From 3f51c40f4fede87228216f9285b745a339e3891d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 22 Sep 2009 00:14:55 +0000 Subject: [PATCH] Heavy rewrite: - A lot (not all!) double-quotes converted to single-quotes - A lot (again not all) SQL queries improved with back-ticks (`) for column names - The email order page (what-order.php) might be broken, please test - Some obsolete code removed - "SELECT COUNT(foo)" queries rewritten to function GET_TOTAL_DATA() - A lot more mailto-links (especially in sponsor extension) rewritten to functions - Misc fixes/rewrites - TODOs.txt updated --- .gitattributes | 1 + DOCS/TODOs.txt | 98 ++--- beg.php | 12 +- birthday_confirm.php | 15 +- debug.php | 6 +- doubler.php | 40 +-- img.php | 4 +- inc/autopurge/purge-inact.php | 32 +- inc/autopurge/purge-mails.php | 50 ++- inc/autopurge/purge-tsks.php | 7 +- inc/autopurge/purge-unconfirmed.php | 17 +- inc/check-reset.php | 4 +- inc/db/lib-mysql3.php | 29 +- inc/doubler_send.php | 41 ++- inc/filters.php | 2 +- inc/functions.php | 38 +- inc/install-inc.php | 107 ++---- inc/libs/admins_functions.php | 21 +- inc/libs/autopurge_functions.php | 18 +- inc/libs/html_mail_functions.php | 20 +- inc/libs/newsletter_functions.php | 8 +- inc/libs/rallye_functions.php | 2 +- inc/libs/surfbar_functions.php | 52 ++- inc/libs/theme_functions.php | 28 +- inc/libs/user_functions.php | 108 +++--- inc/libs/yoomedia_functions.php | 22 +- inc/modules/admin.php | 16 +- inc/modules/admin/overview-inc.php | 2 +- inc/modules/admin/what-add_points.php | 8 +- inc/modules/admin/what-chk_regs.php | 14 +- inc/modules/admin/what-config_mediadata.php | 16 +- inc/modules/admin/what-config_points.php | 14 +- .../admin/what-config_rallye_prices.php | 25 +- inc/modules/admin/what-del_email.php | 63 ++-- inc/modules/admin/what-del_user.php | 7 +- inc/modules/admin/what-edit_sponsor.php | 53 +-- inc/modules/admin/what-guestedit.php | 126 ++++--- inc/modules/admin/what-list_autopurge.php | 35 +- inc/modules/admin/what-list_beg.php | 2 +- inc/modules/admin/what-list_bonus.php | 2 +- inc/modules/admin/what-list_cats.php | 16 +- inc/modules/admin/what-list_links.php | 8 +- inc/modules/admin/what-list_payouts.php | 72 ++-- inc/modules/admin/what-list_rallyes.php | 8 +- inc/modules/admin/what-list_refs.php | 12 +- inc/modules/admin/what-list_sponsor.php | 35 +- inc/modules/admin/what-list_sponsor_pay.php | 78 ++-- inc/modules/admin/what-list_unconfirmed.php | 63 ++-- inc/modules/admin/what-list_user.php | 14 +- inc/modules/admin/what-list_yoomedia_tm.php | 4 +- inc/modules/admin/what-lock_sponsor.php | 2 +- inc/modules/admin/what-lock_user.php | 4 +- inc/modules/admin/what-mem_add.php | 61 ++-- inc/modules/admin/what-memedit.php | 100 +++--- inc/modules/admin/what-sub_points.php | 14 +- inc/modules/admin/what-unlock_sponsor.php | 10 +- inc/modules/admin/what-usage.php | 42 ++- inc/modules/frametester.php | 10 +- inc/modules/guest/what-confirm.php | 6 +- inc/modules/guest/what-login.php | 8 +- inc/modules/guest/what-register.php | 45 +-- inc/modules/guest/what-sponsor_reg.php | 96 +++-- inc/modules/guest/what-top10.php | 10 +- inc/modules/member/what-beg2.php | 30 +- inc/modules/member/what-bonus.php | 26 +- inc/modules/member/what-nickname.php | 17 +- inc/modules/member/what-order.php | 338 ++++++++++-------- inc/modules/member/what-primera.php | 42 +-- inc/modules/member/what-refback.php | 2 +- inc/modules/member/what-themes.php | 4 +- inc/modules/member/what-transfer.php | 331 ++++++++--------- inc/modules/order.php | 42 +-- inc/modules/sponsor/account.php | 2 +- inc/modules/sponsor/settings.php | 2 +- inc/monthly/monthly_beg.php | 24 +- inc/monthly/monthly_bonus.php | 26 +- inc/mysql-manager.php | 24 +- inc/wrapper-functions.php | 2 +- mailid_top.php | 12 +- modules.php | 4 +- ref.php | 4 +- show_bonus.php | 18 +- sponsor_ref.php | 4 +- surfbar.php | 2 +- templates/de/html/install/install_page5.tpl | 71 ++++ 85 files changed, 1556 insertions(+), 1354 deletions(-) create mode 100644 templates/de/html/install/install_page5.tpl diff --git a/.gitattributes b/.gitattributes index 113ad4023c..35f2646bcd 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1361,6 +1361,7 @@ templates/de/html/install/install_header.tpl -text templates/de/html/install/install_page1.tpl -text templates/de/html/install/install_page2.tpl -text templates/de/html/install/install_page3.tpl -text +templates/de/html/install/install_page5.tpl -text templates/de/html/install/install_welcome.tpl -text templates/de/html/js/.htaccess -text templates/de/html/js/js_uberwach.tpl -text diff --git a/DOCS/TODOs.txt b/DOCS/TODOs.txt index 606111fbfe..8b415109d4 100644 --- a/DOCS/TODOs.txt +++ b/DOCS/TODOs.txt @@ -1,4 +1,4 @@ -### WARNING: THIS FILE IS AUTO-GENERATED BY ./DOCS/todo-builder.sh (1000/quix0r) ### +### WARNING: THIS FILE IS AUTO-GENERATED BY DOCS/todo-builder.sh (1000/quix0r) ### ### DO NOT EDIT THIS FILE. ### ./beg.php:195: // @TODO Opps, what is missing here??? ./doubler.php:269:// @TODO Rewrite all constants @@ -13,21 +13,22 @@ ./inc/extensions.php:358:// @TODO Change from ext_id to ext_name (not just even the variable! ;-) ) ./inc/extensions.php:440: // @TODO Extension is loaded, what next? ./inc/footer.php:50: // @TODO Rewrite these all into filters -./inc/functions.php:1236: // @TODO Rewrite this unnice code -./inc/functions.php:1297: // @TODO Remove this if() block if all is working fine -./inc/functions.php:1597: // @TODO This can be, somehow, rewritten +./inc/functions.php:1238: // @TODO Rewrite this unnice code +./inc/functions.php:1299: // @TODO Remove this if() block if all is working fine +./inc/functions.php:1599: // @TODO This can be, somehow, rewritten ./inc/functions.php:214: // @TODO Remove this sanity-check if all is fine -./inc/functions.php:2404: // @TODO The status should never be empty -./inc/functions.php:2495: // @TODO shouldn't do the unset and the reloading $GLOBALS['cache_instance']->destroyCacheFile() Or a new methode like forceCacheReload('revision')? +./inc/functions.php:2406: // @TODO The status should never be empty +./inc/functions.php:2497: // @TODO shouldn't do the unset and the reloading $GLOBALS['cache_instance']->destroyCacheFile() Or a new methode like forceCacheReload('revision')? ./inc/functions.php:253: // @TODO Fine all templates which are using these direct variables and rewrite them. ./inc/functions.php:254: // @TODO After this step is done, this else-block is history -./inc/functions.php:2558:// @TODO Please describe this function -./inc/functions.php:2570: searchDirsRecursive($next_dir, $last_changed); // @TODO small change to API to $last_changed = searchDirsRecursive($next_dir, $time); -./inc/functions.php:2653: // @TODO Add a little more infos here -./inc/functions.php:2664: // @TODO This cannot be rewritten to app_die(), try to find a solution for this. -./inc/functions.php:2822: // @TODO Are these convertions still required? -./inc/functions.php:2840:// @TODO Rewrite this function to use readFromFile() and writeToFile() -./inc/functions.php:475:// @TODO Rewrite this to an extension 'smtp' +./inc/functions.php:2560:// @TODO Please describe this function +./inc/functions.php:2572: searchDirsRecursive($next_dir, $last_changed); // @TODO small change to API to $last_changed = searchDirsRecursive($next_dir, $time); +./inc/functions.php:2655: // @TODO Add a little more infos here +./inc/functions.php:2666: // @TODO This cannot be rewritten to app_die(), try to find a solution for this. +./inc/functions.php:2824: // @TODO Are these convertions still required? +./inc/functions.php:2842:// @TODO Rewrite this function to use readFromFile() and writeToFile() +./inc/functions.php:398: // @TODO Extension 'msg' does not exist +./inc/functions.php:477:// @TODO Rewrite this to an extension 'smtp' ./inc/install-inc.php:20: * @TODO Rewrite all constants in this include file * ./inc/language/de.php:1159:// @TODO Rewrite these two constants ./inc/language/de.php:1175:// @TODO Rewrite these five constants @@ -46,13 +47,14 @@ ./inc/libs/rallye_functions.php:697: // @TODO Rewrite this to our API function ./inc/libs/register_functions.php:53: // @TODO Rewrite these constants ./inc/libs/register_functions.php:62: // @TODO Rewrite these constants, too -./inc/libs/surfbar_functions.php:1481: // @TODO This can be somehow rewritten +./inc/libs/register_functions.php:97:// @TODO This function is no longer used??? +./inc/libs/surfbar_functions.php:1495: // @TODO This can be somehow rewritten ./inc/libs/surfbar_functions.php:954: // @TODO Invalid salt should be refused ./inc/libs/task_functions.php:261: // @TODO These can be rewritten to filter ./inc/libs/task_functions.php:53:// @TODO Move all extension-dependent queries into filters -./inc/libs/user_functions.php:317: // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); -./inc/libs/user_functions.php:342: // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); -./inc/libs/user_functions.php:377: // @TODO Can this query be merged with above query? +./inc/libs/user_functions.php:311: // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); +./inc/libs/user_functions.php:336: // @TODO Make this filter working: $URL = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); +./inc/libs/user_functions.php:371: // @TODO Can this query be merged with above query? ./inc/libs/yoomedia_functions.php:65: $response = YOOMEDIA_QUERY_API('out_textmail.php', true); // @TODO Ask Yoo!Media for test script ./inc/load_config.php:77: // @TODO Rewrite them to avoid this else block ./inc/load_extensions.php:13: * @TODO Rewrite this whole file to load_cache-extensions.php * @@ -84,8 +86,8 @@ ./inc/modules/admin/what-admins_mails.php:100: // @TODO Rewrite this constant ./inc/modules/admin/what-admins_mails.php:173: // @TODO Rewrite this constant ./inc/modules/admin/what-admins_mails.php:61: // @TODO Can this be rewritten??? -./inc/modules/admin/what-chk_regs.php:62: // @TODO Rewritings: sname->surname,fname->family,ip->REMOTE_ADDR,ref->refid,hash->user_hash in template -./inc/modules/admin/what-chk_regs.php:81: // @TODO Rewrite this constant +./inc/modules/admin/what-chk_regs.php:66: // @TODO Rewritings: sname->surname,fname->family,ip->REMOTE_ADDR,ref->refid,hash->user_hash in template +./inc/modules/admin/what-chk_regs.php:85: // @TODO Rewrite this constant ./inc/modules/admin/what-config_admins.php:154: // @TODO Rewrite this to filter 'run_sqls' ./inc/modules/admin/what-config_admins.php:164: // @TODO This causes the whole (!) menu cache being rebuild ./inc/modules/admin/what-config_cache.php:94: // @TODO Rewrite all constants @@ -98,7 +100,7 @@ ./inc/modules/admin/what-config_points.php:267: // @TODO Rewritings: lvl->level, per->percents in template ./inc/modules/admin/what-config_rallye_prices.php:203: // @TODO Rewritings: level->price_level, infos->info in template ./inc/modules/admin/what-config_rallye_prices.php:220: // @TODO Rewrite these two constants -./inc/modules/admin/what-config_rallye_prices.php:248: // @TODO Rewritings: aid->admin_id, alogin->login in template +./inc/modules/admin/what-config_rallye_prices.php:255: // @TODO Rewritings: aid->admin_id, alogin->login in template ./inc/modules/admin/what-config_register.php:68: // @TODO Move this HTML code into a template ./inc/modules/admin/what-config_register.php:85:// @TODO Rewrite this constant ./inc/modules/admin/what-config_rewrite.php:97: // @TODO Rewrite this constant @@ -112,10 +114,10 @@ ./inc/modules/admin/what-guest_add.php:123: // @TODO This can be somehow rewritten to a function ./inc/modules/admin/what-guest_add.php:62: // @TODO Cant this be rewritten? ./inc/modules/admin/what-guest_add.php:78: // @TODO This can be somehow rewritten to a function -./inc/modules/admin/what-guestedit.php:284: // @TODO Rewrite this constant +./inc/modules/admin/what-guestedit.php:277: // @TODO Rewrite this constant +./inc/modules/admin/what-list_autopurge.php:105: // @TODO Rewrite this constant ./inc/modules/admin/what-list_autopurge.php:55:// @TODO Rewrite those lines to filter -./inc/modules/admin/what-list_autopurge.php:78: // @TODO Rewritings: sname->surname,fname->family in templates -./inc/modules/admin/what-list_autopurge.php:98: // @TODO Rewrite this constant +./inc/modules/admin/what-list_autopurge.php:85: // @TODO Rewritings: sname->surname,fname->family in templates ./inc/modules/admin/what-list_beg.php:85: // @TODO Rewrite templates so s/fname will be replaced by surname/family ./inc/modules/admin/what-list_beg.php:86: // @TODO to shorten this block. Please also do so with uid->userid ./inc/modules/admin/what-list_cats.php:92: // @TODO Rewrite this constant @@ -129,29 +131,29 @@ ./inc/modules/admin/what-list_rallyes.php:231: // @TODO Rewrite this constant ./inc/modules/admin/what-list_rallyes.php:255: // @TODO Rewritings: uid->userid,opoints->curr_points,old->refs in template ./inc/modules/admin/what-list_rallyes.php:309: // @TODO Rewritings: aid->admin_id in template -./inc/modules/admin/what-list_sponsor.php:155: // @TODO Rewritings: sname->surname,fname->family,ip->remote_addr in template -./inc/modules/admin/what-list_sponsor.php:178: // @TODO Rewrite this constant +./inc/modules/admin/what-list_sponsor.php:168: // @TODO Rewritings: sname->surname,fname->family,ip->remote_addr in template +./inc/modules/admin/what-list_sponsor.php:191: // @TODO Rewrite this constant ./inc/modules/admin/what-list_sponsor.php:73: // @TODO Rewrite this huge amount of constants ./inc/modules/admin/what-list_task.php:129: // @TODO Rewrite these templates to one and add $OUT ./inc/modules/admin/what-list_task.php:164: // @TODO Rewritings: admin->assigned_admin,uid->userid,type->task_type_msg in template ./inc/modules/admin/what-list_task.php:176: // @TODO Rewrite this to $OUT .= ..., true, ... ./inc/modules/admin/what-list_task.php:180: // @TODO Rewrite this to $OUT .= ..., true, ... ./inc/modules/admin/what-list_transfer.php:83:// @TODO Rewrite these constants -./inc/modules/admin/what-list_unconfirmed.php:116: // @TODO Rewritings: uid->userid -./inc/modules/admin/what-list_unconfirmed.php:68: // @TODO This constant might be unused? -./inc/modules/admin/what-list_unconfirmed.php:80: // @TODO "Please do not call me directly." Should be rewritten to a nice selection depending on ext-bonus -./inc/modules/admin/what-list_unconfirmed.php:90: // @TODO Rewrite this to $content = SQL_FETCHARRAY(), look some lines above for two differrent queries +./inc/modules/admin/what-list_unconfirmed.php:128: // @TODO Rewritings: uid->userid +./inc/modules/admin/what-list_unconfirmed.php:75: // @TODO This constant might be unused? +./inc/modules/admin/what-list_unconfirmed.php:87: // @TODO "Please do not call me directly." Should be rewritten to a nice selection depending on ext-bonus +./inc/modules/admin/what-list_unconfirmed.php:97: // @TODO Rewrite this to $content = SQL_FETCHARRAY(), look some lines above for two differrent queries ./inc/modules/admin/what-list_user.php:160: // @TODO Rewrite these to filters ./inc/modules/admin/what-list_user.php:285: // @TODO Rewrite this into a filter ./inc/modules/admin/what-list_user.php:337: // @TODO Rewrite this into a filter ./inc/modules/admin/what-lock_user.php:133: // @TODO Rewrite these all constants ./inc/modules/admin/what-logs.php:69: // @TODO Fix content-type here ./inc/modules/admin/what-logs.php:72: // @TODO Fix content-type here -./inc/modules/admin/what-mem_add.php:121: // @TODO This can be somehow rewritten to a function -./inc/modules/admin/what-mem_add.php:63: // @TODO Cant this be rewritten? -./inc/modules/admin/what-mem_add.php:79: // @TODO This can be somehow rewritten to a function -./inc/modules/admin/what-memedit.php:252: // @TODO Rewrite this constant -./inc/modules/admin/what-memedit.php:288: // @TODO Rewrite this constant +./inc/modules/admin/what-mem_add.php:126: // @TODO This can be somehow rewritten to a function +./inc/modules/admin/what-mem_add.php:65: // @TODO Cant this be rewritten? +./inc/modules/admin/what-mem_add.php:81: // @TODO This can be somehow rewritten to a function +./inc/modules/admin/what-memedit.php:262: // @TODO Rewrite this constant +./inc/modules/admin/what-memedit.php:298: // @TODO Rewrite this constant ./inc/modules/admin/what-payments.php:154: // @TODO Rewritings: title->mail_title, pay->payment in template ./inc/modules/admin/what-refbanner.php:127: // @TODO Rewrite this constant ./inc/modules/admin/what-refbanner.php:150: // @TODO Rewritings: alt->alternate,cnt->counter,clx->clicks in template @@ -169,8 +171,9 @@ ./inc/modules/guest/what-mediadata.php:186:// @TODO Rewrite these all if-blocks to filters ./inc/modules/guest/what-mediadata.php:49:// @TODO Rewrite all constants ./inc/modules/guest/what-mediadata.php:69: // @TODO Find a better formular than this one -./inc/modules/guest/what-register.php:196: // @TODO Rewrite these all to a single filter -./inc/modules/guest/what-register.php:273: // @TODO Rewrite this to a filter +./inc/modules/guest/what-register.php:208: // @TODO Rewrite these all to a single filter +./inc/modules/guest/what-register.php:286: // @TODO Rewrite this to a filter +./inc/modules/guest/what-register.php:60: * @TODO Commented out, do we need this ugly code? ./inc/modules/guest/what-sponsor_infos.php:67: // @TODO Rewritings: conv->conv_rate,name->conv_name in template ./inc/modules/guest/what-sponsor_infos.php:87: // @TODO Rewritings: name->pay_name,min->pay_min_count,min->pay_min_count,curr->pay_currency ./inc/modules/guest/what-sponsor_reg.php:284: // @TODO Swap this HTML code to templates @@ -189,8 +192,9 @@ ./inc/modules/member/what-bonus.php:55: // @TODO Rewrite this to a filter ./inc/modules/member/what-categories.php:112: // @TODO Rewrite this to use $OUT .= ... ./inc/modules/member/what-mydata.php:53:// @TODO Try to rewrite this constant -./inc/modules/member/what-order.php:411: // @TODO Rewrite this to a filter -./inc/modules/member/what-order.php:506: // @TODO Rewrite this old lost code to a template +./inc/modules/member/what-nickname.php:87: // @TODO Rewrite this constant +./inc/modules/member/what-order.php:444: // @TODO Rewrite this to a filter +./inc/modules/member/what-order.php:543: // @TODO Rewrite this old lost code to a template ./inc/modules/member/what-payout.php:132: // @TODO Rewritings: acc->target_account,bank->target_bank in templates ./inc/modules/member/what-payout.php:148: // @TODO Rewrite this constant ./inc/modules/member/what-payout.php:182: // @TODO Rewrite these constants @@ -198,14 +202,16 @@ ./inc/modules/member/what-payout.php:235: // @TODO Rewrite this to a filter ./inc/modules/member/what-points.php:54:// @TODO Should we rewrite this to a filter? ./inc/modules/member/what-reflinks.php:105: // @TODO Rewritings: alt->alternate,cnt->counter,cks->clicks,uid->userid in template -./inc/modules/member/what-transfer.php:116: // @TODO Rewrite all these constants to array elements -./inc/modules/member/what-transfer.php:247: // @TODO Try to rewrite his to $content = SQL_FETCHARRAY(), see some lines above for two different queries -./inc/modules/member/what-transfer.php:309: // @TODO Rewrite these constants -./inc/modules/member/what-transfer.php:317: // @TODO Rewrite these constants -./inc/modules/member/what-transfer.php:329: // @TODO This should be somehow rewritten to $content = SQL_FETCHARRAY(), see switch() block above for SQL queries -./inc/modules/member/what-transfer.php:364: // @TODO Rewrite these constants -./inc/modules/member/what-transfer.php:451: // @TODO Rewrite all these constants +./inc/modules/member/what-transfer.php:115: // @TODO Rewrite all these constants to array elements +./inc/modules/member/what-transfer.php:246: // @TODO Try to rewrite his to $content = SQL_FETCHARRAY(), see some lines above for two different queries +./inc/modules/member/what-transfer.php:308: // @TODO Rewrite these constants +./inc/modules/member/what-transfer.php:316: // @TODO Rewrite these constants +./inc/modules/member/what-transfer.php:328: // @TODO This should be somehow rewritten to $content = SQL_FETCHARRAY(), see switch() block above for SQL queries +./inc/modules/member/what-transfer.php:363: // @TODO Rewrite these constants +./inc/modules/member/what-transfer.php:450: // @TODO Rewrite all these constants ./inc/modules/member/what-unconfirmed.php:134: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY() +./inc/modules/order.php:76: // @TODO Unused: 2,4 +./inc/monthly/monthly_bonus.php:71: // @TODO Rewrite this to a filter ./inc/mysql-manager.php:1574: // @TODO Try to rewrite this to $content = SQL_FETCHARRAY() ./inc/mysql-manager.php:1617: // @TODO Rewrite this to a filter ./inc/mysql-manager.php:1769: // @TODO Rewrite this to a filter @@ -233,7 +239,7 @@ ./mailid_top.php:223: // @TODO Rewrite these constants ./mailid_top.php:228: // @TODO Rewrite these blocks to filter ./mailid_top.php:89: // @TODO Rewrite this to a filter -./show_bonus.php:104: // @TODO Rewrite this constant +./show_bonus.php:108: // @TODO Rewrite this constant ./surfbar.php:73: // @TODO Display quick login form here or redirect as configured ### ### DEPRECATION FOLLOWS: ### ### ./inc/functions.php:238: // @DEPRECATED Try to rewrite the if() condition diff --git a/beg.php b/beg.php index cdfbfc70be..e92a8f11bd 100644 --- a/beg.php +++ b/beg.php @@ -74,8 +74,8 @@ if (REQUEST_ISSET_GET('uid')) { if (''.(REQUEST_GET('uid') + 0).'' !== ''.REQUEST_GET('uid').'') { if (EXT_IS_ACTIVE('nickname')) { // Maybe we have found a nickname? - $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array(REQUEST_GET('uid')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' LIMIT 1", + array(REQUEST_GET('uid')), __FILE__, __LINE__); } else { // Nickname entered but nickname is not active $msg = getCode('EXTENSION_PROBLEM'); @@ -83,8 +83,8 @@ if (REQUEST_ISSET_GET('uid')) { } } else { // Direct userid - $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); } // Check if locked in so don't pay points @@ -122,8 +122,8 @@ if (REQUEST_ISSET_GET('uid')) { // User id valid and not webmaster's id? if (($uid > 0) && (getConfig('beg_uid') != $uid)) { // Update counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", - array($uid), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", + array($uid), __FILE__, __LINE__); // Check for last entry for userid w/o IP number $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1", diff --git a/birthday_confirm.php b/birthday_confirm.php index d1284aec6b..c018d591d5 100644 --- a/birthday_confirm.php +++ b/birthday_confirm.php @@ -66,11 +66,16 @@ $chk = bigintval(REQUEST_GET('check'), false); // Check if link is not clicked so far $result = SQL_QUERY_ESC("SELECT b.points, d.gender, d.surname, d.family, d.status, d.ref_payout -FROM `{!_MYSQL_PREFIX!}_user_birthday` AS b -INNER JOIN `{!_MYSQL_PREFIX!}_user_data` AS d -ON b.userid=d.userid -WHERE b.userid=%s AND b.chk_value='%s' LIMIT 1", -array($uid, $chk), __FILE__, __LINE__); +FROM + `{!_MYSQL_PREFIX!}_user_birthday` AS b +INNER JOIN + `{!_MYSQL_PREFIX!}_user_data` AS d +ON + b.userid=d.userid +WHERE + b.userid=%s AND b.chk_value='%s' +LIMIT 1", + array($uid, $chk), __FILE__, __LINE__); //* DEBUG: */ echo "uid=".$uid.",chk=".$chk." (".strlen($chk).'/'.strlen(REQUEST_GET('check')).'/'.SQL_NUMROWS($result).")
\n"; // Prepare content diff --git a/debug.php b/debug.php index 8dfc9d42c3..f7e28dc25c 100644 --- a/debug.php +++ b/debug.php @@ -55,13 +55,13 @@ if ((isInstalled()) && (getTotalFatalErrors() == 0)) { } // END - if // Is the request parameter set? - if (REQUEST_ISSET_POST(('request'))) { + if (REQUEST_ISSET_POST('request')) { // Handle the request if (DEBUG_HANDLE_REQUEST(REQUEST_POST('request'))) { // Construct FQFN for the module $INC = sprintf("inc/debug/%s/request_%s", - getConfig('debug_mode'), - SQL_ESCAPE(REQUEST_POST('request')) + getConfig('debug_mode'), + SQL_ESCAPE(REQUEST_POST('request')) ); // Is the module there? Else we log it! diff --git a/doubler.php b/doubler.php index 3a3cb93ba4..03a2e5872a 100644 --- a/doubler.php +++ b/doubler.php @@ -60,19 +60,19 @@ if (!isInstalled()) { } // END - if // Probe for referal ID -if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid')); +if (REQUEST_ISSET_GET('refid')) $GLOBALS['refid'] = REQUEST_GET('refid'); // Only check this if refid is provided! if ($GLOBALS['refid'] > 0) { // Do we have nickname or userid set? if (isNicknameUsed($GLOBALS['refid'])) { // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' LIMIT 1", + array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); } // Load data @@ -98,16 +98,16 @@ if (isFormSent()) { REQUEST_SET_POST('points', bigintval(REQUEST_POST('points'))); // Begin with doubling process - if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) { + if ((REQUEST_ISSET_POST('userid')) && (REQUEST_ISSET_POST('pass')) && (REQUEST_ISSET_POST('points'))) { // Probe for nickname extension and if a nickname was entered if (isNickNameUsed(REQUEST_POST('userid'))) { // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array(REQUEST_POST('userid')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status`, `password` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' LIMIT 1", + array(REQUEST_POST('userid')), __FILE__, __LINE__); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status, `password` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__); } // Load data @@ -135,8 +135,8 @@ if (isFormSent()) { if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0) // Enough points are left so let's continue with the doubling process // Create doubling "account" width *DOUBLED* points - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')", - array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')", + array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__); // Subtract entered points SUB_POINTS('doubler', $uid, REQUEST_POST('points')); @@ -149,11 +149,11 @@ if (isFormSent()) { // Add second line for the referal but only when uid != refid if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) { // Okay add a refid line and apply refid percents - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')", - array( - bigintval($GLOBALS['refid']), - bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref')) - ), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')", + array( + bigintval($GLOBALS['refid']), + bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref')) + ), __FILE__, __LINE__); // And that's why we don't want to you more than one referal level of doubler-points. ^^^ } // END - if @@ -189,13 +189,13 @@ if (isFormSent()) { // Wrong password or account not found define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER')); } - } elseif (!REQUEST_ISSET_POST(('userid'))) { + } elseif (!REQUEST_ISSET_POST('userid')) { // Login not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN')); - } elseif (!REQUEST_ISSET_POST(('pass'))) { + } elseif (!REQUEST_ISSET_POST('pass')) { // Password not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD')); - } elseif (!REQUEST_ISSET_POST(('points'))) { + } elseif (!REQUEST_ISSET_POST('points')) { // points not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS')); } diff --git a/img.php b/img.php index adaa3e271e..fb384e8a44 100644 --- a/img.php +++ b/img.php @@ -56,13 +56,13 @@ if (!isInstalled()) { loadIncludeOnce('inc/header.php'); // Code set? -if (REQUEST_ISSET_GET(('code'))) { +if (REQUEST_ISSET_GET('code')) { // Generate image GENERATE_IMAGE(bigintval(REQUEST_GET('code'))); } elseif (REQUEST_ISSET_GET('tag')) { // Tag set so create the IFN (Include-FileName) $INC = sprintf("inc/img/tag-%s.php", - REQUEST_GET('tag') + REQUEST_GET('tag') ); // Include is readable? diff --git a/inc/autopurge/purge-inact.php b/inc/autopurge/purge-inact.php index fc75e5f62b..17a64174ed 100644 --- a/inc/autopurge/purge-inact.php +++ b/inc/autopurge/purge-inact.php @@ -53,9 +53,6 @@ if (getConfig('autopurge_inactive') == 'Y') { // Init SQLs INIT_SQLS(); - // Ok, let's have a look... - $since = getConfig(('ap_inactive_since')); - // Init exclusion list $EXCLUDE_LIST = ''; if (getConfig('def_refid') > 0) { @@ -78,7 +75,12 @@ if (getConfig('autopurge_inactive') == 'Y') { FROM `{!_MYSQL_PREFIX!}_user_data` AS d WHERE d.`status`='CONFIRMED' AND d.joined < (UNIX_TIMESTAMP() - %s) AND d.last_online < (UNIX_TIMESTAMP() - %s) AND d.ap_notified < (UNIX_TIMESTAMP() - %s) ".$EXCLUDE_LIST." -ORDER BY d.userid", array($since, $since, $since), __FILE__, __LINE__); +ORDER BY d.userid", + array(, + getConfig('ap_inactive_since'), + getConfig('ap_inactive_since'), + getConfig('ap_inactive_since') + ), __FILE__, __LINE__); if (SQL_NUMROWS($result_inactive) > 0) { // Prepare variables and constants... @@ -99,15 +101,15 @@ ORDER BY d.userid", array($since, $since, $since), __FILE__, __LINE__); sendEmail($content['email'], getMessage('AUTOPURGE_MEMBER_INACTIVE_SUBJECT'), $msg); // Update this account - ADD_SQL(SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET ap_notified=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1", - array(bigintval($content['userid'])), __FILE__, __LINE__, false)); + ADD_SQL(SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `ap_notified`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1", + array(bigintval($content['userid'])), __FILE__, __LINE__, false)); } // END - while // Remove last comma $UIDs = str_replace(", ", "\n", substr($UIDs, 0, -2)); // Send mail notification to admin - sendAdminNotification(getMessage('AUTOPURGE_ADMIN_INACTIVE_SUBJECT'), "admin_autopurge_inactive", $UIDs, ''); + sendAdminNotification(getMessage('AUTOPURGE_ADMIN_INACTIVE_SUBJECT'), 'admin_autopurge_inactive', $UIDs, ''); } // END - if // Free memory @@ -115,13 +117,17 @@ ORDER BY d.userid", array($since, $since, $since), __FILE__, __LINE__); // Now let's have a look for inactive accounts we want to delete we newly use the same exclude list // here for e.g. excluding holiday users - $time = getConfig(('ap_in_time')); $result_inactive = SQL_QUERY_ESC("SELECT d.userid, d.email, d.last_online FROM `{!_MYSQL_PREFIX!}_user_data` AS d -WHERE `status`='CONFIRMED' AND joined < (UNIX_TIMESTAMP() - %s) AND `last_online` < (UNIX_TIMESTAMP() - %s) AND ap_notified < (UNIX_TIMESTAMP() - %s) +WHERE `status`='CONFIRMED' AND `joined` < (UNIX_TIMESTAMP() - %s) AND `last_online` < (UNIX_TIMESTAMP() - %s) AND `ap_notified` < (UNIX_TIMESTAMP() - %s) ".$EXCLUDE_LIST." ORDER BY `userid` ASC", - array($since, $since, $time), __FILE__, __LINE__); + array( + getConfig('ap_inactive_since'), + getConfig('ap_inactive_since'), + getConfig('ap_in_time') + ), __FILE__, __LINE__); + if (SQL_NUMROWS($result_inactive) > 0) { // Prepare variable... $UIDs = ''; @@ -129,13 +135,13 @@ ORDER BY `userid` ASC", // Delete inactive accounts while ($content = SQL_FETCHARRAY($result_inactive)) { // Remember userids for the admin - $UIDs .= $content['userid'].", "; + $UIDs .= $content['userid'] . ', '; // Get date/time from timestamp $content['last_online'] = generateDateTime($content['last_online'], '0'); // Finnaly delete this inactive account - deleteUserAccount($content['userid'], LOAD_EMAIL_TEMPLATE("member_autopurge_delete", $content['last_online'], '')); + deleteUserAccount($content['userid'], LOAD_EMAIL_TEMPLATE('member_autopurge_delete', $content['last_online'], '')); } // END - while // Remove last comma @@ -143,7 +149,7 @@ ORDER BY `userid` ASC", // Send mail notification to admin if (getConfig('ap_in_notify') == 'Y') { - sendAdminNotification(getMessage('AUTOPURGE_ADMIN_DELETE_SUBJECT'), "admin_autopurge_delete", $UIDs, ''); + sendAdminNotification(getMessage('AUTOPURGE_ADMIN_DELETE_SUBJECT'), 'admin_autopurge_delete', $UIDs, ''); } // END - if } // END - if diff --git a/inc/autopurge/purge-mails.php b/inc/autopurge/purge-mails.php index 49d13c9a63..9cdfc62706 100644 --- a/inc/autopurge/purge-mails.php +++ b/inc/autopurge/purge-mails.php @@ -51,12 +51,11 @@ if ((!EXT_IS_ACTIVE('autopurge')) || (getConfig('auto_purge_active') != 'Y')) { // Search for mails from deleted members? if (getConfig('ap_del_mails') == 'Y') { // Okay, let's check for them... - $since = getConfig(('ap_dm_timeout')); - $result_mails = SQL_QUERY_ESC("SELECT sender + $result_mails = SQL_QUERY_ESC("SELECT `sender` FROM `{!_MYSQL_PREFIX!}_pool` -WHERE data_type='DELETED' AND timestamp <= (UNIX_TIMESTAMP() - %s) -ORDER BY sender ASC", - array($since), __FILE__, __LINE__); +WHERE data_type='DELETED' AND `timestamp` <= (UNIX_TIMESTAMP() - %s) +ORDER BY `sender` ASC", + array(getConfig('ap_dm_timeout')), __FILE__, __LINE__); // Reset counter... $DELETED = 0; @@ -66,21 +65,20 @@ ORDER BY sender ASC", // Okay, check for their sender's while ($content = SQL_FETCHARRAY($result_mails)) { // Check now... - $fount = SQL_NUMROWS(SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + $fount = SQL_NUMROWS(SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", array(bigintval($content['sender'])), __FILE__, __LINE__)); if ($found == 0) { // Okay we found some mails! - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_pool` WHERE sender=%s", - array(bigintval($content['sender'])), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_pool` WHERE `sender`=%s", + array(bigintval($content['sender'])), __FILE__, __LINE__); $DELETED += SQL_AFFECTEDROWS(); - // Reset query (to prevent possible errors) ... - $since = getConfig(('ap_dm_timeout')); - $result_mails = SQL_QUERY_ESC("SELECT sender + // Reset query (to prevent possible errors) ...; + $result_mails = SQL_QUERY_ESC("SELECT `sender` FROM `{!_MYSQL_PREFIX!}_pool` WHERE data_type='DELETED' AND timestamp <= (UNIX_TIMESTAMP() - %s) -ORDER BY sender ASC", - array($since), __FILE__, __LINE__); +ORDER BY `sender` ASC", + array(getConfig('ap_dm_timeout')), __FILE__, __LINE__); } } } @@ -88,32 +86,32 @@ ORDER BY sender ASC", // Free memory SQL_FREERESULT($result_mails); - // Now let's check for stats entries as well - $since = getConfig(('ap_dm_timeout')); - $result_mails = SQL_QUERY_ESC("SELECT sender + // Now let's check for stats entries as well; + $result_mails = SQL_QUERY_ESC("SELECT `sender` FROM `{!_MYSQL_PREFIX!}_user_stats` -WHERE data_type='DELETED' AND timestamp_send <= (UNIX_TIMESTAMP() - %s) -ORDER BY sender ASC", - array($since), __FILE__, __LINE__); +WHERE `data_type`='DELETED' AND `timestamp_send` <= (UNIX_TIMESTAMP() - %s) +ORDER BY `sender` ASC", + array(getConfig('ap_dm_timeout')), __FILE__, __LINE__); // Do we have "purged" mails? if (SQL_NUMROWS($result_mails) > 0) { // Okay, check for their sender's while ($content = SQL_FETCHARRAY($result_mails)) { // Check now... - $found = SQL_NUMROWS(SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($content['sender'])), __FILE__, __LINE__)); + $found = SQL_NUMROWS(SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($content['sender'])), __FILE__, __LINE__)); if ($found == 0) { // Okay we found some mails! - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE sender=%s", array(bigintval($content['sender'])), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE `sender`=%s", + array(bigintval($content['sender'])), __FILE__, __LINE__); $DELETED += SQL_AFFECTEDROWS(); // Reset query (to prevent possible errors) ... - $since = getConfig(('ap_dm_timeout')); - $result_mails = SQL_QUERY_ESC("SELECT sender + $result_mails = SQL_QUERY_ESC("SELECT `sender` FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE data_type='DELETED' AND timestamp_send <= (UNIX_TIMESTAMP() - %s) -ORDER BY sender ASC", - array($since), __FILE__, __LINE__); +ORDER BY `sender` ASC", + array(getConfig('ap_dm_timeout')), __FILE__, __LINE__); } } } @@ -124,7 +122,7 @@ ORDER BY sender ASC", // Do we have deleted mails and the admin want's to receive a notification if (($DELETED > 0) && (getConfig('ap_dm_notify') == 'Y')) { // Send out email to admin - sendAdminNotification(getMessage('AUTOPURGE_ADMIN_DEL_MAILS_SUBJECT'), "admin_autopurge_del_mails", $DELETED, ''); + sendAdminNotification(getMessage('AUTOPURGE_ADMIN_DEL_MAILS_SUBJECT'), 'admin_autopurge_del_mails', $DELETED, ''); } // END - if } diff --git a/inc/autopurge/purge-tsks.php b/inc/autopurge/purge-tsks.php index f596a8673a..51d7c36f42 100644 --- a/inc/autopurge/purge-tsks.php +++ b/inc/autopurge/purge-tsks.php @@ -50,14 +50,11 @@ if ((!EXT_IS_ACTIVE('autopurge')) || (getConfig('auto_purge_active') != 'Y')) { // Check version (must be > 0.0) if ((GET_EXT_VERSION('task') > '0.0') && (getConfig('ap_tasks') == 'Y')) { - // Since when shall we purge? - $since = getConfig(('ap_tasks_time')); - // Purge deleted tasks (no notification to admin) SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_task_system` -WHERE `status`='DELETED' AND task_created <= (UNIX_TIMESTAMP() - %s)", - array($since), __FILE__, __LINE__); +WHERE `status`='DELETED' AND `task_created` <= (UNIX_TIMESTAMP() - %s)", + array(getConfig('ap_tasks_time')), __FILE__, __LINE__); // Get deleted rows $DELETED = SQL_AFFECTEDROWS(); diff --git a/inc/autopurge/purge-unconfirmed.php b/inc/autopurge/purge-unconfirmed.php index a31d7b6ef6..617a5903a7 100644 --- a/inc/autopurge/purge-unconfirmed.php +++ b/inc/autopurge/purge-unconfirmed.php @@ -50,13 +50,12 @@ if ((!EXT_IS_ACTIVE('autopurge')) || (getConfig('auto_purge_active') != 'Y')) { // Shall I auto-purge unconfirmed accounts? if (getConfig('autopurge_unconfirmed') == 'Y') { - // Init variables and find unconfirmed accounts which I shall auto-purge - $time = getConfig(('ap_un_time')); - $result_uncon = SQL_QUERY_ESC("SELECT userid, email, joined + // Init variables and find unconfirmed accounts which I shall auto-purge; + $result_uncon = SQL_QUERY_ESC("SELECT `userid`, `email`, `joined` FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE `status`='UNCONFIRMED' AND joined < (UNIX_TIMESTAMP() - %s) -ORDER BY userid ASC", - array($time), __FILE__, __LINE__); +WHERE `status`='UNCONFIRMED' AND `joined` < (UNIX_TIMESTAMP() - %s) +ORDER BY `userid` ASC", + array(getConfig('ap_un_time')), __FILE__, __LINE__); if (SQL_NUMROWS($result_uncon) > 0) { // Prepare variable... $UIDs = ''; @@ -65,13 +64,13 @@ ORDER BY userid ASC", // Delete inactive accounts while ($content = SQL_FETCHARRAY($result_uncon)) { // Remember userids for the admin - $UIDs .= $content['userid'].", "; + $UIDs .= $content['userid'] . ', '; // Get date/time from timestamp $content['joined'] = generateDateTime($content['joined'], '0'); // Finnaly delete this inactive account - deleteUserAccount($content['userid'], LOAD_EMAIL_TEMPLATE("member_autopurge_unconfirmed", $content['joined'], '')); + deleteUserAccount($content['userid'], LOAD_EMAIL_TEMPLATE('member_autopurge_unconfirmed', $content['joined'], '')); } // END - while // Remove last comma @@ -79,7 +78,7 @@ ORDER BY userid ASC", // Send mail notification to admin if (getConfig('ap_un_notify') == 'Y') { - sendAdminNotification(getMessage('AUTOPURGE_ADMIN_UNCONFIRMED_SUBJECT'), "admin_autopurge_unconfirmed", $UIDs, ''); + sendAdminNotification(getMessage('AUTOPURGE_ADMIN_UNCONFIRMED_SUBJECT'), 'admin_autopurge_unconfirmed', $UIDs, ''); } // END - if } // END - if diff --git a/inc/check-reset.php b/inc/check-reset.php index b6d315ce7e..909332b6ca 100644 --- a/inc/check-reset.php +++ b/inc/check-reset.php @@ -43,8 +43,8 @@ if (!defined('__SECURITY')) { } // Shall we run the reset scripts? If a day has changed, maybe also a week/month has changed... Simple! :D -// 01 2 3 32 2 3321 1 221 1 221 1 221 1 23 321 1 10 -if ((date('d', getConfig('last_update')) != date('d', time())) && (!isInstalling()) && (isInstalled()) && (isAdminRegistered()) && (!REQUEST_ISSET_GET(('register'))) && (getOutputMode() != 1)) { +// 01 2 3 32 2 3321 1 221 1 221 1 221 1 2 21 1 22 10 +if ((date('d', getConfig('last_update')) != date('d', time())) && (!isInstalling()) && (isInstalled()) && (isAdminRegistered()) && (!REQUEST_ISSET_GET('register')) && (getOutputMode() != 1)) { // Tell every module we are in reset-mode! enableResetMode(); diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php index 2adf9c0d56..e07cd405b5 100644 --- a/inc/db/lib-mysql3.php +++ b/inc/db/lib-mysql3.php @@ -227,11 +227,12 @@ function SQL_CLOSE ($F, $L) { incrementConfigEntry('db_hits', getConfig('db_hits_run')); // Update counter for db/cache - updateConfiguration(array('db_hits', 'cache_hits'), array(getConfig(('db_hits')), getConfig(('cache_hits')))); + updateConfiguration(array('db_hits', 'cache_hits'), array(getConfig('db_hits'), getConfig('cache_hits'))); } // END - if // Close database link and forget the link - $close = mysql_close(SQL_GET_LINK()) or addFatalMessage(__FUNCTION__, __LINE__, $F." (".$L."):".mysql_error()); + $close = mysql_close(SQL_GET_LINK()) + or addFatalMessage(__FUNCTION__, __LINE__, $F . ' (' . $L . '):'.mysql_error()); // Close link SQL_SET_LINK(null); @@ -260,15 +261,15 @@ function SQL_QUERY_ESC ($qstring, $data, $F, $L, $run=true, $strip=true, $secure $query = 'failed'; if ($strip === true) { - $strip = "true"; + $strip = 'true'; } else { - $strip = "false"; + $strip = 'false'; } if ($secure === true) { - $secure = "true"; + $secure = 'true'; } else { - $secure = "false"; + $secure = 'false'; } $eval = "\$query = sprintf(\"".$qstring."\""; @@ -280,7 +281,7 @@ function SQL_QUERY_ESC ($qstring, $data, $F, $L, $run=true, $strip=true, $secure } } // END - foreach $eval .= ");"; - // + // Debugging // //* DEBUG: */ $fp = fopen(constant('PATH')."inc/cache/escape_debug.log", 'a') or app_die(__FILE__, __LINE__, "Cannot write debug.log!"); @@ -293,7 +294,7 @@ function SQL_QUERY_ESC ($qstring, $data, $F, $L, $run=true, $strip=true, $secure // Was the eval() command fine? if ($query == 'failed') { // Something went wrong? - debug_report_bug("eval={$eval}"); + debug_report_bug('eval=' . $eval); } // END - if if ($run === true) { @@ -364,11 +365,11 @@ function SQL_ALTER_TABLE ($sql, $F, $L) { // Determine index/fulltext/unique word $noIndex = ( ( - strpos($sql, 'INDEX') === false + strpos($sql, 'INDEX') === false ) && ( - strpos($sql, 'FULLTEXT') === false + strpos($sql, 'FULLTEXT') === false ) && ( - strpos($sql, 'UNIQUE') === false + strpos($sql, 'UNIQUE') === false ) ); @@ -382,8 +383,8 @@ function SQL_ALTER_TABLE ($sql, $F, $L) { $columnName = str_replace('`', '', $tableArray[4]); // Get column information - $result = SQL_QUERY_ESC("SHOW COLUMNS FROM %s LIKE '%s'", - array($tableName, $columnName), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SHOW COLUMNS FROM `%s` LIKE '%s'", + array($tableName, $columnName), __FILE__, __LINE__); // Do we have no entry on ADD or an entry on DROP? // 123 4 4 3 3 4 4 32 23 4 4 3 3 4 4 321 @@ -419,7 +420,7 @@ function SQL_ALTER_TABLE ($sql, $F, $L) { // Show indexes $result = SQL_QUERY_ESC("SHOW INDEX FROM `%s`", - array($tableName), __FILE__, __LINE__); + array($tableName), __FILE__, __LINE__); // Walk through all $skip = false; diff --git a/inc/doubler_send.php b/inc/doubler_send.php index 6e21b9dc23..7bb1b94381 100644 --- a/inc/doubler_send.php +++ b/inc/doubler_send.php @@ -59,13 +59,16 @@ setSession('DOUBLER_UID', ''); if (empty($GLOBALS['doubler_uid'])) $GLOBALS['doubler_uid'] = 0; // Check for doubles which we can pay out -$min = getConfig(('doubler_min') * 2); $result_total = SQL_QUERY_ESC("SELECT DISTINCT d.id, d.userid, d.points, d.remote_ip, d.timemark FROM `{!_MYSQL_PREFIX!}_doubler` AS d LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS u ON d.userid=u.userid WHERE u.`status`='CONFIRMED' AND d.points <= %s AND d.points >= %s AND d.completed='N' AND d.is_ref='N' -ORDER BY d.timemark", array($DOUBLER_POINTS, $min), __FILE__, __LINE__); +ORDER BY d.timemark", + array( + $DOUBLER_POINTS, + getConfig(('doubler_min') * 2) + ), __FILE__, __LINE__); // Check for accounts with limitation $result_main = SQL_QUERY_ESC("SELECT DISTINCT d.id, d.userid, d.points, d.remote_ip, d.timemark @@ -74,7 +77,12 @@ LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS u ON d.userid=u.userid WHERE u.`status`='CONFIRMED' AND d.points <= %s AND d.points >= %s AND d.completed='N' AND d.is_ref='N' ORDER BY d.timemark -LIMIT %d", array($DOUBLER_POINTS, $min, getConfig('doubler_max_sent')), __FILE__, __LINE__); +LIMIT %d", + array( + $DOUBLER_POINTS, + getConfig(('doubler_min') * 2), + getConfig('doubler_max_sent') + ), __FILE__, __LINE__); // Do we have entries found? if (((SQL_NUMROWS($result_total) > 0) && (getConfig('doubler_sent_all') == 'Y')) || ((SQL_NUMROWS($result_main) == getConfig('doubler_group_sent')) && (getConfig('doubler_sent_all') != 'Y'))) { @@ -87,15 +95,15 @@ if (((SQL_NUMROWS($result_total) > 0) && (getConfig('doubler_sent_all') == 'Y')) // Only double when points are enougth! if ($DOUBLER_POINTS >= $content['points']) { // Check for his ref points - $ref = GET_TOTAL_DATA($content['userid'], 'doubler', 'points', 'refid', false, " AND completed='N' AND is_ref='Y'"); + $ref = GET_TOTAL_DATA($content['userid'], 'doubler', 'points', 'refid', false, " AND `completed`='N' AND `is_ref`='Y'"); // Zero refid when empty (might be helpful!) if (empty($ref)) $ref = 0; if (($ref > 0) && ($GLOBALS['doubler_uid'] == $content['userid']) && (!empty($ref))) { // Referal points found so add them and set line(s) to completed='Y' $content['points'] += $ref; - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_doubler` SET completed='Y' WHERE refid=%s AND completed='N' AND is_ref='Y'", - array(bigintval($content['userid'])), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_doubler` SET `completed`='Y' WHERE `refid`=%s AND `completed`='N' AND `is_ref`='Y'", + array(bigintval($content['userid'])), __FILE__, __LINE__); } else { // No referal points found $ref = 0; @@ -108,10 +116,11 @@ if (((SQL_NUMROWS($result_total) > 0) && (getConfig('doubler_sent_all') == 'Y')) } // END - if // Set entry as "payed" - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_doubler` SET completed='Y' WHERE `id`=%s LIMIT 1", - array(bigintval($content['id'])), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_doubler` SET `completed`='Y' WHERE `id`=%s LIMIT 1", + array(bigintval($content['id'])), __FILE__, __LINE__); $okay = false; + // Check for jackpot inclusion in doubling process if (($jackpot > 0) && ($jackpot >= $content['points']) && (getConfig('doubler_jackpot') == 'Y')) { // Subtract points from jackpot @@ -123,16 +132,16 @@ if (((SQL_NUMROWS($result_total) > 0) && (getConfig('doubler_sent_all') == 'Y')) } // END - if // Exclude also webmaster's ID in taking points from webmaster's account - if (($user > 0) && ($user >= $content['points']) && (!$okay) && (getConfig('doubler_uid') > 0) && ($content['userid'] != getConfig('doubler_uid'))) { + if (($user > 0) && ($user >= $content['points']) && ($okay === false) && (getConfig('doubler_uid') > 0) && ($content['userid'] != getConfig('doubler_uid'))) { // Add points to used points - SUB_POINTS("doubler_payout", getConfig('doubler_uid'), $content['points']); + SUB_POINTS('doubler_payout', getConfig('doubler_uid'), $content['points']); // Okay, done! $okay = true; } // END - if // Update doubler's account only when others are not updated - if (!$okay) { + if ($okay === false) { // Add points to used doubler points updateConfiguration('doubler_used', $content['points'], '+'); } // END - if @@ -143,18 +152,18 @@ if (((SQL_NUMROWS($result_total) > 0) && (getConfig('doubler_sent_all') == 'Y')) // Prepare array $content = array( - // Doubler transmission ID + // Doubler transmission ID 'id' => $content['id'], - // Doubled points + // Doubled points 'points' => translateComma($content['points']), - // Timemark + // Timemark 'when' => generateDateTime($content['timemark'], '2'), - // IP number when the member submitted the doubling form + // IP number when the member submitted the doubling form 'ip' => $content['remote_ip'], ); // Load mail template and send mail away... - $msg = LOAD_EMAIL_TEMPLATE("member_doubler", $content, $content['userid']); + $msg = LOAD_EMAIL_TEMPLATE('member_doubler', $content, $content['userid']); sendEmail($content['userid'], getMessage('DOUBLER_MEMBER_SUBJECT'), $msg); } // END - if } // END - while diff --git a/inc/filters.php b/inc/filters.php index d532c23855..5f9fa665c4 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -205,7 +205,7 @@ function unregisterFilter ($filterName, $filterFunction, $force = false, $dry_ru } // "Runs" the given filters, data is optional and can be any type of data -function runFilterChain ($filterName, $data = null, $silentAbort = true) { +function runFilterChain ($filterName, $data = null) { // Is that filter chain there? if (!isset($GLOBALS['filters']['chains'][$filterName])) { // We should find all these non-existing filter chains diff --git a/inc/functions.php b/inc/functions.php index f55f513560..fb13419c1a 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -393,14 +393,16 @@ function sendEmail ($toEmail, $subject, $message, $HTML = 'N', $mailHeader = '') eval($eval); // Set from header - if ((!eregi("@", $toEmail)) && ($toEmail > 0)) { + if ((!eregi('@', $toEmail)) && ($toEmail > 0)) { // Value detected, is the message extension installed? - if (EXT_IS_ACTIVE("msg")) { + // @TODO Extension 'msg' does not exist + if (EXT_IS_ACTIVE('msg')) { ADD_MESSAGE_TO_BOX($toEmail, $subject, $message, $HTML); return; } else { // Load email address - $result_email = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($toEmail)), __FUNCTION__, __LINE__); + $result_email = SQL_QUERY_ESC("SELECT `email` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($toEmail)), __FUNCTION__, __LINE__); //* DEBUG: */ print __FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."
\n"; // Does the user exist? @@ -1243,7 +1245,7 @@ function generateRandomCode ($length, $code, $uid, $DATA = '') { $keys = getConfig('SITE_KEY').getConfig('ENCRYPT_SEPERATOR').getConfig('DATE_KEY'); if (isConfigEntrySet('secret_key')) $keys .= getConfig('ENCRYPT_SEPERATOR').getConfig('secret_key'); if (isConfigEntrySet('file_hash')) $keys .= getConfig('ENCRYPT_SEPERATOR').getConfig('file_hash'); - $keys .= getConfig('ENCRYPT_SEPERATOR').date("d-m-Y (l-F-T)", getConfig(('patch_ctime'))); + $keys .= getConfig('ENCRYPT_SEPERATOR') . date("d-m-Y (l-F-T)", getConfig('patch_ctime')); if (isConfigEntrySet('master_salt')) $keys .= getConfig('ENCRYPT_SEPERATOR').getConfig('master_salt'); // Build string from misc data @@ -2015,20 +2017,20 @@ function generateMemberAdminActionLinks ($uid, $status = '') { } // Generate an email link -function generateMemberEmailLink ($email, $table = 'admins') { +function generateEmailLink ($email, $table = 'admins') { // Default email link (INSECURE! Spammer can read this by harvester programs) $EMAIL = 'mailto:' . $email; // Check for several extensions if ((EXT_IS_ACTIVE('admins')) && ($table == 'admins')) { // Create email link for contacting admin in guest area - $EMAIL = adminsCreateEmailLink($email); + $EMAIL = generateAdminEmailLink($email); } elseif ((EXT_IS_ACTIVE('user')) && (GET_EXT_VERSION('user') >= '0.3.3') && ($table == 'user_data')) { // Create email link for contacting a member within admin area (or later in other areas, too?) - $EMAIL = USER_generateMemberEmailLink($email); + $EMAIL = generateEmailLink($email, 'user_data'); } elseif ((EXT_IS_ACTIVE('sponsor')) && ($table == 'sponsor_data')) { // Create email link to contact sponsor within admin area (or like the link above?) - $EMAIL = SPONSOR_generateMemberEmailLink($email); + $EMAIL = generateEmailLink($email, 'sponsor_data'); } // Shall I close the link when there is no admin? @@ -2058,7 +2060,7 @@ function generateHash ($plainText, $salt = '') { $server = $_SERVER['PHP_SELF'].getConfig('ENCRYPT_SEPERATOR').detectUserAgent().getConfig('ENCRYPT_SEPERATOR').getenv('SERVER_SOFTWARE').getConfig('ENCRYPT_SEPERATOR').detectRemoteAddr(); // Build key string - $keys = getConfig('SITE_KEY').getConfig('ENCRYPT_SEPERATOR').getConfig('DATE_KEY').getConfig('ENCRYPT_SEPERATOR').getConfig('secret_key').getConfig('ENCRYPT_SEPERATOR').getConfig('file_hash').getConfig('ENCRYPT_SEPERATOR').date("d-m-Y (l-F-T)", getConfig(('patch_ctime'))).getConfig('ENCRYPT_SEPERATOR').getConfig('master_salt'); + $keys = getConfig('SITE_KEY').getConfig('ENCRYPT_SEPERATOR').getConfig('DATE_KEY').getConfig('ENCRYPT_SEPERATOR').getConfig('secret_key').getConfig('ENCRYPT_SEPERATOR').getConfig('file_hash').getConfig('ENCRYPT_SEPERATOR').date("d-m-Y (l-F-T)", getConfig('patch_ctime')).getConfig('ENCRYPT_SEPERATOR').getConfig('master_salt'); // Additional data $data = $plainText.getConfig('ENCRYPT_SEPERATOR').uniqid(mt_rand(), true).getConfig('ENCRYPT_SEPERATOR').time(); @@ -2734,7 +2736,7 @@ function generateAdminLink ($aid) { // Is the extension there? if (EXT_IS_ACTIVE('admins')) { // Admin found - $admin = "" . $login.""; + $admin = "" . $login.""; } else { // Extension not found $admin = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), 'admins'); @@ -2851,12 +2853,12 @@ function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $DATA, $seek=0) { $tmp = $FQFN . '.tmp'; // Open the source file - $fp = fopen($FQFN, 'r') or OUTPUT_HTML('READ: ' . $FQFN . "
\n"); + $fp = fopen($FQFN, 'r') or OUTPUT_HTML('READ: ' . $FQFN . '
'); // Is the resource valid? if (is_resource($fp)) { // Open temporary file - $fp_tmp = fopen($tmp, 'w') or OUTPUT_HTML('WRITE: ' . $tmp . "
\n"); + $fp_tmp = fopen($tmp, 'w') or OUTPUT_HTML('WRITE: ' . $tmp . '
'); // Is the resource again valid? if (is_resource($fp_tmp)) { @@ -2873,7 +2875,7 @@ function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $DATA, $seek=0) { } else { $next++; } - } + } // END - if // Write to temp file fputs($fp_tmp, $line); @@ -2926,9 +2928,9 @@ function DEBUG_LOG ($funcFile, $line, $message, $force=true) { // Remove CRLF $message = str_replace("\r", '', str_replace("\n", '', $message)); - // Log this message away - $fp = fopen(constant('PATH')."inc/cache/debug.log", 'a') or app_die(__FUNCTION__, __LINE__, "Cannot write logfile debug.log!"); - fwrite($fp, date("d.m.Y|H:i:s", time())."|" . getModule()."|".basename($funcFile)."|" . $line."|".strip_tags($message)."\n"); + // Log this message away, we better don't call app_die() here to prevent an endless loop + $fp = fopen(constant('PATH') . 'inc/cache/debug.log', 'a') or die(__FUNCTION__, __LINE__, 'Cannot write logfile debug.log!'); + fwrite($fp, date('d.m.Y|H:i:s', time()) . '|' . getModule() . '|' . basename($funcFile) . '|' . $line . '|' . strip_tags($message)."\n"); fclose($fp); } // END - if } @@ -2938,7 +2940,7 @@ function runResetIncludes () { // Is the reset set or old sql_patches? if ((!isResetModeEnabled()) || (EXT_VERSION_IS_OLDER('sql_patches', '0.4.5'))) { // Then abort here - DEBUG_LOG(__FUNCTION__, __LINE__, "Cannot run reset! Please report this bug. Thanks"); + DEBUG_LOG(__FUNCTION__, __LINE__, 'Cannot run reset! Please report this bug. Thanks'); } // END - if // Get more daily reset scripts @@ -3223,7 +3225,7 @@ function DETERMINE_REFID () { $GLOBALS['refid'] = bigintval(getSession('refid')); } elseif ((GET_EXT_VERSION('sql_patches') != '') && (getConfig('def_refid') > 0)) { // Set default refid as refid in URL - $GLOBALS['refid'] = getConfig(('def_refid')); + $GLOBALS['refid'] = getConfig('def_refid'); } elseif ((GET_EXT_VERSION('user') >= '0.3.4') && (getConfig('select_user_zero_refid')) == 'Y') { // Select a random user which has confirmed enougth mails $GLOBALS['refid'] = determineRandomReferalId(); diff --git a/inc/install-inc.php b/inc/install-inc.php index 55cb320c44..561967bd61 100644 --- a/inc/install-inc.php +++ b/inc/install-inc.php @@ -50,32 +50,32 @@ if (!defined('__SECURITY')) { // Init variables $mysql = array(); -if ((REQUEST_ISSET_POST(('mysql'))) && (is_array(REQUEST_POST('mysql')))) $mysql = REQUEST_POST('mysql'); +if ((REQUEST_ISSET_POST('mysql')) && (is_array(REQUEST_POST('mysql')))) $mysql = REQUEST_POST('mysql'); // Check if both passwords from SMTP are matching if ((REQUEST_ISSET_GET('page') && (REQUEST_GET('page') == 5))) { // Okay, we have to check it - if (REQUEST_ISSET_POST(('smtp_user')) && (!REQUEST_ISSET_POST(('smtp_host')))) { + if (REQUEST_ISSET_POST('smtp_user') && (!REQUEST_ISSET_POST('smtp_host'))) { // Hostname not set - OUTPUT_HTML(getMessage('INSTALL_SMTP_HOSTNAME_EMPTY')."
"); + OUTPUT_HTML(getMessage('INSTALL_SMTP_HOSTNAME_EMPTY') . '
'); REQUEST_SET_GET('page', 3); } // END - if - if ((!REQUEST_ISSET_POST(('smtp_pass1'))) && (REQUEST_ISSET_POST(('smtp_pass2')))) { + if ((!REQUEST_ISSET_POST('smtp_pass1')) && (REQUEST_ISSET_POST('smtp_pass2'))) { // Password is empty - OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS1_EMPTY')."
"); + OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS1_EMPTY') . '
'); REQUEST_SET_GET('page', 3); } // END - if - if ((REQUEST_ISSET_POST(('smtp_pass1'))) && (!REQUEST_ISSET_POST(('smtp_pass2')))) { + if ((REQUEST_ISSET_POST('smtp_pass1')) && (!REQUEST_ISSET_POST('smtp_pass2'))) { // Password repeat is empty - OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS2_EMPTY')."
"); + OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS2_EMPTY') . '
'); REQUEST_SET_GET('page', 3); } // END - if if (REQUEST_POST('smtp_pass1') != REQUEST_POST('smtp_pass1')) { // Passwords are not matching - OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS_MISMATCH')."
"); + OUTPUT_HTML(getMessage('INSTALL_SMTP_PASS_MISMATCH') . '
'); REQUEST_SET_GET('page', 3); } // END - if } // END - if @@ -103,11 +103,11 @@ if ((!isInstalled()) || (!isAdminRegistered())) { if (empty($mysql['prefix'])) $mysql['prefix'] = 'mxchange'; if (empty($mysql['type'])) $mysql['type'] = 'MyISAM'; if (getTotalFatalErrors() > 0) { - OUTPUT_HTML(""); + OUTPUT_HTML(''); foreach (getFatalArray() as $key => $err) { - OUTPUT_HTML(" · {--FATAL_NO--}".($key + 1).": ".$err."
"); + OUTPUT_HTML('· {--FATAL_NO--}' . ($key + 1) . ': ' . $err . '
'); } - OUTPUT_HTML("

"); + OUTPUT_HTML('

'); } define('__MYSQL_HOST' , $mysql['host']); define('__MYSQL_DBASE' , $mysql['dbase']); @@ -139,9 +139,9 @@ if ((!isInstalled()) || (!isAdminRegistered())) { $smtpPass2 = getConfig('SMTP_PASSWORD'); // Overwrite it with the data from sent (failed) form - if (REQUEST_ISSET_POST(('smtp_host'))) $smtpHost = REQUEST_POST('smtp_host'); - if (REQUEST_ISSET_POST(('smtp_user'))) $smtpUser = REQUEST_POST('smtp_user'); - if (REQUEST_ISSET_POST(('smtp_pass'))) { + if (REQUEST_ISSET_POST('smtp_host')) $smtpHost = REQUEST_POST('smtp_host'); + if (REQUEST_ISSET_POST('smtp_user')) $smtpUser = REQUEST_POST('smtp_user'); + if (REQUEST_ISSET_POST('smtp_pass')) { $smtpPass1 = REQUEST_POST('smtp_pass'); $smtpPass2 = REQUEST_POST('smtp_pass'); } // END - if @@ -184,79 +184,16 @@ if ((!isInstalled()) || (!isAdminRegistered())) { define('__SMTP_HOST', REQUEST_POST('smtp_host')); define('__SMTP_USER', REQUEST_POST('smtp_user')); define('__SMTP_PASS', REQUEST_POST('smtp_pass1')); - OUTPUT_HTML("
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
{--HEADER_TEXT_PAGE5--} -
 
- {--TEXT_PAGE_5--} -
 
{--LANG_OUTPUT_MODE--}:   - -
 
{--WARN_NO_PASSWORD--}:   - -
 
{--LANG_WRITE_FOOTER--}:   - -
 
{--INSTALL_ENABLE_BACKLINK--}:   - -
 
"); + + // MySQL data + $content = ''; foreach ($mysql as $key => $value) { - OUTPUT_HTML(" "); + $content .= " \n"; } - OUTPUT_HTML(" - - - - - - - - -
 
-
"); + define('__MYSQL_DATA', $content); + + // Load template + LOAD_TEMPLATE('install_page5'); break; case 'finalize': // Write captured data to files diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index 2d143e4824..77835dbec4 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -120,13 +120,16 @@ function adminsCheckAdminAcl ($act, $wht) { } // Create email link to admins's account -function adminsCreateEmailLink ($email, $mod='admin') { +function generateAdminEmailLink ($email, $mod = 'admin') { // Is it an email? - if (strpos($email, "@") !== false) { + if (strpos($email, '@') !== false) { // Create email link $result = SQL_QUERY_ESC("SELECT `id` -FROM `{!_MYSQL_PREFIX!}_admins` -WHERE `email`='%s' LIMIT 1", +FROM + `{!_MYSQL_PREFIX!}_admins` +WHERE + `email`='%s' +LIMIT 1", array($email), __FUNCTION__, __LINE__); // Is there an entry? @@ -360,7 +363,7 @@ function adminsRemoveAdminAccount ($POST) { // List all admin accounts function adminsListAdminAccounts() { // Select all admin accounts - $result = SQL_QUERY("SELECT id, login, email, default_acl AS mode, la_mode FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY login ASC", __FUNCTION__, __LINE__); + $result = SQL_QUERY("SELECT `id`, `login`, `email`, `default_acl` AS mode, `la_mode` FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `login` ASC", __FUNCTION__, __LINE__); $OUT = ''; $SW = 2; while ($content = SQL_FETCHARRAY($result)) { // Compile some variables @@ -369,7 +372,7 @@ function adminsListAdminAccounts() { // Prepare some more data $content['sw'] = $SW; - $content['email_link'] = generateMemberEmailLink($content['id']); + $content['email_link'] = generateEmailLink($content['id'], 'admins'); // Load row template and switch color $OUT .= LOAD_TEMPLATE('admin_list_admins_row', true, $content); @@ -387,9 +390,9 @@ function adminsListAdminAccounts() { // Filter for adding extra data to the query function FILTER_ADD_EXTRA_SQL_DATA ($add = '') { // Is the admins extension updated? (should be!) - if (GET_EXT_VERSION('admins') >= '0.3.0') $add .= ", default_acl AS def_acl"; - if (GET_EXT_VERSION('admins') >= '0.6.7') $add .= ", la_mode"; - if (GET_EXT_VERSION('admins') >= '0.7.2') $add .= ", login_failures, UNIX_TIMESTAMP(last_failure) AS last_failure"; + if (GET_EXT_VERSION('admins') >= '0.3.0') $add .= ', `default_acl` AS def_acl'; + if (GET_EXT_VERSION('admins') >= '0.6.7') $add .= ', `la_mode`'; + if (GET_EXT_VERSION('admins') >= '0.7.2') $add .= ', `login_failures`, UNIX_TIMESTAMP(`last_failure`) AS last_failure'; // Return it return $add; diff --git a/inc/libs/autopurge_functions.php b/inc/libs/autopurge_functions.php index e9b9fdffad..70c63916c6 100644 --- a/inc/libs/autopurge_functions.php +++ b/inc/libs/autopurge_functions.php @@ -44,17 +44,17 @@ if (!defined('__SECURITY')) { function AUTOPURGE_ADD_POINTS($uid, $points) { // Check if he has locked points or not - $result = SQL_QUERY_ESC("SELECT ref_payout FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($uid)), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `ref_payout` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($uid)), __FUNCTION__, __LINE__); list($payout) = SQL_FETCHROW($result); SQL_FREERESULT($result); if (($payout > 0) && (!empty($payout))) { // Yes, he has. - $target = "locked_points"; + $target = 'locked_points'; } elseif ($payout == '0') { // No, he has not - $target = "points"; + $target = 'points'; } // Add points... @@ -65,17 +65,17 @@ function AUTOPURGE_ADD_POINTS($uid, $points) { $jackpot += $points; } else { // .. to user's account - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_points` SET %s=%s+%s WHERE userid=%s AND ref_depth=0 LIMIT 1", - array($target, $target, $points, bigintval($uid)), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_points` SET `%s`=`%s`+%s WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1", + array($target, $target, $points, bigintval($uid)), __FUNCTION__, __LINE__); // Update mediadata as well - if ((GET_EXT_VERSION('mediadata') >= '0.0.4') && ($target == "points")) { + if ((GET_EXT_VERSION('mediadata') >= '0.0.4') && ($target == 'points')) { // Update database MEDIA_UPDATE_ENTRY(array('total_points'), 'add', $points); - } + } // END - if // Send out mail to user - $msg = LOAD_EMAIL_TEMPLATE("member_autopurge_points", translateComma($points), $uid); + $msg = LOAD_EMAIL_TEMPLATE('member_autopurge_points', translateComma($points), $uid); sendEmail($uid, getMessage('AUTOPURGE_MEMBER_SUBJECT'), $msg); } } diff --git a/inc/libs/html_mail_functions.php b/inc/libs/html_mail_functions.php index 3c4e377e93..ee0f7bde32 100644 --- a/inc/libs/html_mail_functions.php +++ b/inc/libs/html_mail_functions.php @@ -95,8 +95,8 @@ function HTML_INSERT_URLS ($text) { // ... what will the email address be out the @... ;-) $PARTS = array(); - while (ereg("@", $test)) { - $pos = strpos($test, "@"); + while (ereg('@', $test)) { + $pos = strpos($test, '@'); $test2 = substr($test, 0, $pos); // First check backwards @@ -106,34 +106,34 @@ function HTML_INSERT_URLS ($text) { if (!in_array($check, $GLOBALS['valid_email_chars'])) { // Char found so we end here break; - } + } // END - if $idx--; - } + } // END - while if ($idx > 0) { // Starting mark is found $check2 = substr($test, 0, ($idx + 1)); $test = substr($test, ($idx + 1)); - } + } // END - if // And now go forward... $idx = 0; while ($idx < strlen($test)) { $check = substr($test, $idx, 1); - if ((!in_array($check, $GLOBALS['valid_email_chars'])) && ($check != "@")) { + if ((!in_array($check, $GLOBALS['valid_email_chars'])) && ($check != '@')) { // Char found so end here again break; - } + } // END - if $idx++; - } + } // END - while if ($idx > 0) { // Maybe this is the email address? $check = substr($test, 0, $idx); - } + } // END - if // Now replace the email against anchor with mailto and pray... - $PARTS[] = $check2."".$check.""; + $PARTS[] = $check2 . "" . $check . ""; // Remove email from testing string (see above why...) $test = substr($test, strlen($check)); diff --git a/inc/libs/newsletter_functions.php b/inc/libs/newsletter_functions.php index f6b0dfd4b8..2c77e3a802 100644 --- a/inc/libs/newsletter_functions.php +++ b/inc/libs/newsletter_functions.php @@ -97,8 +97,8 @@ function NL_INSERT_URLS ($text) { // ... what will the email address be out the @... ;-) $PARTS = array(); - while (ereg("@", $test)) { - $pos = strpos($test, "@"); + while (ereg('@', $test)) { + $pos = strpos($test, '@'); $test2 = substr($test, 0, $pos); // First check backwards @@ -123,7 +123,7 @@ function NL_INSERT_URLS ($text) { $idx = 0; while ($idx < strlen($test)) { $check = substr($test, $idx, 1); - if ((!in_array($check, $GLOBALS['valid_email_chars'])) && ($check != "@")) { + if ((!in_array($check, $GLOBALS['valid_email_chars'])) && ($check != '@')) { // Char found so end here again break; } @@ -136,7 +136,7 @@ function NL_INSERT_URLS ($text) { } // Now replace the email against anchor with mailto and pray... - $PARTS[] = $check2.$check; + $PARTS[] = $check2 . $check; // Remove email from testing string (see above why...) $test = substr($test, strlen($check)); diff --git a/inc/libs/rallye_functions.php b/inc/libs/rallye_functions.php index 607f4a1542..865e4363ff 100644 --- a/inc/libs/rallye_functions.php +++ b/inc/libs/rallye_functions.php @@ -299,7 +299,7 @@ VALUES ('%s','%s','0')", $DATA['title'] = $title; $DATA['id'] = $id; // ID for the rallye details link $DATA['ref'] = 0; - $DATA['refs'] = GET_TOTAL_DATA($uid, "user_data", 'userid', "refid", true); + $DATA['refs'] = GET_TOTAL_DATA($uid, 'user_data', 'userid', "refid", true); // Load prices $prices = RALLYE_ADD_PRICES($id); diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php index 20f540223f..8c511788d0 100644 --- a/inc/libs/surfbar_functions.php +++ b/inc/libs/surfbar_functions.php @@ -999,8 +999,8 @@ function SURFBAR_CHECK_VALIDATION_CODE ($urlId, $check, $salt) { $code = SURFBAR_GENERATE_VALIDATION_CODE($urlId, $salt); // Return result of checking hashes and salts - //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, '---'.$code."|".$check.'---', false); - //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "+++".$salt."|".SURFBAR_GET_DATA('last_salt')."+++", false); + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, '---'.$code.'|'.$check.'---', false); + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "+++".$salt.'|'.SURFBAR_GET_DATA('last_salt')."+++", false); return (($code == $check) && ($salt == SURFBAR_GET_DATA('last_salt'))); } @@ -1131,33 +1131,47 @@ function SURFBAR_DETERMINE_DEPLETED_USERIDS ($limit=0) { if ((IS_MEMBER()) && ($limit == 0)) { // Then add this as well $UIDs['uid'][getUserId()] = getUserId(); - $UIDs['points'][getUserId()] = GET_TOTAL_DATA(getUserId(), "user_points", "points") - GET_TOTAL_DATA(getUserId(), "user_data", "used_points"); + $UIDs['points'][getUserId()] = GET_TOTAL_DATA(getUserId(), 'user_points', 'points') - GET_TOTAL_DATA(getUserId(), 'user_data', 'used_points'); $UIDs['notified'][getUserId()] = 0; // Get all userid except logged in one - $result = SQL_QUERY_ESC("SELECT u.userid, UNIX_TIMESTAMP(d.surfbar_low_notified) AS notified -FROM `{!_MYSQL_PREFIX!}_surfbar_urls` AS u -INNER JOIN `{!_MYSQL_PREFIX!}_user_data` AS d -ON u.userid=d.userid -WHERE u.userid NOT IN (%s,0) AND u.`status`='ACTIVE' -GROUP BY u.userid -ORDER BY u.userid ASC", - array(getUserId()), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT + u.userid, UNIX_TIMESTAMP(d.surfbar_low_notified) AS notified +FROM + `{!_MYSQL_PREFIX!}_surfbar_urls` AS u +INNER JOIN + `{!_MYSQL_PREFIX!}_user_data` AS d +ON + u.userid=d.userid +WHERE + u.userid NOT IN (%s,0) AND u.`status`='ACTIVE' +GROUP BY + u.userid +ORDER BY + u.userid ASC", + array(getUserId()), __FUNCTION__, __LINE__); } else { // Get all userid - $result = SQL_QUERY("SELECT u.userid, UNIX_TIMESTAMP(d.surfbar_low_notified) AS notified -FROM `{!_MYSQL_PREFIX!}_surfbar_urls` AS u -INNER JOIN `{!_MYSQL_PREFIX!}_user_data` AS d -ON u.userid=d.userid -WHERE u.`status`='ACTIVE' -GROUP BY u.userid -ORDER BY u.userid ASC", __FUNCTION__, __LINE__); + $result = SQL_QUERY("SELECT + u.userid, UNIX_TIMESTAMP(d.surfbar_low_notified) AS notified +FROM + `{!_MYSQL_PREFIX!}_surfbar_urls` AS u +INNER JOIN + `{!_MYSQL_PREFIX!}_user_data` AS d +ON + u.userid=d.userid +WHERE + u.`status`='ACTIVE' +GROUP BY + u.userid +ORDER BY + u.userid ASC", __FUNCTION__, __LINE__); } // Load all userid while ($content = SQL_FETCHARRAY($result)) { // Get total points - $points = GET_TOTAL_DATA($content['userid'], "user_points", "points") - GET_TOTAL_DATA($content['userid'], "user_data", "used_points"); + $points = GET_TOTAL_DATA($content['userid'], 'user_points', 'points') - GET_TOTAL_DATA($content['userid'], 'user_data', 'used_points'); //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "uid={$content['userid']},points={$points}", false); // Shall we add this to ignore? diff --git a/inc/libs/theme_functions.php b/inc/libs/theme_functions.php index ff9e5e3497..44363a8c7c 100644 --- a/inc/libs/theme_functions.php +++ b/inc/libs/theme_functions.php @@ -68,7 +68,7 @@ function generateThemeSelectionBox ($mod, $act, $wht, $result) { } // END - while // Sort whole array by title - array_pk_sort($themesArray, array("theme_name")); + array_pk_sort($themesArray, array('theme_name')); // Construct selection form for the box template $OUT = ''; @@ -85,7 +85,7 @@ function generateThemeSelectionBox ($mod, $act, $wht, $result) { ); // Return generated selection - return LOAD_TEMPLATE("theme_select_form", true, $content); + return LOAD_TEMPLATE('theme_select_form', true, $content); } // Get version from name @@ -93,11 +93,11 @@ function THEME_GET_VERSION ($name) { // Is the extension 'theme' installed? if (!EXT_IS_ACTIVE('theme')) { // Then abort here - return "!.!"; + return '!.!'; } // END - if - // Default version "number" - $cver = "?.?"; + // Default version 'number' + $cver = '?.?'; // Is the cache entry there? if (isset($GLOBALS['cache_array']['themes']['theme_ver'][$name])) { @@ -108,8 +108,8 @@ function THEME_GET_VERSION ($name) { incrementConfigEntry('cache_hits'); } elseif (GET_EXT_VERSION('cache') != '0.1.8') { // Load version from database - $result = SQL_QUERY_ESC("SELECT theme_ver FROM `{!_MYSQL_PREFIX!}_themes` WHERE theme_path='%s' LIMIT 1", - array($name), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `theme_ver` FROM `{!_MYSQL_PREFIX!}_themes` WHERE `theme_path`='%s' LIMIT 1", + array($name), __FUNCTION__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { @@ -151,8 +151,8 @@ function isThemeActive ($name) { incrementConfigEntry('cache_hits'); } elseif (GET_EXT_VERSION('cache') != '0.1.8') { // Check if current theme is already imported or not - $result = SQL_QUERY_ESC("SELECT theme_active FROM `{!_MYSQL_PREFIX!}_themes` WHERE theme_path='%s' AND theme_active='Y' LIMIT 1", - array($name), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `theme_active` FROM `{!_MYSQL_PREFIX!}_themes` WHERE `theme_path`='%s' AND `theme_active`='Y' LIMIT 1", + array($name), __FUNCTION__, __LINE__); // Is the theme active and installed? $active = (SQL_NUMROWS($result) == 1); @@ -170,7 +170,7 @@ function getCurrentThemeName () { // Is the extension 'theme' installed? if (!EXT_IS_ACTIVE('theme')) { // Then abort here - return "default"; + return 'default'; } // END - if // Get the Uni* name @@ -185,8 +185,8 @@ function getCurrentThemeName () { incrementConfigEntry('cache_hits'); } elseif (GET_EXT_VERSION('cache') != '0.1.8') { // Check if current theme is already imported or not - $result = SQL_QUERY_ESC("SELECT theme_name FROM `{!_MYSQL_PREFIX!}_themes` WHERE theme_path='%s' AND theme_active='Y' LIMIT 1", - array($name), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `theme_name` FROM `{!_MYSQL_PREFIX!}_themes` WHERE `theme_path`='%s' AND `theme_active`='Y' LIMIT 1", + array($name), __FUNCTION__, __LINE__); // Load theme name list($name) = SQL_FETCHROW($result); @@ -203,7 +203,7 @@ function getCurrentThemeName () { $GLOBALS['curr_theme'] = getCurrentTheme(); // Check if new theme is selcted -if ((REQUEST_ISSET_POST(('new_theme'))) && (REQUEST_POST('new_theme') != $GLOBALS['curr_theme'])) { +if ((REQUEST_ISSET_POST('new_theme')) && (REQUEST_POST('new_theme') != $GLOBALS['curr_theme'])) { // Set new theme for guests $newTheme = REQUEST_POST('new_theme'); @@ -216,5 +216,5 @@ if ((REQUEST_ISSET_POST(('new_theme'))) && (REQUEST_POST('new_theme') != $GLOBAL ADD_INC_TO_POOL(sprintf("%stheme/%s/theme.php", constant('PATH'), $newTheme)); } // END - if -// +// [EOF] ?> diff --git a/inc/libs/user_functions.php b/inc/libs/user_functions.php index 5fc33f72a2..08c90e20bf 100644 --- a/inc/libs/user_functions.php +++ b/inc/libs/user_functions.php @@ -93,18 +93,18 @@ function SortLinks ($letter, $sortby, $colspan, $return=false) { $add = "&page=".REQUEST_GET('page')."&offset=".REQUEST_GET('offset'); // Add status or mode - if (REQUEST_ISSET_GET(('status'))) $add .= "&mode=".REQUEST_GET(('status')); - elseif (REQUEST_ISSET_GET('mode')) $add .= "&mode=".REQUEST_GET('mode'); + if (REQUEST_ISSET_GET('status')) $add .= '&mode=' . REQUEST_GET('status'); + elseif (REQUEST_ISSET_GET('mode')) $add .= '&mode=' . REQUEST_GET('mode'); // Makes order by links.. if ($letter == "front") $letter = getMessage('_ALL2'); // Prepare array with all possible sorters $list = array( - 'userid' => getMessage('_UID'), - 'family' => getMessage('FAMILY_NAME'), - 'email' => getMessage('ADDY'), - 'REMOTE_ADDR' => getMessage('REMOTE_IP') + 'userid' => getMessage('_UID'), + 'family' => getMessage('FAMILY_NAME'), + 'email' => getMessage('ADDY'), + 'REMOTE_ADDR' => getMessage('REMOTE_IP') ); // Add nickname if extension is installed @@ -114,16 +114,16 @@ function SortLinks ($letter, $sortby, $colspan, $return=false) { foreach ($list as $sort => $title) { if ($sortby == $sort) { - $OUT .= "".$title." | "; + $OUT .= "" . $title . " | "; } else { - $OUT .= "".$title." | "; + $OUT .= "" . $title . " | "; } } // END - foreach define('__SORT_LIST', substr($OUT, 0, -13)); // Load template - $OUT = LOAD_TEMPLATE("admin_list_user_sort", true); + $OUT = LOAD_TEMPLATE('admin_list_user_sort', true); if ($return === true) { // Return code return $OUT; @@ -135,56 +135,50 @@ function SortLinks ($letter, $sortby, $colspan, $return=false) { // Add page navigation function ADD_PAGENAV ($PAGES, $offset, $show_form, $colspan,$return=false) { - if (!$show_form) { - // Empty row - define('__FORM_HEADER', " "); - } else { + if ($show_form) { // Load form for changing number of lines - define('__FORM_HEADER', LOAD_TEMPLATE("admin_list_user_sort_form", true)); - } - - if (!$show_form) { - // Add line with bottom border - define('__FORM_FOOTER', " "); + define('__FORM_HEADER', LOAD_TEMPLATE('admin_list_user_sort_form', true)); + define('__FORM_FOOTER', ' '); } else { - // Add line without bottom border - define('__FORM_FOOTER', " "); + // Empty row + define('__FORM_HEADER', ' '); + define('__FORM_FOOTER', ' '); } $OUT = ''; for ($page = 1; $page <= $PAGES; $page++) { if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == '1'))) { - $OUT .= "-"; + $OUT .= '-'; } else { if (!REQUEST_ISSET_GET('letter')) REQUEST_SET_GET('letter', getMessage('_ALL2')); if (!REQUEST_ISSET_GET('sortby')) REQUEST_SET_GET('sortby', 'userid'); // Base link - $OUT .= ""; + $OUT .= '&letter=' . REQUEST_GET('letter') . '&sortby=' . REQUEST_GET('sortby') . '&page=' . $page . '&offset=' . $offset . '">'; } $OUT .= $page; if (($page == REQUEST_GET('page')) || ((!REQUEST_ISSET_GET('page')) && ($page == '1'))) { - $OUT .= "-"; + $OUT .= '-'; } else { - $OUT .= ""; + $OUT .= ''; } - if ($page < $PAGES) $OUT .= " | "; + if ($page < $PAGES) $OUT .= ' | '; } // END - for define('__PAGENAV_LIST', $OUT); // Load template - $OUT = LOAD_TEMPLATE("admin_list_user_pagenav", true); + $OUT = LOAD_TEMPLATE('admin_list_user_pagenav', true); if ($return === true) { // Return code return $OUT; @@ -195,17 +189,17 @@ function ADD_PAGENAV ($PAGES, $offset, $show_form, $colspan,$return=false) { } // Create email link to user's account -function USER_generateMemberEmailLink($email, $mod='admin') { +function generateUserEmailLink($email, $mod='admin') { // Show contact link only if user is confirmed by default $locked = " AND `status`='CONFIRMED'"; // But admins shall always see it if (IS_ADMIN()) $locked = ''; - $result = SQL_QUERY_ESC("SELECT userid + $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE `email`='%s'".$locked." LIMIT 1", - array($email), __FUNCTION__, __LINE__); +WHERE `email`='%s'" . $locked." LIMIT 1", + array($email), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load userid list($uid) = SQL_FETCHROW($result); @@ -238,7 +232,7 @@ function determineRandomReferalId () { // Look for random user $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND `rand_confirmed` >= %s ORDER BY `rand_confirmed` DESC LIMIT %s, 1", - array(getConfig('user_min_confirmed'), $randNum), __FUNCTION__, __LINE__); + array(getConfig('user_min_confirmed'), $randNum), __FUNCTION__, __LINE__); // Do we have one entry there? if (SQL_NUMROWS($result) == 1) { @@ -246,8 +240,8 @@ function determineRandomReferalId () { list($refid) = SQL_FETCHROW($result); // Reset this user's counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `rand_confirmed`=0 WHERE userid=%s LIMIT 1", - array($refid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `rand_confirmed`=0 WHERE `userid`=%s LIMIT 1", + array($refid), __FUNCTION__, __LINE__); } // END - if // Free result @@ -282,11 +276,11 @@ function USER_DO_LOGIN ($uid, $passwd) { // Check login data if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_IS_ACTIVE($uid))) { // Nickname entered - $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' AND `status`='CONFIRMED' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `userid`, `password`, `last_online`" . $lastOnline . " FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' AND `status`='CONFIRMED' LIMIT 1", array($uid), __FUNCTION__, __LINE__); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$lastOnline." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `userid`, `password`, `last_online`" . $lastOnline . " FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", array($uid, $content['hash']), __FUNCTION__, __LINE__); } @@ -315,8 +309,8 @@ function USER_DO_LOGIN ($uid, $passwd) { // ... and update database // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET password='%s' WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", - array($content['hash'], $uid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `password`='%s' WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", + array($content['hash'], $uid), __FUNCTION__, __LINE__); // No login bonus by default $GLOBALS['bonus_payed'] = false; @@ -326,13 +320,13 @@ function USER_DO_LOGIN ($uid, $passwd) { if (!empty($content['last_login'])) $probe = time() - $content['last_login']; if ((GET_EXT_VERSION('bonus') >= '0.2.2') && ($probe >= getConfig('login_timeout'))) { // Add login bonus to user's account - $add = sprintf(", login_bonus=login_bonus+%s", + $add = sprintf(", `login_bonus`=`login_bonus`+%s", (float)getConfig('login_bonus') ); $GLOBALS['bonus_payed'] = true; // Subtract login bonus from userid's account or jackpot - if ((GET_EXT_VERSION('bonus') >= '0.3.5') && (getConfig('bonus_mode') != "ADD")) BONUS_POINTS_HANDLER('login_bonus'); + if ((GET_EXT_VERSION('bonus') >= '0.3.5') && (getConfig('bonus_mode') != 'ADD')) BONUS_POINTS_HANDLER('login_bonus'); } // END - if // Calculate new hash with the secret key and master salt together @@ -345,8 +339,8 @@ function USER_DO_LOGIN ($uid, $passwd) { // Try to set session data (which shall normally always work!) if ((setSession('userid', $uid )) && (setSession('u_hash', $content['hash']))) { // Update database records - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET total_logins=total_logins+1".$add." WHERE userid=%s LIMIT 1", - array($uid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `total_logins`=`total_logins +1" . $add . " WHERE `userid`=%s LIMIT 1", + array($uid), __FUNCTION__, __LINE__); if (SQL_AFFECTEDROWS() == 1) { // Procedure to checking for login data if (($GLOBALS['bonus_payed']) && (EXT_IS_ACTIVE('bonus'))) { @@ -366,8 +360,8 @@ function USER_DO_LOGIN ($uid, $passwd) { } } elseif (GET_EXT_VERSION('sql_patches') >= '0.6.1') { // Update failture counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET login_failures=login_failures+1,last_failure=NOW() WHERE userid=%s LIMIT 1", - array($uid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `userid`=%s LIMIT 1", + array($uid), __FUNCTION__, __LINE__); // Wrong password! $URL = 'modules.php?module=index&what=login&login='.getCode('WRONG_PASS'); @@ -375,8 +369,8 @@ function USER_DO_LOGIN ($uid, $passwd) { } elseif (((isNicknameUsed($content['userid'])) && (!empty($content['userid']))) || ($content['userid'] == $uid)) { // Other account status? // @TODO Can this query be merged with above query? - $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array($uid), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array($uid), __FUNCTION__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { @@ -413,16 +407,16 @@ function USER_DO_NEW_PASSWORD ($email, $uid) { // Probe userid/nickname if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_IS_ACTIVE($uid))) { // Nickname entered - $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' OR email='%s' LIMIT 1", - array($uid, $email), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' OR `email`='%s' LIMIT 1", + array($uid, $email), __FUNCTION__, __LINE__); } elseif (($uid > 0) && (empty($email))) { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($uid)), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($uid)), __FUNCTION__, __LINE__); } elseif (!empty($email)) { // Email entered - $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE email='%s' LIMIT 1", - array($email), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `email`='%s' LIMIT 1", + array($email), __FUNCTION__, __LINE__); } else { // Userid not set! DEBUG_LOG(__FUNCTION__, __LINE__, 'Userid is not set! BUG!'); @@ -437,8 +431,8 @@ function USER_DO_NEW_PASSWORD ($email, $uid) { if ($status == 'CONFIRMED') { // Ooppps, this was missing! ;-) We should update the database... $NEW_PASS = generatePassword(); - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET password='%s' WHERE userid=%s LIMIT 1", - array(generateHash($NEW_PASS), $uid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `password`='%s' WHERE `userid`=%s LIMIT 1", + array(generateHash($NEW_PASS), $uid), __FUNCTION__, __LINE__); // Prepare data and message for email $msg = LOAD_EMAIL_TEMPLATE('new-pass', array('new_pass' => $NEW_PASS), $uid); diff --git a/inc/libs/yoomedia_functions.php b/inc/libs/yoomedia_functions.php index 441a008ea4..6cad27f306 100644 --- a/inc/libs/yoomedia_functions.php +++ b/inc/libs/yoomedia_functions.php @@ -101,15 +101,15 @@ function YOOMEDIA_QUERY_API ($script, $countQuery = true) { if ((getConfig('yoomedia_requests_remain') > 0) || (!$countQuery)) { // Prepare the low-level request $requestString = sprintf("http://www.yoomedia.de/interface_2.0/%s?id=%s&sid=%s&pw=%s&reload=%s&ma=%s&uebrig=%s&verguetung=%s&erotik=%s", - $script, - getConfig(('yoomedia_id')), - getConfig(('yoomedia_sid')), - getConfig('yoomedia_passwd'), - getConfig(('yoomedia_tm_max_reload')), - getConfig(('yoomedia_tm_min_wait')), - getConfig(('yoomedia_tm_clicks_remain')), - getConfig(('yoomedia_tm_min_pay')), - getConfig(('yoomedia_erotic_allowed')) + $script, + getConfig('yoomedia_id'), + getConfig('yoomedia_sid'), + getConfig('yoomedia_passwd'), + getConfig('yoomedia_tm_max_reload'), + getConfig('yoomedia_tm_min_wait'), + getConfig('yoomedia_tm_clicks_remain'), + getConfig('yoomedia_tm_min_pay'), + getConfig('yoomedia_erotic_allowed') ); // Run the query @@ -161,10 +161,10 @@ function YOOMEDIA_PARSE_RESPONSE ($response, $type) { $responseLine = trim(implode("\n", $dummy)); // Last line should never be a pipe! - if (substr($responseLine, -1, 1) == "|") $responseLine = substr($responseLine, 0, -1); + if (substr($responseLine, -1, 1) == '|') $responseLine = substr($responseLine, 0, -1); // Now, explode all in one array - $dataArray = explode("|", $responseLine); + $dataArray = explode('|', $responseLine); // Now make the result array with two dimensions $cnt = 0; $entry = 0; diff --git a/inc/modules/admin.php b/inc/modules/admin.php index fde00d3fc6..3b196b40d1 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -54,7 +54,7 @@ $ret = 'init'; // Is no admin registered? if (!isAdminRegistered()) { // Admin is not registered so we have to inform the user - if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { + if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST('pass')) || (strlen(REQUEST_POST('pass')) < 4))) { REQUEST_SET_POST('ok', '***'); } // END - if @@ -126,7 +126,7 @@ if (!isAdminRegistered()) { if (!empty($ret)) $loginMessage = $ret; // No password entered? - if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS'); + if (!REQUEST_ISSET_POST('pass')) $passwdMessage = getMessage('ADMIN_NO_PASS'); // Or password too short? if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS'); @@ -201,13 +201,13 @@ if (!isAdminRegistered()) { redirectToUrl('modules.php?module=admin&logout=1'); } // END - if - if (REQUEST_ISSET_GET(('register'))) { + if (REQUEST_ISSET_GET('register')) { // Registration of first admin is done if (REQUEST_GET('register') == 'done') LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_REGISTER_DONE')); } // END - if // Check if the admin has submitted data or not - if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { + if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST('pass')) || (strlen(REQUEST_POST('pass')) < 4))) { REQUEST_SET_POST('ok', '***'); } // END - if @@ -273,7 +273,7 @@ if (!isAdminRegistered()) { if ((!empty($ret)) && (REQUEST_POST('ok') == '404')) $loginMessage = $ret; // No password entered? - if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS'); + if (!REQUEST_ISSET_POST('pass')) $passwdMessage = getMessage('ADMIN_NO_PASS'); // Or password too short? if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS'); @@ -317,13 +317,13 @@ if (!isAdminRegistered()) { // Load login form template LOAD_TEMPLATE('admin_login_form', false, $content); } // END - if -} elseif (REQUEST_ISSET_GET(('logout'))) { +} elseif (REQUEST_ISSET_GET('logout')) { // Only try to remove cookies if (destroyAdminSession()) { // Load logout template - if (REQUEST_ISSET_GET(('register'))) { + if (REQUEST_ISSET_GET('register')) { // Secure input - $register = REQUEST_GET(('register')); + $register = REQUEST_GET('register'); // Special logout redirect for installation of given extension LOAD_TEMPLATE(sprintf("admin_logout_%s_install", $register)); diff --git a/inc/modules/admin/overview-inc.php b/inc/modules/admin/overview-inc.php index e553173092..2eb662816b 100644 --- a/inc/modules/admin/overview-inc.php +++ b/inc/modules/admin/overview-inc.php @@ -161,7 +161,7 @@ LIMIT 1", // Entry found? if (SQL_NUMROWS($result_user) == 1) { list($gender, $sname, $fname, $email) = SQL_FETCHROW($result_user); - $add = "
  • {--ADMIN_MEMBER_UID--}: ".generateUserProfileLink($uid)." (".translateGender($gender)." ".$sname." ".$fname.")
  • "; + $add = "
  • {--ADMIN_MEMBER_UID--}: ".generateUserProfileLink($uid, 'user_data')." (".translateGender($gender)." ".$sname." ".$fname.")
  • "; } else { // Invalid userid, so log and zero it DEBUG_LOG(__FUNCTION__, __LINE__, 'Invalid userid=' . $uid . '-> Not found!'); diff --git a/inc/modules/admin/what-add_points.php b/inc/modules/admin/what-add_points.php index 1329e0ec52..82442de572 100644 --- a/inc/modules/admin/what-add_points.php +++ b/inc/modules/admin/what-add_points.php @@ -88,8 +88,8 @@ if (REQUEST_GET('uid') == "all") { } } elseif (REQUEST_ISSET_GET('uid')) { // User ID found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Selected user does exist list($sname, $fname, $email) = SQL_FETCHROW($result); @@ -118,9 +118,9 @@ if (REQUEST_GET('uid') == "all") { } else { // Opps, missing form here // @TODO Rewrite these both constants - define('__USER_VALUE', "".$sname." ".$fname.""); + define('__USER_VALUE', "".$sname." ".$fname.""); define('__UID' , bigintval(REQUEST_GET('uid'))); - LOAD_TEMPLATE("admin_add_points"); + LOAD_TEMPLATE('admin_add_points'); } } else { // User not found! diff --git a/inc/modules/admin/what-chk_regs.php b/inc/modules/admin/what-chk_regs.php index ec1cb4abe7..b563cfe848 100644 --- a/inc/modules/admin/what-chk_regs.php +++ b/inc/modules/admin/what-chk_regs.php @@ -46,10 +46,14 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) { ADD_DESCR ('admin', basename(__FILE__)); // Check for accounts -$result = SQL_QUERY("SELECT userid, gender, surname, family, email, REMOTE_ADDR, refid, user_hash -FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE `status`='UNCONFIRMED' -ORDER BY userid ASC", __FILE__, __LINE__); +$result = SQL_QUERY("SELECT + `userid`, `gender`, `surname`, `family`, `email`, `REMOTE_ADDR`, `refid`, `user_hash` +FROM + `{!_MYSQL_PREFIX!}_user_data` +WHERE + `status`='UNCONFIRMED' +ORDER BY + `userid` ASC", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // We have some (new?) registrations! @@ -65,7 +69,7 @@ if (SQL_NUMROWS($result) > 0) { 'gender' => translateGender($content['gender']), 'sname' => $content['surname'], 'fname' => $content['family'], - 'email' => "".$content['email']."", + 'email' => "".$content['email']."", 'ip' => $content['REMOTE_ADDR'], 'ref' => $content['refid'], 'hash' => $content['user_hash'], diff --git a/inc/modules/admin/what-config_mediadata.php b/inc/modules/admin/what-config_mediadata.php index 7b1ce5e2ef..45ff327457 100644 --- a/inc/modules/admin/what-config_mediadata.php +++ b/inc/modules/admin/what-config_mediadata.php @@ -53,9 +53,9 @@ if (isFormSent()) { REQUEST_UNSET_POST('ok'); } else { // Remove entries - REQUEST_UNSET_POST(('day')); - REQUEST_UNSET_POST(('month')); - REQUEST_UNSET_POST(('year')); + REQUEST_UNSET_POST('day'); + REQUEST_UNSET_POST('month'); + REQUEST_UNSET_POST('year'); // Remember timestamp REQUEST_SET_POST('mt_start', $STAMP); @@ -76,13 +76,13 @@ if (isFormSent()) { // Start of this exchange if (getConfig('mt_start') > 0) { // Only show start - define('__MT_START', "".generateDateTime(getConfig('mt_start'), '3').""); + define('__MT_START', '' . generateDateTime(getConfig('mt_start'), '3') . ''); } else { // Make start editable define('__MT_START', - ADD_SELECTION("day" , date('d', time())). - ADD_SELECTION("month", date('m', time())). - ADD_SELECTION("year", -1) + ADD_SELECTION('day' , date('d', time())). + ADD_SELECTION('month', date('m', time())). + ADD_SELECTION('year', -1) ); } @@ -90,7 +90,7 @@ if (isFormSent()) { define('__MT_STAGE', getConfig('mt_stage')); // Load template - LOAD_TEMPLATE("admin_config_mediadata"); + LOAD_TEMPLATE('admin_config_mediadata'); } // diff --git a/inc/modules/admin/what-config_points.php b/inc/modules/admin/what-config_points.php index 4c10dafb62..a37e7414d7 100644 --- a/inc/modules/admin/what-config_points.php +++ b/inc/modules/admin/what-config_points.php @@ -256,7 +256,7 @@ WHERE mails_confirmed < %s", $REF, $REF)); LOAD_TEMPLATE("admin_points_edit"); } else { // Referal levels - $result = SQL_QUERY("SELECT id, level, percents FROM `{!_MYSQL_PREFIX!}_refdepths` ORDER BY level", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT `id`, `level`, `percents` FROM `{!_MYSQL_PREFIX!}_refdepths` ORDER BY `level` ASC", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Make referal levels editable and deletable $OUT = ''; $SW = 2; @@ -273,7 +273,7 @@ WHERE mails_confirmed < %s", $REF, $REF)); ); // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_points_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_points_row', true, $content); $SW = 3 - $SW; } @@ -282,22 +282,22 @@ WHERE mails_confirmed < %s", $REF, $REF)); define('__LEVEL_ROWS', $OUT); // Load main template - LOAD_TEMPLATE("admin_points"); + LOAD_TEMPLATE('admin_points'); } // Form for adding new referal levels - LOAD_TEMPLATE("admin_add_reflvl"); + LOAD_TEMPLATE('admin_add_reflvl'); } -} elseif (REQUEST_GET('sub') == "points") { +} elseif (REQUEST_GET('sub') == 'points') { // First points for registration and other fixed points including new add-mode for one-time referal bonus... define('P_REG_VALUE', getConfig('points_register')); define('P_REF_VALUE', getConfig('points_ref')); // Load templates - LOAD_TEMPLATE("admin_config_sub_points"); + LOAD_TEMPLATE('admin_config_sub_points'); } else { // Display selection box - LOAD_TEMPLATE("admin_config_points"); + LOAD_TEMPLATE('admin_config_points'); } // diff --git a/inc/modules/admin/what-config_rallye_prices.php b/inc/modules/admin/what-config_rallye_prices.php index a3d8edee32..90494cce85 100644 --- a/inc/modules/admin/what-config_rallye_prices.php +++ b/inc/modules/admin/what-config_rallye_prices.php @@ -210,7 +210,7 @@ VALUES ('%s','%s','%s','%s')", ); // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_config_rallye_prices_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_config_rallye_prices_row', true, $content); $SW = 3 - $SW; } // END - while @@ -224,19 +224,26 @@ VALUES ('%s','%s','%s','%s')", define('__RALLYE_ID', REQUEST_GET('rallye')); // Load main template - LOAD_TEMPLATE("admin_config_rallye_prices"); + LOAD_TEMPLATE('admin_config_rallye_prices'); } } // Add form for adding new price level if (!REQUEST_ISSET_POST('edit')) { - LOAD_TEMPLATE("admin_add_rallye_prices", false, REQUEST_GET('rallye')); + LOAD_TEMPLATE('admin_add_rallye_prices', false, REQUEST_GET('rallye')); } } else { // No rallye selected so display all available without prices - $result = SQL_QUERY("SELECT d.id, d.admin_id, d.start_time, d.end_time, d.title, a.login, d.is_active -FROM `{!_MYSQL_PREFIX!}_rallye_data` AS d, `{!_MYSQL_PREFIX!}_admins` AS a -WHERE d.admin_id=a.id ORDER BY start_time DESC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT + d.id, d.admin_id, d.start_time, d.end_time, d.title, a.login, d.is_active +FROM + `{!_MYSQL_PREFIX!}_rallye_data` AS d, +LEFT JOIN + `{!_MYSQL_PREFIX!}_admins` AS a +ON + d.admin_id=a.id +ORDER BY + `d.start_time` DESC", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // List found rallyes $OUT = ''; $SW = 2; @@ -252,14 +259,14 @@ WHERE d.admin_id=a.id ORDER BY start_time DESC", __FILE__, __LINE__); 'select' => $select, 'title' => $content['title'], 'aid' => $content['admin_id'], - 'email_link' => generateMemberEmailLink($content['admin_id']), + 'email_link' => generateEmailLink($content['admin_id']), 'alogin' => $content['login'], 'start' => generateDateTime($content['start_time'], '3'), 'end' => generateDateTime($content['end_time'], '3'), ); // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_list_rallye_prices_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_rallye_prices_row', true, $content); $SW = 3 - $SW; } @@ -268,7 +275,7 @@ WHERE d.admin_id=a.id ORDER BY start_time DESC", __FILE__, __LINE__); define('__RALLYE_ROWS', $OUT); // Load main template - LOAD_TEMPLATE("admin_list_rallye_prices"); + LOAD_TEMPLATE('admin_list_rallye_prices'); } else { // No rallyes setup so far LOAD_TEMPLATE('admin_settings_saved', false, getMessage('RALLYE_NO_RALLYES_SETUP')); diff --git a/inc/modules/admin/what-del_email.php b/inc/modules/admin/what-del_email.php index 1019bd17cf..aca046e8e8 100644 --- a/inc/modules/admin/what-del_email.php +++ b/inc/modules/admin/what-del_email.php @@ -46,10 +46,10 @@ ADD_DESCR('admin', __FILE__); // Init counter for deleted mails $cnt = 0; -if (REQUEST_ISSET_GET(('mid'))) { +if (REQUEST_ISSET_GET('mid')) { // Load email data - $result = SQL_QUERY_ESC("SELECT id, sender, subject, url, timestamp, payment_id FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `sender`, `subject`, `url`, `timestamp`, `payment_id` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1", + array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); // Delete mail only once if (SQL_NUMROWS($result) == 1) { @@ -78,20 +78,27 @@ if (REQUEST_ISSET_GET(('mid'))) { sendEmail($sender, getMessage('MEMBER_ORDER_DELETED'), $msg_user); // Fetch right stats_id from pool - $result_pool = SQL_QUERY_ESC("SELECT s.id FROM `{!_MYSQL_PREFIX!}_user_stats` AS s -LEFT JOIN `{!_MYSQL_PREFIX!}_pool` AS p -ON s.pool_id=p.id -WHERE s.pool_id=%s LIMIT 1", - array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); + $result_pool = SQL_QUERY_ESC("SELECT + s.id +FROM + `{!_MYSQL_PREFIX!}_user_stats` AS s +LEFT JOIN + `{!_MYSQL_PREFIX!}_pool` AS p +ON + s.pool_id=p.id +WHERE + s.pool_id=%s +LIMIT 1", + array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result_pool) == 1) { // Fetch stats id list($stats_id) = SQL_FETCHROW($result_pool); // Get all user links - $links = GET_TOTAL_DATA($stats_id, "user_links", 'userid', "stats_id", true); + $links = GET_TOTAL_DATA($stats_id, 'user_links', 'userid', 'stats_id', true); // Reset sent mails for recipient(s) - reduceRecipientReceivedMails("stats_id", REQUEST_GET('mid'), $links); + reduceRecipientReceivedMails('stats_id', REQUEST_GET('mid'), $links); // Calc total points and pay them back $totalPoints = $links * $price; @@ -145,7 +152,7 @@ WHERE s.pool_id=%s LIMIT 1", // Delete mail from queue SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('mid'))), __FILE__, __LINE__); $cnt += SQL_AFFECTEDROWS(); // Output link for manually removing stats entry @@ -154,22 +161,22 @@ WHERE s.pool_id=%s LIMIT 1", // Mail already deleted! LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_NORMAL_MAIL_ALREADY_DELETED')); } -} elseif (REQUEST_ISSET_GET(('pid'))) { +} elseif (REQUEST_ISSET_GET('pid')) { // Remove stats entries - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE pool_id=%s LIMIT 1", + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE `pool_id`=%s LIMIT 1", array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__); // Output message LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_USER_STATS_REMOVED')); -} elseif ((REQUEST_ISSET_GET(('bid'))) && (EXT_IS_ACTIVE('bonus'))) { +} elseif ((REQUEST_ISSET_GET('bid')) && (EXT_IS_ACTIVE('bonus'))) { // Load data from bonus mail - $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp, mails_sent FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s", - array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `subject`, `url`, `timestamp`, `mails_sent` FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s", + array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); // Delete mail only once if (SQL_NUMROWS($result) == 1) { // Load data - list ($id, $subject, $url, $timestamp, $sent) = SQL_FETCHROW($result); + list($id, $subject, $url, $timestamp, $sent) = SQL_FETCHROW($result); // Reset sent mails for recipient(s) reduceRecipientReceivedMails('bonus_id', REQUEST_GET('bid'), $sent); @@ -179,10 +186,10 @@ WHERE s.pool_id=%s LIMIT 1", // Delete bonus mail entirely from database SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); $cnt += SQL_AFFECTEDROWS(); - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_links` WHERE bonus_id=%s", - array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_links` WHERE `bonus_id`=%s", + array(bigintval(REQUEST_GET('bid'))), __FILE__, __LINE__); $cnt += SQL_AFFECTEDROWS(); // Prepare data for the template @@ -193,7 +200,7 @@ WHERE s.pool_id=%s LIMIT 1", define('__CNT' , $cnt); // Load template - LOAD_TEMPLATE("admin_del_email_bonus"); + LOAD_TEMPLATE('admin_del_email_bonus'); } else { // Mail already deleted! LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_BONUS_MAIL_ALREADY_DELETED')); @@ -201,10 +208,10 @@ WHERE s.pool_id=%s LIMIT 1", // Free result SQL_FREERESULT($result); -} elseif ((REQUEST_ISSET_GET(('nid'))) && (GET_EXT_VERSION('bonus') >= '0.8.7')) { +} elseif ((REQUEST_ISSET_GET('nid')) && (GET_EXT_VERSION('bonus') >= '0.8.7')) { // Load data from bonus mail - $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s", - array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `subject`, `url`, `timestamp` FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s", + array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); // Delete mail only once if (SQL_NUMROWS($result) == 1) { @@ -217,10 +224,10 @@ WHERE s.pool_id=%s LIMIT 1", // Delete bonus mail entirely from database SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); $cnt += SQL_AFFECTEDROWS(); - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_links` WHERE bonus_id=%s", - array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_links` WHERE `bonus_id`=%s", + array(bigintval(REQUEST_GET('nid'))), __FILE__, __LINE__); $cnt += SQL_AFFECTEDROWS(); // Prepare data for the template @@ -231,7 +238,7 @@ WHERE s.pool_id=%s LIMIT 1", define('__CNT' , $cnt); // Load template - LOAD_TEMPLATE("admin_del_email_notify"); + LOAD_TEMPLATE('admin_del_email_notify'); } else { // Mail already deleted! LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_NOTIFY_MAIL_ALREADY_DELETED')); diff --git a/inc/modules/admin/what-del_user.php b/inc/modules/admin/what-del_user.php index 926d51313a..b463096076 100644 --- a/inc/modules/admin/what-del_user.php +++ b/inc/modules/admin/what-del_user.php @@ -71,18 +71,17 @@ if ((isFormSent()) || ((REQUEST_ISSET_POST('del')) && (REQUEST_ISSET_POST(('reas ADD_MEMBER_SELECTION_BOX(); } else { // Realy want to delete? - $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `email`, `surname`, `family` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); // Found a row? if (SQL_NUMROWS($result) == 1) { // Load data list ($email, $sname, $fname) = SQL_FETCHROW($result); - SQL_FREERESULT($result); // Prepare content $content = array( - 'email' => generateMemberEmailLink($email, "user_data"), + 'email' => generateEmailLink($email, 'user_data'), 'surname' => $sname, 'family' => $fname, 'header' => sprintf(getMessage('ADMIN_HEADER_DEL_ACCOUNT'), REQUEST_GET('uid')), @@ -91,7 +90,7 @@ if ((isFormSent()) || ((REQUEST_ISSET_POST('del')) && (REQUEST_ISSET_POST(('reas ); // Display form - LOAD_TEMPLATE("admin_del_user", false, $content); + LOAD_TEMPLATE('admin_del_user', false, $content); } else { // Account does not exists! LOAD_TEMPLATE('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."
    "); diff --git a/inc/modules/admin/what-edit_sponsor.php b/inc/modules/admin/what-edit_sponsor.php index d2b000d90d..3c3cf9120b 100644 --- a/inc/modules/admin/what-edit_sponsor.php +++ b/inc/modules/admin/what-edit_sponsor.php @@ -47,23 +47,32 @@ ADD_DESCR('admin', __FILE__); if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { // Check for selected sponsor - $result = SQL_QUERY_ESC("SELECT company, position, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE `id`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + $result_main = SQL_QUERY_ESC("SELECT + `company`, `position`, `gender`, `surname`, `family`, + `street_nr1`, `street_nr2`, `zip`, `city`, `country`, + `phone`, `fax`, `cell`, `email`, `url`, `tax_ident`, + `receive_warnings`, `warning_interval` +FROM + `{!_MYSQL_PREFIX!}_sponsor_data` +WHERE + `id`='%s' +LIMIT 1", + array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); + if (SQL_NUMROWS($result_main) == 1) { // Load sponsor details - $DATA = SQL_FETCHARRAY($result); - SQL_FREERESULT($result); + $DATA = SQL_FETCHARRAY($result_main); // Prepare all data for the template // Sponsor's ID define('__SPONSOR_ID' , bigintval(REQUEST_GET('id'))); + // Company's data define('__COMPANY' , $DATA['company']); define('__POSITION' , $DATA['position']); define('__TAX_IDENT' , $DATA['tax_ident']); + // Personal data - switch ($DATA['gender']) - { + switch ($DATA['gender']) { case 'M': define('__GENDER_M', ' selected="selected"'); define('__GENDER_F', ''); @@ -107,23 +116,22 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { // Sponsor was found if ((isFormSent()) || (REQUEST_ISSET_POST('edit'))) { // Perform action on mode - switch (REQUEST_GET('mode')) - { - case "add_points": // Add points + switch (REQUEST_GET('mode')) { + case 'add_points': // Add points if (strval(REQUEST_POST('points')) > 0) { // Replace german decimal comma with computer's decimal dot $POINTS = strval(convertCommaToDot(REQUEST_POST('points'))); // Add points to account - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_amount=points_amount+%s WHERE `id`='%s' LIMIT 1", - array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `points_amount`=`points_amount`+%s WHERE `id`='%s' LIMIT 1", + array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); // Remember points /reason for the template define('__POINTS' , translateComma($POINTS)); define('__REASON' , REQUEST_POST('reason')); // Send email - $msg = LOAD_EMAIL_TEMPLATE("sponsor_add_points", REQUEST_POST('reason'), true); + $msg = LOAD_EMAIL_TEMPLATE('sponsor_add_points', REQUEST_POST('reason'), true); sendEmail(__EMAIL, ADMIN_SPONSOR_ADD_POINTS_SUBJ, $msg); $message = ADMIN_SPONSOR_POINTS_ADDED; } else { @@ -132,21 +140,21 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { } break; - case "sub_points": // Subtract points + case 'sub_points': // Subtract points if (strval(REQUEST_POST('points')) > 0) { // Replace german decimal comma with computer's decimal dot $POINTS = strval(convertCommaToDot(REQUEST_POST('points'))); // Add points to account - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_used=points_used+%s WHERE `id`='%s' LIMIT 1", - array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET `points_used`=`points_used`+%s WHERE `id`='%s' LIMIT 1", + array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); // Remember points /reason for the template define('__POINTS' , translateComma($POINTS)); define('__REASON' , REQUEST_POST('reason')); // Send email - $msg = LOAD_EMAIL_TEMPLATE("sponsor_sub_points", REQUEST_POST('reason'), true); + $msg = LOAD_EMAIL_TEMPLATE('sponsor_sub_points', REQUEST_POST('reason'), true); sendEmail(__EMAIL, ADMIN_SPONSOR_SUB_POINTS_SUBJ, $msg); $message = ADMIN_SPONSOR_POINTS_SUBTRACTED; } else { @@ -165,7 +173,7 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { } // Convert time selection - $DATA = array(); $id = "warning_interval_ye"; $skip = false; + $DATA = array(); $id = 'warning_interval_ye'; $skip = false; convertSelectionsToTimestamp(REQUEST_POST_ARRAY(), $DATA, $id, $skip); // Save the sponsor @@ -175,10 +183,10 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { REQUEST_POST('gender' , translateGender(REQUEST_POST('gender'))); REQUEST_POST('warning_interval', createFancyTime(REQUEST_POST('warning_interval'))); - if (!$PASS) REQUEST_SET_POST('pass1', getMessage('SPONSOR_PASS_UNCHANGED')); + if ($PASS === false) REQUEST_SET_POST('pass1', getMessage('SPONSOR_PASS_UNCHANGED')); // Load email template and send the mail away - $msg = LOAD_EMAIL_TEMPLATE("admin_sponsor_edit", REQUEST_POST_ARRAY(), false); + $msg = LOAD_EMAIL_TEMPLATE('admin_sponsor_edit', REQUEST_POST_ARRAY(), false); sendEmail(REQUEST_POST('email'), getMessage('ADMIN_SPONSOR_EDIT_SUBJECT'), $msg); break; @@ -194,7 +202,7 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { } // END - if } elseif (isFileReadable(sprintf("%stemplates/%s/html/admin/%s.tpl", constant('PATH'), getLanguage(), $TPL))) { // Create mailto link - define('__SPONSOR_VALUE', "{!__SURNAME!} {!__FAMILY!}"); + define('__SPONSOR_VALUE', "{!__SURNAME!} {!__FAMILY!}"); // Load mode template LOAD_TEMPLATE($TPL); @@ -206,6 +214,9 @@ if ((REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('mode'))) { // Sponsor not found! LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_SPONSOR_404'), bigintval(REQUEST_GET('id')))); } + + // Free result + SQL_FREERESULT($result_main); } else { // Not called by what-list_sponsor.php LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_CALL_NOT_DIRECTLY')); diff --git a/inc/modules/admin/what-guestedit.php b/inc/modules/admin/what-guestedit.php index 8552a2354f..baed73f3d0 100644 --- a/inc/modules/admin/what-guestedit.php +++ b/inc/modules/admin/what-guestedit.php @@ -58,25 +58,20 @@ $chk = 0; if (REQUEST_ISSET_POST('sel')) $chk = countPostSelection(); // List all menu points and make them editable -if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) -{ +if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { // Edit menu entries define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $cnt = 0; $OUT = ''; $SW = 2; - foreach (REQUEST_POST('sel') as $sel => $confirm) - { - if ($confirm == 1) - { + foreach (REQUEST_POST('sel') as $sel => $confirm) { + if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + $result = SQL_QUERY_ESC("SELECT `title`, `action`, `what` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval($sel)), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($menu, $act, $wht) = SQL_FETCHROW($result); - SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, 'sel' => $sel, @@ -85,55 +80,58 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) 'menu' => $menu, 'sw' => $SW, ); - $OUT .= LOAD_TEMPLATE("admin_gmenu_edit_row", true, $DATA); - } - else - { + $OUT .= LOAD_TEMPLATE('admin_gmenu_edit_row', true, $DATA); + } else { // Entry not found? $content = array( 'sw' => $SW, 'sel' => $sel ); - $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } + SQL_FREERESULT($result); $SW = 3 - $SW; - } - } + } // END - if + } // END - foreach + define('__MENU_ROWS', $OUT); define('__CNT_VALUE', $cnt); // Load template - LOAD_TEMPLATE("admin_gmenu_edit_form"); + LOAD_TEMPLATE('admin_gmenu_edit_form'); } elseif ((REQUEST_ISSET_POST('del')) && (!IS_DEMO())) { // Del menu entries with or without confirmation define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); - $cnt = 0; $OUT = ''; $SW = 2; + $cnt = 0; + $OUT = ''; + $SW = 2; + foreach (REQUEST_POST('sel') as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `title` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($menu) = SQL_FETCHROW($result); - SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, 'menu' => $menu, 'sel' => $sel, 'sw' => $SW, ); - $OUT .= LOAD_TEMPLATE("admin_gmenu_delete_row", true, $DATA); + $OUT .= LOAD_TEMPLATE('admin_gmenu_delete_row', true, $DATA); } else { // Entry not found? $content = array( 'sw' => $SW, 'sel' => $sel ); - $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } + SQL_FREERESULT($result); $SW = 3 - $SW; } } @@ -141,11 +139,10 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) define('__CNT_VALUE', $cnt); // Load template - LOAD_TEMPLATE("admin_gmenu_delete"); + LOAD_TEMPLATE('admin_gmenu_delete'); } elseif ((isFormSent()) && (!IS_DEMO())) { // An action is done... - switch (REQUEST_POST('ok')) - { + switch (REQUEST_POST('ok')) { case 'edit': // Edit menu foreach (REQUEST_POST('sel') as $sel => $menu) { // Secure selector @@ -153,8 +150,8 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) // Update entry SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array($menu, REQUEST_POST('sel_action', $sel), REQUEST_POST('sel_what', $sel), $sel),__FILE__, __LINE__); - } + array($menu, REQUEST_POST('sel_action', $sel), REQUEST_POST('sel_what', $sel), $sel),__FILE__, __LINE__); + } // END - foreach LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED')); break; @@ -162,8 +159,8 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) foreach (REQUEST_POST('sel') as $sel => $menu) { // Delete enty SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); - } + array(bigintval($sel)), __FILE__, __LINE__); + } // END - foreach LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED')); break; @@ -174,36 +171,32 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) // Update entry SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__); - } + array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__); + } // END - foreach LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED')); break; default: // Unexpected action define('__OK_VALUE', REQUEST_POST('ok')); DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", REQUEST_POST('ok'))); - LOAD_TEMPLATE("admin_menu_unknown_okay"); + LOAD_TEMPLATE('admin_menu_unknown_okay'); break; - } -} elseif ((REQUEST_ISSET_POST(('status'))) && ($chk > 0) && (!IS_DEMO())) { + } // END - switch +} elseif ((REQUEST_ISSET_POST('status')) && ($chk > 0) && (!IS_DEMO())) { // Change status (visible / locked) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); // Load template $SW = 2; $cnt = 0; $OUT = ''; - foreach (REQUEST_POST('sel') as $sel => $confirm) - { - if ($confirm == 1) - { + foreach (REQUEST_POST('sel') as $sel => $confirm) { + if ($confirm == 1) { $cnt++; $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { + array(bigintval($sel)), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($menu, $vis, $locked) = SQL_FETCHROW($result); - SQL_FREERESULT($result); $content = array( 'cnt' => $cnt, 'menu' => $menu, @@ -215,9 +208,7 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) // Load template $OUT .= LOAD_TEMPLATE('admin_menu_status_row', true, $content); - } - else - { + } else { // Entry not found? $content = array( 'sw' => $SW, @@ -225,45 +216,47 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) ); $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } + + SQL_FREERESULT($result); $SW = 3 - $SW; - } - } + } // END - if + } // END - foreach define('__CNT_VALUE', $cnt); define('__MENU_ROWS', $OUT); // Load template LOAD_TEMPLATE('admin_gmenu_status'); } else { - if ((REQUEST_ISSET_GET(('act'))) && (REQUEST_ISSET_GET(('tid'))) && (REQUEST_ISSET_GET(('fid')))) { + if ((REQUEST_ISSET_GET('act')) && (REQUEST_ISSET_GET('tid')) && (REQUEST_ISSET_GET('fid'))) { // Get IDs - if (REQUEST_ISSET_GET(('w'))) { + if (REQUEST_ISSET_GET('w')) { // Sub menus selected $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", - array(REQUEST_GET('act'), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); + array(REQUEST_GET('act'), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", - array(REQUEST_GET('act'), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); + array(REQUEST_GET('act'), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { // Main menu selected $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); } if ((!empty($tid)) && (!empty($fid))) { // Sort menu - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__); - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__); } // END - if } // END - if @@ -274,7 +267,7 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) } else { // List sub menus $result = SQL_QUERY_ESC("SELECT `id`,`action`,`what`,`title`,`sort` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC", - array($SUB), __FILE__, __LINE__); + array($SUB), __FILE__, __LINE__); } // Get number of menu entries @@ -307,6 +300,7 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) if (empty($content['what'])) $content['what'] = ' '; if (empty($content['title'])) $content['title'] = ' '; + // Prepapre content $content = array( 'sw' => $SW, 'id' => $content['id'], @@ -315,10 +309,12 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) 'title' => $content['title'], 'navi' => $NAVI, 'mode' => 'guest' - ); - $OUT .= LOAD_TEMPLATE('admin_menu_overview_row', true, $content); - $SW = 3 - $SW; - } + ); + + // Load row template + $OUT .= LOAD_TEMPLATE('admin_menu_overview_row', true, $content); + $SW = 3 - $SW; + } // END - while // Free memory SQL_FREERESULT($result); diff --git a/inc/modules/admin/what-list_autopurge.php b/inc/modules/admin/what-list_autopurge.php index 9dbd590edf..57b6a3f8bc 100644 --- a/inc/modules/admin/what-list_autopurge.php +++ b/inc/modules/admin/what-list_autopurge.php @@ -56,19 +56,26 @@ if (getConfig('def_refid') > 0) { if (EXT_IS_ACTIVE('beg')) $EXCLUDE_LIST .= " AND d.userid != ".getConfig('beg_uid').""; if (EXT_IS_ACTIVE('bonus')) $EXCLUDE_LIST .= " AND d.userid != ".getConfig('bonus_uid').""; if (EXT_IS_ACTIVE('doubler')) $EXCLUDE_LIST .= " AND d.userid != ".getConfig('doubler_uid').""; -if (GET_EXT_VERSION('holiday') >= '0.1.3') $EXCLUDE_LIST .= " AND d.`holiday_active`='N'"; +if (GET_EXT_VERSION('holiday') >= '0.1.3') $EXCLUDE_LIST .= " AND d.holiday_active='N'"; // Check for all accounts -$result = SQL_QUERY_ESC("SELECT DISTINCT d.userid, d.gender, d.surname, d.family, d.email, d.joined, d.last_online, d.ap_notified -FROM `{!_MYSQL_PREFIX!}_user_data` AS d -WHERE d.`status`='CONFIRMED' AND d.joined < (UNIX_TIMESTAMP() - %s) AND d.last_online < (UNIX_TIMESTAMP() - %s) AND d.ap_notified < (UNIX_TIMESTAMP() - %s) -".$EXCLUDE_LIST." -ORDER BY d.userid", -array( -getConfig('ap_inactive_since'), -getConfig('ap_inactive_since'), -getConfig('ap_inactive_since') -), __FILE__, __LINE__); +$result = SQL_QUERY_ESC("SELECT DISTINCT + d.userid, d.gender, d.surname, d.family, d.email, d.joined, d.last_online, d.ap_notified +FROM + `{!_MYSQL_PREFIX!}_user_data` AS d +WHERE + d.`status`='CONFIRMED' AND + d.joined < (UNIX_TIMESTAMP() - %s) AND + d.last_online < (UNIX_TIMESTAMP() - %s) AND + d.ap_notified < (UNIX_TIMESTAMP() - %s) + ".$EXCLUDE_LIST." +ORDER BY + d.userid ASC", + array( + getConfig('ap_inactive_since'), + getConfig('ap_inactive_since'), + getConfig('ap_inactive_since') + ), __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Ok, we have found some inactive accounts @@ -82,14 +89,14 @@ if (SQL_NUMROWS($result) > 0) { 'gender' => translateGender($content['gender']), 'sname' => $content['surname'], 'fname' => $content['family'], - 'email' => "".$content['email']."", + 'email' => "".$content['email']."", 'joined' => generateDateTime($content['joined'], '2'), 'last' => generateDateTime($content['last_online'], '2'), 'notified' => generateDateTime($content['ap_notified'], '2'), ); // Load row template - $OUT .= LOAD_TEMPLATE("admin_list_autopurge_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_autopurge_row', true, $content); $SW = 3 - $SW; } @@ -99,7 +106,7 @@ if (SQL_NUMROWS($result) > 0) { define('__AUTOPURGE_ROWS', $OUT); // Load main template - LOAD_TEMPLATE("admin_list_autopurge"); + LOAD_TEMPLATE('admin_list_autopurge'); } else { // All members are active or you don't have any registered LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_AUTOPURGE_ALL_ACTIVE')); diff --git a/inc/modules/admin/what-list_beg.php b/inc/modules/admin/what-list_beg.php index aa52994593..0ffdfb9a07 100644 --- a/inc/modules/admin/what-list_beg.php +++ b/inc/modules/admin/what-list_beg.php @@ -86,7 +86,7 @@ ORDER BY beg_points DESC, last_online DESC, userid", // @TODO to shorten this block. Please also do so with uid->userid $content = array( 'uid' => $content['userid'], - 'email' => generateMemberEmailLink($content['email'], "user_data"), + 'email' => generateEmailLink($content['email'], 'user_data'), 'gender' => translateGender($content['gender']), 'sname' => $content['surname'], 'fname' => $content['family'], diff --git a/inc/modules/admin/what-list_bonus.php b/inc/modules/admin/what-list_bonus.php index 1052ebf400..8978037e58 100644 --- a/inc/modules/admin/what-list_bonus.php +++ b/inc/modules/admin/what-list_bonus.php @@ -101,7 +101,7 @@ ORDER BY points DESC, last_online DESC, userid", // Prepare content $content['uid'] = generateUserProfileLink($content['uid']); - $content['email'] = generateMemberEmailLink($content['email'], "user_data"); + $content['email'] = generateEmailLink($content['email'], 'user_data'); $content['gender'] = translateGender($content['gender']); $content['points'] = translateComma($content['points']); $content['last'] = generateDateTime($content['last'], '2'); diff --git a/inc/modules/admin/what-list_cats.php b/inc/modules/admin/what-list_cats.php index 4483c96ecc..05e1c856d9 100644 --- a/inc/modules/admin/what-list_cats.php +++ b/inc/modules/admin/what-list_cats.php @@ -48,8 +48,8 @@ ADD_DESCR('admin', __FILE__); if (REQUEST_ISSET_GET('uid')) { // Check if the user already exists - $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Loads surname, family's name and the email address list($sname, $fname, $email) = SQL_FETCHROW($result); @@ -59,17 +59,17 @@ if (REQUEST_ISSET_GET('uid')) { define('__CATS_BASE' , "".$sname." ".$fname.""); + define('__EMAIL' , "".$sname." ".$fname.""); // Ok, list categories of this user - $result_cats = SQL_QUERY("SELECT id, cat FROM `{!_MYSQL_PREFIX!}_cats` ORDER BY `sort`", __FILE__, __LINE__); + $result_cats = SQL_QUERY("SELECT `id`, `cat` FROM `{!_MYSQL_PREFIX!}_cats` ORDER BY `sort` ASC", __FILE__, __LINE__); if (SQL_NUMROWS($result_cats) > 0) { // List categories $cnt = 1; $OUT = ''; $SW = 2; while ($content = SQL_FETCHARRAY($result_cats)) { // Check user's selection - $result_user = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE userid=%s AND cat_id=%s LIMIT 1", + $result_user = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE `userid`=%s AND `cat_id`=%s LIMIT 1", array(bigintval(REQUEST_GET('uid')), bigintval($content['id'])), __FILE__, __LINE__); // Set selection @@ -82,7 +82,7 @@ if (REQUEST_ISSET_GET('uid')) { $content['sel'] = $selection; // Load row template and switch colors + count up - $OUT .= LOAD_TEMPLATE("admin_list_cats_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_cats_row', true, $content); $SW = 3 - $SW; $cnt++; } // END - while @@ -93,10 +93,10 @@ if (REQUEST_ISSET_GET('uid')) { define('__CATS_ROWS', $OUT); // Load main template - LOAD_TEMPLATE("admin_list_cats"); + LOAD_TEMPLATE('admin_list_cats'); } else { // No categories selected! :-( - LOAD_TEMPLATE("admin_list_cats_404"); + LOAD_TEMPLATE('admin_list_cats_404'); } } else { // User not found diff --git a/inc/modules/admin/what-list_links.php b/inc/modules/admin/what-list_links.php index 12058cc102..aa10df751a 100644 --- a/inc/modules/admin/what-list_links.php +++ b/inc/modules/admin/what-list_links.php @@ -140,10 +140,10 @@ if (REQUEST_ISSET_GET('uid')) { ); // Load row template - $OUT .= LOAD_TEMPLATE("admin_list_links_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_links_row', true, $content); } else { // Load template for error - $OUT .= LOAD_TEMPLATE("admin_list_links_problem", + $OUT .= LOAD_TEMPLATE('admin_list_links_problem', array( 'sw' => $SW, 'problem' => $PROBLEM, @@ -160,13 +160,13 @@ if (REQUEST_ISSET_GET('uid')) { // Remember list in constant for the template define('__SNAME_VALUE', $sname); define('__FNAME_VALUE', $fname); - define('__EMAIL_VALUE', "".$email.""); + define('__EMAIL_VALUE', "".$email.""); define('__EMAIL_LIST' , $OUT); define('__NUMS_VALUE' , $nums); define('__UID' , bigintval(REQUEST_GET('uid'))); // Load final template - LOAD_TEMPLATE("admin_list_links"); + LOAD_TEMPLATE('admin_list_links'); } } else { // No mails left to confirm diff --git a/inc/modules/admin/what-list_payouts.php b/inc/modules/admin/what-list_payouts.php index 13e6812f98..b8e0c5c923 100644 --- a/inc/modules/admin/what-list_payouts.php +++ b/inc/modules/admin/what-list_payouts.php @@ -76,35 +76,39 @@ if (REQUEST_ISSET_GET(('pid'))) { SQL_FREERESULT($result); // Konstante bauen - define('PAYOUT_USERDATA_VALUE', "".translateGender($gender)." ".$surname." ".$family.""); + define('PAYOUT_USERDATA_VALUE', "".translateGender($gender)." ".$surname." ".$family.""); - if ((REQUEST_GET('do') == "accept") && (!empty($email))) { + if ((REQUEST_GET('do') == 'accept') && (!empty($email))) { // Ok, now we can output the form or execute accepting if (isFormSent()) { // Obtain payout type and other data - $result = SQL_QUERY_ESC("SELECT payout_id FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE `id`=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE `id`=%s LIMIT 1", array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__); list($ptype) = SQL_FETCHROW($result); SQL_FREERESULT($result); if (!empty($ptype)) { // Obtain data from payout type - $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE `id`=%s LIMIT 1", - array(bigintval($ptype)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url` +FROM + `{!_MYSQL_PREFIX!}_payout_types` +WHERE + `id`=%s +LIMIT 1", + array(bigintval($ptype)), __FILE__, __LINE__); list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result); SQL_FREERESULT($result); if (!empty($eurl)) { // Ok, run URL... $eurl = COMPILE_CODE($eurl); - switch ($eenc) - { - case "md5": + switch ($eenc) { + case 'md5': $fpass = md5($fpass); $tpass = md5($tpass); break; - case "base64": + case 'base64': $fpass = base64_encode($fpass); $tpass = base64_encode($tpass); break; @@ -135,7 +139,7 @@ if (REQUEST_ISSET_GET(('pid'))) { array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__); // Send out mail - $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", REQUEST_POST('text'), $uid); + $msg = LOAD_EMAIL_TEMPLATE('member_payout_accepted', REQUEST_POST('text'), $uid); // Output message if ($allow == 'Y') { @@ -165,22 +169,22 @@ if (REQUEST_ISSET_GET(('pid'))) { ); // Load template - LOAD_TEMPLATE("admin_payout_accept_form", false, $content); + LOAD_TEMPLATE('admin_payout_accept_form', false, $content); } - } elseif ((REQUEST_GET('do') == "reject") && (!empty($email))) { + } elseif ((REQUEST_GET('do') == 'reject') && (!empty($email))) { // Ok, now we can output the form or execute rejecting if (isFormSent()) { if ($task > 0) { // Clear task runFilterChain('solve_task', $task); - } + } // END - if // Clear payout request SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__); // Send out mail - $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", REQUEST_POST('text'), $uid); + $msg = LOAD_EMAIL_TEMPLATE('member_payout_rejected', REQUEST_POST('text'), $uid); // Output message LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED')); @@ -195,7 +199,7 @@ if (REQUEST_ISSET_GET(('pid'))) { ); // Load template - LOAD_TEMPLATE("admin_payout_reject_form", false, $content); + LOAD_TEMPLATE('admin_payout_reject_form', false, $content); } } else { // Cannot load user data @@ -208,22 +212,31 @@ if (REQUEST_ISSET_GET(('pid'))) { } else { if (!REQUEST_ISSET_GET('do')) REQUEST_SET_GET('do', ''); - if (REQUEST_GET('do') == "delete") { + if (REQUEST_GET('do') == 'delete') { // Delete all requests - $result = SQL_QUERY("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__); - } + $result = SQL_QUERY("TRUNCATE `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__); + } // END - if // Search for payouts - $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner -FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p, `{!_MYSQL_PREFIX!}_payout_types` AS t -WHERE p.payout_id=t.id -ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT + p.id, p.userid AS uid, p.payout_total, p.target_account, + p.target_bank, t.type, p.payout_timestamp, p.status, + t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, + p.banner_url AS banner +FROM + `{!_MYSQL_PREFIX!}_user_payouts` AS p +LEFT JOIN + `{!_MYSQL_PREFIX!}_payout_types` AS t +ON + p.payout_id=t.id +ORDER BY + p.payout_timestamp DESC", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // List found payouts $OUT = ''; $SW = 2; while ($content = SQL_FETCHARRAY($result)) { - if ($content['status'] == "NEW") { + if ($content['status'] == 'NEW') { // Generate links for direct accepting and rejecting $content['status'] = "".PAYOUT_ACCEPT_PAYOUT." | ".PAYOUT_REJECT_PAYOUT.""; } else { @@ -237,10 +250,10 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); // Banner/Textlink views/clicks request if (!empty($content['banner'])) { // Load template for the banner - $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content); + $content['target_account'] = LOAD_TEMPLATE('admin_list_payouts_banner', true, $content); } else { // Textlink - $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content); + $content['target_account'] = LOAD_TEMPLATE('admin_list_payouts_txt', true, $content); } // Admins can addionally test the URL for framekillers @@ -263,7 +276,7 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); ); // Add row and switch color - $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_payouts_row', true, $content); $SW = 3 - $SW; } @@ -272,11 +285,12 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); define('__PAYOUT_ROWS', $OUT); // Load final template - LOAD_TEMPLATE("admin_list_payouts"); + LOAD_TEMPLATE('admin_list_payouts'); } else { // No payout requests are sent so far LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND')); } } -// + +// [EOF] ?> diff --git a/inc/modules/admin/what-list_rallyes.php b/inc/modules/admin/what-list_rallyes.php index 44d0d721b2..c2ed620c93 100644 --- a/inc/modules/admin/what-list_rallyes.php +++ b/inc/modules/admin/what-list_rallyes.php @@ -243,12 +243,12 @@ LIMIT 1", if (($content['refs'] > 0) || ($cnt > 0)) { // Insert link to referal list //* DEBUG: */ echo '-'.$content['userid'].'/'.$cnt.'/'.$content['refs']."-
    "; - $cnt = generateUserProfileLink($content['userid'], $cnt, "list_refs"); - $content['refs'] = generateUserProfileLink($content['userid'], $content['refs'], "list_refs"); + $cnt = generateUserProfileLink($content['userid'], $cnt, 'list_refs'); + $content['refs'] = generateUserProfileLink($content['userid'], $content['refs'], 'list_refs'); } // END - if // Get user points - $points = GET_TOTAL_DATA($content['userid'], "user_points", "points", 'userid', false, " AND ref_depth=1 LIMIT 1"); + $points = GET_TOTAL_DATA($content['userid'], 'user_points', 'points', 'userid', false, " AND `ref_depth`=1 LIMIT 1"); //* DEBUG: */ echo basename(__FILE__).":uid={$content['userid']},points={$points},opoints={$content['curr_points']}
    \n"; // Prepare content @@ -310,7 +310,7 @@ ORDER BY start_time DESC", $content = array( 'select' => "", 'aid' => $content['admin_id'], - 'email_link' => generateMemberEmailLink($content['admin_id']), + 'email_link' => generateEmailLink($content['admin_id']), 'alogin' => $content['alogin'], 'id' => $content['id'], 'sw' => $SW, diff --git a/inc/modules/admin/what-list_refs.php b/inc/modules/admin/what-list_refs.php index e6c5b31f89..6f4155dd02 100644 --- a/inc/modules/admin/what-list_refs.php +++ b/inc/modules/admin/what-list_refs.php @@ -148,7 +148,7 @@ ORDER BY level ASC", __FILE__, __LINE__); 'refs_link' => '0', 'surname' => $data['surname'], 'family' => $data['family'], - 'email' => "[".$data['email']."]", + 'email' => "[".$data['email']."]", 'status' => translateUserStatus($data['status']), 'registered' => generateDateTime($data['joined'], '3'), ); @@ -200,16 +200,16 @@ ORDER BY level ASC", __FILE__, __LINE__); 'refs_link' => '0', 'surname' => $levels['surname'], 'family' => $levels['family'], - 'email' => "[".$levels['email']."]", + 'email' => "[".$levels['email']."]", 'status' => translateUserStatus($levels['status']), 'registered' => generateDateTime($levels['joined'], '3'), ); // Check if referal count is larger 0 and update link - if ($refs_cnt > 0) $content['refs_link'] = generateUserProfileLink($levels['userid'], $refs_cnt, "list_refs"); + if ($refs_cnt > 0) $content['refs_link'] = generateUserProfileLink($levels['userid'], $refs_cnt, 'list_refs'); // Load template for level one - $OUT .= LOAD_TEMPLATE("admin_list_refs_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_refs_row', true, $content); // Switch colors $SW = 3 - $SW; @@ -224,9 +224,9 @@ ORDER BY level ASC", __FILE__, __LINE__); // Load main template if (EXT_IS_ACTIVE('refback')) { - LOAD_TEMPLATE("admin_list_refs2", false, $content); + LOAD_TEMPLATE('admin_list_refs2', false, $content); } else { - LOAD_TEMPLATE("admin_list_refs", false, $content); + LOAD_TEMPLATE('admin_list_refs', false, $content); } } elseif (EXT_IS_ACTIVE('refback')) { // No levels found, very bad! diff --git a/inc/modules/admin/what-list_sponsor.php b/inc/modules/admin/what-list_sponsor.php index f665e9e7fd..861d41c19b 100644 --- a/inc/modules/admin/what-list_sponsor.php +++ b/inc/modules/admin/what-list_sponsor.php @@ -90,7 +90,7 @@ WHERE `id`='%s' LIMIT 1", define('__SPONSOR_PHONE' , $DATA['phone']); define('__SPONSOR_FAX' , $DATA['fax']); define('__SPONSOR_CELL' , $DATA['cell']); - define('__SPONSOR_EMAIL' , "mailto:".$DATA['email']); + define('__SPONSOR_EMAIL' , generateEmailLink($DATA['email'], 'sponsor_data')); define('__SPONSOR_EMAIL_VALUE', $DATA['email']); define('__SPONSOR_URL' , DEREFERER($DATA['url'])); // Timestamps @@ -117,18 +117,25 @@ WHERE `id`='%s' LIMIT 1", // Sponsor not found LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_SPONSOR_404'), REQUEST_GET('id'))); } -} elseif (REQUEST_ISSET_GET(('rid'))) { +} elseif (REQUEST_ISSET_GET('rid')) { // Search for sponsor $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE `id`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('rid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('rid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Free memory SQL_FREERESULT($result); // Sponsor found so let's list all his referals - $result = SQL_QUERY_ESC("SELECT id, gender, surname, family, email, status, sponsor_created, last_online, points_amount, points_used, remote_addr, ref_count -FROM `{!_MYSQL_PREFIX!}_sponsor_data` -WHERE refid='%s' ORDER BY `id`", + $result = SQL_QUERY_ESC("SELECT + `id`, `gender`, `surname`, `family`, `email`, `status`, + `sponsor_created`, `last_online`, `points_amount`, `points_used`, + `remote_addr`, `ref_count` +FROM + `{!_MYSQL_PREFIX!}_sponsor_data` +WHERE + `refid`='%s' +ORDER BY + `id` ASC", array(bigintval(REQUEST_GET('rid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { @@ -145,8 +152,14 @@ WHERE refid='%s' ORDER BY `id`", } } else { // List all sponsors - $result_main = SQL_QUERY("SELECT id, gender, surname, family, email, status, sponsor_created, last_online, points_amount, points_used, remote_addr -FROM `{!_MYSQL_PREFIX!}_sponsor_data` ORDER BY `id`", __FILE__, __LINE__); + $result_main = SQL_QUERY("SELECT + `id`, `gender`, `surname`, `family`, `email`, `status`, + `sponsor_created`, `last_online`, `points_amount`, `points_used`, `remote_addr` +FROM + `{!_MYSQL_PREFIX!}_sponsor_data` +ORDER BY + `id` ASC", __FILE__, __LINE__); + if (SQL_NUMROWS($result_main) > 0) { // At least one sponsor found! $OUT = ''; $SW = 2; @@ -159,7 +172,7 @@ FROM `{!_MYSQL_PREFIX!}_sponsor_data` ORDER BY `id`", __FILE__, __LINE__); 'gender' => translateGender($content['gender']), 'sname' => $content['surname'], 'fname' => $content['family'], - 'email' => "mailto:".$content['email'], + 'email' => generateEmailLink($content['email'], 'sponsor_data'), 'status' => sponsorTranslateUserStatus($content['status']), 'created' => generateDateTime($content['sponsor_created'], '2'), 'last' => generateDateTime($content['last_online'], '2'), @@ -168,7 +181,7 @@ FROM `{!_MYSQL_PREFIX!}_sponsor_data` ORDER BY `id`", __FILE__, __LINE__); ); // Load row template - $OUT .= LOAD_TEMPLATE("admin_list_sponsor_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_sponsor_row', true, $content); $SW = 3 - $SW; } @@ -179,7 +192,7 @@ FROM `{!_MYSQL_PREFIX!}_sponsor_data` ORDER BY `id`", __FILE__, __LINE__); define('__SPONSOR_ROWS', $OUT); // Load final template - LOAD_TEMPLATE("admin_list_sponsor"); + LOAD_TEMPLATE('admin_list_sponsor'); } else { // No sponsors registered so far LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_SPONSOR_NONE_REGISTERED')); diff --git a/inc/modules/admin/what-list_sponsor_pay.php b/inc/modules/admin/what-list_sponsor_pay.php index dbf1afe7a6..476b21863c 100644 --- a/inc/modules/admin/what-list_sponsor_pay.php +++ b/inc/modules/admin/what-list_sponsor_pay.php @@ -40,7 +40,7 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); -} +} // END - if // Add description as navigation point ADD_DESCR('admin', __FILE__); @@ -49,13 +49,13 @@ $message = ''; if (REQUEST_ISSET_POST('add')) { // Check input variables - if (!REQUEST_ISSET_POST(('pay_name'))) REQUEST_UNSET_POST('add'); - if ((round(REQUEST_POST('pay_rate')) == 0) || (!REQUEST_ISSET_POST(('pay_rate')))) REQUEST_UNSET_POST('add'); + if (!REQUEST_ISSET_POST('pay_name')) REQUEST_UNSET_POST('add'); + if ((round(REQUEST_POST('pay_rate')) == 0) || (!REQUEST_ISSET_POST('pay_rate'))) REQUEST_UNSET_POST('add'); REQUEST_SET_POST('pay_min_count', bigintval(REQUEST_POST('pay_min_count'))); - if ((REQUEST_POST('pay_min_count') == 0) || (!REQUEST_ISSET_POST(('pay_min_count')))) REQUEST_UNSET_POST('add'); - if (!REQUEST_ISSET_POST(('pay_currency'))) REQUEST_UNSET_POST('add'); + if ((REQUEST_POST('pay_min_count') == 0) || (!REQUEST_ISSET_POST('pay_min_count'))) REQUEST_UNSET_POST('add'); + if (!REQUEST_ISSET_POST('pay_currency')) REQUEST_UNSET_POST('add'); } elseif ((REQUEST_ISSET_POST('edit')) || (REQUEST_ISSET_POST('del')) || (REQUEST_ISSET_POST('change')) || (REQUEST_ISSET_POST('remove'))) { // Check if at least one entry was selected @@ -72,14 +72,22 @@ if (REQUEST_ISSET_POST('add')) { $id = bigintval($id); // Save entry - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_paytypes` -SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE `id`='%s' LIMIT 1", + SQL_QUERY_ESC("UPDATE + `{!_MYSQL_PREFIX!}_sponsor_paytypes` +SET + `pay_name`='%s', + `pay_rate`='%s', + `pay_min_count`='%s', + `pay_currency`='%s' +WHERE + `id`='%s' +LIMIT 1", array( - REQUEST_POST('name', $id), - REQUEST_POST('rate', $id), - bigintval(REQUEST_POST('min', $id)), - REQUEST_POST('curr', $id), - $id + REQUEST_POST('name', $id), + REQUEST_POST('rate', $id), + bigintval(REQUEST_POST('min', $id)), + REQUEST_POST('curr', $id), + $id ), __FILE__, __LINE__); } @@ -90,7 +98,7 @@ SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE `i foreach (REQUEST_POST('id') as $id => $sel) { // Remove entry SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` WHERE `id`='%s' LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); + array(bigintval($id)), __FILE__, __LINE__); } // Generate message @@ -100,22 +108,22 @@ SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE `i if (!empty($message)) { // Output message LOAD_TEMPLATE('admin_settings_saved', false, $message); - } + } // END - if } if (REQUEST_ISSET_POST('add')) { // Check if entry with same name does exists - $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` WHERE pay_name='%s' LIMIT 1", - array(REQUEST_POST('pay_name')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` WHERE `pay_name`='%s' LIMIT 1", + array(REQUEST_POST('pay_name')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // No entry found so add this line - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_paytypes` (pay_name, pay_rate, pay_min_count, pay_currency) VALUES ('%s','%s','%s','%s')", - array( - htmlspecialchars(REQUEST_POST('pay_name')), - convertCommaToDot(REQUEST_POST('pay_rate')), - bigintval(REQUEST_POST('pay_min_count')), - htmlspecialchars(REQUEST_POST('pay_currency')) - ), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_sponsor_paytypes` (`pay_name`, `pay_rate`, `pay_min_count`, `pay_currency`) VALUES ('%s','%s','%s','%s')", + array( + REQUEST_POST('pay_name'), + convertCommaToDot(REQUEST_POST('pay_rate')), + bigintval(REQUEST_POST('pay_min_count')), + REQUEST_POST('pay_currency') + ), __FILE__, __LINE__); // Payment type added! $message = sprintf(getMessage('ADMIN_SPONSOR_PAYTYPE_ADDED'), REQUEST_POST('pay_name')); @@ -134,8 +142,8 @@ if (REQUEST_ISSET_POST('add')) { $OUT = ''; $SW = 2; foreach (REQUEST_POST('id') as $id => $sel) { // Load entry - $result = SQL_QUERY_ESC("SELECT pay_name, pay_rate, pay_min_count, pay_currency FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` WHERE `id`='%s' LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `pay_name`, `pay_rate`, `pay_min_count`, `pay_currency` FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` WHERE `id`='%s' LIMIT 1", + array(bigintval($id)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load data list($name, $rate, $min, $curr) = SQL_FETCHROW($result); @@ -153,14 +161,14 @@ if (REQUEST_ISSET_POST('add')) { if (REQUEST_ISSET_POST('edit')) { // Edit entry - $OUT .= LOAD_TEMPLATE("admin_list_sponsor_pay_edit_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_sponsor_pay_edit_row', true, $content); } else { // Delete entry - $OUT .= LOAD_TEMPLATE("admin_list_sponsor_pay_del_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_sponsor_pay_del_row', true, $content); } } else { // Entry invalid - $OUT .= LOAD_TEMPLATE("admin_list_sponsor_pay_404", true, $id); + $OUT .= LOAD_TEMPLATE('admin_list_sponsor_pay_404', true, $id); } // Switch colors @@ -173,14 +181,14 @@ if (REQUEST_ISSET_POST('add')) { // Load main template depending on mode (edit/delete) if (REQUEST_ISSET_POST('edit')) { // Load main edit template - LOAD_TEMPLATE("admin_list_sponsor_pay_edit"); + LOAD_TEMPLATE('admin_list_sponsor_pay_edit'); } else { // Load main delete template - LOAD_TEMPLATE("admin_list_sponsor_pay_del"); + LOAD_TEMPLATE('admin_list_sponsor_pay_del'); } } else { // Load all payment types - $result = SQL_QUERY("SELECT id, pay_name, pay_rate, pay_min_count, pay_currency FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` ORDER BY pay_name", + $result = SQL_QUERY("SELECT `id`, `pay_name`, `pay_rate`, `pay_min_count`, `pay_currency` FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` ORDER BY `pay_name` ASC", __FILE__, __LINE__); // Do we have some paytypes setup? @@ -201,7 +209,7 @@ if (REQUEST_ISSET_POST('add')) { ); // Add row - $OUT .= LOAD_TEMPLATE("admin_list_sponsor_pay_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_sponsor_pay_row', true, $content); // Switch colors $SW = 3 - $SW; @@ -214,17 +222,17 @@ if (REQUEST_ISSET_POST('add')) { define('__LIST_ROWS', $OUT); // Load list template - define('__LIST_CONTENT', LOAD_TEMPLATE("admin_list_sponsor_pay", true)); + define('__LIST_CONTENT', LOAD_TEMPLATE('admin_list_sponsor_pay', true)); } else { // Noting setup so far! define('__LIST_CONTENT', LOAD_TEMPLATE('admin_settings_saved', true, getMessage('ADMIN_SPONSOR_NO_PAYTYPES'))); } // Add new payment types here - define('__ADD_CONTENT', LOAD_TEMPLATE("admin_add_sponsor_paytype", true)); + define('__ADD_CONTENT', LOAD_TEMPLATE('admin_add_sponsor_paytype', true)); // Load final template - LOAD_TEMPLATE("admin_sponsor_paytypes"); + LOAD_TEMPLATE('admin_sponsor_paytypes'); } // diff --git a/inc/modules/admin/what-list_unconfirmed.php b/inc/modules/admin/what-list_unconfirmed.php index 521cc90c12..083b193efc 100644 --- a/inc/modules/admin/what-list_unconfirmed.php +++ b/inc/modules/admin/what-list_unconfirmed.php @@ -52,27 +52,34 @@ ADD_DESCR('admin', __FILE__); $listed = false; // List confirmation links from normal or bonus mails -if (REQUEST_ISSET_GET(('mid'))) { +if (REQUEST_ISSET_GET('mid')) { // SQL query for mail data - $sql = "SELECT DISTINCT s.id, p.sender, p.subject, p.text, p.url, p.timestamp, s.max_rec FROM `{!_MYSQL_PREFIX!}_pool` AS p -LEFT JOIN `{!_MYSQL_PREFIX!}_user_stats` AS s -ON p.id=s.pool_id -WHERE p.id='".REQUEST_GET('mid')."' LIMIT 1"; + $sql = "SELECT + s.id, p.sender, p.subject, p.text, p.url, p.timestamp, s.max_rec +FROM + `{!_MYSQL_PREFIX!}_pool` AS p +LEFT JOIN + `{!_MYSQL_PREFIX!}_user_stats` AS s +ON + p.id=s.pool_id +WHERE + p.id='".REQUEST_GET('mid')."' +LIMIT 1"; // Column, type and ID for member's mail - $col = "stats_id"; $type = "NORMAL"; $ID = '-1'; + $col = 'stats_id'; $type = 'NORMAL'; $ID = '-1'; // Load admin_list_unconfirmed template $listed = true; $DATA = REQUEST_GET('mid'); $LINK = 'mailid'; -} elseif ((REQUEST_ISSET_GET(('bid'))) && (EXT_IS_ACTIVE('bonus'))) { +} elseif ((REQUEST_ISSET_GET('bid')) && (EXT_IS_ACTIVE('bonus'))) { // @TODO This constant might be unused? define('__LIST_UNCON_TITLE', getMessage('LIST_UNCONFIRMED_BONUS_LINKS')); // SQL query for mail data (both ids are required for compatiblity to above normal mail - $sql = "SELECT id, id, subject, text, url, timestamp, mails_sent FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`='".REQUEST_GET('bid')."' LIMIT 1"; + $sql = "SELECT `id`, `id`, `subject`, `text`, `url`, `timestamp`, `mails_sent` FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`='".REQUEST_GET('bid')."' LIMIT 1"; // Column, type and ID for member's mail - $col = 'bonus_id'; $type = "BONUS"; $ID = REQUEST_GET('bid'); + $col = 'bonus_id'; $type = 'BONUS'; $ID = REQUEST_GET('bid'); // Load admin_list_unconfirmed template $listed = true; $DATA = $ID; $LINK = 'bonusid'; @@ -98,18 +105,23 @@ if ($listed === true) { // Load unconfirmed mail links. Hmmm, this select query is pretty cool // but it does only show unconfirmed mail links from existing user // accounts. So if you have delete one you did not see those links - // - $result = SQL_QUERY_ESC("SELECT DISTINCT l.userid, u.status, u.surname, u.family, u.gender, u.email -FROM `{!_MYSQL_PREFIX!}_user_links` AS l -LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS u -ON l.userid=u.userid -WHERE l.%s='%s' ORDER BY l.userid LIMIT %s", - array($col, $ID, bigintval($max)),__FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT + l.userid, u.status, u.surname, u.family, u.gender, u.email +FROM + `{!_MYSQL_PREFIX!}_user_links` AS l +LEFT JOIN + `{!_MYSQL_PREFIX!}_user_data` AS u +ON + l.userid=u.userid +WHERE + l.%s='%s' ORDER BY l.userid LIMIT %s", + array($col, $ID, bigintval($max)),__FILE__, __LINE__); + + // Total number of unconfirmed mails $unconfirmed = SQL_NUMROWS($result); if ($unconfirmed > 0) { // At least one link left to confirm - $OUT = ''; $SW = 2; while ($content = SQL_FETCHARRAY($result)) { // Prepare data for the row template @@ -120,17 +132,17 @@ WHERE l.%s='%s' ORDER BY l.userid LIMIT %s", 'uid' => $content['userid'], 'link' => $LINK, 'id' => $ID, - 'email' => "".translateGender($content['gender'])." ".$content['surname']." ".$content['family']."", + 'email' => "".translateGender($content['gender'])." ".$content['surname']." ".$content['family']."", 'status' => translateUserStatus($content['status']), ); // Load row template and switch colors - $OUT .= LOAD_TEMPLATE("admin_list_unconfirmed_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_list_unconfirmed_row', true, $content); $SW = 3 - $SW; } // Render it in our new listing - $OUT = LOAD_TEMPLATE("admin_list_unconfirmed_list", true, $OUT); + $OUT = LOAD_TEMPLATE('admin_list_unconfirmed_list', true, $OUT); // Free memory SQL_FREERESULT($result); @@ -152,13 +164,14 @@ WHERE l.%s='%s' ORDER BY l.userid LIMIT %s", ); // Load final template - LOAD_TEMPLATE("admin_list_unconfirmed", false, $content); + LOAD_TEMPLATE('admin_list_unconfirmed', false, $content); } elseif (REQUEST_GET('mid') > 0) { // Data in pool or in user_stats not found, so let's find out where data is missing $result1 = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1", - array(bigintval($ID)), __FILE__, __LINE__); - $result2 = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE pool_id=%s LIMIT 1", - array(bigintval($ID)), __FILE__, __LINE__); + array(bigintval($ID)), __FILE__, __LINE__); + $result2 = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE `pool_id`=%s LIMIT 1", + array(bigintval($ID)), __FILE__, __LINE__); + if (SQL_NUMROWS($result1) == 1) { // pool table LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_UNCONFIRMED_POOL_MISSING'), $ID)); @@ -173,7 +186,7 @@ WHERE l.%s='%s' ORDER BY l.userid LIMIT %s", // Free memory SQL_FREERESULT($result1); SQL_FREERESULT($result2); - } elseif (REQUEST_ISSET_GET(('bid'))) { + } elseif (REQUEST_ISSET_GET('bid')) { // Data in bonus table not found LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_UNCONFIRMED_INVALID_LINK')); } diff --git a/inc/modules/admin/what-list_user.php b/inc/modules/admin/what-list_user.php index 52d2998e15..57630cefba 100644 --- a/inc/modules/admin/what-list_user.php +++ b/inc/modules/admin/what-list_user.php @@ -141,7 +141,7 @@ LIMIT 1", define('_LINKS', $LINKS); define('_ADMIN_LINKS', generateMemberAdminActionLinks($uid, $DATA['status'])); $DATA['gender'] = translateGender($DATA['gender']); - $DATA['email_link'] = generateMemberEmailLink($DATA['email'], "user_data"); + $DATA['email_link'] = generateEmailLink($DATA['email'], 'user_data'); $DATA['status'] = translateUserStatus($DATA['status']); $DATA['last_online'] = generateDateTime($DATA['last_online'], '0'); $DATA['used_points'] = translateComma($DATA['used_points']); @@ -149,8 +149,8 @@ LIMIT 1", $DATA['joined'] = generateDateTime($DATA['joined'], '0'); $DATA['last_update'] = generateDateTime($DATA['last_update'], '0'); $DATA['last_profile_sent'] = generateDateTime($DATA['last_profile_sent'], '0'); - $DATA['total'] = translateComma(GET_TOTAL_DATA($uid, "user_points", "points")); - $DATA['locked'] = translateComma(GET_TOTAL_DATA($uid, "user_points", "locked_points")); + $DATA['total'] = translateComma(GET_TOTAL_DATA($uid, 'user_points', 'points')); + $DATA['locked'] = translateComma(GET_TOTAL_DATA($uid, 'user_points', 'locked_points')); $DATA['lock_timestamp'] = generateDateTime($DATA['lock_timestamp'], '2'); // Is the lock reason not set? @@ -298,7 +298,7 @@ LIMIT 1", if ($content['refid'] > 0) $content['refid'] = generateUserProfileLink($content['refid']); // Get number of unconfirmed mails - $LINKS = GET_TOTAL_DATA($content['userid'], "user_links", 'id', 'userid', true); + $LINKS = GET_TOTAL_DATA($content['userid'], 'user_links', 'id', 'userid', true); if ($LINKS > 0) $LINKS = $base."&what=list_links&uid=".$content['userid']."\">".translateComma($LINKS)."]"; // Set link to sent mails if present @@ -308,7 +308,7 @@ LIMIT 1", if (empty($content['nickname']) || $content['nickname'] == $content['userid']) $content['nickname'] = '---'; // Calculate total points - $pointsTotal = GET_TOTAL_DATA($content['userid'], "user_points", "points") - GET_TOTAL_DATA($content['userid'], "user_data", "used_points"); + $pointsTotal = GET_TOTAL_DATA($content['userid'], 'user_points', 'points') - GET_TOTAL_DATA($content['userid'], 'user_data', 'used_points'); // Clickrate $clickRate = 0; @@ -320,13 +320,13 @@ LIMIT 1", $content['sw'] = $SW; $content['uid'] = generateUserProfileLink($content['userid']); $content['gender'] = translateGender($content['gender']); - $content['email'] = "[".$content['email']."]"; + $content['email'] = "[".$content['email']."]"; $content['addr'] = $content['REMOTE_ADDR']; $content['links'] = $LINKS; $content['alinks'] = generateMemberAdminActionLinks($content['userid'], $content['status']); $content['points'] = translateComma($pointsTotal); $content['rate'] = translateComma($clickRate); - $content['locked'] = translateComma(GET_TOTAL_DATA($content['userid'], "user_points", "locked_points")); + $content['locked'] = translateComma(GET_TOTAL_DATA($content['userid'], 'user_points', 'locked_points')); $content['lock_timestamp'] = generateDateTime($content['lock_timestamp'], '2'); $content['status'] = translateUserStatus($content['status']); diff --git a/inc/modules/admin/what-list_yoomedia_tm.php b/inc/modules/admin/what-list_yoomedia_tm.php index 26589b98ca..c5b3a4d8f9 100644 --- a/inc/modules/admin/what-list_yoomedia_tm.php +++ b/inc/modules/admin/what-list_yoomedia_tm.php @@ -55,13 +55,13 @@ if (isFormSent()) { // Prepare mail for delivery YOOMEDIA_PREPARE_MAIL_DELIVERY(REQUEST_POST_ARRAY()); return; -} elseif (REQUEST_ISSET_POST(('sent'))) { +} elseif (REQUEST_ISSET_POST('sent')) { // Sent mail YOOMEDIA_SEND_BONUS_MAIL(REQUEST_POST_ARRAY(), 'normal'); } elseif (REQUEST_ISSET_POST('remove')) { // Add mail to exclude list YOOMEDIA_EXCLUDE_MAIL(REQUEST_POST_ARRAY(), 'normal'); -} elseif (REQUEST_ISSET_POST(('unlist'))) { +} elseif (REQUEST_ISSET_POST('unlist')) { // Remove mail from exclude list YOOMEDIA_UNLIST_MAIL(REQUEST_POST_ARRAY(), 'normal'); } diff --git a/inc/modules/admin/what-lock_sponsor.php b/inc/modules/admin/what-lock_sponsor.php index 384fd186c7..281fd8800e 100644 --- a/inc/modules/admin/what-lock_sponsor.php +++ b/inc/modules/admin/what-lock_sponsor.php @@ -101,7 +101,7 @@ if (REQUEST_ISSET_GET('id')) { } // Create email link - define('__EMAIL_LINK', '{!__GENDER!} {!__SURNAME!} {!__FAMILY!}'); + define('__EMAIL_LINK', '{!__GENDER!} {!__SURNAME!} {!__FAMILY!}'); // Display form LOAD_TEMPLATE('admin_lock_sponsor'); diff --git a/inc/modules/admin/what-lock_user.php b/inc/modules/admin/what-lock_user.php index 7a05b88d12..435e1e1835 100644 --- a/inc/modules/admin/what-lock_user.php +++ b/inc/modules/admin/what-lock_user.php @@ -119,7 +119,7 @@ if (REQUEST_ISSET_GET('uid')) { $URL = ADMIN_CREATE_USERID_LINK(REQUEST_GET('uid')); } else { $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { @@ -131,7 +131,7 @@ if (REQUEST_ISSET_GET('uid')) { // Transfer data to constants for the template // @TODO Rewrite these all constants - define('__EMAIL', generateMemberEmailLink($email, 'user_data')); + define('__EMAIL', generateEmailLink($email, 'user_data')); define('__SNAME', $sname); define('__FNAME', $fname); define('__UID' , bigintval(REQUEST_GET('uid'))); diff --git a/inc/modules/admin/what-mem_add.php b/inc/modules/admin/what-mem_add.php index da8684ad91..4be4117ab8 100644 --- a/inc/modules/admin/what-mem_add.php +++ b/inc/modules/admin/what-mem_add.php @@ -53,11 +53,13 @@ if ((!REQUEST_ISSET_POST('title')) && (isFormSent())) { if (!isFormSent()) { // Create arrays - $menus = array(); $titles = array(); $below = array(); + $menus = array(); + $titles = array(); + $below = array(); // Get all available main menus - $result = SQL_QUERY("SELECT action, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort`", - __FILE__, __LINE__); + $result = SQL_QUERY("SELECT `action`, `title`, `sort` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort` ASC", + __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Read menu structure // @TODO Cant this be rewritten? @@ -77,7 +79,10 @@ if (!isFormSent()) { // Remove double eintries // @TODO This can be somehow rewritten to a function - $prev = ''; $dmy = $menus; $dmy2 = $titles; $dmy3 = $below; + $prev = ''; + $dmy = $menus; + $dmy2 = $titles; + $dmy3 = $below; foreach ($menus as $key => $value) { if ($value == $prev) { // Remove entries @@ -143,47 +148,47 @@ if (!isFormSent()) { foreach ($below as $key => $m) { if (is_array($m)) { foreach ($m as $key2 => $m2) { - $OUT .= " \n"; - } + } // END - foreach } else { - $OUT .= " \n"; + $OUT .= " \n"; } } $OUT .= ""; define('__BELOW_SELECTION' , $OUT); - define('__WHAT_SELECTION' , ADMIN_MAKE_MENU_SELECTION('member', 'what', "name")); - define('__ACTION_SELECTION', ADMIN_MAKE_MENU_SELECTION('member', 'action', "menu")); + define('__WHAT_SELECTION' , ADMIN_MAKE_MENU_SELECTION('member', 'what' , 'name')); + define('__ACTION_SELECTION', ADMIN_MAKE_MENU_SELECTION('member', 'action', 'menu')); // Display form - LOAD_TEMPLATE("admin_member_add"); + LOAD_TEMPLATE('admin_member_add'); } elseif (!IS_DEMO()) { // Insert new menu entry - if (REQUEST_ISSET_POST(('menu'))) { + if (REQUEST_ISSET_POST('menu')) { SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s','%s')", - array( - REQUEST_POST('menu'), - REQUEST_POST('name'), - REQUEST_POST('title'), - REQUEST_POST('visible'), - REQUEST_POST('active'), - bigintval(REQUEST_POST('sort')), - ), __FILE__, __LINE__); + array( + REQUEST_POST('menu'), + REQUEST_POST('name'), + REQUEST_POST('title'), + REQUEST_POST('visible'), + REQUEST_POST('active'), + bigintval(REQUEST_POST('sort')), + ), __FILE__, __LINE__); } else { SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_member_menu` (`action`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s')", - array( - REQUEST_POST('name'), - REQUEST_POST('title'), - REQUEST_POST('visible'), - REQUEST_POST('active'), - bigintval(REQUEST_POST('sort')), - ), __FILE__, __LINE__); + array( + REQUEST_POST('name'), + REQUEST_POST('title'), + REQUEST_POST('visible'), + REQUEST_POST('active'), + bigintval(REQUEST_POST('sort')), + ), __FILE__, __LINE__); } LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED')); } else { diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php index e629c93659..bca3aa16b7 100644 --- a/inc/modules/admin/what-memedit.php +++ b/inc/modules/admin/what-memedit.php @@ -40,7 +40,7 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); -} +} // END - if // Add description as navigation point ADD_DESCR('admin', __FILE__); @@ -51,7 +51,7 @@ $AND = "(`what` = '' OR `what` IS NULL)"; $SUB = ''; if (REQUEST_ISSET_GET('sub')) { $AND = sprintf("`action`='%s' AND `what` IS NOT NULL", REQUEST_GET('sub')); $SUB = REQUEST_GET('sub'); -} +} // END - if // Get count of (maybe) selected menu points $chk = 0; @@ -66,30 +66,33 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { foreach (REQUEST_POST('sel') as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `title`, `action`, `what` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($menu, $act, $wht, $descr) = SQL_FETCHROW($result); - SQL_FREERESULT($result); $content = array( 'cnt' => $cnt, 'sel' => $sel, 'menu' => $menu, 'sw' => $SW, - 'act' => ADMIN_MAKE_MENU_SELECTION('member', "act", "sel_act[".$sel."]", $act), + 'act' => ADMIN_MAKE_MENU_SELECTION('member', 'act' , 'sel_act[' . $sel . ']', $act), 'what' => ADMIN_MAKE_MENU_SELECTION('member', 'what', 'sel_what[' . $sel . ']', $wht), ); + // Load template - $OUT .= LOAD_TEMPLATE("admin_mmenu_edit_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_mmenu_edit_row', true, $content); } else { // Entry not found? $content = array( 'sw' => $SW, 'sel' => $sel ); - $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content); + + // Load template + $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } + SQL_FREERESULT($result); $SW = 3 - $SW; } } @@ -97,7 +100,7 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { define('__CNT_VALUE', $cnt); // Load template - LOAD_TEMPLATE("admin_mmenu_edit"); + LOAD_TEMPLATE('admin_mmenu_edit'); } elseif ((REQUEST_ISSET_POST('del')) && ($chk > 0) && (!IS_DEMO())) { // Del menu entries with or without confirmation define('__SUB_VALUE', $SUB); @@ -106,34 +109,38 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { foreach (REQUEST_POST('sel') as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `title` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($title) = SQL_FETCHROW($result); - SQL_FREERESULT($result); $content = array( 'cnt' => $cnt, 'sel' => $sel, 'title' => $title ); - $OUT .= LOAD_TEMPLATE("admin_mmenu_delete_row", true, $content); + + // Load template + $OUT .= LOAD_TEMPLATE('admin_mmenu_delete_row', true, $content); } else { // Entry not found? $content = array( 'sw' => $SW, 'sel' => $sel ); - $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content); + + // Load template + $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } - } - } + SQL_FREERESULT($result); + } // END - if + } // END - foreach define('__MENU_ROWS', $OUT); define('__CNT_VALUE', $cnt); // Load template - LOAD_TEMPLATE("admin_mmenu_delete"); -} elseif ((REQUEST_ISSET_POST(('status'))) && ($chk > 0) && (!IS_DEMO())) { + LOAD_TEMPLATE('admin_mmenu_delete'); +} elseif ((REQUEST_ISSET_POST('status')) && ($chk > 0) && (!IS_DEMO())) { // Change status (visible / locked) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); @@ -142,7 +149,7 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { if ($confirm == 1) { $cnt++; $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); + array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... list($menu, $vis, $locked) = SQL_FETCHROW($result); @@ -158,22 +165,23 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { // Load template $OUT .= LOAD_TEMPLATE('admin_menu_status_row', true, $content); - } - else - { + } else { // Entry not found? $content = array( 'sw' => $SW, 'sel' => $sel ); + + // Load template $OUT .= LOAD_TEMPLATE('admin_menu_404_row', true, $content); } $SW = 3 - $SW; - } - } + } // END - if + } // END - foreach define('__MENU_ROWS', $OUT); define('__CNT_VALUE', $cnt); - // + + // Load template LOAD_TEMPLATE('admin_mmenu_status'); } elseif ((isFormSent()) && (!IS_DEMO())) { // An act is done... @@ -181,72 +189,74 @@ if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) { $AND = "(`what` = '' OR `what` IS NULL)"; $sel = bigintval($sel); if (!empty($SUB)) $AND = "`action`='".$SUB."'"; - switch (REQUEST_POST('ok')) - { + switch (REQUEST_POST('ok')) { case 'edit': // Edit menu - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array($menu, REQUEST_POST('sel_act', $sel), REQUEST_POST('sel_what', $sel), $sel), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array($menu, REQUEST_POST('sel_act', $sel), REQUEST_POST('sel_what', $sel), $sel), __FILE__, __LINE__); break; case 'del': // Delete menu - SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", - array($sel), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array($sel), __FILE__, __LINE__); break; case 'status': // Change status of menus - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__); break; - } + } // END - switch break; - } + } // END - foreach // Load template LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED')); } else { - if ((REQUEST_ISSET_GET(('act'))) && (REQUEST_ISSET_GET(('tid'))) && (REQUEST_ISSET_GET(('fid')))) { + if ((REQUEST_ISSET_GET('act')) && (REQUEST_ISSET_GET('tid')) && (REQUEST_ISSET_GET('fid'))) { // Init $tid = ''; $fid = ''; // Get IDs - if (REQUEST_ISSET_GET(('w'))) { + if (REQUEST_ISSET_GET('w')) { // Sub menus selected $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { // Main menu selected $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", - array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); } if ((!empty($tid)) && (!empty($fid))) { // Sort menu SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__); SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__); } // END - -fi } if (!empty($SUB)) { // Edit sub menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT `id`, `action`, `what`, `title`, `sort` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC", __FILE__, __LINE__); } else { // Edit main menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort` ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT `id`, `action`, `what`, `title`, `sort` FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort` ASC", __FILE__, __LINE__); } + // Get total menu entries $max = SQL_NUMROWS($result); + + // Some are there? if ($max > 0) { // Set sub value // @TODO Rewrite this constant diff --git a/inc/modules/admin/what-sub_points.php b/inc/modules/admin/what-sub_points.php index 94f4f9ded8..d386f59b12 100644 --- a/inc/modules/admin/what-sub_points.php +++ b/inc/modules/admin/what-sub_points.php @@ -77,37 +77,37 @@ if (REQUEST_GET('uid') == "all") { LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ALL_POINTS_SUBTRACTED')); } else { // Display form add points - LOAD_TEMPLATE("admin_sub_points_all"); + LOAD_TEMPLATE('admin_sub_points_all'); } } elseif (REQUEST_ISSET_GET('uid')) { // User ID found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval(REQUEST_GET('uid'))),__FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", + array(bigintval(REQUEST_GET('uid'))),__FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Selected user does exist $content = SQL_FETCHARRAY($result); if ((isFormSent()) && (REQUEST_ISSET_POST(('points')))) { // Ok, add to used points and send an email to him... - SUB_POINTS("admin_single", bigintval(REQUEST_GET('uid')), REQUEST_POST('points')); + SUB_POINTS('admin_single', bigintval(REQUEST_GET('uid')), REQUEST_POST('points')); // Add more content $content['text'] = SQL_ESCAPE(REQUEST_POST('reason')); $content['points'] = bigintval(REQUEST_POST('points')); // Load email and send it away - $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval(REQUEST_GET('uid'))); + $msg = LOAD_EMAIL_TEMPLATE('sub-points', $content, bigintval(REQUEST_GET('uid'))); sendEmail($content['email'], getMessage('ADMIN_SUB_SUBJ'), $msg); // Output message LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_POINTS_SUBTRACTED')); } else { // @TODO Rewrite these constants - define('__USER_VALUE', "".$content['surname']." ".$content['family'].""); + define('__USER_VALUE', "".$content['surname']." ".$content['family'].""); define('__UID', bigintval(REQUEST_GET('uid'))); // Load form - LOAD_TEMPLATE("admin_sub_points"); + LOAD_TEMPLATE('admin_sub_points'); } } else { // User not found! diff --git a/inc/modules/admin/what-unlock_sponsor.php b/inc/modules/admin/what-unlock_sponsor.php index 4571d749fd..e5588721f4 100644 --- a/inc/modules/admin/what-unlock_sponsor.php +++ b/inc/modules/admin/what-unlock_sponsor.php @@ -167,12 +167,12 @@ WHERE `id`='%s' LIMIT 1", } // Add seperator - OUTPUT_HTML("
    "); + OUTPUT_HTML('
    '); } // Begin listing of all pending sponsor accounts $result = SQL_QUERY("SELECT - id, gender, surname, family, email, remote_addr, sponsor_created + `id`, `gender`, `surname`, `family`, `email`, `remote_addr`, `sponsor_created` FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE @@ -192,19 +192,19 @@ if (SQL_NUMROWS($result) > 0) { 'gender' => translateGender($content['gender']), 'surname' => $content['surname'], 'family' => $content['family'], - 'email' => "mailto:".$content['email'], + 'email' => generateEmailLink($content['email'], 'sponsor_data'), 'remote' => $content['remote_addr'], 'created' => generateDateTime($content['sponsor_created'], '2'), ); // Load row template and switch colors - $OUT .= LOAD_TEMPLATE("admin_unlock_sponsor_row", true, $content); + $OUT .= LOAD_TEMPLATE('admin_unlock_sponsor_row', true, $content); $SW = 3 - $SW; } define('__SPONSOR_ROWS', $OUT); // Load template - LOAD_TEMPLATE("admin_unlock_sponsor"); + LOAD_TEMPLATE('admin_unlock_sponsor'); } else { // No pending accounts found LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_SPONSOR_NONE_PENDING')); diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php index a90fc640de..7d858559dd 100644 --- a/inc/modules/admin/what-usage.php +++ b/inc/modules/admin/what-usage.php @@ -48,19 +48,19 @@ ADD_DESCR('admin', __FILE__); // Base directory (should be moved to database) $usage = getConfig('usage_base') . '/'; -if (REQUEST_ISSET_GET(('image'))) { +if (REQUEST_ISSET_GET('image')) { if (REQUEST_GET('type') == 'usage') { $FQFN = sprintf("%s%s/usage.png", - constant('PATH'), - getConfig('usage_base') + constant('PATH'), + getConfig('usage_base') ); } else { if (strpos(REQUEST_GET('image'), "\\") > 0) REQUEST_SET_GET('image', substr(REQUEST_GET('image'), 0, strpos(REQUEST_GET('image'), "\\"))); $FQFN = sprintf("%s%s/%s_usage_%s.png", - constant('PATH'), - getConfig('usage_base'), - REQUEST_GET(('type')), - REQUEST_GET(('image')) + constant('PATH'), + getConfig('usage_base'), + REQUEST_GET('type'), + REQUEST_GET('image') ); } @@ -71,16 +71,16 @@ if (REQUEST_ISSET_GET(('image'))) { imagedestroy($image); } shutdown(); -} elseif (!REQUEST_ISSET_GET(('usage'))) { +} elseif (!REQUEST_ISSET_GET('usage')) { $FQFN = sprintf("%s%s/index.html", - constant('PATH'), - getConfig('usage_base') + constant('PATH'), + getConfig('usage_base') ); } else { $FQFN = sprintf("%s%s/usage_%s.html", - constant('PATH'), - getConfig('usage_base'), - REQUEST_GET(('usage')) + constant('PATH'), + getConfig('usage_base'), + REQUEST_GET('usage') ); } @@ -93,14 +93,14 @@ if ((!empty($FQFN)) && (isFileReadable($FQFN))) { // Until here... // Replace URLs - $content = str_replace("usage.png", "{!URL!}/modules.php?module=admin&what=".getWhat()."&type=usage&image=usage", $content); - $content = str_replace("daily_usage_", "{!URL!}/modules.php?module=admin&what=".getWhat()."&type=daily&image=", $content); - $content = str_replace("hourly_usage_", "{!URL!}/modules.php?module=admin&what=".getWhat()."&type=hourly&image=", $content); - $content = str_replace("ctry_usage_", "{!URL!}/modules.php?module=admin&what=".getWhat()."&type=ctry&image=", $content); - $content = str_replace("usage_", "{!URL!}/modules.php?module=admin&what=".getWhat()."&usage=", str_replace(".html", '', $content)); + $content = str_replace('usage.png' , '{!URL!}/modules.php?module=admin&what='.getWhat().'&type=usage&image=usage', $content); + $content = str_replace('daily_usage_' , '{!URL!}/modules.php?module=admin&what='.getWhat().'&type=daily&image=' , $content); + $content = str_replace('hourly_usage_', '{!URL!}/modules.php?module=admin&what='.getWhat().'&type=hourly&image=' , $content); + $content = str_replace('ctry_usage_' , '{!URL!}/modules.php?module=admin&what='.getWhat().'&type=ctry&image=' , $content); + $content = str_replace('usage_' , '{!URL!}/modules.php?module=admin&what='.getWhat().'&usage=' , str_replace('.html', '', $content)); // Disabled due to too much trouble - //$content = str_replace("HREF=\'http://', "href=\"{!URL!}/modules.php?module=loader&url=http://", $content); + //$content = str_replace("HREF=\"http://", "href=\"{!URL!}/modules.php?module=loader&url=http://", $content); $test = strtolower($content); // Do we need to strip out above and including plus trailing tag? @@ -111,9 +111,7 @@ if ((!empty($FQFN)) && (isFileReadable($FQFN))) { } // END - if // Output code - OUTPUT_HTML("
    - ".$content." -
    "); + OUTPUT_HTML($content); } else { // Nothing to load, then we have no directory 'usage' LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_USAGE_DIRECTORY_404'), getConfig('usage_base'))); diff --git a/inc/modules/frametester.php b/inc/modules/frametester.php index bbe2c5a122..40060662c2 100644 --- a/inc/modules/frametester.php +++ b/inc/modules/frametester.php @@ -40,16 +40,16 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); -} +} // END - if $mode = 'guest'; -if (REQUEST_ISSET_GET(('order'))) { +if (REQUEST_ISSET_GET('order')) { // Order number placed, is he also logged in? if (IS_MEMBER()) { // Ok, test passed... :) - $result = SQL_QUERY_ESC("SELECT subject, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND sender=%s AND data_type='TEMP' LIMIT 1", - array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `subject`, `url` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1", + array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); // Finally is the entry valid? if (SQL_NUMROWS($result) == 1) { @@ -72,7 +72,7 @@ if (REQUEST_ISSET_GET(('order'))) { // He is no longer logged in redirectToUrl('modules.php?module=index&what=login'); } -} +} // END - if if ((REQUEST_ISSET_POST('url')) || (REQUEST_ISSET_GET('url')) || (REQUEST_ISSET_GET('frame'))) { // Default URL is ours diff --git a/inc/modules/guest/what-confirm.php b/inc/modules/guest/what-confirm.php index c59a6a5569..d790166aff 100644 --- a/inc/modules/guest/what-confirm.php +++ b/inc/modules/guest/what-confirm.php @@ -77,12 +77,12 @@ if (REQUEST_ISSET_GET('hash')) { // Ok, write the ref-points to this user and his parent-ref unset($GLOBALS['ref_level']); - // Shall I "pay" the referal points imidiately? + // Shall I 'pay' the referal points imidiately? if (getConfig('ref_payout') == '0') { - // Yes, "pay" it now + // Yes, 'pay' it now $locked = false; } else { - // No, "pay" it later + // No, 'pay' it later $locked = true; } diff --git a/inc/modules/guest/what-login.php b/inc/modules/guest/what-login.php index 6c10396024..56085111a2 100644 --- a/inc/modules/guest/what-login.php +++ b/inc/modules/guest/what-login.php @@ -62,7 +62,7 @@ $add = ''; if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) { // Maybe, then continue with it $uid = getUserId(); -} elseif ((REQUEST_ISSET_POST('id')) && (REQUEST_ISSET_POST(('password'))) && (isFormSent())) { +} elseif ((REQUEST_ISSET_POST('id')) && (REQUEST_ISSET_POST('password')) && (isFormSent())) { // Set userid and crypt password when login data was submitted if ((EXT_IS_ACTIVE('nickname')) && (NICKNAME_IS_ACTIVE(REQUEST_POST('id')))) { // Nickname entered @@ -71,7 +71,7 @@ if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) { // Direct userid entered $uid = bigintval(REQUEST_POST('id')); } -} elseif (REQUEST_ISSET_POST(('new_pass'))) { +} elseif (REQUEST_ISSET_POST('new_pass')) { // New password requested $uid = 0; if (REQUEST_ISSET_POST('id')) $uid = REQUEST_POST('id'); @@ -81,7 +81,7 @@ if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) { } // Set unset variables -if (!REQUEST_ISSET_POST(('new_pass'))) REQUEST_SET_POST('new_pass', ''); +if (!REQUEST_ISSET_POST('new_pass')) REQUEST_SET_POST('new_pass', ''); if (!REQUEST_ISSET_GET('login')) REQUEST_SET_GET('login' , ''); if (IS_MEMBER()) { @@ -93,7 +93,7 @@ if (IS_MEMBER()) { } elseif (isFormSent()) { // Try the login (see inc/libs/user_functions.php) $URL = USER_DO_LOGIN(REQUEST_POST('id'), REQUEST_POST('password')); -} elseif ((REQUEST_ISSET_POST(('new_pass'))) && (isset($uid))) { +} elseif ((REQUEST_ISSET_POST('new_pass')) && (isset($uid))) { // Try the userid/email lookup (see inc/libs/user_functions.php) $errorCode = USER_DO_NEW_PASSWORD(REQUEST_POST('email'), $uid); } diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php index 44790f134a..51470e2436 100644 --- a/inc/modules/guest/what-register.php +++ b/inc/modules/guest/what-register.php @@ -56,30 +56,33 @@ $shortPass = false; $cats = 0; $ipTimedOut = false; +/** + * @TODO Commented out, do we need this ugly code? if (!isFormSent()) REQUEST_UNSET_POST('ok'); -if (!REQUEST_ISSET_POST(('agree'))) REQUEST_SET_POST('agree' , ''); -if (!REQUEST_ISSET_POST(('addy'))) REQUEST_SET_POST('addy' , ''); -if (!REQUEST_ISSET_POST(('surname'))) REQUEST_SET_POST('surname' , ''); -if (!REQUEST_ISSET_POST(('family'))) REQUEST_SET_POST('family' , ''); +if (!REQUEST_ISSET_POST('agree')) REQUEST_SET_POST('agree' , ''); +if (!REQUEST_ISSET_POST('addy')) REQUEST_SET_POST('addy' , ''); +if (!REQUEST_ISSET_POST('surname')) REQUEST_SET_POST('surname' , ''); +if (!REQUEST_ISSET_POST('family')) REQUEST_SET_POST('family' , ''); if (!REQUEST_ISSET_POST('pass1')) REQUEST_SET_POST('pass1' , ''); if (!REQUEST_ISSET_POST('pass2')) REQUEST_SET_POST('pass2' , ''); -if (!REQUEST_ISSET_POST(('day'))) REQUEST_SET_POST('day' , ''); -if (!REQUEST_ISSET_POST(('month'))) REQUEST_SET_POST('month' , ''); -if (!REQUEST_ISSET_POST(('year'))) REQUEST_SET_POST('year' , ''); -if (!REQUEST_ISSET_POST(('max_mails'))) REQUEST_SET_POST('max_mails' , ''); -if (!REQUEST_ISSET_POST(('street_nr'))) REQUEST_SET_POST('street_nr' , ''); +if (!REQUEST_ISSET_POST('day')) REQUEST_SET_POST('day' , ''); +if (!REQUEST_ISSET_POST('month')) REQUEST_SET_POST('month' , ''); +if (!REQUEST_ISSET_POST('year')) REQUEST_SET_POST('year' , ''); +if (!REQUEST_ISSET_POST('max_mails')) REQUEST_SET_POST('max_mails' , ''); +if (!REQUEST_ISSET_POST('street_nr')) REQUEST_SET_POST('street_nr' , ''); if (!REQUEST_ISSET_POST('zip')) REQUEST_SET_POST('zip' , ''); -if (!REQUEST_ISSET_POST(('city'))) REQUEST_SET_POST('city' , ''); -if (!REQUEST_ISSET_POST(('cntry'))) REQUEST_SET_POST('cntry' , ''); -if (!REQUEST_ISSET_POST(('country_code'))) REQUEST_SET_POST('country_code', '1'); +if (!REQUEST_ISSET_POST('city')) REQUEST_SET_POST('city' , ''); +if (!REQUEST_ISSET_POST('cntry')) REQUEST_SET_POST('cntry' , ''); +if (!REQUEST_ISSET_POST('country_code')) REQUEST_SET_POST('country_code', '1'); +*/ // Default refid is zero REQUEST_SET_POST('refid', 0); if ($GLOBALS['refid'] > 0) { // Test if the refid is valid - $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); // Userid found? //* DEBUG: */ die("refid={$GLOBALS['refid']}/numRows=".SQL_NUMROWS($result).""); @@ -104,17 +107,17 @@ if (isFormSent()) { // Did he enter a valid email address? (we really don't care about // that, he has to click on a confirmation link :P ) - if ((!REQUEST_ISSET_POST(('addy'))) || (!isEmailValid(REQUEST_POST('addy')))) { + if ((!REQUEST_ISSET_POST('addy')) || (!isEmailValid(REQUEST_POST('addy')))) { REQUEST_SET_POST('addy', '!'); $isFailed = true; } // END - if // And what about surname and family's name? - if (!REQUEST_ISSET_POST(('surname'))) { + if (!REQUEST_ISSET_POST('surname')) { REQUEST_SET_POST('surname', '!'); $isFailed = true; } // END - if - if (!REQUEST_ISSET_POST(('family'))) { + if (!REQUEST_ISSET_POST('family')) { REQUEST_SET_POST('family', '!'); $isFailed = true; } // END - if @@ -288,16 +291,16 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF // Write his welcome-points $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_points` WHERE userid=%s AND ref_depth=0 LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); + array(bigintval($userid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Add only when the line was not found (maybe some more secure?) - $locked = "points"; + $locked = 'points'; if (getConfig('ref_payout') > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails! SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_points` (userid, ref_depth, ".$locked.") VALUES (%s,0,'%s')", - array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__); + array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__); // Update mediadata as well - if ((GET_EXT_VERSION('mediadata') >= '0.0.4') && ($locked == "points")) { + if ((GET_EXT_VERSION('mediadata') >= '0.0.4') && ($locked == 'points')) { // Update database MEDIA_UPDATE_ENTRY(array('total_points'), 'add', getConfig('points_register')); } // END - if diff --git a/inc/modules/guest/what-sponsor_reg.php b/inc/modules/guest/what-sponsor_reg.php index ce88fd80fb..153ae8d427 100644 --- a/inc/modules/guest/what-sponsor_reg.php +++ b/inc/modules/guest/what-sponsor_reg.php @@ -55,49 +55,49 @@ if (isFormSent()) { // Check submitted form data // // 1. Salutation / Surname / family name - if (!REQUEST_ISSET_POST(('gender'))) { + if (!REQUEST_ISSET_POST('gender')) { // Surname is empty $FORM_ERRORS[] = getMessage('SPONSOR_NO_GENDER_SELECTED'); - } + } // END - if - if (!REQUEST_ISSET_POST(('surname'))) { + if (!REQUEST_ISSET_POST('surname')) { // Surname is empty $FORM_ERRORS[] = getMessage('SPONSOR_SURNAME_IS_EMPTY'); - } + } // END - if - if (!REQUEST_ISSET_POST(('family'))) { + if (!REQUEST_ISSET_POST('family')) { // Surname is empty $FORM_ERRORS[] = getMessage('SPONSOR_FAMILY_IS_EMPTY'); - } + } // END - if // 2. Company name - // 012 3 32 23 4 43 3 4 4321 12 3 32 2 3 3210 - if (((!REQUEST_ISSET_POST(('company'))) && ((REQUEST_ISSET_POST(('tax_ident'))) || (REQUEST_ISSET_POST(('position'))))) || ((REQUEST_ISSET_POST(('company'))) && (!REQUEST_ISSET_POST(('tax_ident'))))) { - if (!REQUEST_ISSET_POST(('company'))) { + // 012 3 32 23 4 43 3 4 4321 12 3 32 2 3 3210 + if (((!REQUEST_ISSET_POST('company')) && ((REQUEST_ISSET_POST('tax_ident')) || (REQUEST_ISSET_POST('position')))) || ((REQUEST_ISSET_POST('company')) && (!REQUEST_ISSET_POST('tax_ident')))) { + if (!REQUEST_ISSET_POST('company')) { // Company name is empty $FORM_ERRORS[] = getMessage('SPONSOR_COMPANY_IS_EMPTY'); - } elseif (!REQUEST_ISSET_POST(('tax_ident'))) { + } elseif (!REQUEST_ISSET_POST('tax_ident')) { // Tax ident number name is empty $FORM_ERRORS[] = getMessage('SPONSOR_TAX_IDENT_IS_EMPTY'); } - if (!REQUEST_ISSET_POST(('position'))) { + if (!REQUEST_ISSET_POST('position')) { // Not fatal but not nice: position in company is empty $FORM_ERRORS[] = getMessage('SPONSOR_POSITION_IS_EMPTY'); - } - } + } // END - if + } // END - if // 3. Street and number - if (!REQUEST_ISSET_POST(('street_nr1'))) { + if (!REQUEST_ISSET_POST('street_nr1')) { // Street name and house number are empty $FORM_ERRORS[] = getMessage('SPONSOR_STREET_NR1_IS_EMPTY'); - } elseif ((REQUEST_ISSET_POST(('street_nr2'))) && (!REQUEST_ISSET_POST(('street_nr1')))) { + } elseif ((REQUEST_ISSET_POST('street_nr2')) && (!REQUEST_ISSET_POST('street_nr1'))) { // 1st line for street is empty, but 2nd line not $FORM_ERRORS[] = getMessage('SPONSOR_STREET_NR1_IS_EMPTY_2_NOT'); } // 4. Country code - if (!REQUEST_ISSET_POST(('country'))) { + if (!REQUEST_ISSET_POST('country')) { // Country code is empty $FORM_ERRORS[] = getMessage('SPONSOR_COUNTRY_IS_EMPTY'); } elseif (strlen(REQUEST_POST('country')) != 2) { @@ -116,16 +116,16 @@ if (isFormSent()) { } // 4. City - if (!REQUEST_ISSET_POST(('city'))) { + if (!REQUEST_ISSET_POST('city')) { // City is empty $FORM_ERRORS[] = getMessage('SPONSOR_CITY_IS_EMPTY'); - } + } // END - if // 5. Phone number - if (!REQUEST_ISSET_POST(('phone'))) { + if (!REQUEST_ISSET_POST('phone')) { // City is empty $FORM_ERRORS[] = getMessage('SPONSOR_PHONE_IS_EMPTY'); - } + } // END - if // 6. Homepage URL if (!REQUEST_ISSET_POST('url')) { @@ -138,7 +138,7 @@ if (isFormSent()) { } // 7. Light validation of email address - if ((!REQUEST_ISSET_POST('email')) || (REQUEST_POST('email') == "@")) { + if ((!REQUEST_ISSET_POST('email')) || (REQUEST_POST('email') == '@')) { // Email is invalid/empty $FORM_ERRORS[] = getMessage('SPONSOR_EMAIL_IS_INVALID'); } elseif (SPONSOR_FOUND_EMAIL_DB(REQUEST_POST('email'))) { @@ -148,22 +148,22 @@ if (isFormSent()) { } // 8. Pay type selected? - if (!REQUEST_ISSET_POST(('pay_type'))) { + if (!REQUEST_ISSET_POST('pay_type')) { // Not pay type selected $FORM_ERRORS[] = getMessage('SPONSOR_NO_PAYTYPE_SELECTED'); - } + } // END - if // 9. Interval of mails - if (!REQUEST_ISSET_POST(('warning_interval'))) { + if (!REQUEST_ISSET_POST('warning_interval')) { // No warning interval selected $FORM_ERRORS[] = getMessage('SPONSOR_NO_WARNING_INTERVAL_SELECTED'); - } + } // END - if // 10. Mail notifications disabled/enabled - if (!REQUEST_ISSET_POST(('receive_warnings'))) { + if (!REQUEST_ISSET_POST('receive_warnings')) { // Option not selected! $FORM_ERRORS[] = getMessage('SPONSOR_NO_RECEIVE_WARNINGS_SELECTED'); - } + } // END - if // Did he enter his password twice? if (((!REQUEST_ISSET_POST('pass1')) || (!REQUEST_ISSET_POST('pass2'))) || ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) && (REQUEST_ISSET_POST('pass1')) && (REQUEST_ISSET_POST('pass2')))) { @@ -187,10 +187,10 @@ if (isFormSent()) { } // Check if he has accepted the terms&conditions - if (!REQUEST_ISSET_POST(('terms'))) { + if (!REQUEST_ISSET_POST('terms')) { // Homepage URL is empty $FORM_ERRORS[] = getMessage('SPONSOR_TERMS_NOT_ACCEPTED'); - } + } // END - if // If there is something wrong/missing stop registration if (count($FORM_ERRORS) > 0) REQUEST_UNSET_POST('ok'); @@ -204,9 +204,10 @@ if ((isFormSent()) && (count($FORM_ERRORS) == 0)) { ); // Calulate points - $result = SQL_QUERY_ESC("SELECT (pay_rate * pay_min_count) AS points, pay_min_count AS pay, pay_currency AS curr + $result = SQL_QUERY_ESC("SELECT (`pay_rate` * `pay_min_count`) AS points, `pay_min_count` AS pay, `pay_currency` AS curr FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` -WHERE `id`='%s' LIMIT 1", array(REQUEST_POST('pay_type')), __FILE__, __LINE__); +WHERE `id`='%s' LIMIT 1", + array(REQUEST_POST('pay_type')), __FILE__, __LINE__); list($points, $pay, $curr) = SQL_FETCHROW($result); // Free memory @@ -222,12 +223,11 @@ WHERE `id`='%s' LIMIT 1", array(REQUEST_POST('pay_type')), __FILE__, __LINE__); $STATUS = SPONSOR_HANDLE_SPONSOR(REQUEST_POST_ARRAY(), true, $messageArray, true); // Check the status of the registration process - switch ($STATUS) - { - case "added": // Sponsor successfully added with account status = UNCONFIRMED! + switch ($STATUS) { + case 'added': // Sponsor successfully added with account status = UNCONFIRMED! // Check for his ID number - $result = SQL_QUERY_ESC("SELECT id, hash FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE email='%s' LIMIT 1", - array(REQUEST_POST('email')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `hash` FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE `email`='%s' LIMIT 1", + array(REQUEST_POST('email')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // ID found so let's load it for the confirmation email list($id, $hash) = SQL_FETCHROW($result); @@ -243,11 +243,11 @@ WHERE `id`='%s' LIMIT 1", array(REQUEST_POST('pay_type')), __FILE__, __LINE__); define('__PASSWORD' , REQUEST_POST('pass1')); // Generate email and send it to the new sponsor - $EMAIL_MSG = LOAD_EMAIL_TEMPLATE("sponsor_confirm", $hash); + $EMAIL_MSG = LOAD_EMAIL_TEMPLATE('sponsor_confirm', $hash); sendEmail(REQUEST_POST('email'), getMessage('SPONSOR_PLEASE_CONFIRM_SUBJ'), $EMAIL_MSG); // Send mail to admin - sendAdminNotification(getMessage('ADMIN_NEW_SPONSOR'), "admin_sponsor_reg", $hash); + sendAdminNotification(getMessage('ADMIN_NEW_SPONSOR'), 'admin_sponsor_reg', $hash); // Output message: DONE $message = $messageArray['added']; @@ -276,9 +276,9 @@ WHERE `id`='%s' LIMIT 1", array(REQUEST_POST('pay_type')), __FILE__, __LINE__); LOAD_TEMPLATE('admin_settings_saved', false, $message); } else { // Check for payment types - $result = SQL_QUERY("SELECT id, pay_name, pay_rate, pay_currency, pay_min_count + $result = SQL_QUERY("SELECT `id`, `pay_name`, `pay_rate`, `pay_currency`, `pay_min_count` FROM `{!_MYSQL_PREFIX!}_sponsor_paytypes` -ORDER BY pay_name", __FILE__, __LINE__); +ORDER BY `pay_name`", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Load all types... // @TODO Swap this HTML code to templates @@ -290,7 +290,7 @@ ORDER BY pay_name", __FILE__, __LINE__); $content['res'] = translateComma($content['pay_rate'] * $content['pay_min_count']); // Load row template and switch color - $OUT .= LOAD_TEMPLATE("guest_sponsor_payment_row", false, $content); + $OUT .= LOAD_TEMPLATE('guest_sponsor_payment_row', false, $content); $SW = 3 - $SW; } $OUT .= "\n"; @@ -319,8 +319,7 @@ ORDER BY pay_name", __FILE__, __LINE__); define('__URL' , COMPILE_CODE(REQUEST_POST('url'))); // Check for gender selection - switch (REQUEST_POST('gender')) - { + switch (REQUEST_POST('gender')) { case 'M': // Male define('__GENDER_M' , ' selected="selected"'); define('__GENDER_F' , ''); @@ -338,11 +337,10 @@ ORDER BY pay_name", __FILE__, __LINE__); define('__GENDER_F' , ''); define('__GENDER_C' , ' selected="selected"'); break; - } + } // END - if // Check for receive_warnings - switch (REQUEST_POST('receive_warnings')) - { + switch (REQUEST_POST('receive_warnings')) { case 'Y': define('__REC_Y' , ' selected="selected"'); define('__REC_N' , ''); @@ -352,7 +350,7 @@ ORDER BY pay_name", __FILE__, __LINE__); define('__REC_Y' , ''); define('__REC_N' , ' selected="selected"'); break; - } + } // END - if // Errors found $OUT = "

    @@ -394,7 +392,7 @@ ORDER BY pay_name", __FILE__, __LINE__); } // Prepare referal things - if (!REQUEST_ISSET_GET(('refid'))) { + if (!REQUEST_ISSET_GET('refid')) { // No referal link define('__SPONSOR_REFID', '0'); } else { @@ -403,7 +401,7 @@ ORDER BY pay_name", __FILE__, __LINE__); } // Display registration form - LOAD_TEMPLATE("guest_sponsor_reg"); + LOAD_TEMPLATE('guest_sponsor_reg'); } else { // Nothing added so far LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SPONSOR_PAYMENT_LIST_IS_EMPTY')); diff --git a/inc/modules/guest/what-top10.php b/inc/modules/guest/what-top10.php index b784135a09..569721e6d7 100644 --- a/inc/modules/guest/what-top10.php +++ b/inc/modules/guest/what-top10.php @@ -78,7 +78,7 @@ while ($content = SQL_FETCHARRAY($result)) { 'uid' => $content['userid'], 'nick' => $content['nickname'], 'logins' => $content['total_logins'], - 'points' => translateComma(GET_TOTAL_DATA($content['userid'], "user_points", "points")), + 'points' => translateComma(GET_TOTAL_DATA($content['userid'], 'user_points', 'points')), 'last' => generateDateTime($content['last_online'], '3'), ); @@ -99,7 +99,7 @@ if ($cnt < getConfig('top10_max')) { ); // Load row template - $OUT .= LOAD_TEMPLATE("guest_top10_empty5", true, $content); + $OUT .= LOAD_TEMPLATE('guest_top10_empty5', true, $content); $SW = 3 - $SW; } // END - for } // END - if @@ -153,7 +153,7 @@ while ($content = SQL_FETCHARRAY($result)) { ); // Load row template - $OUT .= LOAD_TEMPLATE("guest_top10_row_earner", true, $content); + $OUT .= LOAD_TEMPLATE('guest_top10_row_earner', true, $content); // Switch colors and count one up $SW = 3 - $SW; $cnt++; @@ -169,7 +169,7 @@ if ($cnt < getConfig('top10_max')) { ); // Load row template - $OUT .= LOAD_TEMPLATE("guest_top10_empty4", true, $content); + $OUT .= LOAD_TEMPLATE('guest_top10_empty4', true, $content); $SW = 3 - $SW; } // END - for } // END - if @@ -219,7 +219,7 @@ while ($content = SQL_FETCHARRAY($result)) { 'uid' => $content['userid'], 'refs' => $content['refs'], 'nick' => $content['nickname'], - 'points' => translateComma(GET_TOTAL_DATA($content['userid'], "user_points", "points")), + 'points' => translateComma(GET_TOTAL_DATA($content['userid'], 'user_points', 'points')), 'last' => generateDateTime($content['last_online'], '3') ); diff --git a/inc/modules/member/what-beg2.php b/inc/modules/member/what-beg2.php index f6ab9f729a..99ffbfe1cc 100644 --- a/inc/modules/member/what-beg2.php +++ b/inc/modules/member/what-beg2.php @@ -51,18 +51,28 @@ if (!defined('__SECURITY')) { ADD_DESCR('member', __FILE__); // Autopurge installed? -$lastOnline = "%s"; $ONLINE = ''; +$lastOnline = "%s"; +$ONLINE = ''; + if (EXT_IS_ACTIVE('autopurge')) { // Use last online timestamp to keep inactive members away from here $lastOnline = " AND `last_online` >= (UNIX_TIMESTAMP() - %s)"; $ONLINE = getConfig('ap_inactive_since'); -} +} // END - if -// Let's check if there are some points left we can "pay"... -$result = SQL_QUERY_ESC("SELECT userid, beg_points AS beg, last_online FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE beg_points > 0 AND `status`='CONFIRMED'".$lastOnline." -ORDER BY beg_points DESC, last_online DESC, userid LIMIT %s", -array($ONLINE, getConfig('beg_ranks')), __FILE__, __LINE__); +// Let's check if there are some points left we can 'pay'... +$result = SQL_QUERY_ESC("SELECT + `userid`, `beg_points` AS beg, `last_online` +FROM + `{!_MYSQL_PREFIX!}_user_data` +WHERE + `beg_points` > 0 AND `status`='CONFIRMED'".$lastOnline." +ORDER BY + `beg_points` DESC, `last_online` DESC, `userid` ASC LIMIT %s", + array( + $ONLINE, + getConfig('beg_ranks') + ), __FILE__, __LINE__); // Reset temporary variable and check for users $OUT = ''; @@ -80,14 +90,14 @@ if (SQL_NUMROWS($result) > 0) { ); // Load row template - $OUT .= LOAD_TEMPLATE("member_list_beg_row", true, $content); + $OUT .= LOAD_TEMPLATE('member_list_beg_row', true, $content); // Count one up and switch colors $cnt++; $SW = 3 - $SW; } } else { // No one is interested in our "active rallye" ! :-( - $OUT = LOAD_TEMPLATE("member_beg_404", true); + $OUT = LOAD_TEMPLATE('member_beg_404', true); } // Free memory @@ -97,7 +107,7 @@ SQL_FREERESULT($result); define('__BEG_ROWS', $OUT); // Load final template -LOAD_TEMPLATE("member_list_beg"); +LOAD_TEMPLATE('member_list_beg'); // ?> diff --git a/inc/modules/member/what-bonus.php b/inc/modules/member/what-bonus.php index 895a23c5fe..e99e0c64f0 100644 --- a/inc/modules/member/what-bonus.php +++ b/inc/modules/member/what-bonus.php @@ -73,12 +73,22 @@ if (EXT_IS_ACTIVE('autopurge')) { $ONLINE = getConfig('ap_inactive_since'); } -// Let's check if there are some points left we can "pay"... -$result = SQL_QUERY_ESC("SELECT userid, ".$USE." AS points, last_online FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE ".$USE." > 0 AND `status`='CONFIRMED'".$lastOnline." -ORDER BY points DESC, last_online DESC, userid +// Let's check if there are some points left we can 'pay'... +$result = SQL_QUERY_ESC("SELECT + `userid`, `".$USE."` AS points, `last_online` +FROM + `{!_MYSQL_PREFIX!}_user_data` +WHERE + `".$USE."` > 0 AND `status`='CONFIRMED'".$lastOnline." +ORDER BY + `points` DESC, + last_online DESC, + userid ASC LIMIT %s", -array($ONLINE, getConfig('bonus_ranks')), __FILE__, __LINE__); + array( + $ONLINE, + getConfig('bonus_ranks') + ), __FILE__, __LINE__); // Reset temporary variable and check for users $OUT = ''; @@ -96,14 +106,14 @@ if (SQL_NUMROWS($result) > 0) { ); // Load row template - $OUT .= LOAD_TEMPLATE("member_bonus_row", true, $content); + $OUT .= LOAD_TEMPLATE('member_bonus_row', true, $content); // Count one up and switch colors $cnt++; $SW = 3 - $SW; } } else { // No one is interested in our "active rallye" ! :-( - $OUT = LOAD_TEMPLATE("member_bonus_404", true); + $OUT = LOAD_TEMPLATE('member_bonus_404', true); } // Free memory @@ -113,7 +123,7 @@ SQL_FREERESULT($result); define('__BONUS_ROWS', $OUT); // Load final template -LOAD_TEMPLATE("member_bonus"); +LOAD_TEMPLATE('member_bonus'); // ?> diff --git a/inc/modules/member/what-nickname.php b/inc/modules/member/what-nickname.php index 7a61a8951c..ce052c1c1d 100644 --- a/inc/modules/member/what-nickname.php +++ b/inc/modules/member/what-nickname.php @@ -53,9 +53,9 @@ $isValid = false; if (isFormSent()) { // Nickname was submitted so let's check if it is not already in use - if (REQUEST_ISSET_POST(('nickname'))) { + if (REQUEST_ISSET_POST('nickname')) { // Check if nickname is valid - $PATTERN = "[".getConfig('nickname_pattern')."]{".getConfig('nickname_length').",}"; + $PATTERN = '[' . getConfig('nickname_pattern') . ']{' . getConfig('nickname_length') . ',}'; if (ereg($PATTERN, REQUEST_POST('nickname'), $array)) { // Entered nickname is valid? if ($array[0] == REQUEST_POST('nickname')) $isValid = true; @@ -65,12 +65,12 @@ if (isFormSent()) { if ($isValid === true) { // Look for nickname in database (we only need just one entry so don't worry about the "LIMIT 1" ! - $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' AND userid != '%s' LIMIT 1", - array(REQUEST_POST('nickname'), getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' AND `userid` != '%s' LIMIT 1", + array(REQUEST_POST('nickname'), getUserId()), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Nickname not in use, so set it now - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET nickname='%s' WHERE userid=%s LIMIT 1", - array(REQUEST_POST('nickname'), getUserId()), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `nickname`='%s' WHERE `userid`=%s LIMIT 1", + array(REQUEST_POST('nickname'), getUserId()), __FILE__, __LINE__); $content = getMessage('NICKNAME_SAVED'); } else { // Free result @@ -84,15 +84,16 @@ if ($isValid === true) { LOAD_TEMPLATE('admin_settings_saved', false, $content); } else { // Load current nickname + // @TODO Rewrite this constant define('__NICKNAME', NICKNAME_GET_NICK(getUserId())); // Do we have already submit the form? - if (REQUEST_ISSET_POST(('nickname'))) { + if (REQUEST_ISSET_POST('nickname')) { LOAD_TEMPLATE('admin_settings_saved', false, "

    {--NICKNAME_IS_INVALID--}= '0.1.3')) { // Holiday is active! @@ -96,10 +96,17 @@ if (($HOLIDAY == 'Y') && (GET_EXT_VERSION('holiday') >= '0.1.3')) { // Continue with the frametester, we first need to store the data temporary in the pool // // First we would like to store the data and get it's pool position back... - $result = SQL_QUERY_ESC("SELECT id, data_type -FROM `{!_MYSQL_PREFIX!}_pool` -WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1", - array(getUserId(), REQUEST_POST('url'), getConfig('url_tlock')), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id`, `data_type` +FROM + `{!_MYSQL_PREFIX!}_pool` +WHERE + `sender`=%s AND `url`='%s' AND `timestamp` > (UNIX_TIMESTAMP() - %s) +LIMIT 1", + array( + getUserId(), + REQUEST_POST('url'), + getConfig('url_tlock') + ), __FILE__, __LINE__); $type = 'TEMP'; $id = 0; if (SQL_NUMROWS($result) == 1) { @@ -134,7 +141,7 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1", // Shall I test the subject line against URLs? if (getConfig('test_subj') == 'Y') { // Check the subject line for issues - REQUEST_SET_POST('subject', str_replace("\\", "[nl]", substr(REQUEST_POST('subject'), 0, 200))); + REQUEST_SET_POST('subject', str_replace("\\", '[nl]', substr(REQUEST_POST('subject'), 0, 200))); if ((strpos(strtolower(REQUEST_POST('subject')), 'http://') > -1) || (strpos(strtolower(REQUEST_POST('subject')), "www") > -1)) { // URL in subject found $URL = 'modules.php?module=login&what=order&msg=' . getCode('SUBJ_URL'); @@ -152,7 +159,7 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1", list($blist) = SQL_FETCHROW($result); // Create redirect-URL - $URL = 'modules.php?module=login&what=order&msg=' . getCode('BLIST_URL')."&blist=".$blist; + $URL = 'modules.php?module=login&what=order&msg=' . getCode('BLIST_URL') . '&blist=' . $blist; } // END - if // Free result @@ -179,7 +186,7 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1", REQUEST_SET_POST('text', HTML_CHECK_TAGS(REQUEST_POST('text'))); // Maybe invalid tags found? - if (!REQUEST_ISSET_POST(('text'))) $URL = 'modules.php?module=login&what=order&msg=' . getCode('INVALID_TAGS')."&id=".$id; + if (!REQUEST_ISSET_POST('text')) $URL = 'modules.php?module=login&what=order&msg=' . getCode('INVALID_TAGS')."&id=".$id; } else { // Remove any HTML code REQUEST_SET_POST('text', str_replace('<', '{OPEN_HTML}', str_replace('>', '{CLOSE_HTML}', REQUEST_POST('text')))); @@ -200,17 +207,24 @@ WHERE sender=%s AND url='%s' AND timestamp > (UNIX_TIMESTAMP() - %s) LIMIT 1", } // END - if // Check for userids - $result = SQL_QUERY_ESC("SELECT DISTINCT c.userid FROM `{!_MYSQL_PREFIX!}_user_cats` AS c -LEFT JOIN `{!_MYSQL_PREFIX!}_user_data` AS d -ON c.userid=d.userid -WHERE c.cat_id=%s AND c.userid != '%s' AND d.`status`='CONFIRMED' AND d.receive_mails > 0".$add." -ORDER BY d.%s %s", - array( - bigintval(REQUEST_POST('cat')), - getUserId(), - getConfig('order_select'), - getConfig('order_mode'), - ), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT + c.userid +FROM + `{!_MYSQL_PREFIX!}_user_cats` AS c +LEFT JOIN + `{!_MYSQL_PREFIX!}_user_data` AS d +ON + c.userid=d.userid +WHERE + c.cat_id=%s AND c.userid != '%s' AND d.`status`='CONFIRMED' AND d.receive_mails > 0".$add." +ORDER BY + d.%s %s", + array( + bigintval(REQUEST_POST('cat')), + getUserId(), + getConfig('order_select'), + getConfig('order_mode'), + ), __FILE__, __LINE__); // Do we enougth receivers left? if (SQL_NUMROWS($result) >= REQUEST_POST('receiver')) { @@ -226,9 +240,14 @@ ORDER BY d.%s %s", while ($content = SQL_FETCHARRAY($result)) { if ($HOLIDAY) { // Check for his holiday status - $result_holiday = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_holidays` -WHERE userid=%s AND holiday_start < UNIX_TIMESTAMP() AND holiday_end > UNIX_TIMESTAMP() LIMIT 1", - array(bigintval($content['userid'])), __FILE__, __LINE__); + $result_holiday = SQL_QUERY_ESC("SELECT + `id` +FROM + `{!_MYSQL_PREFIX!}_user_holidays` +WHERE + `userid`=%s AND `holiday_start` < UNIX_TIMESTAMP() AND `holiday_end` > UNIX_TIMESTAMP() +LIMIT 1", + array(bigintval($content['userid'])), __FILE__, __LINE__); if (SQL_NUMROWS($result_holiday) == 1) $content['userid'] = 0; // Exclude user who are in holiday // Free memory @@ -252,8 +271,8 @@ WHERE userid=%s AND holiday_start < UNIX_TIMESTAMP() AND holiday_end > UNIX_TIME $MAX_SEND = count($TEST); // Update receiver list - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET receive_mails=receive_mails-1 WHERE userid IN (%s) LIMIT %s", - array(str_replace(';', ", ", $RECEIVER), $MAX_SEND), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `receive_mails`=`receive_mails`-1 WHERE `userid` IN (%s) LIMIT %s", + array(str_replace(';', ", ", $RECEIVER), $MAX_SEND), __FILE__, __LINE__); // Is calculated max receivers larger than wanted receivers then reset it if ($MAX_SEND > REQUEST_POST('receiver')) $MAX_SEND = REQUEST_POST('receiver'); @@ -273,103 +292,111 @@ WHERE userid=%s AND holiday_start < UNIX_TIMESTAMP() AND holiday_end > UNIX_TIME $id = 0; if (EXT_IS_ACTIVE('html_mail')) { // HTML extension is active - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (sender, subject, text, receivers, payment_id, data_type, timestamp, url, cat_id, target_send, zip, html_msg) + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`, `html_msg`) VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s','%s')", - array( - getUserId(), - REQUEST_POST('subject'), - REQUEST_POST('text'), - $RECEIVER, - bigintval(REQUEST_POST('type')), - $TIME, - REQUEST_POST('url'), - bigintval(REQUEST_POST('cat')), - $MAX_SEND, - bigintval(REQUEST_POST('zip')), - REQUEST_POST('html') - ), __FILE__, __LINE__); + array( + getUserId(), + REQUEST_POST('subject'), + REQUEST_POST('text'), + $RECEIVER, + bigintval(REQUEST_POST('type')), + $TIME, + REQUEST_POST('url'), + bigintval(REQUEST_POST('cat')), + $MAX_SEND, + bigintval(REQUEST_POST('zip')), + REQUEST_POST('html') + ), __FILE__, __LINE__); } else { // No HTML extension is active - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (sender, subject, text, receivers, payment_id, data_type, timestamp, url, cat_id, target_send, zip) + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`) VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s')", - array( - getUserId(), - REQUEST_POST('subject'), - REQUEST_POST('text'), - $RECEIVER, - bigintval(REQUEST_POST('type')), - $TIME, - REQUEST_POST('url'), - bigintval(REQUEST_POST('cat')), - $MAX_SEND, - bigintval(REQUEST_POST('zip')), - ), __FILE__, __LINE__); + array( + getUserId(), + REQUEST_POST('subject'), + REQUEST_POST('text'), + $RECEIVER, + bigintval(REQUEST_POST('type')), + $TIME, + REQUEST_POST('url'), + bigintval(REQUEST_POST('cat')), + $MAX_SEND, + bigintval(REQUEST_POST('zip')), + ), __FILE__, __LINE__); } } else { // Change current order if (EXT_IS_ACTIVE('html_mail')) { // HTML extension is active - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET -subject='%s', -text='%s', -receivers='%s', -payment_id=%s, -timestamp=UNIX_TIMESTAMP(), -url='%s', -cat_id=%s, -target_send=%s, -zip=%s, -html_msg='%s' -WHERE `id`=%s LIMIT 1", - array( - REQUEST_POST('subject'), - REQUEST_POST('text'), - $RECEIVER, - bigintval(REQUEST_POST('type')), - REQUEST_POST('url'), - bigintval(REQUEST_POST('cat')), - $MAX_SEND, - bigintval(REQUEST_POST('zip')), - REQUEST_POST('html'), - bigintval($id) - ), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE + `{!_MYSQL_PREFIX!}_pool` +SET + `subject`='%s', + `text`='%s', + `receivers`='%s', + `payment_id`=%s, + `timestamp`=UNIX_TIMESTAMP(), + `url`='%s', + `cat_id`=%s, + `target_send`=%s, + `zip`=%s, + `html_msg`='%s' +WHERE + `id`=%s +LIMIT 1", + array( + REQUEST_POST('subject'), + REQUEST_POST('text'), + $RECEIVER, + bigintval(REQUEST_POST('type')), + REQUEST_POST('url'), + bigintval(REQUEST_POST('cat')), + $MAX_SEND, + bigintval(REQUEST_POST('zip')), + REQUEST_POST('html'), + bigintval($id) + ), __FILE__, __LINE__); } else { // No HTML extension is active - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET -subject='%s', -text='%s', -receivers='%s', -payment_id=%s, -timestamp=UNIX_TIMESTAMP(), -url='%s', -cat_id=%s, -target_send=%s, -zip=%s -WHERE `id`=%s LIMIT 1", - array( - REQUEST_POST('subject'), - REQUEST_POST('text'), - $RECEIVER, - bigintval(REQUEST_POST('type')), - REQUEST_POST('url'), - bigintval(REQUEST_POST('cat')), - $MAX_SEND, - bigintval(REQUEST_POST('zip')), - bigintval($id) - ), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE + `{!_MYSQL_PREFIX!}_pool` +SET + `subject`='%s', + `text`='%s', + `receivers`='%s', + `payment_id`=%s, + `timestamp`=UNIX_TIMESTAMP(), + `url`='%s', + `cat_id`=%s, + `target_send`=%s, + `zip`=%s +WHERE + `id`=%s +LIMIT 1", + array( + REQUEST_POST('subject'), + REQUEST_POST('text'), + $RECEIVER, + bigintval(REQUEST_POST('type')), + REQUEST_POST('url'), + bigintval(REQUEST_POST('cat')), + $MAX_SEND, + bigintval(REQUEST_POST('zip')), + bigintval($id) + ), __FILE__, __LINE__); } } // Do we need to get the ID number? if ($id == 0) { // Order is placed as temporary. We need to get it's id for the frametester - $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_pool` WHERE sender=%s AND subject='%s' AND payment_id=%s AND data_type='TEMP' AND timestamp=%s LIMIT 1", - array( - getUserId(), - REQUEST_POST('subject'), - bigintval(REQUEST_POST('type')), - $TIME - ), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `sender`=%s AND `subject`='%s' AND `payment_id`=%s AND `data_type`='TEMP' AND `timestamp`=%s LIMIT 1", + array( + getUserId(), + REQUEST_POST('subject'), + bigintval(REQUEST_POST('type')), + $TIME + ), __FILE__, __LINE__); list($id) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -397,7 +424,13 @@ WHERE `id`=%s LIMIT 1", LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_ORDER_ALLOWED_EXHAUSTED')); } elseif (($links < getConfig('unconfirmed')) && ($mmails == '1')) { // Display order form - $result_cats = SQL_QUERY("SELECT id, cat FROM `{!_MYSQL_PREFIX!}_cats`".$whereStatement." ORDER BY `sort`", __FILE__, __LINE__); + $result_cats = SQL_QUERY("SELECT + `id`, `cat` +FROM + `{!_MYSQL_PREFIX!}_cats` +".$whereStatement." +ORDER BY + `sort` ASC", __FILE__, __LINE__); if (SQL_NUMROWS($result_cats) > 0) { if ($total > 0) { // Initialize array... @@ -422,8 +455,8 @@ WHERE `id`=%s LIMIT 1", $CATS['name'][] = $content['cat']; // Select users in current category - $result_uids = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE cat_id=%s AND userid != '%s' ORDER BY `userid` ASC", - array(bigintval($content['id']), getUserId()), __FILE__, __LINE__); + $result_uids = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE `cat_id`=%s AND `userid` != '%s' ORDER BY `userid` ASC", + array(bigintval($content['id']), getUserId()), __FILE__, __LINE__); $uid_cnt = 0; while (list($ucat) = SQL_FETCHROW($result_uids)) { @@ -431,12 +464,17 @@ WHERE `id`=%s LIMIT 1", $HOL_ACTIVE = false; if ($HOLIDAY) { // Check user's holiday status - $result_holiday = SQL_QUERY_ESC("SELECT DISTINCT d.userid FROM `{!_MYSQL_PREFIX!}_user_data` AS d -LEFT JOIN `{!_MYSQL_PREFIX!}_user_holidays` AS h -ON d.userid=h.userid -WHERE d.userid=%s AND d.receive_mails > 0 AND d.`status`='CONFIRMED' AND d.`holiday_active`='Y' -AND h.holiday_start < UNIX_TIMESTAMP() AND h.holiday_end > UNIX_TIMESTAMP() -LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); + $result_holiday = SQL_QUERY_ESC("SELECT + d.userid FROM `{!_MYSQL_PREFIX!}_user_data` AS d +LEFT JOIN + `{!_MYSQL_PREFIX!}_user_holidays` AS h +ON + d.userid=h.userid +WHERE + d.userid=%s AND d.receive_mails > 0 AND d.`status`='CONFIRMED' AND d.`holiday_active`='Y' AND + h.holiday_start < UNIX_TIMESTAMP() AND h.holiday_end > UNIX_TIMESTAMP() +LIMIT 1", + array(bigintval($ucat)), __FILE__, __LINE__); if (SQL_NUMROWS($result_holiday) == 1) { // Holiday is active! $HOL_ACTIVE = true; @@ -448,8 +486,8 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); if (!$HOL_ACTIVE) { // Check if the user want's to receive mails? - $result_ver = SQL_QUERY_ESC("SELECT zip FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s".$HTML." AND receive_mails > 0 AND `status`='CONFIRMED' LIMIT 1", - array(bigintval($ucat)), __FILE__, __LINE__); + $result_ver = SQL_QUERY_ESC("SELECT `zip` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s".$HTML." AND `receive_mails` > 0 AND `status`='CONFIRMED' LIMIT 1", + array(bigintval($ucat)), __FILE__, __LINE__); if ((SQL_NUMROWS($result_ver) == 1) && (REQUEST_ISSET_POST('zip')) && (getConfig('order_multi_page') == 'Y')) { list($zip) = SQL_FETCHROW($result_ver); @@ -474,40 +512,39 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); SQL_FREERESULT($result_cats); // Now we need to load the mail types... - $result = SQL_QUERY("SELECT id, price, payment, mail_title FROM `{!_MYSQL_PREFIX!}_payments` ORDER BY payment", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT `id`, `price`, `payment`, `mail_title` FROM `{!_MYSQL_PREFIX!}_payments` ORDER BY `payment` ASC", __FILE__, __LINE__); $typeS = array(); if (SQL_NUMROWS($result) > 0) { // Check for message ID in URL $message = ''; - switch (REQUEST_GET('msg')) - { + switch (REQUEST_GET('msg')) { case getCode('URL_TLOCK'): $result = SQL_QUERY_ESC("SELECT timestamp FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1", - array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__); - // Load timestamp from last order - list($LORDER) = SQL_FETCHROW($result); - $LORDER = generateDateTime($LORDER, '1'); + // Load timestamp from last order + list($LORDER) = SQL_FETCHROW($result); + $LORDER = generateDateTime($LORDER, '1'); - // Free memory - SQL_FREERESULT($result); + // Free memory + SQL_FREERESULT($result); - // Calculate hours... - $STD = round(getConfig('url_tlock') / 60 / 60); + // Calculate hours... + $STD = round(getConfig('url_tlock') / 60 / 60); - // Minutes... - $MIN = round((getConfig('url_tlock') - $STD * 60 * 60) / 60); + // Minutes... + $MIN = round((getConfig('url_tlock') - $STD * 60 * 60) / 60); - // And seconds - $SEC = getConfig('url_tlock') - $STD * 60 * 60 - $MIN * 60; + // And seconds + $SEC = getConfig('url_tlock') - $STD * 60 * 60 - $MIN * 60; - // Finally contruct the message - // @TODO Rewrite this old lost code to a template - $message = "{--MEMBER_URL_TIME_LOCK--}
    {--CONFIG_URL_TLOCK--} ".$STD." + // Finally contruct the message + // @TODO Rewrite this old lost code to a template + $message = "{--MEMBER_URL_TIME_LOCK--}
    {--CONFIG_URL_TLOCK--} ".$STD." {--_HOURS--}, ".$MIN." {--_MINUTES--} {--_AND--} ".$SEC." {--_SECONDS--}
    {--MEMBER_LAST_TLOCK--}: ".$LORDER; - break; + break; case getCode('OVERLENGTH'): $message = getMessage('MEMBER_TEXT_OVERLENGTH'); @@ -560,7 +597,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown error code %s detected.", REQUEST_GET('msg'))); $message = sprintf(getMessage('UNKNOWN_CODE'), REQUEST_GET('msg')); break; - } + } // END - switch if (!empty($message)) { // We got system message so we drop it out to the user @@ -579,8 +616,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); $total = translateComma($total); // Check how many mail orders he has placed today and how many he's allowed to send - switch (getConfig('order_max_full')) - { + switch (getConfig('order_max_full')) { case 'MAX': // He is allowed to send as much as possible define('ORDER_MAX_VALUE', getMessage('MEMBER_ORDER_ALLOWED_MAX')); break; @@ -593,17 +629,23 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown order_mas_full config detected.", getConfig('order_max_full'))); define('ORDER_MAX_VALUE', getMessage('MEMBER_ORDER_ALLOWED_UNKNOWN')); break; - } + } // END - switch // Load final template - LOAD_TEMPLATE("member_order_points", false, $total); + LOAD_TEMPLATE('member_order_points', false, $total); // Reset variables $OLD_ORDER = false; $subject = ''; $text = ''; $target = ''; // Check if we already have an order placed and make it editable - $result = SQL_QUERY_ESC("SELECT subject, text, payment_id, timestamp, url, target_send, cat_id, zip FROM `{!_MYSQL_PREFIX!}_pool` WHERE sender=%s AND data_type='TEMP' LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT + `subject`, `text`, `payment_id`, `timestamp`, `url`, `target_send`, `cat_id`, `zip` +FROM + `{!_MYSQL_PREFIX!}_pool` +WHERE + `sender`=%s AND `data_type`='TEMP' +LIMIT 1", + array(getUserId()), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Old order found @@ -622,7 +664,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); // Free result SQL_FREERESULT($result); - if ((REQUEST_ISSET_POST(('data'))) || ((getConfig('order_multi_page') != 'Y') && ((!IS_ADMIN()) && (!EXT_IS_ACTIVE('html_mail'))))) { + if ((REQUEST_ISSET_POST('data')) || ((getConfig('order_multi_page') != 'Y') && ((!IS_ADMIN()) && (!EXT_IS_ACTIVE('html_mail'))))) { // Pre-output categories $CAT = ''; foreach ($CATS['id'] as $key => $value) { @@ -653,7 +695,7 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); if (REQUEST_ISSET_POST('zip')) { // Output entered ZIP code - define('ZIP_OUTPUT', LOAD_TEMPLATE("member_order-zip2", true, REQUEST_POST('zip'))); + define('ZIP_OUTPUT', LOAD_TEMPLATE('member_order-zip', true, REQUEST_POST('zip'))); } else { define('ZIP_OUTPUT', " "); } @@ -661,21 +703,21 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); // HTML extension if ((EXT_IS_ACTIVE('html_mail')) && (REQUEST_POST('html') == 'Y')) { // Extension is active so output valid HTML tags - define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_ext", true, HTML_ADD_VALID_TAGS())); + define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE('member_order-html_ext', true, HTML_ADD_VALID_TAGS())); } else { // Extension not active and/or class not uploaded define('MEMBER_HTML_EXTENSION', " /"); } // Output form for page 2 - LOAD_TEMPLATE("member_order_page2"); + LOAD_TEMPLATE('member_order_page2'); } else { // Remember maybe entered ZIP code in constant $add = ''; if (EXT_IS_ACTIVE('html_mail')) { // Add some content when html extension is active if ((getConfig('order_multi_page') == 'Y') || (IS_ADMIN())) $add = " \n"; - define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE("member_order-html_intro", true)); + define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE('member_order-html_intro', true)); } else { // No HTML extension installed define('MEMBER_HTML_EXTENSION', ""); @@ -695,14 +737,14 @@ LIMIT 1", array(bigintval($ucat)), __FILE__, __LINE__); 'add' => $add ); } - define('MEMBER_ZIP_CONTENT', LOAD_TEMPLATE("member_order-zip1", true, $content)); + define('MEMBER_ZIP_CONTENT', LOAD_TEMPLATE('member_order-zip1', true, $content)); } else { // No define('MEMBER_ZIP_CONTENT', ''); } // Output form for page 1 (ZIP code or HTML) - LOAD_TEMPLATE("member_order_page1"); + LOAD_TEMPLATE('member_order_page1'); } } else { // No mail types defined diff --git a/inc/modules/member/what-primera.php b/inc/modules/member/what-primera.php index deff292584..00181aafac 100644 --- a/inc/modules/member/what-primera.php +++ b/inc/modules/member/what-primera.php @@ -57,10 +57,11 @@ if ((getConfig('primera_api_name') == '') || (getConfig('primera_api_md5') == '' // Something important is missing... LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PRIMERA_MEMBER_API_DATA_MISSING')); return; -} +} // END - if // Init the content array and points -$content = array(); $points = false; +$content = array(); +$points = false; // Is the mode set (payout only) if (!REQUEST_ISSET_GET('mode')) { @@ -68,8 +69,8 @@ if (!REQUEST_ISSET_GET('mode')) { $content['refid'] = getConfig(('primera_refid')); // Get Primus id - $result = SQL_QUERY_ESC("SELECT primera_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `primera_userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); // Are there some entries? if (SQL_NUMROWS($result) == 1) { @@ -83,11 +84,11 @@ if (!REQUEST_ISSET_GET('mode')) { // Is there an ID? if ((!empty($content['primera_nickname'])) && (!REQUEST_ISSET_GET('mode'))) { // Then use an other "mode" - REQUEST_SET_GET('mode', "list"); + REQUEST_SET_GET('mode', 'list'); // And load all rows! $result = SQL_QUERY_ESC("SELECT `id`,`primera_account`,`primera_amount`,`primera_timestamp`,`primera_type` FROM `{!_MYSQL_PREFIX!}_user_primera` WHERE `userid` = %s ORDER BY `primera_timestamp` DESC", - array(getUserId()), __FILE__, __LINE__); + array(getUserId()), __FILE__, __LINE__); // Load all rows $content['rows'] = ''; $SW = 2; @@ -111,12 +112,13 @@ if (!REQUEST_ISSET_GET('mode')) { SQL_FREERESULT($result); } else { // Mode pay - REQUEST_SET_GET('mode', "pay"); + REQUEST_SET_GET('mode', 'pay'); } } // END - if -if (REQUEST_GET('mode') == "pay") { + +if (REQUEST_GET('mode') == 'pay') { // Get total points and check if the user can request a payout - $points = GET_TOTAL_DATA(getUserId(), "user_points", "points") - GET_TOTAL_DATA(getUserId(), "user_data", "used_points"); + $points = GET_TOTAL_DATA(getUserId(), 'user_points', 'points') - GET_TOTAL_DATA(getUserId(), 'user_data', 'used_points'); // No dots here... $points = explode('.', $points); @@ -133,13 +135,13 @@ if (REQUEST_GET('mode') == "pay") { } // Add points to content array - $content['points'] = $points; - $content['min_points'] = translateComma(getConfig('primera_min_payout')); + $content['points'] = $points; + $content['min_points'] = translateComma(getConfig('primera_min_payout')); // Get Primera id $content['primera_nickname'] = ''; - $result = SQL_QUERY_ESC("SELECT primera_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `primera_userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); // Are there some entries? if (SQL_NUMROWS($result) == 1) { @@ -159,7 +161,7 @@ if (REQUEST_GET('mode') == "pay") { if ((isFormSent()) && (REQUEST_ISSET_GET('mode'))) { // Check input data depending on the mode and execute the requested mode switch (REQUEST_GET('mode')) { - case "pay": // Payout this exchange -> Primus + case 'pay': // Payout this exchange -> Primus // Is the user ID and password set? if (!REQUEST_ISSET_POST(('primera_nickname'))) { // Nothing entered in Primus nickname @@ -186,23 +188,23 @@ if ((isFormSent()) && (REQUEST_ISSET_GET('mode'))) { // Default is locked! $locked = true; - // Shall I "pay" the referal points imidiately? + // Shall I 'pay' the referal points imidiately? if (getConfig('ref_payout') == '0') { - // Yes, "pay" it now + // Yes, 'pay' it now $locked = false; } // END - if // Remove points from account - SUB_POINTS("primera_payout", getUserId(), REQUEST_POST('amount')); + SUB_POINTS('primera_payout', getUserId(), REQUEST_POST('amount')); // Update primera nickname - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `primera_userid`=%s WHERE userid=%s LIMIT 1", - array(REQUEST_POST('primera_nickname'), getUserId()), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `primera_userid`=%s WHERE `userid`=%s LIMIT 1", + array(REQUEST_POST('primera_nickname'), getUserId()), __FILE__, __LINE__); // All done! LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PRIMERA_MEMBER_PAYOUT_DONE')); return; - } elseif ((GET_PRIMERA_ERROR_CODE() == "user_failed") || (GET_PRIMERA_ERROR_CODE() == "own_failed") || (GET_PRIMERA_ERROR_CODE() == "amount_failed") || (GET_PRIMERA_ERROR_CODE() == "api_amount_failed")) { + } elseif ((GET_PRIMERA_ERROR_CODE() == 'user_failed') || (GET_PRIMERA_ERROR_CODE() == 'own_failed') || (GET_PRIMERA_ERROR_CODE() == 'amount_failed') || (GET_PRIMERA_ERROR_CODE() == 'api_amount_failed')) { // Wrong login data LOAD_TEMPLATE('admin_settings_saved', false, GET_PRIMERA_ERROR_MESSAGE()); } else { diff --git a/inc/modules/member/what-refback.php b/inc/modules/member/what-refback.php index 75ebc94133..6ca744e646 100644 --- a/inc/modules/member/what-refback.php +++ b/inc/modules/member/what-refback.php @@ -62,7 +62,7 @@ ADD_DESCR('member', __FILE__); // Was the form submitted? if ((REQUEST_ISSET_POST('edit')) && (REQUEST_ISSET_POST('id'))) { // Okay, has the user entered some values? - if (REQUEST_ISSET_POST(('percents'))) { + if (REQUEST_ISSET_POST('percents')) { // Revert german commta for testing $percents = convertCommaToDot(REQUEST_POST('percents')); diff --git a/inc/modules/member/what-themes.php b/inc/modules/member/what-themes.php index 45194c5b2f..1c52abe930 100644 --- a/inc/modules/member/what-themes.php +++ b/inc/modules/member/what-themes.php @@ -50,9 +50,9 @@ if (!defined('__SECURITY')) { // Add description as navigation point ADD_DESCR('member', __FILE__); -if (REQUEST_ISSET_POST(('member_theme'))) { +if (REQUEST_ISSET_POST('member_theme')) { // Save theme to member's profile - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET curr_theme='%s' WHERE userid=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `curr_theme`='%s' WHERE `userid`=%s LIMIT 1", array(REQUEST_POST('member_theme'), getUserId()), __FILE__, __LINE__); // Set new theme for guests diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index c094189b33..0b41f30802 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -62,13 +62,12 @@ $mode = ''; if (REQUEST_ISSET_GET('mode')) $mode = REQUEST_GET('mode'); // Check for "faker" -if (($opt_in == 'N') && ($mode == "new")) $mode = ''; +if (($opt_in == 'N') && ($mode == 'new')) $mode = ''; -switch ($mode) -{ - case "new": // Start new transfer +switch ($mode) { + case 'new': // Start new transfer // Get total points and subtract the balance amount from it = maximum transferable points - $total = GET_TOTAL_DATA(getUserId(), "user_points", "points") - GET_TOTAL_DATA(getUserId(), "user_data", "used_points"); + $total = GET_TOTAL_DATA(getUserId(), 'user_points', 'points') - GET_TOTAL_DATA(getUserId(), 'user_data', 'used_points'); // Remember maximum value for template define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5)); @@ -88,24 +87,24 @@ switch ($mode) $valid_pass = ($pass == generateHash(REQUEST_POST('password'), $pass)); // Test transfer amount - $valid_amount = ((REQUEST_ISSET_POST(('points'))) && (REQUEST_POST('points') <= constant('__TRANSFER_MAX_VALUE'))); + $valid_amount = ((REQUEST_ISSET_POST('points')) && (REQUEST_POST('points') <= constant('__TRANSFER_MAX_VALUE'))); // Test reason for transfer - $valid_reason = (REQUEST_ISSET_POST(('reason'))); + $valid_reason = (REQUEST_ISSET_POST('reason')); // Test if a recipient is selected $valid_recipient = (REQUEST_POST('to_uid') > 0); // Check for nickname extension and set additional data - $nick = false; $add = ", userid"; + $nick = false; $add = ', `userid`'; if (EXT_IS_ACTIVE('nickname')) { - $add = ", nickname"; + $add = ', `nickname`'; $nick = true; } // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$add." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid IN ('%s','%s') AND `status`='CONFIRMED' ORDER BY userid LIMIT 2", - array(getUserId(), bigintval(REQUEST_POST('to_uid'))), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `userid`, `gender`, `surname`, `family`, `email`".$add." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid` IN ('%s','%s') AND `status`='CONFIRMED' ORDER BY `userid` ASC LIMIT 2", + array(getUserId(), bigintval(REQUEST_POST('to_uid'))), __FILE__, __LINE__); $valid_data = (SQL_NUMROWS($result) == 2); if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { @@ -174,11 +173,11 @@ switch ($mode) define('__TRANS_ID', bigintval(generateRandomCode("10", mt_rand(0, 99999), getUserId(), REQUEST_POST('reason')))); // Add entries to both tables - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_in` (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", - array(bigintval(REQUEST_POST('to_uid')), getUserId(), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID), + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_in` (`userid`, `from_uid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + array(bigintval(REQUEST_POST('to_uid')), getUserId(), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID), __FILE__, __LINE__); - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_out` (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", - array(getUserId(), bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID), + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_out` (`userid`, `to_uid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + array(getUserId(), bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID), __FILE__, __LINE__); // Add points to account *directly* ... @@ -232,11 +231,11 @@ switch ($mode) // Load member list if (EXT_IS_ACTIVE('nickname')) { // Load userid and nickname - $result = SQL_QUERY_ESC("SELECT userid, nickname FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY `userid` ASC", + $result = SQL_QUERY_ESC("SELECT `userid`, `nickname` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND `opt_in`='Y' AND `userid` != '%s' ORDER BY `userid` ASC", array(getUserId()), __FILE__, __LINE__); } else { // Load only userid - $result = SQL_QUERY_ESC("SELECT userid, userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY `userid` ASC", + $result = SQL_QUERY_ESC("SELECT `userid`, `userid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND `opt_in`='Y' AND `userid` != '%s' ORDER BY `userid` ASC", array(getUserId()), __FILE__, __LINE__); } @@ -305,7 +304,7 @@ switch ($mode) switch ($mode) { case 'list_in': - $sql = "SELECT trans_id, from_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); + $sql = "SELECT `trans_id`, `from_uid`, `points`, `reason`, `time_trans` FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT ".getConfig('transfer_max'); // @TODO Rewrite these constants $NOTHING = getMessage('TRANSFER_NO_INCOMING_TRANSFERS'); define('__TRANSFER_SUM', getMessage('TRANSFER_TOTAL_INCOMING')); @@ -313,7 +312,7 @@ switch ($mode) break; case 'list_out': - $sql = "SELECT trans_id, to_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); + $sql = "SELECT `trans_id`, `to_uid`, `points`, `reason`, `time_trans` FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT ".getConfig('transfer_max'); // @TODO Rewrite these constants $NOTHING = getMessage('TRANSFER_NO_OUTGOING_TRANSFERS'); define('__TRANSFER_SUM', getMessage('TRANSFER_TOTAL_OUTGOING')); @@ -371,13 +370,13 @@ switch ($mode) LOAD_TEMPLATE('member_transfer_list'); break; - case 'list_all': // List all transactions - // We fill a temporary table with data from both tables. This is much easier - // to code and unstand by you as sub-SELECT queries. I know this is not the - // fastest way but it shall be fine for now. - // - // First of all create the temporary table - $result = SQL_QUERY("CREATE TEMPORARY TABLE `{!_MYSQL_PREFIX!}_transfers_tmp` ( + case 'list_all': // List all transactions + // We fill a temporary table with data from both tables. This is much easier + // to code and unstand by you as sub-SELECT queries. I know this is not the + // fastest way but it shall be fine for now. + // + // First of all create the temporary table + $result = SQL_QUERY("CREATE TEMPORARY TABLE `{!_MYSQL_PREFIX!}_transfers_tmp` ( trans_id VARCHAR(12) NOT NULL DEFAULT '', party_uid BIGINT(20) UNSIGNED NOT NULL DEFAULT '0', points BIGINT(20) UNSIGNED NOT NULL DEFAULT '0', @@ -387,168 +386,170 @@ trans_type ENUM('IN','OUT') NOT NULL DEFAULT 'IN', KEY(party_uid) ) TYPE=HEAP", __FILE__, __LINE__); - // Let's begin with the incoming list - $result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s ORDER BY `id` LIMIT %s", - array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) { - $DATA[] = 'IN'; - $DATA = implode("','", $DATA); - $res_temp = SQL_QUERY("INSERT INTO `{!_MYSQL_PREFIX!}_transfers_tmp` (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); - } + // Let's begin with the incoming list + $result = SQL_QUERY_ESC("SELECT `trans_id`, `from_uid`, `points`, `reason`, `time_trans` FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE `userid`=%s ORDER BY `id` ASC LIMIT %s", + array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { + $DATA[] = 'IN'; + $DATA = implode("','", $DATA); + $res_temp = SQL_QUERY("INSERT INTO `{!_MYSQL_PREFIX!}_transfers_tmp` (`trans_id`, `party_uid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('".$DATA."')", __FILE__, __LINE__); + } - // Free memory - SQL_FREERESULT($result); + // Free memory + SQL_FREERESULT($result); - // As the last table transfer data from outgoing table to temporary - $result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s ORDER BY `id` LIMIT %s", - array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) { - $DATA[] = 'OUT'; - $DATA = implode("','", $DATA); - $res_temp = SQL_QUERY("INSERT INTO `{!_MYSQL_PREFIX!}_transfers_tmp` (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); - } + // As the last table transfer data from outgoing table to temporary + $result = SQL_QUERY_ESC("SELECT `trans_id`, `to_uid`, `points`, `reason`, `time_trans` FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE `userid`=%s ORDER BY `id` LIMIT %s", + array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { + $DATA[] = 'OUT'; + $DATA = implode("','", $DATA); + $res_temp = SQL_QUERY("INSERT INTO `{!_MYSQL_PREFIX!}_transfers_tmp` (`trans_id`, `party_uid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('".$DATA."')", __FILE__, __LINE__); + } // END - while - // Free memory - SQL_FREERESULT($result); + // Free memory + SQL_FREERESULT($result); - $total = 0; - if (SQL_NUMROWS($result) > 0) { - // Search for entries - $result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM `{!_MYSQL_PREFIX!}_transfers_tmp` ORDER BY time_trans DESC", - __FILE__, __LINE__); - - // Output rows - $OUT = ''; $SW = 2; - while ($content = SQL_FETCHARRAY($result)) { - // Rewrite points - if ($content['trans_type'] == 'OUT') $content['points'] = '-'.$content['points'].""; - - // Prepare content for template - $content['sw'] = $SW; - $content['time'] = generateDateTime($content['time_trans'], '3'); - $content['points'] = translateComma($content['points']); - - // Load row template - $OUT .= LOAD_TEMPLATE("member_transfer_row", true, $content); - - // Add points and switch color - $total += $content['points']; - $SW = 3 - $SW; - } // END - while - - // Free memory - SQL_FREERESULT($result); - } else { - // Nothing for in and out - $OUT = " + $total = 0; + if (SQL_NUMROWS($result) > 0) { + // Search for entries + $result = SQL_QUERY("SELECT `party_uid`, `trans_id`, `points`, `reason`, `time_trans`, `trans_type` FROM `{!_MYSQL_PREFIX!}_transfers_tmp` ORDER BY `time_trans` DESC", + __FILE__, __LINE__); + + // Output rows + $OUT = ''; $SW = 2; + while ($content = SQL_FETCHARRAY($result)) { + // Rewrite points + if ($content['trans_type'] == 'OUT') $content['points'] = '-'.$content['points'].""; + + // Prepare content for template + $content['sw'] = $SW; + $content['time'] = generateDateTime($content['time_trans'], '3'); + $content['points'] = translateComma($content['points']); + + // Load row template + $OUT .= LOAD_TEMPLATE('member_transfer_row', true, $content); + + // Add points and switch color + $total += $content['points']; + $SW = 3 - $SW; + } // END - while + + // Free memory + SQL_FREERESULT($result); + } else { + // Nothing for in and out + $OUT = " ".LOAD_TEMPLATE('admin_settings_saved', true, getMessage('TRANSFER_NO_INOUT_TRANSFERS'))." "; - } + } + + // ... and add them to a constant for the template + // @TODO Rewrite all these constants + define('__TRANSFER_ROWS', $OUT); - // ... and add them to a constant for the template - // @TODO Rewrite all these constants - define('__TRANSFER_ROWS', $OUT); + // Remeber total amount + define('__TRANSFER_TOTAL_VALUE', $total); - // Remeber total amount - define('__TRANSFER_TOTAL_VALUE', $total); + // Set title + define('__TRANSFER_TITLE', getMessage('TRANSFER_LIST_ALL')); - // Set title - define('__TRANSFER_TITLE', getMessage('TRANSFER_LIST_ALL')); + // Set "balance" word + define('__TRANSFER_SUM', getMessage('TRANSFER_TOTAL_BALANCE')); - // Set "balance" word - define('__TRANSFER_SUM', getMessage('TRANSFER_TOTAL_BALANCE')); + // Load final template + LOAD_TEMPLATE('member_transfer_list'); - // Load final template - LOAD_TEMPLATE('member_transfer_list'); + // At the end we don't need a temporary table in memory + $result = SQL_QUERY("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_transfers_tmp`", __FILE__, __LINE__); - // At the end we don't need a temporary table in memory - $result = SQL_QUERY("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_transfers_tmp`", __FILE__, __LINE__); + // Free some memory... + SQL_FREERESULT($result); + break; - // Free some memory... - SQL_FREERESULT($result); - break; + case '': // Overview page + // Check incoming transfers + $total = GET_TOTAL_DATA(getUserId(), 'user_transfers_in', 'id', 'userid', true); + if ($total > 0) { + define('__TRANSFER_IN_LINK', "".$dmy.""); + } else { + define('__TRANSFER_IN_LINK', $dmy); + } - case '': // Overview page - // Check incoming transfers - $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s", array(getUserId()), __FILE__, __LINE__); - list($dmy) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + // Check outgoing transfers + $dmy = GET_TOTAL_DATA(getUserId(), 'user_transfers_out', 'id', 'userid', true); - $total=$dmy; - if ($dmy > 0) { - define('__TRANSFER_IN_LINK', "".$dmy.""); - } else { - define('__TRANSFER_IN_LINK', $dmy); - } + // Add to total amount + $total += $dmy; - // Check outgoing transfers - $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s", array(getUserId()), __FILE__, __LINE__); - list($dmy) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + if ($dmy > 0) { + define('__TRANSFER_OUT_LINK', "".$dmy.""); + } else { + define('__TRANSFER_OUT_LINK', $dmy); + } - $total+=$dmy; - if ($dmy > 0) { - define('__TRANSFER_OUT_LINK', "".$dmy.""); - } else { - define('__TRANSFER_OUT_LINK', $dmy); - } + // Total transactions + if ($total > 0) { + define('__TRANSFER_ALL_LINK', "".$total.""); + } else { + define('__TRANSFER_ALL_LINK', $total); + } - // Total transactions - if ($total > 0) { - define('__TRANSFER_ALL_LINK', "".$total.""); - } else { - define('__TRANSFER_ALL_LINK', $total); - } + if (isFormSent()) { + // Save settings + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `opt_in`='%s' WHERE `userid`=%s LIMIT 1", + array(REQUEST_POST('opt_in'), getUserId()), __FILE__, __LINE__); + + // Rember for next switch() command + $opt_in = REQUEST_POST('opt_in'); + + // "Settings saved..." + LOAD_TEMPLATE('admin_settings_saved', false, "
    {--SETTINGS_SAVED--}
    "); + } // END - if + + switch ($opt_in) { + case 'Y': + define('__TRANSFER_ALLOW_Y', ' checked="checked"'); + define('__TRANSFER_ALLOW_N', ''); + define('__TRANSFER_NEW_LINK', "{--TRANSFER_NOW_LINK--}"); + break; - if (isFormSent()) { - // Save settings - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1", - array(REQUEST_POST('opt_in'), getUserId()), __FILE__, __LINE__); - - // Rember for next switch() command - $opt_in = REQUEST_POST('opt_in'); - - // "Settings saved..." - LOAD_TEMPLATE('admin_settings_saved', false, "
    {--SETTINGS_SAVED--}
    "); - } // END - if - - switch ($opt_in) { - case 'Y': - define('__TRANSFER_ALLOW_Y', ' checked="checked"'); - define('__TRANSFER_ALLOW_N', ''); - define('__TRANSFER_NEW_LINK', "{--TRANSFER_NOW_LINK--}"); - break; - - case 'N': - define('__TRANSFER_ALLOW_Y', ''); - define('__TRANSFER_ALLOW_N', ' checked="checked"'); - define('__TRANSFER_NEW_LINK', getMessage('TRANSFER_PLEASE_ALLOW_OPT_IN')); - break; - } // END - switch - - // Check for latest out-transfers - $result = SQL_QUERY_ESC("SELECT time_trans -FROM `{!_MYSQL_PREFIX!}_user_transfers_out` -WHERE time_trans > (UNIX_TIMESTAMP() - %s) AND `userid`=%s -ORDER BY time_trans DESC + case 'N': + define('__TRANSFER_ALLOW_Y', ''); + define('__TRANSFER_ALLOW_N', ' checked="checked"'); + define('__TRANSFER_NEW_LINK', getMessage('TRANSFER_PLEASE_ALLOW_OPT_IN')); + break; + } // END - switch + + // Check for latest out-transfers + $result = SQL_QUERY_ESC("SELECT + `time_trans` +FROM + `{!_MYSQL_PREFIX!}_user_transfers_out` +WHERE + `time_trans` > (UNIX_TIMESTAMP() - %s) AND `userid`=%s +ORDER BY + `time_trans` DESC LIMIT 1", - array(getConfig('transfer_timeout'), getUserId()), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) { - // Load template - define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true)); - } else { - // Load newest transaction - list($newest) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - define('__TRANSFER_SETTINGS_CONTENT', sprintf(getMessage('TRANSFER_LATEST_IS'), generateDateTime($newest, '3'))); - } + array(getConfig('transfer_timeout'), getUserId()), __FILE__, __LINE__); + if (SQL_NUMROWS($result) == 0) { + // Load template + define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE('member_transfer_settings', true)); + } else { + // Load newest transaction + list($newest) = SQL_FETCHROW($result); + define('__TRANSFER_SETTINGS_CONTENT', sprintf(getMessage('TRANSFER_LATEST_IS'), generateDateTime($newest, '3'))); + } - // Load template - LOAD_TEMPLATE("member_transfer_overview"); - break; -} + // Free result + SQL_FREERESULT($result); + + // Load template + LOAD_TEMPLATE('member_transfer_overview'); + break; +} // END - switch // ?> diff --git a/inc/modules/order.php b/inc/modules/order.php index 01ec35f272..2f5219392d 100644 --- a/inc/modules/order.php +++ b/inc/modules/order.php @@ -47,7 +47,7 @@ if (!defined('__SECURITY')) { } elseif (!IS_MEMBER()) { // Sorry, no guest access! $URL = 'modules.php?module=index'; -} elseif (!REQUEST_ISSET_GET(('order'))) { +} elseif (!REQUEST_ISSET_GET('order')) { // You cannot call this module directly! $URL = 'modules.php?module=login&what=order'; } @@ -68,45 +68,35 @@ if (empty($URL)) { } // Update sending pool - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET data_type='%s' WHERE `id`=%s AND sender=%s AND data_type='TEMP' LIMIT 1", - array($type, bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET `data_type`='%s' WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1", + array($type, bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); // Finally is the entry valid? if (SQL_AFFECTEDROWS() == 1) { - // Load personal data... - $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - list($gender, $sname, $fname, $email) = SQL_FETCHROW($result); + // @TODO Unused: 2,4 + // Load mail again... 0 1 2 3 4 5 6 7 + $result = SQL_QUERY_ESC("SELECT `subject`, `text`, `receivers`, `payment_id`, `timestamp`, `url`, cat_id`, `target_send` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND `sender`=%s LIMIT 1", + array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); + $content = SQL_FETCHARRAY($result); SQL_FREERESULT($result); - - // Load mail again... 0 1 2 3 4 5 6 7 - $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND sender=%s LIMIT 1", - array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__); - $DATA = SQL_FETCHROW($result); - SQL_FREERESULT($result); - if (empty($DATA[0])) $DATA[0] = getMessage('DEFAULT_SUBJECT_LINE'); + if (empty($content['subject'])) $content['subject'] = getMessage('DEFAULT_SUBJECT_LINE'); // Calculate used points - $USED = $DATA[7] * getPaymentPoints($DATA[3]); + $USED = $content['target_send'] * getPaymentPoints($content['payment_id']); // Update used points $add = ''; if (getConfig('order_max_full') == 'ORDER') $add = ', mail_orders=mail_orders+1'; SUB_POINTS('order', getUserId(), $USED); - // Prepare content - $content = array( - 'blocks' => getConfig('max_send'), - 'subject' => $DATA[0], - 'text' => $DATA[1], - 'payment' => getPaymentTitlePrice($DATA[3]), - 'category' => getCategory($DATA[6]), - 'url' => $DATA[5] - ); + // Compile content + $content['block'] = getConfig('max_send'); + $content['payment'] = getPaymentTitlePrice($content['payment_id']); + $content['category'] = getCategory($content['cat_id']); // Send an email to the user $msg_mem = LOAD_EMAIL_TEMPLATE('order-member', $content, getUserId()); - sendEmail($email, getMessage('MEMBER_NEW_QUEUE'), $msg_mem); + sendEmail(getUserId(), getMessage('MEMBER_NEW_QUEUE'), $msg_mem); // Notify admins about this sendAdminNotification(getMessage('ADMIN_NEW_QUEUE'), 'order-admin', $content, getUserId()); @@ -122,5 +112,5 @@ if (empty($URL)) { redirectToUrl($URL); } -// +// [EOF] ?> diff --git a/inc/modules/sponsor/account.php b/inc/modules/sponsor/account.php index 7a3ada0af4..078d7f6e1f 100644 --- a/inc/modules/sponsor/account.php +++ b/inc/modules/sponsor/account.php @@ -65,7 +65,7 @@ if (SQL_NUMROWS($result) == 1) { // Check if form was submitted or not if (isFormSent()) { // Check passwords - if (!REQUEST_ISSET_POST(('pass_old'))) { + if (!REQUEST_ISSET_POST('pass_old')) { // No current password entered $message = getMessage('SPONSOR_NO_CURRENT_PASSWORD_ENTERED'); } elseif (md5(REQUEST_POST('pass_old')) != getSession('sponsorpass')) { diff --git a/inc/modules/sponsor/settings.php b/inc/modules/sponsor/settings.php index 84c91655f1..5fadab96fb 100644 --- a/inc/modules/sponsor/settings.php +++ b/inc/modules/sponsor/settings.php @@ -60,7 +60,7 @@ if (SQL_NUMROWS($result) == 1) { // Check if form was submitted or not if (isFormSent()) { // Check passwords - if (!REQUEST_ISSET_POST(('password'))) { + if (!REQUEST_ISSET_POST('password')) { // No current password entered $message = SPONSOR_NO_CURRENT_PASSWORD_ENTERED; } elseif (md5(REQUEST_POST('password')) != getSession('sponsorpass')) { diff --git a/inc/monthly/monthly_beg.php b/inc/monthly/monthly_beg.php index d56d0108ba..2dd0f14d07 100644 --- a/inc/monthly/monthly_beg.php +++ b/inc/monthly/monthly_beg.php @@ -55,30 +55,32 @@ $curr = date('m', time()); if (($curr != getConfig('last_month')) && (getConfig('last_month') > 0) && (getConfig('beg_ranks') > 0) && (getOutputMode() != 1)) { // Extension 'autopurge' is inactive or purging of inactive accounts is deactivated $whereStatement1 = ''; - $whereStatement2 = getConfig(('beg_ranks')); // Shall we exclude webmaster's own userid? if ((getConfig('beg_include_own') != 'Y') && (getConfig('beg_uid') > 0)) { // Exclude it - $whereStatement1 = sprintf(" AND userid != %s", getConfig(('beg_uid'))); + $whereStatement1 = sprintf(" AND `userid` != %s", getConfig('beg_uid')); } // END - if - // Let's check if there are some points left we can "pay"... + // Let's check if there are some points left we can 'pay'... if (EXT_IS_ACTIVE('autopurge')) { // Use last online stamp only when autopurge for inactive members is activated if ((getConfig('ap_inactive_since') > 0) && (getConfig('beg_active') == 'Y')) { // Okay, include last online timestamp - $whereStatement1 .= sprintf(" AND `last_online` >= (UNIX_TIMESTAMP() - %s)", getConfig(('ap_inactive_since')));; + $whereStatement1 .= sprintf(" AND `last_online` >= (UNIX_TIMESTAMP() - %s)", getConfig('ap_inactive_since')); } // END - if } // END - if // SQL string to check for accounts - $result_main = SQL_QUERY_ESC("SELECT userid, email, gender, surname, family, beg_points AS points -FROM `{!_MYSQL_PREFIX!}_user_data` -WHERE `status`='CONFIRMED'".$whereStatement1." AND beg_points > 0 -ORDER BY beg_points DESC, userid + $result_main = SQL_QUERY_ESC("SELECT `userid`, `email`, `gender`, `surname`, `family`, `beg_points` AS points +FROM + `{!_MYSQL_PREFIX!}_user_data` +WHERE + `status`='CONFIRMED'" . $whereStatement1 . " AND `beg_points` > 0 +ORDER BY + `beg_points` DESC, `userid` ASC LIMIT %s", - array($whereStatement2), __FILE__, __LINE__); + array(getConfig('beg_ranks')), __FILE__, __LINE__); if (SQL_NUMROWS($result_main) > 0) { // Load our winners... @@ -91,12 +93,12 @@ LIMIT %s", $content['points'] = translateComma($content['points']); // Load email template and email it away - $msg = LOAD_EMAIL_TEMPLATE("member_beg", $content, bigintval($content['userid'])); + $msg = LOAD_EMAIL_TEMPLATE('member_beg', $content, bigintval($content['userid'])); sendEmail($content['email'], getMessage('BEG_MONTHLY_RALLYE'), $msg); } // END - while // Reset accounts - $result = SQL_QUERY("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_points=0.00000 WHERE beg_points > 0", __FILE__, __LINE__); + $result = SQL_QUERY("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `beg_points`=0.00000 WHERE `beg_points` > 0", __FILE__, __LINE__); } // END - if // Free memory diff --git a/inc/monthly/monthly_bonus.php b/inc/monthly/monthly_bonus.php index 026bbd20a2..06ea9acb00 100644 --- a/inc/monthly/monthly_bonus.php +++ b/inc/monthly/monthly_bonus.php @@ -54,7 +54,7 @@ $curr = date('m', time()); if (($curr != getConfig('last_month')) && (getConfig('bonus_ranks') > 0) && (getOutputMode() != 1)) { // Extension 'autopurge' is inactive or purging of inactive accounts is deactivated $whereStatement1 = "WHERE `status`='CONFIRMED'"; - $whereStatement2 = getConfig(('bonus_ranks')); + $whereStatement2 = getConfig('bonus_ranks'); // Shall I keep inactive members away from here? (mostly wanted in an "active-rallye" ...) if (EXT_IS_ACTIVE('autopurge')) { @@ -62,28 +62,32 @@ if (($curr != getConfig('last_month')) && (getConfig('bonus_ranks') > 0) && (get if (getConfig('ap_inactive_since') > 0) { // Okay, include last online timestamp $whereStatement1 = sprintf("WHERE `status`='CONFIRMED' AND `last_online` >= (UNIX_TIMESTAMP() - %s)", getConfig('ap_inactive_since')); - $whereStatement2 = getConfig(('bonus_ranks')); + $whereStatement2 = getConfig('bonus_ranks'); } // END - if } // END - if // Add more bonus points here $add = ''; - if (getConfig('bonus_click_yn') == 'Y') $add .= " + turbo_bonus"; - if (getConfig('bonus_login_yn') == 'Y') $add .= " + login_bonus"; - if (getConfig('bonus_order_yn') == 'Y') $add .= " + bonus_order"; - if (getConfig('bonus_stats_yn') == 'Y') $add .= " + bonus_stats"; - if (getConfig('bonus_ref_yn') == 'Y') $add .= " + bonus_ref"; + // @TODO Rewrite this to a filter + if (getConfig('bonus_click_yn') == 'Y') $add .= " + `turbo_bonus`"; + if (getConfig('bonus_login_yn') == 'Y') $add .= " + `login_bonus`"; + if (getConfig('bonus_order_yn') == 'Y') $add .= " + `bonus_order`"; + if (getConfig('bonus_stats_yn') == 'Y') $add .= " + `bonus_stats`"; + if (getConfig('bonus_ref_yn') == 'Y') $add .= " + `bonus_ref`"; // Shall we add some entries? if (!empty($add)) { - $whereStatement1 .= " AND (0".$add.") > 0"; + $whereStatement1 .= " AND (0" . $add . ") > 0"; } // END - if // Run SQL string to check for accounts - $result_main = SQL_QUERY_ESC("SELECT userid, email, gender, surname, family, (0".$add.") AS points -FROM `{!_MYSQL_PREFIX!}_user_data` + $result_main = SQL_QUERY_ESC("SELECT `userid`, `email`, `gender`, `surname`, `family`, (0".$add.") AS points +FROM + `{!_MYSQL_PREFIX!}_user_data` ".$whereStatement1."".$add." -ORDER BY points DESC, userid +ORDER BY + `points` DESC, + `userid` ASC LIMIT %s", array($whereStatement2), __FILE__, __LINE__); diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index b9eee9d477..39238bf8d5 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -1102,22 +1102,22 @@ function GET_TOTAL_DATA ($search, $tableName, $lookFor = 'id', $whereStatement = if ($countRows === true) { // Count whole table $result = SQL_QUERY_ESC("SELECT COUNT(`%s`) FROM `{!_MYSQL_PREFIX!}_%s`".$add, - array($lookFor, $tableName), __FUNCTION__, __LINE__); + array($lookFor, $tableName), __FUNCTION__, __LINE__); } else { // Sum whole table $result = SQL_QUERY_ESC("SELECT SUM(`%s`) FROM `{!_MYSQL_PREFIX!}_%s`".$add, - array($lookFor, $tableName), __FUNCTION__, __LINE__); + array($lookFor, $tableName), __FUNCTION__, __LINE__); } } elseif (($countRows === true) || ($lookFor == 'userid')) { // Count rows //* DEBUG: */ echo "COUNT!
    \n"; $result = SQL_QUERY_ESC("SELECT COUNT(`%s`) FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`='%s'".$add, - array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__); + array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__); } else { // Add all rows //* DEBUG: */ echo "SUM!
    \n"; $result = SQL_QUERY_ESC("SELECT SUM(`%s`) FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`='%s'".$add, - array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__); + array($lookFor, $tableName, $whereStatement, $search), __FUNCTION__, __LINE__); } // Load row @@ -1298,7 +1298,7 @@ function ADD_POINTS_REFSYSTEM ($subject, $uid, $points, $send_notify = false, $r // And sent it away sendEmail($email, getMessage('SUBJECT_DIRECT_PAYMENT'), $msg); - if (!REQUEST_ISSET_GET(('mid'))) LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_POINTS_ADDED')); + if (!REQUEST_ISSET_GET('mid')) LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_POINTS_ADDED')); } // Maybe there's another ref? @@ -1327,21 +1327,21 @@ function updateReferalCounter ($uid) { //* DEBUG: */ print __FUNCTION__."(".__LINE__."):uid={$uid},level={$GLOBALS['cache_array']['ref_level'][$uid]}
    \n"; // Update counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_refsystem` SET counter=counter+1 WHERE userid=%s AND level='%s' LIMIT 1", - array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_refsystem` SET `counter`=`counter`+1 WHERE `userid`=%s AND `level`='%s' LIMIT 1", + array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FUNCTION__, __LINE__); // When no entry was updated then we have to create it here //* DEBUG: */ print __FUNCTION__."(".__LINE__."):updated=".SQL_AFFECTEDROWS()."
    \n"; if (SQL_AFFECTEDROWS() < 1) { // First count! - SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_refsystem` (userid, level, counter) VALUES (%s,%s,1)", - array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_refsystem` (`userid`, `level`, `counter`) VALUES (%s,%s,1)", + array(bigintval($uid), $GLOBALS['cache_array']['ref_level'][$uid]), __FUNCTION__, __LINE__); //* DEBUG: */ print __FUNCTION__."(".__LINE__."):uid={$uid}
    \n"; } // END - if // Check for his referal - $result = SQL_QUERY_ESC("SELECT refid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($uid)), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `refid` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(bigintval($uid)), __FUNCTION__, __LINE__); // Load refid list($ref) = SQL_FETCHROW($result); @@ -1374,7 +1374,7 @@ function updateReferalCounter ($uid) { // because we need it when there is no ext-admins installed function SEND_ADMIN_EMAILS ($subj, $msg) { // Load all admin email addresses - $result = SQL_QUERY("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id` ASC", __FUNCTION__, __LINE__); + $result = SQL_QUERY("SELECT `email` FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id` ASC", __FUNCTION__, __LINE__); while ($content = SQL_FETCHARRAY($result)) { // Send the email out sendEmail($content['email'], $subj, $msg); diff --git a/inc/wrapper-functions.php b/inc/wrapper-functions.php index 7c721976e4..6ccafda627 100644 --- a/inc/wrapper-functions.php +++ b/inc/wrapper-functions.php @@ -434,7 +434,7 @@ function isNicknameUsed ($userid) { $isUsed = $GLOBALS['cache_probe_nicknames'][$userid]; } else { // Determine it - $isUsed = ((EXT_IS_ACTIVE('nickname')) && ((''.round($userid).'') != $userid)); + $isUsed = ((EXT_IS_ACTIVE('nickname')) && (('' . round($userid) . '') != $userid)); // And write it to the cache $GLOBALS['cache_probe_nicknames'][$userid] = $isUsed; diff --git a/mailid_top.php b/mailid_top.php index e7eccc98c6..951e60d491 100644 --- a/mailid_top.php +++ b/mailid_top.php @@ -118,7 +118,7 @@ if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors if ($ltype == 'BONUS') $sender = 0; // Is the user's ID unlocked? - $result = SQL_QUERY_ESC("SELECT status, gender, surname, family, ref_payout FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT status, gender, surname, family, ref_payout FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", array($url_uid), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load data @@ -129,7 +129,7 @@ if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors if ($status == 'CONFIRMED') { // Update last activity - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET last_online=UNIX_TIMESTAMP(), `last_module`='mailid_top' WHERE userid=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET last_online=UNIX_TIMESTAMP(), `last_module`='mailid_top' WHERE `userid`=%s LIMIT 1", array($url_uid), __FILE__, __LINE__); // User has confirmed his account so we can procede... @@ -228,13 +228,13 @@ if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors // @TODO Rewrite these blocks to filter if (GET_EXT_VERSION('user') >= '0.1.2') { // Update counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE userid=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1", array($url_uid), __FILE__, __LINE__); // Update random confirmed as well? if (GET_EXT_VERSION('user') >= '0.3.4') { // Update second counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE userid=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE `userid`=%s LIMIT 1", array($url_uid), __FILE__, __LINE__); } // END - if } // END - if @@ -256,8 +256,8 @@ if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors } // END - if // Count down ref_payout value - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET ref_payout=ref_payout-1 WHERE userid=%s AND ref_payout > 0 LIMIT 1", - array($url_uid), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `ref_payout`=`ref_payout`-1 WHERE `userid`=%s AND `ref_payout` > 0 LIMIT 1", + array($url_uid), __FILE__, __LINE__); // Add points unset($GLOBALS['ref_level']); diff --git a/modules.php b/modules.php index 68bcc4d2e9..b8b9705bfe 100644 --- a/modules.php +++ b/modules.php @@ -58,8 +58,8 @@ if (!REQUEST_ISSET_GET('module')) REQUEST_SET_GET('module', 'index'); // Check if logged in if (IS_MEMBER()) { // Is still logged in so we welcome him with his name - $result = SQL_QUERY_ESC("SELECT surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load surname and family's name and build the username list($s, $f) = SQL_FETCHROW($result); diff --git a/ref.php b/ref.php index 4a2129716d..8e5e88b0a1 100644 --- a/ref.php +++ b/ref.php @@ -64,8 +64,8 @@ switch (getConfig('refid_target')) { } // Get referal ID from ref or refid variable -if (REQUEST_ISSET_GET(('ref'))) $ref = REQUEST_GET('ref'); -elseif (REQUEST_ISSET_GET(('refid'))) $ref = REQUEST_GET('refid'); +if (REQUEST_ISSET_GET('ref')) $ref = REQUEST_GET('ref'); + elseif (REQUEST_ISSET_GET('refid')) $ref = REQUEST_GET('refid'); if (!empty($ref)) { // Test if nickname or numeric id diff --git a/show_bonus.php b/show_bonus.php index 130f7147c3..0615d85176 100644 --- a/show_bonus.php +++ b/show_bonus.php @@ -61,7 +61,7 @@ if (!isInstalled()) { // Include header loadIncludeOnce('inc/header.php'); -if ((REQUEST_GET('uid') > 0) && (REQUEST_GET('d') > 0) && (REQUEST_ISSET_GET(('t')))) { +if ((REQUEST_GET('uid') > 0) && (REQUEST_GET('d') > 0) && (REQUEST_ISSET_GET('t'))) { // Set row name $t = ''; switch (REQUEST_GET('t')) { @@ -81,13 +81,17 @@ if ((REQUEST_GET('uid') > 0) && (REQUEST_GET('d') > 0) && (REQUEST_ISSET_GET(('t // Valid type? if (!empty($t)) { // Check for data - $result = SQL_QUERY_ESC("SELECT DISTINCT d.gender, d.surname, d.family, b.level, b.points -FROM `{!_MYSQL_PREFIX!}_user_data` AS d -RIGHT JOIN `{!_MYSQL_PREFIX!}_bonus_turbo` AS b -ON d.userid=b.userid -WHERE d.`status`='CONFIRMED' AND d.userid=%s AND b.%s=%s + $result = SQL_QUERY_ESC("SELECT d.gender, d.surname, d.family, b.level, b.points +FROM + `{!_MYSQL_PREFIX!}_user_data` AS d +RIGHT JOIN + `{!_MYSQL_PREFIX!}_bonus_turbo` AS b +ON + d.userid=b.userid +WHERE + d.`status`='CONFIRMED' AND d.userid=%s AND b.%s=%s LIMIT 1", - array(bigintval(REQUEST_GET('uid')), $t, bigintval(REQUEST_GET('d'))), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('uid')), $t, bigintval(REQUEST_GET('d'))), __FILE__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { diff --git a/sponsor_ref.php b/sponsor_ref.php index 2a46697143..1e58d05fa9 100644 --- a/sponsor_ref.php +++ b/sponsor_ref.php @@ -58,8 +58,8 @@ $URL = 'modules.php?module=index&what=sponsor_reg&refid='; // Get referal ID from ref or refid variable $ref = 0; -if (REQUEST_ISSET_GET(('ref'))) $ref = bigintval(REQUEST_GET('ref')); -elseif (REQUEST_ISSET_GET(('refid'))) $ref = bigintval(REQUEST_GET('refid')); +if (REQUEST_ISSET_GET('ref')) $ref = bigintval(REQUEST_GET('ref')); + elseif (REQUEST_ISSET_GET('refid')) $ref = bigintval(REQUEST_GET('refid')); if (!empty($ref)) { // We have an refid here. So we simply add it diff --git a/surfbar.php b/surfbar.php index 306b92190c..380de444c1 100644 --- a/surfbar.php +++ b/surfbar.php @@ -134,7 +134,7 @@ if ((SURFBAR_CHECK_RELOAD_FULL()) || ((REQUEST_ISSET_GET('frame')) && (in_array( // Load template for stopped surfbar LOAD_TEMPLATE('surfbar_stopped', false, $content); } -} elseif ((REQUEST_ISSET_GET(('check'))) && (REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET(('salt')))) { +} elseif ((REQUEST_ISSET_GET('check')) && (REQUEST_ISSET_GET('id')) && (REQUEST_ISSET_GET('salt'))) { // Dummy next id get SURFBAR_DETERMINE_NEXT_ID(REQUEST_GET('id')); diff --git a/templates/de/html/install/install_page5.tpl b/templates/de/html/install/install_page5.tpl new file mode 100644 index 0000000000..7fa76632ea --- /dev/null +++ b/templates/de/html/install/install_page5.tpl @@ -0,0 +1,71 @@ +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    {--HEADER_TEXT_PAGE5--} +
     
    + {--TEXT_PAGE_5--} +
     
    {--LANG_OUTPUT_MODE--}:   + +
     
    {--WARN_NO_PASSWORD--}:   + +
     
    {--LANG_WRITE_FOOTER--}:   + +
     
    {--INSTALL_ENABLE_BACKLINK--}:   + +
     
    + {!__MYSQL_DATA!} + + + + + + + + + +
     
    +
    -- 2.30.2