X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-payout.php;h=a95a8777350ea991e01206103962da1875b5b8ab;hp=d85b830acae8fde6d0aca23b5d2db8d1bb9133d5;hb=3daede4c904e23905c3e48dd6749019deca0a0e0;hpb=4d6226782aa4ba157dca8c3891412ba50159481f

diff --git a/inc/modules/member/what-payout.php b/inc/modules/member/what-payout.php
index d85b830aca..a95a877735 100644
--- a/inc/modules/member/what-payout.php
+++ b/inc/modules/member/what-payout.php
@@ -32,44 +32,46 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	// Don't call this directly!
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
-} elseif (!IS_LOGGED_IN()) {
+} elseif (!IS_MEMBER()) {
 	// Not logged in
-	LOAD_URL(URL."/modules.php?module=index");
+	LOAD_URL("modules.php?module=index");
 } elseif ((!EXT_IS_ACTIVE("payout")) && (!IS_ADMIN())) {
-	// Extension "payout" is not active
-	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
+	addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "payout");
 	return;
 }
 
 // Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
 
 $result_depths = SQL_QUERY("SELECT level, percents FROM "._MYSQL_PREFIX."_refdepths ORDER BY level", __FILE__, __LINE__);
-$TPTS = "0";
-while (list($lvl, $per) = SQL_FETCHROW($result_depths))
-{
-	// Load referral points
-	$result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%d AND ref_depth=%d LIMIT 1",
-	 array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
-	if (SQL_NUMROWS($result_points) == 1)
-	{
-		list($POINTS) = SQL_FETCHROW($result_points);
-		SQL_FREERESULT($result_points);
-		$TPTS += $POINTS;
+$TPTS = 0;
+while (list($lvl, $per) = SQL_FETCHROW($result_depths)) {
+	// Load referal points
+	$result_points = SQL_QUERY_ESC("SELECT points FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=%d LIMIT 1",
+		array($GLOBALS['userid'], bigintval($lvl)), __FILE__, __LINE__);
+
+	// Entry found?
+	if (SQL_NUMROWS($result_points) == 1) {
+		// Load points
+		list($points) = SQL_FETCHROW($result_points);
+
+		// Add them to total
+		$TPTS += $points;
 	}
+
+	// Free result
+	SQL_FREERESULT($result_points);
 }
 
 // Free memory
 SQL_FREERESULT($result_depths);
 
-$result = SQL_QUERY_ESC("SELECT used_points FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
-list($USED) = SQL_FETCHROW($result);
-SQL_FREERESULT($result);
+// Get used points
+$USED = GET_TOTAL_DATA($GLOBALS['userid'], "user_data", "used_points");
 
 // Translate point into comma
 $TPTS = TRANSLATE_COMMA($TPTS - $USED);
@@ -82,8 +84,8 @@ if (empty($_GET['payout']))
 	// Load payout types
 	$result = SQL_QUERY_ESC("SELECT id, type, rate, min_points, allow_url
 FROM "._MYSQL_PREFIX."_payout_types
-WHERE %d >= min_points
-ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
+WHERE %s >= min_points
+ORDER BY type", array(REVERT_COMMA($TPTS)), __FILE__, __LINE__);
 	if (SQL_NUMROWS($result) > 0)
 	{
 		// Free memory
@@ -94,7 +96,7 @@ ORDER BY type", array(str_replace(",", ".", $TPTS)), __FILE__, __LINE__);
 FROM "._MYSQL_PREFIX."_user_payouts AS p
 LEFT JOIN "._MYSQL_PREFIX."_payout_types AS t
 ON p.payout_id = t.id
-WHERE p.userid = %d
+WHERE p.userid = %s
 ORDER BY p.payout_timestamp DESC",
 		 array($GLOBALS['userid']), __FILE__, __LINE__);
 		if (SQL_NUMROWS($result_payouts) > 0)
@@ -104,12 +106,11 @@ ORDER BY p.payout_timestamp DESC",
 			while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts))
 			{
 				// Translate status
-				$evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";";
-				eval($evl);
+				$status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).'');
 				$status = "<FONT class=\"member_failed\">".$status."</FONT>";
 
 				// Nothing entered must be secured in member/what-payputs.php !
-				if ($allow == 'Y')
+				if ($allow == "Y")
 				{
 					// Banner/Textlink views/clicks request
 					if (!empty($banner))
@@ -162,7 +163,7 @@ ORDER BY p.payout_timestamp DESC",
  else
 {
 	// Chedk if he can get paid by selected type
-	$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%d LIMIT 1",
+	$result = SQL_QUERY_ESC("SELECT type, rate, min_points, allow_url FROM "._MYSQL_PREFIX."_payout_types WHERE id=%s LIMIT 1",
 	 array(bigintval($_GET['payout'])), __FILE__, __LINE__);
 
 	if (SQL_NUMROWS($result) == 1)
@@ -186,7 +187,7 @@ ORDER BY p.payout_timestamp DESC",
 		define('PAYOUT_MAX_VALUE' , $max);
 		define('PAYOUT_TYPE_VALUE', COMPILE_CODE($type));
 
-		if (str_replace(",", ".", $TPTS) >= $min)
+		if (REVERT_COMMA($TPTS) >= $min)
 		{
 			// Ok, he can get be paid
 			if ((isset($_POST['ok'])) && ($PAYOUT <= $PAY_MAX) && ($PAYOUT >= $min))
@@ -195,22 +196,14 @@ ORDER BY p.payout_timestamp DESC",
 				define('PAYOUT_POINTS_VALUE', $PAYOUT);
 
 				// Subtract points from member's account
-				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET used_points=used_points+%s WHERE userid=%d LIMIT 1",
-				 array($PAYOUT, $GLOBALS['userid']), __FILE__, __LINE__);
-
-				// Update mediadata as well
-				if (GET_EXT_VERSION("mediadata") >= "0.0.4")
-				{
-					// Update database
-					MEDIA_UPDATE_ENTRY(array("total_points"), "sub", $PAYOUT);
-				}
+				SUB_POINTS("payout", $GLOBALS['userid'], $PAYOUT);
 
 				// Add entry to his tranfer history
-				if ($allow == 'Y')
+				if ($allow == "Y")
 				{
 					// Banner/textlink ordered
-					$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
-VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
+					SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, payout_id, payout_timestamp, status, target_url, link_text, banner_url)
+VALUES (%s,%s,%s, UNIX_TIMESTAMP(), 'NEW','%s','%s','%s')",
  array(
 	$GLOBALS['userid'],
 	bigintval($_POST['payout']),
@@ -221,21 +214,21 @@ VALUES (%d, %d, %d, UNIX_TIMESTAMP(), 'NEW', '%s', '%s', '%s')",
 ), __FILE__, __LINE__);
 
 					// Load templates
-					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", "", $GLOBALS['userid']);
+					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request_banner", array(), $GLOBALS['userid']);
 					if (GET_EXT_VERSION("admins") >= "0.4.1")
 					{
 						$adm_tpl = "admin_payout_request_banner";
 					}
 					 else
 					{
-						$msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", "", $GLOBALS['userid']));
+						$msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request_banner", array(), $GLOBALS['userid']);
 					}
 				}
 				 else
 				{
 					// e-currency payout requested
-					$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
+					SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
  array(
 	$GLOBALS['userid'],
 	bigintval($_POST['payout']),
@@ -246,8 +239,8 @@ VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
 ), __FILE__, __LINE__);
 
 					// Load templates
-					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", "", $GLOBALS['userid']);
-					$msg_adm = addslashes(LOAD_EMAIL_TEMPLATE("admin_payout_request", "", $GLOBALS['userid']));
+					$msg_mem = LOAD_EMAIL_TEMPLATE("member_payout_request", array(), $GLOBALS['userid']);
+					$msg_adm = LOAD_EMAIL_TEMPLATE("admin_payout_request", array(), $GLOBALS['userid']);
 					$admin_tpl = "";
 					if (GET_EXT_VERSION("admins") >= "0.4.1")
 					{
@@ -256,8 +249,8 @@ VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
 				}
 
 				// Generate task
-				$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s', UNIX_TIMESTAMP(), %d)",
+				SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
+VALUES (0, 'NEW','PAYOUT_REQUEST','[payout:] ".PAYOUT_REQUEST_ADMIN."','%s', UNIX_TIMESTAMP(), %s)",
  array(
 	$msg_adm,
 	$GLOBALS['userid']
@@ -267,21 +260,12 @@ VALUES (0, 'NEW', 'PAYOUT_REQUEST', '[payout:] ".PAYOUT_REQUEST_ADMIN."', '%s',
 				SEND_EMAIL($GLOBALS['userid'], PAYOUT_REQUEST_MEMBER, $msg_mem);
 
 				// To admin(s)
-				if (GET_EXT_VERSION("admins") >= "0.4.1")
-				{
-					// Use new method
-					SEND_ADMIN_EMAILS_PRO(PAYOUT_REQUEST_ADMIN, $admin_tpl, "", $GLOBALS['userid']);
-				}
-				 else
-				{
-					// Use old method
-					SEND_ADMIN_EMAILS(PAYOUT_REQUEST_ADMIN, $msg_adm);
-				}
+				SEND_ADMIN_NOTIFICATION(PAYOUT_REQUEST_ADMIN, $admin_tpl, array(), $GLOBALS['userid']);
 
 				// Load template and output it
 				LOAD_TEMPLATE("admin_settings_saved", false, PAYOUT_REQUEST_SENT);
 			}
-			 elseif ($allow == 'Y')
+			 elseif ($allow == "Y")
 			{
 				// Generate banner order form
 				LOAD_TEMPLATE("member_payout_form_banner");