Filters should be executed even when sql_patches is out-dated
[mailer.git] / beg.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 01/09/2005 *
4  * ===============                              Last change: 01/09/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : beg.php                                          *
8  * -------------------------------------------------------------------- *
9  * Short description : Beg link for members                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software; you can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License, or    *
26  * (at your option) any later version.                                  *
27  *                                                                      *
28  * This program is distributed in the hope that it will be useful,      *
29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
31  * GNU General Public License for more details.                         *
32  *                                                                      *
33  * You should have received a copy of the GNU General Public License    *
34  * along with this program; if not, write to the Free Software          *
35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
36  * MA  02110-1301  USA                                                  *
37  ************************************************************************/
38
39 // Load security stuff here
40 require('inc/libs/security_functions.php');
41
42 // Init start time
43 $GLOBALS['startTime'] = microtime(true);
44
45 // Set module
46 $GLOBALS['module'] = 'beg';
47 $GLOBALS['refid']  = 0;
48 $GLOBALS['output_mode'] = -1;
49 $msg = null;
50
51 // Load the required file(s)
52 require('inc/config-global.php');
53
54 // Is the 'beg' extension active?
55 REDIRCT_ON_UNINSTALLED_EXTENSION('beg');
56
57 // Is the script installed?
58 if (!isInstalled()) {
59         // You have to install first!
60         redirectToUrl('install.php');
61 } // END - if
62
63 // Check for userid
64 if (REQUEST_ISSET_GET('uid')) {
65         // Init variables
66         $uid = 0;
67         $result = false;
68         $points = 0;
69
70         // Don't pay is the default...
71         $pay = false;
72
73         // Validate if it is not a number
74         if (''.(REQUEST_GET('uid') + 0).'' !== ''.REQUEST_GET('uid').'') {
75                 if (EXT_IS_ACTIVE('nickname')) {
76                         // Maybe we have found a nickname?
77                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
78                         array(REQUEST_GET('uid')), __FILE__, __LINE__);
79                 } else {
80                         // Nickname entered but nickname is not active
81                         $msg = getCode('EXTENSION_PROBLEM');
82                         $uid = -1;
83                 }
84         } else {
85                 // Direct userid
86                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
87                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
88         }
89
90         // Check if locked in so don't pay points
91         $status = 'failed';
92
93         // Check if account was found
94         if (SQL_NUMROWS($result) == 1) {
95                 // Found an ID so we simply set it
96                 list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
97
98                 // Account confirmed?
99                 if ($status == 'CONFIRMED') {
100                         // Secure userid
101                         $uid = bigintval($uid);
102
103                         // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
104                         // If we need more number behind the decimal dot then we just need to increase all these three
105                         // numbers matching to the numbers behind the decimal dot. Simple! ;-)
106                         $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
107
108                         // Set nickname / userid for the template(s
109                         define('__BEG_UID'   , REQUEST_GET('uid'));
110                         define('__BEG_CLICKS', ($clicks + 1));
111                         define('__BEG_BANNER', LOAD_TEMPLATE('beg_banner', true));
112                         define('__BEG_POINTS', translateComma($points));
113                 } else {
114                         // Other status
115                         $uid = 0;
116                 }
117         } // END - if
118
119         // Free memory
120         SQL_FREERESULT($result);
121
122         // User id valid and not webmaster's id?
123         if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
124                 // Update counter
125                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
126                 array($uid), __FILE__, __LINE__);
127
128                 // Check for last entry for userid w/o IP number
129                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
130                 array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
131
132                 // Entry not found, points set and not logged in?
133                 if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == 'NONE')) {
134
135                         // Admin is testing?
136                         if (!IS_ADMIN()) {
137                                 // Remember remote address, userid and timestamp for next click
138                                 // but only when there is no admin begging.
139                                 // Admins shall be able to test it!
140                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
141                                 array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
142
143                                 // Was is successfull?
144                                 $pay (SQL_AFFECTEDROWS() == 1);
145                         } else {
146                                 // Is admin!
147                                 $pay = true;
148                         }
149
150                         // Pay points?
151                         if ($pay === true) {
152                                 // Add points to user or begging rallye account
153                                 if (BEG_ADD_POINTS($uid, $points)) {
154                                         // Set 'done' message
155                                         $content['msg'] = LOAD_TEMPLATE('beg_done', true);
156                                 } else {
157                                         // Error!
158                                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
159                                 }
160                         } else {
161                                 // Error!
162                                 $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
163                         }
164                 } elseif (IS_MEMBER()) {
165                         // Logged in user found!
166                         $content['msg'] = LOAD_TEMPLATE('beg_login', true);
167                 } elseif (getConfig('beg_pay_mode') != 'NONE') { // Other pay-mode active!
168                         // Prepare content for template
169                         $content = array(
170                                 'clicks' => constant('__BEG_CLICKS'),
171                                 'points' => constant('__BEG_POINTS'),
172                                 'uid'    => constant('__BEG_UID')
173                         );
174
175                         // Load message template depending on pay-mode
176                         $content['msg'] = LOAD_TEMPLATE('beg_pay_mode_'.strtolower(getConfig('beg_pay_mode')), true, $content);
177                         $pay = true;
178                 } else {
179                         // Clicked received while reload lock is active
180                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
181                 }
182
183                 // Free memory
184                 SQL_FREERESULT($result);
185
186                 // Include header
187                 loadIncludeOnce('inc/header.php');
188
189                 // Load final template
190                 LOAD_TEMPLATE('beg_link', false, $content);
191
192                 // Tracker code enabled? (We don't track users here!
193                 if ((getConfig('beg_pay_mode') != 'NONE') && ($pay === true)) {
194                         // Prepare content for template
195                         // @TODO Opps, what is missing here???
196                         $content = array(
197                         );
198
199                         // Include config-depending template
200                         LOAD_TEMPLATE('beg_pay_code_'.strtolower(getConfig('beg_pay_mode')), false, $content);
201                 } elseif ((!$pay) && (!isset($content['msg']))) {
202                         // Cannot pay! :-(
203                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
204                 }
205
206                 // Include footer
207                 loadIncludeOnce('inc/footer.php');
208         } elseif (($status != 'CONFIRMED') && ($status != 'failed')) {
209                 // Maybe locked/unconfirmed account?
210                 $msg = generateErrorCodeFromUserStatus($status);
211         } elseif (($uid == '0') || ($status == 'failed')) {
212                 // Inalid or locked account, so let's find out
213                 $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
214                 array(REQUEST_GET('uid')), __FILE__, __LINE__);
215                 if (SQL_NUMROWS($result) == 1) {
216                         // Locked account
217                         $msg = getCode('ACCOUNT_LOCKED');
218                 } else {
219                         // Invalid nickname! (404)
220                         $msg = getCode('USER_404');
221                 }
222
223                 // Free memory
224                 SQL_FREERESULT($result);
225         } elseif ($uid == getConfig('beg_uid')) {
226                 // Webmaster's ID cannot beg for points!
227                 $msg = getCode('BEG_SAME_AS_OWN');
228         }
229
230         // Reload to index module
231         if ((!empty($msg)) && (!empty($msg))) redirectToUrl('modules.php?module=index&amp;msg='.$msg.'&amp;ext=beg');
232 } else {
233         // No userid entered
234         redirectToUrl('modules.php?module=index');
235 }
236
237 // Really all done here... ;-)
238 shutdown();
239
240 //
241 ?>