X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=5d1670bccf6bc7adcfb411e2ba05ed68684a1db7;hb=8fad776382e63b3f73f8dbe289f229d79cfc2c22;hp=fdde08146f8c41a753474fdd121448a472bf579e;hpb=5ef6ed7373ae85e5635e39e2a0adf9496a8add05;p=mailer.git diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index fdde08146f..f974520cdf 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -1,7 +1,7 @@ 0", - array($GLOBALS['userid']), __FILE__, __LINE__); - list($total) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - - // Get totally used points and password - $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); - list($used, $pass) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - - // Remember maximum value for template - define('__TRANSFER_MAX_VALUE', round($total - $used - $CONFIG['transfer_balance'] - 0.5)); - - if (isset($_POST['ok'])) - { - // Add new transfer - if ($CONFIG['transfer_code'] > 0) - { - // Check for code - $code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); - $valid_code = ($code == $_POST['code']); - } - else - { - // Zero length (= disabled) is always valid! - $valid_code = true; - } +if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) { + $mode = ''; +} // END - if + +switch ($mode) { + case 'new': // Start new transfer + // Get total points and subtract the balance amount from it = maximum transferable points + $total = getTotalPoints(getMemberId()); + + // Remember maximum value for template + $content['max_transferable'] = round($total - getConfig('transfer_balance') - 0.5); + + if (isFormSent()) { + // Add new transfer + if (getTransferCode() > 0) { + // Check for code + $code = generateRandomCode(getTransferCode(), postRequestElement('code_chk'), getMemberId(), $content['max_transferable']); + $valid_code = ($code == postRequestElement('code')); + } else { + // Zero length (= disabled) is always valid! + $valid_code = true; + } - // Test password - $valid_pass = ($pass == generateHash($_POST['password'], $pass)); + // Test password + $valid_pass = ($pass == generateHash(postRequestElement('password'), $pass)); - // Test transfer amount - $valid_amount = ((!empty($_POST['points'])) && ($_POST['points'] <= __TRANSFER_MAX_VALUE)); + // Test transfer amount + $valid_amount = ((isPostRequestElementSet('points')) && (postRequestElement('points') <= $content['max_transferable'])); - // Test reason for transfer - $valid_reason = (!empty($_POST['reason'])); + // Test reason for transfer + $valid_reason = (isPostRequestElementSet('reason')); - // Test if a recipient is selected - $valid_recipient = ($_POST['to_uid'] > 0); + // Test if a recipient is selected + $valid_recipient = isValidUserId(postRequestElement('to_userid')); - // Check for nickname extension and set additional data - $nick = false; $ADD = ", userid"; - if (EXT_IS_ACTIVE("nickname")) - { - $ADD = ", nickname"; - $nick = true; - } - // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", - array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); - $valid_data = (SQL_NUMROWS($result) == 2); - - if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) - { - // Let's start the transfer and load user data - list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); - list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - if ($uid1 == $GLOBALS['userid']) - { - // Data row 1 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex1)); - define('__SENDER_NICK' , $nick1); - define('__SENDER_SNAME' , $sname1); - define('__SENDER_FNAME' , $fname1); - define('__SENDER_EMAIL' , $email1); - // Data row 2 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex2)); - define('__RECIPIENT_NICK' , $nick2); - define('__RECIPIENT_SNAME', $sname2); - define('__RECIPIENT_FNAME', $fname2); - define('__RECIPIENT_EMAIL', $email2); + // Re-check receivers and own personal data + $result = SQL_QUERY_ESC("SELECT `userid`,`gender`,`surname`,`family`,`email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid` IN ('%s','%s') AND `status`='CONFIRMED'" . runFilterChain('user_exclusion_sql', ' ') . " LIMIT 2", + array( + getMemberId(), + bigintval(postRequestElement('to_userid')) + ), __FILE__, __LINE__); - // Prepare variables for testing - $TEST_NICK_SENDER = $nick1; - $TEST_NICK_REC = $nick2; - } - else - { - // Data row 2 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex2)); - define('__SENDER_NICK' , $nick2); - define('__SENDER_SNAME' , $sname2); - define('__SENDER_FNAME' , $fname2); - define('__SENDER_EMAIL' , $email2); - // Data row 1 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex1)); - define('__RECIPIENT_NICK' , $nick1); - define('__RECIPIENT_SNAME', $sname1); - define('__RECIPIENT_FNAME', $fname1); - define('__RECIPIENT_EMAIL', $email1); + // Is there two entries? + $valid_data = (SQL_NUMROWS($result) == 2); + + // Final check if all is fine + if ($valid_code && $valid_data && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { + // Let's start the transfer and load user data + $content['sender'] = SQL_FETCHARRAY($result); + $content['recipient'] = SQL_FETCHARRAY($result); + + // Is the nickname extension not installed? + if (!isExtensionActive('nickname')) { + // Fix empty nicknames + $content['sender']['nickname'] = ''; + $content['recipient']['nickname'] = ''; + } // END - if // Prepare variables for testing - $TEST_NICK_SENDER = $nick2; - $TEST_NICK_REC = $nick1; - } - // Sender's UID is always currently stored in cookie userid... - define('__SENDER_UID' , $GLOBALS['userid']); - define('__RECIPIENT_UID' , $_POST['to_uid']); - - $SENDER = __SENDER_UID; - $RECIPIENT = __RECIPIENT_UID; - if ($nick) - { - if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER))) - { - $SENDER = __SENDER_NICK; - } - if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC))) - { - $RECIPIENT = __RECIPIENT_NICK; - } + $TEST_NICK_SENDER = $content['sender']['nickname']; + $TEST_NICK_REC = $content['recipient']['nickname']; + + // Default is userids for subject line + $SENDER = getMemberId(); + $RECIPIENT = bigintval(postRequestElement('to_userid')); + + // If nickname is installed we can set the nickname + // @TODO Rewrite this to a filter + if (isExtensionActive('nickname')) { + if (($TEST_NICK_SENDER != getMemberId()) && (!empty($TEST_NICK_SENDER))) { + $SENDER = $content['sender']['nickname']; + } // END - if + + if (($TEST_NICK_REC != postRequestElement('to_userid')) && (!empty($TEST_NICK_REC))) { + $RECIPIENT = $content['recipient']['nickname']; + } // END - if + } // END - if + + // Remember transfer reason + $content['reason'] = postRequestElement('reason'); + + // Generate tranafer id + $content['trans_id'] = bigintval(generateRandomCode('10', getRandomTan(), getMemberId(), postRequestElement('reason'))); + + // Add entries to both tables + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`,`from_userid`,`points`,`reason`,`time_trans`,`trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)", + array( + bigintval(postRequestElement('to_userid')), + getMemberId(), + bigintval(postRequestElement('points')), + postRequestElement('reason'), + $content['trans_id'] + ), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`,`to_userid`,`points`,`reason`,`time_trans`,`trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)", + array( + getMemberId(), + bigintval(postRequestElement('to_userid')), + bigintval(postRequestElement('points')), + postRequestElement('reason'), + $content['trans_id'] + ), __FILE__, __LINE__); + + // Add points to account *directly* ... + initReferralSystem(); + addPointsThroughReferralSystem('transfer', bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points'))); + + // ... and add it to current user's used points and ignore return status + subtractPoints('transfer', getMemberId(), postRequestElement('points')); + + // First send email to recipient + $message = loadEmailTemplate('member_transfer_recipient', $content, postRequestElement('to_userid')); + sendEmail($content['recipient']['userid'], '{--TRANSFER_MEMBER_RECIPIENT_SUBJECT--}' . ': ' . $SENDER, $message); + + // Second send email to sender + $message = loadEmailTemplate('member_transfer_sender', $content, getMemberId()); + sendEmail($content['sender']['userid'], '{--TRANSFER_MEMBER_SENDER_SUBJECT--}' . ': ' . $RECIPIENT, $message); + + // At last send admin mail(s) + $adminSubject = sprintf("%s (%s->%s)", '{--ADMIN_TRANSFER_SUBJECT--}', $SENDER, $RECIPIENT); + sendAdminNotification($adminSubject, 'admin_transfer_points', $content); + + // Transfer is completed + displayMessage('
");
- LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW."");
- OUTPUT_HTML("
".TRANSFER_INVALID_CODE."
"); - unset($_POST['ok']); - } - elseif (!$valid_pass) - { - // Wrong password entered - OUTPUT_HTML("".TRANSFER_INVALID_PASSWORD."
"); - unset($_POST['ok']); - } - elseif (!$valid_amount) - { - // Too much points entered - OUTPUT_HTML("".TRANSFER_INVALID_POINTS."
"); - unset($_POST['ok']); - } - elseif (!$valid_reason) - { - // No transfer reason entered - OUTPUT_HTML("".TRANSFER_INVALID_REASON."
"); - unset($_POST['ok']); - } - elseif (!$valid_recipient) - { - // No recipient selected - OUTPUT_HTML("".TRANSFER_INVALID_RECIPIENT."
"); - unset($_POST['ok']); - } - elseif (!$valid_data) - { - // No recipient selected - OUTPUT_HTML("".TRANSFER_INVALID_DATA."
"); - unset($_POST['ok']); - } - } - if (!isset($_POST['ok'])) - { - // Load member list - if (EXT_IS_ACTIVE("nickname")) - { - // Load userid and nickname - $result = SQL_QUERY_ESC("SELECT userid, nickname FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", - array($GLOBALS['userid']), __FILE__, __LINE__); - } - else - { - // Load only userid - $result = SQL_QUERY_ESC("SELECT userid, userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", - array($GLOBALS['userid']), __FILE__, __LINE__); - } - if (SQL_NUMROWS($result) > 0) - { - // Load list - $OUT = "\n"; - define('__TRANSFER_TO_DISABLED', ""); + + // Init points/reason + $content['points'] = ''; + $content['reason'] = ''; + + // Transfer maybe already entered valued' + if (isPostRequestElementSet('ok')) { + // Get values from form + $content['points'] = postRequestElement('points'); + $content['reason'] = postRequestElement('reason'); + } // END - if + + // Output form + loadTemplate('member_transfer_new', false, $content); + } // END - if + break; + + case 'list_in': // List only incoming transactions + case 'list_out': // List only outgoing transactions + // As you can see I put list_in and list_out together. I now do a switch() again on it for the right SQL command + $nothingMessage = ''; + switch ($mode) { + case 'list_in': + $sql = 'SELECT `trans_id`,`from_userid` AS party_userid,`points`,`reason`,`time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT {?transfer_max?}'; + $nothingMessage = '{--MEMBER_TRANSFER_NO_INCOMING_TRANSFERS--}'; + $content['balance'] = '{--MEMBER_TRANSFER_TOTAL_INCOMING--}'; + $content['title'] = '{--MEMBER_LIST_INCOMING_TRANSFER_TITLE--}'; + break; + + case 'list_out': + $sql = 'SELECT `trans_id`,`to_userid` AS party_userid,`points`,`reason`,`time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_out` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT {?transfer_max?}'; + $nothingMessage = '{--MEMBER_TRANSFER_NO_OUTGOING_TRANSFERS--}'; + $content['balance'] = '{--TRANSFER_TOTAL_OUTGOING--}'; + $content['title'] = '{--MEMBER_LIST_OUTGOING_TRANSFER_TITLE--}'; + break; + } // END - switch + + // Run the SQL command and set total points to zero + $totalPoints = '0'; + $result = SQL_QUERY_ESC($sql, array(getMemberId()), __FILE__, __LINE__); + + // Are there entries? + if (!SQL_HASZERONUMS($result)) { + $OUT = ''; + while ($content = SQL_FETCHARRAY($result)) { + // Rewrite points, out is subtracted + if ($type == 'OUT') { + $content['points'] = $content['points'] * -1; + } // END - if + + // Prepare content for template + $$content['time_trans'] = generateDateTime($content['time_trans'], 3); + + // Load row template + $OUT .= loadTemplate('member_transfer_row2', true, $content); + + // Add points and switch color + $totalPoints += $content['points']; + } // END - while // Free memory SQL_FREERESULT($result); - } - else - { - // No one else is opt-in - $OUT = TRANSFER_NO_ONE_ELSE_OPT_IN; - define('__TRANSFER_TO_DISABLED', " disabled"); - } - // Transfer output to constant for the template - define('__TRANSFER_USERID_SELECTION', $OUT); - - // Generate Code - if ($CONFIG['transfer_code'] > 0) - { - $rand = rand(0, 99999); - $code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE); - $img = GENERATE_IMAGE($code, false); - define('__TRANSFER_IMAGE_INPUT', " ".$img); - } - else - { - $code = "00000"; - define('__TRANSFER_IMAGE_INPUT', TRANSFER_NO_CODE); - } - - // Transfer maybe already entered valued' - if (isset($_GET['ok'])) { - // Get values from form - define('__TRANSFER_POINTS_VALUE', bigintval($_POST['points'])); - define('__TRANSFER_REASON_VALUE', strip_tags($_POST['reason'])); } else { - // Set empty values - define('__TRANSFER_POINTS_VALUE', ""); - define('__TRANSFER_REASON_VALUE', ""); + // Nothing for in or out + $OUT = '".SETTINGS_SAVED."
"); - } - switch ($opt_in) - { - case 'Y': - define('__TRANSFER_ALLOW_Y', " checked"); - define('__TRANSFER_ALLOW_N', ""); - define('__TRANSFER_NEW_LINK', "".TRANSFER_NOW_LINK.""); - break; - case 'N': - define('__TRANSFER_ALLOW_Y', ""); - define('__TRANSFER_ALLOW_N', " checked"); - define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN); + // ... and add them to a constant for the template + $content['rows'] = $OUT; + + // Remeber total amount + $content['total_points'] = $total; + + // Set title + $content['title'] = '{--TRANSFER_LIST_ALL--}'; + + // Set "balance" word + $content['balance'] = '{--TRANSFER_TOTAL_BALANCE--}'; + + // At the end we don't need a temporary table in memory + $result = SQL_QUERY_ESC("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_%s_transfers_tmp`", array(getMemberId()), __FILE__, __LINE__); + + // Load final template + loadTemplate('member_transfer_list', false, $content); + + // Free some memory... + SQL_FREERESULT($result); break; - } - // Check for latest out-transfers - $result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > ".(time() - $CONFIG['transfer_timeout'])." AND userid=%d ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) - { - // Load template - define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true)); - } - else - { - // Load newest transaction - list($newest) = SQL_FETCHROW($result); + default: // Overview page + // Check incoming transfers + $totalIn = countSumTotalData(getMemberId(), 'user_transfers_in', 'id', 'userid', true); + $content['in_link'] = $totalIn; + if ($totalIn > 0) { + $content['in_link'] = '' . $totalIn . ''; + } // END - if + + // Check outgoing transfers + $totalOut = countSumTotalData(getMemberId(), 'user_transfers_out', 'id', 'userid', true); + + $content['out_link'] = $totalOut; + if ($totalOut > 0) { + $content['out_link'] = '' . $totalOut . ''; + } // END - if + + // Add all to total amount + $total = $totalIn + $totalOut; + + // Total transactions + $content['all_link'] = $total; + if ($total > 0) { + $content['all_link'] = '{%pipe,translateComma=' . $total . '%}'; + } // END - if + + if (isFormSent()) { + // Save settings + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `opt_in`='%s' WHERE `userid`=%s LIMIT 1", + array(postRequestElement('opt_in'), getMemberId()), __FILE__, __LINE__); + + // "Settings saved..." + displayMessage('{--SETTINGS_SAVED--}'); + } // END - if + + // Init entries + foreach (array('allow_y','allow_n') as $entry) { + $content[$entry] = ''; + } // END - foreach + + // Set current selection + $content['allow_' . strtolower(getUserData('opt_in'))] = ' checked="checked"'; + + // Set 'new transfer' link according to above option + switch (getUserData('opt_in')) { + case 'Y': + $content['new_link'] = '{--MEMBER_TRANSFER_NOW_LINK--}'; + break; + + case 'N': + $content['new_link'] = '{--MEMBER_PLEASE_ALLOW_TRANSFER_RECEIVE--}'; + break; + } // END - switch + + // Check for latest out-transfers + $result = SQL_QUERY_ESC("SELECT + `time_trans` +FROM + `{?_MYSQL_PREFIX?}_user_transfers_out` +WHERE + (UNIX_TIMESTAMP() - `time_trans`) >= {?transfer_timeout?} AND + `userid`=%s +ORDER BY + `time_trans` DESC +LIMIT 1", + array( + getMemberId() + ), __FILE__, __LINE__); + + // Is there an entry? + if (SQL_NUMROWS($result) == 1) { + // Load newest transaction + list($newest) = SQL_FETCHROW($result); + $content['settings'] = '{%message,MEMBER_TRANSFER_LATEST_IS=' . generateDateTime($newest, '3') . '%}'; + } else { + // Load template + $content['settings'] = loadTemplate('member_transfer_settings', true, $content); + } + + // Free result SQL_FREERESULT($result); - define('__TRANSFER_SETTINGS_CONTENT', TRANSFER_LATEST_IS_1.MAKE_DATETIME($newest, "3").TRANSFER_LATEST_IS_2); - } - // Load template - LOAD_TEMPLATE("member_transfer_overview"); - break; -} -// + + // Load template + loadTemplate('member_transfer_overview', false, $content); + break; +} // END - switch + +// [EOF] ?>