0c11dd2e44b5e03ce366a7de29692c0790e1d688
[mailer.git] / inc / modules / admin / what-list_payouts.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 05/08/2004 *
4  * ================                             Last change: 08/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-list_payouts.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : List member's payout requests                    *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", __FILE__);
42
43 if (!empty($_GET['pid'])) {
44         // First let's get the member's ID
45         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
46                 array($_GET['pid']), __FILE__, __LINE__);
47         list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
48         SQL_FREERESULT($result);
49
50         // Obtain some data
51         if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0)) {
52                 // Get task ID from database
53                 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
54                         array(bigintval($uid)), __FILE__, __LINE__);
55                 list($task) = SQL_FETCHROW($result);
56                 SQL_FREERESULT($result);
57                 if (empty($task)) $task = 0;
58         } elseif ((empty($uid)) || ($uid == "0")) {
59                 // Cannot obtain member ID!
60                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
61         } else {
62                 // Get task ID from URL
63                 $task = $_GET['task'];
64         }
65
66         if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
67                 // Load user's data
68                 $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
69                         array(bigintval($uid)), __FILE__, __LINE__);
70                 list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
71                 SQL_FREERESULT($result);
72
73                 // Konstante bauen
74                 define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</A>");
75
76                 if (($_GET['do'] == "accept") && (!empty($email))) {
77                         // Ok, now we can output the form or execute accepting
78                         if (isset($_POST['ok'])) {
79                                 // Obtain payout type and other data
80                                 $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
81                                  array(bigintval($_GET['pid'])), __FILE__, __LINE__);
82                                 list($ptype) = SQL_FETCHROW($result);
83                                 SQL_FREERESULT($result);
84
85                                 if (!empty($ptype)) {
86                                         // Obtain data from payout type
87                                         $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
88                                          array(bigintval($ptype)), __FILE__, __LINE__);
89                                         list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
90                                         SQL_FREERESULT($result);
91
92                                         if (!empty($eurl)) {
93                                                 // Ok, run URL...
94                                                 $eurl = COMPILE_CODE($eurl);
95                                                 switch ($eenc)
96                                                 {
97                                                 case "md5":
98                                                         $fpass = md5($fpass);
99                                                         $tpass = md5($tpass);
100                                                         break;
101
102                                                 case "base64":
103                                                         $fpass = base64_encode($fpass);
104                                                         $tpass = base64_encode($tpass);
105                                                         break;
106                                                 }
107
108                                                 // Transfer variables...
109                                                 $eval = "\$URL = \"".$eurl."\";";
110                                                 $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
111
112                                                 // Run code...
113                                                 eval($eval);
114
115                                                 // Execute transfer
116                                                 $ret = GET_URL($URL);
117                                         } else {
118                                                 // No URL to run
119                                                 $ret[0] = $eok;
120                                         }
121
122                                         if ($ret[0] == $eok) {
123                                                 // Clear task
124                                                 if ($task > 0) {
125                                                         RUN_FILTER('solve_task', $task);
126                                                 }
127
128                                                 // Clear payout request
129                                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%s LIMIT 1",
130                                                         array(bigintval($_GET['pid'])), __FILE__, __LINE__);
131
132                                                 // Send out mail
133                                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
134
135                                                 // Output message
136                                                 if ($allow == "Y") {
137                                                         // Banner / Textlink request
138                                                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
139                                                 } else {
140                                                         // Normal request
141                                                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
142                                                 }
143
144                                                 // Finally send mail
145                                                 SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
146                                         } else {
147                                                 // Something goes wrong... :-(
148                                                 $content = implode("<br />", $ret);
149                                                 LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
150                                         }
151                                 } else {
152                                         // Cannot load payout id
153                                         OUTPUT_HTML("<STRONG class=\"admin_failed\">".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."</STRONG>");
154                                 }
155                         } else {
156                                 // Load template
157                                 LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
158                         }
159                 } elseif (($_GET['do'] == "reject") && (!empty($email))) {
160                         // Ok, now we can output the form or execute rejecting
161                         if (isset($_POST['ok'])) {
162                                 if ($task > 0) {
163                                         // Clear task
164                                         RUN_FILTER('solve_task', $task);
165                                 }
166
167                                 // Clear payout request
168                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%s LIMIT 1",
169                                  array(bigintval($_GET['pid'])), __FILE__, __LINE__);
170
171                                 // Send out mail
172                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
173
174                                 // Output message
175                                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
176
177                                 // Finally send mail
178                                 SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
179                         } else {
180                                 // Load template
181                                 LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
182                         }
183                 } else {
184                         // Cannot load user data
185                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
186                 }
187         } elseif ((empty($task)) || ($task == "0")) {
188                 // Failed loading task ID
189                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
190         }
191 } else {
192         if (empty($_GET['do'])) $_GET['do'] = "";
193         if ($_GET['do'] == "delete") {
194                 // Delete all requests
195                 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
196         }
197
198         // Search for payouts
199         $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
200 FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
201 WHERE p.payout_id=t.id
202 ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
203
204         if (SQL_NUMROWS($result) > 0) {
205                 // List found payouts
206                 $OUT = ""; $SW = 2;
207                 while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result)) {
208                         if ($status == "NEW") {
209                                 // Generate links for direct accepting and rejecting
210                                 $status = "<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$pid."\">".PAYOUT_ACCEPT_PAYOUT."</A>&nbsp;|&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$pid."\">".PAYOUT_REJECT_PAYOUT."</A>";
211                         } else {
212                                 // Translate status
213                                 $status = constant('PAYOUT_STATUS_'.strtoupper($status).'');
214                                 $status = "<FONT class=\"admin_failed\">".$status."</FONT>";
215                         }
216
217                         // Nothing entered must be secured in member/what-payputs.php !
218                         if ($allow == "Y") {
219                                 // Banner/Textlink views/clicks request
220                                 if (!empty($banner)) {
221                                         // Prepare array for the banner
222                                         $content = array(
223                                                 'banner' => $banner,
224                                                 'alt'    => $alt,
225                                                 'url'    => $url,
226                                         );
227
228                                         // Load template for the banner
229                                         $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
230                                 } else {
231                                         // Textlink
232                                         $content = array(
233                                                 'txt_link' => $alt,
234                                                 'txt_url'  => $url,
235                                         );
236                                         $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
237                                 }
238
239                                 // Admins can addionally test the URL for framekillers
240                                 $bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
241                         } else {
242                                 // e-currency payout request
243                                 if (empty($account)) $account = "---";
244                                 if (empty($bank))    $bank    = "---";
245                         }
246
247                         // Remember data in array for the template
248                         $content = array(
249                                 'sw'      => $SW,
250                                 'ulink'   => ADMIN_USER_PROFILE_LINK($uid),
251                                 'ptype'   => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
252                                 'account' => $account,
253                                 'bank'    => $bank,
254                                 'tstamp'  => MAKE_DATETIME($tstamp, "2"),
255                                 'status'  => $status,
256                         );
257
258                         // Add row and switch color
259                         $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
260                         $SW = 3 - $SW;
261                 }
262
263                 // Free memory
264                 SQL_FREERESULT($result);
265                 define('__PAYOUT_ROWS', $OUT);
266
267                 // Load final template
268                 LOAD_TEMPLATE("admin_list_payouts");
269         } else {
270                 // No payout requests are sent so far
271                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
272         }
273 }
274 //
275 ?>