'; echo '
Successfully logged out.
'; echo 'Please wait to be redirected.
'; } else { if (strlen($action) > 0) { $mysql = new Mysql(); $mysql->connect(); $mysql->setDatabase(Settings::mysql_database); $id = $mysql->escape(urldecode($id)); if ($action == 'markpaid') { $mysql->executeQuery("UPDATE ".Settings::mysql_table." SET Payment_sent=1 WHERE Invoice='$id'"); } if ($action == 'markunpaid') { $mysql->executeQuery("UPDATE ".Settings::mysql_table." SET Payment_sent=0 WHERE Invoice='$id'"); } if ($action == 'invalidate') { $mysql->executeQuery("UPDATE ".Settings::mysql_table." SET Active=0 WHERE Invoice='$id'"); } if ($action == 'validate') { $mysql->executeQuery("UPDATE ".Settings::mysql_table." SET Active=1 WHERE Invoice='$id'"); } $mysql->close(); } $page = "admin"; include 'assets/header.php'; echo '
'; if ($mode == 'all') { echo '

All transactions

'; $mysql = new Mysql(); $mysql->connect(); $mysql->setDatabase(Settings::mysql_database); $query = $mysql->executeQuery("SELECT transactions.* , currencies.currency AS currency FROM transactions LEFT JOIN currencies ON transactions.currency_id = currencies.id"); echo '
'; echo ''; echo ''; echo ''; for ($i = 0; $i < @mysql_num_rows($query); $i++) { echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; $payment_method = mysql_result($query, $i, 'Payment_method'); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } echo '
TimeInvoiceRequest AmountEmail addressInput addressUSDPayment MethodPayment ReceivedPayment sentActiveActions
'.mysql_result($query, $i, 'Time').''.mysql_result($query, $i, 'Invoice').''.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'amount').''.mysql_result($query, $i, 'Email_address').''.mysql_result($query, $i, 'Input_address').''.mysql_result($query, $i, 'Usd').''; echo "Bank Address: " . mysql_result($query, $i, 'banktransfer_bank_address') . '
'; echo "Swift Code: " . mysql_result($query, $i, 'banktransfer_swift_code') . '
'; echo "Routing Number: " . mysql_result($query, $i, 'banktransfer_account_routing_number') . '
'; echo "Account Name: " . mysql_result($query, $i, 'banktransfer_account_name') . '
'; echo "Account Number: " . mysql_result($query, $i, 'banktransfer_account_number') . '
'; break; case 'Moneypak': echo "Phone: " . mysql_result($query, $i, 'moneypak_phone') . '
'; echo "Address: " . mysql_result($query, $i, 'moneypak_address') . '
'; break; case 'Western Union': echo "Name: " . mysql_result($query, $i, 'westernunion_name') . '
'; echo "City: " . mysql_result($query, $i, 'westernunion_city') . '
'; echo "Country: " . Settings::$countries[mysql_result($query, $i, 'westernunion_country')] . '
'; break; default: } echo '">'.mysql_result($query, $i, 'Payment_method').'		'.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'Btc_received').''.mysql_result($query, $i, 'Payment_sent').''.mysql_result($query, $i, 'Active').'
'; echo ''; if (mysql_result($query, $i, 'Payment_sent') == 1) { echo ''; echo ''; echo '

'; } else { echo ''; echo ''; echo '

'; } echo '
'; echo '
'; echo ''; if (mysql_result($query, $i, 'Active') == 1) { echo ''; echo ''; echo ''; } else { echo ''; echo ''; echo ''; } echo '
'; echo '
'; $mysql->close(); } if ($mode == 'active') { echo '

Confirmed transactions awaiting payment

'; $mysql = new Mysql(); $mysql->connect(); $mysql->setDatabase(Settings::mysql_database); $query = $mysql->executeQuery("SELECT transactions.* , currencies.currency AS currency FROM transactions LEFT JOIN currencies ON transactions.currency_id = currencies.id WHERE transactions.Active=1 AND transactions.Payment_sent=0 AND transactions.amount <= transactions.Btc_received"); echo '
'; echo ''; echo ''; echo ''; for ($i = 0; $i < @mysql_num_rows($query); $i++) { echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; $payment_method = mysql_result($query, $i, 'Payment_method'); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } echo '
TimeInvoiceRequest AmountEmail addressInput addressUSDPayment MethodsPayment ReceivedPayment sentActiveActions
'.mysql_result($query, $i, 'Time').''.mysql_result($query, $i, 'Invoice').''.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'amount').''.mysql_result($query, $i, 'Email_address').''.mysql_result($query, $i, 'Input_address').''.mysql_result($query, $i, 'Usd').''; echo "Bank Address: " . mysql_result($query, $i, 'banktransfer_bank_address') . '
'; echo "Swift Code: " . mysql_result($query, $i, 'banktransfer_swift_code') . '
'; echo "Routing Number: " . mysql_result($query, $i, 'banktransfer_account_routing_number') . '
'; echo "Account Name: " . mysql_result($query, $i, 'banktransfer_account_name') . '
'; echo "Account Number: " . mysql_result($query, $i, 'banktransfer_account_number') . '
'; break; case 'Moneypak': echo "Phone: " . mysql_result($query, $i, 'moneypak_phone') . '
'; echo "Address: " . mysql_result($query, $i, 'moneypak_address') . '
'; break; case 'Western Union': echo "Name: " . mysql_result($query, $i, 'westernunion_name') . '
'; echo "City: " . mysql_result($query, $i, 'westernunion_city') . '
'; echo "Country: " . Settings::$countries[mysql_result($query, $i, 'westernunion_country')] . '
'; break; default: } echo '">'.mysql_result($query, $i, 'Payment_method').'		'.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'Btc_received').''.mysql_result($query, $i, 'Payment_sent').''.mysql_result($query, $i, 'Active').'
'; echo ''; if (mysql_result($query, $i, 'Payment_sent') == 1) { echo ''; echo ''; echo ''; } else { echo ''; echo ''; echo ''; } echo '
'; echo '
'; echo ''; if (mysql_result($query, $i, 'Active') == 1) { echo ''; echo ''; echo ''; } else { echo ''; echo ''; echo ''; } echo '
'; echo '
'; echo '


'; echo '

Pending transactions

'; $query = $mysql->executeQuery("SELECT transactions.* , currencies.currency AS currency FROM transactions LEFT JOIN currencies ON transactions.currency_id = currencies.id WHERE transactions.Active=1 AND transactions.Payment_sent=0 AND transactions.amount > transactions.Btc_received AND transactions.Time_long > ".(time() - (Settings::timeout_duration * 60))); echo '
'; echo ''; echo ''; echo ''; for ($i = 0; $i < @mysql_num_rows($query); $i++) { echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; $payment_method = mysql_result($query, $i, 'Payment_method'); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } echo '
TimeInvoiceRequest AmountEmail addressInput addressUSDPayment MethodPayment ReceivedPayment sentActiveActions
'.mysql_result($query, $i, 'Time').''.mysql_result($query, $i, 'Invoice').''.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'amount').''.mysql_result($query, $i, 'Email_address').''.mysql_result($query, $i, 'Input_address').''.mysql_result($query, $i, 'Usd').''; echo "Bank Address: " . mysql_result($query, $i, 'banktransfer_bank_address') . '
'; echo "Swift Code: " . mysql_result($query, $i, 'banktransfer_swift_code') . '
'; echo "Routing Number: " . mysql_result($query, $i, 'banktransfer_account_routing_number') . '
'; echo "Account Name: " . mysql_result($query, $i, 'banktransfer_account_name') . '
'; echo "Account Number: " . mysql_result($query, $i, 'banktransfer_account_number') . '
'; break; case 'Moneypak': echo "Phone: " . mysql_result($query, $i, 'moneypak_phone') . '
'; echo "Address: " . mysql_result($query, $i, 'moneypak_address') . '
'; break; case 'Western Union': echo "Name: " . mysql_result($query, $i, 'westernunion_name') . '
'; echo "City: " . mysql_result($query, $i, 'westernunion_city') . '
'; echo "Country: " . Settings::$countries[mysql_result($query, $i, 'westernunion_country')] . '
'; break; default: } echo '">'.mysql_result($query, $i, 'Payment_method').'		'.mysql_result($query, $i, 'currency').' '.mysql_result($query, $i, 'Btc_received').''.mysql_result($query, $i, 'Payment_sent').''.mysql_result($query, $i, 'Active').'
'; echo ''; if (mysql_result($query, $i, 'Payment_sent') == 1) { echo ''; echo ''; echo '

'; } else { echo ''; echo ''; echo '

'; } echo '
'; echo '
'; echo ''; if (mysql_result($query, $i, 'Active') == 1) { echo ''; echo ''; echo ''; } else { echo ''; echo ''; echo ''; } echo '
'; echo '
'; $mysql->close(); } if ($mode == 'currencies') { $mysql = new Mysql(); $mysql->connect(); $mysql->setDatabase(Settings::mysql_database); if(isset($_GET['action']) && !empty($_GET['action'])){ switch($_GET['action']){ case 'add': $errors = array(); if($_POST){ if(empty($_POST['currency']) || trim($_POST['currency'])==''){ $errors['currency'] = 'Required field: currency.'; }else{ $str = "SELECT * FROM currencies WHERE currency = '" . $mysql->escape($_POST['currency']) . "'"; $query = $mysql->executeQuery($str); if (@mysql_num_rows($query) != 0) { $errors['currency'] = 'Currency already exists.'; } } if(empty($_POST['name']) || trim($_POST['name'])==''){ $errors['name'] = 'Required field: currency name.'; } if(empty($_POST['price']) || trim($_POST['price'])==''){ $errors['price'] = 'Required field: price.'; }else if(!is_numeric($_POST['price'])){ $errors['price'] = 'Invalid price.'; } if(count($errors)<=0){ $args = array ( "created_datetime" => date('Y-m-d H:i:s', time() + (Settings::timezone_shift * 60 * 60)), "currency" => $mysql->escape(trim($_POST['currency'])), "name" => $mysql->escape(trim($_POST['name'])), "price" => $mysql->escape(trim($_POST['price'])), ); $mysql->insert($args, 'currencies'); header('Location: admin.php?mode=currencies'); exit(); } } require('currencies/add.php'); break; case 'update': if(isset($_GET['id']) && !empty($_GET['id'])){ $str = "SELECT * FROM currencies WHERE id = '" . $mysql->escape($_GET['id']) . "'"; $query = $mysql->executeQuery($str); if (@mysql_num_rows($query) > 0) { $errors = array(); $id = $_GET['id']; $currency = mysql_result($query, 0, 'currency'); if($_POST){ $name = $_POST['name']; $price = $_POST['price']; if(empty($_POST['name']) || trim($_POST['name'])==''){ $errors['name'] = 'Required field: currency name.'; } if(empty($_POST['price']) || trim($_POST['price'])==''){ $errors['price'] = 'Required field: price.'; }else if(!is_numeric($_POST['price'])){ $errors['price'] = 'Invalid price.'; } if(count($errors)<=0){ $mysql->executeQuery("UPDATE currencies SET name='" . $mysql->escape(trim($_POST['name'])) . "' , price = '" . $mysql->escape(trim($_POST['price'])) . "' , modified_datetime = '" . date('Y-m-d H:i:s', time() + (Settings::timezone_shift * 60 * 60)) . "' WHERE id='" . $mysql->escape(trim($_GET['id'])) . "'"); header('Location: admin.php?mode=currencies'); exit(); } }else{ $name = mysql_result($query, 0, 'name'); $price = mysql_result($query, 0, 'price'); } require('currencies/update.php'); }else{ header('Location: admin.php?mode=currencies'); exit(); } }else{ header('Location: admin.php?mode=currencies'); exit(); } break; case 'remove': if(isset($_GET['id']) && !empty($_GET['id'])){ $str = "DELETE FROM currencies WHERE id = '" . $mysql->escape($_GET['id']) . "'"; $query = $mysql->executeQuery($str); } header('Location: admin.php?mode=currencies'); exit(); break; } }else{ $str = "SELECT * FROM currencies ORDER BY currency, name"; $query = $mysql->executeQuery($str); require('currencies/list.php'); } } if ($mode == 'walletaddresses') { $mysql = new Mysql(); $mysql->connect(); $mysql->setDatabase(Settings::mysql_database); if(isset($_GET['action']) && !empty($_GET['action'])){ switch($_GET['action']){ case 'add': if($_POST){ if(empty($_POST['currency_id']) || trim($_POST['currency_id'])==''){ $errors['currency_id'] = 'Required field: currency.'; }else{ $str = "SELECT * FROM currencies WHERE id = '" . $mysql->escape($_POST['currency_id']) . "'"; $query = $mysql->executeQuery($str); if (@mysql_num_rows($query) <= 0) { $errors['currency_id'] = 'Currency does not exists.'; } } if(count($errors)<=0){ if(!empty($_POST['addresses'])){ $addresses = explode("\n", $_POST['addresses']); // print_r($_addresses); if(count($addresses) > 0){ foreach($addresses as $address){ // echo $address . "
"; $address = trim($address); $str = "SELECT * FROM wallet_addresses WHERE address = '" . $mysql->escape($address) . "' AND currency_id = '" . $mysql->escape($_POST['currency_id']) . "'"; $query = $mysql->executeQuery($str); if (@mysql_num_rows($query) == 0) { $args = array ( "created_datetime" => date('Y-m-d H:i:s', time() + (Settings::timezone_shift * 60 * 60)), "currency_id" => $mysql->escape($_POST['currency_id']), "address" => $mysql->escape($address), ); $mysql->insert($args, 'wallet_addresses'); } } } } header('Location: admin.php?mode=walletaddresses'); exit(); } } $str = "SELECT * FROM currencies ORDER BY currency, name"; $queryCurrencies = $mysql->executeQuery($str); require('walletaddresses/add.php'); break; case 'remove': if(isset($_GET['id']) && !empty($_GET['id'])){ $str = "DELETE FROM wallet_addresses WHERE id = '" . $mysql->escape($_GET['id']) . "'"; $query = $mysql->executeQuery($str); } header('Location: admin.php?mode=btcaddresses'); exit(); break; default: echo "Invalid Action."; } }else{ // Just display the list of BTC address $str = "SELECT wallet_addresses.id AS id , currencies.currency AS currency , wallet_addresses.address AS address FROM wallet_addresses LEFT JOIN currencies ON wallet_addresses.currency_id = currencies.id WHERE used!='Y' ORDER BY currencies.currency, wallet_addresses.address"; $query = $mysql->executeQuery($str); require('walletaddresses/list.php'); } } echo '
'; echo '
'; echo ''; echo '
'; echo '
'; } } else { $user = isset($_POST['user']) ? $_POST['user'] : ''; $pass = isset($_POST['pass']) ? $_POST['pass'] : ''; if (strcmp(sha1($user.$pass.Settings::admin_salt), Settings::admin_pass) == 0) { setcookie(Settings::cookie_name, sha1($user.$pass.Settings::admin_salt)); $page = "admin login process"; include 'assets/header.php'; echo ''; echo '
Please wait, redirecting in 5 seconds.
'; echo '
'; echo '
'; } else { if (strlen($user) > 0 || strlen($pass) > 0) { echo '

Incorrect username or password.

'; } ?>
Login