X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=doubler.php;h=983653ddaa6a4a829de321fdca69bcf708aaa6f2;hp=869e3da1e507dfc2e1251e50fa8c79ff36bb829d;hb=d32a5a6c4e9287611853e7187a5d6d1b05794bdb;hpb=84317e249885eb03a99f2946acf285ff27d506ac diff --git a/doubler.php b/doubler.php index 869e3da1e5..983653ddaa 100644 --- a/doubler.php +++ b/doubler.php @@ -35,7 +35,6 @@ require("inc/libs/security_functions.php"); // Init "action" and "what" -global $what, $action, $startTime; $GLOBALS['startTime'] = microtime(true); $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; @@ -43,21 +42,18 @@ $GLOBALS['action'] = ""; // Set module $GLOBALS['module'] = "doubler"; $GLOBALS['refid'] = 0; -$CSS = 0; +$GLOBALS['output_mode'] = 0; // Load the required file(s) require("inc/config.php"); // Is the "doubler" extension active? -if (!EXT_IS_ACTIVE("doubler")) { - // Redirect to index - LOAD_URL("modules.php?module=index&msg={!CODE_EXTENSION_PROBLEM!}&ext=doubler"); -} // END - if +REDIRECT_ON_UNINSTALLED_EXTENSION("doubler"); // Is the script installed? -if (isBooleanConstantAndTrue('mxchange_installed')) { +if (isInstalled()) { // Probe for referal ID - if (!empty($_GET['refid'])) $GLOBALS['refid'] = SQL_ESCAPE($_GET['refid']); + if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid')); // Only check this if refid is provided! if ($GLOBALS['refid'] > 0) { @@ -93,22 +89,22 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } // END - if // Begin with doubler script... - if (isset($_POST['ok'])) { + if (IS_FORM_SENT()) { // Secure points (so only integer/double values are allowed - $_POST['points'] = bigintval($_POST['points']); + REQUEST_SET_POST('points', bigintval(REQUEST_POST('points'))); // Begin with doubling process - if ((!empty($_POST['userid'])) && (!empty($_POST['pass'])) && (!empty($_POST['points']))) { + if ((REQUEST_ISSET_POST(('userid'))) && (REQUEST_ISSET_POST(('pass'))) && (REQUEST_ISSET_POST(('points')))) { // Probe for nickname extension and if a nickname was entered - $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['userid'])."") != $_POST['userid'])); + $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round(REQUEST_POST('userid'))."") != REQUEST_POST('userid'))); if ($probe_nickname) { // Nickname in URL, so load the ID $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE nickname='%s' LIMIT 1", - array($_POST['userid']), __FILE__, __LINE__); + array(REQUEST_POST('userid')), __FILE__, __LINE__); } else { // Direct userid entered $result = SQL_QUERY_ESC("SELECT userid, status, password FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", - array(bigintval($_POST['userid'])), __FILE__, __LINE__); + array(bigintval(REQUEST_POST('userid'))), __FILE__, __LINE__); } // Load data @@ -119,13 +115,13 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { SQL_FREERESULT($result); // Remove any dots and unwanted chars from the points - $_POST['points'] = bigintval(round(REVERT_COMMA($_POST['points']))); + REQUEST_SET_POST('points', bigintval(round(REVERT_COMMA(REQUEST_POST('points'))))); // Probe for enough points - $probe_points = (($_POST['points'] >= getConfig('doubler_min')) && ($_POST['points'] <= getConfig('doubler_max'))); + $probe_points = ((REQUEST_POST('points') >= getConfig('doubler_min')) && (REQUEST_POST('points') <= getConfig('doubler_max'))); // Check all together - if ((!empty($uid)) && ($password == generateHash($_POST['pass'], substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) { + if ((!empty($uid)) && ($password == generateHash(REQUEST_POST('pass'), substr($password, 0, -40))) && ($status == "CONFIRMED") && ($probe_points)) { // Nickname resolved to a unique userid or direct userid entered by the member $DOUBLER_UID = $uid; @@ -133,17 +129,17 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { $points = GET_TOTAL_DATA($uid, "user_points", "points") - GET_TOTAL_DATA($uid, "user_data", "used_points"); // So let's continue with probing his points amount - if (($points - getConfig('doubler_left') - $_POST['points'] * getConfig('doubler_charge')) >= 0) + if (($points - getConfig('doubler_left') - REQUEST_POST('points') * getConfig('doubler_charge')) >= 0) // Enough points are left so let's continue with the doubling process // Create doubling "account" width *DOUBLED* points SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s','%s','%s','".GET_REMOTE_ADDR()."', UNIX_TIMESTAMP(), 'N','N')", - array($uid, bigintval($GLOBALS['refid']), bigintval($_POST['points'] * 2)), __FILE__, __LINE__); + array($uid, bigintval($GLOBALS['refid']), bigintval(REQUEST_POST('points') * 2)), __FILE__, __LINE__); // Subtract entered points - SUB_POINTS("doubler", $uid, $_POST['points']); + SUB_POINTS("doubler", $uid, REQUEST_POST('points')); // Add points to "total payed" including charge - $points = $_POST['points'] - $_POST['points'] * getConfig('doubler_charge'); + $points = REQUEST_POST('points') - REQUEST_POST('points') * getConfig('doubler_charge'); UPDATE_CONFIG("doubler_points", $points, "+"); incrementConfigEntry('doubler_points', $points); @@ -153,7 +149,7 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_doubler` (userid, refid, points, remote_ip, timemark, completed, is_ref) VALUES ('%s',0,'%s','".GET_REMOTE_ADDR()."',UNIX_TIMESTAMP(),'N','Y')", array( bigintval($GLOBALS['refid']), - bigintval($_POST['points'] * 2 * getConfig('doubler_ref')) + bigintval(REQUEST_POST('points') * 2 * getConfig('doubler_ref')) ), __FILE__, __LINE__); // And that's why we don't want to you more than one referal level of doubler-points. ^^^ @@ -161,10 +157,9 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Update usage counter UPDATE_CONFIG("doubler_counter", 1, "+"); - incrementCondigEntry('doubler_counter'); // Set constant - define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, $_POST['userid'])); + define('__DOUBLER_MSG', LOAD_TEMPLATE("doubler_reflink", true, REQUEST_POST('userid'))); } else { // Not enougth points left define('__ERROR_MSG', getMessage('DOUBLER_FORM_NO_POINTS_LEFT')); @@ -178,10 +173,10 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { } elseif ($status == "LOCKED") { // Account is locked by admin / holiday! define('__ERROR_MSG', getMessage('DOUBLER_FORM_STATUS_LOCKED')); - } elseif ($_POST['points'] < getConfig('doubler_min')) { + } elseif (REQUEST_POST('points') < getConfig('doubler_min')) { // Not enougth points entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MIN')); - } elseif ($_POST['points'] > getConfig('doubler_max')) { + } elseif (REQUEST_POST('points') > getConfig('doubler_max')) { // Too much points entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_POINTS_MAX')); } elseif ($probe_nickname) { @@ -191,13 +186,13 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { // Wrong password or account not found define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_MEMBER')); } - } elseif (empty($_POST['userid'])) { + } elseif (!REQUEST_ISSET_POST(('userid'))) { // Login not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_LOGIN')); - } elseif (empty($_POST['pass'])) { + } elseif (!REQUEST_ISSET_POST(('pass'))) { // Password not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_PASSWORD')); - } elseif (empty($_POST['points'])) { + } elseif (!REQUEST_ISSET_POST(('points'))) { // points not entered define('__ERROR_MSG', getMessage('DOUBLER_FORM_404_POINTS')); }