X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=cf59a6ec085b1d732f7878ac92bb44136dfd5e51;hb=22ba710434fb8b31e8961976ee4a31ae28b4509d;hp=b5b2ad477255d063c15f57abbf4acf313f994b77;hpb=7cfec287d338c5b3af01b1a79881302505b3a795;p=mailer.git
diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php
index b5b2ad4772..cf59a6ec08 100644
--- a/inc/modules/member/what-transfer.php
+++ b/inc/modules/member/what-transfer.php
@@ -43,7 +43,7 @@ if (!defined('__SECURITY')) {
}
// Add description as navigation point
-addMenuDescription('member', __FILE__);
+addYouAreHereLink('member', __FILE__);
if ((!isExtensionActive('transfer')) && (!isAdmin())) {
loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('transfer'));
@@ -52,10 +52,14 @@ if ((!isExtensionActive('transfer')) && (!isAdmin())) {
// Check for mode in GET
$mode = '';
-if (isGetRequestParameterSet('mode')) $mode = getRequestParameter('mode');
+if (isGetRequestParameterSet('mode')) {
+ $mode = getRequestParameter('mode');
+} // END - if
// Check for "faker"
-if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) $mode = '';
+if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) {
+ $mode = '';
+} // END - if
switch ($mode) {
case 'new': // Start new transfer
@@ -247,9 +251,16 @@ switch ($mode) {
// Generate Code
if (getConfig('transfer_code') > 0) {
+ // Generate random number
$rand = mt_rand(0, 99999);
+
+ // Generate CAPTCHA code
$code = generateRandomCode(getConfig('transfer_code'), $rand, getMemberId(), $content['max_transferable']);
+
+ // Generate image (HTML code)
$img = generateImageOrCode($code, false);
+
+ // Add all and hidden field
$content['captcha_code'] = ' ' . $img;
} else {
$code = '00000';
@@ -337,12 +348,14 @@ switch ($mode) {
break;
case 'list_all': // List all transactions
- // We fill a temporary table with data from both tables. This is much easier
- // to code and unstand by you as sub-SELECT queries. I know this is not the
- // fastest way but it shall be fine for now.
- //
- // First of all create the temporary table
- $result = SQL_QUERY("CREATE TEMPORARY TABLE `{?_MYSQL_PREFIX?}_transfers_tmp` (
+ /*
+ * Fill a temporary table with data from both tables. This is much
+ * easier to code and unstandable by you as sub-SELECT queries. I know
+ * this is not the fastest way but it shall be fine for now.
+ */
+
+ // First of all create the per-user temporary table
+ $result = SQL_QUERY_ESC("CREATE TEMPORARY TABLE `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (
`trans_id` VARCHAR(12) NOT NULL DEFAULT '',
`party_userid` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
`points` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
@@ -350,7 +363,7 @@ switch ($mode) {
`time_trans` VARCHAR(10) NOT NULL DEFAULT 0,
`trans_type` ENUM('IN','OUT') NOT NULL DEFAULT 'IN',
KEY (`party_userid`)
-) TYPE=HEAP", __FILE__, __LINE__);
+) TYPE=HEAP", array(getMemberId()), __FILE__, __LINE__);
// Let's begin with the incoming list
$result = SQL_QUERY_ESC("SELECT `trans_id`, `from_userid`, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `id` ASC LIMIT {?transfer_max?}",
@@ -358,7 +371,7 @@ KEY (`party_userid`)
while ($DATA = SQL_FETCHROW($result)) {
$DATA[] = 'IN';
$DATA = implode("','", $DATA);
- $res_temp = SQL_QUERY("INSERT INTO `{?_MYSQL_PREFIX?}_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", __FILE__, __LINE__);
+ $res_temp = SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", array(getMemberId()), __FILE__, __LINE__);
} // END - while
// Free memory
@@ -370,23 +383,25 @@ KEY (`party_userid`)
while ($DATA = SQL_FETCHROW($result)) {
$DATA[] = 'OUT';
$DATA = implode("','", $DATA);
- $res_temp = SQL_QUERY("INSERT INTO `{?_MYSQL_PREFIX?}_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", __FILE__, __LINE__);
+ $res_temp = SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", array(getMemberId()), __FILE__, __LINE__);
} // END - while
// Free memory
SQL_FREERESULT($result);
+ // Search for entries
+ $result = SQL_QUERY_ESC("SELECT `party_userid`, `trans_id`, `points`, `reason`, `time_trans`, `trans_type` FROM `{?_MYSQL_PREFIX?}_%s_transfers_tmp` ORDER BY `time_trans` DESC",
+ array(getMemberId()), __FILE__, __LINE__);
+
$total = '0';
if (!SQL_HASZERONUMS($result)) {
- // Search for entries
- $result = SQL_QUERY("SELECT `party_userid`, `trans_id`, `points`, `reason`, `time_trans`, `trans_type` FROM `{?_MYSQL_PREFIX?}_transfers_tmp` ORDER BY `time_trans` DESC",
- __FILE__, __LINE__);
-
// Output rows
$OUT = '';
while ($content = SQL_FETCHARRAY($result)) {
- // Rewrite points
- if ($content['trans_type'] == 'OUT') $content['points'] = '-'.$content['points']."";
+ // Rewrite points if OUT
+ if ($content['trans_type'] == 'OUT') {
+ $content['points'] = $content['points'] * -1;
+ } // END - if
// Prepare content for template
$content['time'] = generateDateTime($content['time_trans'], 3);
@@ -397,9 +412,6 @@ KEY (`party_userid`)
// Add points and switch color
$total += $content['points'];
} // END - while
-
- // Free memory
- SQL_FREERESULT($result);
} else {
// Nothing for in and out
$OUT = '
@@ -409,6 +421,9 @@ KEY (`party_userid`)
';
}
+ // Free memory
+ SQL_FREERESULT($result);
+
// ... and add them to a constant for the template
$content['rows'] = $OUT;
@@ -422,7 +437,7 @@ KEY (`party_userid`)
$content['balance'] = '{--TRANSFER_TOTAL_BALANCE--}';
// At the end we don't need a temporary table in memory
- $result = SQL_QUERY("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_transfers_tmp`", __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_%s_transfers_tmp`", array(getMemberId()), __FILE__, __LINE__);
// Load final template
loadTemplate('member_transfer_list', false, $content);
@@ -433,27 +448,27 @@ KEY (`party_userid`)
default: // Overview page
// Check incoming transfers
- $total = countSumTotalData(getMemberId(), 'user_transfers_in', 'id', 'userid', true);
- $content['in_link'] = $total;
- if ($total > 0) {
- $content['in_link'] = '' . $total . '';
+ $totalIn = countSumTotalData(getMemberId(), 'user_transfers_in', 'id', 'userid', true);
+ $content['in_link'] = $totalIn;
+ if ($totalIn > 0) {
+ $content['in_link'] = '' . $totalIn . '';
} // END - if
// Check outgoing transfers
- $dmy = countSumTotalData(getMemberId(), 'user_transfers_out', 'id', 'userid', true);
+ $totalOut = countSumTotalData(getMemberId(), 'user_transfers_out', 'id', 'userid', true);
- // Add to total amount
- $total += $dmy;
-
- $content['out_link'] = $dmy;
- if ($dmy > 0) {
- $content['out_link'] = '' . $dmy . '';
+ $content['out_link'] = $totalOut;
+ if ($totalOut > 0) {
+ $content['out_link'] = '' . $totalOut . '';
} // END - if
+ // Add all to total amount
+ $total = $totalIn + $totalOut;
+
// Total transactions
$content['all_link'] = $total;
if ($total > 0) {
- $content['all_link'] = '' . $total . '';
+ $content['all_link'] = '{%pipe,translateComma=' . $total . '%}';
} // END - if
if (isFormSent()) {
@@ -490,12 +505,12 @@ KEY (`party_userid`)
FROM
`{?_MYSQL_PREFIX?}_user_transfers_out`
WHERE
- `time_trans` > (UNIX_TIMESTAMP() - %s) AND `userid`=%s
+ `time_trans` > (UNIX_TIMESTAMP() - {?transfer_timeout?}) AND
+ `userid`=%s
ORDER BY
`time_trans` DESC
LIMIT 1",
array(
- getConfig('transfer_timeout'),
getMemberId()
), __FILE__, __LINE__);