/admin/app/controllers/admins_controller.php
PHP | 1326 lines | 1004 code | 211 blank | 111 comment | 152 complexity | 11b88a6107e1685c2da90bee5e93ad37 MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0
- <?php
-
- class AdminsController extends AppController
- {
- var $name='Admins';
- var $helpers = array('Html','Javascript','Ajax','Pagination','error');
- var $components = array('Pagination','Sendmail');
-
- function index()
- {
- $this->checkSession();
- }
- ######################################### My payment Page of the admin ####################
- function mypayment()
- {
- $this->checkSession();
- $this->pageTitle = 'My Payment';
- $this->layout = 'default_after_login';
- }
- function userpayment($userType=null,$userId=null)
- {
- $this->checkSession();
- $this->pageTitle = 'My Payment';
- $this->layout = 'default_after_login';
- $this->set('UserType',$userType);
- $this->set('viewUser',$userId);
- }
- function paymenttouser($userType=null,$userId=null)
- {
- $this->checkSession();
- $this->pageTitle = 'Payment to User';
- $this->layout = 'default_after_login';
- $this->set("paymentMethods",$this->getPaymentMethods(base64_decode($userId)));
-
- /* GET THE TOTAL BALANCE */
- $getTotalPayment=" SELECT amount , DrCr
- FROM xouser_transaction_details
- WHERE xouser_transaction_id
- AND user_id = '".base64_decode($userId)."'";
-
- $getTotalPayment_res = mysql_query($getTotalPayment);
- $temppayment = 0;
- while($getTotalPayment_arr =mysql_fetch_array($getTotalPayment_res))
- {
- $temppayment += ($getTotalPayment_arr['amount'] * $getTotalPayment_arr['DrCr']);
- }
- $queryGetTotalPayment=mysql_fetch_assoc(mysql_query($getTotalPayment));
- $this->set("totalPaymentAmount",$temppayment);
- $this->set("payableUser",$userId);
- /**/
-
- }
- function makepayment($userId=null)
- {
- $this->checkSession();
- $this->layout = 'commissionpaymemnt';
- $this->render("blank_page");
-
- /* GET THE TOTAL BALANCE */
- $getTotalPayment=" SELECT amount , DrCr
- FROM xouser_transaction_details
- WHERE xouser_transaction_id
- AND user_id = '".base64_decode($userId)."'";
-
- $getTotalPayment_res = mysql_query($getTotalPayment);
- $temppayment = 0;
- while($getTotalPayment_arr =mysql_fetch_array($getTotalPayment_res))
- {
- $temppayment += ($getTotalPayment_arr['amount'] * $getTotalPayment_arr['DrCr']);
- }
- //$temppayment=14;
-
-
- $amountPay=$temppayment;
- $paymentMethods=$this->getPaymentMethods(base64_decode($userId));
-
- if($this->data['Event']['radiobutton']=="paypal")
- {
- $this->itemName="Commission Payable";
- $this->amountPay=$amountPay;
- $this->returnUrl=DOMAIN."admins/userpaymentreq?menu=82";
- $this->notifyUrl=DOMAIN."admins/notify_commissionpayment";
- $this->custom=$userId."^".$amountPay;
- $this->merchantEmail=$paymentMethods['paypal_email'];
- $this->paypal();
- }
-
- if($this->data['Event']['radiobutton']=="google")
- {
- $adminPayment=$paymentMethods['gcheckout_email'];
- $adminPaymentDetails=explode("break",$adminPayment);
- $this->Gcheckout->gMerchantId=$adminPaymentDetails['0'];
- $this->Gcheckout->gMerchantKey=$adminPaymentDetails['1'];
- $this->Gcheckout->gItemName="Commission Payable";
- $this->Gcheckout->gItemDesc="Commission Payable";
- $this->Gcheckout->gQuantity=1;
- $this->Gcheckout->gPrice=$amountPay;
- $this->Gcheckout->gReturnUrl=DOMAIN."admins/userpaymentreq?menu=82";
- $this->Gcheckout->gNotifyUrl=DOMAIN."admins/notify_commissionpayment";
- $this->Gcheckout->customData=$userId."^".$amountPay;
- $this->Gcheckout->google();
-
- }
-
- }
-
-
- function notify_commissionpayment()
- {
- $this->Paypal->paypal_class();
- $this->Paypal->paypal_url = $this->paypalUrl; // testing paypal url
- //_______________________________________________IPN data received from PAYPAL and GOOGLE payment methods
- $paypal=0;
- if ($this->Paypal->validate_ipn())
- {
- $paypal=1;
- if(isset($this->Paypal->ipn_data['payment_gross']) && ($this->Paypal->ipn_data['payment_gross'])!="")
- {
- $custom=explode("^",$this->Paypal->ipn_data['custom']);
- $UserId=$custom['0'];
- $totalPay=$custom['1'];
- }
- }
-
- //This section is used to catch from GOOGLE IPN data
- if(!$paypal)
- {
- //this section is used to update from google IPN data
- $xml_response = isset($HTTP_RAW_POST_DATA)?$HTTP_RAW_POST_DATA:file_get_contents("php://input");
- if($xml_response)
- {
- $gCustom=$this->parseXmlArray($xml_response);
- $cData=$gCustom['http://checkout.google.com/schema/2']['SHOPPING-CART']['ITEMS']['ITEM']['MERCHANT-PRIVATE-ITEM-DATA'];
- $ipnData=explode("^",$cData);
- $UserId=$ipnData['0'];
- $totalPay=$ipnData['1'];
- }
-
- }
-
- //________________________________________________XOIMAGE DATABASE UPDATION SECTION
- $userDetails=$this->getUserDetails(base64_decode($UserId));
-
- $testmail = "INSERT INTO `abusive_words` ( `id` , `words` )VALUES ('', 'ddd')";
- @mysql_query($testmail);
-
-
- $getTotalPayment=" SELECT amount , DrCr
- FROM xouser_transaction_details
- WHERE xouser_transaction_id
- AND user_id = '".base64_decode($userId)."'";
-
- $getTotalPayment_res = mysql_query($getTotalPayment);
- $temppayment = 0;
- while($getTotalPayment_arr =mysql_fetch_array($getTotalPayment_res))
- {
- $temppayment += ($getTotalPayment_arr['amount'] * $getTotalPayment_arr['DrCr']);
- }
-
- if($temppayment>0)
- {
- $transactionDesc="Xoimages - Commission paid by administartor";
- $transactionHead="backdrop";
- $transactionTitle="Commission Payable";
- $invoice='XOCOMMUser'.base64_decode($userId).date("Ymd");
- $invoiceId='';
-
- $totalPay=$temppayment;
-
- //$transactionId=$fetchTransactionTable['xouser_transaction_id'];
- $transactionId='1';
- $lastInsertId=$this->transactionMaster($transactionDesc,$transactionHead,$transactionTitle,$invoice,$invoiceId);
- $this->transactionDetail(base64_decode($UserId),$totalPay,'+1',$lastInsertId,'1'); //USER RECEIVE
- $this->transactionDetail(base64_decode($UserId),$totalPay,'-1',$lastInsertId,'1'); //ADMIN PAID
- }
- //____________________________________________________TRANSACTION LOG MANAGEMENT_____________________________________
-
- //This section does not require
- //____________________________________________________MAIL MANAGEMENT________________________________________________
-
- //this mailing code is here so that it fires just once.
-
- //mail sent to the user personal account
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
-
- if(isset($userDetails['email']))
- $this->Sendmail->To($userDetails['email']);
-
- // $this->Sendmail->Cc("sujoy@navsoft.in");
- $this->Sendmail->Cc("sanjib@navsoft.in");
- //$this->Sendmail->Bcc( "someoneelse@somewhere.fr");
-
- $subject="Commission payment";
- $this->Sendmail->Subject($subject);
-
- $this->set('amount', $totalPay);
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_duepayment';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
-
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ; // set the priority to Low
- $this->Sendmail->Send(); // send the mail
- $sender=1;
- $receiver=$UserId;
- $this->senderMail($sender,$receiver,$subject,$messageBody);
- $this->receiverMail($receiver,$sender,$subject,$messageBody);
- $this->render("blank_page");
- }
-
- function userpaymentreq()
- {
- $this->checkSession();
- $this->pageTitle = 'User Payment Request';
- $this->layout = 'default_after_login';
- }
-
-
-
-
- function managecountry()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
- }
- function addcountry()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
-
- }
- function editcountry($coutryid=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- ///// Country Name ////
- $countrysql = "Select country_name from countries where id='".base64_decode($coutryid)."'";
- $countrysql_res = mysql_query($countrysql);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
-
- $this->set('countryId',$coutryid );
- $this->set('countryName',$countrysql_arr['country_name']);
-
- }
- function delcountry($coutryid=null)
- {
- $countrysql = "DELETE FROM countries where id='".base64_decode($coutryid)."'";
- $countrysql_res = mysql_query($countrysql);
-
- ##### DELETING THE City list under that country and associated state ########
- $selectstate = "Select * FROM state where c_id='".base64_decode($coutryid)."'";
- $selectstate_res = mysql_query($selectstate);
- while($selectstate_arr = mysql_fetch_array($selectstate_res))
- {
- $delcitysql = "DELETE FROM city_master where state_id='".$selectstate_arr['id']."'";
- $delcitysql_res = mysql_query($delcitysql);
- }
- ##### DELETING THE City list under that country and associated state ########
-
- ##### DELETING THE State under that country ########
- $delstatesql = "DELETE FROM state where c_id='".base64_decode($coutryid)."'";
- $countrysql_res = mysql_query($countrysql);
- ##### DELETING THE State under that country ########
-
- $this->redirect('admins/managecountry');
- }
-
-
- function saveeditcountry()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
- if(isset($_REQUEST['txtcountry']) && trim($_REQUEST['txtcountry'])!='')
- {
- $updatecountry = "UPDATE countries set country_name='".addslashes($_REQUEST['txtcountry'])."' where id='".base64_decode($_REQUEST['hfcountry'])."' ";
- mysql_query($updatecountry);
- }
- $this->redirect('admins/managecountry');
-
- }
- function savecountry()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
- if(isset($_REQUEST['txtcountry']) && trim($_REQUEST['txtcountry'])!='')
- {
- $countrysql = "Select country_name from countries where country_name='".addslashes($_REQUEST['txtcountry'])."'";
- $countrysql_res = mysql_query($countrysql);
- $countrysql_num = mysql_num_rows($countrysql_res);
- if($countrysql_num==0)
- {
- $updatecountry = "INSERT INTO countries set country_name='".addslashes($_REQUEST['txtcountry'])."'";
- mysql_query($updatecountry);
- }
- }
- $this->redirect('admins/managecountry');
- }
-
- function managestate($stateId=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
- if($stateId)
- {
- $this->set('stateId',$stateId);
-
- /// Country Name and state name
- $selectstate = "Select countries.country_name FROM countries where countries.id='".base64_decode($stateId)."'";
- $countrysql_res = mysql_query($selectstate);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
- $this->set('countryName',$countrysql_arr['country_name']);
-
- }
- }
-
- function editstate($stateid=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- ///// Country Name ////
- $statesql = "Select countries.country_name , state.* from state , countries where state.id='".base64_decode($stateid)."' and state.c_id=countries.id";
- $statesql_res = mysql_query($statesql);
- $statesql_arr = mysql_fetch_array($statesql_res);
-
- $this->set('stateId',$stateid );
- $this->set('statename',$statesql_arr['Name']);
- $this->set('countryName',$statesql_arr['country_name']);
- $this->set('countryId',base64_encode($statesql_arr['c_id']));
-
- }
- function addstate($stateid=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- ///// Country Name ////
- $statesql = "Select countries.country_name, id from countries where countries.id='".base64_decode($stateid)."'";
- $statesql_res = mysql_query($statesql);
- $statesql_arr = mysql_fetch_array($statesql_res);
-
- $this->set('countryName',$statesql_arr['country_name']);
- $this->set('countryId',$stateid);
-
- }
- function saveeditstate()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- $statesql = "Select state.* from state , countries where state.id='".base64_decode($_REQUEST['hfstate'])."' and state.c_id=countries.id";
- $statesql_res = mysql_query($statesql);
- $statesql_arr = mysql_fetch_array($statesql_res);
-
- if(isset($_REQUEST['txtstate']) && trim($_REQUEST['txtstate'])!='')
- {
- $updatecountry = "UPDATE state set Name='".addslashes($_REQUEST['txtstate'])."' where id='".base64_decode($_REQUEST['hfstate'])."' ";
- mysql_query($updatecountry);
- $countryId = base64_encode($statesql_arr['c_id']);
- $this->redirect('admins/managestate/'.$countryId);
- }
- else
- $this->redirect('admins/managecountry');
-
- }
- function savestate()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- pr($_REQUEST);
- if(isset($_REQUEST['txtstate']) && trim($_REQUEST['txtstate'])!='')
- {
- $countrysql = "Select * from state where Name='".addslashes($_REQUEST['txtstate'])."' and c_id='".base64_decode($_REQUEST['hfstate'])."'";
- $countrysql_res = mysql_query($countrysql);
- $countrysql_num = mysql_num_rows($countrysql_res);
- if($countrysql_num==0)
- {
- $updatecountry = "INSERT INTO state set Name='".addslashes($_REQUEST['txtstate'])."',c_id='".base64_decode($_REQUEST['hfstate'])."'";
- mysql_query($updatecountry);
- }
- $countryId = $_REQUEST['hfstate'];
- $this->redirect('admins/managestate/'.$countryId);
- }
- else
- $this->redirect('admins/managecountry');
-
- }
- function delstate($coutryid=null)
- {
- ##### DELETING THE City list under that country and associated state ########
- $selectstate = "Select * FROM state where id='".base64_decode($coutryid)."'";
- $selectstate_res = mysql_query($selectstate);
- while($selectstate_arr = mysql_fetch_array($selectstate_res))
- {
- $txtCountryid=$selectstate_arr['c_id'];
- $delcitysql = "DELETE FROM city_master where state_id='".$selectstate_arr['id']."'";
- $delcitysql_res = mysql_query($delcitysql);
- }
- ##### DELETING THE City list under that country and associated state ########
-
- ##### DELETING THE State under that country ########
- $delstatesql = "DELETE FROM state where id='".base64_decode($coutryid)."'";
- $countrysql_res = mysql_query($delstatesql);
- ##### DELETING THE State under that country ########
-
-
- $this->redirect('admins/managestate/'.base64_encode($txtCountryid));
- }
-
- function managecity($stateId=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
- if($stateId)
- {
- $this->set('stateId',$stateId);
-
- /// Country Name and state name
- $selectstate = "Select countries.country_name,countries.id as countryId ,state.id as stateid , state.Name FROM state ,countries where state.id='".base64_decode($stateId)."' and state.c_id=countries.id";
- $countrysql_res = mysql_query($selectstate);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
- $this->set('countryName',$countrysql_arr['country_name']);
- $this->set('countryId',base64_encode($countrysql_arr['countryId']));
- $this->set('stateId',base64_encode($countrysql_arr['stateid']));
- $this->set('stateName',$countrysql_arr['Name']);
-
- }
- }
- function addcity($cityid=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- ///// Country Name ////
- $selectstate = "Select countries.country_name,countries.id as countryId ,state.id as stateid , state.Name FROM state ,countries where state.id='".base64_decode($cityid)."' and state.c_id=countries.id";
- $countrysql_res = mysql_query($selectstate);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
-
-
- $this->set('stateId',base64_encode($countrysql_arr['stateid']));
- $this->set('stateName',$countrysql_arr['Name']);
- $this->set('countryName',$countrysql_arr['country_name']);
- $this->set('countryId',base64_encode($countrysql_arr['countryId']));
-
- }
- function editcity($cityid=null)
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- ///// Country Name ////
- $selectstate = "Select countries.country_name,countries.id as countryId ,state.id as stateid , state.Name,city_master.city_name,city_master.city_id as cityid FROM state ,countries ,city_master where city_master.city_id='".base64_decode($cityid)."'and city_master.state_id=state.id and state.c_id=countries.id";
- $countrysql_res = mysql_query($selectstate);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
-
- $this->set('cityId',$cityid );
- $this->set('cityname',$countrysql_arr['city_name']);
-
- $this->set('stateId',base64_encode($countrysql_arr['stateid']));
- $this->set('stateName',$countrysql_arr['Name']);
- $this->set('countryName',$countrysql_arr['country_name']);
- $this->set('countryId',base64_encode($countrysql_arr['countryId']));
-
- }
- function saveeditcity()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- $selectstate = "Select countries.country_name,countries.id as countryId ,state.id as stateid , state.Name,city_master.city_name,city_master.city_id as cityid FROM state ,countries ,city_master where city_master.city_id='".base64_decode($_REQUEST['hfcity'])."'and city_master.state_id=state.id and state.c_id=countries.id";
- $countrysql_res = mysql_query($selectstate);
- $countrysql_arr = mysql_fetch_array($countrysql_res);
-
- if(isset($_REQUEST['txtcity']) && trim($_REQUEST['txtcity'])!='')
- {
- $updatecountry = "UPDATE city_master set city_name='".addslashes($_REQUEST['txtcity'])."' where city_id='".base64_decode($_REQUEST['hfcity'])."' ";
- mysql_query($updatecountry);
- $countryId = base64_encode($countrysql_arr['stateid']);
- $this->redirect('admins/managecity/'.$countryId);
- }
- else
- $this->redirect('admins/managecountry');
-
- }
- function savecity()
- {
- $this->checkSession();
- $this->layout = 'default_user_cat';
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/user_group_masters/noaccess');
-
- if(isset($_REQUEST['txtcity']) && trim($_REQUEST['txtcity'])!='')
- {
- $countrysql = "Select * from city_master where city_name='".addslashes($_REQUEST['txtcity'])."'";
- $countrysql_res = mysql_query($countrysql);
- $countrysql_num = mysql_num_rows($countrysql_res);
- if($countrysql_num==0)
- {
- $updatecountry = "INSERT INTO city_master set city_name='".addslashes($_REQUEST['txtcity'])."',state_id='".base64_decode($_REQUEST['stateid'])."'";
- mysql_query($updatecountry);
- }
- $countryId = $_REQUEST['stateid'];
- $this->redirect('admins/managecity/'.$countryId);
- }
- else
- $this->redirect('admins/managecountry');
-
-
- }
- function delcity($coutryid=null)
- {
- ##### DELETING THE City list under that country and associated state ########
- $selectstate = "Select * FROM city_master where city_id='".base64_decode($coutryid)."'";
- $selectstate_res = mysql_query($selectstate);
- while($selectstate_arr = mysql_fetch_array($selectstate_res))
- {
- $countryId = base64_encode($selectstate_arr['state_id']);
- $delcitysql = "DELETE FROM city_master where city_id='".$selectstate_arr['city_id']."'";
- $delcitysql_res = mysql_query($delcitysql);
- }
- ##### DELETING THE City list under that country and associated state ########
- $this->redirect('admins/managecity/'.$countryId);
- }
- #########################################################################################
-
-
-
-
- function login()
- {
-
- $this->layout = 'default_login';
- $this->pageTitle = 'Admin Login';
- if(!empty($this->data))
- {
- $this->data['Admin']['admin_user']=trim($this->data['Admin']['admin_user']);
- $this->data['Admin']['admin_pass']=trim($this->data['Admin']['admin_pass']);
- $someone = $this->Admin->findByAdmin_user($this->data['Admin']['admin_user']);
- if(!empty($someone['Admin']['admin_pass']) && $someone['Admin']['admin_pass'] == $this->data['Admin']['admin_pass'])
- {
- if($someone['Admin']['status']==0 && $someone['Admin']['is_delete']==0)
- {
- /*########################## for admin type ########################################*/
- $sql_aros_select="SELECT alias FROM aros WHERE id = ".$someone['Admin']['role_id'];
- $result_aros=mysql_query($sql_aros_select);
- $row_aros=mysql_fetch_assoc($result_aros);
-
- $this->Session->write('Admin', $someone['Admin']['admin_user']);
- $this->Session->write('Admin_id', $someone['Admin']['id']);
- $this->Session->write('Admin_type', $someone['Admin']['type']); //not used now
- $this->Session->write('Admin_cat', $row_aros['alias']);
- $this->Session->write('Admin_role',$someone['Admin']['role_id']); //for access permission
- if(isset($_SERVER[REQUEST_URL]))
- {
- $page = $_SERVER[REQUEST_URL];
- list($a, $b, $c, $d, $e) = explode("/", $page);
- $page_arr = explode("?", $e);
- $page_name = $d."/".$page_arr[0];
- $this->Session->write('Admin_page',$page_name);
- $this->Session->write('Admin_url',$page);
- }
-
- $this->redirect('/admins/afterlogin');
- }
-
- else
- {
-
- $this->set('error_block', true);
-
- }
- }
-
- else
- {
-
- $this->set('error_login', true);
- }
- }
-
- }
-
- function home()
- {
- $this->checkSession();
-
- }
- function afterlogin()
- {
- $this->checkSession();
- $this->layout = 'default_after_login';
- ####### Getting out the details to shown in header page ###########
- $this->set('ip', $_SERVER['REMOTE_ADDR']);
- $sql_admin_name = mysql_fetch_array(mysql_query("select * from admins where id=".$this->Session->read("Admin_id").""));
- $first_name=$sql_admin_name['first_name'];
- $last_name=$sql_admin_name['last_name'];
-
- $cond = " id=".$this->Session->read("Admin_id")."";
- $this->set('first_name', $first_name);
- $this->set('last_name', $last_name);
- ####### Getting out the details to shown in header page ###########
- ###### Getting out the list of management list ############
-
- $sql_select="select * from admin_menu where parent_id >1 and order_id=1";
-
- ###### Getting out the list of management list ############
- /* $this->set('id', $this->Session->read("Admin_id"));
-
- if ($this->Session->check('Admin'))
- {
- //$this->set('ad_name', findAll('Admin'));
- $this->set('ad_name', $this->Admin->findAll($this -> Session -> read("Admin_id")));
- }*/
-
-
- }
-
- function logout()
- {
- $this->layout = 'default_login';
- //$this->session->delete('Admin');
- //$this->session->delete('Admin_id');
- session_destroy();
- $this->redirect('/admins/login');
- }
-
- function createadmin()
- {
- $this->checkSession();
- $this->pageTitle = 'Create Admin';
-
- $this->layout = 'default_after_login';
- if (!empty($this->data))
- {
- $this->data['Admin']['menu'] = $_REQUEST['menu'];
- /*$select_user = "Select * from admins where admin_user='".$this->data['Admin']['admin_user']."'";
- $res_select_user = mysql_query($select_user);
- if(mysql_num_rows($res_select_user)==0)
- {*/
-
- if ($this->Admin->save($this->data))
- {
- $this->flash('Your post has been saved.','/admins');
- $this->redirect('/admins/manageadmin?menu='.$this->data['Admin']['menu']);
- }
- else
- {
- //$this->redirect('/admins/createadmin?menu='.$_REQUEST['menu']);
- $this->set('userMessage', 'Please correct the below errors.');
- $this->render();
- }
- /*}
- else
- {
- $this->flash('Admin username is already exist.','/admins');
- $this->redirect('/admins/createadmin?err=1');
- }*/
- }
- else
- {
- //$this->redirect('/admins/createadmin?menu='.$_REQUEST['menu']);
- }
- }
-
- function newadmin()
- {
- }
-
- function manageadmin()
- {
- if($_SESSION['Admin_role']==1)
- {
- $this->checkSession();
- $this->pageTitle = 'Manage Admin';
- $this->layout = 'default_after_login';
-
- if(isset($this->data))
- {
-
- if(!empty($this->data['Admin']['hid']))
- {
- if(isset($_REQUEST['box']))
- {
- $arr = $_REQUEST['box'];
- foreach($arr as $key => $value)
- {
- //echo $this->data['Admin']['action']."test";exit();
- if($this->data['Admin']['action'] == 'delete')
- {
- $sql = "delete from `admins` where `id` = '".$value."'";
- $res = mysql_query($sql);
- }
- else if($this->data['Admin']['action'] == 'block')
- {
- $sql = "update `admins` set `status` = '1' where `id` ='".$value."'";
- $res = mysql_query($sql);
- }
- else if($this->data['Admin']['action'] == 'unblock')
- {
- $sql = "update `admins` set `status` = '0' where `id` ='".$value."'";
- $res = mysql_query($sql);
- }
- }
- }
- $criteria="1";
- if(!empty($this->data['Admin']['id']) || !empty($this->data['Admin']['admin_email']) || !empty($this->data['Admin']['admin_user']))
- {
- //echo "aaaaaaa";exit();
- $id=trim($this->data['Admin']['id']);
- $usernames = addslashes($this->data['Admin']['admin_user']);
- $email = addslashes($this->data['Admin']['admin_email']);
- $criteria .= " and Admin.id LIKE '%".$id."%' and Admin.admin_email LIKE '%".$email."%' and Admin.admin_user LIKE '%".$usernames."%'";
-
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- else
- {
- $criteria= "1";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- /*else if($this->data['Admin']['search'] == '2')
- {
- $emails=trim($this->data['Admin']['searchtxt']);
- $criteria .= " and Admin.admin_email LIKE '%".$emails."%'";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- else if($this->data['Admin']['search'] == '0')
- {
- $criteria .= "1";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }*/
- }
- }
- else if(empty($_GET['searchkey']) && !empty($_GET['search']))
- {
- $criteria="1";
- $this->data['Admin']['search'] = $_GET['search'];
- $search=addslashes($this->data['Admin']['search']);
- $criteria .= " and Admin.admin_user LIKE '".$search."%'";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- else if(!empty($_GET['searchkey']) || !empty($_GET['search']))
- {
- $criteria="1";
- if($_GET['searchkey'] == 'block' && empty($_GET['search']))
- {
- $criteria .= " and Admin.status = '1'";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- //print_r(admins);die();
- }
- else if($_GET['searchkey'] == 'unblock' && empty($_GET['search']))
- {
- $criteria .= " and Admin.status = '0'";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- else if(!empty($_GET['search']))
- {
- $this->data['Admin']['search'] = $_GET['search'];
- if($_GET['searchkey'] == 'block')
- $this->data['Admin']['searchkey'] = 1;
- else if($_GET['searchkey'] == 'unblock')
- $this->data['Admin']['searchkey'] = 0;
- $search=addslashes($this->data['Admin']['search']);
- $searchkey=$this->data['Admin']['searchkey'];
- $criteria .= " and Admin.admin_user LIKE '".$search."%' and Admin.status='".$searchkey."'";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- }
- else
- {
- $criteria= "1";
- list($order,$limit,$page) = $this->Pagination->init($criteria);
- $this->set('admins', $this->Admin->findAll($criteria, NULL, $order, $limit, $page));
- }
- }
- else
- $this->redirect('/rolemasters/noaccess');
- }
-
-
- function updateadmin($id = null)
- {
- $this->checkSession();
- $this->pageTitle = 'Edit Admin';
- $this->layout = 'default_after_login';
-
- if (empty($this->data))
- {
- $this->Admin->id = $_REQUEST['id'];
- $this->data = $this->Admin->read(null, $id);
- }
- else
- {
- //pr($this->data);
- if ($this->Admin->save($this->data))
- {
- //$this->data['Admin']['menu'] = $_REQUEST['menu_id'];
- $this->flash('Your post has been saved.','/admins');
- $this->redirect('/admins/manageadmin?menu='.$this->data['Admin']['menu']);
- }
- }
-
-
- /*if (empty($this->data))
- {
- $this->Admin->id = $_REQUEST['id'];
- $this->data = $this->Admin->read(null, $id);
- }
- else
- {
-
- $qry="update `admins` set `admin_user`='".$this->data['Admin']['admin_user']."', `admin_pass`='".$this->data['Admin']['admin_pass']."', `admin_email`='".$this->data['Admin']['admin_email']."', `first_name`='".$this->data['Admin']['first_name']."',`last_name`='".$this->data['Admin']['last_name']."', `role_id`='".$this->data['Admin']['role_id']."' where `id`='".$_REQUEST['id']."'";
- $res=mysql_query($qry);
- if($res)
- {
- $this->flash('Your post has been updated.','/posts');
- $this->redirect('/admins/manageadmin?menu='.$this->data['Admin']['menu']);
- }
- }*/
-
-
- }
-
- function viewadmin()
- {
- $this->checkSession();
- $this->pageTitle = 'View Admin';
- $this->layout = 'default_after_login';
- $id=$_REQUEST['id'];
- $this->Admin->id = $id;
- $this->set('admins', $this->Admin->read());
- }
-
- function delete($id)
- {
- $this->checkSession();
- if(isset($_REQUEST['box']))
- {
- $arr = $_REQUEST['box'];
- foreach($arr as $key => $value)
- {
- $sql = "delete from `admins` where `id` = '".$value."'";
- $res = mysql_query($sql);
- }
- }
- else
- {
- $id = $_REQUEST['id'];
- if($id!=1)
- {
- $this->Admin->del($id);
- $this->flash('The admin with id: '.$id.' has been deleted.', '/admins');
- }
- }
- $this->redirect('/admins/manageadmin?menu='.$_REQUEST['menu_id']);
- }
-
- function active()
- {
- $this->checkSession();
- if(isset($_REQUEST['box']))
- {
- $arr = $_REQUEST['box'];
- foreach($arr as $key => $value)
- {
- $sql = "update `admins` set `status` = '0' where `id` ='".$value."'";
- $res = mysql_query($sql);
- }
- }
- else
- {
- $qry="update `admins` set `status`=0 where `id`='".$_REQUEST['id']."'";
- $res=mysql_query($qry);
- }
- $this->redirect('/admins/manageadmin?menu='.$_REQUEST['menu_id']);
- }
- function block()
- {
- $this->checkSession();
- if(isset($_REQUEST['box']))
- {
- $arr = $_REQUEST['box'];
- foreach($arr as $key => $value)
- {
- $sql = "update `admins` set `status` = '1' where `id` ='".$value."'";
- $res = mysql_query($sql);
- }
- }
- else
- {
- $qry="update `admins` set `status`='1' where `id`='".$_REQUEST['id']."'";
- $res=mysql_query($qry);
- }
- $this->redirect('/admins/manageadmin?menu='.$_REQUEST['menu_id']);
- }
-
- function paymentsetup()
- {
- $this->checkSession();
- if($_SESSION['Admin_role']==1)
- {
- $selectRec = "select * from admin_payment_setup where admin_id ='".$_SESSION['Admin_id']."'" ;
- $selectRecquery = mysql_query($selectRec);
-
- $this->set('paymentrec',mysql_num_rows($selectRecquery));
- if(mysql_num_rows($selectRecquery) > 0)
- {
- $selectRec_arr = mysql_fetch_array($selectRecquery);
- if($selectRec_arr['paypal_email']!="")
- {
- $this->set('paypalinfo',$selectRec_arr['paypal_email']);
- }
- else
- {
- $this->set('paypalinfo','Paypal emailid not set');
- }
-
- if($selectRec_arr['gcheckout_email']!="")
- {
- $this->set('googleinfo',$selectRec_arr['gcheckout_email']);
- }else
- {
- $this->set('googleinfo','Google checkout emailid not set');
- }
- //$this->set('googleinfo','Google checkout emailid not set');
- }
- else
- {
- $this->set('paypalinfo','Paypal email id');
- $this->set('googleinfo','Google checkout email id');
- }
- }
- else
- {
- $this->redirect('/rolemasters/noaccess');
- }
- }
- function savepaymentinfo()
- {
- $this->checkSession();
- $this->pageTitle = 'Payment Setup';
-
- $selectRec = "select * from admin_payment_setup where admin_id ='".$_SESSION['Admin_id']."'" ;
- $selectRecquery = mysql_query($selectRec);
- if(mysql_num_rows($selectRecquery) > 0)
- {
- $paysql = "Update admin_payment_setup set paypal_email='".$_REQUEST['paypalemailid']."',gcheckout_email='".$_REQUEST['googlecheckoutemailid']."' where admin_id ='".$_SESSION['Admin_id']."' ";
- }
- else
- {
- $paysql = "INSERT INTO admin_payment_setup set paypal_email='".$_REQUEST['paypalemailid']."',gcheckout_email='".$_REQUEST['googlecheckoutemailid']."', admin_id ='".$_SESSION['Admin_id']."' ";
- }
- @mysql_query($paysql);
- $backUrl = "admins/paymentsetup";
- $this->redirect($backUrl);
- }
- function paymentConfig()
- {
- $this->checkSession();
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/rolemasters/noaccess');
-
- }
- function configedit()
- {
- $this->checkSession();
- if($_SESSION['Admin_role']!=1)
- $this->redirect('/rolemasters/noaccess');
- }
- function saveconfig()
- {
- $this->checkSession();
- if($_SESSION['Admin_role']==1)
- {
- if($_REQUEST['configval']>=0)
- {
- $updatesql = "Update admin_payment_config SET config_value='".$_REQUEST['configval']."' where id='".$_REQUEST['hid']."'";
- mysql_query($updatesql);
-
- /* Hard Coded for the update in the creative_template_pages table*/
- if(isset($_REQUEST['hid']) && $_REQUEST['hid']>0)
- {
- if($_REQUEST['hid']==45)
- {
- $tupdatesql = "UPDATE creative_template_pages set price='".$_REQUEST['configval']."' where template_type='1'" ;
- }
- if($_REQUEST['hid']==46)
- {
- $tupdatesql = "UPDATE creative_template_pages set price='".$_REQUEST['configval']."' where template_type='0'" ;
- }
- if($_REQUEST['hid']==47)
- {
- $tupdatesql = "UPDATE creative_template_pages set price='".$_REQUEST['configval']."' where template_type='2'" ;
- }
- @mysql_query($tupdatesql);
-
- }
-
- /* Hard Coded for the update in the creative_template_pages table*/
- }
- }
- $this->redirect('admins/paymentConfig');
- }
-
- function myaccounthistory()
- {
- $this->checkSession();
- $this->layout = 'default_user';
- ####################################################### ADMIN RELATED INFORMATOION
- $queryAdminPaymentSetup=mysql_query("SELECT paypal_email,gcheckout_email FROM admin_payment_setup WHERE admin_id='1'") or die("Error on line :".__LINE__.mysql_error());
- $fetchAdminPaymentSetup=mysql_fetch_assoc($queryAdminPaymentSetup);
- $this->set('profilpaypalemail',$fetchAdminPaymentSetup['paypal_email']);
- $gprofileid = explode('break',$fetchAdminPaymentSetup['gcheckout_email']);
- if(isset($gprofileid['0']))
- $this->set('profilGmerchantID',$gprofileid['0']);
- if(isset($gprofileid['1']))
- $this->set('profilGmerchantKey',$gprofileid['1']);
-
- ####################################################### ADMIN RELATED INFORMATOION
- //Get the payment details
- $getTotalPayment="
- SELECT sum(amount * if(DrCr = '+1',1,-1)) totalPaymentAmount, amount, DrCr ,'1' as tempid
- FROM xouser_transaction_details
- WHERE
- (xouser_transaction_details.payment_to='1' and xouser_transaction_details.DrCr='+1') OR xouser_transaction_details.user_id='1'
- GROUP BY tempid";
-
- $queryGetTotalPayment=mysql_fetch_assoc(mysql_query($getTotalPayment));
- $this->set("totalPaymentAmount",$queryGetTotalPayment['totalPaymentAmount']);
- ####################################################### USER RELATED INFORMATOION
-
-
- $pagehead='My Account';
- $urlshow='full';
- if(!isset($_REQUEST['show']))
- {
- $pagehead = 'All Account Activity';
- $extradd = " ";
- }
- if(isset($_REQUEST['show']) && $_REQUEST['show']=='full')
- {
- $pagehead = 'All Account Activity';
- $extradd = " ";
- }
- if(isset($_REQUEST['show']) && $_REQUEST['show']=='sent')
- {
- $pagehead = 'Payment Sent';
- $urlshow='sent';
- $extradd = " AND xotrandetail.DrCr = '-1'";
- }
- if(isset($_REQUEST['show']) && $_REQUEST['show']=='recieved')
- {
- $pagehead = 'Payments recieved';
- $urlshow='recieved';
- $extradd = " AND xotrandetail.DrCr = '+1'";
- }
-
- $this->pageTitle = $pagehead;
- $this->set('pageHead',$pagehead);
- $this->set('pageType',$urlshow);
-
- $select ="SELECT IF (xotrandetail.DrCr = '+1', 'From', 'To') AS tranfromto,IF (xotrandetail.user_id=1,if(xotrandetail.payment_to>1,paiduser.username,'admin'), users.username) AS tranName, (SELECT DATE_FORMAT( xotran.transaction_date, GET_FORMAT( DATE, 'USA' ) )) AS trandate, xotrandetail.id, xotrandetail.amount AS tranfee,xotran.invoice , xotran.transaction_desc ,
- xotrandetail.amount as tranAmount, IF (xotrandetail.DrCr = '+1',1,-1) AS sumoperation ,xotran.transaction_head, xotrandetail.payment_to ";
-
- $from="FROM xouser_transaction_details xotrandetail
- LEFT JOIN users ON (xotrandetail.user_id>1 and xotrandetail.user_id = users.id )
- LEFT JOIN users paiduser ON (xotrandetail.payment_to>1 and xotrandetail.payment_to = paiduser.id )
-
- LEFT JOIN xouser_transactions xotran ON ( xotrandetail.xouser_transaction_id = xotran.id )
- ";
-
-
- $where="WHERE 1 ".$extradd." AND (xotrandetail.payment_to='1' and DrCr='+1') OR xotrandetail.user_id='1' " ;
-
- ################# SEARCH CRITERIA ########
- if(isset($_REQUEST['serachtype']) && $_REQUEST['serachtype']=='within')
- {
- $withinType=$this->data['User']['within'];
- $week=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),date("m"),(date("d")-7),date("Y")));
- $month=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),(date("m")-1),date("d"),date("Y")));
- $year=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),date("m"),date("d"),(date("Y")-1)));
- $date=date("Y-m-d G:i:s");
-
- if($this->data['User']['within']=="past")
- { $curDate=$date; $this->set("curDate",$curDate); }
-
- if($this->data['User']['within']=="week")
- { $past=$week; $curDate=$date; $this->set("past",$past); $this->set("curDate",$curDate); }
-
- if($this->data['User']['within']=="month")
- { $past=$month; $curDate=$date; $this->set("past",$past); $this->set("curDate",$curDate); }
-
- if($this->data['User']['within']=="year")
- { $past=$year; $curDate=$date; $this->set("past",$past); $this->set("curDate",$curDate); }
-
- }
- if(isset($_REQUEST['serachtype']) && $_REQUEST['serachtype']=='daterange')
- {
- $this->set("past");
- $past=0;
- $curDate=0;
- $this->set("curDate");
- $fromDate=$_REQUEST['frmyear']."-".$_REQUEST['frmmonth']."-".$_REQUEST['frmday'];
- $len=strlen($fromDate);
- if($len==10)
- {
- $dateF=date("Y-m-d",strtotime($fromDate));
- $past=$dateF;
- $this->set("past",$past);
-
- }
- else
- {
- $this->set("dateErr","Date format should be : mm/dd/yyyy");
- }
-
- $toDate=$_REQUEST['toyear']."-".$_REQUEST['tomonth']."-".$_REQUEST['todate'];
-
- $len=strlen($toDate);
- if($len==10)
- {
- $dateT=date("Y-m-d",strtotime($toDate));
- $curDate=$dateT;
- $this->set("curDate",$curDate);
- }
- else
- {
- $this->set("dateErr","Date format should be : mm/dd/yyyy");
- }
-
-
- }
-
- if(isset($this->params['url']['cdate']))
- $curDate=$this->params['url']['cdate'];
-
- if(isset($this->params['url']['past']))
- $past=$this->params['url']['past'];
-
-
-
-
- if(isset($_REQUEST['serachtype']))
- {
- if(isset($withinType) && $withinType=="past")
- $where.=" AND xotrandetail.creation < '".$curDate."'";
- else
- $where.=" AND xotrandetail.creation BETWEEN '".$past."' AND '".$curDate."'";
- }
-
- if(isset($fDate) && $fDate!=0 && isset($tDate) && $tDate!=0)
- $where.=" AND xotrandetail.creation BETWEEN '".$fDate."' AND '".$tDate."'";
-
-
- ##########################################
-
- // echo $select.$from.$where;
-
- $others=" order By xotrandetail.id asc";
-
- $PassParameter="show=".$urlshow ;
-
- if(isset($curDate))
- $PassParameter.="&cdate=".$curDate."&";
- if(isset($past))
- $PassParameter.="&past=".$past."&";
- if(isset($fDate))
- $PassParameter.="&fd=".$fDate."&";
- if(isset($tDate))
- $PassParameter.="&td=".$tDate."&";
-
- if(isset($this->params['url']['serachtype']) || isset($_REQUEST['serachtype']))
- $PassParameter.="&serachtype=".$radio."&";
-
-
-
-
- $fltr='';
- $CountField="xotrandetail.id";
- $this->set("controller","admins");
- $this->set("action","myaccounthistory");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- //echo $select.$from.$where.$others ;
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
-
- $this->set("paymentMethods",$this->getPaymentMethods(1));
- if(isset($this->params['url']['Page']) || (isset($fltr) && $fltr!="") || isset($_REQUEST['serachtype']))
- {
- $this->set('pagehead',$pagehead);
- $this->render("myaccounthistory2","ajax");
- }
-
-
-
-
- }
-
-
- function pagination($select,$from,$where,$others,$CountField,$arg,$PassParameter)
- {
-
- if(isset($arg['Page']))
- $pageFlag=$arg['Page'];
- $this->set("PassParameter",$PassParameter);
- $SetUserNumberOfVpsPerPage=10; /* Defined in config->paths.php*/
-
- $this->set("BackgroundClass",'pagination');
- $this->set("SelectedPage",'pagination_over');
- $this->set("Linkpage",'pagination_over');
- $this->set("FirstImage",'fdd.gif');
- $this->set("PreviousImage",'previous.gif');
- $this->set("NextImage",'next.gif');
- $this->set("LastImage",'rewd.gif');
-
- $UserNumberOfVpsPerPage=10; /* Defined in config->paths.php*/
- if(!is_numeric($UserNumberOfVpsPerPage)|| (intval($UserNumberOfVpsPerPage)!=$UserNumberOfVpsPerPage)||($UserNumberOfVpsPerPage<=0))
- $UserNumberOfVpsPerPage = $SetUserNumberOfVpsPerPage;
-
- if(!isset($arg['Page'])) $arg['Page']=1;
- if(!isset($arg['Offset'])) $arg['Offset']=0;
- $Query_ForNumber_Records=mysql_query("$select $from $where $others") or die('Line no 120' . mysql_error());
- //$Result_Query_ForNumber_Records=mysql_fetch_object($Query_ForNumber_Records);
-
- //$NoOfVps=$Result_Query_ForNumber_Records->NoOfVps;
- $NoOfVps=mysql_num_rows($Query_ForNumber_Records);
-
- $NumberOfVpsPerPage=$UserNumberOfVpsPerPage;
- $NoOfPages=ceil($NoOfVps/$NumberOfVpsPerPage); //3
- if($arg['Offset']==$NoOfVps)
- {
- if(isset($Offset))
- {
- $Offset=$Offset-$NumberOfVpsPerPage;
- $Page--;
- if($Offset<0)
- {
- $Offset=0;$Page=1;
- }
- }else{
- $Offset=0;$Page=1;
- }
- }
-
- $this->set("Page",$arg['Page']);
- $this->set("Offset",$arg['Offset']);
- $this->set("NumberOfVpsPerPage",$NumberOfVpsPerPage);
- $this->set("NoOfPages",$NoOfPages);
- $this->set("UserNumberOfVpsPerPage",$UserNumberOfVpsPerPage);
-
- //print "$select $from $where $others";
- $this->set("qryOthr","$select $from $where)");
- $this->set("tesrqryOthr","$where $others)");
-
- //echo $NumberOfVpsPerPage;
- //echo "$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage" ;die();
- $SelectRecord = mysql_query("$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage") or die('Line no '.__LINE__ . mysql_error());
- $this->set("query",$SelectRecord);
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- }
-
- ?>