- // Secure all data
- $url_uid = 0; $url_bid = 0; $url_mid = 0; $code = 0; $mode = "";
- if (REQUEST_ISSET_GET(('uid'))) $url_uid = bigintval(REQUEST_GET('uid'));
- if (REQUEST_ISSET_GET(('mailid'))) $url_mid = bigintval(REQUEST_GET('mailid'));
- if (REQUEST_ISSET_GET(('bonusid'))) $url_bid = bigintval(REQUEST_GET('bonusid'));
- if (REQUEST_ISSET_GET(('code'))) $code = bigintval(REQUEST_GET('code'));
- if (REQUEST_ISSET_GET(('mode'))) $mode = REQUEST_GET('mode');
-
- // 01 1 12 2 2 21 1 22 10
- if (($url_uid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
- // No image? Then output header
- if ($mode != "img") LOAD_INC_ONCE("inc/header.php");
-
- // Maybe he wants to confirm an email?
- if ($url_mid > 0) {
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM `{!_MYSQL_PREFIX!}_user_links` WHERE stats_id=%s AND userid=%s LIMIT 1",
- array($url_mid, $url_uid), __FILE__, __LINE__);
- $type = "mailid"; $DATA = $url_mid;
- } elseif ($url_bid > 0) {
- $result = SQL_QUERY_ESC("SELECT id, link_type FROM `{!_MYSQL_PREFIX!}_user_links` WHERE bonus_id=%s AND userid=%s LIMIT 1",
- array($url_bid, $url_uid), __FILE__, __LINE__);
- $type = "bonusid"; $DATA = $url_bid;
- }
-
- if (SQL_NUMROWS($result) == 1) {
- // Is the stats ID valid?
- list($lid, $ltype) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- switch ($ltype)
- {
- case "NORMAL":
- $result_mailid = SQL_QUERY_ESC("SELECT pool_id, userid, id FROM `{!_MYSQL_PREFIX!}_user_stats` WHERE id=%s LIMIT 1",