2 /************************************************************************
3 * MXChange v0.2.1 Start: 05/08/2004 *
4 * ================ Last change: 08/12/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-list_payouts.php *
8 * -------------------------------------------------------------------- *
9 * Short description : List member's payout requests *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Auflistung der Auszahlungsanfragen *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Add description as navigation point
41 ADD_DESCR("admin", __FILE__);
43 if (REQUEST_ISSET_GET(('pid'))) {
44 // First let's get the member's ID
45 $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
46 array(REQUEST_GET('pid')), __FILE__, __LINE__);
47 list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
48 SQL_FREERESULT($result);
51 if (!REQUEST_ISSET_GET(('task')) && (!empty($uid)) && ($uid > 0)) {
52 // Get task ID from database
53 $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_task_system` WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
54 array(bigintval($uid)), __FILE__, __LINE__);
55 list($task) = SQL_FETCHROW($result);
56 SQL_FREERESULT($result);
57 if (empty($task)) $task = 0;
58 } elseif ((empty($uid)) || ($uid == "0")) {
59 // Cannot obtain member ID!
60 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
62 // Get task ID from URL
63 $task = REQUEST_GET('task');
66 if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
68 $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
69 array(bigintval($uid)), __FILE__, __LINE__);
70 list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
71 SQL_FREERESULT($result);
74 define('PAYOUT_USERDATA_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</a>");
76 if ((REQUEST_GET('do') == "accept") && (!empty($email))) {
77 // Ok, now we can output the form or execute accepting
79 // Obtain payout type and other data
80 $result = SQL_QUERY_ESC("SELECT payout_id FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
81 array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
82 list($ptype) = SQL_FETCHROW($result);
83 SQL_FREERESULT($result);
86 // Obtain data from payout type
87 $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE id=%s LIMIT 1",
88 array(bigintval($ptype)), __FILE__, __LINE__);
89 list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
90 SQL_FREERESULT($result);
94 $eurl = COMPILE_CODE($eurl);
103 $fpass = base64_encode($fpass);
104 $tpass = base64_encode($tpass);
108 // Transfer variables...
109 $eval = "\$URL = \"".$eurl."\";";
110 $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
116 $ret = GET_URL($URL);
122 if ($ret[0] == $eok) {
125 runFilterChain('solve_task', $task);
128 // Clear payout request
129 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='ACCEPTED' WHERE id=%s LIMIT 1",
130 array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
133 $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", REQUEST_POST('text'), $uid);
137 // Banner / Textlink request
138 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
141 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
145 SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
147 // Something goes wrong... :-(
148 $content = implode("<br />", $ret);
149 LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
152 // Cannot load payout id
153 LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
157 LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
159 } elseif ((REQUEST_GET('do') == "reject") && (!empty($email))) {
160 // Ok, now we can output the form or execute rejecting
161 if (IS_FORM_SENT()) {
164 runFilterChain('solve_task', $task);
167 // Clear payout request
168 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE id=%s LIMIT 1",
169 array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
172 $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", REQUEST_POST('text'), $uid);
175 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
178 SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
181 LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
184 // Cannot load user data
185 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
187 } elseif ((empty($task)) || ($task == "0")) {
188 // Failed loading task ID
189 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
192 if (!REQUEST_ISSET_GET(('do'))) REQUEST_SET_GET('do', "");
194 if (REQUEST_GET('do') == "delete") {
195 // Delete all requests
196 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__);
199 // Search for payouts
200 $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
201 FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p, `{!_MYSQL_PREFIX!}_payout_types` AS t
202 WHERE p.payout_id=t.id
203 ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
205 if (SQL_NUMROWS($result) > 0) {
206 // List found payouts
208 while ($content = SQL_FETCHROW($result)) {
209 if ($content['status'] == "NEW") {
210 // Generate links for direct accepting and rejecting
211 $content['status'] = "<a href=\"{!URL!}/modules.php?module=admin&what=list_payouts&do=accept&pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a> | <a href=\"{!URL!}/modules.php?module=admin&what=list_payouts&do=reject&pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
214 $content['status'] = constant('PAYOUT_STATUS_'.strtoupper($content['status']).'');
215 $content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
218 // Nothing entered must be secured in member/what-payputs.php !
219 if ($content['allow'] == "Y") {
220 // Banner/Textlink views/clicks request
221 if (!empty($content['banner'])) {
222 // Load template for the banner
223 $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
226 $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
229 // Admins can addionally test the URL for framekillers
230 $content['target_bank'] = "<a href=\"".FRAMETESTER($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
232 // e-currency payout request
233 if (empty($content['target_account'])) $content['target_account'] = "---";
234 if (empty($content['target_bank'])) $content['target_bank'] = "---";
237 // Remember data in array for the template
240 'ulink' => ADMIN_USER_PROFILE_LINK($content['userid']),
241 'ptype' => TRANSLATE_COMMA($content['payout_total'])." ".COMPILE_CODE($content['type']),
242 'account' => $content['target_account'],
243 'bank' => $content['target_bank'],
244 'tstamp' => MAKE_DATETIME($content['payout_timestamp'], "2"),
245 'status' => $content['status'],
248 // Add row and switch color
249 $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
254 SQL_FREERESULT($result);
255 define('__PAYOUT_ROWS', $OUT);
257 // Load final template
258 LOAD_TEMPLATE("admin_list_payouts");
260 // No payout requests are sent so far
261 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));