'0', 'data_type' => 'TEMP', 'url' => '', ); $ALLOWED = getUserData('receive_mails') - getUserData('mail_orders'); if (getOrderMaxFull() == 'MAX') $ALLOWED = getUserData('receive_mails'); // Now check his points amount $totalPoints = getTotalPoints(getMemberId()); // Admin can always book if ((isExtensionInstalledAndNewer('holiday', '0.1.3')) && (isUserDataEnabled('holiday_active')) && (!isAdmin())) { // Holiday is active! displayMessage('{--MEMBER_HOLIDAY_ORDER_NOT_POSSIBLE--}'); } elseif ((isPostRequestElementSet('frametester')) && ($ALLOWED > 0) && (postRequestElement('receiver') > 0)) { // Continue with the frametester, we first need to store the data temporary in the pool // // First we would like to store the data and get it's pool position back... // @TODO Try to move out url_tlock to a filter for extra SQL statements $result = sqlQueryEscaped("SELECT `id`, `data_type` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `sender`=%s AND `url`='%s' AND (UNIX_TIMESTAMP() - `timestamp`) >= {?url_tlock?} LIMIT 1", array( getMemberId(), postRequestElement('url') ), __FILE__, __LINE__); if (sqlNumRows($result) == 1) { // Load id and mail type $data = sqlFetchArray($result); } // END - if // Free result sqlFreeResult($result); if ($data['data_type'] == 'TEMP') { // Prepare data for filter chain $filterData = array( 'url' => postRequestElement('url'), 'text' => postRequestElement('text'), 'subject' => postRequestElement('subject'), 'receiver' => bigintval(postRequestElement('receiver')), 'mail_type' => bigintval(postRequestElement('mail_type')), 'html' => postRequestElement('html'), 'id' => bigintval($data['id']), 'redirect' => '', ); // Run the filter chain $filterData = runFilterChain('pre_mail_order', $filterData); // Copy field redirect->url $data['url'] = $filterData['redirect']; // Is there an error? if (empty($data['url'])) { // Copy all filter data -> POST foreach ($filterData as $key => $value) { // Set it setPostRequestElement($key, $value); } // END - foreach } // END - if } elseif (!isAdmin()) { // He has already sent a mail within a specific time $data['url'] = 'modules.php?module=login&what=order&code=' . getCode('URL_TIME_LOCK') . '&id=' . $data['id']; } // Still no error? if (empty($data['url'])) { // Check for userids $result = sqlQueryEscaped("SELECT `c`.`userid` FROM `{?_MYSQL_PREFIX?}_user_cats` AS `c` INNER JOIN `{?_MYSQL_PREFIX?}_user_data` AS `d` ON `c`.`userid`=`d`.`userid` WHERE `c`.`cat_id`=%s AND `c`.`userid` != %s AND `d`.`status`='CONFIRMED' " . runFilterChain('user_exclusion_sql', ' ') . " AND `d`.`receive_mails` > 0 ORDER BY `d`.`{?order_select?}` {?order_mode?}", array( bigintval(postRequestElement('cat')), getMemberId() ), __FILE__, __LINE__); // Are there still receivers left? if (sqlNumRows($result) >= postRequestElement('receiver')) { // Load receivers from database $receiverArray = array(); $count = '0'; while ($holidayContent = sqlFetchArray($result)) { // Run fetched data through pre filter chain $holidayContent = runFilterChain('pre_mail_recipient_check', $holidayContent); // Is still valid id? if (isValidId($holidayContent['userid'])) { // Add receiver then array_push($receiverArray, $holidayContent['userid']); $count++; } // END - if } // END - while // Free memory sqlFreeResult($result); // Implode array into string for the sending pool $receivers = implode($receiverArray, ';'); // Count array for maximum sent $content['target_send'] = count($receiverArray); // Update receiver list sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `receive_mails`=`receive_mails`-1 WHERE `userid` IN (%s) LIMIT %s", array( convertReceivers($receivers), bigintval($content['target_send']) ), __FILE__, __LINE__); // Is calculated max receivers larger than wanted receivers then reset it if ($content['target_send'] > postRequestElement('receiver')) { $content['target_send'] = bigintval(postRequestElement('receiver')); } // END - if // Calculate used points $usedPoints = $content['target_send'] * getPaymentPrice(bigintval(postRequestElement('mail_type'))); // Fix empty zip code if (!isPostRequestElementSet('zip')) { setPostRequestElement('zip', 0); } // END - if // Check if he has enougth points for this order and selected more than 0 receivers if (($usedPoints > 0) && ($usedPoints <= $totalPoints) && ($content['target_send'] > 0)) { // Gettings points is okay, so we can add $usedPoints later from if ((!isValidId($data['id'])) || ($data['data_type'] != 'TEMP')) { // New order, init data array elements $data = array( 'sender' => getMemberId(), 'subject' => postRequestElement('subject'), 'text' => postRequestElement('text'), 'receivers' => $receivers, 'payment_id' => bigintval(postRequestElement('mail_type')), 'data_type' => 'TEMP', 'timestamp' => 'UNIX_TIMESTAMP()', 'url' => postRequestElement('url'), 'cat_id' => bigintval(postRequestElement('cat')), 'target_send' => bigintval($content['target_send']), 'zip' => bigintval(postRequestElement('zip'), TRUE, FALSE), ); // Is ext-html_mail active? if (isExtensionActive('html_mail')) { // HTML extension is active $data['html_msg'] = postRequestElement('html'); } // END - if // Get insert id $data['id'] = insertDataIntoPool($data); } else { // Update this data $data = array( 'subject' => postRequestElement('subject'), 'text' => postRequestElement('text'), 'receivers' => $receivers, 'payment_id' => bigintval(postRequestElement('mail_type')), 'timestamp' => 'UNIX_TIMESTAMP()', 'url' => postRequestElement('url'), 'cat_id' => bigintval(postRequestElement('cat')), 'target_send' => bigintval($content['target_send']), 'zip' => bigintval(postRequestElement('zip'), TRUE, FALSE), ); // Is ext-html_mail active? if (isExtensionActive('html_mail')) { // HTML extension is active $data['html_msg'] = postRequestElement('html'); } // END - if // Update pool data updatePoolDataById($data['id'], NULL, $data); } // Make sure only valid id numbers can pass assert((isset($data['id'])) && (isValidId($data['id']))); // Id is received so we can redirect the user, used points will be added when he send's out the mail $data['url'] = 'modules.php?module=frametester&order=' . bigintval($data['id']); } elseif ($content['target_send'] == '0') { // Not enougth receivers found which can receive mails $data['url'] = 'modules.php?module=login&what=order&code=' . getCode('MORE_RECEIVERS2'); } else { // No enougth points left! $data['url'] = 'modules.php?module=login&what=order&code=' . getCode('MORE_POINTS'); } } else { // Ordered more mails than he can send in this category $data['url'] = 'modules.php?module=login&what=order&code=' . getCode('NO_RECS_LEFT'); } } // END - if } elseif (postRequestElement('receiver') == '0') { // Not enougth receivers selected $data['url'] = 'modules.php?module=login&what=order&code=' . getCode('MORE_RECEIVERS1'); } elseif (($ALLOWED == '0') && (getOrderMaxFull() == 'ORDER')) { // No more mail orders allowed displayMessage('{--MEMBER_ORDER_ALLOWED_EXHAUSTED--}'); } elseif (getTotalUnconfirmedMails(getMemberId()) < getConfig('max_unconfirmed')) { // Show only enabled categories to the user ... $whereStatement = " WHERE `visible`='Y'"; // ... but all to the admin if (isAdmin()) $whereStatement = ''; // Display order form $result_cats = sqlQuery('SELECT `id`, `cat` FROM `{?_MYSQL_PREFIX?}_cats` ' . $whereStatement . ' ORDER BY `sort` ASC', __FILE__, __LINE__); // Some categories found? if (!ifSqlHasZeroNums($result_cats)) { // Enought points left? if ($totalPoints > 0) { // Initialize array... $categories = array( 'id' => array(), 'name' => array(), 'userids' => array() ); // Enable HTML checking // @TODO Rewrite this to a filter $HTML = ''; if ((isExtensionActive('html_mail')) && (postRequestElement('html') == 'Y')) { $HTML = " AND `html`='Y'"; } // END - if // ... and begin loading stuff while ($categoriesContent = sqlFetchArray($result_cats)) { $categories['id'][] = bigintval($categoriesContent['id']); array_push($categories['name'], $categoriesContent['cat']); // Select users in current category $result_userids = sqlQueryEscaped('SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_cats` WHERE `cat_id`=%s AND `userid` != %s ORDER BY `userid` ASC', array(bigintval($categoriesContent['id']), getMemberId()), __FILE__, __LINE__); $userid_cnt = '0'; while (list($userid) = sqlFetchRow($result_userids)) { // Init filter data array $filterData = array( 'userid' => $userid, 'pre_okay' => TRUE, ); // Check for holiday system $filterData = runFilterChain('pre_category_mail_order_check', $filterData); // Still all fine? if ($filterData['pre_okay']) === TRUE) { // Check if the user want's to receive mails? $result_ver = sqlQueryEscaped("SELECT `zip` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s" . $HTML . " AND `receive_mails` > 0 AND `status`='CONFIRMED' LIMIT 1", array(bigintval($userid)), __FILE__, __LINE__); // Is an entry found? if ((sqlNumRows($result_ver) == 1) && (isPostRequestElementSet('zip')) && (isOrderMultiPageEnabled())) { // Get zip code list($zip) = sqlFetchRow($result_ver); if (substr($zip, 0, strlen(postRequestElement('zip'))) == postRequestElement('zip')) { // Ok, ZIP code part is found $userid_cnt++; } // END - if } else { // Count numbers up! $userid_cnt += sqlNumRows($result_ver); } // Free result sqlFreeResult($result_ver); } // END - if } // END - while // Free memory sqlFreeResult($result_userids); array_push($categories['userids'], $userid_cnt); } // END - while // Free memory sqlFreeResult($result_cats); // Now we need to load the mail types... $result = sqlQuery("SELECT `id`, `price`, `payment`, `mail_title` FROM `{?_MYSQL_PREFIX?}_payments` WHERE `price` > 0 AND `payment` > 0 ORDER BY `payment` ASC", __FILE__, __LINE__); $payments = array(); if (!ifSqlHasZeroNums($result)) { // Is the error code set? if (isGetRequestElementSet('code')) { // Display error message displayMessage(getMessageFromErrorCode(getRequestElement('code'))); } // END - if // Load all email types... while ($payment = sqlFetchArray($result)) { array_push($payments, $payment); } // END - while // Free memory sqlFreeResult($result); // Output user's points $content['total_points'] = $totalPoints; // Check how many mail orders he has placed today and how many he's allowed to send switch (getOrderMaxFull()) { case 'MAX': // He is allowed to send as much as possible $content['order_max_full'] = '{--MEMBER_ORDER_ALLOWED_MAX--}'; break; case 'ORDER': // He is allowed to send as much as he setup the receiving value $content['order_max_full'] = sprintf(getMessage('MEMBER_ORDER_ALLOWED_RECEIVE'), $ALLOWED, getUserData('receive_mails')); break; default: // Unknown/invalid logDebugMessage(__FILE__, __LINE__, sprintf("Unknown order_mas_full config detected.", getOrderMaxFull())); $content['order_max_full'] = '{--MEMBER_ORDER_ALLOWED_UNKNOWN--}'; break; } // END - switch // Load final template loadTemplate('member_order_points', FALSE, $content); // Reset variables $OLD_ORDER = FALSE; $subject = ''; $text = ''; $target = ''; // Check if we already have an order placed and make it editable $result = sqlQueryEscaped("SELECT `subject`, `text`, `payment_id`, `timestamp`, `url`, `target_send`, `cat_id`, `zip` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `sender`=%s AND `data_type`='TEMP' LIMIT 1", array(getMemberId()), __FILE__, __LINE__); if (sqlNumRows($result) == 1) { // Old order found $content = merge_array($content, sqlFetchArray($result)); // Fix max receivers when it is too much if ((isset($categories['userids'][$content['cat_id']])) && ($content['target_send'] > $categories['userids'][$content['cat_id']])) { // Fix it $content['target_send'] = $categories['userids'][$content['cat_id']]; } // END - if // Old order is grabbed $OLD_ORDER = TRUE; } else { // Default output for that your members don't forget it... $content['url'] = 'http://'; $content['target_send'] = '{?order_min?}'; $content['subject'] = ''; $content['text'] = ''; } // Free result sqlFreeResult($result); if ((isPostRequestElementSet('data')) || ((getOrderMultiPage() != 'Y') && ((!isAdmin()) && (!isExtensionActive('html_mail'))))) { // Pre-output categories $content['category_selection'] = generateCategoryOptionsList(((isExtensionActive('html_mail')) && (isPostRequestElementSet('html'))) ? postRequestElement('html') : 'N', getMemberId()); // Mail type $content['payment_selection'] = ''; foreach ($payments as $key => $value) { if (is_array($value)) { // Output option line $content['payment_selection'] .= ' '; } // END - if } // END - foreach // No content is default $content['zip_content'] = ''; if (isPostRequestElementSet('zip')) { // Output entered ZIP code $content['zip_content'] = loadTemplate('member_order_zip2', TRUE, postRequestElement('zip')); } // END - if // No HTML extension installed by default $content['html_extension'] = ''; // HTML extension if ((isExtensionActive('html_mail')) && (postRequestElement('html') == 'Y')) { // Extension is active so output valid HTML tags $content['html_extension'] = loadTemplate('member_order_html_ext', TRUE); } // END - if // Output form for page 2 loadTemplate('member_order_page2', FALSE, $content); } else { // No HTML extension installed by default $content['html_extension'] = ''; // Remember maybe entered ZIP code in constant if (isExtensionActive('html_mail')) { // Add some content when html extension is active $content['html_extension'] = loadTemplate('member_order_html_intro', TRUE); } // END - if // Default is no ZIP code $content['zip_content'] = ''; // Is sending to ZIP code enabled? (logged-in admin can always send to it) if ((isOrderMultiPageEnabled()) || (isAdmin())) { // Yes if (postRequestElement('zip') > 0) { $data = array( 'zip' => bigintval(postRequestElement('zip')) ); } else { $data = array( 'zip' => '' ); } $content['zip_content'] = loadTemplate('member_order_zip1', TRUE, $data); } // END - if // Output form for page 1 (ZIP code or HTML) loadTemplate('member_order_page1', FALSE, $content); } } else { // No mail types defined displayMessage('{--MEMBER_ORDER_NO_PAYMENTS--}'); } } else { // No points left displayMessage('{--MEMBER_ORDER_NO_POINTS--}'); } } else { // No cateogries are defined yet displayMessage('{--MEMBER_NO_CATEGORIES--}'); } } else { // Please confirm some mails first displayMessage('{%message,MEMBER_ORDER_LINKS_LEFT=' . getTotalUnconfirmedMails(getMemberId()) . '%}'); } if (!empty($data['url'])) { // Redirect to requested URL redirectToUrl($data['url']); } // END - if // [EOF] ?>