One Hat Cyber Team

Your IP: 216.73.216.1
Server IP: 185.238.29.86
Server: Linux server2 6.8.12-6-pve #1 SMP PREEMPT_DYNAMIC PMX 6.8.12-6 (2024-12-19T19:05Z) x86_64
Server Software: nginx/1.18.0
PHP Version: 8.1.31
Buat File | Buat Folder
View File Name : orders-eu-taxlist.php

<?php 
/* This script - part of Prestools - gives a list of all the order completed within a certain period */
if(!@include 'approve.php') die( "approve.php was not found!");
$input = $_GET;
if(!isset($input['id_shop'])) $input['id_shop']="0";
$id_shop = intval($input["id_shop"]);
if(!isset($input['startdate']) || (!check_mysql_date($input['startdate'])))
	$input['startdate']="";
if(!isset($input['enddate']) || (!check_mysql_date($input['enddate'])))
	$input['enddate']="";

echo '
<!DOCTYPE html> 
<html lang="en"><head><meta charset="utf-8">
<title>Prestashop Order and tax list for EU tax</title>
<link rel="stylesheet" href="style1.css" type="text/css" />
<style>
.notvalid 
{ background-color:#dddddd;
}
</style>
<script>
function hidenotvalid()
{ var elt = document.getElementById("vatlist");
  var len = elt.rows.length;
  for(var i=1; i<len; i++)
  { if (elt.rows[i].classList.contains("notvalid"))
	{ if(elt.rows[i].style.display=="none")
		elt.rows[i].style.display="table-row";
	  else
		elt.rows[i].style.display="none";		
	}
  }
}
</script>
</head><body>';
	
$eucountrynames = array("Belgium", "Bulgaria", "Croatia", "Cyprus (the Greek part)", "Denmark", "Germany", "Estonia", "Finland", "France", "Greece", "Hungary", "Ireland", "Italy", "Latvia", "Lithuania", "Luxembourg", "Malta", "The Netherlands", "Austria", "Poland", "Portugal", "Romania", "Slovenia", "Slovakia", "Spain", "Czech Republic", "Sweden");
/*							3			236			74			  76						20			1			86			7		8			9			17				143			26		10		125			131				12			139				13			2		14			15			36			193			37			6		16				18		*/
$eucountries = array("3", "236", "74", "76", "20", "1", "86", "7", "8", "9", "143", "26", "10", "125", "131", "	12", "139", "13", "2", "14", "15", "36", "193", "37", "6", "16", "18");
$maxshown=105;

	$query="select value from ". _DB_PREFIX_."configuration WHERE name='PS_LANG_DEFAULT'";
	$res=dbquery($query);
	$row = mysqli_fetch_array($res);
	$id_lang = $row['value'];

/*	
$query = "select id_country,name from ". _DB_PREFIX_."country_lang";
$query .= " WHERE id_country IN (".implode(",",$eucountries).")";
$res=dbquery($query);
$x=0;
while($row = mysqli_fetch_array($res))
  echo ++$x." ".$row["id_country"]." ".$row["name"]."<br>";
*/

$query="select c.value,l.name from ". _DB_PREFIX_."configuration c";
$query .= " LEFT JOIN "._DB_PREFIX_."country_lang l ON c.value=l.id_country AND l.id_lang='".$id_lang."'";
$query .= " WHERE c.name='PS_COUNTRY_DEFAULT'";
$res=dbquery($query);
$row = mysqli_fetch_array($res);
$id_country_default = $row["value"];
$owncountry = $row["name"];
$euxcountries = array_diff($eucountries, array($id_country_default));

echo '<table class="triplemain" id="vatlist"><tr><td></td><td>VAT number</td><td>excl</td><td>incl</td><td>orders</td></tr>';
$query="SELECT SUM(total_paid_tax_excl) AS total_paid_excl, SUM(total_paid_tax_incl) AS total_paid_incl, GROUP_CONCAT(id_order) AS orders, c.firstname, c.lastname, invoice_date, (total_products_wt-total_products) AS product_tax";
$query .= ", b1.vat_number AS vatnum, cy.iso_code AS countrycode";
$query .= ", (LENGTH(b1.vat_number) != 0) AS isCompany FROM ". _DB_PREFIX_."orders o";
 $query .= " LEFT JOIN ". _DB_PREFIX_."customer c ON o.id_customer = c.id_customer";
$query .= " LEFT JOIN ". _DB_PREFIX_."address b1 ON o.id_address_invoice = b1.id_address";
$query .= " LEFT JOIN ". _DB_PREFIX_."address b2 ON o.id_address_delivery = b2.id_address";
$query .= " LEFT JOIN ". _DB_PREFIX_."country cy ON b2.id_country = cy.id_country";
$query .= " WHERE o.valid=1 AND b2.id_country IN (".implode(",",$euxcountries).") AND b1.vat_number!=''";
if($id_shop !=0)
	$query .= " AND o.id_shop=".$id_shop;
if($input['startdate'] != "")
    $query .= " AND TO_DAYS(o.date_add) >= TO_DAYS('".mysqli_real_escape_string($conn, $input['startdate'])."')";
if($input['enddate'] != "")
    $query .= " AND TO_DAYS(o.date_add) <= TO_DAYS('".mysqli_real_escape_string($conn, $input['enddate'])."')";
$query .= " GROUP BY vatnum";
$query .= " ORDER BY vatnum";
$res=dbquery($query);
while($row = mysqli_fetch_array($res))
{ $orders = $row['orders'];
  if(strlen($orders) > 20)
	$orders = substr($orders,0,17)."...";
  $bg = "";
  if($row['total_paid_excl'] != $row['total_paid_incl'])
	$bg = 'class="notvalid"'; 
  echo '<tr '.$bg.'><td>'.$row['countrycode'].'</td>';
  echo '<td><a target=_blank href="order-search.php?search_txt1='.$row['vatnum'].'&search_fld1=VAT+number';
  if($input['startdate'] != "")
    echo '&startdate='.$input['startdate'];
  if($input['enddate'] != "")
    echo '&enddate='.$input['enddate'];
  echo '">'.$row['vatnum'].'</a></td>';
  echo '<td>'.number_format($row['total_paid_excl'],2).'</td>';
  echo '<td>'.number_format($row['total_paid_incl'],2).'</td>';
  echo '<td>'.$orders.'</td></tr>';
}
echo '</table><p>';
echo '<button onclick="hidenotvalid(); return false;">Hide notvalid</button>';

echo '</body></html>';