<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 01/09/2005 *
 * ===============                              Last change: 01/09/2005 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : beg.php                                          *
 * -------------------------------------------------------------------- *
 * Short description : Beg link for members                             *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
 * -------------------------------------------------------------------- *
 * $Revision::                                                        $ *
 * $Date::                                                            $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author::                                                          $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Load security stuff here
require('inc/libs/security_functions.php');

// Init "action" and "what"
$GLOBALS['startTime'] = microtime(true);
$GLOBALS['what'] = '';
$GLOBALS['action'] = '';

// Set module
$GLOBALS['module'] = 'beg';
$GLOBALS['refid']  = 0;
$GLOBALS['output_mode'] = -1;
$msg = null;

// Load the required file(s)
require('inc/config-global.php');

// Is the 'beg' extension active?
REDIRCT_ON_UNINSTALLED_EXTENSION('beg');

// Is the script installed?
if (isInstalled()) {
	// Check for userid
	if (REQUEST_ISSET_GET('uid')) {
		// Init variables
		$uid = 0;
		$result = false;
		$points = 0;

		// Don't pay is the default...
		$pay = false;

		// Validate if it is not a number
		if (''.(REQUEST_GET('uid') + 0).'' !== ''.REQUEST_GET('uid').'') {
			if (EXT_IS_ACTIVE('nickname')) {
				// Maybe we have found a nickname?
				$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
				array(REQUEST_GET('uid')), __FILE__, __LINE__);
			} else {
				// Nickname entered but nickname is not active
				$msg = getCode('EXTENSION_PROBLEM');
				$uid = -1;
			}
		} else {
			// Direct userid
			$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
			array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
		}

		// Check if locked in so don't pay points
		$status = 'failed';

		// Check if account was found
		if (SQL_NUMROWS($result) == 1) {
			// Found an ID so we simply set it
			list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);

			// Account confirmed?
			if ($status == 'CONFIRMED') {
				// Secure userid
				$uid = bigintval($uid);

				// Multiply configured values with 100000 and divide with 100000 so we can also handle small values
				// If we need more number behind the decimal dot then we just need to increase all these three
				// numbers matching to the numbers behind the decimal dot. Simple! ;-)
				$points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;

				// Set nickname / userid for the template(s
				define('__BEG_UID'   , REQUEST_GET('uid'));
				define('__BEG_CLICKS', ($clicks + 1));
				define('__BEG_BANNER', LOAD_TEMPLATE('beg_banner', true));
				define('__BEG_POINTS', translateComma($points));
			} else {
				// Other status
				$uid = 0;
			}
		} // END - if

		// Free memory
		SQL_FREERESULT($result);

		// User id valid and not webmaster's id?
		if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
			// Update counter
			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
			array($uid), __FILE__, __LINE__);

			// Check for last entry for userid w/o IP number
			$result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
			array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);

			// Entry not found, points set and not logged in?
			if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == 'NONE')) {

				// Admin is testing?
				if (!IS_ADMIN()) {
					// Remember remote address, userid and timestamp for next click
					// but only when there is no admin begging.
					// Admins shall be able to test it!
					SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
					array($uid, detectRemoteAddr(), session_id()), __FILE__, __LINE__);

					// Was is successfull?
					$pay (SQL_AFFECTEDROWS() == 1);
				} else {
					// Is admin!
					$pay = true;
				}

				// Pay points?
				if ($pay === true) {
					// Add points to user or begging rallye account
					if (BEG_ADD_POINTS($uid, $points)) {
						// Set 'done' message
						$content['msg'] = LOAD_TEMPLATE('beg_done', true);
					} else {
						// Error!
						$content['msg'] = LOAD_TEMPLATE('beg_failed', true);
					}
				} else {
					// Error!
					$content['msg'] = LOAD_TEMPLATE('beg_failed', true);
				}
			} elseif (IS_MEMBER()) {
				// Logged in user found!
				$content['msg'] = LOAD_TEMPLATE('beg_login', true);
			} elseif (getConfig('beg_pay_mode') != 'NONE') { // Other pay-mode active!
				// Prepare content for template
				$content = array(
					'clicks' => constant('__BEG_CLICKS'),
					'points' => constant('__BEG_POINTS'),
					'uid'    => constant('__BEG_UID')
				);

				// Load message template depending on pay-mode
				$content['msg'] = LOAD_TEMPLATE('beg_pay_mode_'.strtolower(getConfig('beg_pay_mode')), true, $content);
				$pay = true;
			} else {
				// Clicked received while reload lock is active
				$content['msg'] = LOAD_TEMPLATE('beg_failed', true);
			}

			// Free memory
			SQL_FREERESULT($result);

			// Include header
			loadIncludeOnce('inc/header.php');

			// Load final template
			LOAD_TEMPLATE('beg_link', false, $content);

			// Tracker code enabled? (We don't track users here!
			if ((getConfig('beg_pay_mode') != 'NONE') && ($pay === true)) {
				// Prepare content for template
				// @TODO Opps, what is missing here???
				$content = array(
				);

				// Include config-depending template
				LOAD_TEMPLATE('beg_pay_code_'.strtolower(getConfig('beg_pay_mode')), false, $content);
			} elseif ((!$pay) && (!isset($content['msg']))) {
				// Cannot pay! :-(
				$content['msg'] = LOAD_TEMPLATE('beg_failed', true);
			}

			// Include footer
			loadIncludeOnce('inc/footer.php');
		} elseif (($status != 'CONFIRMED') && ($status != 'failed')) {
			// Maybe locked/unconfirmed account?
			$msg = generateErrorCodeFromUserStatus($status);
		} elseif (($uid == '0') || ($status == 'failed')) {
			// Inalid or locked account, so let's find out
			$result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
			array(REQUEST_GET('uid')), __FILE__, __LINE__);
			if (SQL_NUMROWS($result) == 1) {
				// Locked account
				$msg = getCode('ACCOUNT_LOCKED');
			} else {
				// Invalid nickname! (404)
				$msg = getCode('USER_404');
			}

			// Free memory
			SQL_FREERESULT($result);
		} elseif ($uid == getConfig('beg_uid')) {
			// Webmaster's ID cannot beg for points!
			$msg = getCode('BEG_SAME_AS_OWN');
		}

		// Reload to index module
		if ((!empty($msg)) && (!empty($msg))) redirectToUrl('modules.php?module=index&amp;msg='.$msg.'&amp;ext=beg');
	} else {
		// No userid entered
		redirectToUrl('modules.php?module=index');
	}
} else {
	// You have to install first!
	redirectToUrl('install.php');
}

// Really all done here... ;-)
shutdown();

//
?>