<?
// #######################################################################
// ######################## www.NewVBB.com ###############################
// #######################################################################
// #######################################################################
// ########################### 非凡猪 ####################################
// #######################################################################
// #######################################################################
// ######################### 2004-01-09 ##################################
// #######################################################################

// 007pig 修改于 2004年08月14日，版本升级为 2.0.1，修正 PHP 5 的错误
// 非凡猪 重写于 2004年05月20日，版本和整个插件统一，修改为 2.0.0
// yeshou 修改于 2004年03月24日，版本升级为 3.3.0
// yeshou 修改于 2004年03月08日，版本升级为 3.2.0
// 007pig 修改于 2004年01月26日，版本升级为 3.1.0
// 非凡猪 编写于 2004年01月09日，bank.php文件初始版本为 3.0.0

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### DEFINE IMPORTANT CONSTANTS #######################
define('NO_REGISTER_GLOBALS', 1);
define('THIS_SCRIPT', 'bank');
define('VERSION', '2.0.1');


// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();

// get special data templates from the datastore
$specialtemplates = array();

// pre-cache templates used by all actions
$globaltemplates = array(
	'bank_showroom',
	'bank_userorder',
	'bank_log',
);

// pre-cache templates used by specific actions
$actiontemplates = array();

// ######################### REQUIRE BACK-END ############################
require_once('./global.php');

// #################### DEFINE PLUS_NAME #######################
define('PLUS_NAME', $vbphrase['bank']);
// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################

// 银行功能被禁用
if (!$vboptions['bankonoff']) 
{
	eval(print_standard_error('bank_off'));
	exit();
}

// check moderator permissions for getting ip
if ($bbuserinfo[userid]==0)
{
	print_no_permission();
}


$accrual = $vboptions['accrual'];           //每天利息
$showaccrual = ($accrual*100)."%";			//显示利息
$shouxufei = $vboptions['shouxufei'];		//转帐手续费
$showshouxufei = ($shouxufei*100)."%";		//显示转帐手续费
$danwei = $vboptions['danwei'];				//社区金钱单位
$minmon = $vboptions['minmon'];				//至少需要多少钱才可以使用银行业务


if (empty($_REQUEST['action'])) 
{
	$_REQUEST['action'] = 'showroom';
}

//##########################  showbankmoney begin #################


if ($_REQUEST['action'] == 'showroom')
{
	//检查利息
	showbankmoney();
	//取个人信息
	$userbank = $DB_site->query_first("
                SELECT bank,money,savemt FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
                $userbankmoney= $userbank['bank'];
                $usernm=$bbuserinfo['username'];
                $usermoney= $userbank['money'];
                $allmoney = $userbank['bank']+$userbank['money'];

	if($userbank['savemt'] !=0)
	{
		$savedate=vbdate($vboptions['dateformat'],$userbank['savemt'], true);
    }
	else
	{
        $savedate = $vbphrase['no_bank_info'];
	}

	//取银行信息
	$allbank=$DB_site->query_first("SELECT COUNT(bank) AS banks FROM " . TABLE_PREFIX . "user AS user where bank>0");
	$allbankpeople=$allbank['banks'];
	$allbank = $DB_site->query_first("SELECT SUM(bank) AS banks FROM " . TABLE_PREFIX . "user AS user");
	$allbankmoney=$allbank['banks'];

	//银行大客户排行榜
	$bankcustom = $DB_site->query("
				SELECT userid, username, bank FROM " . TABLE_PREFIX . "user AS user ORDER BY bank DESC LIMIT 10 ");
	while ($bankuser = $DB_site->fetch_array($bankcustom))
	{
		eval('$bankuserorder .= "' . fetch_template('bank_userorder') . '";');
	}

	//取用户最近银行操作记录-20条(时间？条数？)
	$banklog = $DB_site->query("
				SELECT operate, sum, logtime, note FROM " . TABLE_PREFIX . "bank_log WHERE userid='$bbuserinfo[userid]' ORDER BY logid DESC LIMIT 20 ");
	if(!$banklog)
	{
		$logbit="";
	}
	else
	{
		while ($userlog = $DB_site->fetch_array($banklog))
		{
			$userlog['logtimedate'] = vbdate($vboptions['dateformat'], $userlog['logtime'], true);
			$userlog['logtimetime'] = vbdate($vboptions['timeformat'], $userlog['logtime'], true);
			$userlog['logtime'] = $userlog['logtimedate']."&nbsp;".$userlog['logtimetime'];
			$userlog['operate'] = iif($userlog['operate']=="1", $vbphrase['deposit'], $userlog['operate']);
			$userlog['operate'] = iif($userlog['operate']=="2", $vbphrase['getdeposit'], $userlog['operate']);
			$userlog['operate'] = iif($userlog['operate']=="3", $vbphrase['changein'], $userlog['operate']);
			$userlog['operate'] = iif($userlog['operate']=="4", $vbphrase['changeout'], $userlog['operate']);
			$userlog['operate'] = iif($userlog['operate']=="5", $vbphrase['getaccrual'], $userlog['operate']);
			$userlog['operate'] = iif($userlog['operate']=="6", $vbphrase['changefee'], $userlog['operate']);
			$userlog['sum'] = iif($userlog['sum']>0, "+$userlog[sum]", $userlog['sum']);

			eval('$logbit .= "' . fetch_template('bank_log') . '";');
		}
	}

	$titlename = PLUS_NAME;
	$thisprograme = $vbphrase['bank_room'];
	$navbits = array();
	$navbits["bank.php?action=showroom"] = $titlename;
	$navbits[''] = $titlename.' - '.$thisprograme;
	$templatename = 'bank_showroom';

}
//##########################  showbankmoney end #################


//##########################  savemoney begin #################

if ($_REQUEST['action'] == 'save')
{
	$moneysave = Trim($_REQUEST['moneysave']);
	if (!ereg('^[0-9]{1,10}$',$moneysave))
	{
		eval(print_standard_error('bank_money_error'));
		exit();
	}
	$bank=$moneysave;

	$datamoney = $DB_site->query_first("
	SELECT money FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
	$usermoney= $datamoney['money'];
	$bank=intval($bank);
	if ($bank<$minmon)
	{
		eval(print_standard_error('bank_money_not_enough'));
		exit();
	}
	else if ($bank>$usermoney)
	{
		eval(print_standard_error('bank_money_not_enough_to'));
		exit();
	}
	else
	{
		$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET
          money=money-$bank,bank=bank+$bank,savemt='".time()."' WHERE userid='$bbuserinfo[userid]'");
		//记录到log表-存款1
		$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($bbuserinfo[userid],'1','$bank','".time()."','')");

		$url="bank.php?$session[sessionurl]action=showroom";
		eval(print_standard_redirect('bank_deposit_ok'));
		exit();
	}
}

//##########################  savemoney end #################


//##########################  loadmoney begin #################
if ($_REQUEST['action'] == 'load')
{
	$loadmoney = Trim($_REQUEST['loadmoney']);
	if (!ereg('^[0-9]{1,10}$',$loadmoney))
	{
		eval(print_standard_error('bank_money_error'));
		exit();
	}
	$bank=$loadmoney;

	$datamoney = $DB_site->query_first("
	SELECT bank FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
	$usermoney= $datamoney['bank'];
	$bank=intval($bank);

	if ($bank<$minmon)
	{
		eval(print_standard_error('bank_money_not_enough'));
		exit();
	}

	else if ($bank>$usermoney)
	{
		eval(print_standard_error('bank_money_not_enough_to'));
		exit();
	}
	else
	{
		$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET
			  bank=bank-$bank,savemt='".time()."',money=money+$bank WHERE userid='$bbuserinfo[userid]'");
		//记录到log表-取款2
		$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($bbuserinfo[userid],'2','-$bank','".time()."','')");

		$url="bank.php?$session[sessionurl]action=showroom";
		eval(print_standard_redirect('bank_get_ok'));
		exit();
	}

}

//##########################  loadmoney begin #################

//##########################  changemoney begin #################

if ($_REQUEST['action'] == 'change')
{
	$moneynumber = Trim($_REQUEST['moneynumber']);
	if (!ereg('^[0-9]{1,10}$',$moneynumber))
	{
		eval(print_standard_error('bank_money_error'));
		exit();
	}

	$bank=$moneynumber;
	$changeuser = addslashes(htmlspecialchars($_REQUEST['changeuser']));

	$datamoney = $DB_site->query_first("
	SELECT bank FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
	$usermoney= $datamoney['bank'];

	$shouxu = $shouxufei+1;								
	$bankk=$bank*$shouxu;
	$bankk=iif($bankk==intval($bankk),$bankk,intval($bankk)+1);
	//$bankk=intval($bankk)+1;
	$bank=intval($bank);
	$charge=$bankk-$bank;

	if ($bank<$minmon)
	{
		eval(print_standard_error('bank_money_not_enough'));
		exit();
	}
	else if ($bankk>$usermoney)
	{
		eval(print_standard_error('bank_money_not_enough_to'));
		exit();
	}
	else
	{

        $userna=$DB_site->query_first("SELECT * FROM " . TABLE_PREFIX . "user AS user WHERE username='".$changeuser."'");
        if ($userna=="") 
		{
			eval(print_standard_error('bank_user_error'));
			exit();
        }
        else if ($userna['userid']==$bbuserinfo['userid'])
		{
			eval(print_standard_error('bank_to_me_error'));
			exit();
        }
		else 
		{
			$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET
			bank=bank+$bank,savemt='".time()."' WHERE username='".$changeuser."'");
			$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET
			bank=bank-$bankk,savemt='".time()."' WHERE userid='$bbuserinfo[userid]'");
        
			//写入到用户悄悄话
			if ($vboptions['banksendpm']) 
			{                  	 
				$user=$DB_site->query_first("SELECT userid FROM " . TABLE_PREFIX . "user WHERE username='".$changeuser."'");
				$DB_site->query("INSERT INTO " . TABLE_PREFIX . "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t($bbuserinfo[userid], '" . addslashes($bbuserinfo['username']) . "', '" . addslashes($vbphrase['bank_message']) . "', '  $bank $danwei $vbphrase[bank_message_c]', '" . addslashes(serialize(array($changeuser))) . "', '', " . TIMENOW . ", 1, 1)");
				$pmtextid = $DB_site->insert_id();
				$DB_site->query("INSERT INTO " . TABLE_PREFIX . "pm (pmtextid, userid) VALUES ($pmtextid, $user[userid])");
				$DB_site->query("INSERT INTO " . TABLE_PREFIX . "pm (pmtextid, userid, folderid, messageread) VALUES ($pmtextid, $bbuserinfo[userid], -1, 1)");
				$DB_site->shutdown_query("UPDATE " . TABLE_PREFIX . "user SET pmtotal=pmtotal+1 WHERE userid=$bbuserinfo[userid]");
				$DB_site->shutdown_query("UPDATE " . TABLE_PREFIX . "user SET pmtotal=pmtotal+1,pmunread=pmunread+1 WHERE userid=$user[userid]");
			}

			//记录到log表-转账(转入3和转出4,扣费6)
			$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($user[userid],'3','$bank','".time()."','$bbuserinfo[username]')");
			$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($bbuserinfo[userid],'4','-$bank','".time()."','$changeuser')");
			$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($bbuserinfo[userid],'6','-$charge','".time()."','')");

			$url="bank.php?$session[sessionurl]action=showroom";
			eval(print_standard_redirect('bank_change_ok'));
			exit();
        }
   }
}


//##########################  changemoney end #################

//##########################  postmoneyrating begin ###########
if ($_REQUEST['action'] == 'postmoneyratingadd')
{
	globalize($_REQUEST, array(
		'postid' => INT
	));
	if (!$postinfo = verify_id('post', $postid, 1, 1)) 
	{
		eval(print_standard_error('rating_postid_error'));
	}
	$threadinfo = verify_id('thread', $postinfo['threadid'], 1, 1);
	$forumperms = fetch_permissions($threadinfo['forumid']);
	if (!($forumperms & CANPOSTMONEYRATE)) 
	{
		eval(print_standard_error('rating_no_permission'));		
	}
	//检查24小时内奖励惩罚次数
	if ($vboptions['ratingnum'])
	{
		$timecut = TIMENOW - 86400;
		$ratingsql=$DB_site->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "rating WHERE fromuserid=$bbuserinfo[userid] AND dateline>=$timecut");
		if ($ratingsql['count']>=$vboptions['ratingnum'])
		{
			eval(print_standard_error('rating_no_num'));
		}
	}
	
	$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET money=money+$vboptions[bounty] WHERE userid=$postinfo[userid]");
	$DB_site->query("UPDATE " . TABLE_PREFIX . "post SET bonus=bonus+$vboptions[bounty] WHERE postid=$postinfo[postid]");
	//记录奖励和惩罚操作到日志
	$DB_site->query("INSERT INTO " . TABLE_PREFIX . "rating (rating, fromuserid, touserid, topostid, dateline) VALUES ('1','$bbuserinfo[userid]','$postinfo[userid]','$postinfo[postid]','".time()."')");

	$_REQUEST['forceredirect'] = 1;
	$url="showthread.php?p=$postinfo[postid]#post$postinfo[postid]";
	eval(print_standard_redirect('rating_bonus'));
	
}

if ($_REQUEST['action'] == 'postmoneyratingdel')
{
	globalize($_REQUEST, array(
		'postid' => INT
	));
	if (!$postinfo = verify_id('post', $postid, 1, 1)) 
	{
		eval(print_standard_error('rating_postid_error'));
	}
	$threadinfo = verify_id('thread', $postinfo['threadid'], 1, 1);
	$forumperms = fetch_permissions($threadinfo['forumid']);
	if (!($forumperms & CANPOSTMONEYRATE)) 
	{
		eval(print_standard_error('rating_no_permission'));		
	}
	
	//检查24小时内奖励惩罚次数
	if ($vboptions['ratingnum'])
	{
		$timecut = TIMENOW - 86400;
		$ratingsql=$DB_site->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "rating WHERE fromuserid=$bbuserinfo[userid] AND dateline>=$timecut");
		if ($ratingsql['count']>=$vboptions['ratingnum'])
		{
			eval(print_standard_error('rating_no_num'));
		}
	}

	$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET money=money-$vboptions[fine] WHERE userid=$postinfo[userid]");
	$DB_site->query("UPDATE " . TABLE_PREFIX . "post SET bonus=bonus-$vboptions[fine] WHERE postid=$postinfo[postid]");
	//记录奖励和惩罚操作到日志
	$DB_site->query("INSERT INTO " . TABLE_PREFIX . "rating (rating, fromuserid, touserid, topostid, dateline) VALUES ('2','$bbuserinfo[userid]','$postinfo[userid]','$postinfo[postid]','".time()."')");

	$_REQUEST['forceredirect'] = 1;
	$url="showthread.php?p=$postinfo[postid]#post$postinfo[postid]";
	eval(print_standard_redirect('rating_mulct'));
	
}

//##########################  postmoneyrating end ###########

//########################## functions ##################

function showbankmoney() 
{
	global $DB_site,$bbuserinfo,$accrual;

	$savemoneytime= $DB_site->query_first("
	SELECT savemt FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
	$banktime = $savemoneytime[savemt];
	if ($banktime != 0)
	{
		$presenttime=(time()-$banktime)/86400;

		if ($presenttime>1)
		{
			$presenttime=floor($presenttime);
			$userbank = $DB_site->query_first("
			SELECT bank FROM " . TABLE_PREFIX . "user AS user WHERE userid='$bbuserinfo[userid]'");
			$userbankmoney= $userbank[bank];
			$userbankmoney=floor($userbankmoney*(pow((1+$accrual),$presenttime)));
			$useraccrual = $userbankmoney-$userbank[bank];
			$DB_site->query("UPDATE " . TABLE_PREFIX . "user SET bank=$userbankmoney,savemt='".time()."' WHERE userid='$bbuserinfo[userid]'");
			//记录到log表-结息5
			$DB_site->query("INSERT INTO " . TABLE_PREFIX . "bank_log (userid,operate,sum,logtime,note) VALUES ($bbuserinfo[userid],'5','$useraccrual','".time()."','')");
		}
	}
}


// #############################################################################

if ($templatename != '')
{
	$navbits = construct_navbits($navbits);
	eval('$navbar = "' . fetch_template('navbar') . '";');
	eval('print_output("' . fetch_template($templatename) . '");');
}

?>