if ($db->connect_errno) {
header('Location: index.php');
die;
}
$db->set_charset(DB_CHARSET);
/** */
spl_autoload_register(function ($cn) {
include IDIR . '/' . str_replace('\\', '/', $cn) . '.php';
});
/** */
include (new \main\load())->language['location'];
if (!$GLOBALS['me'] || !\query\payments::plan_exists($_GET['plan'], array('user_view' => ''))) {
header('Location: index.php');
die;
}
$plan = \query\payments::plan_infos($_GET['plan']);
try {
$gateway = isset($_GET['gateway']) ? $_GET['gateway'] : '';
$payment = new \payment\main($gateway);
$thegateway = $payment->gateway_name;
$payment->description = 'Purchase plan';
$payment->items[] = array($plan->name, $plan->description, 1, $plan->price);
echo '<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="robots" content="noindex, nofollow">
<ul>
<li><a href="?route=payments.php&action=plan_view&type=delete&id=' . $_GET['id'] . '&token=' . $csrf . '" data-delete-msg="' . $LANG['delete_msg'] . '">' . $LANG['delete'] . '</a></li>
</ul>
</div>';
}
echo '<a href="?route=payments.php&action=plan_view" class="btn">' . $LANG['payments_plan_view'] . '</a>
</div>';
if (!empty($LANG['pmts_editplan_subtitle'])) {
echo '<span>' . $LANG['pmts_editplan_subtitle'] . '</span>';
}
echo '</div>';
if ($plan_exists) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'payments_csrf')) {
if (isset($_POST['name']) && isset($_POST['text']) && isset($_POST['price']) && isset($_POST['credits'])) {
if (actions::edit_payment_plan($_GET['id'], array('name' => $_POST['name'], 'description' => $_POST['text'], 'price' => $_POST['price'], 'credits' => $_POST['credits'], 'publish' => isset($_POST['publish']) ? 1 : 0))) {
$info = \query\payments::plan_infos($_GET['id']);
echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
} else {
echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
}
}
} else {
if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'payments_csrf')) {
if ($_GET['type'] == 'delete_image') {
if (isset($_GET['id'])) {
if (actions::delete_payment_plan_image($_GET['id'])) {
$info->image = '';
echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
} else {
echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
}
public static function delete_payment_plan_image($id)
{
global $db;
if (!$GLOBALS['me']->is_admin) {
return false;
}
$id = (array) $id;
$stmt = $db->stmt_init();
$stmt->prepare("UPDATE " . DB_TABLE_PREFIX . "p_plans SET image = '' WHERE id = ?");
foreach ($id as $ID) {
if (\query\payments::plan_exists($ID)) {
$plan = \query\payments::plan_infos($ID);
$stmt->bind_param("i", $ID);
$stmt->execute();
if (!empty($plan->image)) {
@unlink(DIR . '/' . $plan->image);
}
}
}
@$stmt->close();
return true;
}
