************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
// Don't call this directly!
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
// Not logged in
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
ADD_DESCR("member", basename(__FILE__));
$result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
-$TPTS = "0";
+$TPTS = 0;
while (list($lvl, $per) = SQL_FETCHROW($result_depths))
{
// Load referral points
- $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth=%d LIMIT 1",
+ $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%d LIMIT 1",
array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
if (SQL_NUMROWS($result_points) == 1)
{
// Free memory
SQL_FREERESULT($result_depths);
-$result = SQL_QUERY_ESC("SELECT used_points FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-list($USED) = SQL_FETCHROW($result);
-SQL_FREERESULT($result);
+// Get used points
+$USED = GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
// Translate point into comma
$TPTS = TRANSLATE_COMMA($TPTS - $USED);
// Load payout types
$result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
FROM "._MYSQL_PREFIX."_payout_types
-WHERE %d >= min_points
-ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
+WHERE %s >= min_points
+ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// Free memory
FROM "._MYSQL_PREFIX."_user_payouts AS p
LEFT JOIN "._MYSQL_PREFIX."_payout_types AS t
ON p.payout_id = t.id
-WHERE p.userid = %d
+WHERE p.userid = %s
ORDER BY p.payout_timestamp DESC",
array($GLOBALS['userid']), __FILE__, __LINE__);
if (SQL_NUMROWS($result_payouts) > 0)
else
{
// Chedk if he can get paid by selected type
- $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
array(bigintval($_GET['payout'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
define('PAYOUT_MAX_VALUE' , $max);
define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
- if (str_replace(",", ".", $TPTS) >= $min)
+ if (REVERT_COMMA($TPTS) >= $min)
{
// Ok, he can get be paid
if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
define('PAYOUT_POINTS_VALUE', $PAYOUT);
// Subtract points from member's account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
- array($PAYOUT, $GLOBALS['userid']), __FILE__, __LINE__);
-
- // Update mediadata as well
- if (GET_EXT_VERSION("mediadata") >= "0.0.4")
- {
- // Update database
- MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $PAYOUT);
- }
+ SUB_POINTS($GLOBALS['userid'], $PAYOUT);
// Add entry to his tranfer history
if ($allow == "Y")
{
// Banner/textlink ordered
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
-VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
+VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']);
if (GET_EXT_VERSION("admins") >= "0.4.1")
{
$adm_tpl = "admin_payout_request_banner";
}
else
{
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
+ $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']));
}
}
else
{
// e-currency payout requested
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
array(
$GLOBALS['userid'],
bigintval($_POST['payout']),
), __FILE__, __LINE__);
// Load templates
- $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
- $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
+ $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']);
+ $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']));
$admin_tpl = "";
if (GET_EXT_VERSION("admins") >= "0.4.1")
{
// Generate task
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %d)",
+VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] ".PAYOUT_REQUEST_ADMIN."','%s', UNIX_TIMESTAMP(), %s)",
array(
$msg_adm,
$GLOBALS['userid']
SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
// To admin(s)
- SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
+ SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, array(), $GLOBALS['userid']);
// Load template and output it
LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);
projects / mailer.git / blobdiff