diff --git a/api/cashout.php b/api/cashout.php index 6cc2bd3..ab571d1 100644 --- a/api/cashout.php +++ b/api/cashout.php @@ -121,6 +121,16 @@ if ($payoutMethodId) { } } +// Reject if the payout method type is not currently admin-enabled +if ($payoutMethodType) { + $enaStmt = db()->prepare("SELECT is_enabled FROM admin_payout_settings WHERE method_key=?"); + $enaStmt->execute([$payoutMethodType]); + $enaRow = $enaStmt->fetch(); + if (!$enaRow || !$enaRow['is_enabled']) { + echo json_encode(['success'=>false,'error'=>'This payout method is no longer available. Please select a different method or add a new one.']); exit; + } +} + // Check balance $balStmt = db()->prepare("SELECT tokens FROM users WHERE id=?"); $balStmt->execute([$userId]); diff --git a/api/payout_methods.php b/api/payout_methods.php index 95249f7..c01377d 100644 --- a/api/payout_methods.php +++ b/api/payout_methods.php @@ -14,7 +14,14 @@ switch ($action) { case 'list': $uid = $isAdmin ? (int)($_GET['user_id'] ?? $userId) : $userId; - $rows = db()->prepare("SELECT * FROM payout_methods WHERE user_id=? ORDER BY is_default DESC, id ASC"); + $rows = db()->prepare(" + SELECT pm.*, + COALESCE(aps.is_enabled, 0) AS admin_enabled + FROM payout_methods pm + LEFT JOIN admin_payout_settings aps ON aps.method_key = pm.method_type + WHERE pm.user_id = ? + ORDER BY pm.is_default DESC, pm.id ASC + "); $rows->execute([$uid]); echo json_encode(['success'=>true, 'methods'=>$rows->fetchAll()]); break; diff --git a/index.php b/index.php index 16187de..19ce328 100644 --- a/index.php +++ b/index.php @@ -1948,16 +1948,24 @@ async function loadCashoutPayoutMethods() { } if (noEl) noEl.style.display = 'none'; if (el) { - el.innerHTML = payoutMethods.map(m => ` - `; + }).join(''); } } @@ -1967,20 +1975,27 @@ function renderPayoutMethodsList(el) { el.innerHTML = '