Reset rewritten, SQL fixed, zeros are now numeric
[mailer.git] / inc / modules / member / what-payout.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 04/12/2004 *
4  * ================                             Last change: 12/01/2008 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-payout.php                                  *
8  * -------------------------------------------------------------------- *
9  * Short description : Payout requests                                  *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Auszahlungsanfragen                              *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
36         // Don't call this directly!
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 } elseif (!IS_MEMBER()) {
40         // Not logged in
41         LOAD_URL("modules.php?module=index");
42 } elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
43         // Extension "payout" is not active
44         ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
45         return;
46 }
47
48 // Add description as navigation point
49 ADD_DESCR("member", basename(__FILE__));
50
51 $result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
52 $TPTS = 0;
53 while (list($lvl, $per) = SQL_FETCHROW($result_depths))
54 {
55         // Load referral points
56         $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%s LIMIT 1",
57          array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
58         if (SQL_NUMROWS($result_points) == 1)
59         {
60                 list($points) = SQL_FETCHROW($result_points);
61                 SQL_FREERESULT($result_points);
62                 $TPTS += $points;
63         }
64 }
65
66 // Free memory
67 SQL_FREERESULT($result_depths);
68
69 $result = SQL_QUERY_ESC("SELECT used_points FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
70  array($GLOBALS['userid']), __FILE__, __LINE__);
71 list($USED) = SQL_FETCHROW($result);
72 SQL_FREERESULT($result);
73
74 // Translate point into comma
75 $TPTS = TRANSLATE_COMMA($TPTS - $USED);
76
77 // Sanity check...
78 if (empty($TPTS)) $TPTS = "0.00000";
79
80 if (empty($_GET['payout']))
81 {
82         // Load payout types
83         $result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
84 FROM "._MYSQL_PREFIX."_payout_types
85 WHERE %s >= min_points
86 ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
87         if (SQL_NUMROWS($result) > 0)
88         {
89                 // Free memory
90                 SQL_FREERESULT($result);
91
92                 // Check for his payouts
93                 $result_payouts = SQL_QUERY_ESC("SELECT DISTINCT p.id, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS bannerm
94 FROM "._MYSQL_PREFIX."_user_payouts AS p
95 LEFT JOIN "._MYSQL_PREFIX."_payout_types AS t
96 ON p.payout_id = t.id
97 WHERE p.userid = %s
98 ORDER BY p.payout_timestamp DESC",
99                  array($GLOBALS['userid']), __FILE__, __LINE__);
100                 if (SQL_NUMROWS($result_payouts) > 0)
101                 {
102                         // List all his requests
103                         $SW = 2; $OUT = "";
104                         while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts))
105                         {
106                                 // Translate status
107                                 $evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";";
108                                 eval($evl);
109                                 $status = "<FONT class=\"member_failed\">".$status."</FONT>";
110
111                                 // Nothing entered must be secured in member/what-payputs.php !
112                                 if ($allow == "Y")
113                                 {
114                                         // Banner/Textlink views/clicks request
115                                         if (!empty($banner))
116                                         {
117                                                 // Banner
118                                                 $account = "<IMG src=\"".$banner."\" alt=\"".$alt."\" title=\"".$alt."\" border=\"0\">";
119                                         }
120                                          else
121                                         {
122                                                 // Textlink
123                                                 $account = $alt;
124                                         }
125                                         $bank = "<A href=\"".DEREFERER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
126                                 }
127                                  else
128                                 {
129                                         // e-currency payout request
130                                         if (empty($account)) $account = "---";
131                                         if (empty($bank))    $bank    = "---";
132                                 }
133
134                                 // Prepare data for the template
135                                 $content = array(
136                                         'sw'     => $SW,
137                                         'acc'    => $account,
138                                         'points' => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
139                                         'bank'   => $bank,
140                                         'stamp'  => MAKE_DATETIME($tstamp, "2"),
141                                         'status' => $status
142                                 );
143                                 // Load row template and switch colors
144                                 $OUT .= LOAD_TEMPLATE("member_payout_row", true, $content);
145                                 $SW = 3 - $SW;
146                         }
147
148                         // Remember rows in constant
149                         define('__PAYOUT_ROWS', $OUT);
150
151                         // Load template
152                         LOAD_TEMPLATE("member_payout");
153                 }
154
155                 // Free memory
156                 SQL_FREERESULT($result_payouts);
157
158                 // Output payout list
159                 PAYOUT_OUTPUT_PAYOUT_LIST($TPTS);
160         }
161 }
162  else
163 {
164         // Chedk if he can get paid by selected type
165         $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
166          array(bigintval($_GET['payout'])), __FILE__, __LINE__);
167
168         if (SQL_NUMROWS($result) == 1)
169         {
170                 // ID is valid
171                 list($type, $rate, $min, $allow) = SQL_FETCHROW($result);
172                 SQL_FREERESULT($result);
173
174                 // Calculate maximum value
175                 $max = round($TPTS * $rate - 0.5);
176
177                 // Calulcate points from submitted amount
178                 $PAYOUT = 0;
179                 if (!empty($_POST['payout']))
180                 {
181                         $PAYOUT  = bigintval($_POST['payout']) / $rate;
182                         $PAY_MAX = $max / $rate;
183                 }
184
185                 // Move variables into constants for templates
186                 define('PAYOUT_MAX_VALUE' , $max);
187                 define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
188
189                 if (str_replace(",", ".", $TPTS) >= $min)
190                 {
191                         // Ok, he can get be paid
192                         if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
193                         {
194                                 // Calculate exact value
195                                 define('PAYOUT_POINTS_VALUE', $PAYOUT);
196
197                                 // Subtract points from member's account
198                                 SUB_POINTS($GLOBALS['userid'], $PAYOUT);
199
200                                 // Add entry to his tranfer history
201                                 if ($allow == "Y")
202                                 {
203                                         // Banner/textlink ordered
204                                         $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
205 VALUES (%s, %s, %s, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
206  array(
207         $GLOBALS['userid'],
208         bigintval($_POST['payout']),
209         bigintval($_GET['payout']),
210         $_POST['turl'],
211         $_POST['alt'],
212         $_POST['banner']
213 ), __FILE__, __LINE__);
214
215                                         // Load templates
216                                         $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
217                                         if (GET_EXT_VERSION("admins") >= "0.4.1")
218                                         {
219                                                 $adm_tpl = "admin_payout_request_banner";
220                                         }
221                                          else
222                                         {
223                                                 $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
224                                         }
225                                 }
226                                  else
227                                 {
228                                         // e-currency payout requested
229                                         $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
230 VALUES (%s, %s, %s, '%s', %s, UNIX_TIMESTAMP(), 'NEW', '%s')",
231  array(
232         $GLOBALS['userid'],
233         bigintval($_POST['payout']),
234         bigintval($_POST['account']),
235         $_POST['bank'],
236         bigintval($_GET['payout']),
237         $_POST['pass']
238 ), __FILE__, __LINE__);
239
240                                         // Load templates
241                                         $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
242                                         $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
243                                         $admin_tpl = "";
244                                         if (GET_EXT_VERSION("admins") >= "0.4.1")
245                                         {
246                                                 $admin_tpl = "admin_payout_request";
247                                         }
248                                 }
249
250                                 // Generate task
251                                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
252 VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %s)",
253  array(
254         $msg_adm,
255         $GLOBALS['userid']
256 ), __FILE__, __LINE__);
257
258                                 // Send out mails
259                                 SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
260
261                                 // To admin(s)
262                                 SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
263
264                                 // Load template and output it
265                                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);
266                         }
267                          elseif ($allow == "Y")
268                         {
269                                 // Generate banner order form
270                                 LOAD_TEMPLATE("member_payout_form_banner");
271                         }
272                          else
273                         {
274                                 // Generate normal form
275                                 LOAD_TEMPLATE("member_payout_form");
276                         }
277                 }
278                  else
279                 {
280                         // Not enougth points
281                         LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_POINTS_NOT_ENOUGTH);
282                 }
283         }
284          else
285         {
286                 // ID is invalid
287                 LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ID_INVALID);
288         }
289 }
290 //
291 ?>