Fixes for sql_patches removal vs. password reset of admin

[mailer.git] / inc / modules / member / what-wernis.php

diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php
index 09dfd4a3fe8c59c698c8995e0379910c0c4a6f31..4fc5af8c21563ed07a19f4d48be625ef336cc4b6 100644 (file)
--- a/inc/modules/member/what-wernis.php
+++ b/inc/modules/member/what-wernis.php
@@ -89,11 +89,12 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
                while ($data = SQL_FETCHARRAY($result)) {
                        // Prepare data for output
                        $rowContent = array(
-                               'stamp'         => MAKE_DATETIME($data['wernis_timestamp'], "2"),
-                               'points'        => TRANSLATE_COMMA($data['wernis_amount']),
-                               'acc'           => bigintval($data['wernis_account']),
-                               'status'        => WERNIS_TRANSFER_STATUS($data['wernis_type']),
-                               'sw'            => $SW,
+                               'stamp'                 => MAKE_DATETIME($data['wernis_timestamp'], "2"),
+                               'points'                => TRANSLATE_COMMA($data['wernis_amount']),
+                               'acc'                   => bigintval($data['wernis_account']),
+                               'status'                => WERNIS_TRANSFER_STATUS($data['wernis_type']),
+                               'raw_type'              => strtolower($data['wernis_type']),
+                               'sw'                    => $SW,
                        );
 
                        // Load row template
@@ -115,6 +116,9 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
        $points = explode(".", $points);
        $points = bigintval($points[0]);
 
+       // Remove the registration fee
+       $points = $points - $_CONFIG['points_register'];
+
        // Is this enougth for a payout?
        if ($points < $_CONFIG['wernis_min_payout']) {
                // No, then abort here
@@ -200,22 +204,9 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
                                // All is fine here so do the withdraw
                                $success = WERNIS_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
                                if ($success) {
-                                       // Default is locked!
-                                       $locked = true;
-
-                                       // Shall I "pay" the referral points imidiately?
-                                       if ($_CONFIG['ref_payout'] == "0") {
-                                               // Yes, "pay" it now
-                                               $locked = false;
-                                       }
-
                                        // Add it to this amount
                                        $DEPTH = 0;
-                                       ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, $locked, "direct");
-
-                                       // Register this wernis movement
-                                       $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_wernis (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`) VALUES(%d, %d, %d, UNIX_TIMESTAMP(), 'IN')",
-                                               array($GLOBALS['userid'], bigintval($_POST['wds66_id']), bigintval($_POST['amount'])), __FILE__, __LINE__);
+                                       ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
 
                                        // Update the user data as well..
                                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%d WHERE userid=%d LIMIT 1",
@@ -280,19 +271,11 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
                                        }
 
                                        // Remove the points from the account
-                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `points_used` = `points_used` + %d WHERE userid=%d LIMIT 1",
-                                               array(bigintval($_POST['amount']), $GLOBALS['userid']), __FILE__, __LINE__);
-
-                                       // Register this wernis movement
-                                       $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_wernis (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`) VALUES(%d, %d, %d, UNIX_TIMESTAMP(), 'OUT')",
-                                               array($GLOBALS['userid'], bigintval($_POST['wds66_id']), bigintval($_POST['amount'])), __FILE__, __LINE__);
-
-                                       // Update the user data as well..
-                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%d WHERE userid=%d LIMIT 1",
-                                               array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
+                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %d, `wernis_userid`=%d WHERE userid=%d LIMIT 1",
+                                               array(bigintval($_POST['amount']), bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
 
                                        // All done!
-                                       LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_WITHDRAW_DONE);
+                                       LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_PAYOUT_DONE);
                                        return;
                                } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed") || (GET_WERNIS_ERROR_CODE() == "api_amount_failed")) {
                                        // Wrong login data