X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=ddbb47dd6f8298dd1ec6d887ab87b6f60b3ee8ab;hb=9ebbb5d10817b978a59bdb009b3f41b40fdb3c6c;hp=7e65b6fadb5f852e8976dd115898beb4acccab54;hpb=8383fc52cd2340ea1756f9e1808fa3589e27c341;p=mailer.git diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index 7e65b6fadb..ddbb47dd6f 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -32,10 +32,10 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} elseif (!IS_LOGGED_IN()) { +} elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); } elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); @@ -46,7 +46,7 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { ADD_DESCR("member", basename(__FILE__)); // Load data -$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", +$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); list($opt_in) = SQL_FETCHROW($result); @@ -57,19 +57,19 @@ $MODE = ""; if (!empty($_GET['mode'])) $MODE = $_GET['mode']; // Check for "faker" -if (($opt_in == 'N') && ($MODE == "new")) $MODE = ""; +if (($opt_in == "N") && ($MODE == "new")) $MODE = ""; switch ($MODE) { case "new": // Start new transfer // Get total points and subtract the balance amount from it = maximum transferable points - $result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND points > 0", + $result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND points > 0", array($GLOBALS['userid']), __FILE__, __LINE__); list($total) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Get totally used points and password - $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); list($used, $pass) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -112,26 +112,26 @@ case "new": // Start new transfer $nick = true; } // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); $valid_data = (SQL_NUMROWS($result) == 2); if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { // Let's start the transfer and load user data - list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); - list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); + list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); + list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); SQL_FREERESULT($result); if ($uid1 == $GLOBALS['userid']) { // Data row 1 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex1)); + define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1)); define('__SENDER_NICK' , $nick1); define('__SENDER_SNAME' , $sname1); define('__SENDER_FNAME' , $fname1); define('__SENDER_EMAIL' , $email1); // Data row 2 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex2)); + define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender2)); define('__RECIPIENT_NICK' , $nick2); define('__RECIPIENT_SNAME', $sname2); define('__RECIPIENT_FNAME', $fname2); @@ -144,13 +144,13 @@ case "new": // Start new transfer else { // Data row 2 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex2)); + define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2)); define('__SENDER_NICK' , $nick2); define('__SENDER_SNAME' , $sname2); define('__SENDER_FNAME' , $fname2); define('__SENDER_EMAIL' , $email2); // Data row 1 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex1)); + define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender1)); define('__RECIPIENT_NICK' , $nick1); define('__RECIPIENT_SNAME', $sname1); define('__RECIPIENT_FNAME', $fname1); @@ -201,12 +201,11 @@ case "new": // Start new transfer __FILE__, __LINE__); // Add points to account *directly* ... - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%s AND ref_depth=0 LIMIT 1", array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__); // ... and add it to current user's used points - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1", - array(bigintval($_POST['points']), $GLOBALS['userid']), __FILE__, __LINE__); + SUB_POINTS($GLOBALS['userid'], $_POST['points']); // First send email to recipient $msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", __RECIPIENT_UID); @@ -217,21 +216,11 @@ case "new": // Start new transfer SEND_EMAIL(__SENDER_EMAIL, TRANSFER_MEMBER_SENDER_SUBJ.": ".$RECIPIENT, $msg); // At last send admin mail(s) - $ADMIN_SUBJ = TRANSFER_ADMIN_SUBJECT." (".$SENDER."->".$RECIPIENT.")"; - if (GET_EXT_VERSION("admins") >= "0.4.1") - { - SEND_ADMIN_EMAILS_PRO($ADMIN_SUBJ, "admin_transfer_points"); - } - else - { - $msg = LOAD_EMAIL_TEMPLATE("admin_transfer_points"); - SEND_ADMIN_EMAILS($ADMIN_SUBJ, $msg); - } + $ADMIN_SUBJ = sprintf("%s (%s->%s)", TRANSFER_ADMIN_SUBJECT, $SENDER, $RECIPIENT); + SEND_ADMIN_NOTIFICATION($ADMIN_SUBJ, "admin_transfer_points"); // Transfer is completed - OUTPUT_HTML("
");
LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW."");
- OUTPUT_HTML("