// Set content type
setContentType('text/html');
-// Is the extension active
+// Is the extension mailid active?
redirectOnUninstalledExtension('mailid');
-// Secure all data
+// Is the extension other active?
+redirectOnUninstalledExtension('other');
+
+// Init variables
$url_userid = 0;
$url_bid = 0;
$url_mid = 0;
$code = 0;
$mode = '';
+// Secure all data
if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid'));
if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid'));
if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
if (isGetRequestElementSet('code')) $code = bigintval(getRequestElement('code'));
if (isGetRequestElementSet('mode')) $mode = getRequestElement('mode');
-// 01 1 12 2 2 21 1 22 10
+// 01 1 12 2 2 21 1 22 10
if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
// No image? Then output header
if ($mode != 'img') loadIncludeOnce('inc/header.php');
array($url_mid, $url_userid), __FILE__, __LINE__);
$type = 'mailid'; $urlId = $url_mid;
} elseif ($url_bid > 0) {
- $result = SQL_QUERY_ESC("SELECT `id`, link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
array($url_bid, $url_userid), __FILE__, __LINE__);
$type = 'bonusid'; $urlId = $url_bid;
}
if (SQL_NUMROWS($result) == 1) {
- // Is the stats ID valid?
+ // Is the stats id valid?
list($lid, $ltype) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
+ // Init result here with invalid to avoid possible missing variable
+ $result_mailid = false;
+
// @TODO Rewrite this to a filter
switch ($ltype) {
case 'NORMAL':
break;
case 'BONUS':
- $result_mailid = SQL_QUERY_ESC("SELECT `id, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ $result_mailid = SQL_QUERY_ESC("SELECT `id`, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
array($url_bid), __FILE__, __LINE__);
break;
// Set sender to 0 when we have a bonus mail
if ($ltype == 'BONUS') $sender = 0;
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load data
- list($status, $gender, $surname, $family, $ref_pay) = SQL_FETCHROW($result);
-
- // Free some memory
- SQL_FREERESULT($result);
-
- if ($status == 'CONFIRMED') {
+ // Is the user id valid?
+ if (fetchUserData($url_userId) === true) {
+ // Is the user status CONFIRMED?
+ if (getUserData('status') == 'CONFIRMED') {
// User has confirmed his account so we can procede...
// @TODO Rewrite this to a filter
switch ($ltype) {
if (getExtensionVersion('user') >= '0.1.2') {
// Update counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
+ array($url_userid), __FILE__, __LINE__);
// Update random confirmed as well?
if (getExtensionVersion('user') >= '0.3.4') {
// Update second counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
+ array($url_userid), __FILE__, __LINE__);
} // END - if
} // END - if
$template = 'mailid_points_done';
// Right code entered add points and remove entry
- if (($ref_pay > 0) && (getConfig('allow_direct_pay') != 'Y')) {
+ if ((getUserData('ref_payout') > 0) && (getConfig('allow_direct_pay') != 'Y')) {
// Don't add points over the referal system
$locked = true;
$template = 'mailid_points_locked';