}
exit();
}
if(array_get($_GET, 'noheader')==1) {
page_header(0);
}else{
page_header();
}
$db=new DBConnection();
$userDetails=$db->getRow('users','user_account_num="'.$_GET['uid'].'"','user_email, user_firstname, user_lastname, user_username, user_account_num, user_balance');
if(isset($_GET['buyref'])) {
$query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Buy Confirmation"';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if($num_rows>0) {
$row=$db->fetch($res);
$_POST['mail_templates_id']=$row['mail_templates_id'];
}
}elseif(isset($_GET['sellref'])) {
$query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Sell Confirmation"';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if($num_rows>0) {
$row=$db->fetch($res);
$_POST['mail_templates_id']=$row['mail_templates_id'];
}
}elseif(isset($_GET['tdref'])) {
$query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Deposit Confirmation"';
$res=$db->rq($query);
function addNewTradeShort($tradesSell_id=0) {
$db=new DBConnection();
if ($tradesSell_id && !isset($_POST['_form_submit'])){
$query='SELECT * FROM stock_trades WHERE trade_ref="'.$tradesSell_id.'"';
$res=$db->rq($query);
$_POST=$db->fetch($res);
$_SESSION['admin']['uedit']=$_POST['trades_id'];
$JSCripts=' onchange="setDetails(0);"';
$JSCriptsSelect=' onchange="setDetails(3);"';
$JSCriptsPremium=' onchange="setDetails(1);"';
}else{
$_POST['trade_stockprice']='0.0000';
$_POST['trade_shares']=10;
$JSCripts=' onchange="setDetails(0);"';
$JSCriptsSelect=' onchange="setDetails(3);"';
$JSCriptsPremium=' onchange="setDetails(1);"';
}
if (array_get($_POST, 'trade_date') == ''){
$_POST['trade_date'] = date('Y-m-d', CUSTOMTIME);
}
global $tradesStatuses;
global $tradesBuyOptions;
$pcontent='';
$pcontent.='
<div class="mainHolder">
<div class="hintHolder ui-state-default"><b>'.(($tradesSell_id>0)?'Editing':'Adding New').' SHORT Order</b></div>
<script type="text/javascript" src="../js/jquery.metadata.js"></script>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="js/forms/stradesShort.js"></script>
<script type="text/javascript">
jQuery(document).ready(
function($) {
var sliderValue = '.$_POST['trade_shares'].';
$("#slider").slider( {
min : 1,
max : 99999,
step : 1,
value : [ sliderValue ],
slide : function(event, ui) {
$("#sliderVal").val(ui.value);
}
});
$("#sliderVal").attr("value", sliderValue);
$("#sliderVal").keyup(function() {
var sliderValue = +this.value;
if (sliderValue >= 1 && sliderValue <= 99999) {
$("#slider").slider("value", sliderValue);
} else {
alert("Please enter a value between 1 and 99999");
$("#slider").slider("value", 1);
$("#sliderVal").attr("value", 1);
}
});
$("#slider, #sliderVal").bind("mousedown mouseup mousemove mouseout mouseover", function() {
setDetails(0);
});
'.((!$tradesSell_id)?'setDetails(3);':'setDetails(4);').'
});
</script>
<form name="addNewTradeShort" method="POST" id="MainForms" action="">
<div class="left">
<fieldset class="mainFormHolder left">
<legend>Account</legend>
<div class="formsRight">
<select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true"'.$JSCripts.'>
<option value="">Select account</option>';
$query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users ORDER BY user_firstname ASC, user_lastname ASC';
$res=$db->rq($query);
while (($row=$db->fetch($res))!=FALSE){
$pcontent.='<option value="'.$row['user_account_num'].'"'.((array_get($_GET, 'uid')==$row['user_account_num']||array_get($_POST, 'user_account_num')==$row['user_account_num'])?' selected':'').'>'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>';
}
$pcontent.='
</select>
</div>
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Transaction</legend>
<div class="formsLeft">Trade Order:</div>
<div class="formsRight">SHORT SELL</div>
<br />
<div class="formsLeft">Share(s):</div>
<div class="formsRight">
<div id="slider"><a href="#"></a></div> <input type="text" class="text-input-smallest left" id="sliderVal" name="trade_shares"'.$JSCripts.' />
</div>
<br /><br />
<div class="formsLeft">Stock:</div>
<div class="formsRight">
<select name="stocks_id" id="stocks_id" class="text-input"'.$JSCriptsSelect.'>';
$query='SELECT stocks_id, stocks_symbol, stocks_name FROM stocks ORDER BY stocks_symbol ASC';
$res=$db->rq($query);
while($row = $db->fetch($res)) {
$subq=$db->rq('SELECT value FROM stock_details WHERE stocks_id='.$row['stocks_id'].' ORDER BY date DESC LIMIT 1');
$subrow=$db->fetch($subq);
$pcontent.='<option value="'.$row['stocks_id'].'_'.$subrow['value'].'_'.$row['stocks_symbol'].'"'.(($row['stocks_id']==array_get($_POST, 'stocks_id'))?' selected':'').'>'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>';
}
$pcontent.='
</select>
</div><br />
<div class="formsLeft">Notes:</div>
<div class="formsRight">
<input type="text" class="text-input left" name="trade_notes" value="'.array_get($_POST, 'trade_notes').'"'.$JSCripts.' />
</div>
<br /><br />
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Trade Details</legend>
<input class="ui-state-default trade-details" type="text" name="trade_details" id="trade_details" value="'.array_get($_POST, 'trade_details', 'SHORT').'" readonly />
</fieldset>';
$totalRelated=0;
$query2='SELECT trade_details, stock_trades.trade_ref FROM trades_related tr LEFT JOIN stock_trades ON tr.trade_ref=stock_trades.trade_ref WHERE trade_ref_relatedto="'.array_get($_POST, 'trade_ref').'"';
$res2=$db->rq($query2);
$totalRelated=$db->num_rows($res2);
if ($totalRelated>0){
$pcontent.='
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Related Trades</legend><br />';
while (($row2=$db->fetch($res2))!=FALSE){
$pcontent.='<div class="ui-state-default trade-details"><a href="strades.php?action=edit_sell&tref='.$row2['trade_ref'].'" style="display:block;">'.$row2['trade_details'].'</a></div><br />';
}
$pcontent.='
</fieldset>';
}
$pcontent.='
</div>
<div class="left">
<fieldset class="mainFormHolder left">
<legend>Prices</legend>
<div class="formsLeft">Price/share:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_price_share" id="trade_price_share" value="'.array_get($_POST, 'trade_price_share').'"'.$JSCripts.' />
</div>
<br />
<div class="formsLeft">Trade Value:</div>
<div class="formsRight">
<input class="text-input align-right ui-state-default" type="text" name="trade_value" id="trade_value" value="'.array_get($_POST, 'trade_value').'" readonly />
</div>
<br />
<div class="formsLeft">Fees:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_fees" id="trade_fees" value="'.array_get($_POST, 'trade_fees').'"'.$JSCripts.' />
</div>
<br />
<div class="formsLeft">Total Invoiced:</div>
<div class="formsRight">
<input class="text-input align-right ui-state-default" type="text" name="trade_invoiced" id="trade_invoiced" value="'.array_get($_POST, 'trade_invoiced').'" />
</div>
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Settings</legend>
<div class="formsLeft">Value date:</div>
<div class="formsRight">
<input class="text-input" type="text" name="trade_date" id="trade_date" value="'.array_get($_POST, 'trade_date').'" />
</div>
<br />
<div class="formsLeft">Status:</div>
<div class="formsRight">
<select name="trade_status" class="text-input">';
foreach ($tradesStatuses as $StatusID=>$StatusName){
$pcontent.='<option value="'.$StatusID.'"'.(($StatusID==array_get($_POST, 'trade_status'))?' selected':'').'>'.$StatusName.'</option>';
}
$pcontent.='
</select>
</div>
</fieldset>
<div class="clear"></div>
<div class="mainFormHolder left btnsHolder">';
if ($totalRelated==0){
$pcontent.='
<input type="hidden" name="_form_submit" value="1" />
<input type="hidden" name="_add_short" value="1" />
<input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />';
if ($tradesSell_id){
$pcontent.='
<input type="hidden" name="tref" value="'.$tradesSell_id.'">
<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this BUY?\')) location=\'?action=delete_buy&buyid='.($_POST['trade_ref']).'\';" />';
}
}else{
$pcontent.='
<div class="ui-state-error bold" style="width:300px; margin:auto; padding:5px;">
These BUY trade have been partially or totally sold and therefore cannot be updated.
</div>';
}
$pcontent.='
<input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'strades.php\';" />
</div>
</div>
</form>
</div>';
$db->close();
return $pcontent;
}
public function resetPasswordAnswer()
{
$db = new DBConnection();
$return = array();
$query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
if (!isset($row['user_secret_answer'])) {
$return['error'] = getLang('reset_noansw');
} else {
if (strtolower(trim($_POST['rform_answer'])) == strtolower(trim($row['user_secret_answer']))) {
$pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i';
$check = preg_match($pattern, $_POST['rform_email']);
if ($check == 0) {
$return['error'] = getLang('reset_invalid_email');
} else {
$db = new DBConnection();
$query = 'SELECT u.*, ua1.advisor_names as user_advisor1, ua2.advisor_names as user_advisor2 FROM users u
left join users_advisors ua1 on u.user_advisor1 = ua1.users_advisors_id
left join users_advisors ua2 on u.user_advisor2 = ua2.users_advisors_id
WHERE u.user_email="' . $_POST['rform_email'] . '" LIMIT 1';
$res = $db->rq($query);
$num_rows = $db->num_rows($res);
if ($num_rows > 0) {
$row = $db->fetch($res);
addLog('Front-end', 'Login', '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . ' (' . $row['user_account_num'] . ')', 0, 'Password reset request.');
/*$possible = '0123456789abcdfghjklmnopqrstuvwxyzABCDFGHJKLMNOPQRSTUVWXYZ';
$newpass = '';
$i = 0;
for($i=0;$i<8;$i++) {
$newpass.= substr($possible, mt_rand(0, strlen($possible)-1), 1);
}
$query2='UPDATE users SET user_password="******", user_passisset=0 WHERE users_id='.($row['users_id']+0).'';
$db->rq($query2);
*/
$query3 = 'SELECT * FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Forgot password"';
$res3 = $db->rq($query3);
$num_rows3 = $db->num_rows($res3);
if ($num_rows3 > 0) {
$row3 = $db->fetch($res3);
$query4 = 'SELECT * FROM global_settings WHERE section="mail_settings"';
$res4 = $db->rq($query4);
while (($row4 = $db->fetch($res4)) != FALSE) {
if ($row4['variable'] == 'mail_mandrill_host' && $row4['variable_value'] != '') {
$smtp_host = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_port' && $row4['variable_value'] != '') {
$smtp_port = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_user' && $row4['variable_value'] != '') {
$smtp_user = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_password' && $row4['variable_value'] != '') {
$smtp_password = $row4['variable_value'];
}
}
include 'nomad_mimemail.inc.php';
$mimemail = new nomad_mimemail();
$mimemail->set_charset("UTF-8");
if ($row3['mail_from'] != '') {
$mimemail->set_from($row3['mail_from_mail'], $row3['mail_from']);
$mimemail->set_reply_to($row3['mail_from_mail'], $row3['mail_from']);
} else {
$mimemail->set_from($row3['mail_from_mail']);
$mimemail->set_reply_to($row3['mail_from_mail']);
}
$search_for = array('{user_first_name}', '{user_last_name}', '{user_username}', '{user_password}', '{user_password_org}', '{user_account_num}', '{user_account_name}', '{user_admin_ref}', '{user_phone}', '{user_email}', '{user_mailing_address}', '{user_city}', '{user_state}', '{user_postal}', '{user_country}', '{user_advisor1}', '{user_advisor2}', '{user_app_date}');
$replace_with = array($row['user_firstname'], $row['user_lastname'], $row['user_username'], $row['user_password'], $row['user_password'], $row['user_account_num'], $row['user_account_name'], $row['user_ref'], $row['user_phone'], $row['user_email'], $row['user_mailing_address'], $row['user_city'], $row['user_state'], $row['user_postal'], $row['user_country'], $row['user_advisor1'], $row['user_advisor2'], $row['user_app_date']);
$row3['mail_html'] = str_replace($search_for, $replace_with, $row3['mail_html']);
$row3['mail_plain'] = str_replace($search_for, $replace_with, $row3['mail_plain']);
$t_search_for = array('{thanks}');
$t_replace_with_html = array(getLang('mails_thanks_html'));
$t_replace_with_plain = array(getLang('mails_thanks_plain'));
$row3['mail_html'] = str_replace($t_search_for, $t_replace_with_html, $row3['mail_html']);
$row3['mail_plain'] = str_replace($t_search_for, $t_replace_with_plain, $row3['mail_plain']);
$mimemail->set_subject($row3['mail_subject']);
$mimemail->set_html($row3['mail_html']);
$mimemail->set_text($row3['mail_plain']);
$mimemail->set_to($_POST['rform_email'], '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . '');
if ($row3['mail_bcc']) {
$mimemail->set_bcc($row3['mail_bcc']);
}
$mimemail->set_smtp_host($smtp_host, $smtp_port);
$mimemail->set_smtp_auth($smtp_user, $smtp_password);
$mimemail->send();
}
$db->close();
$return['success'] = getLang('rform_newpass');
} else {
$return['error'] = getLang('reset_noemail');
}
}
} else {
$return['error'] = getLang('reset_wrong');
}
}
if (isset($return['error'])) {
$return['error'] = strip_tags($return['error']);
}
echo json_encode($return);
}
function addNewTradeSell($tradesSell_id=0) {
$db=new DBConnection();
if ($tradesSell_id&&!$_POST['_form_submit']){
$query='SELECT * FROM trades WHERE trade_ref="'.$tradesSell_id.'"';
$res=$db->rq($query);
$_POST=$db->fetch($res);
$_SESSION['admin']['uedit']=$_POST['trades_id'];
}
$JSCripts=' onchange="setDetails(0);"';
$JSCriptsPremium=' onchange="setDetails(1);"';
if ($_POST['trade_date']=='') $_POST['trade_date']=date('Y-m-d', CUSTOMTIME);
global $tradesSellStatuses;
global $tradesBuyOptions;
$pcontent='';
$pcontent.='
<div class="mainHolder">
<div class="hintHolder ui-state-default"><b>'.(($_GET['action']=='new_sell')?'Adding new':'Editing').' SELL Order</b></div>
<script type="text/javascript" src="../js/jquery.metadata.js"></script>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="js/forms/tradesSell.js"></script>
<script type="text/javascript">
jQuery(document).ready(
function($) {
var sliderValue = '.$_POST['trade_positions_left'].';
$("#slider").slider( {
min : 1,
max : '.$_POST['trade_positions_left'].',
step : 1,
value : [ sliderValue ],
slide : function(event, ui) {
$("#sliderVal").val(ui.value);
}
});
$("#sliderVal").attr("value", sliderValue);
$("#sliderVal").keyup(function() {
var sliderValue = +this.value;
if (sliderValue >= 1 && sliderValue <= '.$_POST['trade_positions_left'].') {
$("#slider").slider("value", sliderValue);
} else {
alert("Please enter a value between 1 and '.$_POST['trade_positions_left'].'");
$("#slider").slider("value", 1);
$("#sliderVal").attr("value", 1);
}
});
$("#slider, #sliderVal").bind("mousedown mouseup mousemove mouseout mouseover", function() {
setDetails();
});
setDetails();
});
</script>
<form name="addNewTradeBuy" method="POST" id="MainForms" action="">
<div class="left">
<fieldset class="mainFormHolder left">
<legend>Account</legend>
<div class="formsRight">
<select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true">';
$query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users WHERE user_account_num="'.$_POST['user_account_num'].'" LIMIT 1';
$res=$db->rq($query);
while (($row=$db->fetch($res))!=FALSE){
$pcontent.='<option value="'.$row['user_account_num'].'">'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>';
}
$pcontent.='
</select>
</div>
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Contract</legend>
<div class="formsLeft">Trade Order:</div>
<div class="formsRight">SELL</div>
<br />
<div class="formsLeft">Position(s):</div>
<div class="formsRight">
<div id="slider"><a href="#"></a></div> <input type="text" class="text-input-smallest left" id="sliderVal" name="trade_positions"'.$JSCripts.' />
</div>
<br /><br />
<div class="formsLeft">Option:</div>
<div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_option" id="trade_option" value="'.$tradesBuyOptions[$_POST['trade_option']].'"></div>
<br />
<div class="formsLeft">Commodity:</div>
<div class="formsRight">';
$query='SELECT * FROM commodities WHERE commodities_id='.($_POST['commodities_id']+0).' LIMIT 1';
$res=$db->rq($query);
$row=$db->fetch($res);
$strToUse=strtotime($_POST['trade_expiry_date']);
$pcontent.='
<input class="text-input ui-state-default" type="text" name="commodities_id" id="commodities_id" value="'.$row['commodities_symbol'].' ('.$row['commodities_name'].')">
</div>
<br />
<div class="formsLeft">Expiry Date:</div>
<div class="formsRight">
<div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_expiry_date" id="trade_expiry_date" value="'.date('d M y', $strToUse).'"></div>
</div>
<br />
<div class="formsLeft">Strike Price:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_strikeprice" id="trade_strikeprice" value="'.$_POST['trade_strikeprice'].'"'.$JSCripts.' />
</div><br />
<div class="formsLeft">Notes:</div>
<div class="formsRight">
<input type="text" class="text-input left" name="trade_notes" value="'.$_POST['trade_notes'].'"'.$JSCripts.' />
</div>
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Trade Details</legend>
<input class="ui-state-default trade-details" type="text" name="trade_details" id="trade_details" value="'.(($_POST['trade_details']!='')?''.$_POST['trade_details'].'':'BUY').'" readonly />
</fieldset>
<div class="clear"></div>';
$totalRelated=0;
$query2='SELECT trade_ref_relatedto FROM trades_related WHERE trade_ref="'.$_POST['trade_ref'].'"';
$res2=$db->rq($query2);
$totalRelated=$db->num_rows($res2);
if ($totalRelated>0){
$row2=$db->fetch($res2);
$getRelatedInfo=$db->getRow('trades','trade_ref="'.$row2['trade_ref_relatedto'].'"','trade_ref, trade_details');
$pcontent.='
<fieldset class="mainFormHolder left">
<legend>Related Trades</legend><br />
<div class="ui-state-default trade-details"><a href="trades.php?action=edit_buy&tref='.$getRelatedInfo['trade_ref'].'" style="display:block;">'.$getRelatedInfo['trade_details'].'</a></div><br />
</fieldset>';
}
$pcontent.='
</div>
<div class="left">
<fieldset class="mainFormHolder left">
<legend>Prices</legend>
<div class="formsLeft">Premium:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_premium_price" id="trade_premium_price" value="'.$_POST['trade_premium_price'].'"'.$JSCriptsPremium.' />
</div>
<br />
<div class="formsLeft">Contract Size:</div>
<div class="formsRight">
<input class="text-input align-right ui-state-default" type="text" name="trade_contract_size" id="trade_contract_size" value="'.$_POST['trade_contract_size'].'" readonly />
</div>
<br />
<div class="formsLeft">Price/contract:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_price_contract" id="trade_price_contract" value="'.$_POST['trade_price_contract'].'"'.$JSCripts.' />
</div>
<br />
<div class="formsLeft">Trade Value:</div>
<div class="formsRight">
<input class="text-input align-right ui-state-default" type="text" name="trade_value" id="trade_value" value="'.$_POST['trade_value'].'" readonly />
</div>
<br />
<div class="formsLeft">Fees:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="trade_fees" id="trade_fees" value="'.$_POST['trade_fees'].'"'.$JSCripts.' />
</div>
<br />
<div class="formsLeft">Total Invoiced:</div>
<div class="formsRight">
<input class="text-input align-right ui-state-default" type="text" name="trade_invoiced" id="trade_invoiced" value="'.$_POST['trade_invoiced'].'" />
</div>
</fieldset>
<div class="clear"></div>
<fieldset class="mainFormHolder left">
<legend>Settings</legend>
<div class="formsLeft">Value date:</div>
<div class="formsRight"><input class="text-input" type="text" name="trade_date" id="trade_date" value="'.$_POST['trade_date'].'" /></div>
<br />
<div class="formsLeft">Status:</div>
<div class="formsRight">
<select name="trade_status" class="text-input">';
foreach ($tradesSellStatuses as $StatusID=>$StatusName){
$pcontent.='<option value="'.$StatusID.'"'.(($StatusID==$_POST['trade_status'])?' selected':'').'>'.$StatusName.'</option>';
}
$pcontent.='
</select>
</div>
</fieldset>
<div class="clear"></div>
<div class="mainFormHolder left btnsHolder">
<input type="hidden" name="_form_submit" value="1" />
<input type="hidden" name="_add_sell" value="1" />
<input type="hidden" name="trid" value="'.$tradesSell_id.'">
<input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />
<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this SELL?\')) location=\'?action=delete_sell&sellid='.($_POST['trade_ref']).'\';" />
<input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'trades.php\';" />
</div>
</div>
</form>
</div>';
$db->close();
return $pcontent;
}
function page_header_simple($redirect = 0)
{
if ($_SESSION['user']['is_logged'] == 1) {
$PageTitle = getLang('ptitle_logged');
} else {
$PageTitle = getLang('ptitle_notlogged');
}
echo '<!DOCTYPE html>
<!--[if lt IE 7]> <html lang="en-us" class="no-js ie6"> <![endif]-->
<!--[if IE 7]> <html lang="en-us" class="no-js ie7"> <![endif]-->
<!--[if IE 8]> <html lang="en-us" class="no-js ie8"> <![endif]-->
<!--[if IE 9]> <html lang="en-us" class="no-js ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html lang="en-us" class="no-js"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<title>' . $PageTitle . '</title>
<meta http-equiv="content-type" content="application/xhtml+xml" />
<meta http-equiv="X-UA-Compatible" content="IE=100" />
<meta name="robots" content="NOINDEX,NOFOLLOW" />
<meta name="viewport" content="width=device-width; initial-scale=1; maximum-scale=1;">
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
';
echo '
<link href="adminica/styles/adminica/reset.css" media="all" rel="stylesheet" type="text/css" />
<link href="adminica/styles/plugins/all/plugins.css" media="all" rel="stylesheet" type="text/css" />
<link href="adminica/styles/adminica/all.css" media="all" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="adminica/styles/themes/layout_switcher.php?default=layout_fixed.css" >
<link rel="stylesheet" href="adminica/styles/themes/nav_switcher.php?default=nav_top.css" >
<link rel="stylesheet" href="adminica/styles/themes/skin_switcher.php?default=skin_light.css" >
<link rel="stylesheet" href="adminica/styles/themes/theme_switcher.php?default=theme_blue.css" >
<link rel="stylesheet" href="adminica/styles/themes/bg_switcher.php?default=bg_white_wall.css" >
<link rel="stylesheet" href="adminica/styles/adminica/colours.css">
<link rel="stylesheet" href="css/custom.css">
<link rel="stylesheet" href="css/font-awesome/css/font-awesome.min.css">
<link href="css/validationEngine.jquery.css" media="all" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="adminica/scripts/plugins-min.js"></script>
<script type="text/javascript" src="adminica/scripts/adminica/adminica_all-min.js"></script>
<!--<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="js/jquery-ui-1.7.2.custom.min.js"></script>-->
<script type="text/javascript" src="js/scripts.js"></script>';
if ($SelectedTab == 2) {
echo '
<link href="css/jquery.jqplot.css" media="all" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js/excanvas.min.js"></script>
<script type="text/javascript" src="js/jquery.jqplot.min.js"></script>
<script type="text/javascript" src="js/plugins/jqplot.dateAxisRenderer.min.js"></script>
<script type="text/javascript" src="js/plugins/jqplot.canvasTextRenderer.min.js"></script>
<script type="text/javascript" src="js/plugins/jqplot.canvasAxisTickRenderer.min.js"></script>
<script type="text/javascript" src="js/plugins/jqplot.categoryAxisRenderer.min.js"></script>
<script type="text/javascript" src="js/plugins/jqplot.barRenderer.js"></script>
';
}
echo '
<style>
.xLabel
{
display: inline-block;
width: 50%;
}
</style>
</head>
<body>
<div id="pjax">';
include 'includes/custom_header.php';
if ($_SESSION['user']['is_logged'] == 1) {
echo '<div id="main_container" class="main_container container_16 clearfix">';
include 'adminica/includes/components/navigation.php';
} else {
$db = new DBConnection();
$UserIP = GetHostByName($_SERVER["REMOTE_ADDR"]);
$query = 'SELECT banned_ips_id FROM banned_ips WHERE banned_ip="' . $UserIP . '" LIMIT 1';
$res = $db->rq($query);
$num_rows = $db->num_rows($res);
$db->close();
if ($num_rows > 0) {
echo '</div><div class="LoginContainer"><h3>' . getLang('lform_publicbanmessage') . '</h3></div>';
} else {
//include('parts/login_box.php');
}
}
}
function page_header($showbuttons=1){
if (array_get($_SESSION['admin'], 'is_logged') == 1) {
$PageTitle = getLang('atitle_logged');
} else {
$PageTitle = getLang('atitle_notlogged');
}
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>'.$PageTitle.'</title>
<meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
<meta name="robots" content="NOINDEX,NOFOLLOW" />
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<meta http-equiv="content-language" content="en" />
<meta name="language" content="en" />';
if(array_get($_SESSION['admin'], 'is_logged') == true) {
echo '
<link href="../themes/smoothness/jquery-ui-1.7.2.custom.css" media="all" rel="stylesheet" type="text/css" />
<link href="../css/validationEngine.jquery.css" media="all" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="../js/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="../js/jquery-ui-1.7.2.custom.min.js"></script>
<script type="text/javascript" src="../js/underscore-min.js"></script>
<script type="text/javascript" src="js/scripts.js"></script>
<script type="text/javascript">
var AJAX_URL = "' . $_SERVER['REQUEST_URI'] . '";
jQuery(document).ready(function($){
var $tabs = $("#tabs").tabs({
select: function(event, ui){
var url = $.data(ui.tab, "load.tabs");
var tabid = ui.panel.id;
if(url) {
location.href = url;
return false;
}
return true;
}
});
$("#tabs").tabs("select", '.($_SESSION['admin']['selected_tab']+0).');
$("div.TabsHolder").show();
$("#Tab0, #Tab1, #Tab2, #Tab3, #Tab5, #Tab6, #Tab7, #Tab10").click(function() {
location.href = $(this).attr("rel");
return false;
});
$("#expiry_date, #trade_date, #tr_date, #user_app_date, #date_value").datepicker({
changeMonth: true,
changeYear: true,
dateFormat: "yy-mm-dd"
});
});
</script>';
}
echo '
<link href="css/styles.css" media="screen" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="css/font-awesome/css/font-awesome.min.css">
</head>
<body>
<div class="wrapper">';
if(array_get($_SESSION['admin'], 'is_logged') == true) {
$mailsToSend='';
$db=new DBConnection();
if($showbuttons==1) {
$query='SELECT COUNT(*) AS total_mails FROM mail_queue WHERE is_sent=0';
$res=$db->rq($query);
$row=$db->fetch($res);
if($row['total_mails']>0){
$mailsToSend=' ('.$row['total_mails'].')';
}
$usersActive='';
$usersPending='';
$usersDisabled='';
$usersTrades0='';
$usersTrades1='';
$usersTrades2='';
$query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=1';
$res=$db->rq($query);
$row=$db->fetch($res);
if($row['total_num']>0){
$usersActive=' ('.$row['total_num'].')';
}
$query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=2';
$res=$db->rq($query);
$row=$db->fetch($res);
if($row['total_num']>0){
$usersPending=' ('.$row['total_num'].')';
}
$query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=3';
$res=$db->rq($query);
$row=$db->fetch($res);
if($row['total_num']>0){
$usersDisabled=' ('.$row['total_num'].')';
}
$query='SELECT COUNT(trades_id) AS total_num FROM users
LEFT JOIN trades ON users.user_account_num=trades.user_account_num
GROUP BY users.user_account_num
HAVING total_num>=2';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if($num_rows>0){
$usersTrades2=' ('.$num_rows.')';
}
$query='SELECT COUNT(trades_id) AS total_num FROM users
LEFT JOIN trades ON users.user_account_num=trades.user_account_num
GROUP BY users.user_account_num
HAVING total_num=1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if($num_rows>0){
$usersTrades1=' ('.$num_rows.')';
}
$query='SELECT COUNT(trades_id) AS total_num FROM users
LEFT JOIN trades ON users.user_account_num=trades.user_account_num
GROUP BY users.user_account_num
HAVING total_num=0';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if($num_rows>0){
$usersTrades0=' ('.$num_rows.')';
}
$adminType = array_get($_SESSION['admin'], 'type');
echo '
<div class="TabsHolder">
<div id="tabs">
<ul>
<li><a href="#TC-10" id="Tab0" rel="users.php?view=active">Accounts</a></li>
<li><a href="#TC-50" id="Tab1" rel="trades.php">Option Trades</a></li>
<li><a href="#TC-60" id="Tab2" rel="strades.php">Stock Trades</a></li>
<li><a href="#TC-70" id="Tab3" rel="transfers.php">Transfers</a></li>
<li><a href="#TC-65" id="Tab7" rel="stocks.php">Stock Management</a></li>
<li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-80" id="Tab4">Back-end Settings</a></li>
<li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-81" id="Tab8">Front-end Settings</a></li>
<li><a href="#TC-85" id="Tab5" rel="users_advisors.php">Advisors</a></li>
<li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-90" id="Tab6" rel="users_admins.php">Backend users</a></li>
<li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-92" id="Tab9">Mails</a></li>
<li><a href="#TC-93" id="Tab10" rel="logs_show.php">Logs</a></li>
<li><a href="index.php?logout=true">Sign out</a></li>
</ul>
<div id="TC-10">
<a href="users.php">List all</a> |
<a href="users.php?action=new">Add new</a> |
<a href="users.php?view=active">Active'.$usersActive.'</a> |
<a href="users.php?view=disabled">Disabled'.$usersPending.'</a> |
<a href="users.php?view=pending">Pending'.$usersDisabled.'</a> |
<a href="users.php?view=trades2">2+ trades'.$usersTrades2.'</a> |
<a href="users.php?view=trades1">1 trade'.$usersTrades1.'</a> |
<a href="users.php?view=trades0">0 trades'.$usersTrades0.'</a>
</div>
<div id="TC-50">
<a href="trades.php?action=new_buy">New BUY order</a> |
<a href="trades.php?action=list_open">New SELL order</a> |
<a href="trades.php">View all orders</a>
</div>
<div id="TC-60">
<a href="strades.php?action=new_buy">New BUY order</a> |
<a href="strades.php?action=list_open">New SELL order</a> |
<a href="strades.php?action=new_short">New SHORT order</a> |
<a href="strades.php?action=new_cover">New COVER order</a> |
<a href="strades.php">View all orders</a>
</div>
<div id="TC-65">
<a href="stocks.php?action=new_value">Add New Values</a> |
<a href="stocks.php?action=list_dates">Edit Values</a> |
<a href="stocks_edit.php">Edit All Values</a> |
<a href="stocks.php?action=new_stock">Add New Stock</a> |
<a href="stocks.php">List all stocks</a> |
<a href="stocks.php?action=force_update">Force Update Values</a>
</div>
<div id="TC-70">
<a href="transfers.php?action=new_deposit">Add new Deposit</a> |
<a href="transfers.php?action=new_withdraw">Add new Withdraw</a> |
<a href="transfers.php">View all transfers</a>
</div>
<div id="TC-85">
<a href="users_advisors.php">List all</a> |
<a href="users_advisors.php?action=new">Add new</a>
</div>
<div id="TC-93">
<a href="logs_show.php">Overview</a>
</div>';
if ($adminType == 'owner') {
echo '
<div id="TC-80">
<a href="settings_css.php">CSS Styles</a> |
<a href="settings_translations.php">Translations</a> |
<a href="commodities.php">Commodities</a> |
<a href="commodities_groups.php">Commodities - groups</a> |
<a href="expiry_dates.php">Commodities - exp. dates</a> |
<a href="settings_pdf.php">PDF Settings</a> |
<a href="pdf_templates.php">PDF Templates</a>
</div>
<div id="TC-81">
<a href="settings_header_front.php">Custom Header</a> |
<a href="settings_footer_front.php">Custom Footer</a> |
<a href="settings_css_front.php">CSS Styles</a> |
<a href="settings_translations_front.php">Translations</a> |
<a href="settings_deposit_text.php">Deposit\'s Text</a> |
<a href="settings_other.php">Other settings</a>
</div>
<div id="TC-90">
<a href="users_admins.php">List all</a> |
<a href="users_admins.php?action=new">Add new</a>
</div>
<div id="TC-92">
<a href="mails_smtp_settings.php">Mail Settings</a> |
<a href="mails_templates.php">Templates</a> |
<a href="mails_assigns.php">Mail Assigns</a> |
<a href="mails_mass.php">Mass mail</a> |
<a href="mails_outbox.php">Outbox Queue'.$mailsToSend.'</a>
</div>
';
}
echo '
</div>
</div>';
}
echo '
<div class="MainContainer">';
}else{
$db=new DBConnection();
$UserIP=GetHostByName($_SERVER["REMOTE_ADDR"]);
$query='SELECT banned_ips_id FROM banned_ips WHERE banned_ip="'.$UserIP.'" LIMIT 1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
$db->close();
if($num_rows>0) {
echo '<div class="LoginContainer"><h3>'.getLang('lform_publicbanmessage').'</h3></div>';
}else{
echo '
<div class="LoginContainer">
<h3>'.getLang('aform_title').'</h3>
'.((array_get($_GET, 'error') == 1)?'<div class="errorsHolder">Invalid username or password</div>':'').'
<form name="login_form" method="post">
<div style="float:left;">
<div class="labels">'.getLang('lform_username').':</div><br />
<div class="labels">'.getLang('lform_password').':</div>
</div>
<div style="float:left;">
<input type="text" name="l_username" class="tinputs"><br />
<input type="password" name="l_password" class="tinputs">
</div>
<input type="hidden" id="nonce" name="nonce" value="'. ulNonce::Create('login') .'" />
<br />
<input type="submit" name="_login" class="submitBtn" value="'.getLang('lform_submitbtn').'">
</form>';
}
}
}
curl_setopt($curl, CURLOPT_URL, 'http://www.marketwatch.com/investing/stock/' . $row['stocks_symbol'] . '/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
$str = curl_exec($curl);
curl_close($curl);
$html = str_get_html($str);
$pricewrap = $html->find('div.pricewrap');
if ($pricewrap) {
$current_price = $pricewrap[0]->find('p[class="data bgLast"]');
$curprice = $current_price[0]->innertext;
if ($past_price) {
$change = ($curprice - $past_price) / $past_price * 100;
$change = round($change, 2);
} else {
$change = 0;
}
$volumewrap = $html->find('p[class="lastcolumn data"]');
$current_volume = $volumewrap[1]->find('span');
$curvolume = str_replace(',', '.', $current_volume[1]->innertext);
$html->clear();
$check_exist_q = $db->rq("SELECT value FROM stock_details WHERE stocks_id='" . $row['stocks_id'] . "' and date='" . $today . "'");
$exist = $db->num_rows($check_exist_q) > 0;
if ($exist) {
$db->rq("UPDATE stock_details SET details_ref='" . $detRef . "', \n\t\tvolume='" . $curvolume . "', value='" . $curprice . "', value_change='" . $change . "' where stocks_id='" . $row['stocks_id'] . "' and date='" . $today . "'");
} else {
$db->rq("INSERT INTO stock_details SET stocks_id='" . $row['stocks_id'] . "', details_ref='" . $detRef . "', date='" . $today . "', \n\t\tvolume='" . $curvolume . "', value='" . $curprice . "', value_change='" . $change . "'");
}
}
sleep(10);
}
$db->close();
$count = 0;
while ($pagerow = $website->fetch_assoc($res)) {
if (empty($pagecontent)) {
$pagearr[$count] = $pagerow['page_id'];
$count++;
}
}
return $pagearr;
}
$pagearray = getwebsitepages($websiteid);
if (!empty($pagearray)) {
$pageid = $pagearray[0];
$website = new Website();
$res = $website->fetchpage($websiteid, $pageid);
$db = new DBConnection();
$nrow = $db->num_rows($res);
$pagerow = $website->fetch_assoc($res);
$pageid = $pagerow['page_id'];
$pagename = $pagerow['page_name'];
$pagecontent = $pagerow['page_content'];
$dbmenu = $pagerow['menu'];
} else {
echo "<script>alert('All pages insereted info you can modify that pages content')</script>";
echo "<script>window.location='viewpages.php'</script>";
}
?>
<title>Add Page</title>
<body>
<script type="text/javascript">
function check()
{
