function mailForm(){ $db=new DBConnection(); $templates=array(); $templates[0]='Select template to use'; $query='SELECT mail_templates_id, mail_template_title FROM mail_templates ORDER BY mail_template_title'; $res=$db->rq($query); while(($row=$db->fetch($res)) != FALSE) { $templates[$row['mail_templates_id']]=$row['mail_template_title']; } $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>Editing Mail Settings</b></div> <form name="addNewExpDate" method="POST" id="MainForms" action=""> <fieldset class="mainFormHolder" style="width:400px;"> <legend>SMTP Settings</legend>'; $query='SELECT * FROM global_settings WHERE section="mail_assigns"'; $res=$db->rq($query); while(($row=$db->fetch($res)) != FALSE) { $pcontent.=' <div class="formsLeft" style="width:150px;">'.$row['variable'].':</div> <div class="formsRight"> <select name="Assign'.$row['global_settings_id'].'" class="text-input">'; foreach ($templates AS $TemplateID=>$TemplateName) { $pcontent.='<option value="'.$TemplateID.'"'.(($TemplateID==$row['variable_value'])?' selected':'').'>'.$TemplateName.'</option>'; } $pcontent.=' </select> </div> <br />'; } $pcontent.=' <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'mails_assigns.php\';" /> </fieldset> </form> </div>'; $db->close(); return $pcontent; }
/** * Add new admin action * @param int $admins_id * @return string */ function addNewAdmin($admins_id = 0) { if ($admins_id && !isset($_POST['_form_submit'])){ $_SESSION['admin']['uedit'] = $admins_id; $db = new DBConnection(); $query = 'SELECT * FROM ul_logins WHERE id='.($admins_id+0).''; $res = $db->rq($query); foreach ($db->fetch($res) as $RowName => $RowValue){ $FormFieldName = str_replace('adm_', '', $RowName); $_POST[$FormFieldName] = $RowValue; } $now = new \DateTime(); $column = new \DateTime($_POST['block_expires']); if ($column > $now) { $_POST['status'] = 0; } else { $_POST['status'] = 1; } unset($_POST['password']); $db->close(); } $view = new App\View\View('admin/add'); $view->admin_id = $admins_id; $view->data = $_POST; return $view->render(); }
function addLog($log_area = '', $log_section = '', $log_user = '', $log_admin = '', $log_details = '') { $user_ip = GetHostByName($_SERVER["REMOTE_ADDR"]); $db = new DBConnection(); $query = 'INSERT INTO logs SET log_area="' . $log_area . '",log_section="' . $log_section . '",log_user="******",log_admin="' . $log_admin . '",log_details="' . $log_details . '", log_date="' . date('Y-m-d H:i:s', CUSTOMTIME) . '", log_ip="' . $user_ip . '"'; $db->rq($query); }
function addNewAdvisor($users_advisors_id=0) { if ($users_advisors_id&&!$_POST['_form_submit']){ $_SESSION['admin']['uedit']=$users_advisors_id; $db=new DBConnection(); $query='SELECT * FROM users_advisors WHERE users_advisors_id='.($users_advisors_id+0).''; $res=$db->rq($query); foreach ($db->fetch($res) as $RowName=>$RowValue){ $FormFieldName=str_replace('advisor_', '', $RowName); $_POST[$FormFieldName]=$RowValue; } $db->close(); } $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($users_advisors_id>0)?'Editing':'Creating New').' Advisor</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/advisors.js"></script> <form name="addNewAdvisor" method="POST" id="MainForms" action=""> <fieldset class="mainFormHolder"> <legend>User information</legend> <div class="formsLeft">REF:</div> <div class="formsRight"> <input class="text-input" type="text" name="ref" id="ref" value="'.$_POST['ref'].'" /> </div> <br /> <div class="formsLeft">Names:</div> <div class="formsRight"> <input class="text-input" name="names" id="names" value="'.$_POST['names'].'" /> </div> <br /> <div class="formsLeft">Firm:</div> <div class="formsRight"> <input class="text-input" name="firm" id="firm" value="'.$_POST['firm'].'" /> </div> <br /> <div class="formsLeft">Contacts:</div> <div class="formsRight"> <input class="text-input" name="contacts" id="contacts" value="'.$_POST['contacts'].'" /> </div> <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> '; if ($users_advisors_id){ $pcontent.=' <input type="hidden" name="advid" value="'.$users_advisors_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this advisor?\')) location=\'?action=delete&advid='.($_POST['users_advisors_id']+0).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'users_advisors.php\';" /> </fieldset> </form> </div>'; return $pcontent; }
function addNewExpDate($expiry_dates_id=0){ if($expiry_dates_id&&!$_POST['_form_submit']) { $_SESSION['admin']['uedit']=$expiry_dates_id; $db=new DBConnection(); $query='SELECT * FROM expiry_dates WHERE expiry_dates_id='.($expiry_dates_id+0).''; $res=$db->rq($query); foreach ($db->fetch($res) AS $RowName=>$RowValue) { $_POST[$RowName]=$RowValue; } $db->close(); } $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($expiry_dates_id>0)?'Editing':'Creating New').' Expiry Date</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/expiry_dates.js"></script> <form name="addNewExpDate" method="POST" id="MainForms" action=""> <fieldset class="mainFormHolder"> <legend>Date information</legend> <div class="formsLeft">Expiry date:</div> <div class="formsRight"> <input class="text-input" type="text" name="expiry_date" id="expiry_date" value="'.$_POST['expiry_date'].'" autocomplete="off" /> </div> <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if($expiry_dates_id) { $pcontent.=' <input type="hidden" name="edid" value="'.$expiry_dates_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this expiry date?\')) location=\'?action=delete&edid='.($_POST['expiry_dates_id']+0).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'expiry_dates.php\';" /> </fieldset> </form> </div>'; return $pcontent; }
function addNewTradeSell($tradesSell_id=0) { $db=new DBConnection(); if ($tradesSell_id&&!$_POST['_form_submit']){ $query='SELECT * FROM trades WHERE trade_ref="'.$tradesSell_id.'"'; $res=$db->rq($query); $_POST=$db->fetch($res); $_SESSION['admin']['uedit']=$_POST['trades_id']; } $JSCripts=' onchange="setDetails(0);"'; $JSCriptsPremium=' onchange="setDetails(1);"'; if ($_POST['trade_date']=='') $_POST['trade_date']=date('Y-m-d', CUSTOMTIME); global $tradesSellStatuses; global $tradesBuyOptions; $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($_GET['action']=='new_sell')?'Adding new':'Editing').' SELL Order</b></div> <script type="text/javascript" src="../js/jquery.metadata.js"></script> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/tradesSell.js"></script> <script type="text/javascript"> jQuery(document).ready( function($) { var sliderValue = '.$_POST['trade_positions_left'].'; $("#slider").slider( { min : 1, max : '.$_POST['trade_positions_left'].', step : 1, value : [ sliderValue ], slide : function(event, ui) { $("#sliderVal").val(ui.value); } }); $("#sliderVal").attr("value", sliderValue); $("#sliderVal").keyup(function() { var sliderValue = +this.value; if (sliderValue >= 1 && sliderValue <= '.$_POST['trade_positions_left'].') { $("#slider").slider("value", sliderValue); } else { alert("Please enter a value between 1 and '.$_POST['trade_positions_left'].'"); $("#slider").slider("value", 1); $("#sliderVal").attr("value", 1); } }); $("#slider, #sliderVal").bind("mousedown mouseup mousemove mouseout mouseover", function() { setDetails(); }); setDetails(); }); </script> <form name="addNewTradeBuy" method="POST" id="MainForms" action=""> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Account</legend> <div class="formsRight"> <select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true">'; $query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users WHERE user_account_num="'.$_POST['user_account_num'].'" LIMIT 1'; $res=$db->rq($query); while (($row=$db->fetch($res))!=FALSE){ $pcontent.='<option value="'.$row['user_account_num'].'">'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Contract</legend> <div class="formsLeft">Trade Order:</div> <div class="formsRight">SELL</div> <br /> <div class="formsLeft">Position(s):</div> <div class="formsRight"> <div id="slider"><a href="#"></a></div> <input type="text" class="text-input-smallest left" id="sliderVal" name="trade_positions"'.$JSCripts.' /> </div> <br /><br /> <div class="formsLeft">Option:</div> <div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_option" id="trade_option" value="'.$tradesBuyOptions[$_POST['trade_option']].'"></div> <br /> <div class="formsLeft">Commodity:</div> <div class="formsRight">'; $query='SELECT * FROM commodities WHERE commodities_id='.($_POST['commodities_id']+0).' LIMIT 1'; $res=$db->rq($query); $row=$db->fetch($res); $strToUse=strtotime($_POST['trade_expiry_date']); $pcontent.=' <input class="text-input ui-state-default" type="text" name="commodities_id" id="commodities_id" value="'.$row['commodities_symbol'].' ('.$row['commodities_name'].')"> </div> <br /> <div class="formsLeft">Expiry Date:</div> <div class="formsRight"> <div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_expiry_date" id="trade_expiry_date" value="'.date('d M y', $strToUse).'"></div> </div> <br /> <div class="formsLeft">Strike Price:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_strikeprice" id="trade_strikeprice" value="'.$_POST['trade_strikeprice'].'"'.$JSCripts.' /> </div><br /> <div class="formsLeft">Notes:</div> <div class="formsRight"> <input type="text" class="text-input left" name="trade_notes" value="'.$_POST['trade_notes'].'"'.$JSCripts.' /> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Trade Details</legend> <input class="ui-state-default trade-details" type="text" name="trade_details" id="trade_details" value="'.(($_POST['trade_details']!='')?''.$_POST['trade_details'].'':'BUY').'" readonly /> </fieldset> <div class="clear"></div>'; $totalRelated=0; $query2='SELECT trade_ref_relatedto FROM trades_related WHERE trade_ref="'.$_POST['trade_ref'].'"'; $res2=$db->rq($query2); $totalRelated=$db->num_rows($res2); if ($totalRelated>0){ $row2=$db->fetch($res2); $getRelatedInfo=$db->getRow('trades','trade_ref="'.$row2['trade_ref_relatedto'].'"','trade_ref, trade_details'); $pcontent.=' <fieldset class="mainFormHolder left"> <legend>Related Trades</legend><br /> <div class="ui-state-default trade-details"><a href="trades.php?action=edit_buy&tref='.$getRelatedInfo['trade_ref'].'" style="display:block;">'.$getRelatedInfo['trade_details'].'</a></div><br /> </fieldset>'; } $pcontent.=' </div> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Prices</legend> <div class="formsLeft">Premium:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_premium_price" id="trade_premium_price" value="'.$_POST['trade_premium_price'].'"'.$JSCriptsPremium.' /> </div> <br /> <div class="formsLeft">Contract Size:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_contract_size" id="trade_contract_size" value="'.$_POST['trade_contract_size'].'" readonly /> </div> <br /> <div class="formsLeft">Price/contract:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_price_contract" id="trade_price_contract" value="'.$_POST['trade_price_contract'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Trade Value:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_value" id="trade_value" value="'.$_POST['trade_value'].'" readonly /> </div> <br /> <div class="formsLeft">Fees:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_fees" id="trade_fees" value="'.$_POST['trade_fees'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Total Invoiced:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_invoiced" id="trade_invoiced" value="'.$_POST['trade_invoiced'].'" /> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Settings</legend> <div class="formsLeft">Value date:</div> <div class="formsRight"><input class="text-input" type="text" name="trade_date" id="trade_date" value="'.$_POST['trade_date'].'" /></div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="trade_status" class="text-input">'; foreach ($tradesSellStatuses as $StatusID=>$StatusName){ $pcontent.='<option value="'.$StatusID.'"'.(($StatusID==$_POST['trade_status'])?' selected':'').'>'.$StatusName.'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <div class="mainFormHolder left btnsHolder"> <input type="hidden" name="_form_submit" value="1" /> <input type="hidden" name="_add_sell" value="1" /> <input type="hidden" name="trid" value="'.$tradesSell_id.'"> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this SELL?\')) location=\'?action=delete_sell&sellid='.($_POST['trade_ref']).'\';" /> <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'trades.php\';" /> </div> </div> </form> </div>'; $db->close(); return $pcontent; }
function page_header_simple($redirect = 0) { if ($_SESSION['user']['is_logged'] == 1) { $PageTitle = getLang('ptitle_logged'); } else { $PageTitle = getLang('ptitle_notlogged'); } echo '<!DOCTYPE html> <!--[if lt IE 7]> <html lang="en-us" class="no-js ie6"> <![endif]--> <!--[if IE 7]> <html lang="en-us" class="no-js ie7"> <![endif]--> <!--[if IE 8]> <html lang="en-us" class="no-js ie8"> <![endif]--> <!--[if IE 9]> <html lang="en-us" class="no-js ie9"> <![endif]--> <!--[if gt IE 8]><!--> <html lang="en-us" class="no-js"> <!--<![endif]--> <head> <meta charset="utf-8"> <title>' . $PageTitle . '</title> <meta http-equiv="content-type" content="application/xhtml+xml" /> <meta http-equiv="X-UA-Compatible" content="IE=100" /> <meta name="robots" content="NOINDEX,NOFOLLOW" /> <meta name="viewport" content="width=device-width; initial-scale=1; maximum-scale=1;"> <meta name="apple-mobile-web-app-capable" content="yes" /> <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" /> '; echo ' <link href="adminica/styles/adminica/reset.css" media="all" rel="stylesheet" type="text/css" /> <link href="adminica/styles/plugins/all/plugins.css" media="all" rel="stylesheet" type="text/css" /> <link href="adminica/styles/adminica/all.css" media="all" rel="stylesheet" type="text/css" /> <link rel="stylesheet" href="adminica/styles/themes/layout_switcher.php?default=layout_fixed.css" > <link rel="stylesheet" href="adminica/styles/themes/nav_switcher.php?default=nav_top.css" > <link rel="stylesheet" href="adminica/styles/themes/skin_switcher.php?default=skin_light.css" > <link rel="stylesheet" href="adminica/styles/themes/theme_switcher.php?default=theme_blue.css" > <link rel="stylesheet" href="adminica/styles/themes/bg_switcher.php?default=bg_white_wall.css" > <link rel="stylesheet" href="adminica/styles/adminica/colours.css"> <link rel="stylesheet" href="css/custom.css"> <link rel="stylesheet" href="css/font-awesome/css/font-awesome.min.css"> <link href="css/validationEngine.jquery.css" media="all" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="adminica/scripts/plugins-min.js"></script> <script type="text/javascript" src="adminica/scripts/adminica/adminica_all-min.js"></script> <!--<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script> <script type="text/javascript" src="js/jquery-ui-1.7.2.custom.min.js"></script>--> <script type="text/javascript" src="js/scripts.js"></script>'; if ($SelectedTab == 2) { echo ' <link href="css/jquery.jqplot.css" media="all" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="js/excanvas.min.js"></script> <script type="text/javascript" src="js/jquery.jqplot.min.js"></script> <script type="text/javascript" src="js/plugins/jqplot.dateAxisRenderer.min.js"></script> <script type="text/javascript" src="js/plugins/jqplot.canvasTextRenderer.min.js"></script> <script type="text/javascript" src="js/plugins/jqplot.canvasAxisTickRenderer.min.js"></script> <script type="text/javascript" src="js/plugins/jqplot.categoryAxisRenderer.min.js"></script> <script type="text/javascript" src="js/plugins/jqplot.barRenderer.js"></script> '; } echo ' <style> .xLabel { display: inline-block; width: 50%; } </style> </head> <body> <div id="pjax">'; include 'includes/custom_header.php'; if ($_SESSION['user']['is_logged'] == 1) { echo '<div id="main_container" class="main_container container_16 clearfix">'; include 'adminica/includes/components/navigation.php'; } else { $db = new DBConnection(); $UserIP = GetHostByName($_SERVER["REMOTE_ADDR"]); $query = 'SELECT banned_ips_id FROM banned_ips WHERE banned_ip="' . $UserIP . '" LIMIT 1'; $res = $db->rq($query); $num_rows = $db->num_rows($res); $db->close(); if ($num_rows > 0) { echo '</div><div class="LoginContainer"><h3>' . getLang('lform_publicbanmessage') . '</h3></div>'; } else { //include('parts/login_box.php'); } } }
<?php require '../vendor/autoload.php'; require_once '../classes/db.class.php'; require_once '../includes/timefix.php'; set_time_limit(900); $db = new DBConnection(); $today = date('Y-m-d', CUSTOMTIME); $query = 'UPDATE trades SET trade_status=4 WHERE trade_expiry_date<"' . $today . '" AND trade_status=1'; $db->rq($query); $query = 'SELECT user_account_num, user_lscp, user_lscp FROM users WHERE user_status=1'; $res = $db->rq($query); while (($row = $db->fetch($res)) != FALSE) { $query2 = 'SELECT MIN(trade_strikeprice) AS min_strike FROM trades WHERE trade_status=1 AND trade_option=1 AND user_account_num="' . $row['user_account_num'] . '"'; $res2 = $db->rq($query2); $row2 = $db->fetch($res2); if ($row2['min_strike'] < $row['user_lscp'] || $row['user_lscp'] == 0) { $query3 = 'UPDATE users SET user_lscp="' . ($row2['min_strike'] + 0) . '", user_lastupdate="' . date('Y-m-d H:i:s', CUSTOMTIME) . '" WHERE user_account_num="' . $row['user_account_num'] . '"'; $db->rq($query3); } $query4 = 'SELECT MAX(trade_strikeprice) AS max_strike FROM trades WHERE trade_status=1 AND trade_option=2 AND user_account_num="' . $row['user_account_num'] . '"'; $res4 = $db->rq($query4); $row4 = $db->fetch($res4); if ($row4['max_strike'] > $row['user_hpsp'] || $row['user_hpsp'] == 0) { $query5 = 'UPDATE users SET user_hpsp="' . ($row4['max_strike'] + 0) . '", user_lastupdate="' . date('Y-m-d H:i:s', CUSTOMTIME) . '" WHERE user_account_num="' . $row['user_account_num'] . '"'; $db->rq($query5); } $query6 = 'SELECT COUNT(trades_id) AS total_trades FROM trades WHERE trade_status=1 AND user_account_num="' . $row['user_account_num'] . '"'; $res6 = $db->rq($query6);
function addNewWithdraw($transferID=0) { $db=new DBConnection(); if ($transferID && !isset($_POST['_form_submit'])){ $query='SELECT * FROM transfers WHERE tr_ref="'.$transferID.'"'; $res=$db->rq($query); $_POST=$db->fetch($res); } $JSCripts=' onkeyup="setDetails();" onchange="setDetails();"'; if (array_get($_GET, 'uid', 0) > 0){ $query='SELECT user_bank_online,user_bank_beneficiary,user_bank_address,user_bank_account,user_bank_name,user_bank_codetype,user_bank_code, user_bank_moredetails FROM users WHERE user_account_num="'.(array_get($_GET, 'uid', 0)).'"'; $res=$db->rq($query); $row=$db->fetch($res); foreach ($row as $Column=>$ColumnValue){ $fixColumnName=str_replace('user_', 'tr_', $Column); $_POST[$fixColumnName]=$ColumnValue; } } if (!isset($_POST['tr_fees']) || empty($_POST['tr_fees'])){ $_POST['tr_fees']='0.00'; } if (!isset($_POST['tr_date']) || empty($_POST['tr_date'])){ $_POST['tr_date']=date('Y-m-d', CUSTOMTIME); } global $depositOptions; $userBankCodeTypes=array(1=>'SWIFT Code', 2=>'IBAN Code', 3=>'ABA #', 4=>'BSC Code'); $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($transferID>0)?'Editing':'Adding New').' Withdraw</b></div> <script type="text/javascript" src="../js/jquery.metadata.js"></script> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/transfersWithdraw.js"></script> <form name="addNewDeposit" method="POST" id="MainForms" action=""> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Account</legend> <div class="formsRight"> <select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true"> <option value="">Select account</option>'; $query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users ORDER BY user_firstname ASC, user_lastname ASC'; $res=$db->rq($query); while (($row=$db->fetch($res))!=FALSE){ $pcontent.='<option value="'.$row['user_account_num'].'"'.((array_get($_GET, 'uid') == $row['user_account_num'] || array_get($_POST, 'user_account_num')==$row['user_account_num'])?' selected':'').'>'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Bank Details</legend> <br /> <div class="formsLeft">Beneficiary:</div> <div class="formsRight"> <input class="text-input" type="text" name="tr_bank_beneficiary" id="tr_bank_beneficiary" value="'.array_get($_POST, 'tr_bank_beneficiary').'" /> </div> <br /> <div class="formsLeft">Bank Address:</div> <div class="formsRight"> <textarea class="text-area" name="tr_bank_address" id="tr_bank_address">'.array_get($_POST, 'tr_bank_address').'</textarea> </div> <br /> <div class="formsLeft">Bank Account:</div> <div class="formsRight"> <input class="text-input" type="text" name="tr_bank_account" id="tr_bank_account" value="'.array_get($_POST, 'tr_bank_account').'" /> </div> <br /> <div class="formsLeft">Bank Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="tr_bank_name" id="tr_bank_name" value="'.array_get($_POST, 'tr_bank_name').'" /> </div> <br /> <div class="formsLeft"> <select name="tr_bank_codetype" class="select-medium">'; foreach ($userBankCodeTypes as $BankCodeID=>$BankCodeType){ $pcontent.='<option value="'.$BankCodeID.'"'.(($BankCodeID==array_get($_POST, 'tr_bank_codetype'))?' selected':'').'>'.$BankCodeType.'</option>'; } $pcontent.=' </select> </div> <div class="formsRight"> <input class="text-input" type="text" name="tr_bank_code" id="tr_bank_code" value="'.array_get($_POST, 'tr_bank_code').'" /> </div> <br /> <div class="formsLeft">More Bank Details:</div> <div class="formsRight"> <textarea class="text-area" name="tr_bank_moredetails" id="tr_bank_moredetails">'.array_get($_POST, 'tr_bank_moredetails').'</textarea> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Notes</legend> <div class="formsRight" style="height:105px;"> <textarea class="text-area-big" style="height:95px;" name="tr_notes" id="user_notes">'.array_get($_POST, 'tr_notes').'</textarea> </div> </fieldset> </div> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Transfer</legend> <div class="formsLeft">Withdraw:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="tr_value" id="tr_value" value="'.array_get($_POST, 'tr_value').'"'.$JSCripts.' autocomplete="off" /> </div> <br /> <div class="formsLeft">Fees:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="tr_fees" id="tr_fees" value="'.array_get($_POST, 'tr_fees').'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Total Withdraw:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="tr_total" id="tr_total" value="'.array_get($_POST, 'tr_total').'" readonly /> </div> <br /> <div class="formsLeft">Value date:</div> <div class="formsRight"><input class="text-input" type="text" name="tr_date" id="trade_date" value="'.array_get($_POST, 'tr_date').'" /></div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="tr_status" class="text-input">'; foreach ($depositOptions as $StatusID=>$StatusName){ $pcontent.='<option value="'.$StatusID.'"'.(($StatusID==array_get($_POST, 'tr_status'))?' selected':'').'>'.$StatusName.'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <div class="mainFormHolder left btnsHolder"> <input type="hidden" name="_add_withdraw" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if ($transferID){ $pcontent.=' <input type="hidden" name="trid" value="'.$transferID.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this withdraw?\')) location=\'?action=delete_withdraw&wtrid='.($_POST['tr_ref']).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="'.((array_get($_GET, 'uid', 0) > 0)?'location=\'users.php\'':'location=\'transfers.php\'').';" /> </div> </div> </form> </div>'; $db->close(); return $pcontent; }
} } $searchFor=''; if ($_GET['sSearch']!=''){ $searchFor.='WHERE '; foreach ($searchColumns AS $Count=>$columnToSearch) { $addOr=''; if($Count!=0) $addOr.=' OR '; $searchFor.=$addOr.$columnToSearch.' LIKE "%'.$db->string_escape($_GET['sSearch']).'%"'; } } $searchQuery='SELECT SQL_CALC_FOUND_ROWS * FROM commodities_groups '.$searchFor.' '.$searchOrder.' '.$searchLimit.''; $rResult=$db->rq($searchQuery); $query='SELECT FOUND_ROWS() AS frows'; $res=$db->rq($query); $row=$db->fetch($res); $iFilteredTotal=$row['frows']; $query='SELECT COUNT(commodities_groups_id) AS total_groups FROM commodities_groups'; $res=$db->rq($query); $row=$db->fetch($res); $iTotal=$row['total_groups']; $sOutput='{'; $sOutput.='"sEcho": '.$_GET['sEcho'].', '; $sOutput.='"iTotalRecords": '.$iTotal.', '; $sOutput.='"iTotalDisplayRecords": '.$iFilteredTotal.', ';
function addNewUser($users_id=0) { $db=new DBConnection(); if($users_id&&!$_POST['_form_submit']) { $query='SELECT * FROM users WHERE user_account_num="'.$users_id.'"'; $res=$db->rq($query); $_POST=$db->fetch($res); $_SESSION['admin']['uedit']=$_POST['users_id']; $FullREF=explode('-', $_POST['user_fullref']); $UserNID=$FullREF[1]; $JSCripts=''; }else { $JSCripts=' onkeyup="generateAccountInfos();" onblur="generateAccountInfos();"'; $_POST['user_password']='******'.date('d', CUSTOMTIME).'r89'; $_POST['user_app_date']=date('Y-m-d', CUSTOMTIME); } global $userTitles; global $userStatuses; global $userBankCodeTypes; $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($users_id>0)?'Editing':'Creating New').' User Account</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/users.js"></script> <form name="addNewUser" method="POST" id="MainForms" action=""> <div class="left"> <fieldset class="mainFormHolder left minHeight200"> <legend>Contact Information</legend> <div class="formsLeft">Title:</div> <div class="formsRight"> <select name="user_title" class="text-input">'; foreach ($userTitles AS $TitleID=>$TitleName) { $selected=''; if($_POST['user_title']==$TitleID) $selected=' selected'; $pcontent.='<option value="'.$TitleID.'"'.$selected.'>'.$TitleName.'</option>'; } $pcontent.=' </select> </div> <br /> <div class="formsLeft">First Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_firstname" id="user_firstname" value="'.$_POST['user_firstname'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Middle Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_middlename" id="user_middlename" value="'.$_POST['user_middlename'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Last Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_lastname" id="user_lastname" value="'.$_POST['user_lastname'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Email:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_email" id="user_email" value="'.$_POST['user_email'].'" /> </div> <br /> <div class="formsLeft">Phone:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_phone" id="user_phone" value="'.$_POST['user_phone'].'" /> </div> <br /> <div class="formsLeft">Mailing Address:</div> <div class="formsRight"> <textarea class="text-area-small2rows" name="user_mailing_address" id="user_mailing_address" rows="2" cols="1">'.$_POST['user_mailing_address'].'</textarea> </div> <br /> <div class="formsLeft">Postal Code/ZIP:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_postal" id="user_postal" value="'.$_POST['user_postal'].'" /> </div> <br /> <div class="formsLeft">City:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_city" id="user_city" value="'.$_POST['user_city'].'" /> </div> <br /> <div class="formsLeft">State/Province:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_state" id="user_state" value="'.$_POST['user_state'].'" /> </div> <br /> <div class="formsLeft">Country:</div> <div class="formsRight"> <select name="user_country" id="user_country" class="text-input">'; $query='SELECT country_full FROM countries ORDER BY country_full'; $res=$db->rq($query); while (($row=$db->fetch($res)) != FALSE) { $selected=''; if($_POST['user_country']==$row['country_full']) $selected=' selected'; $pcontent.='<option value="'.$row['country_full'].'"'.$selected.'>'.$row['country_full'].'</option>'; } $pcontent.=' </select> </div> <br /> <div class="moreRight" id="showMoreDetails">more details »</div> <span id="moreDetails"> <br /> <div class="formsLeft">Fax:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_fax" id="user_fax" value="'.$_POST['user_fax'].'" /> </div> <br /> <div class="formsLeft">Secondary Email:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_email2" id="user_email2" value="'.$_POST['user_email2'].'" /> </div> <br /> <div class="formsLeft">Company:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_company" id="user_company" value="'.$_POST['user_company'].'" /> </div> <br /> <div class="formsLeft">Web Page:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_web" id="user_web" value="'.$_POST['user_web'].'" /> </div> </span> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Trading Advisor</legend> <div class="formsLeft">Advisor 1:</div> <div class="formsRight"> <select name="user_advisor1" class="text-input"> <option value="0">Select primary advisor</option>'; $query='SELECT * FROM users_advisors ORDER BY advisor_names'; $res=$db->rq($query); while(($row=$db->fetch($res)) != FALSE) { $pcontent.='<option value="'.$row['users_advisors_id'].'"'.(($row['users_advisors_id']==$_POST['user_advisor1'])?' selected':'').'>'.$row['advisor_names'].' / '.$row['advisor_ref'].'</option>'; } $pcontent.=' </select> </div> <br /> <div class="formsLeft">Advisor 2:</div> <div class="formsRight"> <select name="user_advisor2" class="text-input"> <option value="0">Select 2nd advisor</option>'; $query='SELECT * FROM users_advisors ORDER BY advisor_names'; $res=$db->rq($query); while(($row=$db->fetch($res)) != FALSE) { $pcontent.='<option value="'.$row['users_advisors_id'].'"'.(($row['users_advisors_id']==$_POST['user_advisor2'])?' selected':'').'>'.$row['advisor_names'].' / '.$row['advisor_ref'].'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Bank Details</legend> <div class="moreRight" id="showBankDetails">show bank details »</div> <span id="moreBankDetails"> <div class="formsLeft">Beneficiary:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_bank_beneficiary" id="user_bank_beneficiary" value="'.$_POST['user_bank_beneficiary'].'" /> </div> <br /> <div class="formsLeft">Bank Address:</div> <div class="formsRight"> <textarea class="text-area" name="user_bank_address" id="user_bank_address">'.$_POST['user_bank_address'].'</textarea> </div> <br /> <div class="formsLeft">Bank Account:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_bank_account" id="user_bank_account" value="'.$_POST['user_bank_account'].'" /> </div> <br /> <div class="formsLeft">Bank Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_bank_name" id="user_bank_name" value="'.$_POST['user_bank_name'].'" /> </div> <br /> <div class="formsLeft"> <select name="user_bank_codetype" class="select-medium">'; foreach ($userBankCodeTypes AS $BankCodeID=>$BankCodeType) { $pcontent.='<option value="'.$BankCodeID.'"'.(($BankCodeID==$_POST['user_bank_codetype'])?' selected':'').'>'.$BankCodeType.'</option>'; } $pcontent.=' </select> </div> <div class="formsRight"> <input class="text-input" type="text" name="user_bank_code" id="user_bank_code" value="'.$_POST['user_bank_code'].'" /> </div> <br /> <div class="formsLeft">More Bank Details:</div> <div class="formsRight"> <textarea class="text-area" name="user_bank_moredetails" id="user_bank_moredetails">'.$_POST['user_bank_moredetails'].'</textarea> </div> </span> </fieldset> </div> <div class="left"> <fieldset class="mainFormHolder left minHeight200"> <legend>Account Information</legend> <div class="formsLeft">Admin Reference:</div> <div class="formsRight"> <input class="text-input-smaller" type="text" name="user_ref" id="user_ref" value="'.(($_POST['user_ref']!='')?''.$_POST['user_ref'].'':''.$_SESSION['admin']['refnum'].'').'" readonly /> <input class="text-input-small" type="text" name="user_refid" id="user_refid" value="'.(($UserNID!='')?''.$UserNID.'':''. NID.'').'" readonly /> </div> <br /> <div class="formsLeft">Account Number:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_account_num" id="user_account_num" value="'.(($users_id!='')?''.$users_id.'':''. NID.'').'" readonly /> </div> <br /> <div class="formsLeft">Account Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_account_name" id="user_account_name" value="'.$_POST['user_account_name'].'" /> </div> <br /> <div class="formsLeft">Username:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_username" id="user_username" value="'.$_POST['user_username'].'" /> </div> <br /> <div class="formsLeft">Password:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_password" id="user_password" value="'.$_POST['user_password'].'" /> </div> <br /> <div class="formsLeft">Secret question:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_secret_question" id="user_secret_question" value="'.$_POST['user_secret_question'].'" /> </div> <br /> <div class="formsLeft">Secret answer:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_secret_answer" id="user_secret_answer" value="'.$_POST['user_secret_answer'].'" /> </div> <br /> <div class="formsLeft">Application Date:</div> <div class="formsRight"> <input class="text-input" type="text" name="user_app_date" id="user_app_date" value="'.$_POST['user_app_date'].'" /> </div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="user_status" class="text-input">'; foreach ($userStatuses AS $StatusID=>$StatusName) { $pcontent.='<option value="'.$StatusID.'"'.(($StatusID==$_POST['user_status'])?' selected':'').'>'.$StatusName.'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Notes</legend> <div class="formsRight"> <textarea class="text-area-big" name="user_notes" id="user_notes">'.$_POST['user_notes'].'</textarea> </div> </fieldset> <div class="clear"></div> <div class="mainFormHolder left btnsHolder"> <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if($users_id) { $pcontent.=' <input type="hidden" name="usid" value="'.$users_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this user?\')) location=\'?action=delete&uid='.($_POST['user_uid']).'\';" /> <input type="button" name="_logs" value="'.getLang('sform_logsbtn').'" class="submitBtn ui-state-default" onclick="location=\'?action=logs&uid='.($_POST['user_uid']).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'users.php\';" /> </div> </div> </form> </div>'; $db->close(); return $pcontent; }
if($_SESSION['admin']['is_logged']==1) { $db=new DBConnection(); $query='DELETE FROM mail_queue WHERE mail_queue_id='.($_GET['mailid']+0); $db->rq($query); $db->close(); header('Location: mails_outbox.php'); exit(); } break; case 'massdel' : if($_SESSION['admin']['is_logged']==1) { $db=new DBConnection(); $query='DELETE FROM mail_queue WHERE is_sent=0'; $db->rq($query); $db->close(); header('Location: mails_outbox.php'); exit(); } break; default : $page_content=listOutgoingMails(); break; } page_header(); echo $page_content; page_footer(); ?>
function addNewCommodity($commodities_id=0) { if($commodities_id&&!$_POST['_form_submit']) { $_SESSION['admin']['uedit']=$commodities_id; $db=new DBConnection(); $query='SELECT * FROM commodities WHERE commodities_id='.($commodities_id+0).''; $res=$db->rq($query); foreach ($db->fetch($res) AS $RowName=>$RowValue) { $_POST[$RowName]=$RowValue; } $db->close(); } $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($commodities_id>0)?'Editing':'Creating New').' Commodity</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/commodities.js"></script> <form name="addNewCommodity" method="POST" id="MainForms" action=""> <fieldset class="mainFormHolder"> <legend>Commodity information</legend> <div class="formsLeft">Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="commodities_name" id="commodities_name" value="'.$_POST['commodities_name'].'" /> </div> <br /> <div class="formsLeft">Group:</div> <div class="formsRight"> <select name="commodities_groups_id" class="text-input">'; $db=new DBConnection(); $query='SELECT * FROM commodities_groups ORDER BY commodities_groups_name'; $res=$db->rq($query); while(($row=$db->fetch($res)) != FALSE) { $pcontent.='<option value="'.$row['commodities_groups_id'].'"'.(($_POST['commodities_groups_id']==$row['commodities_groups_id'])?' selected':'').'>'.$row['commodities_groups_name'].'</option>'; } $db->close(); $pcontent.=' </select> </div> <br /> <div class="formsLeft">Symbol:</div> <div class="formsRight"> <input class="text-input" name="commodities_symbol" id="commodities_symbol" value="'.$_POST['commodities_symbol'].'" /> </div> <br /> <div class="formsLeft">Contract size:</div> <div class="formsRight"> <input class="text-input" name="commodities_contract_size" id="commodities_contract_size" value="'.$_POST['commodities_contract_size'].'" /> </div> <br /> <div class="formsLeft">Unit:</div> <div class="formsRight"> <input class="text-input" name="commodities_unit" id="commodities_unit" value="'.$_POST['commodities_unit'].'" /> </div> <br /> <div class="formsLeft">Default Fees:</div> <div class="formsRight"> <input class="text-input" name="commodities_def_fee" id="commodities_def_fee" value="'.$_POST['commodities_def_fee'].'" /> </div> <br /> <div class="formsLeft">Default Premium Price:</div> <div class="formsRight"> <input class="text-input" name="commodities_def_prem" id="commodities_def_prem" value="'.$_POST['commodities_def_prem'].'" /> </div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="commodities_status" class="text-input"> <option value="0"'.(($_POST['commodities_status']==0)?' selected':'').'>Not active</option> <option value="1"'.(($_POST['commodities_status']==1)?' selected':'').'>Active</option> </select> </div> <br /> <div class="formsLeft">Order priority:</div> <div class="formsRight"> <input class="text-input" name="commodities_order_priority" id="commodities_order_priority" value="'.$_POST['commodities_order_priority'].'" /> </div> <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if($commodities_id) { $pcontent.=' <input type="hidden" name="cid" value="'.$commodities_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this commodity?\')) location=\'?action=delete&cid='.($_POST['commodities_id']+0).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'commodities.php\';" /> </fieldset> </form> </div>'; return $pcontent; }
<?php require_once 'common.php'; check_logged_in(); $PageTitle = getLang('ptitle_logged'); $db = new DBConnection(); $query = 'SELECT user_firstname, trading_type,user_lastname,user_account_num FROM users WHERE user_account_num="' . $_SESSION['user']['user_account_num'] . '" LIMIT 1'; $res = $db->rq($query); $username = $db->fetch($res); $total_change = 0; $total_cost = 0; $total_value = 0; $total_profit = 0; $total_pps_a = 0; $total_pps_b = 0; $query = 'SELECT * FROM stock_trades WHERE user_account_num="' . $_SESSION['user']['user_account_num'] . '" AND (trade_type="1" OR trade_type="3") AND trade_status="1" ORDER BY trade_date DESC'; $res = $db->rq($query); $result = array(); while ($row = $db->fetch($res)) { $subq = $db->rq("SELECT * FROM stocks WHERE stocks_id='" . $row['stocks_id'] . "' LIMIT 1"); $row['stock'] = $db->fetch($subq); $subq = $db->rq("SELECT * FROM stock_details WHERE stocks_id='" . $row['stocks_id'] . "' ORDER BY date DESC LIMIT 1"); $row['details'] = $db->fetch($subq); $total_pps_b += $row['trade_price_share']; $total_pps_a += $row['details']['value']; $total_cost += $row['trade_value']; $row['cur_value'] = $row['details']['value'] * $row['trade_shares_left']; $total_value += $row['cur_value']; $row['profit'] = ($row['cur_value'] - $row['trade_value']) / $row['trade_value'] * 100; if ($row['profit'] > 0) { $row['profit_class'] = ' class="text-success"';
function addNewTradeShort($tradesSell_id=0) { $db=new DBConnection(); if ($tradesSell_id && !isset($_POST['_form_submit'])){ $query='SELECT * FROM stock_trades WHERE trade_ref="'.$tradesSell_id.'"'; $res=$db->rq($query); $_POST=$db->fetch($res); $_SESSION['admin']['uedit']=$_POST['trades_id']; $JSCripts=' onchange="setDetails(0);"'; $JSCriptsSelect=' onchange="setDetails(3);"'; $JSCriptsPremium=' onchange="setDetails(1);"'; }else{ $_POST['trade_stockprice']='0.0000'; $_POST['trade_shares']=10; $JSCripts=' onchange="setDetails(0);"'; $JSCriptsSelect=' onchange="setDetails(3);"'; $JSCriptsPremium=' onchange="setDetails(1);"'; } if (array_get($_POST, 'trade_date') == ''){ $_POST['trade_date'] = date('Y-m-d', CUSTOMTIME); } global $tradesStatuses; global $tradesBuyOptions; $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($tradesSell_id>0)?'Editing':'Adding New').' SHORT Order</b></div> <script type="text/javascript" src="../js/jquery.metadata.js"></script> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/stradesShort.js"></script> <script type="text/javascript"> jQuery(document).ready( function($) { var sliderValue = '.$_POST['trade_shares'].'; $("#slider").slider( { min : 1, max : 99999, step : 1, value : [ sliderValue ], slide : function(event, ui) { $("#sliderVal").val(ui.value); } }); $("#sliderVal").attr("value", sliderValue); $("#sliderVal").keyup(function() { var sliderValue = +this.value; if (sliderValue >= 1 && sliderValue <= 99999) { $("#slider").slider("value", sliderValue); } else { alert("Please enter a value between 1 and 99999"); $("#slider").slider("value", 1); $("#sliderVal").attr("value", 1); } }); $("#slider, #sliderVal").bind("mousedown mouseup mousemove mouseout mouseover", function() { setDetails(0); }); '.((!$tradesSell_id)?'setDetails(3);':'setDetails(4);').' }); </script> <form name="addNewTradeShort" method="POST" id="MainForms" action=""> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Account</legend> <div class="formsRight"> <select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true"'.$JSCripts.'> <option value="">Select account</option>'; $query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users ORDER BY user_firstname ASC, user_lastname ASC'; $res=$db->rq($query); while (($row=$db->fetch($res))!=FALSE){ $pcontent.='<option value="'.$row['user_account_num'].'"'.((array_get($_GET, 'uid')==$row['user_account_num']||array_get($_POST, 'user_account_num')==$row['user_account_num'])?' selected':'').'>'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Transaction</legend> <div class="formsLeft">Trade Order:</div> <div class="formsRight">SHORT SELL</div> <br /> <div class="formsLeft">Share(s):</div> <div class="formsRight"> <div id="slider"><a href="#"></a></div> <input type="text" class="text-input-smallest left" id="sliderVal" name="trade_shares"'.$JSCripts.' /> </div> <br /><br /> <div class="formsLeft">Stock:</div> <div class="formsRight"> <select name="stocks_id" id="stocks_id" class="text-input"'.$JSCriptsSelect.'>'; $query='SELECT stocks_id, stocks_symbol, stocks_name FROM stocks ORDER BY stocks_symbol ASC'; $res=$db->rq($query); while($row = $db->fetch($res)) { $subq=$db->rq('SELECT value FROM stock_details WHERE stocks_id='.$row['stocks_id'].' ORDER BY date DESC LIMIT 1'); $subrow=$db->fetch($subq); $pcontent.='<option value="'.$row['stocks_id'].'_'.$subrow['value'].'_'.$row['stocks_symbol'].'"'.(($row['stocks_id']==array_get($_POST, 'stocks_id'))?' selected':'').'>'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>'; } $pcontent.=' </select> </div><br /> <div class="formsLeft">Notes:</div> <div class="formsRight"> <input type="text" class="text-input left" name="trade_notes" value="'.array_get($_POST, 'trade_notes').'"'.$JSCripts.' /> </div> <br /><br /> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Trade Details</legend> <input class="ui-state-default trade-details" type="text" name="trade_details" id="trade_details" value="'.array_get($_POST, 'trade_details', 'SHORT').'" readonly /> </fieldset>'; $totalRelated=0; $query2='SELECT trade_details, stock_trades.trade_ref FROM trades_related tr LEFT JOIN stock_trades ON tr.trade_ref=stock_trades.trade_ref WHERE trade_ref_relatedto="'.array_get($_POST, 'trade_ref').'"'; $res2=$db->rq($query2); $totalRelated=$db->num_rows($res2); if ($totalRelated>0){ $pcontent.=' <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Related Trades</legend><br />'; while (($row2=$db->fetch($res2))!=FALSE){ $pcontent.='<div class="ui-state-default trade-details"><a href="strades.php?action=edit_sell&tref='.$row2['trade_ref'].'" style="display:block;">'.$row2['trade_details'].'</a></div><br />'; } $pcontent.=' </fieldset>'; } $pcontent.=' </div> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Prices</legend> <div class="formsLeft">Price/share:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_price_share" id="trade_price_share" value="'.array_get($_POST, 'trade_price_share').'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Trade Value:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_value" id="trade_value" value="'.array_get($_POST, 'trade_value').'" readonly /> </div> <br /> <div class="formsLeft">Fees:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_fees" id="trade_fees" value="'.array_get($_POST, 'trade_fees').'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Total Invoiced:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_invoiced" id="trade_invoiced" value="'.array_get($_POST, 'trade_invoiced').'" /> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Settings</legend> <div class="formsLeft">Value date:</div> <div class="formsRight"> <input class="text-input" type="text" name="trade_date" id="trade_date" value="'.array_get($_POST, 'trade_date').'" /> </div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="trade_status" class="text-input">'; foreach ($tradesStatuses as $StatusID=>$StatusName){ $pcontent.='<option value="'.$StatusID.'"'.(($StatusID==array_get($_POST, 'trade_status'))?' selected':'').'>'.$StatusName.'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <div class="mainFormHolder left btnsHolder">'; if ($totalRelated==0){ $pcontent.=' <input type="hidden" name="_form_submit" value="1" /> <input type="hidden" name="_add_short" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if ($tradesSell_id){ $pcontent.=' <input type="hidden" name="tref" value="'.$tradesSell_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this BUY?\')) location=\'?action=delete_buy&buyid='.($_POST['trade_ref']).'\';" />'; } }else{ $pcontent.=' <div class="ui-state-error bold" style="width:300px; margin:auto; padding:5px;"> These BUY trade have been partially or totally sold and therefore cannot be updated. </div>'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'strades.php\';" /> </div> </div> </form> </div>'; $db->close(); return $pcontent; }
header('Location: users.php'); } exit(); } if(array_get($_GET, 'noheader')==1) { page_header(0); }else{ page_header(); } $db=new DBConnection(); $userDetails=$db->getRow('users','user_account_num="'.$_GET['uid'].'"','user_email, user_firstname, user_lastname, user_username, user_account_num, user_balance'); if(isset($_GET['buyref'])) { $query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Buy Confirmation"'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0) { $row=$db->fetch($res); $_POST['mail_templates_id']=$row['mail_templates_id']; } }elseif(isset($_GET['sellref'])) { $query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Sell Confirmation"'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0) { $row=$db->fetch($res); $_POST['mail_templates_id']=$row['mail_templates_id']; } }elseif(isset($_GET['tdref'])) { $query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Deposit Confirmation"';
function addNewValue($details_id=0) { $JSCripts=' onchange="setDetails();"'; $db=new DBConnection(); $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>Adding New Stock Values</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/stockValues.js"></script> <form name="addNewStockValue" method="POST" id="MainForms" action="">'; $query='SELECT * FROM stocks ORDER BY stocks_name ASC'; $res=$db->rq($query); $num = 1; $pcontent.='<div class="left">'; while (($row=$db->fetch($res))!=FALSE){ if($details_id > 0) { $details_id = $db->string_escape($details_id); $curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" AND details_ref="'.$details_id.'"','value, volume, date'); } else { $curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" ORDER BY date DESC','value, volume'); } if($curval){ $date = array_get($curval, 'date'); $pcontent.='<fieldset class="mainFormHolder"> <legend>Share</legend> <div class="formsLeft">Share:</div> <div class="formsRight"> <select name="stocks_id_'.$num.'" id="stocks_id_'.$num.'" class="text-input">'; $pcontent.='<option value="'.$row['stocks_id'].'">'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>'; $pcontent.=' </select> </div><br /> <div class="formsLeft">Value:</div> <div class="formsRight"> <input class="required text-input align-right" type="text" name="value_'.$num.'" id="value_'.$num.'" value="'.$curval['value'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Volume:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="volume_'.$num.'" id="volume_'.$num.'" value="'.$curval['volume'].'"'.$JSCripts.' /> </div><br /> </fieldset>'; } $num++; } $pcontent.='</div><div class="left"><fieldset class="mainFormHolder"> <legend>Date</legend> <div class="formsLeft">Value date:</div> <div class="formsRight"><input class="text-input" type="text" name="date_value" id="date_value" value="'.$date.'" /></div> <br />'; if($details_id) { $pcontent.='<input type="hidden" name="trade_ref" value="'.$details_id.'" />'; $pcontent.='<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete the values from this date?\')) location=\'?action=delete_values&sid='.($details_id).'\';" />'; } $pcontent.='<input type="hidden" name="_form_submit" value="1" /> <input type="hidden" name="_new_value" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> '; $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'stocks.php\';" /> </fieldset></div> </form> </div>'; return $pcontent; }
function addNewMailTemplate($mail_templates_id=0) { $db=new DBConnection(); if($mail_templates_id&&!$_POST['_form_submit']) { $_SESSION['admin']['uedit']=$mail_templates_id; $query='SELECT * FROM mail_templates WHERE mail_templates_id='.($mail_templates_id+0).''; $res=$db->rq($query); foreach ($db->fetch($res) AS $RowName=>$RowValue) { $_POST[$RowName]=$RowValue; } } $settingsModel = new App\Model\Settings($db, 'mail_settings'); $settings = $settingsModel->getAll(); $API_KEY = $settings['sendwithus_key']; $options = array(); $api = new API($API_KEY, $options); $response = $api->emails(); $tags = explode(',', trim($settings['sendwithus_tags'])); $selectTemplateHtml = '<option value="">Empty</option>'; foreach($response as $template) { $matched = count(array_filter($tags)) == 0; foreach($tags as $tag){ if (isset($template->tags) && in_array(trim($tag), $template->tags)) { $matched = true; break; } } if($matched){ $selectTemplateHtml .= "<option value='". $template->id ."' ".(isset($_POST['mail_external_id']) && $_POST['mail_external_id'] == "$template->id" ? "selected='selected'" : "") .">". $template->name ."</option>"; } } // End $db->close(); $templateVariables = Array( 'mail_template_title', 'user_first_name', 'user_username', 'user_last_name', 'user_account_num', 'user_password', 'user_password_org', 'trade_details', 'trade_date', 'trade_sell_status', 'trade_buy_status', 'trade_value', 'transfer_value', 'transfer_date', 'thanks', 'company_name', 'site_url', 'funding_overviews', 'trading_overviews', 'trade_ref', 'user_account_name', 'user_admin_ref', 'user_phone', 'user_email', 'user_mailing_address', 'user_city', 'user_state', 'user_postal', 'user_country', 'user_advisor1', 'user_advisor2', 'user_app_date' ); sort($templateVariables); $templateVariablesContent = ''; if(count($templateVariables) == 0){ $templateVariablesContent = '<p>Variables are not defined for this template type.</p>'; }else{ $templateVariablesContent .= '<ul class="variable_list">'; foreach($templateVariables as $var){ $templateVariablesContent .= "<li>{{$var}}</li>"; } $templateVariablesContent .= '</ul>'; } $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($mail_templates_id>0)?'Editing':'Creating New').' Mail Template</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/tiny_mce/tiny_mce.js"></script> <script type="text/javascript" src="js/jquery.simplemodal-1.3.3.min.js"></script> <link type="text/css" href="css/basic.css" rel="stylesheet" media="screen" /> <script type="text/javascript"> jQuery(function ($) { $(".basic").click(function (e) { var themeId = $("#MailTemplate").val(); var contentBody = tinyMCE.get("mail_html").getContent(); $.ajax({ type:"post", url: "ajax_theme.php", data: {action: "GetTemplateById" ,themeId : themeId, contentBody:contentBody }, success: function(data) { $(".mailTArea").html(data); tinyMCE.get("mail_html").setContent(data); } }) return false; }); }); $(document).ready(function(){ ShowTemplate(); }); $(document).ready(function(){ $("#MailTemplate").change(function(){ tinyMCE.get("mail_html").setContent("loading...", {format : "raw"}); $(".mailTArea").html("loading..."); ShowTemplate(); }); }); function ShowTemplate(){ var externalId = $("#MailTemplate").val(); $.ajax({ type:"post", url: "ajax_theme.php", dataType: "json", data: {action: "GetTemplateById" ,templateId : externalId }, success: function(data) { tinyMCE.get("mail_html").setContent(data.html, {format : "raw"}); $(".mailTArea").html(data.text); $("#template_name").val(data.name); $("#template_version").val(data.id); } }); } tinyMCE.init({ // General options mode : "textareas", theme : "advanced", editor_selector : "mceEditor", readonly : true, visual: false }); </script> <div id="basic-modal-content" style="display:none"> </div> <form name="addNewMailTemplate" method="POST" id="MainForms" action=""> <fieldset class="mainFormHolder left" style="width:800px;"> <legend>Template information</legend> <div class="formsLeft">Title:</div> <div class="formsRight"> <input class="text-input" type="text" name="mail_template_title" id="mail_template_title" value="'.$_POST['mail_template_title'].'" /> (used in admin area only) </div> <br /> <div class="formsLeft">Mail From:</div> <div class="formsRight"> <input class="text-input" type="text" name="mail_from_mail" id="mail_from_mail" value="'.$_POST['mail_from_mail'].'" /> (ex: noreply@site.com) </div> <br /> <div class="formsLeft">Mail BCC:</div> <div class="formsRight"> <input class="text-input" type="text" name="mail_bcc" id="mail_bcc" value="'.$_POST['mail_bcc'].'" /> (ex: noreply@site.com) </div> <br /> <div class="formsLeft">Mail From Name:</div> <div class="formsRight"> <input class="text-input" type="text" name="mail_from" id="mail_from" value="'.$_POST['mail_from'].'" /> (ex: John Doe) </div> <br /> <div class="formsLeft">Mail Subject:</div> <div class="formsRight"> <input class="text-input" type="text" name="mail_subject" id="mail_subject" value="'.$_POST['mail_subject'].'" /> </div> <br /> <div class="formsLeft">Auto Mail?:</div> <div class="formsRight"> <select name="mail_single" class="text-input"> <option value="1"'.(($_POST['mail_single']==1)?' selected':'').'>No</option> <option value="0"'.(($_POST['mail_single']==0)?' selected':'').'>Yes</option> </select> </div> <br /> <div class="formsLeft">Theme:</div> <div class="formsRight"> <select name="mail_external_id" id="MailTemplate" class="text-input">'.$selectTemplateHtml.'</select> </div> <br /> <div class="formsLeft">HTML Content:</div> <div class="formsRight"> <br /> <textarea name="mail_html" style="width:100%" class="mceEditor">Loading...</textarea> </div> <br /> <div class="formsLeft">Plain Text Content:</div> <div class="formsRight"> <br /> <textarea name="mail_plain" style="width:100%" class="mailTArea">Loading...</textarea> </div> <input type="hidden" id="template_name" name="template_name" value="" /> <input type="hidden" id="template_version" name="template_version" value="" /> <input type="hidden" name="_form_submit" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />'; if($mail_templates_id) { $pcontent.=' <input type="hidden" name="mtid" value="'.$mail_templates_id.'"> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this mail template?\')) location=\'?action=delete&mtid='.($_POST['mail_templates_id']+0).'\';" />'; } $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'mails_templates.php\';" /> </fieldset> <fieldset class="mainFormHolder left" style="width: 300px;"> <legend>Variables</legend> '.$templateVariablesContent.' </fieldset> <br class="clear" /> </form> </div>'; return $pcontent; }
<?php require_once 'template.php'; page_header(2); if ($_SESSION['user']['is_logged'] == 1) { $db = new DBConnection(); $line = array(); $line2 = array(); $query = $db->rq("SELECT value_change, stocks_id FROM stock_details ORDER BY date DESC, value_change DESC LIMIT 2"); while ($details = $db->fetch($query)) { $subq = $db->rq("SELECT stocks_symbol, stocks_name FROM stocks WHERE stocks_id='" . $details['stocks_id'] . "' LIMIT 1"); $stock = $db->fetch($subq); $stock['stocks_name'] = stripslashes($stock['stocks_name']); $line[$stock['stocks_name']] = $details['value_change']; } $query = $db->rq("SELECT value_change, stocks_id FROM stock_details ORDER BY date DESC, value_change ASC LIMIT 2"); while ($details = $db->fetch($query)) { $subq = $db->rq("SELECT stocks_symbol, stocks_name FROM stocks WHERE stocks_id='" . $details['stocks_id'] . "' LIMIT 1"); $stock = $db->fetch($subq); $stock['stocks_name'] = stripslashes($stock['stocks_name']); $line2[$stock['stocks_name']] = $details['value_change']; } ?> <script type="text/javascript"> $(document).ready(function(){ var line1 = [
$searchOrder.=$addComma.fnColumnToField($db->string_escape($_GET['iSortCol_'.$i])).' '.$db->string_escape($_GET['iSortDir_'.$i]).''; } } $searchFor=''; if ($_GET['sSearch']!=''){ $searchFor.='WHERE '; foreach ($searchColumns AS $Count=>$columnToSearch) { $addOr=''; if($Count!=0) $addOr.=' OR '; $searchFor.=$addOr.$columnToSearch.' LIKE "%'.$db->string_escape($_GET['sSearch']).'%"'; } } $searchQuery='SELECT SQL_CALC_FOUND_ROWS * FROM stocks '.$searchFor.' '.$searchOrder.' '.$searchLimit.''; $rResult=$db->rq($searchQuery); $query='SELECT FOUND_ROWS() AS frows'; $res=$db->rq($query); $row=$db->fetch($res); $iFilteredTotal=$row['frows']; $query='SELECT COUNT(stocks_id) AS total_stocks FROM stocks'; $res=$db->rq($query); $row=$db->fetch($res); $iTotal=$row['total_stocks']; $sOutput='{'; $sOutput.='"sEcho": '.$_GET['sEcho'].', '; $sOutput.='"iTotalRecords": '.$iTotal.', '; $sOutput.='"iTotalDisplayRecords": '.$iFilteredTotal.', ';
exit(); } } break; case 'delete_sell' : if ($_SESSION['admin']['is_logged']==1){ $exp="/[^a-zA-Z0-9]/i"; $check=preg_match($exp, $_GET['sellid']); if (($check+0)==1||$_GET['sellid']==''){ header('Location: strades.php'); exit(); } $db=new DBConnection(); $query='SELECT * FROM stock_trades WHERE trade_ref="'.($_GET['sellid']+0).'"'; $res=$db->rq($query); $row=$db->fetch($res); $query2='SELECT * FROM trades_related WHERE trade_ref="'.($_GET['sellid']+0).'"'; $res2=$db->rq($query2); $row2=$db->fetch($res2); $query3='UPDATE stock_trades SET trade_shares_left=(trade_shares_left+'.($row['trade_shares']+0).') WHERE trade_ref="'.$row2['trade_ref_relatedto'].'"'; $db->rq($query3); $checkPositions=$db->getRow('stock_trades','trade_ref="'.$row2['trade_ref_relatedto'].'"','trade_shares_left'); if($checkPositions['trade_shares_left']>0) { $query4='UPDATE stock_trades SET trade_status=1 WHERE trade_ref="'.$row2['trade_ref_relatedto'].'"'; $db->rq($query4); }
public function resetPasswordAnswer() { $db = new DBConnection(); $return = array(); $query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1'; $res = $db->rq($query); $row = $db->fetch($res); if (!isset($row['user_secret_answer'])) { $return['error'] = getLang('reset_noansw'); } else { if (strtolower(trim($_POST['rform_answer'])) == strtolower(trim($row['user_secret_answer']))) { $pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i'; $check = preg_match($pattern, $_POST['rform_email']); if ($check == 0) { $return['error'] = getLang('reset_invalid_email'); } else { $db = new DBConnection(); $query = 'SELECT u.*, ua1.advisor_names as user_advisor1, ua2.advisor_names as user_advisor2 FROM users u left join users_advisors ua1 on u.user_advisor1 = ua1.users_advisors_id left join users_advisors ua2 on u.user_advisor2 = ua2.users_advisors_id WHERE u.user_email="' . $_POST['rform_email'] . '" LIMIT 1'; $res = $db->rq($query); $num_rows = $db->num_rows($res); if ($num_rows > 0) { $row = $db->fetch($res); addLog('Front-end', 'Login', '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . ' (' . $row['user_account_num'] . ')', 0, 'Password reset request.'); /*$possible = '0123456789abcdfghjklmnopqrstuvwxyzABCDFGHJKLMNOPQRSTUVWXYZ'; $newpass = ''; $i = 0; for($i=0;$i<8;$i++) { $newpass.= substr($possible, mt_rand(0, strlen($possible)-1), 1); } $query2='UPDATE users SET user_password="******", user_passisset=0 WHERE users_id='.($row['users_id']+0).''; $db->rq($query2); */ $query3 = 'SELECT * FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Forgot password"'; $res3 = $db->rq($query3); $num_rows3 = $db->num_rows($res3); if ($num_rows3 > 0) { $row3 = $db->fetch($res3); $query4 = 'SELECT * FROM global_settings WHERE section="mail_settings"'; $res4 = $db->rq($query4); while (($row4 = $db->fetch($res4)) != FALSE) { if ($row4['variable'] == 'mail_mandrill_host' && $row4['variable_value'] != '') { $smtp_host = $row4['variable_value']; } if ($row4['variable'] == 'mail_mandrill_port' && $row4['variable_value'] != '') { $smtp_port = $row4['variable_value']; } if ($row4['variable'] == 'mail_mandrill_user' && $row4['variable_value'] != '') { $smtp_user = $row4['variable_value']; } if ($row4['variable'] == 'mail_mandrill_password' && $row4['variable_value'] != '') { $smtp_password = $row4['variable_value']; } } include 'nomad_mimemail.inc.php'; $mimemail = new nomad_mimemail(); $mimemail->set_charset("UTF-8"); if ($row3['mail_from'] != '') { $mimemail->set_from($row3['mail_from_mail'], $row3['mail_from']); $mimemail->set_reply_to($row3['mail_from_mail'], $row3['mail_from']); } else { $mimemail->set_from($row3['mail_from_mail']); $mimemail->set_reply_to($row3['mail_from_mail']); } $search_for = array('{user_first_name}', '{user_last_name}', '{user_username}', '{user_password}', '{user_password_org}', '{user_account_num}', '{user_account_name}', '{user_admin_ref}', '{user_phone}', '{user_email}', '{user_mailing_address}', '{user_city}', '{user_state}', '{user_postal}', '{user_country}', '{user_advisor1}', '{user_advisor2}', '{user_app_date}'); $replace_with = array($row['user_firstname'], $row['user_lastname'], $row['user_username'], $row['user_password'], $row['user_password'], $row['user_account_num'], $row['user_account_name'], $row['user_ref'], $row['user_phone'], $row['user_email'], $row['user_mailing_address'], $row['user_city'], $row['user_state'], $row['user_postal'], $row['user_country'], $row['user_advisor1'], $row['user_advisor2'], $row['user_app_date']); $row3['mail_html'] = str_replace($search_for, $replace_with, $row3['mail_html']); $row3['mail_plain'] = str_replace($search_for, $replace_with, $row3['mail_plain']); $t_search_for = array('{thanks}'); $t_replace_with_html = array(getLang('mails_thanks_html')); $t_replace_with_plain = array(getLang('mails_thanks_plain')); $row3['mail_html'] = str_replace($t_search_for, $t_replace_with_html, $row3['mail_html']); $row3['mail_plain'] = str_replace($t_search_for, $t_replace_with_plain, $row3['mail_plain']); $mimemail->set_subject($row3['mail_subject']); $mimemail->set_html($row3['mail_html']); $mimemail->set_text($row3['mail_plain']); $mimemail->set_to($_POST['rform_email'], '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . ''); if ($row3['mail_bcc']) { $mimemail->set_bcc($row3['mail_bcc']); } $mimemail->set_smtp_host($smtp_host, $smtp_port); $mimemail->set_smtp_auth($smtp_user, $smtp_password); $mimemail->send(); } $db->close(); $return['success'] = getLang('rform_newpass'); } else { $return['error'] = getLang('reset_noemail'); } } } else { $return['error'] = getLang('reset_wrong'); } } if (isset($return['error'])) { $return['error'] = strip_tags($return['error']); } echo json_encode($return); }
<?php require '../vendor/autoload.php'; require_once '../classes/db.class.php'; require_once '../classes/simplehtmldom/simple_html_dom.php'; require_once '../includes/timefix.php'; include '../includes/nomad_mimemail.inc.php'; set_time_limit(900); $db = new DBConnection(); $today = date('Y-m-d', CUSTOMTIME); $detRef = hexdec(substr(uniqid(''), 0, 10)) - 81208208208.0; $query = $db->rq("SELECT stocks_symbol, stocks_id FROM stocks ORDER BY stocks_symbol ASC"); while ($row = $db->fetch($query)) { $subq = $db->rq("SELECT value FROM stock_details WHERE stocks_id='" . $row['stocks_id'] . "' and date!='" . $today . "' ORDER BY date DESC LIMIT 1"); $subrow = $db->fetch($subq); $past_price = $subrow['value']; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'http://www.marketwatch.com/investing/stock/' . $row['stocks_symbol'] . '/'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); $str = curl_exec($curl); curl_close($curl); $html = str_get_html($str); $pricewrap = $html->find('div.pricewrap'); if ($pricewrap) { $current_price = $pricewrap[0]->find('p[class="data bgLast"]'); $curprice = $current_price[0]->innertext; if ($past_price) { $change = ($curprice - $past_price) / $past_price * 100; $change = round($change, 2); } else {
<?php require_once 'common.php'; check_logged_in(); if (isset($_SESSION['user']) && $_SESSION['user']['is_logged'] == 1) { $PageTitle = getLang('ptitle_logged'); } else { $PageTitle = getLang('ptitle_notlogged'); } $db = new DBConnection(); $query = 'SELECT user_firstname, trading_type,user_lastname,user_account_num FROM users WHERE user_account_num="' . $_SESSION['user']['user_account_num'] . '" LIMIT 1'; $res = $db->rq($query); $username = $db->fetch($res); $userProfile = ''; //--------------------------------------------- $total_trading = 0; $total_trading2 = 0; $total_total_fees = 0; $total_purchase = 0; $total_sales = 0; $total_fees = 0; $query = 'SELECT SUM(trade_value) AS total_purchase FROM trades WHERE trade_type=1 AND trade_status IN (1,4) AND user_account_num="' . $_SESSION['user']['user_account_num'] . '"'; $res = $db->rq($query); $row = $db->fetch($res); $total_trading -= $row['total_purchase']; $total_trading2 -= $row['total_purchase']; $total_purchase += $row['total_purchase']; $query = 'SELECT SUM(trade_value) AS total_purchase FROM stock_trades WHERE trade_type=1 AND trade_status IN (1,4) AND user_account_num="' . $_SESSION['user']['user_account_num'] . '"'; $res = $db->rq($query); $row = $db->fetch($res); $total_trading -= $row['total_purchase'];
function page_header($showbuttons=1){ if (array_get($_SESSION['admin'], 'is_logged') == 1) { $PageTitle = getLang('atitle_logged'); } else { $PageTitle = getLang('atitle_notlogged'); } echo ' <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>'.$PageTitle.'</title> <meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" /> <meta name="robots" content="NOINDEX,NOFOLLOW" /> <meta http-equiv="X-UA-Compatible" content="IE=8" /> <meta http-equiv="content-language" content="en" /> <meta name="language" content="en" />'; if(array_get($_SESSION['admin'], 'is_logged') == true) { echo ' <link href="../themes/smoothness/jquery-ui-1.7.2.custom.css" media="all" rel="stylesheet" type="text/css" /> <link href="../css/validationEngine.jquery.css" media="all" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="../js/jquery-1.3.2.min.js"></script> <script type="text/javascript" src="../js/jquery-ui-1.7.2.custom.min.js"></script> <script type="text/javascript" src="../js/underscore-min.js"></script> <script type="text/javascript" src="js/scripts.js"></script> <script type="text/javascript"> var AJAX_URL = "' . $_SERVER['REQUEST_URI'] . '"; jQuery(document).ready(function($){ var $tabs = $("#tabs").tabs({ select: function(event, ui){ var url = $.data(ui.tab, "load.tabs"); var tabid = ui.panel.id; if(url) { location.href = url; return false; } return true; } }); $("#tabs").tabs("select", '.($_SESSION['admin']['selected_tab']+0).'); $("div.TabsHolder").show(); $("#Tab0, #Tab1, #Tab2, #Tab3, #Tab5, #Tab6, #Tab7, #Tab10").click(function() { location.href = $(this).attr("rel"); return false; }); $("#expiry_date, #trade_date, #tr_date, #user_app_date, #date_value").datepicker({ changeMonth: true, changeYear: true, dateFormat: "yy-mm-dd" }); }); </script>'; } echo ' <link href="css/styles.css" media="screen" rel="stylesheet" type="text/css" /> <link rel="stylesheet" href="css/font-awesome/css/font-awesome.min.css"> </head> <body> <div class="wrapper">'; if(array_get($_SESSION['admin'], 'is_logged') == true) { $mailsToSend=''; $db=new DBConnection(); if($showbuttons==1) { $query='SELECT COUNT(*) AS total_mails FROM mail_queue WHERE is_sent=0'; $res=$db->rq($query); $row=$db->fetch($res); if($row['total_mails']>0){ $mailsToSend=' ('.$row['total_mails'].')'; } $usersActive=''; $usersPending=''; $usersDisabled=''; $usersTrades0=''; $usersTrades1=''; $usersTrades2=''; $query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=1'; $res=$db->rq($query); $row=$db->fetch($res); if($row['total_num']>0){ $usersActive=' ('.$row['total_num'].')'; } $query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=2'; $res=$db->rq($query); $row=$db->fetch($res); if($row['total_num']>0){ $usersPending=' ('.$row['total_num'].')'; } $query='SELECT COUNT(*) AS total_num FROM users WHERE user_status=3'; $res=$db->rq($query); $row=$db->fetch($res); if($row['total_num']>0){ $usersDisabled=' ('.$row['total_num'].')'; } $query='SELECT COUNT(trades_id) AS total_num FROM users LEFT JOIN trades ON users.user_account_num=trades.user_account_num GROUP BY users.user_account_num HAVING total_num>=2'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0){ $usersTrades2=' ('.$num_rows.')'; } $query='SELECT COUNT(trades_id) AS total_num FROM users LEFT JOIN trades ON users.user_account_num=trades.user_account_num GROUP BY users.user_account_num HAVING total_num=1'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0){ $usersTrades1=' ('.$num_rows.')'; } $query='SELECT COUNT(trades_id) AS total_num FROM users LEFT JOIN trades ON users.user_account_num=trades.user_account_num GROUP BY users.user_account_num HAVING total_num=0'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0){ $usersTrades0=' ('.$num_rows.')'; } $adminType = array_get($_SESSION['admin'], 'type'); echo ' <div class="TabsHolder"> <div id="tabs"> <ul> <li><a href="#TC-10" id="Tab0" rel="users.php?view=active">Accounts</a></li> <li><a href="#TC-50" id="Tab1" rel="trades.php">Option Trades</a></li> <li><a href="#TC-60" id="Tab2" rel="strades.php">Stock Trades</a></li> <li><a href="#TC-70" id="Tab3" rel="transfers.php">Transfers</a></li> <li><a href="#TC-65" id="Tab7" rel="stocks.php">Stock Management</a></li> <li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-80" id="Tab4">Back-end Settings</a></li> <li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-81" id="Tab8">Front-end Settings</a></li> <li><a href="#TC-85" id="Tab5" rel="users_advisors.php">Advisors</a></li> <li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-90" id="Tab6" rel="users_admins.php">Backend users</a></li> <li' . ($adminType == 'owner' ? '' : ' style="display: none;"') . '><a href="#TC-92" id="Tab9">Mails</a></li> <li><a href="#TC-93" id="Tab10" rel="logs_show.php">Logs</a></li> <li><a href="index.php?logout=true">Sign out</a></li> </ul> <div id="TC-10"> <a href="users.php">List all</a> | <a href="users.php?action=new">Add new</a> | <a href="users.php?view=active">Active'.$usersActive.'</a> | <a href="users.php?view=disabled">Disabled'.$usersPending.'</a> | <a href="users.php?view=pending">Pending'.$usersDisabled.'</a> | <a href="users.php?view=trades2">2+ trades'.$usersTrades2.'</a> | <a href="users.php?view=trades1">1 trade'.$usersTrades1.'</a> | <a href="users.php?view=trades0">0 trades'.$usersTrades0.'</a> </div> <div id="TC-50"> <a href="trades.php?action=new_buy">New BUY order</a> | <a href="trades.php?action=list_open">New SELL order</a> | <a href="trades.php">View all orders</a> </div> <div id="TC-60"> <a href="strades.php?action=new_buy">New BUY order</a> | <a href="strades.php?action=list_open">New SELL order</a> | <a href="strades.php?action=new_short">New SHORT order</a> | <a href="strades.php?action=new_cover">New COVER order</a> | <a href="strades.php">View all orders</a> </div> <div id="TC-65"> <a href="stocks.php?action=new_value">Add New Values</a> | <a href="stocks.php?action=list_dates">Edit Values</a> | <a href="stocks_edit.php">Edit All Values</a> | <a href="stocks.php?action=new_stock">Add New Stock</a> | <a href="stocks.php">List all stocks</a> | <a href="stocks.php?action=force_update">Force Update Values</a> </div> <div id="TC-70"> <a href="transfers.php?action=new_deposit">Add new Deposit</a> | <a href="transfers.php?action=new_withdraw">Add new Withdraw</a> | <a href="transfers.php">View all transfers</a> </div> <div id="TC-85"> <a href="users_advisors.php">List all</a> | <a href="users_advisors.php?action=new">Add new</a> </div> <div id="TC-93"> <a href="logs_show.php">Overview</a> </div>'; if ($adminType == 'owner') { echo ' <div id="TC-80"> <a href="settings_css.php">CSS Styles</a> | <a href="settings_translations.php">Translations</a> | <a href="commodities.php">Commodities</a> | <a href="commodities_groups.php">Commodities - groups</a> | <a href="expiry_dates.php">Commodities - exp. dates</a> | <a href="settings_pdf.php">PDF Settings</a> | <a href="pdf_templates.php">PDF Templates</a> </div> <div id="TC-81"> <a href="settings_header_front.php">Custom Header</a> | <a href="settings_footer_front.php">Custom Footer</a> | <a href="settings_css_front.php">CSS Styles</a> | <a href="settings_translations_front.php">Translations</a> | <a href="settings_deposit_text.php">Deposit\'s Text</a> | <a href="settings_other.php">Other settings</a> </div> <div id="TC-90"> <a href="users_admins.php">List all</a> | <a href="users_admins.php?action=new">Add new</a> </div> <div id="TC-92"> <a href="mails_smtp_settings.php">Mail Settings</a> | <a href="mails_templates.php">Templates</a> | <a href="mails_assigns.php">Mail Assigns</a> | <a href="mails_mass.php">Mass mail</a> | <a href="mails_outbox.php">Outbox Queue'.$mailsToSend.'</a> </div> '; } echo ' </div> </div>'; } echo ' <div class="MainContainer">'; }else{ $db=new DBConnection(); $UserIP=GetHostByName($_SERVER["REMOTE_ADDR"]); $query='SELECT banned_ips_id FROM banned_ips WHERE banned_ip="'.$UserIP.'" LIMIT 1'; $res=$db->rq($query); $num_rows=$db->num_rows($res); $db->close(); if($num_rows>0) { echo '<div class="LoginContainer"><h3>'.getLang('lform_publicbanmessage').'</h3></div>'; }else{ echo ' <div class="LoginContainer"> <h3>'.getLang('aform_title').'</h3> '.((array_get($_GET, 'error') == 1)?'<div class="errorsHolder">Invalid username or password</div>':'').' <form name="login_form" method="post"> <div style="float:left;"> <div class="labels">'.getLang('lform_username').':</div><br /> <div class="labels">'.getLang('lform_password').':</div> </div> <div style="float:left;"> <input type="text" name="l_username" class="tinputs"><br /> <input type="password" name="l_password" class="tinputs"> </div> <input type="hidden" id="nonce" name="nonce" value="'. ulNonce::Create('login') .'" /> <br /> <input type="submit" name="_login" class="submitBtn" value="'.getLang('lform_submitbtn').'"> </form>'; } } }