2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 05/08/2004 *
\r
4 * ================ Last change: 08/12/2004 *
\r
6 * -------------------------------------------------------------------- *
\r
7 * File : what-list_payouts.php *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : List member's payout requests *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Auflistung der Auszahlungsanfragen *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Some security stuff...
\r
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
\r
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
\r
40 // Add description as navigation point
\r
41 ADD_DESCR("admin", basename(__FILE__));
\r
43 if (!empty($_GET['pid']))
\r
45 // First let's get the member's ID
\r
46 $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%d LIMIT 1",
\r
47 array($_GET['pid']), __FILE__, __LINE__);
\r
48 list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
\r
49 SQL_FREERESULT($result);
\r
52 if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0))
\r
54 // Get task ID from database
\r
55 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%d AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
\r
56 array(bigintval($uid)), __FILE__, __LINE__);
\r
57 list($task) = SQL_FETCHROW($result);
\r
58 SQL_FREERESULT($result);
\r
59 if (empty($task)) $task = "0";
\r
62 elseif ((empty($uid)) || ($uid == "0"))
\r
64 // Cannot obtain member ID!
\r
65 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
\r
69 // Get task ID from URL
\r
70 $task = $_GET['task'];
\r
72 if ((!empty($task)) && (!empty($uid)) && ($uid > 0))
\r
75 $result = SQL_QUERY_ESC("SELECT email, sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
76 array(bigintval($uid)), __FILE__, __LINE__);
\r
77 list($email, $sex, $surname, $family) = SQL_FETCHROW($result);
\r
78 SQL_FREERESULT($result);
\r
81 define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_SEX($sex)." ".$surname." ".$family."</A>");
\r
83 if (($_GET['do'] == "accept") && (!empty($email)))
\r
85 // Ok, now we can output the form or execute accepting
\r
86 if (isset($_POST['ok']))
\r
88 // Obtain payout type and other data
\r
89 $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%d LIMIT 1",
\r
90 array(bigintval($_GET['pid'])), __FILE__, __LINE__);
\r
91 list($ptype) = SQL_FETCHROW($result);
\r
92 SQL_FREERESULT($result);
\r
96 // Obtain data from payout type
\r
97 $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
\r
98 array(bigintval($ptype)), __FILE__, __LINE__);
\r
99 list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
\r
100 SQL_FREERESULT($result);
\r
105 $eurl = COMPILE_CODE($eurl);
\r
109 $fpass = md5($fpass);
\r
110 $tpass = md5($tpass);
\r
114 $fpass = base64_encode($fpass);
\r
115 $tpass = base64_encode($tpass);
\r
119 // Transfer variables...
\r
120 $eval = "\$URL = \"".$eurl."\";";
\r
121 $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
\r
126 // Execute transfer
\r
127 $ret = @file($URL);
\r
134 if ($ret[0] == $eok)
\r
139 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
\r
140 array(bigintval($task)),__FILE__, __LINE__);
\r
143 // Clear payout request
\r
144 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%d LIMIT 1",
\r
145 array(bigintval($_GET['pid'])), __FILE__, __LINE__);
\r
148 $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
\r
153 // Banner / Textlink request
\r
154 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
\r
159 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
\r
162 // Finally send mail
\r
163 SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
\r
167 // Something goes wrong... :-(
\r
168 $content = implode("<BR>", $ret);
\r
169 LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
\r
174 // Cannot load payout id
\r
175 OUTPUT_HTML ("<STRONG class=\"admin_failed\">".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."</STRONG>");
\r
181 LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
\r
184 elseif (($_GET['do'] == "reject") && (!empty($email)))
\r
186 // Ok, now we can output the form or execute rejecting
\r
187 if (isset($_POST['ok']))
\r
192 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
\r
193 array(bigintval($task)), __FILE__, __LINE__);
\r
196 // Clear payout request
\r
197 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%d LIMIT 1",
\r
198 array(bigintval($_GET['pid'])), __FILE__, __LINE__);
\r
201 $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
\r
204 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
\r
206 // Finally send mail
\r
207 SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
\r
212 LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
\r
217 // Cannot load user data
\r
218 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
\r
221 elseif((empty($task)) || ($task == "0"))
\r
223 // Failed loading task ID
\r
224 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
\r
229 if (empty($_GET['do'])) $_GET['do'] = "";
\r
230 if ($_GET['do'] == "delete")
\r
232 // Delete all requests
\r
233 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
\r
236 // Search for payouts
\r
237 $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
\r
238 FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
\r
239 WHERE p.payout_id=t.id
\r
240 ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
\r
242 if (SQL_NUMROWS($result) > 0)
\r
244 // List found payouts
\r
245 $OUT = ""; $SW = 2;
\r
246 while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result))
\r
248 if ($status == "NEW")
\r
250 // Generate links for direct accepting and rejecting
\r
251 $status = "<A href=\"".URL."/modules.php?module=admin&what=list_payouts&do=accept&pid=".$pid."\">".PAYOUT_ACCEPT_PAYOUT."</A> | <A href=\"".URL."/modules.php?module=admin&what=list_payouts&do=reject&pid=".$pid."\">".PAYOUT_REJECT_PAYOUT."</A>";
\r
255 // Translate status
\r
256 $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
\r
258 $status = "<FONT class=\"admin_failed\">".$status."</FONT>";
\r
261 // Nothing entered must be secured in member/what-payputs.php !
\r
264 // Banner/Textlink views/clicks request
\r
265 if (!empty($banner))
\r
267 // Prepare array for the banner
\r
269 'banner' => $banner,
\r
274 // Load template for the banner
\r
275 $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
\r
281 'txt_link' => $alt,
\r
284 $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
\r
287 // Admins can addionally test the URL for framekillers
\r
288 $bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
\r
292 // e-currency payout request
\r
293 if (empty($account)) $account = "---";
\r
294 if (empty($bank)) $bank = "---";
\r
297 // Remember data in array for the template
\r
300 'ulink' => ADMIN_USER_PROFILE_LINK($uid),
\r
301 'ptype' => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
\r
302 'account' => $account,
\r
304 'tstamp' => MAKE_DATETIME($tstamp, "2"),
\r
305 'status' => $status,
\r
308 // Add row and switch color
\r
309 $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
\r
314 SQL_FREERESULT($result);
\r
315 define('__PAYOUT_ROWS', $OUT);
\r
317 // Load final template
\r
318 LOAD_TEMPLATE("admin_list_payouts");
\r
322 // No payout requests are sent so far
\r
323 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
\r