Waraxe IT Security Portal

matthewl · Beginner

Any help would be greatly appreciated! Will send USD$15 via paypal to whoever decodes it first.

Thank you,
Matt

matthewl · Beginner

changing the eval to print gives:

$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000=20888;$O000O0O00=fopen($OOO0O0O00,'rb');while(--$O00O00O00)fgets($O000O0O00,1024);fgets($O000O0O00,4096);
$OO00O00O0=gzuncompress(base64_decode(strtr(fread($O000O0O00,708),'jRpc49Xs+G7KD0x6hOH18AnV3Jv5/wBITQdUPZtgENWukmb2lrFLyzeqiaCSfoMY=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));eval($OO00O00O0);

I'm not quite sure what to do with this.

zerobytes · Valuable expert

[code:1:be0ab67c54]
<?php
###############################################################################
###############################################################################
error_reporting(E_ERROR | E_WARNING | E_PARSE);
if(!ini_get('safe_mode'))set_time_limit(3600);
set_magic_quotes_runtime(0);
ignore_user_abort(true);
###############################################################################
$data['PostSent']=false;
$data['ScriptLoaded']=true;
###############################################################################
$data['Path']=dirname(__FILE__);
if($_SERVER['HTTPS']=='on')$data['Prot']='https';else $data['Prot']='http';
$data['Templates']="{$data['Path']}/templates";
$data['BannersPath']="{$data['Path']}/images/banners";
$data['SinBtnsPath']="{$data['Path']}/images/buttons/single";
$data['DonBtnsPath']="{$data['Path']}/images/buttons/donations";
$data['SubBtnsPath']="{$data['Path']}/images/buttons/subscriptions";
$data['ShopBtnsPath']="{$data['Path']}/images/buttons/shopcart";
if($data['Folder'])$data['Folder']="/{$data['Folder']}";
$data['Addr']="{$_SERVER['REMOTE_ADDR']}";
$data['Host']="{$data['Prot']}://{$_SERVER['HTTP_HOST']}{$data['Folder']}";
$data['Images']="{$data['Host']}/images";
$data['Banners']="{$data['Images']}/banners";
$data['SinBtns']="{$data['Images']}/buttons/single";
$data['DonBtns']="{$data['Images']}/buttons/donations";
$data['SubBtns']="{$data['Images']}/buttons/subscriptions";
$data['ShopBtns']="{$data['Images']}/buttons/shopcart";
$data['Admins']="{$data['Host']}/admins";
$data['Members']="{$data['Host']}/members";
$data['Home']="Location:{$data['Host']}/index.htm";
$data['DbPrefix']="{$data['DbPrefix']}_";
###############################################################################
function get_post(){
global $_POST;
$result=array();
foreach($_POST as $key=>$value)$result[$key]=$value;
reset($_POST);
return $result;
}
###############################################################################
function protect($buffer){
global $data, $_SERVER, $_SESSION;
if($data['ProtectHtml']&&$_SESSION['login'])return encrypt_pages($buffer);
else return $buffer;
}
function prepare($buffer){
return protect($buffer);
}
function show($template){
global $data, $post;
if(file_exists($template))include($template);
else echo("Template \"{$template}\" not found!");
}
function display($path=''){
global $data;
ob_start('prepare');
if($path)$path="/{$path}";
show("{$data['Templates']}{$path}/template.header.htm");
show("{$data['Templates']}{$path}/template.{$data['PageFile']}.htm");
show("{$data['Templates']}{$path}/template.footer.htm");
ob_end_flush();
}
function showpage($template){
global $data;
ob_start('prepare');
show("{$data['Templates']}/{$template}");
ob_end_flush();
}
function showmenu($mode, $path=''){
global $data;
$data['mode']=$mode;
if($path)$path="/{$path}";
show("{$data['Templates']}{$path}/template.menu.htm");
}
function showbanner(){
global $data;
show("{$data['Templates']}/template.banners.htm");
}
###############################################################################
$data['cid']=null;
function db_connect(){
global $data;
$data['cid']=@mysql_connect(
$data['Hostname'], $data['Username'], $data['Password']
);
if(!$data['cid']){
echo(
''.mysql_error().
". Please contact to site administrator <a href=\"mailto:{$data['AdminEmail']}\">".
"{$data['AdminEmail']}</a>."
);
exit;
}
@mysql_select_db($data['Database'], $data['cid']);
return (bool)$data['cid'];
}
function db_disconnect(){
global $data;
return (bool)@mysql_close($data['cid']);
}
function db_query($statement,$print=false){
global $data;
if($print) echo("-->{$statement}<-- ");
return @mysql_query($statement, $data['cid']);
}
function newid(){
global $data;
return @mysql_insert_id($data['cid']);
}
function db_count($result){
return (int)@mysql_num_rows($result);
}
function db_rows($statement,$print=false) {
$result=array();
if($print) echo("-->{$statement}<-- ");
$query=db_query($statement);
$count=db_count($query);
for($i=0;$i<$count;$i++){
$record=@mysql_fetch_array($query, MYSQL_ASSOC);
foreach($record as $key=>$value)$result[$i][$key]=$value;
}
return $result;
}
###############################################################################
function verify_email($email){
return !(bool)ereg("^.+@.+\\..+$", $email);
}
function verify_username($username){
return !(bool)ereg("^[a-zA-Z0-9]+$", $username);
}
function gencode(){
global $data;
list($usec, $sec)=explode(' ', microtime());
$rand=(float)$sec+((float)$usec*100000);
srand($rand);
if($data['TuringNumbers']){
return (string)rand(pow(10, $data['TuringSize']-1), pow(10, $data['TuringSize'])-1);
}else{
return strtoupper(substr(md5(rand()), rand(1, 26), $data['TuringSize']));
}
}
function around($amount){
return sprintf('%6.2f', $amount);
}
function encode($number, $size){
$result='';
$length=strlen($number);
for($i=0;$i<$length-$size;$i++)$result.='X';
return $result.substr($number, $length-$size, $length);
}
function is_changed($number){
return (bool)ereg("^[0-9]+$", $number);
}
function is_number($text){
if(!is_changed($text))return true;
return (bool)is_changed($text);
}
function showselect($values, $current=null){
$result='';
foreach($values as $key=>$value){
$result.=
"<option value=\"{$key}\"".
($current!=null?($current==$key?' selected':''):'').
">{$value}</option>"
;
}
return $result;
}
function read_csv( $filename, $break) {
if ( $file=fopen($filename,'r') ) {
while ($content[]=fgetcsv($file,1024,$break));
fclose($file);
array_pop($content);
return $content;
}
}
###############################################################################
function prndate($date){
global $data;
if($date=='0000-00-00 00:00:00')return '---';
else return date($data['DateFormat'], strtotime($date));
}
function prnintg($number){
return number_format($number, 0, '', ',');
}
function prnsum($sum){
return (float)str_replace(',', '', $sum);
}
function prnsumm($summ){
global $data;
$summ=str_replace(',', '.', $summ);
return number_format(($summ>0?$summ:-$summ), $data['CurrSize'], '.', ',');
}
function prnpays($summ, $splus=true){
global $data;
if($summ<0)$color='red';else $color='green';
return
"".
($summ>=0?($splus?'+':''):'-').$data['Currency'].prnsumm($summ).
''
;
}
function prnfees($summ){
return $summ!=0?prnpays($summ):'---';
}
function prntext($text){
$search = array ('@<script[^>]*?>.*?</script>@si',
'@<[\/\!]*?[^<>]*?>@si',
'@([\r\n])[\s]+@',
'@&(quot|#34);@i',
'@&(amp|#38);@i',
'@&(lt|#60);@i',
'@&(gt|#62);@i',
'@&(nbsp|#160);@i',
'@&(iexcl|#161);@i',
'@&(cent|#162);@i',
'@&(pound|#163);@i',
'@&(copy|#169);@i',
'@&#(\d+);@e');
$replace = array ('',
'',
'\1',
'"',
'&',
'<',
'>',
' ',
chr(161),
chr(162),
chr(163),
chr(169),
'chr(\1)');
return preg_replace($search, $replace, $text);
}
function balance($summ){
return prnpays($summ, false);
}
function prnuser($uid){
if($uid>0)return get_member_username($uid);
else return 'system';
}
function get_files_list($path){
$result=array();
if(@file_exists($path)){
$handle=@opendir($path);
while(($file=@readdir($handle))!==false){
if($file!='.'&&$file!='..'){
$x=strtolower(substr($file, -4));
if($x&&$x=='.jpg'||$x=='.gif'||$x=='.png')$result[]="{$file}";
}
}
}
return $result;
}
function get_html_templates(){
global $data;
$result=array('0'=>'--');
if(@file_exists($data['Templates'])){
$handle=@opendir($data['Templates']);
while(($file=@readdir($handle))!==false){
if($file!='.'&&$file!='..'){
$x=strtolower(substr($file, -4));
if($x&&$x=='.htm')$result[$file]="{$file}";
}
}
}
return $result;
}
###############################################################################
function send_email($key, $post){
global $data;
$template=db_rows(
"SELECT `name`,`value` FROM `{$data['DbPrefix']}emails`".
" WHERE `key`='{$key}'"
);
$text=$template[0]['value'];
$subject=$template[0]['name'];
if($post['username']){
$text=str_replace('[username]', $post['username'], $text);
$text=str_replace('[usersite]', "{$data['Host']}/?rid={$post['username']}", $text);
}
if($post['password'])$text=str_replace('[password]', $post['password'], $text);
if($post['fullname'])$text=str_replace('[fullname]', $post['fullname'], $text);
if($post['emailadr'])$text=str_replace('[emailadr]', $post['emailadr'], $text);
if($post['buyer'])$text=str_replace('[buyeradr]', $post['buyer'], $text);
if($post['product'])$text=str_replace('[product]', $post['product'], $text);
if($post['ccode'])$text=str_replace('[confcode]', $post['ccode'], $text);
if($post['chash'])$text=str_replace('[confhash]', $post['chash'], $text);
if($post['comments'])$text=str_replace('[comments]', $post['comments'], $text);
else $text=str_replace('[comments]', '---', $text);
if($post['uid'])$text=str_replace('[uid]', $post['uid'], $text);
$text=str_replace('[emailpage]', "{$data['Host']}/members/verifemail.htm", $text);
$text=str_replace('[email]', $post['email'], $text);
$text=str_replace('[sitename]', $data['SiteName'], $text);
$text=str_replace('[hostname]', $data['Host'], $text);
$text=str_replace('[singpage]', "{$data['Members']}/signup.htm", $text);
$text=str_replace('[confpage]', "{$data['Members']}/confirm.htm", $text);
$text=str_replace('[lognpage]', "{$data['Members']}/login.htm", $text);
$text=str_replace('[amount]', $data['Currency'].($post['amount']-$post['fees']), $text);
$header="From: {$data['AdminEmail']}\nReturn-Path: {$data['AdminEmail']}\n";
return @mail($post['email'], stripslashes($subject), stripslashes($text), $header);
}
function send_mass_email($subject, $message, $active=-1){
global $data;
$header="From: {$data['AdminEmail']}\nReturn-Path: {$data['AdminEmail']}\n";
$members=db_rows(
'SELECT `username`,`email`,`fname`,`lname`'.
" FROM `{$data['DbPrefix']}members`".
($active<0?'':" WHERE `active`={$active}")
);
foreach($members as $value){
mail($value['email'], $subject, $message, $header);
}
}
###############################################################################
function use_curl($href, $post=null){
$handle=curl_init();
curl_setopt($handle, CURLOPT_URL, $href);
if($post){
if($post){
curl_setopt($handle, CURLOPT_POST, 1);
curl_setopt($handle, CURLOPT_POSTFIELDS, $post);
}
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($handle, CURLOPT_TIMEOUT, 90);
}
$result=curl_exec($handle);
curl_close($handle);
return $result;
}
function autorize($uid, $post){
global $data;
$query=array();
array_push($query, 'x_ADC_Delim_Data=TRUE');
array_push($query, 'x_ADC_URL=FALSE');
array_push($query, 'x_Address='.urlencode($post['address']));
array_push($query, 'x_Amount='.urlencode($post['total']));
array_push($query, 'x_Card_Code='.urlencode($post['ccvv']));
array_push($query, 'x_Card_Num='.urlencode($post['cnumber']));
array_push($query, 'x_City='.urlencode($post['city']));
array_push($query, 'x_Company='.urlencode($post['company']));
array_push($query, 'x_Country='.urlencode($post['country']));
array_push($query, 'x_Cust_ID='.urlencode(get_member_username($uid)));
array_push($query, 'x_Customer_IP='.urlencode($_SERVER['REMOTE_ADDR']));
array_push($query, 'x_Customer_Organization_Type='.urlencode((strlen($post['company'])>0)?'B':'I'));
array_push($query, 'x_Description='.urlencode('Deposit to my account from Authorize.Net'));
array_push($query, 'x_Email='.urlencode($post['email']));
array_push($query, 'x_Exp_Date='.urlencode("{$post['cmonth']}/{$post['cyear']}"));
array_push($query, 'x_First_Name='.urlencode($post['fname']));
array_push($query, 'x_Last_Name='.urlencode($post['lname']));
array_push($query, 'x_Method=CC');
array_push($query, "x_Login={$data['DepositMethod']['autorize']['user']}");
array_push($query, "x_Password={$data['DepositMethod']['autorize']['pswd']}");
array_push($query, 'x_Phone='.urlencode($post['phone']));
array_push($query, 'x_Recurring_Billing=FALSE');
array_push($query, 'x_State='.urlencode($post['state']));
array_push($query, 'x_Tax_Exempt=TRUE');
array_push($query, 'x_Trans_ID=1');
array_push($query, 'x_Type=AUTH_CAPTURE');
array_push($query, 'x_Version=3.1');
array_push($query, 'x_Zip='.urlencode($post['zip']));
$query=implode('&', $query);
$cid=curl_init('https://secure.authorize.net/gateway/transact.dll');
curl_setopt($cid, CURLOPT_POST, 1);
curl_setopt($cid, CURLOPT_POSTFIELDS, $query);
curl_setopt($cid, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($cid, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cid, CURLOPT_TIMEOUT, 90);
$result=curl_exec($cid);
curl_close($cid);
$rarray=array();
$rarray=explode(',', $result);
$result='Credit card transaction was denied.';
switch($rarray[0]){
case 1: $result='--DONE--';
case 2: $result='Credit card transaction was denied.';
case 3: $result="An error occurred while trying to process your information. {$rarray[3]}";
}
return $result;
}
###############################################################################
function is_user_available($username){
global $data;
$confirms=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}confirms`".
" WHERE(`newuser`='{$username}') LIMIT 1"
);
$members=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE(`username`='{$username}') LIMIT 1"
);
return (bool)(!$confirms&&!$members);
}
function is_mail_available($email){
global $data;
$confirms=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}confirms`".
" WHERE(`newmail`='{$email}') LIMIT 1"
);
$members=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE(`email`='{$email}') LIMIT 1"
);
$emails=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}member_emails`".
" WHERE(`email`='{$email}') LIMIT 1"
);
return (bool)(!$confirms&&!$members&&!$emails);
}
function create_confirmation(
$newuser, $newpass, $newques, $newansw, $newmail,
$newfname, $newlname, $newcompany, $newregnum, $newdrvnum, $newaddress,
$newcity, $newcountry, $newstate, $newzip, $newphone, $newfax,
$sponsor=0
){
global $data;
$result=gencode();
$sponsor=($sponsor?$sponsor:0);
db_query(
"INSERT INTO `{$data['DbPrefix']}confirms`(".
'`newuser`,`newpass`,`newquestion`,`newanswer`,`newmail`,'.
($data['UseExtRegForm']?
'`newfname`,`newlname`,`newcompany`,`newregnum`,`newdrvnum`,`newaddress`,'.
'`newcity`,`newcountry`,`newstate`,`newzip`,`newphone`,`newfax`,':''
).
'`sponsor`,`confirm`'.
')VALUES('.
"'{$newuser}','{$newpass}','{$newques}','{$newansw}','{$newmail}',".
($data['UseExtRegForm']?
"'{$newfname}','{$newlname}','{$newcompany}','{$newregnum}','{$newdrvnum}',".
"'{$newaddress}','{$newcity}','{$newcountry}','{$newstate}','{$newzip}',".
"'{$newphone}','{$newfax}',":''
).
"{$sponsor},'{$result}'".
')'
);
$post['ccode']=$result;
$post['email']=$newmail;
$post['chash']=strtoupper(md5($post['ccode'].'|'.$post['email']));
send_email('CONFIRM-TO-MEMBER', $post);
}
function select_confirmation($ccode, $email, $chash=''){
global $data;
if(isset($chash)&&!empty($chash)){
$query="WHERE MD5(CONCAT(`confirm`,'|',`newmail`))='{$chash}'";
}else{
$query="WHERE(`confirm`='{$ccode}' AND `newmail`='{$email}')";
}
$confirm=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}confirms` {$query} LIMIT 1"
);
return $confirm[0]['id'];
}
function select_email_confirmation($ccode, $email, $chash=''){
global $data;
if(isset($chash)&&!empty($chash)){
$query="WHERE MD5(CONCAT(`confirm`,'|',`email`))='{$chash}'";
}else{
$query="WHERE(`confirm`='{$ccode}' AND `email`='{$email}')";
}
$confirm=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}member_emails` {$query} LIMIT 1"
);
return $confirm[0]['id'];
}
function update_confirmation($cid){
global $data;
db_query(
"DELETE FROM `{$data['DbPrefix']}confirms`".
' WHERE(TO_DAYS(NOW())-TO_DAYS(`cdate`)>=2)'
);
$confirm=db_rows('SELECT'. '`id`,`newuser`,`newpass`,`newquestion`,`newanswer`,`newmail`,'. ($data['UseExtRegForm']? '`newfname`,`newlname`,`newcompany`,`newregnum`,`newdrvnum`,`newaddress`,'. '`newcity`,`newcountry`,`newstate`,`newzip`,`newphone`,`newfax`,':'' ). '`sponsor`'. " FROM `{$data['DbPrefix']}confirms` WHERE(`id`='{$cid}')");
$confirm=$confirm[0];
foreach($confirm as $key=>$value){
$confirm[$key] = @addslashes($value);
}
db_query(
"INSERT INTO `{$data['DbPrefix']}members`(".
'`sponsor`,`username`,`password`,`email`,`question`,`answer`,'.
($data['UseExtRegForm']?
'`fname`,`lname`,`company`,`regnum`,`drvnum`,`address`,'.
'`city`,`country`,`state`,`zip`,`phone`,`fax`,':''
).
'`active`,`empty`,`cdate`'.
')VALUES('.
"{$confirm['sponsor']},'{$confirm['newuser']}','{$confirm['newpass']}','{$confirm['email']}',".
"'{$confirm['newquestion']}','{$confirm['newanswer']}',".
($data['UseExtRegForm']?
"'{$confirm['newfname']}','{$confirm['newlname']}','{$confirm['newcompany']}',".
"'{$confirm['newregnum']}','{$confirm['newdrvnum']}','{$confirm['newaddress']}',".
"'{$confirm['newcity']}','{$confirm['newcountry']}','{$confirm['newstate']}',".
"'{$confirm['newzip']}','{$confirm['newphone']}','{$confirm['newfax']}',":''
).
'1,'.($data['UseExtRegForm']?'0':'1').",'".date('Y-m-d H:i:s')."')"
);
$code=gencode();
$receiver=newid();
db_query("INSERT INTO `{$data['DbPrefix']}member_emails`
(`owner`,`email`,`active`,`primary`) VALUES
('{$receiver}','{$confirm['newmail']}',1,1)
");
db_query(
"DELETE FROM `{$data['DbPrefix']}confirms`".
" WHERE(`id`={$confirm['id']})"
);
if($data['SignupBonus']){
transaction(
-1,
$receiver,
$data['SignupBonus'],
0,
4,
1,
'Signup Bonus'
);
}
$post['username']=$confirm['newuser'];
$post['password']=$confirm['newpass'];
$post['email']=$confirm['newmail'];
send_email('SIGNUP-TO-MEMBER', $post);
if($data['ReferralPays']){
$post['email']=get_member_email($confirm['sponsor']);
send_email('DOWNLINE-CHANGE', $post);
}
$tmpays=get_unreg_member_pay($receiver,'RECEIVER');
if($tmpays[0]) update_unreg_member_pays($receiver);
}
function update_email_confirmation($eid){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}member_emails`".
" SET `confirm`='', `status`=2".
" WHERE `id`={$eid}"
);
}
function get_members_count($active=0){
global $data;
$result=db_rows(
'SELECT COUNT(`id`) AS `count`'.
" FROM `{$data['DbPrefix']}members`".
" WHERE `active`={$active}".
' LIMIT 1'
);
return $result[0]['count'];
}
function get_members_list($active=0, $start=0, $count=0, $online=false){
global $data;
$limit=($start?($count?" LIMIT {$start},{$count}":" LIMIT {$start}"):
($count?" LIMIT {$count}":''));
$members=db_rows(
"SELECT * FROM `{$data['DbPrefix']}members`".
" WHERE `active`={$active}".($online?' AND (UNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(`adate`)<1800)':'').
" ORDER BY `username` ASC{$limit}"
);
$result=array();
foreach($members as $key=>$value){
$result[$key]=$value;
$trans=db_rows(
'SELECT COUNT(`id`) AS `count`'.
" FROM `{$data['DbPrefix']}transactions`".
" WHERE `sender`={$result[$key]['id']}".
" OR `receiver`={$result[$key]['id']} LIMIT 1"
);
$result[$key]['transactions']=$trans[0]['count'];
$result[$key]['candelete']=$trans[0]['count']<2;
$result[$key]['email']=get_member_email($result[$key]['id'],true,true);
if($result[$key]['sponsor']){
$result[$key]['sname']=
get_member_username($result[$key]['sponsor']).' ('.
get_member_email($result[$key]['sponsor'],true,true).')'
;
}else $result[$key]['sname']='N/A';
}
return $result;
}
function get_members_count_where_pred($where_pred){
global $data;
$result=db_rows(
'SELECT COUNT(`id`) AS `count`'.
" FROM `{$data['DbPrefix']}members`".
" WHERE $where_pred ".
' LIMIT 1'
);
return $result[0]['count'];
}
function get_members_list_where_pred($start=0, $count=0, $where_pred){
global $data;
$limit=($start?($count?" LIMIT {$start},{$count}":" LIMIT {$start}"):
($count?" LIMIT {$count}":''));
$members=db_rows(
"SELECT * FROM `{$data['DbPrefix']}members`".
" WHERE $where_pred ".
" ORDER BY `username` ASC{$limit}"
);
$result=array();
foreach($members as $key=>$value){
$result[$key]=$value;
$trans=db_rows(
'SELECT COUNT(`id`) AS `count`'.
" FROM `{$data['DbPrefix']}transactions` ".
" WHERE `sender`={$result[$key]['id']}".
" OR `receiver`={$result[$key]['id']} LIMIT 1"
);
$result[$key]['transactions']=$trans[0]['count'];
$result[$key]['candelete']=$trans[0]['count']==0;
if($result[$key]['sponsor']){
$result[$key]['sname']=
get_member_username($result[$key]['sponsor']).' ('.
get_member_email($result[$key]['sponsor']).')'
;
}else $result[$key]['sname']='N/A';
}
return $result;
}
function get_member_id($username, $password='', $where=''){
global $data;
$result=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE (`username`='{$username}' OR `email`='{$username}')".
($password?" AND `password`='{$password}'":'').
($where?" AND $where":'').' LIMIT 1'
);
if(!$result){
$result=db_rows(
"SELECT `owner` as `id` FROM `{$data['DbPrefix']}member_emails`".
" WHERE `email`='{$username}' LIMIT 1"
);
if($result&&($password||$where)){
$result=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$result[0]['id']}".
($password?" AND `password`='{$password}'":'').
($where?" AND $where":'').' LIMIT 1'
);
}
}
return $result[0]['id'];
}
function get_member_email($uid, $primary=false, $confirmed=true){
global $data;
$result=db_rows(
"SELECT `email` FROM `{$data['DbPrefix']}member_emails`".
" WHERE `owner`={$uid}".
($primary?" AND `primary`='{$primary}'":'').
($confirmed?" AND `active`='{$confirmed}'":'').
' ORDER BY `primary` DESC'
);
return $result[0]['email'];
}
function count_member_emails($uid, $primary=false, $confirmed=true) {
global $data;
$result=db_rows(
'SELECT COUNT(`email`) AS `count`'.
" FROM `{$data['DbPrefix']}member_emails`".
" WHERE `owner`={$uid}".
($primary?" AND `primary`='{$primary}'":'').
($confirmed?" AND `active`='{$confirmed}'":'').
' LIMIT 1'
);
return $result[0]['count'];
}
function get_email_details($uid, $primary=false, $confirmed=true){
global $data;
$result=db_rows(
"SELECT * FROM `{$data['DbPrefix']}member_emails`".
" WHERE `owner`={$uid}".
($primary?" AND `primary`='{$primary}'":'').
($confirmed?" AND `active`='{$confirmed}'":'')
);
return $result;
}
function prnmemberemails($uid) {
global $data;
$str_add='';
$result=db_rows(
"SELECT `email` FROM `{$data['DbPrefix']}member_emails`".
" WHERE `owner`={$uid} AND `active`='1'".
' ORDER BY `primary` DESC'
);
foreach($result as $key=>$value) {
$str_add .= "<a href=mailto:{$result[$key]['email']}> {$result[$key]['email']}</a>".' ';
}
return $str_add;
}
function add_email($uid,$email){
global $data;
$max_email=$data['maxemails'];
$nb_emails=count_member_emails($uid,false,false);
if($nb_emails >= $max_email) return TOO_MANY_EMAILS;
elseif(verify_email($email)) return INVALID_EMAIL_ADDRESS;
elseif(email_exists($email)) return EMAIL_EXISTS;
else {
$verifcode=gencode($email);
$result=db_query(
"INSERT INTO `{$data['DbPrefix']}member_emails`".
'(`owner`,`email`,`active`,`primary`,`verifcode`) VALUES '.
"($uid,'{$email}',0,0,'{$verifcode}')"
);
if (!$result) return DB_ERROR;
$info=get_member_info($uid);
$post['email']=$email;
$post['fullname']=get_member_name($uid);
$post['ccode']=$verifcode;
$post['uid']=$uid;
$post['emailpage'];
send_email('CONFIRM-NEW-EMAIL',$post);
return SUCCESS;
}
}
function activate_email($uid, $verifcode){
global $data;
$confirm=db_rows(
"SELECT * FROM `{$data['DbPrefix']}member_emails` WHERE `owner`='$uid' AND `verifcode`='$verifcode' AND `active`=0");
if (!isset($confirm[0])) return CONFIRMATION_NOT_FOUND;
db_query("UPDATE `{$data['DbPrefix']}member_emails` SET `active`=1 WHERE `owner`={$uid} AND `verifcode`='{$verifcode}'");
$info=get_member_info($uid);
$post['email']=$confirm[0]['email'];
$post['fullname']=get_member_name($uid);
send_email('NEW-EMAIL-ACTIVATED',$post);
return SUCCESS;
}
function make_email_prim($uid, $email){
global $data;
if (verify_email($email)) return INVALID_EMAIL_ADDRESS;
$emails=get_email_details($uid,false,false);
$oldprim=get_member_email($uid,true);
foreach ($emails as $addr)
if($addr['email']==$email && $addr['primary']) return ALREADY_PRIMARY;
elseif($addr['email']==$email && !$addr['active']) return EMAIL_NOT_ACTIVE;
elseif($addr['email']==$email){
db_query("UPDATE {$data['DbPrefix']}member_emails SET `primary`=1 WHERE `owner`='{$uid}' AND `email`='{$email}'");
db_query("UPDATE {$data['DbPrefix']}member_emails SET `primary`=0 WHERE `owner`='{$uid}' AND `email`='{$oldprim}'");
db_query("UPDATE {$data['DbPrefix']}members SET `email`='{$email}' WHERE `id`='{$uid}'");
return SUCCESS;
}
return EMAIL_NOT_FOUND;
}
function get_email_detail($email, $type=ALL){
global $data;
if ($type==CONFIRMED) $result=db_rows(
"SELECT * FROM {$data['DbPrefix']}member_emails WHERE `email`='$email' AND `active`=1");
else $result=db_rows(
"SELECT * FROM {$data['DbPrefix']}member_emails WHERE `email`='$email'");
return $result[0];
}
function delete_member_email($uid, $email){
global $data;
if(verify_email($email)) return INVALID_EMAIL_ADDRESS;
$todel=get_email_detail($email);
if(!$todel) return EMAIL_NOT_FOUND;
elseif($todel['primary']) return CANNOT_DELETE_PRIMARY;
db_query("DELETE FROM {$data['DbPrefix']}member_emails WHERE owner='{$uid}' AND `email`='{$email}'");
return SUCCESS;
}
function email_exists ($email){
global $data;
$result=db_rows("SELECT owner FROM {$data['DbPrefix']}members_emails WHERE email='{$email}'");
return (bool)$result['0'];
}
function get_user_id($unoremail){
global $data;
if(verify_email($unoremail)){
$result=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE (`username`='{$unoremail}') AND `active`=1 LIMIT 1");
return $result[0]['id'];
} else {
$result=db_rows(
"SELECT `owner` FROM `{$data['DbPrefix']}member_emails` e, ".
"`{$data['DbPrefix']}members` m".
" WHERE (e.`email`='{$unoremail}' AND m.`active`=1)".
' LIMIT 1');
return $result[0]['owner'];
}
}
function get_sponsor_id($uid){
global $data;
$result=db_rows(
"SELECT `sponsor` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1"
);
return $result[0]['sponsor'];
}
function get_sponsors($uid){
global $data;
$members=db_rows(
'SELECT `id`,`username`,`email`'.
" FROM `{$data['DbPrefix']}members`".
($uid?" WHERE `id`<>{$uid} AND `sponsor`<>{$uid}":'')
);
$result=array('--');
foreach($members as $value)$result[$value['id']]="{$value['username']} ({$value['email']})";
return $result;
}
function get_member_username($uid){
global $data;
if($uid<0)return 'system';
$result=db_rows(
"SELECT `username` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1");
return $result[0]['username'];
}
function get_member_name($uid){
global $data;
if($uid<0)return 'system';
$result=db_rows(
"SELECT `fname`,`lname` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1");
return $result[0]['fname'].' '.strtoupper($result[0]['lname']);
}
function get_member_info($uid){
global $data;
$result=db_rows(
"SELECT * FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1");
$result[0]['emails']=db_rows(
"SELECT * FROM `{$data['DbPrefix']}member_emails`".
" WHERE `owner`={$uid} AND `email`<>'{$result[0]['email']}'");
return $result[0];
}
function get_member_status($uid){
global $data;
$result=db_rows(
"SELECT `status` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1"
);
return $result[0]['status'];
}
function get_ip_history($uid, $order=''){
global $data;
$result=db_rows(
"SELECT `date`,`address` FROM `{$data['DbPrefix']}visits`".
" WHERE `member`={$uid} ".($order?"ORDER BY `{$order}`":'ORDER BY `date` DESC')
);
return $result;
}
function is_member_found($username, $password){
return (bool)get_member_id($username, $password);
}
function is_member_active($username){
return (bool)get_member_id($username, '', '`active`=1');
}
function set_member_status($uid, $active){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members`".
' SET `active`='.(int)$active.
" WHERE `id`={$uid}"
);
}
function set_member_status_ex($uid, $status){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members`".
" SET `status`={$status}".
" WHERE `id`={$uid}"
);

}
function get_member_status_ex($uid){
global $data;
$record=db_rows(
"SELECT `status` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1"
);
return $record[0]['status'];
}
function set_member_inactive($username){
global $data;
set_member_status(get_member_id($username), false);
}
function delete_member($uid){
global $data;
db_query(
"DELETE FROM `{$data['DbPrefix']}members` WHERE `id`={$uid}"
);
}
function select_balance($uid){
global $data;
if($uid<0){
$isql=
'SELECT SUM(`fees`) AS `summ`'.
" FROM `{$data['DbPrefix']}transactions`".
' WHERE (`status`=1 OR `status`=6) LIMIT 1'
;
}else{
$isql=
'SELECT SUM(`amount`-`fees`) AS `summ`'.
" FROM `{$data['DbPrefix']}transactions`".
" WHERE `receiver`={$uid} AND (`status`=1 OR `status`=6) LIMIT 1"
;
}
$outgoing=db_rows(
'SELECT SUM(`amount`) AS `summ`'.
" FROM `{$data['DbPrefix']}transactions`".
" WHERE `sender`={$uid} AND (`status`=1 OR `status`=6) LIMIT 1"
);
$pending_out_unreg=db_rows(
'SELECT SUM(`amount`) AS `summ`'.
" FROM `{$data['DbPrefix']}temp_pays`".
" WHERE `sender`={$uid} AND (`status`=0) LIMIT 1"
);
$incoming=db_rows($isql);
$outgoing=(double)$outgoing[0]['summ'];
$pending_out_unreg=(double)$pending_out_unreg[0]['summ'];
$outgoing=$outgoing+$pending_out_unreg;
$incoming=(double)$incoming[0]['summ'];
return $incoming-$outgoing;
}
function set_last_access($username){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members`".
" SET `ldate`='".date('Y-m-d H:i:s')."',".
"`last_ip`='{$_SERVER['REMOTE_ADDR']}'".
' WHERE `id`='.get_member_id($username)
);
}
function set_last_access_date($uid, $reset=false){
global $data;
if(!$reset)$curr=date('Y-m-d H:i:s');else $curr=0;
db_query(
"UPDATE `{$data['DbPrefix']}members`".
" SET `adate`='{$curr}'".
" WHERE `id`={$uid}"
);
}
function save_remote_ip($uid, $address){
global $data;
db_query(
"INSERT `{$data['DbPrefix']}visits`(`member`,`date`,`address`".
")VALUES({$uid},'".date('Y-m-d H:i:s')."','{$address}')"
);
}
function is_valid_mail($email){
global $data;
$result=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}members`".
" WHERE `email`='{$email}' LIMIT 1"
);
$emails=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}member_emails`".
" WHERE(`email`='{$email}') LIMIT 1"
);
return (bool)(!$result&&!$emails);
}
function get_member_by_email($email){
global $data;
$result=db_rows(
"SELECT `password`,`question`,`answer` FROM `{$data['DbPrefix']}members`".
" WHERE `email`='{$email}'"
);
if(!$result){
$emails=db_rows(
"SELECT `owner` FROM `{$data['DbPrefix']}member_emails`".
" WHERE `email`='{$email}' LIMIT 1"
);
if($emails){
$result=db_rows(
"SELECT `password`,`question`,`answer` FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$emails[0]['owner']}"
);
}
}
return $result[0];
}
function is_info_empty($uid){
global $data;
$result=db_rows(
'SELECT `empty`'.
" FROM `{$data['DbPrefix']}members`".
" WHERE `id`={$uid} LIMIT 1"
);
return (bool)$result[0]['empty'];
}
function select_info($uid, $post){
global $data;
$result=$post;
$member=get_member_info($uid);
if(!$member){
$_SESSION['uid']=0;
$_SESSION['login']=false;
header("Location:{$data['Host']}/index.htm");
echo('ACCESS DENIED.');
exit;
}
foreach($member as $key=>$value)if(!isset($post[$key]))$result[$key]=$value;
if(!$result['active']){
$_SESSION['uid']=0;
$_SESSION['login']=false;
header("Location:{$data['Host']}/index.htm");
echo('ACCESS DENIED.');
exit;
}
return $result;
}
function insert_profile_info($post){
global $data;
if(!$post['sponsor'])$post['sponsor']=0;
db_query(
"INSERT INTO `{$data['DbPrefix']}members`(".
'`sponsor`,`username`,`password`,`email`,`active`,`empty`,'.
'`fname`,`lname`,`company`,`regnum`,`drvnum`,'.
'`address`,`city`,`country`,`state`,`zip`,`phone`,`fax`'.
')VALUES('.
"{$post['sponsor']},'{$post['username']}','{$post['password']}',".
"'{$post['email']}',0,0,'{$post['fname']}','{$post['lname']}',".
"'{$post['company']}','{$post['regnum']}','{$post['drvnum']}',".
"'{$post['address']}','{$post['city']}','{$post['country']}',".
"'{$post['state']}','{$post['zip']}','{$post['phone']}',".
"'{$post['fax']}'".
')'
);
$newid=newid();
db_query("INSERT INTO `{$data['DbPrefix']}member_emails`
(`owner`,`email`,`active`,`primary`) VALUES
('{$newid}','{$post['email']}',1,1)
");
return $newid;
}
function update_profile_info($post, $uid, $notify=true){
global $data;
if(!$post['sponsor'])$post['sponsor']=0;
db_query(
"UPDATE `{$data['DbPrefix']}members` SET ".
"`sponsor`={$post['sponsor']},".
"`empty`=0,`fname`='{$post['fname']}',`lname`='{$post['lname']}',".
"`company`='{$post['company']}',`regnum`='{$post['regnum']}',".
"`drvnum`='{$post['drvnum']}',`address`='{$post['address']}',".
"`city`='{$post['city']}',`country`='{$post['country']}',".
"`state`='{$post['state']}',`zip`='{$post['zip']}',".
"`phone`='{$post['phone']}',`fax`='{$post['fax']}',".
"`description`='{$post['description']}'".
" WHERE `id`={$uid}"
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-MEMBER-PROFILE', $post);
}
}
function update_private_info($post, $uid){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members` SET ".
"`username`='{$post['username']}',`password`='{$post['password']}',".
"`email`='{$post['email']}' WHERE `id`={$uid}"
);
}
function update_member_password($uid, $password, $notify=true){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members` SET ".
"`password`='{$password}'".
" WHERE `id`={$uid}"
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-MEMBER-PROFILE', $post);
}
}
function update_member_question($uid, $question, $answer, $notify=true){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}members` SET ".
"`question`='{$question}',`answer`='{$answer}'".
" WHERE `id`={$uid}"
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-MEMBER-PROFILE', $post);
}
}
function insert_email_info($email, $uid, $notify=true){
global $data;
db_query(
"INSERT INTO `{$data['DbPrefix']}member_emails`(".
'`owner`,`email`,`status`'.
')VALUES('.
"{$uid},'{$email}',0)"
);
if($notify)send_email_request(newid());
return newid();
}
function delete_email_info($gid){
global $data;
db_query(
"DELETE FROM `{$data['DbPrefix']}member_emails`".
" WHERE `id`={$gid}"
);
}
function send_email_request($gid){
global $data;
$emails=db_rows(
"SELECT * FROM `{$data['DbPrefix']}member_emails`".
" WHERE `id`={$gid} LIMIT 1"
);
if($emails[0]){
$post['ccode']=gencode();
db_query(
"UPDATE `{$data['DbPrefix']}member_emails`".
" SET `confirm`='{$post['ccode']}', `status`=1".
" WHERE `id`={$gid}"
);
$post['email']=$emails[0]['email'];
send_email('CONFIRM-EMAIL', $post);
}
}
function set_default_email($gid){
global $data;
$emails=db_rows(
"SELECT * FROM `{$data['DbPrefix']}member_emails`".
" WHERE `id`={$gid} LIMIT 1"
);
if($emails[0]){
db_query(
"INSERT INTO `{$data['DbPrefix']}member_emails`(".
'`owner`,`email`,`status`'.
')VALUES('.
"{$emails[0]['owner']},'".get_member_email($emails[0]['owner'])."',2)"
);
db_query(
"UPDATE `{$data['DbPrefix']}members`".
" SET `email`='{$emails[0]['email']}'".
" WHERE `id`={$emails[0]['owner']}"
);
db_query(
"DELETE FROM `{$data['DbPrefix']}member_emails`".
" WHERE `id`={$emails[0]['id']}"
);
}
}
function insert_card_info($post, $uid, $notify=true){
global $data;
db_query(
"INSERT INTO `{$data['DbPrefix']}cards`(".
'`owner`,`ctype`,`cname`,`cnumber`,`ccvv`,`cmonth`,`cyear`,'.
'`status`,`default`'.
')VALUES('.
"{$uid},'{$post['ctype']}','{$post['cname']}',".
"'{$post['cnumber']}','{$post['ccvv']}',".
"{$post['cmonth']},{$post['cyear']},".
'0,0)'
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-CARD-INFORMATION', $post);
}
return newid();
}
function update_card_info($post, $gid, $uid, $notify=true){
global $data;
$cnumber=(is_changed($post['cnumber']))?"`cnumber`='{$post['cnumber']}',":'';
$ccvv=(is_changed($post['ccvv']))?"`ccvv`='{$post['ccvv']}',":'';
db_query(
"UPDATE `{$data['DbPrefix']}cards` SET ".
"`ctype`='{$post['ctype']}',`cname`='{$post['cname']}',".
"{$cnumber}{$ccvv}".
"`cmonth`={$post['cmonth']},`cyear`={$post['cyear']}".
" WHERE `id`={$gid}"
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-CARD-INFORMATION', $post);
}
}
function delete_card($gid){
global $data;
db_query(
"DELETE FROM `{$data['DbPrefix']}cards`".
" WHERE `id`={$gid}"
);
}
function select_cards($uid, $hiden=true, $id=0, $single=false){
global $data;
$cards=db_rows(
"SELECT * FROM `{$data['DbPrefix']}cards`".
" WHERE `owner`={$uid}".
($id?" AND `id`={$id}":'').($single?' LIMIT 1':'')
);
$result=array();
foreach($cards as $key=>$value){
foreach($value as $name=>$v){
$result[$key][$name]=$v;
if($hiden){
if($name=='cnumber') $result[$key][$name]=encode($v, 4);
elseif($name=='ccvv') $result[$key][$name]=encode($v, 1);
}
}
}
return $result;
}
function insert_bank_info($post, $uid, $notify=true){
global $data;
db_query(
"INSERT INTO `{$data['DbPrefix']}banks`(".
'`owner`,`bname`,`baddress`,`bcity`,`bzip`,`bcountry`,`bstate`,'.
'`bphone`,`bnameacc`,`baccount`,`btype`,`brtgnum`,`bswift`,'.
'`status`,`default`'.
')VALUES('.
"{$uid},'{$post['bname']}','{$post['baddress']}','{$post['bcity']}',".
"'{$post['bzip']}','{$post['bcountry']}','{$post['bstate']}',".
"'{$post['bphone']}','{$post['bnameacc']}','{$post['baccount']}',".
"'{$post['btype']}','{$post['brtgnum']}','{$post['bswift']}',".
'0,0)'
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-BANK-INFORMATION', $post);
}
return newid();
}
function update_bank_info($post, $gid, $uid, $notify=true){
global $data;
db_query(
"UPDATE `{$data['DbPrefix']}banks` SET ".
"`bname`='{$post['bname']}',`baddress`='{$post['baddress']}',".
"`bcity`='{$post['bcity']}',`bzip`='{$post['bzip']}',".
"`bcountry`='{$post['bcountry']}',`bstate`='{$post['bstate']}',".
"`bphone`='{$post['bphone']}',`bnameacc`='{$post['bnameacc']}',".
"`baccount`='{$post['baccount']}',`btype`='{$post['btype']}',".
"`brtgnum`='{$post['brtgnum']}',`bswift`='{$post['bswift']}'".
" WHERE `id`={$gid}"
);
if($notify){
$post['email']=get_member_email($uid);
send_email('UPDATE-BANK-INFORMATION', $post);
}
}
function delete_bank($gid){
global $data;
db_query(
"DELETE FROM `{$data['DbPrefix']}banks`".
" WHERE `id`={$gid}"
);
}
function select_banks($uid, $id=0, $single=false){
global $data;
$banks=db_rows(
"SELECT * FROM `{$data['DbPrefix']}banks`".
" WHERE `owner`={$uid}".
($id?" AND `id`={$id}":'').($single?' LIMIT 1':'')
);
$result=array();
foreach($banks as $key=>$value){
foreach($value as $name=>$v)$result[$key][$name]=$v;
}
return $result;
}
function set_trtype($uid, $dir){
switch($dir){
case 'both':
return "(`sender`={$uid} OR `receiver`={$uid})";
case 'incoming':
return "`receiver`={$uid}";
case 'outgoing':
return "`sender`={$uid}";
}
return '';
}
function get_trans_count($where=''){
global $data;
$result=db_rows(
'SELECT COUNT(`id`) AS `count`'.
" FROM `{$data['DbPrefix']}transactions`{$where} LIMIT 1"
);
return $result[0]['count'];
}
function get_transactions_count($uid, $dir='both', $extra='1'){
$result=get_trans_count(
' WHERE '.($uid>0?set_trtype($uid, $dir).
($extra?" AND {$extra}":''):($extra?" {$extra}":''))
);
return $result;
}
function get_transactions_summ($where){
global $data;
$rows=db_rows(
'SELECT SUM(`amount`) AS `summ`, SUM(`fees`) AS `fees`'.
" FROM `{$data['DbPrefix']}transactions`".
($where?" WHERE {$where}":'').' ORDER BY `tdate` LIMIT 1'
);
$result['summ']=$rows[0]['summ'];
$result['fees']=$rows[0]['fees'];
return $result;
}
function get_transactions_summary($dateA, $dateB){
global $data;
foreach($data['TransactionType'] as $key=>$value){
$rows=get_transactions_summ(
"`type`={$key} AND".
" UNIX_TIMESTAMP(`tdate`)>={$dateA} AND".
" UNIX_TIMESTAMP(`tdate`)<{$dateB}"
);
$result[$value]['Summ']=prnpays($rows['summ']?$rows['summ']:0, false);
$result[$value]['Fees']=prnpays($rows['fees']?$rows['fees']:0, false);
}
return $result;
}
function get_transactions_year(){
global $data;
$years=db_rows(
'SELECT MIN(YEAR(`tdate`)) AS `min`, MAX(YEAR(`tdate`)) AS `max`'.
" FROM `{$data['DbPrefix']}transactions` LIMIT 1"
);
$result['min']=$years[0]['min'];
$result['max']=$years[0]['max'];
return $result;
}
function get_transactions_period(){
global $data;
$period=db_rows(
'SELECT MIN(`tdate`) AS `min`, MAX(`tdate`) AS `max`'.
" FROM `{$data['DbPrefix']}transactions` LIMIT 1"
);
$result['min']=getdate(strtotime($period[0]['min']));
$result['max']=getdate(strtotime($period[0]['max']));
return $result;
}
function can_refund($id, $uid){
global $data;
$balance=select_balance($uid);
$result=db_rows(
"SELECT `id` FROM `{$data['DbPrefix']}transactions`".
" WHERE `id`={$id} AND `receiver`={$uid}".
' AND `type`=0 AND (`status`=0 OR `status`=1)'.
" AND `amount`<{$balance}".
" AND TO_DAYS(NOW())-TO_DAYS(`tdate`)<{$data['RefundPeriod']}"
);
return $result[0];
}
function get_status_color($status){
$result='000000';
switch($status){
case 0:
$result='blue';
break;
case 1:
$result='green';
break;
case 2:
$result='red';
break;
case 3:
$result='maroon';
}
return $result;
}
function get_transactions(
$uid, $dir='both', $type=-1, $status=-1, $start=0,
$count=0, $order='', $suser='', $sdate=''
){
global $data;
if($suser||$sdata){
$start=0;
$count=0;
}
$order=($order?$order:'ORDER BY `tdate` DESC');
$limit=($start?($count?" LIMIT {$start},{$count}":" LIMIT {$start}"):
($count?" LIMIT {$count}":''));
$trans=db_rows(
'SELECT *,(TO_DAYS(NOW())-TO_DAYS(`tdate`)) as `period`'.
" FROM `{$data['DbPrefix']}transactions`".
($uid?' WHERE '.set_trtype($uid, $dir):'').
($type<0?'':($uid?' AND ':' WHERE ')."`type`={$type}").
($status<0?'':($uid||$type>=0?' AND ':' WHERE ')."`status`={$status}").
" {$order}{$limit}"
);
$result=array();
foreach($trans as $key=>$value){
if($suser){
if(
strpos(get_member_username($value['sender']), $suser)===false
&&
strpos(get_member_username($value['receiver']), $suser)===false
)continue;
}elseif($sdate){
if(strpos($value['tdate'], $sdate)===false)continue;
}
$dir=(bool)($value['sender']!=$uid);
$result[$key]['id']=$value['id'];
$result[$key]['direction']=$dir?'FROM':'TO';
$result[$key]['sender']=$value['sender'];
$result[$key]['senduser']=prnuser($value['sender']);
$result[$key]['receiver']=$value['receiver'];
$result[$key]['recvuser']=prnuser($value['receiver']);
$result[$key]['userid']=$dir?$value['sender']:$value['receiver'];
$result[$key]['username']=prnuser($result[$key]['userid']);
$result[$key]['oamount']=$dir?$value['amount']:-$value['amount'];
$result[$key]['amount']=prnpays($result[$key]['oamount']);
$result[$key]['tdate']=prndate($value['tdate']);
$result[$key]['period']=$value['period'];
$result[$key]['ostatus']=$value['status'];
$result[$key]['type']=$data['TransactionType'][$value['type']];
$result[$key]['status']=
''.
$data['TransactionStatus'][$value['status']].
''
;
if($value['fees']>0&&&