<?php require "../../frame/engine.php"; ENGINE::START("HASH"); $Hash = new PasswordHash(8, true); $USER = $_POST['usr']; $USER_CLEAN = STRTOLOWER($USER); $PASS = $_POST['pas']; if (empty($USER) && empty($PASS)) { die('e1437'); } else { $R = MYSQL::QUERY("SELECT * FROM core_users WHERE username_clean = ? LIMIT 1", array($USER_CLEAN)); if (empty($R)) { die('e1435'); } else { if (!$Hash->CheckPassword($PASS, $R['password'])) { die('e1436'); } else { $S = MYSQL::QUERY('SELECT * FROM core_stores WHERE s_id = ? LIMIT 1', array($R['store'])); DATE_DEFAULT_TIMEZONE_SET($S['s_timezone']); USER::LOG("Logged In", $R['user_id']); $SES_EXP = TIME() + 43200; $SES_GEN = FORMAT::SES(50); $params = array($SES_GEN, $R['user_id'], $SES_EXP, $SES_GEN, $SES_EXP); MYSQL::QUERY('INSERT INTO core_users_sessions (session_key,session_user,session_experation) VALUES (?,?,?) ON DUPLICATE KEY UPDATE session_key=?,session_experation=?', $params); setcookie("core_u", $params[1], $SES_EXP, '/'); setcookie("core_k", $params[0], $SES_EXP, '/'); echo 's1434'; } } }
public static function ITEM($ticket, $user, $Model, $part, $type, $release, $bp = false) { $Item = MYSQL::QUERY("SELECT * FROM device_parts WHERE p_id = ? LIMIT 1", array($part)); $Stock = MYSQL::QUERY("SELECT * FROM inventory_stock WHERE item = ? AND store = ? LIMIT 1", array($part, $user['store'])); $Type = MYSQL::QUERY("SELECT * FROM device_categories WHERE c_id = ? LIMIT 1", array($type)); $reset = false; if (empty($Stock['quantity'])) { $Stock['quantity'] = 0; } if ($Stock['quantity'] <= 0) { if ($Stock['modified'] < Date("Y-m-d H:i:s", strtotime('-2 weeks')) || $Stock['price'] <= 0) { $reset = true; } } if (!empty($Stock)) { if ($reset == false) { $yearm = Date("Y") - $release[2]; $yearm = $yearm * 10; $yearm = $Type['c_fee'] - $yearm; if (!$Model['m_override'] == "0") { $price = explode("/", $Model['m_override']); if ($price[0] == "plus") { $total = number_format(ceil($Stock['price'] / 10) * 10 + ($yearm + $price[1]), 2, '.', ''); } else { if ($price[0] == "minus") { $total = number_format(ceil($Stock['price'] / 10) * 10 + ($yearm - $price[1]), 2, '.', ''); } else { if ($price[0] == "equal") { $total = number_format(ceil($Stock['price'] / 10) * 10 + $price[1], 2, '.', ''); } else { if ($price[0] == "override") { $total = number_format($price[1], 2, '.', ''); } } } } } else { $total = number_format(ceil($Stock['price'] / 10) * 10 + $yearm, 2, '.', ''); } if ($total <= 40) { $total = 40; } echo ' <div id="it-' . $part . '" data-price="' . $total . '" style="overflow:hidden;"> <img src="../core/images/iks.png" border="0" style="float:left;padding:2px;cursor:pointer;" onClick="RemoveEstimate($(this), ' . "'" . $ticket . "'" . ')" /> <font class="aname" style="width:70%;border-bottom: 1px solid #E0E0E0;">' . $Item['p_name'] . '</font> <font class="bname pprice">' . $total . '</font> </div> '; } } else { $reset = true; } if ($reset == true) { $ses = FORMAT::SES(9); echo ' <div id="it-' . $part . '" data-price="0" style="overflow:hidden;"> <img src="../core/images/iks.png" border="0" style="float:left;padding:2px;cursor:pointer;" onClick="RemoveEstimate($(this), ' . $ticket . ')" /> <font class="aname" style="width:70%;border-bottom: 1px solid #E0E0E0;">' . $Item['p_name'] . '</font> <font class="bname pprice" id="ses' . $ses . '">Waiting for Manager</font> </div> '; MYSQL::QUERY("REPLACE INTO inventory_stock (store,item,quantity,price,supplier,modified,ses) VALUES (?,?,?,?,?,?,?)", array($user['store'], $part, 0, 0, 0, Date("Y-m-d H:i:s"), $ses)); $sesclean = "'" . $ses . "'"; $template = '<b>From: ' . $user['username'] . '</b><br/>' . $Model['m_name'] . ' ' . $Item['p_name'] . '<br/><br/><input type="text" placeholder="0.00" id="send' . $ses . '"><button onClick="SendPrice(' . $sesclean . ', ' . $user['user_id'] . ', ' . "'" . $Model['m_date'] . "'" . ', ' . $Model['m_type'] . ', $(this), ' . "'" . $Model['m_override'] . "'" . ')">Send</button>'; $params = array($user['store_info']['s_manager'], "Price Request", $template, $user['user_id'], Date("Y-m-d H:i:s")); $Main = MYSQL::QUERY("INSERT INTO core_messages (m_to,m_from,m_message,m_from_avatar,m_sent) VALUES (?,?,?,?,?)", $params, true); } }
$pm2cost = $_POST['pm2cost']; $totalcost = $_POST['totalcost']; $totaltax = $_POST['totaltax']; $tid = $_POST['ticket']; $time = $_POST['checkouttime']; if ($pm2cost <= 0.0 || $pm2cost == '') { $pm2 = 'None'; } if (!$pm2 == 'None') { $paymentmethod = $pm1 . ' (' . $pm1cost . '), ' . $pm2 . ' (' . $pm2cost . ')'; } else { $paymentmethod = $pm1; } $items = $_POST['items']; $itemscut = explode("|", $items); $ses = FORMAT::SES(10); $T = ENGINE::TICKET($tid, 3); $return = MYSQL::QUERY("INSERT INTO core_checkout_sessions (customer, items, pm_1, pm_1_cost, pm_2, pm_2_cost, ses, s_id, d_date) VALUES (?,?,?,?,?,?,?,?,?)", array($T['t_customer'], $items, $pm1, $pm1cost, $pm2, $pm2cost, $ses, $user['store'], Date("Y-m-d H:i:s"))); echo "\n <style>\n .escca td{\n border-top: 0px;\n border-right: 0px;\n }\n </style>\n "; $content = "\n <center style='width:724px;'>\n <table border='1' cellspacing='0' id='Header-Table' class='escca' style='margin-top:10px;border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;'>\n\t <thead>\n\t\t <tr>\n\t\t\t <td style='width:150px;height:150px;border-right:0px none;'><img src='https://my-cpr.com/cprlogo.jpg' border='0'></td>\n\t\t\t\t <td style='border-left:0px none;border-right:0px none;text-align:center;'>\n\t\t\t\t <div style='font-size:28px;'>\n\t\t\t\t\t <label style='font-size:32px;'><b>" . $user['store_info']['s_header'] . "</b></label><br/>\n\t\t\t\t\t\t <label style='font-size:24px;'>Contact our " . $user['store_info']['s_name'] . " Location at</label><br/>\n\t\t\t\t\t\t <label>" . FORMAT::PHONE($user['store_info']['s_phone']) . "</label><br/>\n\t\t\t\t\t\t <label><b>" . $user['store_info']['s_website'] . "</b></label>\n\t\t\t\t\t </div>\n\t\t\t\t </td>\n\t\t\t </tr>\n\t\t </thead>\n\t </table>\n\t <table border='1' cellspacing='0' id='Customer-Table' class='escca' style='border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;border-top:0px none;'>\n\t <tbody>\n\t\t <tr>\n\t\t\t <td><b>Name</b></td>\n\t\t\t\t <td><b>Phone Number</b></td>\n\t\t\t\t <td><b>Date (M/D/Y)</b></td>\n\t\t\t\t <td><b>Time</b></td>\n\t\t\t </tr>\n\t\t\t <tr style='font-family:Courier, monospace;'>\n\t\t\t <td>" . $T['c_name'] . "</td>\n\t\t\t\t <td>" . FORMAT::PHONE($T['c_phone']) . "</td>\n\t\t\t\t <td>" . Date('m/d/y') . "</td>\n\t\t\t\t <td>" . Date('h:i A') . "</td>\n\t\t\t </tr>\n\t\t </tbody>\n\t </table>\n <table border='1' cellspacing='0' id='Device-Table' class='escca' style='border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;border-top:0px none;'>\n\t <thead>\n\t\t <tr>\n\t\t\t <td><b>Service/Item<b/></td>\n\t\t\t\t\t <td style='width:60px'><center><b>Physical</b></center></td>\n\t\t\t\t <td style='width:60px'><center><b>Software</b></center></td>\n\t\t\t\t\t\t<td><b>Cost</b></td>\n\t\t\t </tr>\n\t\t </thead>\n\t\t <tbody style='font-family:Courier, monospace;'>\n\t\t\t\t\t"; $nontaxable = ''; $taxable = ''; $itemscheckedout = 0; foreach ($itemscut as $item) { $itemscheckedout++; $split = explode("/", $item); $b = explode("-", $split[0]); if ($b[0] == "ti") { $NT = MYSQL::QUERY("SELECT t_phy, t_liq, t_sof FROM core_tickets_checkout WHERE t_id = ? LIMIT 1;", array($b[1])); if ($NT['t_liq'] == 1) { $warr = false;
<?php require "../../../frame/engine.php"; ENGINE::START(); $user = USER::VERIFY(0, TRUE); $amount = $_POST['device_amount']; $customer = $_POST['customerid']; $ses = FORMAT::SES(12); $params = array(); $date = Date("Y-m-d H:i:s"); $query = 'INSERT INTO core_tickets_estimate (t_customer,t_manufacturer,t_model,t_imei,t_password,t_phy,t_liq,t_sof,t_created_by,t_store,t_session,t_created) VALUES '; $modelsused = array(); if (isset($_POST["customerid"])) { $i = 1; while ($i <= $amount) { if (isset($_POST["manu{$i}"])) { if (isset($_POST["model{$i}"])) { if (isset($_POST["imei{$i}"])) { if (isset($_POST["issue{$i}"])) { if (isset($_POST["pass{$i}"])) { if (isset($_POST["phy{$i}"])) { $phy = 1; } else { $phy = 2; } if (isset($_POST["liq{$i}"])) { $liq = 1; } else { $liq = 2; } if (isset($_POST["sof{$i}"])) {