X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=beg.php;h=1ef706f9af6c3f5ccc12986b3a1e1b60efbf9499;hp=4446302f5190a711fd93fa163fc05c14c56f87ac;hb=49acdb7a7adbcf25a8e8683b5581bfcec72b23bd;hpb=f3e4c2c048761589836fdbe6bd2e46599a1833a7

diff --git a/beg.php b/beg.php
index 4446302f51..1ef706f9af 100644
--- a/beg.php
+++ b/beg.php
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 01/09/2005 *
- * ===============                              Last change: 01/09/2005 *
+ * Mailer v0.2.1-FINAL                                Start: 01/09/2005 *
+ * ===================                          Last change: 01/09/2005 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : beg.php                                          *
@@ -10,15 +10,9 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Bettel-Link fuer Mitglieder                      *
  * -------------------------------------------------------------------- *
- * $Revision:: 856                                                    $ *
- * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. MÃ¤r 2009)              $ *
- * $Tag:: 0.2.1-FINAL                                                 $ *
- * $Author:: stelzi                                                   $ *
- * Needs to be in all Files and every File needs "svn propset           *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
- * For more information visit: http://www.mxchange.org                  *
+ * Copyright (c) 2003 - 2009 by Roland Haeder                           *
+ * Copyright (c) 2009 - 2015 by Mailer Developer Team                   *
+ * For more information visit: http://mxchange.org                      *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
  * it under the terms of the GNU General Public License as published by *
@@ -36,211 +30,182 @@
  * MA  02110-1301  USA                                                  *
  ************************************************************************/
 
-// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
-require("inc/libs/security_functions.php");
+// Load security stuff here
+require('inc/libs/security_functions.php');
 
-// Init "action" and "what"
-$GLOBALS['startTime'] = microtime(true);
-$GLOBALS['what'] = "";
-$GLOBALS['action'] = "";
+// Init start time
+$GLOBALS['__start_time'] = microtime(TRUE);
 
-// Set module
-$GLOBALS['module'] = "beg";
-$GLOBALS['refid']  = 0;
-$GLOBALS['output_mode'] = -1;
-$msg = null;
+// Set module and output mode (HTML)
+$GLOBALS['__module']      = 'beg';
+$GLOBALS['__output_mode'] = '0';
+$errorCode = NULL;
 
 // Load the required file(s)
-require("inc/config.php");
-
-// Is the "beg" extension active?
-REDIRCT_ON_UNINSTALLED_EXTENSION("beg");
-
-// Is the script installed?
-if (isInstalled()) {
-	// Check for userid
-	if (REQUEST_ISSET_GET(('uid'))) {
-		// Init variables
-		$uid = 0;
-		$result = false;
-		$points = 0;
-
-		// Don't pay is the default...
-		$pay = false;
-
-		// Validate if it is not a number
-		if ("".(REQUEST_GET('uid') + 0)."" !== "".REQUEST_GET('uid')."") {
-			if (EXT_IS_ACTIVE("nickname")) {
-				// Maybe we have found a nickname?
-				$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
-					array(REQUEST_GET('uid')), __FILE__, __LINE__);
-			} else {
-				// Nickname entered but nickname is not active
-				$msg = constant('CODE_EXTENSION_PROBLEM');
-				$uid = -1;
-			}
-		} else {
-			// Direct userid
-			$result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
-				array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
-		}
-
-		// Check if locked in so don't pay points
-		$status = "failed";
-
-		// Check if account was found
-		if (SQL_NUMROWS($result) == 1) {
-			// Found an ID so we simply set it
-			list($uid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result);
-
-			// Account confirmed?
-			if ($status == "CONFIRMED") {
-				// Secure userid
-				$uid = bigintval($uid);
-
-				// Multiply configured values with 100000 and divide with 100000 so we can also handle small values
-				// If we need more number behind the decimal dot then we just need to increase all these three
-				// numbers matching to the numbers behind the decimal dot. Simple! ;-)
-				$points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
-
-				// Set nickname / userid for the template(s
-				define('__BEG_UID'   , REQUEST_GET(('uid')));
-				define('__BEG_CLICKS', ($clicks + 1));
-				define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
-				define('__BEG_POINTS', TRANSLATE_COMMA($points));
-			} else {
-				// Other status
-				$uid = 0;
-			}
-		} // END - if
+require('inc/config-global.php');
 
-		// Free memory
-		SQL_FREERESULT($result);
-
-		// User id valid and not webmaster's id?
-		if (($uid > 0) && (getConfig('beg_uid') != $uid)) {
-			// Update counter
-			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
-				array($uid), __FILE__, __LINE__);
-
-			// Check for last entry for userid w/o IP number
-			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_uid_timeout').") AND userid=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1",
-				array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
-
-			// Entry not found, points set and not logged in?
-			if (((SQL_NUMROWS($result) == 0) || (IS_ADMIN())) && ($points > 0) && (!IS_MEMBER()) && (getConfig('beg_pay_mode') == "NONE")) {
-
-				// Admin is testing?
-				if (!IS_ADMIN()) {
-					// Remember remote address, userid and timestamp for next click
-					// but only when there is no admin begging.
-					// Admins shall be able to test it!
-					SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_beg_ips` (userid, remote_ip,sid, timeout) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
-						array($uid, GET_REMOTE_ADDR(), session_id()), __FILE__, __LINE__);
-
-					// Was is successfull?
-					if (SQL_AFFECTEDROWS() == 1) {
-						// Okay!
-						$pay = true;
-					} // END - if
-				} else {
-					// Is admin!
-					$pay = true;
-				}
+// Set content type
+setContentType('text/html');
 
-				// Pay points?
-				if ($pay === true) {
-					// Add points to user or begging rallye account
-					if (BEG_ADD_POINTS($uid, $points)) {
-						// Set "done" message
-						define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true));
-					} else {
-						// Error!
-						define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
-					}
-				} else {
-					// Error!
-					define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
-				}
-			} elseif (IS_MEMBER()) {
-				// Logged in user found!
-				define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true));
-			} elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active!
-				// Prepare content for template
-				$content = array(
-					'clicks' => constant('__BEG_CLICKS'),
-					'points' => constant('__BEG_POINTS'),
-					'uid'    => constant('__BEG_UID')
-				);
-
-				// Load message template depending on pay-mode
-				define('__BEG_MSG', LOAD_TEMPLATE("beg_pay_mode_".strtolower(getConfig('beg_pay_mode')), true, $content));
-				$pay = true;
-			} else {
-				// Clicked received while reload lock is active
-				define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
-			}
+// Is the 'beg' extension active?
+redirectOnUninstalledExtension('beg');
 
-			// Free memory
-			SQL_FREERESULT($result);
+// Check for userid
+if (isGetRequestElementSet('userid')) {
+	// Init variables
+	$points = '0';
 
-			// Include header
-			LOAD_INC_ONCE("inc/header.php");
+	// Don't pay is the default...
+	$isPayed = FALSE;
 
-			// Load final template
-			LOAD_TEMPLATE("beg_link");
-
-			// Tracker code enabled? (We don't track users here!
-			if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) {
-				// Prepare content for template
-				// @TODO Opps, what is missing here???
-				$content = array(
-				);
-
-				// Include config-depending template
-				LOAD_TEMPLATE("beg_pay_code_".strtolower(getConfig('beg_pay_mode')), false, $content);
-			} elseif ((!$pay) && (!defined('__BEG_MSG'))) {
-				// Cannot pay! :-(
-				define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true));
-			}
+	// Validate if it is not a number
+	if ((isExtensionActive('nickname')) && (isNicknameUsed(getRequestElement('userid')))) {
+		// Maybe a nickname is provided?
+		fetchUserData(getRequestElement('userid'), 'nickname');
+	} elseif (isNicknameUsed(getRequestElement('userid'))) {
+		// Nickname entered but nickname is not active
+		$errorCode = getCode('EXTENSION_PROBLEM');
+	} else {
+		// Direct userid
+		fetchUserData(getRequestElement('userid'));
+	}
 
-			// Include footer
-			LOAD_INC_ONCE("inc/footer.php");
-		} elseif (($status != "CONFIRMED") && ($status != "failed")) {
-			// Maybe locked/unconfirmed account?
-			$msg = GEN_ERROR_CODE_FROM_ACCOUNT_STATUS($status);
-		} elseif (($uid == "0") || ($status == "failed")) {
-			// Inalid or locked account, so let's find out
-			$result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1",
-				array(REQUEST_GET('uid')), __FILE__, __LINE__);
-			if (SQL_NUMROWS($result) == 1) {
-				// Locked account
-				$msg = constant('CODE_ACCOUNT_LOCKED');
+	// Check if locked in so don't pay points
+	$status = 'failed';
+
+	// Check if account was found
+	if ((isValidUserData()) && (getUserData('status') == 'CONFIRMED')) {
+		/*
+		 * Multiply configured values with 100000 and divide with 100000 so we can also handle small values
+		 * If we need more number behind the decimal dot then we just need to increase all these three
+		 * numbers matching to the numbers behind the decimal dot. Simple! ;-)
+		 */
+		$points = mt_rand((getBegPoints() * 100000), (getBegPointsMax() * 100000)) / 100000;
+
+		// Set nickname / userid for template
+		$content['userid']        = getRequestElement('userid');
+		$content['clicks']        = (getUserData('beg_clicks') + 1);
+		$content['points']        = $points;
+	} // END - if
+
+	// User id valid and not webmaster's id?
+	if ((isValidId(getUserData('userid'))) && (getBegUserid() != getUserData('userid'))) {
+		// Update counter
+		sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s LIMIT 1",
+			array(getUserData('userid')), __FILE__, __LINE__);
+
+		// Check for last entry for userid w/o IP number                            12              33                               2    23              44            3                                          21     1                              1
+		$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE ((UNIX_TIMESTAMP() - `timeout`) >= {?beg_timeout?} OR ((UNIX_TIMESTAMP() - `timeout`) >= {?beg_userid_timeout?} AND `userid`=%s)) AND (`remote_ip`='%s' OR `sid`='%s') LIMIT 1",
+			array(
+				getUserData('userid'),
+				determineRealRemoteAddress(),
+				session_id()
+			), __FILE__, __LINE__);
+
+		// Entry not found, points set and not logged in?
+		//* DEBUG: */ logDebugMessage(__FILE__, __LINE__, 'SQL_HASZERONUMS()=' . intval(SQL_HASZERONUMS($result)) . ',isAdmin()=' . intval(isAdmin()) . ',points=' . $points . ',isMember()=' . intval(isMember()) . ',getBegPayMode()=' . getBegPayMode());
+		if ((ifSqlHasZeroNumRows($result)) && ($points > 0) && (getBegPayMode() == 'NONE') && ((!isMember()) || (isAdmin()))) {
+			// Default is result from isAdmin(), mostly false
+			$isPayed = isAdmin();
+
+			// Admin is testing?
+			if (!isAdmin()) {
+				/*
+				 * Remember remote address, userid and timestamp for next click
+				 * but only when there is no admin begging.
+				 * Admins shall be able to test it!
+				 */
+				sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_beg_ips` (`userid`, `remote_ip`, `sid`, `timeout`) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())",
+					array(
+						getUserData('userid'),
+						determineRealRemoteAddress(),
+						session_id()
+					), __FILE__, __LINE__);
+
+				// Was is successfull?
+				$isPayed = (!ifSqlHasZeroAffectedRows());
+			} // END - if
+
+			// Pay points?
+			//* DEBUG: */ logDebugMessage(__FILE__, __LINE__, 'isPayed=' . intval($isPayed));
+			if ($isPayed === TRUE) {
+				// Add points to user or begging rallye account
+				if (addPointsBeg(getUserData('userid'), $points)) {
+					// Set 'done' message
+					$content['message'] = loadTemplate('beg_done', TRUE, $content);
+				} else {
+					// Error!
+					$content['message'] = loadTemplate('beg_failed', TRUE, $content);
+				}
 			} else {
-				// Invalid nickname! (404)
-				$msg = constant('CODE_USER_404');
+				// Error!
+				$content['message'] = loadTemplate('beg_failed', TRUE, $content);
 			}
+		} elseif (isMember()) {
+			// Logged in user found
+			$content['message'] = loadTemplate('beg_login', TRUE, $content);
+		} elseif (getBegPayMode() != 'NONE') { // Other pay-mode active!
+			// Load message template depending on pay-mode
+			$content['message'] = loadTemplate('beg_pay_mode_' . strtolower(getBegPayMode()), TRUE, $content);
+			$isPayed = TRUE;
+		} else {
+			// Clicked received while reload lock is active
+			$content['message'] = loadTemplate('beg_failed', TRUE, $content);
+		}
 
-			// Free memory
-			SQL_FREERESULT($result);
-		} elseif ($uid == getConfig('beg_uid')) {
-			// Webmaster's ID cannot beg for points!
-			$msg = constant('CODE_BEG_SAME_AS_OWN');
+		// Free memory
+		sqlFreeResult($result);
+
+		// Include header
+		loadPageHeader();
+
+		// Load final template
+		loadTemplate('beg_link', FALSE, $content);
+
+		// Tracker code enabled? (We don't track users here!
+		if ((getBegPayMode() != 'NONE') && ($isPayed === TRUE)) {
+			// Prepare content for template
+			// @TODO Opps, what is missing here???
+			$content = array(
+			);
+
+			// Include config-depending template
+			loadTemplate('beg_pay_code_' . strtolower(getBegPayMode()), FALSE, $content);
+		} elseif (($isPayed === FALSE) && (!isset($content['message']))) {
+			// Cannot pay! :-(
+			$content['message'] = loadTemplate('beg_failed', TRUE);
 		}
 
-		// Reload to index module
-		if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&amp;msg=".$msg."&amp;ext=beg");
-	} else {
-		// No userid entered
-		LOAD_URL("modules.php?module=index");
+		// Include footer
+		loadPageFooter();
+	} elseif ((getUserData('status') != 'CONFIRMED') && (getUserData('status') != 'failed')) {
+		// Maybe locked/unconfirmed account?
+		$errorCode = generateErrorCodeFromUserStatus();
+	} elseif ((!isValidId(getUserData('userid'))) || (getUserData('status') == 'failed')) {
+		// Inalid or locked account, so let's find out
+		if (fetchUserData(getRequestElement('userid'), 'nickname')) {
+			// Locked account
+			$errorCode = getCode('ACCOUNT_LOCKED');
+		} else {
+			// Invalid nickname! (404)
+			$errorCode = getCode('USER_404');
+		}
+	} elseif (getUserData('userid') == getBegUserid()) {
+		// Webmaster's id cannot beg for points!
+		$errorCode = getCode('BEG_SAME_AS_OWN');
 	}
+
+	// Reload to index module if an error happens
+	if (!is_null($errorCode)) {
+		redirectToUrl('modules.php?module=index&amp;code=' . $errorCode . '&amp;ext=beg');
+	} // END - if
 } else {
-	// You have to install first!
-	LOAD_URL("install.php");
+	// No userid entered
+	redirectToUrl('modules.php?module=index');
 }
 
 // Really all done here... ;-)
-shutdown();
+doShutdown();
 
-//
+// [EOF]
 ?>