// Set content type
setContentType('text/html');
-// Is the extension active
+// Is the extension mailid active?
redirectOnUninstalledExtension('mailid');
-// Secure all data
+// Is the extension other active?
+redirectOnUninstalledExtension('other');
+
+// Init variables
$url_userid = 0;
$url_bid = 0;
$url_mid = 0;
$code = 0;
$mode = '';
+// Secure all data
if (isGetRequestElementSet('userid')) $url_userid = bigintval(getRequestElement('userid'));
if (isGetRequestElementSet('mailid')) $url_mid = bigintval(getRequestElement('mailid'));
if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
if (isGetRequestElementSet('code')) $code = bigintval(getRequestElement('code'));
if (isGetRequestElementSet('mode')) $mode = getRequestElement('mode');
-// 01 1 12 2 2 21 1 22 10
+// 01 1 12 2 2 21 1 22 10
if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
// No image? Then output header
if ($mode != 'img') loadIncludeOnce('inc/header.php');
array($url_mid, $url_userid), __FILE__, __LINE__);
$type = 'mailid'; $urlId = $url_mid;
} elseif ($url_bid > 0) {
- $result = SQL_QUERY_ESC("SELECT `id`, link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
array($url_bid, $url_userid), __FILE__, __LINE__);
$type = 'bonusid'; $urlId = $url_bid;
}
if (SQL_NUMROWS($result) == 1) {
- // Is the stats ID valid?
+ // Is the stats id valid?
list($lid, $ltype) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
+ // Init result here with invalid to avoid possible missing variable
+ $result_mailid = false;
+
// @TODO Rewrite this to a filter
switch ($ltype) {
case 'NORMAL':
break;
case 'BONUS':
- $result_mailid = SQL_QUERY_ESC("SELECT `id, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ $result_mailid = SQL_QUERY_ESC("SELECT `id`, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
array($url_bid), __FILE__, __LINE__);
break;
// Set sender to 0 when we have a bonus mail
if ($ltype == 'BONUS') $sender = 0;
- // Is the user's ID unlocked?
+ // Is the user's id unlocked?
$result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
array($url_userid), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {