Backups Created:
/home/japatmex/public_html/wp-content/edit-wolf.php
Savvy
W
olf -
MANAGER
Edit File: submitfileorder.php
<?php require_once(APPPATH.'libraries/FileManager.php'); $filemanager = new FileManager(); $FILES_ARR = $OG_FILES_ARR = array(); $packagePrice = 0; $apiId = 0; $apiKey = ''; $apiType = ''; $serverURL = ''; $accountId = ''; $extNwkId = ''; $apiKey2 = ''; $apiPwd = ''; $placeOrder = true; $packCostPrice = 0; $DELAY_TIME = '1'; $CRON_DELAY_TIME = '1'; $NEW_ORDER_EMAILS = ''; $apiName = ''; $rsPackTitle = $this->User_model->fetch_package_by_id($myNetworkId); if (isset($rsPackTitle->PackageTitle) && $rsPackTitle->PackageTitle != '') { $packageTitle = $rsPackTitle->PackageTitle; $packCostPrice = $rsPackTitle->CostPrice == '' ? 0 : $rsPackTitle->CostPrice; $SERVICE_TYPE = $rsPackTitle->ServiceType; // 0 for DATABASE, 1 for RECALCULATE $DELAY_TIME = $rsPackTitle->ResponseDelayTm == 0 ? '1' : $rsPackTitle->ResponseDelayTm; $CRON_DELAY_TIME = $rsPackTitle->CronDelayTm == 0 ? '1' : $rsPackTitle->CronDelayTm; $NEW_ORDER_EMAILS = $rsPackTitle->NewOrderEmailIDs; } $rsPackage = $this->User_model->get_packages_api_by_id($myNetworkId); if (isset($rsPackage->APIId) && $rsPackage->APIId != '') { $apiId = $rsPackage->APIId == '-1' ? '0' : $rsPackage->APIId; $apiKey = $rsPackage->APIKey; $apiType = $rsPackage->APIType; $serverURL = $rsPackage->ServerURL; $accountId = $rsPackage->AccountId; $extNwkId = $rsPackage->ExternalNetworkId; $apiName = $rsPackage->APITitle; $apiKey2 = $rsPackage->APIKey2; $apiPwd = $rsPackage->APIPassword; } $rdFileType = 0; $fileUploadType = ''; //=========================================== ZIP FILE =========================================// if($rdFileType == '0') { if($filemanager->getFileName('txtFile') != '') { $fileExt = $filemanager->getFileExtension("txtFile"); if($fileExt == '.log' || $fileExt == '.fnx' || $fileExt == '.bcl' || $fileExt == '.txt' || $fileExt == '.sha' || $fileExt == '.ask') { $ORDER_FILENAME = 'slbf_files/'.$filemanager->getFileName('txtFile'); if(InStr($ORDER_FILENAME, 'php')) { $this->data['message'] = $this->lang->line('CUST_LBL_182'); $placeOrder = false; } else { $ext = pathinfo($ORDER_FILENAME, PATHINFO_EXTENSION); $newName = random_string('numeric', 10) . '.' . $ext; $filemanager->uploadAs('txtFile', 'slbf_files/'.$newName); $FILES_ARR[0] = $newName; $OG_FILES_ARR[0] = basename($ORDER_FILENAME); $fileUploadType = 0; // checking if file contains php code $tmpCntnt = file_get_contents('slbf_files/'.$newName); if(stripos($tmpCntnt, '<?') !== FALSE) { $this->data['message'] = $this->lang->line('CUST_LBL_182'); $placeOrder = false; } } } else { $this->data['message'] = $this->lang->line('CUST_LBL_182'); $placeOrder = false; } }elseif ($filemanager->getFileName('txtZipFile') != ''){ $this->load->library('zip'); $config['upload_path'] = 'zip/'; $config['allowed_types'] = 'zip'; $config['max_size'] = '5120'; // max_size in kb (5 MB) $config['file_name'] = $_FILES['txtZipFile']['name']; // Load upload library $this->load->library('upload',$config); $upload_flag=0; // File upload if($this->upload->do_upload('txtZipFile')){ // Get data about the file $uploadData = $this->upload->data(); $filename = $uploadData['file_name']; $path = "zip/".$filename; ## Extract the zip file ---- start /*$zip = new ZipArchive;*/ $zip = new ZipArchive; $res = $zip->open("zip/".$filename); if ($res === TRUE) { // Unzip path $extractpath = "slbf_files/"; // creating tmp dir $tmpDir = random_string('numeric', 10) . '/'; @mkdir(FCPATH . $tmpDir, 0777); for($i = 0; $i < $zip->numFiles; $i++) { $filename = $zip->getNameIndex($i); $fileinfo = pathinfo($filename); $fileExt=substr($fileinfo['basename'], strrpos($fileinfo['basename'], "." )); if($fileExt =='.log' || $fileExt == '.fnx' || $fileExt == '.bcl' || $fileExt == '.txt' || $fileExt == '.sha' || $fileExt == '.ask'){ if($upload_flag==0){ $zip->extractTo($tmpDir); $upload_flag=1; } // checking if file contains php code $tmpCntnt = file_get_contents(FCPATH . $tmpDir . $fileinfo['basename']); if(stripos($tmpCntnt, '<?') !== FALSE) { $this->data['message'] = $this->lang->line('CUST_LBL_182'); $placeOrder = false; }else{ $fileTmpName = random_string('numeric', 10) . '.' . $fileinfo['extension']; @copy(FCPATH . $tmpDir . $fileinfo['basename'], $extractpath . $fileTmpName); $FILES_ARR[] = $fileTmpName; $OG_FILES_ARR[] = $fileTmpName; } $fileUploadType = 1; }else{ $this->data['message'] = $this->lang->line('CUST_LBL_182'); $placeOrder = false; } } // removing temp dir foreach(glob(FCPATH . $tmpDir . '*') as $tmpFile) @unlink($tmpFile); @rmdir(FCPATH . $tmpDir); } $zip->close(); if(file_exists($file_to_delete = "zip/".$filename)) { @unlink($file_to_delete); } } } } if($placeOrder) { $USER_ID = $this->session->userdata('GSM_FUS_UserId'); $packagePrice = getpackprice($myNetworkId , $this->data['userDetails']->CurrencyId , $IMEI_TYPE, null, null); $totalFiles = sizeof($FILES_ARR); $rsPackage = $this->User_model->get_dupImeis($myNetworkId); $allowDupIMEIs = $rsPackage->DuplicateIMEIsNotAllowed; $strInsert = ", ShowToSupplier = '0'"; list($suppPackId, $suppPurchasePrice, $supplierId) = ifPackIdAssignedToSupplier($myNetworkId, 1); if($suppPackId != '0') $strInsert = ", ShowToSupplier = '1'"; if($suppPurchasePrice != '0') $strInsert .= ", Payout = '$suppPurchasePrice'"; if($supplierId != '0') $strInsert .= ", SupplierId = '$supplierId'"; $rwUNC = $this->User_model->get_negative_credits(); $ALLOWNGTVCRDTS = $rwUNC->AllowNegativeCredits; $ODL = $rwUNC->OverdraftLimit; for($j = 0; $j < $totalFiles; $j++) { $finalCr = $this->data['myCredits'] - $packagePrice; if($finalCr < 0) { if($ALLOWNGTVCRDTS == '0'){ $this->data['message'] = $this->lang->line('CUST_CODE_MSG2'); } else if($ALLOWNGTVCRDTS == '1') { $REMAINING_CREDITS = abs($finalCr); if($REMAINING_CREDITS <= $ODL) { include APPPATH.'scripts/fileordersubmission.php'; } else { $this->data['message'] = 'Order failed. Your Overdraft Limit has been finished.'; } } } else { include APPPATH.'scripts/fileordersubmission.php'; } } } foreach($FILES_ARR as $singleFile) { // deleting uploaded file after order is placed if(file_exists($file_to_delete = 'slbf_files/'.$singleFile)) { @unlink($file_to_delete); } }
SavvyWolf - MANAGER