************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+// Sets a status message and code
+function WERNIS_STATUS_MESSAGE ($msg, $status) {
+ global $WERNIS;
+ $WERNIS['message'] = $msg;
+ $WERNIS['status'] = $status;
+}
+
+// Get the status message
+function GET_WERNIS_ERROR_MESSAGE () {
+ global $WERNIS;
+ if (isset($WERNIS['message'])) {
+ // Use raw message
+ return $WERNIS['message'];
+ } elseif (isset($WERNIS['status'])) {
+ // Fall-back to status
+ return sprintf(WERNIS_ERROR_STATUS, $WERNIS['status']);
+ } else {
+ // Something bad happend
+ return WERNIS_UNKNOWN_ERROR;
+ }
+}
+
+// Get the status code
+function GET_WERNIS_ERROR_CODE () {
+ global $WERNIS;
+ if (isset($WERNIS['status'])) {
+ // Use raw message
+ return $WERNIS['status'];
+ } else {
+ // Something bad happend
+ return WERNIS_UNKNOWN_ERROR;
+ }
+}
+
+// Sends out a request to the API and returns it's result
+function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) {
+ global $_CONFIG;
+
+ // Is the requestData an array?
+ if (!is_array($requestData)) {
+ // Then abort here!
+ return array(
+ 'status' => "failed_general",
+ 'message' => WERNIS_API_REQUEST_DATA_INVALID
+ );
+ }
+
+ // Is the API id and MD5 hash there?
+ if ((empty($_CONFIG['wernis_api_id'])) || (empty($_CONFIG['wernis_api_md5']))) {
+ // Abort here...
+ return array(
+ 'status' => "failed_general",
+ 'message' => WERNIS_API_REQUEST_DATA_MISSING
+ );
+ }
+
+ // Construct the request string
+ $requestString = $_CONFIG['wernis_api_url'] . $scriptName."?api_id=".$_CONFIG['wernis_api_id']."&api_key=".$_CONFIG['wernis_api_md5'];
+ foreach ($requestData as $key=>$value) {
+ $requestString .= "&".$key."=".$value;
+ }
+
+ // Get the raw response from the lower function
+ $response = MXCHANGE_OPEN($requestString);
+
+ // Check the response header if all is fine
+ if (strpos($response[0], "200") === false) {
+ // Something bad happend... :(
+ return array(
+ 'status' => "request_error",
+ 'message' => sprintf(WERNIS_API_REQUEST_ERROR, $response[0])
+ );
+ }
+
+ // All (maybe) fine so remove the response header from server
+ $response = $response[(count($response) - 1)];
+
+ // Prepare the returning result for higher functions
+ if (substr($response, 0, 1) == "&") {
+ // Remove the leading & (which can be used in Flash)
+ $response = substr($response, 1);
+ }
+
+ // Bring back the response
+ $data = explode("=", $response);
+
+ // Default return array (should not stay empty)
+ $return = array();
+
+ // We use only the first two entries (which shall be fine)
+ if ($data[0] === "error") {
+ // The request has failed... :(
+ switch ($data[1]) {
+ case "404": // Invalid API ID
+ case "AUTH": // Authorization has failed
+ $return = array(
+ 'status' => "auth_failed",
+ 'message' => WERNIS_API_REQUEST_FAILED_AUTH
+ );
+ break;
+
+ case "LOCKED": // User account is locked!
+ case "PASS": // Bad passphrase entered
+ case "USER": // Missing account or invalid password
+ $return = array(
+ 'status' => "user_failed",
+ 'message' => WERNIS_API_REQUEST_FAILED_USER
+ );
+ break;
+
+ case "OWN": // Transfer to own account
+ $return = array(
+ 'status' => "own_failed",
+ 'message' => WERNIS_API_REQUEST_FAILED_OWN
+ );
+ break;
+
+ case "AMOUNT": // Amount is depleted
+ $return = array(
+ 'status' => "amount_failed",
+ 'message' => WERNIS_API_REQUEST_FAILED_AMOUNT
+ );
+ break;
+
+ case "AMOUNT-SEND": // API amount is depleted
+ $return = array(
+ 'status' => "api_amount_failed",
+ 'message' => WERNIS_API_REQUEST_FAILED_API_AMOUNT
+ );
+ break;
+
+ default: // Unknown error (maybe new?)
+ $return = array(
+ 'status' => "request_failed",
+ 'message' => sprintf(WERNIS_API_REQUEST_FAILED, $data[1])
+ );
+ break;
+ }
+ } else {
+ // All fine here
+ $return = array(
+ 'status' => "OK",
+ 'response' => $response
+ );
+ }
+
+ // Return the result
+ return $return;
+}
+
+// Tests the function by calling balance.php on the API
+function WERNIS_TEST_API () {
+ // Get config first
+ global $_CONFIG;
+ $result = false;
+
+ // Return the result from the lower functions
+ $return = WERNIS_SEND_REQUEST("balance.php");
+
+ if ($return['status'] == "OK") {
+ // All fine!
+ $result = true;
+ } else {
+ // Status failture text
+ WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+ }
+
+ // Return result
+ return $result;
+}
+
+// Widthdraw this amount
+function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) {
+ global $_CONFIG;
+ $result = false;
+
+ // Prepare the purpose
+ $eval = "\$purpose = \"".COMPILE_CODE(WERNIS_API_PURPOSE_WITHDRAW)."\";";
+ eval($eval);
+
+ // Prepare the request data
+ $requestData = array(
+ 'sub_request' => "receive",
+ 't_uid' => bigintval($wdsId),
+ 't_md5' => $userMd5,
+ 'r_uid' => $_CONFIG['wernis_refid'],
+ 'amount' => bigintval($amount),
+ 'purpose' => urlencode(base64_encode($purpose))
+ );
+
+ // Return the result from the lower functions
+ $return = WERNIS_SEND_REQUEST("book.php", $requestData);
+
+ if ($return['status'] == "OK") {
+ // All fine!
+ $result = true;
+
+ // Log the transfer
+ WERNIS_LOG_TRANSFER($wdsId, $amount, 'IN');
+ } else {
+ // Status failture text
+ WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+
+ // Log the transfer
+ WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
+ }
+
+ // Return result
+ return $result;
+}
+
+
+// Payout this amount
+function WERNIS_EXECUTE_PAYOUT ($wdsId, $userMd5, $amount) {
+ global $_CONFIG;
+ $result = false;
+
+ // Prepare the purpose
+ $eval = "\$purpose = \"".COMPILE_CODE(WERNIS_API_PURPOSE_PAYOUT)."\";";
+ eval($eval);
+
+ // Prepare the request data
+ $requestData = array(
+ 'sub_request' => "send",
+ 't_uid' => bigintval($wdsId),
+ 't_md5' => $userMd5,
+ 'r_uid' => $_CONFIG['wernis_refid'],
+ 'amount' => bigintval($amount),
+ 'purpose' => urlencode(base64_encode($purpose))
+ );
+
+ // Return the result from the lower functions
+ $return = WERNIS_SEND_REQUEST("book.php", $requestData);
+
+ if ($return['status'] == "OK") {
+ // All fine!
+ $result = true;
+
+ // Log the transfer
+ WERNIS_LOG_TRANSFER($wdsId, $amount, 'OUT');
+ } else {
+ // Status failture text
+ WERNIS_STATUS_MESSAGE($return['message'], $return['status']);
+
+ // Log the transfer
+ WERNIS_LOG_TRANSFER($wdsId, $amount, 'FAILED', $return['message'], $return['status']);
+ }
+
+ // Return result
+ return $result;
+}
+
+// Translate the status IN/OUT
+function WERNIS_TRANSFER_STATUS ($status) {
+ // Default status
+ $return = sprintf(WERNIS_STATUS_UNKNWOWN, $status);
+ switch ($status) {
+ case "IN": // Withdraw
+ $return = WERNIS_STATUS_WITHDRAW;
+ break;
+
+ case "OUT": // Payout
+ $return = WERNIS_STATUS_PAYOUT;
+ break;
+
+ case "FAILED": // Payout
+ $return = WERNIS_STATUS_FAILED;
+ break;
+ }
+
+ // Return the status
+ return $return;
+}
+
+function WERNIS_LOG_TRANSFER ($wdsId, $amount, $type = 'FAILED', $message = null, $status = null) {
+ // Register this wernis movement
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_wernis (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`, `wernis_api_message`, `wernis_api_status`) VALUES(%d, %d, %d, UNIX_TIMESTAMP(), '%s', '%s', '%s')",
+ array($GLOBALS['userid'], bigintval($wdsId), bigintval($amount), $type, $message, $status), __FILE__, __LINE__);
+}
+
//
?>