beg.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 01/09/2005 *
   4  * ===============                              Last change: 01/09/2005 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : beg.php                                          *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Beg link for members                             *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Load security stuff here
  40 require('inc/libs/security_functions.php');
  41
  42 // Init start time
  43 $GLOBALS['startTime'] = microtime(true);
  44
  45 // Set module
  46 $GLOBALS['module'] = 'beg';
  47 $GLOBALS['output_mode'] = -1;
  48 $errorCode = null;
  49
  50 // Load the required file(s)
  51 require('inc/config-global.php');
  52
  53 // Set content type
  54 setContentType('text/html');
  55
  56 // Is the 'beg' extension active?
  57 REDIRCT_ON_UNINSTALLED_EXTENSION('beg');
  58
  59 // Check for userid
  60 if (isGetRequestElementSet('userid')) {
  61         // Init variables
  62         $userid = 0;
  63         $result = false;
  64         $points = 0;
  65
  66         // Don't pay is the default...
  67         $pay = false;
  68
  69         // Validate if it is not a number
  70         if (''.(getRequestElement('userid') + 0).'' !== ''.getRequestElement('userid').'') {
  71                 if (isExtensionActive('nickname')) {
  72                         // Maybe we have found a nickname?
  73                         $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1",
  74                                 array(getRequestElement('userid')), __FILE__, __LINE__);
  75                 } else {
  76                         // Nickname entered but nickname is not active
  77                         $errorCode = getCode('EXTENSION_PROBLEM');
  78                         $userid = -1;
  79                 }
  80         } else {
  81                 // Direct userid
  82                 $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
  83                         array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__);
  84         }
  85
  86         // Check if locked in so don't pay points
  87         $status = 'failed';
  88
  89         // Check if account was found
  90         if (SQL_NUMROWS($result) == 1) {
  91                 // Found an ID so we simply set it
  92                 list($userid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
  93
  94                 // Account confirmed?
  95                 if ($status == 'CONFIRMED') {
  96                         // Secure userid
  97                         $userid = bigintval($userid);
  98
  99                         // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
 100                         // If we need more number behind the decimal dot then we just need to increase all these three
 101                         // numbers matching to the numbers behind the decimal dot. Simple! ;-)
 102                         $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
 103
 104                         // Set nickname / userid for the template(s
 105                         $content['userid'] = getRequestElement('userid');
 106                         $content['clicks'] = ($clicks + 1);
 107                         $content['banner'] = loadTemplate('beg_banner', true);
 108                         $content['points'] = translateComma($points);
 109                 } else {
 110                         // Other status
 111                         $userid = 0;
 112                 }
 113         } // END - if
 114
 115         // Free memory
 116         SQL_FREERESULT($result);
 117
 118         // User id valid and not webmaster's id?
 119         if (($userid > 0) && (getConfig('beg_userid') != $userid)) {
 120                 // Update counter
 121                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1",
 122                         array($userid), __FILE__, __LINE__);
 123
 124                 // Check for last entry for userid w/o IP number
 125                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_userid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
 126                 array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
 127
 128                 // Entry not found, points set and not logged in?
 129                 if (((SQL_NUMROWS($result) == 0) || (isAdmin())) && ($points > 0) && (!isMember()) && (getConfig('beg_pay_mode') == 'NONE')) {
 130
 131                         // Admin is testing?
 132                         if (!isAdmin()) {
 133                                 // Remember remote address, userid and timestamp for next click
 134                                 // but only when there is no admin begging.
 135                                 // Admins shall be able to test it!
 136                                 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_beg_ips` (`userid`, `remote_ip`,`sid`, `timeout`) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
 137                                         array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
 138
 139                                 // Was is successfull?
 140                                 $pay (SQL_AFFECTEDROWS() == 1);
 141                         } else {
 142                                 // Is admin!
 143                                 $pay = true;
 144                         }
 145
 146                         // Pay points?
 147                         if ($pay === true) {
 148                                 // Add points to user or begging rallye account
 149                                 if (addPointsBeg($userid, $points)) {
 150                                         // Set 'done' message
 151                                         $content['message'] = loadTemplate('beg_done', true);
 152                                 } else {
 153                                         // Error!
 154                                         $content['message'] = loadTemplate('beg_failed', true);
 155                                 }
 156                         } else {
 157                                 // Error!
 158                                 $content['message'] = loadTemplate('beg_failed', true);
 159                         }
 160                 } elseif (isMember()) {
 161                         // Logged in user found!
 162                         $content['message'] = loadTemplate('beg_login', true);
 163                 } elseif (getConfig('beg_pay_mode') != 'NONE') { // Other pay-mode active!
 164                         // Prepare content for template
 165                         $content = array(
 166                                 'clicks' => $content['clicks'],
 167                                 'points' => $content['points'],
 168                                 'userid'    => $content['userid']
 169                         );
 170
 171                         // Load message template depending on pay-mode
 172                         $content['message'] = loadTemplate('beg_pay_mode_'.strtolower(getConfig('beg_pay_mode')), true, $content);
 173                         $pay = true;
 174                 } else {
 175                         // Clicked received while reload lock is active
 176                         $content['message'] = loadTemplate('beg_failed', true);
 177                 }
 178
 179                 // Free memory
 180                 SQL_FREERESULT($result);
 181
 182                 // Include header
 183                 loadIncludeOnce('inc/header.php');
 184
 185                 // Load final template
 186                 loadTemplate('beg_link', false, $content);
 187
 188                 // Tracker code enabled? (We don't track users here!
 189                 if ((getConfig('beg_pay_mode') != 'NONE') && ($pay === true)) {
 190                         // Prepare content for template
 191                         // @TODO Opps, what is missing here???
 192                         $content = array(
 193                         );
 194
 195                         // Include config-depending template
 196                         loadTemplate('beg_pay_code_'.strtolower(getConfig('beg_pay_mode')), false, $content);
 197                 } elseif (($pay === false) && (!isset($content['message']))) {
 198                         // Cannot pay! :-(
 199                         $content['message'] = loadTemplate('beg_failed', true);
 200                 }
 201
 202                 // Include footer
 203                 loadIncludeOnce('inc/footer.php');
 204         } elseif (($status != 'CONFIRMED') && ($status != 'failed')) {
 205                 // Maybe locked/unconfirmed account?
 206                 $errorCode = generateErrorCodeFromUserStatus($status);
 207         } elseif (($userid == '0') || ($status == 'failed')) {
 208                 // Inalid or locked account, so let's find out
 209                 $result = SQL_QUERY_ESC("SELECT userid FROM `{?_MYSQL_PREFIX?}_user_data` WHERE nickname='%s' LIMIT 1",
 210                         array(getRequestElement('userid')), __FILE__, __LINE__);
 211                 if (SQL_NUMROWS($result) == 1) {
 212                         // Locked account
 213                         $errorCode = getCode('ACCOUNT_LOCKED');
 214                 } else {
 215                         // Invalid nickname! (404)
 216                         $errorCode = getCode('USER_404');
 217                 }
 218
 219                 // Free memory
 220                 SQL_FREERESULT($result);
 221         } elseif ($userid == getConfig('beg_userid')) {
 222                 // Webmaster's ID cannot beg for points!
 223                 $errorCode = getCode('BEG_SAME_AS_OWN');
 224         }
 225
 226         // Reload to index module
 227         if ((!empty($errorCode)) && (!empty($errorCode))) redirectToUrl('modules.php?module=index&amp;code=' . $errorCode . '&amp;ext=beg');
 228 } else {
 229         // No userid entered
 230         redirectToUrl('modules.php?module=index');
 231 }
 232
 233 // Really all done here... ;-)
 234 shutdown();
 235
 236 // [EOF]
 237 ?>