-
Notifications
You must be signed in to change notification settings - Fork 33
/
view_basket.php
120 lines (97 loc) · 4.39 KB
/
view_basket.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
// Author : Paul Moore
// Project : In2streams.co Video CMS
include('config/config.php');
if(defined('disable') && disable){
include('noservice.html');
exit;
}
include('functions/db.php');
include('functions/settings.php');
require_once('libs/Smarty.class.php');
include "phpqrcode/qrlib.php";
include('functions/loginaction.php');
if(!isset($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)]))
{
header('Location:login.php?accesscheck='.urlencode('basket.html'));
exit;
}$get_query = new setup;
$db1 = new db;
$db1->connect();
$login = new auth;
$template = $get_query->SetTheme();
$smarty= new smarty();
$content['basket']= $db1->db_query("SELECT * FROM basket WHERE ip=".$db1->GetSQLValueString($_SERVER['REMOTE_ADDR'], "text")." and paid = 'false' ORDER BY id Desc",array (
"name",'price','image','id'
),1000000,0);
$smarty->assign('basket',$content['basket']);
$smarty->assign('logo',logo);
$smarty->assign('slogan','slogan');
if(isset($_GET['delete']) and isset($_GET['id']))
{
$insertSQL = sprintf("Delete from basket where email=%s and ip=%s and id=%s ",
$db1->GetSQLValueString($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)], "text"),
$db1->GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"),
$db1->GetSQLValueString($_GET['id'], "int"));
mysqli_query($GLOBALS['__Connect'],$insertSQL) or die(mysqli_error($GLOBALS['__Connect']));
$smarty->assign('deleted',true);
}
$content['pword']= $db1->db_query("SELECT pword, uname FROM users_db WHERE email=".$db1->GetSQLValueString($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)], "text")."",array (
'pword','uname'
),1000000,0);
//get user info
$insertSQL = sprintf("UPDATE basket set uname =%s,hash=%s,email=%s,pass=%s,mac=%s where ip=%s",
$db1->GetSQLValueString(@$content['pword'][0]['uname'], "text"),
$db1->GetSQLValueString(md5($_SERVER['REMOTE_ADDR'].date('Dmis')), "text"),
$db1->GetSQLValueString($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)], "text"),
$db1->GetSQLValueString(@$content['pword'][0]['pword'] ,"text"),
$db1->GetSQLValueString('none' ,"text"),
$db1->GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));
mysqli_query($GLOBALS['__Connect'],$insertSQL) or die(mysqli_error($GLOBALS['__Connect']));
if(isset($_POST['mac'])){
$insertSQL = sprintf("UPDATE basket set mac=%s where ip=%s",
$db1->GetSQLValueString($_POST['mac'] ,"text"),
$db1->GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));
mysqli_query($GLOBALS['__Connect'],$insertSQL) or die(mysqli_error($GLOBALS['__Connect']));}
$content['basket']= $db1->db_query("SELECT * FROM basket WHERE email=".$db1->GetSQLValueString($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)], "text")." and paid = 'false' ORDER BY id Desc",array (
"name",'price','image','id'
),1000000,0);
$price = 0.0;
if($content['basket'][0]['is_empty'] == 'false'){foreach($content['basket'] as $items)
{
$price += $items['price'];
}
}
$content['ads']['side_bar']= $db1->db_query("SELECT * FROM ads WHERE position='sidebar' ORDER BY id Desc",array (
'code'
),1000000,0);
$content['ads']['top']= $db1->db_query("SELECT * FROM ads WHERE position='top' ORDER BY id Desc",array (
'code'
),1000000,0);
$content['categories']= $db1->db_query("SELECT * FROM categories ORDER BY name ASC",array (
'url'
),1000000,0);
//end account
$content['categories']= $db1->db_query("SELECT * FROM categories ORDER BY name ASC",array (
"name",'url'
),1000000,0);
include('page-titles.php');
$smarty->assign('page_title',$title['basket']);
if(isset($_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)]))
{
$smarty->assign('group',$_SESSION['MM_UserGroup']);
$smarty->assign('user',$_SESSION[sha1($_SERVER['DOCUMENT_ROOT'].site_root)]);
}
$smarty->assign('ads',$content['ads']);
$smarty->assign('totalprice',$price);
$smarty->assign('curency',curency);
$smarty->assign('categories',$content['categories']);
$smarty->assign('basket',$content['basket']);
$smarty->template_dir = 'themes/'.$template;
$smarty->assign('theme_dir',$template);
$smarty->assign('site_root',site_root);
$smarty->assign('sandbox',sandbox);
$smarty->assign('paypal_email',paypal_email);
$smarty->assign('moneycode',moneycode);
$smarty->compile_dir = 'tmp';
$smarty->display('basket.tpl'); ?>