MAINHACK

Viewing / Editing File: placed1.php

<?php include('header.php');
$tot=$_SESSION['total'];
$show=new Oops($db);
?>

<?php

if(isset($_POST['sub'])){

$status=$_POST['pay_status']=="COD"?'PLACED':'PENDING';

$order_id=$_POST['order_id'];
$url=$_POST['pay_status']=="COD"?'place-order_cod.php?id='.$order_id.'':'place-order.php?id='.$order_id.'';

$address=explode(':',htmlentities(strip_tags($_POST['address'])));
$lat=explode(',',htmlentities(strip_tags($_POST['address'])));
$longi=explode(':',$lat[1]);

$allowed = ["phon","pay_status","other"];
$params = [];
$setStr = "";
foreach ($allowed as $key)
{
    if (isset($_POST[$key]) && $key != "uid")
    {
        $setStr .= "`$key` = :$key,";
        $params[$key] = htmlspecialchars(strip_tags($_POST[$key]));
    }
}
$setStr = rtrim($setStr, ",");
$setStr .= ",`status` = :status,`address` = :address,`city` = :city,`state` = :state,`pincode` = :pincode,`landmark` = :landmark,`lat` = :lat,`longi` = :longi";
$params['order_id']=$order_id;
$params['address']=$address[1];
$params['city']=$address[2];
$params['pincode']=$address[3];
$params['landmark']=$address[4];
$params['state']=$address[5];
$params['lat']=$lat[0];
$params['longi']=$longi[0];
$params['status'] =$status;

$show->table ='place_order';
$show->cols =$setStr;
$show->id_name ='order_id';
//print_r($setStr);
$show->params =$params;
if($_POST['other']==1){
    $data=array(
        'order_id'=>htmlentities(strip_tags($_POST['order_id'])),
        'name'=>htmlentities(strip_tags($_POST['name'])),
        'phone'=>htmlentities(strip_tags($_POST['phon'])),
        'address'=>$address[1],
        'city'=>htmlentities(strip_tags($_POST['city_state'])),
 );
 $r=$show->insert('other_address',$data);
}

if($show->update_all()){ 
 if($_POST['pay_status']=='COD'){
unset($_SESSION["cart_item"]);

$email_subject = "Order Details";
$em='<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">';

$email_content1="<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='https://www.w3.org/1999/xhtml'>
<head>
<title>Test Email Sample</title>
<meta http–equiv='Content-Type' content='text/html; charset=UTF-8' />
<meta http–equiv='X-UA-Compatible' content='IE=edge' />
<meta name='viewport' content='width=device-width, initial-scale=1.0 ' />
	<style>
	h2{
	color:#000;
font-size:26px;
	}
	#b{
	width:500px;
	font-size:15px;
	}
	th{
	background-color:#fff;
	}
	</style>
	</head>
	<body style='background-color:f9f7f7; text-align:center;font-size:17px;'>
	<table style='margin-left: auto; margin-right: auto;border: 20px double #b5bcbf;width:600px;  text-align:center;font-size:16px;'>
	    <tr><td style='background-color:#e40046'> <img src='$company_logo' width='50%'></td></tr>
<tr><td style='text-align:center;'>
   
	<h3 style='text-align: center;font-size: 17px; text-transform: uppercase;'>Welcome to $company_name</h3></td></tr>
	<tr><td text-align:center;font-size:14px;><br>Hi Admin,<br><br>
	You have got a order from :<br><br>
	Name : ".$_SESSION['login_user']."<br>
	Email : ".$_SESSION['username']."<br>
	Phone : ".htmlentities(strip_tags($_POST['phon']))."<br>
	Address : ".htmlentities(strip_tags($_POST['address']))."<br>
	BILL : <a href='".$link_url."/bill_final.php?user=".$_SESSION['login_id']."&order=".$order_id."'>Print</a>

<br>
</td></tr>
</tr>
</table>
<p><b>Stay in touch with Us</b></p>
<p><a href='$fb' target='_blank'><img src='$link_url/images/fb.png' width='50px'></a>
<a href='$insta' target='_blank'><img src='$link_url/images/insta.png' width='55px'></a>
</p>
<p><b>$company_name</b><br>
Web : $website<br>
Email : $email<br>
Phone : $phone<br>

</p>

</body></html>";
$email_content="
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='https://www.w3.org/1999/xhtml'>
<head>
<title>Test Email Sample</title>
<meta http–equiv='Content-Type' content='text/html; charset=UTF-8' />
<meta http–equiv='X-UA-Compatible' content='IE=edge' />
<meta name='viewport' content='width=device-width, initial-scale=1.0 ' />
	<style>
	h2{
	color:#000;
font-size:26px;
	}
	#b{
	width:500px;
	font-size:15px;
	}
	th{
	background-color:#fff;
	}
	</style>
	</head>
	<body style='background-color:f9f7f7; text-align:center;font-size:17px;'>
	<table style='margin-left: auto; margin-right: auto;border: 20px double #b5bcbf;width:600px;  text-align:center;font-size:16px;'>

<tr><td style='background-color:#e40046'> <img src='$company_logo' width='50%'></td></tr>
<tr><td style='text-align:center;'>
   
	<h3 style='text-align: center;font-size: 17px; text-transform: uppercase;'>Welcome to $company_name</h3></td></tr>
	<tr><td  style='text-align:justify;padding:12px;font-size:18px;'><br>Hi ".$_SESSION['login_user'].",<br><br>
	Thank You !! for your order.
	Your Details of the order :<br><br>
	BILL :<a href='".$link_url."/bill_final.php?user=".$_SESSION['login_id']."&order=".$order_id."'>Print</a>

</td></tr>
</tr>
</table>

<p><b>Stay in touch with Us</b></p>
<p><a href='$fb' target='_blank'><img src='$link_url/images/fb.png' width='50px'></a>
<a href='$insta' target='_blank'><img src='$link_url/images/insta.png' width='55px'></a>
</p>
<p><b>$company_name</b><br>
Web : $website<br>
Email : $email<br>
Phone : $phone<br>

</p>

$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
	  
	if(@mail($email,$email_subject,$email_content1,$headers) && @mail($_SESSION['username'],$email_subject,$email_content,$headers)) {
	//	echo "<script>alert('Message sent!')</script>";
//	echo "<script>window.location.href='bill.php'</script>";

} else {
	//	echo "<script>alert('Message  not sent!')</script>";
	}

}   
 
 echo '<script>
        setTimeout(function() {
        swal({
            title: "Thank You ",
            text: "Redirecting to Payment....",
            type: "success"
        }, function() {
    window.location = "'.$url.'";
        });
    }, 1000);
</script>';   
}

}

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: placed1.php

Server Info

System Features

User Info