Even more rewrites/fixes from EL branch (please report any broken part after you...
[mailer.git] / inc / modules / admin / what-list_payouts.php
index 90b60ed..00a5e0b 100644 (file)
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 05/08/2004 *
- * ================                             Last change: 08/12/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 05/08/2004 *
+ * ===================                          Last change: 08/12/2004 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : what-list_payouts.php                            *
@@ -17,7 +17,8 @@
  * Needs to be in all Files and every File needs "svn propset           *
  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
+ * Copyright (c) 2003 - 2009 by Roland Haeder                           *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
  ************************************************************************/
 
 // Some security stuff...
-if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
-       $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
-       require($INC);
-}
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+       die();
+} // END - if
 
 // Add description as navigation point
-ADD_DESCR('admin', __FILE__);
+addMenuDescription('admin', __FILE__);
 
-if (REQUEST_ISSET_GET(('pid'))) {
-       // First let's get the member's ID
-       $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
-               array(REQUEST_GET('pid')), __FILE__, __LINE__);
-       list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
+if (isGetRequestParameterSet(('pid'))) {
+       // First let's get the member's id
+       $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+               array(getRequestParameter('pid')), __FILE__, __LINE__);
+       list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
        SQL_FREERESULT($result);
 
        // Obtain some data
-       if (!REQUEST_ISSET_GET(('task')) && (!empty($uid)) && ($uid > 0)) {
-               // Get task ID from database
-               $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_task_system` WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
-                       array(bigintval($uid)), __FILE__, __LINE__);
+       if (!isGetRequestParameterSet(('task')) && (!empty($userid)) && ($userid > 0)) {
+               // Get task id from database
+               $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND `task_created`=%s LIMIT 1",
+                       array(bigintval($userid), bigintval($tstamp)), __FILE__, __LINE__);
                list($task) = SQL_FETCHROW($result);
                SQL_FREERESULT($result);
-               if (empty($task)) $task = 0;
-       } elseif ((empty($uid)) || ($uid == "0")) {
-               // Cannot obtain member ID!
-               LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
+               if (empty($task)) $task = '0';
+       } elseif ((empty($userid)) || ($userid == '0')) {
+               // Cannot obtain member id!
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
        } else {
-               // Get task ID from URL
-               $task = REQUEST_GET('task');
+               // Get task id from URL
+               $task = getRequestParameter('task');
        }
 
-       if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
+       if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
                // Load user's data
-               $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
-                       array(bigintval($uid)), __FILE__, __LINE__);
-               list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
-               SQL_FREERESULT($result);
-
-               // Konstante bauen
-               define('PAYOUT_USERDATA_VALUE', "<a href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</a>");
+               if (!fetchUserData($userid)) {
+                       // Abort here because it is not valid!
+                       debug_report_bug('No user account ' . $userid . ' found.');
+               } // END - if
 
-               if ((REQUEST_GET('do') == "accept") && (!empty($email))) {
+               if ((getRequestParameter('do') == 'accept') && (!empty(getUserData('email')))) {
                        // Ok, now we can output the form or execute accepting
-                       if (IS_FORM_SENT()) {
+                       if (isFormSent()) {
                                // Obtain payout type and other data
-                               $result = SQL_QUERY_ESC("SELECT payout_id FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE id=%s LIMIT 1",
-                                array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+                               $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
                                list($ptype) = SQL_FETCHROW($result);
                                SQL_FREERESULT($result);
 
                                if (!empty($ptype)) {
                                        // Obtain data from payout type
-                                       $result = SQL_QUERY_ESC("SELECT from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url FROM `{!_MYSQL_PREFIX!}_payout_types` WHERE id=%s LIMIT 1",
-                                        array(bigintval($ptype)), __FILE__, __LINE__);
-                                       list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
+                                       $result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
+FROM
+       `{?_MYSQL_PREFIX?}_payout_types`
+WHERE
+       `id`=%s
+LIMIT 1",
+                                               array(bigintval($ptype)), __FILE__, __LINE__);
+                                       list($fuserid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
                                        SQL_FREERESULT($result);
 
                                        if (!empty($eurl)) {
                                                // Ok, run URL...
-                                               $eurl = COMPILE_CODE($eurl);
-                                               switch ($eenc)
-                                               {
-                                               case "md5":
-                                                       $fpass = md5($fpass);
-                                                       $tpass = md5($tpass);
-                                                       break;
-
-                                               case "base64":
-                                                       $fpass = base64_encode($fpass);
-                                                       $tpass = base64_encode($tpass);
-                                                       break;
+                                               switch ($eenc) {
+                                                       case 'md5':
+                                                               $fpass = md5($fpass);
+                                                               $tpass = md5($tpass);
+                                                               break;
+
+                                                       case 'base64':
+                                                               $fpass = base64_encode($fpass);
+                                                               $tpass = base64_encode($tpass);
+                                                               break;
                                                }
 
                                                // Transfer variables...
-                                               $eval = "\$URL = \"".$eurl."\";";
+                                               $eval = '$url = "' . $eurl . '";';
                                                $reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
 
                                                // Run code...
+                                               // @TODO Do we need this time-consuming eval() here?
                                                eval($eval);
 
                                                // Execute transfer
-                                               $ret = GET_URL($URL);
+                                               $ret = sendGetRequest($url);
                                        } else {
                                                // No URL to run
                                                $ret[0] = $eok;
@@ -131,105 +132,114 @@ if (REQUEST_ISSET_GET(('pid'))) {
                                                }
 
                                                // Clear payout request
-                                               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='ACCEPTED' WHERE id=%s LIMIT 1",
-                                                       array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+                                               SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
+                                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
 
                                                // Send out mail
-                                               $msg = LOAD_EMAIL_TEMPLATE("member_payout_accepted", REQUEST_POST('text'), $uid);
+                                               $message = loadEmailTemplate('member_payout_accepted', postRequestParameter('text'), $userid);
 
                                                // Output message
                                                if ($allow == 'Y') {
                                                        // Banner / Textlink request
-                                                       LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
+                                                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
                                                } else {
                                                        // Normal request
-                                                       LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
+                                                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
                                                }
 
                                                // Finally send mail
-                                               SEND_EMAIL($email, PAYOUT_ACCEPTED_SUBJECT, $msg);
+                                               sendEmail(getUserData('email'), getMessage('PAYOUT_ACCEPTED_SUBJECT'), $message);
                                        } else {
                                                // Something goes wrong... :-(
                                                $content = implode("<br />", $ret);
-                                               LOAD_TEMPLATE("admin_payout_failed_transfer", false, $content);
+                                               loadTemplate('admin_payout_failed_transfer', false, $content);
                                        }
                                } else {
                                        // Cannot load payout id
-                                       LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
+                                       loadTemplate('admin_settings_saved', false, '<div class="admin_failed">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>');
                                }
                        } else {
                                // Prepare content
                                $content = array(
                                        'task' => $task,
-                                       'pid'  => bigintval(REQUEST_GET('pid'))
+                                       'pid'  => bigintval(getRequestParameter('pid')),
+                                       'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
                                );
 
                                // Load template
-                               LOAD_TEMPLATE("admin_payout_accept_form", false, $content);
+                               loadTemplate('admin_payout_accept_form', false, $content);
                        }
-               } elseif ((REQUEST_GET('do') == "reject") && (!empty($email))) {
+               } elseif ((getRequestParameter('do') == 'reject') && (!empty(getUserData('email')))) {
                        // Ok, now we can output the form or execute rejecting
-                       if (IS_FORM_SENT()) {
+                       if (isFormSent()) {
                                if ($task > 0) {
                                        // Clear task
                                        runFilterChain('solve_task', $task);
-                               }
+                               } // END - if
 
                                // Clear payout request
-                               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE id=%s LIMIT 1",
-                                       array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+                               SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
+                                       array(bigintval(getRequestParameter('pid'))), __FILE__, __LINE__);
 
                                // Send out mail
-                               $msg = LOAD_EMAIL_TEMPLATE("member_payout_rejected", REQUEST_POST('text'), $uid);
+                               $message = loadEmailTemplate('member_payout_rejected', postRequestParameter('text'), $userid);
 
                                // Output message
-                               LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
+                               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
 
                                // Finally send mail
-                               SEND_EMAIL($email, getMessage('PAYOUT_REJECTED_SUBJECT'), $msg);
+                               sendEmail(getUserData('email'), getMessage('PAYOUT_REJECTED_SUBJECT'), $message);
                        } else {
                                // Prepare content
                                $content = array(
-                                       'task' => $task
-                                       'pid'  => bigintval(REQUEST_GET('pid'))
+                                       'task' => $task,
+                                       'pid'  => bigintval(getRequestParameter('pid')),
+                                       'user' => '<a href="' . generateEmailLink(getUserData('email'), 'user_data') . '">' . translateGender(getUserData('gender')) . ' ' . getUserData('surname') . ' ' . getUserData('family') . '</a>',
                                );
 
                                // Load template
-                               LOAD_TEMPLATE("admin_payout_reject_form", false, $content);
+                               loadTemplate('admin_payout_reject_form', false, $content);
                        }
                } else {
                        // Cannot load user data
-                       LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
+                       loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
                }
-       } elseif ((empty($task)) || ($task == "0")) {
-               // Failed loading task ID
-               LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
+       } elseif ((empty($task)) || ($task == '0')) {
+               // Failed loading task id
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
        }
 } else {
-       if (!REQUEST_ISSET_GET('do')) REQUEST_SET_GET('do', '');
-
-       if (REQUEST_GET('do') == "delete") {
+       if (getRequestParameter('do') == 'delete') {
                // Delete all requests
-               $result = SQL_QUERY("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__);
-       }
+               $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
+       } // END - if
 
        // Search for payouts
-       $result = SQL_QUERY("SELECT p.id, p.userid AS uid, p.payout_total, p.target_account, p.target_bank, t.type, p.payout_timestamp, p.status, t.allow_url AS allow, p.target_url AS url, p.link_text AS alt, p.banner_url AS banner
-FROM `{!_MYSQL_PREFIX!}_user_payouts` AS p, `{!_MYSQL_PREFIX!}_payout_types` AS t
-WHERE p.payout_id=t.id
-ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
+       $result = SQL_QUERY("SELECT
+       p.id, p.userid, p.payout_total, p.target_account,
+       p.target_bank, t.type, p.payout_timestamp, p.status,
+       t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
+       p.banner_url AS banner
+FROM
+       `{?_MYSQL_PREFIX?}_user_payouts` AS p
+LEFT JOIN
+       `{?_MYSQL_PREFIX?}_payout_types` AS t
+ON
+       p.payout_id=t.id
+ORDER BY
+       p.payout_timestamp DESC", __FILE__, __LINE__);
 
        if (SQL_NUMROWS($result) > 0) {
                // List found payouts
                $OUT = ''; $SW = 2;
                while ($content = SQL_FETCHARRAY($result)) {
-                       if ($content['status'] == "NEW") {
+                       if ($content['status'] == 'NEW') {
                                // Generate links for direct accepting and rejecting
-                               $content['status'] = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=".$content['id']."\">".PAYOUT_ACCEPT_PAYOUT."</a>&nbsp;|&nbsp;<a href=\"{!URL!}/modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=".$content['id']."\">".PAYOUT_REJECT_PAYOUT."</a>";
+                               $content['status'] = '<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=accept&amp;pid=' . $content['id'] . '%}">{--PAYOUT_ACCEPT_PAYOUT--}</a>&nbsp;|&nbsp;<a href="{%url=modules.php?module=admin&amp;what=list_payouts&amp;do=reject&amp;pid=' . $content['id'] . '%}">{--PAYOUT_REJECT_PAYOUT--}</a>';
                        } else {
                                // Translate status
-                               $content['status'] = constant('PAYOUT_STATUS_'.strtoupper($content['status']).'');
-                               $content['status'] = "<div class=\"admin_failed\">".$content['status']."</div>";
+                               $content['status'] = getMessage('PAYOUT_STATUS_'.strtoupper($content['status']).'');
+                               $content['status'] = '<div class="admin_failed">' . $content['status'] . '</div>';
                        }
 
                        // Nothing entered must be secured in member/what-payputs.php !
@@ -237,14 +247,14 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
                                // Banner/Textlink views/clicks request
                                if (!empty($content['banner'])) {
                                        // Load template for the banner
-                                       $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
+                                       $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
                                } else {
                                        // Textlink
-                                       $content['target_account'] = LOAD_TEMPLATE("admin_list_payouts_txt", true, $content);
+                                       $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
                                }
 
                                // Admins can addionally test the URL for framekillers
-                               $content['target_bank'] = "<a href=\"".FRAMETESTER($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
+                               $content['target_bank'] = '<a href="' . generateFrametesterUrl($content['url']) . '" target="_blank">{--CLICK_HERE--}</a>';
                        } else {
                                // e-currency payout request
                                if (empty($content['target_account'])) $content['target_account'] = '---';
@@ -254,29 +264,29 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
                        // Remember data in array for the template
                        $content = array(
                                'sw'      => $SW,
-                               'ulink'   => ADMIN_USER_PROFILE_LINK($content['userid']),
-                               'ptype'   => TRANSLATE_COMMA($content['payout_total'])." ".COMPILE_CODE($content['type']),
+                               'ulink'   => generateUserProfileLink($content['userid']),
+                               'ptype'   => translateComma($content['payout_total']) . ' ' . $content['type'],
                                'account' => $content['target_account'],
                                'bank'    => $content['target_bank'],
-                               'tstamp'  => MAKE_DATETIME($content['payout_timestamp'], "2"),
+                               'tstamp'  => generateDateTime($content['payout_timestamp'], 2),
                                'status'  => $content['status'],
                        );
 
                        // Add row and switch color
-                       $OUT .= LOAD_TEMPLATE("admin_list_payouts_row", true, $content);
+                       $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
                        $SW = 3 - $SW;
-               }
+               } // END - while
 
                // Free memory
                SQL_FREERESULT($result);
-               define('__PAYOUT_ROWS', $OUT);
 
                // Load final template
-               LOAD_TEMPLATE("admin_list_payouts");
+               loadTemplate('admin_list_payouts', false, $OUT);
        } else {
                // No payout requests are sent so far
-               LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
+               loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
        }
 }
-//
+
+// [EOF]
 ?>