doubler.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 02/13/2005 *
   4  * ===============                              Last change: 02/13/2005 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : doubler.php                                      *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Points doubler                                   *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Punkteverdoppler                                 *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software; you can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License, or    *
  21  * (at your option) any later version.                                  *
  22  *                                                                      *
  23  * This program is distributed in the hope that it will be useful,      *
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  26  * GNU General Public License for more details.                         *
  27  *                                                                      *
  28  * You should have received a copy of the GNU General Public License    *
  29  * along with this program; if not, write to the Free Software          *
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  31  * MA  02110-1301  USA                                                  *
  32  ************************************************************************/
  33
  34 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
  35 require("inc/libs/security_functions.php");
  36
  37 // Init "action" and "what"
  38 global $what, $action, $startTime;
  39 $GLOBALS['startTime'] = microtime(true);
  40 $GLOBALS['what'] = "";
  41 $GLOBALS['action'] = "";
  42
  43 // Set module
  44 $GLOBALS['module'] = "doubler";
  45 $GLOBALS['refid'] = 0;
  46 $CSS = 0;
  47
  48 // Load the required file(s)
  49 require("inc/config.php");
  50
  51 // Is the "doubler" extension active?
  52 REDIRECT_ON_UNINSTALLED_EXTENSION("doubler");
  53
  54 // Is the script installed?
  55 if (isBooleanConstantAndTrue('mxchange_installed')) {
  56         // Probe for referal ID
  57         if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']);
  58
  59         // Only check this if refid is provided!
  60         if ($GLOBALS['refid'] > 0) {
  61                 // Probe for nickname extension and if a nickname was supplied by URL
  62                 $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($GLOBALS['refid'])."") != $GLOBALS['refid']));
  63
  64                 // Do we have nickname or userid set?
  65                 if ($probe_nickname) {
  66                         // Nickname in URL, so load the ID
  67                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
  68                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
  69                 } else {
  70                         // Direct userid entered
  71                         $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
  72                                 array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
  73                 }
  74
  75                 // Load data
  76                 list($rid, $status_ref) = SQL_FETCHROW($result);
  77                 $GLOBALS['refid'] = bigintval($rid);
  78
  79                 // Free memory
  80                 SQL_FREERESULT($result);
  81         } // END - if
  82
  83         // Init userid
  84         $uid = 0;
  85
  86         // If no account was found set default refid and status to CONFIRMED
  87         if (empty($GLOBALS['refid'])) {
  88                 $GLOBALS['refid'] = getConfig('def_refid');
  89                 $status = "CONFIRMED";
  90         } // END - if
  91
  92         // Begin with doubler script...
  93         if (isset($_POST['ok'])) {
  94                 // Secure points (so only integer/double values are allowed
  95                 $_POST['points'] = bigintval($_POST['points']);
  96
  97                 // Begin with doubling process
  98                 if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) {
  99                         // Probe for nickname extension and if a nickname was entered
 100                         $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid']));
 101                         if ($probe_nickname) {
 102                                 // Nickname in URL, so load the ID
 103                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
 104                                         array($_POST['userid']), __FILE__, __LINE__);
 105                         } else {
 106                                 // Direct userid entered
 107                                 $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
 108                                         array(bigintval($_POST['userid'])), __FILE__, __LINE__);
 109                         }
 110
 111                         // Load data
 112                         list($uid, $status, $password) = SQL_FETCHROW($result);
 113                         $uid = bigintval($uid);
 114
 115                         // Free result
 116                         SQL_FREERESULT($result);
 117
 118                         // Remove any dots and unwanted chars from the points
 119                         $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points'])));
 120
 121                         // Probe for enough points
 122                         $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max')));
 123
 124                         // Check all together
 125                         if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
 126                                 // Nickname resolved to a unique userid or direct userid entered by the member
 127                                 $DOUBLER_UID = $uid;
 128
 129                                 // Calulcate points
 130                                 $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
 131
 132                                 // So let's continue with probing his points amount
 133                                 if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0)
 134                                         // Enough points are left so let's continue with the doubling process
 135                                         // Create doubling "account" width *DOUBLED* points
 136                                         SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
 137                                                 array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
 138
 139                                         // Subtract entered points
 140                                         SUB_POINTS("doubler", $uid, $_POST['points']);
 141
 142                                         // Add points to "total payed" including charge
 143                                         $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge');
 144                                         UPDATE_CONFIG("doubler_points", $points, "+");
 145                                         incrementConfigEntry('doubler_points', $points);
 146
 147                                         // Add second line for the referal but only when uid != refid
 148                                         if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
 149                                                 // Okay add a refid line and apply refid percents
 150                                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
 151                                                         array(
 152                                                                 bigintval($GLOBALS['refid']),
 153                                                                 bigintval($_POST['points'] * 2 * getConfig('doubler_ref'))
 154                                                         ), __FILE__, __LINE__);
 155
 156                                                 // And that's why we don't want to you more than one referal level of doubler-points. ^^^
 157                                         } // END - if
 158
 159                                         // Update usage counter
 160                                         UPDATE_CONFIG("doubler_counter", 1, "+");
 161
 162                                         // Set constant
 163                                         define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid']));
 164                                 } else {
 165                                         // Not enougth points left
 166                                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_NO_POINTS_LEFT'));
 167                                 }
 168                         } elseif ($status == "CONFIRMED") {
 169                                 // Account is unconfirmed!
 170                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_WRONG_PASS'));
 171                         } elseif ($status == "UNCONFIRMED") {
 172                                 // Account is unconfirmed!
 173                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_UNCONFIRMED'));
 174                         } elseif ($status == "LOCKED") {
 175                                 // Account is locked by admin / holiday!
 176                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_LOCKED'));
 177                         } elseif ($_POST['points'] < getConfig('doubler_min')) {
 178                                 // Not enougth points entered
 179                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MIN'));
 180                         } elseif ($_POST['points'] > getConfig('doubler_max')) {
 181                                 // Too much points entered
 182                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX'));
 183                         } elseif ($probe_nickname) {
 184                                 // Cannot resolv nickname -> userid
 185                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_NICKNAME'));
 186                         } else {
 187                                 // Wrong password or account not found
 188                                 define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER'));
 189                         }
 190                 } elseif (empty($_POST['userid'])) {
 191                         // Login not entered
 192                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN'));
 193                 } elseif (empty($_POST['pass'])) {
 194                         // Password not entered
 195                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD'));
 196                 } elseif (empty($_POST['points'])) {
 197                         // points not entered
 198                         define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS'));
 199                 }
 200         }
 201
 202         // Set messages to nothing
 203         if (!defined('__DOUBLER_MSG')) define('__DOUBLER_MSG', "");
 204         if (!defined('__ERROR_MSG'))   define('__ERROR_MSG'  , "");
 205
 206         // Shall I check for points immediately?
 207         if (getConfig('doubler_send_mode') == "DIRECT") LOAD_INC("inc/doubler_send.php");
 208
 209         // Output header
 210         LOAD_INC("inc/header.php");
 211
 212         // Banner in text
 213         define('__DOUBLER_BANNER', LOAD_TEMPLATE("doubler_banner", true));
 214
 215         // Load header/footer templates
 216         define('__DOUBLER_HEADER', LOAD_TEMPLATE("doubler_header", true));
 217         define('__DOUBLER_FOOTER', LOAD_TEMPLATE("doubler_footer", true));
 218
 219         if (!empty($uid)) {
 220                 // Transfer userid/nickname to constant
 221                 define('__REFID', $uid);
 222         } else {
 223                 // Transfer userid/nickname to constant
 224                 define('__REFID', $GLOBALS['refid']);
 225         }
 226
 227         // Percent values etc.
 228         define('__CHARGE_VALUE', TRANSLATE_COMMA(getConfig('doubler_charge') * 100));
 229         define('__REF_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_ref') * 100));
 230         define('__TOTAL_VALUE' , TRANSLATE_COMMA(getConfig('doubler_points')));
 231         define('__MIN_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_min')));
 232         define('__MAX_VALUE'   , TRANSLATE_COMMA(getConfig('doubler_max')));
 233
 234         // Text "Enter login"
 235         if (EXT_IS_ACTIVE("nickname")) {
 236                 // Choose login/nickname
 237                 define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN_NICKNAME'));
 238         } else {
 239                 // Simple login ID
 240                 define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN'));
 241         }
 242
 243         // Which mail-send-mode did the admin setup?
 244         switch (getConfig('doubler_send_mode'))
 245         {
 246         case "DIRECT":
 247                 define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_DIRECT'));
 248                 break;
 249
 250         case "RESET":
 251                 define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_RESET'));
 252                 break;
 253         }
 254
 255         // Generate table with already payed out doubles
 256         define('__DOUBLER_PAYOUT_HISTORY', DOUBLER_GENERATE_TABLE("0", "Y", "N", "DESC"));
 257
 258         // Generate timemark
 259         define('__TIMEOUT_MARK', CREATE_FANCY_TIME(getConfig('doubler_timeout')));
 260
 261         // Usage counter
 262         define('__DOUBLER_COUNTER', getConfig('doubler_counter'));
 263
 264         // Points left to doubler
 265         define('__LEFT_VALUE', TRANSLATE_COMMA(DOUBLER_GET_TOTAL_POINTS_LEFT()));
 266
 267         // Output neccessary form for this
 268         LOAD_TEMPLATE("doubler_index");
 269
 270         // Output footer
 271         LOAD_INC("inc/footer.php");
 272 } else {
 273         // You have to install first!
 274         LOAD_URL("install.php");
 275 }
 276
 277 // Really all done here... ;-)
 278 ?>