X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=beg.php;h=67e9855844707ace61455ef319cf8ee1004623ad;hp=c56f99b9315bcdc8abc278978edd6384c4411979;hb=9afd6ec5878544a7982c50ed9c0dd7de37606d5b;hpb=d3c4fdd9bfab35389e1a5ff48f3952d527c7b4bb diff --git a/beg.php b/beg.php index c56f99b931..67e9855844 100644 --- a/beg.php +++ b/beg.php @@ -54,79 +54,60 @@ require('inc/config-global.php'); setContentType('text/html'); // Is the 'beg' extension active? -REDIRCT_ON_UNINSTALLED_EXTENSION('beg'); +redirectOnUninstalledExtension('beg'); // Check for userid if (isGetRequestElementSet('userid')) { // Init variables - $userid = 0; - $result = false; - $points = 0; + $points = '0'; // Don't pay is the default... $pay = false; // Validate if it is not a number - if (''.(getRequestElement('userid') + 0).'' !== ''.getRequestElement('userid').'') { + if (isNicknameUsed(getRequestElement('userid'))) { + // Is the nickname extension there? if (isExtensionActive('nickname')) { // Maybe we have found a nickname? - $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `nickname`='%s' LIMIT 1", - array(getRequestElement('userid')), __FILE__, __LINE__); + fetchUserData(getRequestElement('userid'), 'nickname'); } else { // Nickname entered but nickname is not active $errorCode = getCode('EXTENSION_PROBLEM'); - $userid = -1; } } else { // Direct userid - $result = SQL_QUERY_ESC("SELECT `userid`, `beg_clicks`, `ref_payout`, `status`, `last_online` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval(getRequestElement('userid'))), __FILE__, __LINE__); + fetchUserData(getRequestElement('userid')); } // Check if locked in so don't pay points $status = 'failed'; // Check if account was found - if (SQL_NUMROWS($result) == 1) { - // Found an id so we simply set it - list($userid, $clicks, $ref_payout, $status, $last) = SQL_FETCHROW($result); - - // Account confirmed? - if ($status == 'CONFIRMED') { - // Secure userid - $userid = bigintval($userid); - - // Multiply configured values with 100000 and divide with 100000 so we can also handle small values - // If we need more number behind the decimal dot then we just need to increase all these three - // numbers matching to the numbers behind the decimal dot. Simple! ;-) - $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000; - - // Set nickname / userid for the template(s - $content['userid'] = getRequestElement('userid'); - $content['clicks'] = ($clicks + 1); - $content['banner'] = loadTemplate('beg_banner', true); - $content['points'] = translateComma($points); - } else { - // Other status - $userid = 0; - } + if ((isUserDataValid()) && (getUserData('status') == 'CONFIRMED')) { + // Multiply configured values with 100000 and divide with 100000 so we can also handle small values + // If we need more number behind the decimal dot then we just need to increase all these three + // numbers matching to the numbers behind the decimal dot. Simple! ;-) + $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000; + + // Set nickname / userid for the template(s + $content['userid'] = getRequestElement('userid'); + $content['clicks'] = (getUserData('beg_clicks') + 1); + $content['banner'] = loadTemplate('beg_banner', true); + $content['points'] = translateComma($points); } // END - if - // Free memory - SQL_FREERESULT($result); - // User id valid and not webmaster's id? - if (($userid > 0) && (getConfig('beg_userid') != $userid)) { + if ((getUserData('userid') > 0) && (getConfig('beg_userid') != getUserData('userid'))) { // Update counter - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", - array($userid), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s LIMIT 1", + array(getUserData('userid')), __FILE__, __LINE__); // Check for last entry for userid w/o IP number - $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_timeout').") OR (timeout > (UNIX_TIMESTAMP() - ".getConfig('beg_userid_timeout').") AND `userid`=%s)) AND (remote_ip='%s' OR sid='%s') LIMIT 1", - array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE (`timeout` > (UNIX_TIMESTAMP() - {?beg_timeout?}) OR (timeout > (UNIX_TIMESTAMP() - {?beg_userid_timeout?}) AND `userid`=%s)) AND (`remote_ip`='%s' OR `sid`='%s') LIMIT 1", + array(getUserData('userid'), detectRemoteAddr(), session_id()), __FILE__, __LINE__); // Entry not found, points set and not logged in? - if (((SQL_NUMROWS($result) == 0) || (isAdmin())) && ($points > 0) && (!isMember()) && (getConfig('beg_pay_mode') == 'NONE')) { + if (((SQL_NUMROWS($result) == '0') || (isAdmin())) && ($points > 0) && (!isMember()) && (getConfig('beg_pay_mode') == 'NONE')) { // Admin is testing? if (!isAdmin()) { @@ -134,7 +115,7 @@ if (isGetRequestElementSet('userid')) { // but only when there is no admin begging. // Admins shall be able to test it! SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_beg_ips` (`userid`, `remote_ip`,`sid`, `timeout`) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())", - array($userid, detectRemoteAddr(), session_id()), __FILE__, __LINE__); + array(getUserData('userid'), detectRemoteAddr(), session_id()), __FILE__, __LINE__); // Was is successfull? $pay (SQL_AFFECTEDROWS() == 1); @@ -146,7 +127,7 @@ if (isGetRequestElementSet('userid')) { // Pay points? if ($pay === true) { // Add points to user or begging rallye account - if (addPointsBeg($userid, $points)) { + if (addPointsBeg(getUserData('userid'), $points)) { // Set 'done' message $content['message'] = loadTemplate('beg_done', true); } else { @@ -165,7 +146,7 @@ if (isGetRequestElementSet('userid')) { $content = array( 'clicks' => $content['clicks'], 'points' => $content['points'], - 'userid' => $content['userid'] + 'userid' => $content['userid'] ); // Load message template depending on pay-mode @@ -173,7 +154,7 @@ if (isGetRequestElementSet('userid')) { $pay = true; } else { // Clicked received while reload lock is active - $content['message'] = loadTemplate('beg_failed', true); + $content['message'] = loadTemplate('beg_failed', true, $content); } // Free memory @@ -201,24 +182,19 @@ if (isGetRequestElementSet('userid')) { // Include footer loadIncludeOnce('inc/footer.php'); - } elseif (($status != 'CONFIRMED') && ($status != 'failed')) { + } elseif ((getUserData('status') != 'CONFIRMED') && (getUserData('status') != 'failed')) { // Maybe locked/unconfirmed account? - $errorCode = generateErrorCodeFromUserStatus($status); - } elseif (($userid == 0) || ($status == 'failed')) { + $errorCode = generateErrorCodeFromUserStatus(); + } elseif ((getUserData('userid') == '0') || (getUserData('status') == 'failed')) { // Inalid or locked account, so let's find out - $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE nickname='%s' LIMIT 1", - array(getRequestElement('userid')), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { + if (fetchUserData(getRequestElement('userid'), 'nickname')) { // Locked account $errorCode = getCode('ACCOUNT_LOCKED'); } else { // Invalid nickname! (404) $errorCode = getCode('USER_404'); } - - // Free memory - SQL_FREERESULT($result); - } elseif ($userid == getConfig('beg_userid')) { + } elseif (getUserData('userid') == getConfig('beg_userid')) { // Webmaster's id cannot beg for points! $errorCode = getCode('BEG_SAME_AS_OWN'); }