ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Current Path: home/oshofree/public_html/chbluxuries.com/chb_data/

Name	Size	Permissions	Actions
📁 ..	-	0755	🗑️
📄 config.php	7.06 KB	0444	🗑️ ⬇️ ✏️
📄 error_log	5812.63 KB	0644	🗑️ ⬇️ ✏️

Editing: confirmbank.php

<?php 
if(isset($_POST['confirmbank'])){
$ref = $_POST['confirmbank'];
$bankrow = $_POST['bankrow'];
$item=trim($ref);
$date=date("Y-m-d");
$datetime=date("Y-m-d H:i:s");

$checkEmail = mysqli_query($con, "SELECT * FROM bank_transfers WHERE s='$bankrow' AND status='processing'");
if(mysqli_num_rows($checkEmail) > 0 ) {
$insert = mysqli_query($con,"UPDATE orders SET pay_status='paid' where orderid='$item'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE orders SET status='pending' where orderid='$item'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE stock_orders SET status='yes' where orderid='$item'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE orders SET date='$date' where orderid='$item'") or die ('Could not connect: ' .mysqli_error($con)); 
$insert = mysqli_query($con,"UPDATE bank_transfers SET status='processed' where s='$bankrow'") or die ('Could not connect: ' .mysqli_error($con));
$submit = mysqli_query($con,"INSERT INTO `alerts` (`action`, `date`) VALUES ('$name confirmed a bank transfer for order $item','$datetime')") or die ('Could not connect: ' .mysqli_error($con));
$submit = mysqli_query($con,"INSERT INTO `notifications` (`notification`, `date`, `link`, `view`,`status`)VALUES ('A new online order to be confirmed($item)','$datetime', 'onlineorder.php', '0','order');") or die ('Could not connect: ' .mysqli_error($con));

//mark as read
$thealert = "New online order paid with bank transfer($item)";
checkAndUpdateNotification($thealert, $con);

// Remove Quantity Code
$sql = "SELECT stock_orders.*, stocks.group_id 
FROM stock_orders
JOIN stocks ON stocks.id = stock_orders.stockid
WHERE stock_orders.orderid = '$item' AND stock_orders.status = 'yes'";
$sql2 = mysqli_query($con,$sql);
while ($row = mysqli_fetch_array($sql2)) {
$quantity=$row['quantity'];
$vars=$row['color'];
$itemid=$row['stockid'];
$group=$row["group_id"];
$stockrow=$row["s"];

if($item!=''){
$sqla = "SELECT * from variation WHERE s='$vars' ";
$sql2a = mysqli_query($con,$sqla);
while ($rows = mysqli_fetch_array($sql2a)) {
$shop=$rows['shop'];
$n=$rows['color'];}

//Quantity is higher than shop
if($quantity > $shop){
    
   
 //update shop to 0
 $insert = mysqli_query($con,"UPDATE variation SET shop='0' where s='$vars'") or die ('Could not connect: ' .mysqli_error($con));  
 if($shop > 0){
 $submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, store, user, date,group_id,stockrow) values ('$itemid','sold','$shop','$n','1','customer','$date','$group','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));}
 
 
 //quantity to deduct from wholesales
 $deduct_from_wholesales=$quantity-$shop;
 
   //deduct from warehouse
    $sqlw = "SELECT SUM(variation.shop) AS total_shop,variation.s
    FROM stocks
    JOIN variation ON stocks.id = variation.item
    WHERE stocks.group_id = '$group' && stocks.store='3' && variation.color='$n'";
    $sql2w = mysqli_query($con, $sqlw);
    
    while ($rowk = mysqli_fetch_array($sql2w)) {
        $w_color = $rowk["s"];
        $whole = $rowk["total_shop"];
        $rem_wholesales= $whole - $deduct_from_wholesales;
        
 //update warehouse to 0
 $insert = mysqli_query($con,"UPDATE variation SET shop='$rem_wholesales' where s='$w_color'") or die ('Could not connect: ' .mysqli_error($con));  
 $submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, store, user, date,group_id,stockrow) values ('$itemid','sold','$deduct_from_wholesales','$n','3','customer','$date','$group','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));

}}
    
    
//quanity is lower than shop
else{
    
 $deduct_from_shop=$shop-$quantity;
 $insert = mysqli_query($con,"UPDATE variation SET shop='$deduct_from_shop' where s='$vars'") or die ('Could not connect: ' .mysqli_error($con));  
 $submit = mysqli_query($con,"insert into stock_log(item, action, value, variation, store, user, date,group_id,stockrow) values ('$itemid','sold','$quantity','$n','1','customer','$date','$group','$stockrow')") or die ('Could not connect: ' .mysqli_error($con));
  
    }}}

//select order details
 $sql = "SELECT * from orders where orderid='$item' ";
 $sql2 = mysqli_query($con,$sql);
 while($row = mysqli_fetch_array($sql2)){ 
			$emails = $row["email"];
			$names = $row["staff"];
            $dear= $row["date"];
            $tot=$row['total_amount'];
            $type=$row['type'];
            $fee=$row['deliveryfee'];
            $user_id=$row['user_id'];}

$insert = mysqli_query($con,"UPDATE users SET discount='0' where id='$user_id'") or die ('Could not connect: ' .mysqli_error($con));  
$text = $names;
$words = explode(" ", $text); // Split the string into an array of words
$firstname = $words[0]; // Access the first element of the array

//All items
$name = array();
$surname = array();
$address = array();
$colors = array();
$sql = "SELECT name,quantity,preorder,price,variation.color from stock_orders INNER JOIN variation ON stock_orders.color= variation.s  where orderid='$item' && status='yes' ";
$sql2 = mysqli_query($con,$sql);
while($row = mysqli_fetch_array($sql2))
{  
    
$name[] = $row['name'];
$surname[] = $row['quantity'];
$address[] = $row['price'];
$colors[] = $row['color'];
$preorder_num[] = $row['preorder'];
}

foreach ($name as $key => $value) {
$color=$colors[$key];
if($color=="null"){
                $color="";
                 }
             else{
                $color='('.$color.')';
             }
             
           //preorder notice
           $preorders=$preorder_num[$key];
           $pretext="";
           if($preorders > 0){
            $pretext="<br>($preorders on pre-order)";
           }    
$html .= "<tr><td style='color:#FF339A; font-size:14px; font-weight:500;'>" . $name[$key]. " ".$color. "</td><td  style='color:#FF339A; font-size:14px; font-weight:500;'>" . $surname[$key]. "<br>
<span style='color:#fff; font-size:12px'>$pretext</span></td>
<td  style='color:#FF339A; font-size:14px; font-weight:500;'>&#8358;" . $address[$key]. "</td></tr>";
}

$msg="is sent out";
if($type=="pickup"){
$msg="is ready for pickup";
}

if($type=="within lagos"){
$msg="is sent out";
}

if($type=="within lagos" || $type=="deliver"){
$deliver_fee="<tr style='border-bottom:#FFFFFF solid; font-size:14px; font-weight:500;'><td>Delivery Fee</td><td style='color:#FF339A; font-size:14px; font-weight:500;' colspan='2' >&#8358; $fee</td></tr>";
}

///////////////////////////////// Mail Function started//////////////////////////////////////////////////////////////////
$comments = $email_to = $email_subject = $email_from = $email_message = "";		
$email_from="admin@chbluxuries.com";					 
$email_to = $emails;
$email_subject = "Items Purchased Successfully - CHB NAIL SHOP";
$email_message ="

<div style='background-color:#000000; color:#fff !important; padding:10px 20px; width:500px;'>
 <p><img src='https://chbluxuries.com/img/favicon.jpg' width='100px' height='100px' />
 <span color='#FFFFFF' style='float:right; font-size:15px; padding-right:6px; text-align:right; margin-top:13px;'>
 Total Cost: &#8358;$tot <br> $dear </span></p><br><br>
 
 
 <p style='color:#fff !important; font-size:20px;'>
 Hello Dear $firstname,<br><br> Thank you for shopping with us. we are glad you did and we hope to serve you again soon! 
 As soon as your order $msg you will receive a notification. In the meantime, reach out to our friendly support team with any questions you have. They are super nice.</p>

<p><table border='1px' bordercolor='#000000' cellpadding='10' style='color:#FFFFFF;' width='500px'>
<tr style='border-bottom:#FFFFFF solid; font-size:14px; font-weight:500;'><td>Order No</td><td style='color:#FF339A; font-size:14px; font-weight:500;' colspan='2' >$item</td></tr>
<tr><td  style='color:#fff; text-align:center;'>Your Items</td><td>Quantity</td><td>Price</td></tr>
$html 
$deliver_fee
</table></p>

<h4 style='color:#FF339A;'>Important notice on discount </h4>
 <p style='color:white !important;'>
 To get 10% off your next order, refer a friend and  ask your friend to input your email address in the referral section e.g shop@discount.com. 
 using your email address as the referral code your friend will receive a 5% discount for her first order while you receive 10% discount on your next order.</p>

<br><br>
  <p style='text-align:center; color:#fff;'>
  Visit our website:
  <a href='https://chbluxuries.com/' style='color:#FF339A; text-decoration:underline;'>
  CHB NAIL SHOP 
  </a>
  </p>
  </div>

// create email headers
         $header =  'From: "CHBLUXURY NAIL SHOP" <admin@chbluxuries.com>'. "\r\n"; 
         $header .= "Cc:admin@chbluxuries.com \r\n";
         $header .=  'Reply-To: admin@chbluxuries.com' . "\r\n";
         $header .= "MIME-Version: 1.0\r\n";
         $header .= "Content-type: text/html\r\n";
 
if(!@mail($email_to, $email_subject, $email_message, $header)){
echo '<center><font color="red">mail cannot be submitted now due to server problems, Please try again.</font></center>';}
else{
echo "<script>alert('Order Payment Confirmed Successfully!');</script>";
}}echo "<meta http-equiv='refresh' content='0;url=pending_transfers.php'>";}
	////////////////////////////////////////////End mail Function//////////////////////////////////////////////////////////////

📁 ＳＫＹＳＨＥＬＬ ＭＡＮＡＧＥＲ-🛒 PHP v7.4.33

Editing: confirmbank.php

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ-🛒 PHP v7.4.33