X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=0.2.1%2Finc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=27f4b77727648ab7a2fee693dc051276d99e0293;hb=4ac856c74ab07fc19ab64039904f2075c8f35b40;hp=37d8cef4681cb78c21e5e3859eecd33058a098f8;hpb=2408c1599f73859fe4a2938e87bc080b9dcb9cca;p=mailer.git

diff --git a/0.2.1/inc/modules/member/what-transfer.php b/0.2.1/inc/modules/member/what-transfer.php
index 37d8cef468..27f4b77727 100644
--- a/0.2.1/inc/modules/member/what-transfer.php
+++ b/0.2.1/inc/modules/member/what-transfer.php
@@ -1,627 +1,627 @@
-<?php
-/************************************************************************
- * MXChange v0.2.1                                    Start: 10/07/2004 *
- * ================                             Last change: 10/07/2004 *
- *                                                                      *
- * -------------------------------------------------------------------- *
- * File              : what-transfer.php                                *
- * -------------------------------------------------------------------- *
- * Short description : Point transfers                                  *
- * -------------------------------------------------------------------- *
- * Kurzbeschreibung  : Punktetransfers                                  *
- * -------------------------------------------------------------------- *
- *                                                                      *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
- * For more information visit: http://www.mxchange.org                  *
- *                                                                      *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or    *
- * (at your option) any later version.                                  *
- *                                                                      *
- * This program is distributed in the hope that it will be useful,      *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
- * GNU General Public License for more details.                         *
- *                                                                      *
- * You should have received a copy of the GNU General Public License    *
- * along with this program; if not, write to the Free Software          *
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
- * MA  02110-1301  USA                                                  *
- ************************************************************************/
-
-// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
-	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
-	require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
-	LOAD_URL(URL."/modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN()))
-{
-	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer");
-	return;
-}
-
-// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
-
-// Load data
-$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-list($opt_in) = SQL_FETCHROW($result);
-
-// Free memory
-SQL_FREERESULT($result);
-
-$MODE = "";
-if (!empty($_GET['mode'])) $MODE = $_GET['mode'];
-
-// Check for "faker"
-if (($opt_in == "N") && ($MODE == "new")) $MODE = "";
-
-switch ($MODE)
-{
-case "new": // Start new transfer
-	// Get total points and subtract the balance amount from it = maximum transferable points
-	$result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND points > 0",
-	 array($GLOBALS['userid']), __FILE__, __LINE__);
-	list($total) = SQL_FETCHROW($result);
-	SQL_FREERESULT($result);
-
-	// Get totally used points and password
-	$result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-	 array($GLOBALS['userid']), __FILE__, __LINE__);
-	list($used, $pass) = SQL_FETCHROW($result);
-	SQL_FREERESULT($result);
-
-	// Remember maximum value for template
-	define('__TRANSFER_MAX_VALUE', round($total - $used - $CONFIG['transfer_balance'] - 0.5));
-
-	if (isset($_POST['ok']))
-	{
-		// Add new transfer
-		if ($CONFIG['transfer_code'] > 0)
-		{
-			// Check for code
-			$code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
-			$valid_code = ($code == $_POST['code']);
-		}
-		 else
-		{
-			// Zero length (= disabled) is always valid!
-			$valid_code = true;
-		}
-
-		// Test password
-		$valid_pass = ($pass == generateHash($_POST['password'], $pass));
-
-		// Test transfer amount
-		$valid_amount = ((!empty($_POST['points'])) && ($_POST['points'] <= __TRANSFER_MAX_VALUE));
-
-		// Test reason for transfer
-		$valid_reason = (!empty($_POST['reason']));
-
-		// Test if a recipient is selected
-		$valid_recipient = ($_POST['to_uid'] > 0);
-
-		// Check for nickname extension and set additional data
-		$nick = false; $ADD = ", userid";
-		if (EXT_IS_ACTIVE("nickname"))
-		{
-			$ADD = ", nickname";
-			$nick = true;
-		}
-		// Re-check receivers and own personal data
-		$result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
-		 array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
-		$valid_data = (SQL_NUMROWS($result) == 2);
-
-		if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient)
-		{
-			// Let's start the transfer and load user data
-			list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
-			list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
-			if ($uid1 == $GLOBALS['userid'])
-			{
-				// Data row 1 is sender's data
-				define('__SENDER_SEX'     , TRANSLATE_SEX($sex1));
-				define('__SENDER_NICK'    , $nick1);
-				define('__SENDER_SNAME'   , $sname1);
-				define('__SENDER_FNAME'   , $fname1);
-				define('__SENDER_EMAIL'   , $email1);
-				// Data row 2 is recpient's data
-				define('__RECIPIENT_SEX'  , TRANSLATE_SEX($sex2));
-				define('__RECIPIENT_NICK' , $nick2);
-				define('__RECIPIENT_SNAME', $sname2);
-				define('__RECIPIENT_FNAME', $fname2);
-				define('__RECIPIENT_EMAIL', $email2);
-
-				// Prepare variables for testing
-				$TEST_NICK_SENDER = $nick1;
-				$TEST_NICK_REC = $nick2;
-			}
-			 else
-			{
-				// Data row 2 is sender's data
-				define('__SENDER_SEX'     , TRANSLATE_SEX($sex2));
-				define('__SENDER_NICK'    , $nick2);
-				define('__SENDER_SNAME'   , $sname2);
-				define('__SENDER_FNAME'   , $fname2);
-				define('__SENDER_EMAIL'   , $email2);
-				// Data row 1 is recpient's data
-				define('__RECIPIENT_SEX'  , TRANSLATE_SEX($sex1));
-				define('__RECIPIENT_NICK' , $nick1);
-				define('__RECIPIENT_SNAME', $sname1);
-				define('__RECIPIENT_FNAME', $fname1);
-				define('__RECIPIENT_EMAIL', $email1);
-
-				// Prepare variables for testing
-				$TEST_NICK_SENDER = $nick2;
-				$TEST_NICK_REC = $nick1;
-			}
-			// Sender's UID is always currently stored in cookie userid...
-			define('__SENDER_UID'     , $GLOBALS['userid']);
-			define('__RECIPIENT_UID'  , $_POST['to_uid']);
-
-			$SENDER = __SENDER_UID;
-			$RECIPIENT = __RECIPIENT_UID;
-			if ($nick)
-			{
-				if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER)))
-				{
-					$SENDER = __SENDER_NICK;
-				}
-				if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC)))
-				{
-					$RECIPIENT = __RECIPIENT_NICK;
-				}
-			}
-
-			// Remember transfer reason and fancy date/time in constants
-			define('__TRANSFER_REASON', $_POST['reason']);
-			if (function_exists('CREATE_FANCY_TIME'))
-			{
-				define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($CONFIG['transfer_age']));
-			}
-			 else
-			{
-				define('__TRANSFER_EXPIRES', round($CONFIG['transfer_age']/60/60/24)." ".DAYS);
-			}
-
-			// Generate tranafer id
-			define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
-
-			// Add entries to both tables
-			$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
-			 array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
-			 __FILE__, __LINE__);
-			$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
-			 array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
-			 __FILE__, __LINE__);
-
-			// Add points to account *directly* ...
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
-			 array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__);
-
-			// ... and add it to current user's used points
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
-			 array(bigintval($_POST['points']), $GLOBALS['userid']), __FILE__, __LINE__);
-
-			// First send email to recipient
-			$msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", __RECIPIENT_UID);
-			SEND_EMAIL(__RECIPIENT_EMAIL, TRANSFER_MEMBER_RECIPIENT_SUBJ.": ".$SENDER, $msg);
-
-			// Second send email to sender
-			$msg = LOAD_EMAIL_TEMPLATE("member_transfer_sender", "", __SENDER_UID);
-			SEND_EMAIL(__SENDER_EMAIL, TRANSFER_MEMBER_SENDER_SUBJ.": ".$RECIPIENT, $msg);
-
-			// At last send admin mail(s)
-			$ADMIN_SUBJ = TRANSFER_ADMIN_SUBJECT." (".$SENDER."->".$RECIPIENT.")";
-			if (GET_EXT_VERSION("admins") >= "0.4.1")
-			{
-				SEND_ADMIN_EMAILS_PRO($ADMIN_SUBJ, "admin_transfer_points");
-			}
-			 else
-			{
-				$msg = LOAD_EMAIL_TEMPLATE("admin_transfer_points");
-				SEND_ADMIN_EMAILS($ADMIN_SUBJ, $msg);
-			}
-
-			// Transfer is completed
-			OUTPUT_HTML ("<P>");
-			LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."<BR><A href=\"".URL."/modules.php?module=login&amp;what=transfer\">".TRANSFER_CONTINUE_OVERVIEW."</A>");
-			OUTPUT_HTML ("</P>");
-		}
-		 elseif (!$valid_code)
-		{
-			// Invalid Touring code!
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_CODE."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-		 elseif (!$valid_pass)
-		{
-			// Wrong password entered
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_PASSWORD."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-		 elseif (!$valid_amount)
-		{
-			// Too much points entered
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_POINTS."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-		 elseif (!$valid_reason)
-		{
-			// No transfer reason entered
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_REASON."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-		 elseif (!$valid_recipient)
-		{
-			// No recipient selected
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_RECIPIENT."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-		 elseif (!$valid_data)
-		{
-			// No recipient selected
-			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_DATA."</STRONG></P>");
-			unset($_POST['ok']);
-		}
-	}
-	if (!isset($_POST['ok']))
-	{
-		// Load member list
-		if (EXT_IS_ACTIVE("nickname"))
-		{
-			// Load userid and nickname
-			$result = SQL_QUERY_ESC("SELECT userid, nickname FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
-			 array($GLOBALS['userid']), __FILE__, __LINE__);
-		}
-		 else
-		{
-			// Load only userid
-			$result = SQL_QUERY_ESC("SELECT userid, userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
-			 array($GLOBALS['userid']), __FILE__, __LINE__);
-		}
-		if (SQL_NUMROWS($result) > 0)
-		{
-			// Load list
-			$OUT  = "<SELECT name=\"to_uid\" size=\"1\" class=\"member_select\">
-  <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
-			while (list($uid, $nick) = SQL_FETCHROW($result))
-			{
-				$OUT .= "<OPTION value=\"".$uid."\"";
-				if ((isset($_POST['to_uid'])) && ($_POST['to_uid'] == $uid)) $OUT .= " selected=\"selected\"";
-				$OUT .= ">";
-				if (($nick != $uid) && (!empty($nick)))
-				{
-					// Output nickname
-					$OUT .= $nick;
-				}
-				 else
-				{
-					// Output userid
-					$OUT .= $uid;
-				}
-				$OUT .= "</OPTION>\n";
-			}
-			$OUT .= "</SELECT>\n";
-			define('__TRANSFER_TO_DISABLED', "");
-
-			// Free memory
-			SQL_FREERESULT($result);
-		}
-		 else
-		{
-			// No one else is opt-in
-			$OUT = TRANSFER_NO_ONE_ELSE_OPT_IN;
-			define('__TRANSFER_TO_DISABLED', " disabled");
-		}
-		// Transfer output to constant for the template
-		define('__TRANSFER_USERID_SELECTION', $OUT);
-
-		// Generate Code
-		if ($CONFIG['transfer_code'] > 0)
-		{
-			$rand = rand(0, 99999);
-			$code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
-			$img = GENERATE_IMAGE($code, false);
-			define('__TRANSFER_IMAGE_INPUT', "<INPUT type=\"hidden\" name=\"code_chk\" value=\"".$rand."\"><INPUT type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".__TRANSFER_TO_DISABLED.">&nbsp;".$img);
-		}
-		 else
-		{
-			$code = "00000";
-			define('__TRANSFER_IMAGE_INPUT', TRANSFER_NO_CODE);
-		}
-
-		// Transfer maybe already entered valued'
-		if (isset($_GET['ok'])) {
-			// Get values from form
-			define('__TRANSFER_POINTS_VALUE', bigintval($_POST['points']));
-			define('__TRANSFER_REASON_VALUE', strip_tags($_POST['reason']));
-		} else {
-			// Set empty values
-			define('__TRANSFER_POINTS_VALUE', "");
-			define('__TRANSFER_REASON_VALUE', "");
-		}
-
-		// Output form
-		LOAD_TEMPLATE("member_transfer_new");
-	}
-	break;
-
-case "list_in": // List only incoming transactions
-case "list_out": // List only outgoing transactions
-	// As you can see I put list_in and list_out together. I now do a switch() again on it for the right SQL command
-	switch ($MODE)
-	{
-	case "list_in":
-		$SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d ORDER BY time_trans DESC LIMIT ".$CONFIG['transfer_max'];
-		$NOTHING = TRANSFER_NO_INCOMING_TRANSFERS;
-		define('__TRANSFER_SUM', TRANSFER_TOTAL_INCOMING);
-		define('__TRANSFER_TITLE', TRANSFER_LIST_INCOMING);
-		break;
-
-	case "list_out":
-		$SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d ORDER BY time_trans DESC LIMIT ".$CONFIG['transfer_max'];
-		$NOTHING = TRANSFER_NO_OUTGOING_TRANSFERS;
-		define('__TRANSFER_SUM', TRANSFER_TOTAL_OUTGOING);
-		define('__TRANSFER_TITLE', TRANSFER_LIST_OUTGOING);
-		break;
-	}
-
-	// Run the SQL command
-	$total = "0";
-	$result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) > 0)
-	{
-		$OUT = ""; $SW = 2;
-		while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result))
-		{
-			if ($type == "OUT") $points = "$points-";
-			$OUT .= "<TR>
-  <TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row1\">".$tid."</FONT>
-  </TD>
-  <TD class=\"transfer_row2 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row2\">".MAKE_DATETIME($stamp, "3")."</FONT>
-  </TD>
-  <TD class=\"transfer_row3 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row3\">".$uid."</FONT>
-  </TD>
-  <TD class=\"transfer_row4 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row4\">".$reason."</FONT>
-  </TD>
-  <TD class=\"transfer_row5 switch_sw".$SW." bottom2\">
-    <FONT class=\"transfer_row5\">".$points."</FONT>
-  </TD>
-</TR>\n";
-			$total += $points;
-			$SW = 3 - $SW;
-		}
-
-		// Free memory
-		SQL_FREERESULT($result);
-	}
-	 else
-	{
-		// Nothing for in or out
-		$OUT = "<TR>
-  <TD colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
-    ".LOAD_TEMPLATE("admin_settings_saved", true, $NOTHING)."
-  </TD>
-</TR>";
-	}
-
-	// ... and add them to a constant for the template
-	define('__TRANSFER_ROWS', $OUT);
-
-	// Remeber total amount
-	define('__TRANSFER_TOTAL_VALUE', $total);
-
-	// Load final template
-	LOAD_TEMPLATE("member_transfer_list");
-	break;
-
-case "list_all": // List all transactions
-	// We fill a temporay table with data from both tables. This is much easier
-	// to code and unstand by you as sub-SELECT queries. I know this is not the
-	// fastest way but it shall be fine for now.
-	//
-	// First of all create the temporary table
-	$result = SQL_QUERY("CREATE TEMPORARY TABLE "._MYSQL_PREFIX."_transfers_tmp (
-trans_id varchar(12) not null default '',
-party_uid bigint(20) not null default '0',
-points bigint(20) not null default '0',
-reason varchar(255) not null default '',
-time_trans varchar(10) not null default '0',
-trans_type enum('IN', 'OUT') not null default 'IN',
-KEY(party_uid)
-) TYPE=HEAP", __FILE__, __LINE__);
-
-	// Let's begin with the incoming list
-	$result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d ORDER BY id LIMIT %s",
-array($GLOBALS['userid'], $CONFIG['transfer_max']), __FILE__, __LINE__);
-	while ($DATA = SQL_FETCHROW($result))
-	{
-		$DATA[] = "IN";
-		$DATA = implode("', '", $DATA);
-		$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
-	}
-
-	// Free memory
-	SQL_FREERESULT($result);
-
-	// As the last table transfer data from outgoing table to temporary
-	$result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d ORDER BY id LIMIT %s",
-array($GLOBALS['userid'], $CONFIG['transfer_max']), __FILE__, __LINE__);
-	while ($DATA = SQL_FETCHROW($result))
-	{
-		$DATA[] = "OUT";
-		$DATA = implode("', '", $DATA);
-		$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
-	}
-
-	// Free memory
-	SQL_FREERESULT($result);
-
-	$total = "0";
-	if (SQL_NUMROWS($result) > 0)
-	{
-		// Output rows
-		$OUT = ""; $SW = 2;
-		$result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__);
-		while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result))
-		{
-			if ($type == "OUT") $points = "-$points";
-			$OUT .= "<TR>
-  <TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row1\">".$idx."</FONT>
-  </TD>
-  <TD class=\"transfer_row2 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row2\">".MAKE_DATETIME($stamp, "3")."</FONT>
-  </TD>
-  <TD class=\"transfer_row3 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row3\">".$uid."</FONT>
-  </TD>
-  <TD class=\"transfer_row4 switch_sw".$SW." bottom2 right2\">
-    <FONT class=\"transfer_row4\">".$reason."</FONT>
-  </TD>
-  <TD class=\"transfer_row5 switch_sw".$SW." bottom2\">
-    <FONT class=\"transfer_row5\">".$points."</FONT>
-  </TD>
-</TR>\n";
-			$total += $points;
-			$SW = 3 - $SW;
-		}
-
-		// Free memory
-		SQL_FREERESULT($result);
-	}
-	 else
-	{
-		// Nothing for in and out
-		$OUT = "<TR>
-  <TD colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
-    ".LOAD_TEMPLATE("admin_settings_saved", true, TRANSFER_NO_INOUT_TRANSFERS)."
-  </TD>
-</TR>";
-	}
-
-	// ... and add them to a constant for the template
-	define('__TRANSFER_ROWS', $OUT);
-
-	// Remeber total amount
-	define('__TRANSFER_TOTAL_VALUE', $total);
-
-	// Set title
-	define('__TRANSFER_TITLE', TRANSFER_LIST_ALL);
-
-	// Set "balance" word
-	define('__TRANSFER_SUM', TRANSFER_TOTAL_BALANCE);
-
-	// Load final template
-	LOAD_TEMPLATE("member_transfer_list");
-
-	// At the end we don't need a temporay table in memory
-	$result = SQL_QUERY("DROP TABLE IF EXISTS "._MYSQL_PREFIX."_transfers_tmp", __FILE__, __LINE__);
-
-	// Free some memory...
-	SQL_FREERESULT($result);
-	break;
-
-case "": // Overview page
-	// Check incoming transfers
-	$result = SQL_QUERY_ESC("SELECT COUNT(id) FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d", array($GLOBALS['userid']), __FILE__, __LINE__);
-	list($dmy) = SQL_FETCHROW($result);
-	SQL_FREERESULT($result);
-
-	$total=$dmy;
-	if ($dmy > 0)
-	{
-		define('__TRANSFER_IN_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_in\">".$dmy."</A>");
-	}
-	 else
-	{
-		define('__TRANSFER_IN_LINK', $dmy);
-	}
-
-	// Check outgoing transfers
-	$result = SQL_QUERY_ESC("SELECT COUNT(id) FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d", array($GLOBALS['userid']), __FILE__, __LINE__);
-	list($dmy) = SQL_FETCHROW($result);
-	SQL_FREERESULT($result);
-
-	$total+=$dmy;
-	if ($dmy > 0)
-	{
-		define('__TRANSFER_OUT_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_out\">".$dmy."</A>");
-	}
-	 else
-	{
-		define('__TRANSFER_OUT_LINK', $dmy);
-	}
-
-	// Total transactions
-	if ($total > 0)
-	{
-		define('__TRANSFER_ALL_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_all\">".$total."</A>");
-	}
-	 else
-	{
-		define('__TRANSFER_ALL_LINK', $total);
-	}
-
-	if (isset($_POST['ok']))
-	{
-		// Save settings
-		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET opt_in='%s' WHERE userid=%d LIMIT 1",
-		 array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__);
-
-		// Rember for next switch() command
-		$opt_in = $_POST['opt_in'];
-
-		// "Settings saved..."
-		OUTPUT_HTML ("<P><STRONG class=\"member_done\">".SETTINGS_SAVED."</STRONG></P>");
-	}
-	switch ($opt_in)
-	{
-	case "Y":
-		define('__TRANSFER_ALLOW_Y', " checked");
-		define('__TRANSFER_ALLOW_N', "");
-		define('__TRANSFER_NEW_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=new\">".TRANSFER_NOW_LINK."</A>");
-		break;
-
-	case "N":
-		define('__TRANSFER_ALLOW_Y', "");
-		define('__TRANSFER_ALLOW_N', " checked");
-		define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN);
-		break;
-	}
-
-	// Check for latest out-transfers
-	$result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > ".(time() - $CONFIG['transfer_timeout'])." AND userid=%d ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) == 0)
-	{
-		// Load template
-		define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));
-	}
-	 else
-	{
-		// Load newest transaction
-		list($newest) = SQL_FETCHROW($result);
-		SQL_FREERESULT($result);
-		define('__TRANSFER_SETTINGS_CONTENT', TRANSFER_LATEST_IS_1.MAKE_DATETIME($newest, "3").TRANSFER_LATEST_IS_2);
-	}
-	// Load template
-	LOAD_TEMPLATE("member_transfer_overview");
-	break;
-}
-//
-?>
+<?php
+/************************************************************************
+ * MXChange v0.2.1                                    Start: 10/07/2004 *
+ * ================                             Last change: 10/07/2004 *
+ *                                                                      *
+ * -------------------------------------------------------------------- *
+ * File              : what-transfer.php                                *
+ * -------------------------------------------------------------------- *
+ * Short description : Point transfers                                  *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung  : Punktetransfers                                  *
+ * -------------------------------------------------------------------- *
+ *                                                                      *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder                           *
+ * For more information visit: http://www.mxchange.org                  *
+ *                                                                      *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or    *
+ * (at your option) any later version.                                  *
+ *                                                                      *
+ * This program is distributed in the hope that it will be useful,      *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
+ * GNU General Public License for more details.                         *
+ *                                                                      *
+ * You should have received a copy of the GNU General Public License    *
+ * along with this program; if not, write to the Free Software          *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
+ * MA  02110-1301  USA                                                  *
+ ************************************************************************/
+
+// Some security stuff...
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+	require($INC);
+}
+ elseif (!IS_LOGGED_IN())
+{
+	LOAD_URL(URL."/modules.php?module=index");
+}
+ elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN()))
+{
+	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer");
+	return;
+}
+
+// Add description as navigation point
+ADD_DESCR("member", basename(__FILE__));
+
+// Load data
+$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+list($opt_in) = SQL_FETCHROW($result);
+
+// Free memory
+SQL_FREERESULT($result);
+
+$MODE = "";
+if (!empty($_GET['mode'])) $MODE = $_GET['mode'];
+
+// Check for "faker"
+if (($opt_in == "N") && ($MODE == "new")) $MODE = "";
+
+switch ($MODE)
+{
+case "new": // Start new transfer
+	// Get total points and subtract the balance amount from it = maximum transferable points
+	$result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND points > 0",
+	 array($GLOBALS['userid']), __FILE__, __LINE__);
+	list($total) = SQL_FETCHROW($result);
+	SQL_FREERESULT($result);
+
+	// Get totally used points and password
+	$result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+	 array($GLOBALS['userid']), __FILE__, __LINE__);
+	list($used, $pass) = SQL_FETCHROW($result);
+	SQL_FREERESULT($result);
+
+	// Remember maximum value for template
+	define('__TRANSFER_MAX_VALUE', round($total - $used - $CONFIG['transfer_balance'] - 0.5));
+
+	if (isset($_POST['ok']))
+	{
+		// Add new transfer
+		if ($CONFIG['transfer_code'] > 0)
+		{
+			// Check for code
+			$code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
+			$valid_code = ($code == $_POST['code']);
+		}
+		 else
+		{
+			// Zero length (= disabled) is always valid!
+			$valid_code = true;
+		}
+
+		// Test password
+		$valid_pass = ($pass == generateHash($_POST['password'], $pass));
+
+		// Test transfer amount
+		$valid_amount = ((!empty($_POST['points'])) && ($_POST['points'] <= __TRANSFER_MAX_VALUE));
+
+		// Test reason for transfer
+		$valid_reason = (!empty($_POST['reason']));
+
+		// Test if a recipient is selected
+		$valid_recipient = ($_POST['to_uid'] > 0);
+
+		// Check for nickname extension and set additional data
+		$nick = false; $ADD = ", userid";
+		if (EXT_IS_ACTIVE("nickname"))
+		{
+			$ADD = ", nickname";
+			$nick = true;
+		}
+		// Re-check receivers and own personal data
+		$result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
+		 array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
+		$valid_data = (SQL_NUMROWS($result) == 2);
+
+		if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient)
+		{
+			// Let's start the transfer and load user data
+			list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
+			list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
+			SQL_FREERESULT($result);
+			if ($uid1 == $GLOBALS['userid'])
+			{
+				// Data row 1 is sender's data
+				define('__SENDER_SEX'     , TRANSLATE_SEX($sex1));
+				define('__SENDER_NICK'    , $nick1);
+				define('__SENDER_SNAME'   , $sname1);
+				define('__SENDER_FNAME'   , $fname1);
+				define('__SENDER_EMAIL'   , $email1);
+				// Data row 2 is recpient's data
+				define('__RECIPIENT_SEX'  , TRANSLATE_SEX($sex2));
+				define('__RECIPIENT_NICK' , $nick2);
+				define('__RECIPIENT_SNAME', $sname2);
+				define('__RECIPIENT_FNAME', $fname2);
+				define('__RECIPIENT_EMAIL', $email2);
+
+				// Prepare variables for testing
+				$TEST_NICK_SENDER = $nick1;
+				$TEST_NICK_REC = $nick2;
+			}
+			 else
+			{
+				// Data row 2 is sender's data
+				define('__SENDER_SEX'     , TRANSLATE_SEX($sex2));
+				define('__SENDER_NICK'    , $nick2);
+				define('__SENDER_SNAME'   , $sname2);
+				define('__SENDER_FNAME'   , $fname2);
+				define('__SENDER_EMAIL'   , $email2);
+				// Data row 1 is recpient's data
+				define('__RECIPIENT_SEX'  , TRANSLATE_SEX($sex1));
+				define('__RECIPIENT_NICK' , $nick1);
+				define('__RECIPIENT_SNAME', $sname1);
+				define('__RECIPIENT_FNAME', $fname1);
+				define('__RECIPIENT_EMAIL', $email1);
+
+				// Prepare variables for testing
+				$TEST_NICK_SENDER = $nick2;
+				$TEST_NICK_REC = $nick1;
+			}
+			// Sender's UID is always currently stored in cookie userid...
+			define('__SENDER_UID'     , $GLOBALS['userid']);
+			define('__RECIPIENT_UID'  , $_POST['to_uid']);
+
+			$SENDER = __SENDER_UID;
+			$RECIPIENT = __RECIPIENT_UID;
+			if ($nick)
+			{
+				if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER)))
+				{
+					$SENDER = __SENDER_NICK;
+				}
+				if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC)))
+				{
+					$RECIPIENT = __RECIPIENT_NICK;
+				}
+			}
+
+			// Remember transfer reason and fancy date/time in constants
+			define('__TRANSFER_REASON', $_POST['reason']);
+			if (function_exists('CREATE_FANCY_TIME'))
+			{
+				define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($CONFIG['transfer_age']));
+			}
+			 else
+			{
+				define('__TRANSFER_EXPIRES', round($CONFIG['transfer_age']/60/60/24)." ".DAYS);
+			}
+
+			// Generate tranafer id
+			define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
+
+			// Add entries to both tables
+			$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
+			 array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
+			 __FILE__, __LINE__);
+			$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
+			 array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
+			 __FILE__, __LINE__);
+
+			// Add points to account *directly* ...
+			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth='0' LIMIT 1",
+			 array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__);
+
+			// ... and add it to current user's used points
+			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
+			 array(bigintval($_POST['points']), $GLOBALS['userid']), __FILE__, __LINE__);
+
+			// First send email to recipient
+			$msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", __RECIPIENT_UID);
+			SEND_EMAIL(__RECIPIENT_EMAIL, TRANSFER_MEMBER_RECIPIENT_SUBJ.": ".$SENDER, $msg);
+
+			// Second send email to sender
+			$msg = LOAD_EMAIL_TEMPLATE("member_transfer_sender", "", __SENDER_UID);
+			SEND_EMAIL(__SENDER_EMAIL, TRANSFER_MEMBER_SENDER_SUBJ.": ".$RECIPIENT, $msg);
+
+			// At last send admin mail(s)
+			$ADMIN_SUBJ = TRANSFER_ADMIN_SUBJECT." (".$SENDER."->".$RECIPIENT.")";
+			if (GET_EXT_VERSION("admins") >= "0.4.1")
+			{
+				SEND_ADMIN_EMAILS_PRO($ADMIN_SUBJ, "admin_transfer_points");
+			}
+			 else
+			{
+				$msg = LOAD_EMAIL_TEMPLATE("admin_transfer_points");
+				SEND_ADMIN_EMAILS($ADMIN_SUBJ, $msg);
+			}
+
+			// Transfer is completed
+			OUTPUT_HTML ("<P>");
+			LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."<BR><A href=\"".URL."/modules.php?module=login&amp;what=transfer\">".TRANSFER_CONTINUE_OVERVIEW."</A>");
+			OUTPUT_HTML ("</P>");
+		}
+		 elseif (!$valid_code)
+		{
+			// Invalid Touring code!
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_CODE."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+		 elseif (!$valid_pass)
+		{
+			// Wrong password entered
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_PASSWORD."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+		 elseif (!$valid_amount)
+		{
+			// Too much points entered
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_POINTS."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+		 elseif (!$valid_reason)
+		{
+			// No transfer reason entered
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_REASON."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+		 elseif (!$valid_recipient)
+		{
+			// No recipient selected
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_RECIPIENT."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+		 elseif (!$valid_data)
+		{
+			// No recipient selected
+			OUTPUT_HTML ("<P><STRONG class=\"member_note\">".TRANSFER_INVALID_DATA."</STRONG></P>");
+			unset($_POST['ok']);
+		}
+	}
+	if (!isset($_POST['ok']))
+	{
+		// Load member list
+		if (EXT_IS_ACTIVE("nickname"))
+		{
+			// Load userid and nickname
+			$result = SQL_QUERY_ESC("SELECT userid, nickname FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
+			 array($GLOBALS['userid']), __FILE__, __LINE__);
+		}
+		 else
+		{
+			// Load only userid
+			$result = SQL_QUERY_ESC("SELECT userid, userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
+			 array($GLOBALS['userid']), __FILE__, __LINE__);
+		}
+		if (SQL_NUMROWS($result) > 0)
+		{
+			// Load list
+			$OUT  = "<SELECT name=\"to_uid\" size=\"1\" class=\"member_select\">
+  <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
+			while (list($uid, $nick) = SQL_FETCHROW($result))
+			{
+				$OUT .= "<OPTION value=\"".$uid."\"";
+				if ((isset($_POST['to_uid'])) && ($_POST['to_uid'] == $uid)) $OUT .= " selected=\"selected\"";
+				$OUT .= ">";
+				if (($nick != $uid) && (!empty($nick)))
+				{
+					// Output nickname
+					$OUT .= $nick;
+				}
+				 else
+				{
+					// Output userid
+					$OUT .= $uid;
+				}
+				$OUT .= "</OPTION>\n";
+			}
+			$OUT .= "</SELECT>\n";
+			define('__TRANSFER_TO_DISABLED', "");
+
+			// Free memory
+			SQL_FREERESULT($result);
+		}
+		 else
+		{
+			// No one else is opt-in
+			$OUT = TRANSFER_NO_ONE_ELSE_OPT_IN;
+			define('__TRANSFER_TO_DISABLED', " disabled");
+		}
+		// Transfer output to constant for the template
+		define('__TRANSFER_USERID_SELECTION', $OUT);
+
+		// Generate Code
+		if ($CONFIG['transfer_code'] > 0)
+		{
+			$rand = rand(0, 99999);
+			$code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
+			$img = GENERATE_IMAGE($code, false);
+			define('__TRANSFER_IMAGE_INPUT', "<INPUT type=\"hidden\" name=\"code_chk\" value=\"".$rand."\"><INPUT type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".__TRANSFER_TO_DISABLED.">&nbsp;".$img);
+		}
+		 else
+		{
+			$code = "00000";
+			define('__TRANSFER_IMAGE_INPUT', TRANSFER_NO_CODE);
+		}
+
+		// Transfer maybe already entered valued'
+		if (isset($_GET['ok'])) {
+			// Get values from form
+			define('__TRANSFER_POINTS_VALUE', bigintval($_POST['points']));
+			define('__TRANSFER_REASON_VALUE', strip_tags($_POST['reason']));
+		} else {
+			// Set empty values
+			define('__TRANSFER_POINTS_VALUE', "");
+			define('__TRANSFER_REASON_VALUE', "");
+		}
+
+		// Output form
+		LOAD_TEMPLATE("member_transfer_new");
+	}
+	break;
+
+case "list_in": // List only incoming transactions
+case "list_out": // List only outgoing transactions
+	// As you can see I put list_in and list_out together. I now do a switch() again on it for the right SQL command
+	switch ($MODE)
+	{
+	case "list_in":
+		$SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d ORDER BY time_trans DESC LIMIT ".$CONFIG['transfer_max'];
+		$NOTHING = TRANSFER_NO_INCOMING_TRANSFERS;
+		define('__TRANSFER_SUM', TRANSFER_TOTAL_INCOMING);
+		define('__TRANSFER_TITLE', TRANSFER_LIST_INCOMING);
+		break;
+
+	case "list_out":
+		$SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d ORDER BY time_trans DESC LIMIT ".$CONFIG['transfer_max'];
+		$NOTHING = TRANSFER_NO_OUTGOING_TRANSFERS;
+		define('__TRANSFER_SUM', TRANSFER_TOTAL_OUTGOING);
+		define('__TRANSFER_TITLE', TRANSFER_LIST_OUTGOING);
+		break;
+	}
+
+	// Run the SQL command
+	$total = "0";
+	$result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__);
+	if (SQL_NUMROWS($result) > 0)
+	{
+		$OUT = ""; $SW = 2;
+		while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result))
+		{
+			if ($type == "OUT") $points = "$points-";
+			$OUT .= "<TR>
+  <TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row1\">".$tid."</FONT>
+  </TD>
+  <TD class=\"transfer_row2 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row2\">".MAKE_DATETIME($stamp, "3")."</FONT>
+  </TD>
+  <TD class=\"transfer_row3 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row3\">".$uid."</FONT>
+  </TD>
+  <TD class=\"transfer_row4 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row4\">".$reason."</FONT>
+  </TD>
+  <TD class=\"transfer_row5 switch_sw".$SW." bottom2\">
+    <FONT class=\"transfer_row5\">".$points."</FONT>
+  </TD>
+</TR>\n";
+			$total += $points;
+			$SW = 3 - $SW;
+		}
+
+		// Free memory
+		SQL_FREERESULT($result);
+	}
+	 else
+	{
+		// Nothing for in or out
+		$OUT = "<TR>
+  <TD colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
+    ".LOAD_TEMPLATE("admin_settings_saved", true, $NOTHING)."
+  </TD>
+</TR>";
+	}
+
+	// ... and add them to a constant for the template
+	define('__TRANSFER_ROWS', $OUT);
+
+	// Remeber total amount
+	define('__TRANSFER_TOTAL_VALUE', $total);
+
+	// Load final template
+	LOAD_TEMPLATE("member_transfer_list");
+	break;
+
+case "list_all": // List all transactions
+	// We fill a temporay table with data from both tables. This is much easier
+	// to code and unstand by you as sub-SELECT queries. I know this is not the
+	// fastest way but it shall be fine for now.
+	//
+	// First of all create the temporary table
+	$result = SQL_QUERY("CREATE TEMPORARY TABLE "._MYSQL_PREFIX."_transfers_tmp (
+trans_id varchar(12) not null default '',
+party_uid bigint(20) not null default '0',
+points bigint(20) not null default '0',
+reason varchar(255) not null default '',
+time_trans varchar(10) not null default '0',
+trans_type enum('IN', 'OUT') not null default 'IN',
+KEY(party_uid)
+) TYPE=HEAP", __FILE__, __LINE__);
+
+	// Let's begin with the incoming list
+	$result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d ORDER BY id LIMIT %s",
+array($GLOBALS['userid'], $CONFIG['transfer_max']), __FILE__, __LINE__);
+	while ($DATA = SQL_FETCHROW($result))
+	{
+		$DATA[] = "IN";
+		$DATA = implode("', '", $DATA);
+		$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
+	}
+
+	// Free memory
+	SQL_FREERESULT($result);
+
+	// As the last table transfer data from outgoing table to temporary
+	$result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d ORDER BY id LIMIT %s",
+array($GLOBALS['userid'], $CONFIG['transfer_max']), __FILE__, __LINE__);
+	while ($DATA = SQL_FETCHROW($result))
+	{
+		$DATA[] = "OUT";
+		$DATA = implode("', '", $DATA);
+		$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
+	}
+
+	// Free memory
+	SQL_FREERESULT($result);
+
+	$total = "0";
+	if (SQL_NUMROWS($result) > 0)
+	{
+		// Output rows
+		$OUT = ""; $SW = 2;
+		$result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__);
+		while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result))
+		{
+			if ($type == "OUT") $points = "-$points";
+			$OUT .= "<TR>
+  <TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row1\">".$idx."</FONT>
+  </TD>
+  <TD class=\"transfer_row2 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row2\">".MAKE_DATETIME($stamp, "3")."</FONT>
+  </TD>
+  <TD class=\"transfer_row3 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row3\">".$uid."</FONT>
+  </TD>
+  <TD class=\"transfer_row4 switch_sw".$SW." bottom2 right2\">
+    <FONT class=\"transfer_row4\">".$reason."</FONT>
+  </TD>
+  <TD class=\"transfer_row5 switch_sw".$SW." bottom2\">
+    <FONT class=\"transfer_row5\">".$points."</FONT>
+  </TD>
+</TR>\n";
+			$total += $points;
+			$SW = 3 - $SW;
+		}
+
+		// Free memory
+		SQL_FREERESULT($result);
+	}
+	 else
+	{
+		// Nothing for in and out
+		$OUT = "<TR>
+  <TD colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
+    ".LOAD_TEMPLATE("admin_settings_saved", true, TRANSFER_NO_INOUT_TRANSFERS)."
+  </TD>
+</TR>";
+	}
+
+	// ... and add them to a constant for the template
+	define('__TRANSFER_ROWS', $OUT);
+
+	// Remeber total amount
+	define('__TRANSFER_TOTAL_VALUE', $total);
+
+	// Set title
+	define('__TRANSFER_TITLE', TRANSFER_LIST_ALL);
+
+	// Set "balance" word
+	define('__TRANSFER_SUM', TRANSFER_TOTAL_BALANCE);
+
+	// Load final template
+	LOAD_TEMPLATE("member_transfer_list");
+
+	// At the end we don't need a temporay table in memory
+	$result = SQL_QUERY("DROP TABLE IF EXISTS "._MYSQL_PREFIX."_transfers_tmp", __FILE__, __LINE__);
+
+	// Free some memory...
+	SQL_FREERESULT($result);
+	break;
+
+case "": // Overview page
+	// Check incoming transfers
+	$result = SQL_QUERY_ESC("SELECT COUNT(id) FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%d", array($GLOBALS['userid']), __FILE__, __LINE__);
+	list($dmy) = SQL_FETCHROW($result);
+	SQL_FREERESULT($result);
+
+	$total=$dmy;
+	if ($dmy > 0)
+	{
+		define('__TRANSFER_IN_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_in\">".$dmy."</A>");
+	}
+	 else
+	{
+		define('__TRANSFER_IN_LINK', $dmy);
+	}
+
+	// Check outgoing transfers
+	$result = SQL_QUERY_ESC("SELECT COUNT(id) FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%d", array($GLOBALS['userid']), __FILE__, __LINE__);
+	list($dmy) = SQL_FETCHROW($result);
+	SQL_FREERESULT($result);
+
+	$total+=$dmy;
+	if ($dmy > 0)
+	{
+		define('__TRANSFER_OUT_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_out\">".$dmy."</A>");
+	}
+	 else
+	{
+		define('__TRANSFER_OUT_LINK', $dmy);
+	}
+
+	// Total transactions
+	if ($total > 0)
+	{
+		define('__TRANSFER_ALL_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=list_all\">".$total."</A>");
+	}
+	 else
+	{
+		define('__TRANSFER_ALL_LINK', $total);
+	}
+
+	if (isset($_POST['ok']))
+	{
+		// Save settings
+		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET opt_in='%s' WHERE userid=%d LIMIT 1",
+		 array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__);
+
+		// Rember for next switch() command
+		$opt_in = $_POST['opt_in'];
+
+		// "Settings saved..."
+		OUTPUT_HTML ("<P><STRONG class=\"member_done\">".SETTINGS_SAVED."</STRONG></P>");
+	}
+	switch ($opt_in)
+	{
+	case "Y":
+		define('__TRANSFER_ALLOW_Y', " checked");
+		define('__TRANSFER_ALLOW_N', "");
+		define('__TRANSFER_NEW_LINK', "<A href=\"".URL."/modules.php?module=login&amp;what=transfer&amp;mode=new\">".TRANSFER_NOW_LINK."</A>");
+		break;
+
+	case "N":
+		define('__TRANSFER_ALLOW_Y', "");
+		define('__TRANSFER_ALLOW_N', " checked");
+		define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN);
+		break;
+	}
+
+	// Check for latest out-transfers
+	$result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > ".(time() - $CONFIG['transfer_timeout'])." AND userid=%d ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+	if (SQL_NUMROWS($result) == 0)
+	{
+		// Load template
+		define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));
+	}
+	 else
+	{
+		// Load newest transaction
+		list($newest) = SQL_FETCHROW($result);
+		SQL_FREERESULT($result);
+		define('__TRANSFER_SETTINGS_CONTENT', TRANSFER_LATEST_IS_1.MAKE_DATETIME($newest, "3").TRANSFER_LATEST_IS_2);
+	}
+	// Load template
+	LOAD_TEMPLATE("member_transfer_overview");
+	break;
+}
+//
+?>