $message); // Ok, delete the account! SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", array(bigintval($userid)), __FUNCTION__, __LINE__); } -// Generates meta description for given module and 'what' value -function generateMetaDescriptionCode ($mod, $what) { - // Exclude admin and member's area - if (($mod != 'admin') && ($mod != 'login')) { - // Construct dynamic description - $DESCR = '{?MAIN_TITLE?} '.trim(getConfig('title_middle')) . ' ' . addMenuDescription('guest', 'what-'.$what, true); - - // Output it directly - outputHtml(''); - } // END - if - - // Remove depth - unset($GLOBALS['ref_level']); -} - // Gets the matching what name from module function getWhatFromModule ($modCheck) { // Is the request element set? - if (isGetRequestElementSet('what')) { + if (isGetRequestParameterSet('what')) { // Then return this! - return getRequestElement('what'); + return getRequestParameter('what'); } // END - if // Default is empty $what = ''; - //* DEBUG: */ print(__LINE__.'!'.$modCheck."!
"); + //* DEBUG: */ debugOutput(__LINE__.'!'.$modCheck.'!'); switch ($modCheck) { case 'admin': $what = 'overview'; @@ -1807,7 +1580,7 @@ function getWhatFromModule ($modCheck) { // Is ext-sql_patches installed and newer than 0.0.5? if (isExtensionInstalledAndNewer('sql_patches', '0.0.5')) { // Use it from config - $what = getConfig('index_home'); + $what = getIndexHome(); } else { // Use default 'welcome' $what = 'welcome'; @@ -1834,35 +1607,27 @@ function subtractPoints ($subject, $userid, $points) { 'subject' => $subject, 'userid' => $userid, 'points' => $points, - 'mode' => 'sub' + 'mode' => 'sub', + 'added' => (!SQL_HASZEROAFFECTED()) ); // Insert booking record - runFilterChain('sub_points', $filterData); + $filterData = runFilterChain('sub_points', $filterData); + + // Return result + return $filterData['added']; } // "Getter" for total available receivers -function getTotalReceivers ($mode='normal') { - // Query database - $result_all = SQL_QUERY("SELECT - `userid` -FROM - `{?_MYSQL_PREFIX?}_user_data` -WHERE - `status`='CONFIRMED' AND `receive_mails` > 0 ".runFilterChain('exclude_users', $mode), - __FUNCTION__, __LINE__); - +function getTotalReceivers ($mode = 'normal') { // Get num rows - $numRows = SQL_NUMROWS($result_all); - - // Free result - SQL_FREERESULT($result_all); + $numRows = countSumTotalData('CONFIRMED', 'user_data', 'userid', 'status', true, ' AND `receive_mails` > 0' . runFilterChain('exclude_users', $mode)); // Return value return $numRows; } -// Returns HTML code with an "'; + $OUT = ''; } // Return HTML code @@ -2022,12 +1774,12 @@ function generateReceiverList ($cat, $receiver, $mode = '') { // Category given? if ($cat > 0) { // Select category - $CAT_TABS = "LEFT JOIN `{?_MYSQL_PREFIX?}_user_cats` AS c ON d.userid=c.userid"; - $CAT_WHERE = sprintf(" AND c.cat_id=%s", $cat); + $CAT_TABS = "LEFT JOIN `{?_MYSQL_PREFIX?}_user_cats` AS c ON d.`userid`=c.`userid`"; + $CAT_WHERE = sprintf(" AND c.`cat_id`=%s", $cat); } // END - if // Exclude users in holiday? - if (getExtensionVersion('holiday') >= '0.1.3') { + if (isExtensionInstalledAndNewer('holiday', '0.1.3')) { // Add something for the holiday extension $CAT_WHERE .= " AND d.`holiday_active`='N'"; } // END - if @@ -2065,71 +1817,9 @@ function generateReceiverList ($cat, $receiver, $mode = '') { return $receiverList; } -// Get timestamp for given stats type and data -function getTimestampFromUserStats ($type, $data, $userid = '0') { - // Default timestamp is zero - $stamp = '0'; - - // User id set? - if ((isMemberIdSet()) && ($userid == '0')) { - $userid = getMemberId(); - } // END - if - - // Is the extension installed and updated? - if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) { - // Return zero here - return $stamp; - } // END - if - - // Try to find the entry - $result = SQL_QUERY_ESC("SELECT - UNIX_TIMESTAMP(`inserted`) AS stamp -FROM - `{?_MYSQL_PREFIX?}_user_stats_data` -WHERE - `userid`=%s AND `stats_type`='%s' AND `stats_data`='%s' -LIMIT 1", - array( - bigintval($userid), - $type, - $data - ), __FUNCTION__, __LINE__); - - // Is the entry there? - if (SQL_NUMROWS($result) == 1) { - // Get this stamp - list($stamp) = SQL_FETCHROW($result); - } // END - if - - // Free result - SQL_FREERESULT($result); - - // Return stamp - return $stamp; -} - -// Inserts user stats -function insertUserStatsRecord ($userid, $type, $data) { - // Is the extension installed and updated? - if ((!isExtensionActive('sql_patches')) || (isExtensionOlder('sql_patches', '0.5.6'))) { - // Return zero here - return false; - } // END - if - - // Does it exist? - if ((!getTimestampFromUserStats($type, $data, $userid)) && (!is_array($data))) { - // Then insert it! - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')", - array(bigintval($userid), $type, $data), __FUNCTION__, __LINE__); - } elseif (is_array($data)) { - // Invalid data! - logDebugMessage(__FUNCTION__, __LINE__, "userid={$userid},type={$type},data={".gettype($data).": Invalid statistics data type!"); - } -} - // "Getter" for array for user refs and points in given level function getUserReferalPoints ($userid, $level) { - //* DEBUG: */ print("----------------------- ".__FUNCTION__." - ENTRY ----------------------------------------------- '.__FUNCTION__.' - EXIT ------------------------
'); return $refs; } // Recuce the amount of received emails for the receipients for given email function reduceRecipientReceivedMails ($column, $id, $count) { // Search for mail in database - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `%s`=%s ORDER BY `userid` ASC LIMIT %s", + $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `%s`=%s ORDER BY `userid` ASC LIMIT %s", array($column, bigintval($id), $count), __FUNCTION__, __LINE__); // Are there entries? - if (SQL_NUMROWS($result) > 0) { + if (!SQL_HASZERONUMS($result)) { // Now load all userids for one big query! - // @TODO This can be somehow rewritten - $UIDs = array(); - while (list($userid) = SQL_FETCHROW($result)) { - $UIDs[$userid] = $userid; + $userids = array(); + while ($data = SQL_FETCHARRAY($result)) { + // By default we want to reduce and have no mails found + $num = 0; + + // We must now look if he has already confirmed this mail, so might sound double, but it may resolve problems + // @TODO Rewrite this to a filter + if ((isset($data['stats_id'])) && ($data['stats_id'] > 0)) { + // User email + $num = countSumTotalData($data['userid'], 'user_stats_data', 'id', 'userid', true, sprintf(" AND `stats_type`='mailid' AND `stats_data`=%s", bigintval($data['stats_id']))); + } elseif ((isset($data['bonus_id'])) && ($data['bonus_id'] > 0)) { + // Bonus mail + $num = countSumTotalData($data['userid'], 'user_stats_data', 'id', 'userid', true, sprintf(" AND `stats_type`='bonusid' AND `stats_data`=%s", bigintval($data['bonus_id']))); + } + + // Reduce this users total received emails? + if ($num === 0) $userids[$data['userid']] = $data['userid']; } // END - while - // Now update all user accounts - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `emails_received`=`emails_received`-1 WHERE `userid` IN (%s) LIMIT %s", - array(implode(',', $UIDs), count($UIDs)), __FUNCTION__, __LINE__); + if (count($userids) > 0) { + // Now update all user accounts + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `emails_received`=`emails_received`-1 WHERE `userid` IN (%s) LIMIT %s", + array(implode(',', $userids), count($userids)), __FUNCTION__, __LINE__); + } else { + // Nothing deleted + loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_MAIL_NOTHING_DELETED', $id)); + } } // END - if // Free result @@ -2234,7 +1943,16 @@ function reduceRecipientReceivedMails ($column, $id, $count) { function createNewTask ($subject, $notes, $taskType, $userid = '0', $adminId = '0', $strip = true) { // Insert the task data into the database SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`, `userid`, `status`, `task_type`, `subject`, `text`, `task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())", - array($adminId, $userid, $taskType, $subject, escapeQuotes($notes)), __FUNCTION__, __LINE__, true, $strip); + array( + $adminId, + $userid, + $taskType, + $subject, + $notes + ), __FUNCTION__, __LINE__, true, $strip); + + // Return insert id which is the task id + return SQL_INSERTID(); } // Updates last module / online time