Issue #5: basic ok/deny should work

xinchejian · Aug 18, 2015 · a6cd180 · a6cd180
1 parent 3247359
commit a6cd180
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 7 deletions.
diff --git a/admin.php b/admin.php
@@ -21,7 +21,7 @@ function verify(e, ok, id, email) {
 </head>
 <body>
  <h1>Unverified Payments</h1>
- <table>
+ <table style="width:100%">
   <thead>
    <tr>
     <th>E-mail</th>
@@ -36,7 +36,7 @@ function verify(e, ok, id, email) {
 $link = mysql_connect('localhost', 'webuser', getenv('MYSQL_PASSWORD'))
 	or mail_and_die('mysql_connect error');
 
-$result = mysql_query("SELECT id,email,submitted,amount FROM members.Payments WHERE verified IS NULL;", $link)
+$result = mysql_query("SELECT id,email,CAST(submitted AS DATE) as submitted,amount FROM members.Payments WHERE verified IS NULL;", $link)
 	or die('mysql_query SELECT error');
 
 while ($row = mysql_fetch_assoc($result)) {?>
@@ -45,8 +45,8 @@ function verify(e, ok, id, email) {
     <td><?php echo $row['submitted']; ?></td>
     <td><?php echo $row['amount']; ?></td>
     <td>
-     <input onclick="javascript:verify(this, 1, <?php echo $row['email'], $row['id']; ?>)" type="button" value="OK"/>
-     <input onclick="javascript:verify(this, 0, <?php echo $row['email'], $row['id']; ?>)" type="button" value="Deny"/>
+     <input onclick="javascript:verify(this, 1, '<?php echo $row['email']; ?>', <?php echo $row['id']; ?>)" type="button" value="OK"/>
+     <input onclick="javascript:verify(this, 0, '<?php echo $row['email']; ?>', <?php echo $row['id']; ?>)" type="button" value="Deny"/>
     </td>
    </tr><?php
 }

diff --git a/verify.php b/verify.php
@@ -1,14 +1,18 @@
 <?php
 require('mailer.php');
 
-$id = (int)$_GET['id'];
+$paymentid = (int)$_GET['id'];
 $ok = (int)$_GET['ok'];
 $email = urldecode($_GET['email']);
 $amount = $_GET['amount'];
 if ($amount == '100')
 	$months = 1;
 else if ($amount == '450')
 	$months = 6;
+else if ($amount == '900')
+	$months = 12;
+else if ($amount == '5000')
+	$months = 12;
 else
 	mail_and_die('wrong amount');
 
@@ -23,10 +27,10 @@ function mail_and_die($m)
 	or mail_and_die('mysql_connect error');
 $email2 = '"'.mysql_real_escape_string($email, $link).'"';
 
-mysql_query("UPDATE members.Payments SET verified = $ok WHERE id = $id", $link)
+mysql_query("UPDATE members.Payments SET verified = $ok WHERE id = $paymentid", $link)
 	or mail_and_die('mysql_query UPDATE Payments error');
 if ($ok) {
-	mysql_query("UPDATE members.Users SET paid_verified = paid WHERE id = $id", $link)
+	mysql_query("UPDATE members.Users SET paid_verified = (SELECT submitted FROM members.Payments WHERE id = $paymentid) + INTERNAL $months MONTH WHERE email = $email2", $link)
 		or mail_and_die('mysql_query UPDATE Users error');
 }
 else {