public function proses_claim()
{
$param = $this->input->post();
$config = $this->config->item('astro');
$operator = $this->session->userdata('astrosession');
$this->load->library('form_validation');
$this->form_validation->set_rules('tgl_awal', 'Tgl Awal', 'trim|required|xss_clean');
$this->form_validation->set_rules('tgl_akhir', 'Tgl Akhir', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE) {
echo "0|" . warn_msg(validation_errors());
} else {
if ($param['bank'] != 'all' && $param['bank'] != '') {
$where2 = 'AND note =' . $this->mr->protect($param['bank']);
} else {
$where2 = '';
}
$where = "date BETWEEN " . $this->mr->protect($param['tgl_awal']) . " AND " . $this->mr->protect($param['tgl_akhir']);
$replace = $this->mr->replace('penjualan', array('debet-claimed' => 'yes'), $where);
if ($replace) {
echo '1|' . succ_msg('Berhasil merubah status pembayaran debet');
} else {
echo '1|' . err_msg('Gagal, melakukan perubahan');
}
}
}
public function tambah_stok()
{
$param = $this->input->post();
$user = $this->session->userdata('astrosession');
$this->load->library('form_validation');
$this->form_validation->set_rules('product_code', 'Produk', 'trim|required|xss_clean');
$this->form_validation->set_rules('in', 'Qty', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE) {
echo "0|" . warn_msg(validation_errors());
} else {
$produk = $this->mp->get_detail_product($param['product_code']);
$param['date'] = date('Y-m-d');
$param['status'] = 'input';
$param['reference'] = '';
$param['out'] = 0;
$param['description'] = 'Penambahan Stok' . $produk['name'];
$param['userlog'] = date('Y-m-d H:i:s');
$param['operator'] = $user[0]->uname;
$param['rak_code'] = $produk['gudang_code'];
$save = $this->mp->write('atombizz_warehouses_stok', $param);
if ($save == TRUE) {
echo "1|" . succ_msg("Stok Produk berhasil ditambahkan.");
} else {
echo "0|" . err_msg("Gagal menambahkan stok produk, periksa kembali masukan Anda");
}
}
}
public function delete($value = '')
{
$param = $this->input->post();
$delete = $this->mb->delete('atombizz_inventaris', array('id' => $param['id']));
if ($delete) {
echo '1|' . succ_msg('Berhasil menghapus data.');
} else {
echo '0|' . err_msg('Gagal menghapus data.');
}
}
public function kirim_barang()
{
$param = $this->input->post();
$replace = $this->mp->replace('atombizz_selling', array('status_pengiriman' => '1'), array('id' => $param['id']));
if ($replace) {
echo '1|' . succ_msg('Berhasil merubah status pengiriman barang.');
} else {
echo '0|' . err_msg('Gagal merubah data.');
}
}
public function delete()
{
$id = $this->input->post('id');
$where = array('id' => $id);
$delete = $this->mb->delete('atombizz_brand_converter', $where);
if ($delete) {
echo "1|" . succ_msg("Master Konversi berhasil dihapus.");
} else {
echo "0|" . err_msg("Gagal, coba periksa lagi inputan anda.");
}
}
public function checkin_guest()
{
$param = $this->input->post();
$data = array('room_number' => $param['cek_room'], 'status' => 'checkin');
$where = array('id' => $param['cek_id']);
$update = $this->mr->replace('atombizz_tmp_use_facilities', $data, $where);
if ($update) {
echo succ_msg('Pelanggan berhasil cek in.');
} else {
echo err_msg('Pelanggan tidak dapat cek in.');
}
}
public function save()
{
$user = $this->session->userdata('astrosession');
$config = $this->config->item('astro');
$param = $this->input->post();
$masuk = $keluar = 0;
if ($param['status'] == 'in') {
$masuk = $param['qty'];
} else {
$keluar = $param['qty'];
}
$stok = array('date' => date('Y-m-d'), 'status' => $param['status'], 'in' => $masuk, 'out' => $keluar, 'description' => $param['keterangan'], 'userlog' => date('Y-m-d H:i:s'), 'operator' => $user[0]->uname, 'product_code' => $param['product_code'], 'dept' => $config['bas_code_dept']);
$save = $this->mi->write('atombizz_inventaris_stok', $stok);
if ($save) {
echo '1|' . succ_msg('Berhasil menyimpan pencatatan stok barang.');
} else {
echo '0|' . err_msg('Gagal menyimpan pencatatan stok barang.');
}
}
if ($XBTT_USE) {
$dr = mysqli_fetch_array(mysqli_query($GLOBALS["___mysqli_ston"], "SELECT peer_id_ascii FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`=" . $id));
@mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM xbt_deny_from_clients WHERE peer_id=" . sqlesc($dr['peer_id_ascii']));
unset($dr);
}
@mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`=" . $id);
success_msg($language["SUCCESS"], $language["CLIENT_REMOVED"] . "<a href='{$url}'>" . $language["RETURN"] . "</a>");
stdfoot();
exit;
} else {
redirect($url);
}
}
$res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`={$id}");
if (@mysqli_num_rows($res) > 0) {
$client = array();
$i = 0;
while ($row = mysqli_fetch_assoc($res)) {
$client[$i]["client_name"] = $row["client_name"];
$client[$i]["user_agent"] = $row["user_agent"];
$client[$i]["peer_id"] = $row["peer_id"];
$client[$i]["peer_id_ascii"] = $row["peer_id_ascii"];
$client[$i]["reason"] = stripslashes($row["reason"]);
$i++;
}
$admintpl->set('client', $client);
} else {
err_msg($language["ERROR"], $language['BAD_ID']);
stdfoot();
exit;
}
function aggiungiutente()
{
global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix;
$utente = mysql_escape_string($_POST["user"]);
$pwd = mysql_escape_string($_POST["pwd"]);
$pwd1 = mysql_escape_string($_POST["pwd1"]);
$email = mysql_escape_string($_POST["email"]);
$idlangue = intval($_POST["language"]);
$idstyle = intval($_POST["style"]);
$idflag = intval($_POST["flag"]);
$timezone = intval($_POST["timezone"]);
if (strtoupper($utente) == strtoupper("Guest")) {
err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]);
stdfoot();
exit;
}
if ($pwd != $pwd1) {
err_msg($language["ERROR"], $language["DIF_PASSWORDS"]);
stdfoot();
exit;
}
if ($VALIDATION == "none") {
$idlevel = 3;
} else {
$idlevel = 2;
}
# Create Random number
$floor = 100000;
$ceiling = 999999;
srand((double) microtime() * 1000000);
$random = rand($floor, $ceiling);
if ($utente == "" || $pwd == "" || $email == "") {
return -1;
exit;
}
$res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'");
if (mysql_num_rows($res) > 0) {
return -2;
exit;
}
// valid email check - by vibes
$regex = "^[_+a-z0-9-]+(\\.[_+a-z0-9-]+)*" . "@[a-z0-9-]+(\\.[a-z0-9-]{1,})*" . "\\.([a-z]{2,}){1}\$";
if (!eregi($regex, $email)) {
return -3;
exit;
}
// valid email check end
// duplicate username
$res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'");
if (mysql_num_rows($res) > 0) {
return -4;
exit;
}
// duplicate username
if (strpos(mysql_escape_string($utente), " ") == true) {
return -7;
exit;
}
if ($USE_IMAGECODE) {
if (extension_loaded('gd')) {
$arr = gd_info();
if ($arr['FreeType Support'] == 1) {
$public = $_POST['public_key'];
$private = $_POST['private_key'];
$p = new ocr_captcha();
if ($p->check_captcha($public, $private) != true) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos(mysql_escape_string($utente), $bannedchar) == true) {
return -8;
exit;
}
if (strlen(mysql_real_escape_string($pwd)) < 4) {
return -9;
exit;
}
$pid = md5(uniqid(rand(), true));
do_sqlquery("INSERT INTO {$TABLE_PREFIX}users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('{$utente}', '" . md5($pwd) . "', {$random}, {$idlevel}, '{$email}', {$idstyle}, {$idlangue}, {$idflag}, NOW(), NOW(),'{$pid}', '" . $timezone . "')", true);
$newuid = mysql_insert_id();
// Continue to create smf members if they disable smf mode
// $test=do_sqlquery("SELECT COUNT(*) FROM {$db_prefix}members");
$test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'");
if ($FORUMLINK == "smf" || mysql_num_rows($test)) {
$smfpass = smf_passgen($utente, $pwd);
$flevel = $idlevel + 10;
do_sqlquery("INSERT INTO {$db_prefix}members (memberName, dateRegistered, ID_GROUP, realName, passwd, emailAddress, memberIP, memberIP2, is_activated, passwordSalt) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')");
$fid = mysql_insert_id();
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'");
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'");
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'");
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET smf_fid={$fid} WHERE id={$newuid}");
}
// xbt
if ($XBTT_USE) {
$resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')");
}
if ($VALIDATION == "user") {
ini_set("sendmail_from", "");
if (mysql_errno() == 0) {
send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}");
write_log("Signup new user {$utente} ({$email})", "add");
} else {
die(mysql_error());
}
}
return mysql_errno();
}
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
//by CobraCRK 21.07.2006 - www.extremeshare.org - cobracrk@yahoo.com
//converted to xbtit by cooly
if (!defined("IN_BTIT")) {
die("non direct access!");
}
global $CURUSER;
require "include/sanitize.php";
$subsedittpl = new bTemplate();
require load_language("lang_subs.php");
if ($CURUSER["can_upload"] == "no") {
err_msg(ERROR, NOT_AUTH_VIEW_NEWS);
stdfoot();
exit;
}
$action = $_GET["action"];
if ($action == "edit") {
$id = $_GET["id"];
$res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}subtitles WHERE id=" . $_GET['id']) or sqlerr();
if (mysqli_num_rows($res) != 1) {
stderr("Error", "No message with ID {$id}.");
}
$arr = mysqli_fetch_assoc($res);
if ($CURUSER["uid"] != $arr["uploader"] or $CURUSER["edit_torrents"] != "yes") {
stderr("Error", "you didnt post this!");
}
$save = (int) $_GET["save"];
public function proses_retur_out()
{
$basmalah = $this->config->item('astro');
$userlog = date('Y-m-d H:i:s');
$param = $this->input->post();
$reference = $this->input->post('reference');
$where = array('reference' => $reference);
$keterangan = 'Retur Keluar dengan referensi no ' . $reference;
$data = $this->mp->find('view_tmp_retur_out', $where);
$nominal_retur_out = 0;
foreach ($data->result_array() as $das) {
$arr_detail[] = array('reference' => $reference, 'product_id' => $das['product_id'], 'product_code' => $das['product_code'], 'product_name' => $das['product_name'], 'quantity' => $das['quantity'], 'hpp' => $das['hpp'], 'description' => $das['description'], 'brand_code' => $das['brand_code'], 'unit' => $das['unit']);
$nominal_retur_out += $das['sub_total'];
$qty = $das['quantity'];
$unit = $das['unit'];
//brand konversi stok
if ($das['brand_code'] != '') {
$query = $this->mp->find('atombizz_brand_converter', array('product_code' => $das['product_code'], 'code' => $das['brand_code']));
$konv_brand = $query->row();
$qty = $das['quantity'] * $konv_brand->qty_convertion;
$unit = $konv_brand->satuan_convertion;
}
//konversi satuan terkecil
$konv_unit = unit_converter($qty, $unit);
$data_konv = json_decode($konv_unit);
$qty = $data_konv->qty;
$unit = $data_konv->satuan;
$arr_stok[] = array('date' => $param['date'], 'status' => 'retur out', 'reference' => $reference, 'in' => 0, 'out' => $qty, 'description' => $keterangan, 'userlog' => $userlog, 'operator' => $param['operator'], 'rak_code' => $das['gudang_code'], 'product_code' => $das['product_code'], 'dept' => $basmalah['bas_code_dept']);
}
// print_r($arr_stok);exit;
$arr_retur_out = array('reference' => $reference, 'supplier_code' => $param['supplier_code'], 'supplier_name' => $param['supplier_name'], 'date' => $param['date'], 'operator' => $param['operator'], 'total' => $param['total_akhir'], 'urut' => $param['urut'], 'dept' => $basmalah['bas_code_dept'], 'userlog' => $userlog);
$save_items = $this->mp->write_batch('atombizz_retur_out_detail', $arr_detail);
if ($save_items == TRUE) {
$save_stok = $this->mp->write_batch('atombizz_warehouses_stok', $arr_stok);
if ($save_stok == TRUE) {
$save_beli = $this->mp->write('atombizz_retur_out', $arr_retur_out);
// echo $this->db->last_query();exit;
if ($save_beli == TRUE) {
$where = array('reference' => $reference);
$delete = $this->mp->delete('atombizz_retur_out_tmp', $where);
if ($delete > 0) {
$kode = 'FRO';
$data = array('kode' => $kode, 'no_referensi' => $reference, 'tanggal' => $param['date'], 'keterangan' => $keterangan, 'dept' => $basmalah['bas_code_dept'], 'person' => $param['supplier_code'], 'valid' => 'yes');
//retur
$data['debit'] = 0;
$data['kredit'] = $param['total_akhir'];
$data['no_akun'] = '330000';
$kas_acc = $this->mp->write('atombizz_accounting_buku_besar', $data);
//hutang
$data['kredit'] = 0;
$data['debit'] = $param['total_akhir'];
$data['no_akun'] = '510000';
$data['faktur'] = $reference;
$data['kode'] = 'HTG';
$save_acc = $this->mp->write('atombizz_accounting_buku_besar', $data);
if ($save_acc == TRUE) {
echo "1|" . succ_msg("Berhasil, menambahkan data retur keluar.");
} else {
echo "0|" . err_msg("Gagal, menambahkan data accounting persediaan.");
}
}
} else {
echo "0|" . err_msg("Gagal, menambahkan data retur keluar.");
}
} else {
echo "0|" . err_msg("Gagal, mengurangi data stok bahan.");
}
} else {
echo "0|" . err_msg("Gagal, menambahkan data retur keluar detail.");
}
}
<?php
if (!defined("IN_BTIT")) {
die("non direct access!");
}
require load_language("lang_staff.php");
$stafftpl = new bTemplate();
$stafftpl->set("language", $language);
if ($CURUSER["view_users"] == "no") {
err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . " " . strtolower($language["STAFF"]) . "!");
stdfoot();
exit;
} else {
$query = "SELECT u.id, u.username, u.avatar, UNIX_TIMESTAMP(u.joined) joined, ";
$query .= "UNIX_TIMESTAMP(u.lastconnect) lastconnect, ul.level, ul.prefixcolor, ";
$query .= "ul.suffixcolor, c.name country, c.flagpic, o.lastaction ";
$query .= "FROM {$TABLE_PREFIX}users u ";
$query .= "LEFT JOIN {$TABLE_PREFIX}users_level ul ON u.id_level = ul.id ";
$query .= "LEFT JOIN {$TABLE_PREFIX}countries c ON u.flag = c.id ";
$query .= "LEFT JOIN {$TABLE_PREFIX}online o ON u.id = o.user_id ";
$query .= "WHERE u.id_level >=6 ";
$query .= "AND u.id_level <=8 ";
$query .= "ORDER BY u.id_level DESC, u.id ASC";
$res = do_sqlquery($query);
$i = 0;
while ($row = mysql_fetch_assoc($res)) {
is_null($row["avatar"]) || $row["avatar"] == "" ? $avatar = "<img src='{$STYLEURL}/images/default_avatar.gif' height=80 width=80>" : ($avatar = "<img src='" . $row["avatar"] . "' height=80 width=80>");
is_null($row["lastaction"]) ? $lastseen = $row["lastconnect"] : ($lastseen = $row["lastaction"]);
time() - $lastseen > 900 ? $status = "<img src='images/offline.gif' border='0' alt='" . $language["OFFLINE"] . "'>" : ($status = "<img src='images/online.gif' border='0' alt='" . $language["ONLINE"] . "'>");
if (is_null($row["flagpic"])) {
$row["flagpic"] = "unknown.gif";
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
if ($CURUSER["view_news"] == "no") {
err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . "!");
stdfoot();
exit;
}
// global $CURUSER, $limitqry, $adm_menu, $CURRENTPATH, $TABLE_PREFIX;
// $output="";
if ($limit > 0) {
$limitqry = "LIMIT {$limit}";
}
$res = get_result("SELECT n.id, n.title, n.news,UNIX_TIMESTAMP(n.date) as news_date, u.username FROM {$TABLE_PREFIX}news n INNER JOIN {$TABLE_PREFIX}users u on u.id=n.user_id ORDER BY date DESC {$limitqry}", true, $btit_settings['cache_duration']);
// load language file
require load_language("lang_viewnews.php");
$viewnewstpl = new bTemplate();
$viewnewstpl->set("language", $language);
$viewnewstpl->set("can_edit_news", $CURUSER["edit_news"] == "yes", TRUE);
$viewnewstpl->set("can_edit_news_1", $CURUSER["edit_news"] == "yes", TRUE);
public function del_mix_bahan()
{
$param = $this->input->post();
$delete = $this->mm->delete('atombizz_mix_product', array('id' => $param['id']));
if ($delete) {
echo '1|' . succ_msg('Berhasil menghapus data mix komposisi.');
} else {
echo '0|' . err_msg('Gagal menghapus data mix komposisi.');
}
}
public function delete()
{
$id = $this->input->post('id');
$where = array('id' => $id);
$delete = $this->ksr->delete('detil-penjualan', $where);
if ($delete) {
echo "1|" . succ_msg("Pesanan berhasil dihapus.");
} else {
echo "0|" . err_msg("Gagal, coba periksa lagi inputan anda.");
}
}
if (isset($_POST['wishsend']) && $_POST['wishsend'] == "wishsend") {
if (!empty($_POST['wishtitle']) and !empty($_POST['wishcomment']) and !empty($_POST['wishgenre'])) {
$wishname = $CURUSER["username"];
$wishtitle = $_POST['wishtitle'];
$wishcomment = $_POST['wishcomment'];
$wishgenre = $_POST['wishgenre'];
mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}radio_wish (name, title, comment, genre, date)\n VALUES ('" . mysqli_real_escape_string($DBDT, $wishname) . "',\n '" . mysqli_real_escape_string($DBDT, $wishtitle) . "',\n '" . mysqli_real_escape_string($DBDT, $wishcomment) . "',\n '" . mysqli_real_escape_string($DBDT, $wishgenre) . "',\n '" . time() . "')");
//chat
$al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1");
$rw = mysqli_fetch_assoc($al);
$ct = $rw["count"] + 1;
mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text, count) VALUES (0," . time() . ",'System','[color=green]New radio request:[/color] " . $wishtitle . " - " . $wishcomment . " - " . $wishgenre . " by " . $wishname . "'," . $ct . ")");
//chat
$message = "<font color=silver>Your request has been submited to the DJ's.</font>";
} else {
err_msg($language["ERROR"], "Don't leave any fields empty !");
stdfoot();
exit;
}
}
echo "<table width=100% border=0><center><tr>";
echo $message;
echo "<form action=\"index.php?page=modules&module=Radio_request\" method=\"post\"></td>";
echo "<td class=\"header\" width=15%>Artist :</td>\n";
echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishtitle\" /></td>\n";
echo "<td class=\"header\" width=15%>Title :</td>\n";
echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishcomment\" /></td>\n";
echo "<td class=\"header\" width=15%>Genre :</td>\n";
echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishgenre\" /></td>\n";
echo "<td class=\"header\" width=15%><input type=\"hidden\" name=\"wishsend\" value=\"wishsend\">\n";
echo "<input style=\"margin : 0 auto;\" type=\"submit\" name=\"submit\" value=\"Post\"/></td>\n";
public function proses_retur_out()
{
$basmalah = $this->config->item('astro');
$userlog = date('Y-m-d H:i:s');
$param = $this->input->post();
$reference = $this->input->post('reference');
$where = array('reference' => $reference);
$keterangan = 'Distribusi dengan referensi no ' . $reference;
$data = $this->mp->find('atombizz_distribution_tmp', $where);
$nominal_retur_out = 0;
foreach ($data->result_array() as $das) {
$arr_detail[] = array('reference_no' => $reference, 'product_id' => $das['product_id'], 'product_code' => $das['product_code'], 'product_name' => $das['product_name'], 'quantity' => $das['qty_dikirim'], 'unit' => $das['unit']);
$arr_stok[] = array('date' => $param['date'], 'status' => 'distribusi', 'reference' => $reference, 'in' => 0, 'out' => $das['qty_dikirim'], 'description' => $keterangan, 'userlog' => $userlog, 'operator' => $param['operator'], 'rak_code' => 'G-001', 'product_code' => $das['product_code'], 'dept' => $basmalah['bas_code_dept']);
}
$arr_retur_out = array('reference_no' => $reference, 'penerima' => $param['penerima'], 'date' => $param['date'], 'operator' => $param['operator'], 'urut' => $param['urut'], 'dept' => $basmalah['bas_code_dept'], 'status' => 'pengajuan');
$save_items = $this->mp->write_batch('atombizz_distribution_items', $arr_detail);
if ($save_items == TRUE) {
$save_stok = $this->mp->write_batch('atombizz_warehouses_stok', $arr_stok);
if ($save_stok == TRUE) {
$save_beli = $this->mp->write('atombizz_distribution', $arr_retur_out);
// echo $this->db->last_query();exit;
if ($save_beli == TRUE) {
$where = array('reference' => $reference);
$delete = $this->mp->delete('atombizz_distribution_tmp', $where);
if ($delete > 0) {
echo "1|" . succ_msg("Berhasil, menambahkan data retur keluar.");
// $kode = 'FRO';
// $data = array(
// 'kode'=>$kode,
// 'no_referensi'=>$reference,
// 'tanggal'=>$param['date'],
// 'keterangan'=>$keterangan,
// 'dept'=>$basmalah['bas_code_dept'],
// 'person'=>$param['supplier_code'],
// 'valid'=>'yes'
// );
// //retur
// $data['debit'] = 0;
// $data['kredit'] = $param['total_akhir'];
// $data['no_akun'] = '330000';
// $kas_acc = $this->mp->write('atombizz_accounting_buku_besar',$data);
// //hutang
// $data['kredit'] = 0;
// $data['debit'] = $param['total_akhir'];
// $data['no_akun'] = '510000';
// $data['faktur'] = $reference;
// $data['kode'] = 'HTG';
// $save_acc = $this->mp->write('atombizz_accounting_buku_besar',$data);
// if ($save_acc==TRUE) {
// echo "1|".succ_msg("Berhasil, menambahkan data retur keluar.");
// } else {
// echo "0|".err_msg("Gagal, menambahkan data accounting persediaan.");
// }
}
} else {
echo "0|" . err_msg("Gagal, menambahkan data distribusi.");
}
} else {
echo "0|" . err_msg("Gagal, mengurangi data stok bahan.");
}
} else {
echo "0|" . err_msg("Gagal, menambahkan data distribusi detail.");
}
}
if ($DHT_PRIVATE) {
$alltorrent = bencode($array);
$fd = fopen($TORRENTSDIR . "/" . $hash . ".btf", "rb+");
fwrite($fd, $alltorrent);
fclose($fd);
}
// with pid system active or private flag (dht disabled), tell the user to download the new torrent
write_log("Uploaded new torrent {$filename} ({$hash})", "add");
$status = 1;
}
// Announce new Uploaded torrents in ShoutBoX start
global $BASEURL;
do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text) VALUES (0," . time() . ", 'System','[color=red]NEW TORRENT[/color]: [url={$BASEURL}/index.php?page=torrent-details&id={$hash}]" . $filename . "[/url]')");
// Announce new Uploaded torrents in ShoutBoX ends
} else {
err_msg($language["ERROR"], $language["ERR_ALREADY_EXIST"]);
unlink($_FILES["torrent"]["tmp_name"]);
stdfoot();
die;
}
} else {
$status = 0;
}
$uploadtpl = new bTemplate();
/*
Mod by losmi -sticky torrent
*/
$query = "SELECT * FROM {$TABLE_PREFIX}sticky";
$rez = do_sqlquery($query, true);
$rez = mysql_fetch_assoc($rez);
$rez_level = $rez['level'];
stderr('Error', 'You need to chose a feed type !');
}
$link = $BASEURL . '/rss_torrents.php';
if ($_POST['feed'] == 'dl') {
$query[] = 'feed=dl';
}
foreach ($_POST['cat'] as $cat) {
$query[] = 'cat[]=' . $cat;
}
$query[] = 'pid=' . user::$current['pid'];
$queries = implode('&', $query);
if ($queries) {
$link .= '?' . $queries;
}
if ($_POST['feed'] == 'dl') {
err_msg('RSS Link', 'Use the following url in your RSS reader:<br><b>' . $link . '</b><br>');
stdfoot();
exit;
} else {
header('Refresh: 0; url=' . $link);
}
}
block_begin('Get RSS');
?>
<form method='POST' action='get_rss.php'>
<table class='header' width='80%' align='center'>
<tr>
<td class='header' width='30%'>Categories:</td>
<td class='lista' width='50%'><?php
echo $catoptions;
?>
function stderr($heading, $text, $close = false)
{
err_msg($heading, $text, $close);
stdfoot(true, false);
die;
}
err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . " " . $language["NOT_USER_CLASS"]);
stdfoot();
die;
}
if ($now >= $expire || $enabled != 'yes') {
err_msg($language["ERROR"], $language["CANNOT_SELL_CLOSED"]);
stdfoot();
die;
}
if ($_POST['number'] > $purchaseable || $_POST['number'] < 1) {
err_msg($language["ERROR"], $language["LOTT_LIMIT_PURCHASE"] . " " . $purchaseable);
stdfoot();
die;
}
if ($_POST['number'] + $user_tickets > $limit_buy) {
err_msg($language["ERROR"], $language["LOTT_LIMIT_BUY"] . " " . $limit_buy);
stdfoot();
die;
}
$upload = $result["uploaded"] - $minupload * $_POST['number'];
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `uploaded`=" . $upload . " WHERE `id`=" . $CURUSER['uid'] . "", true);
$tickets = $_POST['number'];
for ($i = 0; $i < $tickets; $i++) {
do_sqlquery("INSERT INTO {$TABLE_PREFIX}lottery_tickets(user) VALUES(" . $CURUSER['uid'] . ")", true);
}
$me = mysqli_num_rows(do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}lottery_tickets` WHERE user="******"", true));
// load language file
require load_language("lang_lottery.php");
$ticketstpl = new bTemplate();
$ticketstpl->set("language", $language);
$ticketstpl->set("nr_tickets", $tickets);
public function hapus_data()
{
$param = $this->input->post();
$delete = $this->mp->delete('atombizz_accounting_buku_besar', array('id' => $param['id']));
if ($delete) {
echo "1|" . succ_msg("Transaksi berhasil dihapus.");
} else {
echo "0|" . err_msg("Gagal menghapus Transaksi.");
}
}
<?php
//데이터베이스 서버에 연결함
if (!isset($_SESSION)) {
session_start();
}
include "php/config.php";
include "php/util.php";
if (!isset($_SESSION["id"])) {
err_msg('You must first login');
}
$mysqli = mysqli_connect("14.63.223.180", "root", "haniumwaschool", "waschool");
mysqli_query($mysqli, "set names utf8;");
//디비에 있는 마일리지를 가져옴
$get_studentscore_sql = "SELECT subject, name, score, DATE_FORMAT(papersendtime,'%b %e %Y')AS fmt_papersend_time from studentscore order by papersendtime asc";
$get_studentscore_res = mysqli_query($mysqli, $get_studentscore_sql) or die(mysqli_error($mysqli));
if (mysqli_num_rows($get_studentscore_res) < 1) {
//마일리지가 없을 경우에 출력할 메시지를 채움
$display_block = "<p><em>No submit score exist</em></p>";
} else {
//마일리지를 출력함
$display_block = "\r\n<table cellpadding=\"3\" cellspacing=\"1\" border=\"1\">\r\n<tr>\r\n<th>과제받은날짜</th>\r\n<th>과목</th>\r\n<th>점수</th>\r\n</tr>";
while ($studentscore_info = mysqli_fetch_array($get_studentscore_res)) {
$papersendtime = $studentscore_info['fmt_papersend_time'];
//학습지제출한시간
$subject = $studentscore_info['subject'];
//과목
$name = $studentscore_info['name'];
//이름
$score = $studentscore_info['score'];
//점수
}
$torrentperpage = user::$current["torrentsperpage"];
if ($torrentperpage == 0) {
$torrentperpage = $ntorrents == 0 ? 15 : $ntorrents;
}
// Fixed possible SQL injection (thanks to jeremie78)
$accepted_orders = array('speed', 'dwned', 'finished', 'leechers', 'seeds', 'size', 'data', 'filename', 'cname');
$order = isset($_GET['order']) && in_array($_GET['order'], $accepted_orders) ? $db->real_escape_string($_GET['order']) : 'data';
$by = isset($_GET["by"]) && $db->real_escape_string($_GET["by"]) == 'ASC' ? 'ASC' : 'DESC';
list($pagertop, $limit) = misc::pager($torrentperpage, $count, $scriptname . "?" . $addparam . (utf8::strlen($addparam) > 0 ? "&" : "") . "order=" . $order . "&by=" . $by . "&");
if ($SHOW_UPLOADER) {
$query = "SELECT summary.info_hash AS hash, summary.seeds, summary.leechers, summary.finished AS finished, summary.dlbytes AS dwned, namemap.filename, namemap.url, namemap.info, namemap.anonymous, summary.speed, UNIX_TIMESTAMP( namemap.data ) AS added, categories.image, categories.name AS cname, namemap.category AS catid, namemap.size, namemap.external, namemap.uploader AS upname, users.username AS uploader, prefixcolor, suffixcolor FROM summary LEFT JOIN namemap ON summary.info_hash = namemap.info_hash LEFT JOIN categories ON categories.id = namemap.category LEFT JOIN users ON users.id = namemap.uploader LEFT JOIN users_level ON users.id_level=users_level.id " . $where . " ORDER BY " . $order . " " . $by . " " . $limit;
} else {
$query = "SELECT summary.info_hash AS hash, summary.seeds, summary.leechers, summary.finished AS finished, summary.dlbytes AS dwned, namemap.filename, namemap.url, namemap.info, summary.speed, UNIX_TIMESTAMP( namemap.data ) AS added, categories.image, categories.name AS cname, namemap.category AS catid, namemap.size, namemap.external, namemap.uploader FROM summary LEFT JOIN namemap ON summary.info_hash = namemap.info_hash LEFT JOIN categories ON categories.id = namemap.category " . $where . " ORDER BY " . $order . " " . $by . " " . $limit;
}
$results = $db->query($query) or err_msg(ERROR, CANT_DO_QUERY . "<br />" . $query);
}
$i = 0;
if ($by == "ASC") {
$mark = " ↑";
} else {
$mark = " ↓";
}
?>
</tr>
<tr>
<td colspan='2' align='center'><?php
echo $pagertop;
?>
</td>
</tr>
mysql_query($sql) or die(mysql_error());
if (mysql_affected_rows() > 0) {
header('Location: thread.php?tid=' . $tid);
} else {
err_msg("Reply not exist or no permission.");
}
}
if ($_REQUEST['target'] == 'thread') {
$tid = $_REQUEST['tid'];
$toplevel = -1;
$stat = -1;
if ($_REQUEST['action'] == 'sticky') {
if (array_key_exists('level', $_REQUEST) && is_numeric($_REQUEST['level']) && $_REQUEST['level'] >= 0 && $_REQUEST['level'] < 4) {
$toplevel = $_REQUEST['level'];
} else {
err_msg("Invalid sticky level.");
}
}
if ($_REQUEST['action'] == 'resume') {
$stat = 0;
}
if ($_REQUEST['action'] == 'lock') {
$stat = 1;
}
if ($_REQUEST['action'] == 'delete') {
$stat = 2;
}
if (!isset($_SESSION['administrator'])) {
errmsg("<a href=./loginpage.php>Please Login First</a>");
}
if ($toplevel == -1 && $stat == -1) {
if (isset($dob)) {
$set[] = "dob='{$dob}'";
}
$updateset = implode(",", $set);
// Reverify Mail Hack by Petr1fied - Start --->
// If they've tried to change their e-mail, give them a message telling them as much
if ($email != "" && $VALIDATION == "user" && $email != $CURUSER["email"]) {
success_msg($language["EMAIL_VERIFY_BLOCK"], "" . $language["EMAIL_VERIFY_SENT1"] . " " . $email . " " . $language["EMAIL_VERIFY_SENT2"] . "<a href=\"" . $BASEURL . "\">" . $language["MNU_INDEX"] . "</a>");
stdfoot(true, false);
exit;
} elseif ($updateset = implode(",", $set)) {
}
// <--- Reverify Mail Hack by Petr1fied - End
$park = $_POST['park'];
if (!is_numeric($park)) {
err_msg(ERROR, "Something went wrong");
stdfoot();
exit;
}
if ($updateset != "") {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET {$updateset} WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
if ($park == 0) {
$r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT parked from {$TABLE_PREFIX}users where id = {$uid}");
$p = mysqli_result($r, 0, "parked");
if ($p != 0) {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level={$p} WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET parked='0' WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
}
} else {
$r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id_level from {$TABLE_PREFIX}users where id = {$uid}");
$cc = mysqli_result($r, 0, "id_level");
function stderr($heading, $text)
{
err_msg($heading, $text);
stdfoot();
die;
}
if ($_POST["old_pwd"] == "") {
err_msg($language["ERROR"], $language["INS_OLD_PWD"]);
stdfoot();
exit;
} elseif ($_POST["new_pwd"] == "") {
err_msg($language["ERROR"], $language["INS_NEW_PWD"]);
stdfoot();
exit;
} elseif ($_POST["new_pwd"] != $_POST["new_pwd1"]) {
err_msg($language["ERROR"], $language["DIF_PASSWORDS"]);
stdfoot();
exit;
} else {
$respwd = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}users WHERE id={$uid} AND password='******' AND username="******"username"]) . "");
if (!$respwd || mysql_num_rows($respwd) == 0) {
err_msg($language["ERROR"], $language["ERR_RETR_DATA"]);
} else {
$arr = mysql_fetch_assoc($respwd);
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET password='******' WHERE id={$uid} AND password='******' AND username="******"username"]) . "") or die(mysql_error());
if ($GLOBALS["FORUMLINK"] == "smf") {
$passhash = smf_passgen($CURUSER["username"], $_POST["new_pwd"]);
do_sqlquery("UPDATE {$db_prefix}members SET passwd='{$passhash['0']}', passwordSalt='{$passhash['1']}' WHERE ID_MEMBER=" . $arr["smf_fid"]) or die(mysql_error());
}
success_msg($language["PWD_CHANGED"], "" . $language["NOW_LOGIN"] . "<br /><a href=\"index.php?page=login\">Go</a>");
stdfoot(true, false);
}
}
break;
case '':
case 'change':
default:
break;
case "delete":
$id = intval($_GET["id"]);
// control if there are posts/topics
$resforum = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT *,IF((SELECT COUNT(*) FROM {$TABLE_PREFIX}forums WHERE id_parent={$id})>0,1,0) as i_am_parent FROM {$TABLE_PREFIX}forums WHERE id={$id}");
if ($_GET["confirm"] == 1) {
mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}posts WHERE topicid IN (SELECT id FROM {$TABLE_PREFIX}topics WHERE forumid={$id})") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}topics WHERE forumid={$id}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}forums WHERE id={$id}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
redirect("index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=read");
exit;
}
if ($resforum) {
$result = mysqli_fetch_assoc($resforum);
if ($result["i_am_parent"]) {
err_msg($language["WARNING"], $language["FORUM_ERR_CANNOT_DELETE_PARENT"]);
stdfoot(false, false, true);
exit;
} elseif ($result["topiccount"] > 0 || $result["postcount"] > 0) {
$msg = $language["FORUM_PRUNE_1"];
$msg .= $language["FORUM_PRUNE_2"] . " <a href=\"index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=delete&id={$id}&confirm=1\">" . $language["CLICK_HERE"] . "</a>";
$msg .= ",<br />" . $language["FORUM_PRUNE_3"];
err_msg($language["WARNING"], $msg);
stdfoot(false, false, true);
exit;
} else {
redirect("index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=delete&id={$id}&confirm=1");
exit;
}
}
}
do_sqlquery("DELETE FROM {$TABLE_PREFIX}bannedip WHERE id=" . $id, true);
success_msg($language["SUCCESS"], $language["BAN_DELETED"]);
stdfoot(true, false);
break;
case 'write':
if ($_POST['firstip'] == "" || $_POST['lastip'] == "") {
stderr($language["ERROR"], $language["BAN_NO_IP_WRITE"]);
} else {
//ban the ip for real
$firstip = $_POST["firstip"];
$lastip = $_POST["lastip"];
$comment = $_POST["comment"];
$firstip = sprintf("%u", ip2long($firstip));
$lastip = sprintf("%u", ip2long($lastip));
if ($firstip == -1 || $lastip == -1) {
err_msg($language["ERROR"], $language["BAN_IP_ERROR"]);
} else {
$comment = sqlesc($comment);
$added = sqlesc(time());
do_sqlquery("INSERT INTO {$TABLE_PREFIX}bannedip (added, addedby, first, last, comment) VALUES({$added}, {$CURUSER['uid']}, {$firstip}, {$lastip}, {$comment})", true);
}
}
// don't break, so now we read directly ;)
// don't break, so now we read directly ;)
case '':
case 'read':
default:
$banned = array();
$getbanned = do_sqlquery("SELECT b.*, u.username FROM {$TABLE_PREFIX}bannedip b LEFT JOIN {$TABLE_PREFIX}users u ON u.id=b.addedby ORDER BY b.added DESC", true);
$rowsbanned = @mysql_num_rows($getbanned);
$admintpl->set("frm_action", "index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=banip&action=write");
