removed all hardcoded table prefixes
This commit is contained in:
parent
98ddfb9c3e
commit
7276af0d32
19 changed files with 89 additions and 89 deletions
|
|
@ -6,6 +6,6 @@ $db_host="localhost";
|
|||
$db_user="localuser";
|
||||
$db_pass="Pkloyn7yvpht!";
|
||||
$db_name="panel";
|
||||
$table_prefix="ogp_";
|
||||
$table_prefix="gsp_";
|
||||
$db_type="mysql";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ if (!$db) {
|
|||
if (!empty($resolve_username_for_user_id) && $db) {
|
||||
$safe_uname = mysqli_real_escape_string($db, $resolve_username_for_user_id);
|
||||
// users_login is the correct column name in this schema
|
||||
$q = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1");
|
||||
$q = mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe_uname' LIMIT 1");
|
||||
if ($q && mysqli_num_rows($q) === 1) {
|
||||
$r = mysqli_fetch_assoc($q);
|
||||
$user_id = intval($r['user_id'] ?? 0);
|
||||
|
|
@ -76,7 +76,7 @@ if (!empty($resolve_username_for_user_id) && $db) {
|
|||
$_SESSION['website_user_id'] = $user_id;
|
||||
site_log_info('resolved_user_id_from_username', ['username'=>$resolve_username_for_user_id,'user_id'=>$user_id]);
|
||||
// Also resolve and persist the user's role so menus and admin checks are consistent
|
||||
$role_q = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1");
|
||||
$role_q = mysqli_query($db, "SELECT users_role FROM {$table_prefix}users WHERE user_id = " . intval($user_id) . " LIMIT 1");
|
||||
if ($role_q && mysqli_num_rows($role_q) === 1) {
|
||||
$role_row = mysqli_fetch_assoc($role_q);
|
||||
$_SESSION['website_user_role'] = $role_row['users_role'] ?? '';
|
||||
|
|
@ -89,7 +89,7 @@ if (!empty($resolve_username_for_user_id) && $db) {
|
|||
|
||||
$price = 0.0;
|
||||
if ($service_id > 0) {
|
||||
$stmt = $db->prepare('SELECT price_monthly, slot_min_qty, slot_max_qty FROM ogp_billing_services WHERE service_id = ? LIMIT 1');
|
||||
$stmt = $db->prepare("SELECT price_monthly, slot_min_qty, slot_max_qty FROM {$table_prefix}billing_services WHERE service_id = ? LIMIT 1");
|
||||
if ($stmt) {
|
||||
$stmt->bind_param('i', $service_id);
|
||||
$stmt->execute();
|
||||
|
|
@ -104,7 +104,7 @@ if ($service_id > 0) {
|
|||
}
|
||||
}
|
||||
|
||||
// Insert into ogp_billing_invoices (NOT orders - invoice created first)
|
||||
// Insert into {table_prefix}billing_invoices (NOT orders - invoice created first)
|
||||
$now = date('Y-m-d H:i:s');
|
||||
$status = 'due'; // Invoice status: due (unpaid), paid
|
||||
|
||||
|
|
@ -116,10 +116,10 @@ $debug = (isset($_GET['debug']) && $_GET['debug'] == '1') || (isset($_POST['debu
|
|||
$logfile = __DIR__ . '/logs/add_to_cart.log';
|
||||
site_log_info('add_to_cart_invoked', ['user_id'=>$user_id, 'service_id'=>$service_id]);
|
||||
|
||||
// Get customer name and email from ogp_users
|
||||
// Get customer name and email from {table_prefix}users
|
||||
$customer_name = '';
|
||||
$customer_email = '';
|
||||
$user_q = mysqli_query($db, "SELECT users_fname, users_lname, users_email FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1");
|
||||
$user_q = mysqli_query($db, "SELECT users_fname, users_lname, users_email FROM {$table_prefix}users WHERE user_id = " . intval($user_id) . " LIMIT 1");
|
||||
if ($user_q && mysqli_num_rows($user_q) === 1) {
|
||||
$user_row = mysqli_fetch_assoc($user_q);
|
||||
$customer_name = trim(($user_row['users_fname'] ?? '') . ' ' . ($user_row['users_lname'] ?? ''));
|
||||
|
|
@ -148,7 +148,7 @@ $esc_customer_email = mysqli_real_escape_string($db, $customer_email);
|
|||
$esc_due_date = mysqli_real_escape_string($db, $due_date);
|
||||
$esc_description = mysqli_real_escape_string($db, "New server: {$home_name}");
|
||||
|
||||
$sql = "INSERT INTO ogp_billing_invoices (
|
||||
$sql = "INSERT INTO {$table_prefix}billing_invoices (
|
||||
user_id, service_id, home_name, ip, max_players, qty, invoice_duration,
|
||||
amount, remote_control_password, ftp_password, status, customer_name,
|
||||
customer_email, due_date, description, currency, order_id
|
||||
|
|
@ -172,9 +172,9 @@ if (!$res || $err_no > 0) {
|
|||
site_log_error('mysqli_query_failed', ['errno'=>$err_no, 'error'=>$err, 'sql'=>$sql]);
|
||||
file_put_contents($logfile, date('c') . " - ERROR: " . $err . " (errno: {$err_no})\n", FILE_APPEND);
|
||||
// Log table existence check
|
||||
$tbl_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_billing_invoices'");
|
||||
$tbl_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}billing_invoices'");
|
||||
$tbl_exists = ($tbl_check && mysqli_num_rows($tbl_check) > 0) ? 'yes' : 'no';
|
||||
site_log_warn('ogp_billing_invoices_exists', ['exists'=>$tbl_exists]);
|
||||
site_log_warn('billing_invoices_exists', ['exists'=>$tbl_exists]);
|
||||
file_put_contents($logfile, date('c') . " - Table exists check: {$tbl_exists}\n", FILE_APPEND);
|
||||
|
||||
// Show user-friendly error
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
$newStatus = mysqli_real_escape_string($db, $_POST['status']);
|
||||
$newPrice = floatval($_POST['price']);
|
||||
|
||||
$sql = "UPDATE ogp_billing_orders SET status = '$newStatus', price = $newPrice WHERE order_id = $orderId LIMIT 1";
|
||||
$sql = "UPDATE {$table_prefix}billing_orders SET status = '$newStatus', price = $newPrice WHERE order_id = $orderId LIMIT 1";
|
||||
mysqli_query($db, $sql);
|
||||
header('Location: admin_invoices.php?updated=' . $orderId);
|
||||
exit;
|
||||
|
|
@ -23,9 +23,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
|
||||
// Fetch all orders with coupon information
|
||||
$orders = mysqli_query($db, "SELECT o.*, u.user_name, c.code AS coupon_code, c.discount_percent AS coupon_discount
|
||||
FROM ogp_billing_orders o
|
||||
LEFT JOIN ogp_users u ON o.user_id = u.user_id
|
||||
LEFT JOIN ogp_billing_coupons c ON o.coupon_id = c.coupon_id
|
||||
FROM {$table_prefix}billing_orders o
|
||||
LEFT JOIN {$table_prefix}users u ON o.user_id = u.user_id
|
||||
LEFT JOIN {$table_prefix}billing_coupons c ON o.coupon_id = c.coupon_id
|
||||
ORDER BY o.order_id DESC");
|
||||
|
||||
function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
|
||||
|
|
|
|||
|
|
@ -58,8 +58,8 @@ function join_base($base, $path){
|
|||
}
|
||||
|
||||
/* which column holds space-separated locations */
|
||||
$locationCol = col_exists($db, 'ogp_billing_services', 'remote_server_id') ? 'remote_server_id' :
|
||||
(col_exists($db, 'ogp_billing_services', 'remote_server') ? 'remote_server' : 'remote_server_id');
|
||||
$locationCol = col_exists($db, "{$table_prefix}billing_services", 'remote_server_id') ? 'remote_server_id' :
|
||||
(col_exists($db, "{$table_prefix}billing_services", 'remote_server') ? 'remote_server' : 'remote_server_id');
|
||||
|
||||
$flash = [];
|
||||
|
||||
|
|
@ -67,11 +67,11 @@ $flash = [];
|
|||
if (isset($_POST['update_remote_servers'])) {
|
||||
$enabledIds = array_map('intval', $_POST['rs'] ?? []);
|
||||
$enabledSet = array_flip($enabledIds);
|
||||
$allIds = fetch_all_assoc($db, "SELECT remote_server_id FROM ogp_remote_servers");
|
||||
$allIds = fetch_all_assoc($db, "SELECT remote_server_id FROM {$table_prefix}remote_servers");
|
||||
foreach ($allIds as $row) {
|
||||
$id = (int)$row['remote_server_id'];
|
||||
$e = isset($enabledSet[$id]) ? 1 : 0;
|
||||
$db->query("UPDATE ogp_remote_servers SET enabled={$e} WHERE remote_server_id={$id}");
|
||||
$db->query("UPDATE {$table_prefix}remote_servers SET enabled={$e} WHERE remote_server_id={$id}");
|
||||
}
|
||||
$flash[] = "Server locations updated.";
|
||||
}
|
||||
|
|
@ -99,7 +99,7 @@ function update_service_row(mysqli $db, string $locationCol, int $sid, array $sv
|
|||
$locList = implode(' ', $selected);
|
||||
$locListEsc = esc_mysqli($db, $locList);
|
||||
|
||||
$sql = "UPDATE ogp_billing_services
|
||||
$sql = "UPDATE {$table_prefix}billing_services
|
||||
SET service_name='{$name}',
|
||||
`{$locationCol}`='{$locListEsc}',
|
||||
slot_min_qty={$minSlots},
|
||||
|
|
@ -131,13 +131,13 @@ if (isset($_POST['bulk_update']) && !empty($_POST['service']) && is_array($_POST
|
|||
/* C) Remove a service (separate small form) */
|
||||
if (isset($_POST['remove_service'], $_POST['service_id_remove'])) {
|
||||
$sid = (int)$_POST['service_id_remove'];
|
||||
$db->query("DELETE FROM ogp_billing_services WHERE service_id={$sid}");
|
||||
$db->query("DELETE FROM {$table_prefix}billing_services WHERE service_id={$sid}");
|
||||
$flash[] = "Service #{$sid} removed.";
|
||||
}
|
||||
|
||||
/* fetch data for UI */
|
||||
$remoteServers = fetch_all_assoc($db, "SELECT remote_server_id, remote_server_name, enabled FROM ogp_remote_servers ORDER BY remote_server_name");
|
||||
$services = fetch_all_assoc($db, "SELECT service_id, service_name, `{$locationCol}` AS locs, slot_min_qty, slot_max_qty, price_monthly, img_url, enabled FROM ogp_billing_services ORDER BY service_name");
|
||||
$remoteServers = fetch_all_assoc($db, "SELECT remote_server_id, remote_server_name, enabled FROM {$table_prefix}remote_servers ORDER BY remote_server_name");
|
||||
$services = fetch_all_assoc($db, "SELECT service_id, service_name, `{$locationCol}` AS locs, slot_min_qty, slot_max_qty, price_monthly, img_url, enabled FROM {$table_prefix}billing_services ORDER BY service_name");
|
||||
?>
|
||||
|
||||
<?php if ($flash): ?>
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
/**
|
||||
* Check ogp_billing_invoices table structure
|
||||
* Check {table_prefix}billing_invoices table structure
|
||||
*/
|
||||
|
||||
require_once('../../includes/config.inc.php');
|
||||
|
|
@ -12,9 +12,9 @@ if (!$db) {
|
|||
die("Database connection failed: " . mysqli_connect_error());
|
||||
}
|
||||
|
||||
echo "<h2>ogp_billing_invoices Table Structure</h2>\n";
|
||||
echo "<h2>{$table_prefix}billing_invoices Table Structure</h2>\n";
|
||||
|
||||
$result = mysqli_query($db, "DESCRIBE ogp_billing_invoices");
|
||||
$result = mysqli_query($db, "DESCRIBE {$table_prefix}billing_invoices");
|
||||
|
||||
if (!$result) {
|
||||
die("Table doesn't exist or query failed: " . mysqli_error($db));
|
||||
|
|
@ -37,13 +37,13 @@ while ($row = mysqli_fetch_assoc($result)) {
|
|||
echo "</table>\n";
|
||||
|
||||
// Count existing invoices
|
||||
$count_result = mysqli_query($db, "SELECT COUNT(*) as cnt FROM ogp_billing_invoices");
|
||||
$count_result = mysqli_query($db, "SELECT COUNT(*) as cnt FROM {$table_prefix}billing_invoices");
|
||||
$count = mysqli_fetch_assoc($count_result);
|
||||
echo "<p><strong>Total invoices in table:</strong> {$count['cnt']}</p>\n";
|
||||
|
||||
// Show last 5 invoices
|
||||
echo "<h2>Last 5 Invoices</h2>\n";
|
||||
$last_result = mysqli_query($db, "SELECT * FROM ogp_billing_invoices ORDER BY invoice_id DESC LIMIT 5");
|
||||
$last_result = mysqli_query($db, "SELECT * FROM {$table_prefix}billing_invoices ORDER BY invoice_id DESC LIMIT 5");
|
||||
|
||||
if (mysqli_num_rows($last_result) > 0) {
|
||||
echo "<table border='1' style='border-collapse: collapse;'>\n";
|
||||
|
|
|
|||
|
|
@ -80,8 +80,8 @@ function exec_ogp_module()
|
|||
$settings = $db->getSettings();
|
||||
$subject = "Gameserver Renewel at " . $settings['panel_name'];
|
||||
$email = $db->resultQuery(" SELECT DISTINCT users_email
|
||||
FROM ogp_users, ogp_billing_orders
|
||||
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
|
||||
FROM {$table_prefix}users, {$table_prefix}billing_orders
|
||||
WHERE {$table_prefix}users.user_id = $user_id")[0]["users_email"];
|
||||
|
||||
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been renewed.<br>
|
||||
Thank You for your continued support.<br>
|
||||
|
|
@ -245,8 +245,8 @@ function exec_ogp_module()
|
|||
$settings = $db->getSettings();
|
||||
$subject = "New Gameserver installed at " . $settings['panel_name'];
|
||||
$email = $db->resultQuery(" SELECT DISTINCT users_email
|
||||
FROM ogp_users, ogp_billing_orders
|
||||
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
|
||||
FROM {$table_prefix}users, {$table_prefix}billing_orders
|
||||
WHERE {$table_prefix}users.user_id = $user_id")[0]["users_email"];
|
||||
|
||||
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been created.<br>
|
||||
Thank You for your continued support.<br>
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) {
|
|||
$identifier = mysqli_real_escape_string($db, $identifier);
|
||||
|
||||
// Check if it's an email or username
|
||||
$query = "SELECT user_id, users_login, users_email FROM ogp_users
|
||||
$query = "SELECT user_id, users_login, users_email FROM {$table_prefix}users
|
||||
WHERE users_login = '$identifier' OR users_email = '$identifier' LIMIT 1";
|
||||
$result = mysqli_query($db, $query);
|
||||
|
||||
|
|
@ -43,10 +43,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) {
|
|||
$expires = date('Y-m-d H:i:s', strtotime('+1 hour'));
|
||||
|
||||
// Check if password_reset_tokens table exists
|
||||
$table_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_password_reset_tokens'");
|
||||
$table_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}password_reset_tokens'");
|
||||
if (!$table_check || mysqli_num_rows($table_check) === 0) {
|
||||
// Create table if it doesn't exist
|
||||
$create_table = "CREATE TABLE IF NOT EXISTS ogp_password_reset_tokens (
|
||||
$create_table = "CREATE TABLE IF NOT EXISTS {$table_prefix}password_reset_tokens (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
user_id INT NOT NULL,
|
||||
token VARCHAR(64) NOT NULL,
|
||||
|
|
@ -60,13 +60,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) {
|
|||
}
|
||||
|
||||
// Delete any existing tokens for this user
|
||||
$stmt = $db->prepare("DELETE FROM ogp_password_reset_tokens WHERE user_id = ?");
|
||||
$stmt = $db->prepare("DELETE FROM {$table_prefix}password_reset_tokens WHERE user_id = ?");
|
||||
$stmt->bind_param('i', $user['user_id']);
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
|
||||
// Insert new token
|
||||
$stmt = $db->prepare("INSERT INTO ogp_password_reset_tokens (user_id, token, expires) VALUES (?, ?, ?)");
|
||||
$stmt = $db->prepare("INSERT INTO {$table_prefix}password_reset_tokens (user_id, token, expires) VALUES (?, ?, ?)");
|
||||
$stmt->bind_param('iss', $user['user_id'], $token, $expires);
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ if (!$auth_db) {
|
|||
|
||||
$uid = intval($_SESSION['website_user_id']);
|
||||
$role = '';
|
||||
$res = mysqli_query($auth_db, "SELECT users_role FROM ogp_users WHERE user_id = $uid LIMIT 1");
|
||||
$res = mysqli_query($auth_db, "SELECT users_role FROM {$table_prefix}users WHERE user_id = $uid LIMIT 1");
|
||||
if ($res && mysqli_num_rows($res) === 1) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
$role = (string)($row['users_role'] ?? '');
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
|
|||
$resolved_uid = null;
|
||||
if ($db) {
|
||||
$safe = mysqli_real_escape_string($db, $username);
|
||||
$res = @mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe' LIMIT 1");
|
||||
$res = @mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe' LIMIT 1");
|
||||
if ($res && mysqli_num_rows($res) === 1) {
|
||||
$r = mysqli_fetch_assoc($res);
|
||||
$resolved_uid = intval($r['user_id'] ?? 0);
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ $user_id = intval($_SESSION['website_user_id'] ?? 0);
|
|||
// Fetch user information from database
|
||||
$user_info = null;
|
||||
if ($user_id > 0) {
|
||||
$query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM ogp_users WHERE user_id = $user_id LIMIT 1";
|
||||
$query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = $user_id LIMIT 1";
|
||||
$result = mysqli_query($db, $query);
|
||||
if ($result && mysqli_num_rows($result) === 1) {
|
||||
$user_info = mysqli_fetch_assoc($result);
|
||||
|
|
@ -74,13 +74,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['change_password'])) {
|
|||
} else {
|
||||
// Verify current password (using MD5 as per panel legacy)
|
||||
$current_hash = md5($current_password);
|
||||
$verify_query = "SELECT user_id FROM ogp_users WHERE user_id = $user_id AND users_passwd = '$current_hash' LIMIT 1";
|
||||
$verify_query = "SELECT user_id FROM {$table_prefix}users WHERE user_id = $user_id AND users_passwd = '$current_hash' LIMIT 1";
|
||||
$verify_result = mysqli_query($db, $verify_query);
|
||||
|
||||
if ($verify_result && mysqli_num_rows($verify_result) === 1) {
|
||||
// Update password
|
||||
$new_hash = md5($new_password);
|
||||
$update_query = "UPDATE ogp_users SET users_passwd = '$new_hash' WHERE user_id = $user_id LIMIT 1";
|
||||
$update_query = "UPDATE {$table_prefix}users SET users_passwd = '$new_hash' WHERE user_id = $user_id LIMIT 1";
|
||||
if (mysqli_query($db, $update_query)) {
|
||||
$success_message = 'Password changed successfully!';
|
||||
} else {
|
||||
|
|
@ -101,11 +101,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_info'])) {
|
|||
if (!empty($email) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$error_message = 'Invalid email address.';
|
||||
} else {
|
||||
$update_query = "UPDATE ogp_users SET users_fname = '$fname', users_lname = '$lname', users_email = '$email' WHERE user_id = $user_id LIMIT 1";
|
||||
$update_query = "UPDATE {$table_prefix}users SET users_fname = '$fname', users_lname = '$lname', users_email = '$email' WHERE user_id = $user_id LIMIT 1";
|
||||
if (mysqli_query($db, $update_query)) {
|
||||
$success_message = 'Account information updated successfully!';
|
||||
// Refresh user info
|
||||
$query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM ogp_users WHERE user_id = $user_id LIMIT 1";
|
||||
$query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = $user_id LIMIT 1";
|
||||
$result = mysqli_query($db, $query);
|
||||
if ($result && mysqli_num_rows($result) === 1) {
|
||||
$user_info = mysqli_fetch_assoc($result);
|
||||
|
|
@ -127,8 +127,8 @@ $servers_query = "SELECT
|
|||
o.home_id,
|
||||
o.end_date,
|
||||
bs.service_name
|
||||
FROM ogp_billing_orders o
|
||||
LEFT JOIN ogp_billing_services bs ON o.service_id = bs.service_id
|
||||
FROM {$table_prefix}billing_orders o
|
||||
LEFT JOIN {$table_prefix}billing_services bs ON o.service_id = bs.service_id
|
||||
WHERE o.user_id = $user_id
|
||||
ORDER BY o.order_id DESC";
|
||||
$servers_result = mysqli_query($db, $servers_query);
|
||||
|
|
|
|||
|
|
@ -28,8 +28,8 @@ $user_id = intval($_SESSION['website_user_id']);
|
|||
|
||||
// Fetch user's active servers
|
||||
// We'll look for homes assigned to this user
|
||||
// The relationship is: ogp_billing_orders -> user_id and contains home_id references
|
||||
// We need to join with ogp_home to get server details
|
||||
// The relationship is: {table_prefix}billing_orders -> user_id and contains home_id references
|
||||
// We need to join with {table_prefix}home to get server details
|
||||
|
||||
$query = "SELECT
|
||||
h.home_id,
|
||||
|
|
@ -49,12 +49,12 @@ $query = "SELECT
|
|||
o.coupon_id,
|
||||
bc.code AS coupon_code,
|
||||
bc.discount_percent AS coupon_discount_percent
|
||||
FROM ogp_home h
|
||||
LEFT JOIN ogp_remote_servers rs ON h.remote_server_id = rs.remote_server_id
|
||||
LEFT JOIN ogp_game_configs gc ON h.home_cfg_id = gc.home_cfg_id
|
||||
LEFT JOIN ogp_billing_orders o ON h.user_id = o.user_id
|
||||
LEFT JOIN ogp_billing_services bs ON o.service_id = bs.service_id
|
||||
LEFT JOIN ogp_billing_coupons bc ON o.coupon_id = bc.coupon_id
|
||||
FROM {$table_prefix}home h
|
||||
LEFT JOIN {$table_prefix}remote_servers rs ON h.remote_server_id = rs.remote_server_id
|
||||
LEFT JOIN {$table_prefix}game_configs gc ON h.home_cfg_id = gc.home_cfg_id
|
||||
LEFT JOIN {$table_prefix}billing_orders o ON h.user_id = o.user_id
|
||||
LEFT JOIN {$table_prefix}billing_services bs ON o.service_id = bs.service_id
|
||||
LEFT JOIN {$table_prefix}billing_coupons bc ON o.coupon_id = bc.coupon_id
|
||||
WHERE h.user_id = $user_id
|
||||
ORDER BY h.home_id DESC";
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ When the user clicks the "Add to Cart" button, the next page to load is "add_to_
|
|||
All the configuration info is passed to the add_to_cart.php in hidden fields
|
||||
|
||||
In our website, we are setting "post" pages with a "Tag". The first tag in our post should be the service ID from the services table
|
||||
There are other methods that might be better to get the info. But all we need is the "service_ID" in the "ogp_billing_services" table
|
||||
There are other methods that might be better to get the info. But all we need is the "service_ID" in the "{$table_prefix}billing_services" table
|
||||
This method means we can use one code block in every game page and fill in the data dynamically.
|
||||
*/
|
||||
|
||||
|
|
@ -42,7 +42,7 @@ include(__DIR__ . '/includes/menu.php');
|
|||
$new_description = str_replace("\\r\\n", "<br>", $_POST['description']);
|
||||
$service = $_POST['service_id'];
|
||||
|
||||
$change_description = "UPDATE opg_billing_services
|
||||
$change_description = "UPDATE {$table_prefix}billing_services
|
||||
SET description ='".$new_description."'
|
||||
WHERE service_id=".$service;
|
||||
$save = $db->query($change_description);
|
||||
|
|
@ -60,7 +60,7 @@ THIS IS WHAT WE DISPLAY ON THE SHOP PAGE AT THE TOP
|
|||
<?php
|
||||
// Shop Form
|
||||
if(intval($_REQUEST['service_id']) !==0) $where_service_id = " WHERE enabled = 1 and service_id=".intval($_REQUEST['service_id']); else $where_service_id = " where enabled = 1";
|
||||
$qry_services = "SELECT * FROM ogp_billing_services ".$where_service_id ." ORDER BY service_name";
|
||||
$qry_services = "SELECT * FROM {$table_prefix}billing_services ".$where_service_id ." ORDER BY service_name";
|
||||
$services = $db->query($qry_services);
|
||||
|
||||
if (isset($_REQUEST['service_id']) && $services === false) {
|
||||
|
|
@ -191,7 +191,7 @@ if ($row['price_monthly'] == 0.0) {
|
|||
//loop through each of the assigned servers and see if its disabled
|
||||
foreach($rsiArray as $rsi)
|
||||
{
|
||||
$query = "SELECT * FROM ogp_remote_servers WHERE remote_server_id = ".$rsi;
|
||||
$query = "SELECT * FROM {$table_prefix}remote_servers WHERE remote_server_id = ".$rsi;
|
||||
$result = $db->query($query);
|
||||
foreach($result as $rs)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ session_name("gameservers_website");
|
|||
session_start();
|
||||
require_once(__DIR__ . '/includes/config.inc.php');
|
||||
|
||||
// Simple registration form (creates a user in ogp_users with MD5 password)
|
||||
// Simple registration form (creates a user in {table_prefix}users with MD5 password)
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['username']) && !empty($_POST['password'])) {
|
||||
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
|
||||
if ($db) {
|
||||
|
|
@ -21,16 +21,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['username']) && !empt
|
|||
|
||||
// Try to insert with shadow column if it exists
|
||||
$has_shadow = false;
|
||||
$res = $db->query("SHOW COLUMNS FROM ogp_users LIKE 'users_pass_hash'");
|
||||
$res = $db->query("SHOW COLUMNS FROM {$table_prefix}users LIKE 'users_pass_hash'");
|
||||
if ($res && $res->num_rows > 0) {
|
||||
$has_shadow = true;
|
||||
}
|
||||
|
||||
if ($has_shadow) {
|
||||
$stmt = $db->prepare("INSERT INTO ogp_users (users_login, users_passwd, users_pass_hash, users_email, users_role) VALUES (?, ?, ?, ?, 'user')");
|
||||
$stmt = $db->prepare("INSERT INTO {$table_prefix}users (users_login, users_passwd, users_pass_hash, users_email, users_role) VALUES (?, ?, ?, ?, 'user')");
|
||||
$stmt->bind_param('ssss', $username, $md5pw, $modern, $email);
|
||||
} else {
|
||||
$stmt = $db->prepare("INSERT INTO ogp_users (users_login, users_passwd, users_email, users_role) VALUES (?, ?, ?, 'user')");
|
||||
$stmt = $db->prepare("INSERT INTO {$table_prefix}users (users_login, users_passwd, users_email, users_role) VALUES (?, ?, ?, 'user')");
|
||||
$stmt->bind_param('sss', $username, $md5pw, $email);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ if (!$db) {
|
|||
$user_id = intval($_SESSION['website_user_id'] ?? $_SESSION['user_id'] ?? 0);
|
||||
if ($user_id <= 0 && isset($_SESSION['website_username']) && !empty($_SESSION['website_username'])) {
|
||||
$safe_uname = mysqli_real_escape_string($db, $_SESSION['website_username']);
|
||||
$qr = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1");
|
||||
$qr = mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe_uname' LIMIT 1");
|
||||
if ($qr && mysqli_num_rows($qr) === 1) {
|
||||
$rr = mysqli_fetch_assoc($qr);
|
||||
$user_id = intval($rr['user_id'] ?? 0);
|
||||
|
|
@ -47,7 +47,7 @@ if ($order_id <= 0 || $user_id <= 0) {
|
|||
}
|
||||
|
||||
// Fetch order and verify ownership (get all needed fields for invoice creation)
|
||||
$stmt = $db->prepare('SELECT order_id, user_id, service_id, qty, invoice_duration, price, home_id, home_name, ip, max_players, remote_control_password, ftp_password FROM ogp_billing_orders WHERE order_id = ? LIMIT 1');
|
||||
$stmt = $db->prepare("SELECT order_id, user_id, service_id, qty, invoice_duration, price, home_id, home_name, ip, max_players, remote_control_password, ftp_password FROM {$table_prefix}billing_orders WHERE order_id = ? LIMIT 1");
|
||||
if (!$stmt) {
|
||||
header('Location: ' . $redirect_to);
|
||||
exit;
|
||||
|
|
@ -73,7 +73,7 @@ if (intval($order['user_id']) !== intval($user_id)) {
|
|||
$service_id = intval($order['service_id'] ?? 0);
|
||||
$price_val = floatval($order['price'] ?? 0.0);
|
||||
if ($service_id > 0) {
|
||||
$sstmt = $db->prepare('SELECT price_monthly, price_year FROM ogp_billing_services WHERE service_id = ? LIMIT 1');
|
||||
$sstmt = $db->prepare("SELECT price_monthly, price_year FROM {$table_prefix}billing_services WHERE service_id = ? LIMIT 1");
|
||||
if ($sstmt) {
|
||||
$sstmt->bind_param('i', $service_id);
|
||||
$sstmt->execute();
|
||||
|
|
@ -93,7 +93,7 @@ if ($service_id > 0) {
|
|||
// Get user email for invoice
|
||||
$user_email = '';
|
||||
$user_name = '';
|
||||
$user_stmt = $db->prepare('SELECT users_email, users_login, users_fname, users_lname FROM ogp_users WHERE user_id = ? LIMIT 1');
|
||||
$user_stmt = $db->prepare("SELECT users_email, users_login, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = ? LIMIT 1");
|
||||
if ($user_stmt) {
|
||||
$user_stmt->bind_param('i', $user_id);
|
||||
$user_stmt->execute();
|
||||
|
|
@ -163,9 +163,9 @@ if ($inv_insert) {
|
|||
|
||||
// Try to log to panel logger
|
||||
$logger_table = null;
|
||||
$check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_logger'");
|
||||
$check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}logger'");
|
||||
if ($check && mysqli_num_rows($check) > 0) {
|
||||
$logger_table = 'ogp_logger';
|
||||
$logger_table = '{$table_prefix}logger';
|
||||
} else {
|
||||
$reslt = mysqli_query($db, "SHOW TABLES LIKE '%logger'");
|
||||
if ($reslt && mysqli_num_rows($reslt) > 0) {
|
||||
|
|
@ -204,7 +204,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['confirm_renewal'])) {
|
|||
$price = ($duration === 'year' && !empty($order['price_year']) && floatval($order['price_year']) > 0) ? floatval($order['price_year']) : floatval($order['price_monthly']);
|
||||
|
||||
// Prepare update to set this order into renew state
|
||||
if ($upd = $db->prepare("UPDATE ogp_billing_orders SET status = ?, invoice_duration = ?, qty = ?, price = ? WHERE order_id = ? AND user_id = ? LIMIT 1")) {
|
||||
if ($upd = $db->prepare("UPDATE {$table_prefix}billing_orders SET status = ?, invoice_duration = ?, qty = ?, price = ? WHERE order_id = ? AND user_id = ? LIMIT 1")) {
|
||||
$new_status = 'renew';
|
||||
$orderIdInt = intval($order_id);
|
||||
$userIdInt = intval($user_id);
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ if (empty($token)) {
|
|||
$token = mysqli_real_escape_string($db, $token);
|
||||
|
||||
// Verify token
|
||||
$query = "SELECT user_id, expires, used FROM ogp_password_reset_tokens
|
||||
$query = "SELECT user_id, expires, used FROM {$table_prefix}password_reset_tokens
|
||||
WHERE token = '$token' LIMIT 1";
|
||||
$result = mysqli_query($db, $query);
|
||||
|
||||
|
|
@ -70,7 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['reset_password']) &&
|
|||
|
||||
// Check if shadow column exists
|
||||
$has_shadow = false;
|
||||
$res_cols = mysqli_query($db, "SHOW COLUMNS FROM ogp_users LIKE 'users_pass_hash'");
|
||||
$res_cols = mysqli_query($db, "SHOW COLUMNS FROM {$table_prefix}users LIKE 'users_pass_hash'");
|
||||
if ($res_cols && mysqli_num_rows($res_cols) > 0) {
|
||||
$has_shadow = true;
|
||||
}
|
||||
|
|
@ -78,16 +78,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['reset_password']) &&
|
|||
// Update password
|
||||
if ($has_shadow) {
|
||||
$modern_hash = password_hash($new_password, PASSWORD_DEFAULT);
|
||||
$stmt = $db->prepare("UPDATE ogp_users SET users_passwd = ?, users_pass_hash = ? WHERE user_id = ?");
|
||||
$stmt = $db->prepare("UPDATE {$table_prefix}users SET users_passwd = ?, users_pass_hash = ? WHERE user_id = ?");
|
||||
$stmt->bind_param('ssi', $md5_password, $modern_hash, $user_id);
|
||||
} else {
|
||||
$stmt = $db->prepare("UPDATE ogp_users SET users_passwd = ? WHERE user_id = ?");
|
||||
$stmt = $db->prepare("UPDATE {$table_prefix}users SET users_passwd = ? WHERE user_id = ?");
|
||||
$stmt->bind_param('si', $md5_password, $user_id);
|
||||
}
|
||||
|
||||
if ($stmt->execute()) {
|
||||
// Mark token as used
|
||||
$stmt2 = $db->prepare("UPDATE ogp_password_reset_tokens SET used = 1 WHERE token = ?");
|
||||
$stmt2 = $db->prepare("UPDATE {$table_prefix}password_reset_tokens SET used = 1 WHERE token = ?");
|
||||
$stmt2->bind_param('s', $token);
|
||||
$stmt2->execute();
|
||||
$stmt2->close();
|
||||
|
|
|
|||
|
|
@ -21,10 +21,10 @@ include(__DIR__ . '/includes/top.php');
|
|||
include(__DIR__ . '/includes/menu.php');
|
||||
|
||||
// Check if server status table exists, if not create it
|
||||
$table_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_server_status'");
|
||||
$table_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}server_status'");
|
||||
if (!$table_check || mysqli_num_rows($table_check) === 0) {
|
||||
// Create table for server status updates
|
||||
$create_table = "CREATE TABLE IF NOT EXISTS ogp_server_status (
|
||||
$create_table = "CREATE TABLE IF NOT EXISTS {$table_prefix}server_status (
|
||||
status_id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
remote_server_id INT NOT NULL,
|
||||
server_name VARCHAR(255) NOT NULL,
|
||||
|
|
@ -55,8 +55,8 @@ $query = "SELECT
|
|||
ss.uptime,
|
||||
ss.last_updated,
|
||||
ss.notes
|
||||
FROM ogp_remote_servers rs
|
||||
LEFT JOIN ogp_server_status ss ON rs.remote_server_id = ss.remote_server_id
|
||||
FROM {$table_prefix}remote_servers rs
|
||||
LEFT JOIN {$table_prefix}server_status ss ON rs.remote_server_id = ss.remote_server_id
|
||||
ORDER BY rs.remote_server_name";
|
||||
|
||||
$result = mysqli_query($db, $query);
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ if (!$db) {
|
|||
if (isset($_POST['save']) && !empty($_POST['description'])) {
|
||||
$new_description = str_replace("\\r\\n", "<br>", $_POST['description']);
|
||||
$service = intval($_POST['service_id']);
|
||||
$stmt = $db->prepare("UPDATE ogp_billing_services SET description = ? WHERE service_id = ?");
|
||||
$stmt = $db->prepare("UPDATE {$table_prefix}billing_services SET description = ? WHERE service_id = ?");
|
||||
$stmt->bind_param("si", $new_description, $service);
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
|
|
@ -33,7 +33,7 @@ if (isset($_POST['save']) && !empty($_POST['description'])) {
|
|||
// Fetch services
|
||||
$service_id = isset($_REQUEST['service_id']) ? intval($_REQUEST['service_id']) : 0;
|
||||
$where_service_id = $service_id !== 0 ? "WHERE enabled = 1 AND service_id = $service_id" : "WHERE enabled = 1";
|
||||
$qry_services = "SELECT * FROM ogp_billing_services $where_service_id ORDER BY service_name";
|
||||
$qry_services = "SELECT * FROM {$table_prefix}billing_services $where_service_id ORDER BY service_name";
|
||||
$services = $db->query($qry_services);
|
||||
|
||||
if (!$services) {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
/**
|
||||
* Database Connection Test Script
|
||||
*
|
||||
* This script tests the database connection and queries the ogp_users table
|
||||
* This script tests the database connection and queries the {$table_prefix}users table
|
||||
* to verify the login functionality will work correctly.
|
||||
*
|
||||
* ⚠️ SECURITY WARNING: Delete this file after testing!
|
||||
|
|
@ -53,14 +53,14 @@ if ($db && mysqli_ping($db)) {
|
|||
}
|
||||
echo "</div>";
|
||||
|
||||
// Test 2: Check if ogp_users table exists
|
||||
// Test 2: Check if {$table_prefix}users table exists
|
||||
echo "<div class='section'>";
|
||||
echo "<h2>Test 2: Check ogp_users Table</h2>";
|
||||
$result = mysqli_query($db, "SHOW TABLES LIKE 'ogp_users'");
|
||||
echo "<h2>Test 2: Check {$table_prefix}users Table</h2>";
|
||||
$result = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}users'");
|
||||
if ($result && mysqli_num_rows($result) > 0) {
|
||||
echo "<p class='success'>✓ ogp_users table exists!</p>";
|
||||
echo "<p class='success'>✓ {$table_prefix}users table exists!</p>";
|
||||
} else {
|
||||
echo "<p class='error'>✗ ogp_users table not found!</p>";
|
||||
echo "<p class='error'>✗ {$table_prefix}users table not found!</p>";
|
||||
echo "</div></body></html>";
|
||||
exit();
|
||||
}
|
||||
|
|
@ -69,7 +69,7 @@ echo "</div>";
|
|||
// Test 3: Check table structure
|
||||
echo "<div class='section'>";
|
||||
echo "<h2>Test 3: Table Structure</h2>";
|
||||
$result = mysqli_query($db, "DESCRIBE ogp_users");
|
||||
$result = mysqli_query($db, "DESCRIBE {$table_prefix}users");
|
||||
if ($result) {
|
||||
echo "<p class='success'>✓ Table structure retrieved</p>";
|
||||
echo "<p>Columns:</p><pre>";
|
||||
|
|
@ -85,7 +85,7 @@ echo "</div>";
|
|||
// Test 4: Count users
|
||||
echo "<div class='section'>";
|
||||
echo "<h2>Test 4: User Count</h2>";
|
||||
$result = mysqli_query($db, "SELECT COUNT(*) as count FROM ogp_users");
|
||||
$result = mysqli_query($db, "SELECT COUNT(*) as count FROM {$table_prefix}users");
|
||||
if ($result) {
|
||||
$row = mysqli_fetch_assoc($result);
|
||||
echo "<p class='success'>✓ Total users in database: " . $row['count'] . "</p>";
|
||||
|
|
@ -98,7 +98,7 @@ echo "</div>";
|
|||
echo "<div class='section'>";
|
||||
echo "<h2>Test 5: Required Columns Check</h2>";
|
||||
$required_columns = ['user_id', 'users_login', 'users_passwd', 'users_role', 'users_email'];
|
||||
$result = mysqli_query($db, "SHOW COLUMNS FROM ogp_users");
|
||||
$result = mysqli_query($db, "SHOW COLUMNS FROM {$table_prefix}users");
|
||||
$existing_columns = [];
|
||||
while ($row = mysqli_fetch_assoc($result)) {
|
||||
$existing_columns[] = $row['Field'];
|
||||
|
|
|
|||
2
themes/AdminLTE-2/dist/php/theme.class.php
vendored
2
themes/AdminLTE-2/dist/php/theme.class.php
vendored
|
|
@ -393,7 +393,7 @@ class Theme
|
|||
|
||||
// delete old stats (keep only entries from last 1 day)
|
||||
$ThemeDB->query("
|
||||
DELETE FROM ogp_adminlte_serverstats WHERE current_stamp < DATE_ADD(NOW(), INTERVAL -1 DAY)
|
||||
DELETE FROM ".$ThemeDB->serverStatsTable." WHERE current_stamp < DATE_ADD(NOW(), INTERVAL -1 DAY)
|
||||
");
|
||||
|
||||
return "successfully updated";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue