X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=59d36bc655c7eeef9a58ca7d21c3ed6ba0a2203a;hp=13386b10d4a2c275e9a8835be964cd950592f887;hb=82d53dfb7f59fa1e37bd500e3db3d10a9d4a78da;hpb=4d6226782aa4ba157dca8c3891412ba50159481f diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index 13386b10d4..59d36bc655 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -32,17 +32,12 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} - elseif (!IS_LOGGED_IN()) -{ - LOAD_URL(URL."/modules.php?module=index"); -} - elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) -{ +} elseif (!IS_MEMBER()) { + LOAD_URL("modules.php?module=index"); +} elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); return; } @@ -51,7 +46,7 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) ADD_DESCR("member", basename(__FILE__)); // Load data -$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", +$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); list($opt_in) = SQL_FETCHROW($result); @@ -62,33 +57,33 @@ $MODE = ""; if (!empty($_GET['mode'])) $MODE = $_GET['mode']; // Check for "faker" -if (($opt_in == 'N') && ($MODE == "new")) $MODE = ""; +if (($opt_in == "N") && ($MODE == "new")) $MODE = ""; switch ($MODE) { case "new": // Start new transfer // Get total points and subtract the balance amount from it = maximum transferable points - $result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND points > 0", + $result = SQL_QUERY_ESC("SELECT SUM(points) FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND points > 0", array($GLOBALS['userid']), __FILE__, __LINE__); list($total) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Get totally used points and password - $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT used_points, password FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); list($used, $pass) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Remember maximum value for template - define('__TRANSFER_MAX_VALUE', round($total - $used - $CONFIG['transfer_balance'] - 0.5)); + define('__TRANSFER_MAX_VALUE', round($total - $used - $_CONFIG['transfer_balance'] - 0.5)); if (isset($_POST['ok'])) { // Add new transfer - if ($CONFIG['transfer_code'] > 0) + if ($_CONFIG['transfer_code'] > 0) { // Check for code - $code = GEN_RANDOM_CODE($CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); + $code = GEN_RANDOM_CODE($_CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); $valid_code = ($code == $_POST['code']); } else @@ -117,26 +112,26 @@ case "new": // Start new transfer $nick = true; } // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, sex, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s', '%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); $valid_data = (SQL_NUMROWS($result) == 2); if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { // Let's start the transfer and load user data - list($uid1, $sex1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); - list($uid2, $sex2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); + list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); + list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); SQL_FREERESULT($result); if ($uid1 == $GLOBALS['userid']) { // Data row 1 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex1)); + define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1)); define('__SENDER_NICK' , $nick1); define('__SENDER_SNAME' , $sname1); define('__SENDER_FNAME' , $fname1); define('__SENDER_EMAIL' , $email1); // Data row 2 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex2)); + define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender2)); define('__RECIPIENT_NICK' , $nick2); define('__RECIPIENT_SNAME', $sname2); define('__RECIPIENT_FNAME', $fname2); @@ -149,13 +144,13 @@ case "new": // Start new transfer else { // Data row 2 is sender's data - define('__SENDER_SEX' , TRANSLATE_SEX($sex2)); + define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2)); define('__SENDER_NICK' , $nick2); define('__SENDER_SNAME' , $sname2); define('__SENDER_FNAME' , $fname2); define('__SENDER_EMAIL' , $email2); // Data row 1 is recpient's data - define('__RECIPIENT_SEX' , TRANSLATE_SEX($sex1)); + define('__RECIPIENT_GENDER' , TRANSLATE_GENDER($gender1)); define('__RECIPIENT_NICK' , $nick1); define('__RECIPIENT_SNAME', $sname1); define('__RECIPIENT_FNAME', $fname1); @@ -187,11 +182,11 @@ case "new": // Start new transfer define('__TRANSFER_REASON', $_POST['reason']); if (function_exists('CREATE_FANCY_TIME')) { - define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($CONFIG['transfer_age'])); + define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($_CONFIG['transfer_age'])); } else { - define('__TRANSFER_EXPIRES', round($CONFIG['transfer_age']/60/60/24)." ".DAYS); + define('__TRANSFER_EXPIRES', round($_CONFIG['transfer_age']/60/60/24)." ".DAYS); } // Generate tranafer id @@ -206,12 +201,11 @@ case "new": // Start new transfer __FILE__, __LINE__); // Add points to account *directly* ... - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%d AND ref_depth=0 LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+%s WHERE userid=%s AND ref_depth=0 LIMIT 1", array(bigintval($_POST['points']), bigintval($_POST['to_uid'])), __FILE__, __LINE__); // ... and add it to current user's used points - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1", - array(bigintval($_POST['points']), $GLOBALS['userid']), __FILE__, __LINE__); + SUB_POINTS($GLOBALS['userid'], $_POST['points']); // First send email to recipient $msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", __RECIPIENT_UID); @@ -222,21 +216,11 @@ case "new": // Start new transfer SEND_EMAIL(__SENDER_EMAIL, TRANSFER_MEMBER_SENDER_SUBJ.": ".$RECIPIENT, $msg); // At last send admin mail(s) - $ADMIN_SUBJ = TRANSFER_ADMIN_SUBJECT." (".$SENDER."->".$RECIPIENT.")"; - if (GET_EXT_VERSION("admins") >= "0.4.1") - { - SEND_ADMIN_EMAILS_PRO($ADMIN_SUBJ, "admin_transfer_points"); - } - else - { - $msg = LOAD_EMAIL_TEMPLATE("admin_transfer_points"); - SEND_ADMIN_EMAILS($ADMIN_SUBJ, $msg); - } + $ADMIN_SUBJ = sprintf("%s (%s->%s)", TRANSFER_ADMIN_SUBJECT, $SENDER, $RECIPIENT); + SEND_ADMIN_NOTIFICATION($ADMIN_SUBJ, "admin_transfer_points"); // Transfer is completed - OUTPUT_HTML("
");
- LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW."");
- OUTPUT_HTML("