************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
} elseif (!IS_MEMBER()) {
// User is not logged in
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("wernis")) && (!IS_ADMIN())) {
- // Extension "wernis" is not activated
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
// Check if the admin has entered the data
if ((empty($_CONFIG['wernis_api_id'])) || (empty($_CONFIG['wernis_api_md5']))) {
$content['wds66_id'] = 0;
// Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
// Get WDS66 id
$content['wds66_id'] = "";
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
WERNIS_ADD_FEES_TO_ARRAY($content);
// Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
$success = WERNIS_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
if ($success) {
// Add it to this amount
- $DEPTH = 0;
- ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
+ unset($DEPTH);
+ ADD_POINTS_REFSYSTEM("wernis_withdraw", $GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
// Update the user data as well..
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
OUTPUT_HTML("<br />");
} else {
// All is fine here so do the withdraw
- $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
+ $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], $_POST['amount']);
if ($success) {
// Sub points
- SUB_POINTS($GLOBALS['userid'], $_POST['amount']);
+ SUB_POINTS("wernis_payout", $GLOBALS['userid'], $_POST['amount']);
// Update WDS66 id
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
break;
default: // Invalid mode!
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", $_GET['mode']));
LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, SQL_ESCAPE($_GET['mode'])));
return;
}
}
-}
+} // END - if
// Prepare mode for template name
$mode = sprintf("member_wernis_mode_%s", SQL_ESCAPE($_GET['mode']));
projects / mailer.git / blobdiff