]> git.mxchange.org Git - mailer.git/blobdiff - inc/modules/admin/what-sub_points.php
projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
A lot fixes to templates and missing functions added, more rewrites
[mailer.git] / inc / modules / admin / what-sub_points.php
diff --git a/inc/modules/admin/what-sub_points.php b/inc/modules/admin/what-sub_points.php
index d08197759dc03ee699f6633a2db529a9a47b8c3b..775fdaeac3f10b58553f1f8218e17394ce742014 100644 (file)
--- a/inc/modules/admin/what-sub_points.php
+++ b/inc/modules/admin/what-sub_points.php
@@ -32,45 +32,48 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 // Fix a notice
-if (!isset($_GET['u_id'])) $_GET['u_id'] = "";
+if (!REQUEST_ISSET_GET(('uid'))) REQUEST_SET_GET('uid', "");
 
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
-if ($_GET['u_id'] == "all")
-{
+if (REQUEST_GET('uid') == "all") {
        // Add points to all accounts
-       define('__POINTS_VALUE', $_POST['points']);
-       if ((isset($_POST['ok'])) && ($_POST['points'] > 0))
-       {
-               $result_main = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
-               while (list($uid) = SQL_FETCHROW($result_main))
-               {
+       define('__POINTS_VALUE', REQUEST_POST('points'));
+       if ((IS_FORM_SENT()) && (REQUEST_POST('points') > 0)) {
+               $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
+               while (list($uid) = SQL_FETCHROW($result_main)) {
                        // User ID found in URL so we use this give him some credits
-                       $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
-                        array(bigintval($uid)), __FILE__, __LINE__);
-                       if (SQL_NUMROWS($result) == 1)
-                       {
+                       $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
+                               array(bigintval($uid)), __FILE__, __LINE__);
+
+                       // Entry found?
+                       if (SQL_NUMROWS($result) == 1) {
                                // Selected user does exist
                                list($sname, $fname, $email) = SQL_FETCHROW($result);
+
+                               // Free result
                                SQL_FREERESULT($result);
 
-                               if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
-                               {
+                               if ((IS_FORM_SENT()) && (REQUEST_ISSET_POST(('points')))) {
                                        // Ok, add points to used points and send an email to him...
-                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
-                                        array(bigintval($_POST['points'], bigintval($uid))), __FILE__, __LINE__);
+                                       SUB_POINTS("admin_all", $uid, REQUEST_POST('points'));
+
+                                       // Prepare content
+                                       $content = array(
+                                               'text'   => SQL_ESCAPE(REQUEST_POST('reason')),
+                                               'points' => bigintval(REQUEST_POST('points'))
+                                       );
 
                                        // Load message and send it away
-                                       $msg = LOAD_EMAIL_TEMPLATE("sub-points", $_POST['reason'], $uid);
-                                       SEND_EMAIL($email, ADMIN_SUB_SUBJ, $msg);
+                                       $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval($uid));
+                                       SEND_EMAIL(bigintval($uid), getMessage('ADMIN_SUB_SUBJ'), $msg);
                                }
                        }
                }
@@ -78,67 +81,50 @@ if ($_GET['u_id'] == "all")
                SQL_FREERESULT($result_main);
 
                // Output message
-               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_POINTS_SUBTRACTED);
-       }
-        else
-       {
+               LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_POINTS_SUBTRACTED'));
+       } else {
                // Display form add points
                LOAD_TEMPLATE("admin_sub_points_all");
        }
-}
- elseif (!empty($_GET['u_id']))
-{
+} elseif (REQUEST_ISSET_GET(('uid'))) {
        // User ID found in URL so we use this give him some credits
-       $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d AND status='CONFIRMED' LIMIT 1",
-        array(bigintval($_GET['u_id'])),__FILE__, __LINE__);
-       if (SQL_NUMROWS($result) == 1)
-       {
+       $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
+               array(bigintval(REQUEST_GET('uid'))),__FILE__, __LINE__);
+       if (SQL_NUMROWS($result) == 1) {
                // Selected user does exist
                list($sname, $fname, $email) = SQL_FETCHROW($result);
                SQL_FREERESULT($result);
 
-               if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
-               {
+               if ((IS_FORM_SENT()) && (REQUEST_ISSET_POST(('points')))) {
                        // Ok, add to used points and send an email to him...
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
-                        array(bigintval($_POST['points']), bigintval($_GET['u_id'])), __FILE__, __LINE__);
+                       SUB_POINTS("admin_single", bigintval(REQUEST_GET('uid')), REQUEST_POST('points'));
 
-                       // Update mediadata as well
-                       if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-                       {
-                               // Update database
-                               MEDIA_UPDATE_ENTRY(array("total_points"), "sub", bigintval($_POST['points']));
-                       }
-
-                       // Remember points in template
-                       define('__POINTS_VALUE', bigintval($_POST['points']));
+                       // Prepare content
+                       $content = array(
+                               'text'   => SQL_ESCAPE(REQUEST_POST('reason')),
+                               'points' => bigintval(REQUEST_POST('points'))
+                       );
 
                        // Load email and send it away
-                       $msg = LOAD_EMAIL_TEMPLATE("sub-points", $_POST['reason'], $_GET['u_id']);
-                       SEND_EMAIL($email, ADMIN_SUB_SUBJ, $msg);
+                       $msg = LOAD_EMAIL_TEMPLATE("sub-points", $content, bigintval(REQUEST_GET('uid')));
+                       SEND_EMAIL(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_SUB_SUBJ'), $msg);
 
                        // Output message
-                       LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_SUBTRACTED);
-               }
-                else
-               {
+                       LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_POINTS_SUBTRACTED'));
+               } else {
                        // Opps, missing form here
-                       define('__USER_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".$sname." ".$fname."</A>");
-                       define('__UID_VALUE', $_GET['u_id']);
+                       define('__USER_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".$sname." ".$fname."</a>");
+                       define('__UID', bigintval(REQUEST_GET('uid')));
                        LOAD_TEMPLATE("admin_sub_points");
                }
-       }
-        else
-       {
+       } else {
                // User not found!
-               OUTPUT_HTML ("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
+               LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
        }
-}
- else
-{
+} else {
        // Output selection form with all confirmed user accounts listed
-       ADD_MEMBER_SELECTION_BOX(true);
+       ADD_MEMBER_SELECTION_BOX("0", true);
 }
-CLOSE_TABLE();
+
 //
 ?>
Mailer-Project repository