X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Forder.php;h=d320cbddae7fea9a354d87acc752d1518011de1b;hp=bd0d656cf95a30034cc59811c247ef119cf4fd17;hb=f7f6e55ee0d90558ad773ce6168767c0af816696;hpb=75ad748a68473ace540251427a74fb781b1145e9 diff --git a/inc/modules/order.php b/inc/modules/order.php index bd0d656cf9..d320cbddae 100644 --- a/inc/modules/order.php +++ b/inc/modules/order.php @@ -33,64 +33,49 @@ // Some security stuff... $URL = ""; -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} - elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) -{ +} elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order"); return; -} - elseif (!IS_LOGGED_IN()) -{ +} elseif (!IS_MEMBER()) { // Sorry, no guest access! $URL = URL."/modules.php?module=index"; -} - elseif (empty($_GET['order'])) -{ +} elseif (empty($_GET['order'])) { // You cannot call this module directly! $URL = URL."/modules.php?module=login&what=order"; } // When URL is empty nothing bad happend here -if (empty($URL)) -{ +if (empty($URL)) { // Is the auto-send mechanism active or inactive? - if ($CONFIG['autosend_active'] == "Y") - { + if ($_CONFIG['autosend_active'] == "Y") { // Auto-send is active define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_ACTIVE)); define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_ACTIVE)); - $TYPE = "NEW"; - } - else - { + $type = "NEW"; + } else { // Auto-send is inactive define('ADMIN_AUTOSEND', COMPILE_CODE(ADMIN_AUTOSEND_INACTIVE)); define('MEMBER_AUTOSEND', COMPILE_CODE(MEMBER_AUTOSEND_INACTIVE)); - $TYPE = "ADMIN"; + $type = "ADMIN"; } // Update sending pool - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%d AND sender=%d AND data_type='TEMP' LIMIT 1", - array($TYPE, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1", + array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__); // Finally is the entry valid? - if (SQL_AFFECTEDROWS($link) == 1) - { - // Update his login data - UPDATE_LOGIN_DATA(); - + if (SQL_AFFECTEDROWS() == 1) { // Load personal data... - $result = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); - list($sex, $sname, $fname, $email) = SQL_FETCHROW($result); + list($gender, $sname, $fname, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Load mail again... 0 1 2 3 4 5 6 7 - $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%d AND sender=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s LIMIT 1", array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__); $DATA = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -101,44 +86,34 @@ if (empty($URL)) // Update used points $ADD = ""; - if ($CONFIG['order_max'] == "ORDER") $ADD = ", mail_orders=mail_orders+1"; - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s".$ADD." WHERE userid=%d LIMIT 1", - array($USED, $GLOBALS['userid']), __FILE__, __LINE__); + if ($_CONFIG['order_max_full'] == "ORDER") $ADD = ", mail_orders=mail_orders+1"; + SUB_POINTS($GLOBALS['userid'], $USED); - // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") - { - // Update database - MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $USED); - } + // Prepare content + $content = array( + 'blocks' => $_CONFIG['max_send'], + 'subject' => $DATA[0], + 'text' => $DATA[1], + 'payment' => GET_PAYMENT($DATA[3]), + 'category' => GET_CATEGORY($DATA[6]), + 'url' => $DATA[5] + ); // Send an email to the user - $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", "", $GLOBALS['userid']); + $msg_mem = LOAD_EMAIL_TEMPLATE("order-member", $content, $GLOBALS['userid']); SEND_EMAIL($email, MEMBER_NEW_QUEUE, $msg_mem); // Notify admins about this - if (GET_EXT_VERSION("admins") >= "0.4.1") - { - SEND_ADMIN_EMAILS_PRO(ADMIN_NEW_QUEUE, "order-admin", "", $GLOBALS['userid']); - } - else - { - $msg_admin = LOAD_EMAIL_TEMPLATE("order-admin", "", $GLOBALS['userid']); - SEND_ADMIN_EMAILS(ADMIN_NEW_QUEUE, $msg_admin); - } + SEND_ADMIN_NOTIFICATION(ADMIN_NEW_QUEUE, "order-admin", $content, $GLOBALS['userid']); // Output back bottom LOAD_TEMPLATE("member_order-back", false); - } - else - { + } else { // Matching line not found or already "placed" in send queue $URL = URL."/modules.php?module=login"; LOAD_URL($URL); } -} - else -{ +} else { // Redirect... LOAD_URL($URL); }