<?session_start();
?>
<!--
www.vnlisting.com
Online Super Bowl Squares Script
Please read the "Readme.txt for license agreement, installation and usage instructions
Version: 4.1 1/9/2012
-->
<?php
@ob_start();
if (!isset($_SESSION['VNSB'])) {
?>
<meta http-equiv="Refresh"content="0;url=adminlogin.php">
<?
} else {
require_once('config.php');
$confirmation = $_POST['Confirmation'];
$SQUARE = $_POST['square'];
$CONFIRM = $_POST['confirm'];
$RELEASE = $_POST['release'];
$NOTES = $_POST['body'];
require "header.inc";
//$headers = "From: $ADMIN_EMAIL\r\nBcc: $ADMIN_EMAIL\r\n";
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
//$headers .= 'To: Mary <hide@address.com>, Kelly <hide@address.com>' . "\r\n";
$headers .= "From: Admin <$ADMIN_EMAIL>" . "\r\n";
//$headers .= 'Cc: hide@address.com' . "\r\n";
$headers .= 'Bcc: Admin <$ADMIN_EMAIL>' . "\r\n";
function notify_admin ($mailto, $mailmessage, $mail_headers)
{
mail("$mailto", "Super Bowl Squares", "$mailmessage", "$mail_headers");
//echo "mail(\"$mailto\", \"Super Bowl Squares\", \"$mailmessage\", \"$mail_headers\")</br>;";
}
?>
<h3>ADMINISTRATOR APPROVAL</h3>
<?php
if (!isset($confirmation)) { ?>
<table width="50%" cellpadding="5" style="font-family: verdana, arial; border: #FFCC99 1px solid">
<tr>
<td height="28" colspan="3" align="center" style="font-size: 11px">
<strong>Confirm user selected square when payment is verified, or release the square if allowed time for payment has expired.</strong>
</td>
</tr>
<tr>
<td width="" align="center" valign="top">
<form name="approval" action="admin.php" method="post" enctype="multipart/form-data">
<table width="100%" border="0" style="font-family: verdana, arial; font-size: 11px">
<tr>
<td><b>Square</b></td>
<td>
<select name="square[]" id="square" size="11" multiple>
<!--<option value="">Select One</option>-->
<?php
$query="SELECT * FROM VNSB_squares WHERE NAME!='AVAILABLE' AND NAME!='' AND CONFIRM='0' ORDER BY NAME, SQUARE";
$result = mysql_query($query);
if (!$result) {
echo mysql_error();
exit;
}
while ($record = mysql_fetch_assoc($result)) {
echo "<option value = '".$record['SQUARE']."'>".$record["NAME"]." - ".$record["SQUARE"]."</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td><b>Confirm</b></td>
<td><input type="checkbox" name="confirm" value="1"></td>
</tr>
<tr>
<td><b>Release</b></td>
<td><input type="checkbox" name="release" value="1"></td>
</tr>
<tr>
<td><b>Notes to User</b></td>
<td><textarea name="body" rows="3" cols="50" wrap="virtual" style="font-family: verdana, arial; font-size: 10px"></textarea></td>
</tr>
<tr>
<td> </a></td>
<td><br/><p><input type="submit" value="Confirmation" name="Confirmation"></p></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<p>
<table width="50%" border="0" cellspacing="0" cellpadding="0" style="font-family: verdana, arial; font-size: 12px">
<tr>
<td width="33%"><a href="<?=$superbowlURL?>" title="Home">Home</a></td>
<td width="34%" align="center"><a href="randomnumber.php" title="Random Numbers">Numbers</a></td>
<td width="33%" align="right"><a href="adminlogout.php" title="Admin logout">Logout</a></td>
</tr>
</table>
</p>
<?php
} else {
if (count($SQUARE) > 0){
$input = "";
$whereclause = "(";
for($e=0; $e<count($SQUARE); $e++){
$whereclause = $whereclause . "SQUARE = '" . trim($SQUARE[$e]) . "' OR ";
$square_list = $square_list .", ".$SQUARE[$e];
}
$whereclause = substr_replace($whereclause,"",-3); // strip off ' OR'
$whereclause = $whereclause .")";
$square_list = substr_replace($square_list,"",0,2);
//echo $square_list."</br>";
$query="SELECT * FROM VNSB_squares WHERE $whereclause";
//echo $query."</br>";
$result = mysql_query($query);
if (!$result) {
echo mysql_error();
exit;
}
$USER_EMAIL_LIST = '';
while ($record = mysql_fetch_assoc($result)) {
$USER_EMAIL = '';
$USER_EMAIL = $record["EMAIL"];
$pos = strpos($USER_EMAIL_LIST,$USER_EMAIL);
if($pos === false) {
// string $USER_EMAIL NOT found in $USER_EMAIL_LIST
$USER_EMAIL_LIST = $USER_EMAIL_LIST .",".$USER_EMAIL;
}
}
$USER_EMAIL_LIST = substr_replace($USER_EMAIL_LIST,"",0,1);
$bodyMessage = "\r\nNOTIFICATION\r\n";
//echo $bodyMessage."</br>";
if ($CONFIRM==1 AND $RELEASE!=1) {
$query="UPDATE VNSB_squares SET CONFIRM='1' WHERE $whereclause";
$bodyMessage .= "Your square $square_list is now confirmed.\r\n\n";
} else if ($RELEASE==1 AND $CONFIRM!=1) {
$query="UPDATE VNSB_squares SET NAME='AVAILABLE', EMAIL='', NOTES='', DATE='', CONFIRM='0' WHERE $whereclause";
$bodyMessage .= "Your square $square_list selection is now released due to no payment.\r\n";
$bodyMessage .= "If this is an error, please contact me or re-select your square.\r\n\n";
} else if (($CONFIRM!=1 AND $RELEASE!=1) OR ($RELEASE==1 AND $CONFIRM==1) ) {
echo "<p>Must select ONLY one 'Confirm' or 'Release' !!!</p>";
echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
exit;
}
//echo $query."</br>";
$result = mysql_query($query);
if (!$result) {
echo mysql_error();
} else {
$bodyMessage .= $NOTES."\r\n\n";
$bodyMessage .= "Good Luck and enjoy the game.\r\n";
$bodyMessage .= "The Commissioner\r\n";
$bodyMessage .= "$superbowlURL\r\n";
notify_admin($USER_EMAIL_LIST,$bodyMessage,$headers);
echo "<p>Square(s) <b>".$square_list."</b> updated successful</p>";
echo "<p>Emailed to: ".$USER_EMAIL_LIST."</p>";
echo "
<p>
<table width=\"50%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" style=\"font-family: verdana, arial; font-size: 12px\">
<tr>
<td width=\"33%\"><a href=\"$superbowlURL\" title=\"Administrator\">Home</a></td>
<td width=\"34%\" align=\"center\"><a href=\"./admin.php\" title=\"Administrator\">Admin</a></td>
<td width=\"33%\" align=\"right\"><a href=\"adminlogout.php\" title=\"Admin logout\">Logout</a></td>
</tr>
</table>
</p>";
unset($confirmation, $SQUARE, $CONFIRM, $RELEASE, $NOTES, $ADM_EMAIL, $ADM_PASSWORD);
}
}else{
echo "<p>Must select at least one Square to Confirm or Release' !!!</p>";
echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
exit;
}
} ?>
<p align="center" style="">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="hide@address.com">
<input type="hidden" name="item_name" value="NFL Super Bowl Squares Scripts">
<input type="hidden" name="item_number" value="3">
<!-- <b>Enter Donation amount: $</b><input type="text" name="amount" value="" size=6> <input type=submit value="click here to Donate">
-->
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHNwYJKoZIhvcNAQcEoIIHKDCCByQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYA2estwKoVCckgAdhQywU8gbgrJxnSDQ7U3kcDzp9kVWh+ey7JmejervwbjeKiNvgmzBdJUD3irqnFiD88iiD3EnwrzJKNz7HYnh260uFNaUnhjWhalkK5aGgDzvI6vq7xQ1fRQu6AYbSr8IIqxpU/FyMvLdDP/LRt6BOTwEH3IgzELMAkGBSsOAwIaBQAwgbQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIH4rlyAySQpuAgZBZdfgl60vRvSNmf/jg7soyG4rj8L5IwDwAmx7vSnYQLqQUUOmyQ9ZPIoaUR7y8bwdf1Gzou86Q9mHu3eV3lvWQAyKi01BgYmDj0ENoycpQqDs8pBZzwY1qh6atvcc/+sLoHzZ5uUqBA3RWExEU1W4r36YnOni+AChBKfBB5PWv2/bzZSrO41LXN1CnWNcaN06gggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjAxMjEwMDQ2MjZaMCMGCSqGSIb3DQEJBDEWBBTq5veqr7s7hYvPRjaEeymblr5ImjANBgkqhkiG9w0BAQEFAASBgAv448wf84lW4+N1Sd7g6Kt+SJ4gJ5goll8sDzSYz8aRxvLqx4P6ZLPxNOLOYTgTkGPzFY0D6m2kuFslf8usxGv8f8grSeN9rLdpAJfyNxdfKgsnCIke4Id25Tcj7nBvvL7fiRiQo8cTJHTg9SdJlfb6MkyZoZKN25xrNqman0cx-----END PKCS7-----
">
</form>
</p>
<?php require "footer.inc";
}
?>