X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-unlock_emails.php;h=d4283557d927b09af584930d96d7cafb26d2b58e;hp=3947745f46bdbb7eb7468d68228817c0ba4ec6ca;hb=0ac6fabb8c59724059a0b63aeac84e9e97e0c307;hpb=19cd0d37b2bcbf9dd4f3c38a9cecd7f5011d6b66

diff --git a/inc/modules/admin/what-unlock_emails.php b/inc/modules/admin/what-unlock_emails.php
index 3947745f46..d4283557d9 100644
--- a/inc/modules/admin/what-unlock_emails.php
+++ b/inc/modules/admin/what-unlock_emails.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
@@ -41,12 +41,11 @@ if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
 ADD_DESCR("admin", basename(__FILE__));
 
 // Define some variables
-global $DATA, $link;
+global $DATA;
 
 // Check for mails
 $result_main = SQL_QUERY("SELECT id, sender, subject, payment_id, timestamp, url, target_send, cat_id FROM "._MYSQL_PREFIX."_pool WHERE data_type='ADMIN' ORDER BY timestamp", __FILE__, __LINE__);
 
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
 if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
 	// Count checked checkboxes
 	$SEL = 0;
@@ -55,8 +54,8 @@ if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
 		if (count($_POST['sel']) > 0) {
 			// Count now... We use an own function for now
 			$SEL = SELECTION_COUNT($_POST['sel']);
-		}
-	}
+		} // END - if
+	} // END - if
 
 	if (isset($_POST['accept'])) {
 		if ($SEL > 0) {
@@ -65,47 +64,50 @@ if ((SQL_NUMROWS($result_main) > 0) || (isset($_POST['lock']))) {
 				// Secure ID number
 				$id = bigintval($id);
 
-				// Unlock selected email
-				//$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%d AND data_type='ADMIN' LIMIT 1",
-				// array($id), __FILE__, __LINE__);
-				if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1) {
-					// Order placed in queue...
-					$result = SQL_QUERY_ESC("SELECT po.url, po.subject, po.sender, pay.payment
+				// Order placed in queue...
+				$result = SQL_QUERY_ESC("SELECT po.url, po.subject, po.sender, pay.payment, po.payment_id
 FROM "._MYSQL_PREFIX."_pool AS po
 INNER JOIN "._MYSQL_PREFIX."_payments AS pay
 ON po.payment_id=pay.id
-WHERE po.id=%d
+WHERE po.id=%s
 LIMIT 1",
-					 array($id), __FILE__, __LINE__);
-					$DATA = SQL_FETCHROW($result);
+					array($id), __FILE__, __LINE__);
+
+				// Update wents fine?
+				if (SQL_NUMROWS($result) == 1) {
+					// Load data
+					$DATA = SQL_FETCHARRAY($result);
+
+					// Free result
 					SQL_FREERESULT($result);
 
+					// Is the surfbar installed?
+					if ((EXT_IS_ACTIVE("surfbar")) && ($_CONFIG['surfbar_migrate_order'] == "Y")) {
+						// Then "migrate" the URL to the surfbar
+						SURFBAR_ADMIN_MIGRATE_URL($DATA['url'], $DATA['sender']);
+					} // END - if
+
 					// Check for bonus extension version >= 0.4.4 for the order bonus
 					if ((GET_EXT_VERSION("bonus") >= "0.4.4") && ($_CONFIG['bonus_active'] == "Y")) {
 						// Add points directly
-						$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$_CONFIG['bonus_order']." WHERE userid=%d LIMIT 1",
-						 array(bigintval($DATA[2])), __FILE__, __LINE__);
+						$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_order=bonus_order+".$_CONFIG['bonus_order']." WHERE userid=%s LIMIT 1",
+						 array(bigintval($DATA['sender'])), __FILE__, __LINE__);
 
 						// Subtract bonus points from system
 						BONUS_POINTS_HANDLER($_CONFIG['bonus_order']);
-					}
-
-					// Check for surfbar extension
-					if (EXT_IS_ACTIVE("surfbar")) {
-						// Add the url
-						$insertId = SURFBAR_ADMIN_ADD_URL($DATA[0], $DATA[2], $DATA[3]);
+					} // END - if
 
-						// Load email template
-						$msg_user = LOAD_EMAIL_TEMPLATE("order_accept_sb", $insertId, $DATA[2]);
-					} else {
-						// Load email template
-						$msg_user = LOAD_EMAIL_TEMPLATE("order-accept", "", $DATA[2]);
-					}
+					// Load email template
+					$msg_user = LOAD_EMAIL_TEMPLATE("order-accept", array(), $DATA['sender']);
 
 					// Send email
-					SEND_EMAIL($DATA[2], MEMBER_ORDER_ACCEPTED, $msg_user);
-				}
-			}
+					SEND_EMAIL($DATA['sender'], MEMBER_ORDER_ACCEPTED, $msg_user);
+
+					// Unlock selected email
+					$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='NEW' WHERE id=%s AND data_type='ADMIN' LIMIT 1",
+						array($id), __FILE__, __LINE__);
+				} // END - if
+			} // END - foreach
 
 			// Set message
 			$MSG = ADMIN_MAILS_ACTIVATED;
@@ -120,25 +122,29 @@ LIMIT 1",
 		if ($SEL > 0) {
 			// Reject mail orders
 			$SW = 2; $OUT = "";
-			foreach ($_POST['sel'] as $id=>$value) {
+			foreach ($_POST['sel'] as $id => $value) {
 				// Secure ID number
 				$id = bigintval($id);
 
 				// Load URL and subject from pool
-				$result = SQL_QUERY_ESC("SELECT url, subject, sender FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+				$result = SQL_QUERY_ESC("SELECT url, subject, sender FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
 				 array($id), __FILE__, __LINE__);
-				$DATA = SQL_FETCHROW($result);
+
+				// Load data
+				$DATA = SQL_FETCHARRAY($result);
+
+				// Free result
 				SQL_FREERESULT($result);
 
 				// Load email template and send it away
-				$msg_user = LOAD_EMAIL_TEMPLATE("order-reject", "", $DATA[2]);
-				SEND_EMAIL($DATA[2], MEMBER_ORDER_REJECTED, $msg_user);
+				$msg_user = LOAD_EMAIL_TEMPLATE("order-reject", array(), $DATA['sender']);
+				SEND_EMAIL($DATA['sender'], MEMBER_ORDER_REJECTED, $msg_user);
 
 				// If you do not enter an URL to redirect to, your URL will be set!
 				if ((empty($_POST['redirect'])) || ($_POST['redirect'] == "http://")) $_POST['redirect'] = URL;
 
 				// Redirect URL
-				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET url='%s', data_type='NEW' WHERE id=%d LIMIT 1",
+				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET url='%s', data_type='NEW' WHERE id=%s LIMIT 1",
 				 array($_POST['redirect'], $id),__FILE__, __LINE__);
 
 				// Prepare data for the row template
@@ -163,7 +169,7 @@ LIMIT 1",
 	} elseif ((isset($_POST['lock'])) || ($SEL > 0)) {
 		if ($SEL > 0) {
 			// Lock URLs
-			foreach ($_POST['sel'] as $id=>$url) {
+			foreach ($_POST['sel'] as $id => $url) {
 				// Lookup in blacklist
 				$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
 				 array($url), __FILE__, __LINE__);
@@ -212,7 +218,7 @@ LIMIT 1",
 		}
 
 		// Free memory
-		SQL_FREERESULT($result);
+		SQL_FREERESULT($result_main);
 		define('__UNLOCK_ROWS', $OUT);
 
 		// Prepare rejection URL
@@ -231,6 +237,5 @@ LIMIT 1",
 	LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MAILS_IN_POOL);
 }
 
-CLOSE_TABLE();
 //
 ?>