JEMBOT MAWOT Bypass Shell
<?php
/**
* Sell Tickets module for Prestashop by Avellana Digital
*
* @author Avellana Digital SL
* @copyright Copyright (c) 2019 Avellana Digital - www.avellanadigital.com
* @license Commercial license
* @version 4.0.0
*/
if (!defined('_PS_VERSION_')) { exit; }
require_once _PS_MODULE_DIR_.'selltickets/selltickets.php';
class SellTicketsExportModuleFrontController extends ModuleFrontController
{
public function initContent()
{
$cookie = new Cookie('psAdmin');
if ($cookie->id_employee) {
$selltickets = new SellTickets();
$id_lang = ($cookie->id_lang ? $cookie->id_lang : Configuration::get('PS_LANG_DEFAULT'));
$id_ticket = (int)Tools::getValue('export_tickets');
$attribute_export = 0;
if(Tools::isSubmit('attribute_export')) {
$attribute_export = (int)Tools::getValue('attribute_export');
}
if ((int)$id_ticket) {
$fields = $selltickets->getFieldsCsv();
$csv = '"'.implode('";"', $fields)."\"\r\n";
$tickets_orders = $selltickets->getTicketOrdersByIdTicket($id_ticket, $id_lang);
if ($tickets_orders) {
foreach ($tickets_orders as $ticketorder) {
if($attribute_export != 0 && $attribute_export != (int)$ticketorder['id_product_attribute']) {
continue;
}
$order = new Order((int)$ticketorder['id_order']);
$customer = new Customer((int)$order->id_customer);
$product_detail = $order->getProductsDetail();
$product = new Product((int)$ticketorder['id_product']);
$ticket_lang = $selltickets->getTicketLangInfo((int)$ticketorder['id_ticket'], (int)$id_lang);
$ticket_name = ($ticket_lang['name'] ? $ticket_lang['name'] : $product->name[(int)$id_lang]);
$order_state = new OrderState((int)$order->current_state);
/* Veure si la comanda on està comprada l'entrada és correcte*/
if ($selltickets->getOrderStatesOk($order_state->id)) {
$status_ticket = true;
} else {
$status_ticket = false;
}
foreach ($product_detail as $prod_det) {
if ($prod_det['product_id'] == $ticketorder['id_product']
&& $prod_det['product_attribute_id'] == $ticketorder['id_product_attribute']) {
$qty = $prod_det['product_quantity'];
$ticket_attributes = '';
if ((int)$prod_det['product_attribute_id'] != 0) {
$ticket_attributes = $selltickets->getAttributesFromProduct(
$prod_det['product_attribute_id'],
$id_lang
);
$ticket_attributes = implode(', ', $ticket_attributes);
}
$product_name = $ticket_name.($ticket_attributes != '' ? ' - '.$ticket_attributes : '');
}
}
$customer_info = $selltickets->getTicketInfoCustomer(
(int)$order->id_cart,
0,
(int)$ticketorder['id_product'],
(int)$ticketorder['id_product_attribute'],
true
);
$custm_inf = array();
$n = 1;
$assoc_seats = array();
$seatcart = array();
$optseats = false;
$seats = array();
$assoc_seats_aux = $selltickets->getAssocSeatsByTicket($ticketorder['id_ticket']);
if ($assoc_seats_aux) {
foreach ($assoc_seats_aux as $assoc) {
$assoc_seats[] = (int)$assoc['id_ticket_seats'];
}
} else {
$assoc_seats = array();
}
if (count($assoc_seats) > 0) {
foreach ($assoc_seats as $id_ticket_seats) {
$seatcart[$id_ticket_seats] = explode(',', $selltickets->getSeatsByOrderAndAssocSeat(
(int)$id_ticket_seats,
$order->id
));
}
$seats = $seatcart;
$seat_attr = $selltickets->getSeatsByProductAttribute(
(int)$id_ticket_seats,
(int)$ticketorder['id_product_attribute']
);
if ($seat_attr) {
$optseats = true;
} else {
$optseats = false;
}
} else {
$seats = array();
$optseats = false;
}
foreach ($customer_info as $cust) {
$ref_ticket = '';
$custm_inf[$n]['name'] = $cust['customer_name'].' '.$cust['customer_firstname'];
$custm_inf[$n]['phone'] = $cust['customer_phone'];
$ref_ticket = $selltickets->getReferenceTicket(
$order->reference,
$order->id,
$ticketorder['id_product'],
$ticketorder['id_product_attribute'],
$n
);
$custm_inf[$n]['reference_ticket'] = $ref_ticket;
if ($optseats) {
foreach ($seats as $id_t_seat => $seat) {
$custm_inf[$n]['seat'][$id_t_seat] = $selltickets->getRealNumberSeat(
(int)$id_t_seat,
$seat[($n-1)]
);
/*$infoseatmap = $selltickets->getSeatMapIdByIdSeat($id_t_seat, false, 1);
$name_ticket_map = '';
if ($infoseatmap) {
//$ticket_info = $selltickets->getTicket(
(int)$infoseatmap['id_ticket'], false
);
$ticket_lang = $selltickets->getTicketLangInfo(
(int)$infoseatmap['id_ticket'], (int)$id_lang
);
$product_id_ticket = $selltickets->getIdProductByTicket(
(int)$infoseatmap['id_ticket']
);
if (isset($ticket_lang['name']) && $ticket_lang['name'] != '') {
$name_ticket_map = $ticket_lang['name'];
} else {
$product_ticket = new Product((int)$product_id_ticket['id_product']);
$name_ticket_map = $product_ticket->name[(int)$id_lang];
}
}
$custm_inf[$n]['nameseatmap'][$id_t_seat] = $name_ticket_map;*/
$custm_inf[$n]['seatwithname'][$id_t_seat] = $custm_inf[$n]['seat'][$id_t_seat];
}
} else {
$custm_inf[$n]['seat'] = false;
$custm_inf[$n]['seatwithname'] = false;
}
$n++;
}
if ($status_ticket) {
for ($x = 1; $x <= (int)$qty; $x++) {
$values = array(
$custm_inf[$x]['reference_ticket'],
$product_name,
(!$custm_inf[$x]['seatwithname'] ?
'' : implode("\n", $custm_inf[$x]['seatwithname'])
),
$order->id,
$x.' / '.$qty,
$custm_inf[$x]['name'],
$custm_inf[$x]['phone'],
mb_convert_encoding($customer->firstname, 'ISO-8859-1', 'UTF-8').' '.mb_convert_encoding($customer->lastname, 'ISO-8859-1', 'UTF-8')
.' (ID: '.$customer->id.')',
$customer->email
);
$csv .= '"'.implode('";"', $values)."\"\r\n";
}
}
}
header('Content-Type: text/csv');
header('Content-Length: '.Tools::strlen($csv, '8bit'));
header('Content-Disposition: inline; filename="selltickets_'.Tools::str2url($ticket_name)
.'-'.$id_ticket.'.csv"');
header('Cache-Control: private, max-age=0, must-revalidate');
header('Pragma: public');
ini_set('zlib.output_compression', '0');
echo $csv;
die;
}
}
} else {
Tools::redirect('../index.php');
}
}
}
xxxxx1.0, XXX xxxx