inc/modules/admin/what-list_payouts.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
   4  * ===================                          Last change: 08/12/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-list_payouts.php                            *
   8  * -------------------------------------------------------------------- *
   9  * Short description : List member's payout requests                    *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Some security stuff...
  40 if ((!defined('__SECURITY')) || (!isAdmin())) {
  41         die();
  42 } // END - if
  43
  44 // Add description as navigation point
  45 addMenuDescription('admin', __FILE__);
  46
  47 if (isGetRequestElementSet(('pid'))) {
  48         // First let's get the member's id
  49         $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  50         array(getRequestElement('pid')), __FILE__, __LINE__);
  51         list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
  52         SQL_FREERESULT($result);
  53
  54         // Obtain some data
  55         if (!isGetRequestElementSet(('task')) && (!empty($userid)) && ($userid > 0)) {
  56                 // Get task id from database
  57                 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
  58                 array(bigintval($userid)), __FILE__, __LINE__);
  59                 list($task) = SQL_FETCHROW($result);
  60                 SQL_FREERESULT($result);
  61                 if (empty($task)) $task = '0';
  62         } elseif ((empty($userid)) || ($userid == '0')) {
  63                 // Cannot obtain member id!
  64                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
  65         } else {
  66                 // Get task id from URL
  67                 $task = getRequestElement('task');
  68         }
  69
  70         if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
  71                 // Load user's data
  72                 if (!fetchUserData($userid)) {
  73                         // Abort here because it is not valid!
  74                         debug_report_bug('No user account ' . $userid . ' found.');
  75                 } // END - if
  76
  77                 if ((getRequestElement('do') == 'accept') && (!empty(getUserData('email')))) {
  78                         // Ok, now we can output the form or execute accepting
  79                         if (isFormSent()) {
  80                                 // Obtain payout type and other data
  81                                 $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
  82                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
  83                                 list($ptype) = SQL_FETCHROW($result);
  84                                 SQL_FREERESULT($result);
  85
  86                                 if (!empty($ptype)) {
  87                                         // Obtain data from payout type
  88                                         $result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
  89 FROM
  90         `{?_MYSQL_PREFIX?}_payout_types`
  91 WHERE
  92         `id`=%s
  93 LIMIT 1",
  94                                                 array(bigintval($ptype)), __FILE__, __LINE__);
  95                                         list($fuserid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
  96                                         SQL_FREERESULT($result);
  97
  98                                         if (!empty($eurl)) {
  99                                                 // Ok, run URL...
 100                                                 switch ($eenc) {
 101                                                         case 'md5':
 102                                                                 $fpass = md5($fpass);
 103                                                                 $tpass = md5($tpass);
 104                                                                 break;
 105
 106                                                         case 'base64':
 107                                                                 $fpass = base64_encode($fpass);
 108                                                                 $tpass = base64_encode($tpass);
 109                                                                 break;
 110                                                 }
 111
 112                                                 // Transfer variables...
 113                                                 $eval = "\$URL = \"".$eurl."\";";
 114                                                 $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
 115
 116                                                 // Run code...
 117                                                 // @TODO Do we need this time-consuming eval() here?
 118                                                 eval($eval);
 119
 120                                                 // Execute transfer
 121                                                 $ret = sendGetRequest($URL);
 122                                         } else {
 123                                                 // No URL to run
 124                                                 $ret[0] = $eok;
 125                                         }
 126
 127                                         if ($ret[0] == $eok) {
 128                                                 // Clear task
 129                                                 if ($task > 0) {
 130                                                         runFilterChain('solve_task', $task);
 131                                                 }
 132
 133                                                 // Clear payout request
 134                                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
 135                                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 136
 137                                                 // Send out mail
 138                                                 $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
 139
 140                                                 // Output message
 141                                                 if ($allow == 'Y') {
 142                                                         // Banner / Textlink request
 143                                                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
 144                                                 } else {
 145                                                         // Normal request
 146                                                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
 147                                                 }
 148
 149                                                 // Finally send mail
 150                                                 sendEmail(getUserData('email'), getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message);
 151                                         } else {
 152                                                 // Something goes wrong... :-(
 153                                                 $content = implode("<br />", $ret);
 154                                                 loadTemplate('admin_payout_failed_transfer', false, $content);
 155                                         }
 156                                 } else {
 157                                         // Cannot load payout id
 158                                         loadTemplate('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
 159                                 }
 160                         } else {
 161                                 // Prepare content
 162                                 $content = array(
 163                                         'task' => $task,
 164                                         'pid'  => bigintval(getRequestElement('pid')),
 165                                         'user' => "<a href=\"".generateEmailLink(getUserData('email'), 'user_data')."\">".translateGender(getUserData('gender'))." ".getUserData('surname')." ".getUserData('family')."</a>",
 166                                 );
 167
 168                                 // Load template
 169                                 loadTemplate('admin_payout_accept_form', false, $content);
 170                         }
 171                 } elseif ((getRequestElement('do') == 'reject') && (!empty(getUserData('email')))) {
 172                         // Ok, now we can output the form or execute rejecting
 173                         if (isFormSent()) {
 174                                 if ($task > 0) {
 175                                         // Clear task
 176                                         runFilterChain('solve_task', $task);
 177                                 } // END - if
 178
 179                                 // Clear payout request
 180                                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
 181                                         array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
 182
 183                                 // Send out mail
 184                                 $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
 185
 186                                 // Output message
 187                                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
 188
 189                                 // Finally send mail
 190                                 sendEmail(getUserData('email'), getMessage('PAYOUT_REJECTED_SUBJECT'), $message);
 191                         } else {
 192                                 // Prepare content
 193                                 $content = array(
 194                                         'task' => $task,
 195                                         'pid'  => bigintval(getRequestElement('pid')),
 196                                         'user' => "<a href=\"".generateEmailLink(getUserData('email'), 'user_data')."\">".translateGender(getUserData('gender'))." ".getUserData('surname')." ".getUserData('family')."</a>",
 197                                 );
 198
 199                                 // Load template
 200                                 loadTemplate('admin_payout_reject_form', false, $content);
 201                         }
 202                 } else {
 203                         // Cannot load user data
 204                         loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
 205                 }
 206         } elseif ((empty($task)) || ($task == '0')) {
 207                 // Failed loading task id
 208                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
 209         }
 210 } else {
 211         if (getRequestElement('do') == 'delete') {
 212                 // Delete all requests
 213                 $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
 214         } // END - if
 215
 216         // Search for payouts
 217         $result = SQL_QUERY("SELECT
 218         p.id, p.userid, p.payout_total, p.target_account,
 219         p.target_bank, t.type, p.payout_timestamp, p.status,
 220         t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
 221         p.banner_url AS banner
 222 FROM
 223         `{?_MYSQL_PREFIX?}_user_payouts` AS p
 224 LEFT JOIN
 225         `{?_MYSQL_PREFIX?}_payout_types` AS t
 226 ON
 227         p.payout_id=t.id
 228 ORDER BY
 229         p.payout_timestamp DESC", __FILE__, __LINE__);
 230
 231         if (SQL_NUMROWS($result) > 0) {
 232                 // List found payouts
 233                 $OUT = ''; $SW = 2;
 234                 while ($content = SQL_FETCHARRAY($result)) {
 235                         if ($content['status'] == 'NEW') {
 236                                 // Generate links for direct accepting and rejecting
 237                                 $content['status'] = "<a href=\"{?URL?}/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a>&nbsp;|&nbsp;<a href=\"{?URL?}/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
 238                         } else {
 239                                 // Translate status
 240                                 $content['status'] = getMessage('PAYOUT_STATUS_'.strtoupper($content['status']).'');
 241                                 $content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
 242                         }
 243
 244                         // Nothing entered must be secured in member/what-payputs.php !
 245                         if ($content['allow'] == 'Y') {
 246                                 // Banner/Textlink views/clicks request
 247                                 if (!empty($content['banner'])) {
 248                                         // Load template for the banner
 249                                         $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
 250                                 } else {
 251                                         // Textlink
 252                                         $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
 253                                 }
 254
 255                                 // Admins can addionally test the URL for framekillers
 256                                 $content['target_bank'] = "<a href=\"".generateFrametesterUrl($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
 257                         } else {
 258                                 // e-currency payout request
 259                                 if (empty($content['target_account'])) $content['target_account'] = '---';
 260                                 if (empty($content['target_bank']))    $content['target_bank']    = '---';
 261                         }
 262
 263                         // Remember data in array for the template
 264                         $content = array(
 265                                 'sw'      => $SW,
 266                                 'ulink'   => generateUserProfileLink($content['userid']),
 267                                 'ptype'   => translateComma($content['payout_total']) . ' ' . $content['type'],
 268                                 'account' => $content['target_account'],
 269                                 'bank'    => $content['target_bank'],
 270                                 'tstamp'  => generateDateTime($content['payout_timestamp'], 2),
 271                                 'status'  => $content['status'],
 272                         );
 273
 274                         // Add row and switch color
 275                         $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
 276                         $SW = 3 - $SW;
 277                 }
 278
 279                 // Free memory
 280                 SQL_FREERESULT($result);
 281
 282                 // Load final template
 283                 loadTemplate('admin_list_payouts', false, $OUT);
 284         } else {
 285                 // No payout requests are sent so far
 286                 loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
 287         }
 288 }
 289
 290 // [EOF]
 291 ?>