<?php
if(!$user->isAuth()){
redirect('/');
exit;
}
function host($id){
global $db;
$sql = $db->prepare('select * from `hosting` where `id` = ?');
$sql -> execute([$id]);
$sql = $sql -> fetch(PDO :: FETCH_OBJ);
return $sql;
}
if(isset($_GET['isp'])){
$ordr = $db->prepare('select * from `order` where `id` = ? and `user` = ? and `time` > ?');
$ordr -> execute([Clean :: int($_GET['isp']),$user->get()->user_id,time()-86400*5]);
$ordr = $ordr -> fetch(PDO :: FETCH_OBJ);
if(!isset($ordr->id)){
redirect('/order');
exit;
}
redirect('https://'.$set->ip.':'.$set->port.'/manager?func=auth&username='.urlencode($ordr->login).'&password='.urlencode($ordr->password).'&checkcookie=no');
exit;
}
function rom_order($id){
global $set,$db;
$order = $db->prepare('select * from `order` where `id` = ?');
$order -> execute([$id]);
$order = $order -> fetch(PDO :: FETCH_OBJ);
$api = file_get_contents('http://'.$set->ip.':'.$set->port.'/ispmgr?authinfo='.urlencode($order->login).':'.urlencode($order->password).'&func=diskusage.info&out=json&elid='.urlencode($order->login));
$json = json_decode($api,true);
return $json['doc']['homedir']['$'];
}
if(!isset($_GET['buy'])) $_GET['buy'] = false;
if(isset($_POST['buy']) and isset($_POST['day'])){
$buy = Clean :: int($_POST['buy']);
$day = Clean :: int($_POST['day']);
$ord = $db->prepare('select * from `order` where `id` = ? and `user` = ?');
$ord -> execute([$buy,$user->get()->user_id]);
$ord = $ord -> fetch(PDO :: FETCH_OBJ);
if(!isset($ord->id)){
redirect('/order');
exit;
}
if($day < 1){
Notif :: error('Некоректное время продления','/order?buy='.$buy.'#'.$buy);
exit;
}
$price = host($ord->host)*$day;
if($user->get()->money < $price){
Notif :: error('Недостаточно средств для продления заказа','/order?buy='.$buy.'#'.$buy);
exit;
}
$update = $db->prepare('update `order` set `time` = ?, `notice` = ? where `id` = ?');
$update -> execute([$ord->time+86400*$day,0,$ord->id]);
echo bill(['amount'=>$price,'type'=>0,'user'=>$user->get()->user_id,'text'=>'Продление хостинга']);
$us_update = $db->prepare('update users set money = ? where user_id = ?');
$us_update -> execute([$user->get()->money-$price,$user->get()->user_id]);
Notif :: message('Заказ №'.$ord->id.' успешно продлен на '.$day.' дн.','/order');
exit;
}
if(isset($_GET['del'])){
$del = Clean :: int($_GET['del']);
$ord = $db->prepare('select * from `order` where `id` = ? and `user` = ?');
$ord -> execute([$del,$user->get()->user_id]);
$ord = $ord -> fetch(PDO :: FETCH_OBJ);
if(!isset($ord->id)){
redirect('/order');
exit;
}
echo file_get_contents('http://'.$set->ip.':'.$set->port.'/manager?authinfo='.urlencode($set->isp_login).':'.urlencode($set->isp_password).'&out=json&func=user.delete&elid='.urlencode($ord->login).'&sok=yes');
$del = $db->prepare('delete from `order` where `id` = ?');
$del -> execute([$ord->id]);
Notif :: message('Заказ успешно удален','/order');
exit;
}
$order = $db->prepare('select * from `order` where `user` = ? and `time` > ?');
$order -> execute([$user->get()->user_id,time()-86400*5]);
$order = $order -> fetchAll();
echo $template->render('user.order', ['order' => $order]);