shell bypass 403
<?php
include_once('defines.inc.php');
include("connection.inc.php");
//echo "<pre>"; print_r($db); echo "</pre>";
$status_arr = array(
ORDER_CREATED_CODE => ORDER_CREATED_TEXT,
ORDER_PENDING_CODE => ORDER_PENDING_TEXT,
PAYMENT_FAILURE_CODE => PAYMENT_FAILURE_TEXT,
MATERIAL_DISPATCHED_CODE => MATERIAL_DISPATCHED_TEXT,
ORDER_COMPLETE_CODE => ORDER_COMPLETE_TEXT,
FAKE_ORDER_CODE => FAKE_ORDER_TEXT,
CANCEL_ORDER_CODE => CANCEL_ORDER_TEXT
);
$dispatch_mode_array = array('Please Select', 'Courier', 'India Post', 'Cargo', 'Transport');
function get_book_details(&$books_r) {
//Open the CSV file
$handle = fopen(CSVFILENAME, "r");
//Start reading each record
while ( ($data = fgetcsv($handle, 1000, ",", "\"")) !== FALSE ) {
//Store record in the array
$books_r[] =
array(
"category"=>$data[0],
"title"=>$data[1],
"description"=>"", //$data[2],
"price"=>$data[2]
);
} //end-while
//Close the CSV file
fclose($handle);
}
function get_states($country_id = INDIA)
{
$StateArray = array();
$VarQuery = "SELECT state_id, state_name FROM states WHERE country_id = '".$country_id."' ORDER BY state_name";
$VarResult = mysqli_query($db, $VarQuery) or die( mysqli_error());
while($row = mysqli_fetch_object($VarResult))
{
$StateArray[$row->state_id] = $row->state_name;
}
return $StateArray;
}
function pt_register()
{
$num_args = func_num_args();
$vars = array();
if ($num_args >= 2) {
$method = strtoupper(func_get_arg(0));
if (($method != 'SESSION') && ($method != 'GET') && ($method != 'POST') && ($method != 'SERVER') && ($method != 'COOKIE') && ($method != 'ENV')) {
die('The first argument of pt_register must be one of the following: GET, POST, SESSION, SERVER, COOKIE, or ENV');
}
// $varname = "HTTP_{$method}_VARS"; //This is for PHP pre-4.1.0 version
$varname = "_{$method}";
global ${$varname};
for ($i = 1; $i < $num_args; $i++) {
$parameter = func_get_arg($i);
if (isset(${$varname}[$parameter])) {
global $$parameter;
$$parameter = mysqli_real_escape_string(${$varname}[$parameter]);
}
}
} else {
die('You must specify at least two arguments');
}
}
function display_page_header($title) {
pageHeaderOne($title);
pageHeaderTwo();
pageHeaderThree();
}
function pageHeaderOne($title = '')
{
?>
<html>
<head>
<title><?php echo $title;?></title>
<?php
}
function pageHeaderTwo()
{
?>
<link type="text/css" rel="stylesheet" href="order.css">
<script type="text/javascript" src="order.js"></script>
<?php
}
function pageHeaderTwoChakmak()
{
global $chakmakURL;
?>
<link type="text/css" rel="stylesheet" href="<?php echo $chakmakURL.'script/control.css'; ?>">
<link type="text/css" rel="stylesheet" href="<?php echo $chakmakURL; ?>subscription/chakmak.css">
<?php
}
function pageHeaderThreeChakmak()
{
global $chakmakURL;
?>
</head>
<body>
<div id="container">
<div id="social">
<table cellspacing="3 px" cellpadding="0">
<tr>
<td><p>Follow us on: </p></td>
<td><a href="https://chakmak-blog.blogspot.com" target="_blank"><img src="<?php echo $chakmakURL; ?>images/blogger.png"/></a></td>
<td><a href="https://twitter.com/chakmakmag" target="blank"><img src="<?php echo $chakmakURL; ?>images/twitter.png" /></a></td>
<td><a href="https://www.facebook.com/pages/Chakmak/119248164817634" target="_blank"><img src="<?php echo $chakmakURL; ?>images/facebook.png" /></a></td>
</tr>
</table>
</div>
<div id="header">
<a href="<?php echo $chakmakURL; ?>"><img src="<?php echo $chakmakURL; ?>images/header.png" /></a>
</div>
<table id="nav">
<tr>
<td align="left" width="370 px"><a href="https://www.eklavya.in/go">Eklavya.in</a></td>
<td width="80 px" align="center"><a href="https://chakmak.eklavya.in">Home</a></td>
<td width="90 px" align="center"><a href="<?php echo $chakmakURL; ?>event.html">300th Issue</a></td>
<td width="80 px" align="center"><a href="https://eklavya.in/go/index.php?option=com_content&task=category§ionid=13&id=57&Itemid=84">Archive</a></td>
<td width="80 px" align="center"><a href="<?php echo $chakmakURL; ?>subscribe.html">Subscribe</a></td>
<td width="80 px" align="center"><a href="<?php echo $chakmakURL; ?>contribution.html">Contribute</a></td>
<td width="80 px" align="center"><a href="https://chakmak-blog.blogspot.com">Blog</a></td>
<td width="80 px" align="center"><a href="<?php echo $chakmakURL; ?>event.html">Contact us</a></td>
</tr>
</table>
<?php
}
function pageFooterChakmak()
{
global $chakmakURL;
?>
<div id="footer">
<img src="<?php echo $chakmakURL; ?>images/footer.jpg"/>
<hr width="100%" color="#33cc33">
<table width="100%">
<tr>
<td align="left">© Copyrights reserved by Eklavya Foundation</td>
</tr>
</table>
</div>
</div>
</body>
</html>
<?php
}
function pageHeaderThree()
{
?>
</head>
<body>
<!-- Display the page header -->
<div id="hdr">
<div id="hdr_in">
<img src="eklavya_shop.gif" style="float: left;" alt="">
<img src="eklavya_logo.gif" style="float: right;" alt="">
</div>
<div id="hdr_bot">
<a href="https://www.eklavya.in/">Eklavya Home</a>
</div>
</div>
<?php
}
function adminPageHeaderTwo()
{
?>
<link type="text/css" rel="stylesheet" href="order.css">
<script type="text/javascript" src="order.js"></script>
<?php
# Remove background image for admin panel
if(isset($_SESSION["flag"]))
{?>
<style type="text/css">
<!--
body{background:#fff;}
-->
</style>
<?php
}
}
function adminPageHeaderThree()
{
?>
</head>
<body>
<!-- Display the page header -->
<div id="hdr">
<div id="hdr_in">
<img src="eklavya_shop.gif" style="float: left;" alt="">
<img src="eklavya_logo.gif" style="float: right;" alt="">
</div>
<div id="hdr_bot">
<?php
if(isset($_SESSION["flag"]))
{
echo '<a href="admin-status.php">Admin Home</a> ';
echo '<a href="login_check.php?action=logout">Logout</a>';
}else
{
echo '<a href="https://www.eklavya.in/">Eklavya Home</a> ';
}
?></div>
</div>
<?php
}
function sendmail($CustName, $CustEmail, $subject, $content)
{
$mailTo = $CustName.' <'.$CustEmail.'>';
//Prepare mail headers
$headers["From"] = 'Pitara order <'.MAIL_TO.'>';
$headers['Cc'] = 'Pitara order <'.MAIL_TO.'>';
//$headers["Bcc"] = $mailBcc; //MMM/9apr10 - Commented the line
$headers["Subject"] = $subject;
$headers["X-Sender"] = '<'.$CustEmail.'>';
$headers["X-Mailer"] = 'PHP';
$headers["Date"] = date('r'); //MMM-8apr10: Added the new header. Before this,
//the email msgs had no date!
$crlf = "\n";
// Create Mail_mime object
$mime = new Mail_mime($crlf);
$mime->setHTMLBody($content);
$message = $mime->get();
$headers = $mime->headers($headers);
//Creating SMTP object
$params["debug"] = "True";
$smtpMail =& Mail::factory("mail", $params);
//Send mail
$smtpMail->send($mailTo, $headers, $message);
//Remove objects
unset($mime);
}
function encryptURLParas($para)
{
$no = $para*13;
$encrypted = md5($no).$no.md5($no);
return $encrypted;
}
function decryptURLParas($para)
{
$decrypted = (substr($para, 32, (strlen($para)-64)))/13;
return $decrypted;
}
function orderDetails($order_id, &$status, &$name, &$CustEmail, &$CustMsgCC, &$order_data, &$cust_data, &$cust_shipping_data, &$link, &$custArray, &$ShippingDtlArray, &$dispatchArray = '', &$dispatch_data = '')
{
$VarQuery = 'SELECT order_from, cust_name, cust_surname, cust_company_name, cust_addr1, '.
' cust_addr2, cust_addr3, cust_city, cust_pincode, cust_email, '.
' cust_phone, cust_mobile, cust_website, cust_state, cust_country, '.
' order_shipto_name, order_shipto_surname, order_shipto_company_name, '.
' order_shipto_addr1, order_shipto_addr2, order_shipto_addr3, '.
' order_shipto_city, order_shipto_state, order_shipto_country, '.
' order_shipto_pincode, order_shipto_email, order_shipto_phone, '.
' order_shipto_mobile, order_items_formatted_list, order_status, '.
' send_order_copy_to_cust, order_special_instructions, '.
' order_subtotal, order_postage, order_total, '.
' order_bill_no, order_bill_date, order_num_of_packets, order_docket_no, '.
' order_dispatch_mode, order_dispatch_date '.
' FROM customer_order AS CO '.
' LEFT JOIN customer AS C ON (cust_id = order_cust_id) '.
' WHERE order_id = "'.$order_id.'"';
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
if(mysqli_num_rows($VarResult) == 0) return false;
$row = mysqli_fetch_object($VarResult);
$name = $row->cust_name.' '.$row->cust_surname;
$CustEmail = $row->cust_email;
$order_data = unserialize(base64_decode($row->order_items_formatted_list));
$CustMsgCC = $row->send_order_copy_to_cust;
$status = $row->order_status;
$link = ORDER_PATH.'status.php?o='.encryptURLParas($order_id);
if($row->order_bill_no != '')
{
$dispatchArray = array(
'order_bill_no' => $row->order_bill_no,
'order_bill_date' => date("d-M-Y", strtotime($row->order_bill_date)),
'order_num_of_packets' => $row->order_num_of_packets,
'order_docket_no' => $row->order_docket_no,
'order_dispatch_mode' => $row->order_dispatch_mode,
'order_dispatch_date' => date("d-M-Y", strtotime($row->order_dispatch_date))
);
$dispatch_data = dispatchDetails($dispatchArray);
}
$custArray = array(
'CustName' => $row->cust_name,
'CustLastName' => $row->cust_surname,
'CustCompanyName' => $row->cust_company_name,
'CustAddr' => stripcslashes($row->cust_addr1),
'CustStreet' => stripcslashes($row->cust_addr2),
'CustTaluka' => stripcslashes($row->cust_addr3),
'CustDist' => stripcslashes($row->cust_city),
'CustPin' => $row->cust_pincode,
'CustState' => getStatesName($row->cust_state),
'CustEmail' => $row->cust_email,
'CustWebsite' => $row->cust_website,
'CustPhone' => $row->cust_phone,
'CustMobile' => $row->cust_mobile,
'CustNote' => stripcslashes($row->order_special_instructions)
);
$cust_data = customerDetails($custArray);
$ShippingDtlArray = array(
'OrderShiptoName' => $row->order_shipto_name,
'OrderShiptoSurname' => $row->order_shipto_surname,
'OrderShiptoCompanyName' => $row->order_shipto_company_name,
'OrderShiptoAddr1' => stripcslashes($row->order_shipto_addr1),
'OrderShiptoAddr2' => stripcslashes($row->order_shipto_addr2),
'OrderShiptoAddr3' => stripcslashes($row->order_shipto_addr3),
'OrderShiptoCity' => stripcslashes($row->order_shipto_city),
'OrderShiptoPincode' => $row->order_shipto_pincode,
'OrderShiptoState' => getStatesName($row->order_shipto_state),
'OrderShiptoEmail' => $row->order_shipto_email,
'OrderShiptoPhone' => $row->order_shipto_phone,
'OrderShiptoMobile' => $row->order_shipto_mobile,
'order_subtotal' => $row->order_subtotal,
'order_postage' => $row->order_postage,
'order_total' => $row->order_total
);
$cust_shipping_data = shippingDetails($ShippingDtlArray);
return true;
}
function customerDetails($custArray)
{
//Prepare the Address string
$address = $custArray['CustAddr'].'<br>';
$address .= (($custArray['CustStreet'] != "") ? $custArray['CustStreet'].'<br>' : '');
$address .= (($custArray['CustTaluka'] != "") ? $custArray['CustTaluka'].'<br>' : '');
$address .= $custArray['CustDist'].' - '.$custArray['CustPin'].'<br>';
$address .= $custArray['CustState'];
//Create customer details table
$cust_data = '<table border="1" cellpadding="3" cellspacing="0" '.
'style="width: 600px; background-color: cornsilk; font-family: Arial, Helvetica; font-size: 8pt;">'.
'<tr><th colspan="2">Customer Details</th></tr>'.
'<tr><td style="width: 100px;">Name</td><td>'.$custArray['CustName'].' '.$custArray['CustLastName'].'</td></tr>';
if(strlen($custArray['CustCompanyName'])>0)
$cust_data .= ' <tr><td>Compnay</td><td>'.$custArray['CustCompanyName'].'</td></tr>';
$cust_data .= '<tr><td>Address</td><td>'.$address.'</td></tr>'.
'<tr><td>Email</td><td>'.$custArray['CustEmail'].' </td></tr>'.
'<tr><td>Website/Blog</td><td>'.$custArray['CustWebsite'].' </td></tr>'.
'<tr><td>Phone</td><td>'.$custArray['CustPhone'].' </td></tr>'.
'<tr><td>Mobile</td><td>'.$custArray['CustMobile'].' </td></tr>'.
'<tr><td>Special instructions</td><td>'.$custArray['CustNote'].' </td></tr>'.
'</table>';
return $cust_data;
}
function shippingDetails($ShippingDtlArray)
{
//Prepare the Address string
$shipping_address = $ShippingDtlArray['OrderShiptoAddr1'].'<br>';
$shipping_address .= (($ShippingDtlArray['OrderShiptoAddr2'] != "") ? $ShippingDtlArray['OrderShiptoAddr2'].'<br>' : '');
$shipping_address .= (($ShippingDtlArray['OrderShiptoAddr3'] != "") ? $ShippingDtlArray['OrderShiptoAddr3'].'<br>' : '');
$shipping_address .= $ShippingDtlArray['OrderShiptoCity'].' - '.$ShippingDtlArray['OrderShiptoPincode'].'<br>';
$shipping_address .= $ShippingDtlArray['OrderShiptoState'];
$cust_shipping_data = '<table border="1" cellpadding="3" cellspacing="0" style="width: 600px; background-color: cornsilk; font-family: Arial, Helvetica; font-size: 8pt;">'.
'<tr><th colspan="2">Shipping Address</th></tr>'.
'<tr><td style="width: 100px;">Name</td><td>'.$ShippingDtlArray['OrderShiptoName'].' '.$ShippingDtlArray['OrderShiptoSurname'].'</td></tr>';
if(strlen($ShippingDtlArray['OrderShiptoCompanyName'])>0)
$cust_shipping_data .= '<tr><td>Compnay</td><td>'.$ShippingDtlArray['OrderShiptoCompanyName'].'</td></tr>';
$cust_shipping_data .= '<tr><td>Address</td><td>'.$shipping_address.'</td></tr>'.
'<tr><td>Email</td><td>'.$ShippingDtlArray['OrderShiptoEmail'].' </td></tr>'.
'<tr><td>Phone</td><td>'.$ShippingDtlArray['OrderShiptoPhone'].' </td></tr>'.
'<tr><td>Mobile</td><td>'.$ShippingDtlArray['OrderShiptoMobile'].' </td></tr>'.
'</table>';
return $cust_shipping_data;
}
/**
*Added by prashant. Create html code for dispatch data.
*
*/
function dispatchDetails($dispatchArray)
{
$dispatch_mode_array = array('Please Select', 'Courier', 'Post');
$dispatch_data = '<table border="1" cellpadding="3" cellspacing="0" style="width: 600px; background-color: cornsilk; font-family: Arial, Helvetica; font-size: 8pt;">'.
'<tr><th colspan="2">Dispatch Details</th></tr>'.
'<tr><td style="width: 100px;">Bill Number</td><td>'.$dispatchArray['order_bill_no'].'</td></tr>';
$dispatch_data .= '<tr><td>Bill Date</td><td>'.$dispatchArray['order_bill_date'].'</td></tr>';
$dispatch_data .= '<tr><td>Dispatch Date </td><td>'.$dispatchArray['order_dispatch_date'].'</td></tr>'.
'<tr><td>Number of Packets </td><td>'.$dispatchArray['order_num_of_packets'].' </td></tr>'.
'<tr><td>Docket#</td><td>'.$dispatchArray['order_docket_no'].' </td></tr>'.
'<tr><td>Dispatch Mode</td><td>'.$dispatch_mode_array[$dispatchArray['order_dispatch_mode']].' </td></tr>'.
'</table>';
return $dispatch_data;
}
function FormatMailContent($name, $order_no, $order_data, $cust_data, $cust_shipping_data, $link, $paymentFlag = 0)
{
$Message = 'Dear '.$name.', <br /><br />'.
'Thank you for your order (Number '.$order_no.'). Please see below for the order details. '.
'We will let you know after dispatching the material. './* in '.DAY_TO_DISPATCH.' days*/
'<br />You can check the order status any time by clicking the link below <br />'.
'<a href="'.$link.'">'.$link.'</a> <br /><br />'.
'Order payment type: ';
if($paymentFlag == 1)
$Message .= 'Online payment';
else if($paymentFlag == 0)
$Message .= 'Offline payment';
$Message .= '<br /><br />With Regards, <br />Eklavya Pitara Team<br /><br />';
//Now put all the content together
$content = '<html><head></head><body>'.$Message.$order_data . '<br>' . $cust_data .'<br>'.$cust_shipping_data.'<br></body></html>';
return $content;
}
function getStatesName($state_id)
{
$VarQuery = 'SELECT state_name FROM states WHERE state_id = "'.$state_id.'"';
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
if(mysqli_num_rows($VarResult)>0)
{
$row = mysqli_fetch_object($VarResult);
return $row->state_name;
}
return '';
}
function clearCookies()
{
if (isset($_COOKIE['content']))
{
$cookies = explode(' | ', $_COOKIE['content']);
foreach($cookies as $cookie)
{
$parts = explode('=>', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-100);
setcookie($name, '', time()-100, '/');
}
}
}
function storeInCookies($ArrayToStoreInCookies)
{
if(isset($_COOKIE['content']))
{
unset($_COOKIE['content']);
}
$content = implode(' | ', $ArrayToStoreInCookies);
setcookie('content', $content, mktime(0, 0, 0, date('m'), date('d'), date('Y')+1));
}
function getFromCoockies()
{
$array = array();
if(isset($_COOKIE['content']))
{
$str = $_COOKIE['content'];
$PreArray = explode(" | ", $str);
for($i=0;$i<count($PreArray);$i++)
{
$explode = explode("=>", $PreArray[$i]);
$array[$explode[0]] = stripcslashes($explode[1]);
}
}
return $array;
}
function showStatus($status_arr, $status, $statusId, $order_id, $i, $payment_flag)
{
# in url parameters
# o = order_id
# t = s means target = 'status'
# r means table row
$url_paras = "?o=".$order_id."&t=s&r=".$i;
echo '<span id="status_link'.$i.'" onclick="changeElement('.$i.', \'status\')" style="cursor:pointer;text-decoration:underline">'.$status.'</span> ';
echo '<select id="status'.$i.'" style="display:none;width:130px;padding:0;margin:0;" onblur="getBackToPreveousVisual('.$i.', \'status\')" onchange="updateOrderDetails('.$i.', \''.$payment_flag.'\', \'status\', this.value, \'update-order-details.php\', \''.$url_paras.'\')">';
foreach($status_arr AS $key => $val)
{
echo '<option value="'.$key.'"';
if($key == $statusId)echo ' selected';
echo '>'.$val.'</option>';
}
echo '</select>';
}
function showAmountPaid($amount, $order_id, $i)
{
# in url parameters
# o = order_id
# t = a means target = 'amount'
# r means table row
$url_paras = "?o=".$order_id."&t=a&r=".$i;
echo '<span id="amount_link'.$i.'" onclick="changeElement('.$i.',\'amount\')" style="cursor:pointer;text-decoration:underline">'.$amount.'</span> ';
//getBackToPreveousVisual('.$i.', \'amount\')" onchange="
echo '<input type="text" name="amount'.$i.'" id="amount'.$i.'" value="'.$amount.'" maxlength="7" style="width:50px;display:none;" onblur="updateOrderDetails('.$i.', \' \' , \'amount\', this.value, \'update-order-details.php\', \''.$url_paras.'\')">';
echo $txt;
}
function getCourierNameWithURL($service_id)
{
$VarQuery = 'SELECT * FROM service_provider WHERE service_id = '.$service_id;
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
$courierName = array();
if(mysqli_num_rows($VarResult)>0)
{
while($row = mysqli_fetch_row($VarResult))
{
$courierName[$row["0"]] = array('provider_name'=>$row[1], 'provider_url' => $row[2]);
}
return $courierName;
}
else
return false;
}
function getAllServiceNameWithURL()
{
$VarQuery = 'SELECT * FROM service_provider';
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
$courierURL = array();
if(mysqli_num_rows($VarResult)>0)
{
while($row = mysqli_fetch_row($VarResult))
{
$courierURL[$row["0"]] = $row[2];
}
return $courierURL;
}
else
return false;
}
function getServiceType()
{
$VarQuery = 'SELECT * FROM service_type';
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
$serviceType = array();
if(mysqli_num_rows($VarResult)>0)
{
while($row = mysqli_fetch_row($VarResult))
{
$serviceType[$row[0]] = $row[1];
}
return $serviceType;
}
else
return false;
}
function orderExistFrom_CorP($orderId)
{
if($orderId != '')
{
$VarQuery = 'SELECT order_from FROM customer_order WHERE order_id = '.$orderId;
$VarResult = mysqli_query($VarQuery) or die(mysqli_error());
return mysqli_result($VarResult, 0);
}
return '';
}
function prepareToSwitch($orderId, $name='', $CustEmail='', $order_data='', $cust_data='')
{
unset($_SESSION['CustName']);
unset($_SESSION['CustLastName']);
unset($_SESSION['CustAddr']);
unset($_SESSION['CustDist']);
unset($_SESSION['CustState']);
unset($_SESSION['CustPin']);
unset($_SESSION['CustPhone']);
unset($_SESSION['KnownSource']);
unset($_SESSION['myorder']);
unset($_SESSION['CustMobile']);
unset($_SESSION['CustNote']);
if($orderId == '')
{
$_SESSION['name'] = '';
$_SESSION['custEmail'] = '';
$_SESSION['data'] = '';
$_SESSION['cust_data'] = '';
}
else
{
$found = orderDetails($orderId, $status, $name, $CustEmail, $CustMsgCC, $order_data, $cust_data, $cust_shipping_data, $link, $custArray, $ShippingDtlArray);
if($found)
{
$_SESSION['name'] = $name;
$_SESSION['custEmail'] = $CustEmail;
$_SESSION['data'] = $order_data;
$_SESSION['cust_data'] = $cust_data;
}
}
}
function exportMysqlToCsv($result, $filename = 'mysqlToCSV.csv', $csv_terminated = "\n", $csv_separator = ",", $csv_enclosed = '"', $csv_escaped = "\\")
{
$result_cnt = count($result);
if($result_cnt != 0)
{
$fields_cnt = count($result[0]);
$field_name_array = array_keys($result[0]);
$schema_insert = '';
for ($i = 0; $i < $fields_cnt; $i++)
{
$l = $csv_enclosed . str_replace($csv_enclosed, $csv_escaped . $csv_enclosed,
stripslashes($field_name_array[$i])) . $csv_enclosed;
$schema_insert .= $l;
$schema_insert .= $csv_separator;
} // end for
$out = trim(substr($schema_insert, 0, -1));
$out .= $csv_terminated;
$i = 0;
// Format the data
while (($i < $result_cnt) && ($row = array_values($result[$i])))
{
$schema_insert = '';
for ($j = 0; $j < $fields_cnt; $j++)
{
if ($row[$j] == '0' || $row[$j] != '')
{
if ($csv_enclosed == '')
{
$schema_insert .= $row[$j];
} else
{
$schema_insert .= $csv_enclosed .
str_replace($csv_enclosed, $csv_escaped . $csv_enclosed, $row[$j]) . $csv_enclosed;
}
} else
{
$schema_insert .= $csv_enclosed.$csv_enclosed;
}
if ($j < $fields_cnt - 1)
{
$schema_insert .= $csv_separator;
}
} // end for
$out .= $schema_insert;
$out .= $csv_terminated;
$i++;
} // end while
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Length: " . strlen($out));
// header("Content-type: text/x-csv");
header("Content-type: text/octet-stream");
// header("Content-type: application/csv");
header("Content-Disposition: attachment; filename=$filename");
echo $out;
exit;
}
else
{
return false;
}
}
?>