| Server IP : 51.89.169.208 / Your IP : 18.217.137.245 Web Server : Apache System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64 User : yellowleaf ( 1019) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/yellowleaf/www/staff/advert/support/ |
Upload File : |
<?php
//error_reporting(E_ALL);
header('Content-Type: text/html; charset=utf-8');
$path = $_SERVER['DOCUMENT_ROOT'];
include_once $path.'/connect_db.php';
include '../../accesscontrol.php';
if(isset($_POST['submit'])){
foreach(addslashes($_POST['ls']) as $listing){
$aa = explode(" || ", $listing);
$ls_id = $aa[0];
$ls_mid = $aa[1];
// deleting ad
$q6 = "DELETE FROM ads WHERE adid='{$ls_id}' AND memberid ='{$ls_mid}'";
$r6 = $connect->query($q6) or die($connect ->error);
$del_query = "SELECT image, photo_1, photo_2, photo_3, photo_4 FROM ads WHERE adid='{$ls_id}' AND memberid = '{$ls_mid}' GROUP BY adid";
$del_result = $connect->query($del_query) or die($connect -> connect_errno);
$del_row = $del_result->fetch_array();
$photos_array=array(1 =>$del_row['photo_1'],$del_row['photo_2'],$del_row['photo_3'],$del_row['photo_4']);
// deleting associating photos to ad
foreach($photos_array as $photo_key=>$photo_array){
$file = 'uploads/'.$photo_key.'/'.$photo_array; // name of file
if (file_exists($file)) {
@unlink($file);
}
}
$logo_file= 'uploads/logo/'.$del_row['image']; // name of file
if (file_exists($logo_file)) {
@unlink($logo_file);
}
$message = 'Your Ad has been successfully deleted.';
}
}
if(addslashes($_GET['del'])=="yes"){
$adid=addslashes($_GET['adid']);
$memberid=addslashes($_GET['memberid']);
// deleting ad
$q6 = "DELETE FROM ads WHERE adid='{$adid}' AND memberid ='{$memberid}'";
$r6 = $connect->query($q6) or die($connect->error);
$del_query = "SELECT image, photo_1, photo_2, photo_3, photo_4 FROM ads WHERE adid='{$adid}' AND memberid = '{$memberid}' GROUP BY adid";
$del_result = $connect->query($del_query) or die($connect->error);
$del_row = $del_result->fetch_array();
$photos_array=array(1 =>$del_row['photo_1'],$del_row['photo_2'],$del_row['photo_3'],$del_row['photo_4']);
foreach($photos_array as $photo_key=>$photo_array){
$file = 'uploads/'.$photo_key.'/'.$photo_array; // name of file
if (file_exists($file)) {
@unlink($file);
}
}
// deleting logo
$logo_file= 'uploads/logo/'.$del_row['image']; // name of file
if (file_exists($logo_file)) {
@unlink($logo_file);
}
$message = 'Your Ad has been successfully deleted.';
//header( "refresh:5;url=index.php" );
}
if(addslashes($_GET['del'])=="yes"){
$id=addslashes($_GET['id']);
// deleting ticket
$q6 = "DELETE FROM tickets WHERE id ='{$id}'";
$r6 = $connect->query($q6) or die($connect->error);
$message = 'Ticket has been deleted.';
// header( "refresh:0;url=index.php" );
}
?>
<!-- start: HTML -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/header-footer/global.css">
<link rel="stylesheet" href="/staff/style_staff.css">
<title>Staff Area</title>
<script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
<style>
input#search {
width: 86%;
float: left;
margin: 0 15px 0px 0px;
}
.successDvBx{
padding: 10px;
font-weight: bold;
border: 1px solid green;
font-size: 16px;
margin-bottom: 15px;
}
.container.lg{
max-width: 1450px!important;
}
.topbar-menu-wrapper{
justify-content: center;
}
</style>
</head>
<body>
<?
include '../../staff_header.php';
if($updated==TRUE){
echo '<div class="successDvBx">ACTIVATED</div>';
}
if($message){
}
?>
<!-- start: Table -->
<div class="table-section">
<div class="container lg">
<div class="table-responsive">
<form>
<?
$Active = $connect->query("SELECT * FROM ads WHERE active = 1 ")->num_rows;
$Inactive = $connect->query("SELECT * FROM ads WHERE active = 0 and decline = 0")->num_rows;
$Declined = $connect->query("SELECT * FROM ads WHERE decline = 1 ")->num_rows;
$Featured = $connect->query("SELECT * FROM ads WHERE featured = 1 ")->num_rows;
$free_websites = $connect->query("SELECT * FROM `members` as `m` INNER JOIN `page_configuration` as `pc` ON m.memberid = pc.memberid GROUP BY m.memberid")->num_rows;
$dr = $_SERVER['DOCUMENT_ROOT'].'/members/uploads/logo/';
$logo = scandir($dr);
?>
<div class="submit-advert-form-group">
<a href="/staff/advert/approved/" class="btn btn-yellow">Active (<?=$Active?>)</a>
<a href="/staff/" class="btn btn-yellow">Inactive (<?=$Inactive?>)</a>
<a href="/staff/advert/declined/" class="btn btn-yellow">Declined (<?=$Declined?>)</a>
<a href="/staff/advert/no_images" class="btn btn-yellow">No image Businesses (<?=$Inactive-count($logo)?>)</a>
<a href="/staff/advert/featured/" class="btn btn-yellow">Featured (<?=$Featured?>)</a>
<a href="/staff/advert/free_websites" class="btn btn-yellow">Used Free Website (<?=$free_websites?>)</a>
</div>
<div class="submit-advert-form-group">
<input type="text" name="search" id="search" class="form-control" placeholder="Enter user email" value="<?=addslashes($_GET['search']) ?>">
<button class="btn btn-yellow" type="submit">Search
<svg viewBox="0 0 21 16" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M13.0998 15.5L11.7582 14.1902L17 8.95114H0.588135V7.08004H17L11.727 1.80977L13.0686 0.5L20.5881 8.01559L13.0998 15.5Z"></path>
</svg>
</button>
</div>
<?php if($message): ?>
<div class="message successDvBx"><?=$message?></div>
<?php endif ?>
</form>
<table class="table">
<thead>
<tr>
<th>Date</th>
<th>Name</th>
<th>Email</th>
<th>Subject</th>
<th>Message</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?
$search = addslashes($_GET['search']);
$limit = 100;
$page = addslashes($_GET['page'])?addslashes($_GET['page']):1;
$offset = ($page-1)*$limit;
//spam word check array
$spam_array = array("100% more", "100% free", "Additional income", "Be your own boss", "Best price", "Big bucks", "Billion", "Cash bonus", "Cents on the dollar", "Consolidate debt", "Double your cash", "Double your income", "Earn extra cash", "Earn money", "Eliminate bad credit", "Extra cash", "Extra income", "Expect to earn", "Fast cash", "Financial freedom", "Free access", "Free consultation", "Free gift", "Free hosting", "Free info", "Free investment", "Free membership", "Free money", "Free preview", "Free quote", "Free trial", "Full refund", "Get out of debt", "Get paid", "Giveaway", "Guaranteed", "Increase sales", "Increase traffic", "Incredible deal", "Lower rates", "Lowest price", "Make money", "Million dollars", "Miracle", "Money back", "Once in a lifetime", "One time", "Pennies a day", "Potential earnings", "Prize", "Promise", "Pure profit", "Risk-free", "Satisfaction guaranteed", "Save big money", "Save up to", "Special promotion", "Act now", "Apply now", "Become a member", "Call now", "Click below", "Click here", "Get it now", "Do it today", "Don't delete", "Exclusive deal", "Get started now", "Important information regarding", "Information you requested", "Instant", "Limited time", "New customers only", "Order now", "Please read", "See for yourself", "Sign up free", "Take action", "This won't last", "Urgent", "porn", "What are you waiting for?", "While supplies last", "Will not believe your eyes", "Winner", "Winning", "You are a winner", "You have been selected", "Bulk email", "Buy direct", "Cancel at any time", "Check or money order", "Congratulations", "Confidentiality", "Cures", "Dear friend", "Direct email", "Direct marketing", "Hidden charges", "Human growth hormone", "Internet marketing", "Lose weight", "Mass email", "Meet singles", "Multi-level marketing", "No catch", "No cost", "No credit check", "No fees", "No gimmick", "No hidden costs", "No hidden fees", "No interest", "No investment", "No obligation", "No purchase necessary", "No questions asked", "No strings attached", "Not junk", "Notspam", "Requires initial investment", "Social security number", "This isn't a scam", "This isn't junk", "This isn't spam", "Undisclosed", "Unsecured credit", "Unsecured debt", "Unsolicited");
// $a = $connect->query("SELECT * FROM ads WHERE active = 1 ORDER BY adid DESC LIMIT $offset,$limit") or die($connect->error);
// $a = $connect->query("SELECT * FROM tickets WHERE email LIKE '%{$search}%' AND FIND_IN_SET(subject, '{$spam_array}') = 0 AND FIND_IN_SET(message, '{$spam_array}') = 0 ORDER BY `date` DESC LIMIT 50") or die($connect->error);
$a = $connect->query("SELECT * FROM tickets WHERE email LIKE '%{$search}%' ORDER BY `date` DESC LIMIT $offset,$limit") or die($connect->error);
if($a->num_rows > 0){
$j=0;
while($b = $a->fetch_array(MYSQLI_ASSOC)){
$r_ad_email=strtolower($b['email']);
$r_ad_name=ucfirst($b['name']);
$r_ad_subject=$b['subject'];
$r_ad_message=$b['message'];
$r_ad_date=date("d/m/y", $b['date']);
$word_count = count($spam_array);
$check = 0;
if (!function_exists('str_contains')) {
function str_contains(string $haystack, string $needle): bool
{
return '' === $needle || false !== strpos($haystack, $needle);
}
}
for($i=0; $i < $word_count; $i++){
if(str_contains($r_ad_subject, $spam_array[$i])){
$check = 1;
}
if(str_contains($r_ad_message, $spam_array[$i])){
$check = 1;
}
}
if($check){
continue;
}
if($j++ >= 50){
break;
}
// if(strlen($b['message']) > 100){
// $r_ad_message=substr($b['message'], 0, 100)."...";
// } else{
// $r_ad_message=$b['message'];
// }
?>
<tr onclick="chbox(<?=$b['id']?>);" id="tr_<?=$b['id']?>" <?=(strpos($r_ad_name,'clean') !== false
? 'class="selected"' : '' )?>>
<td><?=$r_ad_date?></td>
<td>
<?=$r_ad_name?>
</td>
<td>
<?=$r_ad_email?>
</td>
<td>
<?=$r_ad_subject?>
</td>
<td>
<?=$r_ad_message?>
</td>
<td>
<a onclick="return confirm('Do you want to delete?')" style="color:red" href="/staff/advert/support/?del=yes&id=<?=$b['id']?>">Delete</a>
</td>
</tr>
<? }} ?>
</tbody>
</table>
</div>
<div class="table-pagination">
<a href="?page=<?=$page+1?>">Next Page</a>
</div>
<!-- <div class="table-action">
<a href="#" class="btn btn-red">Delete Selected</a>
</div> -->
</div>
</div>
<!-- end: Table -->
<script>
$( document ).ready(function() {
var msg = <?=$message?>;
if(msg){
$(".message").text(msg);
}
});
var topbarToggle = document.querySelector('.topbar-menu-toggle')
var topbarMenu = document.querySelector('.topbar-menu')
topbarToggle.addEventListener('click', function() {
topbarMenu.classList.toggle('show')
})
function chbox(id) {
document.getElementById('inp_' + id).click()
if (document.getElementById('inp_' + id).checked) {
document.getElementById('tr_' + id).classList.add('selected');
} else {
document.getElementById('tr_' + id).classList.remove('selected');
}
}
</script>
</body>
</html>
<!-- end: HTML -->