sc

1. <?php
2. session_start();
3. require("../mainconfig.php");
4.  
5. if (isset($_SESSION['user'])) {
6. $sess_username = $_SESSION['user']['username'];
7. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
8. $data_user = mysqli_fetch_assoc($check_user);
9. if (mysqli_num_rows($check_user) == 0) {
10. header("Location: ".$cfg_baseurl."logout.php");
11. } else if ($data_user['status'] == "Suspended") {
12. header("Location: ".$cfg_baseurl."logout.php");
13. }
14.  
15. include("../lib/header.php");
16. $msg_type = "nothing";
17.  
18. if (isset($_POST['order'])) {
19. $post_service = $_POST['service'];
20. $post_phone = $_POST['phone'];
21. $post_nometer = $_POST['nometer'];
22.  
23.  
24. $check_service = mysqli_query($db, "SELECT * FROM services_pulsa WHERE id = '$post_service' AND status = 'Active'");
25. $data_service = mysqli_fetch_assoc($check_service);
26.  
27. $price = $data_service['price'];
28. $service = $data_service['name'];
29. $service_code = $data_service['pid'];
30. $provider = $data_service['provider'];
31.  
32. $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
33. $data_provider = mysqli_fetch_assoc($check_provider);
34.  
35.  
36. if (empty($post_service) || empty($post_phone)) {
37. $msg_type = "error";
38. $msg_content = "<b>Gagal:</b> Mohon mengisi input.";
39. } else if (mysqli_num_rows($check_service) == 0) {
40. $msg_type = "error";
41. $msg_content = "<b>Gagal:</b> Layanan tidak ditemukan.";
42. } else if ($data_user['balance'] < $price) {
43. $msg_type = "error";
44. $msg_content = "<b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan pembelian ini.";
45. } else {
46. // api data
47. $link = $data_provider['link'];
48. $key = $data_provider['api_key'];
49. // end api data
50. if ($provider == "MANUAL") {
51. $api_postdata = "";
52. } else if ($provider == "DPEDIA") {
53. $order_postdata = "api_key=$api_key&service=$pid&phone=$post_phone&phone2=$post_phone2";
54. $ch = curl_init();
55. curl_setopt($ch, CURLOPT_URL, "https://serverh2h.net/order/pulsa");
56. curl_setopt($ch, CURLOPT_POST, 1);
57. curl_setopt($ch, CURLOPT_POSTFIELDS, $order_postdata);
58. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
59. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
60. $chresult = curl_exec($ch);
61. $json_result = json_decode($chresult, true);
62.  
63. } else {
64. die("System Error!");
65. }
66.  
67.  
68.  
69. if ($json_result['result'] == FALSE) {
70. $msg_type = "error";
71. $msg_content = "<b>Gagal:</b> SERVER SEDANG $chresult.";
72. } else {
73. if($provider == "DPEDIA"){
74. $poid = $json_result['data']['order_id'];
75. $catatan = $json_result['message'];
76. $oid = random_number(5);
77.  
78.  
79. }
80. $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$sess_username'");
81. if ($update_user == TRUE) {
82. $insert_order = mysqli_query($db, "INSERT INTO balance_history (user, type, jenis, quantity, msg, date) VALUES ('$sess_username', '-', 'Pemotongan Saldo', '$price', 'Membuat pesanan, ID : ".$oid."', '$date $time')");
83. $insert_order = mysqli_query($db, "INSERT INTO `orders_pulsa` (`poid`, `oid`, `user`, `service`, `catatan`, `price`, `modal`, `untung`, `phone`, `status`, `date`, `provider`, `place_from`, `refund`) VALUES ('$poid', '$oid', '$sess_username', '$service', '$catatan', '$price', '$price', '0', '$post_phone', 'Pending', '$date $time', '$provider', 'WEB', '0')");
84. if ($insert_order == TRUE) {
85. $msg_type = "success";
86. $msg_content = "<b>Pesanan telah diterima.</b><br /><b>Order ID:</b> $oid<br /><b>Layanan:</b> $service<br /><b>NO. Telp:</b> $post_phone<br /><b>Biaya:</b> Rp ".number_format($price,0,',','.');
87. } else {
88. $msg_type = "error";
89. $msg_content = "<b>Gagal:</b> Error system (2).";
90. }
91. } else {
92. $msg_type = "error";
93. $msg_content = "<b>Gagal:</b> Error system (1).";
94. }
95. }
96. }
97. }
98.  
99. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
100. $data_user = mysqli_fetch_assoc($check_user);
101.  
102. /////////////////////////////////////////
103.  
104. ?>
105. <div class="row bg-title">
106. <div class="col-lg-12">
107. <h4 class="page-title">Pesanan Pulsa</h4>
108. <ol class="breadcrumb">
109. <li>
110. <a href="<?php echo $cfg_baseurl; ?>"><?php echo $cfg_webname; ?></a>
111. </li>
112. <li class="active">Pesanan Pulsa</li>
113. </ol>
114. </div>
115. <!-- /.col-lg-12 -->
116. </div>
117. <div class="row">
118. <div class="col-md-7">
119. <div class="card">
120. <div class="card-heading card-primary">
121. Pesanan Pulsa
122. </div>
123. <div class="card-block">
124. <?php
125. if ($msg_type == "success") {
126. ?>
127. <div class="alert alert-success">
128. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
129. <i class="fa fa-check-circle"></i>
130. <?php echo $msg_content; ?>
131. </div>
132. <?php
133. } else if ($msg_type == "error") {
134. ?>
135. <div class="alert alert-danger">
136. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
137. <i class="fa fa-times-circle"></i>
138. <?php echo $msg_content; ?>
139. </div>
140. <?php
141. }
142. ?>
143. <form class="form-horizontal" role="form" method="POST">
144. <div class="form-group">
145. <label>Operator</label>
146. <select class="form-control" id="pulsa">
147. <option value="0">Select one...</option>
148. <?php
149. $check_cat = mysqli_query($db, "SELECT * FROM service_cat_pulsa ORDER BY name ASC");
150. while ($data_cat = mysqli_fetch_assoc($check_cat)) {
151. ?>
152. <option value="<?php echo $data_cat['code']; ?>"><?php echo $data_cat['name']; ?></option>
153. <?php
154. }
155. ?>
156. </select>
157. </div>
158.  
159. <div class="form-group">
160. <label>Layanan</label>
161. <select class="form-control" id="listpulsa" name="service"">
162. <option value="0">Select one...</option>
163. </select>
164. </div>
165.  
166. <div class="form-group">
167. <label>Nomor Telepon</label>
168. <input type="text" name="phone" class="form-control" placeholder="No. Telp">
169. </div>
170.  
171. <div class="form-group">
172. <label>Total Harga</label>
173.  
174. <input type="text" class="form-control" name="price" id="total" readonly>
175. </div>
176.  
177. <button type="submit" class="pull-right btn btn-success btn-bordered waves-effect w-md waves-light" name="order">Buat Pesanan</button>
178. </form>
179. </div>
180. </div>
181. </div>
182. <div class="col-md-5">
183. <div class="card">
184. <div class="card-heading card-primary">
185. Informasi
186. </div>
187. <div class="card-block">
188. <ul>
189. <li>Order Pulsa/Kuota/Voucher Game. Masukkan nomor telepon dengan benar.</li>
190. <li>Order token, Harap memasukkan nomer id pelanggan dengan benar.</li>
191. </ul>
192. </div>
193. </div>
194. </div>
195. </div>
196. <!-- end row -->
197. <script type="text/javascript" src="https://code.jquery.com/jquery-1.10.2.js"></script>
198. <script type="text/javascript">
199. $(document).ready(function() {
200. $("#listpulsa").change(function() {
201. var pulsa = $("#listpulsa").val();
202. $.ajax({
203. url: '<?php echo $cfg_baseurl; ?>inc/order_pulsa.php',
204. data: 'pulsa=' + pulsa,
205. type: 'POST',
206. dataType: 'html',
207. success: function(msg) {
208. $("#total").val(msg);
209. }
210. });
211. });
212. $("#pulsa").change(function() {
213. var category = $("#pulsa").val();
214. $.ajax({
215. url: '<?php echo $cfg_baseurl; ?>inc/order_service_pulsa.php',
216. data: 'category=' + category,
217. type: 'POST',
218. dataType: 'html',
219. success: function(msg) {
220. $("#listpulsa").html(msg);
221. }
222. });
223. });
224.  
225. function get_total(quantity) {
226. var rate = $("#rate").val();
227. var result = eval(quantity) * rate;
228. $('#total').val(result);
229. }
230. </script>
231. <?php
232. include("../lib/footer.php");
233. } else {
234. header("Location: ".$cfg_baseurl);
235. }
236. ?>