VelzA

asking

Jan 19th, 2021 (edited)
990
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. // af7ff967594c717171be1524d77a2fde813dc754b660dfbdb656cffa16c4111fb46c925870fed0685e2f705ada367644df51b39655a5ec14f8a9d26aa2ad883d7dcb27a7e5023fce13682a90a22e9555eb06726f00ef78b981d4dc7ebe2e9976
  4.  
  5.  
  6. require '../../mainconfig.php';
  7. if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) AND strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
  8.     if (!isset($_SESSION['login'])) {
  9.         exit("No direct script access allowed!");
  10.     }
  11.     if ($model->db_query($db, "*", "users", "id = '".$_SESSION['login']."' AND level = 'Admin'")['count'] == 0) {
  12.         exit("No direct script access allowed!");
  13.     }
  14.     require('../../lib/ssp.class.php');
  15.     $table = 'users';
  16.     $primaryKey = 'id';
  17.  
  18.     $columns = array(
  19.         array('db' => '`a`.`id`', 'dt' => 0, 'field' => 'id'),
  20.         array('db' => '`a`.`email`', 'dt' => 1, 'field' => 'email'),
  21.         array('db' => '`a`.`username`', 'dt' => 2, 'field' => 'username'),
  22.         array('db' => '`a`.`full_name`', 'dt' => 3, 'field' => 'full_name'),
  23.         array('db' => '`a`.`balance`', 'dt' => 4, 'formatter' => function($i) {
  24.             return "Rp ".number_format($i,0,',','.');
  25.         }, 'field' => 'balance'),
  26.         array('db' => 'SUM(`b`.`price`)', 'dt' => 5, 'formatter' => function($i) {
  27.             return "Rp ".number_format($i,0,',','.');
  28.         }, 'field' => 'total_order', 'as' => 'total_order'),
  29.         array('db' => '`a`.`level`', 'dt' => 6, 'field' => 'level'),
  30.         array('db' => '`a`.`api_key`', 'dt' => 7,
  31.             'formatter' => function($i, $a) use($config) {
  32.                 return $i." <a href=\"javascript:;\" onclick=\"get_data('".$config['web']['base_url']."admin/user/api_key.php?id=".$a['0']."')\" class=\"btn btn-xs btn-primary\"><i class=\"fa fa-random\"></i></a>";
  33.         }, 'field' => 'api_key'),
  34.         array('db' => '`a`.`created_at`', 'dt' => 8, 'field' => 'created_at'),
  35.         array('db' => '`a`.`status`', 'dt' => 9,
  36.             'formatter' => function($i, $a) use($config) {
  37.                 $status = ($i == 1) ? 'Aktif' : 'Nonaktif';
  38.                 $label = ($i == 1) ? 'primary' : 'danger';
  39.                 $change = ($i == 1) ? 0 : 1;
  40.                 return "<a href=\"javascript:;\" onclick=\"get_data('".$config['web']['base_url']."admin/user/status.php?id=".$a['0']."&status=".$change."')\" class=\"btn btn-xs btn-".$label."\">".$status."</a>";
  41.         }, 'field' => 'status'),
  42.         array('db' => '`a`.`id`', 'dt' => 10,
  43.             'formatter' => function($i) use($config) {
  44.                 return "<a href=\"javascript:;\" onclick=\"modal_open('edit', '".$config['web']['base_url']."admin/user/edit.php?id=".$i."')\" class=\"btn btn-xs btn-warning\"><i class=\"fa fa-edit\"></i></a> <a href=\"javascript:;\" onclick=\"modal_delete('".$config['web']['base_url']."admin/user/delete.php?id=".$i."')\" class=\"btn btn-xs btn-danger\"><i class=\"fa fa-trash\"></i></a>";
  45.         }, 'field' => 'id'),
  46.     );
  47.     $sql_details = array(
  48.         'user' => $config['db']['username'],
  49.         'pass' => $config['db']['password'],
  50.         'db'   => $config['db']['name'],
  51.         'host' => $config['db']['host']
  52.     );
  53.     $joinQuery = "FROM `{$table}` AS `a` LEFT JOIN `orders` AS `b` ON (`b`.`user_id` = `a`.`id`)";
  54.     $extraWhere = '';
  55.     $groupBy = 'a.id';
  56.     $having = '';
  57.     print(json_encode(
  58.         SSP::simple( $_GET, $sql_details, $table, $primaryKey, $columns, $joinQuery, $extraWhere, $groupBy, $having )
  59.     ));
  60. } else {
  61.     exit("No direct script access allowed!");
  62. }
RAW Paste Data