authorize(auth::getCurrentUserId(), auth::getAccessToken())) {
header('Location: /');
}
$gift_id = 0;
$gift_info = array();
$gifts = new gift($dbo);
$gifts->setRequestFrom(auth::getCurrentUserId());
if (isset($_GET['gift_id'])) {
$gift_id = isset($_GET['gift_id']) ? $_GET['gift_id'] : 0;
$gift_id = helper::clearInt($gift_id);
$gift_info = $gifts->db_info($gift_id);
if ($gift_info['error'] === true) {
header("Location: /");
exit;
}
}
$profileId = $helper->getUserId($request[0]);
$user = new profile($dbo, $profileId);
$user->setRequestFrom(auth::getCurrentUserId());
$profileInfo = $user->get();
if ($profileInfo['error'] === true) {
include_once("../html/error.inc.php");
exit;
}
if ($profileInfo['state'] != ACCOUNT_STATE_ENABLED) {
include_once("../html/stubs/profile.inc.php");
exit;
}
if ($profileInfo['accountType'] != ACCOUNT_TYPE_USER) {
header("Location: /");
exit;
}
$account = new account($dbo, auth::getCurrentUserId());
$balance = $account->getBalance();
$items_all = $gifts->count();
$items_loaded = 0;
if (!empty($_POST)) {
$g_id = isset($_POST['gift_id']) ? $_POST['gift_id'] : 0;
$g_message = isset($_POST['message']) ? $_POST['message'] : '';
$auth_token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$g_id = helper::clearInt($g_id);
$g_message = helper::clearText($g_message);
$g_message = helper::escapeText($g_message);
if ($auth_token === auth::getAuthenticityToken()) {
if ($balance == $gift_info['cost'] || $balance > $gift_info['cost']) {
$result = $gifts->send($gift_id, $profileId, $g_message);
if ($result['error'] === false) {
$account->setBalance($balance - $gift_info['cost']);
header("Location: /".$profileInfo['username']."/gifts");
exit;
}
} else {
header("Location: /account/balance");
exit;
}
}
}
$page_id = "send_gifts";
$css_files = array("main.css", "my.css", "tipsy.css", "gifts.css");
$page_title = $LANG['page-send-gift']." | ".APP_TITLE;
include_once("../html/common/header.inc.php");
auth::newAuthenticityToken();
?>
