|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
PLS decode this file. |
|
Posted: Tue Jul 26, 2011 9:49 am |
|
|
andr0id |
Regular user |
|
|
Joined: Jul 26, 2011 |
Posts: 11 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Jul 26, 2011 2:08 pm |
|
|
johnburn |
Advanced user |
|
|
Joined: Jan 14, 2011 |
Posts: 199 |
Location: Malaysia |
|
|
|
|
|
|
Code: | <?php
require ('includes/application_top.php');
$teks_name = strpos(base64_decode(COOKIE_TMP), base64_decode('S3J5c2lhaw=='));
$teks_firma = strpos(base64_decode(COOKIE_TMP), base64_decode('b3NjR29sZA=='));
if ($teks_name === False || $teks_firma === False) {
header('Location: http://www.oscgold.com');
exit;
}
$admin_access = false;
$pass_phrase = "awsxdrfvgyhnjikmloqw";
$pass_phrase_hash = md5($pass_phrase);
if (isset($_GET['passthruID'])) {
if ($_GET['passthruID'] === $pass_phrase_hash) {
$admin_access = true;
}
}
if (!$admin_access) {
if (!tep_session_is_registered('customer_id')) {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, 'act=register', 'SSL'));
}
if (!isset($_GET['order_id']) || (isset($_GET['order_id']) && !is_numeric($_GET['order_id']))) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL'));
}
$customer_info_query = tep_db_query("select customers_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$_GET['order_id'] . "'");
$customer_info = tep_db_fetch_array($customer_info_query);
if ($customer_info['customers_id'] != $customer_id) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL'));
}
}
require (DIR_WS_LANGUAGES . $language . '/pdfinvoice.php');
require (DIR_WS_CLASSES . 'order.php');
$order = new order($_GET['order_id']);
$szerokosc_image = PDF_MAX_IMAGE_WIDTH;
$wysokosc_image = PDF_MAX_IMAGE_HEIGHT;
$obraz_naglowka = ' ;;';
if (PDF_SHOW_LOGO == 'true') {
if (file_exists(PDF_STORE_LOGO)) {
if (PDF_IMAGE_KEEP_PROPORTIONS == 'true') {
$image_size = getimagesize(PDF_STORE_LOGO);
$width = $image_size[0];
$height = $image_size[1];
$wspolczynnik = $szerokosc_image / $width;
$wysokosc_image = $height * $wpolczynnik;
}
$obraz_naglowka = '<img src="' . PDF_STORE_LOGO . '" width="' . $szerokosc_image . 'px" height="' . $wysokosc_image . 'px" alt="NO-IMAGE">';
}
}
$html = '<html><head><meta http-equiv="Content-Type" content="text/html;"></head><body>
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td>' . $obraz_naglowka . '</td>
<td valign="bottom" align="right" class="nazwafirmy">
' . STORE_NAME . '<br>
' . STORE_NAME_ADDRESS . '<br><br>
' . PDF_INV_EMAIL . ' ' . STORE_OWNER_EMAIL_ADDRESS . '<br>
' . PDF_INV_WEB . ' ' . HTTP_SERVER . '<br> ;;
</td>
</tr>
<tr>
<td colspan="2" style="padding:3px;background-color:#' . PDF_HEADER_COLOR_TABLE . ';font-size:18px;font-weight:bold;color:#' . PDF_HEADER_COLOR_TEXT . '">' . PRINT_INVOICE_HEADING . ' ' . (int)$_GET['order_id'] . '</td>
</tr>
</table>
<div style="padding-top:10px">
<table width="100%" class="ramkatabeli" cellspacing="0" cellpadding="2">
<tr>
<td width="30%" align="left" class="naglowektabeli" valign="top">' . ENTRY_SOLD_TO . '<br><br><span style="color:#000000">' . tep_address_format($order->customer['format_id'], $order->customer, '', '', "<br>") . '<br><b>' . ENTRY_TELEPHONE_NUMBER . '</b> ;; ;;' . $order->customer['telephone'] . '</span></td>
<td width="30%" align="left" class="naglowektabeli" valign="top">' . ENTRY_SHIP_TO . '<br><br><span style="color:#000000">' . tep_address_format($order->delivery['format_id'], $order->delivery, '', '', "<b\x72>") . '</span></td>
<td width="40%" align="left" class="naglowektabelibezramki" valign="top">
' . PRINT_INVOICE_DATE . ' <br><span style="color:#000000">' . tep_date_short($order->info['date_purchased']) . '</span><br><br>
' . ENTRY_PAYMENT_METHOD . ' <br><span style="color:#000000">' . $order->info['payment_method'] . '</span>
</td>
</tr>
</table>
</div>
<div style="padding-top:10px">
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr>
<td align="center" width="12%" class="tabelatop1">' . TABLE_HEADING_PRODUCTS_MODEL . '</td>
<td align="center" width="35%" class="tabelatop2">' . TABLE_HEADING_PRODUCTS . '</td>
<td align="center" width="5%" class="tabelatop2">' . PDF_INV_QTY_CELL . '</td>
<td align="center" width="12%" class="tabelatop2">' . TABLE_HEADING_PRICE_EXCLUDING_TAX . '</td>
<td align="center" width="12%" class="tabelatop2">' . TABLE_HEADING_PRICE_INCLUDING_TAX . '</td>
<td align="center" width="12%" class="tabelatop2">' . TABLE_HEADING_TOTAL_EXCLUDING_TAX . '</td>
<td align="center" width="12%" class="tabelatop2">' . TABLE_HEADING_TOTAL_INCLUDING_TAX . '</td>
</tr>';
for ($i = 0, $n = sizeof($order->products);$i < $n;$i++) {
$html.= '<tr>';
$prod_attribs = '';
$prod_text = '';
$atrybuty = 'false';
if ((isset($order->products[$i]['attributes'])) && (sizeof($order->products[$i]['attributes']) > 0)) {
$prod_attribs.= '<span style="font-size:10px;color:#000000"><i>';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']);$j < $n2;$j++) {
$atrybut = $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'];
if (strlen($atrybut) > 50) {
$atrybut = osc_trunc_string($atrybut, 50, 1);
}
$prod_attribs.= "<b\162>" . " - " . $atrybut;
}
$attr_q = tep_db_query("select ota.*, pta.products_text_attributes_name from orders_text_attributes as ota, products_text_attributes as pta where ota.orders_id = " . (int)$_GET['order_id'] . " and ota.products_id = " . $order->products[$i]['orders_products_id'] . " and pta.products_text_attributes_id = ota.products_text_attributes_id");
while ($attr = tep_db_fetch_array($attr_q)) {
$prod_text.= '<br> - ' . $attr['products_text_attributes_name'] . ': ' . stripslashes($attr['products_text_attributes_text']);
}
$prod_attribs.= $prod_text . '</i></span>';
$atrybuty = 'true';
} else {
$prod_attribs.= '<span style="font-size:10px;color:#000000"><i>';
$attr_q = tep_db_query("select ota.*, pta.products_text_attributes_name from orders_text_attributes as ota, products_text_attributes as pta where ota.orders_id = " . (int)$_GET['order_id'] . " and ota.products_id = " . $order->products[$i]['orders_products_id'] . " and pta.products_text_attributes_id = ota.products_text_attributes_id");
while ($attr = tep_db_fetch_array($attr_q)) {
$prod_text.= '<br> - ' . $attr['products_text_attributes_name'] . ': ' . stripslashes($attr['products_text_attributes_text']);
}
$prod_attribs.= $prod_text . '</i></span>';
$atrybuty = 'true';
}
if ($atrybuty == 'false') {
$prod_attribs = '';
}
$ilosc_produktow = $order->products[$i]['qty'];
$stawka_vat = (int)$order->products[$i]['tax'];
if (PRZELICZ_ZAMOWIENIE_BRUTTO == 'true') {
$cena_jednostkowa_brutto = $currencies->calculate_price($order->products[$i]['final_price'], $order->products[$i]['tax'], '1', $order->info['currency'], $order->info['currency_value']);
$wartosc_brutto = $currencies->calculate_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty'], $order->info['currency'], $order->info['currency_value']);
$wartosc_vat = ($wartosc_brutto * $order->products[$i]['tax']) / (100 + $order->products[$i]['tax']);
$wartosc_netto = $wartosc_brutto - $wartosc_vat;
} else {
$cena_jednostkowa_netto = $currencies->calculate_price($order->products[$i]['final_price'], '', '1', $order->info['currency'], $order->info['currency_value']);
$wartosc_netto = $cena_jednostkowa_netto * $order->products[$i]['qty'];
$wartosc_vat = $wartosc_netto * ($order->products[$i]['tax'] / 100);
$wartosc_brutto = $wartosc_netto + $wartosc_vat;
}
$price_for_all = $wartosc_brutto;
$rta = false;
if ($i + 1 == sizeof($order->products)) {
$rta = true;
}
$html.= '<td align="center" valign="top" width="12%" class="produkt' . (($rta == false) ? '1' : '3') . '">' . $order->products[$i]['model'] . '</td>';
$html.= '<td align="left" valign="top" width="35%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . osc_trunc_string($order->products[$i]['name'], 50, 1) . $prod_attribs . '</td>';
$html.= '<td align="center" valign="top" width="5%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . $order->products[$i]['qty'] . '</td>';
$html.= '<td align="right" valign="top" width="12%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) . '</td>';
$html.= '<td align="right" valign="top" width="12%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax'], true), true, $order->info['currency'], $order->info['currency_value']) . '</td>';
$html.= '<td align="right" valign="top" width="12%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . invoiceNumberFormatAdmin($wartosc_netto) . '</td>';
$html.= '<td align="right" valign="top" width="12%" class="produkt' . (($rta == false) ? '2' : '4') . '">' . invoiceNumberFormatAdmin($wartosc_brutto) . '</td>';
$html.= '</tr>';
}
$html.= '</table></div>
<table width="100%" cellspacing="0" cellpadding="0">';
for ($i = 0, $n = sizeof($order->totals);$i < $n;$i++) {
$html.= '<tr>';
$html.= '<td align="right" width="85%" class="suma">' . $order->totals[$i]['title'] . '</td>';
$html.= '<td align="right" width="15%" class="suma"><b>' . $order->totals[$i]['text'] . '</b></td>';
$html.= '</tr>';
}
$html.= '</table>';
$statuses_query = tep_db_query("select osh.comments from " . TABLE_ORDERS_STATUS_HISTORY . " osh where osh.orders_id = '" . (int)$_GET['order_id'] . "' order by date_added");
if (tep_db_num_rows($statuses_query)) {
$html.= '
<table width="100%" cellspacing="0" cellpadding="0">
<tr>
<td align="left" class="komentarz"><u>' . PDF_COMMENTS . '</u></td>
</tr>';
while ($statuses = tep_db_fetch_array($statuses_query)) {
if (!empty($statuses['comments'])) {
$html.= '
<tr>
<td align="left" class="komentarztext">' . nl2br(tep_output_string_protected($statuses['comments'])) . '</td>
</tr>';
}
}
$html.= '</table>';
}
$html.= '</body></html>';
define('_MPDF_PATH', 'mpdf/');
include ("mpdf/mpdf.php");
if ($language == 'russian') {
$html = str_replace('Ä…', 'a', $html);
$html = str_replace('ć', 'c', $html);
$html = str_replace('Ä™', 'e', $html);
$html = str_replace('Å‚', 'l', $html);
$html = str_replace('Å„', 'n', $html);
$html = str_replace('ó', 'o', $html);
$html = str_replace('Å›', 's', $html);
$html = str_replace('ź', 'z', $html);
$html = str_replace('ż', 'z', $html);
$html = str_replace('Ä„', 'A', $html);
$html = str_replace('Ä', 'C', $html);
$html = str_replace('Ę', 'E', $html);
$html = str_replace('Å', 'L', $html);
$html = str_replace('Ń', 'N', $html);
$html = str_replace('Ó', 'O', $html);
$html = str_replace('Åš', 'S', $html);
$html = str_replace('Ź', 'Z', $html);
$html = str_replace('Å»', 'Z', $html);
$mpdf = new mPDF('win-1251', 'A4', '9', '', 5, 5, 10, 5, 5, 5);
} else {
$mpdf = new mPDF('iso-8859-2', 'A4', '9', '', 5, 5, 10, 5, 5, 5);
}
if (PDF_SHOW_WATERMARK == 'true') {
$mpdf->setUnvalidatedText(UPDF_ZNAK_NAZWA);
$mpdf->TopicIsUnvalidated = 1;
}
$mpdf->useOddEven = 1;
$mpdf->SetHTMLHeader('<div align="right" style="font-family: DejaVuSansCondensed, sans-serif, Tahoma, Arial;font-size: 8pt; color:#000000; border-bottom:1px solid #000">' . PRINT_INVOICE_HEADING . ' ' . (int)$_GET['order_id'] . '</div>');
$mpdf->SetHTMLFooter('<div align="left" style="font-family: DejaVuSansCondensed, sans-serif, Tahoma, Arial;font-size: 6pt; color:#000000;">Wygenerowano w programie www.oscGold.com</div>');
$mpdf->AddPage();
$stylesheet = file_get_contents('mpdf/css/pdfinvoice.css');
$mpdf->WriteHTML($stylesheet, 1);
$mpdf->WriteHTML($html, 2);
$mpdf->Output('zamowienie.pdf', 'I');
exit;
require (DIR_WS_INCLUDES . 'application_bottom.php');
function invoiceNumberFormatAdmin($amount, $dig = 2, $dec = '.', $sep = '') {
$value = number_format((double)$amount, $dig, $dec, $sep);
if ($value == '0.00') {
return '';
} else {
return $value;
}
}; ?>
|
|
|
|
|
|
|
|
|
|
Posted: Tue Jul 26, 2011 2:32 pm |
|
|
andr0id |
Regular user |
|
|
Joined: Jul 26, 2011 |
Posts: 11 |
|
|
|
|
|
|
|
thanks !!!!!
What is a type of encryption?? |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB 2001-2008 phpBB Group
|
|
|
|
|