// Some security stuff...
$URL = "";
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-}
- elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN()))
-{
+} elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) {
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
return;
-}
- elseif (!IS_LOGGED_IN())
-{
+} elseif (!IS_MEMBER()) {
// Sorry, no guest access!
$URL = URL."/modules.php?module=index";
-}
- elseif (empty($_GET['order']))
-{
+} elseif (empty($_GET['order'])) {
// You cannot call this module directly!
$URL = URL."/modules.php?module=login&what=order";
}
// When URL is empty nothing bad happend here
-if (empty($URL))
-{
+if (empty($URL)) {
// Is the auto-send mechanism active or inactive?
- if ($CONFIG['autosend_active'] == 'Y')
- {
+ if ($_CONFIG['autosend_active'] == "Y") {
// Auto-send is active
define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE));
define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE));
$type = "NEW";
- }
- else
- {
+ } else {
// Auto-send is inactive
define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE));
define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE));
}
// Update sending pool
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
// Finally is the entry valid?
- if (SQL_AFFECTEDROWS($link) == 1)
- {
+ if (SQL_AFFECTEDROWS() == 1) {
// Update his login data
UPDATE_LOGIN_DATA();
// Load personal data...
- $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
- list($sex, $sname, $fname, $email) = SQL_FETCHROW($result);
+ list($gender, $sname, $fname, $email) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Load mail again... 0 1 2 3 4 5 6 7
- $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s LIMIT 1",
array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Update used points
$ADD = "";
- if ($CONFIG['order_max'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s".$ADD." WHERE userid=%d LIMIT 1",
- array($USED, $GLOBALS['userid']), __FILE__, __LINE__);
+ if ($_CONFIG['order_max_full'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";
+ SUB_POINTS($GLOBALS['userid'], $USED);
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED);
- }
+ // Prepare content
+ $content = array(
+ 'blocks' => $_CONFIG['max_send'],
+ 'subject' => $DATA[0],
+ 'text' => $DATA[1],
+ 'payment' => GET_PAYMENT($DATA[3]),
+ 'category' => GET_CATEGORY($DATA[6])
+ );
// Send an email to the user
- $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']);
+ $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", $content, $GLOBALS['userid']);
SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem);
// Notify admins about this
- if (GET_EXT_VERSION("admins") >= "0.4.1")
- {
- SEND_ADMIN_EMAILS_PRO(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']);
- }
- else
- {
- $msg_admin = LOAD_EMAIL_TEMPLATE("order-admin", "", $GLOBALS['userid']);
- SEND_ADMIN_EMAILS(ADMIN_NEW_QUEUE, $msg_admin);
- }
+ SEND_ADMIN_NOTIFICATION(ADMIN_NEW_QUEUE, "order-admin", $content, $GLOBALS['userid']);
// Output back bottom
LOAD_TEMPLATE("member_order-back", false);
- }
- else
- {
+ } else {
// Matching line not found or already "placed" in send queue
$URL = URL."/modules.php?module=login";
LOAD_URL($URL);
}
-}
- else
-{
+} else {
// Redirect...
LOAD_URL($URL);
}