Sid Gifari From Gifari Industries - BD Cyber Security Team
Home
/
home
/
airmobeuag
/
2020
/
commande_v2
/
✏️
Editing: gestion.lib.php
<?php /* Class pour commande V2 26/11/2019 */ //echo "<h1>=>ClassCdeV2 CB en TEST</h1>CODE:STRIPE remplacer lk_ sk_"; Class ClassCdeV2 { public function __construct() { $this->EtapeParam = [ ['nom'=>'Zero !' ,'titre'=>''], ['nom'=>'offre' ,'titre'=>'Je choisis mon offre'], ['nom'=>'options' ,'titre'=>''], ['nom'=>'mesinfos' ,'titre'=>'Mes informations'], ['nom'=>'infosste' ,'titre'=>"Informations sur l'entreprise"], ['nom'=>'paiement' ,'titre'=>"Je paie et j'ouvre ma ligne"], ]; $this->Operateurs = ['BOU'=>'Bouygues Telecom','ORG'=>'Orange','SFR'=>'SFR','MEI'=>'Le meilleur réseau à mon adresse']; } public function CnxDBaseSQL() { if ($_SERVER['REMOTE_ADDR'] == "127.0.0.1") { $connexion = mysqli_connect("127.0.0.1", "root", "") or die ("could not connect to mysql"); mysqli_select_db($connexion, "airmob") or die ("no database"); } else { // $connexion = mysqli_connect("airmobeuagweb.mysql.db", "airmobeuagweb", "5345fhjthk875HJzzs112") or die ("could not connect to mysql"); $connexion = mysqli_connect("airmobeuagwwwnew.mysql.db", "airmobeuagwwwnew", "8iH9MEjfVySL5q7YWkywKA") or die ("could not connect to mysql"); mysqli_select_db($connexion, "airmobeuagwwwnew") or die ("no database"); } return $connexion; } // Cherche le nouveau N° de bdc public function NoBDC () { $QF = mysqli_query($this->CnxDBaseSQL(), "SELECT nobdc FROM commandes_v2 WHERE nobdc LIKE 'BC%' ORDER BY nobdc DESC LIMIT 1"); $Col = mysqli_fetch_array($QF, MYSQLI_ASSOC); $NewNo = substr($Col['nobdc'],-5)+1; $XDigit = "5"; // 5 digit // BC2020020500003 return "BC".date('Ymd').str_repeat("0", abs(strlen($NewNo)-$XDigit) ).$NewNo; } public function AfficheSuiviEtape() { $Etapecourante = $_SESSION['AIRCMDV2']['etape']; include ("./form/step.php"); if($Etapecourante=="1" && $_REQUEST['type']=="i") $Titre ="Commandez votre solution internet"; elseif($Etapecourante=="1" && $_REQUEST['type']=="t") $Titre ="Commandez votre solution de téléphonie"; else $Titre=$this->EtapeParam[$Etapecourante]['titre']; echo "<h1 class='Taille14' id='' style='text-align:center; color:#245ba5;'>".$Titre."</h1>"; echo "<br>"; } /* Affiche etape */ public function AfficheFormEtape() { $Etapecourante = $_SESSION['AIRCMDV2']['etape']; $NomForm = $this->EtapeParam[$Etapecourante]['nom']; include ("./form/".$NomForm.".php"); } /* Enregistre les choix utilisateurs */ public function PostForm() { $Etapecourante = $_SESSION['AIRCMDV2']['etape']; $Type = $_SESSION['AIRCMDV2']['type']; // DEBUG : affichage // echo "$Etapecourante / <pre>"; print_r($_REQUEST); echo "</pre>"; // Valide ADD + SUIVANT if( $_REQUEST['btn_suivant'] or $_REQUEST['btn_add'] or $_REQUEST['btn_continuer'] ) { // ---------------------------- // Validation de ma 1ere etape // ---------------------------- if( !@$_SESSION['AIRCMDV2']['Cde_debut'] ) { $_SESSION['AIRCMDV2']['idunique'] = uniqid(); $_SESSION['AIRCMDV2']['Cde_debut'] = date("Y-m-d H:i:s", mktime(date("H") + 1, date("i"), date("s"), date("m"), date("d"), date("Y")));; $Q_INSERT = "INSERT INTO commandes_v2 (idunique, creation ) VALUES ('".$_SESSION['AIRCMDV2']['idunique']."','".date('Y-m-d H:i:s')."') "; $QUERY = mysqli_query ($this->CnxDBaseSQL() , $Q_INSERT); // echo mysqli_error($this->CnxDBaseSQL()); } // $NomProduit = $_SESSION['AIRCMDV2']['NomProduits'][$_REQUEST['p']]['nom']; // Si ADD enregistre if( $_REQUEST['btn_add']) { // echo "<h1>ADD</h1>"; $EtapeSave = $Etapecourante ; // Maintient la valeur de l etape $newKey = max(array_keys( $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave] ))+1;; $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$newKey]=['id' => $_REQUEST['p'],'confirme'=>'OK'] ; } elseif( $_REQUEST['btn_continuer']) { $EtapeSave = $Etapecourante+1 ; // Maintient la valeur de l etape } // Si SUIVANT else { $EtapeSave = $Etapecourante - 1; // Etape suivante donc enreg. sur l etape precedente } // Enreg. // echo "<h1>POST ($EtapeSave)</h1>"; foreach ($_REQUEST as $NomChamp => $Val) { list($none,$prod,$cde) = explode ('_',$NomChamp); // Conserve les choix de l utilisateur if($none=="Choix") { if($prod=="DATA") $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['id'] = $Val; if($prod=="OPE" ) $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['operateur'] = $Val; if($prod=="TEL" ) $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['tel'] = $Val; if($prod=="OPT1") $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['id'] = $Val; if($prod=="OPT2") $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['id'] = $Val; if($prod=="ABO" ) $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['abo'] = $Val; $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['confirme'] = "OK"; } else if($none=="Porta") { if($prod=="RIO" ) $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['rio'] = $Val; if($prod=="NUM" ) $_SESSION['AIRCMDV2']['Commande'][$Type][$EtapeSave][$cde]['numero'] = $Val; } else if ($none=="form") { $_SESSION['AIRCMDV2']['Commande']['Utilisateur'][$prod] = $Val; } } // Enregistre en MySQL $this->EnregCmd(); if( $_REQUEST['btn_continuer']) { if($_REQUEST['type']=="i") { //header('Location:http://2020.airmob.eu/telephonie-commander/'); echo "<script>top.window.location = 'https://airmob.net/telephonie-commander/'</script>"; die; } if($_REQUEST['type']=="t") { echo "<script>top.window.location = 'https://airmob.net/internet-commander/'</script>"; //header('Location:http://2020.airmob.eu/internet-commander/'); } // } } } // Enregistre les infos au fur et à mesure des étapes public function EnregCmd(){ // Articles $CmdArray = $this->FormatCmd(); // Détail Cmd $CmdJson = json_encode($CmdArray); // Montant Cmd $Ht = $CmdArray['total_rec']+$CmdArray['total_fas']; $Tva = ($Ht*20)/100; $Ttc = $Ht+$Tva; // Ajoute 2 chmaps à la requete $UPDATE[] = "detail_cmd='".$CmdJson."'"; //$UPDATE[] = "montant='$Ttc'"; $UPDATE[] = "montant='".$_SESSION['AIRCMDV2']['TotalCmd']."'"; // Creation de la requete foreach ($_SESSION['AIRCMDV2']['Commande']['Utilisateur'] as $Champ => $Valeur) { $UPDATE[] = $Champ."='".addslashes($Valeur)."'"; } // Enregsitre le code promo if($_SESSION['AIRCMDV2']['CodePROMO']) { $UPDATE[] = "code_promo='".$_SESSION['AIRCMDV2']['CodePROMO']['nom']."=".$_SESSION['AIRCMDV2']['CodePROMO']['remise']."'"; } else { $UPDATE[] = "code_promo=''"; } // Enregsitrement permament $Q_UPDATE = "UPDATE commandes_v2 SET ".join(',',$UPDATE) ."WHERE idunique='".$_SESSION['AIRCMDV2']['idunique']."'"; $QUERY = mysqli_query ($this->CnxDBaseSQL() , $Q_UPDATE); //cho mysqli_error($this->CnxDBaseSQL()); } // STRIPE enregistre le paiement OK ou KO public function PaiementCmd($Msg,$RetourAPI , $nobdc) { error_reporting(E_ALL); ini_set("display_errors", 0); // Evite l ecrassement if ($_SESSION['AIRCMDV2']['idunique']) { $Q_UPDATE = "UPDATE commandes_v2 SET nobdc='".$nobdc."',code_promo='". $RetourAPI->description."',msg='" . $Msg . "',paiement='" . date('Y-m-d H:i:s') . "' WHERE idunique='" . $_SESSION['AIRCMDV2']['idunique'] . "'"; $QUERY = mysqli_query($this->CnxDBaseSQL(), $Q_UPDATE); unset( $_SESSION['AIRCMDV2']); // Vide la commande } } // NEW Valide la commande depuis le webhook public function PaiementCmdCB($idunique , $Msg , $codepromo , $nobdc) { // Info du BDC $QF = mysqli_query($this->CnxDBaseSQL(), "SELECT * FROM commandes_v2 WHERE idu='".$idunique."'"); $Bdc = mysqli_fetch_array($QF, MYSQLI_ASSOC); // Ne remplace pas si dej aun paiement ok if($Bdc['paiement']!='paiement_ok') { $Q_UPDATE = "UPDATE commandes_v2 SET nobdc='" . $nobdc . "',code_promo='" . $codepromo . "',msg='" . $Msg . "',paiement='" . date('Y-m-d H:i:s') . "' WHERE idunique='" . $idunique . "'"; $QUERY = mysqli_query($this->CnxDBaseSQL(), $Q_UPDATE); } } // Recapitule la commande après paiement public function RecapituleCmd( $id ) { $cnx = $this->CnxDBaseSQL(); $QF = mysqli_query($cnx, "SELECT * FROM commandes_v2 WHERE nobdc='$id' or idunique='$id'"); $Col = mysqli_fetch_array($QF, MYSQLI_ASSOC); echo "<hr><br>"; if ($Col['nobdc']) echo "N°de commande : ".$Col['nobdc']; else echo "N°de transaction : ".$Col['idunique']; echo "<br>"; echo "Montant TTC : ". number_format($Col['montant'], 2, ',', ' ')." euros"; } // Format la commande public function FormatCmd() { $ArrType = ['i'=>'Internet','t'=>'Telephonie','f'=>'Fibre']; // Internet, Telephonie foreach($ArrType as $TypedeCommande=>$NomType) { $MyCmd =[]; foreach ($_SESSION['AIRCMDV2']['Commande'][$TypedeCommande] as $Etape => $Cmd) { foreach ($Cmd as $K => $Dtl) { if($Dtl['qte']) $qte = $Dtl['qte']; else $qte = "1"; if ($Dtl['id']) { $NomProduit = utf8_encode($_SESSION['AIRCMDV2']['NomProduits'][$Dtl['id']]['nom']); $Rec = $_SESSION['AIRCMDV2']['NomProduits'][$Dtl['id']]['rec']*$qte; $Total_Rec += $Rec; $Fas = $_SESSION['AIRCMDV2']['NomProduits'][$Dtl['id']]['fas']*$qte; $Total_Fas += $Fas; if ($Etape == 1) $MyCmd[] = ['Type' => $NomType, 'ctg'=>'offre' , 'idart' => $Dtl['id'] , 'nom'=>$NomProduit,'rec'=>$Rec,'fas'=>$Fas,'tel' => $Dtl['tel'],'ope' => $Dtl['operateur'], 'num' => $Dtl['numero'], 'rio' => $Dtl['rio'],'abo'=>$Dtl['abo'] ]; if ($Etape == 2) $MyCmd[] = ['Type' => $NomType, 'ctg'=>'option' , 'idart' => $Dtl['id'] , 'nom'=>$NomProduit,'rec'=>$Rec,'fas'=>$Fas,'qte'=>$Dtl['qte'] ]; } } $MyCmdALL[$TypedeCommande] = $MyCmd; } } return ['dtl_cmd'=>$MyCmdALL,'total_rec'=>$Total_Rec,'total_fas'=>$Total_Fas]; } // Charge les produits public function ListeProduits( $select_arr ) { // Extrait les articles sélectionnés if( is_array($select_arr) ) { foreach($select_arr as $Chp) { $W[] = "offre ='$Chp'"; } $WHERE = join (' or ', $W); } // Query $cnx = $this->CnxDBaseSQL(); $Lst = mysqli_query($cnx, "SELECT * FROM offres WHERE $WHERE ORDER BY id ") or die(mysqli_error()); while ($Detail = mysqli_fetch_array($Lst, MYSQLI_ASSOC)) { $_SESSION['AIRCMDV2']['LstProduits'][$Detail['offre']][$Detail['id']] = $Detail; $_SESSION['AIRCMDV2']['NomProduits'][$Detail['id']] = $Detail; } } // Etape version Mobile public function StepMobile() { $NoEtape = $_SESSION['AIRCMDV2']['etape']; ${'active'.$NoEtape}='is-active' ; ${'bold'.$NoEtape}='bold; border-bottom:2px solid #235BA5' ; if(!$bold1 && !$bold2 && !$bold3 && !$bold4) $bold5="bold; color :#000;"; echo " <div id=\"container\" style=\"border:0px;\"> <div id=\"content\" style=\"width:650px\"> <br /><br /> <ul class=\"list-unstyled multi-steps\" > <li class=\"$active1 \">Mon offre</li> <li class=\"$active2\">Mes options</li> <li class=\"$active3\">Mes informations</li> <li class=\"$active4\">Mon entreprise</li> <li class=\"$active5\">Paiement</li> </ul> </div> </div> "; } // Declenche la ligne etape public function Step() { $NoEtape = $_SESSION['AIRCMDV2']['etape']; ${'active'.$NoEtape}='is-active' ; echo " <div lass='container-fluid col-md-12'> <br /><br /> <ul class=\"list-unstyled multi-steps\" > <li class=\"$active1 \">Mon offre</li> <li class=\"$active2\">Mes options</li> <li class=\"$active3\">Mes informations</li> <li class=\"$active4\">Mon entreprise</li> <li class=\"$active5\">Paiement</li> </ul> </div>"; } public function Surv() { $cnx = $this->CnxDBaseSQL(); $QW = mysqli_query($cnx, "SELECT * FROM commandes_v2 WHERE nobdc<>'' ORDER BY id desc LIMIT 20"); while ($ColC = mysqli_fetch_array( $QW,MYSQLI_ASSOC )) { $MyGest[$ColC['nobdc']] = $ColC; } return $MyGest; } // Connexion à l API STRIPE public function APIStripe( $Array ) { $this->action = $Array['action']; $this->data = $Array['data']; // CODE:STRIPE // $CodeAPIStripe = "sk_test_wtOLZRJRmrRm5va5cDWUKeNl"; // AIRMOB TEST $CodeAPIStripe = "sk_live_jmMEEsrBrru0qcmySOPhViz1"; // AIRMOB Prod $ch = curl_init(); curl_setopt_array($ch, [ CURLOPT_URL => "https://api.stripe.com/v1/".$this->action, CURLOPT_RETURNTRANSFER => true, CURLOPT_USERPWD => $CodeAPIStripe, CURLOPT_HTTPAUTH => CURLAUTH_BASIC ]); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($this->data)); $response = json_decode(curl_exec($ch)); return $response; curl_close($ch); } function MyCurl_APIZOHO_V2( $Param ) { // Compte les appels à ZOHO ob_start(); echo "<PRE>"; print_r($Param); echo "</PRE>"; $buffer = ob_get_contents(); ob_end_clean(); /* $fpW = fopen("./xml/compte_api.zoho.".date('m').".txt", "a+"); fwrite($fpW, "MyCurl_APIZOHO_V2 :: ".date('Y-m-d H:i:s')." :: ".$buffer."\n"); fclose($fpW); */ //$this->Compte_CallApiZoho( "R2D2\MyCurl_APIZOHO_V2", $Param) ; $mycurl = curl_init(); curl_setopt_array($mycurl, array( CURLOPT_URL => $Param['url'], CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT'], CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_CUSTOMREQUEST => $Param['method'], CURLOPT_HTTPHEADER => array(), CURLOPT_SSL_VERIFYPEER => false, CURLOPT_HEADER => true, )); // CURLOPT_POSTFIELDS => $Param['body'], if( key_exists('body',$Param) ) curl_setopt($mycurl, CURLOPT_POSTFIELDS, $Param['body']); // Si Header if( is_array($Param['header']) ) curl_setopt($mycurl, CURLOPT_HTTPHEADER, $Param['header']); $result = curl_exec($mycurl); $err = curl_error($mycurl); // Scinde HEADER & REPONSE list($header, $reponse) = explode("\r\n\r\n", $result, 2); //$reponse = json_decode($reponse,TRUE); curl_close($mycurl); return $reponse; } // Liste les commandes public function ListeCmds() { $cnx = $this->CnxDBaseSQL(); $QW = mysqli_query($cnx, "SELECT * FROM commandes_v2 WHERE paiement LIKE '".date('Y-m-d')."%' && msg='paiement_ok' "); while ($Col = mysqli_fetch_array( $QW,MYSQLI_ASSOC )) { $Liste[] = $Col; } return $Liste; } // INSERT la commande public function InsertCmd($idunique) { $cnx = $this->CnxDBaseSQL(); $INSERT = mysqli_query ($cnx , "INSERT INTO zoho_factures (idunique) VALUE ('".$idunique."')"); $error = mysqli_error($cnx); if ($error) return $error; else return "OK"; } // UPDATE la commande public function UpdateCmd( $query ) { $cnx = $this->CnxDBaseSQL(); $UPDATE = mysqli_query ($cnx , $query); $error = mysqli_error($cnx); if ($error) return $error; else return "OK"; } // Etat du traitement ZOHO public function ZohoTraitement( $idunique ) { $cnx = $this->CnxDBaseSQL(); $QF = mysqli_query($cnx, "SELECT * FROM zoho_factures WHERE idunique='$idunique'"); $Col = mysqli_fetch_array($QF, MYSQLI_ASSOC); $Traitement = $Col; return $Traitement; } // Cherche la référence ZOHO de l article public function ZohoReference( $idart ) { $cnx = $this->CnxDBaseSQL(); $QF = mysqli_query($cnx, "SELECT * FROM offres WHERE id='$idart'"); $Col = mysqli_fetch_array($QF, MYSQLI_ASSOC); return $Col; } // Rapport d'etat sur la création de facture public function CRFactures() { $cnx = $this->CnxDBaseSQL(); // LMiste les factures du jour $QW = mysqli_query($cnx, "SELECT * FROM commandes_v2 WHERE paiement LIKE '".date('Y-m-d')."%' && msg='paiement_ok' "); while ($Col = mysqli_fetch_array( $QW,MYSQLI_ASSOC )) { $Liste[$Col['idunique']] = $Col; } foreach($Liste as $idu=>$dtl) { $ret = $this->ZohoTraitement($idu); if($ret['zoho_idclient']=="ERR" || $ret['zoho_nofacture']=="ERR") { $ERR_Mel[] = $ret; } } if(count($ERR_Mel)>0) { ob_start(); echo "<PRE>"; print_r($ERR_Mel); echo "</PRE>"; $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; $emailweb ="luc2@bvcs.fr"; mail("$emailweb","[AIRMOB/CDEV2] ERREUR",$buffer,"From: $emailweb\nX-Mailer: $emailweb\nReply-To: $emailweb\nX-Mailer: PHP"); } /* */ return $Liste; } } ?>
💾 Save
❌ Cancel
