0)) { define('__POINTS_VALUE', $_POST['points']); $result_main = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__); while (list($uid) = SQL_FETCHROW($result_main)) { // User ID found in URL so we use this give him some credits $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Selected user does exist list($sname, $fname, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); if ((isset($_POST['ok'])) && (!empty($_POST['points']))) { global $DEPTH; // Remove depth to prevent booking errors. This is a bad coding // practice, thats also why we need to write this project from // scratch... unset($DEPTH); // Ok, add points and send an email to him... ADD_POINTS_REFSYSTEM("admin_all", $uid, bigintval($_POST['points']), false, "0", false, "direct"); // Prepare content $content = array( 'text' => SQL_ESCAPE($_POST['reason']), 'points' => bigintval($_POST['points']) ); // Load email template and send email away $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($uid)); SEND_EMAIL(bigintval($uid), ADMIN_ADD_SUBJ, $msg); } } } // Free memory SQL_FREERESULT($result_main); // Output message LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_POINTS_ADDED); } else { // Display form add points LOAD_TEMPLATE("admin_add_points_all"); } } elseif (!empty($_GET['u_id'])) { // User ID found in URL so we use this give him some credits $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", array(bigintval($_GET['u_id'])), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Selected user does exist list($sname, $fname, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); if ((isset($_POST['ok'])) && (!empty($_POST['points']))) { global $DEPTH; // Remove depth to prevent booking errors. This is a bad coding // practice, thats also why we need to write this project from // scratch... unset($DEPTH); // Ok, add points and send an email to him... ADD_POINTS_REFSYSTEM("admin_single", bigintval($_GET['u_id']), bigintval($_POST['points']), false, "0", false, "direct"); // Prepare content $content = array( 'text' => SQL_ESCAPE($_POST['reason']), 'points' => bigintval($_POST['points']) ); // Message laden $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($_GET['u_id'])); SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_ADD_SUBJ, $msg); LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED); } else { // Opps, missing form here define('__USER_VALUE', "".$sname." ".$fname.""); define('__UID' , bigintval($_GET['u_id'])); LOAD_TEMPLATE("admin_add_points"); } } else { // User not found! OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2.""); } } else { // Output selection form with all confirmed user accounts listed ADD_MEMBER_SELECTION_BOX("0", true); } // ?>