public function Login() { if (isset($_REQUEST['LoginId'])) { $user = $this->loadModel('OpenSms_Model_User', [0 => $_REQUEST['LoginId'], 1 => $_REQUEST['Password']]); if ($user->IsValidated) { $_SESSION['loginId'] = $user->LoginId; $_SESSION['role'] = $user->Role; if (isset($_REQUEST['callback'])) { echo $this->jsonp(array('error' => FALSE, 'message' => 'success', 'balance' => $user->Balance, 'role' => $user->Role)); exit; } OpenSms::redirectToAction('index', 'dashboard', 'dashboard'); } else { $errorMsg = 'Invalid Credential'; if (isset($_REQUEST['callback'])) { echo jsonp(array('error' => TRUE, 'message' => $errorMsg, 'balance' => 0)); exit; } //OpenSms::redirectToAction('index', 'dashboard', 'dashboard'); } } else { if (isset($_REQUEST['callback'])) { echo $this->jsonp(array('error' => TRUE, 'message' => 'Invalid request param', 'balance' => 0)); exit; } //die('Invalid request param'); } $this->data['pageTitle'] = 'Login | ' . OpenSms::getSystemSetting(OpenSms::SITE_NAME); $this->renderTemplate(); }
/** * jsonp 演示 * * @return \Slim\Http\Response */ public function jsonpDemo() { $rules = ['callback' => 'required']; validate($this->request->get(), $rules); $return = ['username' => 'Carlos', 'age' => 24, 'location' => 'Beijing, China', 'chinese_name' => '安正超', 'github' => 'https://github.com/overtrue']; $callback = $this->request->get('callback'); return jsonp($return, $callback); //callbak是可选的,如果不传,默认从GET取callback }
function UA($act, $cid) { global $iCMS; $cookietime = $iCMS->config['diggtime']; $ajax = intval($_GET['ajax']); $cTime = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false; if ($cTime) { set_cookie($cid . '_' . $act, time(), $cookietime); if ($cid && iCMS_DB::query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) { $ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->config['publicURL'] . "/comment.php?indexId=" . $id); } } else { $ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged')); } }
function UA($act, $cid) { global $iCMS, $_iGLOBAL; $cookietime = $_iGLOBAL['cookie']['time']; $ajax = intval($_GET['ajax']); $ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false; if ($ct) { set_cookie($cid . '_' . $act, time(), $cookietime); if ($cid && $iCMS->db->query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) { $ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->dir . "comment.php?aid=" . $id); } } else { $ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged')); } }
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("no transaction specified."); } if (!txn_apply_discounts($db, $id)) { die_jsonp("Unable to apply discounts."); } $txn = txn_load_full($db, $id); echo jsonp($txn);
<?php require '../scat.php'; $verbose = (int) $_REQUEST['verbose']; $q = "SELECT id, name FROM brand WHERE name != '' ORDER BY name"; $r = $db->query($q) or die_query($db, $q); $brands = array(); while ($row = $r->fetch_row()) { if ($verbose) { $brands[] = array('id' => $row[0], 'name' => $row[1]); } else { $brands[$row[0]] = $row[1]; } } if ($_REQUEST['id']) { $brands['selected'] = $_REQUEST['id']; } echo jsonp($brands);
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; if (!$txn_id) { die_jsonp("no transaction specified."); } $txn = txn_load($db, $txn_id); if ($txn['paid']) { die_jsonp("This order is already paid!"); } $tax_rate = (double) $_REQUEST['tax_rate']; if (!strcmp($_REQUEST['tax_rate'], 'def')) { $tax_rate = DEFAULT_TAX_RATE; } $q = "UPDATE txn SET tax_rate = {$tax_rate} WHERE id = {$txn_id}"; $r = $db->query($q) or die_jsonp($db->error); $txn = txn_load($db, $txn_id); echo jsonp(array("success" => "Updated tax rate.", "txn" => $txn));
$span = $_REQUEST['span']; switch ($span) { case 'all': $format = 'All'; break; case 'month': $format = '%Y-%m'; break; case 'week': $format = '%X-W%v'; break; case 'hour': $format = '%w (%a) %H:00'; break; case 'day': default: $format = '%Y-%m-%d %a'; break; } $q = "SELECT DATE_FORMAT(filled, '{$format}') AS span,\n SUM(taxed + untaxed) AS total,\n SUM(IF(tax_rate, 0, taxed + untaxed)) AS resale,\n SUM(ROUND_TO_EVEN(taxed * (tax_rate / 100), 2)) AS tax,\n SUM(ROUND_TO_EVEN(taxed * (1 + (tax_rate / 100)), 2) + untaxed)\n AS total_taxed\n FROM (SELECT \n filled,\n CAST(ROUND_TO_EVEN(\n SUM(IF(txn_line.taxfree, 1, 0) *\n IF(type = 'customer', -1, 1) * ordered *\n CASE txn_line.discount_type\n WHEN 'percentage' THEN txn_line.retail_price * ((100 - txn_line.discount) / 100)\n WHEN 'relative' THEN (txn_line.retail_price - txn_line.discount) \n WHEN 'fixed' THEN (txn_line.discount)\n ELSE txn_line.retail_price\n END),\n 2) AS DECIMAL(9,2))\n AS untaxed,\n CAST(ROUND_TO_EVEN(\n SUM(IF(txn_line.taxfree, 0, 1) *\n IF(type = 'customer', -1, 1) * ordered *\n CASE txn_line.discount_type\n WHEN 'percentage' THEN txn_line.retail_price * ((100 - txn_line.discount) / 100)\n WHEN 'relative' THEN (txn_line.retail_price - txn_line.discount) \n WHEN 'fixed' THEN (txn_line.discount)\n ELSE txn_line.retail_price\n END),\n 2) AS DECIMAL(9,2))\n AS taxed,\n tax_rate\n FROM txn\n LEFT JOIN txn_line ON (txn.id = txn_line.txn)\n JOIN item ON (txn_line.item = item.id)\n WHERE filled IS NOT NULL\n AND filled BETWEEN {$begin} AND {$end}\n AND type = 'customer'\n AND code NOT LIKE 'ZZ-gift%'\n AND ({$items})\n GROUP BY txn.id\n ) t\n GROUP BY 1 DESC"; $r = $db->query($q) or die_query($db, $q); $sales = array(); while ($row = $r->fetch_assoc()) { $row['total'] = (double) $row['total']; $row['resale'] = (double) $row['resale']; $row['tax'] = (double) $row['tax']; $row['total_taxed'] = (double) $row['total_taxed']; $sales[] = $row; } echo jsonp(array("days" => $days, "sales" => $sales));
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; $id = (int) $_REQUEST['id']; $admin = (int) $_REQUEST['admin']; if (!$txn_id || !$id) { die_jsonp("No transaction or payment specified."); } $txn = new Transaction($db, $txn_id); try { $txn->removePayment($id, $admin); } catch (Exception $e) { die_jsonp($e->getMessage()); } echo jsonp(array('txn' => txn_load($db, $txn_id), 'payments' => txn_load_payments($db, $txn_id)));
include '../scat.php'; include '../lib/txn.php'; include '../lib/pole.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("no transaction specified."); } $txn = txn_load($db, $id); if ($txn['paid']) { die_jsonp("This order is already paid!"); } $line = (int) $_REQUEST['line']; if ($line) { $q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id} AND id = {$line}"; $r = $db->query($q) or die_jsonp($db->error); $lines = $db->affected_rows; } else { $q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id}"; $r = $db->query($q) or die_jsonp($db->error); $lines = $db->affected_rows; if ($lines || !$txn['filled']) { $q = "UPDATE txn SET filled = NOW() WHERE id = {$id}"; $r = $db->query($q) or die_jsonp($db->error); } } $txn = txn_load($db, $id); if ($txn['total']) { pole_display_price('Total Due', $txn['total']); } echo jsonp(array("success" => "Allocated all lines.", "txn" => $txn, "lines" => $lines, "items" => txn_load_items($db, $id)));
<?php include "app/db.php"; include "app/jsonp.php"; $action = $_GET['action']; switch ($action) { case "increment": $incremented_count = $_GET['count'] + 1; set_page_count($_GET['url'], $incremented_count); jsonp("handleResponse", array('count' => $incremented_count, 'url' => $_GET['url'])); break; }
public static function checkLogin($role = '') { if (isset($_SESSION['loginId'])) { $user = self::loadModel('OpenSms_Model_User', array(0 => $_SESSION['loginId'])); } elseif (isset($_REQUEST['callback'])) { $user = self::loadModel('OpenSms_Model_User', array(0 => $_REQUEST['LoginId'], 1 => $_REQUEST['Password'])); if (!$user->IsValidated) { echo jsonp(array('error' => TRUE, 'message' => 'Invalid Credential')); exit; } } else { $token = self::loadModel('OpenSms_Model_Login'); if ($token->Validated()) { $user = self::loadModel('OpenSms_Model_User', array(0 => $token->LoginId)); } } if (isset($user)) { $_SESSION['loginId'] = $user->LoginId; $_SESSION['role'] = $user->Role; } else { self::setError('Please login to continue', 'checkLogin_OpenSms'); OpenSms::redirectToAction('login', 'account', 'account'); } if (!empty($role)) { if ($user->Role != $role) { self::setError('Access denied. You must be an admin to perform that operation', 'checkLogin_OpenSms'); OpenSms::redirectToAction('login', 'account', 'admin'); } } return $user; }
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("No transaction specified."); } $txn = new Transaction($db, $id); if (!$txn) { die_jsonp("No such transaction.."); } if ($txn->hasPayments()) { die_jsonp("Can't delete transaction with payments."); } if ($txn->hasItems()) { die_jsonp("Can't delete transaction with items."); } $q = "DELETE FROM txn WHERE id = {$id}"; $r = $db->query($q) or die_query($db, $q); echo jsonp(array('message' => 'Transaction deleted.'));
*/ } else { $dbg_base64 = @$_GET['debug']; if ($dbg_base64) { $cmdbox = []; $cmdbox['name'] = 'debug message'; $cmdbox['title'] = 'debug message'; $cmdbox['text'] = rawurldecode($dbg_base64); $cmdbox['sticky'] = 'false'; $cmdbox['before_open'] = 'false'; $cmdbox['msgmod'] = 'realtime'; $cmdbox['msgform'] = 'popup'; $cmdbox['time'] = 30000; $cmdbox['position'] = 'top-left'; $device_list = ['6a4ba641a4d241a888f84becf05703a2']; $ok_res = []; $error_res = []; $cmdbox_send = rawurlencode(json_encode($cmdbox)); foreach ($device_list as $device) { if (send_message($device, $cmdbox_send)) { $ok_res[] = $device; } else { $error_res[] = $device; } } die(jsonp(['ok' => $ok_res, 'error' => $error_res])); } else { echo print_r($_POST, true); echo print_r($_GET, true); } }
<?php $ip = "50.22.62.66"; $ip = "1.192.94.203"; $ip = "80.101.29.83"; $ip = "119.81.2.166"; include "geoip.inc.php"; $gi = geoip_open("GeoIP.dat", GEOIP_STANDARD); $country_code = geoip_country_code_by_addr($gi, $ip); $country_name = geoip_country_name_by_addr($gi, $ip); geoip_close($gi); $jsonEcho = array(); $jsonEcho["error"] = 0; $jsonEcho["country_code"] = $country_code; $jsonEcho["country_name"] = $country_name; function jsonp($object, $callback = 'callback') { if (!empty($_GET[$callback])) { header('Content-Type: application/x-javascript'); } else { header('Content-Type: application/json'); } return $_GET[$callback] . '(' . json_encode($object) . ')'; } echo jsonp($jsonEcho);
<?php include '../scat.php'; include '../lib/txn.php'; include '../lib/eps-express.php'; $id = (int) $_REQUEST['id']; $amount = $_REQUEST['amount']; $partial = (int) $_REQUEST['partial']; if (!$id || !$amount) { die_jsonp("Either transaction or amount was not specified."); } $txn = new Transaction($db, $id); if (!$txn->canPay('credit', $amount)) { die_jsonp("Amount is too much."); } $ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-paid.php'; $eps = new EPS_Express(); $response = $eps->CreditCardSaleHosted($id, $amount, $partial, $ReturnURL); $xml = new SimpleXMLElement($response); $payment = $db->escape($xml->Response->Transaction->TransactionSetupID); $valid = $db->escape($xml->Response->TransactionSetup->ValidationCode); $q = "INSERT INTO hostedpayment_txn\n SET txn = {$id},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()"; $db->query($q) or die_query($db, $q); $url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $xml->Response->Transaction->TransactionSetupID; $dom = dom_import_simplexml($xml); $dom->ownerDocument->preserveWhiteSpace = false; $dom->ownerDocument->formatOutput = true; echo jsonp(array('url' => $url, 'xml' => $dom->ownerDocument->saveXML()));
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; if (!$txn_id) { die_jsonp("No transaction specified."); } $txn = txn_load($db, $txn_id); $person = (int) $_REQUEST['person']; if (!$person) { die_jsonp("No person specified."); } $q = "SELECT id FROM person WHERE id = {$person}"; $r = $db->query($q) or die_query($db, $q); if (!$r->num_rows) { die_jsonp("No such person."); } $q = "UPDATE txn SET person = {$person} WHERE id = {$txn_id}"; $r = $db->query($q) or die_query($db, $q); $txn = txn_load($db, $txn_id); $person = person_load($db, $person); echo jsonp(array("success" => "Updated person.", "txn" => $txn, "person" => $person));
function update($key, $id, $eventTime, $json) { global $ds; if (!$key) { echo jsonp(json_encode(array("success" => false, "msg" => "User Key is missing"))); return; } if (!$id) { echo jsonp(json_encode(array("success" => false, "msg" => "id is missing"))); return; } $ds->update($key, $id, $eventTime, $json); echo jsonp(json_encode(array("success" => true))); }
$q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n FIELDS TERMINATED BY ','\n OPTIONALLY ENCLOSED BY '\"'\n IGNORE 1 LINES\n (item_no, @cust_sku, name, @vendor_name,\n retail_price, net_price, @net_discount,\n promo_price, @promo_discount,\n barcode, purchase_quantity)\n SET sku = item_no"; $r = $db->query($q) or die_query($db, $q); } elseif (preg_match('/^ma-sku/i', $_FILES['src']['name'])) { $q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n net_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n barcode VARCHAR(32),\n purchase_quantity INT,\n category VARCHAR(64))"; $db->query($q) or die_query($db, $q); $q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n FIELDS TERMINATED BY ','\n IGNORE 1 LINES\n (item_no, name, @retail_price, @l1net, net_price,\n @upp, @ppc, @weight, barcode, @wt_each,\n @length, @width, @height, purchase_quantity)\n SET retail_price = SUBSTRING(@retail_price, 2)"; $r = $db->query($q) or die_query($db, $q); } else { $q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n net_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n barcode VARCHAR(32),\n purchase_quantity INT,\n category VARCHAR(64))"; $db->query($q) or die_query($db, $q); if (preg_match('/\\t/', $line)) { $format = "FIELDS TERMINATED BY '\t'"; } else { $format = "FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'"; } $q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n {$format}\n IGNORE 1 LINES\n (item_no, sku, name, @vendor_name,\n @retail_price, @net_price, @reg_discount,\n @promo_price, @promo_discount,\n barcode, @upc2, @upc2_qty, @upc3, @upc3_qty,\n purchase_quantity, @level1, @level2, @level3, @level4, @level5)\n SET\n retail_price = REPLACE(@retail_price, '\$', ''),\n net_price = REPLACE(@net_price, '\$', ''),\n promo_price = REPLACE(@promo_price, '\$', '')"; $r = $db->query($q) or die_query($db, $q); } $q = "DELETE FROM vendor_item WHERE vendor = {$vendor_id}"; $r = $db->query($q) or die_query($db, $q); $q = "INSERT INTO vendor_item\n (vendor, item, code, vendor_sku, name,\n retail_price, net_price, promo_price,\n barcode, purchase_quantity, category)\n SELECT\n {$vendor_id} AS vendor,\n 0 AS item,\n item_no AS code,\n sku AS vendor_sku,\n name,\n retail_price,\n net_price,\n promo_price,\n REPLACE(REPLACE(barcode, 'E-', ''), 'U-', '') AS barcode,\n purchase_quantity,\n category\n FROM macitem"; $r = $db->query($q) or die_query($db, $q); $added = $db->affected_rows; // Find by code/item_no $q = "UPDATE vendor_item\n SET item = IFNULL((SELECT id FROM item\n WHERE vendor_item.code = item.code),\n 0)\n WHERE vendor = {$vendor_id} AND item = 0"; $r = $db->query($q) or die_query($db, $q); // Find by barcode $q = "UPDATE vendor_item\n SET item = (SELECT item FROM barcode\n WHERE barcode.code = barcode\n LIMIT 1)\n WHERE vendor = {$vendor_id} AND item = 0"; $r = $db->query($q) or die_query($db, $q); echo jsonp(array("result" => "Added " . $added . " items."));
include '../lib/txn.php'; $type = $_REQUEST['type']; if (!in_array($type, array('correction', 'vendor', 'customer', 'drawer'))) { die_json("Requested type not understood."); } $type = $db->escape($type); $q = "START TRANSACTION;"; $r = $db->query($q); if (!$r) { die_query($db, $q); } $q = "SELECT 1 + MAX(number) AS number FROM txn WHERE type = '{$type}'"; $number = $db->get_one($q); $tax_rate = $type == 'customer' ? DEFAULT_TAX_RATE : 0; $person = (int) $_REQUEST['person']; if (!$person) { $person = 'NULL'; } $q = "INSERT INTO txn\n SET created= NOW(),\n type = '{$type}',\n number = {$number},\n person = {$person},\n tax_rate = {$tax_rate}"; $r = $db->query($q); if (!$r) { die_query($db, $q); } $txn_id = $db->insert_id; $r = $db->commit(); if (!$r) { die_query($db, "COMMIT"); } $txn = txn_load($db, $txn_id); echo jsonp(array('txn' => $txn));
public function getContacts($groupId, $offset, $limit) { $requestIsAutheticated = $this->requestIsAutheticated(); $this->loadModel('user'); $this->loadModel('_Group'); $this->loadModel('Contacts'); $user = new User($_REQUEST['loginId'], $_REQUEST['password']); if (!$user->IsValidated) { echo jsonp(array('error' => TRUE, 'message' => 'Invalid credential', 'count' => 0)); exit; } $group = new _Group($groupId); if ($group->GroupExits == TRUE) { echo jsonp(array('error' => TRUE, 'message' => 'Group Not Found', 'messages' => $bulkSMSs, 'contact' => $contacts, 'count' => $group->GetContactCount())); exit; } if ($limit == 0) { $contacts = $group->GetContacts(); } else { $contacts = $group->GetContacts($offset, $limit); } echo jsonp(array('error' => FALSE, 'message' => 'Succes', 'messages' => $bulkSMSs, 'contact' => $contacts, 'count' => $group->GetContactCount())); exit; }
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['id']; $type = $_REQUEST['type']; $number = (int) $_REQUEST['number']; if (!$id && $type) { $q = "SELECT id FROM txn\n WHERE type = '" . $db->real_escape_string($type) . "'\n AND number = {$number}"; $r = $db->query($q); if (!$r->num_rows) { die_jsonp("No such transaction."); } $row = $r->fetch_row(); $id = $row[0]; } if (!$id) { die_jsonp("No transaction specified."); } echo jsonp(txn_load_full($db, $id));
function handle_list_command($list_name, $cmd_name) { switch ($cmd_name) { case 'list': $res = mmc_array_values($list_name); if (count($res) === 0) { update_sched_tasks($list_name); $res = mmc_array_values($list_name); } return jsonp($res); case 'create': case 'update': $key_name = @$_POST['name']; if ($key_name) { return result_ok(mmc_array_set($list_name, md5($key_name), $_POST)); } else { return '{"res": false}'; } case 'delete': mmc_array_del($list_name, md5($_POST['name'])); if (mmc_array_length($list_name) === 0) { del_cached_file($list_name); } return result_ok(true); case 'flush': sched_changed(); return '{"res": false}'; case 'names': return jsonp(mmc_array_keys($list_name)); case 'tags': $items = mmc_array_values($list_name); $output_tags = []; foreach ($items as $item) { $tags = @$item['tags']; if ($tags) { $tag_list = explode(' ', $tags); foreach ($tag_list as $tag) { $output_tags[] = $tag; } } } return jsonp($output_tags); default: die('{"res": false}'); } }
function return_bind($result) { if (is_debug_client()) { $result['trace'] = omp_trace(null); } return jsonp($result); }
include '../lib/eps-express.php'; $id = (int) $_REQUEST['id']; $amount = $_REQUEST['amount']; if (!$id || !$amount) { die_jsonp("Either transaction or amount was not specified."); } $person_id = (int) $_REQUEST['person']; $person = $person_id ? person_load($db, $person_id) : false; $account = $person['payment_account_id']; if (!$person_id || !$person || !$account) { die_jsonp("No person specified or no card stored for person."); } $eps = new EPS_Express(); $response = $eps->CreditCardSalePaymentAccount($id, $amount, $account); $xml = new SimpleXMLElement($response); if ($xml->Response->ExpressResponseCode != 0) { die_jsonp((string) $xml->Response->ExpressResponseMessage); } $method = 'credit'; $cc = array(); $cc['cc_txn'] = $xml->Response->Transaction->TransactionID; $cc['cc_approval'] = $xml->Response->Transaction->ApprovalNumber; $cc['cc_type'] = $xml->Response->Card->CardLogo; $txn = new Transaction($db, $id); try { $payment = $txn->addPayment($method, $amount, $cc); } catch (Exception $e) { die_jsonp($e->getMessage()); } echo jsonp(array('payment' => $payment, 'txn' => txn_load($db, $id), 'payments' => txn_load_payments($db, $id)));
<?php include '../scat.php'; $criteria = array(); $term = $_REQUEST['term']; $terms = preg_split('/\\s+/', $term); foreach ($terms as $term) { $term = $db->real_escape_string($term); $criteria[] = "(person.name LIKE '%{$term}%'\n OR person.company LIKE '%{$term}%')"; } if (!$_REQUEST['all']) { $criteria[] = 'active'; } if (empty($criteria)) { $criteria = '1=1'; } else { $criteria = join(' AND ', $criteria); } $q = "SELECT id,\n CONCAT(IFNULL(name, ''),\n IF(name != '' AND company != '', ' / ', ''),\n IFNULL(company, ''))\n AS value \n FROM person\n WHERE {$criteria}\n ORDER BY value"; $r = $db->query($q) or die_query($db, $q); $list = array(); while ($row = $r->fetch_assoc()) { /* force numeric values to numeric type */ $list[] = $row; } echo jsonp($list);
<?php include '../scat.php'; include '../lib/eps-express.php'; $person = (int) $_REQUEST['person']; $payment_account_id = $_REQUEST['payment_account_id']; if (!$person) { die_jsonp("Person was not specified."); } $ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-attach-finish.php'; $eps = new EPS_Express(); if ($payment_account_id) { $response = $eps->PaymentAccountUpdateHosted($person, $payment_account_id, $ReturnURL); } else { $response = $eps->PaymentAccountCreateHosted($person, $ReturnURL); } $payment = $db->escape($response->Transaction->TransactionSetupID); $valid = $db->escape($response->TransactionSetup->ValidationCode); $q = "INSERT INTO hostedpayment_txn\n SET txn = {$person},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()"; $db->query($q) or die_query($db, $q); $url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $response->Transaction->TransactionSetupID; echo jsonp(array('url' => $url, 'response' => $response));
$discount_manual = 0; } else { die_jsonp("Did not understand price."); } $q = "UPDATE txn_line, item\n SET txn_line.retail_price = {$price},\n txn_line.discount_type = {$discount_type},\n txn_line.discount = {$discount},\n txn_line.discount_manual = {$discount_manual}\n WHERE txn = {$txn_id} AND txn_line.id = {$id} AND txn_line.item = item.id"; $r = $db->query($q) or die_query($db, $q); } if (!empty($_REQUEST['quantity'])) { /* special case: #/# lets us split line with two quantities */ if (preg_match('!^(\\d+)/(\\d+)$!', $_REQUEST['quantity'], $m)) { $quantity = (int) $m[2] * ($txn['type'] == 'customer' ? -1 : 1); $q = "INSERT INTO txn_line (txn, item, ordered, override_name,\n retail_price, discount_type, discount,\n discount_manual, taxfree)\n SELECT txn, item, {$quantity}, override_name,\n retail_price, discount_type, discount, discount_manual, taxfree\n FROM txn_line WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); $quantity = (int) $m[1]; } else { $quantity = (int) $_REQUEST['quantity']; } $q = "UPDATE txn_line\n SET ordered = -1 * {$quantity}\n WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); } if (isset($_REQUEST['name'])) { $name = $db->real_escape_string($_REQUEST['name']); $q = "UPDATE txn_line\n SET override_name = IF('{$name}' = '', NULL, '{$name}')\n WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); } txn_apply_discounts($db, $txn_id) or die_jsonp("Failed to apply discounts."); $db->commit() or die_query($db, "COMMIT"); $items = txn_load_items($db, $txn_id); $txn = txn_load($db, $txn_id); echo jsonp(array('txn' => $txn, 'items' => $items));
<?php include '../scat.php'; include '../lib/item.php'; $id = (int) $_REQUEST['id']; $code = $_REQUEST['code']; if (!$id && $code) { $code = $db->escape($code); $q = "SELECT id FROM item WHERE code = '{$code}'"; $id = $db->get_one($q); } if (!$id) { die_jsonp("No item specified."); } $item = item_load($db, $id); echo jsonp(array('item' => $item));
<?php include '../scat.php'; include '../lib/person.php'; $person_id = (int) $_REQUEST['person']; $person = person_load($db, $person_id); if (!$person) { die_jsonp('No such person.'); } echo jsonp(array('person' => $person));