Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
175 lines (158 sloc) 6.38 KB
<?php
// translator ready
// addnews ready
// mail ready
require_once("common.php");
require_once("lib/http.php");
require_once("lib/systemmail.php");
check_su_access(SU_EDIT_DONATIONS);
tlschema("donation");
page_header("Donator's Page");
require_once("lib/superusernav.php");
superusernav();
$ret=httpget('ret');
$return = cmd_sanitize($ret);
$return = substr($return,strrpos($return,"/")+1);
tlschema("nav");
addnav("Return whence you came",$return);
tlschema();
$add = translate_inline("Add Donation");
rawoutput("<form action='donators.php?op=add1&ret=".rawurlencode($ret)."' method='POST'>");
addnav("","donators.php?op=add1&ret=".rawurlencode($ret)."");
$name = httppost("name");
if ($name=="") $name = httpget("name");
$amt = httppost("amt");
if ($amt=="") $amt = httpget("amt");
$reason = httppost("reason");
if ($reason=="") $reason = httpget("reason");
$txnid = httppost("txnid");
if ($txnid=="") $txnid = httpget("txnid");
if ($reason == "") $reason = translate_inline("manual donation entry");
output("`bAdd Donation Points:`b`n");
output("Character: ");
rawoutput("<input name='name' value=\"".htmlentities($name, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."\">");
output("`nPoints: ");
rawoutput("<input name='amt' size='3' value=\"".htmlentities($amt, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."\">");
output("`nReason: ");
rawoutput("<input name='reason' size='30' value=\"".htmlentities($reason, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."\">");
rawoutput("<input type='hidden' name='txnid' value=\"".htmlentities($txnid, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."\">");
output_notl("`n");
if ($txnid>"") output("For transaction: %s`n",$txnid);
rawoutput("<input type='submit' class='button' value='$add'>");
rawoutput("</form>");
addnav("Donations");
if (($session['user']['superuser'] & SU_EDIT_PAYLOG) &&
file_exists("paylog.php")){
addnav("Payment Log","paylog.php");
}
$op = httpget('op');
if ($op=="add2"){
$id = httpget('id');
$amt = httpget('amt');
$reason = httpget('reason');
$sql="SELECT name FROM ".db_prefix("accounts")." WHERE acctid=$id;";
$result=db_query($sql);
$row=db_fetch_assoc($result);
output("%s donation points added to %s`0, reason: `^%s`0",$amt,$row['name'],$reason);
$txnid = httpget("txnid");
$ret = httpget('ret');
if ($id==$session['user']['acctid']){
$session['user']['donation']+=$amt;
}
if ($txnid > ""){
$result = modulehook("donation_adjustments",array("points"=>$amt,"amount"=>$amt/getsetting('dpointspercurrencyunit',100),"acctid"=>$id,"messages"=>array()));
$points = $result['points'];
if (!is_array($result['messages'])){
$result['messages'] = array($result['messages']);
}
foreach($result['messages'] as $messageid=>$message){
debuglog($message,false,$id,"donation",0,false);
}
}else{
$points = $amt;
}
// ok to execute when this is the current user, they'll overwrite the
// value at the end of their page hit, and this will allow the display
// table to update in real time.
$sql = "UPDATE " . db_prefix("accounts") . " SET donation=donation+'$points' WHERE acctid='$id'";
db_query($sql);
modulehook("donation", array("id"=>$id, "amt"=>$points, "manual"=>($txnid>""?false:true)));
if ($txnid>""){
$sql = "UPDATE ".db_prefix("paylog")." SET acctid='$id', processed=1 WHERE txnid='$txnid'";
db_query($sql);
debuglog("Received donator points for donating -- Credited manually [$reason]",false,$id,"donation",$points,false);
redirect("paylog.php");
}else{
debuglog("Received donator points -- Manually assigned, not based on a known dollar donation [$reason]",false,$id,"donation",$amt,false);
}
systemmail($id,array("Donation Points Added"),array("`2You have received %s donation points for %s.",$points,$reason));
httpset('op', "");
$op = "";
}
if ($op==""){
$sql = "SELECT name,donation,donationspent FROM " . db_prefix("accounts") . " WHERE donation>0 ORDER BY donation DESC LIMIT 25";
$result = db_query($sql);
$name = translate_inline("Name");
$points = translate_inline("Points");
$spent = translate_inline("Spent");
rawoutput("<table border='0' cellpadding='3' cellspacing='1' bgcolor='#999999'>");
rawoutput("<tr class='trhead'><td>$name</td><td>$points</td><td>$spent</td></tr>");
$number=db_num_rows($result);
for ($i=0;$i<$number;$i++){
$row = db_fetch_assoc($result);
rawoutput("<tr class='".($i%2?"trlight":"trdark")."'>");
rawoutput("<td>");
output_notl("`^%s`0",$row['name']);
rawoutput("</td><td>");
output_notl("`@%s`0", number_format($row['donation']));
rawoutput("</td><td>");
output_notl("`%%s`0", number_format($row['donationspent']));
rawoutput("</td>");
rawoutput("</tr>");
}
rawoutput("</table>",true);
}else if ($op=="add1"){
$search="%";
$name = httppost('name');
if ($name=='') $name = httpget('name');
$search=str_replace("'","\'",$name);
$sql = "SELECT name,acctid,donation,donationspent FROM " . db_prefix("accounts") . " WHERE login LIKE '$search' or name LIKE '$search' LIMIT 100";
$result = db_query($sql);
if (db_num_rows($result)==0) {
for ($i=0;$i<strlen($name);$i++){
$z = substr($name, $i, 1);
if ($z == "'") $z = "\'";
$search.=$z."%";
}
$sql = "SELECT name,acctid,donation,donationspent FROM " . db_prefix("accounts") . " WHERE login LIKE '$search' or name LIKE '$search' LIMIT 100";
$result = db_query($sql);
}
$ret = httpget('ret');
$amt = httppost('amt');
if ($amt=='') $amt = httpget("amt");
$reason = httppost("reason");
if ($reason=="") $reason = httpget("reason");
$txnid = httppost('txnid');
if ($txnid=='') $txnid = httpget("txnid");
output("Confirm the addition of %s points to:`n",$amt);
if ($reason) output("(Reason: `^`b`i%s`i`b`0)`n`n",$reason);
$number=db_num_rows($result);
for ($i=0;$i<$number;$i++){
$row = db_fetch_assoc($result);
if ($ret!=""){
rawoutput("<a href='donators.php?op=add2&id={$row['acctid']}&amt=$amt&ret=".rawurlencode($ret)."&reason=".rawurlencode($reason)."'>");
}else{
rawoutput("<a href='donators.php?op=add2&id={$row['acctid']}&amt=$amt&reason=".rawurlencode($reason)."&txnid=$txnid'>");
}
output_notl("%s (%s/%s)", $row['name'], $row['donation'], $row['donationspent']);
rawoutput("</a>");
output_notl("`n");
if ($ret!=""){
addnav("","donators.php?op=add2&id={$row['acctid']}&amt=$amt&ret=".rawurlencode($ret)."&reason=".rawurlencode($reason));
}else{
addnav("","donators.php?op=add2&id={$row['acctid']}&amt=$amt&reason=".rawurlencode($reason)."&txnid=$txnid");
}
}
}
page_footer();
?>
You can’t perform that action at this time.