* -------------------------------------------------------------------- *
* File : ref.php *
* -------------------------------------------------------------------- *
- * Short description : Redirection for the referral link *
+ * Short description : Redirection for the referal link *
* -------------------------------------------------------------------- *
- * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links *
+ * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links *
* -------------------------------------------------------------------- *
* *
* -------------------------------------------------------------------- *
break;
}
- // Get referral ID from ref or refid variable
+ // Get referal ID from ref or refid variable
if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']);
elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']);
if (!empty($ref)) {
// Test if nickname or numeric id
- if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($ref), __FILE__, __LINE__);
- list($ref) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ if ($ref != "".($ref + 0)."") {
+ if (EXT_IS_ACTIVE("nickname")) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
+ array($ref), __FILE__, __LINE__);
+
+ // Load userid
+ list($ref) = SQL_FETCHROW($result);
+
+ // Free result
+ SQL_FREERESULT($result);
+ } else {
+ // Invalid request!
+ $ref = 0;
+ }
} // END - if
// Also edit this 0 !