<?php
include "common/config.php" ;
include "common/database.class.php" ;
include "common/common.class.php" ;


$db = new database() ;
$common = new common() ;


$path = $_SERVER['REQUEST_URI'];
$path = preg_replace("@.*?(/go/.*?)@","$1", $path); 

$var_array = explode("/",$path);


//http://www.mywebsite.com/go/path 				-> protected file downloads
//http://www.mywebsite.com/go/loch 				-> /index.php?ref=loch
//http://www.mywebsite.com/go/loch/home/ 		-> /?ref=loch
//http://www.mywebsite.com/go/loch/product/ 	-> /prod.php?ref=loch&prod=pid
//http://www.mywebsite.com/go/product/			-> /prod.php?prod=pid

$var1 = $var_array[2];  // download or username 
$var2 = $var_array[3];  // empty or home. If home $var1 = username 

if ($var2 == "" && $var1 == "")
	{
    echo "INVALID URL PASSED<br>";
    echo "You much supply the correct variable after /go/.";
    exit;
	}

// download link
if($var1 == "downloads")
	{
	$hash=$_COOKIE["memcookie"];
	$memberid=$common->check_sessiond($hash,$db);
	if($memberid=="")
		{
		$call = $http_path."member/login.php";
		header("Location: ".$call);
		exit;
		}
	if($var2 == "")
		{
		echo "INVALID URL PASSED<br>";
		echo "No filename specified.";
   		exit;
		}
	else
		{
		$q = "select * from ".$prefix."admin_settings";
		$v = $db->get_a_line($q);
		$down = $v[prot_down];
		$downlocation =	$v[downlocation];
		$file = $var2;

		if($downlocation == '0')
			{
			$fullpath = $root_path.$down."/".$file;
			}
		elseif($downlocation == '1')
			{
			$fullpath = $down."/".$file;
			}	
		$downloadstringarray = pathinfo($file);
		$p = $downloadstringarray["basename"];
		if (file_exists($fullpath))
			{
			$file_size = filesize($fullpath);
			//header("Content-type: application/zip");
			// might need the above… left it in here for future possible use -
			// although the line below worked with zips
			header("Content-type: application/octet-stream");
			header("Content-Disposition: attachment; filename=\"$p\"");
			header("Content-Transfer-Encoding: binary");
			header("Content-length: ".(string)($file_size));
			if(strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')){
			// IE cannot download from sessions without a cache
			header('Cache-Control: public');
			}
		readfile($fullpath);
			}
		else
			{
			print "We are sorry, but the requested file could not be found.<br>
			Either the file does not exist or the file name is incorrect.<br>
			Please contact site admin to correct this problem.";
			die();
			}
		}
	}	

if($var2 != "")
	{
	if ($var2 == "jv")
		{
		// JV link
		$member = $var1;

		// check to see if var1 is a member
		$q = "select * from ".$prefix."members where username='$var1'";
		$v = $db->get_a_line($q);
		$member_value = $v[username];
	  
		if($member_value == "")
			{
			//not a member
			echo "Sorry, you supplied an incorrect member value.";
			exit;     
			}
		$call = $http_path."jvsignup.php?ref=$member_value";
		header("Location: ".$call);
		exit;
		}
	else
		{
		// Product link
		$member = $var1;

		// check to see if var1 is a member
		$q = "select * from ".$prefix."members where username='$var1'";
		$v = $db->get_a_line($q);
		$member_value = $v[username];
	  
		if($member_value == "")
			{
			//not a member
			echo "Sorry, you supplied an incorrect member value.";
			exit;     
			}
		// Get product
		$q = "select count(*) as cnt from ".$prefix."products where pshort='$var2'";
		$r = $db->get_a_line($q);
		if($r[cnt] == '0')
			{
			//not a product
			echo "Sorry, you supplied an incorrect product value.";
			exit;     
			}	
		$q = "select * from ".$prefix."products where pshort='$var2'";
    	$v = $db->get_a_line($q);
    	$pid = $v[id];	
		
		$call = $http_path."prods.php?ref=$member&pid=$pid";
    	header("Location: ".$call);
		exit;
		}
	}
	

if ($var2 == "")
	{
	// Member link
	$member = $var1;
	
	// check to see if var1 is a member
	$q = "select * from ".$prefix."members where username='$var1'";
	$v = $db->get_a_line($q);
	$member_value = $v[username];
	$ppemail = $v[paypal_email];
	$member_name = $v[firstname]." ".$v[lastname];
	$member_email= $v[email];
  
	if($member_value == "")
		{
    	//not a member so check if it is a product
		
		$q = "select * from ".$prefix."products where pshort='$var1'";
		$v = $db->get_a_line($q);
		$pid = $v[id];
		if($pid == "")
			{
			echo "Sorry, you supplied an incorrect member or product value.";
			exit;     
			}
			
		// Link is to a product so redirect
		
		// Get product
		$q = "select count(*) as cnt from ".$prefix."products where pshort='$var1'";
		$r = $db->get_a_line($q);
		if($r[cnt] == '0')
			{
			//not a product
			echo "Sorry, you supplied an incorrect product value.";
			exit;     
			}	
		$q = "select * from ".$prefix."products where pshort='$var1'";
    	$v = $db->get_a_line($q);
    	$pid = $v[id];	
		
		$call = $http_path."prods.php?pid=$pid";
    	header("Location: ".$call);
		exit;	
		}
		
	// check to see if member has set there paypal account
	if($ppemail == "")
		{
		$member = "admin";
  	
  		// get site settings for email to member
  		$query = "select * from ".$prefix."site_settings where id='1'";
    	$rst = $db->get_a_line($query);
    	$loginurl = $http_path."member/login.php";
    	$sitename = $rst[sitename];
    
    	//get email settings
    	$qquery = "select webmaster_email from ".$prefix."admin_settings where id='1'";
		$rslt = $db->get_a_line($qquery);
    	@extract($rslt);
    
  		$subject = "Missed Commission at $sitename";
  		$body    = "Hello $member_name
 
You just refered someone to $sitename with your affiliate URL,  
unfortunetly since you do not have your paypal email account updated in your profile, 
you will not get commissions on any sale that may be generated. 
  
Please log into your members area and update your paypal email address. 

Login URL: $loginurl
 
thank you
admin
";
  	
  			$header	.= "From: ".$sitename." <".$webmaster_email.">";
			@mail($member_email,$subject,$message,$header) ;
			}

	$call = $http_path."index.php?ref=$member";
    header("Location: ".$call);
	}


?>