// Load data
$result = SQL_QUERY_ESC("SELECT opt_in FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
+ array(getUserId()), __FILE__, __LINE__);
list($opt_in) = SQL_FETCHROW($result);
// Free memory
{
case "new": // Start new transfer
// Get total points and subtract the balance amount from it = maximum transferable points
- $total = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
+ $total = GET_TOTAL_DATA(getUserId(), "user_points", "points") - GET_TOTAL_DATA(getUserId(), "user_data", "used_points");
// Remember maximum value for template
define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5));
// Add new transfer
if (getConfig('transfer_code') > 0) {
// Check for code
- $code = generateRandomCodde(getConfig('transfer_code'), REQUEST_POST('code_chk'), $GLOBALS['userid'], constant('__TRANSFER_MAX_VALUE'));
+ $code = generateRandomCodde(getConfig('transfer_code'), REQUEST_POST('code_chk'), getUserId(), constant('__TRANSFER_MAX_VALUE'));
$valid_code = ($code == REQUEST_POST('code'));
} else {
// Zero length (= disabled) is always valid!
// Re-check receivers and own personal data
$result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid IN ('%s','%s') AND `status`='CONFIRMED' ORDER BY userid LIMIT 2",
- array($GLOBALS['userid'], bigintval(REQUEST_POST('to_uid'))), __FILE__, __LINE__);
+ array(getUserId(), bigintval(REQUEST_POST('to_uid'))), __FILE__, __LINE__);
$valid_data = (SQL_NUMROWS($result) == 2);
if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) {
list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// @TODO Rewrite all these constants to array elements
- if ($uid1 == $GLOBALS['userid']) {
+ if ($uid1 == getUserId()) {
// Data row 1 is sender's data
define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1));
define('__SENDER_NICK' , $nick1);
}
// Sender's UID is always currently stored in cookie userid...
- define('__SENDER_UID' , $GLOBALS['userid']);
+ define('__SENDER_UID' , getUserId());
define('__RECIPIENT_UID' , REQUEST_POST('to_uid'));
$SENDER = constant('__SENDER_UID');
define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME(getConfig('transfer_age')));
// Generate tranafer id
- define('__TRANS_ID', bigintval(generateRandomCodde("10", mt_rand(0, 99999), $GLOBALS['userid'], REQUEST_POST('reason'))));
+ define('__TRANS_ID', bigintval(generateRandomCodde("10", mt_rand(0, 99999), getUserId(), REQUEST_POST('reason'))));
// Add entries to both tables
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_in` (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array(bigintval(REQUEST_POST('to_uid')), $GLOBALS['userid'], bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
+ array(bigintval(REQUEST_POST('to_uid')), getUserId(), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
__FILE__, __LINE__);
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_transfers_out` (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array($GLOBALS['userid'], bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
+ array(getUserId(), bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), REQUEST_POST('reason'), __TRANS_ID),
__FILE__, __LINE__);
// Add points to account *directly* ...
ADD_POINTS_REFSYSTEM("member_transfer", bigintval(REQUEST_POST('to_uid')), bigintval(REQUEST_POST('points')), false, "0", false, "direct");
// ... and add it to current user's used points
- SUB_POINTS("transfer", $GLOBALS['userid'], REQUEST_POST('points'));
+ SUB_POINTS("transfer", getUserId(), REQUEST_POST('points'));
// First send email to recipient
$msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", constant('__RECIPIENT_UID'));
if (EXT_IS_ACTIVE("nickname")) {
// Load userid and nickname
$result = SQL_QUERY_ESC("SELECT userid, nickname FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
- array($GLOBALS['userid']), __FILE__, __LINE__);
+ array(getUserId()), __FILE__, __LINE__);
} else {
// Load only userid
$result = SQL_QUERY_ESC("SELECT userid, userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
- array($GLOBALS['userid']), __FILE__, __LINE__);
+ array(getUserId()), __FILE__, __LINE__);
}
if (SQL_NUMROWS($result) > 0) {
// Generate Code
if (getConfig('transfer_code') > 0) {
$rand = mt_rand(0, 99999);
- $code = generateRandomCodde(getConfig('transfer_code'), $rand, $GLOBALS['userid'], constant('__TRANSFER_MAX_VALUE'));
+ $code = generateRandomCodde(getConfig('transfer_code'), $rand, getUserId(), constant('__TRANSFER_MAX_VALUE'));
$img = GENERATE_IMAGE($code, false);
define('__TRANSFER_IMAGE_INPUT', "<input type=\"hidden\" name=\"code_chk\" value=\"".$rand."\" /><input type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"{!__TRANSFER_TO_DISABLED!} /> ".$img);
} else {
// Run the SQL command
$total = 0;
- $result = SQL_QUERY_ESC($sql, array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC($sql, array(getUserId()), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
$OUT = ""; $SW = 2;
// @TODO This should be somehow rewritten to $content = SQL_FETCHARRAY(), see switch() block above for SQL queries
// Let's begin with the incoming list
$result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s ORDER BY `id` LIMIT %s",
-array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
+array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__);
while ($DATA = SQL_FETCHROW($result)) {
$DATA[] = "IN";
$DATA = implode("','", $DATA);
// As the last table transfer data from outgoing table to temporary
$result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s ORDER BY `id` LIMIT %s",
-array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
+array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__);
while ($DATA = SQL_FETCHROW($result)) {
$DATA[] = "OUT";
$DATA = implode("','", $DATA);
case "": // Overview page
// Check incoming transfers
- $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s", array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_in` WHERE userid=%s", array(getUserId()), __FILE__, __LINE__);
list($dmy) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
}
// Check outgoing transfers
- $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s", array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT COUNT(id) FROM `{!_MYSQL_PREFIX!}_user_transfers_out` WHERE userid=%s", array(getUserId()), __FILE__, __LINE__);
list($dmy) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if (IS_FORM_SENT()) {
// Save settings
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1",
- array(REQUEST_POST('opt_in'), $GLOBALS['userid']), __FILE__, __LINE__);
+ array(REQUEST_POST('opt_in'), getUserId()), __FILE__, __LINE__);
// Rember for next switch() command
$opt_in = REQUEST_POST('opt_in');
FROM `{!_MYSQL_PREFIX!}_user_transfers_out`
WHERE time_trans > (UNIX_TIMESTAMP() - %s) AND userid=%s
ORDER BY time_trans DESC
-LIMIT 1", array(getConfig('transfer_timeout'), $GLOBALS['userid']), __FILE__, __LINE__);
+LIMIT 1", array(getConfig('transfer_timeout'), getUserId()), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Load template
define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));