Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require("mainconfig.php");
- if (isset($_SESSION['user'])) {
- $sess_username = $_SESSION['user']['username'];
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
- $data_user = mysqli_fetch_assoc($check_user);
- if (mysqli_num_rows($check_user) == 0) {
- header("Location: ".$cfg_baseurl."logout.php");
- } else if ($data_user['status'] == "Suspended") {
- header("Location: ".$cfg_baseurl."logout.php");
- }
- include("lib/header.php");
- $msg_type = "nothing";
- if (isset($_POST['order'])) {
- $post_service = $_POST['service'];
- $post_quantity = $_POST['quantity'];
- $post_link = trim($_POST['link']);
- $check_service = mysqli_query($db, "SELECT * FROM services WHERE sid = '$post_service' AND status = 'Active'");
- $data_service = mysqli_fetch_assoc($check_service);
- $rate = $data_service['price'] / 1000;
- $price = $rate*$post_quantity;
- $oid = random_number(7);
- $service = $data_service['service'];
- $provider = $data_service['provider'];
- $pid = $data_service['pid'];
- $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
- $data_provider = mysqli_fetch_assoc($check_provider);
- if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Mohon isi semua Data.";
- } else if (mysqli_num_rows($check_service) == 0) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Layanan tidak ditemukan.";
- } else if (mysqli_num_rows($check_provider) == 0) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Server Maintenance.";
- } else if ($post_quantity < $data_service['min']) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Jumlah Minimal adalah ".$data_service['min'].".";
- } else if ($post_quantity > $data_service['max']) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Jumlah Maksimal adalah ".$data_service['max'].".";
- } else if ($data_user['balance'] < $price) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan Pesanan.";
- } else {
- // api data
- $api_link = $data_provider['link'];
- $api_key = $data_provider['api_key'];
- // end api data
- if ($provider == "MANUAL") {
- $api_postdata = "";
- } else if ($provider !== "RIVAL") {
- $api_postdata = "api=$api_key&action=add&service=$pid&link=$post_link&quantity=$post_quantity";
- } else {
- die("System Error!");
- }
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$api_link");
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $api_postdata);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- $chresult = curl_exec($ch);
- curl_close($ch);
- $json_result = json_decode($chresult, true);
- if ($provider !== "RIVAL" AND $json_result['status']['error'] == TRUE) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Server Maintenance (1).";
- } else {
- if ($provider !== "RIVAL") {
- $poid = $json_result['data']['order_id'];
- } else if ($provider == "MANUAL") {
- $poid = $oid;
- }
- $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$sess_username'");
- if ($update_user == TRUE) {
- $insert_order = mysqli_query($db, "INSERT INTO orders (oid, poid, user, service, link, quantity, price, status, date, provider, place_from) VALUES ('$oid', '$poid', '$sess_username', '$service', '$post_link', '$post_quantity', '$price', 'Pending', '$date', '$provider', 'WEB')");
- if ($insert_order == TRUE) {
- $msg_type = "success";
- $msg_content = "<b>Pesanan telah diterima.</b><br /><b>Layanan:</b> $service<br /><b>Link/Target:</b> $post_link<br /><b>Jumlah:</b> ".number_format($post_quantity,0,',','.')."<br /><b>Harga:</b> Rp ".number_format($price,0,',','.');
- } else {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Error System (2).";
- }
- } else {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Error System (1).";
- }
- }
- }
- }
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
- $data_user = mysqli_fetch_assoc($check_user);
- ?>
- <div class="row page-titles">
- <div class="col-md-15 col-20 align-self-center">
- <h3 class="text-themecolor"><?php echo $cfg_webname; ?></h3>
- <ol class="breadcrumb">
- <li class="breadcrumb-item"><a href="<?php echo $cfg_baseurl; ?>">Pemesanan</a></li>
- <li class="breadcrumb-item active">Pesanan Baru</li>
- </ol>
- </div>
- </div>
- <div class="row">
- <div class="card card-outline-info">
- <div class="card-header">
- <h4 class="m-b-0 text-white">Pesanan Baru</h4></div>
- <div class="card-body">
- <?php
- if ($msg_type == "success") {
- ?>
- <div class="alert alert-success"><?php echo $msg_content; ?>
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">×</span> </button>
- </div>
- <?php
- } else if ($msg_type == "error") {
- ?>
- <div class="alert alert-danger"><?php echo $msg_content; ?>
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">×</span> </button>
- </div>
- <?php
- }
- ?>
- <form class="form-horizontal" role="form" method="POST">
- <div class="form-group">
- <label>Kategori</label>
- <select class="form-control" id="category">
- <option value="0">Pilih salah satu...</option>
- <?php
- $check_cat = mysqli_query($db, "SELECT * FROM service_cat ORDER BY name ASC");
- while ($data_cat = mysqli_fetch_assoc($check_cat)) {
- ?>
- <option value="<?php echo $data_cat['code']; ?>"><?php echo $data_cat['name']; ?></option>
- <?php
- }
- ?>
- </select>
- </div>
- <div class="form-group">
- <label>Layanan</label>
- <select class="form-control" name="service" id="service">
- <option value="0">Pilih kategori...</option>
- </select>
- </div>
- <div id="note">
- </div>
- <div class="form-group">
- <label>Link/Target</label>
- <input type="text" name="link" class="form-control" placeholder="Link/Target">
- </div>
- <input type="hidden" id="rate" value="0">
- <div class="form-group">
- <label>Jumlah</label>
- <input type="number" name="quantity" class="form-control" placeholder="Jumlah" onkeyup="get_total(this.value).value;">
- </div>
- <input type="hidden" id="rate" value="0">
- <div class="form-group">
- <label>Total Harga</label>
- <input type="number" class="form-control" id="total" readonly>
- </div>
- <button type="submit" class="pull-right btn btn-success btn-bordered waves-effect w-md waves-light" name="order">Buat Pesanan</button>
- </form>
- </div>
- </div>
- </div>
- <div class="card card-outline-info">
- <div class="card-header">
- <h4 class="m-b-0 text-white">Informasi</h4></div>
- <div class="card-body"> <ul>
- <li>Masukkan Link/Target yang benar.</li>
- <li>Akun target harus bersifat Publik/tidak Private.</li>
- <li>Jika Memesan Followers, Link/Target tidak memakai @.</li>
- </ul>
- </div>
- </div>
- </div>
- <!-- end row -->
- <?php
- include("lib/footer.php");
- } else {
- header("Location: ".$cfg_baseurl);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement