- // Check if locked in so don't pay points
- $status = "failed";
-
- // Check if account was found
- if (SQL_NUMROWS($result) == 1) {
- // Found an ID so we simply set it
- list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
-
- // Account confirmed?
- if ($status == "CONFIRMED") {
- // Secure userid
- $uid = bigintval($uid);
-
- // Calculate beg points
- mt_srand((double)microtime() * 10000000000 / time());
-
- // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
- // If we need more number behind the decimal dot then we just need to increase all these three
- // numbers matching to the numbers behind the decimal dot. Simple! ;-)
- $points = mt_rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
-
- // Set nickname / userid for the template(s
- define('__BEG_UID' , SQL_ESCAPE($_GET['uid']));
- define('__BEG_CLICKS', ($clicks + 1));
- define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
- define('__BEG_POINTS', TRANSLATE_COMMA($points));
+ // Check if locked in so don't pay points
+ $status = 'failed';
+
+ // Check if account was found
+ if (SQL_NUMROWS($result) == 1) {
+ // Found an ID so we simply set it
+ list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
+
+ // Account confirmed?
+ if ($status == 'CONFIRMED') {
+ // Secure userid
+ $uid = bigintval($uid);
+
+ // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
+ // If we need more number behind the decimal dot then we just need to increase all these three
+ // numbers matching to the numbers behind the decimal dot. Simple! ;-)
+ $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
+
+ // Set nickname / userid for the template(s
+ define('__BEG_UID' , REQUEST_GET('uid'));
+ define('__BEG_CLICKS', ($clicks + 1));
+ define('__BEG_BANNER', LOAD_TEMPLATE('beg_banner', true));
+ define('__BEG_POINTS', translateComma($points));
+ } else {
+ // Other status
+ $uid = 0;
+ }
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // User id valid and not webmaster's id?
+ if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
+ // Update counter
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1",
+ array($uid), __FILE__, __LINE__);
+
+ // Check for last entry for userid w/o IP number
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
+ array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
+
+ // Entry not found, points set and not logged in?
+ if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == 'NONE')) {
+
+ // Admin is testing?
+ if (!IS_ADMIN()) {
+ // Remember remote address, userid and timestamp for next click
+ // but only when there is no admin begging.
+ // Admins shall be able to test it!
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
+ array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
+
+ // Was is successfull?
+ $pay (SQL_AFFECTEDROWS() == 1);