case sensitive voucher check
This commit is contained in:
Ibnu Maksum
parent
4d7c2bd373
commit
3f7c17d9b1
@ -64,7 +64,8 @@ try {
|
||||
}
|
||||
}
|
||||
if ($username == $password) {
|
||||
$d = ORM::for_table('tbl_voucher')->where('code', $username)->find_one();
|
||||
$username = Text::alphanumeric($username, "-_.,");
|
||||
$d = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$username'")->find_one();
|
||||
} else {
|
||||
$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
|
||||
if ($d['password'] != $password) {
|
||||
@ -127,7 +128,8 @@ try {
|
||||
process_radiust_rest($tur, $code);
|
||||
} else {
|
||||
if ($isVoucher) {
|
||||
$v = ORM::for_table('tbl_voucher')->where('code', $username)->where('routers', 'radius')->find_one();
|
||||
$username = Text::alphanumeric($username, "-_.,");
|
||||
$v = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$username'")->where('routers', 'radius')->find_one();
|
||||
if ($v) {
|
||||
if ($v['status'] == 0) {
|
||||
if (Package::rechargeUser(0, $v['routers'], $v['id_plan'], "Voucher", $username)) {
|
||||
|
||||
@ -57,7 +57,7 @@ switch ($do) {
|
||||
|
||||
case 'activation':
|
||||
if (!empty(_post('voucher_only'))) {
|
||||
$voucher = _post('voucher_only');
|
||||
$voucher = Text::alphanumeric(_post('voucher_only'), "-_.,");
|
||||
$tur = ORM::for_table('tbl_user_recharges')
|
||||
->where('username', $voucher)
|
||||
->where('customer_id', '0') // Voucher Only will make customer ID as 0
|
||||
@ -101,7 +101,7 @@ switch ($do) {
|
||||
_alert(Lang::T('Internet Plan Expired'), 'danger', "login");
|
||||
}
|
||||
} else {
|
||||
$v = ORM::for_table('tbl_voucher')->where('code', $voucher)->find_one();
|
||||
$v = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$voucher'")->find_one();
|
||||
if (!$v) {
|
||||
_alert(Lang::T('Voucher invalid'), 'danger', "login");
|
||||
}
|
||||
@ -156,9 +156,9 @@ switch ($do) {
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$voucher = _post('voucher');
|
||||
$voucher = Text::alphanumeric(_post('voucher'), "-_.,");
|
||||
$username = _post('username');
|
||||
$v1 = ORM::for_table('tbl_voucher')->where('code', $voucher)->find_one();
|
||||
$v1 = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$voucher'")->find_one();
|
||||
if ($v1) {
|
||||
// voucher exists, check customer exists or not
|
||||
$user = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
|
||||
|
||||
@ -482,8 +482,8 @@ switch ($action) {
|
||||
}
|
||||
$time3months = strtotime('-3 months');
|
||||
$d = ORM::for_table('tbl_voucher')->where_equal('status', '1')
|
||||
->where_raw("UNIX_TIMESTAMP(used_date) < $time3months")
|
||||
->findMany();
|
||||
->where_raw("UNIX_TIMESTAMP(used_date) < $time3months")
|
||||
->findMany();
|
||||
if ($d) {
|
||||
$jml = 0;
|
||||
foreach ($d as $v) {
|
||||
@ -756,9 +756,9 @@ switch ($action) {
|
||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent', 'Sales'])) {
|
||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||
}
|
||||
$code = _post('code');
|
||||
$code = Text::alphanumeric(_post('code'), "-_.,");
|
||||
$user = ORM::for_table('tbl_customers')->where('id', _post('id_customer'))->find_one();
|
||||
$v1 = ORM::for_table('tbl_voucher')->where('code', $code)->where('status', 0)->find_one();
|
||||
$v1 = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '?'", [$code])->where('status', 0)->find_one();
|
||||
|
||||
run_hook('refill_customer'); #HOOK
|
||||
if ($v1) {
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
|
||||
* by https://t.me/ibnux
|
||||
@ -11,19 +12,17 @@ $action = $routes['1'];
|
||||
$user = User::_info();
|
||||
$ui->assign('_user', $user);
|
||||
|
||||
require_once 'system/autoload/PEAR2/Autoload.php';
|
||||
|
||||
switch ($action) {
|
||||
|
||||
case 'activation':
|
||||
run_hook('view_activate_voucher'); #HOOK
|
||||
$ui->assign('code', alphanumeric(_get('code'),"-"));
|
||||
$ui->assign('code', alphanumeric(_get('code'), "-_.,"));
|
||||
$ui->display('user-activation.tpl');
|
||||
break;
|
||||
|
||||
case 'activation-post':
|
||||
$code = _post('code');
|
||||
$v1 = ORM::for_table('tbl_voucher')->where('code', $code)->where('status', 0)->find_one();
|
||||
$code = alphanumeric(_post('code'), "-_.,");
|
||||
$v1 = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$code'")->where('status', 0)->find_one();
|
||||
run_hook('customer_activate_voucher'); #HOOK
|
||||
if ($v1) {
|
||||
if (Package::rechargeUser($user['id'], $v1['routers'], $v1['id_plan'], "Voucher", $code)) {
|
||||
@ -52,15 +51,15 @@ switch ($action) {
|
||||
break;
|
||||
case 'invoice':
|
||||
$id = $routes[2];
|
||||
if(empty($id)){
|
||||
if (empty($id)) {
|
||||
$in = ORM::for_table('tbl_transactions')->where('username', $user['username'])->order_by_desc('id')->find_one();
|
||||
}else{
|
||||
} else {
|
||||
$in = ORM::for_table('tbl_transactions')->where('username', $user['username'])->where('id', $id)->find_one();
|
||||
}
|
||||
if($in){
|
||||
if ($in) {
|
||||
Package::createInvoice($in);
|
||||
$ui->display('invoice-customer.tpl');
|
||||
}else{
|
||||
} else {
|
||||
r2(U . 'voucher/list-activated', 'e', Lang::T('Not Found'));
|
||||
}
|
||||
break;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user