public function actionList($finance_id)
{
$finance = Finance::model()->findByPk($finance_id);
/**
* @var $finance Finance
*/
if ($finance->account_id != $this->Account->id) {
return false;
}
$models = FinanceCommit::model()->findAllByAttributes(['finance_id' => $finance_id]);
$this->render('list', ['models' => $models, 'finance' => $finance]);
}
public function actionCheck($id)
{
$goal = FinanceGoal::model()->findByPk($id);
$goal->data = json_decode($goal->data);
$finance = Finance::model()->findByPk($goal->finance_id);
/**
* @var $finance Finance
*/
if ($finance->account_id != $this->Account->id) {
return false;
}
$typeObj = FinanceGoal::getType($goal->type);
$typeObj->checkGoal($goal);
$this->redirect('/financeGoal/detail?id=' . $id);
}
public function __construct()
{
parent::__construct();
$this->load->model('order_model');
$this->load->model('product_model');
$this->load->model('accounting_cost_model');
$this->load->model('shipping_company_model');
$this->load->model('shipping_function_model');
$this->load->model('shipping_subarea_model');
$this->load->model('shipping_subarea_group_model');
$this->load->model('shipping_type_model');
$this->load->helper('shipping_helper');
$this->load->helper('order_helper');
$this->load->library('excel');
}
public function __construct()
{
parent::__construct();
}
public function __construct()
{
parent::__construct();
$this->load->model('receipt_way_model');
}
function admin_action($core)
{
$action = $core->get['a'] ? $core->get['a'] : null;
$id = $core->post['id'] ? (int) $core->post['id'] : ($core->get['id'] ? (int) $core->get['id'] : 0);
switch ($action) {
//
// Files
//
case 'file-add':
$ext = strtolower(substr($core->files['file']['name'], strrpos($core->files['file']['name'], '.') + 1));
$name = $core->text->link($core->files['file']['name']);
$ge = array('jpg', 'jpeg', 'png', 'gif', 'pdf', 'zip', 'rar', '7z', 'doc', 'docx', 'xls', 'xlsx', 'flv');
if (in_array($ext, $ge)) {
move_uploaded_file($core->files['file']['tmp_name'], DIR_NEWS . $name);
}
$core->go($core->url('m', 'files'));
case 'file-del':
$name = $core->text->link($core->get['name']);
@unlink(DIR_NEWS . $name);
$core->go($core->url('m', 'files'));
//
// Users
//
// User Edit
//
// Users
//
// User Edit
case 'user-add':
$name = $core->text->line($core->post['name']);
$email = $core->text->email($core->post['email']);
$pass = $core->text->pass($core->post['pass']);
$level = $core->post['level'] ? 1 : 0;
$mail_sql = $email ? ", user_mail = '{$email}' " : '';
$pass_sql = $core->post['pass'] ? ", user_pass = '******' " : '';
$sql = "INSERT INTO " . DB_USER . " SET user_name = '{$name}', user_level = '{$level}' {$pass_sql} {$mail_sql}";
if ($mail_sql && $pass_sql && $core->db->query($sql)) {
$core->go($core->url('mm', 'users', 'add-ok'));
} else {
$core->go($core->url('mm', 'users', 'add-e'));
}
// User Edit
// User Edit
case 'user-edit':
$old = $core->user->get($id);
$data = array('user_name' => $core->text->line($core->post['name']), 'user_level' => $id == 1 ? 1 : ($core->post['level'] ? 1 : 0), 'user_ban' => $id == 1 ? 0 : ($core->post['ban'] ? 1 : 0), 'user_warn' => $id == 1 ? 0 : ($core->post['warn'] ? 1 : 0), 'user_work' => (int) $core->post['work'], 'user_ext' => (int) $core->post['ext'], 'user_comp' => (int) $core->post['comp'], 'user_compad' => $core->post['compad'] ? 1 : 0, 'user_call' => $core->post['call'] ? 1 : 0, 'user_shave' => $core->post['shave'] ? 1 : 0, 'user_vip' => $core->post['vip'] ? 1 : 0, 'user_tariff' => (int) $core->post['tariff']);
if ($email = $core->text->email($core->post['email'])) {
$data['user_mail'] = $email;
}
if ($core->post['pass']) {
$data['user_pass'] = $core->text->pass($core->post['pass']);
}
if ($core->user->set($id, $data)) {
// Money
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
$money = (int) $core->post['money'];
if ($money) {
$type = $money > 0 ? 1 : 5;
$f->add($id, 0, $money, $type, $core->lang['admin']);
} else {
$f->recount($id);
}
$core->wmsale->clear('mans', $comp);
$core->wmsale->clear('allman');
$core->go($core->url('mm', 'users', 'edit-ok'));
} else {
$core->go($core->url('mm', 'users', 'edit-e'));
}
// User Delete
// User Delete
case 'user-del':
if ($id != 1) {
$core->db->query("DELETE FROM " . DB_CASH . " WHERE user_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_STATS . " WHERE user_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_FLOW . " WHERE user_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_SUPP . " WHERE supp_user = '******'");
$core->db->query("UPDATE " . DB_ORDER . " SET wm_id = 0, flow_id = 0 WHERE wm_id = '{$id}'");
$comp = $core->db->field("SELECT user_comp FROM " . DB_USER . " WHERE user_id = '{$id}' LIMIT 1");
if ($core->db->query("DELETE FROM " . DB_USER . " WHERE user_id = '{$id}'")) {
$core->wmsale->clear('mans', $comp);
$core->wmsale->clear('allman');
$core->go($core->url('mm', 'users', 'del-ok'));
} else {
$core->go($core->url('mm', 'users', 'del-e'));
}
} else {
$core->go($core->url('mm', 'users', 'del-a'));
}
//
// Offers
//
// Offer Edit
//
// Offers
//
// Offer Edit
case 'offer-add':
$name = $core->text->line($core->post['name']);
$price = (int) $core->post['price'];
$sql = "INSERT INTO " . DB_OFFER . " SET offer_name = '{$name}', offer_price = '{$price}'";
if ($core->db->query($sql)) {
$id = $core->db->lastid();
$core->wmsale->clear('offers');
$core->wmsale->clear('price');
$core->go($core->url('im', 'offer', $id, 'add-ok'));
} else {
$core->go($core->url('mm', 'offer', 'add-e'));
}
// Offer Edit
// Offer Edit
case 'offer-edit':
$comps = $core->wmsale->get('comps');
$mrt = array();
foreach ($core->post['mrt'] as $c => $d) {
if (($d = (int) $d) > 0) {
$mrt[(int) $c] = $d;
}
}
$mrt = $mrt ? serialize($mrt) : '';
$data = array('offer_name' => $core->text->line($core->post['name']), 'offer_descr' => $core->text->line($core->post['descr']), 'offer_text' => $core->text->line($core->post['text']), 'offer_info' => $core->text->code($core->post['info']), 'offer_price' => (int) $core->post['price'], 'offer_country' => $core->text->line($core->post['country']), 'offer_active' => $core->post['active'] ? 1 : 0, 'offer_vars' => $core->post['vars'] ? 1 : 0, 'offer_delivery' => $core->post['delivery'] ? 1 : 0, 'offer_mr' => $core->post['mr'] ? 1 : 0, 'offer_mrt' => $mrt, 'offer_script' => $core->text->line($core->post['script']), 'offer_payment' => (int) $core->post['payment']);
if ($core->db->edit(DB_OFFER, $data, "offer_id = '{$id}'")) {
if ($core->files['image']) {
$ii = getimagesize($core->files['image']['tmp_name']);
if ($ii[2] == IMG_JPG) {
move_uploaded_file($core->files['image']['tmp_name'], sprintf(OFFER_FILE, $id));
}
}
$core->wmsale->clear('offer', $id);
$core->wmsale->clear('ofp', $id);
$core->wmsale->clear('offers');
$core->wmsale->clear('price');
$core->go($core->url('mm', 'offer', 'edit-ok'));
} else {
$core->go($core->url('mm', 'offer', 'edit-e'));
}
// Offer Special Prices
// Offer Special Prices
case 'offer-price':
$price = array();
foreach ($core->post['wm'] as $u => $v) {
if ($v = (int) $v) {
$price[(int) $u][0] = $v;
}
}
foreach ($core->post['pay'] as $u => $v) {
if ($v = (int) $v) {
$price[(int) $u][1] = $v;
}
}
foreach ($core->post['ref'] as $u => $v) {
if ($v = (int) $v) {
$price[(int) $u][2] = $v;
}
}
foreach ($core->post['wmu'] as $u => $v) {
if ($v = (int) $v) {
$price[(int) $u][3] = $v;
}
}
foreach ($core->post['pyu'] as $u => $v) {
if ($v = (int) $v) {
$price[(int) $u][4] = $v;
}
}
$price = serialize($price);
$data = array('offer_wm' => (int) $core->post['wmb'], 'offer_wm_vip' => (int) $core->post['wmv'], 'offer_wm_ext' => (int) $core->post['wme'], 'offer_wmu' => (int) $core->post['wmub'], 'offer_wmu_vip' => (int) $core->post['wmuv'], 'offer_wmu_ext' => (int) $core->post['wmue'], 'offer_pay' => (int) $core->post['payb'], 'offer_pay_vip' => (int) $core->post['payv'], 'offer_pay_ext' => (int) $core->post['paye'], 'offer_pyu' => (int) $core->post['pyub'], 'offer_pyu_vip' => (int) $core->post['pyuv'], 'offer_pyu_ext' => (int) $core->post['pyue'], 'offer_ref' => (int) $core->post['refb'], 'offer_ref_vip' => (int) $core->post['refv'], 'offer_prt' => $price);
if ($core->db->edit(DB_OFFER, $data, "offer_id = '{$id}'")) {
$core->wmsale->clear('offer', $id);
$core->wmsale->clear('price');
$core->go($core->url('mm', 'offer', 'edit-ok'));
} else {
$core->go($core->url('mm', 'offer', 'edit-e'));
}
// Offer Params
// Offer Params
case 'offer-param':
$param = array();
foreach ($core->post['param'] as $u => $v1) {
$u = (int) $u;
$v1 = $core->text->link($v1);
$v2 = stripslashes($core->post['value'][$u]);
if ($v1 && $v2) {
$param[$v1] = $v2;
}
}
$param = addslashes(serialize($param));
if ($core->db->edit(DB_OFFER, array('offer_pars' => $param), "offer_id = '{$id}'")) {
$core->wmsale->clear('offer', $id);
$core->wmsale->clear('ofp', $id);
$core->go($core->url('mm', 'offer', 'edit-ok'));
} else {
$core->go($core->url('mm', 'offer', 'edit-e'));
}
// Offer Delete
// Offer Delete
case 'offer-del':
$sql = "DELETE FROM " . DB_OFFER . " WHERE offer_id = '{$id}'";
if ($core->db->query($sql)) {
$core->db->query("DELETE FROM " . DB_STORE . " WHERE offer_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_ORDER . " WHERE offer_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_FLOW . " WHERE offer_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_STATS . " WHERE offer_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_SITE . " WHERE offer_id = '{$id}'");
$core->wmsale->clear('offer', $id);
$core->wmsale->clear('offers');
$core->wmsale->clear('price');
$core->go($core->url('mm', 'offer', 'del-ok'));
} else {
$core->go($core->url('mm', 'offer', 'del-e'));
}
// Offer Variant Add
// Offer Variant Add
case 'offer-var-add':
$name = $core->text->line($core->post['name']);
$price = (int) $core->post['price'];
$vars = $core->db->field("SELECT offer_vars FROM " . DB_OFFER . " WHERE offer_id = '{$id}' LIMIT 1");
if ($vars && $core->db->add(DB_VARS, array('offer_id' => $id, 'var_name' => $name, 'var_price' => $price))) {
$id = $core->db->lastid();
$core->wmsale->clear('vars', $id);
$core->go($core->url('im', 'offer-var', $id, 'add-ok'));
} else {
$core->go($core->url('mm', 'offer-vars', 'add-e'));
}
// Offer Variant Edit
// Offer Variant Edit
case 'offer-var-edit':
$name = $core->text->line($core->post['name']);
$short = $core->text->line($core->post['short']);
$price = (int) $core->post['price'];
$offer = $core->db->field("SELECT offer_id FROM " . DB_VARS . " WHERE var_id = '{$id}' LIMIT 1");
$sql = "UPDATE " . DB_VARS . " SET var_name = '{$name}', var_price = '{$price}', var_short = '{$short}' WHERE var_id = '{$id}' LIMIT 1";
if ($core->db->query($sql)) {
$core->wmsale->clear('vars', $offer);
$core->go($core->url('im', 'offer-vars', $offer, 'edit-ok'));
} else {
$core->go($core->url('im', 'offer-vars', $offer, 'edit-e'));
}
// Offer Variant Delete
// Offer Variant Delete
case 'offer-var-del':
$offer = $core->db->field("SELECT offer_id FROM " . DB_VARS . " WHERE var_id = '{$id}' LIMIT 1");
if ($core->db->query("DELETE FROM " . DB_VARS . " WHERE var_id = '{$id}'")) {
$core->wmsale->clear('vars', $offer);
$core->go($core->url('im', 'offer-vars', $offer, 'del-ok'));
} else {
$core->go($core->url('im', 'offer-vars', $offer, 'del-e'));
}
// Offer Site Add
// Offer Site Add
case 'offer-site-add':
$url = $core->text->line($core->post['url']);
$key = md5(microtime());
if ($core->db->add(DB_SITE, array('offer_id' => $id, 'site_url' => $url, 'site_key' => $key))) {
$core->wmsale->clear('sites', $id);
$core->wmsale->clear('lands', $id);
$core->wmsale->clear('space', $id);
$sid = $core->db->lastid();
file_get_contents(SPACEURL . 'renew.php?id=' . $id);
$core->go($core->url('im', 'offer-site', $sid, 'add-ok'));
} else {
$core->go($core->url('mm', 'offer-sites', 'add-e'));
}
// Offer Site Edit
// Offer Site Edit
case 'offer-site-edit':
$url = $core->text->line($core->post['url']);
$key = $core->post['key'] ? $core->text->line($core->post['key']) : md5(microtime());
$comp = (int) $core->post['comp'];
$comph = $core->post['comph'] ? 1 : 0;
$type = $core->post['type'] ? 1 : 0;
$default = $core->post['default'] ? 1 : 0;
$mobile = (int) $core->post['mobile'];
$offer = $core->db->field("SELECT offer_id FROM " . DB_SITE . " WHERE site_id = '{$id}' LIMIT 1");
if ($default) {
$core->db->query("UPDATE " . DB_SITE . " SET site_default = 0 WHERE offer_id = '{$offer}' AND site_type = '{$type}'");
}
$sql = "UPDATE " . DB_SITE . " SET site_url = '{$url}', site_key = '{$key}', site_type = '{$type}', site_comp = '{$comph}', site_default = '{$default}', site_mobile = '{$mobile}', comp_id = '{$comp}' WHERE site_id = '{$id}' LIMIT 1";
if ($core->db->query($sql)) {
$core->wmsale->clear('site', $id);
$core->wmsale->clear('sites', $offer);
$core->wmsale->clear('lands', $offer);
$core->wmsale->clear('space', $offer);
file_get_contents(SPACEURL . 'renew.php?id=' . $offer);
$core->go($core->url('im', 'offer-sites', $offer, 'edit-ok'));
} else {
$core->go($core->url('im', 'offer-sites', $offer, 'edit-e'));
}
// Offer Site Delete
// Offer Site Delete
case 'offer-site-del':
$offer = $core->db->field("SELECT offer_id FROM " . DB_SITE . " WHERE site_id = '{$id}' LIMIT 1");
if ($core->db->query("DELETE FROM " . DB_SITE . " WHERE site_id = '{$id}'")) {
$core->wmsale->clear('site', $id);
$core->wmsale->clear('sites', $offer);
$core->wmsale->clear('lands', $offer);
$core->wmsale->clear('space', $offer);
file_get_contents(SPACEURL . 'renew.php?id=' . $offer);
$core->go($core->url('im', 'offer-sites', $offer, 'del-ok'));
} else {
$core->go($core->url('im', 'offer-sites', $offer, 'del-e'));
}
case 'offer-site-renew':
file_get_contents(SPACEURL . 'renew.php?id=' . $id);
$core->go($core->url('im', 'offer-sites', $id, 'ok'));
case 'offer-site-list':
header('Content-disposition: attachment; filename=offer' . $id . '.php');
header('Content-type: text/plain; charset=utf-8');
$lands = $core->wmsale->get('lands', $id);
$space = $core->wmsale->get('space', $id);
$default = 0;
$elands = $espace = array();
foreach ($lands as $l) {
if (!$default) {
$default = $l['site_id'];
}
if ($l['site_default']) {
$default = $l['site_id'];
}
$elands[$l['site_id']] = 'http://' . $l['site_url'] . '/?';
}
foreach ($space as $l) {
$espace[$l['site_url']] = (int) $l['site_id'];
}
echo '<?
require_once "cms.php";
function ourl () {
static $theurl;
global $flow;
if ( $theurl ) return $theurl;
$defland = ' . $default . ';
$lands = ';
var_export($elands);
echo ';
$space = ';
var_export($espace);
echo ';
$theurl = geturl ( $lands, $space, $defland );
return $theurl;
}';
$core->_die();
//
// Companies
//
// Adding a company
//
// Companies
//
// Adding a company
case 'comps-add':
if ($core->db->add(DB_COMP, array('comp_name' => $core->text->line($core->post['name'])))) {
$core->wmsale->clear('comps');
$core->go($core->url('im', 'comps', $core->db->lastid(), 'add-ok'));
} else {
$core->go($core->url('mm', 'comps', 'add-e'));
}
// Edit company info
// Edit company info
case 'comps-edit':
$edit = array('user_id' => (int) $core->post['user'], 'comp_name' => $core->text->line($core->post['name']), 'comp_fio' => $core->text->line($core->post['fio']), 'comp_phone' => $core->text->line($core->post['phone']), 'comp_index' => preg_replace('#([^0-9]+)#', '', $core->post['index']), 'comp_addr' => $core->text->line($core->post['addr']), 'comp_bank' => $core->text->line($core->post['bank']), 'comp_acc' => preg_replace('#([^0-9]+)#', '', $core->post['acc']), 'comp_ks' => preg_replace('#([^0-9]+)#', '', $core->post['ks']), 'comp_bik' => preg_replace('#([^0-9]+)#', '', $core->post['bik']), 'comp_inn' => preg_replace('#([^0-9]+)#', '', $core->post['inn']), 'comp_spsr' => $core->text->line($core->post['spsr']), 'comp_spsr_login' => $core->text->line($core->post['spsr_login']), 'comp_spsr_pass' => $core->text->line($core->post['spsr_pass']), 'comp_spsr_from' => $core->text->line($core->post['spsr_from']), 'sms_accept' => $core->post['sms_accept'] ? 1 : 0, 'sms_post' => $core->post['sms_post'] ? 1 : 0, 'sms_spsr' => $core->post['sms_spsr'] ? 1 : 0, 'sms_rupo' => $core->post['sms_rupo'] ? 1 : 0, 'autoaccept' => $core->post['autoaccept'] ? 1 : 0, 'callscheme' => $core->text->line($core->post['callscheme']), 'pay_info' => $core->text->code($core->post['pay_info']), 'pay_wmr' => $core->text->line($core->post['pay_wmr']), 'pay_wmk' => $core->text->line($core->post['pay_wmk']), 'pay_ymr' => $core->text->line($core->post['pay_ymr']), 'pay_ymk' => $core->text->line($core->post['pay_ymk']));
if ($core->db->edit(DB_COMP, $edit, "comp_id = '{$id}'")) {
$core->wmsale->clear('comp', $id);
$core->wmsale->clear('comps');
$core->go($core->url('mm', 'comps', 'edit-ok'));
} else {
$core->go($core->url('mm', 'comps', 'edit-e'));
}
// Company Delete
// Company Delete
case 'comps-del':
if ($core->db->query("DELETE FROM " . DB_COMP . " WHERE comp_id = '{$id}' LIMIT 1")) {
$core->db->query("DELETE FROM " . DB_USER . " WHERE user_comp = '{$id}'");
$core->db->query("DELETE FROM " . DB_ORDER . " WHERE comp_id = '{$id}'");
$core->db->query("DELETE FROM " . DB_STORE . " WHERE comp_id = '{$id}'");
$core->wmsale->clear('comp', $id);
$core->wmsale->clear('comps');
$core->go($core->url('mm', 'comps', 'del-ok'));
} else {
$core->go($core->url('mm', 'comps', 'del-e'));
}
// Edit company info
// Edit company info
case 'comps-int':
$field = array();
$flds = explode("\n", $core->post['add_field']);
if ($flds) {
foreach ($flds as $k) {
$kk = explode(' ', trim($k), 2);
$field[$kk[0]] = stripslashes(trim($kk[1]));
}
}
$field = addslashes(serialize($field));
$field2 = array();
$flds2 = explode("\n", $core->post['chk_field']);
if ($flds2) {
foreach ($flds2 as $k) {
$kk = explode(' ', trim($k), 2);
$field2[$kk[0]] = stripslashes(trim($kk[1]));
}
}
$field2 = addslashes(serialize($field2));
$edit = array('int_add' => $core->post['add'] ? 1 : 0, 'int_add_url' => str_replace('&', '&', str_replace('"', '"', $core->text->line($core->post['add_url']))), 'int_add_pre' => $core->text->code($core->post['add_pre']), 'int_add_field' => $field, 'int_add_code' => $core->text->code($core->post['add_code']), 'int_chk' => $core->post['chk'] ? 1 : 0, 'int_chk_url' => str_replace('&', '&', str_replace('"', '"', $core->text->line($core->post['chk_url']))), 'int_chk_pre' => $core->text->code($core->post['chk_pre']), 'int_chk_field' => $field2, 'int_chk_format' => (int) $core->post['chk_format'], 'int_chk_count' => (int) $core->post['chk_count'], 'int_chk_code' => $core->text->code($core->post['chk_code']));
if ($core->db->edit(DB_COMP, $edit, "comp_id = '{$id}'")) {
$core->wmsale->clear('comp', $id);
$core->go($core->url('mm', 'comps', 'edit-ok'));
} else {
$core->go($core->url('mm', 'comps', 'edit-e'));
}
//
// Externals
//
// Adding an external
//
// Externals
//
// Adding an external
case 'ext-add':
if ($core->db->add(DB_EXT, array('ext_name' => $core->text->line($core->post['name'])))) {
$core->wmsale->clear('exts');
$core->go($core->url('im', 'ext', $core->db->lastid(), 'add-ok'));
} else {
$core->go($core->url('mm', 'ext', 'add-e'));
}
// Edit external info
// Edit external info
case 'ext-edit':
$edit = array('user_id' => (int) $core->post['user'], 'ext_name' => $core->text->line($core->post['name']), 'ext_key' => $core->text->line($core->post['key']), 'url_new' => str_replace('&', '&', $core->text->line($core->post['url_new'])), 'url_nc' => str_replace('&', '&', $core->text->line($core->post['url_nc'])), 'url_rc' => str_replace('&', '&', $core->text->line($core->post['url_rc'])), 'url_acc' => str_replace('&', '&', $core->text->line($core->post['url_acc'])), 'url_dec' => str_replace('&', '&', $core->text->line($core->post['url_dec'])), 'url_pay' => str_replace('&', '&', $core->text->line($core->post['url_pay'])), 'url_ret' => str_replace('&', '&', $core->text->line($core->post['url_ret'])), 'url_del' => str_replace('&', '&', $core->text->line($core->post['url_del'])), 'code_offer' => $core->text->code($core->post['code_offer']), 'code_accept' => $core->text->code($core->post['code_accept']));
if ($core->db->edit(DB_EXT, $edit, "ext_id = '{$id}'")) {
$core->wmsale->clear('ext', $id);
$core->wmsale->clear('exts');
$core->go($core->url('mm', 'ext', 'edit-ok'));
} else {
$core->go($core->url('mm', 'ext', 'edit-e'));
}
// Delete external
// Delete external
case 'ext-del':
if ($core->db->query("DELETE FROM " . DB_EXT . " WHERE ext_id = '{$id}' LIMIT 1")) {
$core->db->query("DELETE FROM " . DB_USER . " WHERE user_ext = '{$id}'");
$core->db->query("UPDATE " . DB_ORDER . " SET ext_id = 0, ext_uid = 0, ext_src = 0 WHERE ext_id = '{$id}'");
$core->wmsale->clear('ext', $id);
$core->wmsale->clear('exts');
$core->go($core->url('mm', 'ext', 'del-ok'));
} else {
$core->go($core->url('mm', 'ext', 'del-e'));
}
//
// Outputs
//
//
// Outputs
//
case 'out-accept':
$c = $core->db->row("SELECT * FROM " . DB_CASH . " WHERE cash_id = '{$id}' LIMIT 1");
if ($c['cash_type'] == 4) {
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
if ($f->edit($id, 5)) {
$core->go($core->url('mm', 'outs', 'acc-ok'));
} else {
$core->go($core->url('mm', 'outs', 'acc-e'));
}
} else {
$core->go($core->url('mm', 'outs', 'acc-e'));
}
case 'out-decline':
$c = $core->db->row("SELECT * FROM " . DB_CASH . " WHERE cash_id = '{$id}' LIMIT 1");
if ($c['cash_type'] == 4) {
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
if ($f->del($id)) {
$core->go($core->url('mm', 'outs', 'dec-ok'));
} else {
$core->go($core->url('mm', 'outs', 'dec-e'));
}
} else {
$core->go($core->url('mm', 'outs', 'dec-e'));
}
case 'out-bulk':
$outs = array();
foreach ($core->post['ids'] as $i) {
if ($i = (int) $i) {
$outs[] = $i;
}
}
$otp = $core->db->col("SELECT cash_id FROM " . DB_CASH . " WHERE cash_id IN ( " . implode(',', $outs) . " ) AND cash_type = 4");
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
if ($core->post['decline']) {
foreach ($otp as $id) {
$f->del($id);
}
} else {
foreach ($otp as $id) {
$f->edit($id, 5);
}
}
$core->go($core->url('mm', 'outs', 'ok'));
//
// News
//
//
// News
//
case 'news-add':
$title = $core->text->line($core->post['title']);
$text = $core->text->code($core->post['text']);
$group = (int) $core->post['group'];
$send = $core->post['send'] ? 1 : 0;
$vip = $core->post['vip'] ? 1 : 0;
$mvip = $vip ? ' AND user_vip = 1 ' : '';
if ($core->db->add(DB_NEWS, array('news_title' => $title, 'news_text' => $text, 'news_group' => $group, 'news_time' => time(), 'news_vip' => $vip))) {
$id = $core->db->lastid();
if ($send) {
switch ($group) {
case 1:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 AND user_work = 0 {$mvip}");
break;
case 2:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 AND user_work = 1 {$mvip}");
break;
default:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 {$mvip}");
}
$core->email->send($mails, sprintf($core->lang['mail_news_h'], stripslashes($title)), sprintf($core->lang['mail_news_t'], stripslashes($text), $id));
}
$core->go($core->url('mm', 'news', 'ok'));
} else {
$core->go($core->url('mm', 'news', 'e'));
}
// Offer Site Edit
// Offer Site Edit
case 'news-edit':
$title = $core->text->line($core->post['title']);
$text = $core->text->code($core->post['text']);
$group = (int) $core->post['group'];
$send = $core->post['send'] ? 1 : 0;
$vip = $core->post['vip'] ? 1 : 0;
$mvip = $vip ? ' AND user_vip = 1 ' : '';
if ($core->db->edit(DB_NEWS, array('news_title' => $title, 'news_text' => $text, 'news_group' => $group, 'news_vip' => $vip), "news_id = '{$id}'")) {
if ($send) {
switch ($group) {
case 1:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 AND user_work = 0 {$mvip}");
break;
case 2:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 AND user_work = 1 {$mvip}");
break;
default:
$mails = $core->db->col("SELECT user_mail FROM " . DB_USER . " WHERE user_news = 1 {$mvip}");
}
$core->email->send($mails, sprintf($core->lang['mail_news_h'], stripslashes($title)), sprintf($core->lang['mail_news_t'], stripslashes($text), $id));
}
$core->go($core->url('mm', 'news', 'ok'));
} else {
$core->go($core->url('mm', 'news', 'e'));
}
// Offer Site Delete
// Offer Site Delete
case 'news-del':
if ($core->db->del(DB_NEWS, "news_id = '{$id}'")) {
$core->go($core->url('mm', 'news', 'ok'));
} else {
$core->go($core->url('mm', 'news', 'e'));
}
//
// Support
//
//
// Support
//
case 'supp-add':
require_once PATH_LIB . 'support.php';
support_add($core, $id, 1, $core->post['text']);
if ($core->get['z'] == 'ajax') {
echo 'ok';
$core->_die();
} else {
$core->go($core->url('i', 'support', $id));
}
case 'supp-show':
require_once PATH_LIB . 'support.php';
$messages = support_show($core, $id, 1, $core->get['from']);
$email = $core->user->get($id, 'user_mail');
if ($mc = count($messages)) {
$core->tpl->load('body', 'message');
$mn = $mx = $mm = 0;
foreach ($messages as &$m) {
$core->tpl->block('body', 'msg', $m);
if ($m['uid'] == $id) {
$core->tpl->block('body', 'msg.admin', array('u' => $email));
}
$mx = max($mx, $m['id']);
$mn = $mn ? min($mn, $m['id']) : $m['id'];
if ($m['new']) {
$mm += 1;
}
}
$core->tpl->vars('body', array('showmore' => $core->lang['support_more'], 'mn' => $mn, 'mx' => $mx, 'mc' => $mm));
if ($core->get['from'] >= 0) {
$core->tpl->block('body', 'more');
} else {
$core->tpl->block('body', 'havemsg');
}
$core->tpl->output('body');
}
$core->_die();
//
// Accounting
//
//
// Accounting
//
case 'saw':
$sum = (int) $core->post['sum'];
$users = array();
foreach ($core->post['user'] as $u) {
if ($u) {
$users[] = (int) $u;
}
}
$tosaw = count($users);
$sum = floor($sum / $tosaw);
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
foreach ($users as $u) {
$f->add($u, 0, $sum, 13, $core->lang['exit_comment']);
$f->add($u, 0, -$sum, 5, $core->lang['exit_comment']);
}
$core->go($core->url('mm', 'business', 'saw'));
case 'trans-del':
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
$f->del($id);
msgo($core, 'del');
}
return false;
}
function order_edit($core, $id, $info, $order = null)
{
// Loading order info for processing of changes
if (!$order) {
$order = $core->db->row("SELECT * FROM " . DB_ORDER . " WHERE order_id = '{$id}' LIMIT 1");
}
$comp = $core->wmsale->get('comp', $order['comp_id']);
$changes = array();
// Check order permissions
if (!defined('INTHEWORK')) {
if (!($core->user->level || $core->user->call)) {
if ($order['comp_id'] != $core->user->comp) {
return false;
}
}
}
// Basic info
if ($info['status'] && $info['status'] != $order['order_status']) {
$changes['order_status'] = $info['status'];
}
if ($info['reason'] && $info['reason'] != $order['order_reason']) {
$changes['order_reason'] = $info['reason'];
}
if ($info['user'] && $info['user'] != $order['user_id']) {
$changes['user_id'] = $info['user'];
}
if ($info['comp'] && $info['comp'] != $order['comp_id']) {
$changes['comp_id'] = $info['comp'];
}
if ($info['name'] && $info['name'] != $order['order_name']) {
$changes['order_name'] = $info['name'];
}
if ($info['addr'] && $info['addr'] != $order['order_addr']) {
$changes['order_addr'] = $info['addr'];
}
if ($info['area'] && $info['area'] != $order['order_area']) {
$changes['order_area'] = $info['area'];
}
if ($info['city'] && $info['city'] != $order['order_city']) {
$changes['order_city'] = $info['city'];
}
if ($info['street'] && $info['street'] != $order['order_street']) {
$changes['order_street'] = $info['street'];
}
if ($info['index'] && $info['index'] != $order['order_index']) {
$changes['order_index'] = $info['index'];
}
if ($info['phone'] && $info['phone'] != $order['order_phone']) {
$changes['order_phone'] = $info['phone'];
}
if ($info['track'] && $info['track'] != $order['track_code']) {
$changes['track_code'] = $info['track'];
}
if ($info['rec'] && $info['rec'] != $order['order_recall']) {
$changes['order_recall'] = $info['rec'];
}
if ($info['comment'] && $info['comment'] != $order['order_comment']) {
$changes['order_comment'] = $info['comment'];
}
if ($info['exto'] && $info['exto'] != $order['ext_oid']) {
$changes['ext_oid'] = $info['exto'];
}
if (isset($info['check']) && $info['check'] != $order['order_check']) {
$changes['order_check'] = $info['check'];
}
// Order Metadata
if (isset($info['meta'])) {
ksort($info['meta']);
$mm = serialize($info['meta']);
if ($mm != $order['order_meta']) {
$changes['order_meta'] = $mm;
}
}
// SPSR track info
if (isset($info['spsr'])) {
$spsr = $info['spsr'];
$sd = serialize($spsr);
if ($sd != $order['track_spsr']) {
$changes['track_spsr'] = $sd;
}
} else {
$spsr = false;
}
// Order Accepting
if ($info['accept']) {
$changes['order_status'] = $comp['autoaccept'] ? 10 : 6;
if (!$info['shave']) {
$sh = (int) $core->wmsale->get('ofp', $order['offer_id'], 'shave' . $order['comp_id']);
if (!$sh) {
$sh = (int) $core->wmsale->get('ofp', $order['offer_id'], 'shave');
}
if ($sh) {
$info['shave'] = rand(0, 100) <= $sh ? 2 : 0;
}
}
} elseif ($order['order_status'] > 4 && $changes['order_status'] < 6) {
unset($changes['order_status']);
}
// WebStatus and OrderStatus can be different
if ($changes['order_status']) {
$shave = $info['shave'] ? (int) $info['shave'] : 0;
if ($changes['order_status'] > 4) {
if ($shave) {
$changes['order_webstat'] = 5;
$changes['order_reason'] = rand(0, 7) ? 3 : 2;
$changes['order_shave'] = $shave;
} elseif ($order['order_status'] == $order['order_webstat']) {
$changes['order_webstat'] = $changes['order_status'];
}
} else {
$changes['order_webstat'] = $changes['order_status'];
}
}
// Calls are incremental
if ($info['calls']) {
$changes['order_calls'] = (int) $order['order_calls'] + $info['calls'];
}
// Check the phone to be russian mobile +79etc
if ($changes['order_phone']) {
$changes['order_phone_ok'] = substr($changes['order_phone'], 0, 2) == '79' ? 1 : 0;
}
// Track code changes will null tracking status
if ($changes['track_code']) {
$changes['track_on'] = $info['track_on'] ? $info['track_on'] : 0;
$changes['track_check'] = $info['track_check'] ? $info['track_check'] : 0;
$changes['track_date'] = '';
$changes['track_status'] = '';
}
// Checking items and delivery
if (isset($info['counts']) || isset($info['delivery']) || isset($info['discount']) || isset($info['more'])) {
// Load offer and it's variants info
$offer = $core->wmsale->get('offer', $order['offer_id']);
$vars = $offer['offer_vars'] ? $core->wmsale->get('vars', $offer['offer_id']) : false;
$order['items'] = $order['order_items'] ? unserialize($order['order_items']) : array();
// Process variants or a single offer
if ($vars) {
$items = isset($info['counts']) ? $info['counts'] : $order['items'];
$counts = $price = 0;
foreach ($vars as &$v) {
if ($items[$v['var_id']]) {
$counts += $items[$v['var_id']];
$price += $items[$v['var_id']] * $v['var_price'];
}
}
unset($v, $vars);
$changes['order_items'] = serialize($items);
} else {
$counts = isset($info['counts']) ? $info['counts'][$offer['offer_id']] : $order['order_count'];
$price = $offer['offer_price'] * $counts;
}
// Process discounts and presents
$changes['order_discount'] = $discount = isset($info['discount']) ? $info['discount'] : $order['order_discount'];
$changes['order_more'] = $more = isset($info['more']) ? $info['more'] : $order['order_more'];
if ($discount > 0 && $discount < 100) {
$price = ceil($price * ((100 - $discount) / 100));
}
if ($more > 0) {
$price += $more;
}
// Process delivery
if ($offer['offer_delivery']) {
$changes['order_delivery'] = $delivery = isset($info['delivery']) ? $info['delivery'] : $order['order_delivery'];
$price += $core->lang['deliverp'][$delivery];
}
// Finally set order changes
$changes['order_count'] = $counts;
$changes['order_price'] = $price;
}
// UnReCall and UnTrack
if (($changes['order_status'] > 4 || $order['order_status'] > 4) && $order['order_recall']) {
$changes['order_recall'] = 0;
}
if (($changes['order_status'] > 9 || $order['order_status'] > 9) && $order['track_on']) {
$changes['track_on'] = $changes['track_check'] = $changes['track_call'] = $changes['track_result'] = $changes['track_notify'] = 0;
$changes['track_date'] = $changes['track_status'] = '';
}
// Order completion
if ($changes['order_status'] == 5 || $changes['order_status'] > 9) {
$changes['order_check'] = 0;
}
if ($order['order_check'] && $changes['order_status'] > 10) {
if (!($order['ext_id'] || $order['order_shave'])) {
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
$fins = $core->db->col("SELECT cash_id FROM " . DB_CASH . " WHERE order_id = '{$id}'");
foreach ($fins as $fn) {
$f->del($fn);
}
unset($f);
}
$changes['order_status'] = 12;
if ($order['order_status'] == $order['order_webstat']) {
$changes['order_webstat'] = 12;
}
}
// Update order in database
if (count($changes)) {
$sqls = array();
foreach ($changes as $k => &$v) {
$sqls[] = " {$k} = '{$v}' ";
}
$sql = "UPDATE " . DB_ORDER . " SET " . implode(',', $sqls) . " WHERE order_id = '{$id}' LIMIT 1";
$result = $core->db->query($sql);
unset($sql, $k, $v);
} else {
return false;
}
// Post processing
if ($result) {
$st = $changes['order_status'];
// Order confirmation
if ($info['accept']) {
// Process payments
if ($shave != 1) {
// Finance Operations
if (!$offer) {
$offer = $core->wmsale->get('offer', $order['offer_id']);
}
$comment = sprintf("%s - %s", $offer['offer_name'], $id);
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
// Pricing
$ut = $order['wm_id'];
$uc = $comp['user_id'];
if ($ut && $uc) {
extract($core->wmsale->price($offer['offer_id'], array($ut, $uc)));
} elseif ($ut) {
extract($core->wmsale->price($offer['offer_id'], $ut));
} elseif ($uc) {
extract($core->wmsale->price($offer['offer_id'], $uc));
} else {
$ext = $wmp = $wmu = $ref = $rep = $pay = $pyu = $sub = $sup = $ext = 0;
}
// UpSale
if ($order['order_count'] > 1) {
if ($wmu) {
$wmp += $wmu * ($order['order_count'] - 1);
}
if ($pyu) {
$pay += $pyu * ($order['order_count'] - 1);
}
}
// Process payments
if ($uc && $pay) {
$f->add($comp['user_id'], $id, -$pay, 2, $comment);
}
if ($shave < 1 && $ut && $wmp) {
$f->add($ut, $id, $wmp, 3, $comment);
$core->db->query("UPDATE " . DB_FLOW . " SET flow_total = flow_total + " . $wmp . " WHERE flow_id = '" . $order['flow_id'] . "' LIMIT 1");
if ($ref && $rep) {
$f->add($ref, $id, $rep, 7, $comment);
$sup = $sup > $rep ? $sup - $rep : 0;
if ($sub && $sup) {
$core->db->query("UPDATE " . DB_USER . " SET user_got = user_got + '{$rep}', user_sup = user_sup + '{$sup}' WHERE user_id = '{$ut}' LIMIT 1");
$f->add($sub, $id, $sup, 7, $comment);
} else {
$core->db->query("UPDATE " . DB_USER . " SET user_got = user_got + '{$rep}' WHERE user_id = '{$ut}' LIMIT 1");
}
}
}
}
// Store processing
$items = $changes['order_items'] ? unserialize($changes['order_items']) : ($order['order_items'] ? unserialize($order['order_items']) : false);
if (!$items) {
$counts = $changes['order_count'] ? $changes['order_count'] : $order['order_count'];
$core->db->query("UPDATE " . DB_STORE . " SET store_count = store_count - {$counts} WHERE offer_id = '" . $order['offer_id'] . "' AND comp_id = '" . $order['comp_id'] . "' AND var_id = '0' LIMIT 1");
} else {
foreach ($items as $i => $c) {
$core->db->query("UPDATE " . DB_STORE . " SET store_count = store_count - {$c} WHERE offer_id = '" . $order['offer_id'] . "' AND comp_id = '" . $order['comp_id'] . "' AND var_id = '{$i}' LIMIT 1");
}
}
}
// Sending SMS
$pok = isset($changes['order_phone_ok']) ? $changes['order_phone_ok'] : $order['order_phone_ok'];
if ($pok) {
$phone = isset($changes['order_phone']) ? $changes['order_phone'] : $order['order_phone'];
if ($comp['sms_post'] && $changes['track_code']) {
sms(SMS_SIGN, $phone, sprintf($core->lang['sms_send'], $id, $changes['track_code']));
}
if ($st >= $order['order_status']) {
if ($comp['sms_accept'] && $st == 6) {
sms(SMS_SIGN, $phone, sprintf($core->lang['sms_accept'], $id));
}
if ($comp['sms_spsr'] && $order['order_delivery'] == 2 && $st == 9) {
sms(SMS_SIGN, $phone, sprintf($core->lang['sms_spsr'], $id, $order['track_code']));
}
if ($comp['sms_rupo'] && $order['order_delivery'] == 1 && $st == 9) {
sms(SMS_SIGN, $phone, sprintf($core->lang['sms_rupo'], $id, $order['track_code']));
}
}
}
// External processing
if ($order['ext_id'] && $changes['order_webstat'] && $order['order_webstat'] < 5) {
$ext = $core->wmsale->get('ext', $order['ext_id']);
switch ($changes['order_webstat']) {
case 3:
$url = $ext['url_rc'] ? $ext['url_rc'] : false;
break;
case 4:
$url = $ext['url_nc'] ? $ext['url_nc'] : false;
break;
case 5:
$url = $ext['url_dec'] ? $ext['url_dec'] : false;
break;
case 6:
$url = $ext['url_acc'] ? $ext['url_acc'] : false;
break;
case 10:
$url = $ext['url_pay'] ? $ext['url_pay'] : false;
break;
case 11:
$url = $ext['url_ret'] ? $ext['url_ret'] : false;
break;
case 12:
$url = $ext['url_del'] ? $ext['url_del'] : false;
break;
default:
$url = false;
}
if ($url) {
if (!$offer) {
$offer = $core->wmsale->get('offer', $order['offer_id']);
}
$odata = $offer['offer_pars'] ? unserialize($offer['offer_pars']) : false;
if (preg_match_all('#\\{eval:\\[(.*?)\\]\\}#si', $url, $ems)) {
foreach ($ems[0] as $k => $v) {
$url = str_replace($v, eval($ems[1][$k]), $url);
}
}
$url = str_replace('{id}', $order['order_id'], $url);
$url = str_replace('{uid}', $order['ext_uid'], $url);
$url = str_replace('{src}', $order['ext_src'], $url);
$url = str_replace('{time}', time(), $url);
$url = str_replace('{now}', date('d.m.Y H:i'), $url);
$url = str_replace('{reason}', rawurlencode($core->lang['reasono'][$changes['order_reason'] ? $changes['order_reason'] : $order['order_reason']]), $url);
$url = str_replace('{rcode}', $changes['order_reason'] ? $changes['order_reason'] : $order['order_reason'], $url);
$url = str_replace('{price}', $changes['order_price'] ? $changes['order_price'] : $order['order_price'], $url);
$url = str_replace('{count}', $changes['order_count'] ? $changes['order_count'] : $order['order_count'], $url);
foreach ($offer as $k => $v) {
$url = str_replace("{offer:{$k}}", $v, $url);
}
if ($odata) {
foreach ($odata as $k => $v) {
$url = str_replace("{data:{$k}}", $v, $url);
}
}
file_get_contents($url);
}
}
// PostBack processing
if ($order['flow_id'] && $changes['order_webstat'] && $order['order_webstat'] < 5) {
if ($pbu = $core->wmsale->get('flow', $order['flow_id'], 'flow_pbu')) {
$pbd = array('id' => $order['order_id'], 'offer' => $order['offer_id'], 'flow' => $order['flow_id'], 'target' => $order['target_id'], 'site' => $order['site_id'], 'space' => $order['space_id'], 'count' => $changes['order_count'] ? $changes['order_count'] : $order['order_count'], 'price' => $changes['order_price'] ? $changes['order_price'] : $order['order_price'], 'status' => $changes['order_webstat'], 'reason' => $changes['order_reason'] ? $changes['order_reason'] : $order['order_reason'], 'utmi' => $order['utm_id'], 'utms' => $order['utm_src'], 'utmc' => $order['utm_cn']);
foreach ($pbd as $pbk => $pbv) {
$pbu = str_replace('{' . $pbk . '}', $pbv, $pbu);
}
curl($pbu, $pbd);
}
}
return true;
} else {
return false;
}
}
// Checking Purse
if ($core->post['LMI_PAYEE_PURSE'] != WMR) {
die;
}
// Checking Payment ID
$id = (int) $core->post['LMI_PAYMENT_NO'];
if ($id) {
$user = $core->db->row("SELECT * FROM " . DB_USER . " WHERE user_id = '{$id}' LIMIT 1");
if (!$user['user_id']) {
die;
}
} else {
die;
}
// Checkign PreRequest
if (!$core->post['LMI_PREREQUEST']) {
// Checking Hash
$hash = WMR . $core->post['LMI_PAYMENT_AMOUNT'] . $core->post['LMI_PAYMENT_NO'] . $core->post['LMI_MODE'] . $core->post['LMI_SYS_INVS_NO'] . $core->post['LMI_SYS_TRANS_NO'] . $core->post['LMI_SYS_TRANS_DATE'] . WMK . $core->post['LMI_PAYER_PURSE'] . $core->post['LMI_PAYER_WM'];
$hash = strtoupper(md5($hash));
if ($hash != $core->post['LMI_HASH']) {
die;
}
// Processing
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
$f->add($id, 0, $core->post['LMI_PAYMENT_AMOUNT'], 1, $core->post['LMI_PAYER_PURSE']);
} else {
echo 'YES';
}
// Answer for WM-PreRequest
die;
public function __construct()
{
parent::__construct();
$this->load->model('accounting_cost_model');
$this->load->model('ebay_order_model');
}
/**
* @dataProvider dataProviderForPMT
*/
public function testPMT(float $rate, int $periods, float $pv, float $fv, bool $beginning, float $pmt)
{
$this->assertEquals($pmt, Finance::pmt($rate, $periods, $pv, $fv, $beginning));
}
public function actionView($id = null)
{
$model = Finance::model()->findByPk($id);
$this->render('view', ['model' => $model]);
}
public function deleteAction($id)
{
$id = $this->filter->sanitize($id, array("int"));
$products = Finance::findFirst('id="' . $id . '"');
if (!$products) {
$this->flash->error("没有找到对应的记录");
return $this->forward("products/index");
}
if (!$products->delete()) {
foreach ($products->getMessages() as $message) {
$this->flash->error((string) $message);
}
return $this->forward("products/search");
} else {
$this->flash->success("记录已删除");
return $this->forward("products/index");
}
}
if (isset($_FILES[$upload_name]["error"]) && $_FILES[$upload_name]["error"] != 0) {
$uploadErrors = array(
0=>"There is no error, the file uploaded with success",
1=>"The uploaded file exceeds the upload_max_filesize directive in php.ini",
2=>"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form",
3=>"The uploaded file was only partially uploaded",
4=>"No file was uploaded",
6=>"Missing a temporary folder"
);
print $uploadErrors[$_FILES[$upload_name]["error"]];
}
}
//print $_FILES[$upload_name]['name'] . "<br/>";
//do the import...
include("fin.php");
$f = new Finance();
$f->setDb($db);
$db->Query("BEGIN TRANSACTION");
$file=fopen($target,"r");
$lastTyp = '';
$errors = array();
$OCRRows = array();
$fileDat = array();
while(!feof($file)) {
$line = fgets($file);
//split by file definition...
$typ = substr($line,0,2);
$dat = array();
switch($typ) {
case '00':
function base_action($core)
{
$action = $core->get['a'] ? $core->get['a'] : null;
$id = $core->post['id'] ? (int) $core->post['id'] : ($core->get['id'] ? (int) $core->get['id'] : 0);
switch ($action) {
//
// Profile
//
case 'profile':
// Basic Profile Data
$data = array('name' => $core->text->line($core->post['name']), 'wmr' => $core->text->line($core->post['wmr']), 'news' => $core->post['news'] ? 1 : 0);
if ($data['name']) {
// Profile Email
$email = $core->text->email($core->post['email']);
if ($email && $email != $core->user->mail) {
$uid = $core->db->field("SELECT user_id FROM " . DB_USER . " WHERE user_mail = '{$email}' LIMIT 1");
if ($uid && $uid == $core->user->id) {
$data['mail'] = $email;
}
}
// Password
if ($core->post['pass'] && $core->post['pass'] == $core->post['conf']) {
$data['pass'] = $core->text->pass($core->post['pass']);
}
// Saving
$message = $core->user->edit($data) ? 'ok' : 'error';
$core->go($core->url('mm', 'profile', $message));
} else {
$core->go($core->url('mm', 'profile', 'info'));
}
case 'resetapi':
$core->user->edit(array('api' => md5(microtime())));
$core->go($core->url('mm', 'profile', 'ok'));
//
// Money
//
//
// Money
//
case 'out':
if ($core->user->wmr) {
$cash = (int) $core->post['cash'];
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
if ($cash >= 2000 && $cash <= $core->user->cash && $f->add($core->user->id, 0, -$cash, 4, $core->user->wmr)) {
$core->go($core->url('mm', 'money', 'out-ok'));
} else {
$core->go($core->url('mm', 'money', 'out-e'));
}
} else {
$core->go($core->url('mm', 'money', 'out-w'));
}
case 'cancel':
$c = $core->db->row("SELECT * FROM " . DB_CASH . " WHERE cash_id = '{$id}' LIMIT 1");
if ($c['user_id'] == $core->user->id && $c['cash_type'] == 4) {
require_once PATH_LIB . 'finance.php';
$f = new Finance($core);
if ($f->del($id)) {
$core->go($core->url('mm', 'money', 'cancel-ok'));
} else {
$core->go($core->url('mm', 'money', 'cancel-e'));
}
} else {
$core->go($core->url('mm', '', 'access'));
}
//
// Support
//
//
// Support
//
case 'suppa':
require_once PATH_LIB . 'support.php';
support_add($core, $core->user->id, 0, $core->post['text']);
if ($core->get['z'] == 'ajax') {
echo 'ok';
$core->_die();
} else {
$core->go($core->url('m', 'support'));
}
case 'suppu':
require_once PATH_LIB . 'support.php';
$messages = support_show($core, $core->user->id, 0, $core->get['from']);
if ($mc = count($messages)) {
$core->tpl->load('body', 'message');
$mn = $mx = $mm = 0;
foreach ($messages as &$m) {
$core->tpl->block('body', 'msg', $m);
$mx = max($mx, $m['id']);
$mn = $mn ? min($mn, $m['id']) : $m['id'];
if ($m['new']) {
$mm += 1;
}
}
$core->tpl->vars('body', array('showmore' => $core->lang['support_more'], 'mn' => $mn, 'mx' => $mx, 'mc' => $mm));
if ($core->get['from'] >= 0) {
$core->tpl->block('body', 'more');
}
$core->tpl->output('body');
}
$core->_die();
}
return false;
}
public function __construct()
{
parent::__construct();
$this->load->model('rate_model');
$this->load->model('order_model');
}
