X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=beg.php;h=ab2817211a5a5265c6ad2f70ceedad3260955746;hp=e1e41d1e34cb93a2f866a05a7f87899b77e91c9e;hb=f74581eca45c393033acfd9d7798b958031bc625;hpb=397eb5dee2611cfaa1ff494d73e6785b88109cd6 diff --git a/beg.php b/beg.php index e1e41d1e34..ab2817211a 100644 --- a/beg.php +++ b/beg.php @@ -32,32 +32,29 @@ ************************************************************************/ // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) ) -require_once("inc/libs/security_functions.php"); +require("inc/libs/security_functions.php"); // Init "action" and "what" -global $what, $action, $startTime; $GLOBALS['startTime'] = microtime(true); -$GLOBALS['what'] = ""; $GLOBALS['action'] = ""; +$GLOBALS['what'] = ""; +$GLOBALS['action'] = ""; // Set module $GLOBALS['module'] = "beg"; $GLOBALS['refid'] = 0; -$CSS = -1; +$GLOBALS['output_mode'] = -1; $msg = null; // Load the required file(s) -require_once("inc/config.php"); +require("inc/config.php"); // Is the "beg" extension active? -if (!EXT_IS_ACTIVE("beg")) { - // Redirect to index - LOAD_URL("modules.php?module=index&msg=".CODE_EXTENSION_PROBLEM."&ext=beg"); -} // END - if +REDIRCT_ON_UNINSTALLED_EXTENSION("beg"); // Is the script installed? -if (isBooleanConstantAndTrue('mxchange_installed')) { +if (isInstalled()) { // Check for userid - if (!empty($_GET['uid'])) { + if (REQUEST_ISSET_GET(('uid'))) { // Init variables $uid = 0; $result = false; @@ -67,20 +64,20 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { $pay = false; // Validate if it is not a number - if ("".($_GET['uid'] + 0)."" !== "".$_GET['uid']."") { + if ("".(REQUEST_GET('uid') + 0)."" !== "".REQUEST_GET('uid')."") { if (EXT_IS_ACTIVE("nickname")) { // Maybe we have found a nickname? $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array($_GET['uid']), __FILE__, __LINE__); + array(REQUEST_GET('uid')), __FILE__, __LINE__); } else { // Nickname entered but nickname is not active - $msg = CODE_EXTENSION_PROBLEM; + $msg = constant('CODE_EXTENSION_PROBLEM'); $uid = -1; } } else { // Direct userid $result = SQL_QUERY_ESC("SELECT userid, beg_clicks, ref_payout, status, last_online FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($_GET['uid'])), __FILE__, __LINE__); + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); } // Check if locked in so don't pay points @@ -96,16 +93,13 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Secure userid $uid = bigintval($uid); - // Calculate beg points - mt_srand((double)microtime() * 10000000000 / time()); - // Multiply configured values with 100000 and divide with 100000 so we can also handle small values // If we need more number behind the decimal dot then we just need to increase all these three // numbers matching to the numbers behind the decimal dot. Simple! ;-) $points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000; // Set nickname / userid for the template(s - define('__BEG_UID' , SQL_ESCAPE($_GET['uid'])); + define('__BEG_UID' , REQUEST_GET(('uid'))); define('__BEG_CLICKS', ($clicks + 1)); define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true)); define('__BEG_POINTS', TRANSLATE_COMMA($points)); @@ -121,7 +115,7 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // User id valid and not webmaster's id? if (($uid > 0) && (getConfig('beg_uid') != $uid)) { // Update counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND status='CONFIRMED' LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET beg_clicks=beg_clicks+1 WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1", array($uid), __FILE__, __LINE__); // Check for last entry for userid w/o IP number @@ -150,7 +144,7 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } // Pay points? - if ($pay) { + if ($pay === true) { // Add points to user or begging rallye account if (BEG_ADD_POINTS($uid, $points)) { // Set "done" message @@ -169,9 +163,9 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } elseif (getConfig('beg_pay_mode') != "NONE") { // Other pay-mode active! // Prepare content for template $content = array( - 'clicks' => __BEG_CLICKS, - 'points' => __BEG_POINTS, - 'uid' => __BEG_UID + 'clicks' => constant('__BEG_CLICKS'), + 'points' => constant('__BEG_POINTS'), + 'uid' => constant('__BEG_UID') ); // Load message template depending on pay-mode @@ -194,6 +188,7 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Tracker code enabled? (We don't track users here! if ((getConfig('beg_pay_mode') != "NONE") && ($pay)) { // Prepare content for template + // @TODO Opps, what is missing here??? $content = array( ); @@ -212,20 +207,20 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } elseif (($uid == "0") || ($status == "failed")) { // Inalid or locked account, so let's find out $result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array($_GET['uid']), __FILE__, __LINE__); + array(REQUEST_GET('uid')), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Locked account - $msg = CODE_ACCOUNT_LOCKED; + $msg = constant('CODE_ACCOUNT_LOCKED'); } else { // Invalid nickname! (404) - $msg = CODE_USER_404; + $msg = constant('CODE_USER_404'); } // Free memory SQL_FREERESULT($result); } elseif ($uid == getConfig('beg_uid')) { // Webmaster's ID cannot beg for points! - $msg = CODE_BEG_SAME_AS_OWN; + $msg = constant('CODE_BEG_SAME_AS_OWN'); } // Reload to index module