function cancel_order($orderid, $uid) { // cancel an order $query = "\n UPDATE orderbook\n SET status='CANCEL'\n WHERE\n orderid='{$orderid}'\n AND uid='{$uid}'\n AND status='OPEN'\n "; do_query($query); if (mysql_affected_rows() != 1) { if (mysql_affected_rows() > 1) { throw new Error('Serious...', 'More rows updated than should be. Contact the sysadmin ASAP.'); } else { if (mysql_affected_rows() == 0) { throw new Problem(_('Cannot...'), _('Your order got bought up before you were able to cancel.')); } else { throw new Error('Serious...', 'Internal error. Contact sysadmin ASAP.'); } } } // Refetch order in case something has happened. $info = fetch_order_info($orderid); if ($uid != $info->uid) { throw new Error('Permission...', '... Denied! Now GTFO.'); } add_funds($info->uid, $info->amount, $info->type); // these records indicate returned funds. create_record($orderid, $info->amount, 0, 0, -1, 0); addlog(LOG_RESULT, " cancelled order {$orderid}"); }
function take_commission($amount, $curr_type, $orderid) { add_funds(1, $amount, $curr_type); $result = do_query("\n SELECT COUNT(*) AS count\n FROM orderbook\n WHERE orderid='{$orderid}'\n AND want_type = '{$curr_type}'\n "); $row = mysql_fetch_assoc($result); if ($row['count'] != 1) { throw new Error('Error taking commission', "Mismatched currency types"); } $result = do_query("\n UPDATE orderbook\n SET commission = commission + {$amount}\n WHERE orderid='{$orderid}'\n AND want_type = '{$curr_type}'\n "); }
function process() { do_query("SET div_precision_increment = 8"); // find and cancel any active orders from users with negative BTC or FIAT balances // this should never happen unless someone is trying to double-spend their balance $query = "\n SELECT orderid, orderbook.amount as amount, orderbook.type, orderbook.uid as uid\n FROM orderbook\n JOIN purses\n ON orderbook.uid = purses.uid\n WHERE\n status != 'CLOSED' AND\n status != 'CANCEL' AND\n purses.amount < 0\n GROUP BY orderid\n "; $result = b_query($query); while ($row = mysql_fetch_array($result)) { $orderid = $row['orderid']; $amount = $row['amount']; $type = $row['type']; $uid = $row['uid']; try { echo "cancelling order {$orderid} (spend ", internal_to_numstr($amount), " {$type} for user {$uid}) due to negative balance\n"; wait_for_lock($uid); $query = "\n UPDATE orderbook\n SET status = 'CANCEL'\n WHERE orderid = '{$orderid}'\n "; b_query($query); add_funds($uid, $amount, $type); // these records indicate returned funds. create_record($orderid, $amount, 0, 0, -1, 0); release_lock($uid); } catch (Error $e) { if ($e->getTitle() == 'Lock Error') { echo "can't get lock for {$uid}\n"; } else { throw $e; } } } $query = "\n SELECT orderid\n FROM orderbook\n WHERE processed=FALSE\n ORDER BY timest ASC\n "; $result = b_query($query); while ($row = mysql_fetch_array($result)) { $orderid = $row['orderid']; echo "Processing {$orderid}...\n"; fulfill_order($orderid); echo "Completed.\n\n"; $query = "\n UPDATE orderbook\n SET processed=TRUE\n WHERE orderid='{$orderid}'\n "; b_query($query); } }
function redeem_voucher($code) { global $is_logged_in; $code = trim($code); if (looks_like_mtgox_fiat_voucher($code)) { return redeem_mtgox_fiat_voucher($code); } if (!ENABLE_LOCAL_VOUCHERS) { throw Error('Vouchers are not enabled on this site', 'Redeeming voucher codes is disabled.'); } list($issuing_reqid, $issuing_uid, $amount, $curr_type) = check_voucher_code($code); // echo "issued in request $issuing_reqid by user $issuing_uid for amount $amount of $curr_type<br/>\n"; $query = "\n INSERT INTO requests (req_type, uid, amount, curr_type, status)\n VALUES ('DEPOS', '{$is_logged_in}', '{$amount}', '{$curr_type}', 'FINAL');\n "; do_query($query); $reqid = mysql_insert_id(); redeemed_voucher_code($issuing_reqid, $reqid); add_funds($is_logged_in, $amount, $curr_type); return array($curr_type, $amount); }
try { check_frozen(); // find and cancel any active requests from users with negative BTC or FIAT balances // this should never happen unless someone is trying to double-spend their balance $query = "\n SELECT\n reqid, requests.amount as amount, requests.uid as uid\n FROM requests\n JOIN purses\n ON requests.uid = purses.uid\n WHERE\n req_type = 'WITHDR'\n AND curr_type = 'BTC'\n AND (status = 'VERIFY' OR status = 'PROCES')\n AND purses.amount < 0\n GROUP BY reqid\n"; $result = do_query($query); while ($row = mysql_fetch_array($result)) { $reqid = $row['reqid']; $amount = $row['amount']; $uid = $row['uid']; try { echo "cancelling reqid {$reqid} (withdraw ", internal_to_numstr($amount), " BTC for user {$uid}) due to negative balance\n"; wait_for_lock($uid); $query = "\n UPDATE requests\n SET status = 'CANCEL'\n WHERE reqid = '{$reqid}'\n "; do_query($query); add_funds($uid, $amount, 'BTC'); release_lock($uid); } catch (Error $e) { if ($e->getTitle() == 'Lock Error') { echo "can't get lock for {$uid}\n"; } else { throw $e; } } } $query = "\n SELECT\n requests.reqid AS reqid,\n users.uid AS uid,\n amount,\n addy\n FROM requests\n JOIN bitcoin_requests\n ON requests.reqid=bitcoin_requests.reqid\n JOIN users\n ON users.uid=requests.uid\n WHERE\n req_type='WITHDR'\n AND amount > 1000000\n AND status='VERIFY'\n AND curr_type='BTC'\n AND (users.uid < " . LOWEST_UNTRUSTED_USERID . " OR verified)\n "; $result = do_query($query); while ($row = mysql_fetch_assoc($result)) { $reqid = $row['reqid']; $uid = $row['uid']; $amount = $row['amount'];
function redeem_voucher($code) { global $is_logged_in; $code = trim($code); if (looks_like_mtgox_fiat_voucher($code)) { return redeem_mtgox_fiat_voucher($code); } list($issuing_reqid, $issuing_uid, $amount, $curr_type) = check_voucher_code($code); // echo "issued in request $issuing_reqid by user $issuing_uid for amount $amount of $curr_type<br/>\n"; $query = "\n INSERT INTO requests (req_type, uid, amount, curr_type, status)\n VALUES ('DEPOS', '{$is_logged_in}', '{$amount}', '{$curr_type}', 'FINAL');\n "; do_query($query); $reqid = mysql_insert_id(); redeemed_voucher_code($issuing_reqid, $reqid); add_funds($is_logged_in, $amount, $curr_type); return array($curr_type, $amount); }