function requestRecommendation($user_id, $author, $email, $message) { if (!checkLock("peer")) { return 6; } $config = $GLOBALS['config']; $user_id = escape($user_id); $author = escape($author); $email = escape($email); if (!validEmail($email)) { return 1; } if (strlen($author) <= 3) { return 2; } //make sure there aren't too many recommendations already $result = mysql_query("SELECT COUNT(*) FROM recommendations WHERE user_id = '{$user_id}'"); $row = mysql_fetch_row($result); if ($row[0] >= $config['max_recommend']) { return 4; //too many recommendations } //ensure this email hasn't been asked with this user already $result = mysql_query("SELECT COUNT(*) FROM recommendations WHERE user_id = '{$user_id}' AND email = '{$email}'"); $row = mysql_fetch_row($result); if ($row[0] > 0) { return 5; //email address already asked } lockAction("peer"); //first create an instance $instance_id = customCreate(customGetCategory('recommend', true), $user_id); //insert into recommendations table $auth = escape(uid(64)); mysql_query("INSERT INTO recommendations (user_id, instance_id, author, email, auth, status, filename) VALUES ('{$user_id}', '{$instance_id}', '{$author}', '{$email}', '{$auth}', '0', '')"); $recommend_id = mysql_insert_id(); $userinfo = getUserInformation($user_id); //array (username, email address, name) //send email now $content = page_db("request_recommendation"); $content = str_replace('$USERNAME$', $userinfo[0], $content); $content = str_replace('$USEREMAIL$', $userinfo[1], $content); $content = str_replace('$NAME$', $userinfo[2], $content); $content = str_replace('$AUTHOR$', $author, $content); $content = str_replace('$EMAIL$', $email, $content); $content = str_replace('$MESSAGE$', page_convert($message), $content); $content = str_replace('$AUTH$', $auth, $content); $content = str_replace('$SUBMIT_ADDRESS$', $config['site_address'] . "/recommend.php?id={$recommend_id}&user_id={$user_id}&auth={$auth}", $content); $result = one_mail("Recommendation request", $content, $email); if ($result) { return 0; } else { return 3; } }
function createDeposit($club_id, $purchase_description, $amount) { $purchase_description = escape($purchase_description); $amount = escape($amount); //first create an instance $instance_id = customCreate(customGetCategory('purchase', true), $club_id); $curr_time = time(); //insert into purchase table mysql_query("INSERT INTO purchase_order (club_id, instance_id, status, filename, submit_time, description, amount) VALUES ('{$club_id}', '{$instance_id}', '100', '', '{$curr_time}', '{$purchase_description}', '{$amount}' )"); $purchase_id = mysql_insert_id(); mysql_query("UPDATE purchase_order SET id=id*-1 WHERE id={$purchase_id}"); mysql_query("UPDATE clubs SET money=money+{$amount} where id={$club_id}") or die(mysql_error()); if ($purchase_id) { return $purchase_id; } else { return -1; } }