TODO updated, my website is now approved
[mailer.git] / mailid_top.php
index 137a272..927610b 100644 (file)
@@ -66,11 +66,11 @@ $code = '0';
 $mode = '';
 
 // Secure all data
-if (isGetRequestElementSet('userid'))  $url_userid = bigintval(getRequestElement('userid'));
-if (isGetRequestElementSet('mailid'))  $url_mid    = bigintval(getRequestElement('mailid'));
-if (isGetRequestElementSet('bonusid')) $url_bid    = bigintval(getRequestElement('bonusid'));
-if (isGetRequestElementSet('code'))    $code       = bigintval(getRequestElement('code'));
-if (isGetRequestElementSet('mode'))    $mode       = getRequestElement('mode');
+if (isGetRequestParameterSet('userid'))  $url_userid = bigintval(getRequestParameter('userid'));
+if (isGetRequestParameterSet('mailid'))  $url_mid    = bigintval(getRequestParameter('mailid'));
+if (isGetRequestParameterSet('bonusid')) $url_bid    = bigintval(getRequestParameter('bonusid'));
+if (isGetRequestParameterSet('code'))    $code       = bigintval(getRequestParameter('code'));
+if (isGetRequestParameterSet('mode'))    $mode       = getRequestParameter('mode');
 
 // 01           1        12            2    2            21    1                   22     10
 if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == '0')) {
@@ -240,7 +240,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                                        insertUserStatsRecord($url_userid, $type, $stats_data);
 
                                                                        // Right code entered?
-                                                                       if (bigintval(postRequestElement('gfx_check')) == $img_code) {
+                                                                       if (bigintval(postRequestParameter('gfx_check')) == $img_code) {
                                                                                // Add points over referal system is the default
                                                                                $locked = false;
                                                                                $template = 'mailid_points_done';
@@ -288,7 +288,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 
                                                                                // Load template
                                                                                loadTemplate($template, false, $content);
-                                                                       } else {
+                                                                       } elseif ($sender > 0) {
                                                                                // Wrong image code! So add points to sender's account
                                                                                addPointsDirectly('mailid_payback', $sender, $payment);
 
@@ -325,6 +325,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 
                                                                                // Load template
                                                                                loadTemplate($templ, false, $content);
+                                                                       } else {
+                                                                               // Cannot confirm!
+                                                                               debug_report_bug('No code given.');
                                                                        }
                                                                        break;
 
@@ -348,30 +351,30 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                                        break;
                                                        } // END - switch
                                                } else {
-                                                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (6)</div>");
+                                                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (6)</div>');
                                                        $mode = 'failed';
                                                }
                                        } else {
-                                               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (5)</div>");
+                                               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (5)</div>');
                                                $mode = 'failed';
                                        }
                                } else {
-                                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (4)</div>");
+                                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (4)</div>');
                                        $mode = 'failed';
                                }
                        } else {
                                SQL_FREERESULT($result);
-                               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (3)</div>");
+                               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (3)</div>');
                                $mode = 'failed';
                        }
                } else {
                        SQL_FREERESULT($result);
-                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (2)</div>");
+                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (2)</div>');
                        $mode = 'failed';
                }
        } else {
                SQL_FREERESULT($result);
-               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (1)</div>");
+               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (1)</div>');
                $mode = 'failed';
        }