X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-config_payouts.php;h=da87317ea191ff5021bf0fde925ec67a27897a72;hb=7076b0bf4f326c0dcb87daa0e02e15b0f42e619e;hp=ef2ee324cd8112c382c029509a6c5c22ae4184c5;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git

diff --git a/inc/modules/admin/what-config_payouts.php b/inc/modules/admin/what-config_payouts.php
index ef2ee324cd..da87317ea1 100644
--- a/inc/modules/admin/what-config_payouts.php
+++ b/inc/modules/admin/what-config_payouts.php
@@ -32,15 +32,15 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
-if (!empty($_POST['rate'])) $_POST['rate'] = str_replace(",", ".", $_POST['rate']);
+if (!empty($_POST['rate'])) $_POST['rate'] = REVERT_COMMA($_POST['rate']);
 
 if ((isset($_POST['add'])) && (!empty($_POST['title'])) && ($_POST['rate'] > 0))
 {
@@ -52,7 +52,7 @@ if ((isset($_POST['add'])) && (!empty($_POST['title'])) && ($_POST['rate'] > 0))
 		// Add now
 		$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_payout_types
 (type, rate, min_points, from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url)
-VALUES ('%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
+VALUES ('%s', %d, %d,'%s','%s','%s','%s','%s','%s','%s')",
  array(
 	$_POST['title'],
 	bigintval($_POST['rate']),
@@ -87,7 +87,7 @@ if ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
 	if ((isset($_GET['ok'])) && ($_GET['ok'] == "ok"))
 	{
 		// Edit entries
-		foreach ($_POST['sel'] as $id=>$sel)
+		foreach ($_POST['sel'] as $id => $sel)
 		{
 			// Secure ID
 			$id = bigintval($id);
@@ -98,14 +98,14 @@ if ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
 				// Update entry
 				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_payout_types SET
 type='%s',
-rate=%d,
-min_points=%d,
+rate=%s,
+min_points=%s,
 allow_url='%s'
 WHERE id='".$id."' LIMIT 1",
  array(
 	$_POST['title'][$id],
-	bigintval(str_replace(",", ".", $_POST['rate'][$id])),
-	bigintval(str_replace(",", ".", $_POST['mpoi'][$id])),
+	bigintval(REVERT_COMMA($_POST['rate'][$id])),
+	bigintval(REVERT_COMMA($_POST['mpoi'][$id])),
 	$_POST['allow'][$id],
 ),__FILE__, __LINE__);
 			}
@@ -116,10 +116,10 @@ WHERE id='".$id."' LIMIT 1",
 	{
 		$display = false; //Suppress any other outputs
 		$SW = 2; $OUT = "";
-		foreach ($_POST['sel'] as $id=>$sel)
+		foreach ($_POST['sel'] as $id => $sel)
 		{
 			// Load data
-			$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 			 array(bigintval($id)), __FILE__, __LINE__);
 			list($title, $rate, $mpoi, $allow) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -150,9 +150,9 @@ WHERE id='".$id."' LIMIT 1",
 	if ($_GET['ok'] == "ok")
 	{
 		// Delete entries
-		foreach ($_POST['sel'] as $id=>$sel)
+		foreach ($_POST['sel'] as $id => $sel)
 		{
-			$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 			 array(bigintval($id)), __FILE__, __LINE__);
 		}
 		$msg = ADMIN_PAYOUT_ENTRIES_DELETED;
@@ -161,13 +161,13 @@ WHERE id='".$id."' LIMIT 1",
 	{
 		$display = false; //Suppress any other outputs
 		$SW = 2; $OUT = "";
-		foreach ($_POST['sel'] as $id=>$sel)
+		foreach ($_POST['sel'] as $id => $sel)
 		{
 			// Secure ID number
 			$id = bigintval($id);
 
 			// Load data
-			$result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 			 array($id), __FILE__, __LINE__);
 			list($title, $rate, $mpoi) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -235,12 +235,12 @@ if ((SQL_NUMROWS($result_mem) > 0) && ($display))
 {
 	// Members has requested payouts
 	SQL_FREERESULT($result_mem);
-	OUTPUT_HTML ("<P><A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
+	OUTPUT_HTML("<P><A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
 }
  elseif ($display)
 {
 	// No member requests so far
-	OUTPUT_HTML ("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
+	OUTPUT_HTML("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
 }
 // Add new paypout type
 if ($display) LOAD_TEMPLATE("admin_payout_add_new");