· 6 years ago · Dec 12, 2019, 07:44 AM
1<?php
2session_start();
3require("../mainconfig.php");
4$page_type = "Pulsa";
5
6if (isset($_SESSION['user'])) {
7 $sess_username = $_SESSION['user']['username'];
8 $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
9 $data_user = mysqli_fetch_assoc($check_user);
10 if (mysqli_num_rows($check_user) == 0) {
11 header("Location: ".$cfg_baseurl."logout.php");
12 } else if ($data_user['status'] == "Suspended") {
13 header("Location: ".$cfg_baseurl."logout.php");
14 }
15
16 include("../lib/header.php");
17 $msg_type = "nothing";
18
19$check_status = mysqli_query($db, "SELECT * FROM order WHERE code = 'pulsa'");
20 $data_status = mysqli_fetch_assoc($check_status);
21$p = $data_status['status'];
22 if (isset($_POST['order'])) {
23 $post_service = mysqli_real_escape_string($db,$_POST['service']);
24 $post_phone = mysqli_real_escape_string($db,$_POST['phone']);
25 $post_idcus = mysqli_real_escape_string($db,$_POST['idcus']);
26 $post_transaksi = mysqli_real_escape_string($db,$_POST['transaksi']);
27 $post_pin = mysqli_real_escape_string($db, trim($_POST['pin']));
28
29
30 $check_service = mysqli_query($db, "SELECT * FROM services_pulsa WHERE pid = '$post_service' AND status = 'Active'");
31 $data_service = mysqli_fetch_assoc($check_service);
32
33 $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
34 $data_provider = mysqli_fetch_assoc($check_provider);
35
36 $pin = $data_user['pin'];
37 $price = $data_service['price'];
38 $service = $data_service['name'];
39 $pid = $data_service['pid'];
40 $provider = $data_service['provider'];
41 $tipe = $data_service['tipe'];
42 $pesannya = $data_user['pesan'];
43
44 if (empty($post_service) || empty($post_phone)) {
45 $msg_type = "error";
46 $msg_content = "<b>Gagal:</b> Mohon mengisi input.";
47
48 } else if (mysqli_num_rows($check_service) == 0) {
49 $msg_type = "error";
50 $msg_content = "<b>Gagal:</b> Layanan tidak ditemukan.";
51 } else if ($data_status['status'] == "OFF") {
52 $msg_type = "error";
53 $msg_content = "<b>Gagal:</b> Pesanan Pulsa Saat Ini Sedang Offline Harap Coba Beberapa Saat Lagi.";
54 } else if ($data_user['status'] == "Terkunci") {
55 $msg_type = "error";
56 $msg_content = "<b>Gagal:</b> Akun anda terkunci silahkan hubungi Admin.";
57 } else if ($data_user['balance'] < $price) {
58 $msg_type = "error";
59 $msg_content = "<b>Gagal:</b> Saldo Anda tidak mencukupi untuk melakukan pembelian ini.";
60 } else {
61
62 // api data
63 $api_link = $data_provider['link'];
64 $api_key = $data_provider['api_key'];
65 // end api data
66
67 if ($provider == "MANUAL") {
68 $api_postdata = "";
69 } else if ($provider == "DPEDIA") {
70 $key = "";
71 $postdata = "api_key=$key&service=$pid&phone=$post_phone";
72 }
73
74 $ch = curl_init();
75 curl_setopt($ch, CURLOPT_URL, "http://serverh2h.net/order/pulsa");
76 curl_setopt($ch, CURLOPT_POST, 1);
77 curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
78 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
79 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
80 $chresult = curl_exec($ch);
81 // echo $chresult;
82 curl_close($ch);
83 $order_data = json_decode($chresult, true);
84 $trx = $order_data['code_trx'];
85 $err_msg = $order_data['error'];
86 $oid = random_number(5);
87 if (!$trx) {
88 $msg_type = "error";
89 $msg_content = "<b>Gagal!</b> ".$err_msg."";
90 } else {
91 $poid = $trx;
92 $check_top = mysqli_query($db, "SELECT * FROM top_user WHERE username = '$sess_username' AND method = 'Order'");
93 $data_top = mysqli_fetch_assoc($check_top);
94 $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$sess_username'");
95 $update_user = mysqli_query($db, "UPDATE users SET balance_used = balance_used+$price WHERE username = '$sess_username'");
96 if ($update_user == TRUE) {
97 if (mysqli_num_rows($check_top) == 0) {
98 $insert_order = mysqli_query($db, "INSERT INTO top_user (method, username, jumlah, total) VALUES ('Order', '$sess_username', '$price', '1')");
99 } else {
100 $insert_order = mysqli_query($db, "UPDATE top_user SET jumlah = ".$data_top['jumlah']."+$price, total = ".$data_top['total']."+1 WHERE username = '$sess_username' AND method = 'Order'");
101 }
102
103 $insert_order = mysqli_query($db, "INSERT INTO orders_pulsa(oid, poid, user, service, link, sn, price, status, datetime, provider, place_from) VALUES ('$oid', '$poid', '$sess_username', '$service', '$post_phone', 'Sedang diproses..', '$price', 'Pending', '$date $time', '$provider', 'WEB')");
104 $insert_order = mysqli_query($db, "INSERT INTO balance_history (username, action, type, quantity, price, msg, datetime) VALUES ('$sess_username', 'CUT BALANCE', 'ORDER', '1', '$price', 'Membuat pesanan pulsa. #ID Pesanan: $poid', '$date $time')");
105
106 if ($insert_order == TRUE) {
107 $msg_type = "success";
108 $msg_content = "Pesanan telah diterima.</b><br /><b>ID Pesanan:</b> $poid<br /><b>Layanan:</b> $service<br /><b>Biaya:</b> Rp ".number_format($price,0,',','.');
109 } else {
110 $msg_type = "error";
111 $msg_content = "<b>Gagal:</b> Error system (2).";
112 }
113 } else {
114 $msg_type = "error";
115 $msg_content = "<b>Gagal:</b> Error system (1).";
116 }
117 }
118 }
119 }
120
121 $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
122 $data_user = mysqli_fetch_assoc($check_user);
123 ?>
124<div class="col-md-12">
125 <br/>
126 </div>
127<div class="row">
128<div class="col-lg-12">
129<div class="alert alert-warning">
130<h4 class="text-uppercase">
131<i class="mdi mdi-bullhorn"></i> <b class="text-uppercase">Penting!</b></h3>
132Halo <?php echo $sess_username; ?>, Sebelum Membuat Pesanan Disarankan Untuk Membaca <b>Informasi</b> Terlebih Dahulu, Jika Anda Masuk Menggunakan PC Maka <b>Informasi</b> Terletak Disebelah Kanan Form Pesanan, Jika Anda Masuk Menggunakan <i>Smartphone / Mobile Phone</i> Maka <b>Informasi</b> Terletak Dibagian Bawah Form Pesanan.
133<br/>
134Terima Kasih.
135</div>
136</div>
137</div>
138 <div class="row">
139 <div class="col-md-7">
140 <div class="card">
141 <div class="card-header">
142 <h4 class="header-title"><i class="mdi mdi-cart text-primary"></i> Pemesanan Baru</h4>
143 </div>
144 <div class="card-body">
145 <?php
146 if ($msg_type == "success") {
147 ?>
148 <div class="alert alert-success">
149 <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
150 <i class="fa fa-check-circle"></i>
151 <?php echo $msg_content; ?>
152 </div>
153 <?php
154 } else if ($msg_type == "error") {
155 ?>
156 <div class="alert alert-danger">
157 <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
158 <i class="fa fa-times-circle"></i>
159 <?php echo $msg_content; ?>
160 </div>
161 <?php
162 }
163 ?>
164 <form class="form-horizontal" role="form" method="POST">
165 <input type="hidden" name="csrf_token" value="<?php echo $config['csrf_token'] ?>">
166
167 <div class="form-group">
168 <label>Nomer Handphone<font color="red">*</font></label>
169 <div class="col-md-12">
170 <input type="number" class="form-control" name="phone" id="phone">
171 </div>
172 </div>
173 <div id="service"></div>
174
175
176
177
178 <button type="submit" class="pull-right btn btn-square btn-primary" name="order"><i class="fa fa-check-circle"></i> Submit </button>
179 <button type="reset" class="btn btn-square btn-secondary"><i class="fa fa-refresh"></i> Ulangi</button>
180 </form>
181 </div>
182 </div>
183 </div>
184 <!-- END panel-->
185 <div class="col-md-5">
186 <div class="card">
187 <div class="card-header">
188 <h4 class="header-title"><i class="mdi mdi-information-outline text-primary"></i> Informasi Pemesanan</h4>
189 </div>
190 <div class="card-body">
191 <ul>
192 <li>Pemesanan <b>Pulsa All Operator</b></li>
193 <li>Masukan Nomer HP Untuk melakukan pesanan.</li>
194 <li>Pilih Layanan yang ingin anda Pesan.</li>
195 <li>Pastikan data yang anda masukan Benar</li>
196 <li>Klik <b>SUBMIT</b> Untuk membuat pesanan anda.</li>
197 <li>Sistem Ini Serba OTOMATIS, Berhati Hati Sebelum melakukan pemesanan!.</li>
198 <li>Tidak Ada Pengembalian Dana Untuk Kesalahan Pengguna.</li>
199 <li>Anda kesulitan dalam menggunakan ?</li>
200 <li>Hubungi <b>ADMIN</b> Melalui kontak yang tertera</li>
201 </br>
202 <li><b>Admin Central - Pulsa</b></li>
203 </ul>
204 </div>
205 </div>
206 </div>
207 </div>
208
209
210 <!-- end row -->
211 <!-- end row -->
212 <script type="text/javascript" src="https://code.jquery.com/jquery-1.10.2.js"></script>
213 <script type="text/javascript">
214 var htmlobjek;
215 $(document).ready(function(){
216 $("#phone").keyup(function(){
217 var phone = $("#phone").val();
218 $.ajax({
219 url: '<?php echo $cfg_baseurl; ?>inc/pulsa/pulsa.php',
220 data: 'phone=' +phone,
221 type: 'POST',
222 dataType: 'html',
223 beforeSend:function(msg){
224 $("#service").html("Sedang Memuat..");
225 },
226 success: function(msg){
227 $("#service").html(msg);
228 },
229 error:function(msg){
230 $("#service").html("Terjadi Kesalahan..");
231 }
232 });
233 });
234
235
236 $("#service").change(function(){
237 var service = $("#service").val();
238 $.ajax({
239 url: '<?php echo $cfg_baseurl; ?>inc/pulsa/order_rate.php',
240 data: 'service='+service,
241 type: 'POST',
242 dataType: 'html',
243 success: function(msg){
244 $("#rates").html(msg);
245 }
246 });
247 });
248 });
249 </script>
250<?php
251 include("../lib/footer.php");
252} else {
253 header("Location: ".$cfg_baseurl);
254}
255?>