Password reset for admin login added (still buggy if cache is installed and sql_patch...
[mailer.git] / inc / modules / order.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 10/29/2003 *
4  * ===============                              Last change: 01/06/2006 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : order.php                                        *
8  * -------------------------------------------------------------------- *
9  * Short description : Submits your order to the administrators         *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Sendet die Buchung an die Administratoren        *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 $URL = "";
36 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
37 {
38         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
39         require($INC);
40 }
41  elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN()))
42 {
43         ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
44         return;
45 }
46  elseif (!IS_LOGGED_IN())
47 {
48         // Sorry, no guest access!
49         $URL = URL."/modules.php?module=index";
50 }
51  elseif (empty($_GET['order']))
52 {
53         // You cannot call this module directly!
54         $URL = URL."/modules.php?module=login&amp;what=order";
55 }
56
57 // When URL is empty nothing bad happend here
58 if (empty($URL))
59 {
60         // Is the auto-send mechanism active or inactive?
61         if ($_CONFIG['autosend_active'] == "Y")
62         {
63                 // Auto-send is active
64                 define('ADMIN_AUTOSEND',  COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE));
65                 define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE));
66                 $type = "NEW";
67         }
68          else
69         {
70                 // Auto-send is inactive
71                 define('ADMIN_AUTOSEND',  COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE));
72                 define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE));
73                 $type = "ADMIN";
74         }
75
76         // Update sending pool
77         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1",
78          array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
79
80         // Finally is the entry valid?
81         if (SQL_AFFECTEDROWS($link) == 1)
82         {
83                 // Update his login data
84                 UPDATE_LOGIN_DATA();
85
86                 // Load personal data...
87                 $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
88                  array($GLOBALS['userid']), __FILE__, __LINE__);
89                 list($sex, $sname, $fname, $email) = SQL_FETCHROW($result);
90                 SQL_FREERESULT($result);
91
92                 // Load mail again...              0       1        2           3          4      5      6         7
93                 $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d LIMIT 1",
94                  array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
95                 $DATA = SQL_FETCHROW($result);
96                 SQL_FREERESULT($result);
97                 if (empty($DATA[0])) $DATA[0] = DEFAULT_SUBJECT_LINE;
98
99                 // Calculate used points
100                 $USED = $DATA[7] * GET_PAY_POINTS($DATA[3]);
101
102                 // Update used points
103                 $ADD = "";
104                 if ($_CONFIG['order_max'] == "ORDER") $ADD = ", mail_orders=mail_orders+1";
105                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s".$ADD." WHERE userid=%d LIMIT 1",
106                  array($USED, $GLOBALS['userid']), __FILE__, __LINE__);
107
108                 // Update mediadata as well
109                 if (GET_EXT_VERSION("mediadata") >= "0.0.4")
110                 {
111                         // Update database
112                         MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED);
113                 }
114
115                 // Send an email to the user
116                 $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']);
117                 SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem);
118
119                 // Notify admins about this
120                 if (GET_EXT_VERSION("admins") >= "0.4.1")
121                 {
122                         SEND_ADMIN_EMAILS_PRO(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']);
123                 }
124                  else
125                 {
126                         $msg_admin = LOAD_EMAIL_TEMPLATE("order-admin", "", $GLOBALS['userid']);
127                         SEND_ADMIN_EMAILS(ADMIN_NEW_QUEUE, $msg_admin);
128                 }
129
130                 // Output back bottom
131                 LOAD_TEMPLATE("member_order-back", false);
132         }
133          else
134         {
135                 // Matching line not found or already "placed" in send queue
136                 $URL = URL."/modules.php?module=login";
137                 LOAD_URL($URL);
138         }
139 }
140  else
141 {
142         // Redirect...
143         LOAD_URL($URL);
144 }
145 //
146 ?>