Gazelle/sections/staffpm/makedonor.php

<?
authorize();
if (!check_perms('users_give_donor')) {
	error(403);
}
if (!is_number($_POST['id']) || !is_numeric($_POST['donation_amount']) || empty($_POST['donation_currency'])) {
	error(404);
}

$ConvID = (int)$_POST['id'];

$DB->query("
	SELECT c.Subject, c.UserID, c.Level, c.AssignedToUser, c.Unread, c.Status, u.Donor
	FROM staff_pm_conversations AS c
		JOIN users_info AS u ON u.UserID = c.UserID
	WHERE ID = $ConvID");
list($Subject, $UserID, $Level, $AssignedToUser, $Unread, $Status, $Donor) = $DB->next_record();
if ($DB->record_count() == 0) {
	error(404);
}

$Message = "Thank for for helping to support the site. It's users like you who make all of this possible.";

if ((int)$Donor === 0) {
	$Message .= ' Enjoy your new love from us!';
} else {
	$Message .= ' ';
}
/*
$DB->query("
	INSERT INTO staff_pm_messages
		(UserID, SentDate, Message, ConvID)
	VALUES
		(".$LoggedUser['ID'].", '".sqltime()."', '".db_string($Message)."', $ConvID)");
*/
$DB->query("
	UPDATE staff_pm_conversations
	SET Date = '".sqltime()."',
		Unread = true,
		Status = 'Resolved',
		ResolverID = ".$LoggedUser['ID']."
	WHERE ID = $ConvID");

Donations::donate($UserID, array(
							"Source" => "Staff PM",
							"Price" => $_POST['donation_amount'],
							"Currency" => $_POST['donation_currency'],
							"Reason" => $_POST['donation_reason'],
							"SendPM" => true));

header('Location: staffpm.php');
Empty commit 2012-01-26 08:00:25 +00:00			`<?`
Empty commit 2013-08-28 23:08:41 +00:00			`authorize();`
			`if (!check_perms('users_give_donor')) {`
			`error(403);`
			`}`
Empty commit 2013-10-02 08:01:00 +00:00			`if (!is_number($_POST['id']) \|\| !is_numeric($_POST['donation_amount']) \|\| empty($_POST['donation_currency'])) {`
Empty commit 2013-08-28 23:08:41 +00:00			`error(404);`
			`}`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2013-10-23 08:01:03 +00:00			`$ConvID = (int)$_POST['id'];`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2013-10-23 08:01:03 +00:00			`$DB->query("`
			`SELECT c.Subject, c.UserID, c.Level, c.AssignedToUser, c.Unread, c.Status, u.Donor`
			`FROM staff_pm_conversations AS c`
			`JOIN users_info AS u ON u.UserID = c.UserID`
			`WHERE ID = $ConvID");`
Empty commit 2013-08-28 23:08:41 +00:00			`list($Subject, $UserID, $Level, $AssignedToUser, $Unread, $Status, $Donor) = $DB->next_record();`
			`if ($DB->record_count() == 0) {`
			`error(404);`
			`}`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2013-08-28 23:08:41 +00:00			`$Message = "Thank for for helping to support the site. It's users like you who make all of this possible.";`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2013-08-28 23:08:41 +00:00			`if ((int)$Donor === 0) {`
			`$Message .= ' Enjoy your new love from us!';`
			`} else {`
			`$Message .= ' ';`
			`}`
Empty commit 2013-10-23 08:01:03 +00:00			`/*`
			`$DB->query("`
			`INSERT INTO staff_pm_messages`
			`(UserID, SentDate, Message, ConvID)`
			`VALUES`
			`(".$LoggedUser['ID'].", '".sqltime()."', '".db_string($Message)."', $ConvID)");`
			`*/`
			`$DB->query("`
			`UPDATE staff_pm_conversations`
			`SET Date = '".sqltime()."',`
			`Unread = true,`
			`Status = 'Resolved',`
			`ResolverID = ".$LoggedUser['ID']."`
			`WHERE ID = $ConvID");`
Empty commit 2012-01-26 08:00:25 +00:00
Empty commit 2013-08-28 23:08:41 +00:00			`Donations::donate($UserID, array(`
Empty commit 2013-10-23 08:01:03 +00:00			`"Source" => "Staff PM",`
			`"Price" => $_POST['donation_amount'],`
			`"Currency" => $_POST['donation_currency'],`
			`"Reason" => $_POST['donation_reason'],`
			`"SendPM" => true));`
Empty commit 2013-08-28 23:08:41 +00:00
			`header('Location: staffpm.php');`