bcc39658e6b1b83cab5b098f1a297fd0e1ca5276
[mailer.git] / beg.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 01/09/2005 *
4  * ===============                              Last change: 01/09/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : beg.php                                          *
8  * -------------------------------------------------------------------- *
9  * Short description : Beg link for members                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
35 require("inc/libs/security_functions.php");
36
37 // Init "action" and "what"
38 $GLOBALS['startTime'] = microtime(true);
39 $GLOBALS['what'] = "";
40 $GLOBALS['action'] = "";
41
42 // Set module
43 $GLOBALS['module'] = "beg";
44 $GLOBALS['refid']  = 0;
45 $GLOBALS['output_mode'] = -1;
46 $msg = null;
47
48 // Load the required file(s)
49 require("inc/config.php");
50
51 // Is the "beg" extension active?
52 REDIRCT_ON_UNINSTALLED_EXTENSION("beg");
53
54 // Is the script installed?
55 if (isBooleanConstantAndTrue('mxchange_installed')) {
56         // Check for userid
57         if (REQUEST_ISSET_GET(('uid'))) {
58                 // Init variables
59                 $uid = 0;
60                 $result = false;
61                 $points = 0;
62
63                 // Don't pay is the default...
64                 $pay = false;
65
66                 // Validate if it is not a number
67                 if ("".(REQUEST_GET('uid') + 0)."" !== "".REQUEST_GET('uid')."") {
68                         if (EXT_IS_ACTIVE("nickname")) {
69                                 // Maybe we have found a nickname?
70                                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
71                                         array(REQUEST_GET('uid')), __FILE__, __LINE__);
72                         } else {
73                                 // Nickname entered but nickname is not active
74                                 $msg = constant('CODE_EXTENSION_PROBLEM');
75                                 $uid = -1;
76                         }
77                 } else {
78                         // Direct userid
79                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
80                                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
81                 }
82
83                 // Check if locked in so don't pay points
84                 $status = "failed";
85
86                 // Check if account was found
87                 if (SQL_NUMROWS($result) == 1) {
88                         // Found an ID so we simply set it
89                         list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
90
91                         // Account confirmed?
92                         if ($status == "CONFIRMED") {
93                                 // Secure userid
94                                 $uid = bigintval($uid);
95
96                                 // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
97                                 // If we need more number behind the decimal dot then we just need to increase all these three
98                                 // numbers matching to the numbers behind the decimal dot. Simple! ;-)
99                                 $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
100
101                                 // Set nickname / userid for the template(s
102                                 define('__BEG_UID'   , REQUEST_GET(('uid')));
103                                 define('__BEG_CLICKS', ($clicks + 1));
104                                 define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
105                                 define('__BEG_POINTS', TRANSLATE_COMMA($points));
106                         } else {
107                                 // Other status
108                                 $uid = 0;
109                         }
110                 } // END - if
111
112                 // Free memory
113                 SQL_FREERESULT($result);
114
115                 // User id valid and not webmaster's id?
116                 if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
117                         // Update counter
118                         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
119                                 array($uid), __FILE__, __LINE__);
120
121                         // Check for last entry for userid w/o IP number
122                         $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
123                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
124
125                         // Entry not found, points set and not logged in?
126                         if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == "NONE")) {
127
128                                 // Admin is testing?
129                                 if (!IS_ADMIN()) {
130                                         // Remember remote address, userid and timestamp for next click
131                                         // but only when there is no admin begging.
132                                         // Admins shall be able to test it!
133                                         SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
134                                                 array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
135
136                                         // Was is successfull?
137                                         if (SQL_AFFECTEDROWS() == 1) {
138                                                 // Okay!
139                                                 $pay = true;
140                                         } // END - if
141                                 } else {
142                                         // Is admin!
143                                         $pay = true;
144                                 }
145
146                                 // Pay points?
147                                 if ($pay === true) {
148                                         // Add points to user or begging rallye account
149                                         if (BEG_ADD_POINTS($uid, $points)) {
150                                                 // Set "done" message
151                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
152                                         } else {
153                                                 // Error!
154                                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
155                                         }
156                                 } else {
157                                         // Error!
158                                         define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
159                                 }
160                         } elseif (IS_MEMBER()) {
161                                 // Logged in user found!
162                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
163                         } elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active!
164                                 // Prepare content for template
165                                 $content = array(
166                                         'clicks' => constant('__BEG_CLICKS'),
167                                         'points' => constant('__BEG_POINTS'),
168                                         'uid'    => constant('__BEG_UID')
169                                 );
170
171                                 // Load message template depending on pay-mode
172                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower(getConfig('beg_pay_mode')), true, $content));
173                                 $pay = true;
174                         } else {
175                                 // Clicked received while reload lock is active
176                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
177                         }
178
179                         // Free memory
180                         SQL_FREERESULT($result);
181
182                         // Include header
183                         LOAD_INC_ONCE("inc/header.php");
184
185                         // Load final template
186                         LOAD_TEMPLATE("beg_link");
187
188                         // Tracker code enabled? (We don't track users here!
189                         if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) {
190                                 // Prepare content for template
191                                 // @TODO Opps, what is missing here???
192                                 $content = array(
193                                 );
194
195                                 // Include config-depending template
196                                 LOAD_TEMPLATE("beg_pay_code_".strtolower(getConfig('beg_pay_mode')), false, $content);
197                         } elseif ((!$pay) && (!defined('__BEG_MSG'))) {
198                                 // Cannot pay! :-(
199                                 define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
200                         }
201
202                         // Include footer
203                         LOAD_INC_ONCE("inc/footer.php");
204                 } elseif (($status != "CONFIRMED") && ($status != "failed")) {
205                         // Maybe locked/unconfirmed account?
206                         $msg = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status);
207                 } elseif (($uid == "0") || ($status == "failed")) {
208                         // Inalid or locked account, so let's find out
209                         $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
210                                 array(REQUEST_GET('uid')), __FILE__, __LINE__);
211                         if (SQL_NUMROWS($result) == 1) {
212                                 // Locked account
213                                 $msg = constant('CODE_ACCOUNT_LOCKED');
214                         } else {
215                                 // Invalid nickname! (404)
216                                 $msg = constant('CODE_USER_404');
217                         }
218
219                         // Free memory
220                         SQL_FREERESULT($result);
221                 } elseif ($uid == getConfig('beg_uid')) {
222                         // Webmaster's ID cannot beg for points!
223                         $msg = constant('CODE_BEG_SAME_AS_OWN');
224                 }
225
226                 // Reload to index module
227                 if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&amp;msg=".$msg."&amp;ext=beg");
228         } else {
229                 // No userid entered
230                 LOAD_URL("modules.php?module=index");
231         }
232 } else {
233         // You have to install first!
234         LOAD_URL("install.php");
235 }
236
237 // Really all done here... ;-)
238 ?>