lostyazilim
tr.link

Tabloya Veri Eklenince Otomatik Mail Atma Sorunu

9 Mesajlar 1.668 Okunma
acebozum
tr.link

ozgurerdempolat ozgurerdempolat WM Aracı Kullanıcı
  • Üyelik 26.04.2015
  • Yaş/Cinsiyet 28 / E
  • Meslek Sosyal Medya Danışmanı
  • Konum Ankara
  • Ad Soyad M** P**
  • Mesajlar 132
  • Beğeniler 14 / 28
  • Ticaret 28, (%100)
CREATE TRIGGER orderGeldi
ON orders
FOR INSERT
AS
DECLARE @OrderQuantity BIGINT,@msg VARCHAR(255)
SELECT @OrderQuantity=inserted.OrderQuantity
FROM inserted

SET @msg= CAST(@OrderQuantity AS VARCHAR (16) ) + 'kadar sipariş gönder.'

EXEC master..xp_sendmail 'ozgur.erdem.polat@gmail.com' , @msg


Böyle bir şey yaptım ama hata veriyor nasıl bir trigger oluşturmam gerekiyor. Amaç veritabanına biri sipariş verdiği zaman bana mail gelsin ne olarak geldiğinin önemi de yok ben burada quantity yani sadece sayı gelsin dedim ama önemli önemli olan sipariş geldiğinin haberini vermesi sistemin.
 

 

wmaraci
reklam

mert50356 mert50356 WM Aracı Kullanıcı
  • Üyelik 01.07.2014
  • Yaş/Cinsiyet 32 / E
  • Meslek Yazılım
  • Konum İzmir
  • Ad Soyad M** P**
  • Mesajlar 1104
  • Beğeniler 180 / 265
  • Ticaret 26, (%100)
Bu şekilde değilde sipariş aşamasına tetikleyici komak daha mantıklı olur.

Sipariş verme sayfanızın kodlarını eklerseniz yardımcı olmaya çalışırım.
ozgurerdempolat

kişi bu mesajı beğendi.

Wordpress Hizmetleri | Skype: mert50356

ozgurerdempolat ozgurerdempolat WM Aracı Kullanıcı
  • Üyelik 26.04.2015
  • Yaş/Cinsiyet 28 / E
  • Meslek Sosyal Medya Danışmanı
  • Konum Ankara
  • Ad Soyad M** P**
  • Mesajlar 132
  • Beğeniler 14 / 28
  • Ticaret 28, (%100)
Mert hocam direkt olarak sipariş verilen yerin mi kodunu atayım size? mert50356
 

 

ozgurerdempolat ozgurerdempolat WM Aracı Kullanıcı
  • Üyelik 26.04.2015
  • Yaş/Cinsiyet 28 / E
  • Meslek Sosyal Medya Danışmanı
  • Konum Ankara
  • Ad Soyad M** P**
  • Mesajlar 132
  • Beğeniler 14 / 28
  • Ticaret 28, (%100)
Bu order.php bölümü direkt olarak buradan sipariş veriliyor.
require_once('./files/header.php');
?>










$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('SELECT * FROM orders WHERE OrderUserID = :OrderUserID');
$stmt->bindParam(':OrderUserID', $UserID);
$stmt->execute();

echo $stmt->rowCount();
?>

Hesap Siparişleri








$stmt = $pdo->prepare('SELECT * FROM products');
$stmt->execute();

echo $stmt->rowCount();
?>

Servisler








$stmt = $pdo->prepare('SELECT * FROM orders');
$stmt->execute();

echo $stmt->rowCount();
?>

Toplam Siparişler








$stmt = $pdo->prepare('SELECT * FROM users');
$stmt->execute();

echo $stmt->rowCount();
?>

Toplam Kullanıcılar









Hesap Geçmiş Siparişleri







$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('SELECT * FROM orders WHERE OrderUserID = :OrderUserID ORDER BY OrderDate DESC');
$stmt->bindParam(':OrderUserID', $UserID);
$stmt->execute();

if($stmt->rowCount() > 0) {
?>













$html = '';

foreach($stmt->fetchAll() as $row) {
$html .= '';
$html .= '';
$html .= '';
$html .= '';
$html .= '';
$html .= '';
$html .= '';
$html .= '';
}

echo $html;
?>

Siparişin Servisi Sipariş Miktarı Sipariş Ücreti Sipariş Linki Sipariş Zamanı Sipariş Durumu
'.$product->GetData($row['OrderProductID'], 'ProductName').''.$row['OrderQuantity'].'TL'.round($row['OrderAmount'], 2).''.$row['OrderLink'].''.date('d M, Y h:I:s', $row['OrderDate']).''.$row['OrderStatus'].'.


} else {
$display->ReturnInfo('Daha önce hiç sipariş vermediniz.');
}
?>







require_once('./files/footer.php');
?>
 

 

wmaraci
wmaraci

ozgurerdempolat ozgurerdempolat WM Aracı Kullanıcı
  • Üyelik 26.04.2015
  • Yaş/Cinsiyet 28 / E
  • Meslek Sosyal Medya Danışmanı
  • Konum Ankara
  • Ad Soyad M** P**
  • Mesajlar 132
  • Beğeniler 14 / 28
  • Ticaret 28, (%100)
mert50356 Yapabilecek bir arkadaş varsa iş sonu 20 tl verebilirim. Mesaj atsın yapacak olan varsa.
 

 

mert50356 mert50356 WM Aracı Kullanıcı
  • Üyelik 01.07.2014
  • Yaş/Cinsiyet 32 / E
  • Meslek Yazılım
  • Konum İzmir
  • Ad Soyad M** P**
  • Mesajlar 1104
  • Beğeniler 180 / 265
  • Ticaret 26, (%100)
Bu sayfa verilen siparişleri gösteriyor hocam yeni sipariş verme ile ilgili bir kod göremedim.
ozgurerdempolat

kişi bu mesajı beğendi.

Wordpress Hizmetleri | Skype: mert50356

ozgurerdempolat ozgurerdempolat WM Aracı Kullanıcı
  • Üyelik 26.04.2015
  • Yaş/Cinsiyet 28 / E
  • Meslek Sosyal Medya Danışmanı
  • Konum Ankara
  • Ad Soyad M** P**
  • Mesajlar 132
  • Beğeniler 14 / 28
  • Ticaret 28, (%100)

application/x-httpd-php responds.php ( PHP script text )

require_once('./files/functions.php');

/* RESET ACCOUNT PASSWORD */

if(isset($_POST['action']) && $_POST['action'] == 'reset') {
if(isset($_POST['username']) && isset($_POST['email'])
&& is_string($_POST['username']) && is_string($_POST['email'])
&& !empty($_POST['username']) && !empty($_POST['email'])) {

if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$username = stripslashes(strip_tags($_POST['username']));
$email = $_POST['email'];

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserName = :UserName OR UserEmail = :UserEmail');
$stmt->execute(array(':UserName' => $username, ':UserEmail' => $email));

if($stmt->rowCount() > 0) {
$new_password = substr(md5(rand(1,100000)), 0, 8);

$stmt = $pdo->prepare('UPDATE users SET UserPassword = :UserPassword WHERE UserName = :UserName');
$stmt->execute(array(':UserPassword' => md5($new_password), ':UserName' => $username));

$subject = 'Password recovery';
$txt = 'Your account password has been reset.';
$txt .= 'Your new account password is: '.$new_password.'';
$headers = "From: ".$RecoveryEmail."" . "\r\n" .
"CC: ".$RecoveryEmail."";

mail($email,$subject,$txt,$headers);
} else {
echo('User with these credentials does not exists.');
}
} else {
echo('The entered E-mail is invalid.');
}
} else {
echo('Fill all fields correctly.');
}
}

/* SAVE MERCHANT */

if(isset($_POST['action']) && $_POST['action'] == 'save-merchant') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['website-name']) && isset($_POST['recovery-email']) &&
is_string($_POST['website-name']) && is_string($_POST['recovery-email']) &&
!empty($_POST['website-name']) && !empty($_POST['recovery-email'])) {
if(!filter_var($_POST['recovery-email'], FILTER_VALIDATE_EMAIL) === false) {
$WebsiteName = $_POST['website-name'];
$RecoveryEmail = $_POST['recovery-email'];

$PaypalEmail = $_POST['paypal-email'];

$SkrillEmail = $_POST['skrill-email'];
$SkrillSecret = $_POST['skrill-secret'];

$stmt = $pdo->prepare('SELECT * FROM merchant');
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);

if(empty($row['MerchantWebsiteName'])) {
$stmt = $pdo->prepare('INSERT INTO merchant (MerchantWebsiteName, MerchantRecoveryEmail, MerchantPaypalEmail, MerchantSkrillEmail, MerchantSkrillSecret)
VALUES (:MerchantWebsiteName, :MerchantRecoveryEmail, :MerchantPaypalEmail, :MerchantSkrillEmail, :MerchantSkrillSecret)');

$stmt->execute(array(':MerchantWebsiteName' => $WebsiteName, ':MerchantRecoveryEmail' => $RecoveryEmail, ':MerchantPaypalEmail' => $PaypalEmail,
':MerchantSkrillEmail' => $SkrillEmail, ':MerchantSkrillSecret' => $SkrillSecret));
} else {
$CurrentName = $row['MerchantWebsiteName'];

$stmt = $pdo->prepare('UPDATE merchant SET MerchantWebsiteName = :MerchantWebsiteName, MerchantRecoveryEmail = :MerchantRecoveryEmail,
MerchantPaypalEmail = :MerchantPaypalEmail, MerchantSkrillEmail = :MerchantSkrillEmail, MerchantSkrillSecret = :MerchantSkrillSecret WHERE MerchantWebsiteName = :MerchantWebsiteNameConfirm');

$stmt->execute(array(':MerchantWebsiteName' => $WebsiteName, ':MerchantRecoveryEmail' => $RecoveryEmail, ':MerchantPaypalEmail' => $PaypalEmail,
':MerchantSkrillEmail' => $SkrillEmail, ':MerchantSkrillSecret' => $SkrillSecret, ':MerchantWebsiteNameConfirm' => $CurrentName));
}
} else {
echo('The provided recovery E-mail address is invalid.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* CREATE USER FROM ADMINISTRATION PANEL */

if(isset($_POST['action']) && $_POST['action'] == 'create-user') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['user-first-name']) && isset($_POST['user-last-name']) && isset($_POST['user-email']) && isset($_POST['user-name']) && isset($_POST['user-password']) && isset($_POST['user-level']) && isset($_POST['user-funds']) &&
is_string($_POST['user-first-name']) && is_string($_POST['user-last-name']) && is_string($_POST['user-email']) && is_string($_POST['user-name']) && is_string($_POST['user-password']) && is_string($_POST['user-level']) && ctype_digit($_POST['user-funds']) &&
!empty($_POST['user-first-name']) && !empty($_POST['user-last-name']) && !empty($_POST['user-email']) && !empty($_POST['user-name']) && !empty($_POST['user-password']) && !empty($_POST['user-level'])) {
if(strlen($_POST['user-password']) < 32 && strlen($_POST['user-password']) > 3) {
if(strlen($_POST['user-name']) < 16 && strlen($_POST['user-name']) > 3) {
if(!filter_var($_POST['user-email'], FILTER_VALIDATE_EMAIL) === false) {
$first_name = stripslashes(strip_tags($_POST['user-first-name']));
$last_name = stripslashes(strip_tags($_POST['user-last-name']));
$email = $_POST['user-email'];
$user_name = stripslashes(strip_tags($_POST['user-name']));
$password = md5($_POST['user-password']);
$level = stripslashes(strip_tags($_POST['user-level']));
$funds = stripslashes(strip_tags($_POST['user-funds']));

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserName = :UserName OR UserEmail = :UserEmail');
$stmt->execute(array(':UserName' => $user_name, ':UserEmail' => $email));

if($stmt->rowCount() == 0) {
$stmt = $pdo->prepare('INSERT INTO users (UserName, UserEmail, UserPassword, UserLevel, UserFirstName, UserLastName, UserRegistrationDate, UserRegistrationAddress, UserFunds)
VALUES (:UserName, :UserEmail, :UserPassword, :UserLevel, :UserFirstName, :UserLastName, :UserRegistrationDate, :UserRegistrationAddress, :UserFunds)');

$stmt->execute(array(':UserName' => $user_name, ':UserEmail' => $email, ':UserPassword' => $password, ':UserLevel' => $level, ':UserFirstName' => $first_name, ':UserLastName' => $last_name, ':UserRegistrationDate' => time(), ':UserRegistrationAddress' => '127.0.0.1', ':UserFunds' => $funds));
} else {
echo('User with these credentials already exists.');
return false;
}
} else {
echo('The provided e-mail address is invalid.');
}
} else {
echo('User name length have to be 4-16 characters.');
}
} else {
echo('Password length have to be 4-32 characters.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* ADD NEW */

if(isset($_POST['action']) && $_POST['action'] == 'add-new') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['new-title']) && isset($_POST['new-content']) &&
is_string($_POST['new-title']) && is_string($_POST['new-content']) &&
!empty($_POST['new-title']) && !empty($_POST['new-content'])) {
$new_title = stripslashes(strip_tags($_POST['new-title']));
$new_content = stripslashes(strip_tags($_POST['new-content']));
$new_user = $user->GetData('UserID');
$new_date = time();

$stmt = $pdo->prepare('INSERT INTO news (NewsTitle, NewsContent, NewsDate, NewsUserID) VALUES (:NewsTitle, :NewsContent, :NewsDate, :NewsUserID)');
$stmt->execute(array(':NewsTitle' => $new_title, ':NewsContent' => $new_content, ':NewsDate' => $new_date, ':NewsUserID' => $new_user));
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* EDIT NEW */

if(isset($_POST['action']) && $_POST['action'] == 'edit-new') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['new-id']) && isset($_POST['new-title']) && isset($_POST['new-content']) &&
is_string($_POST['new-title']) && is_string($_POST['new-content']) &&
!empty($_POST['new-title']) && !empty($_POST['new-content'])) {
$new_title = stripslashes(strip_tags($_POST['new-title']));
$new_content = stripslashes(strip_tags($_POST['new-content']));
$new_id = $_POST['new-id'];

$stmt = $pdo->prepare('SELECT * FROM news WHERE NewsID = :NewsID');
$stmt->bindParam(':NewsID', $new_id);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('UPDATE news SET NewsTitle = :NewsTitle, NewsContent = :NewsContent WHERE NewsID = :NewsID');

$stmt->execute(array(':NewsTitle' => $new_title, ':NewsContent' => $new_content, ':NewsID' => $new_id));
} else {
echo('New does not exists.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* DELETE NEW */

if(isset($_POST['action']) && $_POST['action'] == 'delete-new') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['new-id']) && !empty($_POST['new-id']) && ctype_digit($_POST['new-id'])) {
$NewsID = $_POST['new-id'];

$stmt = $pdo->prepare('SELECT * FROM news WHERE NewsID = :NewsID');
$stmt->bindParam(':NewsID', $NewsID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('DELETE FROM news WHERE NewsID = :NewsID');
$stmt->bindParam(':NewsID', $NewsID);
$stmt->execute();
} else {
echo 'New does not exists.';
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* DELETE LOGS */

if(isset($_POST['action']) && $_POST['action'] == 'delete-logs') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
$stmt = $pdo->prepare('DELETE FROM logs');
$stmt->execute();
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* EDIT USER */

if(isset($_POST['action']) && $_POST['action'] == 'edit-user') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['user-id']) && isset($_POST['user-first-name']) && isset($_POST['user-last-name']) && isset($_POST['user-email']) && isset($_POST['user-name']) && isset($_POST['user-level']) && isset($_POST['user-funds']) &&
is_string($_POST['user-first-name']) && is_string($_POST['user-last-name']) && is_string($_POST['user-email']) && is_string($_POST['user-name']) && is_string($_POST['user-level']) && preg_match('/^[0-9.]+$/', $_POST['user-funds']) &&
!empty($_POST['user-id']) && !empty($_POST['user-first-name']) && !empty($_POST['user-last-name']) && !empty($_POST['user-email']) && !empty($_POST['user-name']) && !empty($_POST['user-level'])) {
if(strlen($_POST['user-name']) < 16 && strlen($_POST['user-name']) > 3) {
if(!filter_var($_POST['user-email'], FILTER_VALIDATE_EMAIL) === false) {
$first_name = stripslashes(strip_tags($_POST['user-first-name']));
$last_name = stripslashes(strip_tags($_POST['user-last-name']));
$email = $_POST['user-email'];
$user_name = stripslashes(strip_tags($_POST['user-name']));
$level = stripslashes(strip_tags($_POST['user-level']));
$funds = stripslashes(strip_tags($_POST['user-funds']));
$user_id = $_POST['user-id'];

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserName = :UserName OR UserEmail = :UserEmail');
$stmt->execute(array(':UserName' => $user_name, ':UserEmail' => $email));


$query = $pdo->prepare('SELECT * FROM users WHERE UserID = :UserID');
$query->bindParam(':UserID', $user_id);
$query->execute();

if($query->rowCount() == 0) {
echo 'User account does not exists.';
return false;
}
if($stmt->rowCount() <= 1) {
$stmt = $pdo->prepare('UPDATE users SET UserFirstName = :UserFirstName, UserLastName = :UserLastName, UserEmail = :UserEmail, UserName = :UserName, UserLevel = :UserLevel, UserFunds = :UserFunds WHERE UserID = :UserID');

$stmt->execute(array(':UserFirstName' => $first_name, ':UserLastName' => $last_name, ':UserEmail' => $email,
':UserName' => $user_name, ':UserLevel' => $level, ':UserFunds' => $funds, ':UserID' => $user_id));
} else {
echo('User with these credentials already exists.');
return false;
}
} else {
echo('The provided e-mail address is invalid.');
}
} else {
echo('User name length have to be 4-16 characters.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* CREATE CATEGORY */

if(isset($_POST['action']) && $_POST['action'] == 'create-category') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['category-name']) && isset($_POST['category-description']) &&
is_string($_POST['category-name']) && is_string($_POST['category-description']) &&
!empty($_POST['category-name']) && !empty($_POST['category-description'])) {
$category_name = stripslashes(strip_tags($_POST['category-name']));
$category_description = stripslashes(strip_tags($_POST['category-description']));
$time = time();

$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryName = :CategoryName');
$stmt->bindParam(':CategoryName', $category_name);
$stmt->execute();

if($stmt->rowCount() == 0) {
$stmt = $pdo->prepare('INSERT INTO categories (CategoryName, CategoryDescription, CategoryCreatedDate) VALUES (:CategoryName, :CategoryDescription, :CategoryCreatedDate)');
$stmt->execute(array(':CategoryName' => $category_name, ':CategoryDescription' => $category_description, ':CategoryCreatedDate' => $time));
} else {
echo('Category already exists.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* OPEN TICKET */

if(isset($_POST['action']) && $_POST['action'] == 'open-ticket') {
if(isset($_POST['ticket-title']) && isset($_POST['ticket-message']) &&
is_string($_POST['ticket-title']) && is_string($_POST['ticket-message']) &&
!empty($_POST['ticket-title']) && !empty($_POST['ticket-message'])) {
$ticket_title = stripslashes(strip_tags($_POST['ticket-title']));
$ticket_message = stripslashes(strip_tags($_POST['ticket-message']));
$time = time();
$user_id = $user->GetData('UserID');

$stmt = $pdo->prepare('INSERT INTO support (SupportUserID, SupportTitle, SupportMessage, SupportDate) VALUES (:SupportUserID, :SupportTitle, :SupportMessage, :SupportDate)');
$stmt->execute(array(':SupportUserID' => $user_id, ':SupportTitle' => $ticket_title, ':SupportMessage' => $ticket_message, ':SupportDate' => $time));
} else {
echo('Fill all fields correctly.');
}
}

/* TICKET REPLY */

if(isset($_POST['action']) && $_POST['action'] == 'reply-ticket') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['ticket-id']) && isset($_POST['ticket-reply']) &&
ctype_digit($_POST['ticket-id']) && is_string($_POST['ticket-reply']) &&
!empty($_POST['ticket-id']) && !empty($_POST['ticket-reply'])) {
$ticket_id = $_POST['ticket-id'];
$ticket_reply = stripslashes(strip_tags($_POST['ticket-reply']));

$stmt = $pdo->prepare('UPDATE support SET SupportReply = :SupportReply WHERE SupportID = :SupportID');
$stmt->execute(array(':SupportReply' => $ticket_reply, ':SupportID' => $ticket_id));
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* TICKET DELETE */

if(isset($_POST['action']) && $_POST['action'] == 'delete-ticket') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['ticket-id']) && ctype_digit($_POST['ticket-id']) && !empty($_POST['ticket-id'])) {
$ticket_id = $_POST['ticket-id'];

$stmt = $pdo->prepare('DELETE FROM support WHERE SupportID = :SupportID');
$stmt->bindParam(':SupportID', $ticket_id);
$stmt->execute();
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* CREATE SERVICE */

if(isset($_POST['action']) && $_POST['action'] == 'create-service') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['service-name']) && isset($_POST['service-description']) && isset($_POST['service-quantity']) && isset($_POST['service-price']) && isset($_POST['service-category']) && isset($_POST['service-api']) &&
is_string($_POST['service-name']) && is_string($_POST['service-description']) && is_string($_POST['service-quantity']) && is_string($_POST['service-price']) && is_string($_POST['service-category']) &&
!empty($_POST['service-name']) && !empty($_POST['service-description']) && !empty($_POST['service-quantity']) && ctype_digit($_POST['service-quantity']) && !empty($_POST['service-price']) && !empty($_POST['service-category'])) {
$service_name = stripslashes(strip_tags($_POST['service-name']));
$service_description = stripslashes(strip_tags($_POST['service-description']));
$service_quantity = stripslashes(strip_tags($_POST['service-quantity']));
$service_price = stripslashes(strip_tags($_POST['service-price']));
$service_category = stripslashes(strip_tags($_POST['service-category']));
$service_api = htmlspecialchars($_POST['service-api']);
$time = time();

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductName = :ProductName');
$stmt->bindParam(':ProductName', $service_name);
$stmt->execute();

if($stmt->rowCount() == 0) {
$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $service_category);
$stmt->execute();

if($stmt->rowCount() > 0 ) {
$stmt = $pdo->prepare('INSERT INTO products (ProductCategoryID, ProductName, ProductDescription, ProductMinimumQuantity, ProductPrice, ProductCreatedDate, ProductAPI)
VALUES (:ProductCategoryID, :ProductName, :ProductDescription, :ProductMinimumQuantity, :ProductPrice, :ProductCreatedDate, :ProductAPI)');

$stmt->execute(array(':ProductCategoryID' => $service_category, ':ProductName' => $service_name, ':ProductDescription' => $service_description, ':ProductMinimumQuantity' => $service_quantity, ':ProductPrice' => $service_price, ':ProductCreatedDate' => $time, ':ProductAPI' => $service_api));
} else {
echo 'Category does not exists.';
}
} else {
echo('Service already exists.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* EDIT SERVICE */

if(isset($_POST['action']) && $_POST['action'] == 'edit-service') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['service-id']) && isset($_POST['service-name']) && isset($_POST['service-description']) && isset($_POST['service-quantity']) && isset($_POST['service-price']) && isset($_POST['service-category']) && isset($_POST['service-api']) &&
is_string($_POST['service-name']) && is_string($_POST['service-description']) && is_string($_POST['service-quantity']) && is_string($_POST['service-price']) && is_string($_POST['service-category']) &&
!empty($_POST['service-name']) && !empty($_POST['service-description']) && !empty($_POST['service-quantity']) && ctype_digit($_POST['service-quantity']) && !empty($_POST['service-price']) && !empty($_POST['service-category'])) {
$service_name = stripslashes(strip_tags($_POST['service-name']));
$service_description = stripslashes(strip_tags($_POST['service-description']));
$service_quantity = stripslashes(strip_tags($_POST['service-quantity']));
$service_price = stripslashes(strip_tags($_POST['service-price']));
$service_category = stripslashes(strip_tags($_POST['service-category']));
$service_api = $_POST['service-api'];
$time = time();

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $_POST['service-id']);
$stmt->execute();

if($stmt->rowCount() == 1) {
$ServiceRow = $stmt->fetch(PDO::FETCH_ASSOC);

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductName = :ProductName');
$stmt->bindParam(':ProductName', $service_name);
$stmt->execute();

if(strtolower($ServiceRow['ProductName']) == strtolower($service_name) || $stmt->rowCount() == 0) {
$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $service_category);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('UPDATE products SET ProductCategoryID = :ProductCategoryID, ProductName = :ProductName, ProductDescription = :ProductDescription, ProductMinimumQuantity = :ProductMinimumQuantity, ProductPrice = :ProductPrice, ProductAPI = :ProductAPI WHERE ProductID = :ProductID');
$stmt->execute(array(':ProductCategoryID' => $service_category, ':ProductName' => $service_name, ':ProductDescription' => $service_description, ':ProductMinimumQuantity' => $service_quantity, ':ProductPrice' => $service_price, ':ProductID' => $_POST['service-id'], ':ProductAPI' => $service_api));
} else {
echo 'Category does not exists.';
}
} else {
echo 'Service with this name already exists.';
}
} else {
echo('Service does not exists.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* DELETE SERVICE */

if(isset($_POST['action']) && $_POST['action'] == 'delete-service') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['service-id']) && !empty($_POST['service-id']) && ctype_digit($_POST['service-id'])) {
$ServiceID = $_POST['service-id'];

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $ServiceID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('DELETE FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $ServiceID);
$stmt->execute();
} else {
echo 'Service does not exists.';
return false;
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* EDIT CATEGORY */

if(isset($_POST['action']) && $_POST['action'] == 'edit-category') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['category-id']) && isset($_POST['category-name']) && isset($_POST['category-description']) &&
is_string($_POST['category-name']) && is_string($_POST['category-description']) &&
!empty($_POST['category-name']) && !empty($_POST['category-description'])) {
$category_id = stripslashes(strip_tags($_POST['category-id']));
$category_name = stripslashes(strip_tags($_POST['category-name']));
$category_description = stripslashes(strip_tags($_POST['category-description']));
$time = time();

$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $_POST['category-id']);
$stmt->execute();

if($stmt->rowCount() == 1) {
$CategoryRow = $stmt->fetch(PDO::FETCH_ASSOC);

$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryName = :CategoryName');
$stmt->bindParam(':CategoryName', $category_name);
$stmt->execute();

if(strtolower($CategoryRow['CategoryName']) == strtolower($category_name) || $stmt->rowCount() == 0) {
$stmt = $pdo->prepare('UPDATE categories SET CategoryName = :CategoryName, CategoryDescription = :CategoryDescription WHERE CategoryID = :CategoryID');
$stmt->execute(array(':CategoryID' => $category_id, ':CategoryName' => $category_name, ':CategoryDescription' => $category_description));
} else {
echo('Category name already exists.');
}
} else {
echo('Category already exists.');
}
} else {
echo('Fill all fields correctly.');
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* DELETE CATEGORY */

if(isset($_POST['action']) && $_POST['action'] == 'delete-category') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['category-id']) && !empty($_POST['category-id']) && ctype_digit($_POST['category-id'])) {
$CategoryID = $_POST['category-id'];

$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $CategoryID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('DELETE FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $CategoryID);
$stmt->execute();

$stmt = $pdo->prepare('DELETE FROM products WHERE ProductCategoryID = :ProductCategoryID');
$stmt->bindParam(':ProductCategoryID', $CategoryID);
$stmt->execute();
} else {
echo 'Category does not exists.';
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* UPDATE ORDER STATUS */


if(isset($_POST['action']) && $_POST['action'] == 'update-order-status') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['order-status']) && !empty($_POST['order-status']) && is_string($_POST['order-status']) &&
isset($_POST['order-id']) && !empty($_POST['order-id']) && ctype_digit($_POST['order-id'])) {
$OrderID = $_POST['order-id'];

$stmt = $pdo->prepare('SELECT * FROM orders WHERE OrderID = :OrderID');
$stmt->bindParam(':OrderID', $OrderID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$OrderStatus = $_POST['order-status'];
if($OrderStatus == 'Delete Order') {
$stmt = $pdo->prepare('DELETE FROM orders WHERE OrderID = :OrderID');
$stmt->bindParam(':OrderID', $OrderID);
$stmt->execute();
}
$stmt = $pdo->prepare('UPDATE orders SET OrderStatus = :OrderStatus WHERE OrderID = :OrderID');
$stmt->execute(array(':OrderStatus' => $OrderStatus, ':OrderID' => $OrderID));
} else {
echo 'Order does not exists.';
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* BAN & UNBAN USER */

if(isset($_POST['action']) && $_POST['action'] == 'ban-user') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['user-id']) && !empty($_POST['user-id']) && ctype_digit($_POST['user-id'])) {
$UserID = $_POST['user-id'];

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserID = :UserID');
$stmt->bindParam(':UserID', $UserID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$UserLevel = $row['UserLevel'];

if($UserLevel == 'banned') {
echo 'User account is already terminated.';
return false;
} else {
$stmt = $pdo->prepare('UPDATE users SET UserLevel = :UserLevel WHERE UserID = :UserID');
$stmt->execute(array(':UserLevel' => 'banned', ':UserID' => $UserID));
}
} else {
echo 'User account does not exists.';
return false;
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

if(isset($_POST['action']) && $_POST['action'] == 'unban-user') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['user-id']) && !empty($_POST['user-id']) && ctype_digit($_POST['user-id'])) {
$UserID = $_POST['user-id'];

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserID = :UserID');
$stmt->bindParam(':UserID', $UserID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$UserLevel = $row['UserLevel'];

if($UserLevel != 'banned') {
echo 'User account is not terminated.';
return false;
} else {
$stmt = $pdo->prepare('UPDATE users SET UserLevel = :UserLevel WHERE UserID = :UserID');
$stmt->execute(array(':UserLevel' => 'default', ':UserID' => $UserID));
}
} else {
echo 'User account does not exists.';
return false;
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* DELETE USER */

if(isset($_POST['action']) && $_POST['action'] == 'delete-user') {
$UserLevel = $user->GetData('UserLevel');

if($UserLevel == 'admin') {
if(isset($_POST['user-id']) && !empty($_POST['user-id']) && ctype_digit($_POST['user-id'])) {
$UserID = $_POST['user-id'];

$stmt = $pdo->prepare('SELECT * FROM users WHERE UserID = :UserID');
$stmt->bindParam(':UserID', $UserID);
$stmt->execute();

if($stmt->rowCount() == 1) {
$stmt = $pdo->prepare('DELETE FROM users WHERE UserID = :UserID');
$stmt->bindParam(':UserID', $UserID);
$stmt->execute();
} else {
echo 'User account does not exists.';
return false;
}
}
} else {
echo('You don\'t have permissions to browse this page.');
}
}

/* UPDATE PROFILE INFORMATION */

if(isset($_POST['action']) && $_POST['action'] == 'profile-update') {
if(isset($_POST['first-name']) && isset($_POST['last-name']) && isset($_POST['email']) && isset($_POST['password'])
&& is_string($_POST['first-name']) && is_string($_POST['last-name']) && is_string($_POST['email']) && is_string($_POST['password'])
&& !empty($_POST['first-name']) && !empty($_POST['last-name']) && !empty($_POST['email']) && !empty($_POST['password'])) {

if(md5($_POST['password']) == $user->GetData('UserPassword')) {
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$first_name = stripslashes(strip_tags($_POST['first-name']));
$last_name = stripslashes(strip_tags($_POST['last-name']));
$email = $_POST['email'];
$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('UPDATE users SET UserFirstName = :UserFirstName, UserLastName = :UserLastName, UserEmail = :UserEmail WHERE UserID = :UserID');
$stmt->execute(array(':UserFirstName' =>$first_name, ':UserLastName' => $last_name, ':UserEmail' => $email, ':UserID' => $UserID));
} else {
echo('The provided E-mail is invalid.');
}
} else {
echo('The entered password does not equals to your account password.');
}
} else {
echo('Fill all fields correctly.');
}
}

/* UPDATE ACCOUNT PASSWORD */

if(isset($_POST['action']) && $_POST['action'] == 'password-update') {
if(isset($_POST['current-password']) && isset($_POST['new-password'])
&& is_string($_POST['current-password']) && is_string($_POST['new-password'])
&& !empty($_POST['current-password']) && !empty($_POST['new-password'])) {

if(md5($_POST['current-password']) == $user->GetData('UserPassword')) {
if(strlen($_POST['new-password']) > 3 && strlen($_POST['new-password']) < 32) {
$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('UPDATE users SET UserPassword = :UserPassword WHERE UserID = :UserID');
$stmt->execute(array(':UserPassword' => md5($_POST['new-password']), ':UserID' => $UserID));
} else {
echo('Password length have to be 4-32 characters.');
}
} else {
echo('The entered password does not match to your account password.');
}
} else {
echo('Fill all fields correctly.');
}
}

/* GET AVAILABLE SERVICES */

if(isset($_POST['action']) && $_POST['action'] == 'get-products') {
$category = stripslashes(strip_tags($_POST['option']));

$stmt = $pdo->prepare('SELECT * FROM categories WHERE CategoryID = :CategoryID');
$stmt->bindParam(':CategoryID', $category);
$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);
$CategoryID = $row['CategoryID'];

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductCategoryID = :ProductCategoryID');
$stmt->bindParam(':ProductCategoryID', $CategoryID);
$stmt->execute();

$html = '';

foreach($stmt->fetchAll() as $rows) {
$html .= '';
}

echo $html;
}

/* CREATE SERVICE ORDER */

if(isset($_POST['action']) && $_POST['action'] == 'create-order') {
if(isset($_POST['service']) && isset($_POST['quantity']) && isset($_POST['link']) &&
!empty($_POST['service']) && !empty($_POST['quantity']) && !empty($_POST['link']) &&
ctype_digit($_POST['service']) && ctype_digit($_POST['quantity']) && is_string($_POST['link'])) {
$service = strip_tags(stripslashes($_POST['service']));
$quantity = strip_tags(stripslashes($_POST['quantity']));
$link = stripslashes(strip_tags($_POST['link']));
$time = time();
$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $service);
$stmt->execute();

if($stmt->rowCount() > 0) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$product_quantity = $row['ProductMinimumQuantity'];
$account_balance = $user->GetData('UserFunds');
if($quantity >= $product_quantity) {
$newprice = $product->DeclarePrice($row['ProductPrice'], $row['ProductMinimumQuantity'], $quantity);
$price = round($newprice, 2);
if($account_balance >= $price) {
$api = $row['ProductAPI'];

if(!empty($api)) {
$api_link = str_replace('[LINK]', $link, $api);
$api_final = str_replace('[QUANTITY]', $quantity, $api_link);

$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $api_final,
CURLOPT_USERAGENT => 'Enigma SMM API Caller'
));

$resp = curl_exec($curl);
curl_close($curl);

echo 'API: Success';

$stmt = $pdo->prepare('INSERT INTO orders (OrderUserID, OrderProductID, OrderDate, OrderLink, OrderQuantity, OrderAmount, OrderStatus) VALUES (:OrderUserID, :OrderProductID, :OrderDate, :OrderLink, :OrderQuantity, :OrderAmount, :OrderStatus)');
$stmt->execute(array(':OrderUserID' => $UserID, ':OrderProductID' => $service, ':OrderDate' => $time, ':OrderLink' => $link, ':OrderQuantity' => $quantity, ':OrderAmount' => $price, ':OrderStatus' => 'Completed'));
} else {
$stmt = $pdo->prepare('INSERT INTO orders (OrderUserID, OrderProductID, OrderDate, OrderLink, OrderQuantity, OrderAmount) VALUES (:OrderUserID, :OrderProductID, :OrderDate, :OrderLink, :OrderQuantity, :OrderAmount)');
$stmt->execute(array(':OrderUserID' => $UserID, ':OrderProductID' => $service, ':OrderDate' => $time, ':OrderLink' => $link, ':OrderQuantity' => $quantity, ':OrderAmount' => $price));
}
// Take balance from user's account

$UserFunds = $account_balance - $price;

$stmt = $pdo->prepare('UPDATE users SET UserFunds = :UserFunds WHERE UserID = :UserID');
$stmt->execute(array(':UserFunds' => $UserFunds, ':UserID' => $UserID));
} else {
echo 'Not enough funds in the account.You can deposit funds to your account from here.';
}
} else {
echo 'Minimum product quantity for purchase is '.$product_quantity.'.';
}
} else {
echo 'Invalid Product ID.';
}
} else {
echo 'Fill all fields correctly.';
}
}

/* GET ORDER AMOUNT */

if(isset($_POST['action']) && $_POST['action'] == 'get-amount') {
if(isset($_POST['service']) && isset($_POST['quantity']) &&
!empty($_POST['service']) && !empty($_POST['quantity'])&&
ctype_digit($_POST['service']) && ctype_digit($_POST['quantity'])) {
$service = strip_tags(stripslashes($_POST['service']));
$quantity = strip_tags(stripslashes($_POST['quantity']));

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $service);
$stmt->execute();

if($stmt->rowCount() > 0) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$product_quantity = $row['ProductMinimumQuantity'];

if($quantity >= $product_quantity) {
$price = $product->DeclarePrice($row['ProductPrice'], $row['ProductMinimumQuantity'], $quantity);
echo round($price, 2);
} else {
echo 'Invalid quantity.';
}
} else {
echo 'Invalid Product ID.';
}
} else {
echo 'Fill all fields correctly.';
}
}

/* GET PRODUCT DETAILS (SUCH AS QUANTITY, PRICE) */

if(isset($_POST['action']) && $_POST['action'] == 'product-details') {
if(isset($_POST['details']) && isset($_POST['product-id']) && !empty($_POST['details']) && !empty($_POST['product-id']) && is_string($_POST['details']) && ctype_digit($_POST['product-id'])) {
$Details = strip_tags(stripslashes($_POST['details']));
$ProductID = strip_tags(stripslashes($_POST['product-id']));

$stmt = $pdo->prepare('SELECT * FROM products WHERE ProductID = :ProductID');
$stmt->bindParam(':ProductID', $ProductID);
$stmt->execute();

if($stmt->rowCount() > 0) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
echo $row[$Details];
} else {
echo 'Error.';
}
}
}

/* UPDATE ACCOUNT AVATAR */

if(is_array($_FILES) && isset($_FILES['avatar'])) {
if(is_uploaded_file($_FILES['avatar']['tmp_name'])) {
if(($_FILES['avatar']['type'] == 'image/gif') || ($_FILES['avatar']['type'] == 'image/jpeg') || ($_FILES['avatar']['type'] == 'image/png')) {
$image_info = getimagesize($_FILES["avatar"]["tmp_name"]);
$image_width = $image_info[0];
$image_height = $image_info[1];
if($image_width > 512 && $image_height > 512) {
echo 'Maximum image size: width: 512px & height: 512px.';
} else {
$image = addslashes(file_get_contents($_FILES['avatar']['tmp_name']));
$UserID = $user->GetData('UserID');

$stmt = $pdo->prepare('UPDATE users SET UserImage = :UserImage WHERE UserID = :UserID');
$stmt->execute(array(':UserImage' => $image, ':UserID' => $UserID));
}
} else {
echo 'Image format not supported, or image is corrupt.';
}
} else {
echo 'An error occurred.';
}
}
 

 

SertacSolmaz SertacSolmaz IT Manager Kullanıcı
  • Üyelik 27.08.2014
  • Yaş/Cinsiyet 38 / E
  • Meslek IT Manager
  • Konum Kayseri
  • Ad Soyad S** S**
  • Mesajlar 84
  • Beğeniler 31 / 18
  • Ticaret 0, (%0)
Veritabanınız MS SQL ise yardımcı olabilirim pm den iletişime geçebilirsiniz
 

 

Zoru hemen başarırız. İmkansız biraz zaman alır.

dlkrnugur dlkrnugur JS Coder Kullanıcı
  • Üyelik 20.11.2011
  • Yaş/Cinsiyet 28 / E
  • Meslek PHP Coder
  • Konum Muğla
  • Ad Soyad U** D**
  • Mesajlar 1069
  • Beğeniler 210 / 209
  • Ticaret 41, (%98)
Özel mesaj attım, sorunsuz bir şekilde yapabilirim.

Skype: dlkrnugur
 

 

wmaraci
wmaraci
Konuyu toplam 1 kişi okuyor. (0 kullanıcı ve 1 misafir)
Site Ayarları
  • Tema Seçeneği
  • Site Sesleri
  • Bildirimler
  • Özel Mesaj Al