************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
// User is not logged in
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("primera")) && (!IS_ADMIN())) {
// Init the content array and points
$content = array(); $points = false;
-// Is the mode set (withdraw or payout)
-if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
- // Let the user choose what he wants to do
+// Is the mode set (payout only)
+if (!isset($_GET['mode'])) {
+ // Get referral id
$content['refid'] = bigintval($_CONFIG['primera_refid']);
- // Get WDS66 id
+ // Get Primus id
$result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
if (SQL_NUMROWS($result) == 1) {
// Fetch ID
- list($content['wds66_id']) = SQL_FETCHROW($result);
- }
+ list($content['primus_nickname']) = SQL_FETCHROW($result);
+ } // END - if
// Free result
SQL_FREERESULT($result);
// Is there an ID?
- if ((!empty($content['wds66_id'])) && (!isset($_GET['mode']))) {
+ if ((!empty($content['primus_nickname'])) && (!isset($_GET['mode']))) {
// Then use an other "mode"
$_GET['mode'] = "list";
$rowContent = array(
'stamp' => MAKE_DATETIME($data['primera_timestamp'], "2"),
'points' => TRANSLATE_COMMA($data['primera_amount']),
- 'acc' => bigintval($data['primera_account']),
+ 'acc' => SQL_ESCAPE($data['primera_account']),
'status' => PRIMERA_TRANSFER_STATUS($data['primera_type']),
'raw_type' => strtolower($data['primera_type']),
'sw' => $SW,
// Free result
SQL_FREERESULT($result);
} else {
- // Mode chooser! ;-)
- $_GET['mode'] = "choose";
+ // Mode pay
+ $_GET['mode'] = "pay";
}
-} elseif ($_GET['mode'] == "pay") {
+} // END - if
+if ($_GET['mode'] == "pay") {
// Get total points and check if the user can request a payout
$points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
$content['points'] = $points;
$content['min_points'] = TRANSLATE_COMMA($_CONFIG['primera_min_payout']);
- // Get WDS66 id
- $content['wds66_id'] = "";
+ // Get Primera id
+ $content['primus_nickname'] = "";
$result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
if (SQL_NUMROWS($result) == 1) {
// Fetch ID
- list($content['wds66_id']) = SQL_FETCHROW($result);
- }
-
- // Free result
- SQL_FREERESULT($result);
-} elseif ($_GET['mode'] == "withdraw") {
- // Get total points for just displaying them
- $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
-
- // Prepare data for the template
- $content['points'] = TRANSLATE_COMMA($points);
- $content['min_points'] = TRANSLATE_COMMA($_CONFIG['primera_min_withdraw']);
- $content['wds66_id'] = "";
-
- // Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-
- // Are there some entries?
- if (SQL_NUMROWS($result) == 1) {
- // Fetch ID
- list($content['wds66_id']) = SQL_FETCHROW($result);
+ list($content['primus_nickname']) = SQL_FETCHROW($result);
}
// Free result
if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
// Check input data depending on the mode and execute the requested mode
switch ($_GET['mode']) {
- case "withdraw": // Widthdraws WDS66 -> This exchange
- // Is the user ID and password set?
- if (empty($_POST['wds66_id'])) {
- // Nothing entered in WDS66 user ID
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_USERNAME);
- OUTPUT_HTML("<br />");
- } elseif (empty($_POST['wds66_password'])) {
- // Nothing entered in WDS66 password
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_PASSWORD);
- OUTPUT_HTML("<br />");
- } elseif (empty($_POST['amount'])) {
- // Nothing entered in amount
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_AMOUNT);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['wds66_id'] != bigintval($_POST['wds66_id'])) {
- // Only numbers in account ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_USERNAME);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
- // Only numbers in amount!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_AMOUNT);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['amount'] < $_CONFIG['primera_min_withdraw']) {
- // Not enougth entered!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_AMOUNT_SMALLER_MIN, bigintval($_CONFIG['primera_min_withdraw'])));
- OUTPUT_HTML("<br />");
- } else {
- // All is fine here so do the withdraw
- $success = PRIMERA_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
- if ($success) {
- // Add it to this amount
- $DEPTH = 0;
- ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
-
- // Update the user data as well..
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `primera_userid`=%s WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
-
- // All done!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_WITHDRAW_DONE);
- return;
- } elseif ((GET_PRIMERA_ERROR_CODE() == "user_failed") || (GET_PRIMERA_ERROR_CODE() == "own_failed") || (GET_PRIMERA_ERROR_CODE() == "amount_failed")) {
- // Wrong login data
- LOAD_TEMPLATE("admin_settings_saved", false, GET_PRIMERA_ERROR_MESSAGE());
- OUTPUT_HTML("<br />");
- } else {
- // Something went wrong
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_WITHDRAW_FAILED, GET_PRIMERA_ERROR_MESSAGE()));
- OUTPUT_HTML("<br />");
- }
- }
- break;
-
- case "pay": // Payout this exchange -> WDS66
+ case "pay": // Payout this exchange -> Primus
// Is the user ID and password set?
- if (empty($_POST['wds66_id'])) {
- // Nothing entered in WDS66 user ID
+ if (empty($_POST['primus_nickname'])) {
+ // Nothing entered in Primus nickname
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_USERNAME);
OUTPUT_HTML("<br />");
- } elseif (empty($_POST['wds66_password'])) {
- // Nothing entered in WDS66 password
+ } elseif (empty($_POST['primera_password'])) {
+ // Nothing entered in Primera password
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_PASSWORD);
OUTPUT_HTML("<br />");
} elseif (empty($_POST['amount'])) {
// Nothing entered in amount
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_AMOUNT);
OUTPUT_HTML("<br />");
- } elseif ($_POST['wds66_id'] != bigintval($_POST['wds66_id'])) {
- // Only numbers in account ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_USERNAME);
- OUTPUT_HTML("<br />");
} elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
// Only numbers in amount!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_AMOUNT);
LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_PAYOUT_POINTS_DEPLETED, bigintval($_POST['amount']), bigintval($points)));
OUTPUT_HTML("<br />");
} else {
- // All is fine here so do the withdraw
- $success = PRIMERA_EXECUTE_PAYOUT($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
+ // All is fine here so do the payout
+ $success = PRIMERA_EXECUTE_PAYOUT($_POST['primus_nickname'], md5($_POST['primera_password']), $_POST['amount']);
if ($success) {
// Default is locked!
$locked = true;
if ($_CONFIG['ref_payout'] == "0") {
// Yes, "pay" it now
$locked = false;
- }
+ } // END - if
+
+ // Remove points from account
+ SUB_POINTS($GLOBALS['userid'], $_POST['amount']);
- // Remove the points from the account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %s, `primera_userid`=%s WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['amount']), bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
+ // Update primera nickname
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `primera_userid`=%s WHERE userid=%s LIMIT 1",
+ array($_POST['primus_nickname'], $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_PAYOUT_DONE);
OUTPUT_HTML("<br />");
} else {
// Something went wrong
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_WITHDRAW_FAILED, GET_PRIMERA_ERROR_MESSAGE()));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_PAYOUT_FAILED, GET_PRIMERA_ERROR_MESSAGE()));
OUTPUT_HTML("<br />");
}
}
projects / mailer.git / blobdiff