query masking rewritten in more SQLs, several cleanups and fix on beg link
authorRoland Häder <roland@mxchange.org>
Mon, 11 Feb 2008 21:54:21 +0000 (21:54 +0000)
committerRoland Häder <roland@mxchange.org>
Mon, 11 Feb 2008 21:54:21 +0000 (21:54 +0000)
48 files changed:
beg.php
inc/databases.php
inc/db/lib-mysql3.php
inc/doubler_send.php
inc/extensions.php
inc/extensions/ext-sql_patches.php
inc/libs/admins_functions.php
inc/libs/autopurge_functions.php
inc/libs/cache_functions.php
inc/libs/rallye_functions.php
inc/modules/admin/admin-inc.php
inc/modules/admin/what-add_points.php
inc/modules/admin/what-config_active.php
inc/modules/admin/what-config_admin.php
inc/modules/admin/what-config_autopurge.php
inc/modules/admin/what-config_beg.php
inc/modules/admin/what-config_birthday.php
inc/modules/admin/what-config_bonus.php
inc/modules/admin/what-config_cache.php
inc/modules/admin/what-config_doubler.php
inc/modules/admin/what-config_extensions.php
inc/modules/admin/what-config_holiday.php
inc/modules/admin/what-config_home.php
inc/modules/admin/what-config_mediadata.php
inc/modules/admin/what-config_newsletter.php
inc/modules/admin/what-config_nickname.php
inc/modules/admin/what-config_order.php
inc/modules/admin/what-config_other.php
inc/modules/admin/what-config_refid.php
inc/modules/admin/what-config_reg.php
inc/modules/admin/what-config_register2.php
inc/modules/admin/what-config_rewrite.php
inc/modules/admin/what-config_secure.php
inc/modules/admin/what-config_stats.php
inc/modules/admin/what-config_title.php
inc/modules/admin/what-config_top10.php
inc/modules/admin/what-config_transfer.php
inc/modules/admin/what-config_user.php
inc/modules/admin/what-config_wernis.php
inc/modules/admin/what-theme_edit.php
inc/modules/member/what-payout.php
inc/modules/member/what-points.php
inc/modules/member/what-transfer.php
inc/monthly/monthly_beg.php
inc/monthly/monthly_bonus.php
inc/mysql-manager.php
inc/pool-update.php
inc/reset/reset_daily.php

diff --git a/beg.php b/beg.php
index baffdec..8ce9419 100644 (file)
--- a/beg.php
+++ b/beg.php
@@ -37,42 +37,36 @@ require_once("inc/libs/security_functions.php");
 // Init "action" and "what"
 global $what, $action;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
 
 // Set module
 $GLOBALS['module'] = "beg";
 $GLOBALS['refid']  = 0;
 $CSS = -1;
+$msg = null;
 
 // Load the required file(s)
 require ("inc/config.php");
 
 // Is the script installed?
-if (defined('mxchange_installed') && (mxchange_installed))
-{
+if (defined('mxchange_installed') && (mxchange_installed)) {
        // Check for userid
-       if (!empty($_GET['uid']))
-       {
+       if (!empty($_GET['uid'])) {
+               // Init user ID
                $uid = 0;
-               if (bigintval($_GET['uid']) != $_GET['uid'])
-               {
-                       if (EXT_IS_ACTIVE("nickname"))
-                       {
+
+               // Validate if it is not a number
+               if (bigintval($_GET['uid']) !== "".$_GET['uid']."") {
+                       if (EXT_IS_ACTIVE("nickname")) {
                                // Maybe we have found a nickname?
                                $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                                 array($_GET['uid']), __FILE__, __LINE__);
-                       }
-                        else
-                       {
+                       } else {
                                // Nickname entered but nickname is not active
                                $msg = CODE_EXTENSION_PROBLEM;
                                $uid = -1;
                                $result = false;
                        }
-               }
-                else
-               {
+               } else {
                        // Direct userid
                        $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
                         array(bigintval($_GET['uid'])), __FILE__, __LINE__);
@@ -80,19 +74,16 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                // Check if locked in so don't pay points
                $login = false; $status = "failed";
-               if (IS_LOGGED_IN())
-               {
+               if (IS_LOGGED_IN()) {
                        // Logged in user detected!
                        $login = true;
                }
 
                // Check if account was found
-               if ((SQL_NUMROWS($result) == 1) && ($result != false))
-               {
+               if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
                        // Found an ID so we simply set it
                        list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
-                       if ($status == "CONFIRMED")
-                       {
+                       if ($status == "CONFIRMED") {
                                // Secure userid
                                $uid = bigintval($uid);
 
@@ -109,9 +100,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                define('__BEG_CLICKS', ($clicks + 1));
                                define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
                                define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
-                       }
-                        else
-                       {
+                       } else {
                                // Other status
                                $uid = "0";
                        }
@@ -120,8 +109,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                // Free memory
                SQL_FREERESULT($result);
 
-               if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
-               {
+               if (($uid > 0) && ($CONFIG['beg_uid'] != $uid)) {
                        // Update counter
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
                         array($uid), __FILE__, __LINE__);
@@ -129,13 +117,11 @@ if (defined('mxchange_installed') && (mxchange_installed))
                        // Check for last entry for userid w/o IP number
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
                         array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
-                       if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
-                       {
+                       if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login)) {
                                // Free memory
                                SQL_FREERESULT($result);
 
-                               if (!IS_ADMIN())
-                               {
+                               if (!IS_ADMIN()) {
                                        // Remember remote address, userid and timestamp for next click
                                        // but only when there is no admin begging.
                                        // Admins shall be able to test it!
@@ -148,28 +134,23 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == 'N')) $locked = true;
 
                                // Is begging rallye active?
-                               if ($CONFIG['beg_rallye'] == 'Y')
-                               {
+                               if ($CONFIG['beg_rallye'] == 'Y') {
                                        // Add points to rallye account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
                                         array($POINTS, $uid), __FILE__, __LINE__);
-                               }
-                                else
-                               {
+                               } else {
                                        // Add points to account
                                        ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
                                }
 
                                // Subtract begged points from member account if the admin has selected one
-                               if ($CONFIG['beg_uid'] > 0)
-                               {
+                               if ($CONFIG['beg_uid'] > 0) {
                                        // Subtract from this account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
                                         array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
 
                                        // Update mediadata as well
-                                       if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-                                       {
+                                       if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
                                                // Update database
                                                MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
                                        }
@@ -177,17 +158,13 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                                // Set message
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
-                       }
-                        elseif ($login)
-                       {
+                       } elseif ($login) {
                                // Logged in user found!
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
 
                                // Free memory
                                SQL_FREERESULT($result);
-                       }
-                        else
-                       {
+                       } else {
                                // Free memory
                                SQL_FREERESULT($result);
 
@@ -203,54 +180,42 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                        // Include footer
                        require_once(PATH."inc/footer.php");
-               }
-                elseif (($status != "CONFIRMED") && ($status != "failed"))
-               {
+               } elseif (($status != "CONFIRMED") && ($status != "failed")) {
                        // Maybe locked/unconfirmed account?
-                       switch ($status)
-                       {
+                       switch ($status) {
                                case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
                                case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
                        }
-               }
-                elseif (($uid == "0") || ($status == "failed"))
-               {
+               } elseif (($uid == "0") || ($status == "failed")) {
                        // Inalid or locked account, so let's find out
                        $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                         array($_GET['uid']), __FILE__, __LINE__);
-                       if (SQL_NUMROWS($result) == 1)
-                       {
+                       if (SQL_NUMROWS($result) == 1) {
                                // Locked account
                                $msg = CODE_ACCOUNT_LOCKED;
-                       }
-                        else
-                       {
+                       } else {
                                // Invalid nickname! (404)
                                $msg = CODE_USER_404;
                        }
 
                        // Free memory
                        SQL_FREERESULT($result);
-               }
-                elseif ($uid = $CONFIG['beg_uid'])
-               {
+               } elseif ($uid == $CONFIG['beg_uid']) {
                        // Webmaster's ID cannot beg for points!
                        $msg = CODE_BEG_SAME_AS_OWN;
                }
 
                // Reload to index module
+               die("-".$msg."-");
                if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
-       }
-        else
-       {
+       } else {
                // No userid entered
                LOAD_URL(URL."/modules.php?module=index");
        }
-}
- else
-{
+} else {
        // You have to configure first!
        LOAD_URL(URL."/install.php");
 }
+
 // Really all done here... ;-)
 ?>
index 4e453ed..fb6ab7e 100644 (file)
@@ -39,38 +39,38 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
 }
 
 // System-wide return codes
-define('CODE_WRONG_PASS'       ,  "1");
-define('CODE_WRONG_ID'         ,  "2");
-define('CODE_ID_LOCKED'        ,  "3");
-define('CODE_ID_UNCONFIRMED'   ,  "4");
-define('CODE_UNKNOWN_STATUS'   ,  "5");
-define('CODE_NO_COOKIES'       ,  "6");
-define('CODE_CNTR_FAILED'      ,  "8");
-define('CODE_LOGOUT_DONE'      ,  "8");
-define('CODE_LOGOUT_FAILED'    ,  "9");
-define('CODE_URL_TLOCK'        , "10");
-define('CODE_URL_FOUND'        , "11");
-define('CODE_OVERLENGTH'       , "12");
-define('CODE_SUBJ_URL'         , "13");
-define('CODE_BLIST_URL'        , "14");
-define('CODE_NO_RECS_LEFT'     , "15");
-define('CODE_INVALID_TAGS'     , "16");
-define('CODE_MORE_POINTS'      , "18");
-define('CODE_COOKIES_DISABLED' , "18");
-define('CODE_DATA_INVALID'     , "19");
-define('CODE_POSSIBLE_INVALID' , "20");
-define('CODE_ACCOUNT_LOCKED'   , "21");
-define('CODE_USER_404'         , "22");
-define('CODE_STATS_404'        , "23");
-define('CODE_ALREADY_CONFIRMED', "24");
-define('CODE_ERROR_MAILID'     , "25");
-define('CODE_EXTENSION_PROBLEM', "26");
-define('CODE_MORE_RECEIVERS1'  , "28");
-define('CODE_MORE_RECEIVERS2'  , "28");
-define('CODE_MORE_RECEIVERS3'  , "29");
-define('CODE_INVALID_URL'      , "30");
-define('CODE_MENU_NOT_VALID'   , "31");
-define('CODE_LOGIN_FAILED'     , "32");
+define('CODE_WRONG_PASS'       ,  1);
+define('CODE_WRONG_ID'         ,  2);
+define('CODE_ID_LOCKED'        ,  3);
+define('CODE_ID_UNCONFIRMED'   ,  4);
+define('CODE_UNKNOWN_STATUS'   ,  5);
+define('CODE_NO_COOKIES'       ,  6);
+define('CODE_CNTR_FAILED'      ,  8);
+define('CODE_LOGOUT_DONE'      ,  8);
+define('CODE_LOGOUT_FAILED'    ,  9);
+define('CODE_URL_TLOCK'        , 10);
+define('CODE_URL_FOUND'        , 11);
+define('CODE_OVERLENGTH'       , 12);
+define('CODE_SUBJ_URL'         , 13);
+define('CODE_BLIST_URL'        , 14);
+define('CODE_NO_RECS_LEFT'     , 15);
+define('CODE_INVALID_TAGS'     , 16);
+define('CODE_MORE_POINTS'      , 18);
+define('CODE_COOKIES_DISABLED' , 18);
+define('CODE_DATA_INVALID'     , 19);
+define('CODE_POSSIBLE_INVALID' , 20);
+define('CODE_ACCOUNT_LOCKED'   , 21);
+define('CODE_USER_404'         , 22);
+define('CODE_STATS_404'        , 23);
+define('CODE_ALREADY_CONFIRMED', 24);
+define('CODE_ERROR_MAILID'     , 25);
+define('CODE_EXTENSION_PROBLEM', 26);
+define('CODE_MORE_RECEIVERS1'  , 28);
+define('CODE_MORE_RECEIVERS2'  , 28);
+define('CODE_MORE_RECEIVERS3'  , 29);
+define('CODE_INVALID_URL'      , 30);
+define('CODE_MENU_NOT_VALID'   , 31);
+define('CODE_LOGIN_FAILED'     , 32);
 
 // Full version string: /([0-9]){1}\.([0-9]){1}\.([0-9]){1}(-(alpha|beta|pre|rc([1-3]))([0-9]+))?/
 // If you understand regular expressions ^^^ you may know how I versionize... ;-)
index 5d2cfd9..fc424e0 100644 (file)
@@ -49,6 +49,9 @@ function SQL_QUERY($sql_string, $F, $L, $compile=false)
 ".MYSQL_QUERY_STRING."<BR>
 ".$sql_string);
 
+        // Debug output
+        print "Query=<em>".$sql_string."</em>, affected=<b>".SQL_AFFECTEDROWS()."</b>, numrows=<b>".SQL_NUMROWS($result)."</b><br />\n";
+
        if (($CSS != "1") && ($CSS != "-1") && (DEBUG_MODE) && (DEBUG_SQL))
        {
                //
@@ -174,7 +177,8 @@ function SQL_CLOSE($link, $F, $L)
        if ((GET_EXT_VERSION("cache") >= "0.0.7") && (isset($CONFIG['db_hits'])) && (isset($CONFIG['cache_hits'])) && (is_object($CACHE)))
        {
                // Update counter for db/cache
-               $result = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET db_hits='".$CONFIG['db_hits']."', cache_hits='".$CONFIG['cache_hits']."' WHERE config='0' LIMIT 1", __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET db_hits=%d, cache_hits=%d WHERE config='0' LIMIT 1",
+                       array(bigintval($CONFIG['db_hits']), bigintval($CONFIG['cache_hits'])), __FILE__, __LINE__);
 
                // Update cache here
                if (GET_EXT_VERSION("cache") >= "0.1.2")
index c10ece3..a6ee2d0 100644 (file)
@@ -112,7 +112,7 @@ if (((SQL_NUMROWS($result_total) > 0) && ($CONFIG['doubler_sent_all'] == 'Y')) |
                        if ($uid != $CONFIG['doubler_uid'])
                        {
                                // Add points
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
                                 array($points, bigintval($uid)), __FILE__, __LINE__);
 
                                // Update mediadata as well
index e8675c7..c127493 100644 (file)
@@ -319,24 +319,22 @@ function EXT_IS_ACTIVE ($ext_name, $ignore_admin=false, $ignore_cache=false)
                )
        );
 }
-//
-function GET_EXT_VERSION ($ext_name)
-{
-       global $EXTENSIONS, $CONFIG;
+// Get version from extensions
+function GET_EXT_VERSION ($ext_name) {
+       global $EXTENSIONS, $CONFIG, $CACHE;
+       $ret = false;
+
        // Extensions are all inactive during installation
        if ((!mxchange_installed) || (mxchange_installing)) return "";
 
        // Is the cache written?
-       if (!empty($EXTENSIONS['ext_version'][$ext_name]))
-       {
+       if (!empty($EXTENSIONS['ext_version'][$ext_name])) {
                // Load data from cache
                $ret = $EXTENSIONS['ext_version'][$ext_name];
 
                // Count cache hits
-               if (isset($CONFIG['cache_hits'])) $CONFIG['cache_hits']++;
-       }
-        else
-       {
+               if (isset($CONFIG['cache_hits'])) $CONFIG['cache_hits']++; else $CONFIG['cache_hits'] = 1;
+       } elseif (!is_object($CACHE)) {
                // Load from database
                $result = SQL_QUERY_ESC("SELECT ext_version FROM "._MYSQL_PREFIX."_extensions WHERE ext_name='%s' LIMIT 1",
                 array($ext_name), __FILE__, __LINE__);
index 998a9c4..0a2a307 100644 (file)
@@ -513,6 +513,13 @@ PRIMARY KEY (id)
                // Update notes (these will be set as task text!)
                $UPDATE_NOTES = "Email-Verwaltung nach Email-Management umbenannt.";
                break;
+
+       case "0.4.1": // SQL queries for v0.4.1
+               $SQLs[] = " ALTER TABLE `"._MYSQL_PREFIX."_user_data` DROP INDEX `status` , ADD INDEX `status` ( `status` , `max_mails` )";
+
+               // Update notes (these will be set as task text!)
+               $UPDATE_NOTES = "Tabellen-Schl&uuml;ssel neu gesetzt.";
+               break;
        }
        break;
 
index e3e1ca6..eb79a8c 100644 (file)
@@ -40,24 +40,22 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
 //
 function ADMINS_CHECK_ACL($act, $wht)
 {
-       global $_COOKIE, $ADMINS, $ADMINS_ACLS, $CONFIG;
+       global $ADMINS, $ADMINS_ACLS, $CONFIG, $CACHE;
        // If action is login or logout allow allways!
+       $default = "allow";
        if (($act == "login") || ($act == "logout")) return true;
 
        // Default is deny
        $ret = false;
 
        // Get admin's defult access right
-       if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']]))
-       {
+       if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']])) {
                // Load from cache
                $default = $ADMINS['def_acl'][$_COOKIE['admin_login']];
 
                // Count cache hits
                $CONFIG['cache_hits']++;
-       }
-        else
-       {
+       } elseif (!is_object($CACHE)) {
                // Load from database
                $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
                 array($_COOKIE['admin_login']), __FILE__, __LINE__);
index 7318af1..f6bd9f3 100644 (file)
@@ -67,7 +67,7 @@ function AUTOPURGE_ADD_POINTS($uid, $points)
         else
        {
                // .. to user's account
-               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
                 array($target, $target, $points, bigintval($uid)), __FILE__, __LINE__);
 
                // Update mediadata as well
index be3b0ce..19cebed 100644 (file)
@@ -49,8 +49,7 @@ class mxchange_cache
         var $cache_pointer = false;
 
         // Constructor
-        function mxchange_cache($interval, $path, $tested)
-        {
+        function mxchange_cache($interval, $path, $tested) {
                 // Remember interval in class
                 $this->update_interval=$interval;
 
index 53eee41..b498578 100644 (file)
@@ -109,7 +109,7 @@ function RALLYE_AUTOSTART_RALLYES($result)
 FROM "._MYSQL_PREFIX."_user_points AS p
 LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
 ON p.userid=d.userid
-WHERE d.status='CONFIRMED' AND d.max_mails > 0 AND d.mails_confirmed >= %s AND p.ref_depth='1' AND p.points > 0 AND d.userid=%d",
+WHERE d.status='CONFIRMED' AND d.max_mails > 0 AND d.mails_confirmed >= %s AND p.ref_depth=1 AND p.points > 0 AND d.userid=%d",
  array($CONFIG['ref_payout'], bigintval($uid)), __FILE__, __LINE__);
                        list($cpoints) = SQL_FETCHROW($result_ref);
                        SQL_FREERESULT($result_ref);
@@ -233,7 +233,7 @@ WHERE u.rallye_id=%d AND r.counter > 0 ORDER BY u.refs DESC",
                $result_ref = SQL_QUERY_ESC("SELECT DISTINCT p.points FROM "._MYSQL_PREFIX."_user_points AS p
 LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
 ON p.userid=d.userid
-WHERE d.userid=%d AND d.status='CONFIRMED' AND p.ref_depth='1' AND d.max_mails > 0 AND d.mails_confirmed >= %s AND d.last_online >= %s
+WHERE d.userid=%d AND d.status='CONFIRMED' AND p.ref_depth=1 AND d.max_mails > 0 AND d.mails_confirmed >= %s AND d.last_online >= %s
 LIMIT 1", array(bigintval($uid), $CONFIG['ref_payout'], $since), __FILE__, __LINE__);
                list($refpoints) = SQL_FETCHROW($result_ref);
                SQL_FREERESULT($result_ref);
@@ -406,7 +406,7 @@ LIMIT 1", array(bigintval($uid), $since), __FILE__, __LINE__);
                        if ($DATA['points'] > 0)
                        {
                                // Add points directly to user's account
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
                                 array($DATA['points'], bigintval($uid)), __FILE__, __LINE__);
 
                                // Update mediadata as well
@@ -564,7 +564,7 @@ function RALLYE_LOAD_USERS_ARRAY($rallye)
 FROM "._MYSQL_PREFIX."_user_points AS p
 LEFT JOIN "._MYSQL_PREFIX."_user_data AS d
 ON p.userid=d.userid
-WHERE d.status='CONFIRMED' AND d.max_mails > 0 AND d.mails_confirmed >= %s AND p.ref_depth='1' AND p.points > 0 AND d.userid=%d",
+WHERE d.status='CONFIRMED' AND d.max_mails > 0 AND d.mails_confirmed >= %s AND p.ref_depth=1 AND p.points > 0 AND d.userid=%d",
  array($CONFIG['ref_payout'], bigintval($uid)), __FILE__, __LINE__);
                list($refpoints) = SQL_FETCHROW($result_ref);
                SQL_FREERESULT($result_ref);
index 0ee1d51..6efa17c 100644 (file)
@@ -522,7 +522,7 @@ function ADMIN_MENU_SELECTION($MODE, $default="", $defid="")
        return $OUT;
 }
 //
-function ADMIN_SAVE_SETTINGS (&$POST, $TABLE, $WHERE="config='1'", $translateComma = array(), $alwaysAdd=false)
+function ADMIN_SAVE_SETTINGS (&$POST, $TABLE="_config", $WHERE="config=0", $translateComma = array(), $alwaysAdd=false)
 {
        global $CONFIG, $CFG_CACHE, $CACHE;
        $DATA = array();
index 444d18f..a71bb71 100644 (file)
@@ -65,7 +65,7 @@ if ($_GET['u_id'] == "all")
                                if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
                                {
                                        // Ok, add points and send an email to him...
-                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth=0 LIMIT 1",
                                         array($_POST['points'], bigintval($uid)), __FILE__, __LINE__);
 
                                        // Update mediadata as well
@@ -108,7 +108,7 @@ if ($_GET['u_id'] == "all")
                if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
                {
                        // Ok, add points and send an email to him...
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth=0 LIMIT 1",
                         array($_POST['points'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
 
                        // Remember points in constant
index 7f63f91..ccfc154 100644 (file)
@@ -40,18 +40,16 @@ if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
 // Add description as navigation point
 ADD_DESCR("admin", basename(__FILE__));
 
-if (isset($_POST['ok']))
-{
+if (isset($_POST['ok'])) {
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
-}
- else
-{
+       ADMIN_SAVE_SETTINGS($_POST);
+} else {
        // Minimum mails / active
        define('__LIMIT_VALUE', $CONFIG['active_limit']);
 
        // Load template
        LOAD_TEMPLATE("admin_config_active");
 }
+
 //
 ?>
index b0823e2..2997e4f 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save configuration
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index e1b31b9..044e9b7 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Data was submitted so we store it
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 32a8225..df66f24 100644 (file)
@@ -49,7 +49,7 @@ if (isset($_POST['ok']))
        $_POST['beg_notify_bonus'] = str_replace(",", ".", $_POST['beg_notify_bonus']);
 
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 
        // Remember new settings
        $CONFIG['beg_rallye']        = $_POST['beg_rallye'];
index 6d77eac..60ff7ee 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save configuration
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 0b0ae77..5c35147 100644 (file)
@@ -63,7 +63,7 @@ if (isset($_POST['ok']))
        if (empty($_POST['turbo_rates'])) $_POST['turbo_rates'] = "".round($CONFIG['turbo_bonus'] / 2).";".round($CONFIG['turbo_bonus'] / 4)."";
 
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 
        // Remember new settings
        $CONFIG['bonus_active']    = $_POST['bonus_active'];
index dd5b231..3de2ab0 100644 (file)
@@ -83,7 +83,7 @@ if (isset($_POST['ok']))
        }
 
        // Save configuration
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index ff86aa1..09c95b1 100644 (file)
@@ -50,7 +50,7 @@ if (isset($_POST['ok']))
        $_POST['doubler_left']   = str_replace(",", ".", $_POST['doubler_left']);
 
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index d079f78..e941a3b 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save configuration
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 39b50aa..e903b62 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 5a72347..e606232 100644 (file)
@@ -53,7 +53,7 @@ case "settings": // Settings related to the index page
        if (isset($_POST['ok']))
        {
                // Save settings
-               ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+               ADMIN_SAVE_SETTINGS($_POST);
                OUTPUT_HTML("<A href=\"".URL."/modules.php?module=admin&amp;what=config_home&amp;sub=settings\">".ADMIN_CONTINUE_TO_CONFIG."</A>");
        }
         else
index d089f14..6dfdbcd 100644 (file)
@@ -72,7 +72,7 @@ if (isset($_POST['ok']))
 if (isset($_POST['ok']))
 {
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 61536e4..9abc620 100644 (file)
@@ -46,7 +46,7 @@ if (isset($_POST['ok']))
        // Save data
        $_POST['nl_charge'] = str_replace(",", ".", $_POST['nl_charge']);
 
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 378a406..30bc33b 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 5714b3a..f8b8da5 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 03aea0c..5ba2b84 100644 (file)
@@ -80,7 +80,7 @@ OPEN_TABLE("100%", "admin_content admin_content_align", "");
 if (isset($_POST['ok']))
 {
        // Update stamps directly
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 85dd02f..16d8b3f 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save data
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index aa03249..a7ae62d 100644 (file)
@@ -57,7 +57,7 @@ if ((empty($_POST['least_cats'])) || (empty($_POST['ip_timeout'])))
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 915b5c8..e87b966 100644 (file)
@@ -51,7 +51,7 @@ if (isset($_POST['ok']))
        $_POST['least_cats'] = round($_POST['least_cats']);
 
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index bc6c58f..a1e728b 100644 (file)
@@ -59,7 +59,7 @@ if (isset($_POST['ok']))
        unset($_POST['mod']);
 
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index d065ee0..2ad3c4b 100644 (file)
@@ -58,7 +58,7 @@ if (isset($_POST['ok']))
        }
 
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index be02cfa..7caf135 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 87e8890..68bac70 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index c8ccadd..da7d1e6 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index e4b9f62..d6dee9d 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings...
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
 
 // Prepare constants for template
index 986674d..7cd3c43 100644 (file)
@@ -43,7 +43,7 @@ ADD_DESCR("admin", basename(__FILE__));
 if (isset($_POST['ok']))
 {
        // Save settings
-       ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($_POST);
 }
  else
 {
index 7650ae1..c4b247a 100644 (file)
@@ -47,7 +47,7 @@ if (isset($_POST['ok'])) {
        // Let's test the API first (hold your horses here, cowboy! Thanks. :) )
        if (WERNIS_TEST_API()) {
                // Save settings
-               ADMIN_SAVE_SETTINGS($_POST, "_config", "config='0'");
+               ADMIN_SAVE_SETTINGS($_POST);
        } else {
                // Failed to test the API!
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_ERROR_MESSAGE());
index 9fc626c..7b2afc0 100644 (file)
@@ -85,7 +85,7 @@ if ($SEL > 0)
        $POST['default_theme'] = $_GET['default_theme'];
        @setcookie("mxchange_theme", $POST['default_theme'], (time() + 60*60*24*365), COOKIE_PATH);
        $_COOKIE['mxchange_theme'] = $POST['default_theme'];
-       ADMIN_SAVE_SETTINGS($POST, "_config", "config='0'");
+       ADMIN_SAVE_SETTINGS($POST);
 }
 
 // Switch to testing mode
index 87249d1..d85b830 100644 (file)
@@ -53,7 +53,7 @@ $TPTS = "0";
 while (list($lvl, $per) = SQL_FETCHROW($result_depths))
 {
        // Load referral points
-       $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth='%s' LIMIT 1",
+       $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth=%d LIMIT 1",
         array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
        if (SQL_NUMROWS($result_points) == 1)
        {
index aee76fd..141344d 100644 (file)
@@ -67,7 +67,7 @@ while (list($lvl, $per) = SQL_FETCHROW($result_depths))
        $REFS = "0";
 
        // Load referral points
-       $result_points = SQL_QUERY_ESC("SELECT points, locked_points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth='%s' LIMIT 1", array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
+       $result_points = SQL_QUERY_ESC("SELECT points, locked_points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth=%d LIMIT 1", array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
        if (SQL_NUMROWS($result_points) == 1)
        {
                list($POINTS, $LOCKED) = SQL_FETCHROW($result_points);
index fdde081..13386b1 100644 (file)
@@ -206,7 +206,7 @@ case "new": // Start new transfer
                         __FILE__, __LINE__);
 
                        // Add points to account *directly* ...
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
                         array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__);
 
                        // ... and add it to current user's used points
index c944d04..cee4c48 100644 (file)
@@ -83,7 +83,7 @@ FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ".$WHERE1." %s AND beg
                {
                        // Add points to user's account directly
                        $result_data = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points
-SET points=points+%s WHERE ref_depth='0' AND userid=%d LIMIT 1",
+SET points=points+%s WHERE ref_depth=0 AND userid=%d LIMIT 1",
  array($points, bigintval($uid)), __FILE__, __LINE__);
 
                        // Update mediadata as well
index eb98676..d877e5e 100644 (file)
@@ -96,7 +96,7 @@ ORDER BY active_bonus DESC, userid LIMIT %s",
 
                        // Add points to user's account directly
                        $result_data = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points
-SET points=points+%s WHERE ref_depth='0' AND userid=%d LIMIT 1",
+SET points=points+%s WHERE ref_depth=0 AND userid=%d LIMIT 1",
  array($points, bigintval($uid)), __FILE__, __LINE__);
 
                        // Update mediadata as well
index 76fba5d..a2cb257 100644 (file)
@@ -1167,12 +1167,12 @@ function ADD_POINTS_REFSYSTEM($uid, $points, $send_notify=false, $rid="0", $lock
                        $P = $points * $per / 100;
 
                        // Update points...
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth='%s' LIMIT 1",
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET %s=%s+%s WHERE userid=%d AND ref_depth=%d LIMIT 1",
                         array($data, $data, $P, bigintval($uid), bigintval($DEPTH)), __FILE__, __LINE__);
                        if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 0)
                        {
                                // First ref in this level! :-)
-                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES ('%s', '%s', '%s')",
+                               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, %s) VALUES (%d, %d, %s)",
                                 array($data, bigintval($uid), bigintval($DEPTH), $P), __FILE__, __LINE__);
                        }
 
index b764392..573af01 100644 (file)
@@ -259,7 +259,7 @@ if (SQL_NUMROWS($result_main) > 0)
                                                {
                                                        // User does not exists, pay points back
                                                        $POINTS = GET_PAY_POINTS($DATA[5]);
-                                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+                                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
                                                         array($POINTS, bigintval($DATA[1])), __FILE__, __LINE__);
 
                                                        // Update mediadata as well
index f7b5468..ab015ce 100644 (file)
@@ -64,7 +64,7 @@ WHERE userid=%d AND locked_points != 0.00000 ORDER BY ref_depth",
                        while (list($dep, $locked) = SQL_FETCHROW($result_points))
                        {
                                $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s, locked_points=0.00000
-WHERE userid=%d AND ref_depth='%s' LIMIT 1",
+WHERE userid=%d AND ref_depth=%d LIMIT 1",
                                 array($locked, bigintval($uid), $dep), __FILE__, __LINE__);
 
                                // Update mediadata as well