$url_mid = 0;
// Secure all data
-if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid'));
-if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid'));
-if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
+if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid'));
+if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid'));
+if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
-// 01 1 12 3 32 21 1 22 10
+// 01 1 12 2 2 21 1 22 10
if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
+ // Init result
+ $result_link = false;
+
// Maybe he wants to confirm an email?
if ($url_mid > 0) {
// Normal-Mails
- $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
+ $result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
array($url_mid, $url_userid), __FILE__, __LINE__);
$type = 'mailid'; $urlId = $url_mid;
} elseif ($url_bid > 0) {
// Bonus-Mail
- $result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ $result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
array($url_bid, $url_userid), __FILE__, __LINE__);
$type = 'bonusid'; $urlId = $url_bid;
} else {
- // Problem: No ID entered
+ // Problem: No id entered
redirectToUrl('index.php');
}
- if (SQL_NUMROWS($result) == 1) {
+ if (SQL_NUMROWS($result_link) == 1) {
// Load the entry
- list($ltype) = SQL_FETCHROW($result);
-
- // Clean result
- SQL_FREERESULT($result);
+ list($ltype) = SQL_FETCHROW($result_link);
// @TODO Rewrite this to a filter
- switch ($ltype)
- {
+ switch ($ltype) {
case 'NORMAL':
- // Is the stats ID valid?
+ // Is the stats id valid?
$result = SQL_QUERY_ESC("SELECT pool_id, url, subject FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
array($url_mid), __FILE__, __LINE__);
break;
// Set it
setExtraTitle($title);
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($status, $gender, $surname, $family) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if ($status == 'CONFIRMED') {
+ // Is the user's id unlocked?
+ if (fetchUserData($url_userid)) {
+ // Status must be CONFIRMED
+ if (getUserData('status') == 'CONFIRMED') {
// User has confirmed his account so we can procede...
// @TODO Rewrite this to a filter
switch ($ltype) {
$errorCode = getCode('POSSIBLE_INVALID');
}
} else {
- $errorCode = getCode('ACCOUNT_' . $status);
+ $errorCode = getCode('ACCOUNT_' . getUserData('status'));
}
} else {
- SQL_FREERESULT($result);
$errorCode = getCode('USER_404');
}
} else {
- SQL_FREERESULT($result);
$errorCode = getCode('STATS_404');
}
} else {
- SQL_FREERESULT($result);
$errorCode = getCode('ALREADY_CONFIRMED');
}
+
+ // Free result
+ SQL_FREERESULT($result_link);
} else {
// Nothing entered
$errorCode = getCode('ERROR_MAILID');
projects / mailer.git / blobdiff