X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-payout.php;h=a95a8777350ea991e01206103962da1875b5b8ab;hp=7c45d6a89ebc61c02d1197cc429af94140745e86;hb=3daede4c904e23905c3e48dd6749019deca0a0e0;hpb=dbe2ba98497898c45b840e651a43a39969e1bab0

diff --git a/inc/modules/member/what-payout.php b/inc/modules/member/what-payout.php
index 7c45d6a89e..a95a877735 100644
--- a/inc/modules/member/what-payout.php
+++ b/inc/modules/member/what-payout.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	// Don't call this directly!
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
@@ -40,27 +40,31 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
 	// Not logged in
 	LOAD_URL("modules.php?module=index");
 } elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
-	// Extension "payout" is not active
-	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
+	addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
 	return;
 }
 
 // Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
 
 $result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
 $TPTS = 0;
-while (list($lvl, $per) = SQL_FETCHROW($result_depths))
-{
-	// Load referral points
-	$result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%s LIMIT 1",
-	 array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result_points) == 1)
-	{
+while (list($lvl, $per) = SQL_FETCHROW($result_depths)) {
+	// Load referal points
+	$result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%d LIMIT 1",
+		array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
+
+	// Entry found?
+	if (SQL_NUMROWS($result_points) == 1) {
+		// Load points
 		list($points) = SQL_FETCHROW($result_points);
-		SQL_FREERESULT($result_points);
+
+		// Add them to total
 		$TPTS += $points;
 	}
+
+	// Free result
+	SQL_FREERESULT($result_points);
 }
 
 // Free memory
@@ -81,7 +85,7 @@ if (empty($_GET['payout']))
 	$result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
 FROM "._MYSQL_PREFIX."_payout_types
 WHERE %s >= min_points
-ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
+ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__);
 	if (SQL_NUMROWS($result) > 0)
 	{
 		// Free memory
@@ -102,8 +106,7 @@ ORDER BY p.payout_timestamp DESC",
 			while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts))
 			{
 				// Translate status
-				$evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";";
-				eval($evl);
+				$status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).'');
 				$status = "<FONT class=\"member_failed\">".$status."</FONT>";
 
 				// Nothing entered must be secured in member/what-payputs.php !
@@ -184,7 +187,7 @@ ORDER BY p.payout_timestamp DESC",
 		define('PAYOUT_MAX_VALUE' , $max);
 		define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
 
-		if (str_replace(",", ".", $TPTS) >= $min)
+		if (REVERT_COMMA($TPTS) >= $min)
 		{
 			// Ok, he can get be paid
 			if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
@@ -193,14 +196,14 @@ ORDER BY p.payout_timestamp DESC",
 				define('PAYOUT_POINTS_VALUE', $PAYOUT);
 
 				// Subtract points from member's account
-				SUB_POINTS($GLOBALS['userid'], $PAYOUT);
+				SUB_POINTS("payout", $GLOBALS['userid'], $PAYOUT);
 
 				// Add entry to his tranfer history
 				if ($allow == "Y")
 				{
 					// Banner/textlink ordered
-					$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
-VALUES (%s, %s, %s, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
+					SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
+VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')",
  array(
 	$GLOBALS['userid'],
 	bigintval($_POST['payout']),
@@ -211,21 +214,21 @@ VALUES (%s, %s, %s, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
 ), __FILE__, __LINE__);
 
 					// Load templates
-					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
+					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']);
 					if (GET_EXT_VERSION("admins") >= "0.4.1")
 					{
 						$adm_tpl = "admin_payout_request_banner";
 					}
 					 else
 					{
-						$msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
+						$msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']);
 					}
 				}
 				 else
 				{
 					// e-currency payout requested
-					$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%s, %s, %s, '%s', %s, UNIX_TIMESTAMP(), 'NEW', '%s')",
+					SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
  array(
 	$GLOBALS['userid'],
 	bigintval($_POST['payout']),
@@ -236,8 +239,8 @@ VALUES (%s, %s, %s, '%s', %s, UNIX_TIMESTAMP(), 'NEW', '%s')",
 ), __FILE__, __LINE__);
 
 					// Load templates
-					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
-					$msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
+					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']);
+					$msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']);
 					$admin_tpl = "";
 					if (GET_EXT_VERSION("admins") >= "0.4.1")
 					{
@@ -246,8 +249,8 @@ VALUES (%s, %s, %s, '%s', %s, UNIX_TIMESTAMP(), 'NEW', '%s')",
 				}
 
 				// Generate task
-				$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %s)",
+				SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
+VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] ".PAYOUT_REQUEST_ADMIN."','%s', UNIX_TIMESTAMP(), %s)",
  array(
 	$msg_adm,
 	$GLOBALS['userid']
@@ -257,7 +260,7 @@ VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s',
 				SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
 
 				// To admin(s)
-				SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
+				SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, array(), $GLOBALS['userid']);
 
 				// Load template and output it
 				LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);