- define('__POINTS_VALUE', $_POST['points']);
- if ((isset($_POST['ok'])) && ($_POST['points'] > 0)) {
- $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
- while (list($uid) = SQL_FETCHROW($result_main)) {
- // User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
-
- // Entry found?
- if (SQL_NUMROWS($result) == 1) {
- // Selected user does exist
- list($sname, $fname, $email) = SQL_FETCHROW($result);
-
- // Free result
- SQL_FREERESULT($result);
-
- if ((isset($_POST['ok'])) && (!empty($_POST['points']))) {
- // Ok, add points to used points and send an email to him...
- SUB_POINTS("admin_all", $uid, $_POST['points']);
-
- // Prepare content
- $content = array(
- 'text' => SQL_ESCAPE($_POST['reason']),
- 'points' => bigintval($_POST['points'])
- );
-
- // Load message and send it away
- $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval($uid));
- SEND_EMAIL(bigintval($uid), getMessage('ADMIN_SUB_SUBJ'), $msg);
- }
- }
- }
+ // @TODO Rewrite this constant
+ define('__POINTS_VALUE', REQUEST_POST('points'));
+
+ // Is the form sent?
+ if ((IS_FORM_SENT()) && (REQUEST_POST('points') > 0)) {
+ $result_main = SQL_QUERY("SELECT userid, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid",
+ __FILE__, __LINE__);
+ while ($content = SQL_FETCHARRAY($result_main)) {
+ // Ok, add points to used points and send an email to him...
+ SUB_POINTS("admin_all", $content['userid'], REQUEST_POST('points'));
+
+ // Add more content
+ $content['text'] = SQL_ESCAPE(REQUEST_POST('reason'));
+ $content['points'] = bigintval(REQUEST_POST('points'));
+
+ // Load message and send it away
+ $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval($content['userid']));
+ SEND_EMAIL($content['email'], getMessage('ADMIN_SUB_SUBJ'), $msg);
+ } // END - while
+