if ($db->connect_errno) { header('Location: index.php'); die; } $db->set_charset(DB_CHARSET); /** */ spl_autoload_register(function ($cn) { include IDIR . '/' . str_replace('\\', '/', $cn) . '.php'; }); /** */ include (new \main\load())->language['location']; if (!$GLOBALS['me'] || !\query\payments::plan_exists($_GET['plan'], array('user_view' => ''))) { header('Location: index.php'); die; } $plan = \query\payments::plan_infos($_GET['plan']); try { $gateway = isset($_GET['gateway']) ? $_GET['gateway'] : ''; $payment = new \payment\main($gateway); $thegateway = $payment->gateway_name; $payment->description = 'Purchase plan'; $payment->items[] = array($plan->name, $plan->description, 1, $plan->price); echo '<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <meta name="robots" content="noindex, nofollow">
<ul> <li><a href="?route=payments.php&action=plan_view&type=delete&id=' . $_GET['id'] . '&token=' . $csrf . '" data-delete-msg="' . $LANG['delete_msg'] . '">' . $LANG['delete'] . '</a></li> </ul> </div>'; } echo '<a href="?route=payments.php&action=plan_view" class="btn">' . $LANG['payments_plan_view'] . '</a> </div>'; if (!empty($LANG['pmts_editplan_subtitle'])) { echo '<span>' . $LANG['pmts_editplan_subtitle'] . '</span>'; } echo '</div>'; if ($plan_exists) { if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'payments_csrf')) { if (isset($_POST['name']) && isset($_POST['text']) && isset($_POST['price']) && isset($_POST['credits'])) { if (actions::edit_payment_plan($_GET['id'], array('name' => $_POST['name'], 'description' => $_POST['text'], 'price' => $_POST['price'], 'credits' => $_POST['credits'], 'publish' => isset($_POST['publish']) ? 1 : 0))) { $info = \query\payments::plan_infos($_GET['id']); echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } else { if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'payments_csrf')) { if ($_GET['type'] == 'delete_image') { if (isset($_GET['id'])) { if (actions::delete_payment_plan_image($_GET['id'])) { $info->image = ''; echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; }
public static function delete_payment_plan_image($id) { global $db; if (!$GLOBALS['me']->is_admin) { return false; } $id = (array) $id; $stmt = $db->stmt_init(); $stmt->prepare("UPDATE " . DB_TABLE_PREFIX . "p_plans SET image = '' WHERE id = ?"); foreach ($id as $ID) { if (\query\payments::plan_exists($ID)) { $plan = \query\payments::plan_infos($ID); $stmt->bind_param("i", $ID); $stmt->execute(); if (!empty($plan->image)) { @unlink(DIR . '/' . $plan->image); } } } @$stmt->close(); return true; }