From b7a3b394d4639834ad8466fbc4ab06694a4d4569 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Mon, 29 Jul 2013 22:47:06 +0000
Subject: [PATCH] Some fixes: - added default value for optional parameter
 (better understanding) - some double quotes converted to single - fixes for
 Wernis API

---
 inc/extensions/bonus/mode-update.php     |  2 +-
 inc/functions.php                        |  4 ++--
 inc/http-functions.php                   |  2 +-
 inc/libs/wernis_functions.php            | 13 +++++++++++--
 inc/modules/admin/what-config_wernis.php |  6 ++++--
 inc/modules/admin/what-list_beg.php      |  2 +-
 inc/modules/admin/what-list_bonus.php    |  2 +-
 inc/modules/member/what-wernis.php       |  8 ++++----
 inc/template-functions.php               |  4 ++--
 9 files changed, 27 insertions(+), 16 deletions(-)

diff --git a/inc/extensions/bonus/mode-update.php b/inc/extensions/bonus/mode-update.php
index 8c9997f2ff..49a882a081 100644
--- a/inc/extensions/bonus/mode-update.php
+++ b/inc/extensions/bonus/mode-update.php
@@ -292,7 +292,7 @@ INDEX `userid` (`userid`)",
 
 			case '0.5.6': // SQL queries for v0.5.6
 				// Get current month
-				$curr = padLeftZero(getMonth());
+				$curr = padLeftZero(getMonth(), 2);
 				if ($curr == '00') $curr = '12';
 
 				// Generate timemark...
diff --git a/inc/functions.php b/inc/functions.php
index c2c7101ca9..1054326b78 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -939,7 +939,7 @@ function encodeHashForCookie ($passHash) {
 
 			$mod = substr($mod, 0, 2);
 			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'idx=' . $idx . ',part1=' . $part1 . '/part2=' . $part2 . '/mod=' . $mod . '(' . strlen($mod) . ')');
-			$mod = padLeftZero($mod);
+			$mod = padLeftZero($mod, 2);
 			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'mod(' . ($idx * 2) . ')=' . $mod . '*');
 			$start += 2;
 			$newHash .= $mod;
@@ -2724,7 +2724,7 @@ function hashSha256 ($str) {
 	$hex = '';
 	for ($i = 0; $i < strlen($hash); $i++) {
 		// Encode char to decimal, pad it with zero, add it
-		$hex .= padLeftZero(dechex(ord(substr($hash, $i, 1))));
+		$hex .= padLeftZero(dechex(ord(substr($hash, $i, 1))), 2);
 	} // END - if
 
 	// Return it
diff --git a/inc/http-functions.php b/inc/http-functions.php
index 4fc66c95a5..1dea0788ec 100644
--- a/inc/http-functions.php
+++ b/inc/http-functions.php
@@ -278,7 +278,7 @@ function sendHttpPostRequest ($baseUrl, $requestData = array(), $removeHeader =
 	$body = http_build_query($requestData, '', '&');
 
 	// Generate POST request header
-	$request  = 'POST ' . (isProxyUsed() === TRUE ? $baseUrl : '') . trim($baseUrl) . ' HTTP/1.0' . getConfig('HTTP_EOL');
+	$request  = 'POST ' . (isProxyUsed() === TRUE ? $getUrl : '') . trim($getUrl) . ' HTTP/1.0' . getConfig('HTTP_EOL');
 	$request .= 'Host: ' . $host . getConfig('HTTP_EOL');
 	$request .= 'Referer: ' . getUrl() . '/admin.php' . getConfig('HTTP_EOL');
 	if (isConfigEntrySet('FULL_VERSION')) {
diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php
index 0868db2f3d..b7c369d21b 100644
--- a/inc/libs/wernis_functions.php
+++ b/inc/libs/wernis_functions.php
@@ -190,7 +190,7 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) {
 				break;
 
 			default: // Unknown error (maybe new?)
-				logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown error %s from WDS66 API received.", $data[1]));
+				logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error %s from WDS66 API received.', $data[1]));
 				$return = array(
 					'status'  => 'request_failed',
 					'message' => '{%message,WERNIS_API_REQUEST_FAILED=' . $data[1] . '%}'
@@ -211,11 +211,20 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) {
 
 // Tests the function by calling balance.php on the API
 function WERNIS_TEST_API () {
+	// Only as admin
+	assert(isAdmin());
+
 	// Result is always failed
 	$result = FALSE;
 
+	// Prepare the request data
+	$requestData = array(
+		't_uid'       => getWernisRefid(),
+		't_md5'       => getWernisPassMd5()
+	);
+
 	// Return the result from the lower functions
-	$return = WERNIS_SEND_REQUEST('balance.php');
+	$return = WERNIS_SEND_REQUEST('balance.php', $requestData);
 
 	// Did it went smoothly?
 	if ($return['status'] == 'OK') {
diff --git a/inc/modules/admin/what-config_wernis.php b/inc/modules/admin/what-config_wernis.php
index 74770402dc..7acf89891c 100644
--- a/inc/modules/admin/what-config_wernis.php
+++ b/inc/modules/admin/what-config_wernis.php
@@ -44,6 +44,9 @@ if ((!defined('__SECURITY')) || (!isAdmin())) {
 addYouAreHereLink('admin', __FILE__);
 
 if (isFormSent('save_config')) {
+	// Hash the password and remove clear-text
+	setPostRequestElement('wernis_pass_md5', hashSha256(postRequestElement('wernis_pass')));
+
 	// First merge temporarily the new API data into the current config
 	mergeConfig(postRequestArray());
 
@@ -54,8 +57,7 @@ if (isFormSent('save_config')) {
 			setPostRequestElement('wernis_' . $revert, postRequestElement('wernis_' . $revert));
 		} // END - if
 
-		// Hash the password and remove clear-text
-		setPostRequestElement('wernis_pass_md5', hashSha256(postRequestElement('wernis_pass')));
+		// Remove clear password
 		unsetPostRequestElement('wernis_pass');
 
 		// Save settings
diff --git a/inc/modules/admin/what-list_beg.php b/inc/modules/admin/what-list_beg.php
index 7f2e2f06f9..14f786730a 100644
--- a/inc/modules/admin/what-list_beg.php
+++ b/inc/modules/admin/what-list_beg.php
@@ -47,7 +47,7 @@ if (isBegRallyeEnabled()) {
 	// Shall I withdraw now?
 	if (isPostRequestElementSet('withdraw')) {
 		// Okay, let's prepare...
-		$curr = padLeftZero(getMonth() - 1);
+		$curr = padLeftZero(getMonth() - 1, 2);
 		updateConfiguration('last_monthly', $curr);
 		displayMessage('{--ADMIN_BEG_WITHDRAW_PREPARED--}');
 	} // END - if
diff --git a/inc/modules/admin/what-list_bonus.php b/inc/modules/admin/what-list_bonus.php
index 0d49bf5e94..a9c155c40c 100644
--- a/inc/modules/admin/what-list_bonus.php
+++ b/inc/modules/admin/what-list_bonus.php
@@ -47,7 +47,7 @@ if (isBonusRallyeActive()) {
 	// Shall I withdraw now?
 	if (isPostRequestElementSet('withdraw')) {
 		// Okay, let's prepare...
-		$curr = padLeftZero(getMonth() - 1);
+		$curr = padLeftZero(getMonth() - 1, 2);
 		updateConfiguration('last_monthly', $curr);
 		displayMessage('{--ADMIN_BONUS_WITHDRAW_PREPARED--}');
 	} // END - if
diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php
index eec5f13309..b5d5e31cfd 100644
--- a/inc/modules/member/what-wernis.php
+++ b/inc/modules/member/what-wernis.php
@@ -179,7 +179,7 @@ if ((isFormSent()) && (isGetRequestElementSet('do'))) {
 						addPointsThroughReferralSystem('wernis_withdraw', getMemberId(), bigintval(postRequestElement('amount')));
 
 						// Update the user data as well..
-						sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1",
+						sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1',
 							array(bigintval(postRequestElement('wernis_userid')), getMemberId()), __FILE__, __LINE__);
 
 						// All done!
@@ -210,7 +210,7 @@ if ((isFormSent()) && (isGetRequestElementSet('do'))) {
 						subtractPoints('wernis_payout', getMemberId(), postRequestElement('amount'));
 
 						// Update WDS66 id
-						sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1",
+						sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `wernis_userid`=%s WHERE `userid`=%s LIMIT 1',
 							array(bigintval(postRequestElement('wernis_userid')), getMemberId()), __FILE__, __LINE__);
 
 						// All done!
@@ -227,7 +227,7 @@ if ((isFormSent()) && (isGetRequestElementSet('do'))) {
 				break;
 
 			default: // Invalid mode!
-				logDebugMessage(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", getRequestElement('do')));
+				logDebugMessage(__FILE__, __LINE__, sprintf('Invalid mode %s detected.', getRequestElement('do')));
 				displayMessage('{%message,MEMBER_WERNIS_MODE_INVALID=' . getRequestElement('do') . '%}');
 				return;
 		} // END - switch
@@ -235,7 +235,7 @@ if ((isFormSent()) && (isGetRequestElementSet('do'))) {
 } // END - if
 
 // Prepare mode for template name
-$mode = sprintf("member_wernis_mode_%s", getRequestElement('do'));
+$mode = sprintf('member_wernis_mode_%s', getRequestElement('do'));
 
 // Load the template
 loadTemplate($mode, FALSE, $content);
diff --git a/inc/template-functions.php b/inc/template-functions.php
index 73bf31ae00..d3419dd80a 100644
--- a/inc/template-functions.php
+++ b/inc/template-functions.php
@@ -859,7 +859,7 @@ function addSelectionBox ($type, $default, $prefix = '', $id = NULL, $class = 'f
 
 		case 'ho': // Hours
 			for ($idx = 0; $idx <= 23; $idx++) {
-				$padded = padLeftZero($idx);
+				$padded = padLeftZero($idx, 2);
 				$OUT .= '<option value="' . $padded . '"';
 				if ($default == $padded) $OUT .= ' selected="selected"';
 				$OUT .= '>' . $padded . '</option>';
@@ -869,7 +869,7 @@ function addSelectionBox ($type, $default, $prefix = '', $id = NULL, $class = 'f
 		case 'mi': // Minutes
 		case 'se': // Seconds
 			for ($idx = 0; $idx <= 59; $idx+=5) {
-				$padded = padLeftZero($idx);
+				$padded = padLeftZero($idx, 2);
 				$OUT .= '<option value="' . $padded . '"';
 				if ($default == $padded) $OUT .= ' selected="selected"';
 				$OUT .= '>' . $padded . '</option>';
-- 
2.30.2