if($_GET['noheader']==1) { header('Location: /history.php'); }else{ header('Location: users.php'); } exit(); } if(array_get($_GET, 'noheader')==1) { page_header(0); }else{ page_header(); } $db=new DBConnection(); $userDetails=$db->getRow('users','user_account_num="'.$_GET['uid'].'"','user_email, user_firstname, user_lastname, user_username, user_account_num, user_balance'); if(isset($_GET['buyref'])) { $query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Buy Confirmation"'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0) { $row=$db->fetch($res); $_POST['mail_templates_id']=$row['mail_templates_id']; } }elseif(isset($_GET['sellref'])) { $query='SELECT mail_templates_id FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Sell Confirmation"'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0) { $row=$db->fetch($res); $_POST['mail_templates_id']=$row['mail_templates_id'];
$query='UPDATE stock_trades SET trade_shares_left=0, trade_status=4 WHERE trades_id='.($row['trades_id']+0).''; $db->rq($query); } if ($_POST['trade_status']==1){ $fixPostValue=str_replace(',', '', $_POST['trade_invoiced']); $query='UPDATE users SET user_balance=(user_balance+'.($fixPostValue+0).'), user_lastupdate="'.date('Y-m-d H:i:s', CUSTOMTIME).'" WHERE user_account_num="'.$_POST['user_account_num'].'"'; $db->rq($query); } $query='INSERT INTO trades_related SET trade_ref='.($tradeRef+0).', trade_ref_relatedto='.($row['trade_ref']+0).''; $db->rq($query); $link='sellref='.$tradeRef; $uDetails=$db->getRow('users','user_account_num="'.$_POST['user_account_num'].'"','user_firstname, user_lastname, user_account_num'); addLog('Back-end','Stock Trades',''.$uDetails['user_firstname'].' '.$uDetails['user_lastname'].' ('.$uDetails['user_account_num'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Sell added '.($tradeRef+0).' ('.$tradesSellStatuses[$_POST['trade_status']].')'); }else{ //EDIT SELL ORDER $mysql_fields=''; $mysql_fields.='user_account_num="'.($row['user_account_num']+0).'", '; $mysql_fields.='trade_shares="'.$_POST['trade_shares'].'", '; $mysql_fields.='trade_shares_left="'.$_POST['trade_shares'].'", '; $mysql_fields.='trade_details="'.$_POST['trade_details'].'", '; $mysql_fields.='trade_price_share="'.str_replace(',', '', $_POST['trade_price_share']).'", '; $mysql_fields.='trade_value="'.str_replace(',', '', $_POST['trade_value']).'", '; $mysql_fields.='trade_fees="'.str_replace(',', '', $_POST['trade_fees']).'", '; $mysql_fields.='trade_invoiced="'.str_replace(',', '', $_POST['trade_invoiced']).'", '; $mysql_fields.='trade_date="'.$_POST['trade_date'].'", '; $mysql_fields.='trade_status="'.$_POST['trade_status'].'", ';
function addNewTradeSell($tradesSell_id=0) { $db=new DBConnection(); if ($tradesSell_id&&!$_POST['_form_submit']){ $query='SELECT * FROM trades WHERE trade_ref="'.$tradesSell_id.'"'; $res=$db->rq($query); $_POST=$db->fetch($res); $_SESSION['admin']['uedit']=$_POST['trades_id']; } $JSCripts=' onchange="setDetails(0);"'; $JSCriptsPremium=' onchange="setDetails(1);"'; if ($_POST['trade_date']=='') $_POST['trade_date']=date('Y-m-d', CUSTOMTIME); global $tradesSellStatuses; global $tradesBuyOptions; $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>'.(($_GET['action']=='new_sell')?'Adding new':'Editing').' SELL Order</b></div> <script type="text/javascript" src="../js/jquery.metadata.js"></script> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/tradesSell.js"></script> <script type="text/javascript"> jQuery(document).ready( function($) { var sliderValue = '.$_POST['trade_positions_left'].'; $("#slider").slider( { min : 1, max : '.$_POST['trade_positions_left'].', step : 1, value : [ sliderValue ], slide : function(event, ui) { $("#sliderVal").val(ui.value); } }); $("#sliderVal").attr("value", sliderValue); $("#sliderVal").keyup(function() { var sliderValue = +this.value; if (sliderValue >= 1 && sliderValue <= '.$_POST['trade_positions_left'].') { $("#slider").slider("value", sliderValue); } else { alert("Please enter a value between 1 and '.$_POST['trade_positions_left'].'"); $("#slider").slider("value", 1); $("#sliderVal").attr("value", 1); } }); $("#slider, #sliderVal").bind("mousedown mouseup mousemove mouseout mouseover", function() { setDetails(); }); setDetails(); }); </script> <form name="addNewTradeBuy" method="POST" id="MainForms" action=""> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Account</legend> <div class="formsRight"> <select name="user_account_num" id="user_account_num" class="text-input-big" title="Please select user account!" validate="required:true">'; $query='SELECT user_account_num, user_firstname, user_lastname, user_balance FROM users WHERE user_account_num="'.$_POST['user_account_num'].'" LIMIT 1'; $res=$db->rq($query); while (($row=$db->fetch($res))!=FALSE){ $pcontent.='<option value="'.$row['user_account_num'].'">'.$row['user_account_num'].' ('.$row['user_firstname'].' '.$row['user_lastname'].', $'.$row['user_balance'].')</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Contract</legend> <div class="formsLeft">Trade Order:</div> <div class="formsRight">SELL</div> <br /> <div class="formsLeft">Position(s):</div> <div class="formsRight"> <div id="slider"><a href="#"></a></div> <input type="text" class="text-input-smallest left" id="sliderVal" name="trade_positions"'.$JSCripts.' /> </div> <br /><br /> <div class="formsLeft">Option:</div> <div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_option" id="trade_option" value="'.$tradesBuyOptions[$_POST['trade_option']].'"></div> <br /> <div class="formsLeft">Commodity:</div> <div class="formsRight">'; $query='SELECT * FROM commodities WHERE commodities_id='.($_POST['commodities_id']+0).' LIMIT 1'; $res=$db->rq($query); $row=$db->fetch($res); $strToUse=strtotime($_POST['trade_expiry_date']); $pcontent.=' <input class="text-input ui-state-default" type="text" name="commodities_id" id="commodities_id" value="'.$row['commodities_symbol'].' ('.$row['commodities_name'].')"> </div> <br /> <div class="formsLeft">Expiry Date:</div> <div class="formsRight"> <div class="formsRight"><input class="text-input ui-state-default" type="text" name="trade_expiry_date" id="trade_expiry_date" value="'.date('d M y', $strToUse).'"></div> </div> <br /> <div class="formsLeft">Strike Price:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_strikeprice" id="trade_strikeprice" value="'.$_POST['trade_strikeprice'].'"'.$JSCripts.' /> </div><br /> <div class="formsLeft">Notes:</div> <div class="formsRight"> <input type="text" class="text-input left" name="trade_notes" value="'.$_POST['trade_notes'].'"'.$JSCripts.' /> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Trade Details</legend> <input class="ui-state-default trade-details" type="text" name="trade_details" id="trade_details" value="'.(($_POST['trade_details']!='')?''.$_POST['trade_details'].'':'BUY').'" readonly /> </fieldset> <div class="clear"></div>'; $totalRelated=0; $query2='SELECT trade_ref_relatedto FROM trades_related WHERE trade_ref="'.$_POST['trade_ref'].'"'; $res2=$db->rq($query2); $totalRelated=$db->num_rows($res2); if ($totalRelated>0){ $row2=$db->fetch($res2); $getRelatedInfo=$db->getRow('trades','trade_ref="'.$row2['trade_ref_relatedto'].'"','trade_ref, trade_details'); $pcontent.=' <fieldset class="mainFormHolder left"> <legend>Related Trades</legend><br /> <div class="ui-state-default trade-details"><a href="trades.php?action=edit_buy&tref='.$getRelatedInfo['trade_ref'].'" style="display:block;">'.$getRelatedInfo['trade_details'].'</a></div><br /> </fieldset>'; } $pcontent.=' </div> <div class="left"> <fieldset class="mainFormHolder left"> <legend>Prices</legend> <div class="formsLeft">Premium:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_premium_price" id="trade_premium_price" value="'.$_POST['trade_premium_price'].'"'.$JSCriptsPremium.' /> </div> <br /> <div class="formsLeft">Contract Size:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_contract_size" id="trade_contract_size" value="'.$_POST['trade_contract_size'].'" readonly /> </div> <br /> <div class="formsLeft">Price/contract:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_price_contract" id="trade_price_contract" value="'.$_POST['trade_price_contract'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Trade Value:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_value" id="trade_value" value="'.$_POST['trade_value'].'" readonly /> </div> <br /> <div class="formsLeft">Fees:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="trade_fees" id="trade_fees" value="'.$_POST['trade_fees'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Total Invoiced:</div> <div class="formsRight"> <input class="text-input align-right ui-state-default" type="text" name="trade_invoiced" id="trade_invoiced" value="'.$_POST['trade_invoiced'].'" /> </div> </fieldset> <div class="clear"></div> <fieldset class="mainFormHolder left"> <legend>Settings</legend> <div class="formsLeft">Value date:</div> <div class="formsRight"><input class="text-input" type="text" name="trade_date" id="trade_date" value="'.$_POST['trade_date'].'" /></div> <br /> <div class="formsLeft">Status:</div> <div class="formsRight"> <select name="trade_status" class="text-input">'; foreach ($tradesSellStatuses as $StatusID=>$StatusName){ $pcontent.='<option value="'.$StatusID.'"'.(($StatusID==$_POST['trade_status'])?' selected':'').'>'.$StatusName.'</option>'; } $pcontent.=' </select> </div> </fieldset> <div class="clear"></div> <div class="mainFormHolder left btnsHolder"> <input type="hidden" name="_form_submit" value="1" /> <input type="hidden" name="_add_sell" value="1" /> <input type="hidden" name="trid" value="'.$tradesSell_id.'"> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> <input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete this SELL?\')) location=\'?action=delete_sell&sellid='.($_POST['trade_ref']).'\';" /> <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'trades.php\';" /> </div> </div> </form> </div>'; $db->close(); return $pcontent; }
exit(); }else { $page_content=addNewUser($_GET['uid']); } break; case 'delete' : if($_SESSION['admin']['is_logged']==1) { $exp="/[^a-zA-Z0-9]/i"; $check=preg_match($exp, $_GET['uid']); if(($check+0)==1) { header('Location: users.php'); exit(); } $db=new DBConnection(); $uDetails=$db->getRow('users','user_uid="'.$_GET['uid'].'"','user_firstname, user_lastname, user_account_num'); $query='SELECT * FROM trades WHERE user_account_num="'.$uDetails['user_account_num'].'"'; $res=$db->rq($query); $num_rows=$db->num_rows($res); if($num_rows>0) { while(($row=$db->fetch($res)) != FALSE) { $query2='DELETE FROM trades_related WHERE trade_ref="'.$row['trade_ref'].'" OR trade_ref_relatedto="'.$row['trade_ref'].'"'; $db->rq($query2); } } $query='DELETE FROM trades WHERE user_account_num="'.$uDetails['user_account_num'].'"'; $db->rq($query); $query='DELETE FROM transfers WHERE user_account_num="'.$uDetails['user_account_num'].'"'; $db->rq($query);
exit(); }else{ $page_content=addNewWithdraw($_GET['ref']); } break; case 'delete_withdraw' : if ($_SESSION['admin']['is_logged']==1){ $exp="/[^a-zA-Z0-9]/i"; $check=preg_match($exp, $_GET['wtrid']); if (($check+0)==1){ header('Location: transfers.php'); exit(); } $db=new DBConnection(); $getCurrentData=$db->getRow('transfers', 'tr_ref="'.$_GET['wtrid'].'"'); /*** FIX USERS's BALANCE IF CURRENT STATUS IS TRANSFERED ***/ if ($getCurrentData['tr_status']==1){ // if new status is Transfered $query='UPDATE users SET user_balance=(user_balance+'.($getCurrentData['tr_total']+0).'), user_lastupdate="'.date('Y-m-d H:i:s', CUSTOMTIME).'" WHERE user_account_num="'.$getCurrentData['user_account_num'].'"'; $db->rq($query); } $query='DELETE FROM transfers WHERE tr_ref="'.$_GET['wtrid'].'"'; $db->rq($query); global $depositOptions; $uDetails=$db->getRow('users','user_account_num="'.$getCurrentData['user_account_num'].'"','user_firstname, user_lastname, user_account_num'); addLog('Back-end','Transfers',''.$uDetails['user_firstname'].' '.$uDetails['user_lastname'].' ('.$uDetails['user_account_num'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Withdraw deleted '.($_GET['wtrid']+0).' ('.$depositOptions[$getCurrentData['tr_status']].')'); $db->close();
$cmd=''; } if (isset($_POST['_back'])) $cmd=''; $page_content=''; switch ($cmd) { case 'new': $page_content=addNewCommodityGroup(); break; case 'edit': $page_content=addNewCommodityGroup($_GET['cgid']+0); break; case 'delete' : if($_SESSION['admin']['is_logged']==1) { $db=new DBConnection(); $currentInfo=$db->getRow('commodities_groups','commodities_groups_id='.($_GET['cgid']+0).''); $query='DELETE FROM commodities_groups WHERE commodities_groups_id='.($_GET['cgid']+0); $db->rq($query); addLog('Back-end','Back-end Settings, Commodities - groups',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity group deleted ('.$currentInfo['commodities_groups_name'].')'); $db->close(); header('Location: commodities_groups.php'); exit(); } break; default : $page_content=listCommoditiesGroup(); break; }
$cmd=''; } if (isset($_POST['_back'])) $cmd=''; $page_content=''; switch ($cmd) { case 'new': $page_content=addNewExpDate(); break; case 'edit': $page_content=addNewExpDate($_GET['edid']+0); break; case 'delete' : if($_SESSION['admin']['is_logged']==1) { $db=new DBConnection(); $currentInfo=$db->getRow('expiry_dates','expiry_dates_id='.($_GET['edid']+0).''); $query='DELETE FROM expiry_dates WHERE expiry_dates_id='.($_GET['edid']+0); $db->rq($query); addLog('Back-end','Back-end Settings, Commodities - exp. dates',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity expiry date deleted ('.$currentInfo['expiry_date'].')'); $db->close(); header('Location: expiry_dates.php'); exit(); } break; default : $page_content=listExpDates(); break; }
function addNewValue($details_id=0) { $JSCripts=' onchange="setDetails();"'; $db=new DBConnection(); $pcontent=''; $pcontent.=' <div class="mainHolder"> <div class="hintHolder ui-state-default"><b>Adding New Stock Values</b></div> <script type="text/javascript" src="../js/jquery.validate.js"></script> <script type="text/javascript" src="js/forms/stockValues.js"></script> <form name="addNewStockValue" method="POST" id="MainForms" action="">'; $query='SELECT * FROM stocks ORDER BY stocks_name ASC'; $res=$db->rq($query); $num = 1; $pcontent.='<div class="left">'; while (($row=$db->fetch($res))!=FALSE){ if($details_id > 0) { $details_id = $db->string_escape($details_id); $curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" AND details_ref="'.$details_id.'"','value, volume, date'); } else { $curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" ORDER BY date DESC','value, volume'); } if($curval){ $date = array_get($curval, 'date'); $pcontent.='<fieldset class="mainFormHolder"> <legend>Share</legend> <div class="formsLeft">Share:</div> <div class="formsRight"> <select name="stocks_id_'.$num.'" id="stocks_id_'.$num.'" class="text-input">'; $pcontent.='<option value="'.$row['stocks_id'].'">'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>'; $pcontent.=' </select> </div><br /> <div class="formsLeft">Value:</div> <div class="formsRight"> <input class="required text-input align-right" type="text" name="value_'.$num.'" id="value_'.$num.'" value="'.$curval['value'].'"'.$JSCripts.' /> </div> <br /> <div class="formsLeft">Volume:</div> <div class="formsRight"> <input class="text-input align-right" type="text" name="volume_'.$num.'" id="volume_'.$num.'" value="'.$curval['volume'].'"'.$JSCripts.' /> </div><br /> </fieldset>'; } $num++; } $pcontent.='</div><div class="left"><fieldset class="mainFormHolder"> <legend>Date</legend> <div class="formsLeft">Value date:</div> <div class="formsRight"><input class="text-input" type="text" name="date_value" id="date_value" value="'.$date.'" /></div> <br />'; if($details_id) { $pcontent.='<input type="hidden" name="trade_ref" value="'.$details_id.'" />'; $pcontent.='<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete the values from this date?\')) location=\'?action=delete_values&sid='.($details_id).'\';" />'; } $pcontent.='<input type="hidden" name="_form_submit" value="1" /> <input type="hidden" name="_new_value" value="1" /> <input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" /> '; $pcontent.=' <input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'stocks.php\';" /> </fieldset></div> </form> </div>'; return $pcontent; }
} $db=new DBConnection(); $query='SELECT * FROM stock_trades WHERE trade_ref="'.($_GET['sellid']+0).'"'; $res=$db->rq($query); $row=$db->fetch($res); $query2='SELECT * FROM trades_related WHERE trade_ref="'.($_GET['sellid']+0).'"'; $res2=$db->rq($query2); $row2=$db->fetch($res2); $query3='UPDATE stock_trades SET trade_shares_left=(trade_shares_left+'.($row['trade_shares']+0).') WHERE trade_ref="'.$row2['trade_ref_relatedto'].'"'; $db->rq($query3); $checkPositions=$db->getRow('stock_trades','trade_ref="'.$row2['trade_ref_relatedto'].'"','trade_shares_left'); if($checkPositions['trade_shares_left']>0) { $query4='UPDATE stock_trades SET trade_status=1 WHERE trade_ref="'.$row2['trade_ref_relatedto'].'"'; $db->rq($query4); } if ($row['trade_type']==2&&$row['trade_status']==1){ $query='UPDATE users SET user_balance=(user_balance-'.($row['trade_invoiced']+0).'), user_lastupdate="'.date('Y-m-d H:i:s', CUSTOMTIME).'" WHERE user_account_num="'.$row['user_account_num'].'"'; $db->rq($query); } $query='DELETE FROM trades_related WHERE trade_ref="'.$_GET['sellid'].'"'; $db->rq($query); $query='DELETE FROM stock_trades WHERE trade_ref="'.$_GET['sellid'].'"'; $db->rq($query);
$page_content=addNewAdvisor(); break; case 'edit' : if ($_GET['ref']!=''&&($_GET['advid']+0)==0){ $db=new DBConnection(); $query='SELECT users_advisors_id FROM users_advisors WHERE advisor_ref="'.$db->string_escape($_GET['ref']).'" LIMIT 1'; $res=$db->rq($query); $row=$db->fetch($res); $_GET['advid']=($row['users_advisors_id']+0); } $page_content=addNewAdvisor($_GET['advid']+0); break; case 'delete' : if ($_SESSION['admin']['is_logged']==1){ $db=new DBConnection(); $getCurrentData=$db->getRow('users_advisors', 'users_advisors_id="'.$_GET['advid'].'"'); $query='DELETE FROM users_advisors WHERE users_advisors_id='.($_GET['advid']+0); $db->rq($query); addLog('Back-end','Advisors',''.$getCurrentData['advisor_names'].' ('.$getCurrentData['advisor_ref'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Advisor deleted'); $db->close(); header('Location: users_advisors.php'); exit(); } break; default : $page_content=listAdvisors(); break; }
break; case 'edit' : if (isset($_GET['username']) && array_get($_GET, 'aid', 0) == 0){ $db = new DBConnection(); $query = 'SELECT id FROM ul_logins WHERE username="******" LIMIT 1'; $res = $db->rq($query); $row = $db->fetch($res); $_GET['aid'] = $row['id']; } $page_content = addNewAdmin($_GET['aid']+0); break; case 'delete' : if (isAppLoggedIn()){ $db = new DBConnection(); $currentData = $db->getRow('ul_logins', 'id='.($_GET['aid']+0).''); $ulogin->DeleteUser($_GET['aid']); addLog('Back-end','Back-end users',''.$currentData['name'].' ('.$currentData['ref'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Admin deleted'); $db->close(); header('Location: users_admins.php'); exit(); } break; default : $page_content = listAdmins(); break; }
global $tradesBuyOptions; if (!$_POST['tref']){ $tradeRef=hexdec(substr(uniqid(''), 0, 10))-81208208208; $query='INSERT INTO stock_trades SET '.$mysql_fields.', trade_shares_left='.($_POST['trade_shares']+0).', trade_type=4, trades_id="'.NID.'", trade_ref='.($tradeRef+0); //.', trade_date="'.date('Y-m-d H:i:s', CUSTOMTIME).'"' $db->rq($query); if ($_POST['trade_status']==1){ $fixPostValue=str_replace(',', '', $_POST['trade_invoiced']); $query='UPDATE users SET user_balance=(user_balance+'.($fixPostValue+0).'), user_lastupdate="'.date('Y-m-d H:i:s', CUSTOMTIME).'", user_trades=(user_trades+1) WHERE user_account_num="'.$_POST['user_account_num'].'"'; $db->rq($query); } $link='buyref='.$tradeRef; $uDetails=$db->getRow('users','user_account_num="'.$_POST['user_account_num'].'"','user_firstname, user_lastname, user_account_num'); addLog('Back-end','Stock Trades',''.$uDetails['user_firstname'].' '.$uDetails['user_lastname'].' ('.$uDetails['user_account_num'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Short Sell added '.($tradeRef+0).' ('.$tradesBuyOptions[$_POST['trade_option']].' @ '.$tradesStatuses[$_POST['trade_status']].')'); }else{ $query='SELECT * FROM stock_trades WHERE trade_ref="'.$_POST['tref'].'" LIMIT 1'; $res=$db->rq($query); $row=$db->fetch($res); $query='UPDATE stock_trades SET '.$mysql_fields.', trade_shares_left=0, trade_type=4 WHERE trade_ref="'.$_POST['tref'].'"'; //, trade_date="'.date('Y-m-d H:i:s', CUSTOMTIME).'" $db->rq($query); $fixPostValue=str_replace(',', '', $_POST['trade_invoiced']); /*** FIX USERS's BALANCE IF NEEDED ***/ if($fixPostValue==$row['trade_invoiced']&&$_POST['trade_status']!=$row['trade_status']){ // if new total and old total are same, but status is different if ($_POST['trade_status']==1&&$row['trade_status']!=1&&$row['trade_status']!=4){