2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 01/09/2005 *
\r
4 * =============== Last change: 01/09/2005 *
\r
6 * -------------------------------------------------------------------- *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : Beg link for members *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Bettel-Link fuer Mitglieder *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
\r
35 require_once("inc/libs/security_functions.php");
\r
37 // Init "action" and "what"
\r
38 global $what, $action;
\r
39 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
\r
40 if (!empty($_GET['action'])) $GLOBALS['action'] = trim(strip_tags($_GET['action']));
\r
41 if (!empty($_GET['what'])) $GLOBALS['what'] = trim(strip_tags($_GET['what']));
\r
44 $GLOBALS['module'] = "beg";
\r
45 $GLOBALS['refid'] = 0;
\r
48 // Load the required file(s)
\r
49 require ("inc/config.php");
\r
51 // Is the script installed?
\r
52 if (defined('mxchange_installed') && (mxchange_installed))
\r
55 if (!empty($_GET['uid']))
\r
58 if (bigintval($_GET['uid']) != $_GET['uid'])
\r
60 if (EXT_IS_ACTIVE("nickname"))
\r
62 // Maybe we have found a nickname?
\r
63 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
\r
64 array($_GET['uid']), __FILE__, __LINE__);
\r
68 // Nickname entered but nickname is not active
\r
69 $msg = CODE_EXTENSION_PROBLEM;
\r
77 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
78 array(bigintval($_GET['uid'])), __FILE__, __LINE__);
\r
81 // Check if locked in so don't pay points
\r
82 $login = false; $status = "failed";
\r
85 // Logged in user detected!
\r
89 // Check if account was found
\r
90 if ((SQL_NUMROWS($result) == 1) && ($result != false))
\r
92 // Found an ID so we simply set it
\r
93 list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
\r
94 if ($status == "CONFIRMED")
\r
97 $uid = bigintval($uid);
\r
99 // Calculate beg points
\r
100 srand((double)microtime() * 10000000000 / time());
\r
102 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
\r
103 // If we need more number behind the decimal dot then we just need to increase all these three
\r
104 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
\r
105 $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
\r
107 // Set nickname / userid for the template(s
\r
108 define('__BEG_UID' , $_GET['uid']);
\r
109 define('__BEG_CLICKS', ($clicks + 1));
\r
110 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
\r
111 define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
\r
121 SQL_FREERESULT($result);
\r
123 if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
\r
126 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
\r
127 array($uid), __FILE__, __LINE__);
\r
129 // Check for last entry for userid w/o IP number
\r
130 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
\r
131 array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
\r
132 if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
\r
135 SQL_FREERESULT($result);
\r
139 // Remember remote address, userid and timestamp for next click
\r
140 // but only when there is no admin begging.
\r
141 // Admins shall be able to test it!
\r
142 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
\r
143 array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
\r
146 // Set mode depending on how many mails the member has to confirm
\r
148 if (($ref_payout > 0) && ($CONFIG['direct_pay'] == "N")) $locked = true;
\r
150 // Is begging rallye active?
\r
151 if ($CONFIG['beg_rallye'] == "Y")
\r
153 // Add points to rallye account
\r
154 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
\r
155 array($POINTS, $uid), __FILE__, __LINE__);
\r
159 // Add points to account
\r
160 ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
\r
163 // Subtract begged points from member account if the admin has selected one
\r
164 if ($CONFIG['beg_uid'] > 0)
\r
166 // Subtract from this account
\r
167 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
\r
168 array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
\r
170 // Update mediadata as well
\r
171 if (GET_EXT_VERSION("mediadata") >= "0.0.4")
\r
174 MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
\r
179 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
\r
183 // Logged in user found!
\r
184 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
\r
187 SQL_FREERESULT($result);
\r
192 SQL_FREERESULT($result);
\r
194 // Clicked received while reload lock is active
\r
195 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
\r
199 require_once(PATH."inc/header.php");
\r
201 // Load final template
\r
202 LOAD_TEMPLATE("beg_link");
\r
205 require_once(PATH."inc/footer.php");
\r
207 elseif (($status != "CONFIRMED") && ($status != "failed"))
\r
209 // Maybe locked/unconfirmed account?
\r
212 case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account
\r
213 case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
\r
216 elseif (($uid == "0") || ($status == "failed"))
\r
218 // Inalid or locked account, so let's find out
\r
219 $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
\r
220 array($_GET['uid']), __FILE__, __LINE__);
\r
221 if (SQL_NUMROWS($result) == 1)
\r
224 $msg = CODE_ACCOUNT_LOCKED;
\r
228 // Invalid nickname! (404)
\r
229 $msg = CODE_USER_404;
\r
233 SQL_FREERESULT($result);
\r
235 elseif ($uid = $CONFIG['beg_uid'])
\r
237 // Webmaster's ID cannot beg for points!
\r
238 $msg = CODE_BEG_SAME_AS_OWN;
\r
241 // Reload to index module
\r
242 if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
\r
246 // No userid entered
\r
247 LOAD_URL(URL."/modules.php?module=index");
\r
252 // You have to configure first!
\r
253 LOAD_URL(URL."/install.php");
\r
255 // Really all done here... ;-)
\r