X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=49b6390c79ca194fcdf503831df8644cfd11ee38;hp=2bbc1eeee18add4d0906cca71ea9261e59bc5a99;hb=330dbb3e2b34450cd1665497506455e195a0a166;hpb=9f6c30cc0e06098171d773d671292081ecee3d29

diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php
index 2bbc1eeee1..49b6390c79 100644
--- a/inc/modules/member/what-transfer.php
+++ b/inc/modules/member/what-transfer.php
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 10/07/2004 *
- * ================                             Last change: 10/07/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 10/07/2004 *
+ * ===================                          Last change: 10/07/2004 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : what-transfer.php                                *
@@ -14,10 +14,9 @@
  * $Date::                                                            $ *
  * $Tag:: 0.2.1-FINAL                                                 $ *
  * $Author::                                                          $ *
- * Needs to be in all Files and every File needs "svn propset           *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -44,56 +43,54 @@ if (!defined('__SECURITY')) {
 }
 
 // Add description as navigation point
-addMenuDescription('member', __FILE__);
+addYouAreHereLink('member', __FILE__);
 
 if ((!isExtensionActive('transfer')) && (!isAdmin())) {
-	loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('transfer'));
+	displayMessage(generateExtensionInactiveNotInstalledMessage('transfer'));
 	return;
 } // END - if
 
-// Load data
-if (!fetchUserData(getUserId())) {
-	// Something really bad happened
-	debug_report_bug('No user account ' . getUserId() . ' found.');
-} // END - if
-
 // Check for mode in GET
 $mode = '';
-if (isGetRequestElementSet('mode')) $mode = getRequestElement('mode');
+if (isGetRequestParameterSet('mode')) {
+	$mode = getRequestParameter('mode');
+} // END - if
 
 // Check for "faker"
-if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) $mode = '';
+if ((getUserData('opt_in') != 'Y') && ($mode == 'new')) {
+	$mode = '';
+} // END - if
 
 switch ($mode) {
 	case 'new': // Start new transfer
 		// Get total points and subtract the balance amount from it = maximum transferable points
-		$total = countSumTotalData(getUserId(), 'user_points', 'points')  - countSumTotalData(getUserId(), 'user_data', 'used_points');
+		$total = getTotalPoints(getMemberId());
 
 		// Remember maximum value for template
 		$content['max_transferable'] = round($total - getConfig('transfer_balance') - 0.5);
 
 		if (isFormSent()) {
 			// Add new transfer
-			if (getConfig('transfer_code') > 0) {
+			if (getTransferCode() > 0) {
 				// Check for code
-				$code = generateRandomCode(getConfig('transfer_code'), postRequestElement('code_chk'), getUserId(), $content['max_transferable']);
-				$valid_code = ($code == postRequestElement('code'));
+				$code = generateRandomCode(getTransferCode(), postRequestParameter('code_chk'), getMemberId(), $content['max_transferable']);
+				$valid_code = ($code == postRequestParameter('code'));
 			} else {
 				// Zero length (= disabled) is always valid!
 				$valid_code = true;
 			}
 
 			// Test password
-			$valid_pass = ($pass == generateHash(postRequestElement('password'), $pass));
+			$valid_pass = ($pass == generateHash(postRequestParameter('password'), $pass));
 
 			// Test transfer amount
-			$valid_amount = ((isPostRequestElementSet('points')) && (postRequestElement('points') <= $content['max_transferable']));
+			$valid_amount = ((isPostRequestParameterSet('points')) && (postRequestParameter('points') <= $content['max_transferable']));
 
 			// Test reason for transfer
-			$valid_reason = (isPostRequestElementSet('reason'));
+			$valid_reason = (isPostRequestParameterSet('reason'));
 
 			// Test if a recipient is selected
-			$valid_recipient = (postRequestElement('to_userid') > 0);
+			$valid_recipient = isValidUserId(postRequestParameter('to_userid'));
 
 			// Check for nickname extension and set additional data
 			// @TODO Rewrite this to a filter
@@ -105,8 +102,8 @@ switch ($mode) {
 			// Re-check receivers and own personal data
 			$result = SQL_QUERY_ESC("SELECT `userid`, `gender`, `surname`, `family`, `email`".$add." FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid` IN ('%s','%s') AND `status`='CONFIRMED' LIMIT 2",
 				array(
-					getUserId(),
-					bigintval(postRequestElement('to_userid'))
+					getMemberId(),
+					bigintval(postRequestParameter('to_userid'))
 				), __FILE__, __LINE__);
 
 			// Do we have two entries?
@@ -125,87 +122,82 @@ switch ($mode) {
 					$content['recipient']['nickname'] = '';
 				} // END - if
 
-				// Translate some data
-				$content['sender']['gender']    = translateGender($content['sender']['gender']);
-				$content['recipient']['gender'] = translateGender($content['recipient']['gender']);
-
 				// Prepare variables for testing
 				$TEST_NICK_SENDER = $content['sender']['nickname'];
 				$TEST_NICK_REC    = $content['recipient']['nickname'];
 
 				// Default is userids for subject line
-				$SENDER = getUserId();
-				$RECIPIENT = bigintval(postRequestElement('to_userid'));
+				$SENDER    = getMemberId();
+				$RECIPIENT = bigintval(postRequestParameter('to_userid'));
 
 				// If nickname is installed we can set the nickname
 				// @TODO Rewrite this to a filter
 				if (isExtensionActive('nickname')) {
-					if (($TEST_NICK_SENDER != getUserId()) && (!empty($TEST_NICK_SENDER))) {
+					if (($TEST_NICK_SENDER != getMemberId()) && (!empty($TEST_NICK_SENDER))) {
 						$SENDER = $content['sender']['nickname'];
-					}
+					} // END - if
 
-					if (($TEST_NICK_REC != postRequestElement('to_userid')) && (!empty($TEST_NICK_REC))) {
+					if (($TEST_NICK_REC != postRequestParameter('to_userid')) && (!empty($TEST_NICK_REC))) {
 						$RECIPIENT = $content['recipient']['nickname'];
-					}
+					} // END - if
 				} // END - if
 
-				// Remember transfer reason and fancy date/time in constants
-				$content['reason']  = secureString(postRequestElement('reason'));
-				$content['expires'] = createFancyTime(getConfig('transfer_age'));
+				// Remember transfer reason
+				$content['reason']  = postRequestParameter('reason');
 
 				// Generate tranafer id
-				$content['trans_id'] = bigintval(generateRandomCode('10', mt_rand(0, 99999), getUserId(), postRequestElement('reason')));
+				$content['trans_id'] = bigintval(generateRandomCode('10', mt_rand(0, 99999), getMemberId(), postRequestParameter('reason')));
 
 				// Add entries to both tables
-				SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
-					array(bigintval(postRequestElement('to_userid')), getUserId(), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
-				SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
-					array(getUserId(), bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
+				SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+					array(bigintval(postRequestParameter('to_userid')), getMemberId(), bigintval(postRequestParameter('points')), postRequestParameter('reason'), $content['trans_id']), __FILE__, __LINE__);
+				SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+					array(getMemberId(), bigintval(postRequestParameter('to_userid')), bigintval(postRequestParameter('points')), postRequestParameter('reason'), $content['trans_id']), __FILE__, __LINE__);
 
 				// Add points to account *directly* ...
-				addPointsDirectly('member_transfer', bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points')));
+				addPointsDirectly('transfer', bigintval(postRequestParameter('to_userid')), bigintval(postRequestParameter('points')));
 
 				// ... and add it to current user's used points
-				subtractPoints('transfer', getUserId(), postRequestElement('points'));
+				subtractPoints('transfer', getMemberId(), postRequestParameter('points'));
 
 				// First send email to recipient
-				$message = loadEmailTemplate('member_transfer_recipient', $content, postRequestElement('to_userid'));
-				sendEmail($content['recipient']['email'], getMessage('TRANSFER_MEMBER_RECIPIENT_SUBJ') . ': ' . $SENDER, $message);
+				$message = loadEmailTemplate('member_transfer_recipient', $content, postRequestParameter('to_userid'));
+				sendEmail($content['recipient']['email'], '{--TRANSFER_MEMBER_RECIPIENT_SUBJECT--}' . ': ' . $SENDER, $message);
 
 				// Second send email to sender
-				$message = loadEmailTemplate('member_transfer_sender', $content, getUserId());
-				sendEmail($content['sender']['email'], getMessage('TRANSFER_MEMBER_SENDER_SUBJ') . ': ' . $RECIPIENT, $message);
+				$message = loadEmailTemplate('member_transfer_sender', $content, getMemberId());
+				sendEmail($content['sender']['email'], '{--TRANSFER_MEMBER_SENDER_SUBJECT--}' . ': ' . $RECIPIENT, $message);
 
 				// At last send admin mail(s)
-				$ADMIN_SUBJ = sprintf("%s (%s->%s)", getMessage('TRANSFER_ADMIN_SUBJECT'), $SENDER, $RECIPIENT);
-				sendAdminNotification($ADMIN_SUBJ, 'admin_transfer_points', $content);
+				$adminSubject = sprintf("%s (%s->%s)", '{--TRANSFER_ADMIN_SUBJECT--}', $SENDER, $RECIPIENT);
+				sendAdminNotification($adminSubject, 'admin_transfer_points', $content);
 
 				// Transfer is completed
-				loadTemplate('admin_settings_saved', false, getMessage('TRANSFER_COMPLETED') . "<br /><a href=\"{?URL?}/modules.php?module=login&amp;what=transfer\">{--TRANSFER_CONTINUE_OVERVIEW--}</a>");
+				displayMessage('<div>{--TRANSFER_COMPLETED--}' . '</div><div><a href="{%url=modules.php?module=login&amp;what=transfer%}">{--TRANSFER_CONTINUE_OVERVIEW--}</a></div>');
 			} elseif ($valid_code === false) {
 				// Invalid Touring code!
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_CODE--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_CODE--}');
+				unsetPostRequestParameter('ok');
 			} elseif ($valid_pass === false) {
 				// Wrong password entered
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_PASSWORD--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_PASSWORD--}');
+				unsetPostRequestParameter('ok');
 			} elseif ($valid_amount === false) {
 				// Too much points entered
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_POINTS--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_POINTS--}');
+				unsetPostRequestParameter('ok');
 			} elseif ($valid_reason === false) {
 				// No transfer reason entered
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_REASON--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_REASON--}');
+				unsetPostRequestParameter('ok');
 			} elseif ($valid_recipient === false) {
 				// No recipient selected
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_RECIPIENT--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_RECIPIENT--}');
+				unsetPostRequestParameter('ok');
 			} elseif ($valid_data === false) {
 				// No recipient/sender selected
-				loadTemplate('admin_settings_saved', false, "<div class=\"member_note\">{--TRANSFER_INVALID_DATA--}</div>");
-				unsetPostRequestElement('ok');
+				loadTemplate('admin_settings_unsaved', false, '{--TRANSFER_INVALID_DATA--}');
+				unsetPostRequestParameter('ok');
 			}
 
 			// Free result
@@ -217,22 +209,22 @@ switch ($mode) {
 			if (isExtensionActive('nickname')) {
 				// Load userid and nickname
 				$result = SQL_QUERY_ESC("SELECT `userid`, `nickname` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `status`='CONFIRMED' AND `opt_in`='Y' AND `userid` != '%s' ORDER BY `userid` ASC",
-					array(getUserId()), __FILE__, __LINE__);
+					array(getMemberId()), __FILE__, __LINE__);
 			} else {
 				// Load only userid
 				$result = SQL_QUERY_ESC("SELECT `userid`, `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `status`='CONFIRMED' AND `opt_in`='Y' AND `userid` != '%s' ORDER BY `userid` ASC",
-					array(getUserId()), __FILE__, __LINE__);
+					array(getMemberId()), __FILE__, __LINE__);
 			}
 
-			if (SQL_NUMROWS($result) > 0) {
+			if (!SQL_HASZERONUMS($result)) {
 				// Load list
-				$OUT  = "<select name=\"to_userid\" size=\"1\" class=\"member_select\">
-	<option value=\"0\">{--SELECT_NONE--}</option>\n";
+				$OUT  = '<select name="to_userid" size="1" class="form_select">
+	<option value="0">{--SELECT_NONE--}</option>';
 				// @TODO Try to rewrite his to $content = SQL_FETCHARRAY(), see some lines above for two different queries
 				while (list($userid, $nick) = SQL_FETCHROW($result)) {
-					$OUT .= "	<option value=\"".$userid."\"";
-					if ((isPostRequestElementSet(('to_userid'))) && (postRequestElement('to_userid') == $userid)) $OUT .= ' selected="selected"';
-					$OUT .= ">";
+					$OUT .= '	<option value="' . $userid . '"';
+					if ((isPostRequestParameterSet('to_userid')) && (postRequestParameter('to_userid') == $userid)) $OUT .= ' selected="selected"';
+					$OUT .= '>';
 					if (($nick != $userid) && (!empty($nick))) {
 						// Output nickname
 						$OUT .= $nick;
@@ -240,16 +232,16 @@ switch ($mode) {
 						// Output userid
 						$OUT .= $userid;
 					}
-					$OUT .= "</option>\n";
+					$OUT .= '</option>';
 				}
-				$OUT .= "</select>\n";
+				$OUT .= '</select>';
 				$content['to_disabled'] = '';
 
 				// Free memory
 				SQL_FREERESULT($result);
 			} else {
 				// No one else is opt-in
-				$OUT = loadTemplate('admin_settings_saved', true, getMessage('TRANSFER_NO_ONE_ELSE_OPT_IN'));
+				$OUT = displayMessage('{--TRANSFER_NO_ONE_ELSE_OPT_IN--}', true);
 				$content['to_disabled'] = ' disabled="disabled"';
 			}
 
@@ -257,14 +249,21 @@ switch ($mode) {
 			$content['userid_selection'] = $OUT;
 
 			// Generate Code
-			if (getConfig('transfer_code') > 0) {
+			if (getTransferCode() > 0) {
+				// Generate random number
 				$rand = mt_rand(0, 99999);
-				$code = generateRandomCode(getConfig('transfer_code'), $rand, getUserId(), $content['max_transferable']);
+
+				// Generate CAPTCHA code
+				$code = generateRandomCode(getTransferCode(), $rand, getMemberId(), $content['max_transferable']);
+
+				// Generate image (HTML code)
 				$img = generateImageOrCode($code, false);
-				$content['captcha_code'] = "<input type=\"hidden\" name=\"code_chk\" value=\"".$rand."\" /><input type=\"text\" name=\"code\" class=\"member_normal\" size=\"5\" maxlength=\"7\"".$content['to_disabled']." />&nbsp;" . $img;
+
+				// Add all and hidden field
+				$content['captcha_code'] = '<input type="hidden" name="code_chk" value="' . $rand . '" /><input type="text" name="code" class="form_field" size="5" maxlength="7"' . $content['to_disabled'] . ' />&nbsp;' . $img;
 			} else {
 				$code = '00000';
-				$content['captcha_code'] = loadTemplate('admin_settings_saved', true, getMessage('TRANSFER_NO_CODE'));
+				$content['captcha_code'] = displayMessage('{--TRANSFER_NO_CODE--}', true);
 			}
 
 			// Init points/reason
@@ -272,15 +271,12 @@ switch ($mode) {
 			$content['reason'] = '';
 
 			// Transfer maybe already entered valued'
-			if (isGetRequestElementSet('ok')) {
+			if (isPostRequestParameterSet('ok')) {
 				// Get values from form
-				$content['points'] = bigintval(postRequestElement('points'));
-				$content['reason'] = secureString(postRequestElement('reason'));
+				$content['points'] = postRequestParameter('points');
+				$content['reason'] = postRequestParameter('reason');
 			} // END - if
 
-			// Translate some array elements for template
-			$content['max_transferable'] = translateComma($content['max_transferable']);
-
 			// Output form
 			loadTemplate('member_transfer_new', false, $content);
 		} // END - if
@@ -292,79 +288,73 @@ switch ($mode) {
 		$nothingMessage = '';
 		switch ($mode) {
 			case 'list_in':
-				$sql = "SELECT `trans_id`, `from_userid` AS party_userid, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT ".getConfig('transfer_max');
-				$nothingMessage = getMessage('TRANSFER_NO_INCOMING_TRANSFERS');
-				$content['balance'] = getMessage('TRANSFER_TOTAL_INCOMING');
-				$content['title']   = getMessage('TRANSFER_LIST_INCOMING');
+				$sql = 'SELECT `trans_id`, `from_userid` AS party_userid, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT {?transfer_max?}';
+				$nothingMessage     = '{--TRANSFER_NO_INCOMING_TRANSFERS--}';
+				$content['balance'] = '{--TRANSFER_TOTAL_INCOMING--}';
+				$content['title']   = '{--TRANSFER_LIST_INCOMING--}';
 				break;
 
 			case 'list_out':
-				$sql = "SELECT `trans_id`, `to_userid` AS party_userid, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_out` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT ".getConfig('transfer_max');
-				$nothingMessage = getMessage('TRANSFER_NO_OUTGOING_TRANSFERS');
-				$content['balance'] = getMessage('TRANSFER_TOTAL_OUTGOING');
-				$content['title']   = getMessage('TRANSFER_LIST_OUTGOING');
+				$sql = 'SELECT `trans_id`, `to_userid` AS party_userid, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_out` WHERE `userid`=%s ORDER BY `time_trans` DESC LIMIT {?transfer_max?}';
+				$nothingMessage     = '{--TRANSFER_NO_OUTGOING_TRANSFERS--}';
+				$content['balance'] = '{--TRANSFER_TOTAL_OUTGOING--}';
+				$content['title']   = '{--TRANSFER_LIST_OUTGOING--}';
 				break;
 		} // END - switch
 
 		// Run the SQL command and set total points to zero
-		$totalPoints = 0;
-		$result = SQL_QUERY_ESC($sql, array(getUserId()), __FILE__, __LINE__);
+		$totalPoints = '0';
+		$result = SQL_QUERY_ESC($sql, array(getMemberId()), __FILE__, __LINE__);
 
 		// Do we have entries?
-		if (SQL_NUMROWS($result) > 0) {
-			$OUT = ''; $SW = 2;
-			// @TODO This should be somehow rewritten to $row = SQL_FETCHARRAY(), see switch() block above for SQL queries
-			while (list($tid, $userid, $points, $reason, $stamp) = SQL_FETCHROW($result)) {
-				// Rewrite points
-				if ($type == 'OUT') $points = $points . '-';
+		if (!SQL_HASZERONUMS($result)) {
+			$OUT = '';
+			while ($content = SQL_FETCHARRAY($result)) {
+				// Rewrite points, out is subtracted
+				if ($type == 'OUT') {
+					$content['points'] = $content['points'] * -1;
+				} // END - if
 
 				// Prepare content for template
-				// @TODO Rewrite: tid->trans_id,stamp->time_trans
-				$row = array(
-					'sw'     => $SW,
-					'tid'    => $tid,
-					'stamp'  => generateDateTime($stamp, 3),
-					'userid' => $userid,
-					'reason' => $reason,
-					'points' => translateComma($points)
-				);
+				$$content['time_trans'] = generateDateTime($content['time_trans'], 3);
 
 				// Load row template
-				$OUT .= loadTemplate('member_transfer_row2', true, $row);
+				$OUT .= loadTemplate('member_transfer_row2', true, $content);
 
 				// Add points and switch color
-				$totalPoints += $points;
-				$SW = 3 - $SW;
+				$totalPoints += $content['points'];
 			} // END - while
 
 			// Free memory
 			SQL_FREERESULT($result);
 		} else {
 			// Nothing for in or out
-			$OUT = "<tr>
-  <td colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
-    ".loadTemplate('admin_settings_saved', true, $nothingMessage)."
+			$OUT = '<tr>
+  <td colspan="5" align="center" class="bottom">
+    ' . displayMessage($nothingMessage, true) . '
   </td>
-</tr>";
+</tr>';
 		}
 
 		// ... and add them to a constant for the template
 		$content['rows'] = $OUT;
 
 		// Remeber total amount
-		$content['total'] = translateComma($totalPoints);
+		$content['total_points'] = $totalPoints;
 
 		// Load final template
 		loadTemplate('member_transfer_list', false, $content);
 		break;
 
 	case 'list_all': // List all transactions
-		// We fill a temporary table with data from both tables. This is much easier
-		// to code and unstand by you as sub-SELECT queries. I know this is not the
-		// fastest way but it shall be fine for now.
-		//
-		// First of all create the temporary table
-		$result = SQL_QUERY("CREATE TEMPORARY TABLE `{?_MYSQL_PREFIX?}_transfers_tmp` (
+		/*
+		 * Fill a temporary table with data from both tables. This is much
+		 * easier to code and unstandable by you as sub-SELECT queries. I know
+		 * this is not the fastest way but it shall be fine for now.
+		 */
+
+		// First of all create the per-user temporary table
+		$result = SQL_QUERY_ESC("CREATE TEMPORARY TABLE `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (
 `trans_id` VARCHAR(12) NOT NULL DEFAULT '',
 `party_userid` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
 `points` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
@@ -372,15 +362,15 @@ switch ($mode) {
 `time_trans` VARCHAR(10) NOT NULL DEFAULT 0,
 `trans_type` ENUM('IN','OUT') NOT NULL DEFAULT 'IN',
 KEY (`party_userid`)
-) TYPE=HEAP", __FILE__, __LINE__);
+) TYPE = HEAP COMMENT = 'Temporary transfer table'", array(getMemberId()), __FILE__, __LINE__);
 
 		// Let's begin with the incoming list
-		$result = SQL_QUERY_ESC("SELECT `trans_id`, `from_userid`, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `id` ASC LIMIT %s",
-			array(getUserId(), getConfig('transfer_max')), __FILE__, __LINE__);
+		$result = SQL_QUERY_ESC("SELECT `trans_id`, `from_userid`, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_in` WHERE `userid`=%s ORDER BY `id` ASC LIMIT {?transfer_max?}",
+			array(getMemberId()), __FILE__, __LINE__);
 		while ($DATA = SQL_FETCHROW($result)) {
 			$DATA[] = 'IN';
 			$DATA = implode("','", $DATA);
-			$res_temp = SQL_QUERY("INSERT INTO `{?_MYSQL_PREFIX?}_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('".$DATA."')", __FILE__, __LINE__);
+			$res_temp = SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", array(getMemberId()), __FILE__, __LINE__);
 		} // END - while
 
 		// Free memory
@@ -388,66 +378,65 @@ KEY (`party_userid`)
 
 		// As the last table transfer data from outgoing table to temporary
 		$result = SQL_QUERY_ESC("SELECT `trans_id`, `to_userid`, `points`, `reason`, `time_trans` FROM `{?_MYSQL_PREFIX?}_user_transfers_out` WHERE `userid`=%s ORDER BY `id` LIMIT {?transfer_max?}",
-			array(getUserId()), __FILE__, __LINE__);
+			array(getMemberId()), __FILE__, __LINE__);
 		while ($DATA = SQL_FETCHROW($result)) {
 			$DATA[] = 'OUT';
 			$DATA = implode("','", $DATA);
-			$res_temp = SQL_QUERY("INSERT INTO `{?_MYSQL_PREFIX?}_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('".$DATA."')", __FILE__, __LINE__);
+			$res_temp = SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_%s_transfers_tmp` (`trans_id`, `party_userid`, `points`, `reason`, `time_trans`, `trans_type`) VALUES ('" . $DATA . "')", array(getMemberId()), __FILE__, __LINE__);
 		} // END - while
 
 		// Free memory
 		SQL_FREERESULT($result);
 
-		$total = 0;
-		if (SQL_NUMROWS($result) > 0) {
-			// Search for entries
-			$result = SQL_QUERY("SELECT `party_userid`, `trans_id`, `points`, `reason`, `time_trans`, `trans_type` FROM `{?_MYSQL_PREFIX?}_transfers_tmp` ORDER BY `time_trans` DESC",
-				__FILE__, __LINE__);
+		// Search for entries
+		$result = SQL_QUERY_ESC("SELECT `party_userid`, `trans_id`, `points`, `reason`, `time_trans`, `trans_type` FROM `{?_MYSQL_PREFIX?}_%s_transfers_tmp` ORDER BY `time_trans` DESC",
+			array(getMemberId()), __FILE__, __LINE__);
 
+		$total = '0';
+		if (!SQL_HASZERONUMS($result)) {
 			// Output rows
-			$OUT = ''; $SW = 2;
+			$OUT = '';
 			while ($content = SQL_FETCHARRAY($result)) {
-				// Rewrite points
-				if ($content['trans_type'] == 'OUT') $content['points'] = '-'.$content['points']."";
+				// Rewrite points if OUT
+				if ($content['trans_type'] == 'OUT') {
+					$content['points'] = $content['points'] * -1;
+				} // END - if
 
 				// Prepare content for template
-				$content['sw']     = $SW;
 				$content['time']   = generateDateTime($content['time_trans'], 3);
-				$content['points'] = translateComma($content['points']);
 
 				// Load row template
 				$OUT .= loadTemplate('member_transfer_row', true, $content);
 
 				// Add points and switch color
 				$total += $content['points'];
-				$SW = 3 - $SW;
 			} // END - while
-
-			// Free memory
-			SQL_FREERESULT($result);
 		} else {
 			// Nothing for in and out
-			$OUT = "<tr>
-  <td colspan=\"5\" align=\"center\" class=\"bottom2\" height=\"70\">
-    ".loadTemplate('admin_settings_saved', true, getMessage('TRANSFER_NO_INOUT_TRANSFERS'))."
+			$OUT = '<tr>
+  <td colspan="5" align="center" class="bottom">
+    ' . displayMessage('{--TRANSFER_NO_INOUT_TRANSFERS--}', true) . '
   </td>
-</tr>";
+</tr>';
 		}
 
+		// Free memory
+		SQL_FREERESULT($result);
+
 		// ... and add them to a constant for the template
 		$content['rows'] =  $OUT;
 
 		// Remeber total amount
-		$content['total'] = translateComma($total);
+		$content['total_points'] = $total;
 
 		// Set title
-		$content['title'] = getMessage('TRANSFER_LIST_ALL');
+		$content['title'] = '{--TRANSFER_LIST_ALL--}';
 
 		// Set "balance" word
-		$content['balance'] = getMessage('TRANSFER_TOTAL_BALANCE');
+		$content['balance'] = '{--TRANSFER_TOTAL_BALANCE--}';
 
 		// At the end we don't need a temporary table in memory
-		$result = SQL_QUERY("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_transfers_tmp`", __FILE__, __LINE__);
+		$result = SQL_QUERY_ESC("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_%s_transfers_tmp`", array(getMemberId()), __FILE__, __LINE__);
 
 		// Load final template
 		loadTemplate('member_transfer_list', false, $content);
@@ -458,39 +447,36 @@ KEY (`party_userid`)
 
 	default: // Overview page
 		// Check incoming transfers
-		$total = countSumTotalData(getUserId(), 'user_transfers_in', 'id', 'userid', true);
-		$content['in_link'] = $total;
-		if ($total > 0) {
-			$content['in_link'] = "<a href=\"{?URL?}/modules.php?module=login&amp;what=transfer&amp;mode=list_in\">".$total."</a>";
+		$totalIn = countSumTotalData(getMemberId(), 'user_transfers_in', 'id', 'userid', true);
+		$content['in_link'] = $totalIn;
+		if ($totalIn > 0) {
+			$content['in_link'] = '<a href="{%url=modules.php?module=login&amp;what=transfer&amp;mode=list_in%}">' . $totalIn . '</a>';
 		} // END - if
 
 		// Check outgoing transfers
-		$dmy = countSumTotalData(getUserId(), 'user_transfers_out', 'id', 'userid', true);
+		$totalOut = countSumTotalData(getMemberId(), 'user_transfers_out', 'id', 'userid', true);
 
-		// Add to total amount
-		$total += $dmy;
-
-		$content['out_link'] = $dmy;
-		if ($dmy > 0) {
-			$content['out_link'] = "<a href=\"{?URL?}/modules.php?module=login&amp;what=transfer&amp;mode=list_out\">".$dmy."</a>";
+		$content['out_link'] = $totalOut;
+		if ($totalOut > 0) {
+			$content['out_link'] = '<a href="{%url=modules.php?module=login&amp;what=transfer&amp;mode=list_out%}">' . $totalOut . '</a>';
 		} // END - if
 
+		// Add all to total amount
+		$total = $totalIn + $totalOut;
+
 		// Total transactions
 		$content['all_link'] = $total;
 		if ($total > 0) {
-			$content['all_link'] = "<a href=\"{?URL?}/modules.php?module=login&amp;what=transfer&amp;mode=list_all\">".$total."</a>";
+			$content['all_link'] = '<a href="{%url=modules.php?module=login&amp;what=transfer&amp;mode=list_all%}">{%pipe,translateComma=' . $total . '%}</a>';
 		} // END - if
 
 		if (isFormSent()) {
 			// Save settings
 			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `opt_in`='%s' WHERE `userid`=%s LIMIT 1",
-				array(postRequestElement('opt_in'), getUserId()), __FILE__, __LINE__);
-
-			// Rember for next switch() command
-			getUserData('opt_in') = substr(postRequestElement('opt_in'), 0, 1);
+				array(postRequestParameter('opt_in'), getMemberId()), __FILE__, __LINE__);
 
 			// "Settings saved..."
-			loadTemplate('admin_settings_saved', false, "<div class=\"member_done\">{--SETTINGS_SAVED--}</div>");
+			displayMessage('{--SETTINGS_SAVED--}');
 		} // END - if
 
 		// Init entries
@@ -504,11 +490,11 @@ KEY (`party_userid`)
 		// Set 'new transfer' link according to above option
 		switch (getUserData('opt_in')) {
 			case 'Y':
-				$content['new_link'] = "<a href=\"{?URL?}/modules.php?module=login&amp;what=transfer&amp;mode=new\">{--TRANSFER_NOW_LINK--}</a>";
+				$content['new_link'] = '<a href="{%url=modules.php?module=login&amp;what=transfer&amp;mode=new%}" title="{--TRANSFER_NOW_TITLE--}">{--TRANSFER_NOW_LINK--}</a>';
 				break;
 
 			case 'N':
-				$content['new_link'] = getMessage('TRANSFER_PLEASE_ALLOW_OPT_IN');
+				$content['new_link'] = '{--TRANSFER_PLEASE_ALLOW_OPT_IN--}';
 				break;
 		} // END - switch
 
@@ -518,20 +504,20 @@ KEY (`party_userid`)
 FROM
 	`{?_MYSQL_PREFIX?}_user_transfers_out`
 WHERE
-	`time_trans` > (UNIX_TIMESTAMP() - %s) AND `userid`=%s
+	(UNIX_TIMESTAMP() - `time_trans`) >= {?transfer_timeout?} AND
+	`userid`=%s
 ORDER BY
 	`time_trans` DESC
 LIMIT 1",
 			array(
-				getConfig('transfer_timeout'),
-				getUserId()
+				getMemberId()
 			), __FILE__, __LINE__);
 
 		// Do we have an entry?
 		if (SQL_NUMROWS($result) == 1) {
 			// Load newest transaction
 			list($newest) = SQL_FETCHROW($result);
-			$content['settings'] = sprintf(getMessage('TRANSFER_LATEST_IS'), generateDateTime($newest, 3));
+			$content['settings'] = '{%message,TRANSFER_LATEST_IS=' . generateDateTime($newest, '3') . '%}';
 		} else {
 			// Load template
 			$content['settings'] = loadTemplate('member_transfer_settings', true, $content);