function requestPayout()
{
// Globals
global $MySelf;
global $DB;
global $TIMEMARK;
// How much overdraft are we allowed?
$overdraft = 100 * 1000000;
// 100m
$overdraftlimit = false;
// How much isk we got?
$MyCredits = getCredits($MySelf->getID());
// Is this a number?
if (!is_numeric($_POST[amount])) {
makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?");
}
// We are requesting a POSITIVE amount, right?
if (!numericCheckBool($_POST[amount], 0)) {
makeNotice("You can only request positive amounts of ISK. If you want money, go work for it.", "notice", "This aint no charity", "index.php?action=manageWallet", "But i got women and children to feed...");
}
// So, can we afford it?
if ($overdraft <= 0 && !numericCheckBool($_POST[amount], 1, $MyCredits)) {
makeNotice("You can only request a payment up to " . number_format($MyCredits) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - $MyCredits, 2) . " ISK more than you can afford.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]");
}
// Allow an overdraft, but not too much
if ($overdraft > 0 && $overdraftlimit && !numericCheckBool($_POST[amount], 1, $MyCredits + $overdraft)) {
makeNotice("You can only request a payment up to " . number_format($MyCredits + $overdraft) . " ISK. You requested " . number_format($_POST[amount]) . " ISK. Thats " . number_format($_POST[amount] - ($MyCredits + $overdraft), 2) . " ISK more than you are allowed.", "warning", "Too big of a payout.", "index.php?action=manageWallet", "[Cancel]");
}
// We sure?
confirm("Please confirm your payout request of " . number_format($_POST[amount], 2) . " ISK.");
// Ok, do it.
$DB->query("INSERT INTO payoutRequests (time, applicant, amount) VALUES (?,?,?)", array($TIMEMARK, $MySelf->getID(), $_POST[amount]));
if ($DB->affectedRows() == 1) {
mailUser("We are notifying you that " . $MySelf->getUsername() . " has requested a payout of " . number_format($_POST[amount], 2) . " ISK", "WHB Payout Requested", "isAccountant");
makeNotice("You request has been logged. An accountant will soon honor your request.", "notice", "Request logged", "index.php?action=manageWallet", "[OK]");
} else {
makeNotice("Internal Error! Unable to record your request into the database! Inform the admin!", "error", "Internal Error!", "index.php?action=manageWallet", "[cancel]");
}
}
//no user with same email, insert user
$db->query("INSERT INTO " . $DATABASE . ".users \n\t (email, password, first_name, last_name, zip, phone, mailing, activation)\n\t VALUES(" . implode(", ", $options) . ")");
head();
?>
<ection class="content">
<div class="container">
<h1>Registration Successful!</h1>
<p>Please check your email for a verification message. You are not able to sign up
for classes until you have verified your email</p>
</div>
</ection>
<?php
tail();
mailUser($_POST['email'], $veriRaw);
} else {
//A user was found, stop the registration
error("Account Already Exists", "The email " . $email . "is aready in use");
}
//verifies a user's mailing code against the database
function verifyUser($email, $code, $DATABASE)
{
$db = new DB();
$exists = $db->select("SELECT * \n\t FROM " . $DATABASE . ".users \n\t WHERE email = " . $db->quote($email) . " AND activation = " . $db->quote($code));
if (empty($exists[0])) {
error("Invalid Verification", "Your verification is invalid. You might already be verified.");
} else {
//TODO this is copied into preferences for updateing email
if (preg_match("/((@uw\\.edu)|(@u\\.washington\\.edu))/i", $exists[0]["email"])) {
$netid = substr($exists[0]["email"], 0, strpos($exists[0]["email"], "@"));
function addEventToDB()
{
global $MySelf;
global $DB;
// is the events module active?
if (!getConfig("events")) {
makeNotice("The admin has deactivated the events module.", "warning", "Module not active");
}
// Are we allowed to add Events?
if (!$MySelf->canEditEvents()) {
makeNotice("You are not allowed to add events!", "error", "Forbidden!");
}
// Do we have a short description?
if (empty($_POST[sdescr])) {
makeNotice("You need to supply a short description!", "error", "Important field missing!");
}
// Do we have an officer?
if (empty($_POST[officer])) {
makeNotice("You need to supply who is in command!", "error", "Important field missing!");
}
// Choose which supplied officer we use.
if (!empty($_POST[officer2])) {
sanitize($officer = sanitize($_POST[officer2]));
} else {
sanitize($officer = sanitize($_POST[officer]));
}
// Choose which system we use.
if (!empty($_POST[system2])) {
$system = strtolower($_POST[system2]);
} else {
$system = strtolower($_POST[system]);
}
// Check that we still have a valid systemname.
if (empty($system)) {
makeNotice("No valid Systemname found! Please go back, and try again.", "warning", "No system name", "index.php?action=addevent", "[cancel]");
}
// Do we have an ETD?
if (empty($_POST[dur])) {
makeNotice("You need to tell me the guessed runtime!", "error", "Important field missing!");
}
// Collateral?
if (!is_numeric($_POST[collateral]) && $_POST[collateral] < 0) {
makeNotice("You need to supply a valid collateral!", "error", "Important field missing!");
}
// Do we have an ETD?
if ($_POST[payment] < 0) {
makeNotice("You need to give the folks some money!", "error", "Important field missing!");
}
// Startting time goodness.
$myTime = array("day" => "{$_POST['ST_day']}", "month" => "{$_POST['ST_month']}", "year" => "{$_POST['ST_year']}", "hour" => "{$_POST['ST_hour']}", "minute" => "{$_POST['ST_minute']}");
$starttime = humanTime("toUnix", $myTime);
// is the time valid?
if (!$starttime) {
makeNotice("Invalid time supplied!", "error", "Invalid Time!");
}
// Lets see what ships are required.
$SHIPTYPES = array("shuttles", "frigates", "destroyers", "cruisers", "bcruiser", "scruiser", "bship", "dread", "carrier", "titan", "barges", "indies", "freighter", "jfreighter", "exhumer");
foreach ($SHIPTYPES as $ship) {
if ($_POST[$ship] == "on") {
$wantedships[] = $ship;
}
}
$ships = serialize($wantedships);
$p = $DB->query("INSERT INTO events (sdesc, officer, system, security, type, starttime, " . "duration, difficulty, payment, collateral, notes, ships)\r\n\t values (?,?,?,?,?,?,?,?,?,?,?,?)", array(sanitize($_POST[sdescr]), $officer, $system, sanitize($_POST[security]), sanitize($_POST[type]), sanitize($starttime), sanitize($_POST[dur]), sanitize($_POST[difficulty]), sanitize($_POST[payment]), sanitize($_POST[collateral]), sanitize($_POST[notes]), "{$ships}"));
if ($DB->affectedRows() == 1) {
// Prepare the announcement email.
global $SITENAME;
global $VERSION;
global $URL;
// Bloody hack to get latest ID. No one will ever know. ;)
$lastID = $DB->getCol("SELECT max(ID) from events;");
$risks = array("No risk involved.", "Only inferior forces suspected.", "Somewhat risky.", "Moderate risk.", "Extreme risks are involved.", "No survivors expected.");
$risk_index = $_POST[difficulty];
// Fix the template up.
$email = str_replace("{{ID}}", str_pad("{$lastID['0']}", "5", "0", STR_PAD_LEFT), getTemplate("newevent", "email"));
$email = str_replace("{{SDESCR}}", $_POST[sdescr], $email);
$email = str_replace("{{TYPE}}", $_POST[type], $email);
// In case of a numeric value we have to translate that into plain english.
if (is_numeric($_POST[officer])) {
$officer = idToUsername($_POST[officer]);
} else {
$officer = sanitze($_POST[officer]);
}
$email = str_replace("{{FLAGOFFICER}}", ucfirst($officer), $email);
$email = str_replace("{{SYSTEM}}", $_POST[system], $email);
$email = str_replace("{{SECURITY}}", $_POST[security], $email);
$email = str_replace("{{STARTTIME}}", date("d.m.y H:i:s", $starttime), $email);
$email = str_replace("{{DURATION}}", $_POST[dur], $email);
$email = str_replace("{{RISK}}", $risks[$risk_index], $email);
$email = str_replace("{{PAYMENT}}", $_POST[payment], $email);
$email = str_replace("{{COLLATERAL}}", number_format($_POST[collateral], 2), $email);
$email = str_replace("{{NOTES}}", $_POST[notes], $email);
$email = str_replace("{{SITENAME}}", $SITENAME, $email);
$email = str_replace("{{URL}}", $URL, $email);
$email = str_replace("{{VERSION}}", $VERSION, $email);
// mail the user.
mailUser($email, "New event added!");
// Tell the admin what we did.
makeNotice("Event added to the database and users who are opt-in got an email.", "notice", "New Event added.", "index.php?action=showevents", "[OK]");
} else {
makeNotice("Something went horribly wrong! AIEE!!", "error", "Mummy!");
}
}