· 5 years ago · May 06, 2020, 04:52 PM
1<?php
2/**
3 * Penulis Kode - SMM Panel script
4 * Domain: http://penuliskode.com/
5 * Documentation: http://penuliskode.com/smm/script/version-n1/documentation.html
6 *
7 */
8
9require '../mainconfig.php';
10header('Content-Type: application/json');
11if ($config['web']['maintenance'] == 1) {
12 $result = array('status' => false, 'data' => array('msg' => 'Maintenance'));
13 exit(json_encode($result, JSON_PRETTY_PRINT));
14}
15if ($_POST) {
16 if (check_input($_POST, array('api_key', 'action')) == false) {
17 $result = array('status' => false, 'data' => array('msg' => 'Permintaan tidak sesuai'));
18 } else {
19 $user = $model->db_query($db, "*", "users", "BINARY api_key = '".mysqli_real_escape_string($db, $_POST['api_key'])."'");
20 if ($user['count'] <> 1) {
21 $result = array('status' => false, 'data' => array('msg' => 'API Key salah'));
22 } else {
23 if ($_POST['action'] == 'order') {
24 if (check_input($_POST, array('service', 'data', 'quantity')) == false) {
25 $result = array('status' => false, 'data' => array('msg' => 'Permintaan tidak sesuai'));
26 } else {
27 $service = $model->db_query($db, "*", "services", "id = '".mysqli_real_escape_string($db, $_POST['service'])."' AND status = '1'");
28 if ($service['count'] == 0) {
29 $result = array('status' => false, 'data' => array('msg' => 'Layanan tidak ditemukan'));
30 } else {
31 $total_price = ($service['rows']['price'] / 1000) * $_POST['quantity'];
32 $total_profit = ($service['rows']['profit'] / 1000) * $_POST['quantity'];
33 $provider = $model->db_query($db, "*", "provider", "id = '".$service['rows']['provider_id']."'");
34 if ($provider['count'] == 0) {
35 $result = array('status' => false, 'data' => array('msg' => 'Layanan tidak tersedia'));
36 } elseif ($_POST['quantity'] < $service['rows']['min']) {
37 $result = array('status' => false, 'data' => array('msg' => 'Jumlah pesan tidak sesuai'));
38 } elseif ($_POST['quantity'] > $service['rows']['max']) {
39 $result = array('status' => false, 'data' => array('msg' => 'Jumlah pesan tidak sesuai'));
40 } elseif ($user['rows']['balance'] < $total_price) {
41 $result = array('status' => false, 'data' => array('msg' => 'Saldo tidak cukup'));
42 } else {
43 $result_api = false;
44 $curl = '';
45 $provider_order_id = '1';
46 if ($service['rows']['provider_id'] == '1') { // MANUAL
47 $result_api = '1';
48 } elseif ($service['rows']['provider_id'] == '5') { // BOSPANEL
49 $post_api = array(
50 'api_token' => $provider['rows']['api_key'],
51 'action' => 'add',
52 'package' => $service['rows']['provider_service_id'],
53 'link' => $_POST['data'],
54 'quantity' => $_POST['quantity']
55 );
56 $curl = post_curl($provider['rows']['api_url_order'], $post_api);
57 $result = json_decode($curl, true);
58 if (isset($result['order'])) {
59 $provider_order_id = $result['order'];
60 $result_api = true;
61 }
62 }
63 if ($result_api == false) {
64 $result = array('status' => false, 'data' => array('msg' => 'Layanan tidak tersedia'));
65 } else {
66 $input_post = array(
67 'user_id' => $user['rows']['id'],
68 'service_name' => $service['rows']['service_name'],
69 'data' => $_POST['data'],
70 'quantity' => $_POST['quantity'],
71 'price' => $total_price,
72 'profit' => $total_profit,
73 'remains' => $_POST['quantity'],
74 'status' => 'Pending',
75 'provider_id' => $service['rows']['provider_id'],
76 'provider_order_id' => $provider_order_id,
77 'created_at' => date('Y-m-d H:i:s'),
78 'api_order_log' => $curl,
79 'is_api' => 1
80 );
81 $insert = $model->db_insert($db, "orders", $input_post);
82 $model->db_update($db, "users", array('balance' => $user['rows']['balance'] - $total_price), "id = '".$user['rows']['id']."'");
83 $model->db_insert($db, "balance_logs", array('user_id' => $user['rows']['id'], 'type' => 'minus', 'amount' => $total_price, 'note' => 'Membuat Pesanan melalui API. ID Pesanan: '.$insert.'.', 'created_at' => date('Y-m-d H:i:s')));
84 $result = array('status' => true, 'data' => array('id' => $insert));
85 }
86 }
87 }
88 }
89 } elseif ($_POST['action'] == 'status') {
90 if (check_input($_POST, array('id')) == false) {
91 $result = array('status' => false, 'data' => array('msg' => 'Permintaan tidak sesuai'));
92 } else {
93 $order = $model->db_query($db, "*", "orders", "id = '".mysqli_real_escape_string($db, $_POST['id'])."' AND user_id = '".$user['rows']['id']."'");
94 if ($order['count'] == 0) {
95 $result = array('status' => false, 'data' => array('msg' => 'Pesanan tidak ditemukan'));
96 } else {
97 $result = array('status' => true, 'data' => array('status' => $order['rows']['status'], 'start_count' => $order['rows']['start_count'], 'remains' => $order['rows']['remains']));
98 }
99 }
100 } elseif ($_POST['action'] == 'services') {
101 $service = mysqli_query($db, "SELECT services.id, service_name AS name, price, min, max, note, categories.name AS category FROM services JOIN categories ON categories.id = services.category_id WHERE status = '1'");
102 $services = array();
103 while ($data = mysqli_fetch_assoc($service)) {
104 $services[] = $data;
105 }
106 $result = array('status' => true, 'data' => $services);
107 } else {
108 $result = array('status' => false, 'data' => array('msg' => 'Permintaan tidak sesuai'));
109 }
110 }
111 }
112} else {
113 $result = array('status' => false, 'data' => array('msg' => 'Permintaan tidak sesuai'));
114}
115print(json_encode($result, JSON_PRETTY_PRINT));