X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=modules.php;h=0b111174af4508e3aaa7040b9fd4e310e3154a5e;hp=f8fbe88fb7616f5c9e4bc5ae0d07c857426929ee;hb=5ae157f2010b3aae3c6f2ecdc6ec7c30b305be4a;hpb=307a4e11763f0914e73dc756b219356e1c29ab25

diff --git a/modules.php b/modules.php
index f8fbe88fb7..0b111174af 100644
--- a/modules.php
+++ b/modules.php
@@ -31,76 +31,80 @@
  * MA  02110-1301  USA                                                  *
  ************************************************************************/
 
-// APD call (if you have this apache extension and want to debug this script for us)
-//apd_set_pprof_trace();
+// XDEBUG call
+//xdebug_start_trace();
 
 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require_once ("inc/libs/security_functions.php");
+require("inc/libs/security_functions.php");
 
 // Init "action" and "what"
 global $what, $action, $startTime;
 $GLOBALS['startTime'] = microtime(true);
-$CSS = 0;
+$GLOBALS['output_mode'] = 0;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
 $GLOBALS['userid'] = 0;
 
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
+// Fix missing module to "index"
 if (empty($_GET['module'])) $_GET['module'] = "index";
 
+// Secure action/what if present
+if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
+if (!empty($_GET['what']))   $GLOBALS['what']   = secureString($_GET['what']);
+
 // Secure the module name (very important line!)
-$GLOBALS['module'] = htmlentities(strip_tags($_GET['module']), ENT_QUOTES);
+$GLOBALS['module'] = secureString($_GET['module']);
 
 // Needed include files
-require ("inc/config.php");
+require("inc/config.php");
 
 // Check if logged in
-if (IS_LOGGED_IN())
-{
+if (IS_MEMBER()) {
 	// Is still logged in so we welcome him with his name
-	$result = SQL_QUERY_ESC("SELECT surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+	$result = SQL_QUERY_ESC("SELECT surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
 	 array($GLOBALS['userid']), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) == 1)
-	{
+	if (SQL_NUMROWS($result) == 1) {
 		// Load surname and family's name and build the username
 		list($s, $f) = SQL_FETCHROW($result);
 		$username = $s." ".$f;
 
-		// Update only cookies and no login data!
-		UPDATE_LOGIN_DATA(false);
-	}
-	 else
-	{
+		// Additionally admin?
+		if (IS_ADMIN()) {
+			// Add it
+			$username .= " ({!_ADMIN_SHORT!})";
+		} // END - if
+	} else {
+		// Hmmm, logged in and no valid userid?
+		$username = "<em>{!_UNKNOWN!}</em>";
+
+		// Destroy session
+		destroy_user_session();
 
-		// Hmmm, logged in and no valid cookies???
-		$username = "<I>"._UNKNOWN."</I>";
+		// Kill userid
+		$GLOBALS['userid'] = 0;
 	}
 
 	// Free memory
 	SQL_FREERESULT($result);
-}
- elseif (IS_ADMIN())
-{
-	$username = _ADMIN;
-}
- else
-{
+} elseif (IS_ADMIN()) {
+	// Admin is there
+	$username = getMessage('_ADMIN');
+} else {
 	// He's a guest, hello there... ;-)
-	$username = _GUEST;
+	$username = getMessage('_GUEST');
 }
 
 // The header file
-include (PATH."inc/header.php");
+LOAD_INC_ONCE("inc/header.php");
 
 // Modules are by default not valid!
 $MOD_VALID = false; $check = "failed";
-if ((!empty($_CONFIG['maintenance'])) && ($_CONFIG['maintenance'] == "Y") && (!IS_ADMIN()) && ($GLOBALS['module'] != "admin"))
-{
+if ((getConfig('maintenance') == "Y") && (!IS_ADMIN()) && ($GLOBALS['module'] != "admin")) {
 	// Maintain mode is active and you are no admin
-	ADD_FATAL(LANG_DOWN_MAINTAINCE);
-}
- elseif (($link) && ($db) && (sizeof($FATAL) == 0))
-{
+	addFatalMessage(getMessage('LANG_DOWN_MAINTAINCE'));
+} elseif ((SQL_IS_LINK_UP()) && (getTotalFatalErrors() == 0)) {
+	// Construct module name
+	define('__MODULE', sprintf("inc/modules/%s.php", SQL_ESCAPE($GLOBALS['module'])));
+
 	// Did we found the module listed in allowed modules and are we successfully connected?
 	$check = CHECK_MODULE($GLOBALS['module']);
 	switch ($check)
@@ -108,62 +112,53 @@ if ((!empty($_CONFIG['maintenance'])) && ($_CONFIG['maintenance'] == "Y") && (!I
 	case "admin_only":
 	case "mem_only":
 	case "done":
-		// Construct module name
-		define('__MODULE', sprintf(PATH."inc/modules/%s.php", $GLOBALS['module']));
-
 		// Does the module exists on local file system?
-		if (((file_exists(__MODULE)) || (!empty($URL))) && (sizeof($FATAL) == 0))
-		{
+		if ((FILE_READABLE(constant('__MODULE'))) && (getTotalFatalErrors() == 0)) {
 			// Module is valid, active and located on the local disc...
 			$MOD_VALID = true;
-		}
-		 elseif (!empty($URL))
-		{
+		} elseif (!empty($URL)) {
 			// An URL was specified so we load the de-referrer module
-			include (PATH."inc/loader.php");
-		}
-		 elseif (sizeof($FATAL) == 0)
-		{
-			ADD_FATAL(LANG_MOD_REG_404_1.$GLOBALS['module'].LANG_MOD_REG_404_2);
+			LOAD_URL(DEREFERER($URL));
+		} elseif (getTotalFatalErrors() == 0) {
+			addFatalMessage(sprintf(getMessage('LANG_MOD_REG_404'), $GLOBALS['module']));
 		}
 		break;
 
 	case "404":
-		ADD_FATAL(LANG_MOD_REG_404_1.$GLOBALS['module'].LANG_MOD_REG_404_2);
+		addFatalMessage(sprintf(getMessage('LANG_MOD_REG_404'), $GLOBALS['module']));
 		break;
 
 	case "locked":
-		if (!file_exists(PATH."inc/modules/".$GLOBALS['module'].".php"))
-		{
+		if (!FILE_READABLE(constant('__MODULE'))) {
 			// Module does addionally not exists
-			ADD_FATAL(LANG_MOD_REG_404_1.$GLOBALS['module'].LANG_MOD_REG_404_2);
-		}
-		ADD_FATAL(LANG_MOD_LOCKED_1.$GLOBALS['module'].LANG_MOD_LOCKED_2);
+			addFatalMessage(sprintf(getMessage('LANG_MOD_REG_404'), $GLOBALS['module']));
+		} // END - if
+
+		// Add fatal message
+		addFatalMessage(sprintf(getMessage('LANG_MOD_REG_LOCKED'), $GLOBALS['module']));
 		break;
 
 	default:
-		ADD_FATAL(LANG_MOD_UNKNOWN_1.$check.LANG_MOD_UNKNOWN_2);
+		DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown status %s return from module check. Module=%s", $check, $GLOBALS['module']));
+		addFatalMessage(sprintf(getMessage('LANG_MOD_REG_UNKNOWN'), $check));
 		break;
 	}
-}
- elseif (sizeof($FATAL) == 0)
-{
+} elseif (getTotalFatalErrors() == 0) {
 	// MySQL problems!
-	ADD_FATAL(MYSQL_ERRORS);
+	addFatalMessage(getMessage('MYSQL_ERRORS'));
 }
 
-if ($MOD_VALID)
-{
+if (($MOD_VALID) && (defined('__MODULE'))) {
 	/////////////////////////////////////////////
 	// Main including line DO NOT REMOVE/EDIT! //
 	/////////////////////////////////////////////
 	//
 	// Everything is okay so we can load the module
-	include (__MODULE);
-}
+	LOAD_INC_ONCE(constant('__MODULE'));
+} // END - if
 
 // Next-to-end add the footer
-include (PATH."inc/footer.php");
+LOAD_INC_ONCE("inc/footer.php");
 
 //
 ?>