Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require("../mainconfig.php");
- if (isset($_SESSION['user'])) {
- $sess_username = $_SESSION['user']['username'];
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
- $data_user = mysqli_fetch_assoc($check_user);
- if (mysqli_num_rows($check_user) == 0) {
- header("Location: ".$cfg_baseurl."logout.php");
- } else if ($data_user['status'] == "Suspended") {
- header("Location: ".$cfg_baseurl."logout.php");
- }
- include("../lib/header.php");
- $msg_type = "nothing";
- if (isset($_POST['order'])) {
- $post_service = mysqli_real_escape_string($db, trim(stripslashes(strip_tags(htmlspecialchars($_POST['service'],ENT_QUOTES)))));
- $post_quantity = mysqli_real_escape_string($db, trim(stripslashes(strip_tags(htmlspecialchars($_POST['quantity'],ENT_QUOTES)))));
- $post_link = mysqli_real_escape_string($db, trim(stripslashes(strip_tags(htmlspecialchars($_POST['link'],ENT_QUOTES)))));
- $post_comments = $_POST['comment'];
- $post_cuslink = mysqli_real_escape_string($db, trim(stripslashes(strip_tags(htmlspecialchars($_POST['cuslink'],ENT_QUOTES)))));
- function generateOrderId($length = 8) {
- $characters = '1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
- $check_service = mysqli_query($db, "SELECT * FROM services WHERE id = '$post_service' AND status = 'Active'");
- $data_service = mysqli_fetch_assoc($check_service);
- $check_orders = mysqli_query($db, "SELECT * FROM orders WHERE link = '$post_link' AND status IN ('Pending','Processing')");
- $data_orders = mysqli_fetch_assoc($check_orders);
- $rate = $data_service['price'] / 1000;
- $hitung = count(explode(PHP_EOL, $post_comments));
- $mmekdusu = str_replace("\r\n",'\r\n', $post_comments);
- if (!empty($post_comments)) {
- $post_quantity = $hitung;
- } else {
- $post_quantity = $post_quantity;
- }
- // $price = $rate*$post_quantity;
- if (!empty($post_comments)) {
- $price = $rate*$hitung;
- } else {
- $price = $rate*$post_quantity;
- }
- $oid = generateOrderId();
- $service = $data_service['service'];
- $provider = $data_service['provider'];
- $pid = $data_service['pid'];
- $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
- $data_provider = mysqli_fetch_assoc($check_provider);
- if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Mohon mengisi input.";
- } else if (mysqli_num_rows($check_service) == 0) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Layanan tidak ditemukan.";
- } else if (mysqli_num_rows($check_provider) == 0) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Server Maintenance.";
- } else if ($post_quantity < $data_service['min']) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Jumlah minimal adalah ".$data_service['min'].".";
- } else if ($post_quantity > $data_service['max']) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Jumlah maksimal adalah ".$data_service['max'].".";
- } else if ($data_user['balance'] < $price) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan pembelian ini.";
- } else {
- // api data
- $api_link = $data_provider['link'];
- $api_key = $data_provider['api_key'];
- // end api data
- if ($provider == "SI") {
- $postdata = "api_id=1208&api_key=$api_key&service=$pid&target=$post_link&quantity=$post_quantity&custom_comments=$post_comments&custom_link=$post_cuslink";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $api_link);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- $chresult = curl_exec($ch);
- curl_close($ch);
- $json_result = json_decode($chresult, true);
- } else if ($provider == "SM") {
- $postdata = "api_key=$api_key&action=order&service=$pid&data=$post_link&quantity=$post_quantity";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$api_link");
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- $chresult = curl_exec($ch);
- curl_close($ch);
- $json_result = json_decode($chresult, true);
- } else if ($provider == "BP") {
- $postdata = "pin=PINKEAMANAN&key=$api_key&action=pesan&service=$pid&link=$post_link&quantity=$post_quantity";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$api_link");
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- $chresult = curl_exec($ch);
- curl_close($ch);
- $json_result = json_decode($chresult, true);
- } else {
- die("System Error!");
- }
- if ($provider == "SI" AND $json_result['status'] == FALSE) {
- $msg_type = "error";
- $msg_content = "<b>Failed:</b> ".$json_result['data'].", Hubungi Admin";
- } else if ($provider == "SM" AND $json_result['status'] == FALSE) {
- $msg_type = "error";
- $msg_content = "<b>Failed:</b> ".$json_result['data']['msg'].", Hubungi Admin";
- } else if ($provider == "BP" AND $json_result['status'] == FALSE) {
- $msg_type = "error";
- $msg_content = "<b>Failed:</b> ".$json_result['error'].", Hubungi Admin";
- } else {
- if ($provider == "SI") {
- $poid = $json_result['data']['id'];
- } else if ($provider == "SM") {
- $poid = $json_result['data']['id'];
- } else if ($provider == "BP") {
- $poid = $json_result['order_id'];
- }
- $update_user = mysqli_query($db, "UPDATE users SET balance = balance - $price WHERE username = '$sess_username'");
- $update_user = mysqli_query($db, "UPDATE users SET balance_used = balance_used + $price WHERE username = '$sess_username'");
- if ($update_user == TRUE) {
- $insert_balance = mysqli_query($db, "INSERT INTO balance_history (username, action, quantity, msg, date, time) VALUES ('$sess_username', 'Pemotongan Saldo', '$price', 'Membuat pesanan baru. Id Pesanan: $oid (WEB)', '$date', '$time')");
- if ($insert_balance == TRUE) {
- $insert_order = mysqli_query($db, "INSERT INTO orders (oid, poid, user, service, link, quantity, price, status, date, provider, place_from) VALUES ('$oid', '$poid', '$sess_username', '$service', '$post_link', '$post_quantity', '$price', 'Pending', '$date', '$provider', 'WEB')");
- $insert_order = mysqli_query($db, "UPDATE hof_pembelian SET pembelian = pembelian + $price WHERE username = '$sess_username'");
- $insert_order = mysqli_query($db, "UPDATE hof_pembelian SET jumlah = jumlah + 1 WHERE username = '$sess_username'");
- if ($insert_order == TRUE) {
- $msg_type = "success";
- $msg_content = "<b>Pesanan telah diterima.</b><br /><b>Layanan:</b> $service<br /><b>Link:</b> $post_link<br /><b>Jumlah:</b> ".number_format($post_quantity,0,',','.')."<br /><b>Biaya:</b> Rp ".number_format($price,0,',','.');
- } else {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Error system (2).";
- }
- } else {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Error system (1).";
- }
- } else {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Error system (3)";
- }
- }
- }
- }
- ?>
- <div class="row">
- <div class="col-lg-6">
- <div class="panel panel-color panel-default">
- <div class="panel-heading">
- <i class="fa fa-shopping-cart"></i> Pemesanan Baru
- </div>
- <div class="panel-body">
- <?php
- if ($msg_type == "success") {
- ?>
- <div class="alert alert-icon alert-success alert-dismissible fade in" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close">
- <span aria-hidden="true">×</span>
- </button>
- <i class="fa fa-check-circle"></i>
- <?php echo $msg_content; ?>
- </div>
- <?php
- } else if ($msg_type == "error") {
- ?>
- <div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close">
- <span aria-hidden="true">×</span>
- </button>
- <i class="fa fa-times-circle"></i>
- <?php echo $msg_content; ?>
- </div>
- <?php
- }
- ?>
- <form class="form-horizontal" method="POST">
- <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>" />
- <div class="form-group">
- <label class="col-sm-3 control-label">Kategori</label>
- <div class="col-sm-9">
- <select class="form-control" id="category">
- <option value="0">Pilih salah satu</option>
- <?php
- $check_cat = mysqli_query($db, "SELECT * FROM service_cat ORDER BY name ASC");
- while ($data_cat = mysqli_fetch_assoc($check_cat)) {
- ?>
- <option value="<?php echo $data_cat['code'];?>"><?php echo $data_cat['name'];?></option>
- <?php
- }
- ?>
- </select>
- </div>
- </div>
- <div class="form-group">
- <label class="col-sm-3 control-label">Layanan</label>
- <div class="col-sm-9">
- <select class="form-control" name="service" id="service">
- <option value="0">Pilih salah satu</option>
- </select>
- </div>
- </div>
- <div class="form-group">
- <div class="col-sm-offset-3 col-sm-9">
- <div id="note"></div>
- </div>
- </div>
- <div class="form-group">
- <label class="col-sm-3 control-label">Link/Target</label>
- <div class="col-sm-9">
- <input class="form-control" name="link" type="text"/>
- </div>
- </div>
- <div id="custom_comment" style="display: none;">
- <div class="form-group row">
- <label class="col-form-label col-md-2">Comment</label>
- <div class="col-md-12">
- <textarea class="form-control" name="comment" id="comments" placeholder="Pisahkan Tiap Baris komentar dengan enter"></textarea>
- </div>
- </div>
- </div>
- <div id="custom_link" style="display: none;">
- <div class="form-group row">
- <label class="col-form-label col-md-2">URL Post</label>
- <div class="col-md-12">
- <input type="text" name="cuslink" class="form-control" placeholder="URL Post">
- </div>
- </div>
- </div>
- <div class="form-group">
- <label class="col-sm-3 control-label">Jumlah</label>
- <div class="col-sm-9">
- <input class="form-control" name="quantity" id ="quantity" type="number" onkeyup="get_total(this.value).value;"/>
- </div>
- </div>
- <input type="hidden" id="rate" value="0"/>
- <div class="form-group">
- <label class="col-sm-3 control-label">Total Harga Jasa</label>
- <div class="col-sm-9">
- <input class="form-control" type="number" id="total" readonly/>
- </div>
- </div>
- <div class="form-group">
- <div class="col-sm-offset-3 col-sm-9">
- <button type="submit" class="btn btn-primary pull-right" name="order">Order</button>
- </div>
- </div>
- </form>
- </div>
- </div>
- </div>
- <div class="col-lg-6">
- <div class="panel panel-color panel-default">
- <div class="panel-heading">
- <i class="fa fa-info-circle"></i> Informasi Pemesanan
- </div>
- <div class="panel-body">
- <center><b>WAJIB BACA!!<br/>PERATURAN SEBELUM ORDER</b></center><br/>
- <ol class="list-p"><b>
- <li><b>Jangan menggunakan lebih dari satu layanan sekaligus untuk username/link yang sama. Harap tunggu status <span class="label label-success">Completed</span></b></li>
- <li><b>Setelah order dimasukan, jika username/link yang diinput harus berifat publik / tidak private, kami tidak akan mengembalikan. Pastikan Anda memasukkan data yang benar, karena kami tidak akan lagi membatalkan pesanan.</b></li>
- <li><b>Perhatikan min/max dalam mengorder, karena order tidak akan jalan bila min/max kekurangan/melebihi.</b></li>
- <li><b>Kesalahan member, bukan tanggung jawab admin, karena panel ini serba automatis, jadi hati-hati dan perhatiakan sebelum order!</b></li>
- <li><b>Jika Orderan status <span class="label label-danger">Partial</span> & <span class="label label-danger">Canceled</span> Harap Lapor admin untuk di Re-order!</b></li>
- <li><b>Jika Pesanan belum selesai, dalam waktu 1x24Jam silakan hubungi Admin!</b></li>
- </ol></b>
- </div>
- </div>
- </div>
- </div>
- <script type="text/javascript" src="https://code.jquery.com/jquery-1.10.2.js"></script>
- <script type="text/javascript">
- $(document).ready(function() {
- $("#category").change(function() {
- var category = $("#category").val();
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_service.php',
- data: 'category=' + category,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#service").html(msg);
- }
- });
- });
- $("#service").change(function() {
- var service = $("#service").val();
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_note.php',
- data: 'service=' + service,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#note").html(msg);
- }
- });
- $.ajax({
- url: '<?php echo $cfg_baseurl; ?>inc/order_rate.php',
- data: 'service=' + service,
- type: 'POST',
- dataType: 'html',
- success: function(msg) {
- $("#rate").val(msg);
- }
- });
- });
- });
- $("#service").change(function() {
- var selectedCountry = $("#service option:selected").text();
- if (selectedCountry.indexOf('Custom') !== -1 || selectedCountry.indexOf('custom') !== -1) {
- document.getElementById("custom_comment").style.display = "block";
- document.getElementById("custom_link").style.display = "none";
- } else if (selectedCountry.indexOf('komentar') !== -1 || selectedCountry.indexOf('Komentar') !== -1) {
- document.getElementById("custom_comment").style.display = "none";
- document.getElementById("custom_link").style.display = "block";
- } else {
- document.getElementById("custom_comment").style.display = "none";
- document.getElementById("custom_link").style.display = "none";
- }
- });
- $('#comments').on('keyup', function() {
- var rate = $("#rate").val();
- custom_comments = $('#comments').val().split("\n");
- quantity = custom_comments.length;
- var result = eval(quantity) * rate;
- $('#quantity').val(quantity);
- $('#total').val(result);
- });
- function get_total(quantity) {
- var rate = $("#rate").val();
- var result = eval(quantity) * rate;
- $('#total').val(result);
- }
- </script>
- <?php
- include("../lib/footer.php");
- } else {
- header("Location: ".$cfg_baseurl);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement