<?php
	define('thisscript','adminuserlistdetail');

	require_once 'globalad.php';
	require_once '../class/User.php';
	/* require_once '../class/MemberCard.php';
	require_once '../class/Merchant.php'; */
	require_once '../class/Bank.php';
	$useradmin = new User();
	/* $mcard = new MemberCard();
	$merchant = new Merchant(); */
	$bank = new Bank();
	
	if (empty($userid)){
		redirecting("adminuserlist.php");
	}
	
	if (empty($useraccess['manage_user_list'])){
		redirecting('index.php');
	}
	
	/* sanitize post, get, request */
	$_GET['act'] = ((empty($_GET['act']))?"":$_GET['act']);
	$_GET['add'] = ((empty($_GET['add']))?"":$_GET['add']);
	$_REQUEST['id'] = ((empty($_REQUEST['id']))?"":$_REQUEST['id']);
	$_POST['submits'] = ((empty($_POST['submits']))?"":$_POST['submits']);
	$_POST['check'] = ((empty($_POST['check']))?"":$_POST['check']);
	$_POST['regid'] = ((empty($_POST['regid']))?"":$_POST['regid']);
	$_POST['username'] = ((empty($_POST['username']))?"":$_POST['username']);
	/* end sanitize */
		
	if ($_POST['check'] == 'code'){
		$regid = trim($_POST['regid']);
		$email = trim($_POST['email']);
		$username = trim($_POST['username']);
		if (!empty($regid)){
			$useradmin->setId($regid);
		}
		
		/* if (!empty($username) && $useradmin->checkUserExist($username)){
			echo 'error-username';
		}
		else  */if ($useradmin->checkEmailExist($email)){
			echo 'error-email';
		}
		else{
			echo 'allow';
		}
		exit;
	}
	
	$upline_email = '';
	
	$curstatus = array();
	$curstatus['username'] = '';
	$curstatus['usergroupid'] = 2;
	$curstatus['firstname'] = '';
	$curstatus['lastname'] = '';
	$curstatus['email'] = '';
	$curstatus['phones'] = '';
	$birthday = '';
	$curstatus['gender'] = '';
	$joindate = '';
	$curstatus['verified'] = '';
	$curstatus['typeofcard'] = '';
	$curstatus['cardnumber'] = '';
	$curstatus['newsletter'] = 2;
	$curstatus['status'] = 1;
	$curstatus['merchant_id'] = '';
	$bankaccess = array();
	
	$curstatus['address'] = '';
	$curstatus['areaid'] = '';
	$curstatus['stateid'] = '';
	$curstatus['countryid'] = '';
	$curstatus['postalcode'] = '';
	$curstatus['bbm'] = '';
	$curstatus['fb'] = '';
	$curstatus['twitter'] = '';
	$curstatus['line'] = '';
	$curstatus['whatsapp'] = '';
	$curstatus['wechat'] = '';
	$curstatus['instagram'] = '';
	$curstatus['image_path'] = '';
	
	$curstatus['companyname'] = '';
	$curstatus['companyphone'] = '';
	$curstatus['companyaddress'] = '';
	
	$curstatus['bitcoin_acc'] = '';
	$curstatus['bank_id'] = '';
	$curstatus['bank_account'] = '';
	$curstatus['bank_account_name'] = '';
	$curstatus['trading_account_pam'] = '';
	$curstatus['trading_account'] = '';
	
	$curstatus['fee'] = ''/* number_format($transactionsetting['transaction_fee'], 0, ",", ".") */;
	$curstatus['commission'] = ''/* number_format($transactionsetting['transaction_commission'], 0, ",", ".") */;
	
	$address = empty($curstatus['address'])?'':$curstatus['address'];
	
	/* if ($_GET['act'] == 'getmerchantlist'){
		
		echo $merchantlist;
		exit;
	} */
	
	if (!empty($_REQUEST['id'])){
		$useradmin->setId($_REQUEST['id']);
		$curstatus = $useradmin->getUserDetail('billing');
		
		if (empty($curstatus['userid'])){
			redirecting('adminuserlist.php');
		}
		
		if (!empty($curstatus['birthday'])){
			$birthday = date('d-m-Y',$curstatus['birthday']);
		}
		
		if (!empty($curstatus['joindate'])){
			$joindate = date('d-m-Y',$curstatus['joindate']);
		}
		
		if (!empty($curstatus['parentid'])){
			$db_upline = $db->fetch_one("SELECT email FROM user WHERE userid = '".$db->clean($curstatus['parentid'])."'");
			$upline_email = empty($db_upline['email'])?'':$db_upline['email'];
		}
		
		$bankaccess = explode(",", $curstatus['account_id']);
		
		if ($_GET['act'] == 'delete'){
			if ($curstatus['userid'] != 1){
				$useradmin->deleteUser();
			}
			redirecting('adminuserlist.php');
		}
		
		$curstatus['fee'] = number_format($curstatus['fee'], 0, ",", ".");
		$curstatus['commission'] = number_format($curstatus['commission'], 0, ",", ".");
	}
	
	$bank_options = '';
	$db_bank = $db->fetch_all("SELECT bank_id, bankname FROM bank WHERE status = 1 AND bankname NOT LIKE '%Bitcoin%' ORDER BY bankname");
	if (sizeof($db_bank) > 0){
		foreach ($db_bank as $dbb){
			$bank_options .= '<option value="'.$dbb['bank_id'].'"'.(($curstatus['bank_id'] == $dbb['bank_id'])?' selected':'').'>'.$dbb['bankname'].'</option>';
		}
	}
			
	if ($_POST['submits'] == 'Tambah'){
		$_POST['username'] = ((empty($_POST['username']))?"":$_POST['username']);
		$_POST['usergroupid'] = ((empty($_POST['usergroupid']))?"":$_POST['usergroupid']);
		$_POST['password'] = ((empty($_POST['password']))?"":$_POST['password']);
		$_POST['firstname'] = ((empty($_POST['firstname']))?"":$_POST['firstname']);
		$_POST['lastname'] = ((empty($_POST['lastname']))?"":$_POST['lastname']);
		$_POST['email'] = ((empty($_POST['email']))?"":$_POST['email']);
		$_POST['phones'] = ((empty($_POST['phones']))?"":$_POST['phones']);
		$_POST['biladdress'] = ((empty($_POST['biladdress']))?"":$_POST['biladdress']);
		$_POST['bilcity'] = ((empty($_POST['bilcity']))?"":$_POST['bilcity']);
		$_POST['bilstate'] = ((empty($_POST['bilstate']))?"":$_POST['bilstate']);
		$_POST['bilcountry'] = ((empty($_POST['bilcountry']))?"":$_POST['bilcountry']);
		$_POST['bilpostal'] = ((empty($_POST['bilpostal']))?"":$_POST['bilpostal']);
		$_POST['birthday'] = ((empty($_POST['birthday']))?"":$_POST['birthday']);
		$_POST['gender'] = ((empty($_POST['gender']))?"":$_POST['gender']);
		$_POST['cardnumber'] = ((empty($_POST['cardnumber']))?"":$_POST['cardnumber']);
		$_POST['typeofcard'] = ((empty($_POST['typeofcard']))?"":$_POST['typeofcard']);
		$_POST['newsletter'] = ((empty($_POST['newsletter']))?"":$_POST['newsletter']);
		$_POST['verified'] = ((empty($_POST['verified']))?"":$_POST['verified']);
		$_POST['status'] = ((empty($_POST['status']))?"":$_POST['status']);
		$_POST['merchantid'] = ((empty($_POST['merchantid']))?"":$_POST['merchantid']);
		$_POST['accountid'] = ((empty($_POST['accountid']))?array():$_POST['accountid']);
		$_POST['companyaddress'] = ((empty($_POST['companyaddress'])) ? "" : $_POST['companyaddress']);
		$_POST['companyphone'] = ((empty($_POST['companyphone'])) ? "" : $_POST['companyphone']);
		$_POST['companyname'] = ((empty($_POST['companyname'])) ? "" : $_POST['companyname']);
		$_POST['bbm'] = ((empty($_POST['bbm'])) ? "" : $_POST['bbm']);
		$_POST['whatsapp'] = ((empty($_POST['whatsapp'])) ? "" : $_POST['whatsapp']);
		$_POST['line'] = ((empty($_POST['line'])) ? "" : $_POST['line']);
		$_POST['wechat'] = ((empty($_POST['wechat'])) ? "" : $_POST['wechat']);
		$_POST['fb'] = ((empty($_POST['fb'])) ? "" : $_POST['fb']);
		$_POST['twitter'] = ((empty($_POST['twitter'])) ? "" : $_POST['twitter']);
		$_POST['instagram'] = ((empty($_POST['instagram'])) ? "" : $_POST['instagram']);
		$_POST['trading_account'] = ((empty($_POST['trading_account'])) ? "" : $_POST['trading_account']);
		$_POST['trading_account_pam'] = ((empty($_POST['trading_account_pam'])) ? "" : $_POST['trading_account_pam']);
		$_POST['bitcoin_acc'] = ((empty($_POST['bitcoin_acc'])) ? "" : $_POST['bitcoin_acc']);
		$_POST['bank_id'] = ((empty($_POST['bank_id'])) ? "" : $_POST['bank_id']);
		$_POST['bank_account'] = ((empty($_POST['bank_account'])) ? "" : $_POST['bank_account']);
		$_POST['bank_account_name'] = ((empty($_POST['bank_account_name'])) ? "" : $_POST['bank_account_name']);
		$_POST['fee'] = ((empty($_POST['fee'])) ? 0 : togglenumber($_POST['fee'], 'calculate'));
		$_POST['commission'] = ((empty($_POST['commission'])) ? 0 : togglenumber($_POST['commission'], 'calculate'));
		
		$username = $_POST['username'];
		$usergroupid = $_POST['usergroupid'];
		$password = $_POST['password'];
		$firstname = $_POST['firstname'];
		$lastname = $_POST['lastname'];
		$email = $_POST['email'];
		$phones = $_POST['phones'];
		$biladdress = $_POST['biladdress'];
		$bilcity = $_POST['bilcity'];
		$bilstate = $_POST['bilstate'];
		$bilcountry = $_POST['bilcountry'];
		$bilpostal = $_POST['bilpostal'];
		
		$birthday = $_POST['birthday'];
		$gender = $_POST['gender'];
		$cardnumber = $_POST['cardnumber'];
		$typeofcard = $_POST['typeofcard'];
		$newsletter = $_POST['newsletter'];
		$accountid = $_POST['accountid'];
		
		$verified = $_POST['verified'];
		$status = $_POST['status'];
		
		$bbm = $_POST['bbm'];
		$line = $_POST['line'];
		$whatsapp = $_POST['whatsapp'];
		$wechat = $_POST['wechat'];
		$fb = $_POST['fb'];
		$twitter = $_POST['twitter'];
		$instagram = $_POST['instagram'];
		
		$companyaddress = $_POST['companyaddress'];
		$companyname = $_POST['companyname'];
		$companyphone = $_POST['companyphone'];
		
		$fee = $_POST['fee'];
		$commission = $_POST['commission'];
		
		/* $userexist = $useradmin->checkUserExist($username);
		if ($userexist){
			redirecting('adminuserlist.php');
		} */
		
		$emailexist = $useradmin->checkEmailExist($email);
		if ($emailexist){
			redirecting('adminuserlist.php');
		}
		
		if ($newsletter == 'yes'){
			$newsletter = 1;
		}
		else{
			$newsletter = 2;
		}

		$fileName = '';
		if ($_FILES['imageFile'] && !empty($_FILES['imageFile']['tmp_name'])) {
			$file_type = $_FILES['imageFile']['type'];
			if ($file_type == "image/gif" || $file_type == "image/jpg" || $file_type == "image/jpeg" || $file_type == "image/png") {
				$extension = pathinfo($_FILES['imageFile']['name'])['extension'];
				$fileName = str_replace('.', '', microtime(true)) . '.' . $extension;
				move_uploaded_file($_FILES['imageFile']['tmp_name'], '../images/users/' . $fileName);
			}
		}
		
		$merchantid = 0;
		/* if($usergroupid == 3394)$merchantid = $_POST['merchantid']; */
				
		$useridcreated = $useradmin->createNewUser($username, $email, $fileName, $password, $firstname, $lastname, $phones, $bbm, $line, $whatsapp, $wechat, $fb, $twitter, $instagram, $userid, $usergroupid, $langid, getIP(), $verified, $birthday, $gender, $typeofcard, $cardnumber, $newsletter, $companyname, $companyaddress, $companyphone, $userid, $_POST['bitcoin_acc'], $fee, $commission, $status, $merchantid, implode(",", $accountid), $_POST['trading_account'], $_POST['trading_account_pam'], $_POST['bank_id'], $_POST['bank_account'], $_POST['bank_account_name']);
		$useradmin->setId($useridcreated);
		
		$useradmin->saveAddress($biladdress,$bilcity,$bilstate,$bilcountry,$bilpostal,'billing');
		
		redirecting('adminuserlist.php');
	}
	else if ($_POST['submits'] == 'Ubah' && !empty($curstatus['userid'])){
 		$_POST['username'] = ((empty($_POST['username']))?"":$_POST['username']);
		$_POST['usergroupid'] = ((empty($_POST['usergroupid']))?"":$_POST['usergroupid']);
		$_POST['password'] = ((empty($_POST['password']))?"":$_POST['password']);
		$_POST['firstname'] = ((empty($_POST['firstname']))?"":$_POST['firstname']);
		$_POST['lastname'] = ((empty($_POST['lastname']))?"":$_POST['lastname']);
		$_POST['email'] = ((empty($_POST['email']))?"":$_POST['email']);
		$_POST['phones'] = ((empty($_POST['phones']))?"":$_POST['phones']);
		$_POST['biladdress'] = ((empty($_POST['biladdress']))?"":$_POST['biladdress']);
		$_POST['bilcity'] = ((empty($_POST['bilcity']))?"":$_POST['bilcity']);
		$_POST['bilstate'] = ((empty($_POST['bilstate']))?"":$_POST['bilstate']);
		$_POST['bilcountry'] = ((empty($_POST['bilcountry']))?"":$_POST['bilcountry']);
		$_POST['bilpostal'] = ((empty($_POST['bilpostal']))?"":$_POST['bilpostal']);
		$_POST['birthday'] = ((empty($_POST['birthday']))?"":$_POST['birthday']);
		$_POST['gender'] = ((empty($_POST['gender']))?"":$_POST['gender']);
		$_POST['cardnumber'] = ((empty($_POST['cardnumber']))?"":$_POST['cardnumber']);
		$_POST['typeofcard'] = ((empty($_POST['typeofcard']))?"":$_POST['typeofcard']);
		$_POST['newsletter'] = ((empty($_POST['newsletter']))?"":$_POST['newsletter']);
		$_POST['verified'] = ((empty($_POST['verified']))?"":$_POST['verified']);
		$_POST['status'] = ((empty($_POST['status']))?"":$_POST['status']);
		$_POST['merchantid'] = ((empty($_POST['merchantid']))?"":$_POST['merchantid']);
		$_POST['accountid'] = ((empty($_POST['accountid']))?array():$_POST['accountid']);
		$_POST['companyaddress'] = ((empty($_POST['companyaddress'])) ? "" : $_POST['companyaddress']);
		$_POST['companyphone'] = ((empty($_POST['companyphone'])) ? "" : $_POST['companyphone']);
		$_POST['companyname'] = ((empty($_POST['companyname'])) ? "" : $_POST['companyname']);
		$_POST['bbm'] = ((empty($_POST['bbm'])) ? "" : $_POST['bbm']);
		$_POST['whatsapp'] = ((empty($_POST['whatsapp'])) ? "" : $_POST['whatsapp']);
		$_POST['line'] = ((empty($_POST['line'])) ? "" : $_POST['line']);
		$_POST['wechat'] = ((empty($_POST['wechat'])) ? "" : $_POST['wechat']);
		$_POST['fb'] = ((empty($_POST['fb'])) ? "" : $_POST['fb']);
		$_POST['twitter'] = ((empty($_POST['twitter'])) ? "" : $_POST['twitter']);
		$_POST['instagram'] = ((empty($_POST['instagram'])) ? "" : $_POST['instagram']);
		$_POST['trading_account'] = ((empty($_POST['trading_account'])) ? "" : $_POST['trading_account']);
		$_POST['trading_account_pam'] = ((empty($_POST['trading_account_pam'])) ? "" : $_POST['trading_account_pam']);
		$_POST['bitcoin_acc'] = ((empty($_POST['bitcoin_acc'])) ? "" : $_POST['bitcoin_acc']);
		$_POST['bank_id'] = ((empty($_POST['bank_id'])) ? "" : $_POST['bank_id']);
		$_POST['bank_account'] = ((empty($_POST['bank_account'])) ? "" : $_POST['bank_account']);
		$_POST['bank_account_name'] = ((empty($_POST['bank_account_name'])) ? "" : $_POST['bank_account_name']);
		$_POST['fee'] = ((empty($_POST['fee'])) ? 0 : togglenumber($_POST['fee'], 'calculate'));
		$_POST['commission'] = ((empty($_POST['commission'])) ? 0 : togglenumber($_POST['commission'], 'calculate'));
		
		$username = $_POST['username'];
		$usergroupid = $_POST['usergroupid'];
		$password = $_POST['password'];
		$firstname = $_POST['firstname'];
		$lastname = $_POST['lastname'];
		$email = $_POST['email'];
		$phones = $_POST['phones'];
		$biladdress = $_POST['biladdress'];
		$bilcity = $_POST['bilcity'];
		$bilstate = $_POST['bilstate'];
		$bilcountry = $_POST['bilcountry'];
		$bilpostal = $_POST['bilpostal'];
		
		$birthday = $_POST['birthday'];
		$gender = $_POST['gender'];
		$cardnumber = $_POST['cardnumber'];
		$typeofcard = $_POST['typeofcard'];
		$newsletter = $_POST['newsletter'];
		$accountid = $_POST['accountid'];
		
		$bbm = $_POST['bbm'];
		$line = $_POST['line'];
		$whatsapp = $_POST['whatsapp'];
		$wechat = $_POST['wechat'];
		$fb = $_POST['fb'];
		$twitter = $_POST['twitter'];
		$instagram = $_POST['instagram'];
		
		$companyaddress = $_POST['companyaddress'];
		$companyname = $_POST['companyname'];
		$companyphone = $_POST['companyphone'];
		
		$verified = $_POST['verified'];
		$status = $_POST['status'];
		
		$fee = $_POST['fee'];
		$commission = $_POST['commission'];
		
		/* if (!empty($username)){
			$userexist = $useradmin->checkUserExist($username);
			if ($userexist){
				redirecting('adminuserlist.php');
			}
		} */
		
		$emailexist = $useradmin->checkEmailExist($email);
		if ($emailexist){
			redirecting('adminuserlist.php');
		}
		
		if ($newsletter == 'yes'){
			$newsletter = 1;
		}
		else{
			$newsletter = 2;
		}

		$fileName = '';
		if ($_FILES['imageFile'] && !empty($_FILES['imageFile']['tmp_name'])) {
			$file_type = $_FILES['imageFile']['type'];
			if ($file_type == "image/gif" || $file_type == "image/jpg" || $file_type == "image/jpeg" || $file_type == "image/png") {
				$extension = pathinfo($_FILES['imageFile']['name'])['extension'];
				$fileName = str_replace('.', '', microtime(true)) . '.' . $extension;
				move_uploaded_file($_FILES['imageFile']['tmp_name'], '../images/users/' . $fileName);
			}
		}
		
		$merchantid = 0;
		/* if($usergroupid == 3394)$merchantid = $_POST['merchantid']; */
		
		if ($curstatus['verified'] == 2 && $verified == 1){
			/* send confirmation email to customer */
			$tocustomer = $email;
			$mailcontentcust = '
				Dear Customer,<br /><br />
				Your account has been activated. Your information are as below:
				<table width="100%" cellspacing="5" cellpadding="0">
				<tr>
					<td align="left" style="width: 150px;">Name</td>
					<td align="center">:</td>
					<td align="left">' . $firstname . '</td>
				</tr>
				<tr>
					<td align="left" style="width: 150px;">Company</td>
					<td align="center">:</td>
					<td align="left">' . (empty($companyname)?'-':$companyname) . '</td>
				</tr>
				<tr>
					<td align="left" style="width: 150px;" valign="top">Address</td>
					<td align="center" valign="top">:</td>
					<td align="left" valign="top">' . $companyaddress . '</td>
				</tr>
				<tr>
					<td align="left" style="width: 150px;">Phone</td>
					<td align="center">:</td>
					<td align="left">' . $companyphone . '</td>
				</tr>
				<tr>
					<td align="left" style="width: 150px;">Email</td>
					<td align="center">:</td>
					<td align="left">' . $email . '</td>
				</tr>
				</table>
				<br /><br />
				Your account has been activated. Now you can login to <a href="'.$general['siteurl'].'" target="_blank"><b>'.$general['siteurl'].'</b></a>. Thank you.
			';
			
			$headers = "Content-type: text/html; charset=iso-8859-1\r\n";
			$headers .= "From: ".$general['sitename']." <".$general['siteemail'].">";
			$subjectcust = $general['sitename'].' - Member Activated';

			if ($emailsetting['enablesendmail']){
				mail($tocustomer, $subjectcust, $mailcontentcust, $headers);
			}
		}
		
		$useradmin->updateUser($username, $email, $password, $firstname, $lastname, $phones, $userid, $usergroupid, $verified, $birthday, $gender, $typeofcard, $cardnumber, $newsletter, $fileName, $bbm, $line, $whatsapp, $wechat, $fb, $twitter, $instagram, $companyname, $companyaddress, $companyphone, $userid, $fee, $commission, $status, $merchantid, implode(",", $accountid), $curstatus, $_POST['trading_account'], $_POST['trading_account_pam'], $_POST['bitcoin_acc'], $_POST['bank_id'], $_POST['bank_account'], $_POST['bank_account_name']);
		$useradmin->updateUserAddress($biladdress,$bilcity,$bilstate,$bilcountry,$bilpostal,'billing');
		
		redirecting('adminuserlist.php');
	}
	
	/* generate user group list */
	$listug = '';
	$allug = $ugroup->getListUserGroup();
	if (sizeof($allug) > 0){
		foreach ($allug as $aug){
			$listug .= '<option value="'.$aug['usergroupid'].'"'.(($aug['usergroupid'] == $curstatus['usergroupid'])?' selected':'').'>'.htmlspecialchars($aug['title']).'</option>';
		}
	}
	
	/* get bank account */
 	$dbbank = $bank->getBankname();
	$bankoptions = '';
	if (sizeof($dbbank) > 0){
		foreach ($dbbank as $data){
			$bankoptions .= '<option value="'.$data['bank_id'].'"'.((in_array($data['bank_id'], $bankaccess))?' selected':'').'>'.htmlspecialchars($data['bankname'].' - '.$data['rek_no'].' - '.$data['rek_name']).'</option>';
		}
	}
	
	$cardoptions = '';
	$merchantlist = '';
	/* get card type */
	/* $allcard = $mcard->getMemberCardType('partial');
	if (sizeof($allcard) > 0){
		foreach ($allcard as $acd){
			$cardoptions .= '<option value="'.$acd['idcard'].'"'.(($curstatus['typeofcard'] == $acd['idcard'])?' selected':'').'>'.htmlspecialchars($acd['name_card']).'</option>';
		}
	}
	
	$merchantdb = $merchant->getMerchantList('partial');
	
	if(sizeof($merchantdb) > 0)
	{
		foreach($merchantdb as $m)
		{
			$merchantlist .= '<option value="'.$m['merchant_id'].'"'.(($curstatus['merchant_id'] == $m['merchant_id'])?' selected':'').'>'.htmlspecialchars($m['name']).'</option>';
		}
	}
	 */
	require_once 'incl/global_template.php';
	
	$theme = gettemplate('adminuserlistdetail');
	eval("\$theme = \"$theme\";");
	echo $theme;
?>