<?phpsession_start();require("mainconfig.php");if (isset($_SESSION['user

1. <?php
2. session_start();
3. require("mainconfig.php");
4.  
5. if (isset($_SESSION['user'])) {
6. $sess_username = $_SESSION['user']['username'];
7. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
8. $data_user = mysqli_fetch_assoc($check_user);
9. if (mysqli_num_rows($check_user) == 0) {
10. header("Location: ".$cfg_baseurl."logout.php");
11. } else if ($data_user['status'] == "Suspended") {
12. header("Location: ".$cfg_baseurl."logout.php");
13. }
14.  
15. include("lib/header.php");
16. $msg_type = "nothing";
17.  
18. if (isset($_POST['order'])) {
19. $post_service = $_POST['service'];
20. $post_quantity = $_POST['quantity'];
21. $post_link = trim($_POST['link']);
22. $post_notes = $_POST['notes'];
23. $check_service = mysqli_query($db, "SELECT * FROM services WHERE sid = '$post_service' AND status = 'Active'");
24. $data_service = mysqli_fetch_assoc($check_service);
25.  
26. $check_orders = mysqli_query($db, "SELECT * FROM orders WHERE link = '$post_link' AND status IN ('Pending','Processing')");
27. $data_orders = mysqli_fetch_assoc($check_orders);
28. $rate = $data_service['price'] / 1000;
29. $price = $rate*$post_quantity;
30. $oid = random_number(3).random_number(4);
31. $service = $data_service['service'];
32. $provider = $data_service['provider'];
33. $post_category = $data_service['category'];
34. $pid = $data_service['pid'];
35.  
36. $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
37. $data_provider = mysqli_fetch_assoc($check_provider);
38.  
39. if ($post_category == "IGF") {
40. $id = file_get_contents("https://instagram.com/".$post_link."?__a=1");
41. $id = json_decode($id, true);
42. $start_count = $id['graphql']['user']['edge_followed_by']['count'];
43. } else if ($post_category == "IGL") {
44. $id = file_get_contents("".$post_link."?__a=1");
45. $id = json_decode($id, true);
46. $start_count = $id['graphql']['shortcode_media']['edge_media_preview_like']['count'];
47. } else if ($post_category == "IGV") {
48. $id = file_get_contents("".$post_link."?__a=1");
49. $id = json_decode($id, true);
50. $start_count = $id['graphql']['shortcode_media']['video_view_count'];
51. } else {
52.  
53. }
54. if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
55. $msg_type = "error";
56. $msg_content = "<script>swal('Error!', 'Mohon mengisi input.', 'error');</script><b>Gagal:</b> Mohon mengisi input.";
57. } else if (mysqli_num_rows($check_orders) == 1) {
58. $msg_type = "error";
59. $msg_content = "<script>swal('Error!', 'Terdapat Orderan Username Yang Sama Dan berstatus Pending/Processing.', 'error');</script><b>Gagal:</b> Terdapat Orderan Username Yang Sama Dan berstatus Pending/Processing.";
60. } else if (mysqli_num_rows($check_service) == 0) {
61. $msg_type = "error";
62. $msg_content = "<script>swal('Error!', 'Layanan tidak ditemukan.', 'error');</script><b>Gagal:</b> Layanan tidak ditemukan.";
63. } else if (mysqli_num_rows($check_provider) == 0) {
64. $msg_type = "error";
65. $msg_content = "<script>swal('Error!', 'Server Maintenance.', 'error');</script><b>Gagal:</b> Server Maintenance. [NOPROV]";
66. } else if ($post_quantity < $data_service['min']) {
67. $msg_type = "error";
68. $msg_content = "<script>swal('Error!', 'Jumlah minimal adalah ".$data_service['min'].".', 'error');</script><b>Gagal:</b> Jumlah minimal adalah ".$data_service['min'].".";
69. } else if ($post_quantity > $data_service['max']) {
70. $msg_type = "error";
71. $msg_content = "<script>swal('Error!', 'Jumlah maksimal adalah ".$data_service['max'].".', 'error');</script><b>Gagal:</b> Jumlah maksimal adalah ".$data_service['max'].".";
72. } else if ($data_user['balance'] < $price) {
73. $msg_type = "error";
74. $msg_content = "<script>swal('Error!', 'Saldo Anda tidak mencukupi untuk melakukan pembelian ini.', 'error');</script><b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan pembelian ini.";
75. } else {
76.  
77. // api data
78. $api_link = $data_provider['link'];
79. $api_key = $data_provider['api_key'];
80. // end api data
81.  
82. if ($provider == "MANUAL") {
83. $api_postdata = "";
84. $poid = $oid;
85. } else if ($provider == "IRVANKEDE") {
86. $api_postdata = "api_key=$api_key&service=$pid&target=$post_link&quantity=$post_quantity";
87. $ch = curl_init();
88. curl_setopt($ch, CURLOPT_URL, "https://irvankede-smm.co.id/api/order");
89. curl_setopt($ch, CURLOPT_POST, 1);
90. curl_setopt($ch, CURLOPT_POSTFIELDS, $api_postdata);
91. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
92. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
93. $chresult = curl_exec($ch);
94. curl_close($ch);
95. $json_result = json_decode($chresult);
96. //var_dump($chresult);
97. $poid = $json_result->data->id;
98. } else {
99. die("System Error!");
100. }
101.  
102. if (empty($poid)) {
103. $msg_type = "error";
104. $msg_content = "<script>swal('Error!', 'Server Maintenance.', 'error');</script><b>Gagal:</b> Server Maintenance [POID]. $chresult";
105. } else {
106. $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$sess_username'");
107. if ($update_user == TRUE) {
108. $insert_order = mysqli_query($db, "INSERT INTO balance_history (username, action, quantity, msg, date, time) VALUES ('$sess_username', 'Cut Balance', 'Saldo dipotong untuk pembelian $post_quantity $service, OID : $oid', '$date', '$time')");
109. $insert_order = mysqli_query($db, "INSERT INTO orders (oid, poid, user, service, link, quantity, remains, start_count, price, status, date, provider, place_from) VALUES ('$oid', '$poid', '$sess_username', '$service', '$post_link', '$post_quantity', '$post_quantity', '$start_count', '$price', 'Pending', '$date', '$provider', 'WEB')");
110. if ($insert_order == TRUE) {
111. $msg_type = "success";
112. $msg_content = "<script>swal('Success!', 'Pesanan anda berhasil diterima.', 'success');</script><b>Pesanan telah diterima.</b><br /><b>Layanan:</b> $service<br /><b>Link:</b> $post_link<br /><b>Jumlah:</b> ".number_format($post_quantity,0,',','.')."<br /><b>Start Count:</b> $start_count<br /><b>Biaya:</b> Rp ".number_format($price,0,',','.');
113. } else {
114. $msg_type = "error";
115. $msg_content = "<script>swal('Error!', 'Error system (2).', 'error');</script><b>Gagal:</b> Error system (2).";
116. }
117. } else {
118. $msg_type = "error";
119. $msg_content = "<script>swal('Error!', 'Error system (1).', 'error');</script><b>Gagal:</b> Error system (1).";
120. }
121. }
122. }
123. }
124.  
125. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
126. $data_user = mysqli_fetch_assoc($check_user);
127. ?>
128. <div class="content-page">
129. <div class="content">
130. <div class="container">
131. <div class="row">
132. <div class="col-xs-12">
133. <div class="page-title-box">
134. <h4 class="page-title">Pemesanan Baru</h4>
135. <ol class="breadcrumb p-0 m-0">
136. <li>
137. <a href="#"><?php echo $cfg_webname; ?></a>
138. </li>
139. <li class="active">
140. Pemesanan Baru
141. </li>
142. </ol>
143. <div class="clearfix"></div>
144. </div>
145. </div>
146. </div>
147.  
148. <div class="row">
149. <div class="col-md-7">
150. <div class="panel panel-color panel-info">
151. <div class="panel-heading">
152. <h3 class="panel-title"><i class="mdi mdi-cart"></i> Pemesanan Baru</h3>
153. </div>
154. <div class="panel-body">
155. <?php
156. if ($msg_type == "success") {
157. ?>
158. <div class="alert alert-success">
159. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
160. <i class="fa fa-check-circle"></i>
161. <?php echo $msg_content; ?>
162. </div>
163. <?php
164. } else if ($msg_type == "error") {
165. ?>
166. <div class="alert alert-danger">
167. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
168. <i class="fa fa-times-circle"></i>
169. <?php echo $msg_content; ?>
170. </div>
171. <?php
172. }
173. ?>
174. <form class="form-horizontal" role="form" method="POST">
175. <div class="form-group">
176. <label class="col-md-2 control-label">Kategori</label>
177. <div class="col-md-10">
178. <select class="form-control" id="category" name="category">
179. <option value="0">Pilih salah satu...</option>
180. <?php
181. $check_cat = mysqli_query($db, "SELECT * FROM service_cat ORDER BY name ASC");
182. while ($data_cat = mysqli_fetch_assoc($check_cat)) {
183. ?>
184. <option value="<?php echo $data_cat['code']; ?>"><?php echo $data_cat['name']; ?></option>
185. <?php
186. }
187. ?>
188. </select>
189. </div>
190. </div>
191. <div class="form-group">
192. <label class="col-md-2 control-label">Layanan</label>
193. <div class="col-md-10">
194. <select class="form-control" name="service" id="service">
195. <option value="0">Pilih kategori...</option>
196. </select>
197. </div>
198. </div>
199. <div id="note">
200. </div>
201. <div class="form-group">
202. <label class="col-md-2 control-label">Link/Target</label>
203. <div class="col-md-10">
204. <input type="text" name="link" class="form-control" placeholder="Link/Target">
205. </div>
206. </div>
207. <div class="form-group">
208. <label class="col-md-2 control-label">Jumlah</label>
209. <div class="col-md-10">
210. <input type="number" name="quantity" class="form-control" placeholder="Jumlah" onkeyup="get_total(this.value).value;">
211. </div>
212. </div>
213.  
214. <input type="hidden" id="rate" value="0">
215. <div class="form-group">
216. <label class="col-md-2 control-label">Total Harga</label>
217. <div class="col-md-10">
218. <input type="number" class="form-control" id="total" readonly>
219. </div>
220. </div>
221. <div class="form-group">
222. <div class="col-md-offset-2 col-md-10">
223. <button type="submit" class="btn btn-info waves-effect w-md waves-light" name="order">Buat Pesanan</button>
224. <button type="reset" class="btn btn-default waves-effect w-md waves-light">Ulangi</button>
225. </div>
226. </div>
227. </form>
228. </div>
229. </div>
230. </div>
231. <div class="col-md-5">
232. <div class="panel panel-color panel-info">
233. <div class="panel-heading">
234. <h3 class="panel-title"><i class="mdi mdi-information-outline"></i> Peraturan Pemesanan</h3>
235. </div>
236. <div class="panel-body">
237. <ul>
238. <li>Pastikan username / link data yang di input benar dan valid,</li>
239. <li>Pastikan akun target tidak berstatus private,</li>
240. <li>Jangan input data yang sama dengan orderan sebelum nya apabila orderan sebelum nya belum Completed,</li>
241. <li>Apabila orderan tidak mengalami perubahan status, silahkan kontak admin untuk di tangani,</li>
242. <li>Tidak ada pengembalian dana untuk kesalahan pengguna.</li>
243. </ul>
244. </div>
245. </div>
246. </div>
247. </div>
248. <!-- end row -->
249. <script type="text/javascript" src="https://code.jquery.com/jquery-1.10.2.js"></script>
250. <script type="text/javascript">
251. $(document).ready(function() {
252. $("#category").change(function() {
253. var category = $("#category").val();
254. $.ajax({
255. url: '<?php echo $cfg_baseurl; ?>inc/order_service.php',
256. data: 'category=' + category,
257. type: 'POST',
258. dataType: 'html',
259. success: function(msg) {
260. $("#service").html(msg);
261. }
262. });
263. });
264. $("#service").change(function() {
265. var service = $("#service").val();
266. $.ajax({
267. url: '<?php echo $cfg_baseurl; ?>inc/order_note.php',
268. data: 'service=' + service,
269. type: 'POST',
270. dataType: 'html',
271. success: function(msg) {
272. $("#note").html(msg);
273. }
274. });
275. $.ajax({
276. url: '<?php echo $cfg_baseurl; ?>inc/order_rate.php',
277. data: 'service=' + service,
278. type: 'POST',
279. dataType: 'html',
280. success: function(msg) {
281. $("#rate").val(msg);
282. }
283. });
284. });
285. });
286.  
287. function get_total(quantity) {
288. var rate = $("#rate").val();
289. var result = eval(quantity) * rate;
290. $('#total').val(result);
291. }
292. </script>
293. <?php
294. include("lib/footer.php");
295. } else {
296. header("Location: ".$cfg_baseurl);
297. }
298. ?>