X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=mailid.php;h=0649da1e8386a79129c614d0d4ae046bf63e74be;hp=a573a245ff2cb018b2cf62dd7b51a8a55e9cd8ab;hb=a3921e6e7dac39605faa4f9194ff428c331002dc;hpb=64c8349613addc3da2242c5cd6b99d64e3fb5f8e

diff --git a/mailid.php b/mailid.php
index a573a245ff..0649da1e83 100644
--- a/mailid.php
+++ b/mailid.php
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 11/14/2003 *
- * ===============                              Last change: 11/25/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 11/14/2003 *
+ * ===================                          Last change: 11/25/2004 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : mailid.php                                       *
@@ -57,47 +57,46 @@ setContentType('text/html');
 redirectOnUninstalledExtension('mailid');
 
 // Init
-$url_userid = 0;
-$url_bid = 0;
-$url_mid = 0;
+$url_userid = '0';
+$url_bid = '0';
+$url_mid = '0';
 
 // Secure all data
-if (isGetRequestElementSet('userid'))     $url_userid = bigintval(getRequestElement('userid'));
-if (isGetRequestElementSet('mailid'))  $url_mid = bigintval(getRequestElement('mailid'));
-if (isGetRequestElementSet('bonusid')) $url_bid = bigintval(getRequestElement('bonusid'));
+if (isGetRequestElementSet('userid'))  $url_userid = bigintval(getRequestElement('userid'));
+if (isGetRequestElementSet('mailid'))  $url_mid    = bigintval(getRequestElement('mailid'));
+if (isGetRequestElementSet('bonusid')) $url_bid    = bigintval(getRequestElement('bonusid'));
+
+// 01           1        12            2    2            21    1                   22     10
+if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == '0')) {
+	// Init result
+	$result_link = false;
 
-// 01        1        12            3    32           21    1                   22     10
-if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
 	// Maybe he wants to confirm an email?
 	if ($url_mid > 0) {
 		// Normal-Mails
-		$result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
+		$result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
 			array($url_mid, $url_userid), __FILE__, __LINE__);
 		$type = 'mailid'; $urlId = $url_mid;
 	} elseif ($url_bid > 0) {
 		// Bonus-Mail
-		$result = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+		$result_link = SQL_QUERY_ESC("SELECT `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
 			array($url_bid, $url_userid), __FILE__, __LINE__);
 		$type = 'bonusid'; $urlId = $url_bid;
 	} else {
-		// Problem: No ID entered
+		// Problem: No id entered
 		redirectToUrl('index.php');
 	}
 
-	if (SQL_NUMROWS($result) == 1) {
+	if (SQL_NUMROWS($result_link) == 1) {
 		// Load the entry
-		list($ltype) = SQL_FETCHROW($result);
-
-		// Clean result
-		SQL_FREERESULT($result);
+		list($ltype) = SQL_FETCHROW($result_link);
 
 		// @TODO Rewrite this to a filter
-		switch ($ltype)
-		{
+		switch ($ltype) {
 			case 'NORMAL':
-				// Is the stats ID valid?
-				$result = SQL_QUERY_ESC("SELECT pool_id, url, subject FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
-				array($url_mid), __FILE__, __LINE__);
+				// Is the stats id valid?
+				$result = SQL_QUERY_ESC("SELECT `pool_id`, `url`, `subject` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1",
+					array($url_mid), __FILE__, __LINE__);
 				break;
 
 			case 'BONUS':
@@ -106,7 +105,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 
 				// Bonus-Mails
 				$result = SQL_QUERY_ESC("SELECT id, url, subject FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
-				array($url_bid), __FILE__, __LINE__);
+					array($url_bid), __FILE__, __LINE__);
 				break;
 
 			default: // Invalid mail type
@@ -124,19 +123,18 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 			// Set it
 			setExtraTitle($title);
 
-			// Is the user's ID unlocked?
-			$result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`,` family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
-				array($url_userid), __FILE__, __LINE__);
-			if (SQL_NUMROWS($result) == 1) {
-				list($status, $gender, $surname, $family) = SQL_FETCHROW($result);
-				SQL_FREERESULT($result);
-				if ($status == 'CONFIRMED') {
+			// Is the user's id unlocked?
+			if (fetchUserData($url_userid)) {
+				// Status must be CONFIRMED
+				if (getUserData('status') == 'CONFIRMED') {
+					// Update last activity if not admin
+					updateLastActivity($url_userid);
+
 					// User has confirmed his account so we can procede...
 					// @TODO Rewrite this to a filter
-					switch ($ltype)
-					{
+					switch ($ltype) {
 						case 'NORMAL':
-							$result = SQL_QUERY_ESC("SELECT payment_id FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE pool_id=%s LIMIT 1",
+							$result = SQL_QUERY_ESC("SELECT `payment_id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `pool_id`=%s LIMIT 1",
 								array(bigintval($pool)), __FILE__, __LINE__);
 							if (SQL_NUMROWS($result) == 1) {
 								list($pay) = SQL_FETCHROW($result);
@@ -150,7 +148,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 							break;
 
 						case 'BONUS':
-							$result = SQL_QUERY_ESC("SELECT points, time FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+							$result = SQL_QUERY_ESC("SELECT `points`, `time` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
 								array($url_bid), __FILE__, __LINE__);
 							if (SQL_NUMROWS($result) == 1) {
 								list($points, $time) = SQL_FETCHROW($result);
@@ -173,7 +171,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 					// Was that mail a valid one?
 					if ($isValid === true) {
 						// If time is zero seconds we have a sponsor mail. 1 Second shall be set to avoid problems
-						if (($time == '0') && ($payment > 0)) { $URL = getConfig('URL'); $time = '1'; }
+						if (($time == '0') && ($payment > 0)) { $URL = getConfig('URL'); $time = 1; }
 						if (($time > 0) && (($payment > 0) || ($points > 0))) {
 							// Export data into constants for the template
 							$content = array(
@@ -184,7 +182,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 							);
 
 							// Load template
-							loadTemplate('mailid_frames');
+							loadTemplate('mailid_frames', false, $content);
 						} else {
 							$errorCode = getCode('DATA_INVALID');
 						}
@@ -192,20 +190,20 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
 						$errorCode = getCode('POSSIBLE_INVALID');
 					}
 				} else {
-					$errorCode = getCode('ACCOUNT_LOCKED');
+					$errorCode = getCode('ACCOUNT_' . getUserData('status'));
 				}
 			} else {
-				SQL_FREERESULT($result);
 				$errorCode = getCode('USER_404');
 			}
 		} else {
-			SQL_FREERESULT($result);
 			$errorCode = getCode('STATS_404');
 		}
 	} else {
-		SQL_FREERESULT($result);
 		$errorCode = getCode('ALREADY_CONFIRMED');
 	}
+
+	// Free result
+	SQL_FREERESULT($result_link);
 } else {
 	// Nothing entered
 	$errorCode = getCode('ERROR_MAILID');