A lot while() conditions rewritten to SQL_FETCHARRAY(), see bug #107, @TODO tags...
[mailer.git] / doubler.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 02/13/2005 *
4  * ===============                              Last change: 02/13/2005 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : doubler.php                                      *
8  * -------------------------------------------------------------------- *
9  * Short description : Points doubler                                   *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Punkteverdoppler                                 *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
35 require("inc/libs/security_functions.php");
36
37 // Init "action" and "what"
38 $GLOBALS['startTime'] = microtime(true);
39 $GLOBALS['what'] = "";
40 $GLOBALS['action'] = "";
41
42 // Set module
43 $GLOBALS['module'] = "doubler";
44 $GLOBALS['refid'] = 0;
45 $GLOBALS['output_mode'] = 0;
46
47 // Load the required file(s)
48 require("inc/config.php");
49
50 // Is the "doubler" extension active?
51 REDIRECT_ON_UNINSTALLED_EXTENSION("doubler");
52
53 // Is the script installed?
54 if (isInstalled()) {
55         // Probe for referal ID
56         if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid'));
57
58         // Only check this if refid is provided!
59         if ($GLOBALS['refid'] > 0) {
60                 // Probe for nickname extension and if a nickname was supplied by URL
61                 $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($GLOBALS['refid'])."") != $GLOBALS['refid']));
62
63                 // Do we have nickname or userid set?
64                 if ($probe_nickname) {
65                         // Nickname in URL, so load the ID
66                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
67                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
68                 } else {
69                         // Direct userid entered
70                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
71                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
72                 }
73
74                 // Load data
75                 list($rid, $status_ref) = SQL_FETCHROW($result);
76                 $GLOBALS['refid'] = bigintval($rid);
77
78                 // Free memory
79                 SQL_FREERESULT($result);
80         } // END - if
81
82         // Init userid
83         $uid = 0;
84
85         // If no account was found set default refid and status to CONFIRMED
86         if (empty($GLOBALS['refid'])) {
87                 $GLOBALS['refid'] = getConfig('def_refid');
88                 $status = "CONFIRMED";
89         } // END - if
90
91         // Begin with doubler script...
92         if (IS_FORM_SENT()) {
93                 // Secure points (so only integer/double values are allowed
94                 REQUEST_SET_POST('points', bigintval(REQUEST_POST('points')));
95
96                 // Begin with doubling process
97                 if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) {
98                         // Probe for nickname extension and if a nickname was entered
99                         $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round(REQUEST_POST('userid'))."") != REQUEST_POST('userid')));
100                         if ($probe_nickname) {
101                                 // Nickname in URL, so load the ID
102                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
103                                         array(REQUEST_POST('userid')), __FILE__, __LINE__);
104                         } else {
105                                 // Direct userid entered
106                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
107                                         array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__);
108                         }
109
110                         // Load data
111                         list($uid, $status, $password) = SQL_FETCHROW($result);
112                         $uid = bigintval($uid);
113
114                         // Free result
115                         SQL_FREERESULT($result);
116
117                         // Remove any dots and unwanted chars from the points
118                         REQUEST_SET_POST('points', bigintval(round(REVERT_COMMA(REQUEST_POST('points')))));
119
120                         // Probe for enough points
121                         $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max')));
122
123                         // Check all together
124                         if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
125                                 // Nickname resolved to a unique userid or direct userid entered by the member
126                                 $GLOBALS['doubler_uid'] = $uid;
127
128                                 // Calulcate points
129                                 $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
130
131                                 // So let's continue with probing his points amount
132                                 if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0) 
133                                         // Enough points are left so let's continue with the doubling process
134                                         // Create doubling "account" width *DOUBLED* points
135                                         SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
136                                                 array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__);
137
138                                         // Subtract entered points
139                                         SUB_POINTS("doubler", $uid, REQUEST_POST('points'));
140
141                                         // Add points to "total payed" including charge
142                                         $points = REQUEST_POST('points') - REQUEST_POST('points') * getConfig('doubler_charge');
143                                         UPDATE_CONFIG("doubler_points", $points, "+");
144                                         incrementConfigEntry('doubler_points', $points);
145
146                                         // Add second line for the referal but only when uid != refid
147                                         if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
148                                                 // Okay add a refid line and apply refid percents
149                                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
150                                                         array(
151                                                                 bigintval($GLOBALS['refid']),
152                                                                 bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref'))
153                                                         ), __FILE__, __LINE__);
154
155                                                 // And that's why we don't want to you more than one referal level of doubler-points. ^^^
156                                         } // END - if
157
158                                         // Update usage counter
159                                         UPDATE_CONFIG("doubler_counter", 1, "+");
160
161                                         // Set constant
162                                         define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, REQUEST_POST('userid')));
163                                 } else {
164                                         // Not enougth points left
165                                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_NO_POINTS_LEFT'));
166                                 }
167                         } elseif ($status == "CONFIRMED") {
168                                 // Account is unconfirmed!
169                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_WRONG_PASS'));
170                         } elseif ($status == "UNCONFIRMED") {
171                                 // Account is unconfirmed!
172                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_UNCONFIRMED'));
173                         } elseif ($status == "LOCKED") {
174                                 // Account is locked by admin / holiday!
175                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_LOCKED'));
176                         } elseif (REQUEST_POST('points') < getConfig('doubler_min')) {
177                                 // Not enougth points entered
178                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MIN'));
179                         } elseif (REQUEST_POST('points') > getConfig('doubler_max')) {
180                                 // Too much points entered
181                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX'));
182                         } elseif ($probe_nickname) {
183                                 // Cannot resolv nickname -> userid
184                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_NICKNAME'));
185                         } else {
186                                 // Wrong password or account not found
187                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER'));
188                         }
189                 } elseif (!REQUEST_ISSET_POST(('userid'))) {
190                         // Login not entered
191                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN'));
192                 } elseif (!REQUEST_ISSET_POST(('pass'))) {
193                         // Password not entered
194                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD'));
195                 } elseif (!REQUEST_ISSET_POST(('points'))) {
196                         // points not entered
197                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS'));
198                 }
199         }
200
201         // Set messages to nothing
202         if (!defined('__DOUBLER_MSG')) define('__DOUBLER_MSG', "");
203         if (!defined('__ERROR_MSG'))   define('__ERROR_MSG'  , "");
204
205         // Shall I check for points immediately?
206         if (getConfig('doubler_send_mode') == "DIRECT") LOAD_INC("inc/doubler_send.php");
207
208         // Output header
209         LOAD_INC("inc/header.php");
210
211         // Banner in text
212         define('__DOUBLER_BANNER', LOAD_TEMPLATE("doubler_banner", true));
213
214         // Load header/footer templates
215         define('__DOUBLER_HEADER', LOAD_TEMPLATE("doubler_header", true));
216         define('__DOUBLER_FOOTER', LOAD_TEMPLATE("doubler_footer", true));
217
218         if (!empty($uid)) {
219                 // Transfer userid/nickname to constant
220                 define('__REFID', $uid);
221         } else {
222                 // Transfer userid/nickname to constant
223                 define('__REFID', $GLOBALS['refid']);
224         }
225
226         // Percent values etc.
227         define('__CHARGE_VALUE', TRANSLATE_COMMA(getConfig('doubler_charge') * 100));
228         define('__REF_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_ref') * 100));
229         define('__TOTAL_VALUE' , TRANSLATE_COMMA(getConfig('doubler_points')));
230         define('__MIN_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_min')));
231         define('__MAX_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_max')));
232
233         // Text "Enter login"
234         if (EXT_IS_ACTIVE("nickname")) {
235                 // Choose login/nickname
236                 define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN_NICKNAME'));
237         } else {
238                 // Simple login ID
239                 define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN'));
240         }
241
242         // Which mail-send-mode did the admin setup?
243         switch (getConfig('doubler_send_mode'))
244         {
245         case "DIRECT":
246                 define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_DIRECT'));
247                 break;
248
249         case "RESET":
250                 define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_RESET'));
251                 break;
252         }
253
254         // Generate table with already payed out doubles
255         define('__DOUBLER_PAYOUT_HISTORY', DOUBLER_GENERATE_TABLE("0", "Y", "N", "DESC"));
256
257         // Generate timemark
258         define('__TIMEOUT_MARK', CREATE_FANCY_TIME(getConfig('doubler_timeout')));
259
260         // Usage counter
261         define('__DOUBLER_COUNTER', getConfig('doubler_counter'));
262
263         // Points left to doubler
264         define('__LEFT_VALUE', TRANSLATE_COMMA(DOUBLER_GET_TOTAL_POINTS_LEFT()));
265
266         // Output neccessary form for this
267         LOAD_TEMPLATE("doubler_index");
268
269         // Output footer
270         LOAD_INC("inc/footer.php");
271 } else {
272         // You have to install first!
273         LOAD_URL("install.php");
274 }
275
276 // Really all done here... ;-)
277 ?>