X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-config_payouts.php;h=0ae20d5a8c915505e29fe71ac8633109566396ff;hp=ef2ee324cd8112c382c029509a6c5c22ae4184c5;hb=3daede4c904e23905c3e48dd6749019deca0a0e0;hpb=75ad748a68473ace540251427a74fb781b1145e9

diff --git a/inc/modules/admin/what-config_payouts.php b/inc/modules/admin/what-config_payouts.php
index ef2ee324cd..0ae20d5a8c 100644
--- a/inc/modules/admin/what-config_payouts.php
+++ b/inc/modules/admin/what-config_payouts.php
@@ -32,27 +32,25 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
-if (!empty($_POST['rate'])) $_POST['rate'] = str_replace(",", ".", $_POST['rate']);
+if (!empty($_POST['rate'])) $_POST['rate'] = REVERT_COMMA($_POST['rate']);
 
-if ((isset($_POST['add'])) && (!empty($_POST['title'])) && ($_POST['rate'] > 0))
-{
+if ((isset($_POST['add'])) && (!empty($_POST['title'])) && ($_POST['rate'] > 0)) {
 	// Add new payout type
 	$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_payout_types WHERE type='%s' LIMIT 1",
-	 array($_POST['title']), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result) == 0)
-	{
+		array($_POST['title']), __FILE__, __LINE__);
+	if (SQL_NUMROWS($result) == 0) {
 		// Add now
-		$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_payout_types
+		SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_payout_types
 (type, rate, min_points, from_account, from_pass, engine_url, engine_ret_ok, engine_ret_failed, pass_enc, allow_url)
-VALUES ('%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
+VALUES ('%s', %d, %d,'%s','%s','%s','%s','%s','%s','%s')",
  array(
 	$_POST['title'],
 	bigintval($_POST['rate']),
@@ -65,15 +63,13 @@ VALUES ('%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
 	$_POST['ytrans'],
 	$_POST['allow_url'],
 ), __FILE__, __LINE__);
-		$msg = "<FONT class=\"admin_done\">".ADMIN_PAYOUT_TYPE_ADDED."</FONT>";
-	}
-	 else
-	{
+		$msg = ADMIN_PAYOUT_TYPE_ADDED;
+	} else {
 		// Free memory
 		SQL_FREERESULT($result);
 
 		// Does already exist
-		$msg = "<FONT class=\"admin_failed\">".ADMIN_PAYOUT_TYPE_ALREADY."</FONT>";
+		$msg = "<div class=\"admin_failed\">".ADMIN_PAYOUT_TYPE_ALREADY."</div>";
 	}
 }
 
@@ -81,45 +77,38 @@ VALUES ('%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
 $result_mem = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_user_payouts WHERE status='NEW' ORDER BY payout_timestamp DESC", __FILE__, __LINE__);
 
 $display = true;
-if ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+if ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0)) {
 	// Edit payout types
-	if ((isset($_GET['ok'])) && ($_GET['ok'] == "ok"))
-	{
+	if ((isset($_GET['ok'])) && ($_GET['ok'] == "ok")) {
 		// Edit entries
-		foreach ($_POST['sel'] as $id=>$sel)
-		{
+		foreach ($_POST['sel'] as $id => $sel) {
 			// Secure ID
 			$id = bigintval($id);
 
 			// Edit only if something is entered
-			if ((!empty($_POST['title'][$id])) && ($_POST['rate'][$id] > 0))
-			{
+			if ((!empty($_POST['title'][$id])) && ($_POST['rate'][$id] > 0)) {
 				// Update entry
-				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_payout_types SET
+				SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_payout_types SET
 type='%s',
-rate=%d,
-min_points=%d,
+rate=%s,
+min_points=%s,
 allow_url='%s'
 WHERE id='".$id."' LIMIT 1",
  array(
 	$_POST['title'][$id],
-	bigintval(str_replace(",", ".", $_POST['rate'][$id])),
-	bigintval(str_replace(",", ".", $_POST['mpoi'][$id])),
+	bigintval(REVERT_COMMA($_POST['rate'][$id])),
+	bigintval(REVERT_COMMA($_POST['mpoi'][$id])),
 	$_POST['allow'][$id],
 ),__FILE__, __LINE__);
 			}
 		}
 		$msg = ADMIN_PAYOUT_ENTRIES_CHANGED;
-	}
-	 else
-	{
+	} else {
 		$display = false; //Suppress any other outputs
 		$SW = 2; $OUT = "";
-		foreach ($_POST['sel'] as $id=>$sel)
-		{
+		foreach ($_POST['sel'] as $id => $sel) {
 			// Load data
-			$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 			 array(bigintval($id)), __FILE__, __LINE__);
 			list($title, $rate, $mpoi, $allow) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -143,31 +132,24 @@ WHERE id='".$id."' LIMIT 1",
 		// Load main template
 		LOAD_TEMPLATE("admin_config_payouts_edit");
 	}
-}
- elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+} elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0)) {
 	// Delete payout types
-	if ($_GET['ok'] == "ok")
-	{
+	if ((isset($_GET['ok'])) && ($_GET['ok'] == "ok")) {
 		// Delete entries
-		foreach ($_POST['sel'] as $id=>$sel)
-		{
-			$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
-			 array(bigintval($id)), __FILE__, __LINE__);
+		foreach ($_POST['sel'] as $id => $sel) {
+			SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
+				array(bigintval($id)), __FILE__, __LINE__);
 		}
 		$msg = ADMIN_PAYOUT_ENTRIES_DELETED;
-	}
-	 else
-	{
+	} else {
 		$display = false; //Suppress any other outputs
 		$SW = 2; $OUT = "";
-		foreach ($_POST['sel'] as $id=>$sel)
-		{
+		foreach ($_POST['sel'] as $id => $sel) {
 			// Secure ID number
 			$id = bigintval($id);
 
 			// Load data
-			$result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT type, rate, min_points FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 			 array($id), __FILE__, __LINE__);
 			list($title, $rate, $mpoi) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -192,8 +174,7 @@ WHERE id='".$id."' LIMIT 1",
 	}
 }
 
-if (!empty($msg))
-{
+if (!empty($msg)) {
 	// Output message
 	LOAD_TEMPLATE("admin_settings_saved", false, $msg);
 }
@@ -201,12 +182,10 @@ if (!empty($msg))
 // Payout types
 $result_type = SQL_QUERY("SELECT id, type, rate, min_points, from_account FROM "._MYSQL_PREFIX."_payout_types ORDER BY type", __FILE__, __LINE__);
 
-if ((SQL_NUMROWS($result_type) > 0) && ($display))
-{
+if ((SQL_NUMROWS($result_type) > 0) && ($display)) {
 	// List all payout types
 	$SW = 2; $OUT = "";
-	while (list($id, $type, $rate, $mpoi, $from) = SQL_FETCHROW($result_type))
-	{
+	while (list($id, $type, $rate, $mpoi, $from) = SQL_FETCHROW($result_type)) {
 		// Prepare data for the row template
 		$content = array(
 			'sw'    => $SW,
@@ -231,17 +210,15 @@ if ((SQL_NUMROWS($result_type) > 0) && ($display))
 }
 
 // Does your members request payouts?
-if ((SQL_NUMROWS($result_mem) > 0) && ($display))
-{
+if ((SQL_NUMROWS($result_mem) > 0) && ($display)) {
 	// Members has requested payouts
 	SQL_FREERESULT($result_mem);
-	OUTPUT_HTML ("<P><A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
-}
- elseif ($display)
-{
+	OUTPUT_HTML("<P><A href=\"".URL."/modules.php?module=admin&amp;what=list_payouts\">".ADMIN_PAYOUT_LIST_REQUESTS."</A></P>");
+} elseif ($display) {
 	// No member requests so far
-	OUTPUT_HTML ("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
+	OUTPUT_HTML("<P><STRONG>".ADMIN_PAYOUT_NO_MEMBER_REQUESTS."</STRONG></P>");
 }
+
 // Add new paypout type
 if ($display) LOAD_TEMPLATE("admin_payout_add_new");