Possible final fixes for user login, debug lines rewritten to logfile, some old lost...

[mailer.git] / mailid_top.php
diff --git a/mailid_top.php b/mailid_top.php

index c5fab11c92e0ccf609f5005824d052a2f8abe86b..927610b030de67121626f827ce3019d8f363ccd7 100644 (file)
--- a/mailid_top.php
+++ b/mailid_top.php
@@ -1,7 +1,7 @@
  <?php
  /************************************************************************
- * MXChange v0.2.1                                    Start: 11/14/2003 *
- * ===============                              Last change: 11/13/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 11/14/2003 *
+ * ===================                          Last change: 11/13/2004 *
   *                                                                      *
   * -------------------------------------------------------------------- *
   * File              : mailid_top.php                                   *
@@ -52,25 +52,28 @@ require('inc/config-global.php');
  // Set content type
  setContentType('text/html');
  
-// Is the extension active
+// Is the extension mailid active?
  redirectOnUninstalledExtension('mailid');
  
+// Is the extension other active?
+redirectOnUninstalledExtension('other');
+
  // Init variables
-$url_userid = 0;
-$url_bid = 0;
-$url_mid = 0;
-$code = 0;
+$url_userid = '0';
+$url_bid = '0';
+$url_mid = '0';
+$code = '0';
  $mode = '';
  
  // Secure all data
-if (isGetRequestElementSet('userid'))  $url_userid = bigintval(getRequestElement('userid'));
-if (isGetRequestElementSet('mailid'))  $url_mid    = bigintval(getRequestElement('mailid'));
-if (isGetRequestElementSet('bonusid')) $url_bid    = bigintval(getRequestElement('bonusid'));
-if (isGetRequestElementSet('code'))    $code       = bigintval(getRequestElement('code'));
-if (isGetRequestElementSet('mode'))    $mode       = getRequestElement('mode');
+if (isGetRequestParameterSet('userid'))  $url_userid = bigintval(getRequestParameter('userid'));
+if (isGetRequestParameterSet('mailid'))  $url_mid    = bigintval(getRequestParameter('mailid'));
+if (isGetRequestParameterSet('bonusid')) $url_bid    = bigintval(getRequestParameter('bonusid'));
+if (isGetRequestParameterSet('code'))    $code       = bigintval(getRequestParameter('code'));
+if (isGetRequestParameterSet('mode'))    $mode       = getRequestParameter('mode');
  
  // 01           1        12            2    2            21    1                   22     10
-if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
+if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == '0')) {
         // No image? Then output header
         if ($mode != 'img') loadIncludeOnce('inc/header.php');
  
@@ -80,13 +83,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                         array($url_mid, $url_userid), __FILE__, __LINE__);
                 $type = 'mailid'; $urlId = $url_mid;
         } elseif ($url_bid > 0) {
-               $result = SQL_QUERY_ESC("SELECT `id`, link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
                         array($url_bid, $url_userid), __FILE__, __LINE__);
                 $type = 'bonusid'; $urlId = $url_bid;
         }
  
         if (SQL_NUMROWS($result) == 1) {
-               // Is the stats ID valid?
+               // Is the stats id valid?
                 list($lid, $ltype) = SQL_FETCHROW($result);
                 SQL_FREERESULT($result);
  
@@ -101,7 +104,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                 break;
  
                         case 'BONUS':
-                               $result_mailid = SQL_QUERY_ESC("SELECT `id, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+                               $result_mailid = SQL_QUERY_ESC("SELECT `id`, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
                                         array($url_bid), __FILE__, __LINE__);
                                 break;
  
@@ -122,19 +125,12 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                         SQL_FREERESULT($result_mailid);
  
                         // Set sender to 0 when we have a bonus mail
-                       if ($ltype == 'BONUS') $sender = 0;
-
-                       // Is the user's ID unlocked?
-                       $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
-                               array($url_userid), __FILE__, __LINE__);
-                       if (SQL_NUMROWS($result) == 1) {
-                               // Load data
-                               list($status, $gender, $surname, $family, $ref_pay) = SQL_FETCHROW($result);
-
-                               // Free some memory
-                               SQL_FREERESULT($result);
+                       if ($ltype == 'BONUS') $sender = '0';
  
-                               if ($status == 'CONFIRMED') {
+                       // Is the user id valid?
+                       if (fetchUserData($url_userid) === true) {
+                               // Is the user status CONFIRMED?
+                               if (getUserData('status') == 'CONFIRMED') {
                                         // User has confirmed his account so we can procede...
                                         // @TODO Rewrite this to a filter
                                         switch ($ltype) {
@@ -175,9 +171,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
  
                                         // Is this entry valid?
                                         if ($isValid === true) {
-                                               if (($time == 0) && ($payment > 0)) $time = 1;
+                                               if (($time == '0') && ($payment > 0)) $time = 1;
                                                 if (($time > 0) && ($payment > 0)) {
-                                                       $img_code = 0;
+                                                       $img_code = '0';
                                                         if (!empty($code)) {
                                                                 // Generate code
                                                                 $img_code = generateRandomCode(getConfig('code_length'), $code, $url_userid, $urlId);
@@ -187,7 +183,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                         switch ($mode) {
                                                                 case 'add':
                                                                         // Init stats data
-                                                                       $stats_data = 0;
+                                                                       $stats_data = '0';
  
                                                                         // Count clicks
                                                                         // @TODO Rewrite this to a filter
@@ -230,13 +226,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                                         if (getExtensionVersion('user') >= '0.1.2') {
                                                                                 // Update counter
                                                                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1",
-                                                                               array($url_userid), __FILE__, __LINE__);
+                                                                                       array($url_userid), __FILE__, __LINE__);
  
                                                                                 // Update random confirmed as well?
                                                                                 if (getExtensionVersion('user') >= '0.3.4') {
                                                                                         // Update second counter
                                                                                         SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE `userid`=%s LIMIT 1",
-                                                                                       array($url_userid), __FILE__, __LINE__);
+                                                                                               array($url_userid), __FILE__, __LINE__);
                                                                                 } // END - if
                                                                         } // END - if
  
@@ -244,13 +240,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                                         insertUserStatsRecord($url_userid, $type, $stats_data);
  
                                                                         // Right code entered?
-                                                                       if (bigintval(postRequestElement('gfx_check')) == $img_code) {
+                                                                       if (bigintval(postRequestParameter('gfx_check')) == $img_code) {
                                                                                 // Add points over referal system is the default
                                                                                 $locked = false;
                                                                                 $template = 'mailid_points_done';
  
                                                                                 // Right code entered add points and remove entry
-                                                                               if (($ref_pay > 0) && (getConfig('allow_direct_pay') != 'Y')) {
+                                                                               if ((getUserData('ref_payout') > 0) && (getConfig('allow_direct_pay') != 'Y')) {
                                                                                         // Don't add points over the referal system
                                                                                         $locked = true;
                                                                                         $template = 'mailid_points_locked';
@@ -292,7 +288,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
  
                                                                                 // Load template
                                                                                 loadTemplate($template, false, $content);
-                                                                       } else {
+                                                                       } elseif ($sender > 0) {
                                                                                 // Wrong image code! So add points to sender's account
                                                                                 addPointsDirectly('mailid_payback', $sender, $payment);
  
@@ -329,6 +325,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
  
                                                                                 // Load template
                                                                                 loadTemplate($templ, false, $content);
+                                                                       } else {
+                                                                               // Cannot confirm!
+                                                                               debug_report_bug('No code given.');
                                                                         }
                                                                         break;
  
@@ -352,30 +351,30 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
                                                                         break;
                                                         } // END - switch
                                                 } else {
-                                                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (6)</div>");
+                                                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (6)</div>');
                                                         $mode = 'failed';
                                                 }
                                         } else {
-                                               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (5)</div>");
+                                               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (5)</div>');
                                                 $mode = 'failed';
                                         }
                                 } else {
-                                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (4)</div>");
+                                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (4)</div>');
                                         $mode = 'failed';
                                 }
                         } else {
                                 SQL_FREERESULT($result);
-                               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (3)</div>");
+                               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (3)</div>');
                                 $mode = 'failed';
                         }
                 } else {
                         SQL_FREERESULT($result);
-                       loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (2)</div>");
+                       loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (2)</div>');
                         $mode = 'failed';
                 }
         } else {
                 SQL_FREERESULT($result);
-               loadTemplate('admin_settings_saved', false, "<div class=\"member_failed\">{--MAIL_ALREADY_CONFIRMED--} (1)</div>");
+               loadTemplate('admin_settings_saved', false, '<div class="member_failed">{--MAIL_ALREADY_CONFIRMED--} (1)</div>');
                 $mode = 'failed';
         }