Members can now no longer enter 'NULL' as their nickname

[mailer.git] / inc / modules / order.php

diff --git a/inc/modules/order.php b/inc/modules/order.php
index e47f21b2c784a0e40c0a4ed9d6f15cc7d1f8862f..fa04e6e356e547a87c93554df94a770ab442575c 100644 (file)
--- a/inc/modules/order.php
+++ b/inc/modules/order.php
@@ -40,7 +40,7 @@ $url = '';
 if (!defined('__SECURITY')) {
        die();
 } elseif ((!isExtensionActive('order')) && (!isAdmin())) {
-       displayMessage(generateExtensionInactiveNotInstalledMessage('order'));
+       displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=order%}');
        return;
 } elseif (!isMember()) {
        // Sorry, no guest access!
@@ -73,7 +73,7 @@ if (empty($url)) {
        if (!SQL_HASZEROAFFECTED()) {
                // @TODO Unused: 2,4
                // Load mail again...              0         1          2             3            4         5       6            7
-               $result = SQL_QUERY_ESC("SELECT `subject`, `text`, `receivers`, `payment_id`, `timestamp`, `url`, `cat_id`, `target_send` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT `subject`,`text`,`receivers`,`payment_id`,`timestamp`,`url`,`cat_id`,`target_send` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s LIMIT 1",
                        array(bigintval(getRequestParameter('order')), getMemberId()), __FILE__, __LINE__);
 
                // Merge arrays
@@ -89,6 +89,8 @@ if (empty($url)) {
 
                // Calculate used points
                $content['payed_points'] = $content['target_send'] * getPaymentPoints($content['payment_id']);
+
+               // Subtract them from the user's account and ignore return status
                subtractPoints('order', getMemberId(), $content['payed_points']);
 
                // Update used points