X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-list_payouts.php;h=5b90adfd9813e838b0b881829d22fa38742623bb;hp=737863132ab7aceaa04cf934894190ff6f74b906;hb=6c763653e88b9d10627e651ca59c7201d4b7d62b;hpb=43885129ac24cee5545a8a5ad51e90aa182fdf46

diff --git a/inc/modules/admin/what-list_payouts.php b/inc/modules/admin/what-list_payouts.php
index 737863132a..5b90adfd98 100644
--- a/inc/modules/admin/what-list_payouts.php
+++ b/inc/modules/admin/what-list_payouts.php
@@ -32,53 +32,47 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 if (!empty($_GET['pid']))
 {
 	// First let's get the member's ID
 	$result = SQL_QUERY_ESC("SELECT userid, target_account, payout_total, payout_timestamp, password FROM "._MYSQL_PREFIX."_user_payouts WHERE id=%s LIMIT 1",
-	 array($_GET['pid']), __FILE__, __LINE__);
+		array($_GET['pid']), __FILE__, __LINE__);
 	list($uid, $tuid, $points, $tstamp, $tpass) = SQL_FETCHROW($result);
 	SQL_FREERESULT($result);
 
 	// Obtain some data
-	if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0))
-	{
+	if (empty($_GET['task']) && (!empty($uid)) && ($uid > 0)) {
 		// Get task ID from database
 		$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE userid=%s AND task_type='PAYOUT_REQUEST' AND task_created='".$tstamp."' LIMIT 1",
-		 array(bigintval($uid)), __FILE__, __LINE__);
+			array(bigintval($uid)), __FILE__, __LINE__);
 		list($task) = SQL_FETCHROW($result);
 		SQL_FREERESULT($result);
-		if (empty($task)) $task = "0";
-
-	}
-	 elseif ((empty($uid)) || ($uid == "0"))
-	{
+		if (empty($task)) $task = 0;
+	} elseif ((empty($uid)) || ($uid == "0")) {
 		// Cannot obtain member ID!
 		LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_FAILED_OBTAIN_USERID);
-	}
-	 else
-	{
+	} else {
 		// Get task ID from URL
 		$task = $_GET['task'];
 	}
-	if ((!empty($task)) && (!empty($uid)) && ($uid > 0))
-	{
+
+	if ((!empty($task)) && (!empty($uid)) && ($uid > 0)) {
 		// Load user's data
-		$result = SQL_QUERY_ESC("SELECT email, sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-		 array(bigintval($uid)), __FILE__, __LINE__);
-		list($email, $sex, $surname, $family) = SQL_FETCHROW($result);
+		$result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+			array(bigintval($uid)), __FILE__, __LINE__);
+		list($email, $gender, $surname, $family) = SQL_FETCHROW($result);
 		SQL_FREERESULT($result);
 
 		// Konstante bauen
-		define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_SEX($sex)." ".$surname." ".$family."</A>");
+		define('PAYOUT_USERDATA_VALUE', "<A href=\"".CREATE_EMAIL_LINK($email, "user_data")."\">".TRANSLATE_GENDER($gender)." ".$surname." ".$family."</A>");
 
 		if (($_GET['do'] == "accept") && (!empty($email)))
 		{
@@ -124,7 +118,7 @@ if (!empty($_GET['pid']))
 						eval($eval);
 
 						// Execute transfer
-						$ret = @file($URL);
+						$ret = GET_URL($URL);
 					}
 					 else
 					{
@@ -134,10 +128,8 @@ if (!empty($_GET['pid']))
 					if ($ret[0] == $eok)
 					{
 						// Clear task
-						if ($task > 0)
-						{
-							$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%s LIMIT 1",
-							 array(bigintval($task)),__FILE__, __LINE__);
+						if ($task > 0) {
+							ADMIN_SOLVE_TASK($task);
 						}
 
 						// Clear payout request
@@ -186,11 +178,9 @@ if (!empty($_GET['pid']))
 			// Ok, now we can output the form or execute rejecting
 			if (isset($_POST['ok']))
 			{
-				if ($task > 0)
-				{
+				if ($task > 0) {
 					// Clear task
-					$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%s LIMIT 1",
-					 array(bigintval($task)), __FILE__, __LINE__);
+					ADMIN_SOLVE_TASK($task);
 				}
 
 				// Clear payout request
@@ -253,17 +243,14 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
 			 else
 			{
 				// Translate status
-				$evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";";
-				eval($evl);
+				$status = constant('PAYOUT_STATUS_'.strtoupper($status).'');
 				$status = "<FONT class=\"admin_failed\">".$status."</FONT>";
 			}
 
 			// Nothing entered must be secured in member/what-payputs.php !
-			if ($allow == "Y")
-			{
+			if ($allow == "Y") {
 				// Banner/Textlink views/clicks request
-				if (!empty($banner))
-				{
+				if (!empty($banner)) {
 					// Prepare array for the banner
 					$content = array(
 						'banner' => $banner,
@@ -273,9 +260,7 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
 
 					// Load template for the banner
 					$account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content);
-				}
-				 else
-				{
+				} else {
 					// Textlink
 					$content = array(
 						'txt_link' => $alt,
@@ -286,9 +271,7 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__);
 
 				// Admins can addionally test the URL for framekillers
 				$bank = "<A href=\"".FRAMETESTER($url)."\" target=\"_blank\">".CLICK_HERE."</A>";
-			}
-			 else
-			{
+			} else {
 				// e-currency payout request
 				if (empty($account)) $account = "---";
 				if (empty($bank))    $bank    = "---";