b9cbf025b58fe42984f178955d545bc943142acc
[mailer.git] / inc / modules / admin / what-list_payouts.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 05/08/2004 *
4  * ================                             Last change: 08/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-list_payouts.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : List member's payout requests                    *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software; you can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License, or    *
26  * (at your option) any later version.                                  *
27  *                                                                      *
28  * This program is distributed in the hope that it will be useful,      *
29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
31  * GNU General Public License for more details.                         *
32  *                                                                      *
33  * You should have received a copy of the GNU General Public License    *
34  * along with this program; if not, write to the Free Software          *
35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
36  * MA  02110-1301  USA                                                  *
37  ************************************************************************/
38
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!isAdmin())) {
41         die();
42 }
43
44 // Add description as navigation point
45 addMenuDescription('admin', __FILE__);
46
47 if (isGetRequestElementSet(('pid'))) {
48         // First let's get the member's id
49         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
50         array(getRequestElement('pid')), __FILE__, __LINE__);
51         list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
52         SQL_FREERESULT($result);
53
54         // Obtain some data
55         if (!isGetRequestElementSet(('task')) && (!empty($userid)) && ($userid > 0)) {
56                 // Get task id from database
57                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
58                 array(bigintval($userid)), __FILE__, __LINE__);
59                 list($task) = SQL_FETCHROW($result);
60                 SQL_FREERESULT($result);
61                 if (empty($task)) $task = 0;
62         } elseif ((empty($userid)) || ($userid == 0)) {
63                 // Cannot obtain member id!
64                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
65         } else {
66                 // Get task id from URL
67                 $task = getRequestElement('task');
68         }
69
70         if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
71                 // Load user's data
72                 $result = SQL_QUERY_ESC("SELECT `email`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
73                         array(bigintval($userid)), __FILE__, __LINE__);
74                 list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
75                 SQL_FREERESULT($result);
76
77                 if ((getRequestElement('do') == 'accept') && (!empty($email))) {
78                         // Ok, now we can output the form or execute accepting
79                         if (isFormSent()) {
80                                 // Obtain payout type and other data
81                                 $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
82                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
83                                 list($ptype) = SQL_FETCHROW($result);
84                                 SQL_FREERESULT($result);
85
86                                 if (!empty($ptype)) {
87                                         // Obtain data from payout type
88                                         $result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
89 FROM
90         `{?_MYSQL_PREFIX?}_payout_types`
91 WHERE
92         `id`=%s
93 LIMIT 1",
94                                                 array(bigintval($ptype)), __FILE__, __LINE__);
95                                         list($fuserid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
96                                         SQL_FREERESULT($result);
97
98                                         if (!empty($eurl)) {
99                                                 // Ok, run URL...
100                                                 $eurl = compileCode($eurl);
101                                                 switch ($eenc) {
102                                                         case 'md5':
103                                                                 $fpass = md5($fpass);
104                                                                 $tpass = md5($tpass);
105                                                                 break;
106
107                                                         case 'base64':
108                                                                 $fpass = base64_encode($fpass);
109                                                                 $tpass = base64_encode($tpass);
110                                                                 break;
111                                                 }
112
113                                                 // Transfer variables...
114                                                 $eval = "\$URL = \"".$eurl."\";";
115                                                 $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
116
117                                                 // Run code...
118                                                 // @TODO Do we need this time-consuming eval() here?
119                                                 eval($eval);
120
121                                                 // Execute transfer
122                                                 $ret = sendGetRequest($URL);
123                                         } else {
124                                                 // No URL to run
125                                                 $ret[0] = $eok;
126                                         }
127
128                                         if ($ret[0] == $eok) {
129                                                 // Clear task
130                                                 if ($task > 0) {
131                                                         runFilterChain('solve_task', $task);
132                                                 }
133
134                                                 // Clear payout request
135                                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
136                                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
137
138                                                 // Send out mail
139                                                 $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
140
141                                                 // Output message
142                                                 if ($allow == 'Y') {
143                                                         // Banner / Textlink request
144                                                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
145                                                 } else {
146                                                         // Normal request
147                                                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
148                                                 }
149
150                                                 // Finally send mail
151                                                 sendEmail($email, getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message);
152                                         } else {
153                                                 // Something goes wrong... :-(
154                                                 $content = implode("<br />", $ret);
155                                                 loadTemplate('admin_payout_failed_transfer', false, $content);
156                                         }
157                                 } else {
158                                         // Cannot load payout id
159                                         loadTemplate('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
160                                 }
161                         } else {
162                                 // Prepare content
163                                 $content = array(
164                                         'task' => $task,
165                                         'pid'  => bigintval(getRequestElement('pid')),
166                                         'user' => "<a href=\"".generateEmailLink($email, 'user_data')."\">".translateGender($gender)." ".$surname." ".$family."</a>",
167                                 );
168
169                                 // Load template
170                                 loadTemplate('admin_payout_accept_form', false, $content);
171                         }
172                 } elseif ((getRequestElement('do') == 'reject') && (!empty($email))) {
173                         // Ok, now we can output the form or execute rejecting
174                         if (isFormSent()) {
175                                 if ($task > 0) {
176                                         // Clear task
177                                         runFilterChain('solve_task', $task);
178                                 } // END - if
179
180                                 // Clear payout request
181                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
182                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
183
184                                 // Send out mail
185                                 $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
186
187                                 // Output message
188                                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
189
190                                 // Finally send mail
191                                 sendEmail($email, getMessage('PAYOUT_REJECTED_SUBJECT'), $message);
192                         } else {
193                                 // Prepare content
194                                 $content = array(
195                                         'task' => $task,
196                                         'pid'  => bigintval(getRequestElement('pid')),
197                                         'user' => "<a href=\"".generateEmailLink($email, 'user_data')."\">".translateGender($gender)." ".$surname." ".$family."</a>",
198                                 );
199
200                                 // Load template
201                                 loadTemplate('admin_payout_reject_form', false, $content);
202                         }
203                 } else {
204                         // Cannot load user data
205                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
206                 }
207         } elseif ((empty($task)) || ($task == 0)) {
208                 // Failed loading task id
209                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
210         }
211 } else {
212         if (!isGetRequestElementSet('do')) setRequestGetElement('do', '');
213
214         if (getRequestElement('do') == 'delete') {
215                 // Delete all requests
216                 $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
217         } // END - if
218
219         // Search for payouts
220         $result = SQL_QUERY("SELECT
221         p.id, p.userid, p.payout_total, p.target_account,
222         p.target_bank, t.type, p.payout_timestamp, p.status,
223         t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
224         p.banner_url AS banner
225 FROM
226         `{?_MYSQL_PREFIX?}_user_payouts` AS p
227 LEFT JOIN
228         `{?_MYSQL_PREFIX?}_payout_types` AS t
229 ON
230         p.payout_id=t.id
231 ORDER BY
232         p.payout_timestamp DESC", __FILE__, __LINE__);
233
234         if (SQL_NUMROWS($result) > 0) {
235                 // List found payouts
236                 $OUT = ''; $SW = 2;
237                 while ($content = SQL_FETCHARRAY($result)) {
238                         if ($content['status'] == 'NEW') {
239                                 // Generate links for direct accepting and rejecting
240                                 $content['status'] = "<a href=\"{?URL?}/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a>&nbsp;|&nbsp;<a href=\"{?URL?}/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
241                         } else {
242                                 // Translate status
243                                 $content['status'] = getMessage('PAYOUT_STATUS_'.strtoupper($content['status']).'');
244                                 $content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
245                         }
246
247                         // Nothing entered must be secured in member/what-payputs.php !
248                         if ($content['allow'] == 'Y') {
249                                 // Banner/Textlink views/clicks request
250                                 if (!empty($content['banner'])) {
251                                         // Load template for the banner
252                                         $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
253                                 } else {
254                                         // Textlink
255                                         $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
256                                 }
257
258                                 // Admins can addionally test the URL for framekillers
259                                 $content['target_bank'] = "<a href=\"".generateFrametesterUrl($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
260                         } else {
261                                 // e-currency payout request
262                                 if (empty($content['target_account'])) $content['target_account'] = '---';
263                                 if (empty($content['target_bank']))    $content['target_bank']    = '---';
264                         }
265
266                         // Remember data in array for the template
267                         $content = array(
268                                 'sw'      => $SW,
269                                 'ulink'   => generateUserProfileLink($content['userid']),
270                                 'ptype'   => translateComma($content['payout_total']) . ' ' . $content['type'],
271                                 'account' => $content['target_account'],
272                                 'bank'    => $content['target_bank'],
273                                 'tstamp'  => generateDateTime($content['payout_timestamp'], 2),
274                                 'status'  => $content['status'],
275                         );
276
277                         // Add row and switch color
278                         $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
279                         $SW = 3 - $SW;
280                 }
281
282                 // Free memory
283                 SQL_FREERESULT($result);
284
285                 // Load final template
286                 loadTemplate('admin_list_payouts', false, $OUT);
287         } else {
288                 // No payout requests are sent so far
289                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
290         }
291 }
292
293 // [EOF]
294 ?>