More improved SQL queries
[mailer.git] / inc / modules / member / what-wernis.php
index 227d503..8e5465d 100644 (file)
@@ -38,8 +38,8 @@ if (!defined('__SECURITY')) {
 } elseif (!IS_MEMBER()) {
        // User is not logged in
        LOAD_URL("modules.php?module=index");
-} elseif (!EXT_IS_ACTIVE("wernis")) {
-       ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis");
+} elseif ((!EXT_IS_ACTIVE("wernis")) && (!IS_ADMIN())) {
+       addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis");
        return;
 }
 
@@ -47,7 +47,7 @@ if (!defined('__SECURITY')) {
 ADD_DESCR("member", __FILE__);
 
 // Check if the admin has entered the data
-if ((empty($_CONFIG['wernis_api_id'])) || (empty($_CONFIG['wernis_api_md5']))) {
+if ((getConfig('wernis_api_id') == "") || (getConfig('wernis_api_md5') == "")) {
        // Something important is missing...
        LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_API_DATA_MISSING);
        return;
@@ -59,11 +59,11 @@ $content = array(); $points = false;
 // Is the mode set (withdraw or payout)
 if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
        // Let the user choose what he wants to do
-       $content['refid']    = bigintval($_CONFIG['wernis_refid']);
+       $content['refid']    = bigintval(getConfig('wernis_refid'));
        $content['wds66_id'] = 0;
 
        // Get WDS66 id
-       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
                array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Are there some entries?
@@ -81,7 +81,7 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
                $_GET['mode'] = "list";
 
                // And load all rows!
-               $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM "._MYSQL_PREFIX."_user_wernis WHERE `userid` = %s ORDER BY `wernis_timestamp` DESC",
+               $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM `{!_MYSQL_PREFIX!}_user_wernis` WHERE `userid` = %s ORDER BY `wernis_timestamp` DESC",
                        array($GLOBALS['userid']), __FILE__, __LINE__);
 
                // Load all rows
@@ -110,34 +110,34 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
                $content['withdraw_link'] = "<em>".WERNIS_MEMBER_WITHDRAW_DISABLED."</em>";
 
                // Is the payout mode active?
-               if ($_CONFIG['wernis_payout_active'] == "Y") {
+               if (getConfig('wernis_payout_active') == "Y") {
                        // Add link
-                       $content['payout_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"".URL."/modules.php?module=login&amp;what=wernis&amp;mode=payout\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_PAYOUT."</div></a>";
+                       $content['payout_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"{!URL!}/modules.php?module=login&amp;what=wernis&amp;mode=payout\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_PAYOUT."</div></a>";
                } // END - if
 
                // Is the withdraw mode active?
-               if ($_CONFIG['wernis_withdraw_active'] == "Y") {
+               if (getConfig('wernis_withdraw_active') == "Y") {
                        // Add link
-                       $content['withdraw_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"".URL."/modules.php?module=login&amp;what=wernis&amp;mode=withdraw\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_WITHDRAW."</div></a>";
+                       $content['withdraw_link'] = "<a class=\"menu_blur\" style=\"height: 40px\" href=\"{!URL!}/modules.php?module=login&amp;what=wernis&amp;mode=withdraw\"><div style=\"padding-top: 10px\">".MEMBER_WERNIS_MODE_WITHDRAW."</div></a>";
                } // END - if
 
                // Mode chooser! ;-)
                $_GET['mode'] = "choose";
        }
-} elseif (($_GET['mode'] == "payout") && ($_CONFIG['wernis_payout_active'] == "Y")) {
+} elseif (($_GET['mode'] == "payout") && (getConfig('wernis_payout_active') == "Y")) {
        // Get total points and check if the user can request a payout
        $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
 
        // Remove the registration fee
-       $points = $points - $_CONFIG['points_register'];
+       $points = $points - getConfig('points_register');
 
        // Is there a percentage or fixed fee?
        $points = WERNIS_TAKE_FEE($points, "payout");
 
        // Is this enougth for a payout?
-       if ($points < $_CONFIG['wernis_min_payout']) {
+       if ($points < getConfig('wernis_min_payout')) {
                // No, then abort here
-               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MIN_PAYOUT, TRANSLATE_COMMA($_CONFIG['wernis_min_payout'])));
+               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MIN_PAYOUT, TRANSLATE_COMMA(getConfig('wernis_min_payout'))));
                return;
        } // END - if
 
@@ -147,14 +147,14 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
 
        // Add points to content array
        $content['points']     = TRANSLATE_COMMA($points);
-       $content['min_points'] = TRANSLATE_COMMA($_CONFIG['wernis_min_payout']);
+       $content['min_points'] = TRANSLATE_COMMA(getConfig('wernis_min_payout'));
 
        // Add fees to array
        WERNIS_ADD_FEES_TO_ARRAY($content);
 
        // Get WDS66 id
        $content['wds66_id'] = "";
-       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
                array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Are there some entries?
@@ -165,20 +165,20 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) {
 
        // Free result
        SQL_FREERESULT($result);
-} elseif (($_GET['mode'] == "withdraw") && ($_CONFIG['wernis_withdraw_active'] == "Y")) {
+} elseif (($_GET['mode'] == "withdraw") && (getConfig('wernis_withdraw_active') == "Y")) {
        // Get total points for just displaying them
        $points = GET_TOTAL_DATA($GLOBALS['userid'], "user_points", "points") - GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
 
        // Prepare data for the template
        $content['points']     = TRANSLATE_COMMA($points);
-       $content['min_points'] = TRANSLATE_COMMA($_CONFIG['wernis_min_withdraw']);
+       $content['min_points'] = TRANSLATE_COMMA(getConfig('wernis_min_withdraw'));
        $content['wds66_id']   = "";
 
        // Add fees to array
        WERNIS_ADD_FEES_TO_ARRAY($content);
 
        // Get WDS66 id
-       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
                array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Are there some entries?
@@ -201,41 +201,35 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
        if (empty($_POST['wds66_id'])) {
                // Nothing entered in WDS66 user ID
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_USERNAME);
-               OUTPUT_HTML("<br />");
        } elseif (empty($_POST['wds66_password'])) {
                // Nothing entered in WDS66 password
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_PASSWORD);
-               OUTPUT_HTML("<br />");
        } elseif (empty($_POST['amount'])) {
                // Nothing entered in amount
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_EMPTY_AMOUNT);
-               OUTPUT_HTML("<br />");
        } elseif ($_POST['wds66_id'] != bigintval($_POST['wds66_id'])) {
                // Only numbers in account ID!
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_USERNAME);
-               OUTPUT_HTML("<br />");
        } elseif ($_POST['amount'] != bigintval($_POST['amount'])) {
                // Only numbers in amount!
                LOAD_TEMPLATE("admin_settings_saved", false, WERNIS_MEMBER_INVALID_AMOUNT);
-               OUTPUT_HTML("<br />");
        } else {
                // Check input data depending on the mode and execute the requested mode
                switch ($_GET['mode']) {
                        case "withdraw": // Widthdraws WDS66 -> This exchange
-                               if ($_POST['amount'] < $_CONFIG['wernis_min_withdraw']) {
+                               if ($_POST['amount'] < getConfig('wernis_min_withdraw')) {
                                        // Not enougth entered!
-                                       LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval($_CONFIG['wernis_min_withdraw'])));
-                                       OUTPUT_HTML("<br />");
+                                       LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval(getConfig('wernis_min_withdraw'))));
                                } else {
                                        // All is fine here so do the withdraw
                                        $success = WERNIS_EXECUTE_WITHDRAW($_POST['wds66_id'], md5($_POST['wds66_password']), $_POST['amount']);
                                        if ($success) {
                                                // Add it to this amount
-                                               unset($DEPTH);
+                                               unset($GLOBALS['ref_level']);
                                                ADD_POINTS_REFSYSTEM("wernis_withdraw", $GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
 
                                                // Update the user data as well..
-                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+                                               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
                                                        array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
 
                                                // All done!
@@ -244,24 +238,20 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
                                        } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed")) {
                                                // Wrong login data
                                                LOAD_TEMPLATE("admin_settings_saved", false, GET_WERNIS_ERROR_MESSAGE());
-                                               OUTPUT_HTML("<br />");
                                        } else {
                                                // Something went wrong
                                                LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
-                                               OUTPUT_HTML("<br />");
                                        }
                                }
                                break;
 
                        case "payout": // Payout this exchange -> WDS66
-                               if ($_POST['amount'] < $_CONFIG['wernis_min_payout']) {
+                               if ($_POST['amount'] < getConfig('wernis_min_payout')) {
                                        // Not enougth entered!
-                                       LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval($_CONFIG['wernis_min_payout'])));
-                                       OUTPUT_HTML("<br />");
+                                       LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_AMOUNT_SMALLER_MIN, bigintval(getConfig('wernis_min_payout'))));
                                } elseif ($_POST['amount'] > $points) {
                                        // Not enougth points left!
                                        LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_PAYOUT_POINTS_DEPLETED, bigintval($_POST['amount']), bigintval($points)));
-                                       OUTPUT_HTML("<br />");
                                } else {
                                        // All is fine here so do the withdraw
                                        $success = WERNIS_EXECUTE_PAYOUT($_POST['wds66_id'], $_POST['amount']);
@@ -270,7 +260,7 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
                                                SUB_POINTS("wernis_payout", $GLOBALS['userid'], $_POST['amount']);
 
                                                // Update WDS66 id
-                                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
+                                               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
                                                        array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
 
                                                // All done!
@@ -279,11 +269,9 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) {
                                        } elseif ((GET_WERNIS_ERROR_CODE() == "user_failed") || (GET_WERNIS_ERROR_CODE() == "own_failed") || (GET_WERNIS_ERROR_CODE() == "amount_failed") || (GET_WERNIS_ERROR_CODE() == "api_amount_failed")) {
                                                // Wrong login data
                                                LOAD_TEMPLATE("admin_settings_saved", false, GET_WERNIS_ERROR_MESSAGE());
-                                               OUTPUT_HTML("<br />");
                                        } else {
                                                // Something went wrong
                                                LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_WITHDRAW_FAILED, GET_WERNIS_ERROR_MESSAGE()));
-                                               OUTPUT_HTML("<br />");
                                        }
                                }
                                break;