************************************************************************/
// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require_once("inc/libs/security_functions.php");
+require("inc/libs/security_functions.php");
// Init "action" and "what"
-global $what, $action, $startTime;
$GLOBALS['startTime'] = microtime(true);
-$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
+$GLOBALS['what'] = "";
+$GLOBALS['action'] = "";
// Set module
$GLOBALS['module'] = "beg";
$GLOBALS['refid'] = 0;
-$CSS = -1;
+$GLOBALS['output_mode'] = -1;
$msg = null;
// Load the required file(s)
-require ("inc/config.php");
+require("inc/config.php");
// Is the "beg" extension active?
-if (!EXT_IS_ACTIVE("beg")) {
- // Redirect to index
- LOAD_URL("modules.php?module=index&msg=".CODE_EXTENSION_PROBLEM."&ext=beg");
-} // END - if
+REDIRCT_ON_UNINSTALLED_EXTENSION("beg");
// Is the script installed?
-if (isBooleanConstantAndTrue('mxchange_installed')) {
+if (isInstalled()) {
// Check for userid
- if (!empty($_GET['uid'])) {
+ if (REQUEST_ISSET_GET(('uid'))) {
// Init variables
$uid = 0;
$result = false;
$pay = false;
// Validate if it is not a number
- if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") {
+ if ("".(REQUEST_GET('uid') + 0)."" !== "".REQUEST_GET('uid')."") {
if (EXT_IS_ACTIVE("nickname")) {
// Maybe we have found a nickname?
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_GET['uid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ array(REQUEST_GET('uid')), __FILE__, __LINE__);
} else {
// Nickname entered but nickname is not active
- $msg = CODE_EXTENSION_PROBLEM;
+ $msg = constant('CODE_EXTENSION_PROBLEM');
$uid = -1;
}
} else {
// Direct userid
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['uid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
}
// Check if locked in so don't pay points
$status = "failed";
// Check if account was found
- if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
+ if (SQL_NUMROWS($result) == 1) {
// Found an ID so we simply set it
list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
// Secure userid
$uid = bigintval($uid);
- // Calculate beg points
- mt_srand((double)microtime() * 10000000000 / time());
-
// Multiply configured values with 100000 and divide with 100000 so we can also handle small values
// If we need more number behind the decimal dot then we just need to increase all these three
// numbers matching to the numbers behind the decimal dot. Simple! ;-)
- $points = mt_rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
+ $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
// Set nickname / userid for the template(s
- define('__BEG_UID' , SQL_ESCAPE($_GET['uid']));
+ define('__BEG_UID' , REQUEST_GET(('uid')));
define('__BEG_CLICKS', ($clicks + 1));
define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
define('__BEG_POINTS', TRANSLATE_COMMA($points));
SQL_FREERESULT($result);
// User id valid and not webmaster's id?
- if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) {
+ if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
// Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
array($uid), __FILE__, __LINE__);
// Check for last entry for userid w/o IP number
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
// Entry not found, points set and not logged in?
- if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && ($_CONFIG['beg_pay_mode'] == "NONE")) {
+ if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == "NONE")) {
// Admin is testing?
if (!IS_ADMIN()) {
// Remember remote address, userid and timestamp for next click
// but only when there is no admin begging.
// Admins shall be able to test it!
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
// Was is successfull?
}
// Pay points?
- if ($pay) {
+ if ($pay === true) {
// Add points to user or begging rallye account
if (BEG_ADD_POINTS($uid, $points)) {
// Set "done" message
} elseif (IS_MEMBER()) {
// Logged in user found!
define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
- } elseif ($_CONFIG['beg_pay_mode'] != "NONE") { // Other pay-mode active!
+ } elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active!
// Prepare content for template
$content = array(
- 'clicks' => __BEG_CLICKS,
- 'points' => __BEG_POINTS,
- 'uid' => __BEG_UID
+ 'clicks' => constant('__BEG_CLICKS'),
+ 'points' => constant('__BEG_POINTS'),
+ 'uid' => constant('__BEG_UID')
);
// Load message template depending on pay-mode
- define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower($_CONFIG['beg_pay_mode']), true, $content));
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower(getConfig('beg_pay_mode')), true, $content));
$pay = true;
} else {
// Clicked received while reload lock is active
SQL_FREERESULT($result);
// Include header
- require_once(PATH."inc/header.php");
+ LOAD_INC_ONCE("inc/header.php");
// Load final template
LOAD_TEMPLATE("beg_link");
// Tracker code enabled? (We don't track users here!
- if (($_CONFIG['beg_pay_mode'] != "NONE") && ($pay)) {
+ if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) {
// Prepare content for template
+ // @TODO Opps, what is missing here???
$content = array(
);
// Include config-depending template
- LOAD_TEMPLATE("beg_pay_code_".strtolower($_CONFIG['beg_pay_mode']), false, $content);
- } elseif (!$pay) {
+ LOAD_TEMPLATE("beg_pay_code_".strtolower(getConfig('beg_pay_mode')), false, $content);
+ } elseif ((!$pay) && (!defined('__BEG_MSG'))) {
// Cannot pay! :-(
define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
}
// Include footer
- require_once(PATH."inc/footer.php");
+ LOAD_INC_ONCE("inc/footer.php");
} elseif (($status != "CONFIRMED") && ($status != "failed")) {
// Maybe locked/unconfirmed account?
- switch ($status) {
- case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account
- case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
- }
+ $msg = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status);
} elseif (($uid == "0") || ($status == "failed")) {
// Inalid or locked account, so let's find out
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_GET['uid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ array(REQUEST_GET('uid')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Locked account
- $msg = CODE_ACCOUNT_LOCKED;
+ $msg = constant('CODE_ACCOUNT_LOCKED');
} else {
// Invalid nickname! (404)
- $msg = CODE_USER_404;
+ $msg = constant('CODE_USER_404');
}
// Free memory
SQL_FREERESULT($result);
- } elseif ($uid == $_CONFIG['beg_uid']) {
+ } elseif ($uid == getConfig('beg_uid')) {
// Webmaster's ID cannot beg for points!
- $msg = CODE_BEG_SAME_AS_OWN;
+ $msg = constant('CODE_BEG_SAME_AS_OWN');
}
// Reload to index module
LOAD_URL("modules.php?module=index");
}
} else {
- // You have to configure first!
+ // You have to install first!
LOAD_URL("install.php");
}