<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 11/23/2003 *
 * ===============                              Last change: 09/23/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-add_points.php                              *
 * -------------------------------------------------------------------- *
 * Short description : Add manually points to a user                    *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Manuell einem Mitglied Punkte gutschreiben       *
 * -------------------------------------------------------------------- *
 * $Revision:: 856                                                    $ *
 * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009)              $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author:: stelzi                                                   $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
	require($INC);
}

// Add description as navigation point
ADD_DESCR("admin", __FILE__);

// Fix a notice
if (!REQUEST_ISSET_GET(('uid'))) REQUEST_SET_GET('uid', "");

if (REQUEST_GET('uid') == "all") {
	// Add points to all accounts
	if ((IS_FORM_SENT()) && (REQUEST_POST('points') > 0)) {
		// @TODO Rewrite this constant
		define('__POINTS_VALUE', REQUEST_POST('points'));

		// Select all users
		$result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid",
			__FILE__, __LINE__);

		// Process all entries
		while ($content = SQL_FETCHROW($result_main)) {
			// Remove depth to prevent booking errors. This is a bad coding
			// practice, thats also why we need to write this project from
			// scratch...
			$GLOBALS['ref_level'] = -1;

			// Ok, add points and send an email to him...
			ADD_POINTS_REFSYSTEM("admin_all", $content['userid'], bigintval(REQUEST_POST('points')), false, "0", false, "direct");

			// Prepare content
			$content['text']   = SQL_ESCAPE(REQUEST_POST('reason'));
			$content['points'] = bigintval(REQUEST_POST('points'));

			// Load email template and send email away
			$msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($content['userid']));
			SEND_EMAIL(bigintval($content['userid']), getMessage('ADMIN_ADD_SUBJ'), $msg);
		} // END - while

		// Free memory
		SQL_FREERESULT($result_main);

		// Output message
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_POINTS_ADDED'));
	} else {
		// Display form add points
		LOAD_TEMPLATE("admin_add_points_all");
	}
} elseif (REQUEST_ISSET_GET(('uid'))) {
	// User ID found in URL so we use this give him some credits
	$result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
		array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
	if (SQL_NUMROWS($result) == 1) {
		// Selected user does exist
		list($sname, $fname, $email) = SQL_FETCHROW($result);
		SQL_FREERESULT($result);

		if ((IS_FORM_SENT()) && (REQUEST_ISSET_POST(('points')))) {
			// Remove depth to prevent booking errors. This is a bad coding
			// practice, thats also why we need to write this project from
			// scratch...
			unset($GLOBALS['ref_level']);

			// Ok, add points and send an email to him...
			ADD_POINTS_REFSYSTEM("admin_single", bigintval(REQUEST_GET('uid')), bigintval(REQUEST_POST('points')), false, "0", false, "direct");

			// Prepare content
			$content = array(
				'text'   => SQL_ESCAPE(REQUEST_POST('reason')),
				'points' => bigintval(REQUEST_POST('points'))
			);

			// Message laden
			$msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval(REQUEST_GET('uid')));

			SEND_EMAIL(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_ADD_SUBJ'), $msg);
			LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_POINTS_ADDED'));
		} else {
			// Opps, missing form here
			// @TODO Rewrite these both constants
			define('__USER_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".$sname." ".$fname."</a>");
			define('__UID'       , bigintval(REQUEST_GET('uid')));
			LOAD_TEMPLATE("admin_add_points");
		}
	} else {
		// User not found!
		LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
	}
} else {
	// Output selection form with all confirmed user accounts listed
	ADD_MEMBER_SELECTION_BOX("0", true);
}

//
?>