projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security line in all includes changed
[mailer.git] / inc / doubler_send.php
diff --git a/inc/doubler_send.php b/inc/doubler_send.php
index 8aab915b5fae453da849a917739a0f9a832f68a4..782af6b03d47df7831bb768271ba951429a36918 100644 (file)
--- a/inc/doubler_send.php
+++ b/inc/doubler_send.php
@@ -32,13 +32,13 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
 
 // Initialize variables
-$jackpot = "0"; $user = "0";
+$jackpot = 0; $user = 0;
 
 // Get total points of the doubler itself
 $DOUBLER_POINTS = DOUBLER_GET_TOTAL_POINTS_LEFT();
@@ -51,7 +51,7 @@ if ($DOUBLER_POINTS == 0) {
 unset($_GET['DOUBLER_UID']);
 unset($_POST['DOUBLER_UID']);
 set_session('DOUBLER_UID', "");
-if (empty($DOUBLER_UID)) $DOUBLER_UID = "0";
+if (empty($DOUBLER_UID)) $DOUBLER_UID = 0;
 
 // Check for doubles which we can pay out
 $min = bigintval($_CONFIG['doubler_min'] * 2);
@@ -71,11 +71,11 @@ WHERE u.status='CONFIRMED' AND d.points <= %s AND d.points >= %s AND d.completed
 ORDER BY d.timemark
 LIMIT %d", array($DOUBLER_POINTS, $min, $_CONFIG['doubler_max_sent']), __FILE__, __LINE__);
 
-if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y')) || ((SQL_NUMROWS($result_main) == $_CONFIG['doubler_group_sent']) && ($_CONFIG['doubler_sent_all'] == 'N')))
+if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == "Y")) || ((SQL_NUMROWS($result_main) == $_CONFIG['doubler_group_sent']) && ($_CONFIG['doubler_sent_all'] == "N")))
 {
        // Switch to matching SQL resource
        $result_load = $result_main;
-       if ((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y')) $result_load = $result_total;
+       if ((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == "Y")) $result_load = $result_total;
 
        // At least one account was found
        while(list($id, $uid, $points, $ip, $time) = SQL_FETCHROW($result_load))
@@ -84,7 +84,7 @@ if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y'))
                if ($DOUBLER_POINTS >= $points)
                {
                        // Check for his ref points
-                       $result_ref = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_doubler WHERE refid=%d AND completed='N' AND is_ref='Y'",
+                       $result_ref = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_doubler WHERE refid=%s AND completed='N' AND is_ref='Y'",
                         array(bigintval($uid)), __FILE__, __LINE__);
                        list($ref) = SQL_FETCHROW($result_ref);
 
@@ -97,20 +97,20 @@ if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y'))
                        {
                                // Referral points found so add them and set line(s) to completed='Y'
                                $points += $ref;
-                               $result_ref = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_doubler SET completed='Y' WHERE refid=%d AND completed='N' AND is_ref='Y'",
+                               $result_ref = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_doubler SET completed='Y' WHERE refid=%s AND completed='N' AND is_ref='Y'",
                                 array(bigintval($uid)), __FILE__, __LINE__);
                        }
                         else
                        {
                                // No referral points found
-                               $ref = "0";
+                               $ref = 0;
                        }
 
                        // Exclude webmaster from doubling...
                        if ($uid != $_CONFIG['doubler_uid'])
                        {
                                // Add points
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1",
+                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%s AND ref_depth=0 LIMIT 1",
                                 array($points, bigintval($uid)), __FILE__, __LINE__);
 
                                // Update mediadata as well
@@ -122,12 +122,12 @@ if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y'))
                        }
 
                        // Set entry as "payed"
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_doubler SET completed='Y' WHERE id=%d LIMIT 1",
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_doubler SET completed='Y' WHERE id=%s LIMIT 1",
                         array(bigintval($id)), __FILE__, __LINE__);
 
                        $OK = false;
                        // Check for jackpot inclusion in doubling process
-                       if (($jackpot > 0) && ($jackpot >= $points) && ($_CONFIG['doubler_jackpot'] == 'Y'))
+                       if (($jackpot > 0) && ($jackpot >= $points) && ($_CONFIG['doubler_jackpot'] == "Y"))
                        {
                                // Subtract points from jackpot
                                SUB_JACKPOT($points);
@@ -141,32 +141,16 @@ if (((SQL_NUMROWS($result_total) > 0) && ($_CONFIG['doubler_sent_all'] == 'Y'))
                        if (($user > 0) && ($user >= $points) && (!$OK) && ($_CONFIG['doubler_uid'] > 0) && ($uid != $_CONFIG['doubler_uid']))
                        {
                                // Add points to used points
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid='%d' LIMIT 1",
-                                array($points, $_CONFIG['doubler_uid']), __FILE__, __LINE__);
-
-                               // Update mediadata as well
-                               if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-                               {
-                                       // Update database
-                                       MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points);
-                               }
+                               SUB_POINTS($_CONFIG['doubler_uid'], $points);
 
                                // Okay, done!
                                $OK = true;
                        }
 
                        // Update doubler's account only when others are not updated
-                       if (!$OK)
-                       {
+                       if (!$OK) {
                                // Add points to used doubler points
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET doubler_used=doubler_used+%s WHERE config=0 LIMIT 1",
-                                array($points), __FILE__, __LINE__);
-
-                               // Destroy cache
-                               if (GET_EXT_VERSION("cache") >= "0.1.2")
-                               {
-                                       if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
-                               }
+                               UPDATE_CONFIG("douber_used", $points, "+");
                        }
 
                        // Update variables to prevent errors
Mailer-Project repository