| Server IP : 103.6.199.200 / Your IP : 3.144.90.236 Web Server : Microsoft-IIS/10.0 System : Windows NT EMPUSA 10.0 build 20348 (Windows Server 2016) i586 User : EMPUSA$ ( 0) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/Domains/cenxusco/hlb.cenxus.com/wwwroot/ |
Upload File : |
<?php
date_default_timezone_set("Asia/Kuala_Lumpur");
if ( get_magic_quotes_gpc() ) {
function _stripslashes_rcurs( $variable, $top = true ) {
$clean_data = array();
foreach ( $variable as $key => $value ) {
$key = ($top) ? $key : stripslashes($key);
$clean_data[$key] = (is_array($value)) ? _stripslashes_rcurs($value, false) : stripslashes($value);
}
return $clean_data;
}
$_GET = _stripslashes_rcurs($_GET);
$_POST = _stripslashes_rcurs($_POST);
$_REQUEST = _stripslashes_rcurs($_REQUEST);
$_COOKIE = _stripslashes_rcurs($_COOKIE);
}
require_once('database.php');
require_once('functions.php');
if(isset($_SERVER['HTTP_REFERER'])) {
$selfurl = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
}
/* ! Submit */
if ( $selfurl == $_SERVER['HTTP_HOST'] && $_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['action'] == 'submit' ) {
$code = $_POST['code'];
$result['expensive'] = false;
$stmt = $db_conn->prepare('SELECT * FROM `unique_codes` WHERE `code`=:CODE');
$stmt->execute( array( ':CODE' => $code ) );
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ( is_numeric($row['rid']) && $row['code'] != '' && $row['value'] != '' ) {
$result['code'] = $row['code'];
if ( $row['status'] == '1' ) {
$result['feedback'] = 'Active';
$result['expensive'] = ( $row['value'] == 'RM700' ) ? true: false;
} else if ( $row['status'] == '2' ) {
$result['feedback'] = 'Used';
} else {
$result['feedback'] = 'Inactive';
}
} else {
$result['code'] = '';
$result['feedback'] = 'Inactive';
}
$result['result'] = true;
echo json_encode($result);
exit;
}
/* ! Spin */
if ( $selfurl == $_SERVER['HTTP_HOST'] && $_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['action'] == 'spin' ) {
$code = $_POST['code'];
$stmt = $db_conn->prepare('SELECT * FROM `unique_codes` WHERE `code`=:CODE AND `status` = \'1\'');
$stmt->execute( array( ':CODE' => $code ) );
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ( is_numeric($row['rid']) && $row['code'] != '' && $row['value'] != '' ) {
$action['action'] = 'update';
$action['parameters'] = "`code` = '" . $code . "'";
$data['status'] = '2';
$data['modified_date'] = 'UTC_TIMESTAMP()';
$action['data'] = $data;
$action['table'] = 'unique_codes';
$result = pdo_perform( $action );
if($result['result'] == true){
$result['value'] = $row['value'];
}
} else {
$result['value'] = '';
}
$result['result'] = true;
echo json_encode($result);
exit;
}
/* ! Notification */
if ( $selfurl == $_SERVER['HTTP_HOST'] && $_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['action'] == 'notification' ) {
$code = $_POST['code'];
$stmt = $db_conn->prepare('SELECT * FROM `unique_codes` WHERE `code`=:CODE AND `status` = \'2\'');
$stmt->execute( array( ':CODE' => $code ) );
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ( is_numeric($row['rid']) && $row['code'] != '' && $row['value'] != '' ) {
$date = date('Y-m-d H:i:s',strtotime('+8 hour', strtotime($row['modified_date'])));
$sendMail['from'] = array( "cenxusclient@gmail.com" => "Admin Notification" );
$sendMail['to'] = array( "jiancheng@cenxus.com" );
$sendMail['subject'] = 'Admin Notification "HLB Wallet (Spin & Win)"';
$sendMail['format'] = 'text/html';
$sendMail['html_message'] = '
<html>
<head>
<title>HLB Wallet (Spin & Win)</title>
</head>
<body>
<p><b>Date :</b> '. $date . '</p>
<p><b>Code :</b> '. htmlentities($row['code']) .'
<p><b>Value :</b> '. htmlentities($row['value']) .'
</body>
</html>
';
if ( email($sendMail) ) {
$result['result'] = true;
} else { //!email found!
$result['result'] = false;
}
} else {
$result['result'] = false;
}
echo json_encode($result);
exit;
}
?>