ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Current Path: home/oshofree/public_html/chbluxuries.com/chb_data/

Name	Size	Permissions	Actions
📁 ..	-	0755	🗑️
📄 config.php	7.06 KB	0444	🗑️ ⬇️ ✏️
📄 error_log	5520.18 KB	0644	🗑️ ⬇️ ✏️

Editing: addpay.php

<?php
if(isset($_POST['submitpay'])){
    $method = $_POST['paymentOption'];
    $amount = $_POST['amount'];
    $item = $_POST['orderid'];
    $pay_type = $_POST['type'];
    $customerchange = $_POST['customerchange'] ? $_POST['customerchange']  : 'No';
    $deliveryfee = !empty($_POST['delivery']) ? $_POST['delivery'] : 0;
    $note = mysqli_real_escape_string($con, $_POST['note']);

$sqls = "SELECT * from orders WHERE orderid='$item' && status='yes' ";
    $sql2s = mysqli_query($con,$sqls);
    $count = mysqli_num_rows($sql2s);
    if ($count > 0) { echo "This transaction has been processed"; }
    else{

$paymentType="store";
if($pay_type=="Deposit"){$paymentType="deposit";}

// Total amount of all items
$total_price = 0;
$sql = "SELECT SUM(price) FROM stock_orders WHERE orderid='$item' AND status='no'";
$sql2 = mysqli_query($con, $sql);
while ($row = mysqli_fetch_array($sql2)) {
$total_price = $row[0];}
$total_price +=$deliveryfee;

$totalAmountDistributed = 0;
foreach ($method as $key => $payment) {
    $cash = $amount[$key];
    $totalAmountDistributed += $cash;
    // Add the delivery fee to one of the payment methods (e.g., Cash)
   // $insert = mysqli_query($con, "UPDATE orders SET cash_amount = CAST(cash_amount AS DECIMAL(10,2)) + CAST('$deliveryfee' AS DECIMAL(10,2)) WHERE orderid='$item'") or die('Could not connect: ' . mysqli_error($con));
}

//accounting
if ($customerchange == "Yes") {
    $totalAmountDistributed += $customer_walletamount;
    mysqli_query($con, "UPDATE users SET wallet ='0' WHERE id='$customer_identification'");
}

$query = "SELECT user_id, orderid, COALESCE(SUM(total_amount - (bank_amount + cash_amount + pos_amount + card_amount + wallet_amount + gift_amount)), 0) AS balance_due FROM orders WHERE user_id ='$customer_identification' AND pay_status='paid' AND status='yes'";
$result = mysqli_query($con, $query);
$row = mysqli_fetch_assoc($result);
if ($row && $row['balance_due'] > 0) {
    $balanceDue = $row['balance_due'];
    $balanceOrder = $row['orderid'];
    $refundAmount = min($balanceDue, $totalAmountDistributed);

mysqli_query($con, "UPDATE orders SET cash_amount = cash_amount + CAST('$refundAmount' AS DECIMAL(10,2)) WHERE orderid='$balanceOrder'");
    $totalAmountDistributed -= $refundAmount;
}

$Changeleft = max(0, $totalAmountDistributed - $total_price);

if ($customerchange == "Yes") {
$walletdebited = ($customer_walletamount <= $Changeleft) ? 0 : ($customer_walletamount - $Changeleft);
if ($walletdebited > 0) {
    $submit = mysqli_query($con, "INSERT INTO wallet_charges (user, amount, type, reason, date, status) 
    VALUES ('$customer_identification', '$walletdebited', 'debit', 'paid for order ($item)', '$date', 'paid')") or die('Could not connect: ' . mysqli_error($con));
}}

if ($Changeleft > 0) { mysqli_query($con, "UPDATE users SET wallet =CAST(wallet AS DECIMAL(10,2)) + CAST('$Changeleft' AS DECIMAL(10,2))  WHERE id='$customer_identification'"); }
$totalAmountDistributed -= $Changeleft;

//mysqli_query($con, "UPDATE orders SET bank_amount='$totalAmountDistributed' where orderid='$item'");
foreach ($method as $key => $payment) {
  if (in_array($payment, ["POS", "Cash", "Bank Transfer", "Gift Card","Wallet"])) {
    $field = strtolower(explode(" ", $payment)[0]) . "_amount";
    $update = mysqli_query($con, "UPDATE orders SET $field='$totalAmountDistributed' WHERE orderid='$item'") or die('Could not connect: ' . mysqli_error($con));
    break; // Exit the loop after the first successful update
  }
}

// Concatenate the values with a delimiter
$paymentMethods = implode(',', $method);
$sql = "SELECT * from orders WHERE orderid='$item' ORDER BY s ASC";
$sql2 = mysqli_query($con,$sql);
while ($row = mysqli_fetch_array($sql2)) {
$customermail = $row['email'];
}

if($paymentMethods=="" && $customerchange="yes"){$paymentMethods="Wallet";}
//update
$date=date('Y-m-d');
$datetime=date('Y-m-d H:i:s');
mysqli_query($con, "UPDATE orders SET 
                    method='$paymentMethods', 
                    pay_status='paid', 
                    payment='$paymentType',
                    deliveryfee='$deliveryfee', 
                    status='yes', 
                    notes='$note', 
                    date='$date', 
                    total_amount='$total_price' 
                    WHERE orderid='$item'") or die('Could not connect: ' . mysqli_error($con));
mysqli_query($con, "UPDATE stock_orders SET status='yes' WHERE orderid='$item' AND status='no'") or die('Could not connect: ' . mysqli_error($con));
$del = mysqli_query($con,"DELETE from stock_orders where orderid='$item' AND status='pending'") or die ('Could not connect: ' .mysqli_error($con));

// Remove Quantity Code
$sql = "SELECT stock_orders.*, stocks.group_id 
        FROM stock_orders
        JOIN stocks ON stocks.id = stock_orders.stockid
        WHERE stock_orders.orderid = '$item' AND stock_orders.status = 'yes' AND stock_orders.color!='0'";
$sql2 = mysqli_query($con,$sql);
while ($row = mysqli_fetch_array($sql2)) {
$quantity=$row['quantity'];
$vars=$row['color'];
$itemid=$row['stockid'];
$group=$row["group_id"];
$stockrow=$row["s"];

$sqla = "SELECT * from stocks WHERE id='$itemid' ";
$sql2a = mysqli_query($con,$sqla);
$count_item = mysqli_num_rows($sql2a);
while ($rows = mysqli_fetch_array($sql2a)) {
$stockgroup=$rows['group_id'];
$stockstore=$rows['store'];    
}

if($count_item > 0){
//Select per variation
$sqla = "SELECT * from variation WHERE s='$vars' ";
$sql2a = mysqli_query($con,$sqla);
while ($rows = mysqli_fetch_array($sql2a)) {
$shop=$rows['shop'];
$house=$rows['warehouse'];
$n=$rows['color'];
}

//Quantity is higher than shop
if($quantity > $shop){
//update stock_log
$insert = mysqli_query($con,"UPDATE variation SET shop='0' where s='$vars'") or die ('Could not connect: ' .mysqli_error($con));  
if($shop > 0){ $submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, store, user, date,group_id,stockrow) values ('$itemid','sold','$shop','$n','1','customer','$datetime','$stockgroup','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));}
 
 
 //quantity to deduct from wholesales
 $deduct_from_wholesales=$quantity-$shop;
 
 //deduct from warehouse
    $sqlw = "SELECT SUM(variation.shop) AS total_shop,variation.s
    FROM stocks
    JOIN variation ON stocks.id = variation.item
    WHERE stocks.group_id = '$group' && stocks.store='3' && variation.color='$n'";
    $sql2w = mysqli_query($con, $sqlw);
    
    while ($rowk = mysqli_fetch_array($sql2w)) {
        $w_color = $rowk["s"];
        $whole = $rowk["total_shop"];
        $rem_wholesales= $whole - $deduct_from_wholesales;
        
 //update warehouse to 0
 $insert = mysqli_query($con,"UPDATE variation SET shop='$rem_wholesales' where s='$w_color'") or die ('Could not connect: ' .mysqli_error($con));  
 $submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, store, user, date,group_id,stockrow) values ('$itemid','sold','$deduct_from_wholesales','$n','3','customer','$datetime','$group','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));

}}
    
    
//quanity is lower than shop
else{
$delfromshop=$shop-$quantity;
//Update shop and shhoplog
$insert = mysqli_query($con,"UPDATE variation SET shop='$delfromshop' where s='$vars'") or die ('Could not connect: ' .mysqli_error($con)); 
$submit = mysqli_query($con,"insert into stock_log(item, action, value, variation,store, user, date,group_id,stockrow) values ('$itemid','sold','$quantity','$n','$stockstore','$name','$datetime','$stockgroup','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));

}}}

//send email if customer has an email
if($customermail!=''){
$names = array();
$quantities = array();
$prices = array();
$colors = array();
$html = '';

// Fetch data from stock_orders table
$sql = "SELECT name, quantity, price, color FROM stock_orders WHERE orderid = '$item' AND status ='yes'";
$sql2 = mysqli_query($con, $sql);
while ($row = mysqli_fetch_array($sql2)) {
    $names[] = $row['name'];
    $quantities[] = $row['quantity'];
    $prices[] = $row['price'];
    $colors[] = $row['color'];
}

// Iterate through the results
foreach ($names as $key => $value) {
    $color = $colors[$key];
    
    // Check if there is corresponding data in the variation table
    $variationQuery = "SELECT s FROM variation WHERE s = '$color'";
    $variationResult = mysqli_query($con, $variationQuery);

// Check if a row exists in the variation table
    if (mysqli_num_rows($variationResult) > 0) {
        // Variation data exists, proceed with creating HTML
        if ($color == "null") {
            $color = "";
        } else {
            $color = '(' . $color . ')';
        }
    } else {
      $color="";
    }
     $html .= "<tr>
            <td style='color:#FF339A; font-size:14px; font-weight:500;'>" . $names[$key] . " " . $color . "</td>
            <td style='color:#FF339A; font-size:14px; font-weight:500;'>" . $quantities[$key] . "</td>
            <td style='color:#FF339A; font-size:14px; font-weight:500;'>&#8358;" . $prices[$key] . "</td>
        </tr>";
}

$dates=date('Y-m-d');

///////////////////////////////// Mail Function started//////////////////////////////////////////////////////////////////
$comments = $email_to = $email_subject = $email_from = $email_message = "";		
$email_from="admin@chbluxuries.com";					 
$email_to = $customermail;
$email_subject = "Items Purchased Successfully - CHB NAIL SHOP";
$email_message ="

<div style='background-color:#000000; color:#fff !important; height:800px; padding:50px; width:500px;'>
 <p><img src='https://chbluxuries.com/img/favicon.jpg' width='100px' height='100px' />
 <span color='#FFFFFF' style='float:right; font-size:15px; padding-right:6px; text-align:right; margin-top:13px;'>
 Total Cost: &#8358;$total_price <br> $dates </span></p><br><br>
 <p style='color:#fff !important;'>Hello Dear $customername,Here is your receipt No and details<br>Thank you choosing CHB LUXURY NAIL SHOP.</p>
<p><table border='1px' bordercolor='#000000' cellpadding='10' style='color:#FFFFFF;' width='500px'>
<tr style='border-bottom:#FFFFFF solid; font-size:14px; font-weight:500;'><td>Receipt No</td><td style='color:#FF339A; font-size:14px; font-weight:500;' colspan='2' >$item</td></tr>
<tr><td  style='color:#fff; text-align:center;'>Your Items</td><td>Quantity</td><td>Price</td></tr>
$html 
</table>
</p>

<br><br>
  <p style='text-align:center; color:#fff;'>
  Visit our website:
  <a href='https://chbluxuries.com/' style='color:#FF339A; text-decoration:underline;'>
    CHB NAIL SHOP 
  </a>
 </p>
 </div>

// create email headers
         $header =  'From: "CHBLUXURY NAIL SHOP" <admin@chbluxuries.com>'. "\r\n"; 
         $header .= "Cc:admin@chbluxuries.com \r\n";
         $header .=  'Reply-To: admin@chbluxuries.com' . "\r\n";
         $header .= "MIME-Version: 1.0\r\n";
         $header .= "Content-type: text/html\r\n";
 
if(!@mail($email_to, $email_subject, $email_message, $header)){
echo '<center><font color="red">mail cannot be submitted now due to server problems, Please try again.</font></center>';}
////////////////////////////////////////////End mail Function//////////////////////////////////////////////////////////////

}

//alert
$insert = mysqli_query($con,"UPDATE orders SET updatedTime='$datetime' where orderid='$item'") or die ('Could not connect: ' .mysqli_error($con));
$submit = mysqli_query($con,"INSERT INTO `alerts` (`action`, `date`) VALUES ('$name processed store order: $item','$datetime')") or die ('Could not connect: ' .mysqli_error($con));

if (isset($_COOKIE['transactionID'])) {
$expirationTime = time() - 3600; // Subtract an hour (or any desired value)
setcookie('transactionID', '', $expirationTime);
unset($_COOKIE['transactionID']);
}
unset($_SESSION['order']);

echo"
<script>
    document.addEventListener('DOMContentLoaded', function () {
        // Show the modal when the page loads
        var myModal = new bootstrap.Modal(document.getElementById('ReceiptModal'), {
            backdrop: 'static',
            keyboard: false
        });
        myModal.show();
    });
</script>";

}}
?>

📁 ＳＫＹＳＨＥＬＬ ＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Editing: addpay.php

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33