function cancel_order($orderid, $uid)
{
// cancel an order
$query = "\n UPDATE orderbook\n SET status='CANCEL'\n WHERE\n orderid='{$orderid}'\n AND uid='{$uid}'\n AND status='OPEN'\n ";
do_query($query);
if (mysql_affected_rows() != 1) {
if (mysql_affected_rows() > 1) {
throw new Error('Serious...', 'More rows updated than should be. Contact the sysadmin ASAP.');
} else {
if (mysql_affected_rows() == 0) {
throw new Problem(_('Cannot...'), _('Your order got bought up before you were able to cancel.'));
} else {
throw new Error('Serious...', 'Internal error. Contact sysadmin ASAP.');
}
}
}
// Refetch order in case something has happened.
$info = fetch_order_info($orderid);
if ($uid != $info->uid) {
throw new Error('Permission...', '... Denied! Now GTFO.');
}
add_funds($info->uid, $info->amount, $info->type);
// these records indicate returned funds.
create_record($orderid, $info->amount, 0, 0, -1, 0);
addlog(LOG_RESULT, " cancelled order {$orderid}");
}
function record($id, $termType)
{
$uses = "";
$term = thesaurus::get_name($id);
$uses = extract_pattern($term, "/\\(BS[: ](?<use>.*)\\)/");
$recordArray = array();
$record = new simpleXmlElement("<record />");
// check if term already exists
// define array for record creation
$recordArray['input.name'] = "Thesaurus Redaktion";
$recordArray['input.date'] = date("Y-m-d", time());
$recordArray['input.time'] = date("h:i:s", time());
$recordArray['term.type'] = $termType;
$recordArray['term.status'] = thesaurus::get_status_name(thesaurus::get_status($id));
$recordArray['term'] = $term;
$recordArray['notes'] = thesaurus::get_comment($id);
$recordArray['broader_term'] = thesaurus::get_parent($id);
// $recordArray['narrower_term'] = thesaurus::get_child($id);
$recordArray['related_term'] = thesaurus::get_assoc($id);
$recordArray['used_for'] = $uses;
xml_insert($record->record, create_record($recordArray, $termType));
return $record;
}
jtable_respond(null, 'delete');
break;
case "listrecords":
$zone = get_zone_by_url(isset($_GET['zoneurl']) ? $_GET['zoneurl'] : '');
$a = api_request($zone['url']);
$records = $a['records'];
foreach ($records as &$record) {
$record['id'] = json_encode($record);
}
unset($record);
usort($records, "record_compare");
jtable_respond($records);
break;
case "createrecord":
$zone = get_zone_by_url(isset($_GET['zoneurl']) ? $_GET['zoneurl'] : '');
$record = create_record($zone, $_POST);
$record['id'] = json_encode($record);
jtable_respond($record, 'single');
break;
case "editrecord":
$zone = get_zone_by_url(isset($_GET['zoneurl']) ? $_GET['zoneurl'] : '');
$old_record = decode_record_id(isset($_POST['id']) ? $_POST['id'] : '');
$records = get_records_except($zone, $old_record);
$record = make_record($zone, $_POST);
if ($record['name'] !== $old_record['name'] || $record['type'] !== $old_record['type']) {
# rename or retype:
$newRecords = get_records_by_name_type($zone, $record['name'], $record['type']);
array_push($newRecords, $record);
update_records($zone, $old_record, $records);
# remove from old list
update_records($zone, $record, $newRecords);
// Decompressive ZIP uploading is disabled.
// $zip_upload_count = count($_FILES['ZIP_array']['name']);
//Now we must prepare the inital form for adding the pictures to the database, and we must move them to their final location.
// Count errors in each error array and the escrow array.
$escrow_array_count = count($escrow_array);
$file_error_count = count($file_failure_array);
$URI_error_count = count($URI_failure_array);
$zip_error_count = count($zip_failure_array);
// Create page header.
pageheader($lang_upload_php['title']);
// Check for successful uploads.
if ($escrow_array_count > '0') {
// Serialize and base64_encode the array.
$cayman_escrow = base64_encode(serialize($escrow_array));
// Add temp data record to database.
$unique_ID = create_record($cayman_escrow);
// Verify record was created.
if (!$unique_ID) {
cpg_die(CRITICAL_ERROR, $lang_upload_php['cant_create_write'], __FILE__, __LINE__);
}
// Prepare success data for user.
starttable("100%", $lang_upload_php['succ'], 2);
echo "<tr><td colspan=\"2\">";
printf($lang_upload_php['success'], $escrow_array_count);
echo "<br /><br />";
echo $lang_upload_php['add'];
echo "</td></tr>";
// Set the form action to this script.
open_form($_SERVER['PHP_SELF']);
$form_array = array(array('unique_ID', $unique_ID, 4), array('control', 'phase_2', 4));
create_form($form_array);
function process()
{
do_query("SET div_precision_increment = 8");
// find and cancel any active orders from users with negative BTC or FIAT balances
// this should never happen unless someone is trying to double-spend their balance
$query = "\n SELECT orderid, orderbook.amount as amount, orderbook.type, orderbook.uid as uid\n FROM orderbook\n JOIN purses\n ON orderbook.uid = purses.uid\n WHERE\n status != 'CLOSED' AND\n status != 'CANCEL' AND\n purses.amount < 0\n GROUP BY orderid\n ";
$result = b_query($query);
while ($row = mysql_fetch_array($result)) {
$orderid = $row['orderid'];
$amount = $row['amount'];
$type = $row['type'];
$uid = $row['uid'];
try {
echo "cancelling order {$orderid} (spend ", internal_to_numstr($amount), " {$type} for user {$uid}) due to negative balance\n";
wait_for_lock($uid);
$query = "\n UPDATE orderbook\n SET status = 'CANCEL'\n WHERE orderid = '{$orderid}'\n ";
b_query($query);
add_funds($uid, $amount, $type);
// these records indicate returned funds.
create_record($orderid, $amount, 0, 0, -1, 0);
release_lock($uid);
} catch (Error $e) {
if ($e->getTitle() == 'Lock Error') {
echo "can't get lock for {$uid}\n";
} else {
throw $e;
}
}
}
$query = "\n SELECT orderid\n FROM orderbook\n WHERE processed=FALSE\n ORDER BY timest ASC\n ";
$result = b_query($query);
while ($row = mysql_fetch_array($result)) {
$orderid = $row['orderid'];
echo "Processing {$orderid}...\n";
fulfill_order($orderid);
echo "Completed.\n\n";
$query = "\n UPDATE orderbook\n SET processed=TRUE\n WHERE orderid='{$orderid}'\n ";
b_query($query);
}
}
if ($_POST['username'] === USERNAME && $_POST['password'] === PASSWORD) {
$_SESSION['loggedin'] = true;
rmain();
} else {
fail();
}
}
if (@$_SESSION['loggedin'] === true) {
// Submit posts
if (isset($_POST['submitpost'])) {
$r = 0;
if (empty($_POST[D_POSTCONTENT])) {
fail();
}
if (empty($_POST[D_POSTID])) {
$r = create_record(uniqid());
set_kvp($r, D_POSTDATE, time());
} else {
if (!record_exists($_POST[D_POSTID])) {
fail();
}
$r = $_POST[D_POSTID];
}
set_kvp($r, D_POSTCONTENT, $_POST[D_POSTCONTENT]);
create_index(D_POSTDATE, D_POSTDATE);
}
if (isset($_POST['delete'])) {
record_delete($_POST['postid']);
create_index(D_POSTDATE, D_POSTDATE);
}
if (isset($_GET['dc'])) {
<?php
require_once 'db.php';
if (isset($_GET['junk'])) {
set_sms_status($_GET['junk'], 3);
header('Location: add_record.php?sms=1&junksuccess=1');
}
$person_id = create_record($_POST);
if (!empty($_FILES) && !empty($_FILES['photo']['name'])) {
handle_upload($person_id);
}
if (isset($_POST['sneaksms'])) {
header('Location: smsqueue.php');
}
$query_string = '?success=' . $_POST['firstname'] . '+' . $_POST['lastname'];
if (isset($_POST['fromsms'])) {
$query_string .= '&sms=1';
}
header('Location: add_record.php' . $query_string);
//header('Location: person.php?id=' . $person_id);
