Missing URL blacklist tabled (re-)added
authorRoland Häder <roland@mxchange.org>
Fri, 19 Dec 2008 14:07:05 +0000 (14:07 +0000)
committerRoland Häder <roland@mxchange.org>
Fri, 19 Dec 2008 14:07:05 +0000 (14:07 +0000)
inc/databases.php
inc/extensions/ext-order.php
inc/filters.php
inc/language/de.php
inc/modules/admin/what-unlock_emails.php
inc/modules/member/what-order.php

index a7a03c1..94869b2 100644 (file)
@@ -114,7 +114,7 @@ define('USAGE_BASE', "usage");
 define('SERVER_URL', "http://www.mxchange.org");
 
 // Current SVN revision
-define('CURR_SVN_REVISION', "657");
+define('CURR_SVN_REVISION', "658");
 
 // Take a prime number which is long (if you know a longer one please try it out!)
 define('_PRIME', 591623);
index 4df2357..ff17638 100644 (file)
@@ -38,13 +38,13 @@ if (!defined('__SECURITY')) {
 }
 
 // Version number
-$EXT_VERSION = "0.4.9";
+$EXT_VERSION = "0.5.0";
 
 // Auto-set extension version
 if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION;
 
 // Version history array (add more with , "0.1" and so on)
-$EXT_VER_HISTORY = array("0.0", "0.1", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9");
+$EXT_VER_HISTORY = array("0.0", "0.1", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0");
 
 switch ($EXT_LOAD_MODE)
 {
@@ -298,6 +298,20 @@ nicht die vom Mitglied eingegebene. Resultat: Das Script beschwerte sich, der Us
                $UPDATE_NOTES = "Bei L&ouml;schung von Mailbuchungen kann nun global entschieden werden (Einstellungen also), ob die verbliebenen {!POINTS!} wieder gutgeschrieben werden sollen oder in den Jackpot landen.";
                break;
 
+       case "0.5.0": // SQL queries for v0.5.0
+               $SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_url_blacklist`";
+               $SQLs[] = "CREATE TABLE `"._MYSQL_PREFIX."_url_blacklist` (
+`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+`url` VARCHAR(255) NOT NULL DEFAULT '',
+`pool_id` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
+`timestamp` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+PRIMARY KEY (`id`),
+INDEX (`pool_id`)
+) TYPE=MYISAM COMMENT='URL blacklist'";
+
+               // Update notes (these will be set as task text!)
+               $UPDATE_NOTES = "Tabelle f&uuml;r URL-Sperrliste angelegt.";
+               break;
        }
        break;
 
@@ -309,7 +323,7 @@ default: // Do stuff when extension is loaded
        if ((isBooleanConstantAndTrue('__DAILY_RESET')) && (isBooleanConstantAndTrue('mxchange_installed')) && (isBooleanConstantAndTrue('mxchange_installed')) && (isBooleanConstantAndTrue('admin_registered')) && (GET_EXT_VERSION("order") >= "0.1.1")) {
                // Reset mail order values
                $result_ext = SQL_QUERY("UPDATE `"._MYSQL_PREFIX."_user_data` SET mail_orders=0 WHERE mail_orders > 0", __FILE__, __LINE__);
-       }
+       } // END - if
        break;
 }
 
index 4a15758..d582202 100644 (file)
@@ -388,7 +388,7 @@ function FILTER_SOLVE_TASK ($data) {
 
 // Filter to load include files
 function FILTER_LOAD_INCLUDES ($data) {
-       global $INC_POOL;
+       global $INC_POOL, $CSS;
 
        // Is it an array?
        if ((!isset($INC_POOL)) || (!is_array($INC_POOL))) {
index 8ce3b7d..eeb1e50 100644 (file)
@@ -1198,6 +1198,7 @@ define('TASK_SUBJ_EXTENSION_DEACTIVATED', "Erweiterung deaktiviert");
 define('ADMIN_SUBJECT_EXTENSION_DEACTIVATED', "Automatische Deaktivierung einer Erweiterung");
 define('FATAL_EXTENSION_LOADED', "Erweiterung <u>%s/u> bereits geladen!");
 define('ADMIN_ACCESS_DENIED', "Zugriff auf diesen Adminmen&uuml;punkt nicht gestattet.");
+define('ADMIN_URL_BLACKLIST_DISABLED', "URL-Sperrliste ist deaktiviert.");
 
 define('MEMBER_MAIL_BONUS_CONFIRMED_ON', "Sie haben diese Bonusmail <span class=\"data\">%s</span> best&auml;tigt.");
 define('MEMBER_MAIL_NORMAL_CONFIRMED_ON', "Sie haben diese Klickmail <span class=\"data\">%s</span> best&auml;tigt.");
index c26b9bc..9419a62 100644 (file)
@@ -44,7 +44,10 @@ ADD_DESCR("admin", __FILE__);
 global $DATA;
 
 // Check for mails
-$result_main = SQL_QUERY("SELECT id, sender, subject, payment_id, timestamp, url, target_send, cat_id FROM "._MYSQL_PREFIX."_pool WHERE data_type='ADMIN' ORDER BY timestamp", __FILE__, __LINE__);
+$result_main = SQL_QUERY("SELECT `id`, `sender`, `subject`, `payment_id` AS `payment`, `timestamp`, `url`, `target_send`, `cat_id` AS `category`
+FROM `"._MYSQL_PREFIX."_pool`
+WHERE `data_type`='ADMIN'
+ORDER BY `timestamp` ASC", __FILE__, __LINE__);
 
 if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
        // Count checked checkboxes
@@ -166,56 +169,52 @@ LIMIT 1",
                        // Nothing selected
                        LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MAILS_NOTHING_CHECKED);
                }
-       } elseif ((isset($_POST['lock'])) || ($SEL > 0)) {
-               if ($SEL > 0) {
-                       // Lock URLs
-                       foreach ($_POST['sel'] as $id => $url) {
-                               // Lookup in blacklist
-                               $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
-                                       array($url), __FILE__, __LINE__);
-                               if (SQL_NUMROWS($result) == 0) {
-                                       // Did not find a record so we can add it... :)
-                                       $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())",
-                                               array($url), __FILE__, __LINE__);
-                               } else {
-                                       // Free memory
-                                       SQL_FREERESULT($result);
-                               }
-                       }
-
-                       // Set message
-                       $MSG = ADMIN_URLS_BLOCKED;
-               } else {
-                       // Nothing selected
-                       $MSG = ADMIN_MAILS_NOTHING_CHECKED;
-               }
-               LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
-       } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) {
+       } elseif ((isset($_POST['lock'])) && ($SEL > 0) && (getConfig('url_blacklist') == "Y")) {
+               // Lock URLs
+               foreach ($_POST['sel'] as $id => $url) {
+                       // Secure id number
+                       $id = bigintval($id);
+
+                       // Lookup in blacklist
+                       $result = SQL_QUERY_ESC("SELECT `id` FROM `"._MYSQL_PREFIX."_url_blacklist` WHERE `url`='%s' LIMIT 1",
+                               array($url), __FILE__, __LINE__);
+                       if (SQL_NUMROWS($result) == 0) {
+                               // Did not find a record so we can add it... :)
+                               SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_url_blacklist` (`url`,`pool_id`) VALUES ('%s',%s)",
+                                       array($url, $id), __FILE__, __LINE__);
+                       } // END - if
+
+                       // Free memory
+                       SQL_FREERESULT($result);
+               } // END - foreach
+
+               // Output message
+               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_URLS_BLOCKED);
+       } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject'])) && (getConfig('url_blacklist') == "Y")) {
                // Mail orders are in pool so we can display them
                $SW = 2; $OUT = "";
-               while (list($id, $sender, $subj, $pay, $time, $url, $tsend, $cat) = SQL_FETCHROW($result_main))
-               {
+               while ($content = SQL_FETCHARRAY($result_main)) {
                        // Prepare data for the template
                        $content = array(
                                'sw'        => $SW,
-                               'id'        => $id,
-                               'sender'    => $sender,
-                               'u_link'    => ADMIN_USER_PROFILE_LINK($sender),
-                               'subj'      => COMPILE_CODE($subj),
-                               'tester'    => FRAMETESTER($url),
-                               'url'       => $url,
-                               'cat_title' => str_replace("\"", "&quot;", GET_CATEGORY($cat)),
-                               'cat_link'  => $cat,
-                               'pay_title' => str_replace("\"", "&quot;", GET_PAYMENT($pay, true)),
-                               'pay_link'  => $pay,
-                               'ordered'   => MAKE_DATETIME($time, "2"),
-                               'tsend'     => $tsend,
+                               'id'        => $content['id'],
+                               'sender'    => $content['sender'],
+                               'u_link'    => ADMIN_USER_PROFILE_LINK($content['sender']),
+                               'subj'      => COMPILE_CODE($content['subject']),
+                               'tester'    => FRAMETESTER($content['url']),
+                               'url'       => $content['url'],
+                               'cat_title' => str_replace("\"", "&quot;", GET_CATEGORY($content['category'])),
+                               'cat_link'  => $content['category'],
+                               'pay_title' => str_replace("\"", "&quot;", GET_PAYMENT($content['payment'], true)),
+                               'pay_link'  => $content['payment'],
+                               'ordered'   => MAKE_DATETIME($content['timestamp'], "2"),
+                               'tsend'     => $content['target_send'],
                        );
 
                        // Load row template and switch colors
                        $OUT .= LOAD_TEMPLATE("admin_unlock_emails_row", true, $content);
                        $SW = 3 - $SW;
-               }
+               } // END - while
 
                // Free memory
                SQL_FREERESULT($result_main);
@@ -228,6 +227,9 @@ LIMIT 1",
 
                // Load main template
                LOAD_TEMPLATE("admin_unlock_emails");
+       } elseif ((isset($_POST['lock'])) && (getConfig('url_blacklist') == "N")) {
+               // URL blacklist not activated
+               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_URL_BLACKLIST_DISABLED);
        } else {
                // Wrong call!
                LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL);
index eace021..7753510 100644 (file)
@@ -84,9 +84,6 @@ if ($HOLIDAY == $DMY) $HOLIDAY='N';
 $ALLOWED = $MAXI - $ORDERS;
 if (getConfig('order_max_full') == "MAX") $ALLOWED = $MAXI;
 
-// Check HTML extension
-$HTML_EXT = EXT_IS_ACTIVE("html_mail");
-
 // Now check his points amount
 $TOTAL = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points");
 
@@ -153,15 +150,19 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1",
                // And shall I check that his URL is not in the black list?
                if (getConfig('url_blacklist') == "Y") {
                        // Ok, I do that for you know...
-                       $result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`timestamp`) AS tstamp FROM `"._MYSQL_PREFIX."_url_blacklist` WHERE `url`='%s' LIMIT 1",
                                array($_POST['url']), __FILE__, __LINE__);
 
                        if (SQL_NUMROWS($result) == 1) {
                                // Jupp, we got one listed
                                list($blist) = SQL_FETCHROW($result);
-                               SQL_FREERESULT($result);
+
+                               // Create redirect-URL
                                $URL = URL."/modules.php?module=login&amp;what=order&amp;msg=".CODE_BLIST_URL."&blist=".$blist;
                        } // END - if
+
+                       // Free result
+                       SQL_FREERESULT($result);
                } // END - if
 
                // Enougth receivers entered?
@@ -177,7 +178,7 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1",
                } // END - if
 
                // Probe for HTML extension
-               if ($HTML_EXT) {
+               if (EXT_IS_ACTIVE("html_mail")) {
                        // HTML or regular text mail?
                        if ($_POST['html'] == "Y") {
                                // Chek for valid HTML tags
@@ -276,7 +277,7 @@ WHERE userid=%s AND holiday_start < UNIX_TIMESTAMP() AND holiday_end > UNIX_TIME
                                if (($id == "0") || ($type != "TEMP")) {
                                        // New order
                                        $id = 0;
-                                       if ($HTML_EXT) {
+                                       if (EXT_IS_ACTIVE("html_mail")) {
                                                // HTML extension is active
                                                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_pool (sender, subject, text, receivers, payment_id, data_type, timestamp, url, cat_id, target_send, zip, html_msg)
  VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s','%s')",
@@ -312,7 +313,7 @@ array(
                                        }
                                } else {
                                        // Change current order
-                                       if ($HTML_EXT) {
+                                       if (EXT_IS_ACTIVE("html_mail")) {
                                                // HTML extension is active
                                                $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
 subject='%s',
@@ -414,7 +415,7 @@ array(
 
                        // Enable HTML checking
                        $HTML = ""; $HOLIDAY = false; $HOL_STRING = "";
-                       if (($HTML_EXT) && ($_POST['html'] == "Y")) $HTML = " AND html='Y'";
+                       if ((EXT_IS_ACTIVE("html_mail")) && ($_POST['html'] == "Y")) $HTML = " AND html='Y'";
                        if (GET_EXT_VERSION("holiday") >= "0.1.3") {
                                // Extension's version is fine
                                $HOLIDAY = true; $HOL_STRING = " AND holiday_active='N'";
@@ -624,7 +625,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
                                }
 
                                // 01      2              21    12                                   2    23         443    3          3210
-                               if ((!empty($_POST['data'])) || ((getConfig('order_multi_page') == "N") && ((!IS_ADMIN()) && (!$HTML_EXT)))) {
+                               if ((!empty($_POST['data'])) || ((getConfig('order_multi_page') == "N") && ((!IS_ADMIN()) && (!EXT_IS_ACTIVE("html_mail"))))) {
                                        // Pre-output categories
                                        $CAT = "";
                                        foreach ($CATS['id'] as $key => $value) {
@@ -661,7 +662,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
                                        }
 
                                        // HTML extension
-                                       if (($HTML_EXT) && ($_POST['html'] == "Y")) {
+                                       if ((EXT_IS_ACTIVE("html_mail")) && ($_POST['html'] == "Y")) {
                                                // Extension is active so output valid HTML tags
                                                define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_ext", true, HTML_ADD_VALID_TAGS()));
                                        } else {
@@ -674,7 +675,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
                                } else {
                                        // Remember maybe entered ZIP code in constant
                                        $ADD = "";
-                                       if ($HTML_EXT) {
+                                       if (EXT_IS_ACTIVE("html_mail")) {
                                                // Add some content when html extension is active
                                                if ((getConfig('order_multi_page') == "Y") || (IS_ADMIN())) $ADD = "<TR><TD colspan=\"2\" class=\"seperator bottom2\" height=\"5\">&nbsp;</TD></TR>\n";
                                                define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_intro", true));