<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 10/13/2003 *
 * ===============                              Last change: 08/23/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-confirm.php                                 *
 * -------------------------------------------------------------------- *
 * Short description : Stuff around the confirmation link               *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Alles um den Bestaetigungslink                   *
 * -------------------------------------------------------------------- *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if (!defined('__SECURITY')) {
	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
	require($INC);
}

// Add description as navigation point
ADD_DESCR("guest", basename(__FILE__));

if (!empty($_GET['hash'])) {
	// Initialize the user ID
	$uid = 0;

	// Search for an unconfirmed or confirmed account
	$result = SQL_QUERY_ESC("SELECT userid, email, refid FROM "._MYSQL_PREFIX."_user_data WHERE user_hash='%s' AND (status='UNCONFIRMED' OR status='CONFIRMED') LIMIT 1",
		array($_GET['hash']), __FILE__, __LINE__);
	if (SQL_NUMROWS($result) == 1) {
		// Ok, he want's to confirm now so we load some data
		list ($uid, $email, $rid) = SQL_FETCHROW($result);

		// Unlock his account (but only when it is on UNCONFIRMED!)
		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED', ref_payout=%s, user_hash=NULL WHERE user_hash='%s' AND status='UNCONFIRMED' LIMIT 1",
			array($_CONFIG['ref_payout'], $_GET['hash']), __FILE__, __LINE__);
		if (SQL_AFFECTEDROWS() == 1) {
			$msg = LOAD_EMAIL_TEMPLATE("confirm-member", array('points' => $_CONFIG['points_register']), bigintval($uid));

			// And send him right away the confirmation mail
			SEND_EMAIL($email, GUEST_THANX_CONFIRM, $msg);

			// Maybe he got "referraled"?
			if (($rid > 0) && ($rid != $uid)) {
				// Select the referral userid
				$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
				 array(bigintval($rid)), __FILE__, __LINE__);
				if (SQL_NUMROWS($result) == 1) {
					// Update ref counter...
					UPDATE_REF_COUNTER($rid);

					// Ok, write the ref-points to this user and his parent-ref
					unset($DEPTH);

					// Shall I "pay" the referral points imidiately?
					if ($_CONFIG['ref_payout'] == "0") {
						// Yes, "pay" it now
						$locked = false;
					} else {
						// No, "pay" it later
						$locked = true;
					}

					// If version matches add ref bonus to refid's account
					if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) {
						// Add points (directly only!)
						$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_ref=bonus_ref+%s WHERE userid=%s LIMIT 1",
						 array($_CONFIG['bonus_ref'], bigintval($rid)), __FILE__, __LINE__);

						// Subtract points from system
						BONUS_POINTS_HANDLER($_CONFIG['bonus_ref']);
					} // END - if

					// Add one-time referral bonus over referral system or directly
					$DEPTH = 0;
					ADD_POINTS_REFSYSTEM($rid, $_CONFIG['points_ref'], true, bigintval($uid), $locked, $_CONFIG['reg_points_mode']);
				} // END - if
			} // END - if

			if (EXT_IS_ACTIVE("rallye")) {
				// Add user to rallye (or not?)
				RALLYE_AUTOADD_USER(bigintval($uid));
			} // END - if

			// Account confirmed!
			if (defined('LEAD_CODE_ENABLED') && defined('LEAD_EXPIRY_TIME')) {
				// Set special lead cookie
				set_session("lead_uid", bigintval($uid));

				// Lead-Code mode enabled
				LOAD_URL("lead-confirm.php");
			} else {
				define('__CONFIRM_MSG', GUEST_CONFIRMED_DONE);
				define('__UID', bigintval($uid));
				LOAD_TEMPLATE("guest_confirm_table");
			}
		} elseif (defined('LEAD_CODE_ENABLED') && defined('LEAD_EXPIRY_TIME')) {
			// Set special lead cookie
			set_session("lead_uid", bigintval($uid));

			// Lead-Code mode enabled
			LOAD_URL("lead-confirm.php");
		} else {
			// Nobody was found unter this hash key... or our new member want's to confirm twice?
			define('__CONFIRM_MSG', GUEST_CONFIRMED_TWICE);
			define('__UID', "0");
			LOAD_TEMPLATE("guest_confirm_table");
		}
	} else {
		// Nobody was found unter this hash key... or our new member want's to confirm twice?
		define('__CONFIRM_MSG', GUEST_CONFIRMED_TWICE);
		define('__UID', "0");
		LOAD_TEMPLATE("guest_confirm_table");
	}
}
 elseif ((isset($_POST['ok'])) && (!empty($_POST['email'])))
{
	// Confirmation link requested      0     1         2
	$result = SQL_QUERY_ESC("SELECT userid, status, user_hash FROM "._MYSQL_PREFIX."_user_data WHERE email='%s' LIMIT 1",
	 array($_POST['email']), __FILE__, __LINE__);
	if (SQL_NUMROWS($result) == 1)
	{
		// Email address found
		$DATA = SQL_FETCHROW($result);
		switch ($DATA[1])
		{
		case "UNCONFIRMED": // Account not confirmed
			$msg = LOAD_EMAIL_TEMPLATE("guest_request_confirm", array('hash' => $DATA[2]), $DATA[0]);
			SEND_EMAIL($_POST['email'], REQUEST_CONFIRM_LINK_SUBJ, $msg);
			$content = CONFIRM_LINK_SENT;
			break;

		case "CONFIRMED": // Account already confirmed
			$content = LOGIN_ID_CONFIRMED;
			break;

		case "LOCKED": // Account is locked
			$content = LOGIN_ID_LOCKED;
			break;
		}
	}
	 else
	{
		// Email address not registered
		$content = EMAIL_ADDY_404;
	}

	define('__CONFIRM_MSG', $content);
	LOAD_TEMPLATE("guest_confirm_table");
}
 else
{
	// No hash found, the guest may want to enter his email address to re-get his confirmation link?
	LOAD_TEMPLATE("guest_confirm_link");
}

//
?>