Server : LiteSpeed System : Linux us-phx-web1202.main-hosting.eu 4.18.0-553.84.1.lve.el8.x86_64 #1 SMP Tue Nov 25 18:33:03 UTC 2025 x86_64 User : u615232177 ( 615232177) PHP Version : 8.1.33 Disable Function : NONE Directory : /home/u615232177/public_html/admin5352/ |
<?php use PHPMailer\PHPMailer\PHPMailer;use PHPMailer\PHPMailer\Exception;use PHPMailer\PHPMailer\SMTP; session_start();
$page_name = basename($_SERVER['PHP_SELF']);
include("headerstrict.php"); ?>
<?php
if (isset($_GET['u'])){
$user_id = mysqli_real_escape_string($con,$_GET['u']);
$stmt = $con -> prepare('SELECT * FROM users WHERE user_id=?');
$stmt -> bind_param('s',$user_id);
$stmt -> execute();
$stmt -> store_result();
$stmt -> bind_result($id,$user_id,$first_name,$last_name,$email,$password,$phone,$address,$date_signed_up);
$numrows = $stmt -> num_rows();
if($numrows > 0){
while ($stmt -> fetch()) { }
}
else{echo "<meta http-equiv=\"refresh\" content=\"0; url=index.php\">";exit();}
}
else{echo "<meta http-equiv=\"refresh\" content=\"0; url=index.php\">";exit();}
?>
<title><?php echo $company_name; ?> <?php echo "$first_name $last_name"; ?></title>
<style>
table {
border-collapse: collapse;
border-spacing: 0;
width: 100%;
border: 1px solid #ddd;
}
th, td {
text-align: left;
padding: 8px;
}
tr:nth-child(even){background-color: #f2f2f2}
</style>
<?php
if (isset($_POST["delete"])) {
$stmt = $con -> prepare('DELETE FROM my_orders WHERE user_id = ?');
$stmt -> bind_param('s', $user_id);
$stmt -> execute();
$stmth = $con -> prepare('DELETE FROM cart_details WHERE user_id = ?');
$stmth -> bind_param('s', $user_id);
$stmth -> execute();
$stmthg = $con -> prepare('DELETE FROM users WHERE user_id = ?');
$stmthg -> bind_param('s', $user_id);
$stmthg -> execute();
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="User successfully deleted.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=users.php&m=$message\">";
}
if (isset($_POST['send_message'])) {
$content = mysqli_real_escape_string($con,$_POST['content']);
$sender ="System";
$receiver = "$user_id";
$seen ="No";
$date_notification = date("D,dS M, Y g:ia");
mysqli_query($con,"INSERT INTO notifications VALUES(
'0',
'$content',
'$sender',
'$receiver',
'$seen',
'$date_notification'
)")or die(mysqli_error($con));
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Message successfully sent to $first_name.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=$page_name?u=$user_id&m=$message\">";
}
if (isset($_POST['refund'])) {
$refund_amount = mysqli_real_escape_string($con,$_POST['refund_amount']);
$content = "You have been issued a refund of $currency$refund_amount. It is now available in your wallet for spending.";
$sender ="System";
$receiver = "$user_id";
$seen ="No";
$date_notification = date("D,dS M, Y g:ia");
mysqli_query($con,"INSERT INTO notifications VALUES(
'0',
'$content',
'$sender',
'$receiver',
'$seen',
'$date_notification'
)")or die(mysqli_error($con));
$db_id=0; $order_id=""; $amount_remaining=0; $type="Credit"; $action="Refund"; $success = "Success"; $date_wallet = date('Y-m-d H:i:s');
$wallet_id = substr(md5(rand()), 0, 20);
$stmt_wa = $con -> prepare('INSERT INTO wallet VALUES (?,?,?,?,?,?,?,?,?,?)');
$stmt_wa -> bind_param('isssssssss', $db_id,$wallet_id,$user_id,$order_id,$refund_amount,$amount_remaining,$type,$action,$success,$date_wallet);
$stmt_wa -> execute();
//send email to client that the order was completed
$msg = '';
$subject = "$first_name you got a refund";
$message="";
$button_link="$link/sign_in.php";
$button_text="Log in";
$email_topic="Refund";
include("email_header.php");
$message .= "
Dear $first_name,<br/><br/>
You have been issued a refund of $currency$refund_amount. It is now available in your wallet for spending.<br/>If you have any questions please contact our dedicated support staff at $company_email<br/><br/>
The $company_name Team.<br/><br/>
$email_logo<br/><br/>
";
include("email_footer.php");
require 'PHPMailer/src/PHPMailer.php';
require 'PHPMailer/src/SMTP.php';
require 'PHPMailer/src/Exception.php';
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "smtp.titan.email"; // sets the SMTP server
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; // Set encryption to STARTTLS
$mail->Port = 587; // Use port 587 for TLS
$mail->Username = "$no_reply_email"; // SMTP account username
$mail->Password = "$no_reply_password"; // SMTP account password
$mail->SetFrom("$no_reply_email", "$company_name");//Use a fixed address in your own domain as the from address
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject";
$mail->MsgHTML("<html><body>$message<br></body></html>");
$mail->AddAddress("$email", "$email");//Send the message to yourself, or whoever should receive contact for submissions
//$mail->AddAttachment(""); // attachment
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "Email NOT sent.";
}
else {
$msg = "Email successfully sent.";
}
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Message successfully sent to $first_name.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=$page_name?u=$user_id&m=$message\">";
}
?>
<!-- ======= Breadcrumbs ======= -->
<section id="breadcrumbs" class="breadcrumbs">
<div class="container"> </div>
</section>
<!-- End Breadcrumbs -->
<!-- ======= Contact Section ======= -->
<section id="contact" class="contact inner-page">
<div class="container" data-aos="fade-up">
<div class="section-title">
<h2><?php echo"$first_name $last_name"; ?></h2>
<p></p>
</div>
<div class="row">
<div class="col-lg-8">
<h2>User Details</h2>
<?php
echo"
User - <span class='number_bx' style='font-weight:900;width:100%;'>$first_name $last_name</span><br/>
Email - <span class='number_bx'>$email</span><br/>
Phone - <span class='number_bx'>$phone</span><br/>
<br/>
Signed up <b>$date_signed_up</b><br/>
Address <b>$address</b>
";
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?><?php echo"?u=$user_id"; ?>" method="post" class="php-email-form1" enctype='multipart/form-data'>
<div class='text-center'>
<button type='submit' name='delete'>Delete User</button>
</div>
</form>
<br><br>
</div>
<div class="col-lg-8">
<h2>Send Message</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?><?php echo"?u=$user_id"; ?>" method="post" enctype='multipart/form-data'>
<div class='form-group col-md-12'>
<textarea name='content' class='form-control' placeholder='Send <?php echo $first_name; ?> a message' required></textarea>
</div>
<div class='text-center php-email-form1'>
<button type='submit' name='send_message'>Send Message</button>
</div>
</form> <br><br>
</div>
<div class="col-lg-8">
<h2>Refunds</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?><?php echo"?u=$user_id"; ?>" method="post" enctype='multipart/form-data'>
<div class='form-group col-md-12'>
<input type='number' name='refund_amount' class='form-control' placeholder='Refund Amount' required />
</div>
<div class='text-center php-email-form1'>
<button type='submit' name='refund'>Refund</button>
</div>
</form> <br><br>
</div>
<div class="col-lg-12">
<h2>WALLET</h2>
<?php
$total_wallet=0; $success = "Success"; $failed = "Failed"; $count_wal=0;
$stmt_withdraw = $con -> prepare('SELECT * FROM wallet WHERE user_id = ?');
$stmt_withdraw -> bind_param('s',$user_id);
$stmt_withdraw -> execute();
$stmt_withdraw -> store_result();
$stmt_withdraw -> bind_result($w_id,$wallet_id,$user_id,$order_id_wal,$wallet_amount,$amount_remaining,$wallet_type,$wallet_action,$wallet_status,$wallet_date);
$numrows_withdraw = $stmt_withdraw -> num_rows();
if($numrows_withdraw > 0){
echo"<div style='overflow-x:auto;'>
<table>
<tr>
<th>No</th>
<th>Order ID</th>
<th>Amount</th>
<th>Credit/Debit</th>
<th>Details</th>
<th>Status</th>
<th>Date</th>
<th>Action</th>
</tr>";
while ($stmt_withdraw -> fetch()) {
$count_wal++;
if($wallet_type == "Credit" AND $wallet_status == "Success"){
$total_wallet += $wallet_amount;
}
if($wallet_type == "Debit" AND $wallet_status == "Success"){
$total_wallet -= $wallet_amount;
}
if($wallet_type == "Credit" AND $wallet_status == "Pending"){
$action_button = "
<form action='user_details.php?u=$user_id' method='post'>
<input type='hidden' name='wallet_id' value='$wallet_id'>
<div class='text-center'>
<button type='submit' class='btn text-white' name='update_wallet$wallet_id'>Approve</button>
</div>
</form>
";
}
else{$action_button="";}
if (isset($_POST["update_wallet$wallet_id"])) {
$wallet_id = mysqli_real_escape_string($con,$_POST['wallet_id']);
//update the wallet entry as SUCCESS
$content = "Your wallet has been credited with $currency$wallet_amount. It is now available for spending.";
$sender ="System";
$receiver = "$user_id";
$seen ="No";
$date_notification = date("D,dS M, Y g:ia");
mysqli_query($con,"INSERT INTO notifications VALUES(
'0',
'$content',
'$sender',
'$receiver',
'$seen',
'$date_notification'
)")or die(mysqli_error($con));
$success = "Success";
$stmt = $con -> prepare('UPDATE wallet SET status = ? WHERE wallet_id = ?');
$stmt -> bind_param('ss', $success,$wallet_id);
$stmt -> execute();
//send email to client that the order was completed
$msg = '';
$subject = "Your wallet has been credited";
$message="";
$button_link="$link/sign_in.php";
$button_text="Log in";
$email_topic="Your wallet has been funded";
include("email_header.php");
$message .= "
Dear $first_name,<br/><br/>
You wallet has been funded with $currency$wallet_amount. It is now available in your wallet for spending.<br/>If you have any questions please contact our dedicated support staff at $company_email<br/><br/>
The $company_name Team.<br/><br/>
$email_logo<br/><br/>
";
include("email_footer.php");
require 'PHPMailer/src/PHPMailer.php';
require 'PHPMailer/src/SMTP.php';
require 'PHPMailer/src/Exception.php';
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "smtp.titan.email"; // sets the SMTP server
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; // Set encryption to STARTTLS
$mail->Port = 587; // Use port 587 for TLS
$mail->Username = "$no_reply_email"; // SMTP account username
$mail->Password = "$no_reply_password"; // SMTP account password
$mail->SetFrom("$no_reply_email", "$company_name");//Use a fixed address in your own domain as the from address
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject";
$mail->MsgHTML("<html><body>$message<br></body></html>");
$mail->AddAddress("$email", "$email");//Send the message to yourself, or whoever should receive contact for submissions
//$mail->AddAttachment(""); // attachment
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "Email NOT sent.";
}
else {
$msg = "Email successfully sent.";
}
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Wallet Deposit Approved";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=$page_name?u=$user_id&m=$message\">";
}
echo"
<tr>
<td>$count_wal</td>
<td>$order_id_wal</td>
<td>$currency";echo number_format((float)$wallet_amount, 2, '.', ','); echo"</td>
<td>$wallet_type</td>
<td>$wallet_action</td>
<td>$wallet_status</td>
<td>$wallet_date</td>
<td>$action_button</td>
</tr>
";
}
echo"
<tr>
<td>Current Balance</td>
<td></td>
<td style='font-weight:900;'>$currency";echo number_format((float)$total_wallet, 2, '.', ','); echo"</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
</table>
</div>";
}else{echo"Wallet has not been used";}
?>
<br><br>
</div>
</div><!-- end row -->
<br/><br/>
<div class="section-title">
<h2><?php echo"$first_name $last_name"; ?>'s Orders</h2>
<p></p>
</div>
<div class="row">
<?php
$sql = "SELECT COUNT(id) FROM my_orders WHERE user_id='$user_id'";
$query = mysqli_query($con, $sql);
$row = mysqli_fetch_row($query);
//here we have the total row count
$rows = $row[0];
//number of results we want per page
$page_rows = 50;
//tells us the page number of our last page
$last = ceil($rows/$page_rows);
//this makes sure last cannot be less than 1
if($last < 1){$last = 1;}
//establish the page num variable
$pagenum = 1;
//Get pageum from $GET if it is present, else its 1
if(isset($_GET['pn'])){
$pagenum = preg_replace('#[^0-9]#', '', $_GET['pn']);
}
//below 1 or more than last page
if($pagenum < 1){
$pagenum = 1;
}else if ($pagenum > $last) {
$pagenum = $last;
}
//this sets the range of rows to query for the chosen pagenum
$limit = 'LIMIT ' .($pagenum - 1) * $page_rows .',' .$page_rows;
//grabs one page worth of rows
$sql = "SELECT * FROM my_orders WHERE user_id='$user_id' $limit ";
$query = mysqli_query($con, $sql);
//this shows the user what page they on and total number
$textline1 = "Messages $rows";
$textline2 = "Page $pagenum of $last";
//establish the pagination controls
$paginationCtrls = "";
//if there is more than one page worth of results
if($last != 1){
if($pagenum > 1){
$previous = $pagenum - 1;
//$paginationCtrls .='<a href="'.$_SERVER['PHP_SELF'].'?pn='.$previous.'">Previous</a>  ';
$paginationCtrls .='<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$previous.'">Prev</a></li>';
//render clickable links to the left of target page number
for($i = $pagenum-4; $i < $pagenum; $i++){
if($i > 0){
//$paginationCtrls .= '<a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'"></a> ';
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a></li>';
}
}
}
//render target number bt not link
//$paginationCtrls .= ''.$pagenum.' ';
$paginationCtrls .= '<span class="pagination"><ul><li class="active"><a href="#">'.$pagenum.'</a></li></ul></span>';
//render clickable number links to the right of target number
for($i = $pagenum+1; $i <= $last; $i++){
//$paginationCtrls .= '<a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a> ';
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a></li>';
if($i >= $pagenum+4){
break;
}
}
//this does the same as above, only checking if we are on the last page
if($pagenum != $last) {
$next = $pagenum + 1;
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$next.'">Next</a></li>';
}
}
if(mysqli_num_rows($query) > 0 ){$countt=0;
while ($row_ads = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
$countt++;
$id = $row_ads['id'];
$order_id = $row_ads['order_id'];
$o_status = $row_ads['status'];
if($o_status=="Pending"){$color_s="crimson";}
if($o_status=="Completed"){$color_s="forestgreen";}
echo"
<div class='col-md-2'> <hr>
<a style='color:$color_s;' href='order_details.php?order_id=$order_id' style='font-size:16px;text-decoration:underline;'>$countt - $order_id</a> <hr>
</div>
";?>
<?php
}//end of while
}
else{echo"$first_name has not made any orders.";}
?>
<div class="col-12 text-center"><br/><br/>
<ul class="pagination clearfix">
<?php
echo"$paginationCtrls<br/><br/><br/><br/>";
echo "<div class='text_line'>$textline2</div>";
?>
</ul>
</div>
</div>
</div>
<br/><br/>
<div class="section-title">
<h2><?php echo"$first_name $last_name"; ?>'s Inbox</h2>
<p></p>
</div>
<div class='container'>
<div class="row">
<?php
$sql = "SELECT COUNT(id) FROM notifications WHERE receiver='$user_id'";
$query = mysqli_query($con, $sql);
$row = mysqli_fetch_row($query);
//here we have the total row count
$rows = $row[0];
//number of results we want per page
$page_rows = 50;
//tells us the page number of our last page
$last = ceil($rows/$page_rows);
//this makes sure last cannot be less than 1
if($last < 1){$last = 1;}
//establish the page num variable
$pagenum = 1;
//Get pageum from $GET if it is present, else its 1
if(isset($_GET['pn'])){
$pagenum = preg_replace('#[^0-9]#', '', $_GET['pn']);
}
//below 1 or more than last page
if($pagenum < 1){
$pagenum = 1;
}else if ($pagenum > $last) {
$pagenum = $last;
}
//this sets the range of rows to query for the chosen pagenum
$limit = 'LIMIT ' .($pagenum - 1) * $page_rows .',' .$page_rows;
//grabs one page worth of rows
$sql = "SELECT * FROM notifications WHERE receiver='$user_id' $limit ";
$query = mysqli_query($con, $sql);
//this shows the user what page they on and total number
$textline1 = "Messages $rows";
$textline2 = "Page $pagenum of $last";
//establish the pagination controls
$paginationCtrls = "";
//if there is more than one page worth of results
if($last != 1){
if($pagenum > 1){
$previous = $pagenum - 1;
//$paginationCtrls .='<a href="'.$_SERVER['PHP_SELF'].'?pn='.$previous.'">Previous</a>  ';
$paginationCtrls .='<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$previous.'">Prev</a></li>';
//render clickable links to the left of target page number
for($i = $pagenum-4; $i < $pagenum; $i++){
if($i > 0){
//$paginationCtrls .= '<a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'"></a> ';
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a></li>';
}
}
}
//render target number bt not link
//$paginationCtrls .= ''.$pagenum.' ';
$paginationCtrls .= '<span class="pagination"><ul><li class="active"><a href="#">'.$pagenum.'</a></li></ul></span>';
//render clickable number links to the right of target number
for($i = $pagenum+1; $i <= $last; $i++){
//$paginationCtrls .= '<a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a> ';
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$i.'">'.$i.'</a></li>';
if($i >= $pagenum+4){
break;
}
}
//this does the same as above, only checking if we are on the last page
if($pagenum != $last) {
$next = $pagenum + 1;
$paginationCtrls .= '<li><a href="'.$_SERVER['PHP_SELF'].'?pn='.$next.'">Next</a></li>';
}
}
if(mysqli_num_rows($query) > 0 ){$countt=0;
while ($row_ads = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
$noti_id = $row_ads['id'];
$content = $row_ads['content'];
$sender = $row_ads['sender'];
$reciever = $row_ads['receiver'];
$seen = $row_ads['seen'];
$date_noti = $row_ads['date'];
echo"
<div class='col-md-3'>
<hr>
<div style='height:45px;'><b>$content</b></div></br>
Read - $seen<br>
<div style='height:45px;'>Date - $date_noti </div>
<form action='user_details.php?u=$user_id' method='post' class='php-email-form1' enctype='multipart/form-data'>
<div class='text-center'>
<button type='submit' name='delete_noti$noti_id'>Delete</button>
</div>
</form>
<hr>
</div>
";
if (isset($_POST["delete_noti$noti_id"])) {
$stmt = $con -> prepare('DELETE FROM notifications WHERE id = ?');
$stmt -> bind_param('s', $noti_id);
$stmt -> execute();
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Message successfully deleted.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=user_details.php?u=$user_id&m=$message\">";
}
?>
<?php
}//end of while
}
else{echo"$first_name has no messages.";}
?>
</div>
</div>
</div>
</section><!-- End Contact Section -->
<?php include("footer.php"); ?>