X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=mailid_top.php;h=2f14d1ef1b44c18f2fd354bfd62b72dda23560a8;hp=b88616de73d9260a7cfacbda1ad7d02c96937989;hb=1ecddafcb3c6ee030251d8c7ad28ac4b9d250133;hpb=e1cf98e08d4d92edf492396b82c67efa97a0ece8 diff --git a/mailid_top.php b/mailid_top.php index b88616de73..2f14d1ef1b 100644 --- a/mailid_top.php +++ b/mailid_top.php @@ -19,7 +19,7 @@ * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * * Copyright (c) 2009 - 2011 by Mailer Developer Team * - * For more information visit: http://www.mxchange.org * + * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -68,11 +68,11 @@ $code = '0'; $mode = ''; // Secure all data -if (isGetRequestParameterSet('userid')) $userId = bigintval(getRequestParameter('userid')); -if (isGetRequestParameterSet('mailid')) $mailId = bigintval(getRequestParameter('mailid')); -if (isGetRequestParameterSet('bonusid')) $bonusId = bigintval(getRequestParameter('bonusid')); -if (isGetRequestParameterSet('code')) $code = bigintval(getRequestParameter('code')); -if (isGetRequestParameterSet('mode')) $mode = getRequestParameter('mode'); +if (isGetRequestElementSet('userid')) $userId = bigintval(getRequestElement('userid')); +if (isGetRequestElementSet('mailid')) $mailId = bigintval(getRequestElement('mailid')); +if (isGetRequestElementSet('bonusid')) $bonusId = bigintval(getRequestElement('bonusid')); +if (isGetRequestElementSet('code')) $code = bigintval(getRequestElement('code')); +if (isGetRequestElementSet('mode')) $mode = getRequestElement('mode'); // 01 2 21 12 2 2 21 1 2210 if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalErrorsDetected())) { @@ -84,12 +84,12 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr // Maybe he wants to confirm an email? if ($mailId > 0) { - $result_main = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1", + $result_main = SQL_QUERY_ESC("SELECT `id`,`link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `stats_id`=%s AND `userid`=%s LIMIT 1", array($mailId, $userId), __FILE__, __LINE__); $type = 'mailid'; $urlId = $mailId; } elseif ($bonusId > 0) { - $result_main = SQL_QUERY_ESC("SELECT `id`, `link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1", + $result_main = SQL_QUERY_ESC("SELECT `id`,`link_type` FROM `{?_MYSQL_PREFIX?}_user_links` WHERE `bonus_id`=%s AND `userid`=%s LIMIT 1", array($bonusId, $userId), __FILE__, __LINE__); $type = 'bonusid'; $urlId = $bonusId; @@ -105,12 +105,12 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr // @TODO Rewrite this to a filter switch ($ltype) { case 'NORMAL': - $result_mailid = SQL_QUERY_ESC("SELECT `pool_id`, `userid`, `id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1", + $result_mailid = SQL_QUERY_ESC("SELECT `pool_id`,`userid`,`id` FROM `{?_MYSQL_PREFIX?}_user_stats` WHERE `id`=%s LIMIT 1", array($mailId), __FILE__, __LINE__); break; case 'BONUS': - $result_mailid = SQL_QUERY_ESC("SELECT `id`, `id`, `is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1", + $result_mailid = SQL_QUERY_ESC("SELECT `id`,`id`,`is_notify` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1", array($bonusId), __FILE__, __LINE__); break; @@ -125,10 +125,14 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr list($pool, $sender, $notify) = SQL_FETCHROW($result_mailid); // Correct notification switch in non-bonus mails - if (($notify != 'Y') && ($notify != 'N')) $notify = 'N'; + if (($notify != 'Y') && ($notify != 'N')) { + $notify = 'N'; + } // END - if // Set sender to 0 when we have a bonus mail - if ($ltype == 'BONUS') $sender = '0'; + if ($ltype == 'BONUS') { + $sender = '0'; + } // END - if // Is the user id valid? if (fetchUserData($userId) === true) { @@ -154,7 +158,7 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr break; case 'BONUS': - $result = SQL_QUERY_ESC("SELECT `time`, `points` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `time`,`points` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`=%s LIMIT 1", array(bigintval($pool)), __FILE__, __LINE__); // Entry found? @@ -176,10 +180,10 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr if ($isValid === true) { if (($time == '0') && ($payment > 0)) $time = 1; if (($time > 0) && ($payment > 0)) { - $img_code = '0'; + $realCode = '0'; if (!empty($code)) { - // Generate code - $img_code = generateRandomCode(getCodeLength(), $code, $userId, $urlId); + // Generate code (the user sees in the CAPTCHA) + $realCode = generateRandomCode(getCodeLength(), $code, $userId, $urlId); } // END - if // @TODO Rewrite this to a filter @@ -227,7 +231,7 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr // @TODO Rewrite these blocks to filter if (isExtensionInstalledAndNewer('user', '0.1.2')) { // Update counter - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET mails_confirmed=mails_confirmed + 1 WHERE `userid`=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `mails_confirmed`=`mails_confirmed`+1 WHERE `userid`=%s LIMIT 1", array($userId), __FILE__, __LINE__); // Update random confirmed as well? @@ -242,7 +246,7 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr insertUserStatsRecord($userId, $type, $stats_data); // Right code entered? - if (bigintval(postRequestParameter('gfx_check')) == $img_code) { + if (bigintval(postRequestElement('gfx_check')) == $realCode) { // Set HTTP status to okay setHttpStatus('200 OK'); @@ -298,10 +302,20 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr loadTemplate($template, false, $content); } elseif (isValidUserId($sender)) { // Wrong image code! So add points to sender's account + initReferalSystem(); addPointsThroughReferalSystem('mailid_payback', $sender, $payment); + // Add payment points + $content['points'] = $payment; + // Load template loadTemplate('mailid_points_failed', false, $content); + } else { + // Add payment points (again) + $content['points'] = $payment; + + // Load template + loadTemplate('mailid_points_failed2', false, $content); } // Remove link from table @@ -310,7 +324,7 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr break; case 'img': - generateImageOrCode($img_code); + generateImageOrCode($realCode); break; case 'confirm': @@ -323,11 +337,11 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr $content['banner'] = loadTemplate('mailid_banner', true); if (getCodeLength() > 0) { // Generate Code - $content['image'] = generateCaptchaCode($code, $type, $urlId, $userId); + $content['image'] = generateCaptchaCode($realCode, $type, $urlId, $userId); $templ = 'mailid_enter_code'; } else { // Disabled code - $content['gfx'] = $img_code; + $content['gfx'] = $realCode; $templ = 'mailid_confirm_buttom'; }