X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=ref.php;h=4b34282a65e9fbc606c9057b698d6618fd81e609;hp=f4ee90afee8d6cefa90a7ad64d979a1c73c643f5;hb=2e68ea39a430a7217e58747b877acaa3e92ea997;hpb=75ad748a68473ace540251427a74fb781b1145e9 diff --git a/ref.php b/ref.php index f4ee90afee..4b34282a65 100644 --- a/ref.php +++ b/ref.php @@ -6,9 +6,9 @@ * -------------------------------------------------------------------- * * File : ref.php * * -------------------------------------------------------------------- * - * Short description : Redirection for the referral link * + * Short description : Redirection for the referal link * * -------------------------------------------------------------------- * - * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links * + * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links * * -------------------------------------------------------------------- * * * * -------------------------------------------------------------------- * @@ -37,20 +37,17 @@ require_once("inc/libs/security_functions.php"); // Init "action" and "what" global $what, $action; $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; -if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']); -if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']); // Set module $GLOBALS['module'] = "ref"; $CSS = -1; // Load the required file(s) -require ("inc/config.php"); +require("inc/config.php"); // Redirect only to registration page when this script is installed -if (defined('mxchange_installed') && (mxchange_installed)) -{ +if (isBooleanConstantAndTrue('mxchange_installed')) { // Base URL for redirection - switch ($CONFIG['refid_target']) + switch (getConfig('refid_target')) { case "register": $URL = URL."/modules.php?module=index&what=register&refid="; @@ -61,44 +58,54 @@ if (defined('mxchange_installed') && (mxchange_installed)) break; } - // Get referral ID from ref or refid variable - if (!empty($_GET['ref'])) $ref = strip_tags(htmlentities($_GET['ref'])); - elseif (!empty($_GET['refid'])) $ref = bigintval($_GET['refid']); + // Get referal ID from ref or refid variable + if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']); + elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']); + + if (!empty($ref)) { + // Test if nickname or numeric id + if ($ref != "".($ref + 0)."") { + if (EXT_IS_ACTIVE("nickname")) { + // Nickname in URL, so load the ID + $result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE nickname='%s' LIMIT 1", + array($ref), __FILE__, __LINE__); + + // Load userid + list($ref) = SQL_FETCHROW($result); + + // Free result + SQL_FREERESULT($result); + } else { + // Invalid request! + $ref = 0; + } + } // END - if - if (!empty($ref)) - { - // Test if nickname ($test == "0") or ID - $test = "".round($ref).""; - if ((EXT_IS_ACTIVE("nickname")) && ($test != $ref)) - { - // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", array($ref), __FILE__, __LINE__); - list($ref) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } // Also edit this 0 ! - if (empty($ref)) $ref = "0"; + if (empty($ref)) $ref = 0; + + // Update session + set_session('refid', $ref); // We have an refid here. So we simply add it $URL .= bigintval($ref); - // Update ref counter - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%d LIMIT 1", - array(bigintval($ref)), __FILE__, __LINE__); - } - else - { + // Is the refid valid? + if ($ref > 0) { + // Update ref counter + SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1", + array(bigintval($ref)), __FILE__, __LINE__); + } // END - if + } else { // No refid and we add our refid (don't forget to set $def_refid!) $URL = URL."/index.php"; } + // Load the URL LOAD_URL($URL); - // Redirection should be done here -} - else -{ +} else { // You have to configure first! - LOAD_URL(URL."/install.php"); + LOAD_URL("install.php"); } // Really all done here... ;-)