X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-transfer.php;h=e1516ea15251bd8b1e339d2a81600553e8bc7c2e;hp=c7130ff3deb2a2add9122177e6be739aa046b70a;hb=56156f6c4392510cdbe0eb4f2ccefc23b43e2672;hpb=7eb9da85bfb337997a58a244cb610c97a8d10c13 diff --git a/inc/modules/member/what-transfer.php b/inc/modules/member/what-transfer.php index c7130ff3de..e1516ea152 100644 --- a/inc/modules/member/what-transfer.php +++ b/inc/modules/member/what-transfer.php @@ -38,7 +38,7 @@ if (!defined('__SECURITY')) { } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); } elseif ((!EXT_IS_ACTIVE("transfer")) && (!IS_ADMIN())) { - ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); + addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "transfer"); return; } @@ -46,8 +46,8 @@ if (!defined('__SECURITY')) { ADD_DESCR("member", __FILE__); // Load data -$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); +$result = SQL_QUERY_ESC("SELECT opt_in FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); list($opt_in) = SQL_FETCHROW($result); // Free memory @@ -66,19 +66,15 @@ case "new": // Start new transfer $total = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points"); // Remember maximum value for template - define('__TRANSFER_MAX_VALUE', round($total - $_CONFIG['transfer_balance'] - 0.5)); + define('__TRANSFER_MAX_VALUE', round($total - getConfig('transfer_balance') - 0.5)); - if (isset($_POST['ok'])) - { + if (isset($_POST['ok'])) { // Add new transfer - if ($_CONFIG['transfer_code'] > 0) - { + if (getConfig('transfer_code') > 0) { // Check for code - $code = GEN_RANDOM_CODE($_CONFIG['transfer_code'], $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); + $code = GEN_RANDOM_CODE(getConfig('transfer_code'), $_POST['code_chk'], $GLOBALS['userid'], __TRANSFER_MAX_VALUE); $valid_code = ($code == $_POST['code']); - } - else - { + } else { // Zero length (= disabled) is always valid! $valid_code = true; } @@ -97,24 +93,22 @@ case "new": // Start new transfer // Check for nickname extension and set additional data $nick = false; $ADD = ", userid"; - if (EXT_IS_ACTIVE("nickname")) - { + if (EXT_IS_ACTIVE("nickname")) { $ADD = ", nickname"; $nick = true; } + // Re-check receivers and own personal data - $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", - array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email".$ADD." FROM `"._MYSQL_PREFIX."_user_data` WHERE userid IN ('%s','%s') AND status='CONFIRMED' ORDER BY userid LIMIT 2", + array($GLOBALS['userid'], bigintval($_POST['to_uid'])), __FILE__, __LINE__); $valid_data = (SQL_NUMROWS($result) == 2); - if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) - { + if ($valid_code && $valid_pass && $valid_amount && $valid_reason && $valid_recipient) { // Let's start the transfer and load user data list($uid1, $gender1, $sname1, $fname1, $email1, $nick1) = SQL_FETCHROW($result); list($uid2, $gender2, $sname2, $fname2, $email2, $nick2) = SQL_FETCHROW($result); SQL_FREERESULT($result); - if ($uid1 == $GLOBALS['userid']) - { + if ($uid1 == $GLOBALS['userid']) { // Data row 1 is sender's data define('__SENDER_GENDER' , TRANSLATE_GENDER($gender1)); define('__SENDER_NICK' , $nick1); @@ -131,9 +125,7 @@ case "new": // Start new transfer // Prepare variables for testing $TEST_NICK_SENDER = $nick1; $TEST_NICK_REC = $nick2; - } - else - { + } else { // Data row 2 is sender's data define('__SENDER_GENDER' , TRANSLATE_GENDER($gender2)); define('__SENDER_NICK' , $nick2); @@ -151,51 +143,47 @@ case "new": // Start new transfer $TEST_NICK_SENDER = $nick2; $TEST_NICK_REC = $nick1; } + // Sender's UID is always currently stored in cookie userid... define('__SENDER_UID' , $GLOBALS['userid']); define('__RECIPIENT_UID' , $_POST['to_uid']); $SENDER = __SENDER_UID; $RECIPIENT = __RECIPIENT_UID; - if ($nick) - { - if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER))) - { + if ($nick) { + if (($TEST_NICK_SENDER != __SENDER_UID) && (!empty($TEST_NICK_SENDER))) { $SENDER = __SENDER_NICK; } - if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC))) - { + + if (($TEST_NICK_REC != __RECIPIENT_UID) && (!empty($TEST_NICK_REC))) { $RECIPIENT = __RECIPIENT_NICK; } } // Remember transfer reason and fancy date/time in constants define('__TRANSFER_REASON', $_POST['reason']); - if (function_exists('CREATE_FANCY_TIME')) - { - define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME($_CONFIG['transfer_age'])); - } - else - { - define('__TRANSFER_EXPIRES', round($_CONFIG['transfer_age']/60/60/24)." ".DAYS); + if (function_exists('CREATE_FANCY_TIME')) { + define('__TRANSFER_EXPIRES', CREATE_FANCY_TIME(getConfig('transfer_age'))); + } else { + define('__TRANSFER_EXPIRES', round(getConfig('transfer_age')/60/60/24)." ".DAYS); } // Generate tranafer id define('__TRANS_ID', bigintval(GEN_RANDOM_CODE("10", mt_rand(0, 99999), $GLOBALS['userid'], $_POST['reason']))); // Add entries to both tables - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID), __FILE__, __LINE__); - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", + SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')", array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID), __FILE__, __LINE__); // Add points to account *directly* ... - ADD_POINTS_REFSYSTEM(bigintval($_POST['to_uid']), bigintval($_POST['points']), false, "0", false, "direct"); + ADD_POINTS_REFSYSTEM("member_transfer", bigintval($_POST['to_uid']), bigintval($_POST['points']), false, "0", false, "direct"); // ... and add it to current user's used points - SUB_POINTS($GLOBALS['userid'], $_POST['points']); + SUB_POINTS("transfer", $GLOBALS['userid'], $_POST['points']); // First send email to recipient $msg = LOAD_EMAIL_TEMPLATE("member_transfer_recipient", "", __RECIPIENT_UID); @@ -210,107 +198,84 @@ case "new": // Start new transfer SEND_ADMIN_NOTIFICATION($ADMIN_SUBJ, "admin_transfer_points"); // Transfer is completed - LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW.""); - } - elseif (!$valid_code) - { + LOAD_TEMPLATE("admin_settings_saved", false, TRANSFER_COMPLETED."
".TRANSFER_CONTINUE_OVERVIEW.""); + } elseif (!$valid_code) { // Invalid Touring code! - OUTPUT_HTML("

".TRANSFER_INVALID_CODE."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_CODE."
"); unset($_POST['ok']); - } - elseif (!$valid_pass) - { + } elseif (!$valid_pass) { // Wrong password entered - OUTPUT_HTML("

".TRANSFER_INVALID_PASSWORD."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_PASSWORD."
"); unset($_POST['ok']); - } - elseif (!$valid_amount) - { + } elseif (!$valid_amount) { // Too much points entered - OUTPUT_HTML("

".TRANSFER_INVALID_POINTS."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_POINTS."
"); unset($_POST['ok']); - } - elseif (!$valid_reason) - { + } elseif (!$valid_reason) { // No transfer reason entered - OUTPUT_HTML("

".TRANSFER_INVALID_REASON."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_REASON."
"); unset($_POST['ok']); - } - elseif (!$valid_recipient) - { + } elseif (!$valid_recipient) { // No recipient selected - OUTPUT_HTML("

".TRANSFER_INVALID_RECIPIENT."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_RECIPIENT."
"); unset($_POST['ok']); - } - elseif (!$valid_data) - { + } elseif (!$valid_data) { // No recipient selected - OUTPUT_HTML("

".TRANSFER_INVALID_DATA."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".TRANSFER_INVALID_DATA."
"); unset($_POST['ok']); } } - if (!isset($_POST['ok'])) - { + + if (!isset($_POST['ok'])) { // Load member list - if (EXT_IS_ACTIVE("nickname")) - { + if (EXT_IS_ACTIVE("nickname")) { // Load userid and nickname - $result = SQL_QUERY_ESC("SELECT userid, nickname FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", + $result = SQL_QUERY_ESC("SELECT userid, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", array($GLOBALS['userid']), __FILE__, __LINE__); - } - else - { + } else { // Load only userid - $result = SQL_QUERY_ESC("SELECT userid, userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", + $result = SQL_QUERY_ESC("SELECT userid, userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' AND opt_in='Y' AND userid != '%s' ORDER BY userid", array($GLOBALS['userid']), __FILE__, __LINE__); } - if (SQL_NUMROWS($result) > 0) - { + + if (SQL_NUMROWS($result) > 0) { // Load list - $OUT = " ".$img); - } - else - { + } else { $code = "00000"; define('__TRANSFER_IMAGE_INPUT', TRANSFER_NO_CODE); } @@ -337,14 +302,14 @@ case "list_out": // List only outgoing transactions switch ($MODE) { case "list_in": - $SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY time_trans DESC LIMIT ".$_CONFIG['transfer_max']; + $SQL = "SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); $NOTHING = TRANSFER_NO_INCOMING_TRANSFERS; define('__TRANSFER_SUM', TRANSFER_TOTAL_INCOMING); define('__TRANSFER_TITLE', TRANSFER_LIST_INCOMING); break; case "list_out": - $SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY time_trans DESC LIMIT ".$_CONFIG['transfer_max']; + $SQL = "SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY time_trans DESC LIMIT ".getConfig('transfer_max'); $NOTHING = TRANSFER_NO_OUTGOING_TRANSFERS; define('__TRANSFER_SUM', TRANSFER_TOTAL_OUTGOING); define('__TRANSFER_TITLE', TRANSFER_LIST_OUTGOING); @@ -354,27 +319,25 @@ case "list_out": // List only outgoing transactions // Run the SQL command $total = 0; $result = SQL_QUERY_ESC($SQL, array($GLOBALS['userid']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) > 0) - { + if (SQL_NUMROWS($result) > 0) { $OUT = ""; $SW = 2; - while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result)) - { + while (list($tid, $uid, $points, $reason, $stamp) = SQL_FETCHROW($result)) { if ($type == "OUT") $points = "$points-"; $OUT .= " - ".$tid." +
".$tid."
- ".MAKE_DATETIME($stamp, "3")." +
".MAKE_DATETIME($stamp, "3")."
- ".$uid." +
".$uid."
- ".$reason." +
".$reason."
- ".$points." +
".$points."
\n"; $total += $points; @@ -383,9 +346,7 @@ case "list_out": // List only outgoing transactions // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Nothing for in or out $OUT = " @@ -422,9 +383,8 @@ KEY(party_uid) // Let's begin with the incoming list $result = SQL_QUERY_ESC("SELECT trans_id, from_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_in WHERE userid=%s ORDER BY id LIMIT %s", -array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) - { +array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { $DATA[] = "IN"; $DATA = implode("','", $DATA); $res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); @@ -435,9 +395,8 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); // As the last table transfer data from outgoing table to temporary $result = SQL_QUERY_ESC("SELECT trans_id, to_uid, points, reason, time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE userid=%s ORDER BY id LIMIT %s", -array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); - while ($DATA = SQL_FETCHROW($result)) - { +array($GLOBALS['userid'], getConfig('transfer_max')), __FILE__, __LINE__); + while ($DATA = SQL_FETCHROW($result)) { $DATA[] = "OUT"; $DATA = implode("','", $DATA); $res_temp = SQL_QUERY("INSERT INTO "._MYSQL_PREFIX."_transfers_tmp (trans_id, party_uid, points, reason, time_trans, trans_type) VALUES ('".$DATA."')", __FILE__, __LINE__); @@ -447,29 +406,27 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); SQL_FREERESULT($result); $total = 0; - if (SQL_NUMROWS($result) > 0) - { + if (SQL_NUMROWS($result) > 0) { // Output rows $OUT = ""; $SW = 2; $result = SQL_QUERY("SELECT party_uid, trans_id, points, reason, time_trans, trans_type FROM "._MYSQL_PREFIX."_transfers_tmp ORDER BY time_trans DESC", __FILE__, __LINE__); - while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result)) - { + while(list($uid, $idx, $points, $reason, $stamp, $type) = SQL_FETCHROW($result)) { if ($type == "OUT") $points = "-$points"; $OUT .= " - ".$idx." +
".$idx."
- ".MAKE_DATETIME($stamp, "3")." +
".MAKE_DATETIME($stamp, "3")."
- ".$uid." +
".$uid."
- ".$reason." +
".$reason."
- ".$points." +
".$points."
\n"; $total += $points; @@ -478,9 +435,7 @@ array($GLOBALS['userid'], $_CONFIG['transfer_max']), __FILE__, __LINE__); // Free memory SQL_FREERESULT($result); - } - else - { + } else { // Nothing for in and out $OUT = " @@ -518,12 +473,9 @@ case "": // Overview page SQL_FREERESULT($result); $total=$dmy; - if ($dmy > 0) - { - define('__TRANSFER_IN_LINK', "".$dmy.""); - } - else - { + if ($dmy > 0) { + define('__TRANSFER_IN_LINK', "".$dmy.""); + } else { define('__TRANSFER_IN_LINK', $dmy); } @@ -533,46 +485,40 @@ case "": // Overview page SQL_FREERESULT($result); $total+=$dmy; - if ($dmy > 0) - { - define('__TRANSFER_OUT_LINK', "".$dmy.""); - } - else - { + if ($dmy > 0) { + define('__TRANSFER_OUT_LINK', "".$dmy.""); + } else { define('__TRANSFER_OUT_LINK', $dmy); } // Total transactions - if ($total > 0) - { - define('__TRANSFER_ALL_LINK', "".$total.""); - } - else - { + if ($total > 0) { + define('__TRANSFER_ALL_LINK', "".$total.""); + } else { define('__TRANSFER_ALL_LINK', $total); } if (isset($_POST['ok'])) { // Save settings - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET opt_in='%s' WHERE userid=%s LIMIT 1", - array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET opt_in='%s' WHERE userid=%s LIMIT 1", + array($_POST['opt_in'], $GLOBALS['userid']), __FILE__, __LINE__); // Rember for next switch() command $opt_in = $_POST['opt_in']; // "Settings saved..." - OUTPUT_HTML("

".SETTINGS_SAVED."

"); + LOAD_TEMPLATE("admin_settings_saved", false, "
".SETTINGS_SAVED."
"); } switch ($opt_in) { - case 'Y': + case "Y": define('__TRANSFER_ALLOW_Y', " checked=\"checked\""); define('__TRANSFER_ALLOW_N', ""); - define('__TRANSFER_NEW_LINK', "".TRANSFER_NOW_LINK.""); + define('__TRANSFER_NEW_LINK', "".TRANSFER_NOW_LINK.""); break; - case 'N': + case "N": define('__TRANSFER_ALLOW_Y', ""); define('__TRANSFER_ALLOW_N', " checked=\"checked\""); define('__TRANSFER_NEW_LINK', TRANSFER_PLEASE_ALLOW_OPT_IN); @@ -580,7 +526,11 @@ case "": // Overview page } // Check for latest out-transfers - $result = SQL_QUERY_ESC("SELECT time_trans FROM "._MYSQL_PREFIX."_user_transfers_out WHERE time_trans > (UNIX_TIMESTAMP() - ".$_CONFIG['transfer_timeout'].") AND userid=%s ORDER BY time_trans DESC LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT time_trans +FROM "._MYSQL_PREFIX."_user_transfers_out +WHERE time_trans > (UNIX_TIMESTAMP() - %s) AND userid=%s +ORDER BY time_trans DESC +LIMIT 1", array(getConfig('transfer_timeout'), $GLOBALS['userid']), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Load template define('__TRANSFER_SETTINGS_CONTENT', LOAD_TEMPLATE("member_transfer_settings", true));