function create_reward_request($id = 0, $post = array())
{
global $LANG;
/* This is not protected to CSRF attacks, just protect it where you use it */
$form = '';
if (!empty($id) || $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['Reward-ID'])) {
$form = '<div class="other_form">';
$id = empty($id) ? (int) $_POST['Reward-ID'] : $id;
$post = empty($post) ? isset($_POST['Reward'][$id]) ? (array) $_POST['Reward'][$id] : '' : $post;
try {
\user\main::get_reward($id, $post);
$form .= '<div class="success">' . $LANG['claim_reward_success'] . '</div>';
unset($_POST);
} catch (Exception $e) {
$form .= '<div class="error">' . $e->getMessage() . '</div>';
}
$form .= '</div>';
}
return $form;
}
