Deprecated variables for templates removed, mor EL-rewrites, getMessage() rewritten:
[mailer.git] / inc / modules / admin / what-list_payouts.php
1 <?php
2 /************************************************************************
3  * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
4  * ===================                          Last change: 08/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-list_payouts.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : List member's payout requests                    *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
22  * For more information visit: http://www.mxchange.org                  *
23  *                                                                      *
24  * This program is free software; you can redistribute it and/or modify *
25  * it under the terms of the GNU General Public License as published by *
26  * the Free Software Foundation; either version 2 of the License, or    *
27  * (at your option) any later version.                                  *
28  *                                                                      *
29  * This program is distributed in the hope that it will be useful,      *
30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
32  * GNU General Public License for more details.                         *
33  *                                                                      *
34  * You should have received a copy of the GNU General Public License    *
35  * along with this program; if not, write to the Free Software          *
36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
37  * MA  02110-1301  USA                                                  *
38  ************************************************************************/
39
40 // Some security stuff...
41 if ((!defined('__SECURITY')) || (!isAdmin())) {
42         die();
43 } // END - if
44
45 // Add description as navigation point
46 addMenuDescription('admin', __FILE__);
47
48 if (isGetRequestParameterSet(('pid'))) {
49         // First let's get the member's id
50         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
51                 array(getRequestParameter('pid')), __FILE__, __LINE__);
52         list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
53         SQL_FREERESULT($result);
54
55         // Obtain some data
56         if (!isGetRequestParameterSet(('task')) && (!empty($userid)) && ($userid > 0)) {
57                 // Get task id from database
58                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
59                         array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
60                 list($task) = SQL_FETCHROW($result);
61                 SQL_FREERESULT($result);
62                 if (empty($task)) $task = '0';
63         } elseif ((empty($userid)) || ($userid == '0')) {
64                 // Cannot obtain member id!
65                 loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_USERID--}');
66         } else {
67                 // Get task id from URL
68                 $task = getRequestParameter('task');
69         }
70
71         if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
72                 // Load user's data
73                 if (!fetchUserData($userid)) {
74                         // Abort here because it is not valid!
75                         debug_report_bug(__FILE__, __LINE__, 'No user account ' . $userid . ' found.');
76                 } // END - if
77
78                 if ((getRequestParameter('do') == 'accept') && (!empty(getUserData('email')))) {
79                         // Ok, now we can output the form or execute accepting
80                         if (isFormSent()) {
81                                 // Obtain payout type and other data
82                                 $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
83                                         array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
84
85                                 // Load ptype (id)
86                                 list($ptype) = SQL_FETCHROW($result);
87
88                                 // Free result
89                                 SQL_FREERESULT($result);
90
91                                 if (!empty($ptype)) {
92                                         // Obtain data from payout type
93                                         $result = SQL_QUERY_ESC("SELECT
94         `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
95 FROM
96         `{?_MYSQL_PREFIX?}_payout_types`
97 WHERE
98         `id`=%s
99 LIMIT 1",
100                                                 array(bigintval($ptype)), __FILE__, __LINE__);
101
102                                         // Load data
103                                         $data = SQL_FETCHARRAY($result);
104
105                                         // Free result
106                                         SQL_FREERESULT($result);
107
108                                         if (!empty($data['engine_url'])) {
109                                                 // Ok, run URL...
110                                                 switch ($data['pass_enc']) {
111                                                         case 'md5':
112                                                                 $data['from_pass'] = md5($data['from_pass']);
113                                                                 $tpass = md5($tpass);
114                                                                 break;
115
116                                                         case 'base64':
117                                                                 $data['from_pass'] = base64_encode($data['from_pass']);
118                                                                 $tpass = base64_encode($tpass);
119                                                                 break;
120                                                 }
121
122                                                 // Transfer variables...
123                                                 $reason = encodeString(getMessage('ADMIN_PAYOUT_REASON'), false);
124
125                                                 // Execute transfer
126                                                 $ret = sendGetRequest($data['engine_url']);
127                                         } else {
128                                                 // No URL to run
129                                                 $ret[0] = $data['engine_ret_ok'];
130                                         }
131
132                                         if ($ret[0] == $data['engine_ret_ok']) {
133                                                 // Clear task
134                                                 if ($task > 0) {
135                                                         runFilterChain('solve_task', $task);
136                                                 }
137
138                                                 // Clear payout request
139                                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
140                                                         array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
141
142                                                 // Send out mail
143                                                 $message = loadEmailTemplate('member_payout_accepted', postRequestParameter('text'), $userid);
144
145                                                 // Output message
146                                                 if ($data['allow_url'] == 'Y') {
147                                                         // Banner / Textlink request
148                                                         loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_BANNER_ACCEPTED_NOTIFIED--}');
149                                                 } else {
150                                                         // Normal request
151                                                         loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_ACCEPTED_NOTIFIED--}');
152                                                 }
153
154                                                 // Finally send mail
155                                                 sendEmail(getUserData('email'), getMessage('MEMBER_PAYOUT_ACCEPTED_SUBJECT'), $message);
156                                         } else {
157                                                 // Something goes wrong... :-(
158                                                 $content = implode('<br />', $ret);
159                                                 loadTemplate('admin_payout_failed_transfer', false, $content);
160                                         }
161                                 } else {
162                                         // Cannot load payout id
163                                         loadTemplate('admin_settings_saved', false, '<div class="admin_failed">{--ADMIN_PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>');
164                                 }
165                         } else {
166                                 // Prepare content
167                                 $content = array(
168                                         'task' => $task,
169                                         'pid'  => bigintval(getRequestParameter('pid')),
170                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
171                                 );
172
173                                 // Load template
174                                 loadTemplate('admin_payout_accept_form', false, $content);
175                         }
176                 } elseif ((getRequestParameter('do') == 'reject') && (!empty(getUserData('email')))) {
177                         // Ok, now we can output the form or execute rejecting
178                         if (isFormSent()) {
179                                 if ($task > 0) {
180                                         // Clear task
181                                         runFilterChain('solve_task', $task);
182                                 } // END - if
183
184                                 // Clear payout request
185                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
186                                         array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
187
188                                 // Send out mail
189                                 $message = loadEmailTemplate('member_payout_rejected', postRequestParameter('text'), $userid);
190
191                                 // Output message
192                                 loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_REJECTED_NOTIFIED--}');
193
194                                 // Finally send mail
195                                 sendEmail(getUserData('email'), getMessage('MEMBER_PAYOUT_REJECTED_SUBJECT'), $message);
196                         } else {
197                                 // Prepare content
198                                 $content = array(
199                                         'task' => $task,
200                                         'pid'  => bigintval(getRequestParameter('pid')),
201                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
202                                 );
203
204                                 // Load template
205                                 loadTemplate('admin_payout_reject_form', false, $content);
206                         }
207                 } else {
208                         // Cannot load user data
209                         loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_USERDATA--}');
210                 }
211         } elseif ((empty($task)) || ($task == '0')) {
212                 // Failed loading task id
213                 loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_TASK_ID--}');
214         }
215 } else {
216         if (getRequestParameter('do') == 'delete') {
217                 // Delete all requests
218                 $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
219         } // END - if
220
221         // Search for payouts
222         $result = SQL_QUERY("SELECT
223         p.id, p.userid, p.payout_total, p.target_account,
224         p.target_bank, t.type, p.payout_timestamp, p.status,
225         t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
226         p.banner_url AS banner
227 FROM
228         `{?_MYSQL_PREFIX?}_user_payouts` AS p
229 LEFT JOIN
230         `{?_MYSQL_PREFIX?}_payout_types` AS t
231 ON
232         p.payout_id=t.id
233 ORDER BY
234         p.payout_timestamp DESC", __FILE__, __LINE__);
235
236         if (SQL_NUMROWS($result) > 0) {
237                 // List found payouts
238                 $OUT = ''; $SW = 2;
239                 while ($content = SQL_FETCHARRAY($result)) {
240                         if ($content['status'] == 'NEW') {
241                                 // Generate links for direct accepting and rejecting
242                                 $content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_ACCEPT_PAYOUT--}</a>|<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_REJECT_PAYOUT--}</a>';
243                         } else {
244                                 // Translate status
245                                 $content['status'] = translatePayoutStatus($content['status']);
246                                 $content['status'] = '<div class="admin_failed">' . $content['status'] . '</div>';
247                         }
248
249                         // Nothing entered must be secured in member/what-payputs.php !
250                         if ($content['allow'] == 'Y') {
251                                 // Banner/Textlink views/clicks request
252                                 if (!empty($content['banner'])) {
253                                         // Load template for the banner
254                                         $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
255                                 } else {
256                                         // Textlink
257                                         $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
258                                 }
259
260                                 // Admins can addionally test the URL for framekillers
261                                 $content['target_bank'] = '<a href="' . generateFrametesterUrl($content['url']) . '" target="_blank">{--CLICK_HERE--}</a>';
262                         } else {
263                                 // e-currency payout request
264                                 if (empty($content['target_account'])) $content['target_account'] = '---';
265                                 if (empty($content['target_bank']))    $content['target_bank']    = '---';
266                         }
267
268                         // Add/Translate some data
269                         $content['sw']               = $SW;
270                         $content['payout_timestamp'] = generateDateTime($content['payout_timestamp'], 2);
271
272                         // Add row and switch color
273                         $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
274                         $SW = 3 - $SW;
275                 } // END - while
276
277                 // Free memory
278                 SQL_FREERESULT($result);
279
280                 // Load final template
281                 loadTemplate('admin_list_payouts', false, $OUT);
282         } else {
283                 // No payout requests are sent so far
284                 loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_NO_REQUESTS_FOUND--}');
285         }
286 }
287
288 // [EOF]
289 ?>