-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 01/09/2005 *\r
- * =============== Last change: 01/09/2005 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : beg.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : Beg link for members *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Bettel-Link fuer Mitglieder *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )\r
-require_once("inc/libs/security_functions.php");\r
-\r
-// Init "action" and "what"\r
-global $what, $action;\r
-$GLOBALS['what'] = ""; $GLOBALS['action'] = "";\r
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);\r
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);\r
-\r
-// Set module\r
-$GLOBALS['module'] = "beg";\r
-$GLOBALS['refid'] = 0;\r
-$CSS = -1;\r
-\r
-// Load the required file(s)\r
-require ("inc/config.php");\r
-\r
-// Is the script installed?\r
-if (defined('mxchange_installed') && (mxchange_installed))\r
-{\r
- // Check for userid\r
- if (!empty($_GET['uid']))\r
- {\r
- $uid = 0;\r
- if (bigintval($_GET['uid']) != $_GET['uid'])\r
- {\r
- if (EXT_IS_ACTIVE("nickname"))\r
- {\r
- // Maybe we have found a nickname?\r
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",\r
- array($_GET['uid']), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Nickname entered but nickname is not active\r
- $msg = CODE_EXTENSION_PROBLEM;\r
- $uid = -1;\r
- $result = false;\r
- }\r
- }\r
- else\r
- {\r
- // Direct userid\r
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(bigintval($_GET['uid'])), __FILE__, __LINE__);\r
- }\r
-\r
- // Check if locked in so don't pay points\r
- $login = false; $status = "failed";\r
- if (IS_LOGGED_IN())\r
- {\r
- // Logged in user detected!\r
- $login = true;\r
- }\r
-\r
- // Check if account was found\r
- if ((SQL_NUMROWS($result) == 1) && ($result != false))\r
- {\r
- // Found an ID so we simply set it\r
- list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);\r
- if ($status == "CONFIRMED")\r
- {\r
- // Secure userid\r
- $uid = bigintval($uid);\r
-\r
- // Calculate beg points\r
- srand((double)microtime() * 10000000000 / time());\r
-\r
- // Multiply configured values with 100000 and divide with 100000 so we can also handle small values\r
- // If we need more number behind the decimal dot then we just need to increase all these three\r
- // numbers matching to the numbers behind the decimal dot. Simple! ;-)\r
- $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;\r
-\r
- // Set nickname / userid for the template(s\r
- define('__BEG_UID' , $_GET['uid']);\r
- define('__BEG_CLICKS', ($clicks + 1));\r
- define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));\r
- define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));\r
- }\r
- else\r
- {\r
- // Other status\r
- $uid = "0";\r
- }\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))\r
- {\r
- // Update counter\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",\r
- array($uid), __FILE__, __LINE__);\r
-\r
- // Check for last entry for userid w/o IP number\r
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",\r
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);\r
- if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))\r
- {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- if (!IS_ADMIN())\r
- {\r
- // Remember remote address, userid and timestamp for next click\r
- // but only when there is no admin begging.\r
- // Admins shall be able to test it!\r
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",\r
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);\r
- }\r
-\r
- // Set mode depending on how many mails the member has to confirm\r
- $locked = false;\r
- if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == "N")) $locked = true;\r
-\r
- // Is begging rallye active?\r
- if ($CONFIG['beg_rallye'] == "Y")\r
- {\r
- // Add points to rallye account\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",\r
- array($POINTS, $uid), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Add points to account\r
- ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));\r
- }\r
-\r
- // Subtract begged points from member account if the admin has selected one\r
- if ($CONFIG['beg_uid'] > 0)\r
- {\r
- // Subtract from this account\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",\r
- array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);\r
-\r
- // Update mediadata as well\r
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")\r
- {\r
- // Update database\r
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);\r
- }\r
- }\r
-\r
- // Set message\r
- define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));\r
- }\r
- elseif ($login)\r
- {\r
- // Logged in user found!\r
- define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- else\r
- {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
-\r
- // Clicked received while reload lock is active\r
- define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));\r
- }\r
-\r
- // Include header\r
- require_once(PATH."inc/header.php");\r
-\r
- // Load final template\r
- LOAD_TEMPLATE("beg_link");\r
-\r
- // Include footer\r
- require_once(PATH."inc/footer.php");\r
- }\r
- elseif (($status != "CONFIRMED") && ($status != "failed"))\r
- {\r
- // Maybe locked/unconfirmed account?\r
- switch ($status)\r
- {\r
- case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account\r
- case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account\r
- }\r
- }\r
- elseif (($uid == "0") || ($status == "failed"))\r
- {\r
- // Inalid or locked account, so let's find out\r
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",\r
- array($_GET['uid']), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Locked account\r
- $msg = CODE_ACCOUNT_LOCKED;\r
- }\r
- else\r
- {\r
- // Invalid nickname! (404)\r
- $msg = CODE_USER_404;\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- elseif ($uid = $CONFIG['beg_uid'])\r
- {\r
- // Webmaster's ID cannot beg for points!\r
- $msg = CODE_BEG_SAME_AS_OWN;\r
- }\r
-\r
- // Reload to index module\r
- if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);\r
- }\r
- else\r
- {\r
- // No userid entered\r
- LOAD_URL(URL."/modules.php?module=index");\r
- }\r
-}\r
- else\r
-{\r
- // You have to configure first!\r
- LOAD_URL(URL."/install.php");\r
-}\r
-// Really all done here... ;-)\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 01/09/2005 *
+ * =============== Last change: 01/09/2005 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : beg.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Beg link for members *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Bettel-Link fuer Mitglieder *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
+require_once("inc/libs/security_functions.php");
+
+// Init "action" and "what"
+global $what, $action;
+$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
+if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
+if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
+
+// Set module
+$GLOBALS['module'] = "beg";
+$GLOBALS['refid'] = 0;
+$CSS = -1;
+
+// Load the required file(s)
+require ("inc/config.php");
+
+// Is the script installed?
+if (defined('mxchange_installed') && (mxchange_installed))
+{
+ // Check for userid
+ if (!empty($_GET['uid']))
+ {
+ $uid = 0;
+ if (bigintval($_GET['uid']) != $_GET['uid'])
+ {
+ if (EXT_IS_ACTIVE("nickname"))
+ {
+ // Maybe we have found a nickname?
+ $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
+ array($_GET['uid']), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Nickname entered but nickname is not active
+ $msg = CODE_EXTENSION_PROBLEM;
+ $uid = -1;
+ $result = false;
+ }
+ }
+ else
+ {
+ // Direct userid
+ $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(bigintval($_GET['uid'])), __FILE__, __LINE__);
+ }
+
+ // Check if locked in so don't pay points
+ $login = false; $status = "failed";
+ if (IS_LOGGED_IN())
+ {
+ // Logged in user detected!
+ $login = true;
+ }
+
+ // Check if account was found
+ if ((SQL_NUMROWS($result) == 1) && ($result != false))
+ {
+ // Found an ID so we simply set it
+ list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
+ if ($status == "CONFIRMED")
+ {
+ // Secure userid
+ $uid = bigintval($uid);
+
+ // Calculate beg points
+ srand((double)microtime() * 10000000000 / time());
+
+ // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
+ // If we need more number behind the decimal dot then we just need to increase all these three
+ // numbers matching to the numbers behind the decimal dot. Simple! ;-)
+ $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
+
+ // Set nickname / userid for the template(s
+ define('__BEG_UID' , $_GET['uid']);
+ define('__BEG_CLICKS', ($clicks + 1));
+ define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
+ define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
+ }
+ else
+ {
+ // Other status
+ $uid = "0";
+ }
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
+ {
+ // Update counter
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ array($uid), __FILE__, __LINE__);
+
+ // Check for last entry for userid w/o IP number
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
+ array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
+ if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
+ {
+ // Free memory
+ SQL_FREERESULT($result);
+
+ if (!IS_ADMIN())
+ {
+ // Remember remote address, userid and timestamp for next click
+ // but only when there is no admin begging.
+ // Admins shall be able to test it!
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
+ array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
+ }
+
+ // Set mode depending on how many mails the member has to confirm
+ $locked = false;
+ if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == "N")) $locked = true;
+
+ // Is begging rallye active?
+ if ($CONFIG['beg_rallye'] == "Y")
+ {
+ // Add points to rallye account
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
+ array($POINTS, $uid), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Add points to account
+ ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
+ }
+
+ // Subtract begged points from member account if the admin has selected one
+ if ($CONFIG['beg_uid'] > 0)
+ {
+ // Subtract from this account
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
+ array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4")
+ {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
+ }
+ }
+
+ // Set message
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
+ }
+ elseif ($login)
+ {
+ // Logged in user found!
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ else
+ {
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Clicked received while reload lock is active
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
+ }
+
+ // Include header
+ require_once(PATH."inc/header.php");
+
+ // Load final template
+ LOAD_TEMPLATE("beg_link");
+
+ // Include footer
+ require_once(PATH."inc/footer.php");
+ }
+ elseif (($status != "CONFIRMED") && ($status != "failed"))
+ {
+ // Maybe locked/unconfirmed account?
+ switch ($status)
+ {
+ case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account
+ case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
+ }
+ }
+ elseif (($uid == "0") || ($status == "failed"))
+ {
+ // Inalid or locked account, so let's find out
+ $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
+ array($_GET['uid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Locked account
+ $msg = CODE_ACCOUNT_LOCKED;
+ }
+ else
+ {
+ // Invalid nickname! (404)
+ $msg = CODE_USER_404;
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ elseif ($uid = $CONFIG['beg_uid'])
+ {
+ // Webmaster's ID cannot beg for points!
+ $msg = CODE_BEG_SAME_AS_OWN;
+ }
+
+ // Reload to index module
+ if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
+ }
+ else
+ {
+ // No userid entered
+ LOAD_URL(URL."/modules.php?module=index");
+ }
+}
+ else
+{
+ // You have to configure first!
+ LOAD_URL(URL."/install.php");
+}
+// Really all done here... ;-)
+?>