} elseif (!IS_MEMBER()) {
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) {
} elseif (!IS_MEMBER()) {
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) {
// Remember maximum value for template
define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5));
// Remember maximum value for template
define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5));
// Check for code
$code = GEN_RANDOM_CODE(getConfig('transfer_code'), $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
$valid_code = ($code == $_POST['code']);
// Check for code
$code = GEN_RANDOM_CODE(getConfig('transfer_code'), $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
$valid_code = ($code == $_POST['code']);
// Check for nickname extension and set additional data
$nick = false; $ADD = ", userid";
// Check for nickname extension and set additional data
$nick = false; $ADD = ", userid";
// Re-check receivers and own personal data
$result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM `"._MYSQL_PREFIX."_user_data` WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
// Re-check receivers and own personal data
$result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM `"._MYSQL_PREFIX."_user_data` WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
- array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
+ array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
// Let's start the transfer and load user data
list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Let's start the transfer and load user data
list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Data row 1 is sender's data
define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1));
define('__SENDER_NICK' , $nick1);
// Data row 1 is sender's data
define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1));
define('__SENDER_NICK' , $nick1);
// Data row 2 is sender's data
define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2));
define('__SENDER_NICK' , $nick2);
// Data row 2 is sender's data
define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2));
define('__SENDER_NICK' , $nick2);
// Sender's UID is always currently stored in cookie userid...
define('__SENDER_UID' , $GLOBALS['userid']);
define('__RECIPIENT_UID' , $_POST['to_uid']);
$SENDER = __SENDER_UID;
$RECIPIENT = __RECIPIENT_UID;
// Sender's UID is always currently stored in cookie userid...
define('__SENDER_UID' , $GLOBALS['userid']);
define('__RECIPIENT_UID' , $_POST['to_uid']);
$SENDER = __SENDER_UID;
$RECIPIENT = __RECIPIENT_UID;
$RECIPIENT = __RECIPIENT_NICK;
}
}
// Remember transfer reason and fancy date/time in constants
define('__TRANSFER_REASON', $_POST['reason']);
$RECIPIENT = __RECIPIENT_NICK;
}
}
// Remember transfer reason and fancy date/time in constants
define('__TRANSFER_REASON', $_POST['reason']);
- if (function_exists('CREATE_FANCY_TIME'))
- {
- define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME(getConfig('transfer_age')));
- }
- else
- {
- define('__TRANSFER_EXPIRES', round(getConfig('transfer_age')/60/60/24)." ".DAYS);
- }
+ define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME(getConfig('transfer_age')));
// Generate tranafer id
define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", mt_rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
// Add entries to both tables
// Generate tranafer id
define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", mt_rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
// Add entries to both tables
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
__FILE__, __LINE__);
array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
__FILE__, __LINE__);
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
__FILE__, __LINE__);
array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
__FILE__, __LINE__);
- LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."<br /><A href=\"".URL."/modules.php?module=login&what=transfer\">".TRANSFER_CONTINUE_OVERVIEW."</A>");
- }
- elseif (!$valid_code)
- {
+ LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."<br /><a href=\"".URL."/modules.php?module=login&what=transfer\">".TRANSFER_CONTINUE_OVERVIEW."</a>");
+ } elseif (!$valid_code) {
// Load userid and nickname
$result = SQL_QUERY_ESC("SELECT userid, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load userid and nickname
$result = SQL_QUERY_ESC("SELECT userid, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load only userid
$result = SQL_QUERY_ESC("SELECT userid, userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
array($GLOBALS['userid']), __FILE__, __LINE__);
}
// Load only userid
$result = SQL_QUERY_ESC("SELECT userid, userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid",
array($GLOBALS['userid']), __FILE__, __LINE__);
}
- $OUT = "<SELECT name=\"to_uid\" size=\"1\" class=\"member_select\">
- <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
- while (list($uid, $nick) = SQL_FETCHROW($result))
- {
- $OUT .= "<OPTION value=\"".$uid."\"";
+ $OUT = "<select name=\"to_uid\" size=\"1\" class=\"member_select\">
+ <option value=\"0\">".SELECT_NONE."</option>\n";
+ while (list($uid, $nick) = SQL_FETCHROW($result)) {
+ $OUT .= "<option value=\"".$uid."\"";
// No one else is opt-in
$OUT = TRANSFER_NO_ONE_ELSE_OPT_IN;
define('__TRANSFER_TO_DISABLED', " disabled");
}
// No one else is opt-in
$OUT = TRANSFER_NO_ONE_ELSE_OPT_IN;
define('__TRANSFER_TO_DISABLED', " disabled");
}
// Transfer output to constant for the template
define('__TRANSFER_USERID_SELECTION', $OUT);
// Generate Code
// Transfer output to constant for the template
define('__TRANSFER_USERID_SELECTION', $OUT);
// Generate Code
$rand = mt_rand(0, 99999);
$code = GEN_RANDOM_CODE(getConfig('transfer_code'), $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
$img = GENERATE_IMAGE($code, false);
define('__TRANSFER_IMAGE_INPUT', "<INPUT type=\"hidden\" name=\"code_chk\" value=\"".$rand."\"><INPUT type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".__TRANSFER_TO_DISABLED."> ".$img);
$rand = mt_rand(0, 99999);
$code = GEN_RANDOM_CODE(getConfig('transfer_code'), $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
$img = GENERATE_IMAGE($code, false);
define('__TRANSFER_IMAGE_INPUT', "<INPUT type=\"hidden\" name=\"code_chk\" value=\"".$rand."\"><INPUT type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".__TRANSFER_TO_DISABLED."> ".$img);
// Run the SQL command
$total = 0;
$result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__);
// Run the SQL command
$total = 0;
$result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__);
- while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result))
- {
+ while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result)) {
if ($type == "OUT") $points = "$points-";
$OUT .= "<TR>
<TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
if ($type == "OUT") $points = "$points-";
$OUT .= "<TR>
<TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
// Let's begin with the incoming list
$result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY id LIMIT %s",
array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
// Let's begin with the incoming list
$result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY id LIMIT %s",
array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
$DATA[] = "IN";
$DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
$DATA[] = "IN";
$DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
// As the last table transfer data from outgoing table to temporary
$result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY id LIMIT %s",
array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
// As the last table transfer data from outgoing table to temporary
$result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY id LIMIT %s",
array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__);
$DATA[] = "OUT";
$DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
$DATA[] = "OUT";
$DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
// Output rows
$OUT = ""; $SW = 2;
$result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__);
// Output rows
$OUT = ""; $SW = 2;
$result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__);
- while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result))
- {
+ while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result)) {
if ($type == "OUT") $points = "-$points";
$OUT .= "<TR>
<TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
if ($type == "OUT") $points = "-$points";
$OUT .= "<TR>
<TD class=\"transfer_row1 switch_sw".$SW." bottom2 right2\">
define('__TRANSFER_ALL_LINK', $total);
}
if (isset($_POST['ok'])) {
// Save settings
define('__TRANSFER_ALL_LINK', $total);
}
if (isset($_POST['ok'])) {
// Save settings
- $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1",
- array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1",
+ array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__);
case "Y":
define('__TRANSFER_ALLOW_Y', " checked=\"checked\"");
define('__TRANSFER_ALLOW_N', "");
case "Y":
define('__TRANSFER_ALLOW_Y', " checked=\"checked\"");
define('__TRANSFER_ALLOW_N', "");