function ebay_revise_item($user_id, $item_id, $revise_price, $revise_qty)
{
include 'site_conf.php';
$sql_config = "SELECT \n \t\t\t\teu.dev_name,\n \t\t\t\teu.app_name,\n \t\t\t\teu.cert_name,\n \t\t\t\teu.token,\n \t\t\t\tec.paypal_address,\n \t\t\t\tec.return_accept_option,\n \t\t\t\tec.refund_option,\n \t\t\t\tec.return_days \n \t\tFROM \t\n \t\t\t\tebay_users eu,\n \t\t\t\tebay_config ec\n \t\tWHERE \n \t\t\t\teu.user_id = ec.user_id AND \n \t\t\t\teu.user_id = {$user_id}\t\t\t\t\n ";
$rs_config = mysql_query($sql_config) or die(mysql_error());
if (mysql_num_rows($rs_config) != 1) {
die("Database Error - Developer Side");
}
$row_config = mysql_fetch_assoc($rs_config);
$DEVNAME = trim($row_config['dev_name']);
$APPNAME = trim($row_config['app_name']);
$CERTNAME = trim($row_config['cert_name']);
$token = encrypt_decrypt('decrypt', $row_config['token']);
$paypal_email = trim($row_config['paypal_address']);
$return_accept_option = trim($row_config['return_accept_option']);
$refund_option = trim($row_config['refund_option']);
$return_within_days = trim($row_config['return_days']);
$post_data = '<?xml version="1.0" encoding="utf-8"?>
<ReviseItemRequest xmlns="urn:ebay:apis:eBLBaseComponents">
<ErrorLanguage>en_US</ErrorLanguage>
<Item>
<ItemID>' . $item_id . '</ItemID>
<StartPrice>' . $revise_price . '</StartPrice>
<Quantity>' . $revise_qty . '</Quantity>
<PayPalEmailAddress>' . $paypal_email . '</PayPalEmailAddress>
<ReturnPolicy>
<ReturnsAcceptedOption>' . $return_accept_option . '</ReturnsAcceptedOption>
<RefundOption>' . $refund_option . '</RefundOption>
<ReturnsWithinOption>' . $return_within_days . '</ReturnsWithinOption>
<ShippingCostPaidByOption>Buyer</ShippingCostPaidByOption>
</ReturnPolicy>
</Item>
<RequesterCredentials>
<eBayAuthToken>' . $token . '</eBayAuthToken>
</RequesterCredentials>
<WarningLevel>High</WarningLevel>
</ReviseItemRequest>';
$call_name = "ReviseItem";
$ebayapiheader = array("X-EBAY-API-COMPATIBILITY-LEVEL: {$COMPATIBILITYLEVEL}", "X-EBAY-API-DEV-NAME: {$DEVNAME}", "X-EBAY-API-APP-NAME: {$APPNAME}", "X-EBAY-API-CERT-NAME: {$CERTNAME}", "X-EBAY-API-SITEID: {$SiteId}", "X-EBAY-API-CALL-NAME: " . $call_name);
$ch = curl_init();
$res = curl_setopt($ch, CURLOPT_URL, $eBayAPIURL);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
// 0 = Don't give me the return header
curl_setopt($ch, CURLOPT_HTTPHEADER, $ebayapiheader);
// Set this for eBayAPI
curl_setopt($ch, CURLOPT_POST, 1);
// POST Method
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
//My XML Request
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$body = curl_exec($ch);
//Send the request
curl_close($ch);
// Close the connection
return $body;
}
function send_mail($to_email, $to_name, $subject, $content, $from_name = '')
{
$table = array("account");
$db = new database();
$query = $db->createQueryAll($table);
$db->setQuery($query);
$result1 = $db->loadAllRow();
//var_dump($result1);
$pass = encrypt_decrypt('decrypt', $result1[0]['pass']);
//var_dump($pass);
//tài khoản gmail dùng để gửi mail
$from_email = $result1[0]['name'];
// Reply to this email
$from_email_pass = $pass;
return send_gmail($from_email, $from_email_pass, $to_email, $to_name, $subject, $content, $from_name);
}
public function valider_voyageur()
{
$message1 = '<h1>Merci d\'avoir validé la réservation.</h1><p>Un courriel a été envoyé au voyageur pour le prévenir.</p><p>N\'hésitez pas à nous appeler si vous avez un quelconque problème.</p>';
$message2 = '<h1>Vous n\'avez plus de places dans votre voiture.</h1><p>La validation de la réservation n\'a pu être effectuée.</p><p>N\'hésitez pas à nous appeler si vous avez un quelconque problème.</p>';
$message3 = '<h1>Vous avez déjà validé cette réservation</h1>';
$message4 = '<h1>Le voyageur a annulé cette réservation</h1><p>Vous ne pouvez donc la valider</p>';
$subject = 'Mariage de Pauline et Pierre-Henri - Reservation de places';
$nr_statut = encrypt_decrypt('decrypt', $_GET['r_statut']);
$nr_id = encrypt_decrypt('decrypt', $_GET['r_id']);
$nr_nb_place = encrypt_decrypt('decrypt', $_GET['r_nb_place']);
$nr_id_voyage = encrypt_decrypt('decrypt', $_GET['id_voyage']);
global $wpdb;
$r_statut = $wpdb->get_var("SELECT r_statut FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_email = $wpdb->get_var("SELECT r_email FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$nb_place = $wpdb->get_var("SELECT nb_place FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$nom = $wpdb->get_var("SELECT nom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$prenom = $wpdb->get_var("SELECT prenom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$email = $wpdb->get_var("SELECT email FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$telephone = $wpdb->get_var("SELECT telephone FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$message = '
<html>
<h3>Bonjour,</h3>
<p>' . $prenom . ' ' . $nom . ' a validé votre réservation dans sa voiture</p>
<p>N\'hésitez pas à le contacter.</p>
<p>Voici son email : ' . $email . ' ainsi que son numéro de téléphone : ' . $telephone . '.</p>
<p>Vous pouvez annuler votre reservation en cliquant ici : <a href="' . site_url() . '/annulation?r_statut=4&r_id=' . encrypt_decrypt('encrypt', $nr_id) . '&r_nb_place=' . encrypt_decrypt('encrypt', $nr_nb_place) . '&id_voyage=' . encrypt_decrypt('encrypt', $nr_id_voyage) . '">Annuler ma réservation</a></br>
<p>Dans la joie de vous voir bientôt,</p>
<p>Pauline & Pierre-Henri</p>
<p>06 86 94 22 52</p>';
if ($nb_place - $nr_nb_place >= 0 && $r_statut != 2 && $r_statut != 4) {
$wpdb->query("UPDATE {$wpdb->prefix}covoit_reservation SET r_statut = '{$nr_statut}' WHERE id = '{$nr_id}'");
$wpdb->query("UPDATE {$wpdb->prefix}covoit_voyage SET nb_place = nb_place - '{$nr_nb_place}' WHERE id = '{$nr_id_voyage}'");
wp_mail($r_email, $subject, $message, $headers);
return $message1;
} elseif ($r_statut == 2) {
return $message3;
} elseif ($r_statut == 4) {
return $message4;
} else {
return $message2;
}
}
public function refuser_voyageur()
{
global $wpdb;
$subject = 'Mariage de Pauline et Pierre-Henri - Reservation de places';
$nr_statut = encrypt_decrypt('decrypt', $_GET['r_statut']);
$nr_id = encrypt_decrypt('decrypt', $_GET['r_id']);
$nr_id_voyage = encrypt_decrypt('decrypt', $_GET['id_voyage']);
$r_nom = $wpdb->get_var("SELECT r_nom FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_prenom = $wpdb->get_var("SELECT r_prenom FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_statut = $wpdb->get_var("SELECT r_statut FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_email = $wpdb->get_var("SELECT r_email FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_telephone = $wpdb->get_var("SELECT r_telephone FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$nom = $wpdb->get_var("SELECT nom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$prenom = $wpdb->get_var("SELECT prenom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$email = $wpdb->get_var("SELECT email FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$telephone = $wpdb->get_var("SELECT telephone FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$message1 = '<h1>Vous avez décliné la demande de réservation de ' . $r_prenom . ' ' . $r_nom . '</h1><p>Un courriel lui a été envoyé pour le prévenir.</p><p>N\'hésitez pas à nous appeler si vous avez un quelconque problème.</p>';
$message2 = '<h1>Vous avez déjà validé cette réservation</h1><p>Si vous ne souhaitez plus prendre ce voyageur, vous devez le contacter pour qu\'il annule lui-même sa reservation.</p>
<p>Voici ses coordonnées</p><p>Courriel : ' . $r_email . '</p><p>Téléphone : ' . $r_telephone . '</p>';
$message3 = '<h1>Vous avez déjà refusé cette réservation</h1>';
$message4 = '<h1>Le voyageur a déjà lui-même annulé cette réservation</h1>';
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$message = '
<html>
<h3>Bonjour,</h3>
<p>Nous sommes vraiment désolés mais ' . $prenom . ' ' . $nom . ' n\'a pas validé votre réservation dans sa voiture.</p>
<p>N\'hésitez pas à allez voir à nouveau sur notre site si d\'autres voyages sont disponibles.<p></p>Sinon, n\'hésitez pas à nous contacter pour que nous trouvions une solution.</p>
<p>Dans la joie de vous voir bientôt,</p>
<p>Pauline & Pierre-Henri</p>
<p>06 86 94 22 52</p>';
if ($r_statut != 3) {
$wpdb->query("UPDATE {$wpdb->prefix}covoit_reservation SET r_statut = '{$nr_statut}' WHERE id = '{$nr_id}'");
wp_mail($r_email, $subject, $message, $headers);
return $message1;
} elseif ($r_statut == 2) {
return $message2;
} elseif ($r_statut == 4) {
return $message4;
} else {
return $message2;
}
}
function check_token($mytoken)
{
$timeout = 60;
$decr_b64 = urlsafe_b64decode($mytoken);
$decrypted = encrypt_decrypt('decrypt', $decr_b64);
$fields = explode(":", $decrypted);
if (count($fields) == 2) {
list($ip, $timestamp) = explode(":", $decrypted);
$nowtime = time();
//echo "$ip, $timestamp, $timeout\n";
$sum = (int) ($timestamp + $timeout);
if ($nowtime > $sum || $nowtime < $timestamp) {
return false;
} else {
return true;
}
} else {
return false;
}
return false;
}
function checkUserToken($customerToken)
{
$customerId = encrypt_decrypt('decrypt', $customerToken);
$customer = Mage::getModel('customer/customer')->load($customerId);
if ($customer != null && $customer->getWebsiteId()) {
Mage::app($customer->getWebsiteId(), 'website');
$session = Mage::getSingleton('customer/session');
$session->loginById($customerId);
/*
* $customerData = $customer->getData();
foreach ($customerData as $key => $value) {
error_log("*".$key."-".$value);
}
* */
if ($session->isLoggedIn()) {
return $customerId;
} else {
return false;
}
} else {
return false;
}
}
public function annuler_voyageur()
{
$message1 = '<h1>Vous avez annulé votre réservation</h1><p>Nous espérons que vous avez trouvé un autre moyen de vous rendre à notre mariage.</p><p>N\'hésitez pas à nous contacter si vous avez un quelconque soucis</p>';
$message2 = '<h1>Vous avez déjà annulé votre réservation</h1><p>Nous espérons que vous avez trouvé un autre moyen de vous rendre à notre mariage.</p><p>N\'hésitez pas à nous contacter si vous avez un quelconque soucis</p>';
$subject = 'Mariage de Pauline et Pierre-Henri - Un voyageur a annulé sa réservation';
$nr_statut = encrypt_decrypt('decrypt', $_GET['r_statut']);
$nr_id = encrypt_decrypt('decrypt', $_GET['r_id']);
$nr_nb_place = encrypt_decrypt('decrypt', $_GET['r_nb_place']);
$nr_id_voyage = encrypt_decrypt('decrypt', $_GET['id_voyage']);
global $wpdb;
$r_statut = $wpdb->get_var("SELECT r_statut FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$nb_place = $wpdb->get_var("SELECT nb_place FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$nr_id_voyage}'");
$r_nom = $wpdb->get_var("SELECT r_nom FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_prenom = $wpdb->get_var("SELECT r_prenom FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_email = $wpdb->get_var("SELECT r_email FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$r_telephone = $wpdb->get_var("SELECT r_telephone FROM {$wpdb->prefix}covoit_reservation WHERE id = '{$nr_id}'");
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$message = '
<html>
<h3>Bonjour,</h3>
<p>' . $r_prenom . ' ' . $r_nom . ' a annulé sa réservation dans votre voiture</p>
<p>Voici son email : ' . $r_email . ' ainsi que son numéro de téléphone : ' . $r_telephone . '.</p>
<p>Dans la joie de vous voir bientôt,</p>
<p>Pauline & Pierre-Henri</p>
<p>06 86 94 22 52</p>';
if ($r_statut != 4) {
$wpdb->query("UPDATE {$wpdb->prefix}covoit_reservation SET r_statut = '{$nr_statut}' WHERE id = '{$nr_id}'");
if ($r_statut = 2) {
$wpdb->query("UPDATE {$wpdb->prefix}covoit_voyage SET nb_place = nb_place + '{$nr_nb_place}' WHERE id = '{$nr_id_voyage}'");
}
wp_mail($r_email, $subject, $message, $headers);
return $message1;
} else {
return $message2;
}
}
function d_code($string)
{
$output = htmlspecialchars(encrypt_decrypt('decrypt', $string));
return $output;
}
private function send_email_to_headman()
{
$body;
$search = array();
$replace = array();
$subject = "";
$returner = "";
$ci =& get_instance();
if ($this->type == "leave") {
$leave_id = $this->main_id;
$leave_type = $this->main_detail['LTName'];
$leave_because = $this->main_detail['LBecause'];
$leave_start_date = $this->main_detail['LStartDate'] . ' ' . $this->main_detail['LStartTime'];
$leave_end_date = $this->main_detail['LEndDate'] . ' ' . $this->main_detail['LEndTime'];
if ($this->main_detail["LAttachFile"] != NULL && $this->main_detail["LAttachFile"] != "") {
$leave_attach_file = $this->main_detail['LAttachFile'];
$leave_attach_file_name = $this->main_detail["LAttachFilename"];
//อย่าลืมเปลี่ยนการวนลูปเพราะมีการเปลี่ยนแลง table ใหม่
$this->email_attach_file[0]["filepath"] = $leave_attach_file;
$this->email_attach_file[0]["filename"] = $leave_attach_file_name;
}
//get leave time detail
$query_time = $ci->leavetime->getDetailByLeaveID($leave_id);
$leave_sum = $this->sum_show_leave_time($query_time->result_array());
$owner_emp_id = $this->user_detail['EmpID'];
$owner_firstname = $this->user_detail['EmpFirstnameThai'];
$owner_fullname = $this->user_detail["EmpFullnameThai"];
$owner_email = $this->user_detail['EmpEmail'];
$headman_user_id = $this->headman_user_id;
$headman_email = $this->headman_detail['EmpEmail'];
$headman_fullname = $this->headman_detail['EmpFullnameThai'];
if ($this->condition == 'request' || $this->condition == 'approve') {
$subject = '[ใบขอเลขที่ ' . $leave_id . '] ลูกทีม ' . $owner_firstname . ' ขออนุญาต ' . $leave_type;
$body = file_get_contents(APPPATH . 'views/Email/ask_approve_to_headman.html');
$search = array('{{headman_fullname}}', '{{leave_type}}', '{{owner_emp_id}}', '{{owner_fullname}}', '{{leave_because}}', '{{leave_start_date}}', '{{leave_end_date}}', '{{leave_sum}}', '{{siteurl}}', '{{headmanid}}', '{{leaveid}}');
$replace = array($headman_fullname, $leave_type, $owner_emp_id, $owner_fullname, $leave_because, $leave_start_date, $leave_end_date, $leave_sum, site_url(), encrypt_decrypt('encrypt', $headman_user_id), encrypt_decrypt('encrypt', $leave_id));
} else {
if ($this->condition == "edit request") {
$subject = '[ใบขอเลขที่ ' . $leave_id . '][มีการแก้ไขใบลา] ลูกทีม ' . $owner_firstname . ' ขออนุญาต ' . $leave_type;
$body = file_get_contents(APPPATH . 'views/Email/edit_ask_approve_to_headman.html');
$search = array('{{headman_fullname}}', '{{leave_type}}', '{{owner_emp_id}}', '{{owner_fullname}}', '{{leave_because}}', '{{leave_start_date}}', '{{leave_end_date}}', '{{leave_old_start_date}}', '{{leave_old_end_date}}', '{{leave_sum}}', '{{siteurl}}', '{{headmanid}}', '{{leaveid}}');
$replace = array($headman_fullname, $leave_type, $owner_emp_id, $owner_fullname, $leave_because, $leave_start_date, $leave_end_date, $leave_detail['LStartDate'] . ' ' . $leave_detail['LStartTime'], $leave_detail['LEndDate'] . ' ' . $leave_detail['LEndTime'], $leave_sum, site_url(), encrypt_decrypt('encrypt', $headman_user_id), encrypt_decrypt('encrypt', $leave_id));
}
}
} else {
if ($this->type === "overtime") {
$ot_id = $this->main_id;
$ot_date = $this->main_detail['wot_date'];
$ot_remark = $this->main_detail['wot_remark'];
$ot_time_from = $this->main_detail['wot_time_from'];
$ot_time_to = $this->main_detail['wot_time_to'];
$owner_emp_id = $this->user_detail['EmpID'];
$owner_firstname = $this->user_detail['EmpFirstnameThai'];
$owner_fullname = $this->user_detail["EmpFullnameThai"];
$owner_email = $this->user_detail['EmpEmail'];
$owner_position = $this->user_detail['PositionName'];
$headman_user_id = $this->headman_user_id;
$headman_email = $this->headman_detail['EmpEmail'];
$headman_fullname = $this->headman_detail['EmpFullnameThai'];
if ($this->condition == 'request' || $this->condition == 'approve') {
$subject = '[ใบขอเลขที่ ' . $ot_id . '] ลูกทีม ' . $owner_firstname . ' ขอทำงานล่วงเวลา';
$body = file_get_contents(APPPATH . '/views/Email/request_ot_to_headman.html');
$search = array('{{headman_fullname}}', '{{owner_emp_id}}', '{{owner_fullname}}', '{{owner_positionname}}', '{{ot_date}}', '{{ot_time_from}}', '{{ot_time_to}}', '{{ot_id}}', '{{headman_user_id}}', '{{en_ot_id}}', '{{site_url}}');
$replace = array($headman_fullname, $owner_emp_id, $owner_fullname, $owner_position, dateThaiFormatFromDB($ot_date), $ot_time_from, $ot_time_to, $ot_id, encrypt_decrypt('encrypt', $headman_user_id), encrypt_decrypt('encrypt', $ot_id), site_url());
}
}
}
$body = str_replace($search, $replace, $body);
$this->body = $body;
$this->subject = $subject;
//send mail library
//non config because default set in phpmailer class
$ci->load->library('Phpmailer', 'phpmailer');
$ci->phpmailer->ClearAllRecipients();
$ci->phpmailer->IsSMTP();
$ci->phpmailer->Subject = $this->subject;
if (count($this->email_attach_file) > 0) {
foreach ($this->email_attach_file as $email) {
$ci->phpmailer->AddAttachment($email["filepath"], $email["filename"]);
}
}
$ci->phpmailer->Body = $this->body;
//ส่วนนี้รายละเอียดสามารถส่งเป็นรูปแบบ HTML ได้
$ci->phpmailer->AddAddress($this->headman_detail["EmpEmail"], $this->headman_detail["EmpFullnameThai"]);
if (!$ci->phpmailer->Send()) {
log_message('error', 'Error send mail ' . var_dump($ci->phpmailer->ErrorInfo));
return $ci->phpmailer->ErrorInfo;
} else {
return 'success';
}
}
/**
* [instant_hr_approve_disapprove_from_email description] รวมจาก approve_from_email , disapprove_from_email
* @param string $type [approve/disapprove]
* @param int $hr_userid encrypt hr user id
* @param int $headman_userid encrypt headman user id
* @param int $leave_id encrypt leave id
*/
public function instant_hr_approve_disapprove_from_email($type, $hr_userid, $headman_userid, $leave_id)
{
$hr_userid = floatval(encrypt_decrypt('decrypt', $hr_userid));
$headman_userid = floatval(encrypt_decrypt('decrypt', $headman_userid));
$leave_id = encrypt_decrypt('decrypt', $leave_id);
$workflow_id = 0;
$log_type = '';
$log_detail = '';
$alert_success = '';
if ($type == 'approve') {
$log_type = 'hr_approve_from_email';
$log_detail = 'อนุมัติใบลาโดย HR ผ่านอีเมล์';
$workflow_id = 4;
$alert_success = 'อนุมัติใบลาเรียบร้อยแล้ว';
} else {
if ($type == 'disapprove') {
$log_type = 'hr_disapprove_from_email';
$log_detail = 'ไม่อนุมัติใบลาโดย HR ผ่านอีเมล์';
$workflow_id = 5;
$alert_success = 'ไม่อนุมัติใบลาเรียบร้อยแล้ว';
}
}
if ($headman_userid > 0) {
$query = $this->leave->getDetailForVerify($leave_id, $headman_id);
if ($query->num_rows() > 0) {
$query = $query->result_array();
$query = $query[0];
if ($query["L_WFID"] > 3) {
echo swalc("ไม่สามารถทำคำสั่งได้", "เนื่องจากมีการอนุมัติ/ไม่อนุมัติไปแล้ว", "error");
} else {
$where = array();
$where["LID"] = $leave_id;
$data = array();
$data["L_WFID"] = $workflow_id;
$this->leave->update($data, $where);
log_leave($log_type, $leave_id, $log_detail, $hr_userid);
echo swalc("สำเร็จ", $alert_success, "success");
}
}
} else {
echo swalc("ผิดพลาด", "ไม่สามารถทำรายการใบลาได้", "error");
}
}
<?php
include 'header.php';
//==================== Insert New User =======================
if (isset($_POST['btnSave'])) {
$cboBranch = $_POST['cboBranch'];
$txtUserName = post('txtUserName');
$txtPassword = post('txtPassword');
$txtLevel = post('txtLevel');
$txtDescription = post('txtDescription');
$txtStatus = post('txtStatus');
$encrypted_pass = encrypt_decrypt('encrypt', $txtPassword);
$insert = $db->query("CALL sp_Insert_UserAccount(\n\t\t\t\t'" . time() . "',\n\t\t\t\t'" . $cboBranch . "',\n\t\t\t\tN'" . sql_quote($txtUserName) . "',\n\t\t\t\tN'" . sql_quote($encrypted_pass) . "',\n\t\t\t\t'" . sql_quote($txtLevel) . "',\n\t\t\t\tN'" . sql_quote($txtDescription) . "',\n\t\t\t\t'" . sql_quote($txtStatus) . "'\t\t\t\n\t\t\t\t)");
if ($insert) {
cRedirect('userAccount.php');
}
}
?>
<body class="skin-blue">
<!-- header logo: style can be found in header.less -->
<?php
include 'nav.php';
?>
<!-- Left side column. contains the logo and sidebar -->
<?php
include 'menu.php';
?>
<!-- Right side column. Contains the navbar and content of the page -->
<aside class="right-side">
function showLinkEpisode($link = null)
{
if (strpos($link, 'picasaweb.google.com/lh/photo/')) {
$link = encrypt_decrypt('decrypt', str_replace('https://picasaweb.google.com/lh/photo/', '', $link));
}
return $link;
}
<div id="page"><div class="page-inner <?php
echo $grid_size;
?>
">
<?php
if (isset($_COOKIE['etype'])) {
foreach ($_COOKIE["etype"] as $name => $value) {
$etyp[$name] = $value;
}
$decrypted_txt = encrypt_decrypt('decrypt', $etyp['perms']);
//$pos = strrpos($decrypted_txt , '_');
// $username = substr($decrypted_txt , 0, $pos);
// $password = substr($decrypted_txt , $pos + 1);
$pos = strrpos($decrypted_txt, '##');
$str1 = substr($decrypted_txt, 0, $pos + 1);
$str2 = substr($decrypted_txt, $pos + 2);
$pos1 = strrpos($str2, '--');
$username = substr($str2, 0, $pos1);
$password = substr($str2, $pos1 + 2);
$param = array('UserName' => "{$username}", 'Password' => "{$password}");
$client = new soapclient('http://etypeservices.com/Service_SubscriberLogin.asmx?WSDL');
$response = $client->ValidateSubscriber($param);
if ($response->ValidateSubscriberResult == 1) {
$query = "select name, uid from users where name='" . $username . "'";
$qu = db_query($query);
$useruid = "";
foreach ($qu as $qu) {
$useruid = $qu->uid;
}
global $user;
$user = user_load($useruid);
function ajax_rrss()
{
// First check the nonce, if it fails the function will break
check_ajax_referer('ajax-login-nonce', 'security');
foreach (array_keys($_REQUEST) as $key) {
$clean[$key] = mysql_real_escape_string($_REQUEST[$key]);
}
$autoGeneratePass = encrypt_decrypt("encrypt", $clean['uid']);
$info['user_login'] = $clean['username'];
$info['password'] = $autoGeneratePass;
$info['uid'] = $clean['uid'];
$info['nombre'] = $clean['nombre'];
$info['apellido'] = $clean['apellido'];
$info['source'] = $clean['source'];
$info['redirect'] = $clean['redirect'];
//print_d($info);
if ($clean['source'] != "facebook") {
$info['avatar'] = $clean['avatar'];
}
if ($info["user_login"] != "" and $info["uid"] != "" and $info["nombre"] != "") {
$creating = createUser($info);
//print_r($creating);
if ($creating["bool"]) {
echo json_encode(array('loggedin' => true, 'message' => $clean['redirect'], 'userID' => $creating["userID"]));
} else {
if ($creating["status"] == "El e-mail ya esta en uso.") {
$trylogin = loginUser($clean['username'], $autoGeneratePass);
if (is_wp_error($trylogin)) {
echo json_encode(array('loggedin' => 2, 'message' => __('El mail asociado a este usuario ya esta registrado en gob247 con otra red social. Por favor vuelva a intentarlo eligiendo otra de las opciones de login.')));
} else {
echo json_encode(array('loggedin' => 1, 'message' => $clean['redirect'], 'userID' => $creating["userID"]));
}
} else {
echo json_encode(array('loggedin' => 0, 'message' => "No se pudo crear usuario. Intente nuevamente."));
}
}
} else {
echo json_encode(array('loggedin' => 0, 'message' => "No se pudo crear usuario. Probablemente usted no permite compartir información necesaria para crear una cuenta en GOB247."));
}
die;
}
// Hash the password
$key = hash('sha256', $key);
if ($action == 'encrypt') {
// Generate a random string, hash it and get the first 16 character of the hashed string which will be ised as the IV
$str = "qwertyuiopasdfghjklzxcvbnm,./;'\\[]-=`!@#\$%^&*()_+{}|\":?><0123456789QWERTYUIOPASDFGHJKLZXCVBNM";
$shuffled = str_shuffle($str);
$iv = substr(hash('sha256', $shuffled), 0, 16);
$output = openssl_encrypt($string, $encryption_method, $key, 0, $iv);
$output = base64_encode($output);
// Tidy up the string so that it survives the transport 100%
$ivoutput = $iv . $output;
// Concat the IV with the encrypted message
return $ivoutput;
} else {
if ($action == 'decrypt') {
$iv = substr($string, 0, 16);
// Extract the IV from the encrypted string
$string = substr($string, 16);
// The rest of the encrypted string is the message
$output = openssl_decrypt(base64_decode($string), $encryption_method, $key, 0, $iv);
return $output;
}
}
}
echo "<b>Message in plain text:</b> {$message}" . "<br /><br />";
// The encrypted text looks like this
$encrypted_txt = encrypt_decrypt('encrypt', $message, $password);
echo "<b>Encrypted text:</b> {$encrypted_txt}" . "<br /><br />";
// Decrypte the message
$decrypted_txt = encrypt_decrypt('decrypt', $encrypted_txt, $password);
echo "<b>Decrypted message:</b> {$decrypted_txt}" . "<br /><br />";
public function instant_approve_disapprove_ot_by_hr($type, $hr_user_id, $ot_id)
{
$hr_user_id = encrypt_decrypt('decrypt', $hr_user_id);
$ot_id = encrypt_decrypt('decrypt', $ot_id);
$workflow_id = 0;
//check hr is in role hr
$is_hr = is_hr($hr_user_id);
if ($is_hr) {
//get ot request detail for get owner user id
$query = $this->ot->get_detail_by_id($ot_id);
if ($query->num_rows() > 0) {
$ot_detail = $query->row_array();
if (intval($ot_detail['wot_workflow_id']) > 3) {
echo swalc('ผิดพลาด!!!', 'คุณไม่สามารถทำรายการใบคำขอทำงานล่วงเวลานี้ได้เพราะคำขอนี้มีการอนุมัติ/ไม่อนุมัติไปแล้ว', 'error');
} else {
$owner_user_id = $ot_detail['wot_request_by'];
$owner_detail = getEmployeeDetailByUserID($owner_user_id);
$owner_headman_user_id = $owner_detail['EmpHeadman_UserID'];
$log_type = '';
$log_detail = '';
//set approve / disapprove
if ($type == 'approve') {
$workflow_id = 4;
$log_type = 'instant approve from email by hr';
$log_detail = 'HR ทำการอนุมัติใบคำขอทำงานล่วงเวลาทันทีผ่านอีเมล์';
} else {
if ($type == 'disapprove') {
$workflow_id = 5;
$log_type = 'instant disapprove from email by hr';
$log_detail = 'HR ไม่อนุมัติใบคำขอทำงานล่วงเวลาทันทีผ่านอีเมล์';
$send_to_headman = $this->send_email_ot_to_headman();
}
}
$data = array('wot_workflow_id' => $workflow_id);
$where = array('wot_id' => $ot_id);
//insert log
insert_log_ot($ot_id, $log_type, $log_detail, $hr_user_id);
//send email to owner request ot with log
$send = $this->send_email_result_ot_to_owner($ot_id);
if ($send == 'success') {
insert_log_ot($ot_id, 'send email result ot to owner', 'ส่งอีเมล์เพื่อแจ้งสถานะใบคำขอทำงานล่วงเวลาให้เจ้าของใบคำขอ', $hr_user_id);
} else {
insert_log_ot($ot_id, 'error send email result ot to owner', 'ไม่สามารถส่งอีเมล์เพื่อแจ้งสถานะใบคำขอทำงานล่วงเวลาให้เจ้าของใบคำขอได้', $hr_user_id);
}
//if disapprove send mail to headman
if ($type == 'disapprove') {
$send = $this->send_email_ot_to_headman('disapprove_by_hr', $ot_id);
if ($send == 'success') {
insert_log_ot($ot_id, 'send email disapprove ot to headman by hr', 'ส่งอีเมล์เพื่อแจ้งสถานะใบคำขอทำงานล่วงเวลาให้หัวหน้าเจ้าของคำขอ', $hr_user_id);
} else {
insert_log_ot($ot_id, 'error send email disapprove ot to headman by hr', 'ไม่สามารถส่งอีเมล์เพื่อแจ้งสถานะใบคำขอทำงานล่วงเวลาให้หัวหน้าเจ้าของใบคำขอได้ เพราะ ' . $send, $hr_user_id);
}
}
}
}
} else {
echo swalc('ผิดพลาด!!!', 'ไม่สามารถทำรายการได้', 'error');
}
}
/*
* For each user, using respective(his) public & private keys fetch the ebay,amazon listings.
*/
$user = array_pop($user_list);
$user_id = $user['user_id'];
$DEVNAME = trim($user['dev_name']);
$APPNAME = trim($user['app_name']);
$CERTNAME = trim($user['cert_name']);
$token = encrypt_decrypt('decrypt', $user['token']);
$paypal_email = trim($user['paypal_address']);
$return_accept_option = trim($user['return_accept_option']);
$refund_option = trim($user['refund_option']);
$return_within_days = trim($user['return_days']);
$duration = trim($user['listing_duration']);
$public_key = encrypt_decrypt('decrypt', $user['amazon_publickey']);
$private_key = encrypt_decrypt('decrypt', $user['amazon_privatekey']);
$page = 1;
$is_error = false;
do {
$my_selling_pages = get_my_ebay_selling_ActiveList($page);
/* fetch ebay active list for the user first time, continue
if there are many pages DO WHILE
*/
$xml_page = new SimpleXMLElement($my_selling_pages);
//print_r($xml_page);
if (isset($xml_page->Errors->ErrorCode) and (str_replace('', '', $xml_page->Errors->ErrorCode) == '931' or str_replace('', '', $xml_page->Errors->ErrorCode) == '5')) {
$is_error = true;
break;
} elseif (isset($xml_page->Errors)) {
array_push($error, $xml_page->Errors);
}
public function envoyer_mail()
{
if (isset($_POST['reserver']) && !empty($_POST['r_nom'])) {
global $wpdb;
$r_nom = $_POST['r_nom'];
$r_prenom = $_POST['r_prenom'];
$r_email = $_POST['r_email'];
$r_telephone = $_POST['r_telephone'];
$r_nb_place = $_POST['r_nb_place'];
$id_voyage = $_POST['id_voyage'];
$r_id = $wpdb->get_var("SELECT id FROM {$wpdb->prefix}covoit_reservation WHERE r_email= '{$r_email}' AND r_nom = '{$r_nom}'");
$nom = $wpdb->get_var("SELECT nom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$id_voyage}'");
$prenom = $wpdb->get_var("SELECT prenom FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$id_voyage}'");
$email = $wpdb->get_var("SELECT email FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$id_voyage}'");
$telephone = $wpdb->get_var("SELECT telephone FROM {$wpdb->prefix}covoit_voyage WHERE id = '{$id_voyage}'");
$subject = 'Mariage de Pauline et Pierre-Henri - Reservation de places';
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$message1 = '
<html>
<h3>Bonjour,</h3>
<p>' . $r_prenom . ' ' . $r_nom . ' souhaite réserver ' . $r_nb_place . ' place(s) dans votre voiture.</p>
<p>Vous pouvez valider sa réservation en cliquant ici :
<a href="' . site_url() . '/validation?r_statut=' . encrypt_decrypt('encrypt', '2') . '&r_id=' . encrypt_decrypt('encrypt', $r_id) . '&r_nb_place=' . encrypt_decrypt('encrypt', $r_nb_place) . '&id_voyage=' . encrypt_decrypt('encrypt', $id_voyage) . '">Valider</a></br>
<p>Ou bien la refuser en cliquant ici :
<a href="' . site_url() . '/refus?r_statut=' . encrypt_decrypt('encrypt', '3') . '&r_id=' . encrypt_decrypt('encrypt', $r_id) . '&id_voyage=' . encrypt_decrypt('encrypt', $id_voyage) . '" name="refuser"/>Refuser la reservation</a></br>
<p>Vous pouvez contacter ' . $r_prenom . ' par courriel à ' . $r_email . ' ou par téléphone au ' . $r_telephone . ' .</p>
<p>Dans la joie de vous voir bientôt,</p>
<p>Pauline & Pierre-Henri</p>
<p>06 86 94 22 52</p>';
$message2 = '
<html>
<h3>Bonjour ' . $r_prenom . ' ' . $r_nom . ',</h3>
<p>Vous avez réservé ' . $r_nb_place . ' place(s) dans la voiture de ' . $prenom . ' ' . $nom . '.</p>
<p>Vous pouvez annuler votre réservation à tout moment en cliquant ici :
<a href="' . site_url() . '/annulation-reservation?r_statut=' . encrypt_decrypt('encrypt', '4') . '&r_id=' . encrypt_decrypt('encrypt', $r_id) . '&r_nb_place=' . encrypt_decrypt('encrypt', $r_nb_place) . '&id_voyage=' . encrypt_decrypt('encrypt', $id_voyage) . '">Annuler ma réservation</a></br>
<p>Dans la joie de vous voir bientôt,</p>
<p>Pauline & Pierre-Henri</p>
<p>06 86 94 22 52</p>';
if (is_null($r_row)) {
wp_mail($email, $subject, $message1, $headers);
wp_mail($r_email, $subject, $message2, $headers);
wp_redirect(site_url() . '/reservation');
exit;
}
}
}
function set_valid_days($date)
{
$control_id = COMPANY_ID;
$control_pref = encrypt_decrypt('Bwpagca');
$control_date = get_control_key('Glec}t:Pydm', 'Qmf~j|:_}i{');
$control_key = get_control_key('Glec}t:Pydm', 'Vlee}9Q~e');
$valid_key = encrypt_hash($control_pref . 'E' . $control_id . $control_date);
$valid_days = $valid_key == $control_key ? difference_in_days($date, $control_date) : -1;
set_session('valid_days', $valid_days);
}
$mobile = $data->val($index, 'N');
$bname = $data->val($index, 'O');
$bacc = $data->val($index, 'P');
$bbranch = $data->val($index, 'Q');
//$id = $data->val($index, 'A');
//$id = 'BTIP01'.$id;
$nid = randomPrefix(3);
$id = getEmployeIdPrefix() . $nid;
$check = checkrandom($id);
while ($check == false) {
$nid = randomPrefix(3);
$id = getEmployeIdPrefix() . $nid;
$check = checkrandom($id);
}
//echo $id;
$query = "insert into emp_login (user_pwd, disp_name, user_name) values ('" . encrypt_decrypt('encrypt', $pwd) . "', '{$name}', '{$id}')";
$result = executeStatement($query);
echo mysql_error();
$query2 = "insert into emp_details (emp_id, desig_code, dept_code, dob, doj, telephone, mobile, email_id, addr) values ('{$id}', '{$desg}', '{$dept}', '{$dob}', '{$doj}', '{$hphone}', '{$mobile}', '{$mail}', '{$addr}')";
$result2 = executeStatement($query2);
echo mysql_error();
$query4 = "insert into emp_comp_details (emp_id, pf_no, esi_no, bank_name, bank_acc_no, bank_branch) values ('{$id}', '{$pf_no}', '{$esi_no}', '{$bname}', '{$bacc}', '{$bbranch}')";
$result4 = executeStatement($query4);
echo mysql_error();
$index++;
}
}
}
$msg = 'Data Updated Successfully';
//header("location:".$_GET['url']);
}
function checkout()
{
$con = connect();
if ($stmt = $con->prepare("delete from Cart where UserId=?")) {
$i = encrypt_decrypt('decrypt', $_COOKIE['sessionuid']);
$stmt->bind_param("s", $i);
$re = $stmt->execute();
if ($re) {
echo "<h1>ALL CHECKED OUT!</h1>";
}
// echo sha1(1);
}
}
public function details_scraping_source_database()
{
// $public_key_old_encrypt_sam = "BZWj+dU+DMlhS++qeRf78Jgtlk2kftXaBunDcXekHqI=";
// $private_key_old_encrypt_sam = "sPLASMgc6JmawkVJFCV2cVSbNAjAa98dU3oIDlo8n+XTfSwEnojpVrva/e/QhBNbltnFDTmbdPKNnD+mxlJxpQ==";
// $public_key = "AKIAIAZ56753EOMICJHA";
// $private_key = "V3JgOlg07LFs2Xu2jn7NudugbBs+MGO+Y6jEcaA2";
require_once 'redirect.php';
//require_once 'inc.db.php';
require_once 'aws_signed_request.php';
require_once 'xml_to_database_updater.php';
require_once 'scraping_asins.php';
require_once 'scraping_walmart.php';
require_once 'scraping_overstock.php';
require_once 'scraping_aliexpress.php';
$active_user = $_SESSION['user_id'];
$xml_db_updater = new XML_to_Database_Updater();
//----------------------------------------------------------------------------------
$sql_ebay_users = "SELECT amazon_publickey,amazon_privatekey FROM ebay_users WHERE user_id={$active_user}";
$rs_ebay_users = mysql_query($sql_ebay_users) or die(mysql_error());
if (mysql_num_rows($rs_ebay_users) != 1) {
die('Error in ebay_users');
}
$row_user = mysql_fetch_array($rs_ebay_users);
if ((strlen(trim($row_user['amazon_publickey'])) or !empty($row_user['amazon_publickey']) or !is_null($row_user['amazon_publickey'])) and (strlen(trim($row_user['amazon_privatekey'])) or !empty($row_user['amazon_privatekey']) or !is_null($row_user['amazon_privatekey']))) {
require_once 'functions.php';
$public_key = encrypt_decrypt('decrypt', $row_user['amazon_publickey']);
$private_key = encrypt_decrypt('decrypt', $row_user['amazon_privatekey']);
} else {
header("Location:profile.php");
}
//------------------------------------------------------------------------------------
$sql_select = "SELECT * FROM asins_table WHERE processed = 0 AND UserID = {$active_user} ";
$rs_select = mysql_query($sql_select) or die(mysql_error());
//
$asin_count = 0;
$bulk_count = 0;
$asin_list = '';
if (!mysql_num_rows($rs_select)) {
$progress_status = '<div id="ErrorMsg" class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
Sorry! No ASIN to Process...
</div>';
//
$this->progress_status = $progress_status;
//
} elseif (mysql_num_rows($rs_select)) {
$progress_status = '<div id="ErrorMsg" class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
Fetching products on Process...
</div>';
$this->progress_status = $progress_status;
while ($row = mysql_fetch_array($rs_select)) {
if (empty($row['asins'])) {
continue;
}
// {die('Error in asins Records');}
$asin = trim($row['asins']);
$asin_count++;
$duplicate_product_sql = "SELECT asin FROM aws_asin WHERE asin='{$asin}' AND UserID={$active_user}";
$dp_result = mysql_query($duplicate_product_sql);
if (mysql_num_rows($dp_result)) {
continue;
}
$bulk_count++;
/* if ($bulk_count == 1) {
$asin_list = $asin;
} elseif ($bulk_count < 10) {
$asin_list .= "," . $asin;
} elseif ($bulk_count == 10) {
$asin_list .= "," . $asin;
$requestparams = array("Operation" => "ItemLookup", "Condition" => "All", "ItemId" => $asin_list, "IdType" => "ASIN", "Availability" => "Available",
"ResponseGroup" => "Large", "MerchantId" => "Amazon");
$product_xml = aws_signed_request("com", $requestparams, $public_key, $private_key);
*/
if ($row['provider'] == 'Walmart') {
$product_data = scrape_walmart($asin);
$xml_db_updater->insert_into__scrape_number($product_data);
} else {
if ($row['provider'] == 'Amazon') {
$product_data = scrape_asins($asin);
$xml_db_updater->insert_into__scrape_asin($product_data);
} else {
if ($row['provider'] == 'Overstock') {
$product_data = scrape_overstock($asin);
$xml_db_updater->insert_into__scrape_overnumber($product_data);
} else {
if ($row['provider'] == 'Aliexpress') {
$product_data = scrape_aliexpress($asin);
$xml_db_updater->insert_into__scrape_aliexpress($product_data);
}
}
}
}
//print_r($product_data);die;
//
/*if (isset($product_xml->Error->Code)) {
$code_array = (array) $product_xml->Error->Code;
if (trim(strtoupper($code_array[0])) == 'INVALIDCLIENTTOKENID') {
echo '<script> window.location.href = "profile.php";</script>';
return;
}
}
*/
/* sleep(5);
$asin_list = '';
$bulk_count = 0;*/
}
}
/* if ($bulk_count > 0) {
$requestparams = array("Operation" => "ItemLookup", "Condition" => "All", "ItemId" => $asin_list, "IdType" => "ASIN", "Availability" => "Available",
"ResponseGroup" => "Large", "MerchantId" => "Amazon");
$product_xml = aws_signed_request("com", $requestparams, $public_key, $private_key);
// var_dump($product_xml); exit('4444444444'); //mytest
//
if (isset($product_xml->Error->Code)) {
$code_array = (array) $product_xml->Error->Code;
if (trim(strtoupper($code_array[0])) == 'INVALIDCLIENTTOKENID') {
echo '<script> window.location.href = "profile.php";</script>';
return;
}
}
//
$xml_db_updater->insert_into__aws_asin($product_xml);
sleep(5);
$asin_list = '';
$bulk_count = 0;
}*/
}
header('Expires: 0');
//
}
if (!isset($_COOKIE['ccookie']) && !isset($_COOKIE['sessionuid'])) {
if (credentialCheck($user, $ans) || !isset($_POST['username']) || !isset($_POST['answer'])) {
echo "<h1>Error in username and/or password</h1>";
exit;
}
header('Cache-Control: no-cache, no-store, must-revalidate');
// HTTP 1.1.
header('Pragma: no-cache');
// HTTP 1.0.
header('Expires: 0');
// Proxies.
} else {
if (encrypt_decrypt('decrypt', $_COOKIE['ccookie']) == $_SERVER['REMOTE_ADDR'] && isset($_COOKIE['sessionuid'])) {
header('Location: https://bluestore.co/catalogue.php');
} else {
setcookie("ccookie", "", time() - 86400 * 30, "/");
header('Location: http://bluestore.co/');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>
Blue Store
</title>
$ShowMessage = 0;
$cnt = 0;
$HaveUser = 0;
$isActive = 1;
//new
$username = "";
$pass_strength = 1;
opendb();
//echo $_GET['sendMail'] . "***";
// *****************************************************
// sendEmail promenliva i zapis
//******************************************************
if (isset($_GET['sendMail'])) {
// update the user with the new username
$username = encrypt_decrypt('decrypt', $_GET['sendMail'], '0123456789abcdefg');
$userid = encrypt_decrypt('decrypt', $_GET['uid'], '0123456789abcdefg');
//$userid = $_SESSION['user_id'];
$updateEmail = query("update users set username = '******', emailflag='1' where id = " . $userid);
}
$_SESSION["cntAfterLogin"] = false;
if ($un != "" || $pass != "") {
$loggedClient = dlookup("select clientid from users where username='******' and password='******'");
if (($un == "admin" || $un == "kikigps" || $un == "gorangps" || $un == "marjangps" || $un == "aleksgps" || $un == "alekgps" || $un == "igorgps" || $un == "cvetangps") && $loggedClient == 1) {
if ($pass[0] == "\"") {
$pass = str_replace('"', '', $pass);
}
$cnt = dlookup("select count(*) from users where username='******' and password = '******' and active='1'");
if ($cnt == 0) {
$isActive = dlookup("select count(*) from users where username='******' and password = '******' and active='0'");
//new
$ShowMessage = $isActive == 0 ? 0 : 1;
include 'php_modules/modules.php';
if (!isset($_COOKIE['sessionuid'])) {
$password = $_POST['pass'];
if (passwordCheck($password) == "f") {
//echo '<script>window.location.assign("http://bluestore.co")</script>';
setcookie("ccookie", "", time() - 86400 * 30, "/");
header('Location: index.php');
}
header('Cache-Control: no-cache, no-store, must-revalidate');
// HTTP 1.1.
header('Pragma: no-cache');
// HTTP 1.0.
header('Expires: 0');
// Proxies.
} else {
if (encrypt_decrypt('decrypt', $_COOKIE['ccookie']) != $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) {
header('Location: https://bluestore.co/logOutRedirect.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>
Blue Store
</title>
<!-- Javascript -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<!-- Bootstrap -->
// <-- set the Timeout above 300 Sec.
if ($soapclient) {
$soapclient->soap_defencoding = 'UTF-8';
$soapclient->decodeUTF8(false);
}
// Call the WebService method and store its result in $result.
$authentication = array('dolibarrkey' => $conf->webservice->securitykey, 'sourceapplication' => 'getAreaInfo', 'login' => $conf->webservice->login, 'password' => $conf->webservice->password);
if (!empty($conf->identifier->ISO)) {
$iso = $conf->identifier->ISO;
}
if (!empty($_GET['iso'])) {
$iso = $_GET['iso'];
}
$GenInsInput = array('iso' => $iso, 'EMMA_ID' => $_GET["EMMA_ID"]);
$parameters = array('authentication' => $authentication, 'getAreaInfo' => $GenInsInput);
$AreaCodesArray = $soapclient->call('getAreaInfo', $parameters, $ns, '');
if ($soapclient->fault) {
$out .= '<h2>Fault</h2><pre>';
$out .= var_dump($result);
$out .= '</pre>';
} else {
// Check for errors
$err = $soapclient->getError();
if ($err) {
// Display the error
$out .= '<h2>Error</h2><pre>' . $err . '</pre>';
} else {
}
}
$conf->webservice->password = encrypt_decrypt(1, $conf->webservice->password);
}
{
$output = false;
$encrypt_method = "AES-256-CBC";
$secret_key = 'This is my secret key';
$secret_iv = 'This is my secret iv';
// hash
$key = hash('sha256', $secret_key);
// iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
$iv = substr(hash('sha256', $secret_iv), 0, 16);
if ($action == 'encrypt') {
$output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
$output = base64_encode($output);
} else {
if ($action == 'decrypt') {
$output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
}
}
return $output;
}
$plain_txt = "123456";
echo "Plain Text = {$plain_txt}\n";
$encrypted_txt = encrypt_decrypt('encrypt', $plain_txt);
echo "Encrypted Text = {$encrypted_txt}\n";
$decrypted_txt = encrypt_decrypt('decrypt', $encrypted_txt);
echo "Decrypted Text = {$decrypted_txt}\n";
if ($plain_txt === $decrypted_txt) {
echo "SUCCESS";
} else {
echo "FAILED";
}
echo "\n";
<?php
require_once 'f-encryption.php';
$client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8');
$remote_ip = '206.225.90.76';
$encryption_key = $client_encryption_keys[$remote_ip];
$timeout = 60;
echo "Decrypting: {$argv['1']}\n\n";
$decr_b64 = urlsafe_b64decode($argv[1]);
$decrypted = encrypt_decrypt('decrypt', $decr_b64);
$fields = explode(":", $decrypted);
if (count($fields) == 2) {
// sleep (3);
list($ip, $timestamp) = explode(":", $decrypted);
$nowtime = time();
//echo "$ip, $timestamp, $timeout\n";
$sum = (int) ($timestamp + $timeout);
if ($nowtime > $sum || $nowtime < $timestamp) {
echo "Expired key\n";
}
echo "IP:{$ip},TIMESTAMP:{$timestamp}\n";
}
check_token($argv[1]);
public function savehotel_fun()
{
if ($this->input->post()) {
$this->load->model('Options');
$margin_row = $this->Options->fetch_a_fields(array(), 1);
if ($this->input->post('searchType') == 'pack_hotel') {
$hobj = json_decode(encrypt_decrypt('decrypt', $this->input->post('crypt_text')), true);
$reslt_obj = array();
$this->load->model('PhaseFlightOrHotel');
$this->load->model('FullSearch');
$this->load->model('BookingInfo');
$this->load->model('PhaseSavingsNExtras');
$row = $this->FullSearch->fetch_a_search(array('url_hash' => $this->input->post('crypt')));
if (!empty($row = $this->FullSearch->fetch_a_search(array('url_hash' => $this->input->post('crypt'))))) {
$flight_row = $this->PhaseFlightOrHotel->fetch_a_search(array('type_search' => 'full_flight_date', 'full_pack_id' => $row[0]['id']));
$ser_url_arr = explode(',', substr($row[0]['service_url'], 0, -1));
foreach ($ser_url_arr as $service_url) {
$parts = parse_url($service_url);
parse_str($parts['query'], $query);
//echo $query['pax'];
$url = "http://87.102.127.86:8005/search/websearch.exe?pageid=6&compid=1&minstay=" . $query['minstay'] . "&maxstay=" . $query['maxstay'] . "&depdate=" . $flight_row[0]['flight_selected_date'] . "&flex=0&countryid=" . $query['countryid'] . "®ionid=" . $query['regionid'] . "&areaid=" . $query['areaid'] . "&resortid=&boards=&rating=&pax=" . $query['pax'] . "&offersperday=200";
//echo '<pre>';print_r($url);exit;
if ($results = $this->loadHotelDataFun($url, $flight_row[0]['flight_selected_date'])) {
// echo '<pre>';print_r($results);exit;
foreach ($results['offer'] as $offer) {
//margins - while hotel submition
$offer['@attributes']['sellpricepp'] = $offer['@attributes']['sellpricepp'] + @$margin_row[0]['hotel_rate'];
$offer['@attributes']['netpricepp'] = $offer['@attributes']['netpricepp'] + @$margin_row[0]['hotel_rate'];
//end
//echo '<pre>';print_r($results['offer']);exit;
if ($offer['@attributes']['resort'] == $hobj['@attributes']['resort'] && $offer['@attributes']['hotelname'] == $hobj['@attributes']['hotelname'] && $offer['@attributes']['boardbasis'] == $hobj['@attributes']['boardbasis']) {
$reslt_obj[] = $offer;
break;
}
}
}
}
// echo '<pre>';print_r($results['offer']);exit;
$isexist = $this->PhaseFlightOrHotel->fetch_a_search(array('type_search' => $this->input->post('searchType'), 'full_pack_id' => $row[0]['id']));
if (!empty($isexist)) {
$udata = array('type_search' => $this->input->post('searchType'), 'pack_info' => json_encode($reslt_obj), 'flight_selected_date' => $flight_row[0]['flight_selected_date']);
if ($this->PhaseFlightOrHotel->updateSearch($udata, $isexist[0]['id'])) {
if ($this->FullSearch->update_row(array('search_position' => $this->input->post('searchType')), $row[0]['id'])) {
$this->PhaseSavingsNExtras->deleteRow($row[0]['id']);
$this->BookingInfo->deleteRow($row[0]['id']);
echo base_url() . "extras/" . $this->input->post('crypt');
} else {
echo 'notavailable';
}
} else {
echo 'notavailable';
}
} else {
if ($this->PhaseFlightOrHotel->createSearch(json_encode($reslt_obj), $this->input->post('searchType'), $row[0]['id'], $flight_row[0]['flight_selected_date'])) {
if ($this->FullSearch->update_row(array('search_position' => $this->input->post('searchType')), $row[0]['id'])) {
echo base_url() . "extras/" . $this->input->post('crypt');
} else {
echo 'notavailable';
}
} else {
echo 'notavailable';
}
}
} else {
echo 'notavailable';
}
} else {
$hobj = json_decode(encrypt_decrypt('decrypt', $this->input->post('crypt_text')), true);
$this->load->model('BookingInfo');
$reslt_obj = array();
if (!empty($row = $this->UserSearch->fetch_a_search(array('url_hash' => $this->input->post('crypt'))))) {
$ser_url_arr = explode(',', substr($row[0]['service_url'], 0, -1));
foreach ($ser_url_arr as $service_url) {
$parts = parse_url($service_url);
parse_str($parts['query'], $query);
$url = "http://87.102.127.86:8005/search/websearch.exe?pageid=6&compid=1&minstay=" . $query['minstay'] . "&maxstay=" . $query['maxstay'] . "&depdate=" . $query['depdate'] . "&flex=0&countryid=" . $query['countryid'] . "®ionid=" . $query['regionid'] . "&areaid=" . $query['areaid'] . "&resortid=&boards=&rating=&pax=" . $query['pax'] . "&offersperday=200";
if ($results = $this->loadHotelDataFun($url, $query['depdate'])) {
foreach ($results['offer'] as $key => $offer) {
if ($key === '@attributes') {
$temp = array();
//margins - while hotel submition
$temp['@attributes']['sellpricepp'] = $offer['sellpricepp'] + @$margin_row[0]['hotel_rate'];
$temp['@attributes']['netpricepp'] = $offer['netpricepp'] + @$margin_row[0]['hotel_rate'];
//end
if ($offer['resort'] == $hobj['@attributes']['resort'] && $offer['hotelname'] == $hobj['@attributes']['hotelname'] && $offer['boardbasis'] == $hobj['@attributes']['boardbasis']) {
$reslt_obj[] = $temp;
break;
}
} else {
//margins - while hotel submition
$offer['@attributes']['sellpricepp'] = $offer['@attributes']['sellpricepp'] + @$margin_row[0]['hotel_rate'];
$offer['@attributes']['netpricepp'] = $offer['@attributes']['netpricepp'] + @$margin_row[0]['hotel_rate'];
//end
if ($offer['@attributes']['resort'] == $hobj['@attributes']['resort'] && $offer['@attributes']['hotelname'] == $hobj['@attributes']['hotelname'] && $offer['@attributes']['boardbasis'] == $hobj['@attributes']['boardbasis']) {
$reslt_obj[] = $offer;
break;
}
}
}
}
}
$udata = array('pack_info' => json_encode($reslt_obj), 'selected_date' => $query['depdate']);
if ($this->UserSearch->update_row($udata, $row[0]['id'])) {
echo base_url() . 'book_hotel/' . $this->input->post('crypt');
} else {
echo 'notavailable';
}
}
}
exit;
}
}
<?php
require_once 'f-encryption.php';
$client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8');
$remote_ip = '127.0.0.1';
$encryption_key = $client_encryption_keys[$remote_ip];
$timeout = 60;
$string = "127.0.0.1" . ":" . time();
$encr = encrypt_decrypt('encrypt', $string);
//echo $encr . "\n";
$encr_b64 = urlsafe_b64encode($encr);
echo "token: {$encr_b64} valid for {$timeout} sec\n";
echo "curl 'https://rtbh.sec.domain.com/apiv1/temp_whitelist/sourceip/108.59.253.198?auth_key={$encr_b64}'\n\n";
echo "php token_dec.php {$encr_b64}\n\n";
if (check_token($encr_b64)) {
echo "check_token: true !\n";
} else {
echo "check_token: INVALID\n";
}