c9bfafc8b1a5d2b84a7716cb103e554e2ccad803
[mailer.git] / inc / modules / member / what-order.php
1 <?php
2 /************************************************************************
3  * Mailer v0.2.1-FINAL                                Start: 10/19/2003 *
4  * ===================                          Last change: 08/26/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-order.php                                   *
8  * -------------------------------------------------------------------- *
9  * Short description : Order mails here                                 *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Hier koennen Ihre Mitglieder Mails buchen        *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
22  * For more information visit: http://www.mxchange.org                  *
23  *                                                                      *
24  * This program is free software; you can redistribute it and/or modify *
25  * it under the terms of the GNU General Public License as published by *
26  * the Free Software Foundation; either version 2 of the License, or    *
27  * (at your option) any later version.                                  *
28  *                                                                      *
29  * This program is distributed in the hope that it will be useful,      *
30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
32  * GNU General Public License for more details.                         *
33  *                                                                      *
34  * You should have received a copy of the GNU General Public License    *
35  * along with this program; if not, write to the Free Software          *
36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
37  * MA  02110-1301  USA                                                  *
38  ************************************************************************/
39
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
42         die();
43 } elseif (!isMember()) {
44         redirectToIndexMemberOnlyModule();
45 }
46
47 // Add description as navigation point
48 addMenuDescription('member', __FILE__);
49
50 if ((!isExtensionActive('order')) && (!isAdmin())) {
51         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('order'));
52         return;
53 } // END - if
54
55 $URL = ''; $id = '0';
56 $whereStatement = " WHERE `visible`='Y'";
57
58 // Set undefined array elements
59 if (isAdmin()) $whereStatement = '';
60
61 // Count unconfirmed mails
62 $links = countSumTotalData(getMemberId(), 'user_links', 'id', 'userid', true);
63
64 // Do we have ext-holiday installed?
65 // @TODO Rewrite this to a filter
66 $extraColumn = 'userid';
67 if (isExtensionInstalledAndNewer('holiday', '0.1.3')) {
68         // Fetch also holiday activation data
69         $extraColumn = 'holiday_active';
70 } // END - if
71
72 $result_mmails = SQL_QUERY_ESC("SELECT
73         `userid`,
74         `receive_mails`,
75         `mail_orders`,
76         `".$extraColumn."`
77 FROM
78         `{?_MYSQL_PREFIX?}_user_data`
79 WHERE
80         `userid`=%s AND
81         `max_mails` > 0
82 LIMIT 1",
83         array(getMemberId()), __FILE__, __LINE__);
84
85 $mmails = SQL_NUMROWS($result_mmails);
86 list($DMY, $MAXI, $ORDERS, $HOLIDAY) = SQL_FETCHROW($result_mmails);
87
88 // Free result
89 SQL_FREERESULT($result_mmails);
90
91 // Fix non-existent ext-holidy
92 if ($HOLIDAY == $DMY) $HOLIDAY = 'N';
93
94 $ALLOWED = $MAXI - $ORDERS;
95 if (getConfig('order_max_full') == 'MAX') $ALLOWED = $MAXI;
96
97 // Now check his points amount
98 $total = countSumTotalData(getMemberId(), 'user_points', 'points') - countSumTotalData(getMemberId(), 'user_data', 'used_points');;
99
100 if (($HOLIDAY == 'Y') && (isExtensionInstalledAndNewer('holiday', '0.1.3'))) {
101         // Holiday is active!
102         loadTemplate('admin_settings_saved', false, getMessage('HOLIDAY_ORDER_NOT_POSSIBLE'));
103 } elseif ((isPostRequestParameterSet('frametester')) && ($ALLOWED > 0) && (postRequestParameter('receiver') > 0)) {
104         // Continue with the frametester, we first need to store the data temporary in the pool
105         //
106         // First we would like to store the data and get it's pool position back...
107         $result = SQL_QUERY_ESC("SELECT `id`, `data_type`
108 FROM
109         `{?_MYSQL_PREFIX?}_pool`
110 WHERE
111         `sender`=%s AND
112         `url`='%s' AND
113         `timestamp` > (UNIX_TIMESTAMP() - %s)
114 LIMIT 1",
115                 array(
116                         getMemberId(),
117                         postRequestParameter('url'),
118                         getConfig('url_tlock')
119                 ), __FILE__, __LINE__);
120
121         $type = 'TEMP'; $id = '0';
122         if (SQL_NUMROWS($result) == 1) {
123                 // Load id and mail type
124                 list($id, $type) = SQL_FETCHROW($result);
125         } // END - if
126
127         // Free result
128         SQL_FREERESULT($result);
129
130         if ($type == 'TEMP') {
131                 // No entry found, so we need to check out the stats table as well... :)
132                 // We have to add that suff here, now we continue WITHOUT checking and check the text and subject against some filters
133                 $URL = '';
134                 if (getConfig('allow_url_in_text') == 'Y') {
135                         // Test submitted text against some filters (length, URLs in text etc.)
136                         if ((strpos(strtolower(postRequestParameter('text')), 'https://') > -1) || (strpos(strtolower(postRequestParameter('text')), 'http://') > -1) || (strpos(strtolower(postRequestParameter('text')), "www") > -1)) {
137                                 // URL found!
138                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('URL_FOUND');
139                         } // END - if
140
141                         // Remove new-line and carriage-return characters
142                         $TEST = str_replace("\n", '', str_replace("\r", '', postRequestParameter('text')));
143
144                         // Text length within allowed length?
145                         if (strlen($TEST) > getConfig('max_tlength')) {
146                                 // Text is too long!
147                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('OVERLENGTH');
148                         } // END - if
149                 } // END - if
150
151                 // Shall I test the subject line against URLs?
152                 if (getConfig('allow_url_in_subject') == 'Y') {
153                         // Check the subject line for issues
154                         setPostRequestParameter('subject', str_replace("\\", '[nl]', substr(postRequestParameter('subject'), 0, 200)));
155                         if ((strpos(strtolower(postRequestParameter('subject')), 'http://') > -1) || (strpos(strtolower(postRequestParameter('subject')), "www") > -1)) {
156                                 // URL in subject found
157                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('SUBJ_URL');
158                         } // END - if
159                 } // END - if
160
161                 // And shall I check that his URL is not in the black list?
162                 if (getConfig('url_blacklist') == 'Y') {
163                         // Ok, I do that for you know...
164                         $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`timestamp`) AS tstamp FROM `{?_MYSQL_PREFIX?}_url_blacklist` WHERE `url`='%s' LIMIT 1",
165                                 array(postRequestParameter('url')), __FILE__, __LINE__);
166
167                         if (SQL_NUMROWS($result) == 1) {
168                                 // Jupp, we got one listed
169                                 list($blist) = SQL_FETCHROW($result);
170
171                                 // Create redirect-URL
172                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('BLIST_URL') . '&amp;blist=' . $blist;
173                         } // END - if
174
175                         // Free result
176                         SQL_FREERESULT($result);
177                 } // END - if
178
179                 // Enougth receivers entered?
180                 if ((postRequestParameter('receiver') < getConfig('order_min')) && (!isAdmin())) {
181                         // Less than allowed receivers entered!
182                         $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('MORE_RECEIVERS3');
183                 } // END - if
184
185                 // Validate URL
186                 if (!isUrlValid(postRequestParameter('url'))) {
187                         // URL is invalid!
188                         $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('INVALID_URL');
189                 } // END - if
190
191                 // Probe for HTML extension
192                 if (isExtensionActive('html_mail')) {
193                         // HTML or regular text mail?
194                         if (postRequestParameter('html') == 'Y') {
195                                 // Chek for valid HTML tags
196                                 setPostRequestParameter('text', checkHtmlTags(postRequestParameter('text')));
197
198                                 // Maybe invalid tags found?
199                                 if (!isPostRequestParameterSet('text')) $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('INVALID_TAGS')."&amp;id=".$id;
200                         } else {
201                                 // Remove any HTML code
202                                 setPostRequestParameter('text', str_replace('<', '{OPEN_HTML}', str_replace('>', '{CLOSE_HTML}', postRequestParameter('text'))));
203                         }
204                 } // END - if
205
206                 // Is mail type set?
207                 if ((!isPostRequestParameterSet('mail_type')) || (postRequestParameter('mail_type') < 1)) {
208                         // Not correctly set
209                         $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('NO_MAIL_TYPE');
210                 } // END - if
211         } elseif (!isAdmin()) {
212                 // He has already sent a mail within a specific time
213                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('URL_TLOCK') . '&amp;id=' . $id;
214         }
215
216         // Still no error?
217         if (empty($URL)) {
218                 // Check if category and number of receivers is okay
219                 $add = '';
220                 if ((getConfig('order_multi_page') == 'Y') && (isPostRequestParameterSet('zip')) && (postRequestParameter('zip') != '')) {
221                         // Choose recipients by ZIP code
222                         $add = " AND d.zip LIKE '".bigintval(postRequestParameter('zip'))."{PER}'";
223                 } // END - if
224
225                 // Check for userids
226                 $result = SQL_QUERY_ESC("SELECT
227         c.userid
228 FROM
229         `{?_MYSQL_PREFIX?}_user_cats` AS c
230 LEFT JOIN
231         `{?_MYSQL_PREFIX?}_user_data` AS d
232 ON
233         c.userid=d.userid
234 WHERE
235         c.cat_id=%s AND
236         c.userid != '%s' AND
237         d.`status`='CONFIRMED' AND
238         d.receive_mails > 0
239         ".$add."
240 ORDER BY
241         d.%s %s",
242                         array(
243                                 bigintval(postRequestParameter('cat')),
244                                 getMemberId(),
245                                 getConfig('order_select'),
246                                 getConfig('order_mode'),
247                         ), __FILE__, __LINE__);
248
249                 // Do we enougth receivers left?
250                 if (SQL_NUMROWS($result) >= postRequestParameter('receiver')) {
251                         // Load receivers from database
252                         $TEST = array(); $cnt = '0';
253                         while ($holidayContent = SQL_FETCHARRAY($result)) {
254                                 if (isExtensionInstalledAndNewer('holiday', '0.1.3')) {
255                                         // Check for his holiday status
256                                         $result_holiday = SQL_QUERY_ESC("SELECT
257         `id`
258 FROM
259         `{?_MYSQL_PREFIX?}_user_holidays`
260 WHERE
261         `userid`=%s AND `holiday_start` < UNIX_TIMESTAMP() AND `holiday_end` > UNIX_TIMESTAMP()
262 LIMIT 1",
263                                                 array($holidayContent['userid']), __FILE__, __LINE__);
264                                         if (SQL_NUMROWS($result_holiday) == 1) $holidayContent['userid'] = '0'; // Exclude user who are in holiday
265
266                                         // Free memory
267                                         SQL_FREERESULT($result_holiday);
268                                 } // END - if
269
270                                 if ($holidayContent['userid'] > 0) {
271                                         // Add receiver
272                                         $TEST[] = $holidayContent['userid'];
273                                         $cnt++;
274                                 } // END - if
275                         } // END - while
276
277                         // Free memory
278                         SQL_FREERESULT($result);
279
280                         // Implode array into string for the sending pool
281                         $receiver = implode($TEST, ';');
282
283                         // Count array for maximum sent
284                         $content['target_send'] = count($TEST);
285
286                         // Update receiver list
287                         SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `receive_mails`=`receive_mails`-1 WHERE `userid` IN (%s) LIMIT %s",
288                                 array(convertReceivers($receiver), $content['target_send']), __FILE__, __LINE__);
289
290                         // Is calculated max receivers larger than wanted receivers then reset it
291                         if ($content['target_send'] > postRequestParameter('receiver')) $content['target_send'] = bigintval(postRequestParameter('receiver'));
292
293                         // Calculate used points
294                         $USED = $content['target_send'] * getPaymentPoints(bigintval(postRequestParameter('mail_type')));
295
296                         // Fix empty zip code
297                         if (!isPostRequestParameterSet('zip')) setPostRequestParameter('zip', 0);
298
299                         // Check if he has enougth points for this order and selected more than 0 receivers
300                         if (($USED > 0) && ($USED <= $total) && ($content['target_send'] > 0)) {
301                                 // Gettings points is okay, so we can add $USED later from
302                                 if (($id == '0') || ($type != 'TEMP')) {
303                                         // New order
304                                         $id = '0';
305                                         if (isExtensionActive('html_mail')) {
306                                                 // HTML extension is active
307                                                 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`, `html_msg`)
308 VALUES (%s,'%s','%s','%s','%s','TEMP',UNIX_TIMESTAMP(),'%s',%s,%s,%s,'%s')",
309                                                         array(
310                                                                 getMemberId(),
311                                                                 postRequestParameter('subject'),
312                                                                 postRequestParameter('text'),
313                                                                 $receiver,
314                                                                 bigintval(postRequestParameter('mail_type')),
315                                                                 postRequestParameter('url'),
316                                                                 bigintval(postRequestParameter('cat')),
317                                                                 $content['target_send'],
318                                                                 bigintval(postRequestParameter('zip'), true, false),
319                                                                 postRequestParameter('html')
320                                                         ), __FILE__, __LINE__);
321                                         } else {
322                                                 // No HTML extension is active
323                                                 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_pool` (`sender`, `subject`, `text`, `receivers`, `payment_id`, `data_type`, `timestamp`, `url`, `cat_id`, `target_send`, `zip`)
324 VALUES (%s,'%s','%s','%s','%s','TEMP',UNIX_TIMESTAMP(),'%s',%s,%s,%s)",
325                                                         array(
326                                                                 getMemberId(),
327                                                                 postRequestParameter('subject'),
328                                                                 postRequestParameter('text'),
329                                                                 $receiver,
330                                                                 bigintval(postRequestParameter('mail_type')),
331                                                                 postRequestParameter('url'),
332                                                                 bigintval(postRequestParameter('cat')),
333                                                                 $content['target_send'],
334                                                                 bigintval(postRequestParameter('zip'), true, false),
335                                                         ), __FILE__, __LINE__);
336                                         }
337                                 } else {
338                                         // Change current order
339                                         if (isExtensionActive('html_mail')) {
340                                                 // HTML extension is active
341                                                 SQL_QUERY_ESC("UPDATE
342         `{?_MYSQL_PREFIX?}_pool`
343 SET
344         `subject`='%s',
345         `text`='%s',
346         `receivers`='%s',
347         `payment_id`=%s,
348         `timestamp`=UNIX_TIMESTAMP(),
349         `url`='%s',
350         `cat_id`=%s,
351         `target_send`=%s,
352         `zip`=%s,
353         `html_msg`='%s'
354 WHERE
355         `id`=%s
356 LIMIT 1",
357                                                         array(
358                                                                 postRequestParameter('subject'),
359                                                                 postRequestParameter('text'),
360                                                                 $receiver,
361                                                                 bigintval(postRequestParameter('mail_type')),
362                                                                 postRequestParameter('url'),
363                                                                 bigintval(postRequestParameter('cat')),
364                                                                 $content['target_send'],
365                                                                 bigintval(postRequestParameter('zip')),
366                                                                 postRequestParameter('html'),
367                                                                 bigintval($id)
368                                                         ), __FILE__, __LINE__);
369                                         } else {
370                                                 // No HTML extension is active
371                                                 SQL_QUERY_ESC("UPDATE
372         `{?_MYSQL_PREFIX?}_pool`
373 SET
374         `subject`='%s',
375         `text`='%s',
376         `receivers`='%s',
377         `payment_id`=%s,
378         `timestamp`=UNIX_TIMESTAMP(),
379         `url`='%s',
380         `cat_id`=%s,
381         `target_send`=%s,
382         `zip`=%s
383 WHERE
384         `id`=%s
385 LIMIT 1",
386                                                         array(
387                                                                 postRequestParameter('subject'),
388                                                                 postRequestParameter('text'),
389                                                                 $receiver,
390                                                                 bigintval(postRequestParameter('mail_type')),
391                                                                 postRequestParameter('url'),
392                                                                 bigintval(postRequestParameter('cat')),
393                                                                 $content['target_send'],
394                                                                 bigintval(postRequestParameter('zip')),
395                                                                 bigintval($id)
396                                                         ), __FILE__, __LINE__);
397                                         }
398                                 }
399
400                                 // Do we need to get the id number?
401                                 if ($id == '0') {
402                                         // Order is placed as temporary. We need to get it's id for the frametester
403                                         $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `sender`=%s AND `subject`='%s' AND `payment_id`=%s AND `data_type`='TEMP' AND `timestamp`=UNIX_TIMESTAMP() LIMIT 1",
404                                                 array(
405                                                         getMemberId(),
406                                                         postRequestParameter('subject'),
407                                                         bigintval(postRequestParameter('mail_type'))
408                                                 ), __FILE__, __LINE__);
409
410                                         // Get pool id
411                                         list($id) = SQL_FETCHROW($result);
412
413                                         // Free result
414                                         SQL_FREERESULT($result);
415                                 } // END - if
416
417                                 // id is received so we can redirect the user, used points will be added when he send's out the mail
418                                 $URL = 'modules.php?module=frametester&amp;order=' . $id;
419                         } elseif ($content['target_send'] == '0') {
420                                 // Not enougth receivers found which can receive mails
421                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('MORE_RECEIVERS2');
422                         } else {
423                                 // No enougth points left!
424                                 $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('MORE_POINTS');
425                         }
426                 } else  {
427                         // Ordered more mails than he can send in this category
428                         $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('NO_RECS_LEFT');
429                 }
430         }
431 } elseif (postRequestParameter('receiver') == '0') {
432         // Not enougth receivers selected
433         $URL = 'modules.php?module=login&amp;what=order&amp;code=' . getCode('MORE_RECEIVERS1');
434 } elseif (($ALLOWED == '0') && (getConfig('order_max_full') == 'ORDER')) {
435         // No more mail orders allowed
436         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_ORDER_ALLOWED_EXHAUSTED'));
437 } elseif (($links < getConfig('unconfirmed')) && ($mmails == 1)) {
438         // Display order form
439         $result_cats = SQL_QUERY("SELECT
440         `id`, `cat`
441 FROM
442         `{?_MYSQL_PREFIX?}_cats`
443 ".$whereStatement."
444 ORDER BY
445         `sort` ASC", __FILE__, __LINE__);
446         if (SQL_NUMROWS($result_cats) > 0) {
447                 if ($total > 0) {
448                         // Initialize array...
449                         $categories = array(
450                                 'id'      => array(),
451                                 'name'    => array(),
452                                 'userids' => array()
453                         );
454
455                         // Enable HTML checking
456                         // @TODO Rewrite this to a filter
457                         $HTML = ''; $HOL_STRING = '';
458                         if ((isExtensionActive('html_mail')) && (postRequestParameter('html') == 'Y')) $HTML = " AND `html`='Y'";
459                         if (isExtensionInstalledAndNewer('holiday', '0.1.3')) {
460                                 // Extension's version is fine
461                                 $HOL_STRING = " AND `holiday_active`='N'";
462                         } // END - if
463
464                         // ... and begin loading stuff
465                         while ($categoriesContent = SQL_FETCHARRAY($result_cats)) {
466                                 $categories['id'][]   = bigintval($categoriesContent['id']);
467                                 $categories['name'][] = $categoriesContent['cat'];
468
469                                 // Select users in current category
470                                 $result_userids = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_cats` WHERE `cat_id`=%s AND `userid` != '%s' ORDER BY `userid` ASC",
471                                         array(bigintval($categoriesContent['id']), getMemberId()), __FILE__, __LINE__);
472
473                                 $userid_cnt = '0';
474                                 while (list($ucat) = SQL_FETCHROW($result_userids)) {
475                                         // Check for holiday system
476                                         $HOL_ACTIVE = false;
477                                         if (isExtensionInstalledAndNewer('holiday', '0.1.3')) {
478                                                 // Check user's holiday status
479                                                 $result_holiday = SQL_QUERY_ESC("SELECT
480         d.userid FROM `{?_MYSQL_PREFIX?}_user_data` AS d
481 LEFT JOIN
482         `{?_MYSQL_PREFIX?}_user_holidays` AS h
483 ON
484         d.userid=h.userid
485 WHERE
486         d.userid=%s AND
487         d.receive_mails > 0 AND
488         d.`status`='CONFIRMED' AND
489         d.`holiday_active`='Y' AND
490         h.holiday_start < UNIX_TIMESTAMP() AND
491         h.holiday_end > UNIX_TIMESTAMP()
492 LIMIT 1",
493                                                         array(bigintval($ucat)), __FILE__, __LINE__);
494
495                                                 // Is holiday is active?
496                                                 $HOL_ACTIVE = (SQL_NUMROWS($result_holiday) == 1);
497
498                                                 // Free memory
499                                                 SQL_FREERESULT($result_holiday);
500                                         } // END - if
501
502                                         if ($HOL_ACTIVE === false) {
503                                                 // Check if the user want's to receive mails?
504                                                 $result_ver = SQL_QUERY_ESC("SELECT `zip` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s".$HTML." AND `receive_mails` > 0 AND `status`='CONFIRMED' LIMIT 1",
505                                                         array(bigintval($ucat)), __FILE__, __LINE__);
506
507                                                 if ((SQL_NUMROWS($result_ver) == 1) && (isPostRequestParameterSet('zip')) && (getConfig('order_multi_page') == 'Y')) {
508                                                         // Get zip code
509                                                         list($zip) = SQL_FETCHROW($result_ver);
510                                                         if (substr($zip, 0, strlen(postRequestParameter('zip'))) == postRequestParameter('zip')) {
511                                                                 // Ok, ZIP part is found
512                                                                 $userid_cnt++;
513                                                         } // END - if
514                                                 } else {
515                                                         // Count numbers up!
516                                                         $userid_cnt += SQL_NUMROWS($result_ver);
517                                                 }
518
519                                                 // Free result
520                                                 SQL_FREERESULT($result_ver);
521                                         } // END - if
522                                 } // END - while
523
524                                 // Free memory
525                                 SQL_FREERESULT($result_userids);
526                                 $categories['userids'][] = $userid_cnt;
527                         } // END - while
528
529                         // Free memory
530                         SQL_FREERESULT($result_cats);
531
532                         // Now we need to load the mail types...
533                         $result = SQL_QUERY("SELECT `id`, `price`, `payment`, `mail_title` FROM `{?_MYSQL_PREFIX?}_payments` ORDER BY `payment` ASC", __FILE__, __LINE__);
534
535                         $types = array();
536                         if (SQL_NUMROWS($result) > 0) {
537                                 // Check for message id in URL
538                                 $message = getMessageFromErrorCode(getRequestParameter('code'));
539
540                                 if (!empty($message)) {
541                                         // We got system message so we drop it out to the user
542                                         loadTemplate('admin_settings_saved', false, $message);
543                                 } // END - if
544
545                                 // Load all email types...
546                                 while ($types[] = SQL_FETCHROW($result)) {
547                                         // Nothing to do here... ;-)
548                                 } // END - while
549
550                                 // Free memory
551                                 SQL_FREERESULT($result);
552
553                                 // Output user's points
554                                 $content['total'] = translateComma($total);
555
556                                 // Check how many mail orders he has placed today and how many he's allowed to send
557                                 switch (getConfig('order_max_full')) {
558                                         case 'MAX': // He is allowed to send as much as possible
559                                                 $content['order_max_full'] = getMessage('MEMBER_ORDER_ALLOWED_MAX');
560                                                 break;
561
562                                         case 'ORDER': // He is allowed to send as much as he setup the receiving value
563                                                 $content['order_max_full'] = sprintf(getMessage('MEMBER_ORDER_ALLOWED_RECEIVE'), $ALLOWED, $MAXI);
564                                                 break;
565
566                                         default: // Unknown/invalid
567                                                 logDebugMessage(__FILE__, __LINE__, sprintf("Unknown order_mas_full config detected.", getConfig('order_max_full')));
568                                                 $content['order_max_full'] = getMessage('MEMBER_ORDER_ALLOWED_UNKNOWN');
569                                                 break;
570                                 } // END - switch
571
572                                 // Load final template
573                                 loadTemplate('member_order_points', false, $content);
574
575                                 // Reset variables
576                                 $OLD_ORDER = false;
577                                 $subject = '';
578                                 $text = '';
579                                 $target = '';
580
581                                 // Check if we already have an order placed and make it editable
582                                 $result = SQL_QUERY_ESC("SELECT
583         `subject`, `text`, `payment_id`, `timestamp`, `url`, `target_send`, `cat_id`, `zip`
584 FROM
585         `{?_MYSQL_PREFIX?}_pool`
586 WHERE
587         `sender`=%s AND
588         `data_type`='TEMP'
589 LIMIT 1",
590                                         array(getMemberId()), __FILE__, __LINE__);
591
592                                 if (SQL_NUMROWS($result) == 1) {
593                                         // Old order found
594                                         $content = merge_array($content, SQL_FETCHARRAY($result));
595
596                                         // Fix max receivers when it is too much
597                                         if ((isset($categories['userids'][$content['cat_id']])) && ($content['target_send'] > $categories['userids'][$content['cat_id']])) {
598                                                 // Fix it
599                                                 $content['target_send'] = $categories['userids'][$content['cat_id']];
600                                         } // END - if
601
602                                         // Old order is grabbed
603                                         $OLD_ORDER = true;
604                                 } else {
605                                         // Default output for that your members don't forget it...
606                                         $content['url']         = 'http://';
607                                         $content['target_send'] = getConfig('order_min');
608                                         $content['subject']     = '{--ORDER_DEFAULT_SUBJECT--}';
609                                         $content['text']        = '{--ORDER_DEFAULT_TEXT--}';
610                                 }
611
612                                 // Free result
613                                 SQL_FREERESULT($result);
614
615                                 if ((isPostRequestParameterSet('data')) || ((getConfig('order_multi_page') != 'Y') && ((!isAdmin()) && (!isExtensionActive('html_mail'))))) {
616                                         // Pre-output categories
617                                         $content['category_selection'] = '';
618                                         foreach ($categories['id'] as $key => $value) {
619                                                 $content['category_selection'] .= "      <option value=\"".$value."\"";
620                                                 if (($OLD_ORDER) && ($content['cat_id'] == $value)) $content['category_selection'] .= ' selected="selected"';
621                                                 $content['category_selection'] .= ">".$categories['name'][$key]." (".$categories['userids'][$key]." {--USER_IN_CAT--})</option>\n";
622                                         } // END - foreach
623
624                                         // Mail type
625                                         $content['type_selection'] = '';
626                                         foreach ($types as $key => $value) {
627                                                 $P = translateComma($types[$key][1]);
628                                                 if (is_array($value)) {
629                                                         // Output option line
630                                                         $content['type_selection'] .= "      <option value=\"".$types[$key][0]."\"";
631                                                         if (($OLD_ORDER) && ($content['payment_id'] == $types[$key][0])) $content['type_selection'] .= ' selected="selected"';
632                                                         $content['type_selection'] .= ">".$P." {--PER_MAIL--} - ".$types[$key][3]." - ".round($types[$key][2])." {--PAYMENT--}</option>\n";
633                                                 } // END - if
634                                         } // END - foreach
635
636                                         // No content is default
637                                         $content['zip_content'] = '';
638
639                                         if (isPostRequestParameterSet('zip')) {
640                                                 // Output entered ZIP code
641                                                 $content['zip_content'] = loadTemplate('member_order-zip2', true, postRequestParameter('zip'));
642                                         } // END - if
643
644                                         // HTML extension
645                                         if ((isExtensionActive('html_mail')) && (postRequestParameter('html') == 'Y')) {
646                                                 // Extension is active so output valid HTML tags
647                                                 $content['html_extension'] = loadTemplate('member_order-html_ext', true, addValidHtmlTags());
648                                         } else {
649                                                 // Extension not active and/or class not uploaded
650                                                 $content['html_extension'] = '<tr><td colspan="3"><input type="hidden" name="html" value="N" /></td></tr>';
651                                         }
652
653                                         // Output form for page 2
654                                         loadTemplate('member_order_page2', false, $content);
655                                 } else {
656                                         // Remember maybe entered ZIP code in constant
657                                         if (isExtensionActive('html_mail')) {
658                                                 // Add some content when html extension is active
659                                                 $content['html_extension'] = loadTemplate('member_order-html_intro', true);
660                                         } else {
661                                                 // No HTML extension installed
662                                                 $content['html_extension'] = '<tr><td colspan="3"><input type="hidden" name="html" value="N" /></td></tr>';
663                                         }
664
665                                         // Default is no ZIP code
666                                         $content['zip_content'] = '';
667
668                                         // Do we want ZIP code or not?
669                                         if ((getConfig('order_multi_page') == 'Y') || (isAdmin())) {
670                                                 // Yes
671                                                 if (postRequestParameter('zip') > 0) {
672                                                         $data = array(
673                                                                 'zip' => bigintval(postRequestParameter('zip'))
674                                                         );
675                                                 } else {
676                                                         $data = array(
677                                                                 'zip' => ''
678                                                         );
679                                                 }
680                                                 $content['zip_content'] = loadTemplate('member_order-zip1', true, $data);
681                                         } // END - if
682
683                                         // Output form for page 1 (ZIP code or HTML)
684                                         loadTemplate('member_order_page1', false, $content);
685                                 }
686                         } else {
687                                 // No mail types defined
688                                 loadTemplate('admin_settings_saved', false, '<span class="member_failed">{--MEMBER_NO_PAYMENTS--}</span>');
689                         }
690                 } else {
691                         // No points left
692                         loadTemplate('admin_settings_saved', false, '<span class="member_failed">{--MEMBER_NO_POINTS--}</span>');
693                 }
694         } else {
695                 // No cateogries are defined yet
696                 loadTemplate('admin_settings_saved', false, '<span class="member_failed">{--MEMBER_NO_CATS--}</span>');
697         }
698 } elseif ($mmails == '0') {
699         // Please set more than 0 mails per day
700         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_HAS_ZERO_MMAILS'));
701 } else {
702         // Please confirm some mails first
703         loadTemplate('admin_settings_saved', false, getMaskedMessage('MEMBER_LINKS_LEFT'), $links);
704 }
705
706 if (!empty($URL)) {
707         // Redirect to requested URL
708         redirectToUrl($URL);
709 } // END - if
710
711 // [EOF]
712 ?>