<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 05/08/2004 *
 * ================                             Last change: 08/12/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-list_payouts.php                            *
 * -------------------------------------------------------------------- *
 * Short description : List member's payout requests                    *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
 * -------------------------------------------------------------------- *
 * $Revision:: 856                                                    $ *
 * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009)              $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author:: stelzi                                                   $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
	require($INC);
}

// Add description as navigation point
ADD_DESCR("admin", __FILE__);

if (REQUEST_ISSET_GET(('pid'))) {
	// First let's get the member's ID
	$result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
		array(REQUEST_GET('pid')), __FILE__, __LINE__);
	list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
	SQL_FREERESULT($result);

	// Obtain some data
	if (!REQUEST_ISSET_GET(('task')) && (!empty($uid)) && ($uid > 0)) {
		// Get task ID from database
		$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_task_system` WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
			array(bigintval($uid)), __FILE__, __LINE__);
		list($task) = SQL_FETCHROW($result);
		SQL_FREERESULT($result);
		if (empty($task)) $task = 0;
	} elseif ((empty($uid)) || ($uid == "0")) {
		// Cannot obtain member ID!
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
	} else {
		// Get task ID from URL
		$task = REQUEST_GET('task');
	}

	if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
		// Load user's data
		$result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
			array(bigintval($uid)), __FILE__, __LINE__);
		list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
		SQL_FREERESULT($result);

		// Konstante bauen
		define('PAYOUT_USERDATA_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</a>");

		if ((REQUEST_GET('do') == "accept") && (!empty($email))) {
			// Ok, now we can output the form or execute accepting
			if (IS_FORM_SENT()) {
				// Obtain payout type and other data
				$result = SQL_QUERY_ESC("SELECT payout_id FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
				 array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
				list($ptype) = SQL_FETCHROW($result);
				SQL_FREERESULT($result);

				if (!empty($ptype)) {
					// Obtain data from payout type
					$result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE id=%s LIMIT 1",
					 array(bigintval($ptype)), __FILE__, __LINE__);
					list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
					SQL_FREERESULT($result);

					if (!empty($eurl)) {
						// Ok, run URL...
						$eurl = COMPILE_CODE($eurl);
						switch ($eenc)
						{
						case "md5":
							$fpass = md5($fpass);
							$tpass = md5($tpass);
							break;

						case "base64":
							$fpass = base64_encode($fpass);
							$tpass = base64_encode($tpass);
							break;
						}

						// Transfer variables...
						$eval = "\$URL = \"".$eurl."\";";
						$reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);

						// Run code...
						eval($eval);

						// Execute transfer
						$ret = GET_URL($URL);
					} else {
						// No URL to run
						$ret[0] = $eok;
					}

					if ($ret[0] == $eok) {
						// Clear task
						if ($task > 0) {
							runFilterChain('solve_task', $task);
						}

						// Clear payout request
						SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='ACCEPTED' WHERE id=%s LIMIT 1",
							array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);

						// Send out mail
						$msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", REQUEST_POST('text'), $uid);

						// Output message
						if ($allow == "Y") {
							// Banner / Textlink request
							LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
						} else {
							// Normal request
							LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
						}

						// Finally send mail
						SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
					} else {
						// Something goes wrong... :-(
						$content = implode("<br />", $ret);
						LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
					}
				} else {
					// Cannot load payout id
					LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
				}
			} else {
				// Load template
				LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
			}
		} elseif ((REQUEST_GET('do') == "reject") && (!empty($email))) {
			// Ok, now we can output the form or execute rejecting
			if (IS_FORM_SENT()) {
				if ($task > 0) {
					// Clear task
					runFilterChain('solve_task', $task);
				}

				// Clear payout request
				SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE id=%s LIMIT 1",
				 array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);

				// Send out mail
				$msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", REQUEST_POST('text'), $uid);

				// Output message
				LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_REJECTED_NOTIFIED'));

				// Finally send mail
				SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
			} else {
				// Load template
				LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
			}
		} else {
			// Cannot load user data
			LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
		}
	} elseif ((empty($task)) || ($task == "0")) {
		// Failed loading task ID
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
	}
} else {
	if (!REQUEST_ISSET_GET(('do'))) REQUEST_SET_GET('do', "");

	if (REQUEST_GET('do') == "delete") {
		// Delete all requests
		$result = SQL_QUERY("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__);
	}

	// Search for payouts
	$result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p, `{!_MYSQL_PREFIX!}_payout_types` AS t
WHERE p.payout_id=t.id
ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);

	if (SQL_NUMROWS($result) > 0) {
		// List found payouts
		$OUT = ""; $SW = 2;
		while ($content = SQL_FETCHROW($result)) {
			if ($content['status'] == "NEW") {
				// Generate links for direct accepting and rejecting
				$content['status'] = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a>&nbsp;|&nbsp;<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
			} else {
				// Translate status
				$content['status'] = constant('PAYOUT_STATUS_'.strtoupper($content['status']).'');
				$content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
			}

			// Nothing entered must be secured in member/what-payputs.php !
			if ($content['allow'] == "Y") {
				// Banner/Textlink views/clicks request
				if (!empty($content['banner'])) {
					// Load template for the banner
					$content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
				} else {
					// Textlink
					$content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
				}

				// Admins can addionally test the URL for framekillers
				$content['target_bank'] = "<a href=\"".FRAMETESTER($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
			} else {
				// e-currency payout request
				if (empty($content['target_account'])) $content['target_account'] = "---";
				if (empty($content['target_bank']))    $content['target_bank']    = "---";
			}

			// Remember data in array for the template
			$content = array(
				'sw'      => $SW,
				'ulink'   => ADMIN_USER_PROFILE_LINK($content['userid']),
				'ptype'   => TRANSLATE_COMMA($content['payout_total'])." ".COMPILE_CODE($content['type']),
				'account' => $content['target_account'],
				'bank'    => $content['target_bank'],
				'tstamp'  => MAKE_DATETIME($content['payout_timestamp'], "2"),
				'status'  => $content['status'],
			);

			// Add row and switch color
			$OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
			$SW = 3 - $SW;
		}

		// Free memory
		SQL_FREERESULT($result);
		define('__PAYOUT_ROWS', $OUT);

		// Load final template
		LOAD_TEMPLATE("admin_list_payouts");
	} else {
		// No payout requests are sent so far
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
	}
}
//
?>