function api_remove_table($activeUser, $con, $character_get) { if (isset($_GET['rm'])) { $remove = mysqli_real_escape_string($con, $_GET['rm']); $remove_name = utils::mysqli_result(mysqli_query($con, "SELECT name FROM characters WHERE eve_idcharacter = '{$remove}'"), 0, 0); //character is only dissossiated with the account, not removed from the database $remove_character_account = mysqli_query($con, "DELETE FROM aggr WHERE user_iduser = (SELECT iduser FROM user WHERE username = '******') AND character_eve_idcharacter = '{$remove}'") or die(mysqli_error($con)); //$remove_character = mysqli_query($con, "DELETE FROM characters WHERE eve_idcharacter = '$remove'") or die(mysqli_error($con)); echo "Character " . $remove_name . " removed successfully."; return; } else { $charsKeys = mysqli_query($con, "SELECT character_eve_idcharacter, name, username, apikey FROM v_user_characters WHERE username = '******'") or die(mysqli_error($con)); ?> <table class='table table-striped table-bordered table-hover' id='dataTables-api'> <tr><th align="center">Character</th> <th align="center">API Key</th> <th></th> <?php while ($chars = mysqli_fetch_array($charsKeys)) { $name = $chars['name']; $api = $chars['apikey']; $charid = $chars['character_eve_idcharacter']; $imgpath = "https://image.eveonline.com/Character/" . $charid . "_32.jpg"; echo "<tr><td>" . "<img src=" . $imgpath . ">" . " " . $name . "</td><td >" . $api . "</td><td align='center'>" . "<a href= 'api_remove.php?character={$character_get}&rm={$charid}'<button type='button' class='btn btn-danger'>Remove</button>" . "</td></tr>"; } ?> </table> <?php } }
function val_email_form($character_get, $con, $username) { if (isset($_POST['Send'])) { $new_email = mysqli_real_escape_string($con, $_POST['email']); $password = mysqli_real_escape_string($con, $_POST['password']); //check if password is correct, check if email is valid $get_password = utils::mysqli_result(mysqli_query($con, "SELECT password FROM user WHERE username = '******'"), 0, 0); $get_salt = utils::mysqli_result(mysqli_query($con, "SELECT salt FROM user WHERE username = '******'"), 0, 0); //hash provided pw with salt $newpassword_hash = crypt($password, $get_salt); if ($newpassword_hash == $get_password) { //passwords match, check if email is valid (again) if (!filter_var($new_email, FILTER_VALIDATE_EMAIL)) { echo "Invalid email format"; return; } else { //email is valid, password is valid, proceed to change $update_email = mysqli_query($con, "UPDATE user SET email = '{$new_email}' WHERE username ='******' "); if ($update_email) { echo "Email changed sucessfully"; } else { echo "There was an error processing your request. Try again later."; } } } else { echo "Wrong password"; return; } //validation goes here } else { drawForm($character_get, $username); } }
function val_password_form($character_get, $username, $con) { if (isset($_POST['Send'])) { $oldpassword = $_POST['oldpassword']; $newpassword1 = $_POST['newpassword1']; $newpassword2 = $_POST['newpassword2']; $user = $_POST['user']; //hash the provided password with the salt and match it against the one stored in the database $salt = utils::mysqli_result(mysqli_query($con, "SELECT salt FROM user WHERE username = '******'"), 0, 0); $oldpassword_crypt = crypt($oldpassword, $salt); $find_current_password = utils::mysqli_result(mysqli_query($con, "SELECT password FROM user WHERE username = '******'"), 0, 0); if ($find_current_password != $oldpassword_crypt) { echo "Incorrect password"; } else { if ($newpassword1 != $newpassword2) { echo "The new passwords provided don't match"; } else { //passwords match. //generate new salt //hash the new password and store it in the database $cost = 10; $new_salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.'); $new_salt = sprintf("\$2a\$%02d\$", $cost) . $new_salt; $newpassword_hash = crypt($newpassword1, $new_salt); $update_password = mysqli_query($con, "UPDATE user SET password = '******', salt = '{$new_salt}' WHERE username = '******'") or die(mysqli_error(${$con})); if ($update_password) { echo "Password successfully changed"; } } } //validation goes here } else { drawForm($character_get, $username); } }
function drawAssetsTable($con, $filter, $getAssetsSignificant, $getAssets) { ?> <div class="dataTable_wrapper"> <table class="table table-striped table-bordered table-hover" id="dataTables-assets"> <thead> <tr> <th>Item</th> <th>Q</th> <th>Location</th> <th>Est. Value (unit)</th> <th>Est. Value (stack)</th> </tr> </thead> <tbody> <?php if ($filter == "yes") { $getAssetsReal = $getAssetsSignificant; } else { $getAssetsReal = $getAssets; } while ($assetList = mysqli_fetch_array($getAssetsReal, MYSQLI_ASSOC)) { $itemID = $assetList['item_eve_iditem']; $itemName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM item WHERE eve_iditem = '{$itemID}'"), 0, 0); $imgpath = "../Types/" . $itemID . "_32.png"; $quantity = $assetList['quantity']; $locationID = $assetList['locationID']; $value = utils::mysqli_result(mysqli_query($con, "SELECT price_evecentral FROM item_price_data WHERE item_eve_iditem = '{$itemID}'"), 0, 0); $value_stack = $assetList['price_stack']; if (utils::startsWith($locationID, "6")) { //item is in a station $getStationName = mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$locationID}'") or die(mysqli_error($con)); if (mysqli_num_rows($getStationName) < 1) { $locationName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM outposts WHERE eve_idoutposts = '{$locationID}'"), 0, 0); } else { $locationName = utils::mysqli_result($getStationName, 0, 0); } } else { if (utils::startsWith($locationID, "3")) { $locationName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = '{$locationID}'"), 0, 0); } } echo "<tr>" . "<td><img src='{$imgpath}'>" . " " . $itemName . "</td>" . "<td align = 'right'>" . $quantity . "</td>" . "<td>" . $locationName . "</td>" . "<td align = 'right'>" . number_format($value) . "</td>" . "<td align = 'right'>" . number_format($value_stack) . "</td>" . "</tr>"; } ?> </tbody> </table> </div> <?php }
function tableMarketOrders($con, $getActiveMarketOrders, $tablename) { ?> <div class="dataTable_wrapper"> <table class="table table-striped table-bordered table-hover" id="<?php echo $tablename; ?> "> <thead> <tr> <th>Time</th> <th>Item</th> <th align = 'right'>Q</th> <th align = 'right'>ISK/unit</th> <th>Station</th> <th>State</th> </tr> </thead> <tbody> <?php while ($orders = mysqli_fetch_array($getActiveMarketOrders)) { $time = $orders['date']; $itemID = $orders['eve_item_iditem']; $itemName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM item WHERE eve_iditem = '{$itemID}'"), 0, 0); $stationID = $orders['station_eve_idstation']; $stationName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationID}'"), 0, 0); $price_unit = $orders['price']; $volume = $orders['volume_remaining']; $state = $orders['order_state']; /*$regionName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM region " . "WHERE eve_idregion = " . "(SELECT region_eve_idregion FROM system WHERE eve_idsystem = " . "(SELECT system_eve_idsystem FROM station WHERE eve_idstation = '$stationID'))"),0,0);*/ echo "<tr><td>" . $time . "</td>" . "<td>" . "<img src= '../Types/" . $itemID . "_32.png'>" . $itemName . "</td>" . "<td align = 'right'>" . number_format($volume) . "</td>" . "<td align = 'right'>" . number_format($price_unit) . "</td>" . "<td>" . $stationName . "</td>" . "<td>" . $state . "</td></tr>"; } ?> </tbody> </table> </div> <?php }
function forgot_username($con) { if (isset($_POST['Submit'])) { $email = $_POST['email']; $check_email_exists = $con->prepare("SELECT username FROM user WHERE email = ?"); $check_email_exists->bind_param("s", $email); $check_email_exists->execute(); $check_email_exists->store_result(); //$data = $check_email_exists->fetch_array(); //$username = $data['username']; //$user_r = mysqli_stmt_get_result($check_email_exists); //$user = mysqli_fetch_array($user_r, MYSQLI_ASSOC); //$username = $user['username']; //$check_email_exists = mysqli_query($con, "SELECT username FROM user WHERE email = '$email' "); $username = utils::mysqli_result(mysqli_query($con, "SELECT username FROM user WHERE email = '{$email}'"), 0, 0); if ($check_email_exists->num_rows >= 1) { $mail = smtpmailer($email, "*****@*****.**", "ETM Automated mail", "Eve Trade Master - login details", "You have recently requested your login details at www.evetrademaster.com. Your username is '{$username}'"); } else { echo "Email not found in our records"; echo "<meta http-equiv='refresh' content='2; url=../pages/forgot_username.php'>"; } } else { echo "Forgot your username? Just type the e-mail associated to your account and we'll send it to you:" . "<br><br>"; ?> <form method="POST" action="forgot_username.php" ><fieldset> <div class="form-group"> <input class="form-control" type = "text" size="30" name="email"> </div> <div class="form-group"> <p align='center'><input type ="Submit" name="Submit" value="Submit" class="btn btn-lg btn-success"></p> </fieldset></form> <?php } }
function getLastWeekProfits($ids_string, $con) { $profits = array(); $margins = array(); $dates = array(); $total_profit = 0; $total_margin = 0; echo "<table border ='1'>"; echo "<tr><th>Day</th><th>Profit</th><th>Margin</th></tr>"; /* $getLastWeekProfits = mysqli_query($con, "SELECT DATE(timestamp_sell) as date, SUM(profit.quantity_profit * profit.profit_unit) as profit, (AVG( profit.profit_unit / transaction.price_unit ) *100) as margin FROM profit JOIN transaction ON profit.transaction_idbuy_buy = transaction.idbuy WHERE `characters_eve_idcharacters_OUT` = '$ids_string' and date(timestamp_sell) = DATE_SUB( NOW( ) , INTERVAL $i" );*/ for ($i = 0; $i <= 7; $i++) { $q1 = "SELECT SUM( profit.quantity_profit * profit.profit_unit ) AS profit\n FROM profit\n JOIN transaction ON profit.transaction_idbuy_buy = transaction.idbuy\n WHERE `characters_eve_idcharacters_OUT` \n IN {$ids_string}\n AND DATE( timestamp_sell ) = DATE( DATE_SUB( NOW( ) , INTERVAL '{$i}' DAY ) )" or die(mysqli_error($con)); $q2 = "select (sum(price_unit_sell*profit_quantity)-sum(price_unit_buy*profit_quantity))/sum(price_unit_buy*profit_quantity)*100\n from v_profit_details where character_sell_id IN {$ids_string}\n AND DATE(time_sell) = DATE( DATE_SUB( NOW( ) , INTERVAL '{$i}' DAY ) )" or die(mysqli_error($con)); $q3 = "SELECT days from calendar where days = DATE( DATE_SUB( NOW( ),INTERVAL '{$i}' DAY ))"; $value1 = utils::mysqli_result(mysqli_query($con, $q1), 0); if (empty($value1)) { $value1 = 0; } $value2 = utils::mysqli_result(mysqli_query($con, $q2), 0); if (empty($value2)) { $value2 = 0; } // $lastdate = $value3; $pqp = mysqli_query($con, $q3); $value3 = utils::mysqli_result(mysqli_query($con, $q3), 0, 0); array_push($profits, $value1); array_push($margins, $value2); array_push($dates, $value3); $total_profit = $total_profit + $profits[$i]; $total_margin = $total_margin + $margins[$i]; echo "<tr><td>" . $dates[$i] . "</td><td>" . number_format($profits[$i]) . "</td><td>" . number_format($margins[$i], 2) . " %" . "</td></tr>"; } //echo $total_profit; echo "<tr><td>Total/avg</td><td><b>" . number_format($total_profit) . "</b></td><td><b>" . number_format($total_margin / 7, 2) . " %" . "</b></td></tr>"; echo "</table>"; }
public function getAccountingLevel() { return $this->level_acc = utils::mysqli_result(mysqli_query($this->con, "SELECT accounting " . "FROM characters " . "WHERE eve_idcharacter = '{$this->character_get}'"), 0, 0); }
function fetchTransactions($apikey, $vcode, $refID, $idcharacter, $con) { $pheal4 = new Pheal($apikey, $vcode, "char", $refID); $wallet_response = $pheal4->WalletTransactions(array("characterID" => $idcharacter)); if ($refID != 0) { $wallet_response = $pheal4->WalletTransactions(array("fromID" => $refID)); } $i = -1; //get the Eve transaction ID for the latest transaction (this might need some tweaking when they decide to recycle ids) $getLatestTransaction = utils::mysqli_result(mysqli_query($con, "SELECT MAX(transkey) AS val FROM transaction WHERE character_eve_idcharacter = '{$idcharacter}'"), 0, 0); //var_dump($getLatestTransaction); if (!isset($getLatestTransaction)) { $latestTransaction = 0; } else { $latestTransaction = $getLatestTransaction; } // var_dump($latestTransaction); $arrayfinal = array(); $array_refs = array(); $null = (string) "NULL"; foreach ($wallet_response->transactions as $row2) { $transkey = $row2->transactionID; $typeid = $row2->typeID; $dateTime = $row2->transactionDateTime; $quantity = $row2->quantity; $price_unit = $row2->price; $transactionType = $row2->transactionType; $station = $row2->stationName; $price_total = $price_unit * $quantity; $station_id = $row2->stationID; $clientName = $row2->clientName; array_push($array_refs, $transkey); if ($transkey > $latestTransaction) { $i++; $item[$i] = array("{$null}", "'" . $dateTime . "'", "'" . $quantity . "'", "'" . $price_unit . "'", "'" . $price_total . "'", "'" . $transactionType . "'", "'" . $idcharacter . "'", "'" . $station_id . "'", "'" . $typeid . "'", "'" . $transkey . "'", "'" . str_replace("'", ".", $clientName) . "'"); } } for ($j = 0; $j <= $i; $j++) { $arrayfinal[$j] = $item[$j]; } $values_transactions = array(); foreach ($arrayfinal as $rowValues) { foreach ($rowValues as $key => $rowValue) { $rowValues[$key] = $rowValues[$key]; } //this array contains all transactions in this format: (x,y,z),(a,b,c),... $values_transactions[] = "(" . implode(', ', $rowValues) . ")"; } if (!empty($values_transactions)) { //var_dump($values); $query_insert = "INSERT IGNORE INTO `trader`.`transaction` (`idbuy`, `time`, `quantity`, `price_unit`, `price_total`, `transaction_type`, `character_eve_idcharacter`, `station_eve_idstation`, `item_eve_iditem`, `transkey`, `client`) " . "VALUES " . implode(', ', $values_transactions); $insert_transactions = mysqli_query($con, $query_insert) or die(mysqli_error($con)); return $newTransactions = mysqli_affected_rows($con); if (count($array_refs) == 2560) { $refID = end($array_refs); fetchTransactions($apikey, $vcode, $refID, $idcharacter, $con); } } else { return $newTransactions = 0; $insert_transactions = False; } }
<?php require_once '/var/www/html/pages/scripts/class/link.php'; require_once '/var/www/html/pages/scripts/class/utils.php'; $link = new link(); $con = $link->connect(); //Updates the total sales and purchases for each day for every character since 24/10/2015 $getCharacters = mysqli_query($con, "SELECT eve_idcharacter FROM characters") or die(mysqli_error($con)); while ($chars = mysqli_fetch_array($getCharacters, MYSQLI_ASSOC)) { $characterID = $chars['eve_idcharacter']; //iterate dates from 24/10/2015 $getDates = mysqli_query($con, "SELECT days FROM calendar WHERE days > '2015-10-24' AND days <= '2016-01-27'") or die(mysqli_error($con)); while ($days = mysqli_fetch_array($getDates, MYSQLI_ASSOC)) { $date = $days['days']; //get sum of sales $getSalesSum = mysqli_query($con, "SELECT SUM(price_total) FROM transaction\n WHERE character_eve_idcharacter = '{$characterID}' AND transaction_type = 'Sell' AND date(time) = '{$date}'"); $salesSumVal = utils::mysqli_result($getSalesSum, 0, 0); //get sum of purchases $getPurchasesSum = mysqli_query($con, "SELECT SUM(price_total) FROM transaction\n WHERE character_eve_idcharacter = '{$characterID}' AND transaction_type = 'Buy' AND date(time) = '{$date}'"); $purchasesSumVal = utils::mysqli_result($getPurchasesSum, 0, 0); $getProfitsSum = mysqli_query($con, "SELECT SUM(profit_unit*quantity_profit) FROM profit WHERE date(timestamp_sell) = '{$date}'\n AND characters_eve_idcharacters_OUT = '{$characterID}'"); $profitsSumVal = utils::mysqli_result($getProfitsSum, 0, 0); $getMargin = mysqli_query($con, "select (sum(profit_total))/sum(price_unit_buy*profit_quantity)*100\n from v_profit_details where character_sell_id = '{$characterID}'\n AND DATE(time_sell) = '{$date}'") or die(mysqli_error($con)); $marginSumVal = utils::mysqli_result($getMargin, 0, 0); $addSales = mysqli_query($con, "REPLACE INTO history (idhistory, characters_eve_idcharacters, date, total_buy, total_sell, total_profit, margin)\n VALUES(NULL, '{$characterID}', '{$date}', '{$purchasesSumVal}', '{$salesSumVal}', '{$profitsSumVal}', '{$marginSumVal}')") or die(mysqli_error($con)); echo "Updated " . $characterID . " for " . $date . "<br>"; } } ?>
//remove active characters from array for ($i = 0; $i < count($characters) - 1; $i++) { if ($character_get_name == $characters[$i]) { unset($characters[$i]); // echo $characters[$i]; } } ?> <i class="fa fa-thumb-tack fa-fw"></i> <?php if ($ids_string == "") { $ids_string = "(" . $character_get . ")"; } !empty($typeid) ? $itemIDString = "AND item_id = '{$typeid}'" : ($itemIDString = ""); $getTotalProfit = utils::mysqli_result(mysqli_query($con, "SELECT SUM(profit_total) FROM v_profit_details WHERE (character_buy_id IN {$ids_string} or character_sell_id IN {$ids_string})" . $itemIDString . " AND time_sell>= DATE_SUB(NOW(), INTERVAL {$last_filter} HOUR) "), 0, 0); $getTotalProfit == "" ? $getTotalProfit = 0 : ($getTotalProfit = $getTotalProfit); echo "Currently showing results for <b>" . implode(",", $aggregation) . "</b>" . $text_filter . "<br>"; $number = 0; echo "Characters: " . "<input type='checkbox' onclick='return false;'checked> <b>{$characterName}</b>" . " "; foreach ($characters as $row2) { $number = $number + 1; echo "<input type = 'checkbox' name='characters{$number}' value='{$row2}'>" . " " . $row2 . " "; } //echo "<br>"; // "<form accept-charset='utf-8' name='filters' method='POST' action='profit.php?character=$character_get'>"; ?> <input type="Submit" class="btn btn-success" name="Submit" value="Submit"> <br> </form>
<?php require_once 'scripts/class/link.php'; require_once 'scripts/class/utils.php'; $link = new link(); $con = $link->connect(); //create DB connection $user = $username = ""; if (!isset($_SESSION)) { session_start(); } //if no cookie is found, start a normal session which expires in 1 hour if (isset($_COOKIE['name']) && isset($_COOKIE['password'])) { $cookiename = $_COOKIE['name']; $cookiepw = $_COOKIE['password']; $test_password_db = utils::mysqli_result(mysqli_query($con, "SELECT password FROM user WHERE username = '******'"), 0, 0); //check if password is correct if ($test_password_db == $cookiepw) { if (!isset($_SESSION)) { session_start(); } $_SESSION['user'] = $cookiename; } } if (isset($_SESSION['user'])) { $user = $_SESSION['user']; $username = $_SESSION['user']; } ?>
function drawContractsTable($con, $getContracts, $tablename) { ?> <div class="dataTable_wrapper"> <table class="table table-striped table-bordered table-hover" id="<?php echo $tablename; ?> "> <thead> <tr> <th>Creation</th> <th>Issuer</th> <th>Acceptor</th> <th>Avail.</th> <th>Price/Reward</th> <th>Type</th> <th>Station</th> </tr> </thead> <tbody> <?php while ($contracts = mysqli_fetch_array($getContracts)) { $issuerID = $contracts['issuer_id']; $acceptorID = $contracts['acceptor_id']; $status = $contracts['status']; $availability = $contracts['availability']; $price = number_format($contracts['price']); $reward = number_format($contracts['reward']); $price_reward = max($price, $reward); $collateral = number_format($contracts['colateral']); $stationFrom = $contracts['fromStation_eve_idstation']; $stationTo = $contracts['toStation_eve_idstation']; $type = $contracts['type']; $date = $contracts['creation_date']; $stationNameFrom = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationFrom}'"), 0, 0); $stationNameTo = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationTo}'"), 0, 0); if ($availability == 'Public') { $iconAv = "<i class='fa fa-user fa-fw'></i>"; } else { if ($availability == 'Private') { $iconAv = "<i class='fa fa-unlock-alt fa-fw '></i>"; } } if ($type == 'Courier') { $iconType = "<i class='fa fa-truck fa-fw'></i>"; } else { if ($type == 'ItemExchange') { $iconType = "<i class='fa fa-euro fa-fw'></i>"; } else { if ($type == 'Loan') { $iconType = "<i class='fa fa-credit-card fa-fw'></i>"; } else { if ($type == 'Auction') { $iconType = "<i class='fa fa-bank fa-fw'></i>"; } } } } if ($issuerID != 0) { $search_issuer_name = mysqli_query($con, "SELECT name FROM characters_public WHERE eve_idcharacters = '{$issuerID}'") or die(mysqli_error($con)); if (mysqli_num_rows($search_issuer_name) == 1) { $issuerName = utils::mysqli_result($search_issuer_name, 0, 0); $issuerPic = "https://image.eveonline.com/Character/" . $issuerID . "_32.jpg"; } else { $getIssuerName = "https://api.eveonline.com/eve/CharacterName.xml.aspx?ids=" . $issuerID; $xml = simplexml_load_file($getIssuerName); foreach ($xml->result->rowset->row as $r) { $issuerName = $r['name']; $insert_name = mysqli_query($con, "INSERT INTO `trader`.`characters_public` (`eve_idcharacters`, `name`) VALUES ('{$issuerID}', '{$issuerName}')"); $issuerPic = "https://image.eveonline.com/Character/" . $issuerID . "_32.jpg"; } } } else { $issuerName = "n/a"; $issuerPic = ""; } if ($acceptorID != 0) { $search_acceptor_name = mysqli_query($con, "SELECT name FROM characters_public WHERE eve_idcharacters = '{$acceptorID}'") or die(mysqli_error($con)); if (mysqli_num_rows($search_acceptor_name) == 1) { $acceptorName = utils::mysqli_result($search_acceptor_name, 0, 0); $acceptorPic = "https://image.eveonline.com/Character/" . $acceptorID . "_32.jpg"; } else { $getacceptorName = "https://api.eveonline.com/eve/CharacterName.xml.aspx?ids=" . $acceptorID; $xml = simplexml_load_file($getacceptorName); foreach ($xml->result->rowset->row as $r) { $acceptorName = $r['name']; $insert_name = mysqli_query($con, "INSERT INTO `trader`.`characters_public` (`eve_idcharacters`, `name`) VALUES ('{$acceptorID}', '{$acceptorName}')"); $acceptorPic = "https://image.eveonline.com/Character/" . $acceptorID . "_32.jpg"; } } } else { $acceptorName = "n/a"; $acceptorPic = ""; } echo "<tr><td>" . $date . "</td><td>" . $issuerName . "</td>" . "<td>" . $acceptorName . "</td>" . "<td>" . $iconAv . $availability . "</td>" . "<td align = 'right'>" . $price_reward . "</td>" . "<td>" . $iconType . $type . "</td>" . "<td>" . $stationNameFrom . "</td></tr>"; } ?> </tbody> </table> </div> <?php }
<?php session_start(); require_once "scripts/class/link.php"; require_once "scripts/class/utils.php"; $link = new link(); $con = $link->connect(); if (isset($_GET['user'])) { $user_get = strtolower($_GET['user']); } if (isset($_GET['email'])) { $email_get = strtolower($_GET['email']); } $useremail = utils::mysqli_result(mysqli_query($con, "SELECT email FROM user WHERE username = '******'"), 0, 0); if ($useremail == $email_get && isset($email_get)) { $unsub = mysqli_query($con, "UPDATE user SET reports = 'none' WHERE username = '******'") or die(mysqli_error($con)); if ($unsub) { echo "You have unsubscribed from the Eve Trade Master mailing report. <br> You can return anytime in your account settings."; } else { echo "Comunication error. Try again"; } } else { echo "Invalid request."; } ?>
$api_q = mysqli_query($con, "SELECT api_apikey AS api FROM `characters` WHERE eve_idcharacter = '{$character_get}'") or die(mysqli_error($con)); $api_a = mysqli_fetch_array($api_q, MYSQLI_ASSOC); $apikey = $api_a['api']; $vcode_q = mysqli_query($con, "SELECT vcode FROM api WHERE apikey = '{$apikey}'") or die(mysqli_error($con)); $vcode_a = mysqli_fetch_array($vcode_q); $vcode = $vcode_a['vcode']; //don't allow spying $check_char_belong_session = mysqli_query($con, "SELECT * FROM v_user_characters\n WHERE username = '******' AND character_eve_idcharacter = '{$character_get}'") or die(mysqli_error($con)); if (mysqli_num_rows($check_char_belong_session) == 0) { $session_state = 0; echo "Sneaky sneaky"; session_destroy(); echo "<meta http-equiv='refresh' content='1; url=../pages/login.php'>"; exit; } $characterName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM characters WHERE eve_idcharacter = '{$character_get}'"), 0, 0); $getCharacterPortrait = "https://image.eveonline.com/Character/" . $character_get . "_64.jpg"; $getCharacterList = mysqli_query($con, "SELECT name, character_eve_idcharacter\n FROM v_user_characters WHERE username = '******'\n AND character_eve_idcharacter != '{$character_get}'") or die(mysqli_error($con)); /*$characterList = array(); $characterids = array(); while ($row = mysqli_fetch_array($getCharacterList, MYSQLI_ASSOC)) { array_push($characterList, $row['name']); array_push($characterids, $row['character_eve_idcharacter']); } */ //var_dump($characterList); $getCharacterInfo = mysqli_fetch_array(mysqli_query($con, "SELECT * FROM characters " . "WHERE eve_idcharacter = '{$character_get}'"), MYSQLI_ASSOC); $accountBalance = $getCharacterInfo['balance']; $networth = $getCharacterInfo['networth']; $escrow = $getCharacterInfo['escrow'];
<?php require_once 'scripts/class/link.php'; require_once 'scripts/class/utils.php'; session_start(); $link = new link(); $con = $link->connect(); //check the number of logins. if 1 (first), ignore the session handler $username = $user = $_SESSION['user']; $logins = utils::mysqli_result(mysqli_query($con, "SELECT login_count FROM user WHERE username='******'"), 0, 0); if ($logins > 1) { require_once 'scripts/session.php'; } else { $user = $user_session = $username = $_SESSION['user']; }
function regionalTrader($con, $character_get) { $dt = new DateTime(); $tz = new DateTimeZone('Europe/Lisbon'); $dt->setTimezone($tz); $datetime = $dt->format('Y-m-d H:i:s'); if (isset($_POST['Submit3'])) { //User added another item to the table $newItemName = mysqli_real_escape_string($con, $_POST['tag4']); $itemID = utils::mysqli_result(mysqli_query($con, "SELECT eve_iditem FROM item WHERE name= '{$newItemName}'"), 0, 0); $transFrom = mysqli_real_escape_string($con, $_GET['tr1']); $transTo = mysqli_real_escape_string($con, $_GET['tr2']); $stationFromID = mysqli_real_escape_string($con, $_GET['sys1']); $stationToID = mysqli_real_escape_string($con, $_GET['sys2']); $systemFromName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = " . "(SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationFromID}')"), 0, 0) or mysqli_error($con); $systemToName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = " . "(SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationToID}')"), 0, 0) or mysqli_error($con); $systemFromID = utils::mysqli_result(mysqli_query($con, "SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationFromID}'"), 0, 0) or mysqli_error($con); $systemToID = utils::mysqli_result(mysqli_query($con, "SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationToID}'"), 0, 0) or mysqli_error($con); $stationFromName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationFromID}'"), 0, 0) or die(mysqli_error($con)); $stationToName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationToID}'"), 0, 0) or die(mysqli_error($con)); if ($stationFromID == "" | $stationToID == "") { echo "Invalid solar system provided."; echo "<a href='regionaltrade.php?character={$character_get}'>Regional Trader Assistant </a>"; die; } if ($itemID == "") { echo "Invalid item provided"; //send hidden GET with solarsys+trans echo " <form name='regional_3' action = 'regionaltrade.php?character={$character_get}&sys1={$systemFromID}&sys2={$systemToID}&tr1={$transFrom}&tr2={$transTo}' method='POST'>"; //form that sends the user back to submit=3 so we don't lose previously submitted items die; } //calculate tax - all tax variables come from here $taxcalc = new tax($stationFromID, $stationToID, $con, $character_get, $transFrom, $transTo); $transTaxFrom = $taxcalc->calculateTaxFrom(); $transTaxTo = $taxcalc->calculateTaxTo(); $brokerFeeFrom = $taxcalc->calculateBrokerFrom(); $brokerFeeTo = $taxcalc->calculateBrokerTo(); //taxcalc($stationFromID,$stationFromID,$character_get,$con,$transFrom,$transTo); //draw table echo "<h4>" . $stationFromName . "(" . $transFrom . ")" . " <i class='fa fa-arrow-circle-o-right fa-fw'></i> " . $stationToName . "(" . $transTo . ")" . "</h4><br>"; //Tax info echo "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Broker(origin):</b>" . max(0, number_format(($brokerFeeFrom - 1) * 100, 2)) . "%" . " " . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Tax (origin):</b>" . number_format(($transTaxFrom - 1) * 100, 2) . "%" . " " . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Broker(dest.):</b>" . max(0, number_format(($brokerFeeTo - 1) * 100, 2)) . "%" . " " . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Tax (dest.):</b>" . abs(number_format(($transTaxTo - 1) * 100, 2)) . "%" . " " . "<br><br>"; echo "<table class='table table-striped table-bordered table-hover' id='dataTables-example'>"; echo "<thead><tr>" . "<th>" . "Item" . "</th>" . "<th>" . $systemFromName . " " . $transFrom . " price" . "</th>" . "<th align = 'right'>" . "Broker fee" . "</th>" . "<th>" . $systemToName . " " . $transTo . " price" . "</th>" . "<th align = 'right'>" . "Broker fee" . "</th>" . "<th align = 'right'>" . "Transaction Tax" . "</th>" . "<th align = 'right'>" . "Raw profit" . "</th>" . "<th align = 'right'>" . "Margin (%)" . "</th></tr></thead>"; //To avoid re-calculating all previous entries, we create a temp cache that stores all previous values submitted in this session. $get_cache_results = mysqli_query($con, "SELECT DISTINCT * FROM cache_tool WHERE character_eve_idcharacter = '{$character_get}' ORDER BY timestamp ASC") or die(mysqli_error($con)); //check if item is already submitted $priceFrom = getEveCentralData($itemID, $systemFromID, $transFrom); // * $brokerFeeFrom * $transTaxFrom; $priceTo = getEveCentralData($itemID, $systemToID, $transTo); // * $brokerFeeTo * $transTaxTo; $profitRaw = $priceTo * $brokerFeeTo * $transTaxTo - $priceFrom * $brokerFeeFrom; $brokerFeeFromVal = max(100, $priceFrom * ($brokerFeeFrom - 1)); $brokerFeeToVal = max(100, $priceTo * (1 - $brokerFeeTo)); $transTaxToVal = $priceFrom * (1 - $transTaxTo); if ($priceFrom > 0 && $priceTo > 0) { $profitMargin = $profitRaw / $priceFrom * 100; } else { $profitMargin = "Error"; } //add results to table from cache, then add the last submitted item at the end while ($row2 = mysqli_fetch_array($get_cache_results)) { $cachedItemID = $row2['item_eveiditem']; $cachedPriceFrom = $row2['priceFrom']; //add exceptions for when buy or sell = 0 $cachedPriceTo = $row2['priceTo']; $cachedProfit = $row2['profit']; $cachedMargin = $row2['margin']; $cachedItemName = $row2['item_name']; $cachedBrokerFrom = $row2['brokerFrom']; $cachedBrokerTo = $row2['brokerTo']; $cachedTransTo = $row2['transTo']; $cachedProfit > 0 ? $color = "class='success'" : ($color = "class='danger'"); echo "<tr {$color}>" . "<td>" . "<img src='../Types/" . $cachedItemID . "_32.png'>" . " " . $cachedItemName . "</td>" . "<td align = 'right'>" . number_format((double) $cachedPriceFrom) . "</td>" . "<td align = 'right'>" . number_format((double) $cachedBrokerFrom) . "</td>" . "<td align = 'right'>" . number_format((double) $cachedPriceTo) . "</td>" . "<td align = 'right'>" . number_format((double) $cachedBrokerTo) . "</td>" . "<td align = 'right'>" . number_format((double) $cachedTransTo) . "</td>" . "<td align = 'right'>" . number_format((double) $cachedProfit) . "</td>" . "<td align = 'right'>" . utils::formating_profit(round($cachedMargin, 2)) . "</td></tr>"; // print_r($row2); var_dump($row2); } $check_duplicate_item = mysqli_query($con, "SELECT * FROM cache_tool WHERE item_eveiditem = '{$itemID}' AND character_eve_idcharacter = '{$character_get}'") or die(mysqli_error($con)); if (mysqli_num_rows($check_duplicate_item) > 0) { echo "<i class='fa fa-exclamation fa-fw'></i><b>Item already exists in this list</b><br>"; ?> </tbody></table> <link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script>var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag4").autocomplete("scripts/autocomplete_i.php", { selectFirst: true }); }); </script> </head> <body> <?php echo " <form name='regional_3' action = 'regionaltrade.php?character={$character_get}&sys1={$stationFromID}&sys2={$stationToID}&tr1={$transFrom}&tr2={$transTo}' method='POST'>"; //send both post and get at same time ?> <label>Add Item: </label> <input name="tag4" type="text" id="tag4" size="50"/> <input type="Submit" value="Submit" name="Submit3" class="btn btn-success"" /> </form> <?php } else { $profitRaw > 0 ? $color = "class='success'" : ($color = "class='danger'"); echo "<tr {$color}>" . "<td>" . "<img src='../Types/" . $itemID . "_32.png'>" . " " . $newItemName . "</td>" . "<td align = 'right'>" . number_format($priceFrom) . "</td>" . "<td align = 'right'>" . number_format($brokerFeeFromVal) . "</td>" . "<td align = 'right'>" . number_format($priceTo) . "</td>" . "<td align = 'right'>" . number_format($brokerFeeToVal) . "</td>" . "<td align = 'right'>" . number_format($transTaxToVal) . "</td>" . "<td align = 'right'>" . number_format($profitRaw) . "</td>" . "<td align = 'right'>" . utils::formating_profit(round($profitMargin, 2)) . "</td></tr>"; mysqli_query($con, "INSERT INTO `trader`.`cache_tool` (`idcache_tool`, `priceFrom`, `priceTo`, `profit`, `margin`, `timestamp`, `item_eveiditem`, `character_eve_idcharacter`, `item_name`, `brokerFrom`, `brokerTo`, `transTo`) \n VALUES (NULL, '{$priceFrom}', '{$priceTo}', '{$profitRaw}', '{$profitMargin}', '{$datetime}', '{$itemID}', '{$character_get}', '{$newItemName}', '{$brokerFeeFromVal}', '{$brokerFeeToVal}', '{$transTaxToVal}')") or die(mysqli_error($con)); echo "</table>"; ?> <link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script type="text/javascript">var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag4").autocomplete("scripts/autocomplete_i.php", { selectFirst: true }); }); </script> </head> <body> <?php echo " <form name='regional_3' action = 'regionaltrade.php?character={$character_get}&sys1={$stationFromID}&sys2={$stationToID}&tr1={$transFrom}&tr2={$transTo}' method='POST'>"; //send both post and get at same time ?> <label>Add Item: </label> <input name="tag4" type="text" id="tag4" size="50"/> <input type="Submit" value="Submit" name="Submit3" class="btn btn-success" /> </form> <?php } } else { if (isset($_POST['Submit2'])) { //User submits an item to the list //Update data list $itemName = mysqli_real_escape_string($con, $_POST['tag3']); //echo $itemName; $itemID = utils::mysqli_result(mysqli_query($con, "SELECT eve_iditem FROM item WHERE name= '{$itemName}'"), 0, 0); $stationFromID = mysqli_real_escape_string($con, $_GET['sys1']); $stationToID = mysqli_real_escape_string($con, $_GET['sys2']); if ($stationFromID == "" | $stationToID == "") { echo "Invalid solar system provided."; echo "<a href='regionaltrade.php?character={$character_get}'>Regional Trader Assistant </a>"; die; } $systemFromName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = (SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationFromID}')"), 0, 0) or die(mysqli_error($con)); $systemToName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = (SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationToID}')"), 0, 0) or die(mysqli_error($con)); $systemFromID = utils::mysqli_result(mysqli_query($con, "SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationFromID}'"), 0, 0) or mysqli_error($con); $systemToID = utils::mysqli_result(mysqli_query($con, "SELECT system_eve_idsystem FROM station WHERE eve_idstation = '{$stationToID}'"), 0, 0) or mysqli_error($con); $stationFromName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationFromID}'"), 0, 0) or die(mysqli_error($con)); $stationToName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM station WHERE eve_idstation = '{$stationToID}'"), 0, 0) or die(mysqli_error($con)); $transFrom = mysqli_real_escape_string($con, $_GET['tr1']); $transTo = mysqli_real_escape_string($con, $_GET['tr2']); if ($itemID == "") { echo "Invalid item provided"; echo "<a href='regionaltrade.php?character={$character_get}'>Regional Trader Assistant </a>"; die; } //calculate tax $taxcalc = new tax($stationFromID, $stationToID, $con, $character_get, $transFrom, $transTo); $transTaxFrom = $taxcalc->calculateTaxFrom(); $transTaxTo = $taxcalc->calculateTaxTo(); $brokerFeeFrom = $taxcalc->calculateBrokerFrom(); $brokerFeeTo = $taxcalc->calculateBrokerTo(); /*var_dump($toCorpStandingValue); var_dump($fromCorpStandingValue); var_dump($brokerFeeFrom); var_dump($brokerFeeTo); var_dump($transTaxFrom); var_dump($transTaxTo);*/ //echo $key=array_search('1000004',$corpArray); //Get EVE Central Data //getEveCentralData($itemID, $systemFromID, $transTo); $items_list = array(); array_push($items_list, $itemID); //echo "it is"; print_r($items_list); echo "<h4>" . "<b>" . $stationFromName . "</b>" . "(" . $transFrom . ")" . " <i class='fa fa-arrow-circle-o-right fa-fw'></i> " . "<b>" . $stationToName . "</b>" . "(" . $transTo . ")" . "</h4><br>"; echo "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Broker(origin):</b>" . max(0, number_format(($brokerFeeFrom - 1) * 100, 2)) . "%" . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Tax (origin):</b>" . number_format(($transTaxFrom - 1) * 100, 2) . "%" . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Broker(dest.):</b>" . abs(number_format(($brokerFeeTo - 1) * 100, 2)) . "%" . "<i class='fa fa-chevron-circle-right fa-fw'></i>" . "<b>Tax (dest.):</b>" . abs(number_format(($transTaxTo - 1) * 100, 2)) . "%" . "<br><br>"; echo "<table class='table table-striped table-bordered table-hover' id='dataTables-example'>"; echo "<thead><tr>" . "<th>" . "Item" . "</th>" . "<th>" . $systemFromName . " " . $transFrom . " price" . "</th>" . "<th>" . "Broker fee" . "</th>" . "<th>" . $systemToName . " " . $transTo . " price" . "</th>" . "<th align = 'right'>" . "Broker fee" . "</th>" . "<th align = 'right'>" . "Transaction tax" . "</th>" . "<th align = 'right'>" . "Raw profit" . "</th>" . "<th align = 'right'>" . "Margin (%)" . "</th></tr></thead>"; foreach ($items_list as $row) { //prices include tax modifiers $priceFrom = getEveCentralData($itemID, $systemFromID, $transFrom); $priceTo = getEveCentralData($itemID, $systemToID, $transTo); $profitRaw = $priceTo * $brokerFeeTo * $transTaxTo - $priceFrom * $brokerFeeFrom; $brokerFeeFromVal = max(100, $priceFrom * ($brokerFeeFrom - 1)); $brokerFeeToVal = $priceTo * (1 - $brokerFeeTo); $transTaxToVal = $priceFrom * (1 - $transTaxTo); $profitRaw > 0 ? $color = "class='success'" : ($color = "class='danger'"); if ($priceFrom > 0 && $priceTo > 0) { $profitMargin = $profitRaw / $priceTo * 100; } else { $profitMargin = "Error"; } mysqli_query($con, "INSERT INTO `trader`.`cache_tool` (`idcache_tool`, `priceFrom`, `priceTo`, `profit`, `margin`, `timestamp`, `item_eveiditem`, `character_eve_idcharacter`, `item_name`, `brokerFrom`, `brokerTo`, `transTo`) \n VALUES (NULL, '{$priceFrom}', '{$priceTo}', '{$profitRaw}', '{$profitMargin}', '{$datetime}', '{$itemID}', '{$character_get}', '{$itemName}', '{$brokerFeeFromVal}', '{$brokerFeeToVal}', '{$transTaxToVal}')") or die(mysqli_error($con)); echo "<tr {$color}>" . "<td>" . "<img src='../Types/" . $itemID . "_32.png'>" . " " . $itemName . "</td>" . "<td align = 'right'>" . number_format($priceFrom) . "</td>" . "<td align = 'right'>" . number_format($brokerFeeFromVal) . "</td>" . "<td align = 'right'>" . number_format($priceTo) . "</td>" . "<td align = 'right'>" . number_format($brokerFeeToVal) . "</td>" . "<td align = 'right'>" . number_format($transTaxToVal) . "</td>" . "<td align = 'right'>" . number_format($profitRaw) . "</td>" . "<td align = 'right'>" . utils::formating_profit(round($profitMargin, 2)) . "</td></tr>"; } echo "</table><br>"; //Add item form ?> <link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script type="text/javascript"> var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag4").autocomplete("scripts/autocomplete_i.php", { selectFirst: true }); }); </script> </head> <body> <?php echo " <form name='regional_3' action = 'regionaltrade.php?character={$character_get}&sys1={$stationFromID}&sys2={$stationToID}&tr1={$transFrom}&tr2={$transTo}' method='POST'>"; //send both post and get at same time ?> <label>Add Item: </label> <input name="tag4" type="text" id="tag4" size="50"/> <input type="Submit" value="Submit" name="Submit3" class="btn btn-success" /> </form> <?php } else { if (isset($_POST['Submit'])) { //getEveCentralData(34, 'buy'); if (isset($_POST['tag'])) { $stationFromName = mysqli_real_escape_string($con, $_POST['tag']); } if (isset($_POST['tag2'])) { $stationToName = mysqli_real_escape_string($con, $_POST['tag2']); } $systemFromName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = " . "(SELECT system_eve_idsystem FROM station WHERE name = '{$stationFromName}')"), 0, 0) or mysqli_error($con); $systemToName = utils::mysqli_result(mysqli_query($con, "SELECT name FROM system WHERE eve_idsystem = " . "(SELECT system_eve_idsystem FROM station WHERE name = '{$stationToName}')"), 0, 0) or mysqli_error($con); $stationFromID = utils::mysqli_result(mysqli_query($con, "SELECT eve_idstation FROM station WHERE name = '{$stationFromName}'"), 0, 0) or die(mysqli_error($con)); $stationToID = utils::mysqli_result(mysqli_query($con, "SELECT eve_idstation FROM station WHERE name = '{$stationToName}'"), 0, 0) or die(mysqli_error($con)); if (isset($_POST['transtype_1'])) { $transtype1 = $_POST['transtype_1']; } if (isset($_POST['transtype_2'])) { $transtype2 = $_POST['transtype_2']; } $systemFromID = utils::mysqli_result(mysqli_query($con, "SELECT eve_idsystem FROM system WHERE name = '{$systemFromName}'"), 0, 0); $systemToID = utils::mysqli_result(mysqli_query($con, "SELECT eve_idsystem FROM system WHERE name = '{$systemToName}'"), 0, 0); //var_dump($systemFromID); //var_dump($systemToID); if ($systemFromID == "" | $systemToID == "") { echo "Invalid solar system provided."; echo "<a href='regionaltrade.php?character={$character_get}'>Regional Trader Assistant </a>"; die; } //User submitted both stations echo "From " . "<b>" . $systemFromName . "</b>" . " to " . "<b>" . $systemToName . "</b>"; ?> <br><link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script type="text/javascript"> var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag3").autocomplete("scripts/autocomplete_i.php", { selectFirst: true }); }); </script> </head> <body> <?php echo " <form name='regional_2' action = 'regionaltrade.php?character={$character_get}&sys1={$stationFromID}&sys2={$stationToID}&tr1={$transtype1}&tr2={$transtype2}' method='POST'>"; ?> <label>Item: </label> <input name="tag3" type="text" id="tag3" size="50"/> <input type="Submit" value="Submit" name="Submit2" class="btn btn-success" /> <?php } else { ?> <link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script type="text/javascript"> var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag").autocomplete("scripts/autocomplete_s1.php", { selectFirst: true }); }); </script> </head> <body> <?php mysqli_query($con, "DELETE FROM cache_tool WHERE character_eve_idcharacter = '{$character_get}'") or die(mysqli_error($con)); //send both post and get at same time //send both post and get at same time echo " <form name='regional_1' action = 'regionaltrade.php?character={$character_get}' method='POST'>"; ?> <label>Origin: </label> <input name="tag" type="text" id="tag" size="70"/> purchase from: <input type="radio" name="transtype_1" value="buy" checked>buy order <input type="radio" name="transtype_1" value="sell">sell order <br><br> <link rel="stylesheet" type="text/css" href="scripts/jquery.autocomplete.css" /> <script type="text/javascript" src="scripts/jquery.js"></script> <script type="text/javascript" src="scripts/jquery.autocomplete.js"></script> <script type="text/javascript"> var jQueryAutocomplete = $.noConflict(true);</script> <script> $(document).ready(function(){ jQueryAutocomplete("#tag2").autocomplete("scripts/autocomplete_s1.php", { selectFirst: true }); }); <?php ?> </script> <label>Destination: </label> <input name="tag2" type="text" id="tag2" size="70"/> sell as: <input type="radio" name="transtype_2" value="buy">buy order <input type="radio" name="transtype_2" value="sell" checked>sell order <br><br> <input type ="Submit" name="Submit" value="Submit" class="btn btn-success"/> </form> </body> </html> <?php } } } }
<div class="panel-body"> <table border='1' id="dataTables-1" class="table table-striped table-bordered table-hover"> <?php echo "<tr><th></th><th>Client</th><th>Profit</th></tr>"; //$name="Nick Starkey"; //fetch character ID from Name if (mysqli_num_rows($bestCustomersRawProfit) == 0) { echo "<tr><td colspan='3'>No results to display</td></tr>"; } while ($tow = mysqli_fetch_array($bestCustomersRawProfit, MYSQLI_ASSOC)) { $soldTo = mysqli_real_escape_string($con, $tow['soldTo']); $profit = $tow['profit']; //check if customer already exists in db first. if yes, then use cached data. if not, then query the eve API (slow), then insert the new entry to the DB $search_customer_ID = mysqli_query($con, "SELECT eve_idcharacters FROM characters_public WHERE name = '{$soldTo}'") or die(mysqli_error($con)); if (mysqli_num_rows($search_customer_ID) == 1) { $customerID = utils::mysqli_result($search_customer_ID, 0, 0); } else { $getCustomerID = "https://api.eveonline.com/eve/CharacterID.xml.aspx?names={$soldTo}"; $xml = simplexml_load_file($getCustomerID); foreach ($xml->result->rowset->row as $r) { $customerID = $r['characterID']; } //add new ID to db $insert_new_customer = mysqli_query($con, "INSERT IGNORE INTO `trader`.`characters_public` (`eve_idcharacters`, `name`) VALUES ('{$customerID}', '{$soldTo}')"); } echo "<tr><td> <img src='https://image.eveonline.com/Character/" . $customerID . "_32.jpg'</td><td>" . $soldTo . "</td><td>" . number_format($profit) . " ISK" . "</td></tr>"; } echo "</table>"; ?> <div class="row"> <div class="col-lg-6">
function api_val_form($character_get, $con) { $activeUser = $_SESSION['user']; if (!empty($_POST['Send_2'])) { $apikey_final = mysqli_real_escape_string($con, $_POST['api']); $vcode_final = mysqli_real_escape_string($con, $_POST['vcode']); $chars = array(); if (isset($_POST['char1'])) { $char1 = $_POST['char1']; array_push($chars, $char1); } else { $char1 = ""; } if (isset($_POST['char2'])) { $char2 = $_POST['char2']; array_push($chars, $char2); } else { $char2 = ""; } if (isset($_POST['char3'])) { $char3 = $_POST['char3']; array_push($chars, $char3); } else { $char3 = ""; } //$chars = array($char1,$char2,$char3); //FINAL SERVER VALIDATION #2 (just in case someone sneaks in HTML5) //check if characters belong to API KEY by intersecting both arrays $pheal2 = new Pheal($apikey_final, $vcode_final); $chars_api = array(); $chars_name = array(); $empty = array(); $result2 = $pheal2->accountScope->APIKeyInfo(); foreach ($result2->key->characters as $character) { array_push($chars_api, $character->characterID); array_push($chars_name, $character->characterName); } if (array_intersect(array_diff($chars, $chars_api), $chars_api) != $empty) { echo "Character does not belong to Eve account"; failed_validation_2(); } else { $query_insert_apikey = mysqli_query($con, "insert ignore INTO `trader`.`api` (`apikey`, `vcode`) " . "VALUES " . "('{$apikey_final}', " . "'{$vcode_final}');") or die(mysqli_error($con)); // print_r($chars); $pheal3 = new Pheal($apikey_final, $vcode_final, "char"); foreach ($chars as $row) { $row; $response_final = $pheal3->CharacterSheet(array("characterID" => $row)); $name_char = mysqli_real_escape_string($con, $response_final->name); $activeUserID = utils::mysqli_result(mysqli_query($con, "SELECT iduser FROM user WHERE username = '******'"), 0, 0); $check_existing_character_user = mysqli_query($con, "SELECT * FROM aggr WHERE character_eve_idcharacter = '{$row}'") or die(mysqli_error($con)); if (mysqli_num_rows($check_existing_character_user) != 1) { $query_insert_character = mysqli_query($con, "replace INTO `trader`.`characters` " . "(`eve_idcharacter`, " . "`name`, " . "`balance`, " . "`api_apikey`," . "`networth`," . "`escrow`," . "`total_sell`," . "`broker_relations`," . "`accounting`) " . "VALUES " . "({$row}, " . "'{$name_char}', " . "'0', " . "'{$apikey_final}'," . "'0'," . "'0'," . "'0'," . "'0'," . "'0');") or die(mysqli_error($con)); } else { //check if one of the provided characters already exists in the DB. We don't allow for this. $checkExistingCharacter = mysqli_query($con, "SELECT name FROM v_user_characters WHERE character_eve_idcharacter IN (" . implode(",", $chars) . ") AND username != '{$activeUser}'") or die(mysqli_error($con)); if (mysqli_num_rows($checkExistingCharacter) > 0) { $duplicates = array(); while ($existing_characters = mysqli_fetch_array($checkExistingCharacter)) { array_push($duplicates, $existing_characters['name']); } echo implode(" and ", $duplicates) . " already belong to another account."; echo "<meta http-equiv='refresh' content='3;URL=api_add.php?character={$character_get}'>"; return; } else { echo "Character(s) already belongs to this account"; echo "<meta http-equiv='refresh' content='3;URL=api_add.php?character={$row}'>"; return; } } } // echo $activeUser; //create aggregation between characters and account foreach ($chars as $row2) { //check if the character number has been exceeded echo $character_count = utils::mysqli_result(mysqli_query($con, "SELECT COUNT(character_eve_idcharacter) " . "FROM aggr " . "WHERE user_iduser = "******"(SELECT iduser FROM user WHERE username = '******') "), 0, 0); if ($character_count >= 10) { echo "You have exceeded your character limit (currently 10)"; echo "<meta http-equiv='refresh' content='3;URL=api_add.php?character={$character_get}'>"; return; } $query_insert_aggr = mysqli_query($con, "INSERT IGNORE INTO `trader`.`aggr` " . "(`idaggr`, " . "`user_iduser`, " . "`character_eve_idcharacter`) " . "VALUES " . "(NULL, " . "'{$activeUserID}', " . "'{$row2}');") or die(mysqli_error($con)); } //check if everything is right before commit if ($query_insert_apikey && $query_insert_character && $query_insert_aggr) { mysqli_query($con, "COMMIT"); echo "API added successfully." . "<br>" . "You will now logoff so we can update your new character data. <br>"; session_destroy(); echo "<meta http-equiv='refresh' content='5;URL=login.php'>"; } else { mysqli_query($con, "ROLLBACK"); echo "error"; } } } if (!empty($_POST['Send'])) { $apikey = mysqli_real_escape_string($con, $_POST['api']); $vcode = mysqli_real_escape_string($con, $_POST['vcode']); //Using CURL to fetch API Access Mask $curl_url = "https://api.eveonline.com/account/APIKeyInfo.xml.aspx?keyID=" . $apikey . "&vCode=" . $vcode; // create curl resource $ch = curl_init($curl_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); // $response contains the XML response string from the API call $response = curl_exec($ch); // If curl_exec() fails/throws an error, the function will return false if ($response === false) { // Could add some 404 headers here echo 'Curl error: ' . curl_error($ch); } else { $apiInfo = new SimpleXMLElement($response); try { checkXML($apiInfo->result->key); $accessMask = (int) $apiInfo->result->key->attributes()->accessMask; } catch (Exception $e) { echo 'Error: ' . $e->getMessage(); echo "<meta http-equiv='refresh' content='3;URL=api_add.php?character={$character_get}'>"; return; } } //var_dump($apiInfo->result->key); // close curl resource to free up system resources curl_close($ch); if ($accessMask != '82317323' && $accessMask != '1073741823') { echo "Your access mask is " . $accessMask . " which has different permissions than requested. Please <a href = 'https://community.eveonline.com/support/api-key/CreatePredefined?accessMask=82317315' target='_blank'>create one here</a> with the correct permissions and <a href= 'api_add?character?={$character_get}.php'>try again </a>."; } else { echo "<b>Choose which characters to import:</b><br>"; //get character List from API KEY using Pheal $pheal = new Pheal($apikey, $vcode); $result = $pheal->accountScope->APIKeyInfo(); $count = 0; echo "<table class='table table-striped table-bordered table-hover' id='dataTables-api'>"; echo "<form action = 'api_add.php?character={$character_get}' method = 'POST' >"; foreach ($result->key->characters as $character) { $count = $count + 1; echo "<tr><td>" . "<img src='https://image.eveonline.com/Character/" . $character->characterID . "_64.jpg'" . "</td><td>" . $character->characterName . "</td><td>" . "<input type = 'checkbox' name = 'char{$count}' value = '{$character->characterID}'>" . "</td></tr>"; //there is a KEY HEADER BEFORE THE CHARACTERS ROWSET } echo "</table><br>"; //rest of the parameters echo "<input type ='hidden' name='api' value='{$apikey}'>"; echo "<input type ='hidden' name='vcode' value='{$vcode}'>"; echo "<input type ='Submit' name='Send_2' value ='Send' class='btn btn-lg btn-success btn-block' />"; echo "</form>"; } } else { api_add_form($character_get); } }
$cookie_name = $user; $cookie_value = $password; setcookie('name', $user, time() + 86400 * 30 * 12, "/"); // 86400 = 1 day setcookie('password', $password, time() + 86400 * 30 * 12, "/"); // 86400 = 1 day } if (!isset($_SESSION['user'])) { session_start(); $_SESSION['user'] = $user; } ?> <p align='center'><img src='../assets/wheel_2.GIF'></p> <?php $count_chars = utils::mysqli_result(mysqli_query($con, "SELECT count(character_eve_idcharacter) FROM aggr WHERE user_iduser = (SELECT iduser FROM user WHERE username = '******')"), 0, 0); if ($count_chars >= 1) { echo "<meta http-equiv='refresh' content='0; url=../pages/select.php'>"; } else { echo "<meta http-equiv='refresh' content='0; url=../pages/submit_api_login.php'>"; } ?> <br> <?php } else { echo "Wrong credentials"; ?> <meta http-equiv="refresh" content="3;URL='../pages/login.php'" /> <?php }