uawdijnntqw1x1x1
IP : 18.189.180.60
Hostname : ns1.eurodns.top
Kernel : Linux ns1.eurodns.top 4.18.0-553.5.1.lve.1.el7h.x86_64 #1 SMP Fri Jun 14 14:24:52 UTC 2024 x86_64
Disable Function : mail,sendmail,exec,passthru,shell_exec,system,popen,curl_multi_exec,parse_ini_file,show_source,eval,open_base,symlink
OS : Linux
PATH:
/
home
/
sudancam
/
.
/
.trash
/
sudancam.sd.1
/
..
/
wp-pagenavi
/
..
/
shop.1
/
.well-known
/
..
/
admin
/
.
/
model
/
catalog
/
review.php
/
/
<?php class ModelCatalogReview extends Model { public function addReview($data) { $this->db->query("INSERT INTO " . DB_PREFIX . "review SET author = '" . $this->db->escape($data['author']) . "', product_id = '" . (int)$data['product_id'] . "', text = '" . $this->db->escape(strip_tags($data['text'])) . "', rating = '" . (int)$data['rating'] . "', status = '" . (int)$data['status'] . "', date_added = '" . $this->db->escape($data['date_added']) . "'"); $review_id = $this->db->getLastId(); $this->cache->delete('product'); return $review_id; } public function editReview($review_id, $data) { $this->db->query("UPDATE " . DB_PREFIX . "review SET author = '" . $this->db->escape($data['author']) . "', product_id = '" . (int)$data['product_id'] . "', text = '" . $this->db->escape(strip_tags($data['text'])) . "', rating = '" . (int)$data['rating'] . "', status = '" . (int)$data['status'] . "', date_added = '" . $this->db->escape($data['date_added']) . "', date_modified = NOW() WHERE review_id = '" . (int)$review_id . "'"); $this->cache->delete('product'); } public function deleteReview($review_id) { $this->db->query("DELETE FROM " . DB_PREFIX . "review WHERE review_id = '" . (int)$review_id . "'"); $this->cache->delete('product'); } public function getReview($review_id) { $query = $this->db->query("SELECT DISTINCT *, (SELECT pd.name FROM " . DB_PREFIX . "product_description pd WHERE pd.product_id = r.product_id AND pd.language_id = '" . (int)$this->config->get('config_language_id') . "') AS product FROM " . DB_PREFIX . "review r WHERE r.review_id = '" . (int)$review_id . "'"); return $query->row; } public function getReviews($data = array()) { $sql = "SELECT r.review_id, pd.name, r.author, r.rating, r.status, r.date_added FROM " . DB_PREFIX . "review r LEFT JOIN " . DB_PREFIX . "product_description pd ON (r.product_id = pd.product_id) WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'"; if (!empty($data['filter_product'])) { $sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'"; } if (!empty($data['filter_author'])) { $sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'"; } if (isset($data['filter_status']) && $data['filter_status'] !== '') { $sql .= " AND r.status = '" . (int)$data['filter_status'] . "'"; } if (!empty($data['filter_date_added'])) { $sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')"; } $sort_data = array( 'pd.name', 'r.author', 'r.rating', 'r.status', 'r.date_added' ); if (isset($data['sort']) && in_array($data['sort'], $sort_data)) { $sql .= " ORDER BY " . $data['sort']; } else { $sql .= " ORDER BY r.date_added"; } if (isset($data['order']) && ($data['order'] == 'DESC')) { $sql .= " DESC"; } else { $sql .= " ASC"; } if (isset($data['start']) || isset($data['limit'])) { if ($data['start'] < 0) { $data['start'] = 0; } if ($data['limit'] < 1) { $data['limit'] = 20; } $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit']; } $query = $this->db->query($sql); return $query->rows; } public function getTotalReviews($data = array()) { $sql = "SELECT COUNT(*) AS total FROM " . DB_PREFIX . "review r LEFT JOIN " . DB_PREFIX . "product_description pd ON (r.product_id = pd.product_id) WHERE pd.language_id = '" . (int)$this->config->get('config_language_id') . "'"; if (!empty($data['filter_product'])) { $sql .= " AND pd.name LIKE '" . $this->db->escape($data['filter_product']) . "%'"; } if (!empty($data['filter_author'])) { $sql .= " AND r.author LIKE '" . $this->db->escape($data['filter_author']) . "%'"; } if (isset($data['filter_status']) && $data['filter_status'] !== '') { $sql .= " AND r.status = '" . (int)$data['filter_status'] . "'"; } if (!empty($data['filter_date_added'])) { $sql .= " AND DATE(r.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')"; } $query = $this->db->query($sql); return $query->row['total']; } public function getTotalReviewsAwaitingApproval() { $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "review WHERE status = '0'"); return $query->row['total']; } }
/home/sudancam/./.trash/sudancam.sd.1/../wp-pagenavi/../shop.1/.well-known/../admin/./model/catalog/review.php