- Daily/weekly/monthly reset completely rewritten
[mailer.git] / mailid_top.php
index a4d1b72..23e7673 100644 (file)
@@ -37,8 +37,6 @@ require_once("inc/libs/security_functions.php");
 // Init "action" and "what"
 global $what, $action;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
 
 // Tell everyone we are in this module
 $GLOBALS['module'] = "mailid";  $CSS = "0";
@@ -46,7 +44,7 @@ $GLOBALS['module'] = "mailid";  $CSS = "0";
 // Load the required file(s)
 require ("inc/config.php");
 
-if (defined('mxchange_installed') && (mxchange_installed))
+if (defined('mxchange_installed') && (isBooleanConstantAndTrue('mxchange_installed')))
 {
        // Is the extension active
        if (!EXT_IS_ACTIVE("mailid", true)) {
@@ -70,15 +68,15 @@ if (defined('mxchange_installed') && (mxchange_installed))
                // Maybe he wants to confirm an email?
                if ($url_mid > 0)
                {
-                       $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d AND userid=%d LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s AND userid=%s LIMIT 1",
                         array($url_mid, $url_uid), __FILE__, __LINE__);
-                       $TYPE = "mailid"; $DATA = $url_mid;
+                       $type = "mailid"; $DATA = $url_mid;
                }
                 elseif ($url_bid > 0)
                {
-                       $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%d AND userid=%d LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%s AND userid=%s LIMIT 1",
                         array($url_bid, $url_uid), __FILE__, __LINE__);
-                       $TYPE = "bonusid"; $DATA = $url_bid;
+                       $type = "bonusid"; $DATA = $url_bid;
                }
                if (SQL_NUMROWS($result) == 1)
                {
@@ -88,12 +86,12 @@ if (defined('mxchange_installed') && (mxchange_installed))
                        switch ($ltype)
                        {
                        case "NORMAL":
-                               $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%d LIMIT 1",
+                               $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%s LIMIT 1",
                                 array($url_mid), __FILE__, __LINE__);
                                break;
 
                        case "BONUS":
-                               $result_mailid = SQL_QUERY_ESC("SELECT id, id, is_notify FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+                               $result_mailid = SQL_QUERY_ESC("SELECT id, id, is_notify FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
                                 array($url_bid), __FILE__, __LINE__);
                                break;
                        }
@@ -111,7 +109,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                if ($ltype == "BONUS") $sender = 0;
 
                                // Is the user's ID unlocked?
-                               $result = SQL_QUERY_ESC("SELECT status, sex, surname, family, ref_payout FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+                               $result = SQL_QUERY_ESC("SELECT status, sex, surname, family, ref_payout FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
                                 array($url_uid), __FILE__, __LINE__);
                                if (SQL_NUMROWS($result) == 1)
                                {
@@ -122,14 +120,14 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                        if ($status == "CONFIRMED")
                                        {
                                                // Update last activity
-                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_online=UNIX_TIMESTAMP(), last_module='mailid_top' WHERE userid=%d LIMIT 1",
+                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_online=UNIX_TIMESTAMP(), last_module='mailid_top' WHERE userid=%s LIMIT 1",
                                                 array($url_uid), __FILE__, __LINE__);
 
                                                // User has confirmed his account so we can procede...
                                                switch ($ltype)
                                                {
                                                case "NORMAL":
-                                                       $result = SQL_QUERY_ESC("SELECT payment_id FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%d LIMIT 1",
+                                                       $result = SQL_QUERY_ESC("SELECT payment_id FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%s LIMIT 1",
                                                         array(bigintval($pool)), __FILE__, __LINE__);
                                                        if (SQL_NUMROWS($result) == 1)
                                                        {
@@ -144,7 +142,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                        break;
 
                                                case "BONUS":
-                                                       $result = SQL_QUERY_ESC("SELECT time, points FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+                                                       $result = SQL_QUERY_ESC("SELECT time, points FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
                                                         array(bigintval($pool)), __FILE__, __LINE__);
                                                        if (SQL_NUMROWS($result) == 1)
                                                        {
@@ -158,13 +156,13 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                }
                                                if ($VALID)
                                                {
-                                                       if (($time == "0") && ($payment >0)) $time = "1";
+                                                       if (($time == "0") && ($payment > 0)) $time = "1";
                                                        if (($time > 0) && ($payment > 0))
                                                        {
                                                                if (!empty($code))
                                                                {
                                                                        // Generate code
-                                                                       $img_code = GEN_RANDOM_CODE($CONFIG['code_length'], $code, $url_uid, $DATA);
+                                                                       $img_code = GEN_RANDOM_CODE($_CONFIG['code_length'], $code, $url_uid, $DATA);
                                                                }
 
                                                                switch ($mode)
@@ -174,7 +172,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                        switch ($ltype)
                                                                        {
                                                                        case "NORMAL":
-                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET clicks=clicks+1 WHERE id=%d LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET clicks=clicks+1 WHERE id=%s LIMIT 1",
                                                                                 array($url_mid), __FILE__, __LINE__);
 
                                                                                // Update mediadata as well
@@ -186,7 +184,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                                break;
 
                                                                        case "BONUS":
-                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_bonus SET clicks=clicks+1 WHERE id=%d LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_bonus SET clicks=clicks+1 WHERE id=%s LIMIT 1",
                                                                                 array($url_bid), __FILE__, __LINE__);
 
                                                                                // Update mediadata as well
@@ -206,7 +204,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                        if (GET_EXT_VERSION("user") >= "0.1.2")
                                                                        {
                                                                                // Update counter
-                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET mails_confirmed=mails_confirmed+1 WHERE userid=%d LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET mails_confirmed=mails_confirmed+1 WHERE userid=%s LIMIT 1",
                                                                                 array($url_uid), __FILE__, __LINE__);
                                                                        }
 
@@ -214,7 +212,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                        if (bigintval($_POST['gfx_check']) == $img_code)
                                                                        {
                                                                                // Right code entered add points and remove entry
-                                                                               if (($ref_pay > 0) && ($CONFIG['allow_direct_pay'] == "N"))
+                                                                               if (($ref_pay > 0) && ($_CONFIG['allow_direct_pay'] == "N"))
                                                                                {
                                                                                        // Don't add points over the referral system
                                                                                        $locked = true;
@@ -228,36 +226,37 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                                }
 
                                                                                // Count down ref_payout value
-                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=ref_payout-1 WHERE userid=%d AND ref_payout > 0 LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=ref_payout-1 WHERE userid=%s AND ref_payout > 0 LIMIT 1",
                                                                                 array($url_uid), __FILE__, __LINE__);
 
                                                                                // Add points
+                                                                               $DEPTH = 0;
                                                                                ADD_POINTS_REFSYSTEM($url_uid, $payment, false, "0", $locked);
 
                                                                                // Shall I add bonus points for "turbo clickers" ?
                                                                                if ((GET_EXT_VERSION("bonus") >= "0.2.2") && (function_exists('BONUS_ADD_TURBO_POINTS')))
                                                                                {
                                                                                        // Is an active-rallye running and this is not a notification mail?
-                                                                                       if (($CONFIG['bonus_active'] == "Y") && ($notify == "N"))
+                                                                                       if (($_CONFIG['bonus_active'] == "Y") && ($notify == "N"))
                                                                                        {
                                                                                                // Shall I exclude the webmaster's own userid from the active-rallye?
-                                                                                               if (((($CONFIG['bonus_uid'] == $url_uid) && ($CONFIG['bonus_include_own'] == "Y")) || ($CONFIG['bonus_uid'] != $url_uid)) && ($CONFIG['def_refid'] != $url_uid))
+                                                                                               if (((($_CONFIG['bonus_uid'] == $url_uid) && ($_CONFIG['bonus_include_own'] == "Y")) || ($_CONFIG['bonus_uid'] != $url_uid)) && ($_CONFIG['def_refid'] != $url_uid))
                                                                                                {
                                                                                                        // Add points and remember ranking are done in this function....
-                                                                                                       BONUS_ADD_TURBO_POINTS($DATA, $url_uid, $TYPE);
+                                                                                                       BONUS_ADD_TURBO_POINTS($DATA, $url_uid, $type);
 
                                                                                                        // Set template to mailid_points_done2 which contains a link to the ranking list
                                                                                                        $template = "mailid_points_done2";
                                                                                                        if ($locked) $template = "mailid_points_locked2";
                                                                                                        define('_UID_VALUE' , $url_uid);
-                                                                                                       define('_TYPE_VALUE', $TYPE);
+                                                                                                       define('_TYPE_VALUE', $type);
                                                                                                        define('_DATA_VALUE', TRANSLATE_COMMA($DATA));
                                                                                                }
                                                                                        }
                                                                                }
 
                                                                                // Remove link from table
-                                                                               $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%s LIMIT 1",
                                                                                 array(bigintval($link_id)), __FILE__, __LINE__);
 
                                                                                // Load total points
@@ -272,10 +271,11 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                         else
                                                                        {
                                                                                // Wrong image code! So add points to sender's account
-                                                                               ADD_POINTS_REFSYSTEM($sender, $payment);
+                                                                               $DEPTH = 0;
+                                                                               ADD_POINTS_REFSYSTEM($sender, $payment, false, 0, false, "direct");
 
                                                                                // Remove link from table
-                                                                               $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%d LIMIT 1",
+                                                                               $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE id=%s LIMIT 1",
                                                                                 array(bigintval($link_id)), __FILE__, __LINE__);
 
                                                                                // Load template
@@ -293,13 +293,13 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                                // Export data into constants for the template
                                                                                define('_CODE_VALUE', $code);
                                                                                define('_UID_VALUE' , $url_uid );
-                                                                               define('_TYPE_VALUE', $TYPE);
+                                                                               define('_TYPE_VALUE', $type);
                                                                                define('_DATA_VALUE', $DATA);
                                                                                define('_TEMPLATE_BANNER', LOAD_TEMPLATE("mailid_banner", true));
-                                                                               if ($CONFIG['code_length'] > 0)
+                                                                               if ($_CONFIG['code_length'] > 0)
                                                                                {
                                                                                        // Generate Code
-                                                                                       define('_IMAGE_CODE', IMG_CODE($code, $TYPE, $DATA, $url_uid));
+                                                                                       define('_IMAGE_CODE', IMG_CODE($code, $type, $DATA, $url_uid));
                                                                                        $templ = "mailid_enter_code";
                                                                                }
                                                                                 else
@@ -320,7 +320,7 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                        define('_TIME_VALUE', $time);
                                                                        define('_TIM2_VALUE', strlen($time));
                                                                        define('_UID_VALUE' , $url_uid );
-                                                                       define('_TYPE_VALUE', $TYPE);
+                                                                       define('_TYPE_VALUE', $type);
                                                                        define('_DATA_VALUE', $DATA);
                                                                        define('_RAND_VALUE', rand(0, 99999));
                                                                        define('_TEMPLATE_BANNER', LOAD_TEMPLATE("mailid_banner", true));
@@ -330,28 +330,28 @@ if (defined('mxchange_installed') && (mxchange_installed))
                                                                        break;
                                                                }
                                                        }
-                                                        else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (6)</STRONG>");
+                                                        else OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (6)</STRONG>");
                                                }
-                                                else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (5)</STRONG>");
+                                                else OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (5)</STRONG>");
                                        }
-                                        else OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (4)</STRONG>");
+                                        else OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (4)</STRONG>");
                                }
                                 else
                                {
                                        SQL_FREERESULT($result);
-                                       OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (3)</STRONG>");
+                                       OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (3)</STRONG>");
                                }
                        }
                         else
                        {
                                SQL_FREERESULT($result);
-                               OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (2)</STRONG>");
+                               OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (2)</STRONG>");
                        }
                }
                 else
                {
                        SQL_FREERESULT($result);
-                       OUTPUT_HTML ("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (1)</STRONG>");
+                       OUTPUT_HTML("<STRONG class=\"member_failed\">".MAIL_ALREADY_CONFIRMED." (1)</STRONG>");
                }
                if ($mode != "img")
                {