X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mailid.php;h=1f38c5b15e389657dcb381c26aad371b7ad2c4f5;hb=01894fd8602147cf872979a523d5da9b5b147a53;hp=a573a245ff2cb018b2cf62dd7b51a8a55e9cd8ab;hpb=64c8349613addc3da2242c5cd6b99d64e3fb5f8e;p=mailer.git diff --git a/mailid.php b/mailid.php index a573a245ff..1f38c5b15e 100644 --- a/mailid.php +++ b/mailid.php @@ -62,21 +62,24 @@ $url_bid = 0; $url_mid = 0; // Secure all data -if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid')); -if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid')); -if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid')); +if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid')); +if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid')); +if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid')); -// 01 1 12 3 32 21 1 22 10 +// 01 1 12 2 2 21 1 22 10 if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) { + // Init result + $result_link = false; + // Maybe he wants to confirm an email? if ($url_mid > 0) { // Normal-Mails - $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1", + $result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1", array($url_mid, $url_userid), __FILE__, __LINE__); $type = 'mailid'; $urlId = $url_mid; } elseif ($url_bid > 0) { // Bonus-Mail - $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1", + $result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1", array($url_bid, $url_userid), __FILE__, __LINE__); $type = 'bonusid'; $urlId = $url_bid; } else { @@ -84,20 +87,16 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr redirectToUrl('index.php'); } - if (SQL_NUMROWS($result) == 1) { + if (SQL_NUMROWS($result_link) == 1) { // Load the entry - list($ltype) = SQL_FETCHROW($result); - - // Clean result - SQL_FREERESULT($result); + list($ltype) = SQL_FETCHROW($result_link); // @TODO Rewrite this to a filter - switch ($ltype) - { + switch ($ltype) { case 'NORMAL': // Is the stats ID valid? $result = SQL_QUERY_ESC("SELECT pool_id, url, subject FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1", - array($url_mid), __FILE__, __LINE__); + array($url_mid), __FILE__, __LINE__); break; case 'BONUS': @@ -106,7 +105,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr // Bonus-Mails $result = SQL_QUERY_ESC("SELECT id, url, subject FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1", - array($url_bid), __FILE__, __LINE__); + array($url_bid), __FILE__, __LINE__); break; default: // Invalid mail type @@ -125,7 +124,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr setExtraTitle($title); // Is the user's ID unlocked? - $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`,` family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", array($url_userid), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { list($status, $gender, $surname, $family) = SQL_FETCHROW($result); @@ -133,10 +132,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr if ($status == 'CONFIRMED') { // User has confirmed his account so we can procede... // @TODO Rewrite this to a filter - switch ($ltype) - { + switch ($ltype) { case 'NORMAL': - $result = SQL_QUERY_ESC("SELECT payment_id FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE pool_id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT payment_id FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s LIMIT 1", array(bigintval($pool)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { list($pay) = SQL_FETCHROW($result); @@ -173,7 +171,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr // Was that mail a valid one? if ($isValid === true) { // If time is zero seconds we have a sponsor mail. 1 Second shall be set to avoid problems - if (($time == '0') && ($payment > 0)) { $URL = getConfig('URL'); $time = '1'; } + if (($time == 0) && ($payment > 0)) { $URL = getConfig('URL'); $time = 1; } if (($time > 0) && (($payment > 0) || ($points > 0))) { // Export data into constants for the template $content = array( @@ -184,7 +182,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr ); // Load template - loadTemplate('mailid_frames'); + loadTemplate('mailid_frames', false, $content); } else { $errorCode = getCode('DATA_INVALID'); } @@ -192,20 +190,20 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr $errorCode = getCode('POSSIBLE_INVALID'); } } else { - $errorCode = getCode('ACCOUNT_LOCKED'); + $errorCode = getCode('ACCOUNT_' . $status); } } else { - SQL_FREERESULT($result); $errorCode = getCode('USER_404'); } } else { - SQL_FREERESULT($result); $errorCode = getCode('STATS_404'); } } else { - SQL_FREERESULT($result); $errorCode = getCode('ALREADY_CONFIRMED'); } + + // Free result + SQL_FREERESULT($result_link); } else { // Nothing entered $errorCode = getCode('ERROR_MAILID');