************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
} elseif (!IS_MEMBER()) {
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
// Check if the admin has entered the data
if ((empty($_CONFIG['primera_api_name'])) || (empty($_CONFIG['primera_api_md5']))) {
// Is the mode set (payout only)
if (!isset($_GET['mode'])) {
- // Get referral id
+ // Get referal id
$content['refid'] = bigintval($_CONFIG['primera_refid']);
- // Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ // Get Primus id
+ $result = SQL_QUERY_ESC("SELECT primera_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
$rowContent = array(
'stamp' => MAKE_DATETIME($data['primera_timestamp'], "2"),
'points' => TRANSLATE_COMMA($data['primera_amount']),
- 'acc' => bigintval($data['primera_account']),
+ 'acc' => SQL_ESCAPE($data['primera_account']),
'status' => PRIMERA_TRANSFER_STATUS($data['primera_type']),
'raw_type' => strtolower($data['primera_type']),
'sw' => $SW,
$content['points'] = $points;
$content['min_points'] = TRANSLATE_COMMA($_CONFIG['primera_min_payout']);
- // Get WDS66 id
+ // Get Primera id
$content['primus_nickname'] = "";
- $result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT primera_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
// Check input data depending on the mode and execute the requested mode
switch ($_GET['mode']) {
- case "pay": // Payout this exchange -> WDS66
+ case "pay": // Payout this exchange -> Primus
// Is the user ID and password set?
if (empty($_POST['primus_nickname'])) {
- // Nothing entered in WDS66 user ID
+ // Nothing entered in Primus nickname
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_USERNAME);
OUTPUT_HTML("<br />");
} elseif (empty($_POST['primera_password'])) {
- // Nothing entered in WDS66 password
+ // Nothing entered in Primera password
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_PASSWORD);
OUTPUT_HTML("<br />");
} elseif (empty($_POST['amount'])) {
// Nothing entered in amount
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_AMOUNT);
OUTPUT_HTML("<br />");
- } elseif ($_POST['primus_nickname'] != bigintval($_POST['primus_nickname'])) {
- // Only numbers in account ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_USERNAME);
- OUTPUT_HTML("<br />");
} elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
// Only numbers in amount!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_AMOUNT);
// Default is locked!
$locked = true;
- // Shall I "pay" the referral points imidiately?
+ // Shall I "pay" the referal points imidiately?
if ($_CONFIG['ref_payout'] == "0") {
// Yes, "pay" it now
$locked = false;
} // END - if
- // Remove the points from the account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %s, `primera_userid`=%s WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['amount']), bigintval($_POST['primus_nickname']), $GLOBALS['userid']), __FILE__, __LINE__);
+ // Remove points from account
+ SUB_POINTS("primera_payout", $GLOBALS['userid'], $_POST['amount']);
+
+ // Update primera nickname
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `primera_userid`=%s WHERE userid=%s LIMIT 1",
+ array($_POST['primus_nickname'], $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_PAYOUT_DONE);
break;
default: // Invalid mode!
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", $_GET['mode']));
LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_MODE_INVALID, SQL_ESCAPE($_GET['mode'])));
return;
}
-}
+} // END - if
// Prepare mode for template name
$mode = sprintf("member_primera_mode_%s", SQL_ESCAPE($_GET['mode']));