modules/promotion/promotion.module

<?php
// $Id: promotion.module,v 1.14 2008/02/19 22:24:30 hanenkamp Exp $

// Size of the pager on the Promotional Codes screen
define('PROMO_CODES_PER_PAGE', 20);
define('PROMO_STAT_USERS_PER_PAGE', 50);

// Match types
define('PROMO_TYPE_EXACT', 1);
define('PROMO_TYPE_SIMPLE', 2);
define('PROMO_TYPE_ADVANCED', 3);

// Activation action
define('PROMO_ACT_IMMEDIATE', 1);
define('PROMO_ACT_ROLES_WAIT', 2);
define('PROMO_ACT_ALL_WAIT', 3);

// Expiraiton actions
define('PROMO_EXP_ACTION_DEMOTE', 1);
define('PROMO_EXP_ACTION_DEMOTE_AND_BLOCK', 2);
define('PROMO_EXP_ACTION_BLOCK', 3);
define('PROMO_EXP_ACTION_DELETE', 4);

/**
 * Implements hook_help().
 */
function promotion_help($section) {
  switch ($section) {
  case 'admin/settings/promotion':
    $output = t('Use this settings screen to set the general settings affecting all promotions on your web site.');
    break;
  }

  return $output;
}

/**
 * Implements hook_perm().
 */
function promotion_perm() {
  return array('administer promotion', 'manage promotional codes', 'access promotion statistics');
}

/**
 * Provides the main settings page.
 */
function promotion_settings() {
  $form = array();

  $user_register = variable_get('user_register', 1);

  // Disabled unless user_register == 1 or 2. I do this to avoid allowing
  // modules like Invite causing problems (Invite sets user_register = 3 to mean
  // by invitation only, which isn't compatible with this anyway)
  if ($user_register != 1 && $user_register != 2) {
    $form['disabled_message'] = array(
      '#value' => '<div class="error">'.t('Disabled. Cannot customize registration unless public registrations are allowed by visitors on the <a href="!user_settings">User settings</a> screen.', array( '!user_settings' => url('admin/user/settings') )).'</div>',
    );
  }

  // Enabled.
  else {

    // Is promotion required? Default is no.
    $form['promotion_required'] = array(
      '#type' => 'checkbox',
      '#title' => t('Require a valid promotional code to register for an account.'),
      '#default_value' => variable_get('promotion_required', 0),
    );
  }

  return system_settings_form($form);
}

/**
 * Implements hook_menu().
 */
function promotion_menu($may_cache) {
  $items = array();

  if ($may_cache) {
    // General settings page
    $items[] = array(
      'path' => 'admin/settings/promotion',
      'title' => t('Promotion settings'),
      'description' => t('Configure the general settings for the promotional code system.'),
      'callback' => 'drupal_get_form',
      'callback arguments' => 'promotion_settings',
      'access' => user_access('administer promotion'),
      'type' => MENU_NORMAL_ITEM,
    );

    // Configure available promotions
    $items[] = array(
      'path' => 'admin/user/promotion',
      'title' => t('Promotional codes'),
      'description' => t('Configure the promotional codes available for web site registration.'),
      'callback' => 'promotion_list',
      'access' => user_access('manage promotional codes'),
      'type' => MENU_NORMAL_ITEM,
    );

    // The default task of listing the promotions
    $items[] = array(
      'path' => 'admin/user/promotion/list',
      'title' => t('List'),
      'type' => MENU_DEFAULT_LOCAL_TASK,
    );

    $items[] = array(
      'path' => 'admin/user/promotion/add',
      'title' => t('New code'),
      'callback' => 'promotion_add',
      'access' => user_access('manage promotional codes'),
      'type' => MENU_LOCAL_TASK,
    );

    $items[] = array(
      'path' => 'admin/logs/promotion',
      'title' => t('Promotion Statistics'),
      'description' => t('View how popular your sign-up promotions have been.'),
      'callback' => 'promotion_statistics',
      'access' => user_access('access promotion statistics'),
      'type' => MENU_NORMAL_ITEM,
    );
  }

  else {
    if (arg(0) == 'admin' && arg(1) == 'user' && arg(2) == 'promotion' && is_numeric(arg(3))) {
      $pid = arg(3);
      $items[] = array(
        'path' => 'admin/user/promotion/' . $pid,
        'title' => t('Edit'),
        'callback' => 'promotion_edit',
        'callback arguments' => array($pid),
        'access' => user_access('manage promotional codes'),
        'type' => MENU_CALLBACK,
      );
      $items[] = array(
        'path' => 'admin/user/promotion/' . $pid . '/delete',
        'title' => t('Delete'),
        'callback' => 'drupal_get_form',
        'callback arguments' => array('promotion_delete_confirm', $pid),
        'access' => user_access('manage promotional codes'),
        'type' => MENU_CALLBACK,
      );
    }

    if (arg(0) == 'admin' && arg(1) == 'logs' && arg(2) == 'promotion' && is_numeric(arg(3))) {
      $pid    = arg(3);
      $detail = arg(4);

      $items[] = array(
        'path' => 'admin/logs/promotion/' . $pid,
        'title' => t('Promotion Statistics'),
        'callback' => 'promotion_statistics',
        'callback arguments' => array($pid, $detail),
        'access' => user_access('access promotion statistics'),
        'type' => MENU_CALLBACK,
      );
    }
  }

  return $items;
}

function promotion_list() {
  $header = array(
    array('data' => t('Name'), 'field' => 'name'),
    array('data' => t('Active'), 'field' => 'active_promotion'),
    array('data' => t('Code'), 'field' => 'simple_code'),
    array('data' => t('Start Date'), 'field' => 'start_date'),
    array('data' => t('End Date'), 'field' => 'end_date'),
    array('data' => t('Expiration'), 'field' => 'expiration_date'),
  );

  $sql = 'SELECT pid, name, active_promotion, simple_code, start_date, end_date, expiration_date FROM {promotion_codes}';
  $sql .= tablesort_sql($header);
  $result = pager_query($sql, PROMO_CODES_PER_PAGE);

  while ($promo_code = db_fetch_object($result)) {
    $rows[] = array(
      l($promo_code->name, 'admin/user/promotion/'.$promo_code->pid),
      $promo_code->active_promotion ? 'yes' : 'no',
      $promo_code->simple_code,
      $promo_code->start_date ? format_date($promo_code->start_date) : 'none',
      $promo_code->end_date ? format_date($promo_code->end_date) : 'none',
      $promo_code->expiration_date ? format_date($promo_code->expiration_date) : 'none',
    );
  }

  if (count($rows)) {
    $output = theme('table', $header, $rows);

    $pager = theme('pager', NULL, PROMO_CODES_PER_PAGE, 0);
    if (!empty($pager)) {
      $output .= $pager;
    }
  }

  else {
    $output .= '<p>'.t('No promotional codes have been created.').'</p>';
  }

  return $output;
}

function promotion_form($promotion, $form_values = NULL)  {
  if ($promotion->pid) {
    $form['pid'] = array(
      '#type' => 'value',
      '#value' => $promotion->pid,
    );
  }

  $form['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Name'),
    '#default_value' => $promotion->name,
    '#size' => 60,
    '#maxlength' => 128,
    '#required' => TRUE,
  );

  $form['description'] = array(
    '#type' => 'textarea',
    '#title' => t('Description'),
    '#default_value' => $promotion->description,
  );

  // Get the roles, but exclude anonymous and authenticated
  $roles = user_roles(1);
  $keys = array_keys($roles, 'authenticated user');
  unset($roles[$keys[0]]);

  $form['code'] = array(
    '#type' => 'fieldset',
    '#title' => t('Promotion Codes'),
    '#description' => t('These settings describe the code that is actually accepted by this promotion.'),
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );

  $form['code']['code_type'] = array(
    '#type' => 'radios',
    '#title' => t('Select a format for the promotion code'),
    '#default_value' => $promotion->code_type,
    '#options' => array(
      1 => t('<strong>Exact code.</strong> Use when you want all registrants to use the exact same code.'),
      2 => t('<strong>Simple format.</strong> Use when you have a range of codes with numbers or letters. For example, if you want to accept codes %promo_000 through %promo_999, you could use the format %promo_123.', array('%promo_000' => 'PROMO-000', '%promo_999' => 'PROMO-999', '%promo_123' => 'PROMO-[123]')),
#      3 => t('<strong>Advanced.</strong> Use custom PHP code to validate the code. Only do this if you have a complex code you want to use and know how to write PHP code.'),
    ),
    '#required' => TRUE,
  );

  $form['code']['simple_code'] = array(
    '#type' => 'textfield',
    '#title' => t('Exact or Simple code'),
    '#description' => t('If you selected <strong>Exact code</strong> above, enter that code here. If you chose <strong>Simple format</strong>, you may use [] containing letters or numbers to indicate that you accept any letter or number at that position in the code. All other letters, numbers, and symbols will be matched exactly. For example, "PROMO-[000]" would accept "PROMO-123" and "promo-123," but not "PRO-123" and not "PROMO-ABC." Promotional codes are not case sensitive.'),
    '#default_value' => $promotion->simple_code,
    '#size' => 30,
    '#maxlength' => 30,
    '#required' => TRUE,
  );

#  $form['code']['advanced_validator'] = array(
#    '#type' => 'textarea',
#    '#title' => t('Advanced Validation Code'),
#    '#description' => t('If you selected <strong>Advanced</strong> above, enter the PHP code to validate the promotional code here. The variable $code will be set to the text of the code and $user will contain the user information submitted with the user registration form.'),
#    '#default_value' => $promotion->advanced_validator,
#  );

  $form['code']['max_use_count'] = array(
    '#type' => 'select',
    '#title' => t('Select the number of times a single code may be used'),
    '#description' => t('This is the number of times a code may be used to register for an account. If you use an exact code, this allows you to have a limited number of individuals sign up under that code. If you use a range of codes using the simple code format or a custom validator, you can choose to allow each code to be used only once or more than once.'),
    '#options' => array(
      1 => 1,
      2 => 2,
      3 => 3,
      4 => 4,
      5 => 5,
      10 => 10,
      50 => 50,
      100 => 100,
      500 => 500,
      1000 => 1000,
      0 => t('unlimited'),
    ),
    '#default_value' => $promotion->max_use_count,
    '#required' => TRUE,
  );

  $form['availability'] = array(
    '#type' => 'fieldset',
    '#title' => t('Availability'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );

  $form['availability']['active_promotion'] = array(
    '#type' => 'checkbox',
    '#title' => t('Is this promotion currently available?'),
    '#description' => t('By unchecking the box, the promotion is completely deactivated. The promotion will not be available regardless of any other setting. If checked, the promotion is available as long as the current date is between the start date and the end date. <strong>WARNING:</strong> If delayed activation or account expiration are checked, any accounts that are pending activation or would expire will not while this is checked. If you want to make sure accounts expire properly, do not uncheck this box until all accounts have expired.'),
    '#default_value' => $promotion->active_promotion,
  );

  $form['availability']['start_date'] = array(
    '#type' => 'textfield',
    '#title' => t('Start date'),
    '#default_value' => $promotion->start_date ? format_date($promotion->start_date, 'custom', 'Y-m-d H:i:s') : '',
    '#description' => t('If set, specifies the first day this promotion will be accepted. If not set, the promotion is immediately available. Must be in YYYY-MM-DD format.'),
    '#attributes' => array('class' => 'jscalendar'),
  );

  $form['availability']['end_date'] = array(
    '#type' => 'textfield',
    '#title' => t('End date'),
    '#default_value' => $promotion->end_date ? format_date($promotion->end_date, 'custom', 'Y-m-d H:i:s') : '',
    '#description' => t('If set, specifies the first day this promotion is no longer accepted (i.e., it will be available until the day before). If not set, the promotion is available indefinitely. Must be in YYYY-MM-DD format.'),
    '#attributes' => array('class' => 'jscalendar'),
  );

  $form['activation'] = array(
    '#type' => 'fieldset',
    '#title' => t('Activation'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );

  $activate_when_choices = array(
    1 => t('<strong>Immediately.</strong> Other than waiting for email validation and administrator approval, the acount should be immediately activated.'),
    2 => t('<strong>Immediately, but postpone promotion.</strong> The account is activated immediately, but the roles granted by this promotion will not be granted until the activation date.'),
    3 => t('<strong>Delayed account activation.</strong> The account will not be created until after the activation date.'),
  );

  if (count($roles) == 0) {
    unset($activate_when_choices[2]);
  }

  $form['activation']['activate_when'] = array(
    '#type' => 'radios',
    '#title' => t('Accounts registered with this promotion are activated when'),
    '#options' => $activate_when_choices,
    '#default_value' => $promotion->activate_when,
  );

  $form['activation']['activation_date'] = array(
    '#type' => 'textfield',
    '#title' => t('Activation date'),
    '#default_value' => $promotion->activation_date ? format_date($promotion->activation_date, 'custom', 'Y-m-d H:i:s') : '',
    '#attributes' => array('class' => 'jscalendar'),
  );

  if (count($roles) > 0) {
    $form['activation']['promotion_roles'] = array(
      '#type' => 'checkboxes',
      '#title' => t('Select the roles registrants under this promotion receive'),
      '#description' => t('These are the roles that should be assigned to any user registering under this promotion.'),
      '#default_value' => $promotion->promotion_roles,
      '#options' => $roles,
    );
  }

  $form['expiration'] = array(
    '#type' => 'fieldset',
    '#title' => t('Expiration'),
    '#description' => t('These settings determine if accounts registered under a promotion expire and what happens to an account after the promotion expires.'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );

  $form['expiration']['accounts_expire'] = array(
    '#type' => 'checkbox',
    '#title' => t('Accounts registered with this promotion will expire.'),
    '#description' => t('If checked, accounts will be demoted, blocked, or deleted after the date given.'),
    '#default_value' => $promotion->accounts_expire,
  );

  $form['expiration']['expiration_date'] = array(
    '#type' => 'textfield',
    '#title' => t('Expiration date'),
    '#default_value' => $promotion->expiration_date ? format_date($promotion->expiration_date, 'custom', 'Y-m-d H:i:s') : '',
    '#attributes' => array('class' => 'jscalendar'),
  );

  $expiration_actions = array();
  if (count($roles) > 0) {
    $expiration_actions[1] = t('Demote the accounts');
    $expiration_actions[2] = t('Demote and block the accounts');
  }
  $expiration_actions[3] = t('Block the accounts');
  $expiration_actions[4] = t('Delete the accounts');

  $form['expiration']['expiration_action'] = array(
    '#type' => 'radios',
    '#title' => t('After expiration, take which action'),
    '#options' => $expiration_actions,
    '#default_value' => $promotion->expiration_action,
  );

  // Only show if there are custom roles available to use
  if (count($roles) > 0) {
    $form['expiration']['demotion_roles'] = array(
      '#type' => 'checkboxes',
      '#title' => t('Demotion Roles'),
      '#description' => t('These are the roles users registered with this promotion will lose if you have chosen to perform demotion on expiration.'),
      '#default_value' => $promotion->demotion_roles,
      '#options' => $roles,
    );
  }
#
#  $form['advanced'] = array(
#    '#type' => 'fieldset',
#    '#title' => t('Advanced Options'),
#    '#collapsible' => TRUE,
#    '#collapsed' => TRUE,
#  );
#
#  $form['advanced']['bypass_verification'] = array(
#    '#type' => 'checkbox',
#    '#title' => t('Registrants using this promotional code bypass email verification.'),
#    '#description' => t('If checked, an extra email field will be added to the registration form for confirmation and the user will receive a welcome message rather than a confirmation message to their inbox.'),
#    '#default_value' => $promotion->bypass_verification,
#  );
#
#  $form['advanced']['bypass_administration'] = array(
#    '#type' => 'checkbox',
#    '#title' => t('Registrants using this promotional code bypass administrator approval.'),
#    '#description' => t('If registration normally requires administrator approval, checking this box will cause registrants using this code to skip that step.'),
#    '#default_value' => $promotion->bypass_administrator,
#  );
#
#  $form['advanced']['linked_code'] = array(
#    '#type' => 'checkbox',
#    '#title' => t('Allow this promotional code to be given as a link.'),
#    '#default_value' => $promotion->linked_code,
#  );
#
#  $form['advanced']['code_link'] = array(
#    '#type' => 'textfield',
#    '#title' => t('Promotional code link'),
#    '#description' => t('A final slash and then the code must be added to the URL when sending out the links.'),
#    '#default_value' => $promotion->code_link,
#    '#field_prefix' => url(NULL, NULL, NULL, TRUE) . (variable_get('clean_url', 0) ? '' : '?q='),
#  );

  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => $promotion->pid ? t('Update') : t('Create'),
  );

  if ($promotion->pid) {
    $form['delete'] = array(
      '#type' => 'submit',
      '#value' => t('Delete'),
    );
  }

  return $form;
}

function promotion_form_validate($form_id, $form_values) {
  $op = 'create';
  $pid_clause = '';
  if (isset($form_values['pid'])) {
    $pid_clause = 'AND pid <> %d';
    $op = 'update';
  }

  // Make sure that the name is not already taken
  $result = db_query("SELECT pid FROM {promotion_codes} WHERE name = '%s' $pid_clause", $form_values['name'], $form_values['pid']);
  if (db_num_rows($result) > 0) {
    form_set_error('name', t('A promotion with that name already exists.'));
  }

  // Make sure the code is valid
  if ($form_values['code_type'] == PROMO_TYPE_SIMPLE) {
    if (!preg_match('/^(?:[^\[\]]+|\[[0-9a-zA-Z]*\])+$/', $form_values['simple_code'])) {
      form_set_error('simple_code', t('The simple code format given is not valid. Make sure you do not have an umatched "[" or "]" and that any brackets contain only letters and numbers.'));
    }
  }

  // Tests for delayed activation
  if ($form_values['activate_when'] == PROMO_ACT_ROLES_WAIT
      || $form_values['activate_when'] == PROMO_ACT_ALL_WAIT) {

    // If delayed activation is used, there must be a date
    if (!$form_values['activation_date']) {
      form_set_error('activation_date', t('Activation date is required if you have chosen to delay promotion or activation.'));
    }
  }

  // Tests for when roles are assigned late
  if ($form_values['activate_when'] == PROMO_ACT_ROLES_WAIT) {

    // If roles are going to be assigned late, there must be some roles checked
    if (array_reduce($form_values['promotion_roles'], create_function('$a,$b', 'return $a + $b;')) == 0) {
      form_set_error('promotion_roles', t('You have asked that the roles assigned be delayed. However, you have not selected any roles. Please do so before continuing.'));
    }
  }

  // Tests for when accounts expire
  if ($form_values['accounts_expire']) {

    // If accounts may expire, the expiration must be set
    if (!$form_values['expiration_date']) {
      form_set_error('expiration_date', t('Expiration date is required if accounts may expire.'));
    }

    // If accounts expire, we need to know what action to take
    if (!$form_values['expiration_action']) {
      form_set_error('expiration_action', t('The expiration action must be selected if accounts may expire.'));
    }

    // Tests for when expiration involves stripping roles from accounts
    if ($form_values['expiration_action'] == PROMO_EXP_ACTION_DEMOTE
        || $form_values['expiration_action'] == PROMO_EXP_ACTION_DEMOTE_AND_BLOCK) {

      // If roles are stripped, we must set some roles to strip  
      if (array_reduce($form_values['demotion_roles'], create_function('$a,$b', 'return $a + $b;')) == 0) {
        form_set_error('demotion_roles', t('You have asked that members registered during a promotion be demoted, but have not selected the roles they lose. Please check one or more roles before continuing.'));
      }
    }
  }

  // Make sure these are dates, if they are set
  $field_names = array(
    'start_date' => t('Start date'),
    'end_date' => t('End date'),
    'activation_date' => t('Activation date'),
    'expiration_date' => t('Expiration date'),
  );

  $now = time();
  foreach ($field_names as $date => $title) {

    // Don't bother to validate the date if it isn't even set
    if ($form_values[$date]) {
      $parsed_date = strtotime($form_values[$date]);

      // It's not a valid date, complain
      if (!$parsed_date) {
        form_set_error($date, t('The %field given is not recognized.', array( '%field' => $title )));
      }

      // The end_date and expiration_date should be in the future
      elseif ($parsed_date < $now && ($date == 'end_date' || $date == 'expiration_date')) {

        // Don't let them create this thing!
        if ($op == 'create') {
          form_set_error($date, t('The %field given is in the past and it must be in the future.', array('%field' => $title)));
        }

        // This is just a warning!
        else {
          drupal_set_message(t('The %field given is in the past and it should be in the future. You may want to go back and !edit.', array('%field' => $title, '!edit' => l(t('edit the promotion'), 'admin/user/promotion/'.$form_values['pid']))), 'error');
        }
      }
    }
  }

  // Make sure that that the expiration date is after the activation date
  if ($form_values['activate_when'] == PROMO_ACT_ROLES_WAIT
      || $form_values['activate_when'] == PROMO_ACT_ALL_WAIT) {

    $activation_date = strtotime($form_values['activation_date']);
    $expiration_date = strtotime($form_values['expiration_date']);

    if ($form_values['accounts_expire'] && $activation_date && $expiration_date) {
      if ($activation_date >= $expiration_date) {
        form_set_error('activation_date', t('The activation date must be sooner than the expiration date.'));
      }
    }
  }

  // Make sure that the end date is after the start date
  if ($form_values['start_date'] && $form_values['end_date']) {
    $start_date = strtotime($form_values['start_date']);
    $end_date = strtotime($form_values['end_date']);

    if ($start_date && $end_date && $start_date >= $end_date) {
      form_set_error('start_date', t('The start date must be sooner than the end date.'));
    }
  }

  // Make sure that the activation date comes on or after the start date
  if ($form_values['start_date'] && ($form_values['activate_when'] == PROMO_ACT_ROLES_WAIT || $form_values['activate_when'] == PROMO_ACT_ALL_WAIT) && $form_values['activation_date']) {
    $start_date = strtotime($form_values['start_date']);
    $activation_date = strtotime($form_values['activation_date']);

    if ($start_date && $activation_date && $start_date > $activation_date) {
      form_set_error('start_date', t('The start date must not be after the activation date.'));
    }
  }

  // Make sure that the expiration date comes on or after the end date
  if ($form_values['end_date'] && $form_values['accounts_expire'] && $form_values['expiration_date']) {
    $end_date = strtotime($form_values['end_date']);
    $expiration_date = strtotime($form_values['expiration_date']);

    if ($end_date && $expiration_date && $end_date > $expiration_date) {
      form_set_error('end_date', t('The end date must not be after the expiration date.'));
    }
  }
}

/**
 * Internal function for setting up the {promotion_codes_roles} table.
 */
function _promotion_update_roles($pid, $roles, $promotion) {
  db_query("DELETE FROM {promotion_codes_roles} WHERE pid = %d AND promotion = %d", $pid, $promotion);

  if (isset($roles)) {
    foreach ($roles as $role) {
      if ($role) {
        db_query("INSERT INTO {promotion_codes_roles} (pid, rid, promotion) VALUES (%d, %d, %d)", $pid, $role, $promotion);
      }
    }
  }
}

function promotion_form_submit($form_id, $form_values) {
  // Convert dates from the submitted values into seconds since the epoch
  foreach (array('start_date', 'end_date', 'expiration_date', 'activation_date') as $date) {
    if ($form_values[$date]) {
      $form_values[$date] = strtotime($form_values[$date]);
    }
    else {
      $form_values[$date] = 0;
    }
  }

  // update
  if ($form_values['pid']) {
    db_query("
      UPDATE {promotion_codes} 
      SET name = '%s', description = '%s', active_promotion = %d, 
          start_date = %d, end_date = %d, code_type = %d, simple_code = '%s',
          max_use_count = %d, accounts_expire = %d, expiration_date = %d,
          expiration_action = %d, activate_when = %d, activation_date = %d
      WHERE pid = %d", 
      $form_values['name'],
      $form_values['description'],
      $form_values['active_promotion'],
      $form_values['start_date'],
      $form_values['end_date'],
      $form_values['code_type'],
      $form_values['simple_code'],
      $form_values['max_use_count'],
      $form_values['accounts_expire'],
      $form_values['expiration_date'],
      $form_values['expiration_action'],
      $form_values['activate_when'],
      $form_values['activation_date'],
      $form_values['pid']
    );

    _promotion_update_roles($form_values['pid'], $form_values['promotion_roles'], 1);
    _promotion_update_roles($form_values['pid'], $form_values['demotion_roles'], 0);

    drupal_set_message(t('Updated a promotion.'));
  }

  // insert
  else {
    $pid = db_next_id('{promotion_codes}_pid');

    db_query("
      INSERT INTO {promotion_codes} (pid, name, description, active_promotion, 
        start_date, end_date, code_type, simple_code, max_use_count, 
        accounts_expire, expiration_date, expiration_action, activate_when,
        activation_date) 
      VALUES (%d, '%s', '%s', %d, %d, %d, %d, '%s', %d, %d, %d, %d, %d, %d)",
      $pid,
      $form_values['name'],
      $form_values['description'],
      $form_values['active_promotion'],
      $form_values['start_date'],
      $form_values['end_date'],
      $form_values['code_type'],
      $form_values['simple_code'],
      $form_values['max_use_count'],
      $form_values['accounts_expire'],
      $form_values['expiration_date'],
      $form_values['expiration_action'],
      $form_values['activate_when'],
      $form_values['activation_date']
    );

    _promotion_update_roles($pid, $form_values['promotion_roles'], 1);
    _promotion_update_roles($pid, $form_values['demotion_roles'], 0);

    drupal_set_message(t('Created a new promotion.'));
  }

  return 'admin/user/promotion';
}

function promotion_add() {
  // Setup the defaults
  $promotion['active_promotion'] = 1;
  $promotion['activate_when'] = 1;

  $output = drupal_get_form('promotion_form', (object) $promotion);
  return $output;
}

function promotion_edit($pid) {
  // Check for delete
  if ($_POST['op'] == t('Delete')) {
    drupal_goto('admin/user/promotion/'.$pid.'/delete');
  }

  // Load the promotion
  if ($promotion = promotion_get_promotion($pid)) {
    return drupal_get_form('promotion_form', $promotion);
  }

  else {
    return drupal_not_found();
  }
}

function promotion_delete_confirm($pid) {
  $promotion = promotion_get_promotion($pid);

  $form['pid'] = array('#type' => 'value', '#value' => $pid);
  return confirm_form($form,
    t('Are you sure you want to delete %name?', array('%name' => $promotion->name)),
    'admin/user/promotion/' . $pid,
    t('<p>This action cannot be undone. You will no longer be able to see statistics related to this promotion.</p><p><strong>CAUTION:</strong> You may wish to mark this promotion as inactive instead.</p>'),
    t('Delete'), t('Cancel'));
}

function promotion_delete_confirm_submit($form_id, $form_values) {
  if ($form_values['confirm']) {
    db_query('DELETE FROM {promotion_codes} WHERE pid = %d', $form_values['pid']);
  }

  return 'admin/user/promotion';
}

function promotion_get_promotion($pid) {
  if ($result = db_query("SELECT * FROM {promotion_codes} WHERE pid = %d", $pid)) {
    $promotion = db_fetch_object($result);

    $result = db_query("SELECT * FROM {promotion_codes_roles} WHERE pid = %d", $pid);
    while ($code_role = db_fetch_array($result)) {
      if ($code_role['promotion']) {
        $promotion->promotion_roles[$code_role['rid']] = $code_role['rid'];
      }
      else {
        $promotion->demotion_roles[$code_role['rid']] = $code_role['rid'];
      }
    }

    return $promotion;
  }

  return NULL;
}

/**
 * Implementation of hook_user().
 */
function promotion_user($op, &$edit, &$account, $category = NULL) {
  if ($op == 'register') {
    if (arg(0) == 'user' && arg(1) == 'register') {
      $url_code = arg(2); // /user/register/CODE
    }
    $required = variable_get('promotion_required', 0);

    $form['promotion'] = array(
      '#type' => 'fieldset',
      '#title' => t('Promotional code'),
    );
    $form['promotion']['promotional_code'] = array(
      '#type' => $url_code ? 'item' : 'textfield',
      '#title' => t('Promotional code'),
      '#description' => 
        ($url_code ? t('You have been given a direct link to this promotion. If you do not want to use this promotion or would like to use another, !click_here.', array('!click_here' => l('click here', 'user/register'))) :
        ($required ? t('You must enter a promotional code to register for an account.')
                   : t('Please enter a promotional code, if you have one.'))),
      '#required' => $required,
      '#size' => 30,
      '#maxlength' => 30,
    );
    if ($url_code) {
        $form['promotional_code']['#value'] = $url_code;
        $form['promotional_code'] = array(
            '#type' => 'value',
            '#value' => $url_code,
        );
    }

    return $form;
  }

  elseif ($op == 'validate' && $category == 'account') {
    // We perform this validation if the promotional code is present, otherwise
    // we assume that this is just editing the existing user, which we don't
    // care about.
    if (isset($edit['promotional_code']) && $edit['promotional_code']) {
      $promotion = promotion_find_match($edit['promotional_code']);

      if (!$promotion->valid_match) {
        form_set_error('promotional_code', $promotion->validation_error);
      }
    }
  }

  elseif ($op == 'insert') {
    if (isset($edit['promotional_code']) && $edit['promotional_code']) {
      $promotion = promotion_find_match($edit['promotional_code']);

      $now = time();
      $status = 1;

      // Delay role activation if the promotion requests it and the activation
      // date is yet future
      if ($promotion->activate_when == PROMO_ACT_ROLES_WAIT && $promotion->activation_date > $now) {
        $user_register = variable_get('user_register', 1);
        if ($user_register == 1) {
          drupal_set_message(t('Your account will be activated after verifying your email address. However, some features of this site may not available until after %date, which is the promotion you signed up with officially starts.', array('%date' => format_date($promotion->activation_date, 'large'))));
        }
        else {
          drupal_set_message(t('Once your account has been approved and your email address verified, you account will be activated. However, some features of this site may not be available until after %date, which is when the promotion you signed up with officially starts.', array('%date' => format_date($promotion->activation_date, 'large'))));
        }

        watchdog('promotion', 
          t('Delaying role activation of account %user because the promotion date of %promo is in the future.', array('%promo' => $promotion->title, '%user' => $edit['name'])), 
          WATCHDOG_NOTICE, l('edit', '/user/'.$edit['uid']));

        $status = 0;
      }

      // Delay account activation if the promotion requests it and the
      // activation date is yet future
      elseif ($promotion->activate_when == PROMO_ACT_ALL_WAIT && $promotion->activation_date > $now) {
        drupal_set_message(t('Your account will not be available after verifying your email address. The promotion you have signed up with has not yet started. Your account will become active after %date.', array('%date' => format_date($promotion->activation_date, 'large'))));

        // Make sure the account is blocked
        db_query("
          UPDATE {users} SET status = %d WHERE uid = %d",
          0, $edit['uid']);

        watchdog('promotion', 
          t('Delaying account activation of account %user because the promotion date of %promo is in the future.', array('%promo' => $promotion->title, '%user' => $edit['name'])), 
          WATCHDOG_NOTICE, l('edit', '/user/'.$edit['uid']));

        $status = 0;
      }

      db_query("
        INSERT INTO {promotion_codes_users} (pid, uid, code_used, status)
        VALUES (%d, %d, '%s', %d)", 
        $promotion->pid, $account->uid, $edit['promotional_code'], $status);

      $edit['promotional_code'] = NULL;

      if ($status) {
        // Add initial role promotion
        $edit['roles'] = $promotion->promotion_roles;

        watchdog('promotion', 
          t('Activating roles of account %user using %promo.', array('%promo' => $promotion->title, '%user' => $edit['name'])), 
          WATCHDOG_NOTICE, l('edit', '/user/'.$edit['uid']));
      }
    }
  }

  // $op == 'delete' is not implemented on purpose. Registered codes remain
  // used even if the user that used that code no longer exists.
}

/**
 * This method searches through the available and active promotions to find a
 * matching promotion record. It then loads and returns that record. In
 * addition, it sets the valid_match value to TRUE.
 *
 * On failure, it returns an object that has the valid_match value set to FALSE
 * and the validation_error set to a localized message to return to the user. No
 * other values will be set on the returned object.
 */
function promotion_find_match($code) {
  // Search for active promotions
  $now = time();
  $result = db_query("
    SELECT pid 
    FROM {promotion_codes} 
    WHERE active_promotion = 1 
      AND (start_date IS NULL OR start_date = 0 OR start_date <= %d) 
      AND (end_date IS NULL OR end_date = 0 OR end_date >= %d)",
    $now, $now);

  // Iterate through the active promotions found
  while ($promo = db_fetch_array($result)) {

    // Load the promotion object
    $promotion = promotion_get_promotion($promo['pid']);

    // Check to see if the given promotion matches the code
    if (promotion_match($promotion, $code)) {
      // Appears to match, but make sure it has not been already used too
      // many times...
      if ($promotion->max_use_count > 0) {
        $result = db_query("
          SELECT count(*) AS user_count
          FROM {promotion_codes_users}
          WHERE pid = %d AND lower(code_used) = lower('%s')", 
          $promotion->pid, $code);

        // fetch the count
        if ($counter = db_fetch_array($result)) {
          if ($counter['user_count'] >= $promotion->max_use_count) {
            // Too bad, already used up
            $used_up_promotion = $promotion;
            continue;
            // Keep searching, just in case it matches another promotion
          }
        }
      }

      // Success! Found a matching promotion that it can consume
      $promotion->valid_match = TRUE;
      return $promotion;
    }
  }

  // We looked, but all we found was a used promotion
  if ($used_up_promotion) {
    $used_up_promotion->valid_match = FALSE;
    $used_up_promotion->validation_error = t('Sorry, the promotional code you have given has already been used.');
    return $used_up_promotion;
  }

  // They have an invalid code, but let's try to be specific with the error
  // message in case it's an old imperial--er promotional code.
  $result = db_query("
    SELECT pid
    FROM {promotion_codes}
    WHERE active_promotion = 0 OR start_date > %d OR end_date < %d",
    $now, $now);

  // iterate through all codes to find any possible match
  while ($promo = db_fetch_array($result)) {
    $promotion = promotion_get_promotion($promo['pid']);

    // Attempt to match this code against this inactive promotion
    if (promotion_match($promotion, $code)) {

      // The promotion hasn't yet started
      if ($promotion->start_date && $promotion->start_date > $now) {
        $promotion->valid_match = FALSE;
        $promotion->validation_error = t('The promotional code you have given is not yet available.');
        return $promotion;
      }

      // The promotion has ended
      if ($promotion->end_date && $promotion->end_date < $now) {
        $promotion->valid_match = FALSE;
        $promotion->validation_error = t('The promotional code you have entered has expired and is no longer available.');
        return $promotion;
      }

      // The promotion just isn't active
      if (!$promotion->active_promotion) {
        $promotion->valid_match = FALSE;
        $promotion->validation_error = t('The promotional code you have entered is not currently active.');
        return $promotion;
      }
    }
  }

  // Complete non-match, return a generic error
  $promotion = array(
    'valid_match' => FALSE,
    'validation_error' => t('Sorry, but the code you have given does not match any current promotion. Please check that it is correct and try again.'),
  );
  return (object) $promotion;
}

/**
 * Matches a specific code against a promotion. This matches the code against
 * the promotion.
 *
 * Returns TRUE if the code matches or FALSE if it does not.
 */
function promotion_match($promotion, $code) {
  // Perform an exact match (ignoring case)
  if ($promotion->code_type == PROMO_TYPE_EXACT) {
    return strcasecmp($promotion->simple_code, $code) == 0;
  }

  // Convert the promotion code into a regulary expression and match
  elseif ($promotion->code_type == PROMO_TYPE_SIMPLE) {

    // Process the code matcher into a regular expression
    $state = 'exact';
    $simple_match = '';
    foreach (str_split($promotion->simple_code) as $char) {
      if ($state == 'exact') {
        if ($char == '[') {
          $state = 'match';
        }
        else {
          $simple_match .= preg_quote($char);
        }
      }
      else {
        if ($char == ']') {
          $state = 'exact';
        }
        elseif (ctype_alpha($char)) {
          $simple_match .= '\p{L}'; // match any unicode letter
        }
        elseif (ctype_digit($char)) {
          $simple_match .= '\p{N}'; // match any unicode number
        }
        else {
          $simple_match .= preg_quote($char); // uh? what?
        }
      }
    }

    // Perform the comparison
    return preg_match("/^$simple_match\$/i", $code);
  }

  // Shouldn't happen
  else {
    watchdog('promotion', 
      t('Unknown promotional code type %code_type', array('%code_type' => $promotion->code_type)), 
      WATCHDOG_ERROR, l('edit', 'admin/user/promotion/'.$promotion->pid));
    return FALSE;
  }
}

/**
 * Implements hook_cron(). 
 *
 * This performs the work of expiring an unexpired promotion account.
 */
function promotion_cron() {
  $now = time();
  _promotion_process_activation($now);
  _promotion_process_expiration($now);
}

/**
 * Performs the work during cron of activating accounts when a promotion has
 * become active.
 */
function _promotion_process_activation($now) {
  $result = db_query("
    SELECT p.pid AS pid, c.uid AS uid, c.code_used AS code_used
    FROM {promotion_codes_users} c INNER JOIN {promotion_codes} p
                                           ON c.pid = p.pid
    WHERE p.active_promotion = 1 
      AND (p.activate_when = 2 OR p.activate_when = 3)
      AND p.activation_date < %d AND c.status = 0
      AND (p.accounts_expire = 0 OR p.expiration_date > %d)",
    $now, $now);

  while ($pid_uid = db_fetch_array($result)) {
    $promotion = promotion_get_promotion($pid_uid['pid']);
    $account   = user_load(array(uid => $pid_uid['uid']));

    if ($promotion && $account) {
      $edit['roles'] = $account->roles;
      foreach ($promotion->promotion_roles as $rid) {
        $edit['roles'][$rid] = $rid;
      }

      if ($promotion->activate_when == PROMO_ACT_ALL_WAIT) {
        $edit['status'] = 1;
      }

      watchdog('promotion', 
        t('Activating %name with email address %email with promotion %promotion (%code).', array('%name' => $account->name, '%email' => $account->mail, '%promotion' => $promotion->name, '%code' => $pid_uid['code_used'])), 
        WATCHDOG_NOTICE);

      user_save($account, $edit);
    }

    db_query("
      UPDATE {promotion_codes_users}
      SET status = 1
      WHERE pid = %d AND uid = %d
    ", $pid_uid['pid'], $pid_uid['uid']);
  }
}

/**
 * Performs the work during cron of actually deactivating accounts when a
 * promotion has expired.
 */
function _promotion_process_expiration($now) {
  $result = db_query("
    SELECT p.pid AS pid, c.uid AS uid, c.code_used AS code_used
    FROM {promotion_codes_users} c INNER JOIN {promotion_codes} p 
                                           ON c.pid = p.pid
    WHERE p.active_promotion = 1 AND p.accounts_expire = 1 
      AND p.expiration_date < %d AND c.status = 1
  ", $now);

  while ($pid_uid = db_fetch_array($result)) {
    $promotion = promotion_get_promotion($pid_uid['pid']);
    $account   = user_load(array(uid => $pid_uid['uid']));

    if ($promotion && $account) {
      if ($promotion->expiration_action == PROMO_EXP_ACTION_DELETE) {
        user_delete(NULL, $account->uid);

        watchdog('promotion', 
          t('Deleted %name with email address %email because promotion %promotion (%code) expired.', array('%name' => $account->name, '%email' => $account->mail, '%promotion' => $promotion->name, '%code' => $pid_uid['code_used'])), 
          WATCHDOG_NOTICE);
      }

      else {
        $edit = array();

        if ($promotion->expiration_action == PROMO_EXP_ACTION_BLOCK
          || $promotion->expiration_action == PROMO_EXP_ACTION_DEMOTE_AND_BLOCK) {

          $edit['status'] = 0;

          watchdog('promotion', 
            t('Blocking %name with email address %email because promotion %promotion (%code) expired.', array('%name' => $account->name, '%email' => $account->mail, '%promotion' => $promotion->name, '%code' => $pid_uid['code_used'])), 
            WATCHDOG_NOTICE);
        }

        if ($promotion->expiration_action == PROMO_EXP_ACTION_DEMOTE
          || $promotion->expiration_action == PROMO_EXP_ACTION_DEMOTE_AND_BLOCK) {

          $edit['roles'] = $account->roles;
          foreach ($promotion->demotion_roles as $rid) {
            unset($edit['roles'][$rid]);
          }

          watchdog('promotion', 
            t('Demoting %name with email address %email because promotion %promotion (%code) expired.', array('%name' => $account->name, '%email' => $account->mail, '%promotion' => $promotion->name, '%code' => $pid_uid['code_used'])), 
            WATCHDOG_NOTICE);
        }

        user_save($account, $edit);
      }
    }

    db_query("
      UPDATE {promotion_codes_users}
      SET status = 0
      WHERE pid = %d AND uid = %d
    ", $pid_uid['pid'], $pid_uid['uid']);
  }
}

function promotion_statistics($pid = NULL, $detail = NULL) {
  if (!isset($pid)) {
    return _promotion_statistics_general();
  }