$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
// Tell everyone we are in this module
-$GLOBALS['module'] = "mailid"; $CSS = "0";
+$GLOBALS['module'] = "mailid"; $CSS = 0;
// Load the required file(s)
require ("inc/config.php");
}
// Secure all data
- $url_uid = "0"; $url_bid = "0"; $url_mid = "0"; $code = "0"; $mode = "";
+ $url_uid = 0; $url_bid = 0; $url_mid = 0; $code = 0; $mode = "";
if (!empty($_GET['uid'])) $url_uid = bigintval($_GET['uid']);
if (!empty($_GET['mailid'])) $url_mid = bigintval($_GET['mailid']);
if (!empty($_GET['bonusid'])) $url_bid = bigintval($_GET['bonusid']);
// Maybe he wants to confirm an email?
if ($url_mid > 0)
{
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d AND userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s AND userid=%s LIMIT 1",
array($url_mid, $url_uid), __FILE__, __LINE__);
$type = "mailid"; $DATA = $url_mid;
}
elseif ($url_bid > 0)
{
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%d AND userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%s AND userid=%s LIMIT 1",
array($url_bid, $url_uid), __FILE__, __LINE__);
$type = "bonusid"; $DATA = $url_bid;
}
if (SQL_NUMROWS($result) == 1)
{
// Is the stats ID valid?
- list($link_id, $ltype) = SQL_FETCHROW($result);
+ list($lid, $ltype) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
switch ($ltype)
{
case "NORMAL":
- $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%d LIMIT 1",
+ $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%s LIMIT 1",
array($url_mid), __FILE__, __LINE__);
break;
case "BONUS":
- $result_mailid = SQL_QUERY_ESC("SELECT id, id, is_notify FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+ $result_mailid = SQL_QUERY_ESC("SELECT id, id, is_notify FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
array($url_bid), __FILE__, __LINE__);
break;
}
if ($ltype == "BONUS") $sender = 0;
// Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT status, sex, surname, family, ref_payout FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT status, gender, surname, family, ref_payout FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($url_uid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
// Load data
- list($status, $sex, $sname, $fname, $ref_pay) = SQL_FETCHROW($result);
+ list($status, $gender, $sname, $fname, $ref_pay) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ($status == "CONFIRMED")
{
// Update last activity
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_online=UNIX_TIMESTAMP(), last_module='mailid_top' WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_online=UNIX_TIMESTAMP(), last_module='mailid_top' WHERE userid=%s LIMIT 1",
array($url_uid), __FILE__, __LINE__);
// User has confirmed his account so we can procede...
switch ($ltype)
{
case "NORMAL":
- $result = SQL_QUERY_ESC("SELECT payment_id FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT payment_id FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%s LIMIT 1",
array(bigintval($pool)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
break;
case "BONUS":
- $result = SQL_QUERY_ESC("SELECT time, points FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT time, points FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
array(bigintval($pool)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
switch ($ltype)
{
case "NORMAL":
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET clicks=clicks+1 WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET clicks=clicks+1 WHERE id=%s LIMIT 1",
array($url_mid), __FILE__, __LINE__);
// Update mediadata as well
break;
case "BONUS":
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_bonus SET clicks=clicks+1 WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_bonus SET clicks=clicks+1 WHERE id=%s LIMIT 1",
array($url_bid), __FILE__, __LINE__);
// Update mediadata as well
if (GET_EXT_VERSION("user") >= "0.1.2")
{
// Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET mails_confirmed=mails_confirmed+1 WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET mails_confirmed=mails_confirmed+1 WHERE userid=%s LIMIT 1",
array($url_uid), __FILE__, __LINE__);
}
}
// Count down ref_payout value
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=ref_payout-1 WHERE userid=%d AND ref_payout > 0 LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=ref_payout-1 WHERE userid=%s AND ref_payout > 0 LIMIT 1",
array($url_uid), __FILE__, __LINE__);
// Add points
}
// Remove link from table
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
- array(bigintval($link_id)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%s LIMIT 1",
+ array(bigintval($lid)), __FILE__, __LINE__);
// Load total points
define('__TOTAL_POINTS', TRANSLATE_COMMA(
ADD_POINTS_REFSYSTEM($sender, $payment, false, 0, false, "direct");
// Remove link from table
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
- array(bigintval($link_id)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%s LIMIT 1",
+ array(bigintval($lid)), __FILE__, __LINE__);
// Load template
LOAD_TEMPLATE("mailid_points_failed");