// Load security stuff here
require('inc/libs/security_functions.php');
-// Init "action" and "what"
+// Init start time
$GLOBALS['startTime'] = microtime(true);
-$GLOBALS['what'] = '';
-$GLOBALS['action'] = '';
// Set module
$GLOBALS['module'] = 'doubler';
redirectOnUninstalledExtension('doubler');
// Is the script installed?
-if (isInstalled()) {
- // Probe for referal ID
- if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid'));
+if (!isInstalled()) {
+ // You have to install first!
+ redirectToUrl('install.php');
+} // END - if
- // Only check this if refid is provided!
- if ($GLOBALS['refid'] > 0) {
- // Probe for nickname extension and if a nickname was supplied by URL
- $probe_nickname = ((EXT_IS_ACTIVE('nickname')) && ((''.round($GLOBALS['refid']).'') != $GLOBALS['refid']));
+// Probe for referal ID
+if (REQUEST_ISSET_GET('refid')) $GLOBALS['refid'] = REQUEST_GET('refid');
- // Do we have nickname or userid set?
- if ($probe_nickname === true) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+// Only check this if refid is provided!
+if ($GLOBALS['refid'] > 0) {
+ // Do we have nickname or userid set?
+ if (isNicknameUsed($GLOBALS['refid'])) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT `userid`, `status` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
- } else {
- // Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ } else {
+ // Direct userid entered
+ $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
- }
+ }
- // Load data
- list($rid, $status_ref) = SQL_FETCHROW($result);
- $GLOBALS['refid'] = bigintval($rid);
+ // Load data
+ list($rid, $status_ref) = SQL_FETCHROW($result);
+ $GLOBALS['refid'] = bigintval($rid);
- // Free memory
- SQL_FREERESULT($result);
- } // END - if
-
- // Init userid
- $uid = 0;
-
- // If no account was found set default refid and status to CONFIRMED
- if (empty($GLOBALS['refid'])) {
- $GLOBALS['refid'] = getConfig('def_refid');
- $status = 'CONFIRMED';
- } // END - if
-
- // Begin with doubler script...
- if (isFormSent()) {
- // Secure points (so only integer/double values are allowed
- REQUEST_SET_POST('points', bigintval(REQUEST_POST('points')));
-
- // Begin with doubling process
- if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) {
- // Probe for nickname extension and if a nickname was entered
- $probe_nickname = ((EXT_IS_ACTIVE('nickname')) && ((''.round(REQUEST_POST('userid')).'') != REQUEST_POST('userid')));
- if ($probe_nickname) {
- // Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ // Free memory
+ SQL_FREERESULT($result);
+} // END - if
+
+// Init userid
+$uid = 0;
+
+// If no account was found set default refid and status to CONFIRMED
+if (empty($GLOBALS['refid'])) {
+ $GLOBALS['refid'] = getConfig('def_refid');
+ $status = 'CONFIRMED';
+} // END - if
+
+// Begin with doubler script...
+if (isFormSent()) {
+ // Secure points (so only integer/double values are allowed
+ REQUEST_SET_POST('points', bigintval(REQUEST_POST('points')));
+
+ // Begin with doubling process
+ if ((REQUEST_ISSET_POST('userid')) && (REQUEST_ISSET_POST('pass')) && (REQUEST_ISSET_POST('points'))) {
+ // Probe for nickname extension and if a nickname was entered
+ if (isNickNameUsed(REQUEST_POST('userid'))) {
+ // Nickname in URL, so load the ID
+ $result = SQL_QUERY_ESC("SELECT `userid`, `status`, `password` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `nickname`='%s' LIMIT 1",
array(REQUEST_POST('userid')), __FILE__, __LINE__);
- } else {
- // Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ } else {
+ // Direct userid entered
+ $result = SQL_QUERY_ESC("SELECT `userid`, `status, `password` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__);
- }
+ }
- // Load data
- list($uid, $status, $password) = SQL_FETCHROW($result);
- $uid = bigintval($uid);
+ // Load data
+ list($uid, $status, $password) = SQL_FETCHROW($result);
+ $uid = bigintval($uid);
- // Free result
- SQL_FREERESULT($result);
+ // Free result
+ SQL_FREERESULT($result);
- // Remove any dots and unwanted chars from the points
- REQUEST_SET_POST('points', bigintval(round(convertCommaToDot(REQUEST_POST('points')))));
+ // Remove any dots and unwanted chars from the points
+ REQUEST_SET_POST('points', bigintval(round(convertCommaToDot(REQUEST_POST('points')))));
- // Probe for enough points
- $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max')));
+ // Probe for enough points
+ $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max')));
- // Check all together
- if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == 'CONFIRMED') && ($probe_points)) {
- // Nickname resolved to a unique userid or direct userid entered by the member
- $GLOBALS['doubler_uid'] = $uid;
+ // Check all together
+ if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == 'CONFIRMED') && ($probe_points)) {
+ // Nickname resolved to a unique userid or direct userid entered by the member
+ $GLOBALS['doubler_uid'] = $uid;
- // Calulcate points
- $points = GET_TOTAL_DATA($uid, 'user_points', 'points') - GET_TOTAL_DATA($uid, 'user_data', 'used_points');
+ // Calulcate points
+ $points = GET_TOTAL_DATA($uid, 'user_points', 'points') - GET_TOTAL_DATA($uid, 'user_data', 'used_points');
- // So let's continue with probing his points amount
- if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0)
+ // So let's continue with probing his points amount
+ if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0)
// Enough points are left so let's continue with the doubling process
// Create doubling "account" width *DOUBLED* points
- SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')",
- array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')",
+ array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__);
// Subtract entered points
SUB_POINTS('doubler', $uid, REQUEST_POST('points'));
// Add second line for the referal but only when uid != refid
if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
// Okay add a refid line and apply refid percents
- SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')",
- array(
- bigintval($GLOBALS['refid']),
- bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref'))
- ), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')",
+ array(
+ bigintval($GLOBALS['refid']),
+ bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref'))
+ ), __FILE__, __LINE__);
// And that's why we don't want to you more than one referal level of doubler-points. ^^^
} // END - if
} elseif (REQUEST_POST('points') > getConfig('doubler_max')) {
// Too much points entered
define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX'));
- } elseif ($probe_nickname) {
+ } elseif (isNickNameUsed(REQUEST_POST('userid'))) {
// Cannot resolv nickname -> userid
define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_NICKNAME'));
} else {
// Wrong password or account not found
define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER'));
}
- } elseif (!REQUEST_ISSET_POST(('userid'))) {
+ } elseif (!REQUEST_ISSET_POST('userid')) {
// Login not entered
define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN'));
- } elseif (!REQUEST_ISSET_POST(('pass'))) {
+ } elseif (!REQUEST_ISSET_POST('pass')) {
// Password not entered
define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD'));
- } elseif (!REQUEST_ISSET_POST(('points'))) {
+ } elseif (!REQUEST_ISSET_POST('points')) {
// points not entered
define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS'));
}
define('__LEFT_VALUE', translateComma(DOUBLER_GET_TOTAL_POINTS_LEFT()));
// Output neccessary form for this
+// @TODO Rewrite all constants
LOAD_TEMPLATE('doubler_index');
// Output footer
loadIncludeOnce('inc/footer.php');
-} else {
- // You have to install first!
- redirectToUrl('install.php');
-}
-
-// Really all done here... ;-)
-shutdown();
-//
+// [EOF]
?>
projects / mailer.git / blobdiff