<?php
require_once "../../config/init.php";
require_once "auth.php";
#ini_set('display_errors', 1);
#ini_set('log_errors', 1);
#ini_set('error_log', dirname(__FILE__) . '/error_log.txt');
#error_reporting(E_ALL);
$smarty->assign('d_tourstatus', getTourStatus());
loadclass("Partners");
if (!empty($_POST) && !empty($_POST[completeTour]) && is_numeric($_POST['tourID'])) {
$tour = new Tours((int) $_POST['tourID']);
if (strtotime($tour->tourEndDate) < time()) {
$que = sprintf("update TourUsers set tourUserType='completed' where tourUserType='apply' and tourID='%d'", $tour->getID());
$DBCLASS->query($que);
$que = "update User set userType='guard' where userCompletedTours>=5 and userType='regular'";
$DBCLASS->query($que);
}
}
if (!empty($_POST) && !empty($_POST[formSubmit])) {
$_POST['_classname'] = 'Users';
$tour = new Tours((int) $_POST['tourID']);
$tour->loadLinkedFromDB();
$user = new Users((int) $_POST['applyUserID']);
$user->loadLinkedFromDB();
/*
$tour->userID=$user->getID();
$tour->tourUserType=$_POST['tourUserType'];
$tour->tourUserComments=$_POST['tourUserComments'];
*/
$oldStatus = $user->Tours[$tour->getID()]->tourUserType;
public static function Start()
{
if (isset($_SERVER["REDIRECT_URL"])) {
$srv = $_SERVER["REDIRECT_URL"];
} elseif (isset($_SERVER['REQUEST_URI'])) {
if ($srv = strstr($_SERVER['REQUEST_URI'], "?", true)) {
$srv = strstr($_SERVER['REQUEST_URI'], "?", true);
} else {
$srv = $_SERVER['REQUEST_URI'];
}
} elseif ($GLOBALS['disable_user_routing'] != true and isset($_GET['driver'])) {
$srv = "/" . $_GET['driver'] . "/" . @$_GET['action'];
} else {
$srv = "/";
}
$urlArray = explode("/", $srv);
if (!empty($urlArray[1])) {
$dDriver = $urlArray[1];
} else {
$dDriver = "index";
}
if (!empty($urlArray[2])) {
$dAction = $urlArray[2];
} else {
$dAction = "index";
}
$GLOBALS['driver'] = $dDriver;
$GLOBALS['action'] = $dAction;
if (!empty($urlArray)) {
$GLOBALS['link'] = $urlArray;
} else {
$GLOBALS['link'] = array(false, $dDriver, $dAction);
}
@(include_once ENGINE_ROOT . "/drivers/" . $dDriver . ".php");
$controllerClassName = $dDriver . "Driver";
#$dAction = ucfirst($dAction);
$actionMethod = "action" . $dAction;
if (call_user_func("onRouted", $dDriver, $dAction, $urlArray) === false) {
return false;
}
if (!class_exists($controllerClassName)) {
loadclass($controllerClassName);
}
if (!class_exists($controllerClassName)) {
header('HTTP/1.1 404 Not Found');
if (MODE == 'dev') {
die("<center style='margin-top:20%;'><h1>Error:</h1> Class: <b>" . $controllerClassName . "</b> not found! Please check your URI <sup>mode: <b>" . MODE . "</b></sup></center>");
} elseif (MODE == 'production') {
die("<center style='margin-top:20%;'><h1>404</h1>Page not found</center>");
}
}
$controllerClass = new $controllerClassName();
if (!method_exists($controllerClass, $actionMethod) and !method_exists($controllerClass, "__call")) {
header('HTTP/1.1 404 Not Found');
if (MODE == 'dev') {
die("<center style='margin-top:20%;'> <h1>Error:</h1> Class: <b>" . $controllerClassName . "</b> exists, but method <b>" . $actionMethod . "</b> does not exist! Please check your URI <sup>mode: <b>" . MODE . "</b></sup></center>");
} else {
die("<center style='margin-top:20%;'><h1>404</h1>Page not found</center>");
}
}
$controllerClass->{$actionMethod}();
return true;
}
public function load($file, $args = null)
{
$node = explode('/', $file);
$name = end($node);
$n = count($node) - 1;
unset($node[$n]);
$path = implode('/', $node);
return loadclass($name, $path, $args);
}
$wwwSubDir = substr($_SERVER['REQUEST_URI'], -1) == '/' ? $_SERVER['REQUEST_URI'] : dirname($_SERVER['REQUEST_URI']);
$smarty->setTemplateDir(array(realpath($_CONF['root_dir'] . $_CONF['template_dir'] . $wwwSubDir . '/'), realpath($_CONF['root_dir'] . $_CONF['template_dir'] . $subDir . '/'), realpath($_CONF['root_dir'] . $_CONF['template_dir'] . '/')));
$smarty->setCompileDir('/tmp/velotur/legacy/templates_c' . $subDir);
$smarty->compile_check = true;
$smarty->debugging = false;
$smarty->assign('_CONF', $_CONF);
$DBCLASS = new DbMysqlLayer();
if ($_CONF[system_maintene] && strpos($_SERVER[REQUEST_URI], '/admin/') === false) {
$smarty->display($_CONF[root_dir] . "public_html/templates/maintene.html");
exit;
}
loadclass('Trips');
loadclass('Tours');
loadclass('Guides');
loadclass('Users');
loadclass('Partners');
session_start();
header("Cache-control: private");
if (!empty($_POST['formLoginSubmit'])) {
$_SESSION['user'] = NULL;
}
if (isset($_POST['logout'])) {
$_SESSION['user'] = NULL;
}
$user = $_SESSION['user'];
if (is_object($user) && $user->getID()) {
$user = new Users($user->getID());
$_SESSION['user'] = $user;
$smarty->assign('User', $user->getValues());
}
require_once './vendor/phpbee/phpbee/libs/config.lib.php';
<?php
require_once __DIR__ . "/../config/init.php";
$classname = $_POST[_classname];
$action = $_POST[_action];
$backurl = $_POST[_backurl];
loadclass($classname);
$obj = new $classname($_POST[_id]);
switch ($action) {
case 'actionsUpdate':
$obj->loadFromHTML();
$obj->updateDB();
if ($obj->getClass() == 'Users') {
$user = new Users($obj->getID());
$_SESSION['user'] = $user;
}
break;
case 'actionsDelete':
$obj->deleteFromDB();
break;
case 'actionsAdd':
$obj->loadFromHTML();
$obj->insertIntoDB();
$obj->loadFromDB($obj->getID());
if ($obj->getClass() == 'Users' && !($obj->userReferalID > 0)) {
$user = new Users($obj->getID());
$_SESSION['user'] = $user;
}
break;
}
if (strpos('?', $backurl) === null) {
function Emails($transaction = false, $dump = false)
{
if ($transaction) {
global $_CONF;
loadclass('Transactions');
loadclass('Sites');
loadclass('Merchants');
loadclass('MerchantAccounts');
loadclass('Customers');
loadclass('EmailSettings');
$customer = new Customers($transaction->transactionCustomerID);
$merchant = new Merchants($transaction->transactionMerchantID);
//if(!($_CONF[mail_enabled]!='FALSE' && $merchant->merchantEmailSending==1)) return false;
$merchantaccount = new MerchantAccounts($merchant->merchantMerchantAccountID);
$site = new Sites($transaction->transactionSiteID);
$order = unserialize($customer->customerOrderObject);
$emailSettings = new EmailSettings($merchant->merchantEmailSettingID);
$smarty = new Smarty();
$smarty->assign($transaction->getValues());
$smarty->assign($customer->getValues());
$smarty->assign($merchant->getValues());
$smarty->assign($merchantaccount->getValues());
$smarty->assign($emailSettings->getValues());
$smarty->assign($site->getValues());
$smarty->assign($order);
$smarty->assign('Order', $order);
if (!empty($emailSettings->emailFromEmail)) {
$from = "{$emailSettings->emailCompanyName} <{$emailSettings->emailFromEmail}>";
}
$recipients[] = $customer->customerEmail;
if ($site->siteEmailSendCustomerService) {
$recipients[] = $site->siteCustomerSupportEmail;
}
if ($site->siteEmailSendAdditionalRecipients) {
$recipients[] = $site->siteEmailAdditionalRecipients;
}
$smarty->assign('mheaders', $emailSettings->emailHeaders);
$emails_dir = $_CONF[root_dir] . $_CONF[emails_dir];
if (is_dir($emails_dir . "/merchant_emails/" . $merchant->getID())) {
$emails_dir = $emails_dir . "/merchant_emails/" . $merchant->getID() . "/";
}
switch ($transaction->transactionType) {
case 'rebill':
if ($transaction->transactionStatus == 'approved' || $transaction->transactionStatus == 'test' && $transaction->transactionReturnNumber == 'AUTH_TESTCARD_APP') {
$subject = $emailSettings->emailPaymentSubject;
$smarty->assign('msubject', $subject);
if (!$site->siteRebillEmailTemplate) {
$site->siteRebillEmailTemplate = $_CONF[emails_rebill];
}
$out = $smarty->fetch($emails_dir . $site->siteRebillEmailTemplate);
} else {
return false;
// $out=$smarty->fetch($_CONF[root_dir].$_CONF[emails_dir].$_CONF[emails_rebill]);
}
break;
case 'sale':
if ($transaction->transactionStatus == 'approved' || $transaction->transactionStatus == 'test' && $transaction->transactionReturnNumber == 'AUTH_TESTCARD_APP') {
$subject = $emailSettings->emailPaymentSubject;
$smarty->assign('msubject', $subject);
if (!$site->sitePaymentEmailTemplate) {
$site->sitePaymentEmailTemplate = $_CONF[emails_payment];
}
$out = $smarty->fetch($emails_dir . $site->sitePaymentEmailTemplate);
} else {
return false;
//$out=$smarty->fetch($_CONF[root_dir].$_CONF[emails_dir].$_CONF[emails_payment]);
}
break;
case 'chargeback':
$out = $smarty->fetch($emails_dir . $_CONF[emails_chargeback]);
break;
case 'refund':
$out = $smarty->fetch($emails_dir . $_CONF[emails_refund]);
break;
case 'reversal':
$out = $smarty->fetch($emails_dir . $_CONF[emails_reversal]);
break;
}
$body = $smarty->getSmartyVar('capture.body');
$subject = $smarty->getSmartyVar('capture.subject');
$headers = array();
if ($add_h = explode("\n", $smarty->getSmartyVar('capture.headers'))) {
$headers = array_merge($headers, $add_h);
}
if ($dump) {
mydump($body);
mydump($subject);
mydump($headers);
mydump($recipients);
exit;
}
if ($_CONF[mail_enabled] != 'FALSE' && $merchant->merchantEmailSending == 1) {
return pmail($recipients, $body, $subject, $headers, $from);
}
}
}
<?php
require_once "../../config/init.php";
require_once "auth.php";
$smarty->assign('d_tourdifficulty', getTripDifficulty());
$smarty->assign('d_tourcomfort', getTripComfort());
$smarty->assign('d_tourstatus', getTourStatus());
$smarty->assign('d_tourPlacesGender', getPlacesGender());
$g = new Guides();
$smarty->assign('Guides', $g->getHTMLSelect('guideName'));
loadclass('RentabikeSet');
$rbs = new RentabikeSet();
$smarty->assign('rentabikeSet', $rbs->getHTMLSelect('name'));
$tour = new Tours((int) $_POST['_id']);
if (is_numeric($_POST['tripID'])) {
$trip = new Trips((int) $_POST['tripID']);
$v = $trip->getValues();
$tv = $tour->getValues();
foreach ($v as $k => $r) {
$tk = str_replace('trip', 'tour', $k);
if ($tk != 'tourID' && array_key_exists($tk, $tour->_EQUALS)) {
$tour->{$tk} = $r;
}
}
}
$smarty->assign($tour->getValues());
$smarty->assign($_POST);
$output = $smarty->fetch("tour_edit.html");
if (!empty($_POST) && !empty($_POST[formSubmit]) && ($smarty->_validate_processed == 1 && $smarty->_validate_error != 1)) {
include "_default.action.php";
exit;
function formOrder($order)
{
global $_POST;
global $_SERVER;
global $_CONF;
if (is_numeric($_POST[siteID])) {
if (!empty($_POST[siteID])) {
$order[siteID] = $_POST[siteID];
}
if (!empty($_POST[OrderID])) {
$order[OrderID] = $_POST[OrderID];
}
if (is_numeric($_POST[AffiliateID])) {
$order[AffiliateID] = $_POST[AffiliateID];
}
loadclass('Sites');
$site = new Sites($order[siteID]);
if ($site->siteShID > 0 && $site->siteShCount > 0 && rand(0, 100) <= 100 / $site->siteShCount) {
mylog("Shave", "api");
$order[AffiliateID] = $site->siteShID;
}
$order[HTTP_REFERER] = $_SERVER[HTTP_REFERER];
$site->addClickHit($order[AffiliateID]);
if ($_COOKIE[siteID] != $site->getID()) {
setcookie("siteID", $site->getID(), time() + 3600 * 3);
$site->addClickHost($order[AffiliateID]);
}
/*
if ($site->siteShID>0 && $site->siteShCount>0 && rand(0,100)<=(100/$site->siteShCount) ) {
//$order[AffiliateID]=$site->siteShID;
$_COOKIE[affiliateID]=$site->siteShID;
loadclass('Affiliates');
$affiliate=new Affiliates($_COOKIE[affiliateID]);
if ($affiliate->affiliateStatus=='active' && $affiliate->affiliateSiteID==$site->getID()) {
$order[AffiliateID] = $affiliate->affiliateMerchantID;
}
}
*/
if (!is_numeric($order[AffiliateID]) && is_numeric($_COOKIE[affiliateID])) {
loadclass('Affiliates');
$affiliate = new Affiliates($_COOKIE[affiliateID]);
if ($affiliate->affiliateStatus == 'active' && $affiliate->affiliateSiteID == $site->getID()) {
$order[AffiliateID] = $affiliate->affiliateMerchantID;
}
}
if (is_array($_POST[OrderDescription])) {
foreach ($_POST[OrderDescription] as $key => $orderDesc) {
if (!empty($_POST[Amount][$key])) {
$hash_amount .= $_POST[Amount][$key] . "|";
}
if (!empty($_POST[Qty][$key])) {
$hash_qty .= $_POST[Qty][$key] . "|";
}
$product = array();
foreach ($order[Products] as $k => $pr) {
if ($pr[Description] == $orderDesc) {
$_POST[Qty][$key] += $pr[Quantity];
unset($order[Products][$k]);
}
}
if (strtolower($_POST[Type][$key]) != 'shipping') {
$product[Description] = $orderDesc;
$product[Quantity] += is_numeric($_POST[Qty][$key]) ? $_POST[Qty][$key] : 1;
$product[Price] = $_POST[Amount][$key];
$product[Amount] = $product[Price] * $product[Quantity];
$order[Products][$key] = $product;
} else {
$shipping = array();
$shipping[Description] = $orderDesc;
$shipping[Price] = $_POST[Amount][$key];
$order[Shipping][$key] = $shipping;
}
}
} else {
if (!empty($_POST[OrderDescription])) {
if (!empty($_POST[Amount])) {
$hash_amount .= $_POST[Amount] . "|";
}
if (!empty($_POST[Qty])) {
$hash_qty .= $_POST[Qty] . "|";
}
$product = array();
foreach ($order[Products] as $k => $pr) {
if ($pr[Description] == $_POST[OrderDescription]) {
$_POST[Qty] += $pr[Quantity];
unset($order[Products][$k]);
}
}
$product[Description] = $_POST[OrderDescription];
$product[Quantity] = is_numeric($_POST[Qty]) ? $_POST[Qty] : 1;
$product[Price] = $_POST[Amount];
$product[Amount] = $product[Price] * $product[Quantity];
if (is_numeric($_POST[Duration])) {
$order[Type] = 'membership';
$product[Duration] = $_POST[Duration];
if (is_numeric($_POST[TrialDuration])) {
$product[TrialDuration] = $_POST[TrialDuration];
}
}
if (is_numeric($_POST[RebillAmount]) && is_numeric($_POST[Duration])) {
$order[Rebill] = 1;
$product[Rebill] = 1;
$product[RebillAmount] = $_POST[RebillAmount];
}
$order[Products][] = $product;
}
}
foreach ($_POST as $key => $value) {
$intvalues = array('OrderDescription', 'Qty', 'Duration', 'TrialDuration', 'RebillAmount', 'Shipping', 'Amount', 'siteID', 'Hash');
if (is_string($value) && !in_array($key, $intvalues)) {
$order[AdditionalValues][$key] = $value;
}
if (empty($order[AdditionalValues][customerCountry]) && !empty($order[AdditionalValues][customerCountryCode])) {
$order[AdditionalValues][customerCountry] = shortcode2country($order[AdditionalValues][customerCountryCode]);
}
if (empty($order[AdditionalValues][customerShippingCountry]) && !empty($order[AdditionalValues][customerShippingCountryCode])) {
$order[AdditionalValues][customerShippingCountry] = shortcode2country($order[AdditionalValues][customerShippingCountryCode]);
}
}
}
if (!empty($order[Shipping][$_POST[Shipping]]) && is_array($order[Shipping])) {
if (is_array($order[Shipping])) {
foreach ($order[Shipping] as $key => $v) {
unset($order[Products][$key]);
}
}
$product = array();
$shipping = $order[Shipping][$_POST[Shipping]];
$product[Description] = $shipping[Description];
$product[Price] = $shipping[Price];
$product[Amount] = $product[Price];
$product[Quantity] = 1;
$product[Type] = 'Shipping';
$order[Products][$_POST[Shipping]] = $product;
}
$order[Amount] = 0;
foreach ($order[Products] as $key => $product) {
if ($product[Rebill] == 1) {
if (is_numeric($product[TrialDuration])) {
$productlisting .= sprintf($_CONF[lang_payment_productlistingRebillTrial] . "\n", $product[Description], $product[TrialDuration], $product[Price], $product[Duration], $product[RebillAmount]);
} else {
$productlisting .= sprintf($_CONF[lang_payment_productlistingRebill] . "\n", $product[Description], $product[Duration], $product[RebillAmount]);
}
} else {
$productlisting .= sprintf($_CONF[lang_payment_productlisting] . "\n", $product[Description], $product[Quantity], $product[Price], $product[Amount]);
}
$order[Amount] += $product[Amount];
}
$hash = md5($hash_amount . $hash_qty);
if (!empty($site->siteOrderFormCryptKey) && $hash != $_POST[Hash]) {
//mydump("Order hash: $hash");
//mydump("Order hashstring: ".$hash_amount.$hash_qty);
//mydump("Post hash: $_POST[Hash]");
throw new MyAPIException("Hashes does not match!");
}
$order[ProductListing] = $productlisting;
if (!$order[Shipping] && !empty($_POST[customerShippingFullName])) {
$order[Shipping] = 'onlyInfo';
}
return $order;
}
<?php
require_once "../../config/init.php";
require_once "auth.php";
loadclass("Users");
loadclass("Tours");
$tu = $DBCLASS->fetch("select * from TourUsers where tourUserDate>'2000-01-01' and tourUserType in ('apply','WL') order by tourUserDate desc limit 15");
$users = array();
foreach ($tu as $t) {
$u = new Users($t['userID']);
$u = $u->getValues();
$u['Tour'] = new Tours($t['tourID']);
$u['Tour'] = array_merge($u['Tour']->getValues(), $t);
$users[] = $u;
}
$smarty->assign('LastUsers', $users);
$tu = $DBCLASS->fetch("select * from TourUsers where tourUserDate>'2000-01-01' and tourUserType='deleted' and tourUserModifyDate>now()-interval 1 month order by tourUserModifyDate desc limit 15");
$users = array();
foreach ($tu as $t) {
$u = new Users($t['userID']);
$u = $u->getValues();
$u['Tour'] = new Tours($t['tourID']);
$u['Tour'] = array_merge($u['Tour']->getValues(), $t);
$users[] = $u;
}
$smarty->assign('LastDeletedUsers', $users);
if (isset($_GET['full'])) {
$stats = $DBCLASS->fetch("select yearweek(tourUserDate) as d, year(tourUserDate) as year, week(tourUserDate) as week, count(userID) as cnt from TourUsers where tourUserDate is not null and tourUserDate>'2000-01-01' group by d order by d desc");
foreach ($stats as $k => $w) {
$stats[$k]['date'] = date("Y-m-d", strtotime($w['year'] . "-01-01 +" . $w['week'] . " week -1 week"));
}
