************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
ADD_DESCR("admin", basename(__FILE__));
$result_main = SQL_QUERY("SELECT id, sender, subject, payment_id, timestamp, url, target_send, cat_id FROM "._MYSQL_PREFIX."_pool WHERE data_type='ADMIN' ORDER BY timestamp", __FILE__, __LINE__);
OPEN_TABLE("100%", "admin_content admin_content_align", "");
-if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock'])))
-{
+if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
// Count checked checkboxes
$SEL = 0;
- if (isset($_POST['sel']))
- {
+ if (isset($_POST['sel'])) {
// Are there checked boxes?
- if (count($_POST['sel']) > 0)
- {
+ if (count($_POST['sel']) > 0) {
// Count now... We use an own function for now
$SEL = SELECTION_COUNT($_POST['sel']);
}
}
- if (isset($_POST['accept']))
- {
- if ($SEL > 0)
- {
+
+ if (isset($_POST['accept'])) {
+ if ($SEL > 0) {
// Accept mail orders
- foreach ($_POST['sel'] as $id=>$value)
- {
+ foreach ($_POST['sel'] as $id => $value) {
// Secure ID number
$id = bigintval($id);
// Unlock selected email
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%d AND data_type='ADMIN' LIMIT 1",
- array($id), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
- {
+ //$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%d AND data_type='ADMIN' LIMIT 1",
+ // array($id), __FILE__, __LINE__);
+ if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) {
// Order placed in queue...
- $result = SQL_QUERY_ESC("SELECT url, subject, sender FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT po.url, po.subject, po.sender, pay.payment
+FROM "._MYSQL_PREFIX."_pool AS po
+INNER JOIN "._MYSQL_PREFIX."_payments AS pay
+ON po.payment_id=pay.id
+WHERE po.id=%d
+LIMIT 1",
array($id), __FILE__, __LINE__);
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Check for bonus extension version >= 0.4.4 for the order bonus
- if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($CONFIG['bonus_active'] == 'Y'))
- {
+ if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) {
// Add points directly
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$CONFIG['bonus_order']." WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$_CONFIG['bonus_order']." WHERE userid=%d LIMIT 1",
array(bigintval($DATA[2])), __FILE__, __LINE__);
// Subtract bonus points from system
- BONUS_POINTS_HANDLER($CONFIG['bonus_order']);
+ BONUS_POINTS_HANDLER($_CONFIG['bonus_order']);
}
+ // Check for surfbar extension
+ if (EXT_IS_ACTIVE("surfbar")) {
+ // Add the url
+ SURFBAR_ADMIN_ADD_URL($DATA[0], $DATA[2], $DATA[3]);
+ } // END - if
+
// Load email template
$msg_user = LOAD_EMAIL_TEMPLATE("order-accept", "", $DATA[2]);
// Set message
$MSG = ADMIN_MAILS_ACTIVATED;
- }
- else
- {
+ } else {
// Nothing checked!
$MSG = ADMIN_MAILS_NOTHING_CHECKED;
}
// Mails unlocked for mail delivery
LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
- }
- elseif (isset($_POST['reject']))
- {
- if ($SEL > 0)
- {
+ } elseif (isset($_POST['reject'])) {
+ if ($SEL > 0) {
// Reject mail orders
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$value)
- {
+ foreach ($_POST['sel'] as $id=>$value) {
// Secure ID number
$id = bigintval($id);
// Load main template
LOAD_TEMPLATE("admin_unlock_emails_redir");
- }
- else
- {
+ } else {
// Nothing selected
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MAILS_NOTHING_CHECKED);
}
- }
- elseif ((isset($_POST['lock'])) || ($SEL > 0))
- {
- if ($SEL > 0)
- {
+ } elseif ((isset($_POST['lock'])) || ($SEL > 0)) {
+ if ($SEL > 0) {
// Lock URLs
- foreach ($_POST['sel'] as $id=>$url)
- {
+ foreach ($_POST['sel'] as $id=>$url) {
+ // Lookup in blacklist
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
array($url), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
+ if (SQL_NUMROWS($result) == 0) {
// Did not find a record so we can add it... :)
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())",
array($url), __FILE__, __LINE__);
- }
- else
- {
+ } else {
// Free memory
SQL_FREERESULT($result);
}
// Set message
$MSG = ADMIN_URLS_BLOCKED;
- }
- else
- {
+ } else {
// Nothing selected
$MSG = ADMIN_MAILS_NOTHING_CHECKED;
}
LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
- }
- elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject'])))
- {
+ } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) {
// Mail orders are in pool so we can display them
$SW = 2; $OUT = "";
while (list($id, $sender, $subj, $pay, $time, $url, $tsend, $cat) = SQL_FETCHROW($result_main))
// Prepare rejection URL
$REJECT = "http://";
- if (GET_EXT_VERSION("other") >= "0.1.6") $REJECT = $CONFIG['reject_url'];
+ if (GET_EXT_VERSION("other") >= "0.1.6") $REJECT = $_CONFIG['reject_url'];
define('__REJECT_URL', $REJECT);
// Load main template
LOAD_TEMPLATE("admin_unlock_emails");
- }
- else
- {
+ } else {
// Wrong call!
- LOAD_TEMPLATE ("admin_settings_saved", false, ADMIN_WRONG_CALL);
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL);
}
-}
- else
-{
+} else {
// No mail orders fond
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MAILS_IN_POOL);
}