- // Load data
- list($rid, $status_ref) = SQL_FETCHROW($result);
- $GLOBALS['refid'] = bigintval($rid);
-
- // Free memory
- SQL_FREERESULT($result);
- } // END - if
-
- // Init userid
- $uid = 0;
-
- // If no account was found set default refid and status to CONFIRMED
- if (empty($GLOBALS['refid'])) {
- $GLOBALS['refid'] = getConfig('def_refid');
- $status = "CONFIRMED";
- } // END - if
-
- // Begin with doubler script...
- if (isset($_POST['ok'])) {
- // Secure points (so only integer/double values are allowed
- $_POST['points'] = bigintval($_POST['points']);
-
- // Begin with doubling process
- if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) {
- // Probe for nickname extension and if a nickname was entered
- $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid']));
- if ($probe_nickname) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
- array($_POST['userid']), __FILE__, __LINE__);
- } else {
- // Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['userid'])), __FILE__, __LINE__);
- }
-
- // Load data
- list($uid, $status, $password) = SQL_FETCHROW($result);
- $uid = bigintval($uid);
-
- // Free result
- SQL_FREERESULT($result);
-
- // Remove any dots and unwanted chars from the points
- $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points'])));
-
- // Probe for enough points
- $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max')));
-
- // Check all together
- if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
- // Nickname resolved to a unique userid or direct userid entered by the member
- $DOUBLER_UID = $uid;
-
- // Calulcate points
- $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
-
- // So let's continue with probing his points amount
- if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0)
- // Enough points are left so let's continue with the doubling process
- // Create doubling "account" width *DOUBLED* points
- SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
- array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
-
- // Subtract entered points
- SUB_POINTS("doubler", $uid, $_POST['points']);
-
- // Add points to "total payed" including charge
- $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge');
- UPDATE_CONFIG("doubler_points", $points, "+");
- incrementConfigEntry('doubler_points', $points);
-
- // Add second line for the referal but only when uid != refid
- if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
- // Okay add a refid line and apply refid percents
- SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
- array(
- bigintval($GLOBALS['refid']),
- bigintval($_POST['points'] * 2 * getConfig('doubler_ref'))
- ), __FILE__, __LINE__);
-
- // And that's why we don't want to you more than one referal level of doubler-points. ^^^
- } // END - if
-
- // Update usage counter
- UPDATE_CONFIG("doubler_counter", 1, "+");
- incrementCondigEntry('doubler_counter');
-
- // Set constant
- define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid']));
- } else {
- // Not enougth points left
- define('__ERROR_MSG', DOUBLER_FORM_NO_POINTS_LEFT);
- }
- } elseif ($status == "CONFIRMED") {
- // Account is unconfirmed!
- define('__ERROR_MSG', DOUBLER_FORM_WRONG_PASS);
- } elseif ($status == "UNCONFIRMED") {
- // Account is unconfirmed!
- define('__ERROR_MSG', DOUBLER_FORM_STATUS_UNCONFIRMED);
- } elseif ($status == "LOCKED") {
- // Account is locked by admin / holiday!
- define('__ERROR_MSG', DOUBLER_FORM_STATUS_LOCKED);
- } elseif ($_POST['points'] < getConfig('doubler_min')) {
- // Not enougth points entered
- define('__ERROR_MSG', DOUBLER_FORM_POINTS_MIN);
- } elseif ($_POST['points'] > getConfig('doubler_max')) {
- // Too much points entered
- define('__ERROR_MSG', DOUBLER_FORM_POINTS_MAX);
- } elseif ($probe_nickname) {
- // Cannot resolv nickname -> userid
- define('__ERROR_MSG', DOUBLER_FORM_404_NICKNAME);
+ // Is the data valid?
+ if (!isValidUserData()) {
+ // Output message that the userid is not okay
+ displayMessage('{--DOUBLER_USERID_INVALID--}');
+ } // END - if
+
+ // Remove any dots and unwanted chars from the points
+ setPostRequestElement('points', bigintval(round(convertCommaToDot(postRequestElement('points')))));
+
+ // Probe for enough points
+ $probe_points = ((postRequestElement('points') >= getDoublerMin()) && (postRequestElement('points') <= getDoublerMax()));
+
+ // Check all together
+ if ((isValidUserData()) && (getUserData('password') == generateHash(postRequestElement('password'), substr(getUserData('password'), 0, -40))) && (getUserData('status') == 'CONFIRMED') && ($probe_points)) {
+ // Nickname resolved to a unique userid or direct userid entered by the member
+ $GLOBALS['local_doubler_userid'] = getUserData('userid');
+
+ // Calulcate points
+ $points = getTotalPoints(getUserData('userid'));
+
+ // So let's continue with probing his points amount
+ if (($points - getConfig('doubler_left') - postRequestElement('points') * getDoublerCharge() / 100) >= 0) {
+ // Enough points are left so let's continue with the doubling process
+ // Create doubling "account" with *DOUBLED* points
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(), 'N','N')",
+ array(
+ getUserData('userid'),
+ convertZeroToNull(determineReferralId()),
+ bigintval(postRequestElement('points') * 2),
+ determineRealRemoteAddress()
+ ), __FILE__, __LINE__);
+
+ // Subtract entered points and ignore return status
+ subtractPoints('doubler', getUserData('userid'), postRequestElement('points'));
+
+ // Add points to "total payed" including charge
+ $points = postRequestElement('points') - postRequestElement('points') * getDoublerCharge() / 100;
+ updateConfiguration('doubler_points', $points, '+');
+ incrementConfigEntry('doubler_points', $points);
+
+ // Add second line for the referral but only when userid != refid
+ if ((isValidId(determineReferralId())) && (determineReferralId() != getUserData('userid'))) {
+ // Okay add a refid line and apply refid percents
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES (%s,0,%s,'%s',UNIX_TIMESTAMP(),'N','Y')",
+ array(
+ convertZeroToNull(determineReferralId()),
+ (postRequestElement('points') * 2 * getDoublerRef() / 100),
+ determineRealRemoteAddress()
+ ), __FILE__, __LINE__);
+
+ // And that's why we don't want to you more than one referral level of doubler-points. ^^^
+ } // END - if
+
+ // Update usage counter
+ updateConfiguration('doubler_counter', 1, '+');
+
+ // Set constant
+ $content['message'] = loadTemplate('doubler_reflink', TRUE, postRequestElement('userid'));