Reset rewritten, SQL fixed, zeros are now numeric
[mailer.git] / inc / modules / admin / what-list_payouts.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 05/08/2004 *
4  * ================                             Last change: 08/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-list_payouts.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : List member's payout requests                    *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 if (!empty($_GET['pid']))
44 {
45         // First let's get the member's ID
46         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
47          array($_GET['pid']), __FILE__, __LINE__);
48         list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
49         SQL_FREERESULT($result);
50
51         // Obtain some data
52         if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0)) {
53                 // Get task ID from database
54                 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
55                  array(bigintval($uid)), __FILE__, __LINE__);
56                 list($task) = SQL_FETCHROW($result);
57                 SQL_FREERESULT($result);
58                 if (empty($task)) $task = 0;
59         } elseif ((empty($uid)) || ($uid == "0")) {
60                 // Cannot obtain member ID!
61                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
62         } else {
63                 // Get task ID from URL
64                 $task = $_GET['task'];
65         }
66
67         if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
68                 // Load user's data
69                 $result = SQL_QUERY_ESC("SELECT email, sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
70                  array(bigintval($uid)), __FILE__, __LINE__);
71                 list($email, $sex, $surname, $family) = SQL_FETCHROW($result);
72                 SQL_FREERESULT($result);
73
74                 // Konstante bauen
75                 define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_SEX($sex)." ".$surname." ".$family."</A>");
76
77                 if (($_GET['do'] == "accept") && (!empty($email)))
78                 {
79                         // Ok, now we can output the form or execute accepting
80                         if (isset($_POST['ok']))
81                         {
82                                 // Obtain payout type and other data
83                                 $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
84                                  array(bigintval($_GET['pid'])), __FILE__, __LINE__);
85                                 list($ptype) = SQL_FETCHROW($result);
86                                 SQL_FREERESULT($result);
87
88                                 if (!empty($ptype))
89                                 {
90                                         // Obtain data from payout type
91                                         $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
92                                          array(bigintval($ptype)), __FILE__, __LINE__);
93                                         list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
94                                         SQL_FREERESULT($result);
95
96                                         if (!empty($eurl))
97                                         {
98                                                 // Ok, run URL...
99                                                 $eurl = COMPILE_CODE($eurl);
100                                                 switch ($eenc)
101                                                 {
102                                                 case "md5":
103                                                         $fpass = md5($fpass);
104                                                         $tpass = md5($tpass);
105                                                         break;
106
107                                                 case "base64":
108                                                         $fpass = base64_encode($fpass);
109                                                         $tpass = base64_encode($tpass);
110                                                         break;
111                                                 }
112
113                                                 // Transfer variables...
114                                                 $eval = "\$URL = \"".$eurl."\";";
115                                                 $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
116
117                                                 // Run code...
118                                                 eval($eval);
119
120                                                 // Execute transfer
121                                                 $ret = @file($URL);
122                                         }
123                                          else
124                                         {
125                                                 // No URL to run
126                                                 $ret[0] = $eok;
127                                         }
128                                         if ($ret[0] == $eok)
129                                         {
130                                                 // Clear task
131                                                 if ($task > 0) {
132                                                         ADMIN_SOLVE_TASK($task);
133                                                 }
134
135                                                 // Clear payout request
136                                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%s LIMIT 1",
137                                                  array(bigintval($_GET['pid'])), __FILE__, __LINE__);
138
139                                                 // Send out mail
140                                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
141
142                                                 // Output message
143                                                 if ($allow == "Y")
144                                                 {
145                                                         // Banner / Textlink request
146                                                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
147                                                 }
148                                                  else
149                                                 {
150                                                         // Normal request
151                                                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
152                                                 }
153
154                                                 // Finally send mail
155                                                 SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
156                                         }
157                                          else
158                                         {
159                                                 // Something goes wrong... :-(
160                                                 $content = implode("<br />", $ret);
161                                                 LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
162                                         }
163                                 }
164                                  else
165                                 {
166                                         // Cannot load payout id
167                                         OUTPUT_HTML("<STRONG class=\"admin_failed\">".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."</STRONG>");
168                                 }
169                         }
170                          else
171                         {
172                                 // Load template
173                                 LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
174                         }
175                 }
176                  elseif (($_GET['do'] == "reject") && (!empty($email)))
177                 {
178                         // Ok, now we can output the form or execute rejecting
179                         if (isset($_POST['ok']))
180                         {
181                                 if ($task > 0) {
182                                         // Clear task
183                                         ADMIN_SOLVE_TASK($task);
184                                 }
185
186                                 // Clear payout request
187                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%s LIMIT 1",
188                                  array(bigintval($_GET['pid'])), __FILE__, __LINE__);
189
190                                 // Send out mail
191                                 $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
192
193                                 // Output message
194                                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
195
196                                 // Finally send mail
197                                 SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
198                         }
199                          else
200                         {
201                                 // Load template
202                                 LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
203                         }
204                 }
205                  else
206                 {
207                         // Cannot load user data
208                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
209                 }
210         }
211          elseif((empty($task)) || ($task == "0"))
212         {
213                 // Failed loading task ID
214                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
215         }
216 }
217  else
218 {
219         if (empty($_GET['do'])) $_GET['do'] = "";
220         if ($_GET['do'] == "delete")
221         {
222                 // Delete all requests
223                 $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
224         }
225
226         // Search for payouts
227         $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
228 FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
229 WHERE p.payout_id=t.id
230 ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
231
232         if (SQL_NUMROWS($result) > 0)
233         {
234                 // List found payouts
235                 $OUT = ""; $SW = 2;
236                 while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result))
237                 {
238                         if ($status == "NEW")
239                         {
240                                 // Generate links for direct accepting and rejecting
241                                 $status = "<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$pid."\">".PAYOUT_ACCEPT_PAYOUT."</A>&nbsp;|&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$pid."\">".PAYOUT_REJECT_PAYOUT."</A>";
242                         }
243                          else
244                         {
245                                 // Translate status
246                                 $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
247                                 eval($evl);
248                                 $status = "<FONT class=\"admin_failed\">".$status."</FONT>";
249                         }
250
251                         // Nothing entered must be secured in member/what-payputs.php !
252                         if ($allow == "Y")
253                         {
254                                 // Banner/Textlink views/clicks request
255                                 if (!empty($banner))
256                                 {
257                                         // Prepare array for the banner
258                                         $content = array(
259                                                 'banner' => $banner,
260                                                 'alt'    => $alt,
261                                                 'url'    => $url,
262                                         );
263
264                                         // Load template for the banner
265                                         $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
266                                 }
267                                  else
268                                 {
269                                         // Textlink
270                                         $content = array(
271                                                 'txt_link' => $alt,
272                                                 'txt_url'  => $url,
273                                         );
274                                         $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
275                                 }
276
277                                 // Admins can addionally test the URL for framekillers
278                                 $bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
279                         }
280                          else
281                         {
282                                 // e-currency payout request
283                                 if (empty($account)) $account = "---";
284                                 if (empty($bank))    $bank    = "---";
285                         }
286
287                         // Remember data in array for the template
288                         $content = array(
289                                 'sw'      => $SW,
290                                 'ulink'   => ADMIN_USER_PROFILE_LINK($uid),
291                                 'ptype'   => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
292                                 'account' => $account,
293                                 'bank'    => $bank,
294                                 'tstamp'  => MAKE_DATETIME($tstamp, "2"),
295                                 'status'  => $status,
296                         );
297
298                         // Add row and switch color
299                         $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
300                         $SW = 3 - $SW;
301                 }
302
303                 // Free memory
304                 SQL_FREERESULT($result);
305                 define('__PAYOUT_ROWS', $OUT);
306
307                 // Load final template
308                 LOAD_TEMPLATE("admin_list_payouts");
309         }
310          else
311         {
312                 // No payout requests are sent so far
313                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
314         }
315 }
316 //
317 ?>