X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-list_payouts.php;h=7d8fddae6f8d69cd2f53f4020612a8310a8f1438;hb=5f70ac9d208ca39e3381705afcad2654a700a850;hp=3a646ac64d213b06ee3d500a99eae2664337a1e0;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git
diff --git a/inc/modules/admin/what-list_payouts.php b/inc/modules/admin/what-list_payouts.php
index 3a646ac64d..7d8fddae6f 100644
--- a/inc/modules/admin/what-list_payouts.php
+++ b/inc/modules/admin/what-list_payouts.php
@@ -1,7 +1,7 @@
0))
- {
- // Get task ID from database
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%d AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- list($task) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if (empty($task)) $task = "0";
-
- }
- elseif ((empty($uid)) || ($uid == "0"))
- {
- // Cannot obtain member ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
+ if (!isGetRequestElementSet('task') && (!empty($userid)) && (isValidId($userid))) {
+ // Get task id from database
+ $result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
+ array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
+ list($taskId) = sqlFetchRow($result);
+ sqlFreeResult($result);
+ if (empty($taskId)) $taskId = '0';
+ } elseif (!isValidId($userid)) {
+ // Cannot obtain member id!
+ displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERID--}');
+ } else {
+ // Get task id from URL
+ $taskId = getRequestElement('task');
}
- else
- {
- // Get task ID from URL
- $task = $_GET['task'];
- }
- if ((!empty($task)) && (!empty($uid)) && ($uid > 0))
- {
- // Load user's data
- $result = SQL_QUERY_ESC("SELECT email, sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- list($email, $sex, $surname, $family) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- // Konstante bauen
- define('PAYOUT_USERDATA_VALUE', "".TRANSLATE_SEX($sex)." ".$surname." ".$family."");
+ if ((!empty($taskId)) && (!empty($userid)) && (isValidId($userid))) {
+ // Load user's data
+ if (!fetchUserData($userid)) {
+ // Abort here because it is not valid!
+ reportBug(__FILE__, __LINE__, 'No user account ' . $userid . ' found.');
+ } // END - if
- if (($_GET['do'] == "accept") && (!empty($email)))
- {
+ if ((getRequestElement('do') == 'accept') && (getUserData('email') != '')) {
// Ok, now we can output the form or execute accepting
- if (isset($_POST['ok']))
- {
+ if (isFormSent()) {
// Obtain payout type and other data
- $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
- list($ptype) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ $result = sqlQueryEscaped("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
+
+ // Load ptype (id)
+ list($ptype) = sqlFetchRow($result);
+
+ // Free result
+ sqlFreeResult($result);
- if (!empty($ptype))
- {
+ if (!empty($ptype)) {
// Obtain data from payout type
- $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
- array(bigintval($ptype)), __FILE__, __LINE__);
- list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ $result = sqlQueryEscaped("SELECT
+ `from_account`,
+ `from_pass`,
+ `engine_url`,
+ `engine_ret_ok`,
+ `engine_ret_failed`,
+ `pass_enc`,
+ `allow_url`
+FROM
+ `{?_MYSQL_PREFIX?}_payout_types`
+WHERE
+ `id`=%s
+LIMIT 1",
+ array(bigintval($ptype)), __FILE__, __LINE__);
- if (!empty($eurl))
- {
+ // Load data
+ $data = sqlFetchArray($result);
+
+ // Free result
+ sqlFreeResult($result);
+
+ if (!empty($data['engine_url'])) {
// Ok, run URL...
- $eurl = COMPILE_CODE($eurl);
- switch ($eenc)
- {
- case "md5":
- $fpass = md5($fpass);
- $tpass = md5($tpass);
- break;
-
- case "base64":
- $fpass = base64_encode($fpass);
- $tpass = base64_encode($tpass);
- break;
- }
+ switch ($data['pass_enc']) {
+ case 'md5':
+ $data['from_pass'] = md5($data['from_pass']);
+ $tpass = md5($tpass);
+ break;
- // Transfer variables...
- $eval = "\$URL = \"".$eurl."\";";
- $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
+ case 'base64':
+ $data['from_pass'] = base64_encode($data['from_pass']);
+ $tpass = base64_encode($tpass);
+ break;
+ } // END - switch
- // Run code...
- eval($eval);
+ // Transfer variables...
+ $reason = encodeString(getMessage('ADMIN_PAYOUT_REASON'), FALSE);
// Execute transfer
- $ret = @file($URL);
- }
- else
- {
+ $ret = sendHttpGetRequest($data['engine_url']);
+ } else {
// No URL to run
- $ret[0] = $eok;
+ $ret[0] = $data['engine_ret_ok'];
}
- if ($ret[0] == $eok)
- {
+
+ if ($ret[0] == $data['engine_ret_ok']) {
// Clear task
- if ($task > 0)
- {
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
- array(bigintval($task)),__FILE__, __LINE__);
- }
+ if (isValidId($taskId)) {
+ runFilterChain('solve_task', $taskId);
+ } // END - if
// Clear payout request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
+ sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
// Send out mail
- $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
+ $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
// Output message
- if ($allow == "Y")
- {
+ if ($data['allow_url'] == 'Y') {
// Banner / Textlink request
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
- }
- else
- {
+ displayMessage('{--ADMIN_PAYOUT_BANNER_ACCEPTED_NOTIFIED--}');
+ } else {
// Normal request
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
+ displayMessage('{--ADMIN_PAYOUT_ACCEPTED_NOTIFIED--}');
}
// Finally send mail
- SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
- }
- else
- {
+ sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_ACCEPTED_SUBJECT--}', $message);
+ } else {
// Something goes wrong... :-(
- $content = implode("
", $ret);
- LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
+ $content = implode('
', $ret);
+ loadTemplate('admin_payout_failed_transfer', FALSE, $content);
}
- }
- else
- {
+ } else {
// Cannot load payout id
- OUTPUT_HTML ("".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."");
+ displayErrorMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}');
}
- }
- else
- {
+ } else {
+ // Prepare content
+ $content = array(
+ 'task' => $taskId,
+ 'pid' => bigintval(getRequestElement('pid')),
+ 'user' => '{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '',
+ );
+
// Load template
- LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
+ loadTemplate('admin_payout_accept_form', FALSE, $content);
}
- }
- elseif (($_GET['do'] == "reject") && (!empty($email)))
- {
+ } elseif ((getRequestElement('do') == 'reject') && (getUserData('email') != '')) {
// Ok, now we can output the form or execute rejecting
- if (isset($_POST['ok']))
- {
- if ($task > 0)
- {
+ if (isFormSent()) {
+ if (isValidId($taskId)) {
// Clear task
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
- array(bigintval($task)), __FILE__, __LINE__);
- }
+ runFilterChain('solve_task', $taskId);
+ } // END - if
// Clear payout request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
+ sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
// Send out mail
- $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
+ $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
// Output message
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
+ displayMessage('{--ADMIN_PAYOUT_REJECTED_NOTIFIED--}');
// Finally send mail
- SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
- }
- else
- {
+ sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_REJECTED_SUBJECT--}', $message);
+ } else {
+ // Prepare content
+ $content = array(
+ 'task' => $taskId,
+ 'pid' => bigintval(getRequestElement('pid')),
+ 'user' => '{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '',
+ );
+
// Load template
- LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
+ loadTemplate('admin_payout_reject_form', FALSE, $content);
}
- }
- else
- {
+ } else {
// Cannot load user data
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
+ displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERDATA--}');
}
+ } elseif (!isValidId($taskId)) {
+ // Failed loading task id
+ displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_TASK_ID--}');
}
- elseif((empty($task)) || ($task == "0"))
- {
- // Failed loading task ID
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
- }
-}
- else
-{
- if (empty($_GET['do'])) $_GET['do'] = "";
- if ($_GET['do'] == "delete")
- {
+} else {
+ if (getRequestElement('do') == 'delete') {
// Delete all requests
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
- }
+ $result = sqlQuery("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
+ } // END - if
// Search for payouts
- $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
-FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
-WHERE p.payout_id=t.id
-ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
+ $result = sqlQuery('SELECT
+ `p`.`id`,
+ `p`.`userid`,
+ `p`.`payout_total`,
+ `p`.`target_account`,
+ `p`.`target_bank`,
+ `t`.`type`,
+ `p`.`payout_timestamp`,
+ `p`.`status`,
+ `t`.`allow_url`
+ `p`.`target_url`,
+ `p`.`link_text`
+ `p`.`banner_url`
+FROM
+ `{?_MYSQL_PREFIX?}_user_payouts` AS `p`
+LEFT JOIN
+ `{?_MYSQL_PREFIX?}_payout_types` AS `t`
+ON
+ `p`.`payout_id`=`t`.`id`
+ORDER BY
+ `p`.`payout_timestamp` DESC', __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
+ if (!ifSqlHasZeroNums($result)) {
// List found payouts
- $OUT = ""; $SW = 2;
- while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result))
- {
- if ($status == "NEW")
- {
+ $OUT = '';
+ while ($content = sqlFetchArray($result)) {
+ if ($content['status'] == 'NEW') {
// Generate links for direct accepting and rejecting
- $status = "".PAYOUT_ACCEPT_PAYOUT." | ".PAYOUT_REJECT_PAYOUT."";
- }
- else
- {
+ $content['status'] = '{--ADMIN_PAYOUT_ACCEPT_PAYOUT--}|{--ADMIN_PAYOUT_REJECT_PAYOUT--}';
+ } else {
// Translate status
- $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
- eval($evl);
- $status = "".$status."";
+ $content['status'] = translatePayoutStatus($content['status']);
}
// Nothing entered must be secured in member/what-payputs.php !
- if ($allow == "Y")
- {
+ if ($content['allow_url'] == 'Y') {
// Banner/Textlink views/clicks request
- if (!empty($banner))
- {
- // Prepare array for the banner
- $content = array(
- 'banner' => $banner,
- 'alt' => $alt,
- 'url' => $url,
- );
-
+ if (!empty($content['banner_url'])) {
// Load template for the banner
- $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
- }
- else
- {
+ $content['target_account'] = loadTemplate('admin_list_payouts_banner', TRUE, $content);
+ } else {
// Textlink
- $content = array(
- 'txt_link' => $alt,
- 'txt_url' => $url,
- );
- $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
+ $content['target_account'] = loadTemplate('admin_list_payouts_txt', TRUE, $content);
}
// Admins can addionally test the URL for framekillers
- $bank = "".CLICK_HERE."";
- }
- else
- {
- // e-currency payout request
- if (empty($account)) $account = "---";
- if (empty($bank)) $bank = "---";
- }
+ $content['target_bank'] = '{--CLICK_HERE--}';
+ } // END - if
- // Remember data in array for the template
- $content = array(
- 'sw' => $SW,
- 'ulink' => ADMIN_USER_PROFILE_LINK($uid),
- 'ptype' => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
- 'account' => $account,
- 'bank' => $bank,
- 'tstamp' => MAKE_DATETIME($tstamp, "2"),
- 'status' => $status,
- );
+ // Add/Translate some data
+ $content['payout_timestamp'] = generateDateTime($content['payout_timestamp'], 2);
// Add row and switch color
- $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
- $SW = 3 - $SW;
- }
+ $OUT .= loadTemplate('admin_list_payouts_row', TRUE, $content);
+ } // END - while
// Free memory
- SQL_FREERESULT($result);
- define('__PAYOUT_ROWS', $OUT);
+ sqlFreeResult($result);
// Load final template
- LOAD_TEMPLATE("admin_list_payouts");
- }
- else
- {
+ loadTemplate('admin_list_payouts', FALSE, $OUT);
+ } else {
// No payout requests are sent so far
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
+ displayMessage('{--ADMIN_PAYOUT_NO_REQUESTS_FOUND--}');
}
}
-//
+
+// [EOF]
?>