X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-confirm.php;h=22acf14e50f137206fba410d4117ddcf32e67645;hp=1a1a632f656b6947646d426d13e6f3b0b2b51173;hb=831c60d4cec333ea95e0ce23d9e53fd5d8133ce6;hpb=6032b7018b83778f1592383238f4e0d28f718622

diff --git a/inc/modules/guest/what-confirm.php b/inc/modules/guest/what-confirm.php
index 1a1a632f65..22acf14e50 100644
--- a/inc/modules/guest/what-confirm.php
+++ b/inc/modules/guest/what-confirm.php
@@ -32,45 +32,40 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
+
 // Add description as navigation point
 ADD_DESCR("guest", basename(__FILE__));
 
-if (!empty($_GET['hash']))
-{
+if (!empty($_GET['hash'])) {
 	// Initialize the user ID
 	$uid = 0;
 
 	// Search for an unconfirmed or confirmed account
 	$result = SQL_QUERY_ESC("SELECT userid, email, refid FROM "._MYSQL_PREFIX."_user_data WHERE user_hash='%s' AND (status='UNCONFIRMED' OR status='CONFIRMED') LIMIT 1",
-	 array($_GET['hash']), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) == 1)
-	{
+		array($_GET['hash']), __FILE__, __LINE__);
+	if (SQL_NUMROWS($result) == 1) {
 		// Ok, he want's to confirm now so we load some data
 		list ($uid, $email, $rid) = SQL_FETCHROW($result);
 
 		// Unlock his account (but only when it is on UNCONFIRMED!)
-		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED', ref_payout='%s' WHERE user_hash='%s' AND status='UNCONFIRMED' LIMIT 1",
-		 array($_CONFIG['ref_payout'], $_GET['hash']), __FILE__, __LINE__);
-		if (SQL_AFFECTEDROWS() == 1)
-		{
-			$msg = LOAD_EMAIL_TEMPLATE("confirm-member", "", bigintval($uid));
+		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED', ref_payout=%s, user_hash=NULL WHERE user_hash='%s' AND status='UNCONFIRMED' LIMIT 1",
+			array($_CONFIG['ref_payout'], $_GET['hash']), __FILE__, __LINE__);
+		if (SQL_AFFECTEDROWS() == 1) {
+			$msg = LOAD_EMAIL_TEMPLATE("confirm-member", array('points' => $_CONFIG['points_register']), bigintval($uid));
 
 			// And send him right away the confirmation mail
 			SEND_EMAIL($email, GUEST_THANX_CONFIRM, $msg);
 
 			// Maybe he got "referraled"?
-			if (($rid > 0) && ($rid != $uid))
-			{
+			if (($rid > 0) && ($rid != $uid)) {
 				// Select the referral userid
 				$result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 				 array(bigintval($rid)), __FILE__, __LINE__);
-				if (SQL_NUMROWS($result) == 1)
-				{
+				if (SQL_NUMROWS($result) == 1) {
 					// Update ref counter...
 					UPDATE_REF_COUNTER($rid);
 
@@ -78,38 +73,34 @@ if (!empty($_GET['hash']))
 					unset($DEPTH);
 
 					// Shall I "pay" the referral points imidiately?
-					if ($_CONFIG['ref_payout'] == "0")
-					{
+					if ($_CONFIG['ref_payout'] == "0") {
 						// Yes, "pay" it now
 						$locked = false;
-					}
-					 else
-					{
+					} else {
 						// No, "pay" it later
 						$locked = true;
 					}
 
 					// If version matches add ref bonus to refid's account
-					if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y"))
-					{
+					if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) {
 						// Add points (directly only!)
 						$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_ref=bonus_ref+%s WHERE userid=%s LIMIT 1",
 						 array($_CONFIG['bonus_ref'], bigintval($rid)), __FILE__, __LINE__);
 
 						// Subtract points from system
 						BONUS_POINTS_HANDLER($_CONFIG['bonus_ref']);
-					}
+					} // END - if
 
 					// Add one-time referral bonus over referral system or directly
 					$DEPTH = 0;
 					ADD_POINTS_REFSYSTEM($rid, $_CONFIG['points_ref'], true, bigintval($uid), $locked, $_CONFIG['reg_points_mode']);
-				}
-			}
+				} // END - if
+			} // END - if
 
 			if (EXT_IS_ACTIVE("rallye")) {
 				// Add user to rallye (or not?)
 				RALLYE_AUTOADD_USER(bigintval($uid));
-			}
+			} // END - if
 
 			// Account confirmed!
 			if (defined('LEAD_CODE_ENABLED') && defined('LEAD_EXPIRY_TIME')) {
@@ -154,7 +145,7 @@ if (!empty($_GET['hash']))
 		switch ($DATA[1])
 		{
 		case "UNCONFIRMED": // Account not confirmed
-			$msg = LOAD_EMAIL_TEMPLATE("guest_request_confirm", "", $DATA[0]);
+			$msg = LOAD_EMAIL_TEMPLATE("guest_request_confirm", array('hash' => $DATA[2]), $DATA[0]);
 			SEND_EMAIL($_POST['email'], REQUEST_CONFIRM_LINK_SUBJ, $msg);
 			$content = CONFIRM_LINK_SENT;
 			break;