Rewritten all THEME_FOO variables to GLOBALS
[mailer.git] / beg.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 01/09/2005 *
4  * ===============                              Last change: 01/09/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : beg.php                                          *
8  * -------------------------------------------------------------------- *
9  * Short description : Beg link for members                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software; you can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License, or    *
26  * (at your option) any later version.                                  *
27  *                                                                      *
28  * This program is distributed in the hope that it will be useful,      *
29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
31  * GNU General Public License for more details.                         *
32  *                                                                      *
33  * You should have received a copy of the GNU General Public License    *
34  * along with this program; if not, write to the Free Software          *
35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
36  * MA  02110-1301  USA                                                  *
37  ************************************************************************/
38
39 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
40 require("inc/libs/security_functions.php");
41
42 // Init "action" and "what"
43 $GLOBALS['startTime'] = microtime(true);
44 $GLOBALS['what'] = "";
45 $GLOBALS['action'] = "";
46
47 // Set module
48 $GLOBALS['module'] = "beg";
49 $GLOBALS['refid']  = 0;
50 $GLOBALS['output_mode'] = -1;
51 $msg = null;
52
53 // Load the required file(s)
54 require("inc/config.php");
55
56 // Is the "beg" extension active?
57 REDIRCT_ON_UNINSTALLED_EXTENSION("beg");
58
59 // Is the script installed?
60 if (isInstalled()) {
61         // Check for userid
62         if (REQUEST_ISSET_GET(('uid'))) {
63                 // Init variables
64                 $uid = 0;
65                 $result = false;
66                 $points = 0;
67
68                 // Don't pay is the default...
69                 $pay = false;
70
71                 // Validate if it is not a number
72                 if ("".(REQUEST_GET('uid') + 0)."" !== "".REQUEST_GET('uid')."") {
73                         if (EXT_IS_ACTIVE("nickname")) {
74                                 // Maybe we have found a nickname?
75                                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
76                                         array(REQUEST_GET('uid')), __FILE__, __LINE__);
77                         } else {
78                                 // Nickname entered but nickname is not active
79                                 $msg = getCode('EXTENSION_PROBLEM');
80                                 $uid = -1;
81                         }
82                 } else {
83                         // Direct userid
84                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
85                                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
86                 }
87
88                 // Check if locked in so don't pay points
89                 $status = "failed";
90
91                 // Check if account was found
92                 if (SQL_NUMROWS($result) == 1) {
93                         // Found an ID so we simply set it
94                         list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
95
96                         // Account confirmed?
97                         if ($status == "CONFIRMED") {
98                                 // Secure userid
99                                 $uid = bigintval($uid);
100
101                                 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
102                                 // If we need more number behind the decimal dot then we just need to increase all these three
103                                 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
104                                 $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
105
106                                 // Set nickname / userid for the template(s
107                                 define('__BEG_UID'   , REQUEST_GET(('uid')));
108                                 define('__BEG_CLICKS', ($clicks + 1));
109                                 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
110                                 define('__BEG_POINTS', TRANSLATE_COMMA($points));
111                         } else {
112                                 // Other status
113                                 $uid = 0;
114                         }
115                 } // END - if
116
117                 // Free memory
118                 SQL_FREERESULT($result);
119
120                 // User id valid and not webmaster's id?
121                 if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
122                         // Update counter
123                         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
124                                 array($uid), __FILE__, __LINE__);
125
126                         // Check for last entry for userid w/o IP number
127                         $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
128                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
129
130                         // Entry not found, points set and not logged in?
131                         if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == "NONE")) {
132
133                                 // Admin is testing?
134                                 if (!IS_ADMIN()) {
135                                         // Remember remote address, userid and timestamp for next click
136                                         // but only when there is no admin begging.
137                                         // Admins shall be able to test it!
138                                         SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
139                                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
140
141                                         // Was is successfull?
142                                         if (SQL_AFFECTEDROWS() == 1) {
143                                                 // Okay!
144                                                 $pay = true;
145                                         } // END - if
146                                 } else {
147                                         // Is admin!
148                                         $pay = true;
149                                 }
150
151                                 // Pay points?
152                                 if ($pay === true) {
153                                         // Add points to user or begging rallye account
154                                         if (BEG_ADD_POINTS($uid, $points)) {
155                                                 // Set "done" message
156                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
157                                         } else {
158                                                 // Error!
159                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
160                                         }
161                                 } else {
162                                         // Error!
163                                         define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
164                                 }
165                         } elseif (IS_MEMBER()) {
166                                 // Logged in user found!
167                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
168                         } elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active!
169                                 // Prepare content for template
170                                 $content = array(
171                                         'clicks' => constant('__BEG_CLICKS'),
172                                         'points' => constant('__BEG_POINTS'),
173                                         'uid'    => constant('__BEG_UID')
174                                 );
175
176                                 // Load message template depending on pay-mode
177                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower(getConfig('beg_pay_mode')), true, $content));
178                                 $pay = true;
179                         } else {
180                                 // Clicked received while reload lock is active
181                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
182                         }
183
184                         // Free memory
185                         SQL_FREERESULT($result);
186
187                         // Include header
188                         LOAD_INC_ONCE("inc/header.php");
189
190                         // Load final template
191                         LOAD_TEMPLATE("beg_link");
192
193                         // Tracker code enabled? (We don't track users here!
194                         if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) {
195                                 // Prepare content for template
196                                 // @TODO Opps, what is missing here???
197                                 $content = array(
198                                 );
199
200                                 // Include config-depending template
201                                 LOAD_TEMPLATE("beg_pay_code_".strtolower(getConfig('beg_pay_mode')), false, $content);
202                         } elseif ((!$pay) && (!defined('__BEG_MSG'))) {
203                                 // Cannot pay! :-(
204                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
205                         }
206
207                         // Include footer
208                         LOAD_INC_ONCE("inc/footer.php");
209                 } elseif (($status != "CONFIRMED") && ($status != "failed")) {
210                         // Maybe locked/unconfirmed account?
211                         $msg = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status);
212                 } elseif (($uid == "0") || ($status == "failed")) {
213                         // Inalid or locked account, so let's find out
214                         $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
215                                 array(REQUEST_GET('uid')), __FILE__, __LINE__);
216                         if (SQL_NUMROWS($result) == 1) {
217                                 // Locked account
218                                 $msg = getCode('ACCOUNT_LOCKED');
219                         } else {
220                                 // Invalid nickname! (404)
221                                 $msg = getCode('USER_404');
222                         }
223
224                         // Free memory
225                         SQL_FREERESULT($result);
226                 } elseif ($uid == getConfig('beg_uid')) {
227                         // Webmaster's ID cannot beg for points!
228                         $msg = getCode('BEG_SAME_AS_OWN');
229                 }
230
231                 // Reload to index module
232                 if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&amp;msg=".$msg."&amp;ext=beg");
233         } else {
234                 // No userid entered
235                 LOAD_URL("modules.php?module=index");
236         }
237 } else {
238         // You have to install first!
239         LOAD_URL("install.php");
240 }
241
242 // Really all done here... ;-)
243 shutdown();
244
245 //
246 ?>