2 /************************************************************************
3 * MXChange v0.2.1 Start: 10/19/2003 *
4 * =============== Last change: 08/26/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-order.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Order mails here *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Hier koennen Ihre Mitglieder Mails buchen *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if (!defined('__SECURITY')) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
43 } elseif (!IS_MEMBER()) {
44 redirectToUrl('modules.php?module=index');
45 } elseif ((!EXT_IS_ACTIVE('order')) && (!IS_ADMIN())) {
46 addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('order'));
50 // Add description as navigation point
51 ADD_DESCR('member', __FILE__);
54 $whereStatement = " WHERE `visible`='Y'";
56 // Set undefined array elements
57 if (!REQUEST_ISSET_GET('msg')) REQUEST_SET_GET('msg' , '');
58 if (!REQUEST_ISSET_POST('zip')) REQUEST_SET_POST('zip' , '');
59 if (!REQUEST_ISSET_POST('html')) REQUEST_SET_POST('html' , '');
60 if (!REQUEST_ISSET_POST('receiver')) REQUEST_SET_POST('receiver', '');
61 if (IS_ADMIN()) $whereStatement = '';
63 // Minimum mails / order
64 define('__MIN_VALUE', getConfig('order_min'));
66 // Count unconfirmed mails
67 $links = GET_TOTAL_DATA(getUserId(), "user_links", 'id', 'userid', true);
69 // Does the user has more than 0 mails per day set?
71 if (GET_EXT_VERSION('holiday') >= '0.1.3') {
72 // Fetch also holiday activation data
73 $HOLIDAY = "holiday_active";
76 $result_mmails = SQL_QUERY_ESC("SELECT userid, receive_mails, mail_orders, ".$HOLIDAY."
77 FROM `{!_MYSQL_PREFIX!}_user_data`
78 WHERE userid=%s AND max_mails > 0 LIMIT 1",
79 array(getUserId()), __FILE__, __LINE__);
81 $mmails = SQL_NUMROWS($result_mmails);
82 list($DMY, $MAXI, $ORDERS, $HOLIDAY) = SQL_FETCHROW($result_mmails);
83 SQL_FREERESULT($result_mmails);
84 if ($HOLIDAY == $DMY) $HOLIDAY='N';
86 $ALLOWED = $MAXI - $ORDERS;
87 if (getConfig('order_max_full') == 'MAX') $ALLOWED = $MAXI;
89 // Now check his points amount
90 $total = GET_TOTAL_DATA(getUserId(), 'user_points', 'points') - GET_TOTAL_DATA(getUserId(), 'user_data', 'used_points');;
92 if (($HOLIDAY == 'Y') && (GET_EXT_VERSION('holiday') >= '0.1.3')) {
94 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('HOLIDAY_ORDER_NOT_POSSIBLE'));
95 } elseif ((REQUEST_ISSET_POST(('frametester'))) && ($ALLOWED > 0) && (REQUEST_POST('receiver') > 0)) {
96 // Continue with the frametester, we first need to store the data temporary in the pool
98 // First we would like to store the data and get it's pool position back...
99 $result = SQL_QUERY_ESC("SELECT `id`, `data_type`
101 `{!_MYSQL_PREFIX!}_pool`
103 `sender`=%s AND `url`='%s' AND `timestamp` > (UNIX_TIMESTAMP() - %s)
108 getConfig('url_tlock')
109 ), __FILE__, __LINE__);
111 $type = 'TEMP'; $id = 0;
112 if (SQL_NUMROWS($result) == 1) {
113 // Load id and mail type
114 list($id, $type) = SQL_FETCHROW($result);
118 SQL_FREERESULT($result);
120 if ($type == 'TEMP') {
121 // No entry found, so we need to check out the stats table as well... :)
122 // We have to add that suff here, now we continue WITHOUT checking and check the text and subject against some filters
124 if (getConfig('test_text') == 'Y') {
125 // Test submitted text against some filters (length, URLs in text etc.)
126 if ((strpos(strtolower(REQUEST_POST('text')), "https://") > -1) || (strpos(strtolower(REQUEST_POST('text')), 'http://') > -1) || (strpos(strtolower(REQUEST_POST('text')), "www") > -1)) {
128 $URL = 'modules.php?module=login&what=order&msg=' . getCode('URL_FOUND');
131 // Remove new-line and carriage-return characters
132 $TEST = str_replace("\n", '', str_replace("\r", '', REQUEST_POST('text')));
134 // Text length within allowed length?
135 if (strlen($TEST) > getConfig('max_tlength')) {
137 $URL = 'modules.php?module=login&what=order&msg=' . getCode('OVERLENGTH');
141 // Shall I test the subject line against URLs?
142 if (getConfig('test_subj') == 'Y') {
143 // Check the subject line for issues
144 REQUEST_SET_POST('subject', str_replace("\\", '[nl]', substr(REQUEST_POST('subject'), 0, 200)));
145 if ((strpos(strtolower(REQUEST_POST('subject')), 'http://') > -1) || (strpos(strtolower(REQUEST_POST('subject')), "www") > -1)) {
146 // URL in subject found
147 $URL = 'modules.php?module=login&what=order&msg=' . getCode('SUBJ_URL');
151 // And shall I check that his URL is not in the black list?
152 if (getConfig('url_blacklist') == 'Y') {
153 // Ok, I do that for you know...
154 $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`timestamp`) AS tstamp FROM `{!_MYSQL_PREFIX!}_url_blacklist` WHERE `url`='%s' LIMIT 1",
155 array(REQUEST_POST('url')), __FILE__, __LINE__);
157 if (SQL_NUMROWS($result) == 1) {
158 // Jupp, we got one listed
159 list($blist) = SQL_FETCHROW($result);
161 // Create redirect-URL
162 $URL = 'modules.php?module=login&what=order&msg=' . getCode('BLIST_URL') . '&blist=' . $blist;
166 SQL_FREERESULT($result);
169 // Enougth receivers entered?
170 if ((REQUEST_POST('receiver') < getConfig('order_min')) && (!IS_ADMIN())) {
171 // Less than allowed receivers entered!
172 $URL = 'modules.php?module=login&what=order&msg=' . getCode('MORE_RECEIVERS3');
176 if (!isUrlValid(REQUEST_POST('url'))) {
178 $URL = 'modules.php?module=login&what=order&msg=' . getCode('INVALID_URL');
181 // Probe for HTML extension
182 if (EXT_IS_ACTIVE('html_mail')) {
183 // HTML or regular text mail?
184 if (REQUEST_POST('html') == 'Y') {
185 // Chek for valid HTML tags
186 REQUEST_SET_POST('text', HTML_CHECK_TAGS(REQUEST_POST('text')));
188 // Maybe invalid tags found?
189 if (!REQUEST_ISSET_POST('text')) $URL = 'modules.php?module=login&what=order&msg=' . getCode('INVALID_TAGS')."&id=".$id;
191 // Remove any HTML code
192 REQUEST_SET_POST('text', str_replace('<', '{OPEN_HTML}', str_replace('>', '{CLOSE_HTML}', REQUEST_POST('text'))));
195 } elseif (!IS_ADMIN()) {
196 // He has already sent a mail within a specific time
197 $URL = 'modules.php?module=login&what=order&msg=' . getCode('URL_TLOCK') . '&id=' . $id;
202 // Check if category and number of receivers is okay
204 if ((getConfig('order_multi_page') == 'Y') && (REQUEST_ISSET_POST('zip'))) {
205 // Choose recipients by ZIP code
206 $add = " AND d.zip LIKE '".bigintval(REQUEST_POST('zip'))."{PER}'";
210 $result = SQL_QUERY_ESC("SELECT
213 `{!_MYSQL_PREFIX!}_user_cats` AS c
215 `{!_MYSQL_PREFIX!}_user_data` AS d
219 c.cat_id=%s AND c.userid != '%s' AND d.`status`='CONFIRMED' AND d.receive_mails > 0".$add."
223 bigintval(REQUEST_POST('cat')),
225 getConfig('order_select'),
226 getConfig('order_mode'),
227 ), __FILE__, __LINE__);
229 // Do we enougth receivers left?
230 if (SQL_NUMROWS($result) >= REQUEST_POST('receiver')) {
231 // Check for holiday extensions
233 if (GET_EXT_VERSION('holiday') >= '0.1.3') {
234 // Include checking for users in holiday
238 // Load receivers from database
239 $TEST = array(); $cnt = 0;
240 while ($content = SQL_FETCHARRAY($result)) {
242 // Check for his holiday status
243 $result_holiday = SQL_QUERY_ESC("SELECT
246 `{!_MYSQL_PREFIX!}_user_holidays`
248 `userid`=%s AND `holiday_start` < UNIX_TIMESTAMP() AND `holiday_end` > UNIX_TIMESTAMP()
250 array(bigintval($content['userid'])), __FILE__, __LINE__);
251 if (SQL_NUMROWS($result_holiday) == 1) $content['userid'] = 0; // Exclude user who are in holiday
254 SQL_FREERESULT($result_holiday);
257 if ($content['userid'] > 0) {
259 $TEST[] = $content['userid'];
265 SQL_FREERESULT($result);
267 // Implode array into string for the sending pool
268 $RECEIVER = implode($TEST, ';');
270 // Count array for maximum sent
271 $MAX_SEND = count($TEST);
273 // Update receiver list
274 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `receive_mails`=`receive_mails`-1 WHERE `userid` IN (%s) LIMIT %s",
275 array(str_replace(';', ", ", $RECEIVER), $MAX_SEND), __FILE__, __LINE__);
277 // Is calculated max receivers larger than wanted receivers then reset it
278 if ($MAX_SEND > REQUEST_POST('receiver')) $MAX_SEND = REQUEST_POST('receiver');
280 // Calculate used points
281 $USED = $MAX_SEND * getPaymentPoints(bigintval(REQUEST_POST('type')));
283 // Fix empty zip code
284 if (!REQUEST_ISSET_POST('zip')) REQUEST_SET_POST('zip', '0');
286 // Check if he has enougth points for this order and selected more than 0 receivers
287 if (($USED > 0) && ($USED <= $total) && ($MAX_SEND > 0)) {
288 // Gettings points is okay, so we can add $USED later from
290 if (($id == '0') || ($type != 'TEMP')) {
293 if (EXT_IS_ACTIVE('html_mail')) {
294 // HTML extension is active
295 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`, `html_msg`)
296 VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s','%s')",
299 REQUEST_POST('subject'),
300 REQUEST_POST('text'),
302 bigintval(REQUEST_POST('type')),
305 bigintval(REQUEST_POST('cat')),
307 bigintval(REQUEST_POST('zip')),
309 ), __FILE__, __LINE__);
311 // No HTML extension is active
312 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`)
313 VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s')",
316 REQUEST_POST('subject'),
317 REQUEST_POST('text'),
319 bigintval(REQUEST_POST('type')),
322 bigintval(REQUEST_POST('cat')),
324 bigintval(REQUEST_POST('zip')),
325 ), __FILE__, __LINE__);
328 // Change current order
329 if (EXT_IS_ACTIVE('html_mail')) {
330 // HTML extension is active
331 SQL_QUERY_ESC("UPDATE
332 `{!_MYSQL_PREFIX!}_pool`
338 `timestamp`=UNIX_TIMESTAMP(),
348 REQUEST_POST('subject'),
349 REQUEST_POST('text'),
351 bigintval(REQUEST_POST('type')),
353 bigintval(REQUEST_POST('cat')),
355 bigintval(REQUEST_POST('zip')),
356 REQUEST_POST('html'),
358 ), __FILE__, __LINE__);
360 // No HTML extension is active
361 SQL_QUERY_ESC("UPDATE
362 `{!_MYSQL_PREFIX!}_pool`
368 `timestamp`=UNIX_TIMESTAMP(),
377 REQUEST_POST('subject'),
378 REQUEST_POST('text'),
380 bigintval(REQUEST_POST('type')),
382 bigintval(REQUEST_POST('cat')),
384 bigintval(REQUEST_POST('zip')),
386 ), __FILE__, __LINE__);
390 // Do we need to get the ID number?
392 // Order is placed as temporary. We need to get it's id for the frametester
393 $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_pool` WHERE `sender`=%s AND `subject`='%s' AND `payment_id`=%s AND `data_type`='TEMP' AND `timestamp`=%s LIMIT 1",
396 REQUEST_POST('subject'),
397 bigintval(REQUEST_POST('type')),
399 ), __FILE__, __LINE__);
401 list($id) = SQL_FETCHROW($result);
402 SQL_FREERESULT($result);
405 // ID is received so we can redirect the user, used points will be added when he send's out the mail
406 $URL = 'modules.php?module=frametester&order=' . $id;
407 } elseif ($MAX_SEND == 0) {
408 // Not enougth receivers found which can receive mails
409 $URL = 'modules.php?module=login&what=order&msg=' . getCode('MORE_RECEIVERS2');
411 // No enougth points left!
412 $URL = 'modules.php?module=login&what=order&msg=' . getCode('MORE_POINTS');
415 // Ordered more mails than he can send in this category
416 $URL = 'modules.php?module=login&what=order&msg=' . getCode('NO_RECS_LEFT');
419 } elseif (REQUEST_POST('receiver') == '0') {
420 // Not enougth receivers selected
421 $URL = 'modules.php?module=login&what=order&msg=' . getCode('MORE_RECEIVERS1');
422 } elseif (($ALLOWED == 0) && (getConfig('order_max_full') == 'ORDER')) {
423 // No more mail orders allowed
424 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_ORDER_ALLOWED_EXHAUSTED'));
425 } elseif (($links < getConfig('unconfirmed')) && ($mmails == '1')) {
426 // Display order form
427 $result_cats = SQL_QUERY("SELECT
430 `{!_MYSQL_PREFIX!}_cats`
433 `sort` ASC", __FILE__, __LINE__);
434 if (SQL_NUMROWS($result_cats) > 0) {
436 // Initialize array...
443 // Enable HTML checking
444 // @TODO Rewrite this to a filter
445 $HTML = ''; $HOLIDAY = false; $HOL_STRING = '';
446 if ((EXT_IS_ACTIVE('html_mail')) && (REQUEST_POST('html') == 'Y')) $HTML = " AND `html`='Y'";
447 if (GET_EXT_VERSION('holiday') >= '0.1.3') {
448 // Extension's version is fine
449 $HOLIDAY = true; $HOL_STRING = " AND `holiday_active`='N'";
452 // ... and begin loading stuff
453 while ($content = SQL_FETCHARRAY($result_cats)) {
454 $CATS['id'][] = bigintval($content['id']);
455 $CATS['name'][] = $content['cat'];
457 // Select users in current category
458 $result_uids = SQL_QUERY_ESC("SELECT `userid` FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE `cat_id`=%s AND `userid` != '%s' ORDER BY `userid` ASC",
459 array(bigintval($content['id']), getUserId()), __FILE__, __LINE__);
462 while (list($ucat) = SQL_FETCHROW($result_uids)) {
463 // Check for holiday system
466 // Check user's holiday status
467 $result_holiday = SQL_QUERY_ESC("SELECT
468 d.userid FROM `{!_MYSQL_PREFIX!}_user_data` AS d
470 `{!_MYSQL_PREFIX!}_user_holidays` AS h
474 d.userid=%s AND d.receive_mails > 0 AND d.`status`='CONFIRMED' AND d.`holiday_active`='Y' AND
475 h.holiday_start < UNIX_TIMESTAMP() AND h.holiday_end > UNIX_TIMESTAMP()
477 array(bigintval($ucat)), __FILE__, __LINE__);
478 if (SQL_NUMROWS($result_holiday) == 1) {
479 // Holiday is active!
484 SQL_FREERESULT($result_holiday);
488 // Check if the user want's to receive mails?
489 $result_ver = SQL_QUERY_ESC("SELECT `zip` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s".$HTML." AND `receive_mails` > 0 AND `status`='CONFIRMED' LIMIT 1",
490 array(bigintval($ucat)), __FILE__, __LINE__);
492 if ((SQL_NUMROWS($result_ver) == 1) && (REQUEST_ISSET_POST('zip')) && (getConfig('order_multi_page') == 'Y')) {
493 list($zip) = SQL_FETCHROW($result_ver);
494 SQL_FREERESULT($result_ver);
495 if (substr($zip, 0, strlen(REQUEST_POST('zip'))) == REQUEST_POST('zip')) {
496 // Ok, ZIP part is found
501 $uid_cnt += SQL_NUMROWS($result_ver);
507 SQL_FREERESULT($result_uids);
508 $CATS['uids'][] = $uid_cnt;
512 SQL_FREERESULT($result_cats);
514 // Now we need to load the mail types...
515 $result = SQL_QUERY("SELECT `id`, `price`, `payment`, `mail_title` FROM `{!_MYSQL_PREFIX!}_payments` ORDER BY `payment` ASC", __FILE__, __LINE__);
518 if (SQL_NUMROWS($result) > 0) {
519 // Check for message ID in URL
521 switch (REQUEST_GET('msg')) {
522 case getCode('URL_TLOCK'):
523 $result = SQL_QUERY_ESC("SELECT timestamp FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s LIMIT 1",
524 array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
526 // Load timestamp from last order
527 list($LORDER) = SQL_FETCHROW($result);
528 $LORDER = generateDateTime($LORDER, '1');
531 SQL_FREERESULT($result);
533 // Calculate hours...
534 $STD = round(getConfig('url_tlock') / 60 / 60);
537 $MIN = round((getConfig('url_tlock') - $STD * 60 * 60) / 60);
540 $SEC = getConfig('url_tlock') - $STD * 60 * 60 - $MIN * 60;
542 // Finally contruct the message
543 // @TODO Rewrite this old lost code to a template
544 $message = "{--MEMBER_URL_TIME_LOCK--}<br />{--CONFIG_URL_TLOCK--} ".$STD."
545 {--_HOURS--}, ".$MIN." {--_MINUTES--} {--_AND--} ".$SEC." {--_SECONDS--}<br />
546 {--MEMBER_LAST_TLOCK--}: ".$LORDER;
549 case getCode('OVERLENGTH'):
550 $message = getMessage('MEMBER_TEXT_OVERLENGTH');
553 case getCode('URL_FOUND'):
554 $message = getMessage('MEMBER_TEXT_CONTAINS_URL');
557 case getCode('SUBJ_URL'):
558 $message = getMessage('MEMBER_SUBJ_CONTAINS_URL');
561 case getCode('BLIST_URL'):
562 $message = "{--MEMBER_URL_BLACK_LISTED--}<br />\n{--MEMBER_BLIST_TIME--}: ".generateDateTime(REQUEST_GET('blist'), '0');
565 case getCode('NO_RECS_LEFT'):
566 $message = getMessage('MEMBER_SELECTED_MORE_RECS');
569 case getCode('INVALID_TAGS'):
570 $message = getMessage('MEMBER_HTML_INVALID_TAGS');
573 case getCode('MORE_POINTS'):
574 $message = getMessage('MEMBER_MORE_POINTS_NEEDED');
577 case getCode('MORE_RECEIVERS1'):
578 $message = getMessage('MEMBER_ENTER_MORE_RECEIVERS');
581 case getCode('MORE_RECEIVERS2'):
582 $message = getMessage('MEMBER_NO_MORE_RECEIVERS_FOUND');
585 case getCode('MORE_RECEIVERS3'):
586 $message = sprintf(getMessage('MEMBER_ENTER_MORE_MIN_RECEIVERS'), getConfig('order_min'));
589 case getCode('INVALID_URL'):
590 $message = getMessage('MEMBER_ENTER_INVALID_URL');
593 case '': // When no error code is included in the URL we do not need to output an error message as well...
597 DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown error code %s detected.", REQUEST_GET('msg')));
598 $message = sprintf(getMessage('UNKNOWN_CODE'), REQUEST_GET('msg'));
602 if (!empty($message)) {
603 // We got system message so we drop it out to the user
604 LOAD_TEMPLATE('admin_settings_saved', false, $message);
607 // Load all email types...
608 while ($typeS[] = SQL_FETCHROW($result)) {
609 // Nothing to do here... ;-)
613 SQL_FREERESULT($result);
615 // Output user's points
616 $total = translateComma($total);
618 // Check how many mail orders he has placed today and how many he's allowed to send
619 switch (getConfig('order_max_full')) {
620 case 'MAX': // He is allowed to send as much as possible
621 define('ORDER_MAX_VALUE', getMessage('MEMBER_ORDER_ALLOWED_MAX'));
624 case 'ORDER': // He is allowed to send as much as he setup the receiving value
625 define('ORDER_MAX_VALUE', sprintf(getMessage('MEMBER_ORDER_ALLOWED_RECEIVE'), $ALLOWED, $MAXI));
628 default: // Unknown/invalid
629 DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown order_mas_full config detected.", getConfig('order_max_full')));
630 define('ORDER_MAX_VALUE', getMessage('MEMBER_ORDER_ALLOWED_UNKNOWN'));
634 // Load final template
635 LOAD_TEMPLATE('member_order_points', false, $total);
638 $OLD_ORDER = false; $subject = ''; $text = ''; $target = '';
640 // Check if we already have an order placed and make it editable
641 $result = SQL_QUERY_ESC("SELECT
642 `subject`, `text`, `payment_id`, `timestamp`, `url`, `target_send`, `cat_id`, `zip`
644 `{!_MYSQL_PREFIX!}_pool`
646 `sender`=%s AND `data_type`='TEMP'
648 array(getUserId()), __FILE__, __LINE__);
650 if (SQL_NUMROWS($result) == 1) {
652 list($subject, $text, $payment, $tstamp, $url, $target, $content['cat'], $zip) = SQL_FETCHROW($result);
654 // Fix max receivers when it is too much
655 if ((isset($CATS['uids'][$content['cat']])) && ($target > $CATS['uids'][$content['cat']])) $target = $CATS['uids'][$content['cat']];
657 // Old order is grabbed
660 // Default output for that your members don't forget it...
665 SQL_FREERESULT($result);
667 if ((REQUEST_ISSET_POST('data')) || ((getConfig('order_multi_page') != 'Y') && ((!IS_ADMIN()) && (!EXT_IS_ACTIVE('html_mail'))))) {
668 // Pre-output categories
670 foreach ($CATS['id'] as $key => $value) {
671 $CAT .= " <option value=\"".$value."\"";
672 if (($OLD_ORDER) && ($content['cat'] == $value)) $CAT .= ' selected="selected"';
673 $CAT .= ">".$CATS['name'][$key]." (".$CATS['uids'][$key]." {--USER_IN_CAT--})</option>\n";
678 foreach ($typeS as $key => $value) {
679 $P = translateComma($typeS[$key][1]);
680 if (is_array($value)) {
681 // Output option line
682 $type .= " <option value=\"".$typeS[$key][0]."\"";
683 if (($OLD_ORDER) && ($payment == $typeS[$key][0])) $type .= ' selected="selected"';
684 $type .= ">".$P." {--PER_MAIL--} - ".$typeS[$key][3]." - ".round($typeS[$key][2])." {--PAYMENT--}</option>\n";
688 // Put all in constants for the template
689 define('CATEGORY_SELECTION', $CAT);
690 define('TYPE_SELECTION', $type);
691 define('TARGET', $target);
692 define('SUBJECT', $subject);
693 define('TEXT', COMPILE_CODE($text));
694 define('T_URL', $url);
696 if (REQUEST_ISSET_POST('zip')) {
697 // Output entered ZIP code
698 define('ZIP_OUTPUT', LOAD_TEMPLATE('member_order-zip', true, REQUEST_POST('zip')));
700 define('ZIP_OUTPUT', "<tr><td colspan=\"5\" height=\"5\" class=\"seperator\"> </td></tr>");
704 if ((EXT_IS_ACTIVE('html_mail')) && (REQUEST_POST('html') == 'Y')) {
705 // Extension is active so output valid HTML tags
706 define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE('member_order-html_ext', true, HTML_ADD_VALID_TAGS()));
708 // Extension not active and/or class not uploaded
709 define('MEMBER_HTML_EXTENSION', "<tr><td colspan=\"5\"><input type=\"hidden\" name=\"html\" value=\"N\"> /</td></tr>");
712 // Output form for page 2
713 LOAD_TEMPLATE('member_order_page2');
715 // Remember maybe entered ZIP code in constant
717 if (EXT_IS_ACTIVE('html_mail')) {
718 // Add some content when html extension is active
719 if ((getConfig('order_multi_page') == 'Y') || (IS_ADMIN())) $add = "<tr><td colspan=\"2\" class=\"seperator bottom2\" height=\"5\"> </td></tr>\n";
720 define('MEMBER_HTML_EXTENSION', LOAD_TEMPLATE('member_order-html_intro', true));
722 // No HTML extension installed
723 define('MEMBER_HTML_EXTENSION', "<tr><td colspan=\"2\"><input type=\"hidden\" name=\"html\" value=\"N\" /></td></tr>");
726 // Do we want ZIP code or not?
727 if ((getConfig('order_multi_page') == 'Y') || (IS_ADMIN())) {
729 if (REQUEST_POST('zip') > 0) {
731 'zip' => bigintval(REQUEST_POST('zip')),
740 define('MEMBER_ZIP_CONTENT', LOAD_TEMPLATE('member_order-zip1', true, $content));
743 define('MEMBER_ZIP_CONTENT', '');
746 // Output form for page 1 (ZIP code or HTML)
747 LOAD_TEMPLATE('member_order_page1');
750 // No mail types defined
751 LOAD_TEMPLATE('admin_settings_saved', false, "<span class=\"member_failed\">{--MEMBER_NO_PAYMENTS--}</span>");
755 LOAD_TEMPLATE('admin_settings_saved', false, "<span class=\"member_failed\">{--MEMBER_NO_POINTS--}</span>");
758 // No cateogries are defined yet
759 LOAD_TEMPLATE('admin_settings_saved', false, "<span class=\"member_failed\">{--MEMBER_NO_CATS--}</span>");
761 } elseif ($mmails == '0') {
762 // Please set more than 0 mails per day
763 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_HAS_ZERO_MMAILS'));
765 // Please confirm some mails first
766 LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('MEMBER_LINKS_LEFT'), $links, getConfig('unconfirmed')));
770 // Redirect to requested URL