Viewing File: /home/webrbaew/kitothecandytea.com/includes/operations.php
<?php
$server_name='localhost';
$username='webrbaew_bakr';
$password='Tzst@12?!^!!';
$database='webrbaew_candybarnes';
$con = mysqli_connect($server_name, $username, $password, $database);
session_start();
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
$_SESSION['ip_address'] = $ipaddress;
$date_added = date('Y-m-d');
$get_cart_item_count = mysqli_query($con,"select * from cart where cust_ip = '$ipaddress' and date_added = '$date_added'");
$cart_item_count = mysqli_num_rows($get_cart_item_count);
if(isset($_POST['update_cart'])){
$count = 0;
$date_added = date('Y-m-d');
$ip_address = $_SESSION['ip_address'];
$query = '';
foreach($_POST['prod_id'] as $key => $val){
$prod_id = $_POST['prod_id'][$count];
$quantity = $_POST['quantity'][$count];
mysqli_query($con,"update cart set quantity = $quantity where cust_ip = '$ip_address' and prod_id = '$prod_id' and date_added = '$date_added'");
$count++;
}
$page = $_SERVER['PHP_SELF'];
header('location:'.$page);
}
if (isset($_POST['submit_review'])) {
$product_id = $_POST['product_id'];
$review_name = $_POST['review_name'];
$review_title = $_POST['review_title'];
$review_text = $_POST['review_text'];
$review_stars = $_POST['review_stars'];
$review_time = time();
$query = "
INSERT INTO review SET
product_id = $product_id,
review_name = ?,
review_title = ?,
review_text = ?,
review_stars = $review_stars,
review_time = $review_time
";
$stmt = mysqli_prepare($con, $query);
mysqli_stmt_bind_param($stmt, 'sss', $review_name, $review_title, $review_text);
mysqli_stmt_execute($stmt);
header("location:product-details.php?id=$product_id");
echo "<script> window.location.href = 'product-details.php?id=$product_id'; </script>";
exit();
}
?>
Back to Directory
File Manager