X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=a615d259e71b7b59cce8e965aa1fa609f424e2c4;hp=7af1122af8a3bd185fb0bfbb7c664c784cd9d413;hb=701f5ac005404813e0e546102b5821f2ba2af522;hpb=d6834211baacaa54b282898fe54dc8c1511f046b diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index 7af1122af8..a615d259e7 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -37,8 +37,8 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); -} elseif (!EXT_IS_ACTIVE("transfer")) - ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); +} elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) { + addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); return; } @@ -46,8 +46,8 @@ if (!defined('__SECURITY')) { ADD_DESCR("member", __FILE__); // Load data -$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); +$result = SQL_QUERY_ESC("SELECT opt_in FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); list($opt_in) = SQL_FETCHROW($result); // Free memory @@ -66,19 +66,15 @@ case "new": // Start new transfer $total = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points"); // Remember maximum value for template - define('__TRANSFER_MAX_VALUE', round($total - $_CONFIG['transfer_balance'] - 0.5)); + define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5)); - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Add new transfer - if ($_CONFIG['transfer_code'] > 0) - { + if (getConfig('transfer_code') > 0) { // Check for code - $code = GEN_RANDOM_CODE($_CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); + $code = GEN_RANDOM_CODE(getConfig('transfer_code'), $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); $valid_code = ($code == $_POST['code']); - } - else - { + } else { // Zero length (= disabled) is always valid! $valid_code = true; } @@ -97,24 +93,22 @@ case "new": // Start new transfer // Check for nickname extension and set additional data $nick = false; $ADD = ", userid"; - if (EXT_IS_ACTIVE("nickname")) - { + if (EXT_IS_ACTIVE("nickname")) { $ADD = ", nickname"; $nick = true; } + // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", - array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM `"._MYSQL_PREFIX."_user_data` WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", + array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); $valid_data = (SQL_NUMROWS($result) == 2); - if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) - { + if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { // Let's start the transfer and load user data list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); SQL_FREERESULT($result); - if ($uid1 == $GLOBALS['userid']) - { + if ($uid1 == $GLOBALS['userid']) { // Data row 1 is sender's data define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1)); define('__SENDER_NICK' , $nick1); @@ -131,9 +125,7 @@ case "new": // Start new transfer // Prepare variables for testing $TEST_NICK_SENDER = $nick1; $TEST_NICK_REC = $nick2; - } - else - { + } else { // Data row 2 is sender's data define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2)); define('__SENDER_NICK' , $nick2); @@ -151,43 +143,35 @@ case "new": // Start new transfer $TEST_NICK_SENDER = $nick2; $TEST_NICK_REC = $nick1; } + // Sender's UID is always currently stored in cookie userid... define('__SENDER_UID' , $GLOBALS['userid']); define('__RECIPIENT_UID' , $_POST['to_uid']); $SENDER = __SENDER_UID; $RECIPIENT = __RECIPIENT_UID; - if ($nick) - { - if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER))) - { + if ($nick) { + if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER))) { $SENDER = __SENDER_NICK; } - if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC))) - { + + if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC))) { $RECIPIENT = __RECIPIENT_NICK; } } // Remember transfer reason and fancy date/time in constants define('__TRANSFER_REASON', $_POST['reason']); - if (function_exists('CREATE_FANCY_TIME')) - { - define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($_CONFIG['transfer_age'])); - } - else - { - define('__TRANSFER_EXPIRES', round($_CONFIG['transfer_age']/60/60/24)." ".DAYS); - } + define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME(getConfig('transfer_age'))); // Generate tranafer id define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", mt_rand(0, 99999), $GLOBALS['userid'], $_POST['reason']))); // Add entries to both tables - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID), __FILE__, __LINE__); - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID), __FILE__, __LINE__); @@ -210,107 +194,84 @@ case "new": // Start new transfer SEND_ADMIN_NOTIFICATION($ADMIN_SUBJ, "admin_transfer_points"); // Transfer is completed - LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW.""); - } - elseif (!$valid_code) - { + LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW.""); + } elseif (!$valid_code) { // Invalid Touring code! - OUTPUT_HTML("

".TRANSFER_INVALID_CODE."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_CODE."
"); unset($_POST['ok']); - } - elseif (!$valid_pass) - { + } elseif (!$valid_pass) { // Wrong password entered - OUTPUT_HTML("

".TRANSFER_INVALID_PASSWORD."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_PASSWORD."
"); unset($_POST['ok']); - } - elseif (!$valid_amount) - { + } elseif (!$valid_amount) { // Too much points entered - OUTPUT_HTML("

".TRANSFER_INVALID_POINTS."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_POINTS."
"); unset($_POST['ok']); - } - elseif (!$valid_reason) - { + } elseif (!$valid_reason) { // No transfer reason entered - OUTPUT_HTML("

".TRANSFER_INVALID_REASON."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_REASON."
"); unset($_POST['ok']); - } - elseif (!$valid_recipient) - { + } elseif (!$valid_recipient) { // No recipient selected - OUTPUT_HTML("

".TRANSFER_INVALID_RECIPIENT."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_RECIPIENT."
"); unset($_POST['ok']); - } - elseif (!$valid_data) - { + } elseif (!$valid_data) { // No recipient selected - OUTPUT_HTML("

".TRANSFER_INVALID_DATA."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_DATA."
"); unset($_POST['ok']); } } - if (!isset($_POST['ok'])) - { + + if (!isset($_POST['ok'])) { // Load member list - if (EXT_IS_ACTIVE("nickname")) - { + if (EXT_IS_ACTIVE("nickname")) { // Load userid and nickname - $result = SQL_QUERY_ESC("SELECT userid, nickname FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", + $result = SQL_QUERY_ESC("SELECT userid, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", array($GLOBALS['userid']), __FILE__, __LINE__); - } - else - { + } else { // Load only userid - $result = SQL_QUERY_ESC("SELECT userid, userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", + $result = SQL_QUERY_ESC("SELECT userid, userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", array($GLOBALS['userid']), __FILE__, __LINE__); } - if (SQL_NUMROWS($result) > 0) - { + + if (SQL_NUMROWS($result) > 0) { // Load list - $OUT = " ".$img); - } - else - { + } else { $code = "00000"; define('__TRANSFER_IMAGE_INPUT', TRANSFER_NO_CODE); } @@ -337,14 +298,14 @@ case "list_out": // List only outgoing transactions switch ($MODE) { case "list_in": - $SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY time_trans DESC LIMIT ".$_CONFIG['transfer_max']; + $SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); $NOTHING = TRANSFER_NO_INCOMING_TRANSFERS; define('__TRANSFER_SUM', TRANSFER_TOTAL_INCOMING); define('__TRANSFER_TITLE', TRANSFER_LIST_INCOMING); break; case "list_out": - $SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY time_trans DESC LIMIT ".$_CONFIG['transfer_max']; + $SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); $NOTHING = TRANSFER_NO_OUTGOING_TRANSFERS; define('__TRANSFER_SUM', TRANSFER_TOTAL_OUTGOING); define('__TRANSFER_TITLE', TRANSFER_LIST_OUTGOING); @@ -354,27 +315,25 @@ case "list_out": // List only outgoing transactions // Run the SQL command $total = 0; $result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) > 0) - { + if (SQL_NUMROWS($result) > 0) { $OUT = ""; $SW = 2; - while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result)) - { + while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result)) { if ($type == "OUT") $points = "$points-"; $OUT .= " - ".$tid." +
".$tid."
- ".MAKE_DATETIME($stamp, "3")." +
".MAKE_DATETIME($stamp, "3")."
- ".$uid." +
".$uid."
- ".$reason." +
".$reason."
- ".$points." +
".$points."
\n"; $total += $points; @@ -383,9 +342,7 @@ case "list_out": // List only outgoing transactions // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Nothing for in or out $OUT = " @@ -422,9 +379,8 @@ KEY(party_uid) // Let's begin with the incoming list $result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY id LIMIT %s", -array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) - { +array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { $DATA[] = "IN"; $DATA = implode("','", $DATA); $res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); @@ -435,9 +391,8 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); // As the last table transfer data from outgoing table to temporary $result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY id LIMIT %s", -array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) - { +array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { $DATA[] = "OUT"; $DATA = implode("','", $DATA); $res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); @@ -447,29 +402,27 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); SQL_FREERESULT($result); $total = 0; - if (SQL_NUMROWS($result) > 0) - { + if (SQL_NUMROWS($result) > 0) { // Output rows $OUT = ""; $SW = 2; $result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__); - while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result)) - { + while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result)) { if ($type == "OUT") $points = "-$points"; $OUT .= " - ".$idx." +
".$idx."
- ".MAKE_DATETIME($stamp, "3")." +
".MAKE_DATETIME($stamp, "3")."
- ".$uid." +
".$uid."
- ".$reason." +
".$reason."
- ".$points." +
".$points."
\n"; $total += $points; @@ -478,9 +431,7 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Nothing for in and out $OUT = " @@ -518,12 +469,9 @@ case "": // Overview page SQL_FREERESULT($result); $total=$dmy; - if ($dmy > 0) - { - define('__TRANSFER_IN_LINK', "".$dmy.""); - } - else - { + if ($dmy > 0) { + define('__TRANSFER_IN_LINK', "".$dmy.""); + } else { define('__TRANSFER_IN_LINK', $dmy); } @@ -533,46 +481,40 @@ case "": // Overview page SQL_FREERESULT($result); $total+=$dmy; - if ($dmy > 0) - { - define('__TRANSFER_OUT_LINK', "".$dmy.""); - } - else - { + if ($dmy > 0) { + define('__TRANSFER_OUT_LINK', "".$dmy.""); + } else { define('__TRANSFER_OUT_LINK', $dmy); } // Total transactions - if ($total > 0) - { - define('__TRANSFER_ALL_LINK', "".$total.""); - } - else - { + if ($total > 0) { + define('__TRANSFER_ALL_LINK', "".$total.""); + } else { define('__TRANSFER_ALL_LINK', $total); } if (isset($_POST['ok'])) { // Save settings - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET opt_in='%s' WHERE userid=%s LIMIT 1", - array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1", + array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__); // Rember for next switch() command $opt_in = $_POST['opt_in']; // "Settings saved..." - OUTPUT_HTML("

".SETTINGS_SAVED."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".SETTINGS_SAVED."
"); } switch ($opt_in) { - case 'Y': + case "Y": define('__TRANSFER_ALLOW_Y', " checked=\"checked\""); define('__TRANSFER_ALLOW_N', ""); - define('__TRANSFER_NEW_LINK', "".TRANSFER_NOW_LINK.""); + define('__TRANSFER_NEW_LINK', "".TRANSFER_NOW_LINK.""); break; - case 'N': + case "N": define('__TRANSFER_ALLOW_Y', ""); define('__TRANSFER_ALLOW_N', " checked=\"checked\""); define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN); @@ -580,7 +522,11 @@ case "": // Overview page } // Check for latest out-transfers - $result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > (UNIX_TIMESTAMP() - ".$_CONFIG['transfer_timeout'].") AND userid=%s ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT time_trans +FROM "._MYSQL_PREFIX."_user_transfers_out +WHERE time_trans > (UNIX_TIMESTAMP() - %s) AND userid=%s +ORDER BY time_trans DESC +LIMIT 1", array(getConfig('transfer_timeout'), $GLOBALS['userid']), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Load template define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));