HEX
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 mod_fcgid/2.3.9 PHP/5.4.16
System: Linux dvm.vladweb.ru 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: region-gk.ru (1016)
PHP: 7.3.33
Disabled: NONE
$ pwd: /home/temp/autoprokat.vladweb.ru/includes/admin/
Upload Files
File: /home/temp/autoprokat.vladweb.ru/includes/admin/dogovor.php
<?php

//error_reporting(0);

foreach($_POST as $k=>$v){

$$k = $v;

}

if(isset($_GET['DOGOVOR']))
{
	if(isset($_GET['delt']))
	{
      $Query="DELETE FROM dogovora WHERE d_id=".(int)$_GET['delt'];
      @mysql_query($Query) or DIE ("DELETE  ERROR! ".MYSQL_ERROR());
	  header("Location: ./?DOGOVOR");
	  exit;
	}
	if(isset($_GET['addi']))
	{
		$sql ="select * from users where u_id=".(int)$_GET['addi'];

		$res=mysql_query($sql) or DIE ("SELECT * FROM users ERROR! ".MYSQL_ERROR());
   		 $user=array();
while($rowa=mysql_fetch_array($res))
{ $user=$rowa;
};

$sql ="select * from auto order by `a_firma`,`a_marka`,`a_year` LIMIT 500";
   			$res=mysql_query($sql) or DIE ("SELECT * FROM auto ERROR! ".MYSQL_ERROR());
   		 	$auto=array();
   		 	$auto_a=array();
			while($rowa=mysql_fetch_array($res))
				{ $auto_a[]=$rowa; };
            foreach ($auto_a as $a){
            //	print_r($a);
            	 $auto[$a['a_id']]=$a['a_firma']." ".$a['a_marka']." ".$a['a_year']." ".$a['a_number'];
            	}
			$smarty->assign("auto", $auto);


		$smarty->assign("user", $user);
      $smarty->assign("admin_main_content_template", "add_dogovor.tpl");
	}
	
//===========================================================================================
//===========================================================================================

	elseif(isset($_POST['d_u_id'])&&$_POST['d_a_id'])
		{
		/*
		-
		-
		-
		-
		-
		-*/
		$sql = "select sum(d_end-d_start)/1000000 from dogovora d,users u where d.d_u_id = u_id  AND u.u_id = ".(int)$_POST['d_u_id']." group by u_fname LIMIT 500";
   			$res=mysql_query($sql) or DIE ("SELECT * FROM users ERROR! ".MYSQL_ERROR());
   		 	$user=array();
			$rowa=mysql_fetch_array($res) ;

		/*
		-
		-
		-
		-
		-*/
		(!empty($_POST['d_starthour']))?$sy1=$_POST['d_starthour']:$sy1=0;
		(!empty($_POST['d_startmin']))?$sy=$_POST['d_startmin']:$sy=0;
		  $d_start = mktime($sy1, $sy, 0, $_POST['d_startMonth'], $_POST['d_startDay'], $_POST['d_startYear']);
		(!empty($_POST['d_endmin']))?$y1=$_POST['d_endmin']:$y1=0;
		(!empty($_POST['d_endhour']))?$y=$_POST['d_endhour']:$y=0;
		  $d_end = mktime($y, $y1, 0, $_POST['d_endMonth'], $_POST['d_endDay'], $_POST['d_endYear']);
		  $s1 = ($d_end)-($d_start);
		  if ($s1 == 0) $s1=$s1+1;
		  $s = floor(($s1-1)/3600/24+1);
//echo $d_end-$d_start.'<br>'.$d_end;
//echo '<br>'.$s;
//echo '<br>'.date('y m d', $d_start);
//echo '<br>'.date('y m d', $d_end);

		 $d_u_id = intval($_POST['d_u_id']);
		 $d_a_id = intval($_POST['d_a_id']);
		 $d_start = $_POST['d_startYear']."-".$_POST['d_startMonth']."-".$_POST['d_startDay'];
		  $d_end = $_POST['d_endYear']."-".$_POST['d_endMonth']."-".$_POST['d_endDay'];
		   $d_start .= '-'.$_POST['d_starthour']."-".$_POST['d_startmin'];
		 // $d_start .= ' 00:00:00';
		  $d_end .= '-'.$_POST['d_endhour']."-".$_POST['d_endmin'];
		  //		  $d_end .= ' 00:00:00';
		  if (isset($_POST['skidkacalc'])&&$_POST['skidkacalc']=='checked')
		  {
		    $d_skidka = skidka($s,((int)$rowa['0'])+$s);
		  } else
		  {
		    $d_skidka = $_POST['d_skidka'];
		  }
		  $d_skidka = intval($d_skidka);
		  $result1 = mysql_query("select a_carprice from auto where a_id = ".$d_a_id);
		  $d_price1 = mysql_result($result1, 0, 'a_carprice');

		  

		$IQ="INSERT INTO dogovora VALUES ('0', '{$d_u_id}', '{$d_a_id}', '{$d_start}','{$d_end}' ,'".$d_price1."','{$d_skidka}','{$d_zalog}')" ;
    @mysql_query($IQ) or DIE ("INSERT ERROR!!!!!! ".MYSQL_ERROR());
	header("Location: ./?USER");
	exit;
		}
//===========================================================================================
//===========================================================================================

    else{
     $sort_d =" ";
    if(isset($_POST['d_endYear'])&&isset($_POST['d_startMonth']))
    	{
    	$limit = '';
    	$d_start = $_POST['d_startYear']."-".$_POST['d_startMonth']."-".$_POST['d_startDay']    ;
    	 $d_end = $_POST['d_endYear']."-".$_POST['d_endMonth']."-".$_POST['d_endDay']    ;

    	 $sort_d = " and (d_start between '".$d_start."' AND  '".$d_end."') AND (d_end between '".$d_start."' AND  '".$d_end."' )" ;

    	}else{
    	
    	$limit = "LIMIT 500";
    	
    	}
$sql = "select u_fname,'','', a_firma,a_marka,a_year,d_start,d_end,d_price, d_skidka,d_zalog,d_id,a_dvidachi from dogovora d,auto a, users u where d.d_a_id = a.a_id and d.d_u_id = u.u_id ".$sort_d." ORDER BY d_id DESC ".$limit;
   		
   			$res=mysql_query($sql) or DIE ($sql." - ".MYSQL_ERROR());
   		 	$auto=array();
			while($rowa=mysql_fetch_array($res))
				{ $auto[]=$rowa; };

			$smarty->assign("auto", $auto);
 			$smarty->assign("admin_main_content_template", "dogovors.tpl");
       }

}

function skidka($sumdays,$days)
	{	$skidka = 0;
	 $days = intval($days);
		$sum	=	intval($sum);
		if($days>=4 &&$days<8){$skidka = $sumdays*50;}//5%
		elseif($days>=8 &&$days<22){$skidka = $sumdays*100;}//10%
		elseif($days>=22 &&$days<30){$skidka = $sumdays*150;}//15%
	    elseif($days>=31){$skidka = $sumdays*200;}//20%
	    else{$skidka = 0; };//0%
	   return intval($skidka);
	}
?>
@ Telegram