-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 10/29/2003 *\r
- * =============== Last change: 01/06/2006 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : order.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : Submits your order to the administrators *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Sendet die Buchung an die Administratoren *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Some security stuff...\r
-$URL = "";\r
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))\r
-{\r
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";\r
- require($INC);\r
-}\r
- elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN()))\r
-{\r
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");\r
- return;\r
-}\r
- elseif (!IS_LOGGED_IN())\r
-{\r
- // Sorry, no guest access!\r
- $URL = URL."/modules.php?module=index";\r
-}\r
- elseif (empty($_GET['order']))\r
-{\r
- // You cannot call this module directly!\r
- $URL = URL."/modules.php?module=login&what=order";\r
-}\r
-\r
-// When URL is empty nothing bad happend here\r
-if (empty($URL))\r
-{\r
- // Is the auto-send mechanism active or inactive?\r
- if ($CONFIG['autosend_active'] == "Y")\r
- {\r
- // Auto-send is active\r
- define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE));\r
- define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE));\r
- $TYPE = "NEW";\r
- }\r
- else\r
- {\r
- // Auto-send is inactive\r
- define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE));\r
- define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE));\r
- $TYPE = "ADMIN";\r
- }\r
-\r
- // Update sending pool\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1",\r
- array($TYPE, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);\r
-\r
- // Finally is the entry valid?\r
- if (SQL_AFFECTEDROWS($link) == 1)\r
- {\r
- // Update his login data\r
- UPDATE_LOGIN_DATA();\r
-\r
- // Load personal data...\r
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array($GLOBALS['userid']), __FILE__, __LINE__);\r
- list($sex, $sname, $fname, $email) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
-\r
- // Load mail again... 0 1 2 3 4 5 6 7\r
- $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d LIMIT 1",\r
- array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);\r
- $DATA = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- if (empty($DATA[0])) $DATA[0] = DEFAULT_SUBJECT_LINE;\r
-\r
- // Calculate used points\r
- $USED = $DATA[7] * GET_PAY_POINTS($DATA[3]);\r
-\r
- // Update used points\r
- $ADD = "";\r
- if ($CONFIG['order_max'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s".$ADD." WHERE userid=%d LIMIT 1",\r
- array($USED, $GLOBALS['userid']), __FILE__, __LINE__);\r
-\r
- // Update mediadata as well\r
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")\r
- {\r
- // Update database\r
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED);\r
- }\r
-\r
- // Send an email to the user\r
- $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']);\r
- SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem);\r
-\r
- // Notify admins about this\r
- if (GET_EXT_VERSION("admins") >= "0.4.1")\r
- {\r
- SEND_ADMIN_EMAILS_PRO(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']);\r
- }\r
- else\r
- {\r
- $msg_admin = LOAD_EMAIL_TEMPLATE("order-admin", "", $GLOBALS['userid']);\r
- SEND_ADMIN_EMAILS(ADMIN_NEW_QUEUE, $msg_admin);\r
- }\r
-\r
- // Output back bottom\r
- LOAD_TEMPLATE("member_order-back", false);\r
- }\r
- else\r
- {\r
- // Matching line not found or already "placed" in send queue\r
- $URL = URL."/modules.php?module=login";\r
- LOAD_URL($URL);\r
- }\r
-}\r
- else\r
-{\r
- // Redirect...\r
- LOAD_URL($URL);\r
-}\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 10/29/2003 *
+ * =============== Last change: 01/06/2006 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : order.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Submits your order to the administrators *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Sendet die Buchung an die Administratoren *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+$URL = "";
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ require($INC);
+}
+ elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN()))
+{
+ ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
+ return;
+}
+ elseif (!IS_LOGGED_IN())
+{
+ // Sorry, no guest access!
+ $URL = URL."/modules.php?module=index";
+}
+ elseif (empty($_GET['order']))
+{
+ // You cannot call this module directly!
+ $URL = URL."/modules.php?module=login&what=order";
+}
+
+// When URL is empty nothing bad happend here
+if (empty($URL))
+{
+ // Is the auto-send mechanism active or inactive?
+ if ($CONFIG['autosend_active'] == "Y")
+ {
+ // Auto-send is active
+ define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE));
+ define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE));
+ $TYPE = "NEW";
+ }
+ else
+ {
+ // Auto-send is inactive
+ define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE));
+ define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE));
+ $TYPE = "ADMIN";
+ }
+
+ // Update sending pool
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1",
+ array($TYPE, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Finally is the entry valid?
+ if (SQL_AFFECTEDROWS($link) == 1)
+ {
+ // Update his login data
+ UPDATE_LOGIN_DATA();
+
+ // Load personal data...
+ $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+ list($sex, $sname, $fname, $email) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Load mail again... 0 1 2 3 4 5 6 7
+ $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d LIMIT 1",
+ array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ if (empty($DATA[0])) $DATA[0] = DEFAULT_SUBJECT_LINE;
+
+ // Calculate used points
+ $USED = $DATA[7] * GET_PAY_POINTS($DATA[3]);
+
+ // Update used points
+ $ADD = "";
+ if ($CONFIG['order_max'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s".$ADD." WHERE userid=%d LIMIT 1",
+ array($USED, $GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Update mediadata as well
+ if (GET_EXT_VERSION("mediadata") >= "0.0.4")
+ {
+ // Update database
+ MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED);
+ }
+
+ // Send an email to the user
+ $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']);
+ SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem);
+
+ // Notify admins about this
+ if (GET_EXT_VERSION("admins") >= "0.4.1")
+ {
+ SEND_ADMIN_EMAILS_PRO(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']);
+ }
+ else
+ {
+ $msg_admin = LOAD_EMAIL_TEMPLATE("order-admin", "", $GLOBALS['userid']);
+ SEND_ADMIN_EMAILS(ADMIN_NEW_QUEUE, $msg_admin);
+ }
+
+ // Output back bottom
+ LOAD_TEMPLATE("member_order-back", false);
+ }
+ else
+ {
+ // Matching line not found or already "placed" in send queue
+ $URL = URL."/modules.php?module=login";
+ LOAD_URL($URL);
+ }
+}
+ else
+{
+ // Redirect...
+ LOAD_URL($URL);
+}
+//
+?>