531e8dbf719f7ce74c7bece01ae1c64896fad504
[mailer.git] / beg.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 01/09/2005 *
4  * ===============                              Last change: 01/09/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : beg.php                                          *
8  * -------------------------------------------------------------------- *
9  * Short description : Beg link for members                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
35 require_once("inc/libs/security_functions.php");
36
37 // Init "action" and "what"
38 global $what, $action, $startTime;
39 $GLOBALS['startTime'] = microtime(true);
40 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
41
42 // Set module
43 $GLOBALS['module'] = "beg";
44 $GLOBALS['refid']  = 0;
45 $CSS = -1;
46 $msg = null;
47
48 // Load the required file(s)
49 require("inc/config.php");
50
51 // Is the "beg" extension active?
52 if (!EXT_IS_ACTIVE("beg")) {
53         // Redirect to index
54         LOAD_URL("modules.php?module=index&amp;msg=".CODE_EXTENSION_PROBLEM."&amp;ext=beg");
55 } // END - if
56
57 // Is the script installed?
58 if (isBooleanConstantAndTrue('mxchange_installed')) {
59         // Check for userid
60         if (!empty($_GET['uid'])) {
61                 // Init variables
62                 $uid = 0;
63                 $result = false;
64                 $points = 0;
65
66                 // Don't pay is the default...
67                 $pay = false;
68
69                 // Validate if it is not a number
70                 if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") {
71                         if (EXT_IS_ACTIVE("nickname")) {
72                                 // Maybe we have found a nickname?
73                                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
74                                         array($_GET['uid']), __FILE__, __LINE__);
75                         } else {
76                                 // Nickname entered but nickname is not active
77                                 $msg = CODE_EXTENSION_PROBLEM;
78                                 $uid = -1;
79                         }
80                 } else {
81                         // Direct userid
82                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
83                                 array(bigintval($_GET['uid'])), __FILE__, __LINE__);
84                 }
85
86                 // Check if locked in so don't pay points
87                 $status = "failed";
88
89                 // Check if account was found
90                 if (SQL_NUMROWS($result) == 1) {
91                         // Found an ID so we simply set it
92                         list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
93
94                         // Account confirmed?
95                         if ($status == "CONFIRMED") {
96                                 // Secure userid
97                                 $uid = bigintval($uid);
98
99                                 // Calculate beg points
100                                 mt_srand((double)microtime() * 10000000000 / time());
101
102                                 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
103                                 // If we need more number behind the decimal dot then we just need to increase all these three
104                                 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
105                                 $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
106
107                                 // Set nickname / userid for the template(s
108                                 define('__BEG_UID'   , SQL_ESCAPE($_GET['uid']));
109                                 define('__BEG_CLICKS', ($clicks + 1));
110                                 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
111                                 define('__BEG_POINTS', TRANSLATE_COMMA($points));
112                         } else {
113                                 // Other status
114                                 $uid = 0;
115                         }
116                 } // END - if
117
118                 // Free memory
119                 SQL_FREERESULT($result);
120
121                 // User id valid and not webmaster's id?
122                 if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
123                         // Update counter
124                         SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
125                                 array($uid), __FILE__, __LINE__);
126
127                         // Check for last entry for userid w/o IP number
128                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
129                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
130
131                         // Entry not found, points set and not logged in?
132                         if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == "NONE")) {
133
134                                 // Admin is testing?
135                                 if (!IS_ADMIN()) {
136                                         // Remember remote address, userid and timestamp for next click
137                                         // but only when there is no admin begging.
138                                         // Admins shall be able to test it!
139                                         SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
140                                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
141
142                                         // Was is successfull?
143                                         if (SQL_AFFECTEDROWS() == 1) {
144                                                 // Okay!
145                                                 $pay = true;
146                                         } // END - if
147                                 } else {
148                                         // Is admin!
149                                         $pay = true;
150                                 }
151
152                                 // Pay points?
153                                 if ($pay) {
154                                         // Add points to user or begging rallye account
155                                         if (BEG_ADD_POINTS($uid, $points)) {
156                                                 // Set "done" message
157                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
158                                         } else {
159                                                 // Error!
160                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
161                                         }
162                                 } else {
163                                         // Error!
164                                         define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
165                                 }
166                         } elseif (IS_MEMBER()) {
167                                 // Logged in user found!
168                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
169                         } elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active!
170                                 // Prepare content for template
171                                 $content = array(
172                                         'clicks' => __BEG_CLICKS,
173                                         'points' => __BEG_POINTS,
174                                         'uid'    => __BEG_UID
175                                 );
176
177                                 // Load message template depending on pay-mode
178                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower(getConfig('beg_pay_mode')), true, $content));
179                                 $pay = true;
180                         } else {
181                                 // Clicked received while reload lock is active
182                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
183                         }
184
185                         // Free memory
186                         SQL_FREERESULT($result);
187
188                         // Include header
189                         require_once(PATH."inc/header.php");
190
191                         // Load final template
192                         LOAD_TEMPLATE("beg_link");
193
194                         // Tracker code enabled? (We don't track users here!
195                         if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) {
196                                 // Prepare content for template
197                                 $content = array(
198                                 );
199
200                                 // Include config-depending template
201                                 LOAD_TEMPLATE("beg_pay_code_".strtolower(getConfig('beg_pay_mode')), false, $content);
202                         } elseif ((!$pay) && (!defined('__BEG_MSG'))) {
203                                 // Cannot pay! :-(
204                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
205                         }
206
207                         // Include footer
208                         require_once(PATH."inc/footer.php");
209                 } elseif (($status != "CONFIRMED") && ($status != "failed")) {
210                         // Maybe locked/unconfirmed account?
211                         switch ($status) {
212                                 case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
213                                 case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
214                         }
215                 } elseif (($uid == "0") || ($status == "failed")) {
216                         // Inalid or locked account, so let's find out
217                         $result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
218                                 array($_GET['uid']), __FILE__, __LINE__);
219                         if (SQL_NUMROWS($result) == 1) {
220                                 // Locked account
221                                 $msg = CODE_ACCOUNT_LOCKED;
222                         } else {
223                                 // Invalid nickname! (404)
224                                 $msg = CODE_USER_404;
225                         }
226
227                         // Free memory
228                         SQL_FREERESULT($result);
229                 } elseif ($uid == getConfig('beg_uid')) {
230                         // Webmaster's ID cannot beg for points!
231                         $msg = CODE_BEG_SAME_AS_OWN;
232                 }
233
234                 // Reload to index module
235                 if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&amp;msg=".$msg."&amp;ext=beg");
236         } else {
237                 // No userid entered
238                 LOAD_URL("modules.php?module=index");
239         }
240 } else {
241         // You have to configure first!
242         LOAD_URL("install.php");
243 }
244
245 // Really all done here... ;-)
246 ?>