Ejemplo n.º 1
0
            echo "<p>" . $label['pack_cannot_select'] . "</p>";
        }
    } else {
        display_order(session_id(), $BID);
        $sql = "select * from users where ID='" . $_SESSION['MDS_ID'] . "'";
        $result = mysql_query($sql) or die(mysql_error() . $sql);
        $u_row = mysql_fetch_array($result);
        ?>
		<p>
		<?php 
        display_edit_order_button('temp');
        ?>
 &nbsp;
		<?php 
        //echo "can ordr:".can_user_order($b_row, $_SESSION['MDS_ID'], $_REQUEST['pack']);
        if (!can_user_order($b_row, $_SESSION['MDS_ID'], $_REQUEST['pack'])) {
            // one more check before continue
            if (!$p_max_ord) {
                $max = G_MAX_ORDERS;
            } else {
                $max = $p_max_ord;
            }
            $label['pack_cannot_select'] = str_replace("%MAX_ORDERS%", $max, $label['pack_cannot_select']);
            echo "<p>" . $label['advertiser_max_order'] . "</p>";
        } else {
            if ($order_row['price'] == 0 || $u_row['Rank'] == 2) {
                // go straight to publish...
                //http://localhost/MillionDollarScript-2.0.13/users/publish.php?action=complete&BID=2&order_id=temp
                ?>
				
				<input type='button' class='big_button' value="<?php 
Ejemplo n.º 2
0
function reserve_pixels_for_temp_order($temp_order_row)
{
    // check if the user can get the order
    if (!can_user_order(load_banner_row($temp_order_row['banner_id']), $_SESSION['MDS_ID'], $temp_order_row['package_id'])) {
        echo 'can\'t touch this<br>';
        return false;
    }
    require_once '../include/ads.inc.php';
    ###################################################
    if (USE_LOCK_TABLES == 'Y') {
        $sql = "LOCK TABLES blocks WRITE, orders WRITE, ads WRITE, temp_orders WRITE,  currencies READ, prices READ, banners READ, form_fields READ, form_field_translations READ";
        $result = mysql_query($sql) or die(" <b>Dear Webmaster: The current MySQL user does not have permission to lock tables. Please give this user permission to lock tables, or turn off locking in the Admin. To turn off locking in the Admin, please go to Main Config and look under the MySQL Settings.<b>");
    } else {
        // poor man's lock
        $sql = "UPDATE `config` SET `val`='YES' WHERE `key`='SELECT_RUNNING' AND `val`='NO' ";
        $result = mysql_query($sql) or die(mysql_error());
        if (mysql_affected_rows() == 0) {
            // make sure it cannot be locked for more than 30 secs
            // This is in case the proccess fails inside the lock
            // and does not release it.
            $unix_time = time();
            // get the time of last run
            $sql = "SELECT * FROM `config` where `key` = 'LAST_SELECT_RUN' ";
            $result = @mysql_query($sql);
            $t_row = @mysql_fetch_array($result);
            if ($unix_time > $t_row['val'] + 30) {
                // release the lock
                $sql = "UPDATE `config` SET `val`='NO' WHERE `key`='SELECT_RUNNING' ";
                $result = @mysql_query($sql) or die(mysql_error());
                // update timestamp
                $sql = "REPLACE INTO config (`key`, `val`) VALUES ('LAST_SELECT_RUN', '{$unix_time}')  ";
                $result = @mysql_query($sql) or die(mysql_error());
            }
            usleep(5000000);
            // this function is executing in another process. sleep for half a second
            reserve_pixels_for_temp_order($temp_order_row);
            return;
        }
    }
    ####################################################
    $filename = SERVER_PATH_TO_ADMIN . 'temp/' . "info_" . md5(session_id()) . ".txt";
    $fh = fopen($filename, 'rb');
    $block_info = fread($fh, filesize($filename));
    fclose($fh);
    //$block_info = unserialize($temp_order_row['block_info']);
    $block_info = unserialize($block_info);
    //echo "block info:";
    //print_r($block_info);
    $in_str = $temp_order_row['blocks'];
    $sql = "select block_id from blocks where banner_id='" . $temp_order_row['banner_id'] . "' and block_id IN(" . $in_str . ") ";
    //echo $sql."<br>";
    $result = mysql_query($sql) or die($sql . mysql_error());
    if (mysql_num_rows($result) > 0) {
        return false;
        // the pixels are not available!
    }
    // approval status, default is N
    $banner_row = load_banner_row($temp_order_row['banner_id']);
    $approved = $banner_row['auto_approve'];
    $now = gmdate("Y-m-d H:i:s");
    $sql = "REPLACE INTO orders (user_id, order_id, blocks, status, order_date, price, quantity, banner_id, currency, days_expire, date_stamp, package_id, ad_id, approved) VALUES ('" . $_SESSION['MDS_ID'] . "', '', '" . $in_str . "', 'new', '" . $now . "', '" . $temp_order_row['price'] . "', '" . $temp_order_row['quantity'] . "', '" . $temp_order_row['banner_id'] . "', '" . get_default_currency() . "', " . $temp_order_row['days_expire'] . ", '" . $now . "', " . $temp_order_row['package_id'] . ", " . $temp_order_row['ad_id'] . ", '" . $approved . "') ";
    $result = mysql_query($sql) or die(mysql_error() . $sql);
    $order_id = mysql_insert_id();
    mds_log("Changed temp order to a real order - " . $sql);
    //echo "<hr>";echo $sql; echo "<hr>";
    $sql = "UPDATE ads SET user_id='" . $_SESSION['MDS_ID'] . "', order_id='" . $order_id . "' where ad_id='" . $temp_order_row['ad_id'] . "' ";
    //echo $sql;
    mysql_query($sql) or die(mysql_error() . $sql);
    $sql = "UPDATE orders SET original_order_id='" . $order_id . "' where order_id='" . $order_id . "' ";
    //echo $sql;
    mysql_query($sql) or die(mysql_error() . $sql);
    global $prams;
    $prams = load_ad_values($temp_order_row['ad_id']);
    $url = get_template_value('URL', 1);
    $alt_text = get_template_value('ALT_TEXT', 1);
    //print_R($block_info);
    //echo "<P>url: $url, alt_text: $alt_text </p>";
    foreach ($block_info as $key => $block) {
        $sql = "REPLACE INTO `blocks` ( `block_id` , `user_id` , `status` , `x` , `y` , `image_data` , `url` , `alt_text`, `approved`, `banner_id`, `currency`, `price`, `order_id`, `ad_id`) VALUES ('" . $key . "',  '" . $_SESSION['MDS_ID'] . "' , 'reserved' , '" . $block['map_x'] . "' , '" . $block['map_y'] . "' , '" . $block['image_data'] . "' , '" . addslashes($url) . "' , '" . addslashes($alt_text) . "', '" . $approved . "', '" . $temp_order_row['banner_id'] . "', '" . get_default_currency() . "', '" . $block['price'] . "', '" . $order_id . "', '" . $temp_order_row['ad_id'] . "')";
        //echo $sql."<br>";
        mds_log("Updated block - " . $sql);
        mysql_query($sql) or die(mysql_error() . $sql);
    }
    delete_temp_order(session_id(), false);
    // false = do not delete the ad...
    ###################################################
    if (USE_LOCK_TABLES == 'Y') {
        $sql = "UNLOCK TABLES";
        $result = mysql_query($sql) or die(mysql_error() . " <b>Dear Webmaster: The current MySQL user set in config.php does not have permission to lock tables. Please give this user permission to lock tables, or set USE_LOCK_TABLES to 'No' in the Main Config section in the Admin.<b>");
    } else {
        // release the poor man's lock
        $sql = "UPDATE `config` SET `val`='NO' WHERE `key`='SELECT_RUNNING' ";
        mysql_query($sql);
        $unix_time = time();
        // update timestamp
        $sql = "REPLACE INTO config (`key`, `val`) VALUES ('LAST_SELECT_RUN', '{$unix_time}')  ";
        $result = @mysql_query($sql) or die(mysql_error());
    }
    ####################################################
    return $order_id;
}
Ejemplo n.º 3
0
load_banner_constants($BID);
if ($_REQUEST['user_id'] != '') {
    $user_id = $_REQUEST['user_id'];
    if (!is_numeric($_REQUEST['user_id'])) {
        die;
    }
} else {
    $user_id = $_SESSION['MDS_ID'];
}
$sql = "select * from banners where banner_id='{$BID}'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$b_row = mysql_fetch_array($result);
$sql = "select Rank from users where ID='{$user_id}'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$u_row = mysql_fetch_array($result);
if (!can_user_order($b_row, $_SESSION['MDS_ID'])) {
    $max_orders = true;
    echo 'max_orders';
    die;
}
// check the max pixels
if (G_MAX_BLOCKS > 0) {
    $sql = "SELECT * from blocks where user_id='{$user_id}' and status='reserved' and banner_id='{$BID}' ";
    $result = mysql_query($sql) or die(mysql_error() . $sql);
    $count = mysql_num_rows($result);
    if ($count >= G_MAX_BLOCKS) {
        //echo 'max_selected';
        //die();
        $max_selected = true;
    }
}