require($INC);
} elseif (!IS_MEMBER()) {
LOAD_URL("modules.php?module=index");
-} elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) {
+} elseif (!EXT_IS_ACTIVE("transfer"))
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
// Load data
$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
{
case "new": // Start new transfer
// Get total points and subtract the balance amount from it = maximum transferable points
- $result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND points > 0",
- array($GLOBALS['userid']), __FILE__, __LINE__);
- list($total) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Get totally used points and password
- $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
- list($used, $pass) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ $total = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
// Remember maximum value for template
- define('__TRANSFER_MAX_VALUE', round($total - $used - $_CONFIG['transfer_balance'] - 0.5));
+ define('__TRANSFER_MAX_VALUE', round($total - $_CONFIG['transfer_balance'] - 0.5));
if (isset($_POST['ok']))
{
$nick = true;
}
// Re-check receivers and own personal data
- $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
+ $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2",
array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__);
$valid_data = (SQL_NUMROWS($result) == 2);
}
// Generate tranafer id
- define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
+ define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", mt_rand(0, 99999), $GLOBALS['userid'], $_POST['reason'])));
// Add entries to both tables
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
- array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
- __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s', '%s', '%s', '%s', UNIX_TIMESTAMP(), '%s')",
- array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
- __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
+ __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
+ array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
+ __FILE__, __LINE__);
// Add points to account *directly* ...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%s AND ref_depth=0 LIMIT 1",
- array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__);
+ ADD_POINTS_REFSYSTEM(bigintval($_POST['to_uid']), bigintval($_POST['points']), false, "0", false, "direct");
// ... and add it to current user's used points
SUB_POINTS($GLOBALS['userid'], $_POST['points']);
// Generate Code
if ($_CONFIG['transfer_code'] > 0)
{
- $rand = rand(0, 99999);
+ $rand = mt_rand(0, 99999);
$code = GEN_RANDOM_CODE($_CONFIG['transfer_code'], $rand, $GLOBALS['userid'], __TRANSFER_MAX_VALUE);
$img = GENERATE_IMAGE($code, false);
define('__TRANSFER_IMAGE_INPUT', "<INPUT type=\"hidden\" name=\"code_chk\" value=\"".$rand."\"><INPUT type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".__TRANSFER_TO_DISABLED."> ".$img);
points BIGINT(20) UNSIGNED NOT NULL DEFAULT '0',
reason VARCHAR(255) NOT NULL DEFAULT '',
time_trans VARCHAR(10) NOT NULL DEFAULT '0',
-trans_type ENUM('IN', 'OUT') NOT NULL DEFAULT 'IN',
+trans_type ENUM('IN','OUT') NOT NULL DEFAULT 'IN',
KEY(party_uid)
) TYPE=HEAP", __FILE__, __LINE__);
while ($DATA = SQL_FETCHROW($result))
{
$DATA[] = "IN";
- $DATA = implode("', '", $DATA);
+ $DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
}
while ($DATA = SQL_FETCHROW($result))
{
$DATA[] = "OUT";
- $DATA = implode("', '", $DATA);
+ $DATA = implode("','", $DATA);
$res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__);
}
switch ($opt_in)
{
case 'Y':
- define('__TRANSFER_ALLOW_Y', " checked");
+ define('__TRANSFER_ALLOW_Y', " checked=\"checked\"");
define('__TRANSFER_ALLOW_N', "");
define('__TRANSFER_NEW_LINK', "<A href=\"".URL."/modules.php?module=login&what=transfer&mode=new\">".TRANSFER_NOW_LINK."</A>");
break;
case 'N':
define('__TRANSFER_ALLOW_Y', "");
- define('__TRANSFER_ALLOW_N', " checked");
+ define('__TRANSFER_ALLOW_N', " checked=\"checked\"");
define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN);
break;
}