<?php
require('intro.php');

// security check
if(isset($_SESSION['uid'])){
	header("Location: stats.html");
	exit();
}
	
///////////////////////
// invite processing //
///////////////////////

// copy code
$code = val_string('code');
if(strlen($code) != 10)// bad code
	$code = '';

$error='';
// register user
if(val_string('signup') != ''){
	$syntax_ok = true;
	
	// check captcha
	include_once $_SERVER['DOCUMENT_ROOT'] . '/secureimage/securimage.php';
	$securimage = new Securimage();

	if ($securimage->check($_POST['captcha_code']) !== true) {
		$message .= 'Wrong captcha, try again';
		$syntax_ok = false;
		$error = 'captcha';
	}
	// check account, email, icq, top name, login, password syntax
	if($syntax_ok && ((strlen(val_string('login')) > 45) || (strlen(val_string('login')) < 3) || ($_POST['login'] != val_string('login')) )){
		$syntax_ok = false;
		$message .= 'LOGIN syntax error';
		$error = 'login';
	}
	if($syntax_ok && ((strlen(val_string('password')) > 60) || (strlen(val_string('password')) < 3))){
		$syntax_ok = false;
		$message .= 'PASSWORD syntax error';
		$error = 'password';
	}
	if($syntax_ok && (strlen(val_string('account')) > 35)){
		$syntax_ok = false;
		$message .= 'ACCOUNT syntax error';
		$error = 'account';
	}
	if($syntax_ok && ((!filter_var(val_string('email'), FILTER_VALIDATE_EMAIL)) || (strlen(val_string('email')) > 45))){
		$syntax_ok = false;
		$message .= 'EMAIL syntax error';
		$error = 'email';
	}
	if($syntax_ok && (strlen(val_string('icq')) > 40)){
		$syntax_ok = false;
		$message .= 'ICQ syntax error';
		$error = 'icq';
	}
	if($syntax_ok && (strlen(val_string('top_name')) > 45)){
		$syntax_ok = false;
		$message .= 'TOP_NAME syntax error';
		$error = 'top_name';
	}
	if($syntax_ok && (strlen(val_string('code')) != 10)){
		$syntax_ok = false;
		$message .= 'INVITE CODE syntax error';
		$error = 'code';
	}
	
	// check code
	$invite_id = -1;
	$main_subacc_id = -1;
	$tarif_id = -1;
	$comments = '';




	if($syntax_ok){
		$sql_q = mysql_query('select id, main_subacc_id, comments, tarif_id from invites where LOWER(code) = LOWER("'.val_string('code').'") and date_used is null' );
		$sql_r = mysql_fetch_array($sql_q);
		if(!$sql_r['id']){
			$message .= 'Wrong invite code';
			$syntax_ok = false;
			$error = 'code';
		}else{
			$invite_id = $sql_r['id'];
			$main_subacc_id = $sql_r['main_subacc_id'];
			$tarif_id = $sql_r['tarif_id'];
			if($sql_r['comments'])
				$comments = $sql_r['comments'];
		}
	}
	
	// check uniq login
	if($syntax_ok){
		$sql_q = mysql_query('select count(*) from users where LOWER(login) = LOWER("'.val_string('login').'")' );
		$sql_r = mysql_fetch_array($sql_q);
		if($sql_r[0] > 0){
			$message .= 'Login exists';
			$syntax_ok = false;
			$error = 'login';
		}
	}
	
	// insert user, update invite, link subacc, generate payments
	if($syntax_ok && ($invite_id > 0)){
		$sql_q = mysql_query('insert into users(login, password, account, email, icq, date_reg, payd, to_pay, total_earned, today_earned, tarif_id, top_name, comments, blocked)
		 values("'.val_string('login').'", "'.hash('whirlpool', $salt.val_string('password')).'", "'.val_string('account').'", "'.val_string('email').'", "'.val_string('icq').'", now(), 0, 0, 0, 0, '.$tarif_id.', "'.val_string('top_name').'", "'.$comments.'", 0)');
		$sql_count = mysql_affected_rows();
		if($sql_count == 1){
			$user_id = mysql_insert_id();
			mysql_query("update invites set date_used=now() where id=$invite_id");
			mysql_query("update sub_accs set user_id = $user_id where id=$main_subacc_id");
			// generate payments
			// select periods
			$pdates = array();

			$sql_q = mysql_query('select distinct start_date, end_date FROM transactions order by start_date');
			while ($row = mysql_fetch_array($sql_q)) {
				$period = array();
				$period['start_date'] = $row['start_date'];
				$period['end_date'] = $row['end_date'];
				$pdates[] = $period;
			}
			
			// for every period generate dates
			foreach ($pdates as $pdate) {
				$earned = 0;
				$sql_q = mysql_query('SELECT sum(round(stats_raw.`sum` * stats_raw.k, 2)) as `sum`
				FROM stats_raw, sub_accs
				where stats_raw.subacc_id = sub_accs.id
				and sub_accs.user_id = '.$user_id.' 
				and stats_raw.date >="'.$pdate['start_date'].'" 
				and stats_raw.date <="'.$pdate['end_date'].'" union all select 0');
				$sql_r = mysql_fetch_array($sql_q);
				$earned += $sql_r['sum'];
				
				if(($earned != '0.00') && (!($earned <= 0)))
				mysql_query("insert into transactions(user_id, created, summ, payd, cutoff_id, start_date, end_date, `explain`, pcomment, dcomment, account) ".
					" values(".$user_id.", now(), '$earned', 0, 0, '${pdate['start_date']}', '${pdate['end_date']}', '{earned: $earned}', '', '', '".val_string('account')."')");
	
			}
				
		
			
			$_SESSION['reg'] = 1;
			header("Location: /index.html");
			exit();
		}
	}
}
	
$smarty = new Smarty();

// calc sid for captcha
$sid = md5('asdoiu'.uniqid(time()));
$smarty->assign('sid', $sid);

// save inputs
$smarty->assign('login', val_string('login'));
$smarty->assign('account', val_string('account'));
$smarty->assign('email', val_string('email'));
$smarty->assign('icq', val_string('icq'));
$smarty->assign('code', val_string('code'));
$smarty->assign('top_name', val_string('top_name'));
$smarty->assign('message', $message);
$smarty->assign('error', $error);

if($lang == 'ru')
	$smarty->display('invite.tpl');
else
	$smarty->display('einvite.tpl');