- if ((isset($_POST['ok'])) && ($_POST['points'] > 0))
- {
- define('__POINTS_VALUE', $_POST['points']);
- $result_main = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
- while (list($uid) = SQL_FETCHROW($result_main))
- {
- // User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Selected user does exist
- list($sname, $fname, $email) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
- {
- // Ok, add points and send an email to him...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth='0' LIMIT 1",
- array($_POST['points'], bigintval($uid)), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "add", $_POST['points']);
- }
-
- // Load email template and send email away
- $msg = LOAD_EMAIL_TEMPLATE("add-points", $_POST['reason'], $uid);
- SEND_EMAIL($email, ADMIN_ADD_SUBJ, $msg);
- }
- }
- }
+ if ((IS_FORM_SENT()) && (REQUEST_POST('points') > 0)) {
+ // @TODO Rewrite this constant
+ define('__POINTS_VALUE', REQUEST_POST('points'));
+
+ // Select all users
+ $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid",
+ __FILE__, __LINE__);
+
+ // Process all entries
+ while ($content = SQL_FETCHROW($result_main)) {
+ // Remove depth to prevent booking errors. This is a bad coding
+ // practice, thats also why we need to write this project from
+ // scratch...
+ $GLOBALS['ref_level'] = -1;
+
+ // Ok, add points and send an email to him...
+ ADD_POINTS_REFSYSTEM("admin_all", $content['userid'], bigintval(REQUEST_POST('points')), false, "0", false, "direct");
+
+ // Prepare content
+ $content['text'] = SQL_ESCAPE(REQUEST_POST('reason'));
+ $content['points'] = bigintval(REQUEST_POST('points'));
+
+ // Load email template and send email away
+ $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($content['userid']));
+ SEND_EMAIL(bigintval($content['userid']), getMessage('ADMIN_ADD_SUBJ'), $msg);
+ } // END - while