Ghost Exploiter Team Official
/
home
/
ramdevpcb
/
public_html
/
admin.ramdevpcb.com
/
include
/
Nama File / Folder
Size
Action
managed-resource
--
NONE
ajax-common.php
6.646KB
Hapus
Edit
Rename
db.php
2.886KB
Hapus
Edit
Rename
error_log
994.493KB
Hapus
Edit
Rename
footer.php
0.485KB
Hapus
Edit
Rename
header.php
25.84KB
Hapus
Edit
Rename
<?php require_once 'db.php'; if(isset($_POST['action'])){ if ($_POST['action'] == 'getsubcategoriesfromcategoryid') { $category_id = $_POST['category_id']; $sql = "SELECT SubCategoryID,SubCategory FROM BrandSubCategory WHERE CategoryID='$category_id' and is_deleted!=1"; $result = $conn->query($sql); $row = $result->fetch_all(); // echo "<pre>"; $subcategory_options = '<option value="">Select Subcategory</option>'; foreach ($row as $key => $value) { $subcategory_options .="<option value='".$value[0]."'>".$value[1]."</option>"; } echo $subcategory_options; } if ($_POST['action'] == 'getmodelfromsubcategoryid') { $subcategory_id = $_POST['subcategory_id']; $sql = "SELECT ModelID,Model FROM BrandModel WHERE SubCategoryID='$subcategory_id' and is_deleted!=1"; $result = $conn->query($sql); $row = $result->fetch_all(); $model_options = '<option value="">Select Model</option>'; foreach($row as $key => $value){ $model_options .="<option value='".$value[0]."'>".$value[1]."</option>"; } echo $model_options; } if ($_POST['action'] == 'getCityFromStateId') { $state_id = $_POST['state_id']; $sql = "SELECT CityID, CityName FROM Cities WHERE StateID=".$state_id; $result = $conn->query($sql); $row = $result->fetch_all(); foreach($row as $key => $value){ $cities .="<option value='".$value[0]."'>".$value[1]."</option>"; } echo $cities; } if ($_POST['action'] == 'deleteCategory') { $category_id = $_POST['category_id']; $sql = "UPDATE `BrandCategory` SET `is_deleted`='1' WHERE CategoryID=".$category_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteSubCategory') { $subcategory_id = $_POST['subcategory_id']; $sql = "UPDATE `BrandSubCategory` SET `is_deleted`='1' WHERE SubCategoryID=".$subcategory_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'getproductfrommodelid') { $model_id = $_POST['model_id']; $sql = "SELECT * FROM productdetails pd, ProductColors pc WHERE pd.ProductColorID = pc.ColorID AND pd.ModelID = $model_id and pd.is_deleted!='1'"; $result = mysqli_query($conn, $sql) or die(mysqli_error($conn)); //$row = $result->fetch_assoc(); $product_options = '<option value="">Select Product</option>'; while ($row = mysqli_fetch_assoc($result)) { $product_options .= "<option value='" . $row['ProductID'] . "'>" . $row['ProductNumber'] . " (" . $row['ColorName'] . ")</option>"; } echo $product_options; } if ($_POST['action'] == 'getproductdetailsbyproductID') { $product_id = $_POST['product_id']; $color_id = $_POST['color_id']; $sql = "SELECT TotalStock,BtoCPrice,BtoBPrice1,BtoBPrice2,BtoBPrice3,StockLocation FROM productdetails WHERE ProductNumber='".$product_id."' and ProductColorID='".$color_id."'"; $result = $conn->query($sql); $row = $result->fetch_assoc(); echo json_encode($row); } if ($_POST['action'] == 'getProductDetails') { $product_id = $_POST['product_id']; $color_id = isset($_POST['color_id']) ? $_POST['color_id'] : ''; // Start building the SQL query $sql = "SELECT * FROM productdetails WHERE ProductID = " . $product_id; // Check if $color_id is not empty and append it to the WHERE clause if ($color_id != '') { $sql .= " AND ProductColorID = '" .$color_id . "'"; } $result = $conn->query($sql); $row = $result->fetch_assoc(); echo json_encode($row); } if ($_POST['action'] == 'deleteProduct') { $product_id = $_POST['product_id']; $sql = "UPDATE `productdetails` SET `is_deleted`='1' WHERE ProductID=".$product_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteCourier') { $courier_id = $_POST['CourierID']; $sql = "UPDATE `CourierCompany` SET `is_deleted`='1' WHERE CourierID=".$courier_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteImageByImageID') { $image_id = $_POST['image_id']; $sql = "DELETE FROM `productimages` WHERE ProductImageID=".$image_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteModel') { $model_id = $_POST['model_id']; $sql = "UPDATE `BrandModel` SET `is_deleted`='1' WHERE ModelID=".$model_id; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteColor') { $color_id = $_POST['color_id']; $sql = "UPDATE `ProductColors` SET `is_deleted`='1' WHERE ColorID=".$color_id; $result = $conn->query($sql); return $result; } if($_POST['action'] == 'getadminnotification'){ $sql = "SELECT C.DeliveryOption,A.notify_id,A.type,A.order_id,C.OrderAmount,C.OrderNumber,A.subject,A.date,A.time FROM notification A inner join Orders C on A.order_id=C.OrderID where A.recipient_id='1' and A.unread='true'"; $result = $conn->query($sql); $rowcount=mysqli_num_rows($result); $row = $result->fetch_assoc(); $data['notifycount']=$rowcount; foreach ($result as $row) { $datanotify[] = $row; } $data['notifydata']=$datanotify; echo json_encode($data); } if ($_POST['action'] == 'markreadnotification') { $id=$_POST['id']; $sql = "UPDATE `notification` SET `unread`='false' where notify_id='$id'"; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'markreadallnotification') { $sql = "UPDATE `notification` SET `unread`='false' where recipient_id='1'"; $result = $conn->query($sql); return $result; } if($_POST['action'] == 'getorderstatus'){ $order_id = $_POST['orderid']; $sql = "SELECT OrderStatusID,OrderNumber from Orders where OrderID='$order_id'"; $result = $conn->query($sql); $row = $result->fetch_assoc(); echo json_encode($row); } if($_POST['action'] == 'getaddress'){ $address_id = $_POST['addressid']; $sql = "SELECT * from AddressDetails where AddressID='$address_id'"; $result = $conn->query($sql); $row = $result->fetch_assoc(); echo json_encode($row); } if ($_POST['action'] == 'deleteUser') { $userid = $_POST['user_id']; $sql = "UPDATE `Users` SET `is_deleted`='1' WHERE UserID=".$userid; $result = $conn->query($sql); return $result; } if ($_POST['action'] == 'deleteDiscount') { $userid = $_POST['discount_id']; $sql = "UPDATE Discounts SET cstatus='0' WHERE DiscountID =".$userid; // $sql = "DELETE FROM Discounts WHERE DiscountID =".$userid; $result = $conn->query($sql); return $result; } } ?>