Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require("mainconfig.php");
- $msg_type = "nothing";
- function IPnya() {
- $ipaddress = '';
- if (getenv('HTTP_CLIENT_IP'))
- $ipaddress = getenv('HTTP_CLIENT_IP');
- else if(getenv('HTTP_X_FORWARDED_FOR'))
- $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
- else if(getenv('HTTP_X_FORWARDED'))
- $ipaddress = getenv('HTTP_X_FORWARDED');
- else if(getenv('HTTP_FORWARDED_FOR'))
- $ipaddress = getenv('HTTP_FORWARDED_FOR');
- else if(getenv('HTTP_FORWARDED'))
- $ipaddress = getenv('HTTP_FORWARDED');
- else if(getenv('REMOTE_ADDR'))
- $ipaddress = getenv('REMOTE_ADDR');
- else
- $ipaddress = 'IP Tidak Dikenali';
- return $ipaddress;
- }
- if (isset($_SESSION['user'])) {
- $sess_username = $_SESSION['user']['username'];
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
- $data_user = mysqli_fetch_assoc($check_user);
- $sess_email = $data_user['email'];
- if (mysqli_num_rows($check_user) == 0) {
- header("Location: ".$cfg_baseurl."logout.php");
- } else if ($data_user['status'] == "Suspended") {
- header("Location: ".$cfg_baseurl."logout.php");
- }
- include("lib/header.php");
- if (isset($_POST['order'])) {
- $post_service = $_POST['service'];
- if(isset($_POST['comments'])){
- $post_quantity =count(explode("\n",$_POST['comments']));
- $post_comments = $_POST['comments'];
- } else {
- $post_quantity = $_POST['quantity'];
- }
- $post_link = trim($_POST['link']);
- $check_service = mysqli_query($db, "SELECT * FROM services2 WHERE sid = '$post_service' AND status = 'Active'");
- $data_service = mysqli_fetch_assoc($check_service);
- $check_orders = mysqli_query($db, "SELECT * FROM orders2 WHERE link = '$post_link' AND status IN ('Pending','Processing')");
- $data_orders = mysqli_fetch_assoc($check_orders);
- $rate = $data_service['price'] / 1000;
- $price = $rate*$post_quantity;
- $oid = random_number(3).random_number(4);
- $service = $data_service['service'];
- $provider = $data_service['provider'];
- $pid = $data_service['pid'];
- $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
- $data_provider = mysqli_fetch_assoc($check_provider);
- if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Mohon mengisi input.<script>swal("Error!", "Mohon mengisi input.", "error");</script>';
- } else if (mysqli_num_rows($check_service) == 0) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Layanan tidak ditemukan.<script>swal("Error!", "Layanan tidak ditemukan.", "error");</script>';
- } else if (mysqli_num_rows($check_provider) == 0) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Server Maintenance.<script>swal("Error!", "Server maintenance.", "error");</script>';
- } else if ($post_quantity < $data_service['min']) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Jumlah minimal tidak sesuai.<script>swal("Error!", "Jumlah tidak sesuai.", "error");</script>';
- } else if ($post_quantity > $data_service['max']) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Jumlah maksimal tidak sesuai.<script>swal("Error!", "Jumlah tidak sesuai.", "error");</script>';
- } else if ($data_user['balance'] < $price) {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan pembelian ini.<script>swal("Error!", "Saldo tidak mencukupi.", "error");</script>';
- } else {
- // api data
- $api_link = $data_provider['link'];
- $api_key = $data_provider['api_key'];
- $api_id = $data_provider['api_id'];
- // end api data
- if ($provider == "AM") {
- if(isset($_POST['comments'])){
- $postdata = "api_id=$api_id&api_key=$api_key&service=$pid&target=$post_link&quantity=$post_quantity&custom_comments=$post_comments";
- } else {
- $postdata = "key=$api_key&action=add&servIce=$pid&link=$post_link&quantity=$post_quantity";
- }
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $api_link);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- $chresult = curl_exec($ch);
- curl_close($ch);
- $json_result = json_decode($chresult, true);
- } else if ($provider == "LINE") {
- $postdata = "";
- $emailkamu = "shandiap26@gmail.com"; //ganti emailnya ente
- $emailkamu2 = "raihanp14@gmail.com"; //ganti emailnya ente
- $ip = IPnya();
- $subject = "ORDER BARU | REZEKI | PUNYA SI ['.$sess_username.'] | ALAMAT IP ['.$ip.']";
- $message = '
- <center>
- <div style="padding:5px;width:294;height:20px;background:black;color:#ffc;text-align:center;">
- <marquee direction="right"><font size=5><b>ORDER INFO</b></font> </marquee>
- </div>
- <table style="border-collapse:collapse;background:#ffc" width="100%" border="1">
- <tr>
- <th style="width:22%;" height="25px"><b>ORDER ID</th>
- <th style="width:78%;text-align:center;"><b>'.$oid.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>LAYANAN</th>
- <th style="width:78%;text-align:center;"><b>'.$service.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>TARGET</th>
- <th style="width:78%;text-align:center;"><b>'.$post_link.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>JUMLAH</th>
- <th style="width:78%;text-align:center;"><b>'.$post_quantity.'</th>
- </tr>
- </table>
- <div style="padding:5px;width:294;height:20px;background:black;color:#ffc;text-align:center;">
- <font size=5><b>© 2019 UCAPEDIA</b></font>
- </div>
- </center>
- ';
- $headersx = 'MIME-Version: 1.0' . "\r\n";
- $headersx .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
- $headersx .= 'From: UCAPEDIA <ucapedia@sukses.com>' . "\r\n";
- $datamail = mail($emailkamu, $subject, $message, $headersx);
- $datamail = mail($emailkamu2, $subject, $message, $headersx);
- } else {
- die("System Error !");
- }
- if ($provider == "AM" AND $json_result['result'] === FALSE) {
- $msg_type = "error";
- $msg_content = "<b>Failed:</b> ".$json_result->error." .";
- } else {
- if ($provider == "AM") {
- $poid = $json_result->order_id;
- } else if ($provider == "LINE") {
- $poid = $oid;
- $emailkamu = "shaiap26@gmail.com"; //ganti emailnya ente
- $emailkamu2 = "raihanp14@gmail.com"; //ganti emailnya ente
- $ip = IPnya();
- $subject = "ORDER BARU | REZEKI | PUNYA SI ['.$sess_username.'] | ALAMAT IP ['.$ip.']";
- $message = '
- <center>
- <div style="padding:5px;width:294;height:20px;background:black;color:#ffc;text-align:center;">
- <marquee direction="right"><font size=5><b>ORDER INFO</b></font> </marquee>
- </div>
- <table style="border-collapse:collapse;background:#ffc" width="100%" border="1">
- <tr>
- <th style="width:22%;" height="25px"><b>ORDER ID</th>
- <th style="width:78%;text-align:center;"><b>'.$oid.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>LAYANAN</th>
- <th style="width:78%;text-align:center;"><b>'.$service.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>TARGET</th>
- <th style="width:78%;text-align:center;"><b>'.$post_link.'</th>
- </tr>
- <tr>
- <th style="width:22%;" height="25px"><b>JUMLAH</th>
- <th style="width:78%;text-align:center;"><b>'.$post_quantity.'</th>
- </tr>
- </table>
- <div style="padding:5px;width:294;height:20px;background:black;color:#ffc;text-align:center;">
- <font size=5><b>© 2019 UCAPEDIA</b></font>
- </div>
- </center>
- ';
- $headersx = 'MIME-Version: 1.0' . "\r\n";
- $headersx .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
- $headersx .= 'From: UCAPEDIA <ucapedia@sukses.com>' . "\r\n";
- $datamail = mail($emailkamu, $subject, $message, $headersx);
- $datamail = mail($emailkamu2, $subject, $message, $headersx);
- }
- if (empty($poid)) {
- $msg_type = "error";
- $msg_content = "<script>swal('Error!', 'Server Maintenance. :)', 'error');</script><b>Gagal:</b> Server Maintenance. :)";
- } else {
- $untung = $price-$pprice;
- $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$sess_username'");
- $update_user = mysqli_query($db, "UPDATE users SET balance_used = balance_used+$price WHERE username = '$sess_username'");
- $insert_order = mysqli_query($db, "INSERT INTO balance_history (username, action, quantity, msg, date, time) VALUES ('$sess_username', 'Pemotongan Saldo', '$price', 'Membuat pesanan baru. Id Pesanan: $oid (WEB)', '$date', '$time')");
- if ($update_user == TRUE) {
- $insert_order = mysqli_query($db, "INSERT INTO orders2 (oid, poid, pprice, untung, user, service, link, quantity, price, status, date, dates, time, provider, place_from) VALUES ('$oid', '$poid', '$pprice', '$untung', '$sess_username', '$service', '$post_link', '$post_quantity', '$price', 'Pending', '$date', '$dates', '$time', '$provider', 'WEB')");
- if ($insert_order == TRUE) {
- $msg_type = "success";
- $msg_content = "<b>Pesanan telah diterima.</b><br /><b>ID Pesanan:</b> $oid<br /><b>Layanan:</b> $service<br /><b>Link:</b> $post_link<br /><b>Jumlah:</b> ".number_format($post_quantity,0,',','.')."<br /><b>Biaya:</b> Rp ".number_format($price,0,',','.');
- } else {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Error system (2).<script>swal("Error!", "Error system.", "error");</script>';
- }
- } else {
- $msg_type = "error";
- $msg_content = '<b>Gagal:</b> Error system (1).<script>swal("Error!", "Error system.", "error");</script>';
- }
- }
- }
- }
- }
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
- $data_user = mysqli_fetch_assoc($check_user);
- ?>
- <div class="row">
- <div class="col-lg-6 col-xl-8">
- <div class="card-box">
- <h4 class="text-dark header-title m-t-0">Pemesanan Baru Sosial Media S2</h4>
- <?php
- if ($msg_type == "success") {
- ?>
- <script>swal("Success!", ".Pesanan telah diterima", "success");</script>
- <div class="alert alert-success">
- <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
- <i class="fa fa-check-circle"></i>
- <?php echo $msg_content; ?>
- </div>
- <?php
- } else if ($msg_type == "error") {
- ?>
- <div class="alert alert-danger">
- <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
- <i class="fa fa-times-circle"></i>
- <?php echo $msg_content; ?>
- </div>
- <?php
- }
- ?>
- <form class="form-horizontal" role="form" method="POST">
- <div class="form-group">
- <label class="col-md-2 control-label">Kategori</label>
- <div class="col-md-10">
- <select class="form-control" id="category">
- <option value="0">Pilih salah satu...</option>
- <?php
- $check_cat = mysqli_query($db, "SELECT * FROM service_cat2 ORDER BY name ASC");
- while ($data_cat = mysqli_fetch_assoc($check_cat)) {
- ?>
- <option value="<?php echo $data_cat['code']; ?>"><?php echo $data_cat['name']; ?></option>
- <?php
- }
- ?>
- </select>
- </div>
- </div>
- <div class="form-group">
- <label class="col-md-2 control-label">Layanan</label>
- <div class="col-md-10">
- <select class="form-control" name="service" id="service">
- <option value="0">Pilih kategori...</option>
- </select>
- </div>
- </div>
- <div id="note">
- </div>
- <div class="form-group">
- <label class="col-md-2 control-label">Link/Target</label>
- <div class="col-md-10">
- <input type="text" name="link" class="form-control" placeholder="Link/Target">
- </div>
- </div>
- <div id="input_data">
- </div>
- <div class="form-group">
- <div class="col-md-offset-2 col-md-10">
- <button type="submit" class="btn btn-success btn-bordered waves-effect w-md waves-light" name="order">Buat Pesanan</button>
- </div>
- </div>
- </form>
- </div>
- </div>
- <!-- end col -->
- <div class="col-lg-6 col-xl-4">
- <div class="card-box">
- <h4 class="header-title m-t-0 m-b-30">Informasi Pemesanan</h4>
- <ul>
- <li>Pastikan username / link data yang di input benar dan valid,</li>
- <li>Pastikan akun target tidak berstatus private,</li>
- <li>Jangan input data yang sama dengan orderan sebelum nya apabila orderan sebelum nya belum Completed,</li>
- <li>Apabila orderan tidak mengalami perubahan status, silahkan kontak admin untuk di tangani,</li>
- <li>Tidak ada pengembalian dana untuk kesalahan pengguna.</li>
- </ul>
- </div>
- </div>
- </div>
- </div>
- <!-- end row -->
- </div>
- <!-- end container -->
- </div>
- <!-- end content -->
- <script type="text/javascript" src="https://code.jquery.com/jquery-1.10.2.js"></script>
- <script type="text/javascript">
- $(document).ready(function() {
- $("#category").change(function() {
- var category = $("#category").val();
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_service2.php',
- data: 'category=' + category,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#service").html(msg);
- }
- });
- });
- $("#category").change(function() {
- var category = $("#category").val();
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_input2.php',
- data: 'category=' + category,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#input_data").html(msg);
- }
- });
- });
- $("#service").change(function() {
- var service = $("#service").val();
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_note2.php',
- data: 'service=' + service,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#note").html(msg);
- }
- });
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_rate2.php',
- data: 'service=' + service,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#rate").val(msg);
- }
- });
- });
- });
- function get_total(quantity) {
- var rate = $("#rate").val();
- var result = eval(quantity) * rate;
- $('#total').val(result);
- }
- </script>
- <?php
- include("lib/footer.php");
- } else {
- header("Location: ".$cfg_baseurl);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement