+++ /dev/null
-<?php
-/************************************************************************
- * MXChange v0.2.1 Start: 05/08/2004 *
- * ================ Last change: 08/12/2004 *
- * *
- * -------------------------------------------------------------------- *
- * File : what-list_payouts.php *
- * -------------------------------------------------------------------- *
- * Short description : List member's payout requests *
- * -------------------------------------------------------------------- *
- * Kurzbeschreibung : Auflistung der Auszahlungsanfragen *
- * -------------------------------------------------------------------- *
- * *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
- * MA 02110-1301 USA *
- ************************************************************************/
-
-// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
- require($INC);
-}
-// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
-
-if (!empty($_GET['pid']))
-{
- // First let's get the member's ID
- $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%d LIMIT 1",
- array($_GET['pid']), __FILE__, __LINE__);
- list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Obtain some data
- if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0))
- {
- // Get task ID from database
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%d AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- list($task) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- if (empty($task)) $task = "0";
-
- }
- elseif ((empty($uid)) || ($uid == "0"))
- {
- // Cannot obtain member ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
- }
- else
- {
- // Get task ID from URL
- $task = $_GET['task'];
- }
- if ((!empty($task)) && (!empty($uid)) && ($uid > 0))
- {
- // Load user's data
- $result = SQL_QUERY_ESC("SELECT email, sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- list($email, $sex, $surname, $family) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Konstante bauen
- define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_SEX($sex)." ".$surname." ".$family."</A>");
-
- if (($_GET['do'] == "accept") && (!empty($email)))
- {
- // Ok, now we can output the form or execute accepting
- if (isset($_POST['ok']))
- {
- // Obtain payout type and other data
- $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
- list($ptype) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- if (!empty($ptype))
- {
- // Obtain data from payout type
- $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
- array(bigintval($ptype)), __FILE__, __LINE__);
- list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- if (!empty($eurl))
- {
- // Ok, run URL...
- $eurl = COMPILE_CODE($eurl);
- switch ($eenc)
- {
- case "md5":
- $fpass = md5($fpass);
- $tpass = md5($tpass);
- break;
-
- case "base64":
- $fpass = base64_encode($fpass);
- $tpass = base64_encode($tpass);
- break;
- }
-
- // Transfer variables...
- $eval = "\$URL = \"".$eurl."\";";
- $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
-
- // Run code...
- eval($eval);
-
- // Execute transfer
- $ret = @file($URL);
- }
- else
- {
- // No URL to run
- $ret[0] = $eok;
- }
- if ($ret[0] == $eok)
- {
- // Clear task
- if ($task > 0)
- {
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
- array(bigintval($task)),__FILE__, __LINE__);
- }
-
- // Clear payout request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
-
- // Send out mail
- $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
-
- // Output message
- if ($allow == "Y")
- {
- // Banner / Textlink request
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
- }
- else
- {
- // Normal request
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
- }
-
- // Finally send mail
- SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
- }
- else
- {
- // Something goes wrong... :-(
- $content = implode("<BR>", $ret);
- LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
- }
- }
- else
- {
- // Cannot load payout id
- OUTPUT_HTML ("<STRONG class=\"admin_failed\">".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."</STRONG>");
- }
- }
- else
- {
- // Load template
- LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
- }
- }
- elseif (($_GET['do'] == "reject") && (!empty($email)))
- {
- // Ok, now we can output the form or execute rejecting
- if (isset($_POST['ok']))
- {
- if ($task > 0)
- {
- // Clear task
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1",
- array(bigintval($task)), __FILE__, __LINE__);
- }
-
- // Clear payout request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%d LIMIT 1",
- array(bigintval($_GET['pid'])), __FILE__, __LINE__);
-
- // Send out mail
- $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
-
- // Output message
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
-
- // Finally send mail
- SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
- }
- else
- {
- // Load template
- LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
- }
- }
- else
- {
- // Cannot load user data
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
- }
- }
- elseif((empty($task)) || ($task == "0"))
- {
- // Failed loading task ID
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
- }
-}
- else
-{
- if (empty($_GET['do'])) $_GET['do'] = "";
- if ($_GET['do'] == "delete")
- {
- // Delete all requests
- $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
- }
-
- // Search for payouts
- $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
-FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
-WHERE p.payout_id=t.id
-ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
-
- if (SQL_NUMROWS($result) > 0)
- {
- // List found payouts
- $OUT = ""; $SW = 2;
- while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result))
- {
- if ($status == "NEW")
- {
- // Generate links for direct accepting and rejecting
- $status = "<A href=\"".URL."/modules.php?module=admin&what=list_payouts&do=accept&pid=".$pid."\">".PAYOUT_ACCEPT_PAYOUT."</A> | <A href=\"".URL."/modules.php?module=admin&what=list_payouts&do=reject&pid=".$pid."\">".PAYOUT_REJECT_PAYOUT."</A>";
- }
- else
- {
- // Translate status
- $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
- eval($evl);
- $status = "<FONT class=\"admin_failed\">".$status."</FONT>";
- }
-
- // Nothing entered must be secured in member/what-payputs.php !
- if ($allow == "Y")
- {
- // Banner/Textlink views/clicks request
- if (!empty($banner))
- {
- // Prepare array for the banner
- $content = array(
- 'banner' => $banner,
- 'alt' => $alt,
- 'url' => $url,
- );
-
- // Load template for the banner
- $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
- }
- else
- {
- // Textlink
- $content = array(
- 'txt_link' => $alt,
- 'txt_url' => $url,
- );
- $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
- }
-
- // Admins can addionally test the URL for framekillers
- $bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
- }
- else
- {
- // e-currency payout request
- if (empty($account)) $account = "---";
- if (empty($bank)) $bank = "---";
- }
-
- // Remember data in array for the template
- $content = array(
- 'sw' => $SW,
- 'ulink' => ADMIN_USER_PROFILE_LINK($uid),
- 'ptype' => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
- 'account' => $account,
- 'bank' => $bank,
- 'tstamp' => MAKE_DATETIME($tstamp, "2"),
- 'status' => $status,
- );
-
- // Add row and switch color
- $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
- $SW = 3 - $SW;
- }
-
- // Free memory
- SQL_FREERESULT($result);
- define('__PAYOUT_ROWS', $OUT);
-
- // Load final template
- LOAD_TEMPLATE("admin_list_payouts");
- }
- else
- {
- // No payout requests are sent so far
- LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
- }
-}
-//
-?>