* Needs to be in all Files and every File needs "svn propset *
* svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
************************************************************************/
// Some security stuff...
-if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
- require($INC);
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+ die();
}
// Add description as navigation point
-ADD_DESCR('admin', __FILE__);
+addMenuDescription('admin', __FILE__);
-if (REQUEST_ISSET_GET(('pid'))) {
+if (isGetRequestElementSet(('pid'))) {
// First let's get the member's ID
- $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE `id`=%s LIMIT 1",
- array(REQUEST_GET('pid')), __FILE__, __LINE__);
- list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
+ $result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+ array(getRequestElement('pid')), __FILE__, __LINE__);
+ list($userid, $tuserid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Obtain some data
- if (!REQUEST_ISSET_GET(('task')) && (!empty($uid)) && ($uid > 0)) {
+ if (!isGetRequestElementSet(('task')) && (!empty($userid)) && ($userid > 0)) {
// Get task ID from database
- $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_task_system` WHERE userid=%s AND `task_type`='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_task_system` WHERE `userid`=%s AND `task_type`='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
+ array(bigintval($userid)), __FILE__, __LINE__);
list($task) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if (empty($task)) $task = 0;
- } elseif ((empty($uid)) || ($uid == '0')) {
+ } elseif ((empty($userid)) || ($userid == '0')) {
// Cannot obtain member ID!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERID'));
} else {
// Get task ID from URL
- $task = REQUEST_GET('task');
+ $task = getRequestElement('task');
}
- if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
+ if ((!empty($task)) && (!empty($userid)) && ($userid > 0)) {
// Load user's data
- $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `email`, `gender`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
+ array(bigintval($userid)), __FILE__, __LINE__);
list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- // Konstante bauen
- define('PAYOUT_USERDATA_VALUE', "<a href=\"".generateEmailLink($email, 'user_data')."\">".translateGender($gender)." ".$surname." ".$family."</a>");
-
- if ((REQUEST_GET('do') == 'accept') && (!empty($email))) {
+ if ((getRequestElement('do') == 'accept') && (!empty($email))) {
// Ok, now we can output the form or execute accepting
if (isFormSent()) {
// Obtain payout type and other data
- $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{!_MYSQL_PREFIX!}_user_payouts` WHERE `id`=%s LIMIT 1",
- array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `payout_id` FROM `{?_MYSQL_PREFIX?}_user_payouts` WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
list($ptype) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Obtain data from payout type
$result = SQL_QUERY_ESC("SELECT `from_account`, `from_pass`, `engine_url`, `engine_ret_ok`, `engine_ret_failed`, `pass_enc`, `allow_url`
FROM
- `{!_MYSQL_PREFIX!}_payout_types`
+ `{?_MYSQL_PREFIX?}_payout_types`
WHERE
`id`=%s
LIMIT 1",
array(bigintval($ptype)), __FILE__, __LINE__);
- list($fuid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
+ list($fuserid, $fpass, $eurl, $eok, $failed, $eenc, $allow) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if (!empty($eurl)) {
// Ok, run URL...
- $eurl = COMPILE_CODE($eurl);
+ $eurl = compileCode($eurl);
switch ($eenc) {
case 'md5':
$fpass = md5($fpass);
$reason = encodeString(getMessage('PAYOUT_REASON_PAYOUT'), false);
// Run code...
+ // @TODO Do we need this time-consuming eval() here?
eval($eval);
// Execute transfer
}
// Clear payout request
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
- array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='ACCEPTED' WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
// Send out mail
- $message = LOAD_EMAIL_TEMPLATE('member_payout_accepted', REQUEST_POST('text'), $uid);
+ $message = loadEmailTemplate('member_payout_accepted', postRequestElement('text'), $userid);
// Output message
if ($allow == 'Y') {
// Banner / Textlink request
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_BANNER_ACCEPTED_NOTIFIED'));
} else {
// Normal request
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ACCEPTED_NOTIFIED'));
}
// Finally send mail
} else {
// Something goes wrong... :-(
$content = implode("<br />", $ret);
- LOAD_TEMPLATE('admin_payout_failed_transfer', false, $content);
+ loadTemplate('admin_payout_failed_transfer', false, $content);
}
} else {
// Cannot load payout id
-
LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
+
loadTemplate('admin_settings_saved', false, "<div class=\"admin_failed\">{--PAYOUT_FAILED_OBTAIN_PAYOUT_ID--}</div>");
}
} else {
// Prepare content
$content = array(
'task' => $task,
- 'pid' => bigintval(REQUEST_GET('pid'))
+ 'pid' => bigintval(getRequestElement('pid')),
+ 'user' => "<a href=\"".generateEmailLink($email, 'user_data')."\">".translateGender($gender)." ".$surname." ".$family."</a>",
);
// Load template
- LOAD_TEMPLATE('admin_payout_accept_form', false, $content);
+ loadTemplate('admin_payout_accept_form', false, $content);
}
- } elseif ((REQUEST_GET('do') == 'reject') && (!empty($email))) {
+ } elseif ((getRequestElement('do') == 'reject') && (!empty($email))) {
// Ok, now we can output the form or execute rejecting
if (isFormSent()) {
if ($task > 0) {
} // END - if
// Clear payout request
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
- array(bigintval(REQUEST_GET('pid'))), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_payouts` SET `status`='REJECTED' WHERE `id`=%s LIMIT 1",
+ array(bigintval(getRequestElement('pid'))), __FILE__, __LINE__);
// Send out mail
- $message = LOAD_EMAIL_TEMPLATE('member_payout_rejected', REQUEST_POST('text'), $uid);
+ $message = loadEmailTemplate('member_payout_rejected', postRequestElement('text'), $userid);
// Output message
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_REJECTED_NOTIFIED'));
// Finally send mail
sendEmail($email, getMessage('PAYOUT_REJECTED_SUBJECT'), $message);
// Prepare content
$content = array(
'task' => $task,
- 'pid' => bigintval(REQUEST_GET('pid'))
+ 'pid' => bigintval(getRequestElement('pid')),
+ 'user' => "<a href=\"".generateEmailLink($email, 'user_data')."\">".translateGender($gender)." ".$surname." ".$family."</a>",
);
// Load template
- LOAD_TEMPLATE('admin_payout_reject_form', false, $content);
+ loadTemplate('admin_payout_reject_form', false, $content);
}
} else {
// Cannot load user data
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_USERDATA'));
}
} elseif ((empty($task)) || ($task == '0')) {
// Failed loading task ID
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_FAILED_OBTAIN_TASK_ID'));
}
} else {
- if (!REQUEST_ISSET_GET('do')) REQUEST_SET_GET('do', '');
+ if (!isGetRequestElementSet('do')) setRequestGetElement('do', '');
- if (REQUEST_GET('do') == 'delete') {
+ if (getRequestElement('do') == 'delete') {
// Delete all requests
- $result = SQL_QUERY("TRUNCATE `{!_MYSQL_PREFIX!}_user_payouts`", __FILE__, __LINE__);
+ $result = SQL_QUERY("TRUNCATE `{?_MYSQL_PREFIX?}_user_payouts`", __FILE__, __LINE__);
} // END - if
// Search for payouts
$result = SQL_QUERY("SELECT
- p.id, p.userid AS uid, p.payout_total, p.target_account,
+ p.id, p.userid, p.payout_total, p.target_account,
p.target_bank, t.type, p.payout_timestamp, p.status,
t.allow_url AS allow, p.target_url AS url, p.link_text AS alt,
p.banner_url AS banner
FROM
- `{!_MYSQL_PREFIX!}_user_payouts` AS p
+ `{?_MYSQL_PREFIX?}_user_payouts` AS p
LEFT JOIN
- `{!_MYSQL_PREFIX!}_payout_types` AS t
+ `{?_MYSQL_PREFIX?}_payout_types` AS t
ON
p.payout_id=t.id
ORDER BY
// Banner/Textlink views/clicks request
if (!empty($content['banner'])) {
// Load template for the banner
- $content['target_account'] = LOAD_TEMPLATE('admin_list_payouts_banner', true, $content);
+ $content['target_account'] = loadTemplate('admin_list_payouts_banner', true, $content);
} else {
// Textlink
- $content['target_account'] = LOAD_TEMPLATE('admin_list_payouts_txt', true, $content);
+ $content['target_account'] = loadTemplate('admin_list_payouts_txt', true, $content);
}
// Admins can addionally test the URL for framekillers
- $content['target_bank'] = "<a href=\"".FRAMETESTER($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
+ $content['target_bank'] = "<a href=\"".generateFrametesterUrl($content['url'])."\" target=\"_blank\">{--CLICK_HERE--}</a>";
} else {
// e-currency payout request
if (empty($content['target_account'])) $content['target_account'] = '---';
$content = array(
'sw' => $SW,
'ulink' => generateUserProfileLink($content['userid']),
- 'ptype' => translateComma($content['payout_total'])." ".COMPILE_CODE($content['type']),
+ 'ptype' => translateComma($content['payout_total']) . ' ' . $content['type'],
'account' => $content['target_account'],
'bank' => $content['target_bank'],
'tstamp' => generateDateTime($content['payout_timestamp'], '2'),
);
// Add row and switch color
- $OUT .= LOAD_TEMPLATE('admin_list_payouts_row', true, $content);
+ $OUT .= loadTemplate('admin_list_payouts_row', true, $content);
$SW = 3 - $SW;
}
// Free memory
SQL_FREERESULT($result);
- define('__PAYOUT_ROWS', $OUT);
// Load final template
- LOAD_TEMPLATE('admin_list_payouts');
+ loadTemplate('admin_list_payouts', false, $OUT);
} else {
// No payout requests are sent so far
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
+ loadTemplate('admin_settings_saved', false, getMessage('PAYOUT_ADMIN_NO_REQUESTS_FOUND'));
}
}
projects / mailer.git / blobdiff