$uid = 0;
// Validate if it is not a number
- if ("".bigintval($_GET['uid'])."" !== "".$_GET['uid']."") {
+ if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") {
if (EXT_IS_ACTIVE("nickname")) {
// Maybe we have found a nickname?
$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1",
// Remember remote address, userid and timestamp for next click
// but only when there is no admin begging.
// Admins shall be able to test it!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s','%s', UNIX_TIMESTAMP())",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES ('%s','%s', UNIX_TIMESTAMP())",
array($uid, GET_REMOTE_ADDR()), __FILE__, __LINE__);
}
array($points, $uid), __FILE__, __LINE__);
} else {
// Add points to account
- $DEPTH = 0;
+ unset($DEPTH);
ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode']));
}