JEMBOT MAWOT Bypass Shell
<?php
/**
* Sell Tickets module for Prestashop by Avellana Digital
*
* @author Avellana Digital SL
* @copyright Copyright (c) 2019 Avellana Digital - www.avellanadigital.com
* @license Commercial license
* @version 4.0.0
*/
if (!defined('_PS_VERSION_')) { exit; }
include_once(dirname(__FILE__).'../../../selltickets.php');
class SellTicketsTicketsModuleFrontController extends ModuleFrontController
{
public $ssl = true;
public function init()
{
if (!$this->context->customer->isLogged()) {
Tools::redirect('index.php?controller=authentication');
}
parent::init();
}
public function getBreadcrumbLinks()
{
// Function only for PS 1.7.x
$breadcrumb = parent::getBreadcrumbLinks();
$breadcrumb['links'][] = $this->addMyAccountToBreadcrumb();
$breadcrumb['links'][] = array('title' => $this->module->l('My tickets'),'url' => '');
return $breadcrumb;
}
public function initContent()
{
parent::initContent();
$customer = $this->context->customer;
$orders = Order::getCustomerOrders($customer->id);
$tickets = array();
$selltickets = new SellTickets();
// Rebuda d'informaciĆ³ per descarregar l'entrada
if (Tools::getValue('ticket')) {
$get_ticket = Tools::getValue('ticket');
$ticket = explode('-', $get_ticket);
$id_order = (int)$ticket[0];
$aux_filename = $ticket[1];
$id_product = $ticket[2];
$id_product_attribute = $ticket[3];
$order = new Order($id_order);
$filename = $selltickets->getQrName(
$customer->id,
$customer->firstname,
$customer->lastname,
$order->id,
$id_product,
$id_product_attribute
);
$ticketorder_exists = $selltickets->getTicketByOrder($id_order, $id_product, $id_product_attribute);
// Per seguretat, evitarem que qualsevol pugui intentar accedir a la nostra entrada
if ($aux_filename == $filename && (int)$order->id_customer == (int)$customer->id
&& count($ticketorder_exists) != 0) {
$GLOBALS['id_product'] = $id_product;
$GLOBALS['id_product_attribute'] = $id_product_attribute;
include_once(_PS_MODULE_DIR_.'selltickets/classes/pdf/HTMLTemplateTicket.php');
$pdf = new PDF($order, 'Ticket', $this->context->smarty);
$pdf->render(true);
exit;
} else {
Tools::redirect('index.php?controller=authentication');
}
}
$status_ticket = false;
$tinf = array();
// RecopilaciĆ³ d'entrades comprades a les comandes realitzades
foreach ($orders as $k => $order) {
$orderr = new Order((int)$order['id_order']);
$order_state = new OrderState((int)$orderr->current_state);
//if ($orderr->valid)
//{
$status_ticket = $selltickets->getOrderStatesOk($order_state->id);
if ($status_ticket) {
$product_detail = $orderr->getProductsDetail();
foreach ($product_detail as $x => $prod_det) {
/*$exists_real = $selltickets->getTicketInfoNumComplete(
(int)$orderr->id_cart,
$prod_det['product_id'],
$prod_det['product_attribute_id']
);*/
$exists_real = $selltickets->getTicketInfoNumComplete(
(int)$orderr->id_cart,
$prod_det['product_id']
);
if ((int)$exists_real > 0) {
$ticketinf = $selltickets->getTicketByProduct($prod_det['product_id']);
$ticket_lang = $selltickets->getTicketLangInfo(
(int)$ticketinf['id_ticket'],
(int)$orderr->id_lang
);
if ($ticketinf) {
$filename = $selltickets->getQrName(
$customer->id,
$customer->firstname,
$customer->lastname,
$order['id_order'],
$prod_det['product_id'],
$prod_det['product_attribute_id']
);
$product_aux = new Product((int)$prod_det['product_id']);
$ticket_nom = ($ticket_lang['name'] ?
$ticket_lang['name'] : $product_aux->name[(int)$orderr->id_lang]);
$ticket_attributes = '';
if ((int)$prod_det['product_attribute_id'] != 0) {
$ticket_attributes = $selltickets->getAttributesFromProduct(
$prod_det['product_attribute_id'],
$orderr->id_lang
);
$ticket_attributes = implode(', ', $ticket_attributes);
}
$tinf['name'] = $ticket_nom.($ticket_attributes != '' ? ' - '.$ticket_attributes : '');
$tickets[$k][$x] = $tinf;
$tickets[$k][$x]['nominal'] = $selltickets->getTicketIsNominalByIdProduct(
(int)$prod_det['product_id']
);
$tickets[$k][$x]['filename'] = $filename;
$tickets[$k][$x]['order_reference'] = $order['reference'];
$tickets[$k][$x]['order_date'] = $order['date_add'];
$tickets[$k][$x]['order_id'] = $order['id_order'];
$tickets[$k][$x]['order_secure_key'] = $order['secure_key'];
$tickets[$k][$x]['id_product'] = $prod_det['product_id'];
$tickets[$k][$x]['id_product_attribute'] = $prod_det['product_attribute_id'];
$tickets[$k][$x]['qty'] = $prod_det['product_quantity'];
$tickets[$k][$x]['invoice'] = (OrderState::invoiceAvailable($order_state->id)
&& count($orderr->getInvoicesCollection()));
$tickets[$k][$x]['price_total'] = $prod_det['total_price_tax_incl'];
$tickets[$k][$x]['payment'] = $order['payment'];
$customer_info = $selltickets->getTicketInfoCustomer(
(int)$orderr->id_cart,
0,
(int)$prod_det['product_id'],
(int)$prod_det['product_attribute_id'],
true
);
$n = 1;
$optseats = false;
$assoc_seats = array();
$seatcart = array();
$seats = array();
if ($ticketinf['seats']) {
$tickets[$k][$x]['seats'] = true;
$assoc_seats_aux = $selltickets->getAssocSeatsByTicket($ticketinf['id_ticket']);
if ($assoc_seats_aux) {
foreach ($assoc_seats_aux as $assoc) {
$assoc_seats[] = (int)$assoc['id_ticket_seats'];
}
} else {
$assoc_seats = array();
}
foreach ($assoc_seats as $id_ticket_seats) {
$seatcart[$id_ticket_seats] = explode(
',',
$selltickets->getSeatsByOrderAndAssocSeat(
(int)$id_ticket_seats,
$order['id_order']
)
);
}
$seats = $seatcart;
$seat_attr = $selltickets->getSeatsByProductAttribute(
(int)$assoc['id_ticket_seats'],
(int)$prod_det['product_attribute_id']
);
if ($seat_attr) {
$optseats = true;
$tickets[$k][$x]['seats'] = true;
} else {
$optseats = false;
$tickets[$k][$x]['seats'] = false;
}
} else {
$tickets[$k][$x]['seats'] = false;
}
foreach ($customer_info as $cu) {
$tickets[$k][$x]['customer_info'][$n]['id_customer_ticket'] = $cu['id_customer_ticket'];
$tickets[$k][$x]['customer_info'][$n]['name'] = $cu['customer_name'];
$tickets[$k][$x]['customer_info'][$n]['firstname'] = $cu['customer_firstname'];
$tickets[$k][$x]['customer_info'][$n]['phone'] = $cu['customer_phone'];
$tickets[$k][$x]['customer_info'][$n]['token'] = $filename;
if ($optseats) {
foreach ($seats as $id_t_seat => $seat) {
$realseat = $selltickets->getRealNumberSeat(
(int)$id_t_seat,
@$seat[($n-1)]
);
$tickets[$k][$x]['customer_info'][$n]['seat'][$id_t_seat] = $realseat;
/*$infoseatmap = $selltickets->getSeatMapIdByIdSeat($id_t_seat, false, 1);
$name_ticket_map = '';
if ($infoseatmap) {
//$ticket_info = $selltickets->getTicket(
(int)$infoseatmap['id_ticket'], false
);
$ticket_seat_lang = $selltickets->getTicketLangInfo(
(int)$infoseatmap['id_ticket'], (int)$orderr->id_lang
);
$product_id_ticket = $selltickets->getIdProductByTicket(
(int)$infoseatmap['id_ticket']
);
if (isset($ticket_seat_lang['name']) && $ticket_seat_lang['name'] != '') {
$name_ticket_map = $ticket_seat_lang['name'];
} else {
$product_ticket = new Product((int)$product_id_ticket['id_product']);
$name_ticket_map = $product_ticket->name[(int)$orderr->id_lang];
}
}
$tickets[$k][$x]['customer_info'][$n]['nameseatmap'][$id_t_seat] =
$name_ticket_map;*/
}
}
$img_qr = Tools::getHttpHost(true).__PS_BASE_URI__.'modules/'.$selltickets->name
.'/l/'.$filename.'_'.$n.'.png';
$img_no_qr = Tools::getHttpHost(true).__PS_BASE_URI__.'modules/'.$selltickets->name
.'/views/img/qr_'.Language::getIsoById((int)$orderr->id_lang).'.jpg';
if (file_exists(_PS_MODULE_DIR_.''.$selltickets->name.'/l/'.$filename.'_'.$n.'.png')) {
$qr = $img_qr;
} else {
if (file_exists(_PS_MODULE_DIR_.'selltickets/views/img/qr_'
.Language::getIsoById((int)$orderr->id_lang).'.jpg')) {
$qr = $img_no_qr;
} else {
$qr = Tools::getHttpHost(true).__PS_BASE_URI__.'modules/'
.$selltickets->name.'/views/img/qr_en.jpg';
}
}
$tickets[$k][$x]['customer_info'][$n]['qr'] = $qr;
$n++;
}
}
}
}
}
//}
}
$this->context->smarty->assign(
array(
'order_tickets' => $tickets,
'invoiceAllowed' => (int)Configuration::get('PS_INVOICE'),
'selltickets_ajax_url' => Tools::getHttpHost(true).__PS_BASE_URI__.'modules/'.$selltickets->name
.'/ajax.php',
)
);
if ($selltickets->isps17) {
return $this->setTemplate('module:selltickets/views/templates/front/tickets-17.tpl');
} else {
return $this->setTemplate('tickets.tpl');
}
}
}
xxxxx1.0, XXX xxxx