function sql_escapeArray($arr = array())
{
$rs = array();
if ($arr && is_array($arr)) {
foreach ($arr as $key => $val) {
if (is_array($val)) {
$rs[$key] = sql_escapeArray($val);
} else {
$rs[$key] = sql_escapeStr($val);
}
}
}
return $rs;
}
Project::getInstance()->getSmarty()->display('../default/admin/user_bonus.tpl');
break;
case 'bad_withdrawals':
$result = sql_query('
SELECT * FROM bad_withdrawals WHERE user_id="' . intval($_REQUEST['id']) . '"
');
$bads = array();
while ($row = mysql_fetch_assoc($result)) {
$bads[] = $row;
}
Project::getInstance()->getSmarty()->assign('bads', $bads);
Project::getInstance()->getSmarty()->display('../default/admin/user_bad_withdrawals.tpl');
break;
case 'message':
if (isset($_REQUEST['do']) && $_REQUEST['do'] == 'send') {
$_POST = sql_escapeArray($_POST);
$message = new UserMessage();
$message->setData($_POST);
$message->user_id = intval($_REQUEST['id']);
$message->stamp = Project::getInstance()->getNow();
$message->save();
location($_SERVER['PHP_SELF'] . '?action=profile&id=' . intval($_REQUEST['id']), '<p class=imp>Message <u>' . htmlspecialchars($message->title) . '</u> has been send!</p>');
}
Project::getInstance()->getSmarty()->assign('user_id', intval($_REQUEST['id']));
Project::getInstance()->getSmarty()->display('../default/admin/user_message.tpl');
break;
default:
$result_ips = sql_query('
SELECT user_id, INET_NTOA(ip) as ip FROM visits GROUP BY user_id, ip
');
$ips = array();
}
}
if (empty($_POST['terms']) && $valid) {
Project::getInstance()->getSmarty()->assign('error_message', 'You should accept Terms and Conditions!');
$valid = false;
}
if ($_POST['login'] == $_POST['referral']) {
$_POST['referral'] = '';
}
if ($valid) {
$user = new User();
$_POST['pm_member_id'] = !empty($_POST['pm_member_id']) ? $_POST['pm_member_id'] : '';
$_POST['secpin'] = $_POST['secpin_signup'];
$_POST['masterpin'] = $_POST['masterpin_signup'];
$_POST['reg_date'] = Project::getInstance()->getNow();
$user->setData(sql_escapeArray($_POST));
$user->access = ACCESS_LEVEL_USER;
$user->status = USER_STATUS_ACTIVE;
if ($user_id = $user->save()) {
$page_tpl = 'signup_ok.tpl';
include_once LIB_ROOT . '/emails.class.php';
$params = array('%user_fullname%' => $user->fullname, '%user_login%' => $user->login, '%user_password%' => $user->password, '%user_secpin%' => $user->secpin, '%user_masterpin%' => $user->masterpin, '%project_name%' => get_setting('project_name'), '%project_email%' => get_setting('project_email'));
$email = new Emails($user_id, 'signup_notify', $params);
$email->send();
}
} else {
Project::getInstance()->getSmarty()->assign('signup', $_POST);
$page_tpl = 'signup.tpl';
}
} else {
$page_tpl = 'signup.tpl';
