X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=doubler.php;h=8f147a4996a82b33284f4c6b1962c4c30e8e12ed;hp=3cf72bb08ee065e67fed6741eacedaeb4798de58;hb=fad1ea280c27f9ba8ae818b87b0ba29d2c113b1b;hpb=97eb53f4fdcc3f433dea23d09efde744d52a3740 diff --git a/doubler.php b/doubler.php index 3cf72bb08e..8f147a4996 100644 --- a/doubler.php +++ b/doubler.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Punkteverdoppler * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -32,10 +37,9 @@ ************************************************************************/ // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) ) -require_once("inc/libs/security_functions.php"); +require("inc/libs/security_functions.php"); // Init "action" and "what" -global $what, $action, $startTime; $GLOBALS['startTime'] = microtime(true); $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; @@ -43,21 +47,18 @@ $GLOBALS['action'] = ""; // Set module $GLOBALS['module'] = "doubler"; $GLOBALS['refid'] = 0; -$CSS = 0; +$GLOBALS['output_mode'] = 0; // Load the required file(s) require("inc/config.php"); // Is the "doubler" extension active? -if (!EXT_IS_ACTIVE("doubler")) { - // Redirect to index - LOAD_URL("modules.php?module=index&msg=".CODE_EXTENSION_PROBLEM."&ext=doubler"); -} // END - if +REDIRECT_ON_UNINSTALLED_EXTENSION("doubler"); // Is the script installed? -if (isBooleanConstantAndTrue('mxchange_installed')) { +if (isInstalled()) { // Probe for referal ID - if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']); + if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid')); // Only check this if refid is provided! if ($GLOBALS['refid'] > 0) { @@ -67,11 +68,11 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Do we have nickname or userid set? if ($probe_nickname) { // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, status FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT userid, status FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__); } @@ -93,22 +94,22 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } // END - if // Begin with doubler script... - if (isset($_POST['ok'])) { + if (IS_FORM_SENT()) { // Secure points (so only integer/double values are allowed - $_POST['points'] = bigintval($_POST['points']); + REQUEST_SET_POST('points', bigintval(REQUEST_POST('points'))); // Begin with doubling process - if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) { + if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) { // Probe for nickname extension and if a nickname was entered - $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid'])); + $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round(REQUEST_POST('userid'))."") != REQUEST_POST('userid'))); if ($probe_nickname) { // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1", - array($_POST['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", + array(REQUEST_POST('userid')), __FILE__, __LINE__); } else { // Direct userid entered - $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($_POST['userid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__); } // Load data @@ -119,41 +120,41 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { SQL_FREERESULT($result); // Remove any dots and unwanted chars from the points - $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points']))); + REQUEST_SET_POST('points', bigintval(round(REVERT_COMMA(REQUEST_POST('points'))))); // Probe for enough points - $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max'))); + $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max'))); // Check all together - if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) { + if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) { // Nickname resolved to a unique userid or direct userid entered by the member - $DOUBLER_UID = $uid; + $GLOBALS['doubler_uid'] = $uid; // Calulcate points $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points"); // So let's continue with probing his points amount - if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0) + if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0) // Enough points are left so let's continue with the doubling process // Create doubling "account" width *DOUBLED* points - SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')", - array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')", + array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__); // Subtract entered points - SUB_POINTS("doubler", $uid, $_POST['points']); + SUB_POINTS("doubler", $uid, REQUEST_POST('points')); // Add points to "total payed" including charge - $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge'); + $points = REQUEST_POST('points') - REQUEST_POST('points') * getConfig('doubler_charge'); UPDATE_CONFIG("doubler_points", $points, "+"); incrementConfigEntry('doubler_points', $points); // Add second line for the referal but only when uid != refid if (($GLOBALS['refid'] > 0) && ($GLOBALS['refid'] != $uid)) { // Okay add a refid line and apply refid percents - SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_doubler (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')", + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')", array( bigintval($GLOBALS['refid']), - bigintval($_POST['points'] * 2 * getConfig('doubler_ref')) + bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref')) ), __FILE__, __LINE__); // And that's why we don't want to you more than one referal level of doubler-points. ^^^ @@ -161,45 +162,44 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Update usage counter UPDATE_CONFIG("doubler_counter", 1, "+"); - incrementCondigEntry('doubler_counter'); // Set constant - define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid'])); + define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, REQUEST_POST('userid'))); } else { // Not enougth points left - define('__ERROR_MSG', DOUBLER_FORM_NO_POINTS_LEFT); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_NO_POINTS_LEFT')); } } elseif ($status == "CONFIRMED") { // Account is unconfirmed! - define('__ERROR_MSG', DOUBLER_FORM_WRONG_PASS); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_WRONG_PASS')); } elseif ($status == "UNCONFIRMED") { // Account is unconfirmed! - define('__ERROR_MSG', DOUBLER_FORM_STATUS_UNCONFIRMED); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_UNCONFIRMED')); } elseif ($status == "LOCKED") { // Account is locked by admin / holiday! - define('__ERROR_MSG', DOUBLER_FORM_STATUS_LOCKED); - } elseif ($_POST['points'] < getConfig('doubler_min')) { + define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_LOCKED')); + } elseif (REQUEST_POST('points') < getConfig('doubler_min')) { // Not enougth points entered - define('__ERROR_MSG', DOUBLER_FORM_POINTS_MIN); - } elseif ($_POST['points'] > getConfig('doubler_max')) { + define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MIN')); + } elseif (REQUEST_POST('points') > getConfig('doubler_max')) { // Too much points entered - define('__ERROR_MSG', DOUBLER_FORM_POINTS_MAX); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX')); } elseif ($probe_nickname) { // Cannot resolv nickname -> userid - define('__ERROR_MSG', DOUBLER_FORM_404_NICKNAME); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_NICKNAME')); } else { // Wrong password or account not found - define('__ERROR_MSG', DOUBLER_FORM_404_MEMBER); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER')); } - } elseif (empty($_POST['userid'])) { + } elseif (!REQUEST_ISSET_POST(('userid'))) { // Login not entered - define('__ERROR_MSG', DOUBLER_FORM_404_LOGIN); - } elseif (empty($_POST['pass'])) { + define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN')); + } elseif (!REQUEST_ISSET_POST(('pass'))) { // Password not entered - define('__ERROR_MSG', DOUBLER_FORM_404_PASSWORD); - } elseif (empty($_POST['points'])) { + define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD')); + } elseif (!REQUEST_ISSET_POST(('points'))) { // points not entered - define('__ERROR_MSG', DOUBLER_FORM_404_POINTS); + define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS')); } } @@ -208,10 +208,10 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { if (!defined('__ERROR_MSG')) define('__ERROR_MSG' , ""); // Shall I check for points immediately? - if (getConfig('doubler_send_mode') == "DIRECT") require(PATH."inc/doubler_send.php"); + if (getConfig('doubler_send_mode') == "DIRECT") LOAD_INC("inc/doubler_send.php"); // Output header - require(PATH."inc/header.php"); + LOAD_INC("inc/header.php"); // Banner in text define('__DOUBLER_BANNER', LOAD_TEMPLATE("doubler_banner", true)); @@ -238,21 +238,21 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Text "Enter login" if (EXT_IS_ACTIVE("nickname")) { // Choose login/nickname - define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN_NICKNAME); + define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN_NICKNAME')); } else { // Simple login ID - define('DOUBLER_ENTER_LOGIN', GUEST_ENTER_LOGIN); + define('DOUBLER_ENTER_LOGIN', getMessage('GUEST_ENTER_LOGIN')); } // Which mail-send-mode did the admin setup? switch (getConfig('doubler_send_mode')) { case "DIRECT": - define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_DIRECT); + define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_DIRECT')); break; case "RESET": - define('DOUBLER_PAYOUT_TIME', DOUBLER_PAYOUT_TIME_RESET); + define('DOUBLER_PAYOUT_TIME', getMessage('DOUBLER_PAYOUT_TIME_RESET')); break; } @@ -272,11 +272,14 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { LOAD_TEMPLATE("doubler_index"); // Output footer - require(PATH."inc/footer.php"); + LOAD_INC("inc/footer.php"); } else { // You have to install first! LOAD_URL("install.php"); } // Really all done here... ;-) +shutdown(); + +// ?>