X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-add_points.php;h=82442de572a78905318ffdec2aa3800f06de4ca2;hp=fd9b0e5ee88c3bbe8f6a3ea160b43bcac1f510a8;hb=3f51c40f4fede87228216f9285b745a339e3891d;hpb=6032b7018b83778f1592383238f4e0d28f718622 diff --git a/inc/modules/admin/what-add_points.php b/inc/modules/admin/what-add_points.php index fd9b0e5ee8..82442de572 100644 --- a/inc/modules/admin/what-add_points.php +++ b/inc/modules/admin/what-add_points.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Manuell einem Mitglied Punkte gutschreiben * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -32,93 +37,98 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR('admin', __FILE__); // Fix a notice -if (!isset($_GET['u_id'])) $_GET['u_id'] = ""; +if (!REQUEST_ISSET_GET('uid')) REQUEST_SET_GET('uid', ''); -if ($_GET['u_id'] == "all") { +if (REQUEST_GET('uid') == "all") { // Add points to all accounts - if ((isset($_POST['ok'])) && ($_POST['points'] > 0)) { - define('__POINTS_VALUE', $_POST['points']); - $result_main = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__); - while (list($uid) = SQL_FETCHROW($result_main)) { - // User ID found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array(bigintval($uid)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) { - // Selected user does exist - list($sname, $fname, $email) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - - if ((isset($_POST['ok'])) && (!empty($_POST['points']))) { - // Ok, add points and send an email to him... - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%s AND ref_depth=0 LIMIT 1", - array($_POST['points'], bigintval($uid)), __FILE__, __LINE__); - - // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") { - // Update database - MEDIA_UPDATE_ENTRY(array("total_points"), "add", $_POST['points']); - } - - // Load email template and send email away - $msg = LOAD_EMAIL_TEMPLATE("add-points", $_POST['reason'], $uid); - SEND_EMAIL($email, ADMIN_ADD_SUBJ, $msg); - } - } - } + if ((isFormSent()) && (REQUEST_POST('points') > 0)) { + // @TODO Rewrite this constant + define('__POINTS_VALUE', REQUEST_POST('points')); + + // Select all users + $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY `userid` ASC", + __FILE__, __LINE__); + + // Process all entries + while ($content = SQL_FETCHARRAY($result_main)) { + // Remove depth to prevent booking errors. This is a bad coding + // practice, thats also why we need to write this project from + // scratch... + $GLOBALS['ref_level'] = -1; + + // Ok, add points and send an email to him... + ADD_POINTS_REFSYSTEM_DIRECT('admin_all', $content['userid'], bigintval(REQUEST_POST('points'))); + + // Prepare content + $content['text'] = SQL_ESCAPE(REQUEST_POST('reason')); + $content['points'] = bigintval(REQUEST_POST('points')); + + // Load email template and send email away + $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval($content['userid'])); + sendEmail(bigintval($content['userid']), getMessage('ADMIN_ADD_SUBJ'), $msg); + } // END - while // Free memory SQL_FREERESULT($result_main); // Output message - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_POINTS_ADDED); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ALL_POINTS_ADDED')); } else { // Display form add points LOAD_TEMPLATE("admin_add_points_all"); } -} elseif (!empty($_GET['u_id'])) { +} elseif (REQUEST_ISSET_GET('uid')) { // User ID found in URL so we use this give him some credits - $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1", - array(bigintval($_GET['u_id'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `email` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Selected user does exist list($sname, $fname, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); - if ((isset($_POST['ok'])) && (!empty($_POST['points']))) { + if ((isFormSent()) && (REQUEST_ISSET_POST(('points')))) { + // Remove depth to prevent booking errors. This is a bad coding + // practice, thats also why we need to write this project from + // scratch... + unset($GLOBALS['ref_level']); + // Ok, add points and send an email to him... - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%s AND ref_depth=0 LIMIT 1", - array($_POST['points'], bigintval($_GET['u_id'])), __FILE__, __LINE__); + ADD_POINTS_REFSYSTEM_DIRECT('admin_single', bigintval(REQUEST_GET('uid')), bigintval(REQUEST_POST('points'))); - // Remember points in constant - define('__POINTS_VALUE', $_POST['points']); + // Prepare content + $content = array( + 'text' => SQL_ESCAPE(REQUEST_POST('reason')), + 'points' => bigintval(REQUEST_POST('points')) + ); // Message laden - $msg = LOAD_EMAIL_TEMPLATE("add-points", $_POST['reason'], $_GET['u_id']); + $msg = LOAD_EMAIL_TEMPLATE("add-points", $content, bigintval(REQUEST_GET('uid'))); - SEND_EMAIL($email, ADMIN_ADD_SUBJ, $msg); - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_POINTS_ADDED); + sendEmail(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_ADD_SUBJ'), $msg); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_POINTS_ADDED')); } else { // Opps, missing form here - define('__USER_VALUE', "".$sname." ".$fname.""); - define('__UID_VALUE', $_GET['u_id']); - LOAD_TEMPLATE("admin_add_points"); + // @TODO Rewrite these both constants + define('__USER_VALUE', "".$sname." ".$fname.""); + define('__UID' , bigintval(REQUEST_GET('uid'))); + LOAD_TEMPLATE('admin_add_points'); } } else { // User not found! - OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2.""); + LOAD_TEMPLATE('admin_settings_saved', false, "
".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."
"); } } else { // Output selection form with all confirmed user accounts listed - ADD_MEMBER_SELECTION_BOX("0", true); + ADD_MEMBER_SELECTION_BOX('0', true); } //