$sql = "select userid, serviceid, start_date, end_date from tbl_user_status where userid='" . toStringForSql($uid) . "' and delete_flag=0"; $result = querySQL($conn, $sql); $row = mysql_fetch_array($result); $start_date = $row["start_date"]; $now = date("Y-m-d"); $end_date = $row["end_date"]; $days = ceil((strtotime($now) - strtotime($start_date)) / (60 * 60 * 24)); $y = intval(substr($start_date, 0, 4)); $m = intval(substr($start_date, 5, 2)); $d = intval(substr($start_date, 8, 2)); $start_date = date('Y-m-d', mktime(0, 0, 0, $m, $d + $days, $y)); $y = intval(substr($end_date, 0, 4)); $m = intval(substr($end_date, 5, 2)); $d = intval(substr($end_date, 8, 2)); $end_date = date('Y-m-d', mktime(0, 0, 0, $m, $d + $days, $y)); $sql = 'update tbl_user_status' . ' set start_date=' . correctSQL(substr($start_date, 0, 10)) . ' , end_date=' . correctSQL(substr($end_date, 0, 10)) . ' where userid=' . $uid . ' and delete_flag=0'; executeSQL($conn, $sql); } } // set session data saveLoginInfo($userid, $macid); } // get serviceid, expiretime $row = getUserServiceInfo($conn, $uid); if ($row == null) { invalidUser(); } if ($row["expiretime"] == null || $row["serviceid"] == null) { expiredUser($userid); } $expiretime = $row["expiretime"];
function login($conn, $userid, $password) { $sql = "select id, agentid, concat(agentid, ' (', name, ')') as name, agentstoreid, type \n\t\t\t\t\tfrom tbl_agent_emp \n\t\t\t\t\twhere delete_flag=0 and agentid=" . correctSQL($userid) . " and password=" . correctSQL($password); $result = querySQL($conn, $sql); $row = mysql_fetch_assoc($result); return $row; }
case 'userstatus_create': $userid = getQueryData('userid'); $sql = "select id from tbl_user a where a.userid= '" . $userid . "'"; $userid = executeScalar($db, $sql); $data = getQueryData('data'); $data = json_decode($data, true); $servicename = executeScalar($db, "select servicename from tbl_service where delete_flag=0 and id=" . correctSQL($data["service"])); $sql = "insert into tbl_user_status (userid, serviceid, servicename, unitprice, unittype, start_date, end_date, charge, balance, payment, memo, create_id, create_date, update_id, update_date) values (" . correctSQL($userid) . "," . correctSQL($data["service"]) . "," . correctSQL($servicename) . "," . correctSQL($data["unitprice"], 1) . "," . correctSQL($data["unittype"], 1) . "," . correctSQL(substr($data["start_date"], 0, 10)) . "," . correctSQL(substr($data["end_date"], 0, 10)) . "," . correctSQL($data["charge"], 1) . "," . correctSQL($data["balance"], 1) . "," . correctSQL($data["payment"], 1) . "," . correctSQL($data["memo"]) . "," . correctSQL($login_id) . "," . "now() ," . correctSQL($login_id) . "," . "now());"; executeSQL($db, $sql); responseData(true, null); break; case 'userstatus_update': $data = getQueryData('data'); $data = json_decode($data, true); $return = array(); $sql = "update tbl_user_status set memo=" . correctSQL($data["memo"]) . " where delete_flag=0 and id=" . correctSQL($data["id"]); executeSQL($db, $sql); responseData(true, null); break; case 'viewhistory_list': $userid = getQueryData('userid'); $sql = "select b.name as channelname, a.start_time, a.end_time from tbl_user_history a, tbl_channel b\r\n\t\t\t\t\t\t\twhere a.userid='" . $userid . "' and a.channelid = b.id and a.delete_flag=0\r\n\t\t\t\t\t\t\torder by start_time desc limit 100"; $result = querySQL($db, $sql); $data = array(); while ($row = mysql_fetch_assoc($result)) { $data[] = $row; } responseData(true, null, $data); break; case 'user_csvdownload': $sql = "\r\n\t\t\t\t\tselect \r\n\t\t\t\t\t\ta.userid,\r\n\t\t\t\t\t\ta.fullname as name,\r\n\t\t\t\t\t\ta.password,\r\n\t\t\t\t\t\tcase a.type\t when 1 then 'BOX' when 2 then 'MINI' else 'PBOX' end as type,\r\n\t\t\t\t\t\tcase substr(a.flag, 1, 1) when '1' then 'ON' else 'OFF' end as vodflag,\r\n\t\t\t\t\t\ta.tel,\r\n\t\t\t\t\t\ta.email,\r\n\t\t\t\t\t\ta.identitycard,\r\n\t\t\t\t\t\ta.address,\r\n\t\t\t\t\t\tcase a.status when 1 then 'ON' else 'OFF' end as status,\r\n\t\t\t\t\t\tcase a.money_status when 1 then 'ON' else 'OFF' end as money_status,\r\n\t\t\t\t\t\ta.memo,\r\n\t\t\t\t\t\te.meetingcount,\r\n\t\t\t\t\t\ta.macid,\r\n\t\t\t\t\t\td.servicename,\r\n\t\t\t\t\t\td.point as balance,\r\n\t\t\t\t\t\tdate_format(d.start_date, '%Y-%m-%d') as start_date,\r\n\t\t\t\t\t\td.expire_time as end_date,\r\n\t\t\t\t\t\t(case when d.expire_time is null then 0 when d.expire_time = 'free' then null else datediff(d.expire_time, now()) + 1 end) as remain_day,\r\n\t\t\t\t\t\td.payment,\r\n\t\t\t\t\t\tb.name as store_name,\r\n\t\t\t\t\t\tc.name as emp_name,\r\n\t\t\t\t\t\ta.create_id,\r\n\t\t\t\t\t\ta.create_date\r\n\t\t\t\t\tfrom tbl_user a left outer join\r\n\t\t\t\t\t\ttbl_agent_store b on a.agentstoreid=b.id left outer join\r\n\t\t\t\t\t\ttbl_agent_emp c on a.agentempid=c.id left outer join\r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\tselect \r\n\t\t\t\t\t\t\t\t*,\r\n\t\t\t\t\t\t\t\tfn_balance_param(serviceid, unitprice, unittype, balance, start_date) as point,\r\n\t\t\t\t\t\t\t\tfn_expiretime_param(serviceid, unitprice, unittype, end_date) as expire_time\r\n\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\t\tselect * from tbl_user_status where delete_flag=0 order by update_date desc\r\n\t\t\t\t\t\t\t) a group by userid\r\n\t\t\t\t\t\t) d on a.id=d.userid left outer join\r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\tselect userid, count(*) as meetingcount from tbl_user_meeting where delete_flag=0 group by userid \r\n\t\t\t\t\t\t) e on a.id=e.userid\r\n\t\t\t\t\twhere a.delete_flag=0 and a.userid != 'anonymous'\r\n\t\t\t\t";
} if (isset($_POST['upload_membership'])) { if (validateCompile($_FILES['archive_membership'], $_FILES['archive_membership']['type'], COMPILER_MEMBERSHIP, 'application/zip') == true) { uploadCompile($_FILES['archive_membership'], COMPILER_MEMBERSHIP, 'membership.zip'); $response['message'] = 'Membership compile has been uploaded to'; $response['class'] = 'success'; $response['dir'] = COMPILER_MEMBERSHIP; } else { $response['message'] = 'Error check your plugin settings'; $response['class'] = 'fail'; } } if (isset($_POST['upload_membership_sql'])) { if (validateCompile($_FILES['sql_membership'], $_FILES['sql_membership']['type'], COMPILER_MEMBERSHIP, 'application/sql') == true) { uploadSQL($_FILES['sql_membership'], COMPILER_MEMBERSHIP, 'membership.sql'); correctSQL(COMPILER_MEMBERSHIP . '/membership.sql'); $response['message'] = 'Membership compile has been uploaded to'; $response['class'] = 'success'; $response['dir'] = COMPILER_MEMBERSHIP; } else { $response['message'] = 'Error check your plugin settings'; $response['class'] = 'fail'; } } if (isset($_POST['post_max_size']) && isset($_POST['upload_max_filesize'])) { $settings['post_max_size'] = trim(strip_tags($_POST['post_max_size'])); $settings['upload_max_filesize'] = trim(strip_tags($_POST['upload_max_filesize'])); $data = serialize($settings); if (get_option('_compiler_max_size') != $data) { update_option('_compiler_max_size', $data); } else {
$sql .= ", program_time = concat(\r\n\t\t\t\t\t\t\t\t\t\tdate_format(" . ($pdate == null ? "program_time" : correctSQL($data["pdate"])) . ", '%Y-%m-%d '), \r\n\t\t\t\t\t\t\t\t\t\ttime_format(" . ($ptime == null ? "program_time" : correctSQL($data["ptime"])) . ", '%H:%i'))"; } $sql = $sql . " where delete_flag=0 and id=" . correctSQL($data["id"]); executeSQL($db, $sql); $result = querySQL($db, "select * from tbl_channel_program where id = " . correctSQL($data["id"])); while ($row = mysql_fetch_assoc($result)) { $return[] = $row; break; } responseData(true, null, $return); break; case 'channel_program_destroy': $data = getQueryData('data'); $data = json_decode($data, true); $id = correctSQL($data); $sql = "update tbl_channel_program set delete_flag=1, update_id=" . correctSQL($login_id) . ", update_date=now() where id=" . $id; executeSQL($db, $sql); $sql = "select * from tbl_channel_program where delete_flag=0 and id=" . $id; $result = querySQL($db, $sql); $data = array(); while ($row = mysql_fetch_assoc($result)) { $data[] = $row; } responseData(true, null, $data); break; default: responseData(false, 'invalid function'); break; } } catch (Exception $e) { responseData(false, $e->getMessage());
お客様へ<br><br> この度は、SKYLIVE365サービスをご利用頂き誠に有難う御座いました。<br> ご購入頂いたID及び明細は下記の通りです。<br> ID:<font color="red">' . 'PP' . $userid . '</font><br> PW:<font color="red">' . $password . '</font><br> 注:パスワードは初回ログイン後、お客様自身でご自由に変更可能です。<br> 有効期限:<font color="red">' . $period . '</font><br> 注:有効期限は初回ログイン時点からカウントさせて頂きます。<br> (注:有効期限は購入日からカウントさせて頂きます。)<br> 請求料金+Paypalの手数料:<font color="red">' . $money . '円</font><br> 何か不明な点御座いましたら、総合アフターサポートまでご連絡ください。<br> アフターサポート:support@skylive365.com<br> SKYLIVE365<br> HP:www.skylive365.com<br><br> '; $sql = "insert into tbl_mail (userid, password, email, serviceid, money, content, create_id, create_date, update_id, update_date) values (" . correctSQL($userid) . "," . correctSQL($password) . "," . correctSQL($email) . "," . correctSQL($serviceid) . "," . correctSQL($money) . "," . correctSQL($msg) . "," . correctSQL($login_id) . "," . "now() ," . correctSQL($login_id) . "," . "now());"; $logger->debug(preg_replace('/\\s+/', ' ', $sql)); executeSQL($db, $sql); responseData2(true, "OK!"); } catch (Exception $e) { responseData2(false, $e->getMessage()); } break; default: responseData2(false, 'invalid function'); break; } } catch (Exception $e) { responseData2(false, $e->getMessage()); } function responseData2($success, $msg, $data = null)
$data = array(); while ($row = mysql_fetch_assoc($result)) { $data[] = $row; } responseData(true, null, $data); break; case 'deletechannel': $serviceid = getQueryData('serviceid'); $channelid = getQueryData('channelid'); $sql = "update tbl_service_channel set delete_flag=1, update_id=" . correctSQL($login_id) . ", update_date=now() where serviceid='" . $serviceid . "' and channelid='" . $channelid . "' and delete_flag=0"; executeSQL($db, $sql); responseData(true, null); break; case 'addchannel': $serviceid = getQueryData('serviceid'); $channelid = getQueryData('channelid'); $sql = "select count(*) from tbl_service_channel where delete_flag=0 and serviceid='" . $serviceid . "' and channelid='" . $channelid . "'"; $cnt = executeScalar($db, $sql); if ($cnt == 0) { $sql = "insert into tbl_service_channel (serviceid, channelid, create_id, create_date, update_id, update_date) \r\n\t\t\t\t\t\t\t\tvalues ('" . $serviceid . "', '" . $channelid . "', " . correctSQL($login_id) . ", now(), " . correctSQL($login_id) . ", now());"; executeSQL($db, $sql); } responseData(true, null); break; default: responseData(false, 'invalid function'); break; } } catch (Exception $e) { responseData(false, $e->getMessage()); }
if ($key == "id") { continue; } $sql .= ", " . $key . "=" . correctSQL($val); } $sql = $sql . " where delete_flag=0 and id=" . correctSQL($data["id"]); executeSQL($db, $sql); responseData(true, null); break; case 'server_destroy': $data = getQueryData('data'); $data = json_decode($data, true); $serverid = correctSQL($data); $sql = "update tbl_server set delete_flag=1, update_id=" . correctSQL($login_id) . ", update_date=now() where id=" . $serverid; executeSQL($db, $sql); $sql = "update tbl_server set order_no = order_no - 1, update_id=" . correctSQL($login_id) . ", update_date=now() where from tbl_server \r\n\t\t\t\t\t\t\twhere delete_flag=0 and order_no > (select COALESCE(order_no, 999999) from tbl_server where id=" . $serverid . ")"; executeSQL($db, $sql); responseData(true, null); break; case 'server_changeorder': $serverid = getQueryData('serverid'); $type = getQueryData('type'); // up, down if ($type == "up") { $sql = "update tbl_server a, tbl_server b \r\n\t\t\t\t\t\tset b.order_no=(case b.id when " . $serverid . " then b.order_no-1 else b.order_no+1 end) \r\n\t\t\t\t\t\twhere a.delete_flag=0 and b.delete_flag=0 and a.id=" . $serverid . " and (a.order_no = b.order_no or (a.order_no - 1) = b.order_no);"; } else { $sql = "update tbl_server a, tbl_server b \r\n\t\t\t\t\t\tset b.order_no=(case b.id when " . $serverid . " then b.order_no+1 else b.order_no-1 end) \r\n\t\t\t\t\t\twhere a.delete_flag=0 and b.delete_flag=0 and a.id=" . $serverid . " and (a.order_no = b.order_no or (a.order_no + 1) = b.order_no);"; } executeSQL($db, $sql); responseData(true, null); break;