Thread: Weight Updator
View Single Post
  #2  
Old 09-15-2005, 09:27 AM
  shan's Avatar 
shan shan is offline
 

X-Guru
   
Join Date: Sep 2002
Location: Birmingham, UK
Posts: 6,163
 
Default
Heres the code......

Code:
<?php

/*
	X-cart weight update
*/

## THIS SCRIPT IS PASSWORD PROTECTED
# You can generate a MD5 hash (required) at a site such as http://bfl.rctek.com/tools/?tool=hasher
# Example password is "PassWord"
$sett["password"] = "";


## MySQL settings go here
# Variable names should make the needed details obvious

$mysql["server"] = "";
$mysql["username"] = "";
$mysql["password"] = "";
$mysql["database_name"] = "";

## Authentication tokens
# This handles encrypted authentication tokens, to prevent prying eyes getting passwords
# No real need to change this, although key changes may be advisable

# Change this setting to some random string. It acts as a key for encryption.
$sett["auth_key"] = ":W?u8PbEmGtNsHiOzD_w:oB[G<mFC";

# Change this for the maximum idle time for each call of the script - Value in seconds (900 = 15 mins)
$sett["auth_idle"] = 900;


## Misc settings
# No real need to change these

#Change this if you save this file under a different name
$sett["filename"] = "weight_updator.php";










## It's all code from now on
#
#
#

mysql_connect($mysql["server"], $mysql["username"], $mysql["password"]);
mysql_select_db($mysql["database_name"]);

function get_rnd_iv($iv_len)
{
   $iv = '';
   while ($iv_len-- > 0) {
       $iv .= chr(mt_rand() & 0xff);
   }
   return $iv;
}

function md5_encrypt($plain_text, $password, $iv_len = 16)
{
   $plain_text .= "\x13";
   $n = strlen($plain_text);
   if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16));
   $i = 0;
   $enc_text = get_rnd_iv($iv_len);
   $iv = substr($password ^ $enc_text, 0, 512);
   while ($i < $n) {
       $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));
       $enc_text .= $block;
       $iv = substr($block . $iv, 0, 512) ^ $password;
       $i += 16;
   }
   return base64_encode($enc_text);
}

function md5_decrypt($enc_text, $password, $iv_len = 16)
{
   $enc_text = base64_decode($enc_text);
   $n = strlen($enc_text);
   $i = $iv_len;
   $plain_text = '';
   $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
   while ($i < $n) {
       $block = substr($enc_text, $i, 16);
       $plain_text .= $block ^ pack('H*', md5($iv));
       $iv = substr($block . $iv, 0, 512) ^ $password;
       $i += 16;
   }
   return preg_replace('/\\x13\\x00*$/', '', $plain_text);
}



class authenticate {

	var $decrypt;
	var $idle = 300;
	var $key;
	var $pass;

	function authenticate ($input,  $key, $password, $idle) {

		$this->idle = $idle;
		$this->key = $key;
		$this->pass = strtolower($password);
		parse_str(md5_decrypt($input, $key), $tmp);
		if (is_array($tmp) && ($tmp["validate"] == "VALID:".$this->key)) {
			$this->decrypt = $tmp;
			return $this;
		}
		if (strtolower(md5($input)) == $this->pass) {
			$this->build_auth($password);
			return $this;
		}
		$this->build_auth();
		return $this;
	}

	function build_auth($pass = "") {
		$this->decrypt["validate"] = sprintf("VALID:%s", $this->key);
		$this->decrypt["idle"] = time();
		$this->decrypt["password"] = $pass;
	}

	function is_valid() {
		if ($this->decrypt["password"] == $this->pass) {
			if ((time() - $this->idle) < $this->decrypt["idle"]) {
				return TRUE;
			}
		}
		return FALSE;
	}

	function build_key() {
		$this->decrypt["idle"] = time();
		foreach ($this->decrypt AS $key=>$val) {
			$str[] = sprintf("%s=%s", $key, urlencode($val));
		}
		return htmlentities(md5_encrypt(implode("&", $str), $this->key));
	}
}


## Main body

$auth = new authenticate($_POST["pass"], $sett["auth_key"], $sett["password"], $sett["auth_idle"]);
if (!$auth->is_valid()) {
?>
<h2>Authentication failed</h2>


Please provide your password:</p>
<form action="./<?=$sett["filename"]?>" method="post">
<input type="text" name="pass">
<input type="submit" value="Login">
</form>


<div align="center">Copyright &copy; 2005 Craig Brass and Phil Richardson</div>
<?php
exit;
}


$our_error = array();
$expr_str = "";

switch (strtolower($_POST["method"])) {

	/* Save this record and move to the next - Don't break*/
	case "save and next":
		$expr_str = ">";

	/* Save and refresh the record - Safe to break here*/
	case "save and refresh":
		if (number_format($_POST["newweight"], 2, ".", "") != number_format($_POST["weight"], 2, ".", "")) {
			$sql = sprintf("UPDATE xcart_products SET weight='%s' WHERE productid=%s LIMIT 1", number_format($_POST["newweight"], 2, ".", ""), intval($_POST["cid"]));
			mysql_query($sql);
			$our_error[] = "Records updated sucesfully. ";
		} else {
			$our_error[] = "No changes made duing the previous update. ";
		}
		if ($expr_str == "") { $expr_str = "="; }
		$sql = sprintf("SELECT xcart_products.productid AS productid, xcart_products.productcode AS productcode, xcart_products.product AS product, xcart_products.weight AS weight FROM xcart_products WHERE xcart_products.productid %s %s ORDER BY xcart_products.productid ASC LIMIT 1", $expr_str, intval($_POST["cid"]));
		break;

	
	/* Load next record */
	case "next without saving":
		$sql = sprintf("SELECT xcart_products.productid AS productid, xcart_products.productcode AS productcode, xcart_products.product AS product, xcart_products.weight AS weight FROM xcart_products WHERE xcart_products.productid > %s ORDER BY xcart_products.productid ASC LIMIT 1", intval($_POST["cid"]));
		break;

	/* Load previous record */
	case "previous without saving":
		$sql = sprintf("SELECT xcart_products.productid AS productid, xcart_products.productcode AS productcode, xcart_products.product AS product, xcart_products.weight AS weight FROM xcart_products WHERE xcart_products.productid < %s ORDER BY xcart_products.productid DESC LIMIT 1", intval($_POST["cid"]));
		break;

	/* Load a specific record */
	case "goto row":
		$sql = sprintf("SELECT xcart_products.productid AS productid, xcart_products.productcode AS productcode, xcart_products.product AS product, xcart_products.weight AS weight FROM xcart_products WHERE xcart_products.productid = %s ORDER BY xcart_products.productid ASC LIMIT 1", intval($_POST["cid"]));
		break;

	/* Load the first row of the table
	   This is also the default action, so fall through */
	case "first row":
	Default:
		$sql = "SELECT xcart_products.productid AS productid, xcart_products.productcode AS productcode, xcart_products.product AS product, xcart_products.weight AS weight FROM xcart_products ORDER BY xcart_products.productid ASC LIMIT 1";
		break;
}


# Check for results - Display warning that you need to navigate to first record
$res = mysql_query($sql);
if (mysql_num_rows($res) < 1) {
	$current_id = "1";
	$our_error[] = "No records returned. Use the controls below to navigate to a different record.";
} else {
	$data = mysql_fetch_object($res);
	$current_id = $data->productid;
}

?>
<h2>Weight editor</h2>

<?php /* Navigation buttons - First record and Jump to */ ?>
<div>
	<form action="./<?=$sett["filename"]?>" method="post">
	<input type="hidden" name="pass" value="<?=$auth->build_key()?>">
	<input type="submit" name="method" value="First row">
	<input type="text" name="cid" value="<?=$current_id?>">
	<input type="submit" name="method" value="Goto row">
	</form>
</div>

<?php /* Only display the content table when we have a record */ ?>
<?php if (mysql_num_rows($res) != "0") { ?>
<form action="./<?=$sett["filename"]?>" method="post">
<input type="hidden" name="pass" value="<?=$auth->build_key()?>">
<input type="hidden" name="cid" value="<?=$current_id?>">
<input type="hidden" name="weight" value="<?=$data->weight?>">
<table>
	<tr>
		<td style="padding-right:15px; text-align:right; font-weight:bold">Product ID</td>
		<td><?=$current_id?></td>
	</tr>
	<tr>
		<td style="padding-right:15px; text-align:right; font-weight:bold">Product Code</td>
		<td><?=$data->productcode?></td>
	</tr>
	<tr>
		<td style="padding-right:15px; text-align:right; font-weight:bold">Product Name</td>
		<td><?=$data->product?></td>
	</tr>
	<tr>
		<td style="padding-right:15px; text-align:right; font-weight:bold">Current Weight</td>
		<td><?=number_format($data->weight, 2, ".", "")?></td>
	</tr>
	<tr>
		<td style="padding-right:15px; text-align:right; font-weight:bold">New Weight</td>
		<td><input type="text" name="newweight" value="<?=number_format($data->weight, 2, ".", "")?>"></td>
	</tr>
	<tr>
		<td></td>
		<td>
			<input type="submit" name="method" value="Previous without saving">
			<input type="submit" name="method" value="Save and refresh">
			<input type="submit" name="method" value="Save and next">
			<input type="submit" name="method" value="Next without saving">
		</td>
	</tr>
</table>
</form>
<?php } ?>

<?php
	if (count($our_error) > 0) {
		foreach ($our_error AS $value) {
		?>
		<div style="font-weight:bold;color:#800000;font-style:italic;background-color:#FFF0B7;padding:5px;border:1px solid #FFB96C;"><?=$value?></div>
		<?php
		}
	}
?>


<div align="center">Copyright &copy; 2005 Craig Brass and Phil Richardson</div>

please dont make your posts sticky
__________________
Looking for a reliable X-cart host ?
You wont go wrong with either of these.

EWD Hosting
Hands On Hosting
Reply With Quote