Cookie code removed, rewritten, internal URLs are now relative (see LOAD_URL()),...
[mailer.git] / doubler.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 02/13/2005 *
4  * ===============                              Last change: 02/13/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : doubler.php                                      *
8  * -------------------------------------------------------------------- *
9  * Short description : Points doubler                                   *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Punkteverdoppler                                 *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
35 require_once("inc/libs/security_functions.php");
36
37 // Init "action" and "what"
38 global $what, $action, $startTime;
39 $GLOBALS['startTime'] = microtime(true);
40 $GLOBALS['what'] = "";
41 $GLOBALS['action'] = "";
42
43 // Set module
44 $GLOBALS['module'] = "doubler";
45 $GLOBALS['refid'] = 0;
46 $CSS = 0;
47
48 // Load the required file(s)
49 require("inc/config.php");
50
51 // Is the "doubler" extension active?
52 if (!EXT_IS_ACTIVE("doubler")) {
53         // Redirect to index
54         LOAD_URL("modules.php?module=index&amp;msg=".CODE_EXTENSION_PROBLEM."&amp;ext=doubler");
55 } // END - if
56
57 // Is the script installed?
58 if (isBooleanConstantAndTrue('mxchange_installed')) {
59         // Probe for referal ID
60         if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']);
61
62         // Only check this if refid is provided!
63         if ($GLOBALS['refid'] > 0) {
64                 // Probe for nickname extension and if a nickname was supplied by URL
65                 $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($GLOBALS['refid'])."") != $GLOBALS['refid']));
66
67                 // Do we have nickname or userid set?
68                 if ($probe_nickname) {
69                         // Nickname in URL, so load the ID
70                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
71                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
72                 } else {
73                         // Direct userid entered
74                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
75                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
76                 }
77
78                 // Load data
79                 list($rid, $status_ref) = SQL_FETCHROW($result);
80                 $GLOBALS['refid'] = bigintval($rid);
81
82                 // Free memory
83                 SQL_FREERESULT($result);
84         } // END - if
85
86         // Init userid
87         $uid = 0;
88
89         // If no account was found set default refid and status to CONFIRMED
90         if (empty($GLOBALS['refid'])) {
91                 $GLOBALS['refid'] = getConfig('def_refid');
92                 $status = "CONFIRMED";
93         } // END - if
94
95         // Begin with doubler script...
96         if (isset($_POST['ok'])) {
97                 // Secure points (so only integer/double values are allowed
98                 $_POST['points'] = bigintval($_POST['points']);
99
100                 // Begin with doubling process
101                 if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) {
102                         // Probe for nickname extension and if a nickname was entered
103                         $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid']));
104                         if ($probe_nickname) {
105                                 // Nickname in URL, so load the ID
106                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
107                                         array($_POST['userid']), __FILE__, __LINE__);
108                         } else {
109                                 // Direct userid entered
110                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
111                                         array(bigintval($_POST['userid'])), __FILE__, __LINE__);
112                         }
113
114                         // Load data
115                         list($uid, $status, $password) = SQL_FETCHROW($result);
116                         $uid = bigintval($uid);
117
118                         // Free result
119                         SQL_FREERESULT($result);
120
121                         // Remove any dots and unwanted chars from the points
122                         $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points'])));
123
124                         // Probe for enough points
125                         $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max')));
126
127                         // Check all together
128                         if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
129                                 // Nickname resolved to a unique userid or direct userid entered by the member
130                                 $DOUBLER_UID = $uid;
131
132                                 // Calulcate points
133                                 $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
134
135                                 // So let's continue with probing his points amount
136                                 if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0) 
137                                         // Enough points are left so let's continue with the doubling process
138                                         // Create doubling "account" width *DOUBLED* points
139                                         SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
140                                                 array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
141
142                                         // Subtract entered points
143                                         SUB_POINTS("doubler", $uid, $_POST['points']);
144
145                                         // Add points to "total payed" including charge
146                                         $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge');
147                                         UPDATE_CONFIG("doubler_points", $points, "+");
148                                         incrementConfigEntry('doubler_points', $points);
149
150                                         // Add second line for the referal but only when uid != refid
151                                         if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
152                                                 // Okay add a refid line and apply refid percents
153                                                 SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
154                                                         array(
155                                                                 bigintval($GLOBALS['refid']),
156                                                                 bigintval($_POST['points'] * 2 * getConfig('doubler_ref'))
157                                                         ), __FILE__, __LINE__);
158
159                                                 // And that's why we don't want to you more than one referal level of doubler-points. ^^^
160                                         } // END - if
161
162                                         // Update usage counter
163                                         UPDATE_CONFIG("doubler_counter", 1, "+");
164                                         incrementCondigEntry('doubler_counter');
165
166                                         // Set constant
167                                         define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid']));
168                                 } else {
169                                         // Not enougth points left
170                                         define('__ERROR_MSG', DOUBLER_FORM_NO_POINTS_LEFT);
171                                 }
172                         } elseif ($status == "CONFIRMED") {
173                                 // Account is unconfirmed!
174                                 define('__ERROR_MSG', DOUBLER_FORM_WRONG_PASS);
175                         } elseif ($status == "UNCONFIRMED") {
176                                 // Account is unconfirmed!
177                                 define('__ERROR_MSG', DOUBLER_FORM_STATUS_UNCONFIRMED);
178                         } elseif ($status == "LOCKED") {
179                                 // Account is locked by admin / holiday!
180                                 define('__ERROR_MSG', DOUBLER_FORM_STATUS_LOCKED);
181                         } elseif ($_POST['points'] < getConfig('doubler_min')) {
182                                 // Not enougth points entered
183                                 define('__ERROR_MSG', DOUBLER_FORM_POINTS_MIN);
184                         } elseif ($_POST['points'] > getConfig('doubler_max')) {
185                                 // Too much points entered
186                                 define('__ERROR_MSG', DOUBLER_FORM_POINTS_MAX);
187                         } elseif ($probe_nickname) {
188                                 // Cannot resolv nickname -> userid
189                                 define('__ERROR_MSG', DOUBLER_FORM_404_NICKNAME);
190                         } else {
191                                 // Wrong password or account not found
192                                 define('__ERROR_MSG', DOUBLER_FORM_404_MEMBER);
193                         }
194                 } elseif (empty($_POST['userid'])) {
195                         // Login not entered
196                         define('__ERROR_MSG', DOUBLER_FORM_404_LOGIN);
197                 } elseif (empty($_POST['pass'])) {
198                         // Password not entered
199                         define('__ERROR_MSG', DOUBLER_FORM_404_PASSWORD);
200                 } elseif (empty($_POST['points'])) {
201                         // points not entered
202                         define('__ERROR_MSG', DOUBLER_FORM_404_POINTS);
203                 }
204         }
205
206         // Set messages to nothing
207         if (!defined('__DOUBLER_MSG')) define('__DOUBLER_MSG', "");
208         if (!defined('__ERROR_MSG'))   define('__ERROR_MSG'  , "");
209
210         // Shall I check for points immediately?
211         if (getConfig('doubler_send_mode') == "DIRECT") require(PATH."inc/doubler_send.php");
212
213         // Output header
214         include(PATH."inc/header.php");
215
216         // Banner in text
217         define('__DOUBLER_BANNER', LOAD_TEMPLATE("doubler_banner", true));
218
219         // Load header/footer templates
220         define('__DOUBLER_HEADER', LOAD_TEMPLATE("doubler_header", true));
221         define('__DOUBLER_FOOTER', LOAD_TEMPLATE("doubler_footer", true));
222
223         if (!empty($uid)) {
224                 // Transfer userid/nickname to constant
225                 define('__REFID', $uid);
226         } else {
227                 // Transfer userid/nickname to constant
228                 define('__REFID', $GLOBALS['refid']);
229         }
230
231         // Percent values etc.
232         define('__CHARGE_VALUE', TRANSLATE_COMMA(getConfig('doubler_charge') * 100));
233         define('__REF_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_ref') * 100));
234         define('__TOTAL_VALUE' , TRANSLATE_COMMA(getConfig('doubler_points')));
235         define('__MIN_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_min')));
236         define('__MAX_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_max')));
237
238         // Text "Enter login"
239         if (EXT_IS_ACTIVE("nickname")) {
240                 // Choose login/nickname
241                 define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN_NICKNAME);
242         } else {
243                 // Simple login ID
244                 define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN);
245         }
246
247         // Which mail-send-mode did the admin setup?
248         switch (getConfig('doubler_send_mode'))
249         {
250         case "DIRECT":
251                 define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_DIRECT);
252                 break;
253
254         case "RESET":
255                 define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_RESET);
256                 break;
257         }
258
259         // Generate table with already payed out doubles
260         define('__DOUBLER_PAYOUT_HISTORY', DOUBLER_GENERATE_TABLE("0", "Y", "N", "DESC"));
261
262         // Generate timemark
263         define('__TIMEOUT_MARK', CREATE_FANCY_TIME(getConfig('doubler_timeout')));
264
265         // Usage counter
266         define('__DOUBLER_COUNTER', getConfig('doubler_counter'));
267
268         // Points left to doubler
269         define('__LEFT_VALUE', TRANSLATE_COMMA(DOUBLER_GET_TOTAL_POINTS_LEFT()));
270
271         // Output neccessary form for this
272         LOAD_TEMPLATE("doubler_index");
273
274         // Output footer
275         include(PATH."inc/footer.php");
276 } else {
277         // You have to configure first!
278         LOAD_URL("install.php");
279 }
280
281 // Really all done here... ;-)
282 ?>