From: Roland Häder Date: Tue, 15 Dec 2009 18:46:34 +0000 (+0000) Subject: Huge patchset (I don't recall all details): X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=c3f2beb3f1d47c9593d262d7f5dac47640b4aa52 Huge patchset (I don't recall all details): - Fix for revision check problem (resolves #161) - Changed parameter list in unregisterFilter() (resolves #167) - Rewrite for admin login (resolves #156) - Some more debug messages fixed (partly resolves #162, #158, #163, #148) - More HTML rewrites (partly resolves #154, #159, #58) - Mail header 'Bouces-To' added (resolves #127) - TODOs.txt updated - Many fixes/improvements I have forgotten --- diff --git a/.gitattributes b/.gitattributes index 7da90e9a3a..6eb4d5ab7f 100644 --- a/.gitattributes +++ b/.gitattributes @@ -665,6 +665,7 @@ inc/reset/reset_holiday.php -text inc/reset/reset_profile.php -text inc/reset/reset_surfbar.php -text inc/reset/reset_yoomedia.php -text +inc/revision-functions.php -text inc/session-functions.php -text inc/session.php -text inc/sql-functions.php -text diff --git a/DOCS/TODOs.txt b/DOCS/TODOs.txt index f5a8e5e968..54f5b26f57 100644 --- a/DOCS/TODOs.txt +++ b/DOCS/TODOs.txt @@ -1,4 +1,4 @@ -### WARNING: THIS FILE IS AUTO-GENERATED BY ./DOCS/todo-builder.sh (uid=1000/user=quix0r) ### +### WARNING: THIS FILE IS AUTO-GENERATED BY ./DOCS/todo-builder.sh (uid=/user=quix0r) ### ### DO NOT EDIT THIS FILE. ### ./beg.php:172: // @TODO Opps, what is missing here??? ./birthday_confirm.php:93: // @TODO Try to rewrite the following unset() @@ -35,18 +35,16 @@ ./inc/extensions-functions.php:492: // @TODO Extension is loaded, what next? ./inc/functions.php:1010:// @TODO $simple is deprecated ./inc/functions.php:1045: // @TODO Do only use $content and deprecate $GLOBALS and $DATA in templates -./inc/functions.php:2521:// @TODO Please describe this function -./inc/functions.php:2539: searchDirsRecursive($next_dir, $last_changed); // @TODO small change to API to $last_changed = searchDirsRecursive($next_dir, $time); +./inc/functions.php:2475: // @TODO Add a little more infos here +./inc/functions.php:2557: // @TODO Move this SQL code into a function, let's say 'getTimestampFromPoolId($id) ? ./inc/functions.php:255: // @TODO Remove this sanity-check if all is fine +./inc/functions.php:2580: // @TODO Rewrite this old lost code to a template ./inc/functions.php:258: // @TODO Try to rewrite all $DATA to $content -./inc/functions.php:2662: // @TODO Add a little more infos here -./inc/functions.php:2744: // @TODO Move this SQL code into a function, let's say 'getTimestampFromPoolId($id) ? -./inc/functions.php:2767: // @TODO Rewrite this old lost code to a template -./inc/functions.php:2856: // @TODO Are these convertions still required? -./inc/functions.php:2874:// @TODO Rewrite this function to use readFromFile() and writeToFile() -./inc/functions.php:3753:// @TODO Lame description for this function -./inc/functions.php:3775: // @TODO Move this in a filter -./inc/functions.php:3893: // @TODO This is still very static, rewrite it somehow +./inc/functions.php:2669: // @TODO Are these convertions still required? +./inc/functions.php:2687:// @TODO Rewrite this function to use readFromFile() and writeToFile() +./inc/functions.php:3566:// @TODO Lame description for this function +./inc/functions.php:3588: // @TODO Move this in a filter +./inc/functions.php:3706: // @TODO This is still very static, rewrite it somehow ./inc/functions.php:473: // @TODO Do only use $content, not $DATA or raw variables ./inc/functions.php:543: // @TODO Extension 'msg' does not exist ./inc/functions.php:612:// @TODO Rewrite this to an extension 'smtp' @@ -61,7 +59,7 @@ ./inc/language/rallye_de.php:13: * @TODO Naming convention not applied for language strings * ./inc/language/refback_de.php:45:// @TODO Rewrite these constants to one ./inc/language/sponsor_de.php:118:// @TODO Rewrite these four constants to one and use sprintf() -./inc/libs/admins_functions.php:426: // @TODO This can be, somehow, rewritten +./inc/libs/admins_functions.php:439: // @TODO This can be, somehow, rewritten ./inc/libs/beg_functions.php:57: // @TODO Try to rewrite the following unset() ./inc/libs/bonus_functions.php:215: // @TODO Try to find a way for rewriting this constant ./inc/libs/bonus_functions.php:303: // @TODO This query isn't right, it will only update if the user was for a longer time away! @@ -69,6 +67,10 @@ ./inc/libs/rallye_functions.php:718: $EXPIRE = 3; // @TODO The hard-coded value... ./inc/libs/rallye_functions.php:782: // @TODO Rewrite this to our API function ./inc/libs/refback_functions.php:60: // @TODO Try to rewrite the following unset() +./inc/libs/register_functions.php:286: // @TODO Rewrite these all to a single filter +./inc/libs/register_functions.php:362: // @TODO Rewrite this to a filter +./inc/libs/register_functions.php:369: // @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete +./inc/libs/register_functions.php:370: // @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable ./inc/libs/surfbar_functions.php:1496: // @TODO This can be somehow rewritten ./inc/libs/surfbar_functions.php:949: // @TODO Invalid salt should be refused ./inc/libs/task_functions.php:244: // @TODO These can be rewritten to filter @@ -76,17 +78,17 @@ ./inc/libs/user_functions.php:137: // @TODO These two constants are no longer used, maybe we reactivate this code? ./inc/libs/user_functions.php:224:// @TODO Double-check configuration entry here ./inc/libs/user_functions.php:319: // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); -./inc/libs/user_functions.php:343: // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); -./inc/libs/user_functions.php:416: // @TODO We should try to rewrite this to fetchUserData() somehow +./inc/libs/user_functions.php:342: // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); +./inc/libs/user_functions.php:417: // @TODO We should try to rewrite this to fetchUserData() somehow ./inc/libs/yoomedia_functions.php:115: $response = YOOMEDIA_QUERY_API('out_textmail.php', true); // @TODO Ask Yoo!Media for test script ./inc/load_config.php:76: // @TODO Rewrite them to avoid this else block ./inc/loader/load_cache-extension.php:13: * @TODO Rewrite this whole file to load_cache-extensions.php * -./inc/modules/admin/admin-inc.php:352: // @TODO Rewrite this to $content = SQL_FETCHARRAY() -./inc/modules/admin/admin-inc.php:357: // @TODO ACL is 'allow'... hmmm -./inc/modules/admin/admin-inc.php:423: // @TODO Rewrite this to $content = SQL_FETCHARRAY() -./inc/modules/admin/admin-inc.php:429: // @TODO ACL is 'allow'... hmmm -./inc/modules/admin/admin-inc.php:531:// @TODO Try to rewrite this to adminAddMenuSelectionBox() -./inc/modules/admin/admin-inc.php:545: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY(). Please look some lines above for the dynamic query +./inc/modules/admin/admin-inc.php:251: // @TODO Rewrite this to $content = SQL_FETCHARRAY() +./inc/modules/admin/admin-inc.php:256: // @TODO ACL is 'allow'... hmmm +./inc/modules/admin/admin-inc.php:322: // @TODO Rewrite this to $content = SQL_FETCHARRAY() +./inc/modules/admin/admin-inc.php:328: // @TODO ACL is 'allow'... hmmm +./inc/modules/admin/admin-inc.php:428:// @TODO Try to rewrite this to adminAddMenuSelectionBox() +./inc/modules/admin/admin-inc.php:442: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY(). Please look some lines above for the dynamic query ./inc/modules/admin/overview-inc.php:163: // @TODO Rewrite this to a filter ./inc/modules/admin/overview-inc.php:277: // @TODO Rewrite this to something with include files and/or filter ./inc/modules/admin/overview-inc.php:315: // @TODO This may also be rewritten to include files @@ -106,7 +108,7 @@ ./inc/modules/admin/what-config_mods.php:56: // @TODO This can be moved into mysql-function.php, see checkModulePermissions() function ./inc/modules/admin/what-config_rallye_prices.php:208: // @TODO Rewritings: level->price_level, infos->info in template ./inc/modules/admin/what-config_rallye_prices.php:225: // @TODO Rewrite these two constants -./inc/modules/admin/what-config_register.php:67: // @TODO Move this HTML code into a template +./inc/modules/admin/what-config_register.php:77: // @TODO Move this HTML code into a template ./inc/modules/admin/what-edit_user.php:20: * @TODO Add support for ext-country * ./inc/modules/admin/what-email_stats.php:47:// @TODO Unused at the moment ./inc/modules/admin/what-extensions.php:347: // @TODO Rewrite this to a filter @@ -141,8 +143,8 @@ ./inc/modules/admin/what-mem_add.php:64: // @TODO Cant this be rewritten? ./inc/modules/admin/what-mem_add.php:80: // @TODO This can be somehow rewritten to a function ./inc/modules/admin/what-payments.php:151: // @TODO Rewritings: title->mail_title, pay->payment in template -./inc/modules/admin/what-refbanner.php:139: // @TODO Rewritings: alt->alternate,cnt->counter,clx->clicks in template -./inc/modules/admin/what-unlock_emails.php:91: // @TODO Rewrite these if-blocks to a filter +./inc/modules/admin/what-refbanner.php:144: // @TODO Rewritings: alt->alternate,cnt->counter,clx->clicks in template +./inc/modules/admin/what-unlock_emails.php:88: // @TODO Rewrite these if-blocks to a filter ./inc/modules/admin/what-unlock_sponsor.php:191: // @TODO Rewritings: remote->remote_addr, created->sponsor_created in template ./inc/modules/admin/what-usage.php:87: // @TODO This code is double, see LOAD_TEMPLATE and loadEmailTemplate in functions.php ./inc/modules/admin/what-usr_online.php:50: // @TODO Add a filter for sponsor @@ -152,9 +154,6 @@ ./inc/modules/guest/what-mediadata.php:182:// @TODO Rewrite all these if-blocks to filters ./inc/modules/guest/what-mediadata.php:69: // @TODO Find a better formular than this one ./inc/modules/guest/what-rallyes.php:90: // @TODO Reactivate this: $content['admin'] = '' . $login . ''; -./inc/modules/guest/what-register.php:192: // @TODO Rewrite these all to a single filter -./inc/modules/guest/what-register.php:270: // @TODO Rewrite this to a filter -./inc/modules/guest/what-register.php:286: // @TODO Rewrite this to addPointsDirectly() ./inc/modules/guest/what-sponsor_infos.php:69: // @TODO Rewritings: conv->conv_rate,name->conv_name in template ./inc/modules/guest/what-sponsor_infos.php:89: // @TODO Rewritings: name->pay_name,min->pay_min_count,min->pay_min_count,curr->pay_currency ./inc/modules/guest/what-sponsor_reg.php:286: // @TODO Swap this HTML code to templates @@ -179,19 +178,20 @@ ./inc/modules/member/what-unconfirmed.php:142: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY() ./inc/modules/order.php:75: // @TODO Unused: 2,4 ./inc/monthly/monthly_bonus.php:68: // @TODO Rewrite this to a filter -./inc/mysql-manager.php:1565: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY() -./inc/mysql-manager.php:1663: // @TODO Rewrite this to a filter -./inc/mysql-manager.php:2107: // @TODO Rewrite this to a filter -./inc/mysql-manager.php:2148:// @TODO Fix inconsistency between last_module and getWhat() +./inc/mysql-manager.php:1571: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY() +./inc/mysql-manager.php:1669: // @TODO Rewrite this to a filter +./inc/mysql-manager.php:2113: // @TODO Rewrite this to a filter +./inc/mysql-manager.php:2154:// @TODO Fix inconsistency between last_module and getWhat() ./inc/mysql-manager.php:228: // @TODO Nothing helped??? ./inc/mysql-manager.php:263: // @TODO Rewrite this to a filter ./inc/mysql-manager.php:556: // @TODO Try to rewrite this to one or more functions ./inc/mysql-manager.php:93:// @TODO Can we cache this? ./inc/reset/reset_beg.php:50:// @TODO This should be converted in a daily beg rallye ./inc/reset/reset_birthday.php:91: // @TODO 4 is hard-coded here, should we move it out in config? -./inc/wrapper-functions.php:127:// @TODO Implement $compress -./inc/wrapper-functions.php:134:// @TODO Implement $decompress -./inc/wrapper-functions.php:409:// @TODO Do some more sanity check here +./inc/revision-functions.php:152:// @TODO Please describe this function +./inc/wrapper-functions.php:126:// @TODO Implement $compress +./inc/wrapper-functions.php:133:// @TODO Implement $decompress +./inc/wrapper-functions.php:420:// @TODO Do some more sanity check here ./mailid.php:134: // @TODO Rewrite this to a filter ./mailid.php:214: // @TODO Rewrite this to a dynamic include or so ./mailid.php:94: // @TODO Rewrite this to a filter @@ -203,26 +203,29 @@ ./mailid_top.php:99: // @TODO Rewrite this to a filter ./view.php:69: // @TODO No banner found, output some default banner ./templates/de/html/admin/admin_add_country.tpl:23: -./templates/de/html/admin/admin_admins_contct_form.tpl:3: +./templates/de/html/admin/admin_admins_contct_form.tpl:4: ./templates/de/html/admin/admin_amenu_edit.tpl:4: -./templates/de/html/admin/admin_config_other.tpl:66: +./templates/de/html/admin/admin_config_other.tpl:67: ./templates/de/html/admin/admin_list_autopurge.tpl:2: -./templates/de/html/admin/admin_list_beg.tpl:2: -./templates/de/html/admin/admin_list_bonus.tpl:2: +./templates/de/html/admin/admin_list_beg.tpl:3: +./templates/de/html/admin/admin_list_bonus.tpl:3: ./templates/de/html/admin/admin_list_mods.tpl:4: +./templates/de/html/admin/admin_list_primera_main.tpl:3: ./templates/de/html/admin/admin_list_unconfirmed_list.tpl:3: ./templates/de/html/admin/admin_list_wernis_main.tpl:2: ./templates/de/html/admin/admin_login_form.tpl:35: @TODO Doesn't work with sessions ./templates/de/html/admin/admin_login_form.tpl:38: @TODO Try to move the select box to our generic functions ./templates/de/html/admin/admin_mods_edit.tpl:3: ./templates/de/html/admin/admin_optimize.tpl:3: +./templates/de/html/admin/admin_send_bonus_form.tpl:4: ./templates/de/html/guest/guest_login.tpl:21: @TODO Deactivated feature, try to implement it or remove it. ./templates/de/html/guest/guest_nickname_login.tpl:21: @TODO Deactivated feature, try to find a solution for this or remove it. -./templates/de/html/guest/guest_stats_member.tpl:23: @TODO We have to fix these counters. +./templates/de/html/guest/guest_stats_member.tpl:21: @TODO We have to fix these counters. ./templates/de/html/surfbar/surfbar_frame_textlinks.tpl:5: ./templates/de/html/surfbar/surfbar_frame_top.tpl:23:// @TODO Try to rewrite this JavaScript to js.php?js=surfbar_frame_top (wouldn't be easy) ### ### DEPRECATION FOLLOWS: ### ### -./inc/modules/admin/admin-inc.php:532:// @DEPRECATED +./inc/modules/admin/admin-inc.php:429:// @DEPRECATED +./templates/de/html/admin/admin_menu_unknown_okay.tpl:1: ### ### template-warnings.log follows: ### ### Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : td in templates/de/html/menu/menu_what_end.tpl, line: 1 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : tr in templates/de/html/menu/menu_what_end.tpl, line: 2 in @@ -232,6 +235,7 @@ Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/h Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : td in templates/de/html/member/member_content_right.tpl, line: 1 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : tr in templates/de/html/member/member_content_right.tpl, line: 5 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/html/member/member_welcome_footer.tpl, line: 1 in +Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/html/member/member_order_points.tpl, line: 14 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/member/member_footer.tpl, line: 6 in Warning: DOMDocument::loadHTMLFile(): Document is empty in templates/de/html/header.tpl, line: 1 in /home Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/html/page_footer.tpl, line: 1 in /home @@ -247,11 +251,14 @@ Warning: Not parsing JavaScript templates/de/html/js/js_surfbar_member_book.tpl. Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/admin/admin_overview_footer.tpl, line: 10 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : form in templates/de/html/admin/admin_overview_footer.tpl, line: 11 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/html/admin/admin_overview_footer.tpl, line: 12 in +Warning: DOMDocument::loadHTMLFile(): Attribute class redefined in templates/de/html/admin/admin_list_beg.tpl, line: 23 in +Warning: DOMDocument::loadHTMLFile(): Attribute align redefined in templates/de/html/admin/admin_list_beg.tpl, line: 23 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/admin/admin_overview_footer_task.tpl, line: 10 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : form in templates/de/html/admin/admin_overview_footer_task.tpl, line: 11 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : td in templates/de/html/admin/admin_main_footer.tpl, line: 1 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : tr in templates/de/html/admin/admin_main_footer.tpl, line: 2 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/admin/admin_main_footer.tpl, line: 12 in +Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/admin/admin_logout_sql_patches_remove.tpl, line: 10 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/guest/guest_rallye_expired_footer.tpl, line: 6 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : div in templates/de/html/guest/guest_rallye_expired_footer.tpl, line: 7 in Warning: DOMDocument::loadHTMLFile(): Unexpected end tag : table in templates/de/html/guest/guest_footer.tpl, line: 6 in diff --git a/inc/classes/cachesystem.class.php b/inc/classes/cachesystem.class.php index 71bf450d67..5a606fb93e 100644 --- a/inc/classes/cachesystem.class.php +++ b/inc/classes/cachesystem.class.php @@ -139,9 +139,6 @@ class CacheSystem { if (($k == 'ext_keep') && ($v == 'Y')) { $GLOBALS['cache_array']['always_active'][$data['ext_name']] = $v; } // END - if - } elseif (is_array($v)) { - // Serialize and BASE64-encode the array - $v = base64_encode(serialize($v)); } elseif ($this->name == 'config') { // Configuration $GLOBALS['cache_array']['config'][$data['config']][$k] = $v; @@ -168,7 +165,7 @@ class CacheSystem { $GLOBALS['cache_array']['refsystem'][$k][$data['id']] = $v; } elseif ($this->name == 'revision') { // Revision data - $GLOBALS['cache_array']['revision'][$k] = $v; + $GLOBALS['cache_array']['revision'][$k][0] = $v; } elseif ($this->name == 'themes') { // Themes if ($k == 'theme_path') { @@ -179,6 +176,9 @@ class CacheSystem { } elseif ($this->name == 'imprint') { // Imprint $GLOBALS['cache_array']['imprint'][$k][$data['imprint_id']] = $v; + } elseif (is_array($v)) { + // Serialize and BASE64-encode the array + $v = base64_encode(serialize($v)); } else { // Finialize the cache and close it $this->finalize(); @@ -491,6 +491,9 @@ class CacheSystem { // False $line = '$this->' . $prefix . "['".$this->name."']['" . $key . "']" . $extender . " = false;\n"; } + } elseif (isset($value[0])) { + // These lines needs fixing + debug_report_bug('Invalid entry with [0] found. key=' . $key); } else { // Non-string $line = '$this->' . $prefix . "['".$this->name."']['" . $key . "']" . $extender . " = " . $value . ";\n"; diff --git a/inc/code-functions.php b/inc/code-functions.php index aa612db0d9..7bf2064224 100644 --- a/inc/code-functions.php +++ b/inc/code-functions.php @@ -39,7 +39,7 @@ // Some security stuff... if (!defined('__SECURITY')) { die(); -} +} // END - if // Adds a code key/value pair to $GLOBALS function addCode ($key, $value) { diff --git a/inc/config-functions.php b/inc/config-functions.php index a7897e2abc..d10f4fa12d 100644 --- a/inc/config-functions.php +++ b/inc/config-functions.php @@ -294,8 +294,11 @@ function updateConfiguration ($entries, $values, $updateMode='', $config = '0') // Update entry $all .= sprintf("`%s`=`%s`%s%s,", $entry, $entry, $updateMode, (float)$values[$idx]); } else { - // Check if string or number - if (($values[$idx] + 0) === $values[$idx]) { + // Check if string or number but no array + if (is_array($values[$idx])) { + // Arrays must be fixed... + debug_report_bug('values[' . $idx . '] should not be an array! Content=
'.print_r($values[$idx], true).'
'); + } elseif (($values[$idx] + 0) === $values[$idx]) { // Number detected $all .= sprintf("`%s`=%s,", $entry, (float)$values[$idx]); @@ -346,7 +349,7 @@ function updateConfiguration ($entries, $values, $updateMode='', $config = '0') //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "entries={$entries}"); SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_config` SET ".$entries." WHERE `config`=%s LIMIT 1", array(bigintval($config)), __FUNCTION__, __LINE__); - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):entries={$entries},affectedRows={$affectedRows}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "entries={$entries},affectedRows={$affectedRows}
"); // Rebuild cache rebuildCacheFile('config', 'config'); diff --git a/inc/config-global.php b/inc/config-global.php index e86fd7328d..a2069688db 100644 --- a/inc/config-global.php +++ b/inc/config-global.php @@ -64,8 +64,11 @@ foreach (array('config','wrapper','inc','stats') as $inc) { include($PATH . 'inc/' . $inc . '-functions.php'); } // END - foreach +// Own functions +include($PATH.'inc/functions.php'); + // Auto-detection... (patched by "Stelzi" aka. profi-concept, thanks again!) -$URL = 'http://' . getenv('SERVER_NAME') . str_replace("\\", '/', dirname($_SERVER['PHP_SELF'])); +$URL = 'http://' . detectServerName() . str_replace("\\", '/', dirname($_SERVER['PHP_SELF'])); while (substr($URL, -1, 1) == '/') { $URL = substr($URL, 0, -1); } // Initialize the configuration diff --git a/inc/databases.php b/inc/databases.php index 3f211dc098..88cde367dc 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -77,6 +77,9 @@ addCode('UNHANDLED_STATUS' , 0x022); addCode('MODULE_MEM_ONLY' , 0x023); addCode('UNKNOWN_ERROR' , 0x024); +// Full version +setConfigEntry('FULL_VERSION', '0.2.1-FINAL'); + // Server-URL (DO NOT CHANGE THIS OR YOU CANNOT CHECK FOR UPDATES/EXTENSIONS!) setConfigEntry('SERVER_URL', 'http://www.mxchange.org'); diff --git a/inc/extensions-functions.php b/inc/extensions-functions.php index a9c6fd9239..c34db3b0b3 100644 --- a/inc/extensions-functions.php +++ b/inc/extensions-functions.php @@ -1450,7 +1450,7 @@ function getCurrentExtensionVersion () { return $GLOBALS['ext_current_version']; } -// Remove the extension from global cache array +// Remove the extension from cache array function removeExtensionFromArray () { // "Cache" this name $ext_name = getCurrentExtensionName(); diff --git a/inc/extensions/ext-admins.php b/inc/extensions/ext-admins.php index 7b8b8b98f9..6823b169b7 100644 --- a/inc/extensions/ext-admins.php +++ b/inc/extensions/ext-admins.php @@ -42,10 +42,10 @@ if (!defined('__SECURITY')) { } // END - if // Version of this extension -setThisExtensionVersion('0.7.3'); +setThisExtensionVersion('0.7.4'); // Version history array (add more with , '0.1.0' and so on) -setExtensionVersionHistory(array('0.0', '0.1.0', '0.2.0', '0.3.0', '0.3.1', '0.4.0', '0.4.1', '0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6', '0.4.7', '0.4.8', '0.4.9', '0.5.0', '0.5.1', '0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8', '0.5.9', '0.6.0', '0.6.1', '0.6.2', '0.6.3', '0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8', '0.6.9', '0.7.0', '0.7.1', '0.7.2', '0.7.3')); +setExtensionVersionHistory(array('0.0', '0.1.0', '0.2.0', '0.3.0', '0.3.1', '0.4.0', '0.4.1', '0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6', '0.4.7', '0.4.8', '0.4.9', '0.5.0', '0.5.1', '0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8', '0.5.9', '0.6.0', '0.6.1', '0.6.2', '0.6.3', '0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8', '0.6.9', '0.7.0', '0.7.1', '0.7.2', '0.7.3', '0.7.4')); // Keep this extension always active! setExtensionAlwaysActive('Y'); @@ -67,6 +67,8 @@ switch (getExtensionMode()) { // Remove filters unregisterFilter('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', true, getExtensionDryRun()); + unregisterFilter('do_admin_login_done', 'RESET_ADMINS_LOGIN_FAILURES', true, getExtensionDryRun()); + unregisterFilter('do_admin_login_pass', 'COUNT_ADMINS_LOGIN_FAILURE', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension @@ -309,13 +311,22 @@ PRIMARY KEY (id) setExtensionUpdateNotes("Schreibweise korregiert."); break; - case '0.7.3': // SQL queries for v0.7.2 + case '0.7.3': // SQL queries for v0.7.3 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `expert_settings` ENUM('Y','N') NOT NULL DEFAULT 'Y'"); addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `expert_warning` ENUM('Y','N') NOT NULL DEFAULT 'Y'"); // Update notes (these will be set as task text!) setExtensionUpdateNotes("Experten-Einstellungen sind nun hinzugekommen."); break; + + case '0.7.4': // SQL queries for v0.7.4 + // Add filter + registerFilter('do_admin_login_done', 'RESET_ADMINS_LOGIN_FAILURES', false, true, getExtensionDryRun()); + registerFilter('do_admin_login_pass', 'COUNT_ADMINS_LOGIN_FAILURE', false, true, getExtensionDryRun()); + + // Update notes (these will be set as task text!) + setExtensionUpdateNotes("Filter hinzugefuegt."); + break; } // END - switch break; diff --git a/inc/extensions/ext-booking.php b/inc/extensions/ext-booking.php index 2df2bfc5b1..84be264067 100644 --- a/inc/extensions/ext-booking.php +++ b/inc/extensions/ext-booking.php @@ -86,8 +86,8 @@ PRIMARY KEY (`id`) addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE `what`='booking'"); // Remove the filters - unregisterFilter('add_points', 'ADD_BOOKING_RECORD', false, true, getExtensionDryRun()); - unregisterFilter('sub_points', 'ADD_BOOKING_RECORD', false, true, getExtensionDryRun()); + unregisterFilter('add_points', 'ADD_BOOKING_RECORD', true, getExtensionDryRun()); + unregisterFilter('sub_points', 'ADD_BOOKING_RECORD', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-mediadata.php b/inc/extensions/ext-mediadata.php index 1d70a5997b..2022aa0d27 100644 --- a/inc/extensions/ext-mediadata.php +++ b/inc/extensions/ext-mediadata.php @@ -67,8 +67,8 @@ switch (getExtensionMode()) { addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_guest_menu` WHERE `what`='mediadata'"); // Remove the filters - unregisterFilter('add_points', 'UPDATE_MEDIADATA_ENTRY', false, true, getExtensionDryRun()); - unregisterFilter('sub_points', 'UPDATE_MEDIADATA_ENTRY', false, true, getExtensionDryRun()); + unregisterFilter('add_points', 'UPDATE_MEDIADATA_ENTRY', true, getExtensionDryRun()); + unregisterFilter('sub_points', 'UPDATE_MEDIADATA_ENTRY', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-order.php b/inc/extensions/ext-order.php index 8e6b2b8321..736b48c270 100644 --- a/inc/extensions/ext-order.php +++ b/inc/extensions/ext-order.php @@ -295,7 +295,7 @@ nicht die vom Mitglied eingegebene. Resultat: Das Script beschwerte sich, der Us addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD repay_deleted_mails ENUM('REPAY','JACKPOT','SHRED') NOT NULL DEFAULT 'REPAY'"); // Update notes (these will be set as task text!) - setExtensionUpdateNotes("Bei Löschung von Mailbuchungen kann nun global entschieden werden (Einstellungen also), ob die verbliebenen {?POINTS?} wieder gutgeschrieben werden sollen oder in den Jackpot landen."); + setExtensionUpdateNotes("Bei Löschung von Mailbuchungen kann nun scripteweit entschieden werden (Einstellungen also), ob die verbliebenen {?POINTS?} wieder gutgeschrieben werden sollen oder in den Jackpot landen."); break; case '0.5.0': // SQL queries for v0.5.0 diff --git a/inc/extensions/ext-other.php b/inc/extensions/ext-other.php index ae758f1be0..d8bc4aa48d 100644 --- a/inc/extensions/ext-other.php +++ b/inc/extensions/ext-other.php @@ -61,7 +61,7 @@ switch (getExtensionMode()) { addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE `what`='config_other'"); // Unregister filter - unregisterFilter('page_footer', 'DISPLAY_DEBUG_SQL', false, true, getExtensionDryRun()); + unregisterFilter('page_footer', 'DISPLAY_DEBUG_SQL', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-politician-stop.php b/inc/extensions/ext-politician-stop.php index ec0b11bc3a..c21ca022d3 100644 --- a/inc/extensions/ext-politician-stop.php +++ b/inc/extensions/ext-politician-stop.php @@ -59,7 +59,7 @@ switch (getExtensionMode()) { case 'remove': // Do stuff when removing extension // Unregister filter - unregisterFilter('page_footer', 'DISPLAY_POLITICIAN_STOP_SNIPPET', false, true, getExtensionDryRun()); + unregisterFilter('page_footer', 'DISPLAY_POLITICIAN_STOP_SNIPPET', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-register.php b/inc/extensions/ext-register.php index 4c67e19779..e782086f79 100644 --- a/inc/extensions/ext-register.php +++ b/inc/extensions/ext-register.php @@ -59,7 +59,7 @@ switch (getExtensionMode()) { addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_must_register`"); // Unregister a filter - unregisterFilter('register_must_fillout', 'REGISTER_MUST_FILLOUT', false, true, getExtensionDryRun()); + unregisterFilter('register_must_fillout', 'REGISTER_MUST_FILLOUT', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-uberwach.php b/inc/extensions/ext-uberwach.php index 1682dcf196..4f3b441090 100644 --- a/inc/extensions/ext-uberwach.php +++ b/inc/extensions/ext-uberwach.php @@ -57,7 +57,7 @@ switch (getExtensionMode()) { addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE `what`='config_uberwach' LIMIT 1"); // Unregister filter - unregisterFilter('page_footer', 'DISPLAY_UBERWACH_SNIPPET', false, true, getExtensionDryRun()); + unregisterFilter('page_footer', 'DISPLAY_UBERWACH_SNIPPET', true, getExtensionDryRun()); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/filter-functions.php b/inc/filter-functions.php index 5088da4b23..e9afe0281f 100644 --- a/inc/filter-functions.php +++ b/inc/filter-functions.php @@ -50,30 +50,12 @@ function initFilterSystem () { } // END - if // Load all saved filers if sql_patches is updated - if (isset($GLOBALS['cache_array']['filter']['filter_name'])) { - // Init dummy array - $filterArray = array( - 'chains' => array(), - 'loaded' => array(), - 'counter' => array() - ); - - // Found in cache so rewrite the array - foreach ($GLOBALS['cache_array']['filter']['filter_name'] as $idx => $filterName) { - // Get filter function - $filterFunction = $GLOBALS['cache_array']['filter']['filter_function'][$idx]; - - // Add the element with mapped index - $filterArray['counter'][$filterName][$filterFunction] = $GLOBALS['cache_array']['filter']['filter_counter'][$idx]; - $filterArray['loaded'][$filterName][$filterFunction] = true; - $filterArray['chains'][$filterName][$filterFunction] = $GLOBALS['cache_array']['filter']['filter_active'][$idx]; - } // END - foreach + if ((isset($GLOBALS['cache_array']['filter']['filter_name'])) && (!isset($GLOBALS['cache_array']['filter']['chains']))) { + // Prepare filter array + prepareFilterArray(); // Mark it as initialized $GLOBALS['filter_init'] = true; - - // Remove the cache - $GLOBALS['cache_array']['filter'] = $filterArray; } elseif ((!isInstallationPhase()) && (isExtensionInstalledAndNewer('sql_patches', '0.5.9'))) { // Init add $add = ''; @@ -187,10 +169,15 @@ ORDER BY // Member login check. Always keep FETCH_USER_DATA as first entry! registerFilter('member_login_check', 'FETCH_USER_DATA'); + + // Admin login + registerFilter('do_admin_login_done', 'DO_LOGIN_ADMIN'); } // "Registers" a new filter function function registerFilter ($filterName, $filterFunction, $silentAbort = true, $force = false, $dry_run = false) { + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ENTRY: filterName=' . $filterName . ',filterFunction=' . $filterFunction); + // Extend the filter function name $filterFunction = sprintf("FILTER_%s", strtoupper($filterFunction)); @@ -216,7 +203,7 @@ function registerFilter ($filterName, $filterFunction, $silentAbort = true, $for } // END - if // Simply add it to the array - //* DEBUG: */ print __FUNCTION__.': filterName='.$filterName.',filterFunction='.$filterFunction.'
'; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'REGISTER: filterName=' . $filterName . ',filterFunction=' . $filterFunction); $GLOBALS['cache_array']['filter']['chains'][$filterName][$filterFunction] = 'A'; $GLOBALS['cache_array']['filter']['counter'][$filterName][$filterFunction] = '0'; } // END - if @@ -224,6 +211,8 @@ function registerFilter ($filterName, $filterFunction, $silentAbort = true, $for // "Unregisters" a filter from the given chain function unregisterFilter ($filterName, $filterFunction, $force = false, $dry_run = false) { + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ENTRY: filterName=' . $filterName . ',filterFunction=' . $filterFunction . ',force=' . intval($force) . ',dry=' . intval($dry_run)); + // Extend the filter function name only if not loaded from database if (!isset($GLOBALS['cache_array']['filter']['loaded'][$filterName][$filterFunction])) { $filterFunction = sprintf("FILTER_%s", strtoupper($filterFunction)); @@ -239,7 +228,7 @@ function unregisterFilter ($filterName, $filterFunction, $force = false, $dry_ru // Shall we remove? (default, not while just showing an extension removal) if ($dry_run === false) { // Mark for filter removal - //* DEBUG: */ print __FUNCTION__.': filterName='.$filterName.',filterFunction='.$filterFunction.'
'; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'REMOVE: filterName=' . $filterName . ',filterFunction=' . $filterFunction); $GLOBALS['cache_array']['filter']['chains'][$filterName][$filterFunction] = 'R'; } // END - if } @@ -253,6 +242,7 @@ function runFilterChain ($filterName, $data = null) { // Log it away... logDebugMessage(__FUNCTION__, __LINE__, 'Filter chain ' . $filterName . ' not found!'); } // END - if + if ($filterName == 'sql_admin_extra_data') debug_report_bug(print_r($GLOBALS['cache_array']['filter'] , true)); // Abort here and return content return $data; @@ -278,7 +268,7 @@ function runFilterChain ($filterName, $data = null) { } // END - if // Call the filter chain - //* DEBUG: */ print $filterName.'/'.$filterFunction.',[]='.gettype($returnValue).'
'; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $filterName.'/'.$filterFunction.',[]='.gettype($returnValue)); $returnValue = call_user_func_array($filterFunction, array($returnValue)); // Update usage counter @@ -305,5 +295,29 @@ function countFilterUsage ($filterName, $filterFunction) { } } +// Prepares the filter array for usage +function prepareFilterArray () { + // Init dummy array + $filterArray = array( + 'chains' => array(), + 'loaded' => array(), + 'counter' => array() + ); + + // Found in cache so rewrite the array + foreach ($GLOBALS['cache_array']['filter']['filter_name'] as $idx => $filterName) { + // Get filter function + $filterFunction = $GLOBALS['cache_array']['filter']['filter_function'][$idx]; + + // Add the element with mapped index + $filterArray['counter'][$filterName][$filterFunction] = $GLOBALS['cache_array']['filter']['filter_counter'][$idx]; + $filterArray['loaded'][$filterName][$filterFunction] = true; + $filterArray['chains'][$filterName][$filterFunction] = $GLOBALS['cache_array']['filter']['filter_active'][$idx]; + } // END - foreach + + // Remove the cache + $GLOBALS['cache_array']['filter'] = $filterArray; +} + // [EOF] ?> diff --git a/inc/filters.php b/inc/filters.php index fd55e5785a..6626a7655b 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -137,10 +137,10 @@ function FILTER_CALL_HANDLER_LOGIN_FAILTURES ($data) { $content = $data; // Handle failed logins here if not in guest - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):type={$data['type']},action={getAction()},what={getWhat()},level={$data['access_level']}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "type=".$data['type'].",action=".getAction().",what=".getWhat().",level=".$data['access_level']."
"); if ((($data['type'] == 'what') || ($data['type'] == 'action') && ((!isWhatSet()) || (getWhat() == 'overview') || (getWhat() == getConfig('index_home')))) && ($data['access_level'] != 'guest') && ((isExtensionInstalledAndNewer('sql_patches', '0.4.7')) || (isExtensionInstalledAndNewer('admins', '0.7.0')))) { // Handle failure - $content['content'] .= handleLoginFailtures($data['access_level']); + $content['content'] .= handleLoginFailures($data['access_level']); } // END - if // Return the content @@ -167,7 +167,7 @@ function FILTER_AUTO_ACTIVATE_EXTENSION ($data) { // Is this extension always activated? if (getExtensionAlwaysActive() == 'Y') { // Then activate the extension - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."): ext_name={$data['ext_name']}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "ext_name={$data['ext_name']}
"); doActivateExtension($data['ext_name']); } // END - if @@ -564,7 +564,7 @@ function FILTER_REMOVE_EXTENSION () { SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_extensions` WHERE `ext_name`='%s' LIMIT 1", array(getCurrentExtensionName()), __FUNCTION__, __LINE__); - // Remove the extension from global cache array as well + // Remove the extension from cache array as well removeExtensionFromArray(); // Remove the cache @@ -920,9 +920,24 @@ LIMIT 1", // Store it in session setSession('mxchange_member_failures' , getUserData('login_failures')); - setSession('mxchange_member_last_fail', getUserData('last_failure')); + setSession('mxchange_member_last_failure', getUserData('last_failure')); } // END - if } +// Try to login the admin by setting some session/cookie variables +function FILTER_DO_LOGIN_ADMIN ($data) { + // Now set all session variables and store the result for later processing + $GLOBALS['admin_login_success'] = (( + setSession('admin_md5', encodeHashForCookie(generateHash($data['pass_hash'], '', false))) + ) && ( + setSession('admin_login', $data['login']) + ) && ( + setSession('admin_last', time()) + )); + + // Return the data for further processing + return $data; +} + // [EOF] ?> diff --git a/inc/functions.php b/inc/functions.php index ee75b3a0d2..122ba1204c 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -442,25 +442,25 @@ function loadEmailTemplate ($template, $content = array(), $userid = '0') { } // END - if // Load user's data - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):UID={$userid},template={$template},content[]=".gettype($content).'
'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "UID={$userid},template={$template},content[]=".gettype($content).'
'); if (($userid > 0) && (is_array($content))) { // If nickname extension is installed, fetch nickname as well if ((isExtensionActive('nickname')) && (isNicknameUsed($userid))) { - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):NICKNAME!
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "NICKNAME!
"); // Load by nickname fetchUserData($userid, 'nickname'); } else { - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):NO-NICK!
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "NO-NICK!
"); /// Load by userid fetchUserData($userid); } // Merge data if valid - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):content()=".count($content)." - PRE
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "content()=".count($content)." - PRE
"); if (isUserDataValid()) { $content = merge_array($content, getUserDataArray()); } // END - if - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):content()=".count($content)." - AFTER
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "content()=".count($content)." - AFTER
"); } // END - if // Translate M to male or F to female if present @@ -469,7 +469,7 @@ function loadEmailTemplate ($template, $content = array(), $userid = '0') { // Overwrite email from data if present if (isset($content['email'])) $email = $content['email']; - // Store email for some functions in global data array + // Store email for some functions in global $DATA array // @TODO Do only use $content, not $DATA or raw variables $DATA['email'] = $email; @@ -532,7 +532,7 @@ function loadEmailTemplate ($template, $content = array(), $userid = '0') { // Send mail out to an email address function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '') { - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):TO={$toEmail},SUBJECT={$subject}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "TO={$toEmail},SUBJECT={$subject}
"); // Compile subject line (for POINTS constant etc.) eval("\$subject = decodeEntities(\"".compileRawCode(escapeQuotes($subject))."\");"); @@ -558,7 +558,7 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = ' // Is the webmaster! $toEmail = getConfig('WEBMASTER'); } - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):TO={$toEmail}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "TO={$toEmail}
"); // Check for PHPMailer or debug-mode if (!checkPhpMailerUsage()) { @@ -1059,10 +1059,10 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true $test = substr($found, 0, strlen($match)); // Does this entry exist? - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):found={$found},match={$match},set={$set}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "found={$found},match={$match},set={$set}
"); if ($test == $match) { // Match found! - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):fuzzyFound!
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "fuzzyFound!
"); $fuzzyFound = true; break; } // END - if @@ -1074,14 +1074,14 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true // Take all string elements if ((is_string($matches[4][$key])) && (!isset($matchesFound[$match])) && (!isset($matchesFound[$key."_" . $matches[4][$key]]))) { // Replace it in the code - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):key={$key},match={$match}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "key={$key},match={$match}
"); $newMatch = str_replace('[', "['", str_replace(']', "']", $match)); $code = str_replace($match, '".' . $newMatch . '."', $code); $matchesFound[$key . '_' . $matches[4][$key]] = 1; $matchesFound[$match] = 1; } elseif (!isset($matchesFound[$match])) { // Not yet replaced! - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):match={$match}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "match={$match}
"); $code = str_replace($match, '".' . $match . '."', $code); $matchesFound[$match] = 1; } @@ -1263,7 +1263,7 @@ function addSelectionBox ($type, $default, $prefix = '', $id = '0', $class = 're // function generateRandomCode ($length, $code, $userid, $DATA = '') { // Build server string - $server = $_SERVER['PHP_SELF'] . getConfig('ENCRYPT_SEPERATOR') . detectUserAgent() . getConfig('ENCRYPT_SEPERATOR') . getenv('SERVER_SOFTWARE') . getConfig('ENCRYPT_SEPERATOR') . detectRemoteAddr().":'.':".filemtime(getConfig('PATH').'inc/databases.php'); + $server = $_SERVER['PHP_SELF'] . getConfig('ENCRYPT_SEPERATOR') . detectUserAgent() . getConfig('ENCRYPT_SEPERATOR') . getenv('SERVER_SOFTWARE') . getConfig('ENCRYPT_SEPERATOR') . detectRemoteAddr(); // Build key string $keys = getConfig('SITE_KEY') . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY'); @@ -1314,7 +1314,7 @@ function generateRandomCode ($length, $code, $userid, $DATA = '') { } // Does only allow numbers -function bigintval ($num, $castValue = true) { +function bigintval ($num, $castValue = true, $abortOnMismatch = true) { // Filter all numbers out $ret = preg_replace('/[^0123456789]/', '', $num); @@ -1322,7 +1322,7 @@ function bigintval ($num, $castValue = true) { if ($castValue === true) $ret = (double)$ret; // Has the whole value changed? - if ('' . $ret . '' != '' . $num . '') { + if (('' . $ret . '' != '' . $num . '') && ($abortOnMismatch === true)) { // Log the values debug_report_bug('Problem with number found. ret=' . $ret . ', num='. $num); } // END - if @@ -2074,7 +2074,8 @@ function generateEmailLink ($email, $table = 'admins') { // Generate a hash for extra-security for all passwords function generateHash ($plainText, $salt = '', $hash = true) { // Is the required extension 'sql_patches' there and a salt is not given? - if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5'))) && (empty($salt))) { + // 0123 4 43 3 4 432 2 3 32 2 3 3210 + if ((((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) && (empty($salt))) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5')))) { // Extension sql_patches is missing/outdated so we hash the plain text with MD5 if ($hash === true) { // Is plain password @@ -2093,7 +2094,7 @@ function generateHash ($plainText, $salt = '', $hash = true) { // When the salt is empty build a new one, else use the first x configured characters as the salt if (empty($salt)) { - // Build server string (inc/databases.php is no longer updated with every commit) + // Build server string for more entropy $server = $_SERVER['PHP_SELF'] . getConfig('ENCRYPT_SEPERATOR') . detectUserAgent() . getConfig('ENCRYPT_SEPERATOR') . getenv('SERVER_SOFTWARE') . getConfig('ENCRYPT_SEPERATOR') . detectRemoteAddr(); // Build key string @@ -2217,7 +2218,7 @@ function genScrambleString ($len) { } // Generate an PGP-like encrypted hash of given hash for e.g. cookies -function generatePassString ($passHash) { +function encodeHashForCookie ($passHash) { // Return vanilla password hash $ret = $passHash; @@ -2409,192 +2410,6 @@ function generateErrorCodeFromUserStatus ($status='') { return $errorCode; } -// Function to search for the last modifified file -function searchDirsRecursive ($dir, &$last_changed) { - // Get dir as array - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):dir=" . $dir.'
'); - // Does it match what we are looking for? (We skip a lot files already!) - // RegexPattern to exclude ., .., .revision, .svn, debug.log or .cache in the filenames - $excludePattern = '@(\.revision|debug\.log|\.cache|config\.php)$@'; - $ds = getArrayFromDirectory($dir, '', true, false, array(), '.php', $excludePattern); - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):ds[]=".count($ds).'
'); - - // Walk through all entries - foreach ($ds as $d) { - // Generate proper FQFN - $FQFN = str_replace('//', '/', getConfig('PATH') . $dir. '/'. $d); - - // Is it a file and readable? - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):FQFN={$FQFN}
"); - if (isDirectory($FQFN)) { - // $FQFN is a directory so also crawl into this directory - $newDir = $d; - if (!empty($dir)) $newDir = $dir . '/'. $d; - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):DESCENT: " . $newDir.'
'); - searchDirsRecursive($newDir, $last_changed); - } elseif (isFileReadable($FQFN)) { - // $FQFN is a filename and no directory - $time = filemtime($FQFN); - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):File: " . $d." found. (".($last_changed['time'] - $time).")
"); - if ($last_changed['time'] < $time) { - // This file is newer as the file before - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__.") - NEWER!
"); - $last_changed['path_name'] = $FQFN; - $last_changed['time'] = $time; - } // END - if - } - } // END - foreach -} - -// "Getter" for revision/version data -function getActualVersion ($type = 'Revision') { - // By default nothing is new... ;-) - $new = false; - - // Is the cache entry there? - if (isset($GLOBALS['cache_array']['revision'][$type])) { - // Found so increase cache hit - incrementStatsEntry('cache_hits'); - - // Return it - return $GLOBALS['cache_array']['revision'][$type][0]; - } else { - // FQFN of revision file - $FQFN = sprintf("%s/.revision", getConfig('CACHE_PATH')); - - // Check if 'check_revision_data' is setted (switch for manually rewrite the .revision-File) - if ((isGetRequestParameterSet('check_revision_data')) && (getRequestParameter('check_revision_data') == 'yes')) { - // Forced rebuild of .revision file - $new = true; - } else { - // Check for revision file - if (!isFileReadable($FQFN)) { - // Not found, so we need to create it - $new = true; - } else { - // Revision file found - $ins_vers = explode("\n", readFromFile($FQFN)); - - // Get array for mapping information - $mapper = array_flip(getSearchFor()); - //* DEBUG: */ print('
mapper='.print_r($mapper, true).'
ins_vers=
'.print_r($ins_vers, true).'
'); - - // Is the content valid? - if ((!is_array($ins_vers)) || (count($ins_vers) <= 0) || (!isset($ins_vers[$mapper[$type]])) || (trim($ins_vers[$mapper[$type]]) == '') || ($ins_vers[0]) == 'new') { - // File needs update! - $new = true; - } else { - // Generate fake cache entry - foreach ($mapper as $map => $idx) { - $GLOBALS['cache_array']['revision'][$map][0] = $ins_vers[$idx]; - } // END - foreach - - // Return found value - return getActualVersion($type); - } - } - } - - // Has it been updated? - if ($new === true) { - // Write it - writeToFile($FQFN, implode("\n", getArrayFromActualVersion())); - - // ... and call recursive - return getActualVersion($type); - } // END - if - } -} - -// Repares an array we are looking for -// The returned Array is needed twice (in getArrayFromActualVersion() and in getActualVersion() in the old .revision-fallback) so I puted it in an extra function to not polute the global namespace -function getSearchFor () { - // Add Revision, Date, Tag and Author - $searchFor = array('File', 'Revision', 'Date', 'Tag', 'Author'); - - // Return the created array - return $searchFor; -} - -// @TODO Please describe this function -function getArrayFromActualVersion () { - // Init variables - $next_dir = ''; - - // Directory to start with search - $last_changed = array( - 'path_name' => '', - 'time' => 0 - ); - - // Init return array - $akt_vers = array(); - - // Init value for counting the founded keywords - $res = '0'; - - // Searches all Files and there date of the last modifikation and puts the newest File in $last_changed. - searchDirsRecursive($next_dir, $last_changed); // @TODO small change to API to $last_changed = searchDirsRecursive($next_dir, $time); - - // Get file - $last_file = readFromFile($last_changed['path_name']); - - // Get all the keywords to search for - $searchFor = getSearchFor(); - - // Save the last-changed filename for debugging - $GLOBALS['cache_array']['revision']['File'] = $last_changed['path_name']; - - // This foreach loops the $searchFor-Tags (array('Revision', 'Date', 'Tag', 'Author') --> could easaly extended in the future) - foreach ($searchFor as $search) { - // Searches for "$search-tag:VALUE$" or "$search-tag::VALUE$"(the stylish keywordversion ;-)) in the lates modified file - $res += preg_match('@\$' . $search.'(:|::) (.*) \$@U', $last_file, $t); - - // This trimms the search-result and puts it in the $GLOBALS['cache_array']['revision']-return array - if (isset($t[2])) { - $GLOBALS['cache_array']['revision'][$search] = trim($t[2]); - } // END - if - } // END - foreach - - // at least 3 keyword-Tags are needed for propper values - if ($res && $res >= 3 - && isset($GLOBALS['cache_array']['revision']['Revision']) && $GLOBALS['cache_array']['revision']['Revision'] != '' - && isset($GLOBALS['cache_array']['revision']['Date']) && $GLOBALS['cache_array']['revision']['Date'] != '' - && isset($GLOBALS['cache_array']['revision']['Tag']) && $GLOBALS['cache_array']['revision']['Tag'] != '') { - // Prepare content witch need special treadment - - // Prepare timestamp for date - preg_match('@(....)-(..)-(..) (..):(..):(..)@', $GLOBALS['cache_array']['revision']['Date'], $match_d); - $GLOBALS['cache_array']['revision']['Date'] = mktime($match_d[4], $match_d[5], $match_d[6], $match_d[2], $match_d[3], $match_d[1]); - - // Add author to the Tag if the author is set and is not quix0r (lead coder) - if ((isset($GLOBALS['cache_array']['revision']['Author'])) && ($GLOBALS['cache_array']['revision']['Author'] != 'quix0r')) { - $GLOBALS['cache_array']['revision']['Tag'] .= '-'.strtoupper($GLOBALS['cache_array']['revision']['Author']); - } // END - if - - } else { - // No valid Data from the last modificated file so read the Revision from the Server. Fallback-solution!! Should not be removed I think. - $version = sendGetRequest('check-updates3.php'); - - // Invalid request reply? - if (!isset($version[11])) { - // Cannot continue here - debug_report_bug('Invalid response from check-updates3.php, count should be 10, is ' . count($version)); - } // END - if - - // Prepare content - // Only sets not setted or not proper values to the Online-Server-Fallback-Solution - if (!isset($GLOBALS['cache_array']['revision']['File']) || $GLOBALS['cache_array']['revision']['File'] == '') $GLOBALS['cache_array']['revision']['File'] = trim($version[11]); - if (!isset($GLOBALS['cache_array']['revision']['Revision']) || $GLOBALS['cache_array']['revision']['Revision'] == '') $GLOBALS['cache_array']['revision']['Revision'] = trim($version[10]); - if (!isset($GLOBALS['cache_array']['revision']['Date']) || $GLOBALS['cache_array']['revision']['Date'] == '') $GLOBALS['cache_array']['revision']['Date'] = trim($version[9]); - if (!isset($GLOBALS['cache_array']['revision']['Tag']) || $GLOBALS['cache_array']['revision']['Tag'] == '') $GLOBALS['cache_array']['revision']['Tag'] = trim($version[8]); - if (!isset($GLOBALS['cache_array']['revision']['Author']) || $GLOBALS['cache_array']['revision']['Author'] == '') $GLOBALS['cache_array']['revision']['Author'] = 'quix0r'; - } - - // Return prepared array - return $GLOBALS['cache_array']['revision']; -} - // Back-ported from the new ship-simu engine. :-) function debug_get_printable_backtrace () { // Init variable @@ -3060,19 +2875,19 @@ function convertCommaToDot ($str) { } // Handle menu-depending failed logins and return the rendered content -function handleLoginFailtures ($accessLevel) { +function handleLoginFailures ($accessLevel) { // Default output is empty ;-) $OUT = ''; // Is the session data set? - if ((isSessionVariableSet('mxchange_' . $accessLevel.'_failures')) && (isSessionVariableSet('mxchange_' . $accessLevel.'_last_fail'))) { + if ((isSessionVariableSet('mxchange_' . $accessLevel . '_failures')) && (isSessionVariableSet('mxchange_' . $accessLevel . '_last_failure'))) { // Ignore zero values - if (getSession('mxchange_' . $accessLevel.'_failures') > 0) { + if (getSession('mxchange_' . $accessLevel . '_failures') > 0) { // Non-guest has login failures found, get both data and prepare it for template - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):accessLevel={$accessLevel}
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "accessLevel={$accessLevel}
"); $content = array( - 'login_failures' => getSession('mxchange_' . $accessLevel.'_failures'), - 'last_failure' => generateDateTime(getSession('mxchange_' . $accessLevel.'_last_fail'), 2) + 'login_failures' => getSession('mxchange_' . $accessLevel . '_failures'), + 'last_failure' => generateDateTime(getSession('mxchange_' . $accessLevel . '_last_failure'), 2) ); // Load template @@ -3080,8 +2895,8 @@ function handleLoginFailtures ($accessLevel) { } // END - if // Reset session data - setSession('mxchange_' . $accessLevel.'_failures', ''); - setSession('mxchange_' . $accessLevel.'_last_fail', ''); + setSession('mxchange_' . $accessLevel . '_failures', ''); + setSession('mxchange_' . $accessLevel . '_last_failure', ''); } // END - if // Return rendered content @@ -3109,7 +2924,7 @@ function rebuildCacheFile ($cache, $inc = '', $force = false) { // Is the include there? if (isIncludeReadable($inc)) { // And rebuild it from scratch - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."): inc={$inc} - LOADED!
"); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "inc={$inc} - LOADED!
"); loadInclude($inc); } else { // Include not found! @@ -3756,7 +3571,7 @@ function sendModeMails ($mod, $modes) { $salt = substr(getSession('u_hash'), 0, -40); // Now let's compare passwords - $hash = generatePassString(getUserData('password')); + $hash = encodeHashForCookie(getUserData('password')); // Does the hash match or should we change it? if (($hash == getSession('u_hash')) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) { @@ -4027,6 +3842,43 @@ function generateCacheFqfn ($template) { return $GLOBALS['template_cache_fqfn'][$template]; } +// Function to search for the last modified file +function searchDirsRecursive ($dir, &$last_changed, $lookFor = 'Date') { + // Get dir as array + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'dir=' . $dir); + // Does it match what we are looking for? (We skip a lot files already!) + // RegexPattern to exclude ., .., .revision, .svn, debug.log or .cache in the filenames + $excludePattern = '@(\.revision|\.svn|debug\.log|\.cache|config\.php)$@'; + + $ds = getArrayFromDirectory($dir, '', false, true, array(), '.php', $excludePattern); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'count(ds)='.count($ds)); + + // Walk through all entries + foreach ($ds as $d) { + // Generate proper FQFN + $FQFN = str_replace('//', '/', getConfig('PATH') . $dir . '/' . $d); + + // Is it a file and readable? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'dir=' . $dir . ',d=' . $d); + if (isFileReadable($FQFN)) { + // $FQFN is a readable file so extract the requested data from it + $check = extractRevisionInfoFromFile($FQFN, $lookFor); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'File: ' . $d . ' found. check=' . $check); + + // Is the file more recent? + if ((!isset($last_changed[$lookFor])) || ($last_changed[$lookFor] < $check)) { + // This file is newer as the file before + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'NEWER!'); + $last_changed['path_name'] = $FQFN; + $last_changed[$lookFor] = $check; + } // END - if + } else { + // Not readable + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'File: ' . $d . ' not readable or directory.'); + } + } // END - foreach +} + ////////////////////////////////////////////////// // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS // ////////////////////////////////////////////////// diff --git a/inc/install-functions.php b/inc/install-functions.php index 3803f72be7..525b8ae292 100644 --- a/inc/install-functions.php +++ b/inc/install-functions.php @@ -101,5 +101,24 @@ function addToInstallContent ($out) { } // END - if } +// Read a given SQL dump +function readSqlDump ($FQFN) { + // Sanity-check if file is there (should be there, but just to make it sure) + if (!isFileReadable($FQFN)) { + // This should not happen + debug_report_bug(__FUNCTION__.': File ' . basename($FQFN) . ' is not readable!'); + } // END - if + + // Load the file + $content = readFromFile($FQFN); + + // Remove some unwanted chars + $content = str_replace("\r", '', $content); + $content = str_replace("\n\n", "\n", $content); + + // Return the content + return $content; +} + // [EOF] ?> diff --git a/inc/install-inc.php b/inc/install-inc.php index 51d2fa1a2b..fa17cf66ce 100644 --- a/inc/install-inc.php +++ b/inc/install-inc.php @@ -215,7 +215,7 @@ if ((!isInstalled()) || (!isAdminRegistered())) { // Is the file readable? if (isFileReadable($FQFN)) { // Read the file - $fileContent = readFromFile($FQFN, true); + $fileContent = readSqlDump($FQFN); // Split it up against ";\n" and merge it into existing SQLs mergeSqls(explode(";\n", $fileContent), 'install'); diff --git a/inc/language/de.php b/inc/language/de.php index e5df113cfe..3bceaaacff 100644 --- a/inc/language/de.php +++ b/inc/language/de.php @@ -945,7 +945,6 @@ addMessages(array( 'PATCH_DESCRIPTION' => "Beschreibung zum Patch", 'DOWNLOAD_SVN' => "SVN-Version herunterladen", 'SVN_REPOSITORY' => "SVN-Repository", - 'SVN_CHECKOUT_COMMAND' => "SVN auschecken mit:", 'DOWNLOAD_NOW' => "Jetzt downloaden.", 'ADMIN_MEMBER_STATS_TITLE' => "Einstellungen an der Mitglieder-Statistik", 'ADMIN_MEMBER_STATS_LIMIT' => "Anzahl Mailbuchungen pro Seite (Nicht verwendet!)", diff --git a/inc/language/other_de.php b/inc/language/other_de.php index 744f9823ab..5e6c0f7b37 100644 --- a/inc/language/other_de.php +++ b/inc/language/other_de.php @@ -67,8 +67,8 @@ addMessages(array( 'ADMIN_CSS_PHP_DIRECT' => "Per <link>-Tag ausgeben (Debug!)", 'ADMIN_CSS_PHP_FILE' => "Per css.php ausgeben (empfohlen)", 'ADMIN_CSS_PHP_INLINE' => "In <style>-Tag eingeschlossen ausgeben (Debug!)", - 'ADMIN_OPTION_GUEST_MENU' => "Gastmenü global ein-/ausblenden", - 'ADMIN_OPTION_MEMBER_MENU' => "Mitgliedsmenü global ein-/ausblenden", + 'ADMIN_OPTION_GUEST_MENU' => "Gastmenü ein-/ausblenden", + 'ADMIN_OPTION_MEMBER_MENU' => "Mitgliedsmenü ein-/ausblenden", 'ADMIN_OPTION_YOURE_HERE' => "Navigation "Sie sind hier" ein-/ausblenden", 'ADMIN_GUEST_MENU_ACTIVE' => "Einblenden", 'ADMIN_GUEST_MENU_INACTIVE' => "Ausblenden", diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index b3336935e2..12727422c0 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -169,44 +169,46 @@ function adminsChangeAdminAccount ($postData, $element = '') { // Admin account saved $message = getMessage('ADMIN_ACCOUNT_SAVED'); - } elseif ($postData['pass1'][$id] == $postData['pass2'][$id]) { - // Save only when both passwords are the same (also when they are empty) - $add = ''; $cache_update = 1; - - // Generate hash - $hash = generateHash($postData['pass1'][$id]); - - // Save password when set - if (!empty($postData['pass1'][$id])) $add = sprintf(", `password`='%s'", SQL_ESCAPE($hash)); - - // Get admin's id - $adminId = getCurrentAdminId(); - $salt = substr(getAdminHash(getAdminLogin($adminId)), 0, -40); - - // Rewrite cookie when it's own account - if ($adminId == $id) { - // Set timeout cookie - setSession('admin_last', time()); - - if ($login != getSession('admin_login')) { - // Update login cookie - setSession('admin_login', $login); - - // Update password cookie as well? - if (!empty($add)) setSession('admin_md5', $hash); - } elseif (generateHash($postData['pass1'][$id], $salt) != getSession('admin_md5')) { - // Update password cookie - setSession('admin_md5', $hash); - } - } // END - if - - // Get default ACL from admin to check if we can allow him to change the default ACL - $default = getAdminDefaultAcl(getCurrentAdminId()); - - // Update admin account - if ($default == 'allow') { - // Allow changing default ACL - SQL_QUERY_ESC("UPDATE + } elseif ((isset($postData['pass1'])) && (isset($postData['pass2']))) { + // Update only if both passwords match + if (($postData['pass1'][$id] == $postData['pass2'][$id])) { + // Save only when both passwords are the same (also when they are empty) + $add = ''; $cache_update = 1; + + // Generate hash + $hash = generateHash($postData['pass1'][$id]); + + // Save password when set + if (!empty($postData['pass1'][$id])) $add = sprintf(", `password`='%s'", SQL_ESCAPE($hash)); + + // Get admin's id + $adminId = getCurrentAdminId(); + $salt = substr(getAdminHash(getAdminLogin($adminId)), 0, -40); + + // Rewrite cookie when it's own account + if ($adminId == $id) { + // Set timeout cookie + setSession('admin_last', time()); + + if ($login != getSession('admin_login')) { + // Update login cookie + setSession('admin_login', $login); + + // Update password cookie as well? + if (!empty($add)) setSession('admin_md5', $hash); + } elseif (generateHash($postData['pass1'][$id], $salt) != getSession('admin_md5')) { + // Update password cookie + setSession('admin_md5', $hash); + } + } // END - if + + // Get default ACL from admin to check if we can allow him to change the default ACL + $default = getAdminDefaultAcl(getCurrentAdminId()); + + // Update admin account + if ($default == 'allow') { + // Allow changing default ACL + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `login`='%s'".$add.", @@ -216,16 +218,16 @@ SET WHERE `id`=%s LIMIT 1", - array( - $login, - $postData['email'][$id], - $postData['mode'][$id], - $postData['la_mode'][$id], - $id - ), __FUNCTION__, __LINE__); - } else { - // Do not allow it here - SQL_QUERY_ESC("UPDATE + array( + $login, + $postData['email'][$id], + $postData['mode'][$id], + $postData['la_mode'][$id], + $id + ), __FUNCTION__, __LINE__); + } else { + // Do not allow it here + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `login`='%s'".$add.", @@ -234,19 +236,42 @@ SET WHERE `id`=%s LIMIT 1", - array( - $login, - $postData['email'][$id], - $postData['la_mode'][$id], - $id - ), __FUNCTION__, __LINE__); - } + array( + $login, + $postData['email'][$id], + $postData['la_mode'][$id], + $id + ), __FUNCTION__, __LINE__); + } - // Admin account saved - $message = getMessage('ADMIN_ACCOUNT_SAVED'); + // Admin account saved + $message = getMessage('ADMIN_ACCOUNT_SAVED'); + } else { + // Passwords did not match + $message = getMessage('ADMINS_ERROR_PASS_MISMATCH'); + } } else { - // Passwords did not match - $message = getMessage('ADMINS_ERROR_PASS_MISMATCH'); + // Update whole array + $SQL = 'UPDATE `{?_MYSQL_PREFIX?}_admins` SET '; + foreach ($postData as $entry => $value) { + // Skip login/id entry + if (in_array($entry, array('login', 'id'))) continue; + + // Do we have a non-string (e.g. number, NOW() or back-tick at the beginning? + if ((bigintval($value[$id], true, false) === $value[$id]) || ($value[$id] == 'NOW()') || (substr($value[$id], 0, 1) == '`')) { + // No need for ticks (') + $SQL .= '`' . $entry . '`=' . $value[$id] . ','; + } else { + // Strings need ticks (') around them + $SQL .= '`' . $entry . "`='" . SQL_ESCAPE($value[$id]) . "',"; + } + } // END - foreach + + // Remove last tick and finish query + $SQL = substr($SQL, 0, -1) . ' WHERE `id`=%s LIMIT 1'; + + // Run it + SQL_QUERY_ESC($SQL, array(bigintval($id)), __FUNCTION__, __LINE__); } } // END - foreach @@ -393,18 +418,6 @@ function adminsListAdminAccounts() { loadTemplate('admin_list_admins', false, $OUT); } -// Filter for adding extra data to the query -function FILTER_ADD_EXTRA_SQL_DATA ($add = '') { - // Is the admins extension updated? (should be!) - if (getExtensionVersion('admins') >= '0.3.0') $add .= ', `default_acl` AS def_acl'; - if (getExtensionVersion('admins') >= '0.6.7') $add .= ', `la_mode`'; - if (getExtensionVersion('admins') >= '0.7.2') $add .= ', `login_failures`, UNIX_TIMESTAMP(`last_failure`) AS last_failure'; - if (getExtensionVersion('admins') >= '0.7.3') $add .= ', `expert_settings`, `expert_warning`'; - - // Return it - return $add; -} - // Sends out mail to all administrators // IMPORTANT: Please use SEND_ADMIN_NOTIFCATION() for now! function sendAdminsEmails ($subj, $template, $content, $userid) { @@ -543,5 +556,125 @@ function getAminsExpertWarning () { return $data['expert_warning']; } +// Get login_failures number from administrator's login name +function getAdminLoginFailures ($adminLogin) { + // Admin login should not be empty + if (empty($adminLogin)) { + debug_report_bug('adminLogin is empty.'); + } // END - if + + // By default no admin is found + $data['login_failures'] = '-1'; + + // Check cache + if (isset($GLOBALS['cache_array']['admin']['login_failures'][$adminLogin])) { + // Use it if found to save SQL queries + $data['login_failures'] = $GLOBALS['cache_array']['admin']['login_failures'][$adminLogin]; + + // Update cache hits + incrementStatsEntry('cache_hits'); + } elseif (!isExtensionActive('cache')) { + // Load from database + $result = SQL_QUERY_ESC("SELECT `login_failures` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", + array($adminLogin), __FUNCTION__, __LINE__); + + // Do we have an entry? + if (SQL_NUMROWS($result) == 1) { + // Get it + $data = SQL_FETCHARRAY($result); + } // END - if + + // Free result + SQL_FREERESULT($result); + } + + // Return the login_failures + return $data['login_failures']; +} + +// Get last_failure number from administrator's login name +function getAdminLastFailure ($adminLogin) { + // Admin login should not be empty + if (empty($adminLogin)) { + debug_report_bug('adminLogin is empty.'); + } // END - if + + // By default no admin is found + $data['last_failure'] = '-1'; + + // Check cache + if (isset($GLOBALS['cache_array']['admin']['last_failure'][$adminLogin])) { + // Use it if found to save SQL queries + $data['last_failure'] = $GLOBALS['cache_array']['admin']['last_failure'][$adminLogin]; + + // Update cache hits + incrementStatsEntry('cache_hits'); + } elseif (!isExtensionActive('cache')) { + // Load from database + $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`last_failure`) AS `last_failure` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", + array($adminLogin), __FUNCTION__, __LINE__); + + // Do we have an entry? + if (SQL_NUMROWS($result) == 1) { + // Get it + $data = SQL_FETCHARRAY($result); + } // END - if + + // Free result + SQL_FREERESULT($result); + } + + // Return the last_failure + return $data['last_failure']; +} + +//***************************************************************************** +// Below only filter functions +//***************************************************************************** + +// Filter for adding extra data to the query +function FILTER_ADD_EXTRA_SQL_DATA ($add = '') { + // Is the admins extension updated? (should be!) + if (getExtensionVersion('admins') >= '0.3.0') $add .= ', `default_acl` AS def_acl'; + if (getExtensionVersion('admins') >= '0.6.7') $add .= ', `la_mode`'; + if (getExtensionVersion('admins') >= '0.7.2') $add .= ', `login_failures`, UNIX_TIMESTAMP(`last_failure`) AS last_failure'; + if (getExtensionVersion('admins') >= '0.7.3') $add .= ', `expert_settings`, `expert_warning`'; + + // Return it + return $add; +} + +// Reset the login failures +function FILTER_RESET_ADMINS_LOGIN_FAILURES ($data) { + // Store it in session + setSession('mxchange_admin_failures' , getAdminLoginFailures($data['login'])); + setSession('mxchange_admin_last_failure', getAdminLastFailure($data['login'])); + + // Prepare update data + $postData['login'][getCurrentAdminId()] = $data['login']; + $postData['login_failures'][getCurrentAdminId()] = '0'; + $postData['last_failure'][getCurrentAdminId()] = '0000-00-00 00:00:00'; + + // Change it in the admin + adminsChangeAdminAccount($postData); + + // Return the data for further processing + return $data; +} + +// Count the login failure +function FILTER_COUNT_ADMINS_LOGIN_FAILURE ($data) { + // Prepare update data + $postData['login'][getCurrentAdminId()] = $data['login']; + $postData['login_failures'][getCurrentAdminId()] = '`login_failures`+1'; + $postData['last_failure'][getCurrentAdminId()] = 'NOW()'; + + // Change it in the admin + adminsChangeAdminAccount($postData); + + // Return the data for further processing + return $data; +} + // [EOF] ?> diff --git a/inc/libs/cache_functions.php b/inc/libs/cache_functions.php index 03bc643743..3c678a2d5f 100644 --- a/inc/libs/cache_functions.php +++ b/inc/libs/cache_functions.php @@ -74,7 +74,7 @@ function FILTER_CACHE_DESTROY_ALL () { if (!isCacheInstanceValid()) return false; // Remove cache files - foreach (array('admin','admin_acls','config','extension','modules','refdepths','refsystem','themes','revision','filter','imprint') as $cache) { + foreach (array('admin','admin_acls','config','extension','modules','refdepths','refsystem','themes','filter','imprint') as $cache) { /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, sprintf("Trying to remove cache %s.", $cache)); if ($GLOBALS['cache_instance']->loadCacheFile($cache)) $GLOBALS['cache_instance']->removeCacheFile(); } // END - foreach diff --git a/inc/libs/rallye_functions.php b/inc/libs/rallye_functions.php index 49e5a580ee..ac1fb1c8c8 100644 --- a/inc/libs/rallye_functions.php +++ b/inc/libs/rallye_functions.php @@ -346,7 +346,7 @@ LIMIT 1", __FUNCTION__, __LINE__); SQL_FREERESULT($result); if ($notify == 'Y') { - // Transfer all neccessary data to the global $content array + // Transfer all neccessary data to $content array $content['start'] = generateDateTime($start, 2); $content['end'] = generateDateTime($end , 2); $content['now_t'] = generateDateTime(time(), 2); diff --git a/inc/libs/register_functions.php b/inc/libs/register_functions.php index e1e4ab8ae0..7cf34d913e 100644 --- a/inc/libs/register_functions.php +++ b/inc/libs/register_functions.php @@ -159,5 +159,306 @@ function FILTER_REGISTER_MUST_FILLOUT ($content) { return $content; } -// +// Checks wether the registration data is complete +function isRegistrationDataComplete () { + // Init elements + $GLOBALS['registration_ip_timeout'] = false; + $GLOBALS['registration_short_password'] = false; + $GLOBALS['register_selected_cats'] = '0'; + + // Default is okay + $isOkay = true; + + // First we only check the submitted data then we continue... :) + // + // Did he agree to our Terms Of Usage? + if (postRequestParameter('agree') != 'Y') { + setPostRequestParameter('agree', '!'); + $isOkay = false; + } // END - if + + // Did he enter a valid email address? (we really don't care about + // that, he has to click on a confirmation link :P ) + if ((!isPostRequestParameterSet('email')) || (!isEmailValid(postRequestParameter('email')))) { + setPostRequestParameter('email', '!'); + $isOkay = false; + } // END - if + + // And what about surname and family's name? + if (!isPostRequestParameterSet('surname')) { + setPostRequestParameter('surname', '!'); + $isOkay = false; + } // END - if + if (!isPostRequestParameterSet('family')) { + setPostRequestParameter('family', '!'); + $isOkay = false; + } // END - if + + // Get temporary array for modification + $postArray = postRequestArray(); + + // Check for required fields + $isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray)); + + // Set it back in request + setPostRequestArray($postArray); + + // Did he enter his password twice? + if (((!isPostRequestParameterSet('pass1')) || (!isPostRequestParameterSet('pass2'))) || ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')))) { + if ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2'))) { + setPostRequestParameter('pass1', '!'); + setPostRequestParameter('pass2', '!'); + } else { + if (!isPostRequestParameterSet('pass1')) { setPostRequestParameter('pass1', '!'); } else { setPostRequestParameter('pass1', ''); } + if (!isPostRequestParameterSet('pass2')) { setPostRequestParameter('pass2', '!'); } else { setPostRequestParameter('pass2', ''); } + } + $isOkay = false; + } // END - if + + // Is the password long enouth? + if ((strlen(postRequestParameter('pass1')) < getConfig('pass_len')) && ($isOkay === true)) { + $GLOBALS['registration_short_password'] = true; + $isOkay = false; + } // END - if + + // Do this check only when no admin is logged in + foreach (postRequestParameter('cat') as $id => $answer) { + if ($answer == 'Y') $GLOBALS['register_selected_cats']++; + } // END - foreach + + // Enougth categories selected? + $isOkay = (($isOkay) && ($GLOBALS['register_selected_cats'] < getConfig('least_cats'))); + + if ((postRequestParameter('email') != '!') && (getConfig('check_double_email') == 'Y')) { + // Does the email address already exists in our database? + if ((!isAdmin()) && (isEmailTaken(postRequestParameter('email')))) { + setPostRequestParameter('email', '?'); + $isOkay = false; + } // END - if + } // END - if + + // Check for IP timeout? + if ((!isAdmin()) && (getConfig('ip_timeout') > 0)) { + // Check his IP number + $GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr() , 'user_data', 'userid', 'REMOTE_ADDR', true, " AND (`joined` > (UNIX_TIMESTAMP() - {?ip_timeout?}) OR `last_update` > (UNIX_TIMESTAMP() - {?ip_timeout?}))") == 1); + $isOkay = false; + } // END - if + + // Return result + return $isOkay; +} + +// Do the registration +function doRegistration () { + // Prepapre month and day of birth + if (strlen(postRequestParameter('day')) == 1) setPostRequestParameter('day' , '0' . postRequestParameter('day')); + if (strlen(postRequestParameter('month')) == 1) setPostRequestParameter('month', '0' . postRequestParameter('month')); + + // Get total ... + // ... confirmed, ... + $confirmedUsers = countSumTotalData('CONFIRMED' , 'user_data', 'userid', 'status', true); + // ... unconfirmed ... + $unconfirmedUsers = countSumTotalData('UNCONFIRMED', 'user_data', 'userid', 'status', true); + // ... and locked users! + $lockedUsers = countSumTotalData('LOCKED' , 'user_data', 'userid', 'status', true); + + // Generate hash which will be inserted into confirmation mail + $hash = generateHash(sha1( + $confirmedUsers . getConfig('ENCRYPT_SEPERATOR') . + $unconfirmedUsers . getConfig('ENCRYPT_SEPERATOR') . + $lockedUsers . getConfig('ENCRYPT_SEPERATOR') . + postRequestParameter('month') . '-' . + postRequestParameter('day') . '-' . + postRequestParameter('year') . getConfig('ENCRYPT_SEPERATOR') . + detectServerName() . getConfig('ENCRYPT_SEPERATOR') . + detectRemoteAddr() . getConfig('ENCRYPT_SEPERATOR') . + detectUserAgent() . '/' . + getConfig('SITE_KEY') . '/' . + getConfig('DATE_KEY') . '/' . + getConfig('CACHE_BUSTER') + )); + + // Old way with enterable two-char-code + $countryRow = '`country`'; + $countryData = substr(postRequestParameter('cntry'), 0, 2); + + // Add design when extension sql_patches is v0.2.7 or greater + // @TODO Rewrite these all to a single filter + $GLOBALS['register_sql_columns'] = ''; + $GLOBALS['register_sql_data'] = ''; + if (isExtensionInstalledAndNewer('theme', '0.0.8')) { + // Okay, add design here + $GLOBALS['register_sql_columns'] = ', `curr_theme`'; + $GLOBALS['register_sql_data'] = ", '" . getCurrentTheme() . "'"; + } // END - if + + // Check if I shall disable sending mail to newly registered members out about active/begging rallye + // + // First comes first: begging rallye + if (isExtensionInstalledAndNewer('beg', '0.1.7')) { + // Okay, shall I disable now? + if (getConfig('beg_new_mem_notify') != 'Y') { + $GLOBALS['register_sql_columns'] .= ', `beg_ral_notify`, `beg_ral_en_notify`'; + $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()'; + } // END - if + } // END - if + + // Second: active rallye + if (isExtensionInstalledAndNewer('bonus', '0.7.7')) { + // Okay, shall I disable now? + if (getConfig('bonus_new_mem_notify') != 'Y') { + $GLOBALS['register_sql_columns'] .= ', `bonus_ral_notify`, `bonus_ral_en_notify`'; + $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()'; + } // END - if + } // END - if + + // Write user data to table + if (isExtensionActive('country')) { + // Save with new selectable country code + $countryRow = '`country_code`'; + $countryData = bigintval(postRequestParameter('country_code')); + } // END - if + + ////////////////////////////// + // Create user's account... // + ////////////////////////////// + // + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$GLOBALS['register_sql_columns'].") +VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$GLOBALS['register_sql_data'].")", + array( + $countryRow, + substr(postRequestParameter('gender'), 0, 1), + postRequestParameter('surname'), + postRequestParameter('family'), + postRequestParameter('street_nr'), + $countryData, + bigintval(postRequestParameter('zip')), + postRequestParameter('city'), + postRequestParameter('email'), + bigintval(postRequestParameter('day')), + bigintval(postRequestParameter('month')), + bigintval(postRequestParameter('year')), + generateHash(postRequestParameter('pass1')), + bigintval(postRequestParameter('max_mails')), + bigintval(postRequestParameter('max_mails')), + bigintval(postRequestParameter('refid')), + $hash, + detectRemoteAddr(), + ), __FILE__, __LINE__); + + // Get his userid + $userid = bigintval(SQL_INSERTID()); + + // Did this work? + if ($userid == '0') { + // Something bad happened! + loadTemplate('admin_settings_saved', false, getMessage('USER_NOT_REGISTERED')); + + // Stop here + return; + } // END - if + + // Is the refback extension there? + // @TODO Rewrite this to a filter + if (isExtensionActive('refback')) { + // Update refback table + updateRefbackTable($userid); + } // END - if + + // Write his welcome-points + // @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete + // @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1", + array($userid), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == '0') { + // Add only when the line was not found (maybe some more secure?) + $locked = 'points'; + + // Pay him later. First he has to confirm some mails! + if (getConfig('ref_payout') > 0) $locked = 'locked_points'; + + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `%s`) VALUES (%s,0,'{?points_register?}')", + array($locked, $userid), __FILE__, __LINE__); + + // Update mediadata as well + if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) { + // Update database + updateMediadataEntry(array('total_points'), 'add', getConfig('points_register')); + } // END - if + } // END - if + + // Write catgories + if ((is_array(postRequestParameter('cat'))) && (count(postRequestParameter('cat')))) { + foreach (postRequestParameter('cat') as $cat => $joined) { + if ($joined == 'Y') { + // Insert category entry + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)", + array($userid, bigintval($cat)), __FILE__, __LINE__); + } // END - if + } // END - foreach + } // END - if + + // ... rewrite a zero referal id to the main title + if (postRequestParameter('refid') == '0') setPostRequestParameter('refid', getConfig('MAIN_TITLE')); + + // Is ZIP code set? + if (isPostRequestParameterSet('zip')) { + // Prepare data array for the email template + // Start with the gender... + $content = array( + 'hash' => $hash, + 'userid' => $userid, + 'gender' => translateGender(postRequestParameter('gender')), + 'surname' => SQL_ESCAPE(postRequestParameter('surname')), + 'family' => SQL_ESCAPE(postRequestParameter('family')), + 'email' => SQL_ESCAPE(postRequestParameter('email')), + 'street' => SQL_ESCAPE(postRequestParameter('street_nr')), + 'city' => SQL_ESCAPE(postRequestParameter('city')), + 'zip' => bigintval(postRequestParameter('zip')), + 'country' => $countryData, + 'refid' => SQL_ESCAPE(postRequestParameter('refid')), + 'pass' => SQL_ESCAPE(postRequestParameter('pass1')), + ); + } else { + // No ZIP code entered + $content = array( + 'hash' => $hash, + 'userid' => $userid, + 'gender' => translateGender(postRequestParameter('gender')), + 'surname' => SQL_ESCAPE(postRequestParameter('surname')), + 'family' => SQL_ESCAPE(postRequestParameter('family')), + 'email' => SQL_ESCAPE(postRequestParameter('email')), + 'street' => SQL_ESCAPE(postRequestParameter('street_nr')), + 'city' => SQL_ESCAPE(postRequestParameter('city')), + 'zip' => '', + 'country' => $countryData, + 'refid' => SQL_ESCAPE(postRequestParameter('refid')), + 'pass' => SQL_ESCAPE(postRequestParameter('pass1')), + ); + } + + // Continue with birthday... + switch (getLanguage()) { + case 'de': + $content['birthday'] = bigintval(postRequestParameter('day')) . '.' . bigintval(postRequestParameter('month')) . '.' . bigintval(postRequestParameter('year')); + break; + + default: + $content['birthday'] = bigintval(postRequestParameter('month')) . '/' . bigintval(postRequestParameter('day')) . '/' . bigintval(postRequestParameter('year')); + break; + } // END - switch + + // Display information to the user that he got mail and send it away + $messageGuest = loadEmailTemplate('register-member', $content, $userid); + + // Send mail to user (confirmation link!) + $email = $content['email']; + sendEmail($content['email'], getMessage('GUEST_SUBJECT_CONFIRM_LINK'), $messageGuest); + $content['email'] = $email; + + // Send mail to admin + sendAdminNotification(getMessage('ADMIN_SUBJECT_NEW_ACCOUNT'), 'register-admin', $content, $userid); +} + +// [EOF] ?> diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php index fd6fac6d49..713a52131d 100644 --- a/inc/libs/surfbar_functions.php +++ b/inc/libs/surfbar_functions.php @@ -978,7 +978,7 @@ function SURFBAR_GENERATE_VALIDATION_CODE ($urlId, $salt = '') { $hashedCode = generateHash(md5($valCode), SURFBAR_GET_SALT()); // Finally encrypt it PGP-like and return it - $valHashedCode = generatePassString($hashedCode); + $valHashedCode = encodeHashForCookie($hashedCode); // Return hashed value //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'finalValCode='.$valHashedCode.'', false); diff --git a/inc/libs/user_functions.php b/inc/libs/user_functions.php index f2a659a14d..199ca7ee21 100644 --- a/inc/libs/user_functions.php +++ b/inc/libs/user_functions.php @@ -337,10 +337,11 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p } // END - if // Calculate new hash with the secret key and master salt together - $content['hash'] = generatePassString($content['hash']); + $content['hash'] = encodeHashForCookie($content['hash']); - // Update global array // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); + + // Set member id setMemberId($userid); // Try to set session data (which shall normally always work!) diff --git a/inc/load_cache.php b/inc/load_cache.php index 8f7a3b1e95..d6ec2a418e 100644 --- a/inc/load_cache.php +++ b/inc/load_cache.php @@ -63,14 +63,14 @@ loadIncludeOnce('inc/loader/load_cache-filter.php'); // Pre-load extensions cacher loadIncludeOnce('inc/loader/load_cache-extension.php'); +// Load all includes +loadIncludePool('cache'); + // Init filter system initFilterSystem(); // Init system here runFilterChain('init'); -// Load all includes -loadIncludePool('cache'); - // [EOF] ?> diff --git a/inc/loader/load_cache-filter.php b/inc/loader/load_cache-filter.php index 94cc66124b..47f903ff78 100644 --- a/inc/loader/load_cache-filter.php +++ b/inc/loader/load_cache-filter.php @@ -48,6 +48,9 @@ if (isInstallationPhase()) return; if (($GLOBALS['cache_instance']->loadCacheFile('filter')) && ($GLOBALS['cache_instance']->extensionVersionMatches('sql_patches'))) { // Load filter from cache $GLOBALS['cache_array']['filter'] = $GLOBALS['cache_instance']->getArrayFromCache(); + + // Prepare the array here + prepareFilterArray(); } elseif ((getOutputMode() != 1) && (isExtensionInstalled('sql_patches'))) { // Create cache file here $GLOBALS['cache_instance']->init(); diff --git a/inc/loader/load_cache-refsystem.php b/inc/loader/load_cache-refsystem.php index dc6fa299f1..89a3f48e89 100644 --- a/inc/loader/load_cache-refsystem.php +++ b/inc/loader/load_cache-refsystem.php @@ -53,7 +53,7 @@ if (($GLOBALS['cache_instance']->loadCacheFile('refsystem')) && ($GLOBALS['cache $GLOBALS['cache_instance']->init(); // Load all modules and their data - $result = SQL_QUERY('SELECT id, userid, level, counter FROM `{?_MYSQL_PREFIX?}_refsystem` ORDER BY userid, level', __FILE__, __LINE__); + $result = SQL_QUERY('SELECT `id`, `userid`, `level`, `counter` FROM `{?_MYSQL_PREFIX?}_refsystem` ORDER BY `userid` ASC, `level` ASC', __FILE__, __LINE__); while ($content = SQL_FETCHARRAY($result)) { // Add row to cache file $GLOBALS['cache_instance']->addRow($content); diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index 8b136e04a7..e8e468b2be 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -42,22 +42,22 @@ if (!defined('__SECURITY')) { } // END - if // Register an administrator account -function addAdminAccount ($user, $md5, $email) { +function addAdminAccount ($adminLogin, $passHash, $adminEmail) { // Login does already exist $ret = 'already'; // Lookup the admin $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", - array($user), __FUNCTION__, __LINE__); + array($adminLogin), __FUNCTION__, __LINE__); // Is the entry there? if (SQL_NUMROWS($result) == '0') { // Ok, let's create the admin login SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')", array( - $user, - $md5, - $email + $adminLogin, + $passHash, + $adminEmail ), __FUNCTION__, __LINE__); // All done @@ -71,170 +71,70 @@ function addAdminAccount ($user, $md5, $email) { return $ret; } -// Only be executed on login procedure! -function ifAdminLoginDataIsValid ($admin, $password) { - // By default no admin is found +// This function will be executed when the admin is not logged in and has submitted his login data +function ifAdminLoginDataIsValid ($adminLogin, $adminPassword) { + // First of all, no admin login is found $ret = '404'; - // Get admin id - $adminId = getAdminId($admin); - - // Init array with admin id by default - $data = array('admin_id' => $adminId); - - // Is the cache valid? - if (isAdminHashSet($admin)) { - // Get password from cache - $data['password'] = getAdminHash($admin); - $ret = 'pass'; - incrementStatsEntry('cache_hits'); - - // Include more admins data? - if ((isExtensionInstalledAndNewer('admins', '0.7.2')) && (isset($GLOBALS['cache_array']['admin']['login_failures'][$adminId]))) { - // Load them here - $data['login_failures'] = $GLOBALS['cache_array']['admin']['login_failures'][$adminId]; - $data['last_failure'] = $GLOBALS['cache_array']['admin']['last_failure'][$adminId]; - } // END - if - } elseif (!isExtensionActive('cache')) { - // Add extra data via filter now - $add = runFilterChain('sql_admin_extra_data'); - - // Get password from DB - $result = SQL_QUERY_ESC("SELECT `password`" . $add . " FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1", - array($adminId), __FUNCTION__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result) == 1) { - // Login password found - $ret = 'pass'; - - // Fetch data - $data = SQL_FETCHARRAY($result); - } // END - if + // Then we need to lookup the login name by getting the admin hash + $adminHash = getAdminHash($adminLogin); - // Free result - SQL_FREERESULT($result); - } + // If this is fine, we can continue + if ($adminHash != '-1') { + // Get admin id and set it as current + setCurrentAdminId(getAdminId($adminLogin)); - //* DEBUG: */ outputHtml('*' . $data['password'] . '/' . md5($password) .'/' . $ret . '*
'); - if ((isset($data['password'])) && (strlen($data['password']) == 32) && ($data['password'] == md5($password))) { - // Generate new hash - $data['password'] = generateHash($password); - - // Is the sql_patches not installed, than we cannot have a valid hashed password here! - //* DEBUG: */ outputHtml($ret . ',' . intval(isExtensionInstalledAndOlder('sql_patches', '0.3.6')) . '/' . intval(!isExtensionInstalled('sql_patches')).'
'); - if (($ret == 'pass') && ((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionInstalled('sql_patches')))) $ret = 'done'; - } elseif ((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionInstalled('sql_patches'))) { - // Old hashing way - return $ret; - } elseif (!isset($data['password'])) { - // Password not found, so no valid login! - return $ret; - } + // Now, we need to encode the password in the same way the one is encoded in database + $testHash = generateHash($adminPassword, $adminHash); - // Generate salt of password - $salt = substr($data['password'], 0, -40); - - // Check if password is same - //* DEBUG: */ outputHtml('*' . $ret . ',' . $data['password'] . ',' . $password . ',' . $salt . '*
'); - if (($ret == 'pass') && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == md5($password))) { - // Re-hash the plain passord with new random salt - $data['password'] = generateHash($password); - - // Do we have 0.7.0 of admins or later? - // Remmeber login failures if available - if ((isExtensionInstalledAndNewer('admins', '0.7.2')) && (isset($data['login_failures']))) { - // Store it in session - setSession('mxchange_admin_failures', $data['login_failures']); - setSession('mxchange_admin_last_fail', $data['last_failure']); - - // Update password and reset login failures - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s',`login_failures`=0,`last_failure`='0000-00-00 00:00:00' WHERE `id`=%s LIMIT 1", - array($data['password'], $adminId), __FUNCTION__, __LINE__); + // If they both match, the login data is valid + if ($testHash == $adminHash) { + // All fine + $ret = 'done'; } else { - // Update password - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s' WHERE `id`=%s LIMIT 1", - array($data['password'], $adminId), __FUNCTION__, __LINE__); + // Set status + $ret = 'pass'; } - - // Rebuild cache - rebuildCacheFile('admin', 'admin'); - - // Login has failed by default... ;-) - $ret = 'failed1'; - - // Password matches so login here - if (doAdminLogin($admin, $data['password'])) { - // All done now - $ret = 'done'; - } // END - if - } elseif ((empty($salt)) && ($ret == 'pass')) { - // Something bad went wrong - $ret = 'failed_salt'; - } elseif ($ret == 'done') { - // Try to login here if we have the old hashing way (sql_patches not installed?) - if (!doAdminLogin($admin, $data['password'])) { - // Something went wrong - $ret = 'failed2'; - } // END - if - } - - // Count login failure if admins extension version is 0.7.0+ - if (($ret == 'pass') && (getExtensionVersion('admins') >= '0.7.0')) { - // Update counter - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `id`=%s LIMIT 1", - array($adminId), __FUNCTION__, __LINE__); - - // Rebuild cache - rebuildCacheFile('admin', 'admin'); } // END - if - // Return the result - //* DEBUG: */ die('RETURN=' . $ret); - return $ret; -} - -// Try to login the admin by setting some session/cookie variables -function doAdminLogin ($adminLogin, $passHash) { - // Reset failure counter on matching admins version - if ((isExtensionInstalledAndNewer('admins', '0.7.0')) && ((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionInstalled('sql_patches')))) { - // Reset counter on out-dated sql_patches version - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `login_failures`=0, `last_failure`='0000-00-00 00:00:00' WHERE `login`='%s' LIMIT 1", - array($adminLogin), __FUNCTION__, __LINE__); + // Prepare data array + $data = array( + 'login' => $adminLogin, + 'pass_hash' => $adminHash + ); - // Rebuild cache - rebuildCacheFile('admin', 'admin'); - } // END - if + // Run a special filter + runFilterChain('do_admin_login_' . $ret, $data); - // Now set all session variables and return the result - return (( - setSession('admin_md5', generatePassString(generateHash($passHash, '', false))) - ) && ( - setSession('admin_login', $adminLogin) - ) && ( - setSession('admin_last', time()) - )); + // Return status + return $ret; } // Only be executed on cookie checking -function ifAdminCookiesAreValid ($admin, $password) { - // By default no admin cookies are found - $ret = '404'; - $pass = ''; +function ifAdminCookiesAreValid ($adminLogin, $passHash) { + // First of all, no admin login is found + $ret = '404'; - // Get hash - $pass = getAdminHash($admin); - if ($pass != '-1') $ret = 'pass'; + // Then we need to lookup the login name by getting the admin hash + $adminHash = getAdminHash($adminLogin); - //* DEBUG: */ outputHtml(__FUNCTION__ . '(' . __LINE__."):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")
"); + // If this is fine, we can continue + if ($adminHash != '-1') { + // Now, we need to encode the password in the same way the one is encoded in database + $testHash = encodeHashForCookie($adminHash); - // Check if password matches - if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass))) && (isAdmin())) { - // Passwords matches! - $ret = 'done'; + // If they both match, the login data is valid + if ($testHash == $passHash) { + // All fine + $ret = 'done'; + } else { + + // Set status + $ret = 'pass'; + } } // END - if - // Return result + // Return status return $ret; } @@ -734,7 +634,7 @@ function generateUserProfileLink ($userid, $title = '', $what = 'list_user') { // Check "logical-area-mode" function adminGetMenuMode () { - // Set the global mode as the mode for all admins + // Set the default menu mode as the mode for all admins $mode = getConfig('admin_menu'); $adminMode = $mode; @@ -761,7 +661,7 @@ function adminGetMenuMode () { SQL_FREERESULT($result); } - // Check what the admin wants and set it when it's not the global mode + // Check what the admin wants and set it when it's not the default mode if ($adminMode != 'global') $mode = $adminMode; // Return admin-menu's mode @@ -1243,17 +1143,8 @@ function adminResetValidateHashLogin ($hash, $login) { // Reset the password for the login. Do NOT call this function without calling above function first! function doResetAdminPassword ($login, $password) { - // Init hash - $passHash = ''; - - // Now check if we have sql_patches installed - if (isExtensionInstalledAndNewer('sql_patches', '0.3.6')) { - // Use new way of hashing - $passHash = generateHash($password); - } else { - // Old MD5 method - $passHash = md5($password); - } + // Generate hash (we already check for sql_patches in generateHash()) + $passHash = generateHash($password); // Update database SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s' WHERE `login`='%s' LIMIT 1", diff --git a/inc/modules/admin/what-unlock_emails.php b/inc/modules/admin/what-unlock_emails.php index 71926397d8..f371aed3bd 100644 --- a/inc/modules/admin/what-unlock_emails.php +++ b/inc/modules/admin/what-unlock_emails.php @@ -44,9 +44,6 @@ if ((!defined('__SECURITY')) || (!isAdmin())) { // Add description as navigation point addMenuDescription('admin', __FILE__); -// Define some variables -global $DATA; - // Check for mails $result_main = SQL_QUERY("SELECT `id`,`sender`,`subject`,`payment_id` AS `payment`,`timestamp`,`url`,`target_send`,`cat_id` AS category diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php index 3b7d77f2d1..827231b499 100644 --- a/inc/modules/guest/what-register.php +++ b/inc/modules/guest/what-register.php @@ -52,322 +52,11 @@ if (!isExtensionActive('register')) { return; } -// Initialize variables -$isOkay = true; -$shortPass = false; -$cats = '0'; -$ipTimedOut = false; - -// Default refid is zero -setPostRequestParameter('refid', 0); -if (determineReferalId() > 0) { - // Test if the refid is valid - if (!fetchUserData(determineReferalId())) { - // Not found so we set your refid! - setPostRequestParameter('refid', getConfig('def_refid')); - setSession('refid', getConfig('def_refid')); - } else { - // Use the refid here - setPostRequestParameter('refid', determineReferalId()); - } -} // END - if - -if (isFormSent()) { - // First we only check the submitted data then we continue... :) - // - // Did he agree to our Terms Of Usage? - if (postRequestParameter('agree') != 'Y') { - setPostRequestParameter('agree', '!'); - $isOkay = false; - } // END - if - - // Did he enter a valid email address? (we really don't care about - // that, he has to click on a confirmation link :P ) - if ((!isPostRequestParameterSet('email')) || (!isEmailValid(postRequestParameter('email')))) { - setPostRequestParameter('email', '!'); - $isOkay = false; - } // END - if - - // And what about surname and family's name? - if (!isPostRequestParameterSet('surname')) { - setPostRequestParameter('surname', '!'); - $isOkay = false; - } // END - if - if (!isPostRequestParameterSet('family')) { - setPostRequestParameter('family', '!'); - $isOkay = false; - } // END - if - - // Get temporary array for modification - $postArray = postRequestArray(); - - // Check for required fields - if ($isOkay === true) $isOkay = ifRequiredRegisterFieldsAreSet($postArray); - - // Set it back in request - setPostRequestArray($postArray); - - // Did he enter his password twice? - if (((!isPostRequestParameterSet('pass1')) || (!isPostRequestParameterSet('pass2'))) || ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')))) { - if ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2'))) { - setPostRequestParameter('pass1', '!'); - setPostRequestParameter('pass2', '!'); - } else { - if (!isPostRequestParameterSet('pass1')) { setPostRequestParameter('pass1', '!'); } else { setPostRequestParameter('pass1', ''); } - if (!isPostRequestParameterSet('pass2')) { setPostRequestParameter('pass2', '!'); } else { setPostRequestParameter('pass2', ''); } - } - $isOkay = false; - } // END - if - - // Is the password long enouth? - if ((strlen(postRequestParameter('pass1')) < getConfig('pass_len')) && ($isOkay === true)) { - $shortPass = true; - $isOkay = false; - } // END - if - - // No admin? Admins can always register! - if (!isAdmin()) { - // Do this check only when no admin is logged in - foreach (postRequestParameter('cat') as $id => $answer) { - if ($answer == 'Y') $cats++; - } // END - foreach - - if ($cats < getConfig('least_cats')) { - // ... nope! - $isOkay = false; - } // END - if - } // END - if - - if ((postRequestParameter('email') != '!') && (getConfig('check_double_email') == 'Y')) { - // Does the email address already exists in our database? - if ((!isAdmin()) && (isEmailTaken(postRequestParameter('email')))) { - setPostRequestParameter('email', '?'); - $isOkay = false; - } // END - if - } // END - if - - // Check for IP timeout? - if (getConfig('ip_timeout') > 0) { - // Check his IP number - $result = SQL_QUERY_ESC("SELECT - `userid` -FROM - `{?_MYSQL_PREFIX?}_user_data` -WHERE - `REMOTE_ADDR`='%s' AND - (`joined` > (UNIX_TIMESTAMP() - {?ip_timeout?}) OR `last_update` > (UNIX_TIMESTAMP() - {?ip_timeout?})) -LIMIT 1", - array(detectRemoteAddr()), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Same IP in timeout range and different email address entered... Eat this, faker! ;-) - // But admins are allowed to fake their own exchange service. - $ipTimedOut = true; - $isOkay = false; - } // END - if - - // Free memory - SQL_FREERESULT($result); - } // END - if -} // END - if - -// Is the form sent and all went fine or admin logged in? -//* DEBUG: */ print intval(isFormSent()).'/'.intval($isOkay).'/'.intval(isAdmin()).'
'; -if ((isFormSent()) && (($isOkay === true) || (isAdmin()))) { - // Prepapre month and day of birth - if (strlen(postRequestParameter('day')) == 1) setPostRequestParameter('day' , 0 . postRequestParameter('day')); - if (strlen(postRequestParameter('month')) == 1) setPostRequestParameter('month', 0 . postRequestParameter('month')); - - // Get total ... - // ... confirmed, ... - $confirmedUsers = countSumTotalData('CONFIRMED' , 'user_data', 'userid', 'status', true); - // ... unconfirmed ... - $unconfirmedUsers = countSumTotalData('UNCONFIRMED', 'user_data', 'userid', 'status', true); - // ... and locked users! - $lockedUsers = countSumTotalData('LOCKED' , 'user_data', 'userid', 'status', true); - - // Generate hash which will be inserted into confirmation mail - $hash = generateHash(sha1($confirmedUsers.getConfig('ENCRYPT_SEPERATOR').$unconfirmedUsers.getConfig('ENCRYPT_SEPERATOR').$lockedUsers.getConfig('ENCRYPT_SEPERATOR').postRequestParameter('month') . '-'.postRequestParameter('day') . '-'.postRequestParameter('year').getConfig('ENCRYPT_SEPERATOR').getenv('SERVER_NAME').getConfig('ENCRYPT_SEPERATOR').detectRemoteAddr().getConfig('ENCRYPT_SEPERATOR').detectUserAgent() . '/' . getConfig('SITE_KEY') . '/' . getConfig('DATE_KEY') . '/'. getConfig('CACHE_BUSTER'))); - - // Add design when extension sql_patches is v0.2.7 or greater - // @TODO Rewrite these all to a single filter - $ADD1 = ''; - $ADD2 = ''; - if (isExtensionInstalledAndNewer('theme', '0.0.8')) { - // Okay, add design here - $ADD1 = ', `curr_theme`'; - $ADD2 = ", '".getCurrentTheme()."'"; - } // END - if - - // Check if I shall disable sending mail to newly registered members out about active/begging rallye - // - // First comes first: begging rallye - if (isExtensionInstalledAndNewer('beg', '0.1.7')) { - // Okay, shall I disable now? - if (getConfig('beg_new_mem_notify') != 'Y') { - $ADD1 .= ', `beg_ral_notify`, `beg_ral_en_notify`'; - $ADD2 .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()'; - } // END - if - } // END - if - - // Second: active rallye - if (isExtensionInstalledAndNewer('bonus', '0.7.7')) { - // Okay, shall I disable now? - if (getConfig('bonus_new_mem_notify') != 'Y') { - $ADD1 .= ', `bonus_ral_notify`, `bonus_ral_en_notify`'; - $ADD2 .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()'; - } // END - if - } // END - if - - // Write user data to table - if (isExtensionActive('country')) { - // Save with new selectable country code - $countryRow = '`country_code`'; - $countryData = bigintval(postRequestParameter('country_code')); - } else { - // Old way with enterable two-char-code - $countryRow = '`country`'; - $countryData = substr(postRequestParameter('cntry'), 0, 2); - } - - ////////////////////////////// - // Create user's account... // - ////////////////////////////// - // - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.") -VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")", - array( - $countryRow, - substr(postRequestParameter('gender'), 0, 1), - postRequestParameter('surname'), - postRequestParameter('family'), - postRequestParameter('street_nr'), - $countryData, - bigintval(postRequestParameter('zip')), - postRequestParameter('city'), - postRequestParameter('email'), - bigintval(postRequestParameter('day')), - bigintval(postRequestParameter('month')), - bigintval(postRequestParameter('year')), - generateHash(postRequestParameter('pass1')), - bigintval(postRequestParameter('max_mails')), - bigintval(postRequestParameter('max_mails')), - bigintval(postRequestParameter('refid')), - $hash, - detectRemoteAddr(), - ), __FILE__, __LINE__); - - // Get his userid - $userid = SQL_INSERTID(); - - // Did this work? - if ($userid == '0') { - // Something bad happened! - loadTemplate('admin_settings_saved', false, getMessage('USER_NOT_REGISTERED')); - return; - } // END - if - - // Is the refback extension there? - // @TODO Rewrite this to a filter - if (isExtensionActive('refback')) { - // Update refback table - updateRefbackTable($userid); - } // END - if - - // Write his welcome-points - $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == '0') { - // Add only when the line was not found (maybe some more secure?) - $locked = 'points'; - - // Pay him later. First he has to confirm some mails! - if (getConfig('ref_payout') > 0) $locked = 'locked_points'; - - // @TODO Rewrite this to addPointsDirectly() - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `".$locked."`) VALUES (%s,0,'{?points_register?}')", - array(bigintval($userid)), __FILE__, __LINE__); - - // Update mediadata as well - if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) { - // Update database - updateMediadataEntry(array('total_points'), 'add', getConfig('points_register')); - } // END - if - } // END - if - - // Write catgories - if ((is_array(postRequestParameter('cat'))) && (count(postRequestParameter('cat')))) { - foreach (postRequestParameter('cat') as $cat => $joined) { - if ($joined == 'Y') { - // Insert category entry - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (userid, cat_id) VALUES (%s, %s)", - array(bigintval($userid), bigintval($cat)), __FILE__, __LINE__); - } // END - if - } // END - foreach - } // END - if - - // Rewrite gender - $gender = translateGender(postRequestParameter('gender')); - - // ... rewrite a zero referal id to the main title - if (postRequestParameter('refid') == '0') setPostRequestParameter('refid', getConfig('MAIN_TITLE')); - - // Is ZIP code set? - if (isPostRequestParameterSet('zip')) { - // Prepare data array for the email template - // Start with the gender... - $content = array( - 'hash' => $hash, - 'userid' => $userid, - 'gender' => $gender, - 'surname' => SQL_ESCAPE(postRequestParameter('surname')), - 'family' => SQL_ESCAPE(postRequestParameter('family')), - 'email' => SQL_ESCAPE(postRequestParameter('email')), - 'street' => SQL_ESCAPE(postRequestParameter('street_nr')), - 'city' => SQL_ESCAPE(postRequestParameter('city')), - 'zip' => bigintval(postRequestParameter('zip')), - 'country' => $countryData, - 'refid' => SQL_ESCAPE(postRequestParameter('refid')), - 'pass' => SQL_ESCAPE(postRequestParameter('pass1')), - ); - } else { - // No ZIP code entered - $content = array( - 'hash' => $hash, - 'userid' => $userid, - 'gender' => $gender, - 'surname' => SQL_ESCAPE(postRequestParameter('surname')), - 'family' => SQL_ESCAPE(postRequestParameter('family')), - 'email' => SQL_ESCAPE(postRequestParameter('email')), - 'street' => SQL_ESCAPE(postRequestParameter('street_nr')), - 'city' => SQL_ESCAPE(postRequestParameter('city')), - 'zip' => '', - 'country' => $countryData, - 'refid' => SQL_ESCAPE(postRequestParameter('refid')), - 'pass' => SQL_ESCAPE(postRequestParameter('pass1')), - ); - } - - // Continue with birthday... - switch (getLanguage()) { - case 'de': - $content['birthday'] = bigintval(postRequestParameter('day')) . '.' . bigintval(postRequestParameter('month')) . '.' . bigintval(postRequestParameter('year')); - break; - - default: - $content['birthday'] = bigintval(postRequestParameter('month')) . '/' . bigintval(postRequestParameter('day')) . '/' . bigintval(postRequestParameter('year')); - break; - } // END - switch - - // Display information to the user that he got mail and send it away - $messageGuest = loadEmailTemplate('register-member', $content, $userid); - - // Send mail to user (confirmation link!) - $email = $content['email']; - sendEmail($content['email'], getMessage('GUEST_SUBJECT_CONFIRM_LINK'), $messageGuest); - $content['email'] = $email; - - // Send mail to admin - sendAdminNotification(getMessage('ADMIN_SUBJECT_NEW_ACCOUNT'), 'register-admin', $content, $userid); +// Is the form sent and all went fine? +//* DEBUG: */ print intval(isFormSent()) . '/' . intval(isRegistrationDataComplete()) . '/' . intval(isAdmin()) . '
'; +if ((isFormSent()) && (isRegistrationDataComplete())) { + // Do the registration here + doRegistration(); // Output success registration loadTemplate('admin_settings_saved', false, getMessage('REGISTRATION_DONE')); @@ -402,15 +91,15 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF registerOutputFailedMessage('ENTER_PASS2'); } - if ($shortPass === true) { + if ($GLOBALS['registration_short_password'] === true) { registerOutputFailedMessage('SHORT_PASS', ': ' . getConfig('pass_len')); } // END - if - if ($ipTimedOut === true) { + if ($GLOBALS['registration_ip_timeout'] === true) { registerOutputFailedMessage('REMOTE_ADDR_TIMEOUT'); } // END - if - if ((!empty($cats)) && ($cats < getConfig('least_cats'))) { + if ((!empty($GLOBALS['register_selected_cats'])) && ($GLOBALS['register_selected_cats'] < getConfig('least_cats'))) { registerOutputFailedMessage('', getMessage('CATS_LEAST')); } // END - if diff --git a/inc/mysql-connect.php b/inc/mysql-connect.php index 0dd8936b1e..bd91776d29 100644 --- a/inc/mysql-connect.php +++ b/inc/mysql-connect.php @@ -42,7 +42,7 @@ if (!defined('__SECURITY')) { } // END - if // Load more function libraries or includes -foreach (array('functions', 'request-functions', 'session-functions', 'code-functions', 'language-functions', 'sql-functions', 'expression-functions', 'filter-functions', 'filters', 'mysql-manager', 'extensions-functions', 'handler') as $lib) { +foreach (array('request-functions', 'session-functions', 'code-functions', 'language-functions', 'sql-functions', 'expression-functions', 'filter-functions','revision-functions', 'filters', 'mysql-manager', 'extensions-functions', 'handler') as $lib) { // Load special functions loadIncludeOnce('inc/' . $lib . '.php'); } // END - foreach @@ -145,14 +145,11 @@ if ((!isInstalling()) && (!isInstallationPhase())) { setConfigEntry('_DB_TYPE', 'mysql3'); // Include more - foreach (array('inc/databases.php','inc/versions.php','inc/db/lib.php','inc/session.php','inc/install-functions.php','inc/load_config.php') as $inc) { + foreach (array('inc/db/lib.php','inc/databases.php','inc/session.php','inc/versions.php','inc/install-functions.php','inc/load_config.php') as $inc) { // Load the include loadIncludeOnce($inc); } // END - foreach - // Load config - loadIncludeOnce('inc/load_config.php'); - // Init filter system here initFilterSystem(); diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index bd453fac30..d56ddf7cd7 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -568,7 +568,7 @@ function isMember () { setCurrentUserid(getMemberId()); } - // Init global user data array + // Init user data array initUserData(); // Fix "deleted" cookies first @@ -579,7 +579,7 @@ function isMember () { // Cookies are set with values, but are they valid? if (fetchUserData(getMemberId()) === true) { // Validate password by created the difference of it and the secret key - $valPass = generatePassString(getUserData('password')); + $valPass = encodeHashForCookie(getUserData('password')); // Transfer last module and online time $GLOBALS['last_online']['module'] = getUserData('last_module'); @@ -693,42 +693,42 @@ function fetchUserData ($userid, $column = 'userid') { } // This patched function will reduce many SELECT queries for the specified or current admin login -function isAdmin ($admin = '') { +function isAdmin ($adminLogin = '') { // Init variables $ret = false; $passCookie = ''; $valPass = ''; - //* DEBUG: */ print(__FUNCTION__.':'.$admin.'
'); + //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'
'); // If admin login is not given take current from cookies... - if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) { + if ((empty($adminLogin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) { // Get admin login and password from session/cookies - $admin = getSession('admin_login'); + $adminLogin = getSession('admin_login'); $passCookie = getSession('admin_md5'); } // END - if - //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie.'
'); + //* DEBUG: */ print(__FUNCTION__.':'.$adminLogin.'/'.$passCookie.'
'); // Do we have cache? - if (!isset($GLOBALS['is_admin'][$admin])) { + if (!isset($GLOBALS['is_admin'][$adminLogin])) { // Init it with failed - $GLOBALS['is_admin'][$admin] = false; + $GLOBALS['is_admin'][$adminLogin] = false; // Search in array for entry if (isset($GLOBALS['admin_hash'])) { // Use cached string $valPass = $GLOBALS['admin_hash']; - } elseif ((!empty($passCookie)) && (isAdminHashSet($admin) === true) && (!empty($admin))) { + } elseif ((!empty($passCookie)) && (isAdminHashSet($adminLogin) === true) && (!empty($adminLogin))) { // Login data is valid or not? - $valPass = generatePassString(getAdminHash($admin)); + $valPass = encodeHashForCookie(getAdminHash($adminLogin)); // Cache it away $GLOBALS['admin_hash'] = $valPass; // Count cache hits incrementStatsEntry('cache_hits'); - } elseif ((!empty($admin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($admin) === false))) { + } elseif ((!empty($adminLogin)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminLogin) === false))) { // Get admin hash and hash it - $valPass = generatePassString(getAdminHash($admin)); + $valPass = encodeHashForCookie(getAdminHash($adminLogin)); // Cache it away $GLOBALS['admin_hash'] = $valPass; @@ -737,12 +737,12 @@ function isAdmin ($admin = '') { if (!empty($valPass)) { // Check if password is valid //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'
'); - $GLOBALS['is_admin'][$admin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache')))); + $GLOBALS['is_admin'][$adminLogin] = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache')))); } // END - if } // END - if // Return result of comparision - return $GLOBALS['is_admin'][$admin]; + return $GLOBALS['is_admin'][$adminLogin]; } // Generates a list of "max receiveable emails per day" @@ -1246,7 +1246,7 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify // Send email sendEmail($userid, getMessage('THANX_REFERAL_ONE_SUBJECT'), $message); - } elseif (($sendNotify) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) { + } elseif (($sendNotify === true) && (getUserData('refid') == '0') && ($locked === false) && ($add_mode == 'direct')) { // Prepare content $content = array( 'text' => getMessage('REASON_DIRECT_PAYMENT'), @@ -1341,21 +1341,21 @@ function sendAdminEmails ($subj, $message) { } // Get id number from administrator's login name -function getAdminId ($login) { +function getAdminId ($adminLogin) { // By default no admin is found $data['id'] = '-1'; // Check cache - if (isset($GLOBALS['cache_array']['admin']['admin_id'][$login])) { + if (isset($GLOBALS['cache_array']['admin']['admin_id'][$adminLogin])) { // Use it if found to save SQL queries - $data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$login]; + $data['id'] = $GLOBALS['cache_array']['admin']['admin_id'][$adminLogin]; // Update cache hits incrementStatsEntry('cache_hits'); } elseif (!isExtensionActive('cache')) { // Load from database $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", - array($login), __FUNCTION__, __LINE__); + array($adminLogin), __FUNCTION__, __LINE__); // Do we have an entry? if (SQL_NUMROWS($result) == 1) { @@ -1382,28 +1382,34 @@ function getCurrentAdminId () { $adminId = getAdminId($adminLogin); // Remember in cache securely - $GLOBALS['current_admin_id'] = bigintval($adminId); + setCurrentAdminId(bigintval($adminId)); } // END - if // Return it return $GLOBALS['current_admin_id']; } +// Setter for current admin id +function setCurrentAdminId ($currentAdminId) { + // Set it secured + $GLOBALS['current_admin_id'] = bigintval($currentAdminId); +} + // Get password hash from administrator's login name -function getAdminHash ($admin) { +function getAdminHash ($adminLogin) { // By default an invalid hash is returned $data['password'] = '-1'; - if (isAdminHashSet($admin)) { + if (isAdminHashSet($adminLogin)) { // Check cache - $data['password'] = $GLOBALS['cache_array']['admin']['password'][$admin]; + $data['password'] = $GLOBALS['cache_array']['admin']['password'][$adminLogin]; // Update cache hits incrementStatsEntry('cache_hits'); } elseif (!isExtensionActive('cache')) { // Load from database $result = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", - array($admin), __FUNCTION__, __LINE__); + array($adminLogin), __FUNCTION__, __LINE__); // Do we have an entry? if (SQL_NUMROWS($result) == 1) { @@ -1411,7 +1417,7 @@ function getAdminHash ($admin) { $data = SQL_FETCHARRAY($result); // Set cache - setAdminHash($admin, $data['password']); + setAdminHash($adminLogin, $data['password']); } // END - if // Free result diff --git a/inc/revision-functions.php b/inc/revision-functions.php new file mode 100644 index 0000000000..6f2391c696 --- /dev/null +++ b/inc/revision-functions.php @@ -0,0 +1,240 @@ +mapper='.print_r($mapper, true).'ins_vers=
'.print_r($ins_vers, true).'
'); + + // Is the content valid? + if ((!is_array($ins_vers)) || (count($ins_vers) <= 0) || (!isset($ins_vers[$mapper[$type]])) || (trim($ins_vers[$mapper[$type]]) == '') || ($ins_vers[0]) == 'new') { + // File needs update! + $new = true; + } else { + // Generate fake cache entry + foreach ($mapper as $map => $idx) { + $GLOBALS['cache_array']['revision'][$map][0] = $ins_vers[$idx]; + } // END - foreach + + // Return found value + $ret = getActualVersion($type); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret[' . $type . ']=' . $ret); + } + } + } + + // Has it been updated? + if ($new === true) { + // Write it + writeToFile($FQFN, implode("\n", getArrayFromActualVersion())); + + // ... and call recursive + $ret = getActualVersion($type); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret[' . $type . ']=' . $ret); + } // END - if + } + + // Return the value + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'ret[' . $type . ']=' . $ret); + return $ret; +} + +// Repares an array we are looking for +// The returned Array is needed twice (in getArrayFromActualVersion() and in getActualVersion() in the old .revision-fallback) so I puted it in an extra function to not polute the global namespace +function getSearchFor () { + // Add Revision, Date, Tag and Author + $searchFor = array('File', 'Revision', 'Date', 'Tag', 'Author'); + + // Return the created array + return $searchFor; +} + +// Extracts requested revision info from given file data +function extractRevisionInfoFromData ($fileData, $search) { + // Default is to return empty string + $ret = ''; + + // Searches for "$search-tag:VALUE$" or "$search-tag::VALUE$"(the stylish keywordversion ;-)) in the lates modified file + $GLOBALS['revision_res'] += preg_match('@\$' . $search . '(:|::) (.*) \$@U', $fileData, $t); + + // Make sure only valid and trimmed entries are used + if (isset($t[2])) { + $ret = trim($t[2]); + } // END - if + + // Return the result + return $ret; +} + +// Extracts requested revison info for given file name by reading it's content +// and parsing it with extractRevisionInfoFromData(). +function extractRevisionInfoFromFile ($FQFN, $search) { + // Read the file + $fileData = readFromFile($FQFN); + + // Call the extract function and return the result + return extractRevisionInfoFromData($fileData, $search); +} + +// @TODO Please describe this function +function getArrayFromActualVersion () { + // Init array + $GLOBALS['cache_array']['revision'] = array(); + + // Init variables + $next_dir = ''; + + // Directory to start with search + $last_changed = array( + 'path_name' => '', + 'time' => 0 + ); + + // Init return array + $akt_vers = array(); + + // Init value for counting the founded keywords + $GLOBALS['revision_res'] = '0'; + + // Searches all Files and there date of the last modifikation and puts the newest File in $last_changed. + searchDirsRecursive($next_dir, $last_changed, 'Revision'); + + // Get file + $last_file = readFromFile($last_changed['path_name']); + + // Save the last-changed filename for debugging + $GLOBALS['cache_array']['revision']['File'][0] = $last_changed['path_name']; + + // This foreach loops the $searchFor-Tags (array('Revision', 'Date', 'Tag', 'Author') --> could easaly extended in the future) + foreach (getSearchFor() as $search) { + // This extracts the requested data $search from file data $last_file + if ($search != 'File') { + // Skip 'File' because we have set it some lines above + $GLOBALS['cache_array']['revision'][$search][0] = extractRevisionInfoFromData($last_file, $search); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',data=' . $GLOBALS['cache_array']['revision'][$search][0]); + } // END - if + } // END - foreach + + // at least 3 keyword-Tags are needed for propper values + if ($GLOBALS['revision_res'] && $GLOBALS['revision_res'] >= 3 + && isset($GLOBALS['cache_array']['revision']['Revision'][0]) && $GLOBALS['cache_array']['revision']['Revision'][0] != '' + && isset($GLOBALS['cache_array']['revision']['Date'][0]) && $GLOBALS['cache_array']['revision']['Date'][0] != '' + && isset($GLOBALS['cache_array']['revision']['Tag'][0]) && $GLOBALS['cache_array']['revision']['Tag'][0] != '') { + // Prepare content witch need special treadment + + // Prepare timestamp for date + preg_match('@(....)-(..)-(..) (..):(..):(..)@', $GLOBALS['cache_array']['revision']['Date'][0], $match_d); + $GLOBALS['cache_array']['revision']['Date'][0] = mktime($match_d[4], $match_d[5], $match_d[6], $match_d[2], $match_d[3], $match_d[1]); + + // Add author to the Tag if the author is set and is not quix0r (lead coder) + if ((isset($GLOBALS['cache_array']['revision']['Author'][0])) && ($GLOBALS['cache_array']['revision']['Author'][0] != 'quix0r')) { + $GLOBALS['cache_array']['revision']['Tag'][0] .= '-'.strtoupper($GLOBALS['cache_array']['revision']['Author'][0]); + } // END - if + + } else { + // No valid Data from the last modificated file so read the Revision from the Server. Fallback-solution!! Should not be removed I think. + $version = sendGetRequest('check-updates3.php'); + + // Invalid request reply? + if (!isset($version[11])) { + // Cannot continue here + debug_report_bug('Invalid response from check-updates3.php, count should be 10+, is ' . count($version)); + } // END - if + + // Prepare content + // Only sets not setted or not proper values to the Online-Server-Fallback-Solution + if (!isset($GLOBALS['cache_array']['revision']['File'][0]) || $GLOBALS['cache_array']['revision']['File'][0] == '') $GLOBALS['cache_array']['revision']['File'][0] = trim($version[11]); + if (!isset($GLOBALS['cache_array']['revision']['Revision'][0]) || $GLOBALS['cache_array']['revision']['Revision'][0] == '') $GLOBALS['cache_array']['revision']['Revision'][0] = trim($version[10]); + if (!isset($GLOBALS['cache_array']['revision']['Date'][0]) || $GLOBALS['cache_array']['revision']['Date'][0] == '') $GLOBALS['cache_array']['revision']['Date'][0] = trim($version[9]); + if (!isset($GLOBALS['cache_array']['revision']['Tag'][0]) || $GLOBALS['cache_array']['revision']['Tag'][0] == '') $GLOBALS['cache_array']['revision']['Tag'][0] = trim($version[8]); + if (!isset($GLOBALS['cache_array']['revision']['Author'][0]) || $GLOBALS['cache_array']['revision']['Author'][0] == '') $GLOBALS['cache_array']['revision']['Author'][0] = 'quix0r'; + } + + // Temporary remove [0] from array + $array = $GLOBALS['cache_array']['revision']; + foreach ($array as $key => $value) { + if ((is_array($value)) && (isset($value[0]))) { + unset($array[$key][0]); + $array[$key] = $value[0]; + } // END - if + } // END - if + + // Return prepared array + return $array; +} + +// [EOF] +?> diff --git a/inc/session-functions.php b/inc/session-functions.php index 17eb30ed1d..d1ee9408d9 100644 --- a/inc/session-functions.php +++ b/inc/session-functions.php @@ -52,17 +52,17 @@ function setSession ($var, $value) { // Is the session variable set? if (('' . $value . '' == '') && (isSessionVariableSet($var))) { // Remove the session - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var)); + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var)); unset($GLOBALS['_SESSION'][$var]); return session_unregister($var); } elseif (('' . $value . '' != '') && (!isSessionVariableSet($var))) { // Set session - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value); + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value); $GLOBALS['_SESSION'][$var] = $value; return session_register($var); } elseif (!empty($value)) { // Update session - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value); + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value); $GLOBALS['_SESSION'][$var] = $value; return true; } diff --git a/inc/stylesheet.php b/inc/stylesheet.php index d77e9c9331..0181c6ebd0 100644 --- a/inc/stylesheet.php +++ b/inc/stylesheet.php @@ -119,7 +119,7 @@ if ((getOutputMode() == 1) || (getConfig('css_php') == 'DIRECT')) { } // Close tag - $GLOBALS['page_header'] .= $OUT . '%}" />'; + $GLOBALS['page_header'] .= $OUT . '%}{%ext,version=sql_patches%}" />'; } // [EOF] diff --git a/inc/wrapper-functions.php b/inc/wrapper-functions.php index 38a6eb12d2..f4b8f68b43 100644 --- a/inc/wrapper-functions.php +++ b/inc/wrapper-functions.php @@ -42,31 +42,27 @@ if (!defined('__SECURITY')) { } // END - if // Read a given file -function readFromFile ($FQFN, $sqlPrepare = false) { +function readFromFile ($FQFN) { // Sanity-check if file is there (should be there, but just to make it sure) if (!isFileReadable($FQFN)) { // This should not happen debug_report_bug(__FUNCTION__.': File ' . basename($FQFN) . ' is not readable!'); } // END - if - // Load the file - if (function_exists('file_get_contents')) { - // Use new function - $content = file_get_contents($FQFN); - } else { - // Fall-back to implode-file chain - $content = implode('', file($FQFN)); - } - - // Prepare SQL queries? - if ($sqlPrepare === true) { - // Remove some unwanted chars - $content = str_replace("\r", '', $content); - $content = str_replace("\n\n", "\n", $content); + // Is it cached? + if (!isset($GLOBALS['file_content'][$FQFN])) { + // Load the file + if (function_exists('file_get_contents')) { + // Use new function + $GLOBALS['file_content'][$FQFN] = file_get_contents($FQFN); + } else { + // Fall-back to implode-file chain + $GLOBALS['file_content'][$FQFN] = implode('', file($FQFN)); + } } // END - if // Return the content - return $content; + return $GLOBALS['file_content'][$FQFN]; } // Writes content to a file @@ -110,6 +106,9 @@ function writeToFile ($FQFN, $content, $aquireLock = false) { // Mark it as readable $GLOBALS['file_readable'][$FQFN] = true; + // Remember content in cache + $GLOBALS['file_content'][$FQFN] = $content; + // Return status return changeMode($FQFN, 0644); } @@ -170,7 +169,13 @@ function isFileReadable ($FQFN) { if (!isset($GLOBALS['file_readable'][$FQFN])) { // Check all... $GLOBALS['file_readable'][$FQFN] = ((file_exists($FQFN)) && (is_file($FQFN)) && (is_readable($FQFN))); - } // END - if + + // Debug message + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'file=' . basename($FQFN) . ' - CHECK! (' . intval($GLOBALS['file_readable'][$FQFN]) . ')'); + } else { + // Cache used + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'file=' . basename($FQFN) . ' - CACHE! (' . intval($GLOBALS['file_readable'][$FQFN]) . ')'); + } // Return result return $GLOBALS['file_readable'][$FQFN]; @@ -262,6 +267,12 @@ function detectQueryString () { return str_replace('&', '&', (getenv('QUERY_STRING'))); } +// "Getter" for SERVER_NAME +function detectServerName () { + // Return it + return (getenv('SERVER_NAME')); +} + // Check wether we are installing function isInstalling () { // Determine wether we are installing @@ -721,6 +732,7 @@ function getPhpCaching () { // Checks wether the admin hash is set function isAdminHashSet ($admin) { + if (!isset($GLOBALS['cache_array']['admin'])) debug_report_bug('Cache not set.'); return isset($GLOBALS['cache_array']['admin']['password'][$admin]); } diff --git a/templates/de/emails/header.tpl b/templates/de/emails/header.tpl index 53d3ee176b..d7955afc2b 100644 --- a/templates/de/emails/header.tpl +++ b/templates/de/emails/header.tpl @@ -3,5 +3,6 @@ Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailer: {?TITLE?} {?FULL_VERSION?} Errors-To: {?WEBMASTER?} +Bounces-To: {?WEBMASTER?} X-Loop: {?WEBMASTER?} From: "{?MAIN_TITLE?}" <{?WEBMASTER?}> diff --git a/templates/de/html/admin/admin_list_beg.tpl b/templates/de/html/admin/admin_list_beg.tpl index 815652bdd2..2645e40f1d 100644 --- a/templates/de/html/admin/admin_list_beg.tpl +++ b/templates/de/html/admin/admin_list_beg.tpl @@ -1,3 +1,4 @@ +
@@ -37,7 +38,8 @@
{--ADMIN_BEG_WINNER_HIGLIGHTED--} -
+
{--ADMIN_BEG_TIMEOUT_1--} $content[autopurge_timeout] {--ADMIN_BEG_TIMEOUT_2--}
+
diff --git a/templates/de/html/admin/admin_list_bonus.tpl b/templates/de/html/admin/admin_list_bonus.tpl index ca23323dba..40eaf1c2ab 100644 --- a/templates/de/html/admin/admin_list_bonus.tpl +++ b/templates/de/html/admin/admin_list_bonus.tpl @@ -43,4 +43,4 @@ {--ADMIN_BONUS_TIMEOUT_1--}$content[autopurge_timeout]{--ADMIN_BONUS_TIMEOUT_2--} - diff --git a/templates/de/html/admin/admin_list_bonus_emails_row.tpl b/templates/de/html/admin/admin_list_bonus_emails_row.tpl index 6ebe198b59..bdc73d3c89 100644 --- a/templates/de/html/admin/admin_list_bonus_emails_row.tpl +++ b/templates/de/html/admin/admin_list_bonus_emails_row.tpl @@ -11,7 +11,7 @@ - - @@ -110,15 +110,15 @@ $content[refid_content] - - diff --git a/templates/de/html/sponsor/sponsor_main.tpl b/templates/de/html/sponsor/sponsor_main.tpl index fb2ada8016..f792f27a0b 100644 --- a/templates/de/html/sponsor/sponsor_main.tpl +++ b/templates/de/html/sponsor/sponsor_main.tpl @@ -6,7 +6,7 @@ -
{--EMAIL_POINTS--}:
-
$content[points] {?POINTS?}
+
$content[points] {?POINTS?}
{--EMAIL_SECONDS--}:
diff --git a/templates/de/html/admin/admin_update_download.tpl b/templates/de/html/admin/admin_update_download.tpl index 6adba7ff71..74ff42388a 100644 --- a/templates/de/html/admin/admin_update_download.tpl +++ b/templates/de/html/admin/admin_update_download.tpl @@ -12,7 +12,7 @@
{--ONLINE_VERSION_IS--}:
-
v$content[version] $content[revision]
+
v$content[version] R$content[revision]
@@ -27,7 +27,7 @@
{--DOWNLOAD_SVN--}:
diff --git a/templates/de/html/ext/ext_maintenance.tpl b/templates/de/html/ext/ext_maintenance.tpl index 0af8f9f881..115ea1a404 100644 --- a/templates/de/html/ext/ext_maintenance.tpl +++ b/templates/de/html/ext/ext_maintenance.tpl @@ -1,14 +1,14 @@
-Schalten Sie Ihren {?mt_word?} in den Wartungsmodus, wenn dieser mal nicht -funktionieren sollte und Sie in Ruhe dran debuggen müssen. Bitte -aktualisieren dann zuerst Ihre SVN-Version (SVN-Update) und falls Sie den -Fehler nicht selber finden können, melden Sie sich bitte im -Forum und/oder Bug-Tracker. + Schalten Sie Ihren {?mt_word?} in den Wartungsmodus, wenn dieser mal nicht + funktionieren sollte und Sie in Ruhe dran debuggen müssen. Bitte + aktualisieren dann zuerst Ihre SVN-Version (SVN-Update) und falls Sie den + Fehler nicht selber finden können, melden Sie sich bitte im + Forum und/oder Bug-Tracker.
-Danke für Ihre Mithilfe bei der Suche nach Bugs! :-) + Danke für Ihre Mithilfe bei der Suche nach Bugs! :-)
diff --git a/templates/de/html/ext/ext_update.tpl b/templates/de/html/ext/ext_update.tpl index c37e7f9ae0..4d7c402e90 100644 --- a/templates/de/html/ext/ext_update.tpl +++ b/templates/de/html/ext/ext_update.tpl @@ -1,4 +1,4 @@ Diese Erweiterung prüft im regelmäßigen Abstand nach Updates auf dem Projekt-Server und wird Sie wahlweise per Mail oder per PopUp-Fenster im -Adminbereich (oder beides zusammen) benachrichtigen, sobald eine neuere Revision +Adminbereich (oder beides zusammen) benachrichtigen, sobald eine neuere Version verfügbar ist. diff --git a/templates/de/html/guest/guest_register.tpl b/templates/de/html/guest/guest_register.tpl index 52e5a36db0..6606f3598e 100644 --- a/templates/de/html/guest/guest_register.tpl +++ b/templates/de/html/guest/guest_register.tpl @@ -96,10 +96,10 @@
+ {--PASS_1--}, {--PASS_2--}: +
- {--TERMS_OF_USAGE--}:
- {--YOU_FINALIZE--} +
{--TERMS_OF_USAGE--}:
+
{--YOU_FINALIZE--}
+ {--AGREE_TO_THIS--}: + {--YES--}: {--NO--}:
diff --git a/theme/business/css/general.css b/theme/business/css/general.css index f1d242e7a0..1a1c67909e 100644 --- a/theme/business/css/general.css +++ b/theme/business/css/general.css @@ -152,6 +152,7 @@ DIV.admin_note { background-color: #eeeeff; color: #000000; width: 230px; + height: 25px; } .admin_logout { @@ -510,8 +511,7 @@ ul.copyright_box { vertical-align: top; } -.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub - { +.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub { text-align: left; width: 100%; } diff --git a/theme/default/css/general.css b/theme/default/css/general.css index e85e708596..7e997d66ab 100644 --- a/theme/default/css/general.css +++ b/theme/default/css/general.css @@ -197,6 +197,7 @@ DIV.admin_note { background-color: #ddeedd; color: #000077; width: 220px; + height: 25px; } .admin_logout { @@ -547,8 +548,7 @@ ul.copyright_box { vertical-align: top; } -.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub - { +.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub { text-align: left; width: 100%; } diff --git a/theme/desert/css/general.css b/theme/desert/css/general.css index d0d9989a66..7ecd93fc3d 100644 --- a/theme/desert/css/general.css +++ b/theme/desert/css/general.css @@ -152,6 +152,7 @@ DIV.admin_note { background-color: #ddddaa; color: #880000; width: 230px; + height: 25px; } .admin_logout { @@ -481,8 +482,7 @@ ul.copyright_box { vertical-align: top; } -.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub - { +.list_categories, .admin_action_header, .admin_main, .admin_menu_main, .admin_menu_sub { text-align: left; width: 100%; }