// Probe for referal ID
if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']);
- // Probe for nickname extension and if a nickname was supplied by URL
- $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($GLOBALS['refid'])."") != $GLOBALS['refid']));
- if ($probe_nickname) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
- array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
- } else {
- // Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
- }
+ // Only check this if refid is provided!
+ if ($GLOBALS['refid'] > 0) {
+ // Probe for nickname extension and if a nickname was supplied by URL
+ $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($GLOBALS['refid'])."") != $GLOBALS['refid']));
+
+ // Do we have nickname or userid set?
+ if ($probe_nickname) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
+ array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
+ } else {
+ // Direct userid entered
+ $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
+ }
- // Load data
- list($rid, $status_ref) = SQL_FETCHROW($result);
- $GLOBALS['refid'] = bigintval($rid);
+ // Load data
+ list($rid, $status_ref) = SQL_FETCHROW($result);
+ $GLOBALS['refid'] = bigintval($rid);
+
+ // Free memory
+ SQL_FREERESULT($result);
+ } // END - if
- // Free memory
- SQL_FREERESULT($result);
+ // Init userid
$uid = 0;
// If no account was found set default refid and status to CONFIRMED
if ($probe_nickname) {
// Nickname in URL, so load the ID
$result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
- array($_POST['userid']), __FILE__, __LINE__);
+ array($_POST['userid']), __FILE__, __LINE__);
} else {
// Direct userid entered
$result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['userid'])), __FILE__, __LINE__);
+ array(bigintval($_POST['userid'])), __FILE__, __LINE__);
}
// Load data
// Enough points are left so let's continue with the doubling process
// Create doubling "account" width *DOUBLED* points
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
- array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
+ array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
// Subtract entered points
SUB_POINTS("doubler", $uid, $_POST['points']);