X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=ref.php;h=c83f596ccb619c1e946708f3b1264d4abf8e0a0b;hb=5416425ec8fa510a5addb246bdf7a6cd316a911f;hp=d3fdc56e33f5fc24a404249cfc2f55d6810c0fce;hpb=8a9324b2d931f54f54f4319fd7234910af77012c;p=mailer.git diff --git a/ref.php b/ref.php index d3fdc56e33..c83f596ccb 100644 --- a/ref.php +++ b/ref.php @@ -6,9 +6,9 @@ * -------------------------------------------------------------------- * * File : ref.php * * -------------------------------------------------------------------- * - * Short description : Redirection for the referral link * + * Short description : Redirection for the referal link * * -------------------------------------------------------------------- * - * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links * + * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links * * -------------------------------------------------------------------- * * * * -------------------------------------------------------------------- * @@ -32,7 +32,7 @@ ************************************************************************/ // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) ) -require_once("inc/libs/security_functions.php"); +require("inc/libs/security_functions.php"); // Init "action" and "what" global $what, $action; @@ -42,61 +42,70 @@ $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; $GLOBALS['module'] = "ref"; $CSS = -1; // Load the required file(s) -require ("inc/config.php"); +require("inc/config.php"); // Redirect only to registration page when this script is installed -if (defined('mxchange_installed') && (mxchange_installed)) -{ +if (isBooleanConstantAndTrue('mxchange_installed')) { // Base URL for redirection - switch ($CONFIG['refid_target']) + switch (getConfig('refid_target')) { case "register": - $URL = URL."/modules.php?module=index&what=register&refid="; + $URL = "modules.php?module=index&what=register&refid="; break; case "index": - $URL = URL."/index.php?refid="; + $URL = "index.php?refid="; break; } - // Get referral ID from ref or refid variable - if (!empty($_GET['ref'])) $ref = strip_tags(htmlentities($_GET['ref'])); - elseif (!empty($_GET['refid'])) $ref = bigintval($_GET['refid']); + // Get referal ID from ref or refid variable + if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']); + elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']); + + if (!empty($ref)) { + // Test if nickname or numeric id + if ($ref != "".($ref + 0)."") { + if (EXT_IS_ACTIVE("nickname")) { + // Nickname in URL, so load the ID + $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", + array($ref), __FILE__, __LINE__); + + // Load userid + list($ref) = SQL_FETCHROW($result); + + // Free result + SQL_FREERESULT($result); + } else { + // Invalid request! + $ref = 0; + } + } // END - if - if (!empty($ref)) - { - // Test if nickname ($test == "0") or ID - $test = "".round($ref).""; - if ((EXT_IS_ACTIVE("nickname")) && ($test != $ref)) - { - // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", array($ref), __FILE__, __LINE__); - list($ref) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } // Also edit this 0 ! - if (empty($ref)) $ref = "0"; + if (empty($ref)) $ref = 0; + + // Update session + set_session('refid', $ref); // We have an refid here. So we simply add it $URL .= bigintval($ref); - // Update ref counter - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%d LIMIT 1", - array(bigintval($ref)), __FILE__, __LINE__); - } - else - { + // Is the refid valid? + if ($ref > 0) { + // Update ref counter + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1", + array(bigintval($ref)), __FILE__, __LINE__); + } // END - if + } else { // No refid and we add our refid (don't forget to set $def_refid!) - $URL = URL."/index.php"; + $URL = "index.php"; } + // Load the URL LOAD_URL($URL); - // Redirection should be done here -} - else -{ - // You have to configure first! - LOAD_URL(URL."/install.php"); +} else { + // You have to install first! + LOAD_URL("install.php"); } // Really all done here... ;-)