Beispiel #1
0
function process_post()
{
    /* We switch according to the $_POST[action] variable, which is a hidden
     * submit formfield in each <form>. see html/add*.txt for more information.
     */
    switch ("{$_POST['action']}") {
        /*
         * Add new user. We wont touch that here. Let auth() handle that.
         */
        case "newuser":
            addNewUser();
            break;
            /*
             * Update to the about box in profiles.
             */
        /*
         * Update to the about box in profiles.
         */
        case "modprofile":
            modProfile();
            break;
            /*
             * Change password. We wont touch that here. Let auth() handle that.
             */
        /*
         * Change password. We wont touch that here. Let auth() handle that.
         */
        case "changepw":
            changePassword();
            break;
            /*
             * Change email.
             */
        /*
         * Change email.
         */
        case "changeemail":
            changeEmail();
            break;
            /*
             * Change can view preferences.
             */
        /*
         * Change can view preferences.
         */
        case "changecanpage":
            changeCanPrefs();
            break;
            /*
             * Update API Key
             */
        /*
         * Update API Key
         */
        case "update_api":
            global $MySelf;
            $api = new api($MySelf->getID());
            if ($_POST[deleteKey]) {
                // Delete api Key
                $api->deleteApiKey();
                makeNotice("Your API key has been delete from the database.", "notice", "API Key wipe success", "index.php?action=preferences");
            } else {
                // Update api key
                $api->setApiKey($_POST[apiID], $_POST[apiKey]);
                makeNotice("Your new API key has been stored.", "notice", "API Key update success", "index.php?action=preferences");
            }
            break;
            /*
             * Add a Rank
             */
        /*
         * Add a Rank
         */
        case "addnewrank":
            addRank();
            break;
            /*
             * Edit the ranks
             */
        /*
         * Edit the ranks
         */
        case "editranks":
            editRanks();
            break;
            /*
             * Change opt-in status.
             */
        /*
         * Change opt-in status.
         */
        case "optIn":
            toggleOptIn();
            break;
            /*
             * Change See Inoffical Runs Setting (sir)
             */
        /*
         * Change See Inoffical Runs Setting (sir)
         */
        case "sirchange":
            sirchange();
            break;
            /*
             * Submiting a template change form
             */
        /*
         * Submiting a template change form
         */
        case "editTemplate":
            editTemplate();
            break;
            /*
             * Change ore value.
             */
        /*
         * Change ore value.
         */
        case "changeore":
            changeOreValue();
            break;
            /*
             * Change ship value.
             */
        /*
         * Change ship value.
         */
        case "changeship":
            changeShipValue();
            break;
            /*
             * Delete pending payout request
             */
        /*
         * Delete pending payout request
         */
        case "deleteRequest":
            deletePayoutRequest();
            break;
            /*
             * Modify online time.
             */
        /*
         * Modify online time.
         */
        case "modonlinetime":
            modOnlineTime();
            break;
            /*
             * Modify site settings.
             */
        /*
         * Modify site settings.
         */
        case "configuration":
            modConfiguration();
            break;
            /*
             * Add an event to the DB
             */
        /*
         * Add an event to the DB
         */
        case "addevent":
            addEventToDB();
            break;
            /*
             * Request payout.
             */
        /*
         * Request payout.
         */
        case "requestPayout":
            requestPayout();
            break;
            /*
             * Transfer Money
             */
        /*
         * Transfer Money
         */
        case "transferMoney":
            transferMoney();
            break;
            /*
             * Do the payouts
             */
        /*
         * Do the payouts
         */
        case "payout":
            doPayout();
            break;
            /*
             * Create a new can in the Database.
             */
        /*
         * Create a new can in the Database.
         */
        case "addcan":
            addCanToDatabase();
            break;
            /*
             * Admin request to change a user.
             */
        /*
         * Admin request to change a user.
         */
        case "edituser":
            editUser();
            break;
            /*
             * AddRun
             * This adds a new run to the database.
             */
        /*
         * AddRun
         * This adds a new run to the database.
         */
        case "addrun":
            addRun();
            break;
            /*
             * Analog to AddRun, just for Hauls.
             */
        /*
         * Analog to AddRun, just for Hauls.
         */
        case "addhaul":
            addHaul();
            break;
            /*
             * Create a new transaction.
             */
        /*
         * Create a new transaction.
         */
        case "transaction":
            createTransaction();
            break;
            /*
             * Lotto stuff
             */
        /*
         * Lotto stuff
         */
        case "editLottoTickets":
            lotto_editCreditsInDB();
            break;
        case "createDrawing":
            lotto_createDrawing();
            break;
        case "lottoBuyCredits":
            lotto_buyTickets();
            break;
    }
}
Beispiel #2
0
function giveMoney($userid, $amount, $itemtype = 'post', $comment_org = '', $autopm = true)
{
    if ($amount == 0) {
        return false;
    }
    global $vbulletin;
    transferMoney(0, $userid, $amount, '', null, false, $autopm, KBANK_NO_TAX, true, 0, array('banklogs_itemname' => $itemtype));
    if ($itemtype == 'admindonate') {
        logTransfer(0, $userid, $amount, array('adminid' => $vbulletin->userinfo['userid'], 'comment' => $comment_org), $autopm);
    }
}
Beispiel #3
0
function ap_doHistory($postid, $points, $reason)
{
    if (!is_numeric($postid) or $postid <= 0) {
        exit;
    }
    //Error free!
    global $vbulletin, $vbphrase, $messages;
    $more_query = array('to' => '', 'from' => '');
    //Get user's profile
    $user = $vbulletin->db->query_first("\n\t\tSELECT \n\t\t\tpost.userid AS userid, \n\t\t\tuser.username AS username,\n\t\t\tuser.{$vbulletin->kbank['field']} AS total, \n\t\t\tuser.usergroupid AS usergroupid,\n\t\t\tuser.membergroupids AS membergroupids,\n\t\t\tuser.displaygroupid AS displaygroupid,\n\t\t\tuser.usertitle AS usertitle,\n\t\t\tuser.customtitle AS customtitle\n\t\tFROM `" . TABLE_PREFIX . "post` AS post\n\t\tINNER JOIN `" . TABLE_PREFIX . "user` AS user ON (user.userid = post.userid)\n\t\tWHERE postid = '{$postid}';");
    DEVDEBUG('[kBank Award] ap_doHistory query the database');
    //Check for new usergroup moving
    $newug = 0;
    foreach ($vbulletin->kbank['award']['listMove2GroupIDs'] as $rule) {
        $tmp = explode(':', $rule);
        $result_tmp = 12345;
        @eval('$result_tmp = (' . ($user['total'] + $points) . $tmp[0] . ');');
        if ($result_tmp !== 12345) {
            if ($result_tmp !== true and $result_tmp !== false) {
                $result_tmp = 12345;
                @eval('$result_tmp = (' . ($user['total'] + $points) . '<' . $tmp[0] . ');');
                if ($result_tmp === 12345 or $result_tmp !== true or $result_tmp !== false) {
                    $result_tmp = false;
                }
            }
        } else {
            $result_tmp = false;
        }
        if ($result_tmp) {
            $newug = $tmp[1];
        }
    }
    if ($newug != 0 and !is_member_of($user, $vbulletin->kbank['award']['permCanRemoveGroupIDs']) and !is_member_of($user, $newug)) {
        $more_query['to'] .= " ,usergroupid = {$newug}";
    } else {
        $newug = 0;
    }
    //Done with finding new usergroup
    //Add ban record if needed (if new group is a ban group)
    if ($newug) {
        //Find 'is ban group' groups
        $querygroups = array();
        foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) {
            if (!($usergroup['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) {
                $querygroups[] = $usergroupid;
            }
        }
        if (in_array($newug, $querygroups)) {
            $adminid = $vbulletin->userinfo['userid'];
            if (!$vbulletin->db->query_first("\n\t\t\t\t\tSELECT * FROM `" . TABLE_PREFIX . "userban`\n\t\t\t\t\tWHERE userid = {$user['userid']}\n\t\t\t\t")) {
                $vbulletin->db->query("\n\t\t\t\t\tINSERT INTO `" . TABLE_PREFIX . "userban`\n\t\t\t\t\t(userid, usergroupid, displaygroupid, usertitle, customtitle, adminid, bandate, liftdate, reason)\n\t\t\t\t\tVALUES (\n\t\t\t\t\t\t{$user['userid']}\n\t\t\t\t\t\t,{$user['usergroupid']}\n\t\t\t\t\t\t,{$user['displaygroupid']}\n\t\t\t\t\t\t,'{$user['usertitle']}'\n\t\t\t\t\t\t,{$user['customtitle']}\n\t\t\t\t\t\t,{$adminid}\n\t\t\t\t\t\t," . TIMENOW . "\n\t\t\t\t\t\t,0\n\t\t\t\t\t\t,'{$vbphrase['kbank_award_bank_rupted']}'\n\t\t\t\t\t);");
                DEVDEBUG('[kBank Award] ap_doHistory query the database 2 times');
            }
            $more_query['to'] .= " ,usertitle = '{$vbphrase['kbank_award_bank_rupted']}'";
        }
    }
    //Adjust counter
    $more_query['to'] .= iif($reason != AWARD_REMOVE, " ,{$vbulletin->kbank['award']['awardedtimes']} = {$vbulletin->kbank['award']['awardedtimes']} + 1", " ,{$vbulletin->kbank['award']['awardedtimes']} = {$vbulletin->kbank['award']['awardedtimes']} - 1") . " ,{$vbulletin->kbank['award']['awardedamount']} = {$vbulletin->kbank['award']['awardedamount']} + {$points}";
    //Specified itemname for banklogs
    $more_query['banklogs'] = array('itemname' => 'post');
    //Update database
    $result = transferMoney(0, $user['userid'], $points, array('adminid' => $vbulletin->userinfo['userid'], 'comment' => $reason), null, true, false, KBANK_NO_TAX, false, $postid, $more_query);
    //Send PM to user (if action done successfully)
    if ($result === true and $vbulletin->kbank['award']['sendPM']) {
        //build title,message
        $url = $vbulletin->options['bburl'];
        if ($reason != AWARD_REMOVE) {
            $title = $vbphrase['kbank_award_PM_title'];
            $text = construct_phrase($vbphrase['kbank_award_PM_text'], "{$url}/showthread.php?p={$postid}", $points, $reason, "{$url}/member.php?u={$vbulletin->userinfo['userid']}", $vbulletin->userinfo['username'], $vbulletin->kbank['name']);
        } else {
            $title = $vbphrase['kbank_award_PM_title_deleted'];
            $text = construct_phrase($vbphrase['kbank_award_PM_text_deleted'], "{$url}/showthread.php?p={$postid}", "{$url}/member.php?u={$vbulletin->userinfo['userid']}", $vbulletin->userinfo['username']);
        }
        if ($newug != 0) {
            $text .= construct_phrase($vbphrase['kbank_award_usergroup_moved'], $newug);
            $messages[] = construct_phrase($vbphrase['kbank_award_usergroup_moved_for_admin'], $newug, $user['username']);
        }
        $result = kbank_sendPM($vbulletin->userinfo, $user, $title, $text, false);
    }
    return $result;
}
Beispiel #4
0
         $errors[$itemid][] = KBANK_ERROR_NO_PERM;
         continue;
     }
     $need2update['warningitem'] = true;
 }
 $taxrate = false;
 if ($item['userid'] == 0) {
     $taxrate = KBANK_NO_TAX;
 } else {
     if ($item['userid'] and $to = $vbulletin->db->query_first("\n\t\t\t\tSELECT username, usergroupid, membergroupids\n\t\t\t\tFROM `" . TABLE_PREFIX . "user`\n\t\t\t\tWHERE userid = {$item['userid']}\n\t\t\t") and havePerm($to, KBANK_PERM_COMPANY, true)) {
         //Seller is a Company, apply Item Tax
         $taxrate = $vbulletin->kbank['ItemTax'];
         //If not, apply tax as normal Donate Tax
     }
 }
 $result = transferMoney($userinfo['userid'], $item['userid'], $item['price'], "buy_item_{$item['itemid']}", $userinfo[$vbulletin->kbank['field']], true, false, $taxrate, false, 0, array('banklogs_itemname' => iif($item['userid'] == 0, 'items', 'other')));
 if ($result === true) {
     if ($to) {
         //send PM
         $myitems_links = $vbulletin->options['bburl'] . '/' . $vbulletin->kbank['phpfile'] . '?do=myitems';
         $from = $userinfo;
         $message = construct_phrase($vbphrase['kbank_buy_pm_message'], $item['name'], $item['price'], $userinfo['username'], $myitems_link);
         $subject = $vbphrase['kbank_buy_pm_subject'];
         $pm_result = kbank_sendPM($from, $to, $subject, $message, false);
         if ($pm_result !== true) {
             $errors[$itemid][] = $pm_result;
         }
     }
 } else {
     $errors[$itemid][] = $result;
     continue;
Beispiel #5
0
 function doAction($action)
 {
     global $vbulletin, $vbphrase, $userinfo;
     //to be override
     if (!$userinfo) {
         $userinfo =& $vbulletin->userinfo;
     }
     if ($action == 'buy') {
         if ($olditem = $vbulletin->db->query_first("\n\t\t\t\t\tSELECT *\n\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items`\n\t\t\t\t\tWHERE type = {$this->data['type']}\n\t\t\t\t\t\tAND userid = {$userinfo['userid']}\n\t\t\t\t\t\tAND (status > " . KBANK_ITEM_AVAILABLE . "\n\t\t\t\t\t\t\tOR status = " . KBANK_ITEM_DELETED . ")\n\t\t\t\t\tORDER BY create_time DESC\n\t\t\t\t\tLIMIT 1\n\t\t\t\t")) {
             //Search for an old item with same itemtype have been used/enabled or even deleted
             $options = unserialize($olditem['options']);
             if (is_array($options)) {
                 foreach ($options as $key => $value) {
                     if (!in_array($key, array('duration', 'bids', 'expire_time_bidding', 'approved', 'edit_time')) and !isset($this->data['options'][$key])) {
                         $this->data['options'][$key] = $value;
                     }
                 }
             }
             $this->data['options']['enabled'] = null;
         }
         if (isset($this->data['options']['sold_counter'])) {
             $this->data['options']['sold_counter'] = null;
             //clear sold counter
         }
         if (isset($this->data['options']['receiver'])) {
             $this->data['options']['receiver'] = null;
             //clear receiver
         }
         if (is_array($this->data['options'])) {
             $this->data['options'] = serialize($this->data['options']);
         }
         $this->data['status'] = KBANK_ITEM_AVAILABLE;
         //IMPORTANT!
         $this->data['userid'] = $userinfo['userid'];
         //IMPORTANT!
     }
     if ($action == 'bid') {
         //This action change database directly
         //Permission checking
         if ($this->data['status'] != KBANK_ITEM_BIDDING or !havePerm($userinfo, KBANK_PERM_COMPANY, true) or $this->data['expire_time'] < TIMENOW) {
             return KBANK_ERROR_NO_PERM;
         }
         $bid = $vbulletin->GPC['bid'][$this->data['itemid']];
         $highestBid = $this->highestBid();
         if ($bid <= $this->data['price']) {
             //User place bid lower than what we have got
             if ($bid == $this->data['price'] and !count($highestBid)) {
                 //if this is the first, he/she can bid with amount of default bid
             } else {
                 return fetch_error('kbank_item_bid_lower', vb_number_format($this->data['price'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']);
             }
         }
         if (count($highestBid) and $bid - $highestBid['bid'] < $vbulletin->kbank['bidStep']) {
             return fetch_error('kbank_item_bid_step', vb_number_format($highestBid['bid'], $vbulletin->kbank['roundup']), vb_number_format($vbulletin->kbank['bidStep'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']);
         }
         if (!isset($this->data['options']['bids'])) {
             $this->data['options']['bids'] = array();
         }
         //Calculating bidding-fee
         $paid = 0;
         $fee = calcTransferTax($bid, $vbulletin->kbank['ItemBidFee']);
         foreach ($this->data['options']['bids'] as $record) {
             if ($record['userid'] == $userinfo['userid']) {
                 $paid += $record['paid'];
             }
         }
         $need2paid = $fee - $paid;
         $result = transferMoney($userinfo['userid'], $this->data['userid'], $need2paid, 'bid_' . $this->data['itemid'], $userinfo[$vbulletin->kbank['field']], true, false, KBANK_NO_TAX, false, 0, array('banklogs_itemname' => iif($this->data['userid'] == 0, 'items', 'other')));
         if ($result !== true) {
             return $result;
         }
         $this->data['options']['bids'][] = array('userid' => $userinfo['userid'], 'username' => $userinfo['username'], 'bid' => $bid, 'bid_time' => TIMENOW, 'paid' => $need2paid);
         $item_new = array('price' => $bid, 'options' => serialize($this->data['options']));
         //Do database change
         $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}"));
         //updateWarningItem(); - done by main script
         return true;
     }
     if ($action == 'bid_expired') {
         //Bidding expired
         //Permission check - for safe
         if ($this->data['status'] == KBANK_ITEM_BIDDING and $this->data['expire_time'] < TIMENOW) {
             if (($vbulletin->kbank['BidWinnerBuyAfter'] === false or TIMENOW < $this->data['expire_time'] + $vbulletin->kbank['BidWinnerBuyAfter']) and count($this->highestBid())) {
                 //If there is a highest bid we will specified receiver!
                 $this->data['options']['receiver'] = array($this->highestBid());
             }
             $this->data['status'] = KBANK_ITEM_SELLING;
             if ($this->data['options']['expire_time_bidding'] > 0) {
                 $this->data['expire_time'] = $this->data['expire_time'] + $this->data['options']['expire_time_bidding'];
             } else {
                 $this->data['expire_time'] = $this->data['options']['expire_time_bidding'];
             }
             //We have to update old info
             $this->getExtraInfoReceiver();
             $this->getExtraInfoExpire();
         } else {
             return false;
         }
     }
     if ($action == 'approve') {
         //This action change database directly
         $kBankAdmin =& $vbulletin->userinfo;
         //One more permission check - just for safe
         if (THIS_SCRIPT != 'kbankadmin' or !havePerm($kBankAdmin, KBANK_PERM_ADMIN) or $this->data['status'] != KBANK_ITEM_PENDING) {
             print_stop_message('kbank_no_permission');
         }
         if (isset($this->data['options']['approved'][$kBankAdmin['userid']])) {
             $do_approved = false;
         } else {
             $do_approved = true;
             $this->data['options']['approved'][$kBankAdmin['userid']] = $kBankAdmin['username'];
         }
         $approved = array();
         foreach ($this->data['options']['approved'] as $userid => $username) {
             if (in_array($userid, $vbulletin->kbank['AdminIDs']) and !in_array($userid, $approved)) {
                 $approved[] = $userid;
             }
         }
         if (count($approved) >= $vbulletin->kbank['requestApproval'] or count($approved) == count($vbulletin->kbank['AdminIDs'])) {
             //Great! Approved
             $item_new = array('status' => $this->data['options']['status_pending'], 'options' => serialize($this->data['options']));
         } else {
             if ($do_approved) {
                 //Okay but we need more
                 $item_new = array('options' => serialize($this->data['options']));
             }
         }
         if ($item_new) {
             //Do database change
             $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}"));
         }
         logkBankAction('admin_item_approve', $this->data['itemid']);
         updateWarningItem();
         define('CP_REDIRECT', 'kbankadmin.php?do=item_man');
         print_stop_message('kbank_item_approved');
     }
     return true;
 }