X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=mailid_top.php;h=0ea9125b67774b82684dd26ab5be120758f5996a;hp=e60943d5b44768fbe44b1334912bfeda952ff475;hb=f57261751b221bd64a7dfe96d7a90404e6974d23;hpb=013448f0470ca36ab15b888928e2127e6da7d9b6
diff --git a/mailid_top.php b/mailid_top.php
index e60943d5b4..0ea9125b67 100644
--- a/mailid_top.php
+++ b/mailid_top.php
@@ -1,7 +1,7 @@
0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErrors() == 0)) {
+// Secure all data
+if (isGetRequestParameterSet('userid')) $url_userid = bigintval(getRequestParameter('userid'));
+if (isGetRequestParameterSet('mailid')) $url_mid = bigintval(getRequestParameter('mailid'));
+if (isGetRequestParameterSet('bonusid')) $url_bid = bigintval(getRequestParameter('bonusid'));
+if (isGetRequestParameterSet('code')) $code = bigintval(getRequestParameter('code'));
+if (isGetRequestParameterSet('mode')) $mode = getRequestParameter('mode');
+
+// 01 1 12 2 2 21 1 22 10
+if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (!ifFatalErrorsDetected())) {
// No image? Then output header
if ($mode != 'img') loadIncludeOnce('inc/header.php');
// Maybe he wants to confirm an email?
if ($url_mid > 0) {
- $result = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
+ $result_main = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1",
array($url_mid, $url_userid), __FILE__, __LINE__);
$type = 'mailid'; $urlId = $url_mid;
} elseif ($url_bid > 0) {
- $result = SQL_QUERY_ESC("SELECT `id`, link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
+ $result_main = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1",
array($url_bid, $url_userid), __FILE__, __LINE__);
$type = 'bonusid'; $urlId = $url_bid;
}
- if (SQL_NUMROWS($result) == 1) {
- // Is the stats ID valid?
- list($lid, $ltype) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ if (SQL_NUMROWS($result_main) == 1) {
+ // Is the stats id valid?
+ list($lid, $ltype) = SQL_FETCHROW($result_main);
+
+ // Init result here with invalid to avoid possible missing variable
+ $result_mailid = false;
// @TODO Rewrite this to a filter
switch ($ltype) {
@@ -97,12 +104,12 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
break;
case 'BONUS':
- $result_mailid = SQL_QUERY_ESC("SELECT `id, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
+ $result_mailid = SQL_QUERY_ESC("SELECT `id`, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1",
array($url_bid), __FILE__, __LINE__);
break;
default: // Unknown type
- debug_report_bug('Unknown mail type ' . $ltype . ' detected.');
+ debug_report_bug(__FILE__, __LINE__, 'Unknown mail type ' . $ltype . ' detected.');
break;
}
@@ -114,23 +121,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
// Correct notification switch in non-bonus mails
if (($notify != 'Y') && ($notify != 'N')) $notify = 'N';
- // Free some memory
- SQL_FREERESULT($result_mailid);
-
// Set sender to 0 when we have a bonus mail
- if ($ltype == 'BONUS') $sender = 0;
-
- // Is the user's ID unlocked?
- $result = SQL_QUERY_ESC("SELECT `status`, `gender`, `surname`, `family`, `ref_payout` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // Load data
- list($status, $gender, $surname, $family, $ref_pay) = SQL_FETCHROW($result);
+ if ($ltype == 'BONUS') $sender = '0';
- // Free some memory
- SQL_FREERESULT($result);
-
- if ($status == 'CONFIRMED') {
+ // Is the user id valid?
+ if (fetchUserData($url_userid) === true) {
+ // Is the user status CONFIRMED?
+ if (getUserData('status') == 'CONFIRMED') {
// User has confirmed his account so we can procede...
// @TODO Rewrite this to a filter
switch ($ltype) {
@@ -165,15 +162,15 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
break;
default: // Unknown type
- debug_report_bug('Unknown mail type ' . $ltype . ' detected.');
+ debug_report_bug(__FILE__, __LINE__, 'Unknown mail type ' . $ltype . ' detected.');
break;
}
// Is this entry valid?
if ($isValid === true) {
- if (($time == '0') && ($payment > 0)) $time = '1';
+ if (($time == '0') && ($payment > 0)) $time = 1;
if (($time > 0) && ($payment > 0)) {
- $img_code = 0;
+ $img_code = '0';
if (!empty($code)) {
// Generate code
$img_code = generateRandomCode(getConfig('code_length'), $code, $url_userid, $urlId);
@@ -183,7 +180,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
switch ($mode) {
case 'add':
// Init stats data
- $stats_data = 0;
+ $stats_data = '0';
// Count clicks
// @TODO Rewrite this to a filter
@@ -193,7 +190,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
array($url_mid), __FILE__, __LINE__);
// Update mediadata as well
- if (getExtensionVersion('mediadata') >= '0.0.4') {
+ if (isExtensionInstalledAndNewer('mediadata', '0.0.4')) {
// Update database
updateMediadataEntry(array('total_clicks', 'normal_clicks'), 'add', 1);
} // END - if
@@ -205,7 +202,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
array($url_bid), __FILE__, __LINE__);
// Update mediadata as well
- if (getExtensionVersion('mediadata') >= '0.0.4') {
+ if (isExtensionInstalledAndNewer('mediadata', '0.0.4')) {
// Update database
updateMediadataEntry(array('total_clicks', 'bonus_clicks'), 'add', 1);
} // END - if
@@ -213,7 +210,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
break;
default: // Unknown type
- debug_report_bug('Unknown mail type ' . $ltype . ' detected.');
+ debug_report_bug(__FILE__, __LINE__, 'Unknown mail type ' . $ltype . ' detected.');
break;
} // END - switch
@@ -223,16 +220,16 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
// Only when user extension = v0.1.2: Update mails-confirmed counter
// @TODO Rewrite these blocks to filter
- if (getExtensionVersion('user') >= '0.1.2') {
+ if (isExtensionInstalledAndNewer('user', '0.1.2')) {
// Update counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
+ array($url_userid), __FILE__, __LINE__);
// Update random confirmed as well?
- if (getExtensionVersion('user') >= '0.3.4') {
+ if (isExtensionInstalledAndNewer('user', '0.3.4')) {
// Update second counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET rand_confirmed=rand_confirmed + 1 WHERE `userid`=%s LIMIT 1",
- array($url_userid), __FILE__, __LINE__);
+ array($url_userid), __FILE__, __LINE__);
} // END - if
} // END - if
@@ -240,13 +237,13 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
insertUserStatsRecord($url_userid, $type, $stats_data);
// Right code entered?
- if (bigintval(postRequestElement('gfx_check')) == $img_code) {
+ if (bigintval(postRequestParameter('gfx_check')) == $img_code) {
// Add points over referal system is the default
$locked = false;
$template = 'mailid_points_done';
// Right code entered add points and remove entry
- if (($ref_pay > 0) && (getConfig('allow_direct_pay') != 'Y')) {
+ if ((getUserData('ref_payout') > 0) && (getConfig('allow_direct_pay') != 'Y')) {
// Don't add points over the referal system
$locked = true;
$template = 'mailid_points_locked';
@@ -259,10 +256,10 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
// Add points
// @TODO Try to rewrite the following unset()
unset($GLOBALS['ref_level']);
- addPointsThroughReferalSystem('mailid_okay', $url_userid, $payment, false, '0', $locked);
+ addPointsThroughReferalSystem('mailid_okay', $url_userid, $payment, false, 0, $locked);
// Shall I add bonus points for "turbo clickers" ?
- if (getExtensionVersion('bonus') >= '0.2.2') {
+ if (isExtensionInstalledAndNewer('bonus', '0.2.2')) {
// Is an active-rallye running and this is not a notification mail?
if ((getConfig('bonus_active') == 'Y') && ($notify != 'Y')) {
// Shall I exclude the webmaster's own userid from the active-rallye?
@@ -288,7 +285,7 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
// Load template
loadTemplate($template, false, $content);
- } else {
+ } elseif ($sender > 0) {
// Wrong image code! So add points to sender's account
addPointsDirectly('mailid_payback', $sender, $payment);
@@ -325,6 +322,9 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
// Load template
loadTemplate($templ, false, $content);
+ } else {
+ // Cannot confirm!
+ debug_report_bug(__FILE__, __LINE__, 'No code given.');
}
break;
@@ -344,37 +344,40 @@ if (($url_userid) > 0 && (($url_mid > 0) || ($url_bid > 0)) && (getTotalFatalErr
break;
default: // Unknown mode
- debug_report_bug('Unknown mode ' . $mode . ' detected.');
+ debug_report_bug(__FILE__, __LINE__, 'Unknown mode ' . $mode . ' detected.');
break;
} // END - switch
} else {
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (6)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (6)
');
$mode = 'failed';
}
} else {
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (5)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (5)
');
$mode = 'failed';
}
} else {
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (4)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (4)
');
$mode = 'failed';
}
} else {
- SQL_FREERESULT($result);
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (3)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (3)
');
$mode = 'failed';
}
} else {
- SQL_FREERESULT($result);
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (2)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (2)
');
$mode = 'failed';
}
+
+ // Free result
+ SQL_FREERESULT($result_mailid);
} else {
- SQL_FREERESULT($result);
- loadTemplate('admin_settings_saved', false, "{--MAIL_ALREADY_CONFIRMED--} (1)
");
+ loadTemplate('admin_settings_saved', false, '{--MAIL_ALREADY_CONFIRMED--} (1)
');
$mode = 'failed';
}
+ // Free result
+ SQL_FREERESULT($result_main);
+
// Insert footer if no image
if ($mode != 'img') {
// Write footer