************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
global $_CONFIG;
// Do some pre-checks
- if (!IS_LOGGED_IN()) {
+ if (!IS_MEMBER()) {
// Not a member
return false;
} elseif (!VALIDATE_URL($url)) {
$uid = bigintval($urlData['uid']);
// Is the id set?
- if (empty($uid)) $uid = "0";
+ if (empty($uid)) $uid = 0;
// Just run the insert query for now
SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_surfbar_urls (userid, url, reward, costs, status) VALUES('%s', '%s', %s, %s, '%s')",
eval($eval);
// Send the notification out
- SEND_ADMIN_NOTIFICATION($subject, $templateName, $content, $content['uid']);
+ return SEND_ADMIN_NOTIFICATION($subject, $templateName, $content, $content['uid']);
}
// Notify the user about the performed action
function SURFBAR_NOTIFY_USER ($messageType, $content) {
+ // Skip notification if userid is zero
+ if ($content['uid'] == 0) {
+ return false;
+ } // END - if
+
// Prepare template name
$templateName = sprintf("member_surfbar_%s", $messageType);
$mailText = LOAD_EMAIL_TEMPLATE($templateName, $content);
// Send the email
- SEND_EMAIL($content['uid'], $subject, $mailText);
+ return SEND_EMAIL($content['uid'], $subject, $mailText);
}
// Translate the URL status
function SURFBAR_TRANSLATE_STATUS ($status) {
global $_CONFIG;
// Is the user 0 and user is logged in?
- if (($uid == 0) && (IS_LOGGED_IN())) {
+ if (($uid == 0) && (IS_MEMBER())) {
// Then use this userid
$uid = $GLOBALS['userid'];
} elseif ($uid == 0) {
function SURFBAR_GENERATE_VALIDATION_CODE ($id, $salt="") {
global $_CONFIG, $SURFBAR_CACHE;
+ // @TODO Invalid salt should be refused
+ $SURFBAR_CACHE['salt'] = "INVALID";
+
+ // Get code length from config
+ $length = $_CONFIG['code_length'];
+
+ // Fix length to 10
+ if ($length == 0) $length = 10;
+
// Generate a code until the length matches
$valCode = "";
- while (strlen($valCode) != $_CONFIG['code_length']) {
+ while (strlen($valCode) != $length) {
// Is the salt set?
if (empty($salt)) {
// Generate random hashed string
}
// ... and now the validation code
- $valCode = GEN_RANDOM_CODE($_CONFIG['code_length'], sha1(SURFBAR_GET_SALT().":".$id), $GLOBALS['userid']);
+ $valCode = GEN_RANDOM_CODE($length, sha1(SURFBAR_GET_SALT().":".$id), $GLOBALS['userid']);
//DEBUG_LOG(__FUNCTION__.":valCode={$valCode}");
} // END - while
$UIDs = array();
// Do we have a current user id?
- if (IS_LOGGED_IN()) {
+ if (IS_MEMBER()) {
// Then add this as well
$UIDs[] = $GLOBALS['userid'];
GROUP BY sbu.id", __FILE__, __LINE__);
// Log last query
- //DEBUG_LOG(__FUNCTION__.":lastQuery=".$_CONFIG['db_last_query']."|numRows=".SQL_NUMROWS($result)."|Affected=".SQL_AFFECTEDROWS($result)."");
+ //DEBUG_LOG(__FUNCTION__.":lastQuery=".$_CONFIG['db_last_query']."|numRows=".SQL_NUMROWS($result)."|Affected=".SQL_AFFECTEDROWS()."");
// Fetch max rand
$maxRand = SQL_NUMROWS($result);
}
// Is there an id number?
- //DEBUG_LOG(__FUNCTION__.":lastQuery=".$_CONFIG['db_last_query']."|numRows=".SQL_NUMROWS($result)."|Affected=".SQL_AFFECTEDROWS($result)."");
+ //DEBUG_LOG(__FUNCTION__.":lastQuery=".$_CONFIG['db_last_query']."|numRows=".SQL_NUMROWS($result)."|Affected=".SQL_AFFECTEDROWS()."");
if (SQL_NUMROWS($result) == 1) {
// Load/cache data
//DEBUG_LOG(__FUNCTION__.":count(".count($SURFBAR_CACHE).") - BEFORE");
if ((!isset($SURFBAR_CACHE['last_surfed'])) || (is_null($SURFBAR_CACHE['last_surfed']))) {
// Fix it here
//DEBUG_LOG(__FUNCTION__.":last_surfed - FIXED!");
- $SURFBAR_CACHE['last_surfed'] = "0";
+ $SURFBAR_CACHE['last_surfed'] = 0;
} // END - if
// Get base/fixed reward and costs