$before = $vbulletin->db->query_first("\n\t\t\tSELECT SUM(count) AS total\n\t\t\tFROM (\n\t\t\t\tSELECT COUNT(*) AS count\n\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items` AS items\n\t\t\t\t{$where_conditions}\n\t\t\t\t\tAND (items.itemid > {$vbulletin->GPC['itemid']}\n\t\t\t\t\t\tOR items.userid = 0\n\t\t\t\t\t\tOR items.userid IN ({$vbulletin->userinfo['userid']}{$vbulletin->userinfo['kbank_grantedids']}))\n\t\t\t\t{$group_statement}\n\t\t\t\tORDER BY {$kBankOrder} ASC, itemid DESC\n\t\t\t) AS items\n\t\t");
$vbulletin->GPC['pagenumber'] = floor($before['total'] / $vbulletin->GPC['perpage']) + 1;
}
$startat = ($vbulletin->GPC['pagenumber'] - 1) * $vbulletin->GPC['perpage'];
if ($startat > $counter['total']) {
$startat = 0;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $vbulletin->GPC['perpage'], $counter['total'], $vbulletin->kbank['phpfile'] . '?' . $vbulletin->session->vars['sessionurl'] . "do=shop", ($vbulletin->GPC['perpage'] != PERPAGE_DEFAULT ? "&perpage={$vbulletin->GPC['perpage']}" : "") . $page_suffix);
//Please do not forget to edit $vbulletin->GPC['itemid'] query (above) after editing this query!!!! Page processor!
$items_cache = $vbulletin->db->query_read("\n\t\tSELECT \n\t\t\titems.*\n\t\t\t,{$kBankOrder} AS kBankOrder\n\t\t\t,sellerinfo.usergroupid AS usergroupid\n\t\t\t,sellerinfo.membergroupids AS membergroupids\n\t\t\t{$fields_list}\n\t\tFROM `" . TABLE_PREFIX . "kbank_items` AS items\n\t\tLEFT JOIN `" . TABLE_PREFIX . "user` AS sellerinfo ON (sellerinfo.userid = items.userid)\n\t\t{$where_conditions}\n\t\t{$group_statement}\n\t\tORDER BY kBankOrder ASC, itemid DESC\n\t\tLIMIT {$startat}, {$vbulletin->GPC['perpage']}\n\t");
if ($vbulletin->db->num_rows($items_cache)) {
$items = '';
while ($itemdata = $vbulletin->db->fetch_array($items_cache)) {
if ($itemdata['userid'] != 0 and !havePerm($itemdata, KBANK_PERM_COMPANY, true)) {
//Item is not from a Company. Buyer pay tax (Donate Tax)
$itemdata['tax'] = calcTransferTax($itemdata['price'], $vbulletin->kbank['DonateTax']);
}
if ($item_obj =& newItem($itemdata['itemid'], $itemdata)) {
$item_obj->getShopInfo();
$item = $item_obj->data;
eval('$items .= "' . fetch_template('kbank_shop_itembit') . '";');
//Javascript support
$js_new .= "price[{$item['itemid']}] = " . intval($item['price'] + $item['tax']) . "; ";
}
}
unset($itemdata);
} else {
if (count($search) == 0) {
eval(standard_error(fetch_error('kbank_shop_no_item')));
} else {
eval(standard_error(fetch_error('no_results_matched_your_query')));
function transferMoney($from, $to, $amount, $comment, $inhand = null, $do_log = true, $autopm = true, $taxrate = false, $output = true, $postid = 0, $more_query = false, $forceSecure = false)
{
/*Using
transferMoney(
//sender userid
//receiver userid
//amount of money
//comment - support array
//amount inhand - "null" to by pass validation (null)
//boolean value: log donation or not (true)
//boolean value: auto send pm or not (true)
//tax rate - "false" to use default donation tax (false)
//boolean value: output or just return error message (true)
//postid (0)
//queries to run - array('from','to','banklogs_itemname') (false)
//force to use secure mode (false)
);
*/
global $vbulletin;
$result = true;
$from = intval($from);
$to = intval($to);
$moneytobank = 0;
$moneyfrom = $moneyto = $amount;
$tax = 0;
$vbulletin->kbank['lastTransfered'] = 0;
if ($taxrate !== KBANK_NO_TAX) {
$tax = calcTransferTax($amount, iif($taxrate !== false, $taxrate, $vbulletin->kbank['DonateTax']));
}
if ($tax != 0) {
$moneytobank += abs($tax);
if ($tax > 0) {
$moneyfrom += $tax;
} else {
$moneyto += $tax;
}
}
if ($moneyfrom == 0 and $moneyto == 0 and $moneytobank == 0 and substr($comment, 0, 4) != 'tax_') {
$result = fetch_error('error_kbank_sendmsomthing');
if ($output) {
eval(standard_error($result));
} else {
return $result;
}
}
$secureMode = false;
if ($inhand !== null and $from != 0 and $moneyfrom > 0 and ($vbulletin->kbank['secure_mode'] or $forceSecure)) {
//secure mode
$secureMode = true;
}
if ($secureMode) {
$vbulletin->db->query("\n\t\t\tLOCK TABLES\n\t\t\t\t`" . TABLE_PREFIX . "user` WRITE\n\t\t");
//lock!
DEVDEBUG('kBank Function: transferMoney locked tables');
$tmp_user = $vbulletin->db->query_first("\n\t\t\tSELECT `{$vbulletin->kbank['field']}`\n\t\t\tFROM `" . TABLE_PREFIX . "user`\n\t\t\tWHERE userid = {$from}\n\t\t");
$old_inhand = $inhand;
$inhand = floatval($tmp_user[$vbulletin->kbank['field']]);
DEVDEBUG("kBank Function: Secure Mode Check update {$old_inhand} with {$inhand}");
if (abs($inhand - $old_inhand) > 1) {
//confict! We will produce an error!
DEVDEBUG("kBank Function: Secure Mode Check fail");
$result = fetch_error('kbank_secure_mode_fail');
if ($output) {
eval(standard_error($result));
} else {
return $result;
}
}
//everything seems fine!
}
if ($inhand < $moneyfrom and $inhand !== null) {
$result = fetch_error('kbank_not_enough_tax', vb_number_format($amount, $vbulletin->kbank['roundup']), iif($tax > 0, vb_number_format($tax, $vbulletin->kbank['roundup']), 0), vb_number_format($moneyfrom, $vbulletin->kbank['roundup']), vb_number_format($inhand, $vbulletin->kbank['roundup']), $vbulletin->kbank['name']);
if ($output) {
eval(standard_error($result));
} else {
return $result;
}
}
if ($from != 0 and ($moneyfrom != 0 or $more_query['from'])) {
$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "user \n\t\t\tSET " . $vbulletin->kbank['field'] . " = " . $vbulletin->kbank['field'] . " - " . $moneyfrom . " \n\t\t\t\t{$more_query['from']}\n\t\t\tWHERE userid = " . $from . "");
} else {
$moneytobank += -1 * $moneyfrom;
$moneyfrom = 0;
}
if ($to != 0 and ($moneyto != 0 or $more_query['to'])) {
$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "user \n\t\t\tSET " . $vbulletin->kbank['field'] . " = " . $vbulletin->kbank['field'] . " + " . $moneyto . " \n\t\t\t\t{$more_query['to']}\n\t\t\tWHERE userid = " . $to . "");
} else {
$moneytobank += $moneyto;
$moneyto = 0;
}
if ($secureMode) {
//important work completed. Unlock tables
$vbulletin->db->query('UNLOCK TABLES');
DEVDEBUG('kBank Function: transferMoney unlocked tables');
}
if ($moneytobank != 0) {
if (isset($more_query['banklogs_itemname'])) {
$itemname = $more_query['banklogs_itemname'];
} else {
$itemname = 'other';
}
$vbulletin->db->query_write("\n\t\t\tUPDATE `" . TABLE_PREFIX . "kbank_banklogs`\n\t\t\tSET amount = amount + {$moneytobank}\n\t\t\t\t#We should update the last time data edited\n\t\t\t\t,`time` = " . TIMENOW . "\n\t\t\tWHERE itemname = '" . $vbulletin->db->escape_string($itemname) . "'\n\t\t");
}
if ($do_log) {
if ($from == 0 and !is_array($comment)) {
$comment = array('adminid' => 0, 'comment' => $comment);
}
$result = logTransfer($from, $to, $amount, $comment, $autopm, $tax, $postid);
}
$vbulletin->kbank['lastTransfered'] = $moneyfrom;
return $result;
}
function doAction($action)
{
global $vbulletin, $vbphrase, $userinfo;
//to be override
if (!$userinfo) {
$userinfo =& $vbulletin->userinfo;
}
if ($action == 'buy') {
if ($olditem = $vbulletin->db->query_first("\n\t\t\t\t\tSELECT *\n\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items`\n\t\t\t\t\tWHERE type = {$this->data['type']}\n\t\t\t\t\t\tAND userid = {$userinfo['userid']}\n\t\t\t\t\t\tAND (status > " . KBANK_ITEM_AVAILABLE . "\n\t\t\t\t\t\t\tOR status = " . KBANK_ITEM_DELETED . ")\n\t\t\t\t\tORDER BY create_time DESC\n\t\t\t\t\tLIMIT 1\n\t\t\t\t")) {
//Search for an old item with same itemtype have been used/enabled or even deleted
$options = unserialize($olditem['options']);
if (is_array($options)) {
foreach ($options as $key => $value) {
if (!in_array($key, array('duration', 'bids', 'expire_time_bidding', 'approved', 'edit_time')) and !isset($this->data['options'][$key])) {
$this->data['options'][$key] = $value;
}
}
}
$this->data['options']['enabled'] = null;
}
if (isset($this->data['options']['sold_counter'])) {
$this->data['options']['sold_counter'] = null;
//clear sold counter
}
if (isset($this->data['options']['receiver'])) {
$this->data['options']['receiver'] = null;
//clear receiver
}
if (is_array($this->data['options'])) {
$this->data['options'] = serialize($this->data['options']);
}
$this->data['status'] = KBANK_ITEM_AVAILABLE;
//IMPORTANT!
$this->data['userid'] = $userinfo['userid'];
//IMPORTANT!
}
if ($action == 'bid') {
//This action change database directly
//Permission checking
if ($this->data['status'] != KBANK_ITEM_BIDDING or !havePerm($userinfo, KBANK_PERM_COMPANY, true) or $this->data['expire_time'] < TIMENOW) {
return KBANK_ERROR_NO_PERM;
}
$bid = $vbulletin->GPC['bid'][$this->data['itemid']];
$highestBid = $this->highestBid();
if ($bid <= $this->data['price']) {
//User place bid lower than what we have got
if ($bid == $this->data['price'] and !count($highestBid)) {
//if this is the first, he/she can bid with amount of default bid
} else {
return fetch_error('kbank_item_bid_lower', vb_number_format($this->data['price'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']);
}
}
if (count($highestBid) and $bid - $highestBid['bid'] < $vbulletin->kbank['bidStep']) {
return fetch_error('kbank_item_bid_step', vb_number_format($highestBid['bid'], $vbulletin->kbank['roundup']), vb_number_format($vbulletin->kbank['bidStep'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']);
}
if (!isset($this->data['options']['bids'])) {
$this->data['options']['bids'] = array();
}
//Calculating bidding-fee
$paid = 0;
$fee = calcTransferTax($bid, $vbulletin->kbank['ItemBidFee']);
foreach ($this->data['options']['bids'] as $record) {
if ($record['userid'] == $userinfo['userid']) {
$paid += $record['paid'];
}
}
$need2paid = $fee - $paid;
$result = transferMoney($userinfo['userid'], $this->data['userid'], $need2paid, 'bid_' . $this->data['itemid'], $userinfo[$vbulletin->kbank['field']], true, false, KBANK_NO_TAX, false, 0, array('banklogs_itemname' => iif($this->data['userid'] == 0, 'items', 'other')));
if ($result !== true) {
return $result;
}
$this->data['options']['bids'][] = array('userid' => $userinfo['userid'], 'username' => $userinfo['username'], 'bid' => $bid, 'bid_time' => TIMENOW, 'paid' => $need2paid);
$item_new = array('price' => $bid, 'options' => serialize($this->data['options']));
//Do database change
$vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}"));
//updateWarningItem(); - done by main script
return true;
}
if ($action == 'bid_expired') {
//Bidding expired
//Permission check - for safe
if ($this->data['status'] == KBANK_ITEM_BIDDING and $this->data['expire_time'] < TIMENOW) {
if (($vbulletin->kbank['BidWinnerBuyAfter'] === false or TIMENOW < $this->data['expire_time'] + $vbulletin->kbank['BidWinnerBuyAfter']) and count($this->highestBid())) {
//If there is a highest bid we will specified receiver!
$this->data['options']['receiver'] = array($this->highestBid());
}
$this->data['status'] = KBANK_ITEM_SELLING;
if ($this->data['options']['expire_time_bidding'] > 0) {
$this->data['expire_time'] = $this->data['expire_time'] + $this->data['options']['expire_time_bidding'];
} else {
$this->data['expire_time'] = $this->data['options']['expire_time_bidding'];
}
//We have to update old info
$this->getExtraInfoReceiver();
$this->getExtraInfoExpire();
} else {
return false;
}
}
if ($action == 'approve') {
//This action change database directly
$kBankAdmin =& $vbulletin->userinfo;
//One more permission check - just for safe
if (THIS_SCRIPT != 'kbankadmin' or !havePerm($kBankAdmin, KBANK_PERM_ADMIN) or $this->data['status'] != KBANK_ITEM_PENDING) {
print_stop_message('kbank_no_permission');
}
if (isset($this->data['options']['approved'][$kBankAdmin['userid']])) {
$do_approved = false;
} else {
$do_approved = true;
$this->data['options']['approved'][$kBankAdmin['userid']] = $kBankAdmin['username'];
}
$approved = array();
foreach ($this->data['options']['approved'] as $userid => $username) {
if (in_array($userid, $vbulletin->kbank['AdminIDs']) and !in_array($userid, $approved)) {
$approved[] = $userid;
}
}
if (count($approved) >= $vbulletin->kbank['requestApproval'] or count($approved) == count($vbulletin->kbank['AdminIDs'])) {
//Great! Approved
$item_new = array('status' => $this->data['options']['status_pending'], 'options' => serialize($this->data['options']));
} else {
if ($do_approved) {
//Okay but we need more
$item_new = array('options' => serialize($this->data['options']));
}
}
if ($item_new) {
//Do database change
$vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}"));
}
logkBankAction('admin_item_approve', $this->data['itemid']);
updateWarningItem();
define('CP_REDIRECT', 'kbankadmin.php?do=item_man');
print_stop_message('kbank_item_approved');
}
return true;
}