Again some fixes:
authorRoland Häder <roland@mxchange.org>
Sat, 22 Nov 2008 19:47:08 +0000 (19:47 +0000)
committerRoland Häder <roland@mxchange.org>
Sat, 22 Nov 2008 19:47:08 +0000 (19:47 +0000)
- $_GET['what'] was used in sponsor extension, fixed to $GLOBALS['what'] because
  $GLOBALS is secured and $_GET only a bit
- Constant ORDER_ALLOWED_UNKNOWN added
- Template "admin_data_saved" is now deprecated

inc/databases.php
inc/language/order_de.php
inc/libs/sponsor_functions.php
inc/modules/admin/what-adminedit.php
inc/modules/admin/what-guestedit.php
inc/modules/admin/what-memedit.php
templates/de/html/admin/admin_data_saved.tpl

index 0bd032d..e13d1a8 100644 (file)
@@ -114,7 +114,7 @@ define('USAGE_BASE', "usage");
 define('SERVER_URL', "http://www.mxchange.org");
 
 // This current patch level
-define('CURR_SVN_REVISION', "541");
+define('CURR_SVN_REVISION', "542");
 
 // Take a prime number which is long (if you know a longer one please try it out!)
 define('_PRIME', 591623);
index 158b146..23a7d57 100644 (file)
@@ -49,6 +49,7 @@ define('ORDER_ALLOWED_RECEIVE_2', "</STRONG> von <STRONG>");
 define('ORDER_ALLOWED_RECEIVE_3', "</STRONG> Mailbuchungen aufgeben.");
 define('MEMBER_ORDER_MAX_ALLOWED', "Maximale Mailbuchungen");
 define('ORDER_ALLOED_MAX', "Sie k&ouml;nnen solange Mailbuchungen aufgeben, bis alle Mitglieder nicht mehr empfangsbereit sind.");
+define('ORDER_ALLOWED_UNKNOWN', "Fehler in Konfiguration erkannt! Bitte den Administrator benachrichtigen.");
 define('MEMBER_ORDER_ALLOWED_EXHAUSTED', "Sie k&ouml;nnen keine weiteren Mails mehr versenden, oder stellen Sie bitte den Empfang h&ouml;her ein.");
 define('MEMBER_MIN_RECS_1', "Minimum:");
 define('MEMBER_MIN_RECS_2', "");
index 340958e..c160234 100644 (file)
@@ -81,7 +81,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
                                                SQL_FREERESULT($result);
 
                                                // Yes, he is!
-                                               if (($_GET['what'] == "add_sponsor") || ($NO_UPDATE))
+                                               if (($GLOBALS['what'] == "add_sponsor") || ($NO_UPDATE))
                                                {
                                                        // Already found!
                                                        $ALREADY = true;
@@ -181,7 +181,7 @@ function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_ST
                        // Add new sponsor, first add more data
                        $DATA['keys'][] = "sponsor_created"; $DATA['values'][] = time();
                        $DATA['keys'][] = "status";
-                       if ((!$NO_UPDATE) && (IS_ADMIN()) && ($_GET['what'] == "add_sponsor"))
+                       if ((!$NO_UPDATE) && (IS_ADMIN()) && ($GLOBALS['what'] == "add_sponsor"))
                        {
                                // Only allowed for admin
                                $DATA['values'][] = "PENDING";
@@ -539,7 +539,7 @@ function SPONSOR_SAVE_DATA($POST, $content)
        $DATA[] = $_COOKIE['sponsorpass'];
 
        // Saving data was completed... ufff...
-       switch ($_GET['what'])
+       switch ($GLOBALS['what'])
        {
        case "account": // Change account data
                if ($EMAIL)
@@ -568,8 +568,8 @@ function SPONSOR_SAVE_DATA($POST, $content)
                break;
 
        default: // Unknown sponsor what value!
-               DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown sponsor module (what) %s detected.", $_GET['what']));
-               $MSG = SPONSOR_UNKNOWN_WHAT_1.$_GET['what'].SPONSOR_UNKNOWN_WHAT_2;
+               DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown sponsor module (what) %s detected.", $GLOBALS['what']));
+               $MSG = SPONSOR_UNKNOWN_WHAT_1.$GLOBALS['what'].SPONSOR_UNKNOWN_WHAT_2;
                $templ = ""; $subj = "";
                break;
        }
@@ -601,7 +601,7 @@ function SPONSOR_SAVE_DATA($POST, $content)
                                // to the old address
 
                                // First to old address
-                               switch ($_GET['what'])
+                               switch ($GLOBALS['what'])
                                {
                                case "account": // Change account data
                                        $email_msg = LOAD_EMAIL_TEMPLATE("sponsor_change_data", $content);
index 688b575..6e66b07 100644 (file)
@@ -175,7 +175,7 @@ WHERE ".$AND." AND id=%s LIMIT 1",
                CACHE_PURGE_ADMIN_MENU(0, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel]);
 
                // Load template
-               LOAD_TEMPLATE("admin_data_saved");
+               LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
                break;
 
        case "del": // Delete menu
@@ -186,7 +186,7 @@ WHERE ".$AND." AND id=%s LIMIT 1",
                } // END - foreach
 
                // Load template
-               LOAD_TEMPLATE("admin_data_saved");
+               LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
                break;
 
        default: // Unexpected action
index dc1d4ba..8d295b2 100644 (file)
@@ -160,7 +160,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array($menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], $sel),__FILE__, __LINE__);
                }
-               LOAD_TEMPLATE("admin_data_saved");
+               LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
                break;
 
        case "del": // Delete menu
@@ -170,7 +170,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
                        $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($sel)), __FILE__, __LINE__);
                }
-               LOAD_TEMPLATE("admin_data_saved");
+               LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
                break;
 
        case "status": // Change access levels
@@ -183,7 +183,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
                }
-               LOAD_TEMPLATE("admin_data_saved");
+               LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
                break;
 
        default: // Unexpected action
index 2c464b2..2b6238e 100644 (file)
@@ -218,15 +218,14 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
        }
 
        // Load template
-       LOAD_TEMPLATE("admin_data_saved");
-}
- else
-{
-       if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
-       {
+       LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
+} else {
+       if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) {
+               // Init
+               $tid = ""; $fid = "";
+
                // Get IDs
-               if (!empty($_GET['w']))
-               {
+               if (!empty($_GET['w'])) {
                        // Sub menus selected
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND sort='%s' LIMIT 1",
                         array(bigintval($_GET['act']), bigintval($_GET['tid'])), __FILE__, __LINE__);
@@ -236,9 +235,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
                         array(bigintval($_GET['act']), bigintval($_GET['fid'])), __FILE__, __LINE__);
                        list($fid) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
-               }
-                else
-               {
+               } else {
                        // Main menu selected
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
                         array(bigintval($_GET['tid'])), __FILE__, __LINE__);
@@ -248,14 +245,13 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
                        list($fid) = SQL_FETCHROW($result);
                }
 
-               if ((!empty($tid)) && (!empty($fid)))
-               {
+               if ((!empty($tid)) && (!empty($fid))) {
                        // Sort menu
                        $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
                        $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
-               }
+               } // END - -fi
        }
 
        if (!empty($SUB))
index 3cdc3d4..8be4403 100644 (file)
@@ -1,15 +1 @@
-<TABLE border="0" cellspacing="0" cellpadding="0" width="450"
-       class="admin_table dashed">
-       <TR>
-               <TD class="admin_done" height="14" colspan="3"></TD>
-       </TR>
-       <TR>
-               <TD class="admin_done" rowspan="3" width="7">&nbsp;</TD>
-               <TD class="admin_done" align="center"><SPAN class="admin_done2">{--SAVING_DATA--}...</SPAN>&nbsp;<STRONG><SPAN
-                       class="admin_done">{--SAVING_DONE--}</SPAN></STRONG></TD>
-               <TD class="admin_done" rowspan="3" width="7">&nbsp;</TD>
-       </TR>
-       <TR>
-               <TD class="admin_done" height="14" colspan="3"></TD>
-       </TR>
-</TABLE>
\ No newline at end of file
+<!-- DEPRECATED! //-->