+ // Remember transfer reason and fancy date/time in constants
+ define('__TRANSFER_REASON', REQUEST_POST('reason'));
+ define('__TRANSFER_EXPIRES', createFancyTime(getConfig('transfer_age')));
+
+ // Generate tranafer id
+ define('__TRANS_ID', bigintval(generateRandomCode("10", mt_rand(0, 99999), getUserId(), REQUEST_POST('reason'))));
+
+ // Add entries to both tables
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_in` (`userid`, `from_uid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array(bigintval(REQUEST_POST('to_uid')), getUserId(), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
+ __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_out` (`userid`, `to_uid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array(getUserId(), bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
+ __FILE__, __LINE__);
+
+ // Add points to account *directly* ...
+ ADD_POINTS_REFSYSTEM_DIRECT('member_transfer', bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')));
+
+ // ... and add it to current user's used points
+ SUB_POINTS('transfer', getUserId(), REQUEST_POST('points'));
+
+ // First send email to recipient
+ $msg = LOAD_EMAIL_TEMPLATE('member_transfer_recipient', '', constant('__RECIPIENT_UID'));
+ sendEmail(constant('__RECIPIENT_EMAIL'), getMessage('TRANSFER_MEMBER_RECIPIENT_SUBJ') . ': ' . $SENDER, $msg);
+
+ // Second send email to sender
+ $msg = LOAD_EMAIL_TEMPLATE('member_transfer_sender', '', constant('__SENDER_UID'));
+ sendEmail(constant('__SENDER_EMAIL'), getMessage('TRANSFER_MEMBER_SENDER_SUBJ') . ': ' . $RECIPIENT, $msg);
+
+ // At last send admin mail(s)
+ $ADMIN_SUBJ = sprintf("%s (%s->%s)", getMessage('TRANSFER_ADMIN_SUBJECT'), $SENDER, $RECIPIENT);
+ sendAdminNotification($ADMIN_SUBJ, 'admin_transfer_points');
+
+ // Transfer is completed
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('TRANSFER_COMPLETED')."<br /><a href=\"{!URL!}/modules.php?module=login&what=transfer\">{--TRANSFER_CONTINUE_OVERVIEW--}</a>");
+ } elseif (!$valid_code) {
+ // Invalid Touring code!
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_CODE--}</div>");
+ REQUEST_UNSET_POST('ok');
+ } elseif (!$valid_pass) {
+ // Wrong password entered
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_PASSWORD--}</div>");
+ REQUEST_UNSET_POST('ok');
+ } elseif (!$valid_amount) {
+ // Too much points entered
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_POINTS--}</div>");
+ REQUEST_UNSET_POST('ok');
+ } elseif (!$valid_reason) {
+ // No transfer reason entered
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_REASON--}</div>");
+ REQUEST_UNSET_POST('ok');
+ } elseif (!$valid_recipient) {
+ // No recipient selected
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_RECIPIENT--}</div>");
+ REQUEST_UNSET_POST('ok');
+ } elseif (!$valid_data) {
+ // No recipient selected
+ LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_DATA--}</div>");
+ REQUEST_UNSET_POST('ok');