<?php require_once "/home/bocawebgroup/public_html/inc/ad_track.inc"; require_once "inc/config.inc"; require_once "../inc/dbi.inc"; $seo__page_title = ''; $seo__meta_kws = ''; $seo__meta_desc = ''; $seo__url_fname = ''; $seo__url_dname = ''; if (isset($_POST['name']) && isset($_POST['data'])) { $name = $_POST['name']; $date = $_POST['data']; } else { $db = new dbi(); $db->query("select * from info where id = '" . $_GET[id] . "' and site = '" . SITE . "'"); if ($db->numrows()) { $name = $db->result("info.name"); $data = $db->result("info.data"); $seo__page_title = $db->result("info.page_title"); $seo__meta_kws = $db->result("info.meta_keywords"); $seo__meta_desc = $db->result("info.meta_description"); $seo__url_fname = $db->result("info.url_filename"); $seo__url_dname = $db->result("info.url_foldername"); } else { header($_SERVER['SERVER_PROTOCOL'] . " 404 Not Found"); include "404.php"; exit; } } $newURL = DOCUMENT_BASE . '/' . SEO_format_url($_GET['id'], 'info', $name, $seo__url_fname, $seo__url_dname);
<script language="javascript" type="text/javascript"> //<![CDATA[ var tl_loc0=(window.location.protocol == "https:")? "https://secure.comodo.net/trustlogo/javascript/trustlogo.js" : "http://www.trustlogo.com/trustlogo/javascript/trustlogo.js"; document.writeln('<scr' + 'ipt language="JavaScript" src="'+tl_loc0+'" type="text\/javascript">' + '<\/scr' + 'ipt>'); //]]> </script> </head> <body> <?php include "../inc/header.inc"; ?> <h1>Your Account</h1> <?php $db = new dbi(); if (isset($_POST[newaccount])) { if (!preg_match("/^[a-z0-9\\.\\-_]+\\@[a-z0-9\\.\\-_]+\\.[a-z]+\$/", $_POST[email])) { $error = "Create a valid e-mail account."; } elseif (strlen($_POST[password]) < 4 || strlen($_POST[password]) > 16) { $error = "Password must be between 4 and 16 characters."; } elseif ($_POST[password] != $_POST[cpassword]) { $error = "Passwords do not match."; } else { $db->query("select * from account where email = '" . $_POST[email] . "'"); if ($db->numrows()) { $error = "Account already exists. Please try logging in."; } else { $_SESSION['account_id'] = $db->query("insert into account (email, password, po, created) values('" . strtolower($_POST['email']) . "', '" . base64_encode(encrypto($_POST['password'], strtolower(substr($_POST[email], 0, 2)))) . "', 'n', '" . date("Y-m-d H:i:s", time()) . "')"); $_SESSION[email] = $_POST[email]; }
$_POST['meta_description'] = str_replace('"', '"', trim($_POST['meta_description'])); } if ($_POST['url_filename'] != '') { $_POST['url_filename'] = cleanforurl2(trim($_POST['url_filename'])); } if ($_POST['url_foldername'] != '') { $_POST['url_foldername'] = cleanforurl2(trim($_POST['url_foldername'])); } } if (!$error) { if (isset($_POST['samewindow'])) { $samewindow = 'y'; } else { $samewindow = 'n'; } $updb = new dbi(); if (isset($add)) { $updb->query("\n\t\t\t\t\tINSERT\n\t\t\t\t\tINTO link\n\t\t\t\t\t(\n\t\t\t\t\t\tsite,\n\t\t\t\t\t\tname,\n\t\t\t\t\t\turl,\n\t\t\t\t\t\tsamewindow,\n\t\t\t\t\t\tpage_title,\n\t\t\t\t\t\tmeta_keywords,\n\t\t\t\t\t\tmeta_description,\n\t\t\t\t\t\turl_filename,\n\t\t\t\t\t\turl_foldername\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'" . SITE . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['name']) . "',\n\t\t\t\t\t\t'{$_POST['url']}',\n\t\t\t\t\t\t'{$samewindow}',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['page_title']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['meta_keywords']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['meta_description']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['url_filename']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['url_foldername']) . "'\n\t\t\t\t\t)\n\t\t\t\t"); } else { $updb->query("\n\t\t\t\t\tUPDATE link\n\t\t\t\t\tSET\n\t\t\t\t\t\tname = '" . mysql_real_escape_string($_POST['name']) . "',\n\t\t\t\t\t\turl = '{$_POST['url']}',\n\t\t\t\t\t\tsamewindow = '{$samewindow}',\n\t\t\t\t\t\tpage_title = '" . mysql_real_escape_string($_POST['page_title']) . "',\n\t\t\t\t\t\tmeta_keywords = '" . mysql_real_escape_string($_POST['meta_keywords']) . "',\n\t\t\t\t\t\tmeta_description = '" . mysql_real_escape_string($_POST['meta_description']) . "',\n\t\t\t\t\t\turl_filename = '" . mysql_real_escape_string($_POST['url_filename']) . "',\n\t\t\t\t\t\turl_foldername = '" . mysql_real_escape_string($_POST['url_foldername']) . "'\n\t\t\t\t\tWHERE id = '{$mod}'\n\t\t\t\t"); } print "<div align=\"center\" class=\"success\">Link updated successfully!</div><br>"; $success = 1; } } if (isset($mod)) { $moddb = new dbi(); $moddb->query("select * from link where site = '" . SITE . "' and id = '{$mod}'"); if (!$moddb->numrows()) { print "<div align=\"center\">No Link Entry with ID of '{$mod}'!</div>"; unset($moddb);
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>dbs - system information</title> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> <?php include "header.inc"; $db = new dbi(); print "<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" align=\"center\">"; print "<tr><td colspan=\"4\" align=\"center\" style=\"font-weight:bold;font-size:14px;\">Web Server Status</td></tr>"; print "<tr><td colspan=\"4\" align=\"center\">"; system("uptime"); print "</td></tr>"; print "<tr><td colspan=\"4\" align=\"center\" style=\"font-weight:bold;font-size:14px;\">Database Information</td></tr>"; $db->query("show status"); while ($db->loop()) { if ($db->result("Variable_name") == "Threads_connected") { $threads_connected = $db->result("Value"); } elseif ($db->result("Variable_name") == "Threads_running") { $threads_running = $db->result("Value"); } elseif ($db->result("Variable_name") == "Uptime") { $uptime = $db->result("Value"); } } $days = floor($uptime / (60 * 60 * 24)); $uptime = $uptime - $days * (60 * 60 * 24);
<?php } } if (!isset($add) && !isset($mod) || isset($success)) { if (isset($delete)) { $deldb = new dbi(); if (isset($confirm) && $confirm == 'y') { @unlink(BASE_IMAGE_DIR . $delete . ".jpg"); @unlink(BASE_PDF_DIR . $delete . ".jpg"); $deldb->query("delete from sample where id = '{$delete}'"); print "<div align=\"center\" class=\"success\">Sample deleted!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this Sample? <a class=\"error\" href=\"sample.php?category={$_GET['category']}&delete={$delete}&confirm=y\">Yes</a> <a class=\"error\" href=\"sample.php?category={$_GET['category']}\">No</a></div><br>"; } } $db = new dbi(); $db->query("select * from sample where category = '{$_GET['category']}' order by description asc"); print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr bgcolor=\"#990000\"><td style=\"color:#FFFFFF;\">Samples</td><td align=\"right\"><a href=\"sample.php?category={$_GET['category']}&add=1\" style=\"color:#FFFFFF;\">Add a Sample</a></td></tr>"; if ($db->numrows()) { while ($db->loop()) { print "<tr><td><a href=\"sample.php?category={$_GET['category']}&mod=" . $db->result("id") . "\">" . substr($db->result("description"), 0, 100) . "</a></td><td align=\"right\"><a href=\"sample.php?category={$_GET['category']}&delete=" . $db->result("id") . "\">Delete?</a></td></tr>"; } } else { print "<tr><td colspan=\"2\" align=\"center\">No Samples for that Category!</td></tr>"; } print "</table>"; } include "footer.inc"; ?> </body>
if (isset($error) && $_POST[type] == "sample" && $prodb->result("id") == $_POST[sample] || !isset($error) && isset($moddb) && $moddb->result("type") == "sample" && $moddb->result("type_id") == $prodb->result("id")) { print " selected=\"selected\""; } print ">" . $prodb->result("name") . "</option>"; } ?> </select></td></tr> <tr><td><input type="radio" name="type" value="product"<?php if (isset($error) && $_POST[type] == 'product') { print " checked=\"checked\""; } elseif (isset($moddb) && $moddb->result("type") == 'product') { print " checked=\"checked\""; } ?> ></td><td>Product <select name="product"><option value=""></option><?php $prodb = new dbi(); $prodb->query("select * from product_category where site = '" . SITE . "' order by name asc"); while ($prodb->loop()) { print "<option value=\"" . $prodb->result("id") . "\""; if (isset($error) && $_POST[type] == "product" && $prodb->result("id") == $_POST[product] || !isset($error) && isset($moddb) && $moddb->result("type") == "product" && $moddb->result("type_id") == $prodb->result("id")) { print " selected=\"selected\""; } print ">" . $prodb->result("name") . "</option>"; } ?> </select></td></tr> </table> </td></tr> <tr bgcolor="#990000"><td colspan="2" align="center"><input type="submit" value="Update"></td></tr> </table> </form>
<?php if ($_SERVER["HTTPS"] != 'on') { header("Location: https://www.databusinesssystems.com" . $_SERVER['REQUEST_URI']); exit; } require_once "../inc/dbi.inc"; require_once "../inc/crypt.inc"; $employee = array("J. Kirschner", "L. Higgs", "A. Picillo", "K. Hou"); $db = new dbi(); if (isset($_POST['status'])) { mysql_query("update orders set status = '" . $_POST['status'] . "', placed_by = " . ($_POST['placed_by'] ? "'" . $_POST['placed_by'] . "'" : "NULL") . " where id = '" . $_GET['id'] . "'", $dbh); if ($_POST['status'] == "processed" || $_POST['status'] == "canceled") { header("Location: index.php"); exit; } } if (isset($_POST['history']) && strtotime($_POST['history']) > 0) { mysql_query("update orders set datetime = '" . strtotime($_POST['history']) . "' where id = '" . $_GET['id'] . "'", $dbh); } if (isset($_POST['oitem'])) { $query = "update order_items set vendor = '" . addslashes($_POST['vendor']) . "', job = '" . addslashes($_POST['job']) . "'"; if ($_POST['reminder'] != $_POST['reminder_prev']) { if ($_POST['reminder'] != "") { $query .= ", reminder = '" . date("Y-m-d", strtotime($_POST['reminder'])) . "'"; } else { $query .= ", reminder = NULL"; } $query .= ", reminder_sent = NULL"; } $query .= " where id = '{$_POST['oitem']}'";
if (!isset($add) && !isset($mod) || isset($success)) { if (isset($delete)) { $deldb = new dbi(); $deldb->query("select * from menu where site = '" . SITE . "' and type = 'info' and type_id = '{$delete}'"); if ($deldb->numrows()) { print "<div align=\"center\" class=\"error\">Information attached to Menu! Please remove from Menu first.</div><br>"; } else { if (isset($confirm) && $confirm == 'y') { $deldb->query("delete from info where site = '" . SITE . "' and id = '{$delete}'"); print "<div align=\"center\" class=\"success\">Information deleted!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this info? <a class=\"error\" href=\"info.php?delete={$delete}&confirm=y\">Yes</a> <a class=\"error\" href=\"info.php\">No</a></div><br>"; } } } $db = new dbi(); $db->query("select * from info where site = '" . SITE . "'"); print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr bgcolor=\"#990000\"><td style=\"color:#FFFFFF;\">Information</td><td colspan=\"2\"><a href=\"info.php?add=1\" style=\"color:#FFFFFF;\">Add Information Page</a></td></tr>"; if ($db->numrows()) { print "<tr><td class=\"bold\" align=\"left\">Name</td><td class=\"bold\" align=\"center\">View</td><td class=\"bold\" align=\"right\">Delete?</td></tr>"; while ($db->loop()) { print "<tr><td><a href=\"info.php?mod=" . $db->result("id") . "\">" . $db->result("name") . "</a></td><td align=\"center\"><a href=\"" . DOCUMENT_BASE . "/info/" . $db->result("id") . "\" target=\"_blank\">View</a></td><td align=\"right\"><a href=\"info.php?delete=" . $db->result("id") . "\">Delete?</a></td></tr>"; } } else { print "<tr><td colspan=\"3\" align=\"center\">No Information available!</td></tr>"; } print "</table>"; } include "footer.inc"; ?>
<link rel="stylesheet" type="text/css" href="../style.css"> </head> <body> <?php include "../inc/header.inc"; ?> <h1>Password Reminder</h1> <table align="center" cellpadding="4" cellspacing="0" align="center"> <?php if (isset($_POST[email])) { if ($_POST[email] == "") { $error = "Please specify a valid email address!"; } if (!$error) { $edb = new dbi(); $edb->query("select email,password from account where email = '{$_POST['email']}' limit 0,1"); if ($edb->numrows()) { $from = "DBS Support <*****@*****.**>"; $header = "Return-Path: {$from}\r\nFrom: {$from}\r\nReply-To: {$from}"; $message = "This is your requested password reminder from a Data Business Systems Site. Below is your account email address and password.\n\n Email Address: " . $edb->result("email") . "\n Password: "******"password")), substr($edb->result("email"), 0, 2))) . "\n\nThis information was requested from (" . $_SERVER[REMOTE_ADDR] . ").\n\nRegards,\nCustomer Support\nsupport@databusinesssystems.com"; mail($edb->result("email"), "Password Reminder", $message, $header); print "<tr><td align=\"left\">Your password has been sent! If you do not receive the email or if you are still having difficulties using your account, please email us at <a href=\"mailto:support@databusinesssystems.com\">support@databusinesssystems.com</a> or call us at 1-800-778-6247.</td></tr>"; } else { $error = "No account with that email address!"; } } } if (!isset($_POST[email]) || $error) { ?> <tr><td>If you have lost your password, enter your email address below and your information will be sent to you.<br><br></td></tr>
<tr><td class="field_title">One Time Use</td><td><input type="checkbox" name="oneuse"<?php if (isset($error) && isset($_POST[oneuse])) { print " checked=\"checked\""; } elseif (isset($moddb) && $moddb->result("oneuse") == 'y') { print " checked=\"checked\""; } ?> ></td></tr> <tr bgcolor="#990000"><td colspan="2" align="center"><input type="submit" value="Update"></td></tr> </table> </form> <?php } } if (!isset($add) && !isset($mod) || isset($success)) { $db = new dbi(); if (isset($delete)) { if (isset($confirm) && $confirm == 'y') { $db->query("delete from coupon where site = '" . SITE . "' and id = '{$delete}'"); print "<div align=\"center\" class=\"success\">Coupon deleted!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this coupon? <a class=\"error\" href=\"{$_SERVER['PHP_SELF']}?delete={$delete}&confirm=y\">Yes</a> <a class=\"error\" href=\"{$_SERVER['PHP_SELF']}\">No</a></div><br>"; } } $db->query("select * from coupon where site = '" . SITE . "'"); print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr bgcolor=\"#990000\"><td style=\"color:#FFFFFF;\" colspan=\"2\">Coupons</td><td><a href=\"{$_SERVER['PHP_SELF']}?add=1\" style=\"color:#FFFFFF;\">Add a Coupon</a></td></tr>"; if ($db->numrows()) { while ($db->loop()) { print "<tr><td valign=\"top\"><a href=\"{$_SERVER['PHP_SELF']}?mod=" . $db->result("id") . "\">" . $db->result("code") . "</a></td><td width=\"300\">" . $db->result("description") . "<td align=\"right\" valign=\"top\"><a href=\"{$_SERVER['PHP_SELF']}?delete=" . $db->result("id") . "\">Delete?</a></td></tr>"; }
if ($_POST['url_foldername'] != '') { $_POST['url_foldername'] = cleanforurl2(trim($_POST['url_foldername'])); } } if (!$error) { if (isset($add)) { mysql_query("\n\t\t\t\t\tINSERT\n\t\t\t\t\tINTO affiliate\n\t\t\t\t\t(\n\t\t\t\t\t\tsite,\n\t\t\t\t\t\tname,\n\t\t\t\t\t\turlname,\n\t\t\t\t\t\tproduct,\n\t\t\t\t\t\taccount,\n\t\t\t\t\t\tdata,\n\t\t\t\t\t\tpage_title,\n\t\t\t\t\t\tmeta_keywords,\n\t\t\t\t\t\tmeta_description,\n\t\t\t\t\t\turl_filename,\n\t\t\t\t\t\turl_foldername\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'" . SITE . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['name']) . "',\n\t\t\t\t\t\t'" . $_POST['urlname'] . "',\n\t\t\t\t\t\t'" . $_POST['product'] . "',\n\t\t\t\t\t\t'" . $_POST['account'] . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['data']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['page_title']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['meta_keywords']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['meta_description']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['url_filename']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_POST['url_foldername']) . "'\n\t\t\t\t\t)\n\t\t\t\t", $dbh); } else { mysql_query("\n\t\t\t\t\tUPDATE affiliate\n\t\t\t\t\tSET\n\t\t\t\t\t\tname = '" . mysql_real_escape_string($_POST['name']) . "',\n\t\t\t\t\t\turlname = '" . $_POST['urlname'] . "',\n\t\t\t\t\t\tproduct = '" . $_POST['product'] . "',\n\t\t\t\t\t\taccount = '" . $_POST['account'] . "',\n\t\t\t\t\t\tdata = '" . mysql_real_escape_string($_POST['data']) . "',\n\t\t\t\t\t\tpage_title = '" . mysql_real_escape_string($_POST['page_title']) . "',\n\t\t\t\t\t\tmeta_keywords = '" . mysql_real_escape_string($_POST['meta_keywords']) . "',\n\t\t\t\t\t\tmeta_description = '" . mysql_real_escape_string($_POST['meta_description']) . "',\n\t\t\t\t\t\turl_filename = '" . mysql_real_escape_string($_POST['url_filename']) . "',\n\t\t\t\t\t\turl_foldername = '" . mysql_real_escape_string($_POST['url_foldername']) . "'\n\t\t\t\t\tWHERE id = '{$mod}'\n\t\t\t\t", $dbh); } print "<div align=\"center\" class=\"success\">Affiliate updated successfully!</div><br>"; $success = 1; } } if (isset($mod)) { $moddb = new dbi(); $moddb->query("select * from affiliate where site = '" . SITE . "' and id = '{$mod}'"); if (!$moddb->numrows()) { print "<div align=\"center\">No Affiliate with ID of '{$mod}'!</div>"; unset($moddb); } } if (!isset($success)) { if ($error) { print "<div align=\"center\" class=\"error\">{$error}</div>"; } ?> <form name="information" action="<?php echo $_SERVER[PHP_SELF]; ?> ?<?php
session_start(); $_SESSION['admin'] = "true"; ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>dbs - customer search</title> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> <?php require_once "../inc/crypt.inc"; include "header.inc"; $db = new dbi(); if ($_GET['delete_account']) { $results = mysql_query("SELECT id, email FROM account WHERE id = '" . mysql_real_escape_string($_GET['delete_account']) . "'", $dbh); if (mysql_num_rows($results)) { $account = mysql_fetch_assoc($results); $results = mysql_query("SELECT id FROM orders WHERE account = '" . $account['id'] . "'", $dbh); if (mysql_num_rows($results)) { while ($row = mysql_fetch_assoc($results)) { mysql_query("DELETE FROM order_po WHERE id = '" . $row['id'] . "'", $dbh); mysql_query("DELETE FROM order_items WHERE order_id = '" . $row['id'] . "'", $dbh); } mysql_query("DELETE FROM order_address WHERE account = '" . $account['id'] . "'", $dbh); mysql_query("DELETE FROM orders WHERE account = '" . $account['id'] . "'", $dbh); } mysql_query("DELETE FROM cc_charges WHERE account = '" . $account['id'] . "'", $dbh); mysql_query("DELETE FROM account WHERE id = '" . $account['id'] . "'", $dbh);
</head> <body> <?php require_once "../inc/dbi.inc"; require_once "../inc/crypt.inc"; include "../inc/header.inc"; if (isset($_POST[email])) { if (!preg_match("/^[a-z0-9\\.\\-_]+\\@[a-z0-9\\.\\-_]+\\.[a-z]+\$/", $_POST[email])) { $error = "Please specify a valid e-mail account."; } elseif ($_POST[password] != "" && strlen($_POST[password]) < 4 || strlen($_POST[password]) > 16) { $error = "Password must be between 4 and 16 characters."; } elseif ($_POST[password] != $_POST[cpassword]) { $error = "Passwords do not match."; } else { $db = new dbi(); $db->query("select * from account where email = '" . $_POST[email] . "' and id != '{$_SESSION['account_id']}'"); if ($db->numrows()) { $error = "Email account already exists."; } else { $query = "update account set email = '{$_POST['email']}', password = "******"") { $query .= "'" . base64_encode(encrypto($_POST[password], strtolower(substr($_POST[email], 0, 2)))) . "'"; } else { $db->query("select email,password from account where id = '{$_SESSION['account_id']}'"); $oldpassword = trim(decrypto(base64_decode($db->result("password")), substr($db->result("email"), 0, 2))); $query .= "'" . base64_encode(encrypto($oldpassword, strtolower(substr($_POST[email], 0, 2)))) . "'"; } $query .= " where id = '{$_SESSION['account_id']}'"; $db->query($query); $_SESSION[email] = $_POST[email];
<?php require_once "/home/bocawebgroup/public_html/inc/ad_track.inc"; require_once "inc/config.inc"; require_once "../inc/dbi.inc"; if (isset($_POST['name']) && isset($_POST['data'])) { $name = $_POST['name']; $date = $_POST['data']; } else { $db = new dbi(); $db->query("select * from info where id = '" . $_GET[id] . "' and site = '" . SITE . "'"); if ($db->numrows()) { $name = $db->result("info.name"); $data = $db->result("info.data"); } else { header("HTTP/1.1 404 Not Found"); exit; } } ?> <html> <head> <title>One-Write - <?php echo $name; ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link rel="stylesheet" type="text/css" href="<?php echo DOCUMENT_BASE; ?> /style.css">
if (!isset($add) && !isset($mod) || isset($success)) { if (isset($delete)) { $deldb = new dbi(); $deldb->query("select * from sample_category where site = '" . SITE . "' and type = 'sample' and type_id = '{$delete}'"); if ($deldb->numrows()) { print "<div align=\"center\" class=\"error\">Sample Category attached to Menu! Please remove from Menu first.</div><br>"; } else { if (isset($confirm) && $confirm == 'y') { $deldb->query("delete from sample_category where site = '" . SITE . "' and id = '{$delete}'"); print "<div align=\"center\" class=\"success\">Sample Category Item deleted!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this sample category? <a class=\"error\" href=\"sample_category.php?delete={$delete}&confirm=y\">Yes</a> <a class=\"error\" href=\"sample_category.php\">No</a></div><br>"; } } } $db = new dbi(); $db->query("select * from sample_category where site = '" . SITE . "' order by name asc"); print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr bgcolor=\"#990000\"><td style=\"color:#FFFFFF;\">Sample Categories</td><td colspan=\"3\"><a href=\"sample_category.php?add=1\" style=\"color:#FFFFFF;\">Add a Sample Category</a></td></tr>"; if ($db->numrows()) { print "<tr><td class=\"bold\" align=\"left\">Name</td><td class=\"bold\" align=\"left\">View</td><td class=\"bold\" align=\"left\">Samples</td><td class=\"bold\" align=\"left\">Delete?</td></tr>"; while ($db->loop()) { print "<tr><td><a href=\"sample_category.php?mod=" . $db->result("id") . "\">" . $db->result("name") . "</a></td><td align=\"center\"><a href=\"" . DOCUMENT_BASE . "/sample/" . $db->result("id") . "\" target=\"_blank\">View</a></td><td align=\"center\"><a href=\"sample.php?category=" . $db->result("id") . "\">Edit</a></td><td align=\"right\"><a href=\"sample_category.php?delete=" . $db->result("id") . "\">Delete?</a></td></tr>"; } } else { print "<tr><td colspan=\"4\" align=\"center\">No Sample Categories!</td></tr>"; } print "</table>"; } include "footer.inc"; ?>
</table> </form> <?php } } if (!isset($add) && !isset($mod) || isset($success)) { if (isset($delete)) { $deldb = new dbi(); if (isset($confirm) && $confirm == 'y') { $deldb->query("delete from state_tax where id = '{$delete}'"); print "<div align=\"center\" class=\"success\">State Tax Entry deleted!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this State Tax Entry? <a class=\"error\" href=\"state_tax.php?delete={$delete}&confirm=y\">Yes</a> <a class=\"error\" href=\"state_tax.php\">No</a></div><br>"; } } $db = new dbi(); $db->query("select * from state_tax"); if ($db->numrows()) { print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr bgcolor=\"#990000\"><td style=\"color:#FFFFFF;\" colspan=\"2\">State Tax</td><td><a href=\"state_tax.php?add=1\" style=\"color:#FFFFFF;\">Add an Entry</a></td></tr>"; while ($db->loop()) { print "<tr><td width=\"50\"><a href=\"state_tax.php?mod=" . $db->result("id") . "\">" . $db->result("state") . "</a></td><td align=\"right\">" . $db->result("tax") . " %</td><td align=\"right\"><a href=\"state_tax.php?delete=" . $db->result("id") . "\">Delete?</a></td></tr>"; } print "</table>"; } } include "footer.inc"; ?> </body> </html>
} ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Data Business Systems - Order</title> <link rel="stylesheet" type="text/css" href="../style.css"> </head> <body> <?php include "../inc/header.inc"; $db = new dbi(); $tdb = new dbi(); $db->query("select * from orders where account = '" . $_SESSION['account_id'] . "' and orders.id = '{$_SERVER['QUERY_STRING']}' limit 0,1"); if ($db->numrows()) { $order_id = $db->result("id"); ?> <h1>Invoice for Order #<?php echo $db->result("id"); ?> </h1> <div style="text-align:center;margin:10px;"><a href="invoice.php?<?php echo $db->result("id"); ?> " target="_blank"><b>PRINT A COPY OF THIS INVOICE</b></a></div> <table width="95%" align="center" cellpadding="4" cellspacing="0" style="border:2px solid #000000;"> <tr class="bar"><td align="left" style="font-weight:bold;font-size:14px;" colspan="2">Shipping Information</td></tr> <tr><td colspan="2">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>dbs - ad track</title> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> <?php include "header.inc"; $db = new dbi(); $db->query("select * from ad_track order by timestamp desc limit 0,25"); ?> <table width="98%" align="center" cellpadding="3" cellspacing="0"> <tr class="bar"><td>Date/Time</td><td>Campaign</td><td>IP/HOST</td></tr> <?php while ($db->loop()) { ?> <tr bgcolor="#<?php echo $db->currentrow() % 2 ? "DDDDDD" : "FFFFFF"; ?> "><td valign="top"><?php echo date("n/d/Y", strtotime($db->result("timestamp"))); ?> <?php echo date("h:i a", strtotime($db->result("timestamp"))); ?> </td><td style="font-weight:bold;"><?php echo $db->result("campaign"); ?>
} if (!isset($_GET['add']) && !isset($_GET['mod']) || isset($success)) { if (isset($_GET['delete'])) { if (isset($_GET['confirm']) && $_GET['confirm'] == 'y') { @unlink(BASE_IMAGE_DIR . $delete . ".jpg"); @unlink(BASE_PDF_DIR . $delete . ".pdf"); mysql_query("delete from product_quantity where product = '" . $_GET['delete'] . "'", $dbh); mysql_query("delete from product_warehouse where product = '" . $_GET['delete'] . "'", $dbh); mysql_query("delete from product_option where product = '" . $_GET['delete'] . "'", $dbh); mysql_query("delete from product where id = '" . $_GET['delete'] . "'", $dbh); print "<div align=\"center\" class=\"error\">Product deleted successfully!</div><br>"; } else { print "<div align=\"center\" class=\"error\">Are you sure you want to delete this product? <a class=\"error\" href=\"product.php?" . (isset($_GET['category']) ? "category={$_GET['category']}" : "user={$_GET['user']}") . "&delete=" . $_GET['delete'] . "&confirm=y\">Yes</a> <a class=\"error\" href=\"product.php?" . (isset($_GET[category]) ? "category={$_GET['category']}" : "user={$_GET['user']}") . "\">No</a></div><br>"; } } $db = new dbi(); if (isset($_GET['category'])) { $results = mysql_query("select name from product_category where id = '" . $_GET['category'] . "'", $dbh); $bar_title = "Products for '" . mysql_result($results, 0, "name") . "'"; $db->query("select * from product where category = '{$_GET['category']}' and user = '******' order by sort, description asc"); } else { $results = mysql_query("select email from account where id = '" . $_GET['user'] . "'", $dbh); $bar_title = "Products for '" . mysql_result($results, 0, "email") . "'"; $db->query("select product_category.site,product.* from product inner join product_category on product_category.id = product.category where user = '******'user']}' order by sort, description asc"); } print "<table align=\"center\" cellpadding=\"2\" cellspacing=\"0\">"; print "<tr class=\"bar\"><td>{$bar_title}</td><td align=\"right\"><a href=\"product.php?" . (isset($_GET[category]) ? "category=" . $_GET['category'] : "user="******"&add=1\">Add a Product</a></td></tr>"; if ($db->numrows()) { while ($db->loop()) { print "<tr><td align=\"left\"><a href=\"product.php?" . (isset($_GET[category]) ? "category={$_GET['category']}" : "user={$_GET['user']}") . "&mod=" . $db->result("id"); if (isset($_GET[user])) {
<html> <head> <title>Data Business Systems - Change Address Information</title> <link rel="stylesheet" type="text/css" href="../style.css"> </head> <body> <?php require_once "../inc/dbi.inc"; include "../inc/header.inc"; ?> <h1>Change Address Information</h1> <div style="margin:0 25px 5px 0;" align="right"><a href="index.php">Back to Your Account</a></div> <?php $db = new dbi(); if (isset($_GET['delete'])) { if ($db->query("update order_address set disable = 'y' where id = '" . $_GET['delete'] . "' and account = '{$_SESSION['account_id']}'")) { print "<div align=\"center\" class=\"success\">Address deleted!</div>"; } else { print "<div align=\"center\" class=\"error\">No such address!</div>"; } } if (isset($_GET['modify'])) { $db->query("select * from order_address where account = '" . $_SESSION['account_id'] . "' and id = '" . $_GET['modify'] . "' and disable = 'n' limit 1"); if ($db->numrows()) { if (sizeof($_POST)) { if ($_POST['name'] == "") { $error = "Please specify a Full Name!"; } elseif ($_POST['address1'] == "") { $error = "Please specify an Address!";