inc/modules/admin/what-list_payouts.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
   4  * ===================                          Last change: 08/12/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-list_payouts.php                            *
   8  * -------------------------------------------------------------------- *
   9  * Short description : List member's payout requests                    *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2015 by Mailer Developer Team                   *
  20  * For more information visit: http://mxchange.org                      *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if ((!defined('__SECURITY')) || (!isAdmin())) {
  40         die();
  41 } // END - if
  42
  43 // Add description as navigation point
  44 addYouAreHereLink('admin', __FILE__);
  45
  46 if (isGetRequestElementSet('pid')) {
  47         // First let's get the member's id
  48         $result = sqlQueryEscaped("SELECT `userid`, `target_account`, `payout_total`, `payout_timestamp`, `password` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  49                 array(getRequestElement('pid')), __FILE__, __LINE__);
  50         list($userid, $tuserid, $points, $tstamp, $tpass) = sqlFetchRow($result);
  51         sqlFreeResult($result);
  52
  53         // Obtain some data
  54         if (!isGetRequestElementSet('task') && (!empty($userid)) && (isValidId($userid))) {
  55                 // Get task id from database
  56                 $result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
  57                         array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
  58                 list($taskId) = sqlFetchRow($result);
  59                 sqlFreeResult($result);
  60                 if (empty($taskId)) $taskId = '0';
  61         } elseif (!isValidId($userid)) {
  62                 // Cannot obtain member id!
  63                 displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERID--}');
  64         } else {
  65                 // Get task id from URL
  66                 $taskId = getRequestElement('task');
  67         }
  68
  69         if ((!empty($taskId)) && (!empty($userid)) && (isValidId($userid))) {
  70                 // Load user's data
  71                 if (!fetchUserData($userid)) {
  72                         // Abort here because it is not valid!
  73                         reportBug(__FILE__, __LINE__, 'No user account ' . $userid . ' found.');
  74                 } // END - if
  75
  76                 if ((getRequestElement('do') == 'accept') && (getUserData('email') != '')) {
  77                         // Ok, now we can output the form or execute accepting
  78                         if (isFormSent()) {
  79                                 // Obtain payout type and other data
  80                                 $result = sqlQueryEscaped("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  81                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
  82
  83                                 // Load ptype (id)
  84                                 list($ptype) = sqlFetchRow($result);
  85
  86                                 // Free result
  87                                 sqlFreeResult($result);
  88
  89                                 if (!empty($ptype)) {
  90                                         // Obtain data from payout type
  91                                         $result = sqlQueryEscaped("SELECT
  92         `from_account`,
  93         `from_pass`,
  94         `engine_url`,
  95         `engine_ret_ok`,
  96         `engine_ret_failed`,
  97         `pass_enc`,
  98         `allow_url`
  99 FROM
 100         `{?_MYSQL_PREFIX?}_payout_types`
 101 WHERE
 102         `id`=%s
 103 LIMIT 1",
 104                                                 array(bigintval($ptype)), __FILE__, __LINE__);
 105
 106                                         // Load data
 107                                         $data = sqlFetchArray($result);
 108
 109                                         // Free result
 110                                         sqlFreeResult($result);
 111
 112                                         if (!empty($data['engine_url'])) {
 113                                                 // Ok, run URL...
 114                                                 switch ($data['pass_enc']) {
 115                                                         case 'md5':
 116                                                                 $data['from_pass'] = md5($data['from_pass']);
 117                                                                 $tpass = md5($tpass);
 118                                                                 break;
 119
 120                                                         case 'base64':
 121                                                                 $data['from_pass'] = base64_encode($data['from_pass']);
 122                                                                 $tpass = base64_encode($tpass);
 123                                                                 break;
 124                                                 } // END - switch
 125
 126                                                 // Transfer variables...
 127                                                 $reason = encodeString(getMessage('ADMIN_PAYOUT_REASON'), FALSE);
 128
 129                                                 // Execute transfer
 130                                                 $ret = sendHttpGetRequest($data['engine_url']);
 131                                         } else {
 132                                                 // No URL to run
 133                                                 $ret[0] = $data['engine_ret_ok'];
 134                                         }
 135
 136                                         if ($ret[0] == $data['engine_ret_ok']) {
 137                                                 // Clear task
 138                                                 if (isValidId($taskId)) {
 139                                                         runFilterChain('solve_task', $taskId);
 140                                                 } // END - if
 141
 142                                                 // Clear payout request
 143                                                 sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
 144                                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 145
 146                                                 // Send out mail
 147                                                 $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
 148
 149                                                 // Output message
 150                                                 if ($data['allow_url'] == 'Y') {
 151                                                         // Banner / Textlink request
 152                                                         displayMessage('{--ADMIN_PAYOUT_BANNER_ACCEPTED_NOTIFIED--}');
 153                                                 } else {
 154                                                         // Normal request
 155                                                         displayMessage('{--ADMIN_PAYOUT_ACCEPTED_NOTIFIED--}');
 156                                                 }
 157
 158                                                 // Finally send mail
 159                                                 sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_ACCEPTED_SUBJECT--}', $message);
 160                                         } else {
 161                                                 // Something goes wrong... :-(
 162                                                 $content = implode('<br />', $ret);
 163                                                 loadTemplate('admin_payout_failed_transfer', FALSE, $content);
 164                                         }
 165                                 } else {
 166                                         // Cannot load payout id
 167                                         displayErrorMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}');
 168                                 }
 169                         } else {
 170                                 // Prepare content
 171                                 $content = array(
 172                                         'task' => $taskId,
 173                                         'pid'  => bigintval(getRequestElement('pid')),
 174                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
 175                                 );
 176
 177                                 // Load template
 178                                 loadTemplate('admin_payout_accept_form', FALSE, $content);
 179                         }
 180                 } elseif ((getRequestElement('do') == 'reject') && (getUserData('email') != '')) {
 181                         // Ok, now we can output the form or execute rejecting
 182                         if (isFormSent()) {
 183                                 if (isValidId($taskId)) {
 184                                         // Clear task
 185                                         runFilterChain('solve_task', $taskId);
 186                                 } // END - if
 187
 188                                 // Clear payout request
 189                                 sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
 190                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 191
 192                                 // Send out mail
 193                                 $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
 194
 195                                 // Output message
 196                                 displayMessage('{--ADMIN_PAYOUT_REJECTED_NOTIFIED--}');
 197
 198                                 // Finally send mail
 199                                 sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_REJECTED_SUBJECT--}', $message);
 200                         } else {
 201                                 // Prepare content
 202                                 $content = array(
 203                                         'task' => $taskId,
 204                                         'pid'  => bigintval(getRequestElement('pid')),
 205                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
 206                                 );
 207
 208                                 // Load template
 209                                 loadTemplate('admin_payout_reject_form', FALSE, $content);
 210                         }
 211                 } else {
 212                         // Cannot load user data
 213                         displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERDATA--}');
 214                 }
 215         } elseif (!isValidId($taskId)) {
 216                 // Failed loading task id
 217                 displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_TASK_ID--}');
 218         }
 219 } else {
 220         if (getRequestElement('do') == 'delete') {
 221                 // Delete all requests
 222                 $result = sqlQuery("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
 223         } // END - if
 224
 225         // Search for payouts
 226         $result = sqlQuery('SELECT
 227         `p`.`id`,
 228         `p`.`userid`,
 229         `p`.`payout_total`,
 230         `p`.`target_account`,
 231         `p`.`target_bank`,
 232         `t`.`type`,
 233         `p`.`payout_timestamp`,
 234         `p`.`status`,
 235         `t`.`allow_url`
 236         `p`.`target_url`,
 237         `p`.`link_text`
 238         `p`.`banner_url`
 239 FROM
 240         `{?_MYSQL_PREFIX?}_user_payouts` AS `p`
 241 LEFT JOIN
 242         `{?_MYSQL_PREFIX?}_payout_types` AS `t`
 243 ON
 244         `p`.`payout_id`=`t`.`id`
 245 ORDER BY
 246         `p`.`payout_timestamp` DESC', __FILE__, __LINE__);
 247
 248         if (!ifSqlHasZeroNumRows($result)) {
 249                 // List found payouts
 250                 $OUT = '';
 251                 while ($content = sqlFetchArray($result)) {
 252                         if ($content['status'] == 'NEW') {
 253                                 // Generate links for direct accepting and rejecting
 254                                 $content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_ACCEPT_PAYOUT--}</a>|<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_REJECT_PAYOUT--}</a>';
 255                         } else {
 256                                 // Translate status
 257                                 $content['status'] = translatePayoutStatus($content['status']);
 258                         }
 259
 260                         // Nothing entered must be secured in member/what-payputs.php !
 261                         if ($content['allow_url'] == 'Y') {
 262                                 // Banner/Textlink views/clicks request
 263                                 if (!empty($content['banner_url'])) {
 264                                         // Load template for the banner
 265                                         $content['target_account'] = loadTemplate('admin_list_payouts_banner', TRUE, $content);
 266                                 } else {
 267                                         // Textlink
 268                                         $content['target_account'] = loadTemplate('admin_list_payouts_txt', TRUE, $content);
 269                                 }
 270
 271                                 // Admins can addionally test the URL for framekillers
 272                                 $content['target_bank'] = '<a href="' . generateFrametesterUrl($content['target_url']) . '" target="_blank">{--CLICK_HERE--}</a>';
 273                         } // END - if
 274
 275                         // Add/Translate some data
 276                         $content['payout_timestamp'] = generateDateTime($content['payout_timestamp'], 2);
 277
 278                         // Add row and switch color
 279                         $OUT .= loadTemplate('admin_list_payouts_row', TRUE, $content);
 280                 } // END - while
 281
 282                 // Free memory
 283                 sqlFreeResult($result);
 284
 285                 // Load final template
 286                 loadTemplate('admin_list_payouts', FALSE, $OUT);
 287         } else {
 288                 // No payout requests are sent so far
 289                 displayMessage('{--ADMIN_PAYOUT_NO_REQUESTS_FOUND--}');
 290         }
 291 }
 292
 293 // [EOF]
 294 ?>