RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e7bace5550
php-mpos/public/include/classes/payout.class.php
xisi e7bace5550 basic logging, adds logs folder to root dir 
htaccess to block access to the logs
by default, only log warnings
simple config check to see if that folder is writable

warning if changeNoFee is used
warning if setLocked is used
warning if changeAdmin is used
warning if when logging in that IP is different than saved IP
info if a login fails with bad user or password
warning if a user is locked via failed logins
info if an update/etc fails with bad pin
warning if a user is locked via failed pins
info when a pin request is sent
warning when a pin request email doesn't send
warning when trying to request pin reset and incorrect password
info when a twofactor token sent
warning if twofactor email doesn't send
warning when a user tries to request multiple of the same type of token
info when a twofactor token is deleted
warning if a twofactor token fails to delete
warning when an invalid change password token is used
info on successful account update
warning when reset password is called and IP doesn't match saved IP, info otherwise
warning if isAuthenticated falls through and kills a session
2014-01-31 13:11:38 -05:00

89 lines
3.2 KiB
PHP
Raw Blame History

<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
class Payout Extends Base {
protected $table = 'payouts';
/**
* Check if the user has an active payout request already
* @param account_id int Account ID
* @return boolean bool True of False
**/
public function isPayoutActive($account_id) {
$stmt = $this->mysqli->prepare("SELECT id FROM $this->table WHERE completed = 0 AND account_id = ? LIMIT 1");
if ($stmt && $stmt->bind_param('i', $account_id) && $stmt->execute( )&& $stmt->store_result() && $stmt->num_rows > 0)
return true;
return $this->sqlError('E0048');
}
/**
* Get all new, unprocessed payout requests
* @param none
* @return data Associative array with DB Fields
**/
public function getUnprocessedPayouts() {
$stmt = $this->mysqli->prepare("SELECT * FROM $this->table WHERE completed = 0");
if ($this->checkStmt($stmt) && $stmt->execute() && $result = $stmt->get_result())
return $result->fetch_all(MYSQLI_ASSOC);
return $this->sqlError('E0050');
}
/**
* Insert a new payout request
* @param account_id int Account ID
* @param strToken string Token to confirm
* @return data mixed Inserted ID or false
**/
public function createPayout($account_id=NULL, $strToken) {
$stmt = $this->mysqli->prepare("INSERT INTO $this->table (account_id) VALUES (?)");
if ($stmt && $stmt->bind_param('i', $account_id) && $stmt->execute()) {
// twofactor - consume the token if it is enabled and valid
if ($this->config['twofactor']['enabled'] && $this->config['twofactor']['options']['withdraw']) {
$tValid = $this->token->isTokenValid($account_id, $strToken, 7);
if ($tValid) {
$delete = $this->token->deleteToken($strToken);
if ($delete) {
return true;
} else {
if ($this->config['logging']['enabled'] && $this->config['logging']['level'] > 0) {
$this->log->LogInfo("User $account_id requested manual payout but the token deletion failed from [".$_SERVER['REMOTE_ADDR']."]");
}
$this->setErrorMessage('Unable to delete token');
return false;
}
} else {
if ($this->config['logging']['enabled'] && $this->config['logging']['level'] > 0) {
$this->log->LogInfo("User $account_id requested manual payout using an invalid token from [".$_SERVER['REMOTE_ADDR']."]");
}
$this->setErrorMessage('Invalid token');
return false;
}
}
return $stmt->insert_id;
}
return $this->sqlError('E0049');
}
/**
* Mark a payout as processed
* @param id int Payout ID
* @return boolean bool True or False
**/
public function setProcessed($id) {
$stmt = $this->mysqli->prepare("UPDATE $this->table SET completed = 1 WHERE id = ? LIMIT 1");
if ($stmt && $stmt->bind_param('i', $id) && $stmt->execute())
return true;
return $this->sqlError('E0051');
}
}
$oPayout = new Payout();
$oPayout->setDebug($debug);
$oPayout->setLog($log);
$oPayout->setMysql($mysqli);
$oPayout->setConfig($config);
$oPayout->setToken($oToken);
$oPayout->setErrorCodes($aErrorCodes);
?>
Reference in New Issue View Git Blame Copy Permalink