2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 10/19/2003 *
4 * =================== Last change: 08/12/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-points.php *
8 * -------------------------------------------------------------------- *
9 * Short description : All your collected points... *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Alle Ihrer gesammelten Punkte *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * -------------------------------------------------------------------- *
18 * Copyright (c) 2003 - 2009 by Roland Haeder *
19 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
20 * For more information visit: http://mxchange.org *
22 * This program is free software; you can redistribute it and/or modify *
23 * it under the terms of the GNU General Public License as published by *
24 * the Free Software Foundation; either version 2 of the License, or *
25 * (at your option) any later version. *
27 * This program is distributed in the hope that it will be useful, *
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
30 * GNU General Public License for more details. *
32 * You should have received a copy of the GNU General Public License *
33 * along with this program; if not, write to the Free Software *
34 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
36 ************************************************************************/
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
43 // Sets a status message and code
44 function setWernisStatusMessage ($message, $status) {
45 $GLOBALS['wernis_data']['message'] = $message;
46 $GLOBALS['wernis_data']['status'] = $status;
49 // Get the status message
50 function getWernisErrorMessage () {
51 if (isset($GLOBALS['wernis_data']['message'])) {
53 return $GLOBALS['wernis_data']['message'];
54 } elseif (isset($GLOBALS['wernis_data']['status'])) {
55 // Fall-back to status
56 return '{%message,WERNIS_ERROR_STATUS=' . $GLOBALS['wernis_data']['status'] . '%}';
58 // Something bad happend
59 return '{--WERNIS_UNKNOWN_ERROR--}';
63 // Get the status code
64 function getWernisErrorCode () {
65 if (isset($GLOBALS['wernis_data']['status'])) {
67 return $GLOBALS['wernis_data']['status'];
69 // Something bad happend
70 return '{--WERNIS_UNKNOWN_ERROR--}';
74 // Sends out a request to the API and returns it's result
75 function sendWernisApiRequest ($scriptName, $requestData = array()) {
76 // Is the requestData an array?
77 if (!is_array($requestData)) {
80 'status' => 'failed_general',
81 'message' => '{--WERNIS_API_REQUEST_DATA_INVALID--}'
85 // Is the API id and MD5 hash there?
86 if ((getWernisApiId() == '') || (getWernisApiMd5() == '')) {
89 'status' => 'failed_general',
90 'message' => '{--WERNIS_API_REQUEST_DATA_MISSING--}'
94 // Add more request data
95 $requestData['api_id'] = getWernisApiId();
96 $requestData['api_key'] = getWernisApiMd5();
98 // Is a purpose there?
99 if (!empty($requestData['purpose'])) {
101 eval('$purpose = "' . doFinalCompilation($requestData['purpose'], FALSE) . '";');
103 // Prepare the purpose, it needs encoding
104 $requestData['purpose'] = encodeString($purpose);
107 // Construct the request string
108 $requestString = getWernisApiUrl() . $scriptName;
110 // Get the raw response from the lower function
111 $response = sendHttpPostRequest($requestString, $requestData);
113 // Check the response header if all is fine
114 if (!isHttpStatusOkay($response[0])) {
115 // Something bad happend... :(
117 'status' => 'request_error',
118 'message' => '{%message,WERNIS_API_REQUEST_ERROR=' . $response[0] . '%}'
122 // All (maybe) fine so remove the response header from server
123 $responseLine = '*INVALID*';
124 for ($idx = (count($response) - 1); $idx > 1; $idx--) {
125 $line = trim($response[$idx]);
127 $responseLine = $line;
132 // Is the response leaded by a & symbol?
133 if (substr($responseLine, 0, 1) != '&') {
134 // Something badly happened on server-side
136 'status' => 'request_problem',
137 'message' => sprintf(getMessage('WERNIS_API_REQUEST_PROBLEM'), $response[0], secureString($responseLine))
141 // Remove the leading & (which can be used in Flash)
142 $responseLine = substr($responseLine, 1);
144 // Bring back the response
145 $data = explode('=', $responseLine);
147 // Default return array (should not stay empty)
150 // We use only the first two entries (which shall be fine)
151 if ($data[0] === 'error') {
152 // The request has failed... :(
154 case '404': // Invalid API id
155 case 'AUTH': // Authorization has failed
157 'status' => 'auth_failed',
158 'message' => '{--WERNIS_API_REQUEST_FAILED_AUTH--}'
162 case 'LOCKED': // User account is locked!
163 case 'PASS': // Bad passphrase entered
164 case 'USER': // Missing account or invalid password
166 'status' => 'user_failed',
167 'message' => '{--WERNIS_API_REQUEST_FAILED_USER--}'
171 case 'OWN': // Transfer to own account
173 'status' => 'own_failed',
174 'message' => '{--WERNIS_API_REQUEST_FAILED_OWN--}'
178 case 'AMOUNT': // Amount is depleted
180 'status' => 'amount_failed',
181 'message' => '{--WERNIS_API_REQUEST_FAILED_AMOUNT--}'
185 case 'AMOUNT-SEND': // API amount is depleted
187 'status' => 'api_amount_failed',
188 'message' => '{--WERNIS_API_REQUEST_FAILED_API_AMOUNT--}'
192 default: // Unknown error (maybe new?)
193 logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error %s from WDS66 API received.', $data[1]));
195 'status' => 'request_failed',
196 'message' => '{%message,WERNIS_API_REQUEST_FAILED=' . $data[1] . '%}'
204 'response' => $responseLine
212 // Tests the function by calling balance.php on the API
213 function doAdminTestWernisApi () {
217 // Result is always failed
220 // Prepare the request data
221 $requestData = array(
222 't_uid' => getWernisRefid(),
223 't_md5' => getWernisPassMd5()
226 // Return the result from the lower functions
227 $return = sendWernisApiRequest('balance.php', $requestData);
229 // Did it went smoothly?
230 if ($return['status'] == 'OK') {
234 // Status failure text
235 setWernisStatusMessage($return['message'], $return['status']);
242 // Widthdraw this amount
243 function executeWernisWithdraw ($wdsId, $userMd5, $amount) {
244 // Is the sponsor extension installed?
245 if (!isWernisWithdrawActive()) {
246 if (!isExtensionActive('sponsor')) {
249 } elseif (!isSponsor()) {
250 // No sponsor, not allowed to withdraw!
255 // Default is failed attempt
258 // Prepare the request data
259 $requestData = array(
260 'sub_request' => 'receive',
261 't_uid' => bigintval($wdsId),
263 'r_uid' => getWernisRefid(),
264 'amount' => bigintval($amount),
265 'purpose' => getMaskedMessage('WERNIS_API_PURPOSE_WITHDRAW', getMemberId())
268 // Return the result from the lower functions
269 $return = sendWernisApiRequest('book.php', $requestData);
271 if ($return['status'] == 'OK') {
276 logWernisTransfer($wdsId, $amount, 'WITHDRAW');
278 // Status failure text
279 setWernisStatusMessage($return['message'], $return['status']);
282 logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
289 // Payout this amount
290 function executeWernisPayout ($wdsId, $amount) {
291 // Default is failed attempt
294 // Prepare the request data
295 $requestData = array(
296 'sub_request' => 'send',
297 't_uid' => getWernisRefid(),
298 't_md5' => getWernisPassMd5(),
299 'r_uid' => bigintval($wdsId),
300 'amount' => bigintval($amount),
301 'purpose' => getMaskedMessage('WERNIS_API_PURPOSE_PAYOUT', getMemberId())
304 // Return the result from the lower functions
305 $return = sendWernisApiRequest('book.php', $requestData);
307 if ($return['status'] == 'OK') {
312 logWernisTransfer($wdsId, $amount, 'PAYOUT');
314 // Status failure text
315 setWernisStatusMessage($return['message'], $return['status']);
318 logWernisTransfer($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
325 // Execute auth.php request
326 function executeWernisAuth ($wernisId, $wernisPassword) {
327 // Prepare request data
328 $requestData = array(
329 't_uid' => bigintval($wernisId),
330 't_md5' => hashSha256($wernisPassword),
334 $return = sendWernisApiRequest('auth.php', $requestData);
340 // Translate the status IN/OUT
341 function translateWernisTransferStatus ($status) {
342 // Default status is unknown
343 $return = '{%message,WERNIS_STATUS_UNKNWOWN=' . $status . '%}';
345 // Construct message id
346 $messageId = 'WERNIS_STATUS_' . $status;
349 if (isMessageIdValid($messageId)) {
350 // Then use it as message string
351 $return = '{--' . $messageId . '--}';
359 function logWernisTransfer ($wdsId, $amount, $type = 'FAILED', $message = '', $status = '') {
360 // Register this wernis movement
361 sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_user_wernis` (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`, `wernis_api_message`, `wernis_api_status`) VALUES (%s, %s, %s, UNIX_TIMESTAMP(), '%s', '%s', '%s')",
369 ), __FUNCTION__, __LINE__);
372 // Calulcate fees and factor
373 function calculateWernisFee ($points, $mode) {
374 // Payout or withdraw are allowed modes!
375 //* DEBUG: */ debugOutput('mode=' . $mode . ',points=' . $points);
376 if (!in_array($mode, array('payout', 'withdraw'))) {
377 // Log error and abort
378 logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . getMemberId() . ',mode=' . $mode . ',points=' . $points . ' - unknown mode detected.');
382 // Is there a percentage or fixed fee?
383 if (getConfig('wernis_' . $mode . '_fee_percent') > 0) {
385 $points -= $points * getConfig('wernis_'.$mode.'_fee_percent') / 100;
386 } elseif (getConfig('wernis_' . $mode . '_fee_fix') > 0) {
388 $points -= getConfig('wernis_' . $mode . '_fee_fix');
391 // Divide/multiply the factor
392 if ($mode == 'payout') {
394 $points = $points / getWernisPayoutFactor();
396 // Multiply for withdraw
397 $points = $points * getWernisWithdrawFactor();
401 //* DEBUG: */ debugOutput('mode=' . $mode . ',points=' . $points);
405 // Add withdraw fees and factor
407 function calulcateWernisWithdrawFee ($points) {
408 // Is there a percentage or fixed fee?
409 if (getWernisWithdrawFeePercent() > 0) {
411 $points += $points * getWernisWithdrawFeePercent() / 100;
412 } elseif (getWernisWithdrawFeeFix() > 0) {
414 $points += getWernisWithdrawFeeFix();
421 // Displays registration form for WDS66 registration
422 function doDisplayWernisUserRegistrationForm () {
424 if (isFormSent('register')) {
426 if (!isPostRequestElementSet('wernis_id')) {
428 displayMessage('{--GUEST_WERNIS_REGISTRATION_ID_NOT_SET--}');
429 } elseif (!isPostRequestElementSet('wernis_password')) {
431 displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}');
433 // So far, all fine, then let's do the call-back on auth.php ...
434 $response = executeWernisAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
436 // Was the status okay?
437 if ((isset($response['status'])) && ($response['status'] == 'OK') && (!empty($response['response']))) {
438 // All fine, then analyze response
439 $args = convertApiResponseToArray($response['response'], '&', '=');
442 assert(isset($args['auth_status']));
445 $args['wernis_userid'] = postRequestElement('wernis_id');
447 // "Detect" auth status
448 $callbackFunction = 'doWernisAuth' . capitalizeUnderscoreString($args['auth_status']);
450 // Is the call-back there?
451 if (!is_callable($callbackFunction, FALSE, $callableName)) {
452 // Not there, could be bad. :(
453 reportBug(__FUNCTION__, __LINE__, 'Unsupported auth_status=' . $args['auth_status'] . ',args()=' . count($args) . ',callbackFunction=' . $callbackFunction . ' detected.');
457 $status = call_user_func($callbackFunction, $args);
458 die(__FUNCTION__ . ': status[' . gettype($status) . ']=' . $status);
460 // Something bad happened
461 displayMessage($response['message']);
466 // Is the form not sent? (E.g. missing form fields)
467 if ((isGetRequestElementSet('status')) && (isGetRequestElementSet('challenge')) && (isGetRequestElementSet('__challenge_response'))) {
468 // Redirect from modules.php?module=auth, so validate challenge response ...
469 // 1) Get first 24 characters = salt
470 $salt = substr(getRequestElement('__challenge_response'), 0, 24);
472 // 2) Generate hash again
473 $response = $salt . hashSha256($salt . getWernisApiMd5() . getRequestElement('challenge'));
475 // Is the response valid?
476 if ($response != getRequestElement('__challenge_response')) {
478 displayMessage('{--GUEST_WERNIS_REGISTRATION_INVALID_CHALLENGE_RESPONSE--}');
483 * Now, that the challenge-response is the same, the challenge itself
484 * is also the same. So get.php can be called.
487 } elseif (!isFormSent('register')) {
488 // Form not send, so load form template
489 loadTemplate('guest_wernis_registration_form');
493 //-----------------------------------------------------------------------------
494 // Auth status callback functions
495 //-----------------------------------------------------------------------------
497 // Handler for auth_status=PENDING
498 function doWernisAuthPending ($args) {
499 // auth_key must be set
500 assert(isset($args['auth_key']));
502 // Generate a challenge that will be added to the URL
503 $challenge = hashSha256(generatePassword(128));
505 // Search entry in database by auth_key
506 if (countSumTotalData($args['auth_key'], 'wernis_regs', 'id', 'api_auth_key', TRUE) == 0) {
507 // "Register" this call
508 sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_wernis_regs` (
512 `api_redirect_challenge`
520 bigintval($args['wernis_userid']),
523 ), __FUNCTION__, __LINE__
526 // Should be inserted
527 assert(sqlAffectedRows() == 1);
530 sqlQueryEscaped("UPDATE
531 `{?_MYSQL_PREFIX?}_wernis_regs`
533 `api_redirect_challenge`='%s'
535 `api_auth_key`='%s' AND
537 `api_auth_status`='PENDING'
542 bigintval($args['wernis_userid'])
543 ), __FUNCTION__, __LINE__
546 // Should always be updated
547 assert(sqlAffectedRows() == 1);
550 // Redirect to WDS66 module=auth ...
551 redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . $args['auth_key'] . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge);
554 //-----------------------------------------------------------------------------
556 //-----------------------------------------------------------------------------
558 // Wrapper function for 'wernis_refid'
559 function getWernisRefid () {
561 if (!isset($GLOBALS[__FUNCTION__])) {
563 $GLOBALS[__FUNCTION__] = getConfig('wernis_refid');
567 return $GLOBALS[__FUNCTION__];
570 // Wrapper function for 'wernis_pass_md5'
571 function getWernisPassMd5 () {
573 if (!isset($GLOBALS[__FUNCTION__])) {
575 $GLOBALS[__FUNCTION__] = getConfig('wernis_pass_md5');
579 return $GLOBALS[__FUNCTION__];
582 // Wrapper function for 'wernis_api_id'
583 function getWernisApiId () {
585 if (!isset($GLOBALS[__FUNCTION__])) {
587 $GLOBALS[__FUNCTION__] = getConfig('wernis_api_id');
591 return $GLOBALS[__FUNCTION__];
594 // Wrapper function for 'wernis_api_md5'
595 function getWernisApiMd5 () {
597 if (!isset($GLOBALS[__FUNCTION__])) {
599 $GLOBALS[__FUNCTION__] = getConfig('wernis_api_md5');
603 return $GLOBALS[__FUNCTION__];
606 // Wrapper function for 'wernis_api_url'
607 function getWernisApiUrl () {
609 if (!isset($GLOBALS[__FUNCTION__])) {
611 $GLOBALS[__FUNCTION__] = getConfig('wernis_api_url');
615 return $GLOBALS[__FUNCTION__];
618 // Wrapper function for 'wernis_withdraw_active'
619 function getWernisWithdrawActive () {
621 if (!isset($GLOBALS[__FUNCTION__])) {
623 $GLOBALS[__FUNCTION__] = getConfig('wernis_withdraw_active');
627 return $GLOBALS[__FUNCTION__];
630 // Wrapper function for 'wernis_payout_active'
631 function getWernisPayoutActive () {
633 if (!isset($GLOBALS[__FUNCTION__])) {
635 $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_active');
639 return $GLOBALS[__FUNCTION__];
642 // Wrapper function for 'wernis_withdraw_active'
643 function isWernisWithdrawActive () {
645 if (!isset($GLOBALS[__FUNCTION__])) {
647 $GLOBALS[__FUNCTION__] = (getConfig('wernis_withdraw_active') == 'Y');
651 return $GLOBALS[__FUNCTION__];
654 // Wrapper function for 'wernis_payout_active'
655 function isWernisPayoutActive () {
657 if (!isset($GLOBALS[__FUNCTION__])) {
659 $GLOBALS[__FUNCTION__] = (getConfig('wernis_payout_active') == 'Y');
663 return $GLOBALS[__FUNCTION__];
666 // Wrapper function for 'wernis_withdraw_factor'
667 function getWernisWithdrawFactor () {
669 if (!isset($GLOBALS[__FUNCTION__])) {
671 $GLOBALS[__FUNCTION__] = getConfig('wernis_withdraw_factor');
675 return $GLOBALS[__FUNCTION__];
678 // Wrapper function for 'wernis_payout_factor'
679 function getWernisPayoutFactor () {
681 if (!isset($GLOBALS[__FUNCTION__])) {
683 $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_factor');
687 return $GLOBALS[__FUNCTION__];
690 // Wrapper function for 'wernis_withdraw_fee_percent'
691 function getWernisWithdrawFeePercent () {
693 if (!isset($GLOBALS[__FUNCTION__])) {
695 $GLOBALS[__FUNCTION__] = getConfig('wernis_withdraw_fee_percent');
699 return $GLOBALS[__FUNCTION__];
702 // Wrapper function for 'wernis_withdraw_fee_fix'
703 function getWernisWithdrawFeeFix () {
705 if (!isset($GLOBALS[__FUNCTION__])) {
707 $GLOBALS[__FUNCTION__] = getConfig('wernis_withdraw_fee_fix');
711 return $GLOBALS[__FUNCTION__];
714 // Wrapper function for 'wernis_payout_fee_percent'
715 function getWernisPayoutFeePercent () {
717 if (!isset($GLOBALS[__FUNCTION__])) {
719 $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_fee_percent');
723 return $GLOBALS[__FUNCTION__];
726 // Wrapper function for 'wernis_payout_fee_fix'
727 function getWernisPayoutFeeFix () {
729 if (!isset($GLOBALS[__FUNCTION__])) {
731 $GLOBALS[__FUNCTION__] = getConfig('wernis_payout_fee_fix');
735 return $GLOBALS[__FUNCTION__];
738 // Wrapper function for 'wernis_min_payout'
739 function getWernisMinPayout () {
741 if (!isset($GLOBALS[__FUNCTION__])) {
743 $GLOBALS[__FUNCTION__] = getConfig('wernis_min_payout');
747 return $GLOBALS[__FUNCTION__];
750 // Wrapper function for 'wernis_min_withdraw'
751 function getWernisMinWithdraw () {
753 if (!isset($GLOBALS[__FUNCTION__])) {
755 $GLOBALS[__FUNCTION__] = getConfig('wernis_min_withdraw');
759 return $GLOBALS[__FUNCTION__];
762 // Wrapper function for 'wernis_base_url'
763 function getWernisBaseUrl () {
765 if (!isset($GLOBALS[__FUNCTION__])) {
767 $GLOBALS[__FUNCTION__] = getConfig('wernis_base_url');
771 return $GLOBALS[__FUNCTION__];