function SiteCreator_css(&$smarty, $form = false)
{
$mysql = new MYSQL($smarty);
$tabela = $smarty->cfg['prefix'] . 'bilder_site';
$mysql->SqlSelect("SELECT ID_SITE FROM {$tabela} WHERE site_dominio = '{$form['site_dominio']}'", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
return $smarty->getFinishError('sitecreator_erro_01', array("", " - " . htmlspecialchars($this->form['site_dominio'])));
}
switch ($form['action']) {
case "selectcss":
$smarty->assign('ID_CSSCLASS', $form['ID_CSSCLASS']);
return $smarty->fetch($smarty->modulo_dir . "select_css.tpl");
break;
default:
$form['ID_MEMBER'] = $smarty->perfil['ID_MEMBER'];
$sql = $mysql->SqlInsert($tabela, $form);
$mysql->SqlSelect($sql, __FILE__, __LINE__);
$idde = mysql_insert_id();
$cam = './sites/' . $idde;
//$cam = './sites/21';
$site = new SiteCreator();
$site->CopyDefultSite($cam);
$site->createCfgfile($cam, array('ID_SITE' => $idde));
$site->CopyCss($form['ID_CSS'], $cam);
$site->createTemplates($cam, $form['site_pages']);
unset($_POST);
unset($_GET);
return $smarty->getFinish('sitecreator_sucesso_01');
break;
}
}
public static function FORMAT($S, $R, $P)
{
$I = array();
if ($P === false) {
$I[] = STR_REPLACE("/", "-", $R) . " 00:00:00";
$I[] = STR_REPLACE("/", "-", $R) . " 24:59:59";
$SET = 'HOUR';
} else {
$R = explode(" - ", $R);
$I[] = STR_REPLACE("/", "-", $R[0]);
$I[] = STR_REPLACE("/", "-", $R[1]);
$SET = 'DAY';
}
$I[] = $S['s_id'];
$Q = "SELECT MIN(t_checkout_created) AS `time`, AVG(t_checkout_price) AS `cost` FROM core_tickets_processed WHERE t_checkout_created >= ? AND t_checkout_created <= ? AND t_store = ? GROUP BY";
$CA = MYSQL::QUERY($Q . " {$SET}(t_checkout_created) ORDER BY t_checkout_created ASC", $I);
$CO = MYSQL::QUERY($Q . " t_checkout_created ORDER BY t_checkout_created ASC", $I);
$STRING = array();
$STRING[] = array('name' => 'Average Charge', 'data' => '');
$STRING[] = array('name' => 'Checkout Charges', 'data' => '');
foreach ($CA as $C) {
$T = Date_UTC($C['time']);
$STRING[0]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $T[3] . "," . $C['cost'];
}
foreach ($CO as $C) {
$T = Date_UTC($C['time']);
$STRING[1]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $T[3] . "," . $T[4] . "," . $C['cost'];
}
echo JSON_ENCODE($STRING);
}
public static function FORMAT($S, $R, $P)
{
$I = array($S['s_id']);
if ($P === false) {
$TI = "AND d_date = ? LIMIT 1";
$I[] = str_replace("/", "-", $R);
} else {
$R = explode(" - ", $R);
$TI = "AND d_date >= ? AND d_date <= ? ORDER BY d_date ASC";
$I[] = str_replace("/", "-", $R[0]);
$I[] = str_replace("/", "-", $R[1]);
}
$CT = MYSQL::QUERY("SELECT * FROM core_stores_daily_checkouts WHERE s_id = ? {$TI}", $I);
$STRING = array(array('name' => 'Sales', 'data' => ''));
if (!$P === false) {
foreach ($CT as $CL) {
$T = Date_UTC($CL['d_date']);
$Total = $CL['d_gross_nontaxable'] + $CL['d_gross_taxable'];
$STRING[0]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $Total;
}
} else {
$T = Date_UTC($CT['d_date']);
$Total = $CT['d_gross_nontaxable'] + $CT['d_gross_taxable'];
$STRING[0]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $Total;
}
if ($P === false) {
$STRING[0]['type'] = 'column';
}
echo JSON_ENCODE($STRING);
}
function myRoles($username, $defult = array(ANONYMOUS_ID_ROLE => 'anonymous user'))
{
global $cfg;
if ($username >= 0) {
$mysql = new MYSQL($cfg);
$key = key($defult);
$valor = array_values($defult);
$sql = "\n\t\t\tSELECT r.ID_ROLE, r.name, p.permission, (SELECT permission FROM {permission} WHERE ID_ROLE = '{$key}')as `{$valor[0]}`\n\t\t\tFROM {users_roles} ur\n\t\t\tNATURAL JOIN {role} r\n\t\t\tLEFT JOIN {permission} p ON p.ID_ROLE = ur.ID_ROLE\n\t\t\tWHERE ID_USER = '******' ORDER BY r.weight DESC\n\t\t\t";
$result = $mysql->SqlSelect($sql);
$perm['permission'] = array();
while ($row = mysql_fetch_assoc($result)) {
$perm['permission'] = explode(",", $row['permission']) + explode(",", $row[$valor[0]]);
$perm[$row['ID_ROLE']] = $row['name'];
}
return $perm;
}
}
public function stimulate(&$hash)
{
$db = new MYSQL();
$db->connect(self::DB_HOST, self::DB_USER, self::DB_PASS, self::DB_DBNAME);
@mysql_query("SET NAMES 'UTF8'");
//must have a string parameter 'action'
LINB::checkArgs($hash, array('string' => array('action' => NULL)));
//handle the process
switch ($hash->action) {
case 'getlist':
return $db->query("select `key`,`value` from `tbl_test`");
case 'update':
//must have string parameters 'key' and 'value'
LINB::checkArgs($hash, array('string' => array('key' => NULL, 'value' => NULL)));
$db->update("tbl_test", array("key" => $hash->key, "value" => $hash->value), "`key`='" . $hash->key . "'");
return 'ok';
case 'delete':
//must have a string parameter 'key'
LINB::checkArgs($hash, array('string' => array('key' => NULL)));
$db->delete("tbl_test", "`key`='" . $hash->key . "'");
return 'ok';
case 'create':
//must have string parameters 'key' and 'value'
LINB::checkArgs($hash, array('string' => array('key' => NULL, 'value' => NULL)));
$db->insert("tbl_test", array("key" => $hash->key, "value" => $hash->value));
return 'ok';
}
}
function LoadRules($id, $acesso = 'ALL', &$smarty)
{
global $cfg;
switch ($acesso) {
case 'ONLY_GUEST':
return $id != 0 ? false : true;
break;
case 'NOT_GUEST':
return $id <= 0 ? false : true;
break;
case 'ALL':
return true;
break;
default:
$mysql = new MYSQL($smarty);
$result = $mysql->SqlSelect("SELECT r.name\n\t\t\t\t\t\t\t\t\t\t\tFROM {$cfg[db_prefix]}role r\n\t\t\t\t\t\t\t\t\t\t\tRIGHT JOIN {$cfg[db_prefix]}members_roles m ON r.ID_RULE = m.ID_RULE\n\t\t\t\t\t\t\t\t\t\t\tWHERE m.ID_MEMBER = '{$id}'\n\t\t\t\t\t\t\t\t\t\t\tORDER BY r.weight", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
return $linha = mysql_fetch_assoc($result);
} else {
return false;
}
break;
}
}
public static function FORMAT($S, $R, $P)
{
$I = array($S['s_id']);
if ($P === false) {
$TI = "AND d_date = ? LIMIT 1";
$I[] = str_replace("/", "-", $R);
} else {
$R = explode(" - ", $R);
$TI = "AND d_date >= ? AND d_date <= ? ORDER BY d_date ASC";
$I[] = str_replace("/", "-", $R[0]);
$I[] = str_replace("/", "-", $R[1]);
}
$CT = MYSQL::QUERY("SELECT * FROM core_stores_daily_checkouts WHERE s_id = ? {$TI}", $I);
$STRING = array(array('name' => 'Cash', 'data' => ''), array('name' => 'Check', 'data' => ''), array('name' => 'American Express', 'data' => ''), array('name' => 'Discover', 'data' => ''), array('name' => 'Master Card', 'data' => ''), array('name' => 'Visa', 'data' => ''), array('name' => 'Debit', 'data' => ''));
if (!$P === false) {
foreach ($CT as $CL) {
$T = Date_UTC($CL['d_date']);
$STRING[0]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_cash'];
$STRING[1]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_check'];
$STRING[2]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_amex'];
$STRING[3]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_discover'];
$STRING[4]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_master'];
$STRING[5]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_visa'];
$STRING[6]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CL['d_debit'];
}
} else {
$T = Date_UTC($CT['d_date']);
$STRING[0]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_cash'];
$STRING[1]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_check'];
$STRING[2]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_amex'];
$STRING[3]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_discover'];
$STRING[4]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_master'];
$STRING[5]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_visa'];
$STRING[6]['data'][] .= $T[0] . "," . $T[1] . "," . $T[2] . "," . $CT['d_debit'];
}
if ($P === false) {
$STRING[0]['type'] = 'column';
$STRING[1]['type'] = 'column';
$STRING[2]['type'] = 'column';
$STRING[3]['type'] = 'column';
$STRING[4]['type'] = 'column';
$STRING[5]['type'] = 'column';
$STRING[6]['type'] = 'column';
}
echo JSON_ENCODE($STRING);
}
public function stimulate(&$hash)
{
$db = new MYSQL();
$db->connect(self::DB_HOST, self::DB_USER, self::DB_PASS);
@mysql_query("SET NAMES 'UTF8'");
//must have a string parameter 'action'
LINB::checkArgs($hash, array('string' => array('action' => NULL)));
//handle the process
switch ($hash->action) {
case 'listdbs':
return $db->listdbs();
case 'listtables':
LINB::checkArgs($hash, array('string' => array('dbname' => NULL)));
return $db->listtables($hash->dbname);
case 'list':
LINB::checkArgs($hash, array('string' => array('dbname' => NULL, 'tablename' => NULL, 'page' => 1, 'count' => 20)));
$db->selectdb($hash->dbname);
$count = $db->query("select count(*) from " . $hash->tablename);
$table = $db->query("select * from " . $hash->tablename . " where 1 limit " . ($hash->page - 1) * 20 . ", " . $hash->count, true);
return array($count, $table);
}
}
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0, TRUE);
$CID = $_GET['cid'];
$CARD = $_GET['card'];
$TID = $_GET['tid'];
$CUSTOMER = MYSQL::QUERY('SELECT * FROM core_customers WHERE c_id = ? LIMIT 1', array($CID));
if (empty($CUSTOMER['c_card']) || $CUSTOMER['c_card'] == $CARD) {
if (empty($CUSTOMER['c_card'])) {
$CS = MYSQL::QUERY('SELECT c_id FROM core_customers WHERE c_card = ? LIMIT 1', array($CARD));
if (empty($CS)) {
echo "This customer has no card and this card is not in use. Please Enter their Primary email.<br/><br/><input type='email' placeholder='Customers Email Address..' style='width:280px;'><br/>\n\t\t\t<button style='cursor:pointer;width:287px;' onClick='AttachCard(\$(this)," . '"' . $CID . '"' . "," . '"' . $CARD . '"' . "," . '"' . $TID . '"' . "," . '"' . $user['store_info']['s_taxrate'] . '"' . ")'>Attach Card</button>";
} else {
echo "This card belongs to someone else...";
}
} else {
echo "Valid Card. 5% Off Applied.\n <script>AddDiscount('5','Membership Card','.ticket" . $TID . "','" . $user['store_info']['s_taxrate'] . "','" . $TID . "');</script>";
}
} else {
echo "This Customer has a different Card..";
}
require "../../../frame/engine.php";
ENGINE::START();
$USER = USER::VERIFY(0, TRUE);
if (empty($_GET['sSearch'])) {
$S = $_GET['string'];
} else {
$S = $_GET['sSearch'];
}
$iDS = $_GET['iDisplayStart'];
$iDL = $_GET['iDisplayLength'];
$iSC = $_GET['iSortCol_0'];
$iSD = $_GET['sSortDir_0'];
switch ($iSC) {
case 0:
$SS = 'ORDER BY c_name ' . $iSD;
break;
case 1:
$SS = 'ORDER BY c_phone ' . $iSD;
break;
case 2:
$SS = '';
break;
}
$iTotal = MYSQL::QUERY('SELECT COUNT(c_id) AS `COUNT` FROM core_customers WHERE c_name LIKE ? OR c_phone LIKE ?', array('%' . $S . '%', '%' . $S . '%'));
$iQuery = MYSQL::QUERY("SELECT * FROM core_customers WHERE c_name LIKE ? OR c_phone LIKE ? {$SS} LIMIT {$iDS},{$iDL}", array('%' . $S . '%', '%' . $S . '%'), FALSE, TRUE);
$OUTPUT = array('sEcho' => $_GET['sEcho'], 'iTotalRecords' => $iTotal[0]['COUNT'], 'iTotalDisplayRecords' => $iTotal[0]['COUNT'], 'aaData');
foreach ($iQuery as $C) {
$OUTPUT['aaData'][] = array($C['c_name'], FORMAT::PHONE($C['c_phone']), '<button onClick="LoadCustomer(' . "'" . $C['c_id'] . "'" . ')">LOAD</button>');
}
echo JSON_ENCODE($OUTPUT);
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(1);
$date = $_GET['date'];
$store = $_GET['store'];
$NOTES = MYSQL::QUERY("SELECT ctn.t_note FROM core_tickets_status cts JOIN core_tickets_note ctn ON cts.t_id = ctn.t_id AND ctn.t_note LIKE ? WHERE t_store = ?", array('%Walkedout Ticket%', $STORE, $SD, $ED));
$CHECKOUT = MYSQL::QUERY("SELECT * FROM core_checkout_sessions WHERE qb_id = ? LIMIT 1", array($_GET['chid']));
$ITEMS = EXPLODE('|', $CHECKOUT['items']);
$LIST = '';
$IT = 1;
$oldnontaxable = 0;
$nontaxable = 0;
$oldtaxable = 0;
$taxable = 0;
$oldtotaltax = 0;
$totaltax = 0;
foreach ($ITEMS as $I) {
if ($I != '') {
$I = EXPLODE('/', $I);
$LIST .= '|' . $I[0] . '/' . $_GET['item' . $IT];
$EX = EXPLODE('-', $I[0]);
if ($EX[0] == 'ti') {
MYSQL::QUERY('UPDATE core_tickets_processed SET t_checkout_created=?,t_checkout_price=? WHERE t_id=? LIMIT 1', array($_GET['date'], $_GET['item' . $IT], $EX[1]));
$nontaxable = $nontaxable + ($_GET['item' . $IT] - 0);
$oldnontaxable = $oldnontaxable + $I[1];
} else {
$taxable = $taxable + ($_GET['item' . $IT] - 0);
$totaltax = $totaltax + ($_GET['item' . $IT] - 0) / 100 * $user['store_info']['s_taxrate'];
$oldtaxable = $oldtaxable + $I[1];
$oldtotaltax = $I[1] / 100 * $user['store_info']['s_taxrate'];
}
}
$IT++;
}
MYSQL::QUERY('UPDATE core_checkout_sessions SET items=?,pm_1=?,pm_1_cost=?,pm_2=?,pm_2_cost=?,d_date=? WHERE qb_id=? LIMIT 1', array($LIST, $_GET['pm_1'], $_GET['pm_1_charge'], $_GET['pm_2'], $_GET['pm_2_charge'], $_GET['date'], $_GET['chid']));
TRACKING::CHECKOUTS($oldnontaxable, $oldtaxable, $oldtotaltax, $user, $CHECKOUT['pm_1'], $CHECKOUT['pm_1_cost'], $CHECKOUT['pm_2'], $CHECKOUT['pm_2_cost'], '-', $_GET['date']);
TRACKING::CHECKOUTS($nontaxable, $taxable, $totaltax, $user, $_GET['pm_1'], $_GET['pm_1_charge'], $_GET['pm_2'], $_GET['pm_2_charge'], '+', $_GET['date']);
}
}
}
if ($i == 1) {
$comma = ' ';
} else {
$comma = ', ';
}
$added .= "{$name}<br/><br/>";
$query .= $comma . '("' . $man[1] . '", "' . $type . '", "' . mysql_escape_string($name) . '", "' . mysql_escape_string($img) . '", "' . mysql_escape_string($also) . '", "' . $date . '")';
$i++;
}
if ($query == 'INSERT IGNORE INTO device_models (m_manufacturer_id, m_type, m_name, m_link, m_known, m_date) VALUES') {
break;
}
MYSQL::QUERY($query);
$a++;
}
if ($type == 4) {
break;
}
$type++;
}
}
?>
<form method='post'>
<select name='manu'><?php
echo $options;
?>
</select><input type='submit' name='submit' value='submit'>
</form>
}
$A['Q2'] = STR_REPLACE(array('+', '-', '=', ' '), '', $Q);
if ($A['Q1'] != '=') {
$A['Q3'] = 'quantity = quantity ' . $A['Q1'] . ' ?';
} else {
$A['Q3'] = 'quantity = ?';
}
$A['P1'] = SUBSTR($P, 0, 1);
if (IS_NUMERIC($A['P1'])) {
$A['P1'] = '=';
}
$A['P2'] = STR_REPLACE(array('+', '-', '=', ' '), '', $P);
if ($A['P1'] != '=') {
$A['P3'] = 'price = price ' . $A['P1'] . ' ?';
} else {
$A['P3'] = 'price = ?';
}
$A['M1'] = SUBSTR($M, 0, 1);
if (IS_NUMERIC($A['M1'])) {
$A['M1'] = '=';
}
$A['M2'] = STR_REPLACE(array('+', '-', '=', ' '), '', $M);
if ($A['M1'] != '=') {
$A['M3'] = 'minimum = minimum ' . $A['M1'] . ' ?';
} else {
$A['M3'] = 'minimum = ?';
}
$Q = 'INSERT INTO inventory_stock (store, item, quantity, minimum, price, modified) VALUES (?,?,?,?,?,?) ON DUPLICATE KEY UPDATE ' . $A['Q3'] . ', ' . $A['P3'] . ', ' . $A['M3'];
MYSQL::QUERY($Q, array($user['store'], $PID, $A['Q2'], $A['M2'], $A['P2'], DATE('Y-m-d H:i:s'), $A['Q2'], $A['P2'], $A['M2']));
$CHECK = MYSQL::QUERY('SELECT quantity,minimum,price FROM inventory_stock WHERE store = ? AND item = ? LIMIT 1', array($user['store'], $PID));
echo $CHECK['quantity'] . '|' . $CHECK['price'] . '|' . $CHECK['minimum'];
$TICKET = MYSQL::QUERY("SELECT * FROM core_tickets_status WHERE t_id = ? LIMIT 1", array($TID));
switch ($TICKET['t_status']) {
case 97:
$TBL = 'core_tickets_estimate';
$ST = 1;
break;
case 98:
$TBL = 'core_tickets_repair';
$ST = 2;
break;
case 99:
$TBL = 'core_tickets_checkout';
$ST = 3;
break;
}
$ROWS = MYSQL::QUERY("SHOW COLUMNS FROM {$TBL}");
$QUERY = "INSERT INTO {$TBL} SELECT ";
$I = 0;
foreach ($ROWS as $R) {
if ($I == 0) {
$QUERY .= $R['Field'];
} else {
$QUERY .= "," . $R['Field'];
}
$I++;
}
$QUERY .= " FROM core_tickets_walkout WHERE t_id = ? LIMIT 1";
MYSQL::QUERY($QUERY, array($TID));
MYSQL::QUERY("DELETE FROM core_tickets_walkout WHERE t_id = ? LIMIT 1", array($TID));
MYSQL::QUERY("UPDATE core_tickets_status SET t_status = ? WHERE t_id = ? LIMIT 1", array($ST, $TID));
USER::NOTE($TID, "Ticket Re-Opened", 2);
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0, TRUE);
$load = $_GET['load'];
$Main = MYSQL::QUERY('SELECT m_name FROM device_manufacturers WHERE m_id = ? LIMIT 1', array($load));
$manu = $Main['m_name'];
$Main = MYSQL::QUERY('SELECT m_id, m_name FROM device_models WHERE m_manufacturer_id = ? ORDER BY m_name ASC', array($load));
$i = 0;
$options = "";
foreach ($Main as $b) {
$model = str_replace($manu . ' ', '', $b['m_name']);
$options .= "<option value='" . $b['m_id'] . "'>" . $model . "</option>";
$i++;
}
echo '<option value="">' . $i . ' Model(s) Found...</option>' . $options;
<?php
require "../../frame/engine.php";
ENGINE::START("HASH");
$Hash = new PasswordHash(8, true);
$USER = $_POST['usr'];
$USER_CLEAN = STRTOLOWER($USER);
$PASS = $_POST['pas'];
if (empty($USER) && empty($PASS)) {
die('e1437');
} else {
$R = MYSQL::QUERY("SELECT * FROM core_users WHERE username_clean = ? LIMIT 1", array($USER_CLEAN));
if (empty($R)) {
die('e1435');
} else {
if (!$Hash->CheckPassword($PASS, $R['password'])) {
die('e1436');
} else {
$S = MYSQL::QUERY('SELECT * FROM core_stores WHERE s_id = ? LIMIT 1', array($R['store']));
DATE_DEFAULT_TIMEZONE_SET($S['s_timezone']);
USER::LOG("Logged In", $R['user_id']);
$SES_EXP = TIME() + 43200;
$SES_GEN = FORMAT::SES(50);
$params = array($SES_GEN, $R['user_id'], $SES_EXP, $SES_GEN, $SES_EXP);
MYSQL::QUERY('INSERT INTO core_users_sessions (session_key,session_user,session_experation) VALUES (?,?,?) ON DUPLICATE KEY UPDATE session_key=?,session_experation=?', $params);
setcookie("core_u", $params[1], $SES_EXP, '/');
setcookie("core_k", $params[0], $SES_EXP, '/');
echo 's1434';
}
}
}
<?php
$tabela = 'produtos';
$mysql = new MYSQL($cfg);
$idde = trim($_POST['id']);
if (trim($_POST['edit'])) {
array_pop($_POST);
$sql = $mysql->SqlUpdate($tabela, $_POST, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if (request) {
print "<h4>Registro Atualizado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT * FROM {$tabela} WHERE id = '" . $idde . "'");
$item = mysql_fetch_array($result, MYSQL_ASSOC);
?>
<form action="index.php?p=produtos&a=edit" method="post">
<label for="nome">Nome:<br />
<input name="nome" type="text" value="<?php
echo $item['nome'];
?>
" />
</label><br />
<label for="descricao">Descrição:<br />
<textarea name="descricao"><?php
echo $item['descricao'];
?>
</textarea>
</label><br />
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0, TRUE);
$Fname = FORMAT::TEXT($_GET['Fname']);
$Lname = FORMAT::TEXT($_GET['Lname']);
$Phone = trim($_GET['phone']);
$Sec = trim($_GET['secondarymethod']);
$SecInfo = trim($_GET['secinfo']);
$Zip = trim($_GET['zip']);
$Market = trim($_GET['market']);
$Market_Location = trim($_GET['market_location']);
$Corporate_Account = trim($_GET['corpacc']);
$params = array("{$Fname} {$Lname}", $Zip, $Corporate_Account, $Phone, $Sec, $SecInfo, Date("Y-m-d H:i:s"));
$Main = MYSQL::QUERY('INSERT INTO core_customers (c_name,c_zip,c_acc,c_phone,c_contact_method,c_contact_info,c_join_date) VALUES (?,?,?,?,?,?,?)', $params);
USER::LOG("Customer Added [{$Fname} {$Lname}][{$Phone}]");
TRACKING::ADVERT($Market_Location, $user);
TRACKING::CUSTOMERS($user);
echo '<option value="' . str_pad($Main, 10, "0", STR_PAD_LEFT) . '">' . $Fname . ' ' . $Lname . '</option>';
<?php
require "../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0);
$Main = MYSQL::QUERY('SELECT m_id,m_name FROM device_manufacturers ORDER BY m_name ASC');
$options = "";
foreach ($Main as $b) {
$options .= '<option value="' . $b['m_id'] . '">' . $b['m_name'] . '</option>';
}
?>
<script>
function GetModels(strURL,elemente,tease)
{
$("#" + elemente).attr('disabled', true).trigger("liszt:updated");
$.ajax({
url: strURL,
cache: false
}).done(function( html ) {
$("#" + elemente).attr("disabled", false).html(html).trigger("liszt:updated");
});
}
function RemoveError(Element){
var thisid = $(Element).attr("id");
$("#" + thisid + "_chzn a").removeClass("error");
}
function AddDevice(){
var valid = $("#refurbform").valid();
var selectvalid = $("#refurbform").validate().element("select");
$user = USER::VERIFY(0, TRUE);
$params = array($user['user_id'], 0);
$b = MYSQL::QUERY('SELECT * FROM core_messages WHERE m_to = ? AND m_read = ? ORDER BY m_sent ASC LIMIT 5', $params);
if ($user['bronze_medals'] >= 100 || $user['silver_medals'] >= 100) {
if ($user['bronze_medals'] >= 100) {
$br = $user['bronze_medals'] % 100;
$user['bronze_medals'] = $br;
$user['silver_medals']++;
}
if ($user['silver_medals'] >= 100) {
$sr = $user['silver_medals'] % 100;
$user['silver_medals'] = $sr;
$user['gold_medals']++;
}
MYSQL::QUERY('UPDATE core_users SET gold_medals=?,silver_medals=?,bronze_medals=? WHERE user_id=? LIMIT 1', array($user['gold_medals'], $user['silver_medals'], $user['bronze_medals'], $user['user_id']));
}
if (!empty($b)) {
$message = array("NA" => "message", "messages" => array(), "gold" => $user['gold_medals'], "silver" => $user['silver_medals'], "bronze" => $user['bronze_medals']);
foreach ($b as $m) {
$message['messages'][] = array("from" => $m['m_from'], "message" => $m['m_message'], "avatar" => $m['m_from_avatar'], "time" => date("h:i A M,d", strtotime($m['m_sent'])));
$DL_FROM = array("Price Request", "Price Response", "LeaderBoard Reward", "Achievement Earned", "Purge");
if (IN_ARRAY($m['m_from'], $DL_FROM)) {
MYSQL::QUERY('DELETE FROM core_messages WHERE m_id = ? LIMIT 1', array($m['m_id']));
} else {
MYSQL::QUERY('UPDATE core_messages SET m_read = ? WHERE m_id = ? LIMIT 1', array(1, $m['m_id']));
}
}
echo json_encode($message);
} else {
echo json_encode(array("NA" => "false", "messages" => array(), "gold" => $user['gold_medals'], "silver" => $user['silver_medals'], "bronze" => $user['bronze_medals']));
}
<?php
$tabela = 'produtos';
$mysql = new MYSQL($cfg);
if ($_POST['add']) {
// adicionar registro.
array_pop($_POST);
$sql = $mysql->SqlInsert($tabela, $_POST);
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Realizado com sucesso!!!</h4>";
}
}
if ($_POST['del']) {
// adicionar registro.
$idde = trim($_POST['id']);
$sql = $mysql->SqlDelete($tabela, "id = '{$idde}'");
$request = $mysql->SqlSelect($sql, __FILE__, __LINE__);
if ($request) {
print "<h4>Registro Deletado com sucesso!!!</h4>";
}
}
$result = $mysql->SqlSelect("SELECT id, nome, descricao, preco FROM {$tabela}");
if ($result) {
?>
<div class="col-md-6">
<table class="table table-striped">
<thead>
<tr>
<th>#</th>
<div class="name" style="padding-left:10px;width:235px;">' . $a['s_name'] . '</div>
</div>
</li>
';
}
} else {
echo "Error Pulling Services!";
}
?>
</ul>
</div>
<h3><a href="#" id='AccessAcessories'>Additional</a></h3>
<div id='inventory-accessories' style='overflow: hidden !important;border-top: 1px solid silver !important;'>
<ul>
<?php
$R = MYSQL::QUERY('SELECT * FROM device_accessories ORDER BY a_name ASC');
if (!empty($R)) {
foreach ($R as $a) {
echo '
<li>
<div class="sidebar-2 draggableaccessories" id="ac-' . $a['a_id'] . '" style="height:auto !important;">
<div class="name" style="padding-left:10px;width:235px;">' . $a['a_name'] . '</div>
</div>
</li>
';
}
} else {
echo "Error Pulling Additional Items!";
}
?>
</ul>
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(1);
$CHECKOUT = MYSQL::QUERY("SELECT * FROM core_checkout_sessions WHERE qb_id = ? LIMIT 1", array($_GET['chid']));
$ITEMS = EXPLODE('|', $CHECKOUT['items']);
$LIST = '';
$IT = 1;
foreach ($ITEMS as $I) {
if ($I != '') {
$I = EXPLODE('/', $I);
$LIST .= "<tr><td>" . $I[0] . "</td><td><input type='text' name='item" . $IT . "' value='" . $I[1] . "'></td></tr>";
}
$IT++;
}
echo <<<STR
<form id='mod_checkout'>
\t <input type='text' name='chid' style='display:none' value='{$_GET['chid']}'>
\t <center>
\t *Dont Forget - The 15% off from multiple purchases is only removed in the Payment method Charges*<br/><br/>
\t <table style='width:300px;text-align:center;'>
\t\t <thead>
\t\t\t <th>Item</th><th>Charge</th>
\t\t\t</thead>
\t\t\t<tbody>
\t\t\t {$LIST}
\t\t\t\t<tr><td colspan="2"> </td></tr>
\t\t\t\t<tr><td colspan="2"><b>Payment Methods</b></td></tr>
\t\t\t\t<tr>
\t\t\t\t <td>PM 1</td>
$user = USER::VERIFY(0, TRUE);
$cid = $_GET['cid'];
$note = $_GET['note'];
$date = Date("Y-m-d H:i:s");
$params = array($cid, $note, $user['user_id'], $date);
MYSQL::QUERY('INSERT INTO core_customers_note (c_id, c_note, c_note_by, c_date) VALUES (?, ?, ?, ?)', $params);
$note = MYSQL::QUERY("SELECT * FROM core_customers_note WHERE c_id = ? ORDER BY c_date DESC", array($cid));
echo '<ul>';
$ln = '';
foreach ($note as $n) {
if ($ln == $n['c_note_by']) {
} else {
if ($n['c_note_by'] == 4) {
$noteuser = array('username' => 'System');
} else {
$noteuser = MYSQL::QUERY("SELECT * FROM core_users WHERE user_id = ? LIMIT 1", array($n['c_note_by']));
$ln = $n['c_note_by'];
}
}
if ($n['c_note_by'] == $user['user_id']) {
$ed = "forget";
} else {
$ed = "fogret";
}
switch ($n['c_type']) {
case 0:
$color = 'usernote';
break;
case 1:
$color = 'systemnote';
break;
$sof = 'None';
$w = 0;
}
$content .= "<tr>\n\t\t\t\t\t\t\t\t<td>Ticket #" . $b[1] . "</td>\n\t\t\t\t\t\t\t <td style='width:60px;'><center>{$phy}</center></td>\n\t\t\t\t\t\t\t\t<td style='width:60px;'><center>{$sof}</center></td>\n\t\t\t\t\t\t\t\t<td>\$" . $split[1] . "</td>\n\t\t\t\t\t\t\t</tr>";
$nontaxable = $nontaxable + $split[1];
MYSQL::QUERY("INSERT INTO core_tickets_processed (t_id, t_customer, t_manufacturer, t_model, t_imei, t_password, t_phy, t_liq, t_sof, t_created_by, t_store, t_session, t_created, t_estimate_created, t_estimate_price, t_estimate_items, t_estimate_time, t_repair_created, t_repair_price, t_repair_items, t_repair_time) SELECT * FROM core_tickets_checkout WHERE t_id = ? LIMIT 1", array($b[1]));
MYSQL::QUERY("UPDATE core_tickets_processed SET t_warranty=?, t_checkout_created=?, t_checkout_price=?, t_checkout_time=? WHERE t_id = ? LIMIT 1", array($w, Date("Y-m-d H:i:s"), $split[1], $time, $b[1]));
MYSQL::QUERY("UPDATE core_tickets_status SET t_status = ? WHERE t_id = ? LIMIT 1", array(4, $b[1]));
MYSQL::QUERY("DELETE FROM core_tickets_checkout WHERE t_id = ? LIMIT 1", array($b[1]));
USER::NOTE($b[1], "Processed This Ticket [ " . $split[1] . " ] [ {$time} ]", 2);
} else {
if ($b[0] == "ac") {
$taxable = $taxable + $split[1];
$ITEM = MYSQL::QUERY('SELECT * FROM device_accessories WHERE a_id = ? LIMIT 1', array($b[1]));
$content .= "<tr>\n\t\t\t\t\t\t\t\t<td>" . $ITEM['a_name'] . "</td>\n\t\t\t\t\t\t\t <td style='width:60px;'></td>\n\t\t\t\t\t\t\t\t<td style='width:60px;'></td>\n\t\t\t\t\t\t\t\t<td>\$" . $split[1] . "</td>\n\t\t\t\t\t\t\t</tr>";
} else {
if ($b[0] == "de") {
$taxable = $taxable + $split[1];
$DEVICE = MYSQL::QUERY('SELECT * FROM core_refurb_devices WHERE d_id = ? LIMIT 1', array($b[1]));
$MODEL = MYSQL::QUERY('SELECT m_name FROM device_models WHERE m_id = ? LIMIT 1', array($DEVICE['d_model_id']));
$content .= "<tr>\n\t\t\t\t\t\t\t <td>" . $MODEL['m_name'] . "</td>\n\t\t\t\t\t\t\t\t<td style='width:60px;'>6 Month</td>\n\t\t\t\t\t\t\t\t<td style='width:60px;'>None</td>\n\t\t\t\t\t\t\t\t<td>\$" . $split[1] . "</td>\n\t\t\t\t\t\t\t</tr>";
MYSQL::QUERY("UPDATE core_refurb_devices SET d_sold = ? WHERE d_id = ? LIMIT 1", array($T['c_id'] . "|" . $split[1], $b[1]));
}
}
}
}
$content .= "\n\t\t\t\t\t<tr>\n\t\t\t\t\t <td colspan='3'></td>\n\t\t\t\t\t <td colspan='1'><center><b>Tax:</b> \${$totaltax}</center></td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t <td colspan='3'>{$paymentmethod}</td>\n\t\t\t\t\t <td colspan='1'><center><b>Total:</b> \${$totalcost}</center></td>\n\t\t\t\t\t</tr>\n\t\t </tbody>\n </table>\n\t\t\t<table border='1' cellspacing='0' id='Disclaimer-Table' class='escca' style='border: 1px solid black;width: 98% !important;border-left: 0px;border-bottom:0px none !important;border-top: 0px none;'>\n\t <tbody>\n\t\t <tr style='text-align:center;'>\n\t\t\t <td><b>Warranty Information</b></td>\n\t\t\t </tr>\n\t\t\t <tr>\n\t\t\t <td><br/>\n\t\t\t\t\t\t <b>Physical Warranty</b> - This warranty covers any parts replaced in the repair proccess. If the part we replaced proves to be defective in any way we will replace it at no extra charge.\n\t\t\t\t\t\t\tThis warranty is void if the part sustains any physical or liquid damage or if it is removed from the device. If your phone came in with liquid damage there will be no warranty offered on any\n\t\t\t\t\t\t\tpart that we install. Any aftermarket parts that are brought in by customers are not covered by any warranties.\n\t\t\t\t\t\t\t<br/><br/>\n\t\t\t\t\t\t\t<b>Software Warranty</b> - This warranty guarantees any software service we provide you. If for any reason the phone is updated, modified (ie. jailbreaking, unlocking, rooting) or sustains\n\t\t\t\t\t\t\tphysical or liquid damage the warranty becomes void.\n\t\t\t\t\t\t\t<br/><br/>\n\t\t\t\t\t\t\t<b>Liquid Damage</b> - We <b>do not</b> provide a warranty for any liquid damaged devices that we repair. This include any parts replaced or software services done on any device. Furthermore\n\t\t\t\t\t\t\tany device that we provide a service for that becomes liquid damaged will lose its warranty. No Exceptions.<br/><br/>\n\t\t\t\t </td>\n\t\t\t </tr>\n\t\t </tbody>\n\t </table>\n </center>\t\t\n ";
echo $content;
TRACKING::CHECKOUTS($nontaxable, $taxable, $totaltax, $user, $pm1, $pm1cost, $pm2, $pm2cost);
USER::STAT('checkouts');
USER::MEDAL('bronze', $itemscheckedout);
$script = "var pp = getPrintParams();";
if ($dialog) {
$script .= "pp.interactive = pp.constants.interactionLevel.full;";
} else {
$script .= "pp.interactive = pp.constants.interactionLevel.automatic;";
}
$script .= "pp.printerName = '\\\\\\\\" . $server . "\\\\" . $printer . "';";
$script .= "print(pp);";
$this->IncludeJS($script);
}
}
//*****************CONEXION A SIMA***************
require CONSTANT_PATH_CONFIGURACION . '/baseDatos.php';
$base = new MYSQL();
$basedatos = $base->basedatos();
$conexionManual = new MYSQL();
$conexionManual->conecta();
//**************************************************
$pdf = new PDF_AutoPrint();
$pdf->AddPage();
function saca_iva($can, $por)
{
$cant = $can;
$can = $can / 100 * $por;
$can += $cant;
return $can;
}
//aqui estoy
//$_GET['keyClientesInternos']='22822';
$sSQL311 = "Select * From clientesInternos WHERE keyClientesInternos='" . $_GET['keyClientesInternos'] . "' ";
$result311 = mysql_db_query($basedatos, $sSQL311);
<?php
require "../../../frame/engine.php";
ENGINE::START();
$user = USER::VERIFY(0, TRUE);
$manu = str_replace("@", "&", $_GET['manu']);
$params = array($_GET['m']);
$Main = MYSQL::QUERY('SELECT * FROM device_models WHERE m_manufacturer_id = ? ORDER BY m_name ASC', $params);
?>
<div class="txt_dsb">
<div class="txt_dsb_fix">
<input type="text" id="model_search" onKeyUp="SearchModel(event)" placeholder="Search Model...">
<div id="model_close" onClick="$('#model_search').val('');$('#model_close').removeClass('opened').addClass('closed');" class="close closed"></div>
</div>
</div>
<div class="side-divider"></div>
<script>$("#model-list").listnav({showCounts: false});</script><center><div id="model-list-nav"></div></center><ul id="model-list">
<?php
if (!empty($Main)) {
foreach ($Main as $a) {
$newname = str_replace($manu . " ", "", $a['m_name']);
if (strlen($newname) > 25) {
$newname_modded = substr($newname, 0, 25);
$newname_modded = "{$newname_modded}...";
} else {
$newname_modded = $newname;
}
$l = "'";
if ($a['m_link'] == "") {
$databutton = '';
} else {
function RegReservedName(&$smarty)
{
$mysql = new MYSQL($smarty);
$request = $mysql->SqlSelect("SELECT * FROM {$smarty->cfg[prefix]}reserved_names", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
$reserve = array();
while ($row = mysql_fetch_array($request)) {
if ($row['setting'] == 'word') {
$reserve[] = trim($row['value']);
} else {
${$row['setting']} = trim($row['value']);
}
}
$namecheck = $matchcase == '1' ? $this->form['member_name'] : strtolower($this->form['member_name']);
foreach ($reserve as $reserved) {
$reservecheck = $matchcase == '1' ? $reserved : strtolower($reserved);
if ($matchuser == '1') {
if ($matchword == '1') {
if ($namecheck == $reservecheck) {
return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved));
}
} else {
if (strstr($namecheck, $reservecheck)) {
return $smarty->getFinishError('registro_erro_05', array("", " - " . $reserved));
}
}
}
}
}
}
public static function ACCEPTS($USER, $PM = '+')
{
$D = Date("Y-m-d");
MYSQL::QUERY("INSERT INTO core_stores_daily_accepts (s_id, d_key, d_date) VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE d_key = d_key + 1;", array($USER['store'], 1, $D));
}