0.2.1/beg.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 01/09/2005 *
   4  * ===============                              Last change: 01/09/2005 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : beg.php                                          *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Beg link for members                             *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software; you can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License, or    *
  21  * (at your option) any later version.                                  *
  22  *                                                                      *
  23  * This program is distributed in the hope that it will be useful,      *
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  26  * GNU General Public License for more details.                         *
  27  *                                                                      *
  28  * You should have received a copy of the GNU General Public License    *
  29  * along with this program; if not, write to the Free Software          *
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  31  * MA  02110-1301  USA                                                  *
  32  ************************************************************************/
  33
  34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
  35 require_once("inc/libs/security_functions.php");
  36
  37 // Init "action" and "what"
  38 global $what, $action;
  39 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
  40 if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
  41 if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
  42
  43 // Set module
  44 $GLOBALS['module'] = "beg";
  45 $GLOBALS['refid']  = 0;
  46 $CSS = -1;
  47
  48 // Load the required file(s)
  49 require ("inc/config.php");
  50
  51 // Is the script installed?
  52 if (defined('mxchange_installed') && (mxchange_installed))
  53 {
  54         // Check for userid
  55         if (!empty($_GET['uid']))
  56         {
  57                 $uid = 0;
  58                 if (bigintval($_GET['uid']) != $_GET['uid'])
  59                 {
  60                         if (EXT_IS_ACTIVE("nickname"))
  61                         {
  62                                 // Maybe we have found a nickname?
  63                                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
  64                                  array($_GET['uid']), __FILE__, __LINE__);
  65                         }
  66                          else
  67                         {
  68                                 // Nickname entered but nickname is not active
  69                                 $msg = CODE_EXTENSION_PROBLEM;
  70                                 $uid = -1;
  71                                 $result = false;
  72                         }
  73                 }
  74                  else
  75                 {
  76                         // Direct userid
  77                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
  78                          array(bigintval($_GET['uid'])), __FILE__, __LINE__);
  79                 }
  80
  81                 // Check if locked in so don't pay points
  82                 $login = false; $status = "failed";
  83                 if (IS_LOGGED_IN())
  84                 {
  85                         // Logged in user detected!
  86                         $login = true;
  87                 }
  88
  89                 // Check if account was found
  90                 if ((SQL_NUMROWS($result) == 1) && ($result != false))
  91                 {
  92                         // Found an ID so we simply set it
  93                         list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
  94                         if ($status == "CONFIRMED")
  95                         {
  96                                 // Secure userid
  97                                 $uid = bigintval($uid);
  98
  99                                 // Calculate beg points
 100                                 srand((double)microtime() * 10000000000 / time());
 101
 102                                 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
 103                                 // If we need more number behind the decimal dot then we just need to increase all these three
 104                                 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
 105                                 $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
 106
 107                                 // Set nickname / userid for the template(s
 108                                 define('__BEG_UID'   , $_GET['uid']);
 109                                 define('__BEG_CLICKS', ($clicks + 1));
 110                                 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
 111                                 define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
 112                         }
 113                          else
 114                         {
 115                                 // Other status
 116                                 $uid = "0";
 117                         }
 118                 }
 119
 120                 // Free memory
 121                 SQL_FREERESULT($result);
 122
 123                 if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
 124                 {
 125                         // Update counter
 126                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
 127                          array($uid), __FILE__, __LINE__);
 128
 129                         // Check for last entry for userid w/o IP number
 130                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
 131                          array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
 132                         if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
 133                         {
 134                                 // Free memory
 135                                 SQL_FREERESULT($result);
 136
 137                                 if (!IS_ADMIN())
 138                                 {
 139                                         // Remember remote address, userid and timestamp for next click
 140                                         // but only when there is no admin begging.
 141                                         // Admins shall be able to test it!
 142                                         $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
 143                                          array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
 144                                 }
 145
 146                                 // Set mode depending on how many mails the member has to confirm
 147                                 $locked = false;
 148                                 if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == "N")) $locked = true;
 149
 150                                 // Is begging rallye active?
 151                                 if ($CONFIG['beg_rallye'] == "Y")
 152                                 {
 153                                         // Add points to rallye account
 154                                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
 155                                          array($POINTS, $uid), __FILE__, __LINE__);
 156                                 }
 157                                  else
 158                                 {
 159                                         // Add points to account
 160                                         ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
 161                                 }
 162
 163                                 // Subtract begged points from member account if the admin has selected one
 164                                 if ($CONFIG['beg_uid'] > 0)
 165                                 {
 166                                         // Subtract from this account
 167                                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
 168                                          array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
 169
 170                                         // Update mediadata as well
 171                                         if (GET_EXT_VERSION("mediadata") >= "0.0.4")
 172                                         {
 173                                                 // Update database
 174                                                 MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
 175                                         }
 176                                 }
 177
 178                                 // Set message
 179                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
 180                         }
 181                          elseif ($login)
 182                         {
 183                                 // Logged in user found!
 184                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
 185
 186                                 // Free memory
 187                                 SQL_FREERESULT($result);
 188                         }
 189                          else
 190                         {
 191                                 // Free memory
 192                                 SQL_FREERESULT($result);
 193
 194                                 // Clicked received while reload lock is active
 195                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
 196                         }
 197
 198                         // Include header
 199                         require_once(PATH."inc/header.php");
 200
 201                         // Load final template
 202                         LOAD_TEMPLATE("beg_link");
 203
 204                         // Include footer
 205                         require_once(PATH."inc/footer.php");
 206                 }
 207                  elseif (($status != "CONFIRMED") && ($status != "failed"))
 208                 {
 209                         // Maybe locked/unconfirmed account?
 210                         switch ($status)
 211                         {
 212                                 case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
 213                                 case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
 214                         }
 215                 }
 216                  elseif (($uid == "0") || ($status == "failed"))
 217                 {
 218                         // Inalid or locked account, so let's find out
 219                         $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
 220                          array($_GET['uid']), __FILE__, __LINE__);
 221                         if (SQL_NUMROWS($result) == 1)
 222                         {
 223                                 // Locked account
 224                                 $msg = CODE_ACCOUNT_LOCKED;
 225                         }
 226                          else
 227                         {
 228                                 // Invalid nickname! (404)
 229                                 $msg = CODE_USER_404;
 230                         }
 231
 232                         // Free memory
 233                         SQL_FREERESULT($result);
 234                 }
 235                  elseif ($uid = $CONFIG['beg_uid'])
 236                 {
 237                         // Webmaster's ID cannot beg for points!
 238                         $msg = CODE_BEG_SAME_AS_OWN;
 239                 }
 240
 241                 // Reload to index module
 242                 if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
 243         }
 244          else
 245         {
 246                 // No userid entered
 247                 LOAD_URL(URL."/modules.php?module=index");
 248         }
 249 }
 250  else
 251 {
 252         // You have to configure first!
 253         LOAD_URL(URL."/install.php");
 254 }
 255 // Really all done here... ;-)
 256 ?>