* -------------------------------------------------------------------- *
* File : ref.php *
* -------------------------------------------------------------------- *
- * Short description : Redirection for the referral link *
+ * Short description : Redirection for the referal link *
* -------------------------------------------------------------------- *
- * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links *
+ * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links *
* -------------------------------------------------------------------- *
* *
* -------------------------------------------------------------------- *
$GLOBALS['module'] = "ref"; $CSS = -1;
// Load the required file(s)
-require ("inc/config.php");
+require("inc/config.php");
// Redirect only to registration page when this script is installed
if (isBooleanConstantAndTrue('mxchange_installed')) {
break;
}
- // Get referral ID from ref or refid variable
+ // Get referal ID from ref or refid variable
if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']);
elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']);
if (!empty($ref)) {
// Test if nickname or numeric id
- if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($ref), __FILE__, __LINE__);
- list($ref) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ if ($ref != "".($ref + 0)."") {
+ if (EXT_IS_ACTIVE("nickname")) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
+ array($ref), __FILE__, __LINE__);
+
+ // Load userid
+ list($ref) = SQL_FETCHROW($result);
+
+ // Free result
+ SQL_FREERESULT($result);
+ } else {
+ // Invalid request!
+ $ref = 0;
+ }
} // END - if
// Also edit this 0 !
if (empty($ref)) $ref = 0;
+ // Update session
+ set_session('refid', $ref);
+
// We have an refid here. So we simply add it
$URL .= bigintval($ref);
- // Update ref counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
- array(bigintval($ref)), __FILE__, __LINE__);
+ // Is the refid valid?
+ if ($ref > 0) {
+ // Update ref counter
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
+ array(bigintval($ref)), __FILE__, __LINE__);
+ } // END - if
} else {
// No refid and we add our refid (don't forget to set $def_refid!)
$URL = URL."/index.php";