if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
// User is not logged in
LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("wernis")) && (!IS_ADMIN())) {
// Init the content array and points
$content = array(); $points = false;
-// Is the mode set (withdraw or payout)
-if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
- // Let the user choose what he wants to do
+// Is the mode set (payout only!)
+if (!isset($_GET['mode'])) {
+ // Get referal id
$content['refid'] = bigintval($_CONFIG['wernis_refid']);
// Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
$_GET['mode'] = "list";
// And load all rows!
- $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM "._MYSQL_PREFIX."_user_wernis WHERE `userid` = %d ORDER BY `wernis_timestamp` DESC",
+ $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM "._MYSQL_PREFIX."_user_wernis WHERE `userid` = %s ORDER BY `wernis_timestamp` DESC",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load all rows
while ($data = SQL_FETCHARRAY($result)) {
// Prepare data for output
$rowContent = array(
- 'stamp' => MAKE_DATETIME($data['wernis_timestamp'], "2"),
- 'points' => TRANSLATE_COMMA($data['wernis_amount']),
- 'acc' => bigintval($data['wernis_account']),
- 'status' => WERNIS_TRANSFER_STATUS($data['wernis_type']),
- 'sw' => $SW,
+ 'stamp' => MAKE_DATETIME($data['wernis_timestamp'], "2"),
+ 'points' => TRANSLATE_COMMA($data['wernis_amount']),
+ 'acc' => bigintval($data['wernis_account']),
+ 'status' => WERNIS_TRANSFER_STATUS($data['wernis_type']),
+ 'raw_type' => strtolower($data['wernis_type']),
+ 'sw' => $SW,
);
// Load row template
// Free result
SQL_FREERESULT($result);
} else {
- // Mode chooser! ;-)
- $_GET['mode'] = "choose";
+ // Mode pay
+ $_GET['mode'] = "pay";
}
-} elseif ($_GET['mode'] == "pay") {
+}
+if ($_GET['mode'] == "pay") {
// Get total points and check if the user can request a payout
$points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
$points = explode(".", $points);
$points = bigintval($points[0]);
+ // Remove the registration fee
+ $points = $points - $_CONFIG['points_register'];
+
// Is this enougth for a payout?
if ($points < $_CONFIG['wernis_min_payout']) {
// No, then abort here
// Get WDS66 id
$content['wds66_id'] = "";
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-
- // Are there some entries?
- if (SQL_NUMROWS($result) == 1) {
- // Fetch ID
- list($content['wds66_id']) = SQL_FETCHROW($result);
- }
-
- // Free result
- SQL_FREERESULT($result);
-} elseif ($_GET['mode'] == "withdraw") {
- // Get total points for just displaying them
- $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
-
- // Prepare data for the template
- $content['points'] = TRANSLATE_COMMA($points);
- $content['min_points'] = TRANSLATE_COMMA($_CONFIG['wernis_min_withdraw']);
- $content['wds66_id'] = "";
-
- // Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
// Check input data depending on the mode and execute the requested mode
switch ($_GET['mode']) {
- case "withdraw": // Widthdraws WDS66 -> This exchange
- // Is the user ID and password set?
- if (empty($_POST['wds66_id'])) {
- // Nothing entered in WDS66 user ID
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_USERNAME);
- OUTPUT_HTML("<br />");
- } elseif (empty($_POST['wds66_password'])) {
- // Nothing entered in WDS66 password
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_PASSWORD);
- OUTPUT_HTML("<br />");
- } elseif (empty($_POST['amount'])) {
- // Nothing entered in amount
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_AMOUNT);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['wds66_id'] != bigintval($_POST['wds66_id'])) {
- // Only numbers in account ID!
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_USERNAME);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
- // Only numbers in amount!
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_AMOUNT);
- OUTPUT_HTML("<br />");
- } elseif ($_POST['amount'] < $_CONFIG['wernis_min_widthdraw']) {
- // Not enougth entered!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval($_CONFIG['wernis_min_withdraw'])));
- OUTPUT_HTML("<br />");
- } else {
- // All is fine here so do the withdraw
- $success = WERNIS_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
- if ($success) {
- // Default is locked!
- $locked = true;
-
- // Shall I "pay" the referral points imidiately?
- if ($_CONFIG['ref_payout'] == "0") {
- // Yes, "pay" it now
- $locked = false;
- }
-
- // Add it to this amount
- $DEPTH = 0;
- ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, $locked, "direct");
-
- // Register this wernis movement
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_wernis (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`) VALUES(%d, %d, %d, UNIX_TIMESTAMP(), 'IN')",
- array($GLOBALS['userid'], bigintval($_POST['wds66_id']), bigintval($_POST['amount'])), __FILE__, __LINE__);
-
- // Update the user data as well..
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%d WHERE userid=%d LIMIT 1",
- array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
-
- // All done!
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_WITHDRAW_DONE);
- return;
- } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed")) {
- // Wrong login data
- LOAD_TEMPLATE("admin_settings_saved", false, GET_WERNIS_ERROR_MESSAGE());
- OUTPUT_HTML("<br />");
- } else {
- // Something went wrong
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
- OUTPUT_HTML("<br />");
- }
- }
- break;
-
case "pay": // Payout this exchange -> WDS66
// Is the user ID and password set?
if (empty($_POST['wds66_id'])) {
LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_PAYOUT_POINTS_DEPLETED, bigintval($_POST['amount']), bigintval($points)));
OUTPUT_HTML("<br />");
} else {
- // All is fine here so do the withdraw
+ // All is fine here so do the payout
$success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
if ($success) {
// Default is locked!
$locked = false;
}
- // Remove the points from the account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `points_used` = `points_used` + %d WHERE userid=%d LIMIT 1",
- array(bigintval($_POST['amount']), $GLOBALS['userid']), __FILE__, __LINE__);
-
- // Register this wernis movement
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_wernis (`userid`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type`) VALUES(%d, %d, %d, UNIX_TIMESTAMP(), 'OUT')",
- array($GLOBALS['userid'], bigintval($_POST['wds66_id']), bigintval($_POST['amount'])), __FILE__, __LINE__);
+ // Sub points
+ SUB_POINTS($GLOBALS['userid'], $_POST['amount']);
- // Update the user data as well..
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%d WHERE userid=%d LIMIT 1",
+ // Update WDS66 id
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
- LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_WITHDRAW_DONE);
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_PAYOUT_DONE);
return;
} elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed") || (GET_WERNIS_ERROR_CODE() == "api_amount_failed")) {
// Wrong login data
OUTPUT_HTML("<br />");
} else {
// Something went wrong
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_PAYOUT_FAILED, GET_WERNIS_ERROR_MESSAGE()));
OUTPUT_HTML("<br />");
}
}