************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
// User is not logged in
- LOAD_URL(URL."/modules.php?module=index");
+ LOAD_URL("modules.php?module=index");
} elseif ((!EXT_IS_ACTIVE("wernis")) && (!IS_ADMIN())) {
- // Extension "wernis" is not activated
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis");
+ addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
+
+// Check if the admin has entered the data
+if ((getConfig('wernis_api_id') == "") || (getConfig('wernis_api_md5') == "")) {
+ // Something important is missing...
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_API_DATA_MISSING);
+ return;
+} // END - if
+
+// Init the content array and points
+$content = array(); $points = false;
// Is the mode set (withdraw or payout)
-if (!isset($_GET['mode'])) {
+if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
// Let the user choose what he wants to do
- LOAD_TEMPLATE("member_wernis_mode_choose");
+ $content['refid'] = bigintval(getConfig('wernis_refid'));
+ $content['wds66_id'] = 0;
+
+ // Get WDS66 id
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Are there some entries?
+ if (SQL_NUMROWS($result) == 1) {
+ // Fetch ID
+ list($content['wds66_id']) = SQL_FETCHROW($result);
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Is there an ID?
+ if ((!empty($content['wds66_id'])) && (!isset($_GET['mode']))) {
+ // Then use an other "mode"
+ $_GET['mode'] = "list";
+
+ // And load all rows!
+ $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM `{!_MYSQL_PREFIX!}_user_wernis` WHERE `userid` = %s ORDER BY `wernis_timestamp` DESC",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Load all rows
+ $content['rows'] = ""; $SW = 2;
+ while ($data = SQL_FETCHARRAY($result)) {
+ // Prepare data for output
+ $rowContent = array(
+ 'stamp' => MAKE_DATETIME($data['wernis_timestamp'], "2"),
+ 'points' => TRANSLATE_COMMA($data['wernis_amount']),
+ 'acc' => bigintval($data['wernis_account']),
+ 'status' => WERNIS_TRANSFER_STATUS($data['wernis_type']),
+ 'raw_type' => strtolower($data['wernis_type']),
+ 'sw' => $SW,
+ );
+
+ // Load row template
+ $content['rows'] .= LOAD_TEMPLATE("member_wernis_mode_list_row", true, $rowContent);
+ $SW = 3 - $SW;
+ }
+
+ // Free result
+ SQL_FREERESULT($result);
+ } else {
+ // Default links are not active!
+ $content['payout_link'] = "<em>".WERNIS_MEMBER_PAYOUT_DISABLED."</em>";
+ $content['withdraw_link'] = "<em>".WERNIS_MEMBER_WITHDRAW_DISABLED."</em>";
+
+ // Is the payout mode active?
+ if (getConfig('wernis_payout_active') == "Y") {
+ // Add link
+ $content['payout_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"{!URL!}/modules.php?module=login&what=wernis&mode=payout\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_PAYOUT."</div></a>";
+ } // END - if
+
+ // Is the withdraw mode active?
+ if (getConfig('wernis_withdraw_active') == "Y") {
+ // Add link
+ $content['withdraw_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"{!URL!}/modules.php?module=login&what=wernis&mode=withdraw\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_WITHDRAW."</div></a>";
+ } // END - if
+
+ // Mode chooser! ;-)
+ $_GET['mode'] = "choose";
+ }
+} elseif (($_GET['mode'] == "payout") && (getConfig('wernis_payout_active') == "Y")) {
+ // Get total points and check if the user can request a payout
+ $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
+
+ // Remove the registration fee
+ $points = $points - getConfig('points_register');
+
+ // Is there a percentage or fixed fee?
+ $points = WERNIS_TAKE_FEE($points, "payout");
+
+ // Is this enougth for a payout?
+ if ($points < getConfig('wernis_min_payout')) {
+ // No, then abort here
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MIN_PAYOUT, TRANSLATE_COMMA(getConfig('wernis_min_payout'))));
+ return;
+ } // END - if
+
+ // No dots here...
+ $points = explode(".", $points);
+ $points = bigintval($points[0]);
+
+ // Add points to content array
+ $content['points'] = TRANSLATE_COMMA($points);
+ $content['min_points'] = TRANSLATE_COMMA(getConfig('wernis_min_payout'));
+
+ // Add fees to array
+ WERNIS_ADD_FEES_TO_ARRAY($content);
+
+ // Get WDS66 id
+ $content['wds66_id'] = "";
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Are there some entries?
+ if (SQL_NUMROWS($result) == 1) {
+ // Fetch ID
+ list($content['wds66_id']) = SQL_FETCHROW($result);
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+} elseif (($_GET['mode'] == "withdraw") && (getConfig('wernis_withdraw_active') == "Y")) {
+ // Get total points for just displaying them
+ $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
+
+ // Prepare data for the template
+ $content['points'] = TRANSLATE_COMMA($points);
+ $content['min_points'] = TRANSLATE_COMMA(getConfig('wernis_min_withdraw'));
+ $content['wds66_id'] = "";
+
+ // Add fees to array
+ WERNIS_ADD_FEES_TO_ARRAY($content);
+
+ // Get WDS66 id
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+
+ // Are there some entries?
+ if (SQL_NUMROWS($result) == 1) {
+ // Fetch ID
+ list($content['wds66_id']) = SQL_FETCHROW($result);
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+} else {
+ // Invalid mode!
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, SQL_ESCAPE($_GET['mode'])));
+ return;
}
+// Is the formular sent?
+if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
+ // Is the user ID and password set?
+ if (empty($_POST['wds66_id'])) {
+ // Nothing entered in WDS66 user ID
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_USERNAME);
+ } elseif (empty($_POST['wds66_password'])) {
+ // Nothing entered in WDS66 password
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_PASSWORD);
+ } elseif (empty($_POST['amount'])) {
+ // Nothing entered in amount
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_AMOUNT);
+ } elseif ($_POST['wds66_id'] != bigintval($_POST['wds66_id'])) {
+ // Only numbers in account ID!
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_USERNAME);
+ } elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
+ // Only numbers in amount!
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_AMOUNT);
+ } else {
+ // Check input data depending on the mode and execute the requested mode
+ switch ($_GET['mode']) {
+ case "withdraw": // Widthdraws WDS66 -> This exchange
+ if ($_POST['amount'] < getConfig('wernis_min_withdraw')) {
+ // Not enougth entered!
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval(getConfig('wernis_min_withdraw'))));
+ } else {
+ // All is fine here so do the withdraw
+ $success = WERNIS_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
+ if ($success) {
+ // Add it to this amount
+ unset($GLOBALS['ref_level']);
+ ADD_POINTS_REFSYSTEM("wernis_withdraw", $GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
+
+ // Update the user data as well..
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+ array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
+
+ // All done!
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_WITHDRAW_DONE);
+ return;
+ } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed")) {
+ // Wrong login data
+ LOAD_TEMPLATE("admin_settings_saved", false, GET_WERNIS_ERROR_MESSAGE());
+ } else {
+ // Something went wrong
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
+ }
+ }
+ break;
+
+ case "payout": // Payout this exchange -> WDS66
+ if ($_POST['amount'] < getConfig('wernis_min_payout')) {
+ // Not enougth entered!
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval(getConfig('wernis_min_payout'))));
+ } elseif ($_POST['amount'] > $points) {
+ // Not enougth points left!
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_PAYOUT_POINTS_DEPLETED, bigintval($_POST['amount']), bigintval($points)));
+ } else {
+ // All is fine here so do the withdraw
+ $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], $_POST['amount']);
+ if ($success) {
+ // Sub points
+ SUB_POINTS("wernis_payout", $GLOBALS['userid'], $_POST['amount']);
+
+ // Update WDS66 id
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+ array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
+
+ // All done!
+ LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_PAYOUT_DONE);
+ return;
+ } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed") || (GET_WERNIS_ERROR_CODE() == "api_amount_failed")) {
+ // Wrong login data
+ LOAD_TEMPLATE("admin_settings_saved", false, GET_WERNIS_ERROR_MESSAGE());
+ } else {
+ // Something went wrong
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
+ }
+ }
+ break;
+
+ default: // Invalid mode!
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", $_GET['mode']));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, SQL_ESCAPE($_GET['mode'])));
+ return;
+ }
+ }
+} // END - if
+
+// Prepare mode for template name
+$mode = sprintf("member_wernis_mode_%s", SQL_ESCAPE($_GET['mode']));
+
+// Load the template
+LOAD_TEMPLATE($mode, false, $content);
+
//
?>
projects / mailer.git / blobdiff