v1.0.2 - fixed cashouts

This commit is contained in:
2026-05-10 15:25:21 -05:00
parent 63a0c688f0
commit 28d2f8102d
4 changed files with 46 additions and 59 deletions
+5 -56
View File
@@ -105,8 +105,8 @@ switch ($action) {
try {
if ($status === 'completed') {
// Credit tokens to user
db()->prepare("logAdminAction('TOKENS_ADJUSTED', $adminId, 'user', isset($targetId)?$targetId:0, 'Manual token adjustment: '.($data['tokens']??0).' tokens', '', ($data['tokens']??''), 'critical');
db()->prepare("UPDATE users SET tokens=tokens+"? WHERE id=?")->execute([$purchase['tokens'], $purchase['user_id']]);
logAdminAction('TOKENS_ADJUSTED', $adminId, 'user', isset($targetId)?(int)$targetId:0, 'Manual token adjustment: '.($data['tokens']??0).' tokens', '', ($data['tokens']??''), 'critical');
db()->prepare("UPDATE users SET tokens=tokens+? WHERE id=?")->execute([$purchase['tokens'], $purchase['user_id']]);
}
db()->prepare("UPDATE token_purchases SET status=?,admin_note=? WHERE id=?")->execute([$status, $note, $id]);
db()->commit();
@@ -326,8 +326,8 @@ switch ($action) {
$data = json_decode(file_get_contents('php://input'), true);
$uid = (int)($data['user_id'] ?? 0);
if ($uid === MASTER_ADMIN_ID) { echo json_encode(['success'=>false,'error'=>'Cannot suspend the master admin.']); exit; }
db()->prepare("logAdminAction('USER_STATUS_CHANGE', $adminId, 'user', isset($userId)?$userId:0, 'Changed user status to: '.($data['status']??'unknown'), '', ($data['status']??''), 'warning');
db()->prepare("UPDATE users SET status="IF(status='active','suspended','active') WHERE id=?")->execute([$uid]);
logAdminAction('USER_STATUS_CHANGE', $adminId, 'user', isset($userId)?(int)$userId:0, 'Changed user status to: '.($data['status']??'unknown'), '', ($data['status']??''), 'warning');
db()->prepare("UPDATE users SET status=IF(status='active','suspended','active') WHERE id=?")->execute([$uid]);
echo json_encode(['success'=>true]);
break;
@@ -537,58 +537,7 @@ switch ($action) {
echo json_encode(['success'=>true]);
break;
// ─── PLATFORM ACCOUNTS ────────────────────────────────
case 'platform_accounts_list':
$status = $_GET['status'] ?? 'pending';
$valid = ['pending','approved','denied','deleted'];
if (!in_array($status,$valid)) $status='pending';
$stmt = db()->prepare("
SELECT pa.*, u.username, u.alias,
COALESCE(p.name, pa.platform_name, pa.platform_slug) AS display_name,
p.color
FROM platform_accounts pa
JOIN users u ON pa.user_id = u.id
LEFT JOIN platforms p ON pa.platform_slug = p.slug
WHERE pa.status = ?
ORDER BY pa.requested_at DESC
");
$stmt->execute([$status]);
echo json_encode(['success'=>true,'accounts'=>$stmt->fetchAll()]);
break;
case 'platform_account_approve':
if ($_SERVER['REQUEST_METHOD']!=='POST'){echo json_encode(['success'=>false]);exit;}
$d = json_decode(file_get_contents('php://input'),true);
$id = (int)($d['id']??0);
$u = substr(trim($d['provided_username']??''),0,100);
$pw = substr(trim($d['provided_password']??''),0,200);
$nt = substr(trim($d['admin_note']??''),0,500);
if (!$id||!$u||!$pw){echo json_encode(['success'=>false,'error'=>'ID, username and password required']);exit;}
$r=db()->prepare("SELECT user_id,platform_slug FROM platform_accounts WHERE id=?");$r->execute([$id]);$req=$r->fetch();
if(!$req){echo json_encode(['success'=>false,'error'=>'Not found']);exit;}
db()->prepare("UPDATE platform_accounts SET status='approved',provided_username=?,provided_password=?,admin_note=?,approved_at=NOW(),admin_id=? WHERE id=?")
->execute([$u,$pw,$nt,$_SESSION['user_id'],$id]);
db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")
->execute([$req['user_id'],$req['platform_slug'],$u]);
try{logActivity('platform_account_approved',$req['user_id'],(int)$_SESSION['user_id'],'platform_account',$id,"Approved {$req['platform_slug']}: {$u}");}catch(Exception $e){}
echo json_encode(['success'=>true]);
break;
case 'platform_account_update':
if ($_SERVER['REQUEST_METHOD']!=='POST'){echo json_encode(['success'=>false]);exit;}
$d = json_decode(file_get_contents('php://input'),true);
$id = (int)($d['id']??0);
$u = substr(trim($d['provided_username']??''),0,100);
$pw = substr(trim($d['provided_password']??''),0,200);
$nt = substr(trim($d['admin_note']??''),0,500);
if (!$id){echo json_encode(['success'=>false,'error'=>'ID required']);exit;}
db()->prepare("UPDATE platform_accounts SET provided_username=?,provided_password=?,admin_note=?,admin_id=? WHERE id=?")
->execute([$u,$pw,$nt,$_SESSION['user_id'],$id]);
$r=db()->prepare("SELECT user_id,platform_slug FROM platform_accounts WHERE id=?");$r->execute([$id]);$req=$r->fetch();
if($req&&$u){db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")->execute([$req['user_id'],$req['platform_slug'],$u]);}
echo json_encode(['success'=>true]);
break;
// ──
case 'platform_account_deny':
if ($_SERVER['REQUEST_METHOD']!=='POST'){echo json_encode(['success'=>false]);exit;}
$d=json_decode(file_get_contents('php://input'),true);