$msg = null;
// Load the required file(s)
-require ("inc/config.php");
+require("inc/config.php");
+
+// Is the "beg" extension active?
+if (!EXT_IS_ACTIVE("beg")) {
+ // Redirect to index
+ LOAD_URL("modules.php?module=index&msg=".CODE_EXTENSION_PROBLEM."&ext=beg");
+} // END - if
// Is the script installed?
if (isBooleanConstantAndTrue('mxchange_installed')) {
// Check for userid
if (!empty($_GET['uid'])) {
- // Init user ID
+ // Init variables
$uid = 0;
+ $result = false;
+ $points = 0;
+
+ // Don't pay is the default...
+ $pay = false;
// Validate if it is not a number
- if ("".bigintval($_GET['uid'])."" !== "".$_GET['uid']."") {
+ if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") {
if (EXT_IS_ACTIVE("nickname")) {
// Maybe we have found a nickname?
$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_GET['uid']), __FILE__, __LINE__);
+ array($_GET['uid']), __FILE__, __LINE__);
} else {
// Nickname entered but nickname is not active
$msg = CODE_EXTENSION_PROBLEM;
$uid = -1;
- $result = false;
}
} else {
// Direct userid
$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['uid'])), __FILE__, __LINE__);
+ array(bigintval($_GET['uid'])), __FILE__, __LINE__);
}
// Check if locked in so don't pay points
- $login = false; $status = "failed";
- if (IS_MEMBER()) {
- // Logged in user detected!
- $login = true;
- } // END - if
+ $status = "failed";
// Check if account was found
if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
// Found an ID so we simply set it
list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
+
+ // Account confirmed?
if ($status == "CONFIRMED") {
// Secure userid
$uid = bigintval($uid);
$points = mt_rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
// Set nickname / userid for the template(s
- define('__BEG_UID' , $_GET['uid']);
+ define('__BEG_UID' , SQL_ESCAPE($_GET['uid']));
define('__BEG_CLICKS', ($clicks + 1));
define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
define('__BEG_POINTS', TRANSLATE_COMMA($points));
// Other status
$uid = 0;
}
- }
+ } // END - if
// Free memory
SQL_FREERESULT($result);
+ // User id valid and not webmaster's id?
if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) {
// Update counter
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
- array($uid), __FILE__, __LINE__);
+ array($uid), __FILE__, __LINE__);
// Check for last entry for userid w/o IP number
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND remote_ip='%s' LIMIT 1",
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) {
- // Free memory
- SQL_FREERESULT($result);
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_timeout'].") OR (timeout > (UNIX_TIMESTAMP() - ".$_CONFIG['beg_uid_timeout'].") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
+ array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
+ // Entry not found, points set and not logged in?
+ if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && ($_CONFIG['beg_pay_mode'] == "NONE")) {
+
+ // Admin is testing?
if (!IS_ADMIN()) {
// Remember remote address, userid and timestamp for next click
// but only when there is no admin begging.
// Admins shall be able to test it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())",
- array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
- }
-
- // Set mode depending on how many mails the member has to confirm
- $locked = false;
- if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true;
-
- // Is begging rallye active?
- if ($_CONFIG['beg_rallye'] == "Y") {
- // Add points to rallye account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%s LIMIT 1",
- array($points, $uid), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
+ array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
+
+ // Was is successfull?
+ if (SQL_AFFECTEDROWS() == 1) {
+ // Okay!
+ $pay = true;
+ } // END - if
} else {
- // Add points to account
- $DEPTH = 0;
- ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode']));
+ // Is admin!
+ $pay = true;
}
- // Subtract begged points from member account if the admin has selected one
- if ($_CONFIG['beg_uid'] > 0) {
- // Subtract from this account
- SUB_POINTS($_CONFIG['beg_uid'], $points);
+ // Pay points?
+ if ($pay) {
+ // Add points to user or begging rallye account
+ if (BEG_ADD_POINTS($uid, $points)) {
+ // Set "done" message
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
+ } else {
+ // Error!
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
+ }
+ } else {
+ // Error!
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
}
-
- // Set message
- define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
- } elseif ($login) {
+ } elseif (IS_MEMBER()) {
// Logged in user found!
define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
-
- // Free memory
- SQL_FREERESULT($result);
+ } elseif ($_CONFIG['beg_pay_mode'] != "NONE") { // Other pay-mode active!
+ // Prepare content for template
+ $content = array(
+ 'clicks' => __BEG_CLICKS,
+ 'points' => __BEG_POINTS,
+ 'uid' => __BEG_UID
+ );
+
+ // Load message template depending on pay-mode
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower($_CONFIG['beg_pay_mode']), true, $content));
+ $pay = true;
} else {
- // Free memory
- SQL_FREERESULT($result);
-
// Clicked received while reload lock is active
define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
}
+ // Free memory
+ SQL_FREERESULT($result);
+
// Include header
require_once(PATH."inc/header.php");
// Load final template
LOAD_TEMPLATE("beg_link");
+ // Tracker code enabled? (We don't track users here!
+ if (($_CONFIG['beg_pay_mode'] != "NONE") && ($pay)) {
+ // Prepare content for template
+ $content = array(
+ );
+
+ // Include config-depending template
+ LOAD_TEMPLATE("beg_pay_code_".strtolower($_CONFIG['beg_pay_mode']), false, $content);
+ } elseif (!$pay) {
+ // Cannot pay! :-(
+ define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
+ }
+
// Include footer
require_once(PATH."inc/footer.php");
} elseif (($status != "CONFIRMED") && ($status != "failed")) {
} elseif (($uid == "0") || ($status == "failed")) {
// Inalid or locked account, so let's find out
$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
- array($_GET['uid']), __FILE__, __LINE__);
+ array($_GET['uid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Locked account
$msg = CODE_ACCOUNT_LOCKED;
projects / mailer.git / blobdiff