Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/admin_new/mod/ |
<?php
class orderman{
function orderman (){
global $CORE, $TBS;
$TBS->LoadTemplate(ADMIN_PATH."skin/order.html");
switch($CORE->input['code']){
default : $this->goList(); break;
case 'post': $this->goPost(); break;
case 'del': $this->goDel(); break;
}
}
function goList(){
global $CORE, $DB, $TBS, $func;
//echo $CORE->admin_user['ug_id'];
if($_SESSION['error']) $error = 1; unset($_SESSION['error']);
if($_SESSION['state']) $display['name'] = $_SESSION['state']; unset($_SESSION['state']);
$TBS->MergeField('section','list');
$keyword = $CORE->input['keyword'];
//$where = ($keyword !="") ? "WHERE name LIKE '%".$keyword."%'" : "";
$type = ($CORE->input['type']) ? $CORE->input['type'] : '0';
$TBS->MergeField('type',$type);
switch ($type)
{
default : case "0" :
if($CORE->admin_user['ug_id']!=4){
$where_type = "WHERE status='0' AND check_delete='0'";
}else{
$where_type = "WHERE status='0' ";
}
break;
case "1" :
if($CORE->admin_user['ug_id']!=4){
$where_type = "WHERE status='1' AND check_delete='0'";
}else{
$where_type = "WHERE status='1' ";
}
break;
case 'tatca' :
if($CORE->admin_user['ug_id']!=4){
$where_type = "WHERE status <>'' AND check_delete='0'";
}else{
$where_type = "WHERE status <>'' ";
}
break;
case '2' :
$where_type = "WHERE check_delete =1 ";
break;
}
if($type!=""){
$where_type .= ($keyword !="") ? " AND body LIKE '%".$keyword."%' or fullname LIKE '%".$keyword."%'" : "";
}else{
$where_type .= ($keyword !="") ? "WHERE body LIKE '%".$keyword."%' or fullname LIKE '%".$keyword."%'" : "";
}
$_SESSION['dirby'] = ($_SESSION['dirby']==1) ? '0' : '1';
switch ($CORE->input['sortby']){
default : case 'time' : $sortby = ' ORDER BY time DESC'; break;
case 'id' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY id DESC' : ' ORDER BY id'; break;
case 'name' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY fullname DESC' : ' ORDER BY fullname'; break;
case 'cname' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY cname DESC' : ' ORDER BY cname'; break;
case 'package' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY package DESC' : ' ORDER BY package'; break;
case 'period' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY period DESC' : ' ORDER BY period'; break;
case 'status' : $sortby = ($_SESSION['dirby']==1) ? ' ORDER BY status DESC' : ' ORDER BY status'; break;
}
$query = $DB->query("SELECT * FROM NNCCMS_order ".$where_type.$sortby."");
$numrow = $DB->get_num_rows($query);
if($numrow>0){
$display['show'] = 1;
$i=-1;
while($row = $DB->fetch_row($query)){
$i++;
$row['num'] = $i+1;
$row['txtvnd'] = $func->commify($row['vnd']);
$row['txtsub_vnd'] = $func->commify($row['sub_vnd']);
$row['usd'] = round($row['vnd'] / $CORE->vars['exrate'],2);
$row['sub_usd'] = round($row['sub_vnd'] / $CORE->vars['exrate'],2);
$row['time'] = date('h:m d/m/Y',$row['time']);
switch($row['status']){
case '0':
if($row['check_delete'] == 0){
$row['txtstatus'] = '<span style="color:#006600">Chưa xử lý</span>';
}else{
$row['txtstatus'] = 'Failes';
}
break;
case '1':
if($row['check_delete'] == 0){
$row['txtstatus'] = 'Đã xử lý';
}else{
$row['txtstatus'] = 'Failes';
}
break;
}
$list[] = $row;
}
//Phan trang Page num =============================
if (!isset($_GET)) $_GET=&$HTTP_GET_VARS;
$PageNum = (isset($_GET['PageNum'])) ? $_GET['PageNum'] : 1;
$RecCnt = (isset($_GET['RecCnt'])) ? intval($_GET['RecCnt']) : -1;
$PageSize = 20;
include_once(ROOT_PATH.'tbs/tbs_plugin_bypage.php');
$TBS->PlugIn(TBS_BYPAGE, $PageSize,$PageNum,$RecCnt);
$RecCnt = $TBS->MergeBlock('list',$list,'',$PageSize,$PageNum,$RecCnt);
include_once(ROOT_PATH.'tbs/tbs_plugin_navbar.php');
$TBS->PlugIn(TBS_NAVBAR,'nav','',$PageNum,$RecCnt,$PageSize);
}else{
$display['show'] = 0;
}
$display['type'] = $type;
$display['name'] = $keyword;
$sd[] = $display;
$TBS->MergeField('error',$error);
$TBS->MergeBlock('display',$sd);
$TBS->Show(TBS_OUTPUT+TBS_NOTHING);
}
function goPost(){
global $CORE, $DB, $TBS, $print,$func;
$TBS->MergeField('section','post');
if($_SESSION['phantram']!='') $phantram = $_SESSION['phantram'];unset($_SESSION['phantram']);
if(!$CORE->input['bsubmit']){
/*
$id = $CORE->input['id'];
$query = $DB->query("SELECT * FROM NNCCMS_order WHERE `id`='".$id."'");
$row = $DB->fetch_row($query);
$row['time'] = date('d/m/Y',$row['time']);
$row['body'] = html_entity_decode($row['body']);
$row['note'] = html_entity_decode($row['note']);
$post[] = $row;
$TBS->MergeBlock('post',$post);
*/
$id = $CORE->input['id'];
$query = $DB->query("SELECT * FROM NNCCMS_order WHERE id='".$id."'");
$i = -1;
$row = $DB->fetch_row($query);
//check ma giam gia
$row_check = $DB->fetch_row($DB->query("SELECT id,name, magiamgia FROM NNCCMS_user WHERE magiamgia = '".$row['magiamgia']."'"));
if(!$row_check){
$row['magiamgia'] = 'Sai mã giảm giá!';
$row['username'] = '';
}else{
$row['username'] = $row_check['name'];
$row['userid'] = $row_check['id'];
}
$row['status'] = $row['status'] == 0?'Chưa xử lý':'Đã xử lý';
$r_pay = $DB->fetch_row($DB->query("SELECT title FROM NNCCMS_payment WHERE id='".$row['payment']."'"));
$row['txtpayment'] = $r_pay['title'];
$r_trans = $DB->fetch_row($DB->query("SELECT title,price FROM NNCCMS_transfer WHERE id='".$row['transfer']."'"));
$row['txttrans'] = $r_trans['title'];
$row['txtprice'] = ($_SESSION['usd']==1)?$func->commify($r_trans['price']).' USD':$func->commify($r_trans['price']).' VND';
$row['txtname'] = $row['gender']=='Nam'?'Mr '.$row['fullname'] : 'Ms '.$row['fullname'];
$r_city = $DB->fetch_row($DB->query("SELECT * FROM city WHERE ID_city='".$row['city']."'"));
$row['txtcity'] = $r_city['city_name'];
$r_country = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_country WHERE id='".$row['country']."'"));
$row['txtcountry'] = $r_country['title'];
$i++;
$row['num'] = $i+1;
$row['time'] = date('d-m-Y, h:m',$row['time']);
$row['body'] = html_entity_decode($row['body']);
$row['txtvnd'] = $func->commify($row['vnd']);
$row['txtsub_vnd'] = $func->commify($row['sub_vnd']);
$row['usd'] = round($row['vnd'] / $CORE->vars['exrate'],2);
$row['sub_usd'] = round($row['sub_vnd'] / $CORE->vars['exrate'],2);
$row['phantram'] = $phantram;
$succ[] = $row;
$TBS->MergeField('section','success');
$TBS->MergeBlock('post',$succ);
$TBS->MergeBlock('succ',$succ);
$r_user = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_user WHERE id = '".$row['uid']."'"));
$arr_user[] = $r_user;
$TBS->MergeBlock('login',$arr_user);
$TBS->MergeBlock('txtlogin',$arr_user);
$CORE->vars['add_vi'] = html_entity_decode($CORE->vars['add_vi']);
$info[] = $CORE->vars;
$TBS->MergeBlock('info',$info);
$TBS->Show(TBS_OUTPUT+TBS_NOTHING);
}else{
$id = $state['id'] = $CORE->input['postid'];
$status = $state['status'] = $CORE->input['status'];
$note = $state['note'] = $CORE->input['note'];
$phantram = $state['phantram'] = intval($CORE->input['phantram']);
$check_delete = $state['check_delete'] = $CORE->input['check_delete'];
if($status == 1){
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_order WHERE id = '$id'"));
if($row_check['magiamgia']!='' and $row_check['sub_vnd']>200){
//update hitgiamgia
$query_user = $DB->query("SELECT id,percent_giamgia,magiamgiahit,doanhthu,doanhthu_des FROM NNCCMS_user WHERE magiamgia = '".$row_check['magiamgia']."'");
$row_user = $DB->fetch_row($query_user);
if($DB->get_num_rows($query_user)==0){
}else{
$user_id = $row_user['id'];
//update hitgiamgia
$magiamgiahit = $row_user['magiamgiahit']+1;
$doanhthu = $row_user['doanhthu'] + $row_check['sub_vnd']*(2/100);
if($row_user['doanhthu_des']==''){
$doanhthu_des = $row_check['sub_vnd']*(2/100).'@'.time().'@'.'Doanh thu từ mã giảm giá: '.$row_check['magiamgia'];
}else{
$doanhthu_des = $row_user['doanhthu_des'].'!'.$row_check['sub_vnd']*(2/100).'@'.time().'@'.'Doanh thu từ mã giảm giá: '.$row_check['magiamgia'];
}
$DB->query("UPDATE NNCCMS_user SET magiamgiahit = '$magiamgiahit',doanhthu = '$doanhthu',doanhthu_des = '$doanhthu_des' WHERE id = '$user_id' AND magiamgia<>''");
}
}
}
$DB->query("UPDATE `NNCCMS_order` SET `status` = '$status',`check_delete` = '$check_delete',`note` = '$note' WHERE `id`='".$id."'");
$print->redirect ('Đã cập nhật','index.php?act=order&type=tatca');
}
//$_SESSION['error'] = 1;
//$_SESSION['state'] = $postemail;
//return $this->goList();
}
function goDel(){
global $CORE, $DB, $print;
if(!$CORE->input['mass']){
$id = intval($CORE->input['id']);
if($CORE->admin_user['ug_id']==4){
$DB->query("DELETE FROM NNCCMS_order WHERE id = '".$id."'");
}else{
$DB->query("UPDATE NNCCMS_order SET check_delete = 1 WHERE id = '".$id."'");
}
//$DB->query("DELETE FROM NNCCMS_order WHERE id = '".$id."'");
}else{
$selected = explode("|",$CORE->input['ids']);
foreach ( $selected as $k => $v ) {
if($CORE->admin_user['ug_id']==4){
$DB->query("DELETE FROM NNCCMS_order WHERE id = '".$v."'");
}else{
$DB->query("UPDATE NNCCMS_order SET check_delete = 1 WHERE id = '".$v."'");
}
//$DB->query("DELETE FROM NNCCMS_order WHERE id = '".$v."'");
}
}
$url = "index.php?act=order&type=tatca";
$text = "Delete order ....";
$print->redirect ($text,$url);
}
}
$run = new orderman();
?>