- if (SQL_NUMROWS($result) == 1) {
- // Load data
- list($pool, $URL, $title) = SQL_FETCHROW($result);
-
- // Free result
- SQL_FREERESULT($result);
-
- // Compile extra title
- $title = COMPILE_CODE($title);
-
- // Set it
- setExtraTitle($title);
-
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT status, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array($url_uid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($status, $gender, $sname, $fname) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if ($status == 'CONFIRMED') {
- // User has confirmed his account so we can procede...
- switch ($ltype)
- {
- case 'NORMAL':
- $result = SQL_QUERY_ESC("SELECT payment_id FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE pool_id=%s LIMIT 1",
- array(bigintval($pool)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($pay) = SQL_FETCHROW($result);
- $time = getPaymentPoints($pay, 'time');
- $payment = getPaymentPoints($pay, 'payment');
- $isValid = true;
- }
-
- // Free memory
- SQL_FREERESULT($result);
- break;
-
- case 'BONUS':
- $result = SQL_QUERY_ESC("SELECT points, time FROM `{!_MYSQL_PREFIX!}_bonus` WHERE `id`=%s LIMIT 1",
- array($url_bid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- list($points, $time) = SQL_FETCHROW($result);
- $payment = '0.00000';
- $isValid = true;
- }
-
- // Free memory
- SQL_FREERESULT($result);
- break;
- }
+// Is ext-other active?
+redirectOnUninstalledExtension('other');
+
+// Init data
+$data = array(
+ 'error_code' => '0',
+ 'userid' => '0',
+ 'id' => '0',
+ 'code' => '0',
+ 'do' => 'frames',
+ 'type' => '',
+);
+
+// Secure all data
+if (isGetRequestElementSet('userid')) $data['userid'] = bigintval(getRequestElement('userid'));
+if (isGetRequestElementSet('id')) $data['id'] = bigintval(getRequestElement('id'));
+if (isGetRequestElementSet('code')) $data['code'] = bigintval(getRequestElement('code'));
+if (isGetRequestElementSet('do')) $data['do'] = getRequestElement('do');
+if (isGetRequestElementSet('type')) $data['type'] = getRequestElement('type');
+
+// @TODO Improve check on $data['type'], empty() is not very much ...
+if ((isValidId($data['userid'])) && (isValidId($data['id'])) && (!empty($data['type'])) && (!ifFatalErrorsDetected())) {
+ // Is 'do' still "frames"?
+ if ($data['do'] == 'frames') {
+ // This is a frameset module
+ $GLOBALS['frameset_mode'] = TRUE;
+ } // END - if
+
+ // No image?
+ if ($data['do'] != 'img') {
+ // ... then output header
+ loadIncludeOnce('inc/header.php');
+ } // END - fi
+
+ // Init result for below sqlNumRows() function
+ $result_main = FALSE;
+
+ // Maybe he wants to confirm an email?
+ switch ($data['type']) {
+ case 'normal':
+ $result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
+ array($data['id'], $data['userid']), __FILE__, __LINE__);
+ break;
+
+ case 'bonus':
+ $result_main = sqlQueryEscaped("SELECT `id` AS `link_id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ array($data['id'], $data['userid']), __FILE__, __LINE__);
+ break;
+
+ default: // Not detected
+ reportBug(__FILE__, __LINE__, 'No valid type=' . $data['type'] . ' set.');
+ break;
+ } // END - switch
+
+ // Is an entry found?
+ if (sqlNumRows($result_main) == 1) {
+ // Is the stats id valid?
+ $data = merge_array($data, sqlFetchArray($result_main));
+
+ // Init result here with invalid to avoid possible missing variable
+ $result_mailid = FALSE;
+
+ // @TODO Rewrite this to a filter/function
+ switch ($data['link_type']) {
+ case 'NORMAL':
+ $result_mailid = sqlQueryEscaped("SELECT `pool_id`, `userid` AS `sender`, `url` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
+ array($data['id']), __FILE__, __LINE__);
+ break;
+
+ case 'BONUS':
+ $result_mailid = sqlQueryEscaped("SELECT `id` AS `pool_id`, `is_notify`, `url` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ array($data['id']), __FILE__, __LINE__);
+ break;
+
+ default: // Unknown type
+ reportBug(__FILE__, __LINE__, 'Unknown mail type ' . $data['link_type'] . ' detected.');
+ break;
+ } // END - switch
+
+ // Entry found?
+ if (sqlNumRows($result_mailid) == 1) {
+ // Load data
+ $data = merge_array($data, sqlFetchArray($result_mailid));