query masking rewritten in more SQLs, several cleanups and fix on beg link
[mailer.git] / inc / modules / admin / what-payments.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 10/19/2003 *
4  * ===============                              Last change: 12/12/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-payments.php                                *
8  * -------------------------------------------------------------------- *
9  * Short description : Payments (points) for confirmed mails            *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Verguetungen fuer bestaetigte Mails              *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 OPEN_TABLE("100%", "admin_content admin_content_align", "");
44 global $link;
45
46 if (empty($_GET['do'])) unset($_GET['do']);
47 if (((empty($_POST['t_wait'])) || (empty($_POST['payment']))) && (!empty($_GET['do'])) && ($_GET['do'] == "add"))
48 {
49         unset($_POST['ok']);
50 }
51
52 if (isset($_POST['ok']))
53 {
54         $SQL = array();
55         switch ($_GET['do'])
56         {
57         case "add":
58                 $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_payments (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."', '".$_POST['payment']."', '".$_POST['title']."', '".$_POST['price']."')";
59                 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_payments WHERE time='%s' LIMIT 1",
60                  array($_POST['t_wait']), __FILE__, __LINE__);
61                 if (SQL_NUMROWS($result) == 1)
62                 {
63                         // Free memory
64                         $SQL[0] = "";
65                         SQL_FREERESULT($result);
66                 }
67                 break;
68
69         case "edit":
70                 foreach ($_POST['time'] as $id=>$value)
71                 {
72                         $SQL[] = "UPDATE "._MYSQL_PREFIX."_payments SET time='".$value."', payment='".$_POST['pay'][$id]."', price='".$_POST['price'][$id]."', mail_title='".$_POST['title'][$id]."' WHERE id='".$id."' LIMIT 1";
73                 }
74                 break;
75
76         case "del":
77                 foreach ($_POST['id'] as $id=>$value)
78                 {
79                         $SQL[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payments WHERE id='".$id."' LIMIT 1";
80                 }
81                 break;
82         }
83         // Daten abspeichern
84         if ((count($SQL) > 0) || (!empty($SQL[0])))
85         {
86                 foreach ($SQL as $s)
87                 {
88                         if (!empty($s))
89                         {
90                                 // Only run non-empty strings
91                                 $result = SQL_QUERY(trim($s), __FILE__, __LINE__);
92                                 if (empty($content))
93                                 {
94                                         if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
95                                         {
96                                                 $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
97                                         }
98                                          else
99                                         {
100                                                 $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
101                                         }
102                                 }
103                         }
104                 }
105         }
106          else
107         {
108                 $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
109         }
110         LOAD_TEMPLATE("admin_settings_saved", false, $content);
111 }
112  elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0))
113 {
114         // Delete entries here
115         $SW = 2; $OUT = "";
116         foreach ($_POST['sel'] as $id=>$value)
117         {
118                 $result = SQL_QUERY_ESC("SELECT time, mail_title FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1",
119                  array(bigintval($id)), __FILE__, __LINE__);
120                 list($time, $title) = SQL_FETCHROW($result);
121                 SQL_FREERESULT($result);
122
123                 // Prepare array for the row template
124                 $content = array(
125                         'sw'    => $SW,
126                         'id'    => $id,
127                         'time'  => $time,
128                         'title' => $title,
129                 );
130
131                 // Load row template and switch colors
132                 $OUT .= LOAD_TEMPLATE("admin_del_payments_row", true, $content);
133                 $SW = 3 - $SW;
134         }
135         define('__PAYMENT_ROWS', $OUT);
136
137         // Load main template
138         LOAD_TEMPLATE("admin_del_payments");
139 }
140  elseif ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
141 {
142         // Edit entries
143         $SW = 2; $OUT = "";
144         foreach ($_POST['sel'] as $id=>$value)
145         {
146                 $result = SQL_QUERY_ESC("SELECT time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%d LIMIT 1",
147                  array(bigintval($id)), __FILE__, __LINE__);
148                 list($time, $pay, $title, $price) = SQL_FETCHROW($result);
149                 SQL_FREERESULT($result);
150
151                 // Prepare array for the row template
152                 $content = array(
153                         'sw'    => $SW,
154                         'id'    => $id,
155                         'time'  => $time,
156                         'title' => $title,
157                         'pay'   => $pay,
158                         'price' => $price,
159                 );
160
161                 // Load row template and switch colors
162                 $OUT .= LOAD_TEMPLATE("admin_edit_payments_row", true, $content);
163                 $SW = 3 - $SW;
164         }
165         define('__PAYMENT_ROWS', $OUT);
166
167         // Load main template
168         LOAD_TEMPLATE("admin_edit_payments");
169 }
170  else
171 {
172         // Referral levels
173         $result = SQL_QUERY("SELECT id, time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments ORDER BY time", __FILE__, __LINE__);
174         if (SQL_NUMROWS($result) > 0)
175         {
176                 // Make referral levels editable and deletable
177                 $SW = 2; $OUT = "";
178
179                 // List already existing categories for editing
180                 while (list($id, $time, $pay, $title, $price) = SQL_FETCHROW($result))
181                 {
182                         $pay   = TRANSLATE_COMMA($pay);
183                         $price = TRANSLATE_COMMA($price);
184
185                         // Prepare array for the row template
186                         $content = array(
187                                 'sw'    => $SW,
188                                 'id'    => $id,
189                                 'time'  => $time,
190                                 'title' => $title,
191                                 'pay'   => $pay,
192                                 'price' => $price,
193                         );
194
195                         // Load row template and switch colors
196                         $OUT .= LOAD_TEMPLATE("admin_payments_list_row", true, $content);
197                         $SW = 3 - $SW;
198                 }
199
200                 // Free memory
201                 SQL_FREERESULT($result);
202                 define('__PAYMENT_ROWS', $OUT);
203
204                 // Load main template
205                 LOAD_TEMPLATE("admin_list_payments");
206         }
207
208         // Form for adding new referral levels
209         LOAD_TEMPLATE("admin_add_payment");
210 }
211 CLOSE_TABLE();
212 //
213 ?>