removed
[mailer.git] / beg.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 01/09/2005 *
4  * ===============                              Last change: 01/09/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : beg.php                                          *
8  * -------------------------------------------------------------------- *
9  * Short description : Beg link for members                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
35 require_once("inc/libs/security_functions.php");
36
37 // Init "action" and "what"
38 global $what, $action;
39 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
40 if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
41 if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
42
43 // Set module
44 $GLOBALS['module'] = "beg";
45 $GLOBALS['refid']  = 0;
46 $CSS = -1;
47
48 // Load the required file(s)
49 require ("inc/config.php");
50
51 // Is the script installed?
52 if (defined('mxchange_installed') && (mxchange_installed))
53 {
54         // Check for userid
55         if (!empty($_GET['uid']))
56         {
57                 $uid = 0;
58                 if (bigintval($_GET['uid']) != $_GET['uid'])
59                 {
60                         if (EXT_IS_ACTIVE("nickname"))
61                         {
62                                 // Maybe we have found a nickname?
63                                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
64                                  array($_GET['uid']), __FILE__, __LINE__);
65                         }
66                          else
67                         {
68                                 // Nickname entered but nickname is not active
69                                 $msg = CODE_EXTENSION_PROBLEM;
70                                 $uid = -1;
71                                 $result = false;
72                         }
73                 }
74                  else
75                 {
76                         // Direct userid
77                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
78                          array(bigintval($_GET['uid'])), __FILE__, __LINE__);
79                 }
80
81                 // Check if locked in so don't pay points
82                 $login = false; $status = "failed";
83                 if (IS_LOGGED_IN())
84                 {
85                         // Logged in user detected!
86                         $login = true;
87                 }
88
89                 // Check if account was found
90                 if ((SQL_NUMROWS($result) == 1) && ($result != false))
91                 {
92                         // Found an ID so we simply set it
93                         list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
94                         if ($status == "CONFIRMED")
95                         {
96                                 // Secure userid
97                                 $uid = bigintval($uid);
98
99                                 // Calculate beg points
100                                 srand((double)microtime() * 10000000000 / time());
101
102                                 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
103                                 // If we need more number behind the decimal dot then we just need to increase all these three
104                                 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
105                                 $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
106
107                                 // Set nickname / userid for the template(s
108                                 define('__BEG_UID'   , $_GET['uid']);
109                                 define('__BEG_CLICKS', ($clicks + 1));
110                                 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
111                                 define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
112                         }
113                          else
114                         {
115                                 // Other status
116                                 $uid = "0";
117                         }
118                 }
119
120                 // Free memory
121                 SQL_FREERESULT($result);
122
123                 if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
124                 {
125                         // Update counter
126                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
127                          array($uid), __FILE__, __LINE__);
128
129                         // Check for last entry for userid w/o IP number
130                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
131                          array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
132                         if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
133                         {
134                                 // Free memory
135                                 SQL_FREERESULT($result);
136
137                                 if (!IS_ADMIN())
138                                 {
139                                         // Remember remote address, userid and timestamp for next click
140                                         // but only when there is no admin begging.
141                                         // Admins shall be able to test it!
142                                         $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
143                                          array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
144                                 }
145
146                                 // Set mode depending on how many mails the member has to confirm
147                                 $locked = false;
148                                 if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == "N")) $locked = true;
149
150                                 // Is begging rallye active?
151                                 if ($CONFIG['beg_rallye'] == "Y")
152                                 {
153                                         // Add points to rallye account
154                                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
155                                          array($POINTS, $uid), __FILE__, __LINE__);
156                                 }
157                                  else
158                                 {
159                                         // Add points to account
160                                         ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
161                                 }
162
163                                 // Subtract begged points from member account if the admin has selected one
164                                 if ($CONFIG['beg_uid'] > 0)
165                                 {
166                                         // Subtract from this account
167                                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
168                                          array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
169
170                                         // Update mediadata as well
171                                         if (GET_EXT_VERSION("mediadata") >= "0.0.4")
172                                         {
173                                                 // Update database
174                                                 MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
175                                         }
176                                 }
177
178                                 // Set message
179                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
180                         }
181                          elseif ($login)
182                         {
183                                 // Logged in user found!
184                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
185
186                                 // Free memory
187                                 SQL_FREERESULT($result);
188                         }
189                          else
190                         {
191                                 // Free memory
192                                 SQL_FREERESULT($result);
193
194                                 // Clicked received while reload lock is active
195                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
196                         }
197
198                         // Include header
199                         require_once(PATH."inc/header.php");
200
201                         // Load final template
202                         LOAD_TEMPLATE("beg_link");
203
204                         // Include footer
205                         require_once(PATH."inc/footer.php");
206                 }
207                  elseif (($status != "CONFIRMED") && ($status != "failed"))
208                 {
209                         // Maybe locked/unconfirmed account?
210                         switch ($status)
211                         {
212                                 case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
213                                 case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
214                         }
215                 }
216                  elseif (($uid == "0") || ($status == "failed"))
217                 {
218                         // Inalid or locked account, so let's find out
219                         $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
220                          array($_GET['uid']), __FILE__, __LINE__);
221                         if (SQL_NUMROWS($result) == 1)
222                         {
223                                 // Locked account
224                                 $msg = CODE_ACCOUNT_LOCKED;
225                         }
226                          else
227                         {
228                                 // Invalid nickname! (404)
229                                 $msg = CODE_USER_404;
230                         }
231
232                         // Free memory
233                         SQL_FREERESULT($result);
234                 }
235                  elseif ($uid = $CONFIG['beg_uid'])
236                 {
237                         // Webmaster's ID cannot beg for points!
238                         $msg = CODE_BEG_SAME_AS_OWN;
239                 }
240
241                 // Reload to index module
242                 if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
243         }
244          else
245         {
246                 // No userid entered
247                 LOAD_URL(URL."/modules.php?module=index");
248         }
249 }
250  else
251 {
252         // You have to configure first!
253         LOAD_URL(URL."/install.php");
254 }
255 // Really all done here... ;-)
256 ?>