************************************************************************/
// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require_once("inc/libs/security_functions.php");
+require("inc/libs/security_functions.php");
// Init "action" and "what"
-global $what, $action, $startTime;
$GLOBALS['startTime'] = microtime(true);
$GLOBALS['what'] = "";
$GLOBALS['action'] = "";
// Set module
$GLOBALS['module'] = "doubler";
$GLOBALS['refid'] = 0;
-$CSS = 0;
+$GLOBALS['output_mode'] = 0;
// Load the required file(s)
require("inc/config.php");
// Is the "doubler" extension active?
-if (!EXT_IS_ACTIVE("doubler")) {
- // Redirect to index
- LOAD_URL("modules.php?module=index&msg=".CODE_EXTENSION_PROBLEM."&ext=doubler");
-} // END - if
+REDIRECT_ON_UNINSTALLED_EXTENSION("doubler");
// Is the script installed?
-if (isBooleanConstantAndTrue('mxchange_installed')) {
+if (isInstalled()) {
// Probe for referal ID
- if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']);
+ if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid'));
// Only check this if refid is provided!
if ($GLOBALS['refid'] > 0) {
// Do we have nickname or userid set?
if ($probe_nickname) {
// Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
} else {
// Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
}
} // END - if
// Begin with doubler script...
- if (isset($_POST['ok'])) {
+ if (IS_FORM_SENT()) {
// Secure points (so only integer/double values are allowed
- $_POST['points'] = bigintval($_POST['points']);
+ REQUEST_SET_POST('points', bigintval(REQUEST_POST('points')));
// Begin with doubling process
- if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) {
+ if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) {
// Probe for nickname extension and if a nickname was entered
- $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid']));
+ $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round(REQUEST_POST('userid'))."") != REQUEST_POST('userid')));
if ($probe_nickname) {
// Nickname in URL, so load the ID
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1",
- array($_POST['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
+ array(REQUEST_POST('userid')), __FILE__, __LINE__);
} else {
// Direct userid entered
- $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['userid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__);
}
// Load data
SQL_FREERESULT($result);
// Remove any dots and unwanted chars from the points
- $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points'])));
+ REQUEST_SET_POST('points', bigintval(round(REVERT_COMMA(REQUEST_POST('points')))));
// Probe for enough points
- $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max')));
+ $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max')));
// Check all together
- if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
+ if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) {
// Nickname resolved to a unique userid or direct userid entered by the member
- $DOUBLER_UID = $uid;
+ $GLOBALS['doubler_uid'] = $uid;
// Calulcate points
$points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points");
// So let's continue with probing his points amount
- if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0)
+ if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0)
// Enough points are left so let's continue with the doubling process
// Create doubling "account" width *DOUBLED* points
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
- array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')",
+ array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__);
// Subtract entered points
- SUB_POINTS("doubler", $uid, $_POST['points']);
+ SUB_POINTS("doubler", $uid, REQUEST_POST('points'));
// Add points to "total payed" including charge
- $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge');
+ $points = REQUEST_POST('points') - REQUEST_POST('points') * getConfig('doubler_charge');
UPDATE_CONFIG("doubler_points", $points, "+");
incrementConfigEntry('doubler_points', $points);
// Add second line for the referal but only when uid != refid
if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) {
// Okay add a refid line and apply refid percents
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')",
array(
bigintval($GLOBALS['refid']),
- bigintval($_POST['points'] * 2 * getConfig('doubler_ref'))
+ bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref'))
), __FILE__, __LINE__);
// And that's why we don't want to you more than one referal level of doubler-points. ^^^
// Update usage counter
UPDATE_CONFIG("doubler_counter", 1, "+");
- incrementCondigEntry('doubler_counter');
// Set constant
- define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid']));
+ define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, REQUEST_POST('userid')));
} else {
// Not enougth points left
- define('__ERROR_MSG', DOUBLER_FORM_NO_POINTS_LEFT);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_NO_POINTS_LEFT'));
}
} elseif ($status == "CONFIRMED") {
// Account is unconfirmed!
- define('__ERROR_MSG', DOUBLER_FORM_WRONG_PASS);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_WRONG_PASS'));
} elseif ($status == "UNCONFIRMED") {
// Account is unconfirmed!
- define('__ERROR_MSG', DOUBLER_FORM_STATUS_UNCONFIRMED);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_UNCONFIRMED'));
} elseif ($status == "LOCKED") {
// Account is locked by admin / holiday!
- define('__ERROR_MSG', DOUBLER_FORM_STATUS_LOCKED);
- } elseif ($_POST['points'] < getConfig('doubler_min')) {
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_LOCKED'));
+ } elseif (REQUEST_POST('points') < getConfig('doubler_min')) {
// Not enougth points entered
- define('__ERROR_MSG', DOUBLER_FORM_POINTS_MIN);
- } elseif ($_POST['points'] > getConfig('doubler_max')) {
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MIN'));
+ } elseif (REQUEST_POST('points') > getConfig('doubler_max')) {
// Too much points entered
- define('__ERROR_MSG', DOUBLER_FORM_POINTS_MAX);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX'));
} elseif ($probe_nickname) {
// Cannot resolv nickname -> userid
- define('__ERROR_MSG', DOUBLER_FORM_404_NICKNAME);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_NICKNAME'));
} else {
// Wrong password or account not found
- define('__ERROR_MSG', DOUBLER_FORM_404_MEMBER);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER'));
}
- } elseif (empty($_POST['userid'])) {
+ } elseif (!REQUEST_ISSET_POST(('userid'))) {
// Login not entered
- define('__ERROR_MSG', DOUBLER_FORM_404_LOGIN);
- } elseif (empty($_POST['pass'])) {
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN'));
+ } elseif (!REQUEST_ISSET_POST(('pass'))) {
// Password not entered
- define('__ERROR_MSG', DOUBLER_FORM_404_PASSWORD);
- } elseif (empty($_POST['points'])) {
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD'));
+ } elseif (!REQUEST_ISSET_POST(('points'))) {
// points not entered
- define('__ERROR_MSG', DOUBLER_FORM_404_POINTS);
+ define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS'));
}
}
if (!defined('__ERROR_MSG')) define('__ERROR_MSG' , "");
// Shall I check for points immediately?
- if (getConfig('doubler_send_mode') == "DIRECT") require(PATH."inc/doubler_send.php");
+ if (getConfig('doubler_send_mode') == "DIRECT") LOAD_INC("inc/doubler_send.php");
// Output header
- include(PATH."inc/header.php");
+ LOAD_INC("inc/header.php");
// Banner in text
define('__DOUBLER_BANNER', LOAD_TEMPLATE("doubler_banner", true));
// Text "Enter login"
if (EXT_IS_ACTIVE("nickname")) {
// Choose login/nickname
- define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN_NICKNAME);
+ define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN_NICKNAME'));
} else {
// Simple login ID
- define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN);
+ define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN'));
}
// Which mail-send-mode did the admin setup?
switch (getConfig('doubler_send_mode'))
{
case "DIRECT":
- define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_DIRECT);
+ define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_DIRECT'));
break;
case "RESET":
- define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_RESET);
+ define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_RESET'));
break;
}
LOAD_TEMPLATE("doubler_index");
// Output footer
- include(PATH."inc/footer.php");
+ LOAD_INC("inc/footer.php");
} else {
// You have to install first!
LOAD_URL("install.php");
projects / mailer.git / blobdiff