0) || (isset($_POST['lock']))) { // Count checked checkboxes $SEL = 0; if (isset($_POST['sel'])) { // Are there checked boxes? if (count($_POST['sel']) > 0) { // Count now... We use an own function for now $SEL = SELECTION_COUNT($_POST['sel']); } // END - if } // END - if if (isset($_POST['accept'])) { if ($SEL > 0) { // Accept mail orders foreach ($_POST['sel'] as $id => $value) { // Secure ID number $id = bigintval($id); // Unlock selected email $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%s AND data_type='ADMIN' LIMIT 1", array($id), __FILE__, __LINE__); // Update wents fine? if (SQL_AFFECTEDROWS() == 1) { // Order placed in queue... 0 1 2 3 4 $result = SQL_QUERY_ESC("SELECT po.url, po.subject, po.sender, pay.payment, po.payment_id FROM "._MYSQL_PREFIX."_pool AS po INNER JOIN "._MYSQL_PREFIX."_payments AS pay ON po.payment_id=pay.id WHERE po.id=%s LIMIT 1", array($id), __FILE__, __LINE__); // Load data $DATA = SQL_FETCHARRAY($result); // Free result SQL_FREERESULT($result); // Check for bonus extension version >= 0.4.4 for the order bonus if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) { // Add points directly $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$_CONFIG['bonus_order']." WHERE userid=%s LIMIT 1", array(bigintval($DATA['sender'])), __FILE__, __LINE__); // Subtract bonus points from system BONUS_POINTS_HANDLER($_CONFIG['bonus_order']); } // END - if // Load email template $msg_user = LOAD_EMAIL_TEMPLATE("order-accept", "", $DATA['sender']); // Send email SEND_EMAIL($DATA['sender'], MEMBER_ORDER_ACCEPTED, $msg_user); } // END - if } // END - foreach // Set message $MSG = ADMIN_MAILS_ACTIVATED; } else { // Nothing checked! $MSG = ADMIN_MAILS_NOTHING_CHECKED; } // Mails unlocked for mail delivery LOAD_TEMPLATE("admin_settings_saved", false, $MSG); } elseif (isset($_POST['reject'])) { if ($SEL > 0) { // Reject mail orders $SW = 2; $OUT = ""; foreach ($_POST['sel'] as $id => $value) { // Secure ID number $id = bigintval($id); // Load URL and subject from pool $result = SQL_QUERY_ESC("SELECT url, subject, sender FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1", array($id), __FILE__, __LINE__); // Load data $DATA = SQL_FETCHARRAY($result); // Free result SQL_FREERESULT($result); // Load email template and send it away $msg_user = LOAD_EMAIL_TEMPLATE("order-reject", "", $DATA['sender']); SEND_EMAIL($DATA['sender'], MEMBER_ORDER_REJECTED, $msg_user); // If you do not enter an URL to redirect to, your URL will be set! if ((empty($_POST['redirect'])) || ($_POST['redirect'] == "http://")) $_POST['redirect'] = URL; // Redirect URL $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET url='%s', data_type='NEW' WHERE id=%s LIMIT 1", array($_POST['redirect'], $id),__FILE__, __LINE__); // Prepare data for the row template $content = array( 'sw' => $SW, 'id' => $id, 'url' => $_POST['url'][$id], ); // Load row template and switch colors $OUT .= LOAD_TEMPLATE("admin_unlock_emails_redir_row", true, $content); $SW = 3 - $SW; } define('__URL_ROWS', $OUT); // Load main template LOAD_TEMPLATE("admin_unlock_emails_redir"); } else { // Nothing selected LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MAILS_NOTHING_CHECKED); } } elseif ((isset($_POST['lock'])) || ($SEL > 0)) { if ($SEL > 0) { // Lock URLs foreach ($_POST['sel'] as $id => $url) { // Lookup in blacklist $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1", array($url), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Did not find a record so we can add it... :) $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())", array($url), __FILE__, __LINE__); } else { // Free memory SQL_FREERESULT($result); } } // Set message $MSG = ADMIN_URLS_BLOCKED; } else { // Nothing selected $MSG = ADMIN_MAILS_NOTHING_CHECKED; } LOAD_TEMPLATE("admin_settings_saved", false, $MSG); } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) { // Mail orders are in pool so we can display them $SW = 2; $OUT = ""; while (list($id, $sender, $subj, $pay, $time, $url, $tsend, $cat) = SQL_FETCHROW($result_main)) { // Prepare data for the template $content = array( 'sw' => $SW, 'id' => $id, 'sender' => $sender, 'u_link' => ADMIN_USER_PROFILE_LINK($sender), 'subj' => COMPILE_CODE($subj), 'tester' => FRAMETESTER($url), 'url' => $url, 'cat_title' => str_replace("\"", """, GET_CATEGORY($cat)), 'cat_link' => $cat, 'pay_title' => str_replace("\"", """, GET_PAYMENT($pay, true)), 'pay_link' => $pay, 'ordered' => MAKE_DATETIME($time, "2"), 'tsend' => $tsend, ); // Load row template and switch colors $OUT .= LOAD_TEMPLATE("admin_unlock_emails_row", true, $content); $SW = 3 - $SW; } // Free memory SQL_FREERESULT($result); define('__UNLOCK_ROWS', $OUT); // Prepare rejection URL $REJECT = "http://"; if (GET_EXT_VERSION("other") >= "0.1.6") $REJECT = $_CONFIG['reject_url']; define('__REJECT_URL', $REJECT); // Load main template LOAD_TEMPLATE("admin_unlock_emails"); } else { // Wrong call! LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_WRONG_CALL); } } else { // No mail orders fond LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MAILS_IN_POOL); } // ?>