Even more rewrites/fixes from EL branch (please report any broken part after you...
[mailer.git] / inc / modules / admin / what-list_payouts.php
index 0b29fda..00a5e0b 100644 (file)
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 05/08/2004 *
- * ================                             Last change: 08/12/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
+ * ===================                          Last change: 08/12/2004 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : what-list_payouts.php                            *
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Auflistung der Auszahlungsanfragen               *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
+ * Copyright (c) 2003 - 2009 by Roland Haeder                           *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
  ************************************************************************/
 
 // Some security stuff...
-if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
-       $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
-       require($INC);
-}
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+       die();
+} // END - if
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
-
-if (!empty($_GET['pid']))
-{
-       // First let's get the member's ID
-       $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
-        array($_GET['pid']), __FILE__, __LINE__);
-       list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
+addMenuDescription('admin', __FILE__);
+
+if (isGetRequestParameterSet(('pid'))) {
+       // First let's get the member's id
+       $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+               array(getRequestParameter('pid')), __FILE__, __LINE__);
+       list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
        SQL_FREERESULT($result);
 
        // Obtain some data
-       if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0)) {
-               // Get task ID from database
-               $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
-                array(bigintval($uid)), __FILE__, __LINE__);
+       if (!isGetRequestParameterSet(('task')) && (!empty($userid)) && ($userid > 0)) {
+               // Get task id from database
+               $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
+                       array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
                list($task) = SQL_FETCHROW($result);
                SQL_FREERESULT($result);
-               if (empty($task)) $task = 0;
-       } elseif ((empty($uid)) || ($uid == "0")) {
-               // Cannot obtain member ID!
-               LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
+               if (empty($task)) $task = '0';
+       } elseif ((empty($userid)) || ($userid == '0')) {
+               // Cannot obtain member id!
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
        } else {
-               // Get task ID from URL
-               $task = $_GET['task'];
+               // Get task id from URL
+               $task = getRequestParameter('task');
        }
 
-       if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
+       if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
                // Load user's data
-               $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-                array(bigintval($uid)), __FILE__, __LINE__);
-               list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
-               SQL_FREERESULT($result);
+               if (!fetchUserData($userid)) {
+                       // Abort here because it is not valid!
+                       debug_report_bug('No user account ' . $userid . ' found.');
+               } // END - if
 
-               // Konstante bauen
-               define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</A>");
-
-               if (($_GET['do'] == "accept") && (!empty($email)))
-               {
+               if ((getRequestParameter('do') == 'accept') && (!empty(getUserData('email')))) {
                        // Ok, now we can output the form or execute accepting
-                       if (isset($_POST['ok']))
-                       {
+                       if (isFormSent()) {
                                // Obtain payout type and other data
-                               $result = SQL_QUERY_ESC("SELECT payout_id FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
-                                array(bigintval($_GET['pid'])), __FILE__, __LINE__);
+                               $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
                                list($ptype) = SQL_FETCHROW($result);
                                SQL_FREERESULT($result);
 
-                               if (!empty($ptype))
-                               {
+                               if (!empty($ptype)) {
                                        // Obtain data from payout type
-                                       $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
-                                        array(bigintval($ptype)), __FILE__, __LINE__);
-                                       list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
+                                       $result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
+FROM
+       `{?_MYSQL_PREFIX?}_payout_types`
+WHERE
+       `id`=%s
+LIMIT 1",
+                                               array(bigintval($ptype)), __FILE__, __LINE__);
+                                       list($fuserid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
                                        SQL_FREERESULT($result);
 
-                                       if (!empty($eurl))
-                                       {
+                                       if (!empty($eurl)) {
                                                // Ok, run URL...
-                                               $eurl = COMPILE_CODE($eurl);
-                                               switch ($eenc)
-                                               {
-                                               case "md5":
-                                                       $fpass = md5($fpass);
-                                                       $tpass = md5($tpass);
-                                                       break;
-
-                                               case "base64":
-                                                       $fpass = base64_encode($fpass);
-                                                       $tpass = base64_encode($tpass);
-                                                       break;
+                                               switch ($eenc) {
+                                                       case 'md5':
+                                                               $fpass = md5($fpass);
+                                                               $tpass = md5($tpass);
+                                                               break;
+
+                                                       case 'base64':
+                                                               $fpass = base64_encode($fpass);
+                                                               $tpass = base64_encode($tpass);
+                                                               break;
                                                }
 
                                                // Transfer variables...
-                                               $eval = "\$URL = \"".$eurl."\";";
-                                               $reason = urlencode(base64_encode(PAYOUT_REASON_PAYOUT));
+                                               $eval = '$url = "' . $eurl . '";';
+                                               $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
 
                                                // Run code...
+                                               // @TODO Do we need this time-consuming eval() here?
                                                eval($eval);
 
                                                // Execute transfer
-                                               $ret = @file($URL);
-                                       }
-                                        else
-                                       {
+                                               $ret = sendGetRequest($url);
+                                       } else {
                                                // No URL to run
                                                $ret[0] = $eok;
                                        }
-                                       if ($ret[0] == $eok)
-                                       {
+
+                                       if ($ret[0] == $eok) {
                                                // Clear task
                                                if ($task > 0) {
-                                                       ADMIN_SOLVE_TASK($task);
+                                                       runFilterChain('solve_task', $task);
                                                }
 
                                                // Clear payout request
-                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='ACCEPTED' WHERE id=%s LIMIT 1",
-                                                array(bigintval($_GET['pid'])), __FILE__, __LINE__);
+                                               SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
+                                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
 
                                                // Send out mail
-                                               $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", $_POST['text'], $uid);
+                                               $message = loadEmailTemplate('member_payout_accepted', postRequestParameter('text'), $userid);
 
                                                // Output message
-                                               if ($allow == "Y")
-                                               {
+                                               if ($allow == 'Y') {
                                                        // Banner / Textlink request
-                                                       LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_BANNER_ACCEPTED_NOTIFIED);
-                                               }
-                                                else
-                                               {
+                                                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
+                                               } else {
                                                        // Normal request
-                                                       LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ACCEPTED_NOTIFIED);
+                                                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
                                                }
 
                                                // Finally send mail
-                                               SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
-                                       }
-                                        else
-                                       {
+                                               sendEmail(getUserData('email'), getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message);
+                                       } else {
                                                // Something goes wrong... :-(
                                                $content = implode("<br />", $ret);
-                                               LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
+                                               loadTemplate('admin_payout_failed_transfer', false, $content);
                                        }
-                               }
-                                else
-                               {
+                               } else {
                                        // Cannot load payout id
-                                       OUTPUT_HTML("<STRONG class=\"admin_failed\">".PAYOUT_FAILED_OBTAIN_PAYOUT_ID."</STRONG>");
+                                       loadTemplate('admin_settings_saved', false, '<div class="admin_failed">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>');
                                }
-                       }
-                        else
-                       {
+                       } else {
+                               // Prepare content
+                               $content = array(
+                                       'task' => $task,
+                                       'pid'  => bigintval(getRequestParameter('pid')),
+                                       'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
+                               );
+
                                // Load template
-                               LOAD_TEMPLATE("admin_payout_accept_form", false, $task);
+                               loadTemplate('admin_payout_accept_form', false, $content);
                        }
-               }
-                elseif (($_GET['do'] == "reject") && (!empty($email)))
-               {
+               } elseif ((getRequestParameter('do') == 'reject') && (!empty(getUserData('email')))) {
                        // Ok, now we can output the form or execute rejecting
-                       if (isset($_POST['ok']))
-                       {
+                       if (isFormSent()) {
                                if ($task > 0) {
                                        // Clear task
-                                       ADMIN_SOLVE_TASK($task);
-                               }
+                                       runFilterChain('solve_task', $task);
+                               } // END - if
 
                                // Clear payout request
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_payouts SET status='REJECTED' WHERE id=%s LIMIT 1",
-                                array(bigintval($_GET['pid'])), __FILE__, __LINE__);
+                               SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
+                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
 
                                // Send out mail
-                               $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", $_POST['text'], $uid);
+                               $message = loadEmailTemplate('member_payout_rejected', postRequestParameter('text'), $userid);
 
                                // Output message
-                               LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REJECTED_NOTIFIED);
+                               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
 
                                // Finally send mail
-                               SEND_EMAIL($email, PAYOUT_REJECTED_SUBJECT, $msg);
-                       }
-                        else
-                       {
+                               sendEmail(getUserData('email'), getMessage('PAYOUT_REJECTED_SUBJECT'), $message);
+                       } else {
+                               // Prepare content
+                               $content = array(
+                                       'task' => $task,
+                                       'pid'  => bigintval(getRequestParameter('pid')),
+                                       'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
+                               );
+
                                // Load template
-                               LOAD_TEMPLATE("admin_payout_reject_form", false, $task);
+                               loadTemplate('admin_payout_reject_form', false, $content);
                        }
-               }
-                else
-               {
+               } else {
                        // Cannot load user data
-                       LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERDATA);
+                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
                }
+       } elseif ((empty($task)) || ($task == '0')) {
+               // Failed loading task id
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
        }
-        elseif((empty($task)) || ($task == "0"))
-       {
-               // Failed loading task ID
-               LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_TASK_ID);
-       }
-}
- else
-{
-       if (empty($_GET['do'])) $_GET['do'] = "";
-       if ($_GET['do'] == "delete")
-       {
+} else {
+       if (getRequestParameter('do') == 'delete') {
                // Delete all requests
-               $result = SQL_QUERY("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_payouts", __FILE__, __LINE__);
-       }
+               $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
+       } // END - if
 
        // Search for payouts
-       $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
-FROM "._MYSQL_PREFIX."_user_payouts AS p, "._MYSQL_PREFIX."_payout_types AS t
-WHERE p.payout_id=t.id
-ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
+       $result = SQL_QUERY("SELECT
+       p.id, p.userid, p.payout_total, p.target_account,
+       p.target_bank, t.type, p.payout_timestamp, p.status,
+       t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
+       p.banner_url AS banner
+FROM
+       `{?_MYSQL_PREFIX?}_user_payouts` AS p
+LEFT JOIN
+       `{?_MYSQL_PREFIX?}_payout_types` AS t
+ON
+       p.payout_id=t.id
+ORDER BY
+       p.payout_timestamp DESC", __FILE__, __LINE__);
 
-       if (SQL_NUMROWS($result) > 0)
-       {
+       if (SQL_NUMROWS($result) > 0) {
                // List found payouts
-               $OUT = ""; $SW = 2;
-               while (list($pid, $uid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result))
-               {
-                       if ($status == "NEW")
-                       {
+               $OUT = ''; $SW = 2;
+               while ($content = SQL_FETCHARRAY($result)) {
+                       if ($content['status'] == 'NEW') {
                                // Generate links for direct accepting and rejecting
-                               $status = "<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$pid."\">".PAYOUT_ACCEPT_PAYOUT."</A>&nbsp;|&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$pid."\">".PAYOUT_REJECT_PAYOUT."</A>";
-                       }
-                        else
-                       {
+                               $content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--PAYOUT_ACCEPT_PAYOUT--}</a>&nbsp;|&nbsp;<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--PAYOUT_REJECT_PAYOUT--}</a>';
+                       } else {
                                // Translate status
-                               $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
-                               eval($evl);
-                               $status = "<FONT class=\"admin_failed\">".$status."</FONT>";
+                               $content['status'] = getMessage('PAYOUT_STATUS_'.strtoupper($content['status']).'');
+                               $content['status'] = '<div class="admin_failed">' . $content['status'] . '</div>';
                        }
 
                        // Nothing entered must be secured in member/what-payputs.php !
-                       if ($allow == "Y")
-                       {
+                       if ($content['allow'] == 'Y') {
                                // Banner/Textlink views/clicks request
-                               if (!empty($banner))
-                               {
-                                       // Prepare array for the banner
-                                       $content = array(
-                                               'banner' => $banner,
-                                               'alt'    => $alt,
-                                               'url'    => $url,
-                                       );
-
+                               if (!empty($content['banner'])) {
                                        // Load template for the banner
-                                       $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
-                               }
-                                else
-                               {
+                                       $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
+                               } else {
                                        // Textlink
-                                       $content = array(
-                                               'txt_link' => $alt,
-                                               'txt_url'  => $url,
-                                       );
-                                       $account = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
+                                       $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
                                }
 
                                // Admins can addionally test the URL for framekillers
-                               $bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
-                       }
-                        else
-                       {
+                               $content['target_bank'] = '<a href="' . generateFrametesterUrl($content['url']) . '" target="_blank">{--CLICK_HERE--}</a>';
+                       } else {
                                // e-currency payout request
-                               if (empty($account)) $account = "---";
-                               if (empty($bank))    $bank    = "---";
+                               if (empty($content['target_account'])) $content['target_account'] = '---';
+                               if (empty($content['target_bank']))    $content['target_bank']    = '---';
                        }
 
                        // Remember data in array for the template
                        $content = array(
                                'sw'      => $SW,
-                               'ulink'   => ADMIN_USER_PROFILE_LINK($uid),
-                               'ptype'   => TRANSLATE_COMMA($total)." ".COMPILE_CODE($type),
-                               'account' => $account,
-                               'bank'    => $bank,
-                               'tstamp'  => MAKE_DATETIME($tstamp, "2"),
-                               'status'  => $status,
+                               'ulink'   => generateUserProfileLink($content['userid']),
+                               'ptype'   => translateComma($content['payout_total']) . ' ' . $content['type'],
+                               'account' => $content['target_account'],
+                               'bank'    => $content['target_bank'],
+                               'tstamp'  => generateDateTime($content['payout_timestamp'], 2),
+                               'status'  => $content['status'],
                        );
 
                        // Add row and switch color
-                       $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
+                       $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
                        $SW = 3 - $SW;
-               }
+               } // END - while
 
                // Free memory
                SQL_FREERESULT($result);
-               define('__PAYOUT_ROWS', $OUT);
 
                // Load final template
-               LOAD_TEMPLATE("admin_list_payouts");
-       }
-        else
-       {
+               loadTemplate('admin_list_payouts', false, $OUT);
+       } else {
                // No payout requests are sent so far
-               LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_ADMIN_NO_REQUESTS_FOUND);
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
        }
 }
-//
+
+// [EOF]
 ?>