projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
wernis extension is now alpha code (only listing in admin area is missing), naming...
[mailer.git] / beg.php
diff --git a/beg.php b/beg.php
index baffdec97f373fca724e1d3ef7bdfa5fa08623ef..712a362f90fd947fe7cf6f2692355146203d7609 100644 (file)
--- a/beg.php
+++ b/beg.php
@@ -35,44 +35,39 @@
 require_once("inc/libs/security_functions.php");
 
 // Init "action" and "what"
 require_once("inc/libs/security_functions.php");
 
 // Init "action" and "what"
-global $what, $action;
+global $what, $action, $startTime;
+$GLOBALS['startTime'] = microtime(true);
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
 
 // Set module
 $GLOBALS['module'] = "beg";
 $GLOBALS['refid']  = 0;
 $CSS = -1;
 
 // Set module
 $GLOBALS['module'] = "beg";
 $GLOBALS['refid']  = 0;
 $CSS = -1;
+$msg = null;
 
 // Load the required file(s)
 require ("inc/config.php");
 
 // Is the script installed?
 
 // Load the required file(s)
 require ("inc/config.php");
 
 // Is the script installed?
-if (defined('mxchange_installed') && (mxchange_installed))
-{
+if (defined('mxchange_installed') && (mxchange_installed)) {
        // Check for userid
        // Check for userid
-       if (!empty($_GET['uid']))
-       {
+       if (!empty($_GET['uid'])) {
+               // Init user ID
                $uid = 0;
                $uid = 0;
-               if (bigintval($_GET['uid']) != $_GET['uid'])
-               {
-                       if (EXT_IS_ACTIVE("nickname"))
-                       {
+
+               // Validate if it is not a number
+               if (bigintval($_GET['uid']) !== "".$_GET['uid']."") {
+                       if (EXT_IS_ACTIVE("nickname")) {
                                // Maybe we have found a nickname?
                                $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                                 array($_GET['uid']), __FILE__, __LINE__);
                                // Maybe we have found a nickname?
                                $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                                 array($_GET['uid']), __FILE__, __LINE__);
-                       }
-                        else
-                       {
+                       } else {
                                // Nickname entered but nickname is not active
                                $msg = CODE_EXTENSION_PROBLEM;
                                $uid = -1;
                                $result = false;
                        }
                                // Nickname entered but nickname is not active
                                $msg = CODE_EXTENSION_PROBLEM;
                                $uid = -1;
                                $result = false;
                        }
-               }
-                else
-               {
+               } else {
                        // Direct userid
                        $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
                         array(bigintval($_GET['uid'])), __FILE__, __LINE__);
                        // Direct userid
                        $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
                         array(bigintval($_GET['uid'])), __FILE__, __LINE__);
@@ -80,19 +75,16 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                // Check if locked in so don't pay points
                $login = false; $status = "failed";
 
                // Check if locked in so don't pay points
                $login = false; $status = "failed";
-               if (IS_LOGGED_IN())
-               {
+               if (IS_LOGGED_IN()) {
                        // Logged in user detected!
                        $login = true;
                }
 
                // Check if account was found
                        // Logged in user detected!
                        $login = true;
                }
 
                // Check if account was found
-               if ((SQL_NUMROWS($result) == 1) && ($result != false))
-               {
+               if ((SQL_NUMROWS($result) == 1) && ($result != false)) {
                        // Found an ID so we simply set it
                        list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
                        // Found an ID so we simply set it
                        list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
-                       if ($status == "CONFIRMED")
-                       {
+                       if ($status == "CONFIRMED") {
                                // Secure userid
                                $uid = bigintval($uid);
 
                                // Secure userid
                                $uid = bigintval($uid);
 
@@ -102,16 +94,14 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
                                // If we need more number behind the decimal dot then we just need to increase all these three
                                // numbers matching to the numbers behind the decimal dot. Simple! ;-)
                                // Multiply configured values with 100000 and divide with 100000 so we can also handle small values
                                // If we need more number behind the decimal dot then we just need to increase all these three
                                // numbers matching to the numbers behind the decimal dot. Simple! ;-)
-                               $POINTS = rand(($CONFIG['beg_points'] * 100000), ($CONFIG['beg_points_max'] * 100000)) / 100000;
+                               $points = rand(($_CONFIG['beg_points'] * 100000), ($_CONFIG['beg_points_max'] * 100000)) / 100000;
 
                                // Set nickname / userid for the template(s
                                define('__BEG_UID'   , $_GET['uid']);
                                define('__BEG_CLICKS', ($clicks + 1));
                                define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
 
                                // Set nickname / userid for the template(s
                                define('__BEG_UID'   , $_GET['uid']);
                                define('__BEG_CLICKS', ($clicks + 1));
                                define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
-                               define('__BEG_POINTS', TRANSLATE_COMMA($POINTS));
-                       }
-                        else
-                       {
+                               define('__BEG_POINTS', TRANSLATE_COMMA($points));
+                       } else {
                                // Other status
                                $uid = "0";
                        }
                                // Other status
                                $uid = "0";
                        }
@@ -120,22 +110,19 @@ if (defined('mxchange_installed') && (mxchange_installed))
                // Free memory
                SQL_FREERESULT($result);
 
                // Free memory
                SQL_FREERESULT($result);
 
-               if (($uid > 0) && ($CONFIG['beg_uid'] != $uid))
-               {
+               if (($uid > 0) && ($_CONFIG['beg_uid'] != $uid)) {
                        // Update counter
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
                         array($uid), __FILE__, __LINE__);
 
                        // Check for last entry for userid w/o IP number
                        // Update counter
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
                         array($uid), __FILE__, __LINE__);
 
                        // Check for last entry for userid w/o IP number
-                       $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $CONFIG['beg_timeout'])." OR (timeout > ".(time() - $CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $_CONFIG['beg_timeout'])." OR (timeout > ".(time() - $_CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1",
                         array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
                         array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__);
-                       if ((SQL_NUMROWS($result) == 0) && ($POINTS > 0) && (!$login))
-                       {
+                       if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) {
                                // Free memory
                                SQL_FREERESULT($result);
 
                                // Free memory
                                SQL_FREERESULT($result);
 
-                               if (!IS_ADMIN())
-                               {
+                               if (!IS_ADMIN()) {
                                        // Remember remote address, userid and timestamp for next click
                                        // but only when there is no admin begging.
                                        // Admins shall be able to test it!
                                        // Remember remote address, userid and timestamp for next click
                                        // but only when there is no admin begging.
                                        // Admins shall be able to test it!
@@ -145,49 +132,41 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                                // Set mode depending on how many mails the member has to confirm
                                $locked = false;
 
                                // Set mode depending on how many mails the member has to confirm
                                $locked = false;
-                               if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == 'N')) $locked = true;
+                               if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == 'N')) $locked = true;
 
                                // Is begging rallye active?
 
                                // Is begging rallye active?
-                               if ($CONFIG['beg_rallye'] == 'Y')
-                               {
+                               if ($_CONFIG['beg_rallye'] == 'Y') {
                                        // Add points to rallye account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
                                        // Add points to rallye account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1",
-                                        array($POINTS, $uid), __FILE__, __LINE__);
-                               }
-                                else
-                               {
+                                        array($points, $uid), __FILE__, __LINE__);
+                               } else {
                                        // Add points to account
                                        // Add points to account
-                                       ADD_POINTS_REFSYSTEM($uid, $POINTS, false, "0", $locked, strtolower($CONFIG['beg_mode']));
+                                       $DEPTH = 0;
+                                       ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode']));
                                }
 
                                // Subtract begged points from member account if the admin has selected one
                                }
 
                                // Subtract begged points from member account if the admin has selected one
-                               if ($CONFIG['beg_uid'] > 0)
-                               {
+                               if ($_CONFIG['beg_uid'] > 0) {
                                        // Subtract from this account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
                                        // Subtract from this account
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
-                                        array($POINTS, bigintval($CONFIG['beg_uid'])), __FILE__, __LINE__);
+                                        array($points, bigintval($_CONFIG['beg_uid'])), __FILE__, __LINE__);
 
                                        // Update mediadata as well
 
                                        // Update mediadata as well
-                                       if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-                                       {
+                                       if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
                                                // Update database
                                                // Update database
-                                               MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $POINTS);
+                                               MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
                                        }
                                }
 
                                // Set message
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
                                        }
                                }
 
                                // Set message
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
-                       }
-                        elseif ($login)
-                       {
+                       } elseif ($login) {
                                // Logged in user found!
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
 
                                // Free memory
                                SQL_FREERESULT($result);
                                // Logged in user found!
                                define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
 
                                // Free memory
                                SQL_FREERESULT($result);
-                       }
-                        else
-                       {
+                       } else {
                                // Free memory
                                SQL_FREERESULT($result);
 
                                // Free memory
                                SQL_FREERESULT($result);
 
@@ -203,54 +182,42 @@ if (defined('mxchange_installed') && (mxchange_installed))
 
                        // Include footer
                        require_once(PATH."inc/footer.php");
 
                        // Include footer
                        require_once(PATH."inc/footer.php");
-               }
-                elseif (($status != "CONFIRMED") && ($status != "failed"))
-               {
+               } elseif (($status != "CONFIRMED") && ($status != "failed")) {
                        // Maybe locked/unconfirmed account?
                        // Maybe locked/unconfirmed account?
-                       switch ($status)
-                       {
+                       switch ($status) {
                                case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
                                case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
                        }
                                case "LOCKED"     : $msg = CODE_ID_LOCKED     ; break; // Locked account
                                case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account
                        }
-               }
-                elseif (($uid == "0") || ($status == "failed"))
-               {
+               } elseif (($uid == "0") || ($status == "failed")) {
                        // Inalid or locked account, so let's find out
                        $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                         array($_GET['uid']), __FILE__, __LINE__);
                        // Inalid or locked account, so let's find out
                        $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
                         array($_GET['uid']), __FILE__, __LINE__);
-                       if (SQL_NUMROWS($result) == 1)
-                       {
+                       if (SQL_NUMROWS($result) == 1) {
                                // Locked account
                                $msg = CODE_ACCOUNT_LOCKED;
                                // Locked account
                                $msg = CODE_ACCOUNT_LOCKED;
-                       }
-                        else
-                       {
+                       } else {
                                // Invalid nickname! (404)
                                $msg = CODE_USER_404;
                        }
 
                        // Free memory
                        SQL_FREERESULT($result);
                                // Invalid nickname! (404)
                                $msg = CODE_USER_404;
                        }
 
                        // Free memory
                        SQL_FREERESULT($result);
-               }
-                elseif ($uid = $CONFIG['beg_uid'])
-               {
+               } elseif ($uid == $_CONFIG['beg_uid']) {
                        // Webmaster's ID cannot beg for points!
                        $msg = CODE_BEG_SAME_AS_OWN;
                }
 
                // Reload to index module
                        // Webmaster's ID cannot beg for points!
                        $msg = CODE_BEG_SAME_AS_OWN;
                }
 
                // Reload to index module
-               if ((!empty($msg)) && (!empty($msg))) LOAD_URL(URL."/modules.php?module=index&msg=".$msg);
-       }
-        else
-       {
+               die("-".$msg."-");
+               if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&msg=".$msg);
+       } else {
                // No userid entered
                // No userid entered
-               LOAD_URL(URL."/modules.php?module=index");
+               LOAD_URL("modules.php?module=index");
        }
        }
-}
- else
-{
+} else {
        // You have to configure first!
        // You have to configure first!
-       LOAD_URL(URL."/install.php");
+       LOAD_URL("install.php");
 }
 }
+
 // Really all done here... ;-)
 ?>
 // Really all done here... ;-)
 ?>
Mailer-Project repository