************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
ADD_DESCR("admin", basename(__FILE__));
// Add now
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_payout_types
(type, rate, min_points, from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url)
-VALUES ('%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
+VALUES ('%s', %d, %d,'%s','%s','%s','%s','%s','%s','%s')",
array(
$_POST['title'],
bigintval($_POST['rate']),
if ((isset($_GET['ok'])) && ($_GET['ok'] == "ok"))
{
// Edit entries
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
// Secure ID
$id = bigintval($id);
// Update entry
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_payout_types SET
type='%s',
-rate=%d,
-min_points=%d,
+rate=%s,
+min_points=%s,
allow_url='%s'
WHERE id='".$id."' LIMIT 1",
array(
{
$display = false; //Suppress any other outputs
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
// Load data
- $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($title, $rate, $mpoi, $allow) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ($_GET['ok'] == "ok")
{
// Delete entries
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
}
$msg = ADMIN_PAYOUT_ENTRIES_DELETED;
{
$display = false; //Suppress any other outputs
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel)
+ foreach ($_POST['sel'] as $id => $sel)
{
// Secure ID number
$id = bigintval($id);
// Load data
- $result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
array($id), __FILE__, __LINE__);
list($title, $rate, $mpoi) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
{
// Members has requested payouts
SQL_FREERESULT($result_mem);
- OUTPUT_HTML ("<P><A href=\"".URL."/modules.php?module=admin&what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
+ OUTPUT_HTML("<P><A href=\"".URL."/modules.php?module=admin&what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
}
elseif ($display)
{
// No member requests so far
- OUTPUT_HTML ("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
+ OUTPUT_HTML("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
}
// Add new paypout type
if ($display) LOAD_TEMPLATE("admin_payout_add_new");