************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
} elseif (!IS_MEMBER()) {
$nick = true;
}
// Re-check receivers and own personal data
- $result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
+ $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
$valid_data = (SQL_NUMROWS($result) == 2);
if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient)
{
// Let's start the transfer and load user data
- list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
- list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
+ list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result);
+ list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ($uid1 == $GLOBALS['userid'])
{
// Data row 1 is sender's data
- define('__SENDER_SEX' , TRANSLATE_SEX($sex1));
+ define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1));
define('__SENDER_NICK' , $nick1);
define('__SENDER_SNAME' , $sname1);
define('__SENDER_FNAME' , $fname1);
define('__SENDER_EMAIL' , $email1);
// Data row 2 is recpient's data
- define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex2));
+ define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender2));
define('__RECIPIENT_NICK' , $nick2);
define('__RECIPIENT_SNAME', $sname2);
define('__RECIPIENT_FNAME', $fname2);
else
{
// Data row 2 is sender's data
- define('__SENDER_SEX' , TRANSLATE_SEX($sex2));
+ define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2));
define('__SENDER_NICK' , $nick2);
define('__SENDER_SNAME' , $sname2);
define('__SENDER_FNAME' , $fname2);
define('__SENDER_EMAIL' , $email2);
// Data row 1 is recpient's data
- define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex1));
+ define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender1));
define('__RECIPIENT_NICK' , $nick1);
define('__RECIPIENT_SNAME', $sname1);
define('__RECIPIENT_FNAME', $fname1);
define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
// Add entries to both tables
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
__FILE__, __LINE__);
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
__FILE__, __LINE__);
// Add points to account *directly* ...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%s AND ref_depth=0 LIMIT 1",
- array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__);
+ ADD_POINTS_REFSYSTEM(bigintval($_POST['to_uid']), bigintval($_POST['points']), false, "0", false, "direct");
// ... and add it to current user's used points
SUB_POINTS($GLOBALS['userid'], $_POST['points']);
// First of all create the temporary table
$result = SQL_QUERY("CREATE TEMPORARY TABLE "._MYSQL_PREFIX."_transfers_tmp (
trans_id VARCHAR(12) NOT NULL DEFAULT '',
-party_uid BIGINT(20) NOT NULL DEFAULT '0',
-points BIGINT(20) NOT NULL DEFAULT '0',
+party_uid BIGINT(20) UNSIGNED NOT NULL DEFAULT '0',
+points BIGINT(20) UNSIGNED NOT NULL DEFAULT '0',
reason VARCHAR(255) NOT NULL DEFAULT '',
time_trans VARCHAR(10) NOT NULL DEFAULT '0',
-trans_type ENUM('IN', 'OUT') NOT NULL DEFAULT 'IN',
+trans_type ENUM('IN','OUT') NOT NULL DEFAULT 'IN',
KEY(party_uid)
) TYPE=HEAP", __FILE__, __LINE__);
while ($DATA = SQL_FETCHROW($result))
{
$DATA[] = "IN";
- $DATA = implode("', '", $DATA);
+ $DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
}
while ($DATA = SQL_FETCHROW($result))
{
$DATA[] = "OUT";
- $DATA = implode("', '", $DATA);
+ $DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
}
define('__TRANSFER_ALL_LINK', $total);
}
- if (isset($_POST['ok']))
- {
+ if (isset($_POST['ok'])) {
// Save settings
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET opt_in='%s' WHERE userid=%s LIMIT 1",
array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__);
// "Settings saved..."
OUTPUT_HTML("<P><STRONG class=\"member_done\">".SETTINGS_SAVED."</STRONG></P>");
}
+
switch ($opt_in)
{
case 'Y':
- define('__TRANSFER_ALLOW_Y', ' checked');
+ define('__TRANSFER_ALLOW_Y', " checked=\"checked\"");
define('__TRANSFER_ALLOW_N', "");
define('__TRANSFER_NEW_LINK', "<A href=\"".URL."/modules.php?module=login&what=transfer&mode=new\">".TRANSFER_NOW_LINK."</A>");
break;
case 'N':
define('__TRANSFER_ALLOW_Y', "");
- define('__TRANSFER_ALLOW_N', ' checked');
+ define('__TRANSFER_ALLOW_N', " checked=\"checked\"");
define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN);
break;
}
// Check for latest out-transfers
- $result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > ".(time() - $_CONFIG['transfer_timeout'])." AND userid=%s ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
+ $result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > (UNIX_TIMESTAMP() - ".$_CONFIG['transfer_timeout'].") AND userid=%s ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0) {
// Load template
define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));
- }
- else
- {
+ } else {
// Load newest transaction
list($newest) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
define('__TRANSFER_SETTINGS_CONTENT', TRANSFER_LATEST_IS_1.MAKE_DATETIME($newest, "3").TRANSFER_LATEST_IS_2);
}
+
// Load template
LOAD_TEMPLATE("member_transfer_overview");
break;
projects / mailer.git / blobdiff