function newpoints_shop_page() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if (!$mybb->user['uid']) { return; } newpoints_lang_load("newpoints_shop"); if ($mybb->input['action'] == "do_shop") { verify_post_check($mybb->input['postcode']); $plugins->run_hooks("newpoints_do_shop_start"); switch ($mybb->input['shop_action']) { case 'buy': $plugins->run_hooks("newpoints_shop_buy_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } if (floatval($item['price']) > floatval($mybb->user['newpoints'])) { $errors[] = $lang->newpoints_shop_not_enough; } if ($item['infinite'] != 1 && $item['stock'] <= 0) { $errors[] = $lang->newpoints_shop_out_of_stock; } if ($item['limit'] != 0) { // Get how many items of this type we have in our inventory $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } // If more than or equal to $item['limit'] -> FAILED if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) { $errors[] = $lang->newpoints_shop_limit_reached; } } if (!empty($errors)) { $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors); $mybb->input = array(); $mybb->input['action'] = 'shop'; } else { $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } $myitems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\''); } // get money from user newpoints_addpoints($mybb->user['uid'], -floatval($item['price'])); if (!empty($item['pm'])) { // send PM if item has private message newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1); } $plugins->run_hooks("newpoints_shop_buy_end", $item); // log purchase newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title); } break; case 'send': $plugins->run_hooks("newpoints_shop_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_send_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_send'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>"; $plugins->run_hooks("newpoints_shop_send_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_send': $plugins->run_hooks("newpoints_shop_do_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $username = trim($mybb->input['username']); if (!($user = newpoints_getuser_byname($username))) { error($lang->newpoints_shop_invalid_user); } else { if ($user['uid'] == $mybb->user['uid']) { error($lang->newpoints_shop_cant_send_item_self); } // send item to the selected user $useritems = @unserialize($user['newpoints_items']); if (!$useritems) { $useritems = array(); } $useritems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\''); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); $plugins->run_hooks("newpoints_shop_do_send_end"); // send pm to user newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1); // log newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title); } break; case 'sell': $plugins->run_hooks("newpoints_shop_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 1; $shop_action = 'do_sell'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>"; $plugins->run_hooks("newpoints_shop_sell_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_sell': $plugins->run_hooks("newpoints_shop_do_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\''); } newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']); $plugins->run_hooks("newpoints_shop_do_sell_end"); // log newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title); break; default: error_no_permission(); } $plugins->run_hooks("newpoints_do_shop_end"); } // shop page if ($mybb->input['action'] == "shop") { $plugins->run_hooks("newpoints_shop_start"); if ($mybb->input['shop_action'] == 'view') { // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); if ($item['price'] > $mybb->user['newpoints']) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } else { $item['stock'] = intval($item['stock']); } if ($item['sendable'] == 1) { $item['sendable'] = $lang->newpoints_shop_yes; } else { $item['sendable'] = $lang->newpoints_shop_no; } if ($item['sellable'] == 1) { $item['sellable'] = $lang->newpoints_shop_yes; } else { $item['sellable'] = $lang->newpoints_shop_no; } eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";"); } elseif ($mybb->input['shop_action'] == 'myitems') { $uid = intval($mybb->input['uid']); $uidpart = ''; if ($uid > 0) { $user = get_user($uid); // we're viewing someone else's inventory if (!empty($user)) { // we can't view others inventories if we don't have enough previleges if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) { error_no_permission(); } $myitems = @unserialize($user['newpoints_items']); $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username'])); $uidpart = "&uid=" . $uid; // we need this for pagination } else { $myitems = @unserialize($mybb->user['newpoints_items']); } } else { $myitems = @unserialize($mybb->user['newpoints_items']); } $items = ''; $newrow = true; $invert_bgcolor = alt_trow(); if ($mybb->settings['newpoints_shop_sendable'] != 1) { $sendable = false; } else { $sendable = true; } if ($mybb->settings['newpoints_shop_sellable'] != 1) { $sellable = false; } else { $sellable = true; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1); if (!empty($myitems)) { // pagination $per_page = 10; $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] && $mybb->input['page'] > 1) { $mybb->input['page'] = intval($mybb->input['page']); $start = $mybb->input['page'] * $per_page - $per_page; } else { $mybb->input['page'] = 1; $start = 0; } // total items $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items"); // multi-page if ($total_rows > $per_page) { $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart); } $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}")); while ($item = $db->fetch_array($query)) { if ($newrow === true) { $trstart = '<tr>'; $trend = ''; $newrow = false; } elseif ($newrow === false) { $trstart = ''; $trend = '</tr>'; $newrow = true; } if ($sellable === true && $item['sellable']) { if ($sendable === true && $item['sendable']) { $tdstart = '<td width="50%">'; } else { $tdstart = '<td width="100%">'; } $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>'; } else { $sell = ''; } if ($sendable === true && $item['sendable']) { if ($sell == '') { $tdstart = '<td width="100%">'; } else { $tdstart = '<td width="50%">'; } $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>'; } else { $send = ''; } if (!$send && !$sell) { $send = $lang->newpoints_shop_no_options; } $item['description'] = $parser->parse_message($item['description'], $parser_options); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); $item['quantity'] = count(array_keys($myitems, $item['iid'])); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } $bgcolor = alt_trow(); $invert_bgcolor = alt_trow(); eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";"); } if (!$items) { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } else { if ($newrow === false) { eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";"); $newrow = true; } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";"); } else { // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 $itemsrate = floatval($grouprules['items_rate']); global $cats, $items; // get categories $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($cat = $db->fetch_array($query)) { $categories[$cat['cid']] = $cat; } // get items and store them in their categories $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($item = $db->fetch_array($query)) { $items_array[$item['cid']][$item['iid']] = $item; } $cats = ''; $bgcolor = ''; $bgcolor = alt_trow(); // build items and categories if (!empty($categories)) { foreach ($categories as $cid => $category) { $items = ''; if ($category['items'] > 0 && !empty($items_array[$category['cid']])) { foreach ($items_array as $cid => $member) { if ($cid != $category['cid']) { continue; } $bgcolor = alt_trow(); foreach ($member as $iid => $item) { // skip hidden items if ($item['visible'] == 0) { continue; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } if ($item['price'] > $mybb->user['newpoints']) { $enough_money = false; } else { $enough_money = true; } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); $item['price'] = newpoints_format_points($item['price'] * $itemsrate); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if (!$enough_money) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";"); } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";"); } // if it's not visible, don't show it if ($category['visible'] == 0) { continue; } // check if we have permissions to view the category if (!newpoints_shop_check_permissions($category['usergroups'])) { continue; } // Expanded by default feature global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon; $expdisplay = ''; if (intval($category['expanded']) == 0) { $expcolimage = "collapse_collapsed.gif"; $expdisplay = "display: none;"; $expaltext = "[+]"; } else { $expcolimage = "collapse.gif"; $expaltext = "[-]"; } // build icon if ($category['icon'] != '') { $category['icon'] = htmlspecialchars_uni($category['icon']); $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">'; } // sanitize html $category['description'] = htmlspecialchars_uni($category['description']); $category['name'] = htmlspecialchars_uni($category['name']); eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";"); } } else { eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop') . "\";"); } $plugins->run_hooks("newpoints_shop_end"); // output page output_page($page); } }
if ($mybb->settings['newpoints_main_donationsenabled'] != 1) { error($lang->newpoints_donations_disabled); } $plugins->run_hooks("newpoints_do_donate_start"); // make sure we're not trying to send a donation to ourselves $username = trim($mybb->input['username']); if ($username == $mybb->user['username']) { error($lang->newpoints_cant_donate_self); } $amount = round(floatval($mybb->input['amount']), (int) $mybb->settings['newpoints_main_decimal']); // do we have enough points? if ($amount <= 0 || $amount > $mybb->user['newpoints']) { error($lang->newpoints_invalid_amount); } // make sure we're sending points to a valid user $touser = newpoints_getuser_byname($username, 'uid,username'); if (!$touser) { error($lang->newpoints_invalid_user); } // remove points from us newpoints_addpoints($mybb->user['uid'], -$amount); // give points to user newpoints_addpoints($username, $amount, 1, 1, true); // send pm to the user if the "Send PM on donate" setting is set to Yes if ($mybb->settings['newpoints_main_donationspm'] != 0) { if ($mybb->input['reason'] != '') { newpoints_send_pm(array('subject' => $lang->newpoints_donate_subject, 'message' => $lang->sprintf($lang->newpoints_donate_message_reason, newpoints_format_points($amount), htmlspecialchars_uni($mybb->input['reason'])), 'receivepms' => 1, 'touid' => $touser['uid'])); } else { newpoints_send_pm(array('subject' => $lang->newpoints_donate_subject, 'message' => $lang->sprintf($lang->newpoints_donate_message, newpoints_format_points($amount)), 'receivepms' => 1, 'touid' => $touser['uid'])); } }