X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=ref.php;h=dbbff4b257a41a5bf132fc18bb861edfa7f30d43;hp=f4ee90afee8d6cefa90a7ad64d979a1c73c643f5;hb=ae51687a0bf708aeca3d68263320804ae0dd42ef;hpb=75ad748a68473ace540251427a74fb781b1145e9 diff --git a/ref.php b/ref.php index f4ee90afee..dbbff4b257 100644 --- a/ref.php +++ b/ref.php @@ -37,8 +37,6 @@ require_once("inc/libs/security_functions.php"); // Init "action" and "what" global $what, $action; $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; -if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']); -if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']); // Set module $GLOBALS['module'] = "ref"; $CSS = -1; @@ -47,10 +45,9 @@ $GLOBALS['module'] = "ref"; $CSS = -1; require ("inc/config.php"); // Redirect only to registration page when this script is installed -if (defined('mxchange_installed') && (mxchange_installed)) -{ +if (defined('mxchange_installed') && (isBooleanConstantAndTrue('mxchange_installed'))) { // Base URL for redirection - switch ($CONFIG['refid_target']) + switch ($_CONFIG['refid_target']) { case "register": $URL = URL."/modules.php?module=index&what=register&refid="; @@ -62,43 +59,38 @@ if (defined('mxchange_installed') && (mxchange_installed)) } // Get referral ID from ref or refid variable - if (!empty($_GET['ref'])) $ref = strip_tags(htmlentities($_GET['ref'])); - elseif (!empty($_GET['refid'])) $ref = bigintval($_GET['refid']); + if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']); + elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']); - if (!empty($ref)) - { - // Test if nickname ($test == "0") or ID - $test = "".round($ref).""; - if ((EXT_IS_ACTIVE("nickname")) && ($test != $ref)) - { + if (!empty($ref)) { + // Test if nickname or numeric id + if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) { // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", array($ref), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", + array($ref), __FILE__, __LINE__); list($ref) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } + } // END - if + // Also edit this 0 ! - if (empty($ref)) $ref = "0"; + if (empty($ref)) $ref = 0; // We have an refid here. So we simply add it $URL .= bigintval($ref); // Update ref counter - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%d LIMIT 1", - array(bigintval($ref)), __FILE__, __LINE__); - } - else - { + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET ref_clicks=ref_clicks+1 WHERE userid=%s LIMIT 1", + array(bigintval($ref)), __FILE__, __LINE__); + } else { // No refid and we add our refid (don't forget to set $def_refid!) $URL = URL."/index.php"; } + // Load the URL LOAD_URL($URL); - // Redirection should be done here -} - else -{ +} else { // You have to configure first! - LOAD_URL(URL."/install.php"); + LOAD_URL("install.php"); } // Really all done here... ;-)