/** * Insert query helper * * Simply send in an array with key => value pair and table name, the method * will quote and escape everything automatically. To not quote/escape simply * send the value as array($value) instead of $value. * * @param string table name * @param array key => val to be inserted * @return string the finished sql query */ function insert_query($table, $data) { $keys = array_keys($data); $values = array_values($data); $sql = 'INSERT INTO ' . $table; $col = ' ('; $val = ' VALUES('; foreach ($data as $k => $v) { $col .= $k . ','; $val .= (is_array($v) ? $v[0] : quote_escape($v)) . ','; } $val = rtrim($val, ',') . ');'; $col = rtrim($col, ',') . ')'; return $sql . ' ' . $col . ' ' . $val; }
/** * Get latest generated payment id for user * * @param object User * @return string payment id */ public function get_payment_id($user) { $res = db()->query(' SELECT payment_id FROM users_cn_payment_ids WHERE user_id = ' . quote_escape($user->id()) . ' AND asset_id = ' . quote_escape($this->id) . ' ORDER BY pid DESC LIMIT 1'); if ($res) { $row = $res->fetch_assoc(); return $row['payment_id']; } return FALSE; }
} $db->query('COMMIT'); // -------------------------------------------------------------------- // // Process pending withdraws // // -------------------------------------------------------------------- $result = $db->query('SELECT * FROM withdraws_pending WHERE status = 1 ORDER BY id ASC LIMIT 1000'); $payments = array(); while ($row = $result->fetch_array(MYSQL_ASSOC)) { // If there is not enough balance, we'll try again later ("break" instead of "continue" so that payment are processed as a queue, most fair) if (bc::is($row['amount'], '>', $wallet->get_unlocked_balance())) { break; } // In rare cases that bulk_transfer sends payment, but script does a rollback, the transfer will not be repeated by setting status to error first (requiring manual approval): $db->query("UPDATE withdraws_pending SET status = -1, error = 'PAYMENT IN PROCESS' WHERE id = " . $row['id']); $tx_id = $wallet->transfer($row['address'], $row['amount'], $row['payment_id'], $row['mixin'], $row['fee'], 0); $db->query('START TRANSACTION'); if (!$tx_id) { $errors = $wallet->get_errors(); $error_message = (isset($errors[0]) and isset($errors[0]['message'])) ? $errors[0]['message'] : 'Unknown error'; $db->query("UPDATE withdraws_pending SET error = " . quote_escape($error_message) . " WHERE id = " . $row['id']); } else { $sql = insert_query('withdraws_complete', array('user_id' => $row['user_id'], 'address' => $row['address'], 'amount' => $row['amount'], 'fee' => $row['fee'], 'date_paid' => array('UTC_TIMESTAMP()'), 'asset_id' => $row['asset_id'], 'mixin' => $row['mixin'], 'txn' => $tx_id)); $db->query($sql); $db->query("DELETE FROM withdraws_pending WHERE id = " . $row['id']); } $db->query('COMMIT'); } } }
/** * Retrive a users balance * * @param object user * @return decimal the current balance */ public function get_balance($user) { $res = db()->query(' SELECT balance FROM users_assets WHERE user_id = ' . quote_escape($user->id()) . ' AND asset_id = ' . quote_escape($this->id) . ' LIMIT 1 '); if ($row = $res->fetch_assoc()) { return $row['balance']; } return '0.00'; }
/** * Lookup db for username to check if it exists * * @param string username * @return bool true if exists */ public static function username_exists($username) { $res = db()->query(' SELECT user_id FROM user WHERE username = '******' LIMIT 1 '); return (bool) $res->num_rows; }