Viewing File: /home/webrbaew/candycleansestore.co/includes/operations.php
<?php
$server_name='localhost';
$username='webrbaew_bakr';
$password='Tzst@12?!^!!';
$database='webrbaew_candycleansestoremy';
$con = mysqli_connect($server_name, $username, $password, $database);
session_start();
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
$_SESSION['ip_address'] = $ipaddress;
$date_added = date('Y-m-d');
$get_cart_item_count = mysqli_query($con,"select * from cart where cust_ip = '$ipaddress' and date_added = '$date_added'");
$cart_item_count = mysqli_num_rows($get_cart_item_count);
if(isset($_POST['update_cart'])){
$count = 0;
$date_added = date('Y-m-d');
$ip_address = $_SESSION['ip_address'];
$query = '';
foreach($_POST['prod_id'] as $key => $val){
$prod_id = $_POST['prod_id'][$count];
$quantity = $_POST['quantity'][$count];
mysqli_query($con,"update cart set quantity = $quantity where cust_ip = '$ip_address' and prod_id = '$prod_id' and date_added = '$date_added'");
$count++;
}
$page = $_SERVER['PHP_SELF'];
header('location:'.$page);
}
if (isset($_POST['submit_review'])) {
$product_id = $_POST['product_id'];
$review_name = $_POST['review_name'];
$review_title = $_POST['review_title'];
$review_text = $_POST['review_text'];
$review_stars = $_POST['review_stars'];
$review_time = time();
$query = "
INSERT INTO review SET
product_id = $product_id,
review_name = ?,
review_title = ?,
review_text = ?,
review_stars = $review_stars,
review_time = $review_time
";
$stmt = mysqli_prepare($con, $query);
mysqli_stmt_bind_param($stmt, 'sss', $review_name, $review_title, $review_text);
mysqli_stmt_execute($stmt);
header("location:product-details.php?id=$product_id");
echo "<script> window.location.href = 'product-details.php?id=$product_id'; </script>";
exit();
}
// Jot form
if (isset($_POST['user_form'])) {
$f_name = $_POST['f_name'];
$l_name = $_POST['l_name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$stripe = $_POST['stripe'];
$stripe_username = $_POST['stripe_username'];
$stripe_password = $_POST['stripe_password'];
$domain = $_POST['domain'];
$domain_username = $_POST['domain_username'];
$domain_password = $_POST['domain_password'];
$message = $_POST['message'];
$date_added = date('Y-m-d');
$query = "
INSERT INTO user_form SET
f_name = ?,
l_name = ?,
phone = ?,
email = ?,
stripe = '$stripe',
stripe_username = '$stripe_username',
stripe_password = '$stripe_password',
domain = '$domain',
domain_username = '$domain_username',
domain_password = '$domain_password',
message = '$message',
date = '$date_added'
";
$stmt = mysqli_prepare($con, $query);
mysqli_stmt_bind_param($stmt, 'ssss', $f_name, $l_name, $phone, $email);
mysqli_stmt_execute($stmt);
$to = 'info@candycleansestore.co';
$from = $email;
$subject = 'Form Alert! You have a new Candy Cleanse Form Setup';
$message = '
<html>
<body>
<table cellspacing="0" style="padding:15px;border: 2px dashed #edb509; width: 100%;border-collapse: collapse;">
<tr>
<th style="padding:20px; !important;">First Name :</th><td style="padding: 8px;border: 1px solid #ddd;">'.$f_name.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Last Name :</th><td style="padding: 8px;border: 1px solid #ddd;">'.$l_name.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Email:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$email.'</td>
</tr>
<tr style="background-color: #e0e0e0;">
<th style="padding:20px; !important;">Phone:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$phone.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Stripe Username:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$stripe_username.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Stripe Password:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$stripe_password.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Domain Username:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$domain_username.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Domain Password:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$domain_password.'</td>
</tr>
<tr>
<th style="padding:20px; !important;">Message:</th><td style="padding: 8px;border: 1px solid #ddd;">'.$message.'</td>
</tr>
</table>
</body>
</html>';
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
$headers .= 'From: ' . $from . "\r\n";
$headers .= 'Cc: candycleansestore@gmail.com' . "\r\n";
mail($to,$subject,$message,$headers);
header("location:pre-order-form.php?success=1");
echo "<script> window.location.href = 'pre-order-form.php?success=1'; </script>";
exit();
}
?>
Back to Directory
File Manager