mailid.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 11/14/2003 *
   4  * ===============                              Last change: 11/25/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : mailid.php                                       *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Confirmation file for emails                     *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Bestaetigung von Mails                           *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Load security stuff here
  40 require('inc/libs/security_functions.php');
  41
  42 // Init start time
  43 $GLOBALS['startTime'] = microtime(true);
  44
  45 // Tell everyone we are in this module
  46 $GLOBALS['module'] = 'mailid';
  47 $GLOBALS['output_mode'] = -1;
  48 $errorCode = '';
  49
  50 // Load the required file(s)
  51 require('inc/config-global.php');
  52
  53 if (!isInstalled()) {
  54         // You have to install first!
  55         redirectToUrl('install.php');
  56 } // END - if
  57
  58 // Is the extension active?
  59 redirectOnUninstalledExtension('mailid');
  60
  61 // Init
  62 $url_uid = 0;
  63 $url_bid = 0;
  64 $url_mid = 0;
  65
  66 // Secure all data
  67 if (REQUEST_ISSET_GET('uid'))     $url_uid = bigintval(REQUEST_GET('uid'));
  68 if (REQUEST_ISSET_GET('mailid'))  $url_mid = bigintval(REQUEST_GET('mailid'));
  69 if (REQUEST_ISSET_GET('bonusid')) $url_bid = bigintval(REQUEST_GET('bonusid'));
  70
  71 // 01        1        12            3    32           21    1                   22     10
  72 if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
  73         // Maybe he wants to confirm an email?
  74         if ($url_mid > 0) {
  75                 // Normal-Mails
  76                 $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{!_MYSQL_PREFIX!}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
  77                         array($url_mid, $url_uid), __FILE__, __LINE__);
  78                 $type = 'mailid'; $urlId = $url_mid;
  79         } elseif ($url_bid > 0) {
  80                 // Bonus-Mail
  81                 $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{!_MYSQL_PREFIX!}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
  82                         array($url_bid, $url_uid), __FILE__, __LINE__);
  83                 $type = 'bonusid'; $urlId = $url_bid;
  84         } else {
  85                 // Problem: No ID entered
  86                 redirectToUrl('index.php');
  87         }
  88
  89         if (SQL_NUMROWS($result) == 1) {
  90                 // Load the entry
  91                 list($ltype) = SQL_FETCHROW($result);
  92
  93                 // Clean result
  94                 SQL_FREERESULT($result);
  95
  96                 // @TODO Rewrite this to a filter
  97                 switch ($ltype)
  98                 {
  99                         case 'NORMAL':
 100                                 // Is the stats ID valid?
 101                                 $result = SQL_QUERY_ESC("SELECT pool_id, url, subject FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE `id`=%s LIMIT 1",
 102                                 array($url_mid), __FILE__, __LINE__);
 103                                 break;
 104
 105                         case 'BONUS':
 106                                 // Is the bonus extension active?
 107                                 redirectOnUninstalledExtension('bonus');
 108
 109                                 // Bonus-Mails
 110                                 $result = SQL_QUERY_ESC("SELECT id, url, subject FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s LIMIT 1",
 111                                 array($url_bid), __FILE__, __LINE__);
 112                                 break;
 113
 114                         default: // Invalid mail type
 115                                 debug_report_bug('Invalid mail type ' . $ltype . ' detected.');
 116                                 break;
 117                 }
 118
 119                 if (SQL_NUMROWS($result) == 1) {
 120                         // Load data
 121                         list($pool, $URL, $title) = SQL_FETCHROW($result);
 122
 123                         // Free result
 124                         SQL_FREERESULT($result);
 125
 126                         // Compile extra title
 127                         $title = COMPILE_CODE($title);
 128
 129                         // Set it
 130                         setExtraTitle($title);
 131
 132                         // Is the user's ID unlocked?
 133                         $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`,` family` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
 134                                 array($url_uid), __FILE__, __LINE__);
 135                         if (SQL_NUMROWS($result) == 1) {
 136                                 list($status, $gender, $sname, $fname) = SQL_FETCHROW($result);
 137                                 SQL_FREERESULT($result);
 138                                 if ($status == 'CONFIRMED') {
 139                                         // User has confirmed his account so we can procede...
 140                                         // @TODO Rewrite this to a filter
 141                                         switch ($ltype)
 142                                         {
 143                                                 case 'NORMAL':
 144                                                         $result = SQL_QUERY_ESC("SELECT payment_id FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE pool_id=%s LIMIT 1",
 145                                                                 array(bigintval($pool)), __FILE__, __LINE__);
 146                                                         if (SQL_NUMROWS($result) == 1) {
 147                                                                 list($pay) = SQL_FETCHROW($result);
 148                                                                 $time      = getPaymentPoints($pay, 'time');
 149                                                                 $payment   = getPaymentPoints($pay, 'payment');
 150                                                                 $isValid   = true;
 151                                                         }
 152
 153                                                         // Free memory
 154                                                         SQL_FREERESULT($result);
 155                                                         break;
 156
 157                                                 case 'BONUS':
 158                                                         $result = SQL_QUERY_ESC("SELECT points, time FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s LIMIT 1",
 159                                                         array($url_bid), __FILE__, __LINE__);
 160                                                         if (SQL_NUMROWS($result) == 1) {
 161                                                                 list($points, $time) = SQL_FETCHROW($result);
 162                                                                 $payment = '0.00000';
 163                                                                 $isValid = true;
 164                                                         }
 165
 166                                                         // Free memory
 167                                                         SQL_FREERESULT($result);
 168                                                         break;
 169
 170                                                 default: // Invalid mail type
 171                                                         debug_report_bug('Invalid mail type ' . $ltype . ' detected.');
 172                                                         break;
 173                                         }
 174
 175                                         // Add header
 176                                         loadIncludeOnce('inc/header.php');
 177
 178                                         // Was that mail a valid one?
 179                                         if ($isValid === true) {
 180                                                 // If time is zero seconds we have a sponsor mail. 1 Second shall be set to avoid problems
 181                                                 if (($time == '0') && ($payment > 0)) { $URL = constant('URL'); $time = '1'; }
 182                                                 if (($time > 0) && (($payment > 0) || ($points > 0))) {
 183                                                         // He can confirm this mail!
 184                                                         // Export data into constants for the template
 185                                                         // @TODO Rewrite these constants
 186                                                         define('_UID_VALUE' , $url_uid);
 187                                                         define('_TYPE_VALUE', $type);
 188                                                         define('_DATA_VALUE', $urlId);
 189                                                         define('_URL_VALUE' , DEREFERER($URL));
 190
 191                                                         // Load template
 192                                                         LOAD_TEMPLATE('mailid_frames');
 193                                                 } else {
 194                                                         $errorCode = getCode('DATA_INVALID');
 195                                                 }
 196                                         } else {
 197                                                 $errorCode = getCode('POSSIBLE_INVALID');
 198                                         }
 199                                 } else {
 200                                         $errorCode = getCode('ACCOUNT_LOCKED');
 201                                 }
 202                         } else {
 203                                 SQL_FREERESULT($result);
 204                                 $errorCode = getCode('USER_404');
 205                         }
 206                 } else {
 207                         SQL_FREERESULT($result);
 208                         $errorCode = getCode('STATS_404');
 209                 }
 210         } else {
 211                 SQL_FREERESULT($result);
 212                 $errorCode = getCode('ALREADY_CONFIRMED');
 213         }
 214 } else {
 215         // Nothing entered
 216         $errorCode = getCode('ERROR_MAILID');
 217 }
 218
 219 // Error code is set?
 220 if (!empty($errorCode)) {
 221         // @TODO Rewrite this to a filter
 222         switch (getConfig('mailid_error_redirect')) {
 223                 case 'INDEX': // Redirect to index page
 224                         redirectToUrl('modules.php?module=index&amp;msg=' . $errorCode . '&amp;ext=mailid');
 225                         break;
 226
 227                 case 'REJECT': // Redirect to rejection page
 228                         redirectToConfiguredUrl('reject_url');
 229                         break;
 230
 231                 default:
 232                         DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown status %s detected in mailid_error_redirect.", getConfig('mailid_error_redirect')));
 233                         redirectToUrl('modules.php?module=index&amp;msg=' . getCode('UNKNOWN_STATUS') . '&amp;ext=mailid');
 234                         break;
 235         }
 236 } else {
 237         // Include footer
 238         loadIncludeOnce('inc/footer.php');
 239 }
 240
 241 // [EOF]
 242 ?>