ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Current Path: home/oshofree/public_html/chbluxuries.com/chb_data/

Name	Size	Permissions	Actions
📁 ..	-	0755	🗑️
📄 config.php	7.06 KB	0444	🗑️ ⬇️ ✏️
📄 error_log	5118.89 KB	0644	🗑️ ⬇️ ✏️

Editing: acceptrefund.php

<?php
if(isset($_POST['resubmit'])){
    
$iditem=$_POST['refunditem'];
$idref=$_POST['refundid'];
$date=date('Y-m-d H:i:s');

$sql = "SELECT * from stock_orders WHERE s='$iditem'";
$sql2 = mysqli_query($con,$sql);
while ($row = mysqli_fetch_array($sql2)) {
$item=$row['stockid'];
$quantity=$row['quantity'];
$colors=$row['color'];
$price=$row['unit_price'];
}

$exists=0;
$sqle = "SELECT * FROM stocks WHERE id='$item'";
$sql2e = mysqli_query($con, $sqle);
if (mysqli_num_rows($sql2e) > 0) {
    while ($rod = mysqli_fetch_array($sql2e)) {
        $retail = $rod['retail_price'];
        $stockname = $rod['name'];
        $whole = $rod['wholesales_price'];
        $wholenum = $rod['wholesales_quantity'];
    }
    
$exists=1;
//Select Quantity
$sqlv = "SELECT * from variation WHERE s='$colors'";
$sql2v = mysqli_query($con,$sqlv);
while ($rodv = mysqli_fetch_array($sql2v)) {
            $rquantity=$rodv['shop'];
            $vars=$rodv['color'];
}}

$sqls = "SELECT * from refund where item='$iditem' ";
$sql2s = mysqli_query($con,$sqls);
while($rows = mysqli_fetch_array($sql2s)){
$dem=$rows['date'];
$fee=$rows['amount'];
$value=$rows['value'];
$theorder=$rows['orderid'];}

//Get Quantity and Price
$values=$quantity-$value;
$amountoremove=$value*$price;

//current date
$dete=date('Y-m-d');
$date=date('Y-m-d H:i:s');
$prices=$price*$values;

$sql = "SELECT * from orders WHERE orderid='$theorder'";
$sql2 = mysqli_query($con,$sql);
while ($row = mysqli_fetch_array($sql2)) {
$banks=$row['bank_amount'];
$cashs=$row['cash_amount'];
$pos=$row['pos_amount'];
$cards=$row['card_amount'];
$customer_identification=$row['user_id'];
$pricing=$row['pricing'];
$wallets=$row['wallet_amount']; }

// Check which payment method has a value greater than $amountoremove
if ($banks >= $amountoremove) {
    $paymentMethod = 'bank_amount';
} elseif ($cashs >= $amountoremove) {
    $paymentMethod = 'cash_amount';
} elseif ($pos >= $amountoremove) {
    $paymentMethod = 'pos_amount';
} elseif ($cards >= $amountoremove) {
    $paymentMethod = 'card_amount';
} elseif ($wallets >= $amountoremove) {
    $paymentMethod = 'wallet_amount';
}

// Update the "orders" table with the refunded amount
$query = "UPDATE orders SET $paymentMethod = CAST($paymentMethod AS DECIMAL(10,2)) - CAST('$amountoremove' AS DECIMAL(10,2)), total_amount = CAST(total_amount AS DECIMAL(10,2)) - CAST('$amountoremove' AS DECIMAL(10,2)) WHERE orderid = '$theorder'";
$result = mysqli_query($con, $query);
if ($result) {}

if($pricing=="2"){
$submit = mysqli_query($con, "INSERT INTO wallet_charges (user, amount, type, reason, date, status) 
VALUES ('$customer_identification', '$amountoremove', 'credit', 'refund from order ($theorder)', '$date', 'paid')") or die('Could not connect: ' . mysqli_error($con));
mysqli_query($con, "UPDATE users SET wallet =CAST(wallet AS DECIMAL(10,2)) + CAST('$amountoremove' AS DECIMAL(10,2))  WHERE id='$customer_identification'");}

//Update 
$insert = mysqli_query($con,"UPDATE stock_orders SET quantity ='$values' where s='$iditem'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE stock_orders SET price ='$prices' where s='$iditem'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE stock_orders SET refundno ='0' where s='$iditem'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE stock_orders SET refund ='no' where s='$iditem'") or die ('Could not connect: ' .mysqli_error($con)); 
if($values=="0"){$del = mysqli_query($con,"DELETE from stock_orders where s='$iditem'") or die ('Could not connect: ' .mysqli_error($con));}
$insert = mysqli_query($con,"UPDATE refund SET status ='accepted' where s='$idref'") or die ('Could not connect: ' .mysqli_error($con));

if($exists =="1"){
//Add Back to Stock
$remq=$rquantity+$value;
$insert = mysqli_query($con,"UPDATE variation SET shop='$remq' where s='$colors'") or die ('Could not connect: ' .mysqli_error($con)); 
$submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, user, date) values ('$item','refund','$value','$vars','$name','$date')") or die ('Could not connect: ' .mysqli_error($con));
}   
   
 //alert
$submit = mysqli_query($con,"INSERT INTO `alerts` (`action`, `date`) VALUES ('$name accepted a refund for $stockname ','$date')") or die ('Could not connect: ' .mysqli_error($con));  
echo 'Refund Reuquest Accepted';
}
?>

📁 ＳＫＹＳＨＥＬＬ ＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Editing: acceptrefund.php

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33