+ $TEST_NICK_SENDER = $content['sender']['nickname'];
+ $TEST_NICK_REC = $content['recipient']['nickname'];
+
+ // Default is userids for subject line
+ $SENDER = getUserId();
+ $RECIPIENT = bigintval(postRequestElement('to_userid'));
+
+ // If nickname is installed we can set the nickname
+ // @TODO Rewrite this to a filter
+ if (isExtensionActive('nickname')) {
+ if (($TEST_NICK_SENDER != getUserId()) && (!empty($TEST_NICK_SENDER))) {
+ $SENDER = $content['sender']['nickname'];
+ }
+
+ if (($TEST_NICK_REC != postRequestElement('to_userid')) && (!empty($TEST_NICK_REC))) {
+ $RECIPIENT = $content['recipient']['nickname'];
+ }
+ } // END - if
+
+ // Remember transfer reason and fancy date/time in constants
+ $content['reason'] = secureString(postRequestElement('reason'));
+ $content['expires'] = createFancyTime(getConfig('transfer_age'));
+
+ // Generate tranafer id
+ $content['trans_id'] = bigintval(generateRandomCode('10', mt_rand(0, 99999), getUserId(), postRequestElement('reason')));
+
+ // Add entries to both tables
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array(bigintval(postRequestElement('to_userid')), getUserId(), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array(getUserId(), bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
+
+ // Add points to account *directly* ...
+ addPointsDirectly('member_transfer', bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points')));
+
+ // ... and add it to current user's used points
+ subtractPoints('transfer', getUserId(), postRequestElement('points'));
+
+ // First send email to recipient
+ $message = loadEmailTemplate('member_transfer_recipient', $content, postRequestElement('to_userid'));
+ sendEmail($content['recipient']['email'], getMessage('TRANSFER_MEMBER_RECIPIENT_SUBJ') . ': ' . $SENDER, $message);
+
+ // Second send email to sender
+ $message = loadEmailTemplate('member_transfer_sender', $content, getUserId());
+ sendEmail($content['sender']['email'], getMessage('TRANSFER_MEMBER_SENDER_SUBJ') . ': ' . $RECIPIENT, $message);
+
+ // At last send admin mail(s)
+ $ADMIN_SUBJ = sprintf("%s (%s->%s)", getMessage('TRANSFER_ADMIN_SUBJECT'), $SENDER, $RECIPIENT);
+ sendAdminNotification($ADMIN_SUBJ, 'admin_transfer_points', $content);
+
+ // Transfer is completed
+ loadTemplate('admin_settings_saved', false, getMessage('TRANSFER_COMPLETED') . "<br /><a href=\"{?URL?}/modules.php?module=login&what=transfer\">{--TRANSFER_CONTINUE_OVERVIEW--}</a>");
+ } elseif ($valid_code === false) {
+ // Invalid Touring code!
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_CODE--}</div>");
+ unsetPostRequestElement('ok');
+ } elseif ($valid_pass === false) {
+ // Wrong password entered
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_PASSWORD--}</div>");
+ unsetPostRequestElement('ok');
+ } elseif ($valid_amount === false) {
+ // Too much points entered
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_POINTS--}</div>");
+ unsetPostRequestElement('ok');
+ } elseif ($valid_reason === false) {
+ // No transfer reason entered
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_REASON--}</div>");
+ unsetPostRequestElement('ok');
+ } elseif ($valid_recipient === false) {
+ // No recipient selected
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_RECIPIENT--}</div>");
+ unsetPostRequestElement('ok');
+ } elseif ($valid_data === false) {
+ // No recipient/sender selected
+ loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_DATA--}</div>");
+ unsetPostRequestElement('ok');