From 9f6c30cc0e06098171d773d671292081ecee3d29 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 4 Nov 2009 04:53:40 +0000 Subject: [PATCH] New function fetchUserData() introduced to API, total rewrite (not all) --- beg.php | 82 +++------ doubler.php | 73 +++----- inc/autopurge/purge-mails.php | 20 +-- inc/config-functions.php | 35 +++- inc/extensions/ext-bonus.php | 6 +- inc/extensions/ext-html_mail.php | 13 +- inc/extensions/ext-primera.php | 34 ++-- inc/filters.php | 29 +-- inc/functions.php | 101 +++++------ inc/libs/nickname_functions.php | 13 +- inc/libs/user_functions.php | 33 ++-- inc/modules/admin/overview-inc.php | 13 +- inc/modules/admin/what-add_points.php | 9 +- inc/modules/admin/what-del_user.php | 29 +-- inc/modules/admin/what-list_cats.php | 9 +- inc/modules/admin/what-list_links.php | 33 ++-- inc/modules/admin/what-list_payouts.php | 20 +-- inc/modules/admin/what-list_refs.php | 41 ++--- inc/modules/admin/what-lock_user.php | 30 +--- inc/modules/admin/what-repair_cats.php | 19 +- inc/modules/admin/what-sub_points.php | 11 +- inc/modules/admin/what-user_contct.php | 11 +- inc/modules/chk_login.php | 20 +-- inc/modules/guest/what-confirm.php | 14 +- inc/modules/guest/what-register.php | 7 +- inc/modules/guest/what-sponsor_reg.php | 10 +- inc/modules/login.php | 8 - inc/modules/member/what-html_mail.php | 14 +- inc/modules/member/what-mydata.php | 33 ++-- inc/modules/member/what-nickname.php | 2 +- inc/modules/member/what-points.php | 68 ++++---- inc/modules/member/what-primera.php | 26 +-- inc/modules/member/what-reflinks.php | 15 +- inc/modules/member/what-support.php | 2 +- inc/modules/member/what-transfer.php | 18 +- inc/modules/member/what-wernis.php | 57 ++---- inc/mysql-manager.php | 165 ++++++++++++------ inc/pool/pool-bonus.php | 17 +- inc/pool/pool-user.php | 48 +---- inc/session.php | 3 - inc/wrapper-functions.php | 50 +++++- lead-confirm.php | 6 +- mailid.php | 11 +- mailid_top.php | 21 +-- ref.php | 63 +++---- sponsor_ref.php | 10 +- templates/de/html/beg/beg_link.tpl | 2 +- templates/de/html/guest/guest_beg.tpl | 2 +- templates/de/html/member/member_reflink.tpl | 2 +- .../html/member/member_reflink_nickname.tpl | 2 +- .../html/member/member_wernis_mode_payout.tpl | 2 +- .../member/member_wernis_mode_withdraw.tpl | 2 +- 52 files changed, 567 insertions(+), 797 deletions(-) diff --git a/beg.php b/beg.php index b488df11eb..59d3572d67 100644 --- a/beg.php +++ b/beg.php @@ -59,71 +59,52 @@ redirectOnUninstalledExtension('beg'); // Check for userid if (isGetRequestElementSet('userid')) { // Init variables - $userid = 0; - $result = false; $points = 0; // Don't pay is the default... $pay = false; // Validate if it is not a number - if (''.(getRequestElement('userid') + 0).'' !== ''.getRequestElement('userid').'') { + if (isNicknameUsed(getRequestElement('userid'))) { + // Is the nickname extension there? if (isExtensionActive('nickname')) { // Maybe we have found a nickname? - $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1", - array(getRequestElement('userid')), __FILE__, __LINE__); + fetchUserData(getRequestElement('userid'), 'nickname'); } else { // Nickname entered but nickname is not active $errorCode = getCode('EXTENSION_PROBLEM'); - $userid = -1; } } else { // Direct userid - $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); + fetchUserData(getRequestElement('userid')); } // Check if locked in so don't pay points $status = 'failed'; // Check if account was found - if (SQL_NUMROWS($result) == 1) { - // Found an id so we simply set it - list($userid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result); - - // Account confirmed? - if ($status == 'CONFIRMED') { - // Secure userid - $userid = bigintval($userid); - - // Multiply configured values with 100000 and divide with 100000 so we can also handle small values - // If we need more number behind the decimal dot then we just need to increase all these three - // numbers matching to the numbers behind the decimal dot. Simple! ;-) - $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000; - - // Set nickname / userid for the template(s - $content['userid'] = getRequestElement('userid'); - $content['clicks'] = ($clicks + 1); - $content['banner'] = loadTemplate('beg_banner', true); - $content['points'] = translateComma($points); - } else { - // Other status - $userid = 0; - } + if ((isUserDataValid()) && (getUserData('status') == 'CONFIRMED')) { + // Multiply configured values with 100000 and divide with 100000 so we can also handle small values + // If we need more number behind the decimal dot then we just need to increase all these three + // numbers matching to the numbers behind the decimal dot. Simple! ;-) + $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000; + + // Set nickname / userid for the template(s + $content['userid'] = getRequestElement('userid'); + $content['clicks'] = (getUserData('beg_clicks') + 1); + $content['banner'] = loadTemplate('beg_banner', true); + $content['points'] = translateComma($points); } // END - if - // Free memory - SQL_FREERESULT($result); - // User id valid and not webmaster's id? - if (($userid > 0) && (getConfig('beg_userid') != $userid)) { + if ((getUserData('userid') > 0) && (getConfig('beg_userid') != getUserData('userid'))) { // Update counter - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array($userid), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s LIMIT 1", + array(getUserData('userid')), __FILE__, __LINE__); // Check for last entry for userid w/o IP number - $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_userid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1", - array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE (`timeout` > (UNIX_TIMESTAMP() - {?beg_timeout?}) OR (timeout > (UNIX_TIMESTAMP() - {?beg_userid_timeout?}) AND `userid`=%s)) AND (`remote_ip`='%s' OR `sid`='%s') LIMIT 1", + array(getUserData('userid'), detectRemoteAddr(), session_id()), __FILE__, __LINE__); // Entry not found, points set and not logged in? if (((SQL_NUMROWS($result) == 0) || (isAdmin())) && ($points > 0) && (!isMember()) && (getConfig('beg_pay_mode') == 'NONE')) { @@ -134,7 +115,7 @@ if (isGetRequestElementSet('userid')) { // but only when there is no admin begging. // Admins shall be able to test it! SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_beg_ips` (`userid`, `remote_ip`,`sid`, `timeout`) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())", - array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__); + array(getUserData('userid'), detectRemoteAddr(), session_id()), __FILE__, __LINE__); // Was is successfull? $pay (SQL_AFFECTEDROWS() == 1); @@ -146,7 +127,7 @@ if (isGetRequestElementSet('userid')) { // Pay points? if ($pay === true) { // Add points to user or begging rallye account - if (addPointsBeg($userid, $points)) { + if (addPointsBeg(getUserData('userid'), $points)) { // Set 'done' message $content['message'] = loadTemplate('beg_done', true); } else { @@ -165,7 +146,7 @@ if (isGetRequestElementSet('userid')) { $content = array( 'clicks' => $content['clicks'], 'points' => $content['points'], - 'userid' => $content['userid'] + 'userid' => $content['userid'] ); // Load message template depending on pay-mode @@ -173,7 +154,7 @@ if (isGetRequestElementSet('userid')) { $pay = true; } else { // Clicked received while reload lock is active - $content['message'] = loadTemplate('beg_failed', true); + $content['message'] = loadTemplate('beg_failed', true, $content); } // Free memory @@ -201,24 +182,19 @@ if (isGetRequestElementSet('userid')) { // Include footer loadIncludeOnce('inc/footer.php'); - } elseif (($status != 'CONFIRMED') && ($status != 'failed')) { + } elseif ((getUserData('status') != 'CONFIRMED') && (getUserData('status') != 'failed')) { // Maybe locked/unconfirmed account? - $errorCode = generateErrorCodeFromUserStatus($status); - } elseif (($userid == 0) || ($status == 'failed')) { + $errorCode = generateErrorCodeFromUserStatus(); + } elseif ((getUserData('userid') == 0) || (getUserData('status') == 'failed')) { // Inalid or locked account, so let's find out - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE nickname='%s' LIMIT 1", - array(getRequestElement('userid')), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'), 'nickname')) { // Locked account $errorCode = getCode('ACCOUNT_LOCKED'); } else { // Invalid nickname! (404) $errorCode = getCode('USER_404'); } - - // Free memory - SQL_FREERESULT($result); - } elseif ($userid == getConfig('beg_userid')) { + } elseif (getUserData('userid') == getConfig('beg_userid')) { // Webmaster's id cannot beg for points! $errorCode = getCode('BEG_SAME_AS_OWN'); } diff --git a/doubler.php b/doubler.php index 1f85456904..4a97351b9b 100644 --- a/doubler.php +++ b/doubler.php @@ -55,39 +55,8 @@ setContentType('text/html'); // Is the 'doubler' extension active? redirectOnUninstalledExtension('doubler'); -// Probe for referal id -if (isGetRequestElementSet('refid')) $GLOBALS['refid'] = getRequestElement('refid'); - -// Only check this if refid is provided! -if (determineReferalId() > 0) { - // Do we have nickname or userid set? - if (isNicknameUsed(determineReferalId())) { - // Nickname in URL, so load the id - $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1", - array(determineReferalId()), __FILE__, __LINE__); - } else { - // Direct userid entered - $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(determineReferalId()), __FILE__, __LINE__); - } - - // Load data - list($rid, $status_ref) = SQL_FETCHROW($result); - $GLOBALS['refid'] = bigintval($rid); - - // Free memory - SQL_FREERESULT($result); -} // END - if - -// Init userid -$userid = 0; - -// If no account was found set default refid and status to CONFIRMED -if (empty($GLOBALS['refid'])) { - // Determine referal id again - $GLOBALS['refid'] = determineReferalId(); - $status = 'CONFIRMED'; -} // END - if +// Only check this if refid is provided. This will do the rest for us +determineReferalId(); // Init content array $content = array( @@ -104,17 +73,17 @@ if (isFormSent()) { // Probe for nickname extension and if a nickname was entered if (isNickNameUsed(postRequestElement('userid'))) { // Nickname in URL, so load the id - $result = SQL_QUERY_ESC("SELECT `userid`, `status`, `password` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1", - array(postRequestElement('userid')), __FILE__, __LINE__); + fetchUserData(postRequestElement('userid'), 'nickname'); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT `userid`, `status, `password` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(postRequestElement('userid'))), __FILE__, __LINE__); + fetchUserData(postRequestElement('userid')); } - // Load data - list($userid, $status, $password) = SQL_FETCHROW($result); - $userid = bigintval($userid); + // Is the data valid? + if (!isUserDataValid()) { + // Output message that the userid is not okay + loadTemplate('admin_settings_saved', false, getMessage('DOUBLER_USERID_INVALID')); + } // END - if // Free result SQL_FREERESULT($result); @@ -126,22 +95,22 @@ if (isFormSent()) { $probe_points = ((postRequestElement('points') >= getConfig('doubler_min')) && (postRequestElement('points') <= getConfig('doubler_max'))); // Check all together - if ((!empty($userid)) && ($password == generateHash(postRequestElement('pass'), substr($password, 0, -40))) && ($status == 'CONFIRMED') && ($probe_points)) { + if ((isUserDataValid()) && (getUserData('password') == generateHash(postRequestElement('pass'), substr(getUserData('password'), 0, -40))) && (getUserData('status') == 'CONFIRMED') && ($probe_points)) { // Nickname resolved to a unique userid or direct userid entered by the member - $GLOBALS['doubler_userid'] = $userid; + $GLOBALS['doubler_userid'] = getUserData('userid'); // Calulcate points - $points = countSumTotalData($userid, 'user_points', 'points') - countSumTotalData($userid, 'user_data', 'used_points'); + $points = countSumTotalData(getUserData('userid'), 'user_points', 'points') - countSumTotalData(getUserData('userid'), 'user_data', 'used_points'); // So let's continue with probing his points amount if (($points - getConfig('doubler_left') - postRequestElement('points') * getConfig('doubler_charge')) >= 0) { // Enough points are left so let's continue with the doubling process // Create doubling "account" width *DOUBLED* points SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')", - array($userid, determineReferalId(), bigintval(postRequestElement('points') * 2)), __FILE__, __LINE__); + array(getUserData('userid'), determineReferalId(), bigintval(postRequestElement('points') * 2)), __FILE__, __LINE__); // Subtract entered points - subtractPoints('doubler', $userid, postRequestElement('points')); + subtractPoints('doubler', getUserData('userid'), postRequestElement('points')); // Add points to "total payed" including charge $points = postRequestElement('points') - postRequestElement('points') * getConfig('doubler_charge'); @@ -149,7 +118,7 @@ if (isFormSent()) { incrementConfigEntry('doubler_points', $points); // Add second line for the referal but only when userid != refid - if ((determineReferalId() > 0) && (determineReferalId() != $userid)) { + if ((determineReferalId() > 0) && (determineReferalId() != getUserData('userid'))) { // Okay add a refid line and apply refid percents SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')", array( @@ -169,13 +138,13 @@ if (isFormSent()) { // Not enougth points left $content['message'] = getMessage('DOUBLER_FORM_NO_POINTS_LEFT'); } - } elseif ($status == 'CONFIRMED') { + } elseif (getUserData('status') == 'CONFIRMED') { // Account is unconfirmed! $content['message'] = getMessage('DOUBLER_FORM_WRONG_PASS'); - } elseif ($status == 'UNCONFIRMED') { + } elseif (getUserData('status') == 'UNCONFIRMED') { // Account is unconfirmed! $content['message'] = getMessage('DOUBLER_FORM_STATUS_UNCONFIRMED'); - } elseif ($status == 'LOCKED') { + } elseif (getUserData('status') == 'LOCKED') { // Account is locked by admin / holiday! $content['message'] = getMessage('DOUBLER_FORM_STATUS_LOCKED'); } elseif (postRequestElement('points') < getConfig('doubler_min')) { @@ -201,7 +170,7 @@ if (isFormSent()) { // points not entered $content['message'] = getMessage('DOUBLER_FORM_404_POINTS'); } -} +} // END - if (isFormSet()) // Shall I check for points immediately? if (getConfig('doubler_send_mode') == 'DIRECT') loadInclude('inc/mails/doubler_mails.php'); @@ -216,9 +185,9 @@ $content['banner'] = loadTemplate('doubler_banner', true); $content['header'] = loadTemplate('doubler_header', true); $content['footer'] = loadTemplate('doubler_footer', true); -if (!empty($userid)) { +if (isUserDataValid()) { // Transfer userid/nickname to constant - $content['refid'] = $userid; + $content['refid'] = getUserData('userid'); } else { // Transfer userid/nickname to constant $content['refid'] = determineReferalId(); diff --git a/inc/autopurge/purge-mails.php b/inc/autopurge/purge-mails.php index 982795f103..a388791124 100644 --- a/inc/autopurge/purge-mails.php +++ b/inc/autopurge/purge-mails.php @@ -65,9 +65,7 @@ if (SQL_NUMROWS($result_mails) > 0) { // Okay, check for their sender's while ($content = SQL_FETCHARRAY($result_mails)) { // Check now... - $fount = SQL_NUMROWS(SQL_QUERY_ESC("SELECT userid FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($content['sender'])), __FILE__, __LINE__)); - if ($found == 0) { + if (!fetchUserData($content['sender'])) { // Okay we found some mails! SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_pool` WHERE `sender`=%s", array(bigintval($content['sender'])), __FILE__, __LINE__); @@ -82,9 +80,9 @@ WHERE `data_type`='DELETED' AND timestamp <= (UNIX_TIMESTAMP() - {?ap_dm_timeout?}) ORDER BY `sender` ASC", __FILE__, __LINE__); - } - } -} + } // END - if + } // END - while +} // END - if // Free memory SQL_FREERESULT($result_mails); @@ -104,9 +102,7 @@ if (SQL_NUMROWS($result_mails) > 0) { // Okay, check for their sender's while ($content = SQL_FETCHARRAY($result_mails)) { // Check now... - $found = SQL_NUMROWS(SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($content['sender'])), __FILE__, __LINE__)); - if ($found == 0) { + if (!fetchUserData($content['sender'])) { // Okay we found some mails! SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `sender`=%s", array(bigintval($content['sender'])), __FILE__, __LINE__); @@ -121,9 +117,9 @@ WHERE `timestamp_send` <= (UNIX_TIMESTAMP() - {?ap_dm_timeout?}) ORDER BY `sender` ASC", __FILE__, __LINE__); - } - } -} + } // END - if + } // END - while +} // END - if // Free memory SQL_FREERESULT($result_mails); diff --git a/inc/config-functions.php b/inc/config-functions.php index 8f25e9223c..3b9b1759ff 100644 --- a/inc/config-functions.php +++ b/inc/config-functions.php @@ -298,16 +298,22 @@ function updateConfiguration ($entries, $values, $updateMode='') { if (($values[$idx] + 0) === $values[$idx]) { // Number detected $all .= sprintf("`%s`=%s,", $entry, (float)$values[$idx]); + + // Set it in config as well + setConfigEntry($entry, $values[$idx]); } elseif ($values[$idx] == 'UNIX_TIMESTAMP()') { // Function UNIX_TIMESTAMP() detected - $all .= sprintf("`%s`=%s,", $entry, $values[$idx]); + $all .= sprintf("`%s`=UNIX_TIMESTAMP(),", $entry); + + // Set timestamp in array as well + setConfigEntry($entry, time()); } else { // String detected $all .= sprintf("`%s`='%s',", $entry, SQL_ESCAPE($values[$idx])); - } - // Set it in config as well - setConfigEntry($entry, $values[$idx]); + // Set it in config as well + setConfigEntry($entry, $values[$idx]); + } } } // END - foreach @@ -315,14 +321,25 @@ function updateConfiguration ($entries, $values, $updateMode='') { $entries = substr($all, 0, -1); } elseif (!empty($updateMode)) { // Update mode set - // @TODO Find a way for updating configuration here - $entries .= sprintf("=%s%s%s", $entries, $updateMode, (float)$values); - } else { + $entries = sprintf("`%s`=`%s`%s%s", $entries, $entries, $updateMode, (float)$values); + } elseif (($values + 0) === $values) { + // Number detected + $entries = sprintf("`%s`=%s", $entries, (float)$values); + // Set it in config first - setConfigEntry($entries, $values); + setConfigEntry($entries, (float)$values); + } elseif ($values == 'UNIX_TIMESTAMP()') { + // Function UNIX_TIMESTAMP() detected + $entries = sprintf("`%s`=UNIX_TIMESTAMP()", $entries); + // Set timestamp in array as well + setConfigEntry($entries, time()); + } else { // Regular entry to update - $entries .= sprintf("='%s'", SQL_ESCAPE($values)); + $entries = sprintf("`%s`='%s'", $entries, SQL_ESCAPE($values)); + + // Set it in config as well + setConfigEntry($entries, SQL_ESCAPE($values)); } // Run database update diff --git a/inc/extensions/ext-bonus.php b/inc/extensions/ext-bonus.php index bcd99a56af..b30b1ba113 100644 --- a/inc/extensions/ext-bonus.php +++ b/inc/extensions/ext-bonus.php @@ -75,13 +75,13 @@ PRIMARY KEY (id) addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_links` ADD INDEX (`bonus_id`)"); // Run this SQL when html or html_mail extension is installed - if (isExtensionActive('html_mail')) addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_bonus` add html_msg ENUM('Y','N') NOT NULL DEFAULT 'N'"); + if (isExtensionActive('html_mail')) addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_bonus` ADD `html_msg` ENUM('Y','N') NOT NULL DEFAULT 'N'"); break; case 'remove': // Do stuff when removing extension // SQL commands to run addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE `what` IN ('bonus','config_bonus','send_bonus','list_bonus','list_notifications')"); - addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE `what`='bonus'"); + addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE `what`='bonus' LIMIT 1"); addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_guest_menu` WHERE `action`='bonus'"); addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_bonus`"); addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_bonus_urls`"); @@ -111,7 +111,7 @@ PRIMARY KEY (id) break; case '0.2.0': // SQL queries for v0.2.0 - addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_bonus` SET target_send=mails_sent WHERE target_send=0 AND mails_sent>0 AND receivers != ''"); + addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_bonus` SET `target_send`=`mails_sent` WHERE `target_send`=0 AND `mails_sent`>0 AND `receivers` != ''"); // Update notes (these will be set as task text!) setExtensionUpdateNotes("Behebt ein Versand-Problem mit den Bonus-Mails. Es wurde die Spalte target_send nicht beim Einfügen der Buchung gessetzt. Bitte laden Sie sich dazu - wenn nicht bereits geschehen - alle Patches bis mindestens Patch 240 unter Updates prüfen herunter."); diff --git a/inc/extensions/ext-html_mail.php b/inc/extensions/ext-html_mail.php index c930f87af8..ecf91dc28d 100644 --- a/inc/extensions/ext-html_mail.php +++ b/inc/extensions/ext-html_mail.php @@ -39,7 +39,7 @@ // Some security stuff... if (!defined('__SECURITY')) { die(); -} +} // END - if // Version number setThisExtensionVersion('0.1.6'); @@ -50,18 +50,15 @@ setExtensionVersionHistory(array('0.0', '0.0.1', '0.0.2', '0.0.3', '0.0.4', '0.0 switch (getExtensionMode()) { case 'register': // Do stuff when installation is running (modules.php?module=admin is called) // SQL commands to run - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_data` ADD html ENUM('Y','N') NOT NULL DEFAULT 'Y'"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_bonus` ADD html_msg ENUM('Y','N') NOT NULL DEFAULT 'N'"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_pool` ADD html_msg ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_data` ADD `html` ENUM('Y','N') NOT NULL DEFAULT 'Y'"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_bonus` ADD `html_msg` ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_pool` ADD `html_msg` ENUM('Y','N') NOT NULL DEFAULT 'N'"); addMemberMenuSql('main','html_mail','HTML-Empfang','N','Y',3); break; case 'remove': // Do stuff when removing extension // SQL commands to run - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_data` DROP html"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_bonus` DROP html_msg"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_pool` DROP html_msg"); - addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE `what`='html_mail'"); + addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE `what`='html_mail' LIMIT 1"); break; case 'activate': // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-primera.php b/inc/extensions/ext-primera.php index 892732c707..4eeca750cf 100644 --- a/inc/extensions/ext-primera.php +++ b/inc/extensions/ext-primera.php @@ -57,27 +57,27 @@ switch (getExtensionMode()) { // SQL commands to run addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_user_primera`"); addExtensionSql("CREATE TABLE `{?_MYSQL_PREFIX?}_user_primera` ( -id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, -userid BIGINT(20) UNSIGNED NOT NULL DEFAULT 0, -primera_account VARCHAR(255) NOT NULL DEFAULT '', -primera_amount FLOAT(20,5) UNSIGNED NOT NULL DEFAULT 0.00000, -primera_timestamp VARCHAR(10) NOT NULL DEFAULT 0, -primera_type ENUM('IN','OUT','FAILED') NOT NULL DEFAULT 'FAILED', -primera_api_message TINYTEXT, -primera_api_status VARCHAR(255) NULL DEFAULT NULL, -KEY (userid), -PRIMARY KEY (id) -) TYPE={?_TABLE_TYPE?}"); +`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, +`userid` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0, +`primera_account` VARCHAR(255) NOT NULL DEFAULT '', +`primera_amount` FLOAT(20,5) UNSIGNED NOT NULL DEFAULT 0.00000, +`primera_timestamp` VARCHAR(10) NOT NULL DEFAULT 0, +`primera_type` ENUM('IN','OUT','FAILED') NOT NULL DEFAULT 'FAILED', +`primera_api_message` TINYTEXT, +`primera_api_status` VARCHAR(255) NULL DEFAULT NULL, +KEY (`userid`), +PRIMARY KEY (`id`) +) TYPE={?_TABLE_TYPE?} COMMENT='Transfers in Primera'"); // Confiuration - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD primera_min_payout BIGINT(20) UNSIGNED NOT NULL DEFAULT 40000"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD primera_min_withdraw BIGINT(20) UNSIGNED NOT NULL DEFAULT 5000"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD primera_api_name VARCHAR(255) NOT NULL DEFAULT ''"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD primera_api_md5 VARCHAR(32) NOT NULL DEFAULT ''"); - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD primera_refid VARCHAR(255) NOT NULL DEFAULT ''"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD `primera_min_payout` BIGINT(20) UNSIGNED NOT NULL DEFAULT 40000"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD `primera_min_withdraw` BIGINT(20) UNSIGNED NOT NULL DEFAULT 5000"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD `primera_api_name` VARCHAR(255) NOT NULL DEFAULT ''"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD `primera_api_md5` VARCHAR(32) NOT NULL DEFAULT ''"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD `primera_refid` VARCHAR(255) NOT NULL DEFAULT ''"); // User data - addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_data` ADD primera_userid VARCHAR(255) NOT NULL DEFAULT ''"); + addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_user_data` ADD `primera_nickname` VARCHAR(255) NOT NULL DEFAULT ''"); // Admin menu addAdminMenuSql('primera', NULL, 'Primera-Management','Konfiguration zur Primera-API einstellen, Auszahlungen auflisten usw..', 15); diff --git a/inc/filters.php b/inc/filters.php index 3027b456ac..5f6b9eed84 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -285,21 +285,18 @@ function FILTER_UPDATE_LOGIN_DATA () { // Secure user id setUserId(getSession('userid')); - // Load last module and last online time - $result = SQL_QUERY_ESC("SELECT `last_module`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result) == 1) { + // Found a userid? + if (fetchUserData(getUserId())) { // Load last module and online time - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); // Maybe first login time? if (empty($content['last_module'])) $content['last_module'] = 'login'; // This will be displayed on welcome page! :-) if (empty($GLOBALS['last_online']['module'])) { - $GLOBALS['last_online']['module'] = $content['last_module']; $GLOBALS['last_online']['online'] = $content['last_online']; + $GLOBALS['last_online']['module'] = $content['last_module']; + $GLOBALS['last_online']['online'] = $content['last_online']; } // END - if // 'what' not set? @@ -320,9 +317,6 @@ function FILTER_UPDATE_LOGIN_DATA () { // Destroy session, we cannot update! destroyUserSession(); } - - // Free the result - SQL_FREERESULT($result); } // Filter for initializing randomizer @@ -372,11 +366,9 @@ function FILTER_DETERMINE_USERNAME () { // Check if logged in if (isMember()) { // Is still logged in so we welcome him with his name - $result = SQL_QUERY_ESC("SELECT `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getUserId())) { // Load surname and family's name and build the username - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); // Prepare username setUsername($content['surname'] . ' ' . $content['family']); @@ -396,9 +388,6 @@ function FILTER_DETERMINE_USERNAME () { // Kill userid setUserId(0); } - - // Free memory - SQL_FREERESULT($result); } elseif (isAdmin()) { // Admin is there setUsername('{--USERNAME_ADMIN--}'); @@ -494,7 +483,7 @@ function FILTER_UPDATE_EXTENSION_DATA ($ext_name) { // Load more reset scripts function FILTER_RUN_RESET_INCLUDES () { // Is the reset set or old sql_patches? - if (((!isResetModeEnabled()) || (!isExtensionInstalledAndOlder('sql_patches', '0.4.5'))) && (getOutputMode() == 0)) { + if (((!isResetModeEnabled()) || (!isExtensionInstalled('sql_patches'))) && (getOutputMode() == 0)) { // Then abort here logDebugMessage(__FUNCTION__, __LINE__, 'Cannot run reset! Please report this bug. Thanks'); } // END - if @@ -503,7 +492,7 @@ function FILTER_RUN_RESET_INCLUDES () { setIncludePool('reset', getArrayFromDirectory('inc/reset/', 'reset_')); // Update database - if ((!isConfigEntrySet('DEBUG_RESET')) || (getConfig('DEBUG_RESET') != 'Y')) updateConfiguration('last_update', time()); + if ((!isConfigEntrySet('DEBUG_RESET')) || (getConfig('DEBUG_RESET') != 'Y')) updateConfiguration('last_update', 'UNIX_TIMESTAMP()'); // Is the config entry set? if (isExtensionInstalledAndNewer('sql_patches', '0.4.2')) { diff --git a/inc/functions.php b/inc/functions.php index a0418238dc..8d4cc44e90 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -246,34 +246,6 @@ function loadTemplate ($template, $return=false, $content=array()) { // Is content an array if (is_array($content)) $content['date_time'] = $date_time; - // @DEPRECATED Try to rewrite the if() condition - if ($template == 'member_support_form') { - // Support request of a member - $result = SQL_QUERY_ESC("SELECT `userid`, `gender`, `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); - - // Is content an array? - if (is_array($content)) { - // Merge data - $content = merge_array($content, SQL_FETCHARRAY($result)); - - // Translate gender - $content['gender'] = translateGender($content['gender']); - } else { - // @DEPRECATED - // @TODO Find all templates which are using these direct variables and rewrite them. - // @TODO After this step is done, this else-block is history - list($gender, $surname, $family, $email) = SQL_FETCHROW($result); - - // Translate gender - $gender = translateGender($gender); - logDebugMessage(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array [%s], template=%s.", gettype($content), $template)); - } - - // Free result - SQL_FREERESULT($result); - } // END - if - // Base directory $basePath = sprintf("%stemplates/%s/html/", getConfig('PATH'), getLanguage()); $mode = ''; @@ -461,25 +433,22 @@ function loadEmailTemplate ($template, $content = array(), $UID = 0) { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content).'
'); if (($UID > 0) && (is_array($content))) { // If nickname extension is installed, fetch nickname as well - if (isExtensionActive('nickname')) { + if (isNicknameUsed($UID)) { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):NICKNAME!
"); - // Load nickname - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `gender`, `email`, `nickname` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($UID)), __FUNCTION__, __LINE__); + // Load by nickname + fetchUserData($UID, 'nickname'); } else { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):NO-NICK!
"); - /// Load normal data - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `gender`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($UID)), __FUNCTION__, __LINE__); + /// Load by userid + fetchUserData($UID); } - // Fetch and merge data + // Merge data if valid //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):content()=".count($content)." - PRE
"); - $content = merge_array($content, SQL_FETCHARRAY($result)); + if (isUserDataValid()) { + $content = merge_array($content, getUserDataArray()); + } // END - if //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):content()=".count($content)." - AFTER
"); - - // Free result - SQL_FREERESULT($result); } // END - if // Translate M to male or F to female if present @@ -582,22 +551,14 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = ' ADD_MESSAGE_TO_BOX($toEmail, $subject, $message, $isHtml); return; } else { - // Load email address - $result_email = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($toEmail)), __FUNCTION__, __LINE__); - //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email).'
'); - // Does the user exist? - if (SQL_NUMROWS($result_email)) { - // Load email address - list($toEmail) = SQL_FETCHROW($result_email); + if (fetchUserData($toEmail)) { + // Get the email + $toEmail = getUserData('email'); } else { // Set webmaster $toEmail = getConfig('WEBMASTER'); } - - // Free result - SQL_FREERESULT($result_email); } } elseif ($toEmail == '0') { // Is the webmaster! @@ -973,7 +934,7 @@ function redirectToUrl ($URL) { // Three different debug ways... //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $URL); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); //* DEBUG: */ die($URL); // Default 'rel' value is external, nofollow is evil from Google and hurts the Internet @@ -2405,11 +2366,11 @@ function getThemeId ($name) { } // Generates an error code from given account status -function generateErrorCodeFromUserStatus ($status) { - // @TODO The status should never be empty - if (empty($status)) { - // Something really bad happend here - debug_report_bug(__FUNCTION__ . ': status is empty.'); +function generateErrorCodeFromUserStatus ($status='') { + // If no status is provided, use the default, cached + if ((empty($status)) && (isMember())) { + // Get user status + $status = getUserData('status'); } // END - if // Default error code if unknown account status @@ -3193,8 +3154,8 @@ function addNewBonusMail ($data, $mode = '', $output=true) { // Determines referal id and sets it function determineReferalId () { - // Skip this in non-html-mode - if (getOutputMode() != 0) return false; + // Skip this in non-html-mode and outside ref.php + if ((getOutputMode() != 0) && (basename($_SERVER['PHP_SELF']) != 'ref.php')) return false; // Check if refid is set if ((isset($GLOBALS['refid'])) && ($GLOBALS['refid'] > 0)) { @@ -3227,6 +3188,24 @@ function determineReferalId () { // Set cookie when default refid > 0 if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((getSession('refid') == 0) && (isConfigEntrySet('def_refid')) && (getConfig('def_refid') > 0))) { + // Default is not found + $found = false; + + // Do we have nickname or userid set? + if (isNicknameUsed($GLOBALS['refid'])) { + // Nickname in URL, so load the id + $found = fetchUserData($GLOBALS['refid'], 'nickname'); + } elseif ($GLOBALS['refid'] > 0) { + // Direct userid entered + $found = fetchUserData($GLOBALS['refid']); + } + + // Is the record valid? + if (($found === false) || (!isUserDataValid())) { + // No, then reset referal id + $GLOBALS['refid'] = getConfig('def_refid'); + } // END - if + // Set cookie setSession('refid', $GLOBALS['refid']); } // END - if @@ -3263,6 +3242,10 @@ function shutdown () { // Setter for userid function setUserId ($userid) { + // We should not set userid to zero + if ($userid == 0) debug_report_bug('Userid should not be set zero.'); + + // Set it secured $GLOBALS['userid'] = bigintval($userid); } diff --git a/inc/libs/nickname_functions.php b/inc/libs/nickname_functions.php index 6fdb1916d7..45b48d04c7 100644 --- a/inc/libs/nickname_functions.php +++ b/inc/libs/nickname_functions.php @@ -80,21 +80,14 @@ function getNickname ($userid) { // Nickname or userid used? if (''.round($userid).'' === ''.$userid.'') { - // Userid given - $result = SQL_QUERY_ESC("SELECT `nickname` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FUNCTION__, __LINE__); - - // Found? - if (SQL_NUMROWS($result) == 1) { + // Userid given, so try to load user data + if (fetchUserData($userid)) { // Load nickname from database - list($ret) = SQL_FETCHROW($result); + $ret = getUserData('nickname'); // Put it in cche $GLOBALS['nicknames'][$userid] = $ret; } // END - if - - // Free result - SQL_FREERESULT($result); } else { // Direct nickname found! $ret = $userid; diff --git a/inc/libs/user_functions.php b/inc/libs/user_functions.php index 7e4ee7c1b5..1fdb510500 100644 --- a/inc/libs/user_functions.php +++ b/inc/libs/user_functions.php @@ -261,7 +261,8 @@ function determineRandomReferalId () { // Do the user login function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.php?module=index&what=login&login=') { // Init variables - $dmy = ''; $add = ''; + $dmy = ''; + $add = ''; $errorCode = 0; // Add last_login if available @@ -282,23 +283,18 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p // Check login data if ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) { // Nickname entered - $result = SQL_QUERY_ESC("SELECT `userid`, `password`, `last_online`" . $lastOnline . " FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' AND `status`='CONFIRMED' LIMIT 1", - array($userid), __FUNCTION__, __LINE__); + fetchUserData($userid, 'nickname'); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT `userid`, `password`, `last_online`" . $lastOnline . " FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array($userid, $content['hash']), __FUNCTION__, __LINE__); + fetchUserData($userid); } // Load entry - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); if (!empty($content['userid'])) $userid = bigintval($content['userid']); // Is there an entry? - if ((SQL_NUMROWS($result) == 1) && ((isNicknameUsed($content['userid'] === true) && (!empty($content['userid']))) || ($content['userid'] == $userid))) { - // Free result - SQL_FREERESULT($result); - + if ((isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && ((isNicknameUsed($content['userid'] === true) && (!empty($content['userid']))) || ($content['userid'] == $userid))) { // Check for old MD5 passwords if ((strlen($content['password']) == 32) && (md5($passwd) == $content['password'])) { // Just set the hash to the password from DB... :) @@ -326,9 +322,7 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p if (!empty($content['last_login'])) $probe = time() - $content['last_login']; if ((getExtensionVersion('bonus') >= '0.2.2') && ($probe >= getConfig('login_timeout'))) { // Add login bonus to user's account - $add = sprintf(", `login_bonus`=`login_bonus`+%s", - (float)getConfig('login_bonus') - ); + $add = ', `login_bonus`=`login_bonus`+{?login_bonus?}'; $GLOBALS['bonus_payed'] = true; // Subtract login bonus from userid's account or jackpot @@ -380,17 +374,9 @@ function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.p } } elseif (((isNicknameUsed($content['userid'])) && (!empty($content['userid']))) || ($content['userid'] == $userid)) { // Other account status? - // @TODO Can this query be merged with above query? - $result = SQL_QUERY_ESC("SELECT `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array($userid), __FUNCTION__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result) == 1) { - // Load status - list($status) = SQL_FETCHROW($result); - + if (fetchUserData($userid)) { // Create an error code from given status - $errorCode = generateErrorCodeFromUserStatus($status); + $errorCode = generateErrorCodeFromUserStatus(getUserData('status')); } else { // id not found! $errorCode = getCode('WRONG_ID'); @@ -420,6 +406,7 @@ function doNewUserPassword ($email, $userid) { $result = false; // Probe userid/nickname + // @TODO We should try to rewrite this to fetchUserData() somehow if ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) { // Nickname entered $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' OR `userid`='%s' OR `email`='%s' LIMIT 1", diff --git a/inc/modules/admin/overview-inc.php b/inc/modules/admin/overview-inc.php index e2adbfaa10..278c2b0e7a 100644 --- a/inc/modules/admin/overview-inc.php +++ b/inc/modules/admin/overview-inc.php @@ -167,14 +167,10 @@ LIMIT 1", // Is a userid assign? if ($userid > 0) { // Then load his data! - // @TODO Can this SQL be encapsulated in a function, so all similar queries can be rewritten? - $result_user = SQL_QUERY_ESC("SELECT `gender`, `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result_user) == 1) { + if (fetchUserData($userid)) { // Fetch row - $content = SQL_FETCHARRAY($result_user); + $content = getUserDataArray(); + // Generate HTML list entry $add = "
  • {--ADMIN_MEMBER_UID--}: ".generateUserProfileLink($userid, 'user_data')." (".translateGender($content['gender'])." ".$content['surname']." ".$content['family'].")
    • "; } else { @@ -182,9 +178,6 @@ LIMIT 1", logDebugMessage(__FUNCTION__, __LINE__, 'Invalid userid=' . $userid . ' -> not found!'); $userid = 0; } - - // Free result - SQL_FREERESULT($result_user); } // END - if // Decode entities of the text diff --git a/inc/modules/admin/what-add_points.php b/inc/modules/admin/what-add_points.php index 5e53d23b01..03546b16d7 100644 --- a/inc/modules/admin/what-add_points.php +++ b/inc/modules/admin/what-add_points.php @@ -84,11 +84,9 @@ if (getRequestElement('userid') == 'all') { } } elseif (isGetRequestElementSet('userid')) { // User id found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'))) { // Selected user does exist - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); if ((isFormSent()) && (isPostRequestElementSet(('points')))) { // Add points and send an email to him... @@ -117,9 +115,6 @@ if (getRequestElement('userid') == 'all') { // User not found! loadTemplate('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."
    "); } - - // Free result - SQL_FREERESULT($result); } else { // Output selection form with all confirmed user accounts listed addMemberSelectionBox(0, true); diff --git a/inc/modules/admin/what-del_user.php b/inc/modules/admin/what-del_user.php index 56e14dfc3a..12e8a867a0 100644 --- a/inc/modules/admin/what-del_user.php +++ b/inc/modules/admin/what-del_user.php @@ -46,13 +46,8 @@ addMenuDescription('admin', __FILE__); // User exists.. if ((isFormSent()) || ((isPostRequestElementSet('del')) && (isPostRequestElementSet(('reason'))))) { - // Delete users account - $result_user = SQL_QUERY_ESC("SELECT userid FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - if (SQL_NUMROWS($result_user) == 1) { - // Free memory - SQL_FREERESULT($result_user); - + // Is the account there? + if (fetchUserData(getRequestElement('userid'))) { // Delete user account deleteUserAccount(getRequestElement('userid'), postRequestElement('reason')); @@ -70,19 +65,12 @@ if ((isFormSent()) || ((isPostRequestElementSet('del')) && (isPostRequestElement addMemberSelectionBox(); } else { // Realy want to delete? - $result = SQL_QUERY_ESC("SELECT `email`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - - // Found a row? - if (SQL_NUMROWS($result) == 1) { - // Load data - list ($email, $surname, $family) = SQL_FETCHROW($result); - + if (fetchUserData(getRequestElement('userid'))) { // Prepare content $content = array( - 'email' => generateEmailLink($email, 'user_data'), - 'surname' => $surname, - 'family' => $family, + 'email' => generateEmailLink(getUserData('email'), 'user_data'), + 'surname' => getUserData('surname'), + 'family' => getUserData('family'), 'header' => sprintf(getMessage('ADMIN_HEADER_DEL_ACCOUNT'), getRequestElement('userid')), 'text' => sprintf(getMessage('ADMIN_TEXT_DEL_ACCOUNT'), getRequestElement('userid')), 'userid' => getRequestElement('userid') @@ -94,10 +82,7 @@ if ((isFormSent()) || ((isPostRequestElementSet('del')) && (isPostRequestElement // Account does not exists! loadTemplate('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."
    "); } - - // Free the result - SQL_FREERESULT($result); } -// +// [EOF] ?> diff --git a/inc/modules/admin/what-list_cats.php b/inc/modules/admin/what-list_cats.php index 7aaf18c3f9..f5eeb03c7b 100644 --- a/inc/modules/admin/what-list_cats.php +++ b/inc/modules/admin/what-list_cats.php @@ -47,11 +47,9 @@ addMenuDescription('admin', __FILE__); if (isGetRequestElementSet('userid')) { // Check if the user already exists - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'))) { // Loads surname, family's name and the email address - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); // Prepare constants // @TODO No longer needed? define('__CATS_BASE' , "".$email.""; + $content['surname'] = getUserData('surname'); + $content['family'] = getUserData('family'); + $content['email'] = "".getUserData('email').""; $content['rows'] = $OUT; $content['nums'] = $nums; $content['userid'] = bigintval(getRequestElement('userid')); diff --git a/inc/modules/admin/what-list_payouts.php b/inc/modules/admin/what-list_payouts.php index b9cbf025b5..479c54100c 100644 --- a/inc/modules/admin/what-list_payouts.php +++ b/inc/modules/admin/what-list_payouts.php @@ -69,12 +69,12 @@ if (isGetRequestElementSet(('pid'))) { if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) { // Load user's data - $result = SQL_QUERY_ESC("SELECT `email`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - list($email, $gender, $surname, $family) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + if (!fetchUserData($userid)) { + // Abort here because it is not valid! + debug_report_bug('No user account ' . $userid . ' found.'); + } // END - if - if ((getRequestElement('do') == 'accept') && (!empty($email))) { + if ((getRequestElement('do') == 'accept') && (!empty(getUserData('email')))) { // Ok, now we can output the form or execute accepting if (isFormSent()) { // Obtain payout type and other data @@ -148,7 +148,7 @@ LIMIT 1", } // Finally send mail - sendEmail($email, getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message); + sendEmail(getUserData('email'), getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message); } else { // Something goes wrong... :-( $content = implode("
    ", $ret); @@ -163,13 +163,13 @@ LIMIT 1", $content = array( 'task' => $task, 'pid' => bigintval(getRequestElement('pid')), - 'user' => "".translateGender($gender)." ".$surname." ".$family."", + 'user' => "".translateGender(getUserData('gender'))." ".getUserData('surname')." ".getUserData('family')."", ); // Load template loadTemplate('admin_payout_accept_form', false, $content); } - } elseif ((getRequestElement('do') == 'reject') && (!empty($email))) { + } elseif ((getRequestElement('do') == 'reject') && (!empty(getUserData('email')))) { // Ok, now we can output the form or execute rejecting if (isFormSent()) { if ($task > 0) { @@ -188,13 +188,13 @@ LIMIT 1", loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED')); // Finally send mail - sendEmail($email, getMessage('PAYOUT_REJECTED_SUBJECT'), $message); + sendEmail(getUserData('email'), getMessage('PAYOUT_REJECTED_SUBJECT'), $message); } else { // Prepare content $content = array( 'task' => $task, 'pid' => bigintval(getRequestElement('pid')), - 'user' => "".translateGender($gender)." ".$surname." ".$family."", + 'user' => "".translateGender(getUserData('gender'))." ".getUserData('surname')." ".getUserData('family')."", ); // Load template diff --git a/inc/modules/admin/what-list_refs.php b/inc/modules/admin/what-list_refs.php index 8783448eb4..6a1085f167 100644 --- a/inc/modules/admin/what-list_refs.php +++ b/inc/modules/admin/what-list_refs.php @@ -40,7 +40,7 @@ // Some security stuff... if ((!defined('__SECURITY')) || (!isAdmin())) { die(); -} +} // END - if // Add description as navigation point addMenuDescription('admin', __FILE__); @@ -49,15 +49,11 @@ if (isGetRequestElementSet('userid')) { // Secure userid $userid = bigintval(getRequestElement('userid')); - // Check if the user already exists - $result_user = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array($userid), __FILE__, __LINE__); - // Fix missing variable $result_levels = false; // User found? - if (SQL_NUMROWS($result_user) == 1) { + if (fetchUserData($userid)) { // Get total refs $menge = countSumTotalData($userid, 'user_data', 'userid', 'refid', true); $menge_lck = countSumTotalData($userid, 'user_data', 'userid', 'refid', true, " AND `status` != 'CONFIRMED'"); @@ -104,33 +100,26 @@ ORDER BY // Load all refs while ($content = SQL_FETCHARRAY($result_refs)) { - // Query for data - $result_user = SQL_QUERY_ESC("SELECT `userid`, `gender`, `surname`, `family`, `email`, `status`, `joined` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array($content['refid']), __FILE__, __LINE__); - // Is the data there? - if (SQL_NUMROWS($result_user) == 1) { - // Load data - $data = SQL_FETCHARRAY($result_user); - + if (fetchUserData($content['refid'])) { // Check for referals - $refs_cnt = countSumTotalData($data['userid'], 'refsystem', 'counter'); + $refs_cnt = countSumTotalData(getUserData('userid'), 'refsystem', 'counter'); // Prepare data for the template $content = array( 'sw' => $SW, - 'u_link' => generateUserProfileLink($data['userid']), - 'gender' => translateGender($data['gender']), + 'u_link' => generateUserProfileLink(getUserData('userid')), + 'gender' => translateGender(getUserData('gender')), 'refs_link' => 0, - 'surname' => $data['surname'], - 'family' => $data['family'], - 'email' => "[".$data['email']."]", - 'status' => translateUserStatus($data['status']), - 'registered' => generateDateTime($data['joined'], 3), + 'surname' => getUserData('surname'), + 'family' => getUserData('family'), + 'email' => "[".getUserData('email')."]", + 'status' => translateUserStatus(getUserData('status')), + 'registered' => generateDateTime(getUserData('joined'), 3), ); // Check if referal count is larger 0 and update link - if ($refs_cnt > 0) $content['refs_link'] = generateUserProfileLink($data['userid'], $refs_cnt, "list_refs"); + if ($refs_cnt > 0) $content['refs_link'] = generateUserProfileLink(getUserData('userid'), $refs_cnt, "list_refs"); // Load template for level one $OUT_REFS .= loadTemplate('admin_list_refs_row', true, $content); @@ -139,9 +128,6 @@ ORDER BY $OUT_REFS = loadTemplate('admin_list_refs_nodata', true, $content); } - // Free result - SQL_FREERESULT($result_user); - // Add content $levels['rows'] = $OUT_REFS; @@ -215,9 +201,6 @@ ORDER BY // User not found loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))); } - - // Free memory - SQL_FREERESULT($result_user); } else { // Output selection form with all confirmed user accounts listed addMemberSelectionBox(); diff --git a/inc/modules/admin/what-lock_user.php b/inc/modules/admin/what-lock_user.php index c418df55cb..8c1aacad42 100644 --- a/inc/modules/admin/what-lock_user.php +++ b/inc/modules/admin/what-lock_user.php @@ -46,11 +46,11 @@ addMenuDescription('admin', __FILE__); // Is a userid set? if (isGetRequestElementSet('userid')) { - // Load user's data - $result_user = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); + // Action not performed by default $ACT = false; - if (SQL_NUMROWS($result_user) == 1) { + + // Load user's data + if (fetchUserData(getRequestElement('userid'))) { // Is a lock reason set? if ((isPostRequestElementSet('lock')) && ($status != 'LOCKED')) { // Ok, lock the account! @@ -120,19 +120,11 @@ LIMIT 1", $URL = adminCreateUserLink(getRequestElement('userid')); } else { // Load user data we need - $result = SQL_QUERY_ESC("SELECT `email`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - - // Entry found? - if (SQL_NUMROWS($result) == 1) { - // Load data - $DATA = SQL_FETCHARRAY($result); - + if (fetchUserData(getRequestElement('userid'))) { // Transfer data to constants for the template - // @TODO Rewrite these all constants - $content['email'] = generateEmailLink($DATA['email'], 'user_data'); - $content['surname'] = $DATA['surname']; - $content['family'] = $DATA['family']; + $content['email'] = generateEmailLink(getUserData('email'), 'user_data'); + $content['surname'] = getUserData('surname'); + $content['family'] = getUserData('family'); $content['userid'] = bigintval(getRequestElement('userid')); // Realy want to lock? @@ -162,9 +154,6 @@ LIMIT 1", // Account does not exists! loadTemplate('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."
    "); } - - // Free result - SQL_FREERESULT($result); } // Is an URL set? @@ -183,9 +172,6 @@ LIMIT 1", // Account does not exists! loadTemplate('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."
    "); } - - // Free result - SQL_FREERESULT($result_user); } else { // List all users addMemberSelectionBox(); diff --git a/inc/modules/admin/what-repair_cats.php b/inc/modules/admin/what-repair_cats.php index 1c3ce00b96..84dc4dda2d 100644 --- a/inc/modules/admin/what-repair_cats.php +++ b/inc/modules/admin/what-repair_cats.php @@ -39,22 +39,24 @@ // Some security stuff... if ((!defined('__SECURITY')) || (!isAdmin())) { die(); -} +} // END - if // Add description as navigation point addMenuDescription('admin', __FILE__); -$result = SQL_QUERY("SELECT userid FROM `{?_MYSQL_PREFIX?}_user_cats` ORDER BY `userid` ASC", __FILE__, __LINE__); +// Go through all categories +$result = SQL_QUERY("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_cats` GROUP BY `userid` ORDER BY `userid` ASC", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { + // Nothing is removed for now... ;-) + $REMOVED = 0; + // Check if found userid is also found in user_data table - $REMOVED = 0; // Nothing is removed for now... ;-) while ($content = SQL_FETCHARRAY($result)) { - $result_user = SQL_QUERY_ESC("SELECT userid FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($content['userid'])), __FILE__, __LINE__); - if (SQL_NUMROWS($result_user) == 0) { + // Is the account not there? + if (!fetchUserData($content['userid'])) { // Ok, we found something to remove SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_user_cats` WHERE `userid`=%s", - array(bigintval($content['userid'])), __FILE__, __LINE__); + array(bigintval($content['userid'])), __FILE__, __LINE__); $REMOVED += SQL_AFFECTEDROWS(); } else { // Free memory @@ -62,9 +64,6 @@ if (SQL_NUMROWS($result) > 0) { } } // END - while - // Free memory - SQL_FREERESULT($result); - if ($REMOVED > 0) { // Entries repaired $content = sprintf(getMessage('ADMIN_REPAIR_ENTRIES_FIXED'), $REMOVED); diff --git a/inc/modules/admin/what-sub_points.php b/inc/modules/admin/what-sub_points.php index 243d349781..2414889a9c 100644 --- a/inc/modules/admin/what-sub_points.php +++ b/inc/modules/admin/what-sub_points.php @@ -51,7 +51,7 @@ if (getRequestElement('userid') == 'all') { // Is the form sent? if ((isFormSent()) && (postRequestElement('points') > 0)) { $result_main = SQL_QUERY("SELECT userid, email FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `status`='CONFIRMED' ORDER BY `userid` ASC", - __FILE__, __LINE__); + __FILE__, __LINE__); while ($content = merge_array($content, SQL_FETCHARRAY($result_main))) { // Ok, add points to used points and send an email to him... subtractPoints('admin_all', $content['userid'], postRequestElement('points')); @@ -76,11 +76,9 @@ if (getRequestElement('userid') == 'all') { } } elseif (isGetRequestElementSet('userid')) { // User id found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval(getRequestElement('userid'))),__FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'))) { // Selected user does exist - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); if ((isFormSent()) && (isPostRequestElementSet(('points')))) { // Ok, add to used points and send an email to him... @@ -108,9 +106,6 @@ if (getRequestElement('userid') == 'all') { // User not found! loadTemplate('admin_settings_saved', false, "
    ".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."
    "); } - - // Free result - SQL_FREERESULT($result); } else { // Output selection form with all confirmed user accounts listed addMemberSelectionBox(0, true); diff --git a/inc/modules/admin/what-user_contct.php b/inc/modules/admin/what-user_contct.php index d80c675d05..c9f523573c 100644 --- a/inc/modules/admin/what-user_contct.php +++ b/inc/modules/admin/what-user_contct.php @@ -46,14 +46,10 @@ addMenuDescription('admin', __FILE__); // Is a user id given? if ((isGetRequestElementSet('userid')) && (bigintval(getRequestElement('userid')) > 0)) { - // Load user data and display it - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); - // Is a user account found? - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'))) { // Load the data - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); // Including user id $content['userid'] = bigintval(getRequestElement('userid')); @@ -75,9 +71,6 @@ if ((isGetRequestElementSet('userid')) && (bigintval(getRequestElement('userid') // Not found? loadTemplate('admin_settings_saved', false, sprintf(getMessage('USER_ACCOUNT_404'), bigintval(getRequestElement('userid')))); } - - // Free result - SQL_FREERESULT($result); } else { // Display selection box addMemberSelectionBox(); diff --git a/inc/modules/chk_login.php b/inc/modules/chk_login.php index bf3ac60713..3014e87d8d 100644 --- a/inc/modules/chk_login.php +++ b/inc/modules/chk_login.php @@ -47,24 +47,14 @@ $message = "{--VALIDATING_LOGIN--}"; if (isUserIdSet() && (isSessionVariableSet('u_hash'))) { // Is 'theme' installed and activated? if (isExtensionActive('theme')) { - // Login failures are supported since 0.4.7 - // Do we have 0.4.7 of sql_patches or later? - // @TODO Rewrite this into a filter - $add = ''; - if (getExtensionVersion('sql_patches') >= '0.6.1') { - // Load them here - $add = ", `login_failures`, UNIX_TIMESTAMP(`last_failure`) AS last_failure"; - } // END - if - // Get theme from profile - $result = SQL_QUERY_ESC("SELECT `curr_theme`".$add." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + if (!fetchUserData(getUserId())) { + // Userid is not valid + debug_report_bug('User id '.getUserId() . ' is invalid.'); + } // END - if // Load data - $data = SQL_FETCHARRAY($result); - - // Free result - SQL_FREERESULT($result); + $data = getUserDataArray(); // Change to new theme setTheme($data['curr_theme']); diff --git a/inc/modules/guest/what-confirm.php b/inc/modules/guest/what-confirm.php index 722cfe2df4..9f5fa62f35 100644 --- a/inc/modules/guest/what-confirm.php +++ b/inc/modules/guest/what-confirm.php @@ -59,7 +59,7 @@ if (isGetRequestElementSet('hash')) { array(getRequestElement('hash')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Ok, he want's to confirm now so we load some data - list ($userid, $email, $rid) = SQL_FETCHROW($result); + list($userid, $email, $rid) = SQL_FETCHROW($result); // Unlock his account (but only when it is on UNCONFIRMED!) SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `status`='CONFIRMED', ref_payout={?ref_payout?}, `user_hash`=NULL WHERE `user_hash`='%s' AND `status`='UNCONFIRMED' LIMIT 1", @@ -73,9 +73,7 @@ if (isGetRequestElementSet('hash')) { // Maybe he got "referaled"? if (($rid > 0) && ($rid != $userid)) { // Select the referal userid - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($rid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData($rid)) { // Update ref counter... updateReferalCounter($rid); @@ -140,11 +138,11 @@ if (isGetRequestElementSet('hash')) { loadTemplate('guest_confirm_table', false, $content); } elseif ((isFormSent()) && (isPostRequestElementSet('email'))) { // Confirmation link requested 0 1 2 - $result = SQL_QUERY_ESC("SELECT `userid`, `status`, `user_hash` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `email`='%s' LIMIT 1", - array(postRequestElement('email')), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(postRequestElement('email'), 'email')) { // Email address found - $content = SQL_FETCHARRAY($result); + $content = getUserDataArray(); + + // Detect status switch ($content['status']) { case 'UNCONFIRMED': // Account not confirmed // Load email template diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php index 144b1e1833..e93efba270 100644 --- a/inc/modules/guest/what-register.php +++ b/inc/modules/guest/what-register.php @@ -62,12 +62,7 @@ $ipTimedOut = false; setRequestPostElement('refid', 0); if (determineReferalId() > 0) { // Test if the refid is valid - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(determineReferalId()), __FILE__, __LINE__); - - // Userid found? - //* DEBUG: */ die("refid={determineReferalId()}/numRows=".SQL_NUMROWS($result).""); - if (SQL_NUMROWS($result) == 0) { + if (!fetchUserData(determineReferalId())) { // Not found so we set your refid! setRequestPostElement('refid', getConfig('def_refid')); setSession('refid', getConfig('def_refid')); diff --git a/inc/modules/guest/what-sponsor_reg.php b/inc/modules/guest/what-sponsor_reg.php index 3e9247743b..5aad04bbec 100644 --- a/inc/modules/guest/what-sponsor_reg.php +++ b/inc/modules/guest/what-sponsor_reg.php @@ -345,14 +345,8 @@ ORDER BY `pay_name`", __FILE__, __LINE__); $content['refid'] = bigintval(postRequestElement('refid')); } // END - if - // Prepare referal things - if (isGetRequestElementSet('refid')) { - // Referal id transmitted, we don't care here if it is right or not - $content['refid'] = bigintval(getRequestElement('refid')); - } else { - // No referal link - $content['refid'] = 0; - } + // Prepare referal id + $content['refid'] = determineReferalId(); // Display registration form loadTemplate('guest_sponsor_reg', false, $content); diff --git a/inc/modules/login.php b/inc/modules/login.php index d0918d5b12..9545e43535 100644 --- a/inc/modules/login.php +++ b/inc/modules/login.php @@ -43,14 +43,6 @@ if (!defined('__SECURITY')) { $URL = 'modules.php?module=index'; if (checkModulePermissions('login') == 'mem_only') $URL .= '&code=' . getCode('MODULE_MEM_ONLY') . '&mod=' . getModule(); redirectToUrl($URL); -} - -if ($GLOBALS['status'] != 'CONFIRMED') { - // If the status is different than confirmed move the user away from here - $errorCode = generateErrorCodeFromUserStatus($GLOBALS['status']); - - // Load URL - redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode); } // END - if // Disable block mode by default diff --git a/inc/modules/member/what-html_mail.php b/inc/modules/member/what-html_mail.php index 462ef4152d..278e8b865b 100644 --- a/inc/modules/member/what-html_mail.php +++ b/inc/modules/member/what-html_mail.php @@ -59,19 +59,15 @@ if (isFormSent()) { loadTemplate('admin_settings_saved', false, getMessage('MEMBER_SETTINGS_SAVED')); } else { // Load template for changing settings - $result = SQL_QUERY_ESC("SELECT `html` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - - // Get the mode - $content = SQL_FETCHARRAY($result); - - // Free result - SQL_FREERESULT($result); + if (!fetchUserData(getUserId())) { + // Something really bad happened + debug_report_bug('No user account ' . getUserId() . ' found.'); + } // END - if // Prepare it $content['html_y'] = ''; $content['html_n'] = ''; - $content['html_' . strtolower($content['html'])] = ' checked="checked"'; + $content['html_' . strtolower(getUserData('html'))] = ' checked="checked"'; // Load main template loadTemplate('member_html_mail_settings', false, $content); diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php index 79a408a4d9..ba473bdc91 100644 --- a/inc/modules/member/what-mydata.php +++ b/inc/modules/member/what-mydata.php @@ -67,21 +67,14 @@ if (isPostRequestElementSet('notify')) $mode = 'notify'; // Switch off notificat switch ($mode) { case 'show': // Show his data - if (isExtensionActive('country', true)) { - // New way 1 2 3 4 5 6 7 8 9 10 11 12 13 14 - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - } else { - // Old way 1 2 3 4 5 6 7 8 9 10 11 12 13 14 - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - } + // Get user data + if (!fetchUserData(getUserId())) { + // Something really bad happended + debug_report_bug('No user account ' . getUserId() . ' found.'); + } // END - if // Get line - $content = merge_array($content, SQL_FETCHARRAY($result, 0, false)); - - // Free result - SQL_FREERESULT($result); + $content = merge_array($content, getUserDataArray()); // Translate some things $content['gender'] = translateGender($content['gender']); @@ -202,16 +195,16 @@ LIMIT 1", break; case 'save': // Save entered data - // Load old email / password: 0 1 2 - $result = SQL_QUERY_ESC("SELECT `email`, `password`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + // Load old email / password + if (!fetchUserData(getUserId())) { + // Something really bad happened + debug_report_bug('No user account ' . getUserId() . ' found.'); + } // END - if // Get line - $content = merge_array($content, SQL_FETCHARRAY($result, 0, false)); - - // Free result - SQL_FREERESULT($result); + $content = merge_array($content, getUserDataArray()); + // Calculate time to check $content['update_check'] = $content['last_update'] + getConfig('profile_lock'); // How far is last change on his profile away from now? diff --git a/inc/modules/member/what-nickname.php b/inc/modules/member/what-nickname.php index 441cce5e7f..dcdf230e12 100644 --- a/inc/modules/member/what-nickname.php +++ b/inc/modules/member/what-nickname.php @@ -94,5 +94,5 @@ if ($isValid === true) { loadTemplate('member_nickname_form', false, getNickname(getUserId())); } -// +// [EOF] ?> diff --git a/inc/modules/member/what-points.php b/inc/modules/member/what-points.php index fea4cd2885..4df5afb32f 100644 --- a/inc/modules/member/what-points.php +++ b/inc/modules/member/what-points.php @@ -114,10 +114,11 @@ SQL_FREERESULT($result_depths); // Put rows to constant for the main template $content['rows'] = $OUT; -$result = SQL_QUERY_ESC("SELECT `used_points`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); -list($usedPoints, $PAY) = SQL_FETCHROW($result); -SQL_FREERESULT($result); +// Fetch user account +if (!fetchUserData(getUserId())) { + // Something really bad happened + debug_report_bug('User account ' . getUserId() . ' not found.'); +} // END - if // Initialize variables $CONFIRMED = '---'; $SENT = '---'; $RECEIVED = '---'; @@ -125,12 +126,12 @@ $CONFIRMED = '---'; $SENT = '---'; $RECEIVED = '---'; // Only user >= v0.1.2: Fetch confirmed mails counter if (getExtensionVersion('user') >= '0.1.2') { $add = ''; + $CONFIRMED = getUserData('mails_confirmed'); + if (getExtensionVersion('user') >= '0.1.4') { - $add = ", `emails_sent`, `emails_received`"; - } - $result = SQL_QUERY_ESC("SELECT `mails_confirmed`".$add." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", array(getUserId()), __FILE__, __LINE__); - list($CONFIRMED, $SENT, $RECEIVED) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + $SENT = getUserData('emails_sent'); + $RECEIVED = getUserData('emails_received'); + } // END - if // Please update the user extension if you see 3 dashes if (empty($SENT)) $SENT = '---'; @@ -144,8 +145,8 @@ if (getExtensionVersion('user') >= '0.1.2') { if ($TLOCK == 0) $TLOCK = '0.00000'; // Remember several values in constants -$content['used'] = translateComma($usedPoints); -$content['sum'] = translateComma($totalPoints - $usedPoints); +$content['used'] = translateComma(getUserData('used_points')); +$content['sum'] = translateComma($totalPoints - getUserData('used_points')); $content['tref'] = $TREF; $content['tlock'] = translateComma($TLOCK); @@ -157,33 +158,34 @@ $content['special_rows'] = ''; // Display login bonus and turbo-click bonus if ((getExtensionVersion('bonus') >= '0.2.2') && (isExtensionActive('bonus')) && (getConfig('bonus_active') == 'Y')) { - $add = ", 0, 0, 0"; - if (getExtensionVersion('bonus') >= '0.4.4') $add = ", `bonus_ref`, `bonus_order`, `bonus_stats`"; - - // Load data - $result = SQL_QUERY_ESC("SELECT `login_bonus`, `turbo_bonus`".$add." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - - // We don't add this points now. This will be done after each month - list($login, $turbo, $ref, $order, $stats) = SQL_FETCHROW($result); + // Fetch some data and init others (to avoid a notice here) + $content['login'] = getUserData('login_bonus'); + $content['turbo'] = getUserData('turbo_bonus'); + $content['ref'] = '0.00000'; + $content['order'] = '0.00000'; + $content['stats'] = '0.00000'; + + // Get more data if ext-bonus is newer + if (getExtensionVersion('bonus') >= '0.4.4') { + $content['ref'] = getUserData('bonus_ref'); + $content['order'] = getUserData('bonus_order'); + $content['stats'] = getUserData('bonus_stats'); + } // END - if - // Free result - SQL_FREERESULT($result); + // Total bonus points + $content['ttotal'] = translateComma($content['turbo'] + $content['login'] + $content['ref'] + $content['order'] + $content['stats']); - // Prepare constants - $content['turbo'] = translateComma($turbo); - $content['login'] = translateComma($login); + // Translate more data + $content['turbo'] = translateComma($content['turbo']); + $content['login'] = translateComma($content['login']); if (getExtensionVersion('bonus') >= '0.4.4') { // Add referal, stats and order bonys - $content['ref'] = translateComma($ref); - $content['order'] = translateComma($order); - $content['stats'] = translateComma($stats); + $content['ref'] = translateComma($content['ref']); + $content['order'] = translateComma($content['order']); + $content['stats'] = translateComma($content['stats']); } // END - if - // Total bonus points - $content['ttotal'] = translateComma($turbo + $login + $ref + $order + $stats); - // Output rows $content['special_rows'] = loadTemplate('member_points_bonus_rows', true, $content); } elseif (getConfig('bonus_active') != 'Y') { @@ -196,7 +198,7 @@ if ((getExtensionVersion('bonus') >= '0.2.2') && (isExtensionActive('bonus')) && // Remeber values for the final template $content['receive'] = $RECEIVED; -$content['pay'] = $PAY; +$content['pay'] = getUserData('ref_payout'); $content['confirmed'] = $CONFIRMED; $content['sent'] = $SENT; @@ -214,7 +216,7 @@ if (isExtensionActive('user')) { if (isExtensionActive('payout')) { // Payput extension is installed and active so we can check if the user has enougth points - outputPayoutList(convertCommaToDot(($totalPoints - $usedPoints))); + outputPayoutList(convertCommaToDot(($totalPoints - getUserData('used_points')))); } // END - if // [EOF] diff --git a/inc/modules/member/what-primera.php b/inc/modules/member/what-primera.php index 83b76264eb..b602530b3b 100644 --- a/inc/modules/member/what-primera.php +++ b/inc/modules/member/what-primera.php @@ -69,19 +69,12 @@ if (!isGetRequestElementSet('mode')) { // Get referal id $content['refid'] = getConfig(('primera_refid')); - // Get Primus id - $result = SQL_QUERY_ESC("SELECT `primera_userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - // Are there some entries? - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getUserId())) { // Fetch id - list($content['primera_nickname']) = SQL_FETCHROW($result); + $content['primera_nickname'] = getUserData('primera_nickname'); } // END - if - // Free result - SQL_FREERESULT($result); - // Is there an id? if ((!empty($content['primera_nickname'])) && (!isGetRequestElementSet('mode'))) { // Then use an other "mode" @@ -141,17 +134,12 @@ if (getRequestElement('mode') == 'pay') { // Get Primera id $content['primera_nickname'] = ''; - $result = SQL_QUERY_ESC("SELECT `primera_userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - // Are there some entries? - if (SQL_NUMROWS($result) == 1) { + // Do we have a user account? (should be!) + if (fetchUserData(getUserId())) { // Fetch id - list($content['primera_nickname']) = SQL_FETCHROW($result); - } - - // Free result - SQL_FREERESULT($result); + $content['primera_nickname'] = getUserData('primera_nickname'); + } // END - if } else { // Invalid mode! loadTemplate('admin_settings_saved', false, sprintf(getMessage('PRIMERA_MEMBER_MODE_INVALID'), getRequestElement('mode'))); @@ -199,7 +187,7 @@ if ((isFormSent()) && (isGetRequestElementSet('mode'))) { subtractPoints('primera_payout', getUserId(), postRequestElement('amount')); // Update primera nickname - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `primera_userid`=%s WHERE `userid`=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `primera_nickname`=%s WHERE `userid`=%s LIMIT 1", array(postRequestElement('primera_nickname'), getUserId()), __FILE__, __LINE__); // All done! diff --git a/inc/modules/member/what-reflinks.php b/inc/modules/member/what-reflinks.php index 5f746a4933..d4838a47fd 100644 --- a/inc/modules/member/what-reflinks.php +++ b/inc/modules/member/what-reflinks.php @@ -47,17 +47,14 @@ if (!defined('__SECURITY')) { addMenuDescription('member', __FILE__); // Load current referal clicks -$result = SQL_QUERY_ESC("SELECT `ref_clicks` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - -// Load it -$content = SQL_FETCHARRAY($result); - -// Free result -SQL_FREERESULT($result); +if (!fetchUserData(getUserId())) { + // Something really bad happened + debug_report_bug('No user account ' . getUserId() . ' found.'); +} // END - if // Prepare some data -$content['userid'] = getUserId(); +$content['ref_clicks'] = getUserData('ref_clicks'); +$content['userid'] = getUserId(); // @TODO Move this into a filter if (isExtensionActive('nickname')) { diff --git a/inc/modules/member/what-support.php b/inc/modules/member/what-support.php index a2cfff4929..b6c9d742c6 100644 --- a/inc/modules/member/what-support.php +++ b/inc/modules/member/what-support.php @@ -53,7 +53,7 @@ if ((!isExtensionActive('support')) && (!isAdmin())) { if ((!isFormSent()) || (!isPostRequestElementSet(('qsummary')))) { // Output form - loadTemplate('member_support_form'); + loadTemplate('member_support_form', false, getUserDataArray()); } else { // Load mail template based on your member's decision if (getExtensionVersion('admins') >= '0.4.1') { diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index 5c4db42a09..2bbc1eeee1 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -52,19 +52,17 @@ if ((!isExtensionActive('transfer')) && (!isAdmin())) { } // END - if // Load data -$result = SQL_QUERY_ESC("SELECT `opt_in` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); -list($opt_in) = SQL_FETCHROW($result); - -// Free memory -SQL_FREERESULT($result); +if (!fetchUserData(getUserId())) { + // Something really bad happened + debug_report_bug('No user account ' . getUserId() . ' found.'); +} // END - if // Check for mode in GET $mode = ''; if (isGetRequestElementSet('mode')) $mode = getRequestElement('mode'); // Check for "faker" -if (($opt_in != 'Y') && ($mode == 'new')) $mode = ''; +if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) $mode = ''; switch ($mode) { case 'new': // Start new transfer @@ -489,7 +487,7 @@ KEY (`party_userid`) array(postRequestElement('opt_in'), getUserId()), __FILE__, __LINE__); // Rember for next switch() command - $opt_in = substr(postRequestElement('opt_in'), 0, 1); + getUserData('opt_in') = substr(postRequestElement('opt_in'), 0, 1); // "Settings saved..." loadTemplate('admin_settings_saved', false, "
    {--SETTINGS_SAVED--}
    "); @@ -501,10 +499,10 @@ KEY (`party_userid`) } // END - foreach // Set current selection - $content['allow_' . strtolower($opt_in)] = ' checked="checked"'; + $content['allow_' . strtolower(getUserData('opt_in'))] = ' checked="checked"'; // Set 'new transfer' link according to above option - switch ($opt_in) { + switch (getUserData('opt_in')) { case 'Y': $content['new_link'] = "{--TRANSFER_NOW_LINK--}"; break; diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php index 68027d126e..8eec798481 100644 --- a/inc/modules/member/what-wernis.php +++ b/inc/modules/member/what-wernis.php @@ -66,23 +66,16 @@ $content = array(); $points = false; if ((!isGetRequestElementSet('mode')) || (getRequestElement('mode') == 'choose')) { // Let the user choose what he wants to do $content['refid'] = getConfig(('wernis_refid')); - $content['wds66_id'] = 0; - - // Get WDS66 id - $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + $content['wernis_userid'] = 0; // Are there some entries? - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getUserId())) { // Fetch id - list($content['wds66_id']) = SQL_FETCHROW($result); + $content['wernis_userid'] = getUserData('wernis_userid'); } // END - if - // Free result - SQL_FREERESULT($result); - // Is there an id? - if ((!empty($content['wds66_id'])) && (!isGetRequestElementSet('mode'))) { + if ((!empty($content['wernis_userid'])) && (!isGetRequestElementSet('mode'))) { // Then use an other "mode" setRequestGetElement('mode', 'list'); @@ -162,43 +155,31 @@ if ((!isGetRequestElementSet('mode')) || (getRequestElement('mode') == 'choose') // Add fees to array WERNIS_ADD_FEES_TO_ARRAY($content); - // Get WDS66 id - $content['wds66_id'] = ''; - $result = SQL_QUERY_ESC("SELECT `wernis_userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); + // Init WDS66 userid + $content['wernis_userid'] = ''; // Are there some entries? - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getUserId())) { // Fetch id - list($content['wds66_id']) = SQL_FETCHROW($result); + $content['wernis_userid'] = getUserData('wernis_userid'); } // END - if - - // Free result - SQL_FREERESULT($result); } elseif ((getRequestElement('mode') == 'withdraw') && (getConfig('wernis_withdraw_active') == 'Y')) { // Get total points for just displaying them $points = countSumTotalData(getUserId(), 'user_points', 'points') - countSumTotalData(getUserId(), 'user_data', 'used_points'); // Prepare data for the template - $content['points'] = translateComma($points); - $content['min_points'] = translateComma(getConfig('wernis_min_withdraw')); - $content['wds66_id'] = ''; + $content['points'] = translateComma($points); + $content['min_points'] = translateComma(getConfig('wernis_min_withdraw')); + $content['wernis_userid'] = ''; // Add fees to array WERNIS_ADD_FEES_TO_ARRAY($content); // Get WDS66 id - $result = SQL_QUERY_ESC("SELECT `wernis_userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FILE__, __LINE__); - - // Are there some entries? - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getUserId())) { // Fetch id - list($content['wds66_id']) = SQL_FETCHROW($result); + $content['wernis_userid'] = getUserData('wernis_userid'); } // END - if - - // Free result - SQL_FREERESULT($result); } else { // Invalid mode! loadTemplate('admin_settings_saved', false, sprintf(getMessage('WERNIS_MEMBER_MODE_INVALID'), getRequestElement('mode'))); @@ -208,7 +189,7 @@ if ((!isGetRequestElementSet('mode')) || (getRequestElement('mode') == 'choose') // Is the formular sent? if ((isFormSent()) && (isGetRequestElementSet('mode'))) { // Is the user id and password set? - if (!isPostRequestElementSet(('wds66_id'))) { + if (!isPostRequestElementSet(('wernis_userid'))) { // Nothing entered in WDS66 user id loadTemplate('admin_settings_saved', false, getMessage('WERNIS_MEMBER_EMPTY_USERNAME')); } elseif (!isPostRequestElementSet(('wds66_password'))) { @@ -217,7 +198,7 @@ if ((isFormSent()) && (isGetRequestElementSet('mode'))) { } elseif (!isPostRequestElementSet(('amount'))) { // Nothing entered in amount loadTemplate('admin_settings_saved', false, getMessage('WERNIS_MEMBER_EMPTY_AMOUNT')); - } elseif (postRequestElement('wds66_id') != bigintval(postRequestElement('wds66_id'))) { + } elseif (postRequestElement('wernis_userid') != bigintval(postRequestElement('wernis_userid'))) { // Only numbers in account id! loadTemplate('admin_settings_saved', false, getMessage('WERNIS_MEMBER_INVALID_USERNAME')); } elseif (postRequestElement('amount') != bigintval(postRequestElement('amount'))) { @@ -232,14 +213,14 @@ if ((isFormSent()) && (isGetRequestElementSet('mode'))) { loadTemplate('admin_settings_saved', false, sprintf(getMessage('WERNIS_MEMBER_AMOUNT_SMALLER_MIN'), translateComma(getConfig('wernis_min_withdraw')))); } else { // All is fine here so do the withdraw - $success = WERNIS_EXECUTE_WITHDRAW(postRequestElement('wds66_id'), md5(postRequestElement('wds66_password')), postRequestElement('amount')); + $success = WERNIS_EXECUTE_WITHDRAW(postRequestElement('wernis_userid'), md5(postRequestElement('wds66_password')), postRequestElement('amount')); if ($success === true) { // Add it to this amount addPointsDirectly('wernis_withdraw', getUserId(), bigintval(postRequestElement('amount'))); // Update the user data as well.. SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1", - array(bigintval(postRequestElement('wds66_id')), getUserId()), __FILE__, __LINE__); + array(bigintval(postRequestElement('wernis_userid')), getUserId()), __FILE__, __LINE__); // All done! loadTemplate('admin_settings_saved', false, getMessage('WERNIS_MEMBER_WITHDRAW_DONE')); @@ -263,14 +244,14 @@ if ((isFormSent()) && (isGetRequestElementSet('mode'))) { loadTemplate('admin_settings_saved', false, sprintf(getMessage('WERNIS_MEMBER_PAYOUT_POINTS_DEPLETED'), bigintval(postRequestElement('amount')), bigintval($points))); } else { // All is fine here so do the withdraw - $success = WERNIS_EXECUTE_PAYOUT(postRequestElement('wds66_id'), postRequestElement('amount')); + $success = WERNIS_EXECUTE_PAYOUT(postRequestElement('wernis_userid'), postRequestElement('amount')); if ($success === true) { // Sub points subtractPoints('wernis_payout', getUserId(), postRequestElement('amount')); // Update WDS66 id SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1", - array(bigintval(postRequestElement('wds66_id')), getUserId()), __FILE__, __LINE__); + array(bigintval(postRequestElement('wernis_userid')), getUserId()), __FILE__, __LINE__); // All done! loadTemplate('admin_settings_saved', false, getMessage('WERNIS_MEMBER_PAYOUT_DONE')); diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 0221150793..1c9a5c64cf 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -580,10 +580,13 @@ function isMember () { if (isset($GLOBALS['is_member'])) { // Then return it return $GLOBALS['is_member']; - } // END - if + } elseif (getUserId() == 0) { + // No member + return false; + } - // Init global 'status' - $GLOBALS['status'] = false; + // Init global user data array + initUserData(); // Fix "deleted" cookies first fixDeletedCookies(array('userid', 'u_hash')); @@ -591,24 +594,16 @@ function isMember () { // Are cookies set? if ((isUserIdSet()) && (isSessionVariableSet('u_hash'))) { // Cookies are set with values, but are they valid? - $result = SQL_QUERY_ESC("SELECT `password`, `status`, `last_module`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Load data from cookies - list($password, $GLOBALS['status'], $mod, $onl) = SQL_FETCHROW($result); - + if (fetchUserData(getUserId()) === true) { // Validate password by created the difference of it and the secret key - $valPass = generatePassString($password); + $valPass = generatePassString(getUserData('password')); // Transfer last module and online time - if ((!empty($mod)) && (empty($GLOBALS['last_online']['module']))) { - // @TODO Try to rewrite this to one or more functions - $GLOBALS['last_online']['module'] = $mod; - $GLOBALS['last_online']['online'] = $onl; - } // END - if + $GLOBALS['last_online']['module'] = getUserData('last_module'); + $GLOBALS['last_online']['online'] = getUserData('last_online'); // So did we now have valid data and an unlocked user? - if (($GLOBALS['status'] == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { + if ((getUserData('status') == 'CONFIRMED') && ($valPass == getSession('u_hash'))) { // Account is confirmed and all cookie data is valid so he is definely logged in! :-) $ret = true; } else { @@ -621,9 +616,6 @@ function isMember () { //* DEBUG: */ print(__LINE__."***
    "); destroyUserSession(); } - - // Free memory - SQL_FREERESULT($result); } else { // Cookie data is invalid! //* DEBUG: */ print(__LINE__."///
    "); @@ -637,6 +629,77 @@ function isMember () { return $ret; } +// Fetch user data for given user id +function fetchUserData ($userid, $column='userid') { + // Don't look for invalid userids... + if ($userid < 1) { + // Invalid, so abort here + debug_report_bug('User id ' . $userid . ' is invalid.'); + } elseif (isset($GLOBALS['user_data'][$userid])) { + // Use cache, so it is fine + return true; + } + + // By default none was found + $found = false; + + // Do we have userid/refid? + if (($column == 'userid') || ($column == 'refid')) { + // Then secure the id + $userid = bigintval($userid); + } // END - if + + // Query for the user + $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `%s`='%s' LIMIT 1", + array($column, $userid), __FUNCTION__, __LINE__); + + // Do we have a record? + if (SQL_NUMROWS($result) == 1) { + // Load data from cookies + $data = SQL_FETCHARRAY($result); + + // Set the userid for later use + setCurrentUserId($data['userid']); + $GLOBALS['user_data'][getCurrentUserId()] = $data; + + // Rewrite 'last_failure' if found + if (isset($GLOBALS['user_data'][getCurrentUserId()]['last_failure'])) { + // Backup the raw one and zero it + $GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] = $GLOBALS['user_data'][getCurrentUserId()]['last_failure']; + $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = 0; + + // Is it not zero? + if ($GLOBALS['user_data'][getCurrentUserId()]['last_failure_raw'] != '0000-00-00 00:00:00') { + // Seperate data/time + $array = explode(' ', $GLOBALS['user_data'][getCurrentUserId()]['last_failure']); + + // Seperate data and time again + $array['date'] = explode('-', $array[0]); + $array['time'] = explode(':', $array[1]); + + // Now pass it to mktime() + $GLOBALS['user_data'][getCurrentUserId()]['last_failure'] = mktime( + $array['time'][0], + $array['time'][1], + $array['time'][2], + $array['date'][1], + $array['date'][2], + $array['date'][0] + ); + } // END - if + } // END - if + + // Found, but valid? + $found = isUserDataValid(); + } // END - if + + // Free memory + SQL_FREERESULT($result); + + // Return result + return $found; +} + // This patched function will reduce many SELECT queries for the specified or current admin login function isAdmin ($admin = '') { // Init variables @@ -824,24 +887,22 @@ function isMenuActionValid ($mode, $action, $what, $updateEntry=false) { return $ret; } -// +// Send out mails depending on the 'mod/modes' combination +// @TODO Lame description for this function function sendModeMails ($mod, $modes) { // Load hash - $result_main = SQL_QUERY_ESC("SELECT `password` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); - if (SQL_NUMROWS($result_main) == 1) { - // Load hash from database - list($hashDB) = SQL_FETCHROW($result_main); - + if (fetchUserData(getUserId())) { // Extract salt from cookie $salt = substr(getSession('u_hash'), 0, -40); // Now let's compare passwords - $hash = generatePassString($hashDB); + $hash = generatePassString(getUserData('password')); + + // Does the hash match or should we change it? if (($hash == getSession('u_hash')) || (postRequestElement('pass1') == postRequestElement('pass2'))) { // Load user's data 0 1 2 3 4 5 6 7 $result = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, country, zip, city, email FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND password='%s' LIMIT 1", - array(getUserId(), $hashDB), __FUNCTION__, __LINE__); + array(getUserId(), getUserData('password')), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load the data $content = SQL_FETCHARRAY($result, 0, false); @@ -853,7 +914,7 @@ function sendModeMails ($mod, $modes) { $content['gender'] = translateGender($content['gender']); // Clear/init the content variable - $content['info'] = ''; + $content['message'] = ''; switch ($mod) { case 'mydata': @@ -870,10 +931,10 @@ function sendModeMails ($mod, $modes) { default: logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode)); - $content['message'] = getMessage('MEMBER_UNKNOWN_MODE').": ".$mode."\n\n"; + $content['message'] = getMessage('MEMBER_UNKNOWN_MODE') . ': ' . $mode . "\n\n"; break; } // END - switch - } // END - if + } // END - foreach if (isExtensionActive('country')) { // Replace code with description @@ -1256,14 +1317,10 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify if ($locked === true) $data = 'locked_points'; // Check user account - $result_user = SQL_QUERY_ESC("SELECT `refid`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval($userid)), __FUNCTION__, __LINE__); - - //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid},numRows=".SQL_NUMROWS($result_user).",points={$points}
    "); - if (SQL_NUMROWS($result_user) == 1) { + //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid},points={$points}
    "); + if (fetchUserData($userid)) { // This is the user and his ref - list($ref, $email) = SQL_FETCHROW($result_user); - $GLOBALS['cache_array']['add_userid'][$ref] = $userid; + $GLOBALS['cache_array']['add_userid'][getUserData('refid')] = $userid; // Get percents $per = getReferalLevelPercents($GLOBALS['ref_level']); @@ -1296,20 +1353,20 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify } // END - if // Points updated, maybe I shall send him an email? - if (($sendNotify === true) && ($ref > 0) && ($locked === false)) { + if (($sendNotify === true) && (getUserData('refid') > 0) && ($locked === false)) { // Prepare content $content = array( 'percents' => $per, 'level' => bigintval($GLOBALS['ref_level']), 'points' => $ref_points, - 'refid' => bigintval($ref) + 'refid' => getUserData('refid') ); // Load email template $message = loadEmailTemplate('confirm-referal', $content, bigintval($userid)); - sendEmail($email, THANX_REFERRAL_ONE, $message); - } elseif (($sendNotify) && ($ref == 0) && ($locked === false) && ($add_mode == 'direct')) { + sendEmail(getUserData('email'), THANX_REFERRAL_ONE, $message); + } elseif (($sendNotify) && (getUserData('refid') == 0) && ($locked === false) && ($add_mode == 'direct')) { // Prepare content $content = array( 'text' => getMessage('REASON_DIRECT_PAYMENT'), @@ -1320,21 +1377,19 @@ function addPointsThroughReferalSystem ($subject, $userid, $points, $sendNotify $message = loadEmailTemplate('add-points', $content, $userid); // And sent it away - sendEmail($email, getMessage('SUBJECT_DIRECT_PAYMENT'), $message); + sendEmail(getUserData('email'), getMessage('SUBJECT_DIRECT_PAYMENT'), $message); if (!isGetRequestElementSet('mid')) loadTemplate('admin_settings_saved', false, getMessage('ADMIN_POINTS_ADDED')); } // Maybe there's another ref? - if (($ref > 0) && ($points > 0) && ($ref != $userid) && ($add_mode == 'ref')) { + if ((getUserData('refid') > 0) && ($points > 0) && (getUserData('refid') != $userid) && ($add_mode == 'ref')) { // Then let's credit him here... - //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid},ref={$ref},points={$points} - ADVANCE!
    "); - addPointsThroughReferalSystem(sprintf("%s_ref:%s", $subject, $GLOBALS['ref_level']), $ref, $points, $sendNotify, $ref, $locked); + //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid},ref=".getUserData('refid').",points={$points} - ADVANCE!
    "); + addPointsThroughReferalSystem(sprintf("%s_ref:%s", $subject, $GLOBALS['ref_level']), getUserData('refid'), $points, $sendNotify, getUserData('refid'), $locked); } // END - if } // END - if } // END - if - // Free result - SQL_FREERESULT($result_user); //* DEBUG: */ print("----------------------- ".__FUNCTION__." - EXIT ------------------------
    "); } @@ -1357,15 +1412,15 @@ function updateReferalCounter ($userid) { //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid}
    "); } // END - if - // Check for his referal - $result = SQL_QUERY_ESC("SELECT `refid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FUNCTION__, __LINE__); + // Init referal id + $ref = 0; - // Load refid - list($ref) = SQL_FETCHROW($result); + // Check for his referal + if (fetchUserData($userid)) { + // Get it + $ref = getUserData('refid'); + } // END - if - // Free memory - SQL_FREERESULT($result); //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):userid={$userid},ref={$ref}
    "); // When he has a referal... diff --git a/inc/pool/pool-bonus.php b/inc/pool/pool-bonus.php index 630562a089..66c350fdf1 100644 --- a/inc/pool/pool-bonus.php +++ b/inc/pool/pool-bonus.php @@ -87,14 +87,8 @@ if ($GLOBALS['pool_cnt'] < getConfig('max_send')) { // We can now send mails to them... foreach ($RECEIVERS as $key => $userid) { // Load personal data - //* DEBUG: */ print("*L:".__LINE__.'/'.$userid."*
    "); - $result_user = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - - // Is his data available? - if (SQL_NUMROWS($result_user) == 1) { + if (fetchUserData($userid)) { // The final receiver does exists so we can continue... - list($surname, $family, $email) = SQL_FETCHROW($result_user); //* DEBUG: */ print("OK!/L:".__LINE__."
    "); // Mark this user as "spammed" ;-) And place a line for him... @@ -120,10 +114,10 @@ if ($GLOBALS['pool_cnt'] < getConfig('max_send')) { // Send mail away if (isset($DATA['html_msg'])) { // Send HTML? - sendEmail($email, $DATA['subject'], $mailText, $DATA['html_msg']); + sendEmail(getUserData('email'), $DATA['subject'], $mailText, $DATA['html_msg']); } else { // No HTML mail! - sendEmail($email, $DATA['subject'], $mailText); + sendEmail(getUserData('email'), $DATA['subject'], $mailText); } // Count one up and remove entry from dummy array @@ -143,10 +137,7 @@ if ($GLOBALS['pool_cnt'] < getConfig('max_send')) { } // END - if } // END - if } // END - if - - // Free some memory - SQL_FREERESULT($result_user); - } + } // END - foreach // Update mediadata if version is 0.0.4 or higher if (getExtensionVersion('mediadata') >= '0.0.4') { diff --git a/inc/pool/pool-user.php b/inc/pool/pool-user.php index a2d1bc1bfd..b6b705170c 100644 --- a/inc/pool/pool-user.php +++ b/inc/pool/pool-user.php @@ -92,18 +92,8 @@ if (SQL_NUMROWS($result_main) > 0) { // We can now send mails to them... foreach ($RECEIVERS as $key => $userid) { // Lookup user id - $result_user = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - - // Is his data available? //* DEBUG: */ outputHtml("*L:".__LINE__.'/'.SQL_NUMROWS($result_user)."*
    "); - if (SQL_NUMROWS($result_user) == 1) { - // The final receiver does exists so we can continue... - list($gender, $surname, $family, $email) = SQL_FETCHROW($result_user); - - // Free memory - SQL_FREERESULT($result_user); - + if (fetchUserData($userid)) { // Do we have a stats entry? $result_stats = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s AND `userid`=%s AND timestamp_ordered='%s' LIMIT 1", array($DATA['id'], $DATA['sender'], $DATA['timestamp']), __FILE__, __LINE__); @@ -131,9 +121,9 @@ if (SQL_NUMROWS($result_main) > 0) { case 'done': // Prepare the mail $DATA['stats_id'] = bigintval($stats_id); - $DATA['surname'] = $surname; - $DATA['family'] = $family; - $DATA['gender'] = translateGender($gender); + $DATA['surname'] = getUserData('surname'); + $DATA['family'] = getUserData('family'); + $DATA['gender'] = translateGender(getUserData('gender')); // Replace text variables foreach ($GLOBALS['replacer'] as $key => $value) { @@ -155,7 +145,7 @@ if (SQL_NUMROWS($result_main) > 0) { $mailText = loadEmailTemplate('normal-mail', $content, bigintval($userid)); // Send mail away - sendEmail($email, $DATA['subject'], $mailText, $HTML); + sendEmail(getUserData('email'), $DATA['subject'], $mailText, $HTML); // Count sent mails... SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET emails_sent=emails_sent+1 WHERE `userid`=%s LIMIT 1", @@ -203,24 +193,14 @@ if (SQL_NUMROWS($result_main) > 0) { sendAdminNotification(getMessage('ADMIN_SUBJ_SEND_DONE'), 'done-admin', $content, $userid); // Get sender's data - $result_sender = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($DATA['sender'])), __FILE__, __LINE__); - - // Is the sender found? - if (SQL_NUMROWS($result_sender) == 1) { - // Load data and prepare mail - list($surname, $family, $email) = SQL_FETCHROW($result_sender); - + if (fetchUserData($DATA['sender'])) { // Load email template $mailText = loadEmailTemplate('done-member', $content, $DATA['sender']); // Send it also waway - sendEmail($email, getMessage('MEMBER_SUBJ_SEND_DONE'), $mailText); + sendEmail(getUserData('email'), getMessage('MEMBER_SUBJ_SEND_DONE'), $mailText); } // END - if - // Free result - SQL_FREERESULT($result_sender); - // Set status to SEND because we completely send it away SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_pool` SET `data_type`='SEND', `target_send`=0, `receivers`='' WHERE `id`=%s LIMIT 1", array(bigintval($DATA['id'])), __FILE__, __LINE__); @@ -300,19 +280,12 @@ if (SQL_NUMROWS($result_main) > 0) { ); // We have to pay back some points to the sender (we add them directly :-P) - $result = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval($userid)), __FILE__, __LINE__); - - // User found? - if (SQL_NUMROWS($result) == 1) { - // Get email - list($email) = SQL_FETCHROW($result); - + if (fetchUserData($userid)) { // User account does exists, so we can safely pay back! $mailText = loadEmailTemplate('back-member', $content, bigintval($userid)); // Send mail out to member - sendEmail($email, getMessage('MEMBER_BACK_JACKPOT') . ' (' . $userid . ')', $mailText); + sendEmail(getUserData('email'), getMessage('MEMBER_BACK_JACKPOT') . ' (' . $userid . ')', $mailText); } elseif (isExtensionActive('jackpot')) { // Add to jackpot addPointsToJackpot($PB); @@ -320,9 +293,6 @@ if (SQL_NUMROWS($result_main) > 0) { // Send mail out to admin sendAdminNotification(getMessage('ADMIN_BACK_JACKPOT') . ' (' . $userid . ')', 'back-admin', $content, 'admin'); } - - // Free result - SQL_FREERESULT($result); } // END - if } // END - foreach } // END - if diff --git a/inc/session.php b/inc/session.php index 71e6eca53d..79428ddbba 100644 --- a/inc/session.php +++ b/inc/session.php @@ -71,9 +71,6 @@ if (isSessionVariableSet('userid')) { if (!isMember()) { // Then destroy the user id destroyUserSession(); - - // Kill userid - setUserId(0); } // END - if } // END - if diff --git a/inc/wrapper-functions.php b/inc/wrapper-functions.php index b76f513d39..2ad98e13da 100644 --- a/inc/wrapper-functions.php +++ b/inc/wrapper-functions.php @@ -443,15 +443,15 @@ function isNicknameUsed ($userid) { $isUsed = false; // Is the cache there - if (isset($GLOBALS['cache_probe_nicknames'][$userid])) { + if (isset($GLOBALS['is_nickname_used'][$userid])) { // Then use it - $isUsed = $GLOBALS['cache_probe_nicknames'][$userid]; + $isUsed = $GLOBALS['is_nickname_used'][$userid]; } else { // Determine it $isUsed = ((isExtensionActive('nickname')) && (('' . round($userid) . '') != $userid)); // And write it to the cache - $GLOBALS['cache_probe_nicknames'][$userid] = $isUsed; + $GLOBALS['is_nickname_used'][$userid] = $isUsed; } // Return the result @@ -708,5 +708,49 @@ function setAdminHash ($admin, $hash) { $GLOBALS['cache_array']['admin']['password'][$admin] = $hash; } +// Init user data array +function initUserData () { + // User id should not be zero + if (getCurrentUserId() == 0) debug_report_bug('User id is zero.'); + + // Init the user + $GLOBALS['user_data'][getCurrentUserId()]['status'] = 'GUEST'; +} + +// Getter for user data +function getUserData ($column) { + // User id should not be zero + if (getCurrentUserId() == 0) debug_report_bug('User id is zero.'); + + // Return the value + return $GLOBALS['user_data'][getCurrentUserId()][$column]; +} + +// Geter for whole user data array +function gerUserDataArray () { + // Get the whole array + return $GLOBALS['user_data']; +} + +// Checks if the user data is valid, this may indicate that the user has logged +// in, but you should use isMember() if you want to find that out. +function isUserDataValid () { + // User id should not be zero + if (getCurrentUserId() == 0) debug_report_bug('User id is zero.'); + + // Is the array there and filled? + return ((isset($GLOBALS['user_data'][getCurrentUserId()])) && (count($GLOBALS['user_data'][getCurrentUserId()]) > 1)); +} + +// Setter for current userid +function setCurrentUserId ($userid) { + $GLOBALS['current_userid'] = bigintval($userid); +} + +// Getter for current userid +function getCurrentUserId () { + return $GLOBALS['current_userid']; +} + // [EOF] ?> diff --git a/lead-confirm.php b/lead-confirm.php index 133c95a66c..47024cf435 100644 --- a/lead-confirm.php +++ b/lead-confirm.php @@ -69,14 +69,12 @@ $content = array( // Is the cookie set? if (isSessionVariableSet('lead_userid')) { // Is the user-account unlocked and valid? - $result = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array(bigintval(getSession('lead_userid'))), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getSession('lead_userid'))) { // Secure the id number $content['lead_userid'] = bigintval(getSession('lead_userid')); // Load the email address - list($email) = SQL_FETCHROW($result); + $content['lead_email'] = getUserData('email'); } else { // Not found! $content['lead_userid'] = 0; diff --git a/mailid.php b/mailid.php index 81778853ab..68dfb1cfe1 100644 --- a/mailid.php +++ b/mailid.php @@ -124,12 +124,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr setExtraTitle($title); // Is the user's id unlocked? - $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array($url_userid), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - list($status, $gender, $surname, $family) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - if ($status == 'CONFIRMED') { + if (fetchUserData($url_userid)) { + // Status must be CONFIRMED + if (getUserData('status') == 'CONFIRMED') { // User has confirmed his account so we can procede... // @TODO Rewrite this to a filter switch ($ltype) { @@ -190,7 +187,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr $errorCode = getCode('POSSIBLE_INVALID'); } } else { - $errorCode = getCode('ACCOUNT_' . $status); + $errorCode = getCode('ACCOUNT_' . getUserData('status')); } } else { $errorCode = getCode('USER_404'); diff --git a/mailid_top.php b/mailid_top.php index baa25eb604..6a4e32f4a5 100644 --- a/mailid_top.php +++ b/mailid_top.php @@ -127,17 +127,10 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr // Set sender to 0 when we have a bonus mail if ($ltype == 'BONUS') $sender = 0; - // Is the user's id unlocked? - $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array($url_userid), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Load data - list($status, $gender, $surname, $family, $ref_pay) = SQL_FETCHROW($result); - - // Free some memory - SQL_FREERESULT($result); - - if ($status == 'CONFIRMED') { + // Is the user id valid? + if (fetchUserData($url_userId) === true) { + // Is the user status CONFIRMED? + if (getUserData('status') == 'CONFIRMED') { // User has confirmed his account so we can procede... // @TODO Rewrite this to a filter switch ($ltype) { @@ -233,13 +226,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr if (getExtensionVersion('user') >= '0.1.2') { // Update counter SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1", - array($url_userid), __FILE__, __LINE__); + array($url_userid), __FILE__, __LINE__); // Update random confirmed as well? if (getExtensionVersion('user') >= '0.3.4') { // Update second counter SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE `userid`=%s LIMIT 1", - array($url_userid), __FILE__, __LINE__); + array($url_userid), __FILE__, __LINE__); } // END - if } // END - if @@ -253,7 +246,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr $template = 'mailid_points_done'; // Right code entered add points and remove entry - if (($ref_pay > 0) && (getConfig('allow_direct_pay') != 'Y')) { + if ((getUserData('ref_payout') > 0) && (getConfig('allow_direct_pay') != 'Y')) { // Don't add points over the referal system $locked = true; $template = 'mailid_points_locked'; diff --git a/ref.php b/ref.php index 12cf4cf7e4..700491851a 100644 --- a/ref.php +++ b/ref.php @@ -49,68 +49,47 @@ require('inc/config-global.php'); // No refid by default $URL = 'index.php'; -// Invalid request by default -$ref = 0; - -// Base URL for redirection -switch (getConfig('refid_target')) { - case 'register': - $URL = 'modules.php?module=index&what=register&refid='; - break; - - case 'index': - $URL = 'index.php?refid='; - break; -} // END - switch - -// Get referal id from ref or refid variable -if (isGetRequestElementSet('ref')) $ref = getRequestElement('ref'); - elseif (isGetRequestElementSet('refid')) $ref = getRequestElement('refid'); - -if (!empty($ref)) { +if (determineReferalId() > 0) { // Test if nickname or numeric id if (isExtensionActive('nickname')) { // Nickname in URL, so load the id - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1", - array($ref), __FILE__, __LINE__); + fetchUserData(determineReferalId(), 'nickname'); // Do we have an entry? - if (SQL_NUMROWS($result) == 1) { + if (isUserDataValid()) { // Load userid - list($ref) = SQL_FETCHROW($result); + $GLOBALS['refid'] = getUserData('userid'); } else { // So do we have a userid? - $result2 = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`='%s' LIMIT 1", - array($ref), __FILE__, __LINE__); + fetchUserData(determineReferalId()); // Do we have an entry? - if (SQL_NUMROWS($result2) == 0) { + if (!isUserDataValid()) { // No entry, so no referal id - $ref = 0; + $GLOBALS['refid'] = getConfig('def_refid'); } // END - if - - // Free result - SQL_FREERESULT($result2); } - - // Free result - SQL_FREERESULT($result); } // END - if - // Also edit this 0 ! - if (empty($ref)) $ref = 0; - // Update session - setSession('refid', $ref); - - // We have an refid here. So we simply add it - $URL .= bigintval($ref); + setSession('refid', determineReferalId()); // Is the refid valid? - if ($ref > 0) { + if (determineReferalId() > 0) { // Update ref counter SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `ref_clicks`=`ref_clicks`+1 WHERE `userid`=%s LIMIT 1", - array(bigintval($ref)), __FILE__, __LINE__); + array(determineReferalId()), __FILE__, __LINE__); + + // Base URL for redirection + switch (getConfig('refid_target')) { + case 'register': + $URL = 'modules.php?module=index&what=register'; + break; + + case 'index': + $URL = 'index.php'; + break; + } // END - switch } // END - if } // END - if diff --git a/sponsor_ref.php b/sponsor_ref.php index 85d81bed96..186283f6af 100644 --- a/sponsor_ref.php +++ b/sponsor_ref.php @@ -50,14 +50,10 @@ require('inc/config-global.php'); // Base URL for redirection $URL = 'modules.php?module=index&what=sponsor_reg&refid='; -// Get referal id from ref or refid variable -$ref = 0; -if (isGetRequestElementSet('ref')) $ref = bigintval(getRequestElement('ref')); - elseif (isGetRequestElementSet('refid')) $ref = bigintval(getRequestElement('refid')); - -if (!empty($ref)) { +// Do we have a referal id? +if (!empty($GLOBALS['refid'])) { // We have an refid here. So we simply add it - $URL .= $ref; + $URL .= $GLOBALS['refid']; } else { // No refid so we redirect to the index page $URL = 'index.php'; diff --git a/templates/de/html/beg/beg_link.tpl b/templates/de/html/beg/beg_link.tpl index 6a7634ffeb..4c3b20e6af 100644 --- a/templates/de/html/beg/beg_link.tpl +++ b/templates/de/html/beg/beg_link.tpl @@ -21,7 +21,7 @@ - {--BEG_CONTINUE_REGISTER--} + {--BEG_CONTINUE_REGISTER--} diff --git a/templates/de/html/guest/guest_beg.tpl b/templates/de/html/guest/guest_beg.tpl index ab187e255a..0a97ca18b8 100644 --- a/templates/de/html/guest/guest_beg.tpl +++ b/templates/de/html/guest/guest_beg.tpl @@ -36,7 +36,7 @@ {--BEG_CONTINUE_REGISTER--} + href="{?URL?}/ref.php?refid=$content[userid]">{--BEG_CONTINUE_REGISTER--} diff --git a/templates/de/html/member/member_reflink.tpl b/templates/de/html/member/member_reflink.tpl index 2233ab3471..a582d3df87 100644 --- a/templates/de/html/member/member_reflink.tpl +++ b/templates/de/html/member/member_reflink.tpl @@ -2,7 +2,7 @@ {--YOUR_PERSONAL_REFLINK--}:
    - {?URL?}/ref.php?ref=$content[userid] + {?URL?}/ref.php?refid=$content[userid]
    $content[nickname_content]
    diff --git a/templates/de/html/member/member_reflink_nickname.tpl b/templates/de/html/member/member_reflink_nickname.tpl index 26a26e7e89..3020254d50 100644 --- a/templates/de/html/member/member_reflink_nickname.tpl +++ b/templates/de/html/member/member_reflink_nickname.tpl @@ -2,5 +2,5 @@ {--NICKNAME_YOUR_REFLINK--}:
    - {?URL?}/ref.php?ref=$content + {?URL?}/ref.php?refid=$content
    diff --git a/templates/de/html/member/member_wernis_mode_payout.tpl b/templates/de/html/member/member_wernis_mode_payout.tpl index 00ef051cd9..8be8622ad5 100644 --- a/templates/de/html/member/member_wernis_mode_payout.tpl +++ b/templates/de/html/member/member_wernis_mode_payout.tpl @@ -20,7 +20,7 @@ {--WERNIS_MEMBER_WDS66_ID--}   - + {--WERNIS_MEMBER_WDS66_PASSWORD--} diff --git a/templates/de/html/member/member_wernis_mode_withdraw.tpl b/templates/de/html/member/member_wernis_mode_withdraw.tpl index 7ea34e47cc..c1b8e3ab78 100644 --- a/templates/de/html/member/member_wernis_mode_withdraw.tpl +++ b/templates/de/html/member/member_wernis_mode_withdraw.tpl @@ -21,7 +21,7 @@ {--WERNIS_MEMBER_WDS66_ID--}   - + {--WERNIS_MEMBER_WDS66_PASSWORD--} -- 2.30.2