inc/modules/order.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 10/29/2003 *
   4  * ===============                              Last change: 01/06/2006 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : order.php                                        *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Submits your order to the administrators         *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Sendet die Buchung an die Administratoren        *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software; you can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License, or    *
  21  * (at your option) any later version.                                  *
  22  *                                                                      *
  23  * This program is distributed in the hope that it will be useful,      *
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  26  * GNU General Public License for more details.                         *
  27  *                                                                      *
  28  * You should have received a copy of the GNU General Public License    *
  29  * along with this program; if not, write to the Free Software          *
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  31  * MA  02110-1301  USA                                                  *
  32  ************************************************************************/
  33
  34 // Some security stuff...
  35 $URL = "";
  36 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
  37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
  38         require($INC);
  39 } elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) {
  40         ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
  41         return;
  42 } elseif (!IS_LOGGED_IN()) {
  43         // Sorry, no guest access!
  44         $URL = URL."/modules.php?module=index";
  45 } elseif (empty($_GET['order'])) {
  46         // You cannot call this module directly!
  47         $URL = URL."/modules.php?module=login&amp;what=order";
  48 }
  49
  50 // When URL is empty nothing bad happend here
  51 if (empty($URL)) {
  52         // Is the auto-send mechanism active or inactive?
  53         if ($_CONFIG['autosend_active'] == "Y") {
  54                 // Auto-send is active
  55                 define('ADMIN_AUTOSEND',  COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE));
  56                 define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE));
  57                 $type = "NEW";
  58         } else {
  59                 // Auto-send is inactive
  60                 define('ADMIN_AUTOSEND',  COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE));
  61                 define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE));
  62                 $type = "ADMIN";
  63         }
  64
  65         // Update sending pool
  66         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
  67          array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
  68
  69         // Finally is the entry valid?
  70         if (SQL_AFFECTEDROWS($link) == 1) {
  71                 // Update his login data
  72                 UPDATE_LOGIN_DATA();
  73
  74                 // Load personal data...
  75                 $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
  76                  array($GLOBALS['userid']), __FILE__, __LINE__);
  77                 list($sex, $sname, $fname, $email) = SQL_FETCHROW($result);
  78                 SQL_FREERESULT($result);
  79
  80                 // Load mail again...              0       1        2           3          4      5      6         7
  81                 $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s LIMIT 1",
  82                  array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
  83                 $DATA = SQL_FETCHROW($result);
  84                 SQL_FREERESULT($result);
  85                 if (empty($DATA[0])) $DATA[0] = DEFAULT_SUBJECT_LINE;
  86
  87                 // Calculate used points
  88                 $USED = $DATA[7] * GET_PAY_POINTS($DATA[3]);
  89
  90                 // Update used points
  91                 $ADD = "";
  92                 if ($_CONFIG['order_max_full'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";
  93                 SUB_POINTS($GLOBALS['userid']), $USED);
  94
  95                 // Update mediadata as well
  96                 if (GET_EXT_VERSION("mediadata") >= "0.0.4") {
  97                         // Update database
  98                         MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED);
  99                 }
 100
 101                 // Send an email to the user
 102                 $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']);
 103                 SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem);
 104
 105                 // Notify admins about this
 106                 SEND_ADMIN_NOTIFICATION(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']);
 107
 108                 // Output back bottom
 109                 LOAD_TEMPLATE("member_order-back", false);
 110         } else {
 111                 // Matching line not found or already "placed" in send queue
 112                 $URL = URL."/modules.php?module=login";
 113                 LOAD_URL($URL);
 114         }
 115 } else {
 116         // Redirect...
 117         LOAD_URL($URL);
 118 }
 119 //
 120 ?>