function doPayout()
{
// Um, yes.
global $DB;
global $TIMEMARK;
global $MySelf;
// Are we allowed to do this?
if (!$MySelf->isAccountant()) {
makeNotice("You are not an accountant to your corporation. Access denied.", "error", "Access denied");
}
// Get unpaid IDs.
$IDS = $DB->query("SELECT DISTINCT request, amount, applicant FROM payoutRequests WHERE payoutTime IS NULL");
// loop through all unpaid IDs.
while ($ID = $IDS->fetchRow()) {
// Check if we marked the id as "paid"
if ($_POST[$ID[request]]) {
// We did. Can user afford payment?
//if (getCredits($ID[applicant]) >= $ID[amount]) {
// Yes, he can!
$transaction = new transaction($ID[applicant], 1, $ID[amount]);
$transaction->setReason("payout request fulfilled");
if ($transaction->commit()) {
$DB->query("UPDATE payoutRequests SET payoutTime = '{$TIMEMARK}', banker='" . $MySelf->getID() . "' WHERE request='{$ID['request']}' LIMIT 1");
}
//}
}
}
header("Location: index.php?action=payout");
}
function createTransaction()
{
// We need globals.
global $DB;
global $MySelf;
global $TIMEMARK;
// Are we allowed to poke in here?
if (!$MySelf->isAccountant()) {
makeNotice("Umm, you are not allowed to do this. Really. You are not.", "warning", "You are not supposed to be here");
}
// Check the ints.
numericCheck($_POST[wod], 0, 1);
numericCheck($_POST[amount], 0);
numericCheck($_POST[id], 0);
// Its easier on the eyes.
$type = $_POST[wod];
$amount = $_POST[amount];
$id = $_POST[id];
$username = idToUsername($id);
// invert the amount if we have a withdrawal.
if ($_POST[wod] == 1) {
$dir = "withdrawed";
$dir2 = "from";
$hisMoney = getCredits($id);
if ($hisMoney < $amount) {
$ayee = $hisMoney - $amount;
confirm("WARNING:<br>{$username} can NOT afford this withdrawal. If you choose to " . "authorize this transaction anyway his account will be at " . number_format($ayee, 2) . " ISK.");
}
} else {
$amount = $_POST[amount];
$dir = "deposited";
$dir2 = "into";
}
// We use custom reason, if set.
if ($_POST[reason2] != "") {
$reason = sanitize($_POST[reason2]);
} else {
$reason = sanitize($_POST[reason1]);
}
// Create transaction.
$transaction = new transaction($id, $type, $amount);
$transaction->setReason($reason);
// Success?
if (!$transaction->commit()) {
// Nope :(
makeNotice("Unable to create transaction. Danger, Will Robinson, DANGER!", "error", "Internal Error", "index.php?action=edituser&id={$id}", "[Back]");
} else {
// Success !
makeNotice("You successfully {$dir} {$amount} ISK {$dir2} " . $username . "'s account.", "notice", "Transaction complete", "index.php?action=edituser&id={$id}", "[Ok]");
}
}
function transferMoney()
{
// Globals
global $MySelf;
global $DB;
global $TIMEMARK;
$MyCredits = getCredits($MySelf->getID());
// Can we afford even the most basic transactions?
if (!numericCheckBool($MyCredits, 0)) {
makeNotice("You can not afford any transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]");
}
// Did we supply an isk amount at all?
if ($_POST[amount] == "") {
makeNotice("You did not specify an ISK amount. Please go back, and try again.", "warning", "How much?", "index.php?action=manageWallet", "[cancel]");
}
if (!is_numeric($_POST[amount])) {
makeNotice("The frog looks at you and your cheque with the amount of \"" . $_POST[amount] . "\". The frog is unsure how much ISK that is and instead decides to lick your face in a friendly manner, then it closes the teller and goes for lunch.", "warning", "Huh?");
}
// Check for sanity.
if (!numericCheckBool($_POST[to], 0)) {
makeNotice("The supplied reciver is not valid.", "warning", "Invalid ID", "index.php?action=manageWallet", "[cancel]");
}
if (!numericCheckBool($_POST[amount], 0)) {
makeNotice("You need to specify a positive ISK value.", "error", "Invalid amount", "index.php?action=manageWallet", "[cancel]");
}
if (!numericCheckBool($_POST[amount], 0, $MyCredits)) {
makeNotice("You can not afford this transaction.", "warning", "Out of money", "index.php?action=manageWallet", "[cancel]");
}
// Ok so now we know: The reciver is valid, the sender has enough money.
$from = "<br><br>From: " . ucfirst($MySelf->getUsername());
$to = "<br>To: " . ucfirst(idToUsername($_POST[to]));
$amount = "<br>Amount: " . number_format($_POST[amount], 2) . " ISK";
$reason = "<br>Reason: " . $_POST[reason];
confirm("Please authorize this transaction:" . $from . $to . $amount . $reason);
// Lets do it.
$transaction = new transaction($_POST[to], 0, $_POST[amount]);
$transaction->setReason("Cash transfer from " . ucfirst($MySelf->getUsername()) . " to " . ucfirst(idToUsername($_POST[to])) . ": " . $_POST[reason]);
$transaction->isTransfer(true);
$transaction->commit();
// Send'em back.
makeNotice($amount . " has been transfered from your into " . ucfirst(idToUsername($_POST[to])) . " account.", "notice", "Cash transfered", "index.php?action=manageWallet", "[OK]");
}
function addCredit($userID, $banker, $credit, $runID)
{
// Sane?
numericCheck($userID, 0);
numericCheck(abs($credit), 0);
numericCheck($banker, 0);
// Globals, YAY!
global $DB;
global $TIMEMARK;
// Create a transaction.
if ($credit >= 0) {
$transaction = new transaction($userID, 0, $credit);
$transaction->setReason("operation #" . str_pad($runID, 5, "0", STR_PAD_LEFT) . " payout");
} else {
$transaction = new transaction($userID, 1, abs($credit));
$transaction->setReason("operation #" . str_pad($runID, 5, "0", STR_PAD_LEFT) . " charge");
}
$state = $transaction->commit();
if ($state) {
return true;
} else {
makeNotice("Unable to grant money to user #{$userID}!", "error", "Unable to comply!");
}
}
function lotto_draw()
{
// We need some globals
global $MySelf;
global $DB;
global $TIMEMARK;
// is Lotto enabled at all?
if (!getConfig("lotto")) {
makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
}
// Deny access to non-lotto-officials.
if (!$MySelf->isLottoOfficial()) {
makeNotice("You are not allowed to do this!", "error", "Permission denied");
}
// Database
$max = lotto_getOpenDrawing();
// confirm!
confirm("Do you want to draw the winner for Drawing #{$max} now?");
// No drawing open!
if (!$max) {
makeNotice("There is no open lottery. Open a new one, and try again.", "warning", "No open drawing", "index.php?action=editLotto", "[cancel]");
}
// Lock remaining tickets.
$DB->query("UPDATE lotteryTickets SET owner='-2' WHERE drawing='{$max}' AND owner<'0'");
// Pick the winner.
$NrTickets = $DB->getCol("SELECT MAX(ticket) AS max FROM lotteryTickets WHERE drawing='{$max}'");
$Winner = rand(1, $NrTickets[0]);
// Set the ticket as "winner":
$DB->query("UPDATE lotteryTickets SET isWinner='1' WHERE ticket='{$Winner}' AND drawing='{$max}'");
// Get ID of possible winner:
$luckyOne = $DB->getCol("SELECT owner FROM lotteryTickets WHERE isWinner='1' AND drawing='{$max}' LIMIT 1");
$luckyOne = $luckyOne[0];
// Calculate the potsize.
$potSize = $DB->getCol("SELECT COUNT(id) AS count FROM lotteryTickets WHERE owner>='0' AND drawing='{$max}'");
$potSize = $potSize[0] * 1000000;
$potSizeOld = $potSize;
// Get the JackPot.
$jackPot = $DB->getCol("SELECT value FROM config WHERE name='jackpot' LIMIT 1");
$jackPot = $jackPot[0];
$potSize = $potSize + $jackPot;
if ($luckyOne >= 0) {
// We have a winner!
$DB->query("UPDATE lotto SET winner='{$luckyOne}' WHERE drawing='{$max}' LIMIT 1");
// Give him the money.
$transaction = new transaction($luckyOne, 0, $potSize);
$transaction->setReason("won the lottery");
$transaction->commit();
// Clean up the jackpot.
$DB->query("DELETE FROM config WHERE name='jackpot' LIMIT 1");
} else {
// No winner, unclaimed ticket won :(
$DB->query("UPDATE lotto SET winner='-1' WHERE drawing='{$max}' LIMIT 1");
// Add to jackpot.
$DB->query("DELETE FROM config WHERE name='jackpot' LIMIT 1");
$DB->query("INSERT INTO config (name, value) VALUES ('jackpot','{$potSize}')");
}
$DB->query("UPDATE lotto SET closed='{$TIMEMARK}' WHERE drawing='{$max}' LIMIT 1");
$DB->query("UPDATE lotto SET isOpen='0' WHERE drawing='{$max}' LIMIT 1");
$DB->query("UPDATE lotto SET winningTicket='{$Winner}' WHERE drawing='{$max}' LIMIT 1");
$DB->query("UPDATE lotto SET potSize='{$potSizeOld}' WHERE drawing='{$max}' LIMIT 1");
header("Location: index.php?action=lotto");
}
function lotto_buyTickets()
{
// Set some needed variables.
global $DB;
global $MySelf;
$ID = $MySelf->getID();
$myMoney = getCredits($ID);
$affordable = floor($myMoney / 1000000);
if (!getConfig("lotto")) {
makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
}
// Get my credits
$MyStuff = $DB->getRow("SELECT lottoCredit, lottoCreditsSpent FROM users WHERE id='" . $MySelf->getID() . "'");
$Credits = $MyStuff[lottoCredit];
$CreditsSpent = $MyStuff[lottoCreditsSpent];
// User submited this form already!
if ($_POST[check]) {
numericCheck($_POST[amount], 0, $affordable);
if ($_POST[amount] == 0) {
makeNotice("You cannot buy zero tickets.", "warning", "Too few tickets.", "index.php?action=lotto", "[whoops]");
}
confirm("Please authorize the transaction of " . number_format($_POST[amount] * 1000000, 2) . " ISK in order to buy {$_POST['amount']} lotto credits.");
// Get the old ticket count, and add the new tickets on top of those.
$oldCount = $DB->getCol("SELECT lottoCredit FROM users WHERE id='{$ID}' LIMIT 1");
$newcount = $oldCount[0] + $_POST[amount];
// Update the database to reflect the new ticket count.
$check = $DB->query("UPDATE users SET lottoCredit='{$newcount}' WHERE id='{$ID}' LIMIT 1");
// Check that we were successful.
if ($DB->affectedRows() != 1) {
makeNotice("I was unable to add {$newcount} tickets to {$user} stack of {$count} tickets! Danger will robonson, danger!", "error", "Unable to comply.");
}
// Make him pay!
global $TIMEMARK;
$transaction = new transaction($ID, 1, $_POST[amount] * 1000000);
$transaction->setReason("lotto credits bought");
if ($transaction->commit()) {
// all worked out!
makeNotice("Your account has been charged the amount of " . number_format($_POST[amount] * 1000000, 2) . " ISK.", "notice", "Credits bought", "index.php?action=lotto", "[OK]");
} else {
// We were not successfull
makeNotice("I was unable to add {$newcount} tickets to {$user} stack of {$count} tickets! Danger will robonson, danger!", "error", "Unable to comply.");
}
}
// Prepare the drop-down menu.
if ($affordable >= 1) {
$ddm = "<select name=\"amount\">";
for ($i = 1; $i <= $affordable; $i++) {
if ($i == 1) {
$ddm .= "<option value=\"{$i}\">Buy {$i} tickets</option>";
} else {
$ddm .= "<option value=\"{$i}\">Buy {$i} tickets</option>";
}
}
$ddm .= "</select>";
} else {
// Poor user.
$ddm = "You can not afford any credits.";
}
// Create the table.
$table = new table(2, true);
$table->addHeader(">> Buy lotto credits");
$table->addRow();
$table->addCol("Here you can buy lotto tickets for 1.000.000,00 ISK each. " . "Your account currently holds " . number_format($myMoney, 2) . " ISK, so " . "you can afford {$affordable} tickets. Please choose the amount of credits you wish " . "to buy.", array("colspan" => 2));
$table->addRow();
$table->addCol("Your credits:");
$table->addCol($Credits);
$table->addRow();
$table->addCol("Total spent credits:");
$table->addCol($CreditsSpent);
$table->addRow();
$table->addCol("Purchase this many credits:");
$table->addCol($ddm);
$table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Buy credits\">");
$table->addRow("#060622");
$table->addCol("[<a href=\"index.php?action=lotto\">Cancel request</a>]", array("colspan" => 2));
// Add some more html form stuff.
$html = "<h2>Buy Lotto credits</h2>";
$html .= "<form action=\"index.php\" method=\"POST\">";
$html .= $table->flush();
$html .= "<input type=\"hidden\" name=\"check\" value=\"true\">";
$html .= "<input type=\"hidden\" name=\"action\" value=\"lottoBuyCredits\">";
$html .= "</form>";
// Return the mess we made.
return $html;
}
// if not, insert new row into database table
$t->addStatement("INSERT INTO :prefix:visit (user, patient, relation, description, scent) VALUES (:0, :1, :2, :3, :4)", $_POST['userid'], $p['patientId'], $p['relation'], htmlspecialchars($p['description']), $p['scent']);
} else {
// if exists, update row
$t->addStatement("UPDATE :prefix:visit SET\n relation = :0,\n description = :1,\n scent = :2 \n WHERE visitId = :3", $p['relation'], htmlspecialchars($p['description']), $p['scent'], $visitId);
}
$t->commit();
$t = new transaction();
// commit those changes right now
/*
* Update images
*/
$t->addStatement("DELETE FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visitId, 'Image');
if (isset($p['images']) && is_array($p['images'])) {
foreach ($p['images'] as $img) {
$t->addStatement("INSERT INTO :prefix:visit_media (visitId, path, type) VALUES (:0, :1, :2);", $visitId, basename($img), "Image");
}
}
/*
* Update audios
*/
$t->addStatement("DELETE FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visitId, 'Audio');
if (isset($p['audios']) && is_array($p['audios'])) {
foreach ($p['audios'] as $aud) {
$t->addStatement("INSERT INTO :prefix:visit_media (visitId, path, type) VALUES (:0, :1, :2);", $visitId, basename($aud), "Audio");
}
}
}
}
$t->commit();
echo "SUCCESS";
