beg.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 01/09/2005 *
   4  * ===============                              Last change: 01/09/2005 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : beg.php                                          *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Beg link for members                             *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Load security stuff here
  40 require('inc/libs/security_functions.php');
  41
  42 // Init start time
  43 $GLOBALS['startTime'] = microtime(true);
  44
  45 // Set module
  46 $GLOBALS['module'] = 'beg';
  47 $GLOBALS['refid']  = 0;
  48 $GLOBALS['output_mode'] = -1;
  49 $msg = null;
  50
  51 // Load the required file(s)
  52 require('inc/config-global.php');
  53
  54 // Is the 'beg' extension active?
  55 REDIRCT_ON_UNINSTALLED_EXTENSION('beg');
  56
  57 // Is the script installed?
  58 if (!isInstalled()) {
  59         // You have to install first!
  60         redirectToUrl('install.php');
  61 } // END - if
  62
  63 // Check for userid
  64 if (REQUEST_ISSET_GET('uid')) {
  65         // Init variables
  66         $uid = 0;
  67         $result = false;
  68         $points = 0;
  69
  70         // Don't pay is the default...
  71         $pay = false;
  72
  73         // Validate if it is not a number
  74         if (''.(REQUEST_GET('uid') + 0).'' !== ''.REQUEST_GET('uid').'') {
  75                 if (EXT_IS_ACTIVE('nickname')) {
  76                         // Maybe we have found a nickname?
  77                         $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
  78                         array(REQUEST_GET('uid')), __FILE__, __LINE__);
  79                 } else {
  80                         // Nickname entered but nickname is not active
  81                         $msg = getCode('EXTENSION_PROBLEM');
  82                         $uid = -1;
  83                 }
  84         } else {
  85                 // Direct userid
  86                 $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
  87                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
  88         }
  89
  90         // Check if locked in so don't pay points
  91         $status = 'failed';
  92
  93         // Check if account was found
  94         if (SQL_NUMROWS($result) == 1) {
  95                 // Found an ID so we simply set it
  96                 list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
  97
  98                 // Account confirmed?
  99                 if ($status == 'CONFIRMED') {
 100                         // Secure userid
 101                         $uid = bigintval($uid);
 102
 103                         // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
 104                         // If we need more number behind the decimal dot then we just need to increase all these three
 105                         // numbers matching to the numbers behind the decimal dot. Simple! ;-)
 106                         $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
 107
 108                         // Set nickname / userid for the template(s
 109                         define('__BEG_UID'   , REQUEST_GET('uid'));
 110                         define('__BEG_CLICKS', ($clicks + 1));
 111                         define('__BEG_BANNER', LOAD_TEMPLATE('beg_banner', true));
 112                         define('__BEG_POINTS', translateComma($points));
 113                 } else {
 114                         // Other status
 115                         $uid = 0;
 116                 }
 117         } // END - if
 118
 119         // Free memory
 120         SQL_FREERESULT($result);
 121
 122         // User id valid and not webmaster's id?
 123         if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
 124                 // Update counter
 125                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
 126                 array($uid), __FILE__, __LINE__);
 127
 128                 // Check for last entry for userid w/o IP number
 129                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
 130                 array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
 131
 132                 // Entry not found, points set and not logged in?
 133                 if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == 'NONE')) {
 134
 135                         // Admin is testing?
 136                         if (!IS_ADMIN()) {
 137                                 // Remember remote address, userid and timestamp for next click
 138                                 // but only when there is no admin begging.
 139                                 // Admins shall be able to test it!
 140                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
 141                                 array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);
 142
 143                                 // Was is successfull?
 144                                 $pay (SQL_AFFECTEDROWS() == 1);
 145                         } else {
 146                                 // Is admin!
 147                                 $pay = true;
 148                         }
 149
 150                         // Pay points?
 151                         if ($pay === true) {
 152                                 // Add points to user or begging rallye account
 153                                 if (BEG_ADD_POINTS($uid, $points)) {
 154                                         // Set 'done' message
 155                                         $content['msg'] = LOAD_TEMPLATE('beg_done', true);
 156                                 } else {
 157                                         // Error!
 158                                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
 159                                 }
 160                         } else {
 161                                 // Error!
 162                                 $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
 163                         }
 164                 } elseif (IS_MEMBER()) {
 165                         // Logged in user found!
 166                         $content['msg'] = LOAD_TEMPLATE('beg_login', true);
 167                 } elseif (getConfig('beg_pay_mode') != 'NONE') { // Other pay-mode active!
 168                         // Prepare content for template
 169                         $content = array(
 170                                 'clicks' => constant('__BEG_CLICKS'),
 171                                 'points' => constant('__BEG_POINTS'),
 172                                 'uid'    => constant('__BEG_UID')
 173                         );
 174
 175                         // Load message template depending on pay-mode
 176                         $content['msg'] = LOAD_TEMPLATE('beg_pay_mode_'.strtolower(getConfig('beg_pay_mode')), true, $content);
 177                         $pay = true;
 178                 } else {
 179                         // Clicked received while reload lock is active
 180                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
 181                 }
 182
 183                 // Free memory
 184                 SQL_FREERESULT($result);
 185
 186                 // Include header
 187                 loadIncludeOnce('inc/header.php');
 188
 189                 // Load final template
 190                 LOAD_TEMPLATE('beg_link', false, $content);
 191
 192                 // Tracker code enabled? (We don't track users here!
 193                 if ((getConfig('beg_pay_mode') != 'NONE') && ($pay === true)) {
 194                         // Prepare content for template
 195                         // @TODO Opps, what is missing here???
 196                         $content = array(
 197                         );
 198
 199                         // Include config-depending template
 200                         LOAD_TEMPLATE('beg_pay_code_'.strtolower(getConfig('beg_pay_mode')), false, $content);
 201                 } elseif ((!$pay) && (!isset($content['msg']))) {
 202                         // Cannot pay! :-(
 203                         $content['msg'] = LOAD_TEMPLATE('beg_failed', true);
 204                 }
 205
 206                 // Include footer
 207                 loadIncludeOnce('inc/footer.php');
 208         } elseif (($status != 'CONFIRMED') && ($status != 'failed')) {
 209                 // Maybe locked/unconfirmed account?
 210                 $msg = generateErrorCodeFromUserStatus($status);
 211         } elseif (($uid == '0') || ($status == 'failed')) {
 212                 // Inalid or locked account, so let's find out
 213                 $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
 214                 array(REQUEST_GET('uid')), __FILE__, __LINE__);
 215                 if (SQL_NUMROWS($result) == 1) {
 216                         // Locked account
 217                         $msg = getCode('ACCOUNT_LOCKED');
 218                 } else {
 219                         // Invalid nickname! (404)
 220                         $msg = getCode('USER_404');
 221                 }
 222
 223                 // Free memory
 224                 SQL_FREERESULT($result);
 225         } elseif ($uid == getConfig('beg_uid')) {
 226                 // Webmaster's ID cannot beg for points!
 227                 $msg = getCode('BEG_SAME_AS_OWN');
 228         }
 229
 230         // Reload to index module
 231         if ((!empty($msg)) && (!empty($msg))) redirectToUrl('modules.php?module=index&amp;msg='.$msg.'&amp;ext=beg');
 232 } else {
 233         // No userid entered
 234         redirectToUrl('modules.php?module=index');
 235 }
 236
 237 // Really all done here... ;-)
 238 shutdown();
 239
 240 //
 241 ?>