X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-list_rallyes.php;h=554efeaefe9ec6c743440bbce6bbbc2ce2ec5be8;hp=f8f809a166e6668ed7ec7440ae0c38f117e7010c;hb=56156f6c4392510cdbe0eb4f2ccefc23b43e2672;hpb=8a9324b2d931f54f54f4319fd7234910af77012c
diff --git a/inc/modules/admin/what-list_rallyes.php b/inc/modules/admin/what-list_rallyes.php
index f8f809a166..554efeaefe 100644
--- a/inc/modules/admin/what-list_rallyes.php
+++ b/inc/modules/admin/what-list_rallyes.php
@@ -32,14 +32,13 @@
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
if (empty($_GET['sub'])) $_GET['sub'] = "";
$MSG = "";
@@ -54,11 +53,11 @@ if (isset($_GET['rallye']))
switch ($_GET['activate'])
{
case "1": // Activate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET is_active='Y' WHERE id=%d AND is_active='N' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET is_active='Y' WHERE id=%s AND is_active='N' LIMIT 1";
break;
case "0": // Deactivate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET is_active='N' WHERE id=%d AND is_active='Y' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET is_active='N' WHERE id=%s AND is_active='Y' LIMIT 1";
break;
}
}
@@ -69,11 +68,11 @@ if (isset($_GET['rallye']))
switch ($_GET['notify'])
{
case "1": // Activate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET send_notify='Y' WHERE id=%d AND send_notify='N' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET send_notify='Y' WHERE id=%s AND send_notify='N' LIMIT 1";
break;
case "0": // Deactivate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET send_notify='N' WHERE id=%d AND send_notify='Y' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET send_notify='N' WHERE id=%s AND send_notify='Y' LIMIT 1";
break;
}
}
@@ -84,11 +83,11 @@ if (isset($_GET['rallye']))
switch ($_GET['auto'])
{
case "1": // Activate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET auto_add_new_user='Y' WHERE id=%d AND auto_add_new_user='N' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET auto_add_new_user='Y' WHERE id=%s AND auto_add_new_user='N' LIMIT 1";
break;
case "0": // Deactivate
- $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET auto_add_new_user='N' WHERE id=%d AND auto_add_new_user='Y' LIMIT 1";
+ $SQL = "UPDATE "._MYSQL_PREFIX."_rallye_data SET auto_add_new_user='N' WHERE id=%s AND auto_add_new_user='Y' LIMIT 1";
break;
}
}
@@ -106,15 +105,15 @@ if (isset($_GET['rallye']))
if ($SEL > 0)
{
// Delete selected rallyes and all it's data
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
// Remove selected rallye entirely...
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_data WHERE id=%d LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_prices WHERE rallye_id=%d",
- array(bigintval($id)), __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%d",
- array(bigintval($id)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_data WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_prices WHERE rallye_id=%s",
+ array(bigintval($id)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%s",
+ array(bigintval($id)), __FILE__, __LINE__);
}
// Output message
@@ -133,7 +132,7 @@ if (isset($_GET['rallye']))
if ($SEL > 0)
{
// Change selected rallyes and all it's data
- foreach ($_POST['title'] as $id=>$title)
+ foreach ($_POST['title'] as $id => $title)
{
// Secure ID number
$id = bigintval($id);
@@ -143,7 +142,7 @@ if (isset($_GET['rallye']))
$END = mktime($_POST['end_hour'][$id] , $_POST['end_min'][$id] , $_POST['end_sec'][$id] , $_POST['end_month'][$id] , $_POST['end_day'][$id] , $_POST['end_year'][$id] );
// Update entry
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_rallye_data SET
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_rallye_data SET
title='%s',
descr='%s',
template='%s',
@@ -169,10 +168,10 @@ if (isset($_POST['edit']))
{
// Make all selected and deactivated rallyes editable
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
// Load rallye basic data
- $result = SQL_QUERY_ESC("SELECT title, descr, template, start_time, end_time, min_users, min_prices FROM "._MYSQL_PREFIX."_rallye_data WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title, descr, template, start_time, end_time, min_users, min_prices FROM "._MYSQL_PREFIX."_rallye_data WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($title, $descr, $templ, $start, $end, $min_users, $min_prices) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
@@ -219,11 +218,9 @@ if (isset($_POST['edit']))
// Nothing selected to edit
LOAD_TEMPLATE("admin_settings_saved", false, LOAD_TEMPLATE("admin_list_rallye_noselect", true));
}
-}
- elseif (($_GET['sub'] == "users") && ($_GET['rallye'] > 0))
-{
+} elseif (($_GET['sub'] == "users") && ($_GET['rallye'] > 0)) {
// List users and their refs before start and current
- $result = SQL_QUERY_ESC("SELECT userid, refs, curr_points FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%d ORDER BY userid",
+ $result = SQL_QUERY_ESC("SELECT userid, refs, curr_points FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%s ORDER BY userid",
array(bigintval($_GET['rallye'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
@@ -231,19 +228,23 @@ if (isset($_POST['edit']))
define('__RALLYE_VALUE', $_GET['rallye']);
while (list($uid, $old, $opoints) = SQL_FETCHROW($result))
{
- // Check for referral count
+ // Check for referal count
$cnt = RALLYE_GET_REFCOUNT($uid, $old);
// Output row
$Bl = ""; $Br = "";
- if (($opoints > 0) && ($cnt > 0)) { $Bl = ""; $Br = ""; }
+ if (($opoints > 0) && ($cnt > 0)) { $Bl = ""; $Br = ""; }
if (($old > 0) || ($cnt > 0))
{
- // Insert link to referral list
+ // Insert link to referal list
//* DEBUG: */ echo "-".$uid."/".$cnt."/".$old."-
";
$cnt = ADMIN_USER_PROFILE_LINK($uid, $cnt, "list_refs");
$old = ADMIN_USER_PROFILE_LINK($uid, $old, "list_refs");
}
+
+ // Get user points
+ $points = GET_TOTAL_DATA($uid, "user_points", "points", "userid", false, " AND ref_depth=1 LIMIT 1");
+ //* DEBUG: */ echo basename(__FILE__).":uid={$uid},points={$points},opoints={$opoints}
\n";
$content = array(
'sw' => $SW ,
'uid' => $uid,
@@ -251,7 +252,7 @@ if (isset($_POST['edit']))
'bold_r' => $Br ,
'old' => $old,
'cnt' => $cnt,
- 'opoints' => TRANSLATE_COMMA($opoints),
+ 'opoints' => TRANSLATE_COMMA($points - $opoints),
);
$OUT .= LOAD_TEMPLATE("admin_list_rallye_usr_row", true, $content);
$SW = 3 - $SW;
@@ -287,11 +288,11 @@ ORDER BY start_time DESC",
$alogin = GET_ADMIN_LOGIN($aid);
// Count assigned prices
- $result_prices = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_rallye_prices WHERE rallye_id=%d",
+ $result_prices = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_rallye_prices WHERE rallye_id=%s",
array(bigintval($id)), __FILE__, __LINE__);
// Count joined userids
- $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%d",
+ $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_rallye_users WHERE rallye_id=%s",
array($id), __FILE__, __LINE__);
$joined = SQL_NUMROWS($result_user);
@@ -299,7 +300,7 @@ ORDER BY start_time DESC",
if ($joined > 0)
{
// List joined users
- $joined = "".$joined."";
+ $joined = "".$joined."";
}
// Alter some variables
@@ -337,14 +338,14 @@ ORDER BY start_time DESC",
// Is the rallye active or not?
switch ($active)
{
- case 'Y':
+ case "Y":
// Rallye is active so do not edit it!
- $content['select'] = "".$id."";
+ $content['select'] = "