1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * This page updates a user's sponsorships 19 * If an account is protected then changes are forbidden 20 * The page gets redirected back to account_page.php 21 * 22 * @package MantisBT 23 * @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 24 * @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net 25 * @link http://www.mantisbt.org 26 * 27 * @uses core.php 28 * @uses access_api.php 29 * @uses authentication_api.php 30 * @uses bug_api.php 31 * @uses config_api.php 32 * @uses form_api.php 33 * @uses gpc_api.php 34 * @uses html_api.php 35 * @uses lang_api.php 36 * @uses print_api.php 37 * @uses sponsorship_api.php 38 */ 39 40require_once( 'core.php' ); 41require_api( 'access_api.php' ); 42require_api( 'authentication_api.php' ); 43require_api( 'bug_api.php' ); 44require_api( 'config_api.php' ); 45require_api( 'form_api.php' ); 46require_api( 'gpc_api.php' ); 47require_api( 'html_api.php' ); 48require_api( 'lang_api.php' ); 49require_api( 'print_api.php' ); 50require_api( 'sponsorship_api.php' ); 51 52if( !config_get( 'enable_sponsorship' ) ) { 53 trigger_error( ERROR_SPONSORSHIP_NOT_ENABLED, ERROR ); 54} 55 56form_security_validate( 'account_sponsor_update' ); 57 58auth_ensure_user_authenticated(); 59 60$f_bug_list = gpc_get_string( 'buglist', '' ); 61$t_bug_list = explode( ',', $f_bug_list ); 62 63foreach( $t_bug_list as $t_bug ) { 64 list( $t_bug_id, $t_sponsor_id ) = explode( ':', $t_bug ); 65 $c_bug_id = (int)$t_bug_id; 66 67 bug_ensure_exists( $c_bug_id ); # dies if bug doesn't exist 68 69 access_ensure_bug_level( config_get( 'handle_sponsored_bugs_threshold' ), $c_bug_id ); # dies if user can't handle bug 70 71 $t_bug = bug_get( $c_bug_id ); 72 $t_sponsor = sponsorship_get( (int)$t_sponsor_id ); 73 74 $t_new_payment = gpc_get_int( 'sponsor_' . $c_bug_id . '_' . $t_sponsor->id, $t_sponsor->paid ); 75 if( $t_new_payment != $t_sponsor->paid ) { 76 sponsorship_update_paid( $t_sponsor_id, $t_new_payment ); 77 } 78} 79 80form_security_purge( 'account_sponsor_update' ); 81 82$t_redirect_url = 'account_sponsor_page.php'; 83layout_page_header( null, $t_redirect_url ); 84 85layout_page_begin(); 86 87html_operation_successful( $t_redirect_url, lang_get( 'payment_updated' ) ); 88 89layout_page_end(); 90