************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
// Don't call this directly!
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
// Not logged in
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
- // Extension "payout" is not active
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
+ addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
$result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
$TPTS = 0;
-while (list($lvl, $per) = SQL_FETCHROW($result_depths))
-{
- // Load referral points
- $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%s LIMIT 1",
- array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result_points) == 1)
- {
+while (list($lvl, $per) = SQL_FETCHROW($result_depths)) {
+ // Load referal points
+ $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%d LIMIT 1",
+ array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
+
+ // Entry found?
+ if (SQL_NUMROWS($result_points) == 1) {
+ // Load points
list($points) = SQL_FETCHROW($result_points);
- SQL_FREERESULT($result_points);
+
+ // Add them to total
$TPTS += $points;
}
+
+ // Free result
+ SQL_FREERESULT($result_points);
}
// Free memory
$result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
FROM "._MYSQL_PREFIX."_payout_types
WHERE %s >= min_points
-ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
+ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// Free memory
while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts))
{
// Translate status
- $evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";";
- eval($evl);
+ $status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).'');
$status = "<FONT class=\"member_failed\">".$status."</FONT>";
// Nothing entered must be secured in member/what-payputs.php !
define('PAYOUT_MAX_VALUE' , $max);
define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
- if (str_replace(",", ".", $TPTS) >= $min)
+ if (REVERT_COMMA($TPTS) >= $min)
{
// Ok, he can get be paid
if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
define('PAYOUT_POINTS_VALUE', $PAYOUT);
// Subtract points from member's account
- SUB_POINTS($GLOBALS['userid'], $PAYOUT);
+ SUB_POINTS("payout", $GLOBALS['userid'], $PAYOUT);
// Add entry to his tranfer history
if ($allow == "Y")
{
// Banner/textlink ordered
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
-VALUES (%s, %s, %s, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
+VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']);
if (GET_EXT_VERSION("admins") >= "0.4.1")
{
$adm_tpl = "admin_payout_request_banner";
}
else
{
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
+ $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']);
}
}
else
{
// e-currency payout requested
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%s, %s, %s, '%s', %s, UNIX_TIMESTAMP(), 'NEW', '%s')",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']);
+ $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']);
$admin_tpl = "";
if (GET_EXT_VERSION("admins") >= "0.4.1")
{
}
// Generate task
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %s)",
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
+VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] ".PAYOUT_REQUEST_ADMIN."','%s', UNIX_TIMESTAMP(), %s)",
array(
$msg_adm,
$GLOBALS['userid']
SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
// To admin(s)
- SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
+ SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, array(), $GLOBALS['userid']);
// Load template and output it
LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);