<?php
require "../../frame/engine.php";
ENGINE::START("HASH");
$Hash = new PasswordHash(8, true);
$USER = $_POST['usr'];
$USER_CLEAN = STRTOLOWER($USER);
$PASS = $_POST['pas'];
if (empty($USER) && empty($PASS)) {
die('e1437');
} else {
$R = MYSQL::QUERY("SELECT * FROM core_users WHERE username_clean = ? LIMIT 1", array($USER_CLEAN));
if (empty($R)) {
die('e1435');
} else {
if (!$Hash->CheckPassword($PASS, $R['password'])) {
die('e1436');
} else {
$S = MYSQL::QUERY('SELECT * FROM core_stores WHERE s_id = ? LIMIT 1', array($R['store']));
DATE_DEFAULT_TIMEZONE_SET($S['s_timezone']);
USER::LOG("Logged In", $R['user_id']);
$SES_EXP = TIME() + 43200;
$SES_GEN = FORMAT::SES(50);
$params = array($SES_GEN, $R['user_id'], $SES_EXP, $SES_GEN, $SES_EXP);
MYSQL::QUERY('INSERT INTO core_users_sessions (session_key,session_user,session_experation) VALUES (?,?,?) ON DUPLICATE KEY UPDATE session_key=?,session_experation=?', $params);
setcookie("core_u", $params[1], $SES_EXP, '/');
setcookie("core_k", $params[0], $SES_EXP, '/');
echo 's1434';
}
}
}
public static function ITEM($ticket, $user, $Model, $part, $type, $release, $bp = false)
{
$Item = MYSQL::QUERY("SELECT * FROM device_parts WHERE p_id = ? LIMIT 1", array($part));
$Stock = MYSQL::QUERY("SELECT * FROM inventory_stock WHERE item = ? AND store = ? LIMIT 1", array($part, $user['store']));
$Type = MYSQL::QUERY("SELECT * FROM device_categories WHERE c_id = ? LIMIT 1", array($type));
$reset = false;
if (empty($Stock['quantity'])) {
$Stock['quantity'] = 0;
}
if ($Stock['quantity'] <= 0) {
if ($Stock['modified'] < Date("Y-m-d H:i:s", strtotime('-2 weeks')) || $Stock['price'] <= 0) {
$reset = true;
}
}
if (!empty($Stock)) {
if ($reset == false) {
$yearm = Date("Y") - $release[2];
$yearm = $yearm * 10;
$yearm = $Type['c_fee'] - $yearm;
if (!$Model['m_override'] == "0") {
$price = explode("/", $Model['m_override']);
if ($price[0] == "plus") {
$total = number_format(ceil($Stock['price'] / 10) * 10 + ($yearm + $price[1]), 2, '.', '');
} else {
if ($price[0] == "minus") {
$total = number_format(ceil($Stock['price'] / 10) * 10 + ($yearm - $price[1]), 2, '.', '');
} else {
if ($price[0] == "equal") {
$total = number_format(ceil($Stock['price'] / 10) * 10 + $price[1], 2, '.', '');
} else {
if ($price[0] == "override") {
$total = number_format($price[1], 2, '.', '');
}
}
}
}
} else {
$total = number_format(ceil($Stock['price'] / 10) * 10 + $yearm, 2, '.', '');
}
if ($total <= 40) {
$total = 40;
}
echo '
<div id="it-' . $part . '" data-price="' . $total . '" style="overflow:hidden;">
<img src="../core/images/iks.png" border="0" style="float:left;padding:2px;cursor:pointer;" onClick="RemoveEstimate($(this), ' . "'" . $ticket . "'" . ')" />
<font class="aname" style="width:70%;border-bottom: 1px solid #E0E0E0;">' . $Item['p_name'] . '</font>
<font class="bname pprice">' . $total . '</font>
</div>
';
}
} else {
$reset = true;
}
if ($reset == true) {
$ses = FORMAT::SES(9);
echo '
<div id="it-' . $part . '" data-price="0" style="overflow:hidden;">
<img src="../core/images/iks.png" border="0" style="float:left;padding:2px;cursor:pointer;" onClick="RemoveEstimate($(this), ' . $ticket . ')" />
<font class="aname" style="width:70%;border-bottom: 1px solid #E0E0E0;">' . $Item['p_name'] . '</font>
<font class="bname pprice" id="ses' . $ses . '">Waiting for Manager</font>
</div>
';
MYSQL::QUERY("REPLACE INTO inventory_stock (store,item,quantity,price,supplier,modified,ses) VALUES (?,?,?,?,?,?,?)", array($user['store'], $part, 0, 0, 0, Date("Y-m-d H:i:s"), $ses));
$sesclean = "'" . $ses . "'";
$template = '<b>From: ' . $user['username'] . '</b><br/>' . $Model['m_name'] . ' ' . $Item['p_name'] . '<br/><br/><input type="text" placeholder="0.00" id="send' . $ses . '"><button onClick="SendPrice(' . $sesclean . ', ' . $user['user_id'] . ', ' . "'" . $Model['m_date'] . "'" . ', ' . $Model['m_type'] . ', $(this), ' . "'" . $Model['m_override'] . "'" . ')">Send</button>';
$params = array($user['store_info']['s_manager'], "Price Request", $template, $user['user_id'], Date("Y-m-d H:i:s"));
$Main = MYSQL::QUERY("INSERT INTO core_messages (m_to,m_from,m_message,m_from_avatar,m_sent) VALUES (?,?,?,?,?)", $params, true);
}
}
$pm2cost = $_POST['pm2cost'];
$totalcost = $_POST['totalcost'];
$totaltax = $_POST['totaltax'];
$tid = $_POST['ticket'];
$time = $_POST['checkouttime'];
if ($pm2cost <= 0.0 || $pm2cost == '') {
$pm2 = 'None';
}
if (!$pm2 == 'None') {
$paymentmethod = $pm1 . ' (' . $pm1cost . '), ' . $pm2 . ' (' . $pm2cost . ')';
} else {
$paymentmethod = $pm1;
}
$items = $_POST['items'];
$itemscut = explode("|", $items);
$ses = FORMAT::SES(10);
$T = ENGINE::TICKET($tid, 3);
$return = MYSQL::QUERY("INSERT INTO core_checkout_sessions (customer, items, pm_1, pm_1_cost, pm_2, pm_2_cost, ses, s_id, d_date) VALUES (?,?,?,?,?,?,?,?,?)", array($T['t_customer'], $items, $pm1, $pm1cost, $pm2, $pm2cost, $ses, $user['store'], Date("Y-m-d H:i:s")));
echo "\n <style>\n .escca td{\n border-top: 0px;\n border-right: 0px;\n }\n </style>\n ";
$content = "\n <center style='width:724px;'>\n <table border='1' cellspacing='0' id='Header-Table' class='escca' style='margin-top:10px;border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;'>\n\t <thead>\n\t\t <tr>\n\t\t\t <td style='width:150px;height:150px;border-right:0px none;'><img src='https://my-cpr.com/cprlogo.jpg' border='0'></td>\n\t\t\t\t <td style='border-left:0px none;border-right:0px none;text-align:center;'>\n\t\t\t\t <div style='font-size:28px;'>\n\t\t\t\t\t <label style='font-size:32px;'><b>" . $user['store_info']['s_header'] . "</b></label><br/>\n\t\t\t\t\t\t <label style='font-size:24px;'>Contact our " . $user['store_info']['s_name'] . " Location at</label><br/>\n\t\t\t\t\t\t <label>" . FORMAT::PHONE($user['store_info']['s_phone']) . "</label><br/>\n\t\t\t\t\t\t <label><b>" . $user['store_info']['s_website'] . "</b></label>\n\t\t\t\t\t </div>\n\t\t\t\t </td>\n\t\t\t </tr>\n\t\t </thead>\n\t </table>\n\t <table border='1' cellspacing='0' id='Customer-Table' class='escca' style='border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;border-top:0px none;'>\n\t <tbody>\n\t\t <tr>\n\t\t\t <td><b>Name</b></td>\n\t\t\t\t <td><b>Phone Number</b></td>\n\t\t\t\t <td><b>Date (M/D/Y)</b></td>\n\t\t\t\t <td><b>Time</b></td>\n\t\t\t </tr>\n\t\t\t <tr style='font-family:Courier, monospace;'>\n\t\t\t <td>" . $T['c_name'] . "</td>\n\t\t\t\t <td>" . FORMAT::PHONE($T['c_phone']) . "</td>\n\t\t\t\t <td>" . Date('m/d/y') . "</td>\n\t\t\t\t <td>" . Date('h:i A') . "</td>\n\t\t\t </tr>\n\t\t </tbody>\n\t </table>\n <table border='1' cellspacing='0' id='Device-Table' class='escca' style='border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;border-top:0px none;'>\n\t <thead>\n\t\t <tr>\n\t\t\t <td><b>Service/Item<b/></td>\n\t\t\t\t\t <td style='width:60px'><center><b>Physical</b></center></td>\n\t\t\t\t <td style='width:60px'><center><b>Software</b></center></td>\n\t\t\t\t\t\t<td><b>Cost</b></td>\n\t\t\t </tr>\n\t\t </thead>\n\t\t <tbody style='font-family:Courier, monospace;'>\n\t\t\t\t\t";
$nontaxable = '';
$taxable = '';
$itemscheckedout = 0;
foreach ($itemscut as $item) {
$itemscheckedout++;
$split = explode("/", $item);
$b = explode("-", $split[0]);
if ($b[0] == "ti") {
$NT = MYSQL::QUERY("SELECT t_phy, t_liq, t_sof FROM core_tickets_checkout WHERE t_id = ? LIMIT 1;", array($b[1]));
if ($NT['t_liq'] == 1) {
$warr = false;
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0, TRUE);
$amount = $_POST['device_amount'];
$customer = $_POST['customerid'];
$ses = FORMAT::SES(12);
$params = array();
$date = Date("Y-m-d H:i:s");
$query = 'INSERT INTO core_tickets_estimate (t_customer,t_manufacturer,t_model,t_imei,t_password,t_phy,t_liq,t_sof,t_created_by,t_store,t_session,t_created) VALUES ';
$modelsused = array();
if (isset($_POST["customerid"])) {
$i = 1;
while ($i <= $amount) {
if (isset($_POST["manu{$i}"])) {
if (isset($_POST["model{$i}"])) {
if (isset($_POST["imei{$i}"])) {
if (isset($_POST["issue{$i}"])) {
if (isset($_POST["pass{$i}"])) {
if (isset($_POST["phy{$i}"])) {
$phy = 1;
} else {
$phy = 2;
}
if (isset($_POST["liq{$i}"])) {
$liq = 1;
} else {
$liq = 2;
}
if (isset($_POST["sof{$i}"])) {
