public function proses_claim() { $param = $this->input->post(); $config = $this->config->item('astro'); $operator = $this->session->userdata('astrosession'); $this->load->library('form_validation'); $this->form_validation->set_rules('tgl_awal', 'Tgl Awal', 'trim|required|xss_clean'); $this->form_validation->set_rules('tgl_akhir', 'Tgl Akhir', 'trim|required|xss_clean'); if ($this->form_validation->run() == FALSE) { echo "0|" . warn_msg(validation_errors()); } else { if ($param['bank'] != 'all' && $param['bank'] != '') { $where2 = 'AND note =' . $this->mr->protect($param['bank']); } else { $where2 = ''; } $where = "date BETWEEN " . $this->mr->protect($param['tgl_awal']) . " AND " . $this->mr->protect($param['tgl_akhir']); $replace = $this->mr->replace('penjualan', array('debet-claimed' => 'yes'), $where); if ($replace) { echo '1|' . succ_msg('Berhasil merubah status pembayaran debet'); } else { echo '1|' . err_msg('Gagal, melakukan perubahan'); } } }
public function tambah_stok() { $param = $this->input->post(); $user = $this->session->userdata('astrosession'); $this->load->library('form_validation'); $this->form_validation->set_rules('product_code', 'Produk', 'trim|required|xss_clean'); $this->form_validation->set_rules('in', 'Qty', 'trim|required|xss_clean'); if ($this->form_validation->run() == FALSE) { echo "0|" . warn_msg(validation_errors()); } else { $produk = $this->mp->get_detail_product($param['product_code']); $param['date'] = date('Y-m-d'); $param['status'] = 'input'; $param['reference'] = ''; $param['out'] = 0; $param['description'] = 'Penambahan Stok' . $produk['name']; $param['userlog'] = date('Y-m-d H:i:s'); $param['operator'] = $user[0]->uname; $param['rak_code'] = $produk['gudang_code']; $save = $this->mp->write('atombizz_warehouses_stok', $param); if ($save == TRUE) { echo "1|" . succ_msg("Stok Produk berhasil ditambahkan."); } else { echo "0|" . err_msg("Gagal menambahkan stok produk, periksa kembali masukan Anda"); } } }
public function delete($value = '') { $param = $this->input->post(); $delete = $this->mb->delete('atombizz_inventaris', array('id' => $param['id'])); if ($delete) { echo '1|' . succ_msg('Berhasil menghapus data.'); } else { echo '0|' . err_msg('Gagal menghapus data.'); } }
public function kirim_barang() { $param = $this->input->post(); $replace = $this->mp->replace('atombizz_selling', array('status_pengiriman' => '1'), array('id' => $param['id'])); if ($replace) { echo '1|' . succ_msg('Berhasil merubah status pengiriman barang.'); } else { echo '0|' . err_msg('Gagal merubah data.'); } }
public function delete() { $id = $this->input->post('id'); $where = array('id' => $id); $delete = $this->mb->delete('atombizz_brand_converter', $where); if ($delete) { echo "1|" . succ_msg("Master Konversi berhasil dihapus."); } else { echo "0|" . err_msg("Gagal, coba periksa lagi inputan anda."); } }
public function checkin_guest() { $param = $this->input->post(); $data = array('room_number' => $param['cek_room'], 'status' => 'checkin'); $where = array('id' => $param['cek_id']); $update = $this->mr->replace('atombizz_tmp_use_facilities', $data, $where); if ($update) { echo succ_msg('Pelanggan berhasil cek in.'); } else { echo err_msg('Pelanggan tidak dapat cek in.'); } }
public function save() { $user = $this->session->userdata('astrosession'); $config = $this->config->item('astro'); $param = $this->input->post(); $masuk = $keluar = 0; if ($param['status'] == 'in') { $masuk = $param['qty']; } else { $keluar = $param['qty']; } $stok = array('date' => date('Y-m-d'), 'status' => $param['status'], 'in' => $masuk, 'out' => $keluar, 'description' => $param['keterangan'], 'userlog' => date('Y-m-d H:i:s'), 'operator' => $user[0]->uname, 'product_code' => $param['product_code'], 'dept' => $config['bas_code_dept']); $save = $this->mi->write('atombizz_inventaris_stok', $stok); if ($save) { echo '1|' . succ_msg('Berhasil menyimpan pencatatan stok barang.'); } else { echo '0|' . err_msg('Gagal menyimpan pencatatan stok barang.'); } }
if ($XBTT_USE) { $dr = mysqli_fetch_array(mysqli_query($GLOBALS["___mysqli_ston"], "SELECT peer_id_ascii FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`=" . $id)); @mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM xbt_deny_from_clients WHERE peer_id=" . sqlesc($dr['peer_id_ascii'])); unset($dr); } @mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`=" . $id); success_msg($language["SUCCESS"], $language["CLIENT_REMOVED"] . "<a href='{$url}'>" . $language["RETURN"] . "</a>"); stdfoot(); exit; } else { redirect($url); } } $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM `{$TABLE_PREFIX}bannedclient` WHERE `id`={$id}"); if (@mysqli_num_rows($res) > 0) { $client = array(); $i = 0; while ($row = mysqli_fetch_assoc($res)) { $client[$i]["client_name"] = $row["client_name"]; $client[$i]["user_agent"] = $row["user_agent"]; $client[$i]["peer_id"] = $row["peer_id"]; $client[$i]["peer_id_ascii"] = $row["peer_id_ascii"]; $client[$i]["reason"] = stripslashes($row["reason"]); $i++; } $admintpl->set('client', $client); } else { err_msg($language["ERROR"], $language['BAD_ID']); stdfoot(); exit; }
function aggiungiutente() { global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix; $utente = mysql_escape_string($_POST["user"]); $pwd = mysql_escape_string($_POST["pwd"]); $pwd1 = mysql_escape_string($_POST["pwd1"]); $email = mysql_escape_string($_POST["email"]); $idlangue = intval($_POST["language"]); $idstyle = intval($_POST["style"]); $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); if (strtoupper($utente) == strtoupper("Guest")) { err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]); stdfoot(); exit; } if ($pwd != $pwd1) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } if ($VALIDATION == "none") { $idlevel = 3; } else { $idlevel = 2; } # Create Random number $floor = 100000; $ceiling = 999999; srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); if ($utente == "" || $pwd == "" || $email == "") { return -1; exit; } $res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'"); if (mysql_num_rows($res) > 0) { return -2; exit; } // valid email check - by vibes $regex = "^[_+a-z0-9-]+(\\.[_+a-z0-9-]+)*" . "@[a-z0-9-]+(\\.[a-z0-9-]{1,})*" . "\\.([a-z]{2,}){1}\$"; if (!eregi($regex, $email)) { return -3; exit; } // valid email check end // duplicate username $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'"); if (mysql_num_rows($res) > 0) { return -4; exit; } // duplicate username if (strpos(mysql_escape_string($utente), " ") == true) { return -7; exit; } if ($USE_IMAGECODE) { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $public = $_POST['public_key']; $private = $_POST['private_key']; $p = new ocr_captcha(); if ($p->check_captcha($public, $private) != true) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~"); if (straipos(mysql_escape_string($utente), $bannedchar) == true) { return -8; exit; } if (strlen(mysql_real_escape_string($pwd)) < 4) { return -9; exit; } $pid = md5(uniqid(rand(), true)); do_sqlquery("INSERT INTO {$TABLE_PREFIX}users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('{$utente}', '" . md5($pwd) . "', {$random}, {$idlevel}, '{$email}', {$idstyle}, {$idlangue}, {$idflag}, NOW(), NOW(),'{$pid}', '" . $timezone . "')", true); $newuid = mysql_insert_id(); // Continue to create smf members if they disable smf mode // $test=do_sqlquery("SELECT COUNT(*) FROM {$db_prefix}members"); $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'"); if ($FORUMLINK == "smf" || mysql_num_rows($test)) { $smfpass = smf_passgen($utente, $pwd); $flevel = $idlevel + 10; do_sqlquery("INSERT INTO {$db_prefix}members (memberName, dateRegistered, ID_GROUP, realName, passwd, emailAddress, memberIP, memberIP2, is_activated, passwordSalt) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')"); $fid = mysql_insert_id(); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'"); do_sqlquery("UPDATE {$TABLE_PREFIX}users SET smf_fid={$fid} WHERE id={$newuid}"); } // xbt if ($XBTT_USE) { $resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')"); } if ($VALIDATION == "user") { ini_set("sendmail_from", ""); if (mysql_errno() == 0) { send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}"); write_log("Signup new user {$utente} ({$email})", "add"); } else { die(mysql_error()); } } return mysql_errno(); }
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING // NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, // EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // //////////////////////////////////////////////////////////////////////////////////// //by CobraCRK 21.07.2006 - www.extremeshare.org - cobracrk@yahoo.com //converted to xbtit by cooly if (!defined("IN_BTIT")) { die("non direct access!"); } global $CURUSER; require "include/sanitize.php"; $subsedittpl = new bTemplate(); require load_language("lang_subs.php"); if ($CURUSER["can_upload"] == "no") { err_msg(ERROR, NOT_AUTH_VIEW_NEWS); stdfoot(); exit; } $action = $_GET["action"]; if ($action == "edit") { $id = $_GET["id"]; $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}subtitles WHERE id=" . $_GET['id']) or sqlerr(); if (mysqli_num_rows($res) != 1) { stderr("Error", "No message with ID {$id}."); } $arr = mysqli_fetch_assoc($res); if ($CURUSER["uid"] != $arr["uploader"] or $CURUSER["edit_torrents"] != "yes") { stderr("Error", "you didnt post this!"); } $save = (int) $_GET["save"];
public function proses_retur_out() { $basmalah = $this->config->item('astro'); $userlog = date('Y-m-d H:i:s'); $param = $this->input->post(); $reference = $this->input->post('reference'); $where = array('reference' => $reference); $keterangan = 'Retur Keluar dengan referensi no ' . $reference; $data = $this->mp->find('view_tmp_retur_out', $where); $nominal_retur_out = 0; foreach ($data->result_array() as $das) { $arr_detail[] = array('reference' => $reference, 'product_id' => $das['product_id'], 'product_code' => $das['product_code'], 'product_name' => $das['product_name'], 'quantity' => $das['quantity'], 'hpp' => $das['hpp'], 'description' => $das['description'], 'brand_code' => $das['brand_code'], 'unit' => $das['unit']); $nominal_retur_out += $das['sub_total']; $qty = $das['quantity']; $unit = $das['unit']; //brand konversi stok if ($das['brand_code'] != '') { $query = $this->mp->find('atombizz_brand_converter', array('product_code' => $das['product_code'], 'code' => $das['brand_code'])); $konv_brand = $query->row(); $qty = $das['quantity'] * $konv_brand->qty_convertion; $unit = $konv_brand->satuan_convertion; } //konversi satuan terkecil $konv_unit = unit_converter($qty, $unit); $data_konv = json_decode($konv_unit); $qty = $data_konv->qty; $unit = $data_konv->satuan; $arr_stok[] = array('date' => $param['date'], 'status' => 'retur out', 'reference' => $reference, 'in' => 0, 'out' => $qty, 'description' => $keterangan, 'userlog' => $userlog, 'operator' => $param['operator'], 'rak_code' => $das['gudang_code'], 'product_code' => $das['product_code'], 'dept' => $basmalah['bas_code_dept']); } // print_r($arr_stok);exit; $arr_retur_out = array('reference' => $reference, 'supplier_code' => $param['supplier_code'], 'supplier_name' => $param['supplier_name'], 'date' => $param['date'], 'operator' => $param['operator'], 'total' => $param['total_akhir'], 'urut' => $param['urut'], 'dept' => $basmalah['bas_code_dept'], 'userlog' => $userlog); $save_items = $this->mp->write_batch('atombizz_retur_out_detail', $arr_detail); if ($save_items == TRUE) { $save_stok = $this->mp->write_batch('atombizz_warehouses_stok', $arr_stok); if ($save_stok == TRUE) { $save_beli = $this->mp->write('atombizz_retur_out', $arr_retur_out); // echo $this->db->last_query();exit; if ($save_beli == TRUE) { $where = array('reference' => $reference); $delete = $this->mp->delete('atombizz_retur_out_tmp', $where); if ($delete > 0) { $kode = 'FRO'; $data = array('kode' => $kode, 'no_referensi' => $reference, 'tanggal' => $param['date'], 'keterangan' => $keterangan, 'dept' => $basmalah['bas_code_dept'], 'person' => $param['supplier_code'], 'valid' => 'yes'); //retur $data['debit'] = 0; $data['kredit'] = $param['total_akhir']; $data['no_akun'] = '330000'; $kas_acc = $this->mp->write('atombizz_accounting_buku_besar', $data); //hutang $data['kredit'] = 0; $data['debit'] = $param['total_akhir']; $data['no_akun'] = '510000'; $data['faktur'] = $reference; $data['kode'] = 'HTG'; $save_acc = $this->mp->write('atombizz_accounting_buku_besar', $data); if ($save_acc == TRUE) { echo "1|" . succ_msg("Berhasil, menambahkan data retur keluar."); } else { echo "0|" . err_msg("Gagal, menambahkan data accounting persediaan."); } } } else { echo "0|" . err_msg("Gagal, menambahkan data retur keluar."); } } else { echo "0|" . err_msg("Gagal, mengurangi data stok bahan."); } } else { echo "0|" . err_msg("Gagal, menambahkan data retur keluar detail."); } }
<?php if (!defined("IN_BTIT")) { die("non direct access!"); } require load_language("lang_staff.php"); $stafftpl = new bTemplate(); $stafftpl->set("language", $language); if ($CURUSER["view_users"] == "no") { err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . " " . strtolower($language["STAFF"]) . "!"); stdfoot(); exit; } else { $query = "SELECT u.id, u.username, u.avatar, UNIX_TIMESTAMP(u.joined) joined, "; $query .= "UNIX_TIMESTAMP(u.lastconnect) lastconnect, ul.level, ul.prefixcolor, "; $query .= "ul.suffixcolor, c.name country, c.flagpic, o.lastaction "; $query .= "FROM {$TABLE_PREFIX}users u "; $query .= "LEFT JOIN {$TABLE_PREFIX}users_level ul ON u.id_level = ul.id "; $query .= "LEFT JOIN {$TABLE_PREFIX}countries c ON u.flag = c.id "; $query .= "LEFT JOIN {$TABLE_PREFIX}online o ON u.id = o.user_id "; $query .= "WHERE u.id_level >=6 "; $query .= "AND u.id_level <=8 "; $query .= "ORDER BY u.id_level DESC, u.id ASC"; $res = do_sqlquery($query); $i = 0; while ($row = mysql_fetch_assoc($res)) { is_null($row["avatar"]) || $row["avatar"] == "" ? $avatar = "<img src='{$STYLEURL}/images/default_avatar.gif' height=80 width=80>" : ($avatar = "<img src='" . $row["avatar"] . "' height=80 width=80>"); is_null($row["lastaction"]) ? $lastseen = $row["lastconnect"] : ($lastseen = $row["lastaction"]); time() - $lastseen > 900 ? $status = "<img src='images/offline.gif' border='0' alt='" . $language["OFFLINE"] . "'>" : ($status = "<img src='images/online.gif' border='0' alt='" . $language["ONLINE"] . "'>"); if (is_null($row["flagpic"])) { $row["flagpic"] = "unknown.gif";
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. // IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED // TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR // PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF // LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING // NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, // EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // //////////////////////////////////////////////////////////////////////////////////// if (!defined("IN_BTIT")) { die("non direct access!"); } if ($CURUSER["view_news"] == "no") { err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . "!"); stdfoot(); exit; } // global $CURUSER, $limitqry, $adm_menu, $CURRENTPATH, $TABLE_PREFIX; // $output=""; if ($limit > 0) { $limitqry = "LIMIT {$limit}"; } $res = get_result("SELECT n.id, n.title, n.news,UNIX_TIMESTAMP(n.date) as news_date, u.username FROM {$TABLE_PREFIX}news n INNER JOIN {$TABLE_PREFIX}users u on u.id=n.user_id ORDER BY date DESC {$limitqry}", true, $btit_settings['cache_duration']); // load language file require load_language("lang_viewnews.php"); $viewnewstpl = new bTemplate(); $viewnewstpl->set("language", $language); $viewnewstpl->set("can_edit_news", $CURUSER["edit_news"] == "yes", TRUE); $viewnewstpl->set("can_edit_news_1", $CURUSER["edit_news"] == "yes", TRUE);
public function del_mix_bahan() { $param = $this->input->post(); $delete = $this->mm->delete('atombizz_mix_product', array('id' => $param['id'])); if ($delete) { echo '1|' . succ_msg('Berhasil menghapus data mix komposisi.'); } else { echo '0|' . err_msg('Gagal menghapus data mix komposisi.'); } }
public function delete() { $id = $this->input->post('id'); $where = array('id' => $id); $delete = $this->ksr->delete('detil-penjualan', $where); if ($delete) { echo "1|" . succ_msg("Pesanan berhasil dihapus."); } else { echo "0|" . err_msg("Gagal, coba periksa lagi inputan anda."); } }
if (isset($_POST['wishsend']) && $_POST['wishsend'] == "wishsend") { if (!empty($_POST['wishtitle']) and !empty($_POST['wishcomment']) and !empty($_POST['wishgenre'])) { $wishname = $CURUSER["username"]; $wishtitle = $_POST['wishtitle']; $wishcomment = $_POST['wishcomment']; $wishgenre = $_POST['wishgenre']; mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}radio_wish (name, title, comment, genre, date)\n VALUES ('" . mysqli_real_escape_string($DBDT, $wishname) . "',\n '" . mysqli_real_escape_string($DBDT, $wishtitle) . "',\n '" . mysqli_real_escape_string($DBDT, $wishcomment) . "',\n '" . mysqli_real_escape_string($DBDT, $wishgenre) . "',\n '" . time() . "')"); //chat $al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $rw = mysqli_fetch_assoc($al); $ct = $rw["count"] + 1; mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text, count) VALUES (0," . time() . ",'System','[color=green]New radio request:[/color] " . $wishtitle . " - " . $wishcomment . " - " . $wishgenre . " by " . $wishname . "'," . $ct . ")"); //chat $message = "<font color=silver>Your request has been submited to the DJ's.</font>"; } else { err_msg($language["ERROR"], "Don't leave any fields empty !"); stdfoot(); exit; } } echo "<table width=100% border=0><center><tr>"; echo $message; echo "<form action=\"index.php?page=modules&module=Radio_request\" method=\"post\"></td>"; echo "<td class=\"header\" width=15%>Artist :</td>\n"; echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishtitle\" /></td>\n"; echo "<td class=\"header\" width=15%>Title :</td>\n"; echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishcomment\" /></td>\n"; echo "<td class=\"header\" width=15%>Genre :</td>\n"; echo "<td class=\"header\" width=15%><input style=\"margin : 0 auto;\" type=\"text\" name=\"wishgenre\" /></td>\n"; echo "<td class=\"header\" width=15%><input type=\"hidden\" name=\"wishsend\" value=\"wishsend\">\n"; echo "<input style=\"margin : 0 auto;\" type=\"submit\" name=\"submit\" value=\"Post\"/></td>\n";
public function proses_retur_out() { $basmalah = $this->config->item('astro'); $userlog = date('Y-m-d H:i:s'); $param = $this->input->post(); $reference = $this->input->post('reference'); $where = array('reference' => $reference); $keterangan = 'Distribusi dengan referensi no ' . $reference; $data = $this->mp->find('atombizz_distribution_tmp', $where); $nominal_retur_out = 0; foreach ($data->result_array() as $das) { $arr_detail[] = array('reference_no' => $reference, 'product_id' => $das['product_id'], 'product_code' => $das['product_code'], 'product_name' => $das['product_name'], 'quantity' => $das['qty_dikirim'], 'unit' => $das['unit']); $arr_stok[] = array('date' => $param['date'], 'status' => 'distribusi', 'reference' => $reference, 'in' => 0, 'out' => $das['qty_dikirim'], 'description' => $keterangan, 'userlog' => $userlog, 'operator' => $param['operator'], 'rak_code' => 'G-001', 'product_code' => $das['product_code'], 'dept' => $basmalah['bas_code_dept']); } $arr_retur_out = array('reference_no' => $reference, 'penerima' => $param['penerima'], 'date' => $param['date'], 'operator' => $param['operator'], 'urut' => $param['urut'], 'dept' => $basmalah['bas_code_dept'], 'status' => 'pengajuan'); $save_items = $this->mp->write_batch('atombizz_distribution_items', $arr_detail); if ($save_items == TRUE) { $save_stok = $this->mp->write_batch('atombizz_warehouses_stok', $arr_stok); if ($save_stok == TRUE) { $save_beli = $this->mp->write('atombizz_distribution', $arr_retur_out); // echo $this->db->last_query();exit; if ($save_beli == TRUE) { $where = array('reference' => $reference); $delete = $this->mp->delete('atombizz_distribution_tmp', $where); if ($delete > 0) { echo "1|" . succ_msg("Berhasil, menambahkan data retur keluar."); // $kode = 'FRO'; // $data = array( // 'kode'=>$kode, // 'no_referensi'=>$reference, // 'tanggal'=>$param['date'], // 'keterangan'=>$keterangan, // 'dept'=>$basmalah['bas_code_dept'], // 'person'=>$param['supplier_code'], // 'valid'=>'yes' // ); // //retur // $data['debit'] = 0; // $data['kredit'] = $param['total_akhir']; // $data['no_akun'] = '330000'; // $kas_acc = $this->mp->write('atombizz_accounting_buku_besar',$data); // //hutang // $data['kredit'] = 0; // $data['debit'] = $param['total_akhir']; // $data['no_akun'] = '510000'; // $data['faktur'] = $reference; // $data['kode'] = 'HTG'; // $save_acc = $this->mp->write('atombizz_accounting_buku_besar',$data); // if ($save_acc==TRUE) { // echo "1|".succ_msg("Berhasil, menambahkan data retur keluar."); // } else { // echo "0|".err_msg("Gagal, menambahkan data accounting persediaan."); // } } } else { echo "0|" . err_msg("Gagal, menambahkan data distribusi."); } } else { echo "0|" . err_msg("Gagal, mengurangi data stok bahan."); } } else { echo "0|" . err_msg("Gagal, menambahkan data distribusi detail."); } }
if ($DHT_PRIVATE) { $alltorrent = bencode($array); $fd = fopen($TORRENTSDIR . "/" . $hash . ".btf", "rb+"); fwrite($fd, $alltorrent); fclose($fd); } // with pid system active or private flag (dht disabled), tell the user to download the new torrent write_log("Uploaded new torrent {$filename} ({$hash})", "add"); $status = 1; } // Announce new Uploaded torrents in ShoutBoX start global $BASEURL; do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text) VALUES (0," . time() . ", 'System','[color=red]NEW TORRENT[/color]: [url={$BASEURL}/index.php?page=torrent-details&id={$hash}]" . $filename . "[/url]')"); // Announce new Uploaded torrents in ShoutBoX ends } else { err_msg($language["ERROR"], $language["ERR_ALREADY_EXIST"]); unlink($_FILES["torrent"]["tmp_name"]); stdfoot(); die; } } else { $status = 0; } $uploadtpl = new bTemplate(); /* Mod by losmi -sticky torrent */ $query = "SELECT * FROM {$TABLE_PREFIX}sticky"; $rez = do_sqlquery($query, true); $rez = mysql_fetch_assoc($rez); $rez_level = $rez['level'];
stderr('Error', 'You need to chose a feed type !'); } $link = $BASEURL . '/rss_torrents.php'; if ($_POST['feed'] == 'dl') { $query[] = 'feed=dl'; } foreach ($_POST['cat'] as $cat) { $query[] = 'cat[]=' . $cat; } $query[] = 'pid=' . user::$current['pid']; $queries = implode('&', $query); if ($queries) { $link .= '?' . $queries; } if ($_POST['feed'] == 'dl') { err_msg('RSS Link', 'Use the following url in your RSS reader:<br><b>' . $link . '</b><br>'); stdfoot(); exit; } else { header('Refresh: 0; url=' . $link); } } block_begin('Get RSS'); ?> <form method='POST' action='get_rss.php'> <table class='header' width='80%' align='center'> <tr> <td class='header' width='30%'>Categories:</td> <td class='lista' width='50%'><?php echo $catoptions; ?>
function stderr($heading, $text, $close = false) { err_msg($heading, $text, $close); stdfoot(true, false); die; }
err_msg($language["ERROR"], $language["NOT_AUTHORIZED"] . " " . $language["NOT_USER_CLASS"]); stdfoot(); die; } if ($now >= $expire || $enabled != 'yes') { err_msg($language["ERROR"], $language["CANNOT_SELL_CLOSED"]); stdfoot(); die; } if ($_POST['number'] > $purchaseable || $_POST['number'] < 1) { err_msg($language["ERROR"], $language["LOTT_LIMIT_PURCHASE"] . " " . $purchaseable); stdfoot(); die; } if ($_POST['number'] + $user_tickets > $limit_buy) { err_msg($language["ERROR"], $language["LOTT_LIMIT_BUY"] . " " . $limit_buy); stdfoot(); die; } $upload = $result["uploaded"] - $minupload * $_POST['number']; do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `uploaded`=" . $upload . " WHERE `id`=" . $CURUSER['uid'] . "", true); $tickets = $_POST['number']; for ($i = 0; $i < $tickets; $i++) { do_sqlquery("INSERT INTO {$TABLE_PREFIX}lottery_tickets(user) VALUES(" . $CURUSER['uid'] . ")", true); } $me = mysqli_num_rows(do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}lottery_tickets` WHERE user="******"", true)); // load language file require load_language("lang_lottery.php"); $ticketstpl = new bTemplate(); $ticketstpl->set("language", $language); $ticketstpl->set("nr_tickets", $tickets);
public function hapus_data() { $param = $this->input->post(); $delete = $this->mp->delete('atombizz_accounting_buku_besar', array('id' => $param['id'])); if ($delete) { echo "1|" . succ_msg("Transaksi berhasil dihapus."); } else { echo "0|" . err_msg("Gagal menghapus Transaksi."); } }
<?php //데이터베이스 서버에 연결함 if (!isset($_SESSION)) { session_start(); } include "php/config.php"; include "php/util.php"; if (!isset($_SESSION["id"])) { err_msg('You must first login'); } $mysqli = mysqli_connect("14.63.223.180", "root", "haniumwaschool", "waschool"); mysqli_query($mysqli, "set names utf8;"); //디비에 있는 마일리지를 가져옴 $get_studentscore_sql = "SELECT subject, name, score, DATE_FORMAT(papersendtime,'%b %e %Y')AS fmt_papersend_time from studentscore order by papersendtime asc"; $get_studentscore_res = mysqli_query($mysqli, $get_studentscore_sql) or die(mysqli_error($mysqli)); if (mysqli_num_rows($get_studentscore_res) < 1) { //마일리지가 없을 경우에 출력할 메시지를 채움 $display_block = "<p><em>No submit score exist</em></p>"; } else { //마일리지를 출력함 $display_block = "\r\n<table cellpadding=\"3\" cellspacing=\"1\" border=\"1\">\r\n<tr>\r\n<th>과제받은날짜</th>\r\n<th>과목</th>\r\n<th>점수</th>\r\n</tr>"; while ($studentscore_info = mysqli_fetch_array($get_studentscore_res)) { $papersendtime = $studentscore_info['fmt_papersend_time']; //학습지제출한시간 $subject = $studentscore_info['subject']; //과목 $name = $studentscore_info['name']; //이름 $score = $studentscore_info['score']; //점수
} $torrentperpage = user::$current["torrentsperpage"]; if ($torrentperpage == 0) { $torrentperpage = $ntorrents == 0 ? 15 : $ntorrents; } // Fixed possible SQL injection (thanks to jeremie78) $accepted_orders = array('speed', 'dwned', 'finished', 'leechers', 'seeds', 'size', 'data', 'filename', 'cname'); $order = isset($_GET['order']) && in_array($_GET['order'], $accepted_orders) ? $db->real_escape_string($_GET['order']) : 'data'; $by = isset($_GET["by"]) && $db->real_escape_string($_GET["by"]) == 'ASC' ? 'ASC' : 'DESC'; list($pagertop, $limit) = misc::pager($torrentperpage, $count, $scriptname . "?" . $addparam . (utf8::strlen($addparam) > 0 ? "&" : "") . "order=" . $order . "&by=" . $by . "&"); if ($SHOW_UPLOADER) { $query = "SELECT summary.info_hash AS hash, summary.seeds, summary.leechers, summary.finished AS finished, summary.dlbytes AS dwned, namemap.filename, namemap.url, namemap.info, namemap.anonymous, summary.speed, UNIX_TIMESTAMP( namemap.data ) AS added, categories.image, categories.name AS cname, namemap.category AS catid, namemap.size, namemap.external, namemap.uploader AS upname, users.username AS uploader, prefixcolor, suffixcolor FROM summary LEFT JOIN namemap ON summary.info_hash = namemap.info_hash LEFT JOIN categories ON categories.id = namemap.category LEFT JOIN users ON users.id = namemap.uploader LEFT JOIN users_level ON users.id_level=users_level.id " . $where . " ORDER BY " . $order . " " . $by . " " . $limit; } else { $query = "SELECT summary.info_hash AS hash, summary.seeds, summary.leechers, summary.finished AS finished, summary.dlbytes AS dwned, namemap.filename, namemap.url, namemap.info, summary.speed, UNIX_TIMESTAMP( namemap.data ) AS added, categories.image, categories.name AS cname, namemap.category AS catid, namemap.size, namemap.external, namemap.uploader FROM summary LEFT JOIN namemap ON summary.info_hash = namemap.info_hash LEFT JOIN categories ON categories.id = namemap.category " . $where . " ORDER BY " . $order . " " . $by . " " . $limit; } $results = $db->query($query) or err_msg(ERROR, CANT_DO_QUERY . "<br />" . $query); } $i = 0; if ($by == "ASC") { $mark = " ↑"; } else { $mark = " ↓"; } ?> </tr> <tr> <td colspan='2' align='center'><?php echo $pagertop; ?> </td> </tr>
mysql_query($sql) or die(mysql_error()); if (mysql_affected_rows() > 0) { header('Location: thread.php?tid=' . $tid); } else { err_msg("Reply not exist or no permission."); } } if ($_REQUEST['target'] == 'thread') { $tid = $_REQUEST['tid']; $toplevel = -1; $stat = -1; if ($_REQUEST['action'] == 'sticky') { if (array_key_exists('level', $_REQUEST) && is_numeric($_REQUEST['level']) && $_REQUEST['level'] >= 0 && $_REQUEST['level'] < 4) { $toplevel = $_REQUEST['level']; } else { err_msg("Invalid sticky level."); } } if ($_REQUEST['action'] == 'resume') { $stat = 0; } if ($_REQUEST['action'] == 'lock') { $stat = 1; } if ($_REQUEST['action'] == 'delete') { $stat = 2; } if (!isset($_SESSION['administrator'])) { errmsg("<a href=./loginpage.php>Please Login First</a>"); } if ($toplevel == -1 && $stat == -1) {
if (isset($dob)) { $set[] = "dob='{$dob}'"; } $updateset = implode(",", $set); // Reverify Mail Hack by Petr1fied - Start ---> // If they've tried to change their e-mail, give them a message telling them as much if ($email != "" && $VALIDATION == "user" && $email != $CURUSER["email"]) { success_msg($language["EMAIL_VERIFY_BLOCK"], "" . $language["EMAIL_VERIFY_SENT1"] . " " . $email . " " . $language["EMAIL_VERIFY_SENT2"] . "<a href=\"" . $BASEURL . "\">" . $language["MNU_INDEX"] . "</a>"); stdfoot(true, false); exit; } elseif ($updateset = implode(",", $set)) { } // <--- Reverify Mail Hack by Petr1fied - End $park = $_POST['park']; if (!is_numeric($park)) { err_msg(ERROR, "Something went wrong"); stdfoot(); exit; } if ($updateset != "") { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET {$updateset} WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); if ($park == 0) { $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT parked from {$TABLE_PREFIX}users where id = {$uid}"); $p = mysqli_result($r, 0, "parked"); if ($p != 0) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level={$p} WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET parked='0' WHERE id={$uid}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); } } else { $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id_level from {$TABLE_PREFIX}users where id = {$uid}"); $cc = mysqli_result($r, 0, "id_level");
function stderr($heading, $text) { err_msg($heading, $text); stdfoot(); die; }
if ($_POST["old_pwd"] == "") { err_msg($language["ERROR"], $language["INS_OLD_PWD"]); stdfoot(); exit; } elseif ($_POST["new_pwd"] == "") { err_msg($language["ERROR"], $language["INS_NEW_PWD"]); stdfoot(); exit; } elseif ($_POST["new_pwd"] != $_POST["new_pwd1"]) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } else { $respwd = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}users WHERE id={$uid} AND password='******' AND username="******"username"]) . ""); if (!$respwd || mysql_num_rows($respwd) == 0) { err_msg($language["ERROR"], $language["ERR_RETR_DATA"]); } else { $arr = mysql_fetch_assoc($respwd); do_sqlquery("UPDATE {$TABLE_PREFIX}users SET password='******' WHERE id={$uid} AND password='******' AND username="******"username"]) . "") or die(mysql_error()); if ($GLOBALS["FORUMLINK"] == "smf") { $passhash = smf_passgen($CURUSER["username"], $_POST["new_pwd"]); do_sqlquery("UPDATE {$db_prefix}members SET passwd='{$passhash['0']}', passwordSalt='{$passhash['1']}' WHERE ID_MEMBER=" . $arr["smf_fid"]) or die(mysql_error()); } success_msg($language["PWD_CHANGED"], "" . $language["NOW_LOGIN"] . "<br /><a href=\"index.php?page=login\">Go</a>"); stdfoot(true, false); } } break; case '': case 'change': default:
break; case "delete": $id = intval($_GET["id"]); // control if there are posts/topics $resforum = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT *,IF((SELECT COUNT(*) FROM {$TABLE_PREFIX}forums WHERE id_parent={$id})>0,1,0) as i_am_parent FROM {$TABLE_PREFIX}forums WHERE id={$id}"); if ($_GET["confirm"] == 1) { mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}posts WHERE topicid IN (SELECT id FROM {$TABLE_PREFIX}topics WHERE forumid={$id})") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}topics WHERE forumid={$id}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}forums WHERE id={$id}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); redirect("index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=read"); exit; } if ($resforum) { $result = mysqli_fetch_assoc($resforum); if ($result["i_am_parent"]) { err_msg($language["WARNING"], $language["FORUM_ERR_CANNOT_DELETE_PARENT"]); stdfoot(false, false, true); exit; } elseif ($result["topiccount"] > 0 || $result["postcount"] > 0) { $msg = $language["FORUM_PRUNE_1"]; $msg .= $language["FORUM_PRUNE_2"] . " <a href=\"index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=delete&id={$id}&confirm=1\">" . $language["CLICK_HERE"] . "</a>"; $msg .= ",<br />" . $language["FORUM_PRUNE_3"]; err_msg($language["WARNING"], $msg); stdfoot(false, false, true); exit; } else { redirect("index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=forum&action=delete&id={$id}&confirm=1"); exit; } } }
do_sqlquery("DELETE FROM {$TABLE_PREFIX}bannedip WHERE id=" . $id, true); success_msg($language["SUCCESS"], $language["BAN_DELETED"]); stdfoot(true, false); break; case 'write': if ($_POST['firstip'] == "" || $_POST['lastip'] == "") { stderr($language["ERROR"], $language["BAN_NO_IP_WRITE"]); } else { //ban the ip for real $firstip = $_POST["firstip"]; $lastip = $_POST["lastip"]; $comment = $_POST["comment"]; $firstip = sprintf("%u", ip2long($firstip)); $lastip = sprintf("%u", ip2long($lastip)); if ($firstip == -1 || $lastip == -1) { err_msg($language["ERROR"], $language["BAN_IP_ERROR"]); } else { $comment = sqlesc($comment); $added = sqlesc(time()); do_sqlquery("INSERT INTO {$TABLE_PREFIX}bannedip (added, addedby, first, last, comment) VALUES({$added}, {$CURUSER['uid']}, {$firstip}, {$lastip}, {$comment})", true); } } // don't break, so now we read directly ;) // don't break, so now we read directly ;) case '': case 'read': default: $banned = array(); $getbanned = do_sqlquery("SELECT b.*, u.username FROM {$TABLE_PREFIX}bannedip b LEFT JOIN {$TABLE_PREFIX}users u ON u.id=b.addedby ORDER BY b.added DESC", true); $rowsbanned = @mysql_num_rows($getbanned); $admintpl->set("frm_action", "index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=banip&action=write");