PHP WebShell
Текущая директория: /var/www/bitcardoApp/backyard/models/giftcards
Просмотр файла: index.php
<?php
// backyard/models/giftcards/index.php
/**
* Fetch active brands for <select>.
*/
function gc_get_brands(mysqli $conn): array {
$out = [];
$sql = "SELECT cbrand_id, card_brand FROM card_brands WHERE status = 1 ORDER BY card_brand ASC";
if ($res = mysqli_query($conn, $sql)) {
while ($row = mysqli_fetch_assoc($res)) {
$out[] = $row;
}
mysqli_free_result($res);
}
return $out;
}
/**
* Search gift card trades with filters & pagination.
* Returns: ['rows'=>[], 'total'=>int, 'page'=>int, 'per_page'=>int, 'pages'=>int]
*
* Filters (all optional):
* - from (Y-m-d), to (Y-m-d)
* - status
* - brand_id
* - batch_ref
* - card_ref
* - trade_ref
* - currency
* - min_value, max_value (card_value)
* - min_payout, max_payout (est_payout_ngn)
* - user_q (first/last/email/phone LIKE)
* - page, per_page
*/
function gc_search(mysqli $conn, array $q): array {
$page = max(1, (int)($q['page'] ?? 1));
$per_page = min(100, max(10, (int)($q['per_page'] ?? 25)));
$offset = ($page - 1) * $per_page;
$where = [];
// Date range on trade_created
if (!empty($q['from'])) {
$from = mysqli_real_escape_string($conn, $q['from']);
$where[] = "DATE(ct.trade_created) >= '{$from}'";
}
if (!empty($q['to'])) {
$to = mysqli_real_escape_string($conn, $q['to']);
$where[] = "DATE(ct.trade_created) <= '{$to}'";
}
if (!empty($q['status'])) {
$status = mysqli_real_escape_string($conn, $q['status']);
$where[] = "ct.trade_status = '{$status}'";
}
if (!empty($q['brand_id'])) {
$brand_id = (int)$q['brand_id'];
$where[] = "ct.cbrand_id = {$brand_id}";
}
if (!empty($q['batch_ref'])) {
$batch = mysqli_real_escape_string($conn, $q['batch_ref']);
$where[] = "ct.batch_ref = '{$batch}'";
}
if (!empty($q['card_ref'])) {
$cref = mysqli_real_escape_string($conn, $q['card_ref']);
$where[] = "ct.card_ref = '{$cref}'";
}
if (!empty($q['trade_ref'])) {
$tref = mysqli_real_escape_string($conn, $q['trade_ref']);
$where[] = "ct.trade_ref = '{$tref}'";
}
if (!empty($q['currency'])) {
$cur = mysqli_real_escape_string($conn, $q['currency']);
$where[] = "ct.card_curr = '{$cur}'";
}
if (isset($q['min_value']) && $q['min_value'] !== '') {
$minv = (float)$q['min_value'];
$where[] = "ct.card_value >= {$minv}";
}
if (isset($q['max_value']) && $q['max_value'] !== '') {
$maxv = (float)$q['max_value'];
$where[] = "ct.card_value <= {$maxv}";
}
if (isset($q['min_payout']) && $q['min_payout'] !== '') {
$minp = (float)$q['min_payout'];
$where[] = "ct.est_payout_ngn >= {$minp}";
}
if (isset($q['max_payout']) && $q['max_payout'] !== '') {
$maxp = (float)$q['max_payout'];
$where[] = "ct.est_payout_ngn <= {$maxp}";
}
if (!empty($q['user_q'])) {
$uq = mysqli_real_escape_string($conn, $q['user_q']);
$where[] = "(u.first_name LIKE '%{$uq}%'
OR u.last_name LIKE '%{$uq}%'
OR u.email LIKE '%{$uq}%'
OR u.phone LIKE '%{$uq}%')";
}
$wsql = $where ? ('WHERE ' . implode(' AND ', $where)) : '';
// Count
$count_sql = "
SELECT COUNT(*) AS c
FROM card_trade ct
LEFT JOIN users u ON u.user_id = ct.user_id
LEFT JOIN card_brands cb ON cb.cbrand_id = ct.cbrand_id
LEFT JOIN gift_cards gc ON gc.gc_id = ct.gc_id
{$wsql}
";
$total = 0;
if ($cres = mysqli_query($conn, $count_sql)) {
$row = mysqli_fetch_assoc($cres);
$total = (int)($row['c'] ?? 0);
mysqli_free_result($cres);
}
// Rows
$sql = "
SELECT
ct.trade_id, ct.trade_ref, ct.card_ref, ct.batch_ref, ct.user_id,
ct.card_value, ct.card_curr, ct.est_payout_ngn, ct.trade_status,
ct.trade_created,
cb.card_brand, gc.demon,
u.first_name, u.last_name, u.email, u.phone
FROM card_trade ct
LEFT JOIN users u ON u.user_id = ct.user_id
LEFT JOIN card_brands cb ON cb.cbrand_id = ct.cbrand_id
LEFT JOIN gift_cards gc ON gc.gc_id = ct.gc_id
{$wsql}
ORDER BY ct.trade_created DESC, ct.trade_id DESC
LIMIT {$per_page} OFFSET {$offset}
";
$rows = [];
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $rows[] = $r; }
mysqli_free_result($res);
}
return [
'rows' => $rows,
'total' => $total,
'page' => $page,
'per_page' => $per_page,
'pages' => ($per_page ? (int)ceil($total / $per_page) : 1),
];
}
Выполнить команду
Для локальной разработки. Не используйте в интернете!