Admin setting a minimum price

General PHP Help
#10

It appears that this line pulls the value from the posted inputs when the user uploads a video. Since I did not see this code before, we were working on the display end of it not the database creation part of it. If you make changes here, then the other display-section would not be needed as the minimum price would be already in the database. But, if a user can alter their prices later on, then you would want to keep the display-section code in place to insure the minimum price is active.

So, you would have to just alter that area to save the minimum price if the one they enter is too low.
Just add the check after that line. Then, it will create the update data correctly. Something like.

I think that should do it for you…

#11

Thanks again so much for your reply.
Yes, everything you explained makes sense and seems correct.
I found one more missing piece which was the code that displays the price.
I changed a line to your modification like so:

if (!empty($get_videos)) {
    $len = count($get_videos);
    foreach ($get_videos as $key => $video) {
        $video = PT_GetVideoByID($video, 0, 0, 0);
        $pt->last_video = false;
        if ($key == $len - 1) {
            $pt->last_video = true;
        }
        $final .= PT_LoadPage('search/list', array(
            'ID' => $video->id,
            'USER_DATA' => $video->owner,
            'THUMBNAIL' => $video->thumbnail,
            'URL' => $video->url,
            'TITLE' => $video->title,
            'DESC' => $video->markup_description,
            'VIEWS' => $video->views,
            'VIEWS_NUM' => number_format($video->views),
            'TIME' => $video->time_ago,
            'DURATION' => $video->duration,
    		//'PRICE' =>number_format($video->video_play_price?$video->video_play_price:$config['video_play_price'])
    		'PRICE' => number_format($video->video_play_price<$config['video_play_price']?$config['video_play_price']:$video->video_play_price)
        ));
    }
}

And now the minimum price that now displays, as a purchase price, if the User tries to set a lower price than admin’s default price. Success! Much thanks again.

I am curious though, even though it all works successfully, the price changed by the User to “1” for example (but displays as “2” default), still shows 1 in the db table videos > video_play_price column. It doesn’t get updated, because a change isn’t submitted on the html edit form?

#12

Well, I am guessing that the user has a place where they can change the value and it does not override it with the minimum value. So, you need to find out where that is done in your code and then add in the override code we created to set it to the minumum amount. So, you need to locate the edit page first.
( I can not see all of your code, so there must be a place you didn’t show. )

#13

Well, I am guessing that the user has a place where they can change the value and it does not override it with the minimum value. So, you need to find out where that is done in your code and then add in the override code we created to set it to the minumum amount. So, you need to locate the edit page first.
( I can not see all of your code, so there must be a place you didn’t show. )

#14

Thanks again for your help.

It all works successfully, but when I added this (upon someone’s suggestion) to the php:

declare( strict_types=1);
// these should be set in PHP.ini
error_reporting(-1); // set maximum errors
ini_set('display_errors' , 'true');

I see this:

Fatal error: Uncaught TypeError: number_format() expects parameter 1 to be float, string given in /home/public_html/sources/search/content.php:55 Stack trace: #0 /home/public_html/sources/search/content.php(55): number_format(‘2.00’) #1 /home/public_html/index.php(57): include(’/home/p…’) #2 {main} thrown in /home/public_html/sources/search/content.php on line 55

and line 55 is this:

'PRICE' => number_format($video->video_play_price<$config['video_play_price']?$config['video_play_price']:$video->video_play_price)

Any help with resolving this Error will be appreciated

#15

This means that you must lock in ALL of your variable “types” for each and every variable.
You can’t just use any variable to pass to functions that way unless they are declared first.
Try removing just that line and see if you still get errors.

#16

Well, no. I will refer you both to the manual.
http://php.net/manual/en/functions.arguments.php#functions.arguments.type-declaration.strict

Here is a simple code example.

<?php
declare(strict_types=1);

function sum(int $a, int $b) {
    return $a + $b;
}

var_dump(sum(1, 2)); This works. Function expects two integers and gets two integers.
var_dump(sum(1.5, 2.5));// Doesn't work. Function expects integers but gets a floats.
#17

I realize that! But, he is NOT casting the declaration in his functions, therefore, he should not be declaring his variables as strict. He would need to set his variable types before using the variables. He did not. Unless I missed that code somewhere…

#18

Thanks for those replies.
I have commented out the

declare(strict_types=1);

and the error is gone.
Thank you

#19

Thanks again for all of the help with this modification.
It works successfully where the User can edit his price and the admin sets the minimum price. But, I am wondering if there is a way to keep it all this way, but allow just the user “Admin” to set a price lower than the minimum?

#20

Well, that by definition would change the minimum. Which if that is the case, why can’t you jsut have the admin change the actual minimum?

#21

Thanks for your reply.

Just to clarify, yes, if the Admin changed the amount in the minimum price field in the admin panel, it would change the min price for all. Yet, currently all Users, after their upload, can change the minimum price, in their videos > edit area.

I’m wondering if the code can be modified so that a particular User (named ‘Admin’ for example) can have the option to price an upload below the set minimum price, at 0, for example.

Any thoughts, comments, suggestions are appreciated

#22

I need more info.

So you want to allow users to change the price below the minimum, or only a certain user/ user group?

#23

then just present the admin with an input field and apply the necessary update statements via SQL.

#24

Thanks for the replies.
“only a certain user” yes

Also, I don’t understand this: “present the admin with an input field and apply the necessary update statements via SQL”, any additional info is appreciated

#25

input field: <input type="number" name="amount" />
SQL: UPDATE whateveryouwant set amount = ? and execute the prepared statement

#26

Thanks for your reply.
The existing script has an edit video page that all Users’ use to edit their price of their video:

 <div class="form-group">
  <label class="col-md-12" for="cost">{{LANG up_video_price}}</label>
    	 <div class="col-md-12">
    	<input id="cost" input type="number" name="video_play_price" class="form-control input-md" value="{{video_play_price_user}}">
    				</div>
    				</div>

I am trying to modify the script so that the admin can price his uploads at below minimum price if he chooses.

Any additional help is appreciated

#27

Your code should be general purpose and should not have hard-coded logic in it based on specific user name(s). The ability to override the price should be based on granting/giving that specific permission (price override) to specific user(s) or user groups.

See the following general purpose example -

// if you don't already have a user permission system, use defined constants for a simple permission system
define('PRICE_OVERRIDE_PERMISSION',1);


$set_price = 10.75; // retrieve the set price for a video from wherever it is stored
$global_min_price = 15.50; // retrieve the global minimum price from wherever it is stored
$user_permissions = [PRICE_OVERRIDE_PERMISSION]; // retrieve the user permissions from wherever they are stored
// $user_permissions = []; // a user that has no extra permissions = an empty array


// at the point of determining the price, for display or for use by the application code -
if(!in_array(PRICE_OVERRIDE_PERMISSION,$user_permissions))
{
	// user is not able to override the price, get the larger of the two prices
	$price = max($set_price,$global_min_price);
} else {
	// user is able to override the price, get the set price
	$price = $set_price;
}

echo number_format($price,2);
1 Like
#28

Much thanks for your reply.
Yes, I agree with your logic. Although I understand it is a general purpose example, and I have to figure out how to incorporate that into the existing script, maybe you can guide me as to which php file it should be added to, the ajax/edit.php file?:

<?php
if (IS_LOGGED == false) {
    $data = array('status' => 400, 'error' => 'Not logged in');
    echo json_encode($data);
    exit();
}


if (empty($_POST['title']) || empty($_POST['description']) || empty($_POST['tags']) || empty($_POST['video-id'])) {
    $error = $lang->please_check_details;
}

if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
    if (!empty($_POST['set_p_v']) || $_POST['set_p_v'] < 0) {
        if (!is_numeric($_POST['set_p_v']) || $_POST['set_p_v'] < 0 || (($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)) ) {
            $error = $lang->video_price_error." ".($pt->config->com_type == 0 ? $pt->config->admin_com_sell_videos : 0);
        }
    }
}

if (PT_IsAdmin()) {
	if (!empty($_POST['assign_to_user'])) {
		$id = PT_Secure($_POST['video-id']);
		$username_ = PT_Secure($_POST['assign_to_user']);
		$user_  = $db->where('username', $username_)->getOne(T_USERS);
		if (!empty($user_)) {
			$db->where('id', $id)->update(T_VIDEOS, array('user_id' => $user_->id));
		}
		else{
			$error = $lang->user_not_exists;
		}
	}
}

if (empty($error)) {
    $id = PT_Secure($_POST['video-id']);
    $video = $db->where('id', $id)->getOne(T_VIDEOS);
    $can_update = false;
    if (PT_IsAdmin() == false) {
    	if ($db->where('user_id', $user->id)->where('id', $id)->getValue(T_VIDEOS, 'count(*)') > 0) {
    		$can_update = true;
    	}
    } else {
    	$can_update = true;
    }
    if (!empty($_POST['set_p_v']) && $video->sell_video == 0) {
    	$can_update = false;
    }
    if ($can_update == true && !empty($video)) {
    	$video = PT_GetVideoByID($video, 0, 0, 0);
    	$thumbnail = $video->org_thumbnail;
    	if (!empty($_FILES['thumbnail']['tmp_name'])) {
	        $file_info   = array(
	            'file' => $_FILES['thumbnail']['tmp_name'],
	            'size' => $_FILES['thumbnail']['size'],
	            'name' => $_FILES['thumbnail']['name'],
	            'type' => $_FILES['thumbnail']['type'],
	            'allowed' => 'jpg,png,jpeg,gif',
	            'crop' => array(
	                'width' => 1076,
	                'height' => 604
	            )
	        );
	        $file_upload = PT_ShareFile($file_info);
	        if (!empty($file_upload['filename'])) {
	            $thumbnail = PT_Secure($file_upload['filename']);
	        }
	    }
	    $category_id = 0;
	    if (!empty($_POST['category_id'])) {
	        if (in_array($_POST['category_id'], array_keys(get_object_vars($pt->categories)))) {
	            $category_id = PT_Secure($_POST['category_id']);
	        }
	    }
	    $link_regex = '/(http\:\/\/|https\:\/\/|www\.)([^\ ]+)/i';
	    $i          = 0;
	    preg_match_all($link_regex, PT_Secure($_POST['description']), $matches);
	    foreach ($matches[0] as $match) {
	        $match_url           = strip_tags($match);
	        $syntax              = '[a]' . urlencode($match_url) . '[/a]';
	        $_POST['description'] = str_replace($match, $syntax, $_POST['description']);
	    }
	    $featured = $video->featured;
	    if (isset($_POST['featured']) && PT_IsAdmin()) {
	    	$featured = PT_Secure($_POST['featured']);
	    }
	    $video_privacy = 0;
	    if (!empty($_POST['privacy'])) {
	        if (in_array($_POST['privacy'], array(0, 1, 2))) {
	            $video_privacy = PT_Secure($_POST['privacy']);
	        }
	    }
	    $age_restriction = 1;
        if (!empty($_POST['age_restriction'])) {
            if (in_array($_POST['age_restriction'], array(1, 2))) {
                $age_restriction = PT_Secure($_POST['age_restriction']);
            }
        }
        $sub_category = 0;

	    if (!empty($_POST['sub_category_id'])) {
	        $is_found = $db->where('type',PT_Secure($_POST['category_id']))->where('lang_key',PT_Secure($_POST['sub_category_id']))->getValue(T_LANGS,'COUNT(*)');
	        if ($is_found > 0) {
	            $sub_category = PT_Secure($_POST['sub_category_id']);
	        }
	    }
	    $continents_list = array();
	    if (!empty($_POST['continents-list'])) {
	        foreach ($_POST['continents-list'] as $key => $value) {
	            if (in_array($value, $pt->continents)) {
	                $continents_list[] = $value;
	            }
	        }
	    }

	    $video_play_price = floatval(PT_Secure($_POST['video_play_price']));
		if ( $video_play_price < $config['video_play_price'] ) {
 	$video_play_price = $config['video_play_price'];
	}

	    $data_update = array(
	        'title' => PT_Secure($_POST['title']),
	        'description' => PT_Secure($_POST['description']),
	        'tags' => PT_Secure($_POST['tags']),
	        'category_id' => $category_id,
	        'featured' => $featured,
	        'thumbnail' => $thumbnail,
	        'privacy' => $video_privacy,
	        'age_restriction' => $age_restriction,
	        'sub_category' => $sub_category,
	        'geo_blocking' => json_encode($continents_list),
	        'video_play_price' => $video_play_price,
	    );
	    if (!empty($_POST['set_p_v']) && is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] > 0) {
            $data_update['sell_video'] = PT_Secure($_POST['set_p_v']);
        }
	    $update  = $db->where('id', $id)->update(T_VIDEOS, $data_update);

	    if ($update) {
	        $data = array(
	            'status' => 200,
	            'message' => $success_icon . $lang->video_saved
	        );
	    }
    }
} else {
    $data = array(
        'status' => 400,
        'message' => $error_icon . $error
    );
}
?>

or the sources/edit.php file?:

<?php
if (IS_LOGGED == false) {
    header("Location: " . PT_Link('login'));
    exit();
}
if (empty($_GET['id'])) {
    header("Location: " . PT_Link('login'));
    exit();
}
$id    = PT_Secure($_GET['id']);
$video = $db->where('id', $id)->getOne(T_VIDEOS);
if (empty($video)) {
    header("Location: " . PT_Link('login'));
    exit();
}
if (!PT_IsAdmin()) {
    if (empty($db->where('id', $id)->where('user_id', $user->id)->getValue(T_VIDEOS, 'count(*)'))) {
        header("Location: " . PT_Link('login'));
        exit();
    }
}
$video           = PT_GetVideoByID($video, 0, 0, 0);
$pt->video       = $video;
$pt->page        = 'edit-video';
$pt->title       = $lang->edit_video . ' | ' . $pt->config->title;
$pt->description = $pt->config->description;
$pt->keyword     = $pt->config->keyword;


$min_price=$config[‘video_play_price’];
$temp_price = $videos[‘video_play_price’];
if ($temp_price<$min_price) { $temp_price = $min_price;}


$pt->content     = PT_LoadPage('edit-video/content', array(
    'ID' => $video->id,
    'USER_DATA' => $video->owner,
    'THUMBNAIL' => $video->thumbnail,
    'URL' => $video->url,
    'TITLE' => $video->title,
    'DESC' => br2nl($video->edit_description),
    'DESC_2' => $video->markup_description,
    'VIEWS' => $video->views,
    'TIME' => $video->time_ago,
    'TAGS' => $video->tags,
	'video_play_price_user' => number_format( $video->video_play_price < $config['video_play_price'] ? $config['video_play_price'] : $video->video_play_price)
));

Any additional assistance is appreciated

#29

Seems that would give the permissions, depending on how granular you are going.

Sponsor our Newsletter | Privacy Policy | Terms of Service