************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
// Don't call this directly!
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
// Not logged in
- LOAD_URL(URL."/modules.php?module=index");
+ LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
- // Extension "payout" is not active
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
+ addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "payout");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
-
-$result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
-$TPTS = "0";
-while (list($lvl, $per) = SQL_FETCHROW($result_depths))
-{
- // Load referral points
- $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth='%s' LIMIT 1",
- array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_points) == 1)
- {
- list($POINTS) = SQL_FETCHROW($result_points);
- SQL_FREERESULT($result_points);
- $TPTS += $POINTS;
+ADD_DESCR("member", __FILE__);
+
+$result_depths = SQL_QUERY("SELECT level, percents FROM `{!_MYSQL_PREFIX!}_refdepths` ORDER BY level", __FILE__, __LINE__);
+$TPTS = 0;
+while (list($lvl, $per) = SQL_FETCHROW($result_depths)) {
+ // Load referal points
+ $result_points = SQL_QUERY_ESC("SELECT points FROM `{!_MYSQL_PREFIX_user_points!}` WHERE userid=%s AND ref_depth=%d LIMIT 1",
+ array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
+
+ // Entry found?
+ if (SQL_NUMROWS($result_points) == 1) {
+ // Load points
+ list($points) = SQL_FETCHROW($result_points);
+
+ // Add them to total
+ $TPTS += $points;
}
+
+ // Free result
+ SQL_FREERESULT($result_points);
}
// Free memory
SQL_FREERESULT($result_depths);
-$result = SQL_QUERY_ESC("SELECT used_points FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-list($USED) = SQL_FETCHROW($result);
-SQL_FREERESULT($result);
+// Get used points
+$USED = GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
// Translate point into comma
$TPTS = TRANSLATE_COMMA($TPTS - $USED);
// Sanity check...
if (empty($TPTS)) $TPTS = "0.00000";
-if (empty($_GET['payout']))
-{
+if (empty($_GET['payout'])) {
// Load payout types
$result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
-FROM "._MYSQL_PREFIX."_payout_types
-WHERE %d >= min_points
-ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
+FROM `{!_MYSQL_PREFIX!}_payout_types`
+WHERE %s >= min_points
+ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0) {
// Free memory
SQL_FREERESULT($result);
// Check for his payouts
$result_payouts = SQL_QUERY_ESC("SELECT DISTINCT p.id, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS bannerm
-FROM "._MYSQL_PREFIX."_user_payouts AS p
-LEFT JOIN "._MYSQL_PREFIX."_payout_types AS t
+FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p
+LEFT JOIN `{!_MYSQL_PREFIX!}_payout_types` AS t
ON p.payout_id = t.id
-WHERE p.userid = %d
+WHERE p.userid = %s
ORDER BY p.payout_timestamp DESC",
array($GLOBALS['userid']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_payouts) > 0)
- {
+ if (SQL_NUMROWS($result_payouts) > 0) {
// List all his requests
$SW = 2; $OUT = "";
- while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts))
- {
+ while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts)) {
// Translate status
- $evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";";
- eval($evl);
- $status = "<FONT class=\"member_failed\">".$status."</FONT>";
+ $status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).'');
+ $status = "<div class=\"member_failed\">".$status."</div>";
// Nothing entered must be secured in member/what-payputs.php !
- if ($allow == 'Y')
- {
+ if ($allow == "Y") {
// Banner/Textlink views/clicks request
- if (!empty($banner))
- {
+ if (!empty($banner)) {
// Banner
- $account = "<IMG src=\"".$banner."\" alt=\"".$alt."\" title=\"".$alt."\" border=\"0\">";
- }
- else
- {
+ $account = "<img src=\"".$banner."\" alt=\"".$alt."\" title=\"".$alt."\" border=\"0\" />";
+ } else {
// Textlink
$account = $alt;
}
- $bank = "<A href=\"".DEREFERER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
- }
- else
- {
+ $bank = "<a href=\"".DEREFERER($url)."\" target=\"_blank\">{--CLICK_HERE--}</a>";
+ } else {
// e-currency payout request
if (empty($account)) $account = "---";
if (empty($bank)) $bank = "---";
// Output payout list
PAYOUT_OUTPUT_PAYOUT_LIST($TPTS);
}
-}
- else
-{
+} else {
// Chedk if he can get paid by selected type
- $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
- array(bigintval($_GET['payout'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE id=%s LIMIT 1",
+ array(bigintval($_GET['payout'])), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// ID is valid
list($type, $rate, $min, $allow) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Calulcate points from submitted amount
$PAYOUT = 0;
- if (!empty($_POST['payout']))
- {
+ if (!empty($_POST['payout'])) {
$PAYOUT = bigintval($_POST['payout']) / $rate;
$PAY_MAX = $max / $rate;
}
define('PAYOUT_MAX_VALUE' , $max);
define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
- if (str_replace(",", ".", $TPTS) >= $min)
- {
+ if (REVERT_COMMA($TPTS) >= $min) {
// Ok, he can get be paid
- if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
- {
+ if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min)) {
// Calculate exact value
define('PAYOUT_POINTS_VALUE', $PAYOUT);
// Subtract points from member's account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
- array($PAYOUT, $GLOBALS['userid']), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $PAYOUT);
- }
+ SUB_POINTS("payout", $GLOBALS['userid'], $PAYOUT);
// Add entry to his tranfer history
- if ($allow == 'Y')
- {
+ if ($allow == "Y") {
// Banner/textlink ordered
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
-VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_payouts` (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
+VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
- if (GET_EXT_VERSION("admins") >= "0.4.1")
- {
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']);
+ if (GET_EXT_VERSION("admins") >= "0.4.1") {
$adm_tpl = "admin_payout_request_banner";
+ } else {
+ $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']);
}
- else
- {
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
- }
- }
- else
- {
+ } else {
// e-currency payout requested
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_payouts` (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']);
+ $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']);
$admin_tpl = "";
if (GET_EXT_VERSION("admins") >= "0.4.1")
{
}
// Generate task
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %d)",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_task_system` (assigned_admin, status, task_type, subject, text, task_created, userid)
+VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] {--PAYOUT_REQUEST_ADMIN--}','%s', UNIX_TIMESTAMP(), %s)",
array(
$msg_adm,
$GLOBALS['userid']
), __FILE__, __LINE__);
// Send out mails
- SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
+ SEND_EMAIL($GLOBALS['userid'], getMessage('PAYOUT_REQUEST_MEMBER'), $msg_mem);
// To admin(s)
- if (GET_EXT_VERSION("admins") >= "0.4.1")
- {
- // Use new method
- SEND_ADMIN_EMAILS_PRO(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
- }
- else
- {
- // Use old method
- SEND_ADMIN_EMAILS(PAYOUT_REQUEST_ADMIN, $msg_adm);
- }
+ SEND_ADMIN_NOTIFICATION(getMessage('PAYOUT_REQUEST_ADMIN'), $admin_tpl, array(), $GLOBALS['userid']);
// Load template and output it
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);
- }
- elseif ($allow == 'Y')
- {
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_REQUEST_SENT'));
+ } elseif ($allow == "Y") {
// Generate banner order form
LOAD_TEMPLATE("member_payout_form_banner");
- }
- else
- {
+ } else {
// Generate normal form
LOAD_TEMPLATE("member_payout_form");
}
- }
- else
- {
+ } else {
// Not enougth points
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_POINTS_NOT_ENOUGTH);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_POINTS_NOT_ENOUGTH'));
}
- }
- else
- {
+ } else {
// ID is invalid
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ID_INVALID);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_ID_INVALID'));
}
}
+
//
?>