************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
} elseif (!IS_MEMBER()) {
// Get referral id
$content['refid'] = bigintval($_CONFIG['primera_refid']);
- // Get WDS66 id
+ // Get Primus id
$result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
$rowContent = array(
'stamp' => MAKE_DATETIME($data['primera_timestamp'], "2"),
'points' => TRANSLATE_COMMA($data['primera_amount']),
- 'acc' => bigintval($data['primera_account']),
+ 'acc' => SQL_ESCAPE($data['primera_account']),
'status' => PRIMERA_TRANSFER_STATUS($data['primera_type']),
'raw_type' => strtolower($data['primera_type']),
'sw' => $SW,
$content['points'] = $points;
$content['min_points'] = TRANSLATE_COMMA($_CONFIG['primera_min_payout']);
- // Get WDS66 id
+ // Get Primera id
$content['primus_nickname'] = "";
$result = SQL_QUERY_ESC("SELECT primera_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
// Check input data depending on the mode and execute the requested mode
switch ($_GET['mode']) {
- case "pay": // Payout this exchange -> WDS66
+ case "pay": // Payout this exchange -> Primus
// Is the user ID and password set?
if (empty($_POST['primus_nickname'])) {
- // Nothing entered in WDS66 user ID
+ // Nothing entered in Primus nickname
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_USERNAME);
OUTPUT_HTML("<br />");
} elseif (empty($_POST['primera_password'])) {
- // Nothing entered in WDS66 password
+ // Nothing entered in Primera password
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_PASSWORD);
OUTPUT_HTML("<br />");
} elseif (empty($_POST['amount'])) {
// Nothing entered in amount
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_EMPTY_AMOUNT);
OUTPUT_HTML("<br />");
- } elseif ($_POST['primus_nickname'] != bigintval($_POST['primus_nickname'])) {
- // Only numbers in account ID!
- LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_USERNAME);
- OUTPUT_HTML("<br />");
} elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
// Only numbers in amount!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_INVALID_AMOUNT);
$locked = false;
} // END - if
- // Remove the points from the account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %s, `primera_userid`=%s WHERE userid=%s LIMIT 1",
- array(bigintval($_POST['amount']), bigintval($_POST['primus_nickname']), $GLOBALS['userid']), __FILE__, __LINE__);
+ // Remove points from account
+ SUB_POINTS($GLOBALS['userid'], $_POST['amount']);
+
+ // Update primera nickname
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `primera_userid`=%s WHERE userid=%s LIMIT 1",
+ array($_POST['primus_nickname'], $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
LOAD_TEMPLATE("admin_settings_saved", false, PRIMERA_MEMBER_PAYOUT_DONE);
projects / mailer.git / blobdiff