- $uid = 0;
-
- // If no account was found set default refid and status to CONFIRMED
- if (empty($GLOBALS['refid'])) { $GLOBALS['refid'] = $_CONFIG['def_refid']; $status = "CONFIRMED"; }
-
- // Begin with doubler script...
- if (isset($_POST['ok']))
- {
- // Secure points (so only integer/double values are allowed
- $_POST['points'] = bigintval($_POST['points']);
-
- // Begin with doubling process
- if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points'])))
- {
- // Probe for nickname extension and if a nickname was entered
- $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid']));
- if ($probe_nickname)
- {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_POST['userid']), __FILE__, __LINE__);
- }
- else
- {
- // Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['userid'])), __FILE__, __LINE__);
- }
-
- // Load data
- list($uid, $status, $password) = SQL_FETCHROW($result);
- $uid = bigintval($uid);
-
- // Free result
- SQL_FREERESULT($result);
-
- // Remove any dots and unwanted chars from the points
- $_POST['points'] = bigintval(round(str_replace(",", ".", $_POST['points'])));
-
- // Probe for enough points
- $probe_points = (($_POST['points'] >= $_CONFIG['doubler_min']) && ($_POST['points'] <= $_CONFIG['doubler_max']));
-
- // Check all together
- if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points))
- {
- // Nickname resolved to a unique userid or direct userid entered by the member
- $DOUBLER_UID = $uid;
-
- // Calulcate points
- $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
-
- // So let's continue with probing his points amount
- if (($points - $_CONFIG['doubler_left'] - $_POST['points'] * $_CONFIG['doubler_charge']) >= 0)
- {
- // Enough points are left so let's continue with the doubling process
- // Create doubling "account" width *DOUBLED* points
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s', '%s', '%s', '".$_SERVER['REMOTE_ADDR']."', UNIX_TIMESTAMP(), 'N', 'N')",
- array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
-
- // Subtract entered points
- SUB_POINTS($uid, $_POST['points']);
-
- // Add points to "total payed" including charge
- $points = $_POST['points'] - $_POST['points'] * $_CONFIG['doubler_charge'];
- UPDATE_CONFIG("doubler_points", $points, "+");
- $_CONFIG['doubler_points'] += $points;
-
- // Add second line for the referral but only when uid != refid
- if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid))
- {
- // Okay add a refid line and apply refid percents
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s', '0', '%s', '".$_SERVER['REMOTE_ADDR']."', UNIX_TIMESTAMP(), 'N', 'Y')",
- array(bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2 * $_CONFIG['doubler_ref'])), __FILE__, __LINE__);
-
- // And that's why we dont't want to you more than one referral level of doubler-points. ^^^
- }
-
- // Update usage counter
- UPDATE_CONFIG("doubler_counter", 1, "+");
- $_CONFIG['doubler_counter']++;
-
- // Set constant
- define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid']));
- }
- else
- {
- // Not enougth points left
- define('__ERROR_MSG', DOUBLER_FORM_NO_POINTS_LEFT);
- }
+} // END - if
+
+// Init userid
+$uid = 0;
+
+// If no account was found set default refid and status to CONFIRMED
+if (empty($GLOBALS['refid'])) {
+ $GLOBALS['refid'] = getConfig('def_refid');
+ $status = 'CONFIRMED';
+} // END - if
+
+// Begin with doubler script...
+if (isFormSent()) {
+ // Secure points (so only integer/double values are allowed
+ REQUEST_SET_POST('points', bigintval(REQUEST_POST('points')));
+
+ // Begin with doubling process
+ if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) {
+ // Probe for nickname extension and if a nickname was entered
+ if (isNickNameUsed(REQUEST_POST('userid'))) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ array(REQUEST_POST('userid')), __FILE__, __LINE__);
+ } else {
+ // Direct userid entered
+ $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__);
+ }