if ($seconds_difference > 0 && $d < 2) {
$ending_time .= $seconds_difference . $MSG['25_0033'];
}
$showendtime = true;
} else {
$ending_time = '<span class="errfont">' . $MSG['911'] . '</span>';
$has_ended = true;
}
// build bread crumbs
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $auction_data['category'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
$cat_value = '';
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
if ($crumbs[$i]['cat_id'] > 0) {
if ($i > 0) {
$cat_value .= ' > ';
}
$cat_value .= '<a href="' . $system->SETTINGS['siteurl'] . 'browse.php?id=' . $crumbs[$i]['cat_id'] . '">' . $category_names[$crumbs[$i]['cat_id']] . '</a>';
}
}
$secondcat_value = '';
if ($system->SETTINGS['extra_cat'] == 'y' && intval($auction_data['secondcat']) > 0) {
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :sec_cat_id";
$params = array();
$params[] = array(':sec_cat_id', $auction_data['secondcat'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
exit;
} else {
header('location: select_category.php?cat_no=2');
exit;
}
} else {
$ERR = $ERR_25_0001;
}
}
// Process change mode
if (isset($_GET['change']) && $_GET['change'] == 'yes') {
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = " . intval($_SESSION['SELL_sellcat' . $cat_no]);
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$cat = mysql_fetch_assoc($res);
$crumbs = $catscontrol->get_bread_crumbs($cat['left_id'], $cat['right_id']);
$count = count($crumbs);
$box = $count - 1;
for ($i = 1; $i < $count; $i++) {
$POST['cat' . ($i - 1)] = $crumbs[$i]['cat_id'];
}
$_SESSION['SELL_editing_category'] = true;
} elseif (count($_POST) == 0 && !isset($_GET['cat_no'])) {
unset($_SESSION['UPLOADED_PICTURES_SIZE']);
$_SESSION['SELL_editing_category'] = false;
$_SESSION['SELL_starts'] = '';
$_SESSION['UPLOADED_PICTURES'] = array();
$_SESSION['SELL_with_reserve'] = '';
$_SESSION['SELL_reserve_price'] = '';
$_SESSION['SELL_minimum_bid'] = '';
$_SESSION['SELL_file_uploaded'] = false;
function callback_process($custom_id, $fee_type, $payment_amount, $currency = NULL)
{
global $system, $DBPrefix, $db;
switch ($fee_type) {
case 1:
// add to account balance
$addquery = '';
if ($system->SETTINGS['fee_disable_acc'] == 'y') {
$query = "SELECT suspended, balance FROM " . $DBPrefix . "users WHERE id = :custom_id";
$params = array();
$params[] = array(':custom_id', $custom_id, 'int');
$db->query($query, $params);
$data = $db->result();
// reable user account if it was disabled
if ($data['suspended'] == 7 && $data['balance'] + $payment_amount >= 0) {
$addquery = ', suspended = 0 ';
}
}
$query = "UPDATE " . $DBPrefix . "users SET balance = balance + :payment" . $addquery . " WHERE id = :user_id";
$params[] = array(':payment', $payment_amount, 'float');
$params[] = array(':user_id', $custom_id, 'int');
$db->query($query, $params);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, balance, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :time_stamp, :payment, :extra_payment, 1)";
$params = array();
$params[] = array(':user_id', $custom_id, 'int');
$params[] = array(':time_stamp', time(), 'int');
$params[] = array(':payment', $payment_amount, 'float');
$params[] = array(':extra_payment', $payment_amount, 'float');
$db->query($query, $params);
break;
case 2:
// pay for an item
$query = "UPDATE " . $DBPrefix . "winners SET paid = 1 WHERE id = :custom_id";
$params = array();
$params[] = array(':custom_id', $custom_id, 'int');
$db->query($query, $params);
break;
case 3:
// pay signup fee (live mode)
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :custom_id";
$params = array();
$params[] = array(':custom_id', $custom_id, 'int');
$db->query($query, $params);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, signup, total, paid) VALUES\n\t\t\t\t\t\t(:get_id, :time_stamp, :payment, :extra_payment, 1)";
$params = array();
$params[] = array(':get_id', $custom_id, 'int');
$params[] = array(':time_stamp', time(), 'int');
$params[] = array(':payment', $payment_amount, 'float');
$params[] = array(':extra_payment', $payment_amount, 'float');
$db->query($query, $params);
break;
case 4:
// pay auction fee (live mode)
global $user, $MSG;
$catscontrol = new MPTTcategories();
$query = "SELECT auc_id FROM " . $DBPrefix . "useraccounts WHERE useracc_id = :useracc_id";
$params = array();
$params[] = array(':useracc_id', $custom_id, 'int');
$db->query($query, $params);
$auc_id = $db->result('auc_id');
$query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = :auc_id";
$params = array();
$params[] = array(':auc_id', $auc_id, 'int');
$db->query($query, $params);
$query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE auc_id = :auc_id AND setup > 0";
$params = array();
$params[] = array(':auc_id', $auc_id, 'int');
$db->query($query, $params);
$query = "UPDATE " . $DBPrefix . "counters SET auctions = auctions + 1";
$db->direct_query($query);
$query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE useracc_id = :custom_id";
$params = array();
$params[] = array(':custom_id', $custom_id, 'int');
$db->query($query, $params);
$query = "SELECT category, title, minimum_bid, pict_url, buy_now, reserve_price, auction_type, ends\n\t\t\t\t\tFROM " . $DBPrefix . "auctions WHERE id = :auc_id";
$params = array();
$params[] = array(':auc_id', $auc_id, 'int');
$db->query($query, $params);
$auc_data = $db->result();
// auction data
$auction_id = $auc_id;
$title = $system->uncleanvars($auc_data['title']);
$atype = $auc_data['auction_type'];
$pict_url = $auc_data['pict_url'];
$minimum_bid = $auc_data['minimum_bid'];
$reserve_price = $auc_data['reserve_price'];
$buy_now_price = $auc_data['buy_now'];
$a_ends = $auc_data['ends'];
if ($user->user_data['startemailmode'] == 'yes') {
include $include_path . 'email_auction_confirmation.php';
}
// update recursive categories
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $auc_data['category'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
$query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + 1 WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int');
$db->query($query, $params);
}
break;
case 5:
// pay relist fee (live mode)
$query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = :custom_id";
$params = array();
$params[] = array(':custom_id', $custom_id, 'int');
$db->query($query, $params);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, relist, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :date, :relist, :total, 1)";
$params = array();
$params[] = array(':user_id', $custom_id, 'int');
$params[] = array(':auc_id', $custom_id, 'int');
$params[] = array(':date', time(), 'int');
$params[] = array(':relist', $payment_amount, 'float');
$params[] = array(':total', $payment_amount, 'float');
$db->query($query, $params);
break;
case 6:
// pay buyer fee (live mode)
$query = "UPDATE " . $DBPrefix . "winners SET bf_paid = 1 WHERE bf_paid = 0 AND auction = :auction_id AND winner = :winner_id";
$params = array();
$params[] = array(':auction_id', $custom_id, 'int');
$params[] = array(':winner_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :user_id";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, buyer, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :time_stamp, :buyer, :total, 1)";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
$params[] = array(':auc_id', $custom_id, 'int');
$params[] = array(':time_stamp', time(), 'int');
$params[] = array(':buyer', $payment_amount, 'float');
$params[] = array(':total', $payment_amount, 'float');
$db->query($query, $params);
break;
case 7:
// pay final value fee (live mode)
$query = "UPDATE " . $DBPrefix . "winners SET ff_paid = 1 WHERE ff_paid = 0 AND auction = :auction_id AND seller = :user_id";
$params = array();
$params[] = array(':auction_id', $custom_id, 'int');
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = :user_id";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, finalval, total, paid) VALUES\n\t\t\t\t\t\t(:user_id, :auc_id, :time_stamp, :finalval, :total, 1)";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
$params[] = array(':auc_id', $custom_id, 'int');
$params[] = array(':time_stamp', $system->ctime, 'int');
$params[] = array(':finalval', $payment_amount, 'float');
$params[] = array(':total', $payment_amount, 'float');
$db->query($query, $params);
break;
}
}
function callback_process($custom_id, $fee_type, $payment_amount, $currency = NULL)
{
global $system, $DBPrefix;
switch ($fee_type) {
case 1:
// add to account balance
$addquery = '';
if ($system->SETTINGS['fee_disable_acc'] == 'y') {
$query = "SELECT suspended, balance FROM " . $DBPrefix . "users WHERE id = " . $custom_id;
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$data = mysql_fetch_assoc($res);
// reable user account if it was disabled
if ($data['suspended'] == 7 && $data['balance'] + $payment_amount >= 0) {
$addquery = ', suspended = 0 ';
}
}
$query = "UPDATE " . $DBPrefix . "users SET balance = balance + " . $payment_amount . $addquery . " WHERE id = " . $custom_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, balance, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
case 2:
// pay for an item
$query = "UPDATE " . $DBPrefix . "winners SET paid = 1 WHERE id = " . $custom_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
case 3:
// pay signup fee (live mode)
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $custom_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, date, signup, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
case 4:
// pay auction fee (live mode)
global $user, $MSG;
$catscontrol = new MPTTcategories();
$query = "SELECT auc_id FROM " . $DBPrefix . "useraccounts WHERE useracc_id = " . $custom_id;
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$auc_id = mysql_result($res, 0, 'auc_id');
$query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = " . $auc_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE auc_id = " . $auc_id . " AND setup > 0";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "UPDATE " . $DBPrefix . "counters SET auctions = auctions + 1";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "UPDATE " . $DBPrefix . "useraccounts SET paid = 1 WHERE useracc_id = " . $custom_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "SELECT category, title, minimum_bid, pict_url, buy_now, reserve_price, auction_type, ends\n\t\t\t\t\t\tFROM " . $DBPrefix . "auctions WHERE id = " . $auc_id;
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$auc_data = mysql_fetch_assoc($res);
// auction data
$auction_id = $auc_id;
$title = $auc_data['title'];
$atype = $auc_data['auction_type'];
$pict_url = $auc_data['pict_url'];
$minimum_bid = $auc_data['minimum_bid'];
$reserve_price = $auc_data['reserve_price'];
$buy_now_price = $auc_data['buy_now'];
$a_ends = $auc_data['ends'];
if ($user->user_data['startemailmode'] == 'yes') {
include $include_path . 'email_auction_confirmation.php';
}
// update recursive categories
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = " . $auc_data['category'];
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$parent_node = mysql_fetch_assoc($res);
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
$query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + 1 WHERE cat_id = " . $crumbs[$i]['cat_id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
}
break;
case 5:
// pay relist fee (live mode)
$query = "UPDATE " . $DBPrefix . "auctions SET suspended = 0 WHERE id = " . $custom_id;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, relist, total, paid) VALUES\n\t\t\t\t\t\t(" . $custom_id . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
case 6:
// pay buyer fee (live mode)
$query = "UPDATE " . $DBPrefix . "winners SET bf_paid = 1 WHERE bf_paid = 0 AND auction = " . $custom_id . " AND winner = " . $user->user_data['id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $user->user_data['id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, buyer, total, paid) VALUES\n\t\t\t\t\t\t(" . $user->user_data['id'] . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
case 7:
// pay final value fee (live mode)
$query = "UPDATE " . $DBPrefix . "winners SET ff_paid = 1 WHERE ff_paid = 0 AND auction = " . $custom_id . " AND seller = " . $user->user_data['id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "UPDATE " . $DBPrefix . "users SET suspended = 0 WHERE id = " . $user->user_data['id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
// add invoice
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, finalval, total, paid) VALUES\n\t\t\t\t\t\t(" . $user->user_data['id'] . ", " . $custom_id . ", " . time() . ", " . $payment_amount . ", " . $payment_amount . ", 1)";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
break;
}
}
public function removeAuction($auction_id)
{
$catscontrol = new MPTTcategories();
$params = array();
$params[] = array(':auc_id', $auction_id, 'int');
// get auction data
$query = "SELECT category, num_bids, suspended, closed FROM " . $db->DBPrefix . "auctions WHERE id = :auc_id";
$db->query($query, $params);
$auc_data = $db->result();
if ($auc_data['suspended'] == 2) {
$query = "DELETE FROM `" . $db->DBPrefix . "auction_moderation` WHERE auction_id = :auc_id";
$db->query($query, $params);
}
// Delete related values
$query = "DELETE FROM " . $db->DBPrefix . "auctions WHERE id = :auc_id";
$db->query($query, $params);
// delete bids
$query = "DELETE FROM " . $db->DBPrefix . "bids WHERE auction = :auc_id";
$db->query($query, $params);
// Delete proxybids
$query = "DELETE FROM " . $db->DBPrefix . "proxybid WHERE itemid = :auc_id";
$db->query($query, $params);
// Delete file in counters
$query = "DELETE FROM " . $db->DBPrefix . "auccounter WHERE auction_id = :auc_id";
$db->query($query, $params);
if ($auc_data['suspended'] == 0 && $auc_data['closed'] == 0) {
// update main counters
$query = "UPDATE " . $db->DBPrefix . "counters SET auctions = (auctions - 1), bids = (bids - :num_bids)";
$params = array();
$params[] = array(':num_bids', $auc_data['num_bids'], 'int');
$db->query($query, $params);
// update recursive categories
$query = "SELECT left_id, right_id, level FROM " . $db->DBPrefix . "categories WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $auc_data['category'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
$query = "UPDATE " . $db->DBPrefix . "categories SET sub_counter = sub_counter - 1 WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int');
$db->query($query, $params);
}
}
// Delete auctions images
if (is_dir(UPLOAD_PATH . $auction_id)) {
if ($dir = opendir(UPLOAD_PATH . $auction_id)) {
while ($file = readdir($dir)) {
if ($file != '.' && $file != '..') {
@unlink(UPLOAD_PATH . $auction_id . '/' . $file);
}
}
closedir($dir);
rmdir(UPLOAD_PATH . $auction_id);
}
}
}
function resync_category_counters()
{
global $db, $system, $DBPrefix;
// update categories
$catscontrol = new MPTTcategories();
$query = "UPDATE " . $DBPrefix . "categories set counter = 0, sub_counter = 0";
$db->direct_query($query);
$query = "SELECT COUNT(*) AS COUNT, category FROM " . $DBPrefix . "auctions\n\t\t\t\tWHERE closed = 0 AND starts <= CURRENT_TIMESTAMP AND suspended = 0 GROUP BY category";
$db->direct_query($query);
$cat_data = $db->fetchall();
foreach ($cat_data as $row) {
$row['COUNT'] = $row['COUNT'] * 1;
// force it to be a number
if ($row['COUNT'] > 0 && !empty($row['category'])) {
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $row['category'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
$query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + :COUNT WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':COUNT', $row['COUNT'], 'int');
$params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int');
$db->query($query, $params);
}
$query = "UPDATE " . $DBPrefix . "categories SET counter = counter + :COUNT WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':COUNT', $row['COUNT'], 'int');
$params[] = array(':cat_id', $row['category'], 'int');
$db->query($query, $params);
}
}
if ($system->SETTINGS['extra_cat'] == 'y') {
$query = "SELECT COUNT(*) AS COUNT, secondcat FROM " . $DBPrefix . "auctions\n\t\t\t\t\tWHERE closed = 0 AND starts <= CURRENT_TIMESTAMP AND suspended = 0 AND secondcat != 0 GROUP BY secondcat";
$db->direct_query($query);
$cat_data = $db->fetchall();
foreach ($cat_data as $row) {
$query = "SELECT left_id, right_id, level FROM " . $DBPrefix . "categories WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':cat_id', $row['secondcat'], 'int');
$db->query($query, $params);
$parent_node = $db->result();
$crumbs = $catscontrol->get_bread_crumbs($parent_node['left_id'], $parent_node['right_id']);
for ($i = 0; $i < count($crumbs); $i++) {
$query = "UPDATE " . $DBPrefix . "categories SET sub_counter = sub_counter + :COUNT WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':COUNT', $row['COUNT'], 'int');
$params[] = array(':cat_id', $crumbs[$i]['cat_id'], 'int');
$db->query($query, $params);
}
$query = "UPDATE " . $DBPrefix . "categories SET counter = counter + :COUNT WHERE cat_id = :cat_id";
$params = array();
$params[] = array(':COUNT', $row['COUNT'], 'int');
$params[] = array(':cat_id', $row['secondcat'], 'int');
$db->query($query, $params);
}
}
}
