SQL_FREERESULT($result);
if ($data['data_type'] == 'TEMP') {
- // No entry found, so we need to check out the stats table as well... :)
- // We have to add that suff here, now we continue WITHOUT checking and check the text and subject against some filters
+ /*
+ * No entry found, so we need to check out the stats table as well...
+ * :) We have to add that suff here, now we continue WITHOUT checking
+ * and check the text and subject against some filters
+ */
$data['url'] = '';
if (getConfig('allow_url_in_text') == 'Y') {
// Test submitted text against some filters (length, URLs in text etc.)
if (($usedPoints > 0) && ($usedPoints <= $totalPoints) && ($content['target_send'] > 0)) {
// Gettings points is okay, so we can add $usedPoints later from
if ((!isValidId($data['id'])) || ($data['data_type'] != 'TEMP')) {
- // New order
- $data['id'] = '0';
+ // New order, init data array elements
+ $data = array(
+ 'sender' => getMemberId(),
+ 'subject' => postRequestElement('subject'),
+ 'text' => postRequestElement('text'),
+ 'receivers' => $receiver
+ 'payment_id' => bigintval(postRequestElement('mail_type')),
+ 'data_type' => 'TEMP',
+ 'timestamp' => 'UNIX_TIMESTAMP()',
+ 'url' => postRequestElement('url'),
+ 'cat_id' => bigintval(postRequestElement('cat')),
+ 'target_send' => bigintval($content['target_send']),
+ 'zip' => bigintval(postRequestElement('zip'), TRUE, FALSE),
+ );
+
+ // Is ext-html_mail active?
if (isExtensionActive('html_mail')) {
// HTML extension is active
- SQL_QUERY_ESC("INSERT INTO
- `{?_MYSQL_PREFIX?}_pool`
-(
- `sender`,
- `subject`,
- `text`,
- `receivers`,
- `payment_id`,
- `data_type`,
- `timestamp`,
- `url`,
- `cat_id`,
- `target_send`,
- `zip`,
- `html_msg`
-) VALUES (
- %s,
- '%s',
- '%s',
- '%s',
- %s,
- 'TEMP',
- UNIX_TIMESTAMP(),
- '%s',
- %s,
- %s,
- %s,
- '%s'
-)",
- array(
- getMemberId(),
- postRequestElement('subject'),
- postRequestElement('text'),
- $receiver,
- bigintval(postRequestElement('mail_type')),
- postRequestElement('url'),
- bigintval(postRequestElement('cat')),
- bigintval($content['target_send']),
- bigintval(postRequestElement('zip'), TRUE, FALSE),
- postRequestElement('html')
- ), __FILE__, __LINE__);
- } else {
- // No HTML extension is active
- SQL_QUERY_ESC("INSERT INTO
- `{?_MYSQL_PREFIX?}_pool`
-(
- `sender`,
- `subject`,
- `text`,
- `receivers`,
- `payment_id`,
- `data_type`,
- `timestamp`,
- `url`,
- `cat_id`,
- `target_send`,
- `zip`
-) VALUES (
- %s,
- '%s',
- '%s',
- '%s',
- %s,
- 'TEMP',
- UNIX_TIMESTAMP(),
- '%s',
- %s,
- %s,
- %s
-)",
- array(
- getMemberId(),
- postRequestElement('subject'),
- postRequestElement('text'),
- $receiver,
- bigintval(postRequestElement('mail_type')),
- postRequestElement('url'),
- bigintval(postRequestElement('cat')),
- bigintval($content['target_send']),
- bigintval(postRequestElement('zip'), TRUE, FALSE),
- ), __FILE__, __LINE__);
- }
+ $data['html_msg'] = postRequestElement('html');
+ } // END - if
// Get insert id
- $data['id'] = SQL_INSERTID();
+ $data['id'] = insertDataIntoPool($data);
} else {
- // Change current order
+ // Update this data
+ $data = array(
+ 'subject' => postRequestElement('subject'),
+ 'text' => postRequestElement('text'),
+ 'receivers' => $receiver
+ 'payment_id' => bigintval(postRequestElement('mail_type')),
+ 'timestamp' => 'UNIX_TIMESTAMP()',
+ 'url' => postRequestElement('url'),
+ 'cat_id' => bigintval(postRequestElement('cat')),
+ 'target_send' => bigintval($content['target_send']),
+ 'zip' => bigintval(postRequestElement('zip'), TRUE, FALSE),
+ );
+
+ // Is ext-html_mail active?
if (isExtensionActive('html_mail')) {
// HTML extension is active
- SQL_QUERY_ESC("UPDATE
- `{?_MYSQL_PREFIX?}_pool`
-SET
- `subject`='%s',
- `text`='%s',
- `receivers`='%s',
- `payment_id`=%s,
- `timestamp`=UNIX_TIMESTAMP(),
- `url`='%s',
- `cat_id`=%s,
- `target_send`=%s,
- `zip`=%s,
- `html_msg`='%s'
-WHERE
- `id`=%s
-LIMIT 1",
- array(
- postRequestElement('subject'),
- postRequestElement('text'),
- $receiver,
- bigintval(postRequestElement('mail_type')),
- postRequestElement('url'),
- bigintval(postRequestElement('cat')),
- $content['target_send'],
- bigintval(postRequestElement('zip')),
- postRequestElement('html'),
- bigintval($data['id'])
- ), __FILE__, __LINE__);
- } else {
- // No HTML extension is active
- SQL_QUERY_ESC("UPDATE
- `{?_MYSQL_PREFIX?}_pool`
-SET
- `subject`='%s',
- `text`='%s',
- `receivers`='%s',
- `payment_id`=%s,
- `timestamp`=UNIX_TIMESTAMP(),
- `url`='%s',
- `cat_id`=%s,
- `target_send`=%s,
- `zip`=%s
-WHERE
- `id`=%s
-LIMIT 1",
- array(
- postRequestElement('subject'),
- postRequestElement('text'),
- $receiver,
- bigintval(postRequestElement('mail_type')),
- postRequestElement('url'),
- bigintval(postRequestElement('cat')),
- $content['target_send'],
- bigintval(postRequestElement('zip')),
- bigintval($data['id'])
- ), __FILE__, __LINE__);
- }
+ $data['html_msg'] = postRequestElement('html');
+ } // END - if
+
+ // Update pool data
+ updatePoolDataById($data['id'], NULL, $data);
}
// Make sure only valid id numbers can pass
assert(isValidId($data['id']));
// Id is received so we can redirect the user, used points will be added when he send's out the mail
- $data['url'] = 'modules.php?module=frametester&order=' . $data['id'];
+ $data['url'] = 'modules.php?module=frametester&order=' . bigintval($data['id']);
} elseif ($content['target_send'] == '0') {
// Not enougth receivers found which can receive mails
$data['url'] = 'modules.php?module=login&what=order&code=' . getCode('MORE_RECEIVERS2');