3202805bb136b97f6099a4b44aebc54d038d3295
[mailer.git] / inc / modules / admin / what-list_payouts.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 05/08/2004 *
4  * ================                             Last change: 08/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-list_payouts.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : List member's payout requests                    *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software; you can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License, or    *
26  * (at your option) any later version.                                  *
27  *                                                                      *
28  * This program is distributed in the hope that it will be useful,      *
29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
31  * GNU General Public License for more details.                         *
32  *                                                                      *
33  * You should have received a copy of the GNU General Public License    *
34  * along with this program; if not, write to the Free Software          *
35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
36  * MA  02110-1301  USA                                                  *
37  ************************************************************************/
38
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
41         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
42         require($INC);
43 }
44
45 // Add description as navigation point
46 ADD_DESCR('admin', __FILE__);
47
48 if (REQUEST_ISSET_GET(('pid'))) {
49         // First let's get the member's ID
50         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
51                 array(REQUEST_GET('pid')), __FILE__, __LINE__);
52         list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
53         SQL_FREERESULT($result);
54
55         // Obtain some data
56         if (!REQUEST_ISSET_GET(('task')) && (!empty($uid)) && ($uid > 0)) {
57                 // Get task ID from database
58                 $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_task_system` WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
59                         array(bigintval($uid)), __FILE__, __LINE__);
60                 list($task) = SQL_FETCHROW($result);
61                 SQL_FREERESULT($result);
62                 if (empty($task)) $task = 0;
63         } elseif ((empty($uid)) || ($uid == "0")) {
64                 // Cannot obtain member ID!
65                 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
66         } else {
67                 // Get task ID from URL
68                 $task = REQUEST_GET('task');
69         }
70
71         if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
72                 // Load user's data
73                 $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
74                         array(bigintval($uid)), __FILE__, __LINE__);
75                 list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
76                 SQL_FREERESULT($result);
77
78                 // Konstante bauen
79                 define('PAYOUT_USERDATA_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</a>");
80
81                 if ((REQUEST_GET('do') == "accept") && (!empty($email))) {
82                         // Ok, now we can output the form or execute accepting
83                         if (IS_FORM_SENT()) {
84                                 // Obtain payout type and other data
85                                 $result = SQL_QUERY_ESC("SELECT payout_id FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
86                                  array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
87                                 list($ptype) = SQL_FETCHROW($result);
88                                 SQL_FREERESULT($result);
89
90                                 if (!empty($ptype)) {
91                                         // Obtain data from payout type
92                                         $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE id=%s LIMIT 1",
93                                          array(bigintval($ptype)), __FILE__, __LINE__);
94                                         list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
95                                         SQL_FREERESULT($result);
96
97                                         if (!empty($eurl)) {
98                                                 // Ok, run URL...
99                                                 $eurl = COMPILE_CODE($eurl);
100                                                 switch ($eenc)
101                                                 {
102                                                 case "md5":
103                                                         $fpass = md5($fpass);
104                                                         $tpass = md5($tpass);
105                                                         break;
106
107                                                 case "base64":
108                                                         $fpass = base64_encode($fpass);
109                                                         $tpass = base64_encode($tpass);
110                                                         break;
111                                                 }
112
113                                                 // Transfer variables...
114                                                 $eval = "\$URL = \"".$eurl."\";";
115                                                 $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
116
117                                                 // Run code...
118                                                 eval($eval);
119
120                                                 // Execute transfer
121                                                 $ret = GET_URL($URL);
122                                         } else {
123                                                 // No URL to run
124                                                 $ret[0] = $eok;
125                                         }
126
127                                         if ($ret[0] == $eok) {
128                                                 // Clear task
129                                                 if ($task > 0) {
130                                                         runFilterChain('solve_task', $task);
131                                                 }
132
133                                                 // Clear payout request
134                                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='ACCEPTED' WHERE id=%s LIMIT 1",
135                                                         array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
136
137                                                 // Send out mail
138                                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", REQUEST_POST('text'), $uid);
139
140                                                 // Output message
141                                                 if ($allow == 'Y') {
142                                                         // Banner / Textlink request
143                                                         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
144                                                 } else {
145                                                         // Normal request
146                                                         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
147                                                 }
148
149                                                 // Finally send mail
150                                                 SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
151                                         } else {
152                                                 // Something goes wrong... :-(
153                                                 $content = implode("<br />", $ret);
154                                                 LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
155                                         }
156                                 } else {
157                                         // Cannot load payout id
158                                         LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
159                                 }
160                         } else {
161                                 // Prepare content
162                                 $content = array(
163                                         'task' => $task,
164                                         'pid'  => bigintval(REQUEST_GET('pid'))
165                                 );
166
167                                 // Load template
168                                 LOAD_TEMPLATE("admin_payout_accept_form", false, $content);
169                         }
170                 } elseif ((REQUEST_GET('do') == "reject") && (!empty($email))) {
171                         // Ok, now we can output the form or execute rejecting
172                         if (IS_FORM_SENT()) {
173                                 if ($task > 0) {
174                                         // Clear task
175                                         runFilterChain('solve_task', $task);
176                                 }
177
178                                 // Clear payout request
179                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE id=%s LIMIT 1",
180                                         array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
181
182                                 // Send out mail
183                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", REQUEST_POST('text'), $uid);
184
185                                 // Output message
186                                 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
187
188                                 // Finally send mail
189                                 SEND_EMAIL($email, getMessage('PAYOUT_REJECTED_SUBJECT'), $msg);
190                         } else {
191                                 // Prepare content
192                                 $content = array(
193                                         'task' => $task
194                                         'pid'  => bigintval(REQUEST_GET('pid'))
195                                 );
196
197                                 // Load template
198                                 LOAD_TEMPLATE("admin_payout_reject_form", false, $content);
199                         }
200                 } else {
201                         // Cannot load user data
202                         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
203                 }
204         } elseif ((empty($task)) || ($task == "0")) {
205                 // Failed loading task ID
206                 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
207         }
208 } else {
209         if (!REQUEST_ISSET_GET('do')) REQUEST_SET_GET('do', '');
210
211         if (REQUEST_GET('do') == "delete") {
212                 // Delete all requests
213                 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__);
214         }
215
216         // Search for payouts
217         $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
218 FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p, `{!_MYSQL_PREFIX!}_payout_types` AS t
219 WHERE p.payout_id=t.id
220 ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
221
222         if (SQL_NUMROWS($result) > 0) {
223                 // List found payouts
224                 $OUT = ''; $SW = 2;
225                 while ($content = SQL_FETCHARRAY($result)) {
226                         if ($content['status'] == "NEW") {
227                                 // Generate links for direct accepting and rejecting
228                                 $content['status'] = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a>&nbsp;|&nbsp;<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
229                         } else {
230                                 // Translate status
231                                 $content['status'] = constant('PAYOUT_STATUS_'.strtoupper($content['status']).'');
232                                 $content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
233                         }
234
235                         // Nothing entered must be secured in member/what-payputs.php !
236                         if ($content['allow'] == 'Y') {
237                                 // Banner/Textlink views/clicks request
238                                 if (!empty($content['banner'])) {
239                                         // Load template for the banner
240                                         $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
241                                 } else {
242                                         // Textlink
243                                         $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
244                                 }
245
246                                 // Admins can addionally test the URL for framekillers
247                                 $content['target_bank'] = "<a href=\"".FRAMETESTER($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
248                         } else {
249                                 // e-currency payout request
250                                 if (empty($content['target_account'])) $content['target_account'] = "---";
251                                 if (empty($content['target_bank']))    $content['target_bank']    = "---";
252                         }
253
254                         // Remember data in array for the template
255                         $content = array(
256                                 'sw'      => $SW,
257                                 'ulink'   => ADMIN_USER_PROFILE_LINK($content['userid']),
258                                 'ptype'   => TRANSLATE_COMMA($content['payout_total'])." ".COMPILE_CODE($content['type']),
259                                 'account' => $content['target_account'],
260                                 'bank'    => $content['target_bank'],
261                                 'tstamp'  => MAKE_DATETIME($content['payout_timestamp'], "2"),
262                                 'status'  => $content['status'],
263                         );
264
265                         // Add row and switch color
266                         $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
267                         $SW = 3 - $SW;
268                 }
269
270                 // Free memory
271                 SQL_FREERESULT($result);
272                 define('__PAYOUT_ROWS', $OUT);
273
274                 // Load final template
275                 LOAD_TEMPLATE("admin_list_payouts");
276         } else {
277                 // No payout requests are sent so far
278                 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
279         }
280 }
281 //
282 ?>