* -------------------------------------------------------------------- *
* File : ref.php *
* -------------------------------------------------------------------- *
- * Short description : Redirection for the referral link *
+ * Short description : Redirection for the referal link *
* -------------------------------------------------------------------- *
- * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links *
+ * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links *
* -------------------------------------------------------------------- *
* *
* -------------------------------------------------------------------- *
************************************************************************/
// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require_once("inc/libs/security_functions.php");
+require("inc/libs/security_functions.php");
// Init "action" and "what"
global $what, $action;
$GLOBALS['module'] = "ref"; $CSS = -1;
// Load the required file(s)
-require ("inc/config.php");
+require("inc/config.php");
// Redirect only to registration page when this script is installed
if (isBooleanConstantAndTrue('mxchange_installed')) {
// Base URL for redirection
- switch ($_CONFIG['refid_target'])
+ switch (getConfig('refid_target'))
{
case "register":
- $URL = URL."/modules.php?module=index&what=register&refid=";
+ $URL = "modules.php?module=index&what=register&refid=";
break;
case "index":
- $URL = URL."/index.php?refid=";
+ $URL = "index.php?refid=";
break;
}
- // Get referral ID from ref or refid variable
+ // Get referal ID from ref or refid variable
if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']);
elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']);
if (!empty($ref)) {
// Test if nickname or numeric id
- if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($ref), __FILE__, __LINE__);
- list($ref) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ if ($ref != "".($ref + 0)."") {
+ if (EXT_IS_ACTIVE("nickname")) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ array($ref), __FILE__, __LINE__);
+
+ // Load userid
+ list($ref) = SQL_FETCHROW($result);
+
+ // Free result
+ SQL_FREERESULT($result);
+ } else {
+ // Invalid request!
+ $ref = 0;
+ }
} // END - if
// Also edit this 0 !
if (empty($ref)) $ref = 0;
+ // Update session
+ set_session('refid', $ref);
+
// We have an refid here. So we simply add it
$URL .= bigintval($ref);
- // Update ref counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
- array(bigintval($ref)), __FILE__, __LINE__);
+ // Is the refid valid?
+ if ($ref > 0) {
+ // Update ref counter
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
+ array(bigintval($ref)), __FILE__, __LINE__);
+ } // END - if
} else {
// No refid and we add our refid (don't forget to set $def_refid!)
- $URL = URL."/index.php";
+ $URL = "index.php";
}
// Load the URL
LOAD_URL($URL);
} else {
- // You have to configure first!
+ // You have to install first!
LOAD_URL("install.php");
}