require_once("inc/libs/security_functions.php");
// Init "action" and "what"
-global $what, $action;
+global $what, $action, $startTime;
+$GLOBALS['startTime'] = microtime(true);
$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
// Set module
$GLOBALS['module'] = "beg";
$GLOBALS['refid'] = 0;
$CSS = -1;
+$msg = null;
// Load the required file(s)
require ("inc/config.php");
// Is the script installed?
-if (defined('mxchange_installed') && (mxchange_installed))
-{
+if (defined('mxchange_installed') && (isBooleanConstantAndTrue('mxchange_installed'))) {
// Check for userid
- if (!empty($_GET['uid']))
- {
+ if (!empty($_GET['uid'])) {
+ // Init user ID
$uid = 0;
- if (bigintval($_GET['uid']) != $_GET['uid'])
- {
- if (EXT_IS_ACTIVE("nickname"))
- {
+
+ // Validate if it is not a number
+ if (bigintval($_GET['uid']) !== "".$_GET['uid']."") {
+ if (EXT_IS_ACTIVE("nickname")) {
// Maybe we have found a nickname?
$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
array($_GET['uid']), __FILE__, __LINE__);
- }
- else
- {
+ } else {
// Nickname entered but nickname is not active
$msg = CODE_EXTENSION_PROBLEM;
$uid = -1;
$result = false;
}
- }
- else
- {
+ } else {
// Direct userid
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($_GET['uid'])), __FILE__, __LINE__);
}
// Check if locked in so don't pay points
$login = false; $status = "failed";
- if (IS_LOGGED_IN())
- {
+ if (IS_LOGGED_IN()) {
// Logged in user detected!
$login = true;
}
// Check if account was found
- if ((SQL_NUMROWS($result) == 1) && ($result != false))
- {
+ if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
// Found an ID so we simply set it
list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
- if ($status == "CONFIRMED")
- {
+ if ($status == "CONFIRMED") {
// Secure userid
$uid = bigintval($uid);
// Multiply configured values with 100000 and divide with 100000 so we can also handle small values
// If we need more number behind the decimal dot then we just need to increase all these three
// numbers matching to the numbers behind the decimal dot. Simple! ;-)
- $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
+ $points = rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
// Set nickname / userid for the template(s
define('__BEG_UID' , $_GET['uid']);
define('__BEG_CLICKS', ($clicks + 1));
define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
- define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
- }
- else
- {
+ define('__BEG_POINTS', TRANSLATE_COMMA($points));
+ } else {
// Other status
$uid = "0";
}
// Free memory
SQL_FREERESULT($result);
- if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
- {
+ if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) {
// Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array($uid), __FILE__, __LINE__);
// Check for last entry for userid w/o IP number
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $_CONFIG['beg_timeout'])." OR (timeout > ".(time() - $_CONFIG['beg_uid_timeout'])." AND userid=%s)) AND remote_ip='%s' LIMIT 1",
array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
- {
+ if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) {
// Free memory
SQL_FREERESULT($result);
- if (!IS_ADMIN())
- {
+ if (!IS_ADMIN()) {
// Remember remote address, userid and timestamp for next click
// but only when there is no admin begging.
// Admins shall be able to test it!
// Set mode depending on how many mails the member has to confirm
$locked = false;
- if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == 'N')) $locked = true;
+ if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true;
// Is begging rallye active?
- if ($CONFIG['beg_rallye'] == 'Y')
- {
+ if ($_CONFIG['beg_rallye'] == "Y") {
// Add points to rallye account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
- array($POINTS, $uid), __FILE__, __LINE__);
- }
- else
- {
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1",
+ array($points, $uid), __FILE__, __LINE__);
+ } else {
// Add points to account
- ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
+ $DEPTH = 0;
+ ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode']));
}
// Subtract begged points from member account if the admin has selected one
- if ($CONFIG['beg_uid'] > 0)
- {
+ if ($_CONFIG['beg_uid'] > 0) {
// Subtract from this account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
- array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
- }
+ SUB_POINTS($_CONFIG['beg_uid'], $points);
}
// Set message
define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
- }
- elseif ($login)
- {
+ } elseif ($login) {
// Logged in user found!
define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Free memory
SQL_FREERESULT($result);
// Include footer
require_once(PATH."inc/footer.php");
- }
- elseif (($status != "CONFIRMED") && ($status != "failed"))
- {
+ } elseif (($status != "CONFIRMED") && ($status != "failed")) {
// Maybe locked/unconfirmed account?
- switch ($status)
- {
+ switch ($status) {
case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account
case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
}
- }
- elseif (($uid == "0") || ($status == "failed"))
- {
+ } elseif (($uid == "0") || ($status == "failed")) {
// Inalid or locked account, so let's find out
$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
array($_GET['uid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// Locked account
$msg = CODE_ACCOUNT_LOCKED;
- }
- else
- {
+ } else {
// Invalid nickname! (404)
$msg = CODE_USER_404;
}
// Free memory
SQL_FREERESULT($result);
- }
- elseif ($uid = $CONFIG['beg_uid'])
- {
+ } elseif ($uid == $_CONFIG['beg_uid']) {
// Webmaster's ID cannot beg for points!
$msg = CODE_BEG_SAME_AS_OWN;
}
// Reload to index module
- if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
- }
- else
- {
+ die("-".$msg."-");
+ if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&msg=".$msg);
+ } else {
// No userid entered
- LOAD_URL(URL."/modules.php?module=index");
+ LOAD_URL("modules.php?module=index");
}
-}
- else
-{
+} else {
// You have to configure first!
- LOAD_URL(URL."/install.php");
+ LOAD_URL("install.php");
}
+
// Really all done here... ;-)
?>