echo json_encode($result); exit; } if ('' == $game) { $game = "兵锋王座"; } if ('' == $room) { $room = "兵者之心"; } $result["ret"] = "0"; $result["game"] = $game; $result["room"] = $room; $result["value"] = $value; $codes = array(); for ($i = 0; $i < $amount; $i++) { $code = genCode(); $var = $db->get_var("SELECT count(*) FROM goldcode where code='{$code}'"); if (0 == $var) { $codes[$i] = $code; $db->query("INSERT INTO goldcode (code,value,game,room) VALUES ('{$code}','{$value}','{$game}','{$room}')"); } else { $i--; } } $result["codes"] = $codes; } else { if ($act = "usecode") { $row = $db->get_row("SELECT `code`,`value` FROM goldcode where " . " `code`='{$code}' and `valid`=1 and `game`='{$game}' and `room`='{$room}'"); if (null != $row) { $result["ret"] = "0"; $result["game"] = $game;
$control = "Пользователя с таким логином не существует"; return $control; } if($hashInput != $hashLoad) { $control = "Неправильный логин или пароль! Проверьте правильность введенных данных."; return $control; } } $q = $mysqli->query("SELECT * FROM Users WHERE login = '******'"); $user = $q->fetch_assoc(); $control = control($login, $password, $user); if (!$control){ $_SESSION['login'] = $user['login']; $token = $_SESSION['token'] = md5(uniqid(genCode())); $q = $mysqli->query("UPDATE Users SET token = '$token' WHERE login = '******'"); $link = $_SESSION['link']; unset($_SESSION['link']); if($link == '/authorization'){ $link = '/main'; } inputNotice('Вы успешно авторизировались'); header("Location: $link"); exit; } else{ inputNotice($control); }
$doc = str_replace($val, '-', $doc); } } unset($matches); unset($tables); unset($results); } // pdf --------------------------------------- if (isset($_REQUEST['retPdf'])) { $frmt = '<meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="es" http-equiv="Content-Language">'; if ($_SERVER['HTTP_HOST'] != 'localhost') { $doc = str_replace('http://localhost/php', 'http://' . $_SERVER['HTTP_HOST'], $doc); } chdir('../../../../cgi_bin'); // wkhtmltopdf $fName = genCode(4); file_put_contents('tmp/' . $fName . '.html', $frmt . $doc); if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $resVal = exec('wkhtmltopdf.exe --zoom 1 --enable-plugins "tmp/' . $fName . '.html" tmp/' . $fName . '.pdf'); } else { $resVal = exec('./wkhtmltopdf --zoom 1 --enable-plugins "tmp/' . $fName . '.html" tmp/' . $fName . '.pdf'); } sleep(1); if (file_exists('tmp/' . $fName . '.pdf')) { $strPDF = file_get_contents('tmp/' . $fName . '.pdf'); unlink('tmp/' . $fName . '.pdf'); unlink('tmp/' . $fName . '.html'); header('Content-Type: application/pdf'); header('Content-Length: ' . strlen($strPDF)); header('Content-Disposition: inline; filename="' . $fName . '"'); header('Cache-Control: private, max-age=0, must-revalidate');
<?php } ?> </td></tr> <?php $no++; } // end while ?> </table><?php break; case 'new': if (!empty($kode)) { $ed = yposSQL('SHOW', 'ypos_pembelian a, ypos_suplier b', 'kdPembelian as kode, no_nota as nota, total_pembelian as ttl, a.kdsup, tgl_beli as tgl, nama_sup as sup', "a.kdsup=b.kdsup && kdPembelian='{$kode}'")->fetch_array(); } else { $genCode = genCode("P-" . $set->kdSET . date('Ymd'), 'kdPembelian', 'ypos_pembelian', '7'); } ?> <form method="post" action="<?php echo $set->folder_modul . '/' . $modul; ?> /aksi.php?<?php echo $set->folder_modul . '=' . $modul . '&id=' . @$ed['kode'] . '¬a=' . @$ed['nota'] . '&act=' . @$act . '&idp=' . @$edprod['idDtlPembelian']; ?> " name="form" id="form"> <fieldset> <legend>Data Pembelian</legend> <table> <tr align="left"> <td><b>Kode Pembelian</b></td> <td>:</td>
<? if(isset($token) && isset($login)){ $out = md5(uniqid(genCode())); $mysqli -> query("UPDATE Users SET token = '$out' WHERE login = '******'"); unset($_SESSION['login']); unset($_SESSION['token']); $linkQuery = explode("/",$_SESSION['link']); if($linkQuery[1] == 'exit' || $linkQuery[1] == 'panel' || $linkQuery[1] == 'profile_edit'){ $link = '/'; } else{ $link = $_SESSION['link']; } unset($_SESSION['link']); header("Location: $link"); exit; } else{ error("Вы не авторизованны"); }
file_put_contents('tmp/tmp.html', $_REQUEST['toHTML']); $url = 'tmp/tmp.html'; } if (isset($_REQUEST["margins"])) { $margins = $_REQUEST["margins"]; $margins = '-B ' . $margins . ' -L ' . $margins . ' -R ' . $margins . ' -T ' . $margins; } $s = '?'; foreach ($_REQUEST as $nombre => $valor) { if (!($nombre == 'url' || $nombre == 'margins' || $nombre == 'toHTML')) { $url = $url . $s . $nombre . '=' . $valor; $s = '&'; } } // --------------------------------------------- $fName = genCode(4) . '.pdf'; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $resVal = exec('wkhtmltopdf.exe --zoom 1 --enable-plugins ' . $margins . $orientation . ' "' . $url . '" tmp/' . $fName); } else { $resVal = exec('./wkhtmltopdf --zoom 1 --enable-plugins ' . $margins . $orientation . ' "' . $url . '" tmp/' . $fName); } sleep(1); if (file_exists('tmp/' . $fName)) { $strPDF = file_get_contents('tmp/' . $fName); header('Content-Type: application/pdf'); header('Content-Length: ' . strlen($strPDF)); header('Content-Disposition: inline; filename="' . $fName . '"'); header('Cache-Control: private, max-age=0, must-revalidate'); header('Pragma: public'); ini_set('zlib.output_compression', '0'); echo $strPDF;
$dbAuthor = $q->fetch_assoc(); if ($q && $dbAuthor[login] == $login){ $control = "Пользователь с таким Email уже зарегистрирован"; return $control; } if ($password2 != $password1){ $control = "Ваши пароли не совпадают"; return $control; } } $control = control($login, $password1, $password2, $name); if (!$control){ $hash = md5(md5($password1)); $token = md5(uniqid(genCode())); $photo = "/files/users/default.png"; $admin = false; $q = $mysqli->query("INSERT INTO Users (login, hash, token, name, photo, admin) VALUES ('$login', '$hash', '$token', '$name', '$photo', '$admin')"); inputNotice('Вы успешно зарегистрировались'); header("Location: /main"); exit; } else{ inputNotice($control); } } $title = "Регистрация"; $content = tpl("registration",$result);
} ?> </td></tr> <?php $no++; } // end while ?> </table> <?php break; case 'new': if (!empty($kode)) { $ed = yposSQL('SHOW', 'ypos_penjualan', 'kd_penjualan as kode, customer, tgl_jual as tgl, subtotal as sttl, diskon, grand_total as gt, uang_bayar as bayar, uang_kembali as kembali, keterangan as ket, userID', "kd_penjualan='{$kode}'")->fetch_array(); } else { $genCode = genCode("INV-" . date('Ymd'), 'kd_penjualan', 'ypos_penjualan', '8'); } ?> <form method="post" action="<?php echo $set->folder_modul . '/' . $modul; ?> /aksi.php?<?php echo $set->folder_modul . '=' . $modul . '&id=' . @$ed['kode'] . '&act=' . $act . '&idp=' . @$edprod['idDtlPen'] . '&ttl=' . @$_GET['ttl']; ?> " name="form" id="form"> <fieldset> <legend>Data Penjualan</legend> <table width="99%"> <tr align="left"> <td width="125"><b>Kode Penjualan</b></td> <td width="3">:</td>
case 'add': ?> <form method="post" action="<?php echo $set->folder_modul . '/' . $modul; ?> /aksi.php?<?php echo $set->folder_modul . '=' . $modul . '&act=' . $act; ?> " name="thisForm" id="form"> <fieldset class="atas"> <table> <tr> <td>Kode Barang</td> <td>:</td> <td><input type="text" class="inp-form" name="kode" required="required" size="25" value="<?php echo genCode('B', 'kdbarang', 'ypos_barang', '4'); ?> "/></td> <td>Nama Barang (Diberi Keterangan, Harga 1. <br>Eceran, 2. Retail, 3. Grosir) </td> <td>:</td> <td><input type="text" class="inp-form" name="nama" required="required" size="35"/></td> <td></td> </tr> <tr> <td>Stok Awal</td> <td>:</td> <td><input type="text" class="inp-form" name="stok" required="required" size="7"/></td> <td>Harga Jual</td> <td>:</td> <td><input type="text" class="inp-form" name="hrgaJual" required="required" size="15"/></td> <td></td>