<?php
/************************************************************************
 * Mailer v0.2.1-FINAL                                Start: 11/14/2003 *
 * ===================                          Last change: 01/10/2013 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : mailid.php                                       *
 * -------------------------------------------------------------------- *
 * Short description : Confirmation file for emails                     *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Bestaetigung von Mails                           *
 * -------------------------------------------------------------------- *
 * $Revision::                                                        $ *
 * $Date::                                                            $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author::                                                          $ *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2009 by Roland Haeder                           *
 * Copyright (c) 2009 - 2013 by Mailer Developer Team                   *
 * For more information visit: http://mxchange.org                      *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Load security stuff here
require('inc/libs/security_functions.php');

// Init start time
$GLOBALS['__start_time'] = microtime(TRUE);

// Tell everyone we are in this module
$GLOBALS['__module']      = 'mailid';
$GLOBALS['__output_mode'] = '0';

// Disable copyright footer which would be to large for the upper frame
$GLOBALS['__copyright_enabled'] = 'N';

// Load the required file(s)
require('inc/config-global.php');

// Set content type and HTTP status
setContentType('text/html');
setHttpStatus('404 Not Found');

// Is ext-mailid active?
redirectOnUninstalledExtension('mailid');

// Is ext-other active?
redirectOnUninstalledExtension('other');

// Init data
$data = array(
	'error_code' => '0',
	'userid'     => '0',
	'id'         => '0',
	'code'       => '0',
	'do'         => 'frames',
	'type'       => '',
);

// Secure all data
if (isGetRequestElementSet('userid')) $data['userid'] = bigintval(getRequestElement('userid'));
if (isGetRequestElementSet('id'))     $data['id']     = bigintval(getRequestElement('id'));
if (isGetRequestElementSet('code'))   $data['code']   = bigintval(getRequestElement('code'));
if (isGetRequestElementSet('do'))     $data['do']     = getRequestElement('do');
if (isGetRequestElementSet('type'))   $data['type']   = getRequestElement('type');

// @TODO Improve check on $data['type'], empty() is not very much ...
if ((isValidId($data['userid'])) && (isValidId($data['id'])) && (!empty($data['type'])) && (!ifFatalErrorsDetected())) {
	// Is 'do' still "frames"?
	if ($data['do'] == 'frames') {
		// This is a frameset module
		$GLOBALS['frameset_mode'] = TRUE;
	} // END - if

	// No image?
	if ($data['do'] != 'img') {
		// ... then output header
		loadIncludeOnce('inc/header.php');
	} // END - fi

	// Init result for below sqlNumRows() function
	$result_main = FALSE;

	// Maybe he wants to confirm an email?
	switch ($data['type']) {
		case 'normal':
			$result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
				array($data['id'], $data['userid']), __FILE__, __LINE__);
			break;

		case 'bonus':
			$result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
				array($data['id'], $data['userid']), __FILE__, __LINE__);
			break;

		default: // Not detected
			reportBug(__FILE__, __LINE__, 'No valid type=' . $data['type'] . ' set.');
			break;
	} // END - switch

	// Is an entry found?
	if (sqlNumRows($result_main) == 1) {
		// Is the stats id valid?
		$data = merge_array($data, sqlFetchArray($result_main));

		// Init result here with invalid to avoid possible missing variable
		$result_mailid = FALSE;

		// @TODO Rewrite this to a filter/function
		switch ($data['link_type']) {
			case 'NORMAL':
				$result_mailid = sqlQueryEscaped("SELECT `pool_id`, `userid` AS `sender`, `url` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
					array($data['id']), __FILE__, __LINE__);
				break;

			case 'BONUS':
				$result_mailid = sqlQueryEscaped("SELECT `id` AS `pool_id`, `is_notify`, `url` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
					array($data['id']), __FILE__, __LINE__);
				break;

			default: // Unknown type
				reportBug(__FILE__, __LINE__, 'Unknown mail type ' . $data['link_type'] . ' detected.');
				break;
		} // END - switch

		// Entry found?
		if (sqlNumRows($result_mailid) == 1) {
			// Load data
			$data = merge_array($data, sqlFetchArray($result_mailid));

			// Correct notification switch in non-bonus mails
			if ((!isset($data['is_notify'])) || (!in_array($data['is_notify'], array('Y', 'N')))) {
				$data['is_notify'] = 'N';
			} // END - if

			// Set sender to 0 when we have a bonus mail
			if ($data['link_type'] == 'BONUS') {
				$data['sender'] = NULL;
			} // END - if

			// Is the user id valid?
			if (fetchUserData($data['userid']) === TRUE) {
				// Is the user status CONFIRMED?
				if (getUserData('status') == 'CONFIRMED') {
					// User has confirmed his account so we can procede...
					// @TODO Rewrite this to a filter
					switch ($data['link_type']) {
						case 'NORMAL':
							$result = sqlQueryEscaped("SELECT `payment_id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s LIMIT 1",
								array(bigintval($data['pool_id'])), __FILE__, __LINE__);

							// Entry found?
							if (sqlNumRows($result) == 1) {
								$data = merge_array($data, sqlFetchArray($result));
								$data['time']    = getPaymentTime($data['payment_id']);
								$data['payment'] = getPaymentPayment($data['payment_id']);
								$isValid   = TRUE;
							} // END - if

							// Free memory...
							sqlFreeResult($result);
							break;

						case 'BONUS':
							$result = sqlQueryEscaped("SELECT `time`, `points` AS `payment` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
								array(bigintval($data['pool_id'])), __FILE__, __LINE__);

							// Entry found?
							if (sqlNumRows($result) == 1) {
								$data = merge_array($data, sqlFetchArray($result));
								$isValid = TRUE;
							} // END - if

							// Free memory...
							sqlFreeResult($result);
							break;

						default: // Unknown type
							reportBug(__FILE__, __LINE__, 'Unknown mail type ' . $data['link_type'] . ' detected.');
							break;
					} // END - switch

					// Is this entry valid?
					if ($isValid === TRUE) {
						// Run at least one second
						if (($data['time'] < 1) && ($data['payment'] > 0)) {
							// Zero seconds is not supported
							$data['time'] = 1;
						} // END - if

						// Is time and payment set?
						if (($data['time'] > 0) && ($data['payment'] > 0)) {
							$data['real_code'] = '0';
							if (!empty($data['code'])) {
								// Generate code (the user sees in the CAPTCHA)
								$data['real_code'] = generateRandomCode(getCodeLength(), $data['code'], $data['userid'], $data['id']);
							} // END - if

							// Do the call-back by given data array
							doMailIdCallback($data);
						} else {
							$data['error_code'] = getCode('DATA_INVALID');
							$data['do'] = 'failed';
						}
					} else {
						$data['error_code'] = getCode('POSSIBLE_INVALID');
						$data['do'] = 'failed';
					}
				} else {
					$data['error_code'] = getCode('ACCOUNT_' . strtoupper(getUserData('status')));
					$data['do'] = 'failed';
				}
			} else {
				$data['error_code'] = getCode('USER_404');
				$data['do'] = 'failed';
			}
		} else {
			$data['error_code'] = getCode('STATS_404');
			$data['do'] = 'failed';
		}

		// Free result
		sqlFreeResult($result_mailid);
	} else {
		$data['error_code'] = getCode('ALREADY_CONFIRMED');
		$data['do'] = 'failed';
	}

	// Free result
	sqlFreeResult($result_main);
} else {
	// Not all variables are set
	$data['error_code'] = getCode('ERROR_MAILID');
	$data['do'] = 'failed';
}

// Error code is set?
handleMailIdErrorCode($data['error_code']);

// Insert footer if no image
if ($data['do'] != 'img') {
	// Write footer
	loadIncludeOnce('inc/footer.php');
} // END - if

// Really all done here... ;-)
doShutdown();

// [EOF]
?>