X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-payout.php;h=9b9f607cfc1b827a4d623ae8439336f1c228a6c4;hp=c7eb1fbaf6a3546b89e5fe067497e0851d79cfc7;hb=7eb9da85bfb337997a58a244cb610c97a8d10c13;hpb=60494e212a67fe360bfbb481eb4928480a6f379b diff --git a/inc/modules/member/what-payout.php b/inc/modules/member/what-payout.php index c7eb1fbaf6..9b9f607cfc 100644 --- a/inc/modules/member/what-payout.php +++ b/inc/modules/member/what-payout.php @@ -32,11 +32,11 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { // Don't call this directly! $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} elseif (!IS_LOGGED_IN()) { +} elseif (!IS_MEMBER()) { // Not logged in LOAD_URL("modules.php?module=index"); } elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) { @@ -46,14 +46,14 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { } // Add description as navigation point -ADD_DESCR("member", basename(__FILE__)); +ADD_DESCR("member", __FILE__); $result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__); -$TPTS = "0"; +$TPTS = 0; while (list($lvl, $per) = SQL_FETCHROW($result_depths)) { - // Load referral points - $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth=%d LIMIT 1", + // Load referal points + $result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%d LIMIT 1", array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__); if (SQL_NUMROWS($result_points) == 1) { @@ -66,10 +66,8 @@ while (list($lvl, $per) = SQL_FETCHROW($result_depths)) // Free memory SQL_FREERESULT($result_depths); -$result = SQL_QUERY_ESC("SELECT used_points FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); -list($USED) = SQL_FETCHROW($result); -SQL_FREERESULT($result); +// Get used points +$USED = GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points"); // Translate point into comma $TPTS = TRANSLATE_COMMA($TPTS - $USED); @@ -82,8 +80,8 @@ if (empty($_GET['payout'])) // Load payout types $result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types -WHERE %d >= min_points -ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__); +WHERE %s >= min_points +ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Free memory @@ -94,7 +92,7 @@ ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__); FROM "._MYSQL_PREFIX."_user_payouts AS p LEFT JOIN "._MYSQL_PREFIX."_payout_types AS t ON p.payout_id = t.id -WHERE p.userid = %d +WHERE p.userid = %s ORDER BY p.payout_timestamp DESC", array($GLOBALS['userid']), __FILE__, __LINE__); if (SQL_NUMROWS($result_payouts) > 0) @@ -104,12 +102,11 @@ ORDER BY p.payout_timestamp DESC", while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts)) { // Translate status - $evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";"; - eval($evl); + $status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).''); $status = "".$status.""; // Nothing entered must be secured in member/what-payputs.php ! - if ($allow == 'Y') + if ($allow == "Y") { // Banner/Textlink views/clicks request if (!empty($banner)) @@ -162,7 +159,7 @@ ORDER BY p.payout_timestamp DESC", else { // Chedk if he can get paid by selected type - $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1", array(bigintval($_GET['payout'])), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) @@ -186,7 +183,7 @@ ORDER BY p.payout_timestamp DESC", define('PAYOUT_MAX_VALUE' , $max); define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type)); - if (str_replace(",", ".", $TPTS) >= $min) + if (REVERT_COMMA($TPTS) >= $min) { // Ok, he can get be paid if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min)) @@ -195,22 +192,14 @@ ORDER BY p.payout_timestamp DESC", define('PAYOUT_POINTS_VALUE', $PAYOUT); // Subtract points from member's account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1", - array($PAYOUT, $GLOBALS['userid']), __FILE__, __LINE__); - - // Update mediadata as well - if (GET_EXT_VERSION("mediadata") >= "0.0.4") - { - // Update database - MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $PAYOUT); - } + SUB_POINTS($GLOBALS['userid'], $PAYOUT); // Add entry to his tranfer history - if ($allow == 'Y') + if ($allow == "Y") { // Banner/textlink ordered $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url) -VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')", +VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')", array( $GLOBALS['userid'], bigintval($_POST['payout']), @@ -221,21 +210,21 @@ VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')", ), __FILE__, __LINE__); // Load templates - $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']); + $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']); if (GET_EXT_VERSION("admins") >= "0.4.1") { $adm_tpl = "admin_payout_request_banner"; } else { - $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid'])); + $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']); } } else { // e-currency payout requested $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password) -VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')", +VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')", array( $GLOBALS['userid'], bigintval($_POST['payout']), @@ -246,8 +235,8 @@ VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')", ), __FILE__, __LINE__); // Load templates - $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']); - $msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid'])); + $msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']); + $msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']); $admin_tpl = ""; if (GET_EXT_VERSION("admins") >= "0.4.1") { @@ -257,7 +246,7 @@ VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')", // Generate task $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid) -VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %d)", +VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] ".PAYOUT_REQUEST_ADMIN."','%s', UNIX_TIMESTAMP(), %s)", array( $msg_adm, $GLOBALS['userid'] @@ -267,21 +256,12 @@ VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem); // To admin(s) - if (GET_EXT_VERSION("admins") >= "0.4.1") - { - // Use new method - SEND_ADMIN_EMAILS_PRO(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']); - } - else - { - // Use old method - SEND_ADMIN_EMAILS(PAYOUT_REQUEST_ADMIN, $msg_adm); - } + SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, array(), $GLOBALS['userid']); // Load template and output it LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT); } - elseif ($allow == 'Y') + elseif ($allow == "Y") { // Generate banner order form LOAD_TEMPLATE("member_payout_form_banner");