+++ /dev/null
-<?php
-/************************************************************************
- * MXChange v0.2.1 Start: 11/14/2003 *
- * =============== Last change: 11/13/2004 *
- * *
- * -------------------------------------------------------------------- *
- * File : mailid_top.php *
- * -------------------------------------------------------------------- *
- * Short description : Confirmation file for emails *
- * -------------------------------------------------------------------- *
- * Kurzbeschreibung : Bestaetigung von Mails *
- * -------------------------------------------------------------------- *
- * *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
- * MA 02110-1301 USA *
- ************************************************************************/
-
-// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require_once("inc/libs/security_functions.php");
-
-// Init "action" and "what"
-global $what, $action;
-$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
-
-// Tell everyone we are in this module
-$GLOBALS['module'] = "mailid"; $CSS = "0";
-
-// Load the required file(s)
-require ("inc/config.php");
-
-if (defined('mxchange_installed') && (mxchange_installed))
-{
- // Is the extension active
- if (!EXT_IS_ACTIVE("mailid", true)) {
- // Is not activated/installed yet!
- ADD_FATAL(sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "register"));
- }
-
- // Secure all data
- $url_uid = "0"; $url_bid = "0"; $url_mid = "0"; $code = "0"; $mode = "";
- if (!empty($_GET['uid'])) $url_uid = bigintval($_GET['uid']);
- if (!empty($_GET['mailid'])) $url_mid = bigintval($_GET['mailid']);
- if (!empty($_GET['bonusid'])) $url_bid = bigintval($_GET['bonusid']);
- if (!empty($_GET['code'])) $code = bigintval($_GET['code']);
- if (!empty($_GET['mode'])) $mode = $_GET['mode'];
-
- // 01 1 12 2 2 21 1 2 2 10
- if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (count($FATAL) == 0))
- {
- if ($mode != "img") require_once(PATH."inc/header.php");
-
- // Maybe he wants to confirm an email?
- if ($url_mid > 0)
- {
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d AND userid=%d LIMIT 1",
- array($url_mid, $url_uid), __FILE__, __LINE__);
- $TYPE = "mailid"; $DATA = $url_mid;
- }
- elseif ($url_bid > 0)
- {
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%d AND userid=%d LIMIT 1",
- array($url_bid, $url_uid), __FILE__, __LINE__);
- $TYPE = "bonusid"; $DATA = $url_bid;
- }
- if (SQL_NUMROWS($result) == 1)
- {
- // Is the stats ID valid?
- list($link_id, $ltype) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- switch ($ltype)
- {
- case "NORMAL":
- $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%d LIMIT 1",
- array($url_mid), __FILE__, __LINE__);
- break;
-
- case "BONUS":
- $result_mailid = SQL_QUERY_ESC("SELECT id, id, is_notify FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
- array($url_bid), __FILE__, __LINE__);
- break;
- }
- if (SQL_NUMROWS($result_mailid) == 1)
- {
- list($pool, $sender, $notify) = SQL_FETCHROW($result_mailid);
-
- // Correct notification switch in non-bonus mails
- if (($notify != "Y") && ($notify != "N")) $notify = "N";
-
- // Free some memory
- SQL_FREERESULT($result_mailid);
-
- // Set sender to 0 when we have a bonus mail
- if ($ltype == "BONUS") $sender = 0;
-
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT status, sex, surname, family, ref_payout FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($url_uid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Load data
- list($status, $sex, $sname, $fname, $ref_pay) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- if ($status == "CONFIRMED")
- {
- // Update last activity
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_online=UNIX_TIMESTAMP(), last_module='mailid_top' WHERE userid=%d LIMIT 1",
- array($url_uid), __FILE__, __LINE__);
-
- // User has confirmed his account so we can procede...
- switch ($ltype)
- {
- case "NORMAL":
- $result = SQL_QUERY_ESC("SELECT payment_id FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%d LIMIT 1",
- array(bigintval($pool)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($pay) = SQL_FETCHROW($result);
- $time = GET_PAY_POINTS($pay, "time");
- $payment = GET_PAY_POINTS($pay, "payment");
- $VALID = true;
- }
-
- // Free memory...
- SQL_FREERESULT($result);
- break;
-
- case "BONUS":
- $result = SQL_QUERY_ESC("SELECT time, points FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
- array(bigintval($pool)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- list($time, $payment) = SQL_FETCHROW($result);
- $VALID = true;
- }
-
- // Free memory...
- SQL_FREERESULT($result);
- break;
- }
- if ($VALID)
- {
- if (($time == "0") && ($payment >0)) $time = "1";
- if (($time > 0) && ($payment > 0))
- {
- if (!empty($code))
- {
- // Generate code
- $img_code = GEN_RANDOM_CODE($CONFIG['code_length'], $code, $url_uid, $DATA);
- }
-
- switch ($mode)
- {
- case "add":
- // Count clicks
- switch ($ltype)
- {
- case "NORMAL":
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET clicks=clicks+1 WHERE id=%d LIMIT 1",
- array($url_mid), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_clicks", "normal_clicks"), "add", 1);
- }
- break;
-
- case "BONUS":
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_bonus SET clicks=clicks+1 WHERE id=%d LIMIT 1",
- array($url_bid), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_clicks", "bonus_clicks"), "add", 1);
- }
- break;
- }
-
- // Export data into constants for the template
- define('_POINTS_VALUE' , TRANSLATE_COMMA($payment));
- define('_TEMPLATE_BANNER', LOAD_TEMPLATE("mailid_banner", true));
-
- // Only when user extension = v0.1.2: Update mails-confirmed counter
- if (GET_EXT_VERSION("user") >= "0.1.2")
- {
- // Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET mails_confirmed=mails_confirmed+1 WHERE userid=%d LIMIT 1",
- array($url_uid), __FILE__, __LINE__);
- }
-
- // Right code entered?
- if (bigintval($_POST['gfx_check']) == $img_code)
- {
- // Right code entered add points and remove entry
- if (($ref_pay > 0) && ($CONFIG['allow_direct_pay'] == "N"))
- {
- // Don't add points over the referral system
- $locked = true;
- $template = "mailid_points_locked";
- }
- else
- {
- // Add points over referral system
- $locked = false;
- $template = "mailid_points_done";
- }
-
- // Count down ref_payout value
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=ref_payout-1 WHERE userid=%d AND ref_payout > 0 LIMIT 1",
- array($url_uid), __FILE__, __LINE__);
-
- // Add points
- ADD_POINTS_REFSYSTEM($url_uid, $payment, false, "0", $locked);
-
- // Shall I add bonus points for "turbo clickers" ?
- if ((GET_EXT_VERSION("bonus") >= "0.2.2") && (function_exists('BONUS_ADD_TURBO_POINTS')))
- {
- // Is an active-rallye running and this is not a notification mail?
- if (($CONFIG['bonus_active'] == "Y") && ($notify == "N"))
- {
- // Shall I exclude the webmaster's own userid from the active-rallye?
- if (((($CONFIG['bonus_uid'] == $url_uid) && ($CONFIG['bonus_include_own'] == "Y")) || ($CONFIG['bonus_uid'] != $url_uid)) && ($CONFIG['def_refid'] != $url_uid))
- {
- // Add points and remember ranking are done in this function....
- BONUS_ADD_TURBO_POINTS($DATA, $url_uid, $TYPE);
-
- // Set template to mailid_points_done2 which contains a link to the ranking list
- $template = "mailid_points_done2";
- if ($locked) $template = "mailid_points_locked2";
- define('_UID_VALUE' , $url_uid);
- define('_TYPE_VALUE', $TYPE);
- define('_DATA_VALUE', TRANSLATE_COMMA($DATA));
- }
- }
- }
-
- // Remove link from table
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
- array(bigintval($link_id)), __FILE__, __LINE__);
-
- // Load total points
- define('__TOTAL_POINTS', TRANSLATE_COMMA(
- GET_TOTAL_DATA($url_uid, "user_points", "points") -
- GET_TOTAL_DATA($url_uid, "user_data", "used_points"))
- );
-
- // Load template
- LOAD_TEMPLATE($template);
- }
- else
- {
- // Wrong image code! So add points to sender's account
- ADD_POINTS_REFSYSTEM($sender, $payment);
-
- // Remove link from table
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
- array(bigintval($link_id)), __FILE__, __LINE__);
-
- // Load template
- LOAD_TEMPLATE("mailid_points_failed");
- }
- break;
-
- case "img":
- GENERATE_IMAGE($img_code);
- break;
-
- case "confirm":
- if ($code > 0)
- {
- // Export data into constants for the template
- define('_CODE_VALUE', $code);
- define('_UID_VALUE' , $url_uid );
- define('_TYPE_VALUE', $TYPE);
- define('_DATA_VALUE', $DATA);
- define('_TEMPLATE_BANNER', LOAD_TEMPLATE("mailid_banner", true));
- if ($CONFIG['code_length'] > 0)
- {
- // Generate Code
- define('_IMAGE_CODE', IMG_CODE($code, $TYPE, $DATA, $url_uid));
- $templ = "mailid_enter_code";
- }
- else
- {
- // Disabled code
- define('__GFX_CODE', $img_code);
- $templ = "mailid_confirm_buttom";
- }
-
- // Load template
- LOAD_TEMPLATE($templ);
- }
- break;
-
- case "":
- // Ok, all data is valid and loaded. Finally let's output the timer... :-)
- // Export data into constants for the template
- define('_TIME_VALUE', $time);
- define('_TIM2_VALUE', strlen($time));
- define('_UID_VALUE' , $url_uid );
- define('_TYPE_VALUE', $TYPE);
- define('_DATA_VALUE', $DATA);
- define('_RAND_VALUE', rand(0, 99999));
- define('_TEMPLATE_BANNER', LOAD_TEMPLATE("mailid_banner", true));
-
- // Load template
- LOAD_TEMPLATE("mailid_timer");
- break;
- }
- }
- else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (6)</STRONG>");
- }
- else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (5)</STRONG>");
- }
- else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (4)</STRONG>");
- }
- else
- {
- SQL_FREERESULT($result);
- OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (3)</STRONG>");
- }
- }
- else
- {
- SQL_FREERESULT($result);
- OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (2)</STRONG>");
- }
- }
- else
- {
- SQL_FREERESULT($result);
- OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (1)</STRONG>");
- }
- if ($mode != "img")
- {
- // Write footer
- require_once(PATH."inc/footer.php");
- }
- }
-}
- elseif ($mode != "img")
-{
- // You have to configure first!
- LOAD_URL("install.php");
-}
-
-// Really all done here... ;-)
-?>