if ($seconds_difference > 0 && $d < 2) { $ending_time .= $seconds_difference . $MSG['25_0033']; } $showendtime = true; } else { $ending_time = '<span class="errfont">' . $MSG['911'] . '</span>'; $has_ended = true; } // build bread crumbs $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $auction_data['category'], 'int'); $db->query($query, $params); $parent_node = $db->result(); $cat_value = ''; $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { if ($crumbs[$i]['cat_id'] > 0) { if ($i > 0) { $cat_value .= ' > '; } $cat_value .= '<a href="' . $system->SETTINGS['siteurl'] . 'browse.php?id=' . $crumbs[$i]['cat_id'] . '">' . $category_names[$crumbs[$i]['cat_id']] . '</a>'; } } $secondcat_value = ''; if ($system->SETTINGS['extra_cat'] == 'y' && intval($auction_data['secondcat']) > 0) { $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :sec_cat_id"; $params = array(); $params[] = array(':sec_cat_id', $auction_data['secondcat'], 'int'); $db->query($query, $params); $parent_node = $db->result();
exit; } else { header('location: select_category.php?cat_no=2'); exit; } } else { $ERR = $ERR_25_0001; } } // Process change mode if (isset($_GET['change']) && $_GET['change'] == 'yes') { $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = " . intval($_SESSION['SELL_sellcat' . $cat_no]); $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $cat = mysql_fetch_assoc($res); $crumbs = $catscontrol->get_bread_crumbs($cat['left_id'], $cat['right_id']); $count = count($crumbs); $box = $count - 1; for ($i = 1; $i < $count; $i++) { $POST['cat' . ($i - 1)] = $crumbs[$i]['cat_id']; } $_SESSION['SELL_editing_category'] = true; } elseif (count($_POST) == 0 && !isset($_GET['cat_no'])) { unset($_SESSION['UPLOADED_PICTURES_SIZE']); $_SESSION['SELL_editing_category'] = false; $_SESSION['SELL_starts'] = ''; $_SESSION['UPLOADED_PICTURES'] = array(); $_SESSION['SELL_with_reserve'] = ''; $_SESSION['SELL_reserve_price'] = ''; $_SESSION['SELL_minimum_bid'] = ''; $_SESSION['SELL_file_uploaded'] = false;
function callback_process($custom_id, $fee_type, $payment_amount, $currency = NULL) { global $system, $DBPrefix, $db; switch ($fee_type) { case 1: // add to account balance $addquery = ''; if ($system->SETTINGS['fee_disable_acc'] == 'y') { $query = "SELECT suspended, balance FROM " . $DBPrefix . "users WHERE id = :custom_id"; $params = array(); $params[] = array(':custom_id', $custom_id, 'int'); $db->query($query, $params); $data = $db->result(); // reable user account if it was disabled if ($data['suspended'] == 7 && $data['balance'] + $payment_amount >= 0) { $addquery = ', suspended = 0 '; } } $query = "UPDATE " . $DBPrefix . "users SET balance = balance + :payment" . $addquery . " WHERE id = :user_id"; $params[] = array(':payment', $payment_amount, 'float'); $params[] = array(':user_id', $custom_id, 'int'); $db->query($query, $params); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, balance, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :time_stamp, :payment, :extra_payment, 1)"; $params = array(); $params[] = array(':user_id', $custom_id, 'int'); $params[] = array(':time_stamp', time(), 'int'); $params[] = array(':payment', $payment_amount, 'float'); $params[] = array(':extra_payment', $payment_amount, 'float'); $db->query($query, $params); break; case 2: // pay for an item $query = "UPDATE " . $DBPrefix . "winners SET paid = 1 WHERE id = :custom_id"; $params = array(); $params[] = array(':custom_id', $custom_id, 'int'); $db->query($query, $params); break; case 3: // pay signup fee (live mode) $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :custom_id"; $params = array(); $params[] = array(':custom_id', $custom_id, 'int'); $db->query($query, $params); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, signup, total, paid) VALUES\n\t\t\t\t\t\t(:get_id, :time_stamp, :payment, :extra_payment, 1)"; $params = array(); $params[] = array(':get_id', $custom_id, 'int'); $params[] = array(':time_stamp', time(), 'int'); $params[] = array(':payment', $payment_amount, 'float'); $params[] = array(':extra_payment', $payment_amount, 'float'); $db->query($query, $params); break; case 4: // pay auction fee (live mode) global $user, $MSG; $catscontrol = new MPTTcategories(); $query = "SELECT auc_id FROM " . $DBPrefix . "useraccounts WHERE useracc_id = :useracc_id"; $params = array(); $params[] = array(':useracc_id', $custom_id, 'int'); $db->query($query, $params); $auc_id = $db->result('auc_id'); $query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = :auc_id"; $params = array(); $params[] = array(':auc_id', $auc_id, 'int'); $db->query($query, $params); $query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE auc_id = :auc_id AND setup > 0"; $params = array(); $params[] = array(':auc_id', $auc_id, 'int'); $db->query($query, $params); $query = "UPDATE " . $DBPrefix . "counters SET auctions = auctions + 1"; $db->direct_query($query); $query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE useracc_id = :custom_id"; $params = array(); $params[] = array(':custom_id', $custom_id, 'int'); $db->query($query, $params); $query = "SELECT category, title, minimum_bid, pict_url, buy_now, reserve_price, auction_type, ends\n\t\t\t\t\tFROM " . $DBPrefix . "auctions WHERE id = :auc_id"; $params = array(); $params[] = array(':auc_id', $auc_id, 'int'); $db->query($query, $params); $auc_data = $db->result(); // auction data $auction_id = $auc_id; $title = $system->uncleanvars($auc_data['title']); $atype = $auc_data['auction_type']; $pict_url = $auc_data['pict_url']; $minimum_bid = $auc_data['minimum_bid']; $reserve_price = $auc_data['reserve_price']; $buy_now_price = $auc_data['buy_now']; $a_ends = $auc_data['ends']; if ($user->user_data['startemailmode'] == 'yes') { include $include_path . 'email_auction_confirmation.php'; } // update recursive categories $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $auc_data['category'], 'int'); $db->query($query, $params); $parent_node = $db->result(); $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { $query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + 1 WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int'); $db->query($query, $params); } break; case 5: // pay relist fee (live mode) $query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = :custom_id"; $params = array(); $params[] = array(':custom_id', $custom_id, 'int'); $db->query($query, $params); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, relist, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :date, :relist, :total, 1)"; $params = array(); $params[] = array(':user_id', $custom_id, 'int'); $params[] = array(':auc_id', $custom_id, 'int'); $params[] = array(':date', time(), 'int'); $params[] = array(':relist', $payment_amount, 'float'); $params[] = array(':total', $payment_amount, 'float'); $db->query($query, $params); break; case 6: // pay buyer fee (live mode) $query = "UPDATE " . $DBPrefix . "winners SET bf_paid = 1 WHERE bf_paid = 0 AND auction = :auction_id AND winner = :winner_id"; $params = array(); $params[] = array(':auction_id', $custom_id, 'int'); $params[] = array(':winner_id', $user->user_data['id'], 'int'); $db->query($query, $params); $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :user_id"; $params = array(); $params[] = array(':user_id', $user->user_data['id'], 'int'); $db->query($query, $params); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, buyer, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :time_stamp, :buyer, :total, 1)"; $params = array(); $params[] = array(':user_id', $user->user_data['id'], 'int'); $params[] = array(':auc_id', $custom_id, 'int'); $params[] = array(':time_stamp', time(), 'int'); $params[] = array(':buyer', $payment_amount, 'float'); $params[] = array(':total', $payment_amount, 'float'); $db->query($query, $params); break; case 7: // pay final value fee (live mode) $query = "UPDATE " . $DBPrefix . "winners SET ff_paid = 1 WHERE ff_paid = 0 AND auction = :auction_id AND seller = :user_id"; $params = array(); $params[] = array(':auction_id', $custom_id, 'int'); $params[] = array(':user_id', $user->user_data['id'], 'int'); $db->query($query, $params); $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :user_id"; $params = array(); $params[] = array(':user_id', $user->user_data['id'], 'int'); $db->query($query, $params); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, finalval, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :time_stamp, :finalval, :total, 1)"; $params = array(); $params[] = array(':user_id', $user->user_data['id'], 'int'); $params[] = array(':auc_id', $custom_id, 'int'); $params[] = array(':time_stamp', $system->ctime, 'int'); $params[] = array(':finalval', $payment_amount, 'float'); $params[] = array(':total', $payment_amount, 'float'); $db->query($query, $params); break; } }
function callback_process($custom_id, $fee_type, $payment_amount, $currency = NULL) { global $system, $DBPrefix; switch ($fee_type) { case 1: // add to account balance $addquery = ''; if ($system->SETTINGS['fee_disable_acc'] == 'y') { $query = "SELECT suspended, balance FROM " . $DBPrefix . "users WHERE id = " . $custom_id; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $data = mysql_fetch_assoc($res); // reable user account if it was disabled if ($data['suspended'] == 7 && $data['balance'] + $payment_amount >= 0) { $addquery = ', suspended = 0 '; } } $query = "UPDATE " . $DBPrefix . "users SET balance = balance + " . $payment_amount . $addquery . " WHERE id = " . $custom_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, balance, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; case 2: // pay for an item $query = "UPDATE " . $DBPrefix . "winners SET paid = 1 WHERE id = " . $custom_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; case 3: // pay signup fee (live mode) $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $custom_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, signup, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; case 4: // pay auction fee (live mode) global $user, $MSG; $catscontrol = new MPTTcategories(); $query = "SELECT auc_id FROM " . $DBPrefix . "useraccounts WHERE useracc_id = " . $custom_id; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $auc_id = mysql_result($res, 0, 'auc_id'); $query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = " . $auc_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE auc_id = " . $auc_id . " AND setup > 0"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "UPDATE " . $DBPrefix . "counters SET auctions = auctions + 1"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE useracc_id = " . $custom_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "SELECT category, title, minimum_bid, pict_url, buy_now, reserve_price, auction_type, ends\n\t\t\t\t\t\tFROM " . $DBPrefix . "auctions WHERE id = " . $auc_id; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $auc_data = mysql_fetch_assoc($res); // auction data $auction_id = $auc_id; $title = $auc_data['title']; $atype = $auc_data['auction_type']; $pict_url = $auc_data['pict_url']; $minimum_bid = $auc_data['minimum_bid']; $reserve_price = $auc_data['reserve_price']; $buy_now_price = $auc_data['buy_now']; $a_ends = $auc_data['ends']; if ($user->user_data['startemailmode'] == 'yes') { include $include_path . 'email_auction_confirmation.php'; } // update recursive categories $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = " . $auc_data['category']; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $parent_node = mysql_fetch_assoc($res); $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { $query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + 1 WHERE cat_id = " . $crumbs[$i]['cat_id']; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); } break; case 5: // pay relist fee (live mode) $query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = " . $custom_id; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, relist, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; case 6: // pay buyer fee (live mode) $query = "UPDATE " . $DBPrefix . "winners SET bf_paid = 1 WHERE bf_paid = 0 AND auction = " . $custom_id . " AND winner = " . $user->user_data['id']; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $user->user_data['id']; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, buyer, total, paid) VALUES\n\t\t\t\t\t\t(" . $user->user_data['id'] . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; case 7: // pay final value fee (live mode) $query = "UPDATE " . $DBPrefix . "winners SET ff_paid = 1 WHERE ff_paid = 0 AND auction = " . $custom_id . " AND seller = " . $user->user_data['id']; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); $query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $user->user_data['id']; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); // add invoice $query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, finalval, total, paid) VALUES\n\t\t\t\t\t\t(" . $user->user_data['id'] . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)"; $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__); break; } }
public function removeAuction($auction_id) { $catscontrol = new MPTTcategories(); $params = array(); $params[] = array(':auc_id', $auction_id, 'int'); // get auction data $query = "SELECT category, num_bids, suspended, closed FROM " . $db->DBPrefix . "auctions WHERE id = :auc_id"; $db->query($query, $params); $auc_data = $db->result(); if ($auc_data['suspended'] == 2) { $query = "DELETE FROM `" . $db->DBPrefix . "auction_moderation` WHERE auction_id = :auc_id"; $db->query($query, $params); } // Delete related values $query = "DELETE FROM " . $db->DBPrefix . "auctions WHERE id = :auc_id"; $db->query($query, $params); // delete bids $query = "DELETE FROM " . $db->DBPrefix . "bids WHERE auction = :auc_id"; $db->query($query, $params); // Delete proxybids $query = "DELETE FROM " . $db->DBPrefix . "proxybid WHERE itemid = :auc_id"; $db->query($query, $params); // Delete file in counters $query = "DELETE FROM " . $db->DBPrefix . "auccounter WHERE auction_id = :auc_id"; $db->query($query, $params); if ($auc_data['suspended'] == 0 && $auc_data['closed'] == 0) { // update main counters $query = "UPDATE " . $db->DBPrefix . "counters SET auctions = (auctions - 1), bids = (bids - :num_bids)"; $params = array(); $params[] = array(':num_bids', $auc_data['num_bids'], 'int'); $db->query($query, $params); // update recursive categories $query = "SELECT left_id, right_id, level FROM " . $db->DBPrefix . "categories WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $auc_data['category'], 'int'); $db->query($query, $params); $parent_node = $db->result(); $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { $query = "UPDATE " . $db->DBPrefix . "categories SET sub_counter = sub_counter - 1 WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int'); $db->query($query, $params); } } // Delete auctions images if (is_dir(UPLOAD_PATH . $auction_id)) { if ($dir = opendir(UPLOAD_PATH . $auction_id)) { while ($file = readdir($dir)) { if ($file != '.' && $file != '..') { @unlink(UPLOAD_PATH . $auction_id . '/' . $file); } } closedir($dir); rmdir(UPLOAD_PATH . $auction_id); } } }
function resync_category_counters() { global $db, $system, $DBPrefix; // update categories $catscontrol = new MPTTcategories(); $query = "UPDATE " . $DBPrefix . "categories set counter = 0, sub_counter = 0"; $db->direct_query($query); $query = "SELECT COUNT(*) AS COUNT, category FROM " . $DBPrefix . "auctions\n\t\t\t\tWHERE closed = 0 AND starts <= CURRENT_TIMESTAMP AND suspended = 0 GROUP BY category"; $db->direct_query($query); $cat_data = $db->fetchall(); foreach ($cat_data as $row) { $row['COUNT'] = $row['COUNT'] * 1; // force it to be a number if ($row['COUNT'] > 0 && !empty($row['category'])) { $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $row['category'], 'int'); $db->query($query, $params); $parent_node = $db->result(); $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { $query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + :COUNT WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':COUNT', $row['COUNT'], 'int'); $params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int'); $db->query($query, $params); } $query = "UPDATE " . $DBPrefix . "categories SET counter = counter + :COUNT WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':COUNT', $row['COUNT'], 'int'); $params[] = array(':cat_id', $row['category'], 'int'); $db->query($query, $params); } } if ($system->SETTINGS['extra_cat'] == 'y') { $query = "SELECT COUNT(*) AS COUNT, secondcat FROM " . $DBPrefix . "auctions\n\t\t\t\t\tWHERE closed = 0 AND starts <= CURRENT_TIMESTAMP AND suspended = 0 AND secondcat != 0 GROUP BY secondcat"; $db->direct_query($query); $cat_data = $db->fetchall(); foreach ($cat_data as $row) { $query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':cat_id', $row['secondcat'], 'int'); $db->query($query, $params); $parent_node = $db->result(); $crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']); for ($i = 0; $i < count($crumbs); $i++) { $query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + :COUNT WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':COUNT', $row['COUNT'], 'int'); $params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int'); $db->query($query, $params); } $query = "UPDATE " . $DBPrefix . "categories SET counter = counter + :COUNT WHERE cat_id = :cat_id"; $params = array(); $params[] = array(':COUNT', $row['COUNT'], 'int'); $params[] = array(':cat_id', $row['secondcat'], 'int'); $db->query($query, $params); } } }