X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=birthday_confirm.php;h=cfbbb60f2de45073fbcac36e6ba69e68f39f6283;hp=27729533e4e3748d44c001562bdbeb1d976fb960;hb=d52156d35605388b7554c31d08bc29f0bb167079;hpb=8a9324b2d931f54f54f4319fd7234910af77012c diff --git a/birthday_confirm.php b/birthday_confirm.php index 27729533e4..cfbbb60f2d 100644 --- a/birthday_confirm.php +++ b/birthday_confirm.php @@ -32,7 +32,7 @@ ************************************************************************/ // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) ) -require_once("inc/libs/security_functions.php"); +require("inc/libs/security_functions.php"); // Init "action" and "what" global $what, $action; @@ -42,70 +42,68 @@ $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; $GLOBALS['module'] = "birthday_confirm"; $CSS = -1; // Load the required file(s) -require ("inc/config.php"); +require("inc/config.php"); -if (defined('mxchange_installed') && (mxchange_installed)) -{ +// Is the "birthday" extension active? +REDIRECT_ON_UNINSTALLED_EXTENSION("birthday"); + +// Is the script installed? +if (isBooleanConstantAndTrue('mxchange_installed')) { // Script is installed so let's check for his confirmation link... - $uid = strip_tags(bigintval($_GET['uid'])); + $uid = bigintval($_GET['uid']); // Only allow numbers here... - $chk = strip_tags(bigintval($_GET['check'])); - - // .. only first 32 numbers - $chk = substr($chk, 0, 32); + $chk = bigintval($_GET['check'], false); // Check if link is not clicked so far - $result = SQL_QUERY_ESC("SELECT DISTINCT b.points, d.sex, d.surname, d.family, d.status -FROM "._MYSQL_PREFIX."_user_birthday AS b -LEFT JOIN "._MYSQL_PREFIX."_user_data AS d + $result = SQL_QUERY_ESC("SELECT b.points, d.gender, d.surname, d.family, d.status, d.ref_payout +FROM `{!_MYSQL_PREFIX!}_user_birthday` AS b +INNER JOIN `{!_MYSQL_PREFIX!}_user_data` AS d ON b.userid=d.userid -WHERE b.userid=%d AND b.chk_value='%s' LIMIT 1", +WHERE b.userid=%s AND b.chk_value='%s' LIMIT 1", array($uid, $chk), __FILE__, __LINE__); + //* DEBUG: */ echo "uid=".$uid.",chk=".$chk." (".strlen($chk)."/".strlen($_GET['check'])."/".SQL_NUMROWS($result).")
\n"; - if (SQL_NUMROWS($result) == 1) - { + // Is an entry there? + if (SQL_NUMROWS($result) == 1) { // Ok, congratulation again! Here's your gift from us... - list($GIFT, $salut, $sname, $fname, $status) = SQL_FETCHROW($result); - if ($status == "CONFIRMED") - { + $data = SQL_FETCHARRAY($result, false); + + // Is the account confirmed? + if ($data['status'] == "CONFIRMED") { // Set mode depending on how many mails the member has to confirm $locked = false; - if (($ref_payout > 0) && ($CONFIG['allow_direct_pay'] == 'N')) $locked = true; + if (($data['ref_payout'] > 0) && (getConfig('allow_direct_pay') != "Y")) $locked = true; // Add points to account - ADD_POINTS_REFSYSTEM($uid, $GIFT, false, "0", $locked, strtolower($CONFIG['birthday_mode'])); - - // Remove entry from table - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_birthday WHERE userid=%d LIMIT 1", - array($uid), __FILE__, __LINE__); + unset($GLOBALS['ref_level']); + ADD_POINTS_REFSYSTEM("birthday_confirm", $uid, $data['points'], false, "0", $locked, strtolower(getConfig('birthday_mode'))); // Update mediadata if version is 0.0.4 or newer - if (GET_EXT_VERSION("mediadata") >= "0.0.4") - { + if (GET_EXT_VERSION("mediadata") >= "0.0.4") { // Update database - MEDIA_UPDATE_ENTRY(array("total_points"), "add", $GIFT); + MEDIA_UPDATE_ENTRY(array("total_points"), "add", $data['points']); } + // Remove entry from table + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_birthday` WHERE userid=%s AND chk_value='%s' LIMIT 1", + array($uid, $chk), __FILE__, __LINE__); + // Transfer data to constants for the template - define('__SALUT', TRANSLATE_SEX($salut)); - define('__SNAME', $sname); - define('__FNAME', $fname); - define('__GIFT' , $GIFT); + define('__GENDER', TRANSLATE_GENDER($data['gender'])); + define('__SNAME' , $data['surname']); + define('__FNAME' , $data['family']); + define('__GIFT' , TRANSLATE_COMMA($data['points'])); // Load message from template define('__MSG', LOAD_TEMPLATE("birthday_msg", true)); - } - else - { + } else { // Unconfirmed / locked accounts cannot get points - define('__MSG', BIRTHDAY_CANNOT_STATUS_1.TRANSLATE_STATUS($status).BIRTHDAY_CANNOT_STATUS_2); + define('__MSG', BIRTHDAY_CANNOT_STATUS_1.TRANSLATE_STATUS($data['status']).BIRTHDAY_CANNOT_STATUS_2); } - } - else - { + } else { // Cannot load data! - define('__MSG', BIRTHDAY_CANNOT_LOAD_DATA); + define('__MSG', getMessage('BIRTHDAY_CANNOT_LOAD_DATA')); } // Free memory @@ -115,7 +113,7 @@ WHERE b.userid=%d AND b.chk_value='%s' LIMIT 1", $GLOBALS['module'] = "birthday_confirm"; // Include header - include(PATH."inc/header.php"); + LOAD_INC("inc/header.php"); // Load birthday header template (for your banners, e.g.?) define('__BIRTHDAY_HEADER', LOAD_TEMPLATE("birthday_header", true)); @@ -127,12 +125,10 @@ WHERE b.userid=%d AND b.chk_value='%s' LIMIT 1", LOAD_TEMPLATE("birthday_confirm"); // Include footer - include(PATH."inc/footer.php"); -} - else -{ - // You have to configure first! - LOAD_URL(URL."/install.php"); + LOAD_INC("inc/footer.php"); +} else { + // You have to install first! + LOAD_URL("install.php"); } // Really all done here... ;-) ?>