Security line in all includes changed
[mailer.git] / inc / modules / admin / what-config_points.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 10/12/2003 *
4  * ===============                              Last change: 12/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-config_points.php                           *
8  * -------------------------------------------------------------------- *
9  * Short description : Setup welcome-points for registration etc.       *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Einstellen der Willkommensgutschrift usw.        *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 if (!empty($_GET['sub'])) {
44         switch ($_GET['sub'])
45         {
46         case "points":
47                 if ((empty($_POST['points_register'])) || (empty($_POST['points_ref']))) {
48                         unset($_POST['ok']);
49                 }
50                 break;
51
52         case "ref":
53                 if (isset($_GET['do'])) {
54                         if (((empty($_POST['lvl'])) || (empty($_POST['perc']))) && ($_GET['do'] == "add")) {
55                                 unset($_POST['ok']);
56                         }
57                 }
58                 break;
59         }
60 } else {
61         // Display overview
62         $_GET['sub'] = "overview";
63 }
64
65 if (isset($_POST['ok'])) {
66         $SQL = array();
67         switch ($_GET['sub'])
68         {
69         case "points":
70                 $SQL[] = "UPDATE "._MYSQL_PREFIX."_config SET points_register='".$_POST['points_register']."', points_ref='".$_POST['points_ref']."' WHERE config=0 LIMIT 1";
71                 break;
72
73         case "ref":
74                 switch ($_GET['do'])
75                 {
76                 case "add":
77                         $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_refdepths (level, percents) VALUES ('".$_POST['lvl']."', '".$_POST['perc']."')";
78                         break;
79
80                 case "edit": // Change entries
81                         foreach ($_POST['lvl'] as $id => $value) {
82                                 // Secure ID
83                                 $id = bigintval($id);
84
85                                 // Update entry
86                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refdepths SET level='%s', percents='%s' WHERE id=%s LIMIT 1",
87                                  array(bigintval($value), $_POST['perc'][$id], $id), __FILE__, __LINE__);
88                         }
89                         $TEXT = REF_DEPTHS_SAVED;
90                         break;
91
92                 case "del":
93                         foreach ($_POST['id'] as $id => $value) {
94                                 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_refdepths WHERE id=%s LIMIT 1",
95                                  array(bigintval($id)), __FILE__, __LINE__);
96                         }
97                         $TEXT = REF_DEPTHS_DELETED;
98                         break;
99                 }
100
101                 // Update cache file
102                 if (GET_EXT_VERSION("cache") >= "0.1.2") {
103                         if ($cacheInstance->cache_file("refdepths", true)) $cacheInstance->cache_destroy();
104                 }
105                 break;
106
107         case "settings":
108                 $REF = bigintval($_POST['ref_payout']);
109                 $SQL[] = sprintf("UPDATE "._MYSQL_PREFIX."_config SET
110 allow_direct_pay='%s',
111 reg_points_mode='%s',
112 ref_payout='%s'
113 WHERE config=0 LIMIT 1",
114  $_POST['allow_direct_pay'],
115  $_POST['reg_points_mode'],
116  $REF
117                 );
118                 if (($_CONFIG['ref_payout'] == 0) && ($_POST['ref_payout'] > 0))
119                 {
120                         // Update account's ref_payout for "must-confirm"
121                         $SQL[] = sprintf("UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=(%s - mails_confirmed)
122 WHERE mails_confirmed < %s", $REF, $REF);
123                 }
124                  elseif (($_CONFIG['ref_payout'] > 0) && ($_POST['ref_payout'] == 0))
125                 {
126                         // Update account's ref_payout for "not-must-confirm"
127                         $SQL[] = "UPDATE "._MYSQL_PREFIX."_user_data SET ref_payout=0 WHERE ref_payout > 0";
128                         $SQL[] = "UPDATE "._MYSQL_PREFIX."_user_points SET points=points+locked_points WHERE locked_points>0";
129                         $SQL[] = "UPDATE "._MYSQL_PREFIX."_user_points SET locked_points=0 WHERE locked_points>0";
130                 }
131                 break;
132         }
133         if ((isset($SQL)) && (is_array($SQL)) && (!empty($SQL[0])))
134         {
135                 if (strpos($SQL[0], "INSERT") > -1)
136                 {
137                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_refdepths WHERE level='%s' LIMIT 1",
138                          array(bigintval($_POST['lvl'])), __FILE__, __LINE__);
139                         SQL_FREERESULT($result);
140                 }
141                 if (count($SQL) > 0)
142                 {
143                         // Run all SQL commands
144                         foreach ($SQL as $s)
145                         {
146                                 $result = SQL_QUERY($s, __FILE__, __LINE__);
147                         }
148
149                         $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
150
151                         // Destroy config cache file here...
152                         REBUILD_CACHE("config", "config");
153                 }
154                  else
155                 {
156                         $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
157                 }
158                 unset($SQL);
159                 LOAD_TEMPLATE("admin_settings_saved", false, $content);
160         }
161          elseif (isset($TEXT))
162         {
163                 LOAD_TEMPLATE("admin_settings_saved", false, $TEXT);
164         }
165 }
166  elseif ($_GET['sub'] == "settings")
167 {
168         // Setup some settings like direct pay and so on
169         // Including new add-mode for one-time referral bonus
170         switch ($_CONFIG['allow_direct_pay'])
171         {
172         case 'Y':
173                 define('__DIRECT_Y', ' checked');
174                 define('__DIRECT_N', "");
175                 break;
176
177         case 'N':
178                 define('__DIRECT_Y', "");
179                 define('__DIRECT_N', ' checked');
180                 break;
181         }
182
183         // One-time referral bonus add-mode
184         switch ($_CONFIG['reg_points_mode'])
185         {
186                 case "ref"   : define('__MODE_REF', ' checked'); define('__MODE_DIRECT', "");         break;
187                 case "direct": define('__MODE_REF', "");         define('__MODE_DIRECT', ' checked'); break;
188         }
189
190         // Referral payout value
191         define('__REF_PAYOUT', round($_CONFIG['ref_payout']));
192
193         // Load template
194         LOAD_TEMPLATE("admin_config_point_settings");
195 }
196  elseif ($_GET['sub'] == "ref")
197 {
198          if ((isset($_POST['del'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0]))))
199         {
200                 // Delete entries
201                 $SW = 2; $OUT = "";
202                 foreach ($_POST['sel'] as $id => $value)
203                 {
204                         $result = SQL_QUERY_ESC("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths WHERE id=%s LIMIT 1",
205                          array(bigintval($id)), __FILE__, __LINE__);
206                         list($lvl, $perc) = SQL_FETCHROW($result);
207                         SQL_FREERESULT($result);
208
209                         // Prepare data for the row template
210                         $content = array(
211                                 'sw'  => $SW,
212                                 'id'  => $id,
213                                 'lvl' => $lvl,
214                                 'per' => $perc,
215                         );
216
217                         // Load row template and switch color
218                         $OUT .= LOAD_TEMPLATE("admin_points_del_row", true, $content);
219                         $SW = 3 - $SW;
220                 }
221                 define('__LEVEL_ROWS', $OUT);
222
223                 // Load main template
224                 LOAD_TEMPLATE("admin_points_del");
225         }
226          elseif ((isset($_POST['edit'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0]))))
227         {
228                 // Edit entries
229                 $SW = 2; $OUT = "";
230                 foreach ($_POST['sel'] as $id => $value)
231                 {
232                         $result = SQL_QUERY_ESC("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths WHERE id=%s LIMIT 1",
233                          array(bigintval($id)), __FILE__, __LINE__);
234                         list($lvl, $perc) = SQL_FETCHROW($result);
235                         SQL_FREERESULT($result);
236
237                         // Prepare data for the row template
238                         $content = array(
239                                 'sw'  => $SW,
240                                 'id'  => $id,
241                                 'lvl' => $lvl,
242                                 'per' => $perc,
243                         );
244
245                         // Load row template and switch color
246                         $OUT .= LOAD_TEMPLATE("admin_points_edit_row", true, $content);
247                         $SW = 3 - $SW;
248                 }
249                 define('__LEVEL_ROWS', $OUT);
250
251                 // Load main template
252                 LOAD_TEMPLATE("admin_points_edit");
253         }
254          else
255         {
256                 // Referral levels
257                 $result = SQL_QUERY("SELECT id, level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
258                 if (SQL_NUMROWS($result) > 0)
259                 {
260                         // Make referral levels editable and deletable
261                         $SW = 2; $OUT = "";
262
263                         // List already existing categories for editing
264                         while (list($id, $lvl, $perc) = SQL_FETCHROW($result))
265                         {
266                                 // Prepare data for the row template
267                                 $content = array(
268                                         'sw'  => $SW,
269                                         'id'  => $id,
270                                         'lvl' => $lvl,
271                                         'per' => $perc,
272                                 );
273
274                                 // Load row template and switch color
275                                 $OUT .= LOAD_TEMPLATE("admin_points_row", true, $content);
276                                 $SW = 3 - $SW;
277                         }
278
279                         // Free memory
280                         SQL_FREERESULT($result);
281                         define('__LEVEL_ROWS', $OUT);
282
283                         // Load main template
284                         LOAD_TEMPLATE("admin_points");
285                 }
286
287                 // Form for adding new referral levels
288                 LOAD_TEMPLATE("admin_add_reflvl");
289         }
290 }
291  elseif ($_GET['sub'] == "points")
292 {
293         // First points for registration and other fixed points including new add-mode for one-time referral bonus...
294         define('P_REG_VALUE', $_CONFIG['points_register']);
295         define('P_REF_VALUE', $_CONFIG['points_ref']);
296
297         // Load templates
298         LOAD_TEMPLATE("admin_config_sub_points");
299 }
300  else
301 {
302         // Display selection box
303         LOAD_TEMPLATE("admin_config_points");
304 }
305
306 //
307 ?>