<?php
/************************************************************************
 * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
 * ===================                          Last change: 08/12/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-list_payouts.php                            *
 * -------------------------------------------------------------------- *
 * Short description : List member's payout requests                    *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
 * -------------------------------------------------------------------- *
 * $Revision::                                                        $ *
 * $Date::                                                            $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author::                                                          $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2009 by Roland Haeder                           *
 * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((!defined('__SECURITY')) || (!isAdmin())) {
	die();
} // END - if

// Add description as navigation point
addMenuDescription('admin', __FILE__);

if (isGetRequestParameterSet('pid')) {
	// First let's get the member's id
	$result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
		array(getRequestParameter('pid')), __FILE__, __LINE__);
	list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
	SQL_FREERESULT($result);

	// Obtain some data
	if (!isGetRequestParameterSet('task') && (!empty($userid)) && ($userid > 0)) {
		// Get task id from database
		$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
			array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
		list($task) = SQL_FETCHROW($result);
		SQL_FREERESULT($result);
		if (empty($task)) $task = '0';
	} elseif ((empty($userid)) || ($userid == '0')) {
		// Cannot obtain member id!
		loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_USERID--}');
	} else {
		// Get task id from URL
		$task = getRequestParameter('task');
	}

	if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
		// Load user's data
		if (!fetchUserData($userid)) {
			// Abort here because it is not valid!
			debug_report_bug(__FILE__, __LINE__, 'No user account ' . $userid . ' found.');
		} // END - if

		if ((getRequestParameter('do') == 'accept') && (getUserData('email') != '')) {
			// Ok, now we can output the form or execute accepting
			if (isFormSent()) {
				// Obtain payout type and other data
				$result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
					array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);

				// Load ptype (id)
				list($ptype) = SQL_FETCHROW($result);

				// Free result
				SQL_FREERESULT($result);

				if (!empty($ptype)) {
					// Obtain data from payout type
					$result = SQL_QUERY_ESC("SELECT
	`from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
FROM
	`{?_MYSQL_PREFIX?}_payout_types`
WHERE
	`id`=%s
LIMIT 1",
						array(bigintval($ptype)), __FILE__, __LINE__);

					// Load data
					$data = SQL_FETCHARRAY($result);

					// Free result
					SQL_FREERESULT($result);

					if (!empty($data['engine_url'])) {
						// Ok, run URL...
						switch ($data['pass_enc']) {
							case 'md5':
								$data['from_pass'] = md5($data['from_pass']);
								$tpass = md5($tpass);
								break;

							case 'base64':
								$data['from_pass'] = base64_encode($data['from_pass']);
								$tpass = base64_encode($tpass);
								break;
						}

						// Transfer variables...
						$reason = encodeString(getMessage('ADMIN_PAYOUT_REASON'), false);

						// Execute transfer
						$ret = sendGetRequest($data['engine_url']);
					} else {
						// No URL to run
						$ret[0] = $data['engine_ret_ok'];
					}

					if ($ret[0] == $data['engine_ret_ok']) {
						// Clear task
						if ($task > 0) {
							runFilterChain('solve_task', $task);
						}

						// Clear payout request
						SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
							array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);

						// Send out mail
						$message = loadEmailTemplate('member_payout_accepted', postRequestParameter('text'), $userid);

						// Output message
						if ($data['allow_url'] == 'Y') {
							// Banner / Textlink request
							loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_BANNER_ACCEPTED_NOTIFIED--}');
						} else {
							// Normal request
							loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_ACCEPTED_NOTIFIED--}');
						}

						// Finally send mail
						sendEmail(getUserData('email'), '{--MEMBER_PAYOUT_ACCEPTED_SUBJECT--}', $message);
					} else {
						// Something goes wrong... :-(
						$content = implode('<br />', $ret);
						loadTemplate('admin_payout_failed_transfer', false, $content);
					}
				} else {
					// Cannot load payout id
					loadTemplate('admin_settings_saved', false, '<div class="admin_failed">{--ADMIN_PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>');
				}
			} else {
				// Prepare content
				$content = array(
					'task' => $task,
					'pid'  => bigintval(getRequestParameter('pid')),
					'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
				);

				// Load template
				loadTemplate('admin_payout_accept_form', false, $content);
			}
		} elseif ((getRequestParameter('do') == 'reject') && (getUserData('email') != '')) {
			// Ok, now we can output the form or execute rejecting
			if (isFormSent()) {
				if ($task > 0) {
					// Clear task
					runFilterChain('solve_task', $task);
				} // END - if

				// Clear payout request
				SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
					array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);

				// Send out mail
				$message = loadEmailTemplate('member_payout_rejected', postRequestParameter('text'), $userid);

				// Output message
				loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_REJECTED_NOTIFIED--}');

				// Finally send mail
				sendEmail(getUserData('email'), '{--MEMBER_PAYOUT_REJECTED_SUBJECT--}', $message);
			} else {
				// Prepare content
				$content = array(
					'task' => $task,
					'pid'  => bigintval(getRequestParameter('pid')),
					'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
				);

				// Load template
				loadTemplate('admin_payout_reject_form', false, $content);
			}
		} else {
			// Cannot load user data
			loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_USERDATA--}');
		}
	} elseif ((empty($task)) || ($task == '0')) {
		// Failed loading task id
		loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_FAILED_OBTAIN_TASK_ID--}');
	}
} else {
	if (getRequestParameter('do') == 'delete') {
		// Delete all requests
		$result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
	} // END - if

	// Search for payouts
	$result = SQL_QUERY("SELECT
	p.id, p.userid, p.payout_total, p.target_account,
	p.target_bank, t.type, p.payout_timestamp, p.status,
	t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
	p.banner_url AS banner
FROM
	`{?_MYSQL_PREFIX?}_user_payouts` AS p
LEFT JOIN
	`{?_MYSQL_PREFIX?}_payout_types` AS t
ON
	p.payout_id=t.id
ORDER BY
	p.payout_timestamp DESC", __FILE__, __LINE__);

	if (!SQL_HASZERONUMS($result)) {
		// List found payouts
		$OUT = '';
		while ($content = SQL_FETCHARRAY($result)) {
			if ($content['status'] == 'NEW') {
				// Generate links for direct accepting and rejecting
				$content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_ACCEPT_PAYOUT--}</a>|<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--ADMIN_PAYOUT_REJECT_PAYOUT--}</a>';
			} else {
				// Translate status
				$content['status'] = translatePayoutStatus($content['status']);
				$content['status'] = '<div class="admin_failed">' . $content['status'] . '</div>';
			}

			// Nothing entered must be secured in member/what-payputs.php !
			if ($content['allow'] == 'Y') {
				// Banner/Textlink views/clicks request
				if (!empty($content['banner'])) {
					// Load template for the banner
					$content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
				} else {
					// Textlink
					$content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
				}

				// Admins can addionally test the URL for framekillers
				$content['target_bank'] = '<a href="' . generateFrametesterUrl($content['url']) . '" target="_blank">{--CLICK_HERE--}</a>';
			} // END - if

			// Add/Translate some data
			$content['payout_timestamp'] = generateDateTime($content['payout_timestamp'], 2);

			// Add row and switch color
			$OUT .= loadTemplate('admin_list_payouts_row', true, $content);
		} // END - while

		// Free memory
		SQL_FREERESULT($result);

		// Load final template
		loadTemplate('admin_list_payouts', false, $OUT);
	} else {
		// No payout requests are sent so far
		loadTemplate('admin_settings_saved', false, '{--ADMIN_PAYOUT_NO_REQUESTS_FOUND--}');
	}
}

// [EOF]
?>