inc/modules/admin/what-list_payouts.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
   4  * ===================                          Last change: 08/12/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-list_payouts.php                            *
   8  * -------------------------------------------------------------------- *
   9  * Short description : List member's payout requests                    *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
  20  * For more information visit: http://mxchange.org                      *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if ((!defined('__SECURITY')) || (!isAdmin())) {
  40         die();
  41 } // END - if
  42
  43 // Add description as navigation point
  44 addYouAreHereLink('admin', __FILE__);
  45
  46 if (isGetRequestElementSet('pid')) {
  47         // First let's get the member's id
  48         $result = SQL_QUERY_ESC("SELECT `userid`, `target_account`, `payout_total`, `payout_timestamp`, `password` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  49                 array(getRequestElement('pid')), __FILE__, __LINE__);
  50         list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
  51         SQL_FREERESULT($result);
  52
  53         // Obtain some data
  54         if (!isGetRequestElementSet('task') && (!empty($userid)) && (isValidUserId($userid))) {
  55                 // Get task id from database
  56                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
  57                         array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
  58                 list($taskId) = SQL_FETCHROW($result);
  59                 SQL_FREERESULT($result);
  60                 if (empty($taskId)) $taskId = '0';
  61         } elseif ((empty($userid)) || ($userid == '0')) {
  62                 // Cannot obtain member id!
  63                 displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERID--}');
  64         } else {
  65                 // Get task id from URL
  66                 $taskId = getRequestElement('task');
  67         }
  68
  69         if ((!empty($taskId)) && (!empty($userid)) && (isValidUserId($userid))) {
  70                 // Load user's data
  71                 if (!fetchUserData($userid)) {
  72                         // Abort here because it is not valid!
  73                         debug_report_bug(__FILE__, __LINE__, 'No user account ' . $userid . ' found.');
  74                 } // END - if
  75
  76                 if ((getRequestElement('do') == 'accept') && (getUserData('email') != '')) {
  77                         // Ok, now we can output the form or execute accepting
  78                         if (isFormSent()) {
  79                                 // Obtain payout type and other data
  80                                 $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  81                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
  82
  83                                 // Load ptype (id)
  84                                 list($ptype) = SQL_FETCHROW($result);
  85
  86                                 // Free result
  87                                 SQL_FREERESULT($result);
  88
  89                                 if (!empty($ptype)) {
  90                                         // Obtain data from payout type
  91                                         $result = SQL_QUERY_ESC("SELECT
  92         `from_account`,`from_pass`,`engine_url`,`engine_ret_ok`,`engine_ret_failed`,`pass_enc`,`allow_url`
  93 FROM
  94         `{?_MYSQL_PREFIX?}_payout_types`
  95 WHERE
  96         `id`=%s
  97 LIMIT 1",
  98                                                 array(bigintval($ptype)), __FILE__, __LINE__);
  99
 100                                         // Load data
 101                                         $data = SQL_FETCHARRAY($result);
 102
 103                                         // Free result
 104                                         SQL_FREERESULT($result);
 105
 106                                         if (!empty($data['engine_url'])) {
 107                                                 // Ok, run URL...
 108                                                 switch ($data['pass_enc']) {
 109                                                         case 'md5':
 110                                                                 $data['from_pass'] = md5($data['from_pass']);
 111                                                                 $tpass = md5($tpass);
 112                                                                 break;
 113
 114                                                         case 'base64':
 115                                                                 $data['from_pass'] = base64_encode($data['from_pass']);
 116                                                                 $tpass = base64_encode($tpass);
 117                                                                 break;
 118                                                 } // END - switch
 119
 120                                                 // Transfer variables...
 121                                                 $reason = encodeString(getMessage('ADMIN_PAYOUT_REASON'), false);
 122
 123                                                 // Execute transfer
 124                                                 $ret = sendGetRequest($data['engine_url']);
 125                                         } else {
 126                                                 // No URL to run
 127                                                 $ret[0] = $data['engine_ret_ok'];
 128                                         }
 129
 130                                         if ($ret[0] == $data['engine_ret_ok']) {
 131                                                 // Clear task
 132                                                 if ($taskId > 0) {
 133                                                         runFilterChain('solve_task', $taskId);
 134                                                 }
 135
 136                                                 // Clear payout request
 137                                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
 138                                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 139
 140                                                 // Send out mail
 141                                                 $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
 142
 143                                                 // Output message
 144                                                 if ($data['allow_url'] == 'Y') {
 145                                                         // Banner / Textlink request
 146                                                         displayMessage('{--ADMIN_PAYOUT_BANNER_ACCEPTED_NOTIFIED--}');
 147                                                 } else {
 148                                                         // Normal request
 149                                                         displayMessage('{--ADMIN_PAYOUT_ACCEPTED_NOTIFIED--}');
 150                                                 }
 151
 152                                                 // Finally send mail
 153                                                 sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_ACCEPTED_SUBJECT--}', $message);
 154                                         } else {
 155                                                 // Something goes wrong... :-(
 156                                                 $content = implode('<br />', $ret);
 157                                                 loadTemplate('admin_payout_failed_transfer', false, $content);
 158                                         }
 159                                 } else {
 160                                         // Cannot load payout id
 161                                         loadTemplate('admin_settings_unsaved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}');
 162                                 }
 163                         } else {
 164                                 // Prepare content
 165                                 $content = array(
 166                                         'task' => $taskId,
 167                                         'pid'  => bigintval(getRequestElement('pid')),
 168                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
 169                                 );
 170
 171                                 // Load template
 172                                 loadTemplate('admin_payout_accept_form', false, $content);
 173                         }
 174                 } elseif ((getRequestElement('do') == 'reject') && (getUserData('email') != '')) {
 175                         // Ok, now we can output the form or execute rejecting
 176                         if (isFormSent()) {
 177                                 if ($taskId > 0) {
 178                                         // Clear task
 179                                         runFilterChain('solve_task', $taskId);
 180                                 } // END - if
 181
 182                                 // Clear payout request
 183                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
 184                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 185
 186                                 // Send out mail
 187                                 $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
 188
 189                                 // Output message
 190                                 displayMessage('{--ADMIN_PAYOUT_REJECTED_NOTIFIED--}');
 191
 192                                 // Finally send mail
 193                                 sendEmail(getUserData('userid'), '{--MEMBER_PAYOUT_REJECTED_SUBJECT--}', $message);
 194                         } else {
 195                                 // Prepare content
 196                                 $content = array(
 197                                         'task' => $taskId,
 198                                         'pid'  => bigintval(getRequestElement('pid')),
 199                                         'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">{%pipe,translateGender=' . getUserData('gender') . '%} ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
 200                                 );
 201
 202                                 // Load template
 203                                 loadTemplate('admin_payout_reject_form', false, $content);
 204                         }
 205                 } else {
 206                         // Cannot load user data
 207                         displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_USERDATA--}');
 208                 }
 209         } elseif ((empty($taskId)) || ($taskId == '0')) {
 210                 // Failed loading task id
 211                 displayMessage('{--ADMIN_PAYOUT_FAILED_OBTAIN_TASK_ID--}');
 212         }
 213 } else {
 214         if (getRequestElement('do') == 'delete') {
 215                 // Delete all requests
 216                 $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
 217         } // END - if
 218
 219         // Search for payouts
 220         $result = SQL_QUERY("SELECT
 221         p.id, p.userid, p.payout_total, p.target_account,
 222         p.target_bank, t.type, p.payout_timestamp, p.status,
 223         t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
 224         p.banner_url AS banner
 225 FROM
 226         `{?_MYSQL_PREFIX?}_user_payouts` AS p
 227 LEFT JOIN
 228         `{?_MYSQL_PREFIX?}_payout_types` AS t
 229 ON
 230         p.payout_id=t.id
 231 ORDER BY
 232         p.payout_timestamp DESC", __FILE__, __LINE__);
 233
 234         if (!SQL_HASZERONUMS($result)) {
 235                 // List found payouts
 236                 $OUT = '';
 237                 while ($content = SQL_FETCHARRAY($result)) {
 238                         if ($content['status'] == 'NEW') {
 239                                 // Generate links for direct accepting and rejecting
 240                                 $content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_ACCEPT_PAYOUT--}</a>|<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_REJECT_PAYOUT--}</a>';
 241                         } else {
 242                                 // Translate status
 243                                 $content['status'] = translatePayoutStatus($content['status']);
 244                         }
 245
 246                         // Nothing entered must be secured in member/what-payputs.php !
 247                         if ($content['allow'] == 'Y') {
 248                                 // Banner/Textlink views/clicks request
 249                                 if (!empty($content['banner'])) {
 250                                         // Load template for the banner
 251                                         $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
 252                                 } else {
 253                                         // Textlink
 254                                         $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
 255                                 }
 256
 257                                 // Admins can addionally test the URL for framekillers
 258                                 $content['target_bank'] = '<a href="' . generateFrametesterUrl($content['url']) . '" target="_blank">{--CLICK_HERE--}</a>';
 259                         } // END - if
 260
 261                         // Add/Translate some data
 262                         $content['payout_timestamp'] = generateDateTime($content['payout_timestamp'], 2);
 263
 264                         // Add row and switch color
 265                         $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
 266                 } // END - while
 267
 268                 // Free memory
 269                 SQL_FREERESULT($result);
 270
 271                 // Load final template
 272                 loadTemplate('admin_list_payouts', false, $OUT);
 273         } else {
 274                 // No payout requests are sent so far
 275                 displayMessage('{--ADMIN_PAYOUT_NO_REQUESTS_FOUND--}');
 276         }
 277 }
 278
 279 // [EOF]
 280 ?>