X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=beg.php;h=e9877f9699347750c932b7b8820cf53260d88989;hp=eb9bf9442276d956f2aa9f06eaf44e84b082798a;hb=00ae506e641834593874812309c33ed825a17cb7;hpb=307a4e11763f0914e73dc756b219356e1c29ab25 diff --git a/beg.php b/beg.php index eb9bf94422..e9877f9699 100644 --- a/beg.php +++ b/beg.php @@ -1,7 +1,7 @@ 0) && ($_CONFIG['beg_uid'] != $uid)) { - // Update counter - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_clicks=beg_clicks+1 WHERE userid=%d AND status='CONFIRMED' LIMIT 1", - array($uid), __FILE__, __LINE__); - - // Check for last entry for userid w/o IP number - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_beg_ips WHERE (timeout > ".(time() - $_CONFIG['beg_timeout'])." OR (timeout > ".(time() - $_CONFIG['beg_uid_timeout'])." AND userid=%d)) AND remote_ip='%s' LIMIT 1", - array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__); - if ((SQL_NUMROWS($result) == 0) && ($points > 0) && (!$login)) { - // Free memory - SQL_FREERESULT($result); - - if (!IS_ADMIN()) { - // Remember remote address, userid and timestamp for next click - // but only when there is no admin begging. - // Admins shall be able to test it! - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_beg_ips (userid, remote_ip, timeout) VALUES('%s', '%s', UNIX_TIMESTAMP())", - array($uid, getenv('REMOTE_ADDR')), __FILE__, __LINE__); - } +// Check for userid +if (isGetRequestElementSet('userid')) { + // Init variables + $points = '0'; - // Set mode depending on how many mails the member has to confirm - $locked = false; - if (($ref_payout > 0) && ($_CONFIG['allow_direct_pay'] == "N")) $locked = true; + // Don't pay is the default... + $isPayed = FALSE; - // Is begging rallye active? - if ($_CONFIG['beg_rallye'] == "Y") { - // Add points to rallye account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET beg_points=beg_points+%s WHERE userid=%d LIMIT 1", - array($points, $uid), __FILE__, __LINE__); - } else { - // Add points to account - $DEPTH = 0; - ADD_POINTS_REFSYSTEM($uid, $points, false, "0", $locked, strtolower($_CONFIG['beg_mode'])); - } + // Validate if it is not a number + if ((isExtensionActive('nickname')) && (isNicknameUsed(getRequestElement('userid')))) { + // Maybe a nickname is provided? + fetchUserData(getRequestElement('userid'), 'nickname'); + } elseif (isNicknameUsed(getRequestElement('userid'))) { + // Nickname entered but nickname is not active + $errorCode = getCode('EXTENSION_PROBLEM'); + } else { + // Direct userid + fetchUserData(getRequestElement('userid')); + } - // Subtract begged points from member account if the admin has selected one - if ($_CONFIG['beg_uid'] > 0) { - // Subtract from this account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1", - array($points, bigintval($_CONFIG['beg_uid'])), __FILE__, __LINE__); - - // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") { - // Update database - MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $points); - } + // Check if locked in so don't pay points + $status = 'failed'; + + // Check if account was found + if ((isValidUserData()) && (getUserData('status') == 'CONFIRMED')) { + /* + * Multiply configured values with 100000 and divide with 100000 so we can also handle small values + * If we need more number behind the decimal dot then we just need to increase all these three + * numbers matching to the numbers behind the decimal dot. Simple! ;-) + */ + $points = mt_rand((getBegPoints() * 100000), (getBegPointsMax() * 100000)) / 100000; + + // Set nickname / userid for template + $content['userid'] = getRequestElement('userid'); + $content['clicks'] = (getUserData('beg_clicks') + 1); + $content['points'] = $points; + } // END - if + + // User id valid and not webmaster's id? + if ((isValidId(getUserData('userid'))) && (getBegUserid() != getUserData('userid'))) { + // Update counter + sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `beg_clicks`=`beg_clicks`+1 WHERE `userid`=%s LIMIT 1", + array(getUserData('userid')), __FILE__, __LINE__); + + // Check for last entry for userid w/o IP number 12 33 2 23 44 3 21 1 1 + $result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_beg_ips` WHERE ((UNIX_TIMESTAMP() - `timeout`) >= {?beg_timeout?} OR ((UNIX_TIMESTAMP() - `timeout`) >= {?beg_userid_timeout?} AND `userid`=%s)) AND (`remote_ip`='%s' OR `sid`='%s') LIMIT 1", + array( + getUserData('userid'), + determineRealRemoteAddress(), + session_id() + ), __FILE__, __LINE__); + + // Entry not found, points set and not logged in? + //* DEBUG: */ logDebugMessage(__FILE__, __LINE__, 'SQL_HASZERONUMS()=' . intval(SQL_HASZERONUMS($result)) . ',isAdmin()=' . intval(isAdmin()) . ',points=' . $points . ',isMember()=' . intval(isMember()) . ',getBegPayMode()=' . getBegPayMode()); + if ((ifSqlHasZeroNums($result)) && ($points > 0) && (getBegPayMode() == 'NONE') && ((!isMember()) || (isAdmin()))) { + // Default is result from isAdmin(), mostly false + $isPayed = isAdmin(); + + // Admin is testing? + if (!isAdmin()) { + /* + * Remember remote address, userid and timestamp for next click + * but only when there is no admin begging. + * Admins shall be able to test it! + */ + sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_beg_ips` (`userid`, `remote_ip`, `sid`, `timeout`) VALUES ('%s','%s','%s', UNIX_TIMESTAMP())", + array( + getUserData('userid'), + determineRealRemoteAddress(), + session_id() + ), __FILE__, __LINE__); + + // Was is successfull? + $isPayed = (!ifSqlHasZeroAffectedRows()); + } // END - if + + // Pay points? + //* DEBUG: */ logDebugMessage(__FILE__, __LINE__, 'isPayed=' . intval($isPayed)); + if ($isPayed === TRUE) { + // Add points to user or begging rallye account + if (addPointsBeg(getUserData('userid'), $points)) { + // Set 'done' message + $content['message'] = loadTemplate('beg_done', TRUE, $content); + } else { + // Error! + $content['message'] = loadTemplate('beg_failed', TRUE, $content); } - - // Set message - define('__BEG_MSG', LOAD_TEMPLATE("beg_done", true)); - } elseif ($login) { - // Logged in user found! - define('__BEG_MSG', LOAD_TEMPLATE("beg_login", true)); - - // Free memory - SQL_FREERESULT($result); - } else { - // Free memory - SQL_FREERESULT($result); - - // Clicked received while reload lock is active - define('__BEG_MSG', LOAD_TEMPLATE("beg_failed", true)); - } - - // Include header - require_once(PATH."inc/header.php"); - - // Load final template - LOAD_TEMPLATE("beg_link"); - - // Include footer - require_once(PATH."inc/footer.php"); - } elseif (($status != "CONFIRMED") && ($status != "failed")) { - // Maybe locked/unconfirmed account? - switch ($status) { - case "LOCKED" : $msg = CODE_ID_LOCKED ; break; // Locked account - case "UNCONFIRMED": $msg = CODE_ID_UNCONFIRMED; break; // Unconfirmed account - } - } elseif (($uid == "0") || ($status == "failed")) { - // Inalid or locked account, so let's find out - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", - array($_GET['uid']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Locked account - $msg = CODE_ACCOUNT_LOCKED; } else { - // Invalid nickname! (404) - $msg = CODE_USER_404; + // Error! + $content['message'] = loadTemplate('beg_failed', TRUE, $content); } + } elseif (isMember()) { + // Logged in user found + $content['message'] = loadTemplate('beg_login', TRUE, $content); + } elseif (getBegPayMode() != 'NONE') { // Other pay-mode active! + // Load message template depending on pay-mode + $content['message'] = loadTemplate('beg_pay_mode_' . strtolower(getBegPayMode()), TRUE, $content); + $isPayed = TRUE; + } else { + // Clicked received while reload lock is active + $content['message'] = loadTemplate('beg_failed', TRUE, $content); + } - // Free memory - SQL_FREERESULT($result); - } elseif ($uid == $_CONFIG['beg_uid']) { - // Webmaster's ID cannot beg for points! - $msg = CODE_BEG_SAME_AS_OWN; + // Free memory + sqlFreeResult($result); + + // Include header + loadIncludeOnce('inc/header.php'); + + // Load final template + loadTemplate('beg_link', FALSE, $content); + + // Tracker code enabled? (We don't track users here! + if ((getBegPayMode() != 'NONE') && ($isPayed === TRUE)) { + // Prepare content for template + // @TODO Opps, what is missing here??? + $content = array( + ); + + // Include config-depending template + loadTemplate('beg_pay_code_' . strtolower(getBegPayMode()), FALSE, $content); + } elseif (($isPayed === FALSE) && (!isset($content['message']))) { + // Cannot pay! :-( + $content['message'] = loadTemplate('beg_failed', TRUE); } - // Reload to index module - die("-".$msg."-"); - if ((!empty($msg)) && (!empty($msg))) LOAD_URL("modules.php?module=index&msg=".$msg); - } else { - // No userid entered - LOAD_URL("modules.php?module=index"); + // Include footer + loadIncludeOnce('inc/footer.php'); + } elseif ((getUserData('status') != 'CONFIRMED') && (getUserData('status') != 'failed')) { + // Maybe locked/unconfirmed account? + $errorCode = generateErrorCodeFromUserStatus(); + } elseif ((!isValidId(getUserData('userid'))) || (getUserData('status') == 'failed')) { + // Inalid or locked account, so let's find out + if (fetchUserData(getRequestElement('userid'), 'nickname')) { + // Locked account + $errorCode = getCode('ACCOUNT_LOCKED'); + } else { + // Invalid nickname! (404) + $errorCode = getCode('USER_404'); + } + } elseif (getUserData('userid') == getBegUserid()) { + // Webmaster's id cannot beg for points! + $errorCode = getCode('BEG_SAME_AS_OWN'); } + + // Reload to index module if an error happens + if (!is_null($errorCode)) { + redirectToUrl('modules.php?module=index&code=' . $errorCode . '&ext=beg'); + } // END - if } else { - // You have to configure first! - LOAD_URL("install.php"); + // No userid entered + redirectToUrl('modules.php?module=index'); } // Really all done here... ;-) +doShutdown(); + +// [EOF] ?>