public function login() { $mail = isset($_POST['user_mail']) ? $_POST['user_mail'] : ''; $password = isset($_POST['user_password']) ? encript_password($_POST['user_password']) : ''; $data = $this->model('LoginModel'); $result = $data->login_users($this->tableUsers, $mail, $password); url_redirect($result); }
private function delete_user($id) { $data = $this->model('CategoriesModel'); $result = $data->delete($id); if ($result) { $result = site_url() . 'admin/categorias/?exito=6'; url_redirect($result); } else { $result = site_url() . 'admin/categorias/?code=2'; url_redirect($result); } }
public function infoPost($post_id = '') { $data = $this->model('CategoriesModel'); $data_p = $this->model('PostsModel'); $post = $data_p->get_Post($post_id); if ($post != false) { $data_f = $this->model('PostsModel'); $datos = array('categorias' => $data->All(), 'post' => $post, 'imagenes' => $data_f->AllImages()); $this->vew('admin/post', $datos); } else { $result = site_url() . 'admin/posts/'; url_redirect($result); } }
function brokendownloadS() { global $downloadsprefix, $db, $anonymous, $userinfo; if (!is_user()) { url_redirect(getlink()); } $lid = intval($_POST['lid']); $ratinguser = $userinfo['user_id']; $db->sql_query("insert into " . $downloadsprefix . "_modrequest values (NULL, {$lid}, 0, 0, '', '', '', '{$ratinguser}', 1, '{$auth_name}', '{$email}', '{$filesize}', '{$version}', '{$homepage}')"); include "header.php"; downl_menu_tpl(1); echo '<br />'; OpenTable(); echo "<br /><center>" . _THANKSFORINFO . "<br /><br />" . _LOOKTOREQUEST . "</center><br />"; CloseTable(); include "footer.php"; }
//if payable amount is equal to zero then process the customer directly if ($_POST['amount'] == 0) { //check deal quantity availability require_once DOCUMENT_ROOT . "/system/includes/transaction.php"; $L_QTY0 = $qty; $COUPONID = $couponid; $USERID = $_SESSION['userid']; check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $USERID); check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0); $USERID = $_SESSION['userid']; $_SESSION['pay_mod_id'] = $_POST['pay_mod_id']; if (!isset($_SESSION['pay_mod_id'])) { if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift"); } else { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID); } } $user = "******"; $userSet = mysql_query($user); while ($r = mysql_fetch_array($userSet)) { $FIRSTNAME = html_entity_decode($r['firstname'], ENT_QUOTES); $LASTNAME = html_entity_decode($r['lastname'], ENT_QUOTES); $EMAIL = html_entity_decode($r['email'], ENT_QUOTES); } $PAYERID = ''; $TRANSACTIONID = ''; $CORRELATIONID = ''; $PAYERSTATUS = ''; $COUNTRYCODE = ''; $USERID = $uid = $_SESSION['userid'];
if (!preg_match("/^(\\+){0,1}(\\d|\\s|\\(|\\)|\\-){5,20}\$/", $mobileno)) { set_response_mes(-1, $language['invalid_mobile_number']); url_redirect($_SERVER['REQUEST_URI']); } if (!empty($mobileno)) { $val = add_mobilesubscriber($mobileno, $city); if ($val) { set_response_mes(1, $language['subscribe_success']); url_redirect($_SERVER['REQUEST_URI']); } else { set_response_mes(-1, $language['mobile_exits']); url_redirect($_SERVER['REQUEST_URI']); } } else { set_response_mes(-1, $language['try_again']); url_redirect($_SERVER['REQUEST_URI']); } } //get the categpry list $category_list = mysql_query("select * from coupons_cities where status='A' order by cityname"); ?> <div class="width240 fl clr borderF2F mb20"> <div class="great_deals"> <div class="great_top fl clr"> <h1><?php echo $language['mobile_subscription']; ?> </h1> </div> <div class="great_center fl clr">
//checking whether admin logged in or not. $userid = $_SESSION["userid"]; $shopid = $url_arr[3]; $obj = new EditShop(); $obj->editShopDetails($shopid); if ($_POST) { $shopname = htmlentities($_POST['shopname'], ENT_QUOTES); $shopaddress = htmlentities($_POST['shopaddress'], ENT_QUOTES); $city = $_POST["city"]; $country = $_POST['country']; $lat = htmlentities($_POST['lat'], ENT_QUOTES); $lang = htmlentities($_POST['lang'], ENT_QUOTES); $result = updateShop($shopid, $userid, $shopname, $shopaddress, $city, $country, $lat, $lang); $coopon_url = DOCROOT . "admin/view/rep/shops/"; set_response_mes(1, $admin_language['changesmodified']); url_redirect($coopon_url); } ?> <script type="text/javascript"> /* validation */ $(document).ready(function(){ $("#form_editshop").validate();}); </script> <div class="form"> <div class="form_top"></div> <div class="form_cent"> <form name="form_editshop" id="form_editshop" method="post" action="" class="coopen_form fl" > <fieldset>
if ($pay_ack["ACK"] == "Failure") { //failure operation set_response_mes(-1, "Request Unapproved"); url_redirect(DOCROOT . "system/modules/affiliate/admin/pay-affiliates.php"); } else { $transaction_id = $pay_ack['TRANSACTIONID']; mysql_query("insert into aff_payments(aff_id,date,time,sales,commission,uid) values('{$uid}',NOW(),NOW(),'{$sales}','{$amount}','{$aid}') "); //Insert the payment details to db mysql_query("insert into aff_archived_sales(aff_id,uid,date,time,payment,payout,ip,order_number,merchant) values('{$uid}','{$aid}',NOW(),NOW(),'{$sales}','{$amount}','{$ip}','{$transaction_id}','paypal')"); //insert payout sales details //mysql_query("delete from aff_sales where aff_id=$uid and `approved` = '2' LIMIT 1"); // delete the sales details after payout the amount // here send full amt to the aff user, so delete all the records from aff_sales mysql_query("delete from aff_sales where aff_id='{$uid}' and `approved` = '2' and fund_requested='1' "); // delete the sales details after payout the amount set_response_mes(1, "Request Approved"); url_redirect(DOCROOT . "system/modules/affiliate/admin/pay-affiliates.php"); } //set the response and redirect it.... } } } function masspay_request($subject = '', $receiver_mail = '', $currency_code = '', $payer_id = '', $amount = '', $unique_id = '', $note = '') { /** * Get required parameters from the web form for the request */ $emailSubject = urlencode($subject); $receiverType = urlencode($receiver_mail); $currency = urlencode($currency_code); $nvpstr = ''; //$count= count($_POST['receiveremail']);
$SMTP_STATUS = SMTP_STATUS; if ($SMTP_STATUS == 1) { include DOCUMENT_ROOT . "/system/modules/SMTP/smtp.php"; //mail send thru smtp } else { // To send HTML mail, the Content-type header must be set $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; // Additional headers $headers .= 'From: ' . $from . '' . "\r\n"; $headers .= 'Bcc: ' . $to . '' . "\r\n"; mail($to, $subject, $message, $headers); } //send_email($email,$to,$subject,$mes); //call email function set_response_mes(1, $language['thank_you_for_enquiry']); url_redirect(DOCROOT . 'contactus.html'); } ?> <div class="work_bottom contactus"> <form action="" name="contactus" id="contactus" method="post"> <table width="100%" border="0" cellpadding="5" cellspacing="5" class="contact_user"> <tr><td align="right" valign="top"> <label><?php echo $language["contact_name"]; ?> :</label> </td><td> <input name="name" type="text" class="required nospecialchars" title="<?php echo $language['valid_name']; ?>
<div class="fl clr mt10 "> <span class="font14 color333"><?php echo ucfirst(htmlspecialchars_decode($row["shopname"])); ?> <br/></span> <?php echo nl2br(html_entity_decode($row["shop_address"], ENT_QUOTES)); ?> <br/> <?php echo nl2br(html_entity_decode($row["cityname"], ENT_QUOTES)); ?> <br/> <?php echo nl2br(html_entity_decode($row["countryname"], ENT_QUOTES)); ?> <br/> </div> <div class="clr fl" style="width:400px;"> </div> </div> </div> <?php } } else { set_response_mes(1, $language['cannot_print']); url_redirect(DOCROOT . "my-coupons.html"); } die;
} } if (isset($_POST['btnVarUpdate'])) { require_once CLASSES . 'variable.php'; $var_id = $_POST['hidVarID']; $var_name = $_POST['txtVarName']; $var_value = $_POST['txtVarVal']; $variable = new Variable($var_id, 'edit'); if ($variable->update_variable($var_name, $var_value)) { unset($_POST['btnVarUpdate']); url_redirect(HTTP_SERVER . 'index.php?variable=1'); } else { } } if (isset($_POST['btnVarAdd'])) { require_once CLASSES . 'variable.php'; $var_name = $_POST['txtVarName']; $var_value = $_POST['txtVarVal']; $variable = new Variable(); if ($variable->add_variable($var_name, $var_value)) { unset($_POST['btnVarAdd']); url_redirect(HTTP_SERVER . 'index.php?variable=1'); } else { } } if (isset($_POST['btnUploadImg'])) { print_r($_FILES); if (imageUpload($_FILES['upImage']['tmp_name'], UPLOAD_DIR . $_FILES['upImage']['name'], UPLOAD_DIR . 'thumb_' . $_FILES['upImage']['name'])) { echo 'About Upload'; } }
/** * Redirects the browser to a specified anchor on the index.php page that sent a form from a CMS section. * @param string $id HTML element id * @param boolean $success no errors to display * @param string $customErr if $success is false, type here your own custom message */ function notify_request($id, $success, $customErr = "") { global $_displayType, $_notifyMsg; $errorMessage = $_notifyMsg["ERROR"]; if (!$success && !empty($customErr)) { $errorMessage = $customErr; } $_SESSION[$id] = $success ? display_text($_displayType["SUCCESS"], $_notifyMsg["SAVED"]) : display_text($_displayType["ERROR"], $errorMessage); url_redirect(dirname($_SERVER['SCRIPT_NAME']) . "/#" . $id); }
<?php if ($_SESSION["userid"]) { url_redirect(DOCROOT . "profile.html"); } $url_array = explode('=', $_SERVER['REQUEST_URI']); if (isset($url_array[1])) { $_SESSION['referral_id'] = $url_array[1]; } ?> <ul> <li><a href="/" title="<?php echo $language['home']; ?> "><?php echo $language['home']; ?> </a></li> <li><span class="right_arrow"></span></li> <li><a href="javascript:;" title="<?php echo $language['signup']; ?> "><?php echo $language['signup']; ?> </a></li> </ul> <h1><?php echo $page_title;
$headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; // Additional headers $headers .= 'From: ' . $from . '' . "\r\n"; mail($to, $subject, $message, $headers); } set_response_mes(1, $language["password_changed"]); url_redirect(DOCROOT . "change-password.html"); } else { set_response_mes(-1, $language["not_matched"]); url_redirect(DOCROOT . "change-password.html"); } } } else { set_response_mes(-1, $language["not_matched"]); url_redirect(DOCROOT . "change-password.html"); } } ?> <?php include "profile_submenu.php"; ?> <h1><?php echo $page_title; ?> </h1> <div class="work_bottom ">
if ($username == $badname[0]) { $error = _SHOUTUSERBAN; } } $db->sql_freeresult($nameresult); } //look for bad words, then censor them. if ($shoutconf['censor']) { $comment = check_words($comment); } //if error just reload page, else add posting. if ($error) { cpg_error($error); } else { $db->sql_query("INSERT INTO " . $prefix . "_shoutblock VALUES (NULL, '" . Fix_Quotes($username) . "', '" . Fix_Quotes($comment) . "', '" . gmtime() . "')"); url_redirect($CPG_SESS['user']['uri']); } } function nav_shouts() { global $prefix, $db, $offset, $number, $shoutconf, $userinfo; $offset = intval($offset); $result = $db->sql_query("SELECT * FROM " . $prefix . "_shoutblock ORDER BY id DESC LIMIT {$offset},25"); $loop = $db->sql_numrows($result); while ($row = $db->sql_fetchrow($result)) { echo '<div class="content">'; $row[2] = set_smilies($row[2]); echo '<a href="' . getlink('Your_Account&profile=' . $row[1]) . '"><strong>' . $row[1] . ':</strong></a>'; if ($shoutconf['date']) { echo formatDateTime($row[3], '%d-%b-%Y '); }
function disapprove_post($post_id_list) { global $_CLASS, $_CORE_CONFIG, $config; if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_approve'))) { trigger_error('NOT_AUTHORIZED'); } $redirect = request_var('redirect', $_CLASS['core_user']->data['session_page']); $reason = request_var('reason', ''); $reason_id = request_var('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('post_id_list' => $post_id_list, 'f' => $forum_id, 'mode' => 'disapprove', 'redirect' => $redirect)); $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; if ($reason_id) { $sql = 'SELECT reason_name FROM ' . REASONS_TABLE . " \n\t\t\tWHERE reason_id = {$reason_id}"; $result = $_CLASS['core_db']->query($sql); if (!($row = $_CLASS['core_db']->fetch_row_assoc($result)) || !$reason && $row['reason_name'] == 'other') { $additional_msg = 'Please give an appropiate reason for disapproval'; unset($_POST['confirm']); } else { $disapprove_reason = $row['reason_name'] != 'other' ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_name'])] : ''; $disapprove_reason .= $reason ? "\n\n" . $_REQUEST['reason'] : ''; unset($reason); } $_CLASS['core_db']->free_result($result); } if (confirm_box(true)) { $post_info = get_post_data($post_id_list, 'm_approve'); // If Topic -> forum_topics_real -= 1 // If Post -> topic_replies_real -= 1 $forum_topics_real = 0; $topic_replies_real_sql = $post_disapprove_sql = $topic_id_list = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) { if ($post_data['forum_id']) { $forum_topics_real++; } } else { if (!isset($topic_replies_real_sql[$post_data['topic_id']])) { $topic_replies_real_sql[$post_data['topic_id']] = 1; } else { $topic_replies_real_sql[$post_data['topic_id']]++; } } $post_disapprove_sql[] = $post_id; } if ($forum_topics_real) { $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\tSET forum_topics_real = forum_topics_real - {$forum_topics_real}\n\t\t\t\tWHERE forum_id = {$forum_id}"; $_CLASS['core_db']->query($sql); } if (sizeof($topic_replies_real_sql)) { foreach ($topic_replies_real_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $_CLASS['core_db']->query($sql); } } if (sizeof($post_disapprove_sql)) { // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts delete_posts('post_id', $post_disapprove_sql); } unset($post_disapprove_sql, $topic_replies_real_sql); update_post_information('topic', array_keys($topic_id_list)); update_post_information('forum', $forum_id); unset($topic_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_disapproved' : 'post_disapproved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $_CORE_CONFIG['global']['sitename'], 'USERNAME' => $post_data['username'], 'REASON' => stripslashes($disapprove_reason), 'POST_SUBJECT' => censor_text($post_data['post_subject']), 'TOPIC_TITLE' => censor_text($post_data['topic_title']))); $messenger->send($post_data['user_notify_type']); $messenger->reset(); } $messenger->save_queue(); } unset($post_info, $disapprove_reason); if ($forum_topics_real) { $success_msg = $forum_topics_real == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS'; } } else { $sql = 'SELECT * FROM ' . REASONS_TABLE . ' ORDER BY reason_priority ASC'; $result = $_CLASS['core_db']->query($sql); while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $row['reason_name'] = strtoupper($row['reason_name']); $reason_title = !empty($_CLASS['core_user']->lang['report_reasons']['TITLE'][$row['reason_name']]) ? $_CLASS['core_user']->lang['report_reasons']['TITLE'][$row['reason_name']] : ucwords(str_replace('_', ' ', $row['reason_name'])); $reason_desc = !empty($_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][$row['reason_name']]) ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][$row['reason_name']] : $row['reason_desc']; $_CLASS['core_template']->assign_vars_array('reason', array('ID' => $row['reason_id'], 'NAME' => htmlspecialchars($reason_title), 'DESCRIPTION' => htmlspecialchars($reason_desc), 'S_SELECTED' => $row['reason_id'] == $reason_id ? true : false)); } $_CLASS['core_db']->free_result($result); $_CLASS['core_template']->assign_array(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, 'DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', generate_link('Forums')); if (!$success_msg) { url_redirect($redirect); } else { $_CLASS['core_display']->meta_refresh(3, generate_link("Forums&file=viewforum&f={$forum_id}")); trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('Forums&file=viewforum&f=' . $forum_id) . '">', '</a>')); } }
$country = $_POST['country']; $cityname = htmlentities($_POST['cityname'], ENT_QUOTES); $city_url = htmlentities($_POST['permalink'], ENT_QUOTES); $rep_city = $_POST['rep_city']; $cityid = $_POST['rep_city']; $result = mysql_query("select * from coupons_cities where cityname='{$cityname}' and countryid='{$country}' and cityid<>{$cityid}"); if (mysql_num_rows($result) > 0) { set_response_mes(-1, $admin_language['cityexist']); $redirect_url = DOCROOT . 'edit/city/' . $rep_city; url_redirect($redirect_url); } //update into database updateCity($cityname, $city_url, $country, $rep_city); set_response_mes(1, $admin_language['changesmodified']); $redirect_url = DOCROOT . 'manage/city/'; url_redirect($redirect_url); } ?> <script type="text/javascript"> /* validation */ $(document).ready(function(){ $("#form_editcity").validate();}); </script> <?php $queryString = " select * from coupons_cities where cityid=" . $cityid . " "; $resultSet = mysql_query($queryString); if (mysql_num_rows($resultSet) > 0) { while ($result = mysql_fetch_array($resultSet)) { $rscountryid = $result['countryid']; ?>
* @URL : http://www.NDOT.in ********************************************/ $current_url = explode('/', $_SERVER["REQUEST_URI"]); //check whether cityname is in url $queryString = "select * from coupons_cities where status='A' order by cityname asc"; $resultSet = mysql_query($queryString); if (mysql_num_rows($resultSet) > 0) { while ($row = mysql_fetch_array($resultSet)) { if ($current_url[1] == html_entity_decode($row["city_url"], ENT_QUOTES)) { $_SESSION["defaultcityId"] = $row["cityid"]; $_SESSION["default_city_url"] = html_entity_decode($row["city_url"], ENT_QUOTES); $_SESSION["defaultcityname"] = html_entity_decode($row["cityname"], ENT_QUOTES); $month = 2592000 + time(); setcookie("defaultcityId", ""); setcookie("defaultcityId", $row["cityid"], $month); url_redirect(DOCROOT . html_entity_decode($row["city_url"], ENT_QUOTES) . '/'); } } } ?> <h1><?php echo $page_title; ?> </h1> <div class="work_bottom con_center"> <h1><?php echo $language['error_head']; ?> <?php echo $sub1; ?>
if ($_POST['submit'] == $language['login']) { $username = $_POST["username"]; $password = md5($_POST["password"]); $result = loginCheck($username, $password); if ($result == "Success") { set_response_mes(1, $language['login_success']); $reference_url = $_SESSION["ref"]; $_SESSION["ref"] = ""; if ($reference_url) { url_redirect($reference_url); } else { url_redirect(DOCROOT . "profile.html"); } } else { set_response_mes(-1, $language['password_incorrect']); url_redirect(DOCROOT . "login.html"); } } ?> <ul> <li><a href="/" title="<?php echo $language['home']; ?> "><?php echo $language['home']; ?> </a></li> <li><span class="right_arrow"></span></li> <li><a href="javascript:;" title="<?php
<?php ob_start(); session_start(); include $_SERVER['DOCUMENT_ROOT'] . '/system/includes/library.inc.php'; if ($_GET) { $id = $_GET["id"]; $url = urldecode($_GET["rurl"]); mysql_query("delete from discussion where discussion_id='{$id}'"); // Include language files $lang = $_SESSION["site_language"]; if ($lang) { include DOCUMENT_ROOT . "/system/language/" . $lang . ".php"; } else { include DOCUMENT_ROOT . "/system/language/en.php"; } set_response_mes(1, $language['discussion_has_been_deleted']); url_redirect($url); } ob_flush();
<?php ob_start(); /****************************************** * @Created on March, 2011 * @Package: Ndotdeals unlimited v2.2 * @Author: NDOT * @URL : http://www.NDOT.in ********************************************/ require_once $_SERVER['DOCUMENT_ROOT'] . '/system/includes/library.inc.php'; if ($_REQUEST['cityid'] != '') { session_start(); $_SESSION['defaultcityId'] = $_REQUEST['cityid']; $_SESSION['defaultcityname'] = $_REQUEST['cityname']; $_SESSION['default_city_url'] = $_REQUEST['city_url']; //$city_name = friendlyURL($_SESSION['defaultcityname']); $lang = $_SESSION["site_language"]; if ($lang) { include DOCUMENT_ROOT . "/system/language/" . $lang . ".php"; } else { include DOCUMENT_ROOT . "/system/language/en.php"; } set_response_mes(1, $language['city_changed']); url_redirect(DOCROOT . $_SESSION['default_city_url'] . '/'); } ob_flush();
function DownloadsDelEditorial() { global $downloadsprefix, $db; $db->sql_query("delete from " . $downloadsprefix . "_editorials where downloadid=" . intval($_GET['downloadid'])); url_redirect(adminlink("&mode=DownloadsModDownload&lid={$downloadid}")); }
<?php ob_start(); session_start(); include $_SERVER["DOCUMENT_ROOT"] . '/system/includes/library.inc.php'; is_login(DOCROOT . "admin/login/"); //checking whether admin logged in or not. //get the social media account id $account_id = $_GET["acc_id"]; if ($account_id) { $result = mysql_query("delete from social_account where id = '{$account_id}' "); //delete the account $_SESSION['oauth_state'] = ''; // set responce msg $_SESSION["mes"] = "Twitter account has been deleted successfully"; url_redirect(DOCROOT . "admin/social-media-account/"); } ob_flush();
function couponUpload() { include "docroot.php"; include "config.php"; $cname = htmlentities($_POST['couponname'], ENT_QUOTES); $deal_permalink = htmlentities($_POST['deal_permalink'], ENT_QUOTES); $cdesc = htmlentities($_POST['cdesc'], ENT_QUOTES); $cfineprints = htmlentities($_POST['cfineprints'], ENT_QUOTES); $chighlights = htmlentities($_POST['chighlights'], ENT_QUOTES); $cenddate = htmlentities($_POST['cenddate']); $cstartdate = htmlentities($_POST['cstartdate']); $cexpdate = htmlentities($_POST['cexpdate']); $climit = htmlentities($_POST['climit']); $cterms = htmlentities($_POST['cterms']); $cdiscountvalue = htmlentities($_POST['cdiscountvalue']); $cminuser = htmlentities($_POST['minlimit']); $cmaxuser = htmlentities($_POST['maxlimit']); $crealvalue = htmlentities($_POST['crealvalue']); //unneccessary input fields are removed $cperson = ''; //htmlentities($_POST['cperson'], ENT_QUOTES); $phonenum = ''; //htmlentities($_POST['phonenum']); $address = ''; //htmlentities($_POST['address'], ENT_QUOTES); $meta_keywords = htmlentities($_POST['meta_keywords'], ENT_QUOTES); $meta_description = htmlentities($_POST['meta_description'], ENT_QUOTES); $termscondition = htmlentities($_POST['termscondition'], ENT_QUOTES); if ($_POST['max_dealpurchase'] > 0) { $max_dealpurchase = htmlentities($_POST['max_dealpurchase']); } else { $max_dealpurchase = 0; } if ($_POST['couponname'] == '' || $_POST['cdesc'] == '' || $_POST['crealvalue'] == '' || $_POST['crealvalue'] == 0) { $redirect_url = DOCROOT . "admin/couponsupload/"; set_response_mes(1, 'All fields are mandatory.'); url_redirect($redirect_url); } $uid = $_SESSION["userid"]; $shopid = $_POST['shop']; $csubtype = $_POST['csubtype']; $ctype = $_POST['ctype']; $country = $_POST['country']; $city = $_POST['city']; if ($_POST['sidedeal']) { $sidedeal = 1; } else { $sidedeal = 0; } if ($_POST['maindeal']) { $maindeal = 1; } else { $maindeal = 0; } if ($_POST['instant_deal']) { $instant_deal = 1; } else { $instant_deal = 0; } $is_video = $_POST['is_video']; $embed_code = htmlentities($_REQUEST['embed_code'], ENT_QUOTES); $randomvalue = ranval(); // get the image width and hight for the current theme $val = $ImageSize[DEFAULT_CURRENT_THEME]; if ($val) { $width_val = $val['width']; $height_val = $val['hight']; } else { $width_val = 420; $height_val = 282; } $imageTypeFormats = array("image/jpeg", "image/jpg", "image/gif", "image/png", "image/pjpeg"); if (in_array(strtolower($_FILES['cpicture']['type']), $imageTypeFormats)) { if (isset($_FILES['cpicture'])) { try { $imgData = addslashes(file_get_contents($_FILES['cpicture']['tmp_name'])); $size = getimagesize($_FILES['cpicture']['tmp_name']); $userid = $_SESSION["userid"]; $imtype = $_FILES['cpicture']['type']; switch ($imtype) { case 'image/gif': $im = imagecreatefromgif($_FILES['cpicture']['tmp_name']); break; case "image/pjpeg": case "image/jpg": case 'image/jpeg': $im = imagecreatefromjpeg($_FILES['cpicture']['tmp_name']); break; case 'image/png': $im = imagecreatefrompng($_FILES['cpicture']['tmp_name']); break; } $width = imagesx($im); $height = imagesy($im); $newheight = $width_val; $newwidth = $height_val; $thumb = imagecreatetruecolor($newwidth, $newheight); ImageCopyResampled($thumb, $im, 0, 0, 0, 0, $newwidth, $newheight, ImageSX($im), ImageSY($im)); ImagejpeG($thumb, DOCUMENT_ROOT . "/uploads/coupons/" . $randomvalue . ".jpg"); $imgurl = "uploads/coupons/" . $randomvalue . ".jpg"; } catch (Exception $e) { } } } $status = "A"; if ($_SESSION['userrole'] == '3') { $status = "D"; } $queryString = "insert into coupons_coupons\n\t (coupon_name,deal_url,coupon_description,coupon_enddate,coupon_image,coupon_createdby,coupon_createddate,coupon_value,coupon_status,coupon_minuserlimit,coupon_maxuserlimit,coupon_realvalue,coupon_category,coupon_country,coupon_city,coupon_person,coupon_phoneno,coupon_address, \tcoupon_shop,coupon_fineprints,coupon_highlights,side_deal,meta_keywords,meta_description,terms_and_condition,main_deal,coupon_expirydate,coupon_startdate,is_video, embed_code,max_deal_purchase,instant_deal) values ('{$cname}','{$deal_permalink}','{$cdesc}',STR_TO_DATE('{$cenddate}','%Y-%m-%d %H:%i:%s'),'{$imgurl}','{$uid}',now(),'{$cdiscountvalue}','{$status}','{$cminuser}','{$cmaxuser}','{$crealvalue}','{$ctype}','{$country}','{$city}', '{$cperson}', '{$phonenum}', '{$address}','{$shopid}','{$cfineprints}','{$chighlights}','{$sidedeal}','{$meta_keywords}','{$meta_description}','{$termscondition}','{$maindeal}','{$cexpdate}','{$cstartdate}','{$is_video}', '{$embed_code}','{$max_dealpurchase}','{$instant_deal}')"; $resultset = mysql_query($queryString) or die(mysql_error()); $last_insert_id = mysql_insert_id(); if ($maindeal == 1) { $maindealQuery = "update coupons_coupons set main_deal=0 where coupon_city='{$city}' and coupon_id!='{$last_insert_id}'"; $maindealResult = mysql_query($maindealQuery); } if (in_array(strtolower($_FILES['slide1']['type']), $imageTypeFormats)) { if (isset($_FILES['slide1'])) { try { $imgData = addslashes(file_get_contents($_FILES['slide1']['tmp_name'])); $size = getimagesize($_FILES['slide1']['tmp_name']); $userid = $_SESSION["userid"]; $imtype = $_FILES['slide1']['type']; switch ($imtype) { case 'image/gif': $im = imagecreatefromgif($_FILES['slide1']['tmp_name']); break; case "image/pjpeg": case "image/jpg": case 'image/jpeg': $im = imagecreatefromjpeg($_FILES['slide1']['tmp_name']); break; case 'image/png': $im = imagecreatefrompng($_FILES['slide1']['tmp_name']); break; } $width = imagesx($im); $height = imagesy($im); $newwidthX = $width_val; $newheight = $width_val; $newwidth = $height_val; $thumb = imagecreatetruecolor($newwidth, $newheight); ImageCopyResampled($thumb, $im, 0, 0, 0, 0, $newwidth, $newheight, ImageSX($im), ImageSY($im)); ImagejpeG($thumb, DOCUMENT_ROOT . "/uploads/slider_images/" . $last_insert_id . "_1.jpg"); $imgurl = "uploads/slider_images/" . $last_insert_id . "_1.jpg"; $slide1_image_name = $last_insert_id . "_1" . ".jpg"; //slide show images $query = "insert into slider_images(coupon_id,imagename) values('{$last_insert_id}','{$slide1_image_name}')"; $result = mysql_query($query) or die(mysql_error()); } catch (Exception $e) { } } } if (in_array(strtolower($_FILES['slide2']['type']), $imageTypeFormats)) { if (isset($_FILES['slide2'])) { try { $imgData = addslashes(file_get_contents($_FILES['slide2']['tmp_name'])); $size = getimagesize($_FILES['slide2']['tmp_name']); $userid = $_SESSION["userid"]; $imtype = $_FILES['slide2']['type']; switch ($imtype) { case 'image/gif': $im = imagecreatefromgif($_FILES['slide2']['tmp_name']); break; case "image/pjpeg": case "image/jpg": case 'image/jpeg': $im = imagecreatefromjpeg($_FILES['slide2']['tmp_name']); break; case 'image/png': $im = imagecreatefrompng($_FILES['slide2']['tmp_name']); break; } $width = imagesx($im); $height = imagesy($im); $newheight = $width_val; $newwidth = $height_val; $thumb = imagecreatetruecolor($newwidth, $newheight); ImageCopyResampled($thumb, $im, 0, 0, 0, 0, $newwidth, $newheight, ImageSX($im), ImageSY($im)); ImagejpeG($thumb, DOCUMENT_ROOT . "/uploads/slider_images/" . $last_insert_id . "_2.jpg"); $imgurl = "uploads/slider_images/" . $last_insert_id . "_2.jpg"; $slide2_image_name = $last_insert_id . "_2" . ".jpg"; $query = "insert into slider_images(coupon_id,imagename) values('{$last_insert_id}','{$slide2_image_name}')"; $result = mysql_query($query) or die(mysql_error()); } catch (Exception $e) { } } } if (in_array(strtolower($_FILES['slide3']['type']), $imageTypeFormats)) { if (isset($_FILES['slide3'])) { try { $imgData = addslashes(file_get_contents($_FILES['slide3']['tmp_name'])); $size = getimagesize($_FILES['slide3']['tmp_name']); $userid = $_SESSION["userid"]; $imtype = $_FILES['slide3']['type']; switch ($imtype) { case 'image/gif': $im = imagecreatefromgif($_FILES['slide3']['tmp_name']); break; case "image/pjpeg": case "image/jpg": case 'image/jpeg': $im = imagecreatefromjpeg($_FILES['slide3']['tmp_name']); break; case 'image/png': $im = imagecreatefrompng($_FILES['slide3']['tmp_name']); break; } $width = imagesx($im); $height = imagesy($im); $newwidthX = $width_val; $newheight = $width_val; $newwidth = $height_val; $thumb = imagecreatetruecolor($newwidth, $newheight); ImageCopyResampled($thumb, $im, 0, 0, 0, 0, $newwidth, $newheight, ImageSX($im), ImageSY($im)); ImagejpeG($thumb, DOCUMENT_ROOT . "/uploads/slider_images/" . $last_insert_id . "_3.jpg"); $imgurl = "uploads/slider_images/" . $last_insert_id . "_3.jpg"; $slide3_image_name = $last_insert_id . "_3" . ".jpg"; $query = "insert into slider_images(coupon_id,imagename) values('{$last_insert_id}','{$slide3_image_name}')"; $result = mysql_query($query) or die(mysql_error()); } catch (Exception $e) { } } } // include admin language file $admin_lang = $_SESSION["site_admin_language"]; if ($admin_lang) { include DOCUMENT_ROOT . "/system/language/admin_" . $admin_lang . ".php"; } else { include DOCUMENT_ROOT . "/system/language/admin_en.php"; } // get current date and time $cdate = date("Y-m-d H:i:s"); //update the deal url into facebook and twitter if ($last_insert_id) { $url = 'deals/' . $deal_permalink . '_' . $last_insert_id . '.html'; $share_link = DOCROOT . $url; $Status_Message = $share_link; if ($cstartdate <= $cdate) { //Twitter share include $_SERVER["DOCUMENT_ROOT"] . '/system/modules/twitter/update.php'; include $_SERVER["DOCUMENT_ROOT"] . '/system/modules/facebook/function.php'; facebook_status_update($Status_Message); } } $redirect_url = DOCROOT . "admin/couponsupload/"; set_response_mes(1, $admin_language['couponcreated']); if ($_FILES["cpicture"]["size"] > $uploadimageSize['deal_pic'] || $_FILES["slide1"]["size"] > $uploadimageSize['deal_pic'] || $_FILES["slide2"]["size"] > $uploadimageSize['deal_pic'] || $_FILES["slide3"]["size"] > $uploadimageSize['deal_pic']) { $size = round($uploadimageSize['profile_pic'] / 1024000); $img_err2 = "Image file size should lesser than " . $size . 'MB'; set_response_mes(1, $admin_language['couponcreated'] . $img_err2); } url_redirect($redirect_url); }
<?php ob_start(); /******************************************** * @Created on March, 2011 * @Package: Ndotdeals unlimited v2.2 * @Author: NDOT * @URL : http://www.ndot.in ********************************************/ #------------------------------------------------------------------------------- require_once $_SERVER['DOCUMENT_ROOT'] . '/system/includes/library.inc.php'; #------------------------------------------------------------------------------- $_SESSION["mobile_access"] = "mobile"; url_redirect(DOCROOT); ob_flush();
//mail send thru smtp } else { // To send HTML mail, the Content-type header must be set $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; // Additional headers $headers .= 'From: ' . $from . '' . "\r\n"; mail($to, $subject, $message, $headers); } set_response_mes(1, $language['password_sent']); url_redirect(DOCROOT . "login.html"); } } } else { set_response_mes(-1, $language['email_not_exist']); url_redirect(DOCROOT . "registration.html"); } } ?> <h1 class="page_tit"><?php echo $page_title; ?> </h1> <div class="work_bottom "> <form action="" name="login" id="login" method="post"> <table width="100%" border="0" cellpadding="5" cellspacing="5" class="forms"> <tr> <td align="left" valign="top"><label><?php echo $language['email'];
mysql_query("update coupons_users set account_balance = account_balance+{$admin_amt} where user_role='1'"); $shop_admin_uid = $user['userid']; $past_balance = $L_QTY0 * $per_deal_cost - $admin_amt; $shop_admin_balance = round($past_balance, 2); mysql_query("update coupons_users set account_balance = account_balance+{$shop_admin_balance} where userid='{$shop_admin_uid}'"); } else { if ($shop_owner_role == 2) { $admin_amt = $L_QTY0 * ($per_deal_cost * ADMIN_COMMISSION / 100); //payable to admin $admin_amt = round($admin_amt, 2); mysql_query("update coupons_users set account_balance = account_balance+{$admin_amt} where user_role='1'"); $citymgr_amt = $L_QTY0 * ($per_deal_cost * CA_COMMISSION / 100); //payable to city manager $citymgr_amt = round($citymgr_amt, 2); mysql_query("update coupons_users set account_balance = account_balance+{$citymgr_amt} where userid='{$shop_owner_userid}'"); $shop_admin_uid = $user['userid']; $past_balance = $L_QTY0 * $per_deal_cost - ($admin_amt + $citymgr_amt); $shop_admin_balance = round($past_balance, 2); mysql_query("update coupons_users set account_balance = account_balance+{$shop_admin_balance} where userid='{$shop_admin_uid}'"); } } } } set_response_mes(1, $admin_language['paymentprocessed']); } else { mysql_query("update transaction_details set CAPTURED_ACK='Failed' where ID = '{$invoice_id}'"); set_response_mes(-1, $admin_language['paymentfailed']); } } url_redirect($refid); ob_flush();
/** * desactiva la cesión * @return [type] [description] */ function time_session_inactive() { if (isset($_SESSION["authenticated"]) && $_SESSION["authenticated"] == true) { //sino, calculamos el tiempo transcurrido $fechaGuardada = $_SESSION["ultimoAcceso"]; $ahora = time(); $tiempo_transcurrido = $ahora - $fechaGuardada; //comparamos el tiempo transcurrido if ($tiempo_transcurrido >= 600) { session_destroy(); url_redirect(); } else { $_SESSION["ultimoAcceso"] = $ahora; } } }
$type = 1; $status = 1; $request_amount = $_POST['request_amount']; if ($request_amount) { if ($request_amount >= MIN_FUND && $request_amount <= MAX_FUND && $current_user_balance_amount >= $request_amount && $available_amt >= $request_amount) { $query = "insert into request_fund (type,bid,amount,status)values('{$type}','{$uid}','{$request_amount}','{$status}')"; mysql_query($query); set_response_mes(1, $language['req_sent']); url_redirect(DOCROOT . "fund-request.html"); } else { set_response_mes(-1, $language['req_minmiax']); url_redirect(DOCROOT . "fund-request.html"); } } else { set_response_mes(-1, $language['req_value']); url_redirect(DOCROOT . "fund-request.html"); } } ?> <script type="text/javascript"> /* validation */ $(document).ready(function(){ $("#fund_request").validate();}); </script> <?php include "profile_submenu.php"; ?> <h1><?php echo $page_title; ?> </h1>
* @URL : http://www.NDOT.in ********************************************/ $current_url = explode('/', $_SERVER["REQUEST_URI"]); //check whether cityname is in url $queryString = "select * from coupons_cities where status='A' order by cityname asc"; $resultSet = mysql_query($queryString); if (mysql_num_rows($resultSet) > 0) { while ($row = mysql_fetch_array($resultSet)) { if ($current_url[1] == $row["city_url"]) { $_SESSION["defaultcityId"] = $row["cityid"]; $_SESSION["default_city_url"] = $row["city_url"]; $_SESSION["defaultcityname"] = $row["cityname"]; $month = 2592000 + time(); setcookie("defaultcityId", ""); setcookie("defaultcityId", $row["cityid"], $month); url_redirect(DOCROOT . $row["city_url"] . '/'); } } } ?> <h1><?php echo $page_title; ?> </h1> <div class="work_bottom con_center"> <h1><?php echo $language['error_head']; ?> <?php echo $sub1; ?>