X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=ref.php;h=783aab194c3b04928a3627c62d6f3da17cb55d9b;hb=3fc48d57e44aec36f8edc4574c4e7cdf18bb49de;hp=e6e51d7b83f32eb87eb95da143a01c512d6ed557;hpb=b56eadb18a023f4d2d712e8936b4dc1ad31fd580;p=mailer.git

diff --git a/ref.php b/ref.php
index e6e51d7b83..783aab194c 100644
--- a/ref.php
+++ b/ref.php
@@ -6,9 +6,9 @@
  * -------------------------------------------------------------------- *
  * File              : ref.php                                          *
  * -------------------------------------------------------------------- *
- * Short description : Redirection for the referral link                *
+ * Short description : Redirection for the referal link                *
  * -------------------------------------------------------------------- *
- * Kurzbeschreibung  : Weiterleitungsscript fuer die Referral-Links     *
+ * Kurzbeschreibung  : Weiterleitungsscript fuer die Referal-Links      *
  * -------------------------------------------------------------------- *
  *                                                                      *
  * -------------------------------------------------------------------- *
@@ -58,29 +58,44 @@ if (isBooleanConstantAndTrue('mxchange_installed')) {
 		break;
 	}
 
-	// Get referral ID from ref or refid variable
+	// Get referal ID from ref or refid variable
 	if (!empty($_GET['ref']))        $ref = secureString($_GET['ref']);
 	 elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']);
 
 	if (!empty($ref)) {
 		// Test if nickname or numeric id
-		if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) {
-			// Nickname in URL, so load the ID
-			$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
-				array($ref), __FILE__, __LINE__);
-			list($ref) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
+		if ($ref != "".bigintval($ref)."") {
+			if (EXT_IS_ACTIVE("nickname")) {
+				// Nickname in URL, so load the ID
+				$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
+					array($ref), __FILE__, __LINE__);
+
+				// Load userid
+				list($ref) = SQL_FETCHROW($result);
+
+				// Free result
+				SQL_FREERESULT($result);
+			} else {
+				// Invalid request!
+				$ref = 0;
+			}
 		} // END - if
 
 		// Also edit this 0 !
 		if (empty($ref)) $ref = 0;
 
+		// Update session
+		set_session('refid', $ref);
+
 		// We have an refid here. So we simply add it
 		$URL .= bigintval($ref);
 
-		// Update ref counter
-		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
-			array(bigintval($ref)), __FILE__, __LINE__);
+		// Is the refid valid?
+		if ($ref > 0) {
+			// Update ref counter
+			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1",
+				array(bigintval($ref)), __FILE__, __LINE__);
+		} // END - if
 	} else {
 		// No refid and we add our refid (don't forget to set $def_refid!)
 		$URL = URL."/index.php";