PHP WebShell
Текущая директория: /var/www/bitcardoApp/backyard/models/giftcards
Просмотр файла: catalog.php
<?php
// backyard/models/giftcards/catalog.php
/**
* NOTE: All functions expect $conn (mysqli) to be defined by the caller.
* Schema:
* card_brands(cbrand_id, card_brand, brand_icon, status)
* gift_cards(gc_id, cbrand_id, demon, card_curr, buy_price, sell_price, status, updated_at)
*/
// --------- Small helpers ----------
function gc_h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
function gc_int($v){ return (int)$v; }
function gc_bool01($v){ return $v ? 1 : 0; }
function gc_sqlstr(mysqli $conn, $s){ return "'".mysqli_real_escape_string($conn, (string)$s)."'"; }
// --------- Brands ----------
function gc_brands_all(mysqli $conn): array {
$rows = [];
$sql = "SELECT cbrand_id, card_brand, brand_icon, status FROM card_brands ORDER BY status DESC, card_brand ASC";
if ($res = mysqli_query($conn,$sql)) {
while ($r = mysqli_fetch_assoc($res)) { $rows[] = $r; }
mysqli_free_result($res);
}
return $rows;
}
function gc_brand_by_id(mysqli $conn, int $id): ?array {
$sql = "SELECT cbrand_id, card_brand, brand_icon, status FROM card_brands WHERE cbrand_id = {$id} LIMIT 1";
if ($res = mysqli_query($conn,$sql)) {
$row = mysqli_fetch_assoc($res);
mysqli_free_result($res);
return $row ?: null;
}
return null;
}
function gc_brand_create(mysqli $conn, string $name, ?string $icon): int {
$name = trim($name);
$icon = $icon !== null ? trim($icon) : null;
$q = sprintf(
"INSERT INTO card_brands (card_brand, brand_icon, status) VALUES (%s, %s, 1)",
gc_sqlstr($conn,$name),
$icon === null ? "NULL" : gc_sqlstr($conn,$icon)
);
if (!mysqli_query($conn,$q)) return 0;
return (int)mysqli_insert_id($conn);
}
function gc_brand_update(mysqli $conn, int $id, string $name, ?string $icon): bool {
$name = trim($name);
$icon = $icon !== null ? trim($icon) : null;
$q = sprintf(
"UPDATE card_brands SET card_brand=%s, brand_icon=%s WHERE cbrand_id=%d LIMIT 1",
gc_sqlstr($conn,$name),
$icon === null ? "NULL" : gc_sqlstr($conn,$icon),
$id
);
return (bool)mysqli_query($conn,$q);
}
function gc_brand_toggle(mysqli $conn, int $id, int $status): bool {
$status = $status ? 1 : 0;
$q = "UPDATE card_brands SET status={$status} WHERE cbrand_id={$id} LIMIT 1";
return (bool)mysqli_query($conn,$q);
}
// --------- Gift card denoms ----------
function gc_cards_by_brand(mysqli $conn, ?int $brand_id, int $page=1, int $per_page=25): array {
$page = max(1,$page);
$per = max(1,min(200,$per_page));
$offset = ($page-1)*$per;
$where = "WHERE 1=1";
if ($brand_id) $where .= " AND gc.cbrand_id = ".(int)$brand_id;
$total = 0;
$csql = "SELECT COUNT(*) AS c FROM gift_cards gc {$where}";
if ($cres = mysqli_query($conn,$csql)) {
$r = mysqli_fetch_assoc($cres);
$total = (int)($r['c'] ?? 0);
mysqli_free_result($cres);
}
$rows = [];
$sql = "SELECT gc.gc_id, gc.cbrand_id, gc.demon, gc.card_curr, gc.buy_price, gc.sell_price, gc.status, gc.updated_at,
cb.card_brand
FROM gift_cards gc
LEFT JOIN card_brands cb ON cb.cbrand_id = gc.cbrand_id
{$where}
ORDER BY gc.status DESC, cb.card_brand ASC, gc.demon ASC
LIMIT {$per} OFFSET {$offset}";
if ($res = mysqli_query($conn,$sql)) {
while ($row = mysqli_fetch_assoc($res)) $rows[] = $row;
mysqli_free_result($res);
}
return [
'rows' => $rows,
'total' => $total,
'page' => $page,
'pages' => (int)ceil($total / $per),
'per' => $per
];
}
function gc_card_by_id(mysqli $conn, int $id): ?array {
$sql = "SELECT * FROM gift_cards WHERE gc_id={$id} LIMIT 1";
if ($res = mysqli_query($conn,$sql)) {
$row = mysqli_fetch_assoc($res);
mysqli_free_result($res);
return $row ?: null;
}
return null;
}
function gc_card_create(mysqli $conn, int $brand_id, string $demon, string $card_curr, ?float $buy_price, ?float $sell_price, int $status=1): int {
// NOTE: Schema uses card_curr VARCHAR(1). We will truncate to 1 char to fit.
$demon = trim($demon);
$card_curr = substr(trim($card_curr), 0, 1);
$buy = $buy_price !== null ? number_format((float)$buy_price, 2, '.', '') : null;
$sell = $sell_price !== null ? number_format((float)$sell_price, 2, '.', '') : null;
$q = sprintf(
"INSERT INTO gift_cards (cbrand_id, demon, card_curr, buy_price, sell_price, status, updated_at)
VALUES (%d, %s, %s, %s, %s, %d, NOW())",
$brand_id,
gc_sqlstr($conn,$demon),
gc_sqlstr($conn,$card_curr),
$buy === null ? "NULL" : $buy,
$sell === null ? "NULL" : $sell,
$status ? 1 : 0
);
if (!mysqli_query($conn,$q)) return 0;
return (int)mysqli_insert_id($conn);
}
function gc_card_update(mysqli $conn, int $gc_id, int $brand_id, string $demon, string $card_curr, ?float $buy_price, ?float $sell_price, int $status): bool {
$demon = trim($demon);
$card_curr = substr(trim($card_curr), 0, 1);
$buy = $buy_price !== null ? number_format((float)$buy_price, 2, '.', '') : null;
$sell = $sell_price !== null ? number_format((float)$sell_price, 2, '.', '') : null;
$q = sprintf(
"UPDATE gift_cards
SET cbrand_id=%d,
demon=%s,
card_curr=%s,
buy_price=%s,
sell_price=%s,
status=%d,
updated_at=NOW()
WHERE gc_id=%d LIMIT 1",
$brand_id,
gc_sqlstr($conn,$demon),
gc_sqlstr($conn,$card_curr),
$buy === null ? "NULL" : $buy,
$sell === null ? "NULL" : $sell,
$status ? 1 : 0,
$gc_id
);
return (bool)mysqli_query($conn,$q);
}
function gc_card_toggle(mysqli $conn, int $gc_id, int $status): bool {
$status = $status ? 1 : 0;
$q = "UPDATE gift_cards SET status={$status}, updated_at=NOW() WHERE gc_id={$gc_id} LIMIT 1";
return (bool)mysqli_query($conn,$q);
}
function gc_card_delete(mysqli $conn, int $gc_id): bool {
$q = "DELETE FROM gift_cards WHERE gc_id={$gc_id} LIMIT 1";
return (bool)mysqli_query($conn,$q);
}
Выполнить команду
Для локальной разработки. Не используйте в интернете!