Chris@76: $user_profile[$memID]['is_activated'] >= 10 ? 11 : 1, 'validation_code' => '')); Chris@76: Chris@76: // If we are doing approval, update the stats for the member just in case. Chris@76: if (in_array($user_profile[$memID]['is_activated'], array(3, 4, 13, 14))) Chris@76: updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 1 ? $modSettings['unapprovedMembers'] - 1 : 0))); Chris@76: Chris@76: // Make sure we update the stats too. Chris@76: updateStats('member', false); Chris@76: } Chris@76: Chris@76: // Leave it be... Chris@76: redirectexit('action=profile;u=' . $memID . ';area=summary'); Chris@76: } Chris@76: Chris@76: // Issue/manage a users warning status. Chris@76: function issueWarning($memID) Chris@76: { Chris@76: global $txt, $scripturl, $modSettings, $user_info, $mbname; Chris@76: global $context, $cur_profile, $memberContext, $smcFunc, $sourcedir; Chris@76: Chris@76: // Get all the actual settings. Chris@76: list ($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']); Chris@76: Chris@76: // This stores any legitimate errors. Chris@76: $issueErrors = array(); Chris@76: Chris@76: // Doesn't hurt to be overly cautious. Chris@76: if (empty($modSettings['warning_enable']) || ($context['user']['is_owner'] && !$cur_profile['warning']) || !allowedTo('issue_warning')) Chris@76: fatal_lang_error('no_access', false); Chris@76: Chris@76: // Make sure things which are disabled stay disabled. Chris@76: $modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110; Chris@76: $modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110; Chris@76: $modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110; Chris@76: Chris@76: $context['warning_limit'] = allowedTo('admin_forum') ? 0 : $modSettings['user_limit']; Chris@76: $context['member']['warning'] = $cur_profile['warning']; Chris@76: $context['member']['name'] = $cur_profile['real_name']; Chris@76: Chris@76: // What are the limits we can apply? Chris@76: $context['min_allowed'] = 0; Chris@76: $context['max_allowed'] = 100; Chris@76: if ($context['warning_limit'] > 0) Chris@76: { Chris@76: // Make sure we cannot go outside of our limit for the day. Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT SUM(counter) Chris@76: FROM {db_prefix}log_comments Chris@76: WHERE id_recipient = {int:selected_member} Chris@76: AND id_member = {int:current_member} Chris@76: AND comment_type = {string:warning} Chris@76: AND log_time > {int:day_time_period}', Chris@76: array( Chris@76: 'current_member' => $user_info['id'], Chris@76: 'selected_member' => $memID, Chris@76: 'day_time_period' => time() - 86400, Chris@76: 'warning' => 'warning', Chris@76: ) Chris@76: ); Chris@76: list ($current_applied) = $smcFunc['db_fetch_row']($request); Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: $context['min_allowed'] = max(0, $cur_profile['warning'] - $current_applied - $context['warning_limit']); Chris@76: $context['max_allowed'] = min(100, $cur_profile['warning'] - $current_applied + $context['warning_limit']); Chris@76: } Chris@76: Chris@76: // Defaults. Chris@76: $context['warning_data'] = array( Chris@76: 'reason' => '', Chris@76: 'notify' => '', Chris@76: 'notify_subject' => '', Chris@76: 'notify_body' => '', Chris@76: ); Chris@76: Chris@76: // Are we saving? Chris@76: if (isset($_POST['save'])) Chris@76: { Chris@76: // Security is good here. Chris@76: checkSession('post'); Chris@76: Chris@76: // This cannot be empty! Chris@76: $_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : ''; Chris@76: if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) Chris@76: $issueErrors[] = 'warning_no_reason'; Chris@76: $_POST['warn_reason'] = $smcFunc['htmlspecialchars']($_POST['warn_reason']); Chris@76: Chris@76: // If the value hasn't changed it's either no JS or a real no change (Which this will pass) Chris@76: if ($_POST['warning_level'] == 'SAME') Chris@76: $_POST['warning_level'] = $_POST['warning_level_nojs']; Chris@76: Chris@76: $_POST['warning_level'] = (int) $_POST['warning_level']; Chris@76: $_POST['warning_level'] = max(0, min(100, $_POST['warning_level'])); Chris@76: if ($_POST['warning_level'] < $context['min_allowed']) Chris@76: $_POST['warning_level'] = $context['min_allowed']; Chris@76: elseif ($_POST['warning_level'] > $context['max_allowed']) Chris@76: $_POST['warning_level'] = $context['max_allowed']; Chris@76: Chris@76: // Do we actually have to issue them with a PM? Chris@76: $id_notice = 0; Chris@76: if (!empty($_POST['warn_notify']) && empty($issueErrors)) Chris@76: { Chris@76: $_POST['warn_sub'] = trim($_POST['warn_sub']); Chris@76: $_POST['warn_body'] = trim($_POST['warn_body']); Chris@76: if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) Chris@76: $issueErrors[] = 'warning_notify_blank'; Chris@76: // Send the PM? Chris@76: else Chris@76: { Chris@76: require_once($sourcedir . '/Subs-Post.php'); Chris@76: $from = array( Chris@76: 'id' => 0, Chris@76: 'name' => $context['forum_name'], Chris@76: 'username' => $context['forum_name'], Chris@76: ); Chris@76: sendpm(array('to' => array($memID), 'bcc' => array()), $_POST['warn_sub'], $_POST['warn_body'], false, $from); Chris@76: Chris@76: // Log the notice! Chris@76: $smcFunc['db_insert']('', Chris@76: '{db_prefix}log_member_notices', Chris@76: array( Chris@76: 'subject' => 'string-255', 'body' => 'string-65534', Chris@76: ), Chris@76: array( Chris@76: $smcFunc['htmlspecialchars']($_POST['warn_sub']), $smcFunc['htmlspecialchars']($_POST['warn_body']), Chris@76: ), Chris@76: array('id_notice') Chris@76: ); Chris@76: $id_notice = $smcFunc['db_insert_id']('{db_prefix}log_member_notices', 'id_notice'); Chris@76: } Chris@76: } Chris@76: Chris@76: // Just in case - make sure notice is valid! Chris@76: $id_notice = (int) $id_notice; Chris@76: Chris@76: // What have we changed? Chris@76: $level_change = $_POST['warning_level'] - $cur_profile['warning']; Chris@76: Chris@76: // No errors? Proceed! Only log if you're not the owner. Chris@76: if (empty($issueErrors)) Chris@76: { Chris@76: // Log what we've done! Chris@76: if (!$context['user']['is_owner']) Chris@76: $smcFunc['db_insert']('', Chris@76: '{db_prefix}log_comments', Chris@76: array( Chris@76: 'id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'id_recipient' => 'int', 'recipient_name' => 'string-255', Chris@76: 'log_time' => 'int', 'id_notice' => 'int', 'counter' => 'int', 'body' => 'string-65534', Chris@76: ), Chris@76: array( Chris@76: $user_info['id'], $user_info['name'], 'warning', $memID, $cur_profile['real_name'], Chris@76: time(), $id_notice, $level_change, $_POST['warn_reason'], Chris@76: ), Chris@76: array('id_comment') Chris@76: ); Chris@76: Chris@76: // Make the change. Chris@76: updateMemberData($memID, array('warning' => $_POST['warning_level'])); Chris@76: Chris@76: // Leave a lovely message. Chris@76: $context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success']; Chris@76: } Chris@76: else Chris@76: { Chris@76: // Get the base stuff done. Chris@76: loadLanguage('Errors'); Chris@76: $context['custom_error_title'] = $txt['profile_warning_errors_occured']; Chris@76: Chris@76: // Fill in the suite of errors. Chris@76: $context['post_errors'] = array(); Chris@76: foreach ($issueErrors as $error) Chris@76: $context['post_errors'][] = $txt[$error]; Chris@76: Chris@76: // Try to remember some bits. Chris@76: $context['warning_data'] = array( Chris@76: 'reason' => $_POST['warn_reason'], Chris@76: 'notify' => !empty($_POST['warn_notify']), Chris@76: 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', Chris@76: 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '', Chris@76: ); Chris@76: } Chris@76: Chris@76: // Show the new improved warning level. Chris@76: $context['member']['warning'] = $_POST['warning_level']; Chris@76: } Chris@76: Chris@76: $context['page_title'] = $txt['profile_issue_warning']; Chris@76: Chris@76: // Work our the various levels. Chris@76: $context['level_effects'] = array( Chris@76: 0 => $txt['profile_warning_effect_none'], Chris@76: $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], Chris@76: $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], Chris@76: $modSettings['warning_mute'] => $txt['profile_warning_effect_mute'], Chris@76: ); Chris@76: $context['current_level'] = 0; Chris@76: foreach ($context['level_effects'] as $limit => $dummy) Chris@76: if ($context['member']['warning'] >= $limit) Chris@76: $context['current_level'] = $limit; Chris@76: Chris@76: // Load up all the old warnings - count first! Chris@76: $context['total_warnings'] = list_getUserWarningCount($memID); Chris@76: Chris@76: // Make the page index. Chris@76: $context['start'] = (int) $_REQUEST['start']; Chris@76: $perPage = (int) $modSettings['defaultMaxMessages']; Chris@76: $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=issuewarning', $context['start'], $context['total_warnings'], $perPage); Chris@76: Chris@76: // Now do the data itself. Chris@76: $context['previous_warnings'] = list_getUserWarnings($context['start'], $perPage, 'log_time DESC', $memID); Chris@76: Chris@76: // Are they warning because of a message? Chris@76: if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) Chris@76: { Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT subject Chris@76: FROM {db_prefix}messages AS m Chris@76: INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board) Chris@76: WHERE id_msg = {int:message} Chris@76: AND {query_see_board} Chris@76: LIMIT 1', Chris@76: array( Chris@76: 'message' => (int) $_REQUEST['msg'], Chris@76: ) Chris@76: ); Chris@76: if ($smcFunc['db_num_rows']($request) != 0) Chris@76: { Chris@76: $context['warning_for_message'] = (int) $_REQUEST['msg']; Chris@76: list ($context['warned_message_subject']) = $smcFunc['db_fetch_row']($request); Chris@76: } Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: } Chris@76: Chris@76: // Didn't find the message? Chris@76: if (empty($context['warning_for_message'])) Chris@76: { Chris@76: $context['warning_for_message'] = 0; Chris@76: $context['warned_message_subject'] = ''; Chris@76: } Chris@76: Chris@76: // Any custom templates? Chris@76: $context['notification_templates'] = array(); Chris@76: Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT recipient_name AS template_title, body Chris@76: FROM {db_prefix}log_comments Chris@76: WHERE comment_type = {string:warntpl} Chris@76: AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})', Chris@76: array( Chris@76: 'warntpl' => 'warntpl', Chris@76: 'generic' => 0, Chris@76: 'current_member' => $user_info['id'], Chris@76: ) Chris@76: ); Chris@76: while ($row = $smcFunc['db_fetch_assoc']($request)) Chris@76: { Chris@76: // If we're not warning for a message skip any that are. Chris@76: if (!$context['warning_for_message'] && strpos($row['body'], '{MESSAGE}') !== false) Chris@76: continue; Chris@76: Chris@76: $context['notification_templates'][] = array( Chris@76: 'title' => $row['template_title'], Chris@76: 'body' => $row['body'], Chris@76: ); Chris@76: } Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: // Setup the "default" templates. Chris@76: foreach (array('spamming', 'offence', 'insulting') as $type) Chris@76: $context['notification_templates'][] = array( Chris@76: 'title' => $txt['profile_warning_notify_title_' . $type], Chris@76: 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($context['warning_for_message']) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]), Chris@76: ); Chris@76: Chris@76: // Replace all the common variables in the templates. Chris@76: foreach ($context['notification_templates'] as $k => $name) Chris@76: $context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $context['warning_for_message'] . ']' . un_htmlspecialchars($context['warned_message_subject']) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => $txt['regards_team'])); Chris@76: } Chris@76: Chris@76: // Get the number of warnings a user has. Chris@76: function list_getUserWarningCount($memID) Chris@76: { Chris@76: global $smcFunc; Chris@76: Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT COUNT(*) Chris@76: FROM {db_prefix}log_comments Chris@76: WHERE id_recipient = {int:selected_member} Chris@76: AND comment_type = {string:warning}', Chris@76: array( Chris@76: 'selected_member' => $memID, Chris@76: 'warning' => 'warning', Chris@76: ) Chris@76: ); Chris@76: list ($total_warnings) = $smcFunc['db_fetch_row']($request); Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: return $total_warnings; Chris@76: } Chris@76: Chris@76: // Get the data about a users warnings. Chris@76: function list_getUserWarnings($start, $items_per_page, $sort, $memID) Chris@76: { Chris@76: global $smcFunc, $scripturl; Chris@76: Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT IFNULL(mem.id_member, 0) AS id_member, IFNULL(mem.real_name, lc.member_name) AS member_name, Chris@76: lc.log_time, lc.body, lc.counter, lc.id_notice Chris@76: FROM {db_prefix}log_comments AS lc Chris@76: LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lc.id_member) Chris@76: WHERE lc.id_recipient = {int:selected_member} Chris@76: AND lc.comment_type = {string:warning} Chris@76: ORDER BY ' . $sort . ' Chris@76: LIMIT ' . $start . ', ' . $items_per_page, Chris@76: array( Chris@76: 'selected_member' => $memID, Chris@76: 'warning' => 'warning', Chris@76: ) Chris@76: ); Chris@76: $previous_warnings = array(); Chris@76: while ($row = $smcFunc['db_fetch_assoc']($request)) Chris@76: { Chris@76: $previous_warnings[] = array( Chris@76: 'issuer' => array( Chris@76: 'id' => $row['id_member'], Chris@76: 'link' => $row['id_member'] ? ('' . $row['member_name'] . '') : $row['member_name'], Chris@76: ), Chris@76: 'time' => timeformat($row['log_time']), Chris@76: 'reason' => $row['body'], Chris@76: 'counter' => $row['counter'] > 0 ? '+' . $row['counter'] : $row['counter'], Chris@76: 'id_notice' => $row['id_notice'], Chris@76: ); Chris@76: } Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: return $previous_warnings; Chris@76: } Chris@76: Chris@76: // Present a screen to make sure the user wants to be deleted Chris@76: function deleteAccount($memID) Chris@76: { Chris@76: global $txt, $context, $user_info, $modSettings, $cur_profile, $smcFunc; Chris@76: Chris@76: if (!$context['user']['is_owner']) Chris@76: isAllowedTo('profile_remove_any'); Chris@76: elseif (!allowedTo('profile_remove_any')) Chris@76: isAllowedTo('profile_remove_own'); Chris@76: Chris@76: // Permissions for removing stuff... Chris@76: $context['can_delete_posts'] = !$context['user']['is_owner'] && allowedTo('moderate_forum'); Chris@76: Chris@76: // Can they do this, or will they need approval? Chris@76: $context['needs_approval'] = $context['user']['is_owner'] && !empty($modSettings['approveAccountDeletion']) && !allowedTo('moderate_forum'); Chris@76: $context['page_title'] = $txt['deleteAccount'] . ': ' . $cur_profile['real_name']; Chris@76: } Chris@76: Chris@76: function deleteAccount2($profile_vars, $post_errors, $memID) Chris@76: { Chris@76: global $user_info, $sourcedir, $context, $cur_profile, $modSettings, $smcFunc; Chris@76: Chris@76: // Try get more time... Chris@76: @set_time_limit(600); Chris@76: Chris@76: // !!! Add a way to delete pms as well? Chris@76: Chris@76: if (!$context['user']['is_owner']) Chris@76: isAllowedTo('profile_remove_any'); Chris@76: elseif (!allowedTo('profile_remove_any')) Chris@76: isAllowedTo('profile_remove_own'); Chris@76: Chris@76: checkSession(); Chris@76: Chris@76: $old_profile = &$cur_profile; Chris@76: Chris@76: // Too often, people remove/delete their own only account. Chris@76: if (in_array(1, explode(',', $old_profile['additional_groups'])) || $old_profile['id_group'] == 1) Chris@76: { Chris@76: // Are you allowed to administrate the forum, as they are? Chris@76: isAllowedTo('admin_forum'); Chris@76: Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT id_member Chris@76: FROM {db_prefix}members Chris@76: WHERE (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0) Chris@76: AND id_member != {int:selected_member} Chris@76: LIMIT 1', Chris@76: array( Chris@76: 'admin_group' => 1, Chris@76: 'selected_member' => $memID, Chris@76: ) Chris@76: ); Chris@76: list ($another) = $smcFunc['db_fetch_row']($request); Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: if (empty($another)) Chris@76: fatal_lang_error('at_least_one_admin', 'critical'); Chris@76: } Chris@76: Chris@76: // This file is needed for the deleteMembers function. Chris@76: require_once($sourcedir . '/Subs-Members.php'); Chris@76: Chris@76: // Do you have permission to delete others profiles, or is that your profile you wanna delete? Chris@76: if ($memID != $user_info['id']) Chris@76: { Chris@76: isAllowedTo('profile_remove_any'); Chris@76: Chris@76: // Now, have you been naughty and need your posts deleting? Chris@76: // !!! Should this check board permissions? Chris@76: if ($_POST['remove_type'] != 'none' && allowedTo('moderate_forum')) Chris@76: { Chris@76: // Include RemoveTopics - essential for this type of work! Chris@76: require_once($sourcedir . '/RemoveTopic.php'); Chris@76: Chris@76: // First off we delete any topics the member has started - if they wanted topics being done. Chris@76: if ($_POST['remove_type'] == 'topics') Chris@76: { Chris@76: // Fetch all topics started by this user within the time period. Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT t.id_topic Chris@76: FROM {db_prefix}topics AS t Chris@76: WHERE t.id_member_started = {int:selected_member}', Chris@76: array( Chris@76: 'selected_member' => $memID, Chris@76: ) Chris@76: ); Chris@76: $topicIDs = array(); Chris@76: while ($row = $smcFunc['db_fetch_assoc']($request)) Chris@76: $topicIDs[] = $row['id_topic']; Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: // Actually remove the topics. Chris@76: // !!! This needs to check permissions, but we'll let it slide for now because of moderate_forum already being had. Chris@76: removeTopics($topicIDs); Chris@76: } Chris@76: Chris@76: // Now delete the remaining messages. Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT m.id_msg Chris@76: FROM {db_prefix}messages AS m Chris@76: INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic Chris@76: AND t.id_first_msg != m.id_msg) Chris@76: WHERE m.id_member = {int:selected_member}', Chris@76: array( Chris@76: 'selected_member' => $memID, Chris@76: ) Chris@76: ); Chris@76: // This could take a while... but ya know it's gonna be worth it in the end. Chris@76: while ($row = $smcFunc['db_fetch_assoc']($request)) Chris@76: { Chris@76: if (function_exists('apache_reset_timeout')) Chris@76: @apache_reset_timeout(); Chris@76: Chris@76: removeMessage($row['id_msg']); Chris@76: } Chris@76: $smcFunc['db_free_result']($request); Chris@76: } Chris@76: Chris@76: // Only delete this poor members account if they are actually being booted out of camp. Chris@76: if (isset($_POST['deleteAccount'])) Chris@76: deleteMembers($memID); Chris@76: } Chris@76: // Do they need approval to delete? Chris@76: elseif (empty($post_errors) && !empty($modSettings['approveAccountDeletion']) && !allowedTo('moderate_forum')) Chris@76: { Chris@76: // Setup their account for deletion ;) Chris@76: updateMemberData($memID, array('is_activated' => 4)); Chris@76: // Another account needs approval... Chris@76: updateSettings(array('unapprovedMembers' => true), true); Chris@76: } Chris@76: // Also check if you typed your password correctly. Chris@76: elseif (empty($post_errors)) Chris@76: { Chris@76: deleteMembers($memID); Chris@76: Chris@76: require_once($sourcedir . '/LogInOut.php'); Chris@76: LogOut(true); Chris@76: Chris@76: redirectExit(); Chris@76: } Chris@76: } Chris@76: Chris@76: // Function for doing all the paid subscription stuff - kinda. Chris@76: function subscriptions($memID) Chris@76: { Chris@76: global $context, $txt, $sourcedir, $modSettings, $smcFunc, $scripturl; Chris@76: Chris@76: // Load the paid template anyway. Chris@76: loadTemplate('ManagePaid'); Chris@76: loadLanguage('ManagePaid'); Chris@76: Chris@76: // Load all of the subscriptions. Chris@76: require_once($sourcedir . '/ManagePaid.php'); Chris@76: loadSubscriptions(); Chris@76: $context['member']['id'] = $memID; Chris@76: Chris@76: // Remove any invalid ones. Chris@76: foreach ($context['subscriptions'] as $id => $sub) Chris@76: { Chris@76: // Work out the costs. Chris@76: $costs = @unserialize($sub['real_cost']); Chris@76: Chris@76: $cost_array = array(); Chris@76: if ($sub['real_length'] == 'F') Chris@76: { Chris@76: foreach ($costs as $duration => $cost) Chris@76: { Chris@76: if ($cost != 0) Chris@76: $cost_array[$duration] = $cost; Chris@76: } Chris@76: } Chris@76: else Chris@76: { Chris@76: $cost_array['fixed'] = $costs['fixed']; Chris@76: } Chris@76: Chris@76: if (empty($cost_array)) Chris@76: unset($context['subscriptions'][$id]); Chris@76: else Chris@76: { Chris@76: $context['subscriptions'][$id]['member'] = 0; Chris@76: $context['subscriptions'][$id]['subscribed'] = false; Chris@76: $context['subscriptions'][$id]['costs'] = $cost_array; Chris@76: } Chris@76: } Chris@76: Chris@76: // Work out what gateways are enabled. Chris@76: $gateways = loadPaymentGateways(); Chris@76: foreach ($gateways as $id => $gateway) Chris@76: { Chris@76: $gateways[$id] = new $gateway['display_class'](); Chris@76: if (!$gateways[$id]->gatewayEnabled()) Chris@76: unset($gateways[$id]); Chris@76: } Chris@76: Chris@76: // No gateways yet? Chris@76: if (empty($gateways)) Chris@76: fatal_error($txt['paid_admin_not_setup_gateway']); Chris@76: Chris@76: // Get the current subscriptions. Chris@76: $request = $smcFunc['db_query']('', ' Chris@76: SELECT id_sublog, id_subscribe, start_time, end_time, status, payments_pending, pending_details Chris@76: FROM {db_prefix}log_subscribed Chris@76: WHERE id_member = {int:selected_member}', Chris@76: array( Chris@76: 'selected_member' => $memID, Chris@76: ) Chris@76: ); Chris@76: $context['current'] = array(); Chris@76: while ($row = $smcFunc['db_fetch_assoc']($request)) Chris@76: { Chris@76: // The subscription must exist! Chris@76: if (!isset($context['subscriptions'][$row['id_subscribe']])) Chris@76: continue; Chris@76: Chris@76: $context['current'][$row['id_subscribe']] = array( Chris@76: 'id' => $row['id_sublog'], Chris@76: 'sub_id' => $row['id_subscribe'], Chris@76: 'hide' => $row['status'] == 0 && $row['end_time'] == 0 && $row['payments_pending'] == 0, Chris@76: 'name' => $context['subscriptions'][$row['id_subscribe']]['name'], Chris@76: 'start' => timeformat($row['start_time'], false), Chris@76: 'end' => $row['end_time'] == 0 ? $txt['not_applicable'] : timeformat($row['end_time'], false), Chris@76: 'pending_details' => $row['pending_details'], Chris@76: 'status' => $row['status'], Chris@76: 'status_text' => $row['status'] == 0 ? ($row['payments_pending'] ? $txt['paid_pending'] : $txt['paid_finished']) : $txt['paid_active'], Chris@76: ); Chris@76: Chris@76: if ($row['status'] == 1) Chris@76: $context['subscriptions'][$row['id_subscribe']]['subscribed'] = true; Chris@76: } Chris@76: $smcFunc['db_free_result']($request); Chris@76: Chris@76: // Simple "done"? Chris@76: if (isset($_GET['done'])) Chris@76: { Chris@76: $_GET['sub_id'] = (int) $_GET['sub_id']; Chris@76: Chris@76: // Must exist but let's be sure... Chris@76: if (isset($context['current'][$_GET['sub_id']])) Chris@76: { Chris@76: // What are the details like? Chris@76: $current_pending = @unserialize($context['current'][$_GET['sub_id']]['pending_details']); Chris@76: if (!empty($current_pending)) Chris@76: { Chris@76: $current_pending = array_reverse($current_pending); Chris@76: foreach ($current_pending as $id => $sub) Chris@76: { Chris@76: // Just find one and change it. Chris@76: if ($sub[0] == $_GET['sub_id'] && $sub[3] == 'prepay') Chris@76: { Chris@76: $current_pending[$id][3] = 'payback'; Chris@76: break; Chris@76: } Chris@76: } Chris@76: Chris@76: // Save the details back. Chris@76: $pending_details = serialize($current_pending); Chris@76: Chris@76: $smcFunc['db_query']('', ' Chris@76: UPDATE {db_prefix}log_subscribed Chris@76: SET payments_pending = payments_pending + 1, pending_details = {string:pending_details} Chris@76: WHERE id_sublog = {int:current_subscription_id} Chris@76: AND id_member = {int:selected_member}', Chris@76: array( Chris@76: 'current_subscription_id' => $context['current'][$_GET['sub_id']]['id'], Chris@76: 'selected_member' => $memID, Chris@76: 'pending_details' => $pending_details, Chris@76: ) Chris@76: ); Chris@76: } Chris@76: } Chris@76: Chris@76: $context['sub_template'] = 'paid_done'; Chris@76: return; Chris@76: } Chris@76: // If this is confirmation then it's simpler... Chris@76: if (isset($_GET['confirm']) && isset($_POST['sub_id']) && is_array($_POST['sub_id'])) Chris@76: { Chris@76: // Hopefully just one. Chris@76: foreach ($_POST['sub_id'] as $k => $v) Chris@76: $ID_SUB = (int) $k; Chris@76: Chris@76: if (!isset($context['subscriptions'][$ID_SUB]) || $context['subscriptions'][$ID_SUB]['active'] == 0) Chris@76: fatal_lang_error('paid_sub_not_active'); Chris@76: Chris@76: // Simplify... Chris@76: $context['sub'] = $context['subscriptions'][$ID_SUB]; Chris@76: $period = 'xx'; Chris@76: if ($context['sub']['flexible']) Chris@76: $period = isset($_POST['cur'][$ID_SUB]) && isset($context['sub']['costs'][$_POST['cur'][$ID_SUB]]) ? $_POST['cur'][$ID_SUB] : 'xx'; Chris@76: Chris@76: // Check we have a valid cost. Chris@76: if ($context['sub']['flexible'] && $period == 'xx') Chris@76: fatal_lang_error('paid_sub_not_active'); Chris@76: Chris@76: // Sort out the cost/currency. Chris@76: $context['currency'] = $modSettings['paid_currency_code']; Chris@76: $context['recur'] = $context['sub']['repeatable']; Chris@76: Chris@76: if ($context['sub']['flexible']) Chris@76: { Chris@76: // Real cost... Chris@76: $context['value'] = $context['sub']['costs'][$_POST['cur'][$ID_SUB]]; Chris@76: $context['cost'] = sprintf($modSettings['paid_currency_symbol'], $context['value']) . '/' . $txt[$_POST['cur'][$ID_SUB]]; Chris@76: // The period value for paypal. Chris@76: $context['paypal_period'] = strtoupper(substr($_POST['cur'][$ID_SUB], 0, 1)); Chris@76: } Chris@76: else Chris@76: { Chris@76: // Real cost... Chris@76: $context['value'] = $context['sub']['costs']['fixed']; Chris@76: $context['cost'] = sprintf($modSettings['paid_currency_symbol'], $context['value']); Chris@76: Chris@76: // Recur? Chris@76: preg_match('~(\d*)(\w)~', $context['sub']['real_length'], $match); Chris@76: $context['paypal_unit'] = $match[1]; Chris@76: $context['paypal_period'] = $match[2]; Chris@76: } Chris@76: Chris@76: // Setup the gateway context. Chris@76: $context['gateways'] = array(); Chris@76: foreach ($gateways as $id => $gateway) Chris@76: { Chris@76: $fields = $gateways[$id]->fetchGatewayFields($context['sub']['id'] . '+' . $memID, $context['sub'], $context['value'], $period, $scripturl . '?action=profile;u=' . $memID . ';area=subscriptions;sub_id=' . $context['sub']['id'] . ';done'); Chris@76: if (!empty($fields['form'])) Chris@76: $context['gateways'][] = $fields; Chris@76: } Chris@76: Chris@76: // Bugger?! Chris@76: if (empty($context['gateways'])) Chris@76: fatal_error($txt['paid_admin_not_setup_gateway']); Chris@76: Chris@76: // Now we are going to assume they want to take this out ;) Chris@76: $new_data = array($context['sub']['id'], $context['value'], $period, 'prepay'); Chris@76: if (isset($context['current'][$context['sub']['id']])) Chris@76: { Chris@76: // What are the details like? Chris@76: $current_pending = array(); Chris@76: if ($context['current'][$context['sub']['id']]['pending_details'] != '') Chris@76: $current_pending = @unserialize($context['current'][$context['sub']['id']]['pending_details']); Chris@76: // Don't get silly. Chris@76: if (count($current_pending) > 9) Chris@76: $current_pending = array(); Chris@76: $pending_count = 0; Chris@76: // Only record real pending payments as will otherwise confuse the admin! Chris@76: foreach ($current_pending as $pending) Chris@76: if ($pending[3] == 'payback') Chris@76: $pending_count++; Chris@76: Chris@76: if (!in_array($new_data, $current_pending)) Chris@76: { Chris@76: $current_pending[] = $new_data; Chris@76: $pending_details = serialize($current_pending); Chris@76: Chris@76: $smcFunc['db_query']('', ' Chris@76: UPDATE {db_prefix}log_subscribed Chris@76: SET payments_pending = {int:pending_count}, pending_details = {string:pending_details} Chris@76: WHERE id_sublog = {int:current_subscription_item} Chris@76: AND id_member = {int:selected_member}', Chris@76: array( Chris@76: 'pending_count' => $pending_count, Chris@76: 'current_subscription_item' => $context['current'][$context['sub']['id']]['id'], Chris@76: 'selected_member' => $memID, Chris@76: 'pending_details' => $pending_details, Chris@76: ) Chris@76: ); Chris@76: } Chris@76: Chris@76: } Chris@76: // Never had this before, lovely. Chris@76: else Chris@76: { Chris@76: $pending_details = serialize(array($new_data)); Chris@76: $smcFunc['db_insert']('', Chris@76: '{db_prefix}log_subscribed', Chris@76: array( Chris@76: 'id_subscribe' => 'int', 'id_member' => 'int', 'status' => 'int', 'payments_pending' => 'int', 'pending_details' => 'string-65534', Chris@76: 'start_time' => 'int', 'vendor_ref' => 'string-255', Chris@76: ), Chris@76: array( Chris@76: $context['sub']['id'], $memID, 0, 0, $pending_details, Chris@76: time(), '', Chris@76: ), Chris@76: array('id_sublog') Chris@76: ); Chris@76: } Chris@76: Chris@76: // Change the template. Chris@76: $context['sub_template'] = 'choose_payment'; Chris@76: Chris@76: // Quit. Chris@76: return; Chris@76: } Chris@76: else Chris@76: $context['sub_template'] = 'user_subscription'; Chris@76: } Chris@76: Chris@76: ?>