-require ("inc/config.php");
-
-// Is the script installed?
-if (defined('mxchange_installed') && (isBooleanConstantAndTrue('mxchange_installed'))) {
- // Check for userid
- if (!empty($_GET['uid'])) {
- // Init user ID
- $uid = 0;
-
- // Validate if it is not a number
- if ("".bigintval($_GET['uid'])."" !== "".$_GET['uid']."") {
- if (EXT_IS_ACTIVE("nickname")) {
- // Maybe we have found a nickname?
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_GET['uid']), __FILE__, __LINE__);
- } else {
- // Nickname entered but nickname is not active
- $msg = CODE_EXTENSION_PROBLEM;
- $uid = -1;
- $result = false;
- }
- } else {
- // Direct userid
- $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['uid'])), __FILE__, __LINE__);
- }
-
- // Check if locked in so don't pay points
- $login = false; $status = "failed";
- if (IS_MEMBER()) {
- // Logged in user detected!
- $login = true;
- } // END - if
-
- // Check if account was found
- if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
- // Found an ID so we simply set it
- list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
- if ($status == "CONFIRMED") {
- // Secure userid
- $uid = bigintval($uid);
-
- // Calculate beg points
- mt_srand((double)microtime() * 10000000000 / time());
-
- // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
- // If we need more number behind the decimal dot then we just need to increase all these three
- // numbers matching to the numbers behind the decimal dot. Simple! ;-)
- $points = mt_rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
-
- // Set nickname / userid for the template(s
- define('__BEG_UID' , $_GET['uid']);
- define('__BEG_CLICKS', ($clicks + 1));
- define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
- define('__BEG_POINTS', TRANSLATE_COMMA($points));
- } else {
- // Other status
- $uid = 0;
- }
- }
-
- // Free memory
- SQL_FREERESULT($result);
-
- if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) {
- // Update counter
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
- array($uid), __FILE__, __LINE__);
-
- // Check for last entry for userid w/o IP number
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND remote_ip='%s' LIMIT 1",
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) {
- // Free memory
- SQL_FREERESULT($result);
-
- if (!IS_ADMIN()) {
- // Remember remote address, userid and timestamp for next click
- // but only when there is no admin begging.
- // Admins shall be able to test it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- }
-
- // Set mode depending on how many mails the member has to confirm
- $locked = false;
- if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true;
-
- // Is begging rallye active?
- if ($_CONFIG['beg_rallye'] == "Y") {
- // Add points to rallye account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1",
- array($points, $uid), __FILE__, __LINE__);
- } else {
- // Add points to account
- $DEPTH = 0;
- ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode']));
- }