<?php
/************************************************************************
- * MXChange v0.2.1 Start: 11/14/2003 *
- * =============== Last change: 11/25/2004 *
+ * Mailer v0.2.1-FINAL Start: 11/14/2003 *
+ * =================== Last change: 01/10/2013 *
* *
* -------------------------------------------------------------------- *
* File : mailid.php *
* $Date:: $ *
* $Tag:: 0.2.1-FINAL $ *
* $Author:: $ *
- * Needs to be in all Files and every File needs "svn propset *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
require('inc/libs/security_functions.php');
// Init start time
-$GLOBALS['startTime'] = microtime(true);
+$GLOBALS['__start_time'] = microtime(TRUE);
// Tell everyone we are in this module
-$GLOBALS['module'] = 'mailid';
-$GLOBALS['output_mode'] = 1;
-$errorCode = '';
+$GLOBALS['__module'] = 'mailid';
+$GLOBALS['__output_mode'] = '0';
+
+// Disable copyright footer which would be to large for the upper frame
+$GLOBALS['__copyright_enabled'] = 'N';
// Load the required file(s)
require('inc/config-global.php');
-// Set content type
+// Set content type and HTTP status
setContentType('text/html');
+setHttpStatus('404 Not Found');
-// Is the extension active?
+// Is ext-mailid active?
redirectOnUninstalledExtension('mailid');
-// Init
-$url_userid = 0;
-$url_bid = 0;
-$url_mid = 0;
+// Is ext-other active?
+redirectOnUninstalledExtension('other');
+
+// Init data
+$data = array(
+ 'error_code' => '0',
+ 'userid' => '0',
+ 'id' => '0',
+ 'code' => '0',
+ 'do' => 'frames',
+ 'type' => '',
+);
// Secure all data
-if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid'));
-if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid'));
-if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
+if (isGetRequestElementSet('userid')) $data['userid'] = bigintval(getRequestElement('userid'));
+if (isGetRequestElementSet('id')) $data['id'] = bigintval(getRequestElement('id'));
+if (isGetRequestElementSet('code')) $data['code'] = bigintval(getRequestElement('code'));
+if (isGetRequestElementSet('do')) $data['do'] = getRequestElement('do');
+if (isGetRequestElementSet('type')) $data['type'] = getRequestElement('type');
+
+// @TODO Improve check on $data['type'], empty() is not very much ...
+if ((isValidId($data['userid'])) && (isValidId($data['id'])) && (!empty($data['type'])) && (!ifFatalErrorsDetected())) {
+ // Is 'do' still "frames"?
+ if ($data['do'] == 'frames') {
+ // This is a frameset module
+ $GLOBALS['frameset_mode'] = TRUE;
+ } // END - if
+
+ // No image?
+ if ($data['do'] != 'img') {
+ // ... then output header
+ loadIncludeOnce('inc/header.php');
+ } // END - fi
+
+ // Init result for below sqlNumRows() function
+ $result_main = FALSE;
-// 01 1 12 3 32 21 1 22 10
-if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
// Maybe he wants to confirm an email?
- if ($url_mid > 0) {
- // Normal-Mails
- $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
- array($url_mid, $url_userid), __FILE__, __LINE__);
- $type = 'mailid'; $urlId = $url_mid;
- } elseif ($url_bid > 0) {
- // Bonus-Mail
- $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
- array($url_bid, $url_userid), __FILE__, __LINE__);
- $type = 'bonusid'; $urlId = $url_bid;
- } else {
- // Problem: No ID entered
- redirectToUrl('index.php');
- }
+ switch ($data['type']) {
+ case 'normal':
+ $result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
+ array($data['id'], $data['userid']), __FILE__, __LINE__);
+ break;
- if (SQL_NUMROWS($result) == 1) {
- // Load the entry
- list($ltype) = SQL_FETCHROW($result);
+ case 'bonus':
+ $result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ array($data['id'], $data['userid']), __FILE__, __LINE__);
+ break;
+
+ default: // Not detected
+ reportBug(__FILE__, __LINE__, 'No valid type=' . $data['type'] . ' set.');
+ break;
+ } // END - switch
- // Clean result
- SQL_FREERESULT($result);
+ // Is an entry found?
+ if (sqlNumRows($result_main) == 1) {
+ // Is the stats id valid?
+ $data = merge_array($data, sqlFetchArray($result_main));
- // @TODO Rewrite this to a filter
- switch ($ltype)
- {
+ // Init result here with invalid to avoid possible missing variable
+ $result_mailid = FALSE;
+
+ // @TODO Rewrite this to a filter/function
+ switch ($data['link_type']) {
case 'NORMAL':
- // Is the stats ID valid?
- $result = SQL_QUERY_ESC("SELECT pool_id, url, subject FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
- array($url_mid), __FILE__, __LINE__);
+ $result_mailid = sqlQueryEscaped("SELECT `pool_id`, `userid` AS `sender`, `url` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
+ array($data['id']), __FILE__, __LINE__);
break;
case 'BONUS':
- // Is the bonus extension active?
- redirectOnUninstalledExtension('bonus');
-
- // Bonus-Mails
- $result = SQL_QUERY_ESC("SELECT id, url, subject FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
- array($url_bid), __FILE__, __LINE__);
+ $result_mailid = sqlQueryEscaped("SELECT `id` AS `pool_id`, `is_notify`, `url` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ array($data['id']), __FILE__, __LINE__);
break;
- default: // Invalid mail type
- debug_report_bug('Invalid mail type ' . $ltype . ' detected.');
+ default: // Unknown type
+ reportBug(__FILE__, __LINE__, 'Unknown mail type ' . $data['link_type'] . ' detected.');
break;
- }
+ } // END - switch
- if (SQL_NUMROWS($result) == 1) {
+ // Entry found?
+ if (sqlNumRows($result_mailid) == 1) {
// Load data
- list($pool, $URL, $title) = SQL_FETCHROW($result);
+ $data = merge_array($data, sqlFetchArray($result_mailid));
- // Free result
- SQL_FREERESULT($result);
+ // Correct notification switch in non-bonus mails
+ if ((!isset($data['is_notify'])) || (!in_array($data['is_notify'], array('Y', 'N')))) {
+ $data['is_notify'] = 'N';
+ } // END - if
- // Set it
- setExtraTitle($title);
+ // Set sender to 0 when we have a bonus mail
+ if ($data['link_type'] == 'BONUS') {
+ $data['sender'] = NULL;
+ } // END - if
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($status, $gender, $surname, $family) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if ($status == 'CONFIRMED') {
+ // Is the user id valid?
+ if (fetchUserData($data['userid']) === TRUE) {
+ // Is the user status CONFIRMED?
+ if (getUserData('status') == 'CONFIRMED') {
// User has confirmed his account so we can procede...
// @TODO Rewrite this to a filter
- switch ($ltype)
- {
+ switch ($data['link_type']) {
case 'NORMAL':
- $result = SQL_QUERY_ESC("SELECT payment_id FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s LIMIT 1",
- array(bigintval($pool)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($pay) = SQL_FETCHROW($result);
- $time = getPaymentPoints($pay, 'time');
- $payment = getPaymentPoints($pay, 'payment');
- $isValid = true;
+ $result = sqlQueryEscaped("SELECT `payment_id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s LIMIT 1",
+ array(bigintval($data['pool_id'])), __FILE__, __LINE__);
+
+ // Entry found?
+ if (sqlNumRows($result) == 1) {
+ $data = merge_array($data, sqlFetchArray($result));
+ $data['time'] = getPaymentTime($data['payment_id']);
+ $data['payment'] = getPaymentPayment($data['payment_id']);
+ $isValid = TRUE;
} // END - if
- // Free memory
- SQL_FREERESULT($result);
+ // Free memory...
+ sqlFreeResult($result);
break;
case 'BONUS':
- $result = SQL_QUERY_ESC("SELECT points, time FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
- array($url_bid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($points, $time) = SQL_FETCHROW($result);
- $payment = '0.00000';
- $isValid = true;
- }
-
- // Free memory
- SQL_FREERESULT($result);
+ $result = sqlQueryEscaped("SELECT `time`, `points` AS `payment` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ array(bigintval($data['pool_id'])), __FILE__, __LINE__);
+
+ // Entry found?
+ if (sqlNumRows($result) == 1) {
+ $data = merge_array($data, sqlFetchArray($result));
+ $isValid = TRUE;
+ } // END - if
+
+ // Free memory...
+ sqlFreeResult($result);
break;
- default: // Invalid mail type
- debug_report_bug('Invalid mail type ' . $ltype . ' detected.');
+ default: // Unknown type
+ reportBug(__FILE__, __LINE__, 'Unknown mail type ' . $data['link_type'] . ' detected.');
break;
- }
+ } // END - switch
- // Add header
- loadIncludeOnce('inc/header.php');
-
- // Was that mail a valid one?
- if ($isValid === true) {
- // If time is zero seconds we have a sponsor mail. 1 Second shall be set to avoid problems
- if (($time == '0') && ($payment > 0)) { $URL = getConfig('URL'); $time = '1'; }
- if (($time > 0) && (($payment > 0) || ($points > 0))) {
- // Export data into constants for the template
- $content = array(
- 'userid' => $url_userid,
- 'type' => $type,
- 'data' => $urlId,
- 'url' => generateDerefererUrl($URL)
- );
-
- // Load template
- loadTemplate('mailid_frames', false, $content);
+ // Is this entry valid?
+ if ($isValid === TRUE) {
+ // Run at least one second
+ if (($data['time'] < 1) && ($data['payment'] > 0)) {
+ // Zero seconds is not supported
+ $data['time'] = 1;
+ } // END - if
+
+ // Is time and payment set?
+ if (($data['time'] > 0) && ($data['payment'] > 0)) {
+ $data['real_code'] = '0';
+ if (!empty($data['code'])) {
+ // Generate code (the user sees in the CAPTCHA)
+ $data['real_code'] = generateRandomCode(getCodeLength(), $data['code'], $data['userid'], $data['id']);
+ } // END - if
+
+ // Do the call-back by given data array
+ doMailIdCallback($data);
} else {
- $errorCode = getCode('DATA_INVALID');
+ $data['error_code'] = getCode('DATA_INVALID');
+ $data['do'] = 'failed';
}
} else {
- $errorCode = getCode('POSSIBLE_INVALID');
+ $data['error_code'] = getCode('POSSIBLE_INVALID');
+ $data['do'] = 'failed';
}
} else {
- $errorCode = getCode('ACCOUNT_LOCKED');
+ $data['error_code'] = getCode('ACCOUNT_' . strtoupper(getUserData('status')));
+ $data['do'] = 'failed';
}
} else {
- SQL_FREERESULT($result);
- $errorCode = getCode('USER_404');
+ $data['error_code'] = getCode('USER_404');
+ $data['do'] = 'failed';
}
} else {
- SQL_FREERESULT($result);
- $errorCode = getCode('STATS_404');
+ $data['error_code'] = getCode('STATS_404');
+ $data['do'] = 'failed';
}
+
+ // Free result
+ sqlFreeResult($result_mailid);
} else {
- SQL_FREERESULT($result);
- $errorCode = getCode('ALREADY_CONFIRMED');
+ $data['error_code'] = getCode('ALREADY_CONFIRMED');
+ $data['do'] = 'failed';
}
+
+ // Free result
+ sqlFreeResult($result_main);
} else {
- // Nothing entered
- $errorCode = getCode('ERROR_MAILID');
+ // Not all variables are set
+ $data['error_code'] = getCode('ERROR_MAILID');
+ $data['do'] = 'failed';
}
// Error code is set?
-if (!empty($errorCode)) {
- // @TODO Rewrite this to a dynamic include or so
- switch (getConfig('mailid_error_redirect')) {
- case 'INDEX': // Redirect to index page
- redirectToUrl('modules.php?module=index&code=' . $errorCode . '&ext=mailid');
- break;
-
- case 'REJECT': // Redirect to rejection page
- if (isExtensionActive('other')) {
- // Redirect to configured URL
- redirectToConfiguredUrl('reject_url');
- } else {
- // Redirect to index
- redirectToUrl('index.php');
- }
- break;
+handleMailIdErrorCode($data['error_code']);
- default:
- logDebugMessage(__FILE__, __LINE__, sprintf("Unknown status %s detected in mailid_error_redirect.", getConfig('mailid_error_redirect')));
- redirectToUrl('modules.php?module=index&code=' . getCode('UNKNOWN_STATUS') . '&ext=mailid');
- break;
- } // END - switch
+// Insert footer if no image
+if ($data['do'] != 'img') {
+ // Write footer
+ loadIncludeOnce('inc/footer.php');
} // END - if
-// Include footer
-loadIncludeOnce('inc/footer.php');
+// Really all done here... ;-)
+doShutdown();
// [EOF]
?>