} $vbulletin->db->query_write(fetch_query_sql($item, 'kbank_items')); $id[] = $vbulletin->db->insert_id(); } } else { if ($item['userid'] == 0) { $item['status'] = KBANK_ITEM_SELLING_UNLIMIT; $vbulletin->db->query_write(fetch_query_sql($item, 'kbank_items')); $id[] = $vbulletin->db->insert_id(); } else { print_stop_message('kbank_unlimit_to_user'); } } } logkBankAction('admin_item_update', count($id), array('id' => implode(',', $id), 'itemtypeid' => $item['type'])); updateWarningItem(); if ($edit) { define('CP_REDIRECT', 'kbankadmin.php?do=item_man'); print_stop_message('kbank_item_saved', $itemtype['name'], implode(',', $id)); } else { if ($vbulletin->GPC['addmore']) { if ($vbulletin->GPC['addmore'] == 2) { define('CP_REDIRECT', 'kbankadmin.php?do=item_update&itemtypeid=' . $itemtype['itemtypeid'] . '&auction=' . $vbulletin->GPC['auction']); } else { define('CP_REDIRECT', 'kbankadmin.php?do=item_update'); } } else { define('CP_REDIRECT', 'kbankadmin.php?do=item_man'); } print_stop_message('kbank_item_added', $itemtype['name'], implode(',', $id)); }
function doAction($action) { global $vbulletin, $vbphrase, $userinfo; //to be override if (!$userinfo) { $userinfo =& $vbulletin->userinfo; } if ($action == 'buy') { if ($olditem = $vbulletin->db->query_first("\n\t\t\t\t\tSELECT *\n\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items`\n\t\t\t\t\tWHERE type = {$this->data['type']}\n\t\t\t\t\t\tAND userid = {$userinfo['userid']}\n\t\t\t\t\t\tAND (status > " . KBANK_ITEM_AVAILABLE . "\n\t\t\t\t\t\t\tOR status = " . KBANK_ITEM_DELETED . ")\n\t\t\t\t\tORDER BY create_time DESC\n\t\t\t\t\tLIMIT 1\n\t\t\t\t")) { //Search for an old item with same itemtype have been used/enabled or even deleted $options = unserialize($olditem['options']); if (is_array($options)) { foreach ($options as $key => $value) { if (!in_array($key, array('duration', 'bids', 'expire_time_bidding', 'approved', 'edit_time')) and !isset($this->data['options'][$key])) { $this->data['options'][$key] = $value; } } } $this->data['options']['enabled'] = null; } if (isset($this->data['options']['sold_counter'])) { $this->data['options']['sold_counter'] = null; //clear sold counter } if (isset($this->data['options']['receiver'])) { $this->data['options']['receiver'] = null; //clear receiver } if (is_array($this->data['options'])) { $this->data['options'] = serialize($this->data['options']); } $this->data['status'] = KBANK_ITEM_AVAILABLE; //IMPORTANT! $this->data['userid'] = $userinfo['userid']; //IMPORTANT! } if ($action == 'bid') { //This action change database directly //Permission checking if ($this->data['status'] != KBANK_ITEM_BIDDING or !havePerm($userinfo, KBANK_PERM_COMPANY, true) or $this->data['expire_time'] < TIMENOW) { return KBANK_ERROR_NO_PERM; } $bid = $vbulletin->GPC['bid'][$this->data['itemid']]; $highestBid = $this->highestBid(); if ($bid <= $this->data['price']) { //User place bid lower than what we have got if ($bid == $this->data['price'] and !count($highestBid)) { //if this is the first, he/she can bid with amount of default bid } else { return fetch_error('kbank_item_bid_lower', vb_number_format($this->data['price'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']); } } if (count($highestBid) and $bid - $highestBid['bid'] < $vbulletin->kbank['bidStep']) { return fetch_error('kbank_item_bid_step', vb_number_format($highestBid['bid'], $vbulletin->kbank['roundup']), vb_number_format($vbulletin->kbank['bidStep'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']); } if (!isset($this->data['options']['bids'])) { $this->data['options']['bids'] = array(); } //Calculating bidding-fee $paid = 0; $fee = calcTransferTax($bid, $vbulletin->kbank['ItemBidFee']); foreach ($this->data['options']['bids'] as $record) { if ($record['userid'] == $userinfo['userid']) { $paid += $record['paid']; } } $need2paid = $fee - $paid; $result = transferMoney($userinfo['userid'], $this->data['userid'], $need2paid, 'bid_' . $this->data['itemid'], $userinfo[$vbulletin->kbank['field']], true, false, KBANK_NO_TAX, false, 0, array('banklogs_itemname' => iif($this->data['userid'] == 0, 'items', 'other'))); if ($result !== true) { return $result; } $this->data['options']['bids'][] = array('userid' => $userinfo['userid'], 'username' => $userinfo['username'], 'bid' => $bid, 'bid_time' => TIMENOW, 'paid' => $need2paid); $item_new = array('price' => $bid, 'options' => serialize($this->data['options'])); //Do database change $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); //updateWarningItem(); - done by main script return true; } if ($action == 'bid_expired') { //Bidding expired //Permission check - for safe if ($this->data['status'] == KBANK_ITEM_BIDDING and $this->data['expire_time'] < TIMENOW) { if (($vbulletin->kbank['BidWinnerBuyAfter'] === false or TIMENOW < $this->data['expire_time'] + $vbulletin->kbank['BidWinnerBuyAfter']) and count($this->highestBid())) { //If there is a highest bid we will specified receiver! $this->data['options']['receiver'] = array($this->highestBid()); } $this->data['status'] = KBANK_ITEM_SELLING; if ($this->data['options']['expire_time_bidding'] > 0) { $this->data['expire_time'] = $this->data['expire_time'] + $this->data['options']['expire_time_bidding']; } else { $this->data['expire_time'] = $this->data['options']['expire_time_bidding']; } //We have to update old info $this->getExtraInfoReceiver(); $this->getExtraInfoExpire(); } else { return false; } } if ($action == 'approve') { //This action change database directly $kBankAdmin =& $vbulletin->userinfo; //One more permission check - just for safe if (THIS_SCRIPT != 'kbankadmin' or !havePerm($kBankAdmin, KBANK_PERM_ADMIN) or $this->data['status'] != KBANK_ITEM_PENDING) { print_stop_message('kbank_no_permission'); } if (isset($this->data['options']['approved'][$kBankAdmin['userid']])) { $do_approved = false; } else { $do_approved = true; $this->data['options']['approved'][$kBankAdmin['userid']] = $kBankAdmin['username']; } $approved = array(); foreach ($this->data['options']['approved'] as $userid => $username) { if (in_array($userid, $vbulletin->kbank['AdminIDs']) and !in_array($userid, $approved)) { $approved[] = $userid; } } if (count($approved) >= $vbulletin->kbank['requestApproval'] or count($approved) == count($vbulletin->kbank['AdminIDs'])) { //Great! Approved $item_new = array('status' => $this->data['options']['status_pending'], 'options' => serialize($this->data['options'])); } else { if ($do_approved) { //Okay but we need more $item_new = array('options' => serialize($this->data['options'])); } } if ($item_new) { //Do database change $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); } logkBankAction('admin_item_approve', $this->data['itemid']); updateWarningItem(); define('CP_REDIRECT', 'kbankadmin.php?do=item_man'); print_stop_message('kbank_item_approved'); } return true; }