From: Roland Häder <roland@mxchange.org>
Date: Fri, 19 Dec 2008 14:07:05 +0000 (+0000)
Subject: Missing URL blacklist tabled (re-)added
X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=d0f0f15c27d6af49056e2658bb683a469f49db38

Missing URL blacklist tabled (re-)added
---

diff --git a/inc/databases.php b/inc/databases.php
index a7a03c1ed5..94869b2265 100644
--- a/inc/databases.php
+++ b/inc/databases.php
@@ -114,7 +114,7 @@ define('USAGE_BASE', "usage");
 define('SERVER_URL', "http://www.mxchange.org");
 
 // Current SVN revision
-define('CURR_SVN_REVISION', "657");
+define('CURR_SVN_REVISION', "658");
 
 // Take a prime number which is long (if you know a longer one please try it out!)
 define('_PRIME', 591623);
diff --git a/inc/extensions/ext-order.php b/inc/extensions/ext-order.php
index 4df2357071..ff17638453 100644
--- a/inc/extensions/ext-order.php
+++ b/inc/extensions/ext-order.php
@@ -38,13 +38,13 @@ if (!defined('__SECURITY')) {
 }
 
 // Version number
-$EXT_VERSION = "0.4.9";
+$EXT_VERSION = "0.5.0";
 
 // Auto-set extension version
 if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION;
 
 // Version history array (add more with , "0.1" and so on)
-$EXT_VER_HISTORY = array("0.0", "0.1", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9");
+$EXT_VER_HISTORY = array("0.0", "0.1", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0");
 
 switch ($EXT_LOAD_MODE)
 {
@@ -298,6 +298,20 @@ nicht die vom Mitglied eingegebene. Resultat: Das Script beschwerte sich, der Us
 		$UPDATE_NOTES = "Bei L&ouml;schung von Mailbuchungen kann nun global entschieden werden (Einstellungen also), ob die verbliebenen {!POINTS!} wieder gutgeschrieben werden sollen oder in den Jackpot landen.";
 		break;
 
+	case "0.5.0": // SQL queries for v0.5.0
+		$SQLs[] = "DROP TABLE IF EXISTS `"._MYSQL_PREFIX."_url_blacklist`";
+		$SQLs[] = "CREATE TABLE `"._MYSQL_PREFIX."_url_blacklist` (
+`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+`url` VARCHAR(255) NOT NULL DEFAULT '',
+`pool_id` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
+`timestamp` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+PRIMARY KEY (`id`),
+INDEX (`pool_id`)
+) TYPE=MYISAM COMMENT='URL blacklist'";
+
+		// Update notes (these will be set as task text!)
+		$UPDATE_NOTES = "Tabelle f&uuml;r URL-Sperrliste angelegt.";
+		break;
 	}
 	break;
 
@@ -309,7 +323,7 @@ default: // Do stuff when extension is loaded
 	if ((isBooleanConstantAndTrue('__DAILY_RESET')) && (isBooleanConstantAndTrue('mxchange_installed')) && (isBooleanConstantAndTrue('mxchange_installed')) && (isBooleanConstantAndTrue('admin_registered')) && (GET_EXT_VERSION("order") >= "0.1.1")) {
 		// Reset mail order values
 		$result_ext = SQL_QUERY("UPDATE `"._MYSQL_PREFIX."_user_data` SET mail_orders=0 WHERE mail_orders > 0", __FILE__, __LINE__);
-	}
+	} // END - if
 	break;
 }
 
diff --git a/inc/filters.php b/inc/filters.php
index 4a15758156..d582202ac6 100644
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -388,7 +388,7 @@ function FILTER_SOLVE_TASK ($data) {
 
 // Filter to load include files
 function FILTER_LOAD_INCLUDES ($data) {
-	global $INC_POOL;
+	global $INC_POOL, $CSS;
 
 	// Is it an array?
 	if ((!isset($INC_POOL)) || (!is_array($INC_POOL))) {
diff --git a/inc/language/de.php b/inc/language/de.php
index 8ce3b7db2f..eeb1e50985 100644
--- a/inc/language/de.php
+++ b/inc/language/de.php
@@ -1198,6 +1198,7 @@ define('TASK_SUBJ_EXTENSION_DEACTIVATED', "Erweiterung deaktiviert");
 define('ADMIN_SUBJECT_EXTENSION_DEACTIVATED', "Automatische Deaktivierung einer Erweiterung");
 define('FATAL_EXTENSION_LOADED', "Erweiterung <u>%s/u> bereits geladen!");
 define('ADMIN_ACCESS_DENIED', "Zugriff auf diesen Adminmen&uuml;punkt nicht gestattet.");
+define('ADMIN_URL_BLACKLIST_DISABLED', "URL-Sperrliste ist deaktiviert.");
 
 define('MEMBER_MAIL_BONUS_CONFIRMED_ON', "Sie haben diese Bonusmail <span class=\"data\">%s</span> best&auml;tigt.");
 define('MEMBER_MAIL_NORMAL_CONFIRMED_ON', "Sie haben diese Klickmail <span class=\"data\">%s</span> best&auml;tigt.");
diff --git a/inc/modules/admin/what-unlock_emails.php b/inc/modules/admin/what-unlock_emails.php
index c26b9bcda1..9419a62dc4 100644
--- a/inc/modules/admin/what-unlock_emails.php
+++ b/inc/modules/admin/what-unlock_emails.php
@@ -44,7 +44,10 @@ ADD_DESCR("admin", __FILE__);
 global $DATA;
 
 // Check for mails
-$result_main = SQL_QUERY("SELECT id, sender, subject, payment_id, timestamp, url, target_send, cat_id FROM "._MYSQL_PREFIX."_pool WHERE data_type='ADMIN' ORDER BY timestamp", __FILE__, __LINE__);
+$result_main = SQL_QUERY("SELECT `id`, `sender`, `subject`, `payment_id` AS `payment`, `timestamp`, `url`, `target_send`, `cat_id` AS `category`
+FROM `"._MYSQL_PREFIX."_pool`
+WHERE `data_type`='ADMIN'
+ORDER BY `timestamp` ASC", __FILE__, __LINE__);
 
 if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
 	// Count checked checkboxes
@@ -166,56 +169,52 @@ LIMIT 1",
 			// Nothing selected
 			LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MAILS_NOTHING_CHECKED);
 		}
-	} elseif ((isset($_POST['lock'])) || ($SEL > 0)) {
-		if ($SEL > 0) {
-			// Lock URLs
-			foreach ($_POST['sel'] as $id => $url) {
-				// Lookup in blacklist
-				$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
-					array($url), __FILE__, __LINE__);
-				if (SQL_NUMROWS($result) == 0) {
-					// Did not find a record so we can add it... :)
-					$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())",
-						array($url), __FILE__, __LINE__);
-				} else {
-					// Free memory
-					SQL_FREERESULT($result);
-				}
-			}
-
-			// Set message
-			$MSG = ADMIN_URLS_BLOCKED;
-		} else {
-			// Nothing selected
-			$MSG = ADMIN_MAILS_NOTHING_CHECKED;
-		}
-		LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
-	} elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) {
+	} elseif ((isset($_POST['lock'])) && ($SEL > 0) && (getConfig('url_blacklist') == "Y")) {
+		// Lock URLs
+		foreach ($_POST['sel'] as $id => $url) {
+			// Secure id number
+			$id = bigintval($id);
+
+			// Lookup in blacklist
+			$result = SQL_QUERY_ESC("SELECT `id` FROM `"._MYSQL_PREFIX."_url_blacklist` WHERE `url`='%s' LIMIT 1",
+				array($url), __FILE__, __LINE__);
+			if (SQL_NUMROWS($result) == 0) {
+				// Did not find a record so we can add it... :)
+				SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_url_blacklist` (`url`,`pool_id`) VALUES ('%s',%s)",
+					array($url, $id), __FILE__, __LINE__);
+			} // END - if
+
+			// Free memory
+			SQL_FREERESULT($result);
+		} // END - foreach
+
+		// Output message
+		LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_URLS_BLOCKED);
+	} elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject'])) && (getConfig('url_blacklist') == "Y")) {
 		// Mail orders are in pool so we can display them
 		$SW = 2; $OUT = "";
-		while (list($id, $sender, $subj, $pay, $time, $url, $tsend, $cat) = SQL_FETCHROW($result_main))
-		{
+		while ($content = SQL_FETCHARRAY($result_main)) {
 			// Prepare data for the template
 			$content = array(
 				'sw'        => $SW,
-				'id'        => $id,
-				'sender'    => $sender,
-				'u_link'    => ADMIN_USER_PROFILE_LINK($sender),
-				'subj'      => COMPILE_CODE($subj),
-				'tester'    => FRAMETESTER($url),
-				'url'       => $url,
-				'cat_title' => str_replace("\"", "&quot;", GET_CATEGORY($cat)),
-				'cat_link'  => $cat,
-				'pay_title' => str_replace("\"", "&quot;", GET_PAYMENT($pay, true)),
-				'pay_link'  => $pay,
-				'ordered'   => MAKE_DATETIME($time, "2"),
-				'tsend'     => $tsend,
+				'id'        => $content['id'],
+				'sender'    => $content['sender'],
+				'u_link'    => ADMIN_USER_PROFILE_LINK($content['sender']),
+				'subj'      => COMPILE_CODE($content['subject']),
+				'tester'    => FRAMETESTER($content['url']),
+				'url'       => $content['url'],
+				'cat_title' => str_replace("\"", "&quot;", GET_CATEGORY($content['category'])),
+				'cat_link'  => $content['category'],
+				'pay_title' => str_replace("\"", "&quot;", GET_PAYMENT($content['payment'], true)),
+				'pay_link'  => $content['payment'],
+				'ordered'   => MAKE_DATETIME($content['timestamp'], "2"),
+				'tsend'     => $content['target_send'],
 			);
 
 			// Load row template and switch colors
 			$OUT .= LOAD_TEMPLATE("admin_unlock_emails_row", true, $content);
 			$SW = 3 - $SW;
-		}
+		} // END - while
 
 		// Free memory
 		SQL_FREERESULT($result_main);
@@ -228,6 +227,9 @@ LIMIT 1",
 
 		// Load main template
 		LOAD_TEMPLATE("admin_unlock_emails");
+	} elseif ((isset($_POST['lock'])) && (getConfig('url_blacklist') == "N")) {
+		// URL blacklist not activated
+		LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_URL_BLACKLIST_DISABLED);
 	} else {
 		// Wrong call!
 		LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL);
diff --git a/inc/modules/member/what-order.php b/inc/modules/member/what-order.php
index eace0213cb..7753510fa8 100644
--- a/inc/modules/member/what-order.php
+++ b/inc/modules/member/what-order.php
@@ -84,9 +84,6 @@ if ($HOLIDAY == $DMY) $HOLIDAY='N';
 $ALLOWED = $MAXI - $ORDERS;
 if (getConfig('order_max_full') == "MAX") $ALLOWED = $MAXI;
 
-// Check HTML extension
-$HTML_EXT = EXT_IS_ACTIVE("html_mail");
-
 // Now check his points amount
 $TOTAL = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points");
 
@@ -153,15 +150,19 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1",
 		// And shall I check that his URL is not in the black list?
 		if (getConfig('url_blacklist') == "Y") {
 			// Ok, I do that for you know...
-			$result = SQL_QUERY_ESC("SELECT timestamp FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`timestamp`) AS tstamp FROM `"._MYSQL_PREFIX."_url_blacklist` WHERE `url`='%s' LIMIT 1",
 				array($_POST['url']), __FILE__, __LINE__);
 
 			if (SQL_NUMROWS($result) == 1) {
 				// Jupp, we got one listed
 				list($blist) = SQL_FETCHROW($result);
-				SQL_FREERESULT($result);
+
+				// Create redirect-URL
 				$URL = URL."/modules.php?module=login&amp;what=order&amp;msg=".CODE_BLIST_URL."&blist=".$blist;
 			} // END - if
+
+			// Free result
+			SQL_FREERESULT($result);
 		} // END - if
 
 		// Enougth receivers entered?
@@ -177,7 +178,7 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1",
 		} // END - if
 
 		// Probe for HTML extension
-		if ($HTML_EXT) {
+		if (EXT_IS_ACTIVE("html_mail")) {
 			// HTML or regular text mail?
 			if ($_POST['html'] == "Y") {
 				// Chek for valid HTML tags
@@ -276,7 +277,7 @@ WHERE userid=%s AND holiday_start < UNIX_TIMESTAMP() AND holiday_end > UNIX_TIME
 				if (($id == "0") || ($type != "TEMP")) {
 					// New order
 					$id = 0;
-					if ($HTML_EXT) {
+					if (EXT_IS_ACTIVE("html_mail")) {
 						// HTML extension is active
 						$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_pool (sender, subject, text, receivers, payment_id, data_type, timestamp, url, cat_id, target_send, zip, html_msg)
  VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s','%s')",
@@ -312,7 +313,7 @@ array(
 					}
 				} else {
 					// Change current order
-					if ($HTML_EXT) {
+					if (EXT_IS_ACTIVE("html_mail")) {
 						// HTML extension is active
 						$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
 subject='%s',
@@ -414,7 +415,7 @@ array(
 
 			// Enable HTML checking
 			$HTML = ""; $HOLIDAY = false; $HOL_STRING = "";
-			if (($HTML_EXT) && ($_POST['html'] == "Y")) $HTML = " AND html='Y'";
+			if ((EXT_IS_ACTIVE("html_mail")) && ($_POST['html'] == "Y")) $HTML = " AND html='Y'";
 			if (GET_EXT_VERSION("holiday") >= "0.1.3") {
 				// Extension's version is fine
 				$HOLIDAY = true; $HOL_STRING = " AND holiday_active='N'";
@@ -624,7 +625,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
 				}
 
 				// 01      2              21    12                                   2    23         443    3          3210
-				if ((!empty($_POST['data'])) || ((getConfig('order_multi_page') == "N") && ((!IS_ADMIN()) && (!$HTML_EXT)))) {
+				if ((!empty($_POST['data'])) || ((getConfig('order_multi_page') == "N") && ((!IS_ADMIN()) && (!EXT_IS_ACTIVE("html_mail"))))) {
 					// Pre-output categories
 					$CAT = "";
 					foreach ($CATS['id'] as $key => $value) {
@@ -661,7 +662,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
 					}
 
 					// HTML extension
-					if (($HTML_EXT) && ($_POST['html'] == "Y")) {
+					if ((EXT_IS_ACTIVE("html_mail")) && ($_POST['html'] == "Y")) {
 						// Extension is active so output valid HTML tags
 						define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_ext", true, HTML_ADD_VALID_TAGS()));
 					} else {
@@ -674,7 +675,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__);
 				} else {
 					// Remember maybe entered ZIP code in constant
 					$ADD = "";
-					if ($HTML_EXT) {
+					if (EXT_IS_ACTIVE("html_mail")) {
 						// Add some content when html extension is active
 						if ((getConfig('order_multi_page') == "Y") || (IS_ADMIN())) $ADD = "<TR><TD colspan=\"2\" class=\"seperator bottom2\" height=\"5\">&nbsp;</TD></TR>\n";
 						define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_intro", true));